Home
/
ZyXEL Communications
/
P-660N-T1A
/
User Manual

ZyXEL Communications P-660N-T1A, User Manual

Share

Page: 300 / 322

ZyXEL Communications P-660N-T1A User Manual Download Page 300

Appendix D Wireless LANs

P-660N-T1A User’s Guide

300

keys. This prevent all wireless devices sharing the same encryption keys. (a
weakness of WEP)

User Authentication

WPA and WPA2 apply IEEE 802.1x and Extensible Authentication Protocol (EAP) to
authenticate wireless clients using an external RADIUS database. WPA2 reduces
the number of key exchange messages from six to four (CCMP 4-way handshake)
and shortens the time required to connect to a network. Other WPA2
authentication features that are different from WPA include key caching and pre-
authentication. These two features are optional and may not be supported in all
wireless devices.

Key caching allows a wireless client to store the PMK it derived through a
successful authentication with an AP. The wireless client uses the PMK when it tries
to connect to the same AP and does not need to go with the authentication
process again.

Pre-authentication enables fast roaming by allowing the wireless client (already
connecting to an AP) to perform IEEE 802.1x authentication with another AP
before connecting to it.

Wireless Client WPA Supplicants

A wireless client supplicant is the software that runs on an operating system
instructing the wireless client how to use WPA. At the time of writing, the most
widely available supplicant is the

WPA patch for Windows XP, Funk Software's

Odyssey client.

The Windows XP patch is a free download that adds WPA capability to Windows
XP's built-in "Zero Configuration" wireless client. However, you must run Windows
XP to use it.

WPA(2) with RADIUS Application Example

To set up WPA(2), you need the IP address of the RADIUS server, its port number
(default is 1812), and the RADIUS shared secret. A WPA(2) application example
with an external RADIUS server looks as follows. "A" is the RADIUS server. "DS" is
the distribution system.

1

The AP passes the wireless client's authentication request to the RADIUS server.

2

The RADIUS server then checks the user's identification against its database and
grants or denies network access accordingly.

3

A 256-bit Pairwise Master Key (PMK) is derived from the authentication process by
the RADIUS server and the client.

«
...
298
299
300
301
302
...
»

Summary of Contents for P-660N-T1A

Page 1: ...com www zyxel com P 660N T1A 802 11n Wireless ADSL2 Gateway Copyright 2010 ZyXEL Communications Corporation Firmware Version 3 40 Edition 2 8 2010 Default Login Details IP Address http 192 168 1 1 Pas...

Page 2: ......

Page 3: ...up and running right away It contains information on setting up your network and configuring for Internet access Support Disc Refer to the included CD for support documents ZyXEL Web Site Please refe...

Page 4: ...ences as well Customer Support In the event of problems that cannot be solved by using this manual you should contact your vendor If you cannot contact your vendor then contact a ZyXEL office for the...

Page 5: ...A key stroke is denoted by square brackets and uppercase text for example ENTER means the enter or return key on your keyboard Enter means for you to type one or more characters and then press the EN...

Page 6: ...ide 6 Icons Used in Figures Figures in this User s Guide may use the following generic icons The ZyXEL Device icon is not an exact representation of your device ZyXEL Device Computer Notebook computer...

Page 7: ...Europe Do NOT allow anything to rest on the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or cord Do NOT use the device if the power adaptor or cord is...

Page 8: ...Safety Warnings P 660N T1A User s Guide 8...

Page 9: ...t and Wireless Setup Wizard 53 WAN Setup 67 LAN Setup 85 Wireless LAN 99 Network Address Translation NAT 131 Firewall 147 Filters 151 Static Route 157 802 1Q 1P 161 Quality of Service QoS 167 Dynamic...

Page 10: ...Contents Overview P 660N T1A User s Guide 10...

Page 11: ...21 1 2 1 Good Habits for Managing the ZyXEL Device 22 1 3 Internet Access 22 1 4 Wireless Access 23 1 4 1 Using the WPS WLAN Button 23 1 5 LEDs Lights 25 1 6 The RESET Button 26 1 6 1 Using the Reset...

Page 12: ...t Access Wizard Setup 53 5 2 1 Manual Configuration 56 5 3 Wireless Connection Wizard Setup 62 5 3 1 Manually Assign a WPA PSK key 64 5 3 2 Manually Assign a WEP Key 65 Chapter 6 WAN Setup 67 6 1 Over...

Page 13: ...Device 94 7 6 2 DHCP Setup 94 7 6 3 DNS Server Addresses 94 7 6 4 LAN TCP IP 95 7 6 5 RIP Setup 96 7 6 6 Multicast 97 Chapter 8 Wireless LAN 99 8 1 Overview 99 8 1 1 What You Can Do in the Wireless LA...

Page 14: ...creen 135 9 3 2 The Port Forwarding Rule Edit Screen 137 9 4 The Address Mapping Screen 138 9 4 1 The Address Mapping Rule Edit Screen 140 9 5 The ALG Screen 141 9 6 Technical Reference 142 9 6 1 NAT...

Page 15: ...ce QoS 167 14 1 Overview 167 14 1 1 What You Can Do in the QoS Screens 168 14 1 2 What You Need to Know 168 14 2 The QoS Screen 169 14 2 1 The QoS Settings Summary Screen 171 14 3 Technical Reference...

Page 16: ...ng UPnP in Windows 190 17 2 2 Using UPnP in Windows XP 192 Chapter 18 CWMP 197 18 1 Overview 197 18 2 The CWMP Setup Screen 198 Chapter 19 System Settings 201 19 1 Overview 201 19 1 1 What You Can Do...

Page 17: ...oting 227 23 1 Power Hardware Connections and LEDs 227 23 2 ZyXEL Device Access and Login 228 23 3 Internet Access 230 Chapter 24 Product Specifications 233 24 1 Hardware Specifications 233 24 2 Firmw...

Page 18: ...Table of Contents P 660N T1A User s Guide 18...

Page 19: ...19 PART I User s Guide...

Page 20: ...20...

Page 21: ...grated Services Digital Network or T ISDN UR 2 Only use firmware for your ZyXEL Device s specific model Refer to the label on the bottom of your ZyXEL Device Note All screens displayed in this user s...

Page 22: ...ould not have to totally re configure the ZyXEL Device You could simply restore your last configuration 1 3 Internet Access Your ZyXEL Device provides shared Internet access by connecting the DSL port...

Page 23: ...PDAs and iPads It allows them to connect to the Internet without having to rely on inconvenient Ethernet cables You can configure your wireless network in either the built in Web Configurator or using...

Page 24: ...AN button for five to ten seconds and release it 3 Press the WPS button on another WPS enabled device within range of the ZyXEL Device The WPS WLAN LED should flash while the ZyXEL Device sets up a WP...

Page 25: ...n On The ZyXEL Device is receiving power and ready for use Blinking The ZyXEL Device is self testing Off The ZyXEL Device is not receiving power Red On The ZyXEL Device detected an error while self te...

Page 26: ...d and the device restarts WPS WLAN Green On The wireless network is activated Blinking The ZyXEL Device is communicating with other wireless clients Off The wireless network is not activated Orange Bl...

Page 27: ...els In order to use the web configurator you need to allow Web browser pop up windows from your device Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 JavaScript enabled by d...

Page 28: ...ck Login Figure 4 Password Screen 5 The following screen displays if you have not yet changed your password It is strongly recommended you change the default password Enter a new password retype it to...

Page 29: ...wizard main screen Otherwise select Go to Advanced setup and click Apply to display the Status screen Figure 6 Replace Factory Default Certificate Screen Note For security reasons the ZyXEL Device aut...

Page 30: ...660N T1A User s Guide 30 2 2 Main Screen This section introduces the Web Configurator s main screen Figure 7 Main Screen The main screen is divided into these parts A title bar B navigation panel C m...

Page 31: ...vigation Panel Summary LINK TAB FUNCTION Status This screen shows the ZyXEL Device s general device and network status information Use this screen to access the statistics and client list Network WAN...

Page 32: ...to activate deactivate the firewall and SPI Security Parameter Index Filter URL Use this screen to block access to certain web site URLs Application Filter Use this screen to block or allow traffic f...

Page 33: ...e through which interface s and from which IP address es users can send DNS queries to the ZyXEL Device ICMP Use this screen to set whether or not your device will respond to pings and probes for serv...

Page 34: ...Chapter 2 The Web Configurator P 660N T1A User s Guide 34 2 2 4 Status Bar Check the status bar when you click Apply or OK to verify that the configuration has been updated...

Page 35: ...t status of the device system resources and interfaces LAN and WAN The Status screen also provides information from DHCP and statistics from bandwidth management and traffic 3 2 The Status Screen Use...

Page 36: ...s the current IP address of the ZyXEL Device in the WAN Click this to go to the screen where you can change it IP Subnet Mask This is the current subnet mask in the WAN Default Gateway This is the IP...

Page 37: ...t Current Date Time This field displays the current date and time in the ZyXEL Device You can change this in Maintenance System Time Setting System Mode This displays whether the ZyXEL Device is funct...

Page 38: ...you re using PPPoE encapsulation For the LAN interface this field displays Up when the ZyXEL Device is using the interface and Down when the ZyXEL Device is not using the interface For the WLAN interf...

Page 39: ...the Internet In this wireless network the ZyXEL Device serves as an access point AP and the notebook is the wireless client The wireless client can access the Internet through the AP Thomas has to co...

Page 40: ...39 Click Apply 2 Click the Advanced Setup button and select 802 11b g n in the 802 11 Mode field Click Apply Thomas can now use the WPS feature to establish a wireless connection between his notebook...

Page 41: ...load the wireless network settings from the ZyXEL Device Push Button Configuration PBC 1 Make sure that your ZyXEL Device is turned on and your notebook is within the cover range of the wireless signa...

Page 42: ...ings to the wireless client This may take up to two minutes The wireless client is then able to communicate with the ZyXEL Device securely The following figure shows you an example of how to set up a...

Page 43: ...IN number 2 Enter the PIN number in the PIN field in the Network Wireless LAN WPS Station screen on the ZyXEL Device 3 Click the Start buttons or the button next to the PIN field on both the wireless...

Page 44: ...ing figure shows you how to set up a wireless network and its security on a ZyXEL Device and a wireless client by using PIN method Example WPS Process PIN Method Authentication by PIN SECURITY INFO WI...

Page 45: ...ce supports IEEE 802 11b and IEEE 802 11g wireless clients Make sure that your notebook or computer s wireless adapter supports one of these standards 4 2 4 Setting Up Wireless Network Scheduling Thom...

Page 46: ...g the MAC Address Filter Thomas noticed that his daughter Josephine spends too much time surfing the web and downloading media files He decided to prevent Josephine from accessing the Internet so that...

Page 47: ...T1A User s Guide 47 1 Click Network LAN Client List to open the following screen Look for the MAC address of Josephine s computer 2 Click Network Wireless LAN to open the AP screen Click the Edit butt...

Page 48: ...vice 4 4 Multiple WAN Connections Example This example shows an application for multiple WAN connections Your ISP may configure more than one WAN connection on the ZyXEL Device to record traffic stati...

Page 49: ...Chapter 4 Tutorials P 660N T1A User s Guide 49 The connection with VPI VCI 0 35 is dedicated for general data transmission Figure 9 Example for Multiple WAN Connections...

Page 50: ...Chapter 4 Tutorials P 660N T1A User s Guide 50...

Page 51: ...51 PART II Technical Reference...

Page 52: ...52...

Page 53: ...mation given to you by your ISP Note See the advanced menu chapters for background information on these fields 5 2 Internet Access Wizard Setup 1 After you enter the password to access the web configu...

Page 54: ...not detected Check your hardware connections and click Restart the INTERNET WIRELESS SETUP Wizard to return to the wizard welcome screen If you still cannot connect click Manually configure your Inter...

Page 55: ...or service name exactly as provided by your ISP Then click Next and see Section 5 3 on page 62 for wireless connection wizard setup Figure 13 Auto Detection PPPoE 3c The following screen appears if th...

Page 56: ...s LABEL DESCRIPTION Mode Select Routing default from the drop down list box if your ISP give you one IP address only and you want multiple computers to share an Internet account Select Bridge when you...

Page 57: ...t box either VC based or LLC based Virtual Circuit ID VPI Virtual Path Identifier and VCI Virtual Channel Identifier define a virtual circuit Refer to the appendix for more information VPI Enter the V...

Page 58: ...he user name exactly as your ISP assigned If assigned a name in the form user domain where domain identifies a service name then enter both components exactly as given Password Enter the password asso...

Page 59: ...T ENCAP Table 7 Internet Connection with RFC 1483 LABEL DESCRIPTION IP Address This field is available if you select Routing in the Mode field Type your ISP assigned IP address in this field Back Clic...

Page 60: ...ic IP Address if your ISP gave you an IP address to use IP Address Enter your ISP assigned IP address Subnet Mask Enter a subnet mask in dotted decimal notation Refer to the appendix to calculate a su...

Page 61: ...Connection Test Failed 1 If the following screen displays check if your account is activated or click Restart the Internet Wireless Setup Wizard to verify your Internet access settings Figure 21 Conne...

Page 62: ...o configure wireless settings Otherwise select No and skip to Step 6 Figure 22 Connection Test Successful 2 Use this screen to activate the wireless LAN Click Next to continue Figure 23 Wireless LAN S...

Page 63: ...ke sure all wireless stations use the same SSID in order to access the network Channel Selection The range of radio frequencies used by IEEE 802 11b g wireless devices is called a channel Select a cha...

Page 64: ...igure 25 Manually Assign a WPA PSK key The following table describes the labels in this screen Next Click this to continue to the next wizard screen Exit Click this to close the wizard screen without...

Page 65: ...re 27 Wireless LAN Setup 3 Table 13 Manually Assign a WEP key LABEL DESCRIPTION Key The WEP keys are used to encrypt data Both the ZyXEL Device and the wireless stations must use the same WEP key for...

Page 66: ...chose not to configure wireless LAN settings Figure 28 Internet Access and WLAN Wizard Setup Complete 7 Launch your web browser and navigate to www zyxel com Internet access is just the beginning Refe...

Page 67: ...at You Can Do in the WAN Screens Use the Internet Connection screen Section 6 2 on page 69 to configure the WAN settings on the ZyXEL Device for Internet access Use the More Connections screen Section...

Page 68: ...the Ethernet or ENET ENCAP encapsulation method Multicast Traditionally IP packets are transmitted in one of either two ways Unicast 1 sender 1 recipient or Broadcast 1 sender everybody on the network...

Page 69: ...9 6 2 The Internet Connection Screen Use this screen to change your ZyXEL Device s WAN settings Click Network WAN Internet Connection The screen differs by the WAN type and encapsulation you select Fi...

Page 70: ...by your ISP from the drop down list box Choices vary depending on the mode you select in the Mode field If you select Bridge in the Mode field select either PPPoA or RFC 1483 If you select Routing in...

Page 71: ...psulation field Specify a gateway IP address supplied by your ISP Connection PPPoA and PPPoE encapsulation only Keep Alive Select Keep Alive when you want your connection up all the time The ZyXEL Dev...

Page 72: ...Connection Advanced Setup LABEL DESCRIPTION RIP Multicast Setup This section is not available when you configure the ZyXEL Device to be in bridge mode RIP Direction RIP Routing Information Protocol al...

Page 73: ...re closely controlled delay and delay variation Peak Cell Rate Divide the DSL line rate bps by 424 the size of an ATM cell to find the Peak Cell Rate PCR This is the maximum rate at which the sender c...

Page 74: ...This field indicates whether the connection is active or not Clear the check box to disable the connection Select the check box to enable it Name This is the name you gave to the Internet connection V...

Page 75: ...ble 17 Network WAN More Connections Edit LABEL DESCRIPTION General Active Select the check box to activate or clear the check box to deactivate this connection Name Enter a unique descriptive name of...

Page 76: ...assigned to you IP Address This option is available if you select Routing in the Mode field A static IP address is a fixed IP that your ISP gives you A dynamic IP address is not fixed the ISP assigns...

Page 77: ...t session will not timeout NAT SUA only is available only when you select Routing in the Mode field Select SUA Only if you have one public IP address and want to use NAT Click Edit Detail to go to the...

Page 78: ...with other applications Peak Cell Rate Divide the DSL line rate bps by 424 the size of an ATM cell to find the Peak Cell Rate PCR This is the maximum rate at which the sender can send cells Type the...

Page 79: ...ervices a function known as dynamic service selection This enables the service provider to easily create and offer new IP services for individuals Operationally PPPoE saves significant effort for both...

Page 80: ...tageous if it is not practical to have a separate VC for each carried protocol for example if charging heavily depends on the number of simultaneous VCs 6 4 3 VPI and VCI Be sure to use the correct Vi...

Page 81: ...connection is down A nailed up connection can be very expensive for obvious reasons Do not specify a nailed up connection unless your telephone company offers flat rate service or you need a constant...

Page 82: ...relationship between PCR SCR and MBS Figure 35 Example of Traffic Shaping 6 5 1 ATM Traffic Classes These are the basic ATM traffic classes defined by the ATM Forum Traffic Management 4 0 Specificatio...

Page 83: ...tion to the video image s changing dynamics The VBR nRT non real time Variable Bit Rate type is used with bursty connections that do not require closely controlled delay and delay variation It is comm...

Page 84: ...Chapter 6 WAN Setup P 660N T1A User s Guide 84...

Page 85: ...e LAN Screens Use the IP screen Section 7 2 on page 87 to set the LAN IP address and subnet mask of your ZyXEL device You can also edit your ZyXEL Device s RIP multicast and Windows Networking setting...

Page 86: ...ubnet mask DNS and other routing information when it s turned on RIP RIP Routing Information Protocol allows a router to exchange routing information with other routers Multicast Traditionally IP pack...

Page 87: ...o set the Local Area Network IP address and subnet mask of your ZyXEL Device Click Network LAN to open the IP screen Follow these steps to configure your LAN settings 1 Enter an IP address into the IP...

Page 88: ...tomatically computes the subnet mask based on the IP Address you enter so do not change this field unless you are instructed to do so Apply Click this to save your changes Cancel Click this to restore...

Page 89: ...NT and other systems that support the DHCP client If set to None the DHCP server will be disabled If set to Relay the ZyXEL Device acts as a surrogate DHCP server and relays DHCP requests and respons...

Page 90: ...een Figure 39 Network LAN Client List The following table describes the labels in this screen DNS Servers Assigned by DHCP Server The ZyXEL Device passes a DNS Domain Name System server IP address to...

Page 91: ...ld displays the IP address relative to the field listed above MAC Address The MAC Media Access Control or Ethernet address on a LAN Local Area Network is unique to your computer six pairs of hexadecim...

Page 92: ...s screen Ethernet Interface A 192 168 1 1 192 168 1 24 B 192 168 2 1 192 168 2 24 C 192 168 3 1 192 168 3 24 Table 23 Network LAN IP Alias LABEL DESCRIPTION IP Alias 1 Select the check box to configur...

Page 93: ...the RIP packets that the ZyXEL Device sends it recognizes both formats when receiving RIP 1 is universally supported but RIP 2 carries more information RIP 1 is probably adequate for most networks unl...

Page 94: ...art up from a server You can configure the ZyXEL Device as a DHCP server or disable it When configured as a server the ZyXEL Device provides the TCP IP configuration for the clients If you turn DHCP s...

Page 95: ...HCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability IP Address and Subnet Mask Similar to the way houses on a street share a common street na...

Page 96: ...can obtain your IP address from the IANA from an ISP or it can be assigned from a private network If you belong to a small organization and your Internet access is through an ISP the ISP can provide y...

Page 97: ...over version 1 RFC 1112 but IGMP version 1 is still in wide use IGMP version 3 supports source filtering reporting or ignoring traffic from specific source address to a particular host on the network...

Page 98: ...Chapter 7 LAN Setup P 660N T1A User s Guide 98...

Page 99: ...screens to set up your ZyXEL Device s wireless connection Use the AP screen see Section 8 2 on page 101 to turn the wireless connection on or off set up wireless security configure the MAC filter and...

Page 100: ...uire a license to use However wireless networking is different from that of most traditional radio communications in that there a number of wireless networking standards available with different metho...

Page 101: ...network Do the other wireless devices in your network support WPS Wi Fi Protected Setup If so you can set up a well secured network very easily Even if some of your devices support WPS and some do no...

Page 102: ...vice from a computer connected to the wireless LAN and you change the ZyXEL Device s SSID or WEP settings you will lose your wireless connection when you press Apply to confirm You must then change th...

Page 103: ...xtremely insecure Its encryption can be broken by an attacker using widely available software It is strongly recommended that you use a more effective security mechanism Use the strongest security mec...

Page 104: ...use the same WEP key for data transmission If you want to manually set the WEP key enter any 5 or 13 characters ASCII string or 10 or 26 hexadecimal characters 0 9 A F for a 64 bit or 128 bit WEP key...

Page 105: ...the ZyXEL Device is using WPA2 PSK or WPA2 ReAuthentication Timer Specify how often wireless stations have to resend usernames and passwords in order to stay connected Enter a time interval between 10...

Page 106: ...r the port number of the external authentication server You need not change this value unless your network administrator instructs you to do so with additional information Shared Secret Enter a passwo...

Page 107: ...ther IEEE 802 11b or IEEE 802 11g compliant WLAN devices to associate with the ZyXEL Device The transmission rate of your ZyXEL Device might be reduced Select 802 11n to allow only IEEE 802 11n compli...

Page 108: ...tering Filter Action Define the filter action for the list of MAC addresses in the MAC Address table Select Deny to block access to the ZyXEL Device MAC addresses not listed will be allowed to access...

Page 109: ...N This is the index number of each SSID profile Active This field indicates with a check mark whether this SSID is active No check mark means it is not active SSID An SSID profile is the set of parame...

Page 110: ...e 7 bit ASCII characters for the wireless LAN Note If you are configuring the ZyXEL Device from a computer connected to the wireless LAN and you change the ZyXEL Device s SSID or security settings you...

Page 111: ...etwork Wireless LAN WPS The following screen displays Figure 52 Network Wireless LAN WPS The following table describes the labels in this screen QoS Select this check box to activate Quality of Servic...

Page 112: ...s This displays Configured when the ZyXEL Device has connected to a wireless network using WPS or Enable WPS is selected and wireless or wireless security settings have been changed The current wirele...

Page 113: ...ients Note At the time of writing WDS is compatible with other ZyXEL APs only Not all models support WDS links Check your other AP s documentation Table 34 Network Wireless LAN WPS Station LABEL DESCR...

Page 114: ...N AP screen TKIP Select this to use TKIP Temporal Key Integrity Protocol encryption AES Select this to use AES Advanced Encryption Standard encryption This is the index number of the individual WDS li...

Page 115: ...ss LAN QoS LABEL DESCRIPTION Enable Wireless LAN Scheduling Select this box to activate wireless LAN scheduling on your ZyXEL Device Action Select On or Off to enable or disable the wireless LAN Day C...

Page 116: ...wireless clients and let them access the network A bridge is a radio that relays communications between access points and wireless clients extending a network s range Traditionally a wireless network...

Page 117: ...each wireless network uses a specific channel or frequency to send and receive information Every device in the same wireless network must use security compatible with the AP Security stops unauthoriz...

Page 118: ...h the code key can understand the information and only people who have been authenticated are given the code key Table 37 Additional Wireless Terms TERM DESCRIPTION RTS CTS Threshold In a wireless net...

Page 119: ...ple if your mother owns a 1970 Dodge Challenger and her favorite movie is Vanishing Point which you know was made in 1971 you could use 70dodchal71vanpoi as your security key The following sections in...

Page 120: ...twork has to support IEEE 802 1x to do this For wireless networks you can store the user names and passwords for each user in a RADIUS server This is a server used in businesses more than in homes If...

Page 121: ...rt WPA2 you should set up WPA2 PSK or WPA2 depending on the type of wireless network login and select the WPA compatible option in the ZyXEL Device Many types of encryption use a key to protect the in...

Page 122: ...ID Multiple Basic Service Set IDentifier function allows you to use one access point to provide several BSSs simultaneously You can then assign varying QoS priorities and or security modes to differen...

Page 123: ...WDS link with AP 2 the notebook computer can access the Internet through AP 2 Figure 58 WDS Link Example 8 8 8 WiFi Protected Setup WPS Your ZyXEL Device supports WiFi Protected Setup WPS which is an...

Page 124: ...sends the network name SSID and security key through an secure connection to the enrollee If you need to make sure that WPS worked check the list of associated wireless clients in the AP s configurati...

Page 125: ...the WPS PIN for the ZyXEL Device see Section 8 4 on page 111 4 Enter the client s PIN in the AP s configuration interface 5 If the client device s configuration interface has an area for entering ano...

Page 126: ...ice acts as the enrollee the device that receives network and security settings The registrar creates a secure EAP Extensible Authentication Protocol tunnel and sends the network name SSID and the WPA...

Page 127: ...lee All WPS certified APs can be a registrar and so can some WPS enabled wireless clients By default a WPS devices is unconfigured This means that it is not part of an existing network and can act as...

Page 128: ...twork Step 1 In step 2 you add another wireless client to the network You know that Client 1 supports registrar mode but it is better to use AP1 for the WPS handshake with the new client since you mus...

Page 129: ...the WPS button on the registrar and the first enrollee for example then check that it successfully enrolled then set up the second device in the same way WPS works only with other WPS enabled devices...

Page 130: ...f this has happened WPS works between only two devices simultaneously so if another device has enrolled your device will be unable to enroll and will not have access to the network If this happens ope...

Page 131: ...forward incoming service requests to the server s on your local network Use the Address Mapping screen Section 9 4 on page 138 to change your ZyXEL Device s address mapping settings Use the ALG screen...

Page 132: ...is a list of inside behind NAT on the LAN servers for example web or FTP that you can make visible to the outside world even though NAT makes your whole inside network appear as a single computer to t...

Page 133: ...all Session Per User When computers use peer to peer applications such as file sharing applications they need to establish NAT sessions If you do not limit the number of NAT sessions a single client c...

Page 134: ...most often used port numbers and services are shown in Appendix E on page 305 Please refer to RFC 1700 for further information about port numbers Note Many residential broadband ISP accounts do not al...

Page 135: ...the example You assign the LAN IP addresses and the ISP assigns the WAN IP address The NAT network appears as a single host on the Internet Figure 65 Multiple Servers Behind NAT Example 9 3 1 Configur...

Page 136: ...d service Add Click this button to add a rule to the table below This is the rule index number read only Active This field indicates whether the rule is active or not Clear the check box to disable th...

Page 137: ...forward a series of ports enter the start port number here and the end port number in the End Port field End Port Enter a port number in this field To forward only one port enter the port number again...

Page 138: ...ed rule your configured rule will be pushed up by that number of empty rules For example if you have already configured rules 1 to 6 in your current set and now you configure rule number 9 In the set...

Page 139: ...l IP Address IGA This field is N A for One to one Many to One and Server mapping types Type 1 1 One to one mode maps one local IP address to one global IP address Note that port numbers do not change...

Page 140: ...port address translation ZyXEL s Single User Account feature that previous ZyXEL routers supported only Many to Many Overload Many to Many Overload mode maps multiple local IP addresses to shared glob...

Page 141: ...re 70 Network NAT ALG The following table describes the fields in this screen Global End IP This is the ending global IP address IGA This field is N A for One to One Many to One and Server mapping typ...

Page 142: ...ide host when the packet is on the WAN side The following table summarizes this information NAT never changes the IP address either local or global of an outside host 9 6 2 What NAT Does In the simple...

Page 143: ...address on the WAN For incoming packets the ILA is the destination address on the LAN and the IGA is the destination address on the WAN NAT maps private local IP addresses to globally unique ones requ...

Page 144: ...ss Many to One In Many to One mode the ZyXEL Device maps multiple local IP addresses to one global IP address This is equivalent to SUA for instance PAT port address translation ZyXEL s Single User Ac...

Page 145: ...NAT mapping types The following table summarizes these types Table 46 NAT Mapping Types TYPE IP MAPPING One to One ILA1 IGA1 Many to One SUA PAT ILA1 IGA1 ILA2 IGA1 Many to Many Overload ILA1 IGA1 IL...

Page 146: ...Chapter 9 Network Address Translation NAT P 660N T1A User s Guide 146...

Page 147: ...bled 10 1 1 What You Can Do in the Firewall Screens Use the Firewall screen Section 10 2 on page 149 to enable firewall and or SPI on the ZyXEL Device 10 1 2 What You Need to Know The following terms...

Page 148: ...ttack hackers flood SYN packets into the network with a spoofed source IP address of the target system This makes it appear as if the host computer sent the packets to itself making the system unavail...

Page 149: ...describes the labels in this screen Enabling SPI blocks all traffic initiated from the WAN side including the DMZ virtual server and ACL on the WAN side Table 47 Advanced Firewall LABEL DESCRIPTION Fi...

Page 150: ...Chapter 10 Firewall P 660N T1A User s Guide 150...

Page 151: ...om certain types of applications Use the IP MAC Filter screen Section 11 4 on page 154 to create IP MAC filter rules 11 1 2 What You Need to Know The following terms and concepts may help as you read...

Page 152: ...creen Table 48 Access Management Filter URL LABEL DESCRIPTION URL Filter Editing Active Use this field to enable or disable the URL filter URL Index Select the index number of the filter URL Filter Li...

Page 153: ...own Figure 75 Security Filter Application Filter The following table describes the labels in this screen Table 49 Access Management Filter Application LABEL DESCRIPTION Application Filter Editing Appl...

Page 154: ...The following table describes the labels in this screen Table 50 Access Management Filter IP MAC LABEL DESCRIPTION IP MAC Filter Set Editing IP MAC Filter Set Index Select the index number of the fil...

Page 155: ...is only available when you select MAC in the Rule Type field Enter the MAC address of the packets you wish to filter Rule Unmatched Select the action for a packet not matching the rule Select Forward...

Page 156: ...Filters P 660N T1A User s Guide 156 DELETE Click this to remove the filter rule CANCEL Click this to restore your previously saved settings Table 50 Access Management Filter IP MAC continued LABEL DE...

Page 157: ...static routes For example the next figure shows a computer A connected to the ZyXEL Device s LAN interface The ZyXEL Device routes most traffic from A to the Internet through the ZyXEL Device s defaul...

Page 158: ...atic Route The following table describes the labels in this screen Table 51 Advanced Static Route LABEL DESCRIPTION This is the number of an individual static route Destination This parameter specifie...

Page 159: ...ved settings Table 51 Advanced Static Route LABEL DESCRIPTION Table 52 Advanced Static Route Edit LABEL DESCRIPTION Static Route Setup Destination IP Address This parameter specifies the IP network ad...

Page 160: ...Chapter 12 Static Route P 660N T1A User s Guide 160...

Page 161: ...rasmitted through the ports Figure 80 802 1Q 1P 13 1 1 What You Can Do in the 802 1Q 1P Screens Use the Group Setting screen Section 13 2 on page 163 to activate 802 1Q 1P specify the management VLAN...

Page 162: ...gged Frames Each port on the device is capable of passing tagged or untagged frames To forward a frame from an 802 1Q VLAN aware device to an 802 1Q VLAN unaware device the ZyXEL Device first decides...

Page 163: ...AN Click Advanced 802 1Q 1P to display the following screen Figure 81 Advanced 802 1Q 1P Group Setting The following table describes the labels in this screen Table 53 Advanced 802 1Q 1P Group Setting...

Page 164: ...Setting Edit Port Number These columns display the VLAN s settings for each port A tagged port is marked as T an untagged port is marked as U and ports not participating in a VLAN are marked as Modify...

Page 165: ...field displays the types of ports available to join the VLAN group Control Select Fixed for the port to be a permanent member of the VLAN group Select Forbidden if you want to prohibit the port from...

Page 166: ...g table describes the labels in this screen Table 55 Advanced 802 1Q 1P Port Setting LABEL DESCRIPTION Ports This field displays the types of ports available to join the VLAN group 802 1Q PVID Assign...

Page 167: ...iority and then queues the packet accordingly Packets assigned with a high priority are processed more quickly than those with low priorities if there is congestion allowing time sensitive application...

Page 168: ...tize source to destination traffic flows All packets in the same flow are given the same priority 802 1p is a way of managing traffic in a network by grouping similar types of traffic together and tre...

Page 169: ...S Screen Use this screen to enable or disable QoS and have the ZyXEL Device assign priority levels to traffic according to the port range IEEE 802 1p priority level and or IP precedence Click Advanced...

Page 170: ...ination MAC address Leave it blank to apply the rule to all MAC addresses IP Enter a destination IP address in dotted decimal notation QoS is then applied to traffic containing this destination IP add...

Page 171: ...fServ Code Point DSCP range IP Precedence Remarking Enter a range from 0 to 7 to re assign IP precedence to matched traffic Zero is the lowest priority and seven is the highest Type of Service Remarki...

Page 172: ...range for destination MAC address and IP address Source MAC and IP Mask Port Ranges This is the port range for source MAC address and IP address Protocol ID This is the protocol ID associated with the...

Page 173: ...d to higher priority queues gets through faster while traffic in lower index queues is dropped if the network is congested Level 5 Typically used for video that consumes high bandwidth and is sensitiv...

Page 174: ...2 010110 010100 010010 010000 5 5 3 011110 011100 011010 011000 250 6 6 4 100110 100100 100010 100000 5 101110 101000 7 7 6 110000 111000 7 Table 59 Internal Layer2 and Layer3 QoS Mapping PRIORITY QU...

Page 175: ...red a dynamic DNS account with www dyndns org This is for people with a dynamic IP from their ISP or DHCP server that would still like to have a domain name The Dynamic DNS service provider will give...

Page 176: ...namic DNS Service Provider This is the name of your Dynamic DNS service provider Dynamic DNS Type Select the type of service that you are registered for from your Dynamic DNS service provider Host Nam...

Page 177: ...ows remote management of the ZyXEL Device coming in from the WAN Figure 88 Remote Management From the WAN Note When you configure remote management to allow management from the WAN you still need to c...

Page 178: ...FTP screen Section 16 4 on page 181 to configure through which interface s and from which IP address es users can use FTP to access the ZyXEL Device Use the SNMP screen Section 16 5 on page 182 to cha...

Page 179: ...here is a default system management idle timeout of five minutes three hundred seconds The ZyXEL Device automatically logs you out if the management session remains idle for longer than this timeout p...

Page 180: ...the server port number for a service if needed However you must use the same port number in order to use that service for remote management Server Access Select the interface s through which a comput...

Page 181: ...igure 91 Advanced Remote MGMT FTP Table 62 Advanced Remote Management Telnet LABEL DESCRIPTION Server Port You may change the server port number for a service if needed however you must use the same p...

Page 182: ...63 Advanced Remote MGMT FTP LABEL DESCRIPTION Server Port You may change the server port number for a service if needed However you must use the same port number in order to use that service for remot...

Page 183: ...to communicate for the purpose of accessing these objects 16 5 1 Supported MIBs The ZyXEL Device supports MIB II that is defined in RFC 1213 and RFC 1215 The ZyXEL Device also supports private MIBs z...

Page 184: ...yXEL Device is set to bridge Table 65 Advanced Remote MGMT SNMP LABEL DESCRIPTION Server Port The SNMP agent listens on port 161 by default If you change the SNMP server port to a different number on...

Page 185: ...which prevents the ICMP response packet from being sent This keeps outsiders from discovering your ZyXEL Device when unsupported ports are probed Table 66 Advanced Remote Management DNS LABEL DESCRIPT...

Page 186: ...message control and error reporting protocol between a host server and a gateway to the Internet ICMP uses Internet Protocol IP datagrams but the messages are processed by the TCP IP software and dire...

Page 187: ...utomatically configure the ZyXEL Device 17 1 2 What You Need to Know The following terms and concepts may helps as you read this chapter Identifying UPnP Devices UPnP hardware is identified as an icon...

Page 188: ...ion may also be obtained and modified by users in some network environments When a UPnP device joins a network it announces its presence with a multicast message For security reasons the ZyXEL Device...

Page 189: ...plication to open the web configurator s login screen without entering the ZyXEL Device s IP address although you must still enter the password to access the web configurator Allow users to make confi...

Page 190: ...you how to configure or install UPnP in Windows 17 2 1 1 Windows 7 Windows 7 already has UPnP installed To enable it 1 Click Start Control Panel and select Network and Internet 2 Click Network and Sha...

Page 191: ...2 Double click Network Connections 3 In the Network Connections window click Advanced in the main menu and select Optional Networking Components Network Connections 4 The Windows Optional Networking C...

Page 192: ...go back to the Windows Optional Networking Component Wizard window and click Next 17 2 2 Using UPnP in Windows XP This section shows you how to use the UPnP feature in Windows XP You must already hav...

Page 193: ...e 1 Click Start and Control Panel Double click Network Connections An icon displays under Internet Gateway 2 Right click the icon and select Properties Network Connections 3 In the Internet Connection...

Page 194: ...ings Internet Connection Properties Advanced Settings Internet Connection Properties Advanced Settings Add 5 When the UPnP enabled device is disconnected from your computer all port mappings will be d...

Page 195: ...configurator on the ZyXEL Device without finding out the IP address of the ZyXEL Device first This comes helpful if you do not know the IP address of the ZyXEL Device Follow the steps below to access...

Page 196: ...Device and select Invoke The web configurator login screen displays Network Connections My Network Places 6 Right click on the icon for your ZyXEL Device and select Properties A properties window dis...

Page 197: ...Device ZD can be managed via a management server MS such as ZyXEL s Vantage Access Figure 97 LAN and WAN An administrator can use a management server to remotely set up the ZyXEL device modify settin...

Page 198: ...EL Device to be managed by a management server Login ACS Configure this part of the screen to log into the management server URL Type the IP address or domain name of the management server If the ZyXE...

Page 199: ...r your NAT port forwarding rules if they were already configured UserName The user name is used to authenticate the management server when connecting to the ZyXEL Device Type a user name of up to 255...

Page 200: ...Chapter 18 CWMP P 660HN T1A User s Guide 200...

Page 201: ...tivity timeout interval 19 1 1 What You Can Do in the System Settings Screens Use the General screen Section 19 2 on page 201 to configure system settings Use the Time and Date screen Section 19 3 on...

Page 202: ...Date Table 70 Maintenance System General LABEL DESCRIPTION Password Admin Password Old Password Type the default password or the existing password you use to access the system in this field New Passwo...

Page 203: ...the last time configured manually When you set Time and Date Setup to Manual enter the new time in this field and then click Apply New Date yyyy mm dd This field displays the last updated date from th...

Page 204: ...y s time zone is one hour ahead of GMT or UTC GMT 1 End Date Configure the day and time when Daylight Saving Time ends if you selected Enable Daylight Saving The o clock field uses the 24 hour format...

Page 205: ...access control and attempted access to blocked web sites Some categories such as System Errors consist of both logs and alerts You may differentiate them by their color in the View Log screen Alerts...

Page 206: ...may result in many e mails being sent Figure 101 Maintenance System Logs The following table describes the fields in this screen Table 72 Maintenance Logs Log Settings LABEL DESCRIPTION System Log Log...

Page 207: ...ful FTP login Someone has logged on to the router via ftp FTP login failed Someone has failed to log on to the router via ftp NAT Session Table is Full The maximum number of NAT session table entries...

Page 208: ...able 75 Access Control Logs LOG MESSAGE DESCRIPTION Firewall default policy TCP UDP IGMP ESP GRE OSPF Packet Direction Attempted TCP UDP IGMP ESP GRE OSPF access matched the default policy and was blo...

Page 209: ...timeout values ICMP idle timeout s 60UDP idle timeout s 60TCP connection three way handshaking timeout s 30TCP FIN wait timeout s 60TCP idle established timeout s 3600 Exceed MAX incomplete sent TCP...

Page 210: ...le 79 CDR Logs LOG MESSAGE DESCRIPTION board d line d channel d call d s C01 Outgoing Call dev x ch x s The router received the setup requirements for a call call is the reference count number of the...

Page 211: ...de d The firewall detected an ICMP attack land TCP UDP IGMP ESP GRE OSPF The firewall detected a TCP UDP IGMP ESP GRE OSPF land attack land ICMP type d code d The firewall detected an ICMP land attack...

Page 212: ...ired The router logged out a user whose session expired User logout because of user deassociation The router logged out a user who ended the session User logout because of no authentication response f...

Page 213: ...urce route failed 4 Source Quench 0 A gateway may discard internet datagrams if it does not have the buffer space needed to queue the datagrams for output to the next network on the route to the desti...

Page 214: ...haven t configured one when the router generates a syslog The facility is defined in the web MAIN MENU LOGS Log Settings page The severity is the log s syslog class The definition of messages and note...

Page 215: ...fault settings The firmware determines the device s available features and functionality You can download new firmware releases from your nearest ZyXEL FTP site or www zyxel com to use to upgrade your...

Page 216: ...a bin filename extension Find this firmware at www zyxel com 21 1 3 Before You Begin Ensure you have either created a firewall rule to allow access from the WAN or turned the firewall off otherwise th...

Page 217: ...r desktop Figure 104 Network Temporarily Disconnected After two minutes log in again and check your new firmware version in the Status screen Table 89 Maintenance Tools Firmware LABEL DESCRIPTION Curr...

Page 218: ...Click Return to go back to the Firmware screen Figure 105 Error Message 21 3 The Configuration Screen Click Maintenance Tools Configuration Information related to factory defaults backup configuratio...

Page 219: ...e Configuration Restore Configuration allows you to upload a new or previously saved configuration file from your computer to your ZyXEL Device Do not turn off the ZyXEL Device while configuration fil...

Page 220: ...rily Disconnected If you uploaded the default configuration file you may need to change the IP address of your computer to be in the same subnet as that of the default device IP address 192 168 1 1 Se...

Page 221: ...so press the RESET button on the rear panel to reset the factory defaults of your ZyXEL Device Refer to Section 1 6 on page 26 for more information on the RESET button 21 4 The Restart Screen System r...

Page 222: ...Chapter 21 Tools P 660N T1A User s Guide 222...

Page 223: ...Diagnostic Screens Use the General Diagnostic screen Section 22 2 on page 223 to ping an IP address Use the DSL Line Diagnostic screen Section 22 3 on page 224 to view the DSL line statistics and rese...

Page 224: ...DSL line statistics and reset the ADSL line Click Maintenance Diagnostic DSL Line to open the screen shown next Figure 114 Maintenance Diagnostic DSL Line Table 91 Maintenance Diagnostic General LABEL...

Page 225: ...he number of ATM cells sent that were rejected inF4Pkts is the number of ATM Operations Administration and Management OAM F4 cells that have been received See ITU recommendation I 610 for more on OAM...

Page 226: ...the quality of the connection whether a given sub carrier loop has sufficient margins to support certain ADSL transmission rates and possibly to determine whether particular specific types of interfe...

Page 227: ...does not turn on None of the LEDs turn on 1 Make sure the ZyXEL Device is turned on 2 Make sure you are using the power adaptor or cord included with the ZyXEL Device 3 Make sure the power adaptor or...

Page 228: ...of the default gateway for your computer To do this in most Windows computers click Start Run enter cmd and then enter ipconfig The IP address of the Default Gateway might be the IP address of the ZyX...

Page 229: ...ame subnet as the ZyXEL Device See Appendix A on page 241 5 Reset the device to its factory defaults and try to access the ZyXEL Device with the default IP address See Section 1 6 on page 26 6 If the...

Page 230: ...ser 23 3 Internet Access I cannot access the Internet 1 Check the hardware connections and make sure the LEDs are behaving as expected See the Quick Start Guide and Section 1 5 on page 25 2 Make sure...

Page 231: ...he ZyXEL Device is sending or receiving a lot of information try closing some programs that use the Internet especially peer to peer applications 2 Check the signal strength If the signal strength is...

Page 232: ...Chapter 23 Troubleshooting P 660N T1A User s Guide 232...

Page 233: ...163mm H Weight 200g Power Specification 12VDC 1A LAN Ethernet Port One auto negotiating auto MDI MDI X 10 100 Mbps RJ 45 Ethernet port ADSL Port 1 RJ 11 for Annex A 802 11n Wireless LAN Access On boar...

Page 234: ...EC 60950 1 FCC Part 15 Class B EN55022 Class B EN61000 3 2 EN61000 3 3 EN61000 4 2 EN61000 4 3 EN61000 4 4 EN61000 4 5 EN61000 4 6 EN61000 4 8 EN61000 4 11 K 21 4KV Power Adaptor Safety Approvals ANSI...

Page 235: ...h Extended ADSL RE ADSL SRA Seamless Rate Adaptation Auto negotiating rate adaptation ADSL physical connection ATM AAL5 ATM Adaptation Layer type 5 Support multi protocol over AAL5 RFC2684 1483 Suppor...

Page 236: ...PSK WPS IEEE 802 1x EAP MD5 TLS and TTLS WMM Multi BSSID 4 BSSIDs Wireless Scheduling Firewall DoS Protocol and Generic Packet Filter Stateful Inspection Access Control List ACL between LAN WAN Real t...

Page 237: ...bridging VLAN tagging pass through bridge mode Static DHCP 802 1Q TR 098 complied QoS Management Embedded Web Configurator SNMP v1 v2 with MIB II TR 064 support Need to support ZyXEL easy install uti...

Page 238: ...66 Network Address Translation Protocol IEEE 802 11 Also known by the brand Wi Fi denotes a set of Wireless LAN WLAN standards developed by working group 11 of the IEEE LAN MAN Standards Committee IEE...

Page 239: ...ber of downstream bits Microsoft PPTP MS PPTP Microsoft s implementation of Point to Point Tunneling Protocol MBM v2 Media Bandwidth Management v2 RFC 2383 ST2 over ATM Protocol Specification UNI 3 1...

Page 240: ...Chapter 24 Product Specifications P 660N T1A User s Guide 240...

Page 241: ...e other devices on your network Windows Vista XP 2000 Mac OS 9 OS X and all versions of UNIX LINUX include the software components you need to use TCP IP on your computer If you manually assign IP inf...

Page 242: ...P 660N T1A User s Guide 242 Windows XP NT 2000 The following example uses the default Windows XP display theme but can also apply to Windows 2000 and Windows NT 1 Click Start Control Panel 2 In the C...

Page 243: ...A Setting Up Your Computer s IP Address P 660N T1A User s Guide 243 3 Right click Local Area Connection and then select Properties 4 On the General tab select Internet Protocol TCP IP and then click P...

Page 244: ...u by your network administrator or ISP You may also have to enter a Preferred DNS server and an Alternate DNS server if that information was provided 7 Click OK to close the Internet Protocol TCP IP P...

Page 245: ...Address P 660N T1A User s Guide 245 Windows Vista This section shows screens from Windows Vista Professional 1 Click Start Control Panel 2 In the Control Panel click the Network and Internet icon 3 C...

Page 246: ...660N T1A User s Guide 246 4 Click Manage network connections 5 Right click Local Area Connection and then select Properties Note During this procedure click Continue whenever Windows displays a scree...

Page 247: ...Appendix A Setting Up Your Computer s IP Address P 660N T1A User s Guide 247 6 Select Internet Protocol Version 4 TCP IPv4 and then select Properties...

Page 248: ...lly Select Use the following IP Address and fill in the IP address Subnet mask and Default gateway fields if you have a static IP address that was assigned to you by your network administrator or ISP...

Page 249: ...nd then press ENTER You can also go to Start Control Panel Network Connections right click a network connection click Status and then click the Support tab to view your IP address and connection infor...

Page 250: ...P 660N T1A User s Guide 250 3 Click Change adapter settings 4 Double click Local Area Connection and then select Properties Note During this procedure click Continue whenever Windows displays a screen...

Page 251: ...Appendix A Setting Up Your Computer s IP Address P 660N T1A User s Guide 251 5 Select Internet Protocol Version 4 TCP IPv4 and then select Properties...

Page 252: ...Address and fill in the IP address Subnet mask and Default gateway fields if you have a static IP address that was assigned to you by your network administrator or ISP You may also have to enter a Pr...

Page 253: ...1 Click Start All Programs Accessories Command Prompt 2 In the Command Prompt window type ipconfig and then press ENTER 3 The IP settings are displayed as follows Mac OS X 10 3 and 10 4 The screens in...

Page 254: ...ter s IP Address P 660N T1A User s Guide 254 2 In the System Preferences window click the Network icon 3 When the Network preferences pane opens select Built in Ethernet from the network connection ty...

Page 255: ...from the Configure IPv4 list in the TCP IP tab 5 For statically assigned settings do the following From the Configure IPv4 list select Manually In the IP Address field type your IP address In the Sub...

Page 256: ...P properties by clicking Applications Utilities Network Utilities and then selecting the appropriate Network Interface from the Info tab Figure 115 Mac OS X 10 4 Network Utility Mac OS X 10 5 and 10 6...

Page 257: ...60N T1A User s Guide 257 2 In System Preferences click the Network icon 3 When the Network preferences pane opens select Ethernet from the list of available connection types 4 From the Configure list...

Page 258: ...or statically assigned settings do the following From the Configure list select Manually In the IP Address field enter your IP address In the Subnet Mask field enter your subnet mask In the Router fie...

Page 259: ...6 Mac OS X 10 5 Network Utility Linux Ubuntu 8 GNOME This section shows you how to configure your computer s TCP IP settings in the GNU Object Model Environment GNOME using the Ubuntu 8 Linux distribu...

Page 260: ...gure your computer IP address in GNOME 1 Click System Administration Network 2 When the Network Settings window opens click Unlock to open the Authenticate window By default the Unlock button is greye...

Page 261: ...ress P 660N T1A User s Guide 261 3 In the Authenticate window enter your admin account name and password then click the Authenticate button 4 In the Network Settings window select the connection that...

Page 262: ...select Static IP address if you have a static IP address Fill in the IP address Subnet mask and Gateway address fields 6 Click OK to save the changes and close the Properties dialog box and return to...

Page 263: ...ifying Settings Check your TCP IP properties by clicking System Administration Network Tools and then selecting the appropriate Network device from the Devices tab The Interface Statistics column show...

Page 264: ...cedure screens and file locations may vary depending on your specific distribution release version and individual configuration The following screens use the default openSUSE 10 3 installation Note Ma...

Page 265: ...Guide 265 3 When the YaST Control Center window opens select Network Devices and then click the Network Card icon 4 When the Network Settings window opens click the Overview tab select the appropriate...

Page 266: ...ck the Address tab Figure 118 openSUSE 10 3 Network Card Setup 6 Select Dynamic Address DHCP if you have a dynamic IP address Select Statically assigned IP Address if you have a static IP address Fill...

Page 267: ...b in Network Settings and then enter the DNS server information in the fields provided 9 Click Finish to save your settings and close the window Verifying Settings Click the KNetwork Manager icon on t...

Page 268: ...puter s IP Address P 660N T1A User s Guide 268 When the Connection Status KNetwork Manager window opens click the Statistics tab to see if your connection is working properly Figure 120 openSUSE Conne...

Page 269: ...and the other part is the host ID In the same way that houses on a street share a common street name the hosts on a network share a common network number Similarly as each house has its own house num...

Page 270: ...st ID using a logical AND operation The term subnet is short for sub network A subnet mask has 32 bits If a bit in the subnet mask is a 1 then the corresponding bit in the IP address is part of the ne...

Page 271: ...mber bits the smaller the number of remaining host ID bits An IP address with host IDs of all zeros is the IP address of the network 192 168 1 0 with a 24 bit subnet mask for example An IP address wit...

Page 272: ...You can use subnetting to divide one network into multiple sub networks In the following example a network administrator creates two sub networks to isolate a group of servers from the rest of the co...

Page 273: ...the host ID bits to divide the network 192 168 1 0 into two separate sub networks The subnet mask is now 25 bits 255 255 255 128 or 25 The borrowed host ID bit can have a value of either 0 or 1 allow...

Page 274: ...ts you need to borrow two host ID bits to give four possible combinations 00 01 10 and 11 The subnet mask is 26 bits 11111111 11111111 11111111 11000000 or 255 255 255 192 Each subnet contains 6 host...

Page 275: ...t Address 192 168 1 128 Lowest Host ID 192 168 1 129 Broadcast Address 192 168 1 191 Highest Host ID 192 168 1 190 Table 103 Subnet 4 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192...

Page 276: ...NO HOSTS PER SUBNET 1 255 255 255 128 25 2 126 2 255 255 255 192 26 4 62 3 255 255 255 224 27 8 30 4 255 255 255 240 28 16 14 5 255 255 255 248 29 32 6 6 255 255 255 252 30 64 2 7 255 255 255 254 31...

Page 277: ...you entered You don t need to change the subnet mask computed by the ZyXEL Device unless you are instructed to do otherwise Private IP Addresses Every machine on the Internet must have a unique addre...

Page 278: ...Appendix B IP Addresses and Subnetting P 660N T1A User s Guide 278...

Page 279: ...Explorer versions may vary Internet Explorer Pop up Blockers You may have to disable pop up blocking to log into your device Either disable pop up blocking enabled by default in Windows XP SP Service...

Page 280: ...n the Pop up Blocker section of the screen This disables any web pop up blockers you may have enabled Figure 125 Internet Options Privacy 3 Click Apply to save this setting Enable Pop up Blockers with...

Page 281: ...660N T1A User s Guide 281 2 Select Settings to open the Pop up Blocker Settings screen Figure 126 Internet Options Privacy 3 Type the IP address of your device the web page that you do not want to hav...

Page 282: ...dd to move the IP address to the list of Allowed sites Figure 127 Pop up Blocker Settings 5 Click Close to return to the Privacy screen 6 Click Apply to save this setting JavaScripts If pages of the w...

Page 283: ...rer click Tools Internet Options and then the Security tab Figure 128 Internet Options Security 2 Click the Custom Level button 3 Scroll down to Scripting 4 Under Active scripting make sure that Enabl...

Page 284: ...OK to close the window Figure 129 Security Settings Java Scripting Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 S...

Page 285: ...sions P 660N T1A User s Guide 285 5 Click OK to close the window Figure 130 Security Settings Java JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 Make sure...

Page 286: ...OK to close the window Figure 131 Java Sun Mozilla Firefox Mozilla Firefox 2 0 screens are used here Screens for other versions may vary You can enable Java Javascripts and pop ups in one screen Clic...

Page 287: ...p up Windows JavaScripts and Java Permissions P 660N T1A User s Guide 287 Click Content to show the screen below Select the check boxes as shown in the following screen Figure 133 Mozilla Firefox Cont...

Page 288: ...Appendix C Pop up Windows JavaScripts and Java Permissions P 660N T1A User s Guide 288...

Page 289: ...nt network which is commonly referred to as an ad hoc network or Independent Basic Service Set IBSS The following diagram shows an example of notebook computers using wireless adapters to form an ad h...

Page 290: ...ded Service Set ESS consists of a series of overlapping BSSs each containing an access point with each access point connected together by a wired network This wired connection between APs is called a...

Page 291: ...use a channel different from an adjacent AP access point to reduce interference Interference occurs when radio signals from different access points overlap causing interference and degrading performan...

Page 292: ...hat wants to transmit this frame must first send an RTS Request To Send message to the AP for permission to send it The AP then responds with a CTS Clear to Send message to all other stations within i...

Page 293: ...ization field in a packet Short preamble increases performance as less time sending preamble means more time for sending data All IEEE 802 11 compliant wireless adapters support long preamble but not...

Page 294: ...shows the relative effectiveness of these wireless security methods available on your ZyXEL Device Note You must enable the same wireless security settings on the ZyXEL Device and on all wireless cli...

Page 295: ...wireless clients RADIUS RADIUS is based on a client server model that supports authentication authorization and accounting The access point is the client and the server is the RADIUS server The RADIU...

Page 296: ...LEAP Your wireless LAN device may not support all authentication types EAP Extensible Authentication Protocol is an authentication protocol that runs on top of the IEEE 802 1x transport mechanism in...

Page 297: ...ve attacks A digital certificate is an electronic ID card that authenticates the sender s identity However to implement EAP TLS you need a Certificate Authority CA to handle certificates which imposes...

Page 298: ...nd WPA2 Wi Fi Protected Access WPA is a subset of the IEEE 802 11i standard WPA2 IEEE 802 11i is a wireless security standard that defines stronger encryption authentication and key management than WP...

Page 299: ...r distributes a Pairwise Master Key PMK key to the AP that then sets up a key hierarchy and management system using the PMK to dynamically generate unique data encryption keys to encrypt every data pa...

Page 300: ...connecting to an AP to perform IEEE 802 1x authentication with another AP before connecting to it Wireless Client WPA Supplicants A wireless client supplicant is the software that runs on an operatin...

Page 301: ...RADIUS Application Example WPA 2 PSK Application Example A WPA 2 PSK application looks as follows 1 First enter identical passwords into the AP and all wireless clients The Pre Shared Key PSK must con...

Page 302: ...ch authentication method or key management protocol type MAC address filters are not dependent on how you configure these security features Table 110 Wireless Security Relational Matrix AUTHENTICATION...

Page 303: ...a s coverage area Antenna Gain Antenna gain measured in dB decibel is the increase in coverage within the RF beam width Higher antenna gain improves the range of the signal for better communications F...

Page 304: ...es very directional to 120 degrees less directional Directional antennas are ideal for hallways and outdoor point to point applications Positioning Antennas In general antennas should be mounted as hi...

Page 305: ...of IP protocol used by the service If this is TCP UDP then the service uses the same port number with TCP and UDP If this is USER DEFINED the Port s is the IP protocol number not the port number Port...

Page 306: ...net related command that can be used to find out if a user is logged on FTP TCP TCP 20 21 File Transfer Protocol a program to enable fast transfer of files including large files that may not be possib...

Page 307: ...e Protocol version 3 lets a client computer get e mail from a POP3 server through a temporary connection TCP IP or other POP3S TCP 995 This is a more secure version of POP3 that runs over SSL PPTP TCP...

Page 308: ...ervice Discovery Protocol supports Universal Plug and Play UPnP SSH TCP UDP 22 Secure Shell Remote Login Program STRM WORKS UDP 1558 Stream Works Protocol SYSLOG UDP 514 Syslog allows you to send syst...

Page 309: ...sing out of the application or use of any products or software described herein Neither does it convey any license under its patent rights nor the patent rights of others ZyXEL further reserves the ri...

Page 310: ...s cause harmful interference to radio television reception which can be determined by turning the device off and on the user is encouraged to try to correct the interference by one or more of the foll...

Page 311: ...or a period of up to two years from the date of purchase During the warranty period and upon proof of purchase should the product have indications of failure due to faulty workmanship and or materials...

Page 312: ...ned products without proof of purchase or those with an out dated warranty will be repaired or replaced at the discretion of ZyXEL and the customer will be billed for parts and labor All repaired or r...

Page 313: ...trator password 28 202 alerts 205 alternative subnet mask notation 272 antenna directional 304 gain 303 omni directional 304 AP access point 291 application filter 153 applications NAT 144 Asynchronou...

Page 314: ...Serv Code Point see DSCP disclaimer 309 DNS 86 90 94 184 Domain Name System see DNS DoS 148 DSCP 170 DSL connections status 226 dynamic DNS 175 activation 176 wildcard 175 activation 176 Dynamic Host...

Page 315: ...dress 68 71 76 80 86 95 default server 134 136 ping 223 private 96 IP alias 91 configuration 92 NAT applications 144 IP precedence 171 173 configuration 170 IP MAC filter 154 configuration 155 structu...

Page 316: ...es 137 remote management 179 SIP ALG 141 activation 141 SUA 132 133 Network Address Translation see NAT Network Address Translation see NAT P P2P 133 Pairwise Master Key PMK 299 301 passwords 28 admin...

Page 317: ...Parameter Index see SPI Service Set IDentifier see SSID setup DHCP 89 firewalls 149 IP alias 92 IP precedenceQoS IP precedence 170 IP MAC filter 155 logs 205 port forwarding 135 static route 159 WAN 6...

Page 318: ...URL 151 URL filter 152 URL 151 V VBR 82 VBR nRT 73 78 83 VBR RT 73 78 83 VCI 70 76 80 Virtual Channel Identifier see VCI Virtual Local Area Network see VLAN Virtual Path Identifier see VPI VLAN 161 80...

Page 319: ...ication 105 WPA PSK 104 121 pre shared key 104 WPS 111 123 126 activation 111 adding stations 113 example 128 limitations 129 PIN 112 113 124 push button 113 124 status 112 wireless security 294 Wirel...

Page 320: ...Index P 660N T1A User s Guide 320...

Page 321: ...Index P 660N T1A User s Guide 321...

Page 322: ...Index P 660N T1A User s Guide 322...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands