Вы находитесь на странице: 1из 134

ONT-2-E4xxxi Multi-service

Residential Gateway Series


Operator Guide
for ONT-2-E4000i, ONT-2-E4020i, ONT-2-E4021i, ONT-2-E4020iWn,
ONT-2-E4021iWn, and ONT-2-E4001i

Review Draft

TM 87-10878 Rev. A
March 2014
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Copyright 2014 Aurora Networks. All rights reserved.

All rights reserved. No part of this document may be reproduced, stored in a retrieval system, or transmitted, in any form or
by any means, electronic, mechanical, photographic, magnetic, or otherwise, without the prior written permission of Aurora
Networks.

Aurora Networks makes no representations, express or implied, with respect to this documentation or any of the software it
may describe, including (with no limitation) any implied warranties of utility, merchantability or fitness for any particular
purpose. All such warranties are expressly disclaimed. Neither Aurora Networks nor its distributors or dealers shall be liable
for any indirect, incidental or consequential damages under any circumstances.

(The exclusion of implied warranties may not apply in all cases under some statutes, and thus the above exclusion may not
apply.)

Specifications are subject to change without notice. Every attempt has been made to make this manual complete, accurate,
and up-to-date. Readers are cautioned, however, that Aurora Networks reserves the right to make changes without notice
and shall not be responsible for any damages, including indirect, incidental or consequential damages, caused by reliance on
the material presented, including, but not limited to, omissions, typographical, arithmetical, or listing errors in the material.

Aurora Networks, the Aurora logo, LcWDM, PWRLink, SUPRALink, and Trident7 are registered trademarks of Aurora
Networks, Inc. AUROS, BitCoax, Fiber on Demand, Light-Plex, MAXLink, METROLink, Node PON, OBI-free, Opti-
Trace, PWRBlazer, Remote QAM, SMART Media Converter, Universal Digital Return Platform, and VHub are trademarks
of Aurora Networks, Inc. Other product and company names mentioned herein may be trademarks of their respective
owners and are used here only for identification purposes.

Revision Date ECO


Number
Rev. A Initial release. xxxxxx xxxxxxx

Visit www.aurora.com for the latest documentation release information.


Aurora Networks, Inc.
5400 Betsy Ross Drive
Santa Clara, CA 95054 USA
Phone +1 408.235.7000
Fax +1 408.845.9043
www.aurora.com

ii TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Contents
Contents iii

Preface ix
Intended Audience .............................................................................................................................................ix
Conventions Used in This Guide .......................................................................................................................ix
How to Use this Guide .......................................................................................................................................ix
Related Documentation .......................................................................................................................................x
ONT-2-E4xxxi Multi-service Residential Gateway Series Models ...................................................................xi
Product Support .................................................................................................................................................xi
Comments and Feedback ...................................................................................................................................xi

Chapter 1 Introduction and Product Overview............................................................ 1


1.1 Introduction ..............................................................................................................................................1
1.2 Overview of ONT-2-E4xxxi Multi-service Residential Gateway Series .................................................2
1.3 Network Deployment of ONT-2-E4xxxi Residential Gateway Series .....................................................3
1.4 Ports and InterfacesRear Panel .............................................................................................................3
1.5 Interfaces Description ..............................................................................................................................5
1.5.1 Ethernet Connections ...............................................................................................................5
1.5.2 EPON SC/APC Fiber Optic Network Interface .......................................................................5
1.5.3 Voice Telephony Interfaces (Standard Telephone) ..................................................................6
1.5.4 IEEE 802.11n Wireless Access Point with Support for Secured Access .................................6
1.5.5 RF Overlay (RF Video Service) ...............................................................................................6
1.5.6 Power .......................................................................................................................................7
1.6 Supported Residential Gateway (RG) Features ........................................................................................7
1.6.1 Network Address Translation (NAT)/NAPT (Network Address Port Translations) ...............7
1.6.2 Domain Name System (DNS) Relay and Dynamic Domain Name System (DDNS) ..............8
1.6.3 Dynamic Host Configuration Protocol (DHCP) Client and Server ..........................................8
1.6.4 Security Firewall and Rich Packet Filtering.............................................................................8
1.6.5 Advanced Quality of Service, ..................................................................................................8
1.6.6 Virtual Server ...........................................................................................................................8
1.6.7 Flexible Management Interfaces including Web GUI..............................................................8
1.7 Product Specifications ..............................................................................................................................9
1.7.1 Environmental Specifications ..................................................................................................9
1.7.2 Power Specifications ................................................................................................................9
1.7.3 Optical Interface .......................................................................................................................9
1.7.4 Ethernet Interface .....................................................................................................................9

TM 87-10878 Rev. A iii


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1.7.5 Wireless Access Point for the ONT-2-E4020iWn and ONT-2-E4021iWn ............................ 10
1.7.6 Telephone Interface................................................................................................................ 10

Chapter 2 Before Configuring Your ONT .................................................................. 11


2.1 Factory Default Settings ......................................................................................................................... 11
2.1.1 Username and Password for Web GUI Interface ................................................................... 11
2.1.2 Device LAN IP Settings ......................................................................................................... 12
2.1.3 ISP Setting in WAN Site ........................................................................................................ 12
2.1.4 DHCP Server.......................................................................................................................... 12
2.1.5 LAN Port Addresses............................................................................................................... 12
2.2 Accessing Your ONT-2-E4xxxi Unit and Web GUI.............................................................................. 12
2.2.1 Saving Configuration Changes .............................................................................................. 13
2.2.2 Logging Out ........................................................................................................................... 13
2.2.3 Connecting to the GUI Interface of the ONT ......................................................................... 13

Chapter 3 Configuring Device Information ................................................................ 15


3.1 Summary ................................................................................................................................................ 15
3.2 WAN Information .................................................................................................................................. 16
3.3 Statistics Information ............................................................................................................................. 16
3.3.1 LAN Statistics ........................................................................................................................ 16
3.3.2 WAN Service Statistics .......................................................................................................... 17
3.4 Route Device Info .................................................................................................................................. 18
3.5 ARP Device Info .................................................................................................................................... 18
3.6 DHCP Device Info ................................................................................................................................. 19

Chapter 4 Advanced Setup ........................................................................................... 21


4.1 Layer 2 Interface .................................................................................................................................... 21
4.1.1 Layer 2 EPON Interface ......................................................................................................... 21
4.1.2 Layer 2 Ethernet Interface ...................................................................................................... 23
4.2 WAN Service ......................................................................................................................................... 24
4.3 LAN ....................................................................................................................................................... 32
4.3.1 LAN ....................................................................................................................................... 32
4.3.2 LAN VLAN Setting ............................................................................................................... 34
4.3.3 IPv6 Autoconfig ..................................................................................................................... 35
4.4 NAT ....................................................................................................................................................... 37
4.4.1 NAT Virtual Server ................................................................................................................ 37
4.4.2 Port Triggering ....................................................................................................................... 40
4.4.3 DMZ Host .............................................................................................................................. 43

iv TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

4.5 Security .................................................................................................................................................. 44


4.5.1 IP Filtering ............................................................................................................................. 44
4.5.2 Outgoing IP Filtering ............................................................................................................. 44
4.5.3 Incoming IP Filtering ............................................................................................................. 46
4.5.4 MAC Filtering ........................................................................................................................ 48
4.6 Parental Control ..................................................................................................................................... 50
4.6.1 Time Restriction ..................................................................................................................... 50
4.6.2 URL Filter .............................................................................................................................. 53
4.7 Quality of Service (QoS) ........................................................................................................................ 54
4.7.1 QoS Queue ............................................................................................................................. 55
4.7.2 QoS Policer ............................................................................................................................ 58
4.7.3 QoS Classification.................................................................................................................. 63
4.7.4 QoS Port Shaping ................................................................................................................... 65
4.8 Routing ................................................................................................................................................... 66
4.8.1 Configure Default Gateway ................................................................................................... 66
4.8.2 Static Route ............................................................................................................................ 67
4.8.3 Policy Routing........................................................................................................................ 69
4.8.4 Routing Information Protocol (RIP) Routing ......................................................................... 71
4.9 Domain Name Service (DNS) ................................................................................................................ 71
4.9.1 DNS Server ............................................................................................................................ 71
4.9.2 Dynamic DNS ........................................................................................................................ 72
4.10 Universal Plug and Play (UPnP) ............................................................................................................ 74
4.11 DNS Proxy ............................................................................................................................................. 75
4.12 Interface Grouping ................................................................................................................................. 77
4.13 IP Tunnel ................................................................................................................................................ 79
4.13.1 IPv6inIPv4 (6in4)................................................................................................................... 79
4.13.2 IPv4inIPv6 (4in6)................................................................................................................... 81
4.14 83
4.14.1 83
4.14.2 83
4.15 83
4.16 Multicast................................................................................................................................................. 83

Chapter 5 Wireless ........................................................................................................ 87


5.1 Wi-Fi Testing and Deployment Considerations ..................................................................................... 87
5.1.1 SSID Uniqueness ................................................................................................................... 87
5.1.2 Channel Allocation ................................................................................................................ 87

TM 87-10878 Rev. A v
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

5.1.3 Signal Strength ....................................................................................................................... 88


5.1.4 Encryption .............................................................................................................................. 88
5.2 Basic Parameters .................................................................................................................................... 88
5.3 Wireless Security ................................................................................................................................... 90
5.4 MAC Filter ............................................................................................................................................. 92
5.5 Wireless Bridge ...................................................................................................................................... 93
5.6 Advanced Wireless................................................................................................................................. 94
5.7 Station Info ............................................................................................................................................. 96

Chapter 6 Voice Configurations ................................................................................... 97


6.1 SIP Basic Settings .................................................................................................................................. 97
6.1.1 Service Provider SIP Basic Settings....................................................................................... 97
6.1.2 Global Parameters SIP Basic Settings .................................................................................... 99
6.2 SIP Advanced Setting .......................................................................................................................... 100
6.2.1 VoiceSIP Advanced Configuration .................................................................................. 100
6.2.2 Global ParametersSIP Advanced Settings ....................................................................... 103
6.3 SIP Debug Setting ................................................................................................................................ 104
6.3.1 Service Provider--SIP Debug Setting ................................................................................... 104
6.3.2 Global ParametersSIP Debug Settings ............................................................................. 105

Chapter 7 Diagnostics ................................................................................................. 107


7.1 Troubleshooting ................................................................................................................................... 107

Chapter 8 Management............................................................................................... 109


8.1 Set up the SNMP Agent ....................................................................................................................... 109
8.2 Settings ................................................................................................................................................. 110
8.2.1 Backup ................................................................................................................................. 110
8.2.2 Update .................................................................................................................................. 111
8.2.3 Restore Default Settings ....................................................................................................... 111
8.3 System Log .......................................................................................................................................... 112
8.4 Security Log ......................................................................................................................................... 114
8.5 SNMP Agent ........................................................................................................................................ 115
8.6 TR-069 Client ...................................................................................................................................... 115
8.7 Internet Time ........................................................................................................................................ 117
8.8 Access Control ..................................................................................................................................... 117
8.9 Update Software ................................................................................................................................... 118
8.10 Reboot .................................................................................................................................................. 119

vi TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Index 121

TM 87-10878 Rev. A vii


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

viii TM 87-10878 Rev. A


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Preface
System and network operators of Trident7 systems can use the Optical Network Terminal ONT-2-
E4xxxi Multi-service Residential Gateway Series Operator Guide to manage the ONT-2-E4000i, ONT-
2-E4020i, ONT-2-E4021i, ONT-2-E4020iWn, ONT-2-E4021iWn, and ONT-2-E4001i that comprise
the ONT-2-E4xxxi Series.
This guide describes the GUI interface imbedded in the ONT-2-E4xxxi Series unit and how to use the
GUI screens to easily configure the Residential Gateway (RG), wireless, voice, firewall, and advance
Quality of Service (QoS) features on your ONT-2-E4xxxi Series unit.
This guide contains the configuration information you need to set up your PC to talk to the ONT-2-
E4xxxi Series ONT, to select WAN, LAN, Firewall, security, and system parameters, as well as to
monitor system status. You are instructed on how to use the web GUI interface to access operator
screens that you use to perform these configurations.
This preface describes the intended audience of this guide, list of chapters in this guide, how to access
Aurora Networks documentation, how to contact product support, and how to provide documentation
feedback.

Intended Audience
The Optical Network Terminal ONT-2-E4xxxi Series Operator Guide is intended for system and
network operators, system administrators, and network engineers who are responsible for installing and
configuring the ONT-2-E4000i, ONT-2-E4020i, ONT-2-E4021i, ONT-2-E4020iWn, and ONT-2-
E4021iWn.

Conventions Used in This Guide


The following symbols represent the conventions used in this guide.

Symbol Description
WARNING! This symbol is used to identify conditions or actions
that could seriously injure personnel; for example, an electrical
shock hazard.

CAUTION! This symbol is used to identify situations that present


minor hazards that can interfere with or threaten equipment or
system performance.

This symbol identifies important points related to the text.


Note

How to Use this Guide


This guide is organized by specific tasks.

Chapter Description
Preface Describes the intended audience and scope of this guide,
chapter descriptions, related documentation, related model

TM 87-10878 Rev. A ix
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Chapter Description
names, product support information, and how to provide
documentation feedback.

Chapter 1, Introduction and Product Presents an introduction to the EPON Multi-service


Overview Residential Gateway and a description of interfaces and
ports, product specifications, and a detailed description of
the supported features and Residential Gateway (RG)
capabilities.

Chapter 2, Before Configuring Your ONT Read information about factory default settings for the web
GUI interface, device IP and DHCP server settings, default
username and password, and logging into the web
interface.

Chapter 3, Configuring Device Explains the screens that you can use to view and monitor
Information summary device status information and specific WAN ,
statistics, route, ARP, and DHCP device information.

Chapter 4, Advanced Setup Describes how you can view and configure Layer 2
interfaces (EPON and Ethernet), WAN service, LAN,
Quality of Service, Routing, Domain Name Service,
Universal Plug and Play, DNS Proxy, and Storage Service.

Chapter 5, Wireless Provides information on configuring parameters in an IEEE


802.11-based wireless network. You can configure wireless
security, MAC filter, wireless bridge, station information,
and advanced wireless parameters.

Chapter 6, Voice Configurations Describes how to configure Session Initiation Protocol


(SIP) parameters for voice service.

Chapter 7, Diagnostics Explains the diagnostics screen you can use to run
diagnostic tests to check your Ethernet and wireless
connections.

Chapter 8, Management Explains the backup, update, and restore functions, as well
as System and Security logging, the TR-069 Client, how to
set up the Internet time and user permissions, downloading
new and updated software, and rebooting the ONT.

Related Documentation
Refer to Aurora Networks Web site at www.aurora.com for the latest product information and
documentation updates. The Web site includes a special customer support area (password required) for
Aurora customers.

Related Documentation TM Number


ONT-2-E4xxxi Multi-service Residential Gateway Series Hardware Installation Guide 87-50077 Rev. A

IEEE 802.3ah EPON Multi-service Residential Gateway ONT-2-E4020iWn Data Sheet 87-50074 Rev. A

IEEE 802.3ah EPON Residential Gateway ONT-2-E4000i Data Sheet 87-50076 Rev. A

IEEE 802.3ah Multi-service Residential Gateway EPON ONT-2-E4xxxi Series ONTs Data 87-50075 Rev. B
Sheet

Trident7 Element Management Suite User Guide 87-50067 Rev. B

Note: TM numbers for software manuals depend on the software version (different manuals for different versions).
See www.aurora.com for the latest software versions and TM numbers for the corresponding manuals.

x TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Related Documentation TM Number


Go to www.aurora.com and click on Support then Software for the latest software release information. This area
requires a password. If you dont have a password, click Customer Registration and register to get your password.
After logging in (with your e-mail address and password), select Support and Software to see the latest software
versions. Select Support and Tech Manuals to see the corresponding TM numbers. You can also send e-mail to
support@aurora.com.

ONT-2-E4xxxi Multi-service Residential Gateway Series Models


The following table lists the ONT-2-E4xxxi Series model names/numbers by country. For each model,
use the AC adapter provided with your ONT or the AC adapter meeting the electrical requirements
suitable for your geographic location.

Item Part Number Description


ONT-2-E4xxxi-** or Where ** is one of the following: EPON Multi-service Residential
Gateway.
ONT-2-E4xxxiWn-** -US United States
-UK United Kingdom
-EU Europe
-AU Australia

Note: The ONT-2-E4020iWn and ONT-2-E4021iWn have two attached antennas. Do not attempt to detach
the antennas.

Product Support
For technical support: phone +1 888.AURORA6 (888.287.6726) toll-free (U.S., Canada, P.R.), or
Toll +1 408.850.8249, or e-mail tac@aurora.com.
For questions about or comments on this manual: phone +1 408.235.7061 or e-mail
techpubs@aurora.com.

Comments and Feedback


We have made every effort to ensure that this manual describes the product completely and correctly,
and we encourage your feedbackyour comments and corrections are welcome. Submit comments by
sending e-mail directly to techpubs@aurora.com.

