ZyXEL Communications P-660HW-Tx v3 Series Скачать руководство пользователя страница 1

Страница: 1 / 116

P-660HW-Tx v3 Series Support Notes

P-660HW-Tx v3

802.11g Wireless ADSL2+ 4-port Gateway

Support Notes

Version 3.40

Nov. 2008

Содержание P-660HW-Tx v3 Series

Страница 1: ...P 660HW Tx v3 Series Support Notes 1 All contents copyright 2008 ZyXEL Communications Corporation P 660HW Tx v3 802 11g Wireless ADSL2 4 port Gateway Support Notes Version 3 40 Nov 2008...

Страница 2: ...I do it 9 12 When do I need select Full Feature NAT 9 13 What IP Port mapping does Multi NAT support 9 14 How many network users can the SUA NAT support 10 15 What are Device filters and Protocol fil...

Страница 3: ...a network firewall 20 2 What makes P 660HW Tx v3 secure 20 3 What are the basic types of firewalls 20 4 What kind of firewall is the P 660HW Tx v3 21 5 Why do you need a firewall when your router has...

Страница 4: ...may causes interference among WLAN products 30 12 What s the difference between a WLAN and a WWAN 31 13 Can I manually swap the wireless module without damage any hardware 31 14 What wireless securit...

Страница 5: ...ng 70 11 Using Call Scheduling 74 12 Using IP Multicast 76 13 Using Zero Configuration 77 14 How to configure packet filter on P 660HW Tx v3 79 15 Change WAN MTU via WEB GUI 82 Wireless Application No...

Страница 6: ...nd Line Interface CLI The Command Line Interface is for the Administrator use only and it could be accessed via telnet session Note It is protected by super password 1234 by factory default 4 How do I...

Страница 7: ...ng TFTP client program via LAN a Use the TELNET client program in your PC to login to your P 660HW Tx v3 b Enter CI command sys stdio 0 disable Stdio idle timeout c To backup the P 660HW Tx v3 configu...

Страница 8: ...ource port numbers are written into the destination fields of the packet since it is now moving in the opposite direction the checksums are recomputed and the packet is delivered to its true destinati...

Страница 9: ...servers mapping the same port or not on the LAN accessible from outside with multiple global IP addresses Support Non NAT Friendly Applications Some servers providing Internet applications such as so...

Страница 10: ...se use the One to One mode The following table summarizes the five types NAT Type IP Mapping One to One ILA1 IGA1 Many to One SUA PAT ILA1 IGA1 ILA2 IGA1 Many to Many Overload ILA1 IGA1 ILA2 IGA2 ILA3...

Страница 11: ...s For the input data filter Deny packets from the outside that claim to be from the inside Allow everything that is not spoofing us Filter rule setup Filter type TCP IP Filter Rule Active Yes Source I...

Страница 12: ...on User Account user Administrator Account 1234 You can change the password after you logging in the Web Configurator Please record your new password whenever you change it The system will lock you ou...

Страница 13: ...uters want to share an Internet account for Internet access they have to add another Internet sharing device like a router In this case we use the router mode which works as a general Router plus an A...

Страница 14: ...service When you want your internal server to be accessed by using DNS name rather than using the dynamic IP address we can use the DDNS service The DDNS server allows to alias a dynamic IP address t...

Страница 15: ...Network Remote Node Edit ATM Setup Peak Cell Rate PCR The maximum bandwidth allocated to this connection The VC connection throughput is limited by PCR Sustainable Cell Rate SCR The least guaranteed b...

Страница 16: ...select VBR for bursty traffic and bandwidth sharing with other applications It contains two subclasses Variable bit rate nonreal time VBR nRT Variable bit rate real time VBR RT 16 What is content fil...

Страница 17: ...lso grows steadily it will not catch up with telephone lines for many years Additionally many of the older cable networks are not capable of offering a return channel consequently such networks will n...

Страница 18: ...ying each protocol but it does not need the extra headers Therefore the VC based multiplexing is more efficient 7 How do I know the details of my ADSL line statistics You can use the following CI comm...

Страница 19: ...on The different services such as video VoIP and Internet access require different Qulity of Service The high priority is Voice VoIP data The Medium priority is Video IPTV data The low priority is int...

Страница 20: ...NAT which translates the private local addresses to one or multiple public addresses This adds a level of security since the clients on the private LAN are invisible to the Internet 3 What are the bas...

Страница 21: ...n incoming packet masquerading as a response to a nonexistent outbound request can be blocked 3 The P 660HW Tx v3 s firewall uses session filtering i e smart rules that enhance the filtering process a...

Страница 22: ...et except that it contains an offset field The Teardrop program creates a series of IP fragments with overlapping offset fields When these fragments are reassembled at the destination some systems wil...

Страница 23: ...o break into systems to hide the hacker s identity or to magnify the effect of the DoS attack IP Spoofing is a technique used to gain unauthorized access to computers by tricking a router or firewall...

Страница 24: ...o telnet your P 660HW Tx v3 or access the Web Configurator of 3 Why can t I configure my P 660HW Tx v3 using Web Configurator Telnet over WAN There are four reasons that WWW Telnet from WAN is blocked...

Страница 25: ...filter set which blocks WWW Telnet from WAN is applied to WAN node You can check by command wan node index index wan node display 4 Why can t I upload the firmware and configuration file using FTP ov...

Страница 26: ...l log immediately when the packet matches a firewall rule The log for Default Firewall Policy LAN to WAN WAN to LAN WAN to WAN is generated automatically with factory default setting but you can chang...

Страница 27: ...also view Centralized logs via mail or syslog please configure mail server or Unix Syslog server in Web configuration Advanced Setup Maintenance Logs Log Settings 4 When does the P 660HW Tx v3 genera...

Страница 28: ...his mobility supports productivity and service opportunities not possible with wired networks Installation Speed and Simplicity Installing a wireless LAN system can be fast and easy and can eliminate...

Страница 29: ...less LAN cards that have been installed in computers or laptops allowing those computers to connect to the campus network and the Internet without wires 6 Is it possible to use wireless products from...

Страница 30: ...s phone for that matter But BlueTooth devices are usually low power so the effects that a Bluetooth device may have on an 802 11 network if any aren t far reaching 10 Can radio signals pass through wa...

Страница 31: ...re Yes it will not harm the hardware but the module will not be detected and work after inserting to the slot You need to reboot the router to initialize the module 14 What wireless security mode does...

Страница 32: ...ersed pockets of populations then extension points can be used for extend coverage 4 What is Direct Sequence Spread Spectrum Technology DSSS DSSS spreads its signal continuously over a wide frequency...

Страница 33: ...ower level The ISM band is populated by Industrial Scientific and Medical devices that are all low power devices but can interfere with each other 8 What is Server Set ID SSID SSID is a configurable i...

Страница 34: ...but still want to benefit from it Because WPA PSK only requires a single password to be entered on wireless AP gateway and wireless client As long as the passwords match a client will be granted acce...

Страница 35: ...SSID since the SSID is sent in the clear in the probe message when a client associates to an AP a sniffer just has to wait for a valid user to associate to the network to see the SSID 9 What are Inse...

Страница 36: ...omputer to access the Internet Set up your workstation 1 Ethernet connection To connect your computer to the P 660HW Tx v3 s LAN port the computer must have an Ethernet adapter card installed For conn...

Страница 37: ...w to configure your P 660HW Tx v3 as bridge mode We will use Web Configurator to guide you through the related menu 1 Retrieve Prestige Web Please enter the LAN IP address of the Prestige router in th...

Страница 38: ...ult password is the default SMT password 1234 1 Configure P 660HW Tx v3 as bridge mode and configure Internet setup parameters in Web Configurator Advanced Setup Network WAN Internet Connection Key Se...

Страница 39: ...Internet users having multiple computers want to share an Internet account for Internet access they have to install an Internet sharing device like a router In this case we use the P 660HW Tx v3 whic...

Страница 40: ...t setup parameters in Web Configurator Advanced Setup Network WAN Internet Connection Key Settings Option Description Encapsulation Select the correct Encapsulation type that your ISP supports For exa...

Страница 41: ...ture the P 660HW Tx v3 supports the DHCP relay function When it is configured as DHCP server it assigns the IP addresses to the LAN clients When it is configured as DHCP relay it is responsible for fo...

Страница 42: ...red in Web Configurator Advanced Setup Network NAT Port Forwarding the internal server or client applications can be accessed by using the P 660HW Tx v3 s WAN IP Address SUA Supporting Table The follo...

Страница 43: ...e 1720 client IP 1503 client IP Cisco IP TV 2 0 0 None RealPlayer G2 None VDOLive None Quake1 064 None Default client IP QuakeII2 305 None Default client IP QuakeIII1 05 beta None StartCraft 6112 clie...

Страница 44: ...ot allow multiple users to login using the same unique IP so only one Quake user will be allowed in this case Moreover when a Quake server is configured behind SUA P 660HW Tx v3 will not be able to pr...

Страница 45: ...ice is identified by the port number Also since you need to specify the IP address of a server behind the P 660HW Tx v3 a server must have a fixed IP address and not be a DHCP client whose IP address...

Страница 46: ...from Web Configurator Status WAN Information For example Configuring an internal Web server for outside access suppose the Server IP Address is 192 168 1 10 1 Fill in the service name and server IP A...

Страница 47: ...twork including the Internet itself In order to run the Windows 9x PPTP client you must be able to establish an IP connection with a tunnel server such as the Windows NT Server 4 0 Remote Access Serve...

Страница 48: ...d during the installation phase of the Upgrade in addition to the first dial up adapter that provides PPP support for the analog or ISDN modem The PPTP is supported in Windows NT and Windows 98 alread...

Страница 49: ...nt for PPTP logged on user Enable RAS port Select the network protocols from RAS such as IPX TCP IP NetBEUI Set the Internet gateway to P 660HW Tx v3 2 PPTP client setup Win9x Add one VPN connection f...

Страница 50: ...below shows the default gateway of the Win9x client after the dial up connection has been established Before making a VPN connection from the Win9x client to the NT server you need to know the exact I...

Страница 51: ...g mode you can select NAT Option as Full Feature in Network NAT General Key Settings Field Options Description Network Address Translation Full Feature When you select this option you can select Addre...

Страница 52: ...Network NAT Port Forwarding To use the NAT server sets you ve configured a Server rule must be set up inside the NAT Address Mapping set Please see NAT Server Sets for further information on how to ap...

Страница 53: ...nfigure Address Mapping Sets from Web Configurator and CLI Since in Web Configurator we can only edit the rules for Address Mapping Sets 1 The other Address Mapping Sets 2 8 can only be configured in...

Страница 54: ...255 This field is N A for One to One type 255 255 255 255 Global IP Start This is the starting global IP address IGA If you have a dynamic IP enter 0 0 0 0 as the Global Start IP 0 0 0 0 End This is t...

Страница 55: ...ttings CI Command Description ip nat addrmap map map set name Select NAT address mapping set and set mapping set name but set name is optional Example ip nat addrmap map 2 Test ip nat addrmap rule rul...

Страница 56: ...server edit rule rulename string Configure the name of the rule Leave it to be default value if you don t want this command ip nat server edit rule forwardip IP address Configure the LAN IP address to...

Страница 57: ...nd fill in the server Address on Server IP Address then click button Add to save it Step 3 You could click the button Edit on the rule to modify the Service name Server IP Address Start End Port The m...

Страница 58: ...u can just use the default SUA NAT or you could select Full Feature NAT and select an Address Mapping Set with a Many to One Rule See the following figure 2 Internet Access with an Internal Server In...

Страница 59: ...r for the web and mail In this case we want to assign the 3 IGAs by the following way using 4 NAT rules Rule 1 One to One type to map the FTP Server 1 with ILA1 192 168 1 10 to IGA1 200 0 0 1 Rule 2 O...

Страница 60: ...to P 660HW Tx v3 s WAN IP Address Step 2 Go to Web Configurator Advanced Setup Network NAT Address Mapping to begin configuring Address Mapping Set 1 We can see there are 10 blank rule table that coul...

Страница 61: ...L Communications Corporation Rule 3 Setup Select Many to One type to map the other clients to IGA3 200 0 0 3 Rule 4 Setup Select Server type to map our web server and mail server with ILA3 192 168 1 2...

Страница 62: ...tor Advanced Setup Network NAT Port Forwarding 4 Support Non NAT Friendly Applications Some servers providing Internet applications such as some mIRC servers do not allow users to login using the same...

Страница 63: ...on such as email addresses hostnames IPs etc can be stored and retrieved This solves the problems if your DNS server uses an IP associated with dynamic IPs Without DDNS we always tell the users to use...

Страница 64: ...DYNDNS ORG where you apply the DNS from and update the WAN IP to Setup the DDNS 1 Before configuring the DDNS settings in the P 660HW Tx v3 you must register an account from the DDNS server such as W...

Страница 65: ...the NMS to monitor and control additional system variables The ZyXEL s private MIB tree is shown in figure 3 For SNMPv1 operation ZyXEL permits one community string so that the router can belong to o...

Страница 66: ...IB When the system is going to restart warmstart the trap will be sent with the reason of restart before rebooting 1 For intentional reboot In some cases download new files CI command sys reboot reboo...

Страница 67: ...Enter the correct Get Community This Get Community must match the Get and GetNext community requested from the NMS The default is public Set Community Enter the correct Set Community This Set Communit...

Страница 68: ...gs Active Select it to active UNIX Syslog Syslog IP Address Enter the IP address of the UNIX server that you wish to send the syslog Log Facility Select from the 7 different local options The log faci...

Страница 69: ...s that we call IP Alias 1 and IP Alias 2 can be configured in Network LAN IP Alias There are three internal virtual LAN interfaces for the P 660HW Tx v3 to route the packets from to the three networks...

Страница 70: ...his will create the first route in the enif0 interface 2 Edit the second and third networks in Network LAN IP Alias by configuring the P 660HW Tx v3 s second and third LAN IP addresses Key Settings IP...

Страница 71: ...e IP header at the periphery of the network to enable the backbone to prioritize traffic Cost Savings IPPR allows organizations to distribute interactive traffic on high bandwidth high cost path while...

Страница 72: ...policyrouting set index set rule Suppose set 1 rule 1 in this example Step 2 Suppose we d like to edit the rule like this Policy Set Name Test Active Yes Criteria IP Protocol 6 Type of Service Don t...

Страница 73: ...ctmatched Set the action for the rule Matched ip policyrouting set action gatewaytype 0 Set gateway type for the rule Gateway Address ip policyrouting set action gatewayaddr 192 168 1 254 Set the gate...

Страница 74: ...gure a Call Scheduling You can configure a call scheduling in CLI Suppose we want to edit a call schedule set like this Call Schedule Set 1 Set name Test Active Yes Start Date yyyy mm dd 2005 12 27 Ho...

Страница 75: ...ode will always keep doen during the setting period The connected remote node will be dropped Enable Dial On Demand The remote node accepts Dial on demand during this period Disable Dial On Demand The...

Страница 76: ...You can configure it in Web Configurator Advanced Setup Maintenance System Time Setting 12 Using IP Multicast What is IP Multicast Traditionally IP packets are transmitted in two ways unicast or broa...

Страница 77: ...P in P 660HW Tx v3 s remote node in Web Configurator Advanced Setup Network WAN Internet Connection Advanced Setup Key Settings Multicast IGMP v1 for IGMP version 1 IGMP v2 for IGMP version 2 IGMP v3...

Страница 78: ...VCI and also services encapsulation type into profile of WAN interface Configure the VC auto hunting preconfigured table 1 Display auto haunting preconfigured table by using command from CLI wan atm...

Страница 79: ...sets with six rules in each set for a total of 72 filter rules in the system You can apply up to four filter sets to a particular port to block multiple types of packets With each filter set having up...

Страница 80: ...6 set 3 rule 1 set 4 rule 1 sys filter set display For example This could satisfy mostly requirement You could select any of them to apply to the WAN node or LAN Interface on demand The command is as...

Страница 81: ...le everytime you ve configured it Reference Commands sys filter set index set rule Set the index of filter set rule you must apply this command first before you begin to configure the filter rules sys...

Страница 82: ...ys filter set actnomatch type 0 2 checknext forward drop Set the action for not match sys filter set offset Set offset for the generic rule sys filter set length Set the length for generic rule sys fi...

Страница 83: ...ther client units just as using a cross over Ethernet cable connecting 2 host together via a NIC card for direct connection when configured in Ad hoc mode without an access point being present Ad hoc...

Страница 84: ...oc from the operation mode pull down menu fill you an SSID and select a channel you want to use than press OK to apply Step 4 Since there is no DHCP server to give the host IP you must first designate...

Страница 85: ...6 Fill in your network IP address and subnet mask and click OK to finish Configuration for Wireless Station B To configure Ad hoc mode on your ZyAIR B 100 B 200 B 300 wireless NIC card please follow t...

Страница 86: ...oc from the operation mode pull down menu fill you an SSID and select a channel you want to use than press OK to apply Step 4 Since there is no DHCP server to give the host IP you must first designate...

Страница 87: ...able to connect to Station B 2 MAC Filter MAC Filter Overview Users can use MAC Filter as a method to restrict unauthorized stations from accessing the APs ZyXEL s APs provide the capability for check...

Страница 88: ...configured in Web Configurator Advanced Setup Network Wireless LAN General MAC Filter Before you configure the MAC filter you need to know the MAC address of the client first If not knowing what your...

Страница 89: ...received over a wireless network can be intercepted WEP relies on a secret key that is shared between a mobile station e g a laptop with a wireless Ethernet card and an access point i e a base station...

Страница 90: ...key secret key with 5 characters o 64 bit WEP key secret key with 10 hexadecimal digits o 128 bit WEP key secret key with 13 characters o 128 bit WEP key secret key with 26 hexadecimal digits o 256 b...

Страница 91: ...Notes 91 All contents copyright 2008 ZyXEL Communications Corporation 2 You can also put in an arbitrary sequence of characters in the Passphrase and then press button Generate to let the P 660HW Tx...

Страница 92: ...s copyright 2008 ZyXEL Communications Corporation Setting up the Station Step 1 Double click on the utility icon in your windows task bar or right click the utility icon then select Show Config Utilit...

Страница 93: ...08 ZyXEL Communications Corporation Note If the utility icon doesn t exist in your task bar click Start Programs to start the utility Step 2 Select the Configuration tab Select Set Security to configu...

Страница 94: ...P key Hexadecimal digits don t need to preceded by 0x For example 64 bits with characters WEP key Key1 2e3f4 64 bits with hexadecimal digits WEP key Key1 123456789A 4 Site Survey Introduction What is...

Страница 95: ...diagram 3 Identify user s area when doing so ask a question where is wireless coverage needed and where does not and note and take note on the diagram this is information is needed to determine the nu...

Страница 96: ...Step 4 It s always a good idea to start with putting the access point at the corner of the room and walk away from the access point in a systematic manner Record down the changes at point where trans...

Страница 97: ...cess point installation spot if wireless service is required from corner of the room Step 6 Repeat step 1 5 and now you should be able to mark an RF coverage area as illustrated in above picutre Step...

Страница 98: ...ed Access WPA is a subset of the IEEE 802 11i security specification draft Key differences between WAP and WEP are user authentication and improved data encryption WAP applies IEEE 802 1x Extensible A...

Страница 99: ...asswords match a client will be granted access to a WLAN Here comes WPA PSK Application example for your reference Configuration for Access point The IEEE 802 1x standard outlines enhanced security me...

Страница 100: ...on Configuration for your PC Step 1 Double click on your wireless utility icon in your windows task bar the utility will pop up on your windows screen Step 2 Select the configuration tab type in the S...

Страница 101: ...Notes 101 All contents copyright 2008 ZyXEL Communications Corporation Step 3 Click Set Security to configure the security parameters Step 4 Click OK for finish and begin to Site survey Connect to th...

Страница 102: ...tton to turn the wireless LAN off or on You can also use it to activate WPS in order to quickly set up a wireless network with strong security 1 Turn the Wireless LAN Off or On 1 Make sure the POWER L...

Страница 103: ...using WPS The PIN is not necessary when you use WPS push button method Generate Click this button to have the ZyXEL Device create a new PIN WPS Status This displays Configured when the ZyXEL Device ha...

Страница 104: ...d to click Network Wireless LAN WPS Station Each field s detail description of the page is listed below Label Description Push Button Click this button to add another WPS enabled wireless device withi...

Страница 105: ...index timer second channel receive transmit length protocol sourceIP port destIP port There are two ways to dump the trace Online Trace display the trace real time on screen Offline Trace capture the...

Страница 106: ...apture of the LAN packet by entering sys trcp channel enet0 none Enable to capture the WAN packet by entering sys trcp channel mpoa00 bothway Enable the trace log by entering sys trcp sw on sys trcl s...

Страница 107: ...one Enable the capture of the LAN packet by entering sys trcp channel enet0 bothway Enable the trace log by entering sys trcp sw on sys trcl sw on Wait for packet passing through the Prestige over LAN...

Страница 108: ...XEL Communications Corporation Capture the detailed logs by Hyper Terminal Step 1 Initiate a hyper terminal connection from your PC suppose you connected to the LAN port of P 660HW Tx v3 Step 2 Click...

Страница 109: ...P 660HW Tx v3 Series Support Notes 109 All contents copyright 2008 ZyXEL Communications Corporation Step 3 So that after you invoke the relevant commands you could save the logs you ve captured...

Страница 110: ...o upload download ZyNOS via LAN Step 1 TELNET to your Prestige first before running the TFTP software Step 2 Type the CI command sys stdio 0 to disable console idle timeout in Command Line Interface C...

Страница 111: ...Octet blocks for TFTP Check Binary mode for file transfering 2 Using TFTP to upload download SMT configurations via LAN Step 1 TELNET to your Prestige first before running the TFTP software Step 2 Typ...

Страница 112: ...ftp i PrestigeIP get ras localfile Step 4 Upload P 660HW Tx v3 configurations via LAN c tftp i PrestigeIP put localfile rom 0 Step 5 Download P 660HW Tx v3 configurations via LAN c tftp i PrestigeIP g...

Страница 113: ...ample shown below Using FTP client software Note The remote file name for the firmware is ras and the configuration file is rom 0 Step 1 Use FTP client from your workstation to connect to the Prestige...

Страница 114: ...ommunications Corporation Binary Step 2 Press OK to ignore the Username prompt Step 3 To upload the firmware file we transfer the local ras file to overwrite the remote ras file To upload the configur...

Страница 115: ...3 Series Support Notes 115 All contents copyright 2008 ZyXEL Communications Corporation Step 4 The Prestige reboots automatically after the uploading is finished Please do not power off the router at...

Страница 116: ...and param command help command subcommand help General user interface 1 Shows the following commands and all major sub commands 2 exit Exit Subcommand To get the latest CI Command list The latest CI C...

Результаты поиска

Содержание P-660HW-Tx v3 Series

Отзывы:

Похожие инструкции для P-660HW-Tx v3 Series

Бренды по названию

Популярные бренды

ZyXEL Communications P-660HW-Tx v3 Series, Поддержка заметок

Результаты поиска

Содержание P-660HW-Tx v3 Series

Отзывы:

Похожие инструкции для P-660HW-Tx v3 Series

Бренды по названию

Популярные бренды