ZyXEL Communications VMG1312-T10C User Manual Download Page 146 | Manualshive

Page: 146 / 238

background image

Chapter 14 Firewall

VMG1312-T10C User’s Guide

154

• Use the

Dos

screen (

Section 14.5 on page 162

) to set the thresholds that the Device uses to

determine when to start dropping sessions that do not become fully established (half-open
sessions).

14.1.2 What You Need to Know About Firewall

SYN Attack

A SYN attack floods a targeted system with a series of SYN packets. Each packet causes the
targeted system to issue a SYN-ACK response. While the targeted system waits for the ACK that
follows the SYN-ACK, it queues up all outstanding SYN-ACK responses on a backlog queue. SYN-
ACKs are moved off the queue only when an ACK comes back or when an internal timer terminates
the three-way handshake. Once the queue is full, the system will ignore all incoming SYN requests,
making the system unavailable for legitimate users.

DoS

Denials of Service (DoS) attacks are aimed at devices and networks with a connection to the
Internet. Their goal is not to steal information, but to disable a device or network so users no longer
have access to network resources. The Device is pre-configured to automatically detect and thwart
all known DoS attacks.

DDoS

A Distributed DoS (DDoS) attack is one in which multiple compromised systems attack a single
target, thereby causing denial of service for users of the targeted system.

LAND Attack

In a Local Area Network Denial (LAND) attack, hackers flood SYN packets into the network with a
spoofed source IP address of the target system. This makes it appear as if the host computer sent
the packets to itself, making the system unavailable while the target system tries to respond to
itself.

Ping of Death

Ping of Death uses a "ping" utility to create and send an IP packet that exceeds the maximum
65,536 bytes of data allowed by the IP specification. This may cause systems to crash, hang or
reboot.

SPI

Stateful Packet Inspection (SPI) tracks each connection crossing the firewall and makes sure it is
valid. Filtering decisions are based not only on rules but also context. For example, traffic from the
WAN may only be allowed to cross the firewall in response to a request from the LAN.

RFC 4890 SPEC Traffic

RFC 4890 specifies the filtering policies for ICMPv6 messages. This is important for protecting
against security threats including DoS, probing, redirection attacks and renumbering attacks that

«
...
144
145
146
147
148
...
»

Summary of Contents for VMG1312-T10C

Page 1: ...G1312 T10C Wireless 2x2 802 11n VDSL2 4 port Gateway with USB Version 1 14 Edition 1 7 2014 Copyright 2014 ZyXEL Communications Corporation User s Guide Default Login Details LAN IP Address http 192 168 1 1 User Name admin Password 1234 ...

Page 2: ... book may differ slightly from your product due to differences in your product firmware or your computer operating system Every effort has been made to ensure that the information in this manual is accurate Related Documentation Quick Start Guide The Quick Start Guide shows how to connect the Device and get up and running right away ...

Page 3: ...N Setup 35 Wireless 55 Home Networking 85 Static Route 115 Quality of Service QoS 119 Network Address Translation NAT 131 Port Binding 139 Dynamic DNS 145 Filter 147 Firewall 153 Parental Control 169 Certificates 173 System Monitor 181 User Account 187 TR 069 Client 189 System 191 Time Setting 193 Log Setting 195 Firmware Upgrade 199 Backup Restore 201 Remote Management 205 Diagnostic 217 Troubles...

Page 4: ...Contents Overview VMG1312 T10C User s Guide 4 ...

Page 5: ...6 1 4 1 Internet Access 16 1 5 Wireless Access 16 1 5 1 Using the WLAN WPS Button 17 1 6 The RESET Button 18 1 6 1 Using the Reset Button 18 1 7 LEDs Lights 18 Chapter 2 Introducing the Web Configurator 21 2 1 Overview 21 2 1 1 Accessing the Web Configurator 21 2 2 The Web Configurator Layout 23 2 2 1 Title Bar 23 2 2 2 Main Window 24 Chapter 3 Quick Start 25 3 1 Overview 25 3 2 Quick Start Setup ...

Page 6: ...up Screen 50 5 5 WAN Technical Reference 52 5 5 1 Encapsulation 52 5 5 2 Multiplexing 53 5 5 3 VPI and VCI 54 5 5 4 IP Address Assignment 54 Chapter 6 Wireless 55 6 1 Overview 55 6 1 1 What You Can Do in this Chapter 55 6 1 2 Wireless Network Overview 55 6 1 3 Before You Begin 57 6 2 Wireless General Screen 57 6 2 1 No Security 59 6 2 2 Basic Static WEP Shared WEP Encryption 59 6 2 3 More Secure W...

Page 7: ... 5 The UPnP Screen 92 7 6 The UPnP Rule Screen 92 7 7 The IPv6 LAN Setup Screen 93 7 8 The File Sharing Screen 97 7 8 1 Before You Begin 97 7 8 2 Edit File Sharing User 99 7 9 The Printer Server Screen 100 7 9 1 Before You Begin 100 7 10 Technical Reference 101 7 11 Installing UPnP in Windows Example 105 7 12 Using UPnP in Windows XP Example 108 Chapter 8 Static Route 115 8 1 Overview 115 8 1 1 Wh...

Page 8: ...131 10 1 2 What You Need To Know 131 10 2 The General Screen 132 10 3 The Port Forwarding Screen 132 10 3 1 The Port Forwarding Screen 133 10 3 2 The Port Forwarding Add Edit Screen 134 10 4 The DMZ Screen 135 10 5 The ALG Screen 136 10 6 Technical Reference 136 10 6 1 NAT Definitions 137 10 6 2 What NAT Does 137 10 6 3 How NAT Works 137 Chapter 11 Port Binding 139 11 1 Overview 139 11 2 The Port ...

Page 9: ...reen 162 14 5 1 The DoS Advanced Screen 163 14 5 2 Configuring Firewall Thresholds 164 14 6 Firewall Technical Reference 165 14 6 1 Firewall Rules Overview 165 14 6 2 Guidelines For Enhancing Security With Your Firewall 166 14 6 3 Security Considerations 166 14 6 4 Triangle Route 167 Chapter 15 Parental Control 169 15 1 Overview 169 15 2 The Parental Control Screen 169 15 2 1 Add Edit a Parental C...

Page 10: ... 2 The User Account Screen 187 Chapter 19 TR 069 Client 189 19 1 Overview 189 19 2 The TR 069 Client Screen 189 Chapter 20 System 191 20 1 Overview 191 20 2 The System Screen 191 Chapter 21 Time Setting 193 21 1 Overview 193 21 2 The Time Setting Screen 193 Chapter 22 Log Setting 195 22 1 Overview 195 22 2 The Log Setting Screen 196 Chapter 23 Firmware Upgrade 199 23 1 Overview 199 23 2 The Firmwa...

Page 11: ...uring SNMP 211 25 6 DNS Screen 212 25 7 ICMP Screen 213 25 8 SSH Screen 213 25 8 1 SSH Example 214 Chapter 26 Diagnostic 217 26 1 Overview 217 26 1 1 What You Can Do in the Diagnostic Screens 217 26 2 The Ping Screen 217 26 3 The DSL Line Screen 218 Chapter 27 Troubleshooting 223 27 1 Overview 223 27 2 Power Hardware Connections and LEDs 223 27 3 Device Access and Login 224 27 4 Internet Access 22...

Page 12: ...Table of Contents VMG1312 T10C User s Guide 12 ...

Page 13: ...13 PART I User s Guide ...

Page 14: ...14 ...

Page 15: ...nection via a 3G wireless card or share files via a USB memory stick or a USB hard drive The Device can also function as a print server with an USB printer connected Only use firmware for your Device s specific model Refer to the label on the bottom of your Device 1 2 Ways to Manage the Device Use any of the following methods to manage the Device Web Configurator Use a supported web browser to man...

Page 16: ... and filtering features on the Device for secure Internet access Set the firewall to allow responses from the Internet for traffic initiated from your network and block traffic initiated from the Internet This blocks probes from the outside to your network but lets you safely browse the Internet and download files Use the filtering feature to block access to specific web sites or Internet applicat...

Page 17: ...5 seconds The WLAN WPS LED turns off Use the WLAN WPS button to quickly set up a secure wireless connection between the Device and a WPS compatible client by adding one device at a time To activate WPS 1 With the POWER LED on steady press the WLAN WPS button for 1 second and release it 2 Within two minutes press the WPS button on a WPS enabled client within range of the Device The WPS WLAN LED sho...

Page 18: ...D on steady press the RESET button for ten seconds or until the POWER LED begins to blink and then release it When the POWER LED begins to blink the defaults have been restored and the device restarts 1 7 LEDs Lights The following graphic displays the labels of the LEDs Figure 3 LEDs None of the LEDs are on if the Device is not receiving power Table 1 LED Descriptions LED COLOR STATUS DESCRIPTION ...

Page 19: ... is not activated DSL Green On The DSL line is up Blinking The DSL line is initializing Off The DSL line is down INTERNET Green On The Device has an IP connection but no traffic Your device has a WAN IP address either static or assigned by a DHCP server PPP negotiation was successfully completed if used and the DSL connection is up Blinking The Device is sending or receiving IP traffic Off The Dev...

Page 20: ...Chapter 1 Introduction VMG1312 T10C User s Guide 20 ...

Page 21: ...g is enabled by default in Windows XP SP Service Pack 2 JavaScript enabled by default Java permissions enabled by default 2 1 1 Accessing the Web Configurator 1 Make sure your Device hardware is properly connected refer to the Quick Start Guide 2 Launch your web browser 3 Type 192 168 1 1 as the URL 4 A password screen displays Type admin as the default Username and 1234 as the default password to...

Page 22: ...default password Enter a new password retype it to confirm and click Apply alternatively click Skip to proceed to the main menu if you do not want to change the password now Figure 5 Change Password Screen 6 The Connection Status screen appears Figure 6 Connection Status 7 Click System Info to display the System Info screen where you can view the Device s interface and system information ...

Page 23: ...lick Connection Status System Info to show the following screen Figure 7 Web Configurator Layout As illustrated above the main screen is divided into these parts A title bar B main window C navigation panel 2 2 1 Title Bar The title bar shows the Wizard and Logout icons in the upper right corner B C A a b ...

Page 24: ...ussed in the rest of this document Click LAN Device on the System Info screen a in Figure 7 on page 23 to display the Connection Status screen See Chapter 4 on page 30 for more information on the System Info and Connection Status screens Click Virtual Device on the System Info screen b in Figure 7 on page 23 to display a visual graphic showing the connection status of the Device s ports The connec...

Page 25: ...ings Note See the rest of this guide for background information on the features in this chapter 3 2 Quick Start Setup 1 The Quick Start Wizard appears automatically after login Or you can click the Start icon in the top right corner of the web configurator to open the quick start screens Select the time zone of the Device s location and click Next Figure 9 Time Zone ...

Page 26: ... depending on your current connection type Click Next Figure 10 WAN Interface Selection 3 Turn the wireless LAN on or off If you keep it on record the security settings so you can configure your wireless clients to connect to the Device Click Save Figure 11 Internet Connection 4 Your Device saves your settings and attempts to connect to the Internet ...

Page 27: ...27 PART II Technical Reference The appendices provide general information Some details may not apply to your Device ...

Page 28: ...28 ...

Page 29: ...counts If you click Virtual Device on the System Info screen a visual graphic appears showing the connection status of the Device s ports See Section 2 2 2 on page 24 for more information 4 2 The Connection Status Screen Use this screen to view the network connection status of the device and its clients A warning message appears if there is a connection problem You can configure how often you want...

Page 30: ...lick Connection Status System Info to open this screen Figure 14 System Info Screen Each field is described in the following table Table 2 System Info Screen LABEL DESCRIPTION Refresh Interval Select how often you want the Device to update this screen from the drop down list box Device Information Host Name This field displays the Device system name It is used for identification You can change thi...

Page 31: ...to the LAN Choices are Server The Device is a DHCP server in the LAN It assigns IP addresses to other computers in the LAN None The Device is not providing any DHCP services to the LAN IPv6 Address This is the current IPv6 address of the Device in the LAN Link local IPv6 Address This is the current LAN IPv6 link local address of the Device IPv6 Prefix This is the current IPv6 prefix length in the ...

Page 32: ...load and the throughput is not going to improve anymore If you want some applications to have more throughput you should turn off other applications Memory Usage This field displays what percentage of the Device s memory is currently used Usually this percentage should not increase much If memory usage does get close to 100 the Device is probably becoming unstable and you should restart the device...

Page 33: ... when using the interface and NoDevice when no device is detected in any USB slot For the xDSL WAN interface this field displays Down when the line is down or Up when line is up or connected Rate For the LAN interface this displays the port speed and duplex setting For the WLAN interface it displays the maximum transmission rate when WLAN is enabled or N A when WLAN is disabled For the 3G interfac...

Page 34: ...Chapter 4 Connection Status and System Info VMG1312 T10C User s Guide 34 ...

Page 35: ...that a computer in one location can communicate with computers in other locations Figure 15 LAN and WAN 3G third generation standards for the sending and receiving of voice video and data in a mobile environment You can attach a 3G wireless adapter to the USB port and set the Device to use this 3G connection as your WAN or a backup when the wired WAN connection fails Figure 16 3G WAN Connection 5 ...

Page 36: ...teway IP address if you use the Ethernet or ENET ENCAP encapsulation method Multicast Traditionally IP packets are transmitted in one of either two ways Unicast 1 sender 1 recipient or Broadcast 1 sender everybody on the network Multicast delivers IP packets to a group of hosts on the network not everybody and not just one IGMP Devices use the IGMP Internet Group Management Protocol network layer ...

Page 37: ...nside IPv6 encapsulation packets to the ISP s Address Family Transition Router AFTR in the graphic to connect to the IPv4 Internet The local network can also use IPv6 services The VDSL Router uses it s configured IPv6 WAN IP to route IPv6 traffic to the IPv6 Internet Figure 18 Dual Stack Lite 3G 3G Third Generation is a digital packet switched wireless technology Bandwidth usage is optimized as mu...

Page 38: ...5 5 on page 52 for technical background information on WAN 5 1 3 Before You Begin You need to know your Internet access settings such as encapsulation and WAN IP address Get this information from your ISP 5 2 The Internet Connection Screen Use this screen to change your Device s WAN settings Click Network Setting Broadband Internet Connection The screen differs by the mode and encapsulation you se...

Page 39: ...Chapter 5 WAN Setup VMG1312 T10C User s Guide 39 Figure 19 Network Setting Broadband Internet Connection ...

Page 40: ...t Bridge when your ISP provides you more than one IP address and you want the connected computers to get individual IP address from ISP s DHCP server directly If you select Bridge you cannot use Firewall DHCP server and NAT on the Device Encapsulation Select the method of encapsulation used by your ISP from the drop down list box Choices vary depending on the mode you select in the Mode field If y...

Page 41: ...he VCI assigned to you 32 to 65535 WAN Outgoing Default Tag Enter the IEEE 802 1p priority level and DSCP value for the WAN interface 802 1p This field is available only when VLAN is enabled Enter the IEEE 802 1p priority level for this WAN interface connection DSCP Enter a DSCP DiffServ Code Point value to have the Device add it in the packets sent by this WAN interface IP Address You can use the...

Page 42: ...CPv6 to get an IP address and then SLAAC if DHCPv6 does not work Select SLAAC Stateless address autoconfiguration to have the Device use the prefix to automatically generate a unique IP address that does not need to be maintained by a DHCP server Select None if you do not want the Device to obtain an IPv6 address from a DHCPv6 server DHCP PD Select Enable to use DHCP PD Prefix Delegation to allow ...

Page 43: ...e separated by a colon as in XXXX XXXX XXXX XXXX where X represents a hexadecimal character Blocks of zeros can be represented with double colons as in XXXX XXXX XXXX Connection PPPoA and PPPoE encapsulation only Keep Alive Select Keep Alive when you want your connection up all the time The Device will try to bring up the connection automatically if it disconnects Connect on Demand Select Connect ...

Page 44: ...ontinuous Bit Rate to specify fixed always on bandwidth for voice or data traffic Select UBR With PCR Unspecified Bit Rate with Peak Cell Rate for applications that are non time sensitive such as e mail Select Non Realtime VBR Variable Bit Rate non Real Time or Realtime VBR Variable Bit Rate Real Time for bursty traffic and bandwidth sharing with other applications Peak Cell Rate Divide the DSL li...

Page 45: ...N This is an index number indicating the number of the corresponding connection Active This field indicates whether the connection is active or not This field is read only Node Name This is the name of the Internet connection VPI VCI This field displays the Virtual Path Identifier VPI and Virtual Channel Identifier VCI numbers configured for this WAN connection Encapsulation This field indicates t...

Page 46: ...n Table 6 More Connections Edit LABEL DESCRIPTION General Active Select the check box to activate or clear the check box to deactivate this connection Node Name Enter a unique descriptive name of up to 13 ASCII characters for this connection Mode Select Router from the drop down list box if your ISP allows multiple computers to share an Internet account If you select Bridge the Device will forward...

Page 47: ...ly IPv4 Select IPv4 IPv6 to let the Device connect to IPv4 and IPv6 networks and choose the protocol for applications according to the address type Select IPv6 to have the Device use only IPv6 PPP Authentication The Device supports PAP Password Authentication Protocol and CHAP Challenge Handshake Authentication Protocol CHAP is more secure than PAP however PAP is readily available on more platform...

Page 48: ...Pv6 address Static IP Address Select this option if you have a fixed IPv6 address assigned by your ISP DHCP IPv6 Select DHCP if you want to obtain an IPv6 address from a DHCPv6 server The IP address assigned by a DHCPv6 server has priority over the IP address automatically generated by the Device using the IPv6 prefix from an RA Select SLAAC Stateless address autoconfiguration to have the Device u...

Page 49: ...ut NAT If you set the Mode field to Router you can select SUA Only if you have one public IP address and want to use NAT Otherwise select None to disable NAT Back Click this to return to the previous screen without saving Apply Click this to save your changes Advanced Setup Click this to display the More Connections Advanced Setup screen and edit more details of your WAN setup Table 6 More Connect...

Page 50: ...ic and bandwidth sharing with other applications Peak Cell Rate Divide the DSL line rate bps by 424 the size of an ATM cell to find the Peak Cell Rate PCR This sets the maximum rate at which the sender can send cells Type the PCR here Sustain Cell Rate The Sustain Cell Rate SCR sets the average cell rate long term that can be transmitted Type the SCR which must be less than the PCR Note the system...

Page 51: ...scription This field displays the manufacturer and model name of your 3G card if you inserted one in the Device Otherwise it displays N A Username Type the user name of up to 70 ASCII printable characters given to you by your service provider Password Type the password of up to 70 ASCII printable characters associated with the user name above PIN A PIN Personal Identification Number code is a key ...

Page 52: ...nter up to 31 ASCII printable characters Spaces are allowed Obtain an IP Address Automatically Select this option If your ISP did not assign you a fixed IP address Use the following static IP address Select this option If the ISP assigned a fixed IP address IP Address Enter your WAN IP address in this field if you selected Use the following static IP address Obtain DNS info dynamically Select this...

Page 53: ...does that part of the task Furthermore with NAT all of the LANs computers will have access 5 5 1 3 PPPoA PPPoA stands for Point to Point Protocol over ATM Adaptation Layer 5 AAL5 A PPPoA connection functions like a dial up Internet connection The Device encapsulates the PPP session based on RFC 1483 and sends it through an ATM PVC Permanent Virtual Circuit to the Internet Service Provider s ISP DS...

Page 54: ...t fixed the ISP assigns you a different one each time The Single User Account feature can be enabled or disabled if you have either a dynamic or static IP However the encapsulation method assigned influences your choices for IP address and ENET ENCAP gateway IP Assignment with PPPoA or PPPoE Encapsulation If you have a dynamic IP then the IP Address and Gateway IP Address fields are not applicable...

Page 55: ...sure quality of service in wireless networks for multimedia applications Section 6 7 on page 70 Use the Scheduling screen to schedule a time period for the wireless LAN to operate each day Section 6 8 on page 71 Use the Advanced screen to configure advanced wireless features Section 6 9 on page 73 You don t necessarily need to use all these screens to set up your wireless connection For example yo...

Page 56: ... name of the wireless network It stands for Service Set IDentifier If two wireless networks overlap they should use a different channel Like radio stations or television channels each wireless network uses a specific channel or frequency to send and receive information Every device in the same wireless network must use security compatible with the AP Security stops unauthorized devices from using ...

Page 57: ...et up a well secured network very easily Even if some of your devices support WPS and some do not you can use WPS to set up your network and then add the non WPS devices manually although this is somewhat more complicated to do What advanced options do you want to configure if any If you want to configure advanced options ensure that you know precisely what you want to do If you do not want to con...

Page 58: ...Dentity identifies the service set with which a wireless device is associated Wireless devices associating to the access point AP must have the same SSID Enter a descriptive name up to 32 English keyboard characters for the wireless LAN Hide SSID Select this check box to hide the SSID in the outgoing beacon frame so a station cannot obtain the SSID through scanning using a site survey tool Client ...

Page 59: ...rom any channels used by neighboring APs as possible The channel number which the Device is currently using then displays in the Operating Channel field Scan Click this button to have the Device immediately scan for and select a channel which is not used by another device whenever the device reboots or the wireless setting is changed Operating Channel This is the channel currently being used by yo...

Page 60: ...elect Basic as the security level Then select Static WEP or Shared WEP from the Security Mode list Figure 28 Wireless General Basic Static WEP Shared WEP The following table describes the labels in this screen Table 11 Wireless General Basic Static WEP Shared WEP LABEL DESCRIPTION Security Level Select Basic to enable WEP data encryption Generate password automatically Select this option to have t...

Page 61: ...list Figure 29 Wireless General More Secure WPA 2 PSK The following table describes the labels in this screen Table 12 Wireless General WPA 2 PSK LABEL DESCRIPTION Security Level Select More Secure to enable WPA 2 PSK data encryption Security Mode Select WPA PSK or WPA2 PSK from the drop down list box Pre Shared Key The encryption mechanisms used for WPA WPA2 and WPA PSK WPA2 PSK are the same The ...

Page 62: ... the General screen Select More Secure as the security level Then select WPA or WPA2 from the Security Mode list Figure 30 Wireless General More Secure WPA 2 Group Key Update Timer The Group Key Update Timer is the rate at which the RADIUS server sends a new group key out to all clients Encryption If the security mode is WPA PSK the encryption mode is set to TKIP to enable Temporal Key Integrity P...

Page 63: ...to 128 alphanumeric characters as the key to be shared between the external authentication server and the Device The key must be the same on the external authentication server and your Device The key is not sent over the network more hide more Click more to show more fields in this section Click hide more to hide them ReAuthentication Timer Specify how often wireless stations have to resend user n...

Page 64: ...nifies that this SSID is active A gray bulb signifies that this SSID is not active SSID An SSID profile is the set of parameters relating to one of the Device s BSSs The SSID Service Set IDentifier identifies the Service Set with which a wireless device is associated This field displays the name of the wireless profile on the network When a wireless client scans for an AP to associate with this is...

Page 65: ...ssociated Wireless devices associating to the access point AP must have the same SSID Enter a descriptive name up to 32 English keyboard characters for the wireless LAN Hide SSID Select this check box to hide the SSID in the outgoing beacon frame so a station cannot obtain the SSID through scanning using a site survey tool Client Isolation Select this to keep the wireless clients in this SSID from...

Page 66: ...n this wireless network Wireless clients must use the same wireless security settings as the Device to connect to the wireless LAN After you select to use security additional options appears in this screen Or you can select No Security to allow any client to connect to this network without any data encryption or authentication See Section 6 2 1 on page 59 through Section 6 2 4 on page 62 for more ...

Page 67: ... WPA PSK WPA2 PSK mixed or no security Add new MAC address Click this if you want to add a new MAC address entry to the MAC filter list below Enter the MAC addresses of the wireless devices that are allowed or denied access to the Device in these address fields Enter the MAC addresses in a valid MAC address format that is six hexadecimal character pairs for example 12 34 56 78 9a bc Figure 34 Wire...

Page 68: ...th WPS Method These fields display after you enable WPS and click Apply Method 1 PBC Use this section to set up a WPS wireless network using Push Button Configuration PBC WPS Click this button to add another WPS enabled wireless device within wireless range of the Device to your wireless network This button may either be a physical button on the outside of device or a menu button similar to the WP...

Page 69: ...he Device WPS Configuration Summary AP PIN The PIN of the Device is shown here Enter this PIN in the configuration utility of the device you want to connect to using WPS The PIN is not necessary when you use WPS push button method Click the Generate New PIN button to have the Device create a new PIN Status This displays Configured when the Device has connected to a wireless network using WPS or En...

Page 70: ... 2 or WPA 2 PSK in the Wireless General screen TKIP Select this to use TKIP Temporal Key Integrity Protocol encryption AES Select this to use AES Advanced Encryption Standard encryption This is the index number of the individual WDS link Active Select this to activate the link between the Device and the peer device to which this entry refers When you do not select the check box this link is down R...

Page 71: ...reless WMM LABEL DESCRIPTION Enable WMM of SSID1 4 This enables the Device to automatically give a service a priority level according to the ToS value in the IP header of packets it sends WMM QoS Wifi MultiMedia Quality of Service gives high priority to voice and video which makes them run more smoothly Apply Click Apply to save your changes Cancel Click Cancel to restore your previously saved set...

Page 72: ...LAN back on Security This field indicates the security mode of the SSID profile Modify Click the Edit icon to configure the scheduling rule Click the Delete icon to remove the scheduling rule Apply Click Apply to save your changes Cancel Click Cancel to restore your previously saved settings Table 20 Network Setting Wireless Scheduling continued LABEL DESCRIPTION Table 21 Network Setting Wireless ...

Page 73: ...r Short 802 11 Mode Select 802 11b to allow only IEEE 802 11b compliant WLAN devices to associate with the Device Select 802 11g to allow only IEEE 802 11g compliant WLAN devices to associate with the Device Select 802 11b g to allow either IEEE 802 11b or IEEE 802 11g compliant WLAN devices to associate with the Device The transmission rate of your Device might be reduced Select 802 11n to allow ...

Page 74: ... you set the 802 11 Mode to 802 11n or 802 11b g n in the Advanced Setup screen Apply Click this to save your changes Cancel Click this to restore your previously saved settings Table 22 Network Setting Wireless Advanced continued LABEL DESCRIPTION Table 23 Additional Wireless Terms TERM DESCRIPTION RTS CTS Threshold In a wireless network which covers a large area wireless devices are sometimes no...

Page 75: ...on that you personally will easily remember and to enter it in a way that appears random and does not include real words For example if your mother owns a 1970 Dodge Challenger and her favorite movie is Vanishing Point which you know was made in 1971 you could use 70dodchal71vanpoi as your security key The following sections introduce different types of wireless security you can set up in the wire...

Page 76: ... for unauthorized wireless devices to figure out the original information pretty quickly When you select WPA2 or WPA2 PSK in your Device you can also select an option WPA compatible to support WPA as well In this case if some of the devices support WPA and some support WPA2 you should set up WPA2 PSK or WPA2 depending on the type of wireless network login and select the WPA compatible option in th...

Page 77: ...ferent APs to configure different Basic Service Sets BSSs As well as the cost of buying extra APs there is also the possibility of channel interference The Device s MBSSID Multiple Basic Service Set IDentifier function allows you to use one access point to provide several BSSs simultaneously You can then assign varying QoS priorities and or security modes to different SSIDs Wireless devices can us...

Page 78: ...vices is made At the time of writing WDS security is not compatible with all access points Refer to your other access point s documentation for details The following figure illustrates how WDS link works between APs Notebook computer A is a wireless client connecting to access point AP 1 AP 1 has no wired Internet connection but it can establish a WDS link with access point AP 2 which has a wired ...

Page 79: ...een to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses Section 7 3 on page 90 Use the IP Alias screen Section 7 4 on page 91 to configure another logical network in the physical LAN network Use the UPnP screen to enable UPnP Section 7 5 on page 92 Use the UPnP Rule screen to Use the IPv6 LAN Setup screen Section 7 7 on page 93 to configure the IPv6 sett...

Page 80: ...server addresses you enter when you set up DHCP are passed to the client machines along with the assigned IP address and subnet mask 7 1 2 2 About UPnP How do I know if I m using UPnP UPnP hardware is identified as an icon in the Network Connections folder Windows XP Each UPnP compatible device installed on your network will appear as a separate icon Selecting the icon of a UPnP device will allow ...

Page 81: ...ifferent operating systems such as Windows or Linux have different file systems The file sharing feature on your Device supports FAT16 FAT32 NTFS EXT2 and EXT3 Common Internet File System The Device uses Common Internet File System CIFS protocol for its file sharing functions CIFS compatible computers can access the USB file storage devices connected to the Device CIFS protocol is supported on Mic...

Page 82: ... TCP IP ports for printing and be compatible with the RAW port 9100 protocol The following OSs support Device s printer sharing feature Microsoft Windows 95 Windows 98 SE Second Edition Windows Me Windows NT 4 0 Windows 2000 Windows XP or Macintosh OS X 7 2 The LAN Setup Screen Click Network Setting Home Networking to open the LAN Setup screen Use this screen to set the Local Area Network IP addre...

Page 83: ...led to deactivate it DHCP Server State DHCP Select Enable to have your Device assign IP addresses an IP default gateway and DNS servers to LAN computers and other devices that are DHCP clients If you select Disable you need to manually configure the IP addresses of the computers and other devices on your LAN When DHCP is used the following fields need to be set IP Addressing Values IP Pool Startin...

Page 84: ...dd a new static DHCP entry This is the index number of the entry Status This field displays whether the client is connected to the Device Host Name This field displays the client host name MAC Address The MAC Media Access Control or Ethernet address on a LAN Local Area Network is unique to your computer six pairs of hexadecimal notation A network interface card such as an Ethernet adapter has a ha...

Page 85: ...e itself as the gateway for the LAN network When you use IP alias you can also configure firewall rules to control access to the LAN s logical network subnet Use this screen to change your Device s IP alias settings Click Network Setting Home Networking IP Alias to open the following screen Figure 51 Network Setting Home Networking IP Alias Table 27 Static DHCP Add LABEL DESCRIPTION MAC Address En...

Page 86: ...table describes the labels in this screen 7 6 The UPnP Rule Screen Table 28 Network Setting Home Networking IP Alias LABEL DESCRIPTION IP Alias Select Enable to configure a LAN network for the Device IP Address Enter the IP address of your Device in dotted decimal notation Subnet Mask Your Device will automatically calculate the subnet mask based on the IP address that you assign Unless you are im...

Page 87: ... Home Networking VMG1312 T10C User s Guide 93 7 7 The IPv6 LAN Setup Screen Use this screen to configure the IPv6 settings for your Device s LAN interface Figure 53 Network Setting Home Networking IPv6 LAN Setup ...

Page 88: ... If you selected Manual enter the LAN Identifier in this field The LAN identifier should be unique and 64 bits in hexadecimal form Every 16 bit block should be separated by a colon as in XXXX XXXX XXXX XXXX where X is a hexadecimal character Blocks of zeros can be represented with double colons as in XXXX XXXX XXXX IPv6 ULA Address Type A unique local address ULA is a unique IPv6 address for use i...

Page 89: ... either through router advertisements or through DHCPv6 DHCPv6 DHCPv6 Server Use this field to Enable or Disable DHCPv6 server on the Device DNSv6 Mode Select the DNS role Proxy or Relay that you want the Device to act in the IPv6 LAN network Alternatively select Manual and specify the DNS servers IPv6 address in the fields below Primary DNS This field is available if you choose Manual as the DNSv...

Page 90: ...warding an IPv6 packet IPv6 routers are required to decrease the Hop Limit by 1 and to discard the IPv6 packet when the Hop Limit is 0 Possible value for this field are 0 255 Router Lifetime Enter the time in seconds that hosts should consider the Device to be the default router Possible values for this field are 0 9000 Router Preference Select the router preference Low Medium or High for the Devi...

Page 91: ... administrator 7 8 1 Before You Begin Make sure the Device is connected to your network and turned on 1 Connect the USB device to one of the Device s USB ports Make sure the Device is connected to your network 2 The Device detects the USB device and makes its contents available for browsing If you are connecting a USB hard drive that comes with an external power supply make sure it is connected to...

Page 92: ...Access Level Select Public to allow all LAN users to access the shared folders Select Security to allow only the users added and activated in the Account Management section below to access the shared folders Account Management This is the index number of the file sharing user account Status This shows whether or not the file sharing user account is activated User Name This field displays the user ...

Page 93: ...BEL DESCRIPTION Active Select this to activate the file sharing user account User Name Type the user name for the account New Password Type your new system password up to 30 characters Note that as you type a password the screen displays a for each character you type After you change the password use the new password to access the Device Retype New Password Type the new password again for confirma...

Page 94: ...printer must be connected to your Device A USB printer with the driver already installed on your computer The computers on your network must have the printer software already installed before they can create a TCP IP port for printing via the network Follow your printer manufacturers instructions on how to install the printer software on your computer Note Your printer s installation instructions ...

Page 95: ...tain TCP IP configuration at start up from a server You can configure the Device as a DHCP server or disable it When configured as a server the Device provides the TCP IP configuration for the clients If you turn DHCP service off you must have another DHCP server on your LAN or else the computer must be manually configured IP Pool Setup The Device is pre configured with a pool of IP addresses for ...

Page 96: ...work Once you have decided on the network number pick an IP address that is easy to remember for instance 192 168 1 1 for your Device but make sure that no other device on your network is using that IP address The subnet mask specifies the network number portion of an IP address Your Device will compute the subnet mask automatically based on the IP address that you entered You don t need to change...

Page 97: ...n Windows Me and Windows XP Installing UPnP in Windows Me Follow the steps below to install the UPnP in Windows Me 1 Click Start and Control Panel Double click Add Remove Programs 2 Click the Windows Setup tab and select Communication in the Components selection box Click Details Figure 60 Add Remove Programs Windows Setup Communication ...

Page 98: ...Components 4 Click OK to go back to the Add Remove Programs Properties window and click Next 5 Restart the computer when prompted Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP 1 Click Start and Control Panel 2 Double click Network Connections 3 In the Network Connections window click Advanced in the main menu and select Optional Networking Components Figure...

Page 99: ...working Components Wizard window displays Select Networking Service in the Components selection box and click Details Figure 63 Windows Optional Networking Components Wizard 5 In the Networking Services window select the Universal Plug and Play check box Figure 64 Networking Services ...

Page 100: ... feature in Windows XP You must already have UPnP installed in Windows XP and UPnP activated on the Device Make sure the computer is connected to a LAN port of the Device Turn on your computer and the Device Auto discover Your UPnP enabled Network Device 1 Click Start and Control Panel Double click Network Connections An icon displays under Internet Gateway 2 Right click the icon and select Proper...

Page 101: ... 7 Home Networking VMG1312 T10C User s Guide 107 3 In the Internet Connection Properties window click Settings to see the port mappings there were automatically created Figure 66 Internet Connection Properties ...

Page 102: ...t mappings or click Add to manually add port mappings Figure 67 Internet Connection Properties Advanced Settings Figure 68 Internet Connection Properties Advanced Settings Add 5 When the UPnP enabled device is disconnected from your computer all port mappings will be deleted automatically ...

Page 103: ...isplay your current Internet connection status Figure 70 Internet Connection Status Web Configurator Easy Access With UPnP you can access the web based configurator on the Device without finding out the IP address of the Device first This comes helpful if you do not know the IP address of the Device Follow the steps below to access the web configurator 1 Click Start and then Control Panel 2 Double...

Page 104: ... Home Networking VMG1312 T10C User s Guide 110 3 Select My Network Places under Other Places Figure 71 Network Connections 4 An icon with the description for each UPnP enabled device displays under Local Network ...

Page 105: ...select Invoke The web configurator login screen displays Figure 72 Network Connections My Network Places 6 Right click on the icon for your Device and select Properties A properties window displays with basic information about the Device Figure 73 Network Connections My Network Places Properties Example ...

Page 106: ...Chapter 7 Home Networking VMG1312 T10C User s Guide 112 ...

Page 107: ...traffic from A to the Internet through the Device s default gateway R1 You create one static route to connect to services offered by your ISP behind router R2 You create another static route to communicate with a separate network behind a router R3 connected to the LAN Figure 74 Example of Static Routing Topology 8 1 1 What You Can Do in this Chapter Use the Static Route screens Section 8 2 on pag...

Page 108: ...atic Route Click this to set up a new static route on the Device This is the number of an individual static route Destination IP This parameter specifies the IP network address of the final destination Routing is always based on network number Gateway This is the IP address of the gateway The gateway is a router or switch on the same network segment as the device s LAN or WAN port The gateway help...

Page 109: ...r destinations Bound Interface You can decide if you want to forward packets to a gateway IP address or a bound interface If you want to configure Bound Interface select the check box and choose an interface through which the traffic is sent You must have the WAN interfaces already configured in the Broadband screen Metric Enter the cost of transmission for routing purposes IP routing uses hop cou...

Page 110: ... Static Route Add Edit LABEL DESCRIPTION Destination IPv6 Address This parameter specifies the IP network address of the final destination Routing is always based on network number If you need to specify a route to a single host use a prefix length of 128 in the prefix length field to force the network number to be identical to the host ID IPv6 Prefix Length Enter the address prefix to specify how...

Page 111: ...delay such as Internet gaming and those for which jitter alone is a problem such as Internet radio or streaming video 9 1 1 What You Can Do in this Chapter Use the General screen to enable QoS set the bandwidth and allow the Device to automatically assign priority to upstream traffic according to the IP precedence or packet length Section 9 2 on page 120 Use the Queue Setup screen to configure QoS...

Page 112: ...ur network performance You can give priority to traffic that the Device forwards out through the WAN interface Give high priority to voice and video to make them run more smoothly Similarly give low priority to many large file downloads so that they do not reduce the quality of other applications Traffic priority will be automatically assigned by Select how the Device assigns priorities to various...

Page 113: ...es whether the queue is active or not A yellow bulb signifies that this queue is active A gray bulb signifies that this queue is not active Name This shows the descriptive name of this queue Interface This shows the name of the Device s interface through which traffic in this queue passes Priority This shows the priority of this queue Weight This shows the weight of this queue Rate Limit kbps This...

Page 114: ...smoothly Similarly give low priority to many large file downloads so that they do not reduce the quality of other applications Table 41 Queue Setup Edit LABEL DESCRIPTION Active Select to enable or disable this queue Name Enter the descriptive name of this queue Interface Select the interface of this queue Priority Select the priority level from 1 to 7 of this queue The lower the number the higher...

Page 115: ... is not active From Interface If the classifier applies to traffic coming in through a specific interface it displays here Classification Criteria This shows criteria specified in this classifier for example the interface from which traffic of this class should come and the source MAC address of traffic that matches this classifier DSCP Traffic Class Mark This is the DSCP number added to traffic o...

Page 116: ...Classifier in the Class Setup screen or the Edit icon next to an existing classifier to configure it Figure 83 Class Setup Add Edit The following table describes the labels in this screen Table 43 Class Setup Add Edit LABEL DESCRIPTION Rule Index Select the order number of this rule Class Configuration ...

Page 117: ...ource MAC address that the traffic s MAC address should match Enter 0 for the bits of the matched traffic s MAC address which can be of any hexadecimal characters For example if you set the MAC address to 00 13 49 00 00 00 and the mask to ff ff ff 00 00 00 a packet with a MAC address of 00 13 49 12 34 56 matches this criteria Exclude Select this option to exclude the packets that match the specifi...

Page 118: ...ange IP Precedence Range Enter a range from 0 to 7 for IP precedence 0 is the lowest priority and 7 is the highest Type of Service Select a type of service from the drop down list box DSCP Range 0 63 Select this option and specify a DSCP DiffServ Code Point number between 0 and 63 in the field provided 802 1P Select this option and select a priority level between 0 and 7 from the drop down list bo...

Page 119: ...y level and VLAN ID that you specify in the Ethernet Priority and VLAN ID fields If you select Same the Device keep the Ethernet Priority and VLAN ID in the packets To configure the Ethernet Priority you can either select a priority number in the first drop down list box 7 is the highest and 0 is the lowest priority or select an application from the second drop down list box which automatically ma...

Page 120: ...n Table 44 Network Setting QoS Policer Setup continued LABEL DESCRIPTION Table 45 Policer Setup Add Edit LABEL DESCRIPTION Active Select the check box to activate this policer Name Enter the descriptive name of this policer Meter Type This shows the traffic metering algorithm used in this policer The Simple Token Bucket algorithm uses tokens in a bucket to control when traffic can be transmitted E...

Page 121: ...the DSCP mark value of the packets Enter the DSCP mark value to use Non Conforming Action Specify what the Device does for packets that exceed the excess burst size or peak rate and burst size red marked packets Drop Discard the packets DSCP Mark Change the DSCP mark value of the packets Enter the DSCP mark value to use The packets may be dropped if there is congestion on the network Available Cla...

Page 122: ...ending on the code points without the need to negotiate paths or remember state information for every flow In addition applications do not have to request a particular service or give advanced notice of where the traffic is going DSCP and Per Hop Behavior DiffServ defines a new DS Differentiated Services field to replace the Type of Service TOS field in the IP header The DS field contains a 2 bit ...

Page 123: ...o Know The following terms and concepts may help as you read this chapter Inside Outside and Global Local Inside outside denotes where a host is located relative to the Device for example the computers of your subscribers are the inside hosts while the web servers on the Internet are the outside hosts Global local denotes the IP address of a host in a packet as the packet traverses a router for ex...

Page 124: ...oming service requests to the servers on your local network You may enter a single port number or a range of port numbers to be forwarded and the local IP address of the desired server The port number identifies a service for example web service is on port 80 and FTP on port 21 In some cases such as for unknown services or where one server can support more than one service for example both FTP and...

Page 125: ...lnet and SMTP server A in the example port 80 to another B in the example and assign a default server IP address of 10 0 0 35 to a third C in the example You assign the LAN IP addresses and the ISP assigns the WAN IP address The NAT network appears as a single host on the Internet Figure 88 Multiple Servers Behind NAT Example 10 3 1 The Port Forwarding Screen Click Network Setting NAT to open the ...

Page 126: ...ber that identifies a service External End Port This is the last external port number that identifies a service Internal Start Port This is the first internal port number that identifies a service Internal End Port This is the last internal port number that identifies a service Server IP Address This is the server s IP address Modify Click the Edit icon to edit the port forwarding rule Click the D...

Page 127: ...ange To forward only one port enter the port number in the External Start Port field above and then enter it again in this field To forward a series of ports enter the last port number in a series that begins with the port number in the External Start Port field above Server IP Address Enter the inside IP address of the virtual server here Protocol Select the protocol supported by this virtual ser...

Page 128: ...s screen 10 6 Technical Reference This section provides some technical background information about the topics covered in this chapter Table 50 Network Setting NAT DMZ LABEL DESCRIPTION WAN Interface Select the WAN interface for which to configure a default server Default Server Address Enter the IP address of the default server which receives packets from ports that are not specified in the Port ...

Page 129: ...the inside local address before forwarding it to the original inside host Note that the IP address either local or global of an outside host is never changed The global IP addresses for the inside hosts can be either static or dynamically assigned by the ISP In addition you can designate servers for example a web server and a Telnet server on your local network and make them accessible to the outs...

Page 130: ...d port numbers so incoming reply packets can have their original values restored The following figure illustrates this Figure 93 How NAT Works 192 168 1 13 192 168 1 10 192 168 1 11 192 168 1 12 SA 192 168 1 10 SA IGA1 Inside Local IP Address 192 168 1 10 192 168 1 11 192 168 1 12 192 168 1 13 Inside Global IP Address IGA 1 IGA 2 IGA 3 IGA 4 NAT Table WAN LAN Inside Local Address ILA Inside Global...

Page 131: ...ports not belonging to a port binding group the Device forwards traffic according to the routing table Additionally specify ATM QoS settings for an ADSL virtual channel PVC to satisfy the bandwidth requirements of the traffic the PVC carries For example create two port binding groups on the device R1 for two different WAN ATM PVC connections The first PVC PVC1 handles non time sensitive data traff...

Page 132: ...but not to ports in other groups If a port is not included in any groups traffic will be forwarded according to the routing table ATM VCs Select the ATM VC PVC to include in the port binding group Each ATM VC can only be bound to one group PTM VCs Select the PTM VC to include in the port binding group An individual PTM VC can be bound to more than one group Ethernet Select the Ethernet Eth ports t...

Page 133: ... Group Summary section to display the following screen Figure 96 Network Setting Port Binding Port Binding Summary The following table describes the labels in this screen Table 54 Network Setting Port Binding Port Binding Summary LABEL DESCRIPTION Group ID This field displays the group index number Group Port This field displays the ports and virtual channels included in the group OK Click this to...

Page 134: ...Any Port Any Service LABEL DESCRIPTION Index This is the index number for the port binding group Option60 This is the Vendor Class Identifier of the matched traffic Option61 This is the device identity of the matched traffic Option77 This is the User Class Identifier of the matched traffic Option125 This is the vendor specific information of the matched traffic MAC Mask This is the source MAC addr...

Page 135: ...is check box and enter the MAC address and MAC mask MAC address Enter the source MAC address of the packet MAC mask Type the mask for the specified MAC address to determine which bits a packet s MAC address should match Enter f for each bit of the specified source MAC address that the traffic s MAC address should match Enter 0 for the bit s of the matched traffic s MAC address which can be of any ...

Page 136: ...prise number Select DUID LL DUID Based on Link layer Address to enter the device s hardware type and hardware address MAC address in the following fields Select Other to enter any string that identifies the device in the DUID field DHCP option77 Select this and enter a string that identifies the user s category or application type in the matched DHCP packets Value Enter a string that identifies th...

Page 137: ...each time you reconnect Your friends or relatives will always be able to call you even if they don t know your IP address First of all you need to have registered a dynamic DNS account with www dyndns org This is for people with a dynamic IP from their ISP or DHCP server that would still like to have a domain name The Dynamic DNS service provider will give you a password or key 12 1 1 What You Nee...

Page 138: ...name of your Dynamic DNS service provider Host Name Type the domain name assigned to your Device by your Dynamic DNS provider Username Type your user name for the Dynamic DNS service provider Password Type your password for the Dynamic DNS service provider Apply Click Apply to save your changes Cancel Click Cancel to restore your previously saved settings Dynamic DNS Status User Authentication Res...

Page 139: ... 13 1 1 What You Can Do in the Filter Screens Use the IP MAC Filter screen Section 13 2 on page 148 to create IPv4 MAC filter rules Use the IPv6 MAC Filter screen Section 13 3 on page 150 to create IPv6 MAC filter rules 13 2 The IP MAC Filter Screen Use this screen to create and apply IPv4 MAC filters Click Security Filter to display the screen as shown Figure 101 Security Filter ...

Page 140: ...t is 0 0 0 0 Subnet Mask Enter the IP subnet mask for the destination IP address Port Number Enter the destination port of the packets that you wish to filter The range of this field is 0 to 65535 This field is ignored if it is 0 Protocol Select ICMP TCP or UDP for the upper layer protocol Source MAC Address This field is only available when you select MAC in the Rule Type field Enter the MAC addr...

Page 141: ...o create a filter rule that blocks traffic IPv6 MAC Filter Rule Editing IPv6 MAC Filter Rule Index Select the index number of the filter rule Active Use this field to enable or disable the rule Interface Select the interface to which to apply the filter Direction Apply the filter to Incoming or Outgoing traffic direction Rule Type Select IP to filter traffic by IP addresses Select MAC to filter tr...

Page 142: ...t 135 Neighbor Solicitation 136 Neighbor Advertisement 137 Redirect Redirect message Protocol This is the upper layer protocol that defines the service to which this rule applies By default it is ICMPv6 Source MAC Address This field is only available when you select MAC in the Rule Type field Enter the MAC address of the packets you wish to filter IPv6 MAC Filter Listing IPv6 MAC Filter Rule Index...

Page 143: ...r s Guide 151 Delete Click this to remove the filter rule selected in the IPv6 MAC Filter Rule Index field Cancel Click this to restore your previously saved settings Table 59 Security Filter IPv6 MAC Filter continued LABEL DESCRIPTION ...

Page 144: ...Chapter 13 Filter VMG1312 T10C User s Guide 152 ...

Page 145: ...r disabled The following figure illustrates the firewall action User A can initiate an IM Instant Messaging session from the LAN to the WAN 1 Return traffic for this session is also allowed 2 However other traffic initiated from the WAN is blocked 3 and 4 Figure 103 Default Firewall Action 14 1 1 What You Can Do in the Firewall Screens Use the General screen Section 14 2 on page 155 to select the ...

Page 146: ... pre configured to automatically detect and thwart all known DoS attacks DDoS A Distributed DoS DDoS attack is one in which multiple compromised systems attack a single target thereby causing denial of service for users of the targeted system LAND Attack In a Local Area Network Denial LAND attack hackers flood SYN packets into the network with a spoofed source IP address of the target system This ...

Page 147: ...probed ICMP Internet Control Message Protocol ICMP is a message control and error reporting protocol between a host server and a gateway to the Internet ICMP uses Internet Protocol IP datagrams but the messages are processed by the TCP IP software and directly apparent to the application user DoS Thresholds For DoS attacks the Device uses thresholds to determine when to drop sessions that do not b...

Page 148: ...t blocks anyone from the Internet from accessing any services on your local network Low This setting allows traffic to the Internet and also allows someone from the Internet to access services on your local network This would be used with Port Forwarding Default Server Custom This setting allows the customer to create and edit individual firewall rules Firewall rules can be created in the Default ...

Page 149: ...wn list boxes to select the default action that the firewall is to take on packets that are traveling in the selected direction and do not match any of the firewall rules Select Drop to silently discard the packets without sending a TCP reset packet or an ICMP destination unreachable message to the sender Select Reject to deny the packets and send a TCP reset packet for a TCP packet or an ICMP des...

Page 150: ...ank source or destination address is equivalent to Any Destination IP Address This column displays the destination addresses or ranges of addresses to which this firewall rule applies Please note that a blank source or destination address is equivalent to Any Service This column displays the services to which this firewall rule applies Action This field displays whether the firewall silently disca...

Page 151: ...iscard Drop deny and send an ICMP destination unreachable message to the sender of Reject or allow the passage of Permit packets that match this rule IP Version Type Select the IP version IPv4 or IPv6 to apply this firewall rule to Rate Limit Set a maximum number of packets per second minute or hour to limit the throughput of traffic that matches this rule Maximum Burst Number Set the maximum numb...

Page 152: ...ress Address Type Do you want your rule to apply to packets with a particular single IP a range of IP addresses for instance 192 168 1 10 to 192 169 1 50 a subnet or any IP address Select an option from the drop down list box that includes Single Address Range Address Subnet Address and Any Address Start IP Address Enter the single IP address or the starting IP address in a range here End IP Addre...

Page 153: ...es LABEL DESCRIPTION This is the number of your customized port Name This is the name of your customized service Protocol This shows the IP protocol TCP or UDP that defines your customized service Port Type This is the port number or range that defines your customized service Start Port This is a single port number or the starting port number of a range that defines your customized service End Por...

Page 154: ...es Add Edit LABEL DESCRIPTION Config Service Name Type a unique name for your custom port Service Type Choose the IP port TCP or UDP that defines your customized port from the drop down list box Port Configuration Type Click Single to specify one port only or Port Range to specify a span of ports that define your customized service Port Number Type a single port number or the range of port numbers...

Page 155: ...affic An unusually high number or arrival rate of half open sessions could indicate a DOS attack 14 5 1 1 Threshold Values If everything is working properly you probably do not need to change the threshold settings as the default threshold values should work for most small offices Tune these parameters when you believe the Device has been receiving DoS attacks that are not recorded in the logs or ...

Page 156: ...lf open sessions When the rate of new connection attempts rises above this number the Device deletes half open sessions as required to accommodate new connection attempts UDP Packet Count This is the rate of new UDP half open sessions per second that causes the firewall to start deleting half open sessions When the rate of new connection attempts rises above this number the Device deletes half ope...

Page 157: ...packets traveling in the following directions LAN to Router These rules specify which computers on the LAN can manage the Device remote management Note You can also configure the remote management settings to allow only a specific computer to manage the Device LAN to WAN These rules specify which computers on the LAN can access which computers or services on the WAN By default the Device s statefu...

Page 158: ... customized rules take precedence and override the Device s default rules 14 6 2 Guidelines For Enhancing Security With Your Firewall 1 Change the default password via web configurator 2 Think about access control before you connect to the network in any way 3 Limit who can access your router 4 Don t enable any local service such as telnet or FTP that you don t use Any enabled service could presen...

Page 159: ...l is on your Device acts as a secure gateway between your LAN and the Internet In an ideal network topology all incoming and outgoing network traffic passes through the Device to protect your LAN against attacks Figure 113 Ideal Firewall Setup 14 6 4 1 The Triangle Route Problem A traffic route is a path for sending or receiving data packets between two Ethernet devices You may have more than one ...

Page 160: ...th the Device being the gateway for each logical network It s like having multiple LAN networks that actually use the same physical cables and ports By putting your LAN and Gateway A in different subnets all returning network traffic must pass through the Device to your LAN The following steps describe such a scenario 1 A computer on the LAN initiates a connection by sending a SYN packet to a rece...

Page 161: ... following table describes the fields in this screen Table 68 Parental Control Parental Control LABEL DESCRIPTION Parental Control Select Enable to activate parental control Add new PCP Click this if you want to configure a new parental control rule This shows the index number of the rule Status This indicates whether the rule is active or not A yellow bulb signifies that this rule is active A gra...

Page 162: ...es Figure 117 Add Edit Parental Control Rule Network Service This shows whether the network service is configured If not None will be shown Website Blocked This shows whether the website block is configured If not None will be shown Modify Click the Edit icon to go to the screen where you can edit the rule Click the Delete icon to delete an existing rule Add Click Add to create a new schedule Appl...

Page 163: ... the time that the LAN user is allowed access Network Service Network Service Setting If you select Block the Device prohibits the users from viewing the Web sites with the URLs listed below If you select Access the Device blocks access to all URLs except ones listed below Add new service Click this to show a screen in which you can add a new service rule You can configure the Service Name Protoco...

Page 164: ...Chapter 15 Parental Control VMG1312 T10C User s Guide 172 ...

Page 165: ...uthorities A Certification Authority CA issues certificates and guarantees the identity of each certificate owner There are commercial certification authorities like CyberTrust or VeriSign and government certification authorities Public and Private Keys When using public key cryptology for authentication each host has two keys One key is public and can be made openly available the other key is pri...

Page 166: ...res and policies that handles keys is called PKI public key infrastructure Advantages of Certificates Certificates offer the following benefits The Device only has to store the certificates of the certification authorities that you decide to trust no matter how many devices you need to authenticate Key distribution is simple and very secure since you can freely distribute public keys and you never...

Page 167: ...d to verify that the certificate owner has the same information in the Thumbprint Algorithm and Thumbprint fields The secure method may very based on your situation Possible examples would be over the telephone or through an HTTPS connection 16 2 Local Certificates Use this screen to view the Device s summary list of certificates and certification requests You can import the following certificates...

Page 168: ...common name organizational unit or department organization or company and country Valid From This field displays the date that the certificate becomes applicable The text displays in red and includes a Not Yet Valid message if the certificate has not yet become applicable Valid To This field displays the date that the certificate expires The text displays in red and includes an Expiring or Expired...

Page 169: ...vice Reset Click this to clear your settings Table 70 Security Certificates Local Certificates continued LABEL DESCRIPTION Table 71 Security Certificates Trusted CA LABEL DESCRIPTION Import Certificate Click this button to open a screen where you can save the certificate of a certification authority that you trust to the Device Name This field displays the name used to identify this certificate Su...

Page 170: ...nge the certificate s name and set whether or not you want the Device to check a certification authority s list of revoked certificates before trusting a certificate issued by the certification authority Table 72 Security Certificates Trusted CA Import LABEL DESCRIPTION Certificate File Path Type in the location of the file you want to upload in this field or click Browse to find it Browse Click B...

Page 171: ...me type up to 31 characters to identify this key certificate You may use any character not including spaces Certificate Detail This read only text box displays the certificate or certification request in Privacy Enhanced Mail PEM format PEM uses 64 ASCII characters to convert the binary certificate into a printable form You can copy and paste the certificate into an e mail to send to friends or co...

Page 172: ...Chapter 16 Certificates VMG1312 T10C User s Guide 180 ...

Page 173: ...ol and attempted access to blocked web sites Some categories such as System Errors consist of both logs and alerts You may differentiate them by their color in the View Log screen Alerts display in red and logs display in black Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages A syslog enabl...

Page 174: ...tinued CODE SEVERITY Table 75 System Monitor Log LABEL DESCRIPTION Level Select a severity level from the drop down list box This filters search results according to the severity level you have selected When you select a severity the Device searches through all logs of that severity or higher Refresh Click this to renew the log screen Clear Logs Click this to delete all the logs Export Click this ...

Page 175: ...ften you want the Device to update this screen and click Set Interval to apply the change Click Stop to halt updating of the screen Connected Interface This shows the name of the WAN interface that is currently connected Packets Sent Data This indicates the number of transmitted packets on this interface Error This indicates the number of frames with errors transmitted on this interface Drop This ...

Page 176: ...en Interface This shows the LAN or WLAN interface Bytes Sent This indicates the number of bytes transmitted on this interface Bytes Received This indicates the number of bytes received on this interface Interface This shows the LAN or WLAN interface Sent Packet Data This indicates the number of transmitted packets on this interface Error This indicates the number of frames with errors transmitted ...

Page 177: ... Table 78 System Monitor Traffic Status NAT LABEL DESCRIPTION Refresh Interval Specify how often you want the Device to update this screen and click Set Interval to apply the change Click Stop to halt updating of the screen Device Name This shows the name of the client IP Address This shows the IP address of the client MAC Address This shows the MAC address of the client No of Open Session This sh...

Page 178: ...Chapter 17 System Monitor VMG1312 T10C User s Guide 186 ...

Page 179: ...nance User Account LABEL DESCRIPTION User Name You can configure the password for the admin account Old Password Type the default password or the existing password you use to access the system in this field New Password Type your new system password up to 30 characters Note that as you type a password the screen displays a for each character you type After you change the password use the new passw...

Page 180: ...Chapter 18 User Account VMG1312 T10C User s Guide 188 ...

Page 181: ...cedure Calls RPCs between an ACS and a client device RPCs are sent in Extensible Markup Language XML format over HTTP or HTTPS An administrator can use an ACS to remotely set up the Device modify settings perform firmware upgrades as well as monitor and diagnose the Device You have to enable the device to be managed by the ACS and specify the ACS IP address or domain name and username and password...

Page 182: ...r is the HTTP port port 80 If you change it make sure it does not conflict with another port on your network and it is recommended to use a port number above 1024 not a commonly used port The management server should use this port to connect to the Device You may need to alter your NAT port forwarding rules if they were already configured Connection Request User Name Enter the connection request u...

Page 183: ...escribes the labels in this screen Table 81 Maintenance System LABEL DESCRIPTION Administrator Inactivity Timer Type how many minutes a management session either via the web configurator can be left idle before the session times out The default is 5 minutes After it times out you have to log in with your password again Very long idle timeouts may have security risks A value of 0 means a management...

Page 184: ...Chapter 20 System VMG1312 T10C User s Guide 192 ...

Page 185: ...this screen to configure the Device s time based on your local time zone Figure 131 Maintenance Time Setting The following table describes the fields in this screen Table 82 Maintenance System Time Setting LABEL DESCRIPTION Current Date Time Current Time This field displays the time of your Device Current Date This field displays the date of your Device Time and Date Setup Manual Select this to en...

Page 186: ...uropean Union on the last Sunday of March All of the time zones in the European Union start using Daylight Saving Time at the same moment 1 A M GMT or UTC So in the European Union you would select Last Sunday March The time you type in the o clock field depends on your time zone In Germany for instance you would type 2 because Germany s time zone is one hour ahead of GMT or UTC GMT 1 End Date Conf...

Page 187: ...VMG1312 T10C User s Guide 195 CHAPTER 22 Log Setting 22 1 Overview You can configure where the Device sends logs and which logs and or immediate alerts the Device records in the Log Setting screen ...

Page 188: ...ice s log settings click Maintenance Log Setting The screen appears as shown Figure 132 Maintenance Log Setting The following table describes the fields in this screen Table 83 Maintenance Log Setting LABEL DESCRIPTION Syslog Setting Syslog Logging Select the Active check box to enable syslog logging ...

Page 189: ...s field If this field is left blank the Device does not send logs via E mail User Name Enter the user name up to 32 characters usually the user name of a mail account Password Enter the password associated with the user name above Log Schedule Specify the schedule for sending log Specify days and times for sending logs in the following fields Day For Sending Log Specify the day for sending log Tim...

Page 190: ...Chapter 22 Log Setting VMG1312 T10C User s Guide 198 ...

Page 191: ...o three minutes After a successful upload the system will reboot Do NOT turn off the Device while firmware upload is in progress Figure 133 Maintenance Firmware Upgrade The following table describes the labels in this screen Table 84 Maintenance Firmware Upgrade LABEL DESCRIPTION Upgrade Firmware Use these fields to upload firmware to the Device Current Firmware Version This is the present firmwar...

Page 192: ...cally restarts in this time causing a temporary network disconnect In some operating systems you may see the following icon on your desktop Figure 135 Network Temporarily Disconnected After two minutes log in again and check your new firmware version in the Status screen If the upload was not successful an error screen will appear Click OK to go back to the Firmware Upgrade screen Figure 136 Error...

Page 193: ...oring configuration appears in this screen as shown next Figure 137 Maintenance Backup Restore Backup Configuration Backup Configuration allows you to back up save the Device s current configuration to a file on your computer Once your Device is configured and functioning properly it is highly recommended that you back up your configuration file before making configuration changes The backup confi...

Page 194: ...r desktop Figure 138 Network Temporarily Disconnected If you restore the default configuration you may need to change the IP address of your computer to be in the same subnet as that of the default device IP address 192 168 1 1 If the upload was not successful an error screen will appear Click OK to go back to the Configuration screen Table 85 Restore Configuration LABEL DESCRIPTION File Path Type...

Page 195: ... Reset In Process Message You can also press the RESET button on the back panel to reset the factory defaults of your Device Refer to Section 1 6 on page 18 for more information on the RESET button 24 3 The Reboot Screen System restart allows you to reboot the Device remotely without turning the power off You may need to do this if the Device hangs for example Click Maintenance Reboot Click the Re...

Page 196: ...Chapter 24 Backup Restore VMG1312 T10C User s Guide 204 ...

Page 197: ...emote location via Internet WAN only LAN only LAN and WAN None Disable To disable remote management of a service select Disable in the corresponding Service Access field 25 1 1 What You Can Do in the Remote Management Screens Use the WWW screen Section 25 2 on page 206 to configure through which interfaces and from which IP addresses users can use HTTP to manage the Device Use the Telnet screen Se...

Page 198: ...3 to configure through which interfaces and from which IP addresses users can use SSH to manage the Device 25 1 2 What You Need to Know About Remote Management Remote Management Limitations Remote management does not work when You have not enabled that service on the interface in the corresponding remote management screen You have disabled that service in one of the remote management screens The I...

Page 199: ...er Access Select the interfaces through which a computer may access the Device using this service Note It is recommended if you are allowing WAN access even temporarily to change the default password in Maintenance User Account To allow access from the WAN you will need to configure a WAN to Router firewall rule Secured Client IP Address A secured client is a trusted computer that is allowed to co...

Page 200: ...ays the service port number for accessing the Device If the number is grayed out it is not editable Server Access Select the interfaces through which a computer may access the Device using this service Note It is recommended if you are allowing WAN access even temporarily to change the default password in Maintenance User Account To allow access from the WAN you will need to configure a WAN to Rou...

Page 201: ...s Your Device supports SNMP agent functionality which allows a manager station to manage and monitor the Device through the network The Device supports SNMP version Table 88 Maintenance Remote MGMT FTP LABEL DESCRIPTION Server Port This displays the service port number for accessing the Device If the number is grayed out it is not editable Server Access Select the interfaces through which a comput...

Page 202: ...tion from the managed device into a form compatible with SNMP The manager is the console through which network administrators perform network management functions It executes applications that control and monitor managed devices The managed devices contain object variables managed objects that define each piece of information to be collected about a device Examples of variables include such as num...

Page 203: ...ddress A secured client is a trusted computer that is allowed to access the SNMP agent on the Device Select All to allow any computer to access the SNMP agent Choose Range to just allow the computers with an IP address in the range that you specify to access the Device using this service Get Community Enter the Get Community which is the password for the incoming Get and GetNext requests from the ...

Page 204: ...station to send your SNMP traps to Apply Click Apply to save your changes back to the Device Cancel Click Cancel to begin configuring this screen afresh Table 89 Maintenance Remote MGMT SNMP continued LABEL DESCRIPTION Table 90 Maintenance Remote MGMT DNS LABEL DESCRIPTION Server Port This displays the service port number for accessing the Device If the number is grayed out it is not editable Acce...

Page 205: ...access the Device s command line interface Specify which interfaces allow SSH access and from which IP address the access can come SSH is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network Table 91 Maintenance Remote MGMT ICMP LABEL DESCRIPTION Respond to Ping on The Device will not ...

Page 206: ... Device If the number is grayed out it is not editable Server Access Select the interfaces through which a computer may access the Device using this service Note It is recommended if you are allowing WAN access even temporarily to change the default password in Maintenance User Account To allow access from the WAN you will need to configure a WAN to Router firewall rule Secured Client IP Address A...

Page 207: ...anagement VMG1312 T10C User s Guide 215 1 Enter the IP address and port number Select SSH 2 A window displays prompting you to store the host key in your computer Click Yes to continue 3 Enter your user name and password ...

Page 208: ...Chapter 25 Remote Management VMG1312 T10C User s Guide 216 4 The command line interface displays ...

Page 209: ...view the DSL line statistics and reset the ADSL line 26 2 The Ping Screen Ping and traceroute help check availability of remote hosts and also help troubleshoot network or Internet connections Click Maintenance Diagnostic to open the Ping screen shown next Figure 150 Maintenance Diagnostic Ping The following table describes the fields in this screen Table 93 Maintenance Diagnostic Ping LABEL DESCR...

Page 210: ... VDSL connections If your WAN connection is ADSL the screen is as shown Figure 151 Maintenance Diagnostic DSL Line ADSL TracerouteV6 Click this to show the path that packets take from the system to the IPv6 address that you entered TraceRouteV4 Click this button to perform the traceroute function This determines the path a packet takes to the specified host Table 93 Maintenance Diagnostic Ping con...

Page 211: ...outDiscards is the number of ATM cells sent that were rejected inF4Pkts is the number of ATM Operations Administration and Management OAM F4 cells that have been received See ITU recommendation I 610 for more on OAM for ATM outF4Pkts is the number of ATM OAM F4 cells that have been sent inF5Pkts is the number of ATM OAM F5 cells that have been received outF5Pkts is the number of ATM OAM F5 cells t...

Page 212: ... bits transmitted for each tone This can be used to determine the quality of the connection whether a given sub carrier loop has sufficient margins to support certain ADSL transmission rates and possibly to determine whether particular specific types of interference or line attenuation exist Refer to the ITU T G 992 1 recommendation for more information on DMT The better or shorter the line the hi...

Page 213: ...us Click this to view your VDSL line connection status Reset VDSL Line Click this to reinitialize the VDSL line The large text box above then displays the progress and results of this operation Table 95 Maintenance Diagnostic DSL Line VDSL continued LABEL DESCRIPTION ...

Page 214: ...Chapter 26 Diagnostic VMG1312 T10C User s Guide 222 ...

Page 215: ...LEDs turn on 1 Make sure the Device is turned on 2 Make sure you are using the power adaptor or cord included with the Device 3 Make sure the power adaptor or cord is connected to the Device and plugged in to an appropriate power source Make sure the power source is turned on 4 Turn the Device off and on 5 If the problem continues contact the vendor One of the LEDs does not behave as expected 1 Ma...

Page 216: ...ot work you have to reset the device to its factory defaults See Section 1 6 on page 18 I forgot the password 1 The default admin password is 1234 and the default user password is 1234 2 If you can t remember the password you have to reset the device to its factory defaults See Section 1 6 on page 18 I cannot see or access the Login screen in the web configurator 1 Make sure you are using the corr...

Page 217: ... is admin These fields are case sensitive so make sure Caps Lock is not on 2 You cannot log in to the web configurator while someone is using Telnet to access the Device Log out of the Device in the other session or ask the person who is logged in to log out 3 Turn the Device off and on 4 If this does not work you have to reset the device to its factory defaults See Section 27 2 on page 223 I cann...

Page 218: ...t your ISP I cannot access the Internet anymore I had access to the Internet with the Device but my Internet connection is not available anymore 1 Check the hardware connections and make sure the LEDs are behaving as expected See the Quick Start Guide and Section 1 7 on page 18 2 Turn the Device off and on 3 If the problem continues contact your ISP The Internet connection is slow or intermittent ...

Page 219: ...s that use the Internet especially peer to peer applications If the wireless client is sending or receiving a lot of information it may have too many programs open that use the Internet What wireless security modes does my Device support Wireless security is vital to your network It protects communications between wireless stations access points and the wired network The available security modes i...

Page 220: ... connect your USB device to the Device 27 7 UPnP When using UPnP and the Device reboots my computer cannot detect UPnP and refresh My Network Places Local Network 1 Disconnect the Ethernet cable from the Device s LAN port or from your computer 2 Re connect the Ethernet cable The Local Area Connection icon for UPnP disappears in the screen Restart your computer I cannot open special applications su...

Page 221: ...se have the following information ready when you contact an office Required Information Product model and serial number Warranty Information Date that you received your device Brief description of the problem and the steps you took to solve it Corporate Headquarters Worldwide Taiwan ZyXEL Communications Corporation http www zyxel com Asia China ZyXEL Communications Shanghai Corp ZyXEL Communicatio...

Page 222: ...l com pk Philippines ZyXEL Philippines http www zyxel com ph Singapore ZyXEL Singapore Pte Ltd http www zyxel com sg Taiwan ZyXEL Communications Corporation http www zyxel com Thailand ZyXEL Thailand Co Ltd http www zyxel co th Vietnam ZyXEL Communications Corporation Vietnam Office http www zyxel com vn vi Europe Austria ZyXEL Deutschland GmbH http www zyxel de Belarus ZyXEL BY http www zyxel by ...

Page 223: ...ommunications Czech s r o http www zyxel cz Denmark ZyXEL Communications A S http www zyxel dk Estonia ZyXEL Estonia http www zyxel com ee et Finland ZyXEL Communications http www zyxel fi France ZyXEL France http www zyxel fr Germany ZyXEL Deutschland GmbH http www zyxel de Hungary ZyXEL Hungary SEE http www zyxel hu Latvia ZyXEL Latvia http www zyxel com lv lv homepage shtml ...

Page 224: ...yXEL Communications http www zyxel no Poland ZyXEL Communications Poland http www zyxel pl Romania ZyXEL Romania http www zyxel com ro ro Russia ZyXEL Russia http www zyxel ru Slovakia ZyXEL Communications Czech s r o organizacna zlozka http www zyxel sk Spain ZyXEL Spain http www zyxel es Sweden ZyXEL Communications http www zyxel se Switzerland Studerus AG http www zyxel ch ...

Page 225: ... Latin America Argentina ZyXEL Communication Corporation http www zyxel com ec es Ecuador ZyXEL Communication Corporation http www zyxel com ec es Middle East Egypt ZyXEL Communication Corporation http www zyxel com homepage shtml Middle East ZyXEL Communication Corporation http www zyxel com homepage shtml North America USA ZyXEL Communications Inc North America Headquarters http www us zyxel com...

Page 226: ...Appendix A Customer Support VMG1312 T10C User s Guide 234 Oceania Australia ZyXEL Communications Corporation http www zyxel com au en Africa South Africa Nology Pty Ltd http www zyxel co za ...

Page 227: ...ence to radio communications However there is no guarantee that interference will not occur in a particular installation If this device does cause harmful interference to radio television reception which can be determined by turning the device off and on the user is encouraged to try to correct the interference by one or more of the following measures 1 Reorient or relocate the receiving antenna 2...

Page 228: ...please contact your vendor or ZyXEL Technical Support at support zyxel com tw Regulatory Information European Union The following information applies if you use the product within the European Union Declaration of Conformity with Regard to EU Directive 1999 5 EC R TTE Directive Compliance Information for Wireless Products Relevant to the EU and Other Countries Following the EU Directive 1999 5 EC ...

Page 229: ...mètres doivent être notifiées à l Institut Belge des services Postaux et des Télécommunications IBPT Visitez http www ibpt be pour de plus amples détails Denmark In Denmark the band 5150 5350 MHz is also allowed for outdoor usage I Danmark må frekvensbåndet 5150 5350 også anvendes udendørs France For 2 4 GHz the output power is restricted to 10 mW EIRP when the product is used outdoors in the band...

Page 230: ...ice can be calculated by adding the gain of the antenna used specified in dBi to the output power available at the connector specified in dBm List of national codes Safety Warnings Do NOT use this product near water for example in a wet basement or near a swimming pool Do NOT expose your device to dampness dust or corrosive liquids Do NOT store things on the device Do NOT install use or service th...

Page 231: ...ne cord Antenna Warning This device meets ETSI and FCC certification requirements when using the included antenna s Only use the included antenna s If you wall mount your device make sure that no electrical lines gas or water pipes will be damaged This product is for indoor use only utilisation intérieure exclusivement Do not use this product near water for example near a bathtub washbowl kitchen ...

Page 232: ...Appendix B Legal Information VMG1312 T10C User s Guide 240 ...

Page 233: ... 77 C CA 173 CBR 44 50 certificate factory default 176 certificates 173 CA 173 replacing 176 storage space 176 thumbprint algorithms 175 thumbprints 175 trusted CAs 177 verifying fingerprints 174 Certification Authority see CA certifications 235 notices 235 viewing 236 channel scan 59 channel wireless LAN 56 CLI 15 client list 90 Command Line Interface see CLI compatibility WDS 69 configuration 10...

Page 234: ...ard 145 E encapsulation 36 40 46 ENET ENCAP 52 PPPoA 53 PPPoE 53 RFC 1483 53 encryption 76 ENET ENCAP 40 46 52 Extended Service Set IDentification 58 65 F FCC interference statement 235 File Sharing 97 filters 147 IP MAC 148 150 IP MAC filter configuration 148 150 MAC address 66 firewalls 153 actions 159 address types 160 anti probing 155 customized services 160 162 DDoS 154 default action 157 DoS...

Page 235: ...ddress 90 multicast 89 LAN TCP IP 102 LAND attack 154 limitations wireless LAN 76 WPS 83 Local Area Network see LAN login passwords 21 logout 21 automatic 21 logs 195 firewalls 159 M MAC 31 32 MAC address 67 90 filter 66 MAC authentication 66 Management Information Base MIB 210 Maximum Burst Size see MBS Maximum Transmission Unit see MTU MBS 44 50 MBSSID 77 Media Access Control see MAC Address mod...

Page 236: ...rver 75 registration product 236 related documentation 2 remote management 205 DNS 212 FTP 209 ICMP 213 NAT 206 TR 069 189 WWW 207 Remote Procedure Calls see RPCs 189 reset 18 203 restart 203 restoring configuration 202 RFC 1483 40 46 53 RFC 1631 131 RFC 3164 181 RIP 43 Routing Information Protocol see RIP RPPCs 189 RTS threshold 74 S scan 59 scheduling wireless LAN 71 SCR 44 50 security network 1...

Page 237: ...icates 177 U UBR 44 50 unicast 36 Universal Plug and Play see UPnP upgrading firmware 199 UPnP 92 forum 86 security issues 86 V VBR nRT 44 50 VBR RT 44 50 VCI 40 47 54 version firmware version 31 Virtual Channel Identifier see VCI Virtual Path Identifier see VPI VPI 40 47 54 W WAN 35 ATM QoS 44 50 encapsulation 36 40 46 IGMP 36 IP address 36 49 54 mode 40 46 MTU 44 multicast 36 44 multiplexing 40 ...

Page 238: ...US server 75 RTS CTS threshold 74 scheduling 71 security 74 SSID 75 activation 64 WDS 69 78 compatibility 69 example 78 WEP 76 WPA 76 WPA PSK 76 WPS 78 80 example 81 limitations 83 PIN 79 push button 17 78 wireless network example 55 wizard setup Internet 25 WLAN 55 auto scan channel 59 scheduling 71 see also wireless WPA 76 WPA PSK 76 WPS 78 80 example 81 limitations 83 PIN 79 example 80 push but...

Reviews:

No comments

Related manuals for VMG1312-T10C

Brand: AccessZone Pages: 7

Brand: Ideal Life Pages: 16

TS7650G PROTECTIER DEDUPLICATION GATEWAY

Brand: IBM Pages: 11

Brand: XiNCOM Pages: 82

FieldServer ProtoNode

Brand: SMC Sierra Monitor Pages: 4

Brand: ABB Pages: 22

Brand: ViewSonic Pages: 34

Brand: ActionTec Pages: 73

Brand: enphase Pages: 3

Brand: enphase Pages: 6

ENV-S-AM1-230-60

Brand: enphase Pages: 37

Enphase Envoy-S Metered

Brand: enphase Pages: 49

Brand: Bogen Pages: 33

Brand: Eaton Pages: 7

Brand: AirLive Pages: 81

Brand: AirLive Pages: 82

High Rate Wireless LAN Gateway

Brand: IBM Pages: 44

Brand: Innbox Pages: 11

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands