FMG3024-D10A / FMG3025D10A Series Gigabit Active Fiber VoIP IAD Default Login Details LAN IP Address http://192.168.1.1 User Name admin Password 1234 IMPORTANT! READ CAREFULLY BEFORE USE. Version 1.00 Editionwww.zyxel.com 1, 2/2013 www.zyxel.
KEEP THIS GUIDE FOR FUTURE REFERENCE. IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Note: This guide is a reference for a series of products. Therefore some features or options in this guide may not be available in your product. Graphics in this book may differ slightly from the product due to differences in operating systems, operating system versions, or if you installed updated firmware/software for your device.
Contents Overview Contents Overview User’s Guide .......................................................................................................................................13 Introduction .............................................................................................................................................15 Introducing the Web Configurator ...........................................................................................................19 Tutorials ..............
Contents Overview 4 FMG3024-D10A / FMG3025-D10A Series User’s Guide
Table of Contents Table of Contents Contents Overview ..............................................................................................................................3 Table of Contents .................................................................................................................................5 Part I: User’s Guide ......................................................................................... 13 Chapter 1 Introduction...........................................
Table of Contents 3.6.3 Using a Digital Media Adapter .................................................................................................36 3.7 Using the Print Server Feature ..........................................................................................................37 3.8 Configuring Static Route for Routing to Another Network .................................................................51 3.9 Configuring QoS Queue and Class Setup ...........................................
Table of Contents 7.4 The UPnP Screen .............................................................................................................................99 7.5 The File Sharing Screen ...................................................................................................................99 7.5.1 Before You Begin ...................................................................................................................100 7.5.2 Add/Edit File Sharing .............................
Table of Contents 10.4.1 NAT Definitions ....................................................................................................................137 10.4.2 What NAT Does ...................................................................................................................138 10.4.3 How NAT Works ..................................................................................................................138 Chapter 11 Dynamic DNS ...............................................
Table of Contents Chapter 16 Certificates ........................................................................................................................................159 16.1 Overview .......................................................................................................................................159 16.1.1 What You Can Do in this Chapter ........................................................................................159 16.1.2 What You Need to Know ................
Table of Contents 18.7.1 VoIP .....................................................................................................................................194 18.7.2 SIP ......................................................................................................................................194 18.7.3 Quality of Service (QoS) ......................................................................................................199 18.7.4 Phone Services Overview ..........................
Table of Contents 24.1.1 What You Need to Know ......................................................................................................221 24.2 The System Screen .......................................................................................................................221 Chapter 25 Time Setting ......................................................................................................................................223 25.1 Overview ...................................
Table of Contents Appendix A IP Addresses and Subnetting.......................................................................................243 Appendix B Setting Up Your Computer’s IP Address ......................................................................253 Appendix C Pop-up Windows, JavaScript and Java Permissions ...................................................283 Appendix D Common Services.....................................................................................................
P ART I User’s Guide 13
C HAPT ER 1 Introduction 1.1 Overview The Device is a fiber WAN router, which also includes Voice over IP (VoIP) communication capabilities to allow you to use a traditional analog telephone to make Internet calls. By integrating all of these features, you are provided with ease of installation and high-speed, shared Internet access. The Device is also a complete security solution with a robust firewall based on Stateful Packet Inspection (SPI) technology and Denial of Service (DoS).
Chapter 1 Introduction Figure 2 Device’s VoIP Application PSTN The Device sends your call to a VoIP service provider’s SIP server which forwards your calls to either VoIP or PSTN phones.
Chapter 1 Introduction 1.3 Ways to Manage the Device Use any of the following methods to manage the Device. • Web Configurator. This is recommended for everyday management of the Device using a (supported) web browser. • FTP for firmware upgrades and configuration backup/restore. 1.4 Good Habits for Managing the Device Do the following things regularly to make the Device more secure and to manage the Device more effectively. • Change the password.
Chapter 1 Introduction 18 FMG3024-D10A / FMG3025-D10A Series User’s Guide
C HAPT ER 2 Introducing the Web Configurator 2.1 Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later versions, Mozilla Firefox 3 and later versions, or Safari 2.0 and later versions. The recommended screen resolution is 1024 by 768 pixels. In order to use the web configurator you need to allow: • Web browser pop-up windows from your device.
Chapter 2 Introducing the Web Configurator Note: For security reasons, the Device automatically logs you out if you do not use the web configurator for five minutes (default). If this happens, log in again. 5 The following screen displays if you have not yet changed your password. It is strongly recommended you change the default password. Enter a new password, retype it to confirm and click Apply; alternatively click Skip to proceed to the main menu if you do not want to change the password now.
Chapter 2 Introducing the Web Configurator 2.2 The Web Configurator Layout Click Connection Status > System Info to show the following screen. Figure 6 Web Configurator Layout A B a b C As illustrated above, the main screen is divided into these parts: • A - title bar • B - main window • C - navigation panel 2.2.1 Title Bar The title bar shows the following icon in the upper right corner. Click this icon to log out of the web configurator. 2.2.
Chapter 2 Introducing the Web Configurator If you click LAN Device on the System Info screen (a in Figure 6 on page 21), the Connection Status screen appears. See Chapter 4 on page 61 for more information about the Connection Status screen. If you click Virtual Device on the System Info screen (b in Figure 6 on page 21), a visual graphic appears, showing the connection status of the Device’s ports. The connected ports are in color and disconnected ports are gray. Figure 7 Virtual Device 2.2.
Chapter 2 Introducing the Web Configurator Table 1 Navigation Panel Summary (continued) LINK TAB FUNCTION Static Route Static Route Use this screen to view and set up static routes on the Device. DNS Route DNS Route Use this screen to view and configure DNS routes. QoS General Use this screen to enable QoS and decide allowable bandwidth using QoS. Queue Setup Use this screen to configure QoS queue assignment.
Chapter 2 Introducing the Web Configurator Table 1 Navigation Panel Summary (continued) LINK TAB FUNCTION WAN Use this screen to view the status of all network traffic going through the WAN port of the Device. LAN Use this screen to view the status of all network traffic going through the LAN ports of the Device. NAT Use this screen to view the status of NAT sessions on the Device. 3G Backup Use this screen to view the status of 3G Backup on the Device.
C HAPT ER 3 Tutorials 3.1 Overview This chapter contains the following tutorials: • Setting Up Your WAN Connection • Setting Up NAT Port Forwarding • How to Make a VoIP Call • Using the File Sharing Feature • Using the Media Server Feature • Using the Print Server Feature • Configuring Static Route for Routing to Another Network • Configuring QoS Queue and Class Setup • Access the Device Using DDNS 3.
Chapter 3 Tutorials 2 Enter the settings for your connection as specified by the ISP and save your changes. You should see a summary of your new connection setup in the Broadband screen. 3 Try to connect to a website, such as “www.zyxel.com” to see if you have correctly set up your Internet connection. Be sure to contact your service provider for any information you need to configure the WAN screens. 3.
Chapter 3 Tutorials 3 Click Apply. 4 The port forwarding settings you configured should appear in the table. Make sure the bulb in Status is the color yellow, meaning it is activated. Click Apply to have the Device start forwarding port 666 traffic to the computer with IP address 192.168.1.34. Players on the Internet then can have access to your Doom server. 3.4 How to Make a VoIP Call You can register a SIP account with the SIP server and make voice calls over the Internet to another VoIP device.
Chapter 3 Tutorials 3.4.1.1 SIP Service Provider Configuration Follow the steps below to configure your SIP service provider. 28 1 Make sure your Device is connected to the Internet. 2 Open the web configurator. 3 Click VoIP > SIP to open the SIP Service Provider screen. Select ChangeMe from the Service Provider Selection drop-down list box. 4 Select the Enable check box of SIP Service Provider and enter ServiceProvider1 as the SIP Service Provider Name.
Chapter 3 Tutorials 3.4.1.2 SIP Account Registration Follow the steps below to register and activate your SIP account. 1 Click Connection Status > System Info to check if your SIP account has been registered successfully. If the status is Not Registered, check your Internet connection and click Register to register your SIP account. Tutorial: Registration Status 3.4.1.3 Analog Phone Configuration 1 Click VoIP > Phone to open the Phone Device screen.
Chapter 3 Tutorials Tutorial: VoIP > Phone 3.4.1.4 Making a VoIP Call 1 Make sure you connect a telephone to the first phone port on the Device. 2 Make sure the Device is on and connected to the Internet. 3 Pick up the phone receiver. 4 Dial the VoIP phone number you want to call. 3.5 Using the File Sharing Feature In this section you can: • Set up file sharing of your USB device from the Device • Access the shared files of your USB device from a computer 3.5.
Chapter 3 Tutorials 3.5.1.2 Set up File Sharing on Your Device You also need to set up file sharing on your Device in order to share files. 1 Click Add new share in the File Sharing screen to configure a new share. Select your USB device from the Volume drop-down list box. 2 Click Browse to browse through all the files on your USB device. Select the folder that you want to add as a share. In this example, select Bob’s_Share. Click Apply. 3 You can add a description for the share or leave it blank.
Chapter 3 Tutorials 3.5.2 Access Your Shared Files From a Computer You can use Windows Explorer to access the file storage devices connected to the Device. Note: The examples in this User’s Guide show you how to use Microsoft’s Windows XP to browse your shared files. Refer to your operating system’s documentation for how to browse your file structure. Open Windows Explorer to access Bob’s Share using Windows Explorer browser.
Chapter 3 Tutorials Tutorial: USB Services > Media Server Check Enable Media Server and click Apply. This enables DLNA-compliant media clients to play the video, music and image files in your USB storage device. 3.6.2 Using Windows Media Player This section shows you how to play the media files on the USB storage device connected to your Device using Windows Media Player.
Chapter 3 Tutorials 2 Check Find media that others are sharing in the following screen and click OK. Tutorial: Media Sharing using Windows Vista (2) 3 In the Library screen, check the left panel. The Windows Media Player should detect the Device. Tutorial: Media Sharing using Windows Vista (3) The Device displays as a playlist. Clicking on the category icons in the right panel shows you the media files in the USB storage device attached to your Device. Windows 7 1 34 Open Windows Media Player.
Chapter 3 Tutorials Tutorial: Media Sharing using Windows 7 (1) If you cannot see the Device in the left panel as shown above, right-click Other Libraries > Refresh Other Libraries. 2 Select a category in the left panel and wait for Windows Media Player to connect to the Device. Tutorial: Media Sharing using Windows 7 (2) 3 In the right panel, you should see a list of files available in the USB storage device.
Chapter 3 Tutorials Tutorial: Media Sharing using Windows 7 (2) 3.6.3 Using a Digital Media Adapter This section shows you how you can use the Device with a ZyXEL DMA-2500 to play media files stored in the USB storage device in your TV screen. Note: For this tutorial, your DMA-2500 should already be set up with the TV according to the instructions in the DMA-2500 Quick Start Guide. 1 Connect the DMA-2500 to an available LAN port in your Device.
Chapter 3 Tutorials Tutorial: Media Sharing using DMA-2500 3 The screen shows you the list of available media files in the USB storage device. Select the file you want to open and push the Play button in the remote control. Tutorial: Media Sharing using DMA-2500 (2) 3.
Chapter 3 Tutorials use the RAW protocol to communicate with the printer. Consult your operating systems documentation for instructions on how to do this or follow the instructions below if you have a Windows 2000/XP operating system. 1 Click Start > Settings, then right click on Printers and select Open. Tutorial: Open Printers Window The Printers folder opens up. First you need to open up the properties windows for the printer you want to configure a TCP/IP port. 2 3 Locate your printer.
Chapter 3 Tutorials Tutorial: Printer Properties Window 5 A Printer Ports window appears. Select Standard TCP/IP Port and click New Port... Tutorial: Add a Port Window 6 Add Standard TCP/IP Printer Port Wizard window opens up. Click Next to start configuring the printer port. Tutorial: Add a Port Wizard 7 Enter the IP address of the Device to which the printer is connected in the Printer Name or IP Address: field. In our example we use the default IP address of the Device, 192.168.1.1.
Chapter 3 Tutorials Note: The computer from which you are configuring the TCP/IP printer port must be on the same LAN in order to use the printer sharing function. Tutorial: Enter IP Address of the Device 8 Select Custom under Device Type and click Settings. Tutorial: Custom Port Settings 9 Confirm the IP address of the Device in the IP Address field. 10 Select Raw under Protocol. 11 The Port Number is automatically configured as 9100. Click OK.
Chapter 3 Tutorials Tutorial: Custom Port Settings 12 Continue through the wizard, apply your settings and close the wizard window. Tutorial: Finish Adding the TCP/IP Port 13 Repeat steps 1 to 12 to add this printer to other computers on your network. Add a New Printer Using Windows This example shows how to connect a printer to your Device using the Windows XP Professional operating system. Some menu items may look different on your operating system.
Chapter 3 Tutorials 1 Click Start > Control Panel > Printers and Faxes to open the Printers and Faxes screen. Click Add a Printer. Tutorial: Printers Folder 2 The Add Printer Wizard screen displays. Click Next. Tutorial: Add Printer Wizard: Welcome 3 42 Select Local printer attached to this computer and click Next.
Chapter 3 Tutorials Tutorial: Add Printer Wizard: Local or Network Printer 4 Select Create a new port and Standard TCP/IP Port. Click Next. Tutorial: Add Printer Wizard: Select the Printer Port 5 Add Standard TCP/IP Printer Port Wizard window opens up. Click Next to start configuring the printer port.
Chapter 3 Tutorials 6 Enter the IP address of the Device to which the printer is connected in the Printer Name or IP Address: field. In our example we use the default IP address of the Device, 192.168.1.1. The Port Name field updates automatically to reflect the IP address of the port. Click Next. Note: The computer from which you are configuring the TCP/IP printer port must be on the same LAN in order to use the printer sharing function.
Chapter 3 Tutorials Tutorial: Custom Port Settings 11 Click Finish to close the wizard window. Tutorial: Finish Adding the TCP/IP Port 12 Select the make of the printer that you want to connect to the print server in the Manufacturer list of printers. 13 Select the printer model from the list of Printers.
Chapter 3 Tutorials Tutorial: Add Printer Wizard: Printer Driver 16 If the following screen displays, select Keep existing driver radio button and click Next if you already have a printer driver installed on your computer and you do not want to change it. Otherwise, select Replace existing driver to replace it with the new driver you selected in the previous screen and click Next. Tutorial: Add Printer Wizard: Use Existing Driver 17 Type a name to identify the printer and then click Next to continue.
Chapter 3 Tutorials Tutorial: Add Printer Wizard: Name Your Printer 18 The Device is a print server itself and you do not need to have your computer act as a print server by sharing the printer with other users in the same network; just select Do not share this printer and click Next to proceed to the following screen. Tutorial: Add Printer Wizard: Printer Sharing 19 Select Yes and then click the Next button if you want to print a test page.
Chapter 3 Tutorials Tutorial: Add Printer Wizard: Print Test Page 20 The following screen shows your current printer settings. Select Finish to complete adding a new printer. Tutorial: Add Printer Wizard Complete Add a New Printer Using Macintosh OS X Complete the following steps to set up a print server driver on your Macintosh computer. 1 Click the Print Center icon located in the Macintosh Dock (a place holding a series of icons/ shortcuts at the bottom of the desktop). Proceed to step 6 to continue.
Chapter 3 Tutorials Tutorial: Macintosh HD folder 4 Double-click the Utilities folder. Tutorial: Applications Folder 5 Double-click the Print Center icon. Tutorial: Utilities Folder 6 Click the Add icon at the top of the screen. Tutorial: Printer List Folder 7 Set up your printer in the Printer List configuration screen. Select IP Printing from the dropdown list box. 8 In the Printer’s Address field, type the IP address of your Device. 9 Deselect the Use default queue on server check box.
Chapter 3 Tutorials 11 Select your Printer Model from the drop-down list box. If the printer's model is not listed, select Generic. Tutorial: Printer Configuration 12 Click Add to select a printer model, save and close the Printer List configuration screen. Tutorial: Printer Model 13 The Name LP1 on 192.168.1.1 displays in the Printer List field. The default printer Name displays in bold type. Tutorial: Print Server Your Macintosh print server driver setup is complete.
Chapter 3 Tutorials 3.8 Configuring Static Route for Routing to Another Network In order to extend your Intranet and control traffic flowing directions, you may connect a router to the Device’s LAN. The router may be used to separate two department networks. This tutorial shows how to configure a static routing rule for two network routings. In the following figure, router R is connected to the Device’s LAN. R connects to two networks, N1 (192.168.1.x/24) and N2 (192.168.10.x/24).
Chapter 3 Tutorials You need to specify a static routing rule on the Device to specify R as the router in charge of forwarding traffic to N2. In this case, the Device routes traffic from A to R and then R routes the traffic to B.This tutorial uses the following example IP settings: N1 A R N2 B Table 2 IP Settings in this Tutorial DEVICE / COMPUTER IP ADDRESS The Device’s WAN 172.16.1.1 The Device’s LAN 192.168.1.1 A 192.168.1.34 R’s N1 192.168.1.253 R’s N2 192.168.10.2 B 192.168.10.
Chapter 3 Tutorials Click Apply. The Routing screen should display the route you just added. Now B should be able to receive traffic from A. You may need to additionally configure B’s firewall settings to allow specific traffic to pass through. 3.9 Configuring QoS Queue and Class Setup This section contains tutorials on how you can configure the QoS screen. Note: Voice traffic will not be affected by the user-defined QoS settings on the Device. It always gets the highest priority.
Chapter 3 Tutorials QoS Example ZyXEL Device Your computer IP=192.168.1.23 and/or MAC=AA:FF:AA:FF:AA:FF E-mail: Queue 7 1 DSL 10,000 kbps A colleague’s computer Other traffic: Automatic classifier Click Network Setting > QoS > General and check Active. Set your WAN Managed Upstream Bandwidth to 10,000 kbps (or leave this blank to have the Device automatically determine this figure). Click Apply to save your settings. Tutorial: Advanced > QoS 2 Go to Network Setting > QoS > Queue Setup.
Chapter 3 Tutorials Tutorial: Advanced > QoS > Class Setup Class Name Give a class name to this traffic, such as Email in this example. To Queue Link this to a queue created in the QoS > Queue Setup screen, which is the Email queue created in this example. From Interface This is the interface from which the traffic will be coming from. Select Lan. Ether Type Select IP to identify the traffic source by its IP address or MAC address.
Chapter 3 Tutorials Tutorial: Advanced > QoS > Monitor 3.10 Access the Device Using DDNS If you connect your Device to the Internet and it uses a dynamic WAN IP address, it is inconvenient for you to manage the device from the Internet. The Device’s WAN IP address changes dynamically. Dynamic DNS (DDNS) allows you to access the Device using a domain name. http://zyxelrouter.dyndns.org A a.b.c.d w.x.y.z To use this feature, you have to apply for DDNS service at www.dyndns.org.
Chapter 3 Tutorials 2 Apply for a user account. This tutorial uses UserName1 and 12345 as the username and password. 3 Log into www.dyndns.org using your account. 4 Add a new DDNS host name. This tutorial uses the following settings as an example. • Hostname: zyxelrouter.dyndns.org • Service Type: Host with IP address • IP Address: Enter the WAN IP address that your Device is currently using. You can find the IP address on the Device’s web configurator Status page.
Chapter 3 Tutorials 58 FMG3024-D10A / FMG3025-D10A Series User’s Guide
P ART II Technical Reference The appendices provide general information. Some details may not apply to your Device.
C HAPT ER 4 Connection Status and System Info 4.1 Overview After you log into the web configurator, the Connection Status screen appears. This shows the network connection status of the Device and clients connected to it. Use the System Info screen to look at the current status of the device, system resources, interfaces (LAN, WAN), and SIP accounts. You can also register and unregister SIP accounts.
Chapter 4 Connection Status and System Info Figure 9 Connection Status: List View In Icon View, if you want to view information about a client, click the client’s name and Info. Click the IP address if you want to change it. If you want to change the name or icon of the client, click Change name/icon. In List View, you can also view the client’s information. 4.3 The System Info Screen Click Connection Status > System Info to open this screen.
Chapter 4 Connection Status and System Info Each field is described in the following table. Table 3 System Info Screen LABEL DESCRIPTION Language Select the web configurator language from the drop-down list box. Refresh Interval Select how often you want the Device to update this screen from the drop-down list box. Device Information Host Name This field displays the Device system name. It is used for identification. You can change this in the Maintenance > System screen’s Host Name field.
Chapter 4 Connection Status and System Info Table 3 System Info Screen (continued) LABEL Rate DESCRIPTION For the LAN interface, this displays the port speed and duplex setting. For the WAN interface, this displays the port speed and duplex setting. For the 3G interface, it displays the maximum transmission rate when 3G is enabled or N/A when 3G is disabled. System Status System Up Time This field displays how long the Device has been running since it last started up.
Chapter 4 Connection Status and System Info Table 3 System Info Screen (continued) LABEL DESCRIPTION Account Status This shows Active when the SIP account has been registered and ready for use or In-Active when the SIP account is not yet registered. URI This field displays the account number and service domain of the SIP account. You can change these in VoIP > SIP > SIP Settings.
Chapter 4 Connection Status and System Info 66 FMG3024-D10A / FMG3025-D10A Series User’s Guide
C HAPT ER 5 Broadband 5.1 Overview This chapter discusses the Device’s Broadband screens. Use these screens to configure your Device for Internet access. A WAN (Wide Area Network) connection is an outside connection to another network or the Internet. It connects your private networks, such as a LAN (Local Area Network) and other networks, so that a computer in one location can communicate with computers in other locations.
Chapter 5 Broadband 5.1.1 What You Can Do in this Chapter • Use the Broadband screen to view, remove or add a WAN interface. You can also configure the WAN settings on the ZyXEL Device for Internet access (Section 5.2 on page 70). • Use the 3G Backup screen to configure 3G WAN connection (Section 5.3 on page 81).
Chapter 5 Broadband IPv6 Addressing The 128-bit IPv6 address is written as eight 16-bit hexadecimal blocks separated by colons (:). This is an example IPv6 address 2001:0db8:1a2b:0015:0000:0000:1a2f:0000. IPv6 addresses can be abbreviated in two ways: • Leading zeros in a block can be omitted. So 2001:0db8:1a2b:0015:0000:0000:1a2f:0000 can be written as 2001:db8:1a2b:15:0:0:1a2f:0. • Any number of consecutive blocks of zeros can be replaced by a double colon.
Chapter 5 Broadband An IPv6 address using the 6to4 mode consists of an IPv4 address, the format is as the following: 2002:[a public IPv4 address in hexadecimal]::/48 For example, A public IPv4 address is 202.156.30.41. The converted hexadecimal IP string is ca.9c.1E.29. The IPv6 address prefix becomes 2002:ca9c:1e29::/48.
Chapter 5 Broadband Figure 14 Network Setting > Broadband The following table describes the fields in this screen. Table 5 Network Setting > Broadband LABEL DESCRIPTION Switch WAN Mode Add new WAN Interface Click this to create a new WAN interface. # This is the index number of the connection. Name This is the service name of the connection. Mode This shows whether the connection is in routing mode or bridge mode. Encapsulation This shows the method of encapsulation used by this connection.
Chapter 5 Broadband Figure 15 Broadband Add/Edit: Routing - PPPoE - IPv4 Only 72 FMG3024-D10A / FMG3025-D10A Series User’s Guide
Chapter 5 Broadband Figure 16 Broadband Add/Edit: Routing - PPPoE - IPv6 IPv4 Dual Stack Figure 17 Broadband Add/Edit: Routing - PPPoE - IPv6 Only The following table describes the fields in this screen. Table 6 Broadband Add/Edit: Routing - PPPoE LABEL DESCRIPTION General Name Enter a service name of the connection. Mode Select Routing (default) from the drop-down list box if your ISP give you one IP address only and you want multiple computers to share an Internet account.
Chapter 5 Broadband Table 6 Broadband Add/Edit: Routing - PPPoE (continued) LABEL DESCRIPTION PPPoE Passthrough In addition to the Device’s built-in PPPoE client, you can enable PPPoE pass through to allow hosts on the LAN to use PPPoE client software on their computers to connect to the ISP via the Device. Each host can have a separate account and a public WAN IP address. PPPoE pass through is an alternative to NAT for application where NAT is not appropriate.
Chapter 5 Broadband Table 6 Broadband Add/Edit: Routing - PPPoE (continued) LABEL DESCRIPTION IGMP Proxy Enable Internet Group Multicast Protocol (IGMP) is a network-layer protocol used to establish membership in a Multicast group - it is not used to carry user data. Select this option to have the Device act as an IGMP proxy on this connection. This allows the Device to get subscribing information and maintain a joined member list for each multicast group. It can reduce multicast traffic significantly.
Chapter 5 Broadband Table 6 Broadband Add/Edit: Routing - PPPoE (continued) LABEL DESCRIPTION 6to4 Tunneling The 6 to 4 Tunnel fields display when you set the IPv6/IPv4 Mode field to IPv4 Only. Select 6to4 if the Device is connected to a network that has both IPv6 and IPv4 and the IPv4 addresses are public IP addresses. In this mode, the Device can convert an IPv4 address directly to an IPv6 address.
Chapter 5 Broadband Figure 18 Broadband Add/Edit: Routing - IPoE - IPv4 Only Figure 19 Broadband Add/Edit: Routing - IPoE - IPv6 IPv4 Dual Stack FMG3024-D10A / FMG3025-D10A Series User’s Guide 77
Chapter 5 Broadband Figure 20 Broadband Add/Edit: Routing - IPoE - IPv6 Only The following table describes the fields in this screen. Table 7 Broadband Add/Edit: Routing - IPoE LABEL DESCRIPTION General Name Enter a service name of the connection. Mode Select Routing (default) from the drop-down list box if your ISP give you one IP address only and you want multiple computers to share an Internet account. WAN Service Type This field is available only when you select Routing in the Mode field.
Chapter 5 Broadband Table 7 Broadband Add/Edit: Routing - IPoE (continued) LABEL DESCRIPTION Obtain an IP Address Automatically A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not fixed; the ISP assigns you a different one each time you connect to the Internet. Select this if you have a dynamic IP address.
Chapter 5 Broadband Table 7 Broadband Add/Edit: Routing - IPoE (continued) LABEL DESCRIPTION Prefix length Enter the bit number of the IPv6 subnet mask provided by your ISP. IPv6 Default Gateway Enter the IPv6 address of the default outgoing gateway using a colon (:) hexadecimal notation. IPv6 DNS Server Select whether you want to obtain the IPv6 DNS server addresses automatically or configure them manually.
Chapter 5 Broadband Figure 21 Broadband Add/Edit: Bridge The following table describes the fields in this screen. Table 8 Broadband Add/Edit: Bridge LABEL DESCRIPTION General Name Enter a service name of the connection. Mode Select Bridge when your ISP provides you more than one IP address and you want the connected computers to get individual IP address from ISP’s DHCP server directly.
Chapter 5 Broadband Figure 22 Broadband > 3G Backup The following table describes the labels in this screen. Table 9 Broadband > 3G Backup LABEL DESCRIPTION 3G Backup Select Enable 3G Backup to have the Device use the 3G connection as your WAN or a backup when the wired WAN connection fails. Card Description This field displays the manufacturer and model name of your 3G card if you inserted one in the Device. Otherwise, it displays N/A.
Chapter 5 Broadband Table 9 Broadband > 3G Backup (continued) LABEL Connection DESCRIPTION Select Nailed-UP if you do not want the connection to time out. Select On-Demand if you do not want the connection up all the time and specify an idle time-out in the Max Idle Timeout field. Max Idle Timeout This value specifies the time in minutes that elapses before the Device automatically disconnects from the ISP.
Chapter 5 Broadband For the service provider, PPPoE offers an access and authentication method that works with existing access control systems (for example RADIUS). One of the benefits of PPPoE is the ability to let you access one of multiple network services, a function known as dynamic service selection. This enables the service provider to easily create and offer new IP services for individuals.
Chapter 5 Broadband Sustained Cell Rate (SCR) is the mean cell rate of each bursty traffic source. It specifies the maximum average rate at which cells can be sent over the virtual connection. SCR may not be greater than the PCR. Maximum Burst Size (MBS) is the maximum number of cells that can be sent at the PCR. After MBS is reached, cell rates fall below SCR until cell rate averages to the SCR again. At this time, more cells (up to the MBS) can be sent at the PCR again.
Chapter 5 Broadband The VBR-nRT (non real-time Variable Bit Rate) type is used with bursty connections that do not require closely controlled delay and delay variation. It is commonly used for "bursty" traffic typical on LANs. PCR and MBS define the burst levels, SCR defines the minimum level. An example of an VBR-nRT connection would be non-time sensitive data file transfers. Unspecified Bit Rate (UBR) The Unspecified Bit Rate (UBR) ATM traffic class is for bursty data transfers.
Chapter 5 Broadband 4096 possible VIDs, a VID of 0 is used to identify priority frames and value 4095 (FFF) is reserved, so the maximum possible VLAN configurations are 4,094. TPID User Priority CFI VLAN ID 2 Bytes 3 Bits 1 Bit 12 Bits Multicast IP packets are transmitted in either one of two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everybody on the network). Multicast delivers IP packets to a group of hosts on the network - not everybody and not just 1.
Chapter 5 Broadband • Any number of consecutive blocks of zeros can be replaced by a double colon. A double colon can only appear once in an IPv6 address. So 2001:0db8:0000:0000:1a2f:0000:0000:0015 can be written as 2001:0db8::1a2f:0000:0000:0015, 2001:0db8:0000:0000:1a2f::0015, 2001:db8::1a2f:0:0:15 or 2001:db8:0:0:1a2f::15. IPv6 Prefix and Prefix Length Similar to an IPv4 subnet mask, IPv6 uses an address prefix to represent the network address.
Chapter 5 Broadband Table 10 2G, 2.5G, 2.75G, 3G and 3.5G Wireless Technologies MOBILE PHONE AND DATA STANDARDS NAME TYPE GSM-BASED CDMA-BASED 2G Circuitswitched GSM (Global System for Mobile Communications), Personal Handyphone System (PHS), etc. Interim Standard 95 (IS-95), the first CDMA-based digital cellular standard pioneered by Qualcomm. The brand name for IS-95 is cdmaOne. IS-95 is also known as TIA-EIA-95. 2.
Chapter 5 Broadband 90 FMG3024-D10A / FMG3025-D10A Series User’s Guide
C HAPT ER 6 Cable TV 6.1 Overview This chapter describes the Device’s Network Setting > CATV screen. Use this screen to set up your Device’s cable television function. 6.2 The CATV Screen Use this screen to enable cable television functions. Click Network Setting > CATV to open the CATV screen. Figure 24 Network Setting > CATV The following table describes the labels in this screen. Table 11 Network > CATV LABEL DESCRIPTION CATV Select this to enable the cable TV function.
Chapter 6 Cable TV 92 FMG3024-D10A / FMG3025-D10A Series User’s Guide
C HAPT ER 7 Home Networking 7.1 Overview A Local Area Network (LAN) is a shared communication system to which many computers are attached. A LAN is usually located in one immediate area such as a building or floor of a building. The LAN screens can help you configure a LAN DHCP server and manage IP addresses. LAN WAN 7.1.1 What You Can Do in this Chapter • Use the LAN Setup screen to set the LAN IP address, subnet mask, and DHCP settings (Section 7.2 on page 96).
Chapter 7 Home Networking Subnet Mask The subnet mask specifies the network number portion of an IP address. Your Device will compute the subnet mask automatically based on the IP address that you entered. You don't need to change the subnet mask computed by the Device unless you are instructed to do otherwise. DHCP DHCP (Dynamic Host Configuration Protocol) allows clients to obtain TCP/IP configuration at startup from a server.
Chapter 7 Home Networking 7.1.2.3 About File Sharing Workgroup name This is the name given to a set of computers that are connected on a network and share resources such as a printer or files. Windows automatically assigns the workgroup name when you set up a network. Shares When settings are set to default, each USB device connected to the Device is given a folder, called a “share”. If a USB hard drive connected to the Device has more than one partition, then each partition will be allocated a share.
Chapter 7 Home Networking Supported OSs Your operating system must support TCP/IP ports for printing and be compatible with the RAW (port 9100) protocol. The following OSs support Device’s printer sharing feature. • Microsoft Windows 95, Windows 98 SE (Second Edition), Windows Me, Windows NT 4.0, Windows 2000, Windows XP or Macintosh OS X. 7.2 The LAN Setup Screen Click Network Setting > Home Networking to open the LAN Setup screen.
Chapter 7 Home Networking Table 12 Network Setting > Home Networking > LAN Setup (continued) LABEL DESCRIPTION DHCP Select Enable to have your Device assign IP addresses, an IP default gateway and DNS servers to LAN computers and other devices that are DHCP clients. If you select Disable, you need to manually configure the IP addresses of the computers and other devices on your LAN. When DHCP is used, the following fields need to be set.
Chapter 7 Home Networking Figure 26 Network Setting > Home Networking > Static DHCP The following table describes the labels in this screen. Table 13 Network Setting > Home Networking > Static DHCP LABEL DESCRIPTION Add new static lease Click this to add a new static DHCP entry. # This is the index number of the entry. Status This field displays whether the client is connected to the Device. Host Name This field displays the client host name.
Chapter 7 Home Networking 7.4 The UPnP Screen Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices. A UPnP device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network. In turn, a device can leave a network smoothly and automatically when it is no longer in use. See page 108 for more information on UPnP.
Chapter 7 Home Networking Figure 29 File Sharing Overview B C A The Device will not be able to join the workgroup if your local area network has restrictions set up that do not allow devices to join a workgroup. In this case, contact your network administrator. 7.5.1 Before You Begin Make sure the Device is connected to your network and turned on. 1 Connect the USB device to one of the Device’s USB ports. Make sure the Device is connected to your network.
Chapter 7 Home Networking Each field is described in the following table. Table 16 Network Setting > Home Networking > File Sharing LABEL DESCRIPTION Server Configuration File Sharing Services (SMB) Select Enable to activate file sharing through the Device. Add new share Click this to set up a new share on the Device. # Select the check box to make the share available to the network. Otherwise, clear this. Status This shows whether or not the share is available for sharing.
Chapter 7 Home Networking 7.6 The Media Server Screen The media server feature lets anyone on your network play video, music, and photos from the USB storage device connected to your Device (without having to copy them to another computer). The Device can function as a DLNA-compliant media server. The Device streams files to DLNA-compliant media clients (like Windows Media Player).
Chapter 7 Home Networking Figure 33 Sharing a USB Printer 7.7.1 Before You Begin To configure the print server you need the following: • Your Device must be connected to your computer and any other devices on your network. The USB printer must be connected to your Device. • A USB printer with the driver already installed on your computer. • The computers on your network must have the printer software already installed before they can create a TCP/IP port for printing via the network.
Chapter 7 Home Networking 7.8 Technical Reference This section provides some technical background information about the topics covered in this chapter. LANs, WANs and the Device The actual physical connection determines whether the Device ports are LAN or WAN ports. There are two separate IP networks, one inside the LAN network and the other outside the WAN network as shown next.
Chapter 7 Home Networking Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established.
Chapter 7 Home Networking Device Print Server Compatible USB Printers The following is a list of USB printer models compatible with the Device print server.
Chapter 7 Home Networking Table 20 Compatible USB Printers (continued) BRAND MODEL HP Deskjet 1220C HP Deskjet F4185 HP Laserjet 1022 HP Laserjet 1200 HP Laserjet 2200D HP Laserjet 2420 HP Color Laserjet 1500L HP Laserjet 3015 HP Officejet 4255 HP Officejet 5510 HP Officejet 5610 HP Officejet 7210 HP Officejet Pro L7380 HP Photosmart 2610 HP Photosmart 3110 HP Photosmart 7150 HP Photosmart 7830 HP Photosmart C5280 HP Photosmart D5160 HP PSC 1350 HP PSC 1410 IBM
Chapter 7 Home Networking 7.9 Installing UPnP in Windows Example This section shows how to install UPnP in Windows Me and Windows XP. Installing UPnP in Windows Me Follow the steps below to install the UPnP in Windows Me. 1 Click Start and Control Panel. Double-click Add/Remove Programs. 2 Click the Windows Setup tab and select Communication in the Components selection box. Click Details.
Chapter 7 Home Networking Figure 37 Add/Remove Programs: Windows Setup: Communication: Components 4 Click OK to go back to the Add/Remove Programs Properties window and click Next. 5 Restart the computer when prompted. Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. 1 Click Start and Control Panel. 2 Double-click Network Connections. 3 In the Network Connections window, click Advanced in the main menu and select Optional Networking Components ….
Chapter 7 Home Networking Figure 39 Windows Optional Networking Components Wizard 5 In the Networking Services window, select the Universal Plug and Play check box. Figure 40 Networking Services 6 110 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next.
Chapter 7 Home Networking 7.10 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the Device. Make sure the computer is connected to a LAN port of the Device. Turn on your computer and the Device. Auto-discover Your UPnP-enabled Network Device 1 Click Start and Control Panel. Double-click Network Connections. An icon displays under Internet Gateway.
Chapter 7 Home Networking Figure 42 Internet Connection Properties 4 112 You may edit or delete the port mappings or click Add to manually add port mappings.
Chapter 7 Home Networking Figure 43 Internet Connection Properties: Advanced Settings Figure 44 Internet Connection Properties: Advanced Settings: Add 5 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. 6 Select Show icon in notification area when connected option and click OK. An icon displays in the system tray.
Chapter 7 Home Networking Figure 45 System Tray Icon 7 Double-click on the icon to display your current Internet connection status. Figure 46 Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the Device without finding out the IP address of the Device first. This comes helpful if you do not know the IP address of the Device. Follow the steps below to access the web configurator. 114 1 Click Start and then Control Panel.
Chapter 7 Home Networking Figure 47 Network Connections 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click on the icon for your Device and select Invoke. The web configurator login screen displays.
Chapter 7 Home Networking Figure 48 Network Connections: My Network Places 6 Right-click on the icon for your Device and select Properties. A properties window displays with basic information about the Device.
C HAPT ER 8 Routing 8.1 Overview The Device usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the Device send data to devices not reachable through the default gateway, use static routes. For example, the next figure shows a computer (A) connected to the Device’s LAN interface. The Device routes most traffic from A to the Internet through the Device’s default gateway (R1).
Chapter 8 Routing Figure 51 Network Setting > Static Route The following table describes the labels in this screen. Table 21 Network Setting > Static Route LABEL DESCRIPTION Add New Static Route Click this to set up a new static route on the Device. # This is the number of an individual static route. Active This indicates whether the rule is active or not. A yellow bulb signifies that this static route is active. A gray bulb signifies that this static route is not active.
Chapter 8 Routing The following table describes the labels in this screen. Table 22 Routing: Add/Edit LABEL DESCRIPTION Active Click this to activate this static route. Route Name Enter the name of the IP static route. Leave this field blank to delete this static route. Destination IP Address This parameter specifies the IP network address of the final destination. Routing is always based on network number. If you need to specify a route to a single host, use a subnet mask of 255.255.255.
Chapter 8 Routing 120 FMG3024-D10A / FMG3025-D10A Series User’s Guide
C HAPT ER 9 Quality of Service (QoS) 9.1 Overview This chapter discusses the Device’s QoS screens. Use these screens to set up your Device to use QoS for traffic management. Quality of Service (QoS) refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. QoS allows the Device to group and prioritize application traffic and fine-tune network performance.
Chapter 9 Quality of Service (QoS) QoS versus Cos QoS is used to prioritize source-to-destination traffic flows. All packets in the same flow are given the same priority. CoS (class of service) is a way of managing traffic in a network by grouping similar types of traffic together and treating each type as a class. You can use CoS to give different priorities to different packet types. CoS technologies include IEEE 802.1p layer 2 tagging and DiffServ (Differentiated Services or DS). IEEE 802.
Chapter 9 Quality of Service (QoS) The following table describes the labels in this screen. Table 23 Network Setting > QoS > General LABEL DESCRIPTION Active QoS Select the check box to turn on QoS to improve your network performance. You can give priority to traffic that the Device forwards out through the WAN interface. Give high priority to voice and video to make them run more smoothly.
Chapter 9 Quality of Service (QoS) Figure 54 Network Setting > QoS > Queue Setup The following table describes the labels in this screen. Table 24 Network Setting > QoS > Queue Setup LABEL DESCRIPTION Add new Queue Click this to create a new entry. # This is the index number of this entry. Status This indicates whether the queue is active or not. A yellow bulb signifies that this queue is active. A gray bulb signifies that this queue is not active.
Chapter 9 Quality of Service (QoS) Figure 55 Queue Setup: Add/Edit The following table describes the labels in this screen. Table 25 Queue Setup: Add/Edit LABEL DESCRIPTION Active Select to enable or disable this queue. Name Enter the descriptive name of this queue. Interface This shows the interface of this queue. Priority Select the priority level (from 1 to 7) of this queue. The larger the number, the higher the priority level.
Chapter 9 Quality of Service (QoS) Figure 56 Network Setting > QoS > Class Setup The following table describes the labels in this screen. Table 26 Network Setting > QoS > Class Setup LABEL DESCRIPTION Add new Classifier Click this to create a new classifier. Order This field displays the order number of the classifier. Status This indicates whether the classifier is active or not. A yellow bulb signifies that this classifier is active. A gray bulb signifies that this classifier is not active.
Chapter 9 Quality of Service (QoS) Figure 57 Class Setup: Add/Edit The following table describes the labels in this screen. Table 27 Class Setup: Add/Edit LABEL DESCRIPTION Class Configuration Active Select to enable this classifier. Class Name Enter a descriptive name of up to 32 printable English keyboard characters, including spaces. Classification Order Select an existing number for where you want to put this classifier to move the classifier to the number you selected after clicking Apply.
Chapter 9 Quality of Service (QoS) Table 27 Class Setup: Add/Edit (continued) LABEL DESCRIPTION DSCP Mark This field is available only when you select the Ether Type check box in Criteria Configuration-Basic section. If you select Mark, enter a DSCP value with which the Device replaces the DSCP field in the packets. If you select Unchange, the Device keep the DSCP field in the packets. 802.1p Mark Select a priority level with which the Device replaces the IEEE 802.1p priority field in the packets.
Chapter 9 Quality of Service (QoS) Table 27 Class Setup: Add/Edit (continued) LABEL DESCRIPTION IP Address Select the check box and enter the destination IP address in dotted decimal notation. A blank source IP address means any source IP address. IP Subnet Mask Enter the destination subnet mask. Port Range If you select TCP or UDP in the IP Protocol field, select the check box and enter the port number(s) of the source.
Chapter 9 Quality of Service (QoS) 9.5 The QoS Monitor Screen To view the Device’s QoS packet statistics, click Network Setting > QoS > Monitor. The screen appears as shown. Figure 58 Network Setting > QoS > Monitor The following table describes the labels in this screen. Table 28 Network Setting > QoS > Monitor LABEL DESCRIPTION Monitor Refresh Interval Select how often you want the Device to update this screen. Select No Refresh to stop refreshing statistics.
Chapter 9 Quality of Service (QoS) 9.6.1 IEEE 802.1Q Tag The IEEE 802.1Q standard defines an explicit VLAN tag in the MAC header to identify the VLAN membership of a frame across bridges. A VLAN tag includes the 12-bit VLAN ID and 3-bit user priority. The VLAN ID associates a frame with a specific VLAN and provides the information that devices need to process the frame across the network. IEEE 802.1p specifies the user priority field and defines up to eight separate traffic types.
Chapter 9 Quality of Service (QoS) DSCP and Per-Hop Behavior DiffServ defines a new DS (Differentiated Services) field to replace the Type of Service (TOS) field in the IP header. The DS field contains a 2-bit unused field and a 6-bit DSCP field which can define up to 64 service levels. The following figure illustrates the DS field. DSCP is backward compatible with the three precedence bits in the ToS octet so that non-DiffServ compliant, ToS-enabled network device will not conflict with the DSCP mapping.
C HAPTER 10 Network Address Translation (NAT) 10.1 Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network. 10.1.1 What You Can Do in this Chapter • Use the Port Forwarding screen to configure forward incoming service requests to the server(s) on your local network (Section 10.2 on page 134).
Chapter 10 Network Address Translation (NAT) Finding Out More See Section 10.4 on page 137 for advanced technical information on NAT. 10.2 The Port Forwarding Screen Use the Port Forwarding screen to forward incoming service requests to the server(s) on your local network. You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server. The port number identifies a service; for example, web service is on port 80 and FTP on port 21.
Chapter 10 Network Address Translation (NAT) Figure 60 Network Setting > NAT > Port Forwarding The following table describes the fields in this screen. Table 30 Network Setting > NAT > Port Forwarding LABEL DESCRIPTION Add new rule Click this to add a new port forwarding rule. # This is the index number of the entry. Status This field indicates whether the rule is active or not. A yellow bulb signifies that this rule is active. A gray bulb signifies that this rule is not active.
Chapter 10 Network Address Translation (NAT) Figure 61 Port Forwarding: Add/Edit The following table describes the labels in this screen. Table 31 Port Forwarding: Add/Edit LABEL DESCRIPTION Enable This is available only in the Edit screen. Clear the check box to disable the rule. Select the check box to enable it. Service Name Enter a name to identify this rule using keyboard characters (A-Z, a-z, 1-2 and so on). WAN Interface Select the WAN interface through which the service is forwarded.
Chapter 10 Network Address Translation (NAT) 10.3 The Sessions Screen Use the Sessions screen to limit the number of concurrent NAT sessions each client can use. Click Network Setting > NAT > Sessions to display the following screen. Figure 62 Network Setting > NAT > Sessions The following table describes the fields in this screen.
Chapter 10 Network Address Translation (NAT) address of the same inside host when the packet is on the WAN side. The following table summarizes this information. Table 33 NAT Definitions ITEM DESCRIPTION Inside This refers to the host on the LAN. Outside This refers to the host on the WAN. Local This refers to the packet address (source or destination) as the packet travels on the LAN. Global This refers to the packet address (source or destination) as the packet travels on the WAN.
Chapter 10 Network Address Translation (NAT) Figure 63 How NAT Works NAT Table LAN Inside Local IP Address 192.168.1.10 192.168.1.11 192.168.1.12 192.168.1.13 192.168.1.13 192.168.1.12 SA SA 192.168.1.10 IGA1 Inside Local Address (ILA) 192.168.1.11 Inside Global IP Address IGA 1 IGA 2 IGA 3 IGA 4 WAN Inside Global Address (IGA) 192.168.1.
Chapter 10 Network Address Translation (NAT) 140 FMG3024-D10A / FMG3025-D10A Series User’s Guide
C HAPTER 11 Dynamic DNS 11.1 Overview This chapter discusses how to configure your Device to use Dynamic DNS. Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in applications such as NetMeeting and CU-SeeMe). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.
Chapter 11 Dynamic DNS The following table describes the fields in this screen. Table 34 Network Setting > DNS LABEL DESCRIPTION Dynamic DNS Configuration Active Dynamic DNS Select this check box to use dynamic DNS. Service Provider Select the name of your Dynamic DNS service provider. Dynamic DNS Type Select the type of service that you are registered for from your Dynamic DNS service provider. Host Name Type the domain name assigned to your Device by your Dynamic DNS provider.
C HAPTER 12 Interface Group 12.1 Overview By default, all LAN and WAN interfaces on the Device are in the same group and can communicate with each other. Create interface groups to have the Device assign the IP addresses in different domains to different groups. Each group acts as an independent network on the Device. This lets devices connected to an interface group’s LAN interfaces communicate through the interface group’s WAN or LAN interfaces but not other WAN or LAN interfaces. 12.
Chapter 12 Interface Group The following table describes the fields in this screen. Table 35 Network Setting > Interface Group LABEL DESCRIPTION Add New Interface Group Click this button to create a new interface group. Group Name This shows the descriptive name of the group. WAN Interface This shows the WAN interfaces in the group. LAN Interfaces This shows the LAN interfaces in the group. Criteria This shows the filtering criteria for the group.
C HAPTER 13 Firewall 13.1 Overview Use the Device firewall screens to enable and configure the firewall that protects your Device and network from attacks by hackers on the Internet and control access to it. By default the firewall: • Allows traffic that originates from your LAN computers to go to all other networks. • Blocks traffic that originates on other networks from going to the LAN. The following figure illustrates the default firewall action.
Chapter 13 Firewall It is designed to protect against Denial of Service (DoS) attacks when activated. The Device's purpose is to allow a private Local Area Network (LAN) to be securely connected to the Internet. The Device can be used to prevent theft, destruction and modification of data, as well as log events, which may be important to the security of your network. The Device is installed between the LAN and a broadband modem connecting to the Internet.
Chapter 13 Firewall The following table describes the labels in this screen. Table 37 Security > Firewall > General LABEL DESCRIPTION Firewall Select Enable to activate the firewall. The Device performs access control and protects against Denial of Service (DoS) attacks when the firewall is activated. Easy, Medium, High Select Easy to have the firewall allow both LAN-to-WAN and WAN-to-LAN traffic to flow through the Device.
Chapter 13 Firewall 13.3.1 The Add New Services Entry Screen Use this screen to configure a service that you want to use in an ACL rule in the Security > Firewall > Access Control > Add New ACL Rule/Edit screen. To access this screen, click Security > Firewall > Services and then the Add New Service Entry button. Figure 71 Security > Firewall > Services > Add New Service Entry Each field is described in the following table.
Chapter 13 Firewall Each field is described in the following table. Table 40 Security > Firewall > Access Control LABEL DESCRIPTION Add new ACL rule Click this to go to add a filter rule for incoming or outgoing IP traffic. Name This displays the name of the rule. Src IP This displays the source IP addresses to which this rule applies. Please note that a blank source address is equivalent to Any. Dst IP This displays the destination IP addresses to which this rule applies.
Chapter 13 Firewall Each field is described in the following table. Table 41 Security > Firewall > Access Control > Add New ACL Rule/Edit LABEL DESCRIPTION Filter Name Enter a descriptive name of up to 16 alphanumeric characters, not including spaces, underscores, and dashes. You must enter the filter name to add an ACL rule. This field is read-only if you are editing the ACL rule.
Chapter 13 Firewall 13.5 The DoS Screen Click Security > Firewall > DoS to display the following screen. Use this screen to enable or disable Denial of Service (DoS) protection. Figure 74 Security > Firewall > DoS Each field is described in the following table.
Chapter 13 Firewall 13.6.2 Security Considerations Note: Incorrectly configuring the firewall may block valid access or introduce security risks to the Device and your protected network. Use caution when creating or deleting firewall rules and test your rules after you configure them.
C HAPTER 14 MAC Filter 14.1 Overview This chapter discusses MAC address filtering. You can configure the Device to permit access to clients based on their MAC addresses in the MAC Filter screen. 14.1.1 What You Need to Know Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. You need to know the MAC address of the devices to configure this screen. 14.
Chapter 14 MAC Filter The following table describes the labels in this menu. Table 43 Security > MAC Filter LABEL DESCRIPTION MAC Address Filter Select Enable to activate MAC address filtering. Set This is the index number of the MAC address. Allow Select Allow to permit access to the Device. MAC addresses not listed will be denied access to the Device. If you clear this, the MAC Address field for this set clears.
C HAPTER 15 Parental Control 15.1 Overview Parental control allows you to block web sites with the specific URL. You can also define time periods and days during which the Device performs parental control on a specific user. 15.2 The Parental Control Screen Use this screen to enable parental control, view the parental control rules and schedules. Click Security > Parental Control to open the following screen. Figure 76 Security > Parental Control The following table describes the fields in this screen.
Chapter 15 Parental Control Table 44 Parental Control > Parental Control (continued) LABEL DESCRIPTION Website Blocked This shows whether the website block is configured. If not, None will be shown. Modify Click the Edit icon to go to the screen where you can edit the rule. Click the Delete icon to delete an existing rule. Add Click Add to create a new schedule. Apply Click Apply to save your changes back to the Device. 15.2.
Chapter 15 Parental Control Table 45 Add/Edit Parental Control Rule (continued) LABEL DESCRIPTION Parental Control Profile Name Enter a descriptive name for the rule. Home Network User Select the LAN user that you want to apply this rule to from the drop-down list box. If you select Custom, enter the LAN user’s MAC address. If you select All, the rule applies to all LAN users. Internet Access Schedule Day Select check boxes for the days that you want the Device to perform parental control.
Chapter 15 Parental Control 158 FMG3024-D10A / FMG3025-D10A Series User’s Guide
C HAPTER 16 Certificates 16.1 Overview The Device can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication. 16.1.1 What You Can Do in this Chapter • Use the Local Certificates screen to view and import the Device’s CA-signed certificates (Section 16.2 on page 161).
Chapter 16 Certificates The Device uses certificates based on public-key cryptology to authenticate users attempting to establish a connection. The method used to secure the data that you send through an established connection depends on the type of connection. For example, a VPN tunnel might use the triple DES encryption algorithm. The certification authority uses its private key to sign certificates. Anyone can then use the certification authority’s public key to verify the certificates.
Chapter 16 Certificates You can use a certificate’s fingerprint to verify it. A certificate’s fingerprint is a message digest calculated using the MD5 or SHA1 algorithms. The following procedure describes how to check a certificate’s fingerprint to verify that you have the actual certificate. 1 Browse to where you have the certificate saved on your computer. 2 Make sure that the certificate has a “.cer” or “.crt” file name extension.
Chapter 16 Certificates • SIP TLS - This certificate secures VoIP connections. • SSH/SCP/SFTP - This certificate secures remote connections. Click Security > Certificates to open the Local Certificates screen. Figure 80 Security > Certificates > Local Certificates The following table describes the labels in this screen. Table 46 Security > Certificates > Local Certificates LABEL DESCRIPTION WebServer Click Browse... to find the certificate file you want to upload.
Chapter 16 Certificates 16.3 Trusted CA Use this screen to view a summary list of certificates of the certification authorities that you have set the Device to accept as trusted. The Device accepts any valid certificate signed by a certification authority on this list as being trustworthy; thus you do not need to import any certificate that is signed by one of these certification authorities. Click Security > Certificates > Trusted CA to open the Trusted CA screen.
Chapter 16 Certificates Figure 82 Trusted CA > Import The following table describes the labels in this screen. Table 48 Security > Certificates > Trusted CA > Import LABEL DESCRIPTION Certificate File Path Type in the location of the file you want to upload in this field or click Browse to find it. Browse Click Browse to find the certificate file you want to upload. Apply Click Apply to save the certificate on the Device. Back Click Back to return to the previous screen. 16.
Chapter 16 Certificates The following table describes the labels in this screen. Table 49 Trusted CA: View LABEL DESCRIPTION Certificate Name This field displays the identifying name of this certificate. If you want to change the name, type up to 31 characters to identify this key certificate. You may use any character (not including spaces). Certificate Detail This read-only text box displays the certificate or certification request in Privacy Enhanced Mail (PEM) format.
Chapter 16 Certificates 166 FMG3024-D10A / FMG3025-D10A Series User’s Guide
C HAPTER 17 VPN 17.1 Overview A virtual private network (VPN) provides secure communications over the the Internet. Internet Protocol Security (IPSec) is a standards-based VPN that provides confidentiality, data integrity, and authentication. This chapter shows you how to configure the Device’s VPN settings. 17.2 IPSec VPN 17.2.1 The General Screen Use this screen to view and manage your VPN tunnel policies. The following figure helps explain the main fields in the web configurator.
Chapter 17 VPN This screen contains the following fields: Table 50 IPSec VPN LABEL DESCRIPTION Add New Tunnel Click this button to add an item to the list. # This is the VPN policy index number. Active This displays if the VPN policy is enabled. Tunnel Name The name of the VPN connection. Local Address This displays the IP address of the Device. Remote Address This displays the IP address of the remote IPSec router.
Chapter 17 VPN Figure 86 IPSec VPN: Add FMG3024-D10A / FMG3025-D10A Series User’s Guide 169
Chapter 17 VPN This screen contains the following fields: Table 51 IPSec VPN: Add LABEL DESCRIPTION IPSEC Setup Active Select Active to activate this VPN policy. NAT Traversal Select this if any of these conditions are satisfied. • This IKE SA might be used to negotiate IPSec SAs that use ESP as the active protocol. • There are one or more NAT routers between the Device and remote IPSec router, and these routers do not support IPSec pass-thru or a similar feature.
Chapter 17 VPN Table 51 IPSec VPN: Add LABEL Content DESCRIPTION When you select IP in the Local ID field, type the IP address of your computer in the Content field. If you configure the Content field to 0.0.0.0 or leave it blank, the Device automatically uses the Pre-Share Key (refer to the PreShare Key field description). It is recommended that you type an IP address other than 0.0.0.0 in the Content field or use the DNS or E-mail ID type in the following situations.
Chapter 17 VPN Table 51 IPSec VPN: Add LABEL DESCRIPTION Authentication Algorithm Select which hash algorithm to use to authenticate packet data. Choices are MD5, SHA1, SHA2-256 and SHA2-512. SHA is generally considered stronger than MD5, but it is also slower. DH Select which Diffie-Hellman key group you want to use for encryption keys.
Chapter 17 VPN Table 51 IPSec VPN: Add LABEL Perfect Forward Secrecy (PFS) DESCRIPTION Select whether or not you want to enable Perfect Forward Secrecy (PFS) PFS changes the root key that is used to generate encryption keys for each IPSec SA. The longer the key, the more secure the encryption, but also the longer it takes to encrypt and decrypt information. Both routers must use the same DH key group.
Chapter 17 VPN Figure 88 IPSec Architecture IPSec Algorithms The ESP (Encapsulating Security Payload) Protocol (RFC 2406) and AH (Authentication Header) protocol (RFC 2402) describe the packet formats and the default standards for packet structure (including implementation algorithms). The Encryption Algorithm describes the use of encryption techniques such as DES (Data Encryption Standard) and Triple DES algorithms.
Chapter 17 VPN Figure 89 Transport and Tunnel Mode IPSec Encapsulation Transport Mode Transport mode is used to protect upper layer protocols and only affects the data in the IP packet. In Transport mode, the IP packet contains the security protocol (AH or ESP) located after the original IP header and options, but before any upper layer protocols contained in the packet (such as TCP and UDP). With ESP, protection is applied only to the upper layer protocols contained in the packet.
Chapter 17 VPN Figure 90 Two Phases to Set Up the IPSec SA In phase 1 you must: • Choose a negotiation mode. • Authenticate the connection by entering a pre-shared key. • Choose an encryption algorithm. • Choose an authentication algorithm. • Choose a Diffie-Hellman public-key cryptography key group. • Set the IKE SA lifetime. This field allows you to determine how long an IKE SA should stay up before it times out. An IKE SA times out when the IKE SA lifetime period expires.
Chapter 17 VPN • Aggressive Mode is quicker than Main Mode because it eliminates several steps when the communicating parties are negotiating authentication (phase 1). However the trade-off is that faster speed limits its negotiating power and it also does not provide identity protection. It is useful in remote access situations where the address of the initiator is not know by the responder and both parties want to use pre-shared key authentication. 17.3.
Chapter 17 VPN Figure 91 NAT Router Between IPSec Routers B A Normally you cannot set up an IKE SA with a NAT router between the two IPSec routers because the NAT router changes the header of the IPSec packet. NAT traversal solves the problem by adding a UDP port 500 header to the IPSec packet. The NAT router forwards the IPSec packet with the UDP port 500 header unchanged.
Chapter 17 VPN The type of ID can be a domain name, an IP address or an e-mail address. The content is the IP address, domain name, or e-mail address. Table 55 Local ID Type and Content Fields LOCAL ID TYPE= CONTENT= IP Type the IP address of your computer. DNS Type a domain name (up to 31 characters) by which to identify this Device. E-mail Type an e-mail address (up to 31 characters) by which to identify this Device.
Chapter 17 VPN 180 FMG3024-D10A / FMG3025-D10A Series User’s Guide
C HAPTER 18 VoIP 18.1 Overview Use this chapter to: • Connect an analog phone to the Device. • Make phone calls over the Internet, as well as the regular phone network. • Configure settings such as speed dial. • Configure network settings to optimize the voice quality of your phone calls. 18.1.1 What You Can Do in this Chapter These screens allow you to configure your Device to make phone calls over the Internet and your regular phone line, and to set up the phones you connect to the Device.
Chapter 18 VoIP SIP SIP stands for Session Initiation Protocol. SIP is a signalling standard that lets one network device (like a computer or the Device) send messages to another. In VoIP, these messages are about phone calls over the network. For example, when you dial a number on your Device, it sends a SIP message over the network asking the other device (the number you dialed) to take part in the call. SIP Accounts A SIP account is a type of VoIP account.
Chapter 18 VoIP • You should have the information your VoIP service provider gave you ready, before you start to configure the Device. 18.2 The SIP Service Provider Screen Use this screen to configure the SIP server information, QoS for VoIP calls, the numbers for certain phone functions and dialing plan. Click VoIP > SIP to open the SIP Service Provider screen. Note: Click more... to see all the fields in the screen. You don’t necessarily need to use all these fields to set up your account.
Chapter 18 VoIP Figure 93 VoIP > SIP > SIP Service Provider (continued) The following table describes the labels in this screen. Table 58 VoIP > SIP > SIP Service Provider LABEL DESCRIPTION SIP Service Provider Selection Service Provider Selection Select the SIP service provider profile you want to use for the SIP account you configure in this screen. If you change this field, the screen automatically refreshes.
Chapter 18 VoIP Table 58 VoIP > SIP > SIP Service Provider (continued) LABEL DESCRIPTION SIP Local Port Enter the Device’s listening port number, if your VoIP service provider gave you one. Otherwise, keep the default value. Main SIP Server Address Enter the IP address or domain name of the SIP server provided by your VoIP service provider. You can use up to 95 printable ASCII characters. It does not matter whether the SIP server is a proxy, redirect or register server.
Chapter 18 VoIP Table 58 VoIP > SIP > SIP Service Provider (continued) LABEL DESCRIPTION Start Port Enter the listening port number(s) for RTP traffic, if your VoIP service provider gave you this information. Otherwise, keep the default values. End Port To enter one port number, enter the port number in the Start Port and End Port fields. To enter a range of ports, • • DTMF Mode enter the port number at the beginning of the range in the Start Port field.
Chapter 18 VoIP Table 58 VoIP > SIP > SIP Service Provider (continued) LABEL DESCRIPTION Min-SE Enter the minimum number of seconds the Device lets a SIP session remain idle (without traffic) before it automatically disconnects the session. When two SIP devices start a SIP session, they must agree on an expiration time for idle sessions. This field is the shortest expiration time that the Device accepts.
Chapter 18 VoIP Table 58 VoIP > SIP > SIP Service Provider (continued) LABEL DESCRIPTION Do Not Disturb Disable This code is used to turn the Do Not Disturb feature off. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. 18.3 The SIP Account Screen The Device uses a SIP account to make outgoing VoIP calls and check if an incoming call’s destination number matches your SIP account’s SIP number.
Chapter 18 VoIP Figure 95 SIP Account Add/Edit Each field is described in the following table. Table 60 SIP Account Edit LABEL DESCRIPTION SIP Service Provider Selection Service Provider Selection Select the SIP service provider profile you want to use for the SIP account you configure in this screen. This field is view-only if you are editing the SIP account. SIP Account Selection SIP Account Selection This shows the SIP account you are configuring.
Chapter 18 VoIP Table 60 SIP Account Edit (continued) LABEL DESCRIPTION SIP Account Select the Active SIP Account check box if you want to use this account. Clear it if you do not want to use this account. SIP Account Number Enter your SIP number. In the full SIP URI, this is the part before the @ symbol. You can use up to 127 printable ASCII characters. Authentication Username Enter the user name for registering this SIP account, exactly as it was given to you.
Chapter 18 VoIP Table 60 SIP Account Edit (continued) LABEL DESCRIPTION Active Call Waiting Select this to enable call waiting on the Device. This allows you to place a call on hold while you answer another incoming call on the same telephone (directory) number. Active Call Waiting Reject Time Specify a time of seconds that the Device waits before rejecting the second call if you do not answer it.
Chapter 18 VoIP 18.5 Phone Screen Use this screen to control which SIP accounts and PSTN line each phone uses. Click VoIP > Phone to access the Phone Device screen. Figure 96 VoIP > Phone > Phone Device The following table describes the labels in this screen. Table 61 VoIP > Phone > Phone Device LABEL DESCRIPTION # This is the index number of the entry. Phone ID This is the phone device number. Outgoing SIP Number This is the outgoing SIP number of the phone device.
Chapter 18 VoIP The following table describes the labels in this screen. Table 62 Phone Device: Edit LABEL DESCRIPTION SIP Account to Make Outgoing Call SIP Account Select the SIP account you want to use when making outgoing calls with the analog phone connected to this phone port. SIP Number This shows the SIP account number. SIP Account(s) to Receive Incoming Call SIP Account Select a SIP account if you want to receive phone calls for the selected SIP account on this phone port.
Chapter 18 VoIP Each field is described in the following table. Table 63 VoIP > Call Rule LABEL DESCRIPTION Speed Dial Use this section to create or edit speed-dial entries. # Select the speed-dial number you want to use for this phone number. Number Enter the SIP number you want the Device to call when you dial the speed-dial number. Description Enter a short description to identify the party you call when you dial the speeddial number. You can use up to 127 printable ASCII characters.
Chapter 18 VoIP SIP signaling is separate from the media for which it handles sessions. The media that is exchanged during the session can use a different path from that of the signaling. SIP handles telephone calls and can interface with traditional circuit-switched telephone networks. SIP Identities A SIP account uses an identity (sometimes referred to as a SIP address). A complete SIP identity is called a SIP URI (Uniform Resource Identifier).
Chapter 18 VoIP SIP Servers SIP is a client-server protocol. A SIP client is an application program or device that sends SIP requests. A SIP server responds to the SIP requests. When you use SIP to make a VoIP call, it originates at a client and terminates at a server. A SIP client could be a computer or a SIP phone. One device can act as both a SIP client and a SIP server. SIP User Agent A SIP user agent can make and receive VoIP telephone calls.
Chapter 18 VoIP Figure 100 SIP Proxy Server B 1 2 A C SIP Redirect Server A SIP redirect server accepts SIP requests, translates the destination address to an IP address and sends the translated IP address back to the device that sent the request. Then the client device that originally sent the request can send requests to the IP address that it received back from the redirect server. Redirect servers do not initiate SIP requests.
Chapter 18 VoIP Figure 101 SIP Redirect Server 1 2 A 3 B C SIP Register Server A SIP register server maintains a database of SIP identity-to-IP address (or domain name) mapping. The register server checks your user name and password when you register. RTP When you make a VoIP call using SIP, the RTP (Real time Transport Protocol) is used to handle voice data transfer. See RFC 3550 for details on RTP.
Chapter 18 VoIP 1 A sends a SIP INVITE request to B. This message is an invitation for B to participate in a SIP telephone call. 2 B sends a response indicating that the telephone is ringing. 3 B sends an OK response after the call is answered. 4 A then sends an ACK message to acknowledge that B has answered the call. 5 Now A and B exchange voice media (talk). 6 After talking, A hangs up and sends a BYE request.
Chapter 18 VoIP Type of Service (ToS) Network traffic can be classified by setting the ToS (Type of Service) values at the data source (for example, at the Device) so a server can decide the best method of delivery, that is the least cost, fastest route and so on. DiffServ DiffServ is a class of service (CoS) model that marks packets so that they receive specific per-hop treatment at DiffServ-compliant network devices along the route based on the application types and traffic flow.
Chapter 18 VoIP • Call Hold • Call Waiting • Making a Second Call • Call Transfer • Three-Way Conference • Internal Calls • Do not Disturb Note: To take full advantage of the supplementary phone services available through the Device's phone ports, you may need to subscribe to the services from your VoIP service provider. The Flash Key Flashing means to press the hook for a short period of time (a few hundred milliseconds) before releasing it.
Chapter 18 VoIP European Call Hold Call hold allows you to put a call (A) on hold by pressing the flash key. If you have another call, press the flash key and then “2” to switch back and forth between caller A and B by putting either one on hold. Press the flash key and then “0” to disconnect the call presently on hold and keep the current call on line. Press the flash key and then “1” to disconnect the current call and resume the call on hold.
Chapter 18 VoIP 3 When the second call is answered, press the flash key and press “3” to create a three-way conversation. 4 Hang up the phone to drop the connection. 5 If you want to separate the activated three-way conference into two individual connections (one is on-line, the other is on hold), press the flash key and press “2”.
Chapter 18 VoIP 204 FMG3024-D10A / FMG3025-D10A Series User’s Guide
C HAPTER 19 Logs 19.1 Overview The web configurator allows you to choose which categories of events and/or alerts to have the Device log and then display the logs or have the Device send them to an administrator (as e-mail) or to a syslog server. 19.1.1 What You Can Do in this Chapter • Use the System Log screen to see the system logs for the categories that you select (Section 19.2 on page 206). • Use the Phone Log screen to view phone logs and alert messages (Section 19.3 on page 207).
Chapter 19 Logs Table 66 Syslog Severity Levels CODE SEVERITY 3 Error: There is an error condition on the system. 4 Warning: There is a warning condition on the system. 5 Notice: There is a normal but significant condition on the system. 6 Informational: The syslog contains an informational message. 7 Debug: The message is intended for debug-level purposes. 19.2 The System Log Screen Click System Monitor > Log to open the System Log screen.
Chapter 19 Logs 19.3 The Phone Log Screen Click System Monitor > Log to open the Phone Log screen. Use this screen to view phone logs and alert messages. You can select the type of log and level of severity to display. Figure 104 System Monitor > Log > Phone Log The following table describes the fields in this screen. Table 68 System Monitor > Log > Phone Log LABEL DESCRIPTION Select a category of logs to view from the drop-down list box. select All Logs to view all logs.
Chapter 19 Logs The following table describes the fields in this screen. Table 69 System Monitor > Log > VoIP Call History LABEL DESCRIPTION Select a category of call records to view from the drop-down list box. select All Call History to view all call records. 208 Refresh Click this to renew the log screen. Clear Logs Click this to delete all the logs. # This field is a sequential value and is not associated with a specific entry. Time This field displays the time the call was recorded.
C HAPTER 20 Traffic Status 20.1 Overview Use the Traffic Status screens to look at network traffic status and statistics of the WAN, LAN interfaces and NAT. 20.1.1 What You Can Do in this Chapter • Use the WAN screen to view the WAN traffic statistics (Section 20.2 on page 209) . • Use the LAN screen to view the LAN traffic statistics (Section 20.3 on page 210). • Use the NAT screen to view the NAT status of the Device’s client(s) (Section 20.4 on page 211).
Chapter 20 Traffic Status The following table describes the fields in this screen. Table 70 System Monitor > Traffic Status > WAN LABEL DESCRIPTION Status This shows the number of bytes received and sent through the WAN interface of the Device. Refresh Interval Select how often you want the Device to update this screen from the drop-down list box. Connected Interface This shows the name of the WAN interface that is currently connected.
Chapter 20 Traffic Status Table 71 System Monitor > Traffic Status > LAN (continued) LABEL DESCRIPTION Data This indicates the number of transmitted packets on this interface. Error This indicates the number of frames with errors transmitted on this interface. Drop This indicates the number of outgoing packets dropped on this interface. Received (Packet) Data This indicates the number of received packets on this interface.
Chapter 20 Traffic Status Figure 109 System Monitor > Traffic Status > 3G Backup The following table describes the fields in this screen. Table 73 System Monitor > Traffic Status > 3G backup LABEL DESCRIPTION Status This shows the number of bytes received and sent through the 3G interface of the Device. Refresh Interval Select how often you want the Device to update this screen from the drop-down list box.
Chapter 20 Traffic Status Figure 110 System Monitor > VoIP Status The following table describes the fields in this screen. Table 74 System Monitor > VoIP Status LABEL DESCRIPTION Refresh Interval Select how often you want the Device to update this screen from the drop-down list box. SIP Status Account This column displays each SIP account in the Device. Registration This field displays the current registration status of the SIP account. You can change this in the Status screen.
Chapter 20 Traffic Status Table 74 System Monitor > VoIP Status (continued) LABEL DESCRIPTION Status This field displays the current state of the phone call. Idle - There are no current VoIP calls, incoming calls or outgoing calls being made. Dial - The callee’s phone is ringing. Ring - The phone is ringing for an incoming VoIP call. Process - There is a VoIP call in progress. DISC - The callee’s line is busy, the callee hung up or your phone was left off the hook.
C HAPTER 21 User Account 21.1 Overview You can configure system password for different user accounts in the User Account screen. 21.2 The User Account Screen Use the User Account screen to configure system password. Click Maintenance > User Account to open the following screen. Figure 111 Maintenance > User Account The following table describes the labels in this screen.
Chapter 21 User Account 216 FMG3024-D10A / FMG3025-D10A Series User’s Guide
C HAPTER 22 Remote MGMT 22.1 Overview Remote MGMT allows you to manage your Device from a remote location through the following interfaces: • LAN • WAN only Note: The Device is managed using the web configurator. 22.1.1 What You Need to Know The following terms and concepts may help as you read this chapter TR-064 TR-064 is a LAN-Side DSL CPE Configuration protocol defined by the DSL Forum. TR-064 is built on top of UPnP.
Chapter 22 Remote MGMT Figure 112 Maintenance > Remote MGMT The following table describes the fields in this screen. Table 76 Maintenance > Remote MGMT 218 LABEL DESCRIPTION Services This is the service you may use to access the Device. LAN Select the Enable check box for the corresponding services that you want to allow access to the Device from the LAN. WAN Select the Enable check box for the corresponding services that you want to allow access to the Device from the WAN.
C HAPTER 23 SNMP 23.1 Overview This chapter explains how to configure the SNMP settings on the Device. 23.2 The SNMP Screen Simple Network Management Protocol is a protocol used for exchanging management information between network devices. Your Device supports SNMP agent functionality, which allows a manager station to manage and monitor the Device through the network. The Device supports SNMP version one (SNMPv1) and version two (SNMPv2c). The next figure illustrates an SNMP management operation.
Chapter 23 SNMP The managed devices contain object variables/managed objects that define each piece of information to be collected about a device. Examples of variables include such as number of packets received, node port status etc. A Management Information Base (MIB) is a collection of managed objects. SNMP allows a manager and agents to communicate for the purpose of accessing these objects. SNMP itself is a simple request/response protocol based on the manager/agent model.
C HAPTER 24 System 24.1 Overview You can configure system settings, including the host name, domain name and the inactivity timeout interval in the System screen. 24.1.1 What You Need to Know The following terms and concepts may help as you read this chapter. Domain Name This is a network address that identifies the owner of a network connection. For example, in the network address “www.zyxel.com/support/files”, the domain name is “www.zyxel.com”. 24.
Chapter 24 System The following table describes the labels in this screen. Table 78 Maintenance > System LABEL DESCRIPTION Host Name Choose a descriptive name for identification purposes. It is recommended you enter your computer’s “Computer name” in this field. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes “-” and underscores "_" are accepted. Domain Name Enter the domain name (if you know it) here.
C HAPTER 25 Time Setting 25.1 Overview You can configure the system’s time and date in the Time Setting screen. 25.2 The Time Setting Screen To change your Device’s time and date, click Maintenance > Time. The screen appears as shown. Use this screen to configure the Device’s time based on your local time zone. Figure 116 Maintenance > Time Setting The following table describes the fields in this screen.
Chapter 25 Time Setting Table 79 Maintenance > System > Time Setting (continued) LABEL DESCRIPTION Daylight Savings Daylight saving is a period from late spring to early fall when many countries set their clocks ahead of normal local time by one hour to give more daytime light in the evening.Select this option if you use Daylight Saving Time. Start Date Configure the day and time when Daylight Saving Time starts if you selected Daylight Savings. The o'clock field uses the 24 hour format.
C HAPTER 26 Log Setting 26.1 Overview You can configure where the Device sends logs and which logs and/or immediate alerts the Device records in the Log Setting screen. 26.2 The Log Setting Screen To change your Device’s log settings, click Maintenance > Log Setting. The screen appears as shown.
Chapter 26 Log Setting The following table describes the fields in this screen. Table 80 Maintenance > Log Setting LABEL DESCRIPTION Syslog Setting Syslog Logging The Device sends a log to an external syslog server. Select the Enable check box to enable syslog logging. Syslog Server Enter the server name or IP address of the syslog server that will log the selected categories of logs. UDP Port Enter the port number used by the syslog server.
C HAPTER 27 Firmware Upgrade 27.1 Overview This chapter explains how to upload new firmware to your Device. You can download new firmware releases from your nearest ZyXEL FTP site (or www.zyxel.com) to use to upgrade your device’s performance. Only use firmware for your device’s specific model. Refer to the label on the bottom of your Device. 27.2 The Firmware Upgrade Screen Click Maintenance > Firmware Upgrade to open the following screen.
Chapter 27 Firmware Upgrade Figure 119 Firmware Uploading The Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 120 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen. If the upload was not successful, an error screen will appear. Click OK to go back to the Firmware Upgrade screen.
C HAPTER 28 Backup/Restore 28.1 Overview The Backup/Restore screen allows you to backup and restore device configurations. You can also reset your device settings back to the factory default. 28.2 The Backup/Restore Screen Click Maintenance > Backup/Restore. Information related to factory defaults, backup configuration, and restoring configuration appears in this screen, as shown next.
Chapter 28 Backup/Restore Restore Configuration Restore Configuration allows you to upload a new or previously saved configuration file from your computer to your Device. Table 82 Restore Configuration LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ... to find it. Browse... Click this to find the file you want to upload. Remember that you must decompress compressed (.ZIP) files before you can upload them.
Chapter 28 Backup/Restore Figure 125 Reset In Process Message You can also press the RESET button on the back panel to reset the factory defaults of your Device. Refer to Section 1.5 on page 17 for more information on the RESET button. 28.3 The Reboot Screen System restart allows you to reboot the Device remotely without turning the power off. You may need to do this if the Device hangs, for example. Click Maintenance > Reboot. Click the Reboot button to have the Device reboot.
Chapter 28 Backup/Restore 232 FMG3024-D10A / FMG3025-D10A Series User’s Guide
C HAPTER 29 Diagnostic 29.1 Overview You can use different diagnostic methods to test a connection and see the detailed information. These read-only screens display information to help you identify problems with the Device. 29.2 The Ping/TraceRoute Screen Ping and traceroute help check availability of remote hosts and also help troubleshoot network or Internet connections. Click Maintenance > Diagnostic to open the Ping/TraceRoute screen shown next.
Chapter 29 Diagnostic 234 FMG3024-D10A / FMG3025-D10A Series User’s Guide
C HAPTER 30 Auto Provision 30.1 Overview You can use auto provision to automatically update the configuration settings on the Device. The Auto Provision feature uses the http protocol with encryption, and can be used to upgrade firmware or configuration information to the Device. The device must access an Auto Provision server. In the figure below, three different Devices (ZD1, ZD2, ZD3) are controlled by auto provision server S. Figure 127 Auto Provision S ZD1 ZD2 ZD3 30.
Chapter 30 Auto Provision The following table describes the fields in this screen. Table 84 Maintenance > Auto Provision 236 LABEL DESCRIPTION Auto Provision Enable or disable auto provision. Directory Enter the directory path where the auto provision file is located. Auto Provision Server Enter the IP address of the auto provision server. Server Port Enter the port number used by the auto provision server. Retry Count Enter the number of times to retry auto provisioning.
C HAPTER 31 Troubleshooting 31.1 Overview This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • Device Access and Login • Internet Access • Phone Calls and VoIP • USB Device Connection • UPnP 31.2 Power, Hardware Connections, and LEDs The Device does not turn on. None of the LEDs turn on. 1 Make sure the Device is turned on.
Chapter 31 Troubleshooting 4 Turn the Device off and on. 5 If the problem continues, contact the vendor. 31.3 Device Access and Login I forgot the IP address for the Device. 1 The default IP address is 192.168.1.1. 2 If you changed the IP address and have forgotten it, you might get the IP address of the Device by looking up the IP address of the default gateway for your computer. To do this in most Windows computers, click Start > Run, enter cmd, and then enter ipconfig.
Chapter 31 Troubleshooting 4 Reset the device to its factory defaults, and try to access the Device with the default IP address. See Section 1.5 on page 17. 5 If the problem continues, contact the network administrator or vendor, or try one of the advanced suggestions. Advanced Suggestions • Try to access the Device using another service, such as Telnet. If you can access the Device, check the remote management settings and firewall rules to find out why the Device does not respond to HTTP.
Chapter 31 Troubleshooting 31.4 Internet Access I cannot access the Internet. 1 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide. 2 Make sure you entered your ISP account information correctly. These fields are case-sensitive, so make sure [Caps Lock] is not on. 3 Disconnect all the cables from your device, and follow the directions in the Quick Start Guide again. 4 If the problem continues, contact your ISP.
Chapter 31 Troubleshooting • Check the settings for QoS. If it is disabled, you might consider activating it. If it is enabled, you might consider raising or lowering the priority for some applications. 31.5 Phone Calls and VoIP The telephone port won’t work or the telephone lacks a dial tone. 1 Check the telephone connections and telephone wire. I can access the Internet, but cannot make VoIP calls. 1 The PHONE light should come on. Make sure that your telephone is connected to the PHONE port.
Chapter 31 Troubleshooting 31.7 UPnP When using UPnP and the Device reboots, my computer cannot detect UPnP and refresh My Network Places > Local Network. 1 Disconnect the Ethernet cable from the Device’s LAN port or from your computer. 2 Re-connect the Ethernet cable. The Local Area Connection icon for UPnP disappears in the screen. Restart your computer. I cannot open special applications such as white board, file transfer and video when I use the MSN messenger.
A PPENDIX A IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (such as computers, servers, routers, and printers) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
Appendix A IP Addresses and Subnetting Figure 129 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation). The term “subnet” is short for “sub-network”. A subnet mask has 32 bits.
Appendix A IP Addresses and Subnetting Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks. Table 86 Subnet Masks BINARY DECIMAL 1ST OCTET 2ND OCTET 3RD OCTET 4TH OCTET 8-bit mask 11111111 00000000 00000000 00000000 255.0.0.0 16-bit mask 11111111 11111111 00000000 00000000 255.255.0.0 24-bit mask 11111111 11111111 11111111 00000000 255.255.255.
Appendix A IP Addresses and Subnetting Table 88 Alternative Subnet Mask Notation (continued) SUBNET MASK ALTERNATIVE NOTATION LAST OCTET (BINARY) LAST OCTET (DECIMAL) 255.255.255.240 /28 1111 0000 240 255.255.255.248 /29 1111 1000 248 255.255.255.252 /30 1111 1100 252 Subnetting You can use subnetting to divide one network into multiple sub-networks.
Appendix A IP Addresses and Subnetting Figure 131 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 27 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address). 192.168.1.0 with mask 255.255.255.128 is subnet A itself, and 192.168.1.127 with mask 255.255.255.128 is its broadcast address.
Appendix A IP Addresses and Subnetting Table 90 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 64 IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.64 Lowest Host ID: 192.168.1.65 Broadcast Address: 192.168.1.127 Highest Host ID: 192.168.1.126 Table 91 Subnet 3 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1.
Appendix A IP Addresses and Subnetting Table 93 Eight Subnets (continued) SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BROADCAST ADDRESS 7 192 193 222 223 8 224 225 254 255 Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 94 24-bit Network Number Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 1 255.255.255.128 (/25) 2 126 2 255.255.255.192 (/26) 4 62 3 255.255.255.
Appendix A IP Addresses and Subnetting Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established.
Appendix A IP Addresses and Subnetting computer B which is a DHCP client. Neither can access the Internet. This problem can be solved by assigning a different static IP address to computer A or setting computer A to obtain an IP address automatically. Figure 132 Conflicting Computer IP Addresses Example Conflicting Router IP Addresses Example Since a router connects different networks, it must have interfaces using different network numbers.
Appendix A IP Addresses and Subnetting Figure 134 Conflicting Computer and Router IP Addresses Example 252 FMG3024-D10A / FMG3025-D10A Series User’s Guide
A PPENDIX B Setting Up Your Computer’s IP Address Note: Your specific Device may not support all of the operating systems described in this appendix. See the product specifications for more information about which operating systems are supported. This appendix shows you how to configure the IP settings on your computer in order for it to be able to communicate with the other devices on your network.
Appendix B Setting Up Your Computer’s IP Address Figure 135 Windows XP: Start Menu 2 In the Control Panel, click the Network Connections icon. Figure 136 Windows XP: Control Panel 3 Right-click Local Area Connection and then select Properties.
Appendix B Setting Up Your Computer’s IP Address 4 On the General tab, select Internet Protocol (TCP/IP) and then click Properties. Figure 138 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens.
Appendix B Setting Up Your Computer’s IP Address Figure 139 Windows XP: Internet Protocol (TCP/IP) Properties 6 Select Obtain an IP address automatically if your network administrator or ISP assigns your IP address dynamically. Select Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields if you have a static IP address that was assigned to you by your network administrator or ISP.
Appendix B Setting Up Your Computer’s IP Address Windows Vista This section shows screens from Windows Vista Professional. 1 Click Start > Control Panel. Figure 140 Windows Vista: Start Menu 2 In the Control Panel, click the Network and Internet icon. Figure 141 Windows Vista: Control Panel 3 Click the Network and Sharing Center icon. Figure 142 Windows Vista: Network And Internet 4 Click Manage network connections.
Appendix B Setting Up Your Computer’s IP Address Figure 143 Windows Vista: Network and Sharing Center 5 Right-click Local Area Connection and then select Properties. Figure 144 Windows Vista: Network and Sharing Center Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue. 6 258 Select Internet Protocol Version 4 (TCP/IPv4) and then select Properties.
Appendix B Setting Up Your Computer’s IP Address Figure 145 Windows Vista: Local Area Connection Properties 7 The Internet Protocol Version 4 (TCP/IPv4) Properties window opens.
Appendix B Setting Up Your Computer’s IP Address Figure 146 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 8 Select Obtain an IP address automatically if your network administrator or ISP assigns your IP address dynamically. Select Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields if you have a static IP address that was assigned to you by your network administrator or ISP.
Appendix B Setting Up Your Computer’s IP Address Windows 7 This section shows screens from Windows 7 Enterprise. 1 Click Start > Control Panel. Figure 147 Windows 7: Start Menu 2 In the Control Panel, click View network status and tasks under the Network and Internet category. Figure 148 Windows 7: Control Panel 3 Click Change adapter settings. Figure 149 Windows 7: Network And Sharing Center 4 Double click Local Area Connection and then select Properties.
Appendix B Setting Up Your Computer’s IP Address Figure 150 Windows 7: Local Area Connection Status Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue. 5 262 Select Internet Protocol Version 4 (TCP/IPv4) and then select Properties.
Appendix B Setting Up Your Computer’s IP Address Figure 151 Windows 7: Local Area Connection Properties 6 The Internet Protocol Version 4 (TCP/IPv4) Properties window opens.
Appendix B Setting Up Your Computer’s IP Address Figure 152 Windows 7: Internet Protocol Version 4 (TCP/IPv4) Properties 7 Select Obtain an IP address automatically if your network administrator or ISP assigns your IP address dynamically. Select Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields if you have a static IP address that was assigned to you by your network administrator or ISP.
Appendix B Setting Up Your Computer’s IP Address Figure 153 Windows 7: Internet Protocol Version 4 (TCP/IPv4) Properties Mac OS X: 10.3 and 10.4 The screens in this section are from Mac OS X 10.4 but can also apply to 10.3. 1 Click Apple > System Preferences. Figure 154 Mac OS X 10.4: Apple Menu 2 In the System Preferences window, click the Network icon.
Appendix B Setting Up Your Computer’s IP Address Figure 155 Mac OS X 10.4: System Preferences 3 When the Network preferences pane opens, select Built-in Ethernet from the network connection type list, and then click Configure. Figure 156 Mac OS X 10.4: Network Preferences 4 266 For dynamically assigned settings, select Using DHCP from the Configure IPv4 list in the TCP/IP tab.
Appendix B Setting Up Your Computer’s IP Address Figure 157 Mac OS X 10.4: Network Preferences > TCP/IP Tab. 5 For statically assigned settings, do the following: • From the Configure IPv4 list, select Manually. • In the IP Address field, type your IP address. • In the Subnet Mask field, type your subnet mask. • In the Router field, type the IP address of your device.
Appendix B Setting Up Your Computer’s IP Address Figure 158 Mac OS X 10.4: Network Preferences > Ethernet 6 Click Apply Now and close the window. Verifying Settings Check your TCP/IP properties by clicking Applications > Utilities > Network Utilities, and then selecting the appropriate Network Interface from the Info tab. Figure 159 Mac OS X 10.4: Network Utility Mac OS X: 10.5 The screens in this section are from Mac OS X 10.5.
Appendix B Setting Up Your Computer’s IP Address 1 Click Apple > System Preferences. Figure 160 Mac OS X 10.5: Apple Menu 2 In System Preferences, click the Network icon. Figure 161 Mac OS X 10.5: Systems Preferences 3 When the Network preferences pane opens, select Ethernet from the list of available connection types.
Appendix B Setting Up Your Computer’s IP Address Figure 162 Mac OS X 10.5: Network Preferences > Ethernet 4 From the Configure list, select Using DHCP for dynamically assigned settings. 5 For statically assigned settings, do the following: • From the Configure list, select Manually. • In the IP Address field, enter your IP address. • In the Subnet Mask field, enter your subnet mask. • In the Router field, enter the IP address of your Device.
Appendix B Setting Up Your Computer’s IP Address Figure 163 Mac OS X 10.5: Network Preferences > Ethernet 6 Click Apply and close the window. Verifying Settings Check your TCP/IP properties by clicking Applications > Utilities > Network Utilities, and then selecting the appropriate Network interface from the Info tab.
Appendix B Setting Up Your Computer’s IP Address Figure 164 Mac OS X 10.5: Network Utility Linux: Ubuntu 8 (GNOME) This section shows you how to configure your computer’s TCP/IP settings in the GNU Object Model Environment (GNOME) using the Ubuntu 8 Linux distribution. The procedure, screens and file locations may vary depending on your specific distribution, release version, and individual configuration. The following screens use the default Ubuntu 8 installation.
Appendix B Setting Up Your Computer’s IP Address Figure 166 Ubuntu 8: Network Settings > Connections 3 In the Authenticate window, enter your admin account name and password then click the Authenticate button. Figure 167 Ubuntu 8: Administrator Account Authentication 4 In the Network Settings window, select the connection that you want to configure, then click Properties.
Appendix B Setting Up Your Computer’s IP Address Figure 168 Ubuntu 8: Network Settings > Connections 5 The Properties dialog box opens. Figure 169 Ubuntu 8: Network Settings > Properties • In the Configuration list, select Automatic Configuration (DHCP) if you have a dynamic IP address. • In the Configuration list, select Static IP address if you have a static IP address. Fill in the IP address, Subnet mask, and Gateway address fields.
Appendix B Setting Up Your Computer’s IP Address Figure 170 Ubuntu 8: Network Settings > DNS 8 Click the Close button to apply the changes. Verifying Settings Check your TCP/IP properties by clicking System > Administration > Network Tools, and then selecting the appropriate Network device from the Devices tab. The Interface Statistics column shows data if your connection is working properly.
Appendix B Setting Up Your Computer’s IP Address Figure 171 Ubuntu 8: Network Tools Linux: openSUSE 10.3 (KDE) This section shows you how to configure your computer’s TCP/IP settings in the K Desktop Environment (KDE) using the openSUSE 10.3 Linux distribution. The procedure, screens and file locations may vary depending on your specific distribution, release version, and individual configuration. The following screens use the default openSUSE 10.3 installation.
Appendix B Setting Up Your Computer’s IP Address Figure 172 openSUSE 10.3: K Menu > Computer Menu 2 When the Run as Root - KDE su dialog opens, enter the admin password and click OK. Figure 173 openSUSE 10.3: K Menu > Computer Menu 3 When the YaST Control Center window opens, select Network Devices and then click the Network Card icon.
Appendix B Setting Up Your Computer’s IP Address Figure 174 openSUSE 10.3: YaST Control Center 4 When the Network Settings window opens, click the Overview tab, select the appropriate connection Name from the list, and then click the Configure button. Figure 175 openSUSE 10.
Appendix B Setting Up Your Computer’s IP Address Figure 176 openSUSE 10.3: Network Card Setup 6 Select Dynamic Address (DHCP) if you have a dynamic IP address. Select Statically assigned IP Address if you have a static IP address. Fill in the IP address, Subnet mask, and Hostname fields. 7 Click Next to save the changes and close the Network Card Setup window.
Appendix B Setting Up Your Computer’s IP Address Figure 177 openSUSE 10.3: Network Settings 9 Click Finish to save your settings and close the window. Verifying Settings Click the KNetwork Manager icon on the Task bar to check your TCP/IP properties. From the Options sub-menu, select Show Connection Information. Figure 178 openSUSE 10.3: KNetwork Manager When the Connection Status - KNetwork Manager window opens, click the Statistics tab to see if your connection is working properly.
Appendix B Setting Up Your Computer’s IP Address Figure 179 openSUSE: Connection Status - KNetwork Manager FMG3024-D10A / FMG3025-D10A Series User’s Guide 281
Appendix B Setting Up Your Computer’s IP Address 282 FMG3024-D10A / FMG3025-D10A Series User’s Guide
A PPENDIX C Pop-up Windows, JavaScript and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScript (enabled by default). • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device.
Appendix C Pop-up Windows, JavaScript and Java Permissions Figure 181 Internet Options: Privacy 3 Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 284 1 In Internet Explorer, select Tools, Internet Options and then the Privacy tab. 2 Select Settings…to open the Pop-up Blocker Settings screen.
Appendix C Pop-up Windows, JavaScript and Java Permissions Figure 182 Internet Options: Privacy 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. 4 Click Add to move the IP address to the list of Allowed sites.
Appendix C Pop-up Windows, JavaScript and Java Permissions 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScript If pages of the web configurator do not display properly in Internet Explorer, check that JavaScript are allowed. 1 In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 184 Internet Options: Security 286 2 Click the Custom Level... button. 3 Scroll down to Scripting.
Appendix C Pop-up Windows, JavaScript and Java Permissions Figure 185 Security Settings - Java Scripting Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected. 5 Click OK to close the window.
Appendix C Pop-up Windows, JavaScript and Java Permissions Figure 186 Security Settings - Java JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for
Appendix C Pop-up Windows, JavaScript and Java Permissions Mozilla Firefox Mozilla Firefox 2.0 screens are used here. Screens for other versions may vary. You can enable Java, JavaScript and pop-ups in one screen. Click Tools, then click Options in the screen that appears. Figure 188 Mozilla Firefox: Tools > Options Click Content.to show the screen below. Select the check boxes as shown in the following screen.
Appendix C Pop-up Windows, JavaScript and Java Permissions 290 FMG3024-D10A / FMG3025-D10A Series User’s Guide
A PPENDIX D Common Services The following table lists some commonly-used services and their associated protocols and port numbers. For a comprehensive list of port numbers, ICMP type/code numbers and services, visit the IANA (Internet Assigned Number Authority) web site. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like. • Protocol: This is the type of IP protocol used by the service.
Appendix D Common Services Table 96 Commonly Used Services (continued) 292 NAME PROTOCOL PORT(S) DESCRIPTION HTTP TCP 80 Hyper Text Transfer Protocol - a client/ server protocol for the world wide web. HTTPS TCP 443 HTTPS is a secured http session often used in e-commerce. ICMP User-Defined 1 Internet Control Message Protocol is often used for diagnostic or routing purposes. ICQ UDP 4000 This is a popular Internet chat program.
Appendix D Common Services Table 96 Commonly Used Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION SMTP TCP 25 Simple Mail Transfer Protocol is the message-exchange standard for the Internet. SMTP enables you to move messages from one e-mail server to another. SNMP TCP/UDP 161 Simple Network Management Program. SNMP-TRAPS TCP/UDP 162 Traps for use with the SNMP (RFC:1215).
Appendix D Common Services 294 FMG3024-D10A / FMG3025-D10A Series User’s Guide
A PPENDIX E IPv6 Overview IPv6 (Internet Protocol version 6), is designed to enhance IP address size and features. The increase in IPv6 address size to 128 bits (from the 32-bit IPv4 address) allows up to 3.4 x 1038 IP addresses. IPv6 Addressing The 128-bit IPv6 address is written as eight 16-bit hexadecimal blocks separated by colons (:). This is an example IPv6 address 2001:0db8:1a2b:0015:0000:0000:1a2f:0000. IPv6 addresses can be abbreviated in two ways: • Leading zeros in a block can be omitted.
Appendix E IPv6 Global Address A global address uniquely identifies a device on the Internet. It is similar to a “public IP address” in IPv4. A global unicast address starts with a 2 or 3. Unspecified Address An unspecified address (0:0:0:0:0:0:0:0 or ::) is used as the source address when a device does not have its own address. It is similar to “0.0.0.0” in IPv4. Loopback Address A loopback address (0:0:0:0:0:0:0:1 or ::1) allows a host to send packets to itself. It is similar to “127.0.0.1” in IPv4.
Appendix E IPv6 Table 99 Reserved Multicast Address (continued) MULTICAST ADDRESS FF08:0:0:0:0:0:0:0 FF09:0:0:0:0:0:0:0 FF0A:0:0:0:0:0:0:0 FF0B:0:0:0:0:0:0:0 FF0C:0:0:0:0:0:0:0 FF0D:0:0:0:0:0:0:0 FF0E:0:0:0:0:0:0:0 FF0F:0:0:0:0:0:0:0 Subnet Masking Both an IPv6 address and IPv6 subnet mask compose of 128-bit binary digits, which are divided into eight 16-bit blocks and written in hexadecimal notation. Hexadecimal uses four bits for each character (1 ~ 10, A ~ F).
Appendix E IPv6 combines its interface ID and global and subnet information advertised from the router. This is a routable global IP address. DHCPv6 The Dynamic Host Configuration Protocol for IPv6 (DHCPv6, RFC 3315) is a server-client protocol that allows a DHCP server to assign and pass IPv6 network addresses, prefixes and other configuration information to DHCP clients. DHCPv6 servers and clients exchange DHCP messages using UDP.
Appendix E IPv6 such as the system name. The interface-ID option provides slot number, port information and the VLAN ID to the DHCPv6 server. The remote-ID option (if any) is stripped from the Relay-Reply messages before the relay agent sends the packets to the clients. The DHCP server copies the interface-ID option from the Relay-Forward message into the Relay-Reply message and sends it to the relay agent. The interface-ID should not change even after the relay agent restarts.
Appendix E IPv6 determine whether the destination address is on-link and can be reached directly without passing through a router. If the address is unlink, the address is considered as the next hop. Otherwise, the Device determines the next-hop from the default router list or routing table. Once the next hop IP address is known, the Device looks into the neighbor cache to get the link-layer address and sends the packet when the neighbor is reachable.
Appendix E IPv6 Example - Enabling IPv6 on Windows XP/2003/Vista By default, Windows XP and Windows 2003 support IPv6. This example shows you how to use the ipv6 install command on Windows XP/2003 to enable IPv6. This also displays how to use the ipconfig command to see auto-generated IP addresses. C:\>ipv6 install Installing... Succeeded. C:\>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific IP Address. . . . . Subnet Mask . . . . IP Address. . . . .
Appendix E IPv6 5 Click Start and then OK. 6 Now your computer can obtain an IPv6 address from a DHCPv6 server. Example - Enabling IPv6 on Windows 7 Windows 7 supports IPv6 by default. DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer. To enable IPv6 in Windows 7: 302 1 Select Control Panel > Network and Sharing Center > Local Area Connection. 2 Select the Internet Protocol Version 6 (TCP/IPv6) checkbox to enable it. 3 Click OK to save the change.
Appendix E IPv6 4 Click Close to exit the Local Area Connection Status screen. 5 Select Start > All Programs > Accessories > Command Prompt. 6 Use the ipconfig command to check your dynamic IPv6 address. This example shows a global address (2001:b021:2d::1000) obtained from a DHCP server. C:\>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS IPv6 Address. . . . . . Link-local IPv6 Address IPv4 Address. . . . . . Subnet Mask . . . . . .
Appendix E IPv6 304 FMG3024-D10A / FMG3025-D10A Series User’s Guide
A PPENDIX F Legal Information Copyright Copyright © 2013 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
Appendix F Legal Information • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations. This device has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation.
Appendix F Legal Information Notices Changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment. This device is designed for the WLAN 2.4 GHz and/or 5 GHz networks throughout the EC region and Switzerland, with restrictions in France. Ce produit est conçu pour les bandes de fréquences 2,4 GHz et/ou 5 GHz conformément à la législation Européenne.
Appendix F Legal Information merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect or consequential damages of any kind to the purchaser. To obtain the services of this warranty, contact your vendor. You may also refer to the warranty policy for the region in which you bought the device at http://www.zyxel.com/web/ support_warranty_info.php.
Index Index Numbers call service mode 201 6to4 mode 69 call waiting 202 call transfer 202 Canonical Format Indicator See CFI A certificate factory default 162 AH 174 certificates 159 CA 159 replacing 162 storage space 162 thumbprint algorithms 161 thumbprints 161 trusted CAs 163 verifying fingerprints 161 algorithms 174 Certification Authority, see CA alternative subnet mask notation 245 certifications 305 notices 307 viewing 307 ACK message 199 activation media server 102 adding a printer exa
Index Differentiated Services, see DiffServ flash key 201 Diffie-Hellman key groups 179 flashing 201 DiffServ (Differentiated Services) 200 code points 200 marking rule 132, 200 FTP 134 disclaimer 305 DLNA 102 DNS 94 DNS server address assignment 87 documentation related 2 G G.168 182 Guide Quick Start 2 domain name system, see DNS Domain Name System. See DNS.
Index IP pool 97 IP pool setup 104 IPSec algorithms 174 architecture 173 NAT 177 IPSec VPN 167 IPv6 68, 295 addressing 69, 87, 295 DHCP 69 EUI-64 297 global address 296 interface ID 297 link-local address 295 Neighbor Discovery Protocol 295 ping 295 prefix 69, 88, 295 prefix delegation 70 prefix length 69, 88, 295 stateless autoconfiguration 297 unspecified address 296 IPv6 modes 6to4 mode 69 ISP 68 iTunes server 102 ITU-T 182 L M MAC 63, 153 MAC address 98 MAC address filtering 153 MAC filter 153 Manage
Index outside header 175 restart 231 restoring configuration 230 RFC 1483 84 P RFC 1631 133 passwords 19 RFC 3164 205 Peak Cell Rate (PCR) 84 router advertisements 70 peer-to-peer calls 193 router features 15 Per-Hop Behavior, see PHB RTP 198 RFC 1889 198 PHB 132, 200 phone book speed dial 193 PPP over Ethernet, see PPPoE S PPPoE 68, 84 Benefits 84 security, network 151 prefix delegation 70 Session Initiation Protocol, see SIP pre-shared key 179 silence suppression 182 Printer Server 1
Index status 61 forum 94 security issues 94 subnet 243 subnet mask 104, 244 subnetting 246 supplementary services 200 V Sustained Cell Rate (SCR) 85 syslog protocol 205 severity levels 205 system firmware 227 passwords 19 status 61 System Info 62 system name 63, 222 T Tag Control Information See TCI Tag Protocol Identifier See TPID TCI TCP/IP port 37 The 68 three-way conference 202 ToS 200 TPID 86 VAD 182 version firmware version 63 VID Virtual Circuit (VC) 84 Virtual Local Area Network See VLAN Virt
Index 314 FMG3024-D10A / FMG3025-D10A Series User’s Guide
Index FMG3024-D10A / FMG3025-D10A Series User’s Guide 315
Index 316 FMG3024-D10A / FMG3025-D10A Series User’s Guide
