Proxicast LAN-Cell Gateway - How to configure a UNAVCO LAN-Cell 2 modem (internal)
How to configure a UNAVCO LAN-Cell 2 modem
Configuration files
How to configure
1. Reset to Factory Defaults. Login at http://192.168.1.1, password "1234". Change password to UNAVCO default, accept new certificate.
2. Update firmware as necessary.
3a. Reload firmware/carrier-appropriate UNAVCO config, or reconfigure from scratch--web interface first:
NETWORK>
LAN> (no changes needed)
WAN>
General>
Connectivity Check>
Check Period = 30
Check Cellular Connectivity = checked
Ping this Address = selected, "69.44.87.3"
WAN> (no changes needed)
Cellular>
Make changes as appropriate for Carrier:
Verizon/Sprint:
ISP Access Phone Number = #777
Alltel:
Authentication Type = CHAP/PAP
User Name = MDN@alltel.net
Password = alltel
ISP Access Phone Number = #777
Cingular/AT&T:
Access Point Name (APN) = selected, "internet"
WARNING! WARNING! if you leave the APN set to "isp.cingular"
there will be NO REMOTE ACCESS!!
Authentication Type = CHAP/PAP
User Name = ISP@CINGULARGPRS.COM
Password = CINGULAR1
ISP Access Phone Number = *99#
For all carriers:
Always On = checked
(no other changes on Cellular page)
Traffic Redirect, Dial Backup> (no changes needed)
DMZ, WLAN> (no changes needed)
WIRELESS>
Cellular> (already changed above)
Wi-Fi> (no changes needed - confirm that the "Enable Wi-Fi Card" box is NOT checked)
SECURITY>
FIREWALL>
Service> (add new services before making other firewall changes)
NetRS Alt FTP Port 8021, TCP, 8021-8021
NetRS Alt HTTP Port 8080, TcP, 8080-8080
NetRS Alt HTTPS Port 8443, TCP, 8443- 8443
PRX-FTP, TCP, 7721-7721
PRX-HTTP, TCP, 7780-7780
PRX-HTTPS, TCP, 7443-7443
PRX-SSH, TCP, 7722-7722
Default Rule>
LAN to anything = 0 Rules, Permit, box unchecked
WAN to LAN: 1 Rules, Permit, box unchecked
Delete two factory preset rules.
Add one rule:
Rule Name = Alt NetRS Ports
Source Address = Any
Destination Address = Any
Edit Service = add *NetRS Alt FTP Port 8021(TCP:8021)
and add *NetRS Alt HTTP Port 8080(TCP:8080)
Sch. = No
Log = No
WAN to WAN: 0 Rules, Drop, unchecked
Delete one factory preset rule.
WAN to CELL: 0 Rules, Drop, unchecked
WAN to DMZ: 0 Rules, Permit, unchecked
WAN to WLAN: 0 Rules, Drop, unchecked
WAN to VPN: 0 Rules, Permit, unchecked
CELL to LAN: 2 Rules, Permit, CHECKED
Delete two factory preset rules.
Create one rule:
Rule Name = Standard Svcs
Source Address = Any
Destination Address = Any
Edit Service = add *FTP(TCP:20,21)
and add *HTTP(TCP:80)
and add *HTTPS(TCP:443)
Sch. = No
Log = Yes
Create a second rule:
Rule Name = NetRS Alt Ports
Source Address = Any
Destination Address = Any
Edit Service = add *NetRS Alt HTTP Port 8080(TCP:8080)
and add *NetRS Alt HTTPS Port 8443(TCP:8443)
Sch. = No
Log = Yes
Rearrange rule list so the Standard Svcs rule is first.
CELL to WAN: 0 Rules, Drop, unchecked
CELL to CELL: 0 Rules, Permit, CHECKED
Delete one factory preset rule.
CELL to DMZ: 0 Rules, Permit, unchecked
CELL to WLAN: 0 Rules, Drop, unchecked
CELL to VPN: 0 Rules, Permit, unchecked
DMZ to LAN: 0 Rules, Drop, unchecked
DMZ to WAN: 0 Rules, Permit, unchecked
DMZ to CELL: 0 Rules, Permit, unchecked
DMZ to DMZ: 0 Rules, Drop, unchecked
DMZ to WLAN: 0 Rules, Drop, unchecked
DMZ to VPN: 0 Rules, Permit, unchecked
WLAN to LAN: 0 Rules, Drop, unchecked
WLAN to WAN: 0 Rules, Permit, unchecked
WLAN to CELL: 0 Rules, Permit, unchecked
WLAN to DMZ: 0 Rules, Drop, unchecked
WLAN to WLAN: 0 Rules, Drop, unchecked
WLAN to VPN: 0 Rules, Permit, unchecked
VPN to anything: 0 Rules, Permit, unchecked
Anti-probing, Threshold> (no changes needed)
VPN WIZARD, VPN CONFIG, CERTIFICATES, AUTH SERVER> (no changes needed unless doing VPN)
ADVANCED>
NAT>
NAT Overview, Address Mapping, Port Triggering> (no changes needed)
Port Forwarding> add 6 lines:
1. Active=checked, Name=NetRS HTTP Alt, Incoming=8080-8080, Translation=8080-8080, Server IP = 192.168.1.2
2. Active=checked, Name=NetRS HTTPS Alt, Incoming=8443-8443, Translation=8443-8443, Server IP = 192.168.1.2
3. Active=checked, Name=NetRS FTP, Incoming=20-21, Translation=20-21, Server IP = 192.168.1.2
4. Active=checked, Name=NetRS HTTP, Incoming=80-80, Translation=80-80, Server IP = 192.168.1.2
5. Active=unchecked, Name=NetRS HTTPS, Incoming=443-443, Translation=443-443, Server IP = 192.168.1.2
6. Active=checked, Name=NetRS FTP Alt, Incoming=8020-8021, Translation=8020-8021, Server IP = 192.168.1.2
DNS>
System, Cache, DHCP> (no changes needed)
DDNS>
Active=checked
Service Provider=WWW.DynDNS.COM
Username=unavco
Password=Unav2003
Add one Domain Name: Domain Name=16charID.pbo-data-2.net (EDIT!), DDNS Type=Custom, no other changes needed
REMOTE MGMT>
WWW>
HTTPS>
Server Port=7443
HTTP>
Server Port=7780
(Note: if necessary, log back in to the Proxicast on the new mgmt port)
SSH>
Server Port=7722
TELNET>
Server Port=7723
FTP>
Server Port=7721
Server Access=all unchecked
SNMP>
SNMP>
Service Access = all unchecked except LAN
DNS> (no changes needed)
STATIC ROUTE, POLICY ROUTE, BW MGMT, Custom APP, ALG> (no changes needed)
LOGS>
Log Settings>
Mail Server=smtp.unavco.org
Mail Subject = hostname CDMALog (EDIT!)
Send Log to=proxicast-logs@pbo.unavco.org
Log Schedule=Hourly
User Name = unavco
Password = Unav2003
MAINTENANCE>
General>
System Name=16char hostname (EDIT!)
Domain Name=pbo-data-2.net (EDIT!)
Time and Date>
Time Server Address*=192.168.1.2
Password, F/W Upload, Backup&Restore, Restart, Diagnostics> (no changes needed)
3b. Reconfigure from scratch; add soft reboot timers via SSH interface:
Log into SSH configuration menu: 192.168.1.1, user=anything, port=7722, password=UNAVCO default
> 24 (System Maintenance)
> 8 (Command Interpreter Mode)
> sys view autoexec.net (check for "sys restart..." lines)
> sys edit autoexec.net
> i (to insert after)
> sys restart daily 24
> i (to insert after)
> sys restart timer 720
> x (to save and exit)
> sys view autoexec.net (confirm changes; third line should read "sys errctl 0" after timer lines)
> exit
> 99 (exit)