Chapter 10 Quality of Service (QoS) Figure 94 Network Setting > QoS > Monitor The following table describes the labels in this screen. Table 54 Network Setting > QoS > Monitor LABEL DESCRIPTION Refresh Interval Enter how often you want the Zyxel Device to update this screen. Select None to stop refreshing statistics. Interface Monitor # This is the index number of the entry. Name This shows the name of the interface on the Zyxel Device.
Chapter 10 Quality of Service (QoS) describes the traffic types defined in the IEEE 802.1d standard (which incorporates the 802.1p). Table 55 IEEE 802.1p Priority Level and Traffic Type PRIORITY LEVEL TRAFFIC TYPE Level 7 Typically used for network control traffic such as router configuration messages. Level 6 Typically used for voice traffic that is especially sensitive to jitter (jitter is the variations in delay).
Chapter 10 Quality of Service (QoS) Automatic Priority Queue Assignment If you enable QoS on the Zyxel Device, the Zyxel Device can automatically base on the IEEE 802.1p priority level, IP precedence and/or packet length to assign priority to traffic which does not match a class. The following table shows you the internal layer-2 and layer-3 QoS mapping on the Zyxel Device.
Chapter 10 Quality of Service (QoS) • A packet can be transmitted if the number of tokens in the bucket is equal to or greater than the size of the packet (in bytes). • After a packet is transmitted, a number of tokens corresponding to the packet size is removed from the bucket. • If there are no tokens in the bucket, the Zyxel Device stops transmitting until enough tokens are generated.
Chapter 10 Quality of Service (QoS) The Two Rate Three Color Marker (trTCM, defined in RFC 2698) is a type of traffic policing that identifies packets by comparing them to two user-defined rates: the Committed Information Rate (CIR) and the Peak Information Rate (PIR). The CIR specifies the average rate at which packets are admitted to the network. The PIR is greater than or equal to the CIR.
C H A P T E R 11 Network Address Translation (NAT) 11.1 NAT Overview This chapter discusses how to configure NAT on the Zyxel Device. NAT (Network Address Translation NAT, RFC 1631) is the translation of the IP address of a host in a packet; for example, the source address of an outgoing packet, used within one network, to a different IP address known within another network. 11.1.
Chapter 11 Network Address Translation (NAT) back to the inside local address before forwarding it to the original inside host. Port Forwarding A port forwarding set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visible to the outside world even though NAT makes your whole inside network appear as a single computer to the outside world. Finding Out More See Section 11.8 on page 179 for advanced technical information on NAT. 11.
Chapter 11 Network Address Translation (NAT) Figure 95 Multiple Servers Behind NAT Example IP Address assigned by ISP Click Network Setting > NAT > Port Forwarding to open the following screen. Figure 96 Network Setting > NAT > Port Forwarding The following table describes the fields in this screen. Table 57 Network Setting > NAT > Port Forwarding LABEL DESCRIPTION Add New Rule Click this to add a new rule. # This is the index number of the entry.
Chapter 11 Network Address Translation (NAT) Table 57 Network Setting > NAT > Port Forwarding (continued) LABEL DESCRIPTION Protocol This shows the IP protocol supported by this virtual server, whether it is TCP, UDP, or TCP/UDP. Modify Click the Edit icon to edit this rule. Click the Delete icon to delete an existing rule. 11.2.1 Add/Edit Port Forwarding Click Add New Rule in the Port Forwarding screen or click the Edit icon next to an existing rule to open the following screen.
Chapter 11 Network Address Translation (NAT) Figure 97 Port Forwarding: Add/Edit The following table describes the labels in this screen. Table 58 Port Forwarding: Add/Edit LABEL DESCRIPTION Active Click this switch to enable or disable the rule. When the switch goes to the right function is enabled. Otherwise, it is not. Service Name Enter a name to identify this rule using keyboard characters (A-Z, a-z, 1-2 and so on).
Chapter 11 Network Address Translation (NAT) Table 58 Port Forwarding: Add/Edit (continued) LABEL DESCRIPTION Start Port Enter the original destination port for the packets. To forward only one port, enter the port number again in the End Port field. To forward a series of ports, enter the start port number here and the end port number in the End Port field. End Port Enter the last port of the original destination port range.
Chapter 11 Network Address Translation (NAT) Note: The maximum number of open ports for a single rule or all rules is 999. Note: The sum of trigger ports in all rules must be less than 1000 and every open port range must be less than 1000. When the protocol is TCP/UDP, the ports are counted twice. For example: Figure 98 Trigger Port Forwarding Process: Example 1 Jane requests a file from the Real Audio server (port 7070).
Chapter 11 Network Address Translation (NAT) Figure 99 Network Setting > NAT > Port Triggering The following table describes the labels in this screen. Table 59 Network Setting > NAT > Port Triggering LABEL DESCRIPTION Add New Rule Click this to create a new rule. # This is the index number of the entry. Status This field displays whether the port triggering rule is active or not. A yellow bulb signifies that this rule is active. A gray bulb signifies that this rule is not active.
Chapter 11 Network Address Translation (NAT) Figure 100 Port Triggering: Add/Edit The following table describes the labels in this screen. Table 60 Port Triggering: Configuration Add/Edit LABEL DESCRIPTION Active Select Enable or Disable to activate or deactivate the rule. Service Name Enter a name to identify this rule using keyboard characters (A-Z, a-z, 1-2 and so on). WAN Interface Select a WAN interface for which you want to configure port triggering rules.
Chapter 11 Network Address Translation (NAT) Note: Use an IPv4 address for the DMZ server. Note: Enter the IP address of the default server in the Default Server Address field, and click Apply to active the DMZ host. Otherwise, clear the IP address in the Default Server Address field, and click Apply to deactivate the DMZ host. Figure 101 Network Setting > NAT > DMZ The following table describes the fields in this screen.
Chapter 11 Network Address Translation (NAT) Figure 102 Network Setting > NAT > ALG The following table describes the fields in this screen. Table 62 Network Setting > NAT > ALG LABEL DESCRIPTION NAT ALG Enable this to make sure applications such as FTP and file transfer in IM applications work correctly with port-forwarding and address-mapping rules. SIP ALG Enable this to make sure SIP (VoIP) works correctly with port-forwarding and address-mapping rules.
Chapter 11 Network Address Translation (NAT) The following table describes the fields in this screen. Table 63 Network Setting > NAT > Address Mapping LABEL DESCRIPTION Add New Rule Click this to create a new rule. Rule Name This is the name of the rule. Local Start IP This is the starting Inside Local IP Address (ILA). Local End IP This is the ending Inside Local IP Address (ILA). If the rule is for all local IP addresses, then this field displays 0.0.0.0 as the Local Start IP address and 255.
Chapter 11 Network Address Translation (NAT) Figure 104 Address Mapping: Add/Edit The following table describes the fields in this screen. Table 64 Address Mapping: Add/Edit LABEL DESCRIPTION Rule Name Type up to 20 alphanumeric characters for the name of this rule. Type Choose the IP/port mapping type from one of the following. One-to-One: This mode maps one local IP address to one global IP address. Note that port numbers do not change for the One-to-one NAT mapping type.
Chapter 11 Network Address Translation (NAT) Setting > NAT > Sessions to display the following screen. Note: Enter a number of concurrent NAT sessions in the MAX NAT Session Per Host field, and click Apply to limit the number of concurrent NAT sessions a client can use. Otherwise, clear the number in the MAX NAT Session Per Host field. Click Apply and there's no limit for concurrent NAT sessions a client can use.
Chapter 11 Network Address Translation (NAT) same inside host when the packet is on the WAN side. The following table summarizes this information. Table 66 NAT Definitions ITEM DESCRIPTION Inside This refers to the host on the LAN. Outside This refers to the host on the WAN. Local This refers to the packet address (source or destination) as the packet travels on the LAN. Global This refers to the packet address (source or destination) as the packet travels on the WAN.
Chapter 11 Network Address Translation (NAT) Figure 106 How NAT Works 11.8.4 NAT Application The following figure illustrates a possible NAT application, where 3 inside LANs (logical LANs using IP alias) behind the Zyxel Device can communicate with 3 distinct WAN networks.
Chapter 11 Network Address Translation (NAT) Port Forwarding: Services and Port Numbers The most often used port numbers are shown in the following table. Please refer to RFC 1700 for further information about port numbers. Please also refer to the Supporting CD for more examples and details on port forwarding and NAT.
C H A P T E R 12 Dynamic DNS Setup 12.1 DNS Overview DNS DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a machine before you can access it. In addition to the system DNS server(s), each WAN interface (service) is set to have its own static or dynamic DNS server list.
Chapter 12 Dynamic DNS Setup If you have a private WAN IP address, then you cannot use Dynamic DNS. 12.2 DNS Entry DNS (Domain Name System) is used for mapping a domain name to its corresponding IP address and vice versa. Use this screen to view and configure DNS routes on the Zyxel Device. Click Network Setting > DNS to open the DNS Entry screen. Note: The host name should consist of the host’s local name and the domain name. For example, Mycomputer.
Chapter 12 Dynamic DNS Setup Figure 110 DNS Entry: Add/Edit The following table describes the labels in this screen. Table 69 DNS Entry: Add/Edit LABEL DESCRIPTION Host Name Enter the host name of the DNS entry. IP Address Enter the IP address of the DNS entry. Cancel Click Cancel to exit this screen without saving any changes. OK Click OK to save your changes. 12.3 Dynamic DNS Dynamic DNS can update your current dynamic IP address mapping to a hostname.
Chapter 12 Dynamic DNS Setup Figure 111 Network Setting > DNS > Dynamic DNS The following table describes the fields in this screen. Table 70 Network Setting > DNS > > Dynamic DNS LABEL DESCRIPTION Dynamic DNS Setup Dynamic DNS Select Enable to use dynamic DNS. Service Provider Select your Dynamic DNS service provider from the drop-down list box. Host Name Type the domain name assigned to your Zyxel Device by your Dynamic DNS provider.
C H A P T E R 13 IGMP/MLD 13.1 IGMP/MLD Overview Multicast delivers IP packets to a group of hosts on the network defined by multicast groups. Membership to these multicast groups are established using IGMP/MLD. Use the IGMP/MLD screen to configure IGMP/MLD group settings. 13.1.1 What You Need To Know Multicast and IGMP See Multicast on page 85 for more information.
Chapter 13 IGMP/MLD Figure 112 Network Setting > IGMP/MLD The following table describes the labels in this screen. Table 71 Network Setting > IGMP/MLD LABEL DESCRIPTION IGMP/MLD Configuration Default Version Enter the version of IGMP (1~3) and MLD (1~2) that you want the Zyxel Device to use on the WAN. Query Interval Enter the number of seconds the Zyxel Device sends a query message to hosts to get the group membership information.
Chapter 13 IGMP/MLD Table 71 Network Setting > IGMP/MLD (continued) LABEL DESCRIPTION Maximum Multicast Groups Enter a number to limit the number of multicast groups an interface on the Zyxel Device is allowed to join. Once a multicast member is registered in the specified number of multicast groups, any new IGMP or MLD join report frames are dropped by the interface.
C H A P T E R 14 VLAN Group 14.1 Overview A VLAN (Virtual Local Area Network) allows a physical network to be partitioned into multiple logical networks. Devices on a logical network belong to one group. A device can belong to more than one group. With VLAN, a device cannot directly talk to or hear from devices that are not in the same group(s); the traffic must first go through a router.
Chapter 14 VLAN Group 14.2 VLAN Group Settings This screen shows the VLAN groups created on the Zyxel Device. Click Network Setting > VLAN Group to open the following screen. Figure 114 Network Setting > VLAN Group The following table describes the fields in this screen. Table 72 Network Setting > VLAN Group LABEL DESCRIPTION Add New VLAN Group Click this button to create a new VLAN group. # This is the index number of the VLAN group. Group Name This shows the descriptive name of the VLAN group.
Chapter 14 VLAN Group The following table describes the fields in this screen. Table 73 Add/Edit VLAN Group LABEL DESCRIPTION VLAN Group Name Enter a name to identify this group. You can enter up to 30 characters. You can use letters, numbers, hyphens (-) and underscores (_). Spaces are not allowed. VLAN ID Enter a unique ID number, from 1 to 4,094, to identify this VLAN group. Outgoing traffic is tagged with this ID if TX Tagging is selected below.
C H A P T E R 15 Interface Grouping 15.1 Interface Grouping Overview By default, all LAN and WAN interfaces on the Zyxel Device are in the same group and can communicate with each other. Create interface groups to have the Zyxel Device assign IP addresses in different domains to different groups. Each group acts as an independent network on the Zyxel Device. Devices in different groups cannot communicate with each other directly. 15.1.
Chapter 15 Interface Grouping You can use this screen to create new user-defined interface groups or modify existing ones. Interfaces that do not belong to any user-defined group always belong to the default group. Click Network Setting > Interface Grouping to open the following screen. Figure 117 Network Setting > Interface Grouping The following table describes the fields in this screen.
Chapter 15 Interface Grouping Figure 118 Interface Group Configuration The following table describes the fields in this screen. Table 75 Interface Group Configuration LABEL DESCRIPTION Group Name Enter a name to identify this group. You can enter up to 30 characters. You can use letters, numbers, hyphens (–) and underscores (_). Spaces are not allowed. WAN Interfaces used in the grouping Select the WAN interface this group uses. The group can have up to one ETH interface.
Chapter 15 Interface Grouping Table 75 Interface Group Configuration (continued) LABEL DESCRIPTION Filter Criteria This shows the filtering criteria. The LAN interface on which the matched traffic is received will belong to this group automatically. WildCard Support This shows if wildcard on DHCP option 60 is enabled. Modify Click the Edit icon to change the group setting. Click the Delete icon to delete this group from the Zyxel Device.
Chapter 15 Interface Grouping The following table describes the fields in this screen. Table 76 Interface Grouping Criteria LABEL DESCRIPTION Source MAC Address Enter the source MAC address of the packet. DHCP Option 60 Select this option and enter the Vendor Class Identifier (Option 60) of the matched traffic, such as the type of the hardware or firmware. Enable wildcard Select this option to be able to use wildcards in the Vendor Class Identifier configured for DHCP option 60.
C H A P T E R 16 Firewall 16.1 Firewall Overview This chapter shows you how to enable and configure the Zyxel Device’s security settings. Use the firewall to protect your Zyxel Device and network from attacks by hackers on the Internet and control access to it. By default the firewall: • allows traffic that originates from your LAN computers to go to all other networks. • blocks traffic that originates on other networks from going to the LAN. The following figure illustrates the default firewall action.
Chapter 16 Firewall 16.1.2 What You Need to Know SYN Attack A SYN attack floods a targeted system with a series of SYN packets. Each packet causes the targeted system to issue a SYN-ACK response. While the targeted system waits for the ACK that follows the SYNACK, it queues up all outstanding SYN-ACK responses on a backlog queue. SYN-ACKs are moved off the queue only when an ACK comes back or when an internal timer terminates the three-way handshake.
Chapter 16 Firewall Note: When the security level is set to High, Telnet, FTP, HTTP, HTTPS, DNS, IMAP, POP3, SMTP, and/or IPv6 ICMPv6 (Ping) traffic from the LAN are still allowed. Click Security > Firewall to display the General screen. Figure 121 Security > Firewall > General The following table describes the labels in this screen. Table 77 Security > Firewall > General LABEL DESCRIPTION IPv4 Firewall Use the switch to turn on or off the firewall feature on the Zyxel Device for IPv4 traffic.
