Agenda: GWN Routers

1 Introduction

2 Installation & Deployment

3 Networking Features

4 Application Features

5 Security
 Agenda: GWN Routers

6 Maintenance & Troubleshooting

 Agenda: GWN Routers

1 Introduction to GWN Routers

Introduction to GWN Routers
• Secure routers with high-performance routing and switching power, accelerated Wi-Fi speeds, mesh
networking and wired AP connections with advanced features including VPN, beamforming technology and
intelligent QoS.
• Integrated controller available in every router that can setup and manage other GWN series Wi-Fi Access
points up to 50 GWN APs for a complete network control.
• GWN7062 supports dual WAN mode; GWN7052F supports multiple WAN mode; GWN7052 supports only
one WAN port.

GWN7062 GWN7052 GWN7052F

• Dual band Wi-Fi ax

• Dual band Wi-Fi ac
• 2x2:2 MU-MIMO • Dual band Wi-Fi ac • 2x2:2 MU-MIMO
• 1x Gigabit Ethernet WAN port • 2x2:2 MU-MIMO • 1x Gigabit SFP WAN port
• 1x Gigabit Ethernet port • 1x Gigabit Ethernet WAN port • 4x Gigabit Ethernet ports
(WAN/LAN configurable) • 4x Gigabit Ethernet LAN Ports (WAN/LAN configurable)
• 3x Gigabits Ethernet LAN ports • USB 2.0 port • USB 2.0 port
• USB 3.0 port
 Agenda: GWN Routers

2 Installation & Deployment

• Physical Interfaces
• Physical Installation
• Accessing GWN Routers
• Standalone Deployment
GWN Routers Physical Interfaces
GWN7052

WAN 1x 10/100/1000Mbps Ethernet port.

LAN 1/2/3/4 4x 10/100/1000Mbps Ethernet ports.

USB Used for USB storage device.

DC 12V Power adapter connector (DC 12V, 1A)

Factory reset pinhole.

RESET
Press for 5 seconds to reset factory default settings.
GWN Routers Physical Interfaces
GWN7052F

SFP 1x Gigabit SFP/WAN port.

1/2/3/4 4x 10/100/1000Mbps LAN/WAN Ethernet ports.

USB Used for USB storage device.

DC 12V Power adapter connector (DC 12V, 1A)

Factory reset pinhole.

RESET
Press for 5 seconds to reset factory default settings.
GWN Routers Physical Interfaces
GWN7062

USB Used for USB storage device.

LAN 1/2/3 3x 10/100/1000Mbps Ethernet ports.

LAN 4 / WAN 1x 10/100/1000Mbps Ethernet port.

WAN 1x 10/100/1000Mbps Ethernet port

Factory reset button.

RESET
Press for 5 seconds to reset factory default settings.

DC 12V Power adapter connector (DC 12V, 1.5A)

Press for 5 seconds to pair all unpaired APs that can be found under the LAN
SYNC
port
Physical Installation
GWN7062
Powering and connecting the GWN7062
1
Router
•GWN7062 can be powered on using the included
PSU (DC 12V, 1.5A).

•Connect the WAN port to an optical fiber broadband

modem, ADSL broadband modem, or community
broadband interface.

•Connect to GWN7062 Default Network. (SSID’s 2

default password information is printed on the MAC
tag at the bottom of the unit)
3
Note: High altitude is recommended for
optimal Wi-Fi coverage performance.
Physical Installation
GWN7052/F
Powering and connecting the GWN7052/F Router 1
•GWN7052/F can be powered on using the included PSU (DC
12V, 1A).

•Connect the WAN port to an optical fiber broadband

modem, ADSL broadband modem, or community broadband
interface.

•Connect to GWN7052/F Default Network. (SSID’s default

2
password information is printed on the MAC tag at the
bottom of the unit)
3

Note: High altitude is recommended for

optimal Wi-Fi coverage performance.
GWN Routers Setup

GWN Standalone Setup (Wi-Fi enabled)

 GWN70xx can be used as standalone Wi-Fi router out-of-

the-box.