TM 87-10878 Rev. A xi
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

xii TM 87-10878 Rev. A


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Chapter 1 Introduction and Product Overview

1.1 Introduction
This guide describes the web-based GUI interface embedded in the ONT-2-E4xxxi Multi-service
Residential Gateway Series ONTs. You can use the GUI screens to easily configure the Residential
Gateway (RG) and wireless (Wi-Fi) features on your EPON gateway. You can set up the following
types of configurations using the web GUI screens:

Device information: Wide Area Network (WAN), statistics, routing, Address Resolution
Protocol (ARP)
Advanced Setup:
Layer2 interface--EPON and Ethernet interfaces
WAN service setup: IP over Ethernet, Bridging
Local Area Network (LAN) configurationEnable IGMP Snooping and LAN
firewall, VLAN setup, IPv6 Autoconfig
Network Address Translation (NAT) setupVirtual servers, port triggering, DMZ
host
SecurityIP Filtering, MAC Filtering
Parental ControlTime Restriction, URL Filter
Quality of Service (QoS)QoS Queue, QoS Policer, QoS Classification, QoS Port
Shaping
RoutingDefault Gateway setup, Static Route, Policy Routing, RIP
Universal Plug and Play (UPnP) configuration
Domain Name Server (DNS) Proxy
Interface Grouping configuration
IP Tunnel configurationIPv6inIPv4, IPv4inIPv6
Multicast configuration
Wireless (Wi-Fi):
Basic
Securitymanual configuration, Wi-Fi Protected Setup (WPS), Wired Equivalent
Privacy (WEP) encryption
MAC Filter, Wireless Bridge, and Advance Features configuration, and Station Info
status
Voice: SIP basic, advanced, and debug settings
Diagnostics tests to test the connection to your local network
Management: Backup settings, System and Security Logs, SNMP agent, TR-069 (WAN
Management Protocol) to perform auto configuration activities, Passwords Control, Update
Software, and Reboot functions

TM 87-10878 Rev. A 1
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1.2 Overview of ONT-2-E4xxxi Multi-service Residential Gateway Series


The ONT-2-E4xxxi Multi-service Residential Gateway Series of Optical Network Terminals provide
basic and optional features supporting current and future business and consumer connectivity needs for
data, IPTV (including high-definition TV), Voice over IP (VoIP), and triple-play services. All ONTs in
the family support the latest Residential Gateway features, including high-speed EPON and Turbo-
EPON communication to the Cable Operator or ISP WAN network, firewall security, efficient
provisioning, and up to 1 Gbps (1000BASE-T) connectivity to four independent LANs on the
customer premise. Optional features for Wi-Fi, Voice over IP, and RF Video Overlay are also
available.
The ONT-2-E4021iWn is a full-featured EPON ONT Residential Gateway, featuring a 4-port RJ-45
10/100/1000BASE-T Gigabit Ethernet switch, 2 POTS ports for VoIP, 1 RF Video Overlay port, and
IEEE 802.11n wireless (Wi-Fi) access. The ONT-2-E4020iWn is the same basic unit as the E4021iWn
without the RF Video; the ONT-2-E4021i and ONT-2-E4001i provide RF Video without Wi-Fi; the
ONT-2-E4020i has no Wi-Fi and RF Video; the ONT-2-E4000i only provides the four 1000BASE-T
ports.
Support for the Trident7 Element Management Suite (EMS) is built in for service provisioning and
management of data, IPTV video, and VoIP services. Provisioning of Wi-Fi and RG services are
supported through a Web-based GUI interface. You can upgrade the ONT-2-E4xxxi Series gateways to
the latest firmware remotely through the Web-based GUI or the Trident7 EMS.
See Table 1 for a brief overview of interfaces, ports, VoIP, RF video, Wi-Fi, data, and IPTV services
on each EPON Multi-service Residential Gateway. The various features are described in subsequent
sections of this guide.

Table 1 Multi-service Residential Gateway Interfaces and Services

Multi-service Gigabit POTS Port RF Overlay Wi-Fi Data and Residential


Residential Ethernet VoIP Port Service IPTV Gateway (RG)
Gateway (GE) Service RF Video (Wireless) Service Features
Series Interfaces Service
ONT-2-E4000i 4 NA NA NA X X

ONT-2-E4020i 4 2 NA NA X X

ONT-2-E4021i 4 2 1 NA X X

ONT-2-E4001i 4 NA 1 NA X X

ONT-2-E4020iWn 4 2 NA X X X

ONT-2-E4021iWn 4 2 1 X X X

2 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1.3 Network Deployment of ONT-2-E4xxxi Residential Gateway Series


The following diagram illustrates an example of a typical network deployment of the ONT-2-E4xxxi
Multi-service Residential Gateway Series.

1.4 Ports and InterfacesRear Panel

Ports on the ONT-2-E4xxxi Multi-service Residential Gateway Series are located on the rear panel.
See Figure 1 for a view of the ports and interfaces on an example ONT-2-E4021iWn, where the
difference from the ONT-2-E4020iWn is the RF Video Overlay port. Figure 1 shows that an ONT-2-
E4021iWn has one RF Video Overlay port, in addition to the four 10/100/1000BASE-T Gigabit
Ethernet ports (LAN1 to LAN4), two voice ports (Phone1 Phone2), WiFi and WPS buttons and
the two antennas that support wireless. Ports and interfaces on an ONT-2-E4021i would be the same,
except there would not be any WiFi and WPS buttons nor antennas.

Figure 1 Rear Panel Ports on ONT-2-E4021iWn

The following table describes all ports and interfaces available on the rear panel of ONTs in the ONT-
2-E4xxxi Series family. For a description of the optical fiber connector, located in the left end
compartment (shown in Figure 1), see Figure 2.

TM 87-10878 Rev. A 3
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Table 2 Rear Panel Ports on ONT-2-E4xxxi Multi-service Residential Gateways

Interface Description
ON/OFF Power ON/OFF switch. Depress button to turn on. Power off the device when it is not in
use, for power saving.
CAUTION: Beware of accidentally pressing this buttonit will turn off the ONT.

Power Connect to the supplied power adapter.

Backup Power Connect to an external power supply.


(Battery)

RF Connect to an RF video port for delivery of RF video services over 75 Ohm RG-6
coaxial cable.
(RF-capable models:
ONT-2-E4021i, ONT-
2-E4021iWn, ONT-2-
E4001i)

Reset Restore to factory defaults. If you power on the device and use a thin needle to press
the Reset button for over one (1) second, the ONT is automatically reset and is restored
to the factory default settings. If you cannot log in to the ONT or forget your
username/password, press this button for over one (1) second to restore to the default
username and password.

WPS Press to activate Wi-Fi Protected Setup (WPS) for a period of time. Activating WPS in
this manner may override your disabling WPS via the GUI interface.

WiFi (Wireless) The WiFi button is reserved for future use.

(WiFi-capable
models: ONT-2-
E4020iWn
ONT-2-E4021iWn)

LAN1, LAN2, LAN3, RJ-45 Ethernet interface with the self-adaptive rate of 10/100/1000 Mbps, for
LAN4 connecting to the local network.
10/100/1000BASE-T
Gigabit Ethernet
ports

Phone1 Connect these two voice ports to an analog phone set with a RJ-11 cable.
Phone2
(all models except
ONT-2-E4000i and
ONT-2-E4001i)

USB The USB port is reserved for future use. In the future, the standard USB connector
might accommodate back up of local configuration data and firmware updates via mass
storage media, such as a flash drive.

4 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1.5 Interfaces Description


This section describes the various hardware interfaces on the ONT-2-E4xxxi Multi-service Residential
Gateway series. See Figure 1 for the location of the interfaces and ports on the EPON gateway.
All ONTs in the series feature a high-speed PON interface to the outside world that is IEEE 802.3ah
EFM (Ethernet First Mile) compliant, supporting bi-directional communications at 2 (2.488) Gbps
downstream and 1 (1.244) Gbps upstream (Turbo-EPON) speeds.

1.5.1 Ethernet Connections


The ONT-2-E4xxxi Multi-service Residential Gateway Series provides four switched Ethernet
10/100/1000 Base-T RJ-45 copper wire twisted pair interfaces for direct connection to a PC or
Ethernet set top box, or indirect connection to other Ethernet equipment via an attached switch, hub, or
router.
All Ethernet ports are switched interfaces, meaning that each port can act as part of a separate
independent network segment, hence video or data traffic can be restricted to the port for which it is
intended.
The IEEE 802.3x-compliant gigabit Ethernet 10/100/1000Base-T interfaces auto-detect whether the
connecting cable is a straight-through or cross-over type and configure themselves accordingly. In
addition, the interfaces auto-negotiate (by default) to match the speed of the remote device.
The link length can be no greater than 100 m (328 ft), which is the Ethernet standard.

1.5.2 EPON SC/APC Fiber Optic Network Interface


The ONT-2-E4xxxi Multi-service Residential Gateway Series supports one EPON optical interface
via an SC/APC connector located on the left-side rear panel for the Network Interface (NI) connection.
This interface accepts a single mode fiber terminated with an SC/APC connector. The SC/APC PON
connector is smartly enclosed by a small plastic removable cover that, when snapped into place,
protects the connector from becoming dislocated or separated from the ONT. See Figure 2 for the
optical fiber connector location, where the fiber is shown routed through the smaller aperture for wall
mounting.

Figure 2 SC/APC Optical Fiber Interface Port

TM 87-10878 Rev. A 5
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

A small screw located in the unit holds the cover in place. The network connector and network EPON
fiber must be wired to the premises by the service provider or contractor in an appropriate location
before the EPON Multi-service Residential Gateway can be installed.

The ONT-2-E400i supports an UPC connector, not an APC connector. UPC connectors are blue in color.
Note

1.5.3 Voice Telephony Interfaces (Standard Telephone)


The ONT-2-E4020i, ONT-2-E4021i, ONT-2-E4020iWn, and ONT-2-E4021iWn provide two
independent standard analog voice ports. The voice ports are commonly known as Plain Old
Telephone Service (POTS) ports. These connections provide toll quality voice through a Voice over IP
(VoIP) connection. Refer to Figure 1for the location of the telephone connectors, labeled Phone1 and
Phone2. The voice ports on the ONT use RJ-11 modular jacks, with one line per jack, wired in a
standard two-wire configuration.
You can attach a standard household telephone to these ports to make voice calls. Call setup and
signaling is provided via the Session Initiation Protocol (SIP) for interoperating with industry standard
VoIP switches, and analog voice data is converted to IP packets for transmission over the service
providers network. The ONT-2-E4020i, ONT-2-E4021i, ONT-2-E4020iWn, and ONT-2-E4021iWn
support a wide variety of telephony features, such as silence suppression, voice activity detection,
comfort noise generation, echo cancellation, call waiting, call transferring, and Caller ID.
A broad range of codecs is supported. FAX Transmission with T.38 fax relay and G.711 pass-through
are also supported modes of operation.

The RJ-11 POTS (Standard Telephone) ports support a REN (Ringer Equivalency Number) load of four
Note (4).

1.5.4 IEEE 802.11n Wireless Access Point with Support for Secured Access
The ONT-2-E4020iWn and ONT-2-E4021iWn units feature an integrated 802.11b/g/n Wireless
Access Point that provides flexible connectivity between wired, wireless, and broadband networks.
The Wi-Fi Protected Access (WPA) and Wired Equivalent Privacy (WEP) features enhance the
security level of data protection and access control via Wireless LAN. The unit is backward compatible
with existing and installed 802.11g and 802.11b equipment. WPS (Wi-Fi Protected Setup) is used for
easy establishment of secured wireless networks.

1.5.5 RF Overlay (RF Video Service)


The ONT-2-E4021i, ONT-2-E4021iWn, and ONT-2-E4001i units support both IP video and RF video
service. The RF video overlay service on these units enables delivery of RF video as an overlay onto
the PON stream that is delivering IP video, voice, and data over the same single fiber. The RF Overlay
is a downstream overlay of 1550nm that is added to the same PON fiber with wavelength-division
multiplexing (WDM). The RF F Type Connector is found on the rear panel of the unit.

6 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1.5.6 Power
The EPON Multi-service Residential Gateway is shipped with an AC/DC power adapter that accepts a
rated input voltage of 100-240 volts AC and provides an output voltage of 12 VDC to the ONT. The
EPON Multi-service Residential Gateway has a minimum input current rating of 1.5 AMPS. The
power adapter (also referred to as power supply) shipped with the ONT is equipped with an AC plug
that is suitable for the country or region of sale.
The EPON Multi-service Residential Gateway supports a backup power connector in the rear panel of
the ONT that is marked as a Backup Power connector. The backup power connector is an 8-pin
connector. It is intended for a backup power supply with alarm inputs. See Figure 3 for a closeup of the
Backup Power connector in the rear panel of the ONT.

Figure 3 Rear Backup Power Connector

The EPON Multi-service Residential Gateway also supports an additional backup power connector on
the side. This backup power connector is reserved for a future feature. See Figure 4 for a closeup of the
side backup power connector.

Figure 4 Side Backup Power Connector

1.6 Supported Residential Gateway (RG) Features


All ONT-2-E4xxxi Multi-service Residential Gateway Series support the following Residential
Gateway features.

1.6.1 Network Address Translation (NAT)/NAPT (Network Address Port Translations)


NAT and NAPT simultaneously allow multiple users to access outside resources (such as the Internet)
with one IP address/one Internet access account.

TM 87-10878 Rev. A 7
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1.6.2 Domain Name System (DNS) Relay and Dynamic Domain Name System (DDNS)
A DNS Relay provides an automatic way to associate a domain name (a user-friendly name such as
www.yahoo.com) and IP address of a service or device. When a local machine sets its DNS server with
this relays IP address, every DNS conversion request packet from the PC to this gateway will be
forwarded to the real DNS in the outside network.
The DDNS service allows you to alias a dynamic IP address to a static hostname. This dynamic IP
address is the WAN IP address. For example, to use the service, you must first apply for an account
from a DDNS service, such as http://www.dyndns.org/. More than five (5) DDNS servers are
supported.

1.6.3 Dynamic Host Configuration Protocol (DHCP) Client and Server


As part of the Residential Gateway features, the ONT includes a DHCP server that can serve IP
addresses to CPEs attached to the LAN ports. From the WAN side, the ONTs DHCP client can obtain
a WAN IP address directly from the Internet Service Provider (ISP) automatically. For LAN-attached
customer devices, the DHCP server in the ONT can allocate a range of client IP addresses and
distribute them, including IP address and subnet mask, as well as DNS IP address to local computers.
Layer 2 DHCP relay (with Option 82) is also supported.

1.6.4 Security Firewall and Rich Packet Filtering


A firewall with rich packet filtering process not only filters the packet based on an IP address, but also
based on Port numbers. Packets will be filtered from and to the Internet, providing a higher level of
security control.

1.6.5 Advanced Quality of Service,


The ONT-2-E4xxxi Multi-service Residential Gateway Series supports advanced QoS features,
including rate limiting on a per port basis, bandwidth management, and Traffic Prioritization based on
Layer 2 Class of Service (802.1p) and Layer 3 DiffServ markings.

1.6.6 Virtual Server


Users can specify services to be visible from the WAN side of the EPON Multi-service Residential
Gateway. The gateway can detect incoming service requests and forward either a single port or a range
of ports to the specific local computer for dispensation. For example, a user can assign a PC in the
LAN acting as a WEB server inside and expose it to the outside network. Outside users can browse
inside web servers directly while it is protected by NAT. A DMZ host setting is provided to a local
computer exposed to the outside network.

1.6.7 Flexible Management Interfaces including Web GUI


The ONT supports Ethernet OAM per IEEE 802.3 specifications through flexible management
interfaces with LAN and WAN ports. Users can use Telnet, Web GUI, and SNMP through the WAN
and LAN ports to configure and manage the device. Provisioning of Wi-Fi and RG services are
supported through the Web-based GUI interface. Support for the Trident7 Element Management Suite
(EMS) is built in for service provisioning and management of data, IPTV video, and VoIP services.

8 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

You can upgrade the ONT-2-E4xxxi Series gateways to the latest firmware remotely through the Web-
based GUI and through the Trident7 EMS.

