ZyXEL Communications AMG1202-T10B Скачать руководство пользователя

Страница: 9 / 82

AMG1202-T10B/AMG1302-T10B

Support Notes

'protocol filter group'. You can configure the filter rule in

CLI

10. How can I protect against IP spoofing attacks?

The AMG1202-T10B/AMG1302-T10B

’s filter sets provide a means to protect

against IP spoofing attacks. The basic scheme is as follows:

For the input data filter:



Deny packets from the outside that claim to be from the inside



Allow everything that is not spoofing us

Filter rule setup:



Filter type =TCP/IP Filter Rule



Active =Yes



Source IP Addr =a.b.c.d



Source IP Mask =w.x.y.z



Action Matched =Drop



Action Not Matched =Forward

Where a.b.c.d is an IP address on your local network and w.x.y.z is your
netmask:

For the output data filters:



Deny bounce back packet



Allow packets that originate from us

Filter rule setup:



Filter Type =TCP/IP Filter Rule



Active =Yes



Destination IP Addr =a.b.c.d



Destination IP Mask =w.x.y.z



Action Matched =Drop



Action Not Matched =Forward

Where a.b.c.d is an IP address on your local network and w.x.y.z is your
netmask.

Содержание AMG1202-T10B

Страница 1: ...AMG1202 T10B AMG1302 T10B Support Notes 1 All contents copyright 2013 ZyXEL Communications Corporation AMG1202 T10B AMG1302 T10B Wireless N Lite ADSL2 4 port Gateway Support Notes Version 1 00 Jan 2013 ...

Страница 2: ...lt password for Web Configurator 10 3 What s the difference between Common User Account and Administrator Account 10 4 How do I know the AMG1202 T10B AMG1302 T10B s WAN IP address assigned by the ISP 10 5 What is the micro filter or splitter used for 11 6 The AMG1202 T10B AMG1302 T10B supports Bridge and Router mode what s the difference between them 11 7 How do I know I am using PPPoE 11 8 Why do...

Страница 3: ... What is Ping of Death attack 20 8 What is Teardrop attack 20 9 What is SYN Flood attack 20 10 What is LAND attack 21 11 What is Brute force attack 21 12 What is IP Spoofing attack 21 13 What are the default ACL firewall rules in AMG1302 T10B AMG1202 T10B 21 Configuration 22 1 How do I configure the firewall 22 2 How do I prevent others from configuring my firewall 22 3 Why can t I configure my AM...

Страница 4: ... T10B support 30 15 What Wireless standard does AMG1302 T10B AMG1202 T10B support 30 16 Does AMG1302 T10B AMG1202 T10B support MAC filtering 30 17 Does AMG1302 T10B AMG1202 T10B support auto rate adaption 30 Advanced FAQ 31 1 What is Ad Hoc mode 31 2 What is Infrastructure mode 31 3 How many Access Points are required in a given area 31 4 What is Direct Sequence Spread Spectrum Technology DSSS 31 ...

Страница 5: ...MG1302 T10B AMG1202 T10B under Routing mode 40 3 Setup the AMG1302 T10B AMG1202 T10B as a DHCP Relay 43 4 SUA Notes 43 5 Using the Dynamic DNS DDNS 53 6 QoS 802 1Q 54 7 Network Management Using SNMP 55 8 Using syslog 58 9 Using IP Alias 58 10 Using Call Scheduling 60 11 Using IP Multicast 61 Wireless Application Notes 63 1 Configure a Wireless Client to Ad hoc mode 63 2 MAC Filter 69 3 Site Survey...

Страница 6: ...r the Administrator use only and it could be accessed via telnet session Note It is protected by super password 1234 by factory default 2 How do I update the firmware and configuration file You can do this via accessing web GUI of AMG1202 T10B AMG1302 T10B as Administrator Firmware update function is under Maintanance Firmware Upgrade Configuration update function is under Maintanance Backup Resto...

Страница 7: ...r the outside Internet it replaces the source address in the IP packet header with its own address and the source port in the TCP or UDP header with another value chosen out of a local pool It then recomputed the appropriate header checksums and forwards the packet to the Internet as if it is originated from Prestige using the IP address assigned by ISP When reply packets from the external Interne...

Страница 8: ...any One to One In Many One to One mode the AMG1202 T10B AMG1302 T10B maps each ILA to unique IGA Server In Server mode the AMG1202 T10B AMG1302 T10B maps multiple inside servers to one global IP address This allows us to specify multiple servers of different types behind the NAT for outside access Note if you want to map each server to one unique IGA please use the One to One mode The following ta...

Страница 9: ...om the inside Allow everything that is not spoofing us Filter rule setup Filter type TCP IP Filter Rule Active Yes Source IP Addr a b c d Source IP Mask w x y z Action Matched Drop Action Not Matched Forward Where a b c d is an IP address on your local network and w x y z is your netmask For the output data filters Deny bounce back packet Allow packets that originate from us Filter rule setup Filt...

Страница 10: ...rd after you logging in the Web Configurator Please record your new password whenever you change it The system will lock you out if you have forgotten your password 3 What s the difference between Common User Account and Administrator Account For Common User Account it can only access the status monitor of AMG1202 T10B AMG1302 T10B and check the current system status For Administrator Account besi...

Страница 11: ...computers want to share an Internet account for Internet access they have to add another Internet sharing device like a router In this case we use the router mode which works as a general Router plus an ADSL Modem 7 How do I know I am using PPPoE PPPoE requires a user account to login to the provider s server If you need to configure a user name and password on your computer to connect to the ISP ...

Страница 12: ... want your internal server to be accessed by using DNS name rather than using the dynamic IP address we can use the DDNS service The DDNS server allows to alias a dynamic IP address to a static hostname Whenever the ISP assigns you a new IP the AMG1202 T10B AMG1302 T10B sends this IP to the DDNS server for its updates 11 What is DDNS wildcard Does the AMG1202 T10B AMG1302 T10B support DDNS wildcar...

Страница 13: ...figurator Peak Cell Rate PCR The maximum bandwidth allocated to this connection The VC connection throughput is limited by PCR Sustainable Cell Rate SCR The least guaranteed bandwidth of a VC When there are multi VCs on the same line the VC throughput is guaranteed by SCR Maximum Burst Size MBS The amount of cells transmitted through this VC at the Peak Cell Rate before yielding to other VCs Total...

Страница 14: ...ect VBR for burst traffic and bandwidth sharing with other applications It contains two subclasses Variable bit rate nonreal time VBR nRT Variable bit rate real time VBR RT 16 What is content filter Internet Content filter allows you to create and enforce Internet access policies tailored to your needs Content filter gives you the ability to block web sites that contain key words that you specify ...

Страница 15: ...d today that can support two way cable modem transmissions and while the figure also grows steadily it will not catch up with telephone lines for many years Additionally many of the older cable networks are not capable of offering a return channel consequently such networks will need significant upgrading before they can offer high bandwidth services 2 What is the expected throughput In our test w...

Страница 16: ... identify the protocol being carried on the virtual circuit VC The VC based multiplexing needs a separate VC for carrying each protocol but it does not need the extra headers Therefore the VC based multiplexing is more efficient 7 How do I know the details of my ADSL line statistics You can do it in Web Configurator Advanced Setup Maintenance Diagnostic DSL Line DSL Status 8 What are the signaling...

Страница 17: ... access require different Quality of Service The high priority is Voice VoIP data The Medium priority is Video IPTV data The low priority is internet access such as ftp etc Triple Play is a port based policy to forward packets from different LAN port to different PVCs thus you can configure each PVC separately to assign different QoS to different application ...

Страница 18: ...LAN The AMG1302 T10B AMG1202 T10B supports Network Address Translation NAT which translates the private local addresses to one or multiple public addresses This adds a level of security since the clients on the private LAN are invisible to the Internet 3 What are the basic types of firewalls Conceptually there are three types of firewalls 1 Packet Filtering Firewall 2 Application level Firewall 3 ...

Страница 19: ... into account the state of connections it handles so that for example a legitimate incoming packet can be matched with the outbound request for that packet and allowed in Conversely an incoming packet masquerading as a response to a nonexistent outbound request can be blocked 3 The AMG1302 T10B AMG1202 T10B s firewall uses session filtering i e smart rules that enhance the filtering process and co...

Страница 20: ...he IP specification The oversize packet is then sent to an unsuspecting system Systems may crash hang or reboot 8 What is Teardrop attack Teardrop attack exploits weakness in the reassemble of the IP packet fragments As data is transmitted through a network IP packets are often broken up into smaller chunks Each fragment looks like the original packet except that it contains an offset field The Te...

Страница 21: ...create a large amount of ICMP echo request packet the resulting ICMP traffic will not only clog up the intermediary network but will also congest the network of the spoofed source IP address known as the victim network This flood of broadcast traffic consumes all available bandwidth making communications impossible 12 What is IP Spoofing attack Many DoS attacks also use IP Spoofing as part of thei...

Страница 22: ... protect others from touching the settings of your firewall 1 Change the default Administrator password since it is required when setting up the firewall 2 Limit who can access to your AMG1302 T10B AMG1202 T10B s Web Configurator or CLI You can enter the IP address of the secured LAN host in Web Configurator Advanced Setup Maintenance RemoteMGNT to allow special access to your AMG1302 T10B AMG1202...

Страница 23: ...o LAN ACL summary will look like as shown below WWW For accessing Web Configurator Source IP Remote trusted host Destination IP router WAN IP Service TCP 80 Action Forward TELNET For accessing Command Line Interface Source IP Telnet Client host Destination IP router WAN IP Service TCP 23 Action Forward 2 You have disabled WWW Telnet service in Web Configurator Advanced setup Maintenance RemoteMGNT...

Страница 24: ...P 21 TCP 20 Action Forward 2 You have disabled FTP service in Web Configurator Advanced setup Maintenance RemoteMGNT 3 FTP service is enabled but your host IP is not the secured host entered in Web Configurator Advanced setup Maintenance RemoteMGNT 4 A filter set which blocks FTP from WAN is applied to WAN node Log and Alert 1 When does the AMG1302 T10B AMG1202 T10B generate the firewall log The A...

Страница 25: ...Setup Maintenance Logs Log Settings check Access Control and Attacks options depending on your real situation 2 Enable log function in firewall default policy or in firewall rules After the above two steps you can view firewall logs via Web Configurator Advanced setup Maintenance Logs View Log You can also view Centralized logs via mail or syslog please configure mail server or Unix Syslog server ...

Страница 26: ... simply by equipping PC s with wireless NICs If connectivity to a wired LAN is required an Access Point AP is used as a bridging device AP s are typically located close to the centre of the wireless client population 2 What are the advantages of Wireless LAN Mobility Wireless LAN systems can provide LAN users with access to real time information anywhere in their organization This mobility support...

Страница 27: ...lative high because the equipment cost including access point and PCMCIA Wireless LAN card is higher than hubs and CAT 5 cables 4 Where can you find 802 11 wireless networks Airports hotels and even coffee shops like Starbucks are deploying 802 11 networks so people can wirelessly surf the Internet with their laptops 5 What is an Access Point The AP access point also known as a base station is the...

Страница 28: ...t and Bluetooth short range wireless applications which include connecting printers to computers and connecting modems or hands free kits to mobile phones 9 Does the 802 11 interfere with Bluetooth device Any time devices are operated in the same frequency band there is the potential for interference Both the 802 11b g and Bluetooth devices occupy the same2 4 to 2 483 GHz unlicensed frequency rang...

Страница 29: ...from electrical devices eg microwaves monitors electric motors etc 4 Add additional APs if necessary 12 What s the difference between a WLAN and a WWAN WLANs are generally privately owned wireless systems that are deployed in a corporation warehouse hospital or educational campus setting Data rates are high and there are no per packet charges for data transmission WWANs are generally publicly shar...

Страница 30: ... 11b g draft n standard 16 Does AMG1302 T10B AMG1202 T10B support MAC filtering Yes it supports up to 32 MAC Address filtering 17 Does AMG1302 T10B AMG1202 T10B support auto rate adaption Yes it means that the AP on AMG1302 T10B AMG1202 T10B will automatically decelerate when devices move beyond the optimal range or other interference is present If the device moves back within the range of a highe...

Страница 31: ...any Access Points are required in a given area This depends on the surrounding terrain the diameter of the client population and the number of clients If an area is large with dispersed pockets of populations then extension points can be used for extend coverage 4 What is Direct Sequence Spread Spectrum Technology DSSS DSSS spreads its signal continuously over a wide frequency band DSSS maps the i...

Страница 32: ...an internal antenna which may provide sufficient reception 7 Why the 2 4 GHZ Frequency range This frequency range has been set aside by the FCC and is generally labeled the ISM band A few years ago Apple and several other large corporations requested that the FCC allow the development of wireless networks within this frequency range What we have today is a protocol and system that allows for unlic...

Страница 33: ...ommunications Corporation 9 What is an ESSID ESSID stands for Extended Service Set Identifier and identifies the wireless LAN The ESSID of the mobile device must match the ESSID of the AP to communicate with the AP The ESSID is a 32 character maximum string and is case sensitive ...

Страница 34: ... intruders and to prevent the capture of wireless LAN traffic through eavesdropping WEP allows the administrator to define a set of respective Keys for each wireless network user based on a Key String passed through the WEP encryption algorithm Access is denied by anyone who does not have an assigned key Note WEP has shown to have fundamental flaws in its key generation processing 3 What is WPA PS...

Страница 35: ...Users need to use the same encryption level in order to make a connection 7 Can the SSID be encrypted No WEP only encrypts the data packets not the 802 11n management packets The SSID is in the beacon and probe management messages and SSID goes over the air in clear text This makes obtaining the SSID easy by sniffing 802 11n wireless traffic 8 by turning off the broadcast of SSID can someone still...

Страница 36: ...curity process and review 10 What is Wireless Sniffer An attacker can sniff and capture legitimate traffic Many of the sniffer tools for Ethernet are based on capturing the first part of the connection session where the data would typically include the username and password An intruder can masquerade as that user by using this captured information An intruder who monitors the wireless network can ...

Страница 37: ...nly one computer to access the Internet Set up your workstation 1 Ethernet connection To connect your computer to the AMG1302 T10B AMG1202 T10B s LAN port the computer must have an Ethernet adapter card installed For connecting a single computer to the AMG1302 T10B AMG1202 T10B we use an Ethernet cable 2 TCP IP configuration In most cases the IP address of the computer is assigned by the ISP dynam...

Страница 38: ...shows you how to configure your AMG1302 T10B AMG1202 T10B as bridge mode We will use Web Configurator to guide you through the related menu 1 Retrieve Prestige Web Please enter the LAN IP address of the Prestige router in the URL location to retrieve the web screen from the Prestige The default LAN IP of the Prestige is 192 168 1 1 See the example below Note that you can either use ...

Страница 39: ... http 192 168 1 1 2 Login first The default username and password is the default SMT password 1234 1 Configure AMG1302 T10B AMG1202 T10B as bridge mode and configure Internet setup parameters in Web Configurator Advanced Setup Network Setting Broadband Internet Connection Key Settings Option Description ...

Страница 40: ...or most Internet users having multiple computers want to share an Internet account for Internet access they have to install an Internet sharing device like a router In this case we use the AMG1302 T10B AMG1202 T10B which works as a general Router plus an ADSL Modem Set up your workstation 1 Ethernet connection Connect the LAN ports of all computers to the LAN Interface of AMG1302 T10B AMG1202 T10B...

Страница 41: ...B under routing mode The following procedure shows you how to configure your AMG1302 T10B AMG1202 T10B as Routing mode for routing traffic We will use Web Configurator to guide you through the related menu 1 Configure AMG1302 T10B AMG1202 T10B as routing mode and configure Internet setup parameters in Web Configurator Advanced Setup Network ...

Страница 42: ...t Multiplexing type that your ISP supports For example LLC VPI VCI number Specify a VPI Virtual Path Identifier and a VCI Virtual Channel Identifier given to you by your ISP IP Address Assignment Set to Dynamic if the ISP provides the IP for the AMG1302 T10B AMG1202 T10B dynamically Otherwise set to Static and enter the IP in the IP Address field 2 Configure a LAN IP for the AMG1302 T10B AMG1202 T...

Страница 43: ... the DHCP relay function When it is configured as DHCP server it assigns the IP addresses to the LAN clients When it is configured as DHCP relay it is responsible for forwarding the requests and responses negotiating between the DHCP clients and the server See figure 1 Setup the AMG1302 T10B AMG1202 T10B as a DHCP Relay We could set the AMG1302 T10B AMG1202 T10B as a DHCP Relay by the following co...

Страница 44: ...d server are configured in Web Configurator Advanced Setup Network NAT Port Forwarding the internal server or client applications can be accessed by using the AMG1302 T10B AMG1202 T10B s WAN IP Address SUA Supporting Table The following are the required Web Configurator Advanced Setup Network NAT Port Forwarding for the various applications running SUA mode ZyXEL SUA Supporting Table1 Application ...

Страница 45: ...lient IP Microsoft NetMeeting 2 1 3 013 None 1720 client IP 1503 client IP Cisco IP TV 2 0 0 None RealPlayer G2 None VDOLive None Quake1 064 None Default client IP QuakeII2 305 None Default client IP QuakeIII1 05 beta None StartCraft 6112 client IP Quick Time 4 0 None pcAnywhere 8 0 None 5631 client IP 5632 client IP 22 client IP IPsec ESP tunneling mode None one client only Default Client Microso...

Страница 46: ...low multiple users to login using the same unique IP so only one Quake user will be allowed in this case Moreover when a Quake server is configured behind SUA AMG1302 T10B AMG1202 T10B will not be able to provide information of that server on the internet 5 Quake II has the same limitations as that of Quake I 6 AMG1302 T10B AMG1202 T10B supports MSN Messenger 4 6 4 7 5 0 video voice pass through N...

Страница 47: ...dentified by the port number Also since you need to specify the IP address of a server behind the AMG1302 T10B AMG1202 T10B a server must have a fixed IP address and not be a DHCP client whose IP address potentially changes each time AMG1302 T10B AMG1202 T10B is powered on In addition to the servers for specific services SUA supports a default server A service request that does not have a server e...

Страница 48: ...from Web Configurator Status WAN Information For example Configuring an internal Web server for outside access suppose the Server IP Address is 192 168 1 10 1 Fill in the service name and server IP Address press button Add new rule 2 If add successfully the Web Configurator will display message Configuration updated successfully at the bottom You can see the port forwarding rule on the same page t...

Страница 49: ...including the Internet itself In order to run the Windows 9x PPTP client you must be able to establish an IP connection with a tunnel server such as the Windows NT Server 4 0 Remote Access Server Windows Dial Up Networking uses the Internet standard Point to Point PPP to provide a secure optimized multiple protocol network connection over dial up telephone lines All data sent over this connection ...

Страница 50: ...d during the installation phase of the Upgrade in addition to the first dial up adapter that provides PPP support for the analog or ISDN modem The PPTP is supported in Windows NT and Windows 98 already For Windows 95 it needs to be upgraded by the Dial Up Networking 1 2 upgrade Configuration This application note explains how to establish a PPTP connection with a remote private network in the AMG1...

Страница 51: ...om Control Panel Network Add an user account for PPTP logged on user Enable RAS port Select the network protocols from RAS such as IPX TCP IP NetBEUI Set the Internet gateway to AMG1302 T10B AMG1202 T10B 2 PPTP client setup Win9x Add one VPN connection from Dial Up Networking by entering the correct username password and the IP address of the AMG1302 T10B AMG1202 T10B s Internet IP address for log...

Страница 52: ... through that connection Therefore the output below shows the default gateway of the Win9x client after the dial up connection has been established Before making a VPN connection from the Win9x client to the NT server you need to know the exact Internet IP address that the ISP assigns to AMG1302 T10B AMG1202 T10B router in SUA mode and enter this IP address in the VPN dial up dialog box You can ch...

Страница 53: ...10B to access the internal server It is inconvenient for the users if this IP is dynamic With DDNS supported by the AMG1302 T10B AMG1202 T10B you apply a DNS name e g www zyxel com tw for your server e g Web server from a DDNS server The outside users can always access the web server using the www zyxel com tw regardless of the WAN IP of the P 120 P 1302 When the ISP assigns the AMG1302 T10B AMG12...

Страница 54: ...e the IP to the DDNS server 2 Login Web Configurator Advanced Setup Network Setting Dynamic DNS Select Active Dynamic DNS option Key Settings Option Description Service Provider Enter the DDNS server in this field Currently we support WWW DYNDNS ORG Active Toggle to Yes Host Name Enter the hostname you subscribe from the above DDNS server For example zyxel com tw User Name Enter the user name that...

Страница 55: ... devices need to process the frame across the network IEEE 802 1p specifies the user priority field and defines up to eight separate traffic types The following table describes the traffic types defined in the IEEE 802 1d standard which incorporates the 802 1p IEEE 802 1p Priority Level and Traffic Type 7 Network Management Using SNMP ZyXEL SNMP Implementation ZyXEL currently includes SNMP support...

Страница 56: ...p 4 linkUp defined in RFC 1215 If any link of IDSL or WAN is up the trap will be sent with the port number The port number is its interface index under the interface group 5 authenticationFailure defined in RFC 1215 When receiving any SNMP get or set requirement with wrong community this trap is sent to the manager 6 whyReboot defined in ZYXEL MIB When the system is going to restart warmstart the ...

Страница 57: ...n Downloading ZyXEL s private MIB Configure the AMG1302 T10B AMG1202 T10B for SNMP The SNMP related settings in AMG1302 T10B AMG1202 T10B are configured in Web Configurator Advanced Setup Maintenance Remote MGNT SNMP The following steps describe a simple setup procedure for configuring all SNMP settings ...

Страница 58: ... IP Alias What is IP Alias In a typical environment a LAN router is required to connect two local networks The AMG1302 T10B AMG1202 T10B can connect three local networks to the ISP or a remote node we call this function as IP Alias In this case an internal router is not required For example the network manager can divide the local network into three networks and connect them to the Internet using ...

Страница 59: ...02 T10B AMG1202 T10B to route the packets from to the three networks correctly They are br0 for the major network br0 0 for the IP alias 1 Therefore two routes are created in the AMG1302 T10B AMG1202 T10B as shown below when the two networks are configured If the AMG1302 T10B AMG1202 T10B s DHCP is also enabled the IP pool for the clients can be any of the two networks IP Alias Setup 1 Edit the fi...

Страница 60: ...in the enif0 0 interface 10 Using Call Scheduling What is Call Scheduling Call scheduling enables the mechanism for the AMG1302 T10B AMG1202 T10B to run the remote node connection according to the pre defined schedule This feature is just like the scheduler ina video recorder which records the program according to the specified time Users can apply at most 4 schedule sets in Remote Node The remote...

Страница 61: ...ddresses range from 224 0 0 0 to 239 255 255 255 Among them 224 0 0 1 is assigned to the permanent IP hosts group and 224 0 0 2 is assigned to the multicast routers group IGMP Internet Group Management Protocol is the protocol used to support multicast groups The latest version is version 2 see RFC2236 IP hosts use IGMP to report their multicast group membership to any immediate neighbor multicast...

Страница 62: ...02 T10B AMG1202 T10B s LAN in Web Configurator Advanced Setup And Network Setting Home Networking LAN Setup 2 Enable IGMP in AMG1302 T10B AMG1202 T10B s remote node in Web Configurator Advanced Setup And Network Setting Home Networking LAN Setup Key Settings Multicast IGMP v1 for IGMP version 1 IGMP v2 for IGMP version 2 IGMP v3 for IGMP version 3 ...

Страница 63: ...o other client units just as using a cross over Ethernet cable connecting 2 hosts together via a NIC card for direct connection when configured in Ad hoc mode without an access point being present Ad hoc operation is ideal for small networks of no more than 2 4 computers Larger networks would require the use of one or perhaps several access points Configuration for Wireless Station A To configure ...

Страница 64: ...Ad hoc from the operation mode pull down menu fill you an SSID and select a channel you want to use than press OK to apply Step 4 Since there is no DHCP server to give the host IP you must first designate a static IP for your station From Windows Start select Control Panel Network Connection Wireless Network Connection ...

Страница 66: ... address and subnet mask and click OK to finish Configuration for Wireless Station B To configure Ad hoc mode on your ZyAIR B 100 B 200 B 300 wireless NIC card please follow the following step Step1 Double click on the utility icon in your windows task bar the utility will pop up on your windows screen Step 2 Select configuration tab ...

Страница 67: ...Ad hoc from the operation mode pull down menu fill you an SSID and select a channel you want to use than press OK to apply Step 4 Since there is no DHCP server to give the host IP you must first designate a static IP for your station From Windows Start select Control Panel Network Connection Wireless Network Connection ...

Страница 69: ...n B 2 MAC Filter MAC Filter Overview Users can use MAC Filter as a method to restrict unauthorized stations from accessing the APs ZyXEL s APs provide the capability for checking MAC address of the station before allowing it to connect to the network This provides an additional layer of control layer in that only stations with registered MAC addresses can connect This approach requires that the li...

Страница 70: ...yXEL APs are configured in Web Configurator Advanced Setup Network Wireless LAN MAC Filter Before you configure the MAC filter you need to know the MAC address of the client first If not knowing what your MAC address is please enter a command ipconfig all after DOS prompt to get the MAC physical address of your wireless client Step 1 Login Web Configurator Advanced Setup Network Wireless LAN MAC F...

Страница 71: ...ap of RF coverage of the facility Preparation Below are the steps to complete a simple site survey with simple tools 1 First you will need to obtain a facility diagram such as blueprints This is for you to mark and take record on 2 Visually inspect the facility walk through the facility to verify the accuracy of the diagram and mark down any large obstacle you see that may affect the RF signal suc...

Страница 72: ...provide information such as connection speed current used channel associated rate link quality signal strength and etc information as shown in utility below Step 4 It s always a good idea to start with putting the access point at the corner of the room and walk away from the access point in a systematic manner Record down the changes at point where transfer rate drop and the link quality and signa...

Страница 73: ... access point installation spot if wireless service is required from corner of the room Step 6 Repeat step 1 5 and now you should be able to mark an RF coverage area as illustrated in above picture Step 7 You may need more than one access point is the RF coverage area have not covered all the wireless service area you needed Step 8 Repeat step 1 6 of survey on site as necessary upon completion you...

Страница 74: ...at is WPA Functionality Wi Fi Protected Access WPA is a subset of the IEEE 802 11i security specification draft Key differences between WAP and WEP are user authentication and improved data encryption WAP applies IEEE 802 1x Extensible Authentication Protocol EAP to authenticate wireless clients using an external RADIUS database You cannot use the AMG1302 T10B AMG1202 T10B s local user database fo...

Страница 75: ...ateway and wireless client As long as the passwords match a client will be granted access to a WLAN Here comes WPA PSK Application example for your reference Configuration for Access point The IEEE 802 1x standard outlines enhanced security methods for both the authentication of wireless stations and encryption key management Authentication can be done using local user database internal to the AMG...

Страница 76: ...on for your PC Step 1 Double click on your wireless utility icon in your windows task bar the utility will pop up on your windows screen Step 2 Select the configuration tab type in the SSID Service Set Identifier select the operating Mode as Infrastructure and select proper channel Step 3 Click Set Security to configure the security parameters ...

Страница 77: ...AMG1202 T10B AMG1302 T10B Support Notes 77 All contents copyright 2013 ZyXEL Communications Corporation Step 4 Click OK for finish and begin to Site survey Connect to the AP as you have configured ...

Страница 78: ...F button is situating at back panel of device It can be used to turn the wireless LAN off or on Turn the Wireless LAN Off or On 1 Make sure the POWER LED is on not blinking 2 Press the WLAN ON OFF button for over 1 second and release it The WLAN LED should change from on to off or vice versa WPS ON OFF button is situating in front panel of device You can use it to activate WPS in order to quickly ...

Страница 79: ...to Network Setting Wireless WPS WPS enable 3 Press the WPS ON OFF button for 1 5 seconds and release it or over 5 seconds WPS will activate automatically The WPS LED should start blinking for 120 seconds Support Tool 1 Capture the detailed logs by Hyper Terminal Step 1 Initiate a hyper terminal connection from your PC suppose you connected to the LAN port of AMG1302 T10B AMG1202 T10B ...

Страница 80: ...AMG1202 T10B AMG1302 T10B Support Notes 80 All contents copyright 2013 ZyXEL Communications Corporation Step 2 Click the properties to configure parameters to telnet to the AMG1302 T10B AMG1202 T10B ...

Страница 81: ...AMG1202 T10B AMG1302 T10B Support Notes 81 All contents copyright 2013 ZyXEL Communications Corporation Step 3 So that after you invoke the relevant commands you could save the logs you ve captured ...

Страница 82: ...mand param command help command subcommand help General user interface 1 Shows the following commands and all major sub commands 2 exit Exit Subcommand To get the latest CI Command list The latest CI Command list is available in release note of every ZyXEL firmware release Please goto ZyXEL public WEB site http www zyxel com support download_library shtml to download firmware package zip you shoul...

Результаты поиска

Содержание AMG1202-T10B

Отзывы:

Похожие инструкции для AMG1202-T10B

Бренды по названию

Популярные бренды

ZyXEL Communications AMG1202-T10B, Поддержка заметок

Результаты поиска

Содержание AMG1202-T10B

Отзывы:

Похожие инструкции для AMG1202-T10B

Бренды по названию

Популярные бренды