KAON - CG2200 - eMTA Technical Manual v1.4

Technical User Manual :
KAON_CG2200_eMTA Technical User Manual v1.4.docxKAON_CG2200 eMTA

Technical User Maual v1.2
Document Type Product Specification
System DOCSIS 3.0 24x8 Cable Voice Residential Gateway
Product Line Claro Colombia
Project Number CG2200
Document Title
KAON_CG2200_eMTA Technical User Manual

v1.2
Document Issue
Department Author Date

Edited by DOCSIS Team Seunghee Lee 29/Sept/2016
R&D division PM Jerry Ko 29/Sept/2016
DOCSIS Team Seunghee Lee 9/Apr/2018
Revision Release v1.0 Sept 29, 2016

Release v1.1 Apr 9, 2018
Release v1.2 July 31, 2019
Claro Colombia Kaon
Name:
Date:
Confidential & Proprietary Copyright © Kaonmedia Page 1 of 75

TABLE OF
CONTENTS
TABLE OF CONTENTS ................................................................................................................................................. 2
1. INTRODUCTION ................................................................................................................................ 4
2. GENERAL SPECIFICATION ............................................................................................................... 6
PHYSICAL SPEC ....................................................................................................................................................... 6

OPERATIONAL SPEC ............................................................................................................................................... 7
FRONT PANEL ........................................................................................................................................................ 8
REAR PANEL ........................................................................................................................................................ 10
INSTALLING DEVICES ........................................................................................................................................... 11
3. CABLE MODEM ................................................................................................................................ 12
DOWNSTREAM .................................................................................................................................................... 12
UPSTREAM ........................................................................................................................................................... 12
DOCSIS APPLICATION ...................................................................................................................................... 13
4. GATEWAY.......................................................................................................................................... 14
5. WIRELESS .......................................................................................................................................... 16
RF TRANSMISSION ............................................................................................................................................. 17
SECURITY ............................................................................................................................................................. 17
6. VOIP ................................................................................................................................................... 19
STATUS ................................................................................................................................................................ 19
DHCP ................................................................................................................................................................. 20
QOS..................................................................................................................................................................... 21
PROVISIONING .................................................................................................................................................... 22
EVENT LOG .......................................................................................................................................................... 23
SCOPE OF MTA SYSTEM .................................................................................................................................... 24
7. DEVICE MANAGEMENT ................................................................................................................. 25
SYSTEM ................................................................................................................................................................ 25
COMPATIBILITY WITH DEVICES IN HOME ........................................................................................................... 25
ACCESSING THE WEB UI .................................................................................................................................... 25
7.3.1 STATUS............................................................................................................................................................ 27
7.3.1.1 SOFTWARE PAGE ............................................................................................................................................ 27

7.3.1.2 CONNECTION PAGE ....................................................................................................................................... 27

7.3.2 NETWORK ....................................................................................................................................................... 29
7.3.3 FIREWALL ........................................................................................................................................................ 29
7.3.4 2.4GHZ ......................................................................................................................................................4629
7.3.5 5GHZ..........................................................................................................................................................5629
7.3.6 MTA ............................................................................................................................................................6729
7.3.7 MANAGEMENT ...........................................................................................................................................6729
7.3.7.1 LOCAL LOG PAGE .......................................................................................................................................6729
7.3.7.2 REMOTE LOG PAGE .................................................................................................................................... 6730
7.3.7.3 DIAGNOSTICS PAGE. .................................................................................................................................. 6932
7.3.7.4 EVENT LOG PAGE .......................................................................................................................................7133
7.3.7.5 SECURITY PAGE ...........................................................................................................................................7234
7.3.7.6 BACKUP PAGE .............................................................................................................................................7234
SPECTRUM ANALYZER .................................................................................................................................... 7335
8. EXTERIOR DESIGN ..................................................................................................................... 7537

1. Introduction
The purpose of this document is to present product information including technical
specification to procurement team who is working on product definition and laboratory
homologation.
The CG2200 (Wireless Residential Gateway) is a high-performance home gateway that is

able to support a Cable Modem, Router, and Wireless Access Point(s) in a single device,
and will provide a cost-effective networking solution for both the home and small office.
 Compliant with DOCSIS 3.0, 2.0, and 1.x standards to deliver high-end
performance and reliability
 High performance broadband internet connectivity to maximize your on-line

experience and communication
 2 or 4 (optional) 10/100/1000BASE-T Ethernet ports to provide wired

connectivity
 Dual-band 802.11acn Wireless Access Point(WAP) with Multi Service Set 메모 포함[김BK1]: N – ac로 변경
Identifiers (SSIDs) compatible with 802.11b/g/n and 802.11ac
 (optional ) 서식 있음: 글머리 기호 + 수준:2 + 맞춤 위치: 1.29 cm
(*) Unique 8 SSIDs name for each device and each band + 들여쓰기 위치: 2 cm
메모 포함[김BK2]: Optional 제거
 For easy control, Wireless Protected Setup (WPS) on the front panel, including a
서식 있음: 표준, 들여쓰기: 왼쪽 3.32 글자, 글머리
button switch to activate WPS for simplified and secure wireless setup
기호 또는 번호 없이
서식 있음: 표준, 들여쓰기: 왼쪽 3.32 글자

 For easy checking, DOCSIS-compliant LED labeling and indicating provides a

user and technician an intuitive method to check operational status and act as a
troubleshooting tool
 Advanced firewall technology based applications to protect the Private LAN

from malicious attacks (DoS, etc.) from the WAN interface.
 User configurable content filtering and SPAM filtering are also included to allow
for manual parental control which is able to block access to undesiable Internet
sites
 Compact design and versatile orientation to stand vertically on a desk, or mount

easily to a wall and Color-coded interface ports and corresponding cables to
simplify installation
 Allows automatic software upgrades by service operator
 For Lower Operating Expense Decrease TCO(Total Cost of Ownership) supports

real-time FBC diagnostics such as the downstream, upstream spectrum analyzer,
and WiFi Insight features.
Before installing the residential gateway, please make sure that your system meets or
exceeds the requirements listed in this section.

2. General Specification
The CG2200 is designed based on BCM3384(x) which is the industry’s first
DOCSIS® /EuroDOCSISTM 3.0 solution within an integrated Full-Band Capture (FBC)
frontend. This SoC integrates all of the necessary functionality to enable cost optimized
solution, and support over 1600 DMIPS, the advanced VIPER processor, 2300 DMIPS
Zephyr processor available to run add-on applications for further produce differentiation
and multiple independent hardware accelerator engines deliver unmatched packet
processing performance.
 DOCSIS/EuroDOCSIS3.0 Compliant
- 24 downstream channels
- 8 upstream channels
- Quad 256 QAM modulator with SCDMA(synchronous code-division multiple
access) and integrated power DAC
- With 24x8 channel bonding, it supports up to about 900 Mbps/200M bps
 Full-Band Capture frontend utilize any eight channels in down stream spectrum,
fast channel change, 1GHz direct sampling frontend, 12-bt wide ADC
 Four dedicated hardware assist engines

- Downstream resequencing
- Upstream preprocessing
- Filter/Classifiation
- LAN accerlation
 Complete set of peripheral interface

- Dual 10/100/1000 Mbps Ethernet, one with integrated GPHY
- Dual Gen1 PCI Express® Interfaces to support simultaneous dual-band
2.4GHz and 5GHz Wi-Fi
Physical spec
Dimensions 235x190x65mm
Power Adaptor 100 to 240 VAC, 12V, 2.5A, 50 to 60 Hz
Operating Temperature 0 °C to 40 °C
Humidity 0 to 95% RH
(non-condensing)
Storage Temperature -20˚ to 70˚C
Color Black
LEDs Funtion - Power : On(Green)
- DS(Receive) : Lock(Green)
- US(Send) : Lock(Green)
- Online : On(Green) – Network access is enabled
- Ethernet (Eth1-4) :
. On(Green) - Gigabit Link , Blinking - Activitiy

. On(Amber) - 10/100 Link, Blinking - Activity

- Wireless Link (Wi-Fi/WPS)
. On(Green) - WAP is enabled and operational
. Blinking (Interval 2 secs) - Running WPS.
. Blinking (Interval 1 sec) - WPS Timeout.
- VOIP(Tel1,2)
. On(Green) - When telephony service is enabled
. Blinking - When line 1/2 is operational
Mounting Desktop (Vertical or Horizontal) or wall
For easy control and checking, LED labeling and indicating provides a user and
technician an intuitive method to check operational status and act as a troubleshooting
tool during Initial power up and registration as below table.
Operational Status
Initial Request
LED CMTS Request Restarting Telephone
Power- DS DS US Requesting CM Requesting
/ Status Up Registration MTA Voice Registration
Scan Locked Ranging CM IP config MTA IP
complete config file service complete
file
Power On On On On On On On On On On On
DS Blinking Blinking On On On On On On On On On
US Blinking Off Off Blinking On On On On On On On
ONLINE Blinking Off Off Off Off Blinking On On On On On
WiFi Off On/Off On/Off On/Off On/Off On/Off On/Off On/Off On/Off On/Off On/Off
ETH1~4 Off On/Off On/Off On/Off On/Off On/Off On/Off On/Off On/Off On/Off On/Off
TEL1~2 Off Off Off Off Off Off Off Blinking Blinking Blinking On
Operational spec
Cable Interface F-Connector, female 75 Ω

Network Interface 2 or 4(optional) Gigabit (10/100/1000) Ethernet ports
Ethernet connector RJ-45 (8 contacts)
Wi-Fi Interface Dual-band 802.11b/g/n/ac Wireless Access Point(WAP) 메모 포함[김BK3]: 내용 변경
802.11n, Single Band 2.4GHz 2x2 Wireless Access Point
서식 있음: 글꼴: Book Antiqua, 10 pt
(WAP) (backwards compatible with 802.11b/g/n)
Regulatory (Standards) RoHS compliant, 서식 있는 표
UL® 60950/FCC Part 15 Class B or CE 서식 있음: 글꼴: Book Antiqua, 10 pt
DOCSIS DOCSIS 3.0 compliant with DOCSIS 2.0, 1.1, and 1.0 서식 있음: 글꼴: (한글) Tahoma
standards to deliver high-end performance and reliability
서식 있음: 글꼴: (한글) Tahoma
Bonded Channels (Down/Up) 24x8
Color LED status indicators Dual color LED status indicators on the front-panel provide
an informative and easy-to-understand display that
indicates the cable modem operational status
Telephony 2 RJ11 ports, PacketCable 1.5 certified, PacketCable 2.0
compatible

Front Panel


Rear Panel
TEL 1~2 RJ11 Telephone ports to connect your phone or fax
LAN 1~4 RJ45 Ethernetports to connect your PC or home network devices
RESET Pin-hole for factory reset
CABLE IN Connects the coaxial cable for cable internet service
12V IN Connects the unit to DC 12V power

Installing devices

3. Cable Modem
The CG2200 is designed based on BCM3384(x) which is the industry’s first
DOCSIS® /EuroDOCSISTM 3.0 solution within an integrated Full-Band Capture (FBC)
frontend as below
- 24 downstream channels
- 8 upstream channels
- Quad 256 QAM modulator with SCDMA(synchronous code-division multiple access)
and integrated power DAC
- With 24x8 channel bonding, it supports up to about 900 Mbps/200M bps
Downstream
Bonded Channels Up to 24
Modulation 64 or 256 QAM
Channel Bandwidth 6 MHz / 8MHz
Total Max Bandwidth 1029.12 Mbps @ 256 QAM at 5.36 Msym/s
(24 Channels)
Maximum Data Rate Per 42.88 (38) Mbps @ 256 QAM at 5.36 Msym/s
Channel (single channel) 30.34 (27) Mbps @ 64 QAM at 5.36 Msym/s
Symbol Rate 64 QAM 5.057 Msym/s; 256 QAM 5.361 Msym/s
RF Input Power 64 QAM -15 to +15dBmV
RF Input Power 256 QAM -15 to +15dBmV
Bonded Channel RF Level Tolerance 10dBmV
Bonded Channel RF Input Impedance 75 Ω (nominal)
Frequency Range min. 108 to 1002 MHz
(*) Diplexer supports this range, and will scan from 93108HMz ~
1002 MHz
Frequency Plan Annex A / Annex B
Upstream
Bonded Channels Up to 8
Modulation A-TDMA: QPSK, 8, 16, 32, 64QAM
SCMDA: QPSK, 8, 16, 32, 64, 128QAM
Channel Width 200 kHz, 400 kHz, 800 kHz, 1.6 MHz, 3.2 MHz, 6.4MHz
Maximum Channel Rate Up to 8 upstream channels supporting over 240Mbps of data
capacity
245.76 Mbps (8 channels) / 30.72 Mbps (single channel) @
128 QAM at 6.4 MHz
Maximum Data Rate Per QPSK 0.32 ~ 10.24 Mbps
Channel (single channel) 8 QAM 0.48 ~ 15.36 Mbps

16 QAM 0.64 ~ 20.48 Mbps

32 QAM 0.80 ~ 25.60 Mbps
64 QAM 0.96 ~ 30.72 Mbps
128 QAM/TCM 30.72 Mbps
Symbol Rates 160, 320, 640, 1280, 2560, 5120 ksym/s
Operating Level Range Level range per channel (Multiple Transmit Channel mode
disabled, or only Multiple Transmit Channel mode enabled
with one channel in the TCS)
Automatic Level Adjust
Frequency Level Stability (kHz) ±5
TDMA
TDMA modulation type QPSK, 8 QAM, 16 QAM,32 QAM, 64 QAM
TDMA/ATDMA Level one channel Pmin to +61 dBmV
range per channel with two channels Pmin to +58 dBmV
QPSK modulation
three or four channels Pmin to +55 dBmV
range per channel with 8 two channels Pmin to +55 dBmV
QAM & 16 QAM
three or four channelsv Pmin to +52 dBmV
modulation
range per channel with 32 two channels Pmin to +54 dBmV
QAM & 64 QAM
three or four channels Pmin to +51 dBmV
modulation
S-CDMA
S-CDMA modulation rate 1280 kHz, 2560 kHz, 5120 kHz
S-CDMA Pmin by Pmin = +17 dBmV, 1280 kHz modulation rate
modulation rate Pmin = +20 dBmV, 2560 kHz modulation rate
Pmin = +23 dBmV, 5120 kHz modulation rate
S-CDMA Level range per one channel: Pmin to +56 dBmV
channel by modulation two channels: Pmin to +53 dBmV
rate
three or four channels: Pmin to +53 dBmV
Output Impedance 75 Ω (nominal)
Frequency Range 5-85 MHz (Optional 5 ~ 42MHz, 65MHz)
DOCSIS Application
The software is designed to comply with DOCSIS 1.0/1.1/2.0/3.0 standard and High-
performance DOCSIS functionality as below
 Smart quick scanning

 Baseline Privacy Interface plus (BPI+)
 DOCSIS 3.0 Security (EAE, SSD)
 Dual IPv4/IPv6 capable (IPv4 only, IPv6 only, dual mode)
 Extensive custom SNMP MIB for the Gateway, SNMP Management V2 & V3
 Provisioning and setting of CM & WiFi, GW features by config file
 Firmware upgrade via TFTP (CVC signing)
 Web UI for DS/US status monitoring
 DS spectrum analyzer

4. Gateway
The product is designed to support various protocols based easy installation onCable TV
services including high-speed internet access via Wired or Wireless connections.
Gateway shall support advanced firewall technology based applications to protect the
Private LAN from malicious attacks (DoS, etc.) from the WAN interface, but also need to
support user configurable content filtering and SPAM filtering are also included to allow
for manual parental control which is able to block access to undesiable Internet sites
 Gateway for wireless communication provides you with the freedom to connect
to the Internet from any location within range of the WAP without having to use
wired connections.
 Gateway for the Local Area Network (LAN) in your home. These include the
range of IP addresses that define the LAN itself as well as how the addresses are
assigned (automatically by DHCP or manually) as new devices are added to the
network.
Gateway DHCP client/server

NAPT, NAT, and Pass-through (layer 2) Operational Modes
VPN pass-through
static routing and dynamic IP routing (Router Information Protocol)
(RIPv1, RIPv2 with MD5)
Support for Static and Dynamic IP
SPI firewall with DoS protection and intrusion prevention
Port, packet, and URL keyword filtering
Software support for UPnP IGD 1.0
L2TP Pass-through
Ethernet 10/100/1000 BaseT, full-duplex auto-negotiate
functionality
Supports IP addressing using IPv4 and/or IPv6 (dual stack)
- End-point support (IPSec/L2TP/PPTP)
- IPSec Pass-through
- PPTP Pass-through
Port Forwarding
Port Triggering
Support DMZ Host
Support Dynamic DNS
Support Backup/Restore Configuration
VPN Support Configure VPN Tunnel.
Firewall Per-User Policies
Keyword blocking
Filtering Activity
Session Tracking
User Notification via E-mail Alert and SNMP Traps

Domain name blocking

Time of day filters
MAC Address Filtering
IP Filtering
Pass-Throuth by Specific MAC Address.
Stateful Packet Inspection (SPI)
Intrusion Detection for Denial of Service (DoS) attacks
Flexible Parental Control
URL Content Filtering
Web-Based User Interface Management and Administration
Remote User Access
Logging & Alert
Provisioning Provisioning with SNMP

5. Wireless
The proudct is designed based on BCM4360 which is a Dual-band, 2.4GHz, 5GHz, IEEE
802.11ac-compliant MAC/PHY/Radio chip with 2.4GHz/5GHz internal PAs. This
solution can leverage the high throughput and extended range of Broadcom’s 2nd
generation Multiple Input Multiple Output (MIMO) solution for advanced signal
processing techniques to improve receive sensitivity.
State-of-the-art security is implmemented by industry standardized system support for

WPATM, WPA2TM, and hardware accerlated AES encryption/decryption, coupled with
TKIP and IEEE 802.1x support.
Support CPU Off-loading embedded hardware accerlation, and enables increased system
performance and signigicant reduction in host-CPU utilization in both client and access
point configurations.
In order to maximize QoS and OoE, WiFi technology based on intelligent alorogthm
support key features as below.
 Auto channel Change

- The latest edge technologies are used
. LDPC, STBC, and MIMO
. Explicit beamforming
- RGW triggers channel scan by its channel scanning algorithm.
- When channel scanning, the RGW schedules quite intervals so that client
doesn’t send packet not to lose packets.
 Intelligent Airtime Scheduling

- Enables significantly greater control of Quality of Service of the WLAN
Home network by controlling airtime of clients
- Allows for strict priority for groups of clients
- Video clients strictly prioritized over data clients
- Ensures bandwidth is provided to critical clients
- Video clients are always guaranteed as much bandwidth as required to
receive video
 Guaranteed QoS and QoE

- Cable (DOCSIS) combined with Gigabit Ethernet
. Extremely high bandwidth Packet Prioritize (Bottleneck management)
. Guarantees superior quality in Voice, Video and Data
- Available customized QoE
. Guarantee Quality of Service (QoS) and Quality of Experience (QoE)
 Traffic shaping based on needed application bandwidth

- CinemaNow gets exactly enough BW required for streaming
- Best effort traffic gets left over
 Customization for setting Device priorities

- Netflix on HDTV gets more BW than Netflix on iPad
The BroadStream iQoS ensures quality of experience in presence of concurrent traffic and
applications!
RF Transmission
Wi-Fi LAN - 802.11b/g/n / ac

- Integrated 802.11ac Radio 3x3 MiMo Wireless Technology
- Advanced MIMO antenna configuration for optimal
throughput and coverage
- 3 Tx and 3 Rx antennas
- WDS bridging
- 802.11e WMM admission control
- QoS
802.11 Band 2.4GHz / 5GHz
SSID Multiple SSID Support (with unique NAT scopes)
Regulatory - To be defined (Local environment certification)
Domains
Spatial Streams 3x/3
Channel 2.4GHz =>20MHz and 40MHz
Bandwidth 5GHz => / 20MHz, 40MHz and 80MHz
Maximum Phy Rate 2.4GHz => 600450450Mbps, 5GHz => 1.3Gbps 메모 포함[김BK4]: 2.4GHZ ,5GHz 분리
Antennas 3 transmit and 3 receive 2.4GHz 450Mbps -> 600Mbps 변경
Antennas Type Internal 메모 포함[김BK5]: External Ant 지원 불가에 따른 내

Transmit Power 2.4GHz Typ. 26dBm (400 mW) (@11n, MCS0 20MHz) 용 삭제
Output (EIRP) 5GHz Typ. 27dBm (500 mW) (@11n, MCS0 20MHz) 메모 포함[김BK6]: EIRP 기준으로 전체 수정
Receiver -90dBm (@11n MCS0, Base on 1 port)
Sensitivity (RSSI) -72dBm(@11n MCS7, Base on 1 port) 메모 포함[김BK7]: 전체 수정
Security
802.11i Security - Default security enabled: WPA-PSK

- Wi-Fi Compliant Security (WPA2-Enterprise, WPA2-PSK,
WPA-Enterprise, WPA-PSK, WEP)
- 64/128 bit WEP encryption
- WPA and WPA2 Personal and Enterprise support of
Temporal
- Key Integrity Protocol (TKIP), AES, IEEE802.1x Port-Based
Authentication with RADIUS client, 802.11i (pre-
authentication)
- MAC authentication wireless security options
- RADIUS Authentication (Client, EAP-TLS, EAP-TTLS,
EAP-PEAP, EAP-MD5)

- Wi-Fi "Hot Spot" support (Static DHCP IP Scope over

tunnel)
Wi-Fi Pairing - Wi-Fi Protected Setup (facilitates easy set-up of security
using a Personal Identification Number -PIN) and/or a
button located on the Wi-Fi device (WPS) for connection
with WPS

6. VoIP
This section shows the status, parameters of dhcp, qos, provisioning details and event log
of MTA of the cable modem in MTA web menu which allows only administrator to
access and also shows the scope of MTA system
Status
This shows the results of some procedure on booting. The procedures must be done
successfully for call service. The main procedures are the getting IP address for MTA,
getting TLV configuration files and operational to Call Server.
Section Field Description

Startup Procedure This shows the results of each process from DHCP to
RSIP operation to Call Server.
MTA Line State Hook State shows the loop between telephony device and Call
server.

DHCP
MTA device must support DHCP options code to provision VoIP system during the
initialization process. The option code 122 must be used to find a provision system to
configure CPE, provision server and flow type.

Lease Parameters Shows the parameters delivered by DHCP server to
MTA device.
PacketCable DHCP Shows the snmp server address and provisioning flow type
Option 122 which are contained in the DHCP option122 response from
DHCP server.

QoS
This page shows the quality of network, transmission and service flow between CM and
CMTS.

Error Codewords Shows the quality for transmission of data packet.
Payload Header Shows the suppressing the Ethernet, IP and UPD headers of
Suppression RTP packets.
Service Flows Shows some flows for call signal, data and voice RTP flow.

Provisioning

MTA Config File Shows the contents in the MTA config file which is
downloaded from a provisioning system.
Enterprise MIBs Shows the configuration in nvram or the config file.

Event Log

Event Log Shows the event logs created when a event happens (the size of
the queue is limited)

Scope of MTA system
The product is designed to use Broadcom solution proven on real network in terms of
both compliance and performance.
 Two lines of carrier-grade VoIP.

 Support wideband codec. G.722
 PacketCable 1.5 compliant fully.
 Upgradeable to PacketCable 2.0 support of SIP.
 Support call signal protocol MGCP.
 Loop diagnostics for remote testing.
 Support Line Echo Cancellation (LEC), Acoustic Echo Cancellation (AEC)
 Support Auto–adapting FSK/CAS tone levels, dynamic jitter buffer
 Support several provisioning flow (Basic, Hybrid and Secure)
MGCP 1.0 / NCS 1.0

G.711 a/μ, G.722 and G.729 A/B codecs support
CNG, VAD, Echo cancellation.
DTMF NTE (RFC 2833) and inband support
PacketCable 1.5
T.38 / G.711 FAX
CLIP (ETSI FSK) support
QoS – DSCP / CoS marking
Country specific tones (Poland) on FXS ports

7. Device Management
System
QoS & Traffic - Support IEEE 802.11e Wi-Fi Multimedia (WMM)

Management 802.11e WMM power save/U-APSD (Unscheduled-
Automatic Power Save Delivery)
- Support for WMM QOS and WMM Power Save
- All ports support Auto-negotiation, auto speed
sensing, and Auto MDIX
Security DOCSIS 3.0 Security (BPI+, EAE, SSD)
(*) Compliant with CMTS between Cable Modem
Network Management DOCSIS 3.0, 2.0, 1.1, and 1.0
Extensive custom SNMP MIB for the Gateway, SNMP
Management V2 & V3
DOCSIS, Web-based, and XML configuration
Telnet remote management
Firmware upgrade via TFTP
Configuration backup and restore
Enhanced WebGUI Interface with Technician Level
Access
TR-069 and subset of TR-181i2 data model (optional)
HNAP server 1.2+
Protocol Filtering Ethernet & IP
HTTP Server (CM status)
System Monitoring Downstream Spectrum analyzer
Tool Upstream Spectrum analyzer
Compatibility with devices in home
PC: Pentium, or later

Devices - Windows 8, 7, Vista, 2000, or XP (SP1, Sp2, SP3) or Linux
with Ethernet connection
- Macintosh: Power PC or later; OS 9 or higher, Ethernet
connection
- UNIX: Ethernet connection
Home Networking: Ethernet router or wireless access point
Accessing the Web UI
To configure your residential gateway, you must first access the Web UI. This section
provides detailed instructions and procedures for accessing the Web UI and for
configuring your residential gateway to operate correctly. This section also presents

examples and descriptions of each Web UI configuration page. Use the Web UI to
customize your residential gateway to your needs rather than using the default settings.
The Web UI in this section are organized in the order shown on the Setup page.
Important: The Web UI pages and the examples shown in this section are for illustration
purposes only. Your pages may differ from the pages shown in this guide. The pages
shown in this guide also represent the default values for the device.
Note: If you are not familiar with the network configuration procedures detailed in this
section, contact your service provider before you attempt to change any of the residential
gateway default settings.
The default IP address of the CG2200 is 192.168.10.1. It shows only status and diagnostic
pages. To access the configuration web pages, you can connect to 192.168.100.1. Please
refer to the following:
1. Obtain an IP address from the built-in DHCP server for the PC you are using to
connect the CG2200
2. Start your web browser application (Internet Explorer, Netscape, Mozilla, etc.)
3. Enter “http://192.168.100.1” for the URL
At this point, the PC should present an authentication window similar to this one:
Enter user name field, and password field as you configured. Default username and
password is as below:
 Username : admin
 Password : Uq-4GIt3M
Note that the password is case-sensitive.

7.3.1 Status
7.3.1.1 Software Page
After logging in, the server will present the Software page shown below.
This page displays information about the hardware version, software version, MAC
address, cable modem serial number, CM certificate status, system “up” time, network
registration status and cable modem IP address.
7.3.1.2 Connection Page
This page displays information about the RF upstream and downstream channels,
including downstream channel frequencies, upstream channel IDs, and upstream and
downstream signal power and modulation.
This page also displays IP lease information, including the current IP address of the cable
modem, the duration of both leases, the expiration time of both leases, and the current
system time from the DOCSIS timeserver.
The information on this page can be refreshed at any time by clicking your web browser’s
Refresh button.


7.3.2 Network
7.3.3 7.3.2.1
7.3.47.3.2
7.3.2.1 Setup
서식 있음: 표준, 글머리 기호 또는 번호 없이
Note that communication on the LAN will work regardless of whether the WAN connection
provided by the cable modem is up. However, you will not be able to access the Internet until the
WAN connection is enabled and has an IP address.

7.3.2.2 DHCP
If you have your own DHCP server servicing the LAN side (or choose to “hardcode” all of your PC’s 서식 있음: 글꼴: Book Antiqua
IP addresses), you can disable the internal DHCP server by selecting the No radio button. If you do
this, make sure the IP address assigned to the CMRG is on the same subnet as the external DHCP
server (the subnet mask is always 255.255.255.0), or you won’t be able to access the CMRG from the
LAN. The IP address of the CMRG can be set from the Basic Setup page.
You can also set the starting IP address for IP leases available to the LAN, and change the 서식 있음: 표준, 글머리 기호 또는 번호 없이
number of PCs supported on the LAN. In the case above, addresses 192.168.0.2 through 192.168.0.9
can be used as hard-coded IP addresses with no fear of IP address conflict with the DHCP pool.
Configured WINS server addresses can also be passed to CPEs behind the CMRG via DHCP

7.3.2.3 DHCPv6
7.3.2.4 LAN IPv6

7.3.2.5 DDNS
To activate the DDNS client: 서식 있음: 글꼴: Book Antiqua

1. Go to the DynDNS website and create an account for the Dynamic DNS service. You will create a
username and password, and be asked to choose a host name for your server, and the dynamic DNS
domain to which your host will be assigned. You will also be asked for your host’s current IP address.
This is the WAN IP address that has been assigned to your CMRG during provisioning. (See WAN IP
Address on the Basic / Setup web page.)
2. Enter your account information on the Basic / DDNS web page, enable the service by selecting
www.DynDNS.org from the DDNS Service drop-down list, and click Apply.
3. The DDNS client will notify the DDNS service whenever the WAN IP address changes so that your
chosen host name will be resolved properly by inquiring hosts. The current status of the service is
shown at the bottom of the DDNS web page.
서식 있음: 영어(미국)

7.3.2.6 MESH

7.3.3 Firewall
7.3.3.1 Basic

7.3.3.2 Options

7.3.3.3 URL Filtering
This page allows URL Filtering of outbound connections, restriction access(cnn.com,

google.com etc)
7.3.3.4 IP Filtering

This page allows configuration of IP address filters in order to block internet traffic to
specific network devices on the LAN
7.3.3.5 MAC Filtering

This page allows confuguration of MAC address filters in order to block internet
traffic to specific network devices on the LAN
This feature only applies to Ipv4 traffic 서식 있음: 표준, 글머리 기호 또는 번호 없이
7.3.3.6 Port Filtering

This page allows configuration of port filters in order to block specific internet
services to all devices on the LAN
7.3.3.7 Forwarding
Forwarding allows you to run a publicly accessible server on the LAN by specifying the 서식 있음: 표준, 글머리 기호 또는 번호 없이
mapping of TCP/UDP ports to a local PC. The Forwarding page is shown below.

To specify a mapping, you must enter the range of port numbers that should be forwarded
locally, and the IP address to which traffic to those ports should be sent. If only a single port
specification is desired, enter the same port number in the “start” and “end” locations for that IP
address. A table of commonly used Port numbers is supplied on the page for convenience.
7.3.3.8 Port Triggers

Port Triggers are similar to Port Forwarding except that they are not static ports held open all 서식 있음: 표준, 글머리 기호 또는 번호 없이
the time. When the CMRG detects outgoing data on a specific IP port number set in the “Trigger
Range”, the resulting ports set in the “Target Range” are opened for incoming (or sometimes
referred to as bi-directional ports) data. If no outgoing traffic is detected on the “Trigger Range”
ports for 10 minutes, the “Target Range” ports will close. This is a safer method for opening
specific ports for special applications (e.g. video conferencing programs, interactive gaming, file
transfer in chat programs, etc.) because they are dynamically triggered and not held open
constantly or erroneously left open via the router administrator and exposed for potential hackers
to discover.

7.3.3.9 DMZ Host

DMZ (De-militarized Zone) hosting (also commonly referred to as “Exposed Host”) allows 서식 있음: 표준, 글머리 기호 또는 번호 없이
you to specify the “default” recipient of WAN traffic that NAT is unable to translate to a known
local PC. This can also be described as a computer or small sub-network that sits between the
trusted internal private LAN, and the untrusted public Internet. The DMZ Host page is shown
below.

You may configure one PC to be the DMZ host. This setting is generally used for PC’s using
“problem” applications that use random port numbers and do not function correctly with specific
port triggers or port forwarding setups mentioned earlier. If a specific PC is set as a DMZ Host,
remember to set this back to “0” when finished with the needed application, since this PC will be
effectively exposed to the public Internet, though still protected from Denial of Service (DoS)
attacks via the Firewall.
7.3.3.10 RIP Setup

RIP (Router Information Protocol) is used in WAN networks to identify and use the best 서식 있음: 표준, 글머리 기호 또는 번호 없이
known and quickest route to given destination addresses to help reduce network congestion and
delays.

NOTE: RIP messaging will only be sent upstream when running in Static IP Addressing mode on the Basic – 서식 있음: 글꼴: Book Antiqua
Setup page. You must enable Static IP Addressing and the set the Wan IP network information! RIP is normally
a function that is tightly controlled via the ISP. RIP Authentication Keys and IDs are normally held as secret
information from the end user to prevent unauthorized RIP settings.
RIP is a protocol that requires negotiation from both sides of the network (i.e. CMRG and CMTS). The
ISP would normally set this up because of their knowledge of their CMTS settings to match the
configuration in the CMRG.
To enable the CMRG to perform RIP, do the following (this example uses BRCMV2 as the RIP
Authentication Key and 1 as the Key ID):
1.) To turn on RIP MD5 Authentication, check the “Enable” box.
2.) To specify a RIP MD5 Authentication Key String, type “BRCMV2” for this example.
key name = a string value to match CMTS key name value
3.) To specify a RIP MD5 Auth Key ID, type “1”
key number = a number to match the CMTS key number value 서식 있음: 표준, 글머리 기호 또는 번호 없이
4.) To change the RIP annoucement interval, type in a number in seconds. 서식 있음: 글꼴: Book Antiqua
reporting interval by default = 30 seconds
5.) To specify a RIP unicast destination IP address, enter the IP address and subnet mask.
To enable the CMTS for RIPv2 with MD-5 authentication (Cisco uBR example shown below):
1.) The following steps go through configuring RIPv2 for a Cisco CMTS. The network number used in
this configuration will vary from network to network so use the network number that matches your
set-up.
7223#configure terminal
7223(config)#key chain ubr
7223(config-keychain)#key 1
7223(config-keychain-key)#key-str BRCMV2
7223(config-keychain-key)#exit

7223(config-keychain)#exit
7223(config)#router rip
7223(config-router)#ver 2
7223(config-router)#no validate-update
7223(config-router)#passive-interface cable 2/0
7223(config-router)#network 10.0.0.0
7223(config-router)#exit
7223(config)#inter cable 2/0
7223(config-if)#ip rip receive ver 2
7223(config-if)#ip rip authentication mode md5
7223(config-if)#ip rip authentication key-chain ubr
7223(config-if)#exit
7223(config)#exit
In this example, we have named the key chain ‘ubr’. This was chosen arbitrarily. You can use any
name you like as long as you specify the correct name when specifying which key chain to use for
RIPv2 authentication.
2.) The next step is enable RIP debugging to ensure that the CMTS is receiving and authenticating
messages from the residential gateway.
7223#debug ip rip
RIP protocol debugging is on
7223#term mon
The CMTS is now configured to accept RIPv2 messages. If the CMRG is registered on the CMTS, you
should see messages that are similar to the message below:
00:28:41: RIP: received packet with MD5 authentication
00:28:41: RIP: received v2 update from 10.24.81.148 on Cable2/0
00:28:41: 10.24.81.0/24 via 10.24.81.148 in 1 hops
The CMRG has broadcast that is connected to the network 10.24.81.0/24 through the interface
10.24.81.148. This information is not very useful to the CMTS because it already knows that the
network 10.24.81.0/24 is connected directly to one of its interfaces (Cable2/0). It ignores this message
and doesn’t add any information to the IP routing table. Here is the IP routing table after the CMTS
has received RIPv2 messages:
7223#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 서식 있음: 표준, 글머리 기호 또는 번호 없이
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is 10.24.95.17 to network 0.0.0.0
10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.24.80.0/24 is directly connected, Cable2/0
C 10.24.81.0/24 is directly connected, Cable2/0
C 10.24.95.16/28 is directly connected, FastEthernet0/0
S* 0.0.0.0/0 [1/0] via 10.24.95.17
In the example above, the CMRG was set up to send RIPv2 messages to the CMTS. The CMTS
was also set up to receive these messages
7.3.3.11 ParentalControl

This section describes the Parental Control web GUI in the CableMedea-based CMRG. The
web pages with their associated fields are described along with valid entries for each field. All of
the Parental Control parameters are applied on-the-fly (i.e. without a modem reboot).
7.3.5 The Parental Control - Time of Day Access Filter page ties into the Parental Control -
changed on-the-fly without a reboot of the CableMedea™ Residential Gateway.

7.3.4 2.4GHz
7.3.4.1 Ratio
This page allows configuration of the physical parameters of your wireless network.The MAC
address of the wireless interface is displayed at the top of the page.
Wireless 서식 있음: 글꼴: Book Antiqua

Allows the wireless interface to be enabled and disabled.

802.11 n-mode
Switch this to Off to force the AP to operate in 802.11g mode.
Bandwidth
802.11b/g channels are only 20 MHz wide, but 802.11n channels may be 40 MHz wide. There are
some backward compatibility issues with 40 MHz channels though. These issues are more likely to be
encountered in the 2.4 GHz band where legacy (802.11b/g) devices may be operating using 20 MHz
channels.
Sideband for Control Channel (40 MHz only)
Whether the 20 MHz control channel uses the upper or lower half of the 40 MHz channel. Changes to
this setting may change the control channel setting. For example (in the 2.4 GHz band), if the upper 20
MHz is selected as the sideband for the control channel, then the lowest control channel available
would be channel 5 to allow the lower 20 MHz for data.
Control Channel
Selects the control channel for AP operation. The list of available channels depends on the selected
country as presented in
Table 1. Next to the drop-down list box, the current channel number is displayed.
Table 1. Allowed First Channel Last Channel
Channels by
Country Country
USA 1 11 서식 있음: 글꼴: Book Antiqua
Worldwide, China, 1 13
서식 있음: 글꼴: Book Antiqua
Europe
Japan, Thailand, All 1 14 서식 있음: 글꼴: Book Antiqua
Channels
Israel 5 7 서식 있음: 글꼴: Book Antiqua
Jordan 10 13
OBSS Coexistence 서식 있음: 표준, 글머리 기호 또는 번호 없이

Enable/Disable Overlapping BSS Coexisistence. OBSS coexistence refers to the ability of the 서식 있음: 글꼴: Book Antiqua
AP to support 20 MHz devices within 40 MHz channels. It also allows the AP to better deal with
nearby 20 MHz devices that are interfering with part of its 40 MHz channel. 서식 있음: 표준, 글머리 기호 또는 번호 없이
7.3.4.2 Primary Network


Primary Network 서식 있음: 글꼴: Book Antiqua

Enable or Disable the primary network. Guest networks may still be operational when the primary
network is disabled.
Network Name (SSID)
Sets the Network Name (also known as SSID) of the primary network. This is a 1-32 ASCII 서식 있음: 표준, 글머리 기호 또는 번호 없이
character string.
WPA 서식 있음: 글꼴: Book Antiqua
Wi-Fi Protected Access is a slightly older and less secure algorithm for securing a wireless network.
This is the Enterprise variant that requires configuration of a RADIUS server.
WPA-PSK
The Pre-Shared Key mode of the WPA algorithm which does not require use of a RADIUS server. This
is also known as WPA Personal. WPA and WPA-PSK cannot be used at the same time.
WPA2
An advanced form of WPA that is more secure. This is the Enterprise mode of WPA2 which requires
the use of a RADIUS server. WPA2 and WPA may be used at the same time to provide backward
compatibility with devices that do not support WPA2.
WPA2-PSK
The Pre-Shared Key mode of WPA2, also known as WPA2 Personal. WPA2 and WPA2-PSK cannot be
used at the same time. WPA2-PSK and WPA-PSK may be used at the same time to provide backward
WPA/WPA2 Encryption
When using any of the WPA authentication schemes, AES, or TKIP + AES encryption modes can be
set. AES provides the strongest encryption, while TKIP provides strong encryption with improved
backward compatibility. The TKIP + AES mode allows both TKIP and AES-capable clients to connect.
WPA Pre-Shared Key
Sets the WPA Pre-Shared Key (PSK). This is an 8-63 ASCII character string, or a 64-digit hex number.
Enabled when the Network Authentication method is WPA-PSK or WPA2-PSK.
RADIUS Server
Sets the IP address of the RADIUS server to use for client authentication. The RADIUS server may be
on either the public network (WAN) or private network (LAN). This is only for WPA or WPA2
(Enterprise) modes.
RADIUS Port
Sets the UDP port number of the RADIUS server. The default is 1812.
RADIUS Key
Sets the shared secret for the RADIUS connection. The key is a 0 to 255 character ASCII string.
Group Key Rotation Interval
The rotation interval in seconds indicating how often transmission keys should be rotated. Set to zero
to disable periodic rekeying.
WPA/WPA2 Re-auth Interval
This value indicates how often a station using Enterprise security needs to contact the RADIUS server.
WEP Encryption
Sets the WEP encryption mode. Both 64-bit and 128-bit WEP encryption modes are supported. When
running Shared Key or 802.1x authentication, WEP encryption must be enabled. WEP encryption
cannot be used at the same time as WPA or WPA2.
Network Key 1 thru Network Key 4
When WEP encryption is enabled, sets the static WEP keys. Enter 5 ASCII characters or 10 서식 있음: 표준, 글머리 기호 또는 번호 없이
hexadecimal digits for a 64-bit key. Enter 13 ASCII characters or 26 hexadecimal digits for a 128-bit
key.
Current Network Key 서식 있음: 글꼴: Book Antiqua
When WEP encryption is enabled, selects the encryption (transmit) key.
PassPhrase
Sets the text to use for WEP key generation. 서식 있음: 표준, 글머리 기호 또는 번호 없이

7.3.4.3 Guest Network

The guest network page allows you to configure a secondary guest network on the wireless 서식 있음: 표준, 글머리 기호 또는 번호 없이
interface. This network is isolated from the LAN. Any clients that associate with the guest network
SSID will be isolated from the private LAN and can only communicate with WAN hosts. Most of
the configuration points on the guest network page are identical to those on the Primary Network
page.


7.3.4.4 Advanced
Beacon Interval
Sets the beacon interval in milliseconds for the AP. The default is 100, which is fine for nearly 서식 있음: 표준, 글머리 기호 또는 번호 없이
all applications
DTIM Interval 서식 있음: 글꼴: Book Antiqua
Sets the wakeup interval for clients in power-save mode. When a client is running in power
save mode, lower values provide higher performance but result in decreased client battery life, 서식 있음: 표준, 글머리 기호 또는 번호 없이
while higher values provide lower performance but result in increased client battery life.
Fragmentation Threshold 서식 있음: 글꼴: Book Antiqua
Sets the fragmentation threshold. Packets exceeding this threshold will be fragmented into
packets no larger than the threshold before packet transmission. 서식 있음: 표준, 글머리 기호 또는 번호 없이
RTS Threshold 서식 있음: 글꼴: Book Antiqua
Sets the RTS threshold. Packets exceeding this threshold will cause the AP to perform an
RTS/CTS exchange to reserve the wireless medium before packet transmission.
7.3.4.5 Access Control

This page allows you to control which wireless clients can access your wireless network. It 서식 있음: 표준, 글머리 기호 또는 번호 없이
also provides information about wireless clients connected to your access point

MAC Restrict Mode 서식 있음: 글꼴: Book Antiqua

Selects whether wireless clients with the specified MAC address are allowed or denied wireless access.
To allow all clients, select Disabled.
MAC Addresses
A list of wireless client MAC addresses to allow or deny based on the Restrict Mode setting. 서식 있음: 표준, 글머리 기호 또는 번호 없이
Valid input MAC address formats are XX:XX:XX:XX:XX:XX and XX-XX-XX-XX-XX-XX.
7.3.4.6 WMM
This page allows you to configure WiFi Multi-Media (WMM). WMM is an implementation of 서식 있음: 표준, 글머리 기호 또는 번호 없이
Quality of Service (Qos) which is defined by the IEEE standard 802.11e

WMM Support 서식 있음: 글꼴: Book Antiqua

Sets WMM support. Choices are Auto, On, or Off. If enabled (Auto or On), the WME
Information Element is included in beacon frame. 서식 있음: 표준, 글머리 기호 또는 번호 없이
Power Save Support 서식 있음: 글꼴: Book Antiqua
Sets Power Save support. Choices are On or Off. When Power Save is enabled, the AP queues
packets for STAs that are in power-save mode. Queued packets are transmitted when the STA
notifies AP that it has left power-save mode.
EDCA AP Parameters 서식 있음: 글꼴: Book Antiqua
Specifies the transmit parameters for traffic transmitted from the AP to the STA for the four Access
Categories: Best Effort (AC_BE), Background (AC_BK), Video (AC_VI), and Voice (AC_VO). Transmit
parameters include Contention Window (CWmin and CWmax), Arbitration Inter Frame Spacing
Number (AIFSN), and Transmit Opportunity Limit (TXOP Limit).
There are also two AP-specific settings: Admission Control and Discard Oldest First. Admission
control specifies if admission control is enforced for the Access Categories. Discard Oldest First

specifies the discard policy for the queues. On discards the oldest first; Off discards the newest first.
EDCA STA Parameters
Specifies the transmit parameters for traffic transmitted from the STA to the AP for the four 서식 있음: 표준, 글머리 기호 또는 번호 없이
Access Categories: Best Effort (AC_BE), Background (AC_BK), Video (AC_VI), and Voice
(AC_VO). Transmit parameters include Contention Window (CWmin and CWmax), Arbitration
Inter Frame Spacing Number (AIFSN), and Transmit Opportunity Limit (TXOP Limit).
7.3.4.7 MediaWMM
Airtime Fairness Used to configure the scheduler to provide fairness between

11n/11ac clients and aggregated/non-aggregated traffic
Band Steering is intended to steer clients to connect to the 5GHz radio instead of the
2.4GHz on AP
7.3.4.8 Status

7.3.6
7.3.5 5GHz
7.3.5.1 Ratio

This page allows configuration of the physical parameters of your wireless network.The MAC
address of the wireless interface is displayed at the top of the page.
Wireless
Allows the wireless interface to be enabled and disabled.

802.11 n-mode
Bandwidth
channels.
this setting may change the control channel setting. For example (in the 2.4 GHz band), if the upper
20 MHz is selected as the sideband for the control channel, then the lowest control channel available
Control Channel
Channels by
Country Country
USA 1 11
Europe
Japan, Thailand, All 1 14
Channels
Israel 5 7
Jordan 10 13
OBSS Coexistence
Enable/Disable Overlapping BSS Coexisistence. OBSS coexistence refers to the ability of the AP to
support 20 MHz devices within 40 MHz channels. It also allows the AP to better deal with nearby
20 MHz devices that are interfering with part of its 40 MHz channel.
서식 있음: 노르웨이어(복말)
서식 있음: 영어(미국)

Primary Network
7.3.5.2 서식 있음: 글꼴: 11 pt
Primary Network
Enable or Disable the primary network. Guest networks may still be operational when the primary
network is disabled.
Network Name (SSID)
Sets the Network Name (also known as SSID) of the primary network. This is a 1-32 ASCII
character string.

WPA
Wi-Fi Protected Access is a slightly older and less secure algorithm for securing a wireless network.
This is the Enterprise variant that requires configuration of a RADIUS server.
WPA-PSK
The Pre-Shared Key mode of the WPA algorithm which does not require use of a RADIUS server.
This is also known as WPA Personal. WPA and WPA-PSK cannot be used at the same time.
WPA2
An advanced form of WPA that is more secure. This is the Enterprise mode of WPA2 which requires
the use of a RADIUS server. WPA2 and WPA may be used at the same time to provide backward
WPA2-PSK
The Pre-Shared Key mode of WPA2, also known as WPA2 Personal. WPA2 and WPA2-PSK cannot
be used at the same time. WPA2-PSK and WPA-PSK may be used at the same time to provide
backward compatibility with devices that do not support WPA2.
WPA/WPA2 Encryption
When using any of the WPA authentication schemes, AES, or TKIP + AES encryption modes can be
set. AES provides the strongest encryption, while TKIP provides strong encryption with improved
backward compatibility. The TKIP + AES mode allows both TKIP and AES-capable clients to connect.
WPA Pre-Shared Key
Sets the WPA Pre-Shared Key (PSK). This is an 8-63 ASCII character string, or a 64-digit hex
number. Enabled when the Network Authentication method is WPA-PSK or WPA2-PSK.
RADIUS Server
Sets the IP address of the RADIUS server to use for client authentication. The RADIUS server may be
on either the public network (WAN) or private network (LAN). This is only for WPA or WPA2
(Enterprise) modes.
RADIUS Port
Sets the UDP port number of the RADIUS server. The default is 1812.
RADIUS Key
Sets the shared secret for the RADIUS connection. The key is a 0 to 255 character ASCII string.
Group Key Rotation Interval
The rotation interval in seconds indicating how often transmission keys should be rotated. Set to zero
to disable periodic rekeying.
WPA/WPA2 Re-auth Interval
This value indicates how often a station using Enterprise security needs to contact the RADIUS
server.
WEP Encryption
Sets the WEP encryption mode. Both 64-bit and 128-bit WEP encryption modes are supported. When
running Shared Key or 802.1x authentication, WEP encryption must be enabled. WEP encryption
cannot be used at the same time as WPA or WPA2.
Network Key 1 thru Network Key 4
When WEP encryption is enabled, sets the static WEP keys. Enter 5 ASCII characters or 10
hexadecimal digits for a 64-bit key. Enter 13 ASCII characters or 26 hexadecimal digits for a 128-bit
key.
Current Network Key
When WEP encryption is enabled, selects the encryption (transmit) key.
PassPhrase
Sets the text to use for WEP key generation.

802.11 n-mode
Bandwidth
channels.
this setting may change the control channel setting. For example (in the 2.4 GHz band), if the upper
20 MHz is selected as the sideband for the control channel, then the lowest control channel available
Control Channel
Channels by
Country Country
USA 1 11
Europe
Japan, Thailand, All 1 14
Channels
Israel 5 7
Jordan 10 13
OBSS Coexistence
Enable/Disable Overlapping BSS Coexisistence. OBSS coexistence refers to the ability of the AP to
support 20 MHz devices within 40 MHz channels. It also allows the AP to better deal with nearby
20 MHz devices that are interfering with part of its 40 MHz channel.
7.3.5.3 Guest Network

The guest network page allows you to configure a secondary guest network on the wireless 서식 있음: 표준, 글머리 기호 또는 번호 없이
interface. This network is isolated from the LAN. Any clients that associate with the guest network
SSID will be isolated from the private LAN and can only communicate with WAN hosts. Most of
the configuration points on the guest network page are identical to those on the Primary Network
page.


7.3.5.4 Advanced
7.3.5.5 Access Control
This page allows you to control which wireless clients can access your wireless network. It also
provides information about wireless clients connected to your access point

7.3.5.6 WMM
This page allows you to configure WiFi Multi-Media (WMM). WMM is an implementation of
Quality of Service (Qos) which is defined by the IEEE standard 802.11e

7.3.5.7 Media

Airtime Fairness Used to configure the scheduler to provide fairness between 11n/11ac
clients and aggregated/non-aggregated traffic
Band Steering is intended to steer clients to connect to the 5GHz radio instead of the
2.4GHz on AP
7.3.5.8 Status

7.3.7
7.3.87.3.6 Mta
7.3.97.3.7 Management
7.3.9.17.3.7.1 Local Log page
The Local Log can send firewall attack reports out in two different ways. Individual
emails can be sent out automatically, each time the firewall is under attack, and also a
local log is stored within the modem and displayed in table form on the Local Log page.
To enable the automatic email alerts, enter your email address in the space provided,
enter that email account’s associated SMTP (Outgoing) mail server address and
authentication credentials if required (provided by your ISP), check the “enable” box and
click the Apply button. Individual emails will now be sent to the specified address each
time an attack is detected. Each attack is also logged in the table on the Event Log page.
If desired, a summary of the Event Log Table can be sent to the specified contact email
address by clicking on the Email Log button. Clicking on the Clear Log button can
also clear the table.
7.3.9.27.3.7.2 Remote Log page
The Remote Log page allows you to specify the IP address where a SysLog server is
located and select different types of firewall events that may occur. Then, each time such
an event occurs, notification is automatically sent to this log server.

Individual attack or configuration items can be selected that will be sent to the SysLog
server such that only the items of interest can be monitored. Permitted connections,
blocked connections, known Internet attack types, and CG2200 configuration events can
be logged. The SysLog server must be on the same network as the Private LAN behind
the CG2200 (typically 192.168.10.x).
To activate the SysLog monitoring feature, check all desired event types to monitor and
enter the last byte of the IP address of the SysLog server. Normally, the IP address of this
SysLog server would be hard-coded so that the address will not change and always
agrees with the entry on this page.
Below is a complete list of the capable SysLog server attack/notification types and their
format. The generic format of sysLog messages for traffic or administration-related
events is:
MMM DD HH:MM:SS YYYY SYSLOG[0]: [Host HostIP] Protocol SourceIP,SourcePort -->

DestIP,DestPort EventText
Where:
 MMM is the three-letter abbreviation for the month (e.g., JUN, JUL AUG,
etc.)
 DD is the two-digit day of the month (e.g., 01, 02, 03, etc.)
 HH:MM:SS is the time displayed as two-digit values for the hour, minute,
and second, respectively
 YYYY is the four-digit year
 HostIP is the IP address of RGCM sending the SysLog event. This is the
LAN IP Address on the Basic:Setup web page.
 Protocol is one of the following: “TCP”, “UDP”, “ICMP”, “IGMP”, or
“OTHER”. In the case of “OTHER” the protocol type is displayed in
parentheses (). For ICMP packets, the ICMP type is displayed in
parentheses.
 SourceIP is the IP address of the originator of the session/packet.
 SourcePort is the source port at the originator.
 DestIP is the IP address of the recipient of the session/packet.

 DestPort is the destination port at the recipient.

 EventText is a textual description of the event.
The format of SysLog messages for informational events is simplified:
MMM DD HH:MM:SS YYYY SYSLOG[0]: [Host HostIP] EventText
The table below lists all events that can be sent to the SysLog server.
Event Text Meaning

ALLOW: Inbound access An inbound request was made, and accepted, from a public
request network client to use a service hosted on the firewall or a client
behind the firewall.
ALLOW: Outbound access An outbound request was made, and accepted, from a private
request client to use a service hosted on a public network server.
DENY: Inbound or A request to traverse the firewall by a public or private client
outbound access request violated the security policy, and was blocked.
DENY: Firewall interface A request was made to the public or private firewall interface by a
access request public or private client that violated the security policy, and was
blocked.
FAILURE: User interface An attempt was made to login to the user interface, and access was
login (Invalid username or denied because the username and/or password was incorrect.
password)
SUCCESS: User interface An attempt was made to login to the user interface, and access was
login allowed.
ALLOW: User interface An HTTP GET or POST request was made by an authenticated
access [request] user to the user interface.
DENY: Inbound or A known internet attack was detected attempting to traverse the
outbound [internet attack firewall, and was blocked. Examples of known internet attacks are
name] attack Ping Of Death, Teardrop, WinNuke, XmasTree, SYN Flood, etc.
DENY: Firewall interface A known internet attack directed at the firewall itself was detected
[internet attack name] and blocked. Examples of known internet attacks are Ping Of
attack Death, Teardrop, WinNuke, XmasTree, SYN Flood, etc.
Firewall Up The public interface (WAN) connection is up, and the firewall has
begun to police traffic, or the firewall was previously disabled, and
the user has enabled it through the user interface.
Remote config Remote configuration management (via HTTP through the
management enabled specified port # on the public interface) has been enabled via the
[port#] user interface.
Remote config Remote configuration management has been disabled via the user
management disabled interface.
Time Of Day established The system established the current system time via the DOCSIS
cable modem registration process. The system time is used by the
firewall to timestamp events.
Public Network Interface The firewall successfully obtained an IP address for the public
up (IP address x.x.x.x) network (WAN) interface via DHCP. This process takes place
after the cable modem registration process successfully completes.
7.3.9.37.3.7.3 Diagnostics page.
Connectivity troubleshooting can be accessed by viewing the Diagnostics page, shown

below. Two utilities are provided for troubleshooting network connectivity: Ping and
Traceroute.

Ping allows you to check connectivity between the CG2200 and devices on the LAN.
Traceroute allows you to map the network path from the CG2200 to a public host.
Selecting Traceroute from the drop-down Utility list will present alternate controls for the
traceroute utility:

To run either utility, make any changes to the default parameters and select Start Test
to begin. The window will automatically be refreshed as the results are displayed in the
Results table.
7.3.9.47.3.7.4 Event Log page
This page shows logs of network and device events that may be of interest in fault
isolation and troubleshooting.

7.3.9.57.3.7.5 Security page
In rare cases, it may be necessary to restore the CG2200 to factory default settings. This
can be done from the Security Page, which can be accessed from the Status Menu. The
Security page is shown below.
To restore factory defaults, select the Yes radio button and click Apply. This will cause
the device to reset. The factory default password is “kaon” and is case sensitive.
Note that you can also change the security password from this page by entering a new
password in both the New Password and Re-Enter New Password fields, and the
current password in the Current User ID Password field. Clicking Apply will
change the password. You do NOT have to restore factory defaults to change the
password.
7.3.9.67.3.7.6 Backup page
You may save the current CG2200 configuration settings to a local PC. Then you can
restore these settings later if you need restore a particular configuration, or to recover
from changes you may have made that have had an undesirable effect.
The Backup web page is shown below.

To back up the current configuration, click Backup and follow the prompts.
To restore a previous configuration, click Browse and use the navigation window to
locate the file. Once the file has been located, click Restore to restore the settings. Note
that once the settings are restored, the device will reboot.
Spectrum Analyzer
The Spectrum Analyzer is divided into four sections : Graph, Main Control, Settings, and
Status Monitor.
GRAPH : This section contains the main spectrum analyzer plot.
HIDE/VIEW button : Hides the main control and settings (when visible) to the side to
expand the graph to full width, or unhides the main control and settings (when hidden).
MAIN CONTROL : This section contains the main buttons to start/stop the spectrum
analyzer and reset the settings back to its defaults.
 PRESET button : Resets all the settings back to its default values.

 HOLD button : Stops the spectrum analyzer from running.

 RUN button : Starts the spectrum analyzer.
SETTINGS : This section contains all the supported settings for adjusting the plot or
enabling features.
 FREQUENCY : Specifies the frequency (center, start, or stop) to monitor in terms
of Hz.
 SPAN : Specifies how wide of a span to view in terms of Hz.
 AMPLITUDE : Sets the reference level (offset) of the input signal.
 BW : Bandwidth
 MEASUREMENTS
 STATUS MONITOR : This section contains all the fields for supported
measurements and current settings.
 CENTER
 SPAN
 REFERENCE LEVEL
 VID AVG : Enable/Disable video averaging
 CHANNEL POWER : Specifies the span of the channel relative to the center
frequency to measure power over.
※ Spectrum Analyzer is supported Safari/Chrome and IE10 not for Firefox

8. Exterior Design
Compact design and versatile orientation to stand vertically on a desk, or mount easily to
a wall and Color-coded interface ports and corresponding cables to simplify installation
- Dimension : 235x190x65mm

KAON - CG2200 - eMTA Technical Manual v1.4

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

KAON - CG2200 - eMTA Technical Manual v1.4

Încărcat de

Drepturi de autor:

Formate disponibile

Technical User Manual :

KAON_CG2200_eMTA Technical User Manual v1.4.docxKAON_CG2200 eMTA

Document Type Product Specification

System DOCSIS 3.0 24x8 Cable Voice Residential Gateway

Product Line Claro Colombia

Project Number CG2200

KAON_CG2200_eMTA Technical User Manual

Department Author Date

Revision Release v1.0 Sept 29, 2016

Claro Colombia Kaon

Confidential & Proprietary Copyright © Kaonmedia Page 1 of 75

TABLE OF CONTENTS ................................................................................................................................................. 2

2. GENERAL SPECIFICATION ............................................................................................................... 6

PHYSICAL SPEC ....................................................................................................................................................... 6

3. CABLE MODEM ................................................................................................................................ 12

7. DEVICE MANAGEMENT ................................................................................................................. 25

Confidential & Proprietary Copyright © Kaonmedia Page 2 of 75

7.3.1.2 CONNECTION PAGE ....................................................................................................................................... 27

8. EXTERIOR DESIGN ..................................................................................................................... 7537

Confidential & Proprietary Copyright © Kaonmedia Page 3 of 75

The CG2200 (Wireless Residential Gateway) is a high-performance home gateway that is

 High performance broadband internet connectivity to maximize your on-line

 2 or 4 (optional) 10/100/1000BASE-T Ethernet ports to provide wired

Confidential & Proprietary Copyright © Kaonmedia Page 4 of 75

 For easy checking, DOCSIS-compliant LED labeling and indicating provides a

 Advanced firewall technology based applications to protect the Private LAN

 Compact design and versatile orientation to stand vertically on a desk, or mount

 Allows automatic software upgrades by service operator

 For Lower Operating Expense Decrease TCO(Total Cost of Ownership) supports

Confidential & Proprietary Copyright © Kaonmedia Page 5 of 75

 Four dedicated hardware assist engines

 Complete set of peripheral interface

Confidential & Proprietary Copyright © Kaonmedia Page 6 of 75

. On(Amber) - 10/100 Link, Blinking - Activity

US Blinking Off Off Blinking On On On On On On On

ONLINE Blinking Off Off Off Off Blinking On On On On On

Cable Interface F-Connector, female 75 Ω

Confidential & Proprietary Copyright © Kaonmedia Page 7 of 75

Confidential & Proprietary Copyright © Kaonmedia Page 8 of 75

Confidential & Proprietary Copyright © Kaonmedia Page 9 of 75

TEL 1~2 RJ11 Telephone ports to connect your phone or fax

LAN 1~4 RJ45 Ethernetports to connect your PC or home network devices

RESET Pin-hole for factory reset

CABLE IN Connects the coaxial cable for cable internet service

12V IN Connects the unit to DC 12V power

Confidential & Proprietary Copyright © Kaonmedia Page 10 of 75

Confidential & Proprietary Copyright © Kaonmedia Page 11 of 75

Confidential & Proprietary Copyright © Kaonmedia Page 12 of 75

16 QAM 0.64 ~ 20.48 Mbps

 Smart quick scanning

Confidential & Proprietary Copyright © Kaonmedia Page 13 of 75

Gateway DHCP client/server

Confidential & Proprietary Copyright © Kaonmedia Page 14 of 75

Domain name blocking

Confidential & Proprietary Copyright © Kaonmedia Page 15 of 75

State-of-the-art security is implmemented by industry standardized system support for

 Auto channel Change

 Intelligent Airtime Scheduling

 Guaranteed QoS and QoE

 Traffic shaping based on needed application bandwidth

 Customization for setting Device priorities

Confidential & Proprietary Copyright © Kaonmedia Page 16 of 75

- Netflix on HDTV gets more BW than Netflix on iPad