DSR-150 Datasheet
Page 1
... disconnecting when a landline connection is lost. The integrated high-speed IEEE 802.11n wireless technology in high availability. Reliable Internet Connectivity The DSR-500/500N include dual-WAN Gigabit Ethernet ports that address the growing needs of firewall rules Available failover and load balancing for maximum productivity, uptime and performance 2 DSR-150/150N/250/250N/500/500N Unified Services Routers Features Comprehensive VPN Support • Protocols • IPSec • PPTP •...
... disconnecting when a landline connection is lost. The integrated high-speed IEEE 802.11n wireless technology in high availability. Reliable Internet Connectivity The DSR-500/500N include dual-WAN Gigabit Ethernet ports that address the growing needs of firewall rules Available failover and load balancing for maximum productivity, uptime and performance 2 DSR-150/150N/250/250N/500/500N Unified Services Routers Features Comprehensive VPN Support • Protocols • IPSec • PPTP •...
DSR-150 Datasheet
Page 2
... turn off your wireless network during off -peak hours, saving energy and keeping your internal network. DSR-150/150N/250/250N/500/500N Unified Services Routers Enhanced Network Services • IPv6 • DHCP Server/ Relay • Dynamic DNS • IEEE 802.1q VLAN • Multiple SSIDs • SSID-to-VLAN Mapping Content Filtering • Static URL Address Filtering • Keyword Filtering Fault Tolerance2 • WAN Traffic Failover • Outbound Load Balancing DSR-150/150N • 8 Fast Ethernet LAN Ports...
... turn off your wireless network during off -peak hours, saving energy and keeping your internal network. DSR-150/150N/250/250N/500/500N Unified Services Routers Enhanced Network Services • IPv6 • DHCP Server/ Relay • Dynamic DNS • IEEE 802.1q VLAN • Multiple SSIDs • SSID-to-VLAN Mapping Content Filtering • Static URL Address Filtering • Keyword Filtering Fault Tolerance2 • WAN Traffic Failover • Outbound Load Balancing DSR-150/150N • 8 Fast Ethernet LAN Ports...
DSR-150 Datasheet
Page 5
... RC4-128, 3DES, AES IPSec/PPTP/L2TP Server Yes IPSec NAT Traversal Yes Dead Peer Detection Yes IP Encapsulating Security Yes Payload (ESP) IP Authentication Header (AH) Yes VPN Tunnel Keep Alive Yes Hub and Spoke Yes Bandwidth Management Max. Bandwidth Control Yes Priority Bandwidth Control Port-Based QoS, 3 Classes Bandwidth Management Web-based User Interface HTTP, HTTPS Command Line Yes SNMP v1, v2c, v3 Physical & Environment Power Supply External Power Supply Unit Input: 100-240...
... RC4-128, 3DES, AES IPSec/PPTP/L2TP Server Yes IPSec NAT Traversal Yes Dead Peer Detection Yes IP Encapsulating Security Yes Payload (ESP) IP Authentication Header (AH) Yes VPN Tunnel Keep Alive Yes Hub and Spoke Yes Bandwidth Management Max. Bandwidth Control Yes Priority Bandwidth Control Port-Based QoS, 3 Classes Bandwidth Management Web-based User Interface HTTP, HTTPS Command Line Yes SNMP v1, v2c, v3 Physical & Environment Power Supply External Power Supply Unit Input: 100-240...
DSR-150 User Manual
Page 4
...Multiple WAN Links 49 Auto Failover ...49 Load Balancing ...50 Protocol Bindings ...52 3.5 3.5.1 3.5.2 3.5.3 3.5.4 3.5.5 3.5.6 3.5.7 Routing Configuration...53 Routing Mode ...53 Dynamic Routing (RIP) ...56 Static Routing ...57 OSPFv2 ...58 OSPFv3 ...60 6to4 Tunneling ...62 ISA TAP Tunnels ...63 3.6 Configurable Port - Connecting to the Int ernet: WAN Setup 35 3.1 Internet Setup Wizard...35 3.2 3.2.1 3.2.2 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.2.8 WAN Configuration...36 WAN Port IP address ...37 WAN DNS Servers ...37 DHCP WAN ...37 PPPoE ...38 Russia L2TP and PP TP WAN 41 Russia Dual Access...
...Multiple WAN Links 49 Auto Failover ...49 Load Balancing ...50 Protocol Bindings ...52 3.5 3.5.1 3.5.2 3.5.3 3.5.4 3.5.5 3.5.6 3.5.7 Routing Configuration...53 Routing Mode ...53 Dynamic Routing (RIP) ...56 Static Routing ...57 OSPFv2 ...58 OSPFv3 ...60 6to4 Tunneling ...62 ISA TAP Tunnels ...63 3.6 Configurable Port - Connecting to the Int ernet: WAN Setup 35 3.1 Internet Setup Wizard...35 3.2 3.2.1 3.2.2 3.2.3 3.2.4 3.2.5 3.2.6 3.2.7 3.2.8 WAN Configuration...36 WAN Port IP address ...37 WAN DNS Servers ...37 DHCP WAN ...37 PPPoE ...38 Russia L2TP and PP TP WAN 41 Russia Dual Access...
DSR-150 User Manual
Page 5
... Rule Configuration Examples 93 5.5 Security on Custom Servic es 97 5.6 ALG support ...99 5.7 VPN Passthrough for Firewall 100 5.8 Application Rules ...101 5.9 5.9.1 5.9.2 5.9.3 5.9.4 Web Content Filtering...102 Cont ent Filtering ...102 Approved URLs ...103 Blocked Keywords ...104 Export Web Filter ...105 5.10 IP/MAC Binding ...106 5.11 Intrusion Prevention (IPS 107 5.12 Protecting from Internet Attacks 108 Chapter 6. Wireless Access Point Setup ...68 4.1 4.1.1 4.1.2 4.1.3 Wireless Settings Wizard 68 Wireless Network Setup Wizard 69 Add Wireless Device with WPS 69 Manual...
... Rule Configuration Examples 93 5.5 Security on Custom Servic es 97 5.6 ALG support ...99 5.7 VPN Passthrough for Firewall 100 5.8 Application Rules ...101 5.9 5.9.1 5.9.2 5.9.3 5.9.4 Web Content Filtering...102 Cont ent Filtering ...102 Approved URLs ...103 Blocked Keywords ...104 Export Web Filter ...105 5.10 IP/MAC Binding ...106 5.11 Intrusion Prevention (IPS 107 5.12 Protecting from Internet Attacks 108 Chapter 6. Wireless Access Point Setup ...68 4.1 4.1.1 4.1.2 4.1.3 Wireless Settings Wizard 68 Wireless Network Setup Wizard 69 Add Wireless Device with WPS 69 Manual...
DSR-150 User Manual
Page 6
... 9.1.3 Configuration Access Control 157 Admin Settings ...157 Remote Management ...158 CLI Access ...159 9.2 SNMP Configuration ...159 9.3 Configuring Time Zone and NTP 161 9.4 9.4.1 9.4.2 9.4.3 Log Configuration...162 Defining What to Log ...162 Sending Logs to E-mail or Syslog 167 E vent Log Viewer in GUI 169 9.5 Backing up and Restoring Configuration Settings 170 9.6 Upgrading Router Firmware 171 9.7 Upgrading Router Firmware via USB 172 9.8 Dynamic DNS Setup ...173 9.9 9.9.1 9.9.2 9.9.3 9.9.4 Using Diagnostic Tools 174 Ping...175 Trace Route ...175 DNS Lookup ...176 Rout...
... 9.1.3 Configuration Access Control 157 Admin Settings ...157 Remote Management ...158 CLI Access ...159 9.2 SNMP Configuration ...159 9.3 Configuring Time Zone and NTP 161 9.4 9.4.1 9.4.2 9.4.3 Log Configuration...162 Defining What to Log ...162 Sending Logs to E-mail or Syslog 167 E vent Log Viewer in GUI 169 9.5 Backing up and Restoring Configuration Settings 170 9.6 Upgrading Router Firmware 171 9.7 Upgrading Router Firmware via USB 172 9.8 Dynamic DNS Setup ...173 9.9 9.9.1 9.9.2 9.9.3 9.9.4 Using Diagnostic Tools 174 Ping...175 Trace Route ...175 DNS Lookup ...176 Rout...
DSR-150 User Manual
Page 7
Factory Default Settings...199 Appendix C. Credits ...195 Appendix A. Standard Services A vailable for Port Forwarding & Firewall Configuration 200 Appendix D. Unified Services Router User Manual 10.3.2 Wireless Clients ...187 10.3.3 LAN Clients ...187 10.3.4 Active VPN Tunnels ...188 Chapter 11. Glossary ...196 Appendix B. RJ-45 Pin-outs...255 Appendix F. Product Statement ...256 5 Trouble Shooting ...190 11.1 Internet connection ...190 11.2 Date and time ...192 11.3 Pinging to Test LAN Connectivity 192 11.3.1 Testing the LA N path from your P C to your...
Factory Default Settings...199 Appendix C. Credits ...195 Appendix A. Standard Services A vailable for Port Forwarding & Firewall Configuration 200 Appendix D. Unified Services Router User Manual 10.3.2 Wireless Clients ...187 10.3.3 LAN Clients ...187 10.3.4 Active VPN Tunnels ...188 Chapter 11. Glossary ...196 Appendix B. RJ-45 Pin-outs...255 Appendix F. Product Statement ...256 5 Trouble Shooting ...190 11.1 Internet connection ...190 11.2 Date and time ...192 11.3 Pinging to Test LAN Connectivity 192 11.3.1 Testing the LA N path from your P C to your...
DSR-150 User Manual
Page 8
...: Connection Status information for both WAN ports 46 Figure 26: List of Configured Bandwidth Profiles 47 Figure 27: Bandwidth Profile Configuration page 48 Figure 28: Traffic Selector Configuration ...49 Figure 29: Load Balancing is available when multiple WAN ports are configured and Protocol Bindings have been defined ...52 Figure 30: Protocol binding setup to associate a service and/or LAN source to a WAN and/or destination network ...53 Figure 31: Routing Mode is used to configure traffic routing between WAN and LAN...
...: Connection Status information for both WAN ports 46 Figure 26: List of Configured Bandwidth Profiles 47 Figure 27: Bandwidth Profile Configuration page 48 Figure 28: Traffic Selector Configuration ...49 Figure 29: Load Balancing is available when multiple WAN ports are configured and Protocol Bindings have been defined ...52 Figure 30: Protocol binding setup to associate a service and/or LAN source to a WAN and/or destination network ...53 Figure 31: Routing Mode is used to configure traffic routing between WAN and LAN...
DSR-150 User Manual
Page 9
... 39: WAN3 configuration for 3G internet 66 Figure 40: Physical WAN port settings ...67 Figure 41: Wireless Network Setup Wizards ...69 Figure 42: List of A vailable Profiles shows the options available to secure the wireless link .......... 71 Figure 43: Profile configuration to set network security 73 Figure 44: RA DIUS server (External Authentication) configuration 75 Figure 45: Virtual AP configuration ...76 Figure 46: List of configured access points (Virtual APs) shows one enabled access point on the radio...
... 39: WAN3 configuration for 3G internet 66 Figure 40: Physical WAN port settings ...67 Figure 41: Wireless Network Setup Wizards ...69 Figure 42: List of A vailable Profiles shows the options available to secure the wireless link .......... 71 Figure 43: Profile configuration to set network security 73 Figure 44: RA DIUS server (External Authentication) configuration 75 Figure 45: Virtual AP configuration ...76 Figure 46: List of configured access points (Virtual APs) shows one enabled access point on the radio...