1.7 Product Specifications

The ONT-2-E4xxxi Series has the following environmental, power, and product specifications:

1.7.1 Environmental Specifications


Operating temperature range: 0C to +40C (+32F to +104F)
Storage temperature range: -20C to +70C (-4F to +158F)
Humidity (Operating): 10% to 90%, non-condensing
Humidity (Storage): 5% to 95%, non-condensing

1.7.2 Power Specifications


Input: unit is supplied with an AC/DC adapter, 100 - 240 V AC input
Output: 12 V DC
Power consumption: TBD

1.7.3 Optical Interface


Connector: SC/APC Fiber: G.652 single mode fiber
IEEE 802.3ah (1G-EPON) compliant
Supports FEC
Transmission speed:

1 Gbps and 2 Gbps (Turbo-EPON) downstream


1 Gbps upstream
Downstream:

Receive Wavelength (data): 1490 nm 10 nm


Receive Wavelength (RF Video): 1555 10 nm
Receive sensitivity @ 1490 nm (min-max): -8 to -28 dBm (without FEC)
Receive sensitivity @ 1550 nm (min-max): -8 to +2 dBm
Upstream:

Transmit Wavelength: 1310 nm 20 nm


Minimum output optical power: +0.5 dBm
Maximum output spectrum width (with -20 dB loss): 1 nm:

1.7.4 Ethernet Interface


Number of ports: 4 (four) 10/100/1000 Mbps (1000BASE-T)

TM 87-10878 Rev. A 9
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Connectors: RJ-45
Auto negotiation: IEEE 802.3, 10/100/1000BASE-T, full duplex/halfduplex, supports MDI/MDIX
VLAN: IEEE802.1q

Link distance max: 100 m (328 ft)

1.7.5 Wireless Access Point for the ONT-2-E4020iWn and ONT-2-E4021iWn


Wi-Fi Standard: 802.11b/g/n
2X2 MIMO: 2 physical antennas
WEP and WPA Security
Multiple SSID Support

1.7.6 Telephone Interface


Only the ONT-2-E4000i and ONT-2-E4001i do not have voice ports or a telephone interface.
Number of ports: 2
Connectors: RJ-11
Transmission Distance: Up to 1 km

10 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Chapter 2 Before Configuring Your ONT


Before you start configuring Residential Gateway, wireless and system parameters on the ONT-2-
E4xxxi unit, be familiar with the ONTs default settings. This chapter lists the default
username/password to log in to the Web GUI, default IP address and subnet mask, default DHCP
server IP address, and default LAN and WAN port IP addresses.

2.1 Factory Default Settings


Before configuring the ONT-2-E4xxxi unit, you need to know the following default settings.

2.1.1 Username and Password for Web GUI Interface


There are administrator-level, user-level (subscriber), and support-level permissions to log in to the
web GUI interface. Each level of permission has its limit to access and modify the Web GUI screens.
This manual is intended for operator or other personnel with administrator privileges and describes all
screens accessible to those with administrator-level permissions.

2.1.1.1 Administrator-Level
An operator or personnel granted administrator privileges can log in to the Web GUI from the LAN
side by using the following default username and password:

Username: admin

Password: admin

2.1.1.2 User-Level
If you have user or subscriber-level permissions, you can log in to the Web GUI from the LAN side by
using the following default username and password:

Username: user

Password: user

2.1.1.3 Support-Level
If you are field support technicians or personnel with support-level permissions, you can log in to the
Web GUI through the PON by using the following default username and password:

Username: support

Password: support

Note: If you have forgotten your username or password for the ONT-2-E4xxxi device, you can
restore your device to its default setting by pressing the Reset button and holding it for over one
(1) second.

TM 87-10878 Rev. A 11
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

2.1.2 Device LAN IP Settings


IP Address: 192.168.1.1

Subnet Mask: 255.255.255.0


You must configure your PC to obtain an IP address through a DHCP server or a fixed IP address that
should be in the same subnet as the ONT-2-E4xxxi unit. The default IP address of the ONT-2-E4xxxi
unit is 192.168.1.1 and the subnet mask is 255.255.255.0 (that is, any attached PC must be in the same
subnet and have an IP address in the range of 192.168.1.2 to 192.168.1.253).

The easiest method is to configure the PC to get an IP address automatically from the ONT-2-E4xxxi
unit using DHCP.

2.1.3 ISP Setting in WAN Site


DHCP (Dynamic Host Configuration Protocol) is used.

2.1.4 DHCP Server


DHCP server is enabled.

DHCP assigned IP Addresses: 192.168.1.2 to 192.168.1.254

2.1.5 LAN Port Addresses


The parameters of LAN and WAN ports are pre-set in the factory. The default values are shown in the
following table.

LAN Port
IP address 192.168.1.1

Subnet Mask 255.255.255.0

DHCP server function Enabled

IP addresses for distribution to PCs 100 IP addresses continuing from


192.168.1.100 through 192.168.1.253

2.2 Accessing Your ONT-2-E4xxxi Unit and Web GUI


This section describes how you can log in to the ONT-2-E4xxxi unit and Web GUI using your web
browser.

You can easily access the ONT-2-E4xxxi unit and Web GUI through your web browser. For Internet
Explorer users, you need IE 5.0 or above installed on your computer. You may have to set up your PC
to talk to the ONT. Your configuration is based on your PC operating system.
Be aware that the web GUI interface can only be accessed by one PC at a time. Therefore, when a PC
has logged into the web GUI interface, other users cannot access the system interface until the current
user has logged out of the system. If the previous user forgets to log out, the second PC can only access

12 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

the web GUI interface after a user-defined, automatic logout period expires. The default automatic
logout period is 3 minutes.

2.2.1 Saving Configuration Changes


Once you make any configuration changes through the Web GUI, the changes are automatically saved.

2.2.2 Logging Out


To exit the Web GUI interface, simply close your web browser.

2.2.3 Connecting to the GUI Interface of the ONT


1. Open your web browser and type http://192.168.1.1 in the browser's address box. This is the
default IP address for this ONT. Press Enter.
2. A username and password window will appear. The default username and password for operator-
level privileges are admin and admin respectively. Press OK to proceed.

3. If the authentication succeeds, the ONTs GUI homepage Device Info screen displays:

TM 87-10878 Rev. A 13
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Figure 5 Device Info Screen

14 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Chapter 3 Configuring Device Information


Once you have logged in to the Web GUI of the ONT-2-E4xxxi Series via your web browser, the
Device Info Summary screen displays. You can view the following information under the Device Info
menu:

Summary
WAN Information
Statistics Information
Route Device Info
ARP Device Info
DHCP Device Info

3.1 Summary
You can view a summary of the general status of the ONT-2-E4xxxi unit by clicking on the Summary
menu item under Device Info. You can view specific information for the ONT, such as board ID, base
MAC address, software version, Bootloader version, wireless driver version, voice service version, and
uptime information. You can also view Wide-Area Network (WAN) connection status information.

TM 87-10878 Rev. A 15
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

3.2 WAN Information


Click on the WAN menu item under Device Info to display the WAN Device Info screen. To evaluate
Wide Area Network (WAN) connections, you can view interface and interface description information,
connection type, VLAN Mux (Multipler) ID, IPv6 enabled or disabled status, Multicast Listener
Discovery (MLD) enabled or disabled status, Internet Group Management Protocol (IGMP) enabled or
disabled status, Network Address Translation (NAT) enabled or disabled status, firewall enabled or
disabled status, and IPv4 and IPv6 address data.

3.3 Statistics Information


You can view LAN and WAN statistics about packets received and transmitted on LAN interfaces on
the ONT-2-E4xxxi unit by clicking on Statistics.

3.3.1 LAN Statistics


You can view statistics about packets received and transmitted on Local Area Network (LAN)
interfaces on the ONT-2-E4xxxi unit by clicking on LAN under Statistics.

16 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1. Interface: The mapping of interface names to the physical Ethernet LAN ports, wireless port, and
USB port is described as follows.

For all ONT-2-E4xxxi models, except ONT-2-E400i

Port Interface name (GUI)


LAN1 eth4

LAN2 eth5

LAN3 eth3

LAN4 eth2

Wireless (antennas) wl0 is the wireless interface if


you have a wireless model. .

USB usb0 interface will always


(reserved for future use) show no data (zeroes).

2. Received: shows the number of Bytes, Pkts (packets), Errs (errors), and Drops (dropped packets)
received on that interface.
3. Transmitted: shows the number of Bytes, Pkts (packets), Errs (errors), and Drops (dropped
packets) transmitted on that interface.

3.3.2 WAN Service Statistics


You can view statistics about packets received and transmitted on Wide Area Network (WAN)
interfaces on the ONT-2-E4xxxi unit by clicking on WAN Service under Statistics.

Reset Statistics: Click to reset the numbers.

TM 87-10878 Rev. A 17
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

3.4 Route Device Info


By interface, you can view route destination, gateway, subnet mask, flag indicator, metric, and service
information by clicking on Route under Device Info. Note the types of indicators for Flag on the
screen.

3.5 ARP Device Info


You can view the Address Resolution Protocol (ARP) status information by clicking on ARP under
Device Info: IP address, Flag indicator, Hardware MAC address, and device name information.

18 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

3.6 DHCP Device Info


You can view Dynamic Host Configuration Protocol (DHCP) lease information, such as host name,
MAC address, IP address, and expiration information by clicking on DHCP under Device Info.

TM 87-10878 Rev. A 19
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

20 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Chapter 4 Advanced Setup


Under Advanced Setup, you can view and configure the following types of information:

Layer 2 Interface (EPON and Ethernet interfaces)


WAN Service (including setting up WAN-side firewall)
LAN (including setting up LAN-side firewall)
NAT--NAT Virtual Server, Port Triggering, and DMZ Host
SecurityIP Filtering and MAC Filtering
Parental Control
Quality of Service (QoS)QoS Queue, QoS Policer, QoS Classification, and QoS Port Shaping
RoutingDefault Gateway, Static Route, Policy Routing, and RIP Routing
Domain Name Service (DNS)DNS Server and Dynamic DNS
Universal Plug and Play (UPnP)
DNS Proxy
Interface Grouping
IP Tunnel--IPv6inIPv4 (6in4) and IPv4inIPv6 (4in6)
Multicast

4.1 Layer 2 Interface


You can configure EPON and Ethernet interfaces by clicking the Layer2 Interface menu item under
Advanced Setup.

4.1.1 Layer 2 EPON Interface


You can add or remove EPON WAN interfaces by clicking the EPON Interface menu item under
Layer2 Interface in the Advanced Setup menu. Be sure to leave one interface as an EPON WAN
interface. The following screen shows that interface epon0 is the layer 2 EPON WAN interface.

TM 87-10878 Rev. A 21
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Click on the Add button. The EPON WAN Configuration screen is displayed to allow you to add and
configure an EPON WAN port.

To remove an EPON interface, select the interface to be removed by clicking the Remove checkbox next
to that interface. Then click the Remove button.

22 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

4.1.2 Layer 2 Ethernet Interface


You can add or remove Ethernet WAN interfaces by clicking the ETH Interface menu item under
Layer2 Interface in the Advanced Setup menu.

Click on the Add button. The ETH WAN Configuration screen is displayed to allow you to add and
configure an Ethernet WAN port.

TM 87-10878 Rev. A 23
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

To remove an Ethernet interface, select the interface to be removed by clicking the Remove checkbox
next to that interface. Then click the Remove button.

4.2 WAN Service


You can set up WAN parameters as instructed by your ISP.
1. Select the WAN Service menu item under Advanced Setup.
The Wide Area Network (WAN) Service Setup screen displays and shows detailed information
about each WAN interface, such as whether VLAN is configured, VLAN Mux (Multipler) ID,
whether IGMP or NAT or the WAN-side firewall is enabled.

To select and add a new WAN interface for this service, click on the Add button. The WAN Service
Interface Configuration screen appears (see below).
To change any parameter for an interface, click the Edit button next to the interface and the
Network Address Translation Settings screen displays for you to edit NAT, firewall, and IGMP
Multicast settings. Go to Step 0 by clicking on 4.
To remove an Ethernet interface, select the interface to be removed by clicking the Remove
checkbox next to that interface. Then click the Remove button.

24 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

a. Click on the drop down menu to select a Layer 2 interface to add to the WAN service.
2. Click on the Next button to display the WAN Service Configuration screen.

a. Select WAN service type: select Routed (IP over Ethernet) or Bridging service type.

TM 87-10878 Rev. A 25
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

In this example, Routed service type is selected.


b. Enter Service Description: Type in a service description of the WAN interface you
are adding.
c. For tagged service (802.1P priority level and 802.1Q tagging):
Enter 802.1P Priority [0-7]: Enter the priority level (0 best effort to 1 lowest priority
to 7 highest priority) that is used to prioritize different classes of traffic (such as voice,
video, data). Typically voice traffic receives the highest priority.
The QoS 802.1P priority tagging allows you to assign a priority (0 to 7) to outbound
packets containing a particular VLAN ID. The 802.1 priority determines the outbound
port queue to which the packet is sent.
Enter 802.1Q VLAN ID [0-4094]: Enter the 802.1Q VLAN ID from range of 0 to
4094 for this tagged service.
d. For untagged service, enter -1 for both 802.1P Priority and 802.1Q VLAN ID.
e. Network Protocol Selection: select IPV4 Only, IPv4&IPv6 (Dual Stack), or IPv6
only.
f. Next: click to display the WAN IP Settings screen.
3. If you selected Routed service type and clicked Next, the WAN IP Settings screen displays:

26 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

a. Your ISP provided the information for you to configure WAN IP settings. You can
choose DHCP to automatically obtain an IP address or use a Static IP address.
b. If you select Obtain an IP address automatically, you are enabling DHCP for the
Permanent Virtual Circuit (PVC) in IP over Ethernet (IPoE) mode.
c. If you select Use the following Static IP address, you must enter static addresses for
the WAN IP address, subnet mask, and gateway IP address.
d. Back: click Back to return to the previous screen.
e. Next: click next to display the Network Address Translation Settings screen:

Network Address Translation (NAT) Settings Configuration


If you clicked on Edit in the WAN Service Setup screen to edit WAN settings for an interface, the
Network Address Translation Settings screen (above) also displays for you to edit NAT, firewall,
and IGMP Multicast settings.
f. Enable NAT: click the checkbox to enable NAT functionality
g. Enable Firewall: click the checkbox to enable firewall protection
h. Enable IGMP Multicast: click the checkbox to enable Internet Group Management
Protocol (IGMP) Multicast. IGMP is used by hosts and adjacent routers on IP networks
to set up group memberships for Multicast service. IGMP is used on IPv4 networks.
IGMP is used for one-to-many applications, such as online streaming video and
gaming.

TM 87-10878 Rev. A 27
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

i. No Multicast VLAN Filter:


j. Back: click Back to return to the previous screen.
k. Next: click next to display the RoutingDefault Gateway screen. You can
designate the system default gateways in priority order in this screen.

i. Selected Default Gateway Interfaces: select the interface from the


Available Routed WAN Interfaces box to be used as a default gateway.
Click the left arrow to move the selected interface to the Selected Default
Gateway Interfaces box. You can also click the right arrow to move the
interface back.
ii. Available Routed WAN Interfaces: move an available interface to the
Selected Default Gateway Interfaces box. You can change the default
gateway priority order of the interface by removing all the interfaces and
adding them back in the desired order.
l. Click Next to display the DNS Server Configuration screen. You can select an
interface to be the DNS Server Interface from available WAN interfaces or enter static
DNS server IP addresses (primary and secondary). You can have multiple interfaces
serve as DNS servers with the use order based on the priority order. You can change
the priority order by removing all the interfaces and adding them back in a different
order.

28 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

i. Select DNS Server Interface from Available WAN Interfaces: select an


interface from the Available WAN Interfaces box and move it by clicking
the left arrow to the Selected DNS Server Interfaces box.
ii. Use the following Static DNS IP address: you can enter static IP addresses
for the DNS server instead of selecting an interface. In ATM mode, if only a
single PVC with IPoA or static IPoE protocol is configured, static DNS server
IP addresses must be entered.
m. Next: click to display the WAN SetupSummary screen. You can view a summary
of the configuration settings you entered for the WAN interface. Make sure your
settings match the settings provided by your ISP.

TM 87-10878 Rev. A 29
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

n. Apply/Save: Click on the Apply/Save button to apply the change and save the
configuration.
4. If you selected Bridging service type in the WAN Service Configuration screen, an example
screen is shown below.

30 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Note: When the ONT is in bridging mode, the ONT simply passes the packet from the LAN side to
the WAN side without inspecting or altering the data in the packet as the packet passes through. A
cable modem typically operates in bridging mode.
a. Enter Service Description: Type in a service description of the WAN interface you
are adding.
b. For tagged service (802.1P priority level and 802.1Q tagging):
Enter 802.1P Priority [0-7]: Enter the priority level (0 best effort to 1 lowest priority
to 7 highest priority) that is used to prioritize different classes of traffic (such as voice,
video, data). Typically voice traffic receives the highest priority.
The QoS 802.1P priority tagging allows you to assign a priority (0 to 7) to outbound
packets containing a particular VLAN ID. The 802.1 priority determines the outbound
port queue to which the packet is sent.
Enter 802.1Q VLAN ID [0-4094]: Enter the 802.1Q VLAN ID from range of 0 to
4094 for this tagged service.
c. For untagged service, enter -1 for both 802.1P Priority and 802.1Q VLAN ID.
d. Next: click to display the WAN Setup--Summary screen. You can view a summary of
the configuration settings you entered for the WAN interface. Make sure your settings
match the settings provided by your ISP.

e. Apply/Save: Click on the Apply/Save button to apply the change and save the
configuration.

TM 87-10878 Rev. A 31
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

4.3 LAN
You can set up the following various LAN parameters under Advanced Setup:

LAN
LAN VLAN Setting
IPv6 Autoconfig

4.3.1 LAN
Click on the LAN menu item under Advanced Setup. The Local Area Network (LAN) Setup screen
displays.

1. Configure the Broadband Router IP Address/Subnet Mask for LAN interface: select the Group
Name.
2. IP Address/Subnet Mask: you can modify the IP address and subnet mask to conform to your
LANs IP subnet in the IP Address and Subnet Mask fields.

