manualshive.com logo in svg

ZyXEL Communications P-660HN-F1, Руководство пользователя

Поделиться
Скачать
ZyXEL Communications P-660HN-F1 Скачать руководство пользователя страница 320

Appendix D Wireless LANs

ADSL Series User’s Guide

320

called Rijndael. They both include a per-packet key mixing function, a Message Integrity Check 
(MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying 
mechanism.

WPA and WPA2 regularly change and rotate the encryption keys so that the same encryption key is 
never used twice. 

The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then sets up a key 
hierarchy and management system, using the PMK to dynamically generate unique data encryption 
keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless 
clients. This all happens in the background automatically.

The Message Integrity Check (MIC) is designed to prevent an attacker from capturing data packets, 
altering them and resending them. The MIC provides a strong mathematical function in which the 
receiver and the transmitter each compute and then compare the MIC. If they do not match, it is 
assumed that the data has been tampered with and the packet is dropped. 

By generating unique data encryption keys for every data packet and by creating an integrity 
checking mechanism (MIC), with TKIP and AES it is more difficult to decrypt data on a Wi-Fi 
network than WEP and difficult for an intruder to break into the network. 

The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same. The only difference 
between the two is that WPA(2)-PSK uses a simple common password, instead of user-specific 
credentials. The common-password approach makes WPA(2)-PSK susceptible to brute-force 
password-guessing attacks but it’s still an improvement over WEP as it employs a consistent, 
single, alphanumeric password to derive a PMK which is used to generate unique temporal 
encryption keys. This prevent all wireless devices sharing the same encryption keys. (a weakness of 
WEP)

User Authentication 

WPA and WPA2 apply IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate 
wireless clients using an external RADIUS database. WPA2 reduces the number of key exchange 
messages from six to four (CCMP 4-way handshake) and shortens the time required to connect to a 
network. Other WPA2 authentication features that are different from WPA include key caching and 
pre-authentication. These two features are optional and may not be supported in all wireless 
devices.

Key caching allows a wireless client to store the PMK it derived through a successful authentication 
with an AP. The wireless client uses the PMK when it tries to connect to the same AP and does not 
need to go with the authentication process again.

Pre-authentication enables fast roaming by allowing the wireless client (already connecting to an 
AP) to perform IEEE 802.1x authentication with another AP before connecting to it.

Wireless Client WPA Supplicants

A wireless client supplicant is the software that runs on an operating system instructing the wireless 
client how to use WPA. At the time of writing, the most widely available supplicant is the WPA patch 
for Windows XP, Funk Software's Odyssey client. 

The Windows XP patch is a free download that adds WPA capability to Windows XP's built-in "Zero 
Configuration" wireless client. However, you must run Windows XP to use it. 

Содержание P-660HN-F1

Страница 1: ...Fx P 660HN Fx P 661HNU Fx x stands for 1 or 3 Copyright 2011 ZyXEL Communications Corporation Firmware Version 3 10 Edition 1 12 2011 Default Login Details IP Address https 192 168 1 1 Admin User Nam...

Страница 2: ...Videos ADSL Series User s Guide 2 Videos File Sharing Video Example 55 QoS Video Example 76...

Страница 3: ...way It contains information on setting up your network and configuring for Internet access Support Disc Refer to the included CD for support documents Documentation Feedback Send your comments questio...

Страница 4: ...ences as well Customer Support Should problems arise that cannot be solved by the methods listed above you should contact your vendor If you cannot contact your vendor then contact a ZyXEL office for...

Страница 5: ...ter or return key on your keyboard Enter means for you to type one or more characters and then press the ENTER key Select or choose means for you to use one of the predefined choices A right angle bra...

Страница 6: ...Document Conventions ADSL Series User s Guide 6 Server Firewall Router Switch...

Страница 7: ...n the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or cord Do NOT use the device if the power adaptor or cord is damaged as it might cause electrocutio...

Страница 8: ...Safety Warnings ADSL Series User s Guide 8...

Страница 9: ...s 83 Broadband 87 Wireless 105 Home Networking 131 Routing 157 DNS Route 161 Quality of Service QoS 165 Network Address Translation NAT 175 Dynamic DNS 183 Firewall 185 MAC Filter 191 Certificates 193...

Страница 10: ...Contents Overview ADSL Series User s Guide 10...

Страница 11: ...yXEL Device s USB and Print Server Support 22 1 3 The WPS WLAN Button 23 1 4 Ways to Manage the ZyXEL Device 24 1 5 Good Habits for Managing the ZyXEL Device 25 1 6 The RESET Button 25 Chapter 2 Intro...

Страница 12: ...ure 50 3 5 1 Set Up File Sharing 51 3 5 2 Access Your Shared Files From a Computer 54 3 6 Using the Print Server Feature 56 3 7 Configuring the MAC Address Filter for Restricting Wireless Internet Acc...

Страница 13: ...e More AP Screen 113 6 3 1 Edit More AP 114 6 4 The WPS Screen 115 6 5 The WMM Screen 117 6 6 Scheduling Screen 118 6 7 Technical Reference 119 6 7 1 Additional Wireless Terms 119 6 7 2 Wireless Secur...

Страница 14: ...it DNS Route Edit 162 Chapter 10 Quality of Service QoS 165 10 1 Overview 165 10 1 1 What You Can Do in this Chapter 165 10 1 2 What You Need to Know 165 10 2 The QoS General Screen 166 10 3 The Queue...

Страница 15: ...185 13 2 The General Screen 186 13 3 The Services Screen 187 13 4 Firewall Technical Reference 188 13 4 1 Guidelines For Enhancing Security With Your Firewall 188 13 4 2 Security Considerations 188 C...

Страница 16: ...d NAT Traversal 214 16 6 4 Encapsulation 215 16 6 5 IKE Phases 216 16 6 6 Negotiation Mode 217 16 6 7 Remote DNS Server 217 16 6 8 ID Type and Content 218 16 6 9 Pre Shared Key 219 16 6 10 Diffie Hell...

Страница 17: ...23 1 Overview 237 23 2 The Firmware Screen 237 Chapter 24 Backup Restore 239 24 1 Overview 239 24 2 The Backup Restore Screen 239 24 3 The Reboot Screen 241 Chapter 25 Diagnostic 243 25 1 Overview 243...

Страница 18: ...IP Addresses and Subnetting 263 Appendix B Setting Up Your Computer s IP Address 273 Appendix C Pop up Windows Java Script and Java Permissions 303 Appendix D Wireless LANs 311 Appendix E Common Serv...

Страница 19: ...19 PART I User s Guide...

Страница 20: ...20...

Страница 21: ...ctivity U denotes a USB port used to share files via a USB memory stick or a USB hard drive The ZyXEL Device can function as a print server with a USB printer connected Models ending in 1 for example...

Страница 22: ...computers For example you could make sure that the ZyXEL Device gives email high priority and or limit bandwidth devoted to the boss s excessive file downloading 1 2 2 Wireless Connection By default t...

Страница 23: ...S 1 Make sure the POWER LED is on not blinking 2 Place the devices you want to connect near one another 3 Press the WPS button on top of the ZyXEL Device for more than five seconds and release it to t...

Страница 24: ...s to Manage the ZyXEL Device Use any of the following methods to manage the ZyXEL Device Web Configurator This is recommended for everyday management of the ZyXEL Device using a supported web browser...

Страница 25: ...ry default settings If you backed up an earlier configuration file you would not have to totally re configure the ZyXEL Device You could simply restore your last configuration Refer to the Quick Start...

Страница 26: ...Chapter 1 Introduction ADSL Series User s Guide 26...

Страница 27: ...p windows from your device Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 JavaScript enabled by default Java permissions enabled by default See Appendix C on page 303 if you...

Страница 28: ...ault password Enter a new password retype it to confirm and click Apply alternatively click Skip to proceed to the Connection Status screen if you do not want to change the password now Figure 5 Chang...

Страница 29: ...ystem Info to show the following screen Figure 7 Web Configurator Layout Screen As illustrated above the main screen is divided into these parts A title bar B main window C navigation panel 2 2 1 Titl...

Страница 30: ...work Setting Broadband Broadband Use this screen to view remove or add a WAN interface You can also configure ISP parameters WAN IP address assignment DNS servers and other advanced properties Wireles...

Страница 31: ...certificates to the ZyXEL Device VPN Certificates Use this screen to import certificates and privates keys for VPN Up to 4 certificates can be stored VPN Setup Use this screen to manage VPN settings...

Страница 32: ...When you log in to the Web Configurator the following screen opens Figure 8 User Mode Network Map 2 3 2 What You Can Do You can do the following in this mode Use this Navigation Panel to opt out of t...

Страница 33: ...network devices connected to the ZyXEL Device by downloading the LLTD Link Layer Topology Discovery patch from the Microsoft Website Note Don t worry if the Network Map does not display in your web b...

Страница 34: ...n your wireless LAN is turned on and off Wireless LAN scheduling is disabled by default Table 3 Control Panel ITEM DESCRIPTION Power Saving Click this to schedule the wireless feature of the ZyXEL Dev...

Страница 35: ...s Day Select Everyday or the specific days to turn the Wireless LAN on or off If you select Everyday you can not select any specific days This field works in conjunction with the For the following tim...

Страница 36: ...Click OK to close this screen Table 5 Content Filter LABEL DESCRIPTION Add Click Add after you have typed a keyword Repeat this procedure to add other keywords Up to 64 keywords are allowed Note The...

Страница 37: ...ptive name up to 32 keyboard characters for the wireless LAN Security Mode Select Basic or More Secure to add security on this wireless network The wireless clients which want to associate to this net...

Страница 38: ...gital Media Adapters Xboxes or PS3s The media server and the clients must have IP addresses in the same subnet See Section 7 6 on page 142 for more information on the Media Server feature If you would...

Страница 39: ...Chapter 2 Introducing the Web Configurator ADSL Series User s Guide 39 Figure 17 Media Server Click OK to close this screen...

Страница 40: ...Chapter 2 Introducing the Web Configurator ADSL Series User s Guide 40...

Страница 41: ...ng QoS Queue and Class Setup Access the ADSL Device Using DDNS 3 2 Setting Up Your DSL Connection This tutorial shows you how to set up your ADSL settings for Internet connection using the Web Configu...

Страница 42: ...e interface type is ADSL and the connection has the following information General Name MyDSLConnection Type ADSL Mode Routing WAN Service Type PPP over Ethernet PPPoE ATM PVC Configuration VPI VCI 36...

Страница 43: ...se values and click Apply This completes your DSL WAN connection setting 4 You should see a summary of your new DSL connection setup in the Broadband screen as follows The ADSL WAN interface you just...

Страница 44: ...SL Device is labeled A Wireless LAN Setup Note This section shows how to set up the wireless client using two methods using the Microsoft Windows utility and the WPS PIN method Refer to the Quick Star...

Страница 45: ...ure as your security level and set security mode to WPA PSK and enter ThisismyWPA PSKpre sharedkey in the Pre Shared Key field Click Apply 6 Click Connection Status System Info Verify your wireless an...

Страница 46: ...omputer monitor Click View Available Wireless Networks Tutorial Network Wireless LAN SecuritOpen the Status screen Verify your wireless and wireless security settings under Device Information and chec...

Страница 47: ...You should now be securely connected wirelessly to the ADSL Device Tutorial Network Wireless LAN SecuritOpen the Status screen Verify your wireless and wireless security settings under Device Informa...

Страница 48: ...panel click Network Setting Wireless WPS 4 Select the Enable check box and click Apply to enable the WPS function 5 Enter the PIN of the other WPS enabled device into the Enter PIN here text box and...

Страница 49: ...IP address of 192 168 1 34 Tutorial NAT Port Forwarding Setup You may set up the port settings by configuring the port settings for the Doom server computer see Chapter 11 on page 176 for more inform...

Страница 50: ...n can have access to your Doom server 3 5 Using the File Sharing Feature In this section you can Set up file sharing to allow a USB storage device connected to the ADSL Device to be used by all users...

Страница 51: ...o certain users enable file sharing and set up your share s 3 5 1 1 Activate File Sharing 1 Connect your USB device to the USB port at the back panel of the ADSL Device 2 In Expert mode click Network...

Страница 52: ...the field below for confirmation A password can be any combination of letters and numbers It is case sensitive and it must be between 5 and 15 characters long 3 5 1 3 Set up File Sharing on Your ADSL...

Страница 53: ...hare again in the File Sharing screen This time you select the Bob_private folder which contains important files You want to restrict access to the share to certain users Bob77 in this example So sele...

Страница 54: ...Explorer to access the file storage devices connected to the ADSL Device Note The examples in this User s Guide show you how to use Microsoft s Windows XP to browse your shared files Refer to your op...

Страница 55: ...er name and password Once you access Bob_private via your ADSL Device you do not have to relogin unless you restart your computer 3 5 3 File Sharing Video Example Use Adobe Reader 9 or later to play t...

Страница 56: ...ters Add a New Printer Using Windows Add a New Printer Using Macintosh OS X Configure a TCP IP Printer Port This example shows how you can configure a TCP IP printer port This example is done using th...

Страница 57: ...1 Click Start Settings then right click on Printers and select Open Tutorial Open Printers Window The Printers folder opens up First you need to open up the properties windows for the printer you want...

Страница 58: ...d TCP IP Printer Port Wizard window opens up Click Next to start configuring the printer port Tutorial Add a Port Wizard 7 Enter the IP address of the ADSL Device to which the printer is connected in...

Страница 59: ...ct Custom under Device Type and click Settings Tutorial Custom Port Settings 9 Confirm the IP address of the ADSL Device in the IP Address field 10 Select LPR under Protocol 11 Type the LPR queue name...

Страница 60: ...ettings and close the wizard window 13 Repeat steps 1 to 12 to add this printer to other computers on your network Add a New Printer Using Windows This example shows how to connect a printer to your A...

Страница 61: ...trol Panel Printers and Faxes to open the Printers and Faxes screen Click Add a Printer Tutorial Printers Folder 2 The Add Printer Wizard screen displays Click Next Tutorial Add Printer Wizard Welcome...

Страница 62: ...Local or Network Printer 4 Select Create a new port and Standard TCP IP Port Click Next Tutorial Add Printer Wizard Select the Printer Port 5 Add Standard TCP IP Printer Port Wizard window opens up C...

Страница 63: ...ss of the port Click Next Note The computer from which you are configuring the TCP IP printer port must be on the same LAN in order to use the printer sharing function Tutorial Enter IP Address of the...

Страница 64: ...he printer that you want to connect to the print server in the Manufacturer list of printers 13 Select the printer model from the list of Printers 14 If your printer is not displayed in the list of Pr...

Страница 65: ...utton and click Next if you already have a printer driver installed on your computer and you do not want to change it Otherwise select Replace existing driver to replace it with the new driver you sel...

Страница 66: ...server by sharing the printer with other users in the same network just select Do not share this printer and click Next to proceed to the following screen Tutorial Add Printer Wizard Printer Sharing 1...

Страница 67: ...Complete the following steps to set up a print server driver on your Macintosh computer 1 Click the Print Center icon located in the Macintosh Dock a place holding a series of icons shortcuts at the b...

Страница 68: ...ial Utilities Folder 6 Click the Add icon at the top of the screen Tutorial Printer List Folder 7 Set up your printer in the Printer List configuration screen Select IP Printing from the drop down lis...

Страница 69: ...n 12 Click Add to select a printer model save and close the Printer List configuration screen Tutorial Printer Model 13 The Name LP1 on 192 168 1 1 displays in the Printer List field The default print...

Страница 70: ...he Security MAC Filter screen to grant wireless network access to his computer but not to Josephine s computer 1 Thomas should check the wireless card s MAC address on his computer first For example o...

Страница 71: ...fic flowing directions you may connect a router to the ADSL Device s LAN The router may be used to separate two department networks This tutorial shows how to configure a static routing rule for two n...

Страница 72: ...from N1 to N2 1 Click Network Setting Static Route Click Add New Static Route 2 Configure the Static Route Setup screen using the following settings Select Active Specify a descriptive name for this r...

Страница 73: ...want to prioritize e mail traffic because you have to send important mails and urgent updates to clients very often In the following figure your Internet connection has an upstream transmission bandwi...

Страница 74: ...riority queue based on the internal QoS mapping table on the ADSL Device 1 Click Network Setting QoS General and check Active Set your WAN Managed Upstream Bandwidth to 1000 kbps or leave this blank t...

Страница 75: ...ueue created in the QoS Queue Setup screen which is the Email queue created in this example From Interface This is the interface from which the traffic will be coming from Select Lan Ether Type Select...

Страница 76: ...SL Series User s Guide 76 Tutorial Advanced QoS Monitor 3 9 1 QoS Video Example Use Adobe Reader 9 or later to play this example video You may need to allow playback in Adobe reader and click play aga...

Страница 77: ...DDNS If you connect your ADSL Device to the Internet and it uses a dynamic WAN IP address it is inconvenient for you to manage the device from the Internet The ADSL Device s WAN IP address changes dyn...

Страница 78: ...org using your account 4 Add a new DDNS host name This tutorial uses the following settings as an example Host name zyxelrouter dyndns org Service Type Host with IP address IP Address Enter the WAN IP...

Страница 79: ...able to access the ADSL Device from the Internet To test this 1 Open a web browser on the computer using the IP address a b c d that is connected to the Internet 2 Type http zyxelrouter dyndns org and...

Страница 80: ...Chapter 3 Tutorials ADSL Series User s Guide 80...

Страница 81: ...81 PART II Technical Reference...

Страница 82: ...82...

Страница 83: ...look at the current status of the device system resources and interfaces LAN WAN WLAN 4 2 The Connection Status Screen Use this screen to view the network connection status of the device and its clien...

Страница 84: ...t click the client s name and then click on Info If you want to change the name or icon of the client click the client s name and then click on Change name icon In List View you can also view the clie...

Страница 85: ...ubnet mask in the WAN LAN Information IP Address This field displays the current IP address of the ZyXEL Device in the LAN IP Subnet Mask This field displays the current subnet mask in the LAN DHCP Se...

Страница 86: ...active System Up Time This field displays how long the ZyXEL Device has been running since it last started up The ZyXEL Device starts up when you plug it in when you restart it Maintenance Reboot or...

Страница 87: ...n this Chapter Use the Broadband screen to view remove or add a WAN interface You can also configure the WAN settings on the ZyXEL Device for Internet access Section 5 2 on page 88 5 1 2 What You Need...

Страница 88: ...uses fixed size packets of information called cells With ATM a high QoS Quality of Service can be guaranteed ATM uses a connection oriented model and establishes a virtual circuit VC between two endp...

Страница 89: ...y this connection VPI This is the Virtual Path Identifier VPI VCI This is the Virtual Channel Identifier VCI Vlan8021p This indicates the 802 1P priority level assigned to traffic sent through this co...

Страница 90: ...1 Broadband Add Edit Routing PPPoE Label DESCRIPTION General Name Enter a service name of the connection Type ADSL The ZyXEL Device uses the ADSL technology for data transmission over the DSL port Mod...

Страница 91: ...ment of ATM traffic Enter the VCI assigned to you DSL Link Type The DSL link type is set to EoA Ethernet over ATM to have an Ethernet header in the packet so that you can have multiple services connec...

Страница 92: ...on up all the time and specify an idle time out in the Inactivity Timeout field Inactivity Timeout Specify an idle time out in the Inactivity Timeout field when you select Dial on Demand MTU The Maxim...

Страница 93: ...en or the Edit icon next to the connection you want to configure Select Routing as the encapsulation mode and IPoE as the WAN service type Figure 24 Broadband Add Edit Routing IPoE Apply Click Apply t...

Страница 94: ...igned to you VCI The valid range for the VCI is 32 to 65535 0 to 31 is reserved for local management of ATM traffic Enter the VCI assigned to you DSL Link Type The DSL link type is set to EoA Ethernet...

Страница 95: ...ership in a Multicast group it is not used to carry user data Select this option to have the ZyXEL Device act as an IGMP proxy on this connection This allows the ZyXEL Device to get subscribing inform...

Страница 96: ...the Edit icon next to the connection you want to configure Select Routing as the encapsulation mode and PPPoA as the WAN service type Figure 25 Broadband Add Edit Routing PPPoA The following table des...

Страница 97: ...nnection to have its own MAC address or all connections share one MAC address but use different VLAN IDs for different services EoA supports IPoE PPPoE and RFC1483 2684 bridging encapsulation methods...

Страница 98: ...ess MTU The Maximum Transmission Unit MTU defines the size of the largest packet allowed on an interface or connection Enter the MTU in this field For PPPoA and the default MTU is 1492 Routing Feature...

Страница 99: ...AT on traffic from the selected LAN port s Bridge Group Select the LAN WLAN port s from which traffic will be forwarded to the WAN interface directly Select a port from the Available LAN WLAN Port s l...

Страница 100: ...of multiplexing used by your is LLC SNAP BRIDGING In LCC encapsulation bridged PDUs are encapsulated by identifying the type of the bridged media in the SNAP header Service Category Select UBR Withou...

Страница 101: ...er to RFC 1661 for more information on PPP RFC 1483 RFC 1483 describes two methods for Multiprotocol Encapsulation over ATM Adaptation Layer 5 AAL5 The first method allows multiplexing of multiple pro...

Страница 102: ...up to the MBS can be sent at the PCR again If the PCR SCR or MBS is set to the default of 0 the system will assign a maximum value that correlates to your upstream line rate The following figure illu...

Страница 103: ...allows a physical network to be partitioned into multiple logical networks Devices on a logical network belong to one group A device can belong to more than one group With VLAN a device cannot directl...

Страница 104: ...signment Use Domain Name System DNS to map a domain name to its corresponding IP address and vice versa for instance the IP address of www zyxel com is 204 217 0 2 The DNS server is extremely importan...

Страница 105: ...6 on page 118 You don t necessarily need to use all these screens to set up your wireless connection For example you may just want to set up a network name a wireless radio channel and some security...

Страница 106: ...elevision channels each wireless network uses a specific channel or frequency to send and receive information Every device in the same wireless network must use security compatible with the AP Securit...

Страница 107: ...p your network and then add the non WPS devices manually although this is somewhat more complicated to do What advanced options do you want to configure if any If you want to configure advanced option...

Страница 108: ...pliant WLAN devices to associate with the ZyXEL Device Select 802 11n only in 2 4G band to allow only IEEE 802 11n compliant WLAN devices with the same frequency range 2 4 GHz to associate with the Zy...

Страница 109: ...of WEP authentication namely Open System Static WEP and Shared Key Shared WEP Open system is implemented for ease of use and when security is not an issue The wireless station and the AP or peer comp...

Страница 110: ...pted as long as the wireless client has the correct WEP key for encryption The ZyXEL Device authenticates wireless clients using Shared Key mode that have the correct WEP key Select Shared WEP to have...

Страница 111: ...the General screen Select More Secure as the security level Then select WPA PSK or WPA2 PSK from the Security Mode list Figure 32 Wireless General More Secure WPA 2 PSK The following table describes t...

Страница 112: ...Then select WPA or WPA2 from the Security Mode list Figure 33 Wireless General More Secure WPA 2 WPA PSK Compatible This field appears when you choose WPA PSK2 as the Security Mode Check this field t...

Страница 113: ...rt Number Enter the port number of the external authentication server The default port number is 1812 You need not change this value unless your network administrator instructs you to do so with addit...

Страница 114: ...A gray bulb signifies that this SSID is not active SSID An SSID profile is the set of parameters relating to one of the ZyXEL Device s BSSs The SSID Service Set IDentifier identifies the Service Set w...

Страница 115: ...ich a wireless device is associated Wireless devices associating to the access point AP must have the same SSID Enter a descriptive name up to 32 English keyboard characters for the wireless LAN Hide...

Страница 116: ...hysical button on the outside of device or a menu button similar to the WPS button on this screen Note You must press the other wireless device s WPS button within two minutes of pressing this button...

Страница 117: ...less client can connect to the ZyXEL Device through WPS It displays Unconfigured if the ZyXEL Device has not been configured for WPS and wireless clients will not be able to establish a link with the...

Страница 118: ...o which makes them run more smoothly Enable WMM Automatic Power Save Deliver APSD Click this to increase battery life for battery powered wireless clients APSD uses a longer beacon interval when trans...

Страница 119: ...the information and only people who have been authenticated are given the code key Apply Click Apply to save your changes Cancel Click Cancel to restore your previously saved settings Table 24 Network...

Страница 120: ...XEL Device acts like a beacon and regularly broadcasts the SSID in the area You can hide the SSID instead in which case the ZyXEL Device does not broadcast the SSID In addition you should change the d...

Страница 121: ...ion 6 7 2 3 on page 121 for information about this For example if the wireless network has a RADIUS server you can choose WPA or WPA2 If users do not log in to the wireless network you can choose no e...

Страница 122: ...al 6 7 4 BSS A Basic Service Set BSS exists when all communications between wireless stations or between a wireless station and a wired network client go through one access point AP Intra BSS traffic...

Страница 123: ...k by themselves 6 7 6 1 Push Button Configuration WPS Push Button Configuration PBC is initiated by pressing a button on each WPS enabled device and allowing them to connect automatically You do not n...

Страница 124: ...section of the AP s configuration interface See the device s User s Guide for how to do this 3 Look for the client s WPS PIN it will be displayed either on the device or in the WPS section of the cli...

Страница 125: ...ication Protocol tunnel and sends the network name SSID and the WPA PSK or WPA2 PSK pre shared key to the enrollee Whether WPA PSK or WPA2 PSK is used depends on the standards supported by the devices...

Страница 126: ...curity settings it transmits to the enrollee are randomly generated Once a WPS enabled device has connected to another device using WPS it becomes configured A configured wireless client can still act...

Страница 127: ...hake with the new client since you must connect to the access point anyway in order to use the network In this case AP1 must be the registrar since it is configured it already has security information...

Страница 128: ...enrollees and one registrar you must set up the first enrollee by pressing the WPS button on the registrar and the first enrollee for example then check that it successfully enrolled then set up the s...

Страница 129: ...this has happened WPS works between only two devices simultaneously so if another device has enrolled your device will be unable to enroll and will not have access to the network If this happens open...

Страница 130: ...Chapter 6 Wireless ADSL Series User s Guide 130...

Страница 131: ...e DNS server information that the ZyXEL Device sends to the DHCP client devices on the LAN Section 7 3 on page 136 Use the UPnP screen to enable UPnP Section 7 4 on page 137 Use the File Sharing scree...

Страница 132: ...k 7 1 2 2 About UPnP How do I know if I m using UPnP UPnP hardware is identified as an icon in the Network Connections folder Windows XP Each UPnP compatible device installed on your network will appe...

Страница 133: ...ows or Linux have different file systems The file sharing feature on your ZyXEL Device supports File Allocation Table FAT FAT32 and New Technology File System NTFS Common Internet File System The ZyXE...

Страница 134: ...d on your computer the port number is used to identify which process running on your computer it is intended for Line Printer Remote Protocol The Line Printer Remote LPR Protocol is software that prov...

Страница 135: ...ur ZyXEL Device automatically computes the subnet mask based on the IP address you enter so do not change this field unless you are instructed to do so DHCP Server State DHCP Select Enable to have you...

Страница 136: ...if you have the IP address of a DNS server Enter the DNS server s IP address in the field to the right If you chose User Defined but leave the IP address set to 0 0 0 0 User Defined changes to None af...

Страница 137: ...al notation A network interface card such as an Ethernet adapter has a hardwired address that is assigned at the factory This address follows an industry standard that ensures no other adapter has a s...

Страница 138: ...hich is connected to the ZyXEL Device Figure 49 File Sharing Overview The ZyXEL Device will not be able to join the workgroup if your local area network has restrictions set up that do not allow devic...

Страница 139: ...ing Each field is described in the following table Table 31 Network Setting Home Networking File Sharing LABEL DESCRIPTION Server Configuration File Sharing Services SMB Select Enable to activate file...

Страница 140: ...hows whether or not the user is able to access shares on your network User Name This field displays the users that have been added to the ZyXEL Device s Account Management screen Modify Click the Edit...

Страница 141: ...users If you select this option two lists will appear below and you must select from those lists which users can access the share Available Users This list shows all the users that you have created on...

Страница 142: ...media clients like the DMA 2500 to play the files Note Anyone on your network can play the media files in the published shares No user name and password or other form of security is used The media ser...

Страница 143: ...er already installed on your computer The computers on your network must have the printer software already installed before they can create a TCP IP port for printing via the network Follow your print...

Страница 144: ...igure 57 LAN and WAN IP Addresses DHCP Setup DHCP Dynamic Host Configuration Protocol RFC 2131 and RFC 2132 allows individual clients to obtain TCP IP configuration at start up from a server You can c...

Страница 145: ...he Internet Assigned Number Authority IANA reserved this block of addresses specifically for private use please do not use any other number unless you are told otherwise Let s say you select 192 168 1...

Страница 146: ...low the guidelines above For more information on address assignment please refer to RFC 1597 Address Allocation for Private Internets and RFC 1466 Guidelines for Management of IP Address Space ZyXEL D...

Страница 147: ...HP Laserjet 1200 HP Laserjet 2200D HP Laserjet 2420 HP Color Laserjet 1500L HP Laserjet 3015 HP Officejet 4255 HP Officejet 5510 HP Officejet 5610 HP Officejet 7210 HP Officejet Pro L7380 HP Photosmar...

Страница 148: ...indows Me 1 Click Start and Control Panel Double click Add Remove Programs 2 Click the Windows Setup tab and select Communication in the Components selection box Click Details Figure 58 Add Remove Pro...

Страница 149: ...ed Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP 1 Click Start and Control Panel 2 Double click Network Connections 3 In the Network Connections window click A...

Страница 150: ...re 61 Windows Optional Networking Components Wizard 5 In the Networking Services window select the Universal Plug and Play check box Figure 62 Networking Services 6 Click OK to go back to the Windows...

Страница 151: ...ure the computer is connected to a LAN port of the ZyXEL Device Turn on your computer and the ZyXEL Device Auto discover Your UPnP enabled Network Device 1 Click Start and Control Panel Double click N...

Страница 152: ...Chapter 7 Home Networking ADSL Series User s Guide 152 Figure 64 Internet Connection Properties 4 You may edit or delete the port mappings or click Add to manually add port mappings...

Страница 153: ...ced Settings Figure 66 Internet Connection Properties Advanced Settings Add 5 When the UPnP enabled device is disconnected from your computer all port mappings will be deleted automatically 6 Select S...

Страница 154: ...onfigurator Easy Access With UPnP you can access the web based configurator on the ZyXEL Device without finding out the IP address of the ZyXEL Device first This comes helpful if you do not know the I...

Страница 155: ...r s Guide 155 Figure 69 Network Connections 4 An icon with the description for each UPnP enabled device displays under Local Network 5 Right click on the icon for your ZyXEL Device and select Invoke T...

Страница 156: ...gure 70 Network Connections My Network Places 6 Right click on the icon for your ZyXEL Device and select Properties A properties window displays with basic information about the ZyXEL Device Figure 71...

Страница 157: ...Device s LAN interface The ZyXEL Device routes most traffic from A to the Internet through the ZyXEL Device s default gateway R1 You create one static route to connect to services offered by your ISP...

Страница 158: ...is not active Status This shows whether the static route is currently in use or not A yellow bulb signifies that this static route is in use A gray bulb signifies that this static route is not in use...

Страница 159: ...ost ID IP Subnet Mask Enter the IP subnet mask here Gateway IP Address You can decide if you want to forward packets to a gateway IP address or a bound interface If you want to configure Gateway IP Ad...

Страница 160: ...Chapter 8 Routing ADSL Series User s Guide 160...

Страница 161: ...ain names that do not match any DNS routing entry After the ZyXEL Device receives a DNS reply from a DNS server it creates a new entry for the resolved IP address in the routing table In the following...

Страница 162: ...nformation for a DNS route Figure 77 DNS Route Add Edit Table 39 Network Setting DNS Route LABEL DESCRIPTION Add new DNS route Click this to create a new entry This is the number of an individual DNS...

Страница 163: ...e wildcard character an asterisk as the left most part of a domain name such as example com The ZyXEL Device forwards DNS queries for any domain name ending in example com to the WAN interface specifi...

Страница 164: ...Chapter 9 DNS Route ADSL Series User s Guide 164...

Страница 165: ...ow level of jitter variations in delay such as Internet gaming and those for which jitter alone is a problem such as Internet radio or streaming video 10 1 1 What You Can Do in this Chapter Use the Ge...

Страница 166: ...dd or change the DSCP DiffServ Code Point value IEEE 802 1p priority level and VLAN ID number in a matched packet When the packet passes through a compatible network the networking device such as a ba...

Страница 167: ...transmission speed For example set the WAN interface speed to 1200 kbps if your Internet connection has an upstream transmission speed of 100 Mbps Setting this number higher than the interface s actua...

Страница 168: ...yXEL Device s interface through which traffic in this queue passes Priority This shows the priority of this queue Weight This shows the weight of this queue Buffer Management This shows the queue mana...

Страница 169: ...eues gets through faster while traffic in lower priority queues is dropped if the network is congested Weight Select the weight from 1 to 15 of this queue If two queues have the same priority level th...

Страница 170: ...Edit To Queue This is the name of the queue in which traffic of this classifier is put Modify Click the Edit icon to edit the classifier Click the Delete icon to delete an existing classifier Note tha...

Страница 171: ...e the criteria for traffic classification Basic From Interface Select whether the traffic class comes from the LAN or a wireless interface Ether Type Select a predefined application to configure a cla...

Страница 172: ...s option and enter the minimum and maximum packet length from 46 to 1504 in the fields provided DSCP This field is available only when you select IP in the Ether Type field Select this option and spec...

Страница 173: ...ON Monitor Refresh Interval Select how often you want the ZyXEL Device to update this screen Select No Refresh to stop refreshing statistics Status This is the index number of the entry Name This show...

Страница 174: ...f service desired This allows the intermediary DiffServ compliant network devices to handle the packets differently depending on the code points without the need to negotiate paths or remember state i...

Страница 175: ...and concepts may help as you read this chapter Inside Outside and Global Local Inside outside denotes where a host is located relative to the ZyXEL Device for example the computers of your subscribers...

Страница 176: ...better to specify a range of port numbers You can allocate a server IP address that corresponds to a port or a range of ports The most often used port numbers and services are shown in Appendix E on p...

Страница 177: ...the check box to enable it Service Name This is the service s name This shows User Defined if you manually added a service You can change this by clicking the edit icon WAN Interface This shows the W...

Страница 178: ...ies of ports enter the start port number here and the end port number in the External End Port field End Port Enter the last port of the original destination port range To forward only one port enter...

Страница 179: ...e SIP VoIP ALG in the ZyXEL Device To access this screen click Network Setting NAT ALG Figure 88 Network NAT ALG The following table describes the fields in this screen Table 49 Network Setting NAT Se...

Страница 180: ...n a packet received from a subscriber the inside local address to another the inside global address before forwarding the packet to the WAN side When the response comes back NAT translates the destina...

Страница 181: ...UDP source port numbers for Many to One and Many to Many Overload NAT mapping in each packet and then forwards it to the Internet The ZyXEL Device keeps track of the original addresses and port number...

Страница 182: ...Chapter 11 Network Address Translation NAT ADSL Series User s Guide 182...

Страница 183: ...ur IP address First of all you need to have registered a dynamic DNS account with www dyndns org This is for people with a dynamic IP from their ISP or DHCP server that would still like to have a doma...

Страница 184: ...t the name of your Dynamic DNS service provider Dynamic DNS Type Select the type of service that you are registered for from your Dynamic DNS service provider Host Name Type the domain name assigned t...

Страница 185: ...ion User A can initiate an IM Instant Messaging session from the LAN to the WAN 1 Return traffic for this session is also allowed 2 However other traffic initiated from the WAN is blocked 3 and 4 Figu...

Страница 186: ...is not allowed by default unless the remote host is authorized to use a specific service ICMP Internet Control Message Protocol ICMP is a message control and error reporting protocol between a host s...

Страница 187: ...block and click Add to add the port to the Blocked Services field A custom port is a service that is not available in the pre defined Available Services list You must define it using the Type and Port...

Страница 188: ...nfiguring the firewall may block valid access or introduce security risks to the ZyXEL Device and your protected network Use caution when creating or deleting firewall rules and test your rules after...

Страница 189: ...ries User s Guide 189 4 Does this rule conflict with any existing rules Once these questions have been answered adding rules is simply a matter of entering the information into the correct fields in t...

Страница 190: ...Chapter 13 Firewall ADSL Series User s Guide 190...

Страница 191: ...very Ethernet device has a unique MAC Media Access Control address The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters for example 00 A0 C5 00 00 02 You need...

Страница 192: ...s to the ZyXEL Device MAC addresses not listed will be denied access to the ZyXEL Device If you clear this the MAC Address field for this set clears MAC Address Enter the MAC addresses of the wireless...

Страница 193: ...ication Authorities A Certification Authority CA issues certificates and guarantees the identity of each certificate owner There are commercial certification authorities like CyberTrust or VeriSign an...

Страница 194: ...ware procedures and policies that handles keys is called PKI public key infrastructure Advantages of Certificates Certificates offer the following benefits The ZyXEL Device only has to store the certi...

Страница 195: ...llowing procedure describes how to check a certificate s fingerprint to verify that you have the actual certificate 1 Browse to where you have the certificate saved on your computer 2 Make sure that t...

Страница 196: ...e Subject This field displays identifying information about the certificate s owner such as CN Common Name OU Organizational Unit or department O Organization or company and C Country It is recommende...

Страница 197: ...his to replace the certificate s and save your changes back to the ZyXEL Device Reset Click this to clear your settings Table 56 Security Certificates Local Certificates continued LABEL DESCRIPTION Ta...

Страница 198: ...authority s certificate change the certificate s name and set whether or not you want the ZyXEL Device to check a certification authority s list of revoked certificates before trusting a certificate...

Страница 199: ...to change the name type up to 31 characters to identify this key certificate You may use any character not including spaces Certificate Detail This read only text box displays the certificate or cert...

Страница 200: ...the owner of the certificate such as Common Name CN OU Organizational Unit or department Organization O State ST and Country C It is recommended that each certificate have unique subject information...

Страница 201: ...ificate Public Key The value provided by a designated authority which combined with a private key can be used to encrypt messages Write the key between BEGIN CERTIFICATE and END CERTIFICATE Private Ke...

Страница 202: ...Chapter 15 Certificates ADSL Series User s Guide 202...

Страница 203: ...an example of an IPSec VPN tunnel Figure 103 VPN Example 16 1 1 What You Can Do in the VPN Screens Use the Setup screen Section 16 2 on page 205 to view the configured VPN policies and add edit or rem...

Страница 204: ...r secure gateway If the remote secure gateway has a static WAN IP address enter it in the Secure Gateway Address field You may alternatively enter the remote secure gateway s domain name if it has one...

Страница 205: ...ing figure helps explain the main fields in the web configurator Figure 105 IPSec Summary Fields Local and remote IP addresses must be static Click Security VPN to open the VPN Setup screen This is a...

Страница 206: ...at this VPN policy is not active Tunnel Name This field displays the identification name for this VPN policy Local Address This field will display the IP address used by the ZyXEL Device Remote Addres...

Страница 207: ...box if you want to set up a VPN tunnel when there are NAT routers between the ZyXEL Device and remote IPSec router The remote IPSec router must also enable NAT traversal and the NAT routers have to fo...

Страница 208: ...annot have the local and remote IP address es both the same Two active SAs can have the same local or remote IP address but not both You can configure multiple SAs between the same local and remote IP...

Страница 209: ...r to the Secure Gateway Address field description For DNS or E mail type a domain name or e mail address by which to identify the remote IPSec router Use up to 31 ASCII characters including spaces alt...

Страница 210: ...N Setup Edit Advanced Setup LABEL DESCRIPTION Advanced Setup Phase 1 Encryption Algorithm Select 3DES AES128 or AES256 from the drop down list box When you use one of these encryption algorithms for d...

Страница 211: ...nd a 256 bit key AES is faster than 3DES Authentication Algorithm Select MD5 SHA1 SHA2 256 or SHA2 512 from the drop down list box MD5 Message Digest 5 and SHA1 Secure Hash Algorithm and SHA2 are hash...

Страница 212: ...have the ZyXEL Device renegotiate an IPSec SA when the SA lifetime expires even if there is no traffic Figure 109 Security VPN Monitor The following table describes the fields in this screen 16 6 IPS...

Страница 213: ...in order to set up a VPN 16 6 2 IPSec and NAT Read this section if you are running IPSec on a host computer behind the ZyXEL Device NAT is incompatible with the AH protocol in both Transport and Tunn...

Страница 214: ...AT device between the IPSec endpoints rewrites the source or destination address As a result the VPN device at the receiving end finds a mismatch between the hash value and the data and assumes that t...

Страница 215: ...on Tunnel Mode Tunnel mode encapsulates the entire IP packet to transmit it securely A Tunnel mode is required for gateway services to provide access to internal systems Tunnel mode is fundamentally a...

Страница 216: ...If an IKE SA times out when an IPSec SA is already established the IPSec SA stays connected In phase 2 you must Choose which protocol to use ESP or AH for the IKE key exchange Choose an encryption alg...

Страница 217: ...n the LAN or from the ISP since these DNS servers cannot resolve domain names to private IP addresses on the remote network The following figure depicts an example where three VPN tunnels are created...

Страница 218: ...ge 210 The ID type and content act as an extra level of identification for incoming SAs The type of ID can be a domain name an IP address or an e mail address The content is the IP address domain name...

Страница 219: ...Upon completion of the Diffie Hellman exchange the two peers have a shared secret but the IKE SA is not authenticated For authentication use pre shared keys 16 6 11 Telecommuter VPN IPSec Examples The...

Страница 220: ...sses of the rules configured on the telecommuters IPSec routers should not overlap See the following table and figure for an example where three telecommuters each use a different VPN rule for a VPN c...

Страница 221: ...Local ID Content 192 168 2 12 Peer ID Content 192 168 2 12 Local IP Address 192 168 2 12 Secure Gateway Address telecommuter1 com Remote Address 192 168 2 12 Telecommuter B telecommuterb dydns org Hea...

Страница 222: ...Chapter 16 VPN ADSL Series User s Guide 222...

Страница 223: ...s client s Section 17 4 on page 225 17 2 The WAN Status Screen Click System Monitor Traffic Status to open the WAN screen You can view the WAN traffic statistics in this screen Figure 117 System Moni...

Страница 224: ...the number of frames with errors received on this interface Drop This indicates the number of received packets dropped on this interface Table 74 System Monitor Traffic Status WAN LABEL DESCRIPTION Ta...

Страница 225: ...ror This indicates the number of frames with errors received on this interface Drop This indicates the number of received packets dropped on this interface Table 75 System Monitor Traffic Status LAN L...

Страница 226: ...Chapter 17 System Monitor ADSL Series User s Guide 226...

Страница 227: ...BEL DESCRIPTION User Name You can configure the password for the admin or user account Select admin or user from the drop down list box Old Password Type the default password or the existing password...

Страница 228: ...Chapter 18 User Account ADSL Series User s Guide 228...

Страница 229: ...ers from the LAN to discover the CPE and configure user specific parameters such as the username and password SSH SCP SFTP Secure Shell SSH is a secure communication protocol that combines authenticat...

Страница 230: ...box for the corresponding services that you want to allow access to the ZyXEL Device from the LAN and WLAN WAN Select the Enable check box for the corresponding services that you want to allow access...

Страница 231: ...port files the domain name is www zyxel com 20 2 The System Screen Use the System screen to configure the system s host name domain name and inactivity time out interval The Host Name is for identific...

Страница 232: ...ave this field blank the ISP may assign a domain name via DHCP The domain name entered by you is given priority over the ISP assigned domain name Administrator Inactivity Timer Type how many minutes a...

Страница 233: ...local time zone Figure 123 Maintenance Time Setting The following table describes the fields in this screen Table 80 Maintenance Time Setting LABEL DESCRIPTION Current Date Time Current Time This fiel...

Страница 234: ...of the time zones in the European Union start using Daylight Saving Time at the same moment 1 A M GMT or UTC So in the European Union you would select Last Sunday March The time you type in the o cloc...

Страница 235: ...ere the ZyXEL Device sends logs and which logs and or immediate alerts the ZyXEL Device records in the Log Setting screen 22 2 The Log Setting Screen To change your ZyXEL Device s log settings click M...

Страница 236: ...ng Syslog Server Enter the server name or IP address of the syslog server that will log the selected categories of logs UDP Port Enter the port number used by the syslog server Active Log and Select L...

Страница 237: ...r a successful upload the system will reboot Do NOT turn off the ZyXEL Device while firmware upload is in progress Figure 125 Maintenance Firmware Upgrade The following table describes the labels in t...

Страница 238: ...network disconnect In some operating systems you may see the following icon on your desktop Figure 127 Network Temporarily Disconnected After two minutes log in again and check your new firmware versi...

Страница 239: ...guration appears in this screen as shown next Figure 129 Maintenance Backup Restore Backup Configuration Backup Configuration allows you to back up save the ZyXEL Device s current configuration to a f...

Страница 240: ...for details on how to set up your computer s IP address If the upload was not successful an error screen will appear Click OK to go back to the Configuration screen Reset to Factory Defaults Click th...

Страница 241: ...m restart allows you to reboot the ZyXEL Device remotely without turning the power off You may need to do this if the ZyXEL Device hangs for example Click Maintenance Reboot Click the Reboot button to...

Страница 242: ...Chapter 24 Backup Restore ADSL Series User s Guide 242...

Страница 243: ...g statistics Section 25 2 on page 243 Use the DSL Line screen to check or reset your DSL connection Section 25 3 on page 244 25 2 The Ping Screen Use this screen to ping an IP address Click Maintenanc...

Страница 244: ...d Reassembly SAR driver translates packets into ATM cells It also receives ATM cells and reassembles them into packets These counters are set back to zero whenever the device starts up inPkts is the n...

Страница 245: ...This is displayed as the number in hexadecimal format of bits transmitted for each tone This can be used to determine the quality of the connection whether a given sub carrier loop has sufficient mar...

Страница 246: ...Chapter 25 Diagnostic ADSL Series User s Guide 246...

Страница 247: ...LEDs turn on 1 Make sure the ZyXEL Device is turned on 2 Make sure you are using the power adaptor or cord included with the ZyXEL Device 3 Make sure the power adaptor or cord is connected to the ZyXE...

Страница 248: ...owser 3 If this does not work you have to reset the device to its factory defaults See Section 1 6 on page 25 I forgot the password 1 The default admin and user password is 1234 2 If this does not wor...

Страница 249: ...u have entered the user name and password correctly The default user name is admin These fields are case sensitive so make sure Caps Lock is not on 2 You cannot log in to the web configurator while so...

Страница 250: ...Quick Start Guide again 6 If the problem continues contact your ISP I cannot access the Internet through a DSL connection 1 Make sure you configured a proper DSL WAN connection with the Internet acco...

Страница 251: ...nt or unstabled wireless connection How can I solve this problem The following factors may cause interference Obstacles walls ceilings furniture and so on Building Materials metal doors aluminum studs...

Страница 252: ...curity standard that defines stronger encryption authentication and key management than WPA It requires the use of a RADIUS server and is mostly used in business networks WPA Wi Fi Protected Access WP...

Страница 253: ...o Private you may not have permission to see the share s content Open the Web Configurator and make sure you add your user to the list Allow Users in the Add Edit Share screen see Section 3 5 1 3 on p...

Страница 254: ...Chapter 26 Troubleshooting ADSL Series User s Guide 254...

Страница 255: ...es not have an Ethernet connection with the LAN WLAN WPS Green On The wireless network is activated and is operating in IEEE 802 11b g n mode Blinking The ZyXEL Device is communicating with other wire...

Страница 256: ...lt IP Address 192 168 1 1 Default Subnet Mask 255 255 255 0 24 bits Default User Name admin Default Password 1234 DHCP Server IP Pool Starting Address 192 168 1 33 Size 32 Static DHCP Addresses 10 Sta...

Страница 257: ...bled device can dynamically join a network obtain an IP address and convey its capabilities to other devices on the network Firewall Your device has a stateful inspection firewall with DoS Denial of S...

Страница 258: ...via HTTP Configuration file extraction using CLI SFTP SCP and TR 069 Factory reset vis CLI TR 069 and physical button Telnet for remote management Remote Firmware Upgrade Syslog TR 069 TR 064 TR 068v2...

Страница 259: ...802 11g 6 9 12 18 24 36 48 54Mbps 802 11b 1 2 5 5 11Mbps Modulation Technique 802 11n MIMO OFDM BPSK QPSK 16 QAM 64 QAM 802 11g OFDM BPSK QPSK 16 QAM 64 QAM 802 11b CCK DQPSK DBPSK Turn on off WLAN by...

Страница 260: ...EE 802 11g Uses the 2 4 gigahertz GHz band IEEE 802 11n Uses the 2 4 gigahertz GHz band IEEE 802 11d Standard for Local and Metropolitan Area Networks Media Access Control MAC Bridges 802 1x Port Base...

Страница 261: ...ack of the ZyXEL Device with the screws on the wall Hang the ZyXEL Device on the screws Figure 134 Wall mounting Example The following are dimensions of an M4 tap screw and masonry plug used for wall...

Страница 262: ...Chapter 27 Product Specifications ADSL Series User s Guide 262...

Страница 263: ...are a common street name the hosts on a network share a common network number Similarly as each house has its own house number each host on the network has its own unique identifying number the host I...

Страница 264: ...s part of the host ID The following example shows a subnet mask identifying the network number in bold text and host ID of an IP address 192 168 1 2 in decimal By convention subnet masks always consis...

Страница 265: ...s for the remainder of the 32 bit mask you can simply specify the number of ones instead of writing the value of each octet This is usually specified by writing a followed by the number of bits in the...

Страница 266: ...ible hosts The following figure shows the company network before subnetting Figure 137 Subnetting Example Before Subnetting You can borrow one of the host ID bits to divide the network 192 168 1 0 int...

Страница 267: ...8 1 254 Example Four Subnets The previous example illustrated using a 25 bit subnet mask to divide a 24 bit address into two subnets Similarly to divide a 24 bit address into four subnets you need to...

Страница 268: ...ASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address 192 168 1 1...

Страница 269: ...1 255 255 255 128 25 2 126 2 255 255 255 192 26 4 62 3 255 255 255 224 27 8 30 4 255 255 255 240 28 16 14 5 255 255 255 248 29 32 6 6 255 255 255 252 30 64 2 7 255 255 255 254 31 128 1 Table 101 16 b...

Страница 270: ...the subnet mask computed by the ZyXEL Device unless you are instructed to do otherwise Private IP Addresses Every machine on the Internet must have a unique address If your networks are isolated from...

Страница 271: ...ple Since a router connects different networks it must have interfaces using different network numbers For example if a router is set between a LAN and the Internet WAN the router s LAN and WAN addres...

Страница 272: ...Appendix A IP Addresses and Subnetting ADSL Series User s Guide 272 Figure 141 Conflicting Computer and Router IP Addresses Example...

Страница 273: ...versions of UNIX LINUX include the software components you need to use TCP IP on your computer If you manually assign IP information instead of using a dynamic IP make sure that your network s comput...

Страница 274: ...Guide 274 Figure 142 Windows XP Start Menu 2 In the Control Panel click the Network Connections icon Figure 143 Windows XP Control Panel 3 Right click Local Area Connection and then select Properties...

Страница 275: ...er s IP Address ADSL Series User s Guide 275 4 On the General tab select Internet Protocol TCP IP and then click Properties Figure 145 Windows XP Local Area Connection Properties 5 The Internet Protoc...

Страница 276: ...you by your network administrator or ISP You may also have to enter a Preferred DNS server and an Alternate DNS server if that information was provided 7 Click OK to close the Internet Protocol TCP IP...

Страница 277: ...from Windows Vista Professional 1 Click Start Control Panel Figure 147 Windows Vista Start Menu 2 In the Control Panel click the Network and Internet icon Figure 148 Windows Vista Control Panel 3 Clic...

Страница 278: ...Center 5 Right click Local Area Connection and then select Properties Figure 151 Windows Vista Network and Sharing Center Note During this procedure click Continue whenever Windows displays a screen...

Страница 279: ...ppendix B Setting Up Your Computer s IP Address ADSL Series User s Guide 279 Figure 152 Windows Vista Local Area Connection Properties 7 The Internet Protocol Version 4 TCP IPv4 Properties window open...

Страница 280: ...ou by your network administrator or ISP You may also have to enter a Preferred DNS server and an Alternate DNS server if that information was provided Click Advanced 9 Click OK to close the Internet P...

Страница 281: ...e 1 Click Start Control Panel Figure 154 Windows 7 Start Menu 2 In the Control Panel click View network status and tasks under the Network and Internet category Figure 155 Windows 7 Control Panel 3 Cl...

Страница 282: ...er s Guide 282 Figure 157 Windows 7 Local Area Connection Status Note During this procedure click Continue whenever Windows displays a screen saying that it needs your permission to continue 5 Select...

Страница 283: ...Appendix B Setting Up Your Computer s IP Address ADSL Series User s Guide 283 Figure 158 Windows 7 Local Area Connection Properties 6 The Internet Protocol Version 4 TCP IPv4 Properties window opens...

Страница 284: ...tatic IP address that was assigned to you by your network administrator or ISP You may also have to enter a Preferred DNS server and an Alternate DNS server if that information was provided Click Adva...

Страница 285: ...0 Windows 7 Internet Protocol Version 4 TCP IPv4 Properties Mac OS X 10 3 and 10 4 The screens in this section are from Mac OS X 10 4 but can also apply to 10 3 1 Click Apple System Preferences Figure...

Страница 286: ...0 4 System Preferences 3 When the Network preferences pane opens select Built in Ethernet from the network connection type list and then click Configure Figure 163 Mac OS X 10 4 Network Preferences 4...

Страница 287: ...Mac OS X 10 4 Network Preferences TCP IP Tab 5 For statically assigned settings do the following From the Configure IPv4 list select Manually In the IP Address field type your IP address In the Subnet...

Страница 288: ...thernet 6 Click Apply Now and close the window Verifying Settings Check your TCP IP properties by clicking Applications Utilities Network Utilities and then selecting the appropriate Network Interface...

Страница 289: ...ide 289 1 Click Apple System Preferences Figure 167 Mac OS X 10 5 Apple Menu 2 In System Preferences click the Network icon Figure 168 Mac OS X 10 5 Systems Preferences 3 When the Network preferences...

Страница 290: ...et 4 From the Configure list select Using DHCP for dynamically assigned settings 5 For statically assigned settings do the following From the Configure list select Manually In the IP Address field ent...

Страница 291: ...uide 291 Figure 170 Mac OS X 10 5 Network Preferences Ethernet 6 Click Apply and close the window Verifying Settings Check your TCP IP properties by clicking Applications Utilities Network Utilities a...

Страница 292: ...ic distribution release version and individual configuration The following screens use the default Ubuntu 8 installation Note Make sure you are logged in as the root administrator Follow the steps bel...

Страница 293: ...Network Settings Connections 3 In the Authenticate window enter your admin account name and password then click the Authenticate button Figure 174 Ubuntu 8 Administrator Account Authentication 4 In t...

Страница 294: ...uration DHCP if you have a dynamic IP address In the Configuration list select Static IP address if you have a static IP address Fill in the IP address Subnet mask and Gateway address fields 6 Click O...

Страница 295: ...ettings DNS 8 Click the Close button to apply the changes Verifying Settings Check your TCP IP properties by clicking System Administration Network Tools and then selecting the appropriate Network dev...

Страница 296: ...ent KDE using the openSUSE 10 3 Linux distribution The procedure screens and file locations may vary depending on your specific distribution release version and individual configuration The following...

Страница 297: ...Figure 179 openSUSE 10 3 K Menu Computer Menu 2 When the Run as Root KDE su dialog opens enter the admin password and click OK Figure 180 openSUSE 10 3 K Menu Computer Menu 3 When the YaST Control Ce...

Страница 298: ...enSUSE 10 3 YaST Control Center 4 When the Network Settings window opens click the Overview tab select the appropriate connection Name from the list and then click the Configure button Figure 182 open...

Страница 299: ...amic IP address Select Statically assigned IP Address if you have a static IP address Fill in the IP address Subnet mask and Hostname fields 7 Click Next to save the changes and close the Network Card...

Страница 300: ...gs and close the window Verifying Settings Click the KNetwork Manager icon on the Task bar to check your TCP IP properties From the Options sub menu select Show Connection Information Figure 185 openS...

Страница 301: ...Appendix B Setting Up Your Computer s IP Address ADSL Series User s Guide 301 Figure 186 openSUSE Connection Status KNetwork Manager...

Страница 302: ...Appendix B Setting Up Your Computer s IP Address ADSL Series User s Guide 302...

Страница 303: ...g to log into your device Either disable pop up blocking enabled by default in Windows XP SP Service Pack 2 or allow pop up blocking and create an exception for your device s IP address Disable Pop up...

Страница 304: ...Privacy 3 Click Apply to save this setting Enable Pop up Blockers with Exceptions Alternatively if you only want to allow pop up windows from your device see the following steps 1 In Internet Explorer...

Страница 305: ...de 305 Figure 189 Internet Options Privacy 3 Type the IP address of your device the web page that you do not want to have blocked with the prefix http For example http 192 168 167 1 4 Click Add to mov...

Страница 306: ...lay properly in Internet Explorer check that JavaScript are allowed 1 In Internet Explorer click Tools Internet Options and then the Security tab Figure 191 Internet Options Security 2 Click the Custo...

Страница 307: ...192 Security Settings Java Scripting Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll down to Microsoft VM 4 U...

Страница 308: ...Series User s Guide 308 Figure 193 Security Settings Java JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 Make sure that Use Java 2 for applet under Java Sun...

Страница 309: ...ed here Screens for other versions may vary You can enable Java JavaScript and pop ups in one screen Click Tools then click Options in the screen that appears Figure 195 Mozilla Firefox Tools Options...

Страница 310: ...Appendix C Pop up Windows Java Script and Java Permissions ADSL Series User s Guide 310...

Страница 311: ...endent Basic Service Set IBSS The following diagram shows an example of notebook computers using wireless adapters to form an ad hoc wireless LAN Figure 197 Peer to Peer Communication in an Ad hoc Net...

Страница 312: ...red connection between APs is called a Distribution System DS This type of wireless LAN topology is called an Infrastructure WLAN The Access Points not only provide communication with the wired networ...

Страница 313: ...ially overlap however To avoid interference due to overlap your AP should be on a channel at least five channels away from a channel that an adjacent AP is using For example if your region has 11 chan...

Страница 314: ...quest To Send CTS Clear to Send handshake You should only configure RTS CTS if the possibility of hidden nodes exists on your network and the cost of resending large frames is more than the extra netw...

Страница 315: ...e The wireless devices MUST use the same preamble mode in order to communicate IEEE 802 11g Wireless LAN IEEE 802 11g is fully compatible with the IEEE 802 11b standard This means an IEEE 802 11b adap...

Страница 316: ...user profile and accounting management on a network RADIUS server Support for EAP Extensible Authentication Protocol RFC 2486 that allows additional authentication methods to be deployed with no chang...

Страница 317: ...etwork security the access point and the RADIUS server use a shared secret key which is a password they both know The key is not sent over the network In addition to the shared key password informatio...

Страница 318: ...makes user identity vulnerable to passive attacks A digital certificate is an electronic ID card that authenticates the sender s identity However to implement EAP TLS you need a Certificate Authority...

Страница 319: ...ey that only requires a single identical password entered into each access point wireless gateway and wireless client As long as the passwords match a wireless client will be granted access to a WLAN...

Страница 320: ...ommon password approach makes WPA 2 PSK susceptible to brute force password guessing attacks but it s still an improvement over WEP as it employs a consistent single alphanumeric password to derive a...

Страница 321: ...DIUS server distributes the PMK to the AP The AP then sets up a key hierarchy and management system using the PMK to dynamically generate unique data encryption keys The keys are used to encrypt every...

Страница 322: ...couples RF signals onto air A transmitter within a wireless device sends an RF signal to the antenna which propagates the signal through the air The antenna also operates in reverse by capturing RF si...

Страница 323: ...e two types of antennas used for wireless LAN applications Omni directional antennas send the RF signal out in all directions on a horizontal plane The coverage area is torus shaped like a donut which...

Страница 324: ...devices you want to set up are within wireless range of one another 2 Look for a WPS button on each device If the device does not have one log into its configuration utility and locate the button see...

Страница 325: ...tion mode not the PBC connection mode Locate the place where you can enter the enrollee s PIN if you are using the ZyXEL Device see Section 6 4 on page 115 Enter the PIN from the enrollee device 4 Act...

Страница 326: ...cation Protocol tunnel and sends the network name SSID and the WPA PSK or WPA2 PSK pre shared key to the enrollee Whether WPA PSK or WPA2 PSK is used depends on the standards supported by the devices...

Страница 327: ...d the security settings it transmits to the enrollee are randomly generated Once a WPS enabled device has connected to another device using WPS it becomes configured A configured wireless client can s...

Страница 328: ...registrar since it is configured it already has security information for the network AP1 supplies the existing security information to Client 2 Figure 206 WPS Example Network Step 2 In step 3 you add...

Страница 329: ...or WPA2 PSK depends on the device You can check the configuration interface of the registrar device to discover the key the network is using if the device supports this feature Then you can enter the...

Страница 330: ...or was not involved in the WPS handshake a rogue device must still associate with the access point to gain access to the network Check the MAC addresses of your wireless clients usually printed on a l...

Страница 331: ...ations that use this service or the situations in which this service is used Table 106 Commonly Used Services NAME PROTOCOL PORT S DESCRIPTION AH IPSEC_TUNNEL User Defined 51 The IPSEC AH Authenticati...

Страница 332: ...k environments NNTP TCP 119 Network News Transport Protocol is the delivery mechanism for the USENET newsgroup service PING User Defined 1 Packet INternet Groper is a protocol that sends out ICMP echo...

Страница 333: ...te Login Program STRM WORKS UDP 1558 Stream Works Protocol SYSLOG UDP 514 Syslog allows you to send system logs to a UNIX server TACACS UDP 49 Login Host Protocol used for Terminal Access Controller A...

Страница 334: ...Appendix E Common Services ADSL Series User s Guide 334...

Страница 335: ...BLE LICENSE TERMS OF SUCH THIRD PARTY NONE OF THE STATEMENTS OR DOCUMENTATION FROM ZYXEL INCLUDING ANY RESTRICTIONS OR CONDITIONS STATED IN THIS END USER LICENSE AGREEMENT SHALL RESTRICT ANY RIGHTS AN...

Страница 336: ...certain third party software as a convenience To the extent that the Software contains third party software ZyXEL has no express or implied obligation to provide any technical or other support for suc...

Страница 337: ...NG REASONABLE ATTORNEYS FEES TO THE EXTENT SUCH CLAIMS ARISE OUT OF ANY BREACH OF THIS SECTION 8 9 Audit Rights ZyXEL SHALL HAVE THE RIGHT AT ITS OWN EXPENSE UPON REASONABLE PRIOR NOTICE TO PERIODICAL...

Страница 338: ...n herein is subject to change without notice Companies names and data used in examples herein are fictitious unless otherwise noted No part may be reproduced or transmitted in any form or by any means...

Страница 339: ...software patents We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses in effect making the program proprietary To prevent this we have made it cl...

Страница 340: ...dless of who wrote it Thus it is not the intent of this section to claim rights or contest your rights to work written entirely by you rather the intent is to exercise the right to control the distrib...

Страница 341: ...e conditions of this License If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations then as a consequence you may not distribu...

Страница 342: ...URPOSE THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU SHOULD THE PROGRAM PROVE DEFECTIVE YOU ASSUME THE COST OF ALL NECESSARY SERVICING REPAIR OR CORRECTION 12 IN NO EVEN...

Страница 343: ...stributions of source code must retain the above copyright notice this list of conditions and the following disclaimer Redistributions in binary form must reproduce the above copyright notice this lis...

Страница 344: ...the following disclaimer in the documentation and or other materials provided with the distribution THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES...

Страница 345: ...and that you are informed that you can do these things To protect your rights we need to make restrictions that forbid distributors to deny you these rights or to ask you to surrender these rights The...

Страница 346: ...other cases permission to use a particular library in non free programs enables a greater number of people to use a large body of free software For example permission to use the GNU C Library in non f...

Страница 347: ...s and performs whatever part of its purpose remains meaningful For example a function in a library to compute square roots has a purpose that is entirely well defined independent of the application Th...

Страница 348: ...the Library with the Library to produce a work containing portions of the Library and distribute that work under terms of your choice provided that the terms permit modification of the work for the c...

Страница 349: ...the Library you indicate your acceptance of this License to do so and all its terms and conditions for copying distributing or modifying the Library or works based on it 10 Each time you redistribute...

Страница 350: ...e which is copyrighted by the Free Software Foundation write to the Free Software Foundation we sometimes make exceptions for this Our decision will be guided by the two goals of preserving the free s...

Страница 351: ...nditions and the following disclaimer in the documentation and or other materials provided with the distribution 3 All advertising materials mentioning features or use of this software must display th...

Страница 352: ...RTICULAR PURPOSE ARE DISCLAIMED IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT INDIRECT INCIDENTAL SPECIAL EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMI...

Страница 353: ...de not just the SSL code The SSL documentation included with this distribution is covered by the same copyright terms except that the holder is Tim Hudson tjh cryptsoft com Copyright remains Eric Youn...

Страница 354: ...s product includes software written by Tim Hudson tjh cryptsoft com THIS SOFTWARE IS PROVIDED BY ERIC YOUNG AS IS AND ANY EXPRESS OR IMPLIED WARRANTIES INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANT...

Страница 355: ...Appendix F Open Software Announcements ADSL Series User s Guide 355...

Страница 356: ...Appendix F Open Software Announcements ADSL Series User s Guide 356...

Страница 357: ...he terms and conditions of any related service providers Certifications Federal Communications Commission FCC Interference Statement The device complies with Part 15 of FCC rules Operation is subject...

Страница 358: ...rom other transmitters to prevent simultaneous transmission with nearby devices Notices Changes or modifications not expressly approved by the party responsible for compliance could void the user s au...

Страница 359: ...ply if the product has been modified misused tampered with damaged by an act of God or subjected to abnormal working conditions Note Repair or replacement as provided under this warranty is the exclus...

Страница 360: ...Appendix G Legal Information ADSL Series User s Guide 360...

Страница 361: ...ication 119 121 RADIUS server 121 automatic logout 28 B backup configuration 239 bandwidth management 165 Basic Service Set see BSS Broadband 87 broadcast 103 BSS 122 311 example 122 C CA 193 318 CBR...

Страница 362: ...NS wildcard 183 E EAP Authentication 317 Encapsulation 100 MER 100 PPP over Ethernet 100 encapsulation 87 215 RFC 1483 101 encryption 121 319 ESP 213 ESS 312 Extended Service Set IDentification 108 11...

Страница 363: ...gin passwords 27 logout 28 automatic 28 logs 223 235 M MAC 85 191 MAC address 137 filter 120 MAC address filtering 191 MAC filter 191 managing the device good habits 25 using FTP See FTP Maximum Burst...

Страница 364: ...protocol 87 PSK 320 Push Button Configuration see PBC push button WPS 123 Q QoS 165 174 Quality of Service see QoS Quick Start Guide 27 R RADIUS 316 message types 317 messages 317 shared secret key 3...

Страница 365: ...gment 119 RTS CTS 119 TKIP 319 traffic shaping 101 trusted CAs and certificates 197 tunnel mode 215 tutorial wireless 44 U unicast 103 Universal Plug and Play see UPnP upgrading firmware 237 UPnP 137...

Страница 366: ...123 push button 123 wireless network example 105 wireless security 315 WLAN 105 auto scan channel 108 interference 313 passphrase 110 scheduling 118 security parameters 322 see also wireless WEP 110...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды