PracticallyNetworked.com
Practically Networked Logo
Cayman Wireless Router

Page 1 
 Author: Tim Higgins
 Review Date: 9/1/2001

 Add Your Review


Model: 2E-H-W11
Pros:

- Fast routing
- Bandwidth control
- Non TCP/IP protocol bridging

 
Cons:

- Expensive
- Slow wireless
- Only 40 bit WEP
- No MAC address association control
- No port filtering

 


The Basics

 
Indicators
  • Link/Activity for each of eight LAN ports

  • Wireless Activity

  • WAN Activity (Front Panel)

  • WAN Link/Activity (Rear Panel)

  • Power

Connectors
  • One RJ45 10BaseT WAN

  • Eight RJ45 10BaseT LAN (not switched)

  • Power

  • DB9F RS232 Serial console

Comes with
  • System CD with manuals, drivers, software

  • Power Supply (120V)

  • printed "Getting Started" Guide

Other 
  • No Hardware Reset switch

  • NO Uplink or Normal / Crossover switch for LAN Ports

  • Removable PC card radio with removable patch antenna module.

 

Introduction


The Cayman 2E-H-W11 is an 802.11b wireless router with built-in 8 port 10BaseT hub, and a fast, flexible, NAT router paired with a poorly performing wireless side.  Designed primarily to be sold to BSPs (Broadband Service Providers), it has some unique features that may interest experienced networkers... if they want to pay the price.

 

Setup and Administration


I didn't have problems setting up the W11, since it has both HTTP (browser) and Telnet based admin interfaces (a serial console connection is also provided) and came with its built-in DHCP server enabled.  My trusty test PC was set to be a DHCP client and leased an address without problem so that I could connect to the 192.168.1.254 admin server address.

Cayman 2E-H-W11 - Home screen 

During my testing, I was surprised to find the default setup of the W11 to be very insecure.  Not only does the unit ship without a default admin password, but it has both the HTTP and Telnet admin interfaces open to the WAN side of the router!  The unit allows multiple users to be logged into the admin server at the same time, with no notification of the additional logins.  There's also no way to limit WAN side admin access to either an IP address range or specific IP address to enhance admin security.

Note on the screen shot above, that you do get a security warning about the lack of password.  But there's nothing to warn the user that their router can be controlled by anyone who Telnets in or types their IP address into a web browser!   This should be fixed IMMEDIATELY, since port scans for ports 23 and 80 are a daily, if not hourly occurrence for most users, even those of us on dialup connections!  Cayman also doesn't let you set the W11 so that it doesn't respond to pings from the WAN side, although they say this is coming in a future firmware release.

Cayman 2E-H-W11 - LAN screen

Once you secure your W11, you'll find pretty much everything you need to set up for most BSPs.  For @Home use, you can set the router name and Domain Name for the DHCP server to hand out to clients.  ATT Broadband and other MAC address authenticated users will need to use the Telnet interface's CONFIG commands to change the WAN MAC address.  PPPoE is supported, but you can just enter your Username and password -- no idle time or auto-reconnect settings are provided.

 

Routing Features


The W11 has an interesting mix of routing capabilities.  You can forward up to 64 ports or port ranges ("pinholes"), but the mappings are static, i.e. triggered maps are not supported.   You currently can't do any port filtering to control the services that users can access, but Cayman says they'll be adding this in a future firmware release.  You can also set one "default host" that is effectively placed on the WAN side of the firewall.

If VPN is your interest, you'll find that the W11 supports pass-thru for multiple PPTP or IPsec client sessions.  There's no hard limit on the number of sessions or number of sessions per server.  On the downside, "pinholes" won't work for accessing PPTP and IPsec LAN-side servers from the Internet (WAN), although you can try using the "default host" function for this.

Up to 16 static routes are supported, and you can enable RIP1, RIP2, or RIP2 with MD5 authentication for dynamic routing.

Cayman 2E-H-W11 - Pinhole screen  Cayman 2E-H-W11 - Log screen

Logging is restricted to configuration "console" type messages, with no Web site or other IP traffic logged, and no security ("hack") attempts. Cayman says that "a soon to be available product" will provide security event logging, though.  You can clear the log, but can't save it or send it to a syslog or SNMP trap server.  Other links on the Monitor page let you view a variety of router and network information.

The W11's routing features include a few that you don't normally find in a consumer router, but that a BSP would feel right at home with: (These features are available via the Telnet admin interface only.)

  • You can enable bridging of non TCP/IP protocols (such as AppleTalk and NetWare) between all router interfaces (WAN, LAN, and Wireless).  Bridging essentially makes multiple networks look like one network by not paying attention to IP addresses, but using devices' MAC addresses to send data to the right place. (See this page for more on bridges.)  

  • The "Traffic Shaping" option lets you set the maximum transfer rate (throughput) that's allowed through the router.  This setting applies to all traffic through the router, i.e. you can't set it on a per-user or application basis.

If you really want to get into the details, download the documentation from the Cayman Support site.

That about covers the Routing Features. 

  • Page 2
  • Jupitermedia is publisher of the internet.com and EarthWeb networks.


    Copyright 2003 Jupitermedia Corporation All Rights Reserved.
    Legal Notices,  Licensing,Reprints, &Permissions,  Privacy Policy.
    http://www.internet.com/
    http://www.earthweb.com/