32 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

3. Enable IGMP Snooping: you can enable or disable by checking or unchecking the checkbox. If you
will be multicasting, for example video streaming, you can enable IGMP Snooping.
Internet Group Management Protocol (IGMP) specifies how a host can register to a router to receive
specific multicast traffic. IGMP snooping prunes multicast traffic at Layer 2 by configuring Layer 2
LAN ports dynamically to forward multicast traffic only to those ports that want to receive it.
Standard Mode: disables blocking of unknown multicast addresses.
Blocking Mode: blocks unknown multicast addresses.
4. Enable LAN side firewall: click to enable the firewall on the LAN side.
5. Disable DHCP Server: click to disable using the DHCP server function because you want to
manually assign IP addresses.
6. Enable DHCP Server: click to enable the DHCP server to automatically assign IP addresses.
Enter the Start IP Address and End IP Address that is the range of IP addresses that the DHCP server
can assign.
Leased Time: you can change the DHCP Leased Time in hours. The default is 24 hours. The IP
address assigned to the requestor(client) by the DHCP server is valid for the specified leased time.
The client needs to renew IP address prior to expiry of the lease to continue to maintain IP
connectivity.
7. To add DHCP MAC or Static IP address entries, click on the Add Entries button.
The DHCP Static IP Lease screen displays.

TM 87-10878 Rev. A 33
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

To add a static IP address or MAC address entry to the DHCP Static IP Lease List, enter the MAC or
IP address. Then click the Apply/Save button to apply the change and save the configuration.
8. To remove DHCP MAC or Static IP address entries, click on the Remove Entries button.
9. Configure the second IP Address and Subnet Mask for LAN interface: check the checkbox to
add a second IP address and subnet mask. When the IP Address and Subnet Mask fields display,
enter the information.
10. Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.

Note: To make the new configuration effective, you must reboot the switch or router with the Reboot
option under the Management menu in the left panel.

4.3.2 LAN VLAN Setting


You can add or remove various VLAN parameters by selecting the LAN VLAN Setting menu item
under Advanced Setup. The Local Area Network (LAN) VLAN Setup screen displays.

1. Select a LAN port from the drop down menu.

34 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

2. Enable VLAN Mode: Click to enable (Dynamic) VLAN mode that allows a switch to automatically
configure a port for a specific VLAN, based on the MAC address of the device.
3. Add: Click the Add button to add a new VLAN by VLAN ID.
4. In this step, you are adding a new VLAN after clicking the Add button.

a. Vlan ID: enter the VLAN ID you want to add.


b. Pbits: This is a user priority value of traffic type ranging from 0 to 7, with a higher
value indicating a lower priority. The default value is 5 (Best Effort) and a value of 7
indicates Background.
c. Remove: check the Remove field next to the VLAN ID you wish to delete, and then
click the Remove button to delete the specified VLAN ID.
5. Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.

Note: To make the new configuration effective, you must reboot the switch or router with the Reboot
option under the Management menu in the left panel.

4.3.3 IPv6 Autoconfig


There are two types of autoconfiguration in an IPv6 network--stateful and stateless.
The DHCP for IPv6 (DHCPv6) protocol provides stateful address configuration to IPv6 hosts. Stateful
autoconfiguration is IP address assignment through a DHCPv6 server, based on flags in the router
advertisement message sent by a neighboring router.
Stateless DHCPv6 means the DHCP server is not required to store any state information about DHCP
clients. Instead, clients configure their own IPv6 address through a non-DHCPv6 based method, such as

TM 87-10878 Rev. A 35
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

IPv6 address auto-configuration (based on the IPv6 prefixes included in router advertisement messages)
or static IP address configuration. With stateless DHCPv6, DHCP clients do not use the DHCPv6 server
to obtain IP address information, but to obtain other information, such as the DNS server address.
Select the IPv6 Autoconfig menu item under LAN. The IPv6 LAN Auto Configuration screen
displays.

1. Static LAN IPv6 Address Configuration: Enter the IPv6 interface address.
IPv6 LAN Applications:
2. Enable DHCPv6 Server: select to enable the DHCPv6 server and display the following fields.
a. Stateless: select for stateless DHCPv6. See description in section 4.3.3.
b. Stateful: select for stateful DHCPv6. Stateful DHCPv6 is supported based on the
assumption of a prefix length less than 64 bits. Also see description in section 4.3.3.
c. Start and End Interface Id: The interface identifier is the last 64 bits of an IPv6
address. Clients can use the MAC address of their network interface to determine the
interface ID. Interface ID does not support ZERO COMPRESSION "::".
d. Leased Time (hour): enter in hours.
3. Enable RADVD: select to enable Router Advertisement Daemon (RADVD) and display the
following fields. RADVD is used in stateless IPv6 autoconfiguration. RADVD implements link-
local advertisements of IPv6 router addresses and IPv6 routing prefixes using the Neighbor

36 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Discovery Protocol (NDP). The advertisement messages contain the routing prefix, the maximum
transmission unit (MTU), and the address of the responsible default router.
a. Enable ULA Prefix Advertisement: select to enable Unique-Local Address (ULA) to
advertise the network prefix. ULA addresses are private and typically designated by the
prefix fd.
b. Randomly Generate: select to enable non-static ULA IP configuration.
c. Statically Configure: select to enable static ULA IP configuration.
d. Prefix: enter the network prefix.

e. Preferred Life Time (hour):


f. Valid Life Time (hour):
4. Enable MLD Snooping: select to enable Multicast Listener Discovery (MLD) snooping for IPv6
Multicast traffic. MLD is a protocol used by IPv6 Multicast routers to discover Multicast listeners
(nodes configured to receive IPv6 Multicast packets) on directly attached links and to discover
which packets are of interest to neighboring nodes. When this field is enabled, the following fields
display.
a. Standard Mode: disables blocking of unknown multicast addresses.
b. Blocking Mode: blocks unknown multicast addresses.
5. Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.

4.4 NAT
Network Address Translation (NAT) allows you to share one Wide Area Network (WAN) IP address for
multiple computers on your Local Area Network (LAN).
When NAT is enabled, you can configure a NAT Virtual Server, Port Triggering, and a DMZ Host.

4.4.1 NAT Virtual Server


A virtual server allows you to direct incoming traffic from the WAN side to a private IP address on the
LAN side. A virtual server is useful if you have software that requires communication with the Internet,
for example, peer-to-peer and games.
Select the NAT menu item and the NAT Virtual Servers Setup screen displays. You can add a new
virtual server in this screen.

TM 87-10878 Rev. A 37
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Figure 6 NAT Virtual Server Setup

1. Click on the Add button to add a Virtual Server. The NAT Virtual Servers screen displays. In
this screen, you are able to select a service, enter the Virtual Server IP address, and view the
External Port Start/End and Internal Port Start/End ports from where IP packets are forwarded to the
Virtual Server.
The Virtual Server is identified by the External Port and type of protocol on the WAN side. An
Internal Port entry is only required when the External Port needs to be converted to a different port
number used by the server on the LAN side. You can configure a maximum of 32 entries.

38 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Figure 7 Add NAT Virtual Server

2. Service Name: You can select an existing service to forward IP packets for this service to the virtual
server. Or create a new custom service by selecting Custom Service. Once the service name is
selected, the External Port and Internal Port Start/End numbers will populate.
3. Server IP Address: Enter the Virtual Server IP address. This is typically the IP address of the
computer on your network which is using the application or game.
4. External Port Start: This parameter selects the starting port number for the Virtual Server. The
Virtual Server is identified by the External Port and type of protocol (on the WAN side).
5. External Port End: This parameter selects the ending port number for the Virtual Server. The
Virtual Server is identified by the External Port and type of protocol (on the WAN side).
6. Internal Port Start: If you modify this number, then Internal Port End is set to the same port
number as Internal Port Start.
7. Internal Port End: This port number cannot be modified directly. Internal Port End is typically set
to the same port number as External Port End.
8. Protocol: Select TCP, UDP, or TCP/UDP protocol from the drop-down menu.
9. Apply/Save: Click on the Apply/Save button to apply the change and forward IP packets for this
service to the selected server.
10. After you Apply/Save the Virtual Server changes, then the NATVirtual Servers Setup screen
displays. In this screen, you are able to view your Virtual Server configurations and delete any
servers:

TM 87-10878 Rev. A 39
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Figure 8 NAT Virtual Servers Configuration

4.4.2 Port Triggering


Select the Port Triggering menu item under NAT, the NAT Port Triggering Setup screen displays.
Port Triggering opens up the open Ports in the routers firewall when an application on the LAN
initiates a TCP/UDP connection to a remote party using the Triggering Ports. This is important because
certain applications, such as video conferencing, games, and remote access applications, require that
specific ports in the firewall be opened to allow access by remote parties.
In this screen, you can configure the router to allow the remote party from the WAN side to establish
new connections back to the application on the LAN side using the open ports. You can configure a
maximum of 32 entries.

40 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Figure 9 NAT Port Triggering Setup

1. Click on the Add button to select and add an application for which specific ports are identified as
open ports. You can configure the port settings in this screen.

TM 87-10878 Rev. A 41
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Figure 10 NAT Port Triggering Configuration

2. Use Interface: Select the interface where the open ports will reside.
3. Application Name: Select the application from the drop-down menu for which open ports have
been configured. Once the application is selected, the Trigger Port Start/End and Open Port
Start/End numbers are populated.
You can also enter a custom application name and configure its port settings.
4. Apply/Save: Click on the Apply/Save button to add the configuration changes.
After you Apply/Save the NAT Port Triggering changes, then the NATPort Triggering Setup
screen displays. In this screen, you are able to view your port triggering and open port configurations
and remove any unwanted configurations by checking the Remove checkbox and clicking on
Remove.

42 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

4.4.3 DMZ Host


The DMZ is used to forward all IP packets coming into the router to a specified IP address. The DMZ
host is the computer to which the Broadband Router will forward all IP packets from the WAN that do
not belong to any applications in the Virtual Servers table.
Select the DMZ Host menu item under NAT, the NAT DMZ Host screen displays. In this screen, you
can enter the IP address of the DMZ Host.

Figure 11 NAT DMZ Host

1. DMZ Host IP Address: Enter the IP address for the DMZ Host.
2. Save/Apply: Click to activate the DMZ Host. To deactivate the DMZ Host, clear the IP Address
field and click Save/Apply.

TM 87-10878 Rev. A 43
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

4.5 Security
You can configure IP Filtering and MAC Filtering to manage traffic on your EPON Multi-service
Residential Gateway.

4.5.1 IP Filtering
You can configure Outgoing IP Filtering and Incoming IP Filtering to manage traffic on your ONT.

4.5.2 Outgoing IP Filtering


Select the Security menu item under Advanced Setup, the Outgoing IP Filtering Setup screen
displays.
You can configure an outgoing IP Filter that specifies which LAN traffic is blocked from passing
through to the WAN side (Internet). All outbound IP traffic from the LAN side to the WAN side is
allowed by default. However, you can block outbound IP traffic by configuring IP filters. In this screen,
you can create an outgoing IP Filter.

1. Remove: Click to remove an outgoing IP filter.

44 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

2. Add: Click to add an outgoing IP filter. You can add a filter or rule by creating a filter name and one
or more conditions that when satisfied will block outgoing IP traffic. The Add IP FilterOutgoing
screen displays.

3. Filter Name: Enter the filter name.


4. IP Version: Select IPv4 or IPv6.
5. Protocol: Select the protocol, such as TCP, UDP, TCP/UDP, or ICMP.
6. Source IP address: Specify the IP address where the packets are coming from (from the WAN
side).
7. Source Port: Specify the port number of the port where the packets are coming from (from the
WAN side).
8. Destination IP address: Specify the IP address to which the packets are going (to the LAN side).
9. Destination Port: Specify the port number of the port to which the packets are going (to the LAN
side).
10. Apply/Save: Click to save and activate the filter.
11. After you save and activate the filter, then the Outgoing IP Filtering Setup screen displays.

TM 87-10878 Rev. A 45
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

In this screen, you are able to view your outgoing IP filter configurations and remove any unwanted
configured filters by checking the Remove checkbox and clicking on Remove.

4.5.3 Incoming IP Filtering


All incoming IP traffic is blocked when a firewall is enabled on a WAN or LAN interface. However, you
can allow certain incoming IP traffic by setting up incoming IP filters. Select Incoming under IP
Filtering under Security in the Advanced Setup menu to display Incoming IP Filtering Setup.

46 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1. Remove: click to remove the configured IP filter.


2. Add: click to add an incoming IP filter rule and to display the Add IP FilterIncoming screen.
You must specify at least one condition in the rule. All the conditions must be satisfied before the
rule takes effect.

TM 87-10878 Rev. A 47
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

3. Filter Name: enter a name for the filter rule.


4. IP Version: select IPv4 or IPv6.
5. Protocol: select TCP/UDP, TCP, UDP, or ICMP.
6. Source IP address[/prefix length]: Specify the IP address where the packets are coming from (from
the WAN side).
7. Source Port (port or port:port): Specify the port or port number of the port where the packets are
coming from (from the WAN side).
8. Destination IP address[/prefix length]: Specify the IP address to which the packets are going (to
the LAN side).
9. Destination Port (port or port:port): Specify the port or port number of the port to which the
packets are going (to the LAN side).

10. WAN Interfaces (Configured in Routing mode and with firewall enabled) and LAN Interfaces:
to apply this rule, select one or more of the displayed interfaces.
11. Apply/Save: Click to save and activate the filter.

4.5.4 MAC Filtering


MAC Filtering is only allowed for bridged WAN service. You can configure MAC Filtering to forward
or block traffic by MAC address. To forward traffic means that all MAC layer frames are forwarded
except those matching any of the specified rules in the filter. To block traffic means all MAC layer
frames are blocked except those matching any of the specified rules in the filter.
Select the MAC Filtering menu item under Security, the MAC Filtering Setup screen displays. In this
screen, you can change the MAC Filtering policy or add settings to the MAC Filtering table.

48 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1. FORWARD: select the policy for an interface to change it.


2. Change Policy: select to change the policy of defined MAC filtering rules for an interface.
A confirmation screen asks you to verify your change. Select Yes to continue, or No to cancel.
3. Choose Add or Remove to configure MAC filtering rules.
4. If you select Add to add an entry to the MAC Filtering table, the Add MAC Filter screen displays.
You can create a filter by specifying at least one condition.

TM 87-10878 Rev. A 49
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

a. Protocol Type: select PPPoE, IPv4, IPv6, AppleTalk, IPX, NetBEUI, or IGMP.
b. Destination MAC Address: enter MAC address.
c. Source MAC Address: enter MAC address.
d. Frame Direction: select direction of frames (WAN, LAN) from the drop-down menu
e. WAN Interfaces (Configured in Bridge mode only): select the interface from the
drop-down menu. In bridging mode, the ONT simply passes the packet from the LAN
side to the WAN side without inspecting or altering the data in the packet as the packet
passes through.
f. Save/Apply: Click to save and activate the filter.

4.6 Parental Control


In a home setting, parents can configure time of day and URL filter settings to control the Internet
activities of the child, restrict the time of web surfing, and limit the childs access to certain websites.

4.6.1 Time Restriction


Parents can control access to the router and Internet by configuring rules called Time of Day restrictions.
Time of Day restrictions define the time and days computers on the network are allowed access to the
Internet.
Select the Parental Control menu item under Advanced Setup, the Access Time Restriction screen
displays.

50 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Figure 12 Parental ControlRestrict Time Access

1. Click Add to configure time of day restrictions on a specific LAN device connected to the router.
The Access Time Restriction screen displays.

TM 87-10878 Rev. A 51
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Figure 13 Time of Day Restriction

2. User Name: Enter childs name.


3. Browsers MAC Address: MAC address of the LAN device (computer you are currently using) you
want to place on a Time of Day restriction.
4. Other MAC Address: Add MAC address of another LAN device.
5. Days of the week: Click to select which days you want the restriction in place.
6. Start Blocking Time: Enter the start time to begin blocking Internet access.
7. End Blocking Time: Enter the end time to stop blocking Internet access.
8. Apply/Save: Click to save and activate the time of day restriction.

52 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

4.6.2 URL Filter


You can configure a filter to restrict a childs access to certain web sites by excluding specific URLs or
by building a list of included URLs the child may access. Select the Url Filter menu item under
Parental Control, the URL Filter screen displays.

Figure 14 URL Filter Restriction

1. Select either to Exclude or Include specific URLs.


2. Click Add to create a URL Filter and display the URL Filter Add screen.

TM 87-10878 Rev. A 53
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Figure 15 Add Parental Control--URL Filter

3. Enter the URL address to either exclude or include.


4. Apply/Save: Click to save and activate the time of day restriction.
After you save the URL filter, then a list of URL filters displays. In this screen, you are able to review
your URL filters and remove any unwanted filters by checking the Remove checkbox and clicking on
Remove.

