ZyXEL Communications P-662HW-D - V3.40 Скачать руководство пользователя страница 108 | Manualshive

Страница: 108 / 143

background image

P-662HW-D Series Support Notes

The IP addresses we use in this example are as shown below.

Branch_A

Headquarter

Branch_B

WAN:202.3.1.1

LAN:192.168.3.1

WAN:202.1.1.1

LAN:192.168.1.1

WAN:202.2.1.1

LAN:192.168.2.1

LAN of Branch_A

LAN of Headquarter

LAN of Branch_B

192.168.3.0/24 192.168.1.0/24 192.168.2.0/24

Setp 1: Setup VPN in branch office A

Because VPN routing enables branch offices to talk to each other via tunnels
concentrated on headquarter. In this step, we configure an IPSec rule in
Prestige (Branch_A) for PCs behind branch office A to access both LAN
segments of headquarter and branch office B. Because the LAN segments of
headquarter and branch office B are continuous, we merge them into one
single rule by including these two segments in

Remote

section. If by any

chance, the two segments are not continuous, we strongly recommend you to
setup different rules for these segments.

Create a VPN Rule with name

Branch_A

. The configuration is the same as

Prestige to Prestige Tunnel, just the IP Address is a little different:

(1)

Local Address Type

is

Range Address

and

IP Address Start

is

192.168.3.0, IP Address End

is

192.168.3.255.

This section covers the LAN

segment of branch office A.

Remote Address Type

is

Range Address

and

IP Address Start

is

192.168.1.0

, IP Address End is

192.168.2.255

. This section covers the LAN

segment of both headquarter and branch office B.

(2)

My IP Address

is the

WAN IP of Prestige

in

Branch_A

,

202.3.1.1

in the

example.

Secure Gateway Address

is

IP address of Headquarter

,

202.1.1.1

in the

example.

(3) Suppose the pre-shared key is

01234567

, we should configure the same

key in the corresponding rule in Headquarter VPN Gateway.

(4) You can setup IKE phase 1 and phase 2 parameters by pressing

Advanced

button. Please make sure that parameters you set in this menu

match with all the parameters with the corresponding VPN rule in headquarter.
We don’t make any advanced setup in the example.

Step 2: Setup VPN in branch office B

107

All contents copyright © 2006 ZyXEL Communications Corporation.

«
...
106
107
108
109
110
...
»

Содержание P-662HW-D - V3.40

Страница 1: ...P 662HW D Series 802 11g Wireless ADSL2 4 port Security Gateway Support Notes Version3 40 Mar 2006...

Страница 2: ...11 15 What are Device filters and Protocol filters 11 16 How can I protect against IP spoofing attacks 11 Product FAQ 13 1 How can I manage P 662HW D 13 2 What is the default password for Web Configur...

Страница 3: ...d a firewall when your router has packet filtering and NAT built in 23 6 What is Denials of Service DoS attack 23 7 What is Ping of Death attack 24 8 What is Teardrop attack 24 9 What is SYN Flood att...

Страница 4: ...PN support 34 4 What types of authentication does P 662HW D VPN support 34 5 I am planning my P 662HW D VPN configuration What do I need to know 34 6 Does P 662HW D support dynamic secure gateway IP 3...

Страница 5: ...urity mode does P 662HW D support 42 16 What Wireless standard does P 662HW D support 42 17 Does P 662HW D support MAC filtering 42 18 Does P 662HW D support auto rate adaption 42 Advanced FAQ 42 1 Wh...

Страница 6: ...n 90 15 How could I configure triple play on P 662HW D 93 16 How to configure packet filter on P 662HW D 93 IPSEC VPN Application Notes 97 1 How to use P 662HW D to build VPN Tunnel with another VPN G...

Страница 7: ...W D Series Support Notes Using TFTP command on UNIX 138 3 Using FTP to Upload the Firmware and Configuration Files 139 CI Command Reference 142 6 All contents copyright 2006 ZyXEL Communications Corpo...

Страница 8: ...factory default 4 How do I update the firmware and configuration file You can do this if you access the P 662HW D as Administrator You can upload the firmware and configuration file to Prestige from...

Страница 9: ...forget the system password In case you forget the system password you can erase the current configuration and restore factory defaults this way Use the RESET button on the rear panel of P 662HW D to r...

Страница 10: ...will be three options for you None SUA Only Full Feature SUA Single User Account in previous ZyNOS versions is a NAT set with 2 rules Many to One and Server With SUA visible servers had to be mapped t...

Страница 11: ...ess 13 What IP Port mapping does Multi NAT support Multi NAT supports five types of IP port mapping One to One Many to One Many to Many Overload Many to Many No Overload and Server The details of the...

Страница 12: ...anif0 to view the current active NAT sessions 15 What are Device filters and Protocol filters In ZyNOS the filters have been separated into two groups One group is called device filter group and the o...

Страница 13: ...ress on your local network and w x y z is your netmask For the output data filters Deny bounce back packet Allow packets that originate from us Filter rule setup Filter Type TCP IP Filter Rule Active...

Страница 14: ...ou change it The system will lock you out if you have forgotten your password 3 What s the difference between Common User Account and Administrator Account For Common User Account it can only access t...

Страница 15: ...e and password on your computer to connect to the ISP you are probably using PPPoE If you are simply connected to the Internet when you turn on your computer you probably are not You can also check yo...

Страница 16: ...to the same IP address as yourhost dyndns org This feature is useful when there are multiple servers inside and you want users to be able to use things such as www yourhost dyndns org and still reach...

Страница 17: ...aims at boosting the efficiency of the bandwidth If there are serveral VCs in the P 662HW D but only one VC activated at one time the P 662HW D allocates all the Bandwidth to the VC and the VC gets f...

Страница 18: ...t PCR as 5424 cell sec 17 What do the ATM QoS Types CBR UBR VBR nRT VBR RT mean Constant bit rate CBR An ATM bandwidth allocation service that requires the user to determine a fixed bandwidth requirem...

Страница 19: ...ing You can also specify trusted IP Addresses on LAN for which the P 662HW D will not perform content filtering You can configure the details about it in Web Configurator Advanced setup Security Conte...

Страница 20: ...for many years Additionally many of the older cable networks are not capable of offering a return channel consequently such networks will need significant upgrading before they can offer high bandwid...

Страница 21: ...ore the VC based multiplexing is more efficient 7 How do I know the details of my ADSL line statistics You can use the following CI commands to check the ADSL line statistics CI wan adsl perfdata CI w...

Страница 22: ...equire different Qulity of Service The high priority is Voice VoIP data The Medium priority is Video IPTV data The low priority is internet access such as ftp etc Triple Play is a port based policy to...

Страница 23: ...e LAN are invisible to the Internet 3 What are the basic types of firewalls Conceptually there are three types of firewalls 1 Packet Filtering Firewall 2 Application level Firewall 3 Stateful Inspecti...

Страница 24: ...s that enhance the filtering process and control the network session rather than control individual packets in a session 4 The P 662HW D s firewall is fast It uses a hashing function to search the mat...

Страница 25: ...IP fragments with overlapping offset fields When these fragments are reassembled at the destination some systems will crash hang or reboot 9 What is SYN Flood attack SYN attack floods a targeted syste...

Страница 26: ...agnify the effect of the DoS attack IP Spoofing is a technique used to gain unauthorized access to computers by tricking a router or firewall into thinking that the communications are coming from with...

Страница 27: ...ator Telnet over WAN There are four reasons that WWW Telnet from WAN is blocked 1 When the firewall is turned on all connections from WAN to LAN are blocked by the default ACL rule To enable Telnet fr...

Страница 28: ...Why can t I upload the firmware and configuration file using FTP over WAN 1 When the firewall is turned on all connections from WAN to LAN are blocked by the default ACL rule To enable FTP from WAN y...

Страница 29: ...nerated automatically with factory default setting but you can change it in Web Configurator 2 What does the log show to us The log supports up to 128 entries There are 5 columns for each entry Please...

Страница 30: ...configuration Advanced Setup Maintenance Logs Log Settings 4 When does the P 662HW D generate the firewall alert The P 662HW D generates the alert when an attack is detected by the firewall and sends...

Страница 31: ...h encryption VPN guarantees the confidentiality of the original user data Cost 1 Cut long distance phone charges Because users typically dial the their local ISP for VPN thus long distance phone charg...

Страница 32: ...es allow for authentication integrity access control and confidentiality IPSec allows for the information exchanged between remote sites to be encrypted and verified You can create encrypted tunnels V...

Страница 33: ...because you have to share it with another party before you can communicate with them over a secure connection 12 What are the differences between IKE and manual key VPN The only difference between IK...

Страница 34: ...hoosen you can still use a random string as the content such as this_is_Prestige It s not neccessary to follow the format exactly By default the device takes IP as phase 1 ID type for itself and it s...

Страница 35: ...e authentication integrity replay protection and confidentiality of the data it secures everything in the packet that follows the header Replay protection requires authentication and integrity these t...

Страница 36: ...the Secure Gateway IP Address in P 662HW D In this case the VPN connection can only be initiated from dynamic side to fixed side in order to update its dynamic IP to the fixed side If both gateways us...

Страница 37: ...SecGo IPSec for Windows F Secure IPSec for Windows KAME IPSec for UNIX Nortel IPSec for UNIX Intel VPN v 6 90 FreeS WAN for Linux SSH Remote ISAKMP Testing Page http isakmp test ssh fi cgi bin nph isa...

Страница 38: ...know Suppose host P 662HW D NAT Router Internet Secure host Some tips for the configuration 1 The NAT router must support to pass through IPSec protocol Only ESP tunnel mode is possible to work in NAT...

Страница 39: ...r NAT Firewall If the VPN connection is initiated from the security gateway outside of P 662HW D NAT port forwarding and Firewall forwarding are necessary To configure NAT port forwarding please go to...

Страница 40: ...and can eliminate the need to pull cable through walls and ceilings Installation Flexibility Wireless technology allows the network to go where wire cannot go Reduced Cost of Ownership While the initi...

Страница 41: ...h Time Frequency Band GHZ Data Rate Mbps Compatibility IEEE802 11a 1999 UNII Band 5 15 5 825 6 9 12 18 24 36 48 54 Only work with 802 11a devices IEEE802 11b 1999 ISM Band 2 4 2 4835 1 2 5 5 11 IEEE80...

Страница 42: ...l Transmitting through a wall is possible depending upon the material used in its construction In general metals and substances with a high water content do not allow radio waves to pass through Metal...

Страница 43: ...te adaption Yes it means that the AP on P 662HW D will automatically decelerate when devices move beyond the optimal range or other interference is present If the device moves back within the range of...

Страница 44: ...1 may use FHSS or DSSS 6 Do I need the same kind of antenna on both sides of a link No Provided the antenna is optimally designed for 2 4GHz or 5GHz operation WLAN NICs often include an internal anten...

Страница 45: ...is a subset of the IEEE 802 11i security specification draft Key differences between WAP and WEP are user authentication and improved data encryption WAP applies IEEE 802 1x Extensible Authentication...

Страница 46: ...ng 802 11 wireless traffic 8 By turning off the broadcast of SSID can someone still sniff the SSID Many APs by default have broadcasting the SSID turned on Sniffers typically will find the SSID in the...

Страница 47: ...ity mode automatically with just one touch at the reset button on rear panel To use this function on P 662HW D you could press the reset button on P 662HW D for 1 5 seconds the OTIST is actived The P...

Страница 48: ...nnection To connect your computer to the P 662HW D s LAN port the computer must have an Ethernet adapter card installed For connecting a single computer to the P 662HW D we use a Ethernet cable 2 TCP...

Страница 49: ...how to configure your P 662HW D as bridge mode We will use Web Configurator to guide you through the related menu 1 Configure P 662HW D as bridge mode and configure Internet setup parameters in Web C...

Страница 50: ...62HW D in Web Configurator Advanced Setup Network LAN We use 192 168 1 1 as the LAN IP for P 662HW D in this case Step 1 Disactive DHCP Server and apply it Step 2 Assign an IP to the LAN Interface of...

Страница 51: ...the clients via DHCP if it is available For this setup in Windows we check the option Obtain an IP address automatically in its TCP IP setup Please see the example shown below Set up your P 662HW D u...

Страница 52: ...the DHCP settings in Web Configurator Advanced Setup Network LAN 3 Setup the P 662HW D as a DHCP Relay What is DHCP Relay DHCP stands for Dynamic Host Configuration Protocol In addition to the DHCP s...

Страница 53: ...r are configured in Web Configurator Advanced Setup Network NAT Port Forwarding the internal server or client applications can be accessed by using the P 662HW D s WAN IP Address SUA Supporting Table...

Страница 54: ...032 client IP Default client IP Microsoft NetMeeting 2 1 3 013 None 1720 client IP 1503 client IP Cisco IP TV 2 0 0 None RealPlayer G2 None VDOLive None Quake1 064 None Default client IP QuakeII2 305...

Страница 55: ...IP 4 Certain Quake servers do not allow multiple users to login using the same unique IP so only one Quake user will be allowed in this case Moreover when a Quake server is configured behind SUA P 662...

Страница 56: ...fixed IP address and not be a DHCP client whose IP address potentially changes each time P 662HW D is powered on In addition to the servers for specific services SUA supports a default server A servic...

Страница 57: ...10 1 Fill in the service name and server IP Address press button Add 2 If add successfully the Web Configurator will display message Configuration updated successfully at the bottom You can see the p...

Страница 58: ...nt you must be able to establish an IP connection with a tunnel server such as the Windows NT Server 4 0 Remote Access Server Windows Dial Up Networking uses the Internet standard Point to Point PPP t...

Страница 59: ...the first dial up adapter that provides PPP support for the analog or ISDN modem The PPTP is supported in Windows NT and Windows 98 already For Windows 95 it needs to be upgraded by the Dial Up Networ...

Страница 60: ...protocols from RAS such as IPX TCP IP NetBEUI Set the Internet gateway to P 662HW D 2 PPTP client setup Win9x Add one VPN connection from Dial Up Networking by entering the correct username password a...

Страница 61: ...al up connection has been established Before making a VPN connection from the Win9x client to the NT server you need to know the exact Internet IP address that the ISP assigns to P 662HW D router in S...

Страница 62: ...ll down menu on the right None NAT is disabled when you select this option Network Address Translation SUA Only When you select this option this remote node will use default SUA Address Mapping Set Yo...

Страница 63: ...pply it When you select SUA Only the P 662HW D will use a default SUA Address Mapping set for it It has two rules Many to One and Server You can see it in CLI by command ip nat lookup 255 Please note...

Страница 64: ...8 can only be configured in CLI Now let s begin with Web Configurator Firstly let s come to Web Configurator Advanced Setup Network NAT Address Mapping This menu is for Address Mapping Set 1 you can...

Страница 65: ...t This is the starting global IP address IGA If you have a dynamic IP enter 0 0 0 0 as the Global Start IP 0 0 0 0 Global IP End This is the ending global IP address IGA This field is N A for One to O...

Страница 66: ...ct NAT address mapping set and set mapping set name but set name is optional Example ip nat addrmap map 2 Test ip nat addrmap rule rule insert edit type local start IP local end IP global start IP glo...

Страница 67: ...ave it to be default value if you don t want this command ip nat server edit rule forwardip IP address Configure the LAN IP address to be forwarded ip nat server edit rule protocol TCP UDP ALL Configu...

Страница 68: ...on Add to save it Step 3 You could click the button Edit on the rule to modify the Service name Server IP Address Start End Port The most often used port numbers are shown in the following table Pleas...

Страница 69: ...e NAT and select an Address Mapping Set with a Many to One Rule See the following figure 2 Internet Access with an Internal Server In this case we do exactly as the figure use the convenient pre confi...

Страница 70: ...y the following way using 4 NAT rules Rule 1 One to One type to map the FTP Server 1 with ILA1 192 168 1 10 to IGA1 200 0 0 1 Rule 2 One to One type to map the FTP Server 2 with ILA2 192 168 1 11 to I...

Страница 71: ...nced Setup Network NAT Address Mapping to begin configuring Address Mapping Set 1 We can see there are 10 blank rule table that could be configured See the following setup for the four rules in our ca...

Страница 72: ...to map the other clients to IGA3 200 0 0 3 Rule 4 Setup Select Server type to map our web server and mail server with ILA3 192 168 1 20 to IGA3 Menu Network NAT Address Mapping should look as follows...

Страница 73: ...riendly Applications Some servers providing Internet applications such as some mIRC servers do not allow users to login using the same IP address In this case it is better to use Many to Many No Overl...

Страница 74: ...nd retrieved This solves the problems if your DNS server uses an IP associated with dynamic IPs Without DDNS we always tell the users to use the WAN IP of the P 662HW D to access the internal server I...

Страница 75: ...p the DDNS 1 Before configuring the DDNS settings in the P 662HW D you must register an account from the DDNS server such as WWW DYNDNS ORG first After the registration you have a hostname for your in...

Страница 76: ...s shown in figure 3 For SNMPv1 operation ZyXEL permits one community string so that the router can belong to only one community and allows trap messages to be sent to only one NMS manager Some traps a...

Страница 77: ...of restart before rebooting 1 For intentional reboot In some cases download new files CI command sys reboot reboot is done intentionally And traps with the message System reboot by user will be sent...

Страница 78: ...om the NMS The default is public Set Community Enter the correct Set Community This Set Community must match the Set community requested from the NMS The default is public Trusted Host Enter the IP ad...

Страница 79: ...you wish to send the syslog Log Facility Select from the 7 different local options The log facility lets you log the message in different server files Refer to your UNIX manual 9 Using IP Alias What...

Страница 80: ...Network LAN IP Alias There are three internal virtual LAN interfaces for the P 662HW D to route the packets from to the three networks correctly They are enif0 for the major network enif0 0 for the IP...

Страница 81: ...cond and third networks in Network LAN IP Alias by configuring the P 662HW D s second and third LAN IP addresses Key Settings IP Alias 1 Active it and enter the second LAN IP address for the P 662HW D...

Страница 82: ...to prioritize traffic Cost Savings IPPR allows organizations to distribute interactive traffic on high bandwidth high cost path while using low path for batch traffic Load Sharing Network administrat...

Страница 83: ...mple Step 2 Suppose we d like to edit the rule like this Policy Set Name Test Active Yes Criteria IP Protocol 6 Type of Service Don t Care Packet length 0 Precedence Don t Care Len Comp N A Source add...

Страница 84: ...action gatewaytype 0 Set gateway type for the rule Gateway Address ip policyrouting set action gatewayaddr 192 168 1 254 Set the gateway address for the rule 192 168 1 254 ip policyrouting set criter...

Страница 85: ...ppose we want to edit a call schedule set like this Call Schedule Set 1 Set name Test Active Yes Start Date yyyy mm dd 2005 12 27 How Often Once Once Date yyyy mm dd 2005 12 27 Start Time hh mm 12 00...

Страница 86: ...remote node will be dropped Enable Dial On Demand The remote node accepts Dial on demand during this period Disable Dial On Demand The remote node denies any demand dial during the period For the exis...

Страница 87: ...P packets are transmitted in two ways unicast or broadcast Multicast is a third way to deliver IP packets to a group of hosts Host groups are identified by class D IP addresses i e those with 1110 as...

Страница 88: ...Some other traffic may not require high bandwidth but they require stable supply of bandwidth such as VoIP traffic The VoIP quality would not be good if all of the outgoing bandwidth is occupied via F...

Страница 89: ...s root Scheduler Choose the principle to allocate bandwidth on this interface Priority Based allocates bandwidth via priority Fairness Based allocates bandwidth by ratio Maximize Bandwidth Usage Chec...

Страница 90: ...Managed Bandwidth Check this box if you would like to let this class to borrow bandwidth from it s parents when the required bandwidth is higher than the configured amount Do not check this if you wa...

Страница 91: ...t some probing patterns system will analyze the packets returned from ISP and decide which services the ISP may provide Because ADSL is based on a ATM network so system have to pre configured a VPI VC...

Страница 92: ...vpi vci service bit hex wan atm vchunt save Note remote node input the remote node index 1 8 vpi vpi value vci vci value service it s a hex value bit0 PPPoE VC 1 bit1 PPPoE LLC 2 bit2 PPPoA VC 4 bit3...

Страница 93: ...the device LAN Ethernet port with the DSL sync up 2 Open your web browser to access a Web site It should prompt and request for your username password of your ISP account if your ISP provide PPPoE or...

Страница 94: ...ernet port 1 must be forwarded to PVC1 vice versa The traffic from Ethernet port 2 must be forwarded to PVC2 vice versa The traffic from Ethernet Port3 must be forwarded to PVC3 vice versa 16 How to c...

Страница 95: ...hem by command sys filter set index set rule Usage set 1 12 rule 1 6 Commonly the preconfigured filter sets are as follows set 2 rule 1 6 set 3 rule 1 set 4 rule 1 sys filter set display For example T...

Страница 96: ...s filter set You could configure a filter rule on demand the newest command is available on release note sys filter set save Usage Don t forget to save the rule everytime you ve configured it Referenc...

Страница 97: ...log type 0 3 none match notmatch both Set the log type it could be 0 3 none match not match both sys filter set actmatch type 0 2 checknext forward drop Set the action for match sys filter set actnoma...

Страница 98: ...box II ZyXEL VPN solution Avaya VPN Netopia VPN III VPN The tested VPN softwares are shown below Checkpoint VPN software WIN2K VPN software Soft PK VPN software Linux FreeS WAN VPN SSH Sentinel Intel...

Страница 99: ...pdate its dynamic IP to the fixed side If both of VPN gateways use dynamic IP we need DDNS service to implement it You can finish the configuration via Web Configurator on Prestige Step 1 Set up Prest...

Страница 100: ...t in the example to this policy Select IPSec Key Mode to IKE Negotiation Mode to Main and Encapsulation Mode to Tunnel just the same as we will configure in Prestige B 5 Fill in the Local and Remote s...

Страница 101: ...VPN secure gateways As in the example we ve finished this field on Prestige A then when we configure Prestige B we should make it fit the following table Prestgie A Prestige B Local ID Type IP IP Cont...

Страница 102: ...ou need to configure the same on Prestige B We don t do any anvanced setup in the example Then we have finished the configuration on Preatige A Step 2 Setup Prestige B Similar to the settings for Pres...

Страница 103: ...onitor On P 662HW D Web Configurator Security VPN Monitor you can check every active IPSec connections The VPN Name Encapsulation and IPSec Algorithm will be shown in the Monitor Table If you can t se...

Страница 104: ...IPSec Log We can also view the log for IPSec and IKE connections for trouble shooting On P 662HW D we can check the logs via Web Configurator or CLI The log menu is also useful for troubleshooting ple...

Страница 105: ...ase W2K won t capture the dynamic IP address automatically for you You have to obtain your dynamic IP address and then go back to IPSec configuration to setup your current IP address Prestige dynamic...

Страница 106: ...igeA configure My IP as 0 0 0 0 and Secure Gateway as the dynamic domain name of PrestigeB Step 3 In PrestigeB configure My IP as 0 0 0 0 and Secure Gateway as the dynamic domain name of PrestigeA Ste...

Страница 107: ...etween branch offices through headquarter So that whenever branch office A wants to talk to branch office B headquarter plays as a VPN relay Users can gain benefit from such application when the scale...

Страница 108: ...ith name Branch_A The configuration is the same as Prestige to Prestige Tunnel just the IP Address is a little different 1 Local Address Type is Range Address and IP Address Start is 192 168 3 0 IP Ad...

Страница 109: ...ss End is 192 168 1 255 This section covers the LAN segment of headquarter office 2 My IP Address is the WAN IP of Prestige in Branch_B 202 2 1 1 in the example Secure Gateway Address is IP address of...

Страница 110: ...eadquarter office Remote Address Type is Range Address and IP Address Start is 192 168 3 0 IP Address End is 192 168 3 255 This section covers the LAN segment of branch office A 2 My IP Address is the...

Страница 111: ...or Branch_B_2 in headquarter 1 Local Address Type is Range Address and IP Address Start is 192 168 3 0 IP Address End is 192 168 3 255 This section covers the LAN segment of branch office A Remote Add...

Страница 112: ...ting 2 host together via a NIC card for direct connection when configured in Ad hoc mode without an access point being present Ad hoc operation is ideal for small networks of no more than 2 4 computer...

Страница 113: ...ect a channel you want to use than press OK to apply Step 4 Since there is no DHCP server to give the host IP you must first designate a static IP for your station From Windows Start select Control Pa...

Страница 114: ...finish Configuration for Wireless Station B To configure Ad hoc mode on your ZyAIR B 100 B 200 B 300 wireless NIC card please follow the following step Step1 Double click on the utility icon in your w...

Страница 115: ...ect a channel you want to use than press OK to apply Step 4 Since there is no DHCP server to give the host IP you must first designate a static IP for your station From Windows Start select Control Pa...

Страница 116: ...n B 2 Configuring Infrastructure mode Infrastructure Introduction For Infrastructure WLANs multiple Access Points APs like the WLAN to the wired network and allow users to efficiently share network re...

Страница 117: ...e mode of your P 662HW D wireless AP please follow the steps below Step 1 Login Web Configurator Advanced Setup Network Wireless LAN General Configure the basic parameters for Wireless LAN Step 2 You...

Страница 118: ...structure mode on your ZyAIR G 200 Wireless Network Adapter please follow the following steps Step 1 Double click on the utility icon in your windows task bar the utility will pop up on your windows s...

Страница 119: ...an SSID or leave it as any if you wish to connect to any AP than press Apply Change to take effect Step 4 Click on Site Survey tab and press search all the available AP will be listed Step 5 Double cl...

Страница 120: ...Filter MAC Filter Overview Users can use MAC Filter as a method to restrict unauthorized stations from accessing the APs ZyXEL s APs provide the capability for checking MAC address of the station befo...

Страница 121: ...onfigure the MAC filter you need to know the MAC address of the client first If not knowing what your MAC address is please enter a command ipconfig all after DOS prompt to get the MAC physical addres...

Страница 122: ...bile station e g a laptop with a wireless Ethernet card and an access point i e a base station The secret key is used to encrypt packets before they are transmitted and an integrity check is used to e...

Страница 123: ...10 hexadecimal digits o 128 bit WEP key secret key with 13 characters o 128 bit WEP key secret key with 26 hexadecimal digits o 256 bit WEP key secret key with 29 characters o 256 bit WEP key secret k...

Страница 124: ...phrase and then press button Generate to let the P 662HW D generate WEP Key for you Setting up the Station Step 1 Double click on the utility icon in your windows task bar or right click the utility i...

Страница 125: ...the utility icon doesn t exist in your task bar click Start Programs to start the utility Step 2 Select the Configuration tab Select Set Security to configure encryption type and parameters correspon...

Страница 126: ...the P 662HW D is supposed to use Key 1 by default Key settings The WEP Encryption type of station has to equal to the access point Check ASCII field for characters WEP key or uncheck ASCII field for H...

Страница 127: ...s to complete a simple site survey with simple tools 1 First you will need to obtain a facility diagram such as blueprints This is for you to mark and take record on 2 Visually inspect the facility wa...

Страница 128: ...ociated rate link quality signal strength and etc information as shown in utility below Step 4 It s always a good idea to start with putting the access point at the corner of the room and walk away fr...

Страница 129: ...corner of the room Step 6 Repeat step 1 5 and now you should be able to mark an RF coverage area as illustrated in above picutre Step 7 You may need more than one access point is the RF coverage area...

Страница 130: ...of the IEEE 802 11i security specification draft Key differences between WAP and WEP are user authentication and improved data encryption WAP applies IEEE 802 1x Extensible Authentication Protocol EA...

Страница 131: ...h a client will be granted access to a WLAN Here comes WPA PSK Application example for your reference Configuration for Access point The IEEE 802 1x standard outlines enhanced security methods for bot...

Страница 132: ...your wireless utility icon in your windows task bar the utility will pop up on your windows screen Step 2 Select the configuration tab type in the SSID Service Set Identifier select the operating Mode...

Страница 133: ...otes Step 3 Click Set Security to configure the security parameters Step 4 Click OK for finish and begin to Site survey Connect to the AP as you have configured 132 All contents copyright 2006 ZyXEL C...

Страница 134: ...Series Support Notes Step 5 Click Link Info tab if the PC associated and authenticated with AP successfully we will see the following information 133 All contents copyright 2006 ZyXEL Communications C...

Страница 135: ...two ways to dump the trace Online Trace display the trace real time on screen Offline Trace capture the trace first and display later The details for capturing the trace in CLI as follows First of all...

Страница 136: ...e Enable to capture the WAN packet by entering sys trcp channel mpoa00 bothway Enable the trace log by entering sys trcp sw on sys trcl sw on Display the brief trace online by entering sys trcd brief...

Страница 137: ...el enet0 bothway Enable the trace log by entering sys trcp sw on sys trcl sw on Wait for packet passing through the Prestige over LAN Disable the trace log by entering sys trcp sw off sys trcl sw off...

Страница 138: ...o Prestige After the transfer is complete the Prestige will program the upgraded firmware into FLASH ROM and reboot itself An example The 192 168 1 1 is the IP address of the Prestige The local file i...

Страница 139: ...ge Check the port number 69 and 512 Octet blocks for TFTP Check Binary mode for file transfering Using TFTP command on Windows NT Step 1 TELNET to your Prestige first before using TFTP command Step 2...

Страница 140: ...68 1 1 put local ras ras upload firmware 3 Using FTP to Upload the Firmware and Configuration Files In addition to upload the firmware and configuration file via the console port and TFTP client you c...

Страница 141: ...ng the Prestige s IP and Administrator password in the FTP software Set the transfer type to Auto Detect or Binary Step 2 Press OK to ignore the Username prompt Step 3 To upload the firmware file we t...

Страница 142: ...ort Notes the remote rom 0 file Step 4 The Prestige reboots automatically after the uploading is finished Please do not power off the router at this moment 141 All contents copyright 2006 ZyXEL Commun...

Страница 143: ...ce 1 Shows the following commands and all major sub commands 2 exit Exit Subcommand To get the latest CI Command list The latest CI Command list is available in release note of every ZyXEL firmware re...

Отзывы:

Нет отзывов

Похожие инструкции для P-662HW-D - V3.40

Бренд: WAGO Страницы: 110

Бренд: Nomadix Страницы: 204

Adeo Control SGDD-C4-4

Бренд: DALCNET Страницы: 36

Бренд: THOMSON Страницы: 77

Бренд: ZyXEL Communications Страницы: 352

Бренд: Elvaco Страницы: 48

Бренд: NetModule Страницы: 223

Бренд: Alpha Technologies Страницы: 25

Бренд: Gree Страницы: 12

Бренд: Cisco Страницы: 4

ThingPark Partner

Бренд: Actility Страницы: 4

HomePortal 3800HGV-B

Бренд: 2Wire Страницы: 82

Бренд: Wildix Страницы: 4

Бренд: Technicolor Страницы: 98

Бренд: ATX Страницы: 36

Бренд: resideo Страницы: 12

Бренд: RTA Страницы: 58

Бренд: Arris Страницы: 4

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды