eircom F1000 modem Wireless N VDSL2 VoIP Combo WAN Gigabit IAD Version 1.00 Edition 1, 6/2013 Quick Start Guide User’s Guide Default Login Details LAN IP Address Login http://192.168.1.254 admin www.zyxel.com Password Default password is the wireless key printed on the back of the Device.
IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Screenshots and graphics in this book may differ slightly from your product due to differences in your product firmware or your computer operating system. Every effort has been made to ensure that the information in this manual is accurate.
Contents Overview Contents Overview User’s Guide .......................................................................................................................................15 Introducing the Device ............................................................................................................................17 The Web Configurator .............................................................................................................................25 Technical Reference ....
Contents Overview Diagnostic .............................................................................................................................................273 Troubleshooting ....................................................................................................................................
Table of Contents Table of Contents Contents Overview ..............................................................................................................................3 Table of Contents .................................................................................................................................5 Part I: User’s Guide ......................................................................................... 15 Chapter 1 Introducing the Device ................................
Table of Contents 3.3.1 The Diagnostic Screens ..........................................................................................................39 Chapter 4 Broadband...........................................................................................................................................41 4.1 Overview ...........................................................................................................................................41 4.1.
Table of Contents 5.10.8 Wireless Distribution System (WDS) .....................................................................................95 5.10.9 WiFi Protected Setup (WPS) .................................................................................................95 Chapter 6 Home Networking .............................................................................................................................103 6.1 Overview ............................................................
Table of Contents 8.4 The Queue Setup Screen ...............................................................................................................138 8.4.1 Adding a QoS Queue ...........................................................................................................139 8.5 The Class Setup Screen .................................................................................................................140 8.5.1 Add/Edit QoS Class ..............................................
Table of Contents 11.1.1 What You Can Do in this Chapter ........................................................................................175 11.2 The Interface Group Screen ..........................................................................................................175 11.2.1 Interface Group Configuration ..............................................................................................176 11.2.2 Interface Grouping Criteria ..................................................
Table of Contents 16.2 The Scheduler Rule Screen ..........................................................................................................201 16.2.1 Add/Edit a Schedule ............................................................................................................202 Chapter 17 Certificates ........................................................................................................................................203 17.1 Overview ..................................
Table of Contents 20.1.1 What You Can Do in this Chapter ........................................................................................229 20.2 The WAN Status Screen ...............................................................................................................229 20.3 The LAN Status Screen .................................................................................................................231 20.4 The NAT Status Screen .................................................
Table of Contents 28.3 The Trust Domain Screen .............................................................................................................250 28.4 The Add Trust Domain Screen ......................................................................................................251 Chapter 29 TR-064................................................................................................................................................253 29.1 Overview ................................
Table of Contents 36.1 Overview .......................................................................................................................................273 36.1.1 What You Can Do in this Chapter ........................................................................................273 36.2 What You Need to Know ...............................................................................................................273 36.3 Ping & TraceRoute & NsLookup .................................
Table of Contents 14 eircom F1000 Modem User’s Guide
P ART I User’s Guide 15
C HAPT ER 1 Introducing the Device 1.1 Overview The Device is a wireless VDSL router and Gigabit Ethernet gateway. It has a DSL port and a Gigabit Ethernet port for super-fast Internet access. The Device supports both Packet Transfer Mode (PTM) and Asynchronous Transfer Mode (ATM). It is backward compatible with ADSL, ADSL2 and ADSL2+ in case VDSL is not available. Only use firmware for your Device’s specific model. Refer to the label on the bottom of your Device.
Chapter 1 Introducing the Device 1.4 Applications for the Device Here are some example uses for which the Device is well suited. 1.4.1 Internet Access Your Device provides shared Internet access by connecting the DSL port to the DSL or MODEM jack on a splitter or your telephone jack. You can have multiple WAN services over one ADSL or VDSL. The Device cannot work in ADSL and VDSL mode at the same time. Note: The ADSL and VDSL lines share the same WAN (layer-2) interfaces that you configure in the Device.
Chapter 1 Introducing the Device 1.4.2 Device’s USB Support The USB port of the Device is used for file-sharing, media server and printer-sharing. File Sharing Use the built-in USB 2.0 port to share files on a USB memory stick or a USB hard drive (B). You can connect one USB hard drive to the Device at a time. Use FTP to access the files on the USB device. Figure 2 USB File Sharing Application B A Media Server You can also use the Device as a media server.
Chapter 1 Introducing the Device Printer Server The Device allows you to share a USB printer on your LAN. You can do this by connecting a USB printer to one of the USB ports on the Device and then configuring a TCP/IP port on the computers connected to your network. Figure 4 Sharing a USB Printer 1.5 LEDs (Lights) The following graphic displays the labels of the LEDs. Figure 5 LEDs on the Device 2.4G 5G None of the LEDs are on if the Device is not receiving power.
Chapter 1 Introducing the Device Table 1 LED Descriptions (continued) LED COLOR STATUS DESCRIPTION Green On The Device has an IP connection but no traffic. INTERNET Your device has a WAN IP address (either static or assigned by a DHCP server), PPP negotiation was successfully completed (if used) and the DSL connection is up. Blinking The Device is sending or receiving IP traffic. Off There is no Internet connection or the gateway is in bridged mode.
Chapter 1 Introducing the Device 1.6 The RESET Button If you forget your password or cannot access the Web Configurator, you will need to use the RESET button at the back of the device to reload the factory-default configuration file. This means that you will lose all configurations that you had previously and the password will be reset to the default password printed on the back of the Device. 1 Make sure the PWR/SYS LED is on (not blinking).
Chapter 1 Introducing the Device 3 Press the WPS button on another WPS-enabled device within range of the Device. The WiFi 2.4G LED flashes orange while the Device sets up a WPS connection with the other wireless device. 4 Once the connection is successfully made, the WiFi 2.4G LED shines green. To turn off the wireless network, press the Wi-Fi button for one to five seconds. The WiFi 2.4G LED turns off when the wireless network is off. 1.
Chapter 1 Introducing the Device 24 5 Push the bracket up to tightly attach it to the Device. 6 Mount the Device on the screws which are already installed on the wall. Make sure that the Device is firmly attached to the screws so it does not fall off.
C HAPT ER 2 The Web Configurator 2.1 Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later versions or Mozilla Firefox 3 and later versions or Safari 2.0 and later versions. The recommended screen resolution is 1024 by 768 pixels. In order to use the web configurator you need to allow: • Web browser pop-up windows from your device.
Chapter 2 The Web Configurator Note: For security reasons, the Device automatically logs you out if you do not use the web configurator for 900 seconds (default). If this happens, log in again. 5 The following screen displays if you have not yet changed your password. It is strongly recommended you change the default password. Enter a new password, retype it to confirm and click Apply; alternatively click Skip to proceed to the main menu if you do not want to change the password now.
Chapter 2 The Web Configurator Figure 10 Connection Status eircom F1000 Modem User’s Guide 27
Chapter 2 The Web Configurator 2.2 Web Configurator Layout Figure 11 Web Configurator Layout Screen A B C As illustrated above, the main screen is divided into these parts: • A - title bar • B - main window • C - navigation panel 2.2.1 Title Bar The title bar shows the following icons in the upper right corner. Click the Help icon to get support on eircom’s website. Click the Logout icon to log out of the web configurator. 2.2.
Chapter 2 The Web Configurator After you click Connection Status, the Connection Status screen is displayed. See Chapter 3 on page 40 for more information. If you click Virtual Device on the Connection Status screen, a visual graphic appears, showing the connection status of the Device’s ports. The connected ports are in color and disconnected ports are gray. Figure 12 Virtual Device 2.2.3 Navigation Panel Use the menu items on the navigation panel to open screens to configure Device features.
Chapter 2 The Web Configurator Table 2 Navigation Panel Summary (continued) LINK Wireless Home Networking Routing QoS 30 TAB FUNCTION General Use this screen to configure the wireless LAN settings and WLAN authentication/security settings. More AP Use this screen to configure multiple BSSs on the Device. MAC Authentication Use this screen to block or allow wireless traffic from wireless devices of certain SSIDs and MAC addresses to the Device.
Chapter 2 The Web Configurator Table 2 Navigation Panel Summary (continued) LINK NAT DNS TAB FUNCTION Port Forwarding Use this screen to make your local servers visible to the outside world. Applications Use this screen to configure servers behind the Device. Port Triggering Use this screen to change your Device’s port triggering settings. DMZ Use this screen to configure a default server which receives packets from ports that are not specified in the Port Forwarding screen.
Chapter 2 The Web Configurator Table 2 Navigation Panel Summary (continued) LINK Traffic Status TAB FUNCTION WAN Use this screen to view the status of all network traffic going through the WAN port of the Device. LAN Use this screen to view the status of all network traffic going through the LAN ports of the Device. NAT Use this screen to view NAT statistics for connected hosts. VoIP Status Use this screen to view VoIP registration, current call statust and phone numbers for the phone ports.
P ART II Technical Reference 33
C HAPT ER 3 Status and Network Map Screens 3.1 Overview After you log into the Web Configurator, the Connection Status screen appears. Use the screen to look at the current status of the Device, system resources, and interfaces (LAN, WAN, and WLAN). Use the Network Map screen to view the network connection status of the Device and clients connected to it. 3.2 The Connection Status Screen Use this screen to view the status of the Device. Click Connection Status to open this screen.
Chapter 3 Status and Network Map Screens Each field is described in the following table. Table 3 Connection Status Screen LABEL DESCRIPTION Refresh Interval Select how often you want the Device to update this screen. Device Information Host Name This field displays the Device system name. It is used for identification. Model Number This shows the model number of your Device. Firmware Version This is the current version of the firmware inside the Device.
Chapter 3 Status and Network Map Screens Table 3 Connection Status Screen (continued) LABEL DESCRIPTION 802.11 Mode This displays the type of 802.11 mode the Device is using in the wireless LAN. WPS This displays whether WPS is activated. Security Firewall This displays the firewall’s current security level. System Status System Up Time This field displays how long the Device has been running since it last started up.
Chapter 3 Status and Network Map Screens to open the diagnostic screens for troubleshooting, see Section 3.3.1 on page 39 for more information. Figure 14 Network Map: Icon View Mode By clicking a client’s name, you can do the following: • Click Info to view information about the client. Select Add device into Static DHCP and click the Static DHCP link to configure a static DHCP client list. See Section 6.3 on page 109 for more information.
Chapter 3 Status and Network Map Screens • Click Parental Control to open the following screen where you can block web sites with specific URLs. • Click Change name/icon if you want to change the name or icon of the client. If you prefer to view the status in a list, click List View in the Viewing mode selection box. You can configure how often you want the Device to update this screen in Refresh interval. Figure 15 Network Map: List View Mode 3.3.
Chapter 3 Status and Network Map Screens • This screen appears when there is no WAN connection. Figure 16 Diagnostic Screen - No DSL Connection • This screen appears when your WAN connection is up but the Device fails to connect to the Internet. Figure 17 Diagnostic Screen - Internet Connection Is Not Working • Click the following link to start a diagnostic test and view the result on the screen.
C HAPT ER 4 Broadband 4.1 Overview This chapter discusses the Device’s Broadband screens. Use these screens to configure your Device for Internet access. A WAN (Wide Area Network) connection is an outside connection to another network or the Internet. It connects your private networks, such as a LAN (Local Area Network) and other networks, so that a computer in one location can communicate with computers in other locations.
Chapter 4 Broadband • Use the Advanced screen to enable or disable PTM over ADSL, Annex M/Annex J, and DSL PhyR functions (Section 4.4 on page 59). • Use the 802.1x screen to view and configure the IEEE 802.1X settings on the Device (Section 4.5 on page 60).
Chapter 4 Broadband If your ISPeircom assigns you a static WAN IP address, they should also assign you the subnet mask and DNS server IP address(es). ATM Asynchronous Transfer Mode (ATM) is a WAN networking technology that provides high-speed data transfer. ATM uses fixed-size packets of information called cells. With ATM, a high QoS (Quality of Service) can be guaranteed.
Chapter 4 Broadband compose the network address. The prefix length is written as “/x” where x is a number. For example, 2001:db8:1a2b:15::1a2f:0/32 means that the first 32 bits (2001:db8) is the subnet prefix. IPv6 Subnet Masking Both an IPv6 address and IPv6 subnet mask compose of 128-bit binary digits, which are divided into eight 16-bit blocks and written in hexadecimal notation. Hexadecimal uses four bits for each character (1 ~ 10, A ~ F).
Chapter 4 Broadband Figure 22 Dual Stack Lite WAN - IPv6 - IPv4 in IPv6 LAN - IPv6 - IPv4 ISP (IPv6) IPv6 IPv6 + IPv4 IPv6 Internet IPv4 in IPv6 AFTR IPv4 Internet 4.1.3 Before You Begin You need to know your Internet access settings such as encapsulation and WAN IP address. Get this information from your ISP. 4.2 The Broadband Screen Use this screen to change your Device’s Internet access settings. Click Network Setting > Broadband from the menu.
Chapter 4 Broadband Table 5 Network Setting > Broadband (continued) LABEL DESCRIPTION 802.1p This indicates the 802.1p priority level assigned to traffic sent through this connection. This displays N/A when there is no priority level assigned. 802.1q This indicates the VLAN ID number assigned to traffic sent through this connection. This displays N/A when there is no VLAN ID number assigned. IGMP Proxy This shows whether the Device act as an IGMP proxy on this connection.
Chapter 4 Broadband 4.2.1 Add/Edit Internet Connection Click Add New WAN Interface in the Broadband screen or the Edit icon next to an existing WAN interface to configure a WAN connection. The screen varies depending on the interface type, mode, encapsulation, and IPv6/IPv4 mode you select. 4.2.1.1 Routing Mode Use Routing mode if eircom give you one IP address only and you want multiple computers to share an Internet account.
Chapter 4 Broadband Table 6 Network Setting > Broadband > Add New WAN Interface/Edit (Routing Mode) (continued) LABEL DESCRIPTION Mode Select Routing if your ISP give you one IP address only and you want multiple computers to share an Internet account. Encapsulation Select the method of encapsulation used by your ISP from the drop-down list box. This option is available only when you select Routing in the Mode field. The choices depend on the connection type you selected.
Chapter 4 Broadband Table 6 Network Setting > Broadband > Add New WAN Interface/Edit (Routing Mode) (continued) LABEL DESCRIPTION Sustainable Cell Rate The Sustainable Cell Rate (SCR) sets the average cell rate (long-term) that can be transmitted. Type the SCR, which must be less than the PCR. Note that system default is 0 cells/sec. This field is available only when you select Non Realtime VBR or Realtime VBR.
Chapter 4 Broadband Table 6 Network Setting > Broadband > Add New WAN Interface/Edit (Routing Mode) (continued) LABEL Gateway IP Address DESCRIPTION Enter the gateway IP address provided by your ISP. Routing Feature (This is available only when you select IPv4 Only or IPv6/IPv4 DualStack in the IPv6/ IPv4 Mode field.) NAT Enable Select this option to activate NAT on this connection.
Chapter 4 Broadband Table 6 Network Setting > Broadband > Add New WAN Interface/Edit (Routing Mode) (continued) LABEL DESCRIPTION IPv6 Address (This is available only when you select IPv6/IPv4 DualStack or IPv6 Only in the IPv6/IPv4 Mode field.) IPv6 Address Select Automatic if you want to have the Device use the IPv6 prefix from the connected router’s Router Advertisement (RA) to generate an IPv6 address.
Chapter 4 Broadband Table 6 Network Setting > Broadband > Add New WAN Interface/Edit (Routing Mode) (continued) LABEL DESCRIPTION WAN Outgoing Default Tag Select Enable and enter a DSCP (DiffServ Code Point) value to have the Device add it in the packets sent by this WAN interface. MTU MTU Size Enter the MTU (Maximum Transfer Unit) size for this traffic. Apply Click Apply to save your changes back to the Device. Cancel Click Cancel to exit this screen without saving. 4.2.1.
Chapter 4 Broadband Table 7 Network Setting > Broadband > Add New WAN Interface/Edit (Bridge Mode) (continued) LABEL DESCRIPTION Active Select this to add the VLAN Tag (specified below) to the outgoing traffic through this connection. 802.1p IEEE 802.1p defines up to 8 separate traffic types by inserting a tag into a MAC-layer frame that contains bits to define class of service. Select the IEEE 802.1p priority level (from 0 to 7) to add to traffic through this connection.
Chapter 4 Broadband Table 8 Network Setting > Broadband > Add New WAN Interface/Edit (ADSL over ATM - Bridge Mode) (continued) LABEL DESCRIPTION Mode Select Bridge when your ISP provides you more than one IP address and you want the connected computers to get individual IP address from ISP’s DHCP server directly. If you select Bridge, you cannot use routing functions, such as QoS, Firewall, DHCP server and NAT on traffic from the selected LAN port(s).
Chapter 4 Broadband Table 8 Network Setting > Broadband > Add New WAN Interface/Edit (ADSL over ATM - Bridge Mode) (continued) LABEL DESCRIPTION QoS Rate Limit Enter the rate limit for the connection. This is the maximum transmission rate allowed for traffic on this connection. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 4.
Chapter 4 Broadband Note: The actual data rate you obtain varies depending the 3G card you use, the signal strength to the service provider’s base station, and so on. Figure 28 Network Setting > Broadband > 3G Backup The following table describes the labels in this screen. Table 9 Network Setting > Broadband > 3G Backup LABEL DESCRIPTION General 3G Backup Select Enable to have the Device use the 3G connection as your WAN or a backup when the wired WAN connection fails.
Chapter 4 Broadband Table 9 Network Setting > Broadband > 3G Backup (continued) LABEL DESCRIPTION Username Type the user name (of up to 64 ASCII printable characters) given to you by your service provider. Password Type the password (of up to 64 ASCII printable characters) associated with the user name above. PIN A PIN (Personal Identification Number) code is a key to a 3G card. Without the PIN code, you cannot use the 3G card.
Chapter 4 Broadband Table 9 Network Setting > Broadband > 3G Backup (continued) LABEL DESCRIPTION Send Notification to Email Notifications are sent to the e-mail address specified in this field. If this field is left blank, notifications cannot be sent via e-mail. Advanced Click this to show the advanced 3G backup settings. Budget Setup Enable Budget Control Select Enable to set a monthly limit for the user account of the installed 3G card. You can set a limit on the total traffic and/or call time.
Chapter 4 Broadband Table 9 Network Setting > Broadband > 3G Backup (continued) LABEL DESCRIPTION Mail Server Select a mail server for the e-mail address specified below. If you do not select a mail server, e-mail notifications cannot be sent via e-mail. You must have configured a mail server already in the Maintenance > Email Notification screen. Over Budget Email Title Type a title that you want to be in the subject line of the e-mail notifications that the Device sends.
Chapter 4 Broadband Table 10 Network Setting > Network Setting > Broadband (continued) LABEL DESCRIPTION PhyR DS Enable or disable PhyR DS (downstream) for downstream transmission from the WAN. PhyR DS should be enabled if data being transmitted downstream is sensitive to noise. However, enabling PhyR DS can decrease the DS line rate. Enabling or disabling PhyR will require the CPE to retrain. For PhyR to function, the DSLAM must also support PhyR and have it enabled.
Chapter 4 Broadband 4.5.1 Edit 802.1X Settings Use this screen to edit 802.1X authentication settings. Click the Edit icon next to the rule you want to edit. The screen shown next appears. Figure 31 Network Setting > Broadband > 802.1x: Edit The following table describes the labels in this screen. Table 12 Network Setting > Broadband > 802.1x: Edit LABEL DESCRIPTION Active This field allows you to activate/deactivate the authentication. Select this to enable the authentication.
Chapter 4 Broadband Encapsulation Be sure to use the encapsulation method required by your ISP. The Device can work in bridge mode or routing mode. When the Device is in routing mode, it supports the following methods. IP over Ethernet IP over Ethernet (IPoE) is an alternative to PPPoE. IP packets are being delivered across an Ethernet network, without using PPP encapsulation.
Chapter 4 Broadband Multiplexing There are two conventions to identify what protocols the virtual circuit (VC) is carrying. Be sure to use the multiplexing method required by your ISP. VC-based Multiplexing In this case, by prior mutual agreement, each protocol is assigned to a specific virtual circuit; for example, VC1 carries IP, etc. VC-based multiplexing may be dominant in environments where dynamic creation of large numbers of ATM VCs is fast and economical.
Chapter 4 Broadband The following figure illustrates the relationship between PCR, SCR and MBS. Figure 32 Example of Traffic Shaping ATM Traffic Classes These are the basic ATM traffic classes defined by the ATM Forum Traffic Management 4.0 Specification. Constant Bit Rate (CBR) Constant Bit Rate (CBR) provides fixed bandwidth that is always available even if no data is being sent. CBR traffic is generally time-sensitive (doesn't tolerate delay).
Chapter 4 Broadband IP Address Assignment A static IP is a fixed IP that your ISP gives you. A dynamic IP is not fixed; the ISP assigns you a different one each time. The Single User Account feature can be enabled or disabled if you have either a dynamic or static IP. However the encapsulation method assigned influences your choices for IP address and default gateway. Introduction to VLANs A Virtual Local Area Network (VLAN) allows a physical network to be partitioned into multiple logical networks.
Chapter 4 Broadband Multicast IP packets are transmitted in either one of two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everybody on the network). Multicast delivers IP packets to a group of hosts on the network - not everybody and not just 1. Internet Group Multicast Protocol (IGMP) is a network-layer protocol used to establish membership in a Multicast group - it is not used to carry user data.
Chapter 4 Broadband compose the network address. The prefix length is written as “/x” where x is a number. For example, 2001:db8:1a2b:15::1a2f:0/32 means that the first 32 bits (2001:db8) is the subnet prefix.
Chapter 4 Broadband 68 eircom F1000 Modem User’s Guide
C HAPT ER 5 Wireless 5.1 Overview This chapter describes the Device’s Network Setting > Wireless screens. Use these screens to set up your Device’s wireless connection. 5.1.1 What You Can Do in this Chapter This section describes the Device’s Wireless screens. Use these screens to set up your Device’s wireless connection. • Use the General screen to enable the Wireless LAN, enter the SSID and select the wireless security mode (Section 5.2 on page 70).
Chapter 5 Wireless 5.1.2 What You Need to Know Wireless Basics “Wireless” is essentially radio communication. In the same way that walkie-talkie radios send and receive information over the airwaves, wireless networking devices exchange information with one another. A wireless networking device is just like a radio that lets your computer exchange information with radios attached to other computers.
Chapter 5 Wireless Click Network Setting > Wireless to open the General screen. Figure 33 Network Setting > Wireless > General The following table describes the general wireless LAN labels in this screen. Table 13 Network Setting > Wireless > General LABEL DESCRIPTION Wireless Network Setup Wireless You can Enable or Disable the wireless LAN in this field. Band This shows the wireless band which this radio profile is using. 2.4GHz is the frequency used by IEEE 802.11b/g/n wireless clients.
Chapter 5 Wireless Table 13 Network Setting > Wireless > General (continued) LABEL DESCRIPTION Channel Set the channel depending on your particular region. Select a channel or use Auto to have the Device automatically determine a channel to use. If you are having problems with wireless interference, changing the channel may help. Try to use a channel that is as many channels away from any channels used by neighboring APs as possible.
Chapter 5 Wireless Table 13 Network Setting > Wireless > General (continued) LABEL DESCRIPTION Security Mode Select Basic (WEP, 802.1X) or More Secure (WPA(2)-PSK, WPA(2)) to add security on this wireless network. The wireless clients which want to associate to this network must have same wireless security settings as the Device. When you select to use a security, additional options appears in this screen.
Chapter 5 Wireless Your Device allows you to configure up to four 64-bit or 128-bit WEP keys but only one key can be enabled at any one time. In order to configure and enable WEP encryption, click Network Setting > Wireless to display the General screen, then select Basic as the security level. Figure 35 Wireless > General: Basic (WEP) The following table describes the labels in this screen.
Chapter 5 Wireless 5.2.3 More Secure (WPA(2)-PSK) The WPA-PSK security mode provides both improved data encryption and user authentication over WEP. Using a Pre-Shared Key (PSK), both the Device and the connecting client share a common password in order to validate the connection. This type of encryption, while robust, is not as strong as WPA, WPA2 or even WPA2-PSK. The WPA2-PSK security mode is a newer, more robust version of the WPA encryption standard.
Chapter 5 Wireless Table 16 Wireless > General: More Secure: WPA(2)-PSK (continued) LABEL DESCRIPTION Encryption Select the encryption type (TKIP, AES or TKIP+AES) for data encryption. Select TKIP if your wireless clients can all use TKIP. Select AES if your wireless clients can all use AES. Select TKIP+AES to allow the wireless clients to use either TKIP or AES. Group Key Update Timer The Group Key Update Timer is the rate at which the RADIUS server sends a new group key out to all clients. 5.2.
Chapter 5 Wireless Table 17 Wireless > General: More Secure: WPA(2) (continued) LABEL DESCRIPTION IP Address Enter the IP address of the external authentication server in dotted decimal notation. Port Number Enter the port number of the external authentication server. The default port number is 1812. You need not change this value unless your network administrator instructs you to do so with additional information.
Chapter 5 Wireless The following table describes the labels in this screen. Table 18 Network Setting > Wireless > More AP LABEL DESCRIPTION # This is the index number of the entry. Status This field indicates whether this SSID is active. A yellow bulb signifies that this SSID is active. A gray bulb signifies that this SSID is not active. SSID An SSID profile is the set of parameters relating to one of the Device’s BSSs.
Chapter 5 Wireless 5.3.1 Edit More AP Use this screen to edit an SSID profile. Click the Edit icon next to an SSID in the More AP screen. The following screen displays. Figure 39 Network Setting > Wireless > More AP > Edit The following table describes the fields in this screen. Table 19 Network Setting > Wireless > More AP > Edit LABEL DESCRIPTION Wireless Network Setup Wireless You can Enable or Disable the wireless LAN in this field. Passphrase Type Passphrase type cannot be changed.
Chapter 5 Wireless Table 19 Network Setting > Wireless > More AP > Edit (continued) LABEL DESCRIPTION Max clients Specify the maximum number of clients that can connect to this network at the same time. Hide SSID Select this check box to hide the SSID in the outgoing beacon frame so a station cannot obtain the SSID through scanning using a site survey tool. Enhanced Multicast Forwarding Select this check box to allow the Device to convert wireless multicast traffic into wireless unicast traffic.
Chapter 5 Wireless Table 19 Network Setting > Wireless > More AP > Edit (continued) LABEL DESCRIPTION Security Level Security Mode Select Basic (WEP, 802.1X) or More Secure (WPA(2)-PSK, WPA(2)) to add security on this wireless network. The wireless clients which want to associate to this network must have same wireless security settings as the Device. After you select to use a security, additional options appears in this screen.
Chapter 5 Wireless Table 20 Wireless > MAC Authentication (continued) LABEL DESCRIPTION Add new MAC address Click this if you want to add a new MAC address entry to the MAC filter list below. Enter the MAC addresses of the wireless devices that are allowed or denied access to the Device in these address fields. Enter the MAC addresses in a valid MAC address format, that is, six hexadecimal character pairs, for example, 12:34:56:78:9a:bc. # This is the index number of the entry.
Chapter 5 Wireless The following table describes the labels in this screen. Table 21 Network Setting > Wireless > WPS LABEL DESCRIPTION WPS Select Enable to activate WPS on the Device. Method 1 Use this section to set up a WPS wireless network using Push Button Configuration (PBC). Connect Click this button to add another WPS-enabled wireless device (within wireless range of the Device) to your wireless network.
Chapter 5 Wireless The following table describes the labels in this screen. Table 22 Network Setting > Wireless > WMM LABEL DESCRIPTION WMM Select On to have the Device automatically give a service a priority level according to the ToS value in the IP header of packets it sends. WMM QoS (Wifi MultiMedia Quality of Service) gives high priority to voice and video, which makes them run more smoothly.
Chapter 5 Wireless Click Network Setting > Wireless > WDS. The following screen displays. Figure 43 Network Setting > Wireless > WDS The following table describes the labels in this screen. Table 23 Network Setting > Wireless > WDS LABEL DESCRIPTION Wireless Bridge Setup AP Mode Select the operating mode for your Device. • • Bridge Restrict Access Point - The Device functions as a bridge and access point simultaneously.
Chapter 5 Wireless 5.7.1 WDS Scan You can click the Scan icon in Wireless > WDS to have the Device automatically search and display the available APs within range. Select an AP and click Apply to have the Device establish a wireless link with the selected wireless device. Figure 44 WDS: Scan The following table describes the labels in this screen. Table 24 WDS: Scan LABEL DESCRIPTION Wireless Bridge Scan Setup Refresh Click Refresh to update the table. # This is the index number of the entry.
Chapter 5 Wireless See Section 5.10.2 on page 91 for detailed definitions of the terms listed in this screen. Figure 45 Network Setting > Wireless > Others The following table describes the labels in this screen. Table 25 Network Setting > Wireless > Others LABEL DESCRIPTION RTS/CTS Threshold Data with its frame size larger than this value will perform the RTS (Request To Send)/CTS (Clear To Send) handshake. Enter a value between 0 and 2347.
Chapter 5 Wireless Table 25 Network Setting > Wireless > Others (continued) LABEL DESCRIPTION 802.11 Mode Select 802.11b Only to allow only IEEE 802.11b compliant WLAN devices to associate with the Device. Select 802.11g Only to allow only IEEE 802.11g compliant WLAN devices to associate with the Device. Select 802.11n Only to allow only IEEE 802.11n compliant WLAN devices to associate with the Device. Select 802.11b/g Mixed to allow either IEEE 802.11b or IEEE 802.
Chapter 5 Wireless 5.9 The Channel Status Screen Use the Channel Status screen to scan wireless LAN channel noises and view the results. Click Network Setting > Wireless > Channel Status. The screen appears as shown. Click Scan to scan the wireless LAN channels. You can view the results in the Channel Scan Result section. Figure 46 Network Setting > Wireless > Channel Status 5.10 Technical Reference This section discusses wireless LANs in depth. For more information, see Appendix D on page 325. 5.10.
Chapter 5 Wireless • An “infrastructure” type of network has one or more access points and one or more wireless clients. The wireless clients connect to the access points. • An “ad-hoc” type of network is one in which there is no access point. Wireless clients connect to one another in order to exchange information. The following figure provides an example of a wireless network. Figure 47 Example of a Wireless Network The wireless network is the part in the blue circle.
Chapter 5 Wireless variety of networks to exist in the same place without interfering with one another. When you create a network, you must select a channel to use. Since the available unlicensed spectrum varies from one country to another, the number of available channels also varies. 5.10.2 Additional Wireless Terms The following table describes some wireless network terms and acronyms used in the Device’s Web Configurator.
Chapter 5 Wireless Because of the damage that can be done by a malicious attacker, it’s not just people who have sensitive information on their network who should use security. Everybody who uses any wireless network should ensure that effective security is in place. A good way to come up with effective security keys, passwords and so on is to use obscure information that you personally will easily remember, and to enter it in a way that appears random and does not include real words.
Chapter 5 Wireless wireless users to get a valid user name and password. Then, they can use that user name and password to use the wireless network. 5.10.3.4 Encryption Wireless networks can use encryption to protect the information that is sent in the wireless network. Encryption is like a secret code. If you do not know the secret code, you cannot understand the message. The types of encryption you can choose depend on the type of authentication. (See Section 5.10.3.
Chapter 5 Wireless coincidental emitters such as electric motors or microwaves. Problems with absorption occur when physical objects (such as thick walls) are between the two radios, muffling the signal. 5.10.5 BSS A Basic Service Set (BSS) exists when all communications between wireless stations or between a wireless station and a wired network client go through one access point (AP). Intra-BSS traffic is traffic between wireless stations in the BSS.
Chapter 5 Wireless • You must use different keys for different BSSs. If two wireless devices have different BSSIDs (they are in different BSSs), but have the same keys, they may hear each other’s communications (but not communicate with each other). • MBSSID should not replace but rather be used in conjunction with 802.1x security. 5.10.7 Preamble Type Preamble is used to signal that data is coming to the receiver. Short and long refer to the length of the synchronization field in a packet.
Chapter 5 Wireless WPS allows you to quickly set up a wireless network with strong security, without having to configure security settings manually. Each WPS connection works between two devices. Both devices must support WPS (check each device’s documentation to make sure).
Chapter 5 Wireless 1 Ensure WPS is enabled on both devices. 2 Access the WPS section of the AP’s configuration interface. See the device’s User’s Guide for how to do this. 3 Look for the client’s WPS PIN; it will be displayed either on the device, or in the WPS section of the client’s configuration interface (see the device’s User’s Guide for how to find the WPS PIN - for the Device, see Section 5.5 on page 82). 4 Enter the client’s PIN in the AP’s configuration interface.
Chapter 5 Wireless The following figure shows a WPS-enabled wireless client (installed in a notebook computer) connecting to the WPS-enabled AP via the PIN method. Figure 50 Example WPS Process: PIN Method ENROLLEE REGISTRAR WPS This device’s WPS PIN: 123456 WPS Enter WPS PIN from other device: WPS START WPS START WITHIN 2 MINUTES SECURE EAP TUNNEL SSID WPA(2)-PSK COMMUNICATION 5.10.9.3 How WPS Works When two WPS-enabled devices connect, each device must assume a specific role.
Chapter 5 Wireless The following figure shows a WPS-enabled client (installed in a notebook computer) connecting to a WPS-enabled access point. Figure 51 How WPS works ACTIVATE WPS ACTIVATE WPS WITHIN 2 MINUTES WPS HANDSHAKE ENROLLEE REGISTRAR SECURE TUNNEL SECURITY INFO COMMUNICATION The roles of registrar and enrollee last only as long as the WPS setup process is active (two minutes). The next time you use WPS, a different device can be the registrar if necessary.
Chapter 5 Wireless is the registrar, and Client 1 is the enrollee. The registrar randomly generates the security information to set up the network, since it is unconfigured and has no existing information. Figure 52 WPS: Example Network Step 1 ENROLLEE REGISTRAR SECURITY INFO AP1 CLIENT 1 In step 2, you add another wireless client to the network.
Chapter 5 Wireless In step 3, you add another access point (AP2) to your network. AP2 is out of range of AP1, so you cannot use AP1 for the WPS handshake with the new access point. However, you know that Client 2 supports the registrar function, so you use it to perform the WPS handshake instead. Figure 54 WPS: Example Network Step 3 EXISTING CONNECTION CLIENT 1 E CO ING T XIS ION CT E NN AP1 REGISTRAR CLIENT 2 SE CU RIT Y ENROLLEE INF O AP2 5.10.9.
Chapter 5 Wireless • When you use the PBC method, there is a short period (from the moment you press the button on one device to the moment you press the button on the other device) when any WPS-enabled device could join the network. This is because the registrar has no way of identifying the “correct” enrollee, and cannot differentiate between your enrollee and a rogue device. This is a possible way for a hacker to gain access to a network. You can easily check to see if this has happened.
C HAPT ER 6 Home Networking 6.1 Overview A Local Area Network (LAN) is a shared communication system to which many networking devices are connected. It is usually located in one immediate area such as a building or floor of a building. Use the LAN screens to help you configure a LAN DHCP server and manage IP addresses. LAN DSL 6.1.1 What You Can Do in this Chapter • Use the LAN Setup screen to set the LAN IP address, subnet mask, and DHCP settings of your Device (Section 6.2 on page 105).
Chapter 6 Home Networking 6.1.2 What You Need To Know 6.1.2.1 About LAN IP Address IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet Mask Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
Chapter 6 Home Networking • Assigning lease times to mappings Windows Messenger is an example of an application that supports NAT traversal and UPnP. See the Chapter 9 on page 153 for more information on NAT. Cautions with UPnP The automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues. Network information and configuration may also be obtained and modified by users in some network environments.
Chapter 6 Home Networking 3 Click Apply to save your settings. Figure 55 Network Setting > Home Networking > LAN Setup The following table describes the fields in this screen. Table 28 Network Setting > Home Networking > LAN Setup LABEL DESCRIPTION Interface Group Group Name Select the interface group name for which you want to configure LAN settings. See Chapter 11 on page 175 for how to create a new interface group.
Chapter 6 Home Networking Table 28 Network Setting > Home Networking > LAN Setup (continued) LABEL DESCRIPTION IPv4 Address Enter the IPv4 IP address of the actual remote DHCP server in this field. IP Addressing Values This field is only available when you select Enable in the DHCP field. Beginning IP Address This field specifies the first of the contiguous addresses in the IP address pool. Ending IP Address This field specifies the last of the contiguous addresses in the IP address pool.
Chapter 6 Home Networking Table 28 Network Setting > Home Networking > LAN Setup (continued) LABEL DESCRIPTION MLD Snooping Multicast Listener Discovery (MLD) allows an IPv6 switch or router to discover the presence of MLD hosts who wish to receive multicast packets and the IP addresses of multicast groups the hosts want to join on its network. Select Enable MLD Snooping to activate MLD Snooping on the Device.
Chapter 6 Home Networking 6.3 The Static DHCP Screen This table allows you to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses. Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. Use this screen to change your Device’s static DHCP settings.
Chapter 6 Home Networking If you click Add new static lease in the Static DHCP screen or the Edit icon next to a static DHCP entry, the following screen displays. Figure 57 Static DHCP: Add/Edit The following table describes the labels in this screen. Table 30 Static DHCP: Add/Edit LABEL DESCRIPTION Active Select this to activate the connection between the client and the Device. Group Name Select the interface group name for which you want to configure static DHCP settings.
Chapter 6 Home Networking Use the following screen to configure the UPnP settings on your Device. Click Network Setting > Home Networking > UPnP to display the screen shown next. Figure 58 Network Setting > Home Networking > UPnP The following table describes the labels in this screen. Table 31 Network Setting > Home Networking > UPnP LABEL DESCRIPTION UPnP Select Enable to activate UPnP.
Chapter 6 Home Networking 1 Click Start and Control Panel. Double-click Add/Remove Programs. 2 Click on the Windows Setup tab and select Communication in the Components selection box. Click Details.
Chapter 6 Home Networking 3 In the Communications window, select the Universal Plug and Play check box in the Components selection box. Add/Remove Programs: Windows Setup: Communication: Components 4 Click OK to go back to the Add/Remove Programs Properties window and click Next. 5 Restart the computer when prompted. Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. 1 Click Start and Control Panel. 2 Double-click Network Connections.
Chapter 6 Home Networking 4 The Windows Optional Networking Components Wizard window displays. Select Networking Service in the Components selection box and click Details. Windows Optional Networking Components Wizard 5 In the Networking Services window, select the Universal Plug and Play check box. Networking Services 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. 6.
Chapter 6 Home Networking Make sure the computer is connected to a LAN port of the Device. Turn on your computer and the Device. Auto-discover Your UPnP-enabled Network Device 1 Click Start and Control Panel. Double-click Network Connections. An icon displays under Internet Gateway. 2 Right-click the icon and select Properties. Network Connections 3 In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created.
Chapter 6 Home Networking 4 You may edit or delete the port mappings or click Add to manually add port mappings. Internet Connection Properties: Advanced Settings Internet Connection Properties: Advanced Settings: Add 5 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. 6 Select Show icon in notification area when connected option and click OK. An icon displays in the system tray.
Chapter 6 Home Networking 7 Double-click on the icon to display your current Internet connection status. Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the Device without finding out the IP address of the Device first. This comes helpful if you do not know the IP address of the Device. Follow the steps below to access the web configurator. 1 Click Start and then Control Panel. 2 Double-click Network Connections.
Chapter 6 Home Networking 3 Select My Network Places under Other Places. Network Connections 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click on the icon for your Device and select Invoke. The web configurator login screen displays.
Chapter 6 Home Networking 6 Right-click on the icon for your Device and select Properties. A properties window displays with basic information about the Device.
Chapter 6 Home Networking 6.7 The Additional Subnet Screen Use the Additional Subnet screen to configure IP alias and public static IP. IP alias allows you to partition a physical network into different logical networks over the same Ethernet interface. The Device supports multiple logical LAN interfaces via its physical Ethernet interface with the Device itself as the gateway for the LAN network.
Chapter 6 Home Networking Table 32 Network Setting > Home Networking > Additional Subnet (continued) LABEL DESCRIPTION Offer Public IP by DHCP Select the checkbox to enable the Device to provide public IP addresses by DHCP server. Enable ARP Proxy Select the checkbox to enable the ARP (Address Resolution Protocol) proxy. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 6.
Chapter 6 Home Networking Note: The Device needs to restart to make the role change take effect. Figure 61 Network Setting > Home Networking > 5th Ethernet Port The following table describes the labels in this screen. Table 34 Network Setting > Home Networking > 5th Ethernet Port LABEL DESCRIPTION State Select Enable to use the Ethernet WAN port as a LAN port on the Device. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 6.
Chapter 6 Home Networking The following table describes the labels in this screen. Table 35 Network Setting > Home Networking > LAN VLAN LABEL DESCRIPTION Lan Port These represent the Device’s LAN ports. Tag Operation Select what you want the Device to do to the IEEE 802.1q VLAN ID and priority tags of downstream traffic before sending it out through this LAN port. • • • • Unchange - Don’t do anything to the traffic’s VLAN ID and priority tags. Add - Add VLAN ID and priority tags to untagged traffic.
Chapter 6 Home Networking 6.12 Technical Reference This section provides some technical background information about the topics covered in this chapter. 6.12.1 LANs, WANs and the Device The actual physical connection determines whether the Device ports are LAN or WAN ports. There are two separate IP networks, one inside the LAN network and the other outside the WAN network as shown next. Figure 64 LAN and WAN IP Addresses LAN WAN 6.12.
Chapter 6 Home Networking • Some ISPs choose to disseminate the DNS server addresses using the DNS server extensions of IPCP (IP Control Protocol) after the connection is up. If your ISP did not give you explicit DNS servers, chances are the DNS servers are conveyed through IPCP negotiation. The Device supports the IPCP DNS server extensions through the DNS proxy feature. Please note that DNS proxy works only when the ISP uses the IPCP DNS server extensions.
Chapter 6 Home Networking You can obtain your IP address from the IANA, from an ISP or it can be assigned from a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks. On the other hand, if you are part of a much larger organization, you should consult your network administrator for the appropriate IP addresses.
C HAPT ER 7 Routing 7.1 Overview The Device usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the Device send data to devices not reachable through the default gateway, use static routes. For example, the next figure shows a computer (A) connected to the Device’s LAN interface. The Device routes most traffic from A to the Internet through the Device’s default gateway (R1).
Chapter 7 Routing 7.2 The Routing Screen Use this screen to view and configure the static route rules on the Device. Click Network Setting > Routing > Static Route to open the following screen. Figure 66 Network Setting > Routing > Static Route The following table describes the labels in this screen. Table 37 Network Setting > Routing > Static Route LABEL DESCRIPTION Add new static route Click this to configure a new static route. # This is the index number of the entry.
Chapter 7 Routing 7.2.1 Add/Edit Static Route Use this screen to add or edit a static route. Click Add new static route in the Routing screen or the Edit icon next to the static route you want to edit. The screen shown next appears. Figure 67 Routing: Add/Edit The following table describes the labels in this screen. Table 38 Routing: Add/Edit LABEL DESCRIPTION Active This field allows you to activate/deactivate this static route. Select this to enable the static route.
Chapter 7 Routing 7.3 The DNS Route Screen Use this screen to view and configure DNS routes on the Device. Click Network Setting > Routing > DNS Route to open the following screen. Figure 68 Network Setting > Routing > DNS Route The following table describes the labels in this screen. Table 39 Network Setting > Routing > DNS Route LABEL DESCRIPTION Add new DNS Route Click this to add a new DNS route. # This is the index number of a DNS route.
Chapter 7 Routing The following table describes the labels in this screen. Table 40 DNS Route Add LABEL DESCRIPTION Domain Name Enter the domain name of the DNS route entry. Interface Select the WAN connection through which the Device forwards DNS requests for this domain name. Subnet Mask Enter the subnet mask of the DNS route entry. OK Click this to save your changes. Cancel Click this to exit this screen without saving any changes. 7.
Chapter 7 Routing Table 41 Network Setting > Routing >Policy Forwarding (continued) LABEL DESCRIPTION WAN This is the WAN interface through which the traffic is routed. Modify Click the Edit icon to edit this policy. Click the Delete icon to remove a policy from the Device. A window displays asking you to confirm that you want to delete the policy. 7.4.1 Add/Edit Policy Forwarding Click Add new Policy Forward Rule in the Policy Forwarding screen or click the Edit icon next to a policy.
Chapter 7 Routing 7.5 RIP Routing Information Protocol (RIP, RFC 1058 and RFC 1389) allows a device to exchange routing information with other routers. 7.5.1 The RIP Screen Click Network Setting > Routing > RIP to open the RIP screen. Figure 72 RIP The following table describes the labels in this screen. Table 43 RIP LABEL DESCRIPTION # This is the index of the interface in which the RIP setting is used. Interface This is the name of the interface in which the RIP setting is used.
Chapter 7 Routing 134 eircom F1000 Modem User’s Guide
C HAPT ER 8 Quality of Service (QoS) 8.1 Overview Quality of Service (QoS) refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. Without QoS, all traffic data is equally likely to be dropped when the network is congested. This can cause a reduction in network performance and make the network inadequate for time-critical application such as video-ondemand.
Chapter 8 Quality of Service (QoS) similar types of traffic together and treating each type as a class. You can use CoS to give different priorities to different packet types. CoS technologies include IEEE 802.1p layer 2 tagging and DiffServ (Differentiated Services or DS). IEEE 802.1p tagging makes use of three bits in the packet header, while DiffServ is a new protocol and defines a new DS field, which replaces the eight-bit ToS (Type of Service) field in the IP header.
Chapter 8 Quality of Service (QoS) which are performed on the colored packets. See Section 8.8 on page 148 for more information on each metering algorithm. 8.3 The Quality of Service General Screen Click Network Setting > QoS > General to open the screen as shown next. Use this screen to enable or disable QoS and set the upstream bandwidth. See Section 8.1 on page 135 for more information. Figure 73 Network Settings > QoS > General The following table describes the labels in this screen.
Chapter 8 Quality of Service (QoS) Table 44 Network Setting > QoS > General (continued) (continued) LABEL DESCRIPTION LAN Managed Downstream Bandwidth Enter the amount of downstream bandwidth for the LAN interfaces (including WLAN) that you want to allocate using QoS. The recommendation is to set this speed to match the WAN interfaces’ actual transmission speed. For example, set the LAN managed downstream bandwidth to 100000 kbps if you use a 100 Mbps wired Ethernet WAN connection.
Chapter 8 Quality of Service (QoS) The following table describes the labels in this screen. Table 45 Network Setting > QoS > Queue Setup LABEL DESCRIPTION Add new Queue Click this button to create a new queue entry. # This is the index number of the entry. Status This field displays whether the queue is active or not. A yellow bulb signifies that this queue is active. A gray bulb signifies that this queue is not active. Click the bulb to enable/disable this queue.
Chapter 8 Quality of Service (QoS) Table 46 Queue Setup: Add (continued) LABEL DESCRIPTION Priority Select the priority level (from 1 to 7) of this queue. The smaller the number, the higher the priority level. Traffic assigned to higher priority queues gets through faster while traffic in lower priority queues is dropped if the network is congested. Weight Select the weight (from 1 to 8) of this queue.
Chapter 8 Quality of Service (QoS) Table 47 Network Setting > QoS > Class Setup (continued) LABEL DESCRIPTION Status This field displays whether the classifier is active or not. A yellow bulb signifies that this classifier is active. A gray bulb signifies that this classifier is not active. Click the bulb to enable/disable the classifier. Class Name This is the name of the classifier.
Chapter 8 Quality of Service (QoS) 8.5.1 Add/Edit QoS Class Click Add new Classifier in the Class Setup screen or the Edit icon next to a classifier to open the following screen.
Chapter 8 Quality of Service (QoS) The following table describes the labels in this screen. Table 48 Class Setup: Add/Edit LABEL DESCRIPTION Active Select this to enable this classifier. Class Name Enter a descriptive name of up to 15 printable English keyboard characters, not including spaces. Classification Order Select an existing number for where you want to put this classifier to move the classifier to the number you selected after clicking Apply.
Chapter 8 Quality of Service (QoS) Table 48 Class Setup: Add/Edit (continued) LABEL Service DESCRIPTION This field is available only when you select IP in the Ether Type field. This field simplifies classifier configuration by allowing you to select a predefined application. When you select a predefined application, you do not configure the rest of the filter fields. IP Protocol This field is available only when you select IP in the Ether Type field.
Chapter 8 Quality of Service (QoS) Table 48 Class Setup: Add/Edit (continued) LABEL DESCRIPTION To Queue Index Select a queue that applies to this class. You should have configured a queue in the Queue Setup screen already. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 8.6 The QoS Policer Setup Screen Use this screen to configure QoS policers that allow you to limit the transmission rate of incoming traffic.
Chapter 8 Quality of Service (QoS) 8.6.1 Add/Edit a QoS Policer Click Add new Policer in the Policer Setup screen or the Edit icon next to a policer to show the following screen. Figure 79 Policer Setup: Add/Edit The following table describes the labels in this screen. Table 50 Policer Setup: Add/Edit LABEL DESCRIPTION Active Select the check box to activate this policer. Name Enter the descriptive name of this policer. Meter Type This shows the traffic metering algorithm used in this policer.
Chapter 8 Quality of Service (QoS) Table 50 Policer Setup: Add/Edit LABEL DESCRIPTION Conforming Action Specify what the Device does for packets within the committed rate and burst size (greenmarked packets). • • Pass: Send the packets without modification. DSCP Mark: Change the DSCP mark value of the packets. Enter the DSCP mark value to use. NonConforming Action Specify what the Device does for packets that exceed the excess burst size or peak rate and burst size (red-marked packets).
Chapter 8 Quality of Service (QoS) The following table describes the labels in this screen. Table 51 Network Setting > QoS > Monitor LABEL DESCRIPTION Refresh Interval Enter how often you want the Device to update this screen. Select No Refresh to stop refreshing statistics. Interface Monitor # This is the index number of the entry. Name This shows the name of the interface on the Device. Pass Rate This shows how many packets forwarded to this interface has been transmitted successfully.
Chapter 8 Quality of Service (QoS) Table 52 IEEE 802.1p Priority Level and Traffic Type PRIORITY LEVEL TRAFFIC TYPE Level 1 This is typically used for non-critical “background” traffic such as bulk transfers that are allowed but that should not affect other applications and users. Level 0 Typically used for best-effort traffic. DiffServ QoS is used to prioritize source-to-destination traffic flows. All packets in the flow are given the same priority.
Chapter 8 Quality of Service (QoS) The following table shows you the internal layer-2 and layer-3 QoS mapping on the Device. On the Device, traffic assigned to higher priority queues gets through faster while traffic in lower index queues is dropped if the network is congested. Table 53 Internal Layer2 and Layer3 QoS Mapping LAYER 2 LAYER 3 PRIORITY QUEUE IEEE 802.
Chapter 8 Quality of Service (QoS) • If there are no tokens in the bucket, the Device stops transmitting until enough tokens are generated. • If not enough tokens are available, the Device treats the packet in either one of the following ways: In traffic shaping: • Holds it in the queue until enough tokens are available in the bucket. In traffic policing: • Drops it. • Transmits it but adds a DSCP mark. The Device may drop these marked packets if the network is overloaded.
Chapter 8 Quality of Service (QoS) on the guaranteed and maximum bandwidth respectively as negotiated between a service provider and client. The trTCM evaluates incoming packets and marks them with one of three colors which refer to packet loss priority levels. High packet loss priority level is referred to as red, medium is referred to as yellow and low is referred to as green. The trTCM is based on the token bucket filter and has two token buckets (Committed Burst Size (CBS) and Peak Burst Size (PBS)).
C HAPT ER 9 Network Address Translation (NAT) 9.1 Overview This chapter discusses how to configure NAT on the Device. NAT (Network Address Translation NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network. 9.1.
Chapter 9 Network Address Translation (NAT) NAT In the simplest form, NAT changes the source IP address in a packet received from a subscriber (the inside local address) to another (the inside global address) before forwarding the packet to the WAN side. When the response comes back, NAT translates the destination address (the inside global address) back to the inside local address before forwarding it to the original inside host.
Chapter 9 Network Address Translation (NAT) third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 81 Multiple Servers Behind NAT Example A=192.168.1.33 LAN WAN B=192.168.1.34 192.168.1.1 IP Address assigned by ISP C=192.168.1.3 D=192.168.1.36 Click Network Setting > NAT > Port Forwarding to open the following screen.
Chapter 9 Network Address Translation (NAT) Table 54 Network Setting > NAT > Port Forwarding (continued) LABEL DESCRIPTION Protocol This shows the IP protocol supported by this virtual server, whether it is TCP, UDP, or TCP/ UDP. Modify Click the Edit icon to edit this rule. Click the Delete icon to delete an existing rule. 9.2.1 Add/Edit Port Forwarding Click Add new rule in the Port Forwarding screen or click the Edit icon next to an existing rule to open the following screen.
Chapter 9 Network Address Translation (NAT) Table 55 Port Forwarding: Add/Edit (continued) LABEL DESCRIPTION Start Port Enter the original destination port for the packets. To forward only one port, enter the port number again in the End Port field. To forward a series of ports, enter the start port number here and the end port number in the End Port field. End Port Enter the last port of the original destination port range.
Chapter 9 Network Address Translation (NAT) The following table describes the labels in this screen. Table 56 Network Setting > NAT > Applications LABEL DESCRIPTION Add new application Click this to add a new NAT application rule. Application Forwarded This field shows the type of application that the service forwards. WAN Interface This field shows the WAN interface through which the service is forwarded. Server IP Address This field displays the destination IP address for the service.
Chapter 9 Network Address Translation (NAT) 9.4 The Port Triggering Screen Some services use a dedicated range of ports on the client side and a dedicated range of ports on the server side. With regular port forwarding you set a forwarding port in NAT to forward a service (coming in from the server on the WAN) to the IP address of a computer on the client side (LAN). The problem is that port forwarding only forwards a service to a single LAN IP address.
Chapter 9 Network Address Translation (NAT) The following table describes the labels in this screen. Table 58 Network Setting > NAT > Port Triggering LABEL DESCRIPTION Add new rule Click this to create a new rule. # This is the index number of the entry. Status This field displays whether the port triggering rule is active or not. A yellow bulb signifies that this rule is active. A gray bulb signifies that this rule is not active.
Chapter 9 Network Address Translation (NAT) The following table describes the labels in this screen. Table 59 Port Triggering: Configuration Add/Edit LABEL DESCRIPTION Active Select the check box to enable this rule. Service Name Enter a name to identify this rule using keyboard characters (A-Z, a-z, 1-2 and so on). WAN Interface Select a WAN interface for which you want to configure port triggering rules.
Chapter 9 Network Address Translation (NAT) The following table describes the fields in this screen. Table 60 Network Setting > NAT > DMZ LABEL DESCRIPTION Default Server Address Enter the IP address of the default server which receives packets from ports that are not specified in the NAT Port Forwarding screen. Note: If you do not assign a Default Server Address, the Device discards all packets received for ports that are not specified in the NAT Port Forwarding screen.
Chapter 9 Network Address Translation (NAT) 9.7 The Address Mapping Screen Ordering your rules is important because the Device applies the rules in the order that you specify. When a rule matches the current packet, the Device takes the corresponding action and the remaining rules are ignored. Click Network Setting > NAT > Address Mapping to display the following screen. Figure 91 Network Setting > NAT > Address Mapping The following table describes the fields in this screen.
Chapter 9 Network Address Translation (NAT) 9.7.1 Add/Edit Address Mapping Rule To add or edit an address mapping rule, click Add new rule or the rule’s edit icon in the Address Mapping screen to display the screen shown next. Figure 92 Address Mapping: Add/Edit The following table describes the fields in this screen. Table 63 Address Mapping: Add/Edit LABEL DESCRIPTION Type Choose the IP/port mapping type from one of the following.
Chapter 9 Network Address Translation (NAT) 9.8 The Sessions Screen Use this screen to limit the number of concurrent NAT sessions a client can use. Click Network Setting > NAT > Sessions to display the following screen. Figure 93 Network Setting > NAT > Sessions The following table describes the fields in this screen. Table 64 Network Setting > NAT > Sessions LABEL DESCRIPTION WAX NAT Session Per Host Use this field to set a limit to the number of concurrent NAT sessions each client host can have.
Chapter 9 Network Address Translation (NAT) Note that inside/outside refers to the location of a host, while global/local refers to the IP address of a host used in a packet. Thus, an inside local address (ILA) is the IP address of an inside host in a packet when the packet is still in the local network, while an inside global address (IGA) is the IP address of the same inside host when the packet is on the WAN side. The following table summarizes this information.
Chapter 9 Network Address Translation (NAT) 9.9.3 How NAT Works Each packet has two addresses – a source address and a destination address. For outgoing packets, the ILA (Inside Local Address) is the source address on the LAN, and the IGA (Inside Global Address) is the source address on the WAN. For incoming packets, the ILA is the destination address on the LAN, and the IGA is the destination address on the WAN.
Chapter 9 Network Address Translation (NAT) 9.9.4 NAT Application The following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP alias) behind the Device can communicate with three distinct WAN networks. Figure 95 NAT Application With IP Alias Port Forwarding: Services and Port Numbers The most often used port numbers are shown in the following table. Please refer to RFC 1700 for further information about port numbers.
Chapter 9 Network Address Translation (NAT) Port Forwarding Example Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 96 Multiple Servers Behind NAT Example A=192.168.1.33 192.168.1.1 B=192.168.1.
Chapter 9 Network Address Translation (NAT) 170 eircom F1000 Modem User’s Guide
C HAPTER 10 Dynamic DNS Setup 10.1 Overview DNS DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a machine before you can access it. In addition to the system DNS server(s), each WAN interface (service) is set to have its own static or dynamic DNS server list.
Chapter 10 Dynamic DNS Setup 10.1.2 What You Need To Know DYNDNS Wildcard Enabling the wildcard feature for your host causes *.yourhost.dyndns.org to be aliased to the same IP address as yourhost.dyndns.org. This feature is useful if you want to be able to use, for example, www.yourhost.dyndns.org and still reach your hostname. If you have a private WAN IP address, then you cannot use Dynamic DNS. 10.2 The DNS Entry Screen Use this screen to view and configure DNS routes on the Device.
Chapter 10 Dynamic DNS Setup 10.2.1 Add/Edit DNS Entry You can manually add or edit the Device’s DNS name and IP address entry. Click Add new DNS entry in the DNS Entry screen or the Edit icon next to the entry you want to edit. The screen shown next appears. Figure 98 DNS Entry: Add/Edit The following table describes the labels in this screen. Table 68 DNS Entry: Add/Edit LABEL DESCRIPTION Host Name Enter the host name of the DNS entry. IPv4 Address Enter the IPv4 IP address of the DNS entry.
Chapter 10 Dynamic DNS Setup The following table describes the fields in this screen. Table 69 Network Setting > DNS > > Dynamic DNS LABEL DESCRIPTION Dynamic DNS Setup Dynamic DNS Select Enable to use dynamic DNS. Service Provider Select your Dynamic DNS service provider from the drop-down list box. Hostname Type the domain name assigned to your Device by your Dynamic DNS provider. You can specify up to two host names in the field separated by a comma (","). Username Type your user name.
C HAPTER 11 Interface Group 11.1 Overview By default, all LAN and WAN interfaces on the Device are in the same group and can communicate with each other. Create interface groups to have the Device assign the IP addresses in different domains to different groups. Each group acts as an independent network on the Device. This lets devices connected to an interface group’s LAN interfaces communicate through the interface group’s WAN or LAN interfaces but not other WAN or LAN interfaces. 11.1.
Chapter 11 Interface Group In the following example, the client that sends packets with the DHCP Vendor ID option set to MSFT 5.0 (meaning it is a Windows 2000 DHCP client) is assigned the IP address 192.168.2.2 and uses the WAN VDSL_PoE/ppp0.1 interface. Figure 100 Interface Grouping Application Default: ETH 2~4 192.168.1.x/24 eth10.0 Internet VDSL_PoE/ppp0.1 192.168.2.x/24 DHCP Vendor ID option: MSFT 5.0 Click Network Setting > Interface Group to open the following screen.
Chapter 11 Interface Group Note: An interface can belong to only one group at a time. Figure 102 Interface Group Configuration The following table describes the fields in this screen. Table 71 Interface Group Configuration LABEL DESCRIPTION Group Name Enter a name to identify this group. You can enter up to 30 characters. You can use letters, numbers, hyphens (-) and underscores (_). Spaces are not allowed. WAN Interface used in the grouping Select the WAN interface this group uses.
Chapter 11 Interface Group Table 71 Interface Group Configuration (continued) LABEL DESCRIPTION Apply Click Apply to save your changes back to the Device. Cancel Click Cancel to exit this screen without saving. 11.2.2 Interface Grouping Criteria Click the Add button in the Interface Grouping Configuration screen to open the following screen. Figure 103 Interface Grouping Criteria The following table describes the fields in this screen.
Chapter 11 Interface Group Table 72 Interface Grouping Criteria (continued) LABEL DUID type DESCRIPTION Select DUID-LLT (DUID Based on Link-layer Address Plus Time) to enter the hardware type, a time value and the MAC address of the device. Select DUID-EN (DUID Assigned by Vendor Based upon Enterprise Number) to enter the vendor’s registered enterprise number. Select DUID-LL (DUID Based on Link-layer Address) to enter the device’s hardware type and hardware address (MAC address) in the following fields.
Chapter 11 Interface Group 180 eircom F1000 Modem User’s Guide
C HAPTER 12 USB Service 12.1 Overview You can share files on a USB memory stick or hard drive connected to your Device with users on your network. The following figure is an overview of the Device’s file server feature. Computers A and B can access files on a USB device (C) which is connected to the Device. Figure 104 File Sharing Overview B C A The Device will not be able to join the workgroup if your local area network has restrictions set up that do not allow devices to join a workgroup.
Chapter 12 USB Service 12.1.2.1 About File Sharing Workgroup name This is the name given to a set of computers that are connected on a network and share resources such as a printer or files. Windows automatically assigns the workgroup name when you set up a network. Shares When settings are set to default, each USB device connected to the Device is given a folder, called a “share”. If a USB hard drive connected to the Device has more than one partition, then each partition will be allocated a share.
Chapter 12 USB Service Supported OSs Your operating system must support TCP/IP ports for printing and be compatible with the RAW (port 9100) protocol. The following OSs support Device’s printer sharing feature. • Microsoft Windows 95, Windows 98 SE (Second Edition), Windows Me, Windows NT 4.0, Windows 2000, Windows XP or Macintosh OS X. 12.1.3 Before You Begin Make sure the Device is connected to your network and turned on. 1 Connect the USB device to one of the Device’s USB port.
Chapter 12 USB Service 12.3 The Media Server Screen The media server feature lets anyone on your network play video, music, and photos from the USB storage device connected to your Device (without having to copy them to another computer). The Device can function as a DLNA-compliant media server. The Device streams files to DLNA-compliant media clients (like Windows Media Player).
Chapter 12 USB Service 12.4.1 Before You Begin To configure the print server you need the following: • Your Device must be connected to your computer and any other devices on your network. The USB printer must be connected to your Device. • A USB printer with the driver already installed on your computer. • The computers on your network must have the printer software already installed before they can create a TCP/IP port for printing via the network.
Chapter 12 USB Service 186 eircom F1000 Modem User’s Guide
C HAPTER 13 Firewall 13.1 Overview This chapter shows you how to enable and configure the Device’s security settings. Use the firewall to protect your Device and network from attacks by hackers on the Internet and control access to it. By default the firewall: • allows traffic that originates from your LAN computers to go to all other networks. • blocks traffic that originates on other networks from going to the LAN. The following figure illustrates the default firewall action.
Chapter 13 Firewall 13.1.2 What You Need to Know SYN Attack A SYN attack floods a targeted system with a series of SYN packets. Each packet causes the targeted system to issue a SYN-ACK response. While the targeted system waits for the ACK that follows the SYN-ACK, it queues up all outstanding SYN-ACK responses on a backlog queue. SYNACKs are moved off the queue only when an ACK comes back or when an internal timer terminates the three-way handshake.
Chapter 13 Firewall 13.2 The Firewall Screen Use this screen to set the security level of the firewall on the Device. Firewall rules are grouped based on the direction of travel of packets to which they apply. Click Security > Firewall to display the General screen. Figure 109 Security > Firewall > General The following table describes the labels in this screen. Table 76 Security > Firewall > General LABEL DESCRIPTION Firewall Select Enable to activate the firewall feature on the Device.
Chapter 13 Firewall Click Security > Firewall > Protocol to display the following screen. Figure 110 Security > Firewall > Protocol The following table describes the labels in this screen. Table 77 Security > Firewall > Protocol LABEL DESCRIPTION Add new service entry Click this to add a new service. Name This is the name of your customized service. Description This is the description of your customized service.
Chapter 13 Firewall The following table describes the labels in this screen. Table 78 Service: Add/Edit LABEL DESCRIPTION Protocol Choose the IP protocol (TCP, UDP, ICMP, or Other) that defines your customized port from the drop-down list box. Select Other to be able to enter a protocol number. Source/ These fields are displayed if you select TCP or UDP as the IP port. Destination Port Select Single to specify one port only or Range to specify a span of ports that define your customized service.
Chapter 13 Firewall Table 79 Security > Firewall > Access Control (continued) LABEL DESCRIPTION Name This displays the name of the rule. Src IP This displays the source IP addresses to which this rule applies. Please note that a blank source address is equivalent to Any. Dst IP This displays the destination IP addresses to which this rule applies. Please note that a blank destination address is equivalent to Any.
Chapter 13 Firewall The following table describes the labels in this screen. Table 80 Access Control: Add/Edit LABEL DESCRIPTION Filter Name Enter a descriptive name of up to 16 alphanumeric characters, not including spaces, underscores, and dashes. You must enter the filter name to add an ACL rule. This field is read-only if you are editing the ACL rule. Order Select the order of the ACL rule. Select Source Device Select the source device to which the ACL rule applies.
Chapter 13 Firewall 13.5 The DoS Screen DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and connection requests, using so much bandwidth and so many resources that Internet access becomes unavailable. Use the DoS screen to activate protection against DoS attacks. Click Security > Firewall > DoS to display the following screen. Figure 114 Security > Firewall > DoS The following table describes the labels in this screen.
C HAPTER 14 MAC Filter 14.1 Overview You can configure the Device to permit access to clients based on their MAC addresses in the MAC Filter screen. This applies to wired and wireless connections. Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. You need to know the MAC addresses of the devices to configure this screen. 14.
Chapter 14 MAC Filter Table 82 Security > MAC Filter (continued) 196 LABEL DESCRIPTION MAC Address Enter the MAC addresses of the wireless or LAN clients that are allowed access to the Device in these address fields. Enter the MAC addresses in a valid MAC address format, that is, six hexadecimal character pairs, for example, 12:34:56:78:9a:bc. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings.
C HAPTER 15 Parental Control 15.1 Overview Parental control allows you to block web sites with the specific URL. You can also define time periods and days during which the Device performs parental control on a specific user. 15.2 The Parental Control Screen Use this screen to enable parental control, view the parental control rules and schedules. Click Security > Parental Control to open the following screen. Figure 116 Security > Parental Control The following table describes the fields in this screen.
Chapter 15 Parental Control Table 83 Security > Parental Control (continued) LABEL DESCRIPTION Internet Access Schedule This shows the day(s) and time on which parental control is enabled. Network Service This shows whether the network service is configured. If not, None will be shown. Website Block This shows whether the website block is configured. If not, None will be shown. Modify Click the Edit icon to go to the screen where you can edit the rule.
Chapter 15 Parental Control The following table describes the fields in this screen. Table 84 Parental Control Rule: Add/Edit LABEL DESCRIPTION General Active Select the checkbox to activate this parental control rule. Parental Control Profile Name Enter a descriptive name for the rule. Home Network User Select the LAN user that you want to apply this rule to from the drop-down list box. If you select Custom, enter the LAN user’s MAC address. If you select All, the rule applies to all LAN users.
Chapter 15 Parental Control 200 eircom F1000 Modem User’s Guide
C HAPTER 16 Scheduler Rule 16.1 Overview You can define time periods and days during which the Device performs scheduled rules of certain features (such as Firewall Access Control) in the Scheduler Rule screen. 16.2 The Scheduler Rule Screen Use this screen to view, add, or edit time schedule rules. Click Security > Scheduler Rule to open the following screen. Figure 118 Security > Scheduler Rule The following table describes the fields in this screen.
Chapter 16 Scheduler Rule 16.2.1 Add/Edit a Schedule Click the Add button in the Scheduler Rule screen or click the Edit icon next to a schedule rule to open the following screen. Use this screen to configure a restricted access schedule. Figure 119 Scheduler Rule: Add/Edit The following table describes the fields in this screen. Table 86 Scheduler Rule: Add/Edit 202 LABEL DESCRIPTION Rule Name Enter a name (up to 31 printable English keyboard characters, not including spaces) for this schedule.
C HAPTER 17 Certificates 17.1 Overview The Device can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication. 17.1.1 What You Can Do in this Chapter • The Local Certificates screen lets you generate certification requests and import the Device's CA-signed certificates (Section 17.3 on page 203).
Chapter 17 Certificates The following table describes the labels in this screen. Table 87 Security > Certificates > Local Certificates LABEL DESCRIPTION Private Key is protected by a password? Select the checkbox and enter the private key into the text box to store it on the Device. The private key should not exceed 63 ASCII characters (not including spaces). Browse... Click this to find the certificate file you want to upload.
Chapter 17 Certificates The following table describes the labels in this screen. Table 88 Create Certificate Request LABEL DESCRIPTION Certificate Name Type up to 63 ASCII characters (not including spaces) to identify this certificate. Common Name Select Auto to have the Device configure this field automatically. Or select Customize to enter it manually. Type the IP address (in dotted decimal notation), domain name or e-mail address in the field provided.
Chapter 17 Certificates Note: You must remove any spaces from the certificate’s filename before you can import it. Figure 123 Load Signed Certificate The following table describes the labels in this screen. Table 89 Load Signed Certificate LABEL DESCRIPTION Certificate Name This is the name of the signed certificate. Certificate Copy and paste the signed certificate into the text box to store it on the Device. Apply Click Apply to save your changes.
Chapter 17 Certificates being trustworthy; thus you do not need to import any certificate that is signed by one of these certification authorities. Figure 124 Security > Certificates > Trusted CA The following table describes the fields in this screen. Table 90 Security > Certificates > Trusted CA LABEL DESCRIPTION Import Certificate Click this button to open a screen where you can save the certificate of a certification authority that you trust to the Device. # This is the index number of the entry.
Chapter 17 Certificates 17.4.1 View Trusted CA Certificate Click the View icon in the Trusted CA screen to open the following screen. Use this screen to view in-depth information about the certification authority’s certificate. Figure 125 Trusted CA: View The following table describes the fields in this screen. Table 91 Trusted CA: View LABEL DESCRIPTION Name This field displays the identifying name of this certificate. Type This field displays general information about the certificate.
Chapter 17 Certificates 17.4.2 Import Trusted CA Certificate Click the Import Certificate button in the Trusted CA screen to open the following screen. The Device trusts any valid certificate signed by any of the imported trusted CA certificates. Figure 126 Trusted CA: Import Certificate The following table describes the fields in this screen.
Chapter 17 Certificates 210 eircom F1000 Modem User’s Guide
C HAPTER 18 VPN 18.1 Overview A virtual private network (VPN) provides secure communications over the the Internet. Internet Protocol Security (IPSec) is a standards-based VPN that provides confidentiality, data integrity, and authentication. This chapter shows you how to configure the Device’s VPN settings. 18.2 The IPSec VPN General Screen Use this screen to view and manage your VPN tunnel policies. The following figure helps explain the main fields in the web configurator.
Chapter 18 VPN This screen contains the following fields: Table 93 Security > IPSec VPN LABEL DESCRIPTION Add New Connection Click this button to add an item to the list. # This displays the index number of an entry. Status This displays whether the VPN policy is enabled (Enable) or not (Disable). Connection Name The name of the VPN policy. Remote Gateway This is the IP address of the remote IPSec router in the IKE SA.
Chapter 18 VPN Figure 129 Security > IPSec VPN: Add/Edit This screen contains the following fields: Table 94 Security > IPSec VPN: Add/Edit LABEL DESCRIPTION Active Select this to activate this VPN policy. IPSec Connection Name Enter the name of the VPN policy. Remote IPSec Gateway Address Enter the IP address of the remote IPSec router in the IKE SA. Tunnel access from local IP addresses Select Single Address to have only one local LAN IP address use the VPN tunnel.
Chapter 18 VPN Table 94 Security > IPSec VPN: Add/Edit LABEL DESCRIPTION IP Address for VPN If Single Address is selected, enter a (static) IP address on the LAN behind your Device. If Subnet is selected, specify IP addresses on a network by their subnet mask by entering a (static) IP address on the LAN behind your Device. Then enter the subnet mask to identify the network address. IP Subnetmask If Subnet is selected, enter the subnet mask to identify the network address.
Chapter 18 VPN Table 94 Security > IPSec VPN: Add/Edit LABEL DESCRIPTION Local ID Content When you select IP in the Local ID Type field, type the IP address of your computer in this field. If you configure this field to 0.0.0.0 or leave it blank, the Device automatically uses the Pre-Shared Key (refer to the Pre-Shared Key field description). It is recommended that you type an IP address other than 0.0.0.0 in this field or use the DNS or E-mail type in the following situations.
Chapter 18 VPN Table 94 Security > IPSec VPN: Add/Edit LABEL DESCRIPTION Encryption Algorithm Select which key size and encryption algorithm to use in the IKE SA.
Chapter 18 VPN Table 94 Security > IPSec VPN: Add/Edit LABEL DESCRIPTION Perfect Forward Secrecy (PFS) Select whether or not you want to enable Perfect Forward Secrecy (PFS) PFS changes the root key that is used to generate encryption keys for each IPSec SA. The longer the key, the more secure the encryption, but also the longer it takes to encrypt and decrypt information. Both routers must use the same DH key group. Choices are: None - do not use any random number.
Chapter 18 VPN 18.4 The IPSec VPN Monitor Screen Use this screen to check your VPN tunnel’s current status. You can also manually trigger a VPN tunnel to the remote network. Click Security > IPSec VPN > Monitor to open this screen as shown next. Figure 130 Security > IPSec VPN > Monitor This screen contains the following fields: Table 95 Security > IPSec VPN > Monitor LABEL DESCRIPTION Refresh Interval Select how often you want the Device to update this screen.
Chapter 18 VPN Figure 131 IPSec Architecture IPSec Algorithms The ESP (Encapsulating Security Payload) Protocol (RFC 2406) and AH (Authentication Header) protocol (RFC 2402) describe the packet formats and the default standards for packet structure (including implementation algorithms). The Encryption Algorithm describes the use of encryption techniques such as DES (Data Encryption Standard) and Triple DES algorithms.
Chapter 18 VPN Transport Mode Transport mode is used to protect upper layer protocols and only affects the data in the IP packet. In Transport mode, the IP packet contains the security protocol (AH or ESP) located after the original IP header and options, but before any upper layer protocols contained in the packet (such as TCP and UDP). With ESP, protection is applied only to the upper layer protocols contained in the packet.
Chapter 18 VPN Figure 133 Two Phases to Set Up the IPSec SA In phase 1 you must: • Choose a negotiation mode. • Authenticate the connection by entering a pre-shared key. • Choose an encryption algorithm. • Choose an authentication algorithm. • Choose a Diffie-Hellman public-key cryptography key group. • Set the IKE SA lifetime. This field allows you to determine how long an IKE SA should stay up before it times out. An IKE SA times out when the IKE SA lifetime period expires.
Chapter 18 VPN • Aggressive Mode is quicker than Main Mode because it eliminates several steps when the communicating parties are negotiating authentication (phase 1). However the trade-off is that faster speed limits its negotiating power and it also does not provide identity protection. It is useful in remote access situations where the address of the initiator is not know by the responder and both parties want to use pre-shared key authentication. 18.5.
Chapter 18 VPN Figure 134 NAT Router Between IPSec Routers B A Normally you cannot set up an IKE SA with a NAT router between the two IPSec routers because the NAT router changes the header of the IPSec packet. NAT traversal solves the problem by adding a UDP port 500 header to the IPSec packet. The NAT router forwards the IPSec packet with the UDP port 500 header unchanged.
Chapter 18 VPN The type of ID can be a domain name, an IP address or an e-mail address. The content is the IP address, domain name, or e-mail address. Table 98 Local ID Type and Content Fields LOCAL ID TYPE= CONTENT= IP Type the IP address of your computer. DNS Type a domain name (up to 31 characters) by which to identify this Device. E-mail Type an e-mail address (up to 31 characters) by which to identify this Device.
C HAPTER 19 Log 19.1 Overview The web configurator allows you to choose which categories of events and/or alerts to have the Device log and then display the logs or have the Device send them to an administrator (as e-mail) or to a syslog server. 19.1.1 What You Can Do in this Chapter • Use the System Log screen to see the system logs (Section 19.2 on page 226). • Use the Security Log screen to see the security-related logs for the categories that you select (Section 19.3 on page 227). 19.1.
Chapter 19 Log Table 101 Syslog Severity Levels CODE SEVERITY 5 Notice: There is a normal but significant condition on the system. 6 Informational: The syslog contains an informational message. 7 Debug: The message is intended for debug-level purposes. 19.2 The System Log Screen Use the System Log screen to see the system logs. Click System Monitor > Log to open the System Log screen. Figure 135 System Monitor > Log > System Log The following table describes the fields in this screen.
Chapter 19 Log 19.3 The Security Log Screen Use the Security Log screen to see the security-related logs for the categories that you select. Click System Monitor > Log > Security Log to open the following screen. Figure 136 System Monitor > Log > Security Log The following table describes the fields in this screen. Table 103 System Monitor > Log > Security Log LABEL DESCRIPTION Level Select a severity level from the drop-down list box.
Chapter 19 Log 228 eircom F1000 Modem User’s Guide
C HAPTER 20 Traffic Status 20.1 Overview Use the Traffic Status screens to look at network traffic status and statistics of the WAN, LAN interfaces and NAT. 20.1.1 What You Can Do in this Chapter • Use the WAN screen to view the WAN traffic statistics (Section 20.2 on page 229). • Use the LAN screen to view the LAN traffic statistics (Section 20.3 on page 231). • Use the NAT screen to view the NAT status of the Device’s client(s) (Section 20.4 on page 232) 20.
Chapter 20 Traffic Status The following table describes the fields in this screen. Table 104 System Monitor > Traffic Status > WAN LABEL DESCRIPTION Connected Interface This shows the name of the WAN interface that is currently connected. Packets Sent Data This indicates the number of transmitted packets on this interface. Error This indicates the number of frames with errors transmitted on this interface. Drop This indicates the number of outgoing packets dropped on this interface.
Chapter 20 Traffic Status 20.3 The LAN Status Screen Click System Monitor > Traffic Status > LAN to open the following screen. The figure in this screen shows the interface that is currently connected on the Device. Figure 138 System Monitor > Traffic Status > LAN The following table describes the fields in this screen. Table 105 System Monitor > Traffic Status > LAN LABEL DESCRIPTION Refresh Interval Select how often you want the Device to update this screen.
Chapter 20 Traffic Status 20.4 The NAT Status Screen Click System Monitor > Traffic Status > NAT to open the following screen. The figure in this screen shows the NAT session statistics for hosts currently connected on the Device. Figure 139 System Monitor > Traffic Status > NAT The following table describes the fields in this screen. Table 106 System Monitor > Traffic Status > NAT 232 LABEL DESCRIPTION Refresh Interval Select how often you want the Device to update this screen.
C HAPTER 21 VoIP Status 21.1 The VoIP Status Screen Click System Monitor > VoIP Status to open the following screen. You can view the VoIP registration, current call status and phone numbers in this screen. Figure 140 System Monitor > VoIP Status The following table describes the fields in this screen. Table 107 System Monitor > VoIP Status LABEL DESCRIPTION Poll Interval(s) Enter the number of seconds the Device needs to wait before updating this screen and then click Set Interval.
Chapter 21 VoIP Status Table 107 System Monitor > VoIP Status (continued) LABEL DESCRIPTION Message Waiting This field indicates whether or not there are any messages waiting for the SIP account. Last Incoming Number This field displays the last number that called the SIP account. The field is blank if no number has ever dialed the SIP account. Last Outgoing Number This field displays the last number the SIP account called. The field is blank if the SIP account has never dialed a number.
C HAPTER 22 ARP Table 22.1 Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long. In an Ethernet LAN, MAC addresses are 48 bits long. The ARP Table maintains an association between each MAC address and its corresponding IP address. 22.1.
Chapter 22 ARP Table The following table describes the labels in this screen. Table 108 System Monitor > ARP Table 236 LABEL DESCRIPTION # This is the ARP table entry number. IPv4/IPv6 Address This is the learned IPv4 or IPv6 IP address of a device connected to a port. MAC Address This is the MAC address of the device with the listed IP address. Device This is the type of interface used by the device. You can click on the device type to go to its configuration screen.
C HAPTER 23 Routing Table 23.1 Overview Routing is based on the destination address only and the Device takes the shortest path to forward a packet. 23.2 The Routing Table Screen Click System Monitor > Routing Table to open the following screen. Figure 142 System Monitor > Routing Table The following table describes the labels in this screen.
Chapter 23 Routing Table Table 109 System Monitor > Routing Table (continued) LABEL DESCRIPTION Flag This indicates the route status. U-Up: The route is up. !-Reject: The route is blocked and will force a route lookup to fail. G-Gateway: The route uses a gateway to forward traffic. H-Host: The target of the route is a host. R-Reinstate: The route is reinstated for dynamic routing. D-Dynamic (redirect): The route is dynamically installed by a routing daemon or redirect.
C HAPTER 24 IGMP/MLD Status 24.1 Overview Use the IGMP Status screens to look at IGMP/MLD group status and traffic statistics. 24.2 The IGMP/MLD Group Status Screen Use this screen to look at the current list of multicast groups the Device has joined and which ports have joined it. To open this screen, click System Monitor > IGMP/MLD Group Status. Figure 143 System Monitor > IGMP/MLD Group Status The following table describes the labels in this screen.
Chapter 24 IGMP/MLD Status Table 110 System Monitor > IGMP/MLD Group Status (continued) LABEL DESCRIPTION Filter Mode INCLUDE means that only the IP addresses in the Source List get to receive the multicast group’s traffic. EXCLUDE means that the IP addresses in the Source List are not allowed to receive the multicast group’s traffic but other IP addresses can.
C HAPTER 25 xDSL Statistics 25.1 The xDSL Statistics Screen Use this screen to view detailed DSL statistics. Click System Monitor > xDSL Statistics to open the following screen.
Chapter 25 xDSL Statistics The following table describes the labels in this screen. Table 111 Status > xDSL Statistics LABEL DESCRIPTION Refresh Interval Select the time interval for refreshing statistics. Line Select which DSL line’s statistics you want to display. xDSL Training Status This displays the current state of setting up the DSL connection. Mode This displays the ITU standard used for this connection.
Chapter 25 xDSL Statistics Table 111 Status > xDSL Statistics (continued) LABEL DESCRIPTION Downstream These are the statistics for the traffic direction coming into the port from the service provider. Line Rate These are the data transfer rates at which the port is sending and receiving data. Actual Net Data Rate These are the rates at which the port is sending and receiving the payload data without transport layer protocol headers and traffic.
Chapter 25 xDSL Statistics Table 111 Status > xDSL Statistics (continued) LABEL 244 DESCRIPTION LOF This is the number of Loss Of Frame seconds. LOM This is the number of Loss of Margin seconds.
C HAPTER 26 3G Statistics 26.1 Overview Use the 3G Statistics screens to look at 3G Internet connection status. 26.2 The 3G Statistics Screen To open this screen, click System Monitor > 3G Statistics. The 3G status is available on this screen only when you insert a compatible 3G dongle in a USB port on the Device. Figure 145 System Monitor > 3G Statistics The following table describes the labels in this screen.
Chapter 26 3G Statistics Table 112 System Monitor > 3G Statistics (continued) 246 LABEL DESCRIPTION Service Provider This field displays the name of the service provider. Signal Strength This field displays the strength of the signal in dBm. Connection Uptime This field displays the time the connection has been up. 3G Card Manufacturer This field displays the manufacturer of the 3G card. 3G Card Model This field displays the model name of the 3G card.
C HAPTER 27 User Account 27.1 Overview In the Users Account screen, you can change the password of the “admin” user account that you used to log in the Device. 27.2 The User Account Screen Click Maintenance > User Account to open the following screen. Figure 146 Maintenance > User Account The following table describes the labels in this screen. Table 113 Maintenance > User Account LABEL DESCRIPTION User Name This field displays the name of the account that you used to log in the system.
Chapter 27 User Account 248 eircom F1000 Modem User’s Guide
C HAPTER 28 Remote Management 28.1 Overview Remote management controls through which interface(s), which services can access the Device. Note: The Device is managed using the Web Configurator. 28.2 The Remote MGMT Screen Use this screen to configure through which interface(s), which services can access the Device. You can also specify the port numbers the services must use to connect to the Device. Click Maintenance > Remote MGMT to open the following screen.
Chapter 28 Remote Management Table 114 Maintenance > Remote MGMT (continued) LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Certificate HTTPS Certificate Select a certificate the HTTPS server (the Device) uses to authenticate itself to the HTTPS client. You must have certificates already configured in the Certificates screen.
Chapter 28 Remote Management 28.4 The Add Trust Domain Screen Use this screen to configure a public IP address which is allowed to access the Device. Click the Add Trust Domain button in the Maintenance > Remote MGMT > Turst Domain screen to open the following screen. Figure 149 Maintenance > Remote MGMT > Trust Domain > Add Trust Domain The following table describes the fields in this screen.
Chapter 28 Remote Management 252 eircom F1000 Modem User’s Guide
C HAPTER 29 TR-064 29.1 Overview This chapter explains how to configure the Device’s TR-064 auto-configuration settings. 29.2 The TR-064 Screen TR-064 is a LAN-Side DSL CPE Configuration protocol defined by the DSL Forum. TR-064 is built on top of UPnP. It allows the users to use a TR-064 compliant CPE management application on their computers from the LAN to discover the CPE and configure user-specific parameters, such as the username and password.
Chapter 29 TR-064 254 eircom F1000 Modem User’s Guide
C HAPTER 30 SNMP 30.1 Overview This chapter explains how to configure the SNMP settings on the Device. 30.2 The SNMP Screen Simple Network Management Protocol is a protocol used for exchanging management information between network devices. Your Device supports SNMP agent functionality, which allows a manager station to manage and monitor the Device through the network. The Device supports SNMP version one (SNMPv1) and version two (SNMPv2c). The next figure illustrates an SNMP management operation.
Chapter 30 SNMP managed objects. SNMP allows a manager and agents to communicate for the purpose of accessing these objects. SNMP itself is a simple request/response protocol based on the manager/agent model. The manager issues a request and the agent returns responses using the following protocol operations: • Get - Allows the manager to retrieve an object variable from the agent. • GetNext - Allows the manager to retrieve the next object variable from a table or list within an agent.
C HAPTER 31 Time Settings 31.1 Overview This chapter shows you how to configure system related settings, such as system time, password, name, the domain name and the inactivity timeout interval. 31.2 The Time Screen To change your Device’s time and date, click Maintenance > Time. The screen appears as shown. Use this screen to configure the Device’s time based on your local time zone.
Chapter 31 Time Settings The following table describes the fields in this screen. Table 119 Maintenance > Time LABEL DESCRIPTION Current Date/Time Current Time This field displays the time of your Device. Each time you reload this page, the Device synchronizes the time with the time server. Current Date This field displays the date of your Device. Each time you reload this page, the Device synchronizes the date with the time server.
Chapter 31 Time Settings Table 119 Maintenance > Time (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving.
Chapter 31 Time Settings 260 eircom F1000 Modem User’s Guide
C HAPTER 32 E-mail Notification 32.1 Overview A mail server is an application or a computer that runs such an application to receive, forward and deliver e-mail messages. To have the Device send reports, logs or notifications via e-mail, you must specify an e-mail server and the e-mail addresses of the sender and receiver. 32.2 The Email Notification Screen Click Maintenance > Email Notification to open the Email Notification screen.
Chapter 32 E-mail Notification 32.2.1 Email Notification Edit Click the Add button in the Email Notification screen. Use this screen to configure the required information for sending e-mail via a mail server. Figure 155 Email Notification > Add The following table describes the labels in this screen. Table 121 Email Notification > Add LABEL DESCRIPTION Mail Server Address Enter the server name or the IP address of the mail server for the e-mail address specified in the Account Email Address field.
C HAPTER 33 Log Setting 33.1 Overview You can configure where the Device sends logs and which logs and/or immediate alerts the Device records in the Log Setting screen. 33.2 The Log Settings Screen To change your Device’s log settings, click Maintenance > Log Setting. The screen appears as shown.
Chapter 33 Log Setting The following table describes the fields in this screen. Table 122 Maintenance > Log Setting LABEL DESCRIPTION Syslog Setting Syslog Logging The Device sends a log to an external syslog server. Select Enable to enable syslog logging. Mode Select the syslog destination from the drop-down list box. If you select Remote, the log(s) will be sent to a remote syslog server. If you select Local File, the log(s) will be saved in a local file.
Chapter 33 Log Setting • "End of Log" message shows that a complete log has been sent. Figure 157 E-mail Log Example Subject: Firewall Alert From Date: Fri, 07 Apr 2000 10:05:42 From: user@zyxel.com To: user@zyxel.com 1|Apr 7 00 |From:192.168.1.1 To:192.168.1.255 |default policy |forward | 09:54:03 |UDP src port:00520 dest port:00520 |<1,00> | 2|Apr 7 00 |From:192.168.1.131 To:192.168.1.255 |default policy |forward | 09:54:17 |UDP src port:00520 dest port:00520 |<1,00> | 3|Apr 7 00 |From:192.168.1.6 To:10.
Chapter 33 Log Setting 266 eircom F1000 Modem User’s Guide
C HAPTER 34 Firmware Upgrade 34.1 Overview This chapter explains how to upload new firmware to your Device. You can download new firmware releases from your nearest ZyXEL FTP site (or www.zyxel.com) to use to upgrade your device’s performance. Only use firmware for your device’s specific model. Refer to the label on the bottom of your Device. 34.2 The Firmware Screen Click Maintenance > Firmware Upgrade to open the following screen.
Chapter 34 Firmware Upgrade After you see the firmware updating screen, wait two minutes before logging into the Device again. Figure 159 Firmware Uploading The Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 160 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen.
C HAPTER 35 Configuration 35.1 Overview The Configuration screen allows you to backup and restore device configurations. You can also reset your device settings back to the factory default. 35.2 The Configuration Screen Click Maintenance > Configuration. Information related to factory defaults, backup configuration, and restoring configuration appears in this screen, as shown next.
Chapter 35 Configuration Restore Configuration Restore Configuration allows you to upload a new or previously saved configuration file from your computer to your Device. Table 124 Restore Configuration LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ... to find it. Browse... Click this to find the file you want to upload. Remember that you must decompress compressed (.ZIP) files before you can upload them.
Chapter 35 Configuration Reset to Factory Defaults Click the Reset button to clear all user-entered configuration information and return the Device to its factory defaults. The following warning screen appears. Figure 165 Reset Warning Message Figure 166 Reset In Process Message You can also press the RESET button on the rear panel to reset the factory defaults of your Device. Refer to Section 1.6 on page 22 for more information on the RESET button. 35.
Chapter 35 Configuration 272 eircom F1000 Modem User’s Guide
C HAPTER 36 Diagnostic 36.1 Overview The Diagnostic screens display information to help you identify problems with the Device. The route between a CO VDSL switch and one of its CPE may go through switches owned by independent organizations. A connectivity fault point generally takes time to discover and impacts subscriber’s network access. In order to eliminate the management and maintenance efforts, IEEE 802.
Chapter 36 Diagnostic 36.3 Ping & TraceRoute & NsLookup Use this screen to ping, traceroute, or nslookup an IP address. Click Maintenance > Diagnostic > Ping&TraceRoute&NsLookup to open the screen shown next. Figure 168 Maintenance > Diagnostic > Ping &TraceRoute&NsLookup The following table describes the fields in this screen.
Chapter 36 Diagnostic 36.4 802.1ag Click Maintenance > Diagnostic > 8.2.1ag to open the following screen. Use this screen to perform CFM actions. Figure 169 Maintenance > Diagnostic > 802.1ag The following table describes the fields in this screen. Table 126 Maintenance > Diagnostic > 802.1ag LABEL DESCRIPTION 802.1ag Connectivity Fault Management Maintenance Domain (MD) Level Select a level (0-7) under which you want to create an MA.
Chapter 36 Diagnostic 36.5 OAM Ping Click Maintenance > Diagnostic > OAM Ping to open the screen shown next. Use this screen to perform an OAM (Operation, Administration and Maintenance) F4 or F5 loopback test on a PVC. The Device sends an OAM F4 or F5 packet to the DSLAM or ATM switch and then returns it to the Device. The test result then displays in the text box. ATM sets up virtual circuits over which end systems communicate.
Chapter 36 Diagnostic Note: This screen is available only when you configure an ATM layer-2 interface. Figure 171 Maintenance > Diagnostic > OAM Ping The following table describes the fields in this screen. Table 127 Maintenance > Diagnostic > OAM Ping LABEL DESCRIPTION Select a PVC on which you want to perform the loopback test. F4 segment Press this to perform an OAM F4 segment loopback test. F4 end-end Press this to perform an OAM F4 end-to-end loopback test.
Chapter 36 Diagnostic 278 eircom F1000 Modem User’s Guide
C HAPTER 37 Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • Device Access and Login • Internet Access • Wireless Internet Access • USB Device Connection • UPnP 37.1 Power, Hardware Connections, and LEDs The Device does not turn on. None of the LEDs turn on. 1 Make sure the Device is turned on.
Chapter 37 Troubleshooting 5 If the problem continues, contact the vendor. 37.2 Device Access and Login I forgot the IP address for the Device. 1 The default LAN IP address is 192.168.1.254. 2 If you changed the IP address and have forgotten it, you might get the IP address of the Device by looking up the IP address of the default gateway for your computer. To do this in most Windows computers, click Start > Run, enter cmd, and then enter ipconfig.
Chapter 37 Troubleshooting 5 Reset the device to its factory defaults, and try to access the Device with the default IP address. See Section 1.6 on page 22. 6 If the problem continues, contact the network administrator or vendor, or try one of the advanced suggestions. Advanced Suggestions • Make sure you have logged out of any earlier management sessions using the same user account even if they were through a different interface or using a different browser.
Chapter 37 Troubleshooting 37.3 Internet Access I cannot access the Internet. 1 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide and Section 1.5 on page 20. 2 Make sure you entered your ISP account information correctly in the Network Setting > Broadband screen. These fields are case-sensitive, so make sure [Caps Lock] is not on.
Chapter 37 Troubleshooting 2 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide and Section 1.5 on page 20. 3 Turn the Device off and on. 4 If the problem continues, contact your ISP. 37.4 Wireless Internet Access What factors may cause intermittent or unstabled wireless connection? How can I solve this problem? The following factors may cause interference: • Obstacles: walls, ceilings, furniture, and so on.
Chapter 37 Troubleshooting 37.5 USB Device Connection The Device fails to detect my USB device. 1 Disconnect the USB device. 2 Reboot the Device. 3 If you are connecting a USB hard drive that comes with an external power supply, make sure it is connected to an appropriate power source that is on. 4 Re-connect your USB device to the Device. 37.6 UPnP When using UPnP and the Device reboots, my computer cannot detect UPnP and refresh My Network Places > Local Network.
A PPENDIX A Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP/Vista, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your computer. Windows 3.1 requires the purchase of a third-party TCP/IP application package.
Appendix A Setting up Your Computer’s IP Address Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add. 2 Select Adapter and then click Add. 3 Select the manufacturer and model of your network adapter and then click OK. If you need TCP/IP: 1 In the Network window, click Add. 2 Select Protocol and then click Add.
Appendix A Setting up Your Computer’s IP Address • If you have a static IP address, select Specify an IP address and type your information into the IP Address and Subnet Mask fields. Figure 174 Windows 95/98/Me: TCP/IP Properties: IP Address 3 Click the DNS Configuration tab. • If you do not know your DNS information, select Disable DNS. • If you know your DNS information, select Enable DNS and type the information in the fields below (you may not need to fill them all in).
Appendix A Setting up Your Computer’s IP Address 4 Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add. 5 Click OK to save and close the TCP/IP Properties window. 6 Click OK to close the Network window. Insert the Windows CD if prompted. 7 Turn on your Device and restart your computer when prompted. Verifying Settings 1 Click Start and then Run.
Appendix A Setting up Your Computer’s IP Address 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 177 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties.
Appendix A Setting up Your Computer’s IP Address 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 179 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). • If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields.
Appendix A Setting up Your Computer’s IP Address • Click Advanced. Figure 180 Windows XP: Internet Protocol (TCP/IP) Properties 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: • In the IP Settings tab, in IP addresses, click Add. • In TCP/IP Address, type an IP address in IP address and a subnet mask in Subnet mask, and then click Add.
Appendix A Setting up Your Computer’s IP Address • Click OK when finished. Figure 181 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
Appendix A Setting up Your Computer’s IP Address If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. Figure 182 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 10 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT).
Appendix A Setting up Your Computer’s IP Address 1 Click the Start icon, Control Panel. Figure 183 Windows Vista: Start Menu 2 In the Control Panel, double-click Network and Internet. Figure 184 Windows Vista: Control Panel 3 Click Network and Sharing Center.
Appendix A Setting up Your Computer’s IP Address 4 Click Manage network connections. Figure 186 Windows Vista: Network and Sharing Center 5 Right-click Local Area Connection and then click Properties. Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue.
Appendix A Setting up Your Computer’s IP Address 6 Select Internet Protocol Version 4 (TCP/IPv4) and click Properties. Figure 188 Windows Vista: Local Area Connection Properties 7 The Internet Protocol Version 4 (TCP/IPv4) Properties window opens (the General tab). • If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP address and fill in the IP address, Subnet mask, and Default gateway fields.
Appendix A Setting up Your Computer’s IP Address • Click Advanced. Figure 189 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 8 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: • In the IP Settings tab, in IP addresses, click Add.
Appendix A Setting up Your Computer’s IP Address • Click OK when finished. Figure 190 Windows Vista: Advanced TCP/IP Properties 9 In the Internet Protocol Version 4 (TCP/IPv4) Properties window, (the General tab): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
Appendix A Setting up Your Computer’s IP Address If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. Figure 191 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 10 Click OK to close the Internet Protocol Version 4 (TCP/IPv4) Properties window. 11 Click Close to close the Local Area Connection Properties window. 12 Close the Network Connections window. 13 Turn on your Device and restart your computer (if prompted).
Appendix A Setting up Your Computer’s IP Address Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel.
Appendix A Setting up Your Computer’s IP Address 2 Select Ethernet built-in from the Connect via list. Figure 193 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your Device in the Router address box.
Appendix A Setting up Your Computer’s IP Address • Select Built-in Ethernet from the Show list. • Click the TCP/IP tab. 3 For dynamically assigned settings, select Using DHCP from the Configure list. Figure 195 Macintosh OS X: Network 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your Device in the Router address box.
Appendix A Setting up Your Computer’s IP Address Linux This section shows you how to configure your computer’s TCP/IP settings in Red Hat Linux 9.0. Procedure, screens and file location may vary depending on your Linux distribution and release version. Note: Make sure you are logged in as the root administrator. Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE.
Appendix A Setting up Your Computer’s IP Address 2 Double-click on the profile of the network card you wish to configure. The Ethernet Device General screen displays as shown. Figure 197 Red Hat 9.0: KDE: Ethernet Device: General • If you have a dynamic IP address, click Automatically obtain IP address settings with and select dhcp from the drop down list. • If you have a static IP address, click Statically set IP Addresses and fill in the Address, Subnet mask, and Default Gateway Address fields.
Appendix A Setting up Your Computer’s IP Address 6 Click the Activate button to apply the changes. The following screen displays. Click Yes to save the changes in all screens. Figure 199 Red Hat 9.0: KDE: Network Configuration: Activate 7 After the network card restart process is complete, make sure the Status is Active in the Network Configuration screen. Using Configuration Files Follow the steps below to edit the network configuration files and set your computer IP address.
Appendix A Setting up Your Computer’s IP Address 2 If you know your DNS server IP address(es), enter the DNS server information in the resolv.conf file in the /etc directory. The following figure shows an example where two DNS server IP addresses are specified. Figure 202 Red Hat 9.0: DNS Settings in resolv.conf nameserver 172.23.5.1 nameserver 172.23.5.2 3 After you edit and save the configuration files, you must restart the network card. Enter ./network restart in the /etc/rc.d/init.d directory.
A PPENDIX B IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
Appendix B IP Addresses and Subnetting The following figure shows an example IP address in which the first three octets (192.168.1) are the network number, and the fourth octet (16) is the host ID. Figure 205 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask.
Appendix B IP Addresses and Subnetting Subnet masks can be referred to by the size of the network number part (the bits with a “1” value). For example, an “8-bit mask” means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes. Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks.
Appendix B IP Addresses and Subnetting The following table shows some possible subnet masks using both notations. Table 131 Alternative Subnet Mask Notation SUBNET MASK ALTERNATIVE NOTATION LAST OCTET (BINARY) LAST OCTET (DECIMAL) 255.255.255.0 /24 0000 0000 0 255.255.255.128 /25 1000 0000 128 255.255.255.192 /26 1100 0000 192 255.255.255.224 /27 1110 0000 224 255.255.255.240 /28 1111 0000 240 255.255.255.248 /29 1111 1000 248 255.255.255.
Appendix B IP Addresses and Subnetting The following figure shows the company network after subnetting. There are now two subnetworks, A and B. Figure 207 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 27 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address). 192.168.1.0 with mask 255.255.255.128 is subnet A itself, and 192.168.1.127 with mask 255.255.255.
Appendix B IP Addresses and Subnetting Table 132 Subnet 1 (continued) IP/SUBNET MASK NETWORK NUMBER Subnet Address: 192.168.1.0 Lowest Host ID: 192.168.1.1 Broadcast Address: 192.168.1.63 Highest Host ID: 192.168.1.62 LAST OCTET BIT VALUE Table 133 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 64 IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.
Appendix B IP Addresses and Subnetting Table 136 Eight Subnets (continued) SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BROADCAST ADDRESS 3 64 65 94 95 4 96 97 126 127 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 225 254 255 Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 137 24-bit Network Number Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO.
Appendix B IP Addresses and Subnetting Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established.
A PPENDIX C Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device.
Appendix C Pop-up Windows, JavaScripts and Java Permissions 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 209 Internet Options: Privacy 3 Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 316 In Internet Explorer, select Tools, Internet Options and then the Privacy tab.
Appendix C Pop-up Windows, JavaScripts and Java Permissions 2 Select Settings…to open the Pop-up Blocker Settings screen. Figure 210 Internet Options: Privacy 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1.
Appendix C Pop-up Windows, JavaScripts and Java Permissions 4 Click Add to move the IP address to the list of Allowed sites. Figure 211 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed.
Appendix C Pop-up Windows, JavaScripts and Java Permissions 1 In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 212 Internet Options: Security 2 Click the Custom Level... button. 3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default).
Appendix C Pop-up Windows, JavaScripts and Java Permissions 6 Click OK to close the window. Figure 213 Security Settings - Java Scripting Java Permissions 320 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected.
Appendix C Pop-up Windows, JavaScripts and Java Permissions 5 Click OK to close the window. Figure 214 Security Settings - Java JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for
Appendix C Pop-up Windows, JavaScripts and Java Permissions 3 Click OK to close the window. Figure 215 Java (Sun) Mozilla Firefox Mozilla Firefox 2.0 screens are used here. Screens for other versions may vary. You can enable Java, Javascripts and pop-ups in one screen. Click Tools, then click Options in the screen that appears.
Appendix C Pop-up Windows, JavaScripts and Java Permissions Click Content.to show the screen below. Select the check boxes as shown in the following screen.
Appendix C Pop-up Windows, JavaScripts and Java Permissions 324 eircom F1000 Modem User’s Guide
A PPENDIX D Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless adapters (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an ad-hoc network or Independent Basic Service Set (IBSS).
Appendix D Wireless LANs disabled, wireless client A and B can still access the wired network but cannot communicate with each other. Figure 219 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This type of wireless LAN topology is called an Infrastructure WLAN.
Appendix D Wireless LANs An ESSID (ESS IDentification) uniquely identifies each ESS. All access points and their associated wireless clients within the same ESS must have the same ESSID in order to communicate. Figure 220 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by wireless devices to transmit and receive data. Channels available depend on your geographical area.
Appendix D Wireless LANs cannot "hear" each other, that is they do not know if the channel is currently being used. Therefore, they are considered hidden from each other. Figure 221 RTS/CTS When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
Appendix D Wireless LANs If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. IEEE 802.11g Wireless LAN IEEE 802.11g is fully compatible with the IEEE 802.11b standard. This means an IEEE 802.11b adapter can interface directly with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range.
Appendix D Wireless LANs IEEE 802.1x In June 2001, the IEEE 802.1x standard was designed to extend the features of IEEE 802.11 to support extended authentication as well as providing additional accounting and control features. It is supported by Windows XP and a number of network devices. Some advantages of IEEE 802.1x are: • User based identification that allows for roaming.
Appendix D Wireless LANs • Accounting-Request Sent by the access point requesting accounting. • Accounting-Response Sent by the RADIUS server to indicate that it has started or stopped accounting. In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password, they both know. The key is not sent over the network. In addition to the shared key, password information exchanged is also encrypted to protect the network from unauthorized access.
Appendix D Wireless LANs EAP-TTLS (Tunneled Transport Layer Service) EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the serverside authentications to establish a secure connection. Client authentication is then done by sending username and password through the secure connection, thus client identity is protected. For client authentication, EAP-TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2.
Appendix D Wireless LANs WPA and WPA2 Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. Key differences between WPA or WPA2 and WEP are improved data encryption and user authentication. If both an AP and the wireless clients support WPA2 and you have an external RADIUS server, use WPA2 for stronger data encryption.
Appendix D Wireless LANs password-guessing attacks but it’s still an improvement over WEP as it employs a consistent, single, alphanumeric password to derive a PMK which is used to generate unique temporal encryption keys. This prevent all wireless devices sharing the same encryption keys. (a weakness of WEP) User Authentication WPA and WPA2 apply IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database.
Appendix D Wireless LANs 4 The RADIUS server distributes the PMK to the AP. The AP then sets up a key hierarchy and management system, using the PMK to dynamically generate unique data encryption keys. The keys are used to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients. Figure 222 WPA(2) with RADIUS Application Example WPA(2)-PSK Application Example A WPA(2)-PSK application looks as follows.
Appendix D Wireless LANs Security Parameters Summary Refer to this table to see what other security parameters you should configure for each authentication method or key management protocol type. MAC address filters are not dependent on how you configure these security features. Table 142 Wireless Security Relational Matrix AUTHENTICATION ENCRYPTIO METHOD/ KEY MANAGEMENT PROTOCOL N METHOD ENTER MANUAL KEY IEEE 802.
Appendix D Wireless LANs 2.5%. For an unobstructed outdoor site, each 1dB increase in gain results in a range increase of approximately 5%. Actual results may vary depending on the network environment. Antenna gain is sometimes specified in dBi, which is how much the antenna increases the signal power compared to using an isotropic antenna. An isotropic antenna is a theoretical perfect antenna that sends out radio signals equally well in all directions.
Appendix D Wireless LANs 338 eircom F1000 Modem User’s Guide
A PPENDIX E IPv6 Overview IPv6 (Internet Protocol version 6), is designed to enhance IP address size and features. The increase in IPv6 address size to 128 bits (from the 32-bit IPv4 address) allows up to 3.4 x 1038 IP addresses. IPv6 Addressing The 128-bit IPv6 address is written as eight 16-bit hexadecimal blocks separated by colons (:). This is an example IPv6 address 2001:0db8:1a2b:0015:0000:0000:1a2f:0000. IPv6 addresses can be abbreviated in two ways: • Leading zeros in a block can be omitted.
Appendix E IPv6 Global Address A global address uniquely identifies a device on the Internet. It is similar to a “public IP address” in IPv4. A global unicast address starts with a 2 or 3. Unspecified Address An unspecified address (0:0:0:0:0:0:0:0 or ::) is used as the source address when a device does not have its own address. It is similar to “0.0.0.0” in IPv4. Loopback Address A loopback address (0:0:0:0:0:0:0:1 or ::1) allows a host to send packets to itself. It is similar to “127.0.0.1” in IPv4.
Appendix E IPv6 Table 145 Reserved Multicast Address (continued) MULTICAST ADDRESS FF08:0:0:0:0:0:0:0 FF09:0:0:0:0:0:0:0 FF0A:0:0:0:0:0:0:0 FF0B:0:0:0:0:0:0:0 FF0C:0:0:0:0:0:0:0 FF0D:0:0:0:0:0:0:0 FF0E:0:0:0:0:0:0:0 FF0F:0:0:0:0:0:0:0 Subnet Masking Both an IPv6 address and IPv6 subnet mask compose of 128-bit binary digits, which are divided into eight 16-bit blocks and written in hexadecimal notation. Hexadecimal uses four bits for each character (1 ~ 10, A ~ F).
Appendix E IPv6 the time T2 is reached and the server does not respond, the client sends a Rebind message to any available server (S2). For an IA_TA, the client may send a Renew or Rebind message at the client's discretion. T2 T1 Renew Renew to S1 to S1 Renew Renew to S1 to S1 Renew to S1 Renew to S1 Rebind to S2 Rebind to S2 DHCP Relay Agent A DHCP relay agent is on the same network as the DHCP clients and helps forward messages between the DHCP server and clients.
Appendix E IPv6 • Neighbor advertisement: A response from a node to announce its link-layer address. • Router solicitation: A request from a host to locate a router that can act as the default router and forward packets. • Router advertisement: A response to a router solicitation or a periodical multicast advertisement from a router to advertise its presence and other parameters. IPv6 Cache An IPv6 host is required to have a neighbor cache, destination cache, prefix list and default router list.
Appendix E IPv6 Example - Enabling IPv6 on Windows XP/2003/Vista By default, Windows XP and Windows 2003 support IPv6. This example shows you how to use the ipv6 install command on Windows XP/2003 to enable IPv6. This also displays how to use the ipconfig command to see auto-generated IP addresses. C:\>ipv6 install Installing... Succeeded. C:\>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific IP Address. . . . . Subnet Mask . . . . IP Address. . . . .
Appendix E IPv6 4 Double click Dibbler - a DHCPv6 client. 5 Click Start and then OK. 6 Now your computer can obtain an IPv6 address from a DHCPv6 server. Example - Enabling IPv6 on Windows 7 Windows 7 supports IPv6 by default. DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer. To enable IPv6 in Windows 7: 1 Select Control Panel > Network and Sharing Center > Local Area Connection. 2 Select the Internet Protocol Version 6 (TCP/IPv6) checkbox to enable it.
Appendix E IPv6 4 Click Close to exit the Local Area Connection Status screen. 5 Select Start > All Programs > Accessories > Command Prompt. 6 Use the ipconfig command to check your dynamic IPv6 address. This example shows a global address (2001:b021:2d::1000) obtained from a DHCP server. C:\>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS IPv6 Address. . . . . . Link-local IPv6 Address IPv4 Address. . . . . . Subnet Mask . . . . . .
A PPENDIX F Services The following table lists some commonly-used services and their associated protocols and port numbers. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like. • Protocol: This is the type of IP protocol used by the service. If this is TCP/UDP, then the service uses the same port number with TCP and UDP. If this is USER-DEFINED, the Port(s) is the IP protocol number, not the port number.
Appendix F Services Table 146 Examples of Services NAME 348 PROTOCOL PORT(S) DESCRIPTION AH (IPSEC_TUNNEL) User-Defined 51 The IPSEC AH (Authentication Header) tunneling protocol uses this service. AIM TCP 5190 AOL’s Internet Messenger service. AUTH TCP 113 Authentication protocol used by some servers. BGP TCP 179 Border Gateway Protocol. BOOTP_CLIENT UDP 68 DHCP Client. BOOTP_SERVER UDP 67 DHCP Server.
Appendix F Services Table 146 Examples of Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION NEW-ICQ TCP 5190 An Internet chat program. NEWS TCP 144 A protocol for news groups. NFS UDP 2049 Network File System - NFS is a client/ server distributed file service that provides transparent file sharing for network environments. NNTP TCP 119 Network News Transport Protocol is the delivery mechanism for the USENET newsgroup service.
Appendix F Services Table 146 Examples of Services (continued) 350 NAME PROTOCOL PORT(S) DESCRIPTION SQL-NET TCP 1521 Structured Query Language is an interface to access data on many different types of database systems, including mainframes, midrange systems, UNIX systems and network servers. SSDP UDP 1900 The Simple Service Discovery Protocol supports Universal Plug-and-Play (UPnP). SSH TCP/UDP 22 Secure Shell Remote Login Program. STRM WORKS UDP 1558 Stream Works Protocol.
A PPENDIX G Legal Information Copyright Copyright © 2013 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
Appendix G Legal Information corresponding return address, Postage Paid. This warranty gives you specific legal rights, and you may also have other rights that vary from country to country. Registration Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com for North American products.
Index Index example 94 A ACL rule 192 activation firewalls 189 media server 184 SIP ALG 162 SSID 78 Address Resolution Protocol 235 administrator password 25, 26 AH 219 algorithms 219 alternative subnet mask notation 310 antenna directional 337 gain 336 omni-directional 337 AP (access point) 327 applications Internet access 18 media server 184 activation 184 iTunes server 184 applications, NAT 168 ARP Table 235, 237 authentication 91, 92 RADIUS server 92 automatic logout 26 B backup configuration 269 Bas
Index static route 61, 129, 130, 173 Connectivity Check Messages, see CCMs E copyright 351 EAP Authentication 331 CoS 149 ECHO 168 CoS technologies 136 e-mail log example 264 creating certificates 204 CTS (Clear to Send) 328 CTS threshold 87, 91 D data fragment threshold 87, 91 DDoS 188 default LAN IP address 25 default server address 162 Encapsulation 62 MER 62 PPP over Ethernet 62 encapsulation 42, 219 RFC 1483 62 encryption 93, 333 ESP 219 ESS 326 Extended Service Set IDentification 72, 79 Ext
Index H hidden node 327 HTTP 168 I IANA 314 Internet Assigned Numbers Authority see IANA IBSS 325 ID type and content 223 IEEE 802.11g 329 IPSec VPN 211 IPv6 43, 339 addressing 43, 66, 339 EUI-64 341 global address 340 interface ID 341 link-local address 339 Neighbor Discovery Protocol 339 ping 339 prefix 43, 66, 339 prefix delegation 45 prefix length 43, 66, 339 unspecified address 340 ISP 42 iTunes server 184 IEEE 802.
Index activation 162 traversal 222 M MA 273 NAT example 169 MAC address 82, 109 filter 81, 92 negotiation mode 221 MAC authentication 81 Network Address Translation see NAT Mac filter 195 Network Address Translation, see NAT Maintenance Association, see MA Network Map 37 Maintenance Domain, see MD network map 29 Maintenance End Point, see MEP NNTP 168 Management Information Base (MIB) 255 managing the device good habits 17 O Maximum Burst Size (MBS) 63 MBSSID 94 outside header 220 MD 273
Index private IP address 125 product registration 352 protocol 42 S PSK 333 security wireless LAN 91 push button 22 Security Log 227 Push Button Configuration, see PBC Security Parameter Index, see SPI push button, WPS 96 service access control 249, 250, 251 Service Set 72, 79 Services 168 Q QoS 135, 149 marking 136 setup 135 tagging 136 versus CoS 135 setup firewalls 189 static route 61, 129, 130, 173 Simple Network Management Protocol, see SNMP Single Rate Three Color Marker, see srTCM SIP ALG
Index subnetting 310 installation 111 NAT traversal 104 Sustained Cell Rate (SCR) 63 SYN attack 188 syslog protocol 225 severity levels 225 system firmware 267 version 36 passwords 25, 26 reset 22 status 35 LAN 36 WAN 36 wireless LAN 36 time 257 USB features 19 V VID Virtual Circuit (VC) 63 Virtual Local Area Network See VLAN VLAN 65 Introduction 65 number of possible VIDs priority frame static VLAN ID 65 VLAN Identifier See VID T VLAN tag 65 VoIP status 233 Tag Control Information See TCI Tag Proto
Index BSS 94 example 94 channel 90 encryption 93 example 90 fragmentation threshold 87, 91 limitations 93 MAC address filter 81, 92 MBSSID 94 preamble 88, 91 RADIUS server 92 RTS/CTS threshold 87, 91 security 91 SSID 92 activation 78 status 36 WDS 84, 95 compatibility 84 example 95 WEP 93 WPA 93 WPA-PSK 93 WPS 95, 98 example 99 limitations 101 PIN 96 push button 22, 96 WPS 95, 98 example 99 limitations 101 PIN 96 example 98 push button 22, 96 wireless security 329 WLAN interference 327 security parameter