4.7 Quality of Service (QoS)


You can configure the following QoS parameters by selecting the Quality of Service menu item under
Advanced Setup:

QoS Queue
QoS Policer
QoS Classification
QoS Port Shaping

54 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

4.7.1 QoS Queue


After clicking on the Quality of Service menu item, the QoSQueue Management Configuration
screen displays. You can enable QoS globally on all interfaces with a default differentiated services code
point (DSCP) value. See Table 3 DSCP Class Values for more information.

1. Enable QoS: Click to enable QoS on all interfaces with a default differentiated services code point
(DSCP) value. When QoS is enabled, you can select a default DSCP value.
2. Select Default DSCP Mark: select a value from the drop-down menu.
3. Apply/Save: Click to apply the change and save the configuration
4. Click on QoS Queue under Quality of Service to display the QoS Queue Setup screen.

4.7.1.1 QoS Queue Setup:


Use the QoS Queue Setup screen to set up Wi-Fi Multimedia (WMM) parameters for VoIP, video,
or data traffic.

TM 87-10878 Rev. A 55
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

The ATM mode and PTM mode are not currently used.
You can configure a maximum of four (4) queues for each Ethernet interface and a maximum of four
(4) queues for each Ethernet WAN interface.
WMM in the table refers to QoS over Wi-Fi. QoS enables Wi-Fi access points to prioritize traffic
and optimizes the way shared network resources are allocated among different voice, video, video
streaming, interactive gaming, and data traffic. WMM defines four access categories (WMM Voice
Priority, WMM Video Priority, WMM Best Effort, and WMM Background) that are used to
prioritize traffic so that these traffic categories have access to the necessary network resources.
1. Add: click on this button to configure a QoS queue and add it to a Layer 2 interface. The QoS
Queue Configuration screen displays.
2. Remove: Check the remove-checkboxes in the QoS Queue Setup screen, then click on the
Remove button to remove a QoS queue from a Layer 2 interface.

56 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

3. Name: enter the name of the QoS queue.


4. Enable: select to enable (or disable) the QoS queue.
5. Interface: Select the Interface name to which to add the QoS queue from the pull down menu.
6. Queue Precedence: select the precedence value from 1 through 4, where the lower value has the
higher priority.
Traditionally, IP Precedence has used the first three bits of the Type of Service (TOS) field to give
eight (8) possible precedence values. The ONT-2-E4xxxi Series uses precedence values 001(1)
through 100(4) that can be assigned to QoS queues.

000 (0) - Routine


001 (1) - Priority
010 (2) - Immediate
011 (3) - Flash
100 (4) - Flash Override
101 (5) - Critical
110 (6) - Internetwork Control
111 (7) - Network Control

TM 87-10878 Rev. A 57
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

These map to the IP Precedence values in the TOS field of the IP datagram. The ONT can have up to
four queues per Ethernet interface or port, which can be used, when there is congestion, to put
frames with particular precedence values into the appropriate queues.
7. Apply/Save: Click to apply the change and save the configuration.

4.7.2 QoS Policer


QoS Policing on a network determines whether network traffic is within a specified profile or contract.
Policing will cause out-of-profile traffic to drop or to be marked down to another differentiated services
code point (DSCP) value to enforce a contracted service level.
Policing is the monitoring of data rates and burst sizes for a particular class of traffic. Single-rate (One
Rate) policers monitor the specified committed information rate (CIR) of traffic. Dual-rate (Two Rate)
policers monitor both CIR and peak information rate (PIR) of traffic.
In general, you can think conceptually of having a traffic contract with your ISP. The traffic contract
(for Single Rate Two and Three-Color) may be generally described through three parameters:
Committed Information Rate (CIR), Committed Burst Size (CBS), and Excess Burst Size (EBS).
Two Rate Three-Color takes into account another parameter the Peak Information Rate (PIR)
The CIR is what you pay for at the ISP. The ISP limits your traffic to what you pay for. Policing will
drop the exceeding traffic. Conforming traffic means the packet falls within the traffic contract and is
forwarded. Any packet that uses up the Excess Burst Size is exceeding and is dropped.
To check if traffic matches the traffic contract, the policer measures the cumulative byte rate of arriving
packets and the policer can take one of the following actions:

Allow the packet to pass. (Conform)


Drop the packet. (Exceeding)
Re-mark the packet with a different DSCP or IP precedence value.
Click the QoS Policer menu item under Quality of Service, the QoS Policer Setup screen displays. You
can configure up to 32 policers or types of policing of traffic classes.

58 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1. Add: click to add a policer.


2. The QoS Policer Configuration screen displays (see below), where you can configure a Simple
Token Bucket policer. See step 5 Configuring a Simple Token Bucket policer.
3. Remove: Check the remove-checkboxes, then click on the Remove button to remove the checked
Policers.
4. Enable: click on this button to scan through the queues in the table to enable the checked Policers.
5. Configuring a Simple Token Bucket policer

TM 87-10878 Rev. A 59
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

6. Name: Enter QoS policer name.


7. Enable: you can select from the pull-down menu to enable or disable the QoS Policer function.
8. Meter Type: depending on which type of policing parameters is desired, you can select Simple
Token Bucket (Single Rate Two-Color), Single Rate Three-Color, or Two Rate Three-Color policer
from the pull-down menu. Based on the policer selected, different fields are displayed for you to
complete.
9. If you select Simple Token Bucket as the meter type, it is a Single Rate Two-Color policer (see
above screen). For a Single Rate Two-Color policer, configure the Committed Information Rate
(CIR) in kilo bytes per second (kbps) and Committed Burst Size (CBS) in bytes. Single Rate Two-
Color Traffic is classified into two categories or colors: compliant (green) and in excess (red). A
packet is green if it does not exceed the CBS, and red if it exceeds the CBS.
Enter how to handle conforming and nonconforming traffic:
Conforming Action: Select Null or DSCP Mark
Nonconforming Action: Select Null, Drop, or DSCP Mark
Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.
Note: To make the new configuration effective, you must reboot the switch or router with the Reboot
option under the Management menu in the left panel.

60 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

10. If you select a Meter Type of Single Rate Three-Color, the Single Rate Three-Color QoS Policer
Configuration screen displays.

For a Single Rate Three-Color policer, configure the Committed Information Rate (CIR) in kilo
bytes per second (kbps), Committed Burst Size (CBS) in bytes, and Excess Burst Size (EBS) in
bytes. This policer also allows for temporary bursts. A packet is green if it does not exceed the
CBS, yellow if it does exceed the CBS, but not the EBS, and red otherwise.
Data traffic can be bursty and not smooth like VoIP. This means sometimes a lot of packets are
sent, then it is quiet again. Due to this nature, the policer can temporarily send or burst more packets
than normally. For a Single Rate Three-Color policer, Committed Burst Size and Excess Burst Size
are supported.
Enter how to handle conforming and nonconforming traffic:
Conforming Action: Select Null or DSCP Mark
Partial Conforming Action: Select Null, Drop, or DSCP Mark
Nonconforming Action: Select Null, Drop, or DSCP Mark
Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.

Note: To make the new configuration effective, you must reboot the switch or router with the Reboot
option under the Management menu in the left panel.

TM 87-10878 Rev. A 61
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

11. If you select a Meter Type of Two Rate Three-Color, the Two Rate Three-Color QoS Policer
Configuration screen displays.

The Two Rate Three-Color policer takes into account another rate parameter the Peak Information
Rate (PIR), in addition to the Committed Information Rate (CIR). For a Two Rate Three-Color
policer, configure both CIR and PIR, as well as the Peak Burst Size and the CBS. The Peak
Information Rate is higher than the CIR and allows traffic to burst.
The Two Rate Three-Color policer can take one of the following actions:

Packets that fall under the CIR are conforming.


Packets that exceed the CIR but are below the PIR are exceeding.
Packets above the PIR are violating.
Enter how to handle conforming and nonconforming traffic:
Conforming Action: Select Null or DSCP Mark
Partial Conforming Action: Select Null, Drop, or DSCP Mark
Nonconforming Action: Select Null, Drop, or DSCP Mark

62 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.

Note: To make the new configuration effective, you must reboot the switch or router with the Reboot
option under the Management menu in the left panel.

4.7.3 QoS Classification


Click the QoS Classification menu item under Quality of Service in the Advanced Setup menu. The
QoS Classification Setup screen displays. You can configure up to a maximum of 32 QoS classification
rules for the ONT.

1. Add: click to add a rule. The Add Network Traffic Class Rule screen displays.
2. Enable: click on this button to scan through the queues in the table to enable the checked Policers.
3. Remove: Check the remove-checkboxes, then click on the Remove button to remove the checked
classification rules.

4. Add Network Traffic Class Rule


Use this screen to create a traffic class rule to classify incoming traffic into a priority queue and add
a DSCP or Ethernet priority marking on the packet.

TM 87-10878 Rev. A 63
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Traffic Class Name: Enter a name for the traffic class.


Rule Order: Last is the only order.
Rule Status: Select Enable or Disable.
Specify Classification Criteria Specify traffic condition(s) for the class
Class Interface: Specify type of interfaceLAN, WAN, Ethernet port (eth0 to eth5), wireless port
(wl0).
Ether Type: Specify Ethernet typeIP, ARP, IPv6, PPPoE_DISC/PPPoe_SES, 8865, 8866, 8021Q.
If IP is selected, select one of the following additional fields:

Source IP Address[/Mask]: enter the source ports IP address and mask.

Vendor Class ID (DHCP Option 60): Supports the DHCP vendor class identifier option
60, which allows DHCP relay to compare option 60 strings in received DHCP client
packets against strings that you configure on the router (for example, enables DHCP relay
to direct client traffic to a specific DHCP server (vendor-option server).

64 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

User Class ID (DHCP Option 77): Used by a DHCP client to optionally identify the type
or category of user or applications it represents. A DHCP server uses option 77 to choose
the address pool it allocates an address from or to select any other configuration option.
Source MAC Address: Enter the MAC address of the source (port).
Source MAC Mask: Enter the MAC address mask of the source (port).
Destination MAC Address: Enter the MAC address of the destination port.
Destination MAC Mask: Enter the MAC address mask of the destination port.
Specify Classification Results: A blank value indicates no operation.

Specify Class Queue (Required):


Specify Class Policer
Mark Differentiated Service Code Point (DSCP):
The AF behavior group defines four separate AF classes with Class 4 having the highest priority.
Within each class, packets are given a drop precedence (high, medium or low). The combination of
classes and drop precedence yields twelve separate DSCP encodings from AF11 through AF43 (see
table below)

Table 3 DSCP Class Values

Class 1 (lowest) Class 2 Class 3 Class 4 (highest)


Low Drop AF11 (DSCP 10) AF21 (DSCP 18) AF31 (DSCP 26) AF41 (DSCP 34)

Med Drop AF12 (DSCP 12) AF22 (DSCP 20) AF32 (DSCP 28) AF42 (DSCP 36)

High Drop AF13 (DSCP 14) AF23 (DSCP 22) AF33 (DSCP 30) AF43 (DSCP 38)

Mark 802.1p priority: the QoS VLAN Priority allows you to assign a priority to outbound packets
containing the specified VLAN ID. Select the priority level: 0 best effort to 1 lowest priority to 7
highest priority. The priority level is used to prioritize different classes of traffic (voice, video, data).
Set Rate Limit: enter rate limit in Kbits per second.
Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.
Note: To make the new configuration effective, you must reboot the switch or router with the Reboot
option under the Management menu in the left panel.

4.7.4 QoS Port Shaping


Quality of Service (QoS) Port Shaping is a subset of traffic shaping and is generally a means of
controlling the volume of traffic being sent into a network by setting a shaping rate (Kbps) or burst size
(bytes) for each of the Ethernet ports. The shaping rate could be the maximum rate at which the traffic is
sent. Burst size is the maximum data that can be sent at a given moment to a given port.
For example, if you specify a burst size of 16000 bytes, it means that:

If a packet arrives whose size is <= 16000 bytes, the packet is rated as conform (does not
exceed the burst size) and it will be transmitted.

TM 87-10878 Rev. A 65
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

If a packet arrives whose size is> 16000 bytes, the packet will be considered exceed and then
will be dropped.
Click the QoS Port Shaping menu item under Quality of Service in the Advanced Setup menu. The
QoS Port Shaping Setup screen displays.

1. Shaping Rate (Kbps): enter a maximum or fixed rate at which the traffic is sent in kilobytes per
second (Kbps). The port will not be able to exceed the maximum or fixed rate at which data can be
sent to the port. If you set the Shaping Rate to -1, it indicates no shaping and Burst Size will be
ignored.
2. Burst Size (bytes): enter the burst size in bytes that is the maximum data that can be sent at a given
moment to a given port. If the packet size is less than or equal to the burst size, the packet is allowed
and transmitted. If the packet size is greater than the burst size, the packet is dropped.
3. Apply/Save: Click to apply the change and save the configuration.

4.8 Routing
You are able to Configure Default Gateway from a list of WAN interfaces, set up a Static Route,
configure Policy Routing, and configure Routing Information Protocol (RIP) Routing.

4.8.1 Configure Default Gateway


Click the Routing menu item under Advanced Setup. The RoutingDefault Gateway screen displays.
You can put multiple WAN interfaces on the default gateway list, but the system will only use one WAN

66 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

interface as the default gateway, based on its priority in the list with the first having the highest priority
and the last having the lowest priority if the WAN interface is connected.

1. Selected Default Gateway Interfaces: select the interface from the Available Routed WAN
Interfaces box to be used as a default gateway. Click the left arrow to move the selected interface to
the Selected Default Gateway Interfaces box. You can also click the right arrow to move the
interface back.
2. Available Routed WAN Interfaces: move an available interface to the Selected Default Gateway
Interfaces box. You can change the default gateway priority order of the interface by removing all
the interfaces and adding them back in the desired order.
3. Selected WAN Interface: select a preferred IPv6 WAN interface as the default IPv6 gateway
4. Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.

Note: To make the new configuration effective, you must reboot the switch or router with the Reboot
option under the Management menu in the left panel.

4.8.2 Static Route


In Static routing, you manually enter routes into a routing table by means of a configuration file that is
loaded when the switch or router starts up. Because these routes do not change after they are configured,
they are called Static routes. You can configure up to 32 static routes for the ONT.
Click the Static Route menu item under Routing. The Routing Static Route screen displays.

TM 87-10878 Rev. A 67
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1. Remove: click to remove a static route. You are not able to remove system created routes.
2. Add: Click to add a static route. The Routing Static Route Add screen displays as follows.

68 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

3. IP Version: select IPV4 or IPv6.


4. Destination IP address/prefix length: Enter destination network address, subnet mask
5. Interface: Select the WAN interface to which to add the static route.
6. Gateway IP Address: Enter the default gateway IP address.
7. Metric: Optional. Enter a number equal to or greater than zero. This is the hop count that describes
the number of hops that the packet takes on the path from source to destination. Each time the packet
is passed to the next device, a hop occurs. You can enter a low metric to encourage traffic to use the
static route. You can use the ping command to determine the hop count to a specific destination.
8. Apply/Save: Click on the Apply/Save button to apply the change and save the static route
configuration.

4.8.3 Policy Routing


Policy routing or policy-based routing is a method of making routing decisions based on policies set by
the network administrator. It is for cases where there may be a need to forward the packet based on
criteria other than destination address or destination network. A typical criteria used in policy routing is
the source address. However other criteria might be access list (ACL), size of the packet, protocol of the
payload, or other information available in the packet header. Policy routing is applied to incoming
packets. You can configure up to seven (7) policy routes on interfaces.
Select the Policy Routing menu item under Routing. The Policy Routing Setting screen displays.

1. Add: select to add policy routing on an interface and display the Policy Routing Setup screen.
2. Remove: select to remove policy routing on an interface.

TM 87-10878 Rev. A 69
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

3. Policy Name: enter the name for the policy.


4. Physical LAN Port: select the LAN port to which to apply Policy Routing.
5. Source IP: enter the source IP address.

6. Use Interface:
7. Default Gateway IP: enter the default gateway address if you selected IP over Ethernet (IPoE) as
the WAN interface.
8. Apply/Save: Click to apply the change and save the configuration. The Policy Routing Setting
screen displays where you will be able to see the Policy Routing you just created.

70 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

4.8.4 Routing Information Protocol (RIP) Routing


RIP is a distance-vector routing protocol that uses hop count as a routing metric. RIP implements a limit
on the number of hops allowed (15 maximum) in the path from source to destination to prevent routing
loops.
Click the RIP menu item under Routing. The Routing--RIP Configuration screen displays below. This
screen allows you to enable RIP for a WAN interface by selecting the RIP version and type of RIP
operation. Uncheck the Enabled checkbox to disable RIP on an interface.

1. Version: select desired RIP version, 1,2, or both.


2. Operation: select desired Operation, Active or Passive.
3. Enabled: click to place a check to enable RIP on the WAN interface. To disable RIP on the WAN
interface, uncheck the Enabled checkbox.
4. Apply/Save: Click to apply the change and save the configuration.

4.9 Domain Name Service (DNS)


You can configure the DNS Server and Dynamic DNS under DNS in the Advanced Setup menu.

4.9.1 DNS Server


Click on the DNS menu item under Advanced Setup. The DNS Server Configuration screen displays
(below).

TM 87-10878 Rev. A 71
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

You can use this screen to configure the DNS Server interface by one of two methods. Click on one of
the following buttons:

Select DNS Server Interface from Available WAN Interfaces: Select an interface from the
available WAN interfaces in the right-side box and moving it to the left-side box.
Use the Following Static DNS IP Address: Enter a static DNS IP address to be the DNS server
interface. Enter a Primary DNS server IP address and a Secondary DNS server IP address. If
Asynchronous Transfer Mode (ATM) switching protocol is used, where only a single PVC with
IPoA or a static IPoE protocol is configured, you must use Static DNS IP addresses.

For IPv6 DNS Server Configuration: you must have a configured IPv6 WAN interface.
Then you can configure an IPv6 DNS server in one of two methods:
Obtain IPv6 DNS info from a WAN Interface: Select a WAN Interface from the drop-down box.
Use the following Static IPv6 DNS address: Enter a Primary IPv6 DNS server IP address and a
Secondary IPv6 DNS server IP address.

4.9.2 Dynamic DNS


Dynamic Domain Name System (DDNS) is a method of keeping an Internet domain name linked to a
changing IP address because static IP addresses are not used on all computers. Usually when you connect

72 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

to the Internet, your ISP assigns an unused IP address from a pool of IP addresses and this address is only
used for the duration of that connection. In this way, the IP address is dynamically assigned.
The DDNS program, provided by a service provider, runs on your computer, contacting the DNS service
each time the IP address provided by the ISP changes. The program updates the DNS database to reflect
the change in IP address. DDNS allows the ONT to be more easily accessed from various locations on
the Internet.
Click on the Dynamic DNS menu item under DNS. The Dynamic DNS screen displays.

1. Add: Click to add a Dynamic DNS address from DDNS providers DynDNS.org or TZO.

TM 87-10878 Rev. A 73
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

2. D-DNS provider: select a DDNS service provider--DynDNS.org or TZO.


3. Hostname: enter the name of the host.
4. Interface: select an interface name.
5. Username: enter username for the DDNS settings.
6. Password: enter a password to protect the DDNS settings.
7. Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.
Note: To make the new configuration effective, you must reboot the switch or router with the Reboot
option under the Management menu in the left panel.

4.10 Universal Plug and Play (UPnP)


Click on the UPnP menu item under Advanced Setup. The UPnP Configuration screen displays
below.
1. Enable UPnP: click on checkbox to enable UPnP.
2. Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.
Note: To make the new configuration effective, you must reboot the switch or router with the Reboot
option under the Management menu in the left panel.

74 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

4.11 DNS Proxy


Click on the DNS Proxy menu item under Advanced Setup. The DNS Proxy Configuration screen
displays.

TM 87-10878 Rev. A 75
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1. Enable DNS Proxy: click the checkbox to enable Domain Name Service Proxy.
DNS Proxy is a method to control DNS traffic through the firewall. A DNS Proxy policy can block
illegally formed DNS packets by examining the contents at the application layer and validating that
the packets meet RFC compliance for DNS traffic.
2. Host name of the Broadband Router: enter the host name.
3. Domain name of the LAN network: enter your domain name.
4. Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.

Note: To make the new configuration effective, you must reboot the switch or router with the Reboot
option under the Management menu in the left panel.

76 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

4.12 Interface Grouping


Click on the Interface Grouping menu item under Advanced Setup. The Interface Grouping screen
displays where you can create PVC or bridging groups with interfaces and map the groups to ports.

1. Add: click to create a Permanent Virtual Circuit (PVC) or bridging group. Each group performs as
an independent network. Create the mapping group with the appropriate LAN and WAN interfaces.
The Interface Grouping Configuration screen displays.
2. Remove: check the box to remove the specified grouping and add the ungrouped interfaces to the
default group.

TM 87-10878 Rev. A 77
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

3. Group Name: Enter a unique group name.


4. WAN Interface used in the grouping: select a WAN interface from the list.
5. If you prefer to statically add Ethernet interfaces from a list of Available LAN Interfaces to a
Grouped LAN Interfaces group, select the interface and click on the arrow to add the interface to
the group.
6. If you prefer to dynamically add LAN Ethernet interfaces to a group, add the DHCP Vendor ID
string (DHCP option 60) to the boxes at the bottom of the screen.
7. Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.
Note: To make the new configuration effective, you must reboot the switch or router with the Reboot
option under the Management menu in the left panel.

78 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

4.13 IP Tunnel
Two types of IP tunneling are supported:

IPv6inIPv4 (also called 6in4)


IPv4inIPv6 (also called 4in6) using DS-Lite

4.13.1 IPv6inIPv4 (6in4)


The term 6in4 refers to a mechanism for migrating from IPv4 to IPv6 by using tunneling to encapsulate
IPv6 traffic over configured IPv4 links. This is defined in RFC 4213.
The 6in4 tunnels are usually manually configured. The encapsulated IPv6 traffic (6in4 traffic) is sent
over the IPv4 Internet inside IPv4 packets whose IP headers have the IP protocol number set to 41. This
protocol number is specifically designated for IPv6 encapsulation. In 6in4, the IPv4 packet header is
immediately followed by the IPv6 packet being carried. Therefore, the encapsulation overhead is just the
size of the IPv4 header of 20 bytes. In the example where the Maximum Transmission Unit (MTU) is
1500 bytes, you can send IPv6 packets of 1480 bytes without fragmentation.
Select the IPv6inIPv4 menu item under IP Tunnel to display the IP Tunneling6in4 Tunnel
Configuration screen.

TM 87-10878 Rev. A 79
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1. Add: select to add a 6in4 tunnel. The IP Tunneling6in4 Tunnel Configuration screen displays.
Note that only 6rd (generally known as IPv6 Rapid Deployment).

2. Tunnel Name: enter name for 6in4 tunnel.


3. Mechanism: only 6RD is supported. 6rd is a mechanism to facilitate IPv6 rapid deployment by
encapsulating IPv6 packets inside IPv4 for transmission over IPv4 backbone networks. It operates
entirely within the end-user's ISP's network. 6rd requires customers have a home gateway/router that
supports 6rd and encapsulation of IPv6 packets. The ISP must operate 6rd gateways that accept only
tunneled IPv6 traffic.
4. Associated WAN Interface: select the WAN-side interface name/number.
5. Associated LAN Interface: select the LAN-side interface name/number.
6. Manual or Automatic: select manual configuration of the 6in4 tunnel. The following fields
displayenter the required configuration information for:
a. IPv4 Mask Length
b. 6rd Prefix with Prefix Length
c. Border Relay IPv4 Address
7. Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.

80 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

4.13.2 IPv4inIPv6 (4in6)


The term 4in6 refers to a mechanism for allowing IPv4 traffic to be used in an IPv6 only network. 4in6
uses tunneling to encapsulate IPv4 traffic over configured IPv6 links as defined in RFC 2473. The 4in6
tunnels are usually manually configured.
Select the IPv4inIPv6 menu item under IP Tunnel to display the IP Tunneling4in6 Tunnel
Configuration screen.

1. Add: select to add a 4in6 tunnel. The IP Tunneling4in6 Tunnel Configuration screen displays
(see below).

TM 87-10878 Rev. A 81
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Only Dual-Stack (DS)-Lite configuration is supported. DS-Lite technology enables continued


support for IPv4 traffic and aids in incremental deployment of IPv6. DS-Lite makes incremental
deployment easier by de-coupling IPv6 deployment in the service providers network (up to the CPE
devices) from deployment of IPv6 in the rest of the Internet and in customer applications and CPE
devices. DS-Lite enables a service provider to share IPv4 addresses among customers by combining
two technologiesIP in IP (IPv4-in-IPv6) and Network Address Translation (NAT).
2. Tunnel Name: enter name for 4in6 tunnel.
3. Mechanism: select DS-Lite.
4. Associated WAN Interface: select the WAN-side interface name/number.
5. Associated LAN Interface: select the LAN-side interface name/number.
6. Manual: We recommend manual configuration of the 4in6 tunnel. When manual configuration is
selected, the AFTR box displays.
7. Automatic: select for automatic configuration of the 4in6 tunnel.
8. AFTR: enter the IP address of the Address Family Transition Router (AFTR). 4in6 tunnels carry
IPv4 traffic across the network to arrive at an IPv4-IPv4 NAT server (the AFTR), where customers
will share IPv4 addresses. The AFTR displays when manual configuration of the 4in6 tunnel is
selected. The AFTR performs fragmentation and reassembly of large IPv4 packets during sourcing
(of video streams) and receiving (watching video streams).
9. Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.

82 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

4.16 Multicast
Click on the Multicast menu item under Advanced Setup. The Multicast screen displays. You can
configure Internet Group Management Protocol (IGMP) settings in IPv4 networks or Multicast Listener
Discovery (MLD) settings in IPv6 networks.
In WAN configuration, you are able to enable IGMP Multicast. IGMP is used by hosts and adjacent
routers on IP networks to set up group memberships for Multicast service. IGMP is used on IPv4
networks. IGMP is used for one-to-many applications, such as online streaming video and gaming.
MLD is embedded in ICMPv6. IPv6 routers use MLD, similar to IGMP, to discover Multicast listeners
(nodes that want to receive Multicast addresses) on a directly attached interface.

1. Multicast Precedence: select Disable (Multicast precedence) or a priority value from 1 through 4,
where 1 is the highest value.

TM 87-10878 Rev. A 83
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

2. IGMP Configuration: modify any of the following IGMP protocol configuration fields if you wish
to change the default values.

Default Version: the default version is 3 (IGMPv3).


Query Interval: This is the interval between General Queries sent by the Querier. Default value
is 125 seconds. By varying the Query Interval, an administrator may tune the number of MLD
messages on the link; larger values cause MLD Queries to be sent less often.
Query Response Interval: This is the Maximum Response Delay used to calculate the
Maximum Response Code inserted into the periodic General Queries. Default value is 10000
milliseconds (10 seconds). By varying the Query Response Interval, an administrator may tune
the burstiness of MLD messages on the link; larger values make the traffic less bursty, as host
responses are spread out over a larger interval. The number of seconds represented by the Query
Response Interval must be less than the Query Interval.
Last Member Query Interval: This is the Maximum Response Delay used to calculate the
Maximum Response Code inserted into Multicast Address Specific Queries sent in response to
Version 1 Multicast Listener Done messages. It is also the Maximum Response Delay used to
calculate the Maximum Response Code inserted into Multicast Address and Source Specific
Query messages. Default value is 1000 milliseconds (1 second).
Robustness Value: measures the number of retransmissions. This value allows tuning IGMP
according to the expected packet loss on an interface. If an interface is expected to be lossy (for
example, a wireless connection), the Robustness Value may be increased. The value of the
Robustness Value cannot be zero, and should not be one. The default is 2.
Maximum Multicast Groups: The default is 25.
Maximum Multicast Data Sources (for IGMPv3: 1-24): The default is 10.
Maximum Multicast Group Members: The default is 25.
Fast Leave Enable: click to enable the Fast Leave scheme that is based on use of source timers.
When a node wants to stop listening to a specific source, all Multicast routers on the interface
lower their timer for that source. If a report of other listeners for that source on the interface is
received before timer expires, then all the Multicast routers on the interface update their source
timer. If not, the source is deleted from the Include List.
LAN to LAN (Intra LAN) Multicast Enable: click to enable Intra LAN Multicast.
Membership Join Immediate (IPTV): Click to enable.
3. MLD Configuration: modify any of the following MLD configuration fields if you wish to change
the default values.

Default Version: the default MLD version is 2 (MLDv2).


Query Interval: This is the interval between General Queries sent by the Querier. Default value
is 125 seconds. By varying the Query Interval, an administrator may tune the number of MLD
messages on the link; larger values cause MLD Queries to be sent less often.
Query Response Interval: This is the Maximum Response Delay used to calculate the
Maximum Response Code inserted into the periodic General Queries. Default value is 10000
milliseconds (10 seconds). By varying the Query Response Interval, an administrator may tune
the burstiness of MLD messages on the link; larger values make the traffic less bursty, as host
responses are spread out over a larger interval. The number of seconds represented by the Query
Response Interval must be less than the Query Interval.
Last Member Query Interval: This is the Maximum Response Delay used to calculate the
Maximum Response Code inserted into Multicast Address Specific Queries sent in response to
Version 1 Multicast Listener Done messages. It is also the Maximum Response Delay used to

84 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

calculate the Maximum Response Code inserted into Multicast Address and Source Specific
Query messages. Default value is 1000 milliseconds (1 second).
Robustness Value: measures the number of retransmissions. This value allows tuning IGMP
according to the expected packet loss on an interface. If an interface is expected to be lossy (for
example, a wireless connection), the Robustness Value may be increased. The value of the
Robustness Value cannot be zero, and should not be one. The default is 2.
Maximum Multicast Groups: The default is 25.
Maximum Multicast Data Sources (for IGMPv3: 1-24): The default is 10.
Maximum Multicast Group Members: The default is 25.
Fast Leave Enable: click to enable the Fast Leave scheme that is based on use of source timers.
When a node wants to stop listening to a specific source, all Multicast routers on the interface
lower their timer for that source. If a report of other listeners for that source on the interface is
received before timer expires, then all the Multicast routers on the interface update their source
timer. If not, the source is deleted from the Include List.
LAN to LAN (Intra LAN) Multicast Enable: click to enable Intra LAN Multicast.
Membership Join Immediate (IPTV): Click to enable.
4. Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.

TM 87-10878 Rev. A 85
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

86 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Chapter 5 Wireless
You are able to configure parameters in an IEEE 802.11 based wireless network. A wireless network
generally uses radio communication, unlike wired networks that use electrical conductors. A wireless
network implementation takes place at the physical layer. You can configure the following parameters:

Basic Parameters
Wireless Security
MAC Filter
Wireless Bridge
Advanced
Station Info

5.1 Wi-Fi Testing and Deployment Considerations


When you test and deploy the Wi-Fi system, we recommend you consider the following configuration
issues:

SSID Uniqueness
Channel Allocation
Signal Strength
Encryption

5.1.1 SSID Uniqueness


The Service Set Identifier (SSID) is used by the wireless access point to broadcast and identify its
availability to clients.
It is important, especially in devices within close proximity of each other, to make certain that the
broadcasted SSID is unique to the specific access point being installed. Using common, non-unique,
SSIDs across a deployment can result in unreliable service because client machines can become confused
as to which access point they should be associated with.

5.1.2 Channel Allocation


There are multiple channels that are available for transmission on the Wi-Fi access point. Having
multiple channels allows the client to avoid heavily-used channels.
Allowing all access points to use one default channel (for example, channel 6) would create interference
that could result in poor connectivity or slow data rates. Channels 1 through 11 are available to be set.
However, only channels 1, 6, and 11 are non-overlapping channels. You should consider these channels
when you are setting channel selections and want to avoid other access points in the area.
A helpful reference for WLAN channels can be found at:
http://en.wikipedia.org/wiki/List_of_WLAN_channels

TM 87-10878 Rev. A 87
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

5.1.3 Signal Strength


Signal strength adjustments should be considered if significant noise caused by neighboring devices
exists or to gain coverage over a larger area. You can improve signal strength by adjusting access point
placement and positioning the antenna. Thus, pay attention when you are determining the Wi-Fi location
and orientation.

5.1.4 Encryption
Encryption methods are available on many wireless devices. Encryption features configure restricted
access to the access point and prevent unwanted associations from being made to a particular device. We
recommend you create an encryption method for each Wi-Fi deployment because unrestricted or open
access could result in the unwanted membership of client devices to a Wi-Fi unit that is open to allow
any connections. Unwanted clients are likely to cause contention for services offered on an open
device.
Similar considerations should be made if multiple Wi-Fi enabled ONTs exist within close proximity of
each other or if a Wi-Fi enabled ONT is collocated with multiple consumer wireless gateways.
See Wireless Security on page 90 for information on configuring security features on the wireless LAN
interface.
Keep in mind that these recommendations are based on general best practices and not restricted to the
operation or functionality of the Aurora Wi-Fi feature available on our ONT products.

5.2 Basic Parameters


You can configure basic features on the wireless LAN interface. You can enable or disable the wireless
LAN interface, hide the Access Point or wireless network name by inhibiting broadcasting, enable client
isolation, disable Wi-Fi Multimedia (WMM), enable Wireless Multicast Forwarding (WMF), set the
wireless network name (SSID), and restrict the channel set based on country requirements.
Click on the Basic menu item under Wireless. The WirelessBasic screen displays to allow you to
configure basic parameters of the wireless LAN interface.

88 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1. Enable Wireless: Click checkbox to enable wireless on the LAN interface. Unchecking the
checkbox will disable wireless on the LAN interface.
2. Hide Access Point: Click checkbox to inhibit the broadcasting of the Service Set Identifier (SSID)
that is the wireless network name. This hides the wireless network from active scans and impedes
casual wireless snooping.
3. Clients Isolation: Click checkbox to enable.
4. Disable WMM Advertise: Click checkbox to disable Wi-Fi Multimedia (WMM). WMM, based on
IEEE 802.11e standard, provides basic Quality of Service (QoS) features to wireless networks.
WMM prioritizes traffic according to four Access Categories (AC) voice (AC_VO), video
(AC_VI), best effort (AC_BE), and background (AC_BK).
5. Enable Wireless Multicast Forwarding (WMF): Click checkbox to enable WMF. WMF is
multicasting over a wireless network.
6. SSID: Enter the Service Set Identifier (SSID) that is the wireless network name (informal, human-
readable name).
7. BSSID: Broadcast Service Set Identifier (BSSID) is usually the MAC address of the wireless Access
Point (WAP), and is automatically entered.
8. Country: Select country from the drop-down menu.
9. Max Clients: Enter the maximum number of clients supported on the wireless network.
10. You can enter clients in the SSID column, enable or disable the clients, and configure the basic
settings for each client in the table.

TM 87-10878 Rev. A 89
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

11. Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.

5.3 Wireless Security


You can configure security features of the wireless LAN interface either by configuring them manually
or using Wi-Fi Protected Setup (WPS).
Click on the Security menu item under Wireless. The WirelessSecurity screen displays. In this
screen, you can enable or disable WPS, and manually set up the Access Point (AP) parameters (SSID,
type of network authentication, and Wired Equivalent Privacy (WEP) encryption).

There are two predominant types of security for IEEE 802.11 wireless networks:

Wired Equivalent Privacy (WEP) authenticationa security algorithm that is more frequently
used by older wireless network devices. It is currently considered easily broken and replaced by
newer standards, such as WPA2.
The methods of authentication used with WEP are: Open System, Shared Key

Wi-Fi Protected Access (WPA and WPA2) authenticationsecurity protocols that have
superceded WEP. WPA2 is the newer IEEE 802.11i standard. WPA implements the Temporal
Key Integrity Protocol (TKIP) that dynamically generates a new 128-bit key for each packet.

90 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

WPA2 uses Cipher Block Chaining Message Authentication Code Protocol (CCMP), a new
Advanced Encryption Security (AES) based encryption mode with strong security.
Each wireless network device encrypts network traffic using a 256 bit key. This Shared Key or Pre-
shared key (PSK) may be either a string of 64 hexadecimal digits or a passphrase of 8 to 63 ASCII
characters.
The following are the main types of Pre-Shared Key (PSK): WPA-PSK, WPA2-PSK, and WPA/WPA2-
PSK:

The WPA- PSK adapts the TKIP (Temporal Key Integrity Protocol) encrypted algorithms,
which usually incorporates Message Integrity Code (MIC) to provide protection against hackers.
The WPA2-PSK adapts CCMP (Cipher Block Chaining Message Authentication Code Protocol)
of the AES (Advanced Encryption Security) algorithms.
WPA/WPA2-PSK is a mixed WPA and WPA2 authentication.
12. Enable WPS: Wi-Fi Protected Setup (WPS) is available only when WPA2 PSK, Mixed
WPA2/WPA-PSK, or OPEN mode of network authentication is configured. Otherwise, WPS is
disabled by default.
WPS attempts to make setting up a secure wireless home network easy for the home user by
automating the procedure. Commonly for newer devices, the Pre-shared key is preconfigured in the
devices memory, or a PIN used as a Pre-shared key is placed on a placard on the device.
13. Select SSID: Select the wireless network name from the drop-down menu.
14. Network Authentication: Select the type of network authentication from the drop-down menu.
Depending on which type of Network Authentication is selected, additional fields will display for
you to complete for that network authentication.
15. WEP Encryption: You can enable WEP encryption only when you have chosen Open or Shared
Key or 802.1X method of network authentication. Otherwise WEP is disabled by default.
When WEP Encryption is enabled, the following fields display:
Encryption Strength: select 128-bit or 64-bit encryption.
Current Network Key: select from Network Key 1 through 4. You can enter a network key: For 128-
bit encryption keys, enter 13 ASCII characters or 26 hexadecimal digits; for 64-bit encryption keys,
enter 5 ASCII characters or 10 hexadecimal digits.
RADIUS Server IP Address, RADIUS Port, RADIUS Key: Enter RADIUS information when
802.1X authentication is selected.
16. When WPA-PSK, WPA2-PSK, or Mixed WPA2/WPA-PSK authentication is selected, the
following additional fields are displayed:
WPA/WAPI passphrase: a passphrase of 8 to 63 ASCII characters making up the Pre-shared key.
WPA Group Rekey Interval: period of renewal time for changing the security key automatically
between wireless client and Access Point (AP).
WPA/WAPI Encryption: select AES or TKIP + AES.
17. When WPA, WPA2, or Mixed WPA2/WPA authentication is selected, the following additional
fields are displayed:
WPA Group Rekey Interval: period of renewal time for changing the security key automatically
between wireless client and Access Point (AP).

TM 87-10878 Rev. A 91
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

RADIUS Server IP Address, RADIUS Port, RADIUS Key: Enter RADIUS information.
WPA/WAPI Encryption: select AES or TKIP + AES.
18. Apply/Save: Click on the Apply/Save button to apply the change and save the configuration.

5.4 MAC Filter


You can configure the MAC Filter feature to allow or deny users access to the wireless router based on
the users MAC address, as well as choose to disable MAC filtering. Click on the MAC Filter menu
item under Wireless. The WirelessMAC Filter screen displays. In this screen you can set up the
MAC Filter and add or remove MAC addresses of devices in your home or business network.

1. Select SSSID: Select the wireless network name from the drop-down menu.
2. MAC Restrict Mode: Specify one of the following modes:

Disable to disable MAC filtering.


Allow to allow users access to the EPON wireless gateway based on the users MAC address.
If the MAC filter is empty, WPS will be disabled.

Deny to deny users access to the EPON wireless gateway based on the users MAC address.

92 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

3. Add: Click to add MAC addresses of devices in your network to the MAC Filter list. The
WirelessMAC Filter screen displays

a. MAC Address: Enter the MAC address of the device you want to add to the MAC
Filter list.
b. Apply/Save: Click on the Apply/Save button to apply the change and save the
configuration.
4. Remove: Click to remove MAC addresses of devices in your network from the MAC Filter list

5.5 Wireless Bridge


You can configure Wireless Bridge parameters of the wireless LAN interface. Wireless Bridge is also
known as Wireless Distribution System (WDS). WDS allows your wireless network to be expanded
using multiple Access Points (APs) without the need for wired connections between the APs. A wireless
AP is a device that allows wireless devices to connect to a wired network using Wi-Fi. The AP can be
integrated into the EPON gateway or it may connect to an EPON gateway (via a wired network) as a
standalone device.

1. AP Mode:
Selecting Access Point enables Access Point functionality. This means the EPON gateway can
connect wirelessly to other WDS-enabled routers and allow wireless clients to connect.
Selecting Wireless Bridge disables Access Point functionality. Wireless Bridge will only allow the
EPON gateway to connect to other WDS-enabled routers.
2. Bridge Restrict:
Select Enabled or Enabled(Scan) to restrict the EPON gateway from connecting to wireless bridges
that are not authorized.
Select Disabled to disable the wireless Bridge Restriction. This will allow any wireless bridge to
connect to the EPON gateway.

TM 87-10878 Rev. A 93
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

3. Remote Bridges MAC Address: If Bridge Restrict is set to Enabled or Enabled(scan), only those
bridges whose MAC addresses appear in these fields will be granted access.
4. Refresh: click to update the Remote Bridges MAC Address fields.
5. Apply/Save: Click to apply the change and save the configuration.

5.6 Advanced Wireless


The Advanced settings allow you to configure advanced features of the wireless LAN interface. For
example, you can select a specific channel on which to operate, change the transmission rate to a select
speed, and modify the fragmentation threshold. You can also set the following: Request to Send (RTS)
threshold, wakeup interval for clients in power-save mode, beacon interval for the access point, Xpress
mode, and short or long preambles.
Select the Advanced menu item from the Wireless option. The WirelessAdvanced screen displays.

1. Band: this is a default setting at 2.4GHz 802.11g

94 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

2. Channel: select from channel 1 through 11. If you are experiencing interference with another
2.4Ghz device, such as a baby monitor, security alarm, or cordless phone, then change the channel
on your EPON gateway.
3. Auto Channel Timer (min): Zero is the default.
4. 802.11n/EWC: select Auto or Disabled.
5. Bandwidth: select a bandwidth in MHz.
6. Control Sideband: Lower is the default.
7. 802.11n Rate: select 54g rate, or a rate from 6.5 to 130 Mbps.
8. 802.11n Protection: select Auto or Off.
9. Support 802.11n Client Only: Select Off or On.
10. RIFS Advertisement: select Auto or Off.
11. OBSS Coexistence: select Enable or Disable.
12. RX Chain Power Save: select Enable or Disable.
13. RX Chain Power Save Quiet Time: 10 is the default value.
14. RX Chain Power Save PPS: 10 is the default value.
15. 54g Rate: This is the wireless link rate at which information is received and transmitted on your
wireless network. 1Mbps is the default value. 54g is a Broadcom Wi-Fi technology.
16. Multicast Rate: This is the rate at which a message is sent to a specified group of recipients. Select
1 through 54 Mbps.
17. Basic Rate: This is the set of data transfer rates that all the stations will be capable of using to
receive frames from a wireless medium. Select a rate in Mbps.
18. Fragmentation Threshold: This is used to fragment packets which help improve performance in
the presence of radio frequency (RF) interference.
19. RTS Threshold: This threshold controls what size data packet the low level RF protocol issues to an
RTS packet. The default is 2346.
20. DTIM Interval: This sets the Wake-up interval for clients in power-saving mode.
21. Beacon Interval: A Beacon is a packet of information that is sent from a connected device to all
other devices where it announces its availability and readiness. A beacon interval is a period of time
(sent with the beacon) before sending the beacon again. The beacon interval may be adjusted in
milliseconds (ms).
22. Global Max Clients: to be determined
23. Xpress Technology: select Enable or Disable.
This is a technology that utilizes standards based on framebursting to achieve higher throughput.
With Xpress Technology enabled, aggregate throughput (the sum of the individual throughput
speeds of each client on the network) can improve by up to 25% in 802.11g only networks and up to
75% in mixed networks comprised of 802.11g and 802.11b devices.

TM 87-10878 Rev. A 95
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

24. Transmit Power: This is the percentage of power that should be transmitted from your wireless
router. Select from 20%, 40%, 60%, 80%, and 100%.
25. WMM (Wi-Fi Multimedia): select Enable or Disable.
26. WMM No Acknowledgement: select Enable or Disable.
27. WMM APSD: select Enable or Disable.
28. Apply/Save: Click to apply the change and save the configuration.

5.7 Station Info


You can display the authenticated wireless stations, which may be wireless bridges that are authorized or
may be WDS-enabled routers. Select the Station Info menu option from Wireless.

1. Refresh: click to update the fields in this screen.

96 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Chapter 6 Voice Configurations


You are able to configure Session Initiation Protocol (SIP) parameters for voice service. SIP is a
signaling protocol used in VoIP communications that allows users to make voice and video calls over the
Internet. The main purpose of the SIP protocol is to set up and tear down voice calls and video. To
communicate through SIP, you need a SIP address or account, which is generally obtained free from
many service providers, and a SIP client. A SIP client is an application program you install on your
computer that contains softphone functionality and provides an interface for you to communicate. There
are many types of SIP clients and some are offered free by your service provider.
You can configure the following voice parameters specifically for the service provider or as global
parameters that affect the whole interface (Basic Setting) or the console log level (Debug Setting):

SIP Basic Setting


SIP Advanced Setting
SIP Debug Setting

6.1 SIP Basic Settings


You are able to set Basic Settings for your SIP operation, including SIP domain name, SIP Proxy, SIP
Outbound Proxy, SIP Registrar, and preferred type of codecs. Select the SIP Basic Setting menu item
under Voice.

6.1.1 Service Provider SIP Basic Settings


You must click Stop SIP client button to stop the SIP client first before changing any of the parameters.
After you finish entering your changes, then click the Start SIP client button to implement the changes
and have the changes take effect.
1. Locale selection: select your location from the drop-down menu. Note that changing this parameter
for one service provider affects all other service providers.
2. SIP domain name: enter the domain name for your SIP server or SIP proxy server. Note that
changing this parameter for one service provider affects all other service providers.
3. VoIP Dialpan Setting: The Dial Plan specifies how to interpret digit sequences dialed by the user,
and how to convert those sequences into an outbound dial string.
4. Use SIP Proxy: check to use a SIP proxy server to manage many of the call setup functions between
SIP devices, such as routing requests to the users current location, authenticating and authorizing
users for services, implementing provider call-routing policies, and providing voice features to users.
The SIP proxy server can act as both a server and a client.
SIP Proxy: enter the SIP Proxy server name.
SIP Proxy port: enter the port number. Port 5060 is commonly used for non-encrypted signaling
traffic, and port 5061 is typically used for traffic encrypted with Transport Layer Security (TLS).
5. Use SIP Outbound Proxy: check to use a SIP outbound proxy server that receives requests from
clients and allows the ability to receive calls at multiple locations.
SIP Outbound Proxy: enter the SIP outbound proxy name.

TM 87-10878 Rev. A 97
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

SIP Outbound Proxy port: enter the port number. Port 5060 is commonly used for non-encrypted
signaling traffic, and port 5061 is typically used for traffic encrypted with Transport Layer Security
(TLS).

6. Use SIP Registrar: check to use a SIP registrar that acts as a SIP endpoint that accepts REGISTER
requests
SIP Registrar: enter the SIP Registrar name.
SIP Registrar port: enter the port number. Port 5060 is commonly used for non-encrypted signaling
traffic, and port 5061 is typically used for traffic encrypted with Transport Layer Security (TLS).
For your SIP Accounts: You can enter the following information.
7. Account Enabled: Click to enable.
8. Extension: Enter extension number.

98 TM 87-10878 Rev. A
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

9. Display name: Enter the display name for the SIP account.

10. Authentication name:


11. Password: Enter password for the account.
12. Physical Terminal Assignment: Physical SIP station number or phone line assignment.
13. Preferred ptime: Select 10, 20, or 30. This is the packetization time in milliseconds, length of time
carried in one RTP packet.
14. Preferred codec 1 through codec 6: Select a preferred codec. Codecs are used to digitally encode
and compress analog audio information, striking a balance between bandwidth and voice quality.
15. Start SIP client: After you finish entering your changes, then click the Start SIP client button to
implement the changes.
16. Stop SIP client: Click to stop the SIP client first before changing any of the parameters.
17. Restore default setting: Click to restore the default voice basic settings.
18. Apply: Click to apply the changes entered.

6.1.2 Global Parameters SIP Basic Settings


You can configure global parameters that affect the entire specified interface.

1. Bound Interface Name: select the interface name.


2. IP Address Family: IPV4 is the default.
3. Start SIP client: After you finish entering your changes, then click the Start SIP client button to
implement the changes.
4. Stop SIP client: Click to stop the SIP client first before changing any of the parameters.
5. Restore default setting: Click to restore the default voice basic settings.

TM 87-10878 Rev. A 99
ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

6. Apply: Click to apply the changes entered.

6.2 SIP Advanced Setting


You can set SIP Call features by specifying options in the SIP Advanced Setting menu.
Click the SIP Advanced Setting menu item under Voice. Under the Service Provider tab, the Voice--
SIP Advanced Configuration screen displays where you can set SIP call features for voice account 0
and voice account 1. To set SIP call features on a global level for all voice accounts, select the Global
Parameters tab.

6.2.1 VoiceSIP Advanced Configuration


Click the Service Provider tab in the SIP Advanced Setting menu item. The Voice--SIP Advanced
Configuration screen displays where you can set numerous SIP call features for voice account 0 and
voice account 1.

100 TM 87-10878 Rev. A


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Activated SIP Call Features: Click each SIP call feature to activate the feature for each account
number.
1. Call waiting: Lines currently connected receive an audible beep to identify that another call is
pending.

TM 87-10878 Rev. A 101


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

2. Call forwarding number: Enter the phone number where you want to redirect your calls.
3. Forward unconditionally: All calls are redirected to another phone number.
4. Forward on busy: Calls are redirected to another phone number when your line is busy.
5. Forward on no answer: Calls are redirected to another phone number after a specified number of
rings.
6. MWI: Check to select Message Waiting Indicator.
7. Call barring: Allows you to restrict outbound calling to specific numbers or dialing codes, and also
allows you to bar incoming calls.
8. Call barring pin: enter the pin code to cancel Call Barring on outgoing calls.
9. Call barring digit map: A digit map defines phone specific dialing behavior, for example, a
template that matches different sequences of digits that users dial as part of their interaction with
their phone system. A Call Barring digit map has rules that apply to Call barring.

10. Warm Line and Hot Line


Hot Line and Warm Line allow the user to place an outgoing call to a preprogrammed number
without having to dial the telephone number by lifting the phone off hook. Incoming calls are not
affected by the Hot Line or Warm Line feature.
A line configured for Hot Line cannot place outgoing calls to any number other than the
preprogrammed number.
Warm Line service differs in that when the receiver is lifted off the hook, there is a delay of seconds
before the ONT sends the call automatically to a pre-programmed number. Also during the delay
period before the pre-programmed number is dialed, the subscriber can dial another number with a
configured override feature that overrides the pre-programmed number. The subscriber is able to
configure the delay period, usually from 1 to 20 seconds.
Warm Line number: enter the preprogrammed number for the line configured with the Warm Line
feature.
Warm line override number: enter the phone number that will override the pre-programmed Warm
Line number during the delay period before the pre-programmed number is dialed.
Hot line number: enter the preprogrammed number for the line configured with the Hot Line
feature.
11. Anonymous call blocking: Blocks any incoming unidentified number.
12. Anonymous calling: Making calls without revealing your identity to those you are calling.
13. DND: Check to turn on the Do Not Disturb (DND) feature. This feature may have the following two
options: 1) where no incoming call information is presented to the user and the phone beeps, or 2)
the ringer is turned off, but incoming call information is presented to the phone, so user can accept
the call if desired.
14. Enable T38 support: Click to enable T38 Fax Relay.
15. Enable V18 support: SIP-18 support
16. Registration Expire Timeout: time in seconds when the SIP registration expires.
17. Registration Retry Interval: interval time in seconds when registration is retried.
18. Disconnect Delay (ms): delay time in milliseconds (ms) before a call disconnects.

102 TM 87-10878 Rev. A


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

19. DSCP for SIP: Select the Differentiated Services (DiffServ) value for SIP.
20. DSCP for RTP: Select the Differentiated Services (DiffServ) value for Real-time Transport
Protocol (RTP). RTP is regarded as the primary standard for audio/video, multimedia transport in IP
networks.
21. DTMF Relay setting: Select Inband, SIPinfo, or RFC2933. This is Dual-tone Multi-frequency
Relay (DTMF) mechanism where a voice gateway listens for in-call tones and relays them to the
peer. Relaying DTMF prevents losing signal integrity over voice compressed codecs.
22. Hook Flash Relay setting: Select SIPInfo or None.
23. SIP Transport protocol: UDP is the only option.
24. SRTP Configuration: Disabled is the default and cannot be changed.
25. Enable SIP tag matching: Check to enable.
26. Music Server: Enter music server IP address.
27. Music Server port: Enter the music port server number.
28. Start SIP client: Click to start SIP client.
29. Stop SIP client: Click to stop SIP client.
30. Apply: Click to apply and save configuration changes.

6.2.2 Global ParametersSIP Advanced Settings


Click the Global Parameters tab to display the Global Parameters screen. You can configure global
parameters that affect the entire specified interface.

1. Start SIP client: After you finish entering your changes, then click the Start SIP client button to
implement the changes.
2. Stop SIP client: Click to stop the SIP client first before changing any of the parameters.

TM 87-10878 Rev. A 103


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

3. Apply: Click to apply the changes entered.

6.3 SIP Debug Setting


If logging is enabled, the system logs specified events that are set in the Global Parameters screen in SIP
Debug Settings. The system can output Error, Notice, or Debug logs.

6.3.1 Service Provider--SIP Debug Setting


Click on SIP Debug Setting menu item under Voice. The VoiceSIP Debug Configuration screen
displays.

1. SIP log server IP Address: Enter the IP address for the SIP log server.
2. SIP log server port: Enter the SIP log server port number.
For the selected line number, select the following:
3. VAD support: This is Voice Activity Detection support. Check to enable VAD support.
4. Ingress gain: Select from 20 to -20.
5. Egress gain: Select from 20 to -20.
6. Start SIP client: After you finish entering your changes, then click the Start SIP client button to
implement the changes.
7. Stop SIP client: Click to stop the SIP client first before changing any of the parameters.
8. Apply: Click to apply the changes entered.

104 TM 87-10878 Rev. A


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

6.3.2 Global ParametersSIP Debug Settings


You can select the Console Log Level to output debug error messages globally for the interface. Click
the Global parameters tab in SIP Debug Setting.

1. Vodsl Console Log Level: Select type of console log level to output: Error, Notice, or Debug.
2. Start SIP client: After you finish entering your changes, then click the Start SIP client button to
implement the changes.
3. Stop SIP client: Click to stop the SIP client first before changing any of the parameters.
4. Apply: Click to apply the changes entered.

TM 87-10878 Rev. A 105


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

106 TM 87-10878 Rev. A


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Chapter 7 Diagnostics
The EPON Multi-service Residential Gateway is capable of testing your Ethernet connections. The
Diagnostics screen allows you to run diagnostic tests to check your Ethernet and wireless connections.
The results show if the Ethernet interface from your computer is connected to the LAN port of the
ONT and if the wireless interface from your computer is connected to the LAN port of the ONT.
If a test shows a Fail status, click the Rerun Diagnostic Test button to check that the Fail status is
consistent. If the test continues to fail, click Help and follow the troubleshooting procedures. These
procedures are also described below.
If all the tests pass, close and restart your Web browser to access the Internet.

If a test fails, follow the troubleshooting procedures listed below.

7.1 Troubleshooting
1. If you are not able to access this page, verify that the Ethernet cable from your computer or your
hub is connected to the LAN port on the ONT. Reseat the cable by unplugging both ends and
reconnecting them to their respective ports.
2. Turn off the ONT. Wait 10 seconds and turn it back on.
3. Make sure you are using the Ethernet cable supplied with your ONT.
4. With the ONT on, use a stick to press the reset button on the ONT for over one (1) second and
release it. This resets the ONT to its default settings. Wait for the ONT to initialize, then close and
restart your Web browser. To reconfigure the ONT, type your account username and password.

TM 87-10878 Rev. A 107


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Contact Aurora Networks Technical Support if you have tried all of the above and are still
experiencing a Fail condition.

108 TM 87-10878 Rev. A


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Chapter 8 Management
You have many tools to manage your ONT. You can perform the following operations:

Backup and Update settings


Restore Default Settings
Set up the System Log and Security Log
Set up the SNMP Agent

8.1 Set up the SNMP Agent


The Simple Network Management Protocol (SNMP) is used mostly in network management systems
to monitor network-attached devices for conditions that require administrative attention. SNMP agents,
which is the software that runs on managed devices, expose management data on the managed systems
as variables. These variables are known as Management Information Bases (MIBs). The protocol
allows active management tasks, such as modifying and applying a new configuration through remote
modification of these MIBs.
Click on the SNMP Agent menu item under Management. The SNMPConfiguration screen
displays below. You can enable the SNMP agent so that you can retrieve statistics and status on this
ONT.

1. SNMP Agent: click to enable or disable the SNMP agent.


2. Apply/Save: Click to apply the change and save the configuration.

TR-069 Client
Set up Internet Time on the ONT

TM 87-10878 Rev. A 109


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Set up Access Control on the ONT--user permissions, passwords


Update Software (ONT firmware)
Reboot the ONT

8.2 Settings
You can back up your ONTs configuration to a file, update the ONTs configuration, and restore the
ONTs configuration from a file. You can also simply restore the ONT to its factory default settings.

8.2.1 Backup
You can back up your ONTs configurations to a file on your PC. This function allows you to transfer
the entire configuration of one ONT to another ONT in case you need to clone the configuration or
replace it. Click Backup under Settings under Management to display the Settings-Backup screen.

1. Click the Backup Settings button to display a window showing an XML file of the configuration
settings.
a. You can open the .conf file with Wordpad (better formatting) or Notepad or Word.
b. You can save the file . Suggest you save the file with an .xml extension.

110 TM 87-10878 Rev. A


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

8.2.2 Update
You can update your ONTs setting using a saved settings file. Click Update under Settings under
Management to display the ToolsUpdate Settings screen.

1. Click the Browse button to locate your settings file. Open the file and make your changes.
2. Click the Update Settings button to update the settings file.

8.2.3 Restore Default Settings


You are able to restore your ONTs configuration settings to factory default settings. You might wish
to do this if you lose or corrupt your settings file. Click Restore Default under Settings under
Management to display the ToolsRestore Default Settings screen.

TM 87-10878 Rev. A 111


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Figure 16 Restore Default Settings

1. Click the Restore Default Settings button to restore your ONTs configuration settings to factory
default settings. See Section 2.1, Factory Default Settings, for a description of the default settings.

8.3 System Log


You can view the System Log and configure System Log options. Click on the System Log menu item
under Management. The System Log screen displays.

1. View System Log: Click to view the information in the System Log.

112 TM 87-10878 Rev. A


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

a. Refresh: click to update the information in the system log.


2. Configure System Log: Click to configure options for the System Log.

a. Log: Select Disable or Enable to stop or start logging selected events.


b. Log Level: Select type of events to logDebugging, Emergency, Alert, Critical,
Error, Warning, Notice, or Informational. All events above or equal to the selected
level are logged.

TM 87-10878 Rev. A 113


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

c. Display Level: All logged events above or equal to the selected level are displayed.
The levels are: Debugging, Emergency, Alert, Critical, Error, Warning, Notice,
Informational.
d. Mode: Modes are Local, Remote, or Both.

For Remote or Both mode: Events are sent to the


specified IP address and UDP port of the remote
syslog server.
Enter the server IP address and the server UDP port
number.

For Local or Both mode: Events are recorded in the


local memory.
e. Apply/Save: Click to apply the change and save the configuration.

8.4 Security Log


You can view the Security Log and configure options for the Security Log. Click Security Log under
Management to display the Security Log screen.

1. View: Click to view the information in the Security Log.


2. Reset: Click to clear and reset the Security Log.
3. Right-click here: saves the Security Log to a file.

114 TM 87-10878 Rev. A


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

8.5 SNMP Agent


The Simple Network Management Protocol (SNMP) is used mostly in network management systems
to monitor network-attached devices for conditions that require administrative attention. SNMP agents,
which is the software that runs on managed devices, expose management data on the managed systems
as variables. These variables are known as Management Information Bases (MIBs). The protocol
allows active management tasks, such as modifying and applying a new configuration through remote
modification of these MIBs.
Click on the SNMP Agent menu item under Management. The SNMPConfiguration screen
displays below. You can enable the SNMP agent so that you can retrieve statistics and status on this
ONT.

3. SNMP Agent: click to enable or disable the SNMP agent.


4. Apply/Save: Click to apply the change and save the configuration.

8.6 TR-069 Client


Technical Report 069 (TR-069) is a Broadband Forum technical specification. It defines a protocol for
remote management of end user devices. The bidirectional protocol provides the communication
between customer premises equipment (CPE) and Auto Configuration Servers (ACS).
You are able to configure options for TR-069 client to direct the ACS to perform auto-configuration,
provision, collection, and diagnostics to the ONT. Click TR-069 Client under Management to display
the TR-060 clientConfiguration screen.

TM 87-10878 Rev. A 115


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1. Inform: Click to disable or enable the start by the CPE of a provisioning session. The session
begins with transmission of an Inform message.
2. Inform Interval: Enter the time in seconds between Inform sessions.
3. ACS URL: Enter the URL for the auto-configuration.
4. ACS User Name: Enter the authorized user name.
5. ACS Password: Enter a password to secure the transport channel and authenticate the CPE
against the Auto-configuration Server (ACS).
6. WAN Interface used by TR-069 client: Select a WAN interface.
7. Display SOAP messages on serial console: Click to enable or disable the ability to display
Simple Object Access Protocol (SOAP) messages on the serial console.
SOAP allows you to communicate with the same or a different operating system by using the
World Wide Web's Hypertext Transfer Protocol (HTTP)and its Extensible Markup Language
(XML) as a way to exchange information.
8. Connection Request Authentication: Check to allow the Auto-configuration Server (ACS) to
request a session start from the CPE. The ACS requests a connection from the CPE by visiting a
negotiated URL and performing HTTP authentication.
When this box is checked, you are asked to enter the following fields:
Connection Request User Name: Enter the name of the user requesting the connection

116 TM 87-10878 Rev. A


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Connection Request Password: Enter the users password.


Connection Request URL: Enter the URL negotiated between the CPE and the ACS.
9. Apply/Save: Click to apply the change and save the configuration.
10. GetRPCMethods: Click to get remote procedure call (RPC) methods.

8.7 Internet Time


You can set the time configuration for the ONT. Click Internet Time under Management to display
the Time Settings screen.

1. Automatically synchronize with Internet time servers: check to synchronize the ONT time
clock with Internet time servers.
2. Apply/Save: Click to apply the change and save the configuration.

8.8 Access Control


You are able to configure three (3) user accounts or user names to control access to the ONT:

adminThe admin user name has unrestricted access to change and view the configuration
of the ONT.
supportThe support user name allows an ISP technician to access your ONT for
maintenance and to run diagnostics.
userThe user user name allows a user to access the ONT, view configuration settings and
statistics, and update the ONTs software.

TM 87-10878 Rev. A 117


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

You can create or change a user name of up to 16 characters. Click on Access Control under
Management to display the Access ControlPasswords screen.

1. User Name: Enter a user name of up to 16 characters.


2. Old Password: Enter your old password.
3. New Password: Create a new password of up to 16 characters. Passwords cannot contain a space.
4. Confirm Password: Re-enter the new password.
5. Apply/Save: Click to apply the change and save the configuration.

8.9 Update Software


If your ISP releases new or updated software for this ONT, you can perform an upgrade by following
the steps in the ToolsUpdate Software screen. Click Update Software under Management to
display the ToolsUpdate Software screen.

118 TM 87-10878 Rev. A


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Browse: Click to browse to locate the new or updated software image file. Currently, use the Browse
option.
Update Software: Click once to upload the new or updated software image file to the ONT.

8.10 Reboot
You can reboot your ONT typically because you have made configuration changes and want to run the
new configurations. The ONT saves the current configuration (as a backup) and then reboots itself
using the new configuration.
The rebooting process takes about 2 minutes to complete.

TM 87-10878 Rev. A 119


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

1. Reboot: Click to start the reboot process on the ONT.

2. Once the reboot process is underway, you see the above screen warning you to close the
configuration window and wait two (2) minutes.

120 TM 87-10878 Rev. A


ONT-2-E4xxxi Multi-service Residential Gateway Series Operator Guide

Index
APC connector .................................................................... 6 Port addresses .................................................................. 12
Audience ............................................................................ ix ports, rear panel ................................................................. 3
Aurora contact information ........................................... ii, xi POTS ports .......................................................................... 6
backup power connector, rear ........................................... 7 power adapter .................................................................... 7
backup power connector, side............................................ 7 Preface ...............................................................................ix
Chapter descriptions .......................................................... ix Product support .................................................................xi
Configuring ONT-2-E4xxxi Series provisioning of data, IPTV, VoIP ......................................... 2
before you start ............................................................ 11 QoS
factory default settings ................................................ 11 class of service ............................................................... 8
IP address and subnet mask ......................................... 12 diffserv markings............................................................ 8
log out .......................................................................... 13 related documentation ...................................................... x
password ...................................................................... 11 remote software upgrade .................................................. 9
username...................................................................... 11 residential gateway ............................................................ 7
contact us ........................................................................... ii Revision date, revision history ........................................... ii
Contact us .......................................................................... xi RF overlay ........................................................................... 6
Conventions used in this guide .......................................... ix RF video
Copyright ............................................................................ ii RF overlay ...................................................................... 6
customer support area, Aurora Web site ........................... x rich packet filtering ............................................................ 8
DDNS ................................................................................... 8 SC/APC fiber optic network interface................................. 5
DHCP ................................................................................... 8 server, virtual ..................................................................... 8
DHCP addressing ............................................................... 12 Support...............................................................................xi
DHCP server ...................................................................... 12 technical manuals...................... See related documentation
Documentation feedback .................................................. xi Technical support ...............................................................xi
documentation, related ...................................................... x telephone ports .................................................................. 6
ECO number ........................................................................ ii Trident7 Element Management Suite ................................ 2
EMS provisioning ................................................................ 2 UPC connector.................................................................... 6
ethernet connections.......................................................... 5 upgrade software, remotely............................................... 9
fiber optic network interface .............................................. 6 user guides ................................ See related documentation
firewall, security ................................................................. 8 user permissions .............................................................. 11
GUI interface ....................................................................... 9 Username and password .................................................. 11
connecting .................................................................... 13 virtual server ...................................................................... 8
IP address and subnet mask ............................................. 12 voice ports .......................................................................... 6
link length ........................................................................... 5 WAN information ............................................................. 16
Log out .............................................................................. 13 Web GUI ........................................................................... 12
Mask, subnet .................................................................... 12 web GUI interface .............................................................. 9
NAT/NAPT ........................................................................... 7 connecting ................................................................... 13
optical network interface.................................................... 5 web site, Aurora Networks ................................................. x
option 82............................................................................. 8 wireless .............................................................................. 6
Organization of this guide .................................................. ix wireless access point
password, Aurora Web site................................................. x IEEE 802.11b/g/n ........................................................... 6
Password, default ............................................................. 11 wi-fi ................................................................................ 6
PC configuration ............................................................... 12

TM 87-10878 Rev. A 121


Wireless Gateway ONT-G4020iWn Operator Guide

122 TM 87-10878 Rev. A