manualshive.com logo in svg

ZyXEL Communications ZYAIR, User Manual

The ZyXEL Communications ZYAIR is a high-performance networking device designed for seamless connectivity. Unlock its full potential by downloading the User Manual for free from our website. Find all the information you need to optimize your device's performance and make the most out of its features.

Share
Download
background image

 

 

 

 

ZyAIR  

Wireless Gateway Series   

 

 

User's Guide 

Version 3.50 

July 2003 

 

 

 

 

Summary of Contents for ZYAIR

Page 1: ...ZyAIR Wireless Gateway Series User s Guide Version 3 50 July 2003...

Page 2: ...hed by ZyXEL Communications Corporation All rights reserved Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products or software described herein Neither do...

Page 3: ...io frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications If this equipment does cause harmful interference to radio...

Page 4: ...of the purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability or fitness for a particular use or purpose ZyXEL shall in no eve...

Page 5: ...578 3942 www zyxel com www europe zyxel com WORLDWIDE sales zyxel com tw 886 3 578 2439 ftp europe zyxel com ZyXEL Communications Corp 6 Innovation Road II Science Based Industrial Park Hsinchu 300 T...

Page 6: ...b Configurator 2 1 2 3 Resetting the ZyAIR 2 2 2 3 1 Procedure to Use the Reset Button 2 2 2 3 2 Uploading a Configuration File via Console Port 2 3 2 4 Navigating the ZyAIR Web Configurator 2 4 Chapt...

Page 7: ...Configuration and Roaming 6 1 6 1 Wireless LAN Overview 6 1 6 1 1 IBSS 6 1 6 1 2 BSS 6 1 6 1 3 ESS 6 2 6 2 Wireless LAN Basics 6 3 6 2 1 RTS CTS 6 3 6 2 2 Fragmentation Threshold 6 4 6 3 Configuring W...

Page 8: ...ypes 9 4 9 1 6 SUA Single User Account Versus NAT 9 5 9 2 SUA Server 9 5 9 2 1 Port Forwarding Services and Port Numbers 9 6 9 2 2 Configuring Servers Behind SUA Example 9 7 9 3 Configuring SUA Server...

Page 9: ...ement 13 1 13 1 Remote Management Overview 13 1 13 1 1 Remote Management Limitations 13 1 13 1 2 Remote Management and NAT 13 2 13 1 3 System Timeout 13 2 13 2 Telnet 13 2 13 3 Configuring TELNET 13 3...

Page 10: ...6 4 1 Channel Usage 16 5 16 5 F W Upload Screen 16 8 16 6 Configuration Screen 16 10 16 6 1 Backup Configuration 16 10 16 6 2 Restore Configuration 16 11 16 6 3 Back to Factory Defaults 16 13 SMT GETT...

Page 11: ...21 7 Chapter 22 Dial in User Setup 22 1 22 1 Dial in User Setup 22 1 Chapter 23 Network Address Translation NAT 23 1 23 1 Introduction 23 1 23 1 1 Applying NAT 23 1 23 2 NAT Setup 23 2 23 2 1 Address...

Page 12: ...3 Log and Trace 27 5 27 3 1 Viewing Error Log 27 5 27 3 2 UNIX Syslog 27 6 27 3 3 Call Triggering Packet 27 7 27 4 Diagnostic 27 7 Chapter 28 Firmware and Configuration File Maintenance 28 1 28 1 File...

Page 13: ...to 24 10 29 1 29 1 Command Interpreter Mode 29 1 29 2 Call Control Support 29 2 29 2 1 Budget Management 29 2 29 2 2 Call History 29 3 29 3 Time and Date Setting 29 4 29 3 1 Resetting the Time 29 5 Ch...

Page 14: ...tion F 1 Appendix G Antenna Selection and Positioning Recommendation G 1 Appendix H PPPoE H 1 Appendix I PPTP I 1 Appendix J IP Subnetting J 1 Appendix K Command Interpreter K 1 Appendix L NetBIOS Fil...

Page 15: ...m General Setup 4 1 Figure 4 2 DDNS 4 3 Figure 4 3 Password 4 5 Figure 4 4 Time Setting 4 6 Figure 5 1 LAN WAN IPs 5 1 Figure 5 2 IP 5 4 Figure 6 1 IBSS Ad hoc Wireless LAN 6 1 Figure 6 2 Basic Servic...

Page 16: ...to LAN Traffic 12 5 Figure 12 3 Firewall Settings 12 6 Figure 12 4 Firewall Filter 12 8 Figure 12 5 Firewall Services 12 10 Figure 13 1 Telnet Configuration on a TCP IP Network 13 2 Figure 13 2 Telnet...

Page 17: ...19 1 Figure 19 3 Menu 3 2 TCP IP and DHCP Ethernet Setup 19 2 Figure 19 4 Physical Network 19 4 Figure 19 5 Partitioned Logical Networks 19 4 Figure 19 6 Menu 3 2 TCP IP and DHCP Ethernet Setup 19 5 F...

Page 18: ...rt Setup 23 17 Figure 24 1 Outgoing Packet Filtering Process 24 1 Figure 24 2 Filter Rule Process 24 2 Figure 24 3 Menu 21 1 Filter Set Configuration 24 3 Figure 24 4 NetBIOS_WAN Filter Rules Summary...

Page 19: ...n 28 9 Figure 28 10 System Maintenance Starting Xmodem Download Screen 28 9 Figure 28 11 Restore Configuration Example 28 10 Figure 28 12 Successful Restoration Confirmation Screen 28 10 Figure 28 13...

Page 20: ......

Page 21: ...6 1 Wireless 6 6 Table 6 2 Roaming 6 9 Table 7 1 Wireless WEP Fields 7 4 Table 7 2 MAC Address Filter 7 7 Table 7 3 Wireless LAN 802 1x 7 11 Table 7 4 Local User Database 7 14 Table 7 5 RADIUS 7 15 Ta...

Page 22: ...tics 16 3 Table 16 3 DHCP Table 16 4 Table 16 4 Association List 16 5 Table 16 5 Channel Usage ZyAIR B 2000 16 6 Table 16 6 Channel Usage 16 7 Table 16 7 Firmware Upgrade 16 9 Table 16 8 Restore Confi...

Page 23: ...r Rule 24 11 Table 24 5 Filter Sets Table 24 15 Table 25 1 Menu 22 SNMP Configuration 25 1 Table 26 1 Menu 23 2 System Security RADIUS Server 26 2 Table 26 2 Menu 23 4 System Security IEEE802 1x 26 4...

Page 24: ...ator parts of this guide contain background information on features configurable by the web configurator and the SMT The SMT parts of this guide contain background information on features not configur...

Page 25: ...use e g as a shorthand for for instance and i e for that is or in other words throughout this manual The ZyAIR Wireless Gateway series may be referred to simply as the ZyAIR in the user s guide User G...

Page 26: ......

Page 27: ...Overview I Part I OVERVIEW This part introduces the main features and applications of the ZyAIR and shows how to access the web configurator and use the Wizard to configure for Internet Access...

Page 28: ......

Page 29: ...configurator and SNMP network management enables remote configuration and management of your ZyAIR 1 2 ZyAIR Features The following sections describe the features of the ZyAIR Wireless Gateway series...

Page 30: ...ithout manual intervention It allows data transfer of either 10 Mbps or 100 Mbps in either half duplex or full duplex mode depending on your Ethernet network 10 100M Auto crossover Ethernet Fast Ether...

Page 31: ...prone to RF Radio Frequency interference from other 2 4 GHz devices such as microwave ovens wireless phones Bluetooth enabled devices and other wireless LANs Output Power Management Power Management...

Page 32: ...niversal Plug and Play UPnP Using the standard TCP IP protocol the ZyAIR and other UPnP enabled devices can dynamically join a network obtain an IP address and convey its capabilities to other devices...

Page 33: ...e transmitted in two ways unicast or broadcast Multicast is a third way to deliver IP packets to a group of hosts IGMP Internet Group Management Protocol is the protocol used to support multicast grou...

Page 34: ...are upgrades as well as configuration file backups and restoration Wireless Association List With the Wireless Association List you can see the list of the wireless stations that are currently using t...

Page 35: ...ZyAIR Wireless Gateway Series User s Guide Getting to Know Your ZyAIR 1 7 Figure 1 1 Internet Access Application Example...

Page 36: ......

Page 37: ...ZyAIR Web Configurator Step 1 Make sure your ZyAIR hardware is properly connected refer to the Quick Installation Guide Step 2 Prepare your computer to connect to the ZyAIR refer to the Setting Up You...

Page 38: ...reviously and the speed of the console port will be reset to the default of 9600bps with 8 data bit no parity one stop bit and flow control set to none The password will be reset to 1234 also 2 3 1 Pr...

Page 39: ...sage Press any key to enter Debug Mode within 3 seconds press any key to enter debug mode Step 3 Enter y at the prompt below to go into debug mode Step 4 Enter atlc after Enter Debug Mode message Step...

Page 40: ...your ZyAIR or upgrade configuration firmware files Maintenance includes SYSTEM STATUS Statistics DHCP TABLE F W Firmware UPGRADE CONFIGURATION Backup Restore Default and Wireless Association List and...

Page 41: ...el at least five channels away from a channel that an adjacent AP is using For example if your region has 11 channels and an adjacent AP is using channel 1 then you need to select a channel between 6...

Page 42: ...ries User s Guide 3 2 Wizard Setup 3 2 Wizard Setup General Setup General Setup contains administrative and system related information Figure 3 1 Wizard 1 General Setup The following table describes t...

Page 43: ...r the Computer name field and enter it as the System Name In Windows XP click Start My Computer View system information and then click the Computer Name tab Note the entry in the Full computer name fi...

Page 44: ...eld on the ZyAIR make sure all wireless stations use the same ESSID in order to access the network Choose Channel ID To manually set the ZyAIR to use a channel select a channel from the drop down list...

Page 45: ...ZyAIR and the wireless stations must use the same WEP key for data transmission If you chose 64 bit WEP then enter any 5 ASCII characters or 10 hexadecimal characters 0 9 A F If you chose 128 bit WEP...

Page 46: ...ernet option when the WAN port is used as a regular Ethernet Otherwise choose PPPoE or PPTP for a dial up connection Service Type Select from Standard RR Toshiba RoadRunner Toshiba authentication meth...

Page 47: ...elia Login only The Telia server logs the ZyAIR out if the ZyAIR does not log in periodically Type the number of minutes from 1 to 59 30 recommended for the ZyAIR to wait between logins This field is...

Page 48: ...able 3 4 Wizard 3 PPTP Encapsulation LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation Select PPTP from the drop down list box User Name Type the user name given to you by your ISP Pa...

Page 49: ...s the existing Microsoft Dial Up Networking experience and requires no new learning or procedures For the service provider PPPoE offers an access and authentication method that works with existing acc...

Page 50: ...e 3 5 Wizard 3 PPPoE Encapsulation LABEL DESCRIPTION ISP Parameter for Internet Access Encapsulation Choose an encapsulation method from the pull down list box PPPoE forms a dial up connection Service...

Page 51: ...a unique IP address If your networks are isolated from the Internet for instance only between your two branch offices you can assign any IP addresses to the hosts without problems However the Interne...

Page 52: ...wise Let s say you select 192 168 1 0 as the network number which covers 254 individual addresses from 192 168 1 1 to 192 168 1 254 zero and 255 are reserved In other words the first three numbers spe...

Page 53: ...rom file ZyNOS configuration file It will not change unless you change the setting or upload a different rom file ZyXEL recommends you clone the MAC address from a workstation on your LAN even if your...

Page 54: ...ard 4 WAN and DNS LABEL DESCRIPTION WAN IP Address Assignment Get automatically from ISP Select this option If your ISP did not assign you a fixed IP address This is the default selection Use fixed IP...

Page 55: ...ields WAN MAC Address The MAC address field allows you to configure the WAN port s MAC address by either using the factory default or cloning the MAC address from a workstation on your LAN Factory Def...

Page 56: ...ZyAIR Wireless Gateway Series User s Guide 3 16 Wizard Setup Figure 3 7 Setup Complete Well done You have successfully set up your ZyAIR to operate on your network and access the Internet...

Page 57: ...System LAN and Wireless II Part II SYSTEM LAN AND WIRELESS This part discusses the System LAN and Wireless setup screens...

Page 58: ......

Page 59: ...r provides information on the System screens 4 1 System Overview This section provides information on general system setup 4 2 Configuring General Setup Click ADVANCED and then SYSTEM to open the Gene...

Page 60: ...rver information and the ZyAIR s WAN IP address The field to the right displays the read only DNS server IP address that the ISP assigns Select User Defined if you have the IP address of a DNS server...

Page 61: ...password or key 4 3 1 DYNDNS Wildcard Enabling the wildcard feature for your host causes yourhost dyndns org to be aliased to the same IP address as yourhost dyndns org This feature is useful if you...

Page 62: ...have traffic redirected to a URL that you can specify while you are off line Edit Update IP Address Server Auto Detect Select this option to update the IP address of the host name s automatically by t...

Page 63: ...ers Note that as you type a password the screen displays an asterisk for each character you type Retype to Confirm Retype your new system password for confirmation Apply Click Apply to save your chang...

Page 64: ...ZyAIR Not all time servers support all protocols so you may have to check with your ISP network administrator or use trial and error to find a protocol that works The main difference between them is t...

Page 65: ...time with the time server New Date yyyy mm dd This field displays the last updated date from the time server When you select None in the Time Protocol field enter the new date in this field and then...

Page 66: ......

Page 67: ...zard Setup chapter for the background information about Primary and Secondary DNS Server and IP Address and Subnet Mask 5 2 LANs and WANs A LAN is a computer network limited to the immediate area usua...

Page 68: ...p regarding what fields need to be configured 5 5 RIP Setup RIP Routing Information Protocol RFC 1058 and RFC 1389 allows a router to exchange routing information with other routers RIP Direction cont...

Page 69: ...ss D IP address is used to identify host groups and can be in the range 224 0 0 0 to 239 255 255 255 The address 224 0 0 0 is not assigned to any group and is used by IP multicast computers The addres...

Page 70: ...User s Guide for background information DHCP Server Select this option to allow your ZyAIR to assign IP addresses an IP default gateway and DNS servers to Windows 95 Windows NT and other systems that...

Page 71: ...sends a DNS query to the ZyAIR the ZyAIR forwards the query to the ZyAIR s system DNS server configured in the SYSTEM General screen and relays the response back to the computer You can only select DN...

Page 72: ...ZyAIR Wireless Gateway Series User s Guide 5 6 LAN Screens Table 5 1 IP LABEL DESCRIPTION Reset Click Reset to reload the previous configuration for this screen...

Page 73: ...omputers with wireless adapters within range of each other that from an independent wireless network without the need of an access point AP Figure 6 1 IBSS Ad hoc Wireless LAN 6 1 2 BSS A Basic Servic...

Page 74: ...es of overlapping BSSs each containing an access point with each access point connected together by a wired network This wired connection between APs is called a Distribution System DS An ESSID ESS ID...

Page 75: ...annels 6 2 1 RTS CTS A hidden node occurs when two stations are within range of the same access point but are not within range of each other The following figure illustrates a hidden node Both station...

Page 76: ...r their transmission It also reserves and confirms with the requesting station the time frame for the requested transmission Stations can send frames smaller than the specified RTS CTS directly to the...

Page 77: ...see previously you set then the RTS Request To Send CTS Clear to Send handshake will never occur as data frames will be fragmented before they reach RTS CTS size 6 3 Configuring Wireless If you are co...

Page 78: ...de 6 6 Wireless Configuration and Roaming Figure 6 5 Wireless The following table describes the general wireless LAN labels in this screen Table 6 1 Wireless LABEL DESCRIPTION Enable Wireless LAN Clic...

Page 79: ...drop down list box Click MAINTENANCE WIRELESS and then the Channel Usage tab to open the Channel Usage screen to make sure the channel is not already used by another AP or independent peer to peer wir...

Page 80: ...about the change The new information is then propagated to the other access points on the LAN An example is shown in Figure 6 6 If the roaming feature is not enabled on the access points information i...

Page 81: ...t radio channels when their coverage areas overlap 4 All access points must use the same port number to relay roaming information 5 The access points must be connected to the Ethernet and be able to g...

Page 82: ...Port Enter the port number to communicate roaming information between APs The port number must be the same on all APs The default is 16290 Make sure this port is not used by other services Apply Clic...

Page 83: ...es interaction with a RADIUS Remote Authentication Dial In User Service server either on the WAN or your LAN to provide authentication service for wireless stations Figure 7 1 ZyAIR Wireless Security...

Page 84: ...ves an unencrypted two message procedure A wireless station sends an open system authentication request to the AP which will then automatically accept and connect the wireless station to the network I...

Page 85: ...true for shared key authentication However when it is set to auto authentication the ZyAIR will accept either type of authentication request and the ZyAIR will fall back to use open authentication if...

Page 86: ...decimal characters 0 9 A F If you chose 128 bit WEP then enter 13 ASCII characters or 26 hexadecimal characters 0 9 A F You must configure all four keys but only one key can be activated at any one ti...

Page 87: ...32 devices Allow Association or exclude up to 32 devices from accessing the ZyAIR Deny Association Every Ethernet device has a unique MAC Media Access Control address The MAC address is assigned at t...

Page 88: ...ZyAIR Wireless Gateway Series User s Guide 7 6 Wireless Security Figure 7 4 MAC Address Filter The following table describes the labels in this menu...

Page 89: ...for this screen 7 5 802 1x Overview The IEEE 802 1x standard outlines enhanced security methods for both the authentication of wireless stations and encryption key management Authentication can be don...

Page 90: ...secret key which is a password they both know The key is not sent over the network In addition to the shared key password information exchanged is also encrypted to protect the wired network from unau...

Page 91: ...e and determines whether or not to authenticate the wireless station 7 7 Dynamic WEP Key Exchange The AP maps a unique key that is generated with the RADIUS server This key expires when the wireless c...

Page 92: ...cate wireless users without interacting with a network RADIUS server However there is a limit on the number of users you may authenticate in this way 7 9 Configuring 802 1x To change your ZyAIR s auth...

Page 93: ...o the wired network ReAuthentication Timer in seconds Specify how often wireless stations have to reenter usernames and passwords in order to stay connected This field is activated only when you selec...

Page 94: ...se on the ZyAIR for a wireless station s username and password If the user name is not found the ZyAIR then checks the user database on the specified RADIUS server Select RADIUS first then Local to ha...

Page 95: ...ernal RADIUS server or create local user accounts on the ZyAIR for authentication 7 10 Configuring Local User Database To change your ZyAIR s local user database click ADVANCED WIRELESS and then the L...

Page 96: ...sword Type a password up to 31 characters for this user profile Note that as you type a password the screen displays a for each character you type Apply Click Apply to save your changes back to the Zy...

Page 97: ...d the ZyAIR The key must be the same on the external authentication server and your ZyAIR The key is not sent over the network Accounting Server Active Select Yes from the drop down list box to enable...

Page 98: ......

Page 99: ...WAN III Part III WAN This part covers the web configurator screen and information about WAN...

Page 100: ......

Page 101: ...pter for more background information on most fields in the WAN screens Background information on WAN fields not included in the Wizard is described here 8 2 Configuring WAN ISP To change your ZyAIR s...

Page 102: ...Roadrunner Manager authentication method RR Telstra or Telia Login Choose a Roadrunner service type if your ISP is Time Warner s Roadrunner otherwise choose Standard Apply Click Apply to save your cha...

Page 103: ...Server IP address if this field is left blank If it does not then you must enter the authentication server IP address Login Server Telia Login only Type the domain name of the Telia login server for...

Page 104: ...vice Name Type the PPPoE service name provided to you PPPoE uses a service name to identify and reach the PPPoE server User Name Type the username given to you by your ISP Password Type the password a...

Page 105: ...8 2 3 PPTP Encapsulation Point to Point Tunneling Protocol PPTP is a network protocol that enables secure transfer of data from a remote client to a private server creating a Virtual Private Network...

Page 106: ...ection to time out Idle Timeout Specify the time in seconds that elapses before the ZyAIR automatically disconnects from the PPTP server PPTP Configuration My IP Address Type the static IP address ass...

Page 107: ...settings click ADVANCED WAN and then the IP tab Figure 8 5 IP Setup The following table describes the labels in this screen Table 8 5 IP Setup LABEL DESCRIPTION WAN IP Address Assignment Get automatic...

Page 108: ...ID Network Address Translation Network Address Translation NAT allows the translation of an Internet protocol address used within one network to a different IP address known within another network SUA...

Page 109: ...2B uses subnet broadcasting while RIP 2M uses multicasting Multicasting can reduce the load on non router machines since they generally do not listen to the RIP multicast address and so will not rece...

Page 110: ...n afresh 8 5 Configuring WAN MAC To change your ZyAIR s WAN MAC settings click ADVANCED WAN and then the MAC tab The screen appears as shown Figure 8 6 MAC Setup The MAC address screen allows users to...

Page 111: ...SUA NAT and Static Route IV Part IV SUA NAT AND STATIC ROUTE This part covers the information about SUA NAT and Static Route setup...

Page 112: ......

Page 113: ...r For example the local address refers to the IP address of a host when the packet is in the local network while the global address refers to the IP address of the host when the same packet is traveli...

Page 114: ...DMZ port instead If you do not define any servers for Many to One and Many to Many Overload mapping NAT offers the additional benefit of firewall protection With no servers defined your ZyAIR filters...

Page 115: ...1 How NAT Works 9 1 4 NAT Application The following figure illustrates a possible NAT application where three inside LANs logical LANs using IP Alias behind the ZyAIR can communicate with three distin...

Page 116: ...cal IP addresses to one global IP address This is equivalent to SUA i e PAT port address translation ZyXEL s Single User Account feature the SUA Only option Many to Many Overload In Many to Many Overl...

Page 117: ...r 2 IP IGA1 Server 3 IP IGA1 Server 9 1 6 SUA Single User Account Versus NAT SUA Single User Account is a ZyNOS implementation of a subset of NAT that supports two types of mapping Many to One and Ser...

Page 118: ...t are not specified in this screen If you do not assign a Default Server IP Address then all packets received for ports not specified in this screen will be discarded 9 2 1 Port Forwarding Services an...

Page 119: ...19 SNMP Simple Network Management Protocol 161 SNMP trap 162 PPTP Point to Point Tunneling Protocol 1723 9 2 2 Configuring Servers Behind SUA Example Let s say you want to assign ports 22 25 to one se...

Page 120: ...then all packets received for ports not specified in this screen will be discarded Click ADVANCED and then SUA NAT to open the SUA Server screen Refer to the Table 9 3 for port numbers commonly used f...

Page 121: ...ts enter the start port number in the Start Port field and the last port to be forwarded in the End Port field Server IP Address Enter the inside IP address of the server here Apply Click Apply to sav...

Page 122: ...ocal End IP This is the end local IP address If the rule is for all local IP addresses then this field displays 0 0 0 0 and 255 255 255 255 as the Local End IP address This field is N A for One to One...

Page 123: ...te an address mapping rule 9 4 1 Configuring Address Mapping Rule To edit an address mapping rule click the Edit button to display the screen shown next Figure 9 6 Address Mapping Rule The following t...

Page 124: ...d IP address This field is N A for One to One and Server mapping types Global Start IP This is the starting global IP address IGA Enter 0 0 0 0 here if you have a dynamic IP address from your ISP Glob...

Page 125: ...ks beyond For instance the ZyAIR knows about network N2 in the following figure through remote node Router 1 However the ZyAIR is unable to route a packet to network N3 because it doesn t know that th...

Page 126: ...Destination This parameter specifies the IP network address of the final destination Routing is always based on network number Gateway This field displays the IP address of the gateway The gateway is...

Page 127: ...10 2 1 Configuring Route Entry Select a static route index number and click Edit The screen shown next appears Fill in the required information for each static route Figure 10 3 Edit IP Static Route...

Page 128: ...t as your ZyAIR over the WAN the gateway must be the IP address of one of the remote nodes Metric Type a number that approximates the cost for this link Metric represents the cost of transmission for...

Page 129: ...e Management V Part V FIREWALL AND REMOTE MANAGEMENT This part introduces firewalls in general and the ZyAIR firewall It also explains custom ports and gives example firewall rules and information on...

Page 130: ......

Page 131: ...only mechanism or method employed For a firewall to guard effectively you must design and deploy it appropriately This requires integrating the firewall into a broad information security policy In ad...

Page 132: ...connection and to adapt to dynamic protocols These firewalls generally provide the best speed and transparency however they may lack the granular application level access control or caching that some...

Page 133: ...ocol POP3 E mail etc For example Web traffic by default uses TCP port 80 When computers communicate on the Internet they are using the client server model where the server listens on a specific TCP UD...

Page 134: ...ication The oversize packet is then sent to an unsuspecting system Systems may crash hang or reboot 1 b Teardrop attack exploits weaknesses in the reassembly of IP packet fragments As data is transmit...

Page 135: ...shed 2 a SYN Attack floods a targeted system with a series of SYN packets Each packet causes the targeted system to issue a SYN ACK response While the targeted system waits for the ACK that follows th...

Page 136: ...dcast address of the network the router will broadcast the ICMP echo request packet to all hosts on the network If there are numerous hosts this will create a large amount of ICMP echo request and res...

Page 137: ...DoS attacks also employ a technique known as IP Spoofing as part of their attack IP Spoofing may be used to break into systems to hide the hacker s identity or to magnify the effect of the DoS attack...

Page 138: ...nspection The previous figure shows the ZyAIR s default firewall rules in action as well as demonstrates how stateful inspection works User A can initiate a Telnet session from within the LAN and resp...

Page 139: ...ction of travel of packets to which they apply LAN to LAN ZyAIR WAN to LAN LAN to WAN WAN to WAN ZyAIR By default the ZyAIR s stateful packet inspection allows packets traveling in the following direc...

Page 140: ...customized rules take precedence and override the ZyAIR s default rules 12 3 Rule Logic Overview Study these points carefully before configuring rules 12 3 1 Rule Checklist 1 State the intent of the...

Page 141: ...d Block means the firewall silently discards the packet Service Select the service from the Service scrolling list box If the service is not listed it is necessary to first define it See section 12 5...

Page 142: ...igure a LAN to WAN rule you in essence want to limit some or all users from accessing certain services on the WAN See the following figure Figure 12 1 LAN to WAN Traffic 12 4 2 WAN to LAN Rules The de...

Page 143: ...services in the Services screen You may allow traffic initiated from the WAN by configuring port forwarding rules one to one many one to one mapping rules and or allow remote management The firewall i...

Page 144: ...LABEL DESCRIPTION Enable Firewall Select this check box to activate the firewall The ZyAIR performs access control and protects against Denial of Service DoS attacks when the firewall is activated LA...

Page 145: ...low one specific computer full access to all blocked resources Trusted Computer IP Address You can allow a specific computer to access all Internet resources without restriction Enter the IP address o...

Page 146: ...de 12 8 Firewall Screens Figure 12 4 Firewall Filter The following table describes the labels in this screen Table 12 2 Firewall Filter LABEL DESCRIPTION Restrict Web Features Select the categories of...

Page 147: ...LAN users to circumvent content filtering by pointing to this proxy server Enable URL Keyword Blocking Select this check box to block the URL containing the keywords in the keyword list Keyword Type...

Page 148: ...s Click ADVANCED FIREWALL and then the Services tab to open the Services screen Use this screen to enable service blocking enter delete modify the services you want to block and the date time you want...

Page 149: ...ber Authority web site Type Services are either TCP and or UDP Select from either TCP or UDP Port Number Enter the port number range that defines the service For example suppose you want to define the...

Page 150: ...Server CU SEEME TCP UDP 7648 24032 A popular videoconferencing solution from White Pines Software DNS UDP TCP 53 Domain Name Server a service that matches web names e g www zyxel com to IP numbers FIN...

Page 151: ...TCP 513 Remote Login RTELNET TCP 107 Remote Telnet RTSP TCP UDP 554 The Real Time Streaming media control Protocol RTSP is a remote control for multimedia on the Internet SFTP TCP 115 Simple File Tran...

Page 152: ...4 Predefined Services SERVICE DESCRIPTION TFTP UDP 69 Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP but uses the UDP User Datagram Protocol rather than TCP Transm...

Page 153: ...e firewall chapters for details on configuring firewall rules You may manage your ZyAIR from a remote location via Internet WAN only ALL LAN and WAN LAN only Neither Disable When you Choose WAN only o...

Page 154: ...1 2 Remote Management and NAT When NAT is enabled Use the ZyAIR s WAN IP address when configuring from the WAN Use the ZyAIR s LAN IP address when configuring from the LAN 13 1 3 System Timeout There...

Page 155: ...order to use that service for remote management Server Access Select the interface s through which a computer may access the ZyAIR using this service Secured Client IP Address A secured client is a t...

Page 156: ...is screen Table 13 2 FTP LABEL DESCRIPTION Server Port You may change the server port number for a service if needed however you must use the same port number in order to use that service for remote m...

Page 157: ...REMOTE MANAGEMENT and then the WWW tab The screen appears as shown Figure 13 4 WWW The following table describes the labels in this screen Table 13 3 WWW LABEL DESCRIPTION Server Port You may change t...

Page 158: ...s service Apply Click Apply to save your changes back to the ZyAIR Reset Click Reset to begin configuring this screen afresh 13 6 Configuring SNMP Simple Network Management Protocol is a protocol used...

Page 159: ...define each piece of information to be collected about a device Examples of variables include the number of packets received node port status etc A Management Information Base MIB is a collection of m...

Page 160: ...ps TRAP TRAP NAME DESCRIPTION 1 coldStart defined in RFC 1215 A trap is sent after booting power on 2 warmStart defined in RFC 1215 A trap is sent after booting software reboot 3 linkUp defined in RFC...

Page 161: ...ck ADVANCED REMOTE MANAGEMENT and then the SNMP tab The screen appears as shown Figure 13 6 SNMP The following table describes the labels in this screen Table 13 6 SNMP LABEL DESCRIPTION SNMP Configur...

Page 162: ...to use that service for remote management Server Access Select the interface s through which a computer may access the ZyAIR using this service Secured Client IP Address A secured client is a trusted...

Page 163: ...AIR Select All to allow any computer to send DNS queries to the ZyAIR Choose Selected to just allow the computer with the IP address that you specify to send DNS queries to the ZyAIR Apply Click Apply...

Page 164: ...d to any incoming Ping requests when Disable is selected Select LAN to reply to incoming LAN Ping requests Select WAN to reply to incoming WAN Ping requests Otherwise select LAN WAN to reply to both i...

Page 165: ...UPnP and Logs VI Part VI UPNP AND LOGS This part provides information and configuration instructions for UPnP Universal Plug and Play and the logs...

Page 166: ......

Page 167: ...fied as an icon in the Network Connections folder Windows XP Each UPnP compatible device installed on your network will appear as a separate icon Selecting the icon of a UPnP device will allow you to...

Page 168: ...UPnP if this is not your intention 14 2 UPnP and ZyXEL ZyXEL has achieved UPnP certification from the Universal Plug and Play Forum Creates UPnP Implementers Corp UIC ZyXEL s UPnP implementation suppo...

Page 169: ...screen without entering the ZyAIR s IP address although you must still enter the password to access the web configurator Allow users to make configuration changes through UPnP Select this check box to...

Page 170: ...e the firewall block all UPnP application packets for example MSN packets instead of creating a firewall rule for them UPnP Name This identifies the ZyAIR in UPnP applications Apply Click Apply to sav...

Page 171: ...Restart the computer when prompted 14 4 2 Installing UPnP in Windows XP Follow the steps below to install UPnP in Windows XP Step 6 Click Start and Control Panel Step 7 Double click Network Connectio...

Page 172: ...ws XP Example This section shows you how to use the UPnP feature in Windows XP You must already have UPnP installed in Windows XP and UPnP activated on the ZyAIR Make sure the computer is connected to...

Page 173: ...uide UPnP Screens 14 7 Step 3 In the Internet Connection Properties window click Settings to see the port mappings that were automatically created Step 4 You may edit or delete the port mappings or cl...

Page 174: ...en connected check box and click OK An icon displays in the system tray Step 6 Double click the icon to display your current Internet connection status 14 5 2 Web Configurator Easy Access With UPnP yo...

Page 175: ...Panel Step 2 Double click Network Connections Step 3 Select My Network Places under Other Places Step 4 An icon with the description for each UPnP enabled device displays under Local Network Step 5 R...

Page 176: ...ZyAIR Wireless Gateway Series User s Guide 14 10 UPnP Screens Step 6 Right click the icon for your ZyAIR and select Properties A properties window displays with basic information about the ZyAIR...

Page 177: ...screen Use the View Log screen to see the logs for the categories that you selected in the Log Settings screen see section 15 2 Options include logs about system maintenance system errors access cont...

Page 178: ...logs select All Logs The number of categories shown in the drop down list box depends on the selection in the Log Settings page Time This field displays the time the log was recorded Message This fie...

Page 179: ...ppears as shown Use the Log Settings screen to configure to where the ZyAIR is to send the logs the schedule for when the ZyAIR is to send the logs and which logs and or immediate alerts the ZyAIR is...

Page 180: ...ZyAIR Wireless Gateway Series User s Guide 15 4 Logs Screens Figure 15 2 Log Settings...

Page 181: ...n external UNIX server used to store logs Active Click Active to enable UNIX syslog Syslog Server IP Address Enter the server name or the IP address of the syslog server that will log the CDR Call Det...

Page 182: ...o change your ZyAIR s log reports click ADVANCED LOGS and then the Reports tab The screen appears as shown The Reports screen displays which computers on the LAN send and receive the most traffic what...

Page 183: ...hat also get counted as hits The ZyAIR records web site hits by counting the HTTP GET packets Many web sites include HTTP GET references to other web sites and the ZyAIR may count these as hits thus t...

Page 184: ...Start Collection when the ZyAIR is not recording report data and Stop Collection when the ZyAIR is recording report data Click Start Collection to have the ZyAIR record report data Click Stop Collect...

Page 185: ...hich the most traffic has gone through the ZyAIR The protocols or service ports are listed in descending order with the most used protocol or service port listed first Start Collection Stop Collection...

Page 186: ...ervice port The count starts over at 0 if a protocol or port passes the bytes count limit see Table 15 6 15 3 2 Viewing LAN IP Address In the Reports screen select LAN IP Address from the Report Type...

Page 187: ...der with the LAN IP address to and or from which the most traffic was sent listed first Bytes This column displays how much traffic has gone to and from the listed LAN IP addresses The measurement uni...

Page 188: ...Maintenance VII Part VII MAINTENANCE This part describes the Maintenance web configurator screens...

Page 189: ......

Page 190: ...view The maintenance screens can help you view system information upload new firmware manage configuration and restart your ZyAIR 16 2 System Status Screen Click MAINTENANCE to open the System Status...

Page 191: ...s is the WAN port IP address IP Subnet Mask This is the WAN port subnet mask DHCP This is the WAN port DHCP role Client or None LAN Port IP Address This is the LAN port IP address IP Subnet Mask This...

Page 192: ...n up System Up Time This is the total time the ZyAIR has been on Poll Interval Enter the time interval for refreshing statistics Set Interval Click this button to apply the new poll interval you enter...

Page 193: ...AC Media Access Control or Ethernet address on a LAN Local Area Network is unique to your computer six pairs of hexadecimal notation A network interface card such as an Ethernet adapter has a hardwire...

Page 194: ...tation Association Time This field displays the time a wireless station first associated with the ZyAIR Refresh Click Refresh to reload the screen 16 4 1 Channel Usage The Channel Usage screen display...

Page 195: ...sage ZyAIR B 2000 LABEL DESCRIPTION Channel This is the index number of the channel currently used by the associated AP in an Infrastructure wireless network or wireless station in an Ad Hoc wireless...

Page 196: ...n an Ad Hoc wireless network For our purposes we define an Infrastructure network as a wireless network that uses an AP and an Ad Hoc network also known as Independent Basic Service Set IBSS as one th...

Page 197: ...P setup Network modes are Infrastructure same as an extended service set ESS Infrastructure with WEP WEP encryption is enabled Ad Hoc same as an independent basic service set IBSS or Ad Hoc with WEP R...

Page 198: ...press compressed zip files before you can upload them Upload Click Upload to begin the upload process This process may take up to two minutes Do not turn off the device while firmware upload is in pro...

Page 199: ...transfer files See the Firmware and Configuration File Maintenance chapter for transferring configuration files using FTP TFTP commands Click MAINTENANCE and then the Configuration tab Information rel...

Page 200: ...usually have a ROM extension e g zyair rom The system reboots automatically after the file transfer is complete and uses the configured values in the file WARNING Do not interupt the file transfer pro...

Page 201: ...load successful screen you must then wait one minute before logging into the ZyAIR again Figure 16 13 Configuration Upload Successful The ZyAIR automatically restarts in this time causing a temporary...

Page 202: ...the Reset button in this section clears all user entered configuration information and returns the ZyAIR to its factory defaults as shown on the screen This will erase all configurations that you have...

Page 203: ...uide 16 14 Maintenance Figure 16 17 Reset Warning Message You can also press the RESET button on the side panel to reset the factory defaults of your ZyAIR Refer to the Resetting the ZyAIR section for...

Page 204: ...ETTING STARTED MENUS This part introduces the SMT System Management Terminal and discusses the Getting Started SMT menus See the web configurator parts of this guide for background information on feat...

Page 205: ......

Page 206: ...OK Step 3 For your first login enter 1234 in the Password field As you type the password the screen displays an x for each character you type Step 4 After entering the password you will see the main m...

Page 207: ...as shown next For your first login enter the default password 1234 As you type the password the screen displays an x for each character you type Figure 17 2 Login Screen 17 3 Changing the System Passw...

Page 208: ...R Note that as you type a password the screen displays an asterisk for each character you type 17 4 ZyAIR SMT Menu Overview Example We use the ZyAIR B 2000 v 2 SMT menus in this guide as an example Th...

Page 209: ...4 System Maintenance Diagnostic Menu 24 5 System Maintenance Backup Configuration Menu 24 6 System Maintenance Restore Configuration Menu 24 7 System Maintenance Upload Firmware Menu 24 8 Command Inte...

Page 210: ...OWN arrow keys to move to the previous and the next field respectively Entering information Type in or press SPACE BAR then press ENTER You need to fill in two types of fields The first requires you t...

Page 211: ...ofiles on the ZyAIR 15 NAT Setup Use this menu to specify inside servers when NAT is enabled 21 Filter and Firewall Setup Use this menu to set up filters and firewall to provide security etc 22 SNMP C...

Page 212: ...ZyAIR Wireless Gateway Series User s Guide Introducing the SMT 17 7 Table 17 2 Main Menu Summary MENU TITLE DESCRIPTION 99 Exit Use this to exit from SMT and return to a blank screen...

Page 213: ......

Page 214: ...SP is used While you must enter the host name System Name on each individual computer the domain name can be assigned from the ZyAIR via DHCP 18 1 1 Dynamic DNS To use this service you must register w...

Page 215: ...an go to menu 24 8 and type sys domainname to see the current domain name used by your gateway If you want to clear this field just press the SPACE BAR The domain name entered by you is given priority...

Page 216: ...To configure Dynamic DNS go to Menu 1 General Setup and select Yes in the Edit Dynamic DNS field Press ENTER to display Menu 1 1 Configure Dynamic DNS as shown next Figure 18 2 Menu 1 1 Configure Dyn...

Page 217: ...client as your service provider No Offline This field is only available when CustomDNS is selected in the DDNS Type field Press SPACE BAR and then ENTER to select Yes When Yes is selected traffic is...

Page 218: ...AN Setup The MAC address field allows users to configure the WAN port s MAC address by either using the factory default or cloning the MAC address from a computer on your LAN Once it is successfully c...

Page 219: ...ed on LAN and enter the IP address in the IP Address field below to clone the MAC address of the computer on the Ethernet Factory default IP Address Enter the IP address of the computer whose MAC addr...

Page 220: ...Ethernet Port Filter Setup This menu allows you to specify filter set s that you wish to apply to the Ethernet traffic You seldom need to filter Ethernet traffic however the filter sets may be useful...

Page 221: ...nu 3 2 TCP IP and DHCP Ethernet Setup Follow the instructions in the following table on how to configure the DHCP fields Menu 3 2 TCP IP and DHCP Ethernet Setup DHCP Server TCP IP Setup Client IP Pool...

Page 222: ...Second DNS Server Third DNS Server Press SPACE BAR to select From ISP User Defined DNS Relay or None and press ENTER The DNS servers are passed to the DHCP clients along with the IP address and the su...

Page 223: ...cal LAN interfaces via its single physical Ethernet interface with the ZyAIR itself as the gateway for each LAN network Press SPACE BAR to select Yes and press ENTER to go to menu 3 2 1 No When you ha...

Page 224: ...s N A IP Subnet Mask N A RIP Direction N A Version N A Incoming protocol filters N A Outgoing protocol filters N A IP Alias 2 No IP Address N A IP Subnet Mask N A RIP Direction N A Version N A Incomin...

Page 225: ...nly or Out Only None Version Press SPACE BAR to select the RIP version Choices are RIP 1 RIP 2B or RIP 2M RIP 1 Incoming Protocol Filters Enter the filter set s you wish to apply to the incoming traff...

Page 226: ...ive scanning No Channel ID Press SPACE BAR to select a channel This allows you to set the operating frequency channel depending on your particular region CH01 2412MHz RTS Threshold Setting this attrib...

Page 227: ...nter any 5 ASCII characters or 10 hexadecimal characters 0 9 A F If you chose 128 bit WEP in the WEP Encryption field then enter 13 ASCII characters or 26 hexadecimal characters 0 9 A F Enter 0x befor...

Page 228: ...Follow the steps below to create the MAC address table on your ZyAIR Step 1 From the main menu enter 3 to open Menu 3 LAN Setup Step 2 Enter 5 to display Menu 3 5 Wireless LAN Setup Figure 19 9 Menu...

Page 229: ...enied access to the ZyAIR in these address fields When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel...

Page 230: ...s and then press ENTER Menu 3 5 2 Roaming Configuration displays as shown next Figure 19 12 Menu 3 5 2 Roaming Configuration The following table describes the fields in this menu Menu 3 5 2 Roaming Co...

Page 231: ...ore ZyAIRs on the same subnet Port Enter the port number to communicate roaming information between access points The port number must be the same on all access points The default is 16290 Make sure t...

Page 232: ...ing PPP or PPPoE encapsulation then the only ISP information you need is a login name and password Table 20 1 Internet Account Information FIELD DESCRIPTION YOUR INFORMATION System Name Enter the name...

Page 233: ...ow to configure your ZyAIR for Internet access Table 20 2 Menu 4 Internet Access Setup FIELD DESCRIPTION EXAMPLE ISP s Name Enter the name of your Internet Service Provider This information is for ide...

Page 234: ...ignment Press SPACE BAR and then ENTER to select Static or Dynamic address assignment Static IP Address Enter the IP address supplied by your ISP if applicable 10 11 12 20 IP Subnet Mask Your ZyAIR wi...

Page 235: ...SMT Advanced Applications Menus IX Part IX SMT ADVANCED APPLICATION MENUS This part shows how to configure Remote Node Static Routing Dial in User and NAT...

Page 236: ......

Page 237: ...enter 11 to display Menu 11 Remote Node Profile as shown in 21 1 1 Encapsulation Scenarios For Internet access you should use the encapsulation used by your ISP Nailed Up Connection PPPoE PPTP A nail...

Page 238: ...nner flavor if your ISP is using Time Warner s RoadRunner otherwise choose Standard The User Name Password and Login Server IP Address fields are not applicable N A for the latter Choose from Standard...

Page 239: ...tic IP address assigned to you by your ISP in dotted decimal notation 10 11 12 13 My IP Mask Type the subnet mask of the PPTP server Server IP Address Type the IP address of the PPTP server in dotted...

Page 240: ...fault Idle Timeout sec Type the number of seconds 0 9999 that can elapse when the ZyAIR is idle there is no traffic going to the remote node before the ZyAIR automatically disconnects the remote node...

Page 241: ...nly be able to configure this in the ISP node also the one you configure in menu 4 all other nodes are set to Static Static Rem IP Addr This is the IP address you entered in the previous menu Rem Subn...

Page 242: ...te and not included in RIP broadcast If No the route to this remote node will be propagated to other hosts through RIP broadcasts No RIP Direction Press SPACE BAR and then ENTER to select the RIP Dire...

Page 243: ...AIR has no knowledge of the networks beyond For instance the ZyAIR knows about network N2 in the following figure through remote node Router 1 However the ZyAIR is unable to route a packet to network...

Page 244: ...12 1 Edit IP Static Route FIELD DESCRIPTION Route This is the index number of the static route that you chose in menu 12 1 Route Name Type a descriptive name for this route This is for identification...

Page 245: ...must be a router on the same segment as your ZyAIR over WAN the gateway must be the IP address of one of the remote nodes Metric Metric represents the cost of transmission for routing purposes IP rout...

Page 246: ......

Page 247: ...Step 2 Type a number and press ENTER to edit the user profile Figure 22 2 Menu 14 1 Edit Dial in User The following table describes the fields in this screen Menu 14 Dial in User Setup 1 ________ 9 __...

Page 248: ...for this user profile This field is case sensitive Active Press SPACE BAR to select Yes and press ENTER to enable the user profile Password Enter a password up to 31 characters long for this user prof...

Page 249: ...apply NAT for Internet access in menu 4 Enter 4 from the main menu to go to Menu 4 Internet Access Setup Figure 23 1 Menu 4 Internet Access Setup The following figure shows how you apply NAT to the re...

Page 250: ...ign global addresses to computers on the LAN You can see two NAT Address Mapping sets in menu 15 1 You can only configure Set 1 Set 255 is used for SUA When you select Full Feature in menu 4 or 11 3 t...

Page 251: ...gure 23 4 Menu 15 1 Address Mapping Sets SUA Address Mapping Set Enter 255 to display the next screen The fields in this menu cannot be changed Menu 15 1 255 is read only Menu 15 1 Address Mapping Set...

Page 252: ...en the Start IP is 0 0 0 0 and the End IP is 255 255 255 255 255 255 255 255 Global Start IP This is the starting global IP address IGA If you have a dynamic IP enter 0 0 0 0 as the Global Start IP 0...

Page 253: ...les This is a required field If this field is left blank the entire set will be deleted NAT_SET Action The default is Edit Edit means you want to edit a selected rule see following field Insert Before...

Page 254: ...dress Mapping Rule in which you can edit an individual rule and configure the Type Local and Global Start End IPs Figure 23 7 Menu 15 1 1 1 Address Mapping Rule The table below describes the fields fo...

Page 255: ...takes the corresponding action and the remaining rules are ignored If there are any empty rules before your new configured rule your configured rule will be pushed up by that number of empty rules For...

Page 256: ...ten used port numbers are shown in the following table Please refer to RFC 1700 for further information about port numbers Please also refer to the included disk for more examples and details on NAT T...

Page 257: ...168 1 33 Step 5 Press ENTER at the Press ENTER to confirm prompt to save your configuration after you define all the servers or press ESC at any time to cancel 23 4 General NAT Examples 23 4 1 Example...

Page 258: ...n 23 4 The SUA Only read only option from the Network Address Translation field in menus 4 and 11 3 is specifically pre configured to handle this case Menu 4 Internet Access Setup ISP s Name ChangeMe...

Page 259: ...go to menu 15 2 to specify the Inside Server behind the NAT as shown in the next figure Figure 23 12 Menu 15 2 1 NAT Server Setup Menu 15 2 NAT Server Setup Rule Start Port No End Port No IP Address...

Page 260: ...erver Four rules need to be configured two bi directional and two uni directional as follows Rule 1 Map the first IGA to the first inside FTP server for FTP traffic in both directions 1 1 mapping givi...

Page 261: ...field Press ENTER to confirm Step 5 Select Type as One to One direct mapping for packets going both ways and enter the local Start IP as 192 168 1 10 the IP address of FTP Server 1 the global Start IP...

Page 262: ...orwarding Setup Menu 15 1 1 Address Mapping Rules Set Name Eample3 Idx Local Start IP Local End IP Global Start IP Global End IP Type 1 192 168 1 10 10 132 50 1 1 1 2 192 168 1 11 10 132 50 2 1 1 3 0...

Page 263: ...Figure 23 17 NAT Example 4 Other applications such as some gaming programs are NAT unfriendly because they embed addressing information in the data stream These applications won t work through NAT ev...

Page 264: ...Internet can then be forwarded directly to the LAN computer Trigger ports are transient they only exist while in use or are timed out The following is a trigger port example INTERNET LAN WAN Figure 2...

Page 265: ...Ports 1 Trigger events only happen on outgoing data from the ZyAIR to the WAN 2 Only one LAN computer can use a trigger port range at a time Enter 3 in menu 15 to display Menu 15 3 Trigger Port Setup...

Page 266: ...ting port number in a range of port numbers 6970 End Port Enter a port number or the ending port number in a range of port numbers 7170 Trigger The trigger port is a port or a range of ports that caus...

Page 267: ...DVANCED MANAGEMENT MENUS This part discusses Filtering and Firewall setup SNMP System Security System Information and Diagnosis Firmware and Configuration File Maintenance System Maintenance and Infor...

Page 268: ......

Page 269: ...ering is used to determine if a packet should be allowed to trigger a call Outgoing packets must undergo data filtering before they encounter call filtering Call filters are divided into two groups th...

Page 270: ...shown in the figures that follow The following figure illustrates the logic flow when executing a filter rule Start Fetch First Filter Set Fetch First Filter Rule Active Execute Filter Rule Fetch Nex...

Page 271: ...72 filter rules in the system 24 2 Configuring a Filter Set To configure a filter set follow the steps shown next Step 1 Enter 21 from the main menu Step 2 Enter 1 to display Menu 21 1 Filter Set Con...

Page 272: ...D N 4 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 137 N D N 5 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 138 N D N 6 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 139 N D F Enter Filter Rule Number 1 6 to Configure Menu 21 1...

Page 273: ...the rule chain is complete N means there are no more rules to check You can specify an action to be taken for instance forward the packet drop the packet or check the next rule For the latter the nex...

Page 274: ...eed up filtering all rules in a filter set must be of the same class for instance protocol filters or generic filters The class of a filter set is determined by the first rule that you create When app...

Page 275: ...No IP Protocol This is the upper layer protocol for example TCP is 6 UDP is 17 and ICMP is 1 The value must be between 0 and 255 A value of 0 matches ANY protocol 0 to 255 IP Source Route IP Source Ro...

Page 276: ...Port Type the source port of the packets you want to filter The range of this field is 0 to 65535 A 0 field is ignored 0 to 65535 Port Comp Select the comparison to apply to the source port in the pac...

Page 277: ...e Forward or Drop Check Next Rule default Action Not Matched Select the action for a packet not matching the rule Choices are Check Next Rule Forward or Drop Check Next Rule default When you have comp...

Page 278: ...e No Filter Active Check IP Protocol Drop Drop Packet Accept Packet Drop Forward Check Next Rule Check Next Rule Check Next Rule Forward Not Matched Yes No Check Src IP Addr Apply SrcAddrMask to Src A...

Page 279: ...rule select an empty filter set in menu 21 1 for example 4 Select Generic Filter Rule in the Filter Type field and press ENTER to open Menu 21 1 4 1 Generic Filter Rule as shown in the following figu...

Page 280: ...will be logged Both All packets will be logged None Action Matched Select the action for a matching packet Choices are Check Next Rule Forward or Drop Check Next Rule Action Not Matched Select the act...

Page 281: ...Figure 24 10 Protocol and Device Filter Sets 24 5 Example Filter Let s look at an example to block outside users from telnetting into the ZyAIR Figure 24 11 Sample Telnet Filter Step 1 Enter 1 in men...

Page 282: ...0 0 0 0 IP Mask 0 0 0 0 Port 23 Port Comp Equal Source IP Addr 0 0 0 0 IP Mask 0 0 0 0 Port Port Comp None TCP Estab No More No Log None Action Matched Drop Action Not Matched Forward Press ENTER to C...

Page 283: ...N Input Filter Sets Apply filters for incoming traffic You may apply protocol or device filter rules See earlier in this chapter for information on filters Output Filter Sets Apply filters for traffic...

Page 284: ...er s of the filter set s as appropriate You can cascade up to four filter sets by typing their numbers separated by commas The factory default filter set NetBIOS_WAN is inserted in the protocol filter...

Page 285: ...detection and prevention real time alerts reports and logs Enter 2 in menu 21 to display Menu 21 2 Firewall Setup shown next Menu 21 2 Firewall Setup The firewall protects against Denial of Service Do...

Page 286: ......

Page 287: ...FIELD DESCRIPTION EXAMPLE SNMP Get Community Type the Get Community which is the password for the incoming Get and GetNext requests from the management station public Set Community Type the Set Commu...

Page 288: ...trap community which is the password sent with each trap to the SNMP manager public Destination Type the IP address of the station to send your SNMP traps to 0 0 0 0 When you have completed this menu...

Page 289: ...ave to restore the default configuration file Refer to the section on changing the system password in the Introducing the SMT chapter and the section on resetting the ZyAIR in the Introducing the Web...

Page 290: ...k administrator instructs you to do so with additional information 1812 Shared Secret Specify a password up to 31 alphanumeric characters as the key to be shared between the external authentication se...

Page 291: ...k This key must be the same on the external accounting server and ZyAIR When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration o...

Page 292: ...lient has to re enter username and password to stay connected to the wired network This field is activated only when you select Authentication Required in the Wireless Port Control field Enter a time...

Page 293: ...AIR then checks the user database on the specified RADIUS server Select RADIUS first then Local to have the ZyAIR first check the user database on the specified RADIUS server for a wireless station s...

Page 294: ......

Page 295: ...in the next figure System Status is a tool that can be used to monitor your ZyAIR Specifically it gives you information on your LAN and wireless LAN status number of packets sent and received To get...

Page 296: ...s per second Up Time This is the time this channel has been connected to the current remote node Ethernet Address This shows the MAC address of the port IP Address This shows the IP address of the net...

Page 297: ...e next figure Figure 27 3 Menu 24 2 System Information and Console Port Speed The ZyAIR has an internal console port for support personnel only Do not open the ZyAIR as it will void your warranty 27 2...

Page 298: ...ZyAIR DHCP This field shows the DHCP setting of the ZyAIR When you have completed this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC t...

Page 299: ...or log in the system After the ZyAIR finishes displaying the error log you will have the option to clear it Samples of typical error and information messages are presented in the next figure Figure 27...

Page 300: ...dress of your syslog server Log Facility Press SPACE BAR and then ENTER to select one of seven different local options The log facility lets you log the message in different server files Refer to your...

Page 301: ...4 allows you to choose among various types of diagnostic tests to evaluate your system as shown in the following figure Figure 27 9 Menu 24 4 System Maintenance Diagnostic Follow the procedure next to...

Page 302: ...System Maintenance Diagnostic FIELD DESCRIPTION DHCP Renewal Get a new IP address from the DHCP server Internet Setup Test Use this option to test your Internet connection Reboot System Reboot the Zy...

Page 303: ...en next ftp put firmware bin ras This is a sample FTP session showing the transfer of the computer file firmware bin to the ZyAIR ftp get rom 0 config cfg This is a sample FTP session saving the curre...

Page 304: ...and upload files in menus 24 5 24 6 24 7 1 and 24 7 2 depending on whether you use the console port or Telnet Option 5 from Menu 24 System Maintenance allows you to backup the current ZyAIR configurat...

Page 305: ...t rom 0 config rom transfers the configuration file on the ZyAIR to your computer and renames it config rom See earlier in this chapter for more information on filename conventions Step 7 Enter quit t...

Page 306: ...vice administrator has enabled this option Normal The server requires a unique User ID and Password to login Transfer Type Transfer files in either ASCII plain text format or in binary mode Initial Re...

Page 307: ...er will not be interrupted Enter command sys stdio 5 to restore the five minute SMT timeout default when the file transfer is complete Step 4 Launch the TFTP client on your computer and connect to the...

Page 308: ...ion file is rom 0 Binary Transfer the file in binary mode Abort Stop transfer of the file Refer to section 28 2 5 to read about configurations that disallow TFTP and FTP over WAN 28 2 9 Backup Via Con...

Page 309: ...w to restore a previously saved configuration Note that this function erases the current configuration before restoring a previous back up configuration please do not attempt to restore unless you hav...

Page 310: ...er for example put config rom rom 0 transfers the configuration file config rom on your computer to the ZyAIR See earlier in this chapter for more information on filename conventions Step 8 Enter quit...

Page 311: ...ilar Step 1 Display menu 24 6 and enter y at the following screen Figure 28 9 System Maintenance Restore Configuration Step 2 The following screen indicates that the Xmodem download has started Figure...

Page 312: ...e in the previous Restore Configuration section or by following the instructions in Menu 24 7 2 System Maintenance Upload System Configuration File for console port WARNING DO NOT INTERUPT THE FILE TR...

Page 313: ...on FTP commands please consult the documentation of your FTP client program For details on uploading system firmware using TFTP note that you must remain on this menu to upload system firmware using T...

Page 314: ...ur computer and renames it config rom See earlier in this chapter for more information on filename conventions Step 7 Enter quit to exit the ftp prompt 28 4 4 FTP Session Example of Firmware File Uplo...

Page 315: ...s on TFTP commands see following example please consult the documentation of your TFTP client program For UNIX use get to transfer from the ZyAIR to the computer put the other way around and binary to...

Page 316: ...nications programs should be similar 28 4 9 Example Xmodem Firmware Upload Using HyperTerminal Click Transfer then Send File to display the following screen Figure 28 17 Example Xmodem Upload After th...

Page 317: ...start the ZyAIR 28 4 11Example Xmodem Configuration Upload Using HyperTerminal Click Transfer then Send File to display the following screen Menu 24 7 2 System Maintenance Upload System Configuration...

Page 318: ...figuration File Maintenance Figure 28 19 Example Xmodem Upload After the configuration upload process has completed restart the ZyAIR by entering atgo Type the configuration file s location or click B...

Page 319: ...led information on CI commands Enter 8 from Menu 24 System Maintenance A list of valid commands can be found by typing help or at the command prompt Type exit to return to the SMT main menu when finis...

Page 320: ...enu select option 9 in menu 24 to go to Menu 24 9 System Maintenance Call Control as shown in the next table Figure 29 3 Menu24 9 System Maintenance Call Control 29 2 1 Budget Management Menu 24 9 1 s...

Page 321: ...hin the allocated budget that you set in menu 11 1 5 10 means that 5 minutes out of a total allocation of 10 minutes have lapsed Elapsed Time Total Period The period is the time cycle in hours that th...

Page 322: ...There is also a software mechanism to set the time manually or get the current time and date from an external server when you turn on your ZyAIR Menu 24 10 allows you to update the time and date setti...

Page 323: ...ith your ISP network administrator if you are unsure of this information Current Time This field displays an updated time only when you reenter this menu New Time Enter the new time in hour minute and...

Page 324: ......

Page 325: ...Network 30 2 FTP You can upload and download ZyAIR firmware and configuration files using FTP To use this feature your computer must have an FTP client 30 3 Web You can use the ZyAIR s embedded web c...

Page 326: ...management of a service but have applied a filter to block the service then you will not be able to remotely manage the service Enter 11 from menu 24 to display Menu 24 11 Remote Management Control sh...

Page 327: ...ZyAIR Enter an IP address to restrict access to a client with a matching IP address 0 0 0 0 Once you have filled in this menu press ENTER at the message Press ENTER to Confirm or ESC to Cancel to sav...

Page 328: ...WAN Use the ZyAIR s LAN IP address when configuring from the LAN 30 6 System Timeout There is a system timeout of five minutes 300 seconds for Telnet web FTP connections Your ZyAIR will automatically...

Page 329: ...t Figure 31 1 Menu 26 Schedule Setup Lower numbered sets take precedence over higher numbered sets thereby avoiding scheduling conflicts For example if sets 1 2 3 and 4 in are applied in the remote no...

Page 330: ...BAR to No and press ENTER to disable the schedule set Yes Start Date Enter the start date when you wish the set to take effect in year month date format Valid dates are from the present to 2036 Februa...

Page 331: ...rced On means that the connection is maintained whether or not there is a demand call on the line and will persist for the time period specified in the Duration field Forced Down means that the connec...

Page 332: ...1 1 Remote Node Profile Rem Node Name ChangeMe Route IP Active Yes Encapsulation PPTP Edit IP No Service Type Standard Telco Option Service Name N A Allocated Budget min 0 Outgoing Period hr 0 My Logi...

Page 333: ...des contains troubleshooting and additional background information on setting up your computer s IP address wireless LAN 802 1x PPPoE PPTP and IP subnetting It also provides information on the command...

Page 334: ......

Page 335: ...o see if the ZyAIR is connected to your computer s console port VT100 terminal emulation 9600 bps is the default speed on leaving the factory Try other speeds in case the speed has been changed I cann...

Page 336: ...s are on the same subnet Problems with the WAN Interface Chart A 4 Troubleshooting the WAN Interface PROBLEM CORRECTIVE ACTION The ISP provides the WAN IP address after authenticating you Authenticati...

Page 337: ...b configurator or the Internet Access chapter SMT Make sure you entered the correct user name and password For wireless stations check that both the ZyAIR and wireless station s are using the same ESS...

Page 338: ...EM CORRECTIVE ACTION I cannot ping any computer on the WLAN Make sure the wireless card is properly inserted in the ZyAIR and the WLAN LED is on Make sure the wireless adapter on the wireless station...

Page 339: ...AND DESCRIPTION sys pwderrtm This command displays the brute force guessing password protection settings sys pwderrtm 0 This command turns off the password s protection from brute force guessing sys p...

Page 340: ......

Page 341: ...should already be installed on computers using Windows NT 2000 XP Macintosh OS 7 and later operating systems After the appropriate TCP IP components are installed configure the TCP IP settings in orde...

Page 342: ...nd then click Add c Select Microsoft from the list of manufacturers d Select TCP IP from the list of network protocols and then click OK If you need Client for Microsoft Networks a Click Add b Select...

Page 343: ...automatically If you have a static IP address select Specify an IP address and type your information into the IP Address and Subnet Mask fields 2 Click the DNS Configuration tab If you do not know you...

Page 344: ...d 4 Click OK to save and close the TCP IP Properties window 5 Click OK to close the Network window Insert the Windows CD if prompted 6 Turn on your ZyAIR and restart your computer when prompted Verify...

Page 345: ...Address C 5 1 For Windows XP click start Control Panel In Windows 2000 NT click Start Settings Control Panel 2 For Windows XP click Network Connections For Windows 2000 NT click Network and Dial up C...

Page 346: ...b in Win XP and click Properties 5 The Internet Protocol TCP IP Properties window opens the General tab in Windows XP If you have a dynamic IP address click Obtain an IP address automatically If you h...

Page 347: ...an IP address in IP address and a subnet mask in Subnet mask and then click Add Repeat the above two steps for each IP address you want to add Configure additional default gateways in the IP Settings...

Page 348: ...DNS server fields If you have previously configured DNS servers click Advanced and then the DNS tab to order them 8 Click OK to close the Internet Protocol TCP IP Properties window 9 Click OK to clos...

Page 349: ...Computer s IP Address C 9 1 Click the Apple menu Control Panel and double click TCP IP to open the TCP IP Control Panel 2 Select Ethernet built in from the Connect via list 3 For dynamically assigned...

Page 350: ...n the Subnet mask box Type the IP address of your ZyAIR in the Router address box 5 Close the TCP IP Control Panel 6 Click Save if prompted to save changes to your configuration 7 Turn on your ZyAIR a...

Page 351: ...ct Using DHCP from the Configure list 4 For statically assigned settings do the following From the Configure box select Manually Type your IP address in the IP Address box Type your subnet mask in the...

Page 352: ......

Page 353: ...groups a lower total cost of ownership for workspaces that are frequently reconfigured 4 It allows conference room users access to the network as they move from meeting to meeting getting up to date a...

Page 354: ...SS In the most basic form a wireless LAN connects a set of computers with wireless adapters Any time two or more wireless adapters are within range of each other they can set up an independent network...

Page 355: ...o through the access point The Extended Service Set ESS shown in the next figure consists of a series of overlapping BSSs each containing an Access Point connected together by means of a Distribution...

Page 356: ......

Page 357: ...02 11b standard does not provide any central user account management User access control is done through manual modification of the MAC address table on the access point Although WEP data encryption o...

Page 358: ...r Authentication Sequence The following figure depicts a typical wireless network with a remote RADIUS server for user authentication using EAPOL EAP Over LAN Diagram E 1 Sequences for EAP MD5 Challen...

Page 359: ...ption keys for data encryption EAP TLS Transport Layer Security With EAP TLS digital certifications are needed by both the server and the wireless stations for mutual authentication The server present...

Page 360: ...nts but for public deployment simple user name and password pair is more practical The following table is a comparison of the features of four authentication types Comparison of EAP Authentication Typ...

Page 361: ...RF beam width Higher antenna gain improves the range of the signal for better communications For an indoor site each 1 dB increase in antenna gain results in a range increase of approximately 2 5 For...

Page 362: ...e of obstructions In point to point application position both transmitting and receiving antenna at the same height and in a direct line of sight to each other to attend the best performance For omni...

Page 363: ...services using PPP Benefits of PPPoE PPPoE offers the following benefits 1 It provides you with a familiar dial up networking DUN user interface 2 It lessens the burden on the carriers of provisioning...

Page 364: ...nnels the PPP frames to the ISP The L2TP tunnel is capable of carrying multiple PPP sessions With PPPoE the VC Virtual Circuit is equivalent to the dial up connection and is between the modem and the...

Page 365: ...n is that it requires one separate ATM VC per destination Diagram I 1 Transport PPP frames over Ethernet PPTP and the ZyAIR When the ZyAIR is deployed in such a setup it appears as a PC to the ANT In...

Page 366: ...up capability The phone call is between the user and the PAC and the PAC tunnels the PPP frames to the PNS The PPTP user is unaware of the tunnel between the PAC and the PNS Diagram I 2 PPTP Protocol...

Page 367: ...ample Message Exchange between PC and an ANT PPP Data Connection The PPP frames are tunneled between the PNS and PAC over GRE General Routing Encapsulation RFC 1701 1702 The individual calls within a...

Page 368: ......

Page 369: ...a 0 in the next left most bit In a class B address the first two octets make up the network number and the two remaining octets make up the host ID Class C addresses begin starting from the left with...

Page 370: ...asks A subnet mask is used to determine which bits are part of the network number and which bits are part of the host ID using a logical AND operation A subnet mask has 32 bits each bit of the mask co...

Page 371: ...class C address using both notations Chart J 4 Alternative Subnet Mask Notation SUBNET MASK IP ADDRESS SUBNET MASK 1 BITS LAST OCTET BIT VALUE 255 255 255 0 24 0000 0000 255 255 255 128 25 1000 0000 2...

Page 372: ...ubnet Mask Binary 11111111 11111111 11111111 10000000 Subnet Address 192 168 1 0 Lowest Host ID 192 168 1 1 Broadcast Address 192 168 1 127 Highest Host ID 192 168 1 126 Chart J 6 Subnet 2 NETWORK NUM...

Page 373: ...1 s is the broadcast address on the subnet Chart J 7 Subnet 1 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 0 IP Address Binary 11000000 10101000 00000001 00000000 Subnet Mask Binary 11111...

Page 374: ...owest Host ID 192 168 1 193 Broadcast Address 192 168 1 255 Highest Host ID 192 168 1 254 Example Eight Subnets Similarly use a 27 bit mask to create 8 subnets 001 010 011 100 101 110 The following ta...

Page 375: ...determines which bits are part of the network number and which are part of the host ID A class B address has two host ID octets available for subnetting and a class A address has three host ID octets...

Page 376: ...3 Class B Subnet Planning NO BORROWED HOST BITS SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 10 255 255 255 192 26 1024 62 11 255 255 255 224 27 2048 30 12 255 255 255 240 28 4096 14 13 255 255 255 248...

Page 377: ...unit and possibly render it unusable Command Syntax The command keywords are in courier new font Enter the command keywords exactly as shown do not abbreviate The required fields in a command are encl...

Page 378: ......

Page 379: ...allow the sending of NetBIOS packets from the LAN to the WAN Allow or disallow the sending of NetBIOS packets from the WAN to the LAN Allow or disallow NetBIOS packets to initiate calls Display NetBIO...

Page 380: ...nfig type on off type Identify which NetBIOS filter numbered 0 3 to configure 0 LAN to WAN 1 WAN to LAN 6 IPSec packet pass through 7 Trigger Dial on off For types 0 and 1 use on to enable the filter...

Page 381: ...ilable ZyAIR boot module commands as shown in the next screen ATBAx allows you to change the console port speed The x denotes the number preceding the colon to give the console port speed following th...

Page 382: ...write MAC addr Country code EngDbgFlag FeatureBit to flash ROM ATCUx write Country code to flash ROM ATCB copy from FLASH ROM to working buffer ATCL clear working buffer ATSB save working buffer to F...

Page 383: ...to get information from the time server DHCP client gets s A DHCP client got a new IP address from the DHCP server DHCP client IP expired A DHCP client s IP address has expired DHCP server assigns s T...

Page 384: ...ber of NAT session table entries has been exceeded and the table is full Chart N 3 UPnP Logs LOG MESSAGE DESCRIPTION UPnP pass through Firewall UPnP packets can pass through the firewall Chart N 4 ICM...

Page 385: ...rams for the Network 1 Redirect datagrams for the Host 2 Redirect datagrams for the Type of Service and Network 3 Redirect datagrams for the Type of Service and Host 8 Echo 0 Echo message 11 Time Exce...

Page 386: ...Log Use the sys logs load command to load the log setting buffer that allows you to configure which logs the ZyAIR is to record Use sys logs category followed by a log category and a parameter to deci...

Page 387: ...his example shows how to set the ZyAIR to record the error logs and alerts and then view the results ras sys logs load ras sys logs category error 3 ras sys logs save ras sys logs display access time...

Page 388: ...way Series User s Guide N 6 Log Descriptions 4 11 11 2002 15 10 10 192 168 10 1 520 192 168 10 255 520 ACCESS BLOCK Firewall default policy UDP set 8 5 11 11 2002 15 10 10 172 21 4 67 137 172 21 255 2...

Page 389: ...DARDS AC Power Adaptor Model DV 121A2 5720 Input Power AC120Volts 60Hz 27VA Output Power DC12Volts 1 2A Power Consumption 10 W Safety Standards UL CUL UL 1310 CSA C22 2 No 223 M91 EUROPEAN PLUG STANDA...

Page 390: ...Input Power AC100Volts 50 60Hz 27VA Output Power DC12Volts 1 2A Power Consumption 10 W Safety Standards T Mark Japan Dentori AUSTRALIA AND NEW ZEALAND PLUG STANDARDS AC Power Adaptor Model AD 1201200...

Page 391: ...User Defined 24 1 Call History 29 3 29 4 Call Scheduling 31 1 Maximum Number of Schedule Sets 31 1 PPPoE 31 3 Precedence 31 1 Precedence Example See precedence CDR 27 6 CDR Call Detail Record 27 6 Cer...

Page 392: ...actory LAN Defaults 5 2 FCC iii FHSS See Frequency Hopping Spread Spectrum Filename Conventions 28 1 Filter 19 1 Applying Filters 24 15 Ethernet traffic 24 16 Ethernet Traffic 24 16 Filter Rules 24 5...

Page 393: ...side Local Address 9 1 Internet access 19 1 Internet Access 1 5 17 6 20 1 20 2 Internet Access Setup A 2 23 1 Internet Control Message Protocol ICMP 11 6 IP Address 3 11 3 12 5 5 9 6 9 8 16 3 19 3 21...

Page 394: ...5 9 7 Network Topology With RADIUS Server Example E 2 NNTP 9 7 O Offline 18 4 One to One See NAT Outside 9 1 P Packet Filtering Firewalls 11 1 Packet Triggered 27 6 Packets 27 2 PAP 21 3 Password 4 4...

Page 395: ...usted Host 25 1 Source Address 12 3 Stateful Inspection 1 4 11 1 11 2 11 7 11 8 24 17 Static Route 10 1 Static Route Setup 21 7 Static Routing Topology 21 7 SUA 9 5 9 6 9 7 9 8 SUA Single User Account...

Page 396: ...vice See TTLS U Universal Plug and Play UPnP 14 1 14 3 UNIX Syslog 27 5 27 6 UNIX syslog parameters 27 6 Upload Firmware 28 10 UPnP Examples 14 4 Use Server Detected IP 18 4 User Name 4 4 18 4 User Pr...

Page 397: ...User Defined 24 1 Call History 29 3 29 4 Call Scheduling 31 1 Maximum Number of Schedule Sets 31 1 PPPoE 31 3 Precedence 31 1 Precedence Example See precedence CDR 27 6 CDR Call Detail Record 27 6 Cer...

Page 398: ...actory LAN Defaults 5 2 FCC iii FHSS See Frequency Hopping Spread Spectrum Filename Conventions 28 1 Filter 19 1 Applying Filters 24 15 Ethernet traffic 24 16 Ethernet Traffic 24 16 Filter Rules 24 5...

Page 399: ...side Local Address 9 1 Internet access 19 1 Internet Access 1 5 17 6 20 1 20 2 Internet Access Setup A 2 23 1 Internet Control Message Protocol ICMP 11 6 IP Address 3 11 3 12 5 5 9 6 9 8 16 3 19 3 21...

Page 400: ...5 9 7 Network Topology With RADIUS Server Example E 2 NNTP 9 7 O Offline 18 4 One to One See NAT Outside 9 1 P Packet Filtering Firewalls 11 1 Packet Triggered 27 6 Packets 27 2 PAP 21 3 Password 4 4...

Page 401: ...usted Host 25 1 Source Address 12 3 Stateful Inspection 1 4 11 1 11 2 11 7 11 8 24 17 Static Route 10 1 Static Route Setup 21 7 Static Routing Topology 21 7 SUA 9 5 9 6 9 7 9 8 SUA Single User Account...

Page 402: ...vice See TTLS U Universal Plug and Play UPnP 14 1 14 3 UNIX Syslog 27 5 27 6 UNIX syslog parameters 27 6 Upload Firmware 28 10 UPnP Examples 14 4 Use Server Detected IP 18 4 User Name 4 4 18 4 User Pr...

Reviews:

No comments

Related manuals for ZYAIR

Wavetrend L Series Product Information Sheet preview
L Series
Brand: Wavetrend Pages: 2
M2 Antenna Systems 7-10-30LP8 UP-KIT Manual preview
7-10-30LP8 UP-KIT
Brand: M2 Antenna Systems Pages: 6
D-Link DWL-R60AT Datasheet preview
DWL-R60AT
Brand: D-Link Pages: 2
D-Link ANT24-0600 Quick Installation Manual preview
ANT24-0600
Brand: D-Link Pages: 4
Barrett 912 Operation Instructions preview
912
Brand: Barrett Pages: 4
Maco Antennas Comet Assembly Instructions Manual preview
Comet
Brand: Maco Antennas Pages: 7
1byone OUS00-0681 Quick Start Manual preview
OUS00-0681
Brand: 1byone Pages: 3
Magnum ST-2 Installation Instructions preview
ST-2
Brand: Magnum Pages: 4
Barrett 912 Series User Manual preview
912 Series
Brand: Barrett Pages: 5
Garmin GA Installation Instructions Manual preview
GA
Brand: Garmin Pages: 38
C. Crane Twin Coil Ferrite Operating Instructions Manual preview
Twin Coil Ferrite
Brand: C. Crane Pages: 16
Cambium Networks PTP 820C Installation Instructions preview
PTP 820C
Brand: Cambium Networks Pages: 3
Parsec Antennas Chinook Installation Instructions Manual preview
Chinook
Brand: Parsec Antennas Pages: 8
DAPAudio EDGE EUA-1 Manual preview
EDGE EUA-1
Brand: DAPAudio Pages: 16
Galleon AC-400 Installation And Configuration Manual preview
AC-400
Brand: Galleon Pages: 12
Eaton TFX Series Installation And Operation Manual preview
TFX Series
Brand: Eaton Pages: 60
Feig Electronic OBID ID ISC.ANT340/240-A Installation Manual preview
OBID ID ISC.ANT340/240-A
Brand: Feig Electronic Pages: 28
Garmin NavTalk Pilot Installation Manual preview
NavTalk Pilot
Brand: Garmin Pages: 10

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

ABB AEG Acer Asus Beko Black & Decker Bosch Brother Candy Canon Cisco Craftsman D-Link DeWalt Dell Electrolux Emerson Epson Frigidaire Fujitsu GE HP Haier Hitachi Honeywell Huawei Husqvarna JVC Kenmore Kenwood KitchenAid LG Lenovo Makita Miele Mitsubishi Electric Motorola NEC Nikon Nokia Panasonic Philips Pioneer Samsung Sanyo Sharp Siemens Sony TP-Link Toshiba Whirlpool Xiaomi Yamaha Zanussi Load more brands