NBG318S Series Powerline Ethernet Series User’s Guide Version 3.60 1/2008 Edition 3 DEFAULT LOGIN IP Address http://192.168.1.1 Password 1234 www.zyxel.
About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the NBG318S or NBG318S v2 using the web configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology. Related Documentation • Quick Start Guide The Quick Start Guide is designed to help you get up and running right away. It contains information on setting up your network and configuring for Internet access.
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. 1 " Warnings tell you about things that could harm you or your device. Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations. Syntax Conventions • The NBG318S and NBG318S v2 may be referred to as the “NBG318S”, the “device”, the “product” or the “system” in this User’s Guide.
Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The NBG318S icon is not an exact representation of your device.
Safety Warnings Safety Warnings 1 For your safety, be sure to read and follow all warning notices and instructions. • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store things on the device. • Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning. • Connect ONLY suitable accessories to the device.
Safety Warnings NBG318S User’s Guide 7
Safety Warnings 8 NBG318S User’s Guide
Table of Contents Table of Contents About This User's Guide .......................................................................................................... 3 Document Conventions............................................................................................................ 4 Safety Warnings........................................................................................................................ 6 Table of Contents........................................................
Table of Contents Chapter 4 Introducing the Web Configurator ........................................................................................ 43 4.1 Web Configurator Overview ................................................................................................. 43 4.2 Accessing the Web Configurator ......................................................................................... 43 4.3 Resetting the NBG318S .........................................................................
Table of Contents 6.3 Configuring the Wireless Client ........................................................................................... 75 6.3.1 Connecting to a Wireless LAN ................................................................................... 75 Part II: Network....................................................................................... 79 Chapter 7 Wireless LAN...............................................................................................................
Table of Contents Chapter 9 LAN......................................................................................................................................... 115 9.1 LAN Overview .....................................................................................................................115 9.1.1 IP Pool Setup ............................................................................................................115 9.1.2 System DNS Servers ...........................................
Table of Contents 12.5.1 Trigger Port Forwarding Example .......................................................................... 140 12.5.2 Two Points To Remember About Trigger Ports ...................................................... 141 12.6 NAT Advanced Screen .................................................................................................... 141 Chapter 13 Dynamic DNS .................................................................................................................
Table of Contents 16.1 Static Route Overview ..................................................................................................... 163 16.2 IP Static Route Screen .................................................................................................... 163 16.2.1 Static Route Setup Screen ................................................................................... 164 Chapter 17 Bandwidth Management...........................................................................
Table of Contents Part V: Maintenance and Troubleshooting ........................................ 195 Chapter 20 System ................................................................................................................................... 197 20.1 System Overview ............................................................................................................. 197 20.2 System General Screen ............................................................................................
Table of Contents 26.8 Advanced Features ......................................................................................................... 236 Part VI: Appendices and Index ........................................................... 237 Appendix A Product Specifications and Wall-Mounting Instructions .................................... 239 Appendix B Pop-up Windows, JavaScripts and Java Permissions ...................................... 245 Appendix C IP Addresses and Subnetting ..................
Contents Overview Contents Overview Introduction ............................................................................................................................ 29 Getting to Know Your NBG318S ................................................................................................ 31 The WPS Button ........................................................................................................................ 37 ..................................................................
Contents Overview 18 NBG318S User’s Guide
List of Figures List of Figures Figure 1 Secure Internet Access .......................................................................................................... 31 Figure 2 WLAN Application Example ..................................................................................................... 32 Figure 3 HomePlug AV Internet Connection Example .......................................................................... 32 Figure 4 Front Panel ..................................................
List of Figures Figure 39 ZyXEL Utility: Confirm Save ................................................................................................... 77 Figure 40 ZyXEL Utility: Link Info .......................................................................................................... 77 Figure 41 Example of a Wireless Network ............................................................................................. 81 Figure 42 How WPS works .................................................
List of Figures Figure 82 Using IP Alias to Solve the Triangle Route Problem ............................................................ 153 Figure 83 Security > Firewall > General l ............................................................................................. 153 Figure 84 Security > Firewall > Services ............................................................................................. 154 Figure 85 Security > Content Filter > Filter ..............................................
List of Figures Figure 125 Configuration Restore Successful ...................................................................................... 218 Figure 126 Temporarily Disconnected .................................................................................................. 218 Figure 127 Configuration Restore Error ............................................................................................... 218 Figure 128 Maintenance > Tools > Restart ..........................................
List of Figures Figure 168 Red Hat 9.0: DNS Settings in resolv.conf ........................................................................ 274 Figure 169 Red Hat 9.0: Restart Ethernet Card .................................................................................. 274 Figure 170 Red Hat 9.0: Checking TCP/IP Properties ........................................................................ 274 Figure 171 Peer-to-Peer Communication in an Ad-hoc Network .............................................
List of Figures 24 NBG318S User’s Guide
List of Tables List of Tables Table 1 NBG318S Front Panel LEDs .................................................................................................... 33 Table 2 NBG318S v2 Front Panel LEDs ................................................................................................ 34 Table 3 Time ENCRYPT Button is Pressed and Action ......................................................................... 42 Table 4 Status Screen Icon Key ..................................................
List of Tables Table 39 Network > WAN > Internet Connection: PPTP Encapsulation ...............................................112 Table 40 WAN > Advanced ...................................................................................................................114 Table 41 Network > LAN > IP ...............................................................................................................118 Table 42 Network > LAN > IP Alias .............................................................
List of Tables Table 82 TCP Reset Logs .................................................................................................................... 206 Table 83 Packet Filter Logs ................................................................................................................. 207 Table 84 ICMP Logs ............................................................................................................................ 207 Table 85 CDR Logs ........................................
List of Tables 28 NBG318S User’s Guide
P ART I Introduction Getting to Know Your NBG318S (31) The WPS Button (37) The ENCRYPT Button (39) Introducing the Web Configurator (43) Connection Wizard (55) Tutorial (73) 29
CHAPTER 1 Getting to Know Your NBG318S This chapter introduces the main features and applications of the NBG318S. 1.1 Overview The NBG318S is the ideal secure HomePlug AV wireless firewall router for all data passing between the Internet and your local network. 1.1.1 Secure Broadband Internet Access Connect a broadband modem to your NBG318S for shared Internet access protected by firewall and content filtering. You can also use media bandwidth management to efficiently manage traffic on your network.
Chapter 1 Getting to Know Your NBG318S Figure 2 WLAN Application Example 1.1.3 HomePlug AV Connect to other HomePlug AV compatible devices through your home electrical wiring. A HomePlug AV network is capable of up to 200Mbps data transfer without the need for network cables. Figure 3 HomePlug AV Internet Connection Example 1.2 Ways to Manage the NBG318S Use any of the following methods to manage the NBG318S.
Chapter 1 Getting to Know Your NBG318S • ENCRYPT: You can use the ENCRYPT button to set up a powerline network with your NBG318S. • Web Configurator. This is recommended for everyday management of the NBG318S using a (supported) web browser. • Command Line Interface. Line commands are mostly used for troubleshooting by service engineers. • FTP. Use File Transfer Protocol for firmware upgrades and configuration backup/restore. " Upgrade to the latest firmware to enable the ENCRYPT feature on your NBG318S.
Chapter 1 Getting to Know Your NBG318S Table 1 NBG318S Front Panel LEDs (continued) LED ICON HomePlug WAN COLOR STATUS DESCRIPTION Green On The NBG318S has a successful HomePlug AV connection. Blinking The NBG318S is sending/receiving data. Off The HomePlug AV connection is not ready, or failed. On The NBG318S has a successful WAN connection. Green LAN 1-3 WLAN Blinking The NBG318S is sending/receiving data. None Off The WAN connection is not ready, or has failed.
Chapter 1 Getting to Know Your NBG318S Table 2 NBG318S v2 Front Panel LEDs (continued) LED ICON HomePlug COLOR STATUS DESCRIPTION Green On The NBG318S v2 has a successful HomePlug AV connection at 40 Mbps. Blinking The NBG318S v2 is sending/receiving data at over 40 Mbps. On The NBG318S v2 has a successful HomePlug AV connection at 10~40 Mbps. Blinking The NBG318S v2 is sending/receiving data at 10~40 Mbps. On The NBG318S v2 has a successful HomePlug AV connection at 0~10 Mbps.
Chapter 1 Getting to Know Your NBG318S 36 NBG318S User’s Guide
CHAPTER 2 The WPS Button 2.1 Overview Your NBG318S supports WiFi Protected Setup (WPS), which is an easy way to set up a secure wireless network. WPS is an industry standard specification, defined by the WiFi Alliance. WPS allows you to quickly set up a wireless network with strong security, without having to configure security settings manually. Each WPS connection works between two devices. Both devices must support WPS (check each device’s documentation to make sure).
Chapter 2 38 NBG318S User’s Guide
CHAPTER 3 The ENCRYPT Button Use the ENCRYPT button to automatically set up a secure powerline connection between your powerline devices. 3.1 ENCRYPT Button Overview The ENCRYPT button allows you to set up a secure powerline connection with other HomePlug AV compliant powerline devices which also support the ENCRYPT feature. No other powerline setting changes are required to connect.
Chapter 3 The ENCRYPT Button Figure 5 ENCRYPT Connection Procedure press 2 seconds press 2 seconds within 2 minutes 5 Repeat step 4 in this section for the other powerline device you wish to connect. This must be done within 120 seconds of pressing the ENCRYPT button on the NBG318S. 6 Check the lights on the two powerline devices. Wait for about one minute while your powerline devices connect. The HomePlug ( ) lights on both devices turn on when the connection is made.
Chapter 3 The ENCRYPT Button 9 If you disconnected your computer or modem (or any other networking product connected to your powerline device) in step 1 of this section, you can now reconnect them. This sets up your powerline network between your powerline devices. 3.3 Setting Up Multiple Networks You can use the ENCRYPT button to set up multiple powerline networks using your existing powerline network. For example, you have already set up a powerline network in your home (A) which accesses a printer (B).
Chapter 3 The ENCRYPT Button Figure 8 Two Separate Powerline Networks B A C Congratulations. You now have two separate powerline networks as shown above. V If the HomePlug ( ) lights on both powerline devices do not light up, the powerline devices are not connected. Repeat the connection process, making certain you press the ENCRYPT buttons for the correct time and within two minutes of each other. If that does not work see Section 26.7 on page 235 for suggestions. 3.
CHAPTER 4 Introducing the Web Configurator This chapter describes how to access the NBG318S web configurator and provides an overview of its screens. 4.1 Web Configurator Overview The web configurator is an HTML-based management interface that allows easy setup and management of the NBG318S via Internet browser. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and later versions. The recommended screen resolution is 1024 by 768 pixels.
Chapter 4 Introducing the Web Configurator Figure 9 Change Password Screen " The management session automatically times out when the time period set in the Administrator Inactivity Timer field expires (default five minutes). Simply log back into the NBG318S if this happens. 6 Select the setup mode you want to use. • Click Go to Wizard Setup to use the Configuration Wizard for basic Internet and Wireless setup.
Chapter 4 Introducing the Web Configurator 4.3 Resetting the NBG318S If you forget your password or cannot access the web configurator, you will need to use the RESET button at the back of the NBG318S to reload the factory-default configuration file. This means that you will lose all configurations that you had previously saved, and the password will be reset to “1234”. 4.3.1 Procedure to Use the Reset Button 1 Make sure the POWER LED is on.
Chapter 4 Introducing the Web Configurator Figure 10 Web Configurator Status Screen The following table describes the icons shown in the Status screen. Table 4 Status Screen Icon Key ICON DESCRIPTION Click this icon to open the setup wizard. Click this icon to view copyright and a link for related product information. Click this icon at any time to exit the web configurator.
Chapter 4 Introducing the Web Configurator Table 5 Web Configurator Status Screen (continued) LABEL Firmware Version DESCRIPTION This is the ZyNOS firmware version and the date created. ZyNOS is ZyXEL's proprietary Network Operating System design. WAN Information - MAC Address This shows the WAN Ethernet adapter MAC Address of your device. - IP Address This shows the WAN port’s IP address. - IP Subnet Mask This shows the WAN port’s subnet mask.
Chapter 4 Introducing the Web Configurator Table 5 Web Configurator Status Screen (continued) LABEL DESCRIPTION - Configuration Mode This shows whether the advanced screens of each feature are turned on (Advanced) or not (Basic). Interface Status Interface This displays the NBG318S port types. The port types are: WAN, LAN, WLAN and HomePlug AV. Status For the LAN and WAN ports, this field displays Down (line is down) or Up (line is up or connected).
Chapter 4 Introducing the Web Configurator Table 6 Screens Summary LINK TAB FUNCTION General Use this screen to configure wireless LAN. MAC Filter Use the MAC filter screen to configure the NBG318S to block access to devices or block the devices from accessing the NBG318S. Advanced This screen allows you to configure advanced wireless settings. QoS Use this screen to configure Wi-Fi Multimedia Quality of Service (WMM QoS).
Chapter 4 Introducing the Web Configurator Table 6 Screens Summary LINK TAB FUNCTION WWW Use this screen to configure through which interface(s) and from which IP address(es) users can use HTTP to manage the NBG318S. Telnet Use this screen to configure through which interface(s) and from which IP address(es) users can use Telnet to manage the NBG318S. FTP Use this screen to configure through which interface(s) and from which IP address(es) users can use FTP to access the NBG318S.
Chapter 4 Introducing the Web Configurator 4.4.4 Summary: Bandwidth Management Monitor Select the BW MGMT Monitor (Details...) hyperlink in Status screen. View the bandwidth usage of the WAN configured bandwidth rules. This is also shown as bandwidth usage over the bandwidth budget for each rule. The gray section of the bar represents the percentage of unused bandwidth and the blue color represents the percentage of bandwidth in use. Figure 12 Summary: BW MGMT Monitor 4.4.
Chapter 4 Introducing the Web Configurator Table 7 Summary: DHCP Table (continued) LABEL DESCRIPTION MAC Address This field shows the MAC address of the computer with the name in the Host Name field. Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. Refresh Click Refresh to renew the screen. 4.4.
Chapter 4 Introducing the Web Configurator Table 8 Summary: Packet Statistics LABEL DESCRIPTION Poll Interval(s) Enter the time interval for refreshing statistics in this field. Set Interval Click this button to apply the new poll interval you entered in the Poll Interval(s) field. Stop Click Stop to stop refreshing statistics, click Stop. 4.4.7 Summary: Wireless Station Status Click the WLAN Station Status (Details...) hyperlink in the Status screen.
Chapter 4 Introducing the Web Configurator The following table describes the labels in this screen. Table 10 Summary: My Homeplug Network 54 LABEL DESCRIPTION Site Your NBG318S is the Local device. All other devices on your network will be Remote. MAC Address This field displays the MAC address of a HomePlug AV device detected by your NBG318S. Firmware Version This shows the firmware version used by the HomePlug chipset. Refresh Click Refresh to reload the list.
CHAPTER 5 Connection Wizard This chapter provides information on the wizard setup screens in the web configurator. 5.1 Wizard Setup The web configurator’s wizard setup helps you configure your device to access the Internet. Leave a field blank if you don’t have that information. You can access the Wizard by clicking the Wizard icon in the web configurator or when you first log in as follows. 1 After you first log into the NBG318S web configurator, click the Go to Wizard setup hyperlink.
Chapter 5 Connection Wizard Figure 18 Select a Language 4 Read the on-screen information and click Next. Figure 19 Welcome to the Connection Wizard 5.2 Connection Wizard: STEP 1: System Information System Information contains administrative and system-related information. 5.2.1 System Name System Name is for identification purposes. However, because some ISPs check this name you should enter your computer's "Computer Name". • In Windows 95/98 click Start, Settings, Control Panel, Network.
Chapter 5 Connection Wizard 5.2.2 Domain Name The Domain Name entry is what is propagated to the DHCP clients on the LAN. If you leave this blank, the domain name obtained by DHCP from the ISP is used. While you must enter the host name (System Name) on each individual computer, the domain name can be assigned from the NBG318S via DHCP. Click Next to configure the NBG318S for Internet access. Figure 20 Wizard Step 1: System Information The following table describes the labels in this screen.
Chapter 5 Connection Wizard Figure 21 Wizard Step 2: Wireless LAN The following table describes the labels in this screen. Table 12 Wizard Step 2: Wireless LAN " 58 LABEL DESCRIPTION Name (SSID) Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless LAN. If you change this field on the NBG318S, make sure all wireless stations use the same SSID in order to access the network. Security Select a Security level from the drop-down list box.
Chapter 5 Connection Wizard 5.3.1 Auto Security Choose Auto to automatically generate a WPA-PSK pre-shared key. A window appears displaying the key. " Make sure you write down the key! You will need it later to connect other wireless devices to your network. Figure 22 Popup Pre-Shared Key 5.3.2 Basic (WEP) Security Choose Basic (WEP) to set up WEP Encryption parameters.
Chapter 5 Connection Wizard Figure 23 Wizard Step 2: Basic (WEP) Security The following table describes the labels in this screen. Table 13 Wizard Step 2: Basic (WEP) Security LABEL DESCRIPTION Passphrase Type a Passphrase (up to 32 printable characters) and click Generate. The NBG318S automatically generates a WEP key. WEP Encryption Select 64-bit WEP or 128-bit WEP to allow data encryption. ASCII Select this option in order to enter ASCII characters as the WEP keys.
Chapter 5 Connection Wizard 5.3.3 Extend (WPA-PSK or WPA2-PSK) Security Choose Extend (WPA-PSK) or Extend (WPA2-PSK) security in the Wireless LAN setup screen to set up a Pre-Shared Key. Figure 24 Wizard Step 2: Extend (WPA-PSK or WPA2-PSK) Security The following table describes the labels in this screen. Table 14 Wizard Step 2: Extend (WPA-PSK or WPA2-PSK) Security LABEL DESCRIPTION Pre-Shared Key Type from 8 to 63 case-sensitive ASCII characters.
Chapter 5 Connection Wizard Figure 25 Wizard Step 3: ISP Parameters. The following table describes the labels in this screen, Table 15 Wizard Step 3: ISP Parameters CONNECTION TYPE DESCRIPTION Ethernet Select the Ethernet option when the WAN port is used as a regular Ethernet. PPPoE Select the PPP over Ethernet option for a dial-up connection. If your ISP gave you a an IP address and/or subnet mask, then select PPTP. PPTP Select the PPTP option for a dial-up connection. 5.4.
Chapter 5 Connection Wizard One of the benefits of PPPoE is the ability to let end users access one of multiple network services, a function known as dynamic service selection. This enables the service provider to easily create and offer new IP services for specific users. Operationally, PPPoE saves significant effort for both the subscriber and the ISP/carrier, as it requires no specific configuration of the broadband modem at the subscriber’s site.
Chapter 5 Connection Wizard " The NBG318S supports one PPTP server connection at any given time. Figure 28 Wizard Step 3: PPTP Connection The following table describes the fields in this screen Table 17 Wizard Step 3: PPTP Connection LABEL DESCRIPTION ISP Parameters for Internet Access Connection Type Select PPTP from the drop-down list box. To configure a PPTP client, you must configure the User Name and Password fields for a PPP connection and the PPTP parameters for a PPTP connection.
Chapter 5 Connection Wizard Table 17 Wizard Step 3: PPTP Connection LABEL DESCRIPTION Next Click Next to continue. Exit Click Exit to close the wizard screen without saving. 5.4.4 Your IP Address The following wizard screen allows you to assign a fixed IP address or give the NBG318S an automatically assigned IP address depending on your ISP.
Chapter 5 Connection Wizard You can obtain your IP address from the IANA, from an ISP or have it assigned by a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks. On the other hand, if you are part of a much larger organization, you should consult your network administrator for the appropriate IP addresses.
Chapter 5 Connection Wizard 2 If the ISP did not give you DNS server information, leave the DNS Server fields set to 0.0.0.0 in the Wizard screen and/or set to From ISP in the WAN > Internet Connection screen for the ISP to dynamically assign the DNS server IP addresses. 5.4.8 WAN IP and DNS Server Address Assignment The following wizard screens allows you to assign a fixed WAN IP address and DNS server addresses. This screen appears if you selected PPP over Ethernet as your connection type in the Wizard.
Chapter 5 Connection Wizard The following table describes the labels in this screen Table 20 Wizard Step 3: WAN IP and DNS Server Addresses LABEL DESCRIPTION WAN IP Address Assignment My WAN IP Address Enter your WAN IP address in this field. The WAN IP address should be in the same subnet as your DSL/Cable modem or router. My WAN IP Subnet Mask Enter the IP subnet mask in this field. (Not available if you selected PPP over Ethernet as your Connection type.
Chapter 5 Connection Wizard Figure 31 Wizard Step 3: WAN MAC Address The following table describes the fields in this screen. Table 22 Wizard Step 3: WAN MAC Address LABEL DESCRIPTION Factory Default Select Factory Default to use the factory assigned default MAC address. Clone the computer’s MAC address Select this option and enter the IP address of the computer on the LAN whose MAC you are cloning.
Chapter 5 Connection Wizard The following fields describe the label in this screen. Table 23 Wizard Step 4: Bandwidth Management LABEL DESCRIPTION Enable BM for all traffic automatically Select the check box to have the NBG318S apply bandwidth management to traffic going out through the NBG318S’s WAN, LAN, HomePlug AV or WLAN port. Bandwidth is allocated according to the traffic type automatically. Real-time packets, such as VoIP traffic always get higher priority.
Chapter 5 Connection Wizard Well done! You have successfully set up your NBG318S to operate on your network and access the Internet.
Chapter 5 Connection Wizard 72 NBG318S User’s Guide
CHAPTER 6 Tutorial This chapter gives you examples of how to set up a wireless access point and a wireless client for wireless communication using some example settings. 6.1 Example Parameters SSID SSID_Example3 Channel 6 Security WPA-PSK (Pre-Shared Key: ThisismyWPA-PSKpre-sharedkey) 802.11 mode IEEE 802.11b/g An access point (AP) or wireless router is referred to as an “AP” and a computer with a wireless network card or USB/PCI adapter is referred to as a “wireless client” here.
Chapter 6 Tutorial Figure 35 Network > Wireless LAN > General 4 Make sure the Enable Wireless LAN check box is selected. 5 Enter SSID_Example3 as the SSID and select a channel. 6 Set security mode to WPA-PSK and enter ThisismyWPA-PSKpre-sharedkey in the Pre-Shared Key field. Click Apply. 7 Open the Status screen.Verify your wireless and wireless security settings under Device Information and check if the WLAN connection is up under Interface Status.
Chapter 6 Tutorial Figure 37 AP: Status: WLAN Station Status 6.3 Configuring the Wireless Client This section describes how to connect the wireless client to a network. 6.3.1 Connecting to a Wireless LAN The following sections show you how to join a wireless network using the ZyXEL utility, as in the following diagram. The wireless client is labelled C and the access point is labelled AP. There are three ways to connect the client to an access point.
Chapter 6 Tutorial 1 Open the ZyXEL utility and click the Site Survey tab to open the screen shown next. 2 The wireless client automatically searches for available wireless networks. Click Scan if you want to search again. If no entry displays in the Available Network List, that means there is no wireless network available within range. Make sure the AP or peer computer is turned on or move the wireless client closer to the AP or peer computer.
Chapter 6 Tutorial Figure 39 ZyXEL Utility: Confirm Save 5 The ZyXEL utility returns to the Link Info screen while it connects to the wireless network using your settings. When the wireless link is established, the ZyXEL utility icon in the system tray turns green and the Link Info screen displays details of the active connection. Check the network information in the Link Info screen to verify that you have successfully connected to the selected network.
Chapter 6 Tutorial 78 NBG318S User’s Guide
P ART II Network Wireless LAN (81) WAN (105) LAN (115) HomePlug AV (121) DHCP (131) Network Address Translation (NAT) (135) Dynamic DNS (145) 79
CHAPTER 7 Wireless LAN This chapter discusses how to configure the wireless network settings in your NBG318S. See the appendices for more detailed information about wireless networks. 7.1 Wireless Network Overview The following figure provides an example of a wireless network. Figure 41 Example of a Wireless Network The wireless network is the part in the blue circle. In this wireless network, devices A and B are called wireless clients.
Chapter 7 Wireless LAN • Every wireless client in the same wireless network must use security compatible with the AP. Security stops unauthorized devices from using the wireless network. It can also protect the information that is sent in the wireless network. 7.2 Wireless Security Overview The following sections introduce different types of wireless security you can set up in the wireless network. 7.2.1 SSID Normally, the AP acts like a beacon and regularly broadcasts the SSID in the area.
Chapter 7 Wireless LAN If your AP does not provide a local user database and if you do not have a RADIUS server, you cannot set up user names and passwords for your users. Unauthorized devices can still see the information that is sent in the wireless network, even if they cannot use the wireless network. Furthermore, there are ways for unauthorized wireless users to get a valid user name and password. Then, they can use that user name and password to use the wireless network.
Chapter 7 Wireless LAN When you select WPA2 or WPA2-PSK in your NBG318S, you can also select an option (WPA Compatible) to support WPA as well. In this case, if some wireless clients support WPA and some support WPA2, you should set up WPA2-PSK or WPA2 (depending on the type of wireless network login) and select the WPA Compatible option in the NBG318S. Many types of encryption use a key to protect the information in the wireless network. The longer the key, the stronger the encryption.
Chapter 7 Wireless LAN 7.4 WPS Overview WPS allows you to quickly set up a secure network with other WPS enabled devices, much more easily than manually configuring wireless connections and security through a web configurator. Your NBG318S uses WPS to set up a secure connection with other WPS enabled wireless devices in two ways. The first method uses a push-button, either physically located on the housing of the wireless devices, or provided as a feature in the device’s software.
Chapter 7 Wireless LAN 5 On a computer connected to the wireless client, try logging into the NBG318S’s web configurator. If you can connect, WPS was successful. If you cannot connect, check the list of associated wireless clients in the AP’s configuration utility. If you see the wireless client in the list, WPS was successful. V If you cannot connect using WPS, check both devices’ configuration interfaces to ensure WPS is enabled on both devices.
Chapter 7 Wireless LAN Figure 42 How WPS works ACTIVATE WPS ACTIVATE WPS WITHIN 2 MINUTES WPS HANDSHAKE ENROLLEE SECURE TUNNEL REGISTRAR SECURITY INFO COMMUNICATION The roles of registrar and enrollee last only as long as the WPS setup process is active (two minutes). The next time you use WPS, a different device can be the registrar if necessary. The WPS connection process is like a handshake; only two devices participate in each WPS transaction.
Chapter 7 Wireless LAN Figure 43 WPS: Example Network Step 1 ENROLLEE REGISTRAR SECURITY INFO AP1 CLIENT 1 In step 2, you add another wireless client to the network. You know that Client 1 supports registrar mode, but it is better to use AP1 for the WPS handshake with the new client since you must connect to the access point anyway in order to use the network. In this case, AP1 must be the registrar, since it is configured (it already has security information for the network).
Chapter 7 Wireless LAN Figure 45 WPS: Example Network Step 3 EXISTING CONNECTION CLIENT 1 E ION CT E NN CO G TIN XIS AP1 REGISTRAR CLIENT 2 SE CU RIT Y ENROLLEE INF O AP1 7.4.3 Limitations of WPS WPS has some limitations of which you should be aware. • WPS works in Infrastructure networks only (where an AP and a wireless client communicate). It does not work in Ad-Hoc networks (where there is no AP). • When you use WPS, it works between two devices only.
Chapter 7 Wireless LAN 7.5 General Wireless LAN Screen " If you are configuring the NBG318S from a computer connected to the wireless LAN and you change the NBG318S’s SSID, channel or security settings, you will lose your wireless connection when you press Apply to confirm. You must then change the wireless settings of your computer to match the NBG318S’s new settings. Click Network > Wireless LAN to open the General screen.
Chapter 7 Wireless LAN 7.5.1 No Security Select No Security to allow wireless stations to communicate with the access points without any data encryption. " If you do not enable any wireless security on your NBG318S, your network is accessible to any wireless networking device that is within range. Figure 47 Network > Wireless LAN > General: No Security The following table describes the labels in this screen.
Chapter 7 Wireless LAN " If the WPS is enabled, WEP encryption is not available from the drop-down menu. Disable WPS for the WEP screen to appear. Figure 48 Network > Wireless LAN > General: Static WEP The following table describes the wireless LAN security labels in this screen. Table 28 Network > Wireless LAN > General: Static WEP 92 LABEL DESCRIPTION Passphrase Enter a passphrase (password phrase) of up to 32 printable characters and click Generate.
Chapter 7 Wireless LAN Table 28 Network > Wireless LAN > General: Static WEP LABEL DESCRIPTION Key 1 to Key 4 The WEP keys are used to encrypt data. Both the NBG318S and the wireless stations must use the same WEP key for data transmission. If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal characters ("0-9", "A-F"). If you chose 128-bit WEP, then enter 13 ASCII characters or 26 hexadecimal characters ("0-9", "A-F").
Chapter 7 Wireless LAN Table 29 Network > Wireless LAN > General: WPA-PSK/WPA2-PSK LABEL DESCRIPTION ReAuthentication Timer (in seconds) Specify how often wireless stations have to resend usernames and passwords in order to stay connected. Enter a time interval between 10 and 9999 seconds. The default time interval is 1800 seconds (30 minutes). Note: If wireless station authentication is done using a RADIUS server, the reauthentication timer on the RADIUS server has priority.
Chapter 7 Wireless LAN Figure 50 Network > Wireless LAN > General: WPA/WPA2 The following table describes the labels in this screen. Table 30 Network > Wireless LAN > General: WPA/WPA2 LABEL DESCRIPTION WPA Compatible This check box is available only when you select WPA2-PSK or WPA2 in the Security Mode field. Select the check box to have both WPA2 and WPA wireless clients be able to communicate with the NBG318S even when the NBG318S is using WPA2-PSK or WPA2.
Chapter 7 Wireless LAN Table 30 Network > Wireless LAN > General: WPA/WPA2 LABEL DESCRIPTION Group Key Update Timer The Group Key Update Timer is the rate at which the AP (if using WPA-PSK/ WPA2-PSK key management) or RADIUS server (if using WPA/WPA2 key management) sends a new group key out to all clients. The re-keying process is the WPA/WPA2 equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis.
Chapter 7 Wireless LAN Figure 51 Network > Wireless LAN > MAC Filter The following table describes the labels in this menu. Table 31 Network > Wireless LAN > MAC Filter LABEL DESCRIPTION Active Select Yes from the drop down list box to enable MAC address filtering. Filter Action Define the filter action for the list of MAC addresses in the MAC Address table.
Chapter 7 Wireless LAN Figure 52 Network > Wireless LAN > Advanced The following table describes the labels in this screen. Table 32 Network > Wireless LAN > Advanced LABEL DESCRIPTION Roaming Configuration Enable Roaming Select this option if your network environment has multiple APs and you want your wireless device to be able to access the network as you move between wireless networks.
Chapter 7 Wireless LAN Table 32 Network > Wireless LAN > Advanced LABEL DESCRIPTION Super G Mode Use this field to enable or disable the Super G function. Super G mode is available only if you select 802.11g or 802.11b/g in the 802.11 Mode field. Super G provides higher data transmission rates than 802.11g. Select Disabled if your wireless clients do not support Super G. Select Super G with Dynamic Turbo if some or all of your wireless clients support Super G with Dynamic Turbo.
Chapter 7 Wireless LAN The following table describes the labels in this screen. Table 33 Network > Wireless LAN > QoS LABEL DESCRIPTION Enable WMM QoS Select this to turn on WMM QoS (Wireless MultiMedia Quality of Service). The NBG318S assigns priority to packets based on the 802.1q or DSCP information in their headers. If a packet has no WMM information in its header, it is assigned the default priority.
Chapter 7 Wireless LAN Figure 54 Network > Wireless LAN > QoS: Application Priority Configuration See Appendix F on page 287 for a list of commonly-used services and destination ports. The following table describes the fields in this screen. Table 34 Network > Wireless LAN > QoS: Application Priority Configuration LABEL DESCRIPTION Application Priority Configuration Name Type a description of the application priority.
Chapter 7 Wireless LAN WPS allows you to quickly set up a secure network with other WPS enabled devices, much more easily than manually configuring wireless connections and security through a web configurator. Your NBG318S uses WPS to set up a secure connection with other WPS enabled wireless devices in two ways. The first method uses a push-button, either physically located on the housing of the wireless devices, or provided as a feature in the device’s software.
Chapter 7 Wireless LAN Table 35 Network > Wireless LAN > WPS LABEL DESCRIPTION Apply Click this to save your changes to the NBG318S. Refresh Click this to reload the information in this screen. 7.10 WPS Station Screen Use this screen to set up a WPS connection using the Push Button Configuration (PBC) method. You can use the push-button in the screen below or the external push-button on the side of your device, if it has one. See Section 2.
Chapter 7 Wireless LAN 104 NBG318S User’s Guide
CHAPTER 8 WAN This chapter describes how to configure WAN settings. 8.1 WAN Overview See the chapter about the connection wizard for more information on the fields in the WAN screens. 8.2 WAN MAC Address The MAC address screen allows users to configure the WAN port's MAC address by either using the factory default or cloning the MAC address from a computer on your LAN. Choose Factory Default to select the factory assigned default MAC Address.
Chapter 8 WAN The NBG318S supports both IGMP version 1 (IGMP-v1) and IGMP version 2 (IGMP-v2). At start up, the NBG318S queries all directly connected networks to gather group membership. After that, the NBG318S periodically updates this information. IP multicasting can be enabled/disabled on the NBG318S LAN and/or WAN interfaces in the web configurator (LAN; WAN). Select None to disable IP multicasting on these interfaces. 8.
Chapter 8 WAN The following table describes the labels in this screen. Table 37 Network > WAN > Internet Connection: Ethernet Encapsulation LABEL DESCRIPTION Encapsulation You must choose the Ethernet option when the WAN port is used as a regular Ethernet. Service Type Choose from Standard, RR-Telstra (RoadRunner Telstra authentication method), RR-Manager (Roadrunner Manager authentication method), RRToshiba (Roadrunner Toshiba authentication method) or Telia Login.
Chapter 8 WAN Table 37 Network > WAN > Internet Connection: Ethernet Encapsulation LABEL DESCRIPTION Set WAN MAC Address Select this option and enter the MAC address you want to use. Apply Click Apply to save your changes back to the NBG318S. Reset Click Reset to begin configuring this screen afresh. 8.4.2 PPPoE Encapsulation The NBG318S supports PPPoE (Point-to-Point Protocol over Ethernet).
Chapter 8 WAN Figure 58 Network > WAN > Internet Connection: PPPoE Encapsulation The following table describes the labels in this screen. Table 38 Network > WAN > Internet Connection: PPPoE Encapsulation LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation The PPP over Ethernet choice is for a dial-up connection using PPPoE. The NBG318S supports PPPoE (Point-to-Point Protocol over Ethernet).
Chapter 8 WAN Table 38 Network > WAN > Internet Connection: PPPoE Encapsulation LABEL DESCRIPTION Password Type the password associated with the user name above. Retype to Confirm Type your password again to make sure that you have entered is correctly. Nailed-Up Connection Select Nailed-Up Connection if you do not want the connection to time out. Idle Timeout This value specifies the time in seconds that elapses before the router automatically disconnects from the PPPoE server.
Chapter 8 WAN PPTP supports on-demand, multi-protocol and virtual private networking over public networks, such as the Internet. This screen displays when you select PPTP encapsulation.
Chapter 8 WAN The following table describes the labels in this screen. Table 39 Network > WAN > Internet Connection: PPTP Encapsulation LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables secure transfer of data from a remote client to a private server, creating a Virtual Private Network (VPN) using TCP/IP-based networks.
Chapter 8 WAN Table 39 Network > WAN > Internet Connection: PPTP Encapsulation LABEL DESCRIPTION First DNS Server Second DNS Server Third DNS Server Select From ISP if your ISP dynamically assigns DNS server information (and the NBG318S's WAN IP address). The field to the right displays the (readonly) DNS server IP address that the ISP assigns. Select User-Defined if you have the IP address of a DNS server. Enter the DNS server's IP address in the field to the right.
Chapter 8 WAN The following table describes the labels in this screen. Table 40 WAN > Advanced LABEL DESCRIPTION Multicast Setup Multicast Select IGMP V-1, IGMP V-2 or None. IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a Multicast group - it is not used to carry user data. IGMP version 2 (RFC 2236) is an improvement over version 1 (RFC 1112) but IGMP version 1 is still in wide use.
CHAPTER 9 LAN This chapter describes how to configure LAN settings. 9.1 LAN Overview A Local Area Network (LAN) is a shared communication system to which many computers are attached. A LAN is a computer network limited to the immediate area, usually the same building or floor of a building. The LAN screens can help you configure a LAN DHCP server, manage IP addresses, and partition your physical network into logical networks. 9.1.
Chapter 9 LAN 9.2.2 IP Address and Subnet Mask Refer to the IP address and subnet mask section in the Connection Wizard chapter for this information. 9.2.3 Multicast Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everybody on the network). Multicast delivers IP packets to a group of hosts on the network - not everybody and not just 1.
Chapter 9 LAN Figure 61 Any IP Example The Any IP feature does not apply to a computer using either a dynamic IP address or a static IP address that is in the same subnet as the NBG318S’s IP address. " You must enable NAT to use the Any IP feature on the NBG318S. Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network.
Chapter 9 LAN 9.3 LAN IP Screen Use this screen to change your basic LAN settings. Click Network > LAN. Figure 62 Network > LAN > IP The following table describes the labels in this screen. Table 41 Network > LAN > IP LABEL DESCRIPTION LAN TCP/IP IP Address Type the IP address of your NBG318S in dotted decimal notation 192.168.1.1 (factory default). IP Subnet Mask The subnet mask specifies the network number portion of an IP address.
Chapter 9 LAN Figure 63 Network > LAN > IP Alias The following table describes the labels in this screen. Table 42 Network > LAN > IP Alias LABEL DESCRIPTION IP Alias 1,2 Select the check box to configure another LAN network for the NBG318S. IP Address Enter the IP address of your NBG318S in dotted decimal notation. IP Subnet Mask Your NBG318S will automatically calculate the subnet mask based on the IP address that you assign.
Chapter 9 LAN The following table describes the labels in this screen. Table 43 Network > LAN > Advanced LABEL DESCRIPTION Multicast Select IGMP V-1 or IGMP V-2 or None. IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a Multicast group - it is not used to carry user data. IGMP version 2 (RFC 2236) is an improvement over version 1 (RFC 1112) but IGMP version 1 is still in wide use.
CHAPTER 10 HomePlug AV This chapter introduces the main applications and management of the powerline feature. 10.1 Overview The NBG318S is a HomePlug AV compliant powerline Ethernet adapter. The NBG318S and other HomePlug AV powerline adapters in your network communicate with each other by sending and receiving information over your home’s electrical wiring. The NBG318S plugs into an ordinary outlet to create a new network which can extend to any other electrical outlet in any room of a house.
Chapter 10 HomePlug AV After configuring the settings on all adapters (see Section 10.3 on page 124) your computer can now connect to the powerline network and to the Internet. Your powerline network can be further expanded by plugging additional powerline adapters into other outlets in your home and connecting other computers or network devices (for example, a printer) to them. In this User’s Guide the electrical wiring network may be referred to as the “powerline network”.
Chapter 10 HomePlug AV Figure 66 Powerline Network Scenario A NMK1 NMK1 NMK1 NMK1 NMK1 NMK1 B NMK1 NMK1 NMK1 NMK2 NMK2 NMK2 In both cases the powerline adapters reside on the same electrical circuit. In scenario A all the powerline adapters can communicate with each other. In scenario B only the adapters with the same NMK can receive and unscramble communication between each other. 10.2.2 Setting Up Multiple Powerline Networks.
Chapter 10 HomePlug AV Figure 67 Two Private Powerline Networks on One Circuit Password 1 Password 1 Password 2 Password 2 10.3 Configuring Your HomePlug AV Devices Click on Network > HomePlug to see the screen below. Use this screen to set up a HomePlug AV network and to check the status of HomePlug AV devices on your electrical circuit.
Chapter 10 HomePlug AV The following table describes the labels in the screen. Table 44 Network > HomePlug > Network Settings LABEL DESCRIPTION Network Name This section lets you set the name of your network and to make it either public or private. The Network Name performs the same function as a network password. All devices on your HomePlug network have the same Network Name. A device with a different Network Name cannot be on your network.
Chapter 10 HomePlug AV LABEL DESCRIPTION Member Action This field shows the Edit icon and the Delete icon. Click on Edit to add a device to the network or to edit details such as the device’s Nickname. Click on Delete to remove the device from the network. If you want to set up a second network, remove the devices from My HomePlug Network that you want to keep in your first network before you set the new Network Name for the second network.
Chapter 10 HomePlug AV • You can configure your NBG318S to give priority to powerline network traffic depending on its destination (MAC Address or IP Port Number Priority). • You can also map the priority settings (VLAN or ToS priority settings) of traffic from outside your powerline network to priority settings for your powerline network (Priority Mapping). • Priority can also be assigned according to traffic type such as IGMP (Default Priority).
Chapter 10 HomePlug AV Figure 70 Prioritized Traffic Between Your Home Powerline Network and the Internet Internet A B The following mappings are suggestions only. VLAN and ToS priority settings may not map exactly to Homeplug AV priority settings. Priority settings for VLAN Tags and ToS bits range from 0 to 7 with 7 as the highest. Table 47 Suggested Mappings VLAN/TOS PRIORITY SETTINGS HOMEPLUG AV PRIORITY SETTINGS 5~7 Highest 4 High 2~3 Mid 0~1 Low 10.4.
Chapter 10 HomePlug AV IGMP is assigned highest priority as it controls multicast services such as IGMP managed Multicast Stream which allows streamed traffic such as video or VoIP. Unicast, Multicast/ Broadcast require less priority than the traffic that manages them. Select Network > HomePlug > QoS to set levels of service for different kinds of traffic on your powerline connection. The following screen displays Figure 71 Network > HomePlug > QoS. The following table describes the labels in the screen.
Chapter 10 HomePlug AV Table 48 Network > HomePlug > Edit LABEL DESCRIPTION Rule Name Type a descriptive name for a priority rule. You can enter up to 31 characters containing “0”~”9”, “a”~”z”, “A”~”Z”, “_” or -. Spaces are allowed. MAC Address or IP Port Number Type the MAC (Media Access Control) address or IP address of a device on your network. Network traffic to this device is prioritized according to the priority level of this rule.
CHAPTER 11 DHCP 11.1 DHCP DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server. You can configure the NBG318S as a DHCP server or disable it. When configured as a server, the NBG318S provides the TCP/IP configuration for the clients. If DHCP service is disabled, you must have another DHCP server on your LAN, or else the computer must be manually configured. 11.
Chapter 11 DHCP 11.3 DHCP Server Advanced Screen This screen allows you to assign IP addresses on the LAN to specific individual computers based on their MAC addresses. You can also use this screen to configure the DNS server information that the NBG318S sends to the DHCP clients. Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02.
Chapter 11 DHCP Table 50 Network > DHCP Server > Advanced LABEL DESCRIPTION First DNS Server Second DNS Server Third DNS Server Select From ISP if your ISP dynamically assigns DNS server information (and the NBG318S's WAN IP address). The field to the right displays the (read-only) DNS server IP address that the ISP assigns. Select User-Defined if you have the IP address of a DNS server. Enter the DNS server's IP address in the field to the right.
Chapter 11 DHCP The following table describes the labels in this screen. Table 51 Network > DHCP Server > Client List 134 LABEL DESCRIPTION # This is the index number of the host computer. IP Address This field displays the IP address relative to the # field listed above. Host Name This field displays the computer host name. MAC Address The MAC (Media Access Control) or Ethernet address on a LAN (Local Area Network) is unique to your computer (six pairs of hexadecimal notation).
CHAPTER 12 Network Address Translation (NAT) This chapter discusses how to configure NAT on the NBG318S. 12.1 NAT Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet. For example, the source address of an outgoing packet, used within one network is changed to a different IP address known within another network. 12.
Chapter 12 Network Address Translation (NAT) " Many residential broadband ISP accounts do not allow you to run any server processes (such as a Web or FTP server) from your location. Your ISP may periodically check for servers and may suspend your account if it discovers any active services at your location. If you are unsure, refer to your ISP. 12.2.
Chapter 12 Network Address Translation (NAT) The following table describes the labels in this screen. Table 52 Network > NAT > General LABEL DESCRIPTION Enable Network Address Translation Network Address Translation (NAT) allows the translation of an Internet protocol address used within one network (for example a private IP address used in a local network) to a different IP address known within another network (for example a public IP address used on the Internet). Select the check box to enable NAT.
Chapter 12 Network Address Translation (NAT) Figure 77 Network > NAT > Application The following table describes the labels in this screen. Table 53 NAT Application LABEL DESCRIPTION Game List Update A game list includes the pre-defined service name(s) and port number(s). You can edit and upload it to the NBG318S to replace the existing entries in the second field next to Service Name. File Path Type in the location of the file you want to upload in this field or click Browse... to find it. Browse...
Chapter 12 Network Address Translation (NAT) Table 53 NAT Application (continued) LABEL DESCRIPTION Port Type a port number(s) to be forwarded. To specify a range of ports, enter a hyphen (-) between the first port and the last port, such as 10-20. To specify two or more non-consecutive port numbers, separate them by a comma without spaces, such as 123,567. Server IP Address Type the inside IP address of the server that receives packets from the port(s) specified in the Port field.
Chapter 12 Network Address Translation (NAT) Figure 78 Game List Example version=1 1;name=Battlefield 1942;port=14567,22000,23000-23009,27900,28900 2;name=Call of Duty;port=28960 3;name=Civilization IV;port=2056 4;name=Diablo I and II;port=6112-6119,4000 5;name=Doom 3;port=27666 6;name=F.E.A.
Chapter 12 Network Address Translation (NAT) Figure 79 Trigger Port Forwarding Process: Example 1 Jane requests a file from the Real Audio server (port 7070). 2 Port 7070 is a “trigger” port and causes the NBG318S to record Jane’s computer IP address. The NBG318S associates Jane's computer IP address with the "incoming" port range of 6970-7170. 3 The Real Audio server responds using a port number ranging between 6970-7170. 4 The NBG318S forwards the traffic to Jane’s computer IP address.
Chapter 12 Network Address Translation (NAT) Figure 80 Network > NAT > Advanced The following table describes the labels in this screen. Table 54 Network > NAT > Advanced LABEL DESCRIPTION Max NAT/Firewall Session Per User Type a number ranging from 1 to 2048 to limit the number of NAT/firewall sessions that a host can create. When computers use peer to peer applications, such as file sharing applications, they may use a large number of NAT sessions.
Chapter 12 Network Address Translation (NAT) Table 54 Network > NAT > Advanced LABEL DESCRIPTION Incoming Incoming is a port (or a range of ports) that a server on the WAN uses when it sends out a particular service. The NBG318S forwards the traffic with this port (or range of ports) to the client computer on the LAN that requested the service. Start Port Type a port number or the starting port number in a range of port numbers.
Chapter 12 Network Address Translation (NAT) 144 NBG318S User’s Guide
CHAPTER 13 Dynamic DNS 13.1 Dynamic DNS Introduction Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect.
Chapter 13 Dynamic DNS Figure 81 Dynamic DNS The following table describes the labels in this screen. Table 55 Dynamic DNS LABEL DESCRIPTION Enable Dynamic DNS Select this check box to use dynamic DNS. Service Provider Select the name of your Dynamic DNS service provider. Dynamic DNS Type If you have selected WWW.DynDNS.ORG as your DNS Service Provider, you can select the type of service that you are registered for. The options are dynamic, static or custom.
Chapter 13 Dynamic DNS Table 55 Dynamic DNS LABEL DESCRIPTION Use specified IP Address Type the IP address of the host name(s). Use this if you have a static IP address. Apply Click Apply to save your changes back to the NBG318S. Reset Click Reset to begin configuring this screen afresh.
Chapter 13 Dynamic DNS 148 NBG318S User’s Guide
P ART III Security Firewall (151) Content Filtering (157) 149
CHAPTER 14 Firewall This chapter gives some background information on firewalls and explains how to get started with the NBG318S’s firewall. 14.1 Introduction to ZyXEL’s Firewall 14.1.1 What is a Firewall? Originally, the term “firewall” referred to a construction technique designed to prevent the spread of fire from one room to another. The networking term "firewall" is a system or group of systems that enforces an access-control policy between two networks.
Chapter 14 Firewall The NBG318S is installed between the LAN and a broadband modem connecting to the Internet. This allows it to act as a secure gateway for all data passing between the Internet and the LAN. The NBG318S has one Ethernet WAN port and four Ethernet LAN ports, which are used to physically separate the network into two areas.The WAN (Wide Area Network) port attaches to the broadband (cable or DSL) modem to the Internet.
Chapter 14 Firewall 1 A computer on the LAN initiates a connection by sending a SYN packet to a receiving server on the WAN. 2 The NBG318S reroutes the packet to Gateway A, which is in Subnet 2. 3 The reply from the WAN goes to the NBG318S. 4 The NBG318S then sends it to the computer on the LAN in Subnet 1. Figure 82 Using IP Alias to Solve the Triangle Route Problem 14.3 General Firewall Screen Click Security > Firewall to open the General screen.
Chapter 14 Firewall Table 56 Security > Firewall > General LABEL DESCRIPTION Log Select whether to create a log for packets that are traveling in the selected direction when the packets are blocked or forwarded. To log packets related to firewall rules, make sure that Access Control under Log is selected in the Logs > Log Settings screen. Apply Click Apply to save the settings. Reset Click Reset to start configuring this screen again. 14.4 Services Screen Click Security > Firewall > Services.
Chapter 14 Firewall Table 57 Security > Firewall > Services LABEL DESCRIPTION Do not respond to requests for unauthorized services Select this option to prevent hackers from finding the NBG318S by probing for unused ports. If you select this option, the NBG318S will not respond to port request(s) for unused ports, thus leaving the unused ports and the NBG318S unseen.
Chapter 14 Firewall 156 NBG318S User’s Guide
CHAPTER 15 Content Filtering This chapter provides a brief overview of content filtering using the embedded web GUI. 15.1 Introduction to Content Filtering Internet content filtering allows you to create and enforce Internet access policies tailored to your needs. Content filtering is the ability to block certain web features or specific URL keywords. 15.2 Restrict Web Features The NBG318S can block web features such as ActiveX controls, Java applets, cookies and disable web proxies. 15.
Chapter 15 Content Filtering Figure 85 Security > Content Filter > Filter The following table describes the labels in this screen. Table 58 Security > Content Filter > Filter LABEL DESCRIPTION Trusted Computer IP Address To enable this feature, type an IP address of any one of the computers in your network that you want to have as a trusted computer. This allows the trusted computer to have full access to all features that are configured to be blocked by content filtering.
Chapter 15 Content Filtering Table 58 Security > Content Filter > Filter LABEL DESCRIPTION Keyword Type a keyword in this field. You may use any character (up to 64 characters). Wildcards are not allowed. You can also enter a numerical IP address. Keyword List This list displays the keywords already added. Add Click Add after you have typed a keyword. Repeat this procedure to add other keywords. Up to 64 keywords are allowed.
Chapter 15 Content Filtering Table 59 Security > Content Filter > Schedule LABEL DESCRIPTION Apply Click Apply to save your customized settings and exit this screen. Reset Click Reset to begin configuring this screen afresh 15.6 Customizing Keyword Blocking URL Checking You can use commands to set how much of a website’s URL the content filter is to check for keyword blocking. See the appendices for information on how to access and use the command interpreter. 15.6.
P ART IV Management Static Route Screens (163) Bandwidth Management (167) Remote Management (177) Universal Plug-and-Play (UPnP) (183) 161
CHAPTER 16 Static Route Screens This chapter shows you how to configure static routes for your NBG318S. 16.1 Static Route Overview Each remote node specifies only the network to which the gateway is directly connected, and the NBG318S has no knowledge of the networks beyond. For instance, the NBG318S knows about network N2 in the following figure through remote node router R1.
Chapter 16 Static Route Screens Figure 88 Management > Static Route > IP Static Route The following table describes the labels in this screen. Table 60 Management > Static Route > IP Static Route LABEL DESCRIPTION # This is the index number of an individual static route. The first entry is for the default route and not editable. Name This is the name that describes or identifies this route. Active This icon is turned on when this static route is active.
Chapter 16 Static Route Screens Figure 89 Management > Static Route > IP Static Route: Static Route Setup The following table describes the labels in this screen. Table 61 Management > Static Route > IP Static Route: Static Route Setup LABEL DESCRIPTION Route Name Enter the name of the IP static route. Leave this field blank to delete this static route. Active This field allows you to activate/deactivate this static route.
Chapter 16 Static Route Screens 166 NBG318S User’s Guide
CHAPTER 17 Bandwidth Management This chapter contains information about configuring bandwidth management, editing rules and viewing the NBG318S’s bandwidth management logs. 17.1 Bandwidth Management Overview ZyXEL’s Bandwidth Management allows you to specify bandwidth management rules based on an application and/or subnet. You can allocate specific amounts of bandwidth capacity (bandwidth budgets) to different bandwidth rules.
Chapter 17 Bandwidth Management The following figure shows LAN subnets. You could configure one bandwidth class for subnet A and another for subnet B. Figure 90 Subnet-based Bandwidth Management Example 17.4 Application and Subnet-based Bandwidth Management You could also create bandwidth classes based on a combination of a subnet and an application. The following example table shows bandwidth allocations for application specific traffic from separate LAN subnets.
Chapter 17 Bandwidth Management Table 63 Bandwidth Management Priorities PRIORITY LEVELS: TRAFFIC WITH A HIGHER PRIORITY GETS THROUGH FASTER WHILE TRAFFIC WITH A LOWER PRIORITY IS DROPPED IF THE NETWORK IS CONGESTED. Mid Typically used for “excellent effort” or better than best effort and would include important business traffic that can tolerate some delay.
Chapter 17 Bandwidth Management 17.6.1 Services and Port Numbers The commonly used services and port numbers are shown in Appendix F on page 287. 17.6.2 Default Bandwidth Management Classes and Priorities If you enable bandwidth management but do not configure a rule for critical traffic like VoIP, the voice traffic may then get delayed due to insufficient bandwidth.
Chapter 17 Bandwidth Management The following table describes the labels in this screen. Table 66 Management > Bandwidth MGMT > General LABEL DESCRIPTION Enable Bandwidth Management Select this check box to have the NBG318S apply bandwidth management. Enable bandwidth management to give traffic that matches a bandwidth rule priority over traffic that does not match a bandwidth rule.
Chapter 17 Bandwidth Management The following table describes the labels in this screen. Table 67 Management > Bandwidth MGMT > Advanced LABEL DESCRIPTION Check my upstream bandwidth Click the Detection button to check the size of your upstream bandwidth. Upstream Bandwidth (kbps) Enter the amount of bandwidth in kbps (2 to 100,000) that you want to allocate for traffic. 20 kbps to 20,000 kbps is recommended.
Chapter 17 Bandwidth Management Figure 93 Management > Bandwidth MGMT > Advanced: Rule Configuration The following table describes the labels in this screen. Table 68 Management > Bandwidth MGMT > Advanced: Application Rule Configuration LABEL DESCRIPTION # This is the number of an individual bandwidth management rule. Enable Select an interface’s check box to enable bandwidth management on that interface. Direction These read-only labels represent the physical interfaces.
Chapter 17 Bandwidth Management Figure 94 Management > Bandwidth MGMT > Advanced: User-defined Service Rule Configuration The following table describes the labels in this screen Table 69 Management > Bandwidth MGMT > Advanced: User-defined Service Rule Configuration LABEL DESCRIPTION BW Budget Select Maximum Bandwidth or Minimum Bandwidth and specify the maximum or minimum bandwidth allowed for the rule in kilobits per second.
Chapter 17 Bandwidth Management Figure 95 Management > Bandwidth MGMT > Monitor NBG318S User’s Guide 175
Chapter 17 Bandwidth Management 176 NBG318S User’s Guide
CHAPTER 18 Remote Management This chapter provides information on the Remote Management screens. 18.1 Remote Management Overview Remote management allows you to determine which services/protocols can access which NBG318S interface (if any) from which computers. " When you configure remote management to allow management from the WAN, you still need to configure a firewall rule to allow access. See the firewall chapters for details on configuring firewall rules.
Chapter 18 Remote Management 1 You have disabled that service in one of the remote management screens. 2 The IP address in the Secured Client IP Address field does not match the client IP address. If it does not match, the NBG318S will disconnect the session immediately. 3 There is already another remote management session with an equal or higher priority running. You may only have one remote management session running at one time. 4 There is a firewall rule that blocks it. 18.1.
Chapter 18 Remote Management Figure 97 Telnet Configuration on a TCP/IP Network 18.4 Telnet Screen To change your NBG318S’s Telnet settings, click Management > Remote MGMT > Telnet. The following screen displays. Figure 98 Management > Remote MGMT > Telnet The following table describes the labels in this screen.
Chapter 18 Remote Management 18.5 FTP Screen You can upload and download the NBG318S’s firmware and configuration files using FTP, please see the chapter on firmware and configuration file maintenance for details. To use this feature, your computer must have an FTP client. To change your NBG318S’s FTP settings, click Management > Remote MGMT > FTP. The screen appears as shown. Figure 99 Management > Remote MGMT > FTP The following table describes the labels in this screen.
Chapter 18 Remote Management Figure 100 Management > Remote MGMT > DNS The following table describes the labels in this screen. Table 73 Management > Remote MGMT > DNS LABEL DESCRIPTION Server Port The DNS service port number is 53 and cannot be changed here. Server Access Select the interface(s) through which a computer may send DNS queries to the NBG318S. Secured Client IP Address A secured client is a “trusted” computer that is allowed to send DNS queries to the NBG318S.
Chapter 18 Remote Management 182 NBG318S User’s Guide
CHAPTER 19 Universal Plug-and-Play (UPnP) This chapter introduces the UPnP feature in the web configurator. 19.1 Introducing Universal Plug and Play Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices. A UPnP device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network.
Chapter 19 Universal Plug-and-Play (UPnP) When a UPnP device joins a network, it announces its presence with a multicast message. For security reasons, the NBG318S allows multicast messages on the LAN only. All UPnP-enabled devices may communicate freely with each other without additional configuration. Disable UPnP if this is not your intention. 19.2 UPnP and ZyXEL ZyXEL has achieved UPnP certification from the Universal Plug and Play Forum UPnP™ Implementers Corp. (UIC).
Chapter 19 Universal Plug-and-Play (UPnP) Table 74 Management > UPnP > General LABEL DESCRIPTION Apply Click Apply to save the setting to the NBG318S. Cancel Click Cancel to return to the previously saved settings. 19.4 Installing UPnP in Windows Example This section shows how to install UPnP in Windows Me and Windows XP. 19.4.0.1 Installing UPnP in Windows Me Follow the steps below to install the UPnP in Windows Me. 1 Click Start and Control Panel. Double-click Add/Remove Programs.
Chapter 19 Universal Plug-and-Play (UPnP) Figure 103 Add/Remove Programs: Windows Setup: Communication: Components 4 Click OK to go back to the Add/Remove Programs Properties window and click Next. 5 Restart the computer when prompted. Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. 1 Click Start and Control Panel. 2 Double-click Network Connections. 3 In the Network Connections window, click Advanced in the main menu and select Optional Networking Components ….
Chapter 19 Universal Plug-and-Play (UPnP) Figure 105 Windows Optional Networking Components Wizard 5 In the Networking Services window, select the Universal Plug and Play check box. Figure 106 Networking Services 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next.
Chapter 19 Universal Plug-and-Play (UPnP) 19.4.0.2 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the NBG318S. Make sure the computer is connected to a LAN port of the NBG318S. Turn on your computer and the NBG318S. Auto-discover Your UPnP-enabled Network Device 1 Click Start and Control Panel. Double-click Network Connections. An icon displays under Internet Gateway.
Chapter 19 Universal Plug-and-Play (UPnP) Figure 108 Internet Connection Properties 4 You may edit or delete the port mappings or click Add to manually add port mappings.
Chapter 19 Universal Plug-and-Play (UPnP) Figure 109 Internet Connection Properties: Advanced Settings Figure 110 Internet Connection Properties: Advanced Settings: Add 5 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. 6 Select Show icon in notification area when connected option and click OK. An icon displays in the system tray.
Chapter 19 Universal Plug-and-Play (UPnP) Figure 111 System Tray Icon 7 Double-click on the icon to display your current Internet connection status. Figure 112 Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the NBG318S without finding out the IP address of the NBG318S first. This comes helpful if you do not know the IP address of the NBG318S. Follow the steps below to access the web configurator. 1 Click Start and then Control Panel.
Chapter 19 Universal Plug-and-Play (UPnP) Figure 113 Network Connections 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click on the icon for your NBG318S and select Invoke. The web configurator login screen displays.
Chapter 19 Universal Plug-and-Play (UPnP) Figure 114 Network Connections: My Network Places 6 Right-click on the icon for your NBG318S and select Properties. A properties window displays with basic information about the NBG318S.
Chapter 19 Universal Plug-and-Play (UPnP) 194 NBG318S User’s Guide
P ART V Maintenance and Troubleshooting System (197) Logs (201) Tools (215) Configuration Mode (221) Sys Op Mode (223) Language (227) Troubleshooting (229) 195
CHAPTER 20 System This chapter provides information on the System screens. 20.1 System Overview See the chapter about wizard setup for more information on the next few screens. 20.2 System General Screen Click Maintenance > System. The following screen displays. Figure 116 Maintenance > System > General The following table describes the labels in this screen.
Chapter 20 System Table 75 Maintenance > System > General LABEL DESCRIPTION Administrator Inactivity Timer Type how many minutes a management session can be left idle before the session times out. The default is 5 minutes. After it times out you have to log in with your password again. Very long idle timeouts may have security risks. A value of "0" means a management session never times out, no matter how long it has been left idle (not recommended).
Chapter 20 System The following table describes the labels in this screen. Table 76 Maintenance > System > Time Setting LABEL DESCRIPTION Current Time and Date Current Time This field displays the time of your NBG318S. Each time you reload this page, the NBG318S synchronizes the time with the time server. Current Date This field displays the date of your NBG318S. Each time you reload this page, the NBG318S synchronizes the date with the time server.
Chapter 20 System Table 76 Maintenance > System > Time Setting 200 LABEL DESCRIPTION End Date Configure the day and time when Daylight Saving Time ends if you selected Daylight Savings. The o'clock field uses the 24 hour format. Here are a couple of examples: Daylight Saving Time ends in the United States on the last Sunday of October. Each time zone in the United States stops using Daylight Saving Time at 2 A.M. local time.
CHAPTER 21 Logs This chapter contains information about configuring general log settings and viewing the NBG318S’s logs. Refer to the appendices for example log message explanations. 21.1 View Log The web configurator allows you to look at all of the NBG318S’s logs in one location. Click Maintenance > Logs to open the View Log screen. Use the View Log screen to see the logs for the categories that you selected in the Log Settings screen (see Section 21.2 on page 202).
Chapter 21 Logs The following table describes the labels in this screen. Table 77 Maintenance > Logs > View Log LABEL DESCRIPTION Display The categories that you select in the Log Settings page (see Section 21.2 on page 202) display in the drop-down list box. Select a category of logs to view; select All Logs to view logs from all of the log categories that you selected in the Log Settings page.
Chapter 21 Logs Figure 119 Maintenance > Logs > Log Settings The following table describes the labels in this screen. Table 78 Maintenance > Logs > Log Settings LABEL DESCRIPTION E-mail Log Settings Mail Server Enter the server name or the IP address of the mail server for the e-mail addresses specified below. If this field is left blank, logs and alert messages will not be sent via E-mail.
Chapter 21 Logs Table 78 Maintenance > Logs > Log Settings LABEL DESCRIPTION Send Alerts To Alerts are real-time notifications that are sent as soon as an event, such as a DoS attack, system error, or forbidden web access attempt occurs. Enter the Email address where the alert messages will be sent. Alerts include system errors, attacks and attempted access to blocked web sites. If this field is left blank, alert messages will not be sent via E-mail.
Chapter 21 Logs 21.3 Log Descriptions This section provides descriptions of example log messages. Table 79 System Maintenance Logs LOG MESSAGE DESCRIPTION Time calibration is successful The router has adjusted its time based on information from the time server. Time calibration failed The router failed to get information from the time server. WAN interface gets IP:%s A WAN interface got a new IP address from the DHCP, PPPoE, PPTP or dial-up server.
Chapter 21 Logs Table 80 System Error Logs LOG MESSAGE DESCRIPTION %s exceeds the max. number of session per host! This attempt to create a NAT session exceeds the maximum number of NAT session table entries allowed to be created per host. setNetBIOSFilter: calloc error The router failed to allocate memory for the NetBIOS filter settings. readNetBIOSFilter: calloc error The router failed to allocate memory for the NetBIOS filter settings. WAN connection is down. A WAN connection is down.
Chapter 21 Logs Table 82 TCP Reset Logs (continued) LOG MESSAGE DESCRIPTION Firewall session time out, sent TCP RST The router sent a TCP reset packet when a dynamic firewall session timed out. The default timeout values are as follows: ICMP idle timeout: 3 minutes UDP idle timeout: 3 minutes TCP connection (three way handshaking) timeout: 270 seconds TCP FIN-wait timeout: 2 MSL (Maximum Segment Lifetime set in the TCP header).
Chapter 21 Logs Table 85 CDR Logs LOG MESSAGE DESCRIPTION board%d line%d channel%d, call%d,%s C01 Outgoing Call dev=%x ch=%x%s The router received the setup requirements for a call. “call” is the reference (count) number of the call. “dev” is the device type (3 is for dial-up, 6 is for PPPoE, 10 is for PPTP). "channel" or “ch” is the call channel ID.For example,"board 0 line 0 channel 0, call 3, C01 Outgoing Call dev=6 ch=0 "Means the router has dialed to the PPPoE server 3 times.
Chapter 21 Logs Table 88 Content Filtering Logs (continued) LOG MESSAGE DESCRIPTION %s: Proxy mode detected The router detected proxy mode in the packet. %s The content filter server responded that the web site is in the blocked category list, but it did not return the category type. %s:%s The content filter server responded that the web site is in the blocked category list, and returned the category type.
Chapter 21 Logs Table 89 Attack Logs (continued) LOG MESSAGE DESCRIPTION teardrop UDP The firewall detected an UDP teardrop attack. teardrop ICMP (type:%d, code:%d) The firewall detected an ICMP teardrop attack. For type and code details, see Table 93 on page 212. illegal command TCP The firewall detected a TCP illegal command attack. NetBIOS TCP The firewall detected a TCP NetBIOS attack.
Chapter 21 Logs Table 90 PKI Logs (continued) LOG MESSAGE DESCRIPTION Failed to decode the received ca cert The router received a corrupted certification authority certificate from the LDAP server whose address and port are recorded in the Source field. Failed to decode the received user cert The router received a corrupted user certificate from the LDAP server whose address and port are recorded in the Source field.
Chapter 21 Logs Table 91 802.1X Logs (continued) LOG MESSAGE DESCRIPTION Local User Database does not support authentication method. A user tried to use an authentication method that the local user database does not support (it only supports EAP-MD5). No response from RADIUS. Pls check RADIUS Server. There is no response message from the RADIUS server, please check the RADIUS server. Use Local User Database to authenticate user. The local user database is operating as the authentication server.
Chapter 21 Logs Table 93 ICMP Notes (continued) TYPE CODE DESCRIPTION 2 Redirect datagrams for the Type of Service and Network 3 Redirect datagrams for the Type of Service and Host Echo 8 0 Echo message Time Exceeded 11 0 Time to live exceeded in transit 1 Fragment reassembly time exceeded Parameter Problem 12 0 Pointer indicates the error Timestamp 13 0 Timestamp request message Timestamp Reply 14 0 Timestamp reply message Information Request 15 0 Information request message Information
Chapter 21 Logs Table 95 RFC-2408 ISAKMP Payload Types (continued) 214 LOG DISPLAY PAYLOAD TYPE SIG Signature NONCE Nonce NOTFY Notification DEL Delete VID Vendor ID NBG318S User’s Guide
CHAPTER 22 Tools This chapter shows you how to upload a new firmware, upload or save backup configuration files and restart the NBG318S. 22.1 Firmware Upload Screen Find firmware at www.zyxel.com in a file that (usually) uses the system model name with a “*.bin” extension, e.g., “NBG318S.bin”. The upload process uses HTTP (Hypertext Transfer Protocol) and may take up to two minutes. After a successful upload, the system will reboot.
Chapter 22 Tools After you see the Firmware Upload In Process screen, wait two minutes before logging into the NBG318S again. Figure 121 Upload Warning The NBG318S automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 122 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen.
Chapter 22 Tools Figure 124 Maintenance > Tools > Configuration 22.2.1 Backup Configuration Backup configuration allows you to back up (save) the NBG318S’s current configuration to a file on your computer. Once your NBG318S is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes. The backup configuration file will be useful in case you need to return to your previous settings.
Chapter 22 Tools Figure 125 Configuration Restore Successful The NBG318S automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 126 Temporarily Disconnected If you uploaded the default configuration file you may need to change the IP address of your computer to be in the same subnet as that of the default NBG318S IP address (192.168.1.1).
Chapter 22 Tools Click Maintenance > Tools > Restart. Click Restart to have the NBG318S reboot. This does not affect the NBG318S's configuration.
Chapter 22 Tools 220 NBG318S User’s Guide
CHAPTER 23 Configuration Mode Click Maintenance > Config Mode to open the following screen. This screen allows you to hide or display the advanced screens of some features or the advanced features, such as MAC filter or static route. Basic is selected by default and you cannot see the advanced screens or features. If you want to view and configure all screens including the advanced ones, select Advanced and click Apply.
Chapter 23 Configuration Mode Table 99 Advanced Configuration Options CATEGORY LINK TAB Network Wireless LAN MAC Filter Advanced QoS WAN Advanced LAN IP Alias Advanced Security Management DHCP Server Advanced NAT Advanced Firewall Services Content Filter Schedule Static Route IP Static Route Bandwidth MGMT Advanced Monitor Remote MGMT Telnet FTP DNS Maintenance 222 Logs Log Settings NBG318S User’s Guide
CHAPTER 24 Sys Op Mode 24.1 Selecting System Operation Mode Use this screen to select how you connect to the Internet. Figure 130 Maintenance > Sys OP Mode > General The figure below shows devices connecting to the Internet through a DSL connection. Select Router(Ethernet WAN) in the screen if you connect to the Internet as shown in diagram. Figure 131 System Operation Mode: Ethernet WAN The figure below shows the NBG318S connecting to the Internet as an access point.
Chapter 24 Sys Op Mode Figure 132 System Operation Mode: Access Point The figure below shows a network connecting to the Internet through a HomePlug connection. Select Router(HomePlug WAN) in the screen if you connect to the Internet as shown in the diagram. Figure 133 System Operation Mode: HomePlug WAN The following table describes the labels in the screen.
Chapter 24 Sys Op Mode " If you select the incorrect System Operation Mode you cannot connect to the Internet.
Chapter 24 Sys Op Mode 226 NBG318S User’s Guide
CHAPTER 25 Language Use this screen to select the language in which the web configurator displays. 25.1 Selecting Language Click Maintenance > Language. The following screen displays. Figure 134 Maintenance > Language Click the button for language you want to use. The web configurator reloads and displays in the selected language.
Chapter 25 Language 228 NBG318S User’s Guide
CHAPTER 26 Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • • • • • • • Power, Hardware Connections, and LEDs NBG318S Access and Login Internet Access Resetting the NBG318S to Its Factory Defaults Wireless Router/AP Troubleshooting HomePlug AV Troubleshooting Advanced Features 26.1 Power, Hardware Connections, and LEDs V The NBG318S does not turn on. None of the LEDs turn on.
Chapter 26 Troubleshooting 26.2 NBG318S Access and Login V I forgot the IP address for the NBG318S. 1 The default IP address is 192.168.1.1. 2 If you changed the IP address and have forgotten it, you might get the IP address of the NBG318S by looking up the IP address of the default gateway for your computer. To do this in most Windows computers, click Start > Run, enter cmd, and then enter ipconfig.
Chapter 26 Troubleshooting 6 If the problem continues, contact the network administrator or vendor, or try one of the advanced suggestions. Advanced Suggestions • Try to access the NBG318S using another service, such as Telnet. If you can access the NBG318S, check the remote management settings and firewall rules to find out why the NBG318S does not respond to HTTP. • If your computer is connected to the WAN port or is connected wirelessly, use a computer that is connected to a LAN/ETHERNET port.
Chapter 26 Troubleshooting 1 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide. 2 Make sure you entered your ISP account information correctly in the wizard. These fields are case-sensitive, so make sure [Caps Lock] is not on. 3 If you are trying to access the Internet wirelessly, make sure the wireless settings in the wireless client are the same as the settings in the AP.
Chapter 26 Troubleshooting • Check the settings for QoS. If it is disabled, you might consider activating it. If it is enabled, you might consider raising or lowering the priority for some applications. 26.4 Resetting the NBG318S to Its Factory Defaults If you reset the NBG318S, you lose all of the changes you have made. The NBG318S re-loads its default settings, and the password resets to 1234. You have to make all of your changes again.
Chapter 26 Troubleshooting 26.6 HomePlug AV Troubleshooting V I cannot start my powerline device. Check your power supply is working. Powerline adapters operate from the power supplied by your home wiring and cannot operate without a working power supply. Remove the powerline adapter from the outlet. Then connect an electrical device that you know works into the same outlet. This checks the status of the power outlet. V The HomePlug light does not turn on.
Chapter 26 Troubleshooting 3 Your powerline adapters may be placed close to electrical devices such as electrical insect-killers which produce radio waves. These may interfere with the powerline signals. Move the adapters further away from such electrical devices. 4 Your wiring may be old and/or low quality or with a long wiring path. 26.7 ENCRYPT Button Problems This section applies only to NBG318Ss with the ENCRYPT button.
Chapter 26 Troubleshooting 26.8 Advanced Features V I can log in, but I cannot see some of the screens or fields in the Web Configurator. You may be accessing the Web Configurator in Basic mode. Some screens and fields are available only in Advanced mode. Use the Maintenance > Config Mode screen to select Advanced mode. V I set up URL keyword blocking, but I can still access a Web site that should be blocked.
P ART VI Appendices and Index Product Specifications and Wall-Mounting Instructions (239) Pop-up Windows, JavaScripts and Java Permissions (245) IP Addresses and Subnetting (251) Setting up Your Computer’s IP Address (259) Wireless LANs (275) Services (287) Legal Information (291) Customer Support (295) Index (301) 237
APPENDIX A Product Specifications and WallMounting Instructions The following tables summarize the NBG318S’s hardware and firmware features. Table 101 Hardware Features Dimensions (W x D x H) 162 x 118 x 35 mm Power Specification 120-240 VAC, 50/60 Hz Ethernet ports Auto-negotiating: This auto-negotiation feature allows the NBG318S to detect the speed of incoming transmissions and adjust appropriately without manual intervention.
Appendix A Product Specifications and Wall-Mounting Instructions Table 101 Hardware Features Screw size for wallmounting M4 Certifications Safety ANSI/UL-1950 3rd, CSA C22.2 No. 950 3rd, EN60950 (1992+A1+A2+A3+A4+A11), IEC 60950 3rd EMI FCC Part 15 Class B, EN55022 Class B, EN61000-3-2, EN61000-3-3 EMS EN61000-4-2/3/4/5/6/8/11 Table 102 Firmware Features FEATURE DESCRIPTION Default IP Address 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) Default Password 1234 DHCP Pool 192.168.1.
Appendix A Product Specifications and Wall-Mounting Instructions Table 102 Firmware Features FEATURE DESCRIPTION Network Address Translation (NAT) Each computer on your network must have its own unique IP address. Use NAT to convert a single public IP address to multiple private IP addresses for the computers on your network. Firewall You can configure firewall on the ZyXEL Device for secure Internet access.
Appendix A Product Specifications and Wall-Mounting Instructions The following list, which is not exhaustive, illustrates the standards supported in the NBG318S. Table 103 Standards Supported STANDARD DESCRIPTION RFC 867 Daytime Protocol RFC 868 Time Protocol. RFC 1112 IGMP v1 RFC 1305 Network Time Protocol (NTP version 3) RFC 1631 IP Network Address Translator (NAT) RFC 1661 The Point-to-Point Protocol (PPP) RFC 2236 Internet Group Management Protocol, Version 2.
Appendix A Product Specifications and Wall-Mounting Instructions 1 Be careful to avoid damaging pipes or cables located inside the wall when drilling holes for the screws. 3 Do not screw the screws all the way into the wall. Leave a small gap of about 0.5 cm between the heads of the screws and the wall. 4 Make sure the screws are snugly fastened to the wall. They need to hold the weight of the NBG318S with the connection cables. 5 Align the holes on the back of the NBG318S with the screws on the wall.
Appendix A Product Specifications and Wall-Mounting Instructions Figure 136 Masonry Plug and M4 Tap Screw 244 NBG318S User’s Guide
APPENDIX B Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). " Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device.
Appendix B Pop-up Windows, JavaScripts and Java Permissions 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 138 Internet Options: Privacy 3 Click Apply to save this setting. Enable pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 In Internet Explorer, select Tools, Internet Options and then the Privacy tab.
Appendix B Pop-up Windows, JavaScripts and Java Permissions Figure 139 Internet Options: Privacy 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. 4 Click Add to move the IP address to the list of Allowed sites.
Appendix B Pop-up Windows, JavaScripts and Java Permissions 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. 1 In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 141 Internet Options: Security 2 3 4 5 6 248 Click the Custom Level... button. Scroll down to Scripting.
Appendix B Pop-up Windows, JavaScripts and Java Permissions Figure 142 Security Settings - Java Scripting Java Permissions 1 2 3 4 5 From Internet Explorer, click Tools, Internet Options and then the Security tab. Click the Custom Level... button. Scroll down to Microsoft VM. Under Java permissions make sure that a safety level is selected. Click OK to close the window.
Appendix B Pop-up Windows, JavaScripts and Java Permissions JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for
APPENDIX C IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
Appendix C IP Addresses and Subnetting Figure 145 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation). The term “subnet” is short for “subnetwork”. A subnet mask has 32 bits.
Appendix C IP Addresses and Subnetting Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks. Table 105 Subnet Masks BINARY DECIMAL 1ST OCTET 2ND OCTET 3RD OCTET 4TH OCTET 8-bit mask 11111111 00000000 00000000 00000000 255.0.0.0 16-bit mask 11111111 11111111 00000000 00000000 255.255.0.0 24-bit mask 11111111 11111111 11111111 00000000 255.255.255.
Appendix C IP Addresses and Subnetting Table 107 Alternative Subnet Mask Notation (continued) SUBNET MASK ALTERNATIVE NOTATION LAST OCTET (BINARY) LAST OCTET (DECIMAL) 255.255.255.192 /26 1100 0000 192 255.255.255.224 /27 1110 0000 224 255.255.255.240 /28 1111 0000 240 255.255.255.248 /29 1111 1000 248 255.255.255.252 /30 1111 1100 252 Subnetting You can use subnetting to divide one network into multiple sub-networks.
Appendix C IP Addresses and Subnetting Figure 147 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 27 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address). 192.168.1.0 with mask 255.255.255.128 is subnet A itself, and 192.168.1.127 with mask 255.255.255.128 is its broadcast address.
Appendix C IP Addresses and Subnetting Table 109 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 64 IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.64 Lowest Host ID: 192.168.1.65 Broadcast Address: 192.168.1.127 Highest Host ID: 192.168.1.126 Table 110 Subnet 3 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1.
Appendix C IP Addresses and Subnetting Table 112 Eight Subnets (continued) SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BROADCAST ADDRESS 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 225 254 255 Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 113 24-bit Network Number Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 1 255.255.255.
Appendix C IP Addresses and Subnetting Table 114 16-bit Network Number Subnet Planning (continued) NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 14 255.255.255.252 (/30) 16384 2 15 255.255.255.254 (/31) 32768 1 Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
APPENDIX D Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ IP on your computer. Windows 3.1 requires the purchase of a third-party TCP/IP application package.
Appendix D Setting up Your Computer’s IP Address Figure 148 WIndows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add. 2 Select Adapter and then click Add. 3 Select the manufacturer and model of your network adapter and then click OK.
Appendix D Setting up Your Computer’s IP Address Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab. • If your IP address is dynamic, select Obtain an IP address automatically. • If you have a static IP address, select Specify an IP address and type your information into the IP Address and Subnet Mask fields. Figure 149 Windows 95/98/Me: TCP/IP Properties: IP Address 3 Click the DNS Configuration tab.
Appendix D Setting up Your Computer’s IP Address Figure 150 Windows 95/98/Me: TCP/IP Properties: DNS Configuration 4 Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add. 5 Click OK to save and close the TCP/IP Properties window. 6 Click OK to close the Network window. Insert the Windows CD if prompted. 7 Turn on your Prestige and restart your computer when prompted.
Appendix D Setting up Your Computer’s IP Address Figure 151 Windows XP: Start Menu 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 152 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties.
Appendix D Setting up Your Computer’s IP Address Figure 153 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 154 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). • If you have a dynamic IP address click Obtain an IP address automatically.
Appendix D Setting up Your Computer’s IP Address Figure 155 Windows XP: Internet Protocol (TCP/IP) Properties 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: • In the IP Settings tab, in IP addresses, click Add. • In TCP/IP Address, type an IP address in IP address and a subnet mask in Subnet mask, and then click Add.
Appendix D Setting up Your Computer’s IP Address Figure 156 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
Appendix D Setting up Your Computer’s IP Address Figure 157 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 10 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT). 11 Turn on your Prestige and restart your computer (if prompted).
Appendix D Setting up Your Computer’s IP Address Figure 158 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 159 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list.
Appendix D Setting up Your Computer’s IP Address • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your Prestige in the Router address box. 5 Close the TCP/IP Control Panel. 6 Click Save if prompted, to save changes to your configuration. 7 Turn on your Prestige and restart your computer (if prompted). Verifying Settings Check your TCP/IP properties in the TCP/IP Control Panel window.
Appendix D Setting up Your Computer’s IP Address Figure 161 Macintosh OS X: Network 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your Prestige in the Router address box. 5 Click Apply Now and close the window. 6 Turn on your Prestige and restart your computer (if prompted).
Appendix D Setting up Your Computer’s IP Address " Make sure you are logged in as the root administrator. Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE. 1 Click the Red Hat button (located on the bottom left corner), select System Setting and click Network. Figure 162 Red Hat 9.0: KDE: Network Configuration: Devices 2 Double-click on the profile of the network card you wish to configure.
Appendix D Setting up Your Computer’s IP Address Figure 163 Red Hat 9.0: KDE: Ethernet Device: General • If you have a dynamic IP address click Automatically obtain IP address settings with and select dhcp from the drop down list. • If you have a static IP address click Statically set IP Addresses and fill in the Address, Subnet mask, and Default Gateway Address fields. 3 Click OK to save the changes and close the Ethernet Device General screen.
Appendix D Setting up Your Computer’s IP Address Figure 165 Red Hat 9.0: KDE: Network Configuration: Activate 7 After the network card restart process is complete, make sure the Status is Active in the Network Configuration screen. Using Configuration Files Follow the steps below to edit the network configuration files and set your computer IP address. 1 Assuming that you have only one network card on the computer, locate the ifconfigeth0 configuration file (where eth0 is the name of the Ethernet card).
Appendix D Setting up Your Computer’s IP Address 2 If you know your DNS server IP address(es), enter the DNS server information in the resolv.conf file in the /etc directory. The following figure shows an example where two DNS server IP addresses are specified. Figure 168 Red Hat 9.0: DNS Settings in resolv.conf nameserver 172.23.5.1 nameserver 172.23.5.2 3 After you edit and save the configuration files, you must restart the network card. Enter./network restart in the /etc/rc.d/init.d directory.
APPENDIX E Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless stations (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an Ad-hoc network or Independent Basic Service Set (IBSS).
Appendix E Wireless LANs Figure 172 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This type of wireless LAN topology is called an Infrastructure WLAN. The Access Points not only provide communication with the wired network but also mediate wireless network traffic in the immediate neighborhood.
Appendix E Wireless LANs Figure 173 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by IEEE 802.11a/b/g wireless devices. Channels available depend on your geographical area. You may have a choice of channels (for your region) so you should use a different channel than an adjacent AP (access point) to reduce interference. Interference occurs when radio signals from different access points overlap causing interference and degrading performance.
Appendix E Wireless LANs Figure 174 RTS/CTS When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations. RTS/CTS is designed to prevent collisions due to hidden nodes.
Appendix E Wireless LANs If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. Preamble Type A preamble is used to synchronize the transmission timing in your wireless network. There are two preamble modes: Long and Short.
Appendix E Wireless LANs • User based identification that allows for roaming. • Support for RADIUS (Remote Authentication Dial In User Service, RFC 2138, 2139) for centralized user profile and accounting management on a network RADIUS server. • Support for EAP (Extensible Authentication Protocol, RFC 2486) that allows additional authentication methods to be deployed with no changes to the access point or the wireless stations.
Appendix E Wireless LANs In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password, they both know. The key is not sent over the network. In addition to the shared key, password information exchanged is also encrypted to protect the network from unauthorized access. Types of Authentication This appendix discusses some popular authentication types: EAP-MD5, EAP-TLS, EAPTTLS, PEAP and LEAP.
Appendix E Wireless LANs PEAP (Protected EAP) Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is implemented only by Cisco.
Appendix E Wireless LANs Key differences between WPA(2) and WEP are improved data encryption and user authentication. Encryption Both WPA and WPA2 improve data encryption by using Temporal Key Integrity Protocol (TKIP), Message Integrity Check (MIC) and IEEE 802.1x. In addition to TKIP, WPA2 also uses Advanced Encryption Standard (AES) in the Counter mode with Cipher block chaining Message authentication code Protocol (CCMP) to offer stronger encryption.
Appendix E Wireless LANs 26.8.2 WPA(2)-PSK Application Example A WPA(2)-PSK application looks as follows. 1 First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key (PSK) must consist of between 8 and 63 ASCII characters (including spaces and symbols). 2 The AP checks each wireless client's password and (only) allows it to join the network if the password matches. 3 The AP derives and distributes keys to the wireless clients.
Appendix E Wireless LANs Security Parameters Summary Refer to this table to see what other security parameters you should configure for each Authentication Method/ key management protocol type. MAC address filters are not dependent on how you configure these security features. Table 117 Wireless Security Relational Matrix AUTHENTICATION ENCRYPTIO METHOD/ KEY MANAGEMENT PROTOCOL N METHOD ENTER MANUAL KEY IEEE 802.
Appendix E Wireless LANs 286 NBG318S User’s Guide
APPENDIX F Services The following table lists some commonly-used services and their associated protocols and port numbers. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like. • Protocol: This is the type of IP protocol used by the service. If this is TCP/UDP, then the service uses the same port number with TCP and UDP. If this is User-Defined, the Port(s) is the IP protocol number, not the port number.
Appendix F Services Table 118 Examples of Services (continued) 288 NAME PROTOCOL PORT(S) DESCRIPTION H.323 TCP 1720 NetMeeting uses this protocol. HTTP TCP 80 Hyper Text Transfer Protocol - a client/ server protocol for the world wide web. HTTPS TCP 443 HTTPS is a secured http session often used in e-commerce. ICMP User-Defined 1 Internet Control Message Protocol is often used for diagnostic purposes. ICQ UDP 4000 This is a popular Internet chat program.
Appendix F Services Table 118 Examples of Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION PPTP_TUNNEL (GRE) User-Defined 47 PPTP (Point-to-Point Tunneling Protocol) enables secure transfer of data over public networks. This is the data channel. RCMD TCP 512 Remote Command Service. REAL_AUDIO TCP 7070 A streaming audio service that enables real time sound over the web. REXEC TCP 514 Remote Execution Daemon. RLOGIN TCP 513 Remote Login.
Appendix F Services Table 118 Examples of Services (continued) 290 NAME PROTOCOL PORT(S) DESCRIPTION TFTP UDP 69 Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). VDOLIVE TCP UDP 7000 userdefined A videoconferencing solution. The UDP port number is specified in the application.
APPENDIX G Legal Information Copyright Copyright © 2008 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
Appendix G Legal Information If this device does cause harmful interference to radio/television reception, which can be determined by turning the device off and on, the user is encouraged to try to correct the interference by one or more of the following measures: 1 Reorient or relocate the receiving antenna. 2 Increase the separation between the equipment and the receiver. 3 Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
Appendix G Legal Information 3 Select the certification you wish to view from this page. ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase.
Appendix G Legal Information 294 NBG318S User’s Guide
APPENDIX H Customer Support Please have the following information ready when you contact customer support. Required Information • • • • Product model and serial number. Warranty Information. Date that you received your device. Brief description of the problem and the steps you took to solve it. “+” is the (prefix) number you dial to make an international telephone call. Corporate Headquarters (Worldwide) • • • • • • • Support E-mail: support@zyxel.com.tw Sales E-mail: sales@zyxel.com.
Appendix H Customer Support • Regular Mail: ZyXEL Communications, Czech s.r.o., Modranská 621, 143 01 Praha 4 Modrany, Ceská Republika Denmark • • • • • • Support E-mail: support@zyxel.dk Sales E-mail: sales@zyxel.dk Telephone: +45-39-55-07-00 Fax: +45-39-55-07-07 Web: www.zyxel.dk Regular Mail: ZyXEL Communications A/S, Columbusvej, 2860 Soeborg, Denmark Finland • • • • • • Support E-mail: support@zyxel.fi Sales E-mail: sales@zyxel.fi Telephone: +358-9-4780-8411 Fax: +358-9-4780-8448 Web: www.zyxel.
Appendix H Customer Support India • • • • • • Support E-mail: support@zyxel.in Sales E-mail: sales@zyxel.in Telephone: +91-11-30888144 to +91-11-30888153 Fax: +91-11-30888149, +91-11-26810715 Web: http://www.zyxel.in Regular Mail: India - ZyXEL Technology India Pvt Ltd., II-Floor, F2/9 Okhla Phase -1, New Delhi 110020, India Japan • • • • • • Support E-mail: support@zyxel.co.jp Sales E-mail: zyp@zyxel.co.jp Telephone: +81-3-6847-3700 Fax: +81-3-6847-3705 Web: www.zyxel.co.
Appendix H Customer Support • Regular Mail: ZyXEL Communications Inc., 1130 N. Miller St., Anaheim, CA 928062001, U.S.A. Norway • • • • • • Support E-mail: support@zyxel.no Sales E-mail: sales@zyxel.no Telephone: +47-22-80-61-80 Fax: +47-22-80-61-81 Web: www.zyxel.no Regular Mail: ZyXEL Communications A/S, Nils Hansens vei 13, 0667 Oslo, Norway Poland • • • • • E-mail: info@pl.zyxel.com Telephone: +48-22-333 8250 Fax: +48-22-333 8251 Web: www.pl.zyxel.com Regular Mail: ZyXEL Communications, ul.
Appendix H Customer Support Sweden • • • • • • Support E-mail: support@zyxel.se Sales E-mail: sales@zyxel.se Telephone: +46-31-744-7700 Fax: +46-31-744-7701 Web: www.zyxel.se Regular Mail: ZyXEL Communications A/S, Sjöporten 4, 41764 Göteborg, Sweden Thailand • • • • • • Support E-mail: support@zyxel.co.th Sales E-mail: sales@zyxel.co.th Telephone: +662-831-5315 Fax: +662-831-5395 Web: http://www.zyxel.co.th Regular Mail: ZyXEL Thailand Co., Ltd.
Appendix H Customer Support 300 NBG318S User’s Guide
Index Index Numerics 802.11 Mode 98 A Access point 81 See also AP. ActiveX 158 address resolution protocol (ARP) 117 Alert 202 alternative subnet mask notation 253 any IP note 117 AP 81 See also access point.
Index vs host name.
Index IP pool setup 115 LAN overview 115 LAN Setup 105 LAN setup 115 LAN TCP/IP 115 Link type 48 local (user) database 82 and encryption 83 Local Area Network 115 Log 201 NMK changing 122 M P MAC 96 MAC address 82, 105 cloning 68, 105 MAC address filter 82 MAC address filtering 96 MAC filter 96 managing the device good habits 33 using FTP. See FTP. using Telnet. See command interface. using the command interface. See command interface.
Index R RADIUS 280 Shared Secret Key 281 RADIUS Message Types 280 RADIUS Messages 280 RADIUS server 82 registration product 293 related documentation 3 Remote management 177 and NAT 178 and the firewall 177 FTP 180 limitations 177 remote management session 177 system timeout 178 Reset button 45, 218 Reset the device 45 Restore configuration 217 Restrict Web Features 158 RF (Radio Frequency) 240 RoadRunner 107 Roaming 97 RTS (Request To Send) 278 RTS Threshold 277, 278 RTS/CTS Threshold 98 S safety warning
Index weaknesses 83 User Name 146 V VoIP 169 VPN 110 W WAN IP address assignment 65 WAN advanced 113 WAN IP address 65 WAN IP address assignment 67 WAN MAC address 105 warranty 293 note 293 Web Configurator how to access 43 Overview 43 Web configurator navigating 45 Web Proxy 158 WEP Encryption 92 WEP encryption 91 WEP key 91 Wi-Fi Multimedia QoS 84 Wildcard 145 Windows Networking 120 Wireless association list 53 wireless channel 233 wireless client 81 wireless LAN 233 Wireless LAN wizard 57 Wireless net
Index 306 NBG318S User’s Guide