- Enable SSH enables SSH access to the Bitlomat unit.
- Enable Login with password is used to authenticate using Administrator credentials in order to grant SSH access to the device. An Authentication Key will be required otherwise.
- Port is the SSH service TCP/IP port setting.
- Interface selector can be used to prevent from accessing the unit via SSH through certain interfaces.
- Key Management can be used to add a Public key file to get SSH access to the unit instead of using an admin password.
Traffic shaping for the cabled and wireless interfaces (per SSID) can be set up.
- Enable Traffic Shaping is used to enable/disable the service.
- The list of the available interfaces/SSID is reported. For each interface, incoming and outgoing traffic limits in Kb/s can be defined.
A MAC address Access Control List to allow or prevent specific MAC addresses from joining the wireless network. For each MAC address it is possible to specify the behavior rule (deny or allow).
NAT and Port Forwarding
- Rule Number indicates the priority of the firewall rule. The smaller the number, the higher the priority.
- Action allows two specific firewall rules: ALLOW or DENY. By enabling “ALLOW”, the packets can pass the firewall unmodified. When choosing “DENY”, the packets are denied passage through the firewall and no response is sent.
- Input Interface specifies where filtering of the incoming/passing-through packets is processed;
- Protocol sets which particular L3 protocol type (IP, ICMP, TCP, UDP) should be filtered;
- Source IP/Netmask is the source IP of the packet (specified within the packet header), usually it is the IP of the host system that sends the packets;
- Source Port is the source port of the TCP/UDP packet (specified within the packet header), usually it is the port of the host system application that sends the packets;
- Destination IP/Netmask is the destination IP of the packet (specified within the packet header), usually it is the IP of the system which the packet is addressed to;
- Destination Port is the destination port of the TCP/UDP packet (specified within the packet header), usually it is the port of the host system application which the packet is addressed to.
- Not operators can be enabled for inverting the Source IP/mask, Source Port, Destination IP/mask and Destination Port filtering criteria (i.e. if not is enabled for the specified Destination Port value 443, the filtering criteria will be applied to all the packets sent to any Destination Port except the 443, which is commonly used by HTTPS).
- Service selector is used to point the DDNS Bitlomat unit client to an online DDNS provider.
- Domain defines the Dynamic DNS Host Name used to access the unit from remote as specified by the online DDNS providers.
- Username defines the Dynamic DNS Username.
- Password defines the Dynamic DNS password. Check “show” to display the password.
- Enable SNMP control will enable SNMP Agent.
- SNMP Community specifies SNMP community string. It is required to authenticate access to MIB objects and functions as embedded password. The device supports a Read-only community string that gives read access to authorized management servers to all the objects in the MIB.The default SNMP Community is ”public”.
- Contact specifies the identity or the contact who should be contacted in case a emergency situation arise.
- Location specifies the physical location of the device.
Mail notifier can be configured, enabled or disabled.
Notifier entries can be specified by using the following criteria:
- SMTP Server: ip address of the server
- Port: server’s port
- Authentication: authentication method used to access the server
- Encryption: encryption method
- Source mail address: is the source mail address that sends the notifications
- Destination mail address: is the destination mail address that receives the notifications generated by the radio
- CPE disconnects for more than: sets a time duration for a disconnected radio, when exceeded will be triggered an alarm
- CPE signal is lower than:sets a threshold of the radio’s signal strength under which an alert will be triggered