P-2602HWUDL-D 802.11g Wireless ADSL VoIP IAD with Built-in DECT Base Station User’s Guide Version 3.40 8/2007 Edition 1 www.zyxel.
About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the ZyXEL Device using the web configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology. Related Documentation • Quick Start Guide The Quick Start Guide is designed to help you get up and running right away. It contains information on setting up your network and configuring for Internet access.
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. 1 " Warnings tell you about things that could harm you or your device. Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations. Syntax Conventions • The P-2602HWUDL-D may be referred to as the “ZyXEL Device”, the “device”, the “system” or the “product” in this User’s Guide.
Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The ZyXEL Device icon is not an exact representation of your device.
Safety Warnings Safety Warnings 1 For your safety, be sure to read and follow all warning notices and instructions. • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store things on the device. • Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning. • Connect ONLY suitable accessories to the device.
Safety Warnings P-2602HWUDL-D User’s Guide 7
Safety Warnings 8 P-2602HWUDL-D User’s Guide
Contents Overview Contents Overview Introduction ............................................................................................................................ 41 Introducing the ZyXEL Device ................................................................................................... 43 Tutorial ....................................................................................................................................... 51 Introducing the Web Configurator .....................
Contents Overview Troubleshooting ....................................................................................................................... 425 Product Specifications ............................................................................................................. 433 Appendices and Index .........................................................................................................
Table of Contents Table of Contents About This User's Guide .......................................................................................................... 3 Document Conventions............................................................................................................ 4 Safety Warnings........................................................................................................................ 6 Contents Overview .......................................................
Table of Contents 2.4 Configuring the Wireless Client ........................................................................................... 53 2.4.1 Connecting to a Wireless LAN ................................................................................... 54 2.4.2 Creating and Using a Profile ...................................................................................... 56 2.5 Using NAT with Multiple Public IP Addresses ....................................................................
Table of Contents Chapter 6 Bandwidth Management Wizard .......................................................................................... 111 6.1 Introduction .........................................................................................................................111 6.2 Bandwidth Management Wizard Setup ..............................................................................111 Part III: Advanced...............................................................................
Table of Contents 9.2 DNS Server Addresses ..................................................................................................... 144 9.3 LAN TCP/IP ....................................................................................................................... 144 9.3.1 IP Address and Subnet Mask ................................................................................... 144 9.3.2 RIP Setup .......................................................................................
Table of Contents 11.1.5 NAT Mapping Types ............................................................................................... 175 11.2 SUA (Single User Account) Versus NAT .......................................................................... 176 11.3 NAT General Setup .......................................................................................................... 176 11.4 Port Forwarding ............................................................................................
Table of Contents 12.10.3 DECT Phone Screen ............................................................................................ 206 12.11 Common Phone Settings Screen .................................................................................. 208 12.12 Phone Services Overview ............................................................................................. 209 12.12.1 The Flash Key ...................................................................................................
Table of Contents 14.4 Using Call Park and Pickup ............................................................................................. 237 14.5 Checking the ZyXEL Device’s IP Address ....................................................................... 238 14.6 Auto Provisioning and Auto Firmware Upgrade .............................................................. 238 14.7 Phone Functions Summary .............................................................................................
Table of Contents 17.3 Encapsulation .................................................................................................................. 267 17.3.1 Transport Mode ...................................................................................................... 268 17.3.2 Tunnel Mode ......................................................................................................... 268 17.4 IPSec and NAT ...............................................................................
Table of Contents 19.4 My Certificates ................................................................................................................. 298 19.5 My Certificate Import ...................................................................................................... 300 19.5.1 Certificate File Formats .......................................................................................... 301 19.6 My Certificate Create ...................................................................
Table of Contents 23.1 Remote Management Overview ..................................................................................... 337 23.1.1 Remote Management Limitations .......................................................................... 338 23.1.2 Remote Management and NAT .............................................................................. 338 23.1.3 System Timeout .................................................................................................... 338 23.2 WWW ....
Table of Contents 26.5 User Configuration ........................................................................................................... 380 26.5.1 Add or Edit a User Account .................................................................................... 381 26.6 Share Configuration ......................................................................................................... 382 26.6.1 Default Share Directory List ................................................................
Table of Contents 29.6 Restart ............................................................................................................................. 415 29.7 Using FTP or TFTP to Back Up Configuration ................................................................ 415 29.7.1 Using the FTP Commands to Back Up Configuration ............................................ 415 29.7.2 FTP Command Configuration Backup Example ................................................... 416 29.7.
Table of Contents Appendix E Services ............................................................................................................ 499 Appendix F Internal SPTGEN............................................................................................... 503 Appendix G Legal Information.............................................................................................. 527 Appendix H Customer Support................................................................................
Table of Contents 24 P-2602HWUDL-D User’s Guide
List of Figures List of Figures Figure 1 ZyXEL Device’s Router Features ............................................................................................. 45 Figure 2 ZyXEL Device’s VoIP Features ................................................................................................ 46 Figure 3 ZyXEL Device as a VoIP Trunking Gateway ............................................................................ 46 Figure 4 DECT Base Station Feature ........................................
List of Figures Figure 39 Tutorial Example: Firewall Rule: WAN to LAN Address Edit for Web Server ........................ 69 Figure 40 Tutorial Example: Firewall Rule: WAN to LAN Service Edit for Web Server ......................... 70 Figure 41 Tutorial Example: Firewall Rule: WAN to LAN Address Edit for Mail Server ......................... 71 Figure 42 Tutorial Example: Firewall Rule: WAN to LAN Service Edit for Mail Server ..........................
List of Figures Figure 82 VoIP Wizard Fail ................................................................................................................... 108 Figure 83 VoIP Wizard Finish .............................................................................................................. 109 Figure 84 Select a Mode .......................................................................................................................111 Figure 85 Wizard: Welcome ................................
List of Figures Figure 125 Application Priority Configuration ....................................................................................... 171 Figure 126 How NAT Works ................................................................................................................. 174 Figure 127 NAT Application With IP Alias ............................................................................................ 175 Figure 128 NAT General ......................................................
List of Figures Figure 168 PSTN to PSTN Example: General Configuration ............................................................... 233 Figure 169 PSTN to PSTN Example - Outgoing Authentication From Device B .................................. 233 Figure 170 PSTN to PSTN Example - Call Rule .................................................................................. 234 Figure 171 PSTN to PSTN Example - Incoming Authentication To Device C ......................................
List of Figures Figure 211 Trusted CAs ........................................................................................................................ 308 Figure 212 Trusted CA Import .............................................................................................................. 309 Figure 213 Trusted CA Details ............................................................................................................. 310 Figure 214 Trusted Remote Hosts ............................
List of Figures Figure 254 Open Printers Window ....................................................................................................... 360 Figure 255 Open Printer Properties ...................................................................................................... 361 Figure 256 Printer Properties Window .................................................................................................. 361 Figure 257 Add a Port Window .............................................
List of Figures Figure 297 Browse to a File Share via Workgroup Name .................................................................... 388 Figure 298 System General Setup ....................................................................................................... 392 Figure 299 System Time Setting .......................................................................................................... 393 Figure 300 View Log ....................................................................
List of Figures Figure 340 Windows Vista: Advanced TCP/IP Properties .................................................................... 459 Figure 341 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties ................................... 460 Figure 342 Macintosh OS 8/9: Apple Menu .......................................................................................... 461 Figure 343 Macintosh OS 8/9: TCP/IP ...................................................................................
List of Figures 34 P-2602HWUDL-D User’s Guide
List of Tables List of Tables Table 1 Models Covered ........................................................................................................................ 43 Table 2 LED Descriptions ...................................................................................................................... 48 Table 3 Web Configurator Icons in the Title Bar .................................................................................... 84 Table 4 Navigation Panel Summary ..................
List of Tables Table 39 Wireless: WPA(2) .................................................................................................................. 163 Table 40 Wireless LAN: Advanced ...................................................................................................... 165 Table 41 Network > Wireless LAN > OTIST ........................................................................................ 166 Table 42 MAC Address Filter ....................................................
List of Tables Table 82 Customized Services ............................................................................................................ 252 Table 83 Firewall: Configure Customized Services ............................................................................. 253 Table 84 Firewall: Threshold ................................................................................................................ 259 Table 85 Content Filter: Keyword .............................................
List of Tables Table 125 Remote Management: WWW ............................................................................................. 339 Table 126 Remote Management: Telnet .............................................................................................. 340 Table 127 Remote Management: FTP ................................................................................................. 341 Table 128 SNMP Traps ...........................................................................
List of Tables Table 168 Filename Conventions ........................................................................................................ 410 Table 169 Firmware Upgrade ...............................................................................................................411 Table 170 Restore Configuration ......................................................................................................... 413 Table 171 General Commands for GUI-based FTP Clients ....................
List of Tables 40 P-2602HWUDL-D User’s Guide
P ART I Introduction Introducing the ZyXEL Device (43) Tutorial (51) Introducing the Web Configurator (81) 41
CHAPTER 1 Introducing the ZyXEL Device This chapter introduces the main applications and features of the ZyXEL Device. It also introduces the ways you can manage the ZyXEL Device. 1.1 Overview The P-2602HWUDL-D series are Integrated Access Devices (IADs) that combine an ADSL2+ router with Voice over IP (VoIP) communication capabilities to allow you to use a traditional analog telephone to make Internet calls.
Chapter 1 Introducing the ZyXEL Device 1 When the ZyXEL Device does not have power, the phone(s) connected to the PHONE port can still be used for making PSTN calls. Only one phone can be in use at a time. • Models ending in “1”, for example P-2602HWUDL-D1, denote a device that works over the analog telephone system, POTS (Plain Old Telephone Service). Models ending in “3” denote a device that works over ISDN (Integrated Services Digital Network) or T-ISDN (UR-2).
Chapter 1 Introducing the ZyXEL Device • Change the password. Use a password that’s not easy to guess and that consists of different types of characters, such as numbers and letters. • Write down the password and put it in a safe place. • Back up the configuration (and make sure you know how to restore it). Restoring an earlier working configuration may be useful if the device becomes unstable or even crashes.
Chapter 1 Introducing the ZyXEL Device 1.4.2 VoIP Features You can register up to 10 SIP (Session Initiation Protocol) accounts and use the ZyXEL Device to make and receive VoIP telephone calls: Figure 2 ZyXEL Device’s VoIP Features A Internet B PSTN • Peer-to-Peer calls (A) - Use the ZyXEL Device to make a call to the recipient’s IP address without using a SIP proxy server.
Chapter 1 Introducing the ZyXEL Device 1.4.4 DECT Base Station Feature Your ZyXEL Device has a built in Digital Enhanced Cordless Telecommunications (DECT) base station. DECT is an ETSI (European Telecommunications Standards Institute) standard for digital cordless phones which specifies how they transmit, receive and process data and voice communication. You can register any DECT GAP phone with the ZyXEL Device.
Chapter 1 Introducing the ZyXEL Device 1.5 LEDs (Lights) The following graphic displays the labels of the LEDs. Figure 6 LEDs on the Top of the Device None of the LEDs are on if the ZyXEL Device is not receiving power. Table 2 LED Descriptions LED COLOR STATUS DESCRIPTION POWER Green The ZyXEL Device is receiving power and ready for use. Red ETHERNET 1-4 WLAN DSL INTERNET Green Green Green Green Red 48 On Blinking The ZyXEL Device is self-testing.
Chapter 1 Introducing the ZyXEL Device Table 2 LED Descriptions LED COLOR STATUS DESCRIPTION USB Green On The ZyXEL Device recognizes a USB connection. Blinking The ZyXEL Device is sending/receiving data to /from the USB device connected to it. Off The ZyXEL Device does not detect a USB connection. On A SIP account is registered for the phone port. Blinking A telephone connected to the phone port has its receiver off of the hook or there is an incoming call.
Chapter 1 Introducing the ZyXEL Device 2 To set the device back to the factory default settings, press the RESET button for ten seconds or until the POWER LED begins to blink and then release it. When the POWER LED begins to blink, the defaults have been restored and the device restarts. 1.7 The WLAN Button You can use the ON/OFF WLAN button ( ) on the top of the device to turn the wireless LAN off or on.
CHAPTER 2 Tutorial This chapter describes how to 2.1 How to Set up a Wireless Network This section gives you examples of how to set up an access point and wireless client for wireless communication using the following parameters. The wireless clients can access the Internet through an AP wirelessly. 2.2 Example Parameters SSID SSID_Example3 Security WPA-PSK (Pre-Shared Key: ThisismyWPA-PSKpre-sharedkey) 802.11 mode Mixed (IEEE 802.
Chapter 2 Tutorial Figure 7 AP: Wireless LAN > General 2 Make sure the Active Wireless LAN check box is selected. 3 Enter “SSID_Example3” as the SSID and select a channel which is not used by another AP. 4 Set security mode to WPA-PSK and enter “ThisismyWPA-PSKpre-sharedkey” in the Pre-Shared Key field. Click Apply. 5 Click the Advanced Setup button and select Mixed in the 802.11 Mode field. Click Apply. Figure 8 AP: Wireless LAN > General > Advanced Setup 6 Open the Status screen.
Chapter 2 Tutorial Figure 9 AP: Status 7 Click the WLAN Station Status hyperlink in the AP’s Status screen. You can see if any wireless client has connected to the AP. Figure 10 AP: Status: WLAN Station Status 2.4 Configuring the Wireless Client This section describes how to connect the wireless client to a network.
Chapter 2 Tutorial 2.4.1 Connecting to a Wireless LAN The following sections show you how to join a wireless network using the ZyXEL utility, as in the following diagram. The wireless client is labeled C and the access point is labeled AP. Internet C AP There are three ways to connect the client to an access point. • Configure nothing and leave the wireless client to automatically scan for and connect to any available network that has no wireless security configured. • Manually connect to a network.
Chapter 2 Tutorial Use the Next button to move on to the next screen. You can use the Back button at any time to return to the previous screen, or the Exit button to return to the Site Survey screen. Figure 12 ZyXEL Utility: Security Settings 4 The Confirm Save window appears. Check your settings and click Save to continue. Figure 13 ZyXEL Utility: Confirm Save 5 The ZyXEL utility returns to the Link Info screen while it connects to the wireless network using your settings.
Chapter 2 Tutorial 6 Open your Internet browser and enter http://www.zyxel.com or the URL of any other web site in the address bar. If you are able to access the web site, your wireless connection is successfully configured. If you cannot access the web site, try changing the encryption type in the Security Settings screen, check the Troubleshooting section of this User's Guide or contact your network administrator. 2.4.
Chapter 2 Tutorial 3 Give the profile a descriptive name (of up to 32 printable ASCII characters). Select Infrastructure and either manually enter or select the AP's SSID in the Scan Info table and click Select. 4 Choose the same encryption method as the AP to which you want to connect (In this example, WPA-PSK). Figure 17 ZyXEL Utility: Profile Security 5 This screen varies depending on the encryption method you selected in the previous screen.
Chapter 2 Tutorial Figure 20 Profile: Confirm Save 8 Click Activate Now to use the new profile immediately. Otherwise, click the Activate Later button. If you clicked Activate Later, you can select the profile from the list in the Profile screen and click Connect to activate it. " Only one profile can be activated and used at any given time. Figure 21 Profile: Activate 9 When you activate the new profile, the ZyXEL utility returns to the Link Info screen while it connects to the AP using your settings.
Chapter 2 Tutorial 2.5.1 Example Parameters and Scenario The following table shows the public IP addresses from your ISP and your ZyXEL Device’s LAN IP address. Public IP Addresses 1.2.3.4 to 1.2.3.7 ZyXEL Device’s LAN IP Address 192.168.1.1 The following figure shows the network you want to set up in this example. • Assign the first public address (1.2.3.4) to the ZyXEL Device’s WAN port. • Map the second and third public IP addresses (1.2.3.5 and 1.2.3.6) to the web and mail servers (192.168.1.
Chapter 2 Tutorial Public IP Addresses 1.2.3.4 1.2.3.5 1.2.3.6 1.2.3.7 Gateway IP Address 1.2.3.89 Subnet Mask 255.255.255.0 User Name exampleuser Password abcd1234 DNS Server 1.2.1.1 1.2.1.2 Follow the steps below to configure your ZyXEL Device for Internet access using PPPoE in this example. Figure 23 Tutorial Example: WAN Connection with a Static Public IP Address LAN WAN Internet 192.168.1.1 1.2.3.4 1 Click Network > WAN.
Chapter 2 Tutorial Figure 24 Tutorial Example: WAN Screen 7 Go to the Home screen to check your WAN connection status. Make sure the status is not down.
Chapter 2 Tutorial Figure 25 Tutorial Example: Status 2.5.3 Public IP Address Mapping To have the local computers and servers use specific WAN IP addresses, you need to map static public IP addresses to them. " " The one-to-one NAT address mapping rules are for both incoming and outgoing connections. The ZyXEL Device forwards traffic that is initiated from either the LAN or the WAN to the destination IP address. The many-to-one or many-to-many NAT address mapping rules are for outgoing connections only.
Chapter 2 Tutorial Figure 26 Tutorial Example: Mapping Multiple Public IP Addresses to Inside Servers LAN 192.168.1.39 WAN Mapping rules: 192.168.1.12 <---> 1.2.3.5 (1-1) 192.168.1.13 <---> 1.2.3.6 (1-1) Other outgoing LAN traffic ---> 1.2.3.4 (M-1) 1.2.3.4 1.2.3.5 1.2.3.6 1.2.3.7 192.168.1.39 Web 192.168.1.12 " Internet Mail 192.168.1.13 The ZyXEL Device applies the rules in the order that you specify. You should put any one-to-one rules before a many-to-one rule. 1 Click Advanced > NAT.
Chapter 2 Tutorial Figure 28 Tutorial Example: NAT > Address Mapping 5 Map a public IP address to the web server. Select the One-to-One type and enter 192.168.1.12 as the local start IP address and 1.2.3.5 as the global start IP address. Click Apply. Figure 29 Tutorial Example: NAT Address Mapping Edit: One-to-One (1) 6 Click the second rule’s Edit icon ( ). 7 Map a public IP address to the mail server. Select the One-to-One type and enter 192.168.1.13 as the local start IP address and 1.2.3.
Chapter 2 Tutorial Figure 30 Tutorial Example: NAT Address Mapping Edit: One-to-One (2) 8 Click the third rule’s Edit icon ( ). 9 Map a public IP address to other outgoing LAN traffic. Select the Many-to-One type and enter 192.168.1.1 as the local start IP address, 192.168.1.254 as the local end IP address and 1.2.3.4 as the global start IP address. Click Apply. Figure 31 Tutorial Example: NAT Address Mapping Edit: Many-to-One 10 After the configurations, the Address Mapping screen looks as shown.
Chapter 2 Tutorial Figure 32 Tutorial Example: NAT Address Mapping Done " To allow traffic from the WAN to be forwarded through the ZyXEL Device, you must also create a firewall rule. Refer to Section 2.5.5 on page 67 for more information. 2.5.4 Forwarding Traffic from the WAN to a Local Computer A server NAT address mapping rule allows computers behind the NAT be accessible to the outside world.
Chapter 2 Tutorial Figure 34 Tutorial Example: NAT Address Mapping Edit: Server 3 Select a number and click the Edit Details link to edit a port forwarding set. 4 Select FTP from the Service Name drop-down list box, and enter “192.168.1.39” as the server IP address. Click Add to add the rule to the table. 5 Click Apply to go back to the Edit Address Mapping Rule screen. Click Apply again. Figure 35 Tutorial Example: NAT Port Forwarding 2.5.
Chapter 2 Tutorial Figure 36 Tutorial Example: Allow WAN-to-LAN Traffic LAN WAN FTP 192.168.1.39 FTP 192.168.1.39 Web 192.168.1.12 Internet Mail 192.168.1.13 1 Click Security > Firewall. 2 Make sure the firewall is enabled and traffic from the WAN to the LAN is dropped. Figure 37 Tutorial Example: Firewall > General 3 Go to the Rules screen. 4 Select the WAN to LAN packet direction and click the Add button to create a new firewall rule.
Chapter 2 Tutorial Figure 38 Tutorial Example: Firewall Rules: WAN to LAN 5 Configure a firewall rule to allow traffic from the WAN to the web server. Select Any in the Destination Address List box and click Delete. Select Single Address as the destination address type. Enter “192.168.1.12” and click Add >>.
Chapter 2 Tutorial Figure 40 Tutorial Example: Firewall Rule: WAN to LAN Service Edit for Web Server 7 Click the Add button to configure a firewall rule to allow traffic from the WAN to the mail server. Select Any in the Destination Address List box and click Delete. Select Single Address as the destination address type. Enter “192.168.1.13” and click Add.
Chapter 2 Tutorial Figure 41 Tutorial Example: Firewall Rule: WAN to LAN Address Edit for Mail Server 8 Select Any(All) in the Available Services box on the left, and click Add >> to add it to the Selected Services box on the right. Click Apply.
Chapter 2 Tutorial 9 Click the Add button to configure a firewall rule to allow FTP traffic from the WAN to the FTP server. Select Any in the Destination Address List box and click Delete. Select Single Address as the destination address type. Enter “192.168.1.39” and click Add. Figure 43 Tutorial Example: Firewall Rule: WAN to LAN Address Edit for FTP Server 10 Select FTP(TCP:20,21) in the Available Services box on the left, and click Add >> to add it to the Selected Services box on the right.
Chapter 2 Tutorial Figure 44 Tutorial Example: Firewall Rule: WAN to LAN Service Edit for FTP Server 11 When you are done, the Rules screen looks as shown. Figure 45 Tutorial Example: Firewall Rules Done 2.5.6 Testing the Connections 1 Open the web browser on one of the local computers and enter any web site’s URL in the address bar. If you can access the web site, your WAN connection and NAT address mapping are configured successfully.
Chapter 2 Tutorial correct information in the WAN and NAT Address Mapping screens. Also check that the Internet account is active and the computer’s IP address is in the same subnet as the ZyXEL Device. 2 Open your web browser and try accessing the web server (1.2.3.5) from the outside network. If you cannot access the web server, make sure the NAT address mapping rule is configured correctly and there is a firewall rule to allow HTTP traffic from the WAN to the web server.
Chapter 2 Tutorial 2.7 How to Make a VoIP Call You can register a SIP account with the SIP server and make voice calls over the Internet to another VoIP device. You can also make a peer-to-peer call to a VoIP device directly without a registered SIP account or SIP server. You must know the peer device’s IP address or domain name. 2.7.
Chapter 2 Tutorial Figure 47 Tutorial Example: SIP Settings 10 Go to the Status screen to check if your SIP account has been registered successfully. If registration failed, check your SIP settings and click Register to register your SIP account again.
Chapter 2 Tutorial 2.7.1.2 Analog Phone Configuration 1 Click VoIP > Phone to open the Analog Phone screen. 2 Select Phone 1 to configure the first phone port. 3 Select the SIP1 checkbox in the Outgoing Call Use section to have the phone (connected to the first phone port) use the registered SIP1 account to make outgoing calls. 4 Select the SIP1 checkbox in the Incoming Call apply to section to have the phone (connected to the first phone port) receive phone calls for the SIP1 account.
Chapter 2 Tutorial The following table shows the information you need in this example. SIP Number of the Phone Connected to the ZyXEL Device 12345678 Peer Device’s IP Address or URL 10.1.2.3 Peer Device’s SIP Number 22222222 2.7.2.1 SIP Account Configuration If you didn’t register a SIP account before and want to make only peer-to-peer VoIP calls, follow the steps below to configure an unregistered SIP account for the phone attached to the ZyXEL Device. 1 2 3 4 Click VoIP > SIP.
Chapter 2 Tutorial 4 Select the SIP1 checkbox in the Incoming Call apply to section to have the phone (connected to the first phone port) receive phone calls for the SIP1 account. 5 Click Apply to save your changes. Figure 51 Tutorial Example: Analog Phone 2.7.2.3 Peer-to-Peer Call Configuration Follow the steps below to configure a speed dial entry for peer-to-peer calls. 1 Open the web configurator and go to VoIP > Phone Book > Speed Dial.
Chapter 2 Tutorial Figure 52 Tutorial Example: Speed Dial 2.7.2.4 Making a Peer-to-Peer VoIP Call 1 2 3 4 80 Make sure you connect a telephone to the first phone port on the ZyXEL Device. Make sure the ZyXEL Device is on and connected to the Internet. Pick up the phone receiver. Dial #01 to make a peer-to-peer call to the peer device. You need to press the # (pound) key followed by the 0 and 1 keys.
CHAPTER 3 Introducing the Web Configurator This chapter describes how to access and navigate the web configurator. 3.1 Web Configurator Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and later versions. The recommended screen resolution is 1024 by 768 pixels.
Chapter 3 Introducing the Web Configurator Figure 53 Password Screen 5 The following screen displays if you have not yet changed your password. It is strongly recommended you change the default password. Enter a new password, retype it to confirm and click Apply; alternatively click Ignore to proceed to the main menu if you do not want to change the password now.
Chapter 3 Introducing the Web Configurator Figure 55 Replace Certificate Screen 7 A screen displays to let you choose whether to go to the wizard or the advanced screens. • Click Go to Wizard setup if you are logging in for the first time or if you want to make basic changes. The wizard selection screen appears after you click Apply. See Chapter 4 on page 91 for more information. • Click Go to Advanced setup if you want to configure features that are not available in the wizards.
Chapter 3 Introducing the Web Configurator 3.2 Web Configurator Main Screen Figure 57 Main Screen A B C D As illustrated above, the main screen is divided into these parts: • • • • A - title bar B - navigation panel C - main window D - status bar 3.2.1 Title Bar The title bar allows you to change the language and provides some icons in the upper right corner. The icons provide the following functions.
Chapter 3 Introducing the Web Configurator 3.2.2 Navigation Panel Use the menu items on the navigation panel to open screens to configure ZyXEL Device features. The following tables describe each menu item. Table 4 Navigation Panel Summary LINK TAB Status FUNCTION This screen shows the ZyXEL Device’s general device and network status information. Use this screen to access the statistics and client list.
Chapter 3 Introducing the Web Configurator Table 4 Navigation Panel Summary LINK TAB FUNCTION Speed Dial Use this screen to configure speed dial for SIP phone numbers that you call often. Incoming Call Policy Use this screen to configure call-forwarding. Distinctive Ring Use this screen to configure ring tone behavior based on the origin of incoming calls. PSTN Line General Use this screen to configure your ZyXEL Device’s settings for PSTN calls.
Chapter 3 Introducing the Web Configurator Table 4 Navigation Panel Summary LINK TAB FUNCTION WWW Use this screen to configure through which interface(s) and from which IP address(es) users can use HTTP to manage the ZyXEL Device. Telnet Use this screen to configure through which interface(s) and from which IP address(es) users can use Telnet to manage the ZyXEL Device.
Chapter 3 Introducing the Web Configurator 3.2.4 Status Bar Check the status bar when you click Apply or OK to verify that the configuration has been updated.
P ART II Wizard Internet and Wireless Setup Wizard (91) VoIP Wizard And Example (105) Bandwidth Management Wizard (111) 89
CHAPTER 4 Internet and Wireless Setup Wizard This chapter provides information on the Wizard Setup screens for Internet access in the web configurator. 4.1 Introduction Use the wizard setup screens to configure your system for Internet access with the information given to you by your ISP. " See the advanced menu chapters for background information on these fields. 4.2 Internet Access Wizard Setup 1 After you enter the password to access the web configurator, select Go to Wizard setup and click Apply.
Chapter 4 Internet and Wireless Setup Wizard Figure 58 Select a Mode 2 Click INTERNET/WIRELESS SETUP to configure the system for Internet access and wireless connection. Figure 59 Wizard Welcome 3 Your ZyXEL device attempts to detect your DSL connection and your connection type. 3a The following screen appears if a connection is not detected. Check your hardware connections and click Restart the Internet/Wireless Setup Wizard to return to the wizard welcome screen.
Chapter 4 Internet and Wireless Setup Wizard Figure 60 Auto Detection: No DSL Connection 3b The following screen displays if a PPPoE or PPPoA connection is detected. Enter your Internet account information (username, password and/or service name) exactly as provided by your ISP. Then click Next and see Section 4.3 on page 99 for wireless connection wizard setup. Figure 61 Auto-Detection: PPPoE 3c The following screen appears if the ZyXEL device detects a connection but not the connection type.
Chapter 4 Internet and Wireless Setup Wizard Figure 62 Auto Detection: Failed 4.2.1 Manual Configuration 1 If the ZyXEL Device fails to detect your DSL connection type but the physical line is connected, enter your Internet access information in the wizard screen exactly as your service provider gave it to you. Leave the defaults in any fields for which you were not given information.
Chapter 4 Internet and Wireless Setup Wizard Figure 63 Internet Access Wizard Setup: ISP Parameters The following table describes the fields in this screen. Table 5 Internet Access Wizard Setup: ISP Parameters LABEL DESCRIPTION Mode Select Routing (default) from the drop-down list box if your ISP give you one IP address only and you want multiple computers to share an Internet account.
Chapter 4 Internet and Wireless Setup Wizard 2 The next wizard screen varies depending on what mode and encapsulation type you use. All screens shown are with routing mode. Configure the fields and click Next to continue. See Section 4.3 on page 99 for wireless connection wizard setup Figure 64 Internet Connection with PPPoE The following table describes the fields in this screen. Table 6 LABEL DESCRIPTION User Name Enter the user name exactly as your ISP assigned.
Chapter 4 Internet and Wireless Setup Wizard The following table describes the fields in this screen. Table 7 Internet Connection with RFC 1483 LABEL DESCRIPTION IP Address This field is available if you select Routing in the Mode field. Type your ISP assigned IP address in this field. Back Click Back to go back to the previous wizard screen. Next Click Next to continue to the next wizard screen. Exit Click Exit to close the wizard screen without saving your changes.
Chapter 4 Internet and Wireless Setup Wizard Table 8 Internet Connection with ENET ENCAP (continued) LABEL DESCRIPTION Apply Click Apply to save your changes back to the ZyXEL Device. Exit Click Exit to close the wizard screen without saving your changes. Figure 67 Internet Connection with PPPoA The following table describes the fields in this screen. Table 9 Internet Connection with PPPoA LABEL DESCRIPTION User Name Enter the login name that your ISP gives you.
Chapter 4 Internet and Wireless Setup Wizard Figure 68 Connection Test Failed-1 • If the following screen displays, check if your account is activated or click Restart the Internet/Wireless Setup Wizard to verify your Internet access settings. Figure 69 Connection Test Failed-2. 4.3 Wireless Connection Wizard Setup After you configure the Internet access information, use the following screens to set up your wireless LAN. 1 Select Yes and click Next to configure wireless settings.
Chapter 4 Internet and Wireless Setup Wizard Figure 70 Connection Test Successful 2 Use this screen to activate the wireless LAN and OTIST. Click Next to continue. Figure 71 Wireless LAN Setup Wizard 1 The following table describes the labels in this screen. Table 10 Wireless LAN Setup Wizard 1 100 LABEL DESCRIPTION Active Select the check box to turn on the wireless LAN.
Chapter 4 Internet and Wireless Setup Wizard 3 Configure your wireless settings in this screen. Click Next. Figure 72 Wireless LAN The following table describes the labels in this screen. Table 11 Wireless LAN Setup Wizard 2 " LABEL DESCRIPTION Network Name(SSID) Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless LAN. If you change this field on the ZyXEL Device, make sure all wireless stations use the same SSID in order to access the network.
Chapter 4 Internet and Wireless Setup Wizard 4.3.1 Manually Assign a WPA key Choose Manually assign a WPA key in the Wireless LAN setup screen to set up a PreShared Key. Figure 73 Manually Assign a WPA key The following table describes the labels in this screen. Table 12 Manually Assign a WPA key LABEL DESCRIPTION Pre-Shared Key Type from 8 to 63 case-sensitive ASCII characters. You can set up the most secure wireless connection by configuring WPA in the wireless LAN screens.
Chapter 4 Internet and Wireless Setup Wizard The following table describes the labels in this screen. Table 13 Manually Assign a WEP key LABEL DESCRIPTION Key The WEP keys are used to encrypt data. Both the ZyXEL Device and the wireless stations must use the same WEP key for data transmission. Enter any 5, 13 or 29 ASCII characters or 10, 26 or 58 hexadecimal characters ("0-9", "A-F") for a 64-bit, 128-bit or 256-bit WEP key respectively. Back Click Back to display the previous screen.
Chapter 4 Internet and Wireless Setup Wizard Figure 76 Internet Access and WLAN Wizard Setup Complete 7 Launch your web browser and navigate to www.zyxel.com. Internet access is just the beginning. Refer to the rest of this guide for more detailed information on the complete range of ZyXEL Device features. If you cannot access the Internet, open the web configurator again to confirm that the Internet settings you configured in the wizard setup are correct.
CHAPTER 5 VoIP Wizard And Example This chapter shows you how to configure your SIP account(s) and make a VoIP phone call. 5.1 Introduction The ZyXEL Device has Voice over IP (VoIP) communication capabilities that allow you to use a traditional analog telephone to make Internet calls. You can configure the ZyXEL Device to use up to two SIP based VoIP accounts. This section describes how you can set up your ZyXEL Device to call someone who is also using a VoIP device.
Chapter 5 VoIP Wizard And Example Figure 78 Select a Mode 2 Click VOICE OVER INTERNET SETUP to configure your SIP settings. Figure 79 Wizard: Welcome 3 Fill in the VOICE OVER INTERNET SETUP wizard screen with the information provided by your VoIP service provider. Your VoIP service provider supplies you with the following information. When you are finished, click Apply.
Chapter 5 VoIP Wizard And Example Table 14 Sample SIP Account Information INFORMATION FROM VOIP SERVICE PROVIDER EXAMPLE VALUES DESCRIPTION Username VoIPUser This is the username you use to login to your SIP account. Password Password This is the password you use to login to your SIP account. Figure 80 VoIP Wizard Configuration The following table describes the labels in this screen. Table 15 VoIP Wizard Configuration LABEL DESCRIPTION SIP Number Enter your SIP number in this field.
Chapter 5 VoIP Wizard And Example Table 15 VoIP Wizard Configuration LABEL DESCRIPTION Back Click Back to return to the previous screen. Apply Click Apply to complete the wizard setup and save your configuration. Exit Click Exit to close the wizard without saving your settings. 4 Your ZyXEL Device will attempt to register your SIP account with your VoIP service provider. When your account is registered your PHONE light will come on and you are ready to make and receive VoIP phone calls.
Chapter 5 VoIP Wizard And Example Figure 83 VoIP Wizard Finish 7 To call other VoIP users, you need to follow a similar process to ensure that their SIP account is registered and active. After it is registered, they need to provide you with their SIP number. You can use your VoIP service provider’s dialing plan to call SIP numbers. You can also use your VoIP service provider’s dialing plan to call regular phone numbers.
Chapter 5 VoIP Wizard And Example 110 P-2602HWUDL-D User’s Guide
CHAPTER 6 Bandwidth Management Wizard This chapter shows you how to configure basic bandwidth management using the wizard screens. 6.1 Introduction Bandwidth management allows you to control the amount of bandwidth going out through the ZyXEL Device’s WAN port and prioritize the distribution of the bandwidth according to service bandwidth requirements. This helps keep one service from using all of the available bandwidth and shutting out other users. 6.
Chapter 6 Bandwidth Management Wizard Figure 85 Wizard: Welcome 3 Select Active to allocate bandwidth to packets based on the packet size. Figure 86 Bandwidth Management Wizard: General Information The following fields describe the label in this screen.
Chapter 6 Bandwidth Management Wizard Figure 87 Bandwidth Management Wizard: Complete P-2602HWUDL-D User’s Guide 113
Chapter 6 Bandwidth Management Wizard 114 P-2602HWUDL-D User’s Guide
P ART III Advanced Status Screens (117) WAN Setup (127) LAN Setup (143) Wireless LAN (155) Network Address Translation (NAT) Screens (173) Voice (185) VoIP Trunking (221) Phone Usage (237) Firewalls (241) Content Filtering (261) Introduction to IPSec (265) VPN Screens (271) Certificates (297) Static Route (321) Bandwidth Management (325) Dynamic DNS Setup (333) Remote Management Configuration (337) Universal Plug-and-Play (UPnP) (347) 115
CHAPTER 7 Status Screens Use the Status screens to look at the current status of the device, system resources, interfaces (LAN and WAN), and SIP accounts. You can also register and unregister SIP accounts. The Status screen also provides detailed information from Any IP and DHCP and statistics from VoIP, bandwidth management, and traffic. 7.1 Status Screen Click Status to open this screen.
Chapter 7 Status Screens Figure 88 Status Screen Each field is described in the following table. Table 17 Status Screen LABEL DESCRIPTION Refresh Interval Enter how often you want the ZyXEL Device to update this screen. Apply Click this to update this screen immediately. Device Information 118 Host Name This field displays the ZyXEL Device system name. It is used for identification. You can change this in the Maintenance > System > General screen’s System Name field.
Chapter 7 Status Screens Table 17 Status Screen LABEL DESCRIPTION MAC Address This is the MAC (Media Access Control) or Ethernet address unique to your ZyXEL Device. ZyNOS Firmware Version This field displays the current version of the firmware inside the device. It also shows the date the firmware version was created. Click this to go to the screen where you can change it. DSL Firmware Version This field displays the current version of the device’s DSL modem code.
Chapter 7 Status Screens Table 17 Status Screen LABEL DESCRIPTION Current Date/ Time This field displays the current date and time in the ZyXEL Device. You can change this in Maintenance > System > Time Setting. System Mode This displays whether the ZyXEL Device is functioning as a router or a bridge. CPU Usage This field displays what percentage of the ZyXEL Device’s processing ability is currently used.
Chapter 7 Status Screens Table 17 Status Screen LABEL DESCRIPTION Registration This field displays the current registration status of the SIP account. You have to register SIP accounts with a SIP server to use VoIP. If the SIP account is already registered with the SIP server, • Click Unregister to delete the SIP account’s registration in the SIP server. This does not cancel your SIP account, but it deletes the mapping between your SIP identity and your IP address or domain name.
Chapter 7 Status Screens 7.3 WLAN Status Click Status > WLAN Status to access this screen. Use this screen to view the wireless stations that are currently associated to the ZyXEL Device. Figure 90 WLAN Status The following table describes the labels in this screen. Table 19 WLAN Status LABEL DESCRIPTION # This is the index number of an associated wireless station. MAC Address This field displays the MAC (Media Access Control) address of an associated wireless station.
Chapter 7 Status Screens Figure 91 Packet Statistics The following table describes the fields in this screen. Table 20 Packet Statistics LABEL DESCRIPTION System Monitor System up Time This is the elapsed time the system has been up. Current Date/Time This field displays your ZyXEL Device’s present date and time. CPU Usage This field specifies the percentage of CPU utilization. Memory Usage This field specifies the percentage of memory utilization.
Chapter 7 Status Screens Table 20 Packet Statistics (continued) LABEL DESCRIPTION Interface This field displays either Ethernet (LAN ports) or Wireless (WLAN port). Status For the LAN ports, this field displays Down (line is down) or Up (line is up or connected). For the WLAN port, it displays the transmission rate when WLAN is enabled or N/A when WLAN is disabled. TxPkts This field displays the number of packets transmitted on this interface.
Chapter 7 Status Screens Each field is described in the following table. Table 21 VoIP Statistics LABEL DESCRIPTION SIP Status Account This column displays each SIP account in the ZyXEL Device. Registration This field displays the current registration status of the SIP account. You can change this in the Status screen. Registered - The SIP account is registered with a SIP server. Register Fail - The last time the ZyXEL Device tried to register the SIP account with the SIP server, the attempt failed.
Chapter 7 Status Screens Table 21 VoIP Statistics 126 LABEL DESCRIPTION Rx B/s This field displays how quickly the ZyXEL Device has received packets in the current call. The rate is the average number of bytes transmitted per second. Poll Interval(s) Enter how often you want the ZyXEL Device to update this screen, and click Set Interval. Set Interval Click this to make the ZyXEL Device update the screen based on the amount of time you specified in Poll Interval.
CHAPTER 8 WAN Setup This chapter describes how to configure WAN settings. 8.1 WAN Overview A WAN (Wide Area Network) is an outside connection to another network or the Internet. 8.1.1 Encapsulation Be sure to use the encapsulation method required by your ISP. The ZyXEL Device supports the following methods. 8.1.1.1 ENET ENCAP The MAC Encapsulated Routing Link Protocol (ENET ENCAP) is only implemented with the IP network protocol.
Chapter 8 WAN Setup 8.1.1.3 PPPoA PPPoA stands for Point to Point Protocol over ATM Adaptation Layer 5 (AAL5). A PPPoA connection functions like a dial-up Internet connection. The ZyXEL Device encapsulates the PPP session based on RFC1483 and sends it through an ATM PVC (Permanent Virtual Circuit) to the Internet Service Provider’s (ISP) DSLAM (Digital Subscriber Line (DSL) Access Multiplexer). Please refer to RFC 2364 for more information on PPPoA. Refer to RFC 1661 for more information on PPP. 8.1.1.
Chapter 8 WAN Setup 8.1.4.1 IP Assignment with PPPoA or PPPoE Encapsulation If you have a dynamic IP, then the IP Address and Gateway IP Address fields are not applicable (N/A). If you have a static IP, then you only need to fill in the IP Address field and not the Gateway IP Address field. 8.1.4.2 IP Assignment with RFC 1483 Encapsulation In this case the IP address assignment must be static. 8.1.4.3 IP Assignment with ENET ENCAP Encapsulation In this case you can have either a static or dynamic IP.
Chapter 8 WAN Setup 8.3 Traffic Shaping Traffic Shaping is an agreement between the carrier and the subscriber to regulate the average rate and fluctuations of data transmission over an ATM network. This agreement helps eliminate congestion, which is important for transmission of real time data such as audio and video connections. Peak Cell Rate (PCR) is the maximum rate at which the sender can send cells. This parameter may be lower (but not higher) than the maximum line speed.
Chapter 8 WAN Setup 8.3.1.2 Variable Bit Rate (VBR) The Variable Bit Rate (VBR) ATM traffic class is used with bursty connections. Connections that use the Variable Bit Rate (VBR) traffic class can be grouped into real time (VBR-RT) or non-real time (VBR-nRT) connections. The VBR-RT (real-time Variable Bit Rate) type is used with bursty connections that require closely controlled delay and delay variation.
Chapter 8 WAN Setup Figure 94 Internet Access Setup (PPPoE) The following table describes the labels in this screen. Table 22 Internet Access Setup LABEL DESCRIPTION General 132 Mode Select Routing (default) from the drop-down list box if your ISP give you one IP address only and you want multiple computers to share an Internet account. Select Bridge when your ISP provides you more than one IP address and you want the connected computers to get individual IP address from ISP’s DHCP server directly.
Chapter 8 WAN Setup Table 22 Internet Access Setup (continued) LABEL DESCRIPTION Multiplexing Select the method of multiplexing used by your ISP from the drop-down list. Choices are VC or LLC. Virtual Circuit ID VPI (Virtual Path Identifier) and VCI (Virtual Channel Identifier) define a virtual circuit. Refer to the appendix for more information. VPI The valid range for the VPI is 0 to 255. Enter the VPI assigned to you.
Chapter 8 WAN Setup 8.5.1 Advanced Internet Access Setup Use this screen to edit your ZyXEL Device's advanced WAN settings. Click the Advanced Setup button in the Internet Access Setup screen. The screen appears as shown. Figure 95 Advanced Internet Access Setup The following table describes the labels in this screen.
Chapter 8 WAN Setup Table 23 Advanced Internet Access Setup (continued) LABEL DESCRIPTION Sustain Cell Rate The Sustain Cell Rate (SCR) sets the average cell rate (long-term) that can be transmitted. Type the SCR, which must be less than the PCR. Note that system default is 0 cells/sec. Maximum Burst Size Maximum Burst Size (MBS) refers to the maximum number of cells that can be sent at the peak rate. Type the MBS, which is less than 65535.
Chapter 8 WAN Setup The following table describes the labels in this screen. Table 24 Advanced Internet Access Setup LABEL DESCRIPTION # This is an index number indicating the number of the corresponding connection. Active This field indicates whether the connection is active or not. Clear the check box to disable the connection. Select the check box to enable it. Name This is the name you gave to the Internet connection.
Chapter 8 WAN Setup Figure 97 More Connections Edit The following table describes the labels in this screen. Table 25 More Connections Edit LABEL DESCRIPTION Active Select the check box to activate or clear the check box to deactivate this connection. Name Enter a unique, descriptive name of up to 13 ASCII characters for this connection. Mode Select Routing from the drop-down list box if your ISP allows multiple computers to share an Internet account.
Chapter 8 WAN Setup Table 25 More Connections Edit (continued) LABEL DESCRIPTION User Name (PPPoA and PPPoE encapsulation only) Enter the user name exactly as your ISP assigned. If assigned a name in the form user@domain where domain identifies a service name, then enter both components exactly as given. Password (PPPoA and PPPoE encapsulation only) Enter the password associated with the user name above. Service Name (PPPoE only) Type the name of your PPPoE service here.
Chapter 8 WAN Setup Table 25 More Connections Edit (continued) LABEL DESCRIPTION Cancel Click Cancel to begin configuring this screen afresh. Advanced Setup Click this button to display the More Connections Advanced Setup screen and edit more details of your WAN setup. 8.6.2 Configuring More Connections Advanced Setup To edit your ZyXEL Device's advanced WAN settings, click the Advanced Setup button in the More Connections Edit screen. The screen appears as shown.
Chapter 8 WAN Setup Table 26 More Connections Advanced Setup (continued) LABEL DESCRIPTION Maximum Burst Size Maximum Burst Size (MBS) refers to the maximum number of cells that can be sent at the peak rate. Type the MBS, which is less than 65535. Back Click Back to return to the previous screen. Apply Click Apply to save the changes. Cancel Click Cancel to begin configuring this screen afresh. 8.
Chapter 8 WAN Setup 8.8 WAN Backup Setup Use this screen to configure your ZyXEL Device’s WAN backup. Click Network > WAN > WAN Backup Setup. Figure 101 WAN Backup Setup The following table describes the labels in this screen. Table 27 WAN Backup Setup LABEL DESCRIPTION Backup Type Select the method that the ZyXEL Device uses to check the DSL connection. Select DSL Link to have the ZyXEL Device check if the connection to the DSLAM is up.
Chapter 8 WAN Setup Table 27 WAN Backup Setup (continued) LABEL DESCRIPTION Timeout Type the number of seconds (3 recommended) for your ZyXEL Device to wait for a ping response from one of the IP addresses in the Check WAN IP Address field before timing out the request. The WAN connection is considered "down" after the ZyXEL Device times out the number of times specified in the Fail Tolerance field. Use a higher value in this field if your network is busy or congested.
CHAPTER 9 LAN Setup This chapter describes how to configure LAN settings. 9.1 LAN Overview A Local Area Network (LAN) is a shared communication system to which many computers are attached. A LAN is a computer network limited to the immediate area, usually the same building or floor of a building. The LAN screens can help you configure a LAN DHCP server and manage IP addresses. See Section 9.4 on page 148 to configure the LAN screens. 9.1.
Chapter 9 LAN Setup 9.1.2.1 IP Pool Setup The ZyXEL Device is pre-configured with a pool of IP addresses for the DHCP clients (DHCP Pool). See the product specifications in the appendices. Do not assign static IP addresses from the DHCP pool to your LAN computers. 9.2 DNS Server Addresses DNS (Domain Name System) maps a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it.
Chapter 9 LAN Setup If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established. If this is the case, it is recommended that you select a network number from 192.168.0.0 to 192.168.255.0 and you must enable the Network Address Translation (NAT) feature of the ZyXEL Device.
Chapter 9 LAN Setup • Both - the ZyXEL Device will broadcast its routing table periodically and incorporate the RIP information that it receives. • In Only - the ZyXEL Device will not send any RIP packets but will accept all RIP packets received. • Out Only - the ZyXEL Device will send out RIP packets but will not accept any RIP packets received. • None - the ZyXEL Device will not send any RIP packets and will ignore any RIP packets received.
Chapter 9 LAN Setup With the Any IP feature and NAT enabled, the ZyXEL Device allows a computer to access the Internet without changing the network settings (such as IP address and subnet mask) of the computer, when the IP addresses of the computer and the ZyXEL Device are not in the same subnet. Whether a computer is set to use a dynamic or static (fixed) IP address, you can simply connect the computer to the ZyXEL Device and access the Internet.
Chapter 9 LAN Setup 3 The ZyXEL Device receives the ARP request and replies to the computer with its own MAC address. 4 The computer updates the MAC address for the default gateway to the ARP table. Once the ARP table is updated, the computer is able to access the Internet through the ZyXEL Device. 5 When the ZyXEL Device receives packets from the computer, it creates an entry in the IP routing table so it can properly forward packets intended for the computer.
Chapter 9 LAN Setup Figure 105 Advanced LAN Setup The following table describes the labels in this screen. Table 29 Advanced LAN Setup LABEL DESCRIPTION RIP & Multicast Setup RIP Direction Select the RIP direction from None, Both, In Only and Out Only. RIP Version Select the RIP version from RIP-1, RIP-2B and RIP-2M. Multicast IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a multicast group.
Chapter 9 LAN Setup 9.5 DHCP Setup Click Network > DHCP Setup to open this screen. Use this screen to configure the DNS server information that the ZyXEL Device sends to the DHCP client devices on the LAN. Figure 106 DHCP Setup The following table describes the labels in this screen.
Chapter 9 LAN Setup Table 30 DHCP Setup LABEL DESCRIPTION First DNS Server Second DNS Server Third DNS Server Select Obtained From ISP if your ISP dynamically assigns DNS server information (and the ZyXEL Device's WAN IP address). Select User-Defined if you have the IP address of a DNS server. Enter the DNS server's IP address in the field to the right. If you chose User-Defined, but leave the IP address set to 0.0.0.0, User-Defined changes to None after you click Apply.
Chapter 9 LAN Setup The following table describes the labels in this screen. Table 31 LAN Client List LABEL DESCRIPTION IP Address Enter the IP address that you want to assign to the computer on your LAN with the MAC address that you will also specify. MAC Address Enter the MAC address of a computer on your LAN. Add Click Add to add a static DHCP entry. # This is the index number of the static IP table entry (row). Status This field displays whether the client is connected to the ZyXEL Device.
Chapter 9 LAN Setup Figure 108 Physical Network & Partitioned Logical Networks A: 192.168.1.1 - 192.168.1.24 Ethernet Interface B: 192.168.2.1 - 192.168.2.24 C: 192.168.3.1 - 192.168.3.24 Click Network > LAN > IP Alias to open the following screen. Use this screen to change your ZyXEL Device’s IP alias settings. Figure 109 LAN IP Alias The following table describes the labels in this screen.
Chapter 9 LAN Setup Table 32 LAN IP Alias 154 LABEL DESCRIPTION RIP Direction RIP (Routing Information Protocol, RFC 1058 and RFC 1389) allows a router to exchange routing information with other routers. The RIP Direction field controls the sending and receiving of RIP packets. Select the RIP direction from Both/In Only/Out Only/None. When set to Both or Out Only, the ZyXEL Device will broadcast its routing table periodically.
CHAPTER 10 Wireless LAN This chapter discusses how to configure the wireless network settings in your ZyXEL Device. See the appendices for more detailed information about wireless networks. This chapter applies to the “W” models only. 10.1 Wireless Network Overview The following figure provides an example of a wireless network. Figure 110 Example of a Wireless Network AP A B The wireless network is the part in the blue circle.
Chapter 10 Wireless LAN • If two wireless networks overlap, they should use a different channel. Like radio stations or television channels, each wireless network uses a specific channel, or frequency, to send and receive information. • Every device in the same wireless network must use security compatible with the AP. Security stops unauthorized devices from using the wireless network. It can also protect the information that is sent in the wireless network. 10.
Chapter 10 Wireless LAN For wireless networks, you can store the user names and passwords for each user in a RADIUS server. This is a server used in businesses more than in homes. If you do not have a RADIUS server, you cannot set up user names and passwords for your users. Unauthorized wireless devices can still see the information that is sent in the wireless network, even if they cannot use the wireless network.
Chapter 10 Wireless LAN 10.2.5 One-Touch Intelligent Security Technology (OTIST) With ZyXEL’s OTIST, you set up the SSID and the encryption (WEP or WPA-PSK) on the ZyXEL Device. Then, the ZyXEL Device transfers them to the devices in the wireless networks. As a result, you do not have to set up the SSID and encryption on every device in the wireless network. The devices in the wireless network have to support OTIST, and they have to be in range of the ZyXEL Device when you activate it. See Section 10.
Chapter 10 Wireless LAN 10.5 General WLAN Screen " If you are configuring the ZyXEL Device from a computer connected to the wireless LAN and you change the ZyXEL Device’s SSID or security settings, you will lose your wireless connection when you press Apply to confirm. You must then change the wireless settings of your computer to match the ZyXEL Device’s new settings. Click Network > Wireless LAN to open the Wireless LAN General screen.
Chapter 10 Wireless LAN Table 35 Wireless LAN: General LABEL DESCRIPTION Channel Selection Set the operating frequency/channel depending on your particular region. Select a channel from the drop-down list box. Security Mode See the following sections for more details about this field. Apply Click Apply to save your changes back to the ZyXEL Device. Cancel Click Cancel to reload the previous configuration for this screen.
Chapter 10 Wireless LAN Figure 113 Wireless: Static WEP Encryption The following table describes the wireless LAN security labels in this screen. Table 37 Wireless: Static WEP Encryption LABEL DESCRIPTION Security Mode Choose Static WEP from the drop-down list box. Passphrase Enter a passphrase (up to 32 printable characters) and clicking Generate. The ZyXEL Device automatically generates a WEP key. WEP Key The WEP key is used to encrypt data.
Chapter 10 Wireless LAN Figure 114 Wireless: WPA(2)-PSK The following table describes the wireless LAN security labels in this screen. Table 38 Wireless: WPA(2)-PSK LABEL DESCRIPTION Security Mode Choose WPA-PSK or WPA2-PSK from the drop-down list box. WPA Compatible This field is only available for WPA2-PSK. Select this if you want the ZyXEL Device to support WPA-PSK and WPA2-PSK simultaneously. Pre-Shared Key The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same.
Chapter 10 Wireless LAN 10.5.4 WPA(2) Authentication Screen In order to configure and enable WPA Authentication; click the Wireless LAN link under Network to display the Wireless screen. Select WPA or WPA2 from the Security list. Figure 115 Wireless: WPA(2) The following table describes the wireless LAN security labels in this screen. Table 39 Wireless: WPA(2) LABEL DESCRIPTION Security Mode Choose WPA or WPA2 from the drop-down list box. WPA Compatible This field is only available for WPA2.
Chapter 10 Wireless LAN Table 39 Wireless: WPA(2) LABEL DESCRIPTION Group Key Update Timer The Group Key Update Timer is the rate at which the AP (if using WPA(2)-PSK key management) or RADIUS server (if using WPA(2) key management) sends a new group key out to all clients. The re-keying process is the WPA(2) equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis. Setting of the Group Key Update Timer is also supported in WPA(2)-PSK mode.
Chapter 10 Wireless LAN The following table describes the labels in this screen. Table 40 Wireless LAN: Advanced LABEL DESCRIPTION Wireless Advanced Setup RTS/CTS Threshold Enter a value between 0 and 2432. If you select the Enable 802.11g+ mode checkbox a value of 4096 is displayed. Fragmentation Threshold It is the maximum data fragment size that can be sent. Enter a value between 256 and 2432. If you select the Enable 802.11g+ mode checkbox a value of 4096 is displayed.
Chapter 10 Wireless LAN Figure 117 Network > Wireless LAN > OTIST The following table describes the labels in this screen. Table 41 Network > Wireless LAN > OTIST LABEL DESCRIPTION Setup Key Type a key (password) 8 ASCII characters long. Note: If you change the OTIST setup key in the ZyXEL Device, you must change it on the wireless devices too. Yes! Select this if you want the ZyXEL Device to automatically generate a pre-shared key for the wireless network.
Chapter 10 Wireless LAN Figure 118 Example: Wireless Client OTIST Screen To start OTIST in the device, click Start in this screen. " You must click Start in the ZyXEL Device and in the wireless device(s) within three minutes of each other. You can start OTIST in the wireless devices and the ZyXEL Device in any order. After you click Start in the ZyXEL Device, the following screen appears (in the ZyXEL Device).
Chapter 10 Wireless LAN Figure 121 OTIST: In Progress on the Wireless Device These screens close when the transfer is complete. 10.6.1 Notes on OTIST 1 If you enable OTIST in a wireless device, you see this screen each time you start the utility. Click Yes to search for an OTIST-enabled AP (in other words, the ZyXEL Device). Figure 122 Start OTIST? 2 If an OTIST-enabled wireless device loses its wireless connection for more than ten seconds, it will search for an OTIST-enabled AP for up to one minute.
Chapter 10 Wireless LAN Figure 123 MAC Address Filter The following table describes the labels in this screen. Table 42 MAC Address Filter LABEL DESCRIPTION Active MAC Filter Select the check box to enable MAC address filtering. Filter Action Define the filter action for the list of MAC addresses in the MAC Address table.
Chapter 10 Wireless LAN 10.8 QoS Screen The QoS screen allows you to automatically give a service (such as e-mail, VoIP or FTP) a priority level. Click Network > Wireless LAN > QoS. The following screen displays. Figure 124 Wireless LAN: QoS The following table describes the fields in this screen. Table 43 Wireless LAN: QoS LABEL DESCRIPTION QoS Setup Enable WMM QoS Select the check box to enable WMM QoS on the ZyXEL Device.
Chapter 10 Wireless LAN Table 43 Wireless LAN: QoS LABEL DESCRIPTION Priority This field displays the priority of the application. Highest - Typically used for voice or video that should be high-quality. High - Typically used for voice or video that can be medium-quality. Mid - Typically used for applications that do not fit into another priority. For example, Internet surfing.
Chapter 10 Wireless LAN Table 44 Application Priority Configuration 172 LABEL DESCRIPTION Service The following is a description of the applications you can prioritize with WMM QoS. Select a service from the drop-down list box. • E-Mail Electronic mail consists of messages sent through a computer network to specific groups or individuals.
CHAPTER 11 Network Address Translation (NAT) Screens This chapter discusses how to configure NAT on the ZyXEL Device. 11.1 NAT General Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network. 11.1.
Chapter 11 Network Address Translation (NAT) Screens 11.1.2 What NAT Does In the simplest form, NAT changes the source IP address in a packet received from a subscriber (the inside local address) to another (the inside global address) before forwarding the packet to the WAN side. When the response comes back, NAT translates the destination address (the inside global address) back to the inside local address before forwarding it to the original inside host.
Chapter 11 Network Address Translation (NAT) Screens 11.1.4 NAT Application The following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP alias) behind the ZyXEL Device can communicate with three distinct WAN networks. Figure 127 NAT Application With IP Alias Corporation B Corporation A Server in Admin Network =IP1 (IGA 1) LAN2: 192.168.1.X Network Server “Admin=192.168.1.1 NAT Server 192.168.1.1 LAN2: 192.168.2.X Network Server “Sales”=192.168.2.
Chapter 11 Network Address Translation (NAT) Screens • Many-to-Many No Overload: In Many-to-Many No Overload mode, the ZyXEL Device maps each local IP address to a unique global IP address. • Server: This type allows you to specify inside servers of different services behind the NAT to be accessible to the outside world. Port numbers do NOT change for One-to-One and Many-to-Many No Overload NAT mapping types. The following table summarizes these types.
Chapter 11 Network Address Translation (NAT) Screens Click Network > NAT to open the following screen. Figure 128 NAT General The following table describes the labels in this screen. Table 47 NAT General LABEL DESCRIPTION Active Network Address Translation (NAT) Select this check box to enable NAT. SUA Only Select this radio button if you have just one public WAN IP address for your ZyXEL Device.
Chapter 11 Network Address Translation (NAT) Screens You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server. The port number identifies a service; for example, web service is on port 80 and FTP on port 21. In some cases, such as for unknown services or where one server can support more than one service (for example both FTP and web service), it might be better to specify a range of port numbers.
Chapter 11 Network Address Translation (NAT) Screens Figure 129 Multiple Servers Behind NAT Example A=192.168.1.33 LAN WAN B=192.168.1.34 Internet 192.168.1.1 C=192.168.1.35 IP Address assigned by ISP D=192.168.1.36 11.5 Configuring Port Forwarding " If you do not assign a Default Server IP address, the ZyXEL Device discards all packets received for ports that are not specified here or in the remote management setup. Click Network > NAT > Port Forwarding to open the following screen.
Chapter 11 Network Address Translation (NAT) Screens The following table describes the fields in this screen. Table 48 Port Forwarding LABEL DESCRIPTION Default Server Setup Default Server In addition to the servers for specified services, NAT supports a default server. A default server receives packets from ports that are not specified in this screen.
Chapter 11 Network Address Translation (NAT) Screens The following table describes the fields in this screen. Table 49 Port Forwarding Rule Setup LABEL DESCRIPTION Active Click this check box to enable the rule. Service Name Enter a name to identify this port-forwarding rule. Start Port Enter a port number in this field. To forward only one port, enter the port number again in the End Port field.
Chapter 11 Network Address Translation (NAT) Screens Figure 132 Address Mapping Rules The following table describes the fields in this screen. Table 50 Address Mapping Rules LABEL DESCRIPTION # This is the rule index number. Local Start IP This is the starting Inside Local IP Address (ILA). Local IP addresses are N/A for Server port mapping. Local End IP This is the end Inside Local IP Address (ILA). If the rule is for all local IP addresses, then this field displays 0.0.0.
Chapter 11 Network Address Translation (NAT) Screens Figure 133 Edit Address Mapping Rule The following table describes the fields in this screen. Table 51 Edit Address Mapping Rule LABEL DESCRIPTION Type Choose the port mapping type from one of the following. One-to-One: One-to-One mode maps one local IP address to one global IP address. Note that port numbers do not change for One-to-one NAT mapping type. Many-to-One: Many-to-One mode maps multiple local IP addresses to one global IP address.
Chapter 11 Network Address Translation (NAT) Screens 11.6.2 SIP ALG Some NAT routers may include a SIP Application Layer Gateway (ALG). A SIP ALG allows SIP calls to pass through NAT by examining and translating IP addresses embedded in the data stream. When the ZyXEL Device registers with the SIP register server, the SIP ALG translates the ZyXEL Device’s private IP address inside the SIP data stream to a public IP address.
CHAPTER 12 Voice This chapter provides background information on VoIP and SIP and explains how to configure your device’s voice settings. 12.1 Introduction to VoIP VoIP is the sending of voice signals over Internet Protocol. This allows you to make phone calls and send faxes over the Internet at a fraction of the cost of using the traditional circuitswitched telephone network. You can also use servers to run telephone service applications like PBX services and voice mail.
Chapter 12 Voice 12.2.1.2 SIP Service Domain The SIP service domain of the VoIP service provider is the domain name in a SIP URI. For example, if the SIP address is 1122334455@VoIP-provider.com, then “VoIP-provider.com” is the SIP service domain. 12.2.1.3 SIP Registration Each ZyXEL Device is an individual SIP User Agent (UA). To provide voice service, it has a public IP address for SIP and RTP protocols to communicate with other servers.
Chapter 12 Voice Figure 135 SIP User Agent 12.2.2.2 SIP Proxy Server A SIP proxy server receives requests from clients and forwards them to another server. In the following example, you want to use client device A to call someone who is using client device C. 1 The client device (A in the figure) sends a call invitation to the SIP proxy server (B). 2 The SIP proxy server forwards the call invitation to C. Figure 136 SIP Proxy Server 12.2.2.
Chapter 12 Voice Figure 137 SIP Redirect Server 12.2.2.4 SIP Register Server A SIP register server maintains a database of SIP identity-to-IP address (or domain name) mapping. The register server checks your user name and password when you register. 12.2.3 RTP When you make a VoIP call using SIP, the RTP (Real time Transport Protocol) is used to handle voice data transfer. See RFC 1889 for details on RTP. 12.2.
Chapter 12 Voice Table 53 SIP Call Progression (continued) A B 6. BYE 7. OK 1 A sends a SIP INVITE request to B. This message is an invitation for B to participate in a SIP telephone call. 2 B sends a response indicating that the telephone is ringing. 3 B sends an OK response after the call is answered. 4 A then sends an ACK message to acknowledge that B has answered the call. 5 Now A and B exchange voice media (talk). 6 After talking, A hangs up and sends a BYE request.
Chapter 12 Voice The following table shows the SIP call progression. Table 54 SIP Call Progression USER AGENT 1 PROXY 1 PROXY 2 USER AGENT 2 Invite Invite 100 Trying 180 Ringing Invite 100 Trying 180 Ringing 180 Ringing 200 OK 200 OK 200 OK ACK RTP RTP BYE 200 OK 1 User Agent 1 sends a SIP INVITE request to Proxy 1. This message is an invitation to User Agent 2 to participate in a SIP telephone call. Proxy 1 sends a response indicating that it is trying to complete the request.
Chapter 12 Voice • G.726 is an Adaptive Differential PCM (ADPCM) waveform codec that uses a lower bitrate than standard PCM conversion. ADPCM converts analog audio into digital signals based on the difference between each audio sample and a prediction based on previous samples. The more similar the audio sample is to the prediction, the less space needed to describe it. G.726 operates at 16, 24, 32 or 40 kbps. • G.
Chapter 12 Voice 12.2.10.2 Listening to Custom Tones Do the following to listen to a custom tone: 1 Pick up the phone and press “****” on your phone’s keypad and wait for the message that says you are in the configuration menu. 2 Press a number from 1201~1208 followed by the “#” key to listen to the tone. 3 You can continue to add, listen to, or delete tones, or you can hang up the receiver when you are done. 12.2.10.
Chapter 12 Voice DSCP is backward compatible with the three precedence bits in the ToS octet so that nonDiffServ compliant, ToS-enabled network device will not conflict with the DSCP mapping. Figure 139 DiffServ: Differentiated Service Field DSCP (6-bit) Unused (2-bit) The DSCP value determines the forwarding behavior, the PHB (Per-Hop Behavior), that each packet gets across the DiffServ network. Based on the marking rule, different kinds of traffic can be marked for different priorities of forwarding.
Chapter 12 Voice Figure 140 SIP > SIP Settings Each field is described in the following table. Table 56 SIP > SIP Settings LABEL DESCRIPTION SIP Account Select the SIP account you want to see in this screen. If you change this field, the screen automatically refreshes. SIP Settings 194 Active SIP Account Select this if you want the ZyXEL Device to use this account. Clear it if you do not want the ZyXEL Device to use this account. Number Enter your SIP number.
Chapter 12 Voice Table 56 SIP > SIP Settings LABEL DESCRIPTION Send Caller ID Select this if you want to send identification when you make VoIP phone calls. Clear this if you do not want to send identification. Authentication User Name Enter the user name for registering this SIP account, exactly as it was given to you. You can use up to 95 printable ASCII characters. Password Enter the user name for registering this SIP account, exactly as it was given to you.
Chapter 12 Voice Figure 141 VoIP > SIP Settings > Advanced Each field is described in the following table. Table 57 VoIP > SIP Settings > Advanced LABEL DESCRIPTION SIP Account This field displays the SIP account you see in this screen.
Chapter 12 Voice Table 57 VoIP > SIP Settings > Advanced LABEL DESCRIPTION URL Type Select whether or not to include the SIP service domain name when the ZyXEL Device sends the SIP number. SIP - include the SIP service domain name. TEL - do not include the SIP service domain name. Expiration Duration Enter the number of seconds your SIP account is registered with the SIP register server before it is deleted.
Chapter 12 Voice Table 57 VoIP > SIP Settings > Advanced LABEL DESCRIPTION Enable Select this if your VoIP service provider has a SIP outbound server to handle voice calls. This allows the ZyXEL Device to work with any type of NAT router and eliminates the need for STUN or a SIP ALG. Turn off any SIP ALG on a NAT router in front of the ZyXEL Device to keep it from retranslating the IP address (since this is already handled by the outbound proxy server).
Chapter 12 Voice 12.6 SIP QoS Screen Use this screen to maintain ToS and VLAN settings for the ZyXEL Device. To access this screen, click VoIP > SIP > QoS. Figure 142 SIP > QoS Each field is described in the following table. Table 58 SIP > QoS LABEL DESCRIPTION SIP TOS Priority Setting Enter the priority for SIP voice transmissions. The ZyXEL Device creates Type of Service priority tags with this priority to voice traffic that it transmits.
Chapter 12 Voice 12.7.2 Comfort Noise Generation When using VAD, the ZyXEL Device generates comfort noise when the other party is not speaking. The comfort noise lets you know that the line is still connected as total silence could easily be mistaken for a lost connection. 12.7.3 Echo Cancellation G.168 is an ITU-T standard for eliminating the echo caused by the sound of your voice reverberating in the telephone receiver while you talk. 12.
Chapter 12 Voice Table 59 Phone > Analog Phone LABEL DESCRIPTION Incoming Call apply to If you select more than one source for incoming calls, there is no way to distinguish between them when you receive phone calls. If you do not select a source for incoming calls, you cannot receive any calls on this phone port. SIP1 - SIP10 Select the checkbox of the SIP account if you want to receive phone calls for the selected SIP account on this phone port.
Chapter 12 Voice Each field is described in the following table. Table 60 Phone > Analog Phone > Advanced LABEL DESCRIPTION Analog Phone This field displays the analog phone port you see in this screen. Voice Volume Control Speaking Volume Enter the loudness that the ZyXEL Device uses for speech that it sends to the peer device. -1 is the quietest, and 1 is the loudest. Listening Volume Enter the loudness that the ZyXEL Device uses for speech that it receives from the peer device.
Chapter 12 Voice Figure 145 DECT Base Station Overview PSTN Internet VoIP The DECT base station follows the Generic Access Profile (GAP). GAP (a subset of DECT) specifies how DECT phones register with a DECT base station. The DECT GAP standard ensures that two different products (a phone and a base station) from different manufacturers can work together. Any phone that supports GAP can make and receive calls through the ZyXEL Device. 12.10.
Chapter 12 Voice Figure 146 DECT Base Station Button - Side of the ZyXEL Device 2 Put your DECT phone in registration mode. Refer to your DECT phone documentation. When the ZyXEL Device is in registration mode, it scans its surrounding area for DECT phones in registration mode. Figure 147 DECT Base Station - Phone Registration " Make sure your DECT phone is within range of the ZyXEL Device during the registration process. See Chapter 32 on page 433 for the range of your ZyXEL Device.
Chapter 12 Voice 12.10.1.1 DECT Base Station Reset Resetting the DECT base station erases all the details of the DECT phones registered with the ZyXEL Device. You can do this to clear the DECT base station memory of the DECT phones no longer used with the ZyXEL Device, for example if one of your DECT phones is lost. When you reset the DECT base station, you will need to re-register all the phones that you want to use with the ZyXEL Device.
Chapter 12 Voice The following table summarizes the types and number of calls you can make with your DECT phones via the ZyXEL Device. Table 61 DECT Phone Calls Summary TYPE OF CALL DESCRIPTION LIMITS Internal A call between two DECT phones registered with the ZyXEL Device DECT base station. Two calls. External A call from the DECT phone to or from a VoIP or a PSTN caller. Two calls.
Chapter 12 Voice Figure 149 VoIP > Phone > DECT Phone Each field is described in the following table. Table 62 VoIP > Phone > DECT Phone LABEL DESCRIPTION DECT Port Settings Select the DECT phone you want to see in this screen. If you change this field, the screen automatically refreshes. Outgoing Call Use If you select multiple SIP accounts, the ZyXEL Device tries to use the most recently registered SIP account first.
Chapter 12 Voice Table 62 VoIP > Phone > DECT Phone LABEL DESCRIPTION Apply Click this to save your changes and to apply them to the ZyXEL Device. Cancel Click this to set every field in this screen to its last-saved value. 12.11 Common Phone Settings Screen Use this screen to activate and deactivate immediate dialing and set up call fallback. To access this screen, click VoIP > Phone > Common. Figure 150 Phone > Common Each field is described in the following table.
Chapter 12 Voice 12.12 Phone Services Overview Supplementary services such as call hold, call waiting, call transfer, etc. are generally available from your VoIP service provider. The ZyXEL Device supports the following services: • • • • • • • • • " Call Hold Call Waiting Making a Second Call Call Transfer Call Forwarding (see Section 12.
Chapter 12 Voice Table 64 European Flash Key Commands COMMAND SUB-COMMAND DESCRIPTION Flash 1 Disconnect the current phone connection and answer the incoming call or resume with caller presently on hold. Flash 2 1. Switch back and forth between two calls. 2. Put a current call on hold to answer an incoming call. 3. Separate the current three-way conference call into two individual calls (one is on-line, the other is on hold). Flash 3 Create three-way conference connection.
Chapter 12 Voice 2 Dial a phone number directly to make another call. 3 When the second call is answered, press the flash key and press “3” to create a three-way conversation. 4 Hang up the phone to drop the connection. 5 If you want to separate the activated three-way conference into two individual connections (one is on-line, the other is on hold), press the flash key and press “2”. 12.12.
Chapter 12 Voice 2 Dial a phone number directly to make another call (to party B). 3 When party B answers the second call, press the flash key to create a three-way conversation. 4 Hang up the phone to drop the connection. 5 If you want to separate the activated three-way conference into two individual connections (with party A on-line and party B on hold), press the flash key. 6 If you want to go back to the three-way conversation, press the flash key again.
Chapter 12 Voice 12.14 Speed Dial Speed dial provides shortcuts for dialing frequently used (VoIP) phone numbers. You also have to create speed-dial entries if you want to make peer-to-peer calls or call SIP numbers that contain letters. Once you have configured a speed dial rule, you can use a shortcut (the speed dial number, #01 for example) on your phone's keypad to call the phone number. Use this screen to add, edit, or remove speed-dial numbers for outgoing calls.
Chapter 12 Voice Table 67 Phone Book > Speed Dial LABEL DESCRIPTION Type Select Use Proxy if you want to use one of your SIP accounts to call this phone number. Select Non-Proxy (Use IP or URL) if you want to use a different SIP server or if you want to make a peer-to-peer call. In this case, enter the IP address or domain name of the SIP server or the other party in the field below. Add Click this to use the information in the Speed Dial section to update the Speed Dial Phone Book section.
Chapter 12 Voice Figure 153 Phone Book > Incoming Call Policy You can create two sets of call-forwarding rules. Each one is stored in a call-forwarding table. Each field is described in the following table. Table 68 Phone Book > Incoming Call Policy LABEL DESCRIPTION Table Number Select the call-forwarding table you want to see in this screen. If you change this field, the screen automatically refreshes.
Chapter 12 Voice Table 68 Phone Book > Incoming Call Policy LABEL DESCRIPTION # This field is a sequential value, and it is not associated with a specific rule. The sequence is important, however. The ZyXEL Device checks each rule in order, and it only follows the first one that applies. Activate Select this to enable this rule. Clear this to disable this rule. Incoming Call Number Enter the phone number to which this rule applies.
Chapter 12 Voice Figure 154 Phone Book > Distinctive Ring Each field is described in the following table. Table 69 Phone Book > Distinctive Ring LABEL DESCRIPTION Active Distinctive Ring Select this if you want to activate the distinctive ring feature. You also have to enable individual entries. Test the Ring Use the drop down list box to select the ring tone you would like to hear. Test Click this to listen to the ring. All the phones connected to the ZyXEL Device ring when you click this button.
Chapter 12 Voice Table 69 Phone Book > Distinctive Ring LABEL DESCRIPTION Ring Selection By Incoming Line You can also select distinctive rings based on whether a call comes from the registered SIP accounts, the PSTN line, or another phone connected to the ZyXEL Device (internal). Note: The ZyXEL Device will check whether the incoming phone number is part of any of the groups assigned above before checking the incoming line. SIP Ring Selection Select a ring for each registered SIP account.
Chapter 12 Voice Figure 155 PSTN Line > General Each field is described in the following table. Table 70 PSTN Line > General LABEL DESCRIPTION PSTN Line Pre-fix Number Enter a prefix (up to seven numbers) you dial before you dial the phone number, if you want to make a regular phone call while one of your SIP accounts is registered. These numbers tell the ZyXEL Device that you want to make a regular phone call.
Chapter 12 Voice 220 P-2602HWUDL-D User’s Guide
CHAPTER 13 VoIP Trunking Use these screens to configure VoIP trunking on your ZyXEL Device. 13.1 VoIP Trunking Overview VoIP trunking connects an IP network (like the Internet) and the Public Switched Telephone Network (PSTN). PSTN includes the world’s circuit-switched telephone network which is composed of fixed and mobile telephones.
Chapter 13 VoIP Trunking Other settings controlled by the auto attendant include a time limit to decide whether you want to forward a call from the ZyXEL Device or call the phone directly connected to the ZyXEL Device. When you call into your ZyXEL Device you can request to forward a call to another phone number simply by dialing that number. If you don’t dial any number within a specified time limit (for example 5 seconds) then the phone directly connected to the ZyXEL Device rings.
Chapter 13 VoIP Trunking 13.3 Call Rules Call rules automate the forwarding of calls, first to a remote peer device and then to PSTN phones. This is used when you make frequent calls to several PSTN numbers in the same geographic area that start with the same numbers (for example an area code). If there is a remote peer device in that area, you can set up a VoIP link to it and have it forward the calls to PSTN phones. This works by configuring a pattern that the ZyXEL Device can recognize.
Chapter 13 VoIP Trunking Figure 158 PSTN Phone To VoIP Phone B Internet PSTN C A 13.4.3 PSTN Phone To PSTN Phone via VoIP A PSTN phone A makes a call to the ZyXEL Device B. B connects to a peer device C and C forwards the call to a PSTN phone D. Figure 159 PSTN Phone To PSTN Phone via VoIP C B PSTN D PSTN Internet A 13.5 Trunking General Screen Use this screen to enable VoIP trunking. Click VoIP > Trunking > General.
Chapter 13 VoIP Trunking Figure 160 VoIP > Trunking > General Each field is described in the following table. Table 73 VoIP > Trunking > General LABEL DESCRIPTION Enable Trunking Select this to turn on VoIP trunking on your ZyXEL Device. Auto Attendant Timeout This setting determines how long the ZyXEL Device waits for a caller to enter a phone number (to which the ZyXEL Device forwards the call) when it receives the call. Enter a value from 1 to 255 seconds.
Chapter 13 VoIP Trunking Figure 161 VoIP > Trunking > Peer Call Each field is described in the following table. Table 74 VoIP > Trunking > Peer Call 226 LABEL DESCRIPTION Outgoing Authentication You need to set up accounts for the peer devices you use in VoIP trunking. This is the IP address of the remote peer device, as well as the username and password needed to authenticate with the remote peer device. # This is an index number of your outgoing authentication accounts.
Chapter 13 VoIP Trunking Table 74 VoIP > Trunking > Peer Call (continued) LABEL DESCRIPTION Password Enter the corresponding password for the username you entered. The remote peer device must have the same password in an incoming authentication entry in order to authenticate your connection. Enter up to 32 alphanumeric characters. Peer IP Enter the IP address of the remote peer device which you want to connect to.
Chapter 13 VoIP Trunking Figure 162 VoIP > Trunking > Call Rule Each field is described in the following table. Table 75 VoIP > Trunking > Call Rule 228 LABEL DESCRIPTION # This is a read-only index number of the call rules. Pattern A Pattern is used when you call your ZyXEL Device from a PSTN phone and want to use it to create a VoIP link to a remote peer device which will forward the call to a PSTN phone.
Chapter 13 VoIP Trunking 13.8 VoIP Trunking Example: VoIP to PSTN This example shows how to configure VoIP to PSTN trunking to save on long distance calls. 13.8.1 Background Information A company has its headquarters in city A and a branch office in city B. The headquarters often needs to call salespeople employed at the branch office. The sales employees often work away from the office and have PSTN phones (mobile or land based).
Chapter 13 VoIP Trunking Figure 164 VoIP to PSTN Example - Speed Dial Screen 2 An outgoing authentication account needs to be configured. This account consists of the IP address and port number of the branch office ZyXEL Device as well as the username and password for authentication. This username and password must match the incoming authentication account username and password on the branch office ZyXEL Device. The name of this rule is “CityB” referring to the branch office ZyXEL Device.
Chapter 13 VoIP Trunking Figure 166 VoIP to PSTN Example - Incoming Authentication 13.8.4 Call Progression The advantage of this kind of VoIP trunking is that once all the configuration is completed, the caller just has to dial a speed dial entry from a phone connected to their ZyXEL Device and the peer devices take care of the rest. This is what happens when headquarters wants to call their Sales1 employee, which is the first entry in the speed dial screen.
Chapter 13 VoIP Trunking 13.9.1 Background Information A company has its headquarters in two different cities. The sales manager (A) from headquarters often needs to call salespeople (D) employed at the branch office. The sales manager often works away from the headquarters office and the sales employees often work away from the branch office. The sales manager and the sales employees have PSTN phones (mobile or land based). The two offices have VoIP trunking devices.
Chapter 13 VoIP Trunking Figure 168 PSTN to PSTN Example: General Configuration 2 An outgoing authentication account needs to be configured. This account consists of the IP address and port number of the branch office ZyXEL Device as well as the username and password for authentication. This username and password must match the incoming authentication account username and password on the branch office ZyXEL Device. The name of this account is “CityB” referring to the branch office ZyXEL Device.
Chapter 13 VoIP Trunking Figure 170 PSTN to PSTN Example - Call Rule 13.9.3 Configuration Details: Incoming The branch office ZyXEL Device needs to have an incoming authentication account configured. This consists of a username and password. This account must match the username and password of the outgoing authentication account of the headquarters’ ZyXEL Device. This can be configured in the VoIP > Trunking > Peer Call screen. Figure 171 PSTN to PSTN Example - Incoming Authentication To Device C 13.9.
Chapter 13 VoIP Trunking Table 77 PSTN to PSTN: VoIP Trunking Call Progression MANAGER HEADQUARTERS BRANCH OFFICE SALES1 The manager dials the PSTN number of the headquarters’ ZyXEL Device. (222-222-2222) The ZyXEL Device receives the call and sends a ringback alert tone to indicate to the caller that VoIP trunking is enabled. The manager dials the PSTN number of Sales1 (555-5551234). The ZyXEL Device prompts the manager to enter the PIN in order to allow VoIP trunking.
Chapter 13 VoIP Trunking 236 P-2602HWUDL-D User’s Guide
CHAPTER 14 Phone Usage This chapter describes how to use a phone connected to your ZyXEL Device for basic tasks. " Not all service providers support all features. 14.1 Dialing a Telephone Number The PHONE LED turns green when your SIP account is registered. Dial a SIP number like “12345” on your phone’s keypad. Use speed dial entries (see Section 12.14 on page 213) for peer-to-peer calls or SIP numbers that use letters. Dial the speed dial entry on your telephone’s keypad.
Chapter 14 Phone Usage 14.5 Checking the ZyXEL Device’s IP Address Do the following to listen to the ZyXEL Device’s current IP address. 1 Pick up your phone’s receiver. 2 Press “****” on your phone’s keypad and wait for the message that says you are in the configuration menu. 3 Press “5” followed by the # key. 4 Listen to the IP address and make a note of it. 5 Hang up the receiver. 14.
Chapter 14 Phone Usage Table 78 Phone Functions Summary ACTI ON FUNCTION DESCRIPTION *98# Call transfer Transfer a call to another phone. See Section 12.12.2 on page 209 (Europe type) and Section 12.12.3 on page 211 (USA type). *97# Call park #97# Call pickup Use these to place a call on hold on one phone and then continue it on another (if supported by your service provider). See Chapter 32 on page 433. *66# Call return Place a call to the last person who called you.
Chapter 14 Phone Usage 240 P-2602HWUDL-D User’s Guide
CHAPTER 15 Firewalls Use these screens to enable and configure the firewall that protects your ZyXEL Device and your LAN from unwanted or malicious traffic. 15.1 Firewall Overview Originally, the term firewall referred to a construction technique designed to prevent the spread of fire from one room to another. The networking term "firewall" is a system or group of systems that enforces an access-control policy between two networks.
Chapter 15 Firewalls • allows traffic that originates from your LAN computers to go to all of the networks. • blocks traffic that originates on the other networks from going to the LAN. Figure 172 Default Firewall Action WAN LAN 1 2 3 4 Internet Your customized rules take precedence and override the ZyXEL Device’s default settings. The ZyXEL Device checks the source IP address, destination IP address and IP protocol type of network traffic against the firewall rules (in the order you list them).
Chapter 15 Firewalls By default, the ZyXEL Device’s stateful packet inspection allows packets traveling in the following directions: • LAN to LAN/ Router These rules specify which computers on the LAN can manage the ZyXEL Device (remote management) and communicate between networks or subnets connected to the LAN interface (IP alias). " You can also configure the remote management settings to allow only a specific computer to manage the ZyXEL Device.
Chapter 15 Firewalls • Allow certain types of traffic, such as Lotus Notes database synchronization, from specific hosts on the Internet to specific hosts on the LAN. • Allow everyone except your competitors to access a web server. • Restrict use of certain protocols, such as Telnet, to authorized users on the LAN. These custom rules work by comparing the source IP address, destination IP address and IP protocol type of network traffic to rules set by the administrator.
Chapter 15 Firewalls 15.4.1 The “Triangle Route” Problem A traffic route is a path for sending or receiving data packets between two Ethernet devices. You may have more than one connection to the Internet (through one or more ISPs). If an alternate gateway is on the LAN (and its IP address is in the same subnet as the ZyXEL Device’s LAN IP address), the “triangle route” (also called asymmetrical route) problem may occur. The steps below describe the “triangle route” problem.
Chapter 15 Firewalls Figure 175 IP Alias LAN Subnet 1 WAN 1 ISP 1 4 Internet 2 ISP 2 Subnet 2 3 A 15.5 General Firewall Policy Click Security > Firewall to display the following screen. Activate the firewall by selecting the Active Firewall check box as seen in the following screen.
Chapter 15 Firewalls The following table describes the labels in this screen. Table 79 Firewall: General LABEL DESCRIPTION Active Firewall Select this check box to activate the firewall. The ZyXEL Device performs access control and protects against Denial of Service (DoS) attacks when the firewall is activated. Bypass Triangle Route If an alternate gateway on the LAN has an IP address in the same subnet as the ZyXEL Device’s LAN IP address, return traffic may not go through the ZyXEL Device.
Chapter 15 Firewalls Click Security > Firewall > Rules to bring up the following screen. This screen displays a list of the configured firewall rules. Note the order in which the rules are listed. Figure 177 Firewall Rules The following table describes the labels in this screen. Table 80 Firewall Rules LABEL DESCRIPTION Firewall Rules Storage Space in Use This read-only bar shows how much of the ZyXEL Device's memory for recording firewall rules it is currently using.
Chapter 15 Firewalls Table 80 Firewall Rules (continued) LABEL DESCRIPTION Modify Click the Edit icon to go to the screen where you can edit the rule. Click the Remove icon to delete an existing firewall rule. A window displays asking you to confirm that you want to delete the firewall rule. Note that subsequent firewall rules move up by one when you take this action. Order Click the Move icon to display the Move the rule to field.
Chapter 15 Firewalls Figure 178 Firewall: Edit Rule The following table describes the labels in this screen. Table 81 Firewall: Edit Rule 250 LABEL DESCRIPTION Active Select this option to enable this firewall rule. Action for Matched Packet Use the drop-down list box to select whether to discard (Drop), deny and send an ICMP destination-unreachable message to the sender of (Reject) or allow the passage of (Permit) packets that match this rule.
Chapter 15 Firewalls Table 81 Firewall: Edit Rule (continued) LABEL DESCRIPTION Source/Destination Address Address Type Do you want your rule to apply to packets with a particular (single) IP, a range of IP addresses (for instance, 192.168.1.10 to 192.169.1.50), a subnet or any IP address? Select an option from the drop-down list box that includes: Single Address, Range Address, Subnet Address and Any Address. Start IP Address Enter the single IP address or the starting IP address in a range here.
Chapter 15 Firewalls 15.6.2 Customized Services Configure customized services and port numbers not predefined by the ZyXEL Device. For a comprehensive list of port numbers and services, visit the IANA (Internet Assigned Number Authority) website. See Appendix E on page 499 for some examples. Click the Edit Customized Services link while editing a firewall rule to configure a custom service port. This displays the following screen.
Chapter 15 Firewalls Figure 180 Firewall: Configure Customized Services The following table describes the labels in this screen. Table 83 Firewall: Configure Customized Services LABEL DESCRIPTION Service Name Type a unique name for your custom port. Service Type Choose the IP port (TCP, UDP or TCP/UDP) that defines your customized port from the drop down list box. Port Configuration Type Click Single to specify one port only or Range to specify a span of ports that define your customized service.
Chapter 15 Firewalls Figure 181 Firewall Example: Rules 3 In the Rules screen, select the index number after that you want to add the rule. For example, if you select “6”, your new rule becomes number 7 and the previous rule 7 (if there is one) becomes rule 8. 4 Click Add to display the firewall rule configuration screen. 5 In the Edit Rule screen, click the Edit Customized Services link to open the Customized Service screen.
Chapter 15 Firewalls Figure 183 Firewall Example: Edit Rule: Destination Address 9 Use the Add >> and Remove buttons between Available Services and Selected Services list boxes to configure it as follows. Click Apply when you are done. " Custom services show up with an “*” before their names in the Services list box and the Rules list box.
Chapter 15 Firewalls Figure 184 Firewall Example: Edit Rule: Select Customized Services On completing the configuration procedure for this Internet firewall rule, the Rules screen should look like the following. Rule 1 allows a “MyService” connection from the WAN to IP addresses 10.0.0.10 through 10.0.0.15 on the LAN.
Chapter 15 Firewalls Figure 185 Firewall Example: Rules: MyService 15.8 Firewall Thresholds For DoS attacks, the ZyXEL Device uses thresholds to determine when to start dropping sessions that do not become fully established (half-open sessions). These thresholds apply globally to all sessions. For TCP, half-open means that the session has not reached the established state-the TCP threeway handshake has not yet been completed.
Chapter 15 Firewalls 15.8.1 Threshold Values If everything is working properly, you probably do not need to change the threshold settings as the default threshold values should work for most small offices. Tune these parameters when you believe the ZyXEL Device has been receiving DoS attacks that are not recorded in the logs or the logs show that the ZyXEL Device is classifying normal traffic as DoS attacks.
Chapter 15 Firewalls The following table describes the labels in this screen. Table 84 Firewall: Threshold LABEL DESCRIPTION Denial of Service Thresholds The ZyXEL Device measures both the total number of existing half-open sessions and the rate of session establishment attempts. Both TCP and UDP half-open sessions are counted in the total number and rate measurements. Measurements are made once a minute.
Chapter 15 Firewalls 260 P-2602HWUDL-D User’s Guide
CHAPTER 16 Content Filtering This chapter covers how to configure content filtering. 16.1 Content Filtering Overview Internet content filtering allows you to create and enforce Internet access policies tailored to your needs. Content filtering gives you the ability to block web sites that contain key words (that you specify) in the URL. You can set a schedule for when the ZyXEL Device performs content filtering.
Chapter 16 Content Filtering The following table describes the labels in this screen. Table 85 Content Filter: Keyword LABEL DESCRIPTION Active Keyword Blocking Select this check box to enable this feature. Block Websites that contain these keywords in the URL: This box contains the list of all the keywords that you have configured the ZyXEL Device to block. Delete Highlight a keyword in the box and click Delete to remove it. Clear All Click Clear All to remove all of the keywords from the list.
Chapter 16 Content Filtering The following table describes the labels in this screen. Table 86 Content Filter: Schedule LABEL DESCRIPTION Schedule Select Block Everyday to make the content filtering active everyday. Otherwise, select Edit Daily to Block and configure which days of the week (or everyday) and which time of the day you want the content filtering to be active. Active Select the check box to have the content filtering to be active on the selected day.
Chapter 16 Content Filtering 264 P-2602HWUDL-D User’s Guide
CHAPTER 17 Introduction to IPSec This chapter introduces the basics of IPSec VPNs. 17.1 VPN Overview A VPN (Virtual Private Network) provides secure communications between sites without the expense of leased site-to-site lines. A secure VPN is a combination of tunneling, encryption, authentication, access control and auditing technologies/services used to transport traffic over the Internet or any insecure network that uses the TCP/IP protocol suite for communication. 17.1.
Chapter 17 Introduction to IPSec Figure 191 Encryption and Decryption 17.1.3.2 Data Confidentiality The IPSec sender can encrypt packets before transmitting them across a network. 17.1.3.3 Data Integrity The IPSec receiver can validate packets sent by the IPSec sender to ensure that the data has not been altered during transmission. 17.1.3.4 Data Origin Authentication The IPSec receiver can verify the source of IPSec packets. This service depends on the data integrity service. 17.1.
Chapter 17 Introduction to IPSec Figure 192 IPSec Architecture 17.2.1 IPSec Algorithms The ESP (Encapsulating Security Payload) Protocol (RFC 2406) and AH (Authentication Header) protocol (RFC 2402) describe the packet formats and the default standards for packet structure (including implementation algorithms). The Encryption Algorithm describes the use of encryption techniques such as DES (Data Encryption Standard) and Triple DES algorithms.
Chapter 17 Introduction to IPSec Figure 193 Transport and Tunnel Mode IPSec Encapsulation 17.3.1 Transport Mode Transport mode is used to protect upper layer protocols and only affects the data in the IP packet. In Transport mode, the IP packet contains the security protocol (AH or ESP) located after the original IP header and options, but before any upper layer protocols contained in the packet (such as TCP and UDP).
Chapter 17 Introduction to IPSec A NAT device in between the IPSec endpoints will rewrite either the source or destination address with one of its own choosing. The VPN device at the receiving end will verify the integrity of the incoming packet by computing its own hash value, and complain that the hash value appended to the received packet doesn't match. The VPN device at the receiving end doesn't know about the NAT in the middle, so it assumes that the data has been maliciously altered.
Chapter 17 Introduction to IPSec 270 P-2602HWUDL-D User’s Guide
CHAPTER 18 VPN Screens This chapter introduces the VPN screens. See Chapter 28 on page 395 for information on viewing logs and the appendix for IPSec log descriptions. 18.1 VPN/IPSec Overview Use the screens documented in this chapter to configure rules for VPN connections and manage VPN connections. 18.2 IPSec Algorithms The ESP and AH protocols are necessary to create a Security Association (SA), the foundation of an IPSec VPN.
Chapter 18 VPN Screens Table 89 AH and ESP ENCRYPTION ESP AH DES (default) Data Encryption Standard (DES) is a widely used method of data encryption using a private (secret) key. DES applies a 56-bit key to each 64-bit block of data. MD5 (default) MD5 (Message Digest 5) produces a 128-bit digest to authenticate packet data. 3DES Triple DES (3DES) is a variant of DES, which iterates three times with three separate keys (3 x 56 = 168 bits), effectively doubling the strength of DES.
Chapter 18 VPN Screens If the remote secure gateway has a static WAN IP address, enter it in the Secure Gateway Address field. You may alternatively enter the remote secure gateway’s domain name (if it has one) in the Secure Gateway Address field. You can also enter a remote secure gateway’s domain name in the Secure Gateway Address field if the remote secure gateway has a dynamic WAN IP address and is using DDNS.
Chapter 18 VPN Screens Figure 195 VPN Setup The following table describes the fields in this screen. Table 90 VPN Setup 274 LABEL DESCRIPTION No. This is the VPN policy index number. Click a number to edit VPN policies. Active This field displays whether the VPN policy is active or not. A Yes signifies that this VPN policy is active. No signifies that this VPN policy is not active. Name This field displays the identification name for this VPN policy.
Chapter 18 VPN Screens Table 90 VPN Setup LABEL DESCRIPTION Remote Address This is the IP address(es) of computer(s) on the remote network behind the remote IPSec router. This field displays N/A when the Secure Gateway Address field displays 0.0.0.0. In this case only the remote IPSec router can initiate the VPN. The same (static) IP address is displayed twice when the Remote Address Type field in the VPN Setup - Edit screen is configured to Single.
Chapter 18 VPN Screens NAT is not normally compatible with ESP in transport mode either, but the ZyXEL Device’s NAT Traversal feature provides a way to handle this. NAT traversal allows you to set up an IKE SA when there are NAT routers between the two IPSec routers. Figure 196 NAT Router Between IPSec Routers Internet B A Normally you cannot set up an IKE SA with a NAT router between the two IPSec routers because the NAT router changes the header of the IPSec packet.
Chapter 18 VPN Screens The following figure depicts an example where three VPN tunnels are created from ZyXEL Device A; one to branch office 2, one to branch office 3 and another to headquarters. In order to access computers that use private domain names on the headquarters (HQ) network, the ZyXEL Device at branch office 1 uses the Intranet DNS server in headquarters. The DNS server feature for VPN does not work with Windows 2000 or Windows XP.
Chapter 18 VPN Screens The type of ID can be a domain name, an IP address or an e-mail address. The content is the IP address, domain name, or e-mail address. Table 92 Local ID Type and Content Fields LOCAL ID TYPE= CONTENT= IP Type the IP address of your computer or leave the field blank to have the ZyXEL Device automatically use its own IP address. DNS Type a domain name (up to 31 characters) by which to identify this ZyXEL Device.
Chapter 18 VPN Screens The two ZyXEL Devices in this example cannot complete their negotiation because ZyXEL Device B’s Local ID type is IP, but ZyXEL Device A’s Peer ID type is set to E-mail. An “ID mismatched” message displays in the IPSEC LOG. Table 95 Mismatching ID Type and Content Configuration Example ZYXEL DEVICE A ZYXEL DEVICE B Local ID type: IP Local ID type: IP Local ID content: 1.1.1.10 Local ID content: 1.1.1.10 Peer ID type: E-mail Peer ID type: IP Peer ID content: aa@yahoo.
Chapter 18 VPN Screens Figure 198 VPN Setup: Edit The following table describes the fields in this screen. Table 96 VPN Setup; Edit LABEL DESCRIPTION IPSec Setup 280 Active Select this check box to activate this VPN policy. This option determines whether a VPN rule is applied before a packet leaves the firewall. Keep Alive Select either Yes or No from the drop-down list box.
Chapter 18 VPN Screens Table 96 VPN Setup; Edit LABEL DESCRIPTION Name Type up to 32 characters to identify this VPN policy. You may use any character, including spaces, but the ZyXEL Device drops trailing spaces. IPSec Key Mode Select IKE or Manual from the drop-down list box. IKE provides more protection so it is generally recommended. Manual is a useful option for troubleshooting if you have problems using IKE key management. Negotiation Mode Select Main or Aggressive from the drop-down list box.
Chapter 18 VPN Screens Table 96 VPN Setup; Edit LABEL DESCRIPTION End / Subnet Mask When the Remote Address Type field is configured to Single, this field is N/A. When the Remote Address Type field is configured to Range, enter the end (static) IP address, in a range of computers on the network behind the remote IPSec router. When the Remote Address Type field is configured to Subnet, enter a subnet mask on the network behind the remote IPSec router.
Chapter 18 VPN Screens Table 96 VPN Setup; Edit LABEL DESCRIPTION Secure Gateway Address Type the WAN IP address or the URL (up to 31 characters) of the IPSec router with which you're making the VPN connection. Set this field to 0.0.0.0 if the remote IPSec router has a dynamic WAN IP address (the Key Management field must be set to IKE). In order to have more than one active rule with the Secure Gateway Address field set to 0.0.0.0, the ranges of the local IP addresses cannot overlap between rules.
Chapter 18 VPN Screens 18.12 IKE Phases There are two phases to every IKE (Internet Key Exchange) negotiation – phase 1 (Authentication) and phase 2 (Key Exchange). A phase 1 exchange establishes an IKE SA and the second one uses that SA to negotiate SAs for IPSec. Figure 199 Two Phases to Set Up the IPSec SA In phase 1 you must: • • • • • • Choose a negotiation mode. Authenticate the connection by entering a pre-shared key. Choose an encryption algorithm. Choose an authentication algorithm.
Chapter 18 VPN Screens 18.12.1 Negotiation Mode The phase 1 Negotiation Mode you select determines how the Security Association (SA) will be established for each connection through IKE negotiations. • Main Mode ensures the highest level of security when the communicating parties are negotiating authentication (phase 1). It uses 6 messages in three round trips: SA negotiation, Diffie-Hellman exchange and an exchange of nonces (a nonce is a random number).
Chapter 18 VPN Screens Figure 200 Advanced VPN IKE The following table describes the fields in this screen. Table 97 Advanced VPN IKE LABEL DESCRIPTION VPN - IKE Advanced Setup Protocol Enter 1 for ICMP, 6 for TCP, 17 for UDP, etc. 0 is the default and signifies any protocol. Enable Replay Detection As a VPN setup is processing intensive, the system is vulnerable to Denial of Service (DoS) attacks The IPSec receiver can detect and reject old or duplicate packets to protect against replay attacks.
Chapter 18 VPN Screens Table 97 Advanced VPN IKE LABEL DESCRIPTION Pre-Shared Key Type your pre-shared key in this field. A pre-shared key identifies a communicating party during a phase 1 IKE negotiation. It is called "pre-shared" because you have to share it with another party before you can communicate with them over a secure connection. Type from 8 to 31 case-sensitive ASCII characters or from 16 to 62 hexadecimal ("0-9", "A-F") characters.
Chapter 18 VPN Screens Table 97 Advanced VPN IKE LABEL DESCRIPTION SA Life Time (Seconds) Define the length of time before an IKE SA automatically renegotiates in this field. It may range from 60 to 3,000,000 seconds (almost 35 days). A short SA Life Time increases security by forcing the two VPN gateways to update the encryption and authentication keys. However, every time the VPN tunnel renegotiates, all users accessing remote resources are temporarily disconnected.
Chapter 18 VPN Screens Figure 201 VPN Setup: Manual Key The following table describes the fields in this screen. Table 98 VPN Setup: Manual Key LABEL DESCRIPTION IPSec Setup Active Select this check box to activate this VPN policy. Name Type up to 32 characters to identify this VPN policy. You may use any character, including spaces, but the ZyXEL Device drops trailing spaces. IPSec Key Mode Select IKE or Manual from the drop-down list box.
Chapter 18 VPN Screens Table 98 VPN Setup: Manual Key (continued) LABEL DESCRIPTION DNS Server (for IPSec VPN) If there is a private DNS server that services the VPN, type its IP address here. The ZyXEL Device assigns this additional DNS server to the ZyXEL Device 's DHCP clients that have IP addresses in this IPSec rule's range of local addresses. A DNS server allows clients on the VPN to find other computers and servers on the VPN by their (private) domain names.
Chapter 18 VPN Screens Table 98 VPN Setup: Manual Key (continued) LABEL DESCRIPTION My IP Address Enter the WAN IP address of your ZyXEL Device. The VPN tunnel has to be rebuilt if this IP address changes. The following applies if this field is configured as 0.0.0.0: The ZyXEL Device uses the current ZyXEL Device WAN IP address (static or dynamic) to set up the VPN tunnel.
Chapter 18 VPN Screens When there is outbound traffic but no inbound traffic, the SA times out automatically after two minutes. A tunnel with no outbound or inbound traffic is "idle" and does not timeout until the SA lifetime period expires. See Section 18.6 on page 275on keep alive to have the ZyXEL Device renegotiate an IPSec SA when the SA lifetime expires, even if there is no traffic. Figure 202 VPN: SA Monitor The following table describes the fields in this screen.
Chapter 18 VPN Screens 18.17 Configuring VPN Global Setting To change your ZyXEL Device’s global settings, click VPN > VPN Global Setting. The screen appears as shown. Figure 203 VPN: Global Setting The following table describes the fields in this screen. Table 100 VPN: Global Setting LABEL DESCRIPTION Windows Networking NetBIOS (Network Basic Input/Output System) are TCP or UDP packets that (NetBIOS over TCP/IP) enable a computer to find other computers.
Chapter 18 VPN Screens Figure 204 Telecommuters Sharing One VPN Rule Example LAN A 192.168.2.12 LAN HQ B LAN Internet 192.168.1.10 192.168.3.2 LAN C 192.168.4.15 Table 101 Telecommuters Sharing One VPN Rule Example FIELDS TELECOMMUTERS HEADQUARTERS My IP Address: 0.0.0.0 (dynamic IP address assigned by the ISP) Public static IP address Secure Gateway IP Address: Public static IP address 0.0.0.0 With this IP address only the telecommuter can initiate the IPSec tunnel.
Chapter 18 VPN Screens Figure 205 Telecommuters Using Unique VPN Rules Example LAN A 192.168.2.12 LAN HQ B Internet LAN 192.168.1.10 192.168.3.2 LAN C 192.168.4.15 Table 102 Telecommuters Using Unique VPN Rules Example TELECOMMUTERS HEADQUARTERS All Telecommuter Rules: All Headquarters Rules: My IP Address 0.0.0.0 My IP Address: bigcompanyhq.com Secure Gateway Address: bigcompanyhq.com Local IP Address: 192.168.1.10 Remote IP Address: 192.168.1.
Chapter 18 VPN Screens 18.19 VPN and Remote Management If a VPN tunnel uses Telnet, FTP, WWW, then you should configure remote management (Remote MGMT) to allow access for that service.
CHAPTER 19 Certificates This chapter gives background information about public-key certificates and explains how to use them. 19.1 Certificates Overview The ZyXEL Device can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication.
Chapter 19 Certificates Certification authorities maintain directory servers with databases of valid and revoked certificates. A directory of certificates that have been revoked before the scheduled expiration is called a CRL (Certificate Revocation List). The ZyXEL Device can check a peer’s certificate against a directory server’s list of revoked certificates. The framework of servers, software, procedures and policies that handles keys is called PKI (Public-Key Infrastructure). 19.1.
Chapter 19 Certificates Figure 207 My Certificates The following table describes the labels in this screen. Table 103 My Certificates LABEL DESCRIPTION PKI Storage Space in Use This bar displays the percentage of the ZyXEL Device’s PKI storage space that is currently in use. The bar turns from green to red when the maximum is being approached. When the bar is red, you should consider deleting expired or unnecessary certificates before adding more certificates.
Chapter 19 Certificates Table 103 My Certificates (continued) LABEL DESCRIPTION Valid From This field displays the date that the certificate becomes applicable. The text displays in red and includes a Not Yet Valid! message if the certificate has not yet become applicable. Valid To This field displays the date that the certificate expires. The text displays in red and includes an Expiring! or Expired! message if the certificate is about to expire or has already expired.
Chapter 19 Certificates " You must remove any spaces from the certificate’s filename before you can import it. 19.5.1 Certificate File Formats The certification authority certificate that you want to import has to be in one of these file formats: • Binary X.509: This is an ITU-T recommendation that defines the formats for X.509 certificates. • PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses 64 ASCII characters to convert a binary X.509 certificate into a printable form.
Chapter 19 Certificates 19.6 My Certificate Create Click Security > Certificates > My Certificates > Create to open the My Certificate Create screen. Use this screen to have the ZyXEL Device create a self-signed certificate, enroll a certificate with a certification authority or generate a certification request. Figure 209 My Certificate Create The following table describes the labels in this screen.
Chapter 19 Certificates Table 105 My Certificate Create (continued) LABEL DESCRIPTION Country Type up to 127 characters to identify the nation where the certificate owner is located. You may use any character, including spaces, but the ZyXEL Device drops trailing spaces. Key Length Select a number from the drop-down list box to determine how many bits the key should use (512 to 2048). The longer the key, the more secure it is. A longer key also uses more PKI storage space.
Chapter 19 Certificates After you click Apply in the My Certificate Create screen, you see a screen that tells you the ZyXEL Device is generating the self-signed certificate or certification request. After the ZyXEL Device successfully enrolls a certificate or generates a certification request or a self-signed certificate, you see a screen with a Return button that takes you back to the My Certificates screen.
Chapter 19 Certificates Figure 210 My Certificate Details P-2602HWUDL-D User’s Guide 305
Chapter 19 Certificates The following table describes the labels in this screen. Table 106 My Certificate Details 306 LABEL DESCRIPTION Certificate Name This field displays the identifying name of this certificate. If you want to change the name, type up to 31 characters to identify this certificate. You may use any character (not including spaces). Property Default self-signed certificate which signs the imported remote host certificates.
Chapter 19 Certificates Table 106 My Certificate Details (continued) LABEL DESCRIPTION Subject Alternative Name This field displays the certificate owner‘s IP address (IP), domain name (DNS) or e-mail address (EMAIL). Key Usage This field displays for what functions the certificate’s key can be used. For example, “DigitalSignature” means that the key can be used to sign certificates and “KeyEncipherment” means that the key can be used to encrypt text.
Chapter 19 Certificates Figure 211 Trusted CAs The following table describes the labels in this screen. Table 107 Trusted CAs 308 LABEL DESCRIPTION PKI Storage Space in Use This bar displays the percentage of the ZyXEL Device’s PKI storage space that is currently in use. The bar turns from blue to red when the maximum is being approached. When the bar is red, you should consider deleting expired or unnecessary certificates before adding more certificates.
Chapter 19 Certificates Table 107 Trusted CAs (continued) LABEL DESCRIPTION Modify Click the Edit icon to open a screen with an in-depth list of information about the certificate. Click the Remove icon to remove the certificate. A window displays asking you to confirm that you want to delete the certificates. Note that subsequent certificates move up by one when you take this action.
Chapter 19 Certificates 19.10 Trusted CA Details Click Security > Certificates > Trusted CAs to open the Trusted CAs screen. Click the details icon to open the Trusted CA Details screen. Use this screen to view in-depth information about the certification authority’s certificate, change the certificate’s name and set whether or not you want the ZyXEL Device to check a certification authority’s list of revoked certificates before trusting a certificate issued by the certification authority.
Chapter 19 Certificates The following table describes the labels in this screen. Table 109 Trusted CA Details LABEL DESCRIPTION Name This field displays the identifying name of this certificate. If you want to change the name, type up to 31 characters to identify this key certificate. You may use any character (not including spaces).
Chapter 19 Certificates Table 109 Trusted CA Details (continued) LABEL DESCRIPTION Subject Alternative Name This field displays the certificate’s owner‘s IP address (IP), domain name (DNS) or e-mail address (EMAIL). Key Usage This field displays for what functions the certificate’s key can be used. For example, “DigitalSignature” means that the key can be used to sign certificates and “KeyEncipherment” means that the key can be used to encrypt text.
Chapter 19 Certificates Figure 214 Trusted Remote Hosts The following table describes the labels in this screen. Table 110 Trusted Remote Hosts LABEL DESCRIPTION PKI Storage Space in Use This bar displays the percentage of the ZyXEL Device’s PKI storage space that is currently in use. The bar turns from green to red when the maximum is being approached. When the bar is red, you should consider deleting expired or unnecessary certificates before adding more certificates.
Chapter 19 Certificates 19.12 Verifying a Trusted Remote Host’s Certificate Certificates issued by certification authorities have the certification authority’s signature for you to check. Self-signed certificates only have the signature of the host itself. This means that you must be very careful when deciding to import (and thereby trust) a remote host’s selfsigned certificate. 19.12.
Chapter 19 Certificates 19.13 Trusted Remote Hosts Import Click Security > Certificates > Trusted Remote Hosts to open the Trusted Remote Hosts screen and then click Import to open the Trusted Remote Host Import screen. Follow the instructions in this screen to save a trusted host’s certificate to the ZyXEL Device. " The trusted remote host certificate must be a self-signed certificate; and you must remove any spaces from its filename before you can import it.
Chapter 19 Certificates Figure 218 Trusted Remote Host Details The following table describes the labels in this screen. Table 112 Trusted Remote Host Details 316 LABEL DESCRIPTION Name This field displays the identifying name of this certificate. If you want to change the name, type up to 31 characters to identify this key certificate. You may use any character (not including spaces).
Chapter 19 Certificates Table 112 Trusted Remote Host Details (continued) LABEL DESCRIPTION Refresh Click Refresh to display the certification path. Certificate Information These read-only fields display detailed information about the certificate. Type This field displays general information about the certificate. With trusted remote host certificates, this field always displays CA-signed. The ZyXEL Device is the Certification Authority that signed the certificate. X.
Chapter 19 Certificates Table 112 Trusted Remote Host Details (continued) LABEL DESCRIPTION Certificate in PEM (Base-64) Encoded Format This read-only text box displays the certificate or certification request in Privacy Enhanced Mail (PEM) format. PEM uses 64 ASCII characters to convert the binary certificate into a printable form.
Chapter 19 Certificates The following table describes the labels in this screen. Table 113 Directory Servers LABEL DESCRIPTION PKI Storage Space in Use This bar displays the percentage of the ZyXEL Device’s PKI storage space that is currently in use. The bar turns from green to red when the maximum is being approached. When the bar is red, you should consider deleting expired or unnecessary certificates before adding more certificates. # The index number of the directory server.
Chapter 19 Certificates Table 114 Directory Server Add and Edit LABEL DESCRIPTION Access Protocol Use the drop-down list box to select the access protocol used by the directory server. LDAP (Lightweight Directory Access Protocol) is a protocol over TCP that specifies how clients access directories of certificates and lists of revoked certificates.A Server Address Type the IP address (in dotted decimal notation) or the domain name of the directory server.
CHAPTER 20 Static Route This chapter shows you how to configure static routes for your ZyXEL Device. 20.1 Static Route Each remote node specifies only the network to which the gateway is directly connected, and the ZyXEL Device has no knowledge of the networks beyond. For instance, the ZyXEL Device knows about network N2 in the following figure through remote node Router 1.
Chapter 20 Static Route Figure 222 Static Route The following table describes the labels in this screen. Table 115 Static Route LABEL DESCRIPTION # This is the number of an individual static route. Active This field indicates whether the rule is active or not. Clear the check box to disable the rule. Select the check box to enable it. Name This is the name that describes or identifies this route. Destination This parameter specifies the IP network address of the final destination.
Chapter 20 Static Route Figure 223 Static Route Edit The following table describes the labels in this screen. Table 116 Static Route Edit LABEL DESCRIPTION Active This field allows you to activate/deactivate this static route. Route Name Enter the name of the IP static route. Leave this field blank to delete this static route. Destination IP Address This parameter specifies the IP network address of the final destination. Routing is always based on network number.
Chapter 20 Static Route 324 P-2602HWUDL-D User’s Guide
CHAPTER 21 Bandwidth Management This chapter contains information about configuring bandwidth management, editing rules and viewing the ZyXEL Device’s bandwidth management logs. 21.1 Bandwidth Management Overview ZyXEL’s Bandwidth Management allows you to specify bandwidth management rules based on application. You can allocate specific amounts of bandwidth capacity (bandwidth budgets) to different bandwidth rules.
Chapter 21 Bandwidth Management ATC assigns priority based on packet size, since time-sensitive applications such as Internet telephony (Voice over IP or VoIP) tend to have smaller packet sizes than non-time sensitive applications such as FTP (File Transfer Protocol). The following table shows some common applications, their time sensitivity, and their typical data packet sizes. Note that the figures given are merely examples - sizes may differ according to application and circumstances.
Chapter 21 Bandwidth Management 21.5 Application and Subnet-based Bandwidth Management You could also create bandwidth classes based on a combination of a subnet and an application. The following example table shows bandwidth allocations for application specific traffic from separate LAN subnets.
Chapter 21 Bandwidth Management The following table describes the labels in this screen. Table 121 Bandwidth Management: General LABEL DESCRIPTION Active Select the check box to enable bandwidth management. Auto Classifier Select the check box to enable Automatic Traffic Classifier (ATC). ATC assigns each packet to a bandwidth management class based on its size, since time-sensitive applications such as VoIP tend to have smaller packet sizes than non-time sensitive applications such as FTP.
Chapter 21 Bandwidth Management Table 122 Bandwidth Management: Rule Setup (continued) LABEL DESCRIPTION Bandwidth (kbps) Specify the maximum bandwidth allowed for the rule in kbps. The recommendation is a setting between 20 kbps and 20000 kbps for an individual rule. If you want to leave some bandwidth for traffic that does not match a bandwidth filter, make sure that the interface’s root class has more bandwidth than the sum of the bandwidths of the interface’s bandwidth management rules.
Chapter 21 Bandwidth Management Figure 227 Bandwidth Management Rule Configuration See Appendix E on page 499 for a list of commonly-used services. The following table describes the labels in this screen. Table 123 Bandwidth Management Rule Configuration LABEL DESCRIPTION Rule Configuration Active Select the check box to enable the rule. Rule Name Use the auto-generated name or enter a descriptive name of up to 20 alphanumeric characters, including spaces.
Chapter 21 Bandwidth Management Table 123 Bandwidth Management Rule Configuration (continued) LABEL DESCRIPTION Service This field simplifies bandwidth class configuration by allowing you to select a predefined application. When you select a predefined application, you do not configure the rest of the bandwidth filter fields (other than enabling or disabling the filter).
Chapter 21 Bandwidth Management 21.8 Bandwidth Monitor To view the ZyXEL Device’s bandwidth usage, click Advanced > Bandwidth MGMT > Monitor. The screen appears as shown. Select an interface from the drop-down list box to view the bandwidth usage of its bandwidth rules. The gray section of the bar represents the percentage of unused bandwidth and the blue color represents the percentage of bandwidth in use.
CHAPTER 22 Dynamic DNS Setup This chapter discusses how to configure your ZyXEL Device to use Dynamic DNS. 22.1 Dynamic DNS Overview Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.
Chapter 22 Dynamic DNS Setup Figure 229 Dynamic DNS The following table describes the fields in this screen. Table 124 Dynamic DNS LABEL DESCRIPTION Dynamic DNS Setup Active Dynamic DNS Select this check box to use dynamic DNS. Service Provider This is the name of your Dynamic DNS service provider. Dynamic DNS Type Select the type of service that you are registered for from your Dynamic DNS service provider. Host Name Type the domain name assigned to your ZyXEL Device by your Dynamic DNS provider.
Chapter 22 Dynamic DNS Setup Table 124 Dynamic DNS (continued) LABEL DESCRIPTION Dynamic DNS server auto detect IP Address Select this option only when there are one or more NAT routers between the ZyXEL Device and the DDNS server. This feature has the DDNS server automatically detect and use the IP address of the NAT router that has a public IP address. Note: The DDNS server may not be able to detect the proper IP address if there is an HTTP proxy server between the ZyXEL Device and the DDNS server.
Chapter 22 Dynamic DNS Setup 336 P-2602HWUDL-D User’s Guide
CHAPTER 23 Remote Management Configuration This chapter provides information on configuring remote management. 23.1 Remote Management Overview Remote management allows you to determine which services/protocols can access which ZyXEL Device interface (if any) from which computers. The following figure shows remote management of the ZyXEL Device coming in from the WAN.
Chapter 23 Remote Management Configuration " When you choose WAN only or LAN & WAN, you still need to configure a firewall rule to allow access. To disable remote management of a service, select Disable in the corresponding Access Status field. You may only have one remote management session running at a time. The ZyXEL Device automatically disconnects a remote management session of lower priority when another remote management session of higher priority starts.
Chapter 23 Remote Management Configuration Figure 231 Remote Management: WWW The following table describes the labels in this screen. Table 125 Remote Management: WWW LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Access Status Select the interface(s) through which a computer may access the ZyXEL Device using this service.
Chapter 23 Remote Management Configuration Figure 232 Remote Management: Telnet The following table describes the labels in this screen. Table 126 Remote Management: Telnet LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Access Status Select the interface(s) through which a computer may access the ZyXEL Device using this service.
Chapter 23 Remote Management Configuration Figure 233 Remote Management: FTP The following table describes the labels in this screen. Table 127 Remote Management: FTP LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Access Status Select the interface(s) through which a computer may access the ZyXEL Device using this service.
Chapter 23 Remote Management Configuration Figure 234 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the ZyXEL Device). An agent translates the local management information from the managed device into a form compatible with SNMP. The manager is the console through which network administrators perform network management functions.
Chapter 23 Remote Management Configuration 23.6.2 SNMP Traps The ZyXEL Device will send traps to the SNMP manager when any one of the following events occurs: Table 128 SNMP Traps TRAP # TRAP NAME DESCRIPTION 0 coldStart (defined in RFC-1215) A trap is sent after booting (power on). 1 warmStart (defined in RFC-1215) A trap is sent after booting (software reboot).
Chapter 23 Remote Management Configuration The following table describes the labels in this screen. Table 129 Remote Management: SNMP LABEL DESCRIPTION SNMP Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Access Status Select the interface(s) through which a computer may access the ZyXEL Device using this service.
Chapter 23 Remote Management Configuration Figure 236 Remote Management: DNS The following table describes the labels in this screen. Table 130 Remote Management: DNS LABEL DESCRIPTION Port The DNS service port number is 53 and cannot be changed here. Access Status Select the interface(s) through which a computer may send DNS queries to the ZyXEL Device. Secured Client IP A secured client is a “trusted” computer that is allowed to send DNS queries to the ZyXEL Device.
Chapter 23 Remote Management Configuration Figure 237 Remote Management: ICMP The following table describes the labels in this screen. Table 131 Remote Management: ICMP 346 LABEL DESCRIPTION ICMP Internet Control Message Protocol is a message control and error-reporting protocol between a host server and a gateway to the Internet. ICMP uses Internet Protocol (IP) datagrams, but the messages are processed by the TCP/IP software and directly apparent to the application user.
CHAPTER 24 Universal Plug-and-Play (UPnP) This chapter introduces the UPnP feature in the web configurator. 24.1 Introducing Universal Plug and Play Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices. A UPnP device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network.
Chapter 24 Universal Plug-and-Play (UPnP) When a UPnP device joins a network, it announces its presence with a multicast message. For security reasons, the ZyXEL Device allows multicast messages on the LAN only. All UPnP-enabled devices may communicate freely with each other without additional configuration. Disable UPnP if this is not your intention. 24.2 UPnP and ZyXEL ZyXEL has achieved UPnP certification from the Universal Plug and Play Forum UPnP™ Implementers Corp. (UIC).
Chapter 24 Universal Plug-and-Play (UPnP) Table 132 Configuring UPnP LABEL DESCRIPTION Apply Click Apply to save the setting to the ZyXEL Device. Cancel Click Cancel to return to the previously saved settings. 24.3 Installing UPnP in Windows Example This section shows how to install UPnP in Windows Me and Windows XP. Installing UPnP in Windows Me Follow the steps below to install the UPnP in Windows Me. 1 Click Start and Control Panel. Double-click Add/Remove Programs.
Chapter 24 Universal Plug-and-Play (UPnP) Figure 240 Add/Remove Programs: Windows Setup: Communication: Components 4 Click OK to go back to the Add/Remove Programs Properties window and click Next. 5 Restart the computer when prompted. Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. 1 Click Start and Control Panel. 2 Double-click Network Connections. 3 In the Network Connections window, click Advanced in the main menu and select Optional Networking Components ….
Chapter 24 Universal Plug-and-Play (UPnP) Figure 242 Windows Optional Networking Components Wizard 5 In the Networking Services window, select the Universal Plug and Play check box. Figure 243 Networking Services 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next.
Chapter 24 Universal Plug-and-Play (UPnP) 24.4 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the ZyXEL Device. Make sure the computer is connected to a LAN port of the ZyXEL Device. Turn on your computer and the ZyXEL Device. Auto-discover Your UPnP-enabled Network Device 1 Click Start and Control Panel. Double-click Network Connections. An icon displays under Internet Gateway.
Chapter 24 Universal Plug-and-Play (UPnP) Figure 245 Internet Connection Properties 4 You may edit or delete the port mappings or click Add to manually add port mappings.
Chapter 24 Universal Plug-and-Play (UPnP) Figure 246 Internet Connection Properties: Advanced Settings Figure 247 Internet Connection Properties: Advanced Settings: Add 5 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. 6 Select Show icon in notification area when connected option and click OK. An icon displays in the system tray.
Chapter 24 Universal Plug-and-Play (UPnP) Figure 248 System Tray Icon 7 Double-click on the icon to display your current Internet connection status. Figure 249 Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the ZyXEL Device without finding out the IP address of the ZyXEL Device first. This comes helpful if you do not know the IP address of the ZyXEL Device. Follow the steps below to access the web configurator.
Chapter 24 Universal Plug-and-Play (UPnP) Figure 250 Network Connections 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click on the icon for your ZyXEL Device and select Invoke. The web configurator login screen displays.
Chapter 24 Universal Plug-and-Play (UPnP) Figure 251 Network Connections: My Network Places 6 Right-click on the icon for your ZyXEL Device and select Properties. A properties window displays with basic information about the ZyXEL Device.
Chapter 24 Universal Plug-and-Play (UPnP) 358 P-2602HWUDL-D User’s Guide
CHAPTER 25 Sharing a USB Printer This chapter describes how you can share a USB printer via your ZyXEL Device. 25.1 Overview The ZyXEL Device allows you to share a USB printer on your LAN. You can do this by connecting a USB printer to one of the USB ports on the ZyXEL Device and then configuring a TCP/IP port on the computers connected to your network.
Chapter 25 Sharing a USB Printer 25.3 Configure a TCP/IP Printer Port This example shows screens from a Windows 2000 Professional operating system. Some menu items may look different on your system. The TCP/IP port must be configured with the IP address of the ZyXEL Device and must use the LPR (Line Printer Remote) protocol to communicate with the printer.
Chapter 25 Sharing a USB Printer Figure 255 Open Printer Properties 4 Select the Ports tab and click Add Port... Figure 256 Printer Properties Window 5 A Printer Ports window appears. Select Standard TCP/IP Port and click New Port...
Chapter 25 Sharing a USB Printer 6 Add Standard TCP/IP Printer Port Wizard window opens up. Click Next to start configuring the printer port. Figure 258 Add a Port Wizard 7 Enter the IP address of the ZyXEL Device to which the printer is connected in the Printer Name or IP Address: field. In our example we use the default IP address of the ZyXEL Device, 192.168.1.1. The Port Name field updates automatically to reflect the IP address of the port. Click Next.
Chapter 25 Sharing a USB Printer Figure 260 Custom Port Settings 9 Confirm the IP address of the ZyXEL Device in the IP Address field. 10 Select LPR under Protocol. 11 Type the LPR queue name of your printer model in the Queue Name field and click OK. Refer to your printer documentation for the LPR queue name. Some printer models accept any name you want to use, in this case you can enter a short descriptive name for the Queue Name.
Chapter 25 Sharing a USB Printer Figure 262 Finish Adding the TCP/IP Port 13 Repeat steps 1 to 12 to add this printer to other computers on your network. 25.4 Print Server Screen The print server screen is used to confirm that the ZyXEL Device and the USB printer are able to communicate successfully. Click Advanced > Print Server to display the Print Server screen.
Chapter 25 Sharing a USB Printer The following table describes the labels in this screen. Table 133 Configuring Print Server LABEL DESCRIPTION Print Device Name Type a Print Device Name (of up to 31 printable characters) for recognition of the associated printer on the print server network. This name is displayed on a computer on the print server network when a print job is executed. Print Model Name This displays the model name of the printer currently connected to the ZyXEL Device print server.
Chapter 25 Sharing a USB Printer Figure 265 Add Printer Wizard: Welcome 3 Select Local printer and click Next. Figure 266 Add Printer Wizard: Local or Network Printer 4 Select an LPT (Line Printing Terminal) port (a parallel port) as the computer interface for the USB printer.
Chapter 25 Sharing a USB Printer Figure 267 Add Printer Wizard: Select the Printer Port 5 Select the make of the printer that you want to connect to the print server in the Manufacturers list of printers. 6 Select the printer model from the list of Printers. 7 If your printer is not displayed in the list of Printers, you can insert the printer driver installation CD/disk or download the driver file to your computer, click Have Disk… and install the new printer driver. 8 Click Next to continue.
Chapter 25 Sharing a USB Printer Figure 269 Add Printer Wizard: Use Existing Driver 10 Type a name to identify the printer and then click Next to continue. Figure 270 Add Printer Wizard: Name Your Printer 11 The ZyXEL Device is a print server itself and you do not need to have your computer act as a print server by sharing the printer with other users in the same network; just select Do not share this printer and click Next to proceed to the following screen.
Chapter 25 Sharing a USB Printer Figure 271 Add Printer Wizard: Printer Sharing 12 Select Yes and then click the Next button if you want to print a test page. A pop-up screen displays to ask if the test page printed correctly. Otherwise select No and then click Next to continue. Figure 272 Add Printer Wizard: Print Test Page 13 The following screen shows your current printer settings. Select Finish to complete adding a new printer.
Chapter 25 Sharing a USB Printer Figure 273 Add Printer Wizard Complete 25.6 Macintosh OS X Adding Printer Example Use the following steps to set up a print server driver on your Macintosh computer. 1 Click the Print Center icon located in the Macintosh Dock (a place holding a series of icons/shortcuts at the bottom of the desktop). Proceed to step 6 to continue. If the Print Center icon is not in the Macintosh Dock, proceed to the next step.
Chapter 25 Sharing a USB Printer Figure 276 Applications Folder 5 Double-click the Print Center icon. Figure 277 Utilities Folder 6 Click the Add icon at the top of the screen. Figure 278 Printer List Folder 7 Set up your printer in the Printer List configuration screen. Select IP Printing from the drop-down list box. 8 In the Printer’s Address field, type the IP address of your ZyXEL Device. 9 Deselect the Use default queue on server check box. 10 Type LP1 (a parallel port) in the Queue Name field.
Chapter 25 Sharing a USB Printer Figure 279 Printer Configuration 12 Click Add to select a printer model, save and close the Printer List configuration screen. Figure 280 Printer Model 13 The Name LP1 on 192.168.1.1 displays in the Printer List field. The default printer Name displays in bold type. Figure 281 Print Server 14 Your Macintosh print server driver setup is complete. You can now use the ZyXEL Device’s print server to print from a Macintosh computer.
Chapter 25 Sharing a USB Printer 25.7 ZyXEL Device Print Server Compatible USB Printers The following is a list of USB printer models compatible with the ZyXEL Device print server.
Chapter 25 Sharing a USB Printer Table 134 Compatible USB Printers (continued) 374 BRAND MODEL BRAND MODEL EPSON LQ-1170C HP LasetJet 5000 EPSON LQ-2070C HP LasetJet 5000LE EPSON LQ-2080C HP LasetJet 5100LE EPSON LQ-2090 HP LaserJet 6P EPSON LQ-2170C HP LaserJet 8100 EPSON LQ-2180C HP OfficeJet K850 EPSON LQ-2550 IBM Infoprint 20 EPSON LQ-3500C IBM Infoprint 1116 EPSON LQ-670 IBM Infoprint 1312 EPSON LQ-680 IBM Infoprint 1316 EPSON LQ-680C IBM Infoprint 1332
Chapter 25 Sharing a USB Printer Table 134 Compatible USB Printers (continued) BRAND MODEL BRAND MODEL EPSON EPL5800 LEXMARK C720 EPSON EPL5900 LEXMARK C750 EPSON EPL6100 LEXMARK W812 EPSON EPL6200 LEXMARK Z43 EPSON EPL-N2120 LEXMARK Z55 EPSON TM T88III LEXMARK Z705 FUJITSU DL-700 LEXMARK Z515 FUJITSU DL-900 MITAC MP-6600C FUJITSU DL-3400 NEC Pinwriter P2200 FUJITSU DL-3800 NEC Pinwriter P3200 FUJITSU DL-3850 NEC Pinwriter P5300 FUJITSU DL-5800 NEC Pinwrite
Chapter 25 Sharing a USB Printer Table 134 Compatible USB Printers (continued) 376 BRAND MODEL BRAND MODEL HP DeskJet 920C Sharp AR-265FG HP DeskJet 930C Sharp AR-M 160 HP DeskJet 948C Sharp AR-M 205 HP DeskJet 970CXI Sharp AR-M 207 HP DeskJet 1120C Sharp AR-M 235 HP DeskJet 1125C Sharp AR-M 275 HP DeskJet 1180C Sharp AR-M 350 HP DeskJet 1280 Sharp AR-M 400 HP DeskJet 3820 Sharp AR-M 450 HP DeskJet 5500 STAR NX-2420 HP DeskJet 5550 TOSHIBA E-161 HP DeskJet
CHAPTER 26 File Sharing Use these screens to set up file sharing through your ZyXEL Device. 26.1 File Sharing Implementation Overview Your ZyXEL Device allows you to connect USB 2.0 (or lower) file storage devices so that they can be accessed by users connected to your network. A file storage device can be a USB memory stick or a hard drive with a USB connector. The following figure is an overview of the ZyXEL Device’s file server feature.
Chapter 26 File Sharing 1 Connect a USB memory stick (or a USB hard drive) to one of the ZyXEL Device’s USB ports. 2 The ZyXEL Device detects the USB device and makes its contents available for browsing. If your USB device cannot be detected by ZyXEL Device, see the troubleshooting suggestions for The ZyXEL Device fails to detect my USB device. If you connect more than one device (or your hard drive has more than one partition), each device (or partition) is given its own folder.
Chapter 26 File Sharing Figure 283 Check the Workgroup Name 26.3 User Accounts The ZyXEL Device requires that a user enter a user name and password in order to access files on the USB storage device. When you browse to the ZyXEL Device you are prompted for a user name and password before you can access files on the USB storage device. Figure 284 File Sharing Login Once logged in, you do not have to re-login until you restart the computer, even if the administrator changes the username and password. 26.
Chapter 26 File Sharing Figure 285 File Sharing > Server Configuration Each field is described in the following table. Table 135 File Sharing > Server Configuration LABEL DESCRIPTION Enable File Sharing Services Select this to enable file sharing through the ZyXEL Device. Server Configuration Select Default Share Directory List to use the preset share names. Select User-Defined Share Directory List to use your own share names and set access levels.
Chapter 26 File Sharing Figure 286 File Sharing > User Configuration Each field is described in the following table. Table 136 File Sharing > User Configuration LABEL DESCRIPTION # This is a read-only index number of the user name on the ZyXEL Device. Active This shows whether the user name is active (able to access shares via the ZyXEL Device) or inactive (unable to access shares via the ZyXEL Device). User Name This field shows the list of user names already configured on the ZyXEL Device.
Chapter 26 File Sharing Table 137 File Sharing > User Configuration > Add/Edit LABEL DESCRIPTION Password Enter the password for this account. The password can be 31 alpha-numeric characters long. Retype to Confirm Retype the password. Back Click this button to return to the previous screen without saving your settings. Apply Click this to save your changes to the ZyXEL Device. Cancel Click this to set the fields in this screen to their defaults. 26.
Chapter 26 File Sharing 26.6.2 User-Defined Share Directory List Figure 289 File Sharing > Share Configuration: User-Defined Each field is described in the following table. Table 139 File Sharing > Share Configuration: User-Defined LABEL DESCRIPTION User-Defined Share Directory List These fields identify the shares you configured on the ZyXEL Device. # This is a read-only index number of the user-defined share on the ZyXEL Device.
Chapter 26 File Sharing Table 140 File Sharing > Share Configuration: User-Defined > Add/Edit LABEL DESCRIPTION Browse Click this button to select the file path for the user-defined share directory. This is the folder that will be visible to a user browsing to the USB storage device. A user can access any files and sub-folders in this folder. Share Description You can either enter a short description of the share, or leave this field blank.
Chapter 26 File Sharing 26.7 Examples of Accessing Files via the ZyXEL Device Once you have enabled file sharing and configured a user account for file sharing. The USB file storage devices become a part of your file structure. There are several ways to start browsing the file storage devices connected to the ZyXEL Device. " The examples in this User’s Guide show you how to use Microsoft’s Windows 2000 to browse your shared files.
Chapter 26 File Sharing 26.7.2 Using the Run Utility to Share Files On your Windows 2000 computer, click Start, Run and type a double backslash “\\” followed by the IP address of the ZyXEL Device and click OK. Figure 293 Run Utility to Browse Files The Run utility automatically opens Windows Explorer and displays the contents of the USB storage device connected to your ZyXEL Device. 26.7.
Chapter 26 File Sharing The screen changes and shows you the folder for the USB storage device connected to your ZyXEL Device. Double-click the folder to display the contents in it. Figure 296 File Sharing via FTP: Login 26.7.4 Using the Workgroup Name to Access Files Before using this method to access files you need to make sure that you have correctly configured the workgroup name in the File Sharing > General screen. See Section 26.2.1 on page 378 for more information.
Chapter 26 File Sharing Figure 297 Browse to a File Share via Workgroup Name 388 P-2602HWUDL-D User’s Guide
P ART IV Maintenance, Troubleshooting and Specifications System (391) Logs (395) Tools (409) Diagnostic (421) Troubleshooting (425) Product Specifications (433) 389
CHAPTER 27 System Use this screen to configure the ZyXEL Device’s time and date settings. 27.1 General Setup and System Name General Setup contains administrative and system-related information. System Name is for identification purposes. However, because some ISPs check this name you should enter your computer's "Computer Name". • In Windows 95/98 click Start, Settings, Control Panel, Network. Click the Identification tab, note the entry for the Computer Name field and enter it as the System Name.
Chapter 27 System Figure 298 System General Setup The following table describes the labels in this screen. Table 142 System General Setup LABEL DESCRIPTION General Setup System Name Choose a descriptive name for identification purposes. It is recommended you enter your computer’s “Computer name” in this field. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes “-” and underscores "_" are accepted. Domain Name Enter the domain name (if you know it) here.
Chapter 27 System 27.2 Time Setting To change your ZyXEL Device’s time and date, click Maintenance > System > Time Setting. The screen appears as shown. Use this screen to configure the ZyXEL Device’s time based on your local time zone. Figure 299 System Time Setting The following table describes the fields in this screen. Table 143 System Time Setting LABEL DESCRIPTION Current Time and Date Current Time This field displays the time of your ZyXEL Device.
Chapter 27 System Table 143 System Time Setting (continued) LABEL DESCRIPTION New Date (yyyy/mm/dd) This field displays the last updated date from the time server or the last date configured manually. When you set Time and Date Setup to Manual, enter the new date in this field and then click Apply. Get from Time Server Select this radio button to have the ZyXEL Device get the time and date from the time server you specified below.
CHAPTER 28 Logs This chapter contains information about configuring general log settings and viewing the ZyXEL Device’s logs. 28.1 Logs Overview The web configurator allows you to choose which categories of events and/or alerts to have the ZyXEL Device log and then display the logs or have the ZyXEL Device send them to an administrator (as e-mail) or to a syslog server. 28.1.1 Alerts and Logs An alert is a type of log that warrants more serious attention.
Chapter 28 Logs Figure 300 View Log The following table describes the fields in this screen. Table 144 View Log LABEL DESCRIPTION Display The categories that you select in the Log Settings screen display in the drop-down list box. Select a category of logs to view; select All Logs to view logs from all of the log categories that you selected in the Log Settings page.
Chapter 28 Logs Figure 301 Log Settings The following table describes the fields in this screen. Table 145 Log Settings LABEL DESCRIPTION E-mail Log Settings Mail Server Enter the server name or the IP address of the mail server for the e-mail addresses specified below. If this field is left blank, logs and alert messages will not be sent via E-mail. Mail Subject Type a title that you want to be in the subject line of the log e-mail message that the ZyXEL Device sends.
Chapter 28 Logs Table 145 Log Settings LABEL DESCRIPTION Send Alerts to Alerts are real-time notifications that are sent as soon as an event, such as a DoS attack, system error, or forbidden web access attempt occurs. Enter the E-mail address where the alert messages will be sent. Alerts include system errors, attacks and attempted access to blocked web sites. If this field is left blank, alert messages will not be sent via E-mail.
Chapter 28 Logs “SMTP action request failed. ret= ??". The “??"are described in the following table. Table 146 SMTP Error Messages -1 means ZyXEL Device out of socket -2 means tcp SYN fail -3 means smtp server OK fail -4 means HELO fail -5 means MAIL FROM fail -6 means RCPT TO fail -7 means DATA fail -8 means mail data send fail 28.4.1 Example E-mail Log An "End of Log" message displays for each mail in which a complete log has been sent. The following is an example of a log sent by e-mail.
Chapter 28 Logs 28.5 Log Descriptions This section provides descriptions of example log messages. Table 147 System Maintenance Logs 400 LOG MESSAGE DESCRIPTION Time calibration is successful The router has adjusted its time based on information from the time server. Time calibration failed The router failed to get information from the time server. WAN interface gets IP: %s A WAN interface got a new IP address from the DHCP, PPPoE, or dial-up server.
Chapter 28 Logs Table 148 System Error Logs LOG MESSAGE DESCRIPTION %s exceeds the max. number of session per host! This attempt to create a NAT session exceeds the maximum number of NAT session table entries allowed to be created per host. setNetBIOSFilter: calloc error The router failed to allocate memory for the NetBIOS filter settings. readNetBIOSFilter: calloc error The router failed to allocate memory for the NetBIOS filter settings. WAN connection is down. A WAN connection is down.
Chapter 28 Logs Table 150 TCP Reset Logs (continued) LOG MESSAGE DESCRIPTION Exceed MAX incomplete, sent TCP RST The router sent a TCP reset packet when the number of incomplete connections (TCP and UDP) exceeded the userconfigured threshold. (Incomplete count is for all TCP and UDP connections through the firewall.
Chapter 28 Logs Table 153 CDR Logs (continued) LOG MESSAGE DESCRIPTION board %d line %d channel %d, call %d, %s C02 OutCall Connected %d %s The PPPoE, PPTP or dial-up call is connected. board %d line %d channel %d, call %d, %s C02 Call Terminated The PPPoE, PPTP or dial-up call was disconnected. Table 154 PPP Logs LOG MESSAGE DESCRIPTION ppp:LCP Starting The PPP connection’s Link Control Protocol stage has started. ppp:LCP Opening The PPP connection’s Link Control Protocol stage is opening.
Chapter 28 Logs Table 157 Attack Logs (continued) LOG MESSAGE DESCRIPTION ip spoofing - WAN [ TCP | UDP | IGMP | ESP | GRE | OSPF ] The firewall detected an IP spoofing attack on the WAN port. ip spoofing - WAN ICMP (type:%d, code:%d) The firewall detected an ICMP IP spoofing attack on the WAN port. icmp echo : ICMP (type:%d, code:%d) The firewall detected an ICMP echo attack. syn flood TCP The firewall detected a TCP syn flood attack. ports scan TCP The firewall detected a TCP port scan attack.
Chapter 28 Logs Table 158 802.1X Logs (continued) LOG MESSAGE DESCRIPTION Use RADIUS to authenticate user. The RADIUS server is operating as the authentication server. No Server to authenticate user. There is no authentication server to authenticate a user. Table 159 ACL Setting Notes PACKET DIRECTION DIRECTION DESCRIPTION (L to W) LAN to WAN ACL set for packets traveling from the LAN to the WAN. (W to L) WAN to LAN ACL set for packets traveling from the WAN to the LAN.
Chapter 28 Logs Table 160 ICMP Notes (continued) TYPE CODE DESCRIPTION 0 Pointer indicates the error Timestamp 13 0 Timestamp request message Timestamp Reply 14 0 Timestamp reply message Information Request 15 0 Information request message Information Reply 16 0 Information reply message Table 161 Syslog Logs LOG MESSAGE DESCRIPTION Mon dd hr:mm:ss hostname src="" dst="" msg="" note="" devID="" cat
Chapter 28 Logs Table 164 FSM Logs: Caller Side LOG MESSAGE DESCRIPTION VoIP Call Start Ph[Phone Port Number] <- Outgoing Call Number Someone used a phone connected to the listed phone port to initiate a VoIP call to the listed destination. VoIP Call Established Ph[Phone Port] -> Outgoing Call Number Someone used a phone connected to the listed phone port to make a VoIP call to the listed destination.
Chapter 28 Logs Table 167 RFC-2408 ISAKMP Payload Types (continued) 408 LOG DISPLAY PAYLOAD TYPE NONCE Nonce NOTFY Notification DEL Delete VID Vendor ID P-2602HWUDL-D User’s Guide
CHAPTER 29 Tools This chapter explains how to upload new firmware, manage configuration files and restart your ZyXEL Device. 1 Do not interrupt the file transfer process as this may PERMANENTLY DAMAGE your ZyXEL Device. 29.1 Introduction Use the instructions in this chapter to change the device’s configuration file or upgrade its firmware. After you configure your device, you can backup the configuration file to a computer.
Chapter 29 Tools ZyNOS (ZyXEL Network Operating System sometimes referred to as the “ras” file) is the system firmware and has a “bin” filename extension. Find this firmware at www.zyxel.com.With many FTP and TFTP clients, the filenames are similar to those seen next. ftp> put firmware.bin ras This is a sample FTP session showing the transfer of the computer file "firmware.bin" to the ZyXEL Device. ftp> get rom-0 config.
Chapter 29 Tools 1 Do NOT turn off the ZyXEL Device while firmware upload is in progress! Figure 303 Firmware Upgrade The following table describes the labels in this screen. Table 169 Firmware Upgrade LABEL DESCRIPTION Current Firmware Version This is the present Firmware version and the date created. File Path Type in the location of the file you want to upload in this field or click Browse ... to find it. Browse... Click Browse... to find the .bin file you want to upload.
Chapter 29 Tools The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 305 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen. If the upload was not successful, the following screen will appear. Click Return to go back to the Firmware screen. Figure 306 Error Message 29.5 Backup and Restore See Section 29.
Chapter 29 Tools Figure 307 Configuration 29.5.1 Backup Configuration Backup Configuration allows you to back up (save) the ZyXEL Device’s current configuration to a file on your computer. Once your ZyXEL Device is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes. The backup configuration file will be useful in case you need to return to your previous settings.
Chapter 29 Tools After you see a “restore configuration successful” screen, you must then wait one minute before logging into the ZyXEL Device again. Figure 308 Configuration Upload Successful The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop.
Chapter 29 Tools Figure 311 Reset Warning Message Figure 312 Reset In Process Message You can also press the RESET button on the rear panel to reset the factory defaults of your ZyXEL Device. Refer to Section 1.6 on page 49 for more information on the RESET button. 29.6 Restart System restart allows you to reboot the ZyXEL Device without turning the power off. Click Maintenance > Tools > Restart. Click Restart to have the ZyXEL Device reboot. This does not affect the ZyXEL Device's configuration.
Chapter 29 Tools 2 3 4 5 6 Enter “open”, followed by a space and the IP address of your ZyXEL Device. Press [ENTER] when prompted for a username. Enter your password as requested (the default is “1234”). Enter “bin” to set transfer mode to binary. Use “get” to transfer files from the ZyXEL Device to the computer, for example, “get rom-0 config.rom” transfers the configuration file on the ZyXEL Device to your computer and renames it “config.rom”.
Chapter 29 Tools 29.7.4 Backup Configuration Using TFTP The ZyXEL Device supports the up/downloading of the firmware and the configuration file using TFTP (Trivial File Transfer Protocol) over LAN. Although TFTP should work over WAN as well, it is not recommended. To use TFTP, your computer must have both telnet and TFTP clients. To backup the configuration file, follow the procedure shown next. 1 Use telnet from your computer to connect to the ZyXEL Device and log in.
Chapter 29 Tools Table 172 General Commands for GUI-based TFTP Clients (continued) COMMAND DESCRIPTION Binary Transfer the file in binary mode. Abort Stop transfer of the file. Refer to Section 29.3 on page 410 to read about configurations that disallow TFTP and FTP over WAN. 29.8 Using FTP or TFTP to Restore Configuration This section shows you how to restore a previously saved configuration.
Chapter 29 Tools 1 Do not interrupt the file transfer process as this may PERMANENTLY DAMAGE your device. FTP is the preferred method for uploading the firmware and configuration. To use this feature, your computer must have an FTP client. The following sections give examples of how to upload the firmware and the configuration files. 29.9.1 FTP File Upload Command from the DOS Prompt Example 1 2 3 4 5 6 Launch the FTP client on your computer.
Chapter 29 Tools 29.9.3 TFTP File Upload The device also supports the uploading of firmware files using TFTP (Trivial File Transfer Protocol) over LAN. Although TFTP should work over WAN as well, it is not recommended. To use TFTP, your computer must have both telnet and TFTP clients. To transfer the firmware and the configuration file, follow the procedure shown next. 1 Use telnet from your computer to connect to the device and log in.
CHAPTER 30 Diagnostic These read-only screens display information to help you identify problems with the ZyXEL Device. 30.1 General Diagnostic Click Maintenance > Diagnostic to open the screen shown next. Figure 317 Diagnostic: General The following table describes the fields in this screen. Table 173 Diagnostic: General LABEL DESCRIPTION TCP/IP Address Type the IP address of a computer that you want to ping in order to test a connection.
Chapter 30 Diagnostic Figure 318 Diagnostic: DSL Line The following table describes the fields in this screen. Table 174 Diagnostic: DSL Line 422 LABEL DESCRIPTION ATM Status Click this button to view your DSL connection’s Asynchronous Transfer Mode (ATM) statistics. ATM is a networking technology that provides high-speed data transfer. ATM uses fixed-size packets of information called cells. With ATM, a high QoS (Quality of Service) can be guaranteed.
Chapter 30 Diagnostic Table 174 Diagnostic: DSL Line (continued) LABEL DESCRIPTION DSL Line Status Click this button to view statistics about the DSL connections. noise margin downstream is the signal to noise ratio for the downstream part of the connection (coming into the ZyXEL Device from the ISP). It is measured in decibels. The higher the number the more signal and less noise there is. output power upstream is the amount of power (in decibels) that the ZyXEL Device is using to transmit to the ISP.
Chapter 30 Diagnostic 424 P-2602HWUDL-D User’s Guide
CHAPTER 31 Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • • • • • • Power, Hardware Connections, and LEDs ZyXEL Device Access and Login Internet Access Phone Calls and VoIP Multiple SIP Accounts USB Device Connection 31.1 Power, Hardware Connections, and LEDs V The ZyXEL Device does not turn on. None of the LEDs turn on. 1 Make sure the ZyXEL Device is turned on.
Chapter 31 Troubleshooting 31.2 ZyXEL Device Access and Login V I forgot the IP address for the ZyXEL Device. 1 The default IP address is 192.168.1.1. 2 If you changed the IP address and have forgotten it, you might get the IP address of the ZyXEL Device by looking up the IP address of the default gateway for your computer. To do this in most Windows computers, click Start > Run, enter cmd, and then enter ipconfig.
Chapter 31 Troubleshooting 5 Reset the device to its factory defaults, and try to access the ZyXEL Device with the default IP address. See Section 1.6 on page 49. 6 If the problem continues, contact the network administrator or vendor, or try one of the advanced suggestions. Advanced Suggestions • Try to access the ZyXEL Device using another service, such as Telnet.
Chapter 31 Troubleshooting 31.3 Internet Access V I cannot access the Internet. 1 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide and Section 1.5 on page 48. 2 Make sure you entered your ISP account information correctly in the wizard. These fields are case-sensitive, so make sure [Caps Lock] is not on.
Chapter 31 Troubleshooting • Check the settings for QoS. If it is disabled, you might consider activating it. If it is enabled, you might consider raising or lowering the priority for some applications. 31.4 Phone Calls and VoIP V The telephone port won’t work or the telephone lacks a dial tone. 1 Check the telephone connections and telephone wire. 2 Make sure you have the VoIP SIP Settings screen properly configured. V I can access the Internet, but cannot make VoIP calls.
Chapter 31 Troubleshooting Figure 319 Outgoing Calls: Default PHONE Internet SIP 1 DECT 1 SIP 2 In the next example, the PHONE port is configured to use SIP account 1 and DECT phone 1 is configured to use SIP account 2. In this case, every time you place a call through the PHONE port, you are using your SIP account 1. Similarly, every time you place a call through DECT phone 1, you are using your SIP account 2.
Chapter 31 Troubleshooting Figure 321 Incoming Calls: Default PHONE Internet SIP 1 DECT 1 SIP 2 In the next example, the PHONE port is configured to use SIP account 1 and DECT phone 1 is configured to use SIP account 2 for incoming calls. In this case, every time you receive a call from your SIP account 1, the phone connected to the PHONE port rings. Similarly, every time you receive a call from your SIP account 2, DECT phone 1 rings.
Chapter 31 Troubleshooting 1 Disconnect the USB device. 2 Reboot the ZyXEL Device. 3 If you are connecting a USB hard drive that comes with an external power supply, make sure it is connected to an appropriate power source that is on. 4 Re-connect your USB device to the ZyXEL Device.
CHAPTER 32 Product Specifications The following tables summarize the ZyXEL Device’s hardware and firmware features. Hardware Specifications Table 175 Hardware Specifications Dimensions (168 W) x (37 D) x (248 H) mm Weight 390g Power Specification 18VAC 1A Built-in Switch Four auto-negotiating, auto MDI/MDI-X 10/100 Mbps RJ-45 Ethernet ports PHONE Ports 1 RJ-11 FXS POTS port PSTN Line port 1 RJ-11 FXS POTS port for making calls over the PSTN line.
Chapter 32 Product Specifications Table 176 Firmware Specifications (continued) The range of your ZyXEL Device during the registration process Outdoor : 300 Meters Indoor : 50 Meters Content Filtering Web page blocking by URL keyword. Static Routes 16 IP Device Management Use the web configurator to easily configure the rich range of features on the ZyXEL Device. Wireless Functionality (wireless devices only) Allow the IEEE 802.11b and/or IEEE 802.
Chapter 32 Product Specifications Table 176 Firmware Specifications (continued) Remote Management This allows you to decide whether a service (HTTP or FTP traffic for example) from a computer on a network (LAN or WAN for example) can access the ZyXEL Device.
Chapter 32 Product Specifications Table 176 Firmware Specifications (continued) 436 DHCP DHCP (Dynamic Host Configuration Protocol) allows the individual clients (computers) to obtain the TCP/IP configuration at start-up from a centralized DHCP server. Your device has built-in DHCP server capability enabled by default. It can assign IP addresses, an IP default gateway and DNS servers to DHCP clients.
Chapter 32 Product Specifications Table 176 Firmware Specifications (continued) Other Features Zero Configuration (VC auto-hunting) Traffic Redirect Dynamic DNS SPTGEN QoS Firewall Stateful Packet Inspection Prevent Denial of Service attacks such as Ping of Death, SYN Flood, LAND, Smurf etc.
Chapter 32 Product Specifications Table 177 Voice Features 438 Call Fallback Call fallback allows you to set the ZyXEL Device to automatically use the PSTN connection for outgoing calls if the SIP account is not working, or to use the SIP account for outgoing calls if the PSTN port is unplugged or not working. Call Park and Pickup Call park and pickup lets you put a call on hold (park) and then continue the call (pickup).
Chapter 32 Product Specifications Table 177 Voice Features Call forwarding With this feature, you can set the ZyXEL Device to forward calls to a specified number, either unconditionally (always), when your number is busy, or when you do not answer. You can also forward incoming calls from one specified number to another. Caller ID The ZyXEL Device supports caller ID, which allows you to see the originating number of an incoming call (on a phone with a suitable display).
Chapter 32 Product Specifications Wireless Features Table 178 Wireless Features 440 IEEE 802.11g+ Wireless LAN Your device supports IEEE 802.11g+ to allow any ZyXEL WLAN devices that also support IEEE 802.1g+ to associate with the ZyXEL Device at higher transmission speeds than with standard IEEE 802.11g. External Antenna The ZyXEL Device is equipped with an attached antenna to provide a clear radio signal between the wireless stations and the access points.
Chapter 32 Product Specifications IEEE 802.11g Wireless LAN IEEE 802.11g is fully compatible with the IEEE 802.11b standard. This means an IEEE 802.11b radio card can interface directly with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range. IEEE 802.11g has several intermediate rate steps between the maximum and minimum data rates. The IEEE 802.11g data rate and modulation are as follows: Table 179 IEEE 802.
Chapter 32 Product Specifications Table 180 Standards Supported (continued) STANDARD DESCRIPTION IEEE 802.11 Also known by the brand Wi-Fi, denotes a set of Wireless LAN/WLAN standards developed by working group 11 of the IEEE LAN/MAN Standards Committee (IEEE 802). IEEE 802.11b Uses the 2.4 gigahertz (GHz) band IEEE 802.11g Uses the 2.4 gigahertz (GHz) band IEEE 802.11g+ Turbo and Super G modes IEEE 802.
Chapter 32 Product Specifications Table 181 P-2602HWL Series Power Adaptor Specifications (continued) Output Power DC 18Volts/1A DC 18Volts/1A Power Consumption 12 Watt max 12 Watt max Safety Standards TUV, CE(EN 60950 -1 ) TUV, CE(EN 60950-1) AC Power Adapter Model ADS18B-D 180100 MU18-2180100-B2 Input Power AC 100~240Volts/50/60Hz/0.5A AC 100~240Volts/50/60Hz/0.
Chapter 32 Product Specifications 444 P-2602HWUDL-D User’s Guide
P ART V Appendices and Index " The appendices provide general information. Some details may not apply to your ZyXEL Device.
APPENDIX A Setting up Your Computer’s IP Address " The purpose of this appendix is to show you how to configure an IP address on your computer depending on what operating system you have. It does NOT mean that your ZyXEL Device supports all these operating systems. All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed.
Appendix A Setting up Your Computer’s IP Address Figure 323 WIndows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add. 2 Select Adapter and then click Add. 3 Select the manufacturer and model of your network adapter and then click OK.
Appendix A Setting up Your Computer’s IP Address Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab. • If your IP address is dynamic, select Obtain an IP address automatically. • If you have a static IP address, select Specify an IP address and type your information into the IP Address and Subnet Mask fields. Figure 324 Windows 95/98/Me: TCP/IP Properties: IP Address 3 Click the DNS Configuration tab.
Appendix A Setting up Your Computer’s IP Address Figure 325 Windows 95/98/Me: TCP/IP Properties: DNS Configuration 4 Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add. 5 Click OK to save and close the TCP/IP Properties window. 6 Click OK to close the Network window. Insert the Windows CD if prompted.
Appendix A Setting up Your Computer’s IP Address Figure 326 Windows XP: Start Menu 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 327 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties.
Appendix A Setting up Your Computer’s IP Address Figure 328 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 329 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). • If you have a dynamic IP address click Obtain an IP address automatically.
Appendix A Setting up Your Computer’s IP Address Figure 330 Windows XP: Internet Protocol (TCP/IP) Properties 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: • In the IP Settings tab, in IP addresses, click Add. • In TCP/IP Address, type an IP address in IP address and a subnet mask in Subnet mask, and then click Add.
Appendix A Setting up Your Computer’s IP Address Figure 331 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
Appendix A Setting up Your Computer’s IP Address Figure 332 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 10 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT). 11 Turn on your ZyXEL Device and restart your computer (if prompted).
Appendix A Setting up Your Computer’s IP Address Figure 333 Windows Vista: Start Menu 2 In the Control Panel, double-click Network and Internet. Figure 334 Windows Vista: Control Panel 3 Click Network and Sharing Center. Figure 335 Windows Vista: Network And Internet 4 Click Manage network connections.
Appendix A Setting up Your Computer’s IP Address 5 Right-click Local Area Connection and then click Properties. " During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue. Figure 337 Windows Vista: Network and Sharing Center 6 Select Internet Protocol Version 4 (TCP/IPv4) and click Properties.
Appendix A Setting up Your Computer’s IP Address 7 The Internet Protocol Version 4 (TCP/IPv4) Properties window opens (the General tab). • If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP address and fill in the IP address, Subnet mask, and Default gateway fields. • Click Advanced.
Appendix A Setting up Your Computer’s IP Address Figure 340 Windows Vista: Advanced TCP/IP Properties 9 In the Internet Protocol Version 4 (TCP/IPv4) Properties window, (the General tab): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
Appendix A Setting up Your Computer’s IP Address Figure 341 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 10 Click OK to close the Internet Protocol Version 4 (TCP/IPv4) Properties window. 11 Click Close to close the Local Area Connection Properties window. 12 Close the Network Connections window. 13 Turn on your ZyXEL Device and restart your computer (if prompted). Verifying Settings 1 Click Start, All Programs, Accessories and then Command Prompt.
Appendix A Setting up Your Computer’s IP Address Figure 342 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 343 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. 4 For statically assigned settings, do the following: • From the Configure box, select Manually.
Appendix A Setting up Your Computer’s IP Address • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your ZyXEL Device in the Router address box. 5 Close the TCP/IP Control Panel. 6 Click Save if prompted, to save changes to your configuration. 7 Turn on your ZyXEL Device and restart your computer (if prompted). Verifying Settings Check your TCP/IP properties in the TCP/IP Control Panel window.
Appendix A Setting up Your Computer’s IP Address Figure 345 Macintosh OS X: Network 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your ZyXEL Device in the Router address box. 5 Click Apply Now and close the window. 6 Turn on your ZyXEL Device and restart your computer (if prompted).
Appendix A Setting up Your Computer’s IP Address " Make sure you are logged in as the root administrator. Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE. 1 Click the Red Hat button (located on the bottom left corner), select System Setting and click Network. Figure 346 Red Hat 9.0: KDE: Network Configuration: Devices 2 Double-click on the profile of the network card you wish to configure.
Appendix A Setting up Your Computer’s IP Address • If you have a dynamic IP address, click Automatically obtain IP address settings with and select dhcp from the drop down list. • If you have a static IP address, click Statically set IP Addresses and fill in the Address, Subnet mask, and Default Gateway Address fields. 3 Click OK to save the changes and close the Ethernet Device General screen. 4 If you know your DNS server IP address(es), click the DNS tab in the Network Configuration screen.
Appendix A Setting up Your Computer’s IP Address Figure 350 Red Hat 9.0: Dynamic IP Address Setting in ifconfig-eth0 DEVICE=eth0 ONBOOT=yes BOOTPROTO=dhcp USERCTL=no PEERDNS=yes TYPE=Ethernet • If you have a static IP address, enter static in the BOOTPROTO= field. Type IPADDR= followed by the IP address (in dotted decimal notation) and type NETMASK= followed by the subnet mask. The following example shows an example where the static IP address is 192.168.1.10 and the subnet mask is 255.255.255.0.
Appendix A Setting up Your Computer’s IP Address Verifying Settings Enter ifconfig in a terminal screen to check your TCP/IP properties. Figure 354 Red Hat 9.0: Checking TCP/IP Properties [root@localhost]# ifconfig eth0 Link encap:Ethernet HWaddr 00:50:BA:72:5B:44 inet addr:172.23.19.129 Bcast:172.23.19.255 Mask:255.255.255.
Appendix A Setting up Your Computer’s IP Address 468 P-2602HWUDL-D User’s Guide
APPENDIX B Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). " Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device.
Appendix B Pop-up Windows, JavaScripts and Java Permissions 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 356 Internet Options: Privacy 3 Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 In Internet Explorer, select Tools, Internet Options and then the Privacy tab.
Appendix B Pop-up Windows, JavaScripts and Java Permissions Figure 357 Internet Options: Privacy 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. 4 Click Add to move the IP address to the list of Allowed sites.
Appendix B Pop-up Windows, JavaScripts and Java Permissions 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. 1 In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 359 Internet Options: Security 2 3 4 5 6 472 Click the Custom Level... button. Scroll down to Scripting.
Appendix B Pop-up Windows, JavaScripts and Java Permissions Figure 360 Security Settings - Java Scripting Java Permissions 1 2 3 4 5 From Internet Explorer, click Tools, Internet Options and then the Security tab. Click the Custom Level... button. Scroll down to Microsoft VM. Under Java permissions make sure that a safety level is selected. Click OK to close the window.
Appendix B Pop-up Windows, JavaScripts and Java Permissions JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for
Appendix B Pop-up Windows, JavaScripts and Java Permissions Figure 363 Mozilla Firefox: Tools > Options Click Content.to show the screen below. Select the check boxes as shown in the following screen.
Appendix B Pop-up Windows, JavaScripts and Java Permissions 476 P-2602HWUDL-D User’s Guide
APPENDIX C IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
Appendix C IP Addresses and Subnetting Figure 365 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation). The term “subnet” is short for “subnetwork”. A subnet mask has 32 bits.
Appendix C IP Addresses and Subnetting Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks. Table 183 Subnet Masks BINARY DECIMAL 1ST OCTET 2ND OCTET 3RD OCTET 4TH OCTET 8-bit mask 11111111 00000000 00000000 00000000 255.0.0.0 16-bit mask 11111111 11111111 00000000 00000000 255.255.0.0 24-bit mask 11111111 11111111 11111111 00000000 255.255.255.
Appendix C IP Addresses and Subnetting Table 185 Alternative Subnet Mask Notation (continued) SUBNET MASK ALTERNATIVE NOTATION LAST OCTET (BINARY) LAST OCTET (DECIMAL) 255.255.255.192 /26 1100 0000 192 255.255.255.224 /27 1110 0000 224 255.255.255.240 /28 1111 0000 240 255.255.255.248 /29 1111 1000 248 255.255.255.252 /30 1111 1100 252 Subnetting You can use subnetting to divide one network into multiple sub-networks.
Appendix C IP Addresses and Subnetting Figure 367 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 27 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address). 192.168.1.0 with mask 255.255.255.128 is subnet A itself, and 192.168.1.127 with mask 255.255.255.128 is its broadcast address.
Appendix C IP Addresses and Subnetting Table 187 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 64 IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.64 Lowest Host ID: 192.168.1.65 Broadcast Address: 192.168.1.127 Highest Host ID: 192.168.1.126 Table 188 Subnet 3 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1.
Appendix C IP Addresses and Subnetting Table 190 Eight Subnets (continued) SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BROADCAST ADDRESS 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 225 254 255 Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 191 24-bit Network Number Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 1 255.255.255.
Appendix C IP Addresses and Subnetting Table 192 16-bit Network Number Subnet Planning (continued) NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 14 255.255.255.252 (/30) 16384 2 15 255.255.255.254 (/31) 32768 1 Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
APPENDIX D Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless adapters (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an ad-hoc network or Independent Basic Service Set (IBSS).
Appendix D Wireless LANs Figure 369 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This type of wireless LAN topology is called an Infrastructure WLAN. The Access Points not only provide communication with the wired network but also mediate wireless network traffic in the immediate neighborhood.
Appendix D Wireless LANs Figure 370 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by wireless devices to transmit and receive data. Channels available depend on your geographical area. You may have a choice of channels (for your region) so you should use a channel different from an adjacent AP (access point) to reduce interference. Interference occurs when radio signals from different access points overlap causing interference and degrading performance.
Appendix D Wireless LANs Figure 371 RTS/CTS When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations. RTS/CTS is designed to prevent collisions due to hidden nodes.
Appendix D Wireless LANs If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. Preamble Type Preamble is used to signal that data is coming to the receiver. Short and long refer to the length of the synchronization field in a packet.
Appendix D Wireless LANs Wireless security methods available on the ZyXEL Device are data encryption, wireless client authentication, restricting access by device MAC address and hiding the ZyXEL Device identity. The following figure shows the relative effectiveness of these wireless security methods available on your ZyXEL Device.
Appendix D Wireless LANs Determines the network services available to authenticated users once they are connected to the network. • Accounting Keeps track of the client’s network activity. RADIUS is a simple package exchange in which your AP acts as a message relay between the wireless client and the network RADIUS server.
Appendix D Wireless LANs For EAP-TLS authentication type, you must first have a wired connection to the network and obtain the certificate(s) from a certificate authority (CA). A certificate (also called digital IDs) can be used to authenticate users and a CA issues certificates and guarantees the identity of each certificate owner. EAP-MD5 (Message-Digest Algorithm 5) MD5 authentication is the simplest one-way authentication method. The authentication server sends a challenge to the wireless client.
Appendix D Wireless LANs Dynamic WEP Key Exchange The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless connection times out, disconnects or reauthentication times out. A new WEP key is generated each time reauthentication is performed. If this feature is enabled, it is not necessary to configure a default encryption key in the wireless security configuration screen.
Appendix D Wireless LANs Encryption Both WPA and WPA2 improve data encryption by using Temporal Key Integrity Protocol (TKIP), Message Integrity Check (MIC) and IEEE 802.1x. WPA and WPA2 use Advanced Encryption Standard (AES) in the Counter mode with Cipher block chaining Message authentication code Protocol (CCMP) to offer stronger encryption than TKIP. TKIP uses 128-bit keys that are dynamically generated and distributed by the authentication server.
Appendix D Wireless LANs Wireless Client WPA Supplicants A wireless client supplicant is the software that runs on an operating system instructing the wireless client how to use WPA. At the time of writing, the most widely available supplicant is the WPA patch for Windows XP, Funk Software's Odyssey client. The Windows XP patch is a free download that adds WPA capability to Windows XP's built-in "Zero Configuration" wireless client. However, you must run Windows XP to use it.
Appendix D Wireless LANs 3 The AP and wireless clients generate a common PMK (Pairwise Master Key). The key itself is not sent over the network, but is derived from the PSK and the SSID. 4 The AP and wireless clients use the TKIP or AES encryption process, the PMK and information exchanged in a handshake to create temporal encryption keys. They use these keys to encrypt data exchanged between them.
Appendix D Wireless LANs Antenna Overview An antenna couples RF signals onto air. A transmitter within a wireless device sends an RF signal to the antenna, which propagates the signal through the air. The antenna also operates in reverse by capturing RF signals from the air. Positioning the antennas properly increases the range and coverage area of a wireless LAN. Antenna Characteristics Frequency An antenna in the frequency of 2.4GHz (IEEE 802.11b and IEEE 802.11g) or 5GHz (IEEE 802.
Appendix D Wireless LANs Positioning Antennas In general, antennas should be mounted as high as practically possible and free of obstructions. In point-to–point application, position both antennas at the same height and in a direct line of sight to each other to attain the best performance. For omni-directional antennas mounted on a table, desk, and so on, point the antenna up. For omni-directional antennas mounted on a wall or ceiling, point the antenna down.
APPENDIX E Services The following table lists some commonly-used services and their associated protocols and port numbers. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like. • Protocol: This is the type of IP protocol used by the service. If this is TCP/UDP, then the service uses the same port number with TCP and UDP. If this is USER-DEFINED, the Port(s) is the IP protocol number, not the port number.
Appendix E Services Table 197 Examples of Services (continued) 500 NAME PROTOCOL PORT(S) DESCRIPTION H.323 TCP 1720 NetMeeting uses this protocol. HTTP TCP 80 Hyper Text Transfer Protocol - a client/ server protocol for the world wide web. HTTPS TCP 443 HTTPS is a secured http session often used in e-commerce. ICMP User-Defined 1 Internet Control Message Protocol is often used for diagnostic purposes. ICQ UDP 4000 This is a popular Internet chat program.
Appendix E Services Table 197 Examples of Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION PPTP_TUNNEL (GRE) User-Defined 47 PPTP (Point-to-Point Tunneling Protocol) enables secure transfer of data over public networks. This is the data channel. RCMD TCP 512 Remote Command Service. REAL_AUDIO TCP 7070 A streaming audio service that enables real time sound over the web. REXEC TCP 514 Remote Execution Daemon. RLOGIN TCP 513 Remote Login.
Appendix E Services Table 197 Examples of Services (continued) 502 NAME PROTOCOL PORT(S) DESCRIPTION TFTP UDP 69 Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). VDOLIVE TCP UDP 7000 userdefined A videoconferencing solution. The UDP port number is specified in the application.
APPENDIX F Internal SPTGEN Internal SPTGEN Overview Internal SPTGEN (System Parameter Table Generator) is a configuration text file useful for efficient configuration of multiple ZyXEL Devices. Internal SPTGEN lets you configure, save and upload multiple menus at the same time using just one configuration text file – eliminating the need to navigate and configure individual screens for each ZyXEL Device.
Appendix F Internal SPTGEN Internal SPTGEN File Modification - Important Points to Remember Each parameter you enter must be preceded by one “=”sign and one space. Some parameters are dependent on others. For example, if you disable the Configured field in menu 1 (see Figure 374 on page 503), then you disable every field in this menu.
Appendix F Internal SPTGEN Figure 377 Internal SPTGEN FTP Download Example c:\ftp 192.168.1.1 220 PPP FTP version 1.0 ready at Sat Jan 1 03:22:12 2000 User (192.168.1.1:(none)): 331 Enter PASS command Password: 230 Logged in ftp>bin 200 Type I OK ftp> get rom-t ftp>bye c:\edit rom-t (edit the rom-t text file by a text editor and save it) " You can rename your “rom-t” file when you save it to your computer but it must be named “rom-t” when you upload it to your ZyXEL Device.
Appendix F Internal SPTGEN Table 198 Abbreviations Used in the Example Internal SPTGEN Screens Table ABBREVIATION MEANING PVA Parameter Values Allowed INPUT An example of what you may enter * Applies to the ZyXEL Device. The following are the Internal SPTGEN menus.
Appendix F Internal SPTGEN Table 200 Menu 3 30200002 = Client IP Pool Starting Address = 192.168.1.33 30200003 = Size of Client IP Pool = 32 30200004 = Primary DNS Server = 0.0.0.0 30200005 = Secondary DNS Server = 0.0.0.0 30200006 = Remote DHCP Server = 0.0.0.0 30200008 = IP Address = 172.21.2.
Appendix F Internal SPTGEN Table 200 Menu 3 30201011 = IP Alias #1 Outgoing protocol filters Set 2 = 256 30201012 = IP Alias #1 Outgoing protocol filters Set 3 = 256 30201013 = IP Alias #1 Outgoing protocol filters Set 4 = 256 30201014 = IP Alias 2 <0(No) | 1(Yes)> = 0 30201015 = IP Address = 0.0.0.
Appendix F Internal SPTGEN Table 200 Menu 3 30500007 = Default Key <1|2|3|4> = 0 30500008 = WEP Key1 = 30500009 = WEP Key2 = 30500010 = WEP Key3 = 30500011 = WEP Key4 = 30500012 = Wlan Active <0(Disable) | 1(Enable)> = 0 */ MENU 3.5.
Appendix F Internal SPTGEN Table 201 Menu 4 Internet Access Setup (continued) 510 40000006 = VPI # = 0 40000007 = VCI # 40000008 = Service Name = any 40000009 = My Login = test@pqa 40000010 = My Password = 1234 40000011 = Single User Account <0(No) | 1(Yes)> = 1 40000012 = IP Address Assignment <0(Static)|1( Dynamic)> = 1 40000013 = IP Address = 0.0.0.0 40000014 = Remote IP address = 0.0.0.
Appendix F Internal SPTGEN Table 202 Menu 12 / Menu 12.1.1 IP Static Route Setup FIN FN PVA INPUT 120101001 = IP Static Route set #1, Name = 120101002 = IP Static Route set #1, Active <0(No) |1(Yes)> = 0 120101003 = IP Static Route set #1, Destination IP address = 0.0.0.0 120101004 = IP Static Route set #1, Destination IP subnetmask = 0 120101005 = IP Static Route set #1, Gateway = 0.0.0.
Appendix F Internal SPTGEN Table 202 Menu 12 (continued) 120104005 = IP Static Route set #4, Gateway 120104006 = IP Static Route set #4, Metric 120104007 = IP Static Route set #4, Private = 0.0.0.0 = 0 <0(No) |1(Yes)> = 0 PVA INPUT / Menu 12.1.5 IP Static Route Setup FIN FN 120105001 = IP Static Route set #5, Name = 120105002 = IP Static Route set #5, Active <0(No) |1(Yes)> = 0 120105003 = IP Static Route set #5, Destination IP address = 0.0.0.
Appendix F Internal SPTGEN Table 202 Menu 12 (continued) 120108004 = IP Static Route set #8, Destination IP subnetmask = 0 120108005 = IP Static Route set #8, Gateway = 0.0.0.0 120108006 = IP Static Route set #8, Metric = 0 120108007 = IP Static Route set #8, Private <0(No) |1(Yes)> = 0 */ Menu 12.1.
Appendix F Internal SPTGEN Table 202 Menu 12 (continued) 120112003 = IP Static Route set #12, Destination IP address = 0.0.0.0 120112004 = IP Static Route set #12, Destination IP subnetmask = 0 120112005 = IP Static Route set #12, Gateway = 0.0.0.0 120112006 = IP Static Route set #12, Metric = 0 120112007 = IP Static Route set #12, Private <0(No) |1(Yes)> = 0 */ Menu 12.1.
Appendix F Internal SPTGEN Table 202 Menu 12 (continued) 120116001 = IP Static Route set #16, Name = 120116002 = IP Static Route set #16, Active <0(No) |1(Yes)> = 0 120116003 = IP Static Route set #16, Destination IP address = 0.0.0.0 120116004 = IP Static Route set #16, Destination IP subnetmask = 0 120116005 = IP Static Route set #16, Gateway = 0.0.0.
Appendix F Internal SPTGEN Table 203 Menu 15 SUA Server Setup (continued) 516 150000023 = SUA Server #6 Protocol <0(All)|6(TCP)|17(U DP)> = 0 150000024 = SUA Server #6 Port Start = 0 150000025 = SUA Server #6 Port End = 0 150000026 = SUA Server #6 Local IP address = 0.0.0.0 150000027 = SUA Server #7 Active <0(No) | 1(Yes)> = 0 150000028 = SUA Server #7 Protocol <0(All)|6(TCP)|17(U DP)> = 0.0.0.
Appendix F Internal SPTGEN Table 204 Menu 21.1 Filter Set #1 / Menu 21 Filter set #1 FIN FN PVA INPUT 210100001 = Filter Set 1, Name = / Menu 21.1.1.1 set #1, rule #1 FIN FN PVA INPUT 210101001 = IP Filter Set 1,Rule 1 Type <2(TCP/IP)> = 2 210101002 = IP Filter Set 1,Rule 1 Active <0(No)|1(Yes)> = 1 210101003 = IP Filter Set 1,Rule 1 Protocol = 6 210101004 = IP Filter Set 1,Rule 1 Dest IP address = 0.0.0.
Appendix F Internal SPTGEN Table 204 Menu 21.1 Filter Set #1 (continued) 210102009 = IP Filter Set 1,Rule 2 Src Subnet Mask = 0 210102010 = IP Filter Set 1,Rule 2 Src Port 210102011 = IP Filter Set 1,Rule 2 Src Port Comp <0(none)|1(equal) |2(not equal)|3(less)|4( greater)> = 0 210102013 = IP Filter Set 1,Rule 2 Act Match <1(check next)|2(forward)| 3(drop)> = 3 210102014 = IP Filter Set 1,Rule 2 Act Not Match <1(check next)|2(forward)| 3(drop)> = 1 = 0 / Menu 21.1.1.
Appendix F Internal SPTGEN Table 204 Menu 21.1 Filter Set #1 (continued) 210104005 = IP Filter Set 1,Rule 4 Dest Subnet Mask = 0 210104006 = IP Filter Set 1,Rule 4 Dest Port = 137 210104007 = IP Filter Set 1,Rule 4 Dest Port Comp 210104008 = IP Filter Set 1,Rule 4 Src IP address = 0.0.0.
Appendix F Internal SPTGEN Table 204 Menu 21.1 Filter Set #1 (continued) / Menu 21.1.1.6 set #1, rule #6 FIN FN PVA INPUT 210106001 = IP Filter Set 1,Rule 6 Type <2(TCP/IP)> = 2 210106002 = IP Filter Set 1,Rule 6 Active <0(No)|1(Yes)> = 1 210106003 = IP Filter Set 1,Rule 6 Protocol = 17 210106004 = IP Filter Set 1,Rule 6 Dest IP address = 0.0.0.
Appendix F Internal SPTGEN Table 205 Menu 21.1 Filer Set #2, (continued) 210201007 = IP Filter Set 2, Rule 1 Dest Port Comp <0(none)|1(equal)| 2(not equal)|3(less)|4(g reater)> = 1 210201008 = IP Filter Set 2, Rule 1 Src IP address = 0.0.0.
Appendix F Internal SPTGEN Table 205 Menu 21.1 Filer Set #2, (continued) 210202014 = IP Filter Set 2, Rule 2 Act Not Match <1(check next)|2(forward)|3 (drop)> = 1 / Menu 21.1.2.3 Filter set #2, rule #3 FIN FN PVA INPUT 210203001 = IP Filter Set 2, Rule 3 Type <0(none)|2(TCP/ IP)> = 2 210203002 = IP Filter Set 2, Rule 3 Active <0(No)|1(Yes)> = 1 210203003 = IP Filter Set 2, Rule 3 Protocol = 6 210203004 = IP Filter Set 2, Rule 3 Dest IP address = 0.0.0.
Appendix F Internal SPTGEN Table 205 Menu 21.1 Filer Set #2, (continued) 210204007 = IP Filter Set 2, Rule 4 Dest Port Comp <0(none)|1(equal)| 2(not equal)|3(less)|4(g reater)> = 1 210204008 = IP Filter Set 2, Rule 4 Src IP address = 0.0.0.
Appendix F Internal SPTGEN Table 205 Menu 21.1 Filer Set #2, (continued) 210205014 = IP Filter Set 2, Rule 5 Act Not Match <1(check next)|2(forward)|3 (drop)> = 1 / Menu 21.1.2.6 Filter set #2, rule #6 FIN FN PVA INPUT 210206001 = IP Filter Set 2, Rule 6 Type <0(none)|2(TCP/ IP)> = 2 210206002 = IP Filter Set 2, Rule 6 Active <0(No)|1(Yes)> = 1 210206003 = IP Filter Set 2, Rule 6 Protocol = 17 210206004 = IP Filter Set 2, Rule 6 Dest IP address = 0.0.0.
Appendix F Internal SPTGEN Table 206 Menu 23 System Menus (continued) 230000000 = System Password = 1234 */ Menu 23.2 System security: radius server FIN FN PVA INPUT 230200001 = Authentication Server Configured <0(No) | 1(Yes)> = 1 230200002 = Authentication Server Active <0(No) | 1(Yes)> = 1 230200003 = Authentication Server IP Address = 192.168.1.
Appendix F Internal SPTGEN Table 207 Menu 24.11 Remote Management Control / Menu 24.11 Remote Management Control FIN FN PVA INPUT 241100001 = TELNET Server Port 241100002 = TELNET Server Access 241100003 = TELNET Server Secured IP address = 0.0.0.0 241100004 = FTP Server Port = 21 241100005 = FTP Server Access 241100006 = FTP Server Secured IP address = 0.0.0.
APPENDIX G Legal Information Copyright Copyright © 2007 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
Appendix G Legal Information If this device does cause harmful interference to radio/television reception, which can be determined by turning the device off and on, the user is encouraged to try to correct the interference by one or more of the following measures: 1 Reorient or relocate the receiving antenna. 2 Increase the separation between the equipment and the receiver. 3 Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
Appendix G Legal Information 3 Select the certification you wish to view from this page. ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase.
Appendix G Legal Information 530 P-2602HWUDL-D User’s Guide
APPENDIX H Customer Support Please have the following information ready when you contact customer support. Required Information • • • • Product model and serial number. Warranty Information. Date that you received your device. Brief description of the problem and the steps you took to solve it. “+” is the (prefix) number you dial to make an international telephone call. Corporate Headquarters (Worldwide) • • • • • • • Support E-mail: support@zyxel.com.tw Sales E-mail: sales@zyxel.com.
Appendix H Customer Support • Regular Mail: ZyXEL Communications, Czech s.r.o., Modranská 621, 143 01 Praha 4 Modrany, Ceská Republika Denmark • • • • • • Support E-mail: support@zyxel.dk Sales E-mail: sales@zyxel.dk Telephone: +45-39-55-07-00 Fax: +45-39-55-07-07 Web: www.zyxel.dk Regular Mail: ZyXEL Communications A/S, Columbusvej, 2860 Soeborg, Denmark Finland • • • • • • Support E-mail: support@zyxel.fi Sales E-mail: sales@zyxel.fi Telephone: +358-9-4780-8411 Fax: +358-9-4780-8448 Web: www.zyxel.
Appendix H Customer Support India • • • • • • Support E-mail: support@zyxel.in Sales E-mail: sales@zyxel.in Telephone: +91-11-30888144 to +91-11-30888153 Fax: +91-11-30888149, +91-11-26810715 Web: http://www.zyxel.in Regular Mail: India - ZyXEL Technology India Pvt Ltd., II-Floor, F2/9 Okhla Phase -1, New Delhi 110020, India Japan • • • • • • Support E-mail: support@zyxel.co.jp Sales E-mail: zyp@zyxel.co.jp Telephone: +81-3-6847-3700 Fax: +81-3-6847-3705 Web: www.zyxel.co.
Appendix H Customer Support • Regular Mail: ZyXEL Communications Inc., 1130 N. Miller St., Anaheim, CA 928062001, U.S.A. Norway • • • • • • Support E-mail: support@zyxel.no Sales E-mail: sales@zyxel.no Telephone: +47-22-80-61-80 Fax: +47-22-80-61-81 Web: www.zyxel.no Regular Mail: ZyXEL Communications A/S, Nils Hansens vei 13, 0667 Oslo, Norway Poland • • • • • E-mail: info@pl.zyxel.com Telephone: +48-22-333 8250 Fax: +48-22-333 8251 Web: www.pl.zyxel.com Regular Mail: ZyXEL Communications, ul.
Appendix H Customer Support Sweden • • • • • • Support E-mail: support@zyxel.se Sales E-mail: sales@zyxel.se Telephone: +46-31-744-7700 Fax: +46-31-744-7701 Web: www.zyxel.se Regular Mail: ZyXEL Communications A/S, Sjöporten 4, 41764 Göteborg, Sweden Thailand • • • • • • Support E-mail: support@zyxel.co.th Sales E-mail: sales@zyxel.co.th Telephone: +662-831-5315 Fax: +662-831-5395 Web: http://www.zyxel.co.th Regular Mail: ZyXEL Thailand Co., Ltd.
Appendix H Customer Support 536 P-2602HWUDL-D User’s Guide
Index Index A B AAL5 436 ACK message 189 adding a printer example 365 adding a printer example, Macintosh OS 370 Address Resolution Protocol (ARP) 147 ADSL2 436 Advanced Encryption Standard See AES.
Index and public-key cryptology 297 and public-private keys 297 and remote hosts 312 creating 302 file formats 301 generating requests 297 importing 300 remote hosts 315 replacing 299 revoked 298 storage space 299 trusted CAs 307, 309 verifying 314 Certification Authority (CA) 297 certifications 527 notices 528 viewing 528 channel 487 interference 487 channel ID 160 CIFS (Common Internet File System) 378 Class of Service 192 client-server protocol 186 codecs 439 comfort noise generation 200, 439 Common Int
Index DoS (Denial of Service) 435 DQPSK 441 DS field 193 DSCPs 192 DSL line, reinitialize 423 DTMF 191 DTMF detection and generation 439 Dual-Tone MultiFrequency 191 dynamic DNS 333, 435 Dynamic Host Configuration Protocol 436 dynamic jitter buffer 439 dynamic secure gateway address 273 dynamic WEP key exchange 493 DYNDNS wildcard 333 E EAP Authentication 491 EAP-MD5 440 echo cancellation 200, 439 e-mail 172 log example 399 emergency numbers 218 encapsulated routing link protocol (ENET ENCAP) 127 encapsul
Index general setup 391 Generic Access Profile, see GAP 203 group ring 216, 438 H hidden node 487 host 392 HTTP (Hypertext Transfer Protocol) 410 HTTP pincode 238 humidity 433 I IANA 145, 484 Internet Assigned Numbers Authority see IANA IANA (Internet Assigned Number Authority) 252 IBSS 485 ID type and content 277 IEEE 802.11g 440, 441, 489 IEEE 802.11g data rates 441 IEEE 802.11g modulation 441 IEEE 802.11g wireless LAN 440 IEEE 802.11i 440 IEEE 802.
Index listening port 198 log out 83 log out (automatic) 83 logs 395 M MAC address filter action 169 MAC filter 168 Management Information Base (MIB) 342 managing the device good habits 44 using FTP. See FTP. using Telnet. See command interface. using the command interface. See command interface.
Index power adaptor 441 power specifications 433 PPP (Point-to-Point Protocol) Link Layer Protocol 436 PPP over ATM AAL5 436 PPP over Ethernet 436 PPPoE 127 benefits 127 PPPoE (Point-to-Point Protocol over Ethernet) 127, 435 preamble mode 489 pre-shared key 279 print server 47 printer sharing 359 and LAN 359 configuration 360 requirements 359 TCP/IP port 360 web configurator 364 priorities 327 priority 329 product registration 529 PSK 494 PSTN and DECT 206 PSTN call setup signaling 191 Public Switched Tele
Index security association 265 Security Parameter Index 288 server 176, 394 Service Set 159 service type 253 services 178 Session Description Protocol 439 Session Initiating Protocol 439 Session Initiation Protocol 185 setup 238 sharing files 378 silence suppression 199, 439 SIP 185 and DECT 206 SIP account 185 SIP accounts 439 SIP ALG 184, 439 SIP ALG passthrough 437 SIP Application Layer Gateway 184, 439 SIP authentication password 107 SIP authentication user ID 107 SIP call progression 188 SIP client 18
Index U UBR (Unspecified Bit Rate) 134, 139 Uniform Resource Identifier 185 Universal Plug and Play 347 application 347 Universal Plug and Play (UPnP) 435 upload firmware 418 UPnP 347 forum 348 security issues 347 USA type call service mode 211 USB and file sharing 377 hard drive 377 printer sharing 359 USB features 47 USB printer 47 V VAD 199, 439 VBR (Variable Bit Rate) 139 VBR-nRT 134 VBR-RT 134 Virtual Channel Identifier (VCI) 128 Virtual Circuit (VC) 128 Virtual Local Area Network 193 Virtual Path Id
Index WWW 172 Z zero configuration Internet access 131, 435 ZyNOS 410 ZyNOS (ZyXEL Network Operating System) 410 ZyNOS F/W version 410 P-2602HWUDL-D User’s Guide 545
Index 546 P-2602HWUDL-D User’s Guide
Index P-2602HWUDL-D User’s Guide 547
Index 548 P-2602HWUDL-D User’s Guide
Index P-2602HWUDL-D User’s Guide 549
Index 550 P-2602HWUDL-D User’s Guide