 After powering the GWN70xx and connecting it to the

network, GWN70xx will broadcast a default SSID based
on its MAC address GWN[MAC’s last 6 digits] and a
random password. The password is printed on a sticker
which can be found on the lower side of the router.
 Accessing GWN Routers
GWN70xx – Access using Default IP

• Connect to the GWN70xx’s SSID or to LAN port with network

cable

• Type default IP address 192.168.80.1. Then enter password

to login

Note: GWN70xx routers default password information is printed

on the MAC tag of the unit
GWN Routers Web Access
 Agenda: GWN Routers

3 Networking Features
• WAN Features
• LAN Features
• VPN Features
• Routing
WAN Features
WAN Interface Connection Type

The WAN interface can be used top either segment your intranet or to connect
to an ISP and be able to access Internet from the devices situated on the LAN
side. The WAN connection can be set up following the protocols mentioned
below:

• Automatically obtained IP address (DHCP): DHCP will provide the IP

address, subnet mask, and default gateway information. The router will
use Ethernet protocol to transfer and receive the packets.

• Statically assigned IP address: Assign IP address manually. The router will WAN
use Ethernet protocol to transfer and receive the packets.

• PPPoE: Point-to-Point Protocol over Ethernet will be used to transport the

traffic. •DHCP
•Static IP
•PPPoE
• L2TP: Layer 2 Tunneling Protocol will be used to transport the traffic. •L2TP
•PPTP

• PPTP: Point-to-Point Tunneling Protocol will be used to transport the

traffic. This protocol is obsolete and has many vulnerabilities. Therefore,
we do not recommend using it.
WAN Features
Dual/Multiple WAN Interfaces Setup

GWN routers* have more than one WAN

interfaces which offer setting up load balancing
or failover.

Dual/multiple WAN routing is performed

automatically in case of load balancing.

In the case of failover, the router will switch

automatically to the backup WAN link once the
primary goes down. When the primary WAN link
is back up, the router will automatically switch
back to using it.

*: GWN7062 supports dual WAN mode; GWN7052F supports multiple WAN mode; GWN7052 supports only one WAN port.
LAN Features
VLAN

VLAN stands for Virtual Local Area Network. It allows to segment a

physical Local Area Network into many logical Local Area Networks.

By default, VLANs can be rearranged logically without being

affected by the physical limitations presented when a network
infrastructure is implemented. This gives network administrators
more flexibility in terms of deployment and distribution of devices
on the physical space.

GWN routers also offer the possibility to assign different IP

addresses to different VLANs.

VLANs can also be assigned to use different WAN ports for their
outbound traffic. This assures that the bandwidth is managed
efficiently across the VLANs.
LAN Features
DHCP

DHCP server allows configuring IP addresses automatically to the clients which

connect to the router on the LAN side.

The user can bind certain addresses to specific clients in case when they want
to have those addresses assigned to the respective clients permanently. The
user also can set a lease time.

For the lease duration, whenever the client connects to the router, the latter
will assign the same IP address until the lease time has elapsed. The default
lease time is: 120 minutes.
Virtual Private Network
Server/Client Implementation

VPN server implementation allows the user to connect to the router remotely and
obtain and local IP address directly from the router. Therefore, the user will appear
logically connected from the local area network of the router. In addition to this
tunnelling mechanism, the traffic between the router and the client will be encrypted
which will protect the confidentiality and integrity of the data.

GWN routers can also act as a client to a VPN server, which allows all the GWN
router’s clients to be logically located in the server’s local area network. Just like
previously mentioned, all the traffic exchanged between the client and the server will
be encrypted.

The protocols supported are the following:

• OpenVPN®: VPN client and server are both supported.

• IPSec: VPN client and server are both supported.

• L2TP: VPN client only.

• PPTP: VPN client only.

Routing
Policy Routing
The policy-based Routing feature allows a network
administrator to make advanced routing decisions for traffic
passing through the router. This feature allows for a high
granularity control over policies that dictate what WAN port Priority: 2 | Weight: 1

traffic should be use. Traffic controlled this way can be Priority: 3 | Weight: 1
balanced across WANs.

