User's Manual

Configuration Guide

This guide presents the detailed description of the EZ operating system which is integrated into long-range embedded systems (EZ1+, EZ2+, and EZ3+) manufactured by

All the configuration settings accessible via web management interface are described in this document.

QoS (Quality of Service) feature is supported in

  • EZ2+
  • EZ3+

OLSRD(Optimized Link State Routing) feature is supported in

  • EZ3+

BWTest Feature is supported in

  • EZ3+
  • EZ2+

Wizard is supported in

  • EZ3+
  • EZ2+

Note: the screen shots in this document represent EZ3+ graphical user interface but they are also fully applicable for EZ2+ and EZ1+ series devices.

Logging In

LoginThe default IP address of EZ-OS device is To log into the web user interface, run the web browser and navigate to the IP address of the device. In case, user name and password were enabled, login message will be displayed. Enter user name and password, and click on OK to continue to web user interface.

Navigation Bar

The EZ-OS provided in the device is capable to operate in Bridge mode and Router mode, and the navigation bar on the left rearranges and provides features associated to the operation mode after the preferred mode is applied. Additionally, the navigation bar may operate in Advanced WEB and Simple WEB mode. The Advanced WEB mode provides detail configurations for each listed feature, while the Simple WEB mode provide quick setting to the EZ-OS device. By default, the Advanced mode is pre-configured in the system.

Advanced WEB

Navigation MenuIn Bridge mode the navigation bar contains the following 7 main links:

StatusDisplays system current configuration and status.
WirelessIncludes all configuration for the wireless side services.
EthernetIncludes all the configurations on the Ethernet wired side network parameters.
Mesh NetworkingContains configuration for performing Meshing networking feature.
ManagementContains statistical information and system management features.
SystemContains miscellaneous settings, device identity and location information, firmware and password update, and system reboot features.
WizardProvides configurations to get the device running.

In Router mode , the navigation bar contains the following 8 main links.

StatusDisplays system current configuration and status.
WirelessIncludes all configuration for the wireless side services.
TCP/IPIncludes Network Setup for wireless and Ethernet configurations.
FirewallIncludes both dynamic routing and static routing configurations.
Mesh NetworkingContains configuration for performing Meshing networking feature.
ManagementContains statistical information and system management features.
SystemContains miscellaneous settings, device identity and location information, firmware and password update, and system reboot feature.
WizardProvides step by step quick configurations to get the device running.

Simple WEB

Simple WEB

StatusDisplays system current configuration and status.
WirelessIncludes all configuration for the wireless side services.
Security SettingsContains security configurations for the selected Wireless Operation Mode.
FiltersContains configuration on Wireless Access Control based on the associated MAC address.
NetworkContains configuration on Operation Mode, Wireless Interface, and Ethernet Interface.
AdminContains configurations on Web Access password and Location Settings.
UpgradeContains Firmware Upgrade interface for firmwares officially provided by
WizardProvides step by step quick configurations to get the device running.

Status Page

Status PageThe Status Page displays a summary of system configurations and service status, including system configurations, wireless configurations, and the IP configurations and port status. Additionally, Active Wireless Client information is obtainable from this page.

System Status

System TimeThe system time indicates the current system time expressed in the format “day-month-year hours:minutes”. The system time can also be retrieved from the Internet service using the NTP (Network Time Protocol).
UptimeThe system uptime is the accumulated operating time since last reboot or software upgrade.
Load AverageThe load average indicates the average loading on the system on 1 min basis, 5 min basis, and 15 min basis.
Free MemoryThe free memory indicate the available memory in the system.
Firmware VersionThe firmware version indicates the current firmware version resides in the device. Newer version may released due to optimization of features, and/or revise to current firmware design. Visit for more information.
Webpage VersionWebpage version shows the current web user interface version resides in the device. Newer version may released due to optimization of features, and/or revise to current firmware design. Visit for more information.
Boot VersionThe current BootROM version resides in the system.
Wireless VersionThe wireless system version resides in the system.
Hardware VersionThe version of the device hardware.
Logged in asThe logged in as displays the user currently logged into the system. Changes to log in user name and password can be altered in the Password web page under the System link.
System NameDisplays the predefined system name the device is assigned to. It may altered in the Location web page under the System link.
System LocationDisplays the predefined system location the device is assigned to. It may altered in the Location web page under the System link.
System ContactDisplays the predefined system contact person. It may altered in the Location web page under the System link.

Wireless Configuration

ModeMode displays the current mode configuration of the device.

- When device operates in AP mode, it indicates “AP-Bridge” or “AP-Router”.
- When device operates in Client mode, it indicates “Client-Bridge” or “Client-Router”.
- When device operates in WDS mode, it indicates “WDS-Bridge” or “WDS-Router”.
- When device operates in AP+WDS mode, it indicates “AP+WDS-Bridge” or “AP+WDS-Router.
BandBand displays the frequency band the device is currently operating.

When the device is turned to 2.4GHz (B), the device is capable to provide 11Mbps of raw data rate, and due to CSMA/CA protocol overhead, it is expecting to perform up to 5.9Mbps using TCP, and 7.1Mbps using UTP in practice.

When the device is turned to 2.4GHz(G), the device runs on same frequency as 2.4GHz(B), but operates at a maximum data rate of 54Mbps, or an expected 19Mbps net throughput.

When the device is turned to 2.4GHz(B+G), the device is capable to provide service to 802.11g devices while also compatible backward to 802.11b devices.
SSIDThe SSID displays the defined service name for the wireless network service. SSID is the service name used to identify a particular wireless LAN. Wireless clients may receive the SSID from the Access Point, and connect to it.
Channel NumberThis is the channel number predefined for the wireless service operation frequency. All devices uses the selected frequency channel to access the network.
EncryptionThe Encryption displays the security option currently configured in the device.
BSSIDBSSID (Basic Service Set ID) is a six-byte address that is unique to each wireless device, In AP mode, it displays the MAC address of the access point. While in Client mode and Point to Point mode, it displays the MAC address configured Wireless Basic Setting.
Associated ClientsThe associated clients indicates the number of wireless network clients associated to the device.
Power(OFDM/G)It indicates the maximum average transmit power configured for 802.11g modulation service expressed in dBm and mW. Options available from 0~20dBm, and may configured through the drop down menu. The transmit power level is regulated by your country's regulatory agency. System administrators shall configure the Regulatory domain in accordance to avoid law violation.

Note. With models that are integrated antenna, the configuration is the output power delivered to the integrated antenna.
Power(CCK/B)It indicates the maximum average transmit power configured for 802.11b modulation service expressed in dBm and mW. Options available from 0~24dBm, and may configured through the drop down menu. The transmit power level is regulated by your country's regulatory agency. System administrators shall configure the Regulatory domain in accordance to avoid law violation.

Note. With models that are integrated antenna, the configuration is the output power delivered to the integrated antenna.

IP Settings IP Settins

Attain IP ProtocolIt displays the method the device used to attain the IP address of the device LAN interface.
IP AddressIt displays the current IP address of the device. In Bridge mode, it displays the IP address configured in the IP Address web page . If the device were configured in Router mode, it displays the IP address obtained through the assigned WAN access method .
Subnet MaskIt displays the configured or attained net mask of the device. In Bridge mode, the subnet mask is configured manually in the IP setting web page. However, when the device is configured in Router mode, the Subnet Mask may obtained automatically from the DHCP server when device is configured to access the WAN by DHCP client or PPPoE.

This value provides the information to classify the portion of IP address can be classified as host devices and network devices. Subnet Mask defines the space in the network the device is in, and (or /24) is frequently configured for C class IP networks.
Default GatewayThe default gateway displays the gateway IP address currently configured/attained in the device. It is possible to attain the gateway IP automatically when the device is configured access the WAN by DHCP and PPPoE.

Typically, the Default Gateway IP is the address of the point in the network that provides the connection to the Internet. It maybe a broadband modem from ISP or a WISP gateway router. The device will direct data packets to the gateway when the destination address is not in local network.

The gateway IP address should be the same from the address space as on the Access Point.
DHCP ServerThe DHCP server displays the current configuration of the feature. By default, the DHCP feature is disabled due to majority use of the device, and system administrators may enable the feature when necessary.
MAC AddressIt displays the MAC address resides in the system by default. However, if there is MAC address configured in Clone MAC Address, the configured MAC address will be displayed.
Port StatusThe port status displays the Ethernet port current connection status. When there is success connection on the Ethernet port, it displays Connected, and followed the link speed. The Ethernet port is configured in auto mode by default, and in most cases, it runs at 100Mbps. System administrators may change the configuration at the Ethernet Mode in System settings.
ThroughputThe throughput displays both Tx and Rx current throughput on the device Ethernet port.
Refresh buttonThe refresh button reloads the web page to obtain the most current status of the device.
Show Wireless Clients buttonA separate Active Wireless Client Table window will be displayed. It contains all DHCP client associated information.

When the device is configured in router mode, the IP Settings section is rearranged into Wireless Interface and Ethernet Interface sections. The wireless interface represents the IP configurations on the wireless side of the device. The Ethernet Interface represents the Ethernet port WAN side configurations.

Wireless Interface & Ethernet Interface


The Wireless page contains configurations all details needed by administrators to setup the wireless service. Including the system operation mode, system channel, data rates, and wireless authentication, etc.

Basic Settings

Wireless Basic SettingsThe basic settings web page contains the general wireless settings, such as operation frequency band(data rate), operation mode, SSID, Channel number, etc. All these general settings can be configured here.

BandThe frequency band determines the wireless standard the device operates. 2.4GHz(B) is the older 802.11b while 2.4GHz(G) is a newer standard based on faster Orthogonal Frequency Division Multiplexing (OFDM) modulation.

EZ-OS device series supports both 802.11b and 802.11b modes.

- 2.4GHz(B): Connection with 802.11b network only.
- 2.4GHz(G): Connection with 802.11g network only.
- 2.4GHz(B+G): Connects to 802.11b or 802.11g network which is selected by default.
ModeThe Mode specifies the operation mode of the device, and it depends on the network topology requirements. There are 5 Modes currently supported.

1. AP mode: The standard 802.11 Access Point mode.
2. Client mode: In Client mode the device acts as a subscriber station, and connects to Access Points primary defined by the SSID. All incoming and outgoing network traffics from the network nodes are forwarded to or from the devices connected to the Ethernet interface.

A special note to this mode is Subscriber Station is using ARP NAT technique and may lack of transparency when passing-through the broadcast packets in bridge mode.
3. WDS mode: WDS stands for Wireless Distribution System, and when the device is configured to operate in WDS mode, it allows bridging with client WDS devices through the WDS protocol transparently.
Network TypeThe Network Type option becomes available when the device is configured in Client mode. It defines the data forwarding between Access Points.

Infrastructure: In Infrastructure network type, data communication between two clients has to be forwarded via an Access Point.

Ad Hoc: In Ad Hoc network type, each Client may forward data to another node, the determination is made dynamically based on network connectivity.
SSIDThe SSID is the Service Set Identifier to the 802.11 wireless LAN, and it should be specified while the device operates in Access Point mode. Clients within the range will receive the broadcast message advertised by the Access Point.
BSSIDThe BSSID is the Basic Service Set Identifier, it is the MAC address of the Access Point in an infrastructure network type. In an ad hoc type network, it is the locally administrated MAC address.
Channel NumberChannels are the operating frequency band divided into multitude channels to be used in WLAN, Both Access Points and Clients shall be running on the same channel to establish data communication. Multiple frequency channels are available to avoid interference between adjacent Access Point. The channel list varies depending on the selected country code, the device shall be configured accordingly on the regulatory domain to prevent violation of laws.
Enable MAC CloneThe MAC Clone feature makes the device fully transparent while configured in Client mode, and only one PC is connected to the LAN port. The MAC of the client computer is cloned to the device, and all the MAC address based link association and security authentication can be maintained.
Disable WirelessThe Disable Wireless provides a way to enable or disable wireless feature.
Enable RepeaterThe repeater mode enables the device to receive the 802.11 frames from Access Point, end nodes, or signal from another repeater, and retransmits the frames in order to extend the range of existing network infrastructure. Tick the option if the device is to be operated as a wireless repeater.
Repeater SSIDThe option becomes available when the Repeater mode is selected. The SSID to be specified should be the same as the Access Point.
Repeater BSSIDThe option becomes available when the Repeater mode is enabled. In an infrastructure the BSSID is the MAC address of the wireless Access Point, and the device in Repeater mode to repeat the wireless frame shall configured to the same BSSID as the Access Point.

Advanced Settings

Wireless Advanced SettingsAdvanced Settings contains more detail settings and options that will effect to device performance and behavior, the section shall be configured by more technically advanced system administrators with sufficient knowledge in WLAN technology. These configuration shall not be altered if in absence of advanced WLAN system administrator.

Data RateThe Data Rate includes Auto, 1, 2, 5.5, and 11Mbps for 802.11b. Auto, 6, 9, 12, 18, 24, 36, 48, and 54Mbps for 802.11g or 802.11b+g mode. The data rate has critical impact on performance especially in outdoor linking environment. Generally, lower data rates are less immune to noise while higher rates are more immune, but are capable of higher throughput. The optimistic rate always looks to achieve highest throughput while sacrificing noise immunity and robustness. When optimal data rate unknown, select Auto for auto data rate configuration.
Fragment Threshold The Fragment Threshold defines the maximum packet size before data is fragmented into multiple packets, and the range is 256-2346 bytes. In theory, the smaller packet size, less likely the occurrence of collisions. However, too low value may result in poor network performance. Only minor modification to this value is recommended, typically a value between 256~2048 byte is set, while in most cases, the default setting of 2346 should be remained.
RTS ThresholdThe RTS Threshold parameter helps to control the traffic flow by determining the packet size of data transmission through the Access Point. The value range is 0 to 2347, and with the maximum number of 2347 the RTS feature is identical to be disabled.

The RTS/CTS (Request to Send/Clear to Send) is a handshaking mechanism defined in 802.11 wireless networking protocol to reduce frame collisions introduced by the hidden terminal problem. If the packet size to be sent is greater than the threshold, the mechanism get triggered, else, the packets will be sent immediately.
Beacon IntervalThe Beacon Interval specifies the duration between beacon packets. Access Points broadcast Beacons or Traffic Indication Messages (TIM) in order to synchronize wireless networks. The default setting of 100 should be ideal for most situations. In a “noisy” environment - one with much interference - decreasing the Beacon Interval may improve network performance. In very remote locations (with few wireless nodes) this value may be increased.

The default value in the device is set to be 100ms, it should be remained in most cases.
ACK TimingIf the sending device is not receiving the responding message from the client device, the packet is assumed to be lost, and the sending device resends the packet.

The default value for ACK timing is set to be 91 by default, the value may be adjusted between 0-255 to suit the application, however, a too low value may likely to cause linking failure in some cases.
Client Expired TimeThe Client Expired Time defines the maximum time a client can remain idle before it is removed from the associated list. The association will be renewed and pass traffic when the client tries to move traffic.

The default value is configured with 300 seconds.
MTU SizeMTU (Maximum Transmission Unit) Size has impact on the network efficiency. The greater MTU size may reduce the system load, but when the working loads contains smaller messages, greater MTU size may not be helpful.

It is recommended to configure the largest supported MTU size, as the default value at 1500.
Preamble TypeThe Preamble type defines the length of the CRC (Cyclic Redundancy Check) block for communication between the Access Point and roaming wireless adapters. CRC is a common technique for detecting data transmission errors.

It is recommended to configure all Access Points and Client to prevent communication problem.
Broadcast SSIDThe SSID aided clients to identify the wireless service, and connect to the network. However, it is also prone to potential unauthorized users. If the network is not open to public access, the broadcast SSID feature may disabled to increase system security.
Block WAN RelayThe feature provides isolation function to wireless clients if the device is configured for public access. With this feature enabled, clients connected to the device will not see each other, and thus added network security.
IAPPIAPP(Inter-Access Point Protocol) or IEEE802.11F is a protocol recommendation for end-station communication mobility across Access Points from multi-vendor systems. It provides client station mobility across Access Points, and interoperability.
802.11g ProtectionA mechanism to prevent 802.11b legacy devices from trying to occupy the channel when OFDM modulation is used between 802.11g devices. The device will use a CTS-toself before transmitting a packet using OFDM for the duration of this packet so that legacy devices will consider the medium occupied.
Authentication TypeThe Authentication Type is related only to the WEP security option, and one of the following authentication type should be selected if WEP security method is used.

Open System: Station is authenticated automatically by Access Point.

Shared Key: Station is authenticated after the challenge, generated by AP. The Shared Key is assumed to be delivered through a separate security channel.
Tx Power BoostThe Tx Power Boost feature increases the transmit power to 1W, and this feature is designed mainly for test purpose. In most cases, it does not compliant to the regulations.
Transmit Power(OFDM)This configures the maximum average transmit output power of the 802.11g in dBm. The output power can be specified from the drop down list. The transmit power level that is actually used is limited to the maximum value allowed by your country's regulatory agency.
Transmit Power (CCK)This configures the maximum average transmit output power of the 802.11b in dBm. The output power can be specified from the drop down list. The transmit power level that is actually used is limited to the maximum value allowed by your country's regulatory agency.
Regulation DomainPower levels and frequency selections varies among different countries, and the device shall be configured to proper regulation domain to ensure the device optional parameters are tuned in accordance to the requirement of the selected regulation domain.

Antenna Alignment

Wireless Antenna AlignmentAntenna alignment feature provides a convenient way to align antenna with the remote client. This feature is available when the device is operate in Client, WDS, AP+WDS, and PointToPoint modes. Click on the Antenna Alignment link or Antenna Alignment button to trigger the feature in a separate window.

After click on the Start button, the signal strength in dBm will continuously displayed and plotted in the bar until the Stop button is pressed.

The Buzzer/LED option provides extra audio and visual indications for antenna alignment. The will cause the buzzer (if attached) to sound or the middle LED to flash differently based on the signal strength.

Security Settings

Wireless Security SettingsThe Wireless Security Settings contains parameters to control the data encryption and decryption, and the Authentication between the device and client stations.

Select a security method according to the wireless network security policy. Subscriber station should be authorized by Access Point in order to get access to the network and all the user data transferred between subscriber station and Access Point will be encrypted if the wireless security methods are used.

EncryptionThe EZ-OS contains popular 802.11 security options, such as WEP, WPA(TKIP), WPA2 (AES), and WPA2 Mixed. Select a security mode according to your WLAN policy.

WEP- WEP(Wired Equivalent Privacy) was included as the privacy of the original IEEE 802.11 standard, it uses the stream cipher RC4 for confidentiality, and the CRC-32 checksum for integrity. Enabling WEP allows to increase security by encrypting data being transferred over your wireless network. However, it is the oldest security algorithm.

When WEP is selected, click on Set WEP key button for Wireless WEP Key Setup in a separate pop up window. Details will be explained in the following chapter.

WPA(TKIP)- WPA™ (WiFi Protected Access) is a pre-shared key management protocol created by the Wi-Fi Alliance to offer improved security over the weakness of older WEP. TKIP, the Temporal Key Integrity Protocol (pronounced “tee-kip”) , comprises the same encryption engine and RC4 algorithm defined for WEP.

WPA2 (AES)- WPA2 certification mark indicates compliance with an advanced protocol that implements the full standard. It is a Counter Mode with Cipher Block Chaining Message Authentication Code Protocol which uses the Advanced Encryption Standard (AES) algorithm.

WPA2 Mixed- Mixed mode supports the algorithm used for both WPA (TKIP)and WPA2(AES).
Use 802.1x AuthenticationThe option becomes available when WEP encryption is selected. 802.1x is a centralized security management to provide user identification management, authentication, dynamic key management, etc. When this option is selected, the device requires Authentication RADIUS Server login information.

There are two levels of WEP encryption, 64-bit and 128-bit. The higher the encryption bit, the more secure your network, however, speed is sacrificed at higher bit levels.
Enable MAC AuthenticationMAC authentication provides a way for authenticating users based on ports and MAC addresses, without requiring any client software to be installed on the hosts. Once detecting a new MAC address, it initiates the authentication process.
Enable WEP from RadiusWEP from Radius provides encryption key dynamically to encrypted wireless data transmission between Access Point and clients, added to improve security while requires RADIUS server.
WPA Authentication modeWPA Authentication mode becomes available when WPA encryption method is selected.

Enterprise (RADIUS): if authentication is managed with a RADIUS server, input server information at the Authentication RADIUS server section, or

Personal (Pre-shared Key): Select Personal (Pre-shared Key) when in absence of a RADIUS server.
Pre-shared Key FormatThe WPA-PSK( Pre-share Key) format may either a Passphrase, or 64 -characters hexadecimal digits.

Passphrase- passphrase (also called a shared secret) that must be entered in both the wireless access point/router and the WPA clients. This shared secret can technically be between 8 and 63 characters and can include special characters and spaces.

Hex (64 characters)- Numbers 0-9 and letters A-F with 64 hexadecimal digits long. The more random your WPA preshared key, the safer it is to use.
Enable Pre-AuthenticationPre-authentication enables a station to authenticate to multiple Access Points, which is not possible after when 802.1x occurs after association, to minimize connectivity loss during roaming. To enable this feature, the WPA2 (AES) Authentication RADIUS server needs to be configured.
Authentication RADIUS ServerRemote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized access, authorization and accounting management for people or computers to connect and use a network service.

Port- RADIUS has been officially assigned UDP ports 1812 for RADIUS Authentication, the port number shall not be altered under normal condition.

IP Address- The IP address of the RADIUS server.

Password- The password to access the RADIUS server.

When the device operates in WDS and PointToPoint modes, the security configuration web page will be displayed as shown below. Please refer to the above for relative field description.

WDS/PtP Security Setup

Wireless WEP Key Setup

Wireless WEP Key SetupThe Wireless WEP Key Setup includes all WEP related configurations.

WEP ModeStandard 64-bit WEP uses a 40 bit key (also known as WEP-40), which is concatenated with a 24-bit initialization vector (IV) to form the RC4 traffic key. Put it simple, The 64-bit key requires 5 ASCII values or 10 HEX values in base 16 (0-9, and A-F) characters.

128-bit WEP protocol using a 104-bit key size (WEP-104) , A 128-bit WEP key is almost always entered by users as a string of 26 HEX or 13 ASCII (base 16) characters (0-9 and A-F).
Key FormatThe key can be entered in ASCII or Hex formate. Select a preferred or system defined key format.
Default Tx KeyDefult Tx Key specifies the default key among the 4 encryption keys to encrypt and transmit outgoing data.
Encryption Key 1~4The device stores 4 sets of encryption keys, with one set to be selected as a default key. All these 4 sets of encryption shall be configured.

Access Control

Wireless Access ControlThe Wireless Access Control provides a MAC address based association control.

Wireless Access Control Mode Wireless Access Control Mode provides 3 options in the drop down list, Disable, Allow Listed, and Deny Listed.

Disable- The feature is disabled, any client will be able to associated with the Acess Point.

Allow Listed- MAC Address range listed in the Current Access Control List are permitted to associated to associate with the Access Point.

Deny Listed- MAC Address range listed in the Current Access Control List are rejected to associate with the Access Point.
Current Access Control List The Current Access Control List displays the MAC address ranges to allow or deny the association with the Access Point.
Current Access Control List Failures This list displays clients being denied, and they can be added to the Current Access Control List by select desired MAC address and click on Add Selected button or click on Add All button.

Site Survery

Site SurveySite survey scans and displays the received SSID, BSSID, Channel, device type, Encryption, RSSI, and Link Quality information of the environment. It is a useful feature to plan and implement a wireless network by identifying the effective range boundary, and the minimum signal levels needed to support the intended application.


The Ethernet contains settings to the wired LAN or WAN side, such as IP settings, WAN dial-up settings, DHCP, Port Filtering, IP Filtering, MAC Filtering, Bandwidth Control, a nd the QoS settings.

IP Settings

Network Settings web page contains configurations on device to operate in Bridge or Router Mode operation, IP Settings for the Bridge management interface access or the Wireless Interface when operate in Router mode, The Ethernet Interface for Ethernet side LAN or WAN link configuration when operate in Router Mode.

Operation Mode Operation Mode

Operation Mode The operating mode configures the device to operate as a Bridge or as a Router.

Bridge- Bridges operate at the Data Link Layer (level 2) and act as a transparent bridge. There will be no network segmentation while broadcast domain will be the same. Bridge mode will not block any broadcast or multicast traffic.

Router-Routers operate at the Network Layer (level 3) and a router passes traffic between two logically separated networks whereas a bridge passes traffic between two networks which are logically the same.

Click on the Apply Changes after selecting operation mode, the nevigation bar on the left will change according to the selected operation mode.

IP Settings

IP SettingsIP Settings section is devoted for Bridge Mode management interface access, the section includes manual or auto device networking parameter and DHCP server configuration.

IP Address Enter IP address of the device, the IP will represent as accessing device management interface when operate in Bridging Mode. When the EZ-OS device operate in Router Mode, the IP address represents the wireless side management interface.
Subnet Mask Subnet Mask is a mask used when turned into binary to determine which portions of IP address groups can be classified as host devices and network devices. It defines the address space of the network segment where the EZ-OS device resides. Typically, subnet mask is commonly used for Class C IP Networks.
Default Gateway Default Gateway is the IP address of the router providing point of connection to the Internet, such as the IP share device or the ISP modem. EZ-OS device will direct data packets to gateway if the destination host is not located within the local network.
DHCP The EZ-OS provides three choices in the drop down menu, Disabled, Client, and Server:

Disabled- Manual configuration of the device IP address, Subnet Mask, and Default Gateway.

Client- When configured in Client, it obtains IP address, Subnet Mask, and Default Gateway from a remote DCHP server. For example, obtaining from a IP share device.

Server- When configured in Server, the EZ-OS device provides DHCP server feature to allocated IP addresses to associated clients. In the mode, IP address, Subnet Mask, and Default Gateway addresses has to be configured manually.
DHCP Client Range This feature allows to specify a range for number of clients when the device is configured to provide DHCP service. The default range is set to be to, and the last IP address should be within
Show Client button The Show Client button will pop up a new window, and list all DHCP clients.
Static Entries button The Static Entries button pop up a new window for DHCP Static Entries configuration. Details will be explained in the next section.
802.11d Spanning Tree 802.11d Spanning Tree is a protocol that ensures a loop-free topology for any bridged LAN. Spanning tree allows a network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops, or the need for manual enabling/disabling of these backup links. Bridge loops must be avoided because they result in flooding the network.
Clone MAC Address The MAC address of redundant device when the primary link failed.
Alias 1. IP to Alia 3. IP The IP addresses of the redundant devices.
Subnet Mask The Subnet Mask of redundant devices.

When Router is selected from the Operation Mode drop down menu, the Network Settings web page will be rearranged into three sections, including the Operation Mode, Wireless Interface, and Ethernet Interface. The IP Setting will be titled Wireless Interface under the Router mode.

Ethernet Interface

Ethernet InterfaceThe Ethernet Interface is available only when the EZ-OS device operates in Router Mode. It represent the configuration of wired link side, which the connection on RJ45 port.

WAN Access Type WAN access type defines how device is connected to the Network, and the option depends on your network structure. There are 4 options in the drop down list:

Static IP- Manual network parameter configuration. With this option seletected, IP address, Subnet Mask, and default gateway parameters are statically assigned from system administrator.

DHCP Client- Obtain Network parameters through the DHCP server broadcast in LAN. The DNS can be obtained automatically from the DHCP server broadcast or setup manually when network have privately owned DNS servers.

PPPoE- PPPoE, Point-to-Point Protocol over Ethernet, is a protocol mainly used with ADSL services where with ADSL modems users can virtually “dial” from one machine to another over an Ethernet network, establish a point to point connection and then securely transport data packets over the connection.

PPTP- PPTP is a one of the method to implement virtual private network (VLAN).
DNS Configuration The DNS configuration can either be done automatically through the DHCP broadcast or setup manually.

DHCP Static Entires

DHCP Static EntriesStatic DHCP is a useful feature which makes the DHCP server assign the same IP address to the specific network client based on the MAC address. It is particularly useful when the IP address is located to servers, and used in conjunction with port forwarding. Click Apply Changes after completion of editing.

Serve Listed Only This feature forces the DHCP server to assign IP addresses only to the MACs in the list, and if IP address field is empty, one available from the list will be assigned.
MAC Address MAC address of the specific DHCP client to be assigned.
IP Address IP address to be assigned to the specific client statically.
Comment May contains special note for the static DHCP entry.


General Settings PageICMP is a core Internet protocol primary used for delivering error message when service becomes unavailable or host not reachable. By allowing ICMP, the device response to remote Ping and Tracert tools to ensure service availability. However, ICMP protocol also prone to security risk, and it is disabled by default.

Port Filtering

Port FilteringPort Filtering allows enabling or disabling ranges of Transmission Control Protocol (TCP) ports and User Datagram Protocol (UDP) ports to increase network security from TCP/IP based security attacks, including potential internal treats from malicious users.

IP Filtering

IP FilteringIP Filtering allows to forward or discard TCP or UTP datagram based on the specified local IP address, the discarded datagram will be deleted as if never received.

MAC Filtering

MAC FilteringMAC Filtering or layer 2 address filtering allows network administrator to permit or deny network access to hosts associated w ith the MAC address.

Bandwidth Control

Bandwidth Control SettingsThe bandwidth control is a layer 3 QoS, which applies in router mode. The configuration is based from the Ethernet client perspective, and provides controls on both upstream and downstream data user defined rate limit.

Upstream Data Rate Defines the maximum bandwidth value available from the wireless interface to the Ethernet interface in Kbps.
Downstream Data Rate Defines the maximum bandwidth value available from the Ethernet interface to the Wireless interface in Kbps.


QoS SettingQoS setting feature allows to prioritize network traffics priority based on the source or destination IP address, MAC address, port range, etc. With this feature, system administrator may configure clients with time sensitive traffic with higher traffic priority, such as video conference call, or put bulk data oriented client nodes traffic in lower priority. Thus, fine tune network traffic experiences.

IP TOS Match The drop down list provides implementation QoS mechanism by matching the TOS bits in the IP header.


When the E-ZY OS device is configured in router mode, TCP/IP is listed in the second link in the navigation menu. This section includes Network Setting which configures Wireless and Ethernet network parameters, Routing Setup to both dynamic and static routing, and Hotspot configurtion.

Network Settings

The Network Settings web page has three sections, Operation mode, Wireless Interface, and Ethernet Interface. The IP settings section while the device operates in bridge mode is reallocated as Wireless Interface while the device operates in router mode. These were described in chapter IP Settings, please refer to the section for details.

Note. EZ-OS configured devices in Bridge Mode by default.

Routing Setup

Routing SetupThe Routing Setup web page contains 2 sections, the Dynamic Routes on the top, and Static Routes in the lower section.

Dynamic Route

RIP (Routing Information Protocol) employs the hop count as a routing metric. The maximum number of hops allowed with RIP is 15, and the hold down time is 180 seconds. RIP prevents routing loops from continuing indefinitely by implementing a limit on the number of hops allowed in a path from the source to a destination.

RIP 1 RIP 1 implements periodic routing updates without carrying subnet and router authentication information. The update of routing is broadcast through
RIP 2 RIP2 corrects some insufficiencies of RIP 1, which features router authentication. it is a classless routing protocol, and carries subnet masks when sending out routing information.

Hotspot Setup

HotspotHotspots are wireless access publicly to the Internet/LAN in a single 802.11 extended service set (ESS), locations such as air port and shopping malls, etc. User authentication may performed through a RADIUS server in the network, by the device locally, or both of the above.

To create a private Hotspot service, check on the Enabled to activate the Hopspot feature, and select one of the authentication mode from the drop down list. If Authentication is to be performed by RADIUS server, enter server information in the Authentication server section.

Hotspot User Name configures local authentication parameter, enter 8 characters and a value for timeout. The system will provide authentication password after clicking on the Apply Changes.


The Fi rewall section provides provides features to enhance security for both wireless and wired LAN network traffics., features including response to ping command, packet filtering, port forwarding, DMZ, VPN, bandwidth control, and QoS settings. With these features, system administrators can manage network traffics with proper flow and direction, resulting a better network experiences.

General General Settings PageGeneral Settings Page configures system response to the remote ping command, details were described in the chapter General. Please refer to the chapter for details.
Port Filtering Port Filtering provides network packet filtering based on application ports, details were described in Chapter Port Filtering . Please refer to the chapter for details.
IP Filtering IP FilteringIP Filtering provides packet filtering based on the Wireless side IP address. Details were described in Chapter IP Filtering , please refer to the chapter for details.
MAC Filtering MAC FilteringMAC Filtering provides packet filtering based on the MAC address of the NIC. Details were decried in chapter MAC Filtering, please refer to the chapter for details.
DMZ DMZDMZ is abbreviation for demilitarized zone, it is typically configured for a computer or small subnetwork that is accessible to the public Internet traffic, such as HTTP serice, FTP service, and SMTP service, etc.

To create DMZ, check on the Enable DMZ, and enter an IP address that all WAN traffic will be forwarded to .
VPN VPN SetupsVPN (Virtual Private Network), as the name implies, linking to the network between nodes are carried out by open connections or virtual circuit in larger network with strong security features.

To implement VPN, check on the Enable IPSEC VPN.

NAT Traversal- It is typically required for client-to-client networking applications, especially peer-to-peer and Voice-over-IP (VoIP) deployments.

RSA Key- RSA is an algorithm for public-key cryptography. Click on the Generate RSA key to create a encryption key. Click on Show RSA Public key to view the encryption key created.

The Current VPN Connection Table displays the status for VPN Tunnels, the EZ-OS provides 10 configurable tunnels to implement VPN connection.

To configure VPN tunneling, click on the Edit button. Enter tunneling information and click Apply Changes.
Bandwidth Control Bandwidth Control SettingsBandwidth Control provides management on the maximum traffic load flow through the Ethernet port. Details are described in the Chapter Bandwidth Control, please refer to the chapter for details.
QoS QoS SettingsQoS is a nprioritizing management mechanism to classify network traffics. Details were described in the chapter QoS, please refer to the chapter for details.

Mesh Networking

OLSRDMesh Networking is a construction of many access point implementing ad hoc type linking to form a path to destination. The path is re-formed automatically when there is prohibited route or malfunctioning device in the path, resulting a reliable wireless network service to destinations.

OLSRD The EZ-OS deploys the efficient OLSR (Optimized Link State Routing Protocol) for mesh networking implementation. It is a pro-active, table driven and utilizes multipoint relaying for message flooding.

Check on the OLSRD Enable to trigger EZ-OS Mesh Networking feature.
Provide Gateway Check on Provide Gateway to sending out HNA (Host & Network Association) messages.


Management web page provides statistical tools, System Command, SNMP management configuration, DDNS configuration, system Time setting, System log, and BWTest for system bandwidth test.

Statistics StatisticsThe Statistics web page provides records on packet traffic pass through the device for both Ethernet and Wireless interface.

Click on the WDS Stats to view statistical information for WDS links.
Graphs GraphsThe web page provides 3 analytical graphs:

The Traffic Graph provides Tx and Rx statistic in Bytes/sec on daily traffic load,

Packet vs Bytes Graph provides Rx Bytes/Sec. and Packets/Sec. on daily traffic load,

and RSSI Band Graph provides statistics on Maximum and Minimum radio signal strength received. The RSSI value returned from the system ranged from 0~127, 0 indicates no signal, and 1 indicates a minimum signal strength.
System Command System CommandThe System Command web page allows to input system command in the column right to the System Command. Click Apply and Refresh afterwards, and the result the device returns will be displayed in the lower text box.
SNMP SNMP SettingsSNMP (Simple Network Management Protocol) allows the device to response the device variables to remote monitor applications, it may also permits active management tasks, such as modifying and applying new configurations.

Check on the SNMP enabled to allow SNMP management, and enter remote trap receiver information.
DDNS Dynamic DNS SettingDDNS configuration updates the dynamically assigned IP address from ISP DHCP service to a DDNS service provider, resulting a static communicating domain name address for WAN contact.

The EZ-OS device currently supports DDNS service from TZO and DynDNS.
Time Time Zone SettingThe Time Zone Setting configures the current system time, either user input time or obtaining from a NTP server.

Check on the Enable NTP client update, and select NTP server from drop down list if system time is to be obtained automatically through NTP server.
System Log System LogSystem Log provides detail record on system activities, administrators may exam these logs to ensure no unexpected activities were performed.

System log may record only the wireless side service, or both wireless and the Ethernet side service. The Log record may stored in the device, or send to a remote Log server.

Check on the Enable Remote Log and enter the remote server IP address if Log were to be recorded to a dedicated server.
BWTest Bandwidth TestNote. Bandwidth test uses all available bandwidth and may impact to the network usability.

To perform test on throughput of a router, the configuration should be consists of at least 3 routers, one serves as a bandwidth server, one sit in the middle as a router to be tested, and one in the end as a bandwidth client.

When performing Tx Test , enter the destination IP address in the bandwidth server unit, and check on the Rx Test in the client unit.


The System section provides configurations oriented to the device itself, including accessible ports, device information, ping watchdog, firmware update, system setting backup and reload, customer file handling, login password editing, and device reboot.

Settings Miscellaneous SettingsSettings contains the Miscellaneous Settings for the device, this section configures permitted access method and web interface mode to the device.

It also contains accessible ports through each defined linking method, when the value in configured in 0, the device uses the default port number for access.

The configurations can be applied without saving, or saved without apply.
Location Location SettingsThe Location web page is intended for saving device information, the input information will be displayed in the Status page.
Ping Watchdog Ping WatchdogPing Watchdog is a helpful feature for devices located in difficult to access physically. The ping watchdog feature reboots the device when it loses network connection. The reboot may be helpful if the previous configuration were applied only without saving, and the system will roll back to the previously saved settings.

The ping watchdog may configured to reboot the device with multiple hosts with AND and OR conditional boolean logic.
Firmware Upgrade Firmware UpgradeFirmware Upgrade provides a mean to upgrade the EZ-OS to a newer or custom version. Select the firmware file, and click on Upload to overwrite existing version.

Note. Only official released firmware from shall be loaded to the device. Loading any other 3rd party firmware may causing system failure, and void Warranty.
Save/Reload Settings Save/Reload SettingsThe Save/Reload Settings allows to backup existing configurations, and reload it at a later time or to another identical device.
Custom File Handle Upload/Download Comtom filesThe custom file can be scrips that performs certain tasks, or the web files to customize the web user interface.

File types in the device categorized into two types:

Scrips- The device looks for 2 files in the scripts repository, the and As the name infered, the is called before the device initialization, while is called after the system initialization.

Web- Web file found in the repository are copied and overwritten to the web file directory. Existing file names or creating directories can be done through the ssh terminal. The easiest example would be the replacing the logo displayed on the top-left which located at the “graphics/topbar.gif”.

To download custom files to the device, enter the file name, including the subdirectory if applicable, and click on the Browse button to for custom files.

Click on the Write button after custom file is selected.

To upload custom files from the device, enter the file name including the subdirectory path if applicable, and click on the Read button to save a copy of file.
Passwords Password SetupThe EZ-OS provides two levels of user access permission,

Administrator level users are granted with Read and Write permission, while user is granted with Read only permission.

To configure login user name and password, enter user name and password on the same row as the Access permission. Check on the Enabled to activate login information, and click on the Apply Changes.
Reboot RebootThe Reboot web page contains a Reboot button, click on the button when system reboot is needed.


The wizard provides a quick setting on the Ethernet interface, and Wireless Basic Settings to allow quick setup of basic wireless service.

Step 1. Configure the IP address of the LAN interface of the device. See Chapter IP Settings for further details of needed.

LAN Interface Setup

Step 2. Configure the Wireless basic settings. Please refer to Chpater Basic Settings for further details if needed. Wireless Basic Settings

Click on the Finish button in order to finish the wizard process and commit changes, Cancel button in order to stop the wizard configuration process or Back button in order to return to previous screen.

The unit will reboot to the new settings. In case the new IP is different the old, you will need to access the device through the new configured IP address.

products/ez3p/ez3_manual.txt · Last modified: 2009/02/16 06:46 by dave
Recent changes RSS feed Creative Commons License Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki