manualshive.com logo in svg

ZyXEL Communications PMG5318-B20A, User Manual

Share
Download
ZyXEL Communications PMG5318-B20A User Manual Download Page 136

Chapter 15 Firewall

PMG5318-B20A User’s Guide

136

• Allow everyone except your competitors to access a web server.
• Restrict use of certain protocols, such as Telnet, to authorized users on the LAN.

These custom rules work by comparing the source IP address, destination IP address and IP 
protocol type of network traffic to rules set by the administrator. Your customized rules take 
precedence and override the GPON Device’s default rules. 

15.4.2  Guidelines For Enhancing Security With Your Firewall

6

Change the default password via web configurator.

7

Think about access control before you connect to the network in any way.

8

Limit who can access your router.

9

Don't enable any local service (such as telnet or FTP) that you don't use. Any enabled service could 
present a potential security risk. A determined hacker might be able to find creative ways to misuse 
the enabled services to access the firewall or the network.

10

For local services that are enabled, protect against misuse. Protect by configuring the services to 
communicate only with specific peers, and protect by configuring rules to block packets for the 
services at specific interfaces.

11

Protect against IP spoofing by making sure the firewall is active.

12

Keep the firewall in a secured (locked) room.

15.4.3  Security Considerations

Note: Incorrectly configuring the firewall may block valid access or introduce security 

risks to the GPON Device and your protected network. Use caution when creating or 

deleting firewall rules and test your rules after you configure them.

Consider these security ramifications before creating a rule:

1

Does this rule stop LAN users from accessing critical resources on the Internet? For example, if IRC 
is blocked, are there users that require this service?

2

Is it possible to modify the rule to be more specific? For example, if IRC is blocked for all users, will 
a rule that blocks just certain users be more effective?

3

Does a rule that allows Internet users access to resources on the LAN create a security 
vulnerability? For example, if FTP ports (TCP 20, 21) are allowed from the Internet to the LAN, 
Internet users may be able to connect to computers with running FTP servers.

4

Does this rule conflict with any existing rules?

Once these questions have been answered, adding rules is simply a matter of entering the 
information into the correct fields in the web configurator screens.

Summary of Contents for PMG5318-B20A

Page 1: ... PMG5318 B20A Wireless N GPON HGU with 4 port GbE Switch Version 1 00 Edition 1 11 2013 Copyright 2013 ZyXEL Communications Corporation User s Guide Default Login Details LAN IP Address http 192 168 1 1 User Name admin Password 1234 ...

Page 2: ...ook may differ slightly from your product due to differences in your product firmware or your computer operating system Every effort has been made to ensure that the information in this manual is accurate Related Documentation Quick Start Guide The Quick Start Guide shows how to connect the GPON Device and get up and running right away ...

Page 3: ...he Reset Button 12 1 6 1 Using the Reset Button 12 1 7 The WPS Button 13 1 7 1 Using the WPS button 13 Chapter 2 The Web Configurator 15 2 1 Overview 15 2 1 1 Accessing the Web Configurator 15 2 2 Web Configurator Main Screen 16 2 2 1 Title Bar 16 2 2 2 Navigation Panel 17 2 2 3 Main Window 18 2 2 4 Status Bar 19 Chapter 3 Status Screens 21 3 1 Overview 21 3 2 Status 21 Chapter 4 WAN 25 4 1 Overvi...

Page 4: ...You Start 46 6 2 The General Screen 46 6 3 The Security Screen 47 6 3 1 No Security 48 6 3 2 WEP Encryption 48 6 3 3 WPA 2 PSK 50 6 3 4 WPA 2 51 6 4 The WPS Screen 52 6 5 The WPS Station Screen 53 6 5 1 MAC Filter 53 6 6 The WMM Screen 55 6 7 The Status Screen 55 6 8 The Isolation Screen 56 6 9 Wireless LAN Technical Reference 57 6 9 1 Wireless Network Overview 57 6 9 2 Additional Wireless Terms 5...

Page 5: ...S General Screen 79 Chapter 9 Voice 81 9 1 Introduction 81 9 1 1 What You Need to Know 81 9 2 SIP Service Provider 82 9 2 1 Dial Plan 85 9 3 SIP Account 87 9 4 Analog Phone 90 9 5 Speed Dial 90 Chapter 10 Phone Usage 93 10 1 Overview 93 10 2 Dialing a Telephone Number 93 10 3 Using Speed Dial 93 10 4 Phone Services Overview 93 10 4 1 The Flash Key 94 10 4 2 Supplementary Phone Services 94 Chapter ...

Page 6: ... 2 1 Configuring Static Route 120 13 2 2 Static Route Edit 121 Chapter 14 Dynamic DNS 123 14 1 Overview 123 14 1 1 What You Need To Know 123 14 2 The Dynamic DNS Screen 124 Chapter 15 Firewall 127 15 1 Overview 127 15 1 1 What You Can Do in the Firewall Screens 127 15 1 2 What You Need to Know About Firewall 128 15 2 The General Screen 130 15 3 The Rules Screen 131 15 3 1 The Rules Add Screen 132 ...

Page 7: ...me Warnings 145 18 2 Firmware Upgrade 145 18 3 Configuration 147 18 3 1 Backup Configuration 147 18 3 2 Restore Configuration 147 18 3 3 Reset to Factory Defaults 148 18 4 Restart 148 Chapter 19 Diagnostic 149 19 1 Overview 149 19 2 General 149 Chapter 20 Troubleshooting 151 20 1 Overview 151 20 2 Power Hardware Connections and LEDs 151 20 3 GPON Device Access and Login 152 20 4 Internet Access 15...

Page 8: ...Table of Contents PMG5318 B20A User s Guide 8 ...

Page 9: ...ake the GPON Device more secure and to manage the GPON Device more effectively Change the password Use a password that s not easy to guess and that consists of different types of characters such as numbers and letters Write down the password and put it in a safe place Back up the configuration and make sure you know how to restore it Restoring an earlier working configuration may be useful if the ...

Page 10: ...features as broadband Internet access Voice over IP telephony and streaming video audio media all at the same time with no noticeable loss in bandwidth Figure 1 Triple Play Example 1 4 2 Internet Access Your GPON Device provides shared Internet access by connecting a fiber optic line provided by the ISP to the PON port Figure 2 GPON Device s Router Features Internet LAN ...

Page 11: ...n if the GPON Device is not receiving power Internet PSTN Table 1 LED Descriptions LED COLOR STATUS DESCRIPTION POWER Green On The GPON Device is receiving power and ready for use Blinking The GPON Device is self testing Red On The GPON Device detected an error while self testing or there is a device malfunction Off The GPON Device is not receiving power and there is no device malfunction PON Gree...

Page 12: ...ng data to from the LAN through this port Orange On The GPON Device has a 10 100M Ethernet connection with another device such as a computer on the Local Area Network LAN through this port Blinking The GPON Device is sending receiving data to from the LAN through this port Off The GPON Device does not have an Ethernet connection with the LAN through this port WLAN Green On The wireless network is ...

Page 13: ...curity Figure 5 WPS Button 1 7 1 Using the WPS button 1 Make sure the POWER LED is on not blinking 2 If the wireless LAN of the GPON Device is enabled the LED light shines green If not press the WPS button for more than 5 seconds and release it when the LED turns green If you want to turn it off press the WPS button for 5 seconds again 3 Press the WPS button for over 5 seconds and release it See a...

Page 14: ...Chapter 1 Introduction PMG5318 B20A User s Guide 14 ...

Page 15: ...king is enabled by default in Windows XP SP Service Pack 2 JavaScript enabled by default Java permissions enabled by default 2 1 1 Accessing the Web Configurator 1 Make sure your GPON Device hardware is properly connected refer to Section 1 5 on page 11 for details on this 2 Launch your web browser 3 Type the default device address shown on the cover page of this User s Guide as the URL 4 A passwo...

Page 16: ...tor Main Screen The main screen is divided into these parts Figure 7 Main Screen A title bar B navigation panel C main window D status bar 2 2 1 Title Bar The title bar provides the Logout icon in the upper right corner Click this icon to log out of the web configurator B C D A ...

Page 17: ...ss security WPS Use this screen to enable or disable WPS generate a security PIN Personal Identification Number and see information about the ONT s WPS status WPS Station Use this screen to set up WPS by pressing a button or using a PIN MAC Filter Use this screen to allow or deny MAC address es for specific wireless networks WMM Use this screen to enable Wi Fi MultiMedia WMM to ensure quality of s...

Page 18: ...gure the required information for a static route Dynamic DNS Use this screen to enable DDNS and configure the DDNS settings on the ONT Security Firewall General Use this screen to enable firewall and set the default action that the firewall takes on packets depending on packet direction Rules Use this screen to view the configured firewall rules and add edit or remove a firewall rule Maintenance S...

Page 19: ...Chapter 2 The Web Configurator PMG5318 B20A User s Guide 19 2 2 4 Status Bar Check the status bar when you click Apply or OK to verify that the configuration has been updated ...

Page 20: ...Chapter 2 The Web Configurator PMG5318 B20A User s Guide 20 ...

Page 21: ...ens 3 1 Overview Use the Status screens to look at the current status of the device system resources interfaces LAN and WAN and SIP accounts You can also register and unregister SIP accounts 3 2 Status Click Status to access this screen Figure 8 Status ...

Page 22: ...r for this WAN connection IP Address This field displays the IP address of the WAN connection IP Subnet Mask This field displays the WAN connection s subnet mask Default Gateway This field displays the IP address of the default gateway if applicable First Second Third DNS Server These are the DNS server IP addresses assigned to the WAN connection IPv6 Global Address This is the IPv6 global address...

Page 23: ...d displays what percentage of the GPON Device s memory is currently used Usually this percentage should not increase much If memory usage does get close to 100 the GPON Device is probably becoming unstable and you should restart the device See Section 18 4 on page 148 or turn it off unplug the power for a few seconds Interface Status Interface This column identifies the interface on the GPON Devic...

Page 24: ...the SIP server the attempt failed Use the Register button to register the account again The GPON Device automatically tries to register the SIP account when you turn on the GPON Device or when you activate it Registered The SIP account is already registered with the SIP server You can use it to make a VoIP call Associate Service Provider Name This column displays the service provider name for each...

Page 25: ...with existing access control systems for example RADIUS One of the benefits of PPPoE is the ability to let you access one of multiple network services a function known as dynamic service selection This enables the service provider to easily create and offer new IP services for individuals Operationally PPPoE saves significant effort for both you and the ISP or carrier as it requires no specific co...

Page 26: ...PON Device s WAN interfaces Click Modify or Add in the Network WAN Internet Access Setup status screen Table 4 Internet Access Setup Status LABEL DESCRIPTION Interface This shows the name of the interface used by this connection Description This is the service description for traffic using this connection Type This shows the method of encapsulation used by this connection Service Type This is the ...

Page 27: ...ble fields vary in this screen depending on the option PPPoE IP or Bridging you select in the WAN interface type field 4 3 1 WAN Interface Type PPPoE Select PPPoE as the WAN interface type to open the following screen Figure 10 Internet Access Setup PPPoE ...

Page 28: ...here domain identifies a service name then enter both components exactly as given Password Enter the password associated with the user name above Service Name Type the name of your PPPoE service here Authentication Method The GPON Device supports PAP Password Authentication Protocol and CHAP Challenge Handshake Authentication Protocol CHAP is more secure than PAP however PAP is readily available o...

Page 29: ...ttached to the interface Connection Always on Select Always on when you want your connection up all the time The GPON Device will try to bring up the connection automatically if it is disconnected Connect Demand Select Connect Demand when you don t want the connection up all the time and specify an idle time out in the Max Idle Timeout field Feature Enable NAT Select this check box to activate NAT...

Page 30: ...IPv6 Address Enter the IPv6 address assigned by your ISP for this WAN Prefix Length Enter the address prefix length to specify how many most significant bits in an IPv6 address compose the network address Default Gateway Enter the IP address of the next hop gateway The gateway is a router or switch on the same segment as your GPON Device s interface s The gateway helps forward packets to their des...

Page 31: ...e This helps hosts to choose their default router especially when there are multiple IPv6 routers in the network Note Make sure the hosts also support router preference to make this function work Prefix Enter the IPv6 prefix provided by your ISP Prefix Length Enter the bit number of the IPv6 subnet mask provided by your ISP Apply Click Apply to save the changes Cancel Click Cancel to begin configu...

Page 32: ...Chapter 4 WAN PMG5318 B20A User s Guide 32 4 3 2 WAN Interface Type IP Select IP as the WAN interface type to open the following screen Figure 11 Internet Access Setup IP ...

Page 33: ...ing Enable ARP Ping Select this to have the GPON Device send ARP requests to the gateway regularly if the gateway IP might change often If the GPON Device does not receive the gateway s response the GPON Device requests a new gateway IP through DHCP Service Service Description Enter a description to identify this WAN interface 802 1Q VLAN ID This shows the VLAN ID assigned to traffic for this conn...

Page 34: ...elect this to have the GPON Device detect if the IP address assigned to this WAN interface conflicts with other WAN IP addresses IPv4 IP Address Obtain an IP Address Automatically A dynamic IP address is not fixed the ISP assigns a different one each time you connect to the Internet Select Obtain an IP Address Automatically to get a dynamic IPv4 address for this WAN The following DHCP Option 60 61...

Page 35: ...N IPv6 Address Enter the IPv6 address assigned by your ISP for this WAN Prefix Length Enter the address prefix length to specify how many most significant bits in an IPv6 address compose the network address Default Gateway Enter the IP address of the next hop gateway The gateway is a router or switch on the same segment as your GPON Device s interface s The gateway helps forward packets to their d...

Page 36: ...f the IPv6 subnet mask provided by your ISP Apply Click Apply to save the changes Cancel Click Cancel to begin configuring this screen afresh Table 6 Internet Access Setup IP continued LABEL DESCRIPTION Table 7 Internet Access Setup Bridging LABEL DESCRIPTION General WAN interface type Select Bridging as the method of encapsulation used by your ISP from the drop down list box Bridging LAN ports Se...

Page 37: ...e the changes Cancel Click Cancel to begin configuring this screen afresh Table 7 Internet Access Setup Bridging continued LABEL DESCRIPTION Table 8 802 1Q VLAN ID Edit LABEL DESCRIPTION Provisioned VLAN Pbit The available VLAN Pbit values provisioned by the OLT are listed in this column You can select a VLAN Pbit to be used by this WAN interface Status This column displays the current status of t...

Page 38: ...Default Gateway The following table describes the labels in this screen Table 9 Default Gateway LABEL DESCRIPTION WAN Interface Select a WAN interface you want to act as the default gateway WAN Status This displays if the interface displayed in the WAN Interface column is Up or Down Apply Click Apply to save the changes Cancel Click this to restore your previously saved settings ...

Page 39: ...g The LAN screens can help you configure a LAN DHCP server and manage IP addresses 5 1 1 What You Need to Know The following terms and concepts may help as you read through this chapter LANs WANs and the GPON Device The actual physical connection determines whether the GPON Device ports are LAN or WAN ports There are two separate IP networks one inside the LAN network and the other outside the WAN...

Page 40: ...your network in dotted decimal notation for example 255 255 255 0 factory default Your GPON Device automatically computes the subnet mask based on the IP Address you enter so do not change this field unless you are instructed to do so DHCP Setup DHCP Select whether to have the GPON Device act as a DHCP Server Select Server to have the GPON Device assign IP addresses and provide subnet mask gateway...

Page 41: ...ver Second DNS Server Third DNS Server Select FromISP if the ISP dynamically assigns DNS server information and the GPON Device s WAN IP address Select UserDefined if you have the IP address of a DNS server Enter the DNS server s IP address in the field to the right Select DNS Relay to have the GPON Device act as a DNS proxy only when the ISP uses IPCP DNS server extensions The GPON Device s LAN I...

Page 42: ... IP Address This field displays the IP address relative to the field listed above MAC Address The MAC Media Access Control or Ethernet address on a LAN Local Area Network is unique to your computer six pairs of hexadecimal notation A network interface card such as an Ethernet adapter has a hardwired address that is assigned at the factory This address follows an industry standard that ensures no o...

Page 43: ...ve the GPON Device automatically use 1G 100M or 10M depending on the device connected to the port You can also manually select one of these speeds Duplex Select Auto to have the GPON Device automatically use full or half duplex depending on the device connected to the port You can also manually select a Full or Half duplex Apply Click Apply to save the changes Cancel Click this to restore your pre...

Page 44: ...Chapter 5 LAN PMG5318 B20A User s Guide 44 ...

Page 45: ...mation with radios attached to other computers Like walkie talkies most wireless networking devices operate at radio frequency bands that are open to the public and do not require a license to use However wireless networking is different from that of most traditional radio communications in that there a number of wireless networking standards available with different methods of data encryption SSI...

Page 46: ... option supported by all the devices in your network Do the other wireless devices in your network support WPS Wi Fi Protected Setup If so you can set up a well secured network very easily Even if some of your devices support WPS and some do not you can use WPS to set up your network and then add the non WPS devices manually although this is somewhat more complicated to do What advanced options do...

Page 47: ...elect this check box to hide the SSID in the outgoing beacon frame so a station cannot obtain the SSID through scanning using a site survey tool Power Level Select the wireless transmission power High Medium Low of the GPON Device If there is a high density of wireless APs in an area decrease the power level to reduce interference with other APs Channel Selection Set the operating channel manually...

Page 48: ...ble to any wireless networking device that is within range Figure 20 Network Wireless LAN Security No Security The following table describes the labels in this screen 6 3 2 WEP Encryption Use this screen to configure and enable WEP encryption Click Network Wireless LAN Security to display the Security screen Select Static WEP from the Security Mode list Table 14 Network Wireless LAN Security No Se...

Page 49: ...ecurity Static WEP The following table describes the wireless LAN security labels in this screen Table 15 Network Wireless LAN Security Static WEP LABEL DESCRIPTION SSID Select Select the SSID for which you are configuring security settings Security Mode Choose Static WEP from the drop down list box Passphrase Enter a passphrase up to 32 printable characters and click Generate The GPON Device auto...

Page 50: ...k box is available only when you select WPA2 PSK in the Security Mode field Select the check box to have both WPA PSK wireless clients be able to communicate with the GPON Device even when the GPON Device is using WPA2 PSK Pre Shared Key The encryption mechanisms used for WPA 2 and WPA 2 PSK are the same The only difference between the two is that WPA 2 PSK uses a simple common password instead of...

Page 51: ...vice is using WPA2 Authentication Server IP Address Enter the IP address of the external authentication server in dotted decimal notation Port Number Enter the port number of the external authentication server The default port number is 1812 You need not change this value unless your network administrator instructs you to do so with additional information Shared Secret Enter a password up to 31 al...

Page 52: ...of the device you want to connect to using WPS The PIN is not necessary when you use WPS push button method Click the Generate button to have the Device create a new PIN WPS Status This displays Configured when the GPON Device has connected to a wireless network using WPS or Enable WPS is selected and wireless or wireless security settings have been changed The current wireless and wireless securi...

Page 53: ...add another WPS enabled wireless device within wireless range of the GPON Device to your wireless network This button may either be a physical button on the outside of device or a menu button similar to the Push Button on this screen Note You must press the other wireless device s WPS button within two minutes of pressing this button Or input station s PIN number Enter the PIN of the device that y...

Page 54: ...ice MAC addresses not listed can access the GPON Device Select Allow to permit access to the GPON Device MAC addresses not listed cannot access to the GPON Device SSID Select Select the SSID for which you want to configure MAC filter settings Enable MAC Filter Select the check box to enable MAC address filtering for the selected SSID This is the index number of the MAC address MAC Address Enter th...

Page 55: ...tions to the GPON Device Apply Click this to save your changes Cancel Click this to restore your previously saved settings Table 20 Network Wireless LAN MAC Filter LABEL DESCRIPTION Table 21 Network Wireless LAN WMM LABEL DESCRIPTION Enable WMM SSID1 4 This enables the Device to automatically give a service a priority level according to the ToS value in the IP header of packets it sends WMM QoS Wi...

Page 56: ...ield displays the MAC address for the wireless adapter of the wireless client RSSI0 1 This field displays the Received Signal Strength Indication RSSI which is an overall measurement of radio signal strength A higher RSSI level indicates a stronger signal An RSSI displays for each of the GPON Device s antennae Association Time This field displays the length of time the wireless client has been con...