DSR-150 User Manual
Page 80
... let y o u define whether legacy connections or only 802.11n connections (or both) are accepted on this s cenario. 4.4 Tuning Radio Specific Settings Setup > Wireless Settings > Radio Settings The Radio Settings page lets you configure t he s elected o p erat in g s are g o v ern ed b y reg u latory co nst rain t s b as a d u al b an d 802.11n rad io , mean t t o b e u s ed fo r a few legacy devices in this radio requires...
... let y o u define whether legacy connections or only 802.11n connections (or both) are accepted on this s cenario. 4.4 Tuning Radio Specific Settings Setup > Wireless Settings > Radio Settings The Radio Settings page lets you configure t he s elected o p erat in g s are g o v ern ed b y reg u latory co nst rain t s b as a d u al b an d 802.11n rad io , mean t t o b e u s ed fo r a few legacy devices in this radio requires...
DSR-150 User Manual
Page 99
... change default QoS priority or Logging (unless desired) - clicking apply will ap p ear in t h e LA N o r W A N. W h ile co mmo n s erv ices h av e kn o wn TCP/ UDP/ ICM P p o rt s fo r t raffic, man y cu s t o m o r u n co mmo n ap p licat io n s exis t in t h e s erv ices lis t o f t h e firewall ru les co n fig u rat io n men u . 97 On the Source Users dropdown, select Address Range and add this firewall blocking...
... change default QoS priority or Logging (unless desired) - clicking apply will ap p ear in t h e LA N o r W A N. W h ile co mmo n s erv ices h av e kn o wn TCP/ UDP/ ICM P p o rt s fo r t raffic, man y cu s t o m o r u n co mmo n ap p licat io n s exis t in t h e s erv ices lis t o f t h e firewall ru les co n fig u rat io n men u . 97 On the Source Users dropdown, select Address Range and add this firewall blocking...
DSR-150 User Manual
Page 115
... t ern et (remo t e acces s ). Set t h e Co n n ect io n Name an d p re -s h ared key : t h e co n n ect io n n ame is t u n n el; On ce t h e IKE o r VPN p o licy is mo re t h an 1 W A N configured the tunnel can either of the gateways . 113 if t h ere is creat ed , y o u can u s e t h e VPN wizard t o q u ickly creat e b o t h IKE an d VPN p o licies . Unified Services Router User Manual 6.1 VPN Wizard Setup > Wizard > VPN Wizard Yo u can mo d ify it...
... t ern et (remo t e acces s ). Set t h e Co n n ect io n Name an d p re -s h ared key : t h e co n n ect io n n ame is t u n n el; On ce t h e IKE o r VPN p o licy is mo re t h an 1 W A N configured the tunnel can either of the gateways . 113 if t h ere is creat ed , y o u can u s e t h e VPN wizard t o q u ickly creat e b o t h IKE an d VPN p o licies . Unified Services Router User Manual 6.1 VPN Wizard Setup > Wizard > VPN Wizard Yo u can mo d ify it...
DSR-150 User Manual
Page 124
...led , L2TP clien t s t h at are wit h in t h e ran g e o f co n fig u red IP ad d res ses o f allo wed clien t s can b e es t ablis hed t h rou gh t h is ro u ter. On ce t h e L2TP s erv er is av ailab le o n t h e ro u t er fo r LA N an d W A N L2TP clien t u s ers t o acces s . PPTP Se rve r User Manual 6.4.2 L2TP Tunnel Support Setup > VPN Settings... > L2TP > L2TP Server A L2TP VPN can reach t he ro u ter's L2TP s erv er. Unified Services Router Figure 79 : PPTP tunne l configuratio n - On ce ...
...led , L2TP clien t s t h at are wit h in t h e ran g e o f co n fig u red IP ad d res ses o f allo wed clien t s can b e es t ablis hed t h rou gh t h is ro u ter. On ce t h e L2TP s erv er is av ailab le o n t h e ro u t er fo r LA N an d W A N L2TP clien t u s ers t o acces s . PPTP Se rve r User Manual 6.4.2 L2TP Tunnel Support Setup > VPN Settings... > L2TP > L2TP Server A L2TP VPN can reach t he ro u ter's L2TP s erv er. Unified Services Router Figure 79 : PPTP tunne l configuratio n - On ce ...
DSR-150 User Manual
Page 192
... this range, check the connection from the PC to capture packets sent during the reboot. Click Refresh or Reload in the range 192.168.1 0.2 to ensure that you are using Internet Explorer, click Refresh to 192.168.10.254. 3. If the PC cannot reach a DHCP server, some versions of Windows and Mac OS generate and assign an IP address. If your configuration, reboot the router and use...
... this range, check the connection from the PC to capture packets sent during the reboot. Click Refresh or Reload in the range 192.168.1 0.2 to ensure that you are using Internet Explorer, click Refresh to 192.168.10.254. 3. If the PC cannot reach a DHCP server, some versions of Windows and Mac OS generate and assign an IP address. If your configuration, reboot the router and use...
DSR-150 User Manual
Page 218
...; nRows=%d nCols=%d RADIUS Accounting Exchange Failed Unable to set debug for radEap. Unable to set default retries value ERROR: incomplete DB update inform ation. Unified Services Router User Manual Adding DictionaryAttribute '%s' DEBUG Adding DictionaryValue %s DEBUG Receiving attribute: %s Processing attribute: %s Processing attribute: %s Processing attribute: %s Processing attribute: %s radConfGet: " Added Server %s:%d with " Added Server %s:%d with " Default Timeout Set to %d Default Retry Count Set to %d %s - %s : %d Deleting Server %s:%d with " Adding RowId:%d to...
...; nRows=%d nCols=%d RADIUS Accounting Exchange Failed Unable to set debug for radEap. Unable to set default retries value ERROR: incomplete DB update inform ation. Unified Services Router User Manual Adding DictionaryAttribute '%s' DEBUG Adding DictionaryValue %s DEBUG Receiving attribute: %s Processing attribute: %s Processing attribute: %s Processing attribute: %s Processing attribute: %s radConfGet: " Added Server %s:%d with " Added Server %s:%d with " Default Timeout Set to %d Default Retry Count Set to %d %s - %s : %d Deleting Server %s:%d with " Adding RowId:%d to...
DSR-150 User Manual
Page 219
... update handler ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR requestNtpTime: Invalid addr ERROR failed to take lock for compId: %d failed to convert ioctl args to set debug level for radAuth. ERROR: option value not specified Unable to set debug level for radAuth. nRows=%d nCols=%d Error in the list after %d \ Primary is not available, " Secondary is not available, " DEBUG DEBUG DEBUG DEBUG Invalid value for use default servers, " No server is configured...
... update handler ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR ERROR requestNtpTime: Invalid addr ERROR failed to take lock for compId: %d failed to convert ioctl args to set debug level for radAuth. ERROR: option value not specified Unable to set debug level for radAuth. nRows=%d nCols=%d Error in the list after %d \ Primary is not available, " Secondary is not available, " DEBUG DEBUG DEBUG DEBUG Invalid value for use default servers, " No server is configured...
DSR-150 User Manual
Page 224
.... Unified Services Router User Manual Internet on port %d Disabling remote access management for IP address range" Disabling remote access management only to only this PC. MAC Filtering %sabled for protocol TCP. Enabling rule, port triggering for PERMIT and BLOCK REST. DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG Restarting DNS proxy. Enabling Block traffic from FirewallRules6 where ScheduleName = '%s'. Configuring firewall session settings for " Disabling DMZ DEBUG DEBUG DEBUG DEBUG Disabling WAN-DMZ rules...
.... Unified Services Router User Manual Internet on port %d Disabling remote access management for IP address range" Disabling remote access management only to only this PC. MAC Filtering %sabled for protocol TCP. Enabling rule, port triggering for PERMIT and BLOCK REST. DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG DEBUG Restarting DNS proxy. Enabling Block traffic from FirewallRules6 where ScheduleName = '%s'. Configuring firewall session settings for " Disabling DMZ DEBUG DEBUG DEBUG DEBUG Disabling WAN-DMZ rules...
DSR-150 User Manual
Page 226
... initialize MGMT framework could not initialize MGMT framework dot11VapBssidUpdt SQL error: %s sqlite3QueryResGet failed.Query:%s KDOT11_GET_PARAM(IEEE80211_I OC_CHANNEL) failed Failed to get the channel setting for node : %s installing keyto index %d iReq.i_val : %d pIfName : %s iReq.i_val : %d setting mode: %d Global counter wrapped, re-generating... Unified Services Router User Manual Facility: Local0 (Wireless) Log Message (node=%s) setting %s to val = %d Custom wireless event: '%s' Wireless event: cmd=0x%x len=%d New Rogue AP (%02x:%02x:%02x...
... initialize MGMT framework could not initialize MGMT framework dot11VapBssidUpdt SQL error: %s sqlite3QueryResGet failed.Query:%s KDOT11_GET_PARAM(IEEE80211_I OC_CHANNEL) failed Failed to get the channel setting for node : %s installing keyto index %d iReq.i_val : %d pIfName : %s iReq.i_val : %d setting mode: %d Global counter wrapped, re-generating... Unified Services Router User Manual Facility: Local0 (Wireless) Log Message (node=%s) setting %s to val = %d Custom wireless event: '%s' Wireless event: cmd=0x%x len=%d New Rogue AP (%02x:%02x:%02x...
DSR-150 User Manual
Page 228
... to get %s mac address Failed to set %s SSID Failed to set SSID broadcast status Failed to set PreAuth mode unable to install key KDOT11_SET_PARAM:IEEE80211_I OC_AUTHMODE failed KDOT11_SET_PARAM:IEEE80211_I OC_PRIVACY failed wpaInit failed dot11InstallProfile: unable to get interface index adpHmacInit(%s) failed interface %s not found AP not found on %s keyLen > PNAC_KEY_MAX_SIZE Invalid profile name passed Creation of WPS EAP Profile failed unsupported command %d device %s not found unsupported command %d dot11NodeAlloc failed Getting WPA IE failed for %s Getting WPS IE failed for %s Failed...
... to get %s mac address Failed to set %s SSID Failed to set SSID broadcast status Failed to set PreAuth mode unable to install key KDOT11_SET_PARAM:IEEE80211_I OC_AUTHMODE failed KDOT11_SET_PARAM:IEEE80211_I OC_PRIVACY failed wpaInit failed dot11InstallProfile: unable to get interface index adpHmacInit(%s) failed interface %s not found AP not found on %s keyLen > PNAC_KEY_MAX_SIZE Invalid profile name passed Creation of WPS EAP Profile failed unsupported command %d device %s not found unsupported command %d dot11NodeAlloc failed Getting WPA IE failed for %s Getting WPS IE failed for %s Failed...
DSR-150 User Manual
Page 254
... are in use. no memoryfor device state, __func__ ERROR ERROR ERROR ERROR ERROR kernel MIBCTL registration failed! ath_pci: no memoryfor device state %s: unable to register device, dev>nam e ath_dev_probe: no memoryfor device s tate %s: no support for \ ERROR Module \%s\ is not known, buf Error loading module \%s\, buf Module \%s\ failed to initialize, buf ERROR ERROR ERROR 252 ERROR: non-NULL node pointer in %p, %p! %s:%d - ERROR: non-NULL node pointer in %p, %p! Unified Services Router User Manual Wakingup due to register device, dev>nam...
... are in use. no memoryfor device state, __func__ ERROR ERROR ERROR ERROR ERROR kernel MIBCTL registration failed! ath_pci: no memoryfor device state %s: unable to register device, dev>nam e ath_dev_probe: no memoryfor device s tate %s: no support for \ ERROR Module \%s\ is not known, buf Error loading module \%s\, buf Module \%s\ failed to initialize, buf ERROR ERROR ERROR 252 ERROR: non-NULL node pointer in %p, %p! %s:%d - ERROR: non-NULL node pointer in %p, %p! Unified Services Router User Manual Wakingup due to register device, dev>nam...