ericom D1000 modem Wireless N ADSL2+ 4-port Gateway Version 2.00 Edition 1, 6/2013 Quick Start Guide User’s Guide Default Login Details LAN IP Address User Name http://192.168.1.254 admin www.zyxel.
IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Screenshots and graphics in this book may differ slightly from your product due to differences in your product firmware or your computer operating system. Every effort has been made to ensure that the information in this manual is accurate.
Table of Contents Part I: User’s Guide .................................................................................................... 11 Introduction.........................................................................................................................................13 1.1 Overview ...........................................................................................................................................13 1.2 Ways to Manage the Device ................................
.5 WAN Technical Reference ................................................................................................................42 4.5.1 Encapsulation ..........................................................................................................................42 4.5.2 Multiplexing ..............................................................................................................................43 4.5.3 VPI and VCI ..........................................................
6.3 The Static DHCP Screen ...................................................................................................................81 6.4 The IP Alias Screen ..........................................................................................................................83 6.4.1 Configuring the LAN IP Alias Screen .......................................................................................83 6.5 The UPnP Screen ..................................................................
8.6 QoS Technical Reference ...............................................................................................................122 8.6.1 IEEE 802.1p ..........................................................................................................................122 8.6.2 IP Precedence .......................................................................................................................122 8.6.3 Automatic Priority Queue Assignment ........................................
13.1.2 What You Need to Know About Firewall ..............................................................................148 13.2 The Firewall General Screen ........................................................................................................149 13.3 The Default Action Screen ............................................................................................................150 13.4 The Rules Screen ................................................................................
18.2 The User Account Screen .............................................................................................................179 System Setting..................................................................................................................................181 19.1 Overview .......................................................................................................................................181 19.2 The System Screen .............................................
26.3 Internet Access ............................................................................................................................. 211 LED Descriptions..............................................................................................................................213 27.1 LED Descriptions ..........................................................................................................................213 Appendix A Legal Information.....................................
ericom D1000 modem User’s Guide
P ART I User’s Guide 11
C HAPT ER 1 Introduction 1.1 Overview The eircom D1000 modem is an ADSL2+ router that integrates DSL and NAT, and provides ease of installation and high-speed, shared Internet access. The Device is also a complete security solution with a robust firewall and content filtering. Only use firmware for your Device’s specific model. Refer to the label on the bottom of your Device. 1.2 Ways to Manage the Device Use any of the following methods to manage the Device. • Web Configurator.
Chapter 1 Introduction 1.4.1 Internet Access Your Device provides shared Internet access by connecting the DSL port to the DSL or MODEM jack on a splitter or your telephone jack. Computers can connect to the Device’s Ethernet ports (or wirelessly). Figure 1 Device’s Router Features LAN WAN DSL You can also configure firewall and filtering feature on the Device for secure Internet access.
Chapter 1 Introduction 1.4.3 Using the WPS/WLAN Button By default, the wireless network on the Device is turned on. To turn it off, simply press the WPS/ WLAN button on top of the device for over 5 seconds. When the WPS/WLAN LED is green, the wireless network is active. You can also use the WPS/WLAN button to quickly set up a secure wireless connection between the Device and a WPS-compatible client by adding one device at a time. To activate WPS: 1 Make sure the POWER LED is on and not blinking.
ericom D1000 modem User’s Guide
C HAPT ER 2 Introducing the Web Configurator 2.1 Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later versions, Mozilla Firefox 3 and later versions, or Safari 2.0 and later versions. The recommended screen resolution is 1024 by 768 pixels. In order to use the web configurator, you need to allow: • Web browser pop-up windows from your device.
Chapter 2 Introducing the Web Configurator 5 If you enter the wrong username and/or password three times, the Device lockes you out of the login screen for ten minutes and the following screen displays. Figure 4 6 Lockout Screen The following screen displays if you have not yet changed your password. It is strongly recommended you change the default password.
Chapter 2 Introducing the Web Configurator Figure 6 Change Wireless Settings Screen 7 The Connection Status screen appears. Figure 7 Connection Status 8 The System Info screen shows. You can view the Device’s interface and system information.
Chapter 2 Introducing the Web Configurator 2.2 The Web Configurator Layout Figure 8 Web Configurator Layout Screen A B C As illustrated above, the main screen is divided into these parts: • A - title bar • B - main window • C - navigation panel 2.2.1 Title Bar The title bar shows the following icon in the upper right corner. Click this icon to log out of the web configurator. Click the Help icon to go to eircom’s support website. Click the Logout icon to log out of the web configurator. 2.2.
Chapter 2 Introducing the Web Configurator If you click LAN Device on the System Info screen, the Connection Status screen appears. See Chapter 3 on page 27 for more information about the Connection Status screen. If you click Virtual Device on the System Info screen, a visual graphic appears, showing the connection status of the Device’s ports. Figure 9 Virtual Device 2.2.3 Navigation Panel Use the menu items on the navigation panel to open screens to configure Device features.
Chapter 2 Introducing the Web Configurator Table 1 Navigation Panel Summary (continued) LINK Wireless Home Networking Static Route QoS NAT Port Isolation Dynamic DNS TAB FUNCTION General Use this screen to turn the wireless connection on or off, specify the SSID(s) and configure the wireless LAN settings and WLAN authentication/security settings. More AP Use this screen to configure multiple BSSs on the Device.
Chapter 2 Introducing the Web Configurator Table 1 Navigation Panel Summary (continued) LINK TAB FUNCTION IP/MAC Filter Use this screen to configure IPv4/MAC filtering rules for incoming or outgoing traffic. IPv6/MAC Filter Use this screen to configure IPv6/MAC filtering rules for incoming or outgoing traffic. General Use this screen to activate/deactivate the firewall.
Chapter 2 Introducing the Web Configurator 24 ericom D1000 modem User’s Guide
P ART II Technical Reference 25
C HAPT ER 3 The System Info Screen 3.1 Overview After you log into the web configurator, the System Info screen shows. Use this screen to view the status of the Device. 3.
Chapter 3 The System Info Screen Each field is described in the following table. Table 2 System Info Screen LABEL DESCRIPTION Refresh Interval Select how often you want the Device to update this screen from the drop-down list box. System Model Name This is the model name of your device. Serial Number This field displays the certificate’s identification number given by the certification authority. MAC Address This is the MAC (Media Access Control) or Ethernet address unique to your Device.
Chapter 3 The System Info Screen Table 2 System Info Screen (continued) LABEL DESCRIPTION 3G Rate This shows the rate of the 3G connection if it is available. 3G IP Address This shows the IP address for the 3G connection. 3G IP Subnet Mask This shows the current subnet mask for the 3G connection. 3G Gateway This shows the IP address of the 3G connection’s default gateway. 3G Primary/ Secondary DNS This shows the first and second DNS server address assigned by the ISP.
Chapter 3 The System Info Screen Figure 11 LAN Device: List View If you want to view the connection status of the Device and its client(s), click Icon View in the Viewing mode selection box. Figure 12 LAN Device: Icon View Click on a client’s name to show an Info button. • Click it to view information about the client. Click OK to close the screen.
C HAPT ER 4 Broadband 4.1 Overview This chapter describes the Device’s Broadband screens. Use these screens to configure your Device for Internet access. A WAN (Wide Area Network) connection is an outside connection to another network or the Internet. It connects your private networks (such as a LAN (Local Area Network) and other networks, so that a computer in one location can communicate with computers in other locations. Figure 13 LAN and WAN LAN WAN 4.1.
Chapter 4 Broadband WAN IP Address The WAN IP address is an IP address for the Device, which makes it accessible from an outside network. It is used by the Device to communicate with other devices in other networks. It can be static (fixed) or dynamically assigned by the ISP each time the Device tries to access the Internet.
Chapter 4 Broadband Figure 14 Network Setting > Broadband > Internet Connection The following table describes the labels in this screen. Table 3 Network Setting > Broadband > Internet Connection LABEL DESCRIPTION Line Type Select the mode supported by your ISP. Use Auto Sync-Up if you are not sure which mode to choose from. The Device dynamically diagnoses the mode supported by the ISP and selects the best compatible one for your connection. Other options are Ethernet(ETH1), ADSL2+, ADSL2, G.DMT, T1.
Chapter 4 Broadband Table 3 Network Setting > Broadband > Internet Connection (continued) LABEL DESCRIPTION Multiplex Select the method of multiplexing used by your ISP from the drop-down list. Choices are VC-Mux or LLC. IPv6/IPv4 Dual Stack If you select IPv4/IPv6, the Device can connect to both IPv4 and IPv6 networks and choose the protocol for applications according to the address type. If you select IPv4 or IPv6 the Device will operate in IPv4 or IPv6 mode.
Chapter 4 Broadband Table 3 Network Setting > Broadband > Internet Connection (continued) LABEL DESCRIPTION DHCP IPv6 Select DHCP if you want to obtain an IPv6 address from a DHCPv6 server. The IP address assigned by a DHCPv6 server has priority over the IP address automatically generated by the Device using the IPv6 prefix from an RA.
Chapter 4 Broadband Table 3 Network Setting > Broadband > Internet Connection (continued) LABEL DESCRIPTION MLD Proxy Select the version of MLD proxy (MLDv1 or MLDv2) to have the Device act as for this connection. This allows the Device to get subscription information and maintain a joined member list for each multicast group. It can reduce multicast traffic significantly. Select None to turn off MLD proxy.
Chapter 4 Broadband Figure 15 Network Setting > Broadband > More Connections The following table describes the labels in this screen. Table 4 Network Setting > Broadband > More Connections LABEL DESCRIPTION # This is an index number indicating the number of the corresponding connection. Active This field indicates whether the connection is active or not. Clear the check box to disable the connection. Select the check box to enable it. Node Name This is the name you gave to the Internet connection.
Chapter 4 Broadband Figure 16 Network Setting > Broadband > More Connections: Edit The following table describes the labels in this screen. Table 5 Network Setting > Broadband > More Connections: Edit LABEL DESCRIPTION General 38 Active Select the check box to activate or clear the check box to deactivate this connection. Node Name Enter a unique, descriptive name of up to 13 ASCII characters for this connection.
Chapter 4 Broadband Table 5 Network Setting > Broadband > More Connections: Edit (continued) LABEL DESCRIPTION Mode Select Router from the drop-down list box if your ISP allows multiple computers to share an Internet account. If you select Bridge, the Device will forward any packet that it does not route to this remote node; otherwise, the packets are discarded. Encapsulation Select the method of encapsulation used by your ISP from the drop-down list box.
Chapter 4 Broadband Table 5 Network Setting > Broadband > More Connections: Edit (continued) LABEL DESCRIPTION Multicast Internet Group Multicast Protocol (IGMP) is a network-layer protocol used to establish membership in a multicast group. The Device supports IGMP-v1, IGMP-v2 and IGMPv3. Select None to disable it. ATM QoS ATM QoS Type Select CBR (Continuous Bit Rate) to specify fixed (always-on) bandwidth for voice or data traffic.
Chapter 4 Broadband Figure 17 Network Setting > Broadband > 3G Backup The following table describes the labels in this screen. Table 6 Network Setting > Broadband > 3G Backup LABEL DESCRIPTION General 3G Backup Select Enable to have the Device use the 3G connection as your WAN or a backup when the wired WAN connection fails. Card description This field displays the manufacturer and model name of your 3G card if you inserted one in the Device. Otherwise, it displays N/A.
Chapter 4 Broadband Table 6 Network Setting > Broadband > 3G Backup (continued) LABEL DESCRIPTION APN Enter the APN (Access Point Name) provided by your service provider. Connections with different APNs may provide different services (such as Internet access or MMS (Multi-Media Messaging Service)) and charge method. You can enter up to 32 ASCII printable characters. Spaces are allowed. Obtain an IP Address Automatically Select this option If your ISP did not assign you a fixed IP address.
Chapter 4 Broadband a gateway IP address in the Gateway IP Address field in the wizard or WAN screen. You can get this information from your ISP. 4.5.1.2 PPP over Ethernet The Device supports PPPoE (Point-to-Point Protocol over Ethernet). PPPoE is an IETF Draft standard (RFC 2516) specifying how a personal computer (PC) interacts with a broadband modem (DSL, cable, wireless, etc.) connection. The PPPoE option is for a dial-up connection using PPPoE.
Chapter 4 Broadband LLC-based Multiplexing In this case one VC carries multiple protocols with protocol identifying information being contained in each packet header. Despite the extra bandwidth and processing overhead, this method may be advantageous if it is not practical to have a separate VC for each carried protocol, for example, if charging heavily depends on the number of simultaneous VCs. 4.5.
Chapter 4 Broadband 4.5.6 NAT NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network. 4.6 Traffic Shaping Traffic Shaping is an agreement between the carrier and the subscriber to regulate the average rate and fluctuations of data transmission over an ATM network.
Chapter 4 Broadband Constant Bit Rate (CBR) Constant Bit Rate (CBR) provides fixed bandwidth that is always available even if no data is being sent. CBR traffic is generally time-sensitive (doesn't tolerate delay). CBR is used for connections that continuously require a specific amount of bandwidth. A PCR is specified and if traffic exceeds this rate, cells may be dropped. Examples of connections that need CBR would be high-resolution video and voice.
C HAPT ER 5 Wireless LAN 5.1 Overview This chapter describes how to perform tasks related to setting up and optimizing your wireless network, including the following. • Turning the wireless connection on or off. • Configuring a name, wireless channel and security for the network. • Using WiFi Protected Setup (WPS) to configure your wireless network. • Setting up multiple wireless networks. • Using a MAC (Media Access Control) address filter to restrict access to the wireless network.
Chapter 5 Wireless LAN 5.1.2 What You Need to Know About Wireless Wireless Basics “Wireless” is essentially radio communication. In the same way that walkie-talkie radios send and receive information over the airwaves, wireless networking devices exchange information with one another. A wireless networking device is just like a radio that lets your computer exchange information with radios attached to other computers.
Chapter 5 Wireless LAN Figure 19 Network Setting > Wireless > General The following table describes the labels in this screen. Table 7 Network Setting > Wireless > General LABEL DESCRIPTION Wireless Network Setup Wireless Select Enable Wireless LAN to activate wireless LAN. Wireless Network Settings Wireless Network Name (SSID) The SSID (Service Set IDentity) identifies the service set with which a wireless device is associated.
Chapter 5 Wireless LAN Table 7 Network Setting > Wireless > General (continued) LABEL DESCRIPTION Operating Channel This field displays the channel the Device is currently using. Security Level Security Mode Select Basic (WEP) or More Secure (WPA(2)-PSK, WPA(2)) to add security on this wireless network. The wireless clients which want to associate to this network must have same wireless security settings as the Device. When you select to use a security, additional options appears in this screen.
Chapter 5 Wireless LAN In order to configure and enable WEP encryption, click Network Setting > Wireless to display the General screen, then select Basic as the security level. Figure 21 Wireless > General: Basic (WEP) The following table describes the wireless LAN security labels in this screen. Table 8 Wireless > General: Basic (WEP) LABEL DESCRIPTION Security Level Select Basic to enable WEP data encryption.
Chapter 5 Wireless LAN Figure 22 Wireless > General: More Secure: WPA(2)-PSK The following table describes the wireless LAN security labels in this screen. Table 9 Wireless > General: More Secure: WPA(2)-PSK LABEL DESCRIPTION Security Level Select More Secure to enable WPA(2)-PSK data encryption. Security Mode Select WPA-PSK or WPA2-PSK from the drop-down list box. Pre-Shared Key The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same.
Chapter 5 Wireless LAN The WPA security mode is a security subset of WPA2. It requires the presence of a RADIUS server on your network in order to validate user credentials. This encryption standard is slightly older than WPA2 and therefore is more compatible with older devices. Click Network Setting > Wireless to display the General screen. Select More Secure as the security level. Then select WPA or WPA2 from the Security Mode list.
Chapter 5 Wireless LAN Table 10 Wireless > General: More Secure: WPA(2) (continued) LABEL DESCRIPTION Group Key Update Timer The Group Key Update Timer is the rate at which the RADIUS server sends a new group key out to all clients. Encryption Select the encryption type for data encryption. If you choose WPA as the security mode, the Device uses TKIP for data encryption.
Chapter 5 Wireless LAN Figure 25 More AP: Edit The following table describes the fields in this screen. Table 12 More AP: Edit LABEL DESCRIPTION Wireless Network Setup Wireless Select Enable Wireless LAN to activate wireless LAN. Wireless Network Settings Wireless Network Name (SSID) The SSID (Service Set IDentity) identifies the service set with which a wireless device is associated. Wireless devices associating to the access point (AP) must have the same SSID.
Chapter 5 Wireless LAN Table 12 More AP: Edit LABEL DESCRIPTION OK Click OK to save your changes. Cancel Click Cancel to exit this screen without saving. 5.4 The MAC Authentication Screen This screen allows you to configure the Device to give exclusive access to specific devices (Allow) or exclude specific devices from accessing the Device (Deny). Every Ethernet device has a unique MAC (Media Access Control) address.
Chapter 5 Wireless LAN Table 13 Network Setting > Wireless > MAC Authentication (continued) LABEL DESCRIPTION Modify Click the Delete icon to delete the entry. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 5.5 The WPS Screen Use this screen to configure WiFi Protected Setup (WPS) on your Device. WPS allows you to quickly set up a wireless network with strong security, without having to configure security settings manually.
Chapter 5 Wireless LAN The following table describes the labels in this screen. Table 14 Network Setting > Wireless > WPS LABEL DESCRIPTION General WPS Select Enable to activate WPS on the Device. Otherwise, select Disable to deactivate WPS. Add a new device with WPS Method Method 1 PBC WPS Use this section to set up a WPS wireless network using Push Button Configuration (PBC). Click this button to add another WPS-enabled wireless device (within wireless range of the Device) to your wireless network.
Chapter 5 Wireless LAN 5.6 The WDS Screen An AP using the Wireless Distribution System (WDS) can function as a wireless network bridge allowing you to wirelessly connect wired network segments. The WDS screen allows you to configure the Device to connect to other APs wirelessly when WDS is enabled. Use this screen to set up your WDS (Wireless Distribution System) links between the Device and other wireless APs. You need to know the MAC address of the peer device.
Chapter 5 Wireless LAN 5.7 The WMM Screen Currently, the Wi-Fi MultiMedia (WMM) feauture of SSID1-4 is enabled and this screen is read-only. Click Network Setting > Wireless > WMM. The following screen displays. Figure 29 Network Setting > Wireless > WMM The following table describes the labels in this screen.
Chapter 5 Wireless LAN Figure 30 Network Setting > Wireless > Scheduling The following table describes the labels in this screen. Table 17 Network Setting > Wireless > Scheduling LABEL DESCRIPTION Wireless LAN Scheduling Select Enable or Disable to activate or deactivate wireless LAN scheduling on your Device. State Select On or Off to enable or disable the wireless LAN. Day Check the day(s) you want to turn the wireless LAN on or off.
Chapter 5 Wireless LAN Figure 31 Network Setting > Wireless> Advanced The following table describes the labels in this screen. Table 18 Network Setting > Wireless> Advanced LABEL DESCRIPTION Fragmentation Threshold This is the maximum data fragment size that can be sent. Enter a value between 256 and 2346. Output Power Set the output power of the Device. If there is a high density of APs in an area, decrease the output power to reduce interference with other APs.
Chapter 5 Wireless LAN 5.10 Wireless LAN Technical Reference This section discusses wireless LANs in depth. For more information, see the appendix. 5.10.1 Wireless Network Overview Wireless networks consist of wireless clients, access points and bridges. • A wireless client is a radio connected to a user’s computer. • An access point is a radio with a wired connection to a network, which can connect with numerous wireless clients and let them access the network.
Chapter 5 Wireless LAN Every wireless network must follow these basic guidelines. • Every device in the same wireless network must use the same SSID. The SSID is the name of the wireless network. It stands for Service Set IDentifier. • If two wireless networks overlap, they should use a different channel. Like radio stations or television channels, each wireless network uses a specific channel, or frequency, to send and receive information.
Chapter 5 Wireless LAN people with the code key can understand the information, and only people who have been authenticated are given the code key. These security standards vary in effectiveness. Some can be broken, such as the old Wired Equivalent Protocol (WEP). Using WEP is better than using no security at all, but it will not keep a determined attacker out. Other security standards are secure in themselves but can be broken if a user does not use them properly.
Chapter 5 Wireless LAN 5.10.3.3 User Authentication Authentication is the process of verifying whether a wireless device is allowed to use the wireless network. You can make every user log in to the wireless network before using it. However, every device in the wireless network has to support IEEE 802.1x to do this. For wireless networks, you can store the user names and passwords for each user in a RADIUS server. This is a server used in businesses more than in homes.
Chapter 5 Wireless LAN Many types of encryption use a key to protect the information in the wireless network. The longer the key, the stronger the encryption. Every device in the wireless network must have the same key. 5.10.4 Signal Problems Because wireless networks are radio networks, their signals are subject to limitations of distance, interference and absorption. Problems with distance occur when the two radios are too far apart.
Chapter 5 Wireless LAN 5.10.6 MBSSID Traditionally, you need to use different APs to configure different Basic Service Sets (BSSs). As well as the cost of buying extra APs, there is also the possibility of channel interference. The Device’s MBSSID (Multiple Basic Service Set IDentifier) function allows you to use one access point to provide several BSSs simultaneously. You can then assign varying QoS priorities and/or security modes to different SSIDs.
Chapter 5 Wireless LAN minutes to find another device that also has WPS activated. Then, the two devices connect and set up a secure network by themselves. 5.10.8.1 Push Button Configuration WPS Push Button Configuration (PBC) is initiated by pressing a button on each WPS-enabled device, and allowing them to connect automatically. You do not need to enter any information. Not every WPS-enabled device has a physical WPS button.
Chapter 5 Wireless LAN 3 Look for the client’s WPS PIN; it will be displayed either on the device, or in the WPS section of the client’s configuration interface (see the device’s User’s Guide for how to find the WPS PIN - for the Device, see Section 5.5 on page 57). 4 Enter the client’s PIN in the AP’s configuration interface.
Chapter 5 Wireless LAN Figure 35 Example WPS Process: PIN Method ENROLLEE REGISTRAR WPS This device’s WPS PIN: 123456 WPS Enter WPS PIN from other device: WPS START WPS START WITHIN 2 MINUTES SECURE EAP TUNNEL SSID WPA(2)-PSK COMMUNICATION 5.10.8.3 How WPS Works When two WPS-enabled devices connect, each device must assume a specific role.
Chapter 5 Wireless LAN Figure 36 How WPS works ACTIVATE WPS ACTIVATE WPS WITHIN 2 MINUTES WPS HANDSHAKE ENROLLEE REGISTRAR SECURE TUNNEL SECURITY INFO COMMUNICATION The roles of registrar and enrollee last only as long as the WPS setup process is active (two minutes). The next time you use WPS, a different device can be the registrar if necessary. The WPS connection process is like a handshake; only two devices participate in each WPS transaction.
Chapter 5 Wireless LAN Figure 37 WPS: Example Network Step 1 ENROLLEE REGISTRAR SECURITY INFO AP1 CLIENT 1 In step 2, you add another wireless client to the network. You know that Client 1 supports registrar mode, but it is better to use AP1 for the WPS handshake with the new client since you must connect to the access point anyway in order to use the network. In this case, AP1 must be the registrar, since it is configured (it already has security information for the network).
Chapter 5 Wireless LAN Figure 39 WPS: Example Network Step 3 EXISTING CONNECTION CLIENT 1 E CO ING T XIS ION CT E NN AP1 REGISTRAR CLIENT 2 SE CU RIT Y ENROLLEE INF O AP2 5.10.8.5 Limitations of WPS WPS has some limitations of which you should be aware. • WPS works in Infrastructure networks only (where an AP and a wireless client communicate). It does not work in Ad-Hoc networks (where there is no AP). • When you use WPS, it works between two devices only.
Chapter 5 Wireless LAN access point is the WPS registrar, the enrollee, or was not involved in the WPS handshake; a rogue device must still associate with the access point to gain access to the network. Check the MAC addresses of your wireless clients (usually printed on a label on the bottom of the device). If there is an unknown MAC address you can remove it or reset the AP.
Chapter 5 Wireless LAN 76 ericom D1000 modem User’s Guide
C HAPT ER 6 Home Networking 6.1 Overview A Local Area Network (LAN) is a shared communication system to which many networking devices are connected. It is usually located in one immediate area such as a building or floor of a building. Use the LAN screens to help you configure a LAN DHCP server and manage IP addresses. LAN DSL 6.1.1 What You Can Do in the LAN Screens • Use the LAN Setup screen to set the LAN IP address, subnet mask, and DHCP settings of your Device (Section 6.2 on page 79).
Chapter 6 Home Networking 6.1.2 What You Need To Know 6.1.2.1 About LAN IP Address IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet Mask Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
Chapter 6 Home Networking Cautions with UPnP The automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues. Network information and configuration may also be obtained and modified by users in some network environments. When a UPnP device joins a network, it announces its presence with a multicast message. For security reasons, the Device allows multicast messages on the LAN only.
Chapter 6 Home Networking Figure 40 Network Setting > Home Networking > LAN Setup The following table describes the fields in this screen. Table 21 Network Setting > Home Networking > LAN Setup LABEL DESCRIPTION LAN IP Setup IP Address Enter the LAN IP address you want to assign to your Device in dotted decimal notation, for example, 192.168.1.254 (factory default). Subnet Mask Type the subnet mask of your network in dotted decimal notation, for example 255.255.255.0 (factory default).
Chapter 6 Home Networking Table 21 Network Setting > Home Networking > LAN Setup (continued) LABEL DESCRIPTION DHCP If set to Enable, your Device can assign IP addresses, an IP default gateway and DNS servers to Windows 95, Windows NT and other systems that support the DHCP client. If set to Disable, the DHCP server will be disabled. If set to DHCP Relay, the Device acts as a surrogate DHCP server and relays DHCP requests and responses between the remote server and the clients.
Chapter 6 Home Networking Use this screen to change your Device’s static DHCP settings. Click Network Setting > Home Networking > Static DHCP to open the following screen. Figure 41 Network Setting > Home Networking > Static DHCP The following table describes the labels in this screen. Table 22 Network Setting > Home Networking > Static DHCP LABEL DESCRIPTION Add new static lease Click this to add a new static DHCP entry. # This is the index number of the entry.
Chapter 6 Home Networking 6.4 The IP Alias Screen IP alias allows you to partition a physical network into different logical networks over the same Ethernet interface. The Device supports multiple logical LAN interfaces via its physical Ethernet interface with the Device itself as the gateway for the LAN network. When you use IP alias, you can also configure firewall rules to control access to the LAN's logical network (subnet). 6.4.
Chapter 6 Home Networking Figure 44 Network Setting > Home Networking > UPnP The following table describes the labels in this screen. Table 25 Network Setting > Home Networking > UPnP LABEL DESCRIPTION UPnP Select Enable to activate UPnP. Be aware that anyone could use a UPnP application to open the web configurator's login screen without entering the Device's IP address (although you must still enter the password to access the web configurator). Otherwise, select Disable to deactivate UPnP.
Chapter 6 Home Networking Figure 45 Network Setting > Home Networking > IPv6 LAN Setup ericom D1000 modem User’s Guide 85
Chapter 6 Home Networking The following table describes the labels in this screen. Table 26 Network Setting > Home Networking > IPv6 LAN Setup LABEL DESCRIPTION IPv6 LAN Setup Link Local Address Type Select Manual to manually enter a link local address. Select EUI64 to use the EUI-64 format to generate a link local address from the Ethernet MAC address.
Chapter 6 Home Networking Table 26 Network Setting > Home Networking > IPv6 LAN Setup (continued) LABEL Managed config flag on DESCRIPTION Select this to have the Device indicate to hosts to obtain network settings (such as prefix and DNS settings) through DHCPv6. Clear this to have the Device indicate to hosts that DHCPv6 is not available and they should use the prefix in the router advertisement message.
Chapter 6 Home Networking 6.7 The File Sharing Screen Share files on a USB memory stick or hard drive connected to your Device with users on your network. The following figure is an overview of the Device’s file server feature. Computers A and B can access files on a USB device (C) which is connected to the Device. Figure 46 File Sharing Overview B C A 6.7.
Chapter 6 Home Networking CIFS runs over TCP/IP but uses the SMB (Server Message Block) protocol found in Microsoft Windows for file and printer access; therefore, CIFS will allow all applications, not just Web browsers, to open and share files across the Internet. The Device uses Common Internet File System (CIFS) protocol for its file sharing functions. CIFS compatible computers can access the USB file storage devices connected to the Device.
Chapter 6 Home Networking Figure 47 Network Setting > Home Networking > File Sharing Each field is described in the following table. Table 27 Network Setting > Home Networking > File Sharing LABEL DESCRIPTION Server Configuration Active the File Sharing Services Select this to enable file sharing through the Device. Share Directory Access Level Select Public to allow all users on the network to access the shared files. Select Security to require users to log in to access shared files.
Chapter 6 Home Networking 6.7.4 User Edit Click Edit in the File Sharing screen to edit a user’s information on the Device. Figure 48 Network Setting > Home Networking > File Sharing > Edit Each field is described in the following table. Table 28 Network Setting > Home Networking > File Sharing > Edit LABEL DESCRIPTION Active Select the check box to enable the account. Clear the check box to disable the account. User Name Enter a user name that will be allowed to access shares.
Chapter 6 Home Networking Figure 49 Sharing a USB Printer 6.8.1 What You Need to Know Print Server This is a computer or other device which manages one or more printers, and which sends print jobs to each printer from the computer itself or other devices. Operating System An operating system (OS) is the interface which helps you manage a computer. Common examples are Microsoft Windows, Mac OS or Linux.
Chapter 6 Home Networking • Your Device must be connected to your computer and any other devices on your network. The USB printer must be connected to your Device. • The computers on your network must have the printer software already installed before they can use the printer. Follow your printer manufacturers instructions on how to install the printer software on your computer. Note: Your printer’s installation instructions may ask that you connect the printer to your computer.
Chapter 6 Home Networking Figure 51 Printers Folder 2 The Add Printer Wizard screen displays. Click Next. Figure 52 Add Printer Wizard: Welcome 3 94 Select A network printer, or a printer attached to another computer and click Next.
Chapter 6 Home Networking Figure 53 Add Printer Wizard: Local or Network Printer 4 Select Connect to a printer on the Internet or on a home or office network: and enter “http://192.168.1.254:631/printers/USB_PRINTER” as the URL to access the print server (Device). Click Next. Note: If you change the Device’s LAN IP address, use the new IP address in the URL to access the print server.
Chapter 6 Home Networking Figure 55 Add Printer Wizard: Printer Model 9 Select Yes and then click the Next button if you want to use this printer as the default printer on your computer. Otherwise select No and then click Next to continue. Figure 56 Add Printer Wizard: Default Printer 10 The following screen shows your current printer settings. Select Finish to complete adding a new printer.
Chapter 6 Home Networking 6.10 Add a New Printer Using Macintosh OS X Complete the following steps to set up a print server driver on your Macintosh computer. 6.10.1 Mac OS 10.3 and 10.4 This example shows how to connect a printer behind the Device to your computer using Mac OS X v10.4.11. Some menu items may look different on your operating system.
Chapter 6 Home Networking Figure 60 Applications Folder 14 Double-click the Printer Setup Utility icon. Figure 61 Utilities Folder 15 Click the Add icon at the top of the screen. Figure 62 Printer List: Add 16 Click the IP Printer tab to set up your printer. • Press the alt key and click More Printers in the Printer Browser screen.
Chapter 6 Home Networking • Select Advanced from the top drop-down list. • Select Internet Printing Protocol using HTTP from the Device drop-down list. • Enter a descriptive name for the printer in the Device Name field. • In the Device URL field, enter “http://192.168.1.254:631/printers/USB_PRINTER” as the URL to access the print server (Device). Note: If you change the Device’s LAN IP address, use the new IP address in the URL to access the print server.
Chapter 6 Home Networking 6.10.2 Mac OS 10.5 and 10.6 This example shows how to connect a printer behind the Device to your computer using Mac OS X v10.6.2. Some menu items may look different on your operating system. 1 Click the Finder icon on the Dock or double-click your Mac hard disk icon (Mac OS X in this example) on your desktop to open the Mac HD window. Figure 65 Mac OS X HD 2 Open the Applications folder. Figure 66 Macintosh HD Folder 3 100 Double-click the System Preferences icon.
Chapter 6 Home Networking Figure 67 Applications Folder 4 Click the Print & Fax icon. Figure 68 System Preferences 5 Select the Printing tab and click the + icon to add a new printer.
Chapter 6 Home Networking Figure 69 Print & Fax 6 Click the Advanced button on the Add Printer toolbar to set up your printer. If the Advanced button doesn’t appear, Ctrl-click the toolbar, select Customize Toolbar... and then drag the Advanced button onto the toolbar. • Select Internet Printing Protocol (HTTP) from the Type drop-down list. • Select Another Device from the Device drop-down list. • In the URL field, enter “http://192.168.1.
Chapter 6 Home Networking Figure 70 Add Printer 7 The new network printer displays in the Printers list. Figure 71 Printer List 8 Your print server driver setup is complete. You can now use the Device’s print server to print from a Mac computer. 6.11 Home Networking Technical Reference This section provides some technical background information about the topics covered in this chapter.
Chapter 6 Home Networking 6.11.1 LANs, WANs and the Device The actual physical connection determines whether the Device ports are LAN or WAN ports. There are two separate IP networks, one inside the LAN network and the other outside the WAN network as shown next. Figure 72 LAN and WAN IP Addresses LAN WAN 6.11.2 DHCP Setup DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server.
Chapter 6 Home Networking • Some ISPs choose to disseminate the DNS server addresses using the DNS server extensions of IPCP (IP Control Protocol) after the connection is up. If your ISP did not give you explicit DNS servers, chances are the DNS servers are conveyed through IPCP negotiation. The Device supports the IPCP DNS server extensions through the DNS proxy feature. Please note that DNS proxy works only when the ISP uses the IPCP DNS server extensions.
Chapter 6 Home Networking You can obtain your IP address from the IANA, from an ISP or it can be assigned from a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks. On the other hand, if you are part of a much larger organization, you should consult your network administrator for the appropriate IP addresses.
Chapter 6 Home Networking At start up, the Device queries all directly connected networks to gather group membership. After that, the Device periodically updates this information. IP multicasting can be enabled/disabled on the Device LAN and/or WAN interfaces in the web configurator (LAN; WAN). Select None to disable IP multicasting on these interfaces.
Chapter 6 Home Networking 108 ericom D1000 modem User’s Guide
C HAPT ER 7 Static Route 7.1 Overview The Device usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the Device send data to devices not reachable through the default gateway, use static routes. For example, the next figure shows a computer (A) connected to the Device’s LAN interface. The Device routes most traffic from A to the Internet through the Device’s default gateway (R1).
Chapter 7 Static Route 7.2 The Static Route Screen Use this screen to view the static route rules. Click Network Setting > Static Route to open the Static Route screen. Figure 74 Network Setting > Static Route The following table describes the labels in this screen. Table 30 Network Setting > Static Route LABEL DESCRIPTION Add new static route Click this to configure a new static route. # This is the number of an individual static route.
Chapter 7 Static Route The following table describes the labels in this screen. Table 31 Network Setting > Static Route Add/Edit LABEL DESCRIPTION Destination IP Address This parameter specifies the IP network address of the final destination. Routing is always based on network number. If you need to specify a route to a single host, use a subnet mask of 255.255.255.255 in the subnet mask field to force the network number to be identical to the host ID. IP Subnet Mask Enter the IP subnet mask here.
Chapter 7 Static Route 7.3.1 IPv6 Static Route Edit Use this screen to configure the required information for an IPv6 static route. Click Add new static route or select an IPv6 static route index number and click Edit. The screen shown next appears. Figure 77 Network Setting > Static Route > IPv6 Static Route: Add/Edit The following table describes the labels in this screen.
C HAPT ER 8 Quality of Service (QoS) 8.1 Overview Use the QoS screen to set up your Device to use QoS for traffic management. Quality of Service (QoS) refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to control bandwidth. QoS allows the Device to group and prioritize application traffic and fine-tune network performance. Without QoS, all traffic data are equally likely to be dropped when the network is congested.
Chapter 8 Quality of Service (QoS) • Use the Queue Setup screen (Section 8.3 on page 115) to configure QoS settings on the Device. • Use the Class Setup screen (Section 8.4 on page 117) to configure QoS settings on the Device. • Use the Game List screen (Section 8.5 on page 121) to to give priority to traffic for specific games. 8.1.2 What You Need to Know About QoS 802.1p QoS is used to prioritize source-to-destination traffic flows. All packets in the same flow are given the same priority. 802.
Chapter 8 Quality of Service (QoS) The following table describes the labels in this screen. Table 34 Network Setting > QoS > General LABEL DESCRIPTION Active QoS Use this field to turn on QoS to improve your network performance. Traffic priority will be automatically assigned by Select how the Device assigns priorities to various incoming and outgoing traffic flows. • • • • None: Disables auto priority mapping and has the Device put packets into the queues according to your classification rules.
Chapter 8 Quality of Service (QoS) Table 35 Network Setting > QoS > Queue Setup (continued) LABEL DESCRIPTION Rate Limit This shows the maximum transmission rate allowed for traffic on this queue. Modify Click the Edit icon to edit the queue. Click the Delete icon to delete an existing queue. Note that subsequent rules move up by one when you take this action. 8.3.1 Adding a QoS Queue Click the edit icon in the Queue Setup screen to configure a queue.
Chapter 8 Quality of Service (QoS) 8.4 The Class Setup Screen Use this screen to add, edit or delete QoS classifiers. A classifier groups traffic into data flows according to specific criteria such as the source address, destination address, source port number, destination port number or incoming interface. For example, you can configure a classifier to select traffic from the same protocol port (such as Telnet) to form a flow.
Chapter 8 Quality of Service (QoS) Figure 83 QoS > Class Setup Add/Edit 118 ericom D1000 modem User’s Guide
Chapter 8 Quality of Service (QoS) The following table describes the labels in this screen. Table 38 QoS > Class Setup Add/Edit LABEL DESCRIPTION Rule Index Select the rule’s index number from the drop-down list box. This field is available only when you are adding a new QoS class. Class Configuration Active Use this field to enable or disable the QoS class rule. Ether Type Select a predefined application to configure a class for the matched traffic.
Chapter 8 Quality of Service (QoS) Table 38 QoS > Class Setup Add/Edit (continued) LABEL DESCRIPTION MAC Address Select the check box and enter the destination MAC address of the packet. Mac Netmask Type the mask for the specified MAC address to determine which bits a packet’s MAC address should match. Enter “f” for each bit of the specified source MAC address that the traffic’s MAC address should match.
Chapter 8 Quality of Service (QoS) Table 38 QoS > Class Setup Add/Edit (continued) LABEL DESCRIPTION IP Precedence Mark Enter a range from 0 to 7 to re-assign IP precedence to matched traffic. 0 is the lowest priority and 7 is the highest. Type Of Service Mark Select a type of service to re-assign the priority level to matched traffic. DSCP Mark(0~63) Available options are: Normal service, Minimize delay, Maximize throughput, Maximize reliability and Minimize monetary cost.
Chapter 8 Quality of Service (QoS) The following table describes the labels in this screen. Table 39 Network Setting > QoS > Game List LABEL DESCRIPTION Enable Game List Select this to have QoS give the highest priority to traffic for the games you specify. This priority is higher than the other QoS queues. Select the games below. Apply Click this to save your changes. Cancel Click this to restore previously saved settings. 8.
Chapter 8 Quality of Service (QoS) 8.6.3 Automatic Priority Queue Assignment If you enable QoS on the Device, the Device can automatically base on the IEEE 802.1p priority level, IP precedence and/or packet length to assign priority to traffic which does not match a class. The following table shows you the internal layer-2 and layer-3 QoS mapping on the Device.
Chapter 8 Quality of Service (QoS) 124 ericom D1000 modem User’s Guide
C HAPT ER 9 Network Address Translation (NAT) 9.1 Overview This chapter discusses how to configure NAT on the Device. NAT (Network Address Translation NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network. 9.1.1 What You Can Do in the NAT Screens • Use the General screen (Section 9.
Chapter 9 Network Address Translation (NAT) Port Forwarding A port forwarding set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visible to the outside world even though NAT makes your whole inside network appear as a single computer to the outside world. Finding Out More See Section 9.6 on page 130 for advanced technical information on NAT. 9.2 The NAT General Screen Use this screen to activate NAT for the default WAN connection (PVC0).
Chapter 9 Network Address Translation (NAT) 9.3 The Port Forwarding Screen Use this screen to forward incoming service requests to the server(s) on your local network. You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server. The port number identifies a service; for example, web service is on port 80 and FTP on port 21.
Chapter 9 Network Address Translation (NAT) The following table describes the fields in this screen. Table 43 Network Setting > NAT > Port Forwarding LABEL DESCRIPTION WAN Interface Select a WAN connection for which you want to configure a port forwarding rule. Add new rule Click this button to add a rule to the table below. # This is the rule index number (read-only). Active This field indicates whether the rule is active or not. Clear the check box to disable the rule.
Chapter 9 Network Address Translation (NAT) Table 44 Network Setting > NAT > Port Forwarding: Edit (continued) LABEL DESCRIPTION External Start Port Enter a port number in this field. To forward only one port, enter the port number again in the End Port field. To forward a series of ports, enter the start port number here and the end port number in the End Port field. External End Port Enter a port number in this field.
Chapter 9 Network Address Translation (NAT) The following table describes the fields in this screen. Table 45 Network Setting > NAT > DMZ LABEL DESCRIPTION WAN Interface Select a WAN PVC connection (PVC0~PVC7) from which you want to forward the traffic to the specified default server. Default Server Address Enter the IP address of the default server which receives packets from ports that are not specified in the NAT > Port Forwarding screen.
Chapter 9 Network Address Translation (NAT) 9.6.1 NAT Definitions Inside/outside denotes where a host is located relative to the Device, for example, the computers of your subscribers are the inside hosts, while the web servers on the Internet are the outside hosts.
Chapter 9 Network Address Translation (NAT) Device keeps track of the original addresses and port numbers so incoming reply packets can have their original values restored. The following figure illustrates this. Figure 90 How NAT Works NAT Table LAN Inside Local IP Address 192.168.1.10 192.168.1.11 192.168.1.12 192.168.1.13 192.168.1.13 192.168.1.12 SA SA 192.168.1.10 IGA1 Inside Local Address (ILA) 192.168.1.
Chapter 9 Network Address Translation (NAT) • One to One: In One-to-One mode, the Device maps one local IP address to one global IP address. • Many to One: In Many-to-One mode, the Device maps multiple local IP addresses to one global IP address. • Many to Many Overload: In Many-to-Many Overload mode, the Device maps the multiple local IP addresses to shared global IP addresses.
Chapter 9 Network Address Translation (NAT) 134 ericom D1000 modem User’s Guide
C HAPTER 10 Port Isolation 10.1 Overview This chapter describes how to configure the port isolation settings. Port isolation allows you to aggregate port connections into logical groups. You may bind WAN PVCs to Ethernet ports and WLANs to specify how traffic is forwarded. Different ATM QoS settings can be specified for each WAN PVC to meet bandwidth requirements for the type of traffic to be transferred.
Chapter 10 Port Isolation If a WAN PVC is bound to an Ethernet port, traffic from the Ethernet port will only be forwarded through the specified WAN PVC and vice versa. If a port is not in a port isolation group, traffic to and from the port will be forwarded according to the routing table. 10.1.1 What You Can Do in the Port Isolation Screens • Use the General screen (Section 10.3 on page 136) to activate port isolation. • Use the Port Isolation screen (Section 10.
Chapter 10 Port Isolation Figure 94 Network Setting > Port Isolation > Port Isolation The following table describes the labels in this screen. Table 50 Network Setting > Port Isolation > Port Isolation LABEL DESCRIPTION Port Isolation Active Activate or deactivate port isolation for the port isolation group. Group Index Select the index number for the port isolation group.
Chapter 10 Port Isolation Figure 95 Network Setting > Port Isolation > Port Isolation Summary Ex a mp le The following table describes the labels in this screen. Table 51 Network Setting > Port Isolation > Port Isolation Summary 138 LABEL DESCRIPTION Group ID This field displays the group index number. Group Port This field displays the ports included in the group.
C HAPTER 11 Dynamic DNS Setup 11.1 Overview Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect.
Chapter 11 Dynamic DNS Setup Figure 96 Network Setting > Dynamic DNS The following table describes the fields in this screen. Table 52 Network Setting > Dynamic DNS LABEL DESCRIPTION Dynamic DNS Setup Active Dynamic DNS Select this check box to use dynamic DNS. Service Provider This is the website of your Dynamic DNS service p Host Name Type the domain name assigned to your Device by your Dynamic DNS provider. rovider. You can specify up to two host names in the field separated by a comma (",").
C HAPTER 12 Filter 12.1 Overview This chapter introduces the filters supported by the Device. You can configure rules to restrict traffic by IP addresses, MAC addresses, and/or IPv6 addresses. 12.1.1 What You Can Do in the Filter Screens • Use the IP/MAC Filter screen (Section 12.2 on page 141) to create IP and MAC filter rules. • Use the IPv6/MAC Filter screen (Section 12.3 on page 143) to create IPv6 and MAC filter rules. 12.1.
Chapter 12 Filter Figure 97 Security > Filter > IP/MAC Filter The following table describes the labels in this screen. Table 53 Security > Filter > IP/MAC Filter LABEL DESCRIPTION Rule Type Rule Type selection Select White List to specify traffic to allow and Black List to specify traffic to disallow. IP / MAC Filter Rule Editing IP / MAC Filter Rule Index Select the index number of the filter rule. Active Use this field to enable or disable the filter rule.
Chapter 12 Filter Table 53 Security > Filter > IP/MAC Filter (continued) LABEL DESCRIPTION Port Number Enter the source port of the packets that you wish to filter. The range of this field is 0 to 65535. This field is ignored if it is 0. Destination IP Address Enter the destination IP address of the packets you wish to filter. This field is ignored if it is 0.0.0.0. Subnet Mask Enter the IP subnet mask for the destination IP address.
Chapter 12 Filter Figure 98 Security > Filter > IPv6/MAC Filter The following table describes the labels in this screen. Table 54 Security > Filter > IPv6/MAC Filter LABEL DESCRIPTION Rule Type Rule Type selection Select White List to specify traffic to allow and Black List to specify traffic to block. IPv6 / MAC Filter Rule Editing IPv6 / MAC Filter Rule Index Select the index number of the filter rule. Active Use this field to enable or disable the filter rule.
Chapter 12 Filter Table 54 Security > Filter > IPv6/MAC Filter (continued) LABEL DESCRIPTION ICMPv6 Type Select the ICMPv6 message type to filter.
Chapter 12 Filter 146 ericom D1000 modem User’s Guide
C HAPTER 13 Firewall 13.1 Overview This chapter shows you how to enable the Device firewall. Use the firewall to protect your Device and network from attacks by hackers on the Internet and control access to it. The firewall: • allows traffic that originates from your LAN computers to go to all other networks. • blocks traffic that originates on other networks from going to the LAN. • blocks SYN and port scanner attacks.
Chapter 13 Firewall 13.1.2 What You Need to Know About Firewall SYN Attack A SYN attack floods a targeted system with a series of SYN packets. Each packet causes the targeted system to issue a SYN-ACK response. While the targeted system waits for the ACK that follows the SYN-ACK, it queues up all outstanding SYN-ACK responses on a backlog queue. SYNACKs are moved off the queue only when an ACK comes back or when an internal timer terminates the three-way handshake.
Chapter 13 Firewall Anti-Probing If an outside user attempts to probe an unsupported port on your Device, an ICMP response packet is automatically returned. This allows the outside user to know the Device exists. The Device supports anti-probing, which prevents the ICMP response packet from being sent. This keeps outsiders from discovering your Device when unsupported ports are probed.
Chapter 13 Firewall Table 55 Security > Firewall > General (continued) LABEL DESCRIPTION Low This setting allows traffic to the Internet and also allows someone from the Internet to access services on your local network. This would be used with Port Forwarding, Default Server. Custom This setting allows the customer to create and edit individual firewall rules. Firewall rules can be created in the Default Action screen (Section 13.3 on page 150) and Rules screen (Section 13.4 on page 151).
Chapter 13 Firewall 13.4 The Rules Screen Click Security > Firewall > Rules to display the following screen. This screen displays a list of the configured firewall rules. Note the order in which the rules are listed. Note: The firewall configuration screen shown in this section is specific to the following devices: P-The ordering of your rules is very important as rules are applied in turn. Figure 102 Security > Firewall > Rules The following table describes the labels in this screen.
Chapter 13 Firewall Table 57 Security > Firewall > Rules (continued) LABEL DESCRIPTION Source Interface This column displays the source interface to which this firewall rule applies. This is the interface through which the traffic entered the Device. Please note that a blank source interface is equivalent to Any. Destination Interface This column displays the destination interface to which this firewall rule applies. This is the interface through which the traffic is destined to leave the Device.
Chapter 13 Firewall Figure 103 Security > Firewall > Rules > Add The following table describes the labels in this screen. Table 58 Security > Firewall > Rules > Add LABEL DESCRIPTION Active Select this option to enable this firewall rule. Action for Matched Packets Use the drop-down list box to select whether to discard (Drop), deny and send an ICMP destination-unreachable message to the sender of (Reject) or allow the passage of (Permit) packets that match this rule.
Chapter 13 Firewall Table 58 Security > Firewall > Rules > Add (continued) LABEL DESCRIPTION Rules Source/Destination Address Address Type Do you want your rule to apply to packets with a particular (single) IP, a range of IP addresses (for instance, 192.168.1.10 to 192.169.1.50), a subnet or any IP address? Select an option from the drop-down list box that includes: Single Address, Range Address, Subnet Address and Any Address.
Chapter 13 Firewall The following table describes the labels in this screen. Table 59 Security > Firewall > Rules: Edit: Edit Customized Services LABEL DESCRIPTION # This is the number of your customized port. Name This is the name of your customized service. Protocol This shows the IP protocol (TCP or UDP) that defines your customized service. Port Type This is the port number or range that defines your customized service.
Chapter 13 Firewall 13.5 The DoS Screen Use this screen to enable DoS protection. Click Security > Firewall > Dos to display the following screen. Figure 106 Security > Firewall > DoS The following table describes the labels in this screen. Table 61 Security > Firewall > DoS LABEL DESCRIPTION Denial of Services Enable this to protect against DoS attacks. The Device will drop sessions that surpass maximum thresholds. Apply Click this to save your changes.
Chapter 13 Firewall 13.5.1.1 Threshold Values If everything is working properly, you probably do not need to change the threshold settings as the default threshold values should work for most small offices. Tune these parameters when you believe the Device has been receiving DoS attacks that are not recorded in the logs or the logs show that the Device is classifying normal traffic as DoS attacks. Factors influencing choices for threshold values are: 1 The maximum number of opened sessions.
Chapter 13 Firewall The following table describes the labels in this screen. Table 62 Security > Firewall > DoS > Advanced LABEL DESCRIPTION TCP SYN-Request Count This is the rate of new TCP half-open sessions per second that causes the firewall to start deleting half-open sessions. When the rate of new connection attempts rises above this number, the Device deletes half-open sessions as required to accommodate new connection attempts.
Chapter 13 Firewall Note: You can also configure the remote management settings to allow only a specific computer to manage the Device. • LAN to WAN These rules specify which computers on the LAN can access which computers or services on the WAN. By default, the Device’s stateful packet inspection drops packets traveling in the following directions: • WAN to LAN These rules specify which computers on the WAN can access which computers or services on the LAN.
Chapter 13 Firewall 10 For local services that are enabled, protect against misuse. Protect by configuring the services to communicate only with specific peers, and protect by configuring rules to block packets for the services at specific interfaces. 11 Protect against IP spoofing by making sure the firewall is active. 12 Keep the firewall in a secured (locked) room. 13.6.
Chapter 13 Firewall the “triangle route” (also called asymmetrical route) problem may occur. The steps below describe the “triangle route” problem. 1 A computer on the LAN initiates a connection by sending out a SYN packet to a receiving server on the WAN. 2 The Device reroutes the SYN packet through Gateway A on the LAN to the WAN. 3 The reply from the WAN goes directly to the computer on the LAN without going through the Device.
Chapter 13 Firewall Figure 111 IP Alias Subnet 1 LAN WAN 1 ISP 1 4 2 ISP 2 3 Subnet 2 162 A ericom D1000 modem User’s Guide
C HAPTER 14 Parental Control 14.1 Overview Parental control allows you to block web sites with the specific URL. You can also define time periods and days during which the Device performs parental control on a specific user. 14.2 The Parental Control Screen Use this screen to enable parental control, view the parental control rules and schedules. Click Security > Parental Control to open the following screen. Figure 112 Security > Parental Control The following table describes the fields in this screen.
Chapter 14 Parental Control Table 63 Security > Parental Control (continued) LABEL DESCRIPTION Website Blocked This shows whether the website block is configured. If not, None will be shown. Modify Click the Edit icon to go to the screen where you can edit the rule. Click the Delete icon to delete an existing rule. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. 14.2.
Chapter 14 Parental Control The following table describes the fields in this screen. Table 64 Parental Control: Add/Edit LABEL DESCRIPTION General Active Select the checkbox to activate this parental control rule. Parental Control Profile Name Enter a descriptive name for the rule. Home Network User Select the LAN user that you want to apply this rule to from the drop-down list box. If you select Custom, enter the LAN user’s MAC address. If you select All, the rule applies to all LAN users.
Chapter 14 Parental Control 166 ericom D1000 modem User’s Guide
C HAPTER 15 Certificates 15.1 Overview The Device can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication. 15.1.1 What You Can Do in this Chapter • Use the Local Certificates screen to view and import the Device’s CA-signed certificates (Section 15.3 on page 167).
Chapter 15 Certificates • Web Server - This certificate secures HTTP connections. • SSH - This certificate secures remote connections. Click Security > Certificates to open the Local Certificates screen. Figure 114 Security > Certificates > Local Certificates The following table describes the labels in this screen. Table 65 Security > Certificates > Local Certificates 168 LABEL DESCRIPTION WebServer Click Browse... to find the certificate file you want to upload.
Chapter 15 Certificates Table 65 Security > Certificates > Local Certificates (continued) LABEL DESCRIPTION Key Type This field applies to the SSH certificate. This shows the file format of the current certificate. Replace Click this to replace the certificate(s) and save your changes back to the Device. Reset Click this to clear your settings. 15.
Chapter 15 Certificates Note: You must remove any spaces from the certificate’s filename before you can import the certificate. Figure 116 Trusted CA > Import The following table describes the labels in this screen. Table 67 Security > Certificates > Trusted CA > Import LABEL DESCRIPTION Certificate File Path Type in the location of the file you want to upload in this field or click Browse to find it. Browse Click Browse to find the certificate file you want to upload.
Chapter 15 Certificates The following table describes the labels in this screen. Table 68 Trusted CA: View LABEL DESCRIPTION Certificate Name This field displays the identifying name of this certificate. If you want to change the name, type up to 31 characters to identify this key certificate. You may use any character (not including spaces). Certificate Detail This read-only text box displays the certificate or certification request in Privacy Enhanced Mail (PEM) format.
Chapter 15 Certificates 172 ericom D1000 modem User’s Guide
C HAPTER 16 Log 16.1 Overview The web configurator allows you to choose which categories of events and/or alerts to have the Device log and then display the logs or have the Device send them to an administrator (as e-mail) or to a syslog server. 16.1.1 What You Can Do in this Chapter • Use the Log screen to see the system logs for the categories that you select (Section 16.2 on page 174). 16.1.2 What You Need To Know The following terms and concepts may help as you read this chapter.
Chapter 16 Log Table 69 Syslog Severity Levels CODE SEVERITY 6 Informational: The syslog contains an informational message. 7 Debug: The message is intended for debug-level purposes. 16.2 The System Log Screen Click System Monitor > Log to open the System Log screen. Use the System Log screen to see the system logs for the categories that you select in the upper left drop-down list box. Figure 118 System Monitor > Log > System Log The following table describes the fields in this screen.
C HAPTER 17 Traffic Status 17.1 Overview Use the Traffic Status screens to look at network traffic status and statistics of the WAN, LAN interfaces and NAT. 17.1.1 What You Can Do in this Chapter • Use the WAN screen to view the WAN traffic statistics (Section 17.2 on page 175) . • Use the LAN screen to view the LAN traffic statistics (Section 17.3 on page 176). • Use the NAT screen to view the NAT status of the Device’s client(s) (Section 17.4 on page 177). 17.
Chapter 17 Traffic Status Table 71 System Monitor > Traffic Status > WAN (continued) LABEL DESCRIPTION Packets Sent Data This indicates the number of transmitted packets on this interface. Error This indicates the number of frames with errors transmitted on this interface. Drop This indicates the number of outgoing packets dropped on this interface. Packets Received Data This indicates the number of received packets on this interface.
Chapter 17 Traffic Status Table 72 System Monitor > Traffic Status > LAN (continued) LABEL DESCRIPTION Sent (Packet) Data This indicates the number of transmitted packets on this interface. Error This indicates the number of frames with errors transmitted on this interface. Drop This indicates the number of outgoing packets dropped on this interface. Received (Packet) Data This indicates the number of received packets on this interface.
Chapter 17 Traffic Status 178 ericom D1000 modem User’s Guide
C HAPTER 18 User Account 18.1 Overview You can configure system password for different user accounts in the User Account screen. 18.2 The User Account Screen Use the User Account screen to configure system password. Click Maintenance > User Account to open the following screen. Figure 122 Maintenance > User Account The following table describes the labels in this screen.
Chapter 18 User Account 180 ericom D1000 modem User’s Guide
C HAPTER 19 System Setting 19.1 Overview This chapter shows you how to configure the inactivity timeout interval. 19.2 The System Screen Use this screen to configure system admin password. Click Maintenance > System to open the screen as shown. Figure 123 Maintenance > System The following table describes the labels in this screen.
Chapter 19 System Setting 182 ericom D1000 modem User’s Guide
C HAPTER 20 Time Setting 20.1 Overview This chapter shows you how to configure the system time. 20.2 The Time Setting Screen Use this screen to configure the Device’s time based on your local time zone. To change your Device’s time and date, click Maintenance > System > Time. The screen appears as shown. Figure 124 Maintenance > System > Time Setting The following table describes the fields in this screen.
Chapter 20 Time Setting Table 76 Maintenance > System > Time Setting (continued) LABEL DESCRIPTION Manual Select this radio button to enter the time and date manually. If you configure a new time and date, Time Zone and Daylight Saving at the same time, the new time and date you entered has priority and the Time Zone and Daylight Saving settings do not affect it. Current Date/Time This field displays the last updated time (in hh:mm:ss format) from the time server or the last time configured manually.
Chapter 20 Time Setting ericom D1000 modem User’s Guide 185
Chapter 20 Time Setting 186 ericom D1000 modem User’s Guide
C HAPTER 21 Log Setting 21.1 Overview You can configure where the Device sends logs the Device records in the Log Setting screen. 21.2 The Log Setting Screen To change your Device’s log settings, click Maintenance > Log Setting. The screen appears as shown.
Chapter 21 Log Setting The following table describes the fields in this screen. Table 77 Maintenance > Log Setting LABEL DESCRIPTION Active Select the Active check box to enable logging. Mode Select the syslog destination from the drop-down list box. If you select Local File, the log(s) will be saved in a local file. If you want to send the log(s) to a remote syslog server and save it in a local file, select Local File and Remote.
C HAPTER 22 Firmware Upgrade 22.1 Overview This chapter explains how to upload new firmware to your Device. You can download new firmware releases from your nearest ZyXEL FTP site (or www.zyxel.com) to use to upgrade your device’s performance. Only use firmware for your device’s specific model. Refer to the label on the bottom of your Device. 22.2 The Firmware Screen Click Maintenance > Firmware Upgrade to open the following screen.
Chapter 22 Firmware Upgrade Figure 127 Firmware Uploading The Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 128 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen. If the upload was not successful, the following screen will appear. Click OK to go back to the Firmware Upgrade screen.
C HAPTER 23 Backup/Restore 23.1 Overview The Backup/Restore screen allows you to backup and restore device configurations. You can also reset your device settings back to the factory default. 23.2 The Backup/Restore Screen Click Maintenance > Backup/Restore. Information related to factory defaults, backup configuration, and restoring configuration appears in this screen, as shown next.
Chapter 23 Backup/Restore Restore Configuration Restore Configuration allows you to upload a new or previously saved configuration file from your computer to your Device. Table 79 Restore Configuration LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ... to find it. Browse... Click this to find the file you want to upload. Remember that you must decompress compressed (.ZIP) files before you can upload them.
Chapter 23 Backup/Restore 23.3 The Reboot Screen System restart allows you to reboot the Device remotely without turning the power off. You may need to do this if the Device hangs, for example. Click Maintenance > Reboot. Click the Reboot button to have the Device reboot. This does not affect the Device's configuration.
Chapter 23 Backup/Restore 194 ericom D1000 modem User’s Guide
C HAPTER 24 Remote Management 24.1 Overview Remote management allows you to determine which services/protocols can access which Device interface (if any) from which computers. The following figure shows remote management of the Device coming in from the WAN. Figure 133 Remote Management From the WAN LAN WAN HTTP Telnet Note: When you configure remote management to allow management from the WAN, you still need to configure a IP filter rule to allow access.
Chapter 24 Remote Management • Your Device can act as an SNMP agent, which allows a manager station to manage and monitor the Device through the network. Use the SNMP screen (see Section 24.5 on page 199) to configure through which interface(s) and from which IP address(es) users can use SNMP to access the Device. • Use the DNS screen (Section 24.6 on page 201) to configure through which interface(s) and from which IP address(es) users can send DNS queries to the Device. • Use the ICMP screen (Section 24.
Chapter 24 Remote Management Figure 134 Maintenance > RemoteMGMT > WWW The following table describes the labels in this screen. Table 80 Maintenance > RemoteMGMT > WWW LABEL DESCRIPTION Server Port This displays the service port number for accessing the Device using HTTP or HTTPS. If the number is grayed out, it is not editable. Server Access Select the interface(s) through which a computer may access the Device using this service.
Chapter 24 Remote Management 24.3 The Telnet Screen You can use Telnet to access the Device’s command line interface. Specify which interfaces allow Telnet access and from which IP address the access can come. Click Maintenance > RemoteMGMT > Telnet tab to display the screen as shown. Figure 135 Maintenance > RemoteMGMT > Telnet The following table describes the labels in this screen.
Chapter 24 Remote Management 24.4 The FTP Screen You can use FTP (File Transfer Protocol) to upload and download the Device’s firmware and configuration files. Please see the User’s Guide chapter on firmware and configuration file maintenance for details. To use this feature, your computer must have an FTP client. Use this screen to specify which interfaces allow FTP access and from which IP address the access can come. To change your Device’s FTP settings, click Maintenance > RemoteMGMT > FTP.
Chapter 24 Remote Management one (SNMPv1) and version two (SNMPv2c). The next figure illustrates an SNMP management operation. Figure 137 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the Device). An agent translates the local management information from the managed device into a form compatible with SNMP.
Chapter 24 Remote Management Figure 138 Maintenance > RemoteMGMT > SNMP The following table describes the labels in this screen. Table 83 Maintenance > RemoteMGMT > SNMP LABEL DESCRIPTION Server Port This displays the port the SNMP agent listens on. If the number is grayed out, it is not editable. Server Access Select the interface(s) through which a computer may access the Device using this service.
Chapter 24 Remote Management is set to bridge mode. Click Maintenance > RemoteMGMT > DNS to change your Device’s DNS settings. Figure 139 Maintenance > RemoteMGMT > DNS The following table describes the labels in this screen. Table 84 Maintenance > RemoteMGMT > DNS LABEL DESCRIPTION Server Port This displays the service port number for accessing the Device. If the number is grayed out, it is not editable.
Chapter 24 Remote Management Figure 140 Maintenance > RemoteMGMT > ICMP The following table describes the labels in this screen. Table 85 Maintenance > RemoteMGMT > ICMP LABEL DESCRIPTION Respond to Ping on The Device will not respond to any incoming Ping requests when Disable is selected. Select LAN to reply to incoming LAN Ping requests. Select WAN to reply to incoming WAN Ping requests. Otherwise select LAN & WAN to reply to both incoming LAN and WAN Ping requests.
Chapter 24 Remote Management Figure 141 Maintenance > RemoteMGMT > SSH The following table describes the labels in this screen. Table 86 Maintenance > RemoteMGMT > SSH LABEL DESCRIPTION Server Port This displays the service port number for accessing the Device. If the number is grayed out, it is not editable. Server Access Select the interface(s) through which a computer may access the Device using this service.
C HAPTER 25 Diagnostic 25.1 Overview These read-only screens display information to help you identify problems with the Device. 25.1.1 What You Can Do in the Diagnostic Screens • Use the Ping screen (Section 25.2 on page 205) to ping an IP address. • Use the DSL Line screen (Section 25.3 on page 206) to view the DSL line statistics and reset the ADSL line. 25.2 The General Screen Use this screen to ping an IP address. Click Maintenance > Diagnostic > Ping to open the screen shown next.
Chapter 25 Diagnostic Table 87 Maintenance > Diagnostic > Ping (continued) LABEL DESCRIPTION TracerouteV6 Click this to display the route path and transmission delays between the Device to the IPv6 address that you entered. TracerouteV4 Click this to display the route path and transmission delays between the Device to the IPv4 address that you entered. 25.3 The DSL Line Screen Use this screen to view the DSL line statistics and reset the ADSL line.
Chapter 25 Diagnostic The following table describes the fields in this screen. Table 88 Maintenance > Diagnostic > DSL Line LABEL DESCRIPTION ATM Status Click this to view your DSL connection’s Asynchronous Transfer Mode (ATM) statistics. ATM is a networking technology that provides high-speed data transfer. ATM uses fixedsize packets of information called cells. With ATM, a high QoS (Quality of Service) can be guaranteed. The (Segmentation and Reassembly) SAR driver translates packets into ATM cells.
Chapter 25 Diagnostic 208 ericom D1000 modem User’s Guide
C HAPTER 26 Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • Device Access and Login • Internet Access 26.1 Power, Hardware Connections, and LEDs The Device does not turn on. None of the LEDs turn on. 1 Make sure the Device is turned on. 2 Make sure you are using the power adaptor or cord included with the Device.
Chapter 26 Troubleshooting 26.2 Device Access and Login I forgot the IP address for the Device. 1 The default IP address is 192.168.1.254. 2 If you changed the IP address and have forgotten it, you might get the IP address of the Device by looking up the IP address of the default gateway for your computer. To do this in most Windows computers, click Start > Run, enter cmd, and then enter ipconfig.
Chapter 26 Troubleshooting • Try to access the Device using another service, such as Telnet. If you can access the Device, check the remote management settings and firewall rules to find out why the Device does not respond to HTTP. • If your computer is connected to the DSL port or is connected wirelessly, use a computer that is connected to a ETHERNET port. I can see the Login screen, but I cannot log in to the Device. 1 Make sure you have entered the password correctly.
Chapter 26 Troubleshooting 3 If you are trying to access the Internet wirelessly, make sure the wireless settings in the wireless client are the same as the settings in the AP. 4 If you are trying to access the Internet wirelessly, make sure you enabled the wireless LAN and have selected the correct country and channel in which your Device operates in the Wireless LAN > AP screen. 5 Disconnect all the cables from your device, and follow the directions in the Quick Start Guide again.
C HAPTER 27 LED Descriptions 27.1 LED Descriptions Table 89 LED Descriptions LED COLOR USB Green POWER WiFi DSL INTERNET DESCRIPTION On The Device recognizes a USB connection through the USB slot. Blinking The Device is sending/receiving data to /from the USB device connected to it. On The Device is receiving power and ready for use. Blinking The Device is self-testing. On The Device detected an error while self-testing, or there is a device malfunction.
Chapter 27 LED Descriptions 214 ericom D1000 modem User’s Guide
A PPENDIX A Legal Information Copyright Copyright © 2013 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
Appendix A Legal Information [German] Hiermit erklärt ZyXEL, dass sich das Gerät Ausstattung in Übereinstimmung mit den grundlegenden Anforderungen und den übrigen einschlägigen Bestimmungen der Richtlinie 1999/5/EU befindet. [Estonian] Käesolevaga kinnitab ZyXEL seadme seadmed vastavust direktiivi 1999/5/EÜ põhinõuetele ja nimetatud direktiivist tulenevatele teistele asjakohastele sätetele.
Appendix A Legal Information The following countries have restrictions and/or requirements in addition to those given in the table labeled “Overview of Regulatory Requirements for Wireless LANs”:. Overview of Regulatory Requirements for Wireless LANs Frequency Band (MHz) Max Power Level (EIRP)1 (mW) 2400-2483.
Appendix A Legal Information List of national codes COUNTRY ISO 3166 2 LETTER CODE COUNTRY ISO 3166 2 LETTER CODE Austria AT Malta MT Belgium BE Netherlands NL Cyprus CY Poland PL PT Czech Republic CR Portugal Denmark DK Slovakia SK Estonia EE Slovenia SI Finland FI Spain ES France FR Sweden SE Germany DE United Kingdom GB Greece GR Iceland IS Hungary HU Liechtenstein LI Ireland IE Norway NO Italy IT Switzerland CH Latvia LV Bulgaria BG Lithuania
Index Numbers broadcast 32 802.1p 122 BSS 67 example 67 A C activation dynamic DNS 140 DYNDNS wildcard 140 NAT 126 port binding 136 port forwarding 128 QoS 115 SSID 54 wireless LAN scheduling 61 WPS 58 CA 167 CBR 36, 40, 46 certificate factory default 168 certificates 167 authentication 167 CA public key 167 replacing 168 storage space 168 trusted CAs 169 adding a printer example 93 Certification Authority 167 address mapping types 132 Certification Authority.
WAN 32 connection nailed-up 44 encryption 66 ENET ENCAP 33, 39, 42 Extended Service Set IDentification 49, 55 copyright 215 customized services 154, 155 F D data fragment threshold 62, 64 DDoS 148 default LAN IP address 17 default server address 130 default server, NAT 127 Denials of Service, see DoS DHCP 29, 78, 81, 104 diagnostic 205 DiffServ Code Point, see DSCP digital IDs 167 disclaimer 215 DMZ 129, 130 DNS 78, 104, 201 Domain Name System, see DNS DoS 148 three-way handshake 156 thresholds 149, 156,
H host 179 I ICMP 149, 202 IGA 131 limitations wireless LAN 67 WPS 74 Local Area Network, see LAN login passwords 17 logout 17 automatic 17 logs 173 firewalls 153 IGMP 32, 80, 106 ILA 131 importing trusted CAs 169 Inside Global Address, see IGA M Inside Local Address, see ILA MAC 28 Internet Control Message Protocol, see ICMP MAC address 56, 82 filter 56, 65 IP address 29, 32, 34, 39, 44, 78, 105 default 17 default server 127 ping 205 private 105 IP alias 83 configuration 83 NAT applications 132 IP
IP alias 132 default server IP address 127 example 132 global 131 IGA 131 ILA 131 inside 131 local 131 outside 131 P2P 126 port forwarding 126, 127 activation 128 configuration 127 rules 128 remote management 196 product registration 215 push button 15 Push Button Configuration, see PBC push button, WPS 69 Q Network Address Translation, see NAT QoS 113 802.
wireless LAN 64 Security Parameter Index, see SPI T Service Set 49, 55 three-way handshake 156 setup DHCP 81 IP alias 83 IP precedenceQoS IP precedence 120 IP/MAC filter 142 port forwarding 127 static route 110, 112 WAN 32 thresholds data fragment 62, 64 DoS 149, 156, 157 P2P 157 shaping traffic 45 sharing files 88 Simple Network Management Protocol, see SNMP SNMP 199 agents 200 Manager 200 managers 200 MIB 200 network components 200 versions 199 SPI 148 SSID 65 activation 54 MBSSID 68 static route 10
VPI 34, 39, 44 W WAN 31 ATM QoS 36, 40, 45 encapsulation 31, 33, 39 IGMP 32 IP address 32, 34, 39, 44 mode 33, 39 MTU 36, 40 multicast 32 multiplexing 34, 39, 43 nailed-up connection 35, 44 NAT 39 setup 32 traffic shaping 45 example 45 VCI 34, 39, 44 VPI 34, 39, 44 warranty 215 note 215 WDS 59, 68 compatibility 59 example 68 Web Configurator 17 web configurator 13 passwords 17 preamble 62, 64 RADIUS server 66 scheduling 61 security 64 SSID 65 activation 54 WDS 59, 68 compatibility 59 example 68 WEP 66 WPA
ericom D1000 modem User’s Guide 225
ericom D1000 modem User’s Guide
ericom D1000 modem User’s Guide 227
ericom D1000 modem User’s Guide