RedPort WXA-153 User manual
Optimizer Voice
Advanced User's Guide
for Installers/Network Administrators
RedPort Router:
wXa-153 (Optimizer Voice)
Page 2of 131
Table of Contents
1.0 About this guide . . . . . . . . . 07
2.0 Introduction to RedPort Optimizer Crew . . . . . 08
2.1 Key Features . . . . . . . . . 08
2.2 Services Included . . . . . . . . 09
2.3 Premium Services Available . . . . . . . 09
3.0 Important Things to Know Before Getting Started. . . . . 10
3.1 More Than Just a Router . . . . . . . 10
3.2 Designed Use of the Optimizer Voice . . . . . 10
3.2.1 Single User Environment . . . . . . 10
3.2.2 Multi-User Environment. . . . . . . 11
3.3 How It Works At First Launch (out of the box) . . . . 11
3.4How Data Flows Through the Router . .. . . . 12
3.4.1 Default Configuration . . . . . . . 12
3.4.2 Captive Portal Disabled. . . . . . . 13
3.4.3 Captive Portal Enabled . . . . . . . 15
3.5 Navigating the User Interface . . .. . . . 16
4.0 Getting Started -User Interface Access . . . . . 17
4.1 Access the Home Page . . . . . . . 17
4.1.1 Onsite Administrator Login (Admin). . . . . . 18
4.1.2 Installer/Technician Login (Superadmin) . . . . 18
4.2 How to Use with Default Setup . . . . . . 21
4.2.1 Email and Web Browsing . . . . . . 21
4.2.2 Voice Calls . . . . . . . . 22
4.2.3 SMS Messaging. . . . . . . . 22
Page 3of 131
5.0 Services . . . . . . . . . . 23
5.1 Crew Internet Services (Captive Portal) . . . . . 23
5.1.1 Captive Portal Settings . . . . . . . 24
5.1.1.1 General Settings . . . . . . 24
5.1.1.2 Advanced Settings . . . . . . 25
5.1.1.3 Allowed Hosts. . . . . . . 26
5.1.1.4 WPAD . . . . . . . 27
5.1.2 Allowing Individuals Access to the Internet . . . . 28
5.1.2.1 Users with Username and Password. . . . 28
5.1.2.2 Pass-Through MAC . . . . . . 29
5.1.2.3 PIN-Codes . . . . . . . 30
5.1.3 CDRs (Call Data Records) . . . . . . 31
5.1.4 Tools . . . . . . . . . 32
5.1.4.1 Admin Password . . . . . . 32
5.1.4.2 Reset Database to Factory Defaults . . . . 32
5.1.4.3 Purge Expired PIN-Codes . . . . . 33
5.1.4.4 Purge Unused PIN-Codes . . . . . 33
5.1.4.5 Manage PIN-Codes . . . . . . 33
5.2 Web Compression and Filtering . . . . . . 35
5.2.1 Settings . . . . . . . . . 35
5.2.1.1 Compression . . . . . . . 35
5.2.1.2 General Settings . . . . . . 37
5.2.1.3 Advanced Settings . . . . . . 38
5.2.2 Filters . . . . . . . . . 40
5.2.3 Log . . . . . . . . . 42
5.2.4 Help . . . . . . . . . 42
5.3 RedPort Email . . . . . . . . 43
5.3.1 Enable and Configure RedPort Email . . . . . 44
5.3.2 Primary Accounts . . . . . . . 46
Page 4of 131
5.4SMS Messaging . . . . . . . . 47
5.4.1 SMS Settings . . . . . . . . 47
5.4.2 Configure SIP Extensions to Receive SMS . . . . 48
5.4.3 How to Send/Receive SMS Messages . . . . . 49
5.4.4 SMS Management . . . . . . . 50
5.5GPS Tracking . . . . . . . . . 51
5.5.1 Tracking Powered by RedPort with GSatTrack. . . . 51
5.5.2 Tracking via SMS . . . . . . . 53
5.6 WiFi Extender. . . . . . . . . 54
5.7GPS/NMEA Repeater. . . . . . . . 55
5.7.1 Equipment Setup . . . . . . . 56
5.7.1.1 Broadband Satellite Terminal with Integrated GPS . . 56
5.7.1.2 Handheld Satellite Phone with Integrated GPS . . 57
5.7.1.3 USB NMEA Device . . . . . . 58
5.7.1.4 RS-232 NMEA Device . . . . . 59
5.7.1.5 Connecting Multiple NMEA Devices . . . . 60
5.7.2 GPS/NMEA Repeater Parameters Configuration . . . 61
5.8 VOICE PBX . . . . . . . . . 63
5.8.1 Setup Extensions . .. . . . . . 64
5.8.1.1 How to Make Receive Voice Calls .. . . . 65
5.8.2 CDR (Call Data Records) . . . . . . 66
5.8.3 Logs . . . . . . . . . 67
5.8.4 Multi-VoIP Activation . . . . . . . 68
5.8.5 Sailor FBB . . . . . . . . 70
Page 5of 131
5.9PPP . . . . . . . . . . 71
5.9.1 PPP Configuration for Use w/USB Connected Satellite Device . 72
5.9.2 Signal Monitor . . . . . . . . 73
5.9.3 GSM . . . . . . . . . 74
5.9.3.1 GSM Configuration in Optimizer . . . . 74
5.9.3.2 Using GSM . . . . . . . 77
5.9.3.3 Changing from GSM Service to Satellite Service . . 78
6.0 Status . . . . . . . . . . 79
7.0 System . . . . . . . . . . 80
7.1 Change Router Password . . . . . . . 80
7.2 Profiles . . . . . . . . . 81
7.2.1 Add a Profile . . . . . . . . 81
7.2.2 Change to Another Saved Profile . . . . . 82
7.2.3 Export a Profile . . . . . . . . 83
7.2.4 Import a Profile . . . . . . . . 84
7.3 Backup/Flash Firmware . . . . . . . 85
7.4 Reboot . . . . . . . . . 86
8.0 Network . . . . . . . . . . 87
8.1 Rename the Wireless Network . . . . . . 87
8.2 Restrict Wireless Network Access . . . . . . 89
8.3 Firewall . . . . . . . . . 91
8.4 Diagnostics . . . . . . . . . 95
9.0 Statistics . . . . . . . . . . 96
Appendix A - RedPort Optimizer Crew Installation Guide . . . . 98
Appendix B - Installation Checklist for Installers . . . . . 116
Appendix C - IsatHub iSavi Addendum . . . . . . 117
Appendix D - Table of Login Access. . . . . . . 130
Page 6of 131
Revision History
Date
Revision
Author
July 15, 2015
Initial Release
D. Brickhouse
Page 7of 131
1.0 About this Guide
This guide is intended for installers and network administrators of the RedPort Optimizer Voice
wXa-153 routers. It features only those sections of the user interface that require configuration
for a specific service or may need to be accessed to perform a specific function.
During normal daily operation, there is no need to access the full user interface that you see
here. A separate document is designed for use by the onsite administrator that includes the
login to the Home Page for access to the common tasks that will be used locally: generate
PIN-Codes, create users, and look at call data records for the Captive Portal, create and
manage crew email accounts, etc. See the Optimizer Crew Basic User Guide for details.
For information regarding the installation of the hardware, please see the RedPort Optimizer
Voice QuickStart Guide in Appendix A of this document.
wXa refers to the webXaccelerator by RedPort, a trademark of Global Marine Networks, LLC.
Page 8of 131
2.0 Introduction to Optimizer Voice
Global Marine Networks (GMN), the leaders in advancing satellite data speeds and services,
helps Fixed and Mobile Satellite Services providers and their customers by offering the
industry’s fastest, most reliable and easy-to-use email, web, VoIP and other hardware and
software services to maritime, oil and gas, first responder and business continuity users. The
company’s products include XGate high-speed satellite email, WeatherNet weather and
oceanographic data software, and vessel tracking systems.
Ship to shore network management solutions are sold by GMN under the RedPort Global
brand name at www.redportglobal.com and as white-label solutions for the world’s premier
satellite data service service providers.
Optimizer Voice is a satellite WiFi router that provides all you need for multi-person networking
on most satellite broadband installations and lets you easily share and control access to your
satellite broadband data service via its WiFi or Ethernet network. It is more than just a router; it
has some enhanced proxy services plus some basic routing capabilities. It also has voice
capability, smartphones to use your satellite link for telephone calls and sms messaging. With
the optional RedPort VoIP service up to four people can be on calls or messaging
simultaneously.
2.1 Key Features
Designed specifically for use with satellite broadband terminals:
•Compatible with virtually any IP-based satellite broadband terminal.
•Replaces a standard router that is typically added to any satellite broadband
installation.
•Powerful firewall accommodates virtually any common installation scenario, with
features including block or allow any range of port, IP address and protocols.
•Proxy Server enables HTTP filtering: whitelist/blacklist of URL’s, domains, and
rudimentary content filtering.
•Logging/Reporting to keep track of usage.
•Wi-Fi hotspot makes setup and use easy for crew with compatible computers and
tablets.
•Supports Captive Portal Service for Crew Internet Access
•Supports RedPort Email Service
•Supports Shared Web Compression
•GSM Compatibility with optional GSM modem and your own SIM card.
•GPS NMEA Repeater reads the built-in GPS in any satellite broadband terminal and
rebroadcasts via WiFi.
•Supports voice calling and SMS messages using smartphones connected to the local
network.
Page 9of 131
2.2Services Included
The following services are included:
•Captive Portal for Crew Internet Access – generate PIN codes that can be given away
or sold to crew and/or passengers to control web access. See Chapter 5.1.
•GPS NMEA Repeater –allows other devices onboard/on-site to read your GPS
location. For example, a navigation program running on an iPad could be used on your
boat, or you could get weather information tailored to your location. See Chapter 5.7.
•SMS Messaging -allows smartphones to send sms messages to others on the local
area network for free, or over the satellite link at stardard satellite airtime rates.
Requires a supported satellite terminal. See Chapter 5.4.
•Voice PBX -allows smartphones to send/receive calls to others on the local area
network for free, or over the satellite link at standard satellite airtime rates. Requires a
supported satellite terminal. See Chapter 5.8.
2.3 Premium Services Available
The following additional services are available. Contact your RedPort dealer to purchase.
RedPort Email –is a multi-user satellite email service. Crew and/or passengers can access
their RedPort Email account via smartphones, tablets or computers. See the RedPort Email
Administrator’s Guide for more information about this service. See Chapter 5.3 and the
RedPort Email Administrator’s Guide for more information.
Shared Web Compression –routes all web traffic through a proxy service that works with an
onshore server to deliver 3-5 times average web compression, along with virus detection and
ad blocking. See Chapter 5.2 and the RedPort Optimizer Voice QuickStart Guide for more
information.
GPS Tracking - Using a GPS-enabled device, submit position reports to a central database for
viewing on the tracking website. See Chapter 5.5.
RedPort VoIP Service - Transform your satellite device into a multi-user unit. Up to four users
can send/receive phone calls and/or SMS (text) messages simultaneously. Experience
significant price reduction in outbound calls when using VoIP in lieu of standard satellite airtime
rates. Requires a supported satellite terminal. See Chapter 5.8.
Page 10 of 131
3.0 Important Things to Know Before Getting
Started
3.1 More Than Just a Router
The Optimizer Voice is more than just a router. It has some enhanced proxy services in
addition to basic routing capabilities. There are three major data components:
1. Captive Portal -when enabled, it blocks access to the Internet without
authentication. Authentication can be via username and password or Pin-Code or Mac address
of a specific PC. The Captive Portal is disabled by default.
2. Proxy Server(s) - when Transparent proxy is enabled, all traffic on port 80 (http port)
is redirected through the internal proxy server. This allows URL and DNS filtering (whitelist and
blacklist sites), some content filtering (i.e. remove flash video) and you can turn on http logging
to see what URLs are being accessed by the users. You also have the option to communicate
upstream to a compression proxy server.
3. Firewall -A full-featured firewall is included. Block or allow IP address/ranges, port
ranges, different protocols. Rules can be applied to any path in and out of the router.
3.2Designed Use of the Optimizer Voice
This router is suitable for two distinctly different audiences:
3.2.1 Single User Environment
For the single user that wants the convenience of BYOD (bring your own device) for email, web
browsing, SMS and phone calls. All that is required is a RedPort-certified compression email
account like XGate and/or compression web-browsing service like XWeb. By adding the XGate
Phone app,a smartphone can be used to place and receive voice calls and/or SMS messages
over the satellite network. With the optional RedPort VoIP service, the costs of those voice
calls can be kept to a minimum.
Page 11 of 131
3.2.2 Multi-User Environment
This is a single-user router that can be configured for use in a multi-user environment. The idea
is that you, as the installer or network administrator, will configure the router, using these
guidelines, before installing it at its ultimate destination.
Once installed, the onsite administrator will log in and land on the Home page. The Home page
has the common tasks that will be used locally: generate PIN-Codes, create users, look at call
data records for the Captive Portal, create and manage crew email accounts, etc.
The onsite administrator does not have access to the full user interface and therefore does not
have the ability to re-configure the router. There is a separate user guide for the onsite
administrator: Optimizer Crew Basic User Guide.
3.3How It Works At First Launch (Out Of The Box)
We ship the router ready for use with a RedPort-certified compression email and/or web
browsing account; Voice and SMS are enabled for use with compatible satellite devices.
This default setup allows anyone with a RedPort-certified email or web account (with a Primary
Account username and password) to use the router, as is,to send and receive email and to
browse the Internet. With a compatible satellite device, voice calls and sms messages can
pass using standard satellite airtime.
This out-of-the-box configuration works well for single broadband users. This configuration is
also suitable for the multi-user environment where each person has a separate primary email
and/or web browsing account.
While you have the benefit of email and web compression on each primary account, all users
have unlimited access to the Internet. If you are in a multi-user environment and want to
control access to the Internet, we recommend enabling the Captive Portal for crew Internet
access (see Section 5.1). For savings on Voice calls consider RedPort VoIP service (see
Section 5.8). You may realize further savings by enabling shared web compression (see
Section 5.2). See Section 3.4, How Data Flows Through the Router to determine the
customization requiredto best meet your needs.
Best Practice is to have a knowledgeable technician (someone who knows about proxy servers
and routers) go through and generate a custom configuration, enable the firewall to block
unwanted traffic, configure the internal proxy server to tune things, and enable the upstream
proxy so for the benefit and cost savings of compression. In a fleet environment, this custom
configuration can be recorded and used on other Optimizer Voice routers within the
organization.
Page 12 of 131
3.4 How Data Flows Through the Router
It is important to understand how data flows through the router so you can customize your
configuration.
3.4.1 Default Configuration
The default configuration is:
Captive Portal (Crew Internet Access) - disabled
Internal Transparent Proxy for http URL and content filtering - disabled
Web Compression -disabled
Firewall - closed, allows Internet access only via RedPort-certified email or web account
DNS - closed
RedPort Email -disabled
SMS - enabled, for compatible satellite devices
GPS Tracking -disabled
Voice Capability -enabled, for compatible satellite devices
RedPort VoIP -disabled
In its default state, without any modifications, one
primary account holder at-a-time can connect to
send/receive email or web browse using a RedPort-
certified email service like XGate or web browsing
service like XWeb.
All email requests go directly to the upstream email
server. The mail is downloaded to the end-users
computer/device and then the mail is purged from the
server. Limited mail filtering is possible thru the
RedPort-certified email service program.
All web browsing requests go directly to the upstream
compression server. Compressed webpages are
returned to the end-user,whenever compression is
possible. The end-user can set the compression level
thru the RedPort-certified web service program. However, it is not possible to create any filters
for content, to whitelist or blacklists hosts or URLs, or to designate sites to bypass content
filters. Nor is it possible to set limits on usage.
The default state is designed for the single user that uses services like XGate and XWeb for
email and web browsing and use the XGate Phone app on their smartphone for making voice
calls.
See below for how to use the router for web browsing without XWeb service.
Page 13 of 131
3.4.2Captive Portal (Crew Internet Access) Disabled
In order to use the router for web browsing without XWeb service, you must first
modify the firewall to allow traffic. See Section 8.3 for details.
With the firewall open
and both the Captive
Portal and Transparent
Proxy disabled by
default, any user on
the local network can
browse the web
without restrictions,
limits, or, compression.
All traffic goes straight
to the Internet without
any filtering.
If you ENABLE
Transparent Proxy you
can apply some
filtering of content and
whitelist or blacklist
domains and URLs.
With Transparent
Proxy ENABLED, data
can then take one of
three paths:
1. Non-http traffic
bypasses the internal
proxy server and goes
straight to the Internet:
https, dns lookups, ftp,
ping, scp, etc. Since
the firewall rules are totally open there is nothing blocking full access to the Internet. You can
limit a user's access by Enabling the Captive Portal. See Chapter 5.1.2 for details.
2. Traffic to a Whitelisted Host (See Section 5.2.2), including http, goes straight to the Internet,
bypassing the internal proxy server. If you whitelist a webserver, that traffic goes straight to the
Internet, bypassing the internal proxy server, so there is no filtering. Typically you would not
want to whitelist a webserver; however, you may want to whitelist a mail server, or a vpn. See
Chapter 5.1.1.3 for details.
Page 14 of 131
3. All http traffic (on port 80) that is not Whitelisted, and only http traffic (not https or secure
traffic) is intercepted and redirected to the internal proxy server (Transparent Proxy). The
internal proxy server does URL blocking and domain blocking. Also, the internal proxy server
can speak to an upstream proxy server to provide compression (premium service--fees apply).
Traffic through the internal proxy server can take one of several paths, dependent upon
whether or not compression is enabled.
•If compression is DISABLED, http traffic goes straight to the Internet.
•If compression is ENABLED:
oall http traffic goes to the upstream compression proxy server and returns a
compressed page. Ads are stripped out, text is compressed, images are
resampled and more. On average, you will experience 3-5x compression on http
traffic, thereby increasing the speed of your connection and your effective per
Mb cost of your connection.
oWhitelisted Hosts or URLs bypass the upstream compression proxy server and
go straight to the Internet, bypassing compression.
•Blacklisted Hosts or URLs have no Internet access, regardless of compression status.
See Chapter 5.2.2 for details.
Page 15 of 131
3.4.3 Captive Portal (Crew Internet Access) Enabled
When you ENABLE the Captive Portal (Crew Internet Access), the firewall is automatically
modified to allow data traffic through the router and users must 'authenticate' in order to
access the Internet. You have several methods available for conrolling user access to the
Internet: you can whitelist and/or blacklist hosts and urls; you can modify the firewall and you
can require the use of PIN-Codes. When generating PIN-Codes you can set the amount of data
the user can download, you can limit access to certain hours of the day, and you can limit the
speed of their connection.
Once a user logs in to
the Captive Portal,
data can take one of
three paths:
1. Non-http traffic goes
straight to the Internet:
https, dns lookups, ftp,
ping, scp, etc. The
firewall rules are totally
open so there is
nothing blocking full
access to the Internet.
You can limit access
thru the Captive Portal.
See Chapter 5.1.2 for
details.
2. Traffic to a
Whitelisted Host in the
Captive Portal,
including http, goes
straight to the Internet,
bypassing the internal
proxy server. If you
whitelist a webserver,
that traffic goes
straight to the Internet,
bypassing the internal
proxy server, so there
is no filtering. Typically
you would not want to
whitelist a webserver;
however, you may
want to whitelist a mail server, or a vpn. See Chapter 5.1.1.3 for details.
Page 16 of 131
3. All http traffic (on port 80), that is not Whitelisted, and only http (not https or secure traffic) is
intercepted and redirected to the internal proxy server. This is known as transparent proxy. The
internal proxy server does URL blocking and domain blocking. Also, the internal proxy server
can speak to an upstream proxy server to provide compression (premium service--fees apply).
Traffic through the internal proxy server can take one of several paths, dependent upon
whether or not compression is enabled.
•If compression is disabled all traffic goes straight to the Internet.
•With compression enabled, all http traffic goes to the upstream compression proxy
server and returns a compressed page. Ads are stripped out, text is compressed,
images are resampled and more. On average, you will experience 3-5x compression on
http traffic, thereby increasing the speed of your connection and your effective per Mb
cost of your connection.
•With compression enabled, Whitelisted Hosts or URLs bypass the upstream
compression proxy server and go straight to the Internet, bypassing compression.
•Blacklisted Hosts or URLs have no Internet access, regardless of compression status.
See Chapter 5.2.2 for details.
3.5 Navigating the User Interface
Access to the user interface depends upon how you login to the router. There are two logins
available: admin and superadmin. See Chapter 4.1.
The user interface is divided into sections; use the tabs to access the required service or
information.
On most pages in the user interface you will see three buttons in the lower right corner:
Reset: returnsthe page to its previous saved state.
Save: saves the changes, but does not yet apply the changes.
Save & Apply: saves the changes and applies them to the router configuration. In some cases,
the router must reboot to apply the change. If reboot is required, it will be noted on the page.
Page 17 of 131
4.0 Getting Started - User Interface Access
In a typical situation, the Optimizer Voice router arrives to you with the following services
enabled:
•SMS Messaging using smartphones
•GPS/NMEA Repeater
•Voice Capability using smartphones
There are also services available that are disabled:
•Captive Portal for Crew Internet Access
•Internal Transparent Proxy for Web Filtering
•Web Compression (additional fees may apply)
•RedPort Email (additional fees may apply)
•GPS Tracking (additional fees may apply)
•RedPort VoIP for multi-user calls and SMS (additional fees may apply)
This guide is designed to help you understand how the router works so you can customize the
configuration to meet your needs.
4.1 Access the Home page
To access the router’s Home page you must login to the router. This can be accomplished in
several ways however the most popular method is to:
1. Connect to the WiFi Hotspot created by the router using a PC. Connect to the WiFi Hotspot
just like you would any other WiFi connection:
On a Windows PC, go to: Windows Start > Control Panel > Network Connections
On a MAC, go to: Apple > System Preferences > Network
You will notice that there are two WiFi network names in the list.
There are two transmitters in the Optimizer Voice with frequencies at 2.54 Ghz and one
at 5.2 Ghz.
The Network Name will look something like: ‘wxa-153-XXXX-frequency’where ‘XXXX’is the
last four digits of the Optimizer Voice’s Mac address and ‘frequency’ is the transmission
frequency of the transmitter. Select one of these wireless networks.
Page 18 of 131
For alternative Home Page access methods, see the RedPort Optimizer Voice Installation
Guide.
2. Open any web browser on the computer and enter one of the following URL's:
If Captive Portal is disabled (default): http://192.168.10.1
If Captive Portal is enabled: http://10.1.5.1
3. The Optimizer Voice ships with two existing accounts:
•Admin - for normal day-to-day operation
•Superadmin - for configuration and maintenance
4.1.1 Onsite Administrator Login (Admin)
Onsite Administrator: username=admin, password=webxaccess
This login gives the onsite administrator access to portions of the user interface and the
ability to perform common tasks such as:
•generate PIN-Codes (if captive portal is enabled)
•send/receive email (if email is enabled)
•manage crew email accounts (if email is enabled)
•monitor the system status
•reboot the router, if necessary
•change the router password for the admin account, if necessary
See the Optimizer Crew Basic User Guide for information in administering the most-
used features of the Optimizer Voice.
4.1.2 Installer/Network Administrator Login (Superadmin)
Technician: username=superadmin, password=webxaccess
This login provides full access to the user interface for configuration and maintenance
of the router.
Once logged in, you will see the router’s Home page.
Page 19 of 131
This Home Page is the onsite administrator's gateway to the most used features. See the
Optimizer Crew Basic User Guide for Home Page details and use.
Page 20 of 131
From theHome Page you have access to the remaining sections of the user interface.
Services: allows access to all the services available on the router.
Each service is contained in its own tab under the Services section. This is where you will
enable/disable the services and configure them for use.
Status: displays how much memory the router is using, who is connected via wifi and other
information you may find useful.
The System Log contains detailed information of the router's performance. It will report error
messages and can be useful when troubleshooting connection issues. Realtime Graphs report
how much data is being using by the different interfaces. All Status information is Read Only.
System: contains some of the router's basic settings for you to configure plus a few
maintenance functions.
Use this section to set your time zone, change the 'admin' and/or 'superadmin' password,
flash new firmware to the router, reboot the router if necessary. Profiles is a way to 'clone' the
router configuration for use on another Optimizer Crew router.
Network: contains access to the network interfaces and the firewall.
Use this section to configure network interfaces, run diagnostics, or modify the firewall.
Table of contents
Other RedPort Network Router manuals
