manualshive.com logo in svg

ZyXEL Communications LTE3301-PLUS, User Manual

The ZyXEL Communications LTE3301-PLUS is a high-speed LTE router designed for seamless internet connectivity. Ensure optimal performance by accessing the comprehensive User Manual available for free download at manualshive.com. This manual provides step-by-step instructions for setting up and troubleshooting the device, making it an essential resource for users.

Share
Download
background image

Chapter 17 Firewall

Nebula Mobile Router User’s Guide

234

• LAN to WAN

These rules specify which computers on the LAN can access which computers or services on the 
WAN.

By default, the Zyxel Device’s stateful packet inspection drops packets traveling in the following 
directions:

• WAN  to  LAN

These rules specify which computers on the WAN can access which computers or services on the 

LAN.

Note: You also need to configure NAT port forwarding (or full featured NAT address mapping 

rules) to allow computers on the WAN to access devices on the LAN.

• WAN  to  Router

By default the Zyxel Device stops computers on the WAN from managing the Zyxel Device. You could 

configure one of these rules to allow a WAN computer to manage the Zyxel Device.

Note: You also need to configure the remote management settings to allow a WAN 

computer to manage the Zyxel Device.

You may define additional rules and sets or modify existing ones but please exercise extreme caution in 
doing so.

For example, you may create rules to:

• Block certain types of traffic, such as IRC (Internet Relay Chat), from the LAN to the Internet.
• Allow certain types of traffic, such as Lotus Notes database synchronization, from specific hosts on the 

Internet to specific hosts on the LAN.

• Allow everyone except your competitors to access a web server.
• Restrict use of certain protocols, such as Telnet, to authorized users on the LAN.

These custom rules work by comparing the source IP address, destination IP address and IP protocol 
type of network traffic to rules set by the administrator. Your customized rules take precedence and 
override the Zyxel Device’s default rules.

17.7.2  Guidelines For Security Enhancement With Your Firewall

1

Change the default password through the Web Configurator.

2

Think about access control before you connect to the network in any way.

3

Limit who can access your router.

4

Don't enable any local service (such as telnet or FTP) that you do not use. Any enabled service could 
present a potential security risk. A determined hacker might be able to find creative ways to misuse the 
enabled services to access the firewall or the network.

5

For local services that are enabled, protect against misuse. Protect by configuring the services to 
communicate only with specific peers, and protect by configuring rules to block packets for the services 
at specific interfaces.

Summary of Contents for LTE3301-PLUS

Page 1: ...LTE3301 PLUS Nebula NR5101 Nebula NR7101 Nebula LTE7461 M602 Nebula FWA510 Nebula FWA710 Copyright 2022 Zyxel and or its affiliates All Rights Reserved LAN IP Address http 192 168 1 1 User Name admin...

Page 2: ...igurator brand style Every effort has been made to ensure that the information in this manual is accurate Related Documentation Quick Start Guide The Quick Start Guide shows how to connect the Zyxel D...

Page 3: ...abels screen names field labels and field choices are all in bold font A right angle bracket within a screen name denotes a mouse click For example Network Setting Routing DNS Route means you first cl...

Page 4: ...king 162 Routing 184 Network Address Translation NAT 194 DNS 207 VLAN Group 211 Interface Grouping 214 USB Service 219 Nebula 224 Firewall 226 MAC Filter 236 Parental Control 238 Certificates 244 Log...

Page 5: ...Contents Overview Nebula Mobile Router User s Guide 5 Diagnostic 305 Troubleshooting and Appendices 307 Troubleshooting 308...

Page 6: ...s for the Zyxel Device 22 1 4 How to Manage your Zyxel Device 24 1 5 Good Habits for Managing the Zyxel Device 25 Chapter 2 Hardware Panels 26 2 1 Overview 26 2 2 LEDs 26 2 2 1 Nebula LTE3301 PLUS 26...

Page 7: ...tup 56 5 3 1 Changing Security on a WiFi Network 57 5 3 2 Connecting to the Zyxel Device s WiFi Network Using WPS 59 5 3 3 Setting Up a Guest Network 63 5 3 4 Setting Up Two Guest WiFi Networks on Dif...

Page 8: ...Add or Edit Internet Connection 109 7 3 Ethernet WAN 113 7 4 Cellular WAN 114 7 5 Cellular APN 115 7 5 1 Edit Cellular APN1 APN2 116 7 5 2 Using Separate APNs for Data and Management Traffic 118 7 6...

Page 9: ...Preamble Type 155 8 10 7 WiFi Protected Setup WPS 156 Chapter 9 Home Networking 162 9 1 Home Networking Overview 162 9 1 1 What You Can Do in this Chapter 162 9 1 2 What You Need To Know 162 9 1 3 Be...

Page 10: ...d or Edit Port Forwarding 196 11 3 Port Triggering 198 11 3 1 Add or Edit Port Triggering Rule 200 11 4 DMZ 201 11 5 ALG 202 11 6 Technical Reference 203 11 6 1 NAT Definitions 203 11 6 2 What NAT Doe...

Page 11: ...224 16 1 Nebula Overview 224 16 2 Nebula 224 Chapter 17 Firewall 226 17 1 Firewall Overview 226 17 1 1 What You Need to Know About Firewall 226 17 2 Firewall 227 17 2 1 What You Can Do in this Chapter...

Page 12: ...iew Certificate Request 246 20 4 Trusted CA 248 20 5 Import Trusted CA Certificate 249 20 6 View Trusted CA Certificate 250 20 7 Certificates Technical Reference 250 20 7 1 Verify a Certificate 251 Ch...

Page 13: ...r 28 User Account 274 28 1 User Account Overview 274 28 2 User Account 274 28 2 1 User Account Add or Edit 275 Chapter 29 Remote Management 277 29 1 Remote Management Overview 277 29 1 1 What You Can...

Page 14: ...ew 296 34 2 Firmware Upgrade 296 34 3 Module Upgrade 298 Chapter 35 Backup Restore 300 35 1 Backup Restore Overview 300 35 2 Backup Restore 300 35 3 Reboot 303 35 4 Schedule Reboot 304 Chapter 36 Diag...

Page 15: ...Guide 15 37 7 USB Problems 315 37 8 UPnP Problems 316 37 9 Getting More Troubleshooting Help 316 Appendix A Customer Support 317 Appendix B Wireless LANs 322 Appendix C IPv6 335 Appendix D Services 3...

Page 16: ...16 PART I User s Guide...

Page 17: ...at supports but is not limited to the following features Note the following differences between the Zyxel Device models Table 1 Feature Differences FEATURE MODEL NEBULA LTE3301 PLUS NEBULA LTE7461 M60...

Page 18: ...l Control Y N Y N N N Network Monitoring N Y Y Y Y N Proxy ARP N N N Y N Y FQ_Codel Fair Queuing with Controlled Delay N N N Y N N PIN Modification Y Y Y Y Y Y IGMP Proxy Y Y Y Y Y Y MLD Proxy Y Y Y Y...

Page 19: ...rator To find the best place for your Zyxel Device to receive the optimal cellular signal or perform a signal strength test use the Zyxel Air app Note The configurations you make in the NCC have prior...

Page 20: ...ick Create organization to create an organization and a site using the Nebula setup wizard or select an existing site 4 If you are creating the first organization under your account click Let s Start...

Page 21: ...register multiple Zyxel Device at a time 10 Click Next to proceed to setting up your WiFi network and guest WiFi network Note Your default web configurator login password will be changed when you regi...

Page 22: ...formation Note You must insert the SIM card into the card slot before turning on the Zyxel Device Internet Access Your Zyxel Device provides shared Internet access by connecting to a cellular network...

Page 23: ...me or different bands together Figure 4 Zyxel Device s CA Application Ethernet WAN If you have another broadband modem or router available you can use the Ethernet WAN port and then connect it to the...

Page 24: ...Devices automatically switch to use the backup connection on the second SIM card See Section 1 1 1 on page 17 to see if your Zyxel Device supports Cellular Backup 1 4 How to Manage your Zyxel Device...

Page 25: ...Device more secure and to manage the Zyxel Device more effectively Change the password Use a password that is not easy to guess and that consists of different types of characters such as numbers and...

Page 26: ...means the LED blinks once per 0 5 second 2 2 1 Nebula LTE3301 PLUS Figure 6 Nebula LTE3301 PLUS LED The following are the LED descriptions for your Nebula LTE3301 PLUS Table 3 Nebula LTE3301 PLUS LED...

Page 27: ...below the poor level Off The SIM card is invalid or the PIN code is not correct WLAN Green On The 2 4G wireless network is activated Blinking slow The Zyxel Device is setting up a WPS connection with...

Page 28: ...ng to connect to the Internet On The Zyxel Device is connected to the Internet Amber Blinking The Zyxel Device WiFi is on Table 5 Nebula NR5101 LED Behavior LED COLOR STATUS DESCRIPTION Power USB Gree...

Page 29: ...ing slow WPS is activated and the Zyxel Device is establishing a WPS connection Table 5 Nebula NR5101 LED Behavior continued LED COLOR STATUS DESCRIPTION Table 6 Nebula NR7101 LED Behavior COLOR STATU...

Page 30: ...essage Blinking The Inbox is full Off There is no unread SMS message Cellular Signal Strength Blue On The signal strength is good Green On The signal strength is medium Red On The signal strength is p...

Page 31: ...OLOR STATUS DESCRIPTION Cellular Signal Strength Green On The signal strength is excellent Amber On The signal strength is fair Red On The signal strength is weak Blinking There is no cellular signal...

Page 32: ...R button after the power adapter is connected to start the Zyxel Device POWER DC IN Connect the power adapter and press the POWER button to start the Zyxel Device Reboot Press the RESET button for mor...

Page 33: ...LAN using an RJ45 cable WAN mode Connect the Zyxel Device to the Internet through the WAN LAN1 Connect a computer to the LAN using an RJ45 cable WiFi Press for 1 second Enable or disable WiFi Press f...

Page 34: ...ON USB Type C The USB port of the Zyxel Device is used for maintenance only Note The USB port can only be used by qualified technicians LAN PoE Connect the PoE port on the PoE injector to the Zyxel De...

Page 35: ...ge 36 for more information RESET Press the RESET button to reboot or reset the Zyxel Device See Section 2 5 on page 38 for more information ON OFF Press the ON OFF button after the power adapter is co...

Page 36: ...by adding one device at a time 1 Ensure WiFi is turned on 2 Press the WiFi WPS button see the following table then release it 3 Press the WPS button on another WPS enabled device within range of the Z...

Page 37: ...Chapter 2 Hardware Panels Nebula Mobile Router User s Guide 37 Figure 18 Nebula LTE3301 PLUS WiFI WPS Button Figure 19 Nebula LTE7461 M602 Figure 20 Nebula NR5101 WiFi WPS ButtNebula NR7101...

Page 38: ...RESET hole of the Zyxel Device to reload the factory default configuration file if you forget your password or IP address or you cannot access the Web Configurator This means that you will lose all co...

Page 39: ...Chapter 2 Hardware Panels Nebula Mobile Router User s Guide 39 Figure 24 Nebula LTE7461 M602 Figure 25 Nebula NR5101 Figure 26 Nebula NR7101 Figure 27 Nebula FWA510...

Page 40: ...40 Figure 28 Nebula FWA710 1 Make sure the Zyxel Device is connected to power and the POWER LED is on 2 Using a thin object press the RESET button for more than 5 seconds Note If you press the RESET...

Page 41: ...default 3 1 1 Access the Web Configurator 1 Make sure your Zyxel Device hardware is properly connected refer to the Quick Start Guide 2 Make sure your computer has an IP address in the same subnet as...

Page 42: ...t contain at least one English character and one number Please see the password requirement displayed on the screen When the Zyxel Device is managed by NCC you will be prompted to use the Nebula assig...

Page 43: ...Chapter 3 Web Configurator Nebula Mobile Router User s Guide 43 Figure 31 Connection Status...

Page 44: ...Screen Layout As illustrated above the main screen is divided into these parts A Settings Icon Navigation Panel and Side Bar B Layout Icon C Main Window 3 2 1 Settings Icon Click this icon to see the...

Page 45: ...se the navigation panel Table 17 Web Configurator Icons in the Title Bar ICON DESCRIPTION Wizard Click this icon to open screens where you can configure the Zyxel Device s time zone and WiFi settings...

Page 46: ...configure a cellular WAN connection Cellular APN Use this screen to configure the Access Point Name APN provided by your service provider Cellular SIM Use this screen to enter a PIN for your SIM card...

Page 47: ...with other routers NAT Port Forwarding Use this screen to make your local servers visible to the outside world Port Triggering Use this screen to change your Zyxel Device s port triggering settings DM...

Page 48: ...s of the Zyxel Device ARP table ARP table Use this screen to view the ARP table It displays the IP and MAC address of each DHCP connection Routing Table Routing Table Use this screen to view the routi...

Page 49: ...an Auto Configuration Server ACS using TR 069 Time Time Use this screen to change your Zyxel Device s time and date E mail Notification E mail Notification Use this screen to configure up to two mail...

Page 50: ...Chapter 3 Web Configurator Nebula Mobile Router User s Guide 50 Figure 36 Check Icons...

Page 51: ...hapter 4 2 Quick Start Setup You can click the Wizard icon in the side bar to open the Wizard screens After you click the Wizard icon the following screen appears Click Let s go to proceed with settin...

Page 52: ...d 5G the same check box to use the same SSID for 2 4G and 5G WiFi networks Otherwise deselect the check box to have two different SSIDs for 2 4G and 5G WiFi networks The screen and fields to enter may...

Page 53: ...Chapter 4 Quick Start Nebula Mobile Router User s Guide 53 4 5 Quick Start Setup Finish Your Zyxel Device saves your settings and attempts to connect to the Internet...

Page 54: ...Connection If you connect to the Internet through an Ethernet connection you need to connect a broadband modem or router with Internet access to the WAN Ethernet port on the Zyxel Device You need to...

Page 55: ...2c Set your Ethernet connection Mode to Routing 2d Choose the Encapsulation specified by your Internet service provider For this example select IPoE as the WAN encapsulation type 2e Set the IPv4 IPv6...

Page 56: ...WiFi Network Setup In this example you want to set up a WiFi network so that you can use your notebook to access the Internet In this WiFi network the Zyxel Device is an access point AP and the noteb...

Page 57: ...et up a WiFi network using WPS See Section 5 3 2 on page 59 5 3 1 Changing Security on a WiFi Network This example changes the default security settings of a WiFi network to the following 1 Go to the...

Page 58: ...Chapter 5 Web Interface Tutorials Nebula Mobile Router User s Guide 58 2 Go to the Wireless Others screen Set 802 11 Mode to 802 11b g n Mixed and then click Apply...

Page 59: ...he WiFi network by pressing a button This is the simplest method PIN Configuration Connect to the WiFi network by entering a PIN Personal Identification Number from a WiFi enabled device in the Zyxel...

Page 60: ...User s Guide 60 3 In Windows 10 click on the Network icon in the system tray to open the list of available WiFi networks 4 Locate the WiFi network of the Zyxel Device The default WiFi network name is...

Page 61: ...Chapter 5 Web Interface Tutorials Nebula Mobile Router User s Guide 61 The Zyxel Device sends the WiFi network settings to Windows using WPS Windows displays Getting settings from the router...

Page 62: ...ed devices such as printers To use this connection method you need to log into the Zyxel Device s Web Configurator 1 Enable WiFi on the device you want to connect to the WiFi network Then note down th...

Page 63: ...i network settings to the device using WPS This process may take up to 2 minutes The WiFi device is then able to connect to the WiFi network securely 5 3 3 Setting Up a Guest Network A company wants t...

Page 64: ...etwork Setting Wireless General screen Use this screen to set up the company s general WiFi network group Configure the screen using the provided parameters and click Apply Note that if you have emplo...

Page 65: ...the Network Setting Wireless Guest More AP screen Click the Modify icon to configure the second WiFi network group 3 On the Guest More AP screen click the Modify icon to configure the other Guest WiFi...

Page 66: ...apter 5 Web Interface Tutorials Nebula Mobile Router User s Guide 66 4 Check the status of Guest in the Guest More AP screen A yellow bulb under Status means the SSID is active and ready for WiFi acce...

Page 67: ...group will use the 2 4G band The VIP group will use the 5G band The Company will use the following parameters to set up the WiFi network groups 1 Go to the Wireless General screen and set Band to 2 4...

Page 68: ...torials Nebula Mobile Router User s Guide 68 2 Go to the Wireless Guest More AP screen and click the Modify icon The following screen appears Configure the Security Mode and Password using the provide...

Page 69: ...terface Tutorials Nebula Mobile Router User s Guide 69 The 2 4GHz Guest WiFi network is now configured 3 Go to the Wireless General screen and set Band to 5GHz to configure the 5G Guest WiFi settings...

Page 70: ...torials Nebula Mobile Router User s Guide 70 4 Go to the Wireless Guest More AP screen and click the Modify icon The following screen appears Configure the Security Mode and Password using the provide...

Page 71: ...Chapter 5 Web Interface Tutorials Nebula Mobile Router User s Guide 71 The 5G VIP WiFi network is now configured...

Page 72: ...Connect your Zyxel Device to your computer and log into the Web Configurator 3 If your SIM has a PIN Code enter this code in the Network Setting Broadband Cellular SIM screen Use the Home screen to c...

Page 73: ...rintable ASCII characters Authentication Type Select the authentication type PAP CHAP PAP CHAP used by the Zyxel Device PDP Type Select the IP address type IPv4 IPv6 IPv4 IPv6 the Zyxel Device uses fo...

Page 74: ...w others to access the shared folder with File Sharing services 5 5 1 1 Setting up File Sharing on Your Zyxel Device 1 Before enabling file sharing in the Zyxel Device please set up your shared folder...

Page 75: ...t your USB device from the Volume drop down list box 5b Enter a Description name for the added share to identify the device 5c Click Browse and the Browse Directory screen appears 5d On the Browse Dir...

Page 76: ...the share to be accessed by specific users to access only Click OK to save the settings 6 To set Access level to Security you need to create one or more users accounts Under Account Management click A...

Page 77: ...sda Zoeys file Refer to your operating system s documentation for how to browse your file structure 1 Open Windows Explorer 2 In the Windows Explorer s address bar enter a double backslash followed by...

Page 78: ...rol rule and MAC Filter rule 5 6 1 Configuring a Firewall Rule You can enable the firewall to protect your LAN computers from malicious attacks from the Internet 1 Go to the Security Firewall General...

Page 79: ...Enter a name to identify the firewall rule Source IP Address Enter the IP address of the computer that initializes traffic for the application or service Destination IP Address Enter the IP address of...

Page 80: ...e for Internet usage scheduling Websites and URL keyword blocking Use this feature to Limit the days and times a user can access the Internet Limit the websites a user can access on the Internet This...

Page 81: ...ect Enable to enable the rule you are configuring 1b Enter the Parental Control Profile Name given in the above parameter 1c Select an user this rule applies to in Home Network User then click Add You...

Page 82: ...ck the web URLs in Block or Allow the Web Site 4b Click Add then use the parameter given above to configure settings for the URL keyword you are blocking 4c Select Redirect blocked site to Zyxel Famil...

Page 83: ...trol rule 2a Enter the Profile Name given in the above parameter 2b Click on the switch to enable Profile Active 2c Select a device and then click Next to proceed 3 Use this screen to edit the Parenta...

Page 84: ...a MAC Address Filter for Wired LAN Connections You can use a MAC address filter to exclusively allow or permanently block someone from the wired LAN network This example shows that computer B is not...

Page 85: ...Apply 5 7 Device Maintenance This section shows you how to upgrade device firmware back up the device configuration and restore the device to its previous or default settings 5 7 1 Upgrading the Firmw...

Page 86: ...take up to 2 minutes to finish After 2 minutes log in again and check your new firmware version in the Connection Status screen 5 7 2 Backing up the Device Configuration Back up a configuration file...

Page 87: ...iguration This section shows you how to restore a previously saved configuration file from your computer to your Zyxel Device 1 Go to the Maintenance Backup Restore screen 2 Under Restore Configuratio...

Page 88: ...User s Guide 88 3 The Zyxel Device automatically restarts after the configuration file is successfully uploaded Wait for one minute before logging into the Zyxel Device again Go to the Connection Stat...

Page 89: ...Nebula Mobile Router User s Guide 89 PART II Technical Reference...

Page 90: ...ection status of the Zyxel Device and its clients Figure 43 Connectivity Click the Arrow icon to view IP addresses and MAC addresses of the wireless and wired devices connected to the Zyxel Device Fig...

Page 91: ...ted device Click to enable Internet Blocking or Active for a connected WiFi client Click Save to save your changes Figure 45 Connectivity Edit 6 1 3 System Info Use this screen to view the basic syste...

Page 92: ...Maintenance Reboot or when you reset it Interface Status Virtual ports are shown here You can see the ports in use and their transmission rate WAN Information These fields display when you have an Et...

Page 93: ...s are used for automatic address configuration and neighbor discovery protocols DHCP This field displays what DHCP services the Zyxel Device is providing to the LAN The possible values are Server The...

Page 94: ...evice supports Note The value is 0 zero or N A if the Access Technology the Zyxel Device is currently connected to doesn t have this value in that specific parameter field or there is no network conne...

Page 95: ...rough allows a LAN computer on the local network of the Zyxel Device to have access to web services using the public IP address When IP Passthrough is configured all traffic is forwarded to the LAN co...

Page 96: ...Zyxel Device above sea level in meters Positioning Mode This shows the GNSS positioning mode 2D 2 GNSS positioning mode displays latitude and longitude co ordinates 3D 2 GNSS positioning mode display...

Page 97: ...or LTE it is the EARFCN E UTRA Absolute Radio Frequency Channel Number as specified in 3GPP TS 36 101 The value is 0 zero or N A if there is no network connection RSRP This displays the Reference Sign...

Page 98: ...AC uniquely identifies the RAI Routing Area ID 3GPP TS 23 003 This parameter is for UMTS or GPRS The value is 0 zero if the Current Access Technology is not UMTS or GPRS The value is N A if there is n...

Page 99: ...are 1 4 3 5 10 15 and 20 MHz The wider the bandwidth the higher the throughput DL Bandwidth MHz This shows the downlink cellular channel bandwidth from the base station to the Zyxel Device According...

Page 100: ...This field displays The Zyxel Device Internet connection status The connection status between the Zyxel Device and the NCC The Zyxel Device registration status on the NCC Mouse over the circles to di...

Page 101: ...WiFi Name The SSID Service Set IDentity identifies the service set with which a wireless device is associated Wireless devices associating to the access point AP must have the same SSID Enter a descri...

Page 102: ...passwords from this screen If you want to show or hide your WiFi passwords click the Eye icon Figure 54 Guest WiFi Settings Click the Arrow icon to open the following screen Use this screen configure...

Page 103: ...r a descriptive name up to 32 English keyboard characters for the wireless LAN WiFi Password If you selected Random Password this field displays a pre shared key generated by the Zyxel Device If you d...

Page 104: ...LAN IP Setup IP Address Enter the LAN IPv4 IP address you want to assign to your Zyxel Device in dotted decimal notation for example factory default Subnet Mask Type the subnet mask of your network i...

Page 105: ...s to the Zyxel Device DHCP automatically assigns the client an IP addresses from the IP address pool DHCP leases each addresses for a limited period of time which means that past addresses are recycle...

Page 106: ...e Ethernet WAN screen to convert LAN port number four as a WAN port or restore the Ethernet WAN port to a LAN port Section 7 3 on page 113 Use the Cellular WAN screen to configure a cellular WAN conne...

Page 107: ...Internet The Zyxel Device requires an APN to connect to a cellular network Different APNs may provide different services such as Internet access or MMS Multi Media Messaging Service and different char...

Page 108: ...N code if the INTERNET light on your Zyxel Device is off Get this information from your service provider 7 2 Broadband Use this screen to change your Zyxel Device s Internet access settings The summar...

Page 109: ...hrough this connection This displays N A when there is no priority level assigned 802 1q This indicates the VLAN ID number assigned to traffic sent through this connection This displays N A when there...

Page 110: ...ble the interface When the switch goes to the right the function is enabled Otherwise it is not Name This is the service name of the connection Type This shows the type of the connection the Zyxel Dev...

Page 111: ...se Following Static DNS Address if you want the Zyxel Device to use the DNS server addresses you configure manually Primary DNS Server Enter the first DNS server address assigned by the ISP Secondary...

Page 112: ...elect Static IPv6 Address if you have a fixed IPv6 address assigned by your ISP When you select this the following fields appear IPv6 Address Enter an IPv6 IP address that your ISP gave to you for thi...

Page 113: ...ernet WAN to display the following screen Figure 63 Network Setting Broadband Ethernet WAN 464XLAT Enable this to have the Zyxel Device translate outgoing IPv4 packets to IPv6 packets Use this functio...

Page 114: ...he following table describes the fields in this screen Table 29 Network Setting Broadband Cellular WAN LABEL DESCRIPTION Data Roaming Click this to enable data roaming on the Zyxel Device With cellula...

Page 115: ...ccess Point Name of a cellular network automatically Otherwise Click this to enable and enter the APN manually in the field below APN This field allows you to display the Access Point Name APN in the...

Page 116: ...sabled Mode This shows Auto when the Zyxel Device configures the APN Access Point Name of a cellular network automatically This shows Manual when the APN is entered manually APN This shows the Access...

Page 117: ...is to enable and enter the APN manually in the field below APN This field allows you to display the Access Point Name APN in the profile Enter the Access Point Name APN provided by your service provid...

Page 118: ...ant the Zyxel Device to run both IPv4 and IPv6 Internet Protocol version 4 and 6 addressing system at the same time IP Passthrough Select IPv4 if your want the Zyxel Device to run IPv4 Internet Protoc...

Page 119: ...Chapter 7 Broadband Nebula Mobile Router User s Guide 119 2 Go to Maintenance Remote Management MGMT Services Set WAN Interface used for services to Multi_WAN and then select Cellular WAN 2...

Page 120: ...lient to Multi_WAN and then select Cellular WAN 2 7 6 Cellular SIM Configuration Use this screen to enter a PIN for your SIM card in order to prevent others from using it Entering the wrong PIN code 3...

Page 121: ...ou use the SIM without inputting a PIN PIN Modification more Click the icon to show fore fields in this section Click the icon to hide them Note PIN Modification and its following fields will show upo...

Page 122: ...l SIM Preferred SIM Slot To have the Zyxel Device automatically detect and choose the SIM card slot that has a SIM card inserted select Auto If both cards are inserted the primary Internet connection...

Page 123: ...r mode your Zyxel Device supports to which you want the Zyxel Device to connect and then click Apply to save your settings Otherwise select Auto Switch to have the Zyxel Device connect to an available...

Page 124: ...in this screen After selecting to disable the following warning appears Click OK to continue Figure 71 Network Setting Broadband Cellular PLMN Manual Scan Warning Click Scan to check for available PL...

Page 125: ...ice connects to this ISP Status This shows Current to show the ISP the Zyxel Device is currently connected to This shows Forbidden to indicate the Zyxel Device cannot connect to this ISP This shows Av...

Page 126: ...ernet WAN port Note This screen is not available for models that support the IP Passthrough settings in the Network Setting Broadband Cellular APN Edit screen Note This screen is not available if Ethe...

Page 127: ...a base station identified by its Physical Cell ID go to Network Setting Broadband Cellular Lock LTE Table 37 Network Setting Broadband Cellular IP Passthrough LABEL DESCRIPTION IP Passthrough Manageme...

Page 128: ...to NR5G SA or NR5G SA NR5G NSA SG Auto Switch Table 38 Network Setting Broadband Cellular Lock LTE LABEL DESCRIPTION LTE 4G Lock Management PCI Lock Click the switch button to the right to enable PCI...

Page 129: ...er the band number to which you choose to connect Note Make sure to select the same band in the Network Setting Broadband Cellular Band screen so as the Zyxel Device can connect to that band PCI Use t...

Page 130: ...adband LABEL DESCRIPTION Add New Message Click this button to open the Send New Message screen and send an SMS message from the Zyxel Device SMS Inbox SMS Inbox Enable Click this to enable or disable...

Page 131: ...ing GSM 7 encoding or unicode GSM default alphabet Use standard ASCII numbers letters and special characters The maximum length of the message is 140 characters Unicode alphabet Use any non English Un...

Page 132: ...vice in WiFi networks for multimedia applications Section 8 6 on page 144 Use the Others screen to configure WiFi advanced features such as the RTS CTS Threshold Section 8 7 on page 145 Use the WLAN S...

Page 133: ...lect More Secure to enable WPA3 SAE data encryption Note If you are configuring the Zyxel Device from a computer connected by WiFi and you change the Zyxel Device s SSID channel or security settings y...

Page 134: ...following table describes the general WiFi labels in this screen Table 43 Network Setting Wireless General LABEL DESCRIPTION Wireless Wireless Select Keep the same settings for 2 4G and 5G wireless ne...

Page 135: ...in the Lower or Upper range of channel bands Wireless WiFi Network Settings Wireless WiFi Network Name The SSID Service Set IDentity identifies the service set with which a wireless device is associa...

Page 136: ...more robust version of the WPA encryption standard It offers better security although the use of PSK makes it less robust than it could be The WPA3 SAE Simultaneous Authentication of Equals handshake...

Page 137: ...3 ASCII characters or exactly 64 hexadecimal 0 9 a f characters 2 WPS When using WPS the Zyxel Device sends this password to the client Note Enter 8 63 ASCII characters only 64 hexadecimal characters...

Page 138: ...twork Setting Wireless Guest More AP screen Table 47 Network Setting Wireless Guest More AP LABEL DESCRIPTION This is the index number of the entry Status This field indicates whether this SSID is act...

Page 139: ...the Edit icon next to an SSID in the Guest More AP screen The following screen displays Figure 83 Network Setting Wireless Guest More AP Edit The following table describes the fields in this screen T...

Page 140: ...ork Wireless General DHCP Start Address Specify the first of the contiguous addresses in the DHCP IP address pool The Zyxel Device assigns IP addresses from this DHCP pool to WiFi clients connecting t...

Page 141: ...filter rules Click Network Setting Wireless MAC Authentication The screen appears as shown Figure 84 Network Setting Wireless MAC Authentication The following table describes the labels in this screen...

Page 142: ...access the Zyxel Device Select Allow to permit access to the Zyxel Device MAC addresses not listed will be denied access to the Zyxel Device MAC address List Add new MAC address This field is availabl...

Page 143: ...erwise it is disabled Add a new device with WPS Method Method 1 PBC Use this section to set up a WPS WiFi network using Push Button Configuration PBC Click this switch to make it turn blue Click Apply...

Page 144: ...te You must also activate WPS on that device within 2 minutes to have it present its PIN to the Zyxel Device Method 3 Use this section to set up a WPS WiFi network by entering the PIN of the Zyxel Dev...

Page 145: ...IP header of packets it sends WMM QoS WiFi MultiMedia Quality of Service gives high priority to video which makes them run more smoothly If the 802 11 Mode in Network Setting Wireless Others is set t...

Page 146: ...he output power to reduce interference with other APs Select one of the following 20 40 60 80 or 100 Beacon Interval When a wirelessly networked device sends a beacon it includes with it a beacon inte...

Page 147: ...or IEEE 802 11ac compliant WiFi devices to associate with the Zyxel Device The transmission rate of your Zyxel Device might be reduced Select 802 11a n ac ax Mixed to allow IEEE 802 11a IEEE 802 11n I...

Page 148: ...to function When the switch turns blue the function is enabled Otherwise it is not Add New Rule Click this to configure a new WLAN scheduler rule This is the index number of the entry Active Click th...

Page 149: ...LAN Schedule Add New Rule LABEL DESCRIPTION Active Slide the switch to the right to enable this WLAN scheduler rule SSID Select All wireless networks if you want the rule to apply to all wireless netw...

Page 150: ...ctors about the channels are also considered Click Network Setting Wireless Channel Status The screen appears as shown Note If the current channel is a DFS channel the warning Channel scan process is...

Page 151: ...ts and WiFi clients extending a network s range Normally a WiFi network operates in an infrastructure type of network An infrastructure type of network has one or more access points and one or more Wi...

Page 152: ...elines Every device in the same WiFi network must use the same SSID The SSID is the name of the WiFi network It stands for Service Set IDentifier If two WiFi networks overlap they should use a differe...

Page 153: ...ng string of apparently random numbers and letters but it is not very secure if you use a short key which is very easy to guess for example a three letter word from the dictionary Because of the damag...

Page 154: ...curity If a device is not allowed to use the WiFi network it does not matter if it has the correct information This type of security does not protect the information that is sent in the WiFi network F...

Page 155: ...g is enabled wireless station A and B can still access the wired network but cannot communicate with each other Figure 92 Basic Service Set 8 10 6 Preamble Type Preamble is used to signal that data is...

Page 156: ...utomatically You do not need to enter any information Not every WPS enabled device has a physical WPS button Some may have a WPS PBC button in their configuration utilities instead of or in addition t...

Page 157: ...3 Look for the client s WPS PIN it will be displayed either on the device or in the WPS section of the client s configuration interface see the device s User s Guide on how to find the WPS PIN for th...

Page 158: ...eceives network and security settings The registrar creates a secure EAP Extensible Authentication Protocol tunnel and sends the network name SSID and the WPA PSK or WPA2 PSK pre shared key to the enr...

Page 159: ...pports both functions If the registrar is un configured the security settings it transmits to the enrollee are randomly generated Once a WPS enabled device has connected to another device using WPS it...

Page 160: ...ay in order to use the network In this case AP1 must be the registrar since it is configured it already has security information for the network AP1 supplies the existing security information to Clien...

Page 161: ...an enter the key into the non WPS device and join the network as normal the non WPS device must also support WPA PSK or WPA2 PSK When you use the PBC method there is a short period from the moment you...

Page 162: ...pecific individual computers based on their MAC addresses Section 9 3 on page 169 Use the UPnP screen to enable UPnP Section 9 4 on page 171 Use the Custom DHCP screen to set additional DHCP options S...

Page 163: ...out UPnP How do I know if I am using UPnP UPnP hardware is identified as an icon in the Network Connections folder Windows 7 Each UPnP compatible device installed on your network will appear as a sepa...

Page 164: ...s to access its Web Configurator from the LAN The DHCP server settings define the rules on assigning IP addresses to LAN clients on your network Use this screen to set the Local Area Network IP addres...

Page 165: ...Chapter 9 Home Networking Nebula Mobile Router User s Guide 165 Figure 99 Network Setting Home Networking LAN Setup...

Page 166: ...255 255 0 factory default Your Zyxel Device automatically computes the subnet mask based on the IP address you enter so do not change this field unless you are instructed to do so DHCP Server State D...

Page 167: ...his first DNS server to send domain name queries to the Zyxel Device The Zyxel Device sends a response directly if it has a record of the domain name to IP address mapping If it does not the Zyxel Dev...

Page 168: ...o DHCPv6 clients LAN IPv6 DNS Assign Setup Select how the Zyxel Device provide DNS server and domain name information to the clients From RA DHCPv6 Server The Zyxel Device provides DNS information thr...

Page 169: ...ing Static DHCP DNS Query Scenario Select how the Zyxel Device handles clients DNS information requests IPv4 IPv6 DNS Server The Zyxel Device forwards the requests to both the IPv4 and IPv6 DNS server...

Page 170: ...he Zyxel Device MAC Address The MAC Media Access Control or Ethernet address on a LAN Local Area Network is unique to your computer six pairs of hexadecimal notation A network interface card such as a...

Page 171: ...for more information on UPnP Note To use UPnP NAT T enable NAT in the Network Setting Broadband Edit or Add New WAN Interface screen Use the following screen to configure the UPnP settings on your Zyx...

Page 172: ...urator s login screen without entering the Zyxel Device s IP address although you must still enter the password to access the Web Configurator UPnP NAT T State UPnP NAT T Select Enable to activate UPn...

Page 173: ...t to sent to your DHCP clients This field displays the index number of the entry Option ID This field displays the DHCP option ID Option Context This field displays the content of the DHCP option Serv...

Page 174: ...ppendices Do not assign static IP addresses from the DHCP pool to your LAN computers 9 6 2 DNS Server Addresses DNS Domain Name System maps a domain name to its corresponding IP address and vice versa...

Page 175: ...tion is established If this is the case it is recommended that you select a network number from 192 168 0 0 to 192 168 255 0 and you must enable the Network Address Translation NAT feature of the Zyxe...

Page 176: ...ticular situation do not create an arbitrary IP address always follow the guidelines above For more information on address assignment please refer to RFC 1597 Address Allocation for Private Internets...

Page 177: ...d sharing settings 4 Under Domain select Turn on network discovery and click Save Changes Network discovery allows your computer to find other computers and devices on the network and other computers...

Page 178: ...d Network Device Before you follow these steps make sure you already have UPnP activated on the Zyxel Device and in your computer Make sure your computer is connected to the LAN port of the Zyxel Devi...

Page 179: ...Guide 179 Figure 106 Network Connections 3 In the Internet Connection Properties window click Settings to see port mappings Figure 107 Internet Connection Properties 4 You may edit or delete the port...

Page 180: ...e is disconnected from your computer all port mappings will be deleted automatically 5 Click OK Check the network icon on the system tray to see your Internet connection status Figure 110 System Tray...

Page 181: ...rking Nebula Mobile Router User s Guide 181 Figure 111 Internet Connection Status 9 8 Web Configurator Easy Access in Windows 10 Follow the steps below to access the Web Configurator 1 Open File Explo...

Page 182: ...splays under Network Infrastructure 4 Right click the icon for your Zyxel Device and select View device webpage The Web Configurator login screen displays Figure 113 Network Connections Network Infras...

Page 183: ...Chapter 9 Home Networking Nebula Mobile Router User s Guide 183 Figure 114 Network Connections Network Infrastructure Properties Example...

Page 184: ...e Zyxel Device s default gateway R1 You create one static route to connect to services offered by your ISP behind router R2 You create another static route to communicate with a separate network behin...

Page 185: ...ber of an individual static route Status This field indicates whether the rule is active yellow bulb or not gray bulb Name This is the name of the static route Destination IP This parameter specifies...

Page 186: ...r than caret or circumflex accent dollar sign vertical bar ampersand semicolon IP Type Select between IPv4 or IPv6 Compared to IPv4 IPv6 Internet Protocol version 6 is designed to enhance IP address s...

Page 187: ...r in charge of forwarding traffic to N2 In this case the Zyxel Device routes traffic from A to R and then R routes the traffic to B This tutorial uses the following example IP settings Table 65 IP Set...

Page 188: ...me as R 4b Set IP Type to IPv4 4c Type the Destination IP Address 192 168 10 0 and IP Subnet Mask 255 255 255 0 for the destination N2 4d Click the Use Gateway IP Address button to enable this functio...

Page 189: ...S Route screen Figure 118 Network Setting Routing DNS Route The following table describes the labels in this screen Table 66 Network Setting Routing DNS Route LABEL DESCRIPTION Add New DNS Route Click...

Page 190: ...e Edit icon to configure a DNS route on the Zyxel Device Click the Delete icon to remove a DNS route from the Zyxel Device Table 66 Network Setting Routing DNS Route continued LABEL DESCRIPTION Table...

Page 191: ...ng Routing Policy Route LABEL DESCRIPTION Add New Policy Route Click this to create a new policy forwarding rule This is the index number of the entry Status This field displays whether the DNS route...

Page 192: ...board characters not including spaces Source IP Address Enter the source IP address Source Subnet Mask Enter the source subnet mask address Protocol Select the transport layer protocol TCP UDP or None...

Page 193: ...version controls the format and the broadcasting method of the RIP packets that the Zyxel Device sends it recognizes both formats when receiving RIPv1 is universally supported but RIPv2 carries more...

Page 194: ...ed To Know The following terms and concepts may help as you read this chapter Inside Outside and Global Local Inside outside denotes where a host is located relative to the Zyxel Device for example th...

Page 195: ...both FTP and web service it might be better to specify a range of port numbers You can allocate a server IP address that corresponds to a port or a range of ports Please refer to RFC 1700 for further...

Page 196: ...gnifies that this rule is not active Service Name This is the service s name This shows User Defined if you manually added a service You can change this by clicking the edit icon Originating IP This i...

Page 197: ...t and Translation End Port fields Here is an example to configure port translation Configure Start Port to 100 End Port to 120 Translation Start Port to 200 and Translation End Port to 220 Note TCP po...

Page 198: ...er to use the application For example Start Port Configure this for a user defined entry Enter the original destination port for the packets To forward only one port enter the port number again in the...

Page 199: ...h TCP IP Transfer Control Protocol Internet Protocol Click Network Setting NAT Port Triggering to open the following screen Use this screen to view your Zyxel Device s trigger port settings Note TCP p...

Page 200: ...P address of the LAN computer that sent the traffic to a server on the WAN This is the first port number that identifies a service Trigger End Port This is the last port number that identifies a servi...

Page 201: ...Active Click to enable blue switch or disable gray switch to activate or deactivate the rule Service Name Enter a name to identify this rule using keyboard characters A Z a z 1 2 and so on WAN Interf...

Page 202: ...outbound proxy if your Zyxel Device is behind a SIP ALG Click Network Setting NAT ALG to open the ALG screen Use this screen to enable and disable the NAT Application Layer Gateway ALG in the Zyxel De...

Page 203: ...n inside local address ILA is the IP address of an inside host in a packet when the packet is still in the local network while an inside global address IGA is the IP address of the same inside host wh...

Page 204: ...d mapping NAT offers the additional benefit of firewall protection With no servers defined your Zyxel Device filters out all incoming inquiries thus preventing intruders from probing your network For...

Page 205: ...lias Port Forwarding Services and Port Numbers The most often used port numbers are shown in the following table Please refer to RFC 1700 for further information about port numbers Please also refer t...

Page 206: ...e and assign a default server IP address of 192 168 1 35 to a third C in the example You assign the LAN IP addresses and the ISP assigns the WAN IP address The NAT network appears as a single host on...

Page 207: ...entry for the resolved IP address in the routing table Note For information on configuring DNS route see Chapter 10 on page 184 12 1 1 What You Can Do in this Chapter Use the DNS Entry screen to view...

Page 208: ...it the Zyxel Device s DNS name and IP address entry Click Add New DNS Entry in the DNS Entry screen or the Edit icon next to the entry you want to edit The screen shown next appears Figure 135 Network...

Page 209: ...ble 80 Network Setting DNS DNS Entry Add or Edit LABEL DESCRIPTION Host Name Enter the host name of the DNS entry IPv4 Address Enter the IPv4 address of the DNS entry Cancel Click Cancel to exit this...

Page 210: ...u are off line Dynamic DNS Status User Authentication Result This shows Success if the account is correctly set up with the Dynamic DNS provider account Last Updated Time This shows the last time the...

Page 211: ...s in the same VLAN as the server Ports can belong to other VLAN groups too VLAN groups can be modified at any time by adding moving or changing ports without any re cabling A tagged VLAN uses an expli...

Page 212: ...n the following screen Use this screen to create a new VLAN group Table 82 Network Setting VLAN Group LABEL DESCRIPTION Add New VLAN Group Click this button to create a new VLAN group This is the inde...

Page 213: ...0 characters You can use letters numbers hyphens and underscores _ Spaces are not allowed VLAN ID Enter a unique ID number from 1 to 4 094 to identify this VLAN group Outgoing traffic is tagged with t...

Page 214: ...terface to a new group Alternatively you can have the Zyxel Device automatically add the incoming traffic and the LAN interface on which traffic is received to an interface group when its DHCP Vendor...

Page 215: ...utomatically add LAN clients to a new group use filtering criteria Note An interface can belong to only one group at a time Note After configuring a vendor ID reboot the client device attached to the...

Page 216: ...it LABEL DESCRIPTION Group Name Enter a name to identify this group You can enter up to 30 characters You can use letters numbers hyphens and underscores _ Spaces are not allowed WAN Interfaces used i...

Page 217: ...the interfaces to this group To remove a LAN or wireless LAN interface from the Selected LAN Interfaces use the right facing arrow Automatically Add Clients With the following DHCP Vendor IDs Click Ad...

Page 218: ...Select this and enter the device identity of the matched traffic Enter the Identity Association Identifier IAID of the device for example the WAN connection index number DHCP Option 125 Select this an...

Page 219: ...ices to join a workgroup In this case contact your network administrator 15 1 1 What You Need To Know The following terms and concepts may help as you read this chapter 15 1 1 1 About File Sharing Wor...

Page 220: ...d other operating systems refer to your systems specifications for CIFS compatibility 15 1 2 Before You Begin 1 Make sure the Zyxel Device is connected to your network and turned on 2 Connect the USB...

Page 221: ...le memory size in megabytes on the USB device Used Space This is the memory size in megabytes already used on the USB device Server Configuration File Sharing Services Click this switch to enable or d...

Page 222: ...SB of the file you shared Share Description This field displays a description of the file you shared Modify Click the Edit icon to change the settings of an existing share Click the Delete icon to del...

Page 223: ...in the Zyxel Device This field is read only when you are editing the share Share Path Manually enter the file path for the share or click the Browse button and select the folder that you want to add...

Page 224: ...Center NCC see Section 1 2 on page 18 for more information 16 2 Nebula Use this screen to Enable Nebula Discovery to have the Zyxel Device to try to connect to the NCC Configure the proxy server sett...

Page 225: ...and will only display ON when your Zyxel Device is being managed by NCC Use Proxy to Access to NCC If the Zyxel Device is behind a proxy server slide the switch to the right to enable this feature Con...

Page 226: ...initiate an IM Instant Messaging session from the LAN to the WAN 1 Return traffic for this session is also allowed 2 However other traffic initiated from the WAN is blocked 3 and 4 Figure 148 Default...

Page 227: ...and error reporting protocol between a host server and a gateway to the Internet ICMP uses Internet Protocol IP datagrams but the messages are processed by the TCP IP software and directly apparent t...

Page 228: ...ll to protect your Zyxel Device and network from attacks by hackers on the Internet and control access to it Use this screen to set the security level of the firewall on the Zyxel Device Firewall rule...

Page 229: ...wall protection when using IPv4 Internet Protocol version 4 IPv6 Firewall Enable firewall protection when using IPv6 Internet Protocol version 6 High This setting blocks all traffic to and from the In...

Page 230: ...curity Firewall Access Control to display the following screen Note The ordering of your rules is very important as rules are applied in turn Ports Protocol Number This shows the port number or range...

Page 231: ...used is over 80 the bar is red Add New ACL Rule Select an index number and click Add New ACL Rule to add a new firewall rule after the selected index number For example if you select 6 your new rule b...

Page 232: ...the Select Service box Protocol Select the protocol ALL TCP UDP TCP UDP ICMP or ICMPv6 used to transport the packets for which you want to apply the rule Custom Source Port This is a single port numb...

Page 233: ...ffic matches a rule the Zyxel Device takes the action specified in the rule Firewall rules are grouped based on the direction of travel of packets to which they apply By default the Zyxel Device s sta...

Page 234: ...LAN to the Internet Allow certain types of traffic such as Lotus Notes database synchronization from specific hosts on the Internet to specific hosts on the LAN Allow everyone except your competitors...

Page 235: ...ritical resources on the Internet For example if IRC Internet Relay Chat is blocked are there users that require this service 2 Is it possible to modify the rule to be more specific For example if IRC...

Page 236: ...nsists of six pairs of hexadecimal characters for example 00 A0 C5 00 00 02 You need to know the MAC addresses of wired LAN client to configure this screen 18 2 MAC Filter Enable MAC Address Filter an...

Page 237: ...me of the wired LAN clients that are allowed access to the Zyxel Device MAC Address Enter the MAC addresses of the or wired LAN clients that are allowed access to the Zyxel Device in these address fie...

Page 238: ...ine activities 19 2 Parental Control Schedule and URL Filter Use this screen to enable parental control and view parental control rules and schedules You can limit the time a user can access the Inter...

Page 239: ...Parental Control Profile PCP This shows the index number of the rule Status This indicates whether the rule is active or not A yellow bulb signifies that this rule is active A gray bulb signifies tha...

Page 240: ...Chapter 19 Parental Control Nebula Mobile Router User s Guide 240 Figure 157 Security Parental Control Add or Edit PCP General Rule List Internet Access Schedule...

Page 241: ...AC address for this PCP Up to five are allowed Click the Delete icon to remove one Internet Access Schedule Day Select check boxes for the days that you want the Zyxel Device to perform parental contr...

Page 242: ...of the rule Website This shows the URL of web site or URL keyword to which the Zyxel Device blocks or allows access Modify Click the Edit icon to go to the screen where you can edit the rule Click the...

Page 243: ...The following table describes the fields in this screen Cancel Click Cancel to exit this screen without saving any changes OK Click OK to save your changes Table 101 Security Parental Control Add or E...

Page 244: ...through this chapter Certification Authority A Certification Authority CA issues certificates and guarantees the identity of each certificate owner There are commercial certification authorities like...

Page 245: ...splays identifying information about the certificate s owner such as CN Common Name OU Organizational Unit or department O Organization or company and C Country It is recommended that each certificate...

Page 246: ...tes Local Certificates Create Certificate Request LABEL DESCRIPTION Certificate Name Type up to 63 ASCII characters not including spaces to identify this certificate Common Name Select Auto to have th...

Page 247: ...ecurity Certificates Local Certificates View Certificate The following table describes the fields in this screen Table 104 Security Certificates Local Certificates View Certificates LABEL DESCRIPTION...

Page 248: ...cate into a text editor and save the file on a management computer for later distribution Private Key This field displays the private key of this certificate Signing Request This field displays the CS...

Page 249: ...s general information about the certificate ca means that a Certification Authority signed the certificate Modify Click the View icon to open a screen with an in depth list of information about the ce...

Page 250: ...This section provides some technical background information about the topics covered in this chapter Table 107 Security Certificates Trusted CA View Certificate LABEL DESCRIPTION Name This field disp...

Page 251: ...ttempting to establish a connection The method used to secure the data that you send through an established connection depends on the type of connection For example a VPN tunnel might use the triple D...

Page 252: ...on your computer 2 Make sure that the certificate has a cer or crt file name extension Figure 167 Certificates on Your Computer 3 Double click the certificate s icon to open the Certificate window Cl...

Page 253: ...Errors consist of both logs and alerts You may differentiate them by their color in the View Log screen Alerts display in red and logs display in black Syslog Overview The syslog protocol allows devi...

Page 254: ...ording to the severity level you have selected When you select a severity the Zyxel Device searches through all logs of that severity or higher Category Select the type of logs to display Clear Log Cl...

Page 255: ...searches through all logs of that severity or higher Category Select the type of logs to display Clear Log Click this to delete all the logs Refresh Click this to renew the log screen Export Log Click...

Page 256: ...se the WAN screen to view the WAN traffic statistics Section 22 2 on page 256 Use the LAN screen to view the LAN traffic statistics Section 22 3 on page 257 22 2 WAN Status Click System Monitor Traffi...

Page 257: ...face Drop This indicates the number of outgoing packets dropped on this interface Packets Received Data This indicates the number of received packets on this interface Error This indicates the number...

Page 258: ...nterface Bytes Received This indicates the number of bytes received on this interface Interface This shows the LAN or WLAN interfaces Sent Packets Data This indicates the number of transmitted packets...

Page 259: ...st to all the devices on the LAN The device fills in its own MAC and IP address in the sender address fields and puts the known IP address of the target in the target IP address field In addition the...

Page 260: ...em Monitor ARP Table LABEL DESCRIPTION This is the ARP table entry number IPv4 IPv6 Address This is the learned IPv4 or IPv6 IP address of a device connected to a port MAC Address This is the MAC addr...

Page 261: ...xel Device takes the shortest path to forward a packet 24 2 Routing Table The table below shows IPv4 and IPv6 routing information The IPv4 subnet mask is 255 255 255 255 for a host destination and 0 0...

Page 262: ...able 114 System Monitor Routing Table LABEL DESCRIPTION IPv4 IPv6 Routing Table Destination This indicates the destination IPv4 address or IPv6 address and prefix of this route Gateway This indicates...

Page 263: ...oute is modified from a routing daemon or redirect Metric The metric represents the cost of transmission A router determines the best route for transmission by choosing a path with the lowest cost The...

Page 264: ...s Figure 175 System Monitor WLAN Station Status The following table describes the labels in this screen Table 115 System Monitor WLAN Station Status LABEL DESCRIPTION This is the index number of an as...

Page 265: ...field displays a number which represents the strength of the WiFi signal between an associated wireless station and the Zyxel Device The Zyxel Device uses the RSSI and SNR values to determine the str...

Page 266: ...details and signal strength value that you can use as reference for positioning the Zyxel Device as well as SIM card and module information 26 2 Cellular WAN Status To open this screen click System Mo...

Page 267: ...Chapter 26 Cellular WAN Status Nebula Mobile Router User s Guide 267 Figure 176 System Monitor Cellular WAN Status...

Page 268: ...AN Status Nebula Mobile Router User s Guide 268 Figure 177 System Monitor Cellular WAN Status Service Information Note The fields in the screen may differ slightly based on the Access Technology your...

Page 269: ...Mobile Subscriber Identity IMSI of the installed SIM card An IMSI is a unique ID used to identify a mobile subscriber in a mobile network ICCID Integrated Circuit Card Identifier ICCID This is the se...

Page 270: ...bile network it is connecting to The normal range is 1 to 504 UL Bandwidth MHz This shows the cellular channel bandwidth from the Zyxel Device to the base station According to 3GPP specifications the...

Page 271: ...or there is no network connection LAC This displays the 2 octet Location Area Code LAC which is used to identify a location area within a PLMN The LAC of the connected cell is as defined in SIB 1 3GPP...

Page 272: ...he connection mode of the detected neighbor cell PhyCellID This shows the Physical Cell ID PCI which are queries and replies between the Zyxel Device and the mobile network it is connecting to The nor...

Page 273: ...You can use up to 30 alphanumeric characters except or Figure 178 Maintenance System The following table describes the labels in this screen Table 117 Maintenance System LABEL DESCRIPTION Host Name Ty...

Page 274: ...four User accounts This is the index number Active This indicates whether the user account is active or not The check box is selected when the user account is enabled It is cleared when it is disable...

Page 275: ...e 119 Maintenance User Account User Account Add Edit LABEL DESCRIPTION Active Click to enable switch turns blue or disable switch turns gray to activate or deactivate the user account User Name Enter...

Page 276: ...RP Table Routing Table Cellular WAN Status System User Account Remote Management TR 069 Client Time Email Notification Log Setting Firmware Upgrade Backup Restore Reboot Diagnostic The User privileges...

Page 277: ...ecific IP addresses Section 29 3 on page 279 Use MGMT Services for IP Passthrough to configure which interfaces you can use to access the Zyxel Device for a given service Section 29 5 on page 280 Use...

Page 278: ...Zyxel Device you can select which to use for device management ETHWAN Enable the Ethernet WAN connection configured in Network Setting Broadband Ethernet WAN to access the service on the Zyxel Device...

Page 279: ...ent Trust Domain The following table describes the fields in this screen 29 4 Add Trust Domain Use this screen to add a public IP addresses or a complete domain name of a device which is allowed to ac...

Page 280: ...traffic to go to a LAN computer behind the Zyxel Device without going through NAT Make sure to enable IP Passthrough in Network Setting Broadband Cellular IP Passthrough Click Maintenance Remote Manag...

Page 281: ...MGMT Services for IP Passthrough LABEL DESCRIPTION Service This is the service you may use to access the Zyxel Device WAN Select the Enable check box for the corresponding services that you want to a...

Page 282: ...n to open the following screen Figure 186 Maintenance Remote Management Trust Domain for IP Passthrough Add Trust Domain The following table describes the fields in this screen Table 125 Maintenance R...

Page 283: ...e can be managed via a management server TR 069 is based on sending Remote Procedure Calls RPCs between an Auto Configuration Server ACS and a client device RPCs are sent in Extensible Markup Language...

Page 284: ...Chapter 30 TR 069 Client Nebula Mobile Router User s Guide 284 Figure 187 Maintenance TR 069 Client...

Page 285: ...also need to select two or more pre configured WAN interfaces The Zyxel Device automatically passes the TR 069 traffic when one of the selected WAN connections is up Cellular WAN The Zyxel Device auto...

Page 286: ...e Zyxel Device will use the address to connect to the XMPP server XMPP Server Port Enter the TCP port reserved for the XMPP server The default is 5222 1 65535 Apply Click Apply to save your changes Ca...

Page 287: ...tive scheduling and logging the Zyxel Device system time must be accurate Use this screen to configure the Zyxel Device s time based on your local time zone You can enter a time server address select...

Page 288: ...ate Time Current Time This displays the time of your Zyxel Device Each time you reload this screen the Zyxel Device synchronizes the time with the time server Current Date This displays the date of yo...

Page 289: ...ld Daylight Saving Time starts in the European Union on the last Sunday of March All of the time zones in the European Union start using Daylight Saving Time at the same moment 1 A M GMT or UTC So in...

Page 290: ...ication Edit Click the Add button in the E mail Notification screen Use this screen to configure the required information for sending email through a mail server Table 128 Maintenance E mail Notificat...

Page 291: ...account you specified in the Account email Address field Authentication Password Enter the password associated with the user name above Account e mail Address Enter the email address that you want to...

Page 292: ...ogs the Zyxel Device records If you have a server that is running a syslog service you can also save log files to it by enabling Syslog Logging and then entering the IP address of the server in the Sy...

Page 293: ...Chapter 33 Log Setting Nebula Mobile Router User s Guide 293 Figure 190 Maintenance Log Setting...

Page 294: ...it will turn blue to allow the sending through email the system and security logs to the email address specified in Send Log to Note Make sure that the Mail Server Address field is not left blank in...

Page 295: ...255 default policy forward 09 54 17 UDP src port 00520 dest port 00520 1 00 3 Apr 7 00 From 192 168 1 6 To 10 10 10 10 match forward 09 54 19 UDP src port 03516 dest port 00053 1 01 snip snip 126 Apr...

Page 296: ...n lets you upload new firmware to your Zyxel Device by using any of the following methods Download the latest firmware file from the Zyxel website Or Make sure your Zyxel Device is connected to the In...

Page 297: ...ESCRIPTION Upgrade Firmware Restore Default Settings After Firmware Upgrade Select this to enable this option that restores the factory default to the Zyxel Device after upgrading the firmware Otherwi...

Page 298: ...he following screen Figure 196 Maintenance Firmware Upgrade Module Upgrade The following table describes the labels in this screen Table 132 Maintenance Firmware Upgrade Module Upgrade LABEL DESCRIPTI...

Page 299: ...automatically restarts in this time causing a temporary network disconnect In some operating systems you may see the following icon on your desktop Figure 197 Network Temporarily Disconnected After tw...

Page 300: ...actory default settings and backup configuration are shown in this screen You can also use this to restore previous device configurations 35 2 Backup Restore Click Maintenance Backup Restore Informati...

Page 301: ...current configuration to a file on your computer Once your Zyxel Device is configured and functioning properly it is highly recommended that you back up your configuration file before making configura...

Page 302: ...f your computer to be in the same subnet as that of the default Zyxel Device IP address 192 168 1 1192 168 123 1 If the upload was not successful an error screen will appear Click OK to go back to the...

Page 303: ...el to reset the factory defaults of your Zyxel Device 35 3 Reboot System Reboot allows you to reboot the Zyxel Device remotely without turning the power off You may need to do this if the Zyxel Device...

Page 304: ...llowing table describes the labels in this screen Table 134 Maintenance Reboot Schedule Reboot LABEL DESCRIPTION Periodically Select this to have the Zyxel Device to reboot periodically Day of Week Se...

Page 305: ...is screen to ping traceroute nslookup or speed test for troubleshooting Ping and traceroute are used to test whether a particular host is reachable After entering an IP address and clicking one of the...

Page 306: ...ress or host name in order to test a connection The ping statistics will show in the info area Ping 6 Click this button to perform a ping test on the IPv6 address or host name in order to test a conne...

Page 307: ...307 PART III Troubleshooting and Appendices Appendices contain general information Some information may not apply to your Zyxel Device...

Page 308: ...n Non PoE Devices 1 Make sure you are using the power adapter included with the Zyxel Device 2 Make sure the power adapter is connected to the Zyxel Device and plugged in to an appropriate power sourc...

Page 309: ...ind the IP address of the Zyxel Device by looking up the IP address of your computer s default gateway To do this in Microsoft Windows click Start Run enter cmd and then enter ipconfig The IP address...

Page 310: ...ven if they were through a different interface or using a different browser Try to access the Zyxel Device using another service such as Telnet If you can access the Zyxel Device check the remote mana...

Page 311: ...WAN IP address that your Zyxel Device is currently using You can find the IP address on the Zyxel Device s Web Configurator Status page Then you will need to configure the same account and host name o...

Page 312: ...loose debris using compressed air 4 Clean the gold connectors on the SIM card with a clean lint free cloth 5 Insert the SIM card into its slot and connect the Zyxel Device to the power supply to rest...

Page 313: ...minute to the next as network utilization increases If poor performance is experienced at a later stage re test different installation locations again It is possible that the current serving cellular...

Page 314: ...ng some programs that use the Internet especially peer to peer applications 2 Check the signal strength Look at the LEDs and check the LED section for more information If the signal strength is low tr...

Page 315: ...itors electric motors cordless phones and other WiFi devices To optimize the speed and quality of your WiFi connection you can Move your WiFi device closer to the AP if the signal strength is low Redu...

Page 316: ...xel Device 1 Make sure that UPnP is enabled in your computer For Windows 10 see Section 9 7 on page 176 2 On the Zyxel Device make sure that UPnP is enabled on the Network Settings Home Networking UPn...

Page 317: ...l com index shtml for the latest information Please have the following information ready when you contact an office Required Information Product model and serial number Warranty Information Date that...

Page 318: ...l com pk Philippines Zyxel Philippines http www zyxel com ph Singapore Zyxel Singapore Pte Ltd http www zyxel com sg Taiwan Zyxel Communications Corporation https www zyxel com tw zh Thailand Zyxel Th...

Page 319: ...ns https www zyxel com fi fi France Zyxel France https www zyxel fr Germany Zyxel Deutschland GmbH https www zyxel com de de Hungary Zyxel Hungary SEE https www zyxel com hu hu Italy Zyxel Communicati...

Page 320: ...k sk Spain Zyxel Communications ES Ltd https www zyxel com es es Sweden Zyxel Communications https www zyxel com se sv Switzerland Studerus AG https www zyxel ch de https www zyxel ch fr Turkey Zyxel...

Page 321: ...ications Corporation https www zyxel com co es Ecuador Zyxel Communications Corporation https www zyxel com co es South America Zyxel Communications Corporation https www zyxel com co es Middle East I...

Page 322: ...etwork or Independent Basic Service Set IBSS The following diagram shows an example of notebook computers using wireless adapters to form an ad hoc wireless LAN Figure 206 Peer to Peer Communication i...

Page 323: ...is wired connection between APs is called a Distribution System DS This type of wireless LAN topology is called an Infrastructure WLAN The Access Points not only provide communication with the wired n...

Page 324: ...rtially overlap however To avoid interference due to overlap your AP should be on a channel at least five channels away from a channel that an adjacent AP is using For example if your region has 11 ch...

Page 325: ...requested transmission Stations can send frames smaller than the specified RTS CTS directly to the AP without the RTS Request To Send CTS Clear to Send handshake You should only configure RTS CTS if t...

Page 326: ...restricting access by device MAC address and hiding the Zyxel Device identity The following figure shows the relative effectiveness of these wireless security methods available on your Zyxel Device No...

Page 327: ...nnected to the network Accounting Keeps track of the client s network activity RADIUS is a simple package exchange in which your AP acts as a message relay between the WiFi client and the network RADI...

Page 328: ...rypting the password with the challenge and sends back the information Password is not sent in plain text However MD5 authentication has some weaknesses Since the authentication server needs to get th...

Page 329: ...ecurity certificate based authentications EAP TLS EAP TTLS and PEAP use dynamic keys for data encryption They are often deployed in corporate environments but for public deployment a simple user name...

Page 330: ...ed between the AP and the WiFi clients This all happens in the background automatically The Message Integrity Check MIC is designed to prevent an attacker from capturing data packets altering them and...

Page 331: ...s built in Zero Configuration wireless client However you must run Windows XP to use it WPA 2 with RADIUS Application Example To set up WPA 2 you need the IP address of the RADIUS server its port numb...

Page 332: ...IP or AES encryption process the PMK and information exchanged in a handshake to create temporal encryption keys They use these keys to encrypt data exchanged between them Figure 211 WPA 2 PSK Authent...

Page 333: ...rease of approximately 2 5 For an unobstructed outdoor site each 1dB increase in gain results in a range increase of approximately 5 Actual results may vary depending on the network environment Antenn...

Page 334: ...Antennas In general antennas should be mounted as high as practically possible and free of obstructions In point to point application position both antennas at the same height and in a direct line of...

Page 335: ...00 1a2f 0015 2001 db8 1a2f 0 0 15 or 2001 db8 0 0 1a2f 15 Prefix and Prefix Length Similar to an IPv4 subnet mask IPv6 uses an address prefix to represent the network address An IPv6 prefix length spe...

Page 336: ...llowing table describes some of the predefined multicast addresses The following table describes the multicast addresses which are reserved and cannot be assigned to a multicast group Table 141 Predef...

Page 337: ...IA is a collection of addresses assigned to a DHCP client through which the server and client can manage a set of related IP addresses Each IA must be associated with exactly one interface The DHCP cl...

Page 338: ...ICMPv6 Internet Control Message Protocol for IPv6 ICMPv6 or ICMP for IPv6 is defined in RFC 4443 ICMPv6 has a preceding Next Header value of 58 which is different from the value used to identify ICMP...

Page 339: ...tisement messages Multicast Listener Discovery The Multicast Listener Discovery MLD protocol defined in RFC 2710 is derived from IPv4 s Internet Group Management Protocol version 2 IGMPv2 MLD uses ICM...

Page 340: ...6 address This example shows a global address 2001 b021 2d 1000 obtained from a DHCP server C ipconfig Windows IP Configuration Ethernet adapter Local Area Connection Connection specific DNS Suffix IP...

Page 341: ...type of IP protocol used by the service If this is TCP UDP then the service uses the same port number with TCP and UDP If this is USER DEFINED the Port s is the IP protocol number not the port number...

Page 342: ...f files including large files that may not be possible by email H 323 TCP 1720 NetMeeting uses this protocol HTTP TCP 80 Hyper Text Transfer Protocol a client server protocol for the world wide web HT...

Page 343: ...eb REXEC TCP 514 Remote Execution Daemon RLOGIN TCP 513 Remote Login ROADRUNNER TCP UDP 1026 This is an ISP that provides services mainly for cable modems RTELNET TCP 107 Remote Telnet RTSP TCP UDP 55...

Page 344: ...login and terminal emulation protocol common on the Internet and in UNIX environments It operates over TCP IP networks Its primary function is to allow users to log into remote host systems VDOLIVE TC...

Page 345: ...tial installation This device generates uses and can radiate radio frequency energy and if not installed and used according to the instructions may cause harmful interference to radio communications H...

Page 346: ...s d antenne num r s ci dessous et ayant un gain admissible maximal Les types d antenne non inclus dans cette liste et dont le gain est sup rieur au gain maximal indiqu pour tout type figurant sur la l...

Page 347: ...trictions or requirements or both are applicable The requirements for any country may evolve Zyxel recommends that you check with the local authorities for the latest status of their national regulati...

Page 348: ...10 WCDMA The band 880 915 MHz is 24 dBm The band 1920 1980 MHz is 24 dBm LTE The band 703 748 MHz is 23 dBm The band 832 862 MHz is 23 dBm The band 880 915 MHz is 23 dBm The band 1452 1496 MHz is 23 d...

Page 349: ...adijska oprema tipa u skladu s Direktivom 2014 53 UE slenska Icelandic H r me l sir Zyxel v yfir a essi b na ur er samr mi vi grunnkr fur og nnur vi eigandi kv i tilskipunar 2014 53 UE Italiano Italia...

Page 350: ...power outlet Do not allow anything to rest on the power adapter or cord and do NOT place the product where anyone can walk on the power adapter or cord Please use the provided or designated connectio...

Page 351: ...den rtlichen Bestimmungen getrennt vom Hausm ll entsorgt werden muss Wenden Sie sich an eine Recyclingstation wenn dieses Produkt das Ende seiner Lebensdauer erreicht hat Zum Zeitpunkt der Entsorgung...

Page 352: ...and upon proof of purchase should the product have indications of failure due to faulty workmanship and or materials Zyxel will at its discretion repair or replace the defective products or component...

Page 353: ...ind to the purchaser To obtain the services of this warranty contact your vendor You may also refer to the warranty policy for the region in which you bought the Zyxel Device at http www zyxel com web...

Page 354: ...nfiguration 301 Backup Restore screen 300 Band Configuration screen 123 Basic Service Set See BSS 322 Basic Service Set see BSS blinking LEDs 26 Broadband 106 BSS 155 322 example 155 C CA 251 328 Cell...

Page 355: ...screens 305 digital IDs 244 disclaimer 345 DMZ screen 201 DNS 163 174 DNS Values 167 Domain Name 205 domain name system see DNS DoS 227 thresholds 227 DoS protection blocking enable 233 dynamic DNS w...

Page 356: ...e Global Address see IGA Inside Local Address see ILA interface group 214 Internet no access 313 wizard setup 51 Internet access 22 wizard setup 51 Internet Blocking 90 Internet connection slow or err...

Page 357: ...reen 277 280 models XS1930 17 module firmware 298 Multi_WAN Remote Management 278 TR 069 traffic 285 N NAT 203 204 applications 205 IP alias 205 default server 201 DMZ host 201 example 204 global 203...

Page 358: ...Reboot screen 303 RESET Button 38 reset to factory defaults 302 restart system 303 restore default settings after firmware upgrade 297 restoring configuration 302 RFC 1058 see RIP RFC 1389 see RIP RFC...

Page 359: ...ted CA screen 248 TWT Target Wakeup Time 133 U Universal Plug and Play see UPnP upgrading firmware 296 upgrading module firmware 298 UPnP 171 forum 164 NAT traversal 163 security issues 163 state 172...

Page 360: ...s WPA PSK 330 wireless client supplicant 331 with RADIUS application example 331 WPA2 136 329 user authentication 330 vs WPA2 PSK 330 wireless client supplicant 331 with RADIUS application example 331...

Page 361: ...Index Nebula Mobile Router User s Guide 361 Zyxel Nebula Control Center 18...

Reviews:

No comments

Related manuals for LTE3301-PLUS

D-Link DSL-2740B Installation Manual preview
DSL-2740B
Brand: D-Link Pages: 10
3Com IntelliJack NJ200 Datasheet preview
IntelliJack NJ200
Brand: 3Com Pages: 4
CAME QBEMFSB2 User Manual preview
QBEMFSB2
Brand: CAME Pages: 19
IBM 11a Quick Start Manual preview
11a
Brand: IBM Pages: 32
Paradyne Hotwire 5100 User Manual preview
Hotwire 5100
Brand: Paradyne Pages: 45
Hawking CF100W Specifications preview
CF100W
Brand: Hawking Pages: 2
Moxa Technologies ICS-G7748A Series Quick Installation Manual preview
ICS-G7748A Series
Brand: Moxa Technologies Pages: 10
Hornington AirStation WHR-G300N Settings preview
AirStation WHR-G300N
Brand: Hornington Pages: 6
National Instruments Fieldpoint cFP-RTD-124 Operating Instructions Manual preview
Fieldpoint cFP-RTD-124
Brand: National Instruments Pages: 15
Balluff BIC 1I12-P2A25-M30MI1-BPX05-110 User Manual preview
BIC 1I12-P2A25-M30MI1-BPX05-110
Brand: Balluff Pages: 12
Lancom 7100 VPN Manual preview
7100 VPN
Brand: Lancom Pages: 70
Patton electronics SMARTNODE 4950 Quick Start Manual preview
SMARTNODE 4950
Brand: Patton electronics Pages: 12
Comet Labs GS8+ User Manual preview
GS8+
Brand: Comet Labs Pages: 11
iGateWeb.com iGate User Manual preview
iGate
Brand: iGateWeb.com Pages: 6
Axis P3365-V Installation Manual preview
P3365-V
Brand: Axis Pages: 98
Oracle Acme Packet 3900 Hardware Installation And Maintenance Manual preview
Acme Packet 3900
Brand: Oracle Pages: 70
RadioSPECTRAL ICOM IC-7300 Installation Manual preview
ICOM IC-7300
Brand: RadioSPECTRAL Pages: 2
Lanner NCA-6520 User Manual preview
NCA-6520
Brand: Lanner Pages: 141

Brands by name

Popular brands

Load more brands