IPitomy Monitored Router

From IPitomy Wiki
Jump to: navigation, search

The IPitomy Monitored Router or Cloud Managed Router will replace the onsite router and allow for monitoring and traffic shaping to optimize VOIP. It is recommended to wait until you get an email ticket notification that the initial setup for the router is complete before you connect it and power it up, it helps everything go more smoothly.

Contents

Unboxing

DO NOT CONNECT YOUR ROUTER TO THE INTERNET UNTIL YOU RECEIVE AN EMAIL/TICKET FROM SUPPORT LETTING YOU KNOW THE ROUTER IS READY

Your IPitomy Monitored Router comes with 1 firewall, 1 ethernet cable, and 1 power supply. For installation you need an Internet connection, two ethernet cords, and a network switch.

Whether using the Professional or Advanced unit, the set up process will be the same. The following images illustrate the ports you will use for each type of firewall. Otherwise, all of the steps will remain the same for each installation.

NOTE:: The device must be provisioned in the Dashboard before continuing. This will most likely have been done by IPitomy during shipping.

Professional

File:IPitomyRouterProfessional.jpg

Advanced

File:IPitomyRouterAdvancedl.jpg

Connecting Cables

  1. For this product to work properly, please make sure your ISP has your modem in Transparent Bridge Mode before proceeding. Some modems require a reboot when connecting a new device.
  2. Plug your Internet connection coming from your modem (Cable/DSL) or Ethernet (Fiber/T1) in the WAN Port "A". Connect your PC direct to LAN Port "B".
  3. Connect your Power Supply to Port "C".
  4. The OPT Port "D" is for an optional failover secondary Internet connection, used when the optional feature WAN Failover is purchased.
NOTE::After the device is connected and powered on, you will need to reboot the computer or release and renew so it pulls a new IP address from the IPitomy Monitored Router.

Testing

If the public IP of the site is dynamic, you should be able to get out to the internet after 1-2 minutes. You can test this by going to www.google.com. This will result in a testing screen if it succeeds in getting its WAN IP via DHCP, or a Failed to Detect Screen.

If you see the testing screen, wait 1-2 minutes, once its finish, you will be connected to www.google.com, you are finished and can now connect the sites network switch to the LAN Port "B".

If you get the Failed to Detect Screen, you will need some basic information from your ISP.

  • Your Static IP Address, Subnet Mask, and Gateway

OR

  • PPOE/PPTP Username and Password

Input this information and save.

NOTE:: If you input information on this screen and it successfully connects, the information will be saved to the dashboard on completion. You should not have to enter this information again. After you have saved, go back to your browser and go to www.google.com The testing page will now come up; wait 2-3 minutes. When Google comes up, you are online and can connect the LAN Port "B" to the sites network switch.

Front Light Key

  1. 1 Solid Light: Unit Has Power
  2. 2 Solid Lights: The Internet has been detected
  3. 1 Solid Light, 1 Flashing Light: Testing Internet connection in progress
  4. 3 Solid Lights: System is up and operational

Programming

Once the router is connected out to the internet, it will download its programming from the cloud. To access the cloud and program it, head to https://ipitomy.mycloudconnection.com. Choose Dashboard Login and you will login as a User with the Username and Password provided to you.

Alert Notifications

All users must login to configure their own Alert settings. To do so, click the Envelope in the top right corner and choose View All. This will allow you to create a new Alert Policy by clicking the + sign on the right side. Give the Alert Policy a name and select which sites you'd like to monitor. You can configure the rest as needed, but by default the slider bar settings are set to a typical threshold.

Firewall and Port Forwarding

In order to program the router to allow traffic inbound from the outside to the LAN, you need to create a Firewall Rule and Port Forwarding. Below are examples of how to set this up for the standard ports of 80, 22, 5060, and 10k-20k. You can use these examples to create any other port forwarding and firewalls your customer may need. (In these examples the PBX was at 192.168.35.10)

Firewall Rules

File:RouterFirewallRules.jpg

Port Forwarding

File:RouterPortForwarding.jpg

Emulated bridge mode

Note: This REQUIRES a second public IP address. DOES NOT WORK if you only have a single public IP address.

Virtual WAN is used for Public IP's on the LAN for hosting servers without using NAT.

For this to work, the 3rd party router must be programmed just like it would if were plugged directly into the Internet. That includes Static, public IP, that IP also must be added in as Proxy Arp on the WAN. They must also configure the gateway on the device just like it were on plugged into the modem. Rules must be created to allow all traffic (or filtered if they want to filter it and lock it down). The 3rd party device must be put on a Vlan and have access to that Vlan.

This mode allows a VLAN on the LAN to act as if all devices were sitting on the WAN interface, with the benefit of all the traffic prioritization policies and rule control through the IPitomy router. You must be running firmware 6.0.0 or higher for this feature.


1) Navigate to VLAN

2) Click the + icon to create a new vlan

3) Give the new vlan a name (any, helps to be easily identifiable)

4) Set parent interface to LAN

5) Change vlan tag to anything other than 1

6) Enable virtual WAN

7) Save

​This will create a virtual interface (named opt1 if no other vlans are defined)

8) Navigate to Firewall=>Rules

9) Create rule with interface OPT1 (per above note)

10) set Protocol: any, source type: any, destination type: any, and leave ports blank for all ​

11) ​Save

12) Create another rule, with interface WAN, Source ANY, Destination should be the IP address of the router's VWAN interface.

13) Navigate to Interfaces=>WAN

14) Add an entry in Proxy ARP with the CIDR Block notated network for the secondary IP (such as 11.22.33.44/32)

15) Save

Personal tools
Namespaces
Variants
Actions
Navigation
Toolbox