manualshive.com logo in svg

ZyXEL Communications P-662HW-D - V3.40, Support Notes

The ZyXEL Communications P-662HW-D - V3.40 is a high-performance router with advanced features. For Support Notes and detailed instructions, download the free manual from our website. Stay connected and informed by accessing the manual with just a few clicks at manualshive.com.

Share
Download
background image

                                         

P-662HW-D Series Support Notes

 

Be very careful about the remote IP address in branch office B, because 
systems behind branch office B want to access systems behind branch office 
A and headquarter, we have to specify these two segments in 

Remote

 section. 

However if we include these two segments in one rule, the LAN segment of 
branch office B will be also included in this single rule, which means 
intercommunication inside branch office B will run into VPN tunnel. To avoid 
such situation, we need two separate rules to cover the LAN segment of 
branch office A and headquarter.  

 

The first rule in Branch_ B, Branch_B_1.   

This rule is for branch office B to access headquarter. 

(1) 

Local Address Type 

is 

Range Address 

and 

IP Address Start

 is 

192.168.2.0, IP Address End 

is

 192.168.2.255.

 This section covers the LAN 

segment of branch office B.   

Remote Address Type

 is 

Range Address 

and

 IP Address Start 

is 

192.168.1.0

, IP Address End is 

192.168.1.255

. This section covers the LAN 

segment of headquarter office. 

(2)

 My IP Address

 is the

 

WAN IP of Prestige

 

in

 Branch_B

202.2.1.1

 in the 

example. 

Secure Gateway Address

 is 

IP address of Headquarter

,

 202.1.1.1 

in the 

example.  
 
(3) Suppose the pre-shared key is 

01234567

, we should configure the same 

key in the corresponding rule in Headquarter VPN Gateway. 

(4) You can setup IKE phase 1 and phase 2 parameters by pressing 

Advanced

 button. Please make sure that parameters you set in this menu 

match with all the parameters with the corresponding VPN rule in headquarter. 
We don’t make any advanced setup in the example. 

 

The second rule in Branch_B, Branch_B_2.   

This rule is for branch office B to access branch office A.   

(1) 

Local Address Type 

is 

Range Address 

and 

IP Address Start

 is 

192.168.2.0, IP Address End 

is

 192.168.2.255.

 This section covers the LAN 

segment of branch office B.   

Remote Address Type

 is 

Range Address 

and

 IP Address Start 

is 

192.168.3.0

, IP Address End is 

192.168.3.255

. This section covers the LAN 

segment of branch office A. 

                                     

108 

All contents copyright © 2006 ZyXEL Communications Corporation. 

 

Summary of Contents for P-662HW-D - V3.40

Page 1: ...P 662HW D Series 802 11g Wireless ADSL2 4 port Security Gateway Support Notes Version3 40 Mar 2006...

Page 2: ...11 15 What are Device filters and Protocol filters 11 16 How can I protect against IP spoofing attacks 11 Product FAQ 13 1 How can I manage P 662HW D 13 2 What is the default password for Web Configur...

Page 3: ...d a firewall when your router has packet filtering and NAT built in 23 6 What is Denials of Service DoS attack 23 7 What is Ping of Death attack 24 8 What is Teardrop attack 24 9 What is SYN Flood att...

Page 4: ...PN support 34 4 What types of authentication does P 662HW D VPN support 34 5 I am planning my P 662HW D VPN configuration What do I need to know 34 6 Does P 662HW D support dynamic secure gateway IP 3...

Page 5: ...urity mode does P 662HW D support 42 16 What Wireless standard does P 662HW D support 42 17 Does P 662HW D support MAC filtering 42 18 Does P 662HW D support auto rate adaption 42 Advanced FAQ 42 1 Wh...

Page 6: ...n 90 15 How could I configure triple play on P 662HW D 93 16 How to configure packet filter on P 662HW D 93 IPSEC VPN Application Notes 97 1 How to use P 662HW D to build VPN Tunnel with another VPN G...

Page 7: ...W D Series Support Notes Using TFTP command on UNIX 138 3 Using FTP to Upload the Firmware and Configuration Files 139 CI Command Reference 142 6 All contents copyright 2006 ZyXEL Communications Corpo...

Page 8: ...factory default 4 How do I update the firmware and configuration file You can do this if you access the P 662HW D as Administrator You can upload the firmware and configuration file to Prestige from...

Page 9: ...forget the system password In case you forget the system password you can erase the current configuration and restore factory defaults this way Use the RESET button on the rear panel of P 662HW D to r...

Page 10: ...will be three options for you None SUA Only Full Feature SUA Single User Account in previous ZyNOS versions is a NAT set with 2 rules Many to One and Server With SUA visible servers had to be mapped t...

Page 11: ...ess 13 What IP Port mapping does Multi NAT support Multi NAT supports five types of IP port mapping One to One Many to One Many to Many Overload Many to Many No Overload and Server The details of the...

Page 12: ...anif0 to view the current active NAT sessions 15 What are Device filters and Protocol filters In ZyNOS the filters have been separated into two groups One group is called device filter group and the o...

Page 13: ...ress on your local network and w x y z is your netmask For the output data filters Deny bounce back packet Allow packets that originate from us Filter rule setup Filter Type TCP IP Filter Rule Active...

Page 14: ...ou change it The system will lock you out if you have forgotten your password 3 What s the difference between Common User Account and Administrator Account For Common User Account it can only access t...

Page 15: ...e and password on your computer to connect to the ISP you are probably using PPPoE If you are simply connected to the Internet when you turn on your computer you probably are not You can also check yo...

Page 16: ...to the same IP address as yourhost dyndns org This feature is useful when there are multiple servers inside and you want users to be able to use things such as www yourhost dyndns org and still reach...

Page 17: ...aims at boosting the efficiency of the bandwidth If there are serveral VCs in the P 662HW D but only one VC activated at one time the P 662HW D allocates all the Bandwidth to the VC and the VC gets f...

Page 18: ...t PCR as 5424 cell sec 17 What do the ATM QoS Types CBR UBR VBR nRT VBR RT mean Constant bit rate CBR An ATM bandwidth allocation service that requires the user to determine a fixed bandwidth requirem...

Page 19: ...ing You can also specify trusted IP Addresses on LAN for which the P 662HW D will not perform content filtering You can configure the details about it in Web Configurator Advanced setup Security Conte...

Page 20: ...for many years Additionally many of the older cable networks are not capable of offering a return channel consequently such networks will need significant upgrading before they can offer high bandwid...

Page 21: ...ore the VC based multiplexing is more efficient 7 How do I know the details of my ADSL line statistics You can use the following CI commands to check the ADSL line statistics CI wan adsl perfdata CI w...

Page 22: ...equire different Qulity of Service The high priority is Voice VoIP data The Medium priority is Video IPTV data The low priority is internet access such as ftp etc Triple Play is a port based policy to...

Page 23: ...e LAN are invisible to the Internet 3 What are the basic types of firewalls Conceptually there are three types of firewalls 1 Packet Filtering Firewall 2 Application level Firewall 3 Stateful Inspecti...

Page 24: ...s that enhance the filtering process and control the network session rather than control individual packets in a session 4 The P 662HW D s firewall is fast It uses a hashing function to search the mat...

Page 25: ...IP fragments with overlapping offset fields When these fragments are reassembled at the destination some systems will crash hang or reboot 9 What is SYN Flood attack SYN attack floods a targeted syste...

Page 26: ...agnify the effect of the DoS attack IP Spoofing is a technique used to gain unauthorized access to computers by tricking a router or firewall into thinking that the communications are coming from with...

Page 27: ...ator Telnet over WAN There are four reasons that WWW Telnet from WAN is blocked 1 When the firewall is turned on all connections from WAN to LAN are blocked by the default ACL rule To enable Telnet fr...

Page 28: ...Why can t I upload the firmware and configuration file using FTP over WAN 1 When the firewall is turned on all connections from WAN to LAN are blocked by the default ACL rule To enable FTP from WAN y...

Page 29: ...nerated automatically with factory default setting but you can change it in Web Configurator 2 What does the log show to us The log supports up to 128 entries There are 5 columns for each entry Please...

