manualshive.com logo in svg

ZyXEL Communications P-873HNU-51B, User Manual

Share
Download
ZyXEL Communications P-873HNU-51B User Manual Download Page 319

 Appendix D Wireless LANs

P-873HNU(P)-51B User’s Guide

319

If both an AP and the wireless clients support WPA2 and you have an external RADIUS server, use 
WPA2 for stronger data encryption. If you don't have an external RADIUS server, you should use 
WPA2-PSK (WPA2-Pre-Shared Key) that only requires a single (identical) password entered into 
each access point, wireless gateway and wireless client. As long as the passwords match, a wireless 
client will be granted access to a WLAN. 

If the AP or the wireless clients do not support WPA2, just use WPA or WPA-PSK depending on 
whether you have an external RADIUS server or not.

Select WEP only when the AP and/or wireless clients do not support WPA or WPA2. WEP is less 
secure than WPA or WPA2.

Encryption 

WPA improves data encryption by using Temporal Key Integrity Protocol (TKIP), Message Integrity 
Check (MIC) and IEEE 802.1x. WPA2 also uses TKIP when required for compatibility reasons, but 
offers stronger encryption than TKIP with Advanced Encryption Standard (AES) in the Counter 
mode with Cipher block chaining Message authentication code Protocol (CCMP).

TKIP uses 128-bit keys that are dynamically generated and distributed by the authentication server. 
AES (Advanced Encryption Standard) is a block cipher that uses a 256-bit mathematical algorithm 
called Rijndael. They both include a per-packet key mixing function, a Message Integrity Check 
(MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying 
mechanism.

WPA and WPA2 regularly change and rotate the encryption keys so that the same encryption key is 
never used twice. 

The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then sets up a key 
hierarchy and management system, using the PMK to dynamically generate unique data encryption 
keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless 
clients. This all happens in the background automatically.

The Message Integrity Check (MIC) is designed to prevent an attacker from capturing data packets, 
altering them and resending them. The MIC provides a strong mathematical function in which the 
receiver and the transmitter each compute and then compare the MIC. If they do not match, it is 
assumed that the data has been tampered with and the packet is dropped. 

By generating unique data encryption keys for every data packet and by creating an integrity 
checking mechanism (MIC), with TKIP and AES it is more difficult to decrypt data on a Wi-Fi 
network than WEP and difficult for an intruder to break into the network. 

The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same. The only difference 
between the two is that WPA(2)-PSK uses a simple common password, instead of user-specific 
credentials. The common-password approach makes WPA(2)-PSK susceptible to brute-force 
password-guessing attacks but it’s still an improvement over WEP as it employs a consistent, 
single, alphanumeric password to derive a PMK which is used to generate unique temporal 
encryption keys. This prevent all wireless devices sharing the same encryption keys. (a weakness of 
WEP)

User Authentication 

WPA and WPA2 apply IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate 
wireless clients using an external RADIUS database. WPA2 reduces the number of key exchange 

Summary of Contents for P-873HNU-51B

Page 1: ...ng Combo WAN Gateway with USB IMPORTANT READ CAREFULLY BEFORE USE KEEP THIS GUIDE FOR FUTURE REFERENCE Copyright 2012 ZyXEL Communications Corporation Version 1 10 Edition 2 4 2012 Default Login Detai...

Page 2: ...in your product Graphics in this book may also differ from your product due to differences in operating systems operating system versions or if you installed updated firmware software for your device...

Page 3: ...29 Quality of Service QoS 133 Network Address Translation NAT 153 Dynamic DNS Setup 169 IGMP 173 Interface Group 183 Firewall 189 MAC Filter 197 Parental Control 199 Scheduler Rules 203 Certificates 2...

Page 4: ...Contents Overview P 873HNU P 51B User s Guide 4...

Page 5: ...18 1 4 1 Internet Access 18 1 4 2 HomePNA 19 1 5 LEDs Lights 20 1 6 The RESET Button 22 1 7 Wireless Access 23 1 7 1 Using the WLAN WPS Button 23 Chapter 2 The Web Configurator 25 2 1 Overview 25 2 1...

Page 6: ...ndns org 56 4 9 2 Configuring DDNS on Your VDSL Router 56 4 9 3 Testing the DDNS Setting 56 Part II Technical Reference 57 Chapter 5 Network Map and Status Screens 59 5 1 Overview 59 5 2 The Network M...

Page 7: ...y Overview 97 7 7 4 Signal Problems 99 7 7 5 BSS 100 7 7 6 MBSSID 100 7 7 7 Preamble Type 101 7 7 8 WiFi Protected Setup WPS 101 Chapter 8 Home Networking 109 8 1 Overview 109 8 1 1 What You Can Do in...

Page 8: ...10 6 1 Add Edit a QoS Policer 145 10 7 The QoS Monitor Screen 146 10 8 Technical Reference 147 Chapter 11 Network Address Translation NAT 153 11 1 Overview 153 11 1 1 What You Can Do in this Chapter 1...

Page 9: ...on Edit 177 13 3 2 IGMP Service Add 178 13 3 3 IGMP Host Limitation Add 179 13 4 IGMP ACL Configuration 180 13 4 1 IGMP ACL Add 181 Chapter 14 Interface Group 183 14 1 Overview 183 14 2 The Interface...

Page 10: ...05 19 3 The Local Certificates Screen 205 19 3 1 Create Certificate Request 206 19 3 2 Load Signed Certificate 208 19 3 3 Import Certificate 209 19 3 4 Certificate Details 211 19 4 The Trusted CA Scre...

Page 11: ...4 2 The IGMP Group Screen 229 24 3 IGMP Statistics Screen 230 230 Chapter 25 xDSL Statistics 231 25 1 The xDSL Statistics Screen 231 Chapter 26 Users Configuration 235 26 1 Overview 235 26 2 The Users...

Page 12: ...r 257 32 2 What You Need to Know 257 32 3 Ping TraceRoute NsLookup 258 32 4 802 1ag 258 32 5 OAM Ping Test 259 Chapter 33 Troubleshooting 263 33 1 Power Hardware Connections and LEDs 263 33 2 VDSL Rou...

Page 13: ...Table of Contents P 873HNU P 51B User s Guide 13 Appendix F Legal Information 329 Index 333...

Page 14: ...Table of Contents P 873HNU P 51B User s Guide 14...

Page 15: ...15 PART I User s Guide...

Page 16: ...16...

Page 17: ...HPNA capability Please refer to the following description of the product name format H denotes an integrated 4 port switch hub N denotes 802 11n draft 2 0 The N models support 802 11n wireless connect...

Page 18: ...factory default settings If you backed up an earlier configuration file you would not have to totally re configure the VDSL Router You could simply restore your last configuration 1 4 Applications fo...

Page 19: ...k are not allowed but you can safely browse the Internet and download files 1 4 2 HomePNA Models with HPNA comply with HomePNA Home Phoneline Networking Alliance also known as HPNA 3 1 a home networki...

Page 20: ...Guide 20 laptop B connects wirelessly to the VDSL Router The set up box C connects into a coaxial outlet in another part of the house for access to online videos Figure 2 HomePNA Application 1 5 LEDs...

Page 21: ...or there is a device malfunction Off The VDSL Router is not receiving power Blinking Firmware upgrade is in progress ETHERNET 1 4 Green On The VDSL Router has a successful 100 Mbps Ethernet connectio...

Page 22: ...een On The ADSL line is up Blinking The VDSL Router is initializing the ADSL line Off The ADSL line is down Orange On The VDSL line is up Blinking The VDSL Router is initializing the VDSL line Off The...

Page 23: ...onfigurator or using the WPS button Figure 4 Wireless Access Example 1 7 1 Using the WLAN WPS Button If the wireless network is turned off press the WLAN WPS button on the front of the VDSL Router for...

Page 24: ...LAN WPS LED flashes green and orange while the VDSL Router sets up a WPS connection with the other wireless device 4 Once the connection is successfully made the WLAN WPS LED shines green To turn off...

Page 25: ...2 1 1 Accessing the Web Configurator 1 Make sure your VDSL Router hardware is properly connected refer to the Quick Start Guide 2 Launch your web browser If the VDSL Router does not automatically re...

Page 26: ...mmary of your last login such as the time number of failed login attempts and when the password expires It also shows if you are logged on from an IP address Select Show this page next time to see the...

Page 27: ...use the web configurator for ten minutes default If this happens log in again 6 Click Status to display the Status screen where you can view the VDSL Router s interface and system information Note It...

Page 28: ...Guide 28 2 2 Web Configurator Layout Figure 8 Screen Layout As illustrated above the main screen is divided into these parts A title bar B main window C navigation panel 2 2 1 Title Bar The title bar...

Page 29: ...Title Bar ICON DESCRIPTION Quick Start Click this icon to open screens where you can configure the VDSL Router s time zone Internet access and wireless settings Logout Click this icon to log out of th...

Page 30: ...his screen to make your local servers visible to the outside world Applications Use this screen to configure servers behind the VDSL Router Port Triggering Use this screen to change your VDSL Router s...

Page 31: ...IGMP Statistics Use this screen to view the VDSL Router s IGMP multicast group and IGMP traffic statistics xDSL Statistics xDSL Statistics Use this screen to view the VDSL Router s xDSL traffic statis...

Page 32: ...Chapter 2 The Web Configurator P 873HNU P 51B User s Guide 32...

Page 33: ...e features in this chapter 3 2 Quick Start Setup 1 Click the Click Start icon in the top right corner of the web configurator to open the quick start screens Select the time zone of the VDSL Router s...

Page 34: ...tion 3 Turn the wireless LAN on or off If you keep it on record the security settings so you can configure your wireless clients to connect to the VDSL Router Click Save Figure 11 Internet Connection...

Page 35: ...nother Network see page 50 Configuring QoS Queue and Class Setup see page 52 Access the VDSL Router Using DDNS see page 55 4 2 Setting Up an ADSL PPPoE Connection This tutorial shows you how to set up...

Page 36: ...ice provider 5 Configure this rule as your default Internet connection by selecting the Apply as Default Gateway check box Then select DNS as Static and enter the DNS server addresses provided to you...

Page 37: ...Chapter 4 Tutorials P 873HNU P 51B User s Guide 37 7 You should see a summary of your new DSL connection setup in the Broadband screen as follows...

Page 38: ...igure the WAN screens 4 3 HomePNA Example Setup This tutorial shows you how you can use the VDSL Router s HomePNA feature to connect a television in another part of the house to the Internet through t...

Page 39: ...of your STB for information on how to connect it to your television as well as configure your account settings on it You should now be able to watch online videos in your television using your VOD or...

Page 40: ...page 39 Click Apply 2 Go to the Wireless Others screen and select 802 11b g n Mixed in the 802 11 Mode field Click Apply Thomas can now use the WPS feature to establish a wireless connection between...

Page 41: ...e VDSL Router A wireless client must also use the same PIN in order to download the wireless network settings from the VDSL Router Push Button Configuration PBC 1 Make sure that your VDSL Router is tu...

Page 42: ...e with the VDSL Router securely The following figure shows you an example of how to set up a wireless network and its security by pressing a button on both VDSL Router and wireless client Example WPS...

Page 43: ...within two minutes The VDSL Router authenticates the wireless client and sends the proper configuration settings to the wireless client This may take up to two minutes The wireless client is then abl...

Page 44: ...xample SSID Then enter the DoNotStealMyWirelessNetwork pre shared key to establish an wireless Internet connection Note The VDSL Router supports IEEE 802 11b and IEEE 802 11g wireless clients Make sur...

Page 45: ...ors will use the VIP group Visiting guests will use the Guest group which has a lower security mode Company A will use the following parameters to set up the wireless network groups 1 Click Network Se...

Page 46: ...P 51B User s Guide 46 2 Click Network Settings Wireless More AP to open the following screen Click the Edit icon to configure the second wireless network group 3 Configure the screen using the provide...

Page 47: ...er 4 Tutorials P 873HNU P 51B User s Guide 47 4 In the More AP screen click the Edit icon to configure the third wireless network group 5 Configure the screen using the provided parameters and click A...

Page 48: ...6 Setting Up NAT Port Forwarding Thomas manages the Doom server on a computer behind the VDSL Router In order for players on the Internet like A in the figure below to communicate with the Doom serve...

Page 49: ...ck Apply 3 The port forwarding settings you configured appear in the table The VDSL Router forwards port 666 traffic to the computer with IP address 192 168 1 34 D 192 168 1 34 WAN LAN port 666 A Serv...

Page 50: ...uting rule for two network routings In the following figure router R is connected to the VDSL Router s LAN R connects to two networks N1 192 168 1 x 24 and N2 192 168 10 x 24 If you want to send traff...

Page 51: ...y in the Static Route screen 4 Configure the Static Route Setup screen using the following settings 4a Select the Active check box Enter the Route Name as R 4b Type 192 168 10 0 and subnet mask 255 25...

Page 52: ...the FTP server throughout the day Your colleagues use the Internet for research as well as chat applications for communicating with other branch offices In the following figure your Internet connectio...

Page 53: ...determine this figure Click Apply Tutorial Advanced QoS 2 Click Queue Setup Add new Queue to create a new queue In the screen that opens check Active and enter or select the following values Name E ma...

Page 54: ...73HNU P 51B User s Guide 54 Tutorial Advanced QoS Queue Setup 3 Click Class Setup Add new Classifier to create a new class Check Active and follow the settings as shown in the screen below Tutorial Ad...

Page 55: ...Router using a domain name To use this feature you have to apply for DDNS service at www dyndns org This tutorial covers Registering a DDNS Account on www dyndns org Configuring DDNS on Your VDSL Rout...

Page 56: ...igurator Status page Then you will need to configure the same account and host name on the VDSL Router later 4 9 2 Configuring DDNS on Your VDSL Router Configure the following settings in the Advanced...

Page 57: ...57 PART II Technical Reference...

Page 58: ...58...

Page 59: ...at the current status of the VDSL Router system resources and interfaces LAN WAN and WLAN 5 2 The Network Map Screen Use this screen to view the network connection status of the device and its client...

Page 60: ...and Info Click the IP address if you want to change it If you want to change the name or icon of the client click Change name icon Figure 14 Icon Mode Change name icon In List Mode you can also view...

Page 61: ...se fields display when you have a WAN connection MAC Address This shows the WAN Ethernet adapter MAC Media Access Control Address of your device This field is available only when your WAN type is IPoE...

Page 62: ...indicates whether or not the VDSL Router is using the interface For the LAN interfaces the Ethernet WAN interface or the HPNA interface this field displays Up when the VDSL Router is using the interf...

Page 63: ...pplications to have more throughput you should turn off other applications for example using QoS see Chapter 10 on page 133 Memory Usage This field displays what percentage of the VDSL Router s memory...

Page 64: ...Chapter 5 Network Map and Status Screens P 873HNU P 51B User s Guide 64...

Page 65: ...ide connection to another network or the Internet It connects your private networks such as a LAN Local Area Network and other networks so that a computer in one location can communicate with computer...

Page 66: ...e actual data exchange begins PTM Packet Transfer Mode PTM is packet oriented and supported by the VDSL2 standard In PTM packets are encapsulated directly in the High level Data Link Control HDLC fram...

Page 67: ...atus This is the status of the connection Name This is the service name of the connection Type This shows whether it is a VDSL ADSL or Ethernet connection Encapsulation This is the method of encapsula...

Page 68: ...ce in the Broadband screen or the Edit icon next to an existing WAN interface to configure a WAN connection The screen differs according to the mode and encapsulation you choose This screen displays w...

Page 69: ...this if you have a username and password for Internet access IP over Ethernet IPoE In this type of Internet connection IP packets are routed between the Ethernet interface and the WAN interface and t...

Page 70: ...sely controlled delay and delay variation Select Realtime VBR real time Variable Bit Rate for applications with bursty connections that require closely controlled delay and delay variation Peak Cell R...

Page 71: ...ser data Select this option to have the VDSL Router act as an IGMP proxy on this connection This allows the VDSL Router to get subscribing information and maintain a joined member list for each multic...

Page 72: ...whether it is ADSL VDSL over PTM ADSL over ATM or Ethernet connection ADSL VDSL over PTM The VDSL Router uses the VDSL technology for data transmission over the DSL port ADSL over ATM The VDSL Router...

Page 73: ...connections that require closely controlled delay and delay variation Peak Cell Rate Divide the DSL line rate bps by 424 the size of an ATM cell to find the Peak Cell Rate PCR This is the maximum rate...

Page 74: ...below shows the transmission data rate for single DSL line and DSL bonding Table 9 Comparison Table for Single DSL line and DSL Bonding For a single VDSL line the profile is 17a which provides a maxi...

Page 75: ...ons Multi PHY Current This shows the current bonding mode the VDSL Router is using You can change it in the Mode field Mode Select whether you want to use Auto Switch VDSL Bonding or ADSL Bonding If y...

Page 76: ...ices a function known as dynamic service selection This enables the service provider to easily create and offer new IP services for individuals Operationally PPPoE saves significant effort for both yo...

Page 77: ...tical to have a separate VC for each carried protocol for example if charging heavily depends on the number of simultaneous VCs 6 4 3 VPI and VCI Be sure to use the correct Virtual Path Identifier VPI...

Page 78: ...53 bytes 424 bits so a maximum speed of 832Kbps gives a maximum PCR of 1962 cells sec This rate is not guaranteed because it is dependent on the line speed Sustained Cell Rate SCR is the mean cell rat...

Page 79: ...urst levels SCR defines the minimum level An example of an VBR nRT connection would be non time sensitive data file transfers Unspecified Bit Rate UBR The Unspecified Bit Rate UBR ATM traffic class is...

Page 80: ...cator is a single bit flag always set to zero for Ethernet switches If a frame received at an Ethernet port has a CFI set to 1 then that frame should not be forwarded as it is to an untagged port The...

Page 81: ...le the Wireless LAN enter the SSID and select the wireless security mode Section 7 2 on page 82 Use the More AP screen to set up multiple wireless networks on your VDSL Router Section 7 3 on page 89 U...

Page 82: ...ss networking is different from that of most traditional radio communications in that there a number of wireless networking standards available with different methods of data encryption Finding Out Mo...

Page 83: ...currently using then displays next to this field more less Click more to show more information Click less to hide them Bandwidth Select whether the VDSL Router uses a wireless channel width of 20MHz o...

Page 84: ...e VDSL Router MBSSID LAN Isolation Select this to keep the wireless clients in this SSID from communicating with clients in other SSIDs or wired LAN devices through the VDSL Router Select both Client...

Page 85: ...mechanism that all the wireless devices in your network support For example use WPA PSK or WPA2 PSK if all your wireless devices support it or use WPA or WPA2 if your wireless devices support it and y...

Page 86: ...rd WEP keys are used to encrypt data Both the VDSL Router and the wireless stations must use the same password WEP key for data transmission If you chose 64 bit WEP then enter any 5 ASCII characters o...

Page 87: ...cribes the labels in this screen Table 14 Wireless General More Secure WPA 2 PSK LABEL DESCRIPTION Security Level Select More Secure to enable WPA 2 PSK data encryption Security Mode Select WPA PSK or...

Page 88: ...urity Mode list Figure 26 Wireless General More Secure WPA 2 Encryption Select the encryption type AES or TKIP AES for data encryption Select AES if your wireless clients can all use AES Select TKIP A...

Page 89: ...key must be the same on the external authentication server and your VDSL Router The key is not sent over the network more less Click more to show more fields in this section Click less to hide them W...

Page 90: ...active A gray bulb signifies that this SSID is not active SSID An SSID profile is the set of parameters relating to one of the VDSL Router s BSSs The SSID Service Set IDentifier identifies the Servic...

Page 91: ...h a wireless device is associated Wireless devices associating to the access point AP must have the same SSID Enter a descriptive name up to 32 English keyboard characters for the wireless LAN Hide SS...

Page 92: ...on LABEL DESCRIPTION SSID Select the SSID for which you want to configure MAC filter settings MAC List Define the filter action for the list of MAC addresses in the MAC Address table Select Disable to...

Page 93: ...reless device s WPS button within two minutes of pressing this button Method 2 Use this section to set up a WPS wireless network by entering the PIN of the client into the VDSL Router Register Enter t...

Page 94: ...ave the VDSL Router create a new PIN Apply Click Apply to save your changes Cancel Click Cancel to restore your previously saved settings Table 19 Network Settings Wireless WPS continued LABEL DESCRIP...

Page 95: ...ociate with the VDSL Router Select 802 11b g Mixed to allow either IEEE 802 11b or IEEE 802 11g compliant WLAN devices to associate with the VDSL Router The transmission rate of your VDSL Router might...

Page 96: ...he name of the wireless network It stands for Service Set IDentifier If two wireless networks overlap they should use a different channel Like radio stations or television channels each wireless netwo...

Page 97: ...at all but it will not keep a determined attacker out Other security standards are secure in themselves but can be broken if a user does not use them properly For example the WPA PSK security standard...

Page 98: ...00A0C5000002 or 00 A0 C5 00 00 02 To get the MAC address for each device in the wireless network see the device s User s Guide or other documentation You can use the MAC address filter to tell the VD...

Page 99: ...ended that wireless networks use WPA PSK WPA or stronger encryption The other types of encryption are better than none at all but it is still possible for unauthorized wireless devices to figure out t...

Page 100: ...icate with each other When Intra BSS traffic blocking is enabled wireless station A and B can still access the wired network but cannot communicate with each other Figure 33 Basic Service set 7 7 6 MB...

Page 101: ...rder to communicate 7 7 8 WiFi Protected Setup WPS Your VDSL Router supports WiFi Protected Setup WPS which is an easy way to set up a secure wireless network WPS is an industry standard specification...

Page 102: ...must enter the PIN from one device usually the wireless client into the second device usually the Access Point or wireless router Then when WPS is activated on the first device it presents its PIN to...

Page 103: ...security settings The registrar creates a secure EAP Extensible Authentication Protocol tunnel and sends the network name SSID and the WPA PSK or WPA2 PSK pre shared key to the enrollee Whether WPA P...

Page 104: ...security settings it transmits to the enrollee are randomly generated Once a WPS enabled device has connected to another device using WPS it becomes configured A configured wireless client can still a...

Page 105: ...egistrar since it is configured it already has security information for the network AP1 supplies the existing security information to Client 2 Figure 37 WPS Example Network Step 2 In step 3 you add an...

Page 106: ...SK or WPA2 PSK depends on the device You can check the configuration interface of the registrar device to discover the key the network is using if the device supports this feature Then you can enter t...

Page 107: ...was not involved in the WPS handshake a rogue device must still associate with the access point to gain access to the network Check the MAC addresses of your wireless clients usually printed on a lab...

Page 108: ...Chapter 7 Wireless P 873HNU P 51B User s Guide 108...

Page 109: ...assign IP addresses on the LAN to specific individual computers based on their MAC Addresses Section 8 3 on page 113 Use the UPnP screen to enable UPnP and UPnP NAT traversal on the VDSL Router Secti...

Page 110: ...tremely important because without it you must know the IP address of a networking device before you can access it 8 1 2 2 About UPnP Identifying UPnP Devices UPnP hardware is identified as an icon in...

Page 111: ...ementation supports Internet Gateway Device IGD 1 0 See Section 8 5 on page 115 for examples of installing and using UPnP Finding Out More See Section 8 11 on page 126 for technical background informa...

Page 112: ...IP address you want to assign to your VDSL Router in dotted decimal notation for example 192 168 1 1 factory default Subnet Mask Type the subnet mask of your network in dotted decimal notation for exa...

Page 113: ...field specifies the last of the contiguous addresses in the IP address pool DHCP Server Lease Time This is the period of time DHCP assigned addresses is used DHCP automatically assigns IP addresses to...

Page 114: ...IP Address This field displays the IP address relative to the field listed above Modify Click the Edit icon to have the IP address field editable and change it Click the Delete icon to delete a stati...

Page 115: ...tworking UPnP The following table describes the labels in this screen 8 5 Installing UPnP in Windows Example This section shows how to install UPnP in Windows Me and Windows XP Installing UPnP in Wind...

Page 116: ...ab and select Communication in the Components selection box Click Details Add Remove Programs Windows Setup Communication 3 In the Communications window select the Universal Plug and Play check box in...

Page 117: ...Click Start and Control Panel 2 Double click Network Connections 3 In the Network Connections window click Advanced in the main menu and select Optional Networking Components Network Connections 4 The...

Page 118: ...w to use the UPnP feature in Windows XP You must already have UPnP installed in Windows XP and UPnP activated on the VDSL Router Make sure the computer is connected to a LAN port of the VDSL Router Tu...

Page 119: ...Network Connections 3 In the Internet Connection Properties window click Settings to see the port mappings there were automatically created Internet Connection Properties 4 You may edit or delete the...

Page 120: ...vanced Settings Add 5 When the UPnP enabled device is disconnected from your computer all port mappings will be deleted automatically 6 Select Show icon in notification area when connected option and...

Page 121: ...eb based configurator on the VDSL Router without finding out the IP address of the VDSL Router first This comes helpful if you do not know the IP address of the VDSL Router Follow the steps below to a...

Page 122: ...ed device displays under Local Network 5 Right click on the icon for your VDSL Router and select Invoke The web configurator login screen displays Network Connections My Network Places 6 Right click o...

Page 123: ...es with dynamic IP addresses sometimes don t renew their IP addresses before the lease time expires This could lead to IP address conflicts if the STB continues to use an IP address that gets assigned...

Page 124: ...as an extra LAN port This fifth Ethernet port provides faster speed since it is a Gigabit port Click Network Settings Home Networking 5th Ethernet Port to open this screen Figure 45 Network Settings H...

Page 125: ...able 30 Network Settings Home Networking LAN VLAN LABEL DESCRIPTION Lan Port These represent the VDSL Router s LAN ports Tag Operation Select what you want the VDSL Router to do to the IEEE 802 1q VLA...

Page 126: ...configure the VDSL Router as a DHCP server or disable it When configured as a server the VDSL Router provides the TCP IP configuration for the clients If you turn DHCP service off you must have anothe...

Page 127: ...DSL Router has built in DHCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability IP Address and Subnet Mask Similar to the way houses on a street...

Page 128: ...the following three blocks of IP addresses specifically for private networks 10 0 0 0 10 255 255 255 172 16 0 0 172 31 255 255 192 168 0 0 192 168 255 255 You can obtain your IP address from the IANA...

Page 129: ...uter s LAN interface The VDSL Router routes most traffic from A to the Internet through the VDSL Router s default gateway R1 You create one static route to connect to services offered by your ISP behi...

Page 130: ...atic route is active or not A yellow bulb signifies that this route is active A gray bulb signifies that this route is not active Name This is the name that describes or identifies this route Destinat...

Page 131: ...a single host use a subnet mask of 255 255 255 255 in the subnet mask field to force the network number to be identical to the host ID IP Subnet Mask Enter the IP subnet mask here Use Interface Select...

Page 132: ...Chapter 9 Static Routing P 873HNU P 51B User s Guide 132...

Page 133: ...Packets assigned a high priority are processed more quickly than those with low priority if there is congestion allowing time sensitive applications to flow more smoothly Time sensitive applications i...

Page 134: ...iffServ is a new protocol and defines a new DS field which replaces the eight bit ToS Type of Service field in the IP header Tagging and Marking In a QoS class you can configure whether to add or chan...

Page 135: ...g algorithms Token Bucket Filter TBF Single Rate Two Color Maker srTCM and Two Rate Two Color Marker trTCM You can specify actions which are performed on the colored packets See Section 10 8 on page 1...

Page 136: ...LAN that you want to allocate using QoS The recommendation is to set this speed to match the WAN interfaces actual transmission speed For example set the LAN managed downstream bandwidth to 100000 kbp...

Page 137: ...the index number of the entry Status This field displays whether the queue is active or not A yellow bulb signifies that this queue is active A gray bulb signifies that this queue is not active Name T...

Page 138: ...is field is read only if you are editing the queue Priority Select the priority level from 1 to 3 of this queue The smaller the number the higher the priority level Traffic assigned to higher priority...

Page 139: ...Class Setup The following table describes the labels in this screen Apply Click Apply to save your changes Cancel Click Cancel to exit this screen without saving Table 35 Queue Setup Add continued LA...

Page 140: ...a classifier to open the following screen To Queue This is the name of the queue in which traffic of this classifier is put Modify Click the Edit icon to edit the classifier Click the Delete icon to...

Page 141: ...Class Setup Add Edit The following table describes the labels in this screen Table 37 Class Setup Add Edit LABEL DESCRIPTION Active Select this to enable this classifier Class Name Enter a descriptive...

Page 142: ...s should match Enter f for each bit of the specified source MAC address that the traffic s MAC address should match Enter 0 for the bit s of the matched traffic s MAC address which can be of any hexad...

Page 143: ...in the fields provided DSCP This field is available only when you select IP in the Ether Type field Select this option and specify a DSCP DiffServ Code Point number between 0 and 63 in the field prov...

Page 144: ...in the packets To Queue Index Select a queue that applies to this class You should have configured a queue in the Queue Setup screen already Apply Click Apply to save your changes Cancel Click Cancel...

Page 145: ...ox to activate this policer Name Enter the descriptive name of this policer Meter Type Select how the policer shapes the traffic of the member QoS classes The Simple Token Bucket algorithm uses tokens...

Page 146: ...out modification DSCP Mark Change the DSCP mark value of the packets Enter the DSCP mark value to use Non Conforming Action Specify what the VDSL Router does for packets that exceed the excess burst s...

Page 147: ...Monitor This is the index number of the entry Name This shows the name of the interface on the VDSL Router Pass Rate This shows how many packets forwarded to this interface are transmitted successful...

Page 148: ...ield DSCP is backward compatible with the three precedence bits in the ToS octet so that non DiffServ compliant ToS enabled network device will not conflict with the DSCP mapping The DSCP value determ...

Page 149: ...ket can hold up to b tokens Tokens are generated and added into the bucket at a constant rate The following shows how tokens work with packets A packet can be transmitted if the number of tokens in th...

Page 150: ...y level is referred to as red medium is referred to as yellow and low is referred to as green The srTCM is based on the token bucket filter and has two token buckets CBS and EBS Tokens are generated a...

Page 151: ...respectively All packets are evaluated against the PIR If a packet exceeds the PIR it is marked red Otherwise it is evaluated against the CIR If it exceeds the CIR then it is marked yellow Finally if...

Page 152: ...Chapter 10 Quality of Service QoS P 873HNU P 51B User s Guide 152...

Page 153: ...configure a default server Section 11 5 on page 161 Use the ALG screen to enable and disable the SIP VoIP ALG in the VDSL Router Section 11 6 on page 162 Use the Sessions screen to limit the number o...

Page 154: ...rt 80 and FTP on port 21 In some cases such as for unknown services or where one server can support more than one service for example both FTP and web service it might be better to specify a range of...

Page 155: ...lb signifies that this rule is active A gray bulb signifies that this rule is not active Service Name This shows the service s name WAN Interface This shows the WAN interface through which the service...

Page 156: ...st have already configured a WAN connection with NAT enabled External Start Port Enter the original destination port for the packets To forward only one port enter the port number again in the Externa...

Page 157: ...screen to open the following screen Server IP Address Enter the inside IP address of the virtual server here Protocol Select the protocol supported by this virtual server Choices are TCP UDP or TCP U...

Page 158: ...with a specific port number and protocol a trigger port When the VDSL Router s WAN port receives a response with a specific port number and protocol open port the VDSL Router forwards the traffic to t...

Page 159: ...n Use this screen to view your VDSL Router s trigger port settings Figure 65 Network Settings NAT Port Triggering The following table describes the labels in this screen Table 47 Network Settings NAT...

Page 160: ...equested the service Start This is the first port number that identifies a service End This is the last port number that identifies a service Open Proto This is the open transport layer protocol Modif...

Page 161: ...s that a server on the WAN uses when it sends out a particular service The VDSL Router forwards the traffic with this port or range of ports to the client computer on the LAN that requested the servic...

Page 162: ...the SIP VoIP ALG in the VDSL Router To access this screen click Network Settings NAT ALG Figure 68 Network Settings NAT ALG The following table describes the fields in this screen 11 7 The Sessions Sc...

Page 163: ...a router for example the local address refers to the IP address of a host when the packet is in the local network while the global address refers to the IP address of the host when the same packet is...

Page 164: ...inside local address before forwarding it to the original inside host Note that the IP address either local or global of an outside host is never changed The global IP addresses for the inside hosts c...

Page 165: ...UDP source port numbers for Many to One and Many to Many Overload NAT mapping in each packet and then forwards it to the Internet The VDSL Router keeps track of the original addresses and port numbers...

Page 166: ...orwarding Example Let s say you want to assign ports 21 25 to one FTP Telnet and SMTP server A in the example port 80 to another B in the example and assign a default server IP address of 192 168 1 35...

Page 167: ...the example You assign the LAN IP addresses and the ISP assigns the WAN IP address The NAT network appears as a single host on the Internet Figure 72 Multiple Servers Behind NAT Example D 192 168 1 3...

Page 168: ...Chapter 11 Network Address Translation NAT P 873HNU P 51B User s Guide 168...

Page 169: ...server in the order you specify in the Broadband screen to resolve domain names that do not match any DNS routing entry After the VDSL Router receives a DNS reply from a DNS server it creates a new en...

Page 170: ...server that would still like to have a domain name The Dynamic DNS service provider will give you a password or key 12 1 1 What You Can Do in this Chapter Use the DNS Entry screen to view configure o...

Page 171: ...ck Advanced DNS Setting Dynamic DNS The screen appears as shown Table 54 Advanced DNS Setting DNS Setting LABEL DESCRIPTION Add new DNS entry Click this to create a new DNS entry This is the index num...

Page 172: ...t box Hostname Type the domain name assigned to your VDSL Router by your Dynamic DNS provider You can specify up to two host names in the field separated by a comma User Name Type your user name Passw...

Page 173: ...ast group in a different sub network A multicast IP address represents a traffic receiving group not individual receiving devices IP addresses in the Class D range 224 0 0 0 to 239 255 255 255 are use...

Page 174: ...igure 77 IGMP Proxy Network Example The VDSL Router will not respond to IGMP join and leave messages on the upstream interface The VDSL Router only responds to IGMP query messages on the upstream inte...

Page 175: ...hip information from directly connected networks before it sends a report Robustness Value This is the number of times the host sends a report to the VDSL Router when the VDSL Router queries for the h...

Page 176: ...ings IGMP Setting IGMP Filter Ignore IGMP query which destination IP is not 224 0 0 1 Select this to discard IGMP query packets with a destination IP address other than 224 0 0 1 the all hosts multica...

Page 177: ...vices through the VDSL Router Max Allowed Channel This is how many IGMP channels the LAN device is allowed to subscribe to Modify Click the Edit icon to change the entry Multicast Service Use this sec...

Page 178: ...twork Settings IGMP Setting IGMP Filter Add a new service Table 59 Network Settings IGMP Setting IGMP Filter LAN Host Edit LABEL DESCRIPTION LAN Host This is the IP address of one of the VDSL Router s...

Page 179: ...allowed to subscribe Maximum active channels for Non STB Specify to how many of the service domain s IGMP channels LAN devices other than STBs are is allowed to subscribe Group List Use this section t...

Page 180: ...be Apply Click Apply to save your changes back to the VDSL Router Cancel Click Cancel to exit this screen without saving Table 61 Network Settings IGMP Setting IGMP Filter Add a new host limitation co...

Page 181: ...ask This is the subnet mask of the multicast IP address Modify Click the Edit icon to change the entry Click the Delete icon to delete the entry Apply Click Apply to save your changes Cancel Click Can...

Page 182: ...Chapter 13 IGMP P 873HNU P 51B User s Guide 182...

Page 183: ...nterface group when its DHCP Vendor ID option information matches one listed for the interface group Use the LAN screen to configure the private IP addresses the DHCP server on the VDSL Router assigns...

Page 184: ...interface group Note An interface can belong to only one group at a time Table 64 Network Settings Interface Group LABEL DESCRIPTION Add New Interface Group Click this button to create a new interface...

Page 185: ...Grouped LAN Interfaces Available LAN Interfaces Select one or more LAN interfaces Ethernet LAN HPNA or wireless LAN in the Available LAN Interfaces list and use the left arrow to move them to the Gro...

Page 186: ...to exit this screen without saving Table 65 Interface Group Configuration continued LABEL DESCRIPTION Table 66 Interface Grouping Criteria LABEL DESCRIPTION Source MAC Address Enter the source MAC add...

Page 187: ...HCP Option 125 Select this and enter vendor specific information of the matched traffic Enterprise Number Enter the vendor s 32 bit enterprise number registered with the IANA Internet Assigned Numbers...

Page 188: ...Chapter 14 Interface Group P 873HNU P 51B User s Guide 188...

Page 189: ...Return traffic for this session is also allowed 2 However other traffic initiated from the WAN is blocked 3 and 4 Figure 89 Default Firewall Action 15 1 1 What You Can Do in this Chapter Use the Fire...

Page 190: ...oS attack is one in which multiple compromised systems attack a single target thereby causing denial of service for users of the targeted system LAND Attack In a LAND attack hackers flood SYN packets...

Page 191: ...ed services and port numbers in the Protocol screen For a comprehensive list of port numbers and services visit the IANA Internet Assigned Number Authority website See Appendix E on page 325 for some...

Page 192: ...rity Settings Firewall Protocol Add Table 68 Security Settings Firewall Protocol LABEL DESCRIPTION Add New Protocol Entry Click this to add a new protocol Name This is the name of your customized serv...

Page 193: ...ce If you select Any the service is applied to all ports Type a single port number or the range of port numbers that define your customized service Protocol Number This field is displayed if you selec...

Page 194: ...a filter rule for incoming or outgoing IP traffic Name This displays the name of the rule Src IP This displays the source IP addresses to which this rule applies Please note that a blank source addre...

Page 195: ...estination Device Select the destination device to which the ACL rule applies If you select Specific IP Address enter the destiniation IP address in the field below Destination IP Address Enter the de...

Page 196: ...n list box to select the direction of traffic to which this rule applies Enable Rate Limit Select this check box to set a limit on the upstream downstream transmission rate for the specified protocol...

Page 197: ...addresses of the devices to configure this screen 16 2 The MAC Filter Screen Use this screen to change your ZyXEL Device s MAC filter settings Click Security Settings MAC Filter The screen appears as...

Page 198: ...ich you can add a device to the MAC filter Allow List Enter the device s MAC address and click OK This is the index number of the entry Device This is the name of the device that is allowed access to...

Page 199: ...en see Chapter 18 on page 203 for detailed information 17 2 The Parental Control Screen Use this screen to configure parental control settings to block the users on your network from accessing certain...

Page 200: ...w parental control rule This is the index number of the rule PC Name IP MAC The VDSL Router allows or prohibits the users from viewing the Web sites with the URLs listed below Access Type This shows t...

Page 201: ...rs from viewing the web sites with the URLs listed below If you select Allow Web Site the VDSL Router blocks access to all URLs except ones listed below If you select Block All the VDSL Router blocks...

Page 202: ...Chapter 17 Parental Control P 873HNU P 51B User s Guide 202...

Page 203: ...screen Figure 98 Advanced Scheduler Rules The following table describes the fields in this screen Table 75 Advanced Scheduler Rules LABEL DESCRIPTION Add new rule Click this to create a new rule This...

Page 204: ...describes the fields in this screen Table 76 Scheduler Rules Add Edit LABEL DESCRIPTION Rule Name Enter a name up to 31 printable English keyboard characters not including spaces for this schedule Da...

Page 205: ...eed to Know The following terms and concepts may help as you read through this chapter Certification Authority A Certification Authority CA issues certificates and guarantees the identity of each cert...

Page 206: ...a unique name In Use This field displays whether the certificate is in use and how many applications use the certificate Subject This field displays identifying information about the certificate s own...

Page 207: ...in dotted decimal notation domain name or e mail address in the field provided The domain name or e mail address can be up to 63 ASCII characters The domain name or e mail address is for identificati...

Page 208: ...ificate After you create a certificate request and have it signed by a Certificate Authority in the Local Certificates screen click the certificate request s Load Signed icon to import the signed cert...

Page 209: ...creen Follow the instructions in this screen to save an existing certificate to the VDSL Router Note You must remove any spaces from the certificate s filename before you can import it Table 79 Load S...

Page 210: ...the certificate of a certification authority that you trust from your computer to the VDSL Router Certificate Name Type up to 63 ASCII characters not including spaces to identify this certificate Cert...

Page 211: ...icon to open the Certificate Details screen Use this screen to view in depth certificate information and change the certificate s name Table 81 Import Local Certificate Import from file LABEL DESCRIP...

Page 212: ...on Authority signed the certificate request means this is a certification request Subject This field displays information that identifies the owner of the certificate such as Common Name CN Organizati...

Page 213: ...nd to friends or colleagues or you can copy and paste the certificate into a text editor and save the file on a management computer for later distribution via floppy disk for example Signing Request T...

Page 214: ...to use Table 83 Security Settings Certificates Trusted CA continued LABEL DESCRIPTION Table 84 Trusted CA View LABEL DESCRIPTION Name This field displays the identifying name of this certificate Type...

Page 215: ...t Local Certificate screen the following screen is displayed Table 85 Trusted CA Import Certificate LABEL DESCRIPTION Import from file Click this check box to open a screen where you can save the cert...

Page 216: ...ollowing table describes the labels in this screen Table 86 Import Local Certificate LABEL DESCRIPTION Certificate File Path Type in the location of the certificate you want to upload in this field or...

Page 217: ...outer from a remote location through the following interfaces LAN WAN Note The VDSL Router is managed using the Web Configurator 20 2 The Service Control Screen Use this screen to configure through wh...

Page 218: ...N WAN Select the Enable check box for the corresponding services that you want to allow access to the VDSL Router from the WAN Port You may change the server port number for a service if needed howeve...

Page 219: ...is found for the IP address ARP broadcasts the request to all the devices on the LAN The device fills in its own MAC and IP address in the sender address fields and puts the known IP address of the t...

Page 220: ...P Table LABEL DESCRIPTION This is the ARP table entry number IP Address This is the learned IP address of a device connected to a port MAC Address This is the MAC address of the device with the listed...

Page 221: ...web sites Some categories such as System Errors consist of both logs and alerts You may differentiate them by their color in the View Log screen Alerts display in red and logs display in black Syslog...

Page 222: ...e 7 Debug The message is intended for debug level purposes Table 89 Syslog Severity Levels continued CODE SEVERITY Table 90 System Monitor Log System Log LABEL DESCRIPTION Level Select a severity leve...

Page 223: ...PTION Table 91 System Monitor Log Security Log LABEL DESCRIPTION Level Select a severity level from the drop down list box This filters search results according to the severity level you have selected...

Page 224: ...Chapter 22 Logs P 873HNU P 51B User s Guide 224...

Page 225: ...to view the WAN traffic statistics Section 23 2 on page 225 Use the LAN screen to view the LAN traffic statistics Section 23 3 on page 226 Use the HPNA screen to view the HPNA traffic statistics Secti...

Page 226: ...ber of received packets on this interface Error This indicates the number of frames with errors received on this interface Drop This indicates the number of received packets dropped on this interface...

Page 227: ...on this interface Bytes Received This indicates the number of bytes received on this interface more less Click more to show more information Click less to hide them Interface This shows the LAN or WL...

Page 228: ...indicates the number of packets transmitted by this client RX Packet This indicates the number of packets received by this client TX Byte This indicates the number of bytes transmitted on this interf...

Page 229: ...open this screen click System Monitor IGMP Group Status IGMP Group Figure 118 System Monitor IGMP Group Status IGMP Group The following table describes the labels in this screen Table 95 System Monit...

Page 230: ...VDSL Router counted from when the IGMP multicast group was joined to when it was left Total Joins This field displays the total number of Join packets the VDSL Router has received for this IGMP multi...

Page 231: ...uide 231 CHAPTER 25 xDSL Statistics 25 1 The xDSL Statistics Screen Use this screen to view detailed DSL statistics Click System Monitor xDSL Statistics to open the following screen Figure 120 System...

Page 232: ...e power could increase with the system still being able to meet its transmission targets Actual Delay This is the upstream and downstream interleave delay It is the wait in milliseconds that determine...

Page 233: ...ervice provider FEC This is the number of Far End Corrected blocks CRC This is the number of Cyclic Redundancy Checks ES This is the number of Errored Seconds meaning the number of seconds containing...

Page 234: ...Chapter 25 xDSL Statistics P 873HNU P 51B User s Guide 234...

Page 235: ...on 26 1 Overview In the Users Configuration screen you can view add and configure user accounts of the VDSL Router 26 2 The Users Configuration Screen Click Maintenance Users Configuration to open the...

Page 236: ...password The VDSL Router notifies users when their passwords expire and forces them to change to a new one in order to log in The new password the user selects cannot match any of the user s three pr...

Page 237: ...displayed only when you are editing the user account Enter the exact same password that you just entered in the above field Retry Times The VDSL Router can lock a user out if you use a wrong user name...

Page 238: ...Chapter 26 Users Configuration P 873HNU P 51B User s Guide 238...

Page 239: ...rom which IP address es users can use SNMP to access the VDSL Router 27 2 The TR 069 Clients Screen TR 069 defines how Customer Premise Equipment CPE for example your VDSL Router can be managed over t...

Page 240: ...R 069 client Select a WAN interface through which the TR 069 traffic passes If you select Any_WAN you should also select the pre configured WAN connection s Display SOAP messages on serial console Sel...

Page 241: ...t The following table describes the fields in this screen 27 4 The SNMP Agent Screen Simple Network Management Protocol is a protocol used for exchanging management information between network devices...

Page 242: ...de port status etc A Management Information Base MIB is a collection of managed objects SNMP allows a manager and agents to communicate for the purpose of accessing these objects SNMP itself is a simp...

Page 243: ...s from the management station The default is public and allows all requests Set Community Enter the Set community which is the password for incoming Set requests from the management station The defaul...

Page 244: ...Chapter 27 Remote Management P 873HNU P 51B User s Guide 244...

Page 245: ...such as system time password name the domain name and the inactivity timeout interval 28 2 The Time Setting Screen To change your VDSL Router s time and date click Maintenance Time Setting The screen...

Page 246: ...ng Time at 2 A M local time So in the United States set the day to Second Sunday the month to March and the time to 2 in the Hour field Daylight Saving Time starts in the European Union on the last Su...

Page 247: ...where the VDSL Router sends logs and which logs and or immediate alerts the VDSL Router records in the Logs Setting screen 29 2 The Logs Setting Screen To change your VDSL Router s log settings click...

Page 248: ...ield is left blank the VDSL Router does not send logs via E mail Send Alarm to Alerts are real time notifications that are sent as soon as an event such as a DoS attack system error or forbidden web a...

Page 249: ...com To user zyxel com 1 Apr 7 00 From 192 168 1 1 To 192 168 1 255 default policy forward 09 54 03 UDP src port 00520 dest port 00520 1 00 2 Apr 7 00 From 192 168 1 131 To 192 168 1 255 default polic...

Page 250: ...Chapter 29 Logs Setting P 873HNU P 51B User s Guide 250...

Page 251: ...process uses HTTP Hypertext Transfer Protocol and may take up to two minutes After a successful upload the system will reboot Do NOT turn off the VDSL Router while firmware upload is in progress Figur...

Page 252: ...e 132 Network Temporarily Disconnected After two minutes log in again and check your new firmware version in the Status screen If the upload was not successful the following screen will appear Click O...

Page 253: ...figuration appears in this screen as shown next Figure 134 Maintenance Configuration Backup Configuration Backup Configuration allows you to back up save the VDSL Router s current configuration to a f...

Page 254: ...ed to change the IP address of your computer to be in the same subnet as that of the default device IP address 192 168 1 1 See Appendix A on page 275 for details on how to set up your computer s IP ad...

Page 255: ...ur VDSL Router Refer to Section 1 6 on page 22 for more information on the RESET button 31 3 The Reboot Screen System restart allows you to reboot the VDSL Router remotely without turning the power of...

Page 256: ...Chapter 31 Configuration P 873HNU P 51B User s Guide 256...

Page 257: ...OAM Ping Test screen lets you send an ATM OAM Operation Administration and Maintenance packet to verify the connectivity of a specific PVC Section 32 5 on page 259 32 2 What You Need to Know The follo...

Page 258: ...iagnostic 8 2 1ag to open the following screen Use this screen to perform CFM actions Table 107 Maintenance Diagnostic Ping TraceRoute NsLookup LABEL DESCRIPTION URL or IP Address Type the IP address...

Page 259: ...agement Maintenance Domain MD Level Select a level 0 7 under which you want to create an MA Destination MAC Address Enter the target device s MAC address to which the VDSL Router performs a CFM loopba...

Page 260: ...e distinguished from data cells by a predefined Payload Type Identifier PTI in the cell header Both F4 flows and F5 flows are bidirectional and have two types segment F4 flows VCI 3 end to end F4 flow...

Page 261: ...nance Diagnostic OAM Ping Test LABEL DESCRIPTION Select a PVC on which you want to perform the loopback test F4 segment Press this to perform an OAM F4 segment loopback test F4 end end Press this to p...

Page 262: ...Chapter 32 Diagnostic P 873HNU P 51B User s Guide 262...

Page 263: ...you are using the power adaptor or cord included with the VDSL Router 3 Make sure the power adaptor or cord is connected to the VDSL Router and plugged in to an appropriate power source Make sure the...

Page 264: ...f this does not work you have to reset the device to its factory defaults See Section 1 6 on page 22 I cannot see or access the Login screen in the web configurator 1 Make sure you are using the corre...

Page 265: ...is not on 2 You cannot log in to the web configurator while someone is using Telnet to access the VDSL Router Log out of the VDSL Router in the other session or ask the person who is logged in to log...

Page 266: ...ured a proper DSL WAN interface Network Settings Broadband screen with the Internet account information provided by your ISP and that it is enabled 3 Check that the LAN interface you are connected to...

Page 267: ...is problem The following factors may cause interference Obstacles walls ceilings furniture and so on Building Materials metal doors aluminum studs Electrical devices microwaves monitors electric motor...

Page 268: ...depending on which security mode the wireless client uses WPA2 WPA2 IEEE 802 11i is a wireless security standard that defines stronger encryption authentication and key management than WPA It require...

Page 269: ...LAN WPS LED is green press the WLAN WPS button for five seconds and release it to enable WPS Wi Fi Protected Setup To turn off the wireless network press the WLAN WPS button on the front of the VDSL R...

Page 270: ...an use this feature to let people access it from the Internet DHCP Dynamic Host Configuration Protocol Use this feature to have the VDSL Router assign IP addresses an IP default gateway and DNS server...

Page 271: ...12a b and 17a Support U0 band for long reach Maximum data rate DS US 100Mbps 45Mbps Rate adaption SRA Seamless Rate Adaption UPBO Upstream power back off VDSL OAM communication channels INP value up...

Page 272: ...1723 RIP 2 Routing Information Protocol RFC 2236 Internet Group Management Protocol Version 2 RFC 2364 PPP over AAL5 PPP over ATM over ADSL RFC 2516 A Method for Transmitting PPP Over Ethernet PPPoE...

Page 273: ...G 992 4 G lite bis ITU standard also referred to as ADSL2 that extends the capability of basic ADSL in data rates ITU G 992 5 ADSL2 ITU standard also referred to as ADSL2 that extends the capability o...

Page 274: ...Chapter 34 Product Specifications P 873HNU P 51B User s Guide 274...

Page 275: ...application package TCP IP should already be installed on computers using Windows NT 2000 XP Macintosh OS 7 and later operating systems After the appropriate TCP IP components are installed configure...

Page 276: ...ft from the list of manufacturers 4 Select TCP IP from the list of network protocols and then click OK If you need Client for Microsoft Networks 1 Click Add 2 Select Client and then click Add 3 Select...

Page 277: ...IP Address 3 Click the DNS Configuration tab If you do not know your DNS information select Disable DNS If you know your DNS information select Enable DNS and type the information in the fields below...

Page 278: ...your VDSL Router and restart your computer when prompted Verifying Settings 1 Click Start and then Run 2 In the Run window type winipcfg and then click OK to open the IP Configuration window 3 Select...

Page 279: ...s Guide 279 Figure 148 Windows XP Control Panel 3 Right click Local Area Connection and then click Properties Figure 149 Windows XP Control Panel Network Connections Properties 4 Select Internet Proto...

Page 280: ...Protocol TCP IP Properties window opens the General tab in Windows XP If you have a dynamic IP address click Obtain an IP address automatically If you have a static IP address click Use the following...

Page 281: ...TCP IP Gateway Address type the IP address of the default gateway in Gateway To manually configure a default metric the number of transmission hops clear the Automatic metric check box and type a metr...

Page 282: ...onnections window Network and Dial up Connections in Windows 2000 NT 11 Turn on your VDSL Router and restart your computer if prompted Verifying Settings 1 Click Start All Programs Accessories and the...

Page 283: ...4 Windows Vista Start Menu 2 In the Control Panel double click Network and Internet Figure 155 Windows Vista Control Panel 3 Click Network and Sharing Center Figure 156 Windows Vista Network And Inter...

Page 284: ...displays a screen saying that it needs your permission to continue Figure 158 Windows Vista Network and Sharing Center 6 Select Internet Protocol Version 4 TCP IPv4 and click Properties Figure 159 Wi...

Page 285: ...to configure additional IP addresses In the IP Settings tab in IP addresses click Add In TCP IP Address type an IP address in IP address and a subnet mask in Subnet mask and then click Add Repeat the...

Page 286: ...perties window the General tab Click Obtain DNS server address automatically if you do not know your DNS server IP address es If you know your DNS server IP address es click Use the following DNS serv...

Page 287: ...ies window 12 Close the Network Connections window 13 Turn on your VDSL Router and restart your computer if prompted Verifying Settings 1 Click Start All Programs Accessories and then Command Prompt 2...

Page 288: ...uide 288 Figure 163 Macintosh OS 8 9 Apple Menu 2 Select Ethernet built in from the Connect via list Figure 164 Macintosh OS 8 9 TCP IP 3 For dynamically assigned settings select Using DHCP Server fro...

Page 289: ...ve changes to your configuration 7 Turn on your VDSL Router and restart your computer if prompted Verifying Settings Check your TCP IP properties in the TCP IP Control Panel window Macintosh OS X 1 Cl...

Page 290: ...e the IP address of your VDSL Router in the Router address box 5 Click Apply Now and close the window 6 Turn on your VDSL Router and restart your computer if prompted Verifying Settings Check your TCP...

Page 291: ...iguration Devices 2 Double click on the profile of the network card you wish to configure The Ethernet Device General screen displays as shown Figure 168 Red Hat 9 0 KDE Ethernet Device General If you...

Page 292: ...all screens Figure 170 Red Hat 9 0 KDE Network Configuration Activate 7 After the network card restart process is complete make sure the Status is Active in the Network Configuration screen Using Con...

Page 293: ...ws an example where two DNS server IP addresses are specified Figure 173 Red Hat 9 0 DNS Settings in resolv conf 3 After you edit and save the configuration files you must restart the network card Ent...

Page 294: ...hernet HWaddr 00 50 BA 72 5B 44 inet addr 172 23 19 129 Bcast 172 23 19 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 717 errors 0 dropped 0 overruns 0 frame 0 TX...

Page 295: ...share a common street name the hosts on a network share a common network number Similarly as each house has its own house number each host on the network has its own unique identifying number the hos...

Page 296: ...n the IP address is part of the host ID The following example shows a subnet mask identifying the network number in bold text and host ID of an IP address 192 168 1 2 in decimal By convention subnet m...

Page 297: ...s number of zeros for the remainder of the 32 bit mask you can simply specify the number of ones instead of writing the value of each octet This is usually specified by writing a followed by the numbe...

Page 298: ...ollowing figure shows the company network before subnetting Figure 177 Subnetting Example Before Subnetting You can borrow one of the host ID bits to divide the network 192 168 1 0 into two separate s...

Page 299: ...68 1 254 Example Four Subnets The previous example illustrated using a 25 bit subnet mask to divide a 24 bit address into two subnets Similarly to divide a 24 bit address into four subnets you need to...

Page 300: ...R LAST OCTET BIT VALUE IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address 192 168 1 128 Lowest Host ID...

Page 301: ...d Number Authority IANA reserved this block of addresses specifically for private use please do not use any other number unless you are told otherwise You must also enable Network Address Translation...

Page 302: ...gn any IP addresses to the hosts without problems However the Internet Assigned Numbers Authority IANA has reserved the following three blocks of IP addresses specifically for private networks 10 0 0...

Page 303: ...ng to log into your device Either disable pop up blocking enabled by default in Windows XP SP Service Pack 2 or allow pop up blocking and create an exception for your device s IP address Disable Pop u...

Page 304: ...Privacy 3 Click Apply to save this setting Enable Pop up Blockers with Exceptions Alternatively if you only want to allow pop up windows from your device see the following steps 1 In Internet Explore...

Page 305: ...ide 305 Figure 181 Internet Options Privacy 3 Type the IP address of your device the web page that you do not want to have blocked with the prefix http For example http 192 168 167 1 4 Click Add to mo...

Page 306: ...play properly in Internet Explorer check that JavaScripts are allowed 1 In Internet Explorer click Tools Internet Options and then the Security tab Figure 183 Internet Options Security 2 Click the Cus...

Page 307: ...e 184 Security Settings Java Scripting Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll down to Microsoft VM 4...

Page 308: ...U P 51B User s Guide 308 Figure 185 Security Settings Java JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 Make sure that Use Java 2 for applet under Java Su...

Page 309: ...sed here Screens for other versions may vary You can enable Java Javascript and pop ups in one screen Click Tools then click Options in the screen that appears Figure 187 Mozilla Firefox Tools Options...

Page 310: ...Appendix C Pop up Windows JavaScript and Java Permissions P 873HNU P 51B User s Guide 310...

Page 311: ...ependent Basic Service Set IBSS The following diagram shows an example of notebook computers using wireless adapters to form an ad hoc wireless LAN Figure 189 Peer to Peer Communication in an Ad hoc N...

Page 312: ...wired connection between APs is called a Distribution System DS This type of wireless LAN topology is called an Infrastructure WLAN The Access Points not only provide communication with the wired netw...

Page 313: ...rtially overlap however To avoid interference due to overlap your AP should be on a channel at least five channels away from a channel that an adjacent AP is using For example if your region has 11 ch...

Page 314: ...Request To Send CTS Clear to Send handshake You should only configure RTS CTS if the possibility of hidden nodes exists on your network and the cost of resending large frames is more than the extra ne...

Page 315: ...effectiveness of these wireless security methods available on your VDSL Router Note You must enable the same wireless security settings on the VDSL Router and on all wireless clients that you want to...

Page 316: ...cted to the network Accounting Keeps track of the client s network activity RADIUS is a simple package exchange in which your AP acts as a message relay between the wireless client and the network RAD...

Page 317: ...he wireless client proves that it knows the password by encrypting the password with the challenge and sends back the information Password is not sent in plain text However MD5 authentication has some...

Page 318: ...the wireless security configuration screen You may still configure and store keys but they will not be used while dynamic WEP is enabled Note EAP MD5 cannot be used with Dynamic WEP Key Exchange For a...

Page 319: ...at the same encryption key is never used twice The RADIUS server distributes a Pairwise Master Key PMK key to the AP that then sets up a key hierarchy and management system using the PMK to dynamicall...

Page 320: ...dely available supplicant is the WPA patch for Windows XP Funk Software s Odyssey client The Windows XP patch is a free download that adds WPA capability to Windows XP s built in Zero Configuration wi...

Page 321: ...rs including spaces and symbols 2 The AP checks each wireless client s password and allows it to join the network only if the password matches 3 The AP and wireless clients generate a common PMK Pairw...

Page 322: ...r 5GHz IEEE 802 11a is needed to communicate efficiently in a wireless LAN Radiation Pattern A radiation pattern is a diagram that allows you to visualize the shape of the antenna s coverage area Ante...

Page 323: ...ble to make circular overlapping coverage areas with multiple access points Directional antennas concentrate the RF signal in a beam like a flashlight does with the light from its bulb The angle of th...

Page 324: ...Appendix D Wireless LANs P 873HNU P 51B User s Guide 324...

Page 325: ...pe of IP protocol used by the service If this is TCP UDP then the service uses the same port number with TCP and UDP If this is USER DEFINED the Port s is the IP protocol number not the port number Po...

Page 326: ...l a program to enable fast transfer of files including large files that may not be possible by e mail H 323 TCP 1720 NetMeeting uses this protocol HTTP TCP 80 Hyper Text Transfer Protocol a client ser...

Page 327: ...GRE User Defined 47 PPTP Point to Point Tunneling Protocol enables secure transfer of data over public networks This is the data channel RCMD TCP 512 Remote Command Service REAL_AUDIO TCP 7070 A stre...

Page 328: ...1558 Stream Works Protocol SYSLOG UDP 514 Syslog allows you to send system logs to a UNIX server TACACS UDP 49 Login Host Protocol used for Terminal Access Controller Access Control System TELNET TCP...

Page 329: ...tice Trademarks ZyNOS ZyXEL Network Operating System is a registered trademark of ZyXEL Communications Inc Other trademarks mentioned in this publication are used for identification purposes only and...

Page 330: ...t This transmitter must not be co located or operating in conjunction with any other antenna or transmitter IEEE 802 11b or 802 11g operation of this product in the U S A is firmware limited to channe...

Page 331: ...aged by an act of God or subjected to abnormal working conditions Note Repair or replacement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all ot...

Page 332: ...evice if the power adaptor or cord is damaged as it might cause electrocution If the power adaptor or cord is damaged remove it from the device and the power source Do NOT attempt to repair the power...

Page 333: ...rvice Set See BSS 311 Basic Service Set see BSS blinking LEDs 21 broadcast 66 BSS 100 311 example 100 C CA 205 317 Canonical Format Indicator See CFI CBR 79 CCMs 257 certificate details 211 factory de...

Page 334: ...n Name System see DNS DoS 190 DS field 148 DS dee differentiated services DSCP 148 DSL bonding 74 dynamic DNS 170 wildcard 170 Dynamic Host Configuration Protocol see DHCP dynamic WEP key exchange 318...

Page 335: ...icast Protocol see IGMP IP address 66 77 110 127 ping 258 private 128 IP alias NAT applications 166 IP multicasting 272 L LAN 109 client list 113 DHCP 110 126 DNS 110 127 IP address 110 111 127 MAC ad...

Page 336: ...ation humidity 269 operation temperature 269 other documentation 2 P Pairwise Master Key PMK 319 321 passwords 25 PBC 101 PCR 78 Per Hop Behavior see PHB 148 PHB 148 PIN WPS 102 example 103 Ping of De...

Page 337: ...es 166 setup firewalls 191 static route 130 171 236 shaping traffic 78 Simple Network Management Protocol see SNMP Single Rate Three Color Marker see srTCM SIP ALG 162 activation 162 SMTP 166 SNMP 166...

Page 338: ...115 installation 115 NAT traversal 110 V VBR 79 VBR nRT 79 VBR RT 79 VCI 77 VDSL 271 VID Virtual Local Area Network See VLAN VLAN 79 Introduction 79 number of possible VIDs priority frame static VLAN...

Page 339: ...ity 315 Wireless tutorial 41 wizard setup Internet 33 WLAN interference 313 security parameters 322 WPA 99 318 key caching 320 pre authentication 320 user authentication 319 vs WPA PSK 319 wireless cl...

Reviews:

No comments

Brands by name

Popular brands

Load more brands