manualshive.com logo in svg

ZyXEL Communications VMG4325-B10A, Руководство пользователя

Поделиться
Скачать
ZyXEL Communications VMG4325-B10A Скачать руководство пользователя страница 337

 Appendix D Wireless LANs

VMG4380-B10A / VMG4325-B10A User’s Guide

337

• Accounting-Request

Sent by the access point requesting accounting.

• Accounting-Response

Sent by the RADIUS server to indicate that it has started or stopped accounting. 

In order to ensure network security, the access point and the RADIUS server use a shared secret 
key, which is a password, they both know. The key is not sent over the network. In addition to the 
shared key, password information exchanged is also encrypted to protect the network from 
unauthorized access. 

Types of EAP Authentication 

This section discusses some popular authentication types: EAP-MD5, EAP-TLS, EAP-TTLS, PEAP and 
LEAP. Your wireless LAN device may not support all authentication types. 

EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE 
802.1x transport mechanism in order to support multiple types of user authentication. By using EAP 
to interact with an EAP-compatible RADIUS server, an access point helps a wireless station and a 
RADIUS server perform authentication. 

The type of authentication you use depends on the RADIUS server and an intermediary AP(s) that 
supports IEEE 802.1x. 

For EAP-TLS authentication type, you must first have a wired connection to the network and obtain 
the certificate(s) from a certificate authority (CA). A certificate (also called digital IDs) can be used 
to authenticate users and a CA issues certificates and guarantees the identity of each certificate 
owner.

EAP-MD5 (Message-Digest Algorithm 5)

MD5 authentication is the simplest one-way authentication method. The authentication server 
sends a challenge to the wireless client. The wireless client ‘proves’ that it knows the password by 
encrypting the password with the challenge and sends back the information. Password is not sent in 
plain text. 

However, MD5 authentication has some weaknesses. Since the authentication server needs to get 
the plaintext passwords, the passwords must be stored. Thus someone other than the 
authentication server may access the password file. In addition, it is possible to impersonate an 
authentication server as MD5 authentication method does not perform mutual authentication. 
Finally, MD5 authentication method does not support data encryption with dynamic session key. You 
must configure WEP encryption keys for data encryption. 

EAP-TLS (Transport Layer Security)

With EAP-TLS, digital certifications are needed by both the server and the wireless clients for 
mutual authentication. The server presents a certificate to the client. After validating the identity of 
the server, the client sends a different certificate to the server. The exchange of certificates is done 
in the open before a secured tunnel is created. This makes user identity vulnerable to passive 
attacks. A digital certificate is an electronic ID card that authenticates the sender’s identity. 
However, to implement EAP-TLS, you need a Certificate Authority (CA) to handle certificates, which 
imposes a management overhead. 

Содержание VMG4325-B10A

Страница 1: ...DSL2 4 port Bonding Combo WAN Gateway with HPNA Wireless N VDSL2 4 port Bonding Combo WAN Gateway with USB Copyright 2012 ZyXEL Communications Corporation Version 1 00 Edition 1 9 2012 Default Login Details LAN IP Address http 192 168 1 1 User Name admin Password 1234 ...

Страница 2: ...stems operating system versions or if you installed updated firmware software for your device Every effort has been made to ensure that the information in this manual is accurate Related Documentation Quick Start Guide The Quick Start Guide is designed to help you get up and running right away It contains information on setting up your network and configuring for Internet access Support Disc Refer...

Страница 3: ...55 Quality of Service QoS 161 Network Address Translation NAT 179 Dynamic DNS Setup 195 Interface Group 199 USB Service 205 Firewall 211 MAC Filter 221 Parental Control 223 Scheduler Rules 227 Certificates 229 Log 237 Traffic Status 241 ARP Table 245 Routing Table 247 IGMP Status 249 xDSL Statistics 251 User Account 255 Remote Management 257 TR 069 Client 259 TR 064 261 Time Settings 263 E mail No...

Страница 4: ...Contents Overview VMG4380 B10A VMG4325 B10A User s Guide 4 Troubleshooting 283 ...

Страница 5: ... 4 1 Internet Access 18 1 4 2 HomePNA 19 1 4 3 Device s USB Support 20 1 5 LEDs Lights 21 1 6 The RESET Button 22 1 7 Wireless Access 23 1 7 1 Using the WLAN WPS Button 23 Chapter 2 The Web Configurator 25 2 1 Overview 25 2 1 1 Accessing the Web Configurator 25 2 2 Web Configurator Layout 28 2 2 1 Title Bar 28 2 2 2 Main Window 29 2 2 3 Navigation Panel 29 Chapter 3 Quick Start 33 3 1 Overview 33 ...

Страница 6: ...er 55 4 9 Access Your Shared Files From a Computer 56 4 10 Using the Media Server Feature 57 4 10 1 Configuring the Device 57 4 10 2 Using Windows Media Player 57 4 10 3 Using a Digital Media Adapter 60 4 11 Using the Print Server Feature 62 Part II Technical Reference 69 Chapter 5 Network Map and Status Screens 71 5 1 Overview 71 5 2 The Network Map Screen 71 5 3 The Status Screen 72 Chapter 6 Br...

Страница 7: ...Channel Status Screen 119 7 10 Technical Reference 119 7 10 1 Wireless Network Overview 119 7 10 2 Additional Wireless Terms 121 7 10 3 Wireless Security Overview 121 7 10 4 Signal Problems 123 7 10 5 BSS 124 7 10 6 MBSSID 124 7 10 7 Preamble Type 125 7 10 8 Wireless Distribution System WDS 125 7 10 9 WiFi Protected Setup WPS 125 Chapter 8 Home Networking 133 8 1 Overview 133 8 1 1 What You Can Do...

Страница 8: ... Service QoS 161 10 1 Overview 161 10 1 1 What You Can Do in this Chapter 161 10 2 What You Need to Know 162 10 3 The Quality of Service General Screen 163 10 4 The Queue Setup Screen 164 10 4 1 Adding a QoS Queue 166 10 5 The Class Setup Screen 166 10 5 1 Add Edit QoS Class 168 10 6 The QoS Policer Setup Screen 171 10 6 1 Add Edit a QoS Policer 172 10 7 The QoS Monitor Screen 173 10 8 Technical R...

Страница 9: ...To Know 196 12 2 The DNS Entry Screen 196 12 2 1 Add Edit DNS Entry 197 12 3 The Dynamic DNS Screen 197 Chapter 13 Interface Group 199 13 1 Overview 199 13 1 1 What You Can Do in this Chapter 199 13 2 The Interface Group Screen 199 13 2 1 Interface Group Configuration 200 13 2 2 Interface Grouping Criteria 202 Chapter 14 USB Service 205 14 1 Overview 205 14 1 1 What You Can Do in this Chapter 205 ...

Страница 10: ... Add Edit a Parental Control Rule 224 Chapter 18 Scheduler Rules 227 18 1 Overview 227 18 2 The Scheduler Rules Screen 227 18 2 1 Add Edit a Schedule 228 Chapter 19 Certificates 229 19 1 Overview 229 19 1 1 What You Can Do in this Chapter 229 19 2 What You Need to Know 229 19 3 The Local Certificates Screen 230 19 3 1 Create Certificate Request 231 19 3 2 Load Signed Certificate 232 19 4 The Trust...

Страница 11: ...rks 245 22 2 ARP Table Screen 245 Chapter 23 Routing Table 247 23 1 Overview 247 23 2 The Routing Table Screen 247 Chapter 24 IGMP Status 249 24 1 Overview 249 24 2 The IGMP Group Status Screen 249 Chapter 25 xDSL Statistics 251 25 1 The xDSL Statistics Screen 251 Chapter 26 User Account 255 26 1 Overview 255 26 2 The User Account Screen 255 Chapter 27 Remote Management 257 27 1 Overview 257 27 2 ...

Страница 12: ...tification Edit 268 Chapter 32 Logs Setting 269 32 1 Overview 269 32 2 The Log Settings Screen 269 32 2 1 Example E mail Log 270 Chapter 33 Firmware Upgrade 273 33 1 Overview 273 33 2 The Firmware Screen 273 Chapter 34 Configuration 275 34 1 Overview 275 34 2 The Configuration Screen 275 34 3 The Reboot Screen 277 Chapter 35 Diagnostic 278 35 1 Overview 278 35 1 1 What You Can Do in this Chapter 2...

Страница 13: ... Internet Access 286 36 4 Wireless Internet Access 287 36 5 USB Device Connection 288 36 6 UPnP 288 Appendix A Setting up Your Computer s IP Address 291 Appendix B IP Addresses and Subnetting 313 Appendix C Pop up Windows JavaScripts and Java Permissions 321 Appendix D Wireless LANs 331 Appendix E IPv6 345 Appendix F Services 353 Appendix G Legal Information 357 Index 361 ...

Страница 14: ...Table of Contents VMG4380 B10A VMG4325 B10A User s Guide 14 ...

Страница 15: ...15 PART I User s Guide ...

Страница 16: ...16 ...

Страница 17: ...dditional wiring The VMG4380 B10A models also include Home Phoneline VMG4380 B10A has Home Phoneline Networking Alliance HPNA capability Only use firmware for your Device s specific model Refer to the label on the bottom of your Device The Device has a USB port used to share files via a USB memory stick or a USB hard drive 1 2 Ways to Manage the Device Use any of the following methods to manage th...

Страница 18: ...rovides shared Internet access by connecting the DSL port to the DSL or MODEM jack on a splitter or your telephone jack You can have multiple WAN services over one ADSL or VDSL The Device cannot work in ADSL and VDSL mode at the same time Note The ADSL and VDSL lines share the same WAN layer 2 interfaces that you configure in the Device Refer to Section 6 2 on page 79 for the Network Setting Broad...

Страница 19: ...Alliance also known as HPNA 3 1 a home networking technology for carrying data over existing coaxial cables and telephone wiring The figure below shows your Device A connecting to a phone line outlet for DSL Internet access and a coaxial outlet to relay Internet connectivity to other coaxial outlets in the building The laptop B connects wirelessly to the Device The set up box C connects into a coa...

Страница 20: ... or a USB hard drive B You can connect one USB hard drive to the Device at a time Use FTP to access the files on the USB device Figure 3 USB File Sharing Application Media Server You can also use the Device as a media server This lets anyone on your network play video music and photos from a USB device B connected to the Device s USB port without having to copy them to another computer Figure 4 US...

Страница 21: ...On The Device is receiving power and ready for use Blinking The Device is self testing Red On The Device detected an error while self testing or there is a device malfunction Off The Device is not receiving power Blinking Firmware upgrade is in progress ETHERNET LAN 1 4 Green On The Device has a successful Ethernet connection with a device on the Local Area Network LAN Blinking The Device is sendi...

Страница 22: ...s down INTERNET Green On The Device has an IP connection but no traffic Your device has a WAN IP address either static or assigned by a DHCP server PPP negotiation was successfully completed if used and the DSL connection is up Blinking The Device is sending or receiving IP traffic Off There is no Internet connection or the gateway is in bridged mode USB Green On The Device recognizes a USB connec...

Страница 23: ...WLAN WPS Button If the wireless network is turned off press the WLAN WPS button at the back of the Device for one second Once the WLAN WPS LED turns green the wireless network is active You can also use the WLAN WPS button to quickly set up a secure wireless connection between the Device and a WPS compatible client by adding one device at a time To activate WPS 1 Make sure the POWER LED is on and ...

Страница 24: ...Chapter 1 Introducing the Device VMG4380 B10A VMG4325 B10A User s Guide 24 ...

Страница 25: ...s In order to use the web configurator you need to allow Web browser pop up windows from your device Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 JavaScript enabled by default Java permissions enabled by default See Appendix C on page 321 if you need to make sure these functions are allowed in Internet Explorer 2 1 1 Accessing the Web Configurator 1 Make sure your Devi...

Страница 26: ...sword field from knowing the length of your password If you have changed the password enter your password and click Login Figure 7 Password Screen 4 The following screen displays if you have not yet changed your password It is strongly recommended you change the default password Enter a new password retype it to confirm and click Apply alternatively click Skip to proceed to the main menu if you do...

Страница 27: ...MG4325 B10A User s Guide 27 6 After you finished or closed the Quick Start Wizard screen the Network Map page appears Figure 9 Network Map 7 Click Status to display the Status screen where you can view the Device s interface and system information ...

Страница 28: ...User s Guide 28 2 2 Web Configurator Layout Figure 10 Screen Layout As illustrated above the main screen is divided into these parts A title bar B main window C navigation panel 2 2 1 Title Bar The title bar provides some icons in the upper right corner B C A ...

Страница 29: ...tatus of the Device s ports The connected ports are in color and disconnected ports are gray Figure 11 Virtual Device 2 2 3 Navigation Panel Use the menu items on the navigation panel to open screens to configure Device features The following tables describe each menu item Table 2 Web Configurator Icons in the Title Bar ICON DESCRIPTION Quick Start Click this icon to open screens where you can con...

Страница 30: ...this screen to configure advanced wireless settings Channel Use this screen to scan wireless LAN channel noises and view the results Home Networking LAN Setup Use this screen to configure LAN TCP IP settings and other advanced properties Static DHCP Use this screen to assign specific IP addresses to individual MAC addresses UPnP Use this screen to turn UPnP and UPnP NAT T on or off Additional Subn...

Страница 31: ...his screen to enable specific traffic directions for network services DoS Use this screen to activate protection against Denial of Service DoS attacks MAC Filter Use this screen to block or allow traffic from devices of certain MAC addresses to the Device Parental Control Use this screen to block web sites with the specific URL Scheduler Rule Use this screen to configure the days and times when a ...

Страница 32: ...en to change your Device s log settings Firmware Upgrade Use this screen to upload firmware to your device Configuration Use this screen to backup and restore your device s configuration settings or reset the factory default settings Reboot Use this screen to reboot the Device without turning the power off Diagnostic Ping Traceroute Nslookup Use this screen to identify problems with the DSL connec...

Страница 33: ...e the technical reference chapters starting on page 69 for background information on the features in this chapter 3 2 Quick Start Setup 1 The Quick Start Wizard appears automatically after login Or you can click the Click Start icon in the top right corner of the web configurator to open the quick start screens Select the time zone of the Device s location and click Next Figure 12 Time Zone ...

Страница 34: ...ary depending on your current connection type Click Next Click Next Figure 13 Internet Connection 3 Turn the wireless LAN on or off If you keep it on record the security settings so you can configure your wireless clients to connect to the Device Click Save Figure 14 Internet Connection 4 Your Device saves your settings and attempts to connect to the Internet ...

Страница 35: ...r Shared Files From a Computer see page 56 Using the Media Server Feature see page 57 Using the Print Server Feature see page 62 4 2 Setting Up an ADSL PPPoE Connection This tutorial shows you how to set up your Internet connection using the Web Configurator If you connect to the Internet through an ADSL connection use the information from your Internet Service Provider ISP to configure the Device...

Страница 36: ...vice provider 5 Configure this rule as your default Internet connection by selecting the Apply as Default Gateway check box Then select DNS as Static and enter the DNS server addresses provided to you such as 192 168 5 2 DNS server1 192 168 5 1 DNS server2 6 Leave the rest of the fields to the default settings Connection Mode Routing Encapsulation PPPoE IPv6 IPv4 Mode IPv4 ATM PVC Configuration VP...

Страница 37: ...Chapter 4 Tutorials VMG4380 B10A VMG4325 B10A User s Guide 37 7 Click Apply to save your settings ...

Страница 38: ...that he can use his notebook to access the Internet In this wireless network the Device serves as an access point AP and the notebook is the wireless client The wireless client can access the Internet through the AP Thomas has to configure the wireless network settings on the Device Then he can set up a wireless network using WPS Section 4 3 2 on page 40 or manual configuration Section 4 3 3 on pa...

Страница 39: ...re the screen using the provided parameters see page 38 Click Apply 2 Go to the Wireless Others screen and select 802 11b g n Mixed in the 802 11 Mode field Click Apply Thomas can now use the WPS feature to establish a wireless connection between his notebook and the Device see Section 4 3 2 on page 40 He can also use the notebook s wireless client to search for the Device see Section 4 3 3 on pag...

Страница 40: ... Number PIN on the Device A wireless client must also use the same PIN in order to download the wireless network settings from the Device Push Button Configuration PBC 1 Make sure that your Device is turned on and your notebook is within the cover range of the wireless signal 2 Make sure that you have installed the wireless client driver and utility in your notebook 3 In the wireless client utilit...

Страница 41: ...econd button within two minutes of pressing the first one The Device sends the proper configuration settings to the wireless client This may take up to two minutes The wireless client is then able to communicate with the Device securely The following figure shows you an example of how to set up a wireless network and its security by pressing a button on both Device and wireless client Example WPS ...

Страница 42: ...get a PIN number 2 Log into Device s web configurator and go to the Network Setting Wireless WPS screen Enable the WPS function and click Apply 3 Enter the PIN number of the wireless client and click the Register button Activate WPS function on the wireless client utility screen within two minutes The Device authenticates the wireless client and sends the proper configuration settings to the wirel...

Страница 43: ... the wireless adapter s utility installed on the notebook to search for the Example SSID Then enter the DoNotStealMyWirelessNetwork pre shared key to establish an wireless Internet connection Note The Device supports IEEE 802 11b and IEEE 802 11g wireless clients Make sure that your notebook or computer s wireless adapter supports one of these standards Authentication by PIN SECURITY INFO WITHIN 2...

Страница 44: ...ompany A will use a general Company wireless network group Higher management level and important visitors will use the VIP group Visiting guests will use the Guest group which has a lower security mode Company A will use the following parameters to set up the wireless network groups COMPANY VIP GUEST SSID Company VIP Guest Security Level More Secure More Secure Basic Security Mode WPA2 PSK WPA2 PS...

Страница 45: ... open the General screen Use this screen to set up the company s general wireless network group Configure the screen using the provided parameters and click Apply 2 Click Network Setting Wireless More AP to open the following screen Click the Edit icon to configure the second wireless network group ...

Страница 46: ... Tutorials VMG4380 B10A VMG4325 B10A User s Guide 46 3 Configure the screen using the provided parameters and click Apply 4 In the More AP screen click the Edit icon to configure the third wireless network group ...

Страница 47: ...Static Route for Routing to Another Network In order to extend your Intranet and control traffic flowing directions you may connect a router to the Device s LAN The router may be used to separate two department networks This tutorial shows how to configure a static routing rule for two network routings In the following figure router R is connected to the Device s LAN R connects to two networks N1 ...

Страница 48: ...ting rule on the Device to specify R as the router in charge of forwarding traffic to N2 In this case the Device routes traffic from A to R and then R routes the traffic to B This tutorial uses the following example IP settings Table 4 IP Settings in this Tutorial DEVICE COMPUTER IP ADDRESS The Device s WAN 172 16 1 1 The Device s LAN 192 168 1 1 IP Type IPv4 Use Interface ADSL atm0 A 192 168 1 34...

Страница 49: ...ve check box Enter the Route Name as R 4b Set IP Type to IPv4 4c Type 192 168 10 0 and subnet mask 255 255 255 0 for the destination N2 4d Select Enable in the Use Gateway IP Address field Type 192 168 1 253 R s N1 address in the Gateway IP Address field 4e Select ADSL atm0 as the Use Interface 4a Click OK Now B should be able to receive traffic from A You may need to additionally configure B s fi...

Страница 50: ...transmission bandwidth of 10 000 kbps For this example you want to configure QoS so that e mail traffic gets the highest priority with at least 5 000 kbps You can do the following Configure a queue to assign the highest priority queue 1 to e mail traffic going to the WAN interface so that e mail traffic would not get delayed when there is network congestion Note the IP address 192 168 1 23 for exa...

Страница 51: ...0 000 kbps or leave this blank to have the Device automatically determine this figure Click Apply Tutorial Advanced QoS 2 Click Queue Setup Add new Queue to create a new queue In the screen that opens check Active and enter or select the following values Name E mail Interface WAN Priority 1 High Weight 8 Rate Limit 5 000 kbps Tutorial Advanced QoS Queue Setup ...

Страница 52: ...e This is the interface from which the traffic will be coming from Select LAN1 for this example Ether Type Select IP to identify the traffic source by its IP address or MAC address IP Address Type the IP address of your computer 192 168 1 23 Type the IP Subnet Mask if you know it MAC Address Type the MAC address of your computer AA FF AA FF AA FF Type the MAC Mask if you know it To Queue Index Lin...

Страница 53: ...using a domain name To use this feature you have to apply for DDNS service at www dyndns org This tutorial covers Registering a DDNS Account on www dyndns org Configuring DDNS on Your Device Testing the DDNS Setting Note If you have a private WAN IP address then you cannot use DDNS 4 7 1 Registering a DDNS Account on www dyndns org 1 Open a browser and type http www dyndns org 2 Apply for a user a...

Страница 54: ...ype zyxelrouter dyndns org in the Host Name field Enter the user name UserName1 and password 12345 Click Apply 4 7 3 Testing the DDNS Setting Now you should be able to access the Device from the Internet To test this 1 Open a web browser on the computer using the IP address a b c d that is connected to the Internet 2 Type http zyxelrouter dyndns org and press Enter 3 The Device s login page should...

Страница 55: ...ncentrate on preparing for her final exams Josephine s computer connects wirelessly to the Internet through the Device Thomas decides to use the Security MAC Filter screen to grant wireless network access to his computer but not to Josephine s computer 1 Click Security MAC Filter to open the MAC Filter screen Select the Enable check box to activate MAC filter function 2 Select Allow Then enter the...

Страница 56: ...Files From a Computer Here is how to use an FTP program to access a file storage device connected to the Device s USB port Note This example uses the FileZilla FTP program to browse your shared files 1 In FileZilla enter the IP address of the Device the default is 192 168 1 1 your account s user name and password and port 21 and click Quickconnect A screen asking for password authentication appear...

Страница 57: ...the correct hardware connections Before you begin connect the USB storage device containing the media files you want to play to the USB port of your Device 4 10 1 Configuring the Device Note The Media Server feature is enabled by default To use your Device as a media server click Network Setting Home Networking Media Server Tutorial USB Services Media Server Check Enable Media Server and click App...

Страница 58: ...de 58 Windows Vista 1 Open Windows Media Player and click Library Media Sharing as follows Tutorial Media Sharing using Windows Vista 2 Check Find media that others are sharing in the following screen and click OK Tutorial Media Sharing using Windows Vista 2 ...

Страница 59: ...ta 3 The Device displays as a playlist Clicking on the category icons in the right panel shows you the media files in the USB storage device attached to your Device Windows 7 1 Open Windows Media Player It should automatically detect the Device Tutorial Media Sharing using Windows 7 1 If you cannot see the Device in the left panel as shown above right click Other Libraries Refresh Other Libraries ...

Страница 60: ...ou should see a list of files available in the USB storage device Tutorial Media Sharing using Windows 7 2 4 10 3 Using a Digital Media Adapter This section shows you how you can use the Device with a ZyXEL DMA 2500 to play media files stored in the USB storage device in your TV screen Note For this tutorial your DMA 2500 should already be set up with the TV according to the instructions in the DM...

Страница 61: ...ome screen to appear Using the remote control go to MyMedia to open the following screen Select the Device as your media server Tutorial Media Sharing using DMA 2500 3 The screen shows you the list of available media files in the USB storage device Select the file you want to open and push the Play button in the remote control Tutorial Media Sharing using DMA 2500 2 DMA 2500 ZyXEL Device USB Stora...

Страница 62: ...nter to one of the USB ports on the Device and then adding the printer on the computers connected to your network In this section you can Add a New Printer Using Windows Add a New Printer Using Macintosh OS X Add a New Printer Using Windows This example shows how to connect a printer to your Device using the Windows 7 operating system Some menu items may look different on your operating system ...

Страница 63: ...3 1 Click Start Control Panel Devices and Printers to open the Devices and Printers screen Click Add a printer Tutorial Printers Folder 2 The Add Printer wizard screen displays Click Add a network wireless or Bluetooth printer Tutorial Add Printer Wizard Welcome ...

Страница 64: ...Chapter 4 Tutorials VMG4380 B10A VMG4325 B10A User s Guide 64 3 Click The printer that I want isn t listed Tutorial Add Printer Wizard Welcome ...

Страница 65: ...ncludes the printer driver If not please install the driver from the CD included with your printer or by downloading it from the printer vendor s website 6 After the printer driver installs successfully choose if you want to set this printer to be the default Add a New Printer Using Macintosh OS X Complete the following steps to set up a print server driver on your Macintosh computer 1 Click the P...

Страница 66: ...ble click the Applications folder Tutorial Macintosh HD folder 4 Double click the Utilities folder Tutorial Applications Folder 5 Double click the Print Center icon Tutorial Utilities Folder 6 Click the Add icon at the top of the screen Tutorial Printer List Folder 7 Set up your printer in the Printer List configuration screen Select IP Printing from the drop down list box ...

Страница 67: ...ueue Name field 11 Select your Printer Model from the drop down list box If the printer s model is not listed select Generic Tutorial Printer Configuration 12 Click Add to select a printer model save and close the Printer List configuration screen Tutorial Printer Model 13 The Name LP1 on 192 168 1 1 displays in the Printer List field The default printer Name displays in bold type Tutorial Print S...

Страница 68: ...Chapter 4 Tutorials VMG4380 B10A VMG4325 B10A User s Guide 68 Your Macintosh print server driver setup is complete You can now use the Device s print server to print from a Macintosh computer ...

Страница 69: ...69 PART II Technical Reference ...

Страница 70: ...70 ...

Страница 71: ... current status of the Device system resources and interfaces LAN WAN and WLAN 5 2 The Network Map Screen Use this screen to view the network connection status of the device and its clients A warning message appears if there is a connection problem If you prefer to view the status in a list click List View in the Viewing Mode selection box You can configure how often you want the Device to update ...

Страница 72: ...nt click the client s name and Info Click the IP address if you want to change it If you want to change the name or icon of the client click Change icon name In List Mode you can also view the client s information 5 3 The Status Screen Use this screen to view the status of the Device Click Status to open this screen Figure 17 Status Screen ...

Страница 73: ...isplays what DHCP services the Device is providing to the LAN Choices are Server The Device is a DHCP server in the LAN It assigns IP addresses to other computers in the LAN Relay The Device acts as a surrogate DHCP server and relays DHCP requests and responses between the remote server and the clients None The Device is not providing any DHCP services to the LAN MAC Address This shows the LAN Eth...

Страница 74: ...ou want some applications to have more throughput you should turn off other applications for example using QoS see Chapter 10 on page 161 Memory Usage This field displays what percentage of the Device s memory is currently used Usually this percentage should not increase much If memory usage does get close to 100 the Device is probably becoming unstable and you should restart the device See Sectio...

Страница 75: ...th computers in other locations Figure 18 LAN and WAN 3G third generation standards for the sending and receiving of voice video and data in a mobile environment You can attach a 3G wireless adapter to the USB port and set the Device to use this 3G connection as your WAN or a backup when the wired WAN connection fails Figure 19 3G WAN Connection 6 1 1 What You Can Do in this Chapter Use the Broadb...

Страница 76: ...It is used by the Device to communicate with other devices in other networks It can be static fixed or dynamically assigned by the ISP each time the Device tries to access the Internet If your ISP assigns you a static WAN IP address they should also assign you the subnet mask and DNS server IP address es ATM Asynchronous Transfer Mode ATM is a WAN networking technology that provides high speed dat...

Страница 77: ...4 x 1038 IP addresses The Device can use IPv4 IPv6 dual stack to connect to IPv4 and IPv6 networks and supports IPv6 rapid deployment 6RD IPv6 Addressing The 128 bit IPv6 address is written as eight 16 bit hexadecimal blocks separated by colons This is an example IPv6 address 2001 0db8 1a2b 0015 0000 0000 1a2f 0000 IPv6 addresses can be abbreviated in two ways Leading zeros in a block can be omitt...

Страница 78: ... its IPv4 WAN address and tunnels IPv6 traffic to the ISP s Border Relay router BR in the figure to connect to the native IPv6 Internet The local network can also use IPv4 services The Device uses it s configured IPv4 WAN IP to route IPv4 traffic to the IPv4 Internet Figure 20 IPv6 Rapid Deployment Dual Stack Lite Use Dual Stack Lite when local network computers use IPv4 and the ISP has an IPv6 ne...

Страница 79: ...nections on the Device Figure 22 Network Setting Broadband The following table describes the labels in this screen ISP IPv6 IPv6 Internet IPv6 AFTR IPv4 in IPv6 IPv4 Internet IPv6 IPv4 LAN IPv6 IPv4 WAN IPv6 IPv4 in IPv6 Table 7 Network Setting Broadband LABEL DESCRIPTION Add new WAN Interface Click this button to create a new connection This is the index number of the entry Name This is the servi...

Страница 80: ...is shows whether NAT is activated or not for this connection Default Gateway This shows whether the Device use the WAN interface of this connection as the system default gateway IPv6 This shows whether IPv6 is activated or not for this connection IPv6 is not available when the connection uses the bridging service MLD Proxy This shows whether Multicast Listener Discovery MLD is activated or not for...

Страница 81: ...g mode if your ISP give you one IP address only and you want multiple computers to share an Internet account The following example screen displays when you select the ADSL over ATM connection type Routing mode and PPPoE encapsulation The screen varies when you select other interface type encapsulation and IPv6 IPv4 mode Figure 23 Routing Mode The following table describes the labels in this screen...

Страница 82: ...ust one PPPoA connection over a PVC IP over ATM IPoA IPoA allows just one RFC 1483 routing connection over a PVC If your connection type is ADSL VDSL over PTM or Ethernet the choices are PPPoE and IPoE If your connection type is ADSL over ATM the choices are PPPoE PPPoA IPoE and IPoA IPv6 IPv4 Mode Select IPv4 Only if you want the Device to run IPv4 only Select IPv6 IPv4 DualStack to allow the Dev...

Страница 83: ...t require closely controlled delay and delay variation Select Realtime VBR real time Variable Bit Rate for applications with bursty connections that require closely controlled delay and delay variation Peak Cell Rate Divide the DSL line rate bps by 424 the size of an ATM cell to find the Peak Cell Rate PCR This is the maximum rate at which the sender can send cells Type the PCR here This field is ...

Страница 84: ...etwork layer protocol used to establish membership in a Multicast group it is not used to carry user data Select this option to have the Device act as an IGMP proxy on this connection This allows the Device to get subscribing information and maintain a joined member list for each multicast group It can reduce multicast traffic significantly Apply as Default Gateway Select this option to have the D...

Страница 85: ... IPv4 Only See IPv6 Rapid Deployment on page 78 for more information Enable 6RD Enable IPv6 rapid deployment to tunnel IPv6 traffic from the local network through the ISP s IPv4 network 6RD Type Select Static if you have the IPv4 address of the relay server otherwise select DHCP to have the Device detect it automatically through DHCP 6RD Border Relay Server IP When you set the 6RD Type to Static s...

Страница 86: ...Enter the MTU Maximum Transfer Unit size for this traffic Apply Click Apply to save your changes back to the Device Cancel Click Cancel to exit this screen without saving Table 8 Routing Mode continued LABEL DESCRIPTION Table 9 Bridge Mode ADSL VDSL over PTM LABEL DESCRIPTION General Active Select this to activate the WAN configuration settings Name Enter a service name of the connection Type Sele...

Страница 87: ...el from 0 to 7 to add to traffic through this connection The greater the number the higher the priority level 802 1q Type the VLAN ID number from 0 to 4094 for traffic through this connection QoS Rate Limit Enter the rate limit for the connection This is the maximum transmission rate allowed for traffic on this connection Apply Click Apply to save your changes Cancel Click Cancel to exit this scre...

Страница 88: ...g between a VC and the type of the network protocol carried on the VC This reduces payload overhead since there is no need to carry protocol information in each Protocol Data Unit PDU payload LLC ENCAPSULATION More than one protocol can be carried over the same VC This is available only when you select PPPoA in the Encapsulation field LLC SNAP ROUTING In LCC encapsulation an IEEE 802 2 Logical Lin...

Страница 89: ...ngs Click Network Setting Broadband 3G Backup Rate Limit Enter the rate limit for the connection This is the maximum transmission rate allowed for traffic on this connection Apply Click Apply to save your changes Cancel Click Cancel to exit this screen without saving Table 10 Bridge Mode ADSL over ATM continued LABEL DESCRIPTION ...

Страница 90: ...380 B10A VMG4325 B10A User s Guide 90 Note The actual data rate you obtain varies depending the 3G card you use the signal strength to the service provider s base station and so on Figure 26 Network Setting Broadband 3G Backup ...

Страница 91: ...s a key to a 3G card Without the PIN code you cannot use the 3G card If your ISP enabled PIN code authentication enter the 4 digit PIN code 0000 for example provided by your ISP If you enter the PIN code incorrectly the 3G card may be blocked by your ISP and you cannot use the account to access the Internet If your ISP disabled PIN code authentication leave this field blank Dial string Enter the p...

Страница 92: ... the Device resets the statistics Data Budget kPackets Select this and specify how much downstream and or upstream data in k Packets can be transmitted via the 3G connection within one month Select Download Upload to set a limit on the total traffic in both directions Select Download to set a limit on the downstream traffic from the ISP to the Device Select Upload to set a limit on the upstream tr...

Страница 93: ... on the DSL type its standard profile and the standard profile that the DSLAM supports The table below shows the transmission data rate for single DSL line and DSL bonding Actions when over budget Specify the actions the Device takes when the time or data limit is exceeded Current 3G connection Select Keep to maintain an existing 3G connection or Drop to disconnect it Enable Email Notification Sel...

Страница 94: ... is re established the Device automatically switches back to VDSL You must enable DSL bonding in order to use ADSL fallback Click Network Setting Broadband Advanced to display the following screen Figure 27 Network Setting Broadband Advanced The following table describes the labels in this screen ITEM VDSL2 VDSL BONDING ADSL2 ADSL 2 BONDING PROFILE STANDARD G993 2 Profile 17a G993 2 Profile 12a G ...

Страница 95: ... support PhyR and have it enabled Apply Click Apply to save your changes back to the Device Cancel Click Cancel to return to the previous configuration Table 13 Network Setting Network Setting Broadband continued LABEL DESCRIPTION Table 14 Network Setting Network Setting 8021x LABEL DESCRIPTION This is the index number of the entry Status This field displays whether the authentication is active or...

Страница 96: ...entication Select this to enable the authentication Clear this to disable this authentication without having to delete the entry Interface Select the interface that uses the authentication EAP Identity Enter the EAP identity of the authentication EAP method This is the EAP method used for this authentication Enable Bidirectional Authentication Select this to allow bidirectional authentication Cert...

Страница 97: ...r Please refer to RFC 2364 for more information on PPPoA Refer to RFC 1661 for more information on PPP PPP over Ethernet PPPoE Point to Point Protocol over Ethernet PPPoE provides access control and billing functionality in a manner similar to dial up services using PPP PPPoE is an IETF standard RFC 2516 specifying how a personal computer PC interacts with a broadband modem DSL cable wireless etc ...

Страница 98: ...e of an VBR nRT connection would be non time sensitive data file transfers Unspecified Bit Rate UBR The Unspecified Bit Rate UBR ATM traffic class is for bursty data transfers However UBR doesn t guarantee any bandwidth and only delivers traffic when the network has spare bandwidth An example application is background file transfer IP Address Assignment A static IP is a fixed IP that your ISP give...

Страница 99: ...ions are 4 094 Multicast IP packets are transmitted in either one of two ways Unicast 1 sender 1 recipient or Broadcast 1 sender everybody on the network Multicast delivers IP packets to a group of hosts on the network not everybody and not just 1 Internet Group Multicast Protocol IGMP is a network layer protocol used to establish membership in a Multicast group it is not used to carry user data I...

Страница 100: ...d in two ways Leading zeros in a block can be omitted So 2001 0db8 1a2b 0015 0000 0000 1a2f 0000 can be written as 2001 db8 1a2b 15 0 0 1a2f 0 Any number of consecutive blocks of zeros can be replaced by a double colon A double colon can only appear once in an IPv6 address So 2001 0db8 0000 0000 1a2f 0000 0000 0015 can be written as 2001 0db8 1a2f 0000 0000 0015 2001 0db8 0000 0000 1a2f 0015 2001 ...

Страница 101: ...uthentication screen to allow or deny wireless clients based on their MAC addresses from connecting to the Device Section 7 4 on page 111 Use the WPS screen to enable or disable WPS view or generate a security PIN Personal Identification Number Section 7 5 on page 112 Use the WMM screen to enable Wi Fi MultiMedia WMM to ensure quality of service in wireless networks for multimedia applications Sec...

Страница 102: ...not require a license to use However wireless networking is different from that of most traditional radio communications in that there a number of wireless networking standards available with different methods of data encryption Finding Out More See Section 7 10 on page 119 for advanced technical information on wireless networks 7 2 The General Screen Use this screen to enable the Wireless LAN ent...

Страница 103: ... wireless band which this radio profile is using 2 4GHz is the frequency used by IEEE 802 11b g n wireless clients Channel Set the channel depending on your particular region Select a channel or use Auto to have the Device automatically determine a channel to use If you are having problems with wireless interference changing the channel may help Try to use a channel that is as many channels away f...

Страница 104: ...ers and numbers and is case sensitive Wireless Network Settings Wireless Network Name SSID The SSID Service Set IDentity identifies the service set with which a wireless device is associated Wireless devices associating to the access point AP must have the same SSID Enter a descriptive name up to 32 English keyboard characters for the wireless LAN Hide SSID Select this check box to hide the SSID i...

Страница 105: ...be broken by an attacker using widely available software It is strongly recommended that you use a more effective security mechanism Use the strongest security mechanism that all the wireless devices in your network support For example use WPA PSK or WPA2 PSK if all your wireless devices support it or use WPA or WPA2 if your wireless devices support it and you have a RADIUS server If your wireless...

Страница 106: ... field will not be configurable when you select this option Password 1 4 The password WEP keys are used to encrypt data Both the Device and the wireless stations must use the same password WEP key for data transmission If you chose 64 bit WEP then enter any 5 ASCII characters or 10 hexadecimal characters 0 9 A F If you chose 128 bit WEP then enter 13 ASCII characters or 26 hexadecimal characters 0...

Страница 107: ...s screen Table 19 Wireless General More Secure WPA 2 PSK LABEL DESCRIPTION Security Level Select More Secure to enable WPA 2 PSK data encryption Security Mode Select WPA PSK or WPA2 PSK from the drop down list box Generate password automatically Select this option to have the Device automatically generate a password The password field will not be configurable when you select this option Password T...

Страница 108: ...s Click Network Setting Wireless to display the General screen Select More Secure as the security level Then select WPA or WPA2 from the Security Mode list Figure 34 Wireless General More Secure WPA 2 The following table describes the labels in this screen Encryption Select the encryption type AES or TKIP AES for data encryption Select AES if your wireless clients can all use AES Select TKIP AES t...

Страница 109: ...ick less to hide them WPA Compatible This field is only available for WPA2 Select this if you want the Device to support WPA and WPA2 simultaneously Encryption Select the encryption type AES or TKIP AES for data encryption Select AES if your wireless clients can all use AES Select TKIP AES to allow the wireless clients to use either TKIP or AES WPA2 Pre Authentication This field is available only ...

Страница 110: ...fies that this SSID is active A gray bulb signifies that this SSID is not active SSID An SSID profile is the set of parameters relating to one of the Device s BSSs The SSID Service Set IDentifier identifies the Service Set with which a wireless device is associated This field displays the name of the wireless profile on the network When a wireless client scans for an AP to associate with this is t...

Страница 111: ...ce Set IDentity identifies the service set with which a wireless device is associated Wireless devices associating to the access point AP must have the same SSID Enter a descriptive name up to 32 English keyboard characters for the wireless LAN Hide SSID Select this check box to hide the SSID in the outgoing beacon frame so a station cannot obtain the SSID through scanning using a site survey tool...

Страница 112: ...r settings MAC Restrict Mode Define the filter action for the list of MAC addresses in the MAC Address table Select Disable to turn off MAC filtering Select Deny to block access to the Device MAC addresses not listed will be allowed to access the Device Select Allow to permit access to the Device MAC addresses not listed will be denied access to the Device Add new MAC address Click this if you wan...

Страница 113: ...Connect Click this button to add another WPS enabled wireless device within wireless range of the Device to your wireless network This button may either be a physical button on the outside of device or a menu button similar to the Connect button on this screen Note You must press the other wireless device s WPS button within two minutes of pressing this button Method 2 Use this section to set up a...

Страница 114: ...pply to save your changes Cancel Click Cancel to restore your previously saved settings Table 24 Network Setting Wireless WPS continued LABEL DESCRIPTION Table 25 Network Setting Wireless WMM LABEL DESCRIPTION WMM Select On to have the Device automatically give a service a priority level according to the ToS value in the IP header of packets it sends WMM QoS Wifi MultiMedia Quality of Service give...

Страница 115: ... clients Note At the time of writing WDS is compatible with other ZyXEL APs only Not all models support WDS links Check your other AP s documentation Click Network Setting Wireless WDS The following screen displays Figure 40 Network Setting Wireless WDS The following table describes the labels in this screen Table 26 Network Setting Wireless WDS LABEL DESCRIPTION Wireless Bridge Setup AP Mode Sele...

Страница 116: ...ify Click the Edit icon and type the MAC address of the peer device in a valid MAC address format six hexadecimal character pairs for example 12 34 56 78 9a bc Click the Delete icon to remove this entry Scan Click the Scan icon to search and display the available APs within range Apply Click Apply to save your changes Cancel Click Cancel to restore your previously saved settings Table 26 Network S...

Страница 117: ...en specify the interval in minutes for how often the Device scans for the best channel Enter 0 to disable the periodical scan Output Power Set the output power of the Device If there is a high density of APs in an area decrease the output power to reduce interference with other APs Select one of the following 20 40 60 80 or 100 Beacon Interval When a wirelessly networked device sends a beacon it i...

Страница 118: ...ate of your Device might be reduced 802 11 Protection Enabling this feature can help prevent collisions in mixed mode networks networks with both IEEE 802 11b and IEEE 802 11g traffic Select Auto to have the wireless devices transmit data after a RTS CTS handshake This helps improve IEEE 802 11g performance Select Off to disable 802 11 protection The transmission rate of your Device might be reduc...

Страница 119: ... 7 10 Technical Reference This section discusses wireless LANs in depth For more information see Appendix D on page 331 7 10 1 Wireless Network Overview Wireless networks consist of wireless clients access points and bridges A wireless client is a radio connected to a user s computer An access point is a radio with a wired connection to a network which can connect with numerous wireless clients an...

Страница 120: ...ice is the AP Every wireless network must follow these basic guidelines Every device in the same wireless network must use the same SSID The SSID is the name of the wireless network It stands for Service Set IDentifier If two wireless networks overlap they should use a different channel Like radio stations or television channels each wireless network uses a specific channel or frequency to send an...

Страница 121: ...ch as the old Wired Equivalent Protocol WEP Using WEP is better than using no security at all but it will not keep a determined attacker out Other security standards are secure in themselves but can be broken if a user does not use them properly For example the WPA PSK security standard is very secure if you use a long key which is difficult for an attacker s software to guess for example a twenty...

Страница 122: ...ample 00A0C5000002 or 00 A0 C5 00 00 02 To get the MAC address for each device in the wireless network see the device s User s Guide or other documentation You can use the MAC address filter to tell the Device which devices are allowed or not allowed to use the wireless network If a device is allowed to use the wireless network it still has to have the correct information SSID channel and security...

Страница 123: ...t is recommended that wireless networks use WPA PSK WPA or stronger encryption The other types of encryption are better than none at all but it is still possible for unauthorized wireless devices to figure out the original information pretty quickly When you select WPA2 or WPA2 PSK in your Device you can also select an option WPA compatible to support WPA as well In this case if some of the device...

Страница 124: ...nd communicate with each other When Intra BSS traffic blocking is enabled wireless station A and B can still access the wired network but cannot communicate with each other Figure 45 Basic Service set 7 10 6 MBSSID Traditionally you need to use different APs to configure different Basic Service Sets BSSs As well as the cost of buying extra APs there is also the possibility of channel interference ...

Страница 125: ...e short preamble when all wireless devices on the network support it otherwise the Device uses long preamble Note The wireless devices MUST use the same preamble mode in order to communicate 7 10 8 Wireless Distribution System WDS The Device can act as a wireless network bridge and establish WDS Wireless Distribution System links with other APs You need to know the MAC addresses of the APs you wan...

Страница 126: ...is for the Device see Section 7 6 on page 114 3 Press the button on one of the devices it doesn t matter which For the Device you must press the WPS button for more than three seconds 4 Within two minutes press the button on the other device The registrar sends the network name SSID and security key through an secure connection to the enrollee If you need to make sure that WPS worked check the lis...

Страница 127: ...nt s PIN in the AP s configuration interface 5 If the client device s configuration interface has an area for entering another device s PIN you can either enter the client s PIN in the AP or enter the AP s PIN in the client it does not matter which 6 Start WPS on both devices within two minutes 7 Use the configuration utility to activate WPS not the push button on the device itself 8 On a computer...

Страница 128: ...her device acts as the enrollee the device that receives network and security settings The registrar creates a secure EAP Extensible Authentication Protocol tunnel and sends the network name SSID and the WPA PSK or WPA2 PSK pre shared key to the enrollee Whether WPA PSK or WPA2 PSK is used depends on the standards supported by the devices If the registrar is already part of a network it sends the ...

Страница 129: ...ans that it is not part of an existing network and can act as either enrollee or registrar if it supports both functions If the registrar is unconfigured the security settings it transmits to the enrollee are randomly generated Once a WPS enabled device has connected to another device using WPS it becomes configured A configured wireless client can still act as enrollee or registrar in subsequent ...

Страница 130: ...network You know that Client 1 supports registrar mode but it is better to use AP1 for the WPS handshake with the new client since you must connect to the access point anyway in order to use the network In this case AP1 must be the registrar since it is configured it already has security information for the network AP1 supplies the existing security information to Client 2 Figure 50 WPS Example Ne...

Страница 131: ...ave two enrollees and one registrar you must set up the first enrollee by pressing the WPS button on the registrar and the first enrollee for example then check that it successfully enrolled then set up the second device in the same way WPS works only with other WPS enabled devices However you can still add non WPS devices to a network you already set up using WPS WPS works by automatically issuin...

Страница 132: ...o see if this has happened WPS works between only two devices simultaneously so if another device has enrolled your device will be unable to enroll and will not have access to the network If this happens open the access point s configuration interface and look at the list of associated clients usually displayed by MAC address It does not matter if the access point is the WPS registrar the enrollee...

Страница 133: ...ssign IP addresses on the LAN to specific individual computers based on their MAC Addresses Section 8 3 on page 138 Use the UPnP screen to enable UPnP and UPnP NAT traversal on the Device Section 8 4 on page 140 Use the Additional Subnet screen to configure IP alias and public static IP Section 8 5 on page 141 Use the STB Vendor ID screen to have the Device automatically create static DHCP entries...

Страница 134: ...efore you can access it RADVD Router Advertisement Daemon When an IPv6 host sends a Router Solicitation RS request to discover the available routers RADVD with Router Advertisement RA messages in response to the request It specifies the minimum and maximum intervals of RA broadcasts RA messages containing the address prefix IPv6 hosts can be generated with the IPv6 prefix an IPv6 address 8 1 2 2 A...

Страница 135: ...L has achieved UPnP certification from the Universal Plug and Play Forum UPnP Implementers Corp UIC ZyXEL s UPnP implementation supports Internet Gateway Device IGD 1 0 See Section 8 5 on page 141 for examples of installing and using UPnP Finding Out More See Section 8 11 on page 152 for technical background information on LANs 8 1 3 Before You Begin Find out the MAC addresses of your network devi...

Страница 136: ...network in dotted decimal notation for example 255 255 255 0 factory default Your Device automatically computes the subnet mask based on the IP Address you enter so do not change this field unless you are instructed to do so IGMP Snooping Status Select the Enable IGMP Snooping checkbox to allows the Device to passively learn multicast group IGMP Mode Select Standard Mode to have the Device forward...

Страница 137: ...ou have the Static DNS service DNS Server 1 DNS Server 2 Enter the first and second DNS Domain Name System server IP address the Device passes to the DHCP clients LAN IPv6 Mode Setup IPv6 State Select Enable to activate the IPv6 mode and configure IPv6 settings on the Device LAN IPv6 Address Setup Delegate prefix from WAN Select this option to automatically obtain an IPv6 network prefix from the s...

Страница 138: ...v6 server and pass IPv6 addresses DNS server and domain name information to DHCPv6 clients stateful DHCPv6 relay The Device uses IPv6 stateful autoconfiguration DHCPv6 Relay is enabled to have the Device relay client DHCPv6 requests DHCPv6 Configuration DHCPv6 State This shows the status of the DHCPv6 IPv6 DNS Values IPv6 DNS Server 1 3 Select From ISP if your ISP dynamically assigns IPv6 DNS serv...

Страница 139: ... connected to the Device MAC Address The MAC Media Access Control or Ethernet address on a LAN Local Area Network is unique to your computer six pairs of hexadecimal notation A network interface card such as an Ethernet adapter has a hardwired address that is assigned at the factory This address follows an industry standard that ensures no other adapter has a similar address IP Address This field ...

Страница 140: ...t and have the MAC Address and IP Address auto detected MAC Address If you select Manual Input enter the MAC address of a computer on your LAN IP Address If you select Manual Input enter the IP address that you want to assign to the computer on your LAN with the MAC address that you will also specify Apply Click Apply to save your changes Cancel Click Cancel to exit this screen without saving Tabl...

Страница 141: ...below to install the UPnP in Windows Me 1 Click Start and Control Panel Double click Add Remove Programs 2 Click on the Windows Setup tab and select Communication in the Components selection box Click Details Add Remove Programs Windows Setup Communication Apply Click Apply to save your changes Cancel Click Cancel to exit this screen without saving Table 34 Network Setting Home Networking UPnP con...

Страница 142: ...cation Components 4 Click OK to go back to the Add Remove Programs Properties window and click Next 5 Restart the computer when prompted Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP 1 Click Start and Control Panel 2 Double click Network Connections 3 In the Network Connections window click Advanced in the main menu and select Optional Networking Components...

Страница 143: ... Optional Networking Components Wizard 5 In the Networking Services window select the Universal Plug and Play check box Networking Services 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next 8 6 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP You must already have UPnP installed in Windows XP and UPnP ac...

Страница 144: ...e Auto discover Your UPnP enabled Network Device 1 Click Start and Control Panel Double click Network Connections An icon displays under Internet Gateway 2 Right click the icon and select Properties Network Connections 3 In the Internet Connection Properties window click Settings to see the port mappings there were automatically created Internet Connection Properties ...

Страница 145: ...ppings Internet Connection Properties Advanced Settings Internet Connection Properties Advanced Settings Add 5 When the UPnP enabled device is disconnected from your computer all port mappings will be deleted automatically 6 Select Show icon in notification area when connected option and click OK An icon displays in the system tray System Tray Icon ...

Страница 146: ...onnection Status Web Configurator Easy Access With UPnP you can access the web based configurator on the Device without finding out the IP address of the Device first This comes helpful if you do not know the IP address of the Device Follow the steps below to access the web configurator 1 Click Start and then Control Panel 2 Double click Network Connections ...

Страница 147: ...Network Places under Other Places Network Connections 4 An icon with the description for each UPnP enabled device displays under Local Network 5 Right click on the icon for your Device and select Invoke The web configurator login screen displays Network Connections My Network Places ...

Страница 148: ...G4380 B10A VMG4325 B10A User s Guide 148 6 Right click on the icon for your Device and select Properties A properties window displays with basic information about the Device Network Connections My Network Places Properties Example ...

Страница 149: ...xt Figure 56 Network Setting Home Networking Additional Subnet The following table describes the labels in this screen Table 35 Network Setting Home Networking Additional Subnet LABEL DESCRIPTION IP Alias Setup Group Name Select the interface group name for which you want to configure the IP alias settings See Chapter 13 on page 199 for how to create a new interface group Active Select the checkbo...

Страница 150: ... labels in this screen 8 9 The 5th Ethernet Port Screen If you are using DSL connection you can configure your Ethernet WAN port as an extra LAN port This fifth Ethernet port is a Gigabit port Click Network Settings Home Networking 5th Ethernet Port to open this screen Offer Public IP by DHCP Select the checkbox to enable the Device to provide public IP addresses by DHCP server Enable ARP Proxy Se...

Страница 151: ...e Select Enable to use the Ethernet WAN port as a LAN port on the Device Apply Click Apply to save your changes back to the Device Cancel Click Cancel to exit this screen without saving Table 38 Network Setting Home Networking LAN VLAN LABEL DESCRIPTION Lan Port These represent the Device s LAN ports Tag Operation Select what you want the Device to do to the IEEE 802 1q VLAN ID and priority tags o...

Страница 152: ...vice as a DHCP server or disable it When configured as a server the Device provides the TCP IP configuration for the clients If you turn DHCP service off you must have another DHCP server on your LAN or else the computer must be manually configured 802 1P Mark Use this option to set what to do for the IEEE 802 1p priority tags when you add or remark the tags for a LAN port s downstream traffic Eit...

Страница 153: ...t does not mean you can leave the DNS servers out of the DHCP setup under all circumstances If your ISP gives you explicit DNS servers make sure that you enter their IP addresses in the DHCP Setup screen 8 11 4 LAN TCP IP The Device has built in DHCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability IP Address and Subnet Mask Similar to the ...

Страница 154: ...dresses to the hosts without problems However the Internet Assigned Numbers Authority IANA has reserved the following three blocks of IP addresses specifically for private networks 10 0 0 0 10 255 255 255 172 16 0 0 172 31 255 255 192 168 0 0 192 168 255 255 You can obtain your IP address from the IANA from an ISP or it can be assigned from a private network If you belong to a small organization a...

Страница 155: ...Internet through the Device s default gateway R1 You create one static route to connect to services offered by your ISP behind router R2 You create another static route to communicate with a separate network behind a router R3 connected to the LAN Figure 61 Example of Routing Topology 9 1 1 What You Can Do in this Chapter Use the Static Route screen to view and set up static routes on the Device S...

Страница 156: ...te is active A gray bulb signifies that this route is not active Name This is the name that describes or identifies this route Destination IP This parameter specifies the IP network address of the final destination Routing is always based on network number Subnet Mask This parameter specifies the IP network subnet mask of the final destination Gateway This is the IP address of the gateway The gate...

Страница 157: ...activate deactivate this static route Select this to enable the static route Clear this to disable this static route without having to delete the entry Route Name Enter a descriptive name for the static route IP Type Select whether your IP type is IPv4 or IPv6 Destination IP Address Enter the IPv4 or IPv6 network address of the final destination IP Subnet Mask If you are using IPv4 and need to spe...

Страница 158: ...he labels in this screen Table 41 Network Setting Routing Policy Forwarding LABEL DESCRIPTION Add new Policy Forward Rule Click this to create a new policy forwarding rule This is the index number of the entry Policy Name This is the name of the rule Source IP This is the source IP address Source Subnet Mask his is the source subnet mask address Protocol This is the transport layer protocol Source...

Страница 159: ...ge routing information with other routers Table 42 Policy Forwarding Add Edit LABEL DESCRIPTION Policy Name Enter a descriptive name of up to 8 printable English keyboard characters not including spaces Source IP Enter the source IP address Source Subnet Mask Enter the source subnet mask address Protocol Select the transport layer protocol TCP or UDP Source Port Enter the source port number Source...

Страница 160: ...ing RIP version 1 is universally supported but RIP version 2 carries more information RIP version 1 is probably adequate for most networks unless you have an unusual network topology Operation Select Passive to have the Device update the routing table based on the RIP packets received from neighbors but not advertise its route information to other routers in this interface Select Active to have th...

Страница 161: ...gly Packets assigned a high priority are processed more quickly than those with low priority if there is congestion allowing time sensitive applications to flow more smoothly Time sensitive applications include both those that require a low level of latency delay and a low level of jitter variations in delay such as Voice over IP VoIP or Internet gaming and those for which jitter alone is a proble...

Страница 162: ...r while DiffServ is a new protocol and defines a new DS field which replaces the eight bit ToS Type of Service field in the IP header Tagging and Marking In a QoS class you can configure whether to add or change the DSCP DiffServ Code Point value IEEE 802 1p priority level and VLAN ID number in a matched packet When the packet passes through a compatible network the networking device such as a bac...

Страница 163: ...tering algorithms Token Bucket Filter TBF Single Rate Two Color Maker srTCM and Two Rate Two Color Marker trTCM You can specify actions which are performed on the colored packets See Section 10 8 on page 174 for more information on each metering algorithm 10 3 The Quality of Service General Screen Click Network Setting QoS General to open the screen as shown next Use this screen to enable or disab...

Страница 164: ...tream bandwidth for the LAN interfaces including WLAN that you want to allocate using QoS The recommendation is to set this speed to match the WAN interfaces actual transmission speed For example set the LAN managed downstream bandwidth to 100000 kbps if you use a 100 Mbps wired Ethernet WAN connection You can also set this number lower than the WAN interfaces actual transmission speed This will c...

Страница 165: ...that this queue is not active Name This shows the descriptive name of this queue Interface This shows the name of the Device s interface through which traffic in this queue passes Priority This shows the priority of this queue Weight This shows the weight of this queue Buffer Management This shows the queue management algorithm used for this queue Queue management algorithms determine how the Devi...

Страница 166: ...his field is read only if you are editing the queue Priority Select the priority level from 1 to 7 of this queue The smaller the number the higher the priority level Traffic assigned to higher priority queues gets through faster while traffic in lower priority queues is dropped if the network is congested Weight Select the weight from 1 to 8 of this queue If two queues have the same priority level...

Страница 167: ...lays whether the classifier is active or not A yellow bulb signifies that this classifier is active A gray bulb signifies that this classifier is not active Class Name This is the name of the classifier Classification Criteria This shows criteria specified in this classifier for example the interface from which traffic of this class should come and the source MAC address of traffic that matches th...

Страница 168: ...vice QoS VMG4380 B10A VMG4325 B10A User s Guide 168 10 5 1 Add Edit QoS Class Click Add new Classifier in the Class Setup screen or the Edit icon next to a classifier to open the following screen Figure 71 Class Setup Add Edit ...

Страница 169: ...AC Mask Type the mask for the specified MAC address to determine which bits a packet s MAC address should match Enter f for each bit of the specified source MAC address that the traffic s MAC address should match Enter 0 for the bit s of the matched traffic s MAC address which can be of any hexadecimal character s For example if you set the MAC address to 00 13 49 00 00 00 and the mask to ff ff ff...

Страница 170: ...n the Ether Type field Select this option and select a priority level between 0 and 7 from the drop down list box 0 is the lowest priority level and 7 is the highest VLAN ID This field is available only when you select 802 1Q in the Ether Type field Select this option and specify a VLAN ID number TCP ACK This field is available only when you select IP in the Ether Type field If you select this opt...

Страница 171: ...tup LABEL DESCRIPTION Add new Policer Click this to create a new entry This is the index number of the entry Status This field displays whether the policer is active or not A yellow bulb signifies that this policer is active A gray bulb signifies that this policer is not active Name This field displays the descriptive name of this policer Regulated Classes This field displays the name of a QoS cla...

Страница 172: ...ased on the token bucket filter and identifies packets by comparing them to the Committed Information Rate CIR and the Peak Information Rate PIR Committed Rate Specify the committed rate When the incoming traffic rate of the member QoS classes is less than the committed rate the device applies the conforming action to the traffic Committed Burst Size Specify the committed burst size for packet bur...

Страница 173: ...to save your changes Cancel Click Cancel to exit this screen without saving Table 50 Policer Setup Add Edit LABEL DESCRIPTION Table 51 Network Setting QoS Monitor LABEL DESCRIPTION Refresh Interval Enter how often you want the Device to update this screen Select No Refresh to stop refreshing statistics Interface Monitor This is the index number of the entry Name This shows the name of the interfac...

Страница 174: ...This allows the intermediary DiffServ compliant network devices to handle the packets differently depending on the code points without the need to negotiate paths or remember state information for every flow In addition applications do not have to request a particular service or give advanced notice of where the traffic is going DSCP and Per Hop Behavior DiffServ defines a new Differentiated Servi...

Страница 175: ... in the IP header There are eight classes of services ranging from zero to seven in IP precedence Zero is the lowest priority level and seven is the highest Automatic Priority Queue Assignment If you enable QoS on the Device the Device can automatically base on the IEEE 802 1p priority level IP precedence and or packet length to assign priority to traffic which does not match a class The following...

Страница 176: ...ugh tokens are available in the bucket In traffic policing Drops it Transmits it but adds a DSCP mark The Device may drop these marked packets if the network is overloaded Configure the bucket size to be equal to or less than the amount of the bandwidth that the interface can support It does not help if you set it to a bucket size over the interface s capability The smaller the bucket size the low...

Страница 177: ...M defined in RFC 2698 is a type of traffic policing that identifies packets by comparing them to two user defined rates the Committed Information Rate CIR and the Peak Information Rate PIR The CIR specifies the average rate at which packets are admitted to the network The PIR is greater than or equal to the CIR CIR and PIR values are based on the guaranteed and maximum bandwidth respectively as ne...

Страница 178: ...Chapter 10 Quality of Service QoS VMG4380 B10A VMG4325 B10A User s Guide 178 ...

Страница 179: ...reen to configure a default server Section 11 5 on page 187 Use the ALG screen to enable and disable the NAT and SIP VoIP ALG in the Device Section 11 6 on page 188 Use the Address Mapping screen to configure the Device s address mapping settings Section 11 7 on page 188 11 1 2 What You Need To Know Inside Outside Inside outside denotes where a host is located relative to the Device for example th...

Страница 180: ...sired server The port number identifies a service for example web service is on port 80 and FTP on port 21 In some cases such as for unknown services or where one server can support more than one service for example both FTP and web service it might be better to specify a range of port numbers You can allocate a server IP address that corresponds to a port or a range of ports The most often used p...

Страница 181: ...x number of the entry Status This field displays whether the NAT rule is active or not A yellow bulb signifies that this rule is active A gray bulb signifies that this rule is not active Service Name This shows the service s name WAN Interface This shows the WAN interface through which the service is forwarded WAN IP This field displays the incoming packet s destination IP address Server IP Addres...

Страница 182: ...e 55 Port Forwarding Add Edit LABEL DESCRIPTION Active Clear the checkbox to disable the rule Select the check box to enable it Service Name Enter a name to identify this rule using keyboard characters A Z a z 1 2 and so on WAN Interface Select the WAN interface through which the service is forwarded You must have already configured a WAN connection with NAT enabled WAN IP Enter the WAN IP address...

Страница 183: ...his shows the port number to which you want the Device to translate the incoming port For a range of ports enter the first number of the range to which you want the incoming ports translated Translation End Port This shows the last port of the translated port range Server IP Address Enter the inside IP address of the virtual server here Protocol Select the protocol supported by this virtual server...

Страница 184: ...he Device records the IP address of a LAN computer that sends traffic to the WAN to request a service with a specific port number and protocol a trigger port When the Device s WAN port receives a response with a specific port number and protocol open port the Device forwards the traffic to the LAN IP address of the computer that sent the request After that computer s connection for that service cl...

Страница 185: ...en Use this screen to view your Device s trigger port settings Figure 81 Network Setting NAT Port Triggering The following table describes the labels in this screen Table 58 Network Setting NAT Port Triggering LABEL DESCRIPTION Add new rule Click this to create a new rule This is the index number of the entry Status This field displays whether the port triggering rule is active or not A yellow bul...

Страница 186: ...e Open Proto This is the open transport layer protocol Modify Click the Edit icon to edit this rule Click the Delete icon to delete an existing rule Table 58 Network Setting NAT Port Triggering continued LABEL DESCRIPTION Table 59 Port Triggering Configuration Add Edit LABEL DESCRIPTION Active Select the check box to enable this rule Service Name Enter a name to identify this rule using keyboard c...

Страница 187: ...port number or the starting port number in a range of port numbers Open End Port Type a port number or the ending port number in a range of port numbers Open Protocol Select the transport layer protocol from TCP UDP or TCP UDP OK Click OK to save your changes Cancel Click Cancel to exit this screen without saving Table 59 Port Triggering Configuration Add Edit continued LABEL DESCRIPTION Table 60 ...

Страница 188: ...e 84 Network Setting NAT ALG The following table describes the fields in this screen 11 7 The Address Mapping Screen Ordering your rules is important because the Device applies the rules in the order that you specify When a rule matches the current packet the Device takes the corresponding action and the remaining rules are ignored Click Network Setting NAT Address Mapping to display the following...

Страница 189: ...types Global Start IP This is the starting Inside Global IP Address IGA Enter 0 0 0 0 here if you have a dynamic IP address from your ISP You can only do this for the Many to One mapping type Global End IP This is the ending Inside Global IP Address IGA This field is blank for One to One and Many to One mapping types Type This is the address mapping type One to One This mode maps one local IP addr...

Страница 190: ...mbers do not change for the One to one NAT mapping type Many to One This mode maps multiple local IP addresses to one global IP address This is equivalent to SUA i e PAT port address translation the Device s Single User Account feature that previous routers supported only Many to Many This mode maps multiple local IP addresses to shared global IP addresses Local Start IP Enter the starting Inside ...

Страница 191: ...k to the inside local address before forwarding it to the original inside host Note that the IP address either local or global of an outside host is never changed The global IP addresses for the inside hosts can be either static or dynamically assigned by the ISP In addition you can designate servers for example a web server and a telnet server on your local network and make them accessible to the...

Страница 192: ...es required for communication with hosts on other networks It replaces the original IP source address and TCP or UDP source port numbers for Many to One and Many to Many Overload NAT mapping in each packet and then forwards it to the Internet The Device keeps track of the original addresses and port numbers so incoming reply packets can have their original values restored The following figure illu...

Страница 193: ...t numbers are shown in the following table Please refer to RFC 1700 for further information about port numbers Please also refer to the Supporting CD for more examples and details on port forwarding and NAT Table 65 Services and Port Numbers SERVICES PORT NUMBER ECHO 7 FTP File Transfer Protocol 21 SMTP Simple Mail Transfer Protocol 25 DNS Domain Name System 53 Finger 79 HTTP Hyper Text Transfer p...

Страница 194: ...ample port 80 to another B in the example and assign a default server IP address of 192 168 1 35 to a third C in the example You assign the LAN IP addresses and the ISP assigns the WAN IP address The NAT network appears as a single host on the Internet Figure 89 Multiple Servers Behind NAT Example D 192 168 1 36 192 168 1 1 IP address assigned by ISP A 192 168 1 33 B 192 168 1 34 C 192 168 1 35 ...

Страница 195: ...the routing table Dynamic DNS Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you in NetMeeting CU SeeMe etc You can also access your FTP server or Web site on your own computer using a domain name for instance myhost dhs org where myhost is a name of your choice that will never change instead of using an IP address ...

Страница 196: ...t use Dynamic DNS 12 2 The DNS Entry Screen Use this screen to view and configure DNS routes on the Device Click Network Setting DNS to open the DNS Entry screen Figure 90 Network Setting DNS DNS Entry The following table describes the fields in this screen Table 66 Network Setting DNS DNS Entry LABEL DESCRIPTION Add new DNS entry Click this to create a new DNS entry This is the index number of th...

Страница 197: ...Figure 91 DNS Entry Add Edit The following table describes the labels in this screen 12 3 The Dynamic DNS Screen Use this screen to change your Device s DDNS Click Network Setting DNS Dynamic DNS The screen appears as shown Figure 92 Network Setting DNS Dynamic DNS Table 67 DNS Entry Add Edit LABEL DESCRIPTION Host Name Enter the host name of the DNS entry IP Address Enter the IP address of the DN...

Страница 198: ...ype the domain name assigned to your Device by your Dynamic DNS provider You can specify up to two host names in the field separated by a comma Username Type your user name Password Type the password assigned to you Email If you select TZO in the Service Provider field enter the user name you used to register for this service Key If you select TZO in the Service Provider field enter the password y...

Страница 199: ...t you create multiple networks on the Device Section 13 2 on page 199 13 2 The Interface Group Screen You can manually add a LAN interface to a new group Alternatively you can have the Device automatically add the incoming traffic and the LAN interface on which traffic is received to an interface group when its DHCP Vendor ID option information matches one listed for the interface group Use the LA...

Страница 200: ...Configuration Click the Add New Interface Group button in the Interface Group screen to open the following screen Use this screen to create a new interface group Table 69 Network Setting Interface Group LABEL DESCRIPTION Add New Interface Group Click this button to create a new interface group Group Name This shows the descriptive name of the group WAN Interface This shows the WAN interfaces in th...

Страница 201: ...ed LAN Interfaces Available LAN Interfaces Select one or more LAN interfaces Ethernet LAN HPNA or wireless LAN in the Available LAN Interfaces list and use the left arrow to move them to the Grouped LAN Interfaces list to add the interfaces to this group To remove a LAN or wireless LAN interface from the Grouped LAN Interfaces use the right facing arrow Automatically Add Clients With the following...

Страница 202: ...g Table 70 Interface Group Configuration continued LABEL DESCRIPTION Table 71 Interface Grouping Criteria LABEL DESCRIPTION Source MAC Address Enter the source MAC address of the packet DHCP Option 60 Select this option and enter the Vendor Class Identifier Option 60 of the matched traffic such as the type of the hardware or firmware Enable wildcard on DHCP option 60 option Select this option to b...

Страница 203: ...t identifies the device in the DUID field DHCP Option 125 Select this and enter vendor specific information of the matched traffic Enterprise Number Enter the vendor s 32 bit enterprise number registered with the IANA Internet Assigned Numbers Authority Manufactur er OUI Specify the vendor s OUI Organization Unique Identifier It is usually the first three bytes of the MAC address Product Class Ent...

Страница 204: ...Chapter 13 Interface Group VMG4380 B10A VMG4325 B10A User s Guide 204 ...

Страница 205: ...s that are connected on a network and share resources such as a printer or files Windows automatically assigns the workgroup name when you set up a network Shares When settings are set to default each USB device connected to the Device is given a folder called a share If a USB hard drive connected to the Device has more than one partition then each partition will be allocated a share You can also ...

Страница 206: ...et Protocol is a set of communications protocols that most of the Internet runs on Port A port maps a network service such as http to a process running on your computer such as a process run by your web browser When traffic from the Internet is received on your computer the port number is used to identify which process running on your computer it is intended for Supported OSs Your operating system...

Страница 207: ...ake sure the Device is connected to your network and turned on 1 Connect the USB device to one of the Device s USB port Make sure the Device is connected to your network 2 The Device detects the USB device and makes its contents available for browsing If you are connecting a USB hard drive that comes with an external power supply make sure it is connected to an appropriate power source that is on ...

Страница 208: ...ublish all shares for everyone to play media files in the USB storage device connected to the Device Use hardware based media clients like the DMA 2500 to play the files Note Anyone on your network can play the media files in the published shares No user name and password or other form of security is used The media server is enabled by default with the video photo and music shares published To cha...

Страница 209: ...r devices on your network The USB printer must be connected to your Device A USB printer with the driver already installed on your computer See Section 4 11 on page 62 for instructions on adding a printer on your computer Note Your printer s installation instructions may ask that you connect the printer to your computer Connect your printer to the Device instead Use this screen to enable or disabl...

Страница 210: ...ollowing table describes the labels in this menu Table 74 Network Setting USB Service Print Server LABEL DESCRIPTION Printer Server Select Enable to have the Device share a USB printer Printer Name Enter the name of the printer Make and model Enter the manufacturer and model number of the printer Apply Click Apply to save your changes Cancel Click Cancel to restore your previously saved settings ...

Страница 211: ...an initiate an IM Instant Messaging session from the LAN to the WAN 1 Return traffic for this session is also allowed 2 However other traffic initiated from the WAN is blocked 3 and 4 Figure 102 Default Firewall Action 15 1 1 What You Can Do in this Chapter Use the General screen to configure the security level of the firewall on the Device Section 15 2 on page 213 Use the Service screen to add or...

Страница 212: ...etwork resources The ZyXEL Device is pre configured to automatically detect and thwart all known DoS attacks DDoS A DDoS attack is one in which multiple compromised systems attack a single target thereby causing denial of service for users of the targeted system LAND Attack In a LAND attack hackers flood SYN packets into the network with a spoofed source IP address of the target system This makes ...

Страница 213: ...ed services and port numbers in the Service screen For a comprehensive list of port numbers and services visit the IANA Internet Assigned Number Authority website See Appendix F on page 353 for some examples Table 75 Security Firewall General LABEL DESCRIPTION Firewall Select Enable to activate the firewall feature on the Device Easy Select Easy to allow LAN to WAN and WAN to LAN packet directions...

Страница 214: ...ice rule in the Service screen to display the following screen Figure 105 Service Add Edit Table 76 Security Firewall Service LABEL DESCRIPTION Add new service entry Click this to add a new service Name This is the name of your customized service Description This is the description of your customized service Ports Protocol Number This shows the IP protocol TCP UDP ICMP or TCP UDP and the port numb...

Страница 215: ... service If you select Any the service is applied to all ports Type a single port number or the range of port numbers that define your customized service Protocol Number This field is displayed if you select Other as the protocol Enter the protocol number of your customized port Add Click this to add the protocol to the Rule List below Rule List Protocol This is the IP port TCP UDP ICMP or Other t...

Страница 216: ... source IP addresses to which this rule applies Please note that a blank source address is equivalent to Any Dst IP This displays the destination IP addresses to which this rule applies Please note that a blank destination address is equivalent to Any Service This displays the transport layer protocol that defines the service and the direction of traffic to which this rule applies Action This fiel...

Страница 217: ...racters not including spaces underscores and dashes You must enter the filter name to add an ACL rule This field is read only if you are editing the ACL rule Order Select the order of the ACL rule Select Source Device Select the source device to which the ACL rule applies If you select Specific IP Address enter the source IP address in the field below Source IP Address Enter the source IP address ...

Страница 218: ...rt This field is displayed only when you select Specific Protocol in Select Protocol Enter a single port number or the range of port numbers of the source Custom Destination Port This field is displayed only when you select Specific Protocol in Select Protocol Enter a single port number or the range of port numbers of the destination Policy Use the drop down list box to select whether to discard D...

Страница 219: ...ls in this screen Table 80 Security Firewall DoS LABEL DESCRIPTION DoS Protection Blocking Select Enable to enable protection against DoS attacks Deny Ping Response Select Enable to block ping request packets Apply Click Apply to save your changes Cancel Click Cancel to exit this screen without saving ...

Страница 220: ...Chapter 15 Firewall VMG4380 B10A VMG4325 B10A User s Guide 220 ...

Страница 221: ...Ethernet device has a unique MAC Media Access Control address The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters for example 00 A0 C5 00 00 02 You need to know the MAC addresses of the devices to configure this screen 16 2 The MAC Filter Screen Use this screen to allow wireless and LAN clients access to the Device Click Security MAC Filter The screen app...

Страница 222: ...listed will be denied access to the Device If you clear this the MAC Address field for this set clears Host name Enter the host name of the wireless or LAN clients that are allowed access to the Device MAC Address Enter the MAC addresses of the wireless or LAN clients that are allowed access to the Device in these address fields Enter the MAC addresses in a valid MAC address format that is six hex...

Страница 223: ...lowing screen Figure 110 Security Parental Control The following table describes the fields in this screen Table 82 Security Parental Control LABEL DESCRIPTION Parental Control Select Enable to activate parental control Add new PCP Click this if you want to configure a new parental control rule This shows the index number of the rule Status This indicates whether the rule is active or not A yellow...

Страница 224: ... 111 Parental Control Rule Add Edit Internet Access Schedule This shows the day s and time on which parental control is enabled Network Service This shows whether the network service is configured If not None will be shown Website Block This shows whether the website block is configured If not None will be shown Modify Click the Edit icon to go to the screen where you can edit the rule Click the D...

Страница 225: ...ce Setting If you select Block the Device prohibits the users from viewing the Web sites with the URLs listed below If you select Allow the Device blocks access to all URLs except ones listed below Add new service Click this to show a screen in which you can add a new service rule You can configure the Service Name Protocol and Name of the new rule This shows the index number of the rule Select th...

Страница 226: ...Chapter 17 Parental Control VMG4380 B10A VMG4325 B10A User s Guide 226 ...

Страница 227: ...ng screen Figure 112 Security Scheduler Rules The following table describes the fields in this screen Table 84 Security Scheduler Rules LABEL DESCRIPTION Add new rule Click this to create a new rule This is the index number of the entry Rule Name This shows the name of the rule Day This shows the day s on which this rule is enabled Time This shows the period of time on which this rule is enabled D...

Страница 228: ...ing table describes the fields in this screen Table 85 Scheduler Rules Add Edit LABEL DESCRIPTION Rule Name Enter a name up to 31 printable English keyboard characters not including spaces for this schedule Day Select check boxes for the days that you want the Device to perform this scheduler rule Time if Day Range Enter the time period of each day in 24 hour format during which parental control w...

Страница 229: ...ts you save the certificates of trusted CAs to the Device Section 19 4 on page 233 19 2 What You Need to Know The following terms and concepts may help as you read through this chapter Certification Authority A Certification Authority CA issues certificates and guarantees the identity of each certificate owner There are commercial certification authorities like CyberTrust or VeriSign and governmen...

Страница 230: ...ommended that you give each certificate a unique name Subject This field displays identifying information about the certificate s owner such as CN Common Name OU Organizational Unit or department O Organization or company and C Country It is recommended that each certificate have unique subject information Issuer This field displays identifying information about the certificate s issuing certifica...

Страница 231: ...s to identify this certificate Common Name Select Auto to have the Device configure this field automatically Or select Customize to enter it manually Type the IP address in dotted decimal notation domain name or e mail address in the field provided The domain name or e mail address can be up to 63 ASCII characters The domain name or e mail address is for identification purposes only and can be any...

Страница 232: ...After you create a certificate request and have it signed by a Certificate Authority in the Local Certificates screen click the certificate request s Load Signed icon to import the signed certificate into the Device Note You must remove any spaces from the certificate s filename before you can import it Figure 117 Load Signed Certificate ...

Страница 233: ... Apply Click Apply to save your changes Cancel Click Cancel to exit this screen without saving Table 89 Security Certificates Trusted CA LABEL DESCRIPTION Import Certificate Click this button to open a screen where you can save the certificate of a certification authority that you trust to the Device This is the index number of the entry Name This field displays the name used to identify this cert...

Страница 234: ... about the certificate ca means that a Certification Authority signed the certificate Subject This field displays information that identifies the owner of the certificate