Page 30: ...configuration Advanced Setup Maintenance Logs Log Settings 4 When does the P 662HW D generate the firewall alert The P 662HW D generates the alert when an attack is detected by the firewall and sends...

Page 31: ...h encryption VPN guarantees the confidentiality of the original user data Cost 1 Cut long distance phone charges Because users typically dial the their local ISP for VPN thus long distance phone charg...

Page 32: ...es allow for authentication integrity access control and confidentiality IPSec allows for the information exchanged between remote sites to be encrypted and verified You can create encrypted tunnels V...

Page 33: ...because you have to share it with another party before you can communicate with them over a secure connection 12 What are the differences between IKE and manual key VPN The only difference between IK...

Page 34: ...hoosen you can still use a random string as the content such as this_is_Prestige It s not neccessary to follow the format exactly By default the device takes IP as phase 1 ID type for itself and it s...

Page 35: ...e authentication integrity replay protection and confidentiality of the data it secures everything in the packet that follows the header Replay protection requires authentication and integrity these t...

Page 36: ...the Secure Gateway IP Address in P 662HW D In this case the VPN connection can only be initiated from dynamic side to fixed side in order to update its dynamic IP to the fixed side If both gateways us...

Page 37: ...SecGo IPSec for Windows F Secure IPSec for Windows KAME IPSec for UNIX Nortel IPSec for UNIX Intel VPN v 6 90 FreeS WAN for Linux SSH Remote ISAKMP Testing Page http isakmp test ssh fi cgi bin nph isa...

Page 38: ...know Suppose host P 662HW D NAT Router Internet Secure host Some tips for the configuration 1 The NAT router must support to pass through IPSec protocol Only ESP tunnel mode is possible to work in NAT...

Page 39: ...r NAT Firewall If the VPN connection is initiated from the security gateway outside of P 662HW D NAT port forwarding and Firewall forwarding are necessary To configure NAT port forwarding please go to...

Page 40: ...and can eliminate the need to pull cable through walls and ceilings Installation Flexibility Wireless technology allows the network to go where wire cannot go Reduced Cost of Ownership While the initi...

Page 41: ...h Time Frequency Band GHZ Data Rate Mbps Compatibility IEEE802 11a 1999 UNII Band 5 15 5 825 6 9 12 18 24 36 48 54 Only work with 802 11a devices IEEE802 11b 1999 ISM Band 2 4 2 4835 1 2 5 5 11 IEEE80...

Page 42: ...l Transmitting through a wall is possible depending upon the material used in its construction In general metals and substances with a high water content do not allow radio waves to pass through Metal...

Page 43: ...te adaption Yes it means that the AP on P 662HW D will automatically decelerate when devices move beyond the optimal range or other interference is present If the device moves back within the range of...

Page 44: ...1 may use FHSS or DSSS 6 Do I need the same kind of antenna on both sides of a link No Provided the antenna is optimally designed for 2 4GHz or 5GHz operation WLAN NICs often include an internal anten...

Page 45: ...is a subset of the IEEE 802 11i security specification draft Key differences between WAP and WEP are user authentication and improved data encryption WAP applies IEEE 802 1x Extensible Authentication...

Page 46: ...ng 802 11 wireless traffic 8 By turning off the broadcast of SSID can someone still sniff the SSID Many APs by default have broadcasting the SSID turned on Sniffers typically will find the SSID in the...

Page 47: ...ity mode automatically with just one touch at the reset button on rear panel To use this function on P 662HW D you could press the reset button on P 662HW D for 1 5 seconds the OTIST is actived The P...

Page 48: ...nnection To connect your computer to the P 662HW D s LAN port the computer must have an Ethernet adapter card installed For connecting a single computer to the P 662HW D we use a Ethernet cable 2 TCP...

Page 49: ...how to configure your P 662HW D as bridge mode We will use Web Configurator to guide you through the related menu 1 Configure P 662HW D as bridge mode and configure Internet setup parameters in Web C...

Page 50: ...62HW D in Web Configurator Advanced Setup Network LAN We use 192 168 1 1 as the LAN IP for P 662HW D in this case Step 1 Disactive DHCP Server and apply it Step 2 Assign an IP to the LAN Interface of...

Page 51: ...the clients via DHCP if it is available For this setup in Windows we check the option Obtain an IP address automatically in its TCP IP setup Please see the example shown below Set up your P 662HW D u...

Page 52: ...the DHCP settings in Web Configurator Advanced Setup Network LAN 3 Setup the P 662HW D as a DHCP Relay What is DHCP Relay DHCP stands for Dynamic Host Configuration Protocol In addition to the DHCP s...

Page 53: ...r are configured in Web Configurator Advanced Setup Network NAT Port Forwarding the internal server or client applications can be accessed by using the P 662HW D s WAN IP Address SUA Supporting Table...

Page 54: ...032 client IP Default client IP Microsoft NetMeeting 2 1 3 013 None 1720 client IP 1503 client IP Cisco IP TV 2 0 0 None RealPlayer G2 None VDOLive None Quake1 064 None Default client IP QuakeII2 305...

Page 55: ...IP 4 Certain Quake servers do not allow multiple users to login using the same unique IP so only one Quake user will be allowed in this case Moreover when a Quake server is configured behind SUA P 662...

Page 56: ...fixed IP address and not be a DHCP client whose IP address potentially changes each time P 662HW D is powered on In addition to the servers for specific services SUA supports a default server A servic...

Page 57: ...10 1 Fill in the service name and server IP Address press button Add 2 If add successfully the Web Configurator will display message Configuration updated successfully at the bottom You can see the p...

Page 58: ...nt you must be able to establish an IP connection with a tunnel server such as the Windows NT Server 4 0 Remote Access Server Windows Dial Up Networking uses the Internet standard Point to Point PPP t...

Page 59: ...the first dial up adapter that provides PPP support for the analog or ISDN modem The PPTP is supported in Windows NT and Windows 98 already For Windows 95 it needs to be upgraded by the Dial Up Networ...

Page 60: ...protocols from RAS such as IPX TCP IP NetBEUI Set the Internet gateway to P 662HW D 2 PPTP client setup Win9x Add one VPN connection from Dial Up Networking by entering the correct username password a...

Page 61: ...al up connection has been established Before making a VPN connection from the Win9x client to the NT server you need to know the exact Internet IP address that the ISP assigns to P 662HW D router in S...

Page 62: ...ll down menu on the right None NAT is disabled when you select this option Network Address Translation SUA Only When you select this option this remote node will use default SUA Address Mapping Set Yo...

Page 63: ...pply it When you select SUA Only the P 662HW D will use a default SUA Address Mapping set for it It has two rules Many to One and Server You can see it in CLI by command ip nat lookup 255 Please note...

Page 64: ...8 can only be configured in CLI Now let s begin with Web Configurator Firstly let s come to Web Configurator Advanced Setup Network NAT Address Mapping This menu is for Address Mapping Set 1 you can...

Page 65: ...t This is the starting global IP address IGA If you have a dynamic IP enter 0 0 0 0 as the Global Start IP 0 0 0 0 Global IP End This is the ending global IP address IGA This field is N A for One to O...

Page 66: ...ct NAT address mapping set and set mapping set name but set name is optional Example ip nat addrmap map 2 Test ip nat addrmap rule rule insert edit type local start IP local end IP global start IP glo...

Page 67: ...ave it to be default value if you don t want this command ip nat server edit rule forwardip IP address Configure the LAN IP address to be forwarded ip nat server edit rule protocol TCP UDP ALL Configu...

Page 68: ...on Add to save it Step 3 You could click the button Edit on the rule to modify the Service name Server IP Address Start End Port The most often used port numbers are shown in the following table Pleas...

Page 69: ...e NAT and select an Address Mapping Set with a Many to One Rule See the following figure 2 Internet Access with an Internal Server In this case we do exactly as the figure use the convenient pre confi...

Page 70: ...y the following way using 4 NAT rules Rule 1 One to One type to map the FTP Server 1 with ILA1 192 168 1 10 to IGA1 200 0 0 1 Rule 2 One to One type to map the FTP Server 2 with ILA2 192 168 1 11 to I...

Page 71: ...nced Setup Network NAT Address Mapping to begin configuring Address Mapping Set 1 We can see there are 10 blank rule table that could be configured See the following setup for the four rules in our ca...

Page 72: ...to map the other clients to IGA3 200 0 0 3 Rule 4 Setup Select Server type to map our web server and mail server with ILA3 192 168 1 20 to IGA3 Menu Network NAT Address Mapping should look as follows...

Page 73: ...riendly Applications Some servers providing Internet applications such as some mIRC servers do not allow users to login using the same IP address In this case it is better to use Many to Many No Overl...

Page 74: ...nd retrieved This solves the problems if your DNS server uses an IP associated with dynamic IPs Without DDNS we always tell the users to use the WAN IP of the P 662HW D to access the internal server I...

Page 75: ...p the DDNS 1 Before configuring the DDNS settings in the P 662HW D you must register an account from the DDNS server such as WWW DYNDNS ORG first After the registration you have a hostname for your in...

Page 76: ...s shown in figure 3 For SNMPv1 operation ZyXEL permits one community string so that the router can belong to only one community and allows trap messages to be sent to only one NMS manager Some traps a...

Page 77: ...of restart before rebooting 1 For intentional reboot In some cases download new files CI command sys reboot reboot is done intentionally And traps with the message System reboot by user will be sent...

Page 78: ...om the NMS The default is public Set Community Enter the correct Set Community This Set Community must match the Set community requested from the NMS The default is public Trusted Host Enter the IP ad...

Page 79: ...you wish to send the syslog Log Facility Select from the 7 different local options The log facility lets you log the message in different server files Refer to your UNIX manual 9 Using IP Alias What...

Page 80: ...Network LAN IP Alias There are three internal virtual LAN interfaces for the P 662HW D to route the packets from to the three networks correctly They are enif0 for the major network enif0 0 for the IP...

Page 81: ...cond and third networks in Network LAN IP Alias by configuring the P 662HW D s second and third LAN IP addresses Key Settings IP Alias 1 Active it and enter the second LAN IP address for the P 662HW D...

Page 82: ...to prioritize traffic Cost Savings IPPR allows organizations to distribute interactive traffic on high bandwidth high cost path while using low path for batch traffic Load Sharing Network administrat...

Page 83: ...mple Step 2 Suppose we d like to edit the rule like this Policy Set Name Test Active Yes Criteria IP Protocol 6 Type of Service Don t Care Packet length 0 Precedence Don t Care Len Comp N A Source add...

Page 84: ...action gatewaytype 0 Set gateway type for the rule Gateway Address ip policyrouting set action gatewayaddr 192 168 1 254 Set the gateway address for the rule 192 168 1 254 ip policyrouting set criter...

Page 85: ...ppose we want to edit a call schedule set like this Call Schedule Set 1 Set name Test Active Yes Start Date yyyy mm dd 2005 12 27 How Often Once Once Date yyyy mm dd 2005 12 27 Start Time hh mm 12 00...

Page 86: ...remote node will be dropped Enable Dial On Demand The remote node accepts Dial on demand during this period Disable Dial On Demand The remote node denies any demand dial during the period For the exis...

Page 87: ...P packets are transmitted in two ways unicast or broadcast Multicast is a third way to deliver IP packets to a group of hosts Host groups are identified by class D IP addresses i e those with 1110 as...

Page 88: ...Some other traffic may not require high bandwidth but they require stable supply of bandwidth such as VoIP traffic The VoIP quality would not be good if all of the outgoing bandwidth is occupied via F...

Page 89: ...s root Scheduler Choose the principle to allocate bandwidth on this interface Priority Based allocates bandwidth via priority Fairness Based allocates bandwidth by ratio Maximize Bandwidth Usage Chec...

Page 90: ...Managed Bandwidth Check this box if you would like to let this class to borrow bandwidth from it s parents when the required bandwidth is higher than the configured amount Do not check this if you wa...

Page 91: ...t some probing patterns system will analyze the packets returned from ISP and decide which services the ISP may provide Because ADSL is based on a ATM network so system have to pre configured a VPI VC...

Page 92: ...vpi vci service bit hex wan atm vchunt save Note remote node input the remote node index 1 8 vpi vpi value vci vci value service it s a hex value bit0 PPPoE VC 1 bit1 PPPoE LLC 2 bit2 PPPoA VC 4 bit3...

Page 93: ...the device LAN Ethernet port with the DSL sync up 2 Open your web browser to access a Web site It should prompt and request for your username password of your ISP account if your ISP provide PPPoE or...

Page 94: ...ernet port 1 must be forwarded to PVC1 vice versa The traffic from Ethernet port 2 must be forwarded to PVC2 vice versa The traffic from Ethernet Port3 must be forwarded to PVC3 vice versa 16 How to c...

Page 95: ...hem by command sys filter set index set rule Usage set 1 12 rule 1 6 Commonly the preconfigured filter sets are as follows set 2 rule 1 6 set 3 rule 1 set 4 rule 1 sys filter set display For example T...

Page 96: ...s filter set You could configure a filter rule on demand the newest command is available on release note sys filter set save Usage Don t forget to save the rule everytime you ve configured it Referenc...

Page 97: ...log type 0 3 none match notmatch both Set the log type it could be 0 3 none match not match both sys filter set actmatch type 0 2 checknext forward drop Set the action for match sys filter set actnoma...

Page 98: ...box II ZyXEL VPN solution Avaya VPN Netopia VPN III VPN The tested VPN softwares are shown below Checkpoint VPN software WIN2K VPN software Soft PK VPN software Linux FreeS WAN VPN SSH Sentinel Intel...

Page 99: ...pdate its dynamic IP to the fixed side If both of VPN gateways use dynamic IP we need DDNS service to implement it You can finish the configuration via Web Configurator on Prestige Step 1 Set up Prest...

Page 100: ...t in the example to this policy Select IPSec Key Mode to IKE Negotiation Mode to Main and Encapsulation Mode to Tunnel just the same as we will configure in Prestige B 5 Fill in the Local and Remote s...

Page 101: ...VPN secure gateways As in the example we ve finished this field on Prestige A then when we configure Prestige B we should make it fit the following table Prestgie A Prestige B Local ID Type IP IP Cont...

Page 102: ...ou need to configure the same on Prestige B We don t do any anvanced setup in the example Then we have finished the configuration on Preatige A Step 2 Setup Prestige B Similar to the settings for Pres...

Page 103: ...onitor On P 662HW D Web Configurator Security VPN Monitor you can check every active IPSec connections The VPN Name Encapsulation and IPSec Algorithm will be shown in the Monitor Table If you can t se...

Page 104: ...IPSec Log We can also view the log for IPSec and IKE connections for trouble shooting On P 662HW D we can check the logs via Web Configurator or CLI The log menu is also useful for troubleshooting ple...

Page 105: ...ase W2K won t capture the dynamic IP address automatically for you You have to obtain your dynamic IP address and then go back to IPSec configuration to setup your current IP address Prestige dynamic...

Page 106: ...igeA configure My IP as 0 0 0 0 and Secure Gateway as the dynamic domain name of PrestigeB Step 3 In PrestigeB configure My IP as 0 0 0 0 and Secure Gateway as the dynamic domain name of PrestigeA Ste...

Page 107: ...etween branch offices through headquarter So that whenever branch office A wants to talk to branch office B headquarter plays as a VPN relay Users can gain benefit from such application when the scale...

Page 108: ...ith name Branch_A The configuration is the same as Prestige to Prestige Tunnel just the IP Address is a little different 1 Local Address Type is Range Address and IP Address Start is 192 168 3 0 IP Ad...

Page 109: ...ss End is 192 168 1 255 This section covers the LAN segment of headquarter office 2 My IP Address is the WAN IP of Prestige in Branch_B 202 2 1 1 in the example Secure Gateway Address is IP address of...

Page 110: ...eadquarter office Remote Address Type is Range Address and IP Address Start is 192 168 3 0 IP Address End is 192 168 3 255 This section covers the LAN segment of branch office A 2 My IP Address is the...

Page 111: ...or Branch_B_2 in headquarter 1 Local Address Type is Range Address and IP Address Start is 192 168 3 0 IP Address End is 192 168 3 255 This section covers the LAN segment of branch office A Remote Add...

Page 112: ...ting 2 host together via a NIC card for direct connection when configured in Ad hoc mode without an access point being present Ad hoc operation is ideal for small networks of no more than 2 4 computer...

Page 113: ...ect a channel you want to use than press OK to apply Step 4 Since there is no DHCP server to give the host IP you must first designate a static IP for your station From Windows Start select Control Pa...

Page 114: ...finish Configuration for Wireless Station B To configure Ad hoc mode on your ZyAIR B 100 B 200 B 300 wireless NIC card please follow the following step Step1 Double click on the utility icon in your w...

Page 115: ...ect a channel you want to use than press OK to apply Step 4 Since there is no DHCP server to give the host IP you must first designate a static IP for your station From Windows Start select Control Pa...

Page 116: ...n B 2 Configuring Infrastructure mode Infrastructure Introduction For Infrastructure WLANs multiple Access Points APs like the WLAN to the wired network and allow users to efficiently share network re...

Page 117: ...e mode of your P 662HW D wireless AP please follow the steps below Step 1 Login Web Configurator Advanced Setup Network Wireless LAN General Configure the basic parameters for Wireless LAN Step 2 You...

Page 118: ...structure mode on your ZyAIR G 200 Wireless Network Adapter please follow the following steps Step 1 Double click on the utility icon in your windows task bar the utility will pop up on your windows s...

Page 119: ...an SSID or leave it as any if you wish to connect to any AP than press Apply Change to take effect Step 4 Click on Site Survey tab and press search all the available AP will be listed Step 5 Double cl...

Page 120: ...Filter MAC Filter Overview Users can use MAC Filter as a method to restrict unauthorized stations from accessing the APs ZyXEL s APs provide the capability for checking MAC address of the station befo...

Page 121: ...onfigure the MAC filter you need to know the MAC address of the client first If not knowing what your MAC address is please enter a command ipconfig all after DOS prompt to get the MAC physical addres...

Page 122: ...bile station e g a laptop with a wireless Ethernet card and an access point i e a base station The secret key is used to encrypt packets before they are transmitted and an integrity check is used to e...

Page 123: ...10 hexadecimal digits o 128 bit WEP key secret key with 13 characters o 128 bit WEP key secret key with 26 hexadecimal digits o 256 bit WEP key secret key with 29 characters o 256 bit WEP key secret k...

Page 124: ...phrase and then press button Generate to let the P 662HW D generate WEP Key for you Setting up the Station Step 1 Double click on the utility icon in your windows task bar or right click the utility i...

Page 125: ...the utility icon doesn t exist in your task bar click Start Programs to start the utility Step 2 Select the Configuration tab Select Set Security to configure encryption type and parameters correspon...

Page 126: ...the P 662HW D is supposed to use Key 1 by default Key settings The WEP Encryption type of station has to equal to the access point Check ASCII field for characters WEP key or uncheck ASCII field for H...

Page 127: ...s to complete a simple site survey with simple tools 1 First you will need to obtain a facility diagram such as blueprints This is for you to mark and take record on 2 Visually inspect the facility wa...

Page 128: ...ociated rate link quality signal strength and etc information as shown in utility below Step 4 It s always a good idea to start with putting the access point at the corner of the room and walk away fr...

Page 129: ...corner of the room Step 6 Repeat step 1 5 and now you should be able to mark an RF coverage area as illustrated in above picutre Step 7 You may need more than one access point is the RF coverage area...

Page 130: ...of the IEEE 802 11i security specification draft Key differences between WAP and WEP are user authentication and improved data encryption WAP applies IEEE 802 1x Extensible Authentication Protocol EA...

Page 131: ...h a client will be granted access to a WLAN Here comes WPA PSK Application example for your reference Configuration for Access point The IEEE 802 1x standard outlines enhanced security methods for bot...

Page 132: ...your wireless utility icon in your windows task bar the utility will pop up on your windows screen Step 2 Select the configuration tab type in the SSID Service Set Identifier select the operating Mode...

Page 133: ...otes Step 3 Click Set Security to configure the security parameters Step 4 Click OK for finish and begin to Site survey Connect to the AP as you have configured 132 All contents copyright 2006 ZyXEL C...

Page 134: ...Series Support Notes Step 5 Click Link Info tab if the PC associated and authenticated with AP successfully we will see the following information 133 All contents copyright 2006 ZyXEL Communications C...

Page 135: ...two ways to dump the trace Online Trace display the trace real time on screen Offline Trace capture the trace first and display later The details for capturing the trace in CLI as follows First of all...

Page 136: ...e Enable to capture the WAN packet by entering sys trcp channel mpoa00 bothway Enable the trace log by entering sys trcp sw on sys trcl sw on Display the brief trace online by entering sys trcd brief...

Page 137: ...el enet0 bothway Enable the trace log by entering sys trcp sw on sys trcl sw on Wait for packet passing through the Prestige over LAN Disable the trace log by entering sys trcp sw off sys trcl sw off...

Page 138: ...o Prestige After the transfer is complete the Prestige will program the upgraded firmware into FLASH ROM and reboot itself An example The 192 168 1 1 is the IP address of the Prestige The local file i...

Page 139: ...ge Check the port number 69 and 512 Octet blocks for TFTP Check Binary mode for file transfering Using TFTP command on Windows NT Step 1 TELNET to your Prestige first before using TFTP command Step 2...

Page 140: ...68 1 1 put local ras ras upload firmware 3 Using FTP to Upload the Firmware and Configuration Files In addition to upload the firmware and configuration file via the console port and TFTP client you c...

Page 141: ...ng the Prestige s IP and Administrator password in the FTP software Set the transfer type to Auto Detect or Binary Step 2 Press OK to ignore the Username prompt Step 3 To upload the firmware file we t...

Page 142: ...ort Notes the remote rom 0 file Step 4 The Prestige reboots automatically after the uploading is finished Please do not power off the router at this moment 141 All contents copyright 2006 ZyXEL Commun...

Page 143: ...ce 1 Shows the following commands and all major sub commands 2 exit Exit Subcommand To get the latest CI Command list The latest CI Command list is available in release note of every ZyXEL firmware re...

Reviews:

No comments

Related manuals for P-662HW-D - V3.40

HMS Anybus Modbus-TCP/RTU Gateway User Manual preview
Anybus Modbus-TCP/RTU Gateway
Brand: HMS Pages: 20
Epygi QuadroM-E1 Installation Manual preview
QuadroM-E1
Brand: Epygi Pages: 55
Valcom VE8021 Manual preview
VE8021
Brand: Valcom Pages: 4
Siemens SpeedStream 5450 User Manual preview
SpeedStream 5450
Brand: Siemens Pages: 83
Siemens SpeedStream 6500 Series User Manual preview
SpeedStream 6500 Series
Brand: Siemens Pages: 98
2N OfficeRoute User Manual preview
OfficeRoute
Brand: 2N Pages: 113
Juniper SRX3400 Hardware Manual preview
SRX3400
Brand: Juniper Pages: 232
Juniper SRX5400 Hardware Manual preview
SRX5400
Brand: Juniper Pages: 394
Banner Sure Cross DX80 Quick Start Manual preview
Sure Cross DX80
Brand: Banner Pages: 10
KMC Controls Conquest HPO-9007 Series Installation Manual preview
Conquest HPO-9007 Series
Brand: KMC Controls Pages: 6
Universal Remote Control TRF-ZW2 Owner'S Manual preview
TRF-ZW2
Brand: Universal Remote Control Pages: 26
NorthwesTel Pulse TV User Manual preview
Pulse TV
Brand: NorthwesTel Pages: 144
Universe Future ZWG2000AG Manual preview
ZWG2000AG
Brand: Universe Future Pages: 23
24online HIA 100iX Quick Start Manual preview
HIA 100iX
Brand: 24online Pages: 8
Avaya 3050-VM User Manual preview
3050-VM
Brand: Avaya Pages: 274
SICK SIG200 Operating Instruction preview
SIG200
Brand: SICK Pages: 130
IFM Electronic AIK050 Operating Instructions Manual preview
AIK050
Brand: IFM Electronic Pages: 33
Mitel Mediatrix Model M Hardware Installation Manual preview
Mediatrix Model M
Brand: Mitel Pages: 40

Brands by name

Popular brands

Load more brands