Policy Routing can be configured using two parameters:

• Priority: Sets which WAN port will be considered as

primary. Priority: 1 | Weight: 1
Priority: 3 | Weight: 1

• Weight: Sets the distribution of traffic load between

WAN ports.
Priority: 1 | Weight: 1
Priority: 2 | Weight: 1

Note:
GWN Router
On the GWN7062 & GWN7052F Policy Routing can work
on multiple WAN ports if Multi-WAN Ports is enabled.
Routing
Load Balancing

Multi-WAN GWN70XX Series routers support load

balancing, which distributes the outbound network load
to two or more WAN links. This allows managing the
bandwidth efficiently.

Since GWN routers use Unequal Cost Load Balancing, the

user must set equal values in the Priority, then set the
weight according to the bandwidth available for each
WAN link.

Load Balancing is done based on session according the

weights, for example, if the admin sets the weight value 4
for WAN1 and 6 for WAN2, the total weight used is WAN1
weight + WAN2 weight. Therefore, 4 sessions out of 10
will be opened on WAN1, and 6 sessions out of 10 will be
opened on WAN2.

Note:
Load-Balancing is not supported on GWN7052.
Routing
Failover
GWN* routers support failover, this feature allows switching from one WAN link to another once the active link
goes down. This ensures a high rate of availability of Internet connection.

Setting Failover requires using different values in

Priority. The WAN port with the lower value will
be considered the primary, since a lower value
means higher priority.

Once the primary WAN link goes down, the

router will immediately switch to the back up
WAN link, with virtually no down time at all.

The GWN router will periodically ping a

designated IP address to check if the primary
WAN is working correctly. If the GWN router
detects any issues in the WAN link, it will
immediately switch to the backup link.

*: Failover is supported only on the GWN routers which have dual/multiple WAN ports.
Routing

Static Routing
The GWN routers also support static routing to give more
control over the traffic. The router will forward the packets
through either WAN ports based on destination IP address.

When there are many routing paths that reach the same
destination, the user can set a metric to each path. The
packets will be forwarded through the path that has the
lower metric.
 Agenda: GWN Routers

4 Application Features
• DDNS
• Port Forwarding
• UPnP
• DMZ
• File Sharing
DDNS

Dynamic Domain Name Service is

a mechanism that allows users to
connect to the router remotely
using a hostname instead of an IP
address.

This is very practical when the

assigned WAN IP address changes
regularly.

DDNS will update the mapping of

the hostname to the newly
assigned IP address allowing user,
for example, to connect to the
router’s VPN server easily.
Port Forwarding

By default, a router will reject any requests initiated from the WAN
side. This is a security measure to protect the devices located on LAN
from any malicious attacks. However, in certain cases, the user might
want to allow certain services to be accessible from the WAN side,
e.g., a locally hosted web server, services that rely on peer-to-peer
infrastructure, etc.

Port forwarding is a method that allows hosts located outside of the

router’s LAN to initiate requests and access application located in
the router’s LAN. This feature is practical when the user has a web
server hosted on the local network.
192.168.80.10
Port forwarding allows the router to forward the requests to the Web Server

intended local IP address since the request packet will contain only Port Transport Destination
the public IP of the router.
192.168.80.11 80 TCP 192.168.80.10
Syslog Server
514 UDP 192.168.80.11
Universal Plug n’ Play

Same as port forwarding, UPnP is a mechanism that allows opening ports

which allow inbound requests to be forwarded to the intended devices. The
port opening occurs automatically and is requested by the applications in the
local network. This is done automatically and does not require any
configuration other than enabling UPnP.

Note: Enabling UPnP is not recommended. We recommend forwarding ports

instead.
DMZ

GWN70xx routers support DMZ (Demilitarized Zone). It

allows configuring a DMZ host which is a device that will be
set to be fully exposed to the requests coming from the WAN
side. This is a practical solution to allow hosts from Internet
to access, for instance, your web server.
File Sharing

The GWN routers have a USB port that can be used

for file sharing, either using a USB flash drive or a
hard drive, enabling clients with Windows, macOS or
Linux to access files easily on the local network.
There is also an option to enable a password for
security reasons.

Notes:
• GWN7052/F support USB 2.0
• GWN7062 supports USB 3.0
 Agenda: GWN Routers

5 Security
• Access Control
• Firewall
• Advanced NAT
• ALG
Access Control
Blocklist
Blocklist is a feature in GWN70xx routers that enables the user to block
wireless clients from the available ones or manually add the MAC Address.
Access Control
Site Control
Site Control is a feature that allows the system administrator to block DNS queries to some domains.
This feature can be used to block adware sites, malware sites or untrusted domains in general.
Firewall

Overview
The Firewall in GWN routers enables the user to secure the network by blocking the
most common attacks and allowing for more control over the traffic.

GWN Routers Firewall features:

• Simple DoS Attack: Common network attacks like DoS,

SYN Flood, Ping of Death can be blocked by GWN
Routers.

• Traffic Rules: Allowing, denying or dropping traffic

based on protocols, ports, MAC address etc.

• Advanced NAT: including Static NAT and Dynamic NAT.

• ALG: for supporting SIP packets in both TCP and UDB

and RSTP packets only in TCP.
Firewall
Simple DoS Attack

Denial-of-Service Attack is an attack aimed to make

the network resources unavailable to legitimate
users by flooding the target machine with so many
requests causing the system to overload or even
crash or shutdown.

DoS Attack Defense:

• TCP SYN Flood Attack

• UDP Flood Attack

• ICMP Flood Attack

• Ping of Death
Firewall
Traffic rules
GWN routers allow more control over the network traffic using rules
(Accept, Deny, Drop) either inbound or outbound as well as Forwarding
rules.

Traffic rules can be based on:

• IP Family

• Protocol Type

• Interfaces or VLAN

• MAC Address

• Ports
Firewall
Advanced NAT
NAT or Network address translation as the name
suggests it’s a translation or mapping private or
internal addresses to public IP addresses or vice
versa, and the GWN routers support both.

• SNAT : Source NAT refers to the mapping of clients

IP address (Private or Internal Addresses) to a
public one.

• DNAT : Destination NAT is the reverse process of

SNAT where packets will be redirected to a specific
internal address.
Firewall
ALG (Application Layer Gateway)

ALG or Application Layer Protocol can inspect traffic to prevent problems

that can be caused by the firewall and if necessary, it can modify the VoIP
packets.

• SIP ALG: The firewall will inspect UDP and TCP packets for SIP
information, once found, it will remember to accept subsequent
inbound packets from the SIP client/server.
• RTSP ALG: The firewall will inspect TCP packet only for RTSP
information, once found, it will remember to accept subsequent
inbound packets from the RTSP client/server.
 Agenda: GWN Routers

6 Maintenance & Troubleshooting

• Upgrade & Provisioning
• Diagnostics Tools
• Syslog
• Core Files
• SSH Access
• SNMP
Upgrade & Provisioning

Upgrade and Provisioning can be Remote or local upgrade and

done via HTTP / HTTPS / TFTP. Provisioning.

Upgrade and Provisioning

Starting the upgrade can be done Config files encryption and

using a schedule. encrypted firmware with a unique
certificate.
 Diagnostics Tools

GWN Routers support many diagnostics tools that can help the user
troubleshoot the issue and resolve it, these tools include:

• Logs: such as (Information, Notice, Warning, Error, Critical, Alert and

Emergency).

• Ping: is a tool to test and verify if a device (destination IP address or Host) Connectivity verification
exists and reachable and can accept requests. using Ping or Traceroute

• Traceroute: helps to trace the path of an IP packet across the network,

displaying possible routes and hops.
 Syslog

 GWN Routers support syslog events logging with a syslog server.

 Stores syslog traffic from different GWN paired Access points (Slaves).

 Logging DNS Queries.

GWN76xxLR Outdoor
 8 levels of Syslog are available: Emergency, Alert, Critical, Error,
Access Point
Warning, Notice, Information and Debug
GWN7052 Router

GWN76xx Indoor
Access Point
GWN7062 Router
Core Files

 GWN routers can generate and store core files when its system crashes.

 The core files can be used for find the root cause of the crash.

 Core files can be downloaded from the Web UI.

 Core files can be also cleaned from the Web UI.

SSH Access

SSH Access is supported on GWN Routers to enable administrators to

connect securely to GWN Routers, for example to troubleshoot or
configure the device.
SNMP

SNMP (Simple Network Management Protocol) is

a network management protocol to monitor
devices such as GWN Routers. The collected data
can be used to improve performance, or configure
them remotely, etc.