HG320 HG1110 HG1210 HG1300 HG1500 HG2300 Configuration Guide

HG320 HG1110 HG1210 HG1310 & HG1520 HG1330 HG1350 & HG1550 HG2300 Series IP Residential Gateways
Configuration Guide
HG320 & HG1110 & HG1210 & HG1300 & HG1500 & HG2300 IP Residential Gateways Configuration Guide 2011-07-12
This product is developed and manufactured by Tilgin AB
Copyright 2011 Tilgin This document is confidential. The document and its contents may not be disclosed in any form to a third party without written authorization from Tilgin. All rights reserved. This document and any associated artwork, software, and product designs are copyrighted with all rights reserved. Under the copyright laws this document, artwork, software, and product designs may not be copied, in whole or part, without the written consent of Tilgin ab. Under the law, copying includes translation to another language or format. This product includes software developed by the Neotonic Software Corporation. http://www.neotonic.com/ Any Open Source code contained in this product is available as a free download from http://www.tilgin.com
1. HG320 & HG1110 & HG1210 & HG1310 & HG1520 & HG1350 & HG1550 Series IP Residential Gateways 11
1.1. Introduction 1.1.1. Application SW 1.1.2. Prerequisites to set up 1.1.3. Network elements 1.1.4. Configuration Interfaces 1.2. Booting of Home Gateway 1.2.1. Mandatory parameters 1.2.2. Generic boot stages 1.2.3. Starting the Boot Procedure 1.3. Boot Scenarios 1.3.1. Automatic booting 1.3.1.1. Prerequisites for automatic booting 1.3.1.2. The automatic boot sequence 1.3.2. Semi-automatic booting 1.3.2.1. The semi-automatic boot sequence 1.3.2.2. Using the wizard: 1.3.2.3. Using the telephone handset: 1.3.2.4. Using the configuration page: 1.3.3. Manual booting 1.3.3.1. Using factory installed default parameters only 1.3.4. Using the DHCP Server to distribute the VCMs IP Address 1.4. TR-069 ACS Provisioning methods 11 12 12 12 12 14 14 14 14 15 15 15 15 15 15 16 17 18 18 18 18 18
2.
Configuring Individual Gateways with a Web Browser

2.1. Logging onto the gateway 2.2. Login to gateway subscriber pages 2.2.1. Buttons 2.3. Setup page 2.3.1. Set up provisioning 2.3.1.1. Management Protocol 2.3.1.2. Management Server 2.3.1.3. Polling 2.3.1.4. TR-069 2.3.2. Set up the LAN 2.3.3. Create a new LAN group 2.3.4. Configure LAN groups 2.3.5. LAN Group Ports Management 2.3.6. Firewall / NAT services 2.3.7. Setting up the WAN 2.3.8. HG111x DSL parameters 2.3.8.1. Modem 2.3.8.2. Virtual Circuits - ATM VC 2.3.9. IP allocation methods 2.3.10. Subscriber authentication 2.3.11. Setting up new connections 2.3.12. Common WAN Connection Settings 2.3.12.1. General 2.3.12.2. ATM Virtual Circuit (Only applicable for HG111x) 2.3.12.3. Ethernet over ATM 2.3.12.4. Ethernet Interface 2.3.12.5. Bridge 2.3.12.6. Firewall and NAT 2.3.13. WAN Connection types
19
19 19 22 23 24 24 25 25 25 26 26 28 29 29 30 30 30 30 31 32 32 32 33 33 34 34 34 34 35
2.3.14. PPP connections 2.3.15. Bridged connections 2.3.16. DHCP connections 2.3.17. Static connections 2.3.18. CLIP: classic IP over ATM (Only applicable for HG111x) 2.4. Configuring VoIP 2.4.1. Country-specific settings 2.4.2. SIP settings 2.4.3. Dial plan 2.4.4. Configuring Codecs 2.4.5. G711 A codec options 2.4.6. G711 codec options 2.4.7. G723 codec options 2.4.8. G729 codec options 2.4.9. G726-32 options 2.4.10. Clearmode options 2.4.11. iLBC options 2.4.12. T38 facsimile protocol 2.4.13. Echo Cancellation 2.4.14. Services Caller ID 2.5. Configuring the Switch Settings 2.5.1. Physical link 2.5.2. Rate Limit 2.5.3. Storm Protection 2.6. Advanced Configuration 2.6.1. Service Separation 2.6.2. UPnP 2.6.3. IP QoS 2.6.4. RTSP Proxy 2.6.5. Multicast 2.6.6. Static Routing 2.6.7. Dynamic Routing 2.7. Firewall and Filters 2.7.1. Stateful Packet Inspection Firewall 2.7.2. Tunneling Protocols 2.7.3. Templates 2.7.4. Port Forwarding 2.7.4.1. DMZ 2.7.5. IP Filters 2.7.6. Custom rules 2.7.7. Bridge Filters 2.7.8. Editing/adding bridge filter rules 2.7.9. Access Controls 2.8. LAN Settings 2.8.1. Add LAN clients 2.8.2. LAN Group Isolation 2.9. Miscellaneous 2.9.1. Packet Processing (Only applicable for HG1310&HG1520) 2.9.2. Mac Address Cloning 2.9.3. Dyn DNS 2.9.4. SNTP 2.9.5. SNMP 2.9.5.1. SNMP Version support 2.10. Configuring Wireless Settings 2.10.1. Physical Setup 2.10.2. WPS setup 2.10.3. SSID Configuration 2.10.4. SSID Security
36 37 38 38 38 40 41 42 43 44 46 46 47 48 48 49 49 50 50 51 52 52 53 53 54 55 56 56 56 57 58 59 60 60 60 60 62 63 64 65 65 66 66 67 67 67 68 68 68 69 70 70 71 72 72 73 74 76
2.10.4.1. 2.10.4.2. 2.11. Tools 2.11.1. 2.11.2. 2.11.3. 2.11.4. 2.11.5. 2.11.6. 2.11.7. 2.11.8. 2.11.9. 2.11.10. 2.11.11. 2.11.12. 2.11.13. 2.12. Status 2.12.1. 2.12.2. 2.12.3. 2.12.4. 2.12.5.
WEP WPA/WPA2 79 Upload toolset Administrator account Maintainer account Diagnostics MIT dump VoIP Debug Restart System Console and CRM applications PING Sniffer Tool Transfer Backup/restore configuration Restoring system defaults 85 Product info System log Connections Network DHCP clients
77 78 80 80 80 80 81 81 81 82 82 82 82 83 84 85 86 86 87 88
3.
Subscribers Configuration
3.1. Login to gateway subscriber pages 3.2. Account page 3.2.1. Create New 3.2.2. Call handling (call diversion) 3.2.3. Distinctive Ring Signals 3.2.4. Distinctive ringing: local configuration 3.2.5. Distinctive Call Waiting indicators 3.2.6. List all calls 3.2.7. Click to Dial Service 3.2.8. Account-specific settings 3.2.9. Phone book 3.2.10. Answering machine 3.2.11. Answering machine mail configuration 3.2.12. Record message 3.3. Phone-specific settings 3.3.1. Phone configuration 3.3.2. Group numbers 3.3.3. Call barring 3.3.4. Hotline / warmline 3.3.5. Volume 3.4. Configuration with an analog telephone and service codes 3.4.1. WAN IP Readout 3.5. Default service codes 3.5.1. Handset codes: Call diversion 3.5.2. Handset codes: Call Waiting/Call Hold 3.5.3. Handset codes: Inquiry Call/Call Hold 3.5.4. Handset codes: Three-Way Conferencing 3.5.5. Handset codes: Call Transfer 3.5.6. Handset codes: Fast Re-Dial Service 3.5.7. Handset codes: locally stored messages 3.5.8. Handset codes: Record greeting 3.5.9. Handset codes: Call Completion to Busy Subscriber (CCBS) 3.5.10. Handset codes: Calling Line ID Restriction for Anonymous Calling
89
89 91 92 93 93 94 95 95 95 96 97 97 98 99 100 100 100 101 102 102 103 103 103 103 104 104 104 104 104 104 104 104 104
3.5.11. Handset codes: Caller ID Enabling/Disabling 3.6. USB Host 3.6.1. USB LED 3.6.2. USB HDD Introduction 3.6.3. Storage Management 3.6.3.1. Hardware Support 3.6.3.2. Client Support 3.6.3.3. Service Control 3.6.3.4. Access Protocols 3.6.3.5. Network Access Control 3.6.3.6. Authentication 3.6.3.7. Device Management 3.6.3.8. Volume Management 3.6.3.9. File System Management 3.6.3.10. Folder Management 3.6.3.11. Folder Access Control 3.6.3.12. Folder Network Access 3.6.3.13. User Management 3.6.3.14. Group Management 3.6.3.15. Auxiliary Software Management 3.6.3.16. Use Case: Password-Less Read-Only Access via HTTP 3.6.3.17. Use Case: Password-Less Read-Write Access via HTTP 3.6.3.18. Use Case: Password-Less Read-Write Access via SMB 3.6.3.19. Use Case: Password-Protected Read-Write Access via BOTH HTTP and SMB
105 106 106 106 106 107 107 107 107 108 108 108 109 109 109 110 110 110 110 111 111 111 111 112
4.
Management Server Configuration - VCM

4.1. Concepts within VCM 4.1.1. Hierarchal Configuration 4.1.2. Inherit of SW 4.1.3. Enable/Disable parameters 4.1.4. Override parameters 4.2. Configuration using VCM 4.7 differs in appearance from VCM 5.4 4.3. Gateway Settings page 4.4. Index to configurable gateway settings 4.5. Boxes 117 4.6. Phones/POTS 4.6.1. Outgoing calls 4.6.2. Incoming calls 4.7. Web Configuration 4.7.1. Web server 4.7.2. Web GUI access control 4.7.3. Password Settings 4.8. Services 119 4.8.1. Caller Id 4.8.2. Service Transparency 4.8.3. Call Waiting 4.8.4. Anonymous Call 4.8.5. Answering Machine 4.8.6. Mid Call Services 4.8.7. Call Transfer 4.8.8. Call Diversion 4.8.9. Redial 4.8.9.1. Completion of calls to busy subscriber 4.8.9.2. Completion of calls on No Reply 4.8.10. Distinctive ringing: Central configuration 4.8.11. Distinctive ringing using the SIP method 4.8.12. Hot line
113
113 113 114 114 114 115 115 116 117 117 117 117 117 118 118 119 120 121 123 124 126 126 126 129 129 129 129 130 130
4.8.13. Message Waiting Indication 4.9. Number Plan 4.9.1. Call Barring 4.9.2. Phone numbers and service codes 4.9.3. Allowed internal numbers 4.9.4. Regular Expressions 4.10. User Behavior 4.10.1. R-button 4.10.2. Disconnect Dialling 4.10.3. Called party OnHook timeout 4.10.4. Tones 4.11. System138 4.11.1. Country-specific Configurations 4.11.2. VoIP 4.11.3. Diffserv Configuration 4.11.4. VCM server connection: gateway polling 4.11.5. DHCP client 4.11.6. Echo cancellation 4.11.7. T 38 4.11.8. Codecs 4.11.8.1. G711_A_64kb 4.11.8.2. G711_u_64kb 4.11.8.3. G723 4.11.8.4. G729 4.11.8.5. iLBC 4.11.8.6. AMR Narrowband 4.11.8.7. G726 4.11.8.8. G722 4.12. MGCP145 Primary Call Agent address Secondary Call Agent address Set End point name channels A though D Set Password for optional authentication, channels A-D Set answering machine trigger events Gateway name Gateway name (other) Enable usage of NCS 1.0 profile Use NSE 146 Enable usage of DNS for resolving notified entity address 4.13. SIP Accounts 4.14. SIP Parameters 4.14.1. Transport 4.14.2. Port Usage 4.14.3. DTMF 4.14.4. SIP Info 4.14.5. Presence 4.14.6. General 4.14.7. Customer Specific 4.14.8. Registration Settings 4.14.9. RFC 3323/3325 4.14.10. Known Limitations 4.15. Home network overview 4.15.1. Creating LAN groups in VCM 4.15.2. LAN group - LAN Settings 4.15.2.1. LAN Group Static IP DHCP Provider 4.15.2.2. LAN Group DHCP Options 4.16. WAN Connections 4.16.1. ATM Virtual Circuits
131 132 132 133 135 136 136 136 137 137 138 138 138 139 140 140 141 141 143 143 143 143 144 144 144 144 144 146 146 146 146 146 146 146 146 146 149 150 150 150 151 151 152 152 153 153 154 154 155 156 157 158 158 159 160
4.16.2. Create New Connection 4.16.3. Link 4.16.4. PPP Settings 4.16.5. DHCP 4.16.6. Static IP Settings 4.16.7. CLIP Settings (Only applicable for HG1110) 4.16.8. Service Separation per connection 4.16.9. Bridge Settings 4.17. Service Separation - Prioritizing fallback connections 4.18. Firewall & NAT Services 4.19. UPnP Connection Parameters 4.20. SNMP 166 4.20.1. SNMP 4.21. RTSP Proxy 4.22. IGMP Multicast 4.22.1. Enable multicast 4.23. Dynamic Routing (RIP) 4.24. SNTP - Simple Network Time Protocol 4.25. Tools 171 4.25.1. Operator Web Access 4.25.2. Allow Ping 4.25.3. Logging 4.26. Wireless (WLAN) 4.26.1. WLAN Global Settings 4.26.2. Create New SSID 4.26.2.1. Security 4.27. Switch Configuration 4.27.1. Physical Interface 4.27.2. Rate Limit
161 161 162 163 163 163 163 164 165 165 166 166 167 168 168 169 170 171 171 171 172 172 172 172 173 173 173
5.
QoS and Triple Play Solutions

5.1. ATM QoS: PVCs and VLAN/Port/Service Mapping 5.2. IP QoS Engine 5.2.1. TR-059: IP-QoS requirements 5.2.2. Traffic Aggregation and Control 5.2.3. DiffServ Classification 5.2.4. DiffServ Scheduling 5.2.5. Dynamic Packet Fragmentation/MTU Sizing 5.2.6. One PVC: Multiple WAN IP / VLAN Connections 5.2.7. One PVC: sharing voice and data traffic
174
174 175 176 176 176 176 177 177 177
6.
NAT and Firewall Services

6.1.1. 6.1.2. 6.1.3. 6.1.4. 6.1.5. 6.1.6. SPI firewall rule-set Port Forwarding IP Filters Access Control DMZ PING
177
177 178 178 178 178 179
7.
Using regular expressions

7.1. Creating a dial plan using regular expressions 7.1.1. Home gateway regular expression syntax 7.1.2. Output Expressions 7.1.3. How Output Variables ($0, $1, $2,...$9 ) are set 7.1.4. Examples of regular expressions
179
179 180 180 181 181
7.1.5.
Limitations of the regular expression parser
181
8.
Acronyms
183
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide
11
1. HG320 & HG1110 & HG1210 & HG1310 & HG1520 & HG1330 & HG1350 & HG1550 & HG2300 Series IP Residential Gateways
1.1. Introduction This guide provides the configuration parameters for the HG series home gateways. This guide applies to the web-based configuration GUI in each gateway device, configuration with a telephone handset via entered service codes, and to gateway configuration via the auto-configuration server VCM. Note: Most of the functionality is available both in Web GUI and VCM, hence some only exists in either one. The main reason for this discrepancy is because some functions only are applicable to either one, but for some cases lack of support is simply due to prioritization of resources. This configuration guide is based on HG SW release 02_02_01_xx, the bulk part is of course applicable for newer/older releases as well. The fundamental difference between the different variants of HG series gateways is the access network they are designed for. The HG320 & HG1310/HG1330/HG1350 series is engineered for a Copper Ethernet WAN connection while the HG1520/HG1550 series offers fiber connectivity. HG2300 supports Gigabit routing. HG1110 platform have ADSL modem supporting ADSL, ADSL2 and ADSL 2+ standards. HG1210 platform have VDSL and ADSL fall back.
Model
WAN
LAN Ports 1 4 4 4 4 4 4 4 4 4 7 4 4 4 4 7 7 4
VoIP FXS Ports 1 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2
DECT
PSTN FXO Backup
USB
ISDN Options NT TE ports ports 2 2 2
Wireless 802.11 b/g b/g b/g b/g b/g/n b/g/n b/g b/g b/g b/g/n b/g/n b/g b/g b/g b/g b/g/n b/g/n
NAT Fire wall Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
QoS Traffic Shaping Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Multicast Support Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
HG321 HG1112 HG1113 HG1113i HG1211 HG1213i HG1311 HG1311i HG1312 (White) HG1332 HG1351 HG1521 HG1522 (White) HG1523 HG1524 HG1551 HG1558 HG2301
Ethernet, 10/100 ADSL ADSL ADSL VDSL VDSL Ethernet, 10/100 Ethernet, 10/100 Ethernet, 10/100 Ethernet, 10/100 Ethernet, 10/100/1000 100 SMSF 100 SMSF 100 MM 100 SM 100/1000 100/1000 Ethernet 10/100/1000
Host Device Device Device Host Host Host Host Host Host Host Host Host Host Host Host Host 2* Host
HG320 & HG1110 & HG1210 & HG1310 & HG1520 & HG1330 & HG1350 & HG1550 & HG2300 series applications The VoIP solution provides a full range of features over all major VoIP protocols (SIP, MGCP and
12
MGCP/NCS) and interoperability with all larger softswitch vendors as well as VoIP over ISDN and intelligent routing of calls to the PSTN and fallback in case of power failure. Tilgin gateways are designed as the CPE components of a total network solution where all current and future subscriber services are delivered over IP. When used with the VCM, the home gateway platform provides comprehensive operator control over automatic registration, configuration and re-configuration of subsequent service upgrades and full, GUI-based control for separating revenue-generating services into separate profiles either on the basis of service groups or individual subscribers. The home gateway platform also offers optional support for management via vendor-agnostic (TR-069) protocols.
1.1.1. Application SW The HG1110 & the other HG1300 & HG1500 & HG2300 shares the same SW architecture, so Web GUI, VoIP application etc are the same. The main difference between HG111x and the other HG is that different CPU is used, hence different low level media processing. Note: The HG1110 Application SW exists in two different versions. Old SW based on Vood 400 architecture (Last release SIP 3.5.x), or as described above same architecture as HG13/15 (last release 01.03.0x.xx) 1.1.2. Prerequisites to set up Before you proceed, connect the Ethernet adaptor and the voltage adaptor. Refer to the Tilgin HG1110, HG1310 & 1520 series Quick Guide for information about installing the gateway. 1.1.3. Network elements The gateway unit uses one or more network elements to obtain the parameters necessary for booting and operation. Not all of these servers are necessary. For a more specific explanation of their roles, see 1.3. - DHCP server: used for automatically obtaining the units IP address, the IP gateway address and the netmask (when DHCP is used). - Broadband Remote Access Server (BRAS): used for automatically obtaining the units IP address, the IP gateway address and the netmask (when PPP is used). - Authentication, Authorization and Accounting (AAA) server . - Domain Name System (DNS) server: supplies the translation of domain names into IP addresses. - Network Time Protocol (NTP) server: used for time synchronization. - A softswitch server: registers the gateway unit in the network and maps telephone numbers to IP addresses when setting up calls. Precise functions vary according to the protocol used:

a SIP Proxy Server in SIP systems a Call Agent in MGCP systems
- DSLAM: Digital Subscriber Line Access Multiplexer - VCM: supplies the unit with software and a set of operating parameters. The VCM uses the HTTP protocol. VCM Supports both Tilgin proprietary management protocol (RECON) and TR-069 1.1.4. Configuration Interfaces Tilgin gateways are typically configured automatically by simply downloading a provisioning file from the VCM. Full GUIs for manual configuration are also available both on the gateway itself and the VCM.

Most parameters can be entered EITHER from the VCM or the individual gateway. Some parameters can ONLY be entered using the VCM. From VCM, gateways can be configured either individually or in groups. Some parameters can ONLY be entered on the gateway itself. Typically these represent subscriber choices such as what number to divert calls to, direct dial lists etc. On the gateway itself, there are two ways to
13
configure parameters: o Web-based configuration pages in the gateway. See 2. o IVR. A telephone interface using touch-tone phone to enter parameters. See 3.4. This option is provided for customers without access to a web browser. Not fully supported, yet.
14
1.2. Booting of Home Gateway The HG platform supports a full range of boot scenarios. The operator's choice will depend on the number of connections, number of IP addresses, IP address management, etc. Different specific boot scenarios are described in section 1.3. 1.2.1. Mandatory parameters As a minimum, the following base parameters must to be known to the gateway unit for the unit to establish contact with the IP network: IP address Network route address (IP Gateway) Netmask To get these base parameters, the gateway must be able to configure the WAN connection: For the HG1110 series: The ADSL/ATM parameters to establish layer 1 and layer 2 connectivity Protocol for obtaining an IP address User account information for authentication When PPP/PAP/CHAP is used For the HG1300 & HG1500 series: Protocol for obtaining an IP address User account information for authentication when PPP/PAP/CHAP is used There are several ways these base parameters can be acquired, resulting in several boot scenarios see section 1.3. 1.2.2. Generic boot stages All scenarios have the following boot steps in common: The gateway performs a hardware test The units IP stack is configured The gateway contacts an VCM to: Obtain configuration parameters Receive software update if necessary (always receives an update the first time the box is connected). The voice and configuration applications are started The unit registers itself with the CCS (Call Control Server)/SIP Proxy/Call Agent 1.2.3. Starting the Boot Procedure To start the boot procedure, connect the gateway units voltage adaptor to a suitable power source. Turn on the on/off switch. Hardware test: The boot procedure starts by testing the units hardware. If the hardware tests are successful, the Linux kernel boots. After successful boot, the Power LED on the front panel will switch from RED to GREEN. If it never turns GREEN contact your service provider. Configure ADSL connection: Configures the ADSL connection for communication with the network. These parameters are automatically configured (using the default settings), based on a pre-configured operator code or manually entered via the web interface. Automatic PVC searching is supported. PVC Auto Hunt is used according to list: Annex A, M: 0.35; 8.35; 0.43; 0.51; 0.59; 8.43; 8.51; 8.59; 0.32; 0.40; 0.36; 0.38; 0.96; Annex B: 0.35; 8.35; 0.43; 0.51; 0.59; 8.43; 8.51; 8.59; 0.32; 0.40; 0.36; 0.38; 0.96; 1.32; 2.32 If PVC Auto Hunt fails, default PVC 0:100 will be used. Configure IP stack: The units IP stack is configured, either by the DHCP server, by PPP or by internal default settings. The IP stack parameters are: the units IP address, the default IP gateway address and the netmask. Contact VCM: The unit establishes contact with the VCM to download the units parameter set and to update the software, if necessary. The IP address of the VCM is obtained either from the DHCP
15
communication session or from information obtained from the network service provider. When contact is established with the VCM, the unit checks to see if its internal software is up to date. If the software is correct and up to date, the voice application and configuration application start. If the unit needs a software update, the new software is downloaded. When the software update procedure is finished, the unit reboots automatically.
Registration: The unit sends registration data to the SIP Proxy or Call Agent depending on which voice protocol is used. This establishes the unit as an endpoint in the VoIP network. When the voice service is functional, the phone status LEDs of the unit show a steady light. The boot procedure is then complete.
1.3. Boot Scenarios This section describes the three major boot scenarios. In these descriptions, the hardware test is not mentioned although it is always carried out. 1.3.1. Automatic booting Automatic booting is the easiest way for the subscriber to put the gateway unit into operation and should be the preferred boot method whenever possible. Since very little subscriber intervention is required, troubleshooting is minimized. Automatic booting can be used when the service provider owns or controls the DHCP server AND the service provider provides all configurations (user specific and general) using VCM. The total booting time will be around five minutes or less. 1.3.1.1. Prerequisites for automatic booting The DHCP servers Next Server field (siaddr field) has been configured with the VCM IP address. The VCM has the gateway production file data. The terminal is configured with correct software and configuration data in VCM. The Call Control Server (CCS)/SIP Proxy has the user account data. The gateway ADSL default configuration must be valid. The device does a PVC search automatically (if not found, the default is 0:100). Vendor ID: Tilgin HG dslforum.org
1.3.1.2. The automatic boot sequence When booting, the gateway contacts the DHCP server, which provides the parameters of the units IP stack. The DHCP server provides the unit with the IP address of the VCM. The unit checks that it has the latest version of all software and downloads software updates from the VCM, if needed. In such cases, the unit reboots automatically. The unit fetches its configuration parameters from the VCM. The unit registers with the CCS/SIP Proxy, so that the CCS/SIP Proxy can authorize the unit and set it up as an IP endpoint in the network. The unit is now fully operational.
1.3.2. Semi-automatic booting In the semi-automatic booting scenario, the DHCP server provides the IP address for the gateway but does not provide the address of the VCM. Instead, the end-user must configure the gateway with the VCMs IP address. Once the VCMs IP address has been entered, the information will be stored in the gateway and used for subsequent restarts. (The end-user needs to do this configuration only once.) Semi-automatic booting is often used when the network service provider does not own or control the DHCP server. 1.3.2.1. The semi-automatic boot sequence When the home gateway unit is powered on for the first time, its IP stack must be configured. The HG1110 series conducts an automatic PVC search; the HG1310 & HG1520 series does so via a DHCP server. Following successful contact, the DHCP server configures the units IP stack. When this first-time bootup is completed it will not yet have contacted the VCM. The end-user must now manually provide the unit with the
16
VCMs IP address so that the next bootup will contact the VCM. This can be accomplished in one of three ways: 1. Subscriber enters a service code using the wizard. The operator will have supplied the end-user with the code in either 4 digit or 12 digit (for PPP authentication) format. It is recommended to use the wizard option whenever possible for semi-automatic booting (see 1.3.2.2). 2. Subscriber enters a service code using a telephone handset. The operator will have supplied the end-user with the code in either 4 digit or 12 digit (for PPP authentication) format. This is not yet supported in current releases (see 1.3.2.3) 3. Subscriber configures the VCM address on the configuration pages of the gateway. This is an alternative that is possible to do if unusual circumstances arise but is unnecessarily complex for an end user and offers no advantage when the wizard is available (see 1.3.2.4). Note: Tilgin routinely customizes software so that entering an operator-specific service code will configure the ADSL interface in addition to providing the VCM network address i.e. using an operator-specific code WILL always provide the VCM IP address; it CAN also configure one of the ADSL interfaces. Please contact Tilgin for further information on using this option. 1.3.2.2. Using the wizard: The purpose of the wizard is only to establish a connection with VCM. When this connection has been established, a new configuration is downloaded from VCM that replaces the configuration done via the wizard. Note: The wizard option requires that a service code be supplied by the operator.

Power on the home gateway unit. Connect a PC to a LAN port Locate the gateway pages by aiming a browser at: 192.168.1.1.
Select the Run Wizard link.
17
Enter the operator-specific code supplied by the operator (either a four digit sequence, or a twelve digit sequence). The shorter sequence is used to provide VCM address information and the longer sequence is used to provide connection information and basic authentication via a PPP connection. Click Next.
Select the connection options recommended by the operator and click Next.
The gateway now has all the data it needs to carry out a complete boot sequence. When it re-boots, the scheme will be almost identical to automatic booting, see 1.3.1.2; the difference is only that the unit does not retrieve the VCM IP address from the DHCP server. Click Activate. The unit reboots. This can take several minutes as the gateway downloads its configuration software from the VCM server. Do not turn off the terminal or remove the power supply until the Internet and Power LEDs have a steady GREEN light. 1.3.2.3. Using the telephone handset: This option requires that a service code be supplied by the operator. Power on the home gateway unit. Lift the receiver and enter the operator-specific code as: *9**<operator-code># The operator code is either a four digit sequence, or a twelve digit sequence. The shorter sequence is used to provide VCM address information and the longer sequence is used to provide connection information and basic authentication via a PPP connection.
The unit reboots itself.
The gateway now has all the data it needs to carry out a complete boot sequence. When rebooting, the scheme is now almost identical to automatic booting, see 1.3.1.2; the difference is only that the unit does not retrieve the VCM IP address from the DHCP server.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Note: Contact Tilgin for assistance regarding defining new Operator Codes.
18
1.3.2.4. Using the configuration page: Note: This is an alternative that is usually reserved for unusual circumstances. It is typically considered unnecessarily complex for an end user and offers no advantage when the wizard option is available. Power-on the gateway Connect a PC to a LAN port Log on to the configuration pages at http://192.168.1.1 Login up in the right hand corner as admin (User ID and Password are case sensitive): User ID: admin Password: admin The start page opens. Click the Setup tab. Click the Management Protocol link and configure the unit with either TR-069 or RECON. Then click the Apply button. Click the Management Server link and configure the unit with the VCM IP address. Then click the Apply button.

1.3.3. Manual booting In the manual booting scenario, there is no DHCP server at all. The network service provider has preconfigured the gateway unit. The boot sequence is then the same as for the automatic sequence. See chapter 1.3.1 1.3.3.1. Using factory installed default parameters only Since there is no DHCP, the unit lacks the relevant values for the IP configuration (its own IP address, the network mask, the IP address of the default IP Gateway and the address of the VCM). The end-user must provide the unit with these values, either using a telephone or a web browser. In either case, the network service provider must have supplied the end-user with the required data, where the IP addresses are in dotted quad (xxx.xxx.xxx.xxx) or FQDN format. If these addresses are specified in FQDN format, the only option is to use the web browser. In some cases the end-user has to configure DNS and NTP addresses as well. The unit now has all the data it needs to carry out a complete boot sequence. 1.3.4. Using the DHCP Server to distribute the VCMs IP Address With automatic provisioning, the VCM IP address MUST be configured/distributed by the DHCP server. In other boot scenarios it MAY be configured/distributed by the DHCP server. In addition to the normally required information (IP configuration, DNS, NTP, etc), the VCM IP address can also be configured by means of DHCP. The VCM IP address can be distributed in the Next Server field (also known as siaddr). If Windows DHCP is used, option 66 should be used but note that you then must configure option 67 with a dummy value. Option 67 should not be empty; any dummy entry is acceptable.
1.4. TR-069 ACS Provisioning methods TR-069 defines ACS discovery (page 15 TR-069 Issue 1 Amendment 2) which MAY be used. We add some extensions in both static and DHCP configuration. 1. VCM code may be used. It is mapped to FQDN using format string specified in box factory configuration. Further FQDN is mapped to ACS URL (see below). 2. FQDN may be used. It is mapped to ACS URL using format string specified in either box factory configuration or software factory configuration (right now it is specified in software factory configuration and equal to http://FQDN/tr-069/TR-069)
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 3. ACS URL may be used.
19
4. If static mechanisms (listed above) are not used to specify ACS URL, DHCP next server of management connection is mapped like FQDN to ACS URL. Also TR-069 defines vendor-specific information (option 43) to provide ACS URL and provisioning code. In order to let DHCP server known that client supports it, client MUST include 'dslforum.org' somewhere in DHCP vendor class identifier (option 60). Further, if DHCP is used and ACS obtained via DHCP is not reachable, TR-069 requires (MUST) to use DHCP inform to rediscover. DHCP inform is currently not supported in home gateway. Note: All Supported TR-069 parameters are described in document: HG1110 & HG1310 & HG1520 & HG1350 & HG1550 Series TR-069 Configuration Guide. See Release Notes for respective release for the correct document version.
2. Configuring Individual Gateways with a Web Browser

With only a few exceptions, most gateway parameters are configured automatically by downloading a provisioning file from the VCM. They can also be configured manually by logging onto the gateway with a web browser - a web server in the gateway provides the configuration pages. This chapter describes manual configuration via the local web pages. Note: The operator always retains the final authority over the web pages that are viewable/configurable by this method. This allows the operator to provide configurable accesses as service enhancements and also to control the amount of complexity left to the subscribers. The end users access rights to the web pages are controlled from VCM. Note: To reset the gateway to the original factory settings, use the reset button found inside a small opening next to the power switch. Push the reset button by using a thin pen, needle or similar object, until all LEDs are lit (approximately 15 seconds). Only the configuration parameters are affected by this reset. The software itself is not reset. (The gateway will NOT be restored to the production software.) All previously entered configuration data will be lost. This means the gateway will have to be configured again. Note: A basic range of parameters is also configurable by using an analog telephone and entering service codes. This option is provided for subscribers without access to a web browser. This method can be used to activate/deactivate basic services and/or establish the initial connection with the VCM server. See chapter 3 (Subscribers Configuration ). 2.1. Logging onto the gateway To use the web-based management functions, direct a web browser to the IP address of the gateway unit. You will be prompted for a user name and password to access the web-based manager. Note: Actual username and passwords are only visible in VCM 2.2. Login to gateway subscriber pages To enter the gateway configuration pages: Direct a web browser to: http://192.168.1.1 This is the default IP address of the web pages built into the gateway device.
20
21
The opening screen provides the limited options that are available without logging in: Language: Choose your language by clicking on one of the flags. Accounts: This is listing of accounts created on the gateway. No actions are available here. If the gateway is started for the first time there may be no accounts listed here. Login: This is the option for logging onto gateway configuration pages. Status: This is a quick view of the status of gateway connections (WAN / LAN), System uptime, and the software version being run on the gateway. No actions are available here. Wizard: The wizard option is for use in a semi-automatic provisioning scenario (see 1.3.2.2)
Access the rest of the configuration pages by logging on with one of the default name/password combinations below. Each logon role is permitted access to a certain range of configuration options. Three default user types are preconfigured: 1. User: Username: SIP Account Username (Normally Phone Number) Password: SIP Account Password Note: SIP accounts are mapped to User access level. They will see that other accounts exist, but won't be able to access them 2. Administrator: Username: admin Password: admin 3. Maintainer: Username: root Password: ********* (Not displayed in this document) By default: The maintainer has full access to all pages and services. By default, the administrator has access to all pages related to the configuration of gateway i.e. no pages allowing the upload of new SW, debug tools etc. The user has access to pages related to SIP accounts and phone services. Logging onto the gateway accesses any web pages that the provider has enabled for subscriber use. If the provider has not limited access in any way, all configuration pages in the gateway are available. Typically, access to gateway configuration pages is restricted to the parameters that are user-specific such as found on the Accounts and Phone web pages. See 4.7.2 for information on using the VCM to restrict access to gateway configuration pages. The user name admin and password admin are for a first-time setup. You should change them after you have verified that a connection can be established. The password can also be changed via the VCM (see 4.7.2).
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Logging in as Maintainer provides access to all pages and operations:
22
The gateway home page provides quick information about the gateway, its software version and its connection status. There are no operations available here. The top row tabs are the links to configuration pages for: Setup (see 0) configure provisioning, connections, LAN groups etc. VoIP (see 0) VoIP parameters Switch (see 2.5) - QoS, rate limit etc.
Advanced (see 2.6)- RIP, firewall, NAT, voice, UPnP, IGMP, Filters, LAN clients Wireless (see 2.10 ) WLAN configuration Tools (see 2.11) system commands and tests
Status (see 2.12) logs/statistics for connections and interfaces Account (see 3.2) user accounts and services Phone (see 3.3) map phones to VoIP accounts, group numbers, call barring etc. Storage (see ) Setup the USB HDD
Tests HW tests suite Help Provides information about home gateway functionality

2.2.1. Buttons Logout Save Settings Activate VoIP Settings
You are logged out from Web GUI All settings are stored in persistent memory i.e. settings still available after a reboot. VoIP related settings require that VoIP application are restarted, use this button instead of a more time consuming power off/on.
23
2.3. Setup page The Setup section allows you to configure access to your VCM provisioning server and configure connections and other basic settings. You can enter the address of a VCM server here or select to receive the address via DHCP. It provides links for configuring:
Provisioning Management Protocol i.e. chose which protocol to use for remote management. Management Server i.e. the auto-configuration server address Polling TR-069 LAN setup LAN Configuration Firewall/NAT Services WAN setup Modem (Only applicable for HG111x) Virtual Circuits (Only applicable for HG111x) Connections Cellular network
Note: To save all changed parameters permanently, pressSave Settingsbutton. See chapter 2.2.1 for more information
24
2.3.1. Set up provisioning Gateways are provisioned by contacting the VCM server and downloading the software and configuration files required for operation. In order to do so, the gateway must connect to the VCM. This connection can be configured in three ways: 1. Fetch the VCM IP address automatically from a DHCP server. This option is the preferred solution for ISPs that control IP address management and use DHCP. It is entirely Plug and Play. For details, see 1.3.1. 2. Manual configuration. The IP address of the VCM can be entered manually on this web page or with an analog phone. See 1.3.2. 2.3.1.1. Management Protocol Configure the home gateway to either use RECON (Tilgin proprietary) or TR-069
Any RECON TR-069
Any management protocol can be used Tilgin proprietary management protocol Standardized management protocol by Broad Band World Forum
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.3.1.2. Management Server Configure the VCM/ACS Address. See chapter 1.3 & 1.4
25
Acquire using DHCP VCM Code Hostname URL
The ACS/VCM address is obtained from DHCP Server automatically Pre-Defined Operator Code, 4 digits Specify IP Address or FQDN for VCM/ACS Specify TR-069 URL for VCM/ACS You can choose to use SSL (i.e. https://): https://<hostname>:<port>/<path> <path> is/tr-069/TR-069for VCM.
2.3.1.3. Polling Feature used for configuring how often the HG should contact the VCM and with what interval. This is vital when HG is behind NAT, since the VCM cant initiate SW or configuration updates. Enable Interval Reference Time Spread Range Turn ON/OFF the polling feature Specifies how often should HG contact VCM (in seconds) Specifies at what time during the day should contact be initiated (in seconds) starting from 00.00 (midnight) If a large population is deployed it is vital to spread the devices in time so that VCM arent overloaded Example: If Interval is 86400, Reference Time is 10800 and Spread Range 7200. All devices will randomly start polling between 01.00 am and 03.00 am each night.
Note: For proper use of polling the HG must be configured with NTP server in order to have correct time. 2.3.1.4. TR-069 This is used for configuration of TR-069 username and passwords (if defaults once are not to be used). CPE Username Password Connection Request URL Username
This is the Username for authentication of CPE in ACS. This is the Password for authentication of CPE in ACS.
URL is connection request URL to be used by TR-069 ACS to make connection request This is the Username for authentication of ACS in CPE when ACS sends
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Password
26
connection request. This is the Password for authentication of ACS in CPE when ACS sends connection request.
2.3.2. Set up the LAN LAN group management allows configuration of the bridging functionality of the Home Gateway. Each LAN group consists of ports and/or SSID. Bridging is between all of the ports in the LAN group and/or SSID. Each port and/or SSID may be added into the LAN group. If the port is added into a LAN group with a VLAN tag, only packets with the specified tag will be bridged. If the port is added into the LAN group as broadcast, all packets (tagged and untagged) are bridged. In this way, a single port may be added into each of several LAN groups with different VLAN tags or into one LAN group as broadcast. IP addresses may be associated with the LAN groups. Home Gateway may route between the LAN groups that these IP addresses represent. Home Gateway may also bridge between LAN groups and bridge connections or route between LAN groups and connections of other types.
The opening page for LAN group configuration provides the functions for creating a new group and a summary of parameter information on existing (available) LAN groups. Use the area under Ports to add or delete gateway ports from the group. Use the Delete check box to remove LAN ports from the group. Use the drop list to add ports. To edit the parameters for an existing LAN group, press View/edit all parameters. Note: If a LAN group is configured with VLAN ID, a SSID cant be associated with it. SSID can only be connected to LAN groups with empty VLAN ID. 2.3.3. Create a new LAN group To create a new LAN group: Enter a LAN group name Select an 802.1q priority for this group if VLAN is used.
27
Enter a description and click Create to configure the parameters for this LAN group (see 2.3.4)
28
2.3.4. Configure LAN groups Press the Add button or view/edit all parameters for an existing LAN Group to arrive at the configuration page for each LAN group.
Use this page to set up the router with either a static or dynamic (or none) IP address for this LAN group. You can also indicate if a DHCP server should be active and specify the range. Note: Dynamic clients show up in the list only when the DHCP server is running. Each LAN group can use any IP address scheme. You can also use the embedded DHCP server to provide IP settings for DHCP client stations on the LAN Group. The Ethernet IP address is listed in the top row of the menu. You can type in an IP address that fits within the existing IP scheme or use the default IP address 192.168.1.1 and subnet mask 255.255.255.0. When you have configured the LAN settings, click the Apply button to commit the new settings. Note: To save all changed parameters permanently, pressSave Settingsbutton. See chapter 2.2.1 for more information For PPP-Passthrough chose the WAN connection to be used (if any). Also Route to is used to specify
29
dedicated WAN Connection for this LAN group, but here another option exists and that is to specify service i.e. if Management, Voice or default connection should be used (rather than a specific connection). Then return to Setup/LAN configuration page for port configuration. 2.3.5. LAN Group Ports Management On the Setup/LAN configuration page, use the Add port fields to add a port into the LAN group. Choose the port from the list and enter a VLAN tag or leave the field empty if you intend this to be a broadcast port. Then click Apply. Note: WIFI ports (such as Tilgin-601 in the figure) cannot be added with non-empty VLAN tags.
2.3.6. Firewall / NAT services Enables or disables firewall / NAT services. These services include the stateful packet inspection (SPI) firewall and the packet filtering functions (see 2.7).
Note: The SPI firewall rule set is pre-defined and not configurable from the GUI. Please see chapter 6.1.1 for specifics on the SPI firewall rule set.
30
Note: When firewall is disabled, only routed/bridged traffic is allowed. Traffic for CPU is still blocked i.e. you cant access for example home gateway Web GUI from WAN port even though firewall disabled. 2.3.7. Setting up the WAN The gateway supports up to 8 virtual connections over the same physical WAN interface. Connections can be of various types depending on the protocols used. Note: When defining multiple connections for service separation, it is a requirement that the different connections belong to different sub-networks. 2.3.8. HG111x DSL parameters DSL parameters are generic regardless of which type of WAN connection used (DHCP, Static IP, PPPoE etc). The following are the protocol stacks for supported connections over ADSL:
2.3.8.1. Modem The Modem Setup menu is used to change the modulation type used for the ADSL interface. To change the modulation type, select it and then click Apply. ADSL G.dmt (ITU G.992.1) is an ITU standard for ADSL using discrete multi-tone modulation. G.DMT full-rate ADSL expands the usable bandwidth of existing copper telephone lines, delivering high-speed data communications at rates up to 8 Mbit/s downstream and 1 Mbit/s upstream. ADSL G.lite (ITU G.992.2) is an ITU standard for ADSL using discrete multi-tone modulation. It offers a maximum of 1.5 Mbit/s downstream, 512 kbit/s upstream and does not require the use of phone line splitters. ADSL G.dmt.bis ADSL re-adsl ADSL 2plus (ITU G.992.5) is an ITU standard that extends basic ADSL by doubling the number of downstream bits. Rates can be as high as 24 Mbit/s downstream and 1 Mbit/s upstream depending on the distance from the DSLAM to the customer's home. These data rates are typically attainable on loops shorter than 8,000 feet (2.4 kilometres). ADSL ANSI T1.413 defines the requirements for the single Asymmetric Digital Subscriber Line (ADSL) for the interface between the telecommunications network and the customer installation in terms of their interaction and electrical characteristics. ISDL SDSL MMODE (Multi-mode). By default, the gateway will automatically detect the modulation used. NO MODE 2.3.8.2. Virtual Circuits - ATM VC For each WAN connection a virtual circuit (PVC) must be assigned. Either creates a new virtual circuit of click on the name on an existing VC for view of all parameters
31
Enabled Connections Encapsulation
PVC Auto PVC Manual VPI VCI PDU
QoS
PCR SCR: MBS CDVT
Enable VC List of connections that uses this VC Protocols are encapsulated over AAL5 according to RFC 2684. It describes two mechanisms for multiplexing data over AAL5: LLC: Logical Link Control Logical Link Control encapsulation. The LLC Encapsulation method allows multiplexing of multiple protocols over a single ATM virtual connection (VC). The protocol type of each PDU is identified by a prefixed IEEE 802.2 Logical Link Control (LLC) header. This may permit devices to interoperate because it is a self-identifying protocol. VC: Virtual Circuit multiplexing. Virtual Circuit multiplexing. In the VC Multiplexing method, each ATM VC carries PDUs of exactly one protocol type. When multiple protocols need to be transported, there is a separate VC for each. VC multiplexing adds no overhead (implying better payload efficiency), while LLC multiplexing requires a link control header. PVC auto hunt is used. Searches after a valid PVC based on a search list Specify a fix PVC (VPI/VCI) Virtual Path Identifier Virtual Channel Identifier Bridged: An Ethernet Layer is used above ATM layer Routed: IP over ATM Note: This should not be mixed up with routed (DHCP, PPP etc) or bridge WAN connection ATM Quality of Service categories: CBR (Constant Bit Rate) VBR (real-time Variable Bit Rate) ABR (Arbitrary Bit Rate) UBR (Unspecified Bit Rate)] Peak Cell Rate: Only for CBR and VBR classes [Cells per second] Sustainable Cell Rate: Only for VBR class [cells per second] Maximum Burst Size: Only for VBR class [Cells] Cell Delay Variation Tolerance: Only for CBR and VBR classes [micro seconds]
2.3.9. IP allocation methods Different IP allocation methods are used for each connection type:
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide PPPoA PPPoE CLIP Bridge Static DHCP
32
Dynamic IP address allocation through PPP Dynamic IP address allocation through PPP The IP stack is configured as static IP over ATM The virtual connection is bridged to one or more LAN port(s) via the gateway router. The WAN side of the gateway router is configured with a static IP address The WAN side of the gateway router is configured with a dynamic IP address
For each HG111x connection correct PDU type must be used. 2.3.10. Subscriber authentication For PPP connections, subscriber authentication is provided by means of PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol). The choice of protocol is manually configurable but the default setting is that protocol selection is made automatically. 2.3.11. Setting up new connections To create a new connection: Open the Setup/Connections page. Enter a name and description for the new connection Choose connection type Click Create. You will be redirected to the configuration page appropriate to the chosen type of connection.
Each configured connection name will appear in the list on the Connections page. Edit connections by clicking on the name in the list Note: To save all changed parameters permanently, pressSave Settingsbutton. See chapter 2.2.1 for more information 2.3.12. Common WAN Connection Settings All connections, regardless of type, has the following parameters to be configured
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.3.12.1. General
33
Name Port (Info) Type (Info) Description Status (info)
Uptime (info) Enabled
Name of the connection Which physical port the connection is associated with. Normally WAN The connection type More in depth description of your choice GREEN LED indicates online RED LED indicates offline No color is not used How long the connection has been online IMPORTANT! Check the Enabled box to enable the connection.
2.3.12.2. ATM Virtual Circuit (Only applicable for HG111x)
Virtual circuit
Chose the virtual circuit to be used for the connection
34
2.3.12.3. Ethernet over ATM The concept of old sharing parameter has been replaced. The sharing parameter was previous used for allowing several WAN connections to use same PVC. This is now obsolete. First virtual circuits are created and each WAN connection simply chooses which virtual circuit to use. Shared or not is handled automatically by HG. But, if two or more WAN connections are going to share the same virtual circuit (PVC) and different MAC addresses must be used for each WAN connection, this parameter must be used. By default, MAC name is empty string. MAC name parameter has ATM VC scope. So, the same MAC name corresponds to different MAC address for different ATM VCs. MAC name must be used if different MAC addresses are required for connections over the same ATM VC. If one MAC address is OK, keep it empty. If the first pair of connections should use one MAC address and the second pair of connections should use another MAC address, MAC name may be kept empty for the first pair and specified the same (e.g. "test") for the second pair of connections.
MAC Address name:
Logical name for a MAC Address. Used internally as reference. The HG has several unique MAC Address in identity, solely Default: <empty>
2.3.12.4. Ethernet Interface
Priority bits: VLAN ID:
Define IEEE 802.1p Class of Service Define IEEE 802.1Q VLAN
2.3.12.5. Bridge
Enable None PPP Pass-through General LAN group
Activate this connection Normal configuration for a routed connection Use this connection for PPP pass through Assign this connection type to a selectable LAN group. By this you can dedicate a specific bridge connection to specific LAN port(s) and/or SSID.
2.3.12.6. Firewall and NAT All routed connections the following Firewall and NAT settings can be applied
Firewall NAT
Enable Firewall Enable NAT
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Clamp TCP MSS to path MTU DMZ host IP address
35
The connection can be associated with a DMZ (De-militarized Zone) host
2.3.13. WAN Connection types PPP connections. See 2.3.14 Bridged connections. See 2.3.15 DHCP connections. See 2.3.16 Static connections. See 2.3.17 CLIP connections. See 2.3.18
36
2.3.14. PPP connections PPP (Point-to-Point protocol) is a standard method of establishing a network connection/session between networked devices. Different forms of PPP, including PPPoA (PPP over ATM) and PPPoE (PPP over Ethernet), involve an authentication process that requires a username and password to gain access to the network. On the Connection page, name this virtual connection in the Name field. A short description of the connection can also be added. Choose the connection type from the scroll bar under Type: PPPoA as described in RFC 2364 is a method of using PPP on an ATM network. (Only applicable for HG111x) PPPoE as described in RFC 2516 is a method of using PPP over Ethernet networks.
PPP settings Username Password MRU
Maxfail Keepalive retry Keepalive intervall Access Concentrator Service Proxy ARP Persist On-Demand: Idle Timeout: Debug:
The username The password Maximum receive unit the connection can receive. It is a negotiated value that packets of no more than n bytes can be sent to the service provider. The PPPoE interface default MTU is 1492 (max) and PPPoA default MTU is 1500 (max). The minimum MTU value is 64. Terminate after n consecutive failed connection attempts. A value of 0 means no limit. The default value is 10. How many times to retry before considering connection dead Specifies the time between two Keepalive packets (Seconds)
to reconnect in case of connection drop Enable on-demand mode. The connection will disconnect if no activity is detected after the specified idle time-out value. Specifies that the connection should be disconnected if the link has no activity detected for n seconds. A non-zero value. Enables PPP connection debugging facilities.
37
2.3.15. Bridged connections Bridge means a pure bridged connection. This connection method makes the router act as a bridge, passing packets across the WAN port to a LAN Group (note that an IP address can be assigned to a bridge on the LAN Group configuration page, see 2.3.4). When the HG is used in this manner, it is necessary to install additional connection software on any computer, server or other IP hosts. All settings for a bridge connection is the same as in chapter 2.3.12
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.3.16. DHCP connections DHCP is used whenever an IP address is to be obtained dynamically.
38
Vendor ID Renew button Release button
Specify which Vendor ID to ne used by WAN DHCP Client Renew the IP configuration Release the IP configuration
2.3.17. Static connections A static connection is used whenever a known static IP is assigned. The accompanying information such as the subnet mask and the gateway should also be specified in order to be able to connect. Up to three Domain Name Server (DNS) addresses can also be specified.
IP Address Net Mask Gateway: DNS 1 to 3: Hostname Domain
The IP Address The netmask The Gateway DNS Server IP Addresss
2.3.18. CLIP: classic IP over ATM (Only applicable for HG111x) Currently not supported IP Address Net Mask ARP Server The IP Address The netmask
2.3.19. Internet access connecting over cellular network From release 02_02_01 and onwards a 3G USB Dongle can be connected to USB interface This allows internet access over the mobile network. The main purposes are: Use 3G as fallback if your ordinary broadband access is down for whatever reason Use 3G as primary access and by connecting dongle to HG, several clients can use the same modem (instead of one modem per PC) Note: Make sure that you are fully aware of the actual cost of using 3G WAN access, it can be rather expensive, especially if you are abroad
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.3.19.1. How to use 3G USB Dongle
39
Connect 3G USB Dongle (modem) to HG After a short while the modem will be detected and presented in the WebUI (Sometimes it takes 30-60 seconds in order to find operator)
On the Cellular network page, you must configure the following o Access point name (APN). This is unique for each operator + most likely several different APNs exists for each operator o Enable the cellular WAN connection o Decide if it should be the preferred connection for internet traffic Press Apply Wait for PPP connection to come up and obtain IP 2.3.19.2. Advanced settings for 3G USB Dongle Some SIM card might require PIN code. This can be configured under PIN Settings: view/edit Also, the operator can possibly be changed under Operator Settings: view/edit
40
2.4. Configuring VoIP In most deployments, the VCM server is used to automatically provision the complete suite of VoIP settings.
VoIP set up consists of configuring: Country-specific settings SIP, MGCP settings (depending on the call control protocol you are running) Dial plan NAT Codecs Services When you have configured changes to these parameters, put them into effect by clicking the Activate VoIP settings button. This restarts the VoIP module, not the gateway.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.4.1. Country-specific settings Select country-specific to configure country settings.
41
Country
Polarity reversal (only with SIP)
Save changes
Choose which country the analog interface impedance should match. In this way, the country standard tones, ring pattern, etc., are configured. To use the home gateway products together with analog pay-phones to offer IP telephony in phone booths and Internet cafs, use polarity reversal. If enabled, polarity reversal is performed for the calling party A, on the analog interface in the case of a call setup (called party B answers the call) and call release (A or B hangs up). Click here to write these changes to persistent memory.
Note: Save Changes does not restart the VoIP application. Press Activate VoIP settings button.
42
2.4.2. SIP settings The gateway is able to support any of the two main signaling protocols but a gateway can only run one at a time, the choice is made when the system is ordered and installed. The choice of call control protocol is not a selectable option. The software for a protocol is delivered as a separate part of the software package, and for each protocol there will be a distinct set of configuration parameters.
Transport Protocol Port Configuration Note: When configuring a LAN PC as DMZ (2.7.4.1), RTP media ports must be configured to 10000-10007 and cant be used by LAN PC. Also, TCP port 10127 is reserved internally unless different connections are used for VoIP and Management DTMF Outband RFC2976 DTMF generation. Note: Selecting this option will disable RFC 2833. RFC 2833 (end of tone retransmission):
UDP or TCP SIP Port (Optional, Default 5060) Set RTP Port Range
(On/Off) No Retransmission One Retransmission Two Retransmissions Three Retransmissions On/Off On/Off
SIP Telephone Syntax (RFC2806) Network Number Analysis
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.4.3. Dial plan Select the Dial Plan page to configure the dial plan for your area. Note: this dial plan section is not applicable to MGCP-based VoIP.
43
Dial plans are configured with regular expressions. Please see chapter 7 for information on the use of regular expressions.
44
2.4.4. Configuring Codecs This section configures the codecs supported by SIP. These are the codecs the gateway offers to the calling/called party at connection of a call. They differ according to the protocol you are running. Codecs can be enabled/disabled and be given a priority to indicate the preferred order of use. The preferred packet size and the maximum packet size of the media packets can also be set. The DTX function can be enabled/disabled for each supported codec. The distinction between preferred and maximum packet size is as follows: When the packet size of the media session is negotiated between the peers, the maximum size is used to indicate the largest packet size the gateway can receive. The preferred size is used to indicate the packet size that is preferred (for bandwidth or for round trip delay reasons). The maximum packet size must be greater than or equal to the preferred packet size. The size unit is in milliseconds for G711 and G726, frames per packet for the rest of the codecs. The supported codecs depend on the software release in use. At a minimum, ITU-T G.711 A-law and -law are supported for the 64 kbit/s rate. In addition, the T38 protocol for faxes and Echo cancellation can be enabled /disabled here. Note: The gateway will accept any packet size less than or equal to the maximum size and it will send with the preferred packet size if this is smaller than the peers max imum packet size.
Note: With our implementation we support the following frame length for the different codecs: Packet Time Configurations Each codec has a "natural" minimum packet time. The configured encoder packet time may only be an integer multiple of this natural packet time. The "natural" packet time for the sample based codecs G.711, G.726, G.722 and the linear codecs is defined to be 10 ms. Because the 16 bit linear codecs consume more buffer memory and are mainly implemented for test purposes, the packet size for those codecs is limited to 10 ms. The Table below provides an overview about the allowed encoder packet time and redundancy configurations *). Encoder packet time Codec 10 ms 20 ms 30 ms 40 ms 60 ms G.711 Yes (2) Yes (2) Yes (1) Yes Yes G.726 Yes (2) Yes (2) Yes (1) Yes Yes
45
G.729A Yes (2) Yes (2) Yes (1) Yes Yes G.723.1 No No Yes (1) No Yes AMR **) No Yes (2) No Yes Yes iLBC 13.3 kb/s No No Yes (1) No Yes ilBC 15.2 kb/s No Yes (2) No Yes Yes G.722 Yes (2) Yes (2) Yes (1) Yes Yes G.722.1 No Yes (2) No Yes Yes Linear 8 kHz Yes Yes Yes No No Linear 16 kHz Yes No No No No *) The maximum supported redundancy level according to RFC 2198 is given in brackets: ( x ). If no value in brackets is given, redundancy is not supported. **) AMR supports redundancy according to RFC 2198 or RFC 3267.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide G711 A codec options enables the ITU-T G.711 A-law codec for 64 kbit/s rate G711 A 64kb Default: on Controlled from: Web, VCM G711 A 64kb Prioritizes the ITU-T G.711 A-law codec for 64 kbit/s rate with priority respect to the other enabled codecs. Default: 1 Controlled from: Web, VCM The priority value must be unique within the set of enabled codecs. G711 A 64kb preferred 2.4.5.
46
Sets the preferred amount of data contained in one media packet sent from the gateway. Default: 30 Controlled from: Web, VCM Unit = milliseconds. The value must be less than or equal to the corresponding parameter G711 A 64kb Max. Sets the maximum amount of data contained in one media packet the gateway is willing to receive from the peer. Default: 60 Controlled from: Web, VCM Unit = milliseconds. The value must be greater than or equal to the corresponding parameter G711 A 64kb Preferred. Enables the discontinuous transmission function (DTX) for the associated codec. Default: off Controlled from: Web, VCM
G711 A 64kb max
G711 A 64kb DTX
2.4.6. G711 64kb G711 64kb Priority
G711 codec options Enables the ITU-T G.711 -law codec for 64 kbit/s rate. Default: On Controlled from: Web, VCM Prioritizes the ITU-T G.711 -law codec for 64 kbit/s rate with respect to the other enabled codecs. Default: 2 Controlled from: Web, VCM Sets the preferred amount of data contained in one media packet sent from the gateway. Default: 30 Controlled from: Web, VCM Unit = milliseconds. The value must be less than or equal to the corresponding parameter G711 64kb Max. G711 64kb Max sets the maximum amount of data contained in one media packet the gateway is willing to receive from the peer. Default: 60 Controlled from: Web, VCM Unit = milliseconds. The value must be greater than or equal to the corresponding parameter G711 64kb Preferred.
G711 64kb Preferred
G711 64kb max
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide G711 64kb DTX Enables the discontinuous transmission function (DTX) for the associated codec. Default: off Controlled from: Web, VCM
47
2.4.7. G723 G723 Priority
G723 codec options Enables the ITU-T G.723 codec. Default: off Controlled from: Web, VCM Prioritizes the ITU-T G.723 codec with respect to the other enabled codecs. Default: 3 Controlled from: Web, VCM The prioritization parameter must be unique within the set of enabled codecs. Sets the preferred amount of data contained in one media packet sent from the gateway. Default: 1 Controlled from: Web, VCM Unit = G.723 frames The value must be less than or equal to the corresponding parameter G723 Max. One G723 frame corresponds to 30ms of speech. Sets the maximum amount of data contained in one media packet the gateway is willing to receive from the peer. Default: 2 Controlled from: Web, VCM Unit = G.723 frames The value must be greater than or equal to the corresponding parameter G723 Preferred. Enables the discontinuous transmission function (DTX) for the associated G723 codec. Default: off Controlled from: Web, VCM
G723 Preferred
G723 Max
G723 DTX
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.4.8. G729 G729 Priority G729 codec options Enables the ITU-T G.729 codec. Default: off Controlled from: Web, VCM Prioritizes the ITU-T G.729 codec with respect to the other enabled codecs. Default: 4 Controlled from: Web, VCM The prioritization parameter must be unique within the set of enabled codecs. G729 Preferred Sets the preferred amount of data contained in one media packet sent from the gateway.
48
Default: 3 Controlled from: Web, VCM Unit = G.729 frames The value must be less than or equal to the corresponding parameter G729 Max. One G729 frame corresponds to 10ms of speech.

G729 Max
Sets the maximum amount of data contained in one media packet the gateway is willing to receive from the peer. Default: 6 Controlled from: Web, VCM Unit = G.729 frames The value must be greater than or equal to the corresponding parameter G729 Preferred. G729 DTX enables the discontinuous transmission function (DTX) for the associated G729 codec. Default: off Controlled from: Web, VCM
DTX
2.4.9. G726-32
G726-32 options enables the ITU-T G.726-32 codecs Default: off Controlled from: Web, VCM Prioritizes the ITU-T G726-32 codecs with respect to the other enabled codecs. Default: 6 Controlled from: Web, VCM The prioritization parameter must be unique within the set of enabled codecs.
G726-32 Priority
G726-32 Preferred
Sets the preferred amount of data contained in one media packet sent from the gateway. Default: 30 Controlled from: Web, VCM Unit = milliseconds. The value must be less than or equal to the corresponding parameter G726-32Max.

HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide G726-32 Max Sets the maximum amount of data contained in one media packet the gateway is willing to receive from the peer. Default: 60 Controlled from: Web, VCM Unit = milliseconds. The value must be greater than or equal to the corresponding parameter G726-32 Preferred. G726-32 DTX enables the discontinuous transmission function (DTX) for the associated G726-32 codec. Default: off Controlled from: Web, VCM
49
DTX
2.4.10. Clearmode options enables Clearmode Default: on Clearmode Controlled from: Web, VCM Clearmode Priority Prioritizes Clearmode with respect to the other enabled codecs. Default: 5 Controlled from: Web, VCM The prioritization parameter must be unique within the set of enabled codecs. Clearmode Preferred Sets the preferred amount of data contained in one media packet sent from the gateway. Default: 30 Controlled from: Web, VCM Unit = milliseconds The value must be less than or equal to the corresponding parameter Clearmode Max.

Clearmode Max
Sets the maximum amount of data contained in one media packet the gateway is willing to receive from the peer. Default: 60 Controlled from: Web, VCM Unit = Clearmode frames The value must be greater than or equal to the corresponding parameter Clearmode Preferred. Clearmode DTX enables the discontinuous transmission function (DTX) for the associated Clearmode. Default: off Controlled from: Web, VCM
Clearmode DTX
2.4.11. iLBC options enables the Global IP Solutions iLBC codec iLBC (internet Default: off Low Bit Rate Controlled from: Web, VCM Codec iLBC Priority prioritizes the iLBC codec with respect to the other enabled codecs. Default: 7 Controlled from: Web, VCM
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide The prioritization parameter must be unique within the set of enabled codecs. iLBC Preferred Sets the preferred amount of data contained in one media packet sent from the gateway.
50
Default: 2 Controlled from: Web, VCM Unit = iLBC frames The value must be less than or equal to the corresponding parameter iLBC Max. One iLBC frame corresponds to 30ms of speech (13, 33 kbps) or 20 ms of speech (15,20 kbps).

iLBC Max
Sets the maximum amount of data contained in one media packet the gateway is willing to receive from the peer. Default: 3 Controlled from: Web, VCM Unit = iLBC frames The value must be greater than or equal to the corresponding parameter iLBC Preferred. iLBC DTX enables the discontinuous transmission function (DTX) for the associated iLBC codec. Default: off Controlled from: Web, VCM
iLBC DTX
2.4.12. T38 facsimile protocol Enable/disable Default: on T38 facsimile Controlled from: Web, VCM Note: T38 is currently only supported by HG111x 2.4.13. Echo Cancellation Enable/disable echo cancellation Default: on Controlled from: Web, VCM
51
2.4.14. Services Caller ID Caller ID function can be configured for several different standards. The relevant parameters can be found on the Configuration web page / Enable services of the web interface.
DTMF
DTMF Controls whether the method of producing the caller ID on the analog interface should be with DTMF tones.
Default: Off
DTMF Standards
Choose according to the standard (and Country) your caller ID equipment supports.
Default: ETSI, EN 300 659-1 (Sweden)
FSK
FSK Determines whether to use FSK modulation technology to produce caller ID on the analog interface.
Default: Off
FSK Standards:
Choose according to the standard (and Country) your caller ID equipment supports.
Default: ETSI, Europe
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.5. Configuring the Switch Settings
52
This section explains the configuration of:

Physical Interface Rate Limiting Storm Protection
2.5.1. Physical link The following parameters can be configured for each LAN port individually: Auto Negotiation Full or Half duplex 100Mb or 10Mb Note: If auto negotiation is enabled, you can configure what to advertise.
53
2.5.2. Rate Limit Sets the port maximum throughput. Each port can be rate limited for incoming and outgoing packets independently.
Rate Limit
The rate limit can be specified in 8 absolute values. Example: if the rate is set to 128 Kbps, the throughput will be 128 Kbps. Default: Full Rate Controlled from: Web, VCM
2.5.3. Storm Protection Each port can be broadcast-storm protected. Multicast storm protection can also be enabled.
Enable broadcast storm protection for ingress packets.
Enable multicast storm protection for ingress packets.
Enable/ disable Default: On Controlled from: Web, from VCM not supported, yet. Enable/ disable Default: On Controlled from: Web, from VCM not supported, yet.

HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.6. Advanced Configuration
54
This section explains configuration of the following features: Service Separation (see 2.6.1) UPnP (see 2.6.2) IP QoS (see 2.6.3) RTSP Proxy (see 2.6.4 Multicast (see 2.6.4) Static Routing (see 2.6.6) Dynamic Routing (see 2.6.7) Templates (see 2.7.2) Port Forwarding (see 2.7.2 ) IP Filters (see 2.7.5)
Bridge Filters (see 2.7.7) Access Control (see 2.7.9) LAN Clients (see 2.8.1) LAN Group Isolation (see 2.8) Packet Processing (see ) Mac address cloning (see 2.9) Dynamic DNS (see 2.9.3) SNTP (see 2.9.3) SNMP (see 2.9.3)
Note: To save all changed parameters permanently, pressSave Settingsbutton. See chapter 2.2.1 for more information
55
2.6.1. Service Separation Service separation allows different routing for different traffic flows. This is done based on connections i.e. you can specify connection to be used for the particular traffic flow. Open the Advanced/Service separation page. For each of the pre-defined traffic flows: Default routing - internet traffic; Device management - VCM and SNMP traffic; Voice transfer - VoIP traffic choose the connection(s) to use from the list of all available connections. You can select Don't use or one of 5 priorities. Note: RTSP can IGMP will use the connection configured for respective service. Connections with smallest priority are used if enabled. When the connection becomes disabled, the connection with the next priority is used. Switching between the connections is automatic when the connections operational state is changed. Status of the connections is indicated by LEDs: green (online) or red (offline). The connection in current use is indicated by a green led in the Current column. Connections with a yellow indicator may be used but are not used due to priority settings. Connections with a red indicator cannot be used due their status or if the Don't Use option is selected.
56
2.6.2. UPnP Universal Plug and Play NAT and Firewall Traversal allow traffic to pass-through the router for applications using the UPnP protocol. Select the WAN connection and the LAN connection using UPnP. This feature requires one active DSL connection. In presence of multiple ADSL connections, select the one over which the incoming traffic will be present. For example, the default Internet connection.
2.6.3. IP QoS The IP QoS area is reserved for new QoS methods expected in the nearest upgrade release. 2.6.4. RTSP Proxy For VoD RTSP protocol can be used
Chose the connection that RTSP should run over
57
2.6.5. Multicast Configure IGMP multicast for selected connection. The gateway proxies the IGMP packets for applications that are using IGMP for accessing multicast video content. The IGMP proxy snoops the query, join and leave commands. Note: Currently only IGMPv1 and v2 are supported. IGMPv3 will be supported in future SW Release On a join, the proxy sets up a multicast route for the interface and device requesting the video content. It then forwards the join to the upstream multicast router. The multicast IP traffic will then only be forwarded to the requesting device. Multicast traffic does not pass through the firewall or through NAT. On a leave, the proxy removes the route and then forwards the leave to the upstream multicast router.
Enabling/Disabling Mode
WAN connection that IGMP should use.
Routing via CPU
Fast Leave
Default Disabled IGMP Proxy for Routed connections: IGMP proxy tracks Joins/Leaves and configures switch properly. Multicast Acceleration for bridge connections: Hardware switch itself tracks Joins/Leaves and does not send multicast flows to "not joined" ports. Select connection: Any of configured connections Enabled/Disabled Enables/disables cross-VLAN forwarding of multicast flows through hardware switch. Disabled: IGMP proxy adds cross-VLAN MAC entry for each flow. Enabled: IGMP proxy configures Linux multicast routing rules. Switch is configured as well, but rather to exclude "not joined" LAN ports than to pass traffic through the switch directly. Default: Disabled Enabled/Disabled Disabled: Proxy does not remove group even if all hosts have sent Leave. It sends group-specific Query instead and waits some time for Joins. If no Joins are received it sends the Leave upstream and removes the group. Enabled, group is removed immediately on receiving of Leave from the last host and the Leave is passed

58
Enable Send Leave
Multicast Group lifetime on HG
upstream. Default: Disabled Enabled/Disabled Unconditional sending of Leave after group timeout. Every time when IGMP proxy receives Join the timer with multicast group lifetime timeout is restarted. If timer expires the group is removed, switch configuration for it is cleaned up and Leave if sent (only if "send leave" is enabled). After this time group is removed unless Join from LAN is received. Frequency of group-specific Queries is calculated from this value (now it's timeout /4).
Note: For more information about provisioning of STB behind HG, see chapter 4.15.2.2
2.6.6. Static Routing Use this page for configuring static routes over WAN connections.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.6.7. Dynamic Routing
59
Use this page to: Enable RIP Select RIP protocols: Default Metric Press Add Tx Ver 1 2 1&2 Passive 1 2 1&2 None password password Enable /disable RIP RIP v1 RIP v2 - Metric
RX Ver
Authentication Password
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.7. Firewall and Filters Stateful Inspection Firewall (see 2.7.1) Templates (see 2.7.2) Port Forwarding (see 2.7.2) IP Filters (see 2.7.5) Bridge Filters (see 2.7.7) Access Control (see 2.7.9)
60
Note: Stateful inspection and packet filtering functions can be enabled/disabled as a single service from the Setup page (see 2.3.5). This allows an operator to provide differentiated service levels with varying firewall functionality and still be able to enable/disable the entire firewall profile from a single checkbox. 2.7.1. Stateful Packet Inspection Firewall The Stateful Packet Inspection firewall is pre-set. It is non-configurable from the GUI. For specifics on the pre-defined rule-set, please see (6). 2.7.2. Tunneling Protocols The following protocols can be tunneled through the Home Gateway. - L2TP - PPTP - GRE - MPLS - IPSec
2.7.3. Templates Several different pre-defined templates exists for Port Forwarding, like VNC, Netmeeting, games etc Each template is categorized in Application, Audio/Video, Games, and Servers. The user can also define its own category in New category. The pre-defined templates can be modified by clicking on respective link.
61
The user can define their own template by first adding the new template name, then clicking on the name. Each Template consists of a number of parameters, mainly which ports to be used.
62
2.7.4. Port Forwarding Port Forwarding creates a tunnel through a firewall, so that Internet users can access a service running on one of the computers on your LAN, for example, a Web server, an FTP or SSH server, or other services. From the outside user's point of view, it looks like the service is running on the firewall. Use the Port Forwarding page to give Internet access to local services (for example web hosting or game hosting.
63
To configure a service, game or other application, select the external connection (the Internet connection), select the computer hosting the service and add the corresponding firewall rule. You can also add/edit/delete rules without using the pre-defined firewall policy database/templates (games, services, etc.). Go to Custom forwarding at the bottom of the page, clicks apply and fill in the IP address, port, protocols and description for the application. 2.7.4.1. DMZ For each connection a Host IP address (LAN Client) can be specified as DMZ.
64
2.7.5. IP Filters This firewall feature allows you to block network access based on the IP address of users computer.
Use this page to block specific traffic (for example to block web access) or any traffic from a computer on the local network. To configure an IP Filter rule, select the computer's IP address and add the corresponding firewall traffic definition from the firewall policy database/template, all traffic, and ping or create custom filters.
65
2.7.6. Custom rules You can also add/edit/delete IP filter rules without using the pre-defined firewall policy database (games, services, etc.). Go to Block with Custom Rules at the bottom of page, add name of rule and click Apply to access this type of interface.
2.7.7. Bridge Filters The bridge filtering mechanism is a way for users to define rules to allow/deny frames through the bridge based on source MAC address, destination MAC address or frame type.
When bridge filtering is enabled, frames are examined against each defined filter rule sequentially. When a match is found, the appropriate filtering action is taken (i.e. allow or deny). Note: the bridge filter will only examine frames from interfaces that are part of the bridge itself.
66
2.7.8. Editing/adding bridge filter rules Up to twenty filter rules are supported with bridge filtering. To add a rule, map the source MAC address, destination MAC address and frame type to the filtering type (allow/deny) and press the Add button. The MAC address must be in xx-xx-xx-xx-xx-xx format, with 00-00-00-00-00-00 taken as don't care. Blanks can also be used in the MAC address space; they are taken as don't care. To edit/modify an existing filter rule, select the rule from Add in the Edit select box. The selected filter rule will appear on the top section. Make your changes to the MAC address, frame type and/or access type, and press Apply. To delete filter rule(s), select the filter rule entry in the Delete selection box. Multiple deletions are supported. When all the filter rules are selected for deletion, press the Apply button. The Select All select box can also be used to delete all the filter rules. The Enable Bridge Filters button allows the user to enable or disable bridge filtering. It can be set/unset during any add/edit/delete operation. It can also be set/unset independently by pressing the Apply button. Note: There are three hidden filter rules within the bridge filter table that are entered automatically by the system to ensure that users do not lock themselves out:

Allow any and all ARP frames. Allows all IPv4 frames with the destination MAC address of the bridge. Allow all IPv4 frames with the source MAC address of the bridge.
2.7.9. Access Controls This section allows end user to configure if any IP addresses should have access to the home gateway via various protocols/services.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.8. LAN Settings 2.8.1. Add LAN clients To add LAN clients click the LAN Clients button.
67
2.8.2. LAN Group Isolation Use this area to disable traffic between configured LAN groups.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.9. Miscellaneous
68
2.9.1. Packet Processing (Only applicable for HG1310&HG1520) The HW has support for packet acceleration. Enabling this allows the HG to route packets at wirespeed. 2.9.2. Mac Address Cloning MAC address cloning is a common routing feature used to substitute the MAC address seen by the service provider. If, for example, a service provider has registered the MAC address of a subscribers PC, placing a gateway between the access network and the PC will present the gateways MAC address instead and it will be denied a connection. In order to avoid re-configuring the service account, the gateway can be configured to present the PCs MAC address to the outside world instead of the gateways. Select from three options for the MAC address to present:
Factory setting LAN Clients Custom
This is the MAC address of the gateway device. This choice offers a selection from LAN devices that the gateway can see. Use this field to enter a choice not seen by the gateway.
69
2.9.3. Dyn DNS Dynamic DNS must be used when you want to access your HG or home network (PC) all time. Since your WAN IP address might change over time, you can assign a hostname which is always updated with current IP Address. Hence you can always access your HG with that hostname and with help of port fwd rules even your home network.
Hostname Connection Server Port Username Password
Your name for the HG Chose which WAN connection to use and by that IP address Either a well known Dyn DNS server can be used or a custom one, Port to be used for accessing Dyn DNS server Username for Authentication towards Dyn DNS server Password for Authentication towards Dyn DNS server
70
2.9.4. SNTP The gateway supports SNTP client functionality in compliance with IETF RFC 2030. The system clock time in the gateway can be configured by an SNTP client functioning in daemon mode. The SNTP client periodically sends requests to the configured NTP server.
The gateway can be configured with the SNTP server addresses in several ways: Manual configuration at the customer premises by the end-user By the operator using the VCM By means of DHCP at boot time 2.9.5. SNMP Simple network management protocol (SNMP) is a troubleshooting and management protocol that uses the UDP protocol on port 161 to communicate between clients and servers. SNMP uses a Manager- Management information base (MIB)-Agent solution to execute network management functions. The manager is a separate station that can request data from an SNMP agent, which resides in each modem on the network. The agent uses the MIBs as dictionaries of manageable objects. The SNMP agent supports GET, SET, GETNEXT, and TRAP for four groups with MIB-II: System, Interface, IP, and ICMP. The SNMP agents support three community names authentication. Trap is an event notification. There are four standard traps supported in the RG: WarmStartTrap LinkUpTrap LinkDownTrap AuthenticationFailureTrap Note: SET write access is prohibit due to security reasons Linux interfaces are showed (because default MIB support provided with SNMP agent is used). Status and some statistics of the interface is provided (see ifTable in RFC 1213). SNMP MIBs operates in terms of low-level objects.
71
2.9.5.1. SNMP Version support Currently SNMPv1 and SNMPv2 are supported. SNMPv3 can easily be added since it has been removed due to memory saving purposes.
Enable SNMP Agent SysName SysDescription SysLocation SysContact Community
The SNMP agent is enabled by default. An administratively-assigned name for the gateway. Device information and Software version The physical location of the gateway. Contact person and/or contact information for the gateway. Community is a relationship between an SNMP agent and one or more SNMP managers. Once the clear-text community name corresponds to a community known to the receiving SNMP entity, the sending SNMP entity is considered to be authenticated as a member of that community and is granted different levels of access (read-only or read-write). The combination of community access mode and a MIB-managed project defines the community profile for each object. The community profile defines the operations that can be applied to the object. In the gateway, a default community name of public with access mode of read-only is created in the configuration file. It allows a GET or a GETNEXT operation to all objects with access rights of READ-ONLY and READ-WRITE in the MIB. Enable SNMP Traps (SNMP traps are enabled to send by default.) Destination IP address of the trap. Traps can be sent to three different destinations. Community name of the trap. Two trap versions/formats are supported: SNMP v1 SNMP v2c
Enable SNMP Traps Trap Destination IP Trap Community Trap Version
72
2.10. Configuring Wireless Settings Wireless network settings for the router are configured here. Use this area to enable wireless operation and configure wireless LAN operation including the SSID and Channel. Physical setup Wireless Protected Setup (WPS) SSID configuration, security, associated clients, access list Choose your SSID in the left upper corner and press Go. Four simultaneous SSID are supported. 32 clients can be associated with one SSID. Note: To save changed parameters permanently, go to Tools/Configuration/Save Configuration. 2.10.1. Physical Setup Use this page to create new SSIDs or modify existing SSIDs. A service set identifier (SSID) defines a separate WLAN. It is a code attached to all packets on a wireless network to identify each packet as part of that network. The code consists of a string of 1-32 octets (usually represented as case sensitive alphanumeric characters). All wireless devices must share the same SSID to communicate with each other. An SSID also serves to uniquely identify a group of wireless network devices used in a given Service Set. Note: Currently four simultaneous SSIDs are supported SSIDs can be configured from a remote VCM or locally via gateway web pages. Note: One SSID is set by default. It is either a: - Random string located on label at the bottom or - Generically named per product model: Gateway model Tilgin HG131xx/Hg152x OR Tilgin HG1311i Tilgin HG1311 Tilgin HG1312 Tilgin HG1521 Tilgin HG1522 Tilgin HG1523 Tilgin HG1524 Tilgin-601 Tilgin-602 Tilgin-603 Tilgin-604 Tilgin-605 Tilgin-606 Tilgin-607 Default SSID Tilgin-a1xbr83hsnwh
WPA encryption is enabled by default. WPA Password is home gateway unique and located on home gateway label at the bottom.
73
Create a new SSID either by modifying existing SSID or simply create a new. Note: For HG111x only one SSID can be visible at the same time. So even though several SSIDs are configured as non-hidden only one will be seen during wireless scanning. This is due to HW limitations.
2.10.1.1. Access Point in range The HG can scan the wireless environment i.e. list existing Acees Points, which channel being used and the quality. By this you can see which channel that is the best to use (channel with less users). Also a quality value is presented. The Quality exported by HG is a relative percentage value that is cur_qual/max_qual. More information can be found regarding reporting of quality from the WiFi driver (http://www.opensubscriber.com/message/netdev@oss.sgi.com/620648.html) "The 'qual' fields are method independent, and are specified as follows: max_qual.qual: (range is 0 -> 255) upper bound of subjective quality levels. Other .qual fields MUST be less than this number. qual.qual: (range is 0 -> max_qual.qual) Quality of the received packet as determined by the driver. The only restriction is that user applications MUST be able to derive a percentage value by doing the following calculation: percent = 100 * (qual.qual / max_qual.qual)" I.e. this percentage is exactly what HG report. There is also another way of reporting quality - Signal and Noise levels in dBms, but it is not exported to Web GUI.
2.10.2. WPS setup Wi-Fi Protected Setup (WPS) is a standard created by the Wi-Fi Alliance to make it easy to set up a secure wireless home network. Tilgin gateways support 2 WPS methods for a user to add new devices to the network:

PIN Method, in which a PIN is read from a sticker on the new device. PBC Method, in which the user pushes a button, either an actual or virtual one, on both the gateway and the new wireless device.
74
Select method
PIN
WPS interface
PBC - Push button on front - Push button Web GUI PIN Enter/set the PIN code
Existing SSID None Auto
2.10.3. SSID Configuration By clicking on a SSID name or choosing one in the top left scroll down menu will give you access to the advanced access point parameters.
Hidden
Beacon Period RTS (Request to Send) packet size threshold
Enables/disables the hidden SSID feature. When hidden SSID is enabled, the SSID is removed from the beacon frames the AP transmits and the AP will not be seen by any other station. The time between consecutive beacons. Beacons are packets sent by an Access Point to synchronize a wireless network. A node wishing to send data initiates the process by sending an RTS frame. Packet size threshold is 0-2347 Off by default (threshold >=2347) A countdown mechanism for WLAN Access Points. Informs clients of the next window for listening to broadcast and multicast messages. When the Access Point has buffered broadcast or multicast messages for associated clients, it sends the next DTIM with a DTIM Interval value. Access Point clients hear the beacons and awaken to receive the broadcast and
DTIM period (Delivery Traffic Indication Message).
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Frag threshold
75
multicast messages. The minimum length of a frame that will be fragmented. The default value is 2346. However, when 4x is enabled on the Setup page (see 2.10.1), the fragmentation threshold value changes to 4096.
Note: For HG111x only one SSID can be visible at the same time. So even though several SSIDs are configured as non-hidden only one will be seen during wireless scanning. This is due to HW limitations.
76
2.10.4. SSID Security Wireless security parameters. Selecting a security protocol allows stations enabled for that protocol to connect to the access point. A station enabled for WEP security (for example) can connect to the access point if the WEP option is selected here.
Secure Setup Two scenarios exist with regard to the default WiFi connection status: the connection is OFF by default or ON by default. If the WiFi connection is turned OFF by default: At first provisioning, the WLAN access point can be enabled and configured from a central VCM with regard to WEP or WPA encryption keys and SSIDs. If encryption is enabled, a pre-shared key (PSK) can be configured either locally via the gateway web pages or remotely from an Auto-Configuration Server (VCM). If no PSK is configured in the VCM, the end user must use the last 13 characters of the key printed on the gateway label. Note: If the access point is already enabled, it cannot be provisioned from the VCM. In this case, no configuration from VCM will change the access point as the end user may have his/her own key and SSID settings. If the WiFi connection is ON by default: If service provider chooses to activate the WiFi connection by default, the connection is encrypted with a 128 bit WPA key. The PSK is the last 13 characters of the key printed on the gateway label. The end user uses this key to access the encrypted connection via the PC configuration set-up.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide To select a security level locally (not via configuration server): Select a security level Select: None WEP (2.10.4.1) WPA (2.10.4.2) WPA2 i.e. 802.1x (2.10.4.2) WPA/WPA2
77
Note: Different WEP keys cannot be assigned to more than one SSID i.e. same WEP Key will be used for all SSIDs.
2.10.4.1. WEP WEP is a security protocol for WLAN. WEP provides security by encrypting the data that is sent over the WLAN. The gateway supports three levels of WEP encryption: 64-bit encryption 128-bit encryption 256-bit encryption With WEP, the receiving station must use the same key for decryption. Each radio Network Interface Card (NIC) and AP, therefore, must be manually configured with the same key. WEP is disabled by default. Select a WEP authentication type Select: Open. (default): In open-system authentication, the access point accepts any station without verifying its identify. Shared. Shared-key authentication requires a shared key (WEP encryption key) be distributed to the stations before attempting authentication. Open and shared. If both are selected, the access point will perform shared-key authentication, then open-system authentication. Select a cipher size Enter 10, 26, or 32 hexadecimal digits for 64, 128 or 256 bit cipher respectively.
Encryption key
78
2.10.4.2. WPA/WPA2 WPA is a security protocol for WLAN. WPA uses a sophisticated key hierarchy that generates new encryption keys each time a mobile device establishes itself with an AP. Protocols including 802.1X, EAP, and RADIUS are used for strong authentication. Like WEP, keys can still be entered manually (pre-shared keys); however, using a RADIUS authentication server provides automatic key generation and enterprisewide authentication. WPA uses temporal key integrity protocol (TKIP) for data encryption. WPA2, also known as 802.11i, uses advanced encryption standard counter mode CBC-MAC protocol (AES-CCMP) for data encryption. The algorithm to use (CCMP, TKIP or TKIP/CCMP), is selectable in the Encryption Algorithm field.
Group Re-key Interval Pre-shared Key (PSK)
Passphrase text
This value is measured in seconds. Enter 64 hexadecimal digits. When selected, the WPA stations do not authenticate with the RADIUS server using EAP-TLS they share a pre-shared secret with the AP instead (ASCII format). You can enter 8 - 63 alpha-numeric characters in this field.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.11. Tools
79
Use the Tools section for: Upload toolset (Software). (See 2.11.1) Administrator Account Settings. (See 2.11.2) Maintainer Account Settings. (See 2.11.3) Diagnostics. (See 2.11.4) MIT dump. (See 2.11.5) VoIP Debug. (See 2.11.6) Restart System. (See 2.11.7) Console and Configuration & Resource Manager. (See 2.11.8)
Ping Tool. (See 2.11.9) Sniffer Tool. (See ) Transfer. (See ) Backup/Restore Configuration. (See 0) Restore Defaults (Factory Reset). (See 0)
80
2.11.1. Upload toolset This is used for uploading new identities, factory configurations and software. For identity and factory configuration upload only one file at the time. For Software images both files must be uploaded at the same time.
Note: Upload of new SW might fail due to memory constraints; hence VCM should be used if possible. 2.11.2. Administrator account Change the password for Administrator (admin) account 2.11.3. Maintainer account Change the password for Maintainer (root) account 2.11.4. Diagnostics Whenever an error is discovered this file must be stored and attached to the error description report.
Note: IT IS VERY IMPORTANT THAT THIS DIAGNOSTIC FILE IS SENT TO TILGIN FOR EACH REPORTED ERROR!
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.11.5. MIT dump Tilgin debug tool. Should NOT be used unless requested by Tilgin,
81
2.11.6. VoIP Debug On request from Tilgin, extra debug printouts can be activated: Over Serial console As UDP packets.
2.11.7. Restart System HG will restart. Any configuration not saved in persistent memory will be lost.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.11.8. Console and CRM applications Tilgin debug tool. Should NOT be used unless requested by Tilgin,
82
2.11.9. PING For debugging one can use Ping. Host Data Size Packet Count IP address to be pinged Size of packet Number of packets to be sent
Note: Due to system limitations, ping diagnostics could only run for 30 seconds maximum. 2.11.10. Sniffer Tool For debugging one can use the sniffer tool in order to capture packets on various interfaces. 1. Create one or more sniffers. Name may be omitted. 2. Choose interface. 3. Update sniffing parameters (if necessary) a. Promiscuous mode is well known b. Filter is PCAP filter expression (same as tcpdump) c. Count i. Stop after capturing of specified number of packet ii. (0 - unlimited) d. Sample i. Sample the packet stream by only dumping 1 in every stream ii. Sample value packets. (0 - every packet) e. Headers only - keep eth-ip-transport headers only in dump f. Snap length - keep only specified number of bytes per packet 4. Press start. 5. Wait, press stop. 6. Download capture file (its name is a link to press in browser) 7. Delete sniffer to remove capture file from gateway. Note: Due to system limitations, a trace cant run forever.
2.11.11. Transfer Note: This is to be used by Tilgin only, no encryption is used. All settings can be downloaded and later restored. This mechanism also allows transfer of configuration to
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide other devices. 2.11.12. Backup/restore configuration All settings can be downloaded and later restored.
83
Note: Since remote management is possible, configuration can be lost when restored since new configuration can have been downloaded meanwhile.
84
2.11.13. Restoring system defaults Factory reset. All configurations are erased and the home gateway is in the same condition as after production. Note: The Software is not rolled back.
85
2.12. Status Information on the current status of the gateway and its connections as well as the product type and software type.
2.12.1. Product info
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.12.2. System log
86
Note: The diagnostics dump on Tools menu is of much more value for debugging. 2.12.3. Connections Connection Status
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.12.4. Network
87
Network statistics per port and WiFi interface are displayed.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 2.12.5. DHCP clients All LAN clients are listed
88
89
3. Subscribers Configuration
Certain gateway configurations are typically reserved for a subscribers preferences. These include accountspecific configurations such as language settings, call diversion numbers and recorded messages, or phonespecific settings such as personal short numbers, phone-to-account configurations, call barring and hotline numbers. In general practice, subscriber access is usually restricted to setting these types of parameters and to viewing information pages such as call lists and status reports. Subscriber parameters can be set by using a web browser or, in many cases, with a telephone handset using number codes (pre-defined in VCM). The services that a subscriber can see and configure in the gateway are enabled by the provider from the VCM. The web pages for these services are always there but the provider determines whether theyre visible or not (see Web Configuration: User Page Privileges 4.7.2). This section of the guide contains the Account and Phone pages of the configuration GUI built into the gateway. These are the services typically authorized for subscriber access but in fact, any of the configuration pages in the gateway can be made available. This section is intended to provide an operator with a guide to these services as well as a basic subscriber guide that can be adapted, branded and distributed to their customers. Additional services from the web-pages configuration sections of this guide can be added to this section if the provider chooses to make them subscriber-configurable. Note: Many of the services in this section require specific call control protocols (SIP, MGCP). The services reflected in a gateway can be limited by the protocol being used. If, for example, a gateway is running MGCP, endpoints terminate in the call control server and it is up to the Call Agent to determine what services are available whereas with a gateway running SIP, endpoints terminate in the gateway and services are therefore controlled at the gateway either by the provider or the subscriber. Note: The specific services provided for a gateway may be limited by the software version used. Your gateway may therefore not support all of the services in this section. Note: The available services can also be restricted by operator in such way that Web GUI has restricted access.
3.1. Login to gateway subscriber pages To enter the subscriber configuration pages: Direct a web browser to: http://192.168.1.1 This is the default IP address of the web pages built into the gateway device.
90
The opening screen provides 4 areas: Accounts: This is listing of accounts created on the gateway. No actions are available here. If the gateway is started for the first time there may be no accounts listed here. Login: This is the option for logging onto gateway configuration pages. Selecting a phone number in the Username field logs you into the Account page for that number. If there are no telephony accounts configured for the gateway, use the default login information (admin). Status: This is a quick view of the status of gateway connections (WAN / LAN), System uptime, and the software version being run on the gateway. No actions are available here. Wizard: The wizard option is for use in a semi-automatic provisioning scenario (see 1.3.2.2) Write the telephony (SIP) account, if no accounts are yet configured for this gateway, enter the default Username: admin (case sensitive) and the default Password: admin (case sensitive) and press Enter. Logging onto the gateway accesses any web pages that the provider has enabled for subscriber use and all telephone account pages. If the provider has not limited access in any way, all configuration pages in the gateway are available. Typically, access to gateway configuration pages is restricted to the parameters that are user-specific such as found on the Accounts and Phone web pages. See 4.7.2 for information on using the VCM to restrict access to gateway configuration pages. The password can be changed via the VCM (see 4.7.2).
91
3.2. Account page Logging in as a VoIP user (via a telephone number as the User Name) takes you to the Account page for that number. This might be the only page available from this logon. The field in the upper left corner displays the phone number associated with the current account information. Select an account here to change settings or view the call lists for each account (phone number).
The status of each account is also displayed.
92
3.2.1. Create New When logging in as administrator, the ability to create new accounts is included on the Accounts page. This function is used for including additional (SIP-based) telephony accounts via the home gateway. Examples would be telephony services through another provider. Select Create from the page. Registration and network information is obtained from the operator. Pressing Save will list the new number in the field at the upper left-hand corner of the screen. Up to 12 SIP accounts can be defined and used. These accounts can then be connected to any phone port(s) for incoming and/or outgoing calls.
93
3.2.2. Call handling (call diversion) By choosing an account in the left hand upper corner list or click on the account phone number in the list you can manage your account. Use this page to (for example) configure the parameters for diverting calls under varying circumstances. Check the appropriate service box. Phone numbers should be in the normal format. Time specifications are in seconds.
3.2.3. Distinctive Ring Signals By choosing an account in the left hand upper corner list or click on the account phone member in the list you can manage your account. Use for example this page to configure distinctive ringing. Distinctive ringing is a feature that generates different ringing signals based on the phone numbers. You can have a different ringing signal for each phone number in your household as well as a different ringing signal for each person calling you. Distinctive ringing can also be used to distinguish between types of calls such as calls paid for by the receiver and/or incoming mobile telephone calls. You can, for example, have a double ring to indicate that Bob is calling, a triple ring if Alex is calling, a long-short ring for incoming mobile calls and/or a short-shortshort ring for all receiver-paid calls. You can listen to the various ring signals or tones by pushing the Listen button on the Account/Ring Signals page. The signal/tone is played once on all phones that accepts incoming calls from the given account. The ring signal will be played if phone is on-hook; the tone (i.e. same as Call Waiting tone) will be played if phone is off-hook. If phone was already ringing or playing a tone, it will be stopped. There are two methods used to handle distinctive ringing. Both methods are supported by Tilgin gateways:
Distinctive ringing can be handled locally by specifying ring signals based on the A-number or Bnumber. In this case, distinctive ringing is configured per SIP account. The user creates a list of statements that define different types of numbers and what ring signal to use for each type. Each SIP
94
account looks at the number and tries to find a match in the list. When a match is found, the corresponding ring signal is used. The various ring signals to choose from are pre-defined in the terminal; they can not be changed by the subscriber. Defining statements (masks) are created using Regular Expressions. See chapter 7 for information on using regular expressions.
Distinctive ringing can also be implemented by the operator based on the SIP specification. In this case, the ring pattern is defined in a SIP header (Alert-Info header in the SIP INVITE). This has effect only when no user-defined distinctive ring is matched. At that point, the operator can associate an Alert-Info header with a specific ring signal. (see 4.8.9).
3.2.4. Distinctive ringing: local configuration Configuring distinctive ringing from the local web pages.
The following parameter names are used for the regular expressions that define incoming calls to the A number: TAG/ID 1 TAG/ID 8 The regular expressions are parsed from 1 to N for incoming calls. When a match is found, the corresponding ring signal is used and the search for a matching expression is terminated. An example of Distinctive Ringing use: The operator has defined a long-short ring for incoming calls from mobile phones, and a short-short-short ring tone for all callee-paid calls. The operator does this by providing Alert-Info header details. If the Tilgin gateway receives such a call on either phone, it will ring with the corresponding signal. If, however, a user decides that he always wants a single short ring for calls on his non-public personal number (perhaps only for family use), he specifies a mask that matches all the numbers on that account and this setting will override operator-defined ring signal. The user may also decide that he want to have a special signal when his child is calling on either phone. He can do so by specifying his childs phone number in a mask set on all accounts. Note: User-defined masks are matched from top to bottom, applying the first match found. So the user would set his childs number before other generic matches.
95
3.2.5. Distinctive Call Waiting indicators Each distinctive ring has an associated call waiting indicator (indicates an incoming call when the subscriber is already using the phone), making it possible to distinguish incoming calls in this use case as well. 3.2.6. List all calls This page lists all calls to and from the gateway with the specific numbers, time and date, type of call (received, missed, dialed) and its length of time. Note: You can view this list separated into received, missed or dialed calls by clicking the respective entry in the left-hand column.
3.2.7. Click to Dial Service The click to dial feature functions from the web servers phone lists available from the Account page (above). If a stored number is clicked and the receiver is lifted within 15 seconds, that number is dialed automatically. It is also possible to first lift the receiver and then click the number. In this case the number will be dialed directly.
96
3.2.8. Account-specific settings The account information here is for the number (account) selected in the upper-left-hand corner. This is typically pre-filled with account information by the provider and provisioned via the VCM. Up to 12 SIP accounts can be defined and used. These accounts can then be connected to any phone port(s) for incoming and/or outgoing calls.
97
3.2.9. Phone book The phone book is configured with user choice values i.e. names are strings chosen by the user, numbers are in ordinary digits and speed dial numbers are chosen by the subscriber.
3.2.10. Answering machine This feature is currently not supported for HG1310 and HG1520. The answering machine service is an optional feature that is separately licensed from Tilgin. If you have not signed an agreement to license the answering machine service, it will not appear in your software. The gateway unit's built-in answering machine works together with an email server. The answering machine records messages to sound files that are stored locally and can attach them to emails sent to a specified email address. The local sound files can be administrated using the telephone handset. The email sound files can be listened to by opening the email in a mail client. Use the Test Mail button to test this function. The user defines a mail address in the gateway to indicate where recorded messages should be sent: Example: john.smith@home.se.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 3.2.11. Answering machine mail configuration This feature is currently not supported in HG1310 & HG1520
98
Note: When the following email address and SMTP address have been defined, send a test mail by clicking the Send test mail button in the Answering Machine web page. Mail address 1 The user must define a mail address in the gateway to indicate where recorded messages should be sent. Default: Example: john.smith@home.se Mail address 2 is optional. It can be used if the recorded message should also be sent to a second email address. This is the address to the email server Default: Example: mailserver.company.se Check to use name/password authentication for the e-mail account. Certain SMTP configurations may require authentication information for login. In such a case, an account Username is received from the e-mail provider and entered here. Certain SMTP configurations may require authentication information for login. In such a case, an account Password is received from the email provider and entered here.
Mail address 2
SMTP address
User Authentication User name
Password
Note: The locally stored sound files are NOT stored permanently. This means that if the gateway loses power or reboots due to re-configuration changes, etc., the locally stored messages will be lost. Usage of the email function is recommended to back up these files. The amount of storage is limited on the gateway so when the storage area is full the oldest message will automatically be removed. The number of messages that can be stored locally is currently 10 for each telephone port on the gateway. Each message has a maximum length of about 40 seconds. The answering machine may be managed either from an analog phone or a web page. If the UVM service is activated, the subscriber must make some settings in the web pages before the answering machine mail service is operational.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 3.2.12. Record message To record an outgoing message: 1. Pick up the phone 2. Click Record 3. Speak for up to 20 seconds 4. Hang up the phone To listen to an outgoing message: 1. Pick up the phone 2. Click Play 3. Listen to the message
99
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 3.3. Phone-specific settings
100
3.3.1. Phone configuration For each phone, you can specify one account for outgoing calls. For incoming calls, the phone can be configured to receive calls from several accounts. The allowed formats for local phone numbers is configurable only from VCM and so is the text string describing the allowed format (see 4.9.3). When the dial plan for each region has been constructed, the operator creates a string similar to the default string below: All valid internal numbers must be in the format 1N# where N is any number between 0 and 9. This string appears on the web page.
Phone 1 Phone 2 ISDN MSN
Account for the analog interface marked 1. Account for the analog interface marked 2. Account number for the ISDN interface MSN number for the ISDN phones
3.3.2. Group numbers A group number means that calling a single number will ring several devices. The allowed formats for local phone numbers is configurable only from VCM and so is the text string describing the allowed format (see 4.9.3 ). When the dial plan for each region has been constructed, the operator creates a string similar to the default string below: All valid internal numbers must be in the format 1N# where N is any number between 0 and 9. This string appears on the users web page.
101
3.3.3. Call barring This setting blocks calls to certain numbers. You can specify up to ten prefixes on the Dial Plan page. This is done using regular expressions. Simple and very complex blockings can be achieved. Phone numbers beginning with specific digits can be blocked by specifying those digits. The character X can be used as a wild card. Example: Prefix = 123 will bar all outgoing calls beginning with 123. Prefix = 12X will bar any outgoing call beginning with 120 129. The Call barring configuration applies to all accounts.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 3.3.4. Hotline / warmline
102
Hot line Outgoing calls will be placed to a specified number when the receiver is lifted. A hotline connection may be used to automatically connect to another (call-placing) server or to automatically place an emergency call, such as to a nursing station in a health-care facility. The format is any valid phone number expressed in ordinary digits. Warm line Similar to a hotline, except that a call will be automatically placed only after a specified time-out period. Outgoing calls will be placed to the specified hotline number when the receiver has been lifted and the warm line timer has timed out. The phone can be used the normal way until the timer has timed out. With a warm line feature in a health-care facility, a resident could use their telephone in a normal manner. But if a phone is taken off-hook for 45 seconds and no key is pressed, the nursing station is called automatically. Note: Activating a hotline will affect Interactive Voice Response (IVR) functionality. IVR is normally always functional, but when hotline is activated it will be operational for only the first 30 seconds after bootup. During these first 30 seconds the LED is on for 500ms and off for 100ms. If you have an activated hotline and wish to use IVR, you can permanently activate it (and disable the hotline) by lifting the handset and pressing the hash key four times ####. When you are finished using the IVR function, you can either reboot the terminal, or press ## and hang up the handset. Section 3.4 describes IVR. 3.3.5. Volume Specify the volume on your telephones. Range is from 1 to 5. This is the volume of speech heard over the phone.
103
3.4. Configuration with an analog telephone and service codes The phone (analog) interface can be used to configure and check key parameters of the gateway by entering a service code. This is called Interactive Voice Response (IVR). This option is intended for end-users who do not have access to a web browser. The codes for services such as call diversion and call waiting etc. vary from country-to-country. Each operator uses the VCM (see 4.8) to configure the supplementary service codes for their specific location. Service codes are prefixed by or # and terminated with #. Example: The default code for activating Call Diversion is 62 <diverted-to-number>#.To have incoming calls diverted to 50638800 when busy, dial 62 50638800# (to deactivate dial #62#). Most telephone subscriber changes come into effect immediately; other types of changes may take effect when the gateway is rebooted. For many parameters, it is also possible for the end-user to use this IVR functionality to obtain a computergenerated voice response describing a units current configura tion settings. Note: Not applicable for MGCP signaling. 3.4.1. WAN IP Readout Three codes exist for listening to WAN connection IP address: Code *#983# *#982# *#981# Connection Type VoIP Connection IP Management Connection IP Internet Connection IP
If same functionality is used for one or two connection of course same IP will be heard regardless of code. 3.5. Default service codes The default values for service codes are the Swedish standard codes. See the specific sections below. 3.5.1. Handset codes: Call diversion Activating or deactivating a call diversion service by means of a telephone will conclude with the playing of tones. If the activation/deactivation was successful, two beeps are heard. If the command failed, the congestion tone is heard. To activate: 21 <diverted-to-number># Call forwarding unconditional service Example: To have all incoming calls diverted to 50638800, dial 21 <50638800># To deactivate: #21# To activate: 62 <diverted-to-number># Call forwarding on busy service Example: To have incoming calls diverted to 50638800 when busy, dial 62 <50638800>#
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide To deactivate: #62#
104
Call forwarding on no reply service
To activate: 61 <diverted-to-number># Example: To have incoming calls diverted to 50638800 when busy, dial 61 <50638800># To deactivate: #61#
3.5.2. Handset codes: Call Waiting/Call Hold This service is on by default. During an established call: If you do not want to answer the waiting call, press R0 (R-zero). If call forwarding on busy or answering machine on busy is configured, the appropriate service will then be activated. Otherwise, the waiting call will get a busy signal. If you do not answer the waiting call within a specified time, action will be taken as if R0 (R-zero) had been pressed. If you do want to answer the waiting call, press R2. To switch back to the original call, press R2 again. Pressing R2 a number of times will switch back and forth between the two calls. Pressing R1 finishes the current call and automatically switches to the other call. 3.5.3. Handset codes: Inquiry Call/Call Hold When you have established a call with person 1, press R to start a new call. Dial the number to person 2. When both calls have been established, you can press R2 to switch back and forth between the two calls. Press R1 to terminate one call and switch to the other. 3.5.4. Handset codes: Three-Way Conferencing To start three-way conferencing, perform the inquiry call service, then press R3. If a call is waiting, answer the waiting call with R2 and then press R3 to establish three-way conferencing. 3.5.5. Handset codes: Call Transfer To transfer a call during a three-way conference call: Establish the three way conference. Press R4 to establish a call between the two other parties and release your self from the conversation. Hang up. 3.5.6. Handset codes: Fast Re-Dial Service To repeat the last dialed number, press the star key three times () on your phone keypad. 3.5.7. Handset codes: locally stored messages Use the telephone handset to dial the code 51#. The gateway will play every recorded message in the order they were recorded. When no more messages are available a continuous beeping is played. 3.5.8. Handset codes: Record greeting To record a greeting message, dial 52#. Maximum length is about 20 seconds. 3.5.9. Handset codes: Call Completion to Busy Subscriber (CCBS) If A calls B who is busy, then A may invoke CCBS. The system will notify A (by ringing him) when B next becomes available. Use the handset and press 5# to activate CCBS. 3.5.10. Handset codes: Calling Line ID Restriction for Anonymous Calling For outgoing calls from the terminal, the following procedure can be applied to suppress calling line ID presentation at the called party end. This restriction will be valid for one call:
105
Use the handset and press 31# to activate calling line ID restriction for the next outgoing call. A dial tone will indicate that the service has been activated. The service is disabled automatically when the call is terminated. 3.5.11. Handset codes: Caller ID Enabling/Disabling Caller ID can be enabled/disabled via handset. The following default codes exist: Enable DTMF CID: *81# Disable DTMF CID: #81# Enable FSK CID: *82# Disable FSK CID: #82#
106
3.6. USB Host Any device can be connected to the USB Host interface. However, currently the only real application supported is USB Memory. 3.6.1. USB LED
LED ON: Any non-hub USB device is attached LED OFF: No device attached 3.6.2. USB HDD Introduction Note: USB HDD are normally preconfigured with file system: NTFS. This file system is NOT supported by HG. The HDD must be reformatted with FAT32 in order to connect it to HG. Some USB HDD Vendors has utility program that allows you to reconfigure your HDD to FAT32 in Windows. A USB HDD can be connected to the USB Host port on HG1310 & HG1520 & HG1350 & HG1550. The HDD can be accessed in two ways: For HG1310 & HG1520 product families an extfs.img file must be stored on the USB HDD. This file is downloaded automatically to the USB HDD if HG is connected to remote management server. Do NOT delete this file from USB HDD. The USB HDD can be access either with HTTP or Samba. However, since Windows WebDAV utility used for HTTP access has many bugs, we strongly suggest that you delete HTTP Access in Web GUI Storage Setup Authentication is enabled by default (even on LAN side), so in order to disable that go to Web GUI Storage Folders. For each folder (there should be one folder per volume by default) follow "View/edit" link. On each linked page ("Edit folder") remove "Authentication required when accessing via: SMB" checkbox and press "Apply". On your Windows PC enter "\\192.168.1.1" in the Windows Explorer address bar to show the accessible folder list.
3.6.3. Storage Management The storage management can be configured in the Web GUI storage menu
107
Note: "" marker in the text shows where the feature described in the paragraph(s) above could be accessed in the specified management interface. If some management interface is not mentioned, then this feature is not accessible via that interface. 3.6.3.1. Hardware Support Current hardware support is poor, the main reason - Linux kernel 2.4. Storage devices should be selected carefully and testing should be done before real use. Device plugging/unplugging should preferably be done when the box is powered off. 3.6.3.2. Client Support Access via SMB works with Windows XP, Windows Vista, Samba. Other clients aren't tested yet. HTTP read-only access should work with any browser. HTTP read-write access through WebDAV works with Windows XP starting from Professional edition, Windows Vista starting from Business edition, "cadaver" command-line WebDAV client for UNIX, KDE and GNOME built-in clients. Other clients aren't tested yet. 3.6.3.3. Service Control Storage service could be disabled/enabled as a whole. If storage service is disabled, no access to storage is possible, and the box doesn't react on USB device plugging. WebUI: Storage->Setup / General->Storage enabled TR-069 ACS: Services.StorageService.1.Enable 3.6.3.4. Access Protocols Currently only HTTP (WebDAV) and SMB access protocols are supported. Every access protocol could be disabled independently. For HTTP (WebDAV) it means, that the /nas/ subtree is not served. For SMB it means that the Samba process is not running. By default both protocols are enabled. WebUI: Storage->Setup / Access via HTTP / Enabled / Access via SMB / Enabled TR-069 ACS: Services.StorageService.1.NetworkServer.SMBEnable.HTTPServer.Enable
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide For HTTP (WebDAV) it is possible to specify port number. The default is 80. TR-069 ACS: Services.StorageService.1.HTTPServer.PortNumber For SMB it is possible to configure NetBIOS workgroup, server name and description. WebUI: Storage->Setup / Access via SMB / Workgroup / Server name / Server description
108
3.6.3.5. Network Access Control It is possible to control access to TCP and UDP ports on which storage is served using specific protocols, separately on LAN and WAN side. By default LAN access is enabled and WAN access is disabled via all supported protocol ports. TR-069 ACS: X_000261_NetService.Samba X_000261_NetService.StorageHTTP RECON ACS: USB Note: If WebUI and Storage are running on the same port (which is the default), then it is impossible to disable network access to them separately. In such case, if one service is disabled and the other is not, the result is undefined. Note: If you wish to simply deny access via some protocol use access protocol disabling feature. 3.6.3.6. Authentication Authentication via SMB is fully supported. Only basic HTTP authentication is supported, i.e. passwords are sent in clear text, and as such should be avoided in insecure environments. For HTTP it is possible to require (global) authentication. With global authentication single HTTP authentication realm is used for the whole storage and it is impossible to access storage anonymously. Without global authentication, each folder which has HTTP authentication requirement has its own realm, therefore it is required to enter credentials for each folder accessed. By default global authentication requirement is disabled. WebUI: Storage->Setup / Access via HTTP / Authentication required TR-069 ACS: Services.StorageService.1.HTTPServer.AuthenticationReq 3.6.3.7. Device Management All plugged devices are automatically added to the management tree and remembered in the configuration. Only unplugged device could be removed from the configuration. A device could be disabled, in that case its file systems are not mounted and become inaccessible via any protocol. A device could be "ejected", which means that all device file systems will be unmounted and it will be safe to unplug the device. However, it is still not recommended to unplug the device while the box is turned on, until newer Linux kernel is used in the software. Newly plugged device receives name derived from the model name reported via USB. In case similar model devices are plugged in, the serial number of all consequentially plugged devices is appended to their names. Device name could be changed but it must not match a name of any other device or volume existing in the configuration. WebUI: Storage->Devices TR-069 ACS: Services.StorageService.1.PhysicalMedium
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Note: VCM support is broken.
109
3.6.3.8. Volume Management Device partitioning is currently not supported. I.e. it is not possible to add, remove or resize volumes. RAID is not supported. Only DOS partition table type is supported. A volume could be disabled, which means that its file system is not mounted and is inaccessible via any protocol. Volumes on a newly plugged device get names consisting of the device name with volume number appended. Primary partitions get numbers from 1 to 4, logical partitions get numbers starting from 5. Extended partition is not exposed via WebUI. Volume could be renamed but its name must not match a name of any other volume or device existing in the configuration. WebUI: Storage->Volumes TR-069 ACS: Services.StorageService.1.LogicalVolume Note: VCM support is broken. 3.6.3.9. File System Management Only FAT file system is supported currently. File system creation, removal and resizing is not supported. A file system could be unmounted, which means that it is inaccessible via any protocol. A special flag "manage folders" exists for file systems in the WebUI. When turned off it allows users to access the root folder of their file system, despite TR-069 specification. When turned on, the files in the file system root folder become inaccessible and folder management becomes possible via WebUI. If folders are managed from TR-069 ACS, this flag is switched on automatically. WebUI: Storage->Volumes TR-069 ACS: Services.StorageService.1.LogicalVolume Note: VCM support is broken.
3.6.3.10. Folder Management Folders are what is accessed by the user over network. Only root folder's sub-folders could be managed via both WebUI and TR-069 ACS. If file system's "manage folders" flag is off, root folder could be partially managed via WebUI. Any folder could be disabled which means that it will be inaccessible via any protocol. When "manage folders" flag is on for the filesystem, its root folder sub-folders could be managed. Such folders could be renamed and deleted. WebUI: Storage->Folders TR-069 ACS: Services.StorageService.1.LogicalVolume.{i}.Folder Note: VCM support is broken.
110
3.6.3.11. Folder Access Control Every folder has authentication requirement flags for every protocol supported. If this flag is off then such folder could be accessed via corresponding protocol anonymously or by any authenticated user, regardless of the access lists. By default SMB authentication is required and HTTP authentication is not. Every folder has group and user access lists. If these lists are empty then no user will be able to access such folder, unless authentication for some protocol is disabled. User gets access if he is in the user list with corresponding access checked or if he belongs to a group which is in the group list with corresponding access checked. Having write access implies read access, so there is no sense disabling read access while write access is enabled. WebUI: Storage->Folders / <Volume name> / Folders /<Folder name> / Details / View/Edit TR-069 ACS: Services.StorageService.1.LogicalVolume.{i}.Folder.{i} Note: VCM support is broken. 3.6.3.12. Folder Network Access When shared over HTTP (WebDAV), folders could be accessed via URLs composed like these: Root folders: http://<host>/nas/<volume_name>/ Sub-folders: http://<host>/nas/<volume_name>/<folder_name>/ When shared over SMB, folders could be accessed from Windows machines using addresses like these: Root folders: \\<NetBIOS_host>\<volume_name>\ Sub-folders: \\<NetBIOS_host>\<volume_name>\<folder_name>\ Note: please don't try to access storage root HTTP (WebDAV) directory over SMB from Windows (unless you have similarly named storage volume), like this: \\<NetBIOS_host>\nas\ Because in this case Windows begins to mix failing SMB access attempts with buggy WebDAV access, which results in quirky performance and random error messages. 3.6.3.13. User Management User accounts could be created, renamed and deleted, their passwords could be changed. User account group membership could be modified. Any account could be disabled, which means any access using this account is denied. Every user account has per-protocol access enabling/disabling controls. By default any protocol access is allowed for the user. WebUI: Storage->Users TR-069 ACS: InternetGatewayDevice.Services.StorageService.1.UserAccount Note: TR-069 doesn't support per-user SMB access disabling/enabling 3.6.3.14. Group Management Group accounts could be created, renamed, and deleted. User accounts could be added or removed from groups. Every group could be disabled, which means that their membership in the folder ACLs becomes ineffective. WebUI: Storage->Groups TR-069 ACS: InternetGatewayDevice.Services.StorageService.1.GroupAccount
111
Note: TR-069 doesn't support user group membership editing through this subtree, use UserAccount subtree. 3.6.3.15. Auxiliary Software Management Auxiliary software is a software package which is downloaded from ACS to specified storage volume and then ran on the box. Currently auxiliary software package contains only Samba binaries which are used to support SMB access protocol. I.e. without auxiliary software downloaded and enabled it is impossible to access storage via SMB. You could select a storage volume and specify a file path to store the auxiliary software package in. You could also disable auxiliary software which means that the software process will be stopped, which currently means SMB access will be disabled. WebUI: Storage->Auxiliary software
3.6.3.16. Use Case: Password-Less Read-Only Access via HTTP User plugs storage device with at least one FAT file system into the box. Using his web browser user opens the following URL: http://192.168.1.1/nas and accesses his storage. 3.6.3.17. Use Case: Password-Less Read-Write Access via HTTP User plugs storage device with at least one FAT file system into the box. Here, we are assuming the user uses Windows XP or Vista but not a home edition. User maps a drive to the following URL: http://192.168.1.1/nas and uses that drive to access the storage. (Its not recommended to use http access with windows file browser) 3.6.3.18. Use Case: Password-Less Read-Write Access via SMB User plugs storage device with at least one FAT file system into the box. User opens the Storage->Auxiliary software page, selects storage volume, checks "Auxiliary software enabled", and presses "Apply". User saves settings. On next contact with ACS (for example after reboot) auxiliary software package is downloaded and put in a file named "extfs.img" (the default the user has left unchanged), on the user-specified volume. The Samba process is started. User opens Storage->Setup page and enters desired NetBIOS workgroup name, server name and description for the box. The workgroup name is usually the same as on the user's PC. Suppose user entered workgroup "WORKGROUP", server name "GATEWAY" and description "Home gateway". After that user presses "Apply". User opens Storage->Folders page, looks up desired volume, clicks "View/Edit" link on the only (root) folder row. At the opened page, user clears "Require authentication when accessing via SMB" checkbox and presses "Apply". If the user has entered the same workgroup name as his PC uses, he opens the workgroup view ("My Network Places" on Windows XP Professional) using Windows Explorer, finds and opens "GATEWAY" host, finds and opens the folder. Alternatively he opens Windows Explorer and enters "\\GATEWAY" in the address bar, to open the host, then finds and opens the folder. Or, if the folder is named, say, "video", the user opens such folder by entering "\\GATEWAY\video" in the Windows Explorer address bar. If the user has entered a workgroup name different from the one his PC uses, he starts with opening Windows network view, and there finds and opens the "WORKGROUP" workgroup. Then he finds and opens "GATEWAY" host, and there finds and opens the folder.
112
3.6.3.19. Use Case: Password-Protected Read-Write Access via BOTH HTTP and SMB User accesses the storage using the methods described in the two use cases above, but additionally adds user account and folder ACL entry, as follows. User opens Storage->Users page, enters desired user name and password in the "New user" form and presses "Apply". Newly created user appears in the "Available users" form. User opens Storage->Folders page, looks up the folder he wishes to restrict access to and presses "View/Edit" link on the same row. At the opened page, user ensures that both "Authentication required when accessing via" checkboxes are set, then he selects the newly created user in the "Users" area drop-down box, sets both read and write access checkboxes on the same row and presses "Apply".
113
4. Management Server Configuration - VCM

Note: All pictures in this chapter are old and will be updated in newer versions of this document. Most of the information is valid anyway, though. Note: An online Manual is available in VCM. Login on VCM and go to Settings. Press Help and a new window will be opened. That is the best way of getting correct and latest information about each parameter. This section of the guide describes the parameters that are configured with the VCM. Most parameters can be configured either centrally in the VCM or locally via web pages in the individual gateway. Subscriberspecific parameters are typically left to configure locally. Examples are Hotline numbers and Speed Dial numbers. In any case, the operator determines which parameters the end-subscriber is able to access by setting the User Page Privileges (see section 4.7.2). Note that the operator always has final control of parameter settings through an Override option in the VCM. Throughout the VCM GUI, wherever it is possible to set a parameter either locally or centrally, there is an Override check box that will give precedence to the VCM settings (in cases where parameters are only configurable from the VCM, this option is not necessary). Configurable options will vary once according to the model of the gateway and again according to the software version that is run on the gateway. This section describes the most comprehensive software version being run on the HG1311i model gateway. This represents the most comprehensive list of configuration options and might therefore contain options not found on a less-enabled model gateway or a gateway running a less-enabled software version. This section refers to the following software versions:

VCM 4.7.5 (management server version) VCM 5.4.3 (management server version) Home Gateway SW version 01_03_00_xx (most is applicable for version 01_02_00_xx)
4.1. Concepts within VCM 4.1.1. Hierarchal Configuration In VCM configuration can be applied on different levels. The purpose is not to have to copy all configuration on each individual CPE. Configuration can be made on Software, Group, Sub-Group, ..., Terminal Level. Software Level: means that all CPEs using this Software will get the same configuration made on Software level Group Level: A group can consist of one or several CPEs, can include Sub -Groups. Configuration made on Group Level will be used by all CPEs belonging to this Group. Sub-Group: See Group Terminal Level: This configuration is used by individual CPE
Configuration on lower level overrides configuration on higher level. This allows a very flexible way of doing general configuration on Software or Top Group Level and to have more individual settings on Sub-Groups and Terminal Level. A typical scenario is that SIP Servers are configured Software or Top Group Level, network configuration is made on a Group Level. Specific VLANs are configured on a sub-Group Level. SIP accounts and Phone numbers are configured on Terminal Level. See VCM Configuration and User Guide for more in depth information.
114
4.1.2. Inherit of SW When importing SW in VCM, do NOT forget to inherit previous SW configuration. If not, all configuration made will be lost. 4.1.3. Enable/Disable parameters Each parameter can be Enabled/Disabled (Checkbox to the left of each parameter). See picture below.
Enabled means that this parameter can be configured and will be sent to CPE Disabled (Unchecked) means that this parameter can not ne configured. If parameter is disabled on Software Level, that parameter will not be sent to CPE at all.
Note: Sometimes disabling of parameters is necessary on Software Level in VCM 4.7 and that is when you inherit older SW with not compatible parameter values. For example if parameter A is a Boolean and newer SW has transformed parameter A to be string. 4.1.4. Override parameters Many parameters have an override checkbox to the right. The purpose of this checkbox is to allow the operator to decide if local Web GUI setting or VCM setting should apply.
115
4.2. Configuration using VCM 4.7 differs in appearance from VCM 5.4 Where VCM 4.7 presents configuration on a series of pages, VCM 5.4 consolidates configuration into a file tree-like display. The configurable parameters are the same; it is only the display style that differs. The following is an example of the same parameter entry in VCM 4.7 and VCM 5.4: Registration Settings page from VCM 4.7
Registration Settings screen from VCM 5.4
When configuring from VCM, an on-line manual is provided for fundamental information about parameters use and syntax. VCM 4.7.1 or later provides full on-line support 4.3. Gateway Settings page Log onto the VCM Server and navigate to the Settings page for either a gateway group or an individual gateway. Note: Settings differs according to gateway type and the type of signaling the software is designed for (SIP, MGCP). The screen shot below, for example, is for a software version designed for SIP signaling. If your software version is for MGCP, MGCP options will be seen in place of the SIP related parameters.
116
4.4. Index to configurable gateway settings Boxes (See 4.5) Service Separation (See 4.17) Phones/POTs (see 04.5) Firewall/NAT services (See 4.18 ) Web Configuration (See 4.7) UPnP (see 4.19 ) Services (See 4.8) SNMP (See 4.20 ) Number Plan (see 4.9) RTSP Proxy (See 4.21) User Behavior settings (See 4.10) IGMP multi-cast (See 4.21) System (See 4.11) Dynamic Routing (RIP) (See 0) SIP accounts (See 4.13) SNTP (See 4.24 ) SIP parameters (See 4.14) Tools (See 4.25) LAN Settings (Groups) (See 4.15) WLAN (See 4.26) Connections (See 4.15) Switch configuration (See 4.27)
117
4.5. Boxes All phone numbers are configured in this section, including MSN, SIP Username/Password and any optional Web GUI password if SIP password is not to be used for User accounts. 4.6. Phones/POTS
4.6.1. Outgoing calls This configuration defines which VOIP account (phone number) each of the phone ports (phones) should use for outgoing calls. Services configured from the keypad of the phone will affect this VOIP account. Several MSN numbers can also be configured for ISDN phones. Set number for phone 1, phone 2 and ISDN phones

Select phone number None Line Phone number A - L
4.6.2. Incoming calls This configuration defines which phone ports should accept incoming calls from which VOIP account (phone number). Each VOIP account (phone number) can be assigned to any number of phones (phone ports). Phone number A L For each phone number(A - L): Assign phones to ring when the number is called
4.7. Web Configuration 4.7.1. Web server
Activate Web Server
Set true /false
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Set Web Server port number
118
Enter port number
4.7.2. Web GUI access control Access control to the web GUI is based on user-group membership. That means that different types of users have access to different GUI pages i.e. the pages that a user can see upon logging in are restricted according to which user-group he belongs to. The following roles are predefined: Maintainer- This user has access to ALL pages by default Administrator- Has default access to all pages except product test, SW loading and diagnostic pages User- Has default access to pages related to SIP accounts and VoIP services Anonymous- Access to start page None- No one can access the page The operator can determine precisely which pages each user group should have access to from the autoconfiguration server. Examples: Typical access controls might be as follows: The Maintainer user group has access to connection configuration. The Administrator user group has read access to connection configuration. The User user group has no access at all to connection configuration.
4.7.3. Password Settings Use this area to set passwords for access to gateway pages. The syntax is <username:password>. Note: User passwords are configured in the Boxes section, together with phone number and SIP username and password. An optional Web GUI password can be configured. User group Maintainer Administrator User Password Controlled from: VCM Default: admin:admin Controlled from: VCM Default: SIP account
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Controlled from: VCM 4.8. Services 4.8.1. Caller Id
119
Enable CID generation with DTMF. This parameter enables (1) /disables (0) CLIP (Calling Line Identity Presentation) using the DTMF method. When enabling this function, remember to check that the DTMF standard is set correctly. DTMF Standard This parameter defines which DTMF standard to use when CLIP using DTMF is enabled. Enable CID generation with FSK . This parameter enables (1) /disables (0) CLIP (Calling Line Identity Presentation) using the FSK method. When enabling this function, remember to check that the FSK standard is set correctly. FSK Standard. Defines the FSK standard to use when CLIP using FSK is enabled.
Set true /false
Select: 0=ETSI (Sweden) 1=TDK-TS (Denmark) 2=ETSI (Netherlands) Set true /false
Swap order of name and number. The order the number and name information should be sent in when the FSK standard is used. Some phones require that these parameters are sent in a specific order.
Select: 0=ETSI prior ringing 1=BT, 2=CCA 3=Telcordia 4=TIA, 5=Stentor 6=Telestra 7=NTT 8=ETSI during ringing Select: 0=Nr first
120
4.8.2. Service Transparency Must of this logic is handled by regular expressions. This parameter determines whether hook-flash events should be sent to the server or if they should be handled locally. Enabling this parameter is applicable when all mid call services should be handled by the server, not by the Vood product.
Send hook-flash/R-button events to server.
Set true /false. Default: false If false, mid-call services based on a hook-flash or R-button indication from the phone, are handled locally by the gateway as defined in the user guide for the home gateway. If true, hook-flash and R-button indications received from the phone are transparently forwarded to the proxy server in an INFO-message, and are not handled locally. The proxy server then determines which service to activate. Controlled only from VCM

121
4.8.3. Call Waiting Call waiting is a service that allows an already busy subscriber to accept a new incoming call. When the new call is received, the busy subscriber will be notified of the incoming call with a short tone. The characteristics of this tone are country specific and also depend on the distinctive ringing configuration. The busy subscriber can then choose to accept, reject or ignore the incoming call, and choose to cancel or put the current call on hold. The user behavior for handling this depends on which mid call profile is configured. If the busy subscriber chooses to ignore the incoming call, the new caller will hear ring tone until a configurable time has elapsed, then the new caller will hear the busy tone. This time frame is also the period during which the busy subscriber has the option to accept the new call.
Call Waiting Enable. Determines whether or not end user can configure call waiting. When this parameter is false, it is still possible to activate/deactivate the service from VCM using the appropriate parameters. When False, this parameter prevents the end user enabling/disabling the service via phone handset. If never locally configured, set Call Waiting on busy for: X sec. Determines whether service is enabled (active) or disabled from start. This state can then be overridden by the end user if the end user has been authorized. If not locally configured, set Call Waiting Timeout to [5120] seconds Defines the default time frame (after factory reset) during which the already busy subscriber has the option to accept a new incoming call. Call Waiting activation Defines the sequence to activate local handling of call waiting from the keypad of the phone. Syntax is regular expressions. The service code may optionally include a time value for how long it should take before a caller receives the busy signal in a case where the user chooses not to answer the waiting call. With the default regular expression, the end user can activate call waiting by dialing the sequence *43# (and will then be given a default timeout value), or the user can choose to dial the sequence *43*<time># (and will then be given the <time> value as timeout value). Call Waiting parameter (timer value) position. Defines which part of the Call Waiting Activation service code is the timeout value. Expressed as an output regular
Set as true / false
Set as true / false
5 - 120 seconds Default: 24
Disable service with empty value Default: *43(*(X+))?#
Default: $2
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide expression. The input expression is the expression defined as "Call Waiting Activation". Call Waiting deactivation. Sets the service code for deactivating call waiting with a handset.
122
Enable /disable Default: #43#
123
4.8.4. Anonymous Call The home gateway can be configured to give incoming anonymous calls special treatment. The treatment options that are available are: Accept incoming anonymous calls (just like any other call). Reject all incoming anonymous calls. Divert all incoming anonymous calls to another phone number (configurable from VCM only). Divert all incoming calls to the answering machine. (Only applicable for HG1110 product family)
Allow user to configure anonymous call. Determines if the anonymous call configuration field is available on the user web pages and if the service code has an effect when dialed. Make all outgoing calls anonymous. Defines the sequence to dial to activate always anonymous calls from the keypad of the phone. Expressed as a regular expression that defines the keypad sequence to dial for this service. Always Anonymous Call activation. Defines the sequence to dial to activate this service from the keypad of the phone. Set as a regular expression that defines the keypad sequence to dial for this service. Always Anonymous Call de-activation. Anonymous Call per-call activation. Defines the sequence to dial to activate anonymous call on a per call basis from the keypad of the phone. Set as a regular expression that defines the keypad sequence to dial for this service. Anonymous Call per-call de-activation. Reject Incoming Anonymous Call activation. Defines the sequence to dial to activate this service from the keypad of the phone. Set as a regular expression that defines the keypad sequence to dial for this service. Reject Incoming Anonymous Call deactivation. Divert incoming anonymous calls to this number if subscriber has activated Reject Incoming Anonymous Call. The parameter defines the phone number to which all anonymous calls should be diverted. Syntax is any valid phone number. Send Incoming Anonymous Call to Answering Machine activation. Defines the sequence to dial to activate this service from the keypad of the phone. Set as a regular expression that defines the keypad sequence to
Set as true / false Enable /disable
Disable service with empty value Default: *30#
Disable service with empty value Default: #30# Disable service with empty value Default: *31#
Disable service with empty value Default: *31# Disable service with empty value Default: *35#
Enable /disable Default: #35# Enable /disable Enter a valid phone number
Disable service with empty value Default: *36#
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide dial for this service. Send Incoming Anonymous Call to Answering Machine deactivation.

124
4.8.5. Answering Machine This feature is currently not supported for HG1310 and HG1520 product families.
Answering Machine Enable. Determines if the subscriber can use the answering machine or not and if the answering machine configuration fields are available on the web pages and if the service codes related to the answering machine have an effect when dialed. Unconditional Call Forwarding to Answering Machine activation. Defines the sequence to dial to activate this service from the keypad of the phone. Set as a regular expression that defines the keypad sequence to dial for this service. Unconditional Call Forwarding to Answering Machine deactivation. Call Forwarding to Answering Machine at No Reply activation. Defines the sequence to dial to activate this service from the keypad of the phone. Set as a regular expression. The dialed service code may optionally include a time value that indicates how long time it should take before a caller is diverted to the answering machine. Default expression allows user to activate call waiting by dialing the sequence *13# (and will then be given a default timeout value), or the user can choose to dial the sequence *13*<time># (and will then be given the <time> value as timeout value). Call Forwarding to Answering Machine parameter (timer value) position. Defines which part of the Call forwarding to answering machine at no reply service code is the timeout value. Set as an output regular expression. The input expression is the expression defined for Call Forwarding to Answering Machine at No Reply, activation. Call Forwarding to Answering Machine at No Reply deactivation. Call Forwarding to Answering Machine at Phone Busy activation. Defines the sequence to dial to activate
Enable /disable Disable service with empty value Default: *12#
Enable /disable Default: #12# Enable /disable Disable service with empty value Default: *13(*(X+))?# Syntax: regular expressions
Enable /disable Default: $2
Enable /disable Default: #13# Enable /disable Disable service with empty value
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide this service from the keypad of the phone. Set as a regular expression. Call Forwarding to Answering Machine at Phone Busy deactivation Start Message Handling. Defines the sequence to dial to enter the answering machine service mode from the keypad of the phone. Set as a regular expression. Record Answering Machine Greeting. Defines the sequence to dial to record an answering machine greeting message from the keypad of the phone. Set as a regular expression. Play Answering Machine Greeting.
125
Default: *14# Enable /disable Default: #14# Enable /disable Disable service with empty value Default: *51# Enable /disable Disable service with empty value Default: *52# Enable /disable Disable service with empty value Default: *53#
126
4.8.6. Mid Call Services The home gateway can be configured for one of two behaviors with regard to mid call services. Mid call services are services used during a call. Examples are: call hold, call waiting and three way calls. The two types of mid call services are: The European mid call service profile. The US mid call service profile. Two variations of this standard (with and without call transfer) are supported.
Enable mid call services US1 is the standard version that follows GR specifications. US2 is the same as US1 but transfer does not take place as stated in the GR specifications. Play tone when On Hold When a party is being put on hold in a phone conversation AND that party is connected to the Tilgin gateway, a call hold tone is generated for that party.
Enable /disable 0 - European style (R+button) 1 - US style 1 (flash, including call transfer) 2 - US style 2 (flash, excluding call transfer) True /false Enable /disable
4.8.7.
Call Transfer

Enable Call Transfer (only applicable for European style mid call services). Determines whether or not the subscriber can use the call transfer service.
True /false Enable /disable
4.8.8.
Call Diversion
Call Diversion Enable. Determines if the subscriber can use call diversion service or not and if the call diversion configuration fields are available on the web pages and if service codes related to call diversion have an effect when dialed. Use Diversion Header. Determines if the SIP diversion
True /false
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide header is added to an INVITE that is the result of a previous INVITE to a diverted number. Assume that the home gateway is A: - A sends an INVITE to B. - B responds to A with Moved temporarily to C. - A sends a new INVITE to C (in this case with or without a diversion header indicating that this INVITE was a result of a diversion). Enable recursive diversion when diversion header is used. Determines if diverted calls to subscriber should be accepted. Only works if a received INVITE is provided with the SIP diversion header. False = no INVITE with diversion headers is accepted. True = an INVITE with a diversion header is accepted. Call Forwarding Unconditional activation. The sequence to dial to activate this function from the keypad of the phone. Set as a regular expression. Must contain the phone number that all calls should be diverted to. Call Forwarding Unconditional parameter (phone number) position. Defines the part of the Call forwarding unconditional service code that holds the phone number to which calls should be diverted. Expressed as an output regular expression. The input expression is the expression defined as Call Forwarding Unconditional activation. Call Forwarding Unconditional deactivation. Defines the sequence to dial to de-activate call forwarding unconditional from the keypad of the phone. Expressed as a regular expression. Note for ISDN phones, This service may be used from the feature menu of the ISDN phone. Such a configuration on the ISDN phone will implicitly be handled locally as well if this parameter is non-zero and the keyword CFU is not found in the dial plan for regular phone numbers. Call Forwarding No Reply activation. The sequence to dial to activate this function from the keypad of the phone. Set as a regular expression. Must contain a part to hold the phone number that all calls should be diverted to. The sequence may optionally contain a part that holds a timeout value indicating the interval before the diversion is made. Call Forwarding No Reply parameter (phone number and timer value) position. Defines which part of the Call forwarding on no reply service code holds the phone number and timeout values. Set as an output regular expression. The input expression is the expression defined as Call Forwarding on no reply activation. Call Forwarding No Reply deactivation. Defines the sequence to dial to de-activate call forwarding on no-reply from the keypad of the phone. Expressed as a regular expression.
127
Enable /disable
Enable /disable Disable service with empty value Default: *21*(phone number)#
Enable /disable Disable service with empty value. Default options: o *61*<phone number># o *61*<phone number>*<time-out value>#
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Note for ISDN phones, This service may be used from the feature menu of the ISDN phone. Such a configuration on the ISDN phone will implicitly be handled locally as well if this parameter is non-zero and the keyword CFN is not found in the dial plan for regular phone numbers. Call Forwarding Busy activation. The sequence to dial to activate this function from the keypad of the phone. Set as a regular expression. Must contain a part to hold the phone number that all calls should be diverted to. Note for ISDN phones, This service may be used from the feature menu of the ISDN phone. Such a configuration on the ISDN phone will implicitly be handled locally as well if this parameter is non-zero and the keyword CFB is not found in the dial plan for regular phone numbers. Call Forwarding Busy parameter (phone number) position. Defines which part of the Call forwarding on busy service code holds the phone number that calls should be diverted to. Set as an output regular expression. The input expression is the expression defined as Call Forwarding Unconditional activation. Call Forwarding Busy deactivation. Defines the sequence to dial to de-activate this service from the keypad of the phone. Set as a regular expression. Note for ISDN phones, This service may be used from the feature menu of the ISDN phone. Such a configuration on the ISDN phone will implicitly be handled locally as well if this parameter is non-zero and the keyword CFB is not found in the dial plan for regular phone numbers.
128
Enable /disable Disable service with empty value Default: *62*(X+)#
129
4.8.9. Redial Automatic redial is a service that allows the call originator to get an alert (a special ring signal) when a previously placed call to a busy subscriber is available again. When the call originator lifts the received a call attempt is made to the previously busy subscriber. 4.8.9.1. Completion of calls to busy subscriber If A calls B who is busy, then A may invoke CCBS. The system will notify A (by ringing him) when B next becomes available. Redial code 4.8.9.2. Completion of calls on No Reply Automatic redial in the event of no reply to a placed call. Redial code
True/false Default: False Default: 5
True/false Default: False Default: 5
This service is also used when a call originator places a call and there is no answer. The originator will then be alerted once the called party lifts the receiver (for example to place a call) and then hangs up again. The service is invoked by pressing 5 when the busy tone is heard or when there is no answer, before hanging up. 4.8.10. Distinctive ringing: Central configuration Distinctive ringing is a feature that generates different ringing signals based on the phone numbers. You can have a different ringing signal for each receiver in your household as well as a different ringing signal for each person calling you. Distinctive ringing can also be used to distinguish between types of calls such as calls paid for by the receiver and/or incoming mobile telephone calls. You can, for example, have a double ring to indicate that Bob is calling, a triple ring if Alex is calling, a long-short ring for incoming mobile calls and/or a short-short-short ring for all receiver-paid calls. Distinctive ringing can be configured locally via the gateway web pages (see 3.2.4) or centrally using an autoconfiguration server. This section refers to the configuration of distinctive ringing from the Tilgin autoconfiguration server (VCM).
The regular expressions are parsed from 1 to N for incoming calls. When a match is found, the corresponding
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide ring signal is used and the search for a matching expression is terminated. Note: Locally created masks will override operator created masks. See the example below.
130
An example of Distinctive Ringing: The operator has defined a long-short ring for incoming calls from mobile phones, and a short-short-short ring tone for all callee-paid calls. The operator does this by providing Alert-Info header details. If the Tilgin gateway receives such a call on either phone, it will ring with the corresponding signal. If, however, a user decides that he also wants a single short ring for calls on his non-public personal number (perhaps only for family use), he specifies a mask (locally) that matches all the numbers on that account. This setting will override operator-defined ring signal. The user may also decide that he want to have a special signal when his child is calling on either phone. He can do so by specifying his childs phone number in a mask set on all accounts. 4.8.11. Distinctive ringing using the SIP method This VCM configuration feature is provided for additional flexibility in accommodating varying vendor equipment. The mapping of the Alert-Info header to ring signals is configurable from VCM. Typically, these variables would have values similar to the following: AlertInfo_Ringing0 = bellcore-dr1 AlertInfo_Ringing1 = bellcore-dr2 As long as the string (bellcore-dr1, for example) is found in the contents of the Alert_Info header, the corresponding ring signal is used. The first match found is used.
4.8.12. Hot line The hotline service enables a specified phone number to be automatically dialed after a specified amount of time. The timer is started as soon as the user goes off hook and unless the user start to dial another number the predefined hotline number is automatically dialed when the timer expires.
Enable Hotline. This parameter determines whether configuration of the hotline service is possible for the subscriber or not. Note that when this parameter is false, it is still possible to activate/deactivate the service from VCM using the appropriate parameters. When set to false, it can prevent the end user from using the hotline service but it can also prevent the end user
True/false Default: true
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide from turning off the service. Hotline number. This parameter is used to specify the hotline number. If this parameter is enabled and override is checked, this parameter will override any previously set values by the end user. Warm line timer. The delay time before the specified hotline number is automatically dialed. If this parameter is left out, the default takes effect. Hotline activation. Defines the sequence to dial to activate this service from the keypad of the phone. Set as a regular expression. The dialed sequence must contain a part that holds the hotline phone number. The dialed sequence may optionally contain a part that holds the timeout value that indicates the interval of time before the hotline call is made. The default service code is: *53*<phone number>#, or *53*<phone number>*<timeout value>#. Hotline parameter (Hotline number and warm line timer) position . Defines which parts of the Hotline service code hold the phone number and timeout value. Set as an output regular expression. The input expression is the expression defined as Hotline activation. The output expression should return a phone number and optionally a timeout value to the software. The phone number and timeout value should be in the format <phone number>*<timeout value>. Hotline deactivation. Defines the sequence to dial to de-activate hotline from the keypad of the phone. Expressed as a regular expression.
131
Maximum length: 64
Range 2-120 sec Default: 5 seconds Maximum length: 64 Default: *53*(X+(*X+)?)#
Maximum length: 2 Default: $1
Maximum length: 64 Default: #53#
4.8.13. Message Waiting Indication Message waiting indication is a notification that may be sent over networks to indicate that there is a message waiting (for instance) on a remote answering machine. The subscriber behavior of this service can be configured to enable/disable splash ringing and to set the duration for message waiting dial tone. In networks that support FSK (Frequency-Shift Key), phone-light indication is always enabled if the phone has this feature.
Ring splash. This parameter determines whether the end user should be notified with a ring splash signal when a message waiting indication is received. Note: that when this parameter is set to false, it is still possible to receive phone-light indication if the phone has this feature. Ring Splash VMWI activation. Service code for enabling the Ring Splash indication (if configurable by the user). The parameter value is expressed as a regular expression that defines the keypad sequence to dial for this service. See chapter 7 a description on how to use regular expressions. If the code is empty, the user can not enable Ring Splash message waiting indication using a service code. Note: Disable service with empty value
String: Maximum length: 64 Default: #70#
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Ring Splash VMWI deactivation. Service code for disabling the Ring Splash indication (if configurable by the user). The parameter value is expressed as a regular expression that defines the keypad sequence to dial for this service. See chapter 7 a description on how to use regular expressions. If the code is empty, the user can not disable Ring Splash message waiting indication using a service code. Note: Disable service with empty value Message waiting tone enabling. This parameter is used to enable or disable the message waiting tone. Note that even if this tone is enabled, it can still be disabled by setting the duration to zero. Message waiting tone activation. Service code for enabling the message waiting tone (if configurable by the user). The parameter value is expressed as a regular expression that defines the keypad sequence to dial for this service. . See chapter 7 a description on how to use regular expressions. If the code is empty, the user can not enable message waiting tone using a service code. Note: Disable service with empty value Message waiting tone deactivation. Service code for disabling the message waiting tone (if configurable by the user). The parameter value is expressed as a regular expression that defines the keypad sequence to dial for this service. . See chapter 7 a description on how to use regular expressions. If the code is empty, the user can not enable message waiting tone using a service code. Note: Disable service with empty value Message waiting tone duration. Sets the duration for message waiting dial tone, used as a reminder of waiting messages when the user goes off hook. It should be a value within the range of 0-15 seconds, where 0 is the same as disabling the message waiting tone. Default value is 3. With duration set to 15 seconds, the message waiting dial tone will be followed by congestion tone. Take precedence over other special condition dial tones. Setting this parameter to true will give message waiting dial tone precedence over other special condition dial tones. The message waiting tone will be played for the specified duration and then fallback to the suppressed special condition dial tone if applicable. When this parameter is set to false, any special condition dial tone will take precedence over the message waiting tone. Note: If message waiting indication is active and this parameter is set to false, the special condition dial tone will be played until the Message_Waiting_tone_Duration timer expires. And then fallback to the suppressed message waiting dialtone.

132
String: Maximum length: 64 Default: *70#
True/False Default: True String: Maximum length: 64 Default: #71#
String: Maximum length: 64 Default: *71#
Valid values: 0-15 Default: 3
4.9. Number Plan A dial plan describes valid sequences of digits in a telephony network. Such sequences are phone numbers, codes for supplementary services, local phone numbers etc. home gateway use regular expressions to create the match sequences used in a dial plan and also to map these matches to their respective output manipulations. Please see section (7.1) for complete information on creating a dial plan with regular expressions. 4.9.1. Call Barring The dial plan may include barred phone numbers (numbers that cannot be called).
133
Call barring. The formula for a barred number is entered as a regular expression.
Enter expression
4.9.2.
Phone numbers and service codes
UTF8-enable. Determines if non- ASCII characters should be encoded using UTF-8. Enabling can be convenient when UTF-8 encoding is needed, but it can also be achieved using regular expressions and output expressions. Prefix expression (will give new dial tone) The dial plan of the Tilgin gateway can be configured to generate a new (second) dial tone to get an outside line, or to get a line for an international phone number. It is also used where a feature code precedes the dialed phone number, for instance when handling a multi party conference. Configure using regular expressions. See Chapter 7 for information on using regular expressions. Regular expresssion number 1. The default value for this parameter is to use smart dial (dial with timeout) when five digits has been received from the phone. Output expresssion number 1. The output expression associated with regular expression 1. The default output expression is to send the dialed string untouched. Regular expresssion number 2. The default value for this expression asserts that any dialed number terminated with a # is considered as a complete number. Output expresssion number 2. The output expression associated with regular expression 2. The default output expression sends the dialed string untouched but
On / off Default: Off
Text string Maximum length: 128
Example, if the subscriber is to hear a new tone after *87, set *87 in the prefix expression. Depending on the output expression, *87 will be pre-pended to the phone number when it is sent out, or it can be removed.

Maximum length: 128 Default: (XXXXX+)T Maximum length: 128 Default: $0 Maximum length: 128 Default: (XXXXX+)# Maximum length: 128 Default: $1
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide without the terminating #. Regular and Output expressions 3 to 30.
134
Maximum length: 128
135
4.9.3. Allowed internal numbers An internal phone number is used to make local calls between the phone ports on a home gateway. The settings here define the range in the dial plan that can be used for internal phone numbers. The allowed range is defined with regular expressions. A text string can also be defined that will be presented to the end user as a guideline when setting up the local phone numbers (see3.3.1). The default expression below is 1N#. The default string appearing on the subscribers screen is: All valid internal numbers must be in the format 1N#, where N is any number between 0 and 9
Internal number valid range expression. This regular expression defines a valid local phone number. Text string to display on end user web page This parameter defines a text string that will be presented to the end user as a guide.
Maximum length: 18 Default: 1X# Maximum length: 18 Default: All valid internal numbers must be on the format 1N#, where N is any number between 0 and 9.

136
4.9.4. Regular Expressions This page is used to map a regular expression to an output expression before it is output for dialing. Note: Please see chapter 7 for complete information on using regular expressions in a dial plan. Note: Application notes describing Sweden, Germany and Netherlands dial plan are available. Contact Tilgin for more info.
4.10. User Behavior
4.10.1. R-button The R-button, or hook-flash button is an off-hook - on-hook -off-hook sequence that is used to handle mid call services. The time range that defines a valid R/hook-flash button detection is country specific. Lower Limit in ms. The minimum period for an offhook - on-hook -off-hook sequence specified in milliseconds. Upper Limit in ms. The maximum period for an offhook - on-hook -off-hook sequence specified in milliseconds. Hook Flash Guard Period in ms
Default: 50
Default: 800
Default: 600
137
4.10.2. Disconnect Dialling Older phones equipment used/use Loop Disconnect Dialing (LDD), also known as Pulse dialing, Decadal dialing or Rotary Dialing. This is the older method of sending dialed digits from a phone using a rotary dial phone or with a keypad sending dial pulses (now largely superseded by DTMF). This is rarely used today but support is included to assure that older phones will continue functioning.
Enable Loop Disconnect Dialing. Determines whether recognition of phones using Loop Disconnect Dialing should be enabled. Note. If Loop Disconnect Dialling support is enabled with the maximum LDD pulse time (break time) and the configured R-Button lower limit value overlapping, LDD pulse detection will take precedence. Break Lower Limit Defines the minimum accepted break time for Loop Disconnect Dialing (in milliseconds). Break Upper Limit Defines the maximum accepted break time for Loop Disconnect Dialing (in milliseconds).
True/false Default: 0
Range: 10 - 200 Default: 41 ms Range: 10 - 200 Default: 94 ms
4.10.3. Called party OnHook timeout Telephony networks in many countries have a delayed disconnection mechanism when a caller or a called party hangs up. This is implemented in order to allow a user to switch phones during calls. The home gateway platform supports on-hook timeout when acting as B party in a conversation. HookOn_Delay. Defines the B party on-hook timeout in seconds

Range: 0 to 90 seconds Default: 0
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.10.4. Tones Enable tone on hang-up Busy or Congestion Tone on hang-up
138
True /false Default: True 1 = Busy Tone 2 = Congestion Tone Default: 1
4.11. System
4.11.1. Country-specific Configurations Country Set Volume Language, Web GUI
Enable Polarity Reversal. The parameter defines whether polarity reversal should be performed or not to indicate call setup and disconnect. Polarity reversal is a mechanism to signal to terminal equipment connected to a telephony network when the party answers and hangs up. Fax and answering machines may rely on this signaling. The drawback is that the signaling is audible, and can be disturbing for the subscriber. 4.11.2. VoIP
Select Country Default: Sweden Range 5, 4, 3, 2, 1 Default: 3 Swedish, English, German, Russian, Arabic Default: Same as Web Browser true /false Default: false

HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Enable VoIP Determines whether the VOIP service should be enabled or disabled on the gateway Enable analog configuration Determines whether to allow configuration from a phone connected to a phone port on the gateway. Note: No IVR functionality is possible via a phone handset Maximum Simultaneous Calls. Sets the maximum number of allowed simultaneous calls to/from the CPE. The number can be set in the range of 1 to 4 simultaneous active calls 4.11.3. Diffserv Configuration

139
True /false Default: true True /false Default: true
Range: 1 - 4 calls Default: 4 calls
TOS Value for UDP (i.e. RTP Media)
TOS Value for TCP (i.e. SIP Signaling)
Hex value range: (00 - fe) Maximum length: 2 Default: 00 Hex value range: (00 - fe) Maximum length: 2 Default: 00
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.11.4. VCM server connection: gateway polling
140
Get VCM address from DHCP Set VCM address Enable gateway to poll the VCM. When a terminal is located behind NAT, the VCM cannot initiate contact with the terminal. This is solved by having the terminal poll the VCM at regular intervals to check for new software and/or new configuration data. Start time for poll. Set to a number between 0 - 23 (hour of the day) Polling will then take place at regular intervals. A random time of +- 2 hour is also added. Example: If the start time is set to 13, then, at some time between 11:00 - 15:00, the terminal will poll the VCM for new software and/or a new configuration. Poll interval. In hours Poll randomization time. In seconds Triple play services path
True /false Default: true Default: 0.0.0.0 True /false Default: true
Range: 0-23 Default:3 (03:00 AM)
Range : 3, 6, 12, 24, 48, 96, 168 Default: 24 Range: 0 to 14400 Default: 7200 Enable /disable Enter path
4.11.5. DHCP client Vendor ID

Maximum length: 64 Default: Tilgin HG dslforum.org
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.11.6. Echo cancellation
141
Enable Echo Cancellation Activate non-linear processing for echo cancellation.
Range: 0000, 0001 Default: 0001 Range: 0000, 0001 Default: 0000
4.11.7. T 38 Enable T38. Determines whether T.38 should be enabled or not. When true, a re-negotiation to T.38 is attempted when a fax call is detected. A possible codec switch to T.38 is accepted from the remote party. When false, a switch to T.38 is never attempted and is not accepted from the remote party either. Note: Currently not support for HG1310 and HG1520 product families. Should be set to False. Level of redundancy. Determines the level of redundancy to use for T.38. When set to zero, only the primary T.38 packet is sent with each UPD packet.When set to non-zero, the previous DSP_102 T.38 packets are sent as secondary packets with each primary packet. When set to two for instance, two consecutive lost packets is acceptable without impacting the fax transmission. Send one V.21 preamble only. T.38 protocol specifies that a V.21 preamble message should be sent when the V.21 preamble is detected. However, it is not clearly stated if this message should be sent repeatedly as long as the preamble is present. Some vendors require one V.21 preamble message only and some require that this message is transmitted continuously during the preamble. This parameter sets this behavior. Send one T.4 training only. The T.38 protocol
True /false Default: true
Range: 0000,0001,0002,0003 Default: 0001
Range: 0000, 0001 Default value: 0000
Range: 0000, 0001
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide specifies that a T.4 training message should be sent when the training signal is detected. However, it is not clearly stated whether this message should be sent repeatedly as long as the training signal is present. Some vendors require one T.4 training message only and some require that this message is transmitted continuously during the training. This parameter sets this behavior. Detect fax in reverse direction. The T.38 protocol states that the "receiving gateway" should re-negotiate to T.38. With this parameter set, the home gateway will switch to T.38 also in a situation when it is the transmitting gateway. Force T.38 version 0. Home gateways normally offer T.38 version 2 but with this parameter the behavior can be changed to offer T.38 version zero instead. Note that if the other endpoint offers T.38 version zero, the home gateway will use version zero i.e. the behavior is as stated in the T.38 specification with full backwards compatibility but there are vendors that will only accept a value of 0 in the version field.
142
Default: 0000
True /false Default: false
True /false Default: false
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.11.8. Codecs Must be revised. New codecs supported.
143
4.11.8.1. G711_A_64kb Enable Codec Priority Preferred number of frames per packet ( max. 60) Maximum number of frames per packet ( max. 60) Dtx
True /false Range: 1 9 Default: 1 Range: 20 to 60 Default: 30 Range: 20 to 60 Default: 60 True /false Default: false
4.11.8.2. G711_u_64kb Enable Codec Priority Preferred number of frames per packet ( max. 60) Maximum number of frames per packet ( max. 60) Dtx
True /false Default: true Range: 1 9 Default: 2 Range: 20 to 60 Default: 30 Range: 20 to 60 Default: 60 True /false Default: false
4.11.8.3. G723 Enable Codec Priority Preferred number of frames per packet ( max. 20) Maximum number of frames per packet ( max. 20) Dtx
True /false Default: true Range: 1 9 Default: 4 Range: 1 to 20 Default: 1 Range: 1 to 20 Default: 2 True /false Default: false
144
True /false Default: true Range: 1 - 9 Default: 5 Range: 1 to 20 Default: 3 Range: 1 to 20 Default: 6 True /false Default: false
4.11.8.5. iLBC Enable Codec Priority Preferred number of frames per packet ( max. 20) Maximum number of frames per packet ( max. 20) Dtx
4.11.8.6. AMR Narrowband Enable Codec Priority Preferred number of frames per packet ( max. 20) Maximum number of frames per packet ( max. 20) Dtx
4.11.8.8. G722 Enable Codec
True /false
145
Priority Preferred number of frames per packet ( max. 20) Maximum number of frames per packet ( max. 20) Dtx
Default: true Range: 1 - 9 Default: 5 Range: 1 to 20 Default: 3 Range: 1 to 20 Default: 6 True /false Default: false
4.12. MGCP Currently not supported.
146
Primary Call Agent address Specifies the address of the call agent. It will be used as the provisioned Notified Entity. This must be set to a valid call agent address. If a host name is used, this must be a name that can be resolved using a DNS. Secondary Call Agent address Set End point name channels A though D Specifies the name of the end point representing lines A-D. This must be set to a name that matches what has been configured in the call agent for this gateway. If this is set to an empty string, no registration will occur for the end point (and the end point cannot be used). Set Password for optional authentication, channels A-D Set answering machine trigger events
Text string Maximum length: 64 Example: localname@mycallagent.host.se 10.0.0.230:2527 ca.host.com
See Primary Call Agent above Text string Maximum length: 64 Default: aaln/1

Example: aaln/1 a001

Text string Maximum length: 64
Gateway name The name of the gateway must match the name configured in the call agent for this gateway. If no value is specified, the gateway will try to determine the name using a DNS reverse lookup. If reverse lookup fails, the gateway name will be set to the gate ways MAC address if DHCP is used or to the gateways IP address if a fixed IP address is used. Gateway name (other) Will an entry here grey the area above?
Text string Maximum length: 64 Default: l/rg Select from list: 0=MAC Addr 1=IP Addr 2=DNS Name Default: 0
Text string Maximum length: 64 Example: gateway1.host.com

Enable usage of NCS 1.0 profile Specifies whether or not the NCS 1.0 profile should be used. This is only set to on if your call agent requires NCS. Use NSE Controls whether you should use RFC 2833 or the Cisco variant called NSE for transferring of phone events over the media channel. The difference between the two is that events numbered 192 and 193 are used for fax detection events in the NSE case instead of events numbered 32 and 33 for RFC 2833.
true false Default: false
true false Default: false (i.e., use RFC 2833)

Enable usage of DNS for resolving notified entity address Specifies whether or not DNS should be used to resolve the MGCP notified entity parameter. This is only set to on if you know that your call agent is sending notified entity parameters that are possible to resolve using DNS or if your call agent is only sending IP addresses in the notified entity parameter. MGCP min retransmission interval Specifies the minimum retransmission interval. This sets the time it
Unit is milliseconds. Format: digits
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide takes for the first re-transmission to take place. The next re-transmission will take place at Min Interval * 2, until Max Interval has been reached. MGCP max retransmission interval Specifies the maximum retransmission interval. This is the longest time interval until the next re-transmission will take place. Next retransmission will take place at Min Interval * 2 until Max Interval has been reached. If a provisional response is received during retransmission, all following retransmissions will take place at max interval. MGCP max transmission attempts Specifies the maximum number of re-transmission attempts before the gateway goes into a disconnection state. With Min Interval set to 500, Max Interval to 4000, and Max Attempts to 6, the retransmissions will take place at 0.5, 1.0, 2.0, 4.0, 4.0, and 4.0 seconds. With these example values the gateway will, after 15.5 seconds without a response from the call agent, enter a disconnection state where it tries to get in contact with the call agent again using restart in progress messages. Set MGCP gateway port Specifies the port that the gateway will listen on for MGCP messages. Normally this should be 2427 since that is the value used by call agents. Interval for keep-alive msg Use the VCM to configure whether or not the gateway should send restart command with x-keepalive.

147
Default: 500 Example: 500 // Wait half a second until first retransmission Unit is milliseconds. Format: digits Default: 4000 Example: 4000 // Longest retransmission interval is 4 seconds Format: digit Default: 6
Format: digits Default: 2427
Only allow msg from Call Agent Set RTP port range start/end Sets the port numbers to be used for RTP media channels. Two ports are needed for each simultaneous call. The number of ports specified by RTP Port Range should therefore be a multiple of two. All media channels (regardless of phone line) use the same port range. The range must start on an even number and end on an odd number. Use a range equal to or greater than 8, using port numbers larger than 1023 and less than 65536. End of tone retransmission (RFC2833) Tilgin now supports propagation of DTMF and fax tones using the IETF standard RFC 2833. This includes negotiation in the MGCP/SDP protocol regarding which tones should be propagated in this way. RFC 2833 is a protocol for transmission of DTMF and other tones. According to this protocol the last packet should be re-transmitted three times to be certain that a receiver actually detects the end of tone indication in poor networks. Some vendors equipment will not handle these redundant packets;
Unit is seconds Minimum 20 seconds Text string Maximum length: 16 0 = off Default: 0 VCM only true false Default: false VCM only Text string Maximum length: 16 Default: 10000 10007

Select: 0000 0001 0002 0003 Default: 3
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide instead they cause an unpleasant noise. In such cases, the retransmission mechanism can be turned off or be set to a lower value. Ignore Call Agent Echo cancellation control Use the VCM to configure whether or not the gateway should ignore call agent echo cancellation disable/enable orders. Use default Persistent Actions: Certain common signaling behaviors are pre-defined as persistent actions that can be enabled or not: L/HU(n): Hang Up (replace receiver) L/HD(n): Hang Down (lift receiver) L/HF(n): Hook Flash Where n is the line number.
148
true false Default: false VCM only true = use persistent actions (default) false = don't use defined persistent actions Default: true

VCM only
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.13. SIP Accounts
149
The following parameters are configurable for additional (SIP-based) phone numbers. Up to 12 SIP accounts can be defined and used ( A-L). These accounts can then be connected to any phone port(s) for incoming and/or outgoing calls. Enable phone number registration Registration Server. The address of the SIP registrar, where SIP clients of the gateway will register. The IP address or host name of the SIP registrar. Optionally, a port number can be specified. SIP registration interval. Determines the reregistration time-out of the gateway clients. SIP registration failure interval. Set SIP outbound proxy address (nonREGISTER requests). The proxy address to which SIP gateway clients will route SIP messages. The IP address or host name of the SIP registrar. Optionally, a port number can be specified.

Set to true /false Default: false Text string Maximum length: 64 Default: 0.0.0.0
Range: 30 to 84600 seconds Default: 600 Range: 1 to 84600 seconds Default: 120 VCM only

Text string Maximum length: 64 Default: 0.0.0.0
150
4.14. SIP Parameters This chapter applies only to gateways with SIP software. Note that SIP parameters and their options may differ from one home gateway software release to another. These parameters can be configured using the SIP page of the web pages in the gateway, or by auto provisioning from the VCM. Applicable parts of SIP RFC 3261 supported in this release. Authentication using digest MD5. Record route/route UDP transport, including retransmission. TCP transport. Early media support. Support for DNS SRV records. Since the gateway has more than one analog channel, you can now configure a different Registration Server/Outbound proxy for each channel. If Registration Server B/Outbound proxy B is left blank, channel A's parameter will be used if Registration On/Off channel B is On. Some parameters that specify a port address allow a range ports to be specified. If a single port number is required, then the range must start and end with the same value, e.g. 1720 1720. Port addresses for different parameters must not overlap. Ports that are used to contact the registrar or proxy are determined by the SIP standard.
4.14.1. Transport Set transport protocol SIP T1 timer in milliseconds 4.14.2. Port Usage Set SIP port. Specifies the port the gateway listens to for SIP messages. Set RTP port range - start Sets the port numbers that can be used for the RTP media channel. For each simultaneous call, four RTP ports are needed. The number of ports specified by this parameter should therefore be a multiple of four.
Choose UDP or TCP Default: UDP Range: 500 2500
Set port number Default: 5060 Text string Default: 10000
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Note: All media channels use the same RTP port range. The range must start at an even number and end at an odd number. Use a range equal to or greater than 8, using port numbers larger than 1024. Note: When configuring a LAN PC as DMZ, the RTP media ports must be configured to 10000-10007 (hence cant be used by LAN PC). Also TCP port 10127 is reserved internally unless different connections are used for VoIP and Data. Set SIP RTP port range -end

151
Text string Default value: 10007
4.14.3. DTMF Dual-tone multi-frequency (DTMF), also known as Touch Tone; is used for telephone signaling over the line in the voice frequency band to the call switching center. DTMF is an example of a multi-frequency shift keying (MFSK) system. DTMF Generation Method Configure which method that should be used for DTMF Genreation Select: InBand, RFC2833, SIPInfo Default: Inband
4.14.4. SIP Info INFO Event Type
Select: Telephone-event DTMF-relay Nortel-digits Default: Telephone-event
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.14.5. Presence Presence indication allows (for example) other subscribers to know where you are.
152
Use presence indication Login Presence Description
Login Presence Note Logout Presence Description
Logout Presence Note
Set true /false Default: true Text string Maximum length: 64 Default value: ADAPTER Text string Maximum length: 64 Text string Maximum length: 64 Default value: ADAPTER Text string Maximum length: 64
4.14.6. General SIP Telephone Syntax (RFC2806) Enables use of telephone syntax for outgoing calls from the gateway. Could be enabled when the gateway is interoperating with other devices with RFC 2806 support (tel-URI addressing format). Device description. Each operator can use the VCM to configure their own device description, this is the text specified in the SIP Header field User-Agent. Set ptime value (the length of time represented by the media in a packet)
Set true /false Default: false
Text string Maximum length: 64 Range: 0 to 200 milliseconds Default value: 0
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.14.7. Customer Specific
153
Enable customer specific SIP ptime handling
Enable customer specific T.38 port allocation
Set true /false Default: false Only in VCM Text string Default: 0

4.14.8. Registration Settings
DNS resolve of every transaction. When 0, a DNS resolve is done at registration, and if the registration is successful, the numerical IP address is saved and used for requests outside of a dialog. When 1, a DNS resolve is done for each transaction. When 2, it works as 0, except that no DNS resolve is done when sending the next scheduled SIP REGISTER. The saved numerical IP address is used as the destination for the REGISTER. Only if REGISTER fails is a new DNS resolve done. Set Q value. With multiple SIP phones, the Q-value determines the ringing sequence. Q must be a value between 0 and 1. A phone with a setting of 0.5, for example will ring before a phone with a setting of 1.0. The 1.0 phone will begin to ring if the first phone is unanswered. Registration margin according to 3GPP (RFC 3325. see 4.14.9) SIP registration attempt interval on failure.
Select: 0, 1, 2 Default: 1 Only in VCM
Text string Maximum length: 64 Default: 1.0
Only in VCM true false Default: false Only in VCM true false

HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Time between registration attempts if a SIP account failed to register. Default: false Range: 1 to 84600 seconds Default: 120 Only in VCM

154
Only accept sessions from registered proxy. If enabled, incoming SIP traffic is allowed only if it originates from the configured proxy. Registration must also have been successful. Note: This setting requires DNS resolve of every transaction to be false, otherwise this feature is disabled. Note: When this setting is enabled the account used must have registration enabled in order to accept incoming SIP traffic.

Only in VCM
4.14.9. RFC 3323/3325 RFCs 3323 and 3325 describes private extensions to SIP that enable a network of trusted SIP servers to handle the identities of authenticated users. The P-Asserted-Identity (RFC 3323) header field is used among trusted SIP entities (typically Intermediaries) to carry the identity of the user sending a SIP message as it was verified by authentication. The P-Preferred-Identity (RFC 3325) header field is used from a user agent to a trusted proxy to carry the identity the user sending the SIP message wishes to be used for the P-Asserted-Header field value that the trusted element will insert. Use P-Preferred-Identity and P-Asserted-Identity.

Enable /disable true false
Only in VCM
4.14.10. Known Limitations The known limitations of this SIP release are the following: DTX in forward direction is not implemented for the G.711 codecs.
155
4.15. Home network overview Separate LAN groups are created largely so that services being delivered to different home network devices may be separated onto different connections and handled separately with regard to priority and access permissions. Setting up a home network is much simplified if you configure gateways in the following order: For Bridged and Routed Connections, start with: o LAN group(s) (a group is one or more LAN ports/SSIDs) o Connection(s) o Service Separation
Note: There is already one default LAN group on HG. By default, all Ethernet LAN ports and SSIDs belong to this group. If only one LAN group is needed, use this group i.e. no LAN group needs to be configured in VCM. LAN groups are used to separate gateway ports (and SSIDs) into different sub-networks. Each LAN group is a collection of LAN ports and/or SSIDs. LAN group management allows you to create these groups and to configure bridging between the ports included in the group. IP addresses may also be associated with LAN groups. Doing so enables routing between the addresses. Chiefly, LAN groups are created when one or more connections are to be used. In such a case, you can configure a LAN group for each bridge and/or routed connection i.e. specific LAN ports correspond to different bridge/routed connections. Each port may be added to a LAN group as either broadcast (normal) or with a VLAN tag. If the port is added with a VLAN tag, only packets with this tag will be bridged. If the port is added as broadcast, all packets (tagged and untagged) are bridged. In this way, a single port may be added into each of several LAN groups with different VLAN tags or into one LAN group as broadcast. (See 4.15.2) Note: Adding an SSID to a LAN group is done in the Web GUI or VCM on respective WLAN Settings page Connections can be configured to use one or several LAN Groups. Then separate services onto different connections and prioritize it as needed. Service separation is critical in order to send traffic to the correct connection. Connections can be separated into three major domains; VoIP, Internet and Management (see 4.16.1). Note: If a LAN group is configured with VLAN ID, a SSID cant be associated with it. SSID can only be connected to LAN groups with empty VLAN ID.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.15.1. Creating LAN groups in VCM To configure a new LAN Group: Open the Settings / LAN Groups page. Click New.
156
LAN Group Name Description Priority
Name of LAN group Descriptive text about the LAN group If VLANs are used on the LAN side, 802.1p priority can be configured. Add ports to the LAN group using the following syntax: Portname : vlan tag Examples: A:100 B:20 C:-1 D:-1 A, B, C and D are gateway port names. LAN port A will send packets downlink tagged with VLAN 100. Uplink packets are expected to be tagged with VLAN 100. LAN Port B will use VLAN 20 LAN Ports C and D are completely untagged The HG1110 series has USB Device interface and by adding USB: -1, the device is added to the LAN Group. Note! HG321 uses syntax LAN: -1 The Route To parameter provides possibility to configure on what virtual WAN connection IP
Interfaces
Route To
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Parameter should be configured for tononefor LAN Groups to be used by bridge connections. PPP Pass-Through Connection Parameter must NOT be used together with bridged connections.
157
packets should be routed to. Either a service like: Voice, Management and Default (Internet) can be configured. Or a specific connection can be chosen. Configure the connection that PPP pass-through should use. Note: PPP pass-through must also be configured on applicable connection.
4.15.2. LAN group - LAN Settings If you wish to manage the Home Gateway via an LAN groupo, you can assign the LAN group an IP address. This address can either be statically assigned which is the normal scenario or set to DHCP if LAN Group is connected to a WAN bridge connection. When set to DHCP, it will request an IP address from the DHCP server (This will be a global IP address in such sense that it will be accessible either from the LAN or the WAN)
Three options exist for LAN settings: No DHCP Client Static No IP No IP configured for this LAN group. Not possible to contact home gateway on the ports associated to this LAN group. If it is a bridge connection, this is the appropriate
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide DHCP Client
158
setting. For routed connections, the LAN group obtains its IP address from a DHCP Server located in LAN sub-network. Note! If you want to configure a bridge connection with IP obtained by DHCP, use a normal DHCP Connection and bridge a LAN Group to that WAN connection. Assigns a static IP address to the LAN group. Configure the IP address and netmask. Note: If a static IP address is used, this LAN group should not be used on a bridge connection as it might conflict with the WAN/LAN network. This is a consideration for your network design.
Static IP
4.15.2.1. LAN Group Static IP DHCP Provider If Static IP address is configured, there are three options for the DHCP Provider:
-
No Relay Server The LAN PC must either be configured with a static IP or obtain an IP address from a nongateway DHCP server. The LAN clients DHCP messages will be relayed to a specified DHCP server. The DHCP server IP address may be unspecified. If so, the packet will be relayed to the corresponding connection interface (it will be broadcast). A DHCP server is started for the LAN group and provides IP addresses to the LAN clients. The IP range and lease time are configurable.
No
Relay
Server
4.15.2.2. LAN Group DHCP Options For each LAN group a number of optional DHCP Options can be configured. The purpose is to allow HG to send unique and individual DHCP Options dependent of LAN device. By specifying identifiers for LAN device a number of DHCP Options can be specified. These options will only be sent to devices matching the identifier. See Application Note TI_DEV_IPRG_08_109_Full_Service_Routing_Application_Note_B.pdf for more information on how to configure.
159
4.16. WAN Connections Wide Area Network connections define logical interfaces to the network. Each of these interfaces represents a single unique network. You can define up to eight WAN connections. Each connection is related to a type of broadband interface. Connections within the gateway are of a particular protocol type. Currently supported protocols are:

RFC 1577 RFC 2684 PPP over Ethernet PPP over ATM
A single ATM PVC can support multiple connections. For Ethernet based products, WAN connections normally are separated with VLAN. Note: When defining multiple connections for service separation, each connection must belong to a different sub-network. Different connection types enable different kinds of network functionality for service delivery. Examples of network functionality are authentication (PPP connections), dynamic addressing (DHCP connections), connection sharing, QoS and routing functions etc. Current Tilgin releases support a full range of connection types for DSL and Ethernet products. Examples of connection types are: PPPOE, Static, DHCP, Bridge, PPPOA, CLIP etc. The logic behind choosing a connection type depends upon your network design and the type of functionality you want to enable. The advantage of separating service types onto different connection types is that it allows you to:

Apply specific network functions to specific services Isolate critical services to a dedicated connection Determine a fallback sequence in the event of a connection failure
Current Tilgin releases support separation into 3 service groups:

Management (VCM, SNMP) VoIP (SIP, RTP) Default Routing (Everything else. Effectively, this becomes Internet traffic)
The basic rule-set for separating services onto different connections is: Any of the 3 service groups can be assigned to use a connection. More than one service group can be assigned to one connection. A service group can be forbidden to use a connection (one way to dedicate a connection to critical services such as Management). More than one connection can be assigned to a service type. In this case, several connection types can be prioritized to determine a fallback sequence i.e. if the 1st management connection fails, the 2nd priority takes over. If that fails, the 3rd priority takes over. The workflow, then, for creating multiple connections and separating services is as follows: 1. Decide what connection types are required based on your network design (VLANs/PVCs etc.) and the functionality you require towards each service group (authentication, addressing, routing etc.). Create these connections with the Create New function for the respective service typeError! Reference source not found.. 2. Decide if service groups should share connections (again affected by your network design how many connections you support, what network functionality you want towards each service group). Configure these preferences from the Service Separation dialog (see 4.16.1).
160
3. Decide if any service group should have a dedicated connection (not shared with others). This is also configured from the Service Separation dialog (see 4.16.1). 4. Determine a fallback sequence against connection failure for service groups that have more than one connection available to them. This is configurable for each service group from the Fallback Prioritization dialog (see 4.17). As a general rule, always configure connections in VCM for larger deployments. It is not recommended to mix connections configured in the VCM with connections configured locally on the modem. If only one connection is to be used, the one configured by the wizard CAN be used, no additional connections have to be configured in VCM even though it is desired. 4.16.1. ATM Virtual Circuits Name PDU Bridged: An Ethernet Layer is used above ATM layer Routed: IP over ATM Note: This should not be mixed up with routed (DHCP, PPP etc) or bridge WAN connection Encapsulation Protocols are encapsulated over AAL5 according to RFC 2684. It describes two mechanisms for multiplexing data over AAL5: LLC: Logical Link Control Logical Link Control encapsulation. The LLC Encapsulation method allows multiplexing of multiple protocols over a single ATM virtual connection (VC). The protocol type of each PDU is identified by a prefixed IEEE 802.2 Logical Link Control (LLC) header. This may permit devices to interoperate because it is a self-identifying protocol. VC: Virtual Circuit multiplexing. Virtual Circuit multiplexing. In the VC Multiplexing method, each ATM VC carries PDUs of exactly one protocol type. When multiple protocols need to be transported, there is a separate VC for each. VC multiplexing adds no overhead (implying better payload efficiency), while LLC multiplexing requires a link control header. PVC Auto PVC auto hunt is used. Searches after a valid PVC based on a search list Default: Auto VPI Virtual Path Identifier VCI Virtual Channel Identifier QoS ATM Quality of Service categories: CBR (Constant Bit Rate) VBR (real-time Variable Bit Rate) ABR (Arbitrary Bit Rate) UBR (Unspecified Bit Rate)] PCR Peak Cell Rate: Only for CBR and VBR classes [Cells per second] SCR: Sustainable Cell Rate: Only for VBR class [cells per second] MBS Maximum Burst Size: Only for VBR class [Cells] CDVT Cell Delay Variation Tolerance: Only for CBR and VBR classes [micro seconds]
161
4.16.2. Create New Connection All new connections have a common set of parameters that are applicable for all connections except Bridge connection which only supports visible parameter. Connection name Vendor ID Note: Only applicable for DHCP Activate this connection by default Note: Only applicable for PPP Visibility Decide if connection should be visible or not in local Web GUI Enable NAT for this connection Enable firewall for this connection DMZ DMZ host Bridged LAN Group Enable PPP Pass-Through

Enter name Default: Tilgin HG dslforum.org True / false Default: true Visible/Invisible Default: Invisible
On/Off Default: On On/Off Default: On On/Off Default: Off Enter IP address Select LAN group from List. Traffic on this connection will be bridged to specified LAN Group True / false Default: true
4.16.3. Link Configure the Link layer for a WAN connection ATM VC Note: Only applicable for HG1110 MAC name MAC name must be used if different MAC addresses are required for connections over the same ATM VC. If one MAC address is OK, keep it empty. If the first pair of connections should use one MAC address and the second pair of connections should use another MAC address, MAC name may be kept empty for the first pair and specified the same (e.g. "test") for the second pair of connections. VLAN ID Priority bits
Select VC from list
Text string
0 4095 07
Note: MAC name and VLAN parameters are only visible in GUI after VC has been chosen.
162
4.16.4. PPP Settings Point-to-Point Protocol over Ethernet/ATM. A link layer protocol with the advantage of end user authentication. PPPoE connections can be configured to activate by default or not. User name Password Text string Maximum length: 128 Text string Maximum length: 128 Select: Auto PAP CHAP Default: 1492 0 to 65535 minutes Default: 10 Note! 0 means that the PPP session will be up forever Select On-Demand Permanent Specifies that the connection should be disconnected if the link has no activity detected for n seconds. A non-zero value. Only applicable if On-Demand is configured

Authentication protocol MTU Keep alive timer for permanent connection
On-Demand (PPP connection mode)
Idle Timeout Access Concentrator Service Enforce MTU Debug on off
Set on /off Default: On True / false Default: False
163
4.16.5. DHCP The Dynamic Host Configuration Protocol assigns dynamic IP addresses to devices on a network. A DHCP Connection uses the common connection parameters 4.16.6. Static IP Settings This type is not commonly used in the VCM for obvious reasons i.e. each individual device must be configured with unique information. IP address Mask Gateway DNS 1

DNS 2
DNS 3
Text string in IP format (xxx.xxx.xxx.xxx) Maximum length: 15 Text string in IP format (xxx.xxx.xxx.xxx) Maximum length: 15 Text string in IP format (xxx.xxx.xxx.xxx) Maximum length: 15 Text string in IP format (xxx.xxx.xxx.xxx) Maximum length: 15 Enter address of DNS server Text string in IP format (xxx.xxx.xxx.xxx) Maximum length: 15 Enter address of alternative DNS server Text string in IP format (xxx.xxx.xxx.xxx) Maximum length: 15 Enter address of alternative DNS server
4.16.7. CLIP Settings (Only applicable for HG1110) Classical IP and ARP Over ATM IP Address Mask (Netmask for CLIP connection) ARP Server Gateway

Text string Maximum length: 15 Text string Maximum length: 15 Text string Maximum length: 15 Enter IP address
4.16.8. Service Separation per connection By default, a connection is configured to be used for all types of traffic. To assign a connection to the traffic of a specific service group, or to forbid a service group from using a specific connection, use the Service Separation dialog on each connection page. Selecting On assigns the connection to the respective service group. Off denies use of the connection for the respective service group. Click on a service group type to open the Fallback Prioritization dialog for that service group. In this dialog, you can prioritize the connections configured for the respective service group to determine the sequence of failover in the event that a connection fails (see 4.17).
164
When connections are configured they can be chosen to be used for pre-defined traffic flow by assigning them priorities. Connection with smallest priority is used if is enabled. When the connection becomes disabled, the connection with the next priority is used. Switching between the connections is performed automatically when connection operative status is changed. Use this connection for default routing (Normal Internet traffic) Use this connection for management traffic Use this connection for voice traffic
On/off On/off On/off
4.16.9. Bridge Settings A Bridge is a layer 2 device that will forward Ethernet frames between the WAN connection and the LAN Group(s). The gateway does this using the 802.1d bridging standard. The LAN Group may consist of several interfaces like Ethernet ports, wireless access points and/or USB technologies. The WAN interface is always bridged mode type RFC 2684. One or several LAN interfaces can be assigned to a LAN group. This LAN group can then be bridged to a WAN connection. Select LAN Group from list Note: The LAN Group must be configured with No IP to be shown in list
Bridged LAN group
165
4.17. Service Separation - Prioritizing fallback connections From the Service Separation dialog (4.16.1), click on a service group type to open the fallback prioritizing dialog for that service group. All connections that have been enabled for this service group in the Service Separation dialog are available in the drop down list boxes. For every priority level, choose a connection from the list. The sequence determines the order in which connections will take over in the event of failure. In other words, if the priority 1 connection fails, traffic for this service group is re-directed to the priority 2 choice. If that connection fails, it is re-directed to the connection selected in priority 3. Save the configuration by clicking the Save button.
4.18. Firewall & NAT Services
Firewall and NAT Service. See (6) for a description of the SPI firewall and packet filtering options.
true /false
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.19. UPnP Connection Parameters
166
Enable UPnP Enable selected WAN connection for UPnP LAN Connection 4.20. SNMP
On /off Default: Off Select: Any configured WAN connection Select: Any configured LAN group

4.20.1. SNMP Enable SNMP Agent Enable SNMP Traps System Name True /false Default: true True /false Default: true An administratively-assigned name for the system. Text string Maximum length: 120 The physical location of the system. Text string Maximum length: 120 Contact person and/or contact information for system support. Text string Maximum length: 120

Location
Contact
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Community
167
Community Name
Community Access Right
Community is a relationship between an SNMP agent and one or more SNMP managers. Once the clear-text community name corresponds to a community known to the receiving SNMP entity, the sending SNMP entity is considered to be authenticated as a member of that community and is granted different levels of access (read-only or read-write). The combination of community access mode and a MIB-managed project defines the community profile for each object. The community profile defines the operations that can be applied to the object. In the gateway, a default community name of public with access mode of read-only is created in the configuration file. It allows a GET or a GETNEXT operation to all objects with access rights of READ-ONLY and READ-WRITE in the MIB. SNMP supports up to 3 communities including the default community name of Public. Text string Maximum length: 120 Select Access level: ReadOnly: Allows a GET or a GETNEXT operation to all objects in the MIB. ReadWrite: Allows ReadOnly access right to all objects and SET operation to objects defined as read-writable in the MIB. Default: ReadWrite
Destination IP (1-3)
Trap Community
Destination IP address. Traps can be sent to three different destinations. Text string Maximum length: 120 Community name of the trap. Text string Maximum length: 120 Two trap versions/formats are supported: SNMP v1 SNMP v2c
Trap Version
4.21. RTSP Proxy Configure trigger port and which WAN connection to be used for the RTSP protocol.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.22. IGMP Multicast
168
4.22.1. Enable multicast Mode Proxy for Routed connections: IGMP proxy tracks Joins/Leaves and configures switch properly. Multicast Acceleration for bridge connections: Hardware switch itself tracks Joins/Leaves and does not send multicast flows to "not joined" ports. On/Off Default: Off Enabled/Disabled Unconditional sending of Leave after group timeout. Every time when IGMP proxy receives Join the timer with multicast group lifetime timeout is restarted. If timer expires the group is removed, switch configuration for it is cleaned up and Leave if sent (only if "send leave" is enabled). After this time group is removed unless Join from LAN is received. Frequency of group-specific Queries is calculated from this value (now it's timeout /4). Select connection: Any of configured connections
Enable IGMP multicast proxy
Enable Send Leave
Multicast Group lifetime on HG WAN connection that IGMP should use.
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.23. Dynamic Routing (RIP)
169
Enable RIP
RIP version Metric RIP Interface name Enable split horizon
Allowed versions for incoming packets
Allowed versions for outgoing packets
Authentication mode Password or MD5 key to use if required
On /off Default: off Select: 1 - RIP V1 2 - RIP V2, Both Metric Select Prevent routing loops On /off Default: off Select: 1 - RIP V1 2 - RIP V2, Both Select: 1 - RIP V1 2 - RIP V2, Both None Select: Password MD5 None Text string Maximum length: 16

HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.24. SNTP - Simple Network Time Protocol
170
Enable SNTP Primary SNTP Server
Secondary SNTP Server
Tertiary SNTP Server
Time Zone Day Light
On/Off Default: Off Text string Maximum length: 120 Default: 0.0.0.0 Text string Maximum length: 120 Default: 0.0.0.0 Text string Maximum length: 120 Default: 0.0.0.0 Select time zone GMT-12:00 GMT+12:00 Default: GMT-12:00 On/Off Default: Off
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.25. Tools
171
4.25.1. Operator Web Access Enable Operator Web Access (for fault location) IP Address to enable access for
true /false Default: false Text string Maximum length: 15
4.25.2. Allow Ping Enable Operator to ping device (for fault location) IP Address to enable ping for
true /false Default: false Text string Maximum length: 15
4.25.3. Logging Debug information can be enabled and sent either to serial console or as UDP packets over internet. Select: 0: Off 1: Serial Print 2: UDP Print Default: 0 On/Off Default: Off On/Off Default: Off On/Off Default: On Text string Maximum length: 15 Default: 60000
Type of Logging
Print Verbose Logging Print SIP Messages to Log Print Failure Logging UDP Print destination IP UDP Print destination port
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.26. Wireless (WLAN) 4.26.1. WLAN Global Settings
172
Enable WLAN Determines whether the wireless interface of the CPE should be turned on or off as default Override local SSID This is to force SSID configured in VCM to override local configured SSID Channel Configures which channel to use. Tx_power (dBm) Phy type Super G Note: Only applicable for HG1310 and HG1520
On /off Default: Off Yes/No Default: No Integer range: 1 to 13 Default: Auto Transmit Power Default: 18 B/G/BG Default: BG On/Off Default: Off
4.26.2. Create New SSID SSID LAN Frag threshold RTS threshold Hidden Configure if SSID should be visible on air interface or not Name of WiFi network identifier Select Any configured LAN Group The minimum length of a frame that will be fragmented The number of bytes in a Mac protocol data unit (MPDU) below which an RTS/CTS handshake will not be performed

Yes/No Default: No
Note: Currently four simultaneous SSIDs are supported Note: For HG111x only one SSID can be visible at the same time. So even though several SSIDs are configured as non-hidden only one will be seen during wireless scanning. This is due to HW limitations.
4.26.2.1. Security Configure security scheme and password for SSID
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide 4.27. Switch Configuration
173
4.27.1. Physical Interface The physical interface can be configured for all Ethernet ports. Speed (100/10), duplex (Full(Half) and if auto-negotiation should be used or not. 4.27.2. Rate Limit Use rate limit configuration to optimize the packet rates for incoming and outgoing (from the gateway perspective) packets on a per port basis.
The following fixed steps exist: 128Kbps 256Kbps 512Kbps 1Mbps 2Mbps 4Mbps 8Mbps 16Mbps 32Mbps 64Mbps Full Rate (Default)
174
5. QoS and Triple Play Solutions

When moving from a simple Internet access service to a Next Generation Network (NGN) capable of delivering triple play services over ADSL, Quality Of Service (QoS) begins to play a critical role in assuring quality for every service delivered. Services, by nature, are different. They often have differing delay characteristics and require differing bandwidth allowances. VoIP traffic, for example, is far more latency sensitive than video delivered through a set-top box. That means that small delays in VoIP traffic are more noticeable to subscribers than in video traffic which is surprisingly tolerant of latency. QoS is a means of separating these differing types of traffic according their characteristics so that they can be prioritized to produce the optimal experience. For obvious reasons, this technology becomes increasingly important in applications that deliver several types of traffic simultaneously such as in Triple Play. There are two fundamental QoS solutions depending on the delivery architecture:

ATM-based QoS IP-based QoS
Which QoS architecture would be best to use will depend on the specific situation for the ADSL operator (e.g. whether there a big difference between re-using the installed base of ATM-DSLAMs and building up a new ADSL solution based on IP-DSLAMs). 5.1. ATM QoS: PVCs and VLAN/Port/Service Mapping For multiple PVCs with VLAN/port/service mapping, the data, voice, and video traffic are managed as separate layer 2 networks. The separation of services to the different service networks is based on VLANs, either in an IP-DSLAM or in a BRAS connected to an ATM-DSLAM. The DSLAM/BRAS supports multiple PVCs for one physical port. Data, voice, and video traffic use separate egress logical WAN interfaces with different IP addresses.

VLAN tagging is turned on for egress logical WAN interfaces in the IP-DSLAM or BRAS. Data, voice and video traffic are tagged with different VLAN IDs that are generated at the gateway. (There is a unique VLAN ID between 1 and 4094 for each logical WAN Interface). For each egress logical WAN interface there is one PVC with ATM QoS class so egress data, voice, and video traffic use different PVCs.
Because traffic service differentiation is done at the PVC level, separate/different ATM QoS classes should be used for each traffic type. The UBR class should not be set for both data and voice as it renders the ATM QoS ineffective. VLAN IDs that are generated by the gateway are carried over an RFC 2684 bridged encapsulated connection between the ADSL port of the modem and the DSLAM. With proper configuration, the gateway can form different VLANs with access devices in the data, VoIP and video networks. IP address allocation, traffic flow and management in these VLANs can then be isolated from each other. Examples:

A VoIP WAN interface gets its IP address from a DHCP server in the VoIP network A data WAN interface gets its IP address from BRAS via PPPoE and runs as a routed interface for WLAN and selected LAN ports A video WAN interface runs as a bridged interface.
This scenario can be summarized as an IP-DSLAM, multiple logical WAN interfaces, multiple PVCs, WAN interface to PVC mapping scenario.
175
Note: VLANs are redundant with PVCs with respect to network traffic segregation both mechanisms operate at layer 2. Hence the use of a VLAN depends on the DSLAM's requirements. The gateway supports for differing ATM traffic classes. The ATM Virtual Circuit Connections (VCCs) can be set up with specific QoS and traffic parameters:

PCR (Peak Cell Rate) SCR (Sustainable Cell Rate) MBS (Maximum Burst Size) CDVT (Cell Delay Variation Tolerance).
These QoS and traffic parameters define specific ATM service categories that can be applied to an ATM VCC:

CBR - Constant Bit Rate VBR - real-time Variable Bit Rate UBR - Unspecified Bit Rate
5.2. IP QoS Engine The new IP-based QoS architecture for multi-service networks is defined by DSL-Forum in TR-058 MultiService Architecture and Framework Requirements and in TR-059 DSL Evolution - Architecture Requirements for the Support of QoS-Enabled IP Services. This QoS architecture was designed specifically to increase the value of ADSL by enabling delivery of IPbased Triple Play services. Since all services run over IP and IP-TV distribution is based on IP multicast, QoS scheduling should be on the IP layer as well, based on the set of IETF DiffServ RFCs. The goal of these requirements is to be able to run all services over one PVC.
176
5.2.1. TR-059: IP-QoS requirements Figure 20 from TR-059 states that "The two critical points where IP-QoS is managed are the BRAS and the CPE (gateway). Intervening elements (like DSLAMs) are not envisioned to become layer 3 routers; this architecture assumes that they will not be layer 3 aware when they manage congestion. This arrangement supports multiple business relationships and provides connectivity for various users to access various services without requiring that all services be provided by a single provider."
The protocol to be supported over the U interface is PPPoE an IP over Ethernet: "The U interface MUST support at least one ATM AAL5 PVC per CPN [Customer Premises Network] using PPPoE and/or IP over Ethernet (IETF RFC 2684 configured using DHCP)". TR-059 proposes a phased approach to QoS.

Phase 1 is characterized by Diffserv provided through static provisioning. Phase 2 describes a subsequent time with a dynamic mechanism for changing the Diffserv QoS parameters through the use of a policy-based networking enhancement. Phase 2 is not yet fully defined, e.g. which resource reservation protocol to use is not yet clear.
The Tilgin IP QoS Engine follows TR-059 phase 1 requirements and to a limited extent parts of phase 2 requirements. 5.2.2. Traffic Aggregation and Control The IP QoS engine is the central point for controlling traffic on the customer premises and traffic destined for the access network. It is remotely configurable from the VCM, adding flexibility for dynamically reconfiguring QoS provisioning when a customer subscribes to a new service (e.g. adding a VoIP subscription or video telephony). 5.2.3. DiffServ Classification This provides the ability to classify IP packets within an ATM VC or PPP session so they can be handled according to priority and bandwidth requirements. Marking and remarking is done in accordance with IETF RFC 2474. Models where the gateway tags the IP packets (untrusted IP CPEs) and where the gateway performs the DiffServ scheduling based on the DSCP in incoming IP packets (trusted IP CPEs) are supported. 5.2.4. DiffServ Scheduling The IP QoS Engine includes a priority scheduler using a new queuing algorithm that combines strict priority with weighted round robin (WRR), called Priority Weighted Round Robin (PRIOWRR). This provides the solution for the starvation problem for best effort traffic in strict priority queuing as well as the non-optimal bandwidth utilization when using weighted fair queuing. This scheduler mechanism has 3 queues, resides on the egress side of the routing gateway and can be applied over one or multiple connections.:
Two Expedited Forwarding (EF) queues: high priority queues with non-preemptive service (strict priority). The first EF queue is dedicated to the VoIP traffic from the gateway, while the other queues are configurable from the web interface or via the VCM.
177
Two Best Effort (BE) queues (Medium/BE1 and Low Priority/BE2) with Weighted Round Robin (WRR) service. Using the scheduling table based on weight maps, the packets are serviced, sharing the remaining link bandwidth after EF service. The low priority queue corresponds to best effort service. The medium priority queue is prepared to play the role of an assured forwarding queue when using TR-059 phase 2 QoS. The weight difference between the BE1 and BE2 queues can be configured
5.2.5. Dynamic Packet Fragmentation/MTU Sizing Fragmentation of large, low priority data traffic packets is necessary to minimize delay/jitter for delaysensitive applications such as VoIP and video telephony. The solution is also dynamic which minimizes overhead at times when no EF traffic is present. 5.2.6. One PVC: Multiple WAN IP / VLAN Connections ADSL uplink deployment scenario using IP-DSLAM as illustrated in is supported. In this case data, voice, and video traffic are managed on separate networks (VLANs); IP DSLAM supports one PVC only for one physical DSL port. Data, voice, and video traffic use separate egress logical WAN interfaces with different IP addresses.

VLAN tagging is turned on each egress logical WAN interface. Data, voice and video packets are tagged with different VLAN Ids (There is a unique VLAN ID between 1 and 4094 for each logical WAN Interface). VLAN IDs are generated at the gateway.
Since there is only one egress PVC to use for the single ADSL port, all egress logical WAN interfaces are mapped to one PVC. This scenario can be summarized as an {IP-DSLAM, multiple logical WAN interfaces, one PVC} scenario. See below:
5.2.7. One PVC: sharing voice and data traffic When voice and data traffic share the same PVC a simple packet classification and prioritization will not suffice to achieve the low latency required by voice. In this case a voice call triggers dynamic flushing of existing data packets from device queues (including a DSL device driver) for head of line blocking removal and imposes IP MTU resizing based on the uplink bandwidth for fragmentation and packet interleaving of voice and data.
6. NAT and Firewall Services

See (see 4.18). The gateway router uses Network Address Translation (NAT) and a Stateful Packet Inspection (SPI) firewall to protect the home network. The NAT and firewall service can be set globally (for LAN and all WAN connections) disabled/enabled from the Firewall/NAT page. When disabled, no NAT functionality or firewall protection can be provided. NAT and firewall can also be enabled/disabled for each WAN connection (e.g., Internet connection). With the firewall enabled on a WAN connection, all incoming packets are examined by the SPI engine and traffic is dropped if it does not match an existing connection opened from LAN side or a port forwarding rule. Connections from the LAN side to the Internet are trusted and allowed to pass through the router unless explicit IP filter rules are used to block them. This asymmetric permissive firewall setup (drop from WAN, allow from LAN) provides easy-to-use Internet access while protecting the home network. 6.1.1. SPI firewall rule-set Chain INPUT (policy ACCEPT) target prot opt source ACCEPT tcp -- anywhere ACCEPT udp -- anywhere ACCEPT all -- anywhere RELATED, ESTABLISHED DROP all -- anywhere
destination anywhere anywhere anywhere
tcp dpt:5061 udp dpt:5060 state
anywhere
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide Chain FORWARD (policy ACCEPT) target prot opt source destination TCPMSS tcp -- anywhere anywhere flags: SYN, RST/SYN TCPMSS clamp to PMTU ACCEPT all -- anywhere anywhere RELATED, ESTABLISHED Chain OUTPUT (policy ACCEPT) target prot opt source DROP icmp -- anywhere destination-unreachable DROP icmp -- anywhere
178
tcp state
destination anywhere anywhere
icmp state INVALID
6.1.2. Port Forwarding With the Port Forwarding page in the gateway, you can provide local services (for example, web hosting) for people on the Internet or allow Internet games. (see 2.6). To configure a service, game or other application, select the external connection (for example the Internet connection), select the computer hosting the service and create an appropriate firewall rule. If you want to add a custom application, select the User category, click New and fill in the port, protocols and description for the application. You can also add/ edit/delete rules without using the pre-defined firewall policy database (games, services, etc.). Click on Custom Rules to access this type of interface. In the presence of the firewall, anonymous Internet traffic is blocked. 6.1.3. IP Filters This firewall feature allows you to block network access based on a user's computer IP address. You can use this gateway page to block specific traffic (for example, block web access) or any traffic from a computer on the local network. To configure an IP filter rule, select the computers IP address and add the corresponding firewall traffic def inition from the firewall policy database. If the traffic type is set to Any, all network traffic from that computer will be blocked. You can also add/edit/delete IP filter rules without using the pre-defined firewall policy database (games, services, etc.). Click on Custom Rules to access this type of interface. (see 2.6). 6.1.4. Access Control Open the access from the Internet (WAN) or LAN to the router's management ports (Ping, We, Storage, SNMP). There are security risks associated with this action. For this reason, remote management is restricted to computers on the network specified in the IP access control list (holds up to 16 IP addresses). The access control list provides a global enable/disable for the Access Control List (ACL). If the ACL is disabled, the default behavior (DENY on the WAN, Accept on the LAN) is enabled for all IP addresses. If no IP addresses are specified within the ACL, it will act as if it is disabled until the first IP address is added. (see 2.6). 6.1.5. DMZ Setting a computer on the local network as DMZ forwards any network traffic that is not redirected to another computer via the port forwarding feature to the computer's IP address. This opens access to the DMZ computer from the Internet. (see 2.6). Note: When configuring a LAN PC as DMZ, the RTP media ports must be configured to 10000-10007 (4.14.2) hence cant be used by LAN PC. Also TCP port 10127 is reserved internally unless different connections are used for VoIP and Data.
179
6.1.6. PING Enabling incoming ping (ICMP) requests on the Port Forwarding page allows the router to respond to a ping from the Internet. Blocking outgoing ping (ICMP on the IP Filters page) generated from a particular LAN IP can be used if the PC has a virus that attempts a Ping-of-Death Denial of Service attack. (see 2.6).
7. Using regular expressions

Note: See Application Note for latest update on how to use Regular expressions. Application notes for different countries dial plan are also available. Regular expressions are used in many types of software as a standardized way of describing matching sequences of characters. The built-in regular expression parser of the home gateway product line follows a sub-set of the POSIX definition of regular expressions with some additions and some minor restrictions for this particular software application. 7.1. Creating a dial plan using regular expressions A dial plan describes valid sequences of digits in a telephony network. Such sequences are phone numbers, codes for supplementary services, local phone numbers etc. The dial plan may also include barred phone numbers (numbers that are not allowed). In the PSTN network, the network knows when the last digit of a valid number is dialed. This is based on a distributed architecture - each country "knows" its valid phone numbers. In a VoIP network, this is not normally true. Instead, the dial plan knowledge is embedded in the gateway device. Since it is not viable to embed a dial plan that comprises all possible valid numbers, a flexible dial plan is implemented, that allows a dial plan to be defined using a very compact format. This is how regular expressions are used in home gateways- a flexible, compact format that also works with a dial-with-timeout mechanism. Regular expressions are used to describe almost all parts of the dial plan in home gateway products. Including: Barred numbers Phone numbers that should be routed to a fall back port (FXO or ISDN/TE) Sequences of digits for locally handled service codes Phone numbers (or other sequences) that should be sent to the soft switch (SIP), Call Agent (MGCP) Local phone numbers Local group numbers Note: This list is also the order of preference for paring regular expressions in home gateway products. This means that (for example) if the expression for Call Barring is matched, then the expression for Locally Handled Service Codes won't be tried. In another example, if a dialed number matches a Locally Handled Service Code and a Local Phone Number, the Locally Handled Service Code will be executed.
180
7.1.1. Home gateway regular expression syntax The following regular expression functions are used to define the dial plan in home gateway.
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, *, # X () Used to describe an exact match of the DTMF digits in question Used to describe a match of any single digit 0, 1, 2, 3, 4, 5, 6, 7, 8 or 9 Used to define a list. A list must be used to enclose optional matching sequences with the | operator described below. A list can also be used to explicitly define an output variable that can be used to define the output expression. Used to describe an optional sequence of digits. Place one of these operators after one of a single digit, the X symbol, a group or list, to indicate a matching repetition: "." indicates zero or more matches "+" indicates one or more matches "?" indicates zero or one matches [] Used to describe a group of optionally matching digits to a single input digit. The digits within the [ ] can be expressed explicitly or as an interval using the - operator. Used to describe a group of optionally NOT matching digits to a single input digit. The digits within the [ ] can be expressed explicitly or as an interval using the - operator. Used to terminate a regular expression and to indicate that a dialled sequence matches the expression after a timeout, i.e. a period with no additional input. Is used to terminate a regular expression and to indicate that a dialled sequence matches the expression after a timeout of n seconds, i.e. a period of n seconds with no additional input. Valid timeout values n are digits in the range 1 to 9, which corresponds to a timeout of 1 to 9 seconds respectively. The regular expression 12345 matches the dialled sequence 12345 The regular expression 12X45 matches any of the dialled sequences: 12345,12945, but not 12#45. The regular expression (12345 | 12346) matches the dialled sequences 12345 and 12346.
| . + ?
The regular expression (11|22|33|44) matches the dilled sequences 11, 22, 33 or 44. The regular expression 123. matches the dialed sequences 12,123,1233,1235... The regular expression 123+ matches the dialed sequences 123, 1233, 1235, The regular expression 123? matches the dialed sequences 12 and 123. The regular expression 555[123-6*] matches the dialed sequences 5551, 5552, 5553, 5554, 5556 and 555*. The regular expression 555[^123-6*] matches the dialed sequences 5550, 5557, 5558, 5559, 555A, 555B, 555C, 555D, 555* and 555#. The regular expression 1234T matches the dialed sequence 1234 if a period of X seconds passed after the final digit has been pressed without additional input. A regular expression 1234T5 matches a dialled sequence 1234 if a period of 5 seconds passed after the final digit has been pressed without additional input.
[^]
Tn
Note: The "." operator in POSIX standard is best compared to the X operator above but the X operator represents the digits 0-9 and NOT any character as with the POSIX standard. Note: The "*" operator in POSIX standard is equivalent to the "." operator above. The order of preference within a regular expression is from left to right. For example, if a regular expression is defined as: (12345 | 1234X) and the dialled input is 12345, then the match will occur with 12345, not 1234X. This is normally of no concern except with regard to output variables. This is described further below.
7.1.2. Output Expressions The regular expression defines which input sequence is required to find a match using the syntax described above. It is also necessary to manipulate the dialed sequence after a match occurs. Exxample: service codes terminate with a # symbol that must be removed before the sequence is sent to the server. In order to do this, the output expression is used to describe how the sequence should be manipulated before being used to dial a number. The output expressions are a string of arbitrary characters plus the variables: $0, $1, $2,...$9 that are set based on the result of the matching regular expression. The final output from the parser will then be the output
181
expression where all $0-$9 are replaced by the corresponding values set during the parsing of the input string.
7.1.3. How Output Variables ($0, $1, $2,...$9 ) are set The variable $0 always holds the complete dialled sequence. The variable $1 holds the part of the dialled sequence that is within corresponding parenthesis'. The variable $N (N is a number 1-9) holds the part of the dialled sequence that is within the Nth left parenthesis and it's corresponding closing parenthesis.
Examples: Regular expression (X)XXXXX Dialed sequence 123456 Regular expression (X)(X(X(X)X)X) Dialed sequence 123456 $0 is set to 123456 $1 is set to 1 $2-$9 are empty strings $0 is set to 123456 $1 is set to 1 $2 is set to 23456 $3 is set to 345 $4 is set to 4 $0 is set to 123456 $1 is set to 1 $2 is set to 3456 $3 is set to 456
Regular expression (X)X(X(XXX)) Dialed sequence 123456
7.1.4.
Examples of regular expressions Output expression $2
Regular expression (08)? (XXXXXX)
(0XXX)?XXXXXX
$0
*21*(X+)#
$1
Matches any 6 digit dialled sequence with or without the 08 area code. Both 08 123456 and 123456 match this expression. The output will be 123456 in both cases Matches any 10 digit dialled sequence starting with a zero and any 6 digit sequence NOT starting with a zero. The output is the dialled sequence. Matches any dialled number starting with *21* and terminated with #. Both *21*1# and *21*1234567890# match this expression. The outputs are 1 and 1234567890 respectively.
7.1.5. Limitations of the regular expression parser These are the limitations of the regular expression parser in comparison to the POSIX standard: When using the operators "?", "+", and ".", the parser tries to match as many as possible before it continues. This is the standard behavior but the regexp parser of the home gateway has no fallback algorithm. This is considered a minor limitation. It is possible to construct regular expressions that will cause the parser to fail in finding a match but these are not expressions that are relevant to a dial plan, and even these expressions can be re-written to work as expected. Example: A regular expression of 12345+56 will not match a dialled sequence of 1234556 even though it should match under the POSIX standard. Instead, the parser "eats" all the dialled 5's when it encounters the + operator. This
HG320 & HG1110 & HG1210 & HG1300 & HG1500 IP Residential Gateways Configuration Guide expression should be re-written as 123455+6 to work properly.
182
When using lists of optional matching expressions, the parser always tries to find a "best possible" match (i.e. where as many digits as possible match). It is possible to construct expressions where this will not always lead to a match and an iterative algorithm would be needed but again, this considered to be a minor limitation as such expressions are not relevant to dial plan definitions and in any case, even these expressions can be rewritten to work as expected. Example: A regular expression of (12 | 1)2 will not match a dialled sequence of 12 even though it should match under the POSIX standard. In this case, the expression would be re-written as (122 | 12) or simply 122? (these are equivalent statements).
183
8. Acronyms
AAA AAL5 ACL ADSL ARP ATM BE BRAS CCS CDVT CHAP CLIP CFI CPE CPN DHCP DMZ DNS) DSCP DTMF DTX EF VCM FQDN FSK FTP HG HG1110 HG1310 HG1520 HMAC HTTP HTTP Server IAD ICMP IGMP IVR LAN LLC MAC MBR MD5 MGCP (137) MRU MTU NAT NCS NGN NSE Authentication Authorization and Accounting server ATM Adaption Layer 5 Access Control List. Asynchronous Digital Subscriber Line. Address Resolution Protocol Asynchronous Transfer Mode. Best Effort. Broadband Remote Access Server. Call Control Server. Cell Delay Variation Tolerance. Challenge Handshake Authentication Protocol. Classic IP over ATM, i.e. IP over AAL5 . Canonical Format Indicator. Customer Premises Equipment. Same as HG in this document Calling Party Number or Customer Premises Network Dynamic Host Configuration Protocol, RFC 2131, RFC 1541. Demilitarized Zone in a firewall topology. Domain Name System.137 Differentiated Services Code Point or DiffServ Code Point. Dual Tone Multi Frequency. Discontinuous Transmission Function. Expedited Forwarding. Versatile Centre Manager, Tilgin Management Server Fully Qualified Domain Name. Frequency Shift Keying. File Transfer Protocol. Home Gateway Home Gateway WAN DSL based VoIP Gateway family that consists of HG1112, HG1113, HG1113i Home Gateway WAN Copper Ethernet based VoIP Gateway family that consists of HG1311, HG1311i, HG1312 Home Gateway WAN Fiber Ethernet based VoIP Gateway family that consists of HG1521, HG1522, HG1523, HG1524 Hashed Method Authentication Code. HyperText Transfer Protocol, RFC 2616. In this context equal to VCM, which contains the home gateway management application and an HTTP server. Integrated Access Device. Same as Home Gateway. Internet Control Message Protocol. Internet Group Management Protocol. Interactive Voice Response. Local Area Network. Logical Link Control. Media Access Control Maximum Burst Size. Message Digest algorithm 5. Media Gateway Control Protocol.-135 Maximum Receive Unit. Maximum Transmission Unit. Network Address Translation. Network-based Call Signalling Next Generation Network. Named Signaling Event
NTP PAP PCR PDU PPP PPPoA PPPoE PRIOWRR PVC QoS RAS RFC RIP RTP SCR SDP SIADDR SIP SNMPv2 SNTP SPI SRV SSH SSID STB STUN TC TCP Tel-URI Terminal TFTP TFTP Server TOS TVoDSL UBR UDP UMA UPnP 137) USB UVM VC VCC VCI VLAN VoIP VPI WAN WEP WPA Network Time Protocol, RFC 1305. Password Authentication Protocol. Peak Cell Rate. Protocol Data Unit Point to Point Protocol. Point to Point Protocol over ATM. Point to Point Protocol over Ethernet. Priority Weighted Round Robin. Private Virtual Channel. Quality of Service. Registration, Admission and Status Request For Comments. Routing Information Protocol. Real Time Protocol, RFC 1889. Sustainable Cell Rate.) Session Description Protocol A DHCP servers Next Server field. Session Initiation Protocol. Simple Network Management Protocol, version 2. Simple Network Transfer Protocol. Stateful Packet Inspection. Service Location or Service Record (DNS) Secure Shell. Service Set ID. Set-top box Simple Traversal of UDP through NATs. Traffic Class. Transmission Control Protocol. "Telephone Number" Uniform Resource Identifier Same as Home Gateway Trivial File Transfer Protocol, RFC 1350. In this context equal to VCM, containing the home gateway management application and a TFTP server. Type of Service. Television over DSL. Unspecified Bit Rate. User Datagram Protocol. Unlicensed Mobile Access. Universal Plug and Play. ( Universal Serial Bus. Unified Voice Messaging. Virtual Circuit. Virtual Circuit Connection. Virtual Channel Identifier. Virtual LAN. Voice over IP. Virtual Path Identifier. Wide Area Network. Wireless Encryption Protocol or Wired Equivalent Privacy. WiFi Protected Access
184

HG320 HG1110 HG1210 HG1300 HG1500 HG2300 Configuration Guide

Diunggah oleh

Informasi Dokumen

Deskripsi Asli:

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

HG320 HG1110 HG1210 HG1300 HG1500 HG2300 Configuration Guide

Diunggah oleh

Hak Cipta:

Format Tersedia

HG320 HG1110 HG1210 HG1310 & HG1520 HG1330 HG1350 & HG1550 HG2300 Series IP Residential Gateways

Configuring Individual Gateways with a Web Browser

Management Server Configuration - VCM

QoS and Triple Play Solutions

NAT and Firewall Services

Using regular expressions

Limitations of the regular expression parser

VoIP FXS Ports 1 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2 2

PSTN FXO Backup

ISDN Options NT TE ports ports 2 2 2

a SIP Proxy Server in SIP systems a Call Agent in MGCP systems

Select the Run Wizard link.

The unit reboots itself.

2. Configuring Individual Gateways with a Web Browser

2.2.1. Buttons Logout Save Settings Activate VoIP Settings

Any RECON TR-069

Acquire using DHCP VCM Code Hostname URL

Enabled Connections Encapsulation

PVC Auto PVC Manual VPI VCI PDU

PCR SCR: MBS CDVT

Name Port (Info) Type (Info) Description Status (info)

Uptime (info) Enabled

2.3.12.2. ATM Virtual Circuit (Only applicable for HG111x)

Chose the virtual circuit to be used for the connection

MAC Address name:

2.3.12.4. Ethernet Interface

Priority bits: VLAN ID:

Define IEEE 802.1p Class of Service Define IEEE 802.1Q VLAN

Enable None PPP Pass-through General LAN group

Enable Firewall Enable NAT

The connection can be associated with a DMZ (De-militarized Zone) host

PPP settings Username Password MRU

Vendor ID Renew button Release button

IP Address Net Mask Gateway: DNS 1 to 3: Hostname Domain

The IP Address The netmask The Gateway DNS Server IP Addresss

Polarity reversal (only with SIP)

SIP Telephone Syntax (RFC2806) Network Number Analysis

G711 A 64kb max

G711 A 64kb DTX

2.4.6. G711 64kb G711 64kb Priority

G711 64kb Preferred

G711 64kb max

2.4.7. G723 G723 Priority

Default: ETSI, EN 300 659-1 (Sweden)

Default: ETSI, Europe

This section explains the configuration of:

Physical Interface Rate Limiting Storm Protection

Enable broadcast storm protection for ingress packets.

Enable multicast storm protection for ingress packets.

Chose the connection that RTSP should run over

WAN connection that IGMP should use.

Routing via CPU

Enable Send Leave

Multicast Group lifetime on HG

Factory setting LAN Clients Custom

Hostname Connection Server Port Username Password

Enable SNMP Agent SysName SysDescription SysLocation SysContact Community

Enable SNMP Traps Trap Destination IP Trap Community Trap Version

Beacon Period RTS (Request to Send) packet size threshold

DTIM period (Delivery Traffic Indication Message).

Group Re-key Interval Pre-shared Key (PSK)

2.12.1. Product info

Disable service with empty value Default: 43((X+))?#

Enable /disable Disable service with empty value Default: 62(X+)#

Range 2-120 sec Default: 5 seconds Maximum length: 64 Default: 53(X+(*X+)?)#