ZyXEL Communications MAX-306M1 User Manual Download | Manualshive

Page: 185 / 376

background image

Chapter 15 The Certificates Screens

User’s Guide

185

Certification authorities maintain directory servers with databases of valid and
revoked certificates. A directory of certificates that have been revoked before the
scheduled expiration is called a CRL (Certificate Revocation List). The WiMAX
Modem can check a peer’s certificate against a directory server’s list of revoked
certificates. The framework of servers, software, procedures and policies that
handles keys is called PKI (public-key infrastructure).

15.4.1.1 Advantages of Certificates

Certificates offer the following benefits.

• The WiMAX Modem only has to store the certificates of the certification

authorities that you decide to trust, no matter how many devices you need to

authenticate.

• Key distribution is simple and very secure since you can freely distribute public

keys and you never need to transmit private keys.

15.4.1.2 Self-signed Certificates

You can have the WiMAX Modem act as a certification authority and sign its own
certificates.

15.4.1.3 Factory Default Certificate

The WiMAX Modem generates its own unique self-signed certificate when you first
turn it on. This certificate is referred to in the GUI as the factory default
certificate.

15.4.1.4 Certificate File Formats

Any certificate that you want to import has to be in one of these file formats:

• Binary X.509: This is an ITU-T recommendation that defines the formats for

X.509 certificates.

• PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses

lowercase letters, uppercase letters and numerals to convert a binary X.509

certificate into a printable form.

• Binary PKCS#7: This is a standard that defines the general syntax for data

(including digital signatures) that may be encrypted. A PKCS #7 file is used to

transfer a public key certificate. The private key is not included. The WiMAX

Modem currently allows the importation of a PKS#7 file that contains a single

certificate.

• PEM (Base-64) encoded PKCS#7: This Privacy Enhanced Mail (PEM) format uses

lowercase letters, uppercase letters and numerals to convert a binary PKCS#7

certificate into a printable form.

Note: Be careful to not convert a binary file to text during the transfer process. It is

easy for this to occur since many programs use text files by default.

«
...
183
184
185
186
187
...
»

Summary of Contents for MAX-306M1

Page 1: ...Models MAX 306M1 2 5 GHz and MAX 316M1 3 5 GHz Copyright 2009 ZyXEL Communications Corporation Firmware Version 3 70 Edition 1 12 2009 Default Login Details IP Address http 192 168 1 1 User Name admin...

Page 2: ......

Page 3: ...on setting up your network and configuring for Internet access Web Configurator Online Help Embedded web help for descriptions of individual screens and supplementary information Support Disc Refer t...

Page 4: ...n bold font A key stroke is denoted by square brackets and uppercase text for example ENTER means the enter or return key on your keyboard Enter means for you to type one or more characters and then p...

Page 5: ...r s Guide may use the following generic icons The WiMAX Modem icon is not an exact representation of your WiMAX Modem Table 1 Common Icons WiMAX Access Point Computer Wireless Signal Notebook Server W...

Page 6: ...ce Connect it to the right supply voltage for example 110V AC in North America or 230V AC in Europe Do NOT remove the plug and connect it to a power outlet by itself always attach the plug to the powe...

Page 7: ...nst voltage surges Your product is marked with this symbol which is known as the WEEE mark WEEE stands for Waste Electronics and Electrical Equipment It means that used electrical and electronic produ...

Page 8: ...Safety Warnings User s Guide 8...

Page 9: ...on Screens 85 The VPN Transport Screens 97 The NAT Configuration Screens 109 The System Configuration Screens 119 Voice Screens 129 The Service Configuration Screens 131 The Phone Screens 149 The Phon...

Page 10: ...Contents Overview User s Guide 10...

Page 11: ...iMAX Internet Access 31 1 1 2 Make Calls via Internet Telephony Service Provider 32 1 2 WiMAX Modem Hardware 33 1 2 1 LEDs 33 1 3 Good Habits for Managing the Device 34 Chapter 2 Introducing the Web C...

Page 12: ...urs 55 5 2 4 Blocking Web Sites by Keyword 57 5 3 Configuring Your Internet Phone 59 5 3 1 Placing an Internet Phone Call 61 5 4 Remotely Managing Your WiMAX Modem 62 Part II Basic Screens 63 Chapter...

Page 13: ...to Know 85 8 2 Internet Connection 88 8 3 WiMAX Configuration 90 8 3 1 Frequency Ranges 92 8 3 2 Configuring Frequency Settings 92 8 3 3 Using the WiMAX Frequency Screen 93 8 4 Advanced 94 Chapter 9...

Page 14: ...al 121 11 3 Dynamic DNS 122 11 4 Firmware 124 11 4 1 The Firmware Upload Process 125 11 5 Configuration 126 11 5 1 The Restore Configuration Process 127 11 6 Restart 127 11 6 1 The Restart Process 128...

Page 15: ...vices 154 13 5 3 USA Type Supplementary Services 156 Chapter 14 The Phone Book Screens 159 14 1 Overview 159 14 1 1 What You Can Do in This Chapter 159 14 1 2 What You Need to Know 159 14 2 Incoming C...

Page 16: ...4 16 4 1 Stateful Inspection Firewall 194 16 4 2 Guidelines For Enhancing Security With Your Firewall 195 16 4 3 The Triangle Route Problem 195 Chapter 17 Content Filter 199 17 1 Overview 199 17 1 1 W...

Page 17: ...235 21 2 1 Packet Statistics 239 21 2 2 WiMAX Site Information 241 21 2 3 DHCP Table 242 21 2 4 VoIP Statistics 243 21 2 5 WiMAX Profile 245 Part VI Troubleshooting and Specifications 247 Chapter 22...

Page 18: ...71 Appendix C Pop up Windows JavaScripts and Java Permissions 299 Appendix D IP Addresses and Subnetting 309 Appendix E Importing Certificates 321 Appendix F SIP Passthrough 353 Appendix G Common Serv...

Page 19: ...ll Example 59 Figure 17 SETUP Set IP Address 66 Figure 18 SETUP DHCP Client 67 Figure 19 SETUP Time Setting 68 Figure 20 ADVANCED LAN Configuration DHCP Setup 74 Figure 21 ADVANCED LAN Configuration S...

Page 20: ...estart 127 Figure 56 VOICE Service Configuration SIP Setting 133 Figure 57 STUN Example 135 Figure 58 VOICE Service Configuration SIP Settings Advanced 137 Figure 59 VOICE Service Configuration QoS 14...

Page 21: ...formation 241 Figure 104 DHCP Table 242 Figure 105 VoIP Statistics 243 Figure 106 WiMAX Profile 245 Figure 107 Windows XP Start Menu 272 Figure 108 Windows XP Control Panel 272 Figure 109 Windows XP C...

Page 22: ...igure 144 openSUSE Connection Status KNetwork Manager 297 Figure 145 Pop up Blocker 299 Figure 146 Internet Options Privacy 300 Figure 147 Internet Options Privacy 301 Figure 148 Pop up Blocker Settin...

Page 23: ...fox 2 Certificate Manager 335 Figure 185 Firefox 2 Select File 335 Figure 186 Firefox 2 Tools Menu 336 Figure 187 Firefox 2 Options 336 Figure 188 Firefox 2 Certificate Manager 337 Figure 189 Firefox...

Page 24: ...List of Figures User s Guide 24...

Page 25: ...ADVANCED WAN Configuration Internet Connection ISP Parameters for Internet Access 88 Table 20 Radio Frequency Conversion 91 Table 21 ADVANCED WAN Configuration WiMAX Configuration 91 Table 22 DL Freq...

Page 26: ...ble 56 VOICE Phone Book Speed Dial 163 Table 57 TOOLS Certificates My Certificates 168 Table 58 TOOLS Certificates My Certificates 168 Table 59 TOOLS Certificates My Certificates Create 171 Table 60 T...

Page 27: ...100 FSM Logs Caller Side 233 Table 101 FSM Logs Callee Side 233 Table 102 Lifeline Logs 233 Table 103 Status 236 Table 104 Packet Statistics 240 Table 105 WiMAX Site Information 241 Table 106 DHCP Tab...

Page 28: ...List of Tables User s Guide 28 Table 124 24 bit Network Number Subnet Planning 316 Table 125 16 bit Network Number Subnet Planning 317 Table 126 Commonly Used Services 355...

Page 29: ...29 PART I Introduction and Wizards Getting Started 31 Introducing the Web Configurator 35 Internet Connection Wizard 41 VoIP Connection Wizard 47...

Page 30: ...30...

Page 31: ...agement See Chapter 23 on page 257 for a complete list of features for your model 1 1 1 WiMAX Internet Access Connect your computer or network to the WiMAX Modem for WiMAX Internet access See the Quic...

Page 32: ...ls via Internet Telephony Service Provider In a home or small office environment you can use the WiMAX Modem to make and receive the following types of VoIP telephone calls Peer to Peer calls Use the...