Page 57: ...en access points and wireless clients extending a network s range Traditionally a wireless network operates in one of two ways An infrastructure type of network has one or more access points and one or more wireless clients The wireless clients connect to the access points An ad hoc type of network is one in which there is no access point Wireless clients connect to one another in order to exchang...

Page 58: ...or 6 9 3 Wireless Security Overview By their nature radio communications are simple to intercept For wireless data networks this means that anyone within range of a wireless network without security can not only read the data passing over the airwaves but also join the network Once an unauthorized person has access to Table 24 Additional Wireless Terms TERM DESCRIPTION RTS CTS Threshold In a wirel...

Page 59: ...r network who should use security Everybody who uses any wireless network should ensure that effective security is in place A good way to come up with effective security keys passwords and so on is to use obscure information that you personally will easily remember and to enter it in a way that appears random and does not include real words For example if your mother owns a 1970 Dodge Challenger a...

Page 60: ... wireless devices can still see the information that is sent in the wireless network even if they cannot use the wireless network Furthermore there are ways for unauthorized wireless users to get a valid user name and password Then they can use that user name and password to use the wireless network 6 9 3 4 Encryption Wireless networks can use encryption to protect the information that is sent in ...

Page 61: ... must have the same key 6 9 4 Signal Problems Because wireless networks are radio networks their signals are subject to limitations of distance interference and absorption Problems with distance occur when the two radios are too far apart Problems with interference occur when other radio waves interrupt the data signal Interference may come from other radio transmissions such as military or air tr...

Page 62: ...can then assign varying QoS priorities and or security modes to different SSIDs Wireless devices can use different BSSIDs to associate with the same AP 6 9 6 1 Notes on Multiple BSSs A maximum of eight BSSs are allowed on one AP simultaneously You must use different keys for different BSSs If two wireless devices have different BSSIDs they are in different BSSs but have the same keys they may hear...

Page 63: ...ake sure Depending on the devices you have you can either press a button on the device itself or in its configuration utility or enter a PIN a unique Personal Identification Number that allows one device to authenticate the other in each of the two devices When WPS is activated on a device it has two minutes to find another device that also has WPS activated Then the two devices connect and set up...

Page 64: ...resents its PIN to the second device If the PIN matches one device sends the network and security information to the other allowing it to join the network Take the following steps to set up a WPS connection between an access point or wireless router referred to here as the AP and a client device using the PIN method 1 Ensure WPS is enabled on both devices 2 Access the WPS section of the AP s confi...

Page 65: ...evice acts as the enrollee the device that receives network and security settings The registrar creates a secure EAP Extensible Authentication Protocol tunnel and sends the network name SSID and the WPA PSK or WPA2 PSK pre shared key to the enrollee Whether WPA PSK or WPA2 PSK is used depends on the standards supported by the devices If the registrar is already part of a network it sends the exist...

Page 66: ...that it is not part of an existing network and can act as either enrollee or registrar if it supports both functions If the registrar is unconfigured the security settings it transmits to the enrollee are randomly generated Once a WPS enabled device has connected to another device using WPS it becomes configured A configured wireless client can still act as enrollee or registrar in subsequent WPS ...

Page 67: ...rk You know that Client 1 supports registrar mode but it is better to use AP1 for the WPS handshake with the new client since you must connect to the access point anyway in order to use the network In this case AP1 must be the registrar since it is configured it already has security information for the network AP1 supplies the existing security information to Client 2 Figure 36 WPS Example Network...

Page 68: ...wo enrollees and one registrar you must set up the first enrollee by pressing the WPS button on the registrar and the first enrollee for example then check that it successfully enrolled then set up the second device in the same way WPS works only with other WPS enabled devices However you can still add non WPS devices to a network you already set up using WPS WPS works by automatically issuing a r...

Page 69: ... if this has happened WPS works between only two devices simultaneously so if another device has enrolled your device will be unable to enroll and will not have access to the network If this happens open the access point s configuration interface and look at the list of associated clients usually displayed by MAC address It does not matter if the access point is the WPS registrar the enrollee or w...

Page 70: ...Chapter 6 Wireless LAN PMG5318 B20A User s Guide 70 ...

Page 71: ...an outside host is never changed NAT Definitions Inside outside denotes where a host is located relative to the GPON Device for example the computers of your subscribers are the inside hosts while the web servers on the Internet are the outside hosts Global local denotes the IP address of a host in a packet as the packet traverses a router for example the local address refers to the IP address of ...

Page 72: ...he original IP source address in each packet and then forwards it to the Internet The GPON Device keeps track of the original addresses and port numbers so incoming reply packets can have their original values restored The following figure illustrates this Figure 38 How NAT Works Local This refers to the packet address source or destination as the packet travels on the LAN Global This refers to th...

Page 73: ...dress of the desired server The port number identifies a service for example web service is on port 80 and FTP on port 21 In some cases such as for unknown services or where one server can support more than one service for example both FTP and web service it might be better to specify a range of port numbers You can allocate a server IP address that corresponds to a port or a range of ports Intern...

Page 74: ...P Address You can assign a default server IP address to which the GPON Device can forward traffic for all protocols such as TCP UDP ICMP ping ESP and so on that do not match an existing port forwarding rule Note If you do not assign a Default Server IP address the GPON Device discards all packets received for ports that are not specified in a port forwarding rule or in the remote management setup ...

Page 75: ...gnate it as the GPON Device s default server Port forwarding rule 1 R1 sends all TCP UDP traffic that matches the rule to 192 168 0 17 while port forwarding rule 2 R2 sends TCP UDP traffic that matches to 192 168 0 106 Everything else NR goes to 192 168 0 202 For details on assigning a default server IP address see Section 7 3 on page 76 7 2 4 Configuring Servers Behind Port Forwarding Example Let...

Page 76: ...e LAN IP addresses and the ISP assigns the WAN IP address The NAT network appears as a single host on the Internet Figure 41 Multiple Servers Behind NAT Example 7 3 Configuring Port Forwarding Click Network NAT Port Forwarding to open the following screen Figure 42 Port Forwarding ...

Page 77: ...f the server for the specified service Add Click this button to add a rule to the table below This is the rule index number read only Active This field indicates whether the rule is active or not Clear the check box to disable the rule Select the check box to enable it Service Name This field displays the name of the service used by the packets for this virtual server Start Port This is the first ...

Page 78: ...nable it Service Name This field displays the name of the service used by the packets for this virtual server Start Port This is the first internal or external port number that identifies a service End Port This is the last internal or external port number that identifies a service Server IP Address This field displays the inside IP address of the server Protocol This field displays the correspond...

Page 79: ... labels in this screen Table 29 Network QoS General LABEL DESCRIPTION Enable QoS Use this field to turn on QoS to improve your network performance Service Configuration Use this section to configure the DSCP and priority bit settings for VoIP SIP VoIP RTP RTSP IGMP and TR069 traffic DSCP This is the DSCP number 0 63 added to traffic of this classifier Pbit This is the IEEE 802 1p priority level 0 ...

Page 80: ...Chapter 8 Quality of Service QoS PMG5318 B20A User s Guide 80 ...

Page 81: ...h this chapter SIP The Session Initiation Protocol SIP is an application layer control signaling protocol that handles the setting up altering and tearing down of voice and multimedia sessions over the Internet SIP signaling is separate from the media for which it handles sessions The media that is exchanged during the session can use a different path from that of the signaling SIP handles telepho...

Page 82: ...VoIP provider com then VoIP provider com is the SIP service domain 9 2 SIP Service Provider Use this screen to maintain basic information about each SIP account Your VoIP service provider the company that lets you make phone calls over the Internet should provide this You can also enable and disable each SIP account To access this screen click VoIP SIP Figure 45 VoIP SIP SIP Service Provider ...

Page 83: ...vider profile for SIP phone calls Service Provider Name Enter your SIP service provider s name using up to 64 printable English keyboard characters SIP Server Address Enter the IP address or domain name of the SIP server provided by your VoIP service provider You can use up to 256 printable English keyboard characters It does not matter whether the SIP server is a proxy redirect or register server...

Page 84: ...r might have a different expiration which takes priority over this setting Register Re send Timer Enter the number of seconds the GPON Device waits before it tries again to register the SIP account if the first try failed or if there is no response Session Expires Enter the number of seconds the SIP server waits for a keep alive signal from the GPON Device before disconnecting the call The keep al...

Page 85: ...the GPON Device waits before placing a dialed call DTMF Method DTMF Mothod Selection Control how the GPON Device handles the alphanumeric keypad tones You should use the same mode the VoIP service provider uses RFC 2833 send the DTMF tones in RTP packets InBand send the DTMF tones in the voice data stream This method works best when you are using a codec that does not use compression Codecs that u...

Page 86: ...e number after the colon replaces the number before the colon in an angle bracket For example 1212 xxxxxxx means the GPON Device automatically prefixes the translated number 1212 to the number you dialed before making the call This can be used for local calls in the US 9 xxx xxxxxxx means the GPON Device automatically removes the specified prefix 9 from the number you dialed before making the call...

Page 87: ...Chapter 9 Voice PMG5318 B20A User s Guide 87 9 3 SIP Account Use this screen to set up your basic SIP account information Click VoIP SIP SIP Account to display this screen Figure 46 VoIP SIP SIP Account ...

Page 88: ...e user name for registering this SIP account exactly as it was given to you You can use up to 128 printable English keyboard characters Apply Click this to save your changes Cancel Click this to exit the screen without saving any changes Advanced Click this to display the following advanced settings for this SIP account Voice Feature Speaking Volume Adjust the incoming Listening volume The options...

Page 89: ...r Select this to enable call transfer on the GPON Device This allows you to transfer an incoming call that you have answered to another phone Active Call Waiting Select this to enable call waiting on the GPON Device This allows you to place a call on hold while you answer another incoming call on the same telephone directory number Call Waiting Reject Timer Enter the number of seconds for call wai...

Page 90: ...o call the phone number Table 32 VoIP Phone Analog Phone LABEL DESCRIPTION Phone Port Selection Phone Port Selection Select a phone port to configure on this screen Phone to SIP Account SIP Account This indicates the SIP account mapping to the phone port for both incoming and outgoing calls Select None to disable the phone port so you cannot receive and make calls through the phone port SIP Number...

Page 91: ...Click this to use the information in the Speed Dial section to update the Speed Dial Phone Book section Speed Dial Phone Book Use this section to look at all the speed dial entries and to erase them This field displays the speed dial number you should dial to use this entry Number This field displays the SIP number the GPON Device calls when you dial the speed dial number Destination This field is...

Page 92: ...G5318 B20A User s Guide 92 Clear Click this to erase all the speed dial entries Cancel Click this to set every field in this screen to its last saved value Table 33 VoIP Phone Book Speed Dial continued LABEL DESCRIPTION ...

Page 93: ...numbers that use letters Dial the speed dial entry on your telephone s keypad Use your VoIP service provider s dialing plan to call regular telephone numbers 10 3 Using Speed Dial After configuring the speed dial entry and adding it to the phonebook press the speed dial entry s key combination on your phone s keypad 10 4 Phone Services Overview Supplementary services such as call hold call waiting...

Page 94: ...issue the sub command before the default sub command timeout 2 seconds expires or issue an invalid sub command the current operation will be aborted 10 4 2 1 Call Hold Call hold allows you to put a call A on hold by pressing the flash key If you have another call press the flash key and then 1 or 2 depending on whether it is the first or second incoming call to switch back and forth between caller...

Page 95: ... call on hold Press the flash key and then press 2 Reject the second call Press the flash key and then press 0 Put the second call on hold and answer the first call Press the flash key and then 1 You can then press the flash key and then 2 to answer the second call but put the first call on hold 10 4 2 3 Call Transfer Do the following to transfer an incoming call that you have answered to another ...

Page 96: ...Chapter 10 Phone Usage PMG5318 B20A User s Guide 96 ...

Page 97: ... each USB device connected to the GPON Device is given a folder called a share If a USB hard drive connected to the GPON Device has more than one partition then each partition will be allocated a share You can also configure a share to be a sub folder or file on the USB device File Systems A file system is a way of storing and organizing files on your hard drive and storage device Often different ...

Page 98: ...ork has restrictions set up that do not allow devices to join a workgroup In this case contact your network administrator 11 2 1 Before You Begin Make sure the GPON Device is connected to your network and turned on 1 Connect the USB device to one of the GPON Device s USB port Make sure the GPON Device is connected to your network 2 The GPON Device detects the USB device and makes its contents avai...

Page 99: ...s to activate file sharing through the GPON Device Host Name This field shows the configured host name of the GPON Device Workgroup Name You can add the GPON Device to an existing or new workgroup on your network Enter the name of the workgroup which your GPON Device automatically joins You can set the GPON Device s workgroup name to be exactly the same as the workgroup name to which your computer...

Page 100: ...to disable the account Status This field displays the status of the user account User Name This field displays the name of the user account Modify Click the Edit icon to modify the user account Click the Remove icon to remove the user account from the list Note that you cannot remove the default superuser account Apply Click this to save your changes to the GPON Device Cancel Click this to set eve...

Page 101: ...ces PMG5318 B20A User s Guide 101 Apply Click this to save your changes to the GPON Device Cancel Click this to set every field in this screen to its last saved value Table 37 Account Management Add Edit LABEL DESCRIPTION ...

Page 102: ...Chapter 11 USB Services PMG5318 B20A User s Guide 102 ...

Page 103: ...the GPON Device coming in from the WAN Figure 54 Remote Management From the WAN You may manage your GPON Device from a remote location via Internet WAN only ALL LAN and WAN LAN only None Disable To disable remote management of a service select Disable in the corresponding Access Status field You may only have one remote management session running at a time The GPON Device automatically disconnects...

Page 104: ...ng You may only have one remote management session running at one time Remote Management and NAT When NAT is enabled Use the GPON Device s WAN IP address when configuring from the WAN Use the GPON Device s LAN IP address when configuring from the LAN System Timeout There is a default system management idle timeout of five minutes three hundred seconds The GPON Device automatically logs you out if ...

Page 105: ...elect the interface s through which a computer may access the GPON Device using this service Note WAN refers to traffic from the Management WAN interface Traffic from other WAN interfaces will be dropped Secured Client IP A secured client is a trusted computer that is allowed to communicate with the GPON Device using this service Select All to allow any computer to access the GPON Device using thi...

Page 106: ... access can come Figure 57 Remote Management FTP Table 39 Remote Management Telnet LABEL DESCRIPTION Access Status Select the interface s through which a computer may access the GPON Device using this service Note WAN refers to traffic from the Management WAN interface Traffic from other WAN interfaces will be dropped Secured Client IP A secured client is a trusted computer that is allowed to comm...

Page 107: ...er may access the GPON Device using this service Note WAN refers to traffic from the Management WAN interface Traffic from other WAN interfaces will be dropped Secured Client IP A secured client is a trusted computer that is allowed to communicate with the GPON Device using this service Select All to allow any computer to access the GPON Device using this service Choose Selected to just allow the ...

Page 108: ...Device using this service Note WAN refers to traffic from the Management WAN interface Traffic from other WAN interfaces will be dropped Secured Client IP A secured client is a trusted computer that is allowed to send SSH queries to the GPON Device Select All to allow any computer to send SSH queries to the GPON Device Choose Selected to just allow the computer with the IP address that you specify...

Page 109: ...lication to operate through NAT UPnP network devices can automatically configure network addressing announce their presence in the network to other UPnP devices and enable exchange of simple product and service descriptions NAT traversal allows the following Dynamic port mapping Learning public IP addresses Assigning lease times to mappings Windows Messenger is an example of an application that su...

Page 110: ...n Windows XP 1 Click Start and Control Panel Double click Add Remove Programs Table 43 Remote Management UPNP LABEL DESCRIPTION Access Status Select the interface s through which a computer may access the GPON Device using UPnP Be aware that anyone could use a UPnP application to open the web configurator s login screen without entering the GPON Device s IP address although you must still enter th...

Page 111: ...ces window select the Internet Gateway Device Discovery and Control Client and Universal Plug and Play check boxes Add Remove Programs Windows Setup Communication Components 4 Click OK to go back to the Windows Components Wizard window and click Next 5 Click Finish 12 7 3 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP You must already have UPnP in...

Page 112: ...e Auto discover Your UPnP enabled Network Device 1 Click Start and Control Panel Double click Network Connections An icon displays under Internet Gateway 2 Right click the icon and select Properties Network Connections 3 In the Internet Connection Properties window click Settings to see the port mappings there were automatically created Internet Connection Properties ...

Page 113: ...s Internet Connection Properties Advanced Settings Internet Connection Properties Advanced Settings Add 5 When the UPnP enabled device is disconnected from your computer all port mappings will be deleted automatically 6 Select Show icon in notification area when connected option and click OK An icon displays in the system tray System Tray Icon ...

Page 114: ...With UPnP you can access the web based configurator on the GPON Device without finding out the IP address of the GPON Device first This comes helpful if you do not know the IP address of the GPON Device Follow the steps below to access the web configurator 1 Click Start and then Control Panel 2 Double click Network Connections 3 Select My Network Places under Other Places Network Connections ...

Page 115: ...e Equipment CPE for example your GPON Device can be managed over the WAN by an Auto Configuration Server ACS TR 069 is based on sending Remote Procedure Calls RPCs between an ACS and a client device RPCs are sent in Extensible Markup Language XML format over HTTP or HTTPS An administrator can use an ACS to remotely set up the GPON Device modify settings perform firmware upgrades as well as monitor...

Page 116: ...r Name Enter the connection request user name When the ACS makes a connection request to the GPON Device this user name is used to authenticate the ACS Connection Request Password Enter the connection request password When the ACS makes a connection request to the GPON Device this password is used to authenticate the ACS PeriodicInform Enable Select this to have the GPON Device periodically send i...

Page 117: ...Chapter 12 Remote Management PMG5318 B20A User s Guide 117 ...

Page 118: ...Chapter 12 Remote Management PMG5318 B20A User s Guide 118 ...

Page 119: ...ot reachable through the default gateway use static routes For example the next figure shows a computer A connected to the GPON Device s LAN interface The GPON Device routes most traffic from A to the Internet through the GPON Device s default gateway R1 You create one static route to connect to services offered by the ISP behind router R2 You create another static route to communicate with a sepa...

Page 120: ...ribes or identifies this route Destination This parameter specifies the IP network address of the final destination Routing is always based on network number Netmask This parameter specifies the IP network subnet mask of the final destination Gateway This is the IP address of the gateway The gateway is a router or switch on the same network segment as the device s LAN or WAN port The gateway helps...

Page 121: ...he name of the IP static route Leave this field blank to delete this static route Destination IP Address This parameter specifies the IP network address of the final destination Routing is always based on network number If you need to specify a route to a single host use a subnet mask of 255 255 255 255 in the subnet mask field to force the network number to be identical to the host ID IP Subnet M...

Page 122: ...Chapter 13 Static Route PMG5318 B20A User s Guide 122 ...

Page 123: ...s each time you reconnect Your friends or relatives will always be able to call you even if they don t know your IP address First of all you need to have registered a dynamic DNS account with www dyndns org This is for people with a dynamic IP from their ISP or DHCP server that would still like to have a domain name The Dynamic DNS service provider will give you a password or key 14 1 1 What You N...

Page 124: ...ce that you are registered for from your Dynamic DNS service provider Host Name Type the domain name assigned to your GPON Device by your Dynamic DNS provider You can specify up to two host names in the field separated by a comma User Name Type your user name Password Type the password assigned to you Enable Wildcard Option Select the check box to enable DynDNS Wildcard This option is only availab...

Page 125: ... IP address of the NAT router that has a public IP address Note The DDNS server may not be able to detect the proper IP address if there is an HTTP proxy server between the GPON Device and the DDNS server Use specified IP Address Type the IP address of the host name s Use this if you have a static IP address Apply Click Apply to save your changes Cancel Click Cancel to restore your previously save...

Page 126: ...Chapter 14 Dynamic DNS PMG5318 B20A User s Guide 126 ...

Page 127: ... and Ping of Death attacks whether the firewall is enabled or disabled The following figure illustrates the firewall action User A can initiate an IM Instant Messaging session from the LAN to the WAN 1 Return traffic for this session is also allowed 2 However other traffic initiated from the WAN is blocked 3 and 4 Figure 66 Default Firewall Action 15 1 1 What You Can Do in the Firewall Screens Use...

Page 128: ...y causing denial of service for users of the targeted system LAND Attack In a Local Area Network Denial LAND attack hackers flood SYN packets into the network with a spoofed source IP address of the target system This makes it appear as if the host computer sent the packets to itself making the system unavailable while the target system tries to respond to itself Ping of Death Ping of Death uses a...

Page 129: ...ported ports are probed ICMP Internet Control Message Protocol ICMP is a message control and error reporting protocol between a host server and a gateway to the Internet ICMP uses Internet Protocol IP datagrams but the messages are processed by the TCP IP software and directly apparent to the application user DoS Thresholds For DoS attacks the GPON Device uses thresholds to determine when to drop ...

Page 130: ...are requested Therefore an outside user will not be able to determine the ONT exists Packet Direction This is the direction of travel of packets LAN to WAN WAN to LAN Firewall rules are grouped based on the direction of travel of packets to which they apply For example LAN to WAN means packets traveling from a computer subnet on the LAN to the WAN Default Action Use the drop down list boxes to sel...

Page 131: ...s is your firewall rule number The ordering of your rules is important as rules are applied in turn Active This field displays whether a firewall is turned on or not Select the check box to enable the rule Clear the check box to disable the rule Source IP This column displays the source addresses or ranges of addresses to which this firewall rule applies Please note that a blank source or destinat...

Page 132: ...ation on the labels Figure 69 Security Firewall Rules Add Order Click the Move icon to display the Move the rule to field Type a number in the Move the rule to field and click the Move button to move the rule to the number that you typed The ordering of your rules is important as they are applied in order of their numbering Apply Click this to save your changes Cancel Click this to restore your pr...

Page 133: ...match this rule IP Version Type Select the IP version IPv4 or IPv6 to apply this firewall rule to Log This field determines if a log for packets that match the rule is created or not Source Destination Address Address Type Do you want your rule to apply to packets with a particular single IP a range of IP addresses for instance 192 168 1 10 to 192 169 1 50 a subnet or any IP address Select an opti...

Page 134: ... number or range that defines your customized service Modify Click this to go to the Firewall Customized Services Config screen to edit a customized service Add Click this to go to the Firewall Customized Services Config screen to configure a customized service Back Click this to return to the Firewall Edit Rule screen Table 52 Security Firewall Rules Edit Edit Customized Services Config LABEL DES...

Page 135: ...ch computers on the LAN can access which computers or services on the WAN By default the GPON Device s stateful packet inspection drops packets traveling in the following directions WAN to LAN These rules specify which computers on the WAN can access which computers or services on the LAN Note You also need to configure NAT port forwarding or full featured NAT address mapping rules to allow comput...

Page 136: ...es to block packets for the services at specific interfaces 11 Protect against IP spoofing by making sure the firewall is active 12 Keep the firewall in a secured locked room 15 4 3 Security Considerations Note Incorrectly configuring the firewall may block valid access or introduce security risks to the GPON Device and your protected network Use caution when creating or deleting firewall rules an...

Page 137: ...em Name is for identification purposes However because some ISPs check this name you should enter your computer s Computer Name In Windows 2000 click Start Settings Control Panel and then double click System Click the Network Identification tab and then the Properties button Note the entry for the Computer name field and enter it as the System Name In Windows XP click Start My Computer View system...

Page 138: ...ent session either via the web configurator or telnet can be left idle before the session times out The default is 5 minutes After it times out you have to log in with your password again Very long idle timeouts may have security risks A value of 0 means a management session never times out no matter how long it has been left idle not recommended Password Old Password Type the default password or ...

Page 139: ...ate This field displays the date of your GPON Device Each time you reload this page the GPON Device synchronizes the date with the time server Time and Date Setup Get from Time Server Select this radio button to have the GPON Device get the time and date from the time server you specified below Time Protocol Indicates that the GPON Device uses the NTP format which displays a 4 byte integer giving ...

Page 140: ... shown Figure 74 System SLID The following table describes the fields in this screen Table 55 System SLID LABEL DESCRIPTION Enable SLID Select this to enable use of SLID SLID Value Enter the SLID used for gaining access to the service provider s network Apply Click Apply to save your changes back to the GPON Device Cancel Click Cancel to begin configuring this screen afresh ...

Page 141: ...een see Section 17 3 on page 142 Log entries in red indicate alerts The log wraps around and deletes the old entries after it fills Click a column heading to sort the entries A triangle indicates ascending or descending sort order Figure 75 View Log The following table describes the fields in this screen Table 56 View Log LABEL DESCRIPTION Display The categories that you select in the Log Settings...

Page 142: ...age from the device s DNS forwarder pppoe This indicates a log message from the device s Point to Point Protocol daemon kernel This indicates a log message related to the device s Central Processing Unit CPU memory and I O ports OMCI This indicates a log message about the GPON OMCI Protocol daemon VoIP This indicates a log a message from the SIP server Level This indicates the log severity Message...

Page 143: ...lds in this screen Table 57 Log Settings LABEL DESCRIPTION Active Log Log Type Select the type of log you want to be displayed on the View Logs screen Apply Click Apply to save your customized settings and exit this screen Cancel Click Cancel to return to the previously saved settings ...

Page 144: ...Chapter 17 Logs PMG5318 B20A User s Guide 144 ...

Page 145: ... configuration file if you want to return the device to the original default settings The firmware determines the device s available features and functionality 18 1 1 Some Warnings The following are some friendly reminders about your device Do NOT turn off the GPON Device while a firmware upload is in progress Only use firmware for your device s specific model Refer to the label on the bottom of y...

Page 146: ...tatus screen If the upload was not successful the following screen will appear Click Return to go back to the Firmware screen Table 58 Firmware Upgrade LABEL DESCRIPTION Current Firmware Version This is the present Firmware version and the date created File Path Type in the location of the file you want to upload in this field or click Browse to find it Browse Click Browse to find the bin file you...

Page 147: ...tion file before making configuration changes The backup configuration file will be useful in case you need to return to your previous settings Click Backup to save the GPON Device s current configuration to your computer 18 3 2 Restore Configuration Restore Configuration allows you to upload a new or previously saved configuration file from your computer to your GPON Device Table 59 Restore Confi...

Page 148: ...0 0 138 If the upload was not successful the following screen will appear Click Return to go back to the Configuration screen 18 3 3 Reset to Factory Defaults Click the Reset button to clear all user entered configuration information and return the GPON Device to its factory defaults You can also press the RESET button on the rear panel to reset the factory defaults of your GPON Device 18 4 Restar...

Page 149: ...Click Maintenance Diagnostic to open the screen shown next Figure 80 Diagnostic General The following table describes the fields in this screen Table 60 Diagnostic General LABEL DESCRIPTION TCP IP Address Type the IP address of a computer that you want to ping in order to test a connection Ping Click this button to ping the IP address that you entered from the GPON Device ...

Page 150: ...Chapter 19 Diagnostic PMG5318 B20A User s Guide 150 ...

Page 151: ...ord included with the GPON Device 3 Make sure the power adaptor or cord is connected to the GPON Device and plugged in to an appropriate power source Make sure the power source is turned on 4 Turn the GPON Device off and on 5 If the problem continues contact the vendor One of the LEDs does not behave as expected 1 Make sure you understand the normal behavior of the LED The PON LED turns red if the...

Page 152: ...dress for the GPON Device 2 Check the hardware connections and make sure the LEDs are behaving as expected See Section 1 5 on page 11 3 Make sure your Internet browser does not block pop up windows and has Javascript and Java enabled 4 Reset the device to its factory defaults and try to access the GPON Device with the default IP address See Section 1 6 on page 12 5 If the problem continues contact...

Page 153: ...ure Caps Lock is not on See Section 1 5 on page 11 for details about the other LEDs 2 Make sure you entered the ISP account information correctly in the wizard These fields are case sensitive so make sure Caps Lock is not on 3 Disconnect all the cables from your device and follow the directions in Section 1 5 on page 11 again 4 If the problem continues contact the ISP I cannot access the Internet ...

Page 154: ...strator or vendor or try one of the advanced suggestions 20 5 Phone Calls and VoIP The telephone port won t work or the telephone lacks a dial tone 1 Check the telephone connections and telephone wire I can access the Internet but cannot make VoIP calls 1 The PHONE light should come on Make sure that your telephone is connected to the PHONE port 2 You can also check the VoIP status in the Status s...

Page 155: ...se have the following information ready when you contact an office Required Information Product model and serial number Warranty Information Date that you received your device Brief description of the problem and the steps you took to solve it Corporate Headquarters Worldwide Taiwan ZyXEL Communications Corporation http www zyxel com Asia China ZyXEL Communications Shanghai Corp ZyXEL Communicatio...

Page 156: ...l com pk Philippines ZyXEL Philippines http www zyxel com ph Singapore ZyXEL Singapore Pte Ltd http www zyxel com sg Taiwan ZyXEL Communications Corporation http www zyxel com Thailand ZyXEL Thailand Co Ltd http www zyxel co th Vietnam ZyXEL Communications Corporation Vietnam Office http www zyxel com vn vi Europe Austria ZyXEL Deutschland GmbH http www zyxel de Belarus ZyXEL BY http www zyxel by ...

Page 157: ...ommunications Czech s r o http www zyxel cz Denmark ZyXEL Communications A S http www zyxel dk Estonia ZyXEL Estonia http www zyxel com ee et Finland ZyXEL Communications http www zyxel fi France ZyXEL France http www zyxel fr Germany ZyXEL Deutschland GmbH http www zyxel de Hungary ZyXEL Hungary SEE http www zyxel hu Latvia ZyXEL Latvia http www zyxel com lv lv homepage shtml ...

Page 158: ...yXEL Communications http www zyxel no Poland ZyXEL Communications Poland http www zyxel pl Romania ZyXEL Romania http www zyxel com ro ro Russia ZyXEL Russia http www zyxel ru Slovakia ZyXEL Communications Czech s r o organizacna zlozka http www zyxel sk Spain ZyXEL Spain http www zyxel es Sweden ZyXEL Communications http www zyxel se Switzerland Studerus AG http www zyxel ch ...

Page 159: ... Latin America Argentina ZyXEL Communication Corporation http www zyxel com ec es Ecuador ZyXEL Communication Corporation http www zyxel com ec es Middle East Egypt ZyXEL Communication Corporation http www zyxel com homepage shtml Middle East ZyXEL Communication Corporation http www zyxel com homepage shtml North America USA ZyXEL Communications Inc North America Headquarters http www us zyxel com...

Page 160: ...Appendix A Customer Support PMG5318 B20A User s Guide 160 Oceania Australia ZyXEL Communications Corporation http www zyxel com au en Africa South Africa Nology Pty Ltd http www zyxel co za ...

Page 161: ...rt 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This device generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications However there is no guarantee that interference will not occur in a part...

Page 162: ...d it there contact your vendor or ZyXEL Technical Support at support zyxel com tw To obtain the source code covered under those Licenses please contact your vendor or ZyXEL Technical Support at support zyxel com tw Safety Warnings To avoid possible eye injury do NOT look into an operating fiber optic module s connector Do NOT use this product near water for example in a wet basement or near a swim...

Page 163: ...as the WEEE mark WEEE stands for Waste Electronics and Electrical Equipment It means that used electrical and electronic products should not be mixed with general waste PRODUCT COMPLIES WITH 21 CFR 1040 10 AND 1040 11 PRODUIT CONFORME SELON 21CFR 1040 10 ET 1040 11 CLASS 1 LASER PRODUCT APPAREIL À LASER DE CLASSE 1 ...

Page 164: ...Appendix B Legal Information PMG5318 B20A User s Guide 164 ...

Page 165: ...ation wireless LAN 46 47 contact information 155 copyright 161 CTS threshold 58 customer support 155 customized services 133 134 D data fragment threshold 58 DDoS 128 default 148 default LAN IP address 15 Denials of Service see DoS DHCP 123 diagnostic 149 disclaimer 161 DNS 107 109 DoS 128 thresholds 129 dynamic DNS 123 DYNDNS wildcard 123 E encapsulation 25 PPP over Ethernet 25 encryption 60 WEP ...

Page 166: ...Internet access 10 Internet Control Message Protocol see ICMP IP address 74 IP address assignment 25 IP pool 40 41 L LAN setup 25 39 LAND attack 128 limitations wireless LAN 61 WPS 68 log out 15 log out automatic 15 logs 141 firewalls 131 133 M MAC address 54 filter 45 53 59 MAC address filter activation 54 managing the device good habits 9 MBSSID 62 multicast 26 multimedia 81 Multiple BSS see MBS...

Page 167: ...e management limitations 104 Remote Procedure Calls see RPCs 115 resetting your device 12 restore 147 RFC 1631 71 router features 10 RPPCs 115 RTS threshold 58 S security network 136 wireless LAN 58 Security Parameter Index see SPI server 139 Service Set IDentifier see SSID services 74 Session Initiation Protocol 81 setup wireless LAN 46 47 SIP 81 SIP account 81 SIP identities 81 SIP number 81 SIP...

Page 168: ... 58 60 BSS 61 example 62 channel 58 configuration 46 47 encryption 60 example 57 fragmentation threshold 58 limitations 61 MAC address filter 45 53 54 59 MBSSID 62 preamble 58 RADIUS server 60 RTS CTS threshold 58 security 58 SSID 45 47 59 WDS 62 example 63 WEP 48 60 key 49 WPA 61 WPA PSK 50 51 61 pre shared key 50 WPS 52 63 65 activation 52 adding stations 53 example 66 limitations 68 PIN 53 64 p...

Reviews:

No comments

Brands by name

Popular brands

Load more brands