Chapter 16 Firewall Figure 122 Security > Firewall > Protocol The following table describes the labels in this screen. Table 78 Security > Firewall > Protocol LABEL DESCRIPTION Add New Protocol Entry Click this to add a new service. Name This is the name of your customized service. Description This is the description of your customized service. Ports/Protocol Number This shows the IP protocol (TCP, UDP, ICMP, or TCP/UDP) and the port number or range of ports that defines your customized service.
Chapter 16 Firewall The following table describes the labels in this screen. Table 79 Security > Firewall > Protocol: Add/Edit LABEL DESCRIPTION Service Name Enter a unique name (up to 32 printable English keyboard characters, including spaces) for your customized port. Description Enter a description for your customized port. Protocol Choose the IP protocol (TCP, UDP, ICMP, ICMPv6, or Other) that defines your customized port from the drop-down list box.
Chapter 16 Firewall Table 80 Security > Firewall > Access Control (continued) LABEL DESCRIPTION Service This displays the transport layer protocol that defines the service and the direction of traffic to which this rule applies. Action This field displays whether the rule silently discards packets (DROP), discards packets and sends a TCP reset packet or an ICMP destination-unreachable message to the sender (REJECT) or allows the passage of packets (ACCEPT).
Chapter 16 Firewall Figure 125 Access Control: Add/Edit The following table describes the labels in this screen. Table 81 Access Control: Add/Edit LABEL DESCRIPTION Active Slide this switch to activate the Access Control List rule. Filter Name Enter a descriptive name of up to 16 alphanumeric characters, not including spaces, underscores, and dashes. You must enter the filter name to add an ACL rule. This field is read-only if you are editing the ACL rule. Order Select the order of the ACL rule.
Chapter 16 Firewall Table 81 Access Control: Add/Edit (continued) LABEL DESCRIPTION Select Destination Device Select the destination device to which the ACL rule applies. If you select Specific IP Address, enter the destiniation IP address in the field below. Destination IP Address Enter the destination IP address. MAC Address Enter the MAC address of the destination device. IP Type Select whether your IP type is IPv4 or IPv6.
Chapter 16 Firewall Use the DoS screen to activate protection against DoS attacks. Click Security > Firewall > DoS to display the following screen. Figure 126 Security > Firewall > DoS The following table describes the labels in this screen. Table 82 Security > Firewall > DoS LABEL DESCRIPTION DoS Protection Blocking Select Enable to enable protection against DoS attacks. Cancel Click Cancel to restore the default or previously saved settings. Apply Click Apply to save your changes.
C H A P T E R 17 MAC Filter 17.1 MAC Filter Overview You can configure the Zyxel Device to permit access to clients based on their MAC addresses in the MAC Filter screen. This applies to wired and wireless connections. Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of 6 pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. You need to know the MAC addresses of the LAN client to configure this screen. 17.
Chapter 17 MAC Filter Figure 128 Enabling individual MAC Filters The following table describes the labels in this screen. Table 83 Security > MAC Filter LABEL DESCRIPTION MAC Address Filter Select Enable to activate the MAC filter function. MAC Restrict Mode Select Allow to only permit the listed MAC addresses access to the Zyxel Device. Select Deny to permit anyone access to the Zyxel Device except the listed MAC addresses. Add New Rule Click this button to create a new entry.
C H A P T E R 18 Parental Control 18.1 Parental Control Overview Parental control allows you to limit the time a user can access the Internet and prevent users from viewing inappropriate content or participating in specified online activities. 18.2 Parental Control Settings Use this screen to enable parental control and view parental control rules and schedules.
Chapter 18 Parental Control Table 84 Security > Parental Control (continued) LABEL DESCRIPTION PCP Name This shows the name of the rule. Home Network User MAC This shows the MAC address of the LAN user’s computer to which this rule applies. Internet Access Schedule This shows the day(s) and time on which parental control is enabled. Network Service This shows whether the network service is configured. If not, None will be shown. Website Block This shows whether the website block is configured.
Chapter 18 Parental Control Figure 130 Security > Parental Control > Add/Edit PCP (General, Rule List & Internet Access Schedule) EX3510-B0 User’s Guide 211
Chapter 18 Parental Control Figure 131 Security > Parental Control > Add/Edit PCP (Network Service & Site/URL Keyword) The following table describes the fields in this screen. Table 85 Security > Parental Control >Add/Edit PCP LABEL DESCRIPTION General Active Select Enable or Disable to activate or deactivate the parental control rule. Parental Control Profile Name Enter a descriptive name for the rule.
Chapter 18 Parental Control Table 85 Security > Parental Control >Add/Edit PCP (continued) LABEL DESCRIPTION Service Name This shows the name of the rule. Protocol:Port This shows the protocol and the port of the rule. Modify Click the Edit icon to go to the screen where you can edit the rule. Click the Delete icon to delete an existing rule.
Chapter 18 Parental Control Figure 133 Security > Parental Control > Add/Edit PCP > Add New Service The following table describes the fields in this screen. Table 86 Security > Parental Control > Add/Edit PCP > Add New Service LABEL DESCRIPTION Add New Service Select the name of the service from the drop-down list. Otherwise, select User Define and specify the name, protocol, and port of the service.
Chapter 18 Parental Control The following table describes the fields in this screen. Table 87 Security > Parental Control > Add/Edit PCP > Add Keyword LABEL DESCRIPTION Site/URL Keyword Enter a keyword and click OK to have the Zyxel Device block access to the website URLs that contain the keyword. Cancel Click Cancel to exit this screen without saving any changes. OK Click OK to save your changes.
C H A P T E R 19 Scheduler Rule 19.1 Scheduler Rule Overview A Scheduler Rule allows you to define time periods and days during which the Zyxel Device allows certain actions. 19.2 Scheduler Rule Settings Use this screen to view, add, or edit time schedule rules. A scheduler rule is a reusable object that is applied to other features, such as Firewall Access Control. Click Security > Scheduler Rule to open the following screen.
Chapter 19 Scheduler Rule 19.2.1 Add/Edit a Schedule Rule Click the Add New Rule button in the Scheduler Rule screen or click the Edit icon next to a schedule rule to open the following screen. Use this screen to configure a schedule rule. Figure 136 Scheduler Rule: Add/Edit The following table describes the fields in this screen. Table 89 Scheduler Rule: Add/Edit LABEL DESCRIPTION Rule Name Enter a name (up to 31 printable English keyboard characters, not including spaces) for this schedule.
C H A P T E R 20 Certificates 20.1 Certificates Overview The Zyxel Device can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication. 20.1.
Chapter 20 Certificates Figure 137 Security > Certificates > Local Certificates The following table describes the labels in this screen. Table 90 Security > Certificates > Local Certificates LABEL DESCRIPTION Private Key is protected by a password Select the check box and enter the private key into the text box to store it on the Zyxel Device. The private key should not exceed 63 ASCII characters (not including spaces).
Chapter 20 Certificates 20.3.1 Create Certificate Request Click Security > Certificates > Local Certificates and then Create Certificate Request to open the following screen. Use this screen to have the Zyxel Device generate a certification request. To create a certificate signing request, you need to enter a common name, organization name, state/province name, and the two-letter country code for the certificate.
Chapter 20 Certificates Figure 139 Certificate Request: View The following table describes the fields in this screen. Table 92 Certificate Request: View LABEL DESCRIPTION Name This field displays the identifying name of this certificate. Type This field displays general information about the certificate. ca means that a Certification Authority signed the certificate.
Chapter 20 Certificates Table 92 Certificate Request: View (continued) LABEL DESCRIPTION Certificate This read-only text box displays the certificate in Privacy Enhanced Mail (PEM) format. PEM uses base 64 to convert the binary certificate into a printable form. You can copy and paste the certificate into an e-mail to send to friends or colleagues or you can copy and paste the certificate into a text editor and save the file on a management computer for later distribution.
Chapter 20 Certificates Table 93 Security > Certificates > Trusted CA (continued) LABEL DESCRIPTION Type This field displays general information about the certificate. ca means that a Certification Authority signed the certificate. Modify Click the View icon to open a screen with an in-depth list of information about the certificate (or certification request). Click the Remove button to delete the certificate (or certification request).
Chapter 20 Certificates The following table describes the fields in this screen. Table 94 Trusted CA: View LABEL DESCRIPTION Name This field displays the identifying name of this certificate. This read-only text box displays the certificate in Privacy Enhanced Mail (PEM) format. PEM uses base 64 to convert the binary certificate into a printable form.
C H A P T E R 21 Log 21.1 Log Overview These screens allow you to determine the categories of events that the Zyxel Device logs and then display these logs or have the Zyxel Device send them to an administrator (through e-mail) or to a syslog server. 21.1.1 What You Can Do in this Chapter • Use the System Log screen to see the system logs (Section 21.2 on page 226). • Use the Security Log screen to see the security-related logs for the categories that you select (Section 21.3 on page 227). 21.1.
Chapter 21 Log Table 96 Syslog Severity Levels (continued) CODE SEVERITY 5 Notice: There is a normal but significant condition on the system. 6 Informational: The syslog contains an informational message. 7 Debug: The message is intended for debug-level purposes. 21.2 System Log Use the System Log screen to see the system logs. You can filter the entries by selecting a severity level and/or category. Click System Monitor > Log > System Log to open the System Log screen.
Chapter 21 Log 21.3 Security Log Use the Security Log screen to see the security-related logs for the categories that you select. You can filter the entries by selecting a severity level and/or category. Click System Monitor > Log > Security Log to open the following screen. Figure 144 System Monitor > Log > Security Log The following table describes the fields in this screen. Table 98 System Monitor > Log > Security Log LABEL DESCRIPTION Level Select a severity level from the drop-down list box.
C H A P T E R 22 Traffic Status 22.1 Traffic Status Overview Use the Traffic Status screens to look at the network traffic status and statistics of the WAN/LAN interfaces and NAT. 22.1.1 What You Can Do in this Chapter • Use the WAN screen to view the WAN traffic statistics (Section 22.2 on page 228). • Use the LAN screen to view the LAN traffic statistics (Section 22.3 on page 229). • Use the NAT screen to view the NAT status of the Zyxel Device’s client(s) (Section 22.4 on page 230). 22.
Chapter 22 Traffic Status The following table describes the fields in this screen. Table 99 System Monitor > Traffic Status > WAN LABEL DESCRIPTION Refresh Interval Select how often you want the Zyxel Device to update this screen. Connected Interface This shows the name of the WAN interface that is currently connected. Packets Sent Data This indicates the number of transmitted packets on this interface. Error This indicates the number of frames with errors transmitted on this interface.
Chapter 22 Traffic Status The following table describes the fields in this screen. Table 100 System Monitor > Traffic Status > LAN LABEL DESCRIPTION Refresh Interval Select how often you want the Zyxel Device to update this screen. Interface This shows the LAN or wireless LAN interface on the Zyxel Device. Bytes Sent This indicates the number of bytes transmitted on this interface. Bytes Received This indicates the number of bytes received on this interface.
C H A P T E R 23 ARP Table 23.1 ARP Table Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long. MAC addresses are 48 bits long. The ARP Table maintains an association between each MAC address and its corresponding IP address. 23.1.
Chapter 23 ARP Table 23.2 ARP Table Settings Use the ARP table to view the IPv4-to-MAC address mapping(s) for each device connected to the Zyxel Device. The neighbor table shows the IPv6-to-MAC address mapping(s) of each neighbor. To open this screen, click System Monitor > ARP Table. Figure 148 System Monitor > ARP Table The following table describes the labels in this screen. Table 102 System Monitor > ARP Table LABEL DESCRIPTION # This is the index number of the ARP or neighbor table entry.
Chapter 24 Routing Table C H A P T E R 24 Routing Table 24.1 Routing Table Overview Routing is based on the destination address only and the Zyxel Device takes the shortest path to forward a packet. 24.2 Routing Table Settings The table below shows IPv4 and IPv6 routing information. The IPv4 subnet mask is ‘255.255.255.255’ for a host destination and ‘0.0.0.0’ for the default route. The gateway address is written as ‘*’(IPv4)/‘::’(IPv6) if none is set.
Chapter 24 Routing Table Figure 149 System Monitor > Routing Table The following table describes the labels in this screen. Table 103 System Monitor > Routing Table LABEL DESCRIPTION IPv4/IPv6 Routing Table Destination This indicates the destination IPv4 address or IPv6 address and prefix of this route. Gateway This indicates the IPv4 address or IPv6 address of the gateway that helps forward this route’s traffic. Subnet Mask This indicates the destination subnet mask of the IPv4 route.
Chapter 24 Routing Table Table 103 System Monitor > Routing Table (continued) LABEL DESCRIPTION Flag This indicates the route status. U-Up: The route is up. !-Reject: The route is blocked and will force a route lookup to fail. G-Gateway: The route uses a gateway to forward traffic. H-Host: The target of the route is a host. R-Reinstate: The route is reinstated for dynamic routing. D-Dynamic (redirect): The route is dynamically installed by a routing daemon or redirect.
Chapter 25 Multicast Status C H A P T E R 25 Multicast Status 25.1 Multicast Status Overview Use the Multicast Status screens to view IPv4 or IPv6 multicast group information. 25.2 IGMP Status Use this screen to look at the current list of IPv4 multicast groups the Zyxel Device manages through IGMP. Internet Group Multicast Protocol (IGMP) is a network-layer protocol used to establish membership in a Multicast group - it is not used to carry user data.
Chapter 25 Multicast Status 25.3 MLD Status Use this screen to look at the current list of IPv6 multicast groups the Zyxel Device manages through MLD. Multicast Listener Discovery (MLD) allows an IPv6 switch or router to discover the presence of MLD hosts who wish to receive multicast packets and the IP addresses of multicast groups the hosts want to join on its network. MLDv1 is equivalent to IGMPv2 and MLDv2 is equivalent to IGMPv3. You can configure MLD settings in Network Setting > IGMP/MLD.
C H A P T E R 26 WLAN Station Status 26.1 WLAN Station Status Overview Click System Monitor > WLAN Station Status to open the following screen. Use this screen to view information and status of the wireless stations (wireless clients) that are currently associated with the Zyxel Device.
Chapter 26 WLAN Station Status Table 106 System Monitor > WLAN Station Status (continued) LABEL DESCRIPTION SNR The Signal-to-Noise Ratio (SNR) is the ratio between the received signal power and the received noise power. The normal range is 15 to 40. If the value drops below 15, try moving the associated wireless station closer to the Zyxel Device to get better quality WiFi.
C H A P T E R 27 System 27.1 System Overview In the System screen, you can name your Zyxel Device (Host) and give it an associated domain name. Domain is the name given to a network. It will be required to reach a network from an external point (like the Internet). Knowing the domain name will allow you to reach a particular network, and knowing the host name will allow you to reach a particular device.
Chapter 28 User Account C H A P T E R 28 User Account 28.1 User Account Overview In the User Account screen, you can view the settings of the ‘admin’ and other user accounts that you use to log into the Zyxel Device to manage it. 28.2 User Account Settings Click Maintenance > User Account to open the following screen. Use this screen to create or manage user accounts and their privileges on the Zyxel Device. Figure 154 Maintenance > User Account The following table describes the labels in this screen.
Chapter 28 User Account Table 108 Maintenance > User Account (continued) LABEL DESCRIPTION Retry Times This field displays the number of times consecutive wrong passwords can be entered for this account. 0 means there is no limit. Idle Timeout This field displays the length of inactive time before the Zyxel Device will automatically log the user out of the Web Configurator.
Chapter 28 User Account Table 109 Maintenance > User Account > Add/Edit (continued) LABEL DESCRIPTION Password Type your new system password. The Password must contain 6 to 64 characters, including 0 to 9 and a to z. Note that as you type a password, the screen displays a (*) for each character you type. After you change the password, use the new password to access the Zyxel Device. Verify New Password Type the new password again for confirmation.
C H A P T E R 29 Remote Management 29.1 Remote Management Overview Use remote management to control what services you can use through which interface(s) in order to manage the Zyxel Device. 29.1.1 What You Can Do in this Chapter • Use the MGMT Services screen to allow various approaches to access the Zyxel Device remotely from a WAN and/or LAN connection (Section 29.2 on page 244).
Chapter 29 Remote Management Figure 156 Maintenance > Remote Management > MGMT Services The following table describes the fields in this screen. Table 110 Maintenance > Remote Management > MGMT Services LABEL DESCRIPTION WAN Interface used for services Select Any_WAN to have the Zyxel Device automatically activate the remote management service when any WAN connection is up.
Chapter 29 Remote Management Table 110 Maintenance > Remote Management > MGMT Services (continued) LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Cancel Click Cancel to restore the default or previously saved settings. Apply Click Apply to save your changes back to the Zyxel Device. 29.
Chapter 29 Remote Management Figure 158 Maintenance > Remote Management > Trust Domain > Add Trust Domain The following table describes the fields in this screen. Table 112 Maintenance > Remote Management > Trust Domain > Add Trust Domain LABEL DESCRIPTION IP Address Enter a public IP address which is allowed to access the service on the Zyxel Device from the WAN. You can enter an IPv4 or IPv6 address and subnet mask or prefix length.
C H A P T E R 30 SNMP 30.1 SNMP Overview This screen allows you to configure the SNMP settings on the Zyxel Device. The Simple Network Management Protocol is a protocol used for exchanging management information between network devices. Your Zyxel Device supports SNMP agent functionality, which allows a manager station to manage and monitor the Zyxel Device through the network. The next figure illustrates an SNMP management operation.
Chapter 30 SNMP SNMP itself is a simple request/response protocol based on the manager/agent model. The manager issues a request and the agent returns responses using the following protocol operations: • Get - Allows the manager to retrieve an object variable from the agent. • GetNext - Allows the manager to retrieve the next object variable from a table or list within an agent.
Chapter 30 SNMP The following table describes the fields in this screen. Table 113 Maintenance > SNMP LABEL DESCRIPTION SNMP Agent Enable this switch to let the Zyxel Device act as an SNMP agent, which allows a manager station to manage and monitor the Zyxel Device through the network, Click this switch to enable/disable it. When the switch goes to the right , the function is enabled.
C H A P T E R 31 Time Settings 31.1 Time Settings Overview This chapter shows you how to configure the Zyxel Device’s system date and time. 31.2 Time For effective scheduling and logging, the Zyxel Device’s system time must be accurate. Use this screen to configure the Zyxel Device’s time based on your local time zone. You can enter a time server address, select the time zone where the Zyxel Device is physically located, and configure Daylight Savings settings if needed.
Chapter 31 Time Settings Figure 161 Maintenance > Time EX3510-B0 User’s Guide 252
Chapter 31 Time Settings The following table describes the fields in this screen. Table 114 Maintenance > Time LABEL DESCRIPTION Current Date/Time Current Time This field displays the time of your Zyxel Device. Each time you reload this page, the Zyxel Device synchronizes the time with the time server. Current Date This field displays the date of your Zyxel Device. Each time you reload this page, the Zyxel Device synchronizes the date with the time server.
Chapter 31 Time Settings Table 114 Maintenance > Time (continued) LABEL DESCRIPTION Cancel Click Cancel to restore the default or previously saved settings. Apply Click Apply to save your changes.
C H A P T E R 32 E-mail Notification 32.1 E-mail Notification Overview A mail server is an application or a computer that can receive, forward and deliver e-mail messages. To have the Zyxel Device send reports, logs or notifications via e-mail, you must specify an e-mail server and the e-mail addresses of the sender and receiver. 32.2 E-mail Notification Settings Click Maintenance > E-mail Notification to open the E-mail Notification screen.
Chapter 32 E-mail Notification Table 115 Maintenance > E-mail Notification (continued) LABEL DESCRIPTION Port This field displays the port number of the mail server. Security This field displays the protocol used for encryption. E-mail Address This field displays the e-mail address that you want to be in the from/sender line of the e-mail that the Zyxel Device sends. Remove Click this to delete the entry. 32.2.1 E-mail Notification Edit Click the Add button in the E-mail Notification screen.
Chapter 32 E-mail Notification Table 116 E-mail Notification > Add (continued) LABEL DESCRIPTION Connection Security Select SSL to use Secure Sockets Layer (SSL) or Transport Layer Security (TLS) if you want encrypted communications between the mail server and the Zyxel Device. Select STARTTLS to upgrade a plain text connection to a secure connection using SSL/TLS. Cancel Click this button to exit this screen without saving any changes.
C H A P T E R 33 Log Setting 33.1 Logs Setting Overview You can configure where the Zyxel Device sends logs and which type of logs the Zyxel Device records in the Logs Setting screen. 33.2 Log Settings To change your Zyxel Device’s log settings, click Maintenance > Log Setting. The screen appears as shown.
Chapter 33 Log Setting Figure 164 Maintenance > Log Setting The following table describes the fields in this screen. Table 117 Maintenance > Log Setting LABEL DESCRIPTION Syslog Setting Syslog Logging The Zyxel Device sends a log to an external syslog server. Click this switch to enable or disable syslog logging. When the switch goes to the right , the function is enabled. Otherwise, it is not. Mode Select the syslog destination from the drop-down list box.
Chapter 33 Log Setting Table 117 Maintenance > Log Setting (continued) LABEL DESCRIPTION E-mail Log Settings E-mail Log Settings Click this switch to have the Zyxel Device send logs and alarm messages to the configured email addresses. When the switch goes to the right , the function is enabled. Otherwise, it is not. Mail Account Select a mail account from which you want to send logs. You can configure mail accounts in the Maintenance > E-mail Notification screen.
Chapter 33 Log Setting Figure 165 E-mail Log Example Subject: Firewall Alert From Date: Fri, 07 Apr 2019 10:05:42 From: user@zyxel.com To: user@zyxel.com 1|Apr 7 00 |From:192.168.1.1 To:192.168.1.255 | 09:54:03 |UDP src port:00520 dest port:00520 2|Apr 7 00 |From:192.168.1.131 To:192.168.1.255 | 09:54:17 |UDP src port:00520 dest port:00520 3|Apr 7 00 |From:192.168.1.6 To:10.10.10.10 | 09:54:19 |UDP src port:03516 dest port:00053 ……………………………..{snip}………………………………….. ……………………………..{snip}…………………………………..
C H A P T E R 34 Firmware Upgrade 34.1 Firmware Upgrade Overview This screen lets you upload new firmware to your Zyxel Device. You can download new firmware releases from your nearest Zyxel FTP site (or www.zyxel.com) to upgrade your device’s performance. Only use firmware for your device’s specific model. Refer to the label on the bottom of your Zyxel Device. 34.2 Firmware Upgrade Settings Click Maintenance > Firmware Upgrade to open the following screen.
Chapter 34 Firmware Upgrade Table 118 Maintenance > Firmware Upgrade LABEL DESCRIPTION Current Firmware Version This is the present Firmware version and the date created. File Path Type the location of the file you want to upload in this field or click Browse or Choose File to find it. Browse/ Choose File Click this to find the .bin file you want to upload. Remember that you must decompress compressed (.zip) files before you can upload them. Upload Click this to begin the upload process.
Chapter 34 Firmware Upgrade Network Temporarily Disconnected EX3510-B0 User’s Guide 264
C H A P T E R 35 Backup/Restore 35.1 Backup/Restore Overview This chapter describes the Zyxel Device’s Maintenance > Backup/Restore screens. Use these screens to perform maintenance on your Zyxel Device’s settings. 35.1.1 What You Can Do in this Chapter • Use the Backup/Restore screen to backup/restore/reset device settings (Section 35.2 on page 265). 35.2 Backup/Restore Settings Click Maintenance > Backup/Restore > Backup/Restore.
Chapter 35 Backup/Restore Figure 169 Maintenance > Backup/Restore Backup Configuration Backup Configuration allows you to back up (save) the Zyxel Device’s current configuration to a file on your computer. Once your Zyxel Device is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes. The backup configuration file will be useful in case you need to return to your previous settings.
Chapter 35 Backup/Restore Table 119 Restore Configuration LABEL DESCRIPTION Browse Click this to find the file you want to upload. Remember that you must decompress compressed (.ZIP) files before you can upload them. Upload Click this to begin the upload process. Do NOT turn off the Zyxel Device while configuration file upload is in progress. After the Zyxel Device configuration has been restored successfully, the login screen appears. Login again to restart the Zyxel Device.
Chapter 35 Backup/Restore Figure 173 Reset In Process Message You can also press the RESET button on the rear panel to reset the factory defaults of your Zyxel Device. Refer to Section 1.5.4 on page 23 for more information on the RESET button. 35.3 Reboot System Reboot allows you to reboot the Zyxel Device remotely without turning the power off. You may need to do this if the Zyxel Device hangs, for example. Click Maintenance > Reboot. Click Reboot to have the Zyxel Device reboot.
Chapter 36 Diagnostic C H A P T E R 36 Diagnostic 36.1 Diagnostic Overview The Diagnostic screens display information to help you identify problems with the Zyxel Device. The route between a Central Office Very-high-bit-rate Digital Subscriber Line (CO VDSL) switch and one of its Customer-Premises Equipment (CPE) may go through switches owned by independent organizations. A connectivity fault point generally takes time to discover and impacts subscriber’s network access.
Chapter 36 Diagnostic 36.3 Ping & TraceRoute & NsLookup Use this screen use ping, traceroute, or nslookup for troubleshooting. Ping and traceroute are used to test whether a particular host is reachable. After entering an IP address and clicking on one of the buttons to start a test, the results will be shown in the Ping/Traceroute Test area. Use nslookup to find the IP address for a host name and vice versa. Click Maintenance > Diagnostic > Ping&TraceRoute&NsLookup to open the screen shown next.
Chapter 36 Diagnostic 36.4 802.1ag (CFM) Click Maintenance > Diagnostic > 802.1ag to open the following screen. Use this screen to configure and perform Connectivity Fault Management (CFM) actions as defined by the IEEE 802.1ag standard. CFM protocols include Continuity Check Protocol (CCP), Link Trace (LT), and Loopback (LB). Figure 176 Maintenance > Diagnostic > 802.1ag The following table describes the fields in this screen. Table 121 Maintenance > Diagnostic > 802.1ag LABEL DESCRIPTION 802.
Chapter 36 Diagnostic Table 121 Maintenance > Diagnostic > 802.1ag (continued) LABEL DESCRIPTION Maintenance Domain (MD) Level Select a level (0-7) under which you want to create an MA. MD Name Enter a descriptive name for the MD (Maintenance Domain). This field only appears if the Y.1731 field is disabled. MA ID Enter a descriptive name to identify the Maintenance Association. This field only appears if the Y.1731 field is disabled.
Chapter 36 Diagnostic Figure 177 Maintenance > Diagnostic > 802.3ah The following table describes the labels in this screen. Table 122 Maintenance > Diagnostics > 802.3ah LABEL DESCRIPTION IEEE 802.3ah Ethernet OAM Click this switch to enable or disable the Ethernet OAM on the specified interface. When the switch goes to the right , the function is enabled. Otherwise, it is not. Interface Select the interface on which you want to enable the IEEE 802.3ah.
P ART III Troubleshooting and Appendices Appendices contain general information. Some information may not apply to your Zyxel Device.
C H A P T E R 37 Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • Zyxel Device Access and Login • Internet Access • Wireless Internet Access • UPnP • IP Address Setup 37.1 Power, Hardware Connections, and LEDs The Zyxel Device does not turn on. None of the LEDs turn on. 1 Make sure the Zyxel Device is turned on.
Chapter 37 Troubleshooting 5 If the problem continues, contact the vendor. 37.2 Zyxel Device Access and Login I forgot the IP address for the Zyxel Device. 1 The default LAN IP address is 192.168.1.1. 2 If you changed the IP address and have forgotten it, you might get the IP address of the Zyxel Device by looking up the IP address of the default gateway for your computer. To do this in most Windows computers, click Start > Run, enter cmd, and then enter ipconfig.
Chapter 37 Troubleshooting 5 Reset the device to its factory defaults, and try to access the Zyxel Device with the default IP address. See Section 1.5.4 on page 23. 6 If the problem continues, contact the network administrator or vendor, or try one of the advanced suggestions. Advanced Suggestions • Make sure you have logged out of any earlier management sessions using the same user account even if they were through a different interface or using a different browser.
Chapter 37 Troubleshooting 1 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide and Table 2 on page 20. 2 Make sure you entered your ISP account information correctly in the Network Setting > Broadband screen. These fields are case-sensitive, so make sure [Caps Lock] is not on.
Chapter 37 Troubleshooting 37.4 Wireless Internet Access What factors may cause intermittent or unstabled wireless connection? How can I solve this problem? The following factors may cause interference: • Obstacles: walls, ceilings, furniture, and so on. • Building Materials: metal doors, aluminum studs. • Electrical devices: microwaves, monitors, electric motors, cordless phones, and other wireless devices.
Chapter 37 Troubleshooting The Local Area Connection icon for UPnP disappears in the screen. Restart your computer. 37.6 IP Address Setup I need to set the computer’s IP address to be in the same subnet as the Zyxel Device. 1 In Windows 10, open the Control Panel. 2 Click Network and Internet (this field may be missing in your version) > Network and Sharing Center. 3 Click Change adapter settings.
Chapter 37 Troubleshooting 4 Right-click the Ethernet icon, and then select Properties. 5 Click Internet Protocol Version 4 (TCP/IPv4) and then click Properties. 6 Select Use the following IP address and enter an IP address from 192.168.1.2 to 192.168.1.254. The Subnet mask will be entered automatically.
Chapter 37 Troubleshooting 7 Click OK when you are done and close all windows.
APPENDIX A Customer Support In the event of problems that cannot be solved by using this manual, you should contact your vendor. If you cannot contact your vendor, then contact a Zyxel office for the region in which you bought the device. See https://www.zyxel.com/homepage.shtml and also https://www.zyxel.com/about_zyxel/zyxel_worldwide.shtml for the latest information. Please have the following information ready when you contact an office. Required Information • Product model and serial number.
Appendix A Customer Support Korea • Zyxel Korea Corp. • http://www.zyxel.kr Malaysia • Zyxel Malaysia Sdn Bhd. • http://www.zyxel.com.my Pakistan • Zyxel Pakistan (Pvt.) Ltd. • http://www.zyxel.com.pk Philippines • Zyxel Philippines • http://www.zyxel.com.ph Singapore • Zyxel Singapore Pte Ltd. • http://www.zyxel.com.sg Taiwan • Zyxel Communications Corporation • https://www.zyxel.com/tw/zh/ Thailand • Zyxel Thailand Co., Ltd • https://www.zyxel.
Appendix A Customer Support • https://www.zyxel.com/be/fr/ Bulgaria • Zyxel България • https://www.zyxel.com/bg/bg/ Czech Republic • Zyxel Communications Czech s.r.o • https://www.zyxel.com/cz/cs/ Denmark • Zyxel Communications A/S • https://www.zyxel.com/dk/da/ Estonia • Zyxel Estonia • https://www.zyxel.com/ee/et/ Finland • Zyxel Communications • https://www.zyxel.com/fi/fi/ France • Zyxel France • https://www.zyxel.fr Germany • Zyxel Deutschland GmbH • https://www.zyxel.
Appendix A Customer Support Lithuania • Zyxel Lithuania • https://www.zyxel.com/lt/lt/ Netherlands • Zyxel Benelux • https://www.zyxel.com/nl/nl/ Norway • Zyxel Communications • https://www.zyxel.com/no/no/ Poland • Zyxel Communications Poland • https://www.zyxel.com/pl/pl/ Romania • Zyxel Romania • https://www.zyxel.com/ro/ro Russia • Zyxel Russia • https://www.zyxel.com/ru/ru/ Slovakia • Zyxel Communications Czech s.r.o. organizacna zlozka • https://www.zyxel.
Appendix A Customer Support Turkey • Zyxel Turkey A.S. • https://www.zyxel.com/tr/tr/ UK • Zyxel Communications UK Ltd. • https://www.zyxel.com/uk/en/ Ukraine • Zyxel Ukraine • http://www.ua.zyxel.com South America Argentina • Zyxel Communications Corporation • https://www.zyxel.com/co/es/ Brazil • Zyxel Communications Brasil Ltda. • https://www.zyxel.com/br/pt/ Colombia • Zyxel Communications Corporation • https://www.zyxel.com/co/es/ Ecuador • Zyxel Communications Corporation • https://www.zyxel.
Appendix A Customer Support Middle East • Zyxel Communications Corporation • https://www.zyxel.com/me/en/ North America USA • Zyxel Communications, Inc. - North America Headquarters • https://www.zyxel.com/us/en/ Oceania Australia • Zyxel Communications Corporation • https://www.zyxel.com/au/en/ Africa South Africa • Nology (Pty) Ltd. • https://www.zyxel.
APPENDIX B IPv6 Overview IPv6 (Internet Protocol version 6), is designed to enhance IP address size and features. The increase in IPv6 address size to 128 bits (from the 32-bit IPv4 address) allows up to 3.4 x 1038 IP addresses. IPv6 Addressing The 128-bit IPv6 address is written as eight 16-bit hexadecimal blocks separated by colons (:). This is an example IPv6 address 2001:0db8:1a2b:0015:0000:0000:1a2f:0000. IPv6 addresses can be abbreviated in two ways: • Leading zeros in a block can be omitted.
Appendix B IPv6 Unspecified Address An unspecified address (0:0:0:0:0:0:0:0 or ::) is used as the source address when a device does not have its own address. It is similar to “0.0.0.0” in IPv4. Loopback Address A loopback address (0:0:0:0:0:0:0:1 or ::1) allows a host to send packets to itself. It is similar to “127.0.0.1” in IPv4. Multicast Address In IPv6, multicast addresses provide the same functionality as IPv4 broadcast addresses. Broadcasting is not supported in IPv6.
Appendix B IPv6 Table 125 Reserved Multicast Address (continued) MULTICAST ADDRESS FF0E:0:0:0:0:0:0:0 FF0F:0:0:0:0:0:0:0 Subnet Masking Both an IPv6 address and IPv6 subnet mask compose of 128-bit binary digits, which are divided into eight 16-bit blocks and written in hexadecimal notation. Hexadecimal uses four bits for each character (1 ~ 10, A ~ F). Each block’s 16 bits are then represented by four hexadecimal characters. For example, FFFF:FFFF:FFFF:FFFF:FC00:0000:0000:0000.
Appendix B IPv6 T2 T1 Renew Renew to S1 to S1 Renew Renew to S1 to S1 Renew to S1 Renew to S1 Rebind to S2 Rebind to S2 DHCP Relay Agent A DHCP relay agent is on the same network as the DHCP clients and helps forward messages between the DHCP server and clients. When a client cannot use its link-local address and a well-known multicast address to locate a DHCP server on its network, it then needs a DHCP relay agent to send a message to a DHCP server that is not attached to the same network.
Appendix B IPv6 • Router advertisement: A response to a router solicitation or a periodical multicast advertisement from a router to advertise its presence and other parameters. IPv6 Cache An IPv6 host is required to have a neighbor cache, destination cache, prefix list and default router list. The Zyxel Device maintains and updates its IPv6 caches constantly using the information from response messages.
Appendix B IPv6 Example - Enabling IPv6 on Windows XP/2003/Vista By default, Windows XP and Windows 2003 support IPv6. This example shows you how to use the ipv6 install command on Windows XP/2003 to enable IPv6. This also displays how to use the ipconfig command to see auto-generated IP addresses. C:\>ipv6 install Installing... Succeeded. C:\>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific IP Address. . . . . Subnet Mask . . . . IP Address. . . . .
Appendix B IPv6 5 Click Start and then OK. 6 Now your computer can obtain an IPv6 address from a DHCPv6 server. Example - Enabling IPv6 on Windows 7 Windows 7 supports IPv6 by default. DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer. To enable IPv6 in Windows 7: 1 Select Control Panel > Network and Sharing Center > Local Area Connection. 2 Select the Internet Protocol Version 6 (TCP/IPv6) checkbox to enable it. 3 Click OK to save the change.
Appendix B IPv6 4 Click Close to exit the Local Area Connection Status screen. 5 Select Start > All Programs > Accessories > Command Prompt. 6 Use the ipconfig command to check your dynamic IPv6 address. This example shows a global address (2001:b021:2d::1000) obtained from a DHCP server. C:\>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS IPv6 Address. . . . . . Link-local IPv6 Address IPv4 Address. . . . . . Subnet Mask . . . . . . Default Gateway .
APPENDIX C Services The following table lists some commonly-used services and their associated protocols and port numbers. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like. • Protocol: This is the type of IP protocol used by the service. If this is TCP/UDP, then the service uses the same port number with TCP and UDP. If this is USER-DEFINED, the Port(s) is the IP protocol number, not the port number.
Appendix C Services Table 126 Examples of Services NAME PROTOCOL PORT(S) DESCRIPTION AH (IPSEC_TUNNEL) User-Defined 51 The IPSEC AH (Authentication Header) tunneling protocol uses this service. AIM TCP 5190 AOL’s Internet Messenger service. AUTH TCP 113 Authentication protocol used by some servers. BGP TCP 179 Border Gateway Protocol. BOOTP_CLIENT UDP 68 DHCP Client. BOOTP_SERVER UDP 67 DHCP Server.
Appendix C Services Table 126 Examples of Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION NFS UDP 2049 Network File System - NFS is a client/server distributed file service that provides transparent file sharing for network environments. NNTP TCP 119 Network News Transport Protocol is the delivery mechanism for the USENET newsgroup service. PING User-Defined 1 Packet INternet Groper is a protocol that sends out ICMP echo requests to test whether or not a remote host is reachable.
Appendix C Services Table 126 Examples of Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION TACACS UDP 49 Login Host Protocol used for (Terminal Access Controller Access Control System). TELNET TCP 23 Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments. It operates over TCP/IP networks. Its primary function is to allow users to log into remote host systems. VDOLIVE TCP 7000 UDP userdefined A videoconferencing solution.
APPENDIX D Legal Information Copyright Copyright © 2020 by Zyxel Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of Zyxel Communications Corporation. Published by Zyxel Communications Corporation.
Appendix D Legal Information Innovation, Science and Economic Development Canada RSS-GEN & RSS-247 Statement • • • • • This device contains licence-exempt transmitter(s)/receiver(s) that comply with Innovation, Science and Economic Development Canada's licence-exempt RSS(s). Operation is subject to the following two conditions: (1) this device may not cause interference, and (2) this device must accept any interference, including interference that may cause undesired operation of the device.
Appendix D Legal Information Industry Canada radiation exposure statement This device complies with ISED radiation exposure limits set forth for an uncontrolled environment. This device should be installed and operated with a minimum distance of 31 cm between the radiator and your body. Déclaration d’exposition aux radiations: Cet équipement est conforme aux limites d’exposition aux rayonnements ISED établies pour un environnement non contrôlé.
Appendix D Legal Information Italiano (Italian) Con la presente Zyxel dichiara che questo attrezzatura è conforme ai requisiti essenziali ed alle altre disposizioni pertinenti stabilite dalla direttiva 2014/53/UE. National Restrictions • • Latviešu valoda (Latvian) This product meets the National Radio Interface and the requirements specified in the National Frequency Allocation Table for Italy.
Appendix D Legal Information List of national codes COUNTRY ISO 3166 2 LETTER CODE COUNTRY ISO 3166 2 LETTER CODE Austria AT Liechtenstein LI Belgium BE Lithuania LT Bulgaria BG Luxembourg LU Croatia HR Malta MT Cyprus CY Netherlands NL Czech Republic CZ Norway NO Denmark DK Poland PL Estonia EE Portugal PT Finland FI Romania RO France FR Serbia RS Germany DE Slovakia SK Greece GR Slovenia SI Hungary HU Spain ES Iceland IS Switzerland CH Ireland
Appendix D Legal Information (Energy-related Products directive) as well as ecodesign requirement laid down in applicable implementing measures, power consumption has satisfied regulation requirements which are: • Network standby power consumption < 8W, and/or • Off mode power consumption < 0.5W, and/or • Standby mode power consumption < 0.5W. (Wireless setting, please refer to the chapter about wireless settings for more detail.
Appendix D Legal Information • • • • • • • • • • • • • • • • 雷雨天氣時,不要安裝,使用或維修此設備。有遭受電擊的風險。 切勿重摔或撞擊設備,並勿使用不正確的電源變壓器。 若接上不正確的電源變壓器會有爆炸的風險。 請勿隨意更換產品內的電池。 如果更換不正確之電池型式,會有爆炸的風險,請依製造商說明書處理使用過之電池。 請將廢電池丟棄在適當的電器或電子設備回收處。 請勿將設備解體。 請勿阻礙設備的散熱孔,空氣對流不足將會造成設備損害。 請插在正確的電壓供給插座 ( 如 : 北美 / 台灣電壓 110V AC,歐洲是 230V AC)。 假若電源變壓器或電源變壓器的纜線損壞,請從插座拔除,若您還繼續插電使用,會有觸電死亡的風險。 請勿試圖修理電源變壓器或電源變壓器的纜線,若有毀損,請直接聯絡您購買的店家,購買⼀個新的電源變壓器。 請勿將此設備安裝於室外,此設備僅適合放置於室內。 請勿隨⼀般垃圾丟棄。 請參閱產品背貼上的設備額定功率。 請參考產品型錄或是彩盒上的作業溫度。 產品沒有斷電裝置或者採用電源線的插頭視為斷電裝置的⼀部分,以下警語將適用 : -
Appendix D Legal Information Open Source Licenses This product may contain in part some free software distributed under GPL license terms and/or GPL like licenses. Open source licenses are provided with the firmware package. You can download the latest firmware at www.zyxel.com. If you cannot find it there, contact your vendor or Zyxel Technical Support at support@zyxel.com.tw. To obtain the source code covered under those Licenses, please contact your vendor or Zyxel Technical Support at support@zyxel.
Index Index Numbers broadband 73 1G WAN port 22 Broadband screen overview 73 2.
Index channel WiFi 105 DNS server address assignment 86 client list 123 Domain Name System, see DNS configuration backup 266 firewalls 199 reset 267 restoring 266 static route 138, 140, 184 DoS 199 Domain Name 182 DS field 162 DS, see differentiated services DSCP 162 Dual Stack Lite 75 connection status screen 26 overview 60 dual-band application 18 Connectivity Check Messages, see CCMs Dynamic DNS 55, 183 wildcard 183 dual-band gateway 17 contact information customer support 283 Dynamic Host
Index DoS 199 LAND attack 199 Ping of Death 199 SYN attack 199 IGMPv3 187 ILA 179 Inside Global Address, see IGA Inside Local Address, see ILA firewalls configuration 199 interface group 193 Internet access 16 wizard setup 33 firmware 262 version 63 Internet access application Ethernet WAN 17 forwarding ports 167 fragmentation threshold 101, 106 Internet connection add or edit 77 front panel LED indicators 19 INTERNET LED 20 FTP 19, 167, 182 Internet Protocol version 6 74 Internet Protocol versi
Index J loopback 269 Java permission 24 LTR 269 LTM 269 JavaScript 24 M L MA 269 MAC address 97, 124 associated wireless station 238 filter 96, 107 LAN 117 client list 123 DHCP 118, 134 DNS 118, 135 IP address 117, 119, 135 MAC address 124 status 64, 69 subnet mask 118, 119, 135 MAC address filter example configuration 57 MAC authentication 96 MAC filter 207 Maintenance Association, see MA LAN LED 21 Maintenance Domain, see MD LAN setup 68 Maintenance End Point, see MEP LAN to LAN multicast 1
Index port forwarding 167 port number 182 services 182 SIP ALG 175 activation 176 benefits 84 technical reference 84 PPTP 182 preamble 102, 106 preamble mode 109 NAT example 182 prefix delegation 76 navigation panel 28 private IP address 136 Network Address Translation, see NAT Push Button Configuration WPS 40 network map 28, 60 NNTP 182 Push Button Configuration, see PBC push button, WPS 110 P Q parental control define schedule 71 schedule setup 70 setup 69 QoS 145, 162 marking 146 setup 145 t
Index router features 16 static VLAN 85 Routing Information Protocol, see RIP status 60 firmware version 63 LAN 64, 69 WAN 63 WiFi 64 RSSI range 238 RSSI (Received Signal Strength Indicator) 238 RTS threshold 101, 106 status indicators 20 subnet mask 118, 135 SYN attack 199 S syslog protocol 225 severity levels 225 screen order change 60 Security Log 227 system 63 firmware 262 password 24 reset 23 status 60 time 251 Security Parameter Index, see SPI system information 62 service access control
Index U WEP Encryption 92 WiFi 104 authentication 106, 107 BSS 108 example 109 channel 105 encryption 108 example 104 fragmentation threshold 101, 106 limitations 108 MAC address filter 96, 107 MBSSID 109 preamble 102, 106 RADIUS server 107 RTS/CTS threshold 101, 106 security 106 SSID 107 activation 93 status 64 WPS 110, 112 example 113 limitations 115 PIN 111 push button 110 unicast 85 Universal Plug and Play, see UPnP upgrading firmware 262 UPnP 125 cautions 118 NAT traversal 118 turn on in Windows 10
Index WPS LED 21 WPS methods tutorial 40 WPS process example 42 Z Zyxel Device managing 18 Zyxel Family Safety page 213 EX3510-B0 User’s Guide 316