Page 33: ...m is not receiving power Green The WiMAX Modem is receiving power and functioning correctly Strength Indicator The Strength Indicator LEDs display the Received Signal Strength Indication RSSI of the w...

Page 34: ...you know how to restore it Restoring an earlier working configuration may be useful if the WiMAX Modem becomes unstable or even crashes If you forget your password you will have to reset the WiMAX Mod...

Page 35: ...der to use the web configurator you need to allow Web browser pop up windows from your device Web pop up blocking is enabled by default in many operating systems and web browsers JavaScript enabled by...

Page 36: ...Cancel to revert to the default password in the password field If you have changed the password enter your password and click Login 5 The following screen displays if you have not yet changed your pas...

Page 37: ...The wizard selection screen appears after you click it See Chapter 3 on page 41 for more information Click Go to Advanced setup if you want to configure features that are not available in the wizards...

Page 38: ...ced shortcuts to all of the other screens Note Some features in the web configurator may not be available depending on your firmware version and or configuration Figure 5 Main Screen The following tab...

Page 39: ...help Wizard Click to run the Internet Connection and VoIP Connection Setup Wizard All of the settings that you can configure in this wizard are also available in these web configurator screens Logout...

Page 40: ...Version Date This field indicates the exact date and time the current firmware was compiled System Uptime This field indicates how long the WiMAX Modem has been on This resets every time you shut the...

Page 41: ...h several steps where you can configure your Internet and VoIP settings 3 1 1 Welcome to the ZyXEL Setup Wizard This is the welcome screen for the ZyXEL Setup Wizard You can choose to either configure...

Page 42: ...nnection Wizard System Information LABEL DESCRIPTION System Name System Name is a unique name to identify the WiMAX Modem in an Ethernet network Enter a descriptive name This name can be up to 30 alph...

Page 43: ...tion Figure 8 Internet Connection Wizard Authentication Settings Screen The following table describes the labels in this screen Table 6 Internet Connection Wizard Authentication Settings Screen LABEL...

Page 44: ...ou are unsure of the correct setting for your account Choose from the following user authentication methods TTLS Tunnelled Transport Layer Security TLS Transport Layer Security Note Not all WiMAX Mode...

Page 45: ...e 9 Internet Connection Wizard IP Address The following table describes the labels in this screen Table 7 Internet Connection Wizard IP Address LABEL DESCRIPTION IP Address My computer or device gets...

Page 46: ...te to www zyxel com If everything was configured properly the web page should display You can now surf the Internet Refer to the rest of this guide for more detailed information on the complete range...

Page 47: ...o use a traditional analog telephone to make Internet calls You can configure the WiMAX Modem to use up to two SIP based VoIP accounts 4 2 Welcome to the ZyXEL Setup Wizard This is the welcome screen...

Page 48: ...P provider com You can use up to 127 ASCII characters SIP Server Address Type the IP address or domain name of the SIP server in this field It doesn t matter whether the SIP server is a proxy redirect...

Page 49: ...This screen displays if SIP account registration fails Check your WiMAX connection using the WiMAX Link and Strength Indicator LEDs on the front of the WiMAX Modem then wait a few seconds and click Re...

Page 50: ...can click Back and try re entering your SIP account settings Figure 14 VoIP Connection SIP Registration Fail 4 2 2 Setup Complete Click Close to complete and save the VoIP Connection settings Figure 1...

Page 51: ...eb Configurator on page 35 before working through the tutorials presented here For field descriptions of individual screens see the related technical reference in this User s Guide 5 2 Setting Up a Sm...

Page 52: ...n the ADVANCED LAN Configuration DHCP Setup screen 3 Select Enable DHCP Server then enter 192 168 100 34 as your IP Pool Starting Address and 32 for your Pool Size 4 In the DNS Server section set the...

Page 53: ...gured and hooked up you will want to connect it to the Internet next To do this just run the Internet Connection Wizard Chapter 3 on page 41 which walks you through the process 5 2 2 Changing Service...

Page 54: ...ation screen and configure your new Internet access settings based on the information provided by your ISP Note You can also use the Internet Connection Wizard to configure these settings 4 From the C...

Page 55: ...nt to block web access and video chat during a specific block of hours such as during your daughter s designated study hours Goal Configure the WiMAX Modem s firewall to block web and video chat acces...

Page 56: ...for other types of traffic such as ports 25 and 587 for e mail and port 21 for FTP The Blocked Services window updates accordingly 4 Next configure the Schedule to Block area with the days and hours...

Page 57: ...to control the content you do allow to pass through the WiMAX Modem For example once your daughter s designated study hours end you allow web access and video chat but want to restrict certain sites G...

Page 58: ...ites with these keywords for a specific computer in your household such as the computer in the master bedroom then add that computer s IP address to the Trusted IP Address field 5 Click Apply to save...

Page 59: ...Modem first connects to your account s SIP server C and presents your SIP account login credentials The SIP server then connects to the other party D using the SIP number you just dialed if he or she...

Page 60: ...n leave the Port settings at their default values 3 Click Apply to save your changes 4 Next click VOICE Phone Analog Phone This is where you will configure your phone settings to bind your SIP setting...

Page 61: ...onfigure a speed dial entry in the WiMAX Modem s internal phone book Required The following table provides a summary of the information you will need to complete the tasks in this tutorial 1 Open the...

Page 62: ...Management WWW screen 2 Leave the Server Port setting as 80 in order to allow computers back at the WiMAX Modem s location to continue to access the Internet 3 From the Server Access menu select WAN T...

Page 63: ...63 PART II Basic Screens The Main Screen 38 The Setup Screens 65...

Page 64: ...64...

Page 65: ...w The following terms and concepts may help as you read through this chapter LAN A Local Area Network or a shared communication system to which many computers are attached A LAN as its name implies is...

Page 66: ...f there has been any temporal drift NTP NTP stands for Network Time Protocol It is employed by devices connected to the Internet in order to obtain a precise time setting from an official time server...

Page 67: ...LAN If the web configurator is running on a computer on the LAN you lose access to it as soon as you change this field and click Apply You can access the web configurator again by typing the new IP ad...

Page 68: ...ved When the DHCP server issues IP addresses reserved IPs are assigned to specific client devices If the IP address is reserved the client device identified by its MAC address will always receive this...

Page 69: ...ime server uses Check with your ISP or network administrator or use trial and error to find a protocol that works Daytime RFC 867 This format is day month year time zone Time RFC 868 This format displ...

Page 70: ...n the following circumstances When the device starts up such as when you press the Power button When you click Apply in the SETUP Time Setting screen Once every 24 hours after starting up Table 12 Pre...

Page 71: ...71 PART III Advanced Screens The LAN Configuration Screens 73 The WAN Configuration Screens 85 The NAT Configuration Screens 109 The System Configuration Screens 119...

Page 72: ...72...

Page 73: ...ver in the WiMAX Modem The Static DHCP screen Section 7 3 on page 76 lets you assign specific IP addresses to specific computers on the LAN The IP Static Route screen Section 7 4 on page 77 lets you e...

Page 74: ...IP address and vice versa The DNS server is extremely important because without it you must know the IP address of a networking device before you can access it DHCP A DHCP Dynamic Host Configuration...

Page 75: ...ddresses to allocate This number must be at least one and is limited by a subnet mask of 255 255 255 0 regardless of the subnet the WiMAX Modem is in For example if the IP Pool Start Address is 10 10...

Page 76: ...P Setup Figure 21 ADVANCED LAN Configuration Static DHCP The following table describes the labels in this screen Table 14 ADVANCED LAN Configuration Static DHCP LABEL DESCRIPTION The number of the ite...

Page 77: ...IPTION Edit Click to edit this item Delete Click to delete this item Table 16 Advanced LAN Configuration IP Static Route LABEL DESCRIPTION The number of the item in this list Name This field displays...

Page 78: ...ation IP Address Enter one of the destination IP addresses that this static route affects IP Subnet Mask Enter the subnet mask that defines the range of destination IP addresses that this static route...

Page 79: ...Setup RIP Direction Use this field to control how much routing information the WiMAX Modem sends and receives on the subnet None The WiMAX Modem does not send or receive routing information on the su...

Page 80: ...s specifically for private use please do not use any other number unless you are told otherwise Let s say you select 192 168 1 0 as the network number which covers 254 individual addresses from 192 16...

Page 81: ...iguration for the clients If DHCP service is disabled you must have another DHCP server on your LAN or else each computer must be manually configured The WiMAX Modem is pre configured with a pool of I...

Page 82: ...ry and Secondary DNS Server fields in the LAN Setup screen are not specified for instance left as 0 0 0 0 the WiMAX Modem tells the DHCP clients that it itself is the DNS server When a computer sends...

Page 83: ...group it is not used to carry user data IGMP version 2 RFC 2236 is an improvement over version 1 RFC 1112 but IGMP version 1 is still in wide use If you would like to read more detailed information a...

Page 84: ...Chapter 7 The LAN Configuration Screens User s Guide 84...

Page 85: ...nfigure your DNS server RIP Multicast and Windows Networking settings 8 1 2 What You Need to Know The following terms and concepts may help as you read through this chapter WiMAX WiMAX Worldwide Inter...

Page 86: ...subscriber stations and mobile stations connect to the network through a single base station BS as in the following figure Figure 26 WiMAX Multiple Mobile Stations A base station s coverage area can e...

Page 87: ...tations The following figure shows a base station using an AAA server to authenticate mobile station MS allowing it to access the Internet Figure 27 Using an AAA Server In this figure the dashed arrow...

Page 88: ...ed with your Internet access account You can enter up to 61 printable ASCII characters Password Use this field to enter the password associated with your Internet access account You can enter up to 47...

Page 89: ...is established the inner EAP is the protocol used to exchange security information between the mobile station the base station and the AAA server to authenticate the mobile station See the WiMAX secur...

Page 90: ...dress A dynamic IP address is not fixed the ISP assigns you a different one each time you connect to the Internet Use Fixed IP Address A static IP address is a fixed IP that your ISP gives you Type yo...

Page 91: ...WiMAX Configuration LABEL DESCRIPTION DL Frequency Bandwidth These fields show the downlink frequency settings in kilohertz kHz Enter values in these fields to have the WiMAX Modem scan these frequen...

Page 92: ...the WiMAX Modem searching for a connection Have the WiMAX Modem search only certain frequencies by configuring the downlink frequencies Your operator can give you information on the supported frequen...

Page 93: ...frequencies enter them in the DL Frequency fields The following table describes some examples of DL Frequency settings 8 3 3 Using the WiMAX Frequency Screen In this example your Internet service pro...

Page 94: ...he WiMAX Modem stores your settings When the WiMAX Modem searches for available frequencies it scans all frequencies from DL Frequency 1 to DL Frequency 4 When it finds an available connection the fie...

Page 95: ...ave their DNS server addresses manually configured If you do not configure a DNS server you must know the IP address of a computer in order to access it RIP Multicast Setup RIP Direction Select the RI...

Page 96: ...Chapter 8 The WAN Configuration Screens User s Guide 96...

Page 97: ...al Private LAN Service or VPLS Note Unlike some other types of VPN such as IPSec VPNs VPLS VPNs do not use authentication or encryption to secure the data they carry The following figure shows two use...

Page 98: ...dentify users on the LAN It does this by examining VLAN Virtual Local Area Network tags These tags must be added to the data packets by a switch on the LAN In the following example two users A and B a...

Page 99: ...LAN 9 2 General Click ADVANCED VPN Transport to turn VPN transport on or off and to set the VPN transport endpoint your service provider s router Figure 35 ADVANCED VPN Transport General The following...

Page 100: ...10 and 20 and using the customer interfaces assigns them to specific pseudowires PW1 and PW2 Figure 36 Pseudowire Mapping The WiMAX Modem has a default customer interface configured for frames that a...

Page 101: ...X network between the WiMAX Modem and your service provider s router It is necessary to encapsulate the Ethernet pseudowire since the WiMAX connection is IP only MPLS information is carried in a packe...

Page 102: ...e item in this list Active This icon is green if the associated interface is enabled The icon is grey if the associated interface is disabled Enable or disable an interface by clicking its Edit icon a...

Page 103: ...re that this interface uses as well as the ingress and egress MPLS Multi Protocol Label Switching VC Virtual Circuit label numbers DSCP This displays the DiffServ Control Point value you previously en...

Page 104: ...fic without a specific VLAN ID There can be only one untagged interface VLAN ID Enter the Virtual Local Area Network Identifier number 1 4094 for this interface This VLAN ID must not be used by any ot...

Page 105: ...wing table describes the icons in this screen The following table describes the labels in this screen INGRESS LABEL X EGRESS LABEL Y INGRESS LABEL Y EGRESS LABEL X PSEUDOWIRE TO Y TO X A B Table 28 Ad...

Page 106: ...dit icon to set up an Ethernet pseudowire or alter the configuration of an existing Ethernet pseudowire Click the Delete icon to remove an existing Ethernet pseudowire Table 29 ADVANCED VPN Transport...

Page 107: ...EL DESCRIPTION Table 31 ADVANCED VPN Transport Statistics LABEL DESCRIPTION The number of the item in this list Active This icon is green if the associated interface is enabled The icon is grey if the...

Page 108: ...Chapter 9 The VPN Transport Screens User s Guide 108...

Page 109: ...l screen Section 10 2 on page 109 lets you enable or disable NAT and to allocate memory for NAT and firewall rules The Port Forwarding screen Section 10 3 on page 110 lets you look at the current port...

Page 110: ...default is not defined the service request is simply discarded Table 32 ADVANCED NAT Configuration General LABEL DESCRIPTION Enable Network Address Translation Select this if you want to use port for...

Page 111: ...n the LAN IP addresses and the ISP assigns the WAN IP address The NAT network appears as a single host on the Internet Figure 45 Multiple Servers Behind NAT Example 10 3 1 Port Forwarding Options Clic...

Page 112: ...s instead Port Forwarding The number of the item in this list Active Select this to enable this rule Clear this to disable this rule Name This field displays the name of the rule It does not have to b...

Page 113: ...le You can use 1 31 printable ASCII characters or you can leave this field blank It does not have to be a unique name Start Port End Port Enter the port number or range of port numbers you want to for...

Page 114: ...affic to the WAN to request a service with a specific port number and protocol a trigger port When the WiMAX Modem s WAN port receives a response with a specific port number and protocol incoming port...

Page 115: ...the range in the End Port field If you want to delete this rule enter zero in the Start Port and End Port fields Trigger Start Port End Port Enter the outgoing port number or range of port numbers tha...

Page 116: ...otocol or two hours with TCP IP Transfer Control Protocol Internet Protocol Two points to remember about trigger ports 1 Trigger events only happen on data that is coming from inside the WiMAX Modem a...

Page 117: ...tion ALG LABEL DESCRIPTION Enable SIP ALG Select this to make sure SIP VoIP works correctly with port forwarding and port triggering rules Enable FTP ALG Select this to make sure FTP file transfer wor...

Page 118: ...Chapter 10 The NAT Configuration Screens User s Guide 118...

Page 119: ...11 4 on page 124 lets you upload new firmware to the WiMAX Modem The Configuration screen Section 11 5 on page 126 lets you back up or restore the configuration of the WiMAX Modem The Restart screen...

Page 120: ...ress Assignment Use DNS Domain Name System to map a domain name to its corresponding IP address and vice versa for instance the IP address of www zyxel com is 204 217 0 2 The DNS server is extremely i...

Page 121: ...ter the domain name entry that is propagated to DHCP clients on the LAN If you leave this blank the domain name obtained from the ISP is used Use up to 38 alphanumeric characters Spaces are not allowe...

Page 122: ...t of all you need to have registered a dynamic DNS account with www dyndns org This is for people with a dynamic IP from their ISP or DHCP server that would still like to have a domain name The Dynami...

Page 123: ...mic DNS LABEL DESCRIPTION Dynamic DNS Setup Enable Dynamic DNS Select this to use dynamic DNS Service Provider Select the name of your Dynamic DNS service provider Dynamic DNS Type Select the type of...

Page 124: ...you can specify while you are off line Check with your Dynamic DNS service provider IP Address Update Policy Use WAN IP Address Select this if you want the WiMAX Modem to update the domain name with t...

Page 125: ...w firmware version in the Status screen You might have to open a new browser window to log in If the upload is not successful you will be notified by error message Click Return to go back to the Firmw...

Page 126: ...a file on your computer Once your device is configured and functioning properly it is highly recommended that you back up your configuration file before making configuration changes The backup config...

Page 127: ...ur computer s IP address You might have to open a new browser to log in again If the upload was not successful you are notified by Configuration Upload Error message Click Return to go back to the Con...

Page 128: ...ter 11 The System Configuration Screens User s Guide 128 11 6 1 The Restart Process When you click Restart the the process usually takes about two minutes Once the restart is complete you can log in a...

Page 129: ...129 PART IV Voice Screens The Service Configuration Screens 131 The Phone Screens 149 The Phone Book Screens 159...

Page 130: ...130...

Page 131: ...Circuit switched telephone networks require 64 kilobits per second kbps in each direction to handle a telephone call VoIP can use advanced voice coding techniques with compression to reduce the requi...

Page 132: ...johndoe your ITSP com for example or numbers like a telephone number 1122334455 VoIP provider com for example SIP Service Domain The SIP service domain of the VoIP service provider the company that le...

Page 133: ...e with the WiMAX Modem Connect your WiMAX Modem to the Internet as described in the Quick Start Guide If you have not already done so then you will not be able to test your VoIP settings 12 2 SIP Sett...

Page 134: ...p the default value REGISTER Server Address Enter the IP address or domain name of the SIP register server if your VoIP service provider gave you one Otherwise enter the same address you entered in th...

Page 135: ...2 The STUN server B finds the public IP address and port number that the NAT router used on the WiMAX Modem s SIP packets and sends them to the WiMAX Modem 3 The WiMAX Modem uses the public IP addres...

Page 136: ...ifference signals where the actual signal is very similar to what was predicted This is because the level of quantization noise is the same at all signal levels Adaptive DPCM solves this problem by ad...

Page 137: ...ount Figure 58 VOICE Service Configuration SIP Settings Advanced The following table describes the labels in this screen Table 44 VOICE Service Configuration SIP Settings Advanced LABEL DESCRIPTION SI...

Page 138: ...enter one port number enter the port number in the Start Port and End Port fields To enter a range of ports Type the port number at the beginning of the range in the Start Port field Type the port nu...

Page 139: ...ith any type of NAT router and eliminates the need for STUN or a SIP ALG Turn off any SIP ALG on a NAT router in front of the WiMAX Modem to keep it from re translating the IP address since this is al...

Page 140: ...lity but it may have inter operability problems The peer devices must also use T 38 Call Forward Call Forward Table Select which call forwarding table you want the WiMAX Modem to use for incoming call...

Page 141: ...you are in the configuration menu 2 Press a number from 1201 1208 followed by the key to listen to the tone 3 You can continue to add listen to or delete tones or you can hang up the receiver when you...

Page 142: ...tag to identify voice traffic and give it priority over other traffic Click VOICE Service Configuration QoS to set up and maintain ToS and VLAN settings for the WiMAX Modem QoS Quality of Service refe...

Page 143: ...response after the call is answered 4 A then sends an ACK message to acknowledge that B has answered the call 5 Now A and B exchange voice media talk Voice VLAN ID Select this if the WiMAX Modem has t...

Page 144: ...evice can act as both a SIP client and a SIP server 12 4 3 SIP User Agent A SIP user agent can make and receive VoIP telephone calls This means that SIP can be used for peer to peer communications eve...

Page 145: ...ack to the device that sent the request Then the client device that originally sent the request can send requests to the IP address that it received back from the redirect server Redirect servers do n...

Page 146: ...age the SIP server cannot map it to your SIP identity See Chapter 10 The NAT Configuration Screens for more information Use a SIP ALG Application Layer Gateway Use NAT STUN or outbound proxy to allow...

Page 147: ...gure 63 DiffServ Differentiated Service Field DSCP is backward compatible with the three precedence bits in the ToS octet so that non DiffServ compliant ToS enabled network device will not conflict wi...

Page 148: ...Chapter 12 The Service Configuration Screens User s Guide 148...

Page 149: ...e region of the world in which the WiMAX Modem is located 13 1 2 What You Need to Know The following terms and concepts may help as you read through this chapter Voice Activity Detection Silence Suppr...

Page 150: ...Second Call Call Transfer Call Forwarding Three Way Conference Internal Calls Caller ID CLIP Calling Line Identification Presentation CLIR Calling Line Identification Restriction Note To take full adv...

Page 151: ...rt Settings Displays the phone port number Outgoing Call Use SIP1 Select this if you want this phone port to use the SIP1 account when it makes calls If you select both SIP accounts the WiMAX Modem tr...

Page 152: ...this if you want to eliminate the echo caused by the sound of your voice reverberating in the telephone receiver while you talk Dialing Interval Select Dialing Interval Select Enter the number of seco...

Page 153: ...this dial the phone number and then press the pound key if you do not want to wait The WiMAX Modem makes the call immediately Apply Click to save your changes Reset Click to restore your previously s...

Page 154: ...s with the Europe Type Call Service Mode Commands for supplementary services are listed in the table below After pressing the flash key if you do not issue the sub command before the default sub comma...

Page 155: ...s 0 Disconnect the first call and answer the second call Either press the flash key and press 1 or just hang up the phone and then answer the phone after it rings Put the first call on hold and answer...

Page 156: ...nd B by putting either one on hold If you hang up the phone but a caller is still on hold there will be a remind ring USA Call Waiting allows you to place a call on hold while you answer another incom...

Page 157: ...umber to make a second call 3 When the second call is answered press the flash key to create a three way conversation 4 If you want to separate the three way conference into two individual calls one c...

Page 158: ...Chapter 13 The Phone Screens User s Guide 158...

Page 159: ...and concepts may help as you read through this chapter Speed Dial and Peer to Peer Calling Speed dial provides shortcuts for dialing frequently used VoIP phone numbers It is also required if you want...

Page 160: ...you change this field the screen automatically refreshes Forward to Number Setup Unconditional Forward to Number Select this if you want the WiMAX Modem to forward all incoming calls to the specified...

Page 161: ...hich you want to forward incoming calls from the Incoming Call Number You may leave this field blank depending on the Condition Condition Select the situations in which you want to forward incoming ca...

Page 162: ...speed dial entries if you want to make peer to peer calls or call SIP numbers that use letters You can also create speed dial entries for frequently used SIP phone numbers Figure 69 VOICE Phone Book S...

Page 163: ...P server or if you want to make a peer to peer call In this case enter the IP address or domain name of the SIP server or the other party in the field below Add Click to add the new number to the list...

Page 164: ...Chapter 14 The Phone Book Screens User s Guide 164...

Page 165: ...165 PART V Tools Status Screens The Certificates Screens 167 The Firewall Screens 189 Content Filter 199 The Remote Management Screens 203 QoS 215 The Logs Screens 219 The Status Screen 235...

Page 166: ...166...

Page 167: ...ecord with a domain name registrar If they match then the certificate is issued to the website operator who then places it on his site to be issued to all visiting web browsers to let them know that t...

Page 168: ...0 TOOLS Certificates My Certificates The following table describes the icons in this screen The following table describes the labels in this screen Table 57 TOOLS Certificates My Certificates ICON DES...

Page 169: ...pany and country With self signed certificates this is the same information as in the Subject field Valid From This field displays the date that the certificate becomes applicable Valid To This field...

Page 170: ...cates My Certificates and then the Create icon to open the My Certificates Create screen Use this screen to have the WiMAX Modem create a self signed certificate enroll a certificate with a certificat...

Page 171: ...ate owner belongs You can use up to 63 characters You can use alphanumeric characters the hyphen and the underscore Organization Identify the company or group to which the certificate owner belongs Yo...

Page 172: ...Internet Engineering Task Force IETF and is specified in RFC 2510 CA Server Address This field applies when you select Create a certification request and enroll for a certificate immediately online En...

Page 173: ...e My Certificate Create screen Click Return and check your information in the My Certificate Create screen Make sure that the certification authority information is correct and that your Internet conn...

Page 174: ...es My Certificates Edit The following table describes the labels in this screen Table 60 TOOLS Certificates My Certificates Edit LABEL DESCRIPTION Name This field displays the identifying name of this...

Page 175: ...ertification authority or generated by the WiMAX Modem Subject This field displays information that identifies the owner of the certificate such as Common Name CN Organizational Unit OU Organization O...

Page 176: ...age digest that the WiMAX Modem calculated using the SHA1 algorithm Certificate in PEM Base 64 Encoded Format This read only text box displays the certificate or certification request in Privacy Enhan...

Page 177: ...ort it Figure 73 TOOLS Certificates My Certificates Import The following table describes the labels in this screen Table 61 TOOLS Certificates My Certificates Import LABEL DESCRIPTION File Path Type i...

Page 178: ...his screen Table 62 TOOLS Certificates Trusted CAs ICON DESCRIPTION Edit Click to edit this item Export Click to export an item Delete Click to delete this item Table 63 TOOLS Certificates Trusted CAs...

Page 179: ...have selected the Check incoming certificates issued by this CA against a CRL check box in the certificate s details screen to have the WiMAX Modem check the CRL before trusting any certificates issue...

Page 180: ...Certificates Trusted CAs Edit The following table describes the labels in this screen Table 64 TOOLS Certificates Trusted CAs Edit LABEL DESCRIPTION Name This field displays the identifying name of th...

Page 181: ...certification authority or generated by the WiMAX Modem Subject This field displays information that identifies the owner of the certificate such as Common Name CN Organizational Unit OU Organization...

Page 182: ...digest that the WiMAX Modem calculated using the SHA1 algorithm Certificate in PEM Base 64 Encoded Format This read only text box displays the certificate or certification request in Privacy Enhanced...

Page 183: ...ertificate s filename before you can import the certificate Figure 76 TOOLS Certificates Trusted CAs Import The following table describes the labels in this screen 15 4 Technical Reference The followi...

Page 184: ...ing to come from Tim can read it and verify whether it is really from him or not 3 Tim uses his private key to sign the message and sends it to Jenny 4 Jenny receives the message and uses Tim s public...

Page 185: ...fault Certificate The WiMAX Modem generates its own unique self signed certificate when you first turn it on This certificate is referred to in the GUI as the factory default certificate 15 4 1 4 Cert...

Page 186: ...sted certificates 15 4 2 1 Checking the Fingerprint of a Certificate on Your Computer A certificate s fingerprints are message digests calculated using the MD5 or SHA1 algorithms The following procedu...

Page 187: ...oll down to the Thumbprint Algorithm and Thumbprint fields Figure 78 Certificate Details 4 Use a secure method to verify that the certificate owner has the same information in the Thumbprint Algorithm...

Page 188: ...Chapter 15 The Certificates Screens User s Guide 188...

Page 189: ...ewall to guard effectively you must design and deploy it appropriately This requires integrating the firewall into a broad information security policy In addition specific policies must be implemented...

Page 190: ...lowed by default unless the remote host is authorized to use a specific service 16 2 Firewall Setting This section describes firewalls and the built in WiMAX Modem s firewall features 16 2 1 Firewall...

Page 191: ...he Remote MGMT screens or SMT menus When you allow remote management from the WAN you are actually configuring WAN to WAN WiMAX Modem firewall rules WAN to WAN WiMAX Modem firewall rules are Internet...

Page 192: ...sing through the WiMAX Modem Max NAT Firewall Session Per User Select the maximum number of NAT rules and firewall rules the WiMAX Modem enforces at one time The WiMAX Modem automatically allocates me...

Page 193: ...L DESCRIPTION Service Setup Enable Services Blocking Select this to activate service blocking The Schedule to Block section controls what days and what times service blocking is actually effective how...

Page 194: ...omputers on your LAN when service blocking is effective To remove a service from this list select the service and click Delete Type Select TCP or UDP based on which one the custom port uses Port Numbe...

Page 195: ...block packets for the services at specific interfaces 6 Protect against IP spoofing by making sure the firewall is active 7 Keep the firewall in a secured locked room 16 4 3 The Triangle Route Problem...

Page 196: ...work into logical sections over the same Ethernet interface Your WiMAX Modem supports up to three logical LAN interfaces with the WiMAX Modem being the gateway for each logical network It s like havin...

Page 197: ...Chapter 16 The Firewall Screens User s Guide 197 4 The WiMAX Modem then sends it to the computer on the LAN in Subnet 1 Figure 84 IP Alias...

Page 198: ...Chapter 16 The Firewall Screens User s Guide 198...

Page 199: ...specific URL keywords The WiMAX Modem can block web features such as ActiveX controls Java applets cookies and disable web proxies The WiMAX Modem also allows you to define time periods and days duri...

Page 200: ...r s Guide 200 17 2 Filter Click TOOLS Content Filter Filter to set up a trusted IP address which web features are restricted and which keywords are blocked when content filtering is effective Figure 8...

Page 201: ...er and the Internet to provide security administrative control and caching service When a proxy server is located on the WAN it is possible for LAN users to avoid content filtering restrictions Keywor...

Page 202: ...this screen Table 69 TOOLS Content Filter Schedule LABEL DESCRIPTION Day to Block Select which days of the week you want content filtering to be effective Time of Day to Block Select what time each da...

Page 203: ...nly have one remote management session running at a time The WiMAX Modem automatically disconnects a remote management session of lower priority when another remote management session of higher priori...

Page 204: ...or Web service 2 You have disabled that service in one of the remote management screens 3 The IP address in the Secured Client IP field does not match the client IP address If it does not match the W...

Page 205: ...OOLS Remote Management WWW to control HTTP access to your WiMAX Modem Figure 87 TOOLS Remote Management WWW The following table describes the labels in this screen Table 71 TOOLS Remote Management WWW...

Page 206: ...mote Management Telnet LABEL DESCRIPTION Server Port Enter the port number this service can use to access the WiMAX Modem The computer must use the same port number Server Access Select the interface...

Page 207: ...perform network management functions It executes applications that control and monitor managed devices Table 73 TOOLS Remote Management FTP LABEL DESCRIPTION Server Port Enter the port number this ser...

Page 208: ...In SNMPv1 when a manager wants to retrieve all elements of a table from an agent it initiates a Get operation followed by a series of GetNext operations Set Allows the manager to set values for objec...

Page 209: ...fault is public and allows all requests Set Community Enter the Set community which is the password for incoming Set requests from the management station The default is public and allows all requests...

Page 210: ...service Apply Click to save your changes Reset Click to restore your previously saved settings Table 75 TOOLS Remote Management SNMP continued LABEL DESCRIPTION Table 76 TOOLS Remote Management DNS LA...

Page 211: ...LAN WAN the WiMAX Modem responds to ping requests received from the LAN or the WAN Do not respond to requests for unauthorized services Select this to prevent outsiders from discovering your WiMAX Mo...

Page 212: ...nfigure it appropriately The ACS server which it will use must also be configured by its administrator Figure 94 TR 069 Example In this example the WiMAX Modem receives data from at least 3 sources A...

Page 213: ...n You can enter up to 31 alphanumeric characters a z A Z 0 9 and underscores but spaces are not allowed Password Enter the password sent when the WiMAX Modem connects to an ACS and which is used for a...

Page 214: ...mm ss where yyyy is a four digit year 2009 mm is a two digit month 01 12 dd is a two digit day 01 28 hh is a two digit hour in 24 hour format 01 24 mm is a two digit minutes value 01 60 and ss is a tw...

Page 215: ...k inadequate for time critical application such as video on demand 19 2 General Click TOOLS QoS to open the screen as shown next Use this screen to enable or disable QoS Figure 96 QoS General The foll...

Page 216: ...p The following table describes the labels in this screen Table 80 QoS Class Setup LABEL DESCRIPTION Create New Class Click this button to create a new class This field displays the index number of th...

Page 217: ...ass Similar classes are processed in order of index number from lowest to highest Name Enter a descriptive name of up to 20 printable English keyboard characters including spaces Interface Select an i...

Page 218: ...Chapter 19 QoS User s Guide 218...

Page 219: ...nd which logs and alerts are sent or recorded 20 1 2 What You Need to Know The following terms and concepts may help as you read through this chapter Alerts An alert is a type of log that warrants mor...

Page 220: ...ID is the MAC address of the router s LAN port The cat is the same as the category in the router s logs Traffic Log Facility 8 Severity Mon dd hr mm ss hostname src srcIP srcPort dst dstIP dstPort msg...

Page 221: ...currently sorted pointing downward is descending pointing upward is ascending The following table describes the labels in this screen Table 84 TOOLS Logs View Logs LABEL DESCRIPTION Display Select a...

Page 222: ...field displays the source IP address and the port number of the incoming packet In many cases some or all of this information may not be available Destination This field lists the destination IP addr...

Page 223: ...r s Guide 223 20 3 Log Settings Click TOOLS Logs Log Settings to configure where the WiMAX Modem sends logs and alerts the schedule for sending logs and which logs and alerts are sent or recorded Figu...

Page 224: ...is selected then also specify which day of the week the E mail should be sent If the When Log is Full option is selected an alert is sent when the log fills up If you select None no log messages are...

Page 225: ...evice failed to get information from the time server WAN interface gets IP s The WAN interface got a new IP address from the DHCP or PPPoE server DHCP client gets s A DHCP client got a new IP address...

Page 226: ...according to the default policy s setting Firewall rule NOT match TCP UDP IGMP ESP GRE OSPF Packet Direction rule d Attempted TCP UDP IGMP ESP GRE OSPF access matched or did not match a configured fir...

Page 227: ...ction three way handshaking timeout 270 seconds TCP FIN wait timeout 2 MSL Maximum Segment Lifetime set in the TCP header TCP idle established timeout s 150 minutes TCP reset timeout 10 seconds Exceed...

Page 228: ...CMP ICMP The firewall does not support this kind of ICMP packets or the ICMP packets are out of order Router reply ICMP packet ICMP The router sent an ICMP reply packet to the sender Table 92 PPP Logs...

Page 229: ...iting content filter server timeout The external content filtering server did not respond within the timeout period DNS resolving failed The WiMAX Modem cannot get the IP address of the external conte...

Page 230: ...CMP type d code d The firewall detected an ICMP vulnerability attack traceroute ICMP type d code d The firewall detected an ICMP traceroute attack ports scan UDP The firewall detected a UDP port scan...

Page 231: ...Reply 0 Echo reply message 3 Destination Unreachable 0 Net unreachable 1 Host unreachable 2 Protocol unreachable 3 Port unreachable 4 A packet that needed fragmentation was dropped because it was set...

Page 232: ...IP account with a SIP register server was not successful SIP UnRegistration Success by SIP SIP Phone Number The listed SIP account s registration was deleted from the SIP register server SIP UnRegistr...

Page 233: ...P phone call made from a phone connected to the listed phone port has terminated Table 101 FSM Logs Callee Side LOG MESSAGE DESCRIPTION VoIP Call Start from SIP SIP Port Number A VoIP phone call came...

Page 234: ...Chapter 20 The Logs Screens User s Guide 234...

Page 235: ...en Click the STATUS icon in the navigation bar to go to this screen where you can view the current status of the device system resources interfaces LAN and WAN and SIP accounts You can also register a...

Page 236: ...dem is a DHCP client in the WAN Its IP address comes from a DHCP server on the WAN None The WiMAX Modem is not using any DHCP services in the WAN It has a static IP address LAN Information IP Address...

Page 237: ...rrent connection This value is an indication of overall radio signal quality A higher value indicates a higher signal quality and a lower value indicates a lower signal quality CINR deviation This fie...

Page 238: ...displays Up when the WiMAX Modem is connected to a WiMAX network and Down when the WiMAX Modem is not connected to a WiMAX network For the LAN interface this field displays Up when the WiMAX Modem is...

Page 239: ...s the mapping between your SIP identity and your IP address or domain name The second field displays Registered If the SIP account is not registered with the SIP server Click Register to have the WiMA...

Page 240: ...interface it displays the transmission rate when WLAN is enabled or Down when WLAN is disabled TxPkts This field displays the number of packets transmitted on this interface RxPkts This field displays...

Page 241: ...hese settings can be configured in the ADVANCED WAN Configuration WiMAX Configuration screen Figure 103 WiMAX Site Information The following table describes the labels in this screen Table 105 WiMAX S...

Page 242: ...Figure 104 DHCP Table Each field is described in the following table Table 106 DHCP Table LABEL DESCRIPTION The number of the item in this list IP Address This field displays the IP address the WiMAX...

Page 243: ...ied to register the SIP account with the SIP server the attempt failed The WiMAX Modem automatically tries to register the SIP account when you turn on the WiMAX Modem or when you activate it Inactive...

Page 244: ...l through a phone port Peer Number This field displays the SIP number of the party that is currently engaged in a VoIP call through a phone port Duration This field displays how long the current call...

Page 245: ...plays as a row of asterisks for security purposes Anonymous Identity This is the anonymous identity provided by your Internet Service Provider Anonymous identity also known as outer identity is used w...

Page 246: ...d the AAA server to authenticate the mobile station See the WiMAX security appendix for more details The WiMAX Modem supports the following inner authentication types CHAP Challenge Handshake Authenti...

Page 247: ...247 PART VI Troubleshooting and Specifications Troubleshooting 249 Product Specifications 257...

Page 248: ...248...

Page 249: ...Ds The WiMAX Modem does not turn on None of the LEDs turn on 1 Make sure you are using the power adapter or cord included with the WiMAX Modem 2 Make sure the power adapter or cord is connected to the...

Page 250: ...p the IP address of the default gateway for your computer To do this in most Windows computers click Start Run enter cmd and then enter ipconfig The IP address of the Default Gateway might be the IP a...

Page 251: ...dress See Section 11 6 on page 127 6 If the problem continues contact the network administrator or vendor or try one of the advanced suggestions Advanced Suggestions Try to access the WiMAX Modem usin...

Page 252: ...the Summary box and make sure that you are using the correct security settings for your Internet account 4 Check your WiMAX settings The WiMAX Modem may have been set to search the wrong frequencies f...

Page 253: ...or to a higher floor in your building 2 There may be radio interference caused by nearby electrical devices such as microwave ovens and radio transmitters Move the WiMAX Modem away or switch the other...

Page 254: ...se ports 3 You can also check the VoIP status in the Status screen 4 If the VoIP settings are correct use speed dial to make peer to peer calls If you cannot make a call using speed dial there may be...

Page 255: ...1 Make sure the Power LED is on and not blinking 2 Press and hold the Reset button for five to ten seconds Release the Reset button when the Power LED begins to blink The default settings have been re...

Page 256: ...Chapter 22 Troubleshooting User s Guide 256...

Page 257: ...er Consumption MAX 306M1 US maximum 9 61W EU maximum 7 77W MAX 306M1 US maximum 10 46W EU maximum 9 00W Ethernet Interface One auto negotiating auto MDI MDI X NWay 10 100 Mbps RJ 45 Ethernet port Tele...

Page 258: ...the firewall is activated all incoming traffic from the WAN to the LAN is blocked unless it is initiated from the LAN The WiMAX Modem s firewall supports TCP UDP inspection DoS detection and preventi...

Page 259: ...s This helps ensure good voice quality for your conversations Voice Activity Detection Silence Suppression Voice Activity Detection VAD reduces the bandwidth that a call uses by not transmitting when...

Page 260: ...n RFC 2782 A DNS RR for specifying the location of services DNS SRV RFC 2833 Real time Transport Protocol Payload for DTMF Digits Telephony Tones and Telephony Signals RFC 2976 The SIP INFO Method RFC...

Page 261: ...try code feature when you move the WiMAX Modem from one country to another Do not Disturb DnD This feature allows you to set your phone not to ring when someone calls you You can set each phone indepe...

Page 262: ...Service Quality of Service QoS mechanisms help to provide better service on a per flow basis Your device supports Type of Service ToS tagging and Differentiated Services DiffServ tagging This allows...

Page 263: ...a single call basis 72 Activate Call Forwarding 72 followed by the 10 digit phone number that is requesting call forwarding service 720 Activate Call Forwarding 720 followed by the 10 digit phone num...

Page 264: ...Chapter 23 Product Specifications User s Guide 264...

Page 265: ...rity 267 Setting Up Your Computer s IP Address 271 Pop up Windows JavaScripts and Java Permissions 299 IP Addresses and Subnetting 309 Importing Certificates 321 SIP Passthrough 353 Common Services 35...

Page 266: ...266...

Page 267: ...ports EAP Extensible Authentication Protocol RFC 2486 which allows additional authentication methods to be deployed with no changes to the base station or the mobile or subscriber stations PKMv2 PKMv2...

Page 268: ...changed between the base station and the RADIUS server for user authentication Access Request Sent by an base station requesting authentication Access Reject Sent by a RADIUS server rejecting access A...

Page 269: ...ncrypts using the authentication key Encrypted traffic The MS SS decrypts the TEK using the authentication key Both stations can now securely encrypt and decrypt the data flow CCMP All traffic in a Wi...

Page 270: ...server side authentications to establish a secure connection with EAP TLS digital certifications are needed by both the server and the wireless clients for mutual authentication Client authentication...

Page 271: ...te with the other devices on your network Windows Vista XP 2000 Mac OS 9 OS X and all versions of UNIX LINUX include the software components you need to use TCP IP on your computer If you manually ass...

Page 272: ...NT 2000 The following example uses the default Windows XP display theme but can also apply to Windows 2000 and Windows NT 1 Click Start Control Panel Figure 107 Windows XP Start Menu 2 In the Control...

Page 273: ...3 Right click Local Area Connection and then select Properties Figure 109 Windows XP Control Panel Network Connections Properties 4 On the General tab select Internet Protocol TCP IP and then click P...

Page 274: ...that was assigned to you by your network administrator or ISP You may also have to enter a Preferred DNS server and an Alternate DNS server if that information was provided 7 Click OK to close the In...

Page 275: ...ows screens from Windows Vista Professional 1 Click Start Control Panel Figure 112 Windows Vista Start Menu 2 In the Control Panel click the Network and Internet icon Figure 113 Windows Vista Control...

Page 276: ...ons Figure 115 Windows Vista Network and Sharing Center 5 Right click Local Area Connection and then select Properties Figure 116 Windows Vista Network and Sharing Center Note During this procedure cl...

Page 277: ...Appendix B Setting Up Your Computer s IP Address User s Guide 277 6 Select Internet Protocol Version 4 TCP IPv4 and then select Properties Figure 117 Windows Vista Local Area Connection Properties...

Page 278: ...ddress that was assigned to you by your network administrator or ISP You may also have to enter a Preferred DNS server and an Alternate DNS server if that information was provided Click Advanced 9 Cli...

Page 279: ...OS X 10 3 and 10 4 The screens in this section are from Mac OS X 10 4 but can also apply to 10 3 1 Click Apple System Preferences Figure 119 Mac OS X 10 4 Apple Menu 2 In the System Preferences windo...

Page 280: ...ne opens select Built in Ethernet from the network connection type list and then click Configure Figure 121 Mac OS X 10 4 Network Preferences 4 For dynamically assigned settings select Using DHCP from...

Page 281: ...assigned settings do the following From the Configure IPv4 list select Manually In the IP Address field type your IP address In the Subnet Mask field type your subnet mask In the Router field type th...

Page 282: ...ide 282 Click Apply Now and close the window Verifying Settings Check your TCP IP properties by clicking Applications Utilities Network Utilities and then selecting the appropriate Network Interface f...

Page 283: ...ss User s Guide 283 Mac OS X 10 5 The screens in this section are from Mac OS X 10 5 1 Click Apple System Preferences Figure 125 Mac OS X 10 5 Apple Menu 2 In System Preferences click the Network icon...

Page 284: ...ailable connection types Figure 127 Mac OS X 10 5 Network Preferences Ethernet 4 From the Configure list select Using DHCP for dynamically assigned settings 5 For statically assigned settings do the f...

Page 285: ...B Setting Up Your Computer s IP Address User s Guide 285 In the Router field enter the IP address of your WiMAX Modem Figure 128 Mac OS X 10 5 Network Preferences Ethernet 6 Click Apply and close the...

Page 286: ...ntu 8 GNOME This section shows you how to configure your computer s TCP IP settings in the GNU Object Model Environment GNOME using the Ubuntu 8 Linux distribution The procedure screens and file locat...

Page 287: ...buntu 8 System Administration Menu 2 When the Network Settings window opens click Unlock to open the Authenticate window By default the Unlock button is greyed out until clicked You cannot make change...

Page 288: ...dow enter your admin account name and password then click the Authenticate button Figure 132 Ubuntu 8 Administrator Account Authentication 4 In the Network Settings window select the connection that y...

Page 289: ...In the Configuration list select Automatic Configuration DHCP if you have a dynamic IP address In the Configuration list select Static IP address if you have a static IP address Fill in the IP address...

Page 290: ...twork Settings window and then enter the DNS server information in the fields provided Figure 135 Ubuntu 8 Network Settings DNS 8 Click the Close button to apply the changes Verifying Settings Check y...

Page 291: ...Appendix B Setting Up Your Computer s IP Address User s Guide 291 tab The Interface Statistics column shows data if your connection is working properly Figure 136 Ubuntu 8 Network Tools...

Page 292: ...tion The procedure screens and file locations may vary depending on your specific distribution release version and individual configuration The following screens use the default openSUSE 10 3 installa...

Page 293: ...n the Run as Root KDE su dialog opens enter the admin password and click OK Figure 138 openSUSE 10 3 K Menu Computer Menu 3 When the YaST Control Center window opens select Network Devices and then cl...

Page 294: ...puter s IP Address User s Guide 294 4 When the Network Settings window opens click the Overview tab select the appropriate connection Name from the list and then click the Configure button Figure 140...

Page 295: ...Address tab Figure 141 openSUSE 10 3 Network Card Setup 6 Select Dynamic Address DHCP if you have a dynamic IP address Select Statically assigned IP Address if you have a static IP address Fill in th...

Page 296: ...296 8 If you know your DNS server IP address es click the Hostname DNS tab in Network Settings and then enter the DNS server information in the fields provided Figure 142 openSUSE 10 3 Network Settin...

Page 297: ...ask bar to check your TCP IP properties From the Options sub menu select Show Connection Information Figure 143 openSUSE 10 3 KNetwork Manager When the Connection Status KNetwork Manager window opens...

Page 298: ...Appendix B Setting Up Your Computer s IP Address User s Guide 298...

Page 299: ...orer versions may vary Internet Explorer Pop up Blockers You may have to disable pop up blocking to log into your device Either disable pop up blocking enabled by default in Windows XP SP Service Pack...

Page 300: ...Pop up Blocker section of the screen This disables any web pop up blockers you may have enabled Figure 146 Internet Options Privacy 3 Click Apply to save this setting Enable Pop up Blockers with Excep...

Page 301: ...ns User s Guide 301 2 Select Settings to open the Pop up Blocker Settings screen Figure 147 Internet Options Privacy 3 Type the IP address of your device the web page that you do not want to have bloc...

Page 302: ...move the IP address to the list of Allowed sites Figure 148 Pop up Blocker Settings 5 Click Close to return to the Privacy screen 6 Click Apply to save this setting JavaScripts If pages of the web co...

Page 303: ...lick Tools Internet Options and then the Security tab Figure 149 Internet Options Security 2 Click the Custom Level button 3 Scroll down to Scripting 4 Under Active scripting make sure that Enable is...

Page 304: ...o close the window Figure 150 Security Settings Java Scripting Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll...

Page 305: ...ermissions User s Guide 305 5 Click OK to close the window Figure 151 Security Settings Java JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 Make sure that U...

Page 306: ...close the window Figure 152 Java Sun Mozilla Firefox Mozilla Firefox 2 0 screens are used here Screens for other versions may vary You can enable Java Javascripts and pop ups in one screen Click Tool...

Page 307: ...x C Pop up Windows JavaScripts and Java Permissions User s Guide 307 Click Content to show the screen below Select the check boxes as shown in the following screen Figure 154 Mozilla Firefox Content S...

Page 308: ...Appendix C Pop up Windows JavaScripts and Java Permissions User s Guide 308...

Page 309: ...the other part is the host ID In the same way that houses on a street share a common street name the hosts on a network share a common network number Similarly as each house has its own house number e...

Page 310: ...AND operation The term subnet is short for sub network A subnet mask has 32 bits If a bit in the subnet mask is a 1 then the corresponding bit in the IP address is part of the network number If a bit...

Page 311: ...its the smaller the number of remaining host ID bits An IP address with host IDs of all zeros is the IP address of the network 192 168 1 0 with a 24 bit subnet mask for example An IP address with host...

Page 312: ...use subnetting to divide one network into multiple sub networks In the following example a network administrator creates two sub networks to isolate a group of servers from the rest of the company net...

Page 313: ...Figure 156 Subnetting Example Before Subnetting You can borrow one of the host ID bits to divide the network 192 168 1 0 into two separate sub networks The subnet mask is now 25 bits 255 255 255 128 o...

Page 314: ...8 is subnet A itself and 192 168 1 127 with mask 255 255 255 128 is its broadcast address Therefore the lowest IP address that can be assigned to an actual host for subnet A is 192 168 1 1 and the hig...

Page 315: ...T OCTET BIT VALUE IP Address 192 168 1 64 IP Address Binary 11000000 10101000 00000001 01000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address 192 168 1 64 Lowest Host ID 192 16...

Page 316: ...1 255 Highest Host ID 192 168 1 254 Table 122 Subnet 4 continued IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE Table 123 Eight Subnets SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BROADCAST A...

Page 317: ...do not use any other number unless you are told otherwise You must also enable Network Address Translation NAT on the WiMAX Modem Once you have decided on the network number pick an IP address for yo...

Page 318: ...nternet addresses for your local networks On the other hand if you are part of a much larger organization you should consult your network administrator for the appropriate IP addresses Regardless of y...

Page 319: ...e if a router is set between a LAN and the Internet WAN the router s LAN and WAN addresses must be on different subnets In the following example the LAN and WAN are on the same subnet The LAN computer...

Page 320: ...etting User s Guide 320 The computer cannot access the Internet This problem can be solved by assigning a different IP address to the computer or the router s LAN port Figure 160 Conflicting Computer...

Page 321: ...Many ZyXEL products such as the NSA 2401 issue their own public key certificates These can be used by web browsers on a LAN or WAN to verify that they are in fact connecting to the legitimate device a...

Page 322: ...they can also apply to Internet Explorer on Windows Vista 1 If your device s web configurator is set to use SSL certification then the first time you browse to it you are presented with a certificati...

Page 323: ...s User s Guide 323 3 In the Address Bar click Certificate Error View certificates Figure 163 Internet Explorer 7 Certificate Error 4 In the Certificate dialog box click Install Certificate Figure 164...

Page 324: ...Wizard click Next Figure 165 Internet Explorer 7 Certificate Import Wizard 6 If you want Internet Explorer to Automatically select certificate store based on the type of certificate click Next again...

Page 325: ...rtificates in the following store and then click Browse Figure 167 Internet Explorer 7 Certificate Import Wizard 8 In the Select Certificate Store dialog box choose a location in which to save the cer...

Page 326: ...e 326 9 In the Completing the Certificate Import Wizard screen click Finish Figure 169 Internet Explorer 7 Certificate Import Wizard 10 If you are presented with another Security Warning click Yes Fig...

Page 327: ...llation message Figure 171 Internet Explorer 7 Certificate Import Wizard 12 The next time you start Internet Explorer and go to a ZyXEL web configurator page a sealed padlock icon appears in the addre...

Page 328: ...mpted you can install a stand alone certificate file if one has been issued to you 1 Double click the public key certificate file Figure 173 Internet Explorer 7 Public Key Certificate File 2 In the se...

Page 329: ...his section shows you how to remove a public key certificate in Internet Explorer 7 1 Open Internet Explorer and click TOOLS Internet Options Figure 175 Internet Explorer 7 Tools Menu 2 In the Interne...

Page 330: ...thorities tab select the certificate that you want to delete and then click Remove Figure 177 Internet Explorer 7 Certificates 4 In the Certificates confirmation click Yes Figure 178 Internet Explorer...

Page 331: ...Appendix E Importing Certificates User s Guide 331 6 The next time you go to the web site that issued the public key certificate you just removed a certification error appears...

Page 332: ...wever the screens can also apply to Firefox 2 on all platforms 1 If your device s web configurator is set to use SSL certification then the first time you browse to it you are presented with a certifi...

Page 333: ...certificate is stored and you can now connect securely to the web configurator A sealed padlock appears in the address bar which you can click to open the Page Info Security window to view the web pa...

Page 334: ...a ZyXEL web configurator and installing a public key certificate when prompted you can install a stand alone certificate file if one has been issued to you 1 Open Firefox and click TOOLS Options Figur...

Page 335: ...t Figure 184 Firefox 2 Certificate Manager 4 Use the Select File dialog box to locate the certificate and then click Open Figure 185 Firefox 2 Select File 5 The next time you visit the web site click...

Page 336: ...ificate in Firefox This section shows you how to remove a public key certificate in Firefox 2 1 Open Firefox and click TOOLS Options Figure 186 Firefox 2 Tools Menu 2 In the Options dialog box click A...

Page 337: ...rtificate that you want to remove and then click Delete Figure 188 Firefox 2 Certificate Manager 4 In the Delete Web Site Certificates dialog box click OK Figure 189 Firefox 2 Delete Web Site Certific...

Page 338: ...ofessional however the screens can apply to Opera 9 on all platforms 1 If your device s web configurator is set to use SSL certification then the first time you browse to it you are presented with a c...

Page 339: ...rtificates User s Guide 339 3 The next time you visit the web site click the padlock in the address bar to open the Security information window to view the web page s security details Figure 191 Opera...

Page 340: ...Certificate File in Opera Rather than browsing to a ZyXEL web configurator and installing a public key certificate when prompted you can install a stand alone certificate file if one has been issued t...

Page 341: ...Appendix E Importing Certificates User s Guide 341 2 In Preferences click ADVANCED Security Manage certificates Figure 193 Opera 9 Preferences...

Page 342: ...User s Guide 342 3 In the Certificates Manager click Authorities Import Figure 194 Opera 9 Certificate manager 4 Use the Import certificate dialog box to locate the certificate and then click Open Fig...

Page 343: ...alog box click Install Figure 196 Opera 9 Install authority certificate 6 Next click OK Figure 197 Opera 9 Install authority certificate 7 The next time you visit the web site click the padlock in the...

Page 344: ...ing a Certificate in Opera This section shows you how to remove a public key certificate in Opera 9 1 Open Opera and click TOOLS Preferences Figure 198 Opera 9 Tools Menu 2 In Preferences ADVANCED Sec...

Page 345: ...emove and then click Delete Figure 200 Opera 9 Certificate manager 4 The next time you go to the web site that issued the public key certificate you just removed a certification error appears Note The...

Page 346: ...or 3 5 on all Linux KDE distributions 1 If your device s web configurator is set to use SSL certification then the first time you browse to it you are presented with a certification error 2 Click Cont...

Page 347: ...x E Importing Certificates User s Guide 347 4 Click the padlock in the address bar to open the KDE SSL Information window and view the web page s security details Figure 203 Konqueror 3 5 KDE SSL Info...

Page 348: ...ed you can install a stand alone certificate file if one has been issued to you 1 Double click the public key certificate file Figure 204 Konqueror 3 5 Public Key Certificate File 2 In the Certificate...

Page 349: ...endix E Importing Certificates User s Guide 349 3 The next time you visit the web site click the padlock in the address bar to open the KDE SSL Information window to view the web page s security detai...

Page 350: ...and click Settings Configure Konqueror Figure 207 Konqueror 3 5 Settings Menu 2 In the Configure dialog box select Crypto 3 On the Peer SSL Certificates tab select the certificate you want to delete...

Page 351: ...pendix E Importing Certificates User s Guide 351 Note There is no confirmation when you remove a certificate authority so be absolutely certain you want to go through with it before clicking the butto...

Page 352: ...Appendix E Importing Certificates User s Guide 352...

Page 353: ...The SIP UA sends registration packets to the SIP server periodically and keeps the session alive in the WiMAX Modem If the SIP client does not have this mechanism and makes no call during the WiMAX M...

Page 354: ...Appendix F SIP Passthrough User s Guide 354...

Page 355: ...rmation about port numbers If the Protocol is TCP UDP or TCP UDP this is the IP port number If the Protocol is USER this is the IP protocol number Description This is a brief explanation of the applic...

Page 356: ...Group Management Protocol is used when sending packets to a specific group of hosts IKE UDP 500 The Internet Key Exchange algorithm is used for key distribution and management IRC TCP UDP 6667 This i...

Page 357: ...ssage exchange standard for the Internet SMTP enables you to move messages from one e mail server to another SNMP TCP UDP 161 Simple Network Management Program SNMP TRAPS TCP UDP 162 Traps for use wit...

Page 358: ...Protocol is an Internet file transfer protocol similar to FTP but uses the UDP User Datagram Protocol rather than TCP Transmission Control Protocol VDOLIVE TCP 7000 Another videoconferencing solution...

Page 359: ...either does it convey any license under its patent rights nor the patent rights of others ZyXEL further reserves the right to make changes in any products described herein without notice This publicat...

Page 360: ...mful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this device does cause harmful interference to radio television...

Page 361: ...o years from the date of purchase During the warranty period and upon proof of purchase should the product have indications of failure due to faulty workmanship and or materials ZyXEL will at its disc...

Page 362: ...or indirect or consequential damages of any kind to the purchaser To obtain the services of this warranty contact your vendor You may also refer to the warranty policy for the region in which you boug...

Page 363: ...n Date that you received your device Brief description of the problem and the steps you took to solve it is the prefix number you dial to make an international telephone call Corporate Headquarters Wo...

Page 364: ...www zyxel co cr Regular Mail ZyXEL Costa Rica Plaza Roble Escaz Etapa El Patio Tercer Piso San Jos Costa Rica Czech Republic E mail info cz zyxel com Telephone 420 241 091 350 Fax 420 241 091 359 Web...

Page 365: ...phone 49 2405 6909 69 Fax 49 2405 6909 99 Web www zyxel de Regular Mail ZyXEL Deutschland GmbH Adenauerstr 20 A2 D 52146 Wuerselen Germany Hungary Support E mail support zyxel hu Sales E mail info zyx...

Page 366: ...Ave Office 414 Dostyk Business Centre 050010 Almaty Republic of Kazakhstan Malaysia Support E mail support zyxel com my Sales E mail sales zyxel com my Telephone 603 8076 9933 Fax 603 8076 9833 Web ht...

Page 367: ...rt Sales E mail sales zyxel ru Telephone 7 095 542 89 29 Fax 7 095 542 89 25 Web www zyxel ru Regular Mail ZyXEL Russia Ostrovityanova 37a Str Moscow 117279 Russia Singapore Support E mail support zyx...

Page 368: ...333 Sec 2 Dunhua S Rd Da an District Taipei Thailand Support E mail support zyxel co th Sales E mail sales zyxel co th Telephone 662 831 5315 Fax 662 831 5395 Web http www zyxel co th Regular Mail ZyX...

Page 369: ...Pimonenko Str Kiev 04050 Ukraine United Kingdom Support E mail support zyxel co uk Sales E mail sales zyxel co uk Telephone 44 1344 303044 0845 122 0301 UK only Fax 44 1344 303034 Web www zyxel co uk...

Page 370: ...Appendix I Customer Support User s Guide 370...

Page 371: ...156 waiting 155 156 CBC MAC 269 CCMP 267 269 cell 85 Certificate Management Protocol CMP 172 Certificate Revocation List CRL 185 certificates 167 267 advantages 185 and CA 185 certification path 175...

Page 372: ...omain name 120 download frequency see DL frequency DS field 147 DSCP see DiffServ dynamic DNS 122 Dynamic Host Configuration Protocol see DHCP E EAP 87 echo cancellation 149 encryption 267 269 traffic...

Page 373: ...ave 85 86 mobile station see MS MS 86 multimedia 132 MWI 136 My Certificates 168 see also certificates N NAT 135 317 and remote management 204 routers 135 server sets 110 network activity 87 services...

Page 374: ...5 services 87 Session Initiation Protocol see SIP silence suppression 149 silent packets 149 Simple Certificate Enrollment Protocol SCEP 172 SIP 131 account 132 ACK message 143 ALG 116 146 Application...

Page 375: ...132 USA type call service mode 156 use NAT 146 use NAT feature 132 user agent SIP 144 user authentication 267 user ID 48 user name 123 V VAD 149 verification 269 virtual local area network see VLAN V...

Page 376: ...Index User s Guide 376...

Reviews:

No comments

Related manuals for MAX-306M1

Brand: Dare Pages: 26

Brand: Novatel Pages: 28

Brand: Sierra Wireless Pages: 68

Brand: Sangamo Pages: 66

Brand: Lava Pages: 27

SpeedStream 4200

Brand: Siemens Pages: 8

EDGE Speed ES75

Brand: Siemens Pages: 4

SpeedStream 4100

Brand: Siemens Pages: 9

Brand: Siemens Pages: 2

Brand: Siemens Pages: 16

Brand: Siemens Pages: 20

Gigaset SX685 WiMAX

Brand: Siemens Pages: 32

Brand: Siemens Pages: 56

Brand: Siemens Pages: 51

SIMATIC NET MODEM MD720

Brand: Siemens Pages: 67

Gigaset USB Stick 54

Brand: Siemens Pages: 70

Brand: Siemens Pages: 76

Brand: Siemens Pages: 84

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands