edgeBOX User Manual - Critical Links

standguideΔίκτυα και Επικοινωνίες

26 Οκτ 2013 (πριν από 4 χρόνια και 14 μέρες)

364 εμφανίσεις

USER MANUAL V5.0
Dramatically simplifying voice and data networking
Precautions have been taken to assure accuracy of the information written in this user’s manual. Typographic or
pictorial errors that are brought to our attention will be corrected in subsequent issues.
Product specifications in this manual are nominal and are provided for the convenience of our customers. They
are all correct at the date of publication. Critical Links reserves the right to make product changes from time to
time, without prior notification, which may change certain specifications or characteristics shown. We therefore
recommend you to check for changes or updates before using for customer projects or further product
developments
No material will be accepted for return unless Critical Links grants permission in writing.
The handling, installation and usage of the edgeBOX are applicable to certain environments and may be
required for code compliance. Features of the device will not provide protection against abuse, misuse, improper
installation or maintenance. It is important that installation, operation and maintenance are performed in
accordance with instructions supplied in the manual. Electricity and electrical devices must always be treated
with caution and respect.
Disclaimer
Product Support
The edgeBOX software is distributed according to the End User License Agreement EULA included at the end of
this User Guide. By using the software you agree to be bound by this EULA. If you do not agree to the terms and
limitations of the EULA you should not use the software.
End User License Agreement
For product technical support please visit the following web site http://www.edgebox.com or contact us at the
following email address: support@critical-links.com.
Critical Links, Inc
695 Route 46 West
Fairfield, NJ 07004
USA
Phone: 973.276.9006
Support Hotline: +1 888 433 4326
Website: www.critical-links.com
Email: support@critical-links.com
Critical Links, Inc.
4 edgeBOX 5.0 Help
Table of Contents
1. About edgeBOX
10
..................................................................................................................... 11
1.1. Introducing the award-winning edgeBOX
..................................................................................................................... 12
1.2. edgeBOX's main features
..................................................................................................................... 13
1.3. Unpack and setup edgeBOX
..................................................................................................................... 14
1.4. Connecting to edgeBOX's web interface
..................................................................................................................... 16
1.5. Understanding edgeBOX's web interface
..................................................................................................................... 19
1.6. Connecting to edgeBOX's console
..................................................................................................................... 20
1.7. Working with edgeBOX's LCD panel
..................................................................................................................... 21
1.8. License, Hardware and Software
2. Initial Configuration
22
3. Dashboard
26
4. Network
29
..................................................................................................................... 30
4.1. Configure the internet connection (WAN interface)
......................................................................................................................................................... 30
through another device such as a cable modem or a router
......................................................................................................................................................... 31
through a DSL/PPPoE connection
..................................................................................................................... 32
4.2. Change the local network properties (LAN)
..................................................................................................................... 33
4.3. Change the DMZ settings
..................................................................................................................... 34
4.4. View and manage VLANs
..................................................................................................................... 35
4.5. Interfaces Physical and Logical Status
..................................................................................................................... 36
4.6. Monitor connections through edgeBOX
..................................................................................................................... 37
4.7. Change edgeBOX's hostname and network domain
..................................................................................................................... 38
4.8. View the system routes
..................................................................................................................... 39
4.9. Manage static routes
..................................................................................................................... 40
4.10. Wireless
......................................................................................................................................................... 41
Configure and turn on the wireless network
......................................................................................................................................................... 43
Indicate the type of authentication
......................................................................................................................................................... 46
Make the wireless network more secure
......................................................................................................................................................... 47
Make the wireless network public
..................................................................................................................... 47
4.11. Managing the DNS server
......................................................................................................................................................... 48
Adding or Editing DNS domains
.................................................................................................................................................. 48
How to add a Master domain
.................................................................................................................................................. 50
How to add a Slave domain
.................................................................................................................................................. 51
How to add a Forwarder domain
......................................................................................................................................................... 51
Changing global DNS Settings
......................................................................................................................................................... 52
Managing DNS ACLs
......................................................................................................................................................... 53
Managing hosts on an existing domain
Critical Links, Inc.
5Network
..................................................................................................................... 54
4.12. Use Dynamic DNS
..................................................................................................................... 55
4.13. Using the DHCP service
......................................................................................................................................................... 56
Assign IP addresses using Ranges
......................................................................................................................................................... 57
Assign IP addresses using MAC-IP rules
......................................................................................................................................................... 58
Configure DHCP advanced settings
......................................................................................................................................................... 59
DHCP Leases
..................................................................................................................... 59
4.14. Manage the Webcache size and sites
..................................................................................................................... 60
4.15. Using NAT and Port Forwarding
..................................................................................................................... 61
4.16. Using QoS
......................................................................................................................................................... 63
QoS Upload configuration
......................................................................................................................................................... 64
QoS Download configurations
......................................................................................................................................................... 64
Service Classification
......................................................................................................................................................... 65
Internet and DMZ QoS statistics
5. VPN
67
..................................................................................................................... 67
5.1. IPSec
......................................................................................................................................................... 69
General
.................................................................................................................................................. 70
Advanced
..................................................................................................................... 71
5.2. PPTP
......................................................................................................................................................... 72
PPTP Properties
..................................................................................................................... 73
5.3. L2TP
6. Security
75
..................................................................................................................... 75
6.1. Firewall
......................................................................................................................................................... 76
Securing the Internet and DMZ links
......................................................................................................................................................... 76
Securing Internal Connections
......................................................................................................................................................... 77
Using Advanced Firewall Rules
..................................................................................................................... 79
6.2. Setting up a DMZ
..................................................................................................................... 80
6.3. Enabling NAT for the private networks
..................................................................................................................... 80
6.4. Using Port Forwarding
..................................................................................................................... 81
6.5. Website Access Restrictions
......................................................................................................................................................... 82
Domains
......................................................................................................................................................... 83
Words in URL
..................................................................................................................... 83
6.6. Install and Manage Anti Virus Engines
..................................................................................................................... 83
6.7. Scanning Shared Folders for viruses
..................................................................................................................... 84
6.8. Scanning E-Mail for Viruses
......................................................................................................................................................... 85
Messages
......................................................................................................................................................... 86
Actions
......................................................................................................................................................... 86
Quarantine
..................................................................................................................... 87
6.9. Scanning E-Mail for SPAM
7. Office Servers
89
..................................................................................................................... 89
7.1. Manage your web sites and intranets
......................................................................................................................................................... 90
Setting up multiple websites
..................................................................................................................... 92
7.2. E-mail Server and Webmail
......................................................................................................................................................... 92
E-mail Queue
Critical Links, Inc.
6 edgeBOX 5.0 Help
......................................................................................................................................................... 93
E-mail domains and Webmail
......................................................................................................................................................... 93
Aliases and Mailing Lists
......................................................................................................................................................... 94
Settings and Permissions
.................................................................................................................................................. 96
SMTP Access Control
..................................................................................................................... 97
7.3. Windows Server
..................................................................................................................... 99
7.4. Windows Shared Folders
......................................................................................................................................................... 100
Shares
.................................................................................................................................................. 102
Setup Share Permissions
......................................................................................................................................................... 103
Temporary Shared Folders
..................................................................................................................... 103
7.5. Windows Shared Printers
8. IP-PBX and VoIP
105
..................................................................................................................... 106
8.1. IP-PBX Overview
..................................................................................................................... 108
8.2. Managing your phones
......................................................................................................................................................... 109
Understanding the Phones list
......................................................................................................................................................... 111
Creating phones
.................................................................................................................................................. 113
SIP and IAX phone extensions
.................................................................................................................................................. 115
Analog phone extensions and fax machines
.................................................................................................................................................. 116
ISDN Phone extensions
......................................................................................................................................................... 116
Connecting phones
.................................................................................................................................................. 117
Connecting VoIP Phones
.................................................................................................................................................. 118
Connecting Analog Phones and FAX machines
.................................................................................................................................................. 118
Connecting ISDN Phones
......................................................................................................................................................... 119
Automatic configuration of phone devices
.................................................................................................................................................. 122
Auto Configuration Modes
......................................................................................................................................................... 123
Phone Groups and Access Control
......................................................................................................................................................... 126
Twinning
......................................................................................................................................................... 128
Internal Dial Plan
..................................................................................................................... 129
8.3. Configuring incoming call rules
......................................................................................................................................................... 130
Creating incoming call rules
......................................................................................................................................................... 133
Defining Automated Attendant menus
......................................................................................................................................................... 135
Schedules
..................................................................................................................... 135
8.4. Define your outgoing call rules
......................................................................................................................................................... 136
Authentication
......................................................................................................................................................... 136
Rules Definition
......................................................................................................................................................... 138
Emergency number
..................................................................................................................... 139
8.5. Configuring Voice Lines
......................................................................................................................................................... 140
VoIP Providers
......................................................................................................................................................... 141
ENUM service
......................................................................................................................................................... 142
Remote Offices
......................................................................................................................................................... 143
Hardware
.................................................................................................................................................. 143
ISDN BRI
.................................................................................................................................................. 144
ISDN PRI
........................................................................................................................................... 146
How to change configuration mode (E1 / T1)
.................................................................................................................................................. 146
Analogue FXO-FXS
..................................................................................................................... 147
8.6. Phone operations
......................................................................................................................................................... 148
Blind and Supervised Transfers
......................................................................................................................................................... 149
Group Calls
......................................................................................................................................................... 149
Intercom Calls
......................................................................................................................................................... 150
Call Listening and Call Whispering
......................................................................................................................................................... 151
Call Pick-Up
Critical Links, Inc.
7IP-PBX and VoIP
......................................................................................................................................................... 151
Twinning
......................................................................................................................................................... 152
Follow Me
......................................................................................................................................................... 153
One Touch Recording
......................................................................................................................................................... 153
Labeling CDR records with Cost Centers
..................................................................................................................... 154
8.7. Conference Rooms
..................................................................................................................... 155
8.8. Managing Call Queues
......................................................................................................................................................... 157
Advanced Settings for Queues
..................................................................................................................... 158
8.9. Codecs
..................................................................................................................... 159
8.10. MailFax Service
......................................................................................................................................................... 161
How to send a fax using MailFax?
..................................................................................................................... 162
8.11. Advanced VoIP Options
......................................................................................................................................................... 162
Voicemail
......................................................................................................................................................... 163
Call Parking
......................................................................................................................................................... 163
Operation Key Codes
......................................................................................................................................................... 164
Customize Sound Files
......................................................................................................................................................... 165
Define Country Zone
......................................................................................................................................................... 165
Echo Cancellation
......................................................................................................................................................... 166
G.729 Licensing
......................................................................................................................................................... 166
Billing Service
......................................................................................................................................................... 167
Manager Interface
......................................................................................................................................................... 168
Advanced NAT
..................................................................................................................... 169
8.12. Music On-Hold
..................................................................................................................... 170
8.13. Automatic Call Recording
..................................................................................................................... 172
8.14. VoIP activity logs - CDR
..................................................................................................................... 172
8.15. Default Predefined Phone Numbers
9. Users
174
..................................................................................................................... 174
9.1. Authentication
......................................................................................................................................................... 175
Managing network users
.................................................................................................................................................. 177
Importing and Exporting Users
.................................................................................................................................................. 179
Default Quota
......................................................................................................................................................... 179
Activating Authentication
......................................................................................................................................................... 181
Using remote authentication
.................................................................................................................................................. 181
Using a remote RADIUS Server
.................................................................................................................................................. 182
Using a remote LDAP Server
.................................................................................................................................................. 183
Using a remote AD Server
......................................................................................................................................................... 184
Customize the user login web page
..................................................................................................................... 186
9.2. Privileges
......................................................................................................................................................... 189
Fine tunning Internet and DMZ access
......................................................................................................................................................... 190
Access to other VLANs
..................................................................................................................... 191
9.3. Groups
..................................................................................................................... 191
9.4. Delegate a Local Administrator
..................................................................................................................... 194
9.5. View currently Connected Users
..................................................................................................................... 194
9.6. Configure authorized RADIUS clients
10. System
196
..................................................................................................................... 196
10.1. Adjusting Date and Time
Critical Links, Inc.
8 edgeBOX 5.0 Help
..................................................................................................................... 198
10.2. Administration
..................................................................................................................... 199
10.3. Managing Software Updates
..................................................................................................................... 201
10.4. Backup & Restore
......................................................................................................................................................... 202
Immediate Backup
......................................................................................................................................................... 203
Scheduled Backups
..................................................................................................................... 205
10.5. Using HotBackup for redundancy
......................................................................................................................................................... 208
Managing software updates in a Hotbackup scenario
..................................................................................................................... 210
10.6. Notifications
..................................................................................................................... 211
10.7. Managing and Diagnosing RAID
......................................................................................................................................................... 212
Disk Notifications
......................................................................................................................................................... 212
Replacing a faulty disk
..................................................................................................................... 213
10.8. Reading and Managing System Logs
..................................................................................................................... 214
10.9. RADIUS Accounting
..................................................................................................................... 215
10.10. SNMP
..................................................................................................................... 216
10.11. Maintenance
..................................................................................................................... 217
10.12. Services Control Panel
..................................................................................................................... 217
10.13. Hardware Monitor
..................................................................................................................... 218
10.14. Diagnostic Tools
..................................................................................................................... 219
10.15. Remote Management
11. Reporting
221
..................................................................................................................... 221
11.1. System
......................................................................................................................................................... 221
CPU
......................................................................................................................................................... 222
Memory
......................................................................................................................................................... 223
Load
......................................................................................................................................................... 224
Disk Usage
......................................................................................................................................................... 225
Interfaces
..................................................................................................................... 226
11.2. Services
......................................................................................................................................................... 226
HTTP Access
......................................................................................................................................................... 227
Web Server
......................................................................................................................................................... 228
Firewall
......................................................................................................................................................... 229
E-mail
......................................................................................................................................................... 230
VoIP
......................................................................................................................................................... 231
VPN
..................................................................................................................... 232
11.3. Users
......................................................................................................................................................... 232
General
......................................................................................................................................................... 233
Accounting
......................................................................................................................................................... 234
HTTP Access
......................................................................................................................................................... 234
E-mail
......................................................................................................................................................... 235
VoIP
......................................................................................................................................................... 236
VPN
12. User Services and Applications
237
..................................................................................................................... 238
12.1. Temporary Shared Folders
..................................................................................................................... 242
12.2. Webmail
..................................................................................................................... 243
12.3. Flash Operator Panel (FOP)
Critical Links, Inc.
9User Services and Applications
......................................................................................................................................................... 244
FOP Login
......................................................................................................................................................... 246
Initiate a Call
......................................................................................................................................................... 247
External Calls
......................................................................................................................................................... 248
Transfer a call
......................................................................................................................................................... 248
Barging
......................................................................................................................................................... 248
Create an Agent
......................................................................................................................................................... 249
Queue Managment
......................................................................................................................................................... 249
Park-Unpark Calls
......................................................................................................................................................... 250
Conference Calls
......................................................................................................................................................... 250
Typical Caller Scenario
13. Appendices
251
..................................................................................................................... 251
13.1. Appendix A: Authentication
......................................................................................................................................................... 251
Authentication architecture
......................................................................................................................................................... 251
Require users to login vs Privileges policies
......................................................................................................................................................... 253
Putting it all together
......................................................................................................................................................... 253
Remote configuration
..................................................................................................................... 254
13.2. Appendix B: Connecting to Wireless
......................................................................................................................................................... 256
802.1x
......................................................................................................................................................... 258
WPA
..................................................................................................................... 260
13.3. Appendix C: Windows Integration
......................................................................................................................................................... 260
Adding a Windows Host to edgeBOX Domain
......................................................................................................................................................... 261
Mapping a Shared Folder on Windows
..................................................................................................................... 262
13.4. Appendix D: VLAN based Infrastructure
......................................................................................................................................................... 264
VLAN Scenario 1
......................................................................................................................................................... 265
VLAN Scenario 2
......................................................................................................................................................... 267
VLAN Scenario 3
......................................................................................................................................................... 268
VLAN Scenario 4
..................................................................................................................... 269
13.5. Appendix E: Factory Reset
..................................................................................................................... 270
13.6. Appendix F: edgeBOX Network Services
..................................................................................................................... 271
13.7. Appendix G: Usernames and Passwords
10 edgeBOX 5.0 Help
Critical Links, Inc.
1 About edgeBOX

Critical Links’ edgeBOX is a network appliance that consolidates the voice, data and IT
functions at a Small and Medium Business (SMB) into one single appliance.
Specifically, it provides IP-PBX and VoIP, comprehensive Networking, Quality of Service
(QoS), Wi-Fi Access Point, Windows Server - with advanced File and Print sharing, network
access profiles - Privileges, Security tools, such as Anti Virus and Firewall and SMB Office
Servers (e-mail / web server / windows server).
While all this is commonly delivered using up to 8 different independent products/devices,
Critical-Links' edgeBOX provides an unified architecture and delivers all this in a single
product.
Introducing the award-winning edgeBOX
edgeBOX's main features
Unpack and install edgeBOX to the network
Connecting to edgeBOX's web interface
Understanding edgeBOX's web interface
Connecting to edgeBOX's console
Working with edgeBOX LCD panel
License, Hardware and Software
11About edgeBOX
Critical Links, Inc.
1.1 Introducing the award-winning edgeBOX
The edgeBOX appliance comes in 3 different form factors (with different redundancy & fault-
tolerance options).
The edgeBOX comes with a wide range of interfaces to connect to the Internet and the PSTN (such
as FXO/FXS, Ethernet, ISDN PRI/BRI, T-1/E-1 etc).
Every edgeBOX has an intuitive GUI that allows the user to access the box and configure the various
functions very easily. NOTE: The box already comes with a set of default configurations that will
allow most customers to just literally power on the box and begin to use it; it also provides a
customer the ability to customize the settings to support their environment.
The edgeBOX:
1.Dramatically simplifies the SMB voice and data infrastructure
 It replaces up to 8 independent products/devices with 1 device
 Reduces maintaining & managing several devices (and vendors)
2.Increases Productivity and Convenience at the SMB
 Provides the broadest range of voice, data and IT capability
 Managed through a simple, unified interface, even remotely
3.Reduces initial investment & recurring operational expenses over 60%
 Initial cost reduced to less than a third of a multi-device solution
 Recurring costs are nominal; remote, simplified management
4.Environmentally (and economically) friendly
 Much smaller carbon footprint lower power/space consumption
 Lower waste generated at end of life
The edgeBOX eliminates the traditionally painful trade-off between features, complexity and cost at a
SMB. SMBs have had to incur a high degree of complexity (due to the many devices and vendors
needed to be managed) and the attendant cost (due to expensive IT support) to get much needed
voice and data features. Now with the edgeBOX a customer can get a broad range of voice, data
12 edgeBOX 5.0 Help
Critical Links, Inc.
and IT services for a fraction of existing costs. The edgeBOX is changing the rules of the game for
the SMB. The SMBs can now focus on their core competence instead of worrying about the cost and
complexity of managing their networking
The edgeBOX, by integrating the voice, data and IT features, in one appliance and managed by a
simple GUI dramatically reduces the complexity and brings down the costs. The edgeBOX, based on
open source standards, also ensures a best-of-breed solution that is competitively superior in terms
of both feature richness and cost.
A remote based management system ensures remote provisioning, monitoring and management of
several edgeBOX appliances as well, further simplifying and cost reducing maintenance.
The edgeBOX incorporates a set of functional capabilities that are necessary when provisioning voice
and data services at a SMB. If a VoIP service is to be provisioned, for example, in addition to
configuring the IP-PBX, Quality of Service (QoS), Firewall, Router tables, e-mail server, etc, have to
also be usually configured. All this can be done right in the edgeBOX appliance from a GUI and
without having to concern about the peculiarity of different devices, interoperability, and making all of
them work together. This not only reduces the upfront cost but also speeds up service turn up.
The edgeBOX comes provisioned with a default configuration for the router/switch settings and also
for commonly used SIP phones, further enhancing the user experience.
The number of features available on the edgeBOX is unmatched competitively and it provides more
voice and data services than most SMBs would require currently. In addition, value-added application
packages called edgePACKs, are also available for specific vertical segments; these further augment
the networking services in the edgeBOX with application oriented capabilities. Current edgePACKs
include the Learning Management System (for academia), Content Management System (for
managing website content), and edgeExchange (for e-mail, calendar and content sharing).
More information on the edgeBOX:
Critical Links, Inc.
695 Route 46 West
Fairfield, NJ 07004
U.S.A
+1.973.276.9006
www.critical-links.com
1-888-4-EDGEBOX
1.2 edgeBOX's main features
 Internet connections using ADSL, Cable modems or other WAN Broadband devices;
 Supports dynamic and static IP Address assignment, also allowing the configuration of
a registered domain name;
13About edgeBOX
Critical Links, Inc.
 DHCP server on the Intranet side with optional automatic name range generation;
 A web server on both the Internet and Intranet side, with optional home pages for every
user of the network;
 DNS Server for both local private domain or as a master name server on the Internet;
 Internet E-Mail Server with anti-spam control.
 Support for SMTP Relay for Road Warriors;
 Full access control over the internal network services and the Internet access;
 802.1x Port based authentication with Single Sign On;
 User based access control to manage accesses to the network resources;
 Group based access control for third part applications integrated with edgeBOX;
 VLAN aware router. Supports 802.1Q and Inter-VLAN access policies;
 See who is on your network and from what IP address;
 User time and traffic based accounting. Supports optional RADIUS session servers;
 Supports Local User Authentication or Remote User Authentication using a RADIUS
Server, LDAP Server or using Active Directory;
 Backup and Restore of edgeBOX's configuration and of users's data.
 System updates from a remote server.
 Dynamic DNS. Supports DynDNS or No-IP;
 Optional Wireless Network with edgeBOX's access point;
 IMAP and POP3 Servers. Integrated e-mail access using the internal web server;
 VPN tunnels based on the IPSec standard or the PPTP protocol;
 Traffic control in inbound and outbound traffic. Possibility of reserving bandwidth for
important users in your company or for high priority traffic types, such as voice traffic;
 Support for a dynamic Intranet with content management capabilities;
 VoIP Features, including support for line fail over, Interactive Services, Call Rules, Sound
Manager, Conference calls, Hunt Groups, Phone Auto Configuration, etc.
 Fax2Mail and Mail2Fax.
1.3 Unpack and setup edgeBOX
To install the edgeBOX onto your network please consult the Quick Start Guide flyer that was sent
to you with your edgeBOX appliance.
The guide will quickly:
1.Introduce you to all the edgeBOX components,
2.Explain the elements and connectors in the rear and front panels,
3.Tell you how to connect edgeBOX to your Internet Modem and Ethernet Switch,
4.Show you how to power up the appliance.
14 edgeBOX 5.0 Help
Critical Links, Inc.
1.4 Connecting to edgeBOX's web interface
The edgeBOX appliance is configured with a default factory configuration. Typically, the first
task after you connect the edgeBOX to the network is to change the default configuration, so that it
meets your requirements.
You can perform the initial configuration from a computer connected either:
 directly to edgeBOX's LAN interface, or
 to a hub or a switch connected to edgeBOX's LAN interface.
The LAN interface is initially configured with the IP address 192.168.100.254 and DHCP is
active. This way, to connect your computer to the edgeBOX:
 Configure it to automatically obtain it's local network IP Address from the edgeBOX using
DHCP (recommended);
 Or configure it with a static IP address: the IP address used must lie in the
192.168.100.0/24 range (ex. 192.168.100.50); use 255.255.255.0 for Subnet-Mask; use
192.168.100.254 for Default Gateway; also 192.168.100.254 for Nameserver.
Then, from the computer:
1.With a browser, open the webpage https://myedgebox.com or https://192.168.100.254:8011;
2.After the page opens, click the Login link;
15About edgeBOX
Critical Links, Inc.
edgeBOX initial page
3.Use admin for username and root for password to login (this is the default password; for
security reasons you should change it); hit the Login button.
The edgeBOX web interface will then start loading; please note it might take a few moments and you
may have to accept one ore more warning messages due to the Java Platform. To use the edgeBOX
web interface you'll need the Java Plug-in installed: Java Runtime Environment version 6.
When loading completes you will see the Dashboard
page with a quick overview of some relevant
edgeBOX variables and it's global status.
At the top you'll also find links to the Network
, VPN
, Security
, Office

Servers
, IP-PBX
, Users
,
System
and Reporting
sections and menus. Feel free to click the links and navigate the interface.
This will help you get familiar with edgeBOX.
16 edgeBOX 5.0 Help
Critical Links, Inc.
edgeBOX webadmin initial page: the Dashboard
That's it. Congratulations. When you see the Dashboard you are succesfully connected to edgeBOX's
web administration interface, ready to start configuring it.
At this point you might want to:
 have a look at the Understanding

edgeBOX's

web

interface
page of this manual, or
 jump to the Initial

Configuration
section to get a an initial roadmap.
1.5 Understanding edgeBOX's web interface
edgeBOX's administration web interface makes use of several common user interface
concepts and resources - such as graphical symbols, buttons, popup dialogs and others.
This helps to improve the user's experience while maintaining overall coherence among similar
operations and concepts across distinct panels and dialogs. This page introduces those
common concepts and resources and explains their global meaning and usage scenarios.
17About edgeBOX
Critical Links, Inc.
The following image displays most of these features and will be used as a starting point for further
explanations below:
Navigation
The interface is divided into Sections. Sections are subdivided into Menus. Navigation is a two-step
interaction: choose the Section you want from the sections bar [1] at the top and, once that section
loads, select the configuration Menu from the menus list [2] at the left. Once there you get a
summary overview with current configurations and the most relevant status variables concerning the
topic involved.
Related

Topics
In each Menu you'll find context specific links to other related configuration menus in the Related
Topics corner [3]. If you click the links you'll get immediate access to those configurations in a new
popup window. Then, you can make any quick changes you need and get back to your starting point.
This gives you an alternate and useful navigation path.
Service

Status

and

Service

Start/Stop
The Service Status Bar [4] shows you the current operational status of the corresponding
edgeBOX service: the green color indicates the service is active while gray is be used for services
18 edgeBOX 5.0 Help
Critical Links, Inc.
that are not running; the red color is used for error situations.
On the left, an informative text message is displayed accordingly. At the right end, the Service Status
Bar gives you control over the service by means of the Start Service and Stop Service options. By
clicking them you actually instruct edgeBOX to change the administrative status of the service.
New - Edit - Delete
All over the interface these three operations [5] are executed in innumerous situations. New lets you
create new entries, Edit allows you to change an existing entry and Delete let's you remove
configurations.
Save applies - Cancel cancels
While configuring edgeBOX you'll enter data into several dialogs. In several situations the sequence
of popups that need your input may even become a bit more complex. If you feel lost, or if you're in
doubt, please keep in mind:
 none of the changes you made is actually applied to edgeBOX until you press Save; this also
means that, in order to apply your changes to edgeBOX, you need to press Save at some
point;
 in any situation, if you press Cancel the dialog is immediately aborted and no changes are
propagated to edgeBOX; when in doubt, press Cancel.
Please note: these are global principles that should hold true in the great majority of the
situations you might find.
Glass Pane: in order to keep your interaction with edgeBOX even safer, during the configuration
sequences between the administration interface and edgeBOX itself - usually when you press
Save, but also in other situations - the interface is covered with a Glass Pane that prevents
you from pressing any buttons or interacting with the interface; it's a way to say: "Please wait,
we are busy". Depending on the complexity of the operations being executed you may need to
wait a little bit.
Lists with Filters
Some of the lists presented may grow a lot as you add new entries. For faster search, those lists
include a filtering option [6] that lets you quickly search for specific entries. In the example image
above we are trying to search for a user called Alves. By entering the alv sequence our search is
considerably narrowed and it's now easy to find the person we are searching for.
19About edgeBOX
Critical Links, Inc.
Context Sensitive Help
Usually located at the top-right corner you will find the Help icon [7]. Clicking it will open a new
browser window directly into the correct page of this manual.
Status Bar
Located in the lower-left corner, the Status Bar [8] shows you when the interface is busy interacting
with edgeBOX. If the operation is successful a green V sign will be displayed. If edgeBOX encounters
some error then a red X will be shown.
Now that you have a global understanding of the interface you can jump to the Initial

Configuration
section to get a roadmap.
1.6 Connecting to edgeBOX's console
It is also possible to connect directly to edgeBOX's console to manage the appliance using a
Command Line Interface (CLI). However, you will be confined to the limited set of commands
available.
You can acces the CLI in three diferent ways:
 keyboard/VGA: connect a keyboard to the PS2 port or any of the USB ports located on the
rear panel; connect a monitor to the VGA port located in the rear panel;
 Serial Port: connect a null-modem (also known as serial cross-over cable; Rx and Tx wires
are "crossed") serial cable to the serial port in the rear panel and the other end to your
laptop's serial port; use no hardware or software flow control, 38400N8 (38400 bit/s, no parity
bit, 8 databits); on Windows you can use Hyperterminal; on Linux you can use minicom;
 SSH: you need to have SSH service active on your Firewall
; if you have the Authentication
service running, the Privilege
you are assigned to needs to have access to SSH; from the
internal network you can use the address myedgebox.com or the LAN interface IP Address; on
Windows you can use putty; on Linux open a terminal and use the ssh command (ex: ssh
admin@myedgebox.com);
The screen should display a prompt requesting a login/password to be entered. Entrer the usual
admin username and it's password (root if not changed).
At the eOS> prompt type help to get a list of available options; enter help <SOMETHING> to get
specific help on <SOMETHING>;
20 edgeBOX 5.0 Help
Critical Links, Inc.
ex: help service shows you a usage summary of all commands starting with service;
service status will show you a list of services and their current and administrative operational
status;
Use the command line only if you are an advanced user. Using it incorrectly may
compromise edgeBOX's correct functioning or even stop it to work completely.
1.7 Working with edgeBOX's LCD panel
The edgeBOX LCD panel is a simple information panel available on Business and Enterprise
appliances.
edgeBOX's LCD panel
View information about the network
To see information about the network on the LCD panel, press the Up or Down buttons near
the LCD screen.
The information available is:
 LAN IP - The IP address of the Internal Network.
 WAN IP - The IP address of the Internet Connection.
 DMZ IP - DMZ IP address. The DMZ is often used as an internal Server network.
 Gateway Address - Default Gateway IP Address.
 Firewall Status - Firewall On, if the firewall is enabled or Firewall Off, if it is disabled.
 User Authentication Status - Enabled (LAN based users are required to
authenticate) or disabled (LAN based user are not required to authenticate)
Shutdown the edgeBOX
To shutdown the edgeBOX, press the Power button. edgeBOX will beep. Then,
 press the Power button again, and edgeBOX will beep twice and start the shutdown
process,
21About edgeBOX
Critical Links, Inc.
 or press the LCD Enter button. edgeBOX will start the shutdown process and the
message "Shutting down system. Wait..." will be displayed in the LCD.
You can also shutdown the edgeBOX using the web interface. To do this go to the
Webadmin interface, System - Administration section.
1.8 License, Hardware and Software
By clicking the about link at the top-right corner, you'll get information about edgeBOX's software
version, hardware settings and license definitions.
 Version 5.0, Build 1, 29/06/2009: software version, build number and build date;
 Hardware Description: hardware reference and serial number;
 Product Licensed to: licence owner (person or company);
 License Serial Number: edgeBOX license; each edgeBOX has a distinct license;
 Network users limit: maximum number of users allowed for this licence.
22 edgeBOX 5.0 Help
Critical Links, Inc.
2 Initial Configuration

If you've just turned edgeBOX on for the first time, you need to make an initial basic
configuration so that edgeBOX can start managing your network and services.
In seven simple configuration steps you'll understand the concepts and review the sections
in this manual where the configuration details are covered.
First: you need to open the webadmin interface
If you haven't done this before please follow the steps in the Connecting to edgeBOX's web interface
section of this manual. When you get connected you can jump to Step 1 and get started configuring
edgeBOX
Step 1: Connecting edgeBOX to the Internet - WAN
 Concept:
edgeBOX is supposed to work as the main link between any devices/systems in your
internal network and the Internet; whatever you may do - access the Internet, send an
e-mail, make VoIP calls to another country - keep in mind: edgeBOX is the gateway
to the outside world; so, the first step is to connect it's WAN interface to the internet
.
 Hands On: Configure the internet connection (WAN interface)
Step 2: Setup your Internal Network - LAN
 Concept:
your internal network - your LAN, for short - is composed of computers, laptops, IP
Phones and other miscellaneous IP devices like printers and so; they all communicate by
connecting to the so-called TPC/IP Ethernet infrastructure and the messages thus
interchanged are all identified with two distinguishing marks: the IP Address of the
sender and the IP Address of the destination computer or server; each and
every device interacting in a TCP/IP network, like yours, has it's own IP Address; and so
does edgeBOX;
you need to assign such an address to the LAN interface of edgeBOX - through this
interface edgeBOX reaches all those LAN devices and all of them know how to reach
edgeBOX if they need to; all IP devices in your network will somehow find a way to
make messages reach edgeBOX's LAN interface IP Address and edgeBOX will know how
to send them back IP messages identified with it's own LAN IP Address; edgeBOX is
23Initial Configuration
Critical Links, Inc.
shipped with the LAN 192.168.100.254 IP Address previously configured for you; don't
change it if you don't need to, but if you do...
 Hands On: Change the local network properties (LAN)
Step 3: Specify a hostname and a domain name
 Concept:
the hostname is the name by which the edgeBOX is known in the network (the
name that the computers in the network use to refer to the edgeBOX); a hostname is a
descriptive name (gateway, edgebox, fileserver, printerhost); you can choose any
name you want; if you have two offices with an edgeBOX in each, you can call
eboxhead to the first and eboxbranch to the other;
the domain is the name by which your network is known; if you do not have a
registered domain, then you can give your network the domain you want, such as
mycompany.loc; this domain will be private and visible only within your network; for
example, if your company is called MegaSoft, then a possible domain could be megasoft.
com; if you have a registered domain, like critical-links.com, for example, then you can
use that public domain; that domain is visible to everyone in the world throughout the
Internet;
 Hands On: Change edgeBOX's hostname and network domain
Step 4: Check and adjust edgeBOX's Date & Time
 Concept:
edgeBOX, as any other computer, keeps it's own date and time internally; you can and
should adjust Date and Time; additionally you should adjust your Timezone too:
edgeBOX is shipped to use timezone Europe/London; change it to your location;
several edgeBOX features rely on a correct Date and Time in order to operate in a
timely fashion as expected by network users and other processes;
 Hands On: Adjusting Date and Time
Step 5: Overview your Firewall and secure your network
 Concept:
the Firewall is possibly the most important network security
resource shipped with
edgeBOX; it's very important that you consider always having your Firewall service up
and running (don't turn it off unless you really need to
); edgeBOX is shipped with the
Firewall service running and this, alone, is enough for providing a very high degree of
24 edgeBOX 5.0 Help
Critical Links, Inc.
security for your network users and services;
edgeBOX Firewall working principle is the definition of Allow/Deny rules for specific
network services and protocols; once you decide the services that should or shouldn't be
available, edgeBOX will automatically determine the best Firewall settings and use them,
to provide the maximum security possible to itself and to your network; the fundamental
concept you should keep in mind is: if my users don't need this service then I will
make it unavailable at the Firewall or if that specific service is not supposed to
be accessible to the Internet then the Firewall will block any requests to it;
 Hands On:
at this moment let's just take a look around to get familiar; go to the Security section in
the Webadmin interface; the Firewall menu will load by default;
notice the services that have allowed access for connections from the Internet; by
default only Ping and Webadmin services are allowed from the Internet; this means
that the administration web interface is available from the outside world; this could be
good if you need to administer edgeBOX from home: later on you may come consider
this unnecessary, and you may wish to increase security even further by removing the
Webadmin from the Internet allowed services; that is configuring your Firewall; but let's
leave it for later;
click the Internal Connections... link; a popup window will show you the list of
forbidden services for your internal network; by default the list is empty: that means
that, by default, your internal users can access all edgeBOX services; this is where you
would add some service that you'dd wish not to be available internally;
right now you may just want to start configuring the Firewall; well... we advise you,
nevertheless, to follow this section through up to Step 7 to get the whole picture; but...
if you really wish to do it, just jump to the Firewall
section in this manual for the details (
don't start configuring the Firewall until you have read that section of the manual and
you are confident on what you're doing
);
Step 6: Add a User and a Phone
 Concept:
edgeBOX is for Users; a great deal of effort has been put into making edgeBOX a user
oriented product; Users have needs; Users want to use services; Users want to make
Phone calls; Users want to share files and need Phones to chat internally or to make
long distance calls; Users are central in edgeBOX; as more people join your company
edgeBOX will always be ready to provide resources for them: a Phone, a personal
Windows Share for documents, access to the Internet, a personal web page, you name
it...;
furthermore you need to consider Security: if you'll allow everyone to use your network
or just let specific users to use it; allowing access only to specific users gives your
network more security; to let only specific users access the network, you need to
manage (create, edit and delete users) them and setup authentication services;
25Initial Configuration
Critical Links, Inc.
Authentication is actually a very important aspect
but, right now, let's leave it be...;
adding a new User and a Phone for the new user is an easy task; go for it...
 Hands On: go to the Users section in the Webadmin interface and follow the details here
Managing Network Users
;
Step 7: Change the webadmin password
 Concept:
you should change the password; this is a simple, yet very important, concept;
edgeBOX is shipped with a default password for the admin user: "root"; you should
change it;
the admin password is used to access the Webadmin interface; please realize: admin-
root is a very simple guess for most hackers and password exploits and attacks; if you
expose edgeBOX to the Internet this risk is even higher; please change it immediately;
pick a password you can remember and write it down in some safe place, at home, or
some place away from work, away from edgeBOX;
 Hands On: in the Webadmin interface click the System section and choose the
Administration menu; follow the details here...
;
At the end of Step 7, you have a pretty good picture of edgeBOX's basics. To step into more
advanced edgeBOX features you might need for your network, please review the following Next
Steps and feel free to navigate around.
Next Steps: how do I ...
create Windows Shared Folders ?
change User Privileges ?
activate Webmail ?
secure the Internet (WAN) interface ?
configure the Firewall for internal connections ?
enforce Authentication ?
setup VLANs ?
26 edgeBOX 5.0 Help
Critical Links, Inc.
3 Dashboard
The Dashboard provides a quick summary overview of the most relevant edgeBOX variables and
status informations in an intuitive graphical display.
Information is provided in the form of values, colors and icon behaviours and refreshed every 30
seconds. The Dashboard is divided into:
System
 Date & Uptime: current Date and Uptime (time elapsed since last boot); 7/6/2009 17:13
and 14d 11h 32m in the picture;
 Processor:
 CPU usage - percent CPU usage (averaged over a 5 minutes interval);
 Load - processor load indicator (from left to right: 1 minute, 5 minutes and 15
minutes process load average);
 Temperature: motherboard temperature (if available);
 Memory: current instantaneous RAM usage/total and current instantaneous SWAP usage/
total;
27Dashboard
Critical Links, Inc.
 Storage: current instantaneous System Storage and Home Storage percent occupation/
total;
If any of the horizontal bars changes to yellow, you should stay alert. If, on the other hand, you
get persistent reds, that means you should try to diagnose the problem and take action to
prevent any damage or operational instability.
WWW
 WAN IP Address: the currently configured IP address for the WAN interface;
192.168.126.160 in the picture;
 Gateway Test: green if edgeBOX is able to ping the Default Gateway, as depicted; red
otherwise;
 DNS Test: green if edgeBOX can access an operational DNS
service, as depicted; red
otherwise;
 Browsing Test: green if edgeBOX can actually browse the World Wide Web, as depicted; red
otherwise;
 Line Color: green indicates edgeBOX considers the WAN connection is fully operational with
respect to those 3 tests; gray otherwise;
 Connection Status: the red connection status icon (a red triangle with an exclamation mark '
! ' inside) will show up if any of the three tests fails
: something is not operating as expected; if
the three tests are successful it will not show up; if all three tests fail
then a red 'X' icon will
be shown instead;
 WWW icon: colored, as depicted, if WWW is accessible as depicted; gray-scale otherwise;
 Firewall: colored, as depicted, if the Firewall
service is running; gray-scale otherwise;
LAN
 IP Address: the currently configured IP address for the LAN interface (default VLAN);
10.5.5.51 in the picture;
 Line Color: the line connecting edgeBOX to the LAN will be green, as in the picture, if link is
detected
on the LAN connector (meaning that edgeBOX is actually connected to an active
network device); if no link is detected the line will change color to gray;
 Connection Status: the red connection status icon (a red triangle with an exclamation mark '
! ' inside) will show up if no LAN hosts are detected (see the also DMZ explanation); in the
situation depicted edgeBOX detects link on the LAN connector and active LAN hosts
; if the LAN
connector does not have link (cable disconnected at one of the ends), then a red 'X' icon will
be shown instead;
 LAN icon: colored, as depicted, if your LAN seems operating normally (both LAN link is
detected and LAN hosts activity is detected too); gray-scale otherwise;
 Authentication
: On or Off; tells you if the User Authentication service is active; On in the
28 edgeBOX 5.0 Help
Critical Links, Inc.
picture;
 Users Logged In
: the amount of users currently authenticated; 15 in the picture;
 Phones Online
: the amount of phones currently active; 4 in the picture;
 Ongoing Calls
: the amount of phone calls currently in progress; 2 in the picture;
DMZ
 IP Address: the current IP address on the DMZ interface; 192.168.200.254 in the picture;
 Line Color: same behaviour as for the LAN; the picture shows that the DMZ connector is
actually connected to some device - link detected
;
 Connection Status: same behaviour as for the LAN; in the picture the ' ! ' sign is showing:
that means that no hosts are being detected on that interface
;
 DMZ icon: colored if link is detected and DMZ hosts activity is detected too; gray-scale
otherwise (as depicted);
Wifi
If your system has wireless, the Wifi icon will show you:
 Line Color: green if WiFi is enabled (as in the picture); gray otherwise;
 SSID: the current wireless SSID is displayed within parentheses (mywifi in the picture);
 Connected Devices: the number of wireless clients currently connected (6 in the picture);
System Messages
 There are new system messages: when new notifications arrive, such as system
messages, software updates
or other, the information icon will show up in the lower-left
corner. Just click the Read Messages... link. A new popup window will display them. Please
read them carefully.
29Network
Critical Links, Inc.
4 Network

The Network section is where you can overview and configure most details and
functionalities of your network.
 set the internet connection (WAN), change the local network (LAN) properties;
 overview your virtual networks (VLANs) and specify a domain and a hostname;
 Setup and secure your Wifi
network with WEP, WPA and 802.1x;
 view IP routes managed by the edgeBOX (system routes) and create and manage
your own routes (static routes);
 configure edgeBOX's DNS server: add and remove domains
, manage access controls
(ACLs)
or use Dynamic DNS;
 manage DHCP; edgeBOX includes a DHCP server that allows you to automatically
assign IP Addresses to the computers in your network based on ranges of IP address
or based on specific IP Addresses.
 Use Network Address Translation - NAT - to allow computers on the network to
connect to outer networks like the Internet.
 Allow remote computers to access services on a specific host or hosts within your
private network - Port Forwarding;
 List web sites that you do not want the edgeBOX to cache;
 Manage Quality of Service - QoS
: assure bandwidth for services and users;
 Setup a Demilitarized Zone - DMZ
for your Internet servers and other special
purposes;
 Use Diagnostic Tools
to solve connectivity issues.
Related Topics:
 Cache Websites
 Firewall
30 edgeBOX 5.0 Help
Critical Links, Inc.
4.1 Configure the internet connection (WAN interface)
To configure how edgeBOX connects to the Internet or to another wide area network you should
choose the Internet Connection menu in the Network section. There you will be able to change
the configuration for the external WAN Interface. Click the Change... button to select how edgeBOX
connects to the Internet:
 through another device such as a cable modem or a router
or
 through a DSL/PPPoE connection
.
If you change the Forward

DNS

Servers
list and you have the DNS service running,
edgeBOX will use these DNS servers for all external DNS queries. Those

settings

override

any
static

or

dynamic

DNS

settings

configured

for

the

WAN

interface

in

the

Internet

Connection

menu
.
The Primary DNS and, if displayed, the Secondary DNS fields represented in the Internet
Connection menu will automatically revert to the first and second entries in the Forward DNS
Servers list. The DNS servers configured, statically or dynamically, for the Internet Connection will
not be displayed here, because edgeBOX is actually not using them.
If the DNS service is not running edgeBOX will use the DNS servers configured and displayed in
the Internet Connection menu.
Related Topics:
 Cache Websites
 Firewall
 NAT
 Dynamic DNS
 Internet Traffic
 Diagnostic Tools
4.1.1 through another device such as a cable modem or a router
If, in your setup, edgeBOX connects through another device such as a cable modem or a router, you
can choose to:
31Network
Critical Links, Inc.
Obtain the data for the connection automatically from the device (DHCP)
If you chose the DHCP connection method, you don't need to enter any additional information.
The edgeBOX will get all needed information from the DHCP server
Use statically configured IP settings (Static)
You need to provide the:
 IP Address
 Netmask
 Gateway
 Primary DNS (IP Address)
 Alternative DNS (IP Address - optional).
The primary and alternative DNS servers you type here will be added to the list of DNS
Servers in the Forward

DNS

Servers
list.
Advanced Options - MTU
If your Internet Service Provider requests it, you can change MTU (Maximum size of the
packets).
1.Click the Settings... button;
2.Activate the Override MTU check-box;
3.Type-in the MTU size as agreed with your Internet Service Provider; press Ok;
4.Press Save.
4.1.2 through a DSL/PPPoE connection
If edgeBOX connects through DSL/PPPoE connection, you need to provide:
Connection Settings
For this type of connections you must type your username and password (please contact your
Internet Service Provider in order to correctly determine these two settings).
Advanced Options
In the Advanced Options menus you should specify how your connection details will be configured
Advanced Options
32 edgeBOX 5.0 Help
Critical Links, Inc.
Click the Settings... button:
Connection
You should choose to:
 Obtain the IP Address automatically or specify it yourself;
 Obtain the Gateway automatically or specify it yourself;
 Obtain DNS Servers automatically or specify the desired DNS servers;
Packets
 MTU: In this section you can override the MTU (Maximum size of the packets); this may
be required by your Internet Service Provider (ISP); to do it, select the option Override
MTU and change the value in the text field to the value requested by your ISP;
 PPPoE over VLAN: select this option if you belong to one of your Internet Service
Provider's VLANs; your ISP may require this; if you select this option, type the VLAN, as
specified by the ISP, in the VLAN field.
4.2 Change the local network properties (LAN)
To change the properties of your local (internal) networks, or simply to adjust your LAN interface IP
address, you should navigate to the Networks menu in the Network section. There you will find a
list of all your networks (including VLANs).
Choose the LAN network from the list and click the Edit button at the top of the Networks table.
1.Type the desired IP Address for the edgeBOX (IP Address for the edgeBOX’s internal
interface) in the IP Address field.
2.Type the network mask in the field Subnet Mask.
If you change the local network IP address while you are accessing edgeBOX from
the LAN segment, you may loose access to the edgeBOX web management; in that
case, close your browser, make sure you re-adjust your IP address (DHCP or static),
and you can proceed.
 You need to indicate the new address of the edgeBOX in the browser to connect to the
edgeBOX’s web management. View example.
If you change the edgeBOX’s IP Address to 10.1.1.254, type in your browser the address
https://10.1.1.254:8011.
 You may also need to change the properties of the network connection of the computer you
are using to manage the edgeBOX. View example.
If your computer receives the IP dynamically from the edgeBOX, you may need to ask the
33Network
Critical Links, Inc.
operating system to repair the connection to gets a new IP address. Or if you have defined a
static address in the connections of your computer, you need go change that address to a new
IP address of the network.
Related Topics:
 Cache Websites
 Firewall
 NAT
 Dynamic DNS
 Internet Traffic
 Network
 Interfaces
 DMZ
 Diagnostic Tools
4.3 Change the DMZ settings
To change the properties of your DMZ network you should navigate to the Networks menu in the
Network section.
There you will find a list of all networks currently managed by edgeBOX. Choose the DMZ network
from the list and click the Edit button at the top of the Networks table.
1.Change the IP Address and the Netmask fields with the desired information.
2.Click the Apply button in the bottom right corner of the tab.
3.Select the Enable DHCP Server on this Interface if you wish to have DHCP also on the
DMZ network.
Please note: you can activate the DHCP service on the DMZ interface, even if you have Firewall
based DMZ services
active.
Related Topics:
34 edgeBOX 5.0 Help
Critical Links, Inc.
 DMZ Traffic
4.4 View and manage VLANs
edgeBOX allows you to have up to five VLANs active on your network. For more details on
edgeBOX's VLANs and possible scenarios please refer to Appendix D: VLAN Based Infrastructure
.
To manage VLANs navigate to the Networks menu in the Network section. Why to use VLANs?
VLANs offer higher performance because they limit packet broadcasts in the network. They also
provide additional security by separating groups of devices.
You can use VLANs, for instance, to:
 Control bandwidth usage and make the network faster - For example, you have
more than 200 devices on your local network and your local network is getting slower
because there is too much broadcast traffic (data that is sent from one computer to all
computers in the network). VLANs will limit the broadcast only to the specified group of
devices within a VLAN instead of broadcasting to all devices in the network.
 Increase security - If you have groups of users that need more security due to the type
of information they share between each other, a VLAN can isolate those users from the
remaining network so that information will not be accessible for other groups.
 Easily manage the network - For example, separate users that have VoIP phones from
users that do not have them.
Change the properties of a VLAN
1.Select the desired VLAN from the list and click the Edit button.
2.Change the desired properties of the VLAN:
 Name – A descriptive name to allow you to identify each VLAN.
 Tag – The number that will be used on the network packets to allow the edgeBOX to
send the packet to the correct VLAN. Each VLAN tag must be different. Your switch
should be configured accordingly
 IP Address and Netmask of the VLAN – edgeBOX will be active on this VLAN with this
IP address. Each computer on this VLAN will have an IP address in this segment.
Disable or enable a VLAN
To disable an enabled VLAN select the desired enabled VLAN from the list and click Disable at
the top of the list. The VLAN status icon will become red.
To enable a disabled VLAN select it and click the Enable button. The status icon will turn
green.
Define the Guest VLAN
35Network
Critical Links, Inc.
When you use 802.1x authentication on your switch, the Guest VLAN is the VLAN the
network users are temporarily assigned to if they haven't authenticated yet or if they
have introduced an incorrect username or password.
This VLAN usually has limited network privileges. It is commonly used to display information
about how the users can authenticate properly onto the network. After they authenticate, they
are assigned to their respective VLANs. View an example where VLAN 6 is used as the Guest
VLAN...
To configure the Guest VLAN:
1.Click the Define a Guest VLAN... option;
2.Choose the Use as Guest VLAN the VLAN: and pick the VLAN to be used as Guest
VLAN; back in the Networks list the choosen Guest VLAN will be identified with an
appropriate note;
3.Configure your switch accordingly: to do this you must configure you switch to use that
VLAN as the Guest VLAN.
If you don't wish to have a Guest VLAN make sure you select the Have no Guest VLAN option
at step 2.
4.5 Interfaces Physical and Logical Status
If you need to determine the current physical, operational or logical status of edegBOX's network
physical or logical interfaces you need to load the Interfaces popup. This panel is accessible in the
Related Topcis corner of the Networks menu - Network section.
The information displayed is somewhat detailed in that it shows you how edgeBOX implements
certain networking aspects using specific techniques like Bridging and VLANs. It is divided into three
major sections:
Bridges
Here you'll find virtual interfaces used by edgeBOX to logically "attach" several other, logical or
physical, interfaces together: same as saying Bridges.
That's the case of the br0 interface: it commonly bridges together the eth0 (LAN), the eth3 (AUX,
if available) and the ath0 (your wireless interface, if exists). This means that the br0 brings
together those interfaces in order to, thus, form a virtual interface, refered to as br0, to be
treated transparently by edgeBOX kernel as your LAN.
The informations available are:
 Interfaces: the current composition of the bridge (eth1, eth3, ath0 for example);
 IP address: the current IP configuration (IP/netmask) of this bridged virtual interface.
36 edgeBOX 5.0 Help
Critical Links, Inc.
Physical Devices
Shows you a list of physical network interfaces found in the system. For example: eth0, eth2 and so.
For each of them:
 MAC Address: the interface physical address, or hardware address;
 IP address: the current IP configuration (IP/netmask) of this interface, if available. If you
don't find the IP address for some of these interfaces it just might happen that they are
bridged. In that case the IP address you're searching for will be found in the respective entry
in the Bridges section;
 Interface Status: you'll get a graphical indication of Up/Down status and the interface
current connection bit rate in Mbps.
VLANs
This section of the panel shows you your VLANs. Each is identified by it's assigned name, like VLAN_D
or SERVERS, for example.
For each of them:
 Tag: the 802.1Q VLAN ID or Tag in use; this is a distinguishing marker identifying packets
destined at a given VLAN; this Tag is the means by which your VLAN enabled switch or other
VLAN enabled Ethernet devices can tell to which VLAN each packet belongs;
 IP address: the current IP configuration (IP/netmask) of edgeBOX in this VLAN.
Related Topics:
 What are VLANs ?
 How do I configure and manage VLANs in edgeBOX ?
 I need more details on deploying VLAN based scenarios with edgeBOX...
4.6 Monitor connections through edgeBOX
In certain situations you will need to determine exactly which network connections are actively
passing through edgeBOX or determine if a given IP address is currently connected to some internet
server. The Network popup will help you with that.
37Network
Critical Links, Inc.
You can find it in the Related Topics corner of the Networks menu in the Network section. Just
click the Network link.
Status and traffic of edgeBOX's network interfaces
The upper part of this panel shows you a graphical overview of your network interfaces: Internet
Local Network and DMZ. For each of them you can read the total bytes sent and received.
Connections passing through edgeBOX
This list shows you the network connections currently maintained by edgeBOX. For each connection:
 Source IP / User: the IP address that originated the connection; if a username can be
associated to this IP Address it will be displayed instead of the IP address for easier
identification;
 Source Port: transport protocol level source port;
 Destination IP: the other end of the connection; the IP to which this connection is
established;
 Destination Port: transport protocol level destination port, usually identified by a mnemonic
indicating a well know network service like sip or http.
4.7 Change edgeBOX's hostname and network domain
You can find the Hostname in the Hostname and Domain menu, within the Network section.