P-873HNUP-51B 802.11n Wireless VDSL2 4-port Gateway Default Login Details IP Address http://192.168.1.1 User Name admin Password 1234 Firmware Version 1.10 Edition 1, 5/2011 www.zyxel.com www.zyxel.
About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the ZyXEL Device using the web configurator. Related Documentation • Quick Start Guide The Quick Start Guide is designed to help you get up and running right away. It contains information on setting up your network and configuring for Internet access. • Support Disc Refer to the included CD for support documents.
Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The ZyXEL Device icon is not an exact representation of your device.
Safety Warnings Safety Warnings • • • • • • • • • • • • • • • • • • • • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. Do NOT expose your device to dampness, dust or corrosive liquids. Do NOT store things on the device. Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning. Connect ONLY suitable accessories to the device. Do NOT open the device or unit.
Safety Warnings 6 P-873HNUP-51B User’s Guide
Contents Overview Contents Overview User’s Guide ........................................................................................................................... 19 Introducing the P-873HNUP-51B ...............................................................................................21 The Web Configurator ................................................................................................................29 Quick Start ...........................................................
Contents Overview 8 P-873HNUP-51B User’s Guide
Table of Contents Table of Contents About This User's Guide .......................................................................................................... 3 Document Conventions ........................................................................................................... 3 Safety Warnings........................................................................................................................ 5 Contents Overview .......................................................
Table of Contents Chapter 4 Tutorials ................................................................................................................................... 39 4.1 Overview ..............................................................................................................................39 4.2 Setting Up an ADSL PPPoE Connection .............................................................................39 4.3 HomePNA Example Setup ..................................................
Table of Contents 6.4.7 ATM Traffic Classes ....................................................................................................84 6.4.8 Introduction to VLANs ................................................................................................85 Chapter 7 Wireless ................................................................................................................................... 87 7.1 Overview .....................................................................
Table of Contents 8.11 Technical Reference .........................................................................................................132 8.11.1 LANs, WANs and the ZyXEL Device ......................................................................132 8.11.2 DHCP Setup ...........................................................................................................132 8.11.3 DNS Server Addresses .........................................................................................
Table of Contents 11.8.2 What NAT Does ......................................................................................................170 11.8.3 How NAT Works ......................................................................................................171 11.8.4 NAT Application ......................................................................................................172 Chapter 12 Dynamic DNS Setup ................................................................................
Table of Contents Chapter 16 MAC Filter.............................................................................................................................. 203 16.1 Overview .........................................................................................................................203 16.2 The MAC Filter Screen .....................................................................................................203 Chapter 17 Parental Control .........................................
Table of Contents Chapter 22 Logs ...................................................................................................................................... 227 22.1 Overview ..........................................................................................................................227 22.1.1 What You Can Do in this Chapter ...........................................................................227 22.1.2 What You Need To Know ...................................................
Table of Contents Chapter 28 Time Settings ........................................................................................................................ 251 28.1 Overview ..........................................................................................................................251 28.2 The Time Setting Screen ................................................................................................251 Chapter 29 Logs Setting .................................................
Table of Contents Appendix A Setting up Your Computer’s IP Address ........................................................... 279 Appendix B IP Addresses and Subnetting........................................................................... 301 Appendix C Pop-up Windows, JavaScript and Java Permissions ....................................... 309 Appendix D Wireless LANs.................................................................................................. 319 Appendix E Services.............
Table of Contents 18 P-873HNUP-51B User’s Guide
P ART I User’s Guide 19
C HAPT ER 1 Introducing the P-873HNUP-51B 1.1 Overview The P-873HNUP-51B is a wireless VDSL router and Gigabit Ethernet gateway with Home Phoneline Networking Alliance (HPNA) capability. It has two DSL ports and a Gigabit Ethernet port for superfast Internet access over analog (POTS) telephone lines. If the DSLAM of the ISP supports bonding function, the two DSL ports on the P-873HNUP-51B can be connected to two separate telephone jacks to provide increased throughput at longer distances.
Chapter 1 Introducing the P-873HNUP-51B 1.3 Good Habits for Managing the ZyXEL Device Do the following things regularly to make the ZyXEL Device more secure and to manage the ZyXEL Device more effectively. • Change the password. Use a password that’s not easy to guess and that consists of different types of characters, such as numbers and letters. • Write down the password and put it in a safe place. • Back up the configuration (and make sure you know how to restore it).
Chapter 1 Introducing the P-873HNUP-51B Computers can connect to the ZyXEL Device’s LAN ports (or wirelessly). Figure 1 ZyXEL Device’s Internet Access Application WLAN WAN Bridging IPoE PPPoE ADSL / VDSL LAN A WLAN WAN IPoA / PPPoA LAN ADSL A WLAN WAN Bridging IPoE PPPoE LAN Ethernet A DSL You can also configure IP filtering on the ZyXEL Device for secure Internet access.
Chapter 1 Introducing the P-873HNUP-51B The figure below shows your ZyXEL Device (A) connecting to a phone line outlet for DSL Internet access and a coaxial outlet to relay Internet connectivity to other coaxial outlets in the building. The laptop (B) connects wirelessly to the ZyXEL Device. The set-up box (C) connects into a coaxial outlet in another part of the house for access to online videos.
Chapter 1 Introducing the P-873HNUP-51B 1.5 LEDs (Lights) The following graphic displays the labels of the LEDs. Figure 3 LEDs on the Device None of the LEDs are on if the ZyXEL Device is not receiving power. Table 1 LED Descriptions LED COLOR STATUS DESCRIPTION POWER Green On The ZyXEL Device is receiving power and ready for use. Blinking The ZyXEL Device is self-testing. On The ZyXEL Device detected an error while self-testing, or there is a device malfunction.
Chapter 1 Introducing the P-873HNUP-51B Table 1 LED Descriptions (continued) LED COLOR STATUS ETHERNET WAN Green On The Gigabit Ethernet connection is working. Blinking The ZyXEL Device is sending or receiving data to/from the Gigabit Ethernet link. USB Green DSL1,2 Green Orange INTERNET Green DESCRIPTION Off There is no Gigabit Ethernet link. On The ZyXEL Device recognizes a USB connection. Blinking The ZyXEL Device is sending/receiving data to /from the USB device connected to it.
Chapter 1 Introducing the P-873HNUP-51B 1.7 Wireless Access The ZyXEL Device is a wireless Access Point (AP) for wireless clients, such as notebook computers or PDAs and iPads. It allows them to connect to the Internet without having to rely on inconvenient Ethernet cables. You can configure your wireless network in either the built-in Web Configurator, or using the WPS button. Figure 4 Wireless Access Example 1.7.
Chapter 1 Introducing the P-873HNUP-51B 2 Press the WLAN/WPS button for five seconds and release it. 3 Press the WPS button on another WPS-enabled device within range of the ZyXEL Device. The WLAN/WPS LED flashes green and orange while the ZyXEL Device sets up a WPS connection with the other wireless device. 4 Once the connection is successfully made, the WLAN/WPS LED shines green. To turn off the wireless network, press the WLAN/WPS button on the front of the ZyXEL Device for one to five seconds.
C HAPT ER 2 The Web Configurator 2.1 Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later versions or Mozilla Firefox 3 and later versions or Safari 2.0 and later versions. The recommended screen resolution is 1024 by 768 pixels. In order to use the web configurator you need to allow: • Web browser pop-up windows from your device.
Chapter 2 The Web Configurator password field from knowing the length of your password. If you have changed the password, enter your password and click Login. For security reasons, you will be temporarily denied access to the ZyXEL Device for a period of time (15 minutes by default) if you have entered the incorrect username and password for a certain number of times (three times by default).
Chapter 2 The Web Configurator 5 The Network Map page appears. Figure 7 Network Map Note: For security reasons, the ZyXEL Device automatically logs you out if you do not use the web configurator for ten minutes (default). If this happens, log in again. 6 Click Status to display the Status screen, where you can view the ZyXEL Device’s interface and system information. Note: It is strongly recommended you change the default password. You can do so in the Maintenance > Users Configuration screen.
Chapter 2 The Web Configurator 2.2 Web Configurator Layout Figure 8 Screen Layout A B C As illustrated above, the main screen is divided into these parts: • A - title bar • B - main window • C - navigation panel 2.2.1 Title Bar The title bar provides some icons in the upper right corner.
Chapter 2 The Web Configurator The icons provide the following functions. Table 2 Web Configurator Icons in the Title Bar ICON DESCRIPTION Quick Start: Click this icon to open screens where you can configure the ZyXEL Device’s time zone Internet access, and wireless settings. Logout: Click this icon to log out of the web configurator. 2.2.2 Main Window The main window displays information and configuration fields. It is discussed in the rest of this document.
Chapter 2 The Web Configurator Table 3 Navigation Panel Summary (continued) LINK Home Networking Routing QoS NAT DNS Setting IGMP Setting Interface Group TAB FUNCTION LAN Setup Use this screen to configure LAN TCP/IP settings, and other advanced properties. Static DHCP Use this screen to assign specific IP addresses to individual MAC addresses. UPnP Use this screen to turn UPnP and UPnP NAT-T on or off.
Chapter 2 The Web Configurator Table 3 Navigation Panel Summary (continued) LINK TAB FUNCTION Parental Control Parental Control Use this screen to block web sites with the specific URL. Scheduler Rule Scheduler Rule Use this screen to configure the days and times when a configured restriction (such as parental control) is enforced. Certificates Local Certificates Use this screen to view a summary list of certificates and manage certificates and certification requests.
Chapter 2 The Web Configurator Table 3 Navigation Panel Summary (continued) LINK Diagnostic 36 TAB FUNCTION Ping & TraceRoute & NsLookup Use this screen to identify problems with the DSL connection. You can use Ping, TraceRoute, or Nslookup to help you identify problems. 802.1ag Use this screen to configure CFM (Connectivity Fault Management) MD (maintenance domain) and MA (maintenance association), perform connectivity tests and view test reports.
C HAPT ER 3 Quick Start 3.1 Overview Use the Quick Start screens to configure the ZyXEL Device’s time zone and basic Internet access and wireless settings. Note: See the technical reference chapters (starting on page 63) for background information on the features in this chapter. 3.2 Quick Start Setup 1 Click the Click Start icon in the top right corner of the web configurator to open the quick start screens. Select the time zone of the ZyXEL Device’s location and click Next.
Chapter 3 Quick Start 2 Enter your PPPoE account’s user name and password exactly as provided by your Internet Service Provider (ISP). If your ISP also gave you static IP address settings to use, select Yes and enter them in the fields that display. Click Next. Figure 10 Internet Connection 3 Turn the wireless LAN on or off. If you keep it on, record the security settings so you can configure your wireless clients to connect to the ZyXEL Device. Click Save.
C HAPT ER 4 Tutorials 4.1 Overview This chapter shows you how to use the ZyXEL Device’s various features.
Chapter 4 Tutorials 2 In this example, the DSL connection has the following information. General Connection Name MyDSLConnection Type ADSL over ATM Connection Mode Routing Encapsulation PPPoE ATM PVC Configuration VPI/VCI 36/48 Encapsulation Mode LLC/SNAP-Bridging Service Category UBR without PCR Account Information PPP User Name 1234@DSL-Ex.com PPP Password ABCDEF! PPPoE Service Name MyDSL Static IP Address 192.168.1.
Chapter 4 Tutorials 6 Click Apply to save your settings.
Chapter 4 Tutorials 7 You should see a summary of your new DSL connection setup in the Broadband screen as follows. Try to connect to a website, such as zyxel.com to see if you have correctly set up your Internet connection. Be sure to contact your service provider for any information you need to configure the WAN screens. 4.
Chapter 4 Tutorials The figure below shows the hardware setup for this tutorial: 1 2 3 4 5 1 Log into the ZyXEL Device’s Web Configurator. Go to the Network Settings > HPNA screen. 2 Select Enable in the State field to enable your HPNA port. 3 Connect your ZyXEL Device to the Internet source. This could be either DSL or Ethernet. 4 Connect the ZyXEL Device’s coaxial port a coaxial outlet in your house. This relays Internet connectivity to other coaxial outlets in other parts of the house.
Chapter 4 Tutorials 4.4 Setting Up a Secure Wireless Network Thomas wants to set up a wireless network so that he can use his notebook to access the Internet. In this wireless network, the ZyXEL Device serves as an access point (AP), and the notebook is the wireless client. The wireless client can access the Internet through the AP. Thomas has to configure the wireless network settings on the ZyXEL Device. Then he can set up a wireless network using WPS (Section 4.4.
Chapter 4 Tutorials 1 Click Network Settings > Wireless to open the General screen. Select More Secure as the security level and WPA-PSK as the security mode. Configure the screen using the provided parameters (see page 44). Click Apply. 2 Go to the Wireless > Others screen and select 802.11b/g/n Mixed in the 802.11 Mode field. Click Apply. Thomas can now use the WPS feature to establish a wireless connection between his notebook and the ZyXEL Device (see Section 4.4.2 on page 46).
Chapter 4 Tutorials 4.4.2 Using WPS This section shows you how to set up a wireless network using WPS. It uses the ZyXEL Device as the AP and ZyXEL NWD210N as the wireless client which connects to the notebook. Note: The wireless client must be a WPS-aware device (for example, a WPS USB adapter or PCMCIA card). There are two WPS methods to set up the wireless client settings: • Push Button Configuration (PBC) - simply press a button. This is the easier of the two methods.
Chapter 4 Tutorials Note: Your ZyXEL Device has a WPS button located on its front panel as well as a WPS button in its configuration utility. Both buttons have exactly the same function: you can use one or the other. Note: It doesn’t matter which button is pressed first. You must press the second button within two minutes of pressing the first one. The ZyXEL Device sends the proper configuration settings to the wireless client. This may take up to two minutes.
Chapter 4 Tutorials PIN Configuration When you use the PIN configuration method, you need to use both the ZyXEL Device’s web configurator and the wireless client’s utility. 1 Launch your wireless client’s configuration utility. Go to the WPS settings and select the PIN method to get a PIN number. 2 Log into ZyXEL Device’s web configurator and go to the Network Settings > Wireless > WPS screen. Enable the WPS function and click Apply.
Chapter 4 Tutorials The following figure shows you how to set up a wireless network and its security on a ZyXEL Device and a wireless client by using PIN method. Example WPS Process: PIN Method Wireless Client ZyXEL Device WITHIN 2 MINUTES Authentication by PIN SECURITY INFO COMMUNICATION 4.4.3 Without WPS Use the wireless adapter’s utility installed on the notebook to search for the “Example” SSID.
Chapter 4 Tutorials 4.5 Setting Up Multiple Wireless Groups Company A wants to create different wireless network groups for different types of users as shown in the following figure. Each group has its own SSID and security mode. Company Guest VIP • Employees in Company A will use a general Comapny wireless network group. • Higher management level and important visitors will use the VIP group. • Visiting guests will use the Guest group, which has a lower security mode.
Chapter 4 Tutorials 1 Click Network Settings > Wireless to open the General screen. Use this screen to set up the company’s general wireless network group. Configure the screen using the provided parameters and click Apply. 2 Click Network Settings > Wireless > More AP to open the following screen. Click the Edit icon to configure the second wireless network group.
Chapter 4 Tutorials 52 3 Configure the screen using the provided parameters and click Apply. 4 In the More AP screen, click the Edit icon to configure the third wireless network group.
Chapter 4 Tutorials 5 Configure the screen using the provided parameters and click Apply. 6 Check the status of VIP and Guest in the More AP screen. The yellow bulbs signify that the SSIDs are active and ready for wireless access. 4.6 Setting Up NAT Port Forwarding Thomas manages the Doom server on a computer behind the ZyXEL Device.
Chapter 4 Tutorials configure the port settings and IP address on the ZyXEL Device. Traffic should be forwarded to the port 666 of the Doom server computer which has an IP address of 192.168.1.34. Tutorial: NAT Port Forwarding Setup D=192.168.1.34 LAN WAN port 666 A Thomas may set up the port settings by configuring the port settings for the Doom server computer (see Section 11.2 on page 160 for more information).
Chapter 4 Tutorials 3 The port forwarding settings you configured appear in the table. The ZyXEL Device forwards port 666 traffic to the computer with IP address 192.168.1.34. Players on the Internet then can have access to Thomas’ Doom server. 4.7 Configuring Static Route for Routing to Another Network In order to extend your Intranet and control traffic flowing directions, you may connect a router to the ZyXEL Device’s LAN. The router may be used to separate two department networks.
Chapter 4 Tutorials You need to specify a static routing rule on the ZyXEL Device to specify R as the router in charge of forwarding traffic to N2. In this case, the ZyXEL Device routes traffic from A to R and then R routes the traffic to B. N1 A R N2 B This tutorial uses the following example IP settings: Table 4 IP Settings in this Tutorial DEVICE / COMPUTER IP ADDRESS The ZyXEL Device’s WAN 172.16.1.1 The ZyXEL Device’s LAN 192.168.1.1 A 192.168.1.34 R’s N1 192.168.1.253 R’s N2 192.168.
Chapter 4 Tutorials 4c 4d 4a Select the interface that is in use. Select Enable in the Use Gateway IP Address field. Type 192.168.1.253 (R’s N1 address) in the Gateway IP Address field. Click Apply. Now B should be able to receive traffic from A. You may need to additionally configure B’s firewall settings to allow specific traffic to pass through. 4.8 Configuring QoS Queue and Class Setup This section contains tutorials on how you can configure the QoS screen.
Chapter 4 Tutorials Note: QoS is applied to traffic flowing out of the ZyXEL Device. Traffic that does not match this class is assigned a priority queue based on the internal QoS mapping table on the ZyXEL Device. QoS Example DSL 10,000 kbps Your computer IP=192.168.1.23 and/or MAC=AA:FF:AA:FF:AA:FF E-mail traffic: Highest priority 1 A colleague’s computer Other traffic: Automatic classifier Click Network Settings > QoS > General and select Active.
Chapter 4 Tutorials • Rate Limit: 5,000 (kbps) Tutorial: Advanced > QoS > Queue Setup 3 Click Class Setup > Add new Classifier to create a new class. Check Active and follow the settings as shown in the screen below.
Chapter 4 Tutorials Class Name Give a class name to this traffic, such as E-mail in this example. From Interface This is the interface from which the traffic will be coming from. Select LAN1 for this example. Ether Type Select IP to identify the traffic source by its IP address or MAC address. IP Address Type the IP address of your computer - 192.168.1.23. Type the IP Subnet Mask if you know it. MAC Address Type the MAC address of your computer - AA:FF:AA:FF:AA:FF.
Chapter 4 Tutorials 4.9.1 Registering a DDNS Account on www.dyndns.org 1 Open a browser and type http://www.dyndns.org. 2 Apply for a user account. This tutorial uses UserName1 and 12345 as the username and password. 3 Log into www.dyndns.org using your account. 4 Add a new DDNS host name. This tutorial uses the following settings as an example. • Hostname: zyxelrouter.dyndns.org • Service Type: Host with IP address • IP Address: Enter the WAN IP address that your ZyXEL Device is currently using.
Chapter 4 Tutorials 62 P-873HNUP-51B User’s Guide
P ART II Technical Reference 63
C HAPT ER 5 Network Map and Status Screens 5.1 Overview After you log into the Web Configurator, the Network Map screen appears. This shows the network connection status of the ZyXEL Device and clients connected to it. You can use the Status screen to look at the current status of the ZyXEL Device, system resources, and interfaces (LAN, WAN, and WLAN). 5.2 The Network Map Screen Use this screen to view the network connection status of the device and its clients.
Chapter 5 Network Map and Status Screens Figure 13 Network Map: List Mode In Icon Mode, if you want to view information about a client, click the client’s name and Info. Click the IP address if you want to change it. If you want to change the name or icon of the client, click Change name/icon. Figure 14 Icon Mode: Change name/icon In List Mode, you can also view the client’s information and click on the IP address if you want to change it.
Chapter 5 Network Map and Status Screens 5.3 The Status Screen Use this screen to view the status of the ZyXEL Device. Click Status to open this screen. Figure 15 Status Screen Each field is described in the following table. Table 5 Status Screen LABEL DESCRIPTION Refresh Interval Select how often you want the ZyXEL Device to update this screen. Device Information Host Name This field displays the ZyXEL Device system name. It is used for identification.
Chapter 5 Network Map and Status Screens Table 5 Status Screen (continued) LABEL DESCRIPTION IP Address This is the current IP address of the ZyXEL Device in the LAN. IP Subnet Mask This is the current subnet mask in the LAN. DHCP This field displays what DHCP services the ZyXEL Device is providing to the LAN. Choices are: Server - The ZyXEL Device is a DHCP server in the LAN. It assigns IP addresses to other computers in the LAN.
Chapter 5 Network Map and Status Screens Table 5 Status Screen (continued) LABEL DESCRIPTION CPU Usage This field displays what percentage of the ZyXEL Device’s processing ability is currently used. When this percentage is close to 100%, the ZyXEL Device is running at full load, and the throughput is not going to improve anymore. If you want some applications to have more throughput, you should turn off other applications (for example, using QoS; see Chapter 10 on page 139).
Chapter 5 Network Map and Status Screens 70 P-873HNUP-51B User’s Guide
C HAPT ER 6 Broadband 6.1 Overview This chapter describes how to configure WAN settings from the Broadband screen. Use this screen to configure your ZyXEL Device for Internet access. If the DSLAM of your ISP supports DSL bonding, you can connect the two DSL ports on the ZyXEL Device to two separate telephone jacks and enable the bonding feature in the DSL screen. The bonding feature provides increased throughput at longer distances.
Chapter 6 Broadband WAN IP Address The WAN IP address is an IP address for the ZyXEL Device, which makes it accessible from an outside network. It is used by the ZyXEL Device to communicate with other devices in other networks. It can be static (fixed) or dynamically assigned by the ISP each time the ZyXEL Device tries to access the Internet.
Chapter 6 Broadband 6.2 The Broadband Screen Use this screen to change your ZyXEL Device’s Internet access settings. Click Network Settings> Broadband from the menu. The summary table shows you the configured WAN services (connections) on the ZyXEL Device. Figure 17 Network Settings > Broadband The following table describes the labels in this screen. Table 6 Network Settings > Broadband LABEL DESCRIPTION PTM over ADSL Select Enable to use PTM over ADSL.
Chapter 6 Broadband 6.2.1 Add/Edit Broadband Click Add new WAN interface in the Broadband screen or the Edit icon next to an existing WAN interface to configure a WAN connection. The screen differs according to the mode and encapsulation you choose. This screen displays when you select Routing mode and PPPoE encapsulation.
Chapter 6 Broadband The following table describes the labels in this screen. Table 7 Broadband: Add/Edit: PPPoE Encapsulation LABEL DESCRIPTION General Active Select this to activate the WAN configuration settings. Name Specify a descriptive name for this connection. This field is view only if you are editing the WAN connection. Type Select whether it is ADSL/VDSL over PTM, ADSL over ATM, or Ethernet connection.
Chapter 6 Broadband Table 7 Broadband: Add/Edit: PPPoE Encapsulation (continued) LABEL DESCRIPTION Encapsulation Mode Select the method of multiplexing used by your ISP from the drop-down list box. Choices are: • • • • Service Category LLC/SNAP-BRIDGING: In LCC encapsulation, bridged PDUs are encapsulated by identifying the type of the bridged media in the SNAP header. This is available only when you select IPoE or PPPoE in the Select DSL Link Type field.
Chapter 6 Broadband Table 7 Broadband: Add/Edit: PPPoE Encapsulation (continued) LABEL DESCRIPTION PPPoE Passthrough This field is available when you select PPPoE encapsulation. In addition to the ZyXEL Device’s built-in PPPoE client, you can enable PPPoE pass through to allow up to ten hosts on the LAN to use PPPoE client software on their computers to connect to the ISP via the ZyXEL Device. Each host can have a separate account and a public WAN IP address.
Chapter 6 Broadband Table 7 Broadband: Add/Edit: PPPoE Encapsulation (continued) LABEL DESCRIPTION Apply Click Apply to save your changes back to the ZyXEL Device. Cancel Click Cancel to exit this screen without saving. 6.2.1.1 Bridge This screen displays when you select the Bridge mode. Figure 19 Broadband: Add/Edit: Bridge Mode The following table describes the labels in this screen.
Chapter 6 Broadband Table 8 Broadband: Add/Edit: Bridge Mode (continued) LABEL DESCRIPTION VCI The valid range for the VCI is 32 to 65535 (0 to 31 is reserved for local management of ATM traffic). Enter the VCI assigned to you. DSL Link Type This field is not editable. EoA (Ethernet over ATM) uses an Ethernet header in the packet, so that you can have multiple services/connections over one PVC.
Chapter 6 Broadband 6.3 The DSL Screen If the DSLAM of your ISP supports DSL bonding, you can connect the two DSL ports on the ZyXEL Device to two separate telephone jacks and enable the bonding feature in the DSL screen. DSL signals have distance limitations. VDSL2 (profile 17a) supports greater speed but offer shorter distances (within 3000 ft). The farther away the subscribers are from the DSLAM, the slower the speed. VDSL (profile 12a) provides longer distance range (over 3000 ft) but at lower speeds.
Chapter 6 Broadband Click Broadband > DSL to display the following screen. Figure 20 Broadband > DSL The following table describes the labels in this screen. Table 10 Broadband > DSL LABEL DESCRIPTION DSL Bonding State Select Enable to use the DSL bonding and ADSL fallback features. Make sure your ISP supports these functions. Multi-PHY Current This shows the current bonding mode the ZyXEL Device is using. You can change it in the Mode field.
Chapter 6 Broadband 6.4 Technical Reference This section provides some technical background information about the topics covered in this chapter. 6.4.1 Encapsulation Be sure to use the encapsulation method required by your ISP. The ZyXEL Device supports the following methods. 6.4.1.1 PPP over Ethernet The ZyXEL Device supports PPPoE (Point-to-Point Protocol over Ethernet).
Chapter 6 Broadband 6.4.2 Multiplexing There are two conventions to identify what protocols the virtual circuit (VC) is carrying. Be sure to use the multiplexing method required by your ISP. VC-based Multiplexing In this case, by prior mutual agreement, each protocol is assigned to a specific virtual circuit; for example, VC1 carries IP, etc. VC-based multiplexing may be dominant in environments where dynamic creation of large numbers of ATM VCs is fast and economical.
Chapter 6 Broadband 6.4.5 NAT NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network. 6.4.6 Traffic Shaping Traffic Shaping is an agreement between the carrier and the subscriber to regulate the average rate and fluctuations of data transmission over an ATM network.
Chapter 6 Broadband Constant Bit Rate (CBR) Constant Bit Rate (CBR) provides fixed bandwidth that is always available even if no data is being sent. CBR traffic is generally time-sensitive (doesn't tolerate delay). CBR is used for connections that continuously require a specific amount of bandwidth. A PCR is specified and if traffic exceeds this rate, cells may be dropped. Examples of connections that need CBR would be high-resolution video and voice.
Chapter 6 Broadband VLANs can be created statically by hand or dynamically through GVRP. The VLAN ID associates a frame with a specific VLAN and provides the information that switches need to process the frame across the network.
C HAPT ER 7 Wireless 7.1 Overview This chapter describes the ZyXEL Device’s Network Settings > Wireless screens. Use these screens to set up your ZyXEL Device’s wireless connection. 7.1.1 What You Can Do in this Chapter This section describes the ZyXEL Device’s Wireless screens. Use these screens to set up your ZyXEL Device’s wireless connection. • Use the General screen to enable the Wireless LAN, enter the SSID and select the wireless security mode (Section 7.2 on page 88).
Chapter 7 Wireless 7.1.2 What You Need to Know Wireless Basics “Wireless” is essentially radio communication. In the same way that walkie-talkie radios send and receive information over the airwaves, wireless networking devices exchange information with one another. A wireless networking device is just like a radio that lets your computer exchange information with radios attached to other computers.
Chapter 7 Wireless Click Network Settings > Wireless to open the General screen. Figure 22 Network Settings > Wireless > General The following table describes the general wireless LAN labels in this screen. Table 11 Network Settings > Wireless > General LABEL DESCRIPTION Wireless Network Setup Wireless You can Enable or Disable the wireless LAN in this field. Channel Set the channel depending on your particular region.
Chapter 7 Wireless Table 11 Network Settings > Wireless > General (continued) LABEL DESCRIPTION Wireless Network Settings Wireless Network Name (SSID) The SSID (Service Set IDentity) identifies the service set with which a wireless device is associated. Wireless devices associating to the access point (AP) must have the same SSID. Enter a descriptive name (up to 32 English keyboard characters) for the wireless LAN.
Chapter 7 Wireless The following table describes the labels in this screen. Table 12 Wireless > General: No Security LABEL DESCRIPTION Security Level Choose No Security from the drop-down list box. 7.2.2 Basic (WEP Encryption) WEP encryption scrambles the data transmitted between the wireless stations and the access points (AP) to keep network communications private. Both the wireless stations and the access points must use the same WEP key. Note: WEP is extremely insecure.
Chapter 7 Wireless The following table describes the labels in this screen. Table 13 Wireless > General: Basic (WEP) LABEL DESCRIPTION Security Level Select Basic to enable WEP data encryption. Generate password automatically Select this option to have the ZyXEL Device automatically generate a password. The password field will not be configurable when you select this option. Password 1~4 The password (WEP keys) are used to encrypt data.
Chapter 7 Wireless 7.2.3 More Secure (WPA(2)-PSK) The WPA-PSK security mode provides both improved data encryption and user authentication over WEP. Using a Pre-Shared Key (PSK), both the ZyXEL Device and the connecting client share a common password in order to validate the connection. This type of encryption, while robust, is not as strong as WPA, WPA2 or even WPA2-PSK. The WPA2-PSK security mode is a newer, more robust version of the WPA encryption standard.
Chapter 7 Wireless Table 14 Wireless > General: More Secure: WPA(2)-PSK (continued) LABEL DESCRIPTION Encryption Select the encryption type (AES or TKIP+AES) for data encryption. Select AES if your wireless clients can all use AES. Select TKIP+AES to allow the wireless clients to use either TKIP or AES. Group Key Update Timer The Group Key Update Timer is the rate at which the RADIUS server sends a new group key out to all clients.
Chapter 7 Wireless The following table describes the labels in this screen. Table 15 Wireless > General: More Secure: WPA(2) LABEL DESCRIPTION Security Level Select More Secure to enable WPA(2)-PSK data encryption. Security Mode Choose WPA or WPA2 from the drop-down list box. Authentication Server IP Address Enter the IP address of the external authentication server in dotted decimal notation. Port Number Enter the port number of the external authentication server.
Chapter 7 Wireless The following table describes the labels in this screen. Table 16 Network Settings > Wireless > More AP LABEL DESCRIPTION # This is the index number of the entry. Status This field indicates whether this SSID is active. A yellow bulb signifies that this SSID is active. A gray bulb signifies that this SSID is not active. SSID An SSID profile is the set of parameters relating to one of the ZyXEL Device’s BSSs.
Chapter 7 Wireless Table 17 More AP: Edit (continued) LABEL DESCRIPTION Wireless Network Name (SSID) The SSID (Service Set IDentity) identifies the service set with which a wireless device is associated. Wireless devices associating to the access point (AP) must have the same SSID. Enter a descriptive name (up to 32 English keyboard characters) for the wireless LAN.
Chapter 7 Wireless The following table describes the labels in this screen. Table 18 Wireless > MAC Authentication LABEL DESCRIPTION SSID Select the SSID for which you want to configure MAC filter settings. MAC List Define the filter action for the list of MAC addresses in the MAC Address table. Select Disable to turn off MAC filtering. Select Allow to permit access to the ZyXEL Device. MAC addresses not listed will be denied access to the ZyXEL Device. Select Deny to block access to the ZyXEL Device.
Chapter 7 Wireless Click Network Settings > Wireless > WPS. The following screen displays. Select Enable and click Apply to activate the WPS function. Then you can configure the WPS settings in this screen. Figure 30 Network Settings > Wireless > WPS The following table describes the labels in this screen. Table 19 Network Settings > Wireless > WPS LABEL DESCRIPTION Enable WPS Select Enable to activate WPS on the ZyXEL Device.
Chapter 7 Wireless Table 19 Network Settings > Wireless > WPS (continued) LABEL Release Configuration DESCRIPTION The default WPS status is configured. Click this button to remove all configured wireless and wireless security settings for WPS connections on the ZyXEL Device. Generate New PIN Number The PIN (Personal Identification Number) of the ZyXEL Device is shown here. Enter this PIN in the configuration utility of the device you want to connect to using WPS.
Chapter 7 Wireless Table 20 Network Settings > Wireless > Others (continued) LABEL DESCRIPTION Output Power Set the output power of the ZyXEL Device. If there is a high density of APs in an area, decrease the output power to reduce interference with other APs. Select one of the following: 20%, 40%, 60%, 80% or 100%. 802.11 Mode Select 802.11b Only to allow only IEEE 802.11b compliant WLAN devices to associate with the ZyXEL Device. Select 802.11g Only to allow only IEEE 802.
Chapter 7 Wireless • An “infrastructure” type of network has one or more access points and one or more wireless clients. The wireless clients connect to the access points. • An “ad-hoc” type of network is one in which there is no access point. Wireless clients connect to one another in order to exchange information. The following figure provides an example of a wireless network. Figure 32 Example of a Wireless Network The wireless network is the part in the blue circle.
Chapter 7 Wireless variety of networks to exist in the same place without interfering with one another. When you create a network, you must select a channel to use. Since the available unlicensed spectrum varies from one country to another, the number of available channels also varies. 7.7.2 Additional Wireless Terms The following table describes some wireless network terms and acronyms used in the ZyXEL Device’s Web Configurator.
Chapter 7 Wireless long string of apparently random numbers and letters - but it is not very secure if you use a short key which is very easy to guess - for example, a three-letter word from the dictionary. Because of the damage that can be done by a malicious attacker, it’s not just people who have sensitive information on their network who should use security. Everybody who uses any wireless network should ensure that effective security is in place.
Chapter 7 Wireless Unauthorized wireless devices can still see the information that is sent in the wireless network, even if they cannot use the wireless network. Furthermore, there are ways for unauthorized wireless users to get a valid user name and password. Then, they can use that user name and password to use the wireless network. 7.7.3.4 Encryption Wireless networks can use encryption to protect the information that is sent in the wireless network. Encryption is like a secret code.
Chapter 7 Wireless transmissions, such as military or air traffic control communications, or from machines that are coincidental emitters such as electric motors or microwaves. Problems with absorption occur when physical objects (such as thick walls) are between the two radios, muffling the signal. 7.7.5 BSS A Basic Service Set (BSS) exists when all communications between wireless stations or between a wireless station and a wired network client go through one access point (AP).
Chapter 7 Wireless 7.7.6.1 Notes on Multiple BSSs • A maximum of eight BSSs are allowed on one AP simultaneously. • You must use different keys for different BSSs. If two wireless devices have different BSSIDs (they are in different BSSs), but have the same keys, they may hear each other’s communications (but not communicate with each other). • MBSSID should not replace but rather be used in conjunction with 802.1x security. 7.7.
Chapter 7 Wireless 1 Ensure that the two devices you want to set up are within wireless range of one another. 2 Look for a WPS button on each device. If the device does not have one, log into its configuration utility and locate the button (see the device’s User’s Guide for how to do this - for the ZyXEL Device, see Section 7.6 on page 100). 3 Press the button on one of the devices (it doesn’t matter which). For the ZyXEL Device you must press the WPS button for more than three seconds.
Chapter 7 Wireless 8 On a computer connected to the wireless client, try to connect to the Internet. If you can connect, WPS was successful. If you cannot connect, check the list of associated wireless clients in the AP’s configuration utility. If you see the wireless client in the list, WPS was successful. The following figure shows a WPS-enabled wireless client (installed in a notebook computer) connecting to the WPS-enabled AP via the PIN method.
Chapter 7 Wireless depends on the standards supported by the devices. If the registrar is already part of a network, it sends the existing information. If not, it generates the SSID and WPA(2)-PSK randomly. The following figure shows a WPS-enabled client (installed in a notebook computer) connecting to a WPS-enabled access point.
Chapter 7 Wireless The following figure shows an example network. In step 1, both AP1 and Client 1 are unconfigured. When WPS is activated on both, they perform the handshake. In this example, AP1 is the registrar, and Client 1 is the enrollee. The registrar randomly generates the security information to set up the network, since it is unconfigured and has no existing information.
Chapter 7 Wireless In step 3, you add another access point (AP2) to your network. AP2 is out of range of AP1, so you cannot use AP1 for the WPS handshake with the new access point. However, you know that Client 2 supports the registrar function, so you use it to perform the WPS handshake instead. Figure 38 WPS: Example Network Step 3 EXISTING CONNECTION CLIENT 1 E CO ING T XIS ION CT E NN AP1 REGISTRAR CLIENT 2 SE CU RIT Y ENROLLEE INF O AP2 7.7.8.
Chapter 7 Wireless • When you use the PBC method, there is a short period (from the moment you press the button on one device to the moment you press the button on the other device) when any WPS-enabled device could join the network. This is because the registrar has no way of identifying the “correct” enrollee, and cannot differentiate between your enrollee and a rogue device. This is a possible way for a hacker to gain access to a network. You can easily check to see if this has happened.
Chapter 7 Wireless 114 P-873HNUP-51B User’s Guide
C HAPT ER 8 Home Networking 8.1 Overview A Local Area Network (LAN) is a shared communication system to which many networking devices are connected. It is usually located in one immediate area such as a building or floor of a building. Use the LAN screens to help you configure a LAN DHCP server and manage IP addresses. LAN DSL 8.1.1 What You Can Do in this Chapter • Use the LAN Setup screen to set the LAN IP address, subnet mask, and DHCP settings of your ZyXEL device (Section 8.2 on page 117).
Chapter 8 Home Networking 8.1.2 What You Need To Know 8.1.2.1 About LAN IP Address IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet Mask Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
Chapter 8 Home Networking Cautions with UPnP The automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues. Network information and configuration may also be obtained and modified by users in some network environments. When a UPnP device joins a network, it announces its presence with a multicast message. For security reasons, the ZyXEL Device allows multicast messages on the LAN only.
Chapter 8 Home Networking 3 Click Apply to save your settings. Figure 39 Network Settings > Home Networking > LAN Setup The following table describes the fields in this screen. Table 23 Network Settings > Home Networking > LAN Setup LABEL DESCRIPTION Group Name Select the interface group name for which you want to configure LAN settings. See Chapter 14 on page 189 for how to create a new interface group.
Chapter 8 Home Networking Table 23 Network Settings > Home Networking > LAN Setup (continued) LABEL DESCRIPTION DHCP Relay Server Address This field is only available when you select DHCP Relay in the DHCP field. IP Address Enter the IP address of the actual remote DHCP server in this field. IP Addressing Values This field is only available when you select Enable in the DHCP field. Beginning IP Address This field specifies the first of the contiguous addresses in the IP address pool.
Chapter 8 Home Networking The following table describes the labels in this screen. Table 24 Network Settings > Home Networking > Static DHCP LABEL DESCRIPTION Add new static lease Click this to add a new static DHCP entry. # This is the index number of the entry. Status This field displays whether the client is connected to the ZyXEL Device. MAC Address The MAC (Media Access Control) or Ethernet address on a LAN (Local Area Network) is unique to your computer (six pairs of hexadecimal notation).
Chapter 8 Home Networking Table 25 Static DHCP: Add/Edit (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 8.4 The UPnP Screen Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices. A UPnP device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network.
Chapter 8 Home Networking 2 Click on the Windows Setup tab and select Communication in the Components selection box. Click Details. Add/Remove Programs: Windows Setup: Communication 3 In the Communications window, select the Universal Plug and Play check box in the Components selection box.
Chapter 8 Home Networking 4 Click OK to go back to the Add/Remove Programs Properties window and click Next. 5 Restart the computer when prompted. Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. 1 Click Start and Control Panel. 2 Double-click Network Connections. 3 In the Network Connections window, click Advanced in the main menu and select Optional Networking Components ….
Chapter 8 Home Networking 5 In the Networking Services window, select the Universal Plug and Play check box. Networking Services 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. 8.6 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the ZyXEL Device. Make sure the computer is connected to a LAN port of the ZyXEL Device.
Chapter 8 Home Networking 2 Right-click the icon and select Properties. Network Connections 3 In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created.
Chapter 8 Home Networking 4 You may edit or delete the port mappings or click Add to manually add port mappings. Internet Connection Properties: Advanced Settings Internet Connection Properties: Advanced Settings: Add 5 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. 6 Select Show icon in notification area when connected option and click OK. An icon displays in the system tray.
Chapter 8 Home Networking 7 Double-click on the icon to display your current Internet connection status. Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the ZyXEL Device without finding out the IP address of the ZyXEL Device first. This comes helpful if you do not know the IP address of the ZyXEL Device. Follow the steps below to access the web configurator. 1 Click Start and then Control Panel. 2 Double-click Network Connections.
Chapter 8 Home Networking 3 Select My Network Places under Other Places. Network Connections 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click on the icon for your ZyXEL Device and select Invoke. The web configurator login screen displays.
Chapter 8 Home Networking 6 Right-click on the icon for your ZyXEL Device and select Properties. A properties window displays with basic information about the ZyXEL Device. Network Connections: My Network Places: Properties: Example 8.7 The STB Vendor ID Screen Click Network Settings > Home Networking > STB Vendor ID to open this screen. Set Top Box (STB) devices with dynamic IP addresses sometimes don’t renew their IP addresses before the lease time expires.
Chapter 8 Home Networking The following table describes the fields in this screen. Table 27 Network Settings > Home Networking > STB Vendor ID LABEL DESCRIPTION Vendor ID 1 ~ 5 Enter the STB’s vendor ID. Apply Click Apply to save your changes back to the ZyXEL Device. Cancel Click Cancel to exit this screen without saving. 8.8 The HPNA Screen Click Network Settings > Home Networking > HPNA to open this screen. Use this screen to enable or disable the HPNA port.
Chapter 8 Home Networking The following table describes the fields in this screen. Table 29 Network Settings > Home Networking > 5th Ethernet Port LABEL DESCRIPTION State Select Enable to use the Ethernet WAN port as a LAN port on the ZyXEL Device. Apply Click Apply to save your changes back to the ZyXEL Device. Cancel Click Cancel to exit this screen without saving. 8.10 The LAN VLAN Screen Click Network Settings > Home Networking > LAN VLAN to open this screen.
Chapter 8 Home Networking Table 30 Network Settings > Home Networking > LAN VLAN (continued) LABEL DESCRIPTION VLAN ID If you will add or remark tags for this LAN port’s downstream traffic, specify the VLAN ID (from 0 to 4094) to use here. Apply Click Apply to save your changes back to the ZyXEL Device. Cancel Click Cancel to exit this screen without saving. 8.11 Technical Reference This section provides some technical background information about the topics covered in this chapter. 8.11.
Chapter 8 Home Networking 8.11.3 DNS Server Addresses DNS (Domain Name System) maps a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it. The DNS server addresses you enter when you set up DHCP are passed to the client machines along with the assigned IP address and subnet mask. There are two ways that an ISP disseminates the DNS server addresses.
Chapter 8 Home Networking The subnet mask specifies the network number portion of an IP address. Your ZyXEL Device will compute the subnet mask automatically based on the IP address that you entered. You don't need to change the subnet mask computed by the ZyXEL Device unless you are instructed to do otherwise. Private IP Addresses Every machine on the Internet must have a unique address.
C HAPT ER 9 Static Routing 9.1 Overview The ZyXEL Device usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the ZyXEL Device send data to devices not reachable through the default gateway, use static routes. For example, the next figure shows a computer (A) connected to the ZyXEL Device’s LAN interface. The ZyXEL Device routes most traffic from A to the Internet through the ZyXEL Device’s default gateway (R1).
Chapter 9 Static Routing 9.2 The Routing Screen Use this screen to view and configure the static route rules on the ZyXEL Device. Click Network Settings > Routing > Static Route to open the following screen. Figure 49 Network Settings > Routing > Static Route The following table describes the labels in this screen. Table 31 Network Settings > Routing > Static Route LABEL DESCRIPTION Add new Static Route Entry Click this to configure a new static route. # This is the index number of the entry.
Chapter 9 Static Routing 9.2.1 Add/Edit Static Route Use this screen to add or edit a static route. Click Add new Static Route Entry in the Routing screen or the Edit icon next to the static route you want to edit. The screen shown next appears. Figure 50 Routing: Add/Edit The following table describes the labels in this screen. Table 32 Routing: Add/Edit LABEL DESCRIPTION Active This field allows you to activate/deactivate this static route. Select this to enable the static route.
Chapter 9 Static Routing 138 P-873HNUP-51B User’s Guide
C HAPTER 10 Quality of Service (QoS) 10.1 Overview Quality of Service (QoS) refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. Without QoS, all traffic data is equally likely to be dropped when the network is congested. This can cause a reduction in network performance and make the network inadequate for time-critical application such as video-ondemand.
Chapter 10 Quality of Service (QoS) 10.2 What You Need to Know The following terms and concepts may help as you read through this chapter. QoS versus Cos QoS is used to prioritize source-to-destination traffic flows. All packets in the same flow are given the same priority. CoS (class of service) is a way of managing traffic in a network by grouping similar types of traffic together and treating each type as a class. You can use CoS to give different priorities to different packet types.
Chapter 10 Quality of Service (QoS) Traffic Policing Traffic policing is the limiting of the input or output transmission rate of a class of traffic on the basis of user-defined criteria. Traffic policing methods measure traffic flows against user-defined criteria and identify it as either conforming, exceeding or violating the criteria.
Chapter 10 Quality of Service (QoS) The following table describes the labels in this screen. Table 33 Network Settings > QoS > General LABEL DESCRIPTION QoS State Select the Enable check box to turn on QoS to improve your network performance. WAN Managed Upstream Bandwidth Enter the amount of upstream bandwidth for the WAN interfaces that you want to allocate using QoS. The recommendation is to set this speed to match the interfaces’ actual transmission speed.
Chapter 10 Quality of Service (QoS) 10.4 The Queue Setup Screen Click Network Settings > QoS > Queue Setup to open the screen as shown next. Use this screen to configure QoS queue assignment. Figure 52 Network Settings > QoS > Queue Setup The following table describes the labels in this screen. Table 34 Network Settings > QoS > Queue Setup LABEL DESCRIPTION Add new Queue Click this button to create a new queue entry. # This is the index number of the entry.
Chapter 10 Quality of Service (QoS) Table 34 Network Settings > QoS > Queue Setup (continued) LABEL DESCRIPTION Rate Limit This shows the maximum transmission rate allowed for traffic on this queue. Modify Click the Edit icon to edit the queue. Click the Delete icon to delete an existing queue. Note that subsequent rules move up by one when you take this action. 10.4.1 Adding a QoS Queue Click Add new Queue or the edit icon in the Queue Setup screen to configure a queue.
Chapter 10 Quality of Service (QoS) Table 35 Queue Setup: Add (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 10.5 The Class Setup Screen Use this screen to add, edit or delete QoS classifiers. A classifier groups traffic into data flows according to specific criteria such as the source address, destination address, source port number, destination port number or incoming interface.
Chapter 10 Quality of Service (QoS) Table 36 Network Settings > QoS > Class Setup (continued) LABEL DESCRIPTION To Queue This is the name of the queue in which traffic of this classifier is put. Modify Click the Edit icon to edit the classifier. Click the Delete icon to delete an existing classifier. Note that subsequent rules move up by one when you take this action.
Chapter 10 Quality of Service (QoS) 10.5.1 Add/Edit QoS Class Click Add new Classifier in the Class Setup screen or the Edit icon next to a classifier to open the following screen.
Chapter 10 Quality of Service (QoS) The following table describes the labels in this screen. Table 37 Class Setup: Add/Edit LABEL DESCRIPTION Active Select this to enable this classifier. Class Name Enter a descriptive name of up to 15 printable English keyboard characters, not including spaces. Classification Order Select an existing number for where you want to put this classifier to move the classifier to the number you selected after clicking Apply.
Chapter 10 Quality of Service (QoS) Table 37 Class Setup: Add/Edit (continued) LABEL Exclude DESCRIPTION Select this option to exclude the packets that match the specified criteria from this classifier. Others Service This field is available only when you select IP in the Ether Type field. This field simplifies classifier configuration by allowing you to select a predefined application. When you select a predefined application, you do not configure the rest of the filter fields.
Chapter 10 Quality of Service (QoS) Table 37 Class Setup: Add/Edit (continued) LABEL DESCRIPTION VLAN ID If you select Remark, enter a VLAN ID number with which the ZyXEL Device replaces the VLAN ID of the frames. If you select Remove, the ZyXEL Device deletes the VLAN ID of the frames before forwarding them out. If you select Add, the ZyXEL Device treat all matched traffic untagged and add a second VLAN ID. If you select Unchange, the ZyXEL Device keep the VLAN ID in the packets.
Chapter 10 Quality of Service (QoS) Table 38 Network Settings > QoS > Policer Setup (continued) LABEL DESCRIPTION Action This shows the how the policer has the ZyXEL Device treat different types of traffic belonging to the policer’s member QoS classes. Modify Click the Edit icon to edit the policer. Click the Delete icon to delete an existing policer. Note that subsequent rules move up by one when you take this action. 10.6.
Chapter 10 Quality of Service (QoS) Table 39 Policer Setup: Add/Edit (continued) LABEL DESCRIPTION Committed Burst Size Specify the committed burst size for packet bursts. This must be equal to or less than the peak burst size (two rate three color) or excess burst size (single rate three color) if it is also configured. This is the maximum size of the (first) token bucket in a traffic metering algorithm.
Chapter 10 Quality of Service (QoS) The following table describes the labels in this screen. Table 40 Network Settings > QoS > Monitor LABEL DESCRIPTION Refresh Interval Enter how often you want the ZyXEL Device to update this screen. Select None to stop refreshing statistics. Interface Monitor # This is the index number of the entry. Name This shows the name of the interface on the ZyXEL Device. Pass Rate This shows how many packets forwarded to this interface are transmitted successfully.
Chapter 10 Quality of Service (QoS) Table 41 IEEE 802.1p Priority Level and Traffic Type (continued) PRIORITY LEVEL TRAFFIC TYPE Level 1 This is typically used for non-critical “background” traffic such as bulk transfers that are allowed but that should not affect other applications and users. Level 0 Typically used for best-effort traffic. DiffServ QoS is used to prioritize source-to-destination traffic flows. All packets in the flow are given the same priority.
Chapter 10 Quality of Service (QoS) The following table shows you the internal layer-2 and layer-3 QoS mapping on the ZyXEL Device. On the ZyXEL Device, traffic assigned to higher priority queues gets through faster while traffic in lower index queues is dropped if the network is congested. Table 42 Internal Layer2 and Layer3 QoS Mapping LAYER 2 LAYER 3 PRIORITY QUEUE IEEE 802.
Chapter 10 Quality of Service (QoS) • If there are no tokens in the bucket, the ZyXEL Device stops transmitting until enough tokens are generated. • If not enough tokens are available, the ZyXEL Device treats the packet in either one of the following ways: In traffic shaping: • Holds it in the queue until enough tokens are available in the bucket. In traffic policing: • Drops it. • Transmits it but adds a DSCP mark. The ZyXEL Device may drop these marked packets if the network is overloaded.
Chapter 10 Quality of Service (QoS) on the guaranteed and maximum bandwidth respectively as negotiated between a service provider and client. The trTCM evaluates incoming packets and marks them with one of three colors which refer to packet loss priority levels. High packet loss priority level is referred to as red, medium is referred to as yellow and low is referred to as green. The trTCM is based on the token bucket filter and has two token buckets (Committed Burst Size (CBS) and Peak Burst Size (PBS)).
Chapter 10 Quality of Service (QoS) 158 P-873HNUP-51B User’s Guide
C HAPTER 11 Network Address Translation (NAT) 11.1 Overview This chapter discusses how to configure NAT on the ZyXEL Device. NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network. 11.1.
Chapter 11 Network Address Translation (NAT) WAN side. When the response comes back, NAT translates the destination address (the inside global address) back to the inside local address before forwarding it to the original inside host. Port Forwarding A port forwarding set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visible to the outside world even though NAT makes your whole inside network appear as a single computer to the outside world.
Chapter 11 Network Address Translation (NAT) third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 59 Multiple Servers Behind NAT Example A=192.168.1.33 LAN WAN B=192.168.1.34 192.168.1.1 IP Address assigned by ISP C=192.168.1.3 D=192.168.1.36 Click Network Settings > NAT > Port Forwarding to open the following screen.
Chapter 11 Network Address Translation (NAT) Table 43 Network Settings > NAT > Port Forwarding (continued) LABEL DESCRIPTION Server IP Address This is the server’s IP address. Modify Click the Edit icon to edit this rule. Click the Delete icon to delete an existing rule. 11.2.1 Add/Edit Port Forwarding Click Add new rule in the Port Forwarding screen or click the Edit icon next to an existing rule to open the following screen.
Chapter 11 Network Address Translation (NAT) Table 44 Port Forwarding: Add/Edit (continued) LABEL DESCRIPTION External End Port Enter the last port of the original destination port range. To forward only one port, enter the port number in the External Start Port field above and then enter it again in this field. To forward a series of ports, enter the last port number in a series that begins with the port number in the External Start Port field above.
Chapter 11 Network Address Translation (NAT) 11.3.1 Add New Application This screen lets you create new NAT application rules. Click Add new application in the Applications screen to open the following screen. Figure 63 Applications: Add The following table describes the labels in this screen. Table 46 Applications: Add LABEL DESCRIPTION WAN Interface Select the WAN interface that you want to apply this NAT rule to. Server IP Address Enter the inside IP address of the application here.
Chapter 11 Network Address Translation (NAT) LAN can use the service in the same manner. This way you do not need to configure a new IP address each time you want a different LAN computer to use the application. For example: Figure 64 Trigger Port Forwarding Process: Example 1 Jane requests a file from the Real Audio server (port 7070). 2 Port 7070 is a “trigger” port and causes the ZyXEL Device to record Jane’s computer IP address.
Chapter 11 Network Address Translation (NAT) Table 47 Network Settings > NAT > Port Triggering (continued) LABEL DESCRIPTION Trigger Port The trigger port is a port (or a range of ports) that causes (or triggers) the ZyXEL Device to record the IP address of the LAN computer that sent the traffic to a server on the WAN. Start This is the first port number that identifies a service. End This is the last port number that identifies a service. Trigger Proto.
Chapter 11 Network Address Translation (NAT) The following table describes the labels in this screen. Table 48 Port Triggering: Configuration Add/Edit LABEL DESCRIPTION Active Select the check box to enable this rule. This field is read-only in the Port Triggering Configuration screen. Service Name Enter a name to identify this rule using keyboard characters (A-Z, a-z, 1-2 and so on). This field is read-only in the Port Triggering Edit screen.
Chapter 11 Network Address Translation (NAT) The following table describes the fields in this screen. Table 49 Network Settings > NAT > DMZ LABEL DESCRIPTION Default Server Address Enter the IP address of the default server which receives packets from ports that are not specified in the NAT Port Forwarding screen. Note: If you do not assign a Default Server Address, the ZyXEL Device discards all packets received for ports that are not specified in the NAT Port Forwarding screen.
Chapter 11 Network Address Translation (NAT) 11.7 The Sessions Screen Use the Sessions screen to limit the number of concurrent NAT sessions all clients can use. Click Network Settings > NAT > Sessions to display the following screen. Figure 69 Network Settings > NAT > Sessions The following table describes the fields in this screen.
Chapter 11 Network Address Translation (NAT) Note that inside/outside refers to the location of a host, while global/local refers to the IP address of a host used in a packet. Thus, an inside local address (ILA) is the IP address of an inside host in a packet when the packet is still in the local network, while an inside global address (IGA) is the IP address of the same inside host when the packet is on the WAN side. The following table summarizes this information.
Chapter 11 Network Address Translation (NAT) 11.8.3 How NAT Works Each packet has two addresses – a source address and a destination address. For outgoing packets, the ILA (Inside Local Address) is the source address on the LAN, and the IGA (Inside Global Address) is the source address on the WAN. For incoming packets, the ILA is the destination address on the LAN, and the IGA is the destination address on the WAN.
Chapter 11 Network Address Translation (NAT) 11.8.4 NAT Application The following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP alias) behind the ZyXEL Device can communicate with three distinct WAN networks. Figure 71 NAT Application With IP Alias Port Forwarding: Services and Port Numbers The most often used port numbers are shown in the following table. Please refer to RFC 1700 for further information about port numbers.
Chapter 11 Network Address Translation (NAT) Port Forwarding Example Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 72 Multiple Servers Behind NAT Example A=192.168.1.33 192.168.1.1 B=192.168.1.
Chapter 11 Network Address Translation (NAT) 174 P-873HNUP-51B User’s Guide
C HAPTER 12 Dynamic DNS Setup 12.1 Overview DNS DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a machine before you can access it. In addition to the system DNS server(s), each WAN interface (service) is set to have its own static or dynamic DNS server list.
Chapter 12 Dynamic DNS Setup Dynamic DNS Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect.
Chapter 12 Dynamic DNS Setup The following table describes the fields in this screen. Table 54 Advanced > DNS Setting > DNS Setting LABEL DESCRIPTION Add new DNS entry Click this to create a new DNS entry. # This is the index number of the entry. Hostname This indicates the host name or domain name. IP Address This indicates the IP address assigned to this computer. Source This indicates the source of the IP address. Modify Click the Edit icon to edit the rule.
Chapter 12 Dynamic DNS Setup 12.3 The Dynamic DNS Screen Use this screen to change your ZyXEL Device’s DDNS. Click Advanced > DNS Setting > Dynamic DNS. The screen appears as shown. Figure 76 Advanced > DNS Setting > Dynamic DNS The following table describes the fields in this screen. Table 56 Advanced > DNS Setting > Dynamic DNS LABEL DESCRIPTION Dynamic DNS Select this check box to use dynamic DNS. Service Provider Select your Dynamic DNS service provider from the drop-down list box.
C HAPTER 13 IGMP 13.1 Overview Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast delivers IP packets to just a group of hosts on the network. IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a multicast group - it is not used to carry user data. See RFC 1112, RFC 2236, and RFC 3376 for information on IGMP versions 1, 2, and 3 respectively.
Chapter 13 IGMP IGMP Proxy To allow better network performance, you can use IGMP proxy instead of a multicast routing protocol in a simple tree network topology. Note: Your ZyXEL Device is an IGMP proxy. In IGMP proxy, an upstream interface is the port that is closer to the source (or the root of the multicast tree) and is able to receive multicast traffic. There should only be one upstream interface (also known as the query port) for one query VLAN on the ZyXEL Device.
Chapter 13 IGMP 13.2 The IGMP General Screen Use the General screen to configure general IGMP proxy and IGMP packet processing settings. Click Network Settings > IGMP Setting > General to open the following screen. Figure 78 Network Settings > IGMP Setting > General The following table describes the fields in this screen.
Chapter 13 IGMP Table 57 Network Settings > IGMP Setting > General (continued) LABEL DESCRIPTION Ignore IGMP query which destination IP is not 224.0.0.1 Select this to discard IGMP query packets with a destination IP address other than 224.0.0.1, the all-hosts multicast address. Apply Click this button to save your settings back to the ZyXEL Device. Cancel Click Cancel to restore your previously saved settings. 13.3 IGMP Filter Configuration Use this screen to control IGMP access.
Chapter 13 IGMP The following table describes the fields in this screen. Table 58 Network Settings > IGMP Setting > IGMP Filter LABEL DESCRIPTION Allow IGMP packets from Ethernet interface Select this to accept IGMP packets received on any of the LAN Ethernet ports. Clear this to discard IGMP packets received on any of the LAN Ethernet ports. Allow IGMP packets from WiFi interface Select this to accept IGMP packets received through the wireless LAN interface.
Chapter 13 IGMP 13.3.1 IGMP Host Limitation Edit Use this screen to control a LAN host’s access to IGMP services through the ZyXEL Device. Click Network Settings > IGMP Setting > IGMP Filter and then a LAN host’s Edit icon to open the following screen. Figure 80 Network Settings > IGMP Setting > IGMP Filter > LAN Host Edit The following table describes the fields in this screen.
Chapter 13 IGMP The following table describes the fields in this screen. Table 60 Network Settings > IGMP Setting > IGMP Filter > Add a new service LABEL DESCRIPTION Service Name Specify a name to identify the IGMP service domain. You can enter up to 30 characters. You can use letters, numbers, hyphens (-) and underscores (_). Spaces are not allowed. Maximum active channels for STB Specify to how many of the service domain’s IGMP channels a LAN STB device is allowed to subscribe.
Chapter 13 IGMP Table 61 Network Settings > IGMP Setting > IGMP Filter > Add a new host limitation (continued) LABEL DESCRIPTION Max Allowed Channels This shows to how many of the IGMP multicast service domain’s channels the LAN device using the specified IP address can subscribe. IGMP Enabled Select whether or not the LAN device is allowed to access IGMP services through the ZyXEL Device. Max Allowed Channels Specify to how many IGMP channels the LAN device is allowed to subscribe.
Chapter 13 IGMP Table 62 Network Settings > IGMP Setting > IGMP ACL (continued) LABEL DESCRIPTION Multicast Address Mask This is the subnet mask of the multicast IP address. Black List These rules are for blocking access to specific multicast IP addresses. Multicast Address This is the multicast IP address of a multicast media channel to which you want to block access. Multicast Address Mask This is the subnet mask of the multicast IP address. Modify Click the Edit icon to change the entry.
Chapter 13 IGMP 188 P-873HNUP-51B User’s Guide
C HAPTER 14 Interface Group 14.1 Overview By default, all LAN and WAN interfaces on the ZyXEL Device are in the same group and can communicate with each other. Create interface groups to have the ZyXEL Device assign the IP addresses in different domains to different groups. Each group acts as an independent network on the ZyXEL Device. This lets devices connected to an interface group’s LAN interfaces communicate through the interface group’s WAN or LAN interfaces but not other WAN or LAN interfaces. 14.
Chapter 14 Interface Group Click Network Settings > Interface Group to open the following screen. Figure 86 Network Settings > Interface Group The following table describes the fields in this screen. Table 64 Network Settings > Interface Group LABEL DESCRIPTION Add New Interface Group Click this button to create a new interface group. Group Name This shows the descriptive name of the group. WAN Interface This shows the WAN interfaces in the group.
Chapter 14 Interface Group Note: An interface can belong to only one group at a time. Figure 87 Interface Group Configuration The following table describes the fields in this screen. Table 65 Interface Group Configuration LABEL DESCRIPTION Group Name Enter a name to identify this group. You can enter up to 30 characters. You can use letters, numbers, hyphens (-) and underscores (_). Spaces are not allowed. WAN Interface used in the grouping Select the WAN interface this group uses.
Chapter 14 Interface Group Table 65 Interface Group Configuration (continued) LABEL DESCRIPTION Filter Criteria This shows the filtering criteria. The LAN interface on which the matched traffic is received will belong to this group automatically. WildCard Support This shows if wildcard on DHCP option 60 is enabled. Remove Click the Remove icon to delete this rule from the ZyXEL Device. Apply Click Apply to save your changes back to the ZyXEL Device.
Chapter 14 Interface Group Table 66 Interface Grouping Criteria (continued) LABEL DUID type DESCRIPTION Select DUID-LLT (DUID Based on Link-layer Address Plus Time) to enter the hardware type, a time value and the MAC address of the device. Select DUID-EN (DUID Assigned by Vendor Based upon Enterprise Number) to enter the vendor’s registered enterprise number. Select DUID-LL (DUID Based on Link-layer Address) to enter the device’s hardware type and hardware address (MAC address) in the following fields.
Chapter 14 Interface Group 194 P-873HNUP-51B User’s Guide
C HAPTER 15 Firewall 15.1 Overview This chapter shows you how to enable and configure the ZyXEL Device firewall. Use the firewall to protect your ZyXEL Device and network from attacks by hackers on the Internet and control access to it. By default the firewall: • allows traffic that originates from your LAN computers to go to all other networks. • blocks traffic that originates on other networks from going to the LAN. The following figure illustrates the default firewall action.
Chapter 15 Firewall follows the SYN-ACK, it queues up all outstanding SYN-ACK responses on a backlog queue. SYNACKs are moved off the queue only when an ACK comes back or when an internal timer terminates the three-way handshake. Once the queue is full, the system will ignore all incoming SYN requests, making the system unavailable for legitimate users. DoS Denials of Service (DoS) attacks are aimed at devices and networks with a connection to the Internet.
Chapter 15 Firewall 15.2 The Firewall Screen Use this screen to set the security level of the firewall on the ZyXEL Device. Firewall rules are grouped based on the direction of travel of packets to which they apply. Click Security Settings > Firewall to display the following screen. Figure 90 Security Settings > Firewall The following table describes the labels in this screen. Table 67 Security Settings > Firewall LABEL DESCRIPTION Low Select Low to allow LAN to WAN and WAN to LAN packet directions.
Chapter 15 Firewall Click Security Settings > Firewall > Protocol to display the following screen. Figure 91 Security Settings > Firewall > Protocol The following table describes the labels in this screen. Table 68 Security Settings > Firewall > Protocol LABEL DESCRIPTION Add New Protocol Entry Click this to add a new protocol. Name This is the name of your customized service. Description This is the description of your customized service.
Chapter 15 Firewall 15.3.1 Add a Protocol Use this screen to add a customized service rule that you can use in the firewall’s ACL rule configuration. Click Add New Protocol Entry in the Protocol screen to display the following screen. Figure 92 Security Settings > Firewall > Protocol > Add The following table describes the labels in this screen.
Chapter 15 Firewall Table 69 Security Settings > Firewall > Protocol > Add (continued) LABEL DESCRIPTION Service Description Enter a description for your customized port. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 15.4 The Access Control Screen Click Security Settings > Firewall > Access Control to display the following screen. This screen displays a list of the configured incoming or outgoing filtering rules.
Chapter 15 Firewall Table 70 Security Settings > Firewall > Access Control (continued) LABEL DESCRIPTION Direction This displays the direction of traffic to which this rule applies. Action This field displays whether the rule silently discards packets (DROP), discards packets and sends a TCP reset packet or an ICMP destination-unreachable message to the sender (REJECT) or allows the passage of packets (ACCEPT). Modify Click the Edit icon to edit the rule.
Chapter 15 Firewall Table 71 Security Settings > Firewall > Access Control > Add/Edit (continued) LABEL DESCRIPTION Select Source Device Select the source device to which the ACL rule applies. If you select Specific IP Address, enter the source IP address in the field below. Source IP Address Enter the source IP address. Select Destination Device Select the destination device to which the ACL rule applies. If you select Specific IP Address, enter the destiniation IP address in the field below.
C HAPTER 16 MAC Filter 16.1 Overview This screen allows you to configure the ZyXEL Device to give exclusive access to specific devices or exclude specific devices from accessing the ZyXEL Device. Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. You need to know the MAC addresses of the devices to configure this screen. 16.
Chapter 16 MAC Filter Table 72 Security Settings > MAC Filter (continued) LABEL DESCRIPTION Allow List The devices in this list are permitted or denied access to the ZyXEL Device. Block List Select an entry from the Allow List and use the > button to add it to the Block List. Select an entry from the Block List and use the < button to add it to the Allow List. 204 Add Device Select this to display the Add Device screen which you can add a device to the MAC filter Allow List.
C HAPTER 17 Parental Control 17.1 Overview Parental control allows you to permit or block access to certain web sites from home network computers. You can define time periods and days during which the ZyXEL Device performs parental control on a specific user in the Security Settings > Scheduler Rules screen (see Chapter 18 on page 209 for detailed information). 17.
Chapter 17 Parental Control The following table describes the fields in this screen. Table 73 Parental Control LABEL DESCRIPTION Add new rule Click this to create a new parental control rule. # This is the index number of the rule. PC Name/IP/MAC The ZyXEL Device allows or prohibits the users from viewing the Web sites with the URLs listed below. Access Type This shows the access type that is applied on the user to the web site of this rule. Web Site This is the URL of the web site in this rule.
Chapter 17 Parental Control The following table describes the fields in this screen. Table 74 Parental Control: Add/Edit LABEL DESCRIPTION PC Name/IP/MAC Select the user that you want to apply this rule to from the drop-down list box. If you want to add an user that is not listed, select User Defined and enter its MAC address. This field is read-only if you are editing the parental control rule. Access Type Select the access type that is applied on the user to the web site of this rule.
Chapter 17 Parental Control 208 P-873HNUP-51B User’s Guide
C HAPTER 18 Scheduler Rules 18.1 Overview You can define time periods and days during which the ZyXEL Device performs scheduled rules of certain features (such as Firewall Access Control, Parental Control) on a specific user in the Scheduler Rules screen. 18.2 The Scheduler Rules Screen Use this screen to view, add, or edit time schedule rules. Click Advanced > Scheduler Rules to open the following screen. Figure 98 Advanced > Scheduler Rules The following table describes the fields in this screen.
Chapter 18 Scheduler Rules 18.2.1 Add/Edit a Schedule Click the Add button in the Scheduler Rules screen or click the Edit icon next to a schedule rule to open the following screen. Use this screen to configure a restricted access schedule for a specific user on your network. Figure 99 Scheduler Rules: Add/Edit The following table describes the fields in this screen.
C HAPTER 19 Certificates 19.1 Overview The ZyXEL Device can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication. 19.1.1 What You Can Do in this Chapter • The Local Certificates screen lets you generate certification requests and import the ZyXEL Device's CA-signed certificates (Section 19.
Chapter 19 Certificates 19.3 The Local Certificates Screen Click Security Settings > Certificates to open the Local Certificates screen. This is the ZyXEL Device’s summary list of certificates and certification requests. Figure 100 Security Settings > Certificates > Local Certificates The following table describes the labels in this screen.
Chapter 19 Certificates 19.3.1 Create Certificate Request Click Security Settings > Certificates > Local Certificates and then Create Certificate Request to open the following screen. Use this screen to have the ZyXEL Device generate a certification request. Figure 101 Create Certificate Request The following table describes the labels in this screen.
Chapter 19 Certificates Figure 102 Certificate Request Created 19.3.2 Load Signed Certificate After you create a certificate request and have it signed by a Certificate Authority, in the Local Certificates screen click the certificate request’s Load Signed icon to import the signed certificate into the ZyXEL Device.
Chapter 19 Certificates Note: You must remove any spaces from the certificate’s filename before you can import it. Figure 103 Load Signed Certificate The following table describes the labels in this screen. Table 79 Load Signed Certificate LABEL DESCRIPTION Certificate Name This is the name of the signed certificate. Certificate Copy and paste the signed certificate into the text box to store it on the ZyXEL Device. Apply Click Apply to save your changes.
Chapter 19 Certificates Note: You must remove any spaces from the certificate’s filename before you can import it. Figure 104 Import Local Certificate The following table describes the labels in this screen. Table 80 Import Local Certificate 216 LABEL DESCRIPTION Import from file Click this check box to open a screen where you can save the certificate of a certification authority that you trust, from your computer to the ZyXEL Device.
Chapter 19 Certificates Table 80 Import Local Certificate (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. If you click Import from file in the Import Local Certificate screen, the following screen is displayed. Figure 105 Import Local Certificate > Import from file The following table describes the labels in this screen.
Chapter 19 Certificates Figure 106 Certificate Details The following table describes the labels in this screen. Table 82 Certificate Details LABEL DESCRIPTION Name This field displays the identifying name of this certificate. If you want to change the name, type up to 63 characters to identify this certificate. You may use any character (not including spaces). Type This field displays general information about the certificate. signed means that a Certification Authority signed the certificate.
Chapter 19 Certificates Table 82 Certificate Details (continued) LABEL DESCRIPTION Private Key This read-only text box displays the private key in Privacy Enhanced Mail (PEM) format. PEM uses base 64 to convert the binary certificate into a printable form. You can copy and paste the private key into an e-mail to send to friends or colleagues or you can copy and paste the certificate into a text editor and save the file on a management computer for later distribution (via floppy disk for example).
Chapter 19 Certificates Table 83 Security Settings > Certificates > Trusted CA (continued) LABEL DESCRIPTION Type This field displays general information about the certificate. ca means that a Certification Authority signed the certificate. Action Click the View icon to open a screen with an in-depth list of information about the certificate (or certification request). Click the Remove button to delete the certificate (or certification request).
Chapter 19 Certificates 19.4.2 Import Trusted CA Certificate Click the Import Certificate button in the Trusted CA screen to open the following screen. The ZyXEL Device trusts any valid certificate signed by any of the imported trusted CA certificates. Figure 109 Trusted CA: Import Certificate The following table describes the fields in this screen.
Chapter 19 Certificates If you click Import from file in the Import Local Certificate screen, the following screen is displayed. Figure 110 Trusted CA: Import Certificate > Import from file The following table describes the labels in this screen. Table 86 Import Local Certificate 222 LABEL DESCRIPTION Certificate File Path Type in the location of the certificate you want to upload in this field or click Browse ... to find it. Apply Click Apply to save your changes.
C HAPTER 20 Service Control 20.1 Overview This chapter provides information on the Service Control screens. Service Control allows you to manage your ZyXEL Device from a remote location through the following interfaces: • LAN • WAN Note: The ZyXEL Device is managed using the Web Configurator. 20.2 The Service Control Screen Use this screen to configure through which interface(s) users can use which service(s) to manage the ZyXEL Device.
Chapter 20 Service Control The following table describes the fields in this screen. Table 87 Security Settings > Service Control LABEL DESCRIPTION General # This is the index number of the entry. Services Name This is the service you may use to access the ZyXEL Device. LAN Select the Enable check box for the corresponding services that you want to allow access to the ZyXEL Device from the LAN.
C HAPTER 21 ARP Table 21.1 Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long. In an Ethernet LAN, MAC addresses are 48 bits long. The ARP Table maintains an association between each MAC address and its corresponding IP address. 21.1.
Chapter 21 ARP Table The following table describes the labels in this screen. Table 88 System Monitor > ARP Table LABEL 226 DESCRIPTION # This is the ARP table entry number. IP Address This is the learned IP address of a device connected to a port. MAC Address This is the MAC address of the device with the listed IP address. Device This is the type of interface used by the device. You can click on the device type to go to its configuration screen.
C HAPTER 22 Logs 22.1 Overview The web configurator allows you to choose which categories of events and/or alerts to have the ZyXEL Device log and then display the logs or have the ZyXEL Device send them to an administrator (as e-mail) or to a syslog server. 22.1.1 What You Can Do in this Chapter • Use the System Log screen to see the system logs for the categories that you select (Section 22.2 on page 228).
Chapter 22 Logs Table 89 Syslog Severity Levels (continued) CODE SEVERITY 4 Warning: There is a warning condition on the system. 5 Notice: There is a normal but significant condition on the system. 6 Informational: The syslog contains an informational message. 7 Debug: The message is intended for debug-level purposes. 22.2 The System Log Screen Use the System Log screen to see the system logs for the categories that you select in Maintenance > Log Setting.
Chapter 22 Logs Table 90 System Monitor > Log > System Log (continued) LABEL DESCRIPTION # This field is a sequential value and is not associated with a specific entry. Time This field displays the time the log was recorded. Facility The log facility allows you to send logs to different files in the syslog server. Refer to the documentation of your syslog program for more details. Level This field displays the severity level of the logs that the device is to send to this syslog server.
Chapter 22 Logs 230 P-873HNUP-51B User’s Guide
C HAPTER 23 Traffic Status 23.1 Overview Use the Traffic Status screens to look at network traffic status and statistics of the WAN and LAN interfaces. 23.1.1 What You Can Do in this Chapter • Use the WAN screen to view the WAN traffic statistics (Section 23.2 on page 231). • Use the LAN screen to view the LAN traffic statistics (Section 23.3 on page 233). • Use the HPNA screen to view the HPNA traffic statistics (Section 23.4 on page 234). 23.
Chapter 23 Traffic Status The following table describes the fields in this screen. Table 92 System Monitor > Traffic Status > WAN LABEL DESCRIPTION Connected Interface This shows the name of the WAN interface that is currently connected. Packets Sent Data This indicates the number of transmitted packets on this interface. Error This indicates the number of frames with errors transmitted on this interface. Drop This indicates the number of outgoing packets dropped on this interface.
Chapter 23 Traffic Status 23.3 The LAN Status Screen Click System Monitor > Traffic Status > LAN to open the following screen. Figure 116 System Monitor > Traffic Status > LAN The following table describes the fields in this screen. Table 93 System Monitor > Traffic Status > LAN LABEL DESCRIPTION Polls Interval(s) Select how often you want the ZyXEL Device to update this screen. Interface This shows the LAN or WLAN interface.
Chapter 23 Traffic Status 23.4 The HPNA Status Screen Click System Monitor > Traffic Status > HPNA to open the following screen. Figure 117 System Monitor > Traffic Status > HPNA The following table describes the fields in this screen. Table 94 System Monitor > Traffic Status > HPNA 234 LABEL DESCRIPTION Role This shows the role of the client connected to the ZyXEL Device’s HPNA port. Device This shows the MAC address of the client connected to the ZyXEL Device’s HPNA port.
C HAPTER 24 IGMP Status 24.1 Overview Use the IGMP Status screens to look at IGMP group status and traffic statistics. 24.1.1 What You Can Do in this Chapter • Use the IGMP Group screen to look at the current list of multicast groups the ZyXEL Device has joined and which ports have joined each (Section 24.2 on page 235. • Use the IGMP Statistics screen to look at the current number of IGMP-related packets received for each IGMP multicast group and from each LAN host (Section 24.3 on page 236). 24.
Chapter 24 24.3 IGMP Statistics Screen Use this screen to look at the current number of IGMP-related packets received for each IGMP multicast group and from each LAN host. To open this screen, click System Monitor > IGMP Group Status > IGMP Statistics. Figure 119 System Monitor > IGMP Group Status > IGMP Statistics The following table describes the labels in this screen.
C HAPTER 25 xDSL Statistics 25.1 The xDSL Statistics Screen Use this screen to view detailed DSL statistics. Click System Monitor > xDSL Statistics to open the following screen.
Chapter 25 xDSL Statistics The following table describes the labels in this screen. Table 97 Status > xDSL Statistics LABEL DESCRIPTION Refresh Interval Select the time interval for refreshing statistics. Line Select which DSL line’s statistics you want to display. xDSL Training Status This displays the current state of setting up the DSL connection. Mode This displays the ITU standard used for this connection. Traffic Type This displays the type of traffic the DSL port is sending and receiving.
Chapter 25 xDSL Statistics Table 97 Status > xDSL Statistics (continued) LABEL DESCRIPTION Attainable Net Data Rate These are the highest theoretically possible transfer rates at which the port could send and receive payload data without transport layer protocol headers and traffic. xDSL Counters Downstream These are the statistics for the traffic direction coming into the port from the service provider.
Chapter 25 xDSL Statistics 240 P-873HNUP-51B User’s Guide
C HAPTER 26 Users Configuration 26.1 Overview In the Users Configuration screen, you can view, add, and configure user accounts of the ZyXEL Device. 26.2 The Users Configuration Screen Click Maintenance > Users Configuration to open the following screen.
Chapter 26 Users Configuration The following table describes the labels in this screen. Table 98 Maintenance > Users Configuration LABEL DESCRIPTION Advanced Account Security Select Enable to turn on advanced account security to enforce tighter security for the ZyXEL Device’s user accounts. This includes: • • • • The user names must be a minimum length of six characters and include both letters and numbers.
Chapter 26 Users Configuration The following table describes the labels in this screen. Table 99 Users Configuration: Add/Edit LABEL DESCRIPTION User Name This field is read-only if you are editing the user account. Enter a descriptive name for the user account. The user name can be up to 15 alphanumeric characters (0-9, A-Z, a-z, -, _ with no spaces). With advanced account security enabled, the user names must be a minimum length of six characters and include both letters and numbers.
Chapter 26 Users Configuration 244 P-873HNUP-51B User’s Guide
C HAPTER 27 Remote Management 27.1 Overview This chapter explains how to configure the ZyXEL Device’s TR-069 and TR-064 auto-configuration settings. 27.1.1 What You Can Do in this Chapter • The TR-069 screen lets you configure the ZyXEL Device’s TR-069 auto-configuration settings (Section 27.2 on page 245). • The TR-064 screen lets you enable management via TR-064 on the ZyXEL Device (Section 27.3 on page 247).
Chapter 27 Remote Management Click Maintenance > Remote MGMT > TR-069 Client to open the following screen. Use this screen to configure your ZyXEL Device to be managed by an ACS. Figure 123 Maintenance > Remote MGMT > TR-069 Client The following table describes the fields in this screen. Table 100 Maintenance > Remote MGMT > TR-069 Client 246 LABEL DESCRIPTION Inform Select Enable for the ZyXEL Device to send periodic inform via TR-069 on the WAN. Otherwise, select Disable.
Chapter 27 Remote Management Table 100 Maintenance > Remote MGMT > TR-069 Client (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 27.3 The TR-064 Screen TR-064 is a LAN-Side DSL CPE Configuration protocol defined by the DSL Forum. TR-064 is built on top of UPnP.
Chapter 27 Remote Management Figure 125 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the ZyXEL Device). An agent translates the local management information from the managed device into a form compatible with SNMP. The manager is the console through which network administrators perform network management functions.
Chapter 27 Remote Management Click Maintenance > Remote MGMT > SNMP to open the following screen. Use this screen to configure the ZyXEL Device SNMP settings. Figure 126 Maintenance > Remote MGMT > SNMP The following table describes the fields in this screen. Table 102 Maintenance > Remote MGMT > SNMP LABEL DESCRIPTION SNMP Agent Select Enable to allow a manager station to manage and monitor the ZyXEL Device through the network via SNMP. Otherwise, select Disable.
Chapter 27 Remote Management 250 P-873HNUP-51B User’s Guide
C HAPTER 28 Time Settings 28.1 Overview This chapter shows you how to configure system related settings, such as system time, password, name, the domain name and the inactivity timeout interval. 28.2 The Time Setting Screen To change your ZyXEL Device’s time and date, click Maintenance > Time Setting. The screen appears as shown. Use this screen to configure the ZyXEL Device’s time based on your local time zone.
Chapter 28 Time Settings The following table describes the fields in this screen. Table 103 Maintenance > Time Setting LABEL DESCRIPTION Current Date/Time System Time This field displays the time and fate of your ZyXEL Device. Each time you reload this page, the ZyXEL Device synchronizes the time and date with the time server. NTP Time Server First ~ Fifth NTP time server Select an NTP time server from the drop-down list box.
C HAPTER 29 Logs Setting 29.1 Overview You can configure where the ZyXEL Device sends logs and which logs and/or immediate alerts the ZyXEL Device records in the Logs Setting screen. 29.2 The Logs Setting Screen To change your ZyXEL Device’s log settings, click Maintenance > Logs Setting. The screen appears as shown.
Chapter 29 Logs Setting The following table describes the fields in this screen. Table 104 Maintenance > Logs Setting LABEL DESCRIPTION Syslog Logging The ZyXEL Device sends a log to an external syslog server. Active Select the Active check box to enable syslog logging. Mode Select the syslog destination from the drop-down list box. If you select Remote, the log(s) will be sent to a remote syslog server. If you select Local File, the log(s) will be saved in a local file.
Chapter 29 Logs Setting 29.2.1 Example E-mail Log An "End of Log" message displays for each mail in which a complete log has been sent. The following is an example of a log sent by e-mail. • You may edit the subject title. • The date format here is Day-Month-Year. • The date format here is Month-Day-Year. The time format is Hour-Minute-Second. • "End of Log" message shows that a complete log has been sent.
Chapter 29 Logs Setting 256 P-873HNUP-51B User’s Guide
C HAPTER 30 Firmware Upgrade 30.1 Overview This chapter explains how to upload new firmware to your ZyXEL Device. You can download new firmware releases from your nearest ZyXEL FTP site (or www.zyxel.com) to use to upgrade your device’s performance. Only use firmware for your device’s specific model. Refer to the label on the bottom of your ZyXEL Device. 30.2 The Firmware Screen Click Maintenance > Firmware Upgrade to open the following screen.
Chapter 30 Firmware Upgrade Table 105 Maintenance > Firmware Upgrade (continued) LABEL DESCRIPTION Browse... Click this to find the .bin file you want to upload. Remember that you must decompress compressed (.zip) files before you can upload them. Upload Click this to begin the upload process. This process may take up to two minutes. After you see the firmware updating screen, wait two minutes before logging into the ZyXEL Device again.
C HAPTER 31 Configuration 31.1 Overview The Configuration screen allows you to backup and restore device configurations. You can also reset your device settings back to the factory default. 31.2 The Configuration Screen Click Maintenance > Configuration. Information related to factory defaults, backup configuration, and restoring configuration appears in this screen, as shown next.
Chapter 31 Configuration Restore Configuration Restore Configuration allows you to upload a new or previously saved configuration file from your computer to your ZyXEL Device. Table 106 Restore Configuration LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ... to find it. Browse... Click this to find the file you want to upload. Remember that you must decompress compressed (.ZIP) files before you can upload them.
Chapter 31 Configuration Reset to Factory Defaults Click the Reset button to clear all user-entered configuration information and return the ZyXEL Device to its factory defaults. The following warning screen appears. Figure 137 Reset Warning Message Figure 138 Reset In Process Message You can also press the RESET button on the rear panel to reset the factory defaults of your ZyXEL Device. Refer to Section 1.6 on page 26 for more information on the RESET button. 31.
C HAPTER 32 Diagnostic 32.1 Overview The Diagnostic screens display information to help you identify problems with the ZyXEL Device. The route between a CO VDSL switch and one of its CPE may go through switches owned by independent organizations. A connectivity fault point generally takes time to discover and impacts subscriber’s network access. In order to eliminate the management and maintenance efforts, IEEE 802.
Chapter 32 Diagnostic 32.3 Ping & TraceRoute & NsLookup Use this screen to ping, traceroute, or nslookup an IP address. Click Maintenance > Diagnostic > Ping & TraceRoute & NsLookup to open the screen shown next. Figure 140 Maintenance > Diagnostic > Ping & TraceRoute & NsLookup The following table describes the fields in this screen.
Chapter 32 Diagnostic 32.4 802.1ag Click Maintenance > Diagnostic > 8.2.1ag to open the following screen. Use this screen to perform CFM actions. Figure 141 802.1ag The following table describes the fields in this screen. Table 108 Maintenance > Diagnostic > 802.1ag LABEL DESCRIPTION 802.1ag Connectivity Fault Management Maintenance Domain (MD) Level Select a level (0-7) under which you want to create an MA.
Chapter 32 Diagnostic 32.5 OAM Ping Test Click Maintenance > Diagnostic > OAM Ping Test to open the screen shown next. Use this screen to perform an OAM (Operation, Administration and Maintenance) F4 or F5 loopback test on a PVC. The ZyXEL Device sends an OAM F4 or F5 packet to the DSLAM or ATM switch and then returns it to the ZyXEL Device. The test result then displays in the text box. ATM sets up virtual circuits over which end systems communicate.
Chapter 32 Diagnostic Note: This screen is available only when you configure an ATM layer-2 interface. Figure 143 Maintenance > Diagnostic > OAM Ping Test The following table describes the fields in this screen. Table 109 Maintenance > Diagnostic > OAM Ping Test LABEL DESCRIPTION Select a PVC on which you want to perform the loopback test. 266 F4 segment Press this to perform an OAM F4 segment loopback test. F4 end-end Press this to perform an OAM F4 end-to-end loopback test.
C HAPTER 33 Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • ZyXEL Device Access and Login • Internet Access 33.1 Power, Hardware Connections, and LEDs The ZyXEL Device does not turn on. None of the LEDs turn on. 1 Make sure the ZyXEL Device is turned on. 2 Make sure you are using the power adaptor or cord included with the ZyXEL Device.
Chapter 33 Troubleshooting 33.2 ZyXEL Device Access and Login I forgot the IP address for the ZyXEL Device. 1 The default LAN IP address is 192.168.1.1. 2 If you changed the IP address and have forgotten it, you might get the IP address of the ZyXEL Device by looking up the IP address of the default gateway for your computer. To do this in most Windows computers, click Start > Run, enter cmd, and then enter ipconfig.
Chapter 33 Troubleshooting • Make sure you have logged out of any earlier management sessions using the same user account even if they were through a different interface or using a different browser. • Try to access the ZyXEL Device using another service, such as Telnet. If you can access the ZyXEL Device, check the remote management settings and firewall rules to find out why the ZyXEL Device does not respond to HTTP.
Chapter 33 Troubleshooting 1 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide for hardware connections information and Section 1.5 on page 25 for LED behaviors. 2 Make sure you entered your ISP account information correctly in the Network Settings > Broadband screen. These fields are case-sensitive, so make sure [Caps Lock] is not on.
Chapter 33 Troubleshooting ADSL and VDSL connections cannot work at the same time. You can only use one type of DSL connection, either ADSL or VDSL connection at one time. I cannot access the Internet anymore. I had access to the Internet (with the ZyXEL Device), but my Internet connection is not available anymore. 1 Your session with the ZyXEL Device may have expired. Try logging into the ZyXEL Device again. 2 Check the hardware connections, and make sure the LEDs are behaving as expected.
Chapter 33 Troubleshooting Wireless security is vital to your network. It protects communications between wireless stations, access points and the wired network. The available security modes in your ZyXEL device are as follows: • WPA2-PSK: (recommended) This uses a pre-shared key with the WPA2 standard. • WPA-PSK: This has the device use either WPA-PSK or WPA2-PSK depending on which security mode the wireless client uses. • WPA2: WPA2 (IEEE 802.
C HAPTER 34 Product Specifications The following tables summarize the ZyXEL Device’s hardware and firmware features. 34.1 Hardware Specifications Table 110 Hardware Specifications Dimensions 210 (L) x 154 (W) x 40 (H) mm (without external antenna) Weight 495g (without external antenna) Power Adaptor Output 12 V 1.
Chapter 34 Product Specifications 34.2 Firmware Specifications Table 111 Firmware Specifications Default IP Address 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) Default User Name admin Default Password 1234 DHCP Server IP Pool 192.168.1.2 to 192.168.1.254 Static Routes 16 Device Management Use the web configurator to easily configure the rich range of features on the ZyXEL Device. Wireless Functionality Allow the IEEE 802.11b, IEEE 802.11g and/or IEEE 802.
Chapter 34 Product Specifications Table 111 Firmware Specifications (continued) Remote Management This allows you to decide whether a service (HTTPS or FTP traffic for example) from a computer on a network (LAN or WAN for example) can access the ZyXEL Device. PPPoE Support (RFC2516) PPPoE (Point-to-Point Protocol over Ethernet) emulates a dial-up connection. It allows your ISP to use their existing network configuration with newer broadband technologies such as ADSL.
Chapter 34 Product Specifications Table 111 Firmware Specifications (continued) Other Protocol Support PPP (Point-to-Point Protocol) link layer protocol Transparent bridging for unsupported network layer protocols RIP I/RIP II ICMP ATM QoS IP Multicasting IGMP v2 and v3 IGMP Proxy Management Embedded Web Configurator Remote Firmware Upgrade Embedded FTP/TFTP Server for firmware upgrade and configuration file backup and restore Syslog TR-069 TR-064 The following list, which is not exhaustive, illustrate
Chapter 34 Product Specifications Table 112 Standards Supported (continued) STANDARD DESCRIPTION ITU G.992.2 (G. Lite) ITU standard for ADSL using discrete multitone modulation. ITU G.992.3 (G.dmt.bis) ITU standard (also referred to as ADSL2) that extends the capability of basic ADSL in data rates. ITU G.992.4 (G.lite.bis) ITU standard (also referred to as ADSL2) that extends the capability of basic ADSL in data rates. ITU G.992.
Chapter 34 Product Specifications 278 P-873HNUP-51B User’s Guide
A PPENDIX A Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP/Vista, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your computer. Windows 3.1 requires the purchase of a third-party TCP/IP application package.
Appendix A Setting up Your Computer’s IP Address Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add. 2 Select Adapter and then click Add. 3 Select the manufacturer and model of your network adapter and then click OK. If you need TCP/IP: 1 In the Network window, click Add. 2 Select Protocol and then click Add.
Appendix A Setting up Your Computer’s IP Address • If you have a static IP address, select Specify an IP address and type your information into the IP Address and Subnet Mask fields. Figure 145 Windows 95/98/Me: TCP/IP Properties: IP Address 3 Click the DNS Configuration tab. • If you do not know your DNS information, select Disable DNS. • If you know your DNS information, select Enable DNS and type the information in the fields below (you may not need to fill them all in).
Appendix A Setting up Your Computer’s IP Address 4 Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add. 5 Click OK to save and close the TCP/IP Properties window. 6 Click OK to close the Network window. Insert the Windows CD if prompted. 7 Turn on your ZyXEL Device and restart your computer when prompted. Verifying Settings 1 Click Start and then Run.
Appendix A Setting up Your Computer’s IP Address 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 148 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties.
Appendix A Setting up Your Computer’s IP Address 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 150 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). • If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields.
Appendix A Setting up Your Computer’s IP Address • Click Advanced. Figure 151 Windows XP: Internet Protocol (TCP/IP) Properties 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: • In the IP Settings tab, in IP addresses, click Add. • In TCP/IP Address, type an IP address in IP address and a subnet mask in Subnet mask, and then click Add.
Appendix A Setting up Your Computer’s IP Address • Click OK when finished. Figure 152 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
Appendix A Setting up Your Computer’s IP Address If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. Figure 153 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 10 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT).
Appendix A Setting up Your Computer’s IP Address 1 Click the Start icon, Control Panel. Figure 154 Windows Vista: Start Menu 2 In the Control Panel, double-click Network and Internet. Figure 155 Windows Vista: Control Panel 3 Click Network and Sharing Center.
Appendix A Setting up Your Computer’s IP Address 4 Click Manage network connections. Figure 157 Windows Vista: Network and Sharing Center 5 Right-click Local Area Connection and then click Properties. Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue.
Appendix A Setting up Your Computer’s IP Address 6 Select Internet Protocol Version 4 (TCP/IPv4) and click Properties. Figure 159 Windows Vista: Local Area Connection Properties 7 The Internet Protocol Version 4 (TCP/IPv4) Properties window opens (the General tab). • If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP address and fill in the IP address, Subnet mask, and Default gateway fields.
Appendix A Setting up Your Computer’s IP Address • Click Advanced. Figure 160 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 8 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: • In the IP Settings tab, in IP addresses, click Add.
Appendix A Setting up Your Computer’s IP Address • Click OK when finished. Figure 161 Windows Vista: Advanced TCP/IP Properties 9 In the Internet Protocol Version 4 (TCP/IPv4) Properties window, (the General tab): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
Appendix A Setting up Your Computer’s IP Address If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. Figure 162 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 10 Click OK to close the Internet Protocol Version 4 (TCP/IPv4) Properties window. 11 Click Close to close the Local Area Connection Properties window. 12 Close the Network Connections window. 13 Turn on your ZyXEL Device and restart your computer (if prompted).
Appendix A Setting up Your Computer’s IP Address Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel.
Appendix A Setting up Your Computer’s IP Address 2 Select Ethernet built-in from the Connect via list. Figure 164 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your ZyXEL Device in the Router address box.
Appendix A Setting up Your Computer’s IP Address • Select Built-in Ethernet from the Show list. • Click the TCP/IP tab. 3 For dynamically assigned settings, select Using DHCP from the Configure list. Figure 166 Macintosh OS X: Network 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your ZyXEL Device in the Router address box.
Appendix A Setting up Your Computer’s IP Address Linux This section shows you how to configure your computer’s TCP/IP settings in Red Hat Linux 9.0. Procedure, screens and file location may vary depending on your Linux distribution and release version. Note: Make sure you are logged in as the root administrator. Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE.
Appendix A Setting up Your Computer’s IP Address 2 Double-click on the profile of the network card you wish to configure. The Ethernet Device General screen displays as shown. Figure 168 Red Hat 9.0: KDE: Ethernet Device: General • If you have a dynamic IP address, click Automatically obtain IP address settings with and select dhcp from the drop down list. • If you have a static IP address, click Statically set IP Addresses and fill in the Address, Subnet mask, and Default Gateway Address fields.
Appendix A Setting up Your Computer’s IP Address 6 Click the Activate button to apply the changes. The following screen displays. Click Yes to save the changes in all screens. Figure 170 Red Hat 9.0: KDE: Network Configuration: Activate 7 After the network card restart process is complete, make sure the Status is Active in the Network Configuration screen. Using Configuration Files Follow the steps below to edit the network configuration files and set your computer IP address.
Appendix A Setting up Your Computer’s IP Address 2 If you know your DNS server IP address(es), enter the DNS server information in the resolv.conf file in the /etc directory. The following figure shows an example where two DNS server IP addresses are specified. Figure 173 Red Hat 9.0: DNS Settings in resolv.conf nameserver 172.23.5.1 nameserver 172.23.5.2 3 After you edit and save the configuration files, you must restart the network card. Enter ./network restart in the /etc/rc.d/init.d directory.
A PPENDIX B IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
Appendix B IP Addresses and Subnetting The following figure shows an example IP address in which the first three octets (192.168.1) are the network number, and the fourth octet (16) is the host ID. Figure 176 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask.
Appendix B IP Addresses and Subnetting Subnet masks can be referred to by the size of the network number part (the bits with a “1” value). For example, an “8-bit mask” means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes. Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks.
Appendix B IP Addresses and Subnetting The following table shows some possible subnet masks using both notations. Table 116 Alternative Subnet Mask Notation SUBNET MASK ALTERNATIVE NOTATION LAST OCTET (BINARY) LAST OCTET (DECIMAL) 255.255.255.0 /24 0000 0000 0 255.255.255.128 /25 1000 0000 128 255.255.255.192 /26 1100 0000 192 255.255.255.224 /27 1110 0000 224 255.255.255.240 /28 1111 0000 240 255.255.255.248 /29 1111 1000 248 255.255.255.
Appendix B IP Addresses and Subnetting The following figure shows the company network after subnetting. There are now two subnetworks, A and B. Figure 178 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 27 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address). 192.168.1.0 with mask 255.255.255.128 is subnet A itself, and 192.168.1.127 with mask 255.255.255.
Appendix B IP Addresses and Subnetting Table 117 Subnet 1 (continued) IP/SUBNET MASK NETWORK NUMBER Subnet Address: 192.168.1.0 Lowest Host ID: 192.168.1.1 Broadcast Address: 192.168.1.63 Highest Host ID: 192.168.1.62 LAST OCTET BIT VALUE Table 118 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 64 IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.
Appendix B IP Addresses and Subnetting Table 121 Eight Subnets (continued) SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BROADCAST ADDRESS 3 64 65 94 95 4 96 97 126 127 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 225 254 255 Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 122 24-bit Network Number Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO.
Appendix B IP Addresses and Subnetting Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established.
A PPENDIX C Pop-up Windows, JavaScript and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScript (enabled by default). • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device.
Appendix C Pop-up Windows, JavaScript and Java Permissions 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 180 Internet Options: Privacy 3 Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 310 In Internet Explorer, select Tools, Internet Options and then the Privacy tab.
Appendix C Pop-up Windows, JavaScript and Java Permissions 2 Select Settings…to open the Pop-up Blocker Settings screen. Figure 181 Internet Options: Privacy 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1.
Appendix C Pop-up Windows, JavaScript and Java Permissions 4 Click Add to move the IP address to the list of Allowed sites. Figure 182 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed.
Appendix C Pop-up Windows, JavaScript and Java Permissions 1 In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 183 Internet Options: Security 2 Click the Custom Level... button. 3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default).
Appendix C Pop-up Windows, JavaScript and Java Permissions 6 Click OK to close the window. Figure 184 Security Settings - Java Scripting Java Permissions 314 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected.
Appendix C Pop-up Windows, JavaScript and Java Permissions 5 Click OK to close the window. Figure 185 Security Settings - Java JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for
Appendix C Pop-up Windows, JavaScript and Java Permissions 3 Click OK to close the window. Figure 186 Java (Sun) Mozilla Firefox Mozilla Firefox 2.0 screens are used here. Screens for other versions may vary. You can enable Java, Javascript and pop-ups in one screen. Click Tools, then click Options in the screen that appears.
Appendix C Pop-up Windows, JavaScript and Java Permissions Click Content.to show the screen below. Select the check boxes as shown in the following screen.
Appendix C Pop-up Windows, JavaScript and Java Permissions 318 P-873HNUP-51B User’s Guide
A PPENDIX D Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless adapters (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an ad-hoc network or Independent Basic Service Set (IBSS).
Appendix D Wireless LANs disabled, wireless client A and B can still access the wired network but cannot communicate with each other. Figure 190 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This type of wireless LAN topology is called an Infrastructure WLAN.
Appendix D Wireless LANs An ESSID (ESS IDentification) uniquely identifies each ESS. All access points and their associated wireless clients within the same ESS must have the same ESSID in order to communicate. Figure 191 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by wireless devices to transmit and receive data. Channels available depend on your geographical area.
Appendix D Wireless LANs cannot "hear" each other, that is they do not know if the channel is currently being used. Therefore, they are considered hidden from each other. Figure 192 RTS/CTS When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
Appendix D Wireless LANs If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. IEEE 802.11g Wireless LAN IEEE 802.11g is fully compatible with the IEEE 802.11b standard. This means an IEEE 802.11b adapter can interface directly with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range.
Appendix D Wireless LANs IEEE 802.1x In June 2001, the IEEE 802.1x standard was designed to extend the features of IEEE 802.11 to support extended authentication as well as providing additional accounting and control features. It is supported by Windows XP and a number of network devices. Some advantages of IEEE 802.1x are: • User based identification that allows for roaming.
Appendix D Wireless LANs • Accounting-Request Sent by the access point requesting accounting. • Accounting-Response Sent by the RADIUS server to indicate that it has started or stopped accounting. In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password, they both know. The key is not sent over the network. In addition to the shared key, password information exchanged is also encrypted to protect the network from unauthorized access.
Appendix D Wireless LANs EAP-TTLS (Tunneled Transport Layer Service) EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the serverside authentications to establish a secure connection. Client authentication is then done by sending username and password through the secure connection, thus client identity is protected. For client authentication, EAP-TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2.
Appendix D Wireless LANs WPA and WPA2 Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. Key differences between WPA or WPA2 and WEP are improved data encryption and user authentication. If both an AP and the wireless clients support WPA2 and you have an external RADIUS server, use WPA2 for stronger data encryption.
Appendix D Wireless LANs password-guessing attacks but it’s still an improvement over WEP as it employs a consistent, single, alphanumeric password to derive a PMK which is used to generate unique temporal encryption keys. This prevent all wireless devices sharing the same encryption keys. (a weakness of WEP) User Authentication WPA and WPA2 apply IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database.
Appendix D Wireless LANs 4 The RADIUS server distributes the PMK to the AP. The AP then sets up a key hierarchy and management system, using the PMK to dynamically generate unique data encryption keys. The keys are used to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients. Figure 193 WPA(2) with RADIUS Application Example WPA(2)-PSK Application Example A WPA(2)-PSK application looks as follows.
Appendix D Wireless LANs Security Parameters Summary Refer to this table to see what other security parameters you should configure for each authentication method or key management protocol type. MAC address filters are not dependent on how you configure these security features. Table 127 Wireless Security Relational Matrix AUTHENTICATION ENCRYPTIO METHOD/ KEY MANAGEMENT PROTOCOL N METHOD ENTER MANUAL KEY IEEE 802.
Appendix D Wireless LANs 2.5%. For an unobstructed outdoor site, each 1dB increase in gain results in a range increase of approximately 5%. Actual results may vary depending on the network environment. Antenna gain is sometimes specified in dBi, which is how much the antenna increases the signal power compared to using an isotropic antenna. An isotropic antenna is a theoretical perfect antenna that sends out radio signals equally well in all directions.
Appendix D Wireless LANs 332 P-873HNUP-51B User’s Guide
A PPENDIX E Services The following table lists some commonly-used services and their associated protocols and port numbers. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like. • Protocol: This is the type of IP protocol used by the service. If this is TCP/UDP, then the service uses the same port number with TCP and UDP. If this is USER-DEFINED, the Port(s) is the IP protocol number, not the port number.
Appendix E Services Table 128 Examples of Services NAME 334 PROTOCOL PORT(S) DESCRIPTION AH (IPSEC_TUNNEL) User-Defined 51 The IPSEC AH (Authentication Header) tunneling protocol uses this service. AIM TCP 5190 AOL’s Internet Messenger service. AUTH TCP 113 Authentication protocol used by some servers. BGP TCP 179 Border Gateway Protocol. BOOTP_CLIENT UDP 68 DHCP Client. BOOTP_SERVER UDP 67 DHCP Server.
Appendix E Services Table 128 Examples of Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION NEW-ICQ TCP 5190 An Internet chat program. NEWS TCP 144 A protocol for news groups. NFS UDP 2049 Network File System - NFS is a client/ server distributed file service that provides transparent file sharing for network environments. NNTP TCP 119 Network News Transport Protocol is the delivery mechanism for the USENET news group service.
Appendix E Services Table 128 Examples of Services (continued) 336 NAME PROTOCOL PORT(S) DESCRIPTION SQL-NET TCP 1521 Structured Query Language is an interface to access data on many different types of database systems, including mainframes, midrange systems, UNIX systems and network servers. SSDP UDP 1900 The Simple Service Discovery Protocol supports Universal Plug-and-Play (UPnP). SSH TCP/UDP 22 Secure Shell Remote Login Program. STRM WORKS UDP 1558 Stream Works Protocol.
A PPENDIX F Open Software Announcements End-User License Agreement for “P-873HNUP-51B” WARNING: ZyXEL Communications Corp. IS WILLING TO LICENSE THE SOFTWARE TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS LICENSE AGREEMENT. PLEASE READ THE TERMS CAREFULLY BEFORE COMPLETING THE INSTALLATION PROCESS AS INSTALLING THE SOFTWARE WILL INDICATE YOUR ASSENT TO THEM.
Appendix F Open Software Announcements The Software and Documentation contain material that is protected by international copyright law, trade secret law, international treaty provisions, and the applicable national laws of each respective country. All rights not granted to you herein are expressly reserved by ZyXEL. You may not remove any proprietary notice of ZyXEL or any of its licensors from any copy of the Software or Documentation. 4.
Appendix F Open Software Announcements THIRTY (30) DAYS FROM THE DATE OF PURCHASE OF THE SOFTWARE, AND NO WARRANTIES SHALL APPLY AFTER THAT PERIOD. 7.
Appendix F Open Software Announcements Agreement shall only be effective if it is in writing and signed by both parties hereto. If any part of this License Agreement is found invalid or unenforceable by a court of competent jurisdiction, the remainder of this License Agreement shall be interpreted so as to reasonably effect the intention of the parties.
Appendix F Open Software Announcements applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price.
Appendix F Open Software Announcements 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change.
Appendix F Open Software Announcements operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4.
Appendix F Open Software Announcements "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10.
Appendix F Open Software Announcements The MIT License Copyright (c) Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the foll
Appendix F Open Software Announcements WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
A PPENDIX G Legal Information Copyright Copyright © 2011 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
Appendix G Legal Information If this device does cause harmful interference to radio/television reception, which can be determined by turning the device off and on, the user is encouraged to try to correct the interference by one or more of the following measures: 1 Reorient or relocate the receiving antenna. 2 Increase the separation between the equipment and the receiver. 3 Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
Appendix G Legal Information Ce produit est conçu pour les bandes de fréquences 2,4 GHz et/ou 5 GHz conformément à la législation Européenne. En France métropolitaine, suivant les décisions n°03-908 et 03-909 de l’ARCEP, la puissance d’émission ne devra pas dépasser 10 mW (10 dB) dans le cadre d’une installation WiFi en extérieur pour les fréquences comprises entre 2454 MHz et 2483,5 MHz. Viewing Certifications 1 Go to http://www.zyxel.com.
Appendix G Legal Information 350 P-873HNUP-51B User’s Guide
Index Index A C ACL rule 201 CA 211, 325 ACS 245 Canonical Format Indicator See CFI activation firewalls 197 SIP ALG 168 SSID 96 CBR 85 CCMs 262 Address Resolution Protocol 225 certificate details 217 factory default 212 ADSL compliance 275 Certificate Authority See CA.
Index reset 261 restoring 260 static route 137, 177, 242 Connectivity Check Messages, see CCMs copyright 347 CoS 154 CoS technologies 140 E EAP Authentication 325 ECHO 172 e-mail log example 255 CTS (Clear to Send) 322 encapsulation 71 PPPoA 82 PPPoE 82 CTS threshold 100, 103 encryption 105, 327 creating certificates 213 ESS 320 Extended Service Set IDentification 90, 97 D Extended Service Set, See ESS 320 data fragment threshold 100, 103 DDoS 196 F default server address 168 Denials of Service
Index HTTP 172 L humidity 273 I IANA 308 Internet Assigned Numbers Authority see IANA IBSS 319 IEEE 802.11g 323 IEEE 802.
Index MD 262 P MEP 262 MTU (Multi-Tenant Unit) 85 Pairwise Master Key (PMK) 327, 329 multicast 72 IGMP 72 passwords 29 Multiple BSS, see MBSSID PCR 84 multiplexing 83 LLC-based 83 VC-based 83 Per-Hop Behavior, see PHB 154 PBC 107 PHB 154 PIN, WPS 108 example 109 Ping of Death 196 N Point-to-Point Tunneling Protocol 172 POP3 172 NAT 159, 161, 169, 170, 308 applications 172 IP alias 172 example 171 global 170 IGA 170 ILA 170 inside 170 local 170 outside 170 port forwarding 160 port number 172 s
Index R activation 168 SMTP 172 RADIUS 324 message types 324 messages 324 shared secret key 325 RADIUS server 104 registration product 349 related documentation 3 remote management TR-069 245 Remote Procedure Calls, see RPCs 245 reset 26, 261 restart 261 restoring configuration 260 RFC 2516 275 RFC 3164 227 SNMP 172, 247, 248, 276 agents 248 Get 248 GetNext 248 Manager 248 managers 248 MIB 248 Set 248 Trap 248 versions 247 SNMP trap 172 SPI 196 srTCM 156 SSID 104 activation 96 MBSSID 106 router feature
Index wireless LAN 68 time 251 VBR-RT 85 VCI 83 VDSL 275 VID T Tag Control Information See TCI Tag Protocol Identifier See TPID TCI temperature 273 thresholds data fragment 100, 103 RTS/CTS 100, 103 time 251 Virtual Local Area Network See VLAN VLAN 85 Introduction 85 number of possible VIDs priority frame static VLAN ID 85 VLAN Identifier See VID VLAN tag 85 VPI 83 TPID 85 TR-064 247 TR-069 245 ACS setup 245 authentication 246 trademarks 347 traffic shaping 84 example 84 transparent bridging 276 trTCM
Index channel 102 encryption 105 example 102 fragmentation threshold 100, 103 limitations 105 MAC address filter 97, 104 MBSSID 106 preamble 101, 103 RADIUS server 104 RTS/CTS threshold 100, 103 security 103 SSID 104 activation 96 status 68 WEP 105 WPA 105 WPA-PSK 105 WPS 107, 109 example 110 limitations 112 PIN 108 push button 27, 107 limitations 112 PIN 108 example 109 push button 27, 107 wireless security 323 Wireless tutorial 46 wizard setup Internet 37 WLAN interference 321 security parameters 330 W
Index 358 P-873HNUP-51B User’s Guide
Index P-873HNUP-51B User’s Guide 359
Index 360 P-873HNUP-51B User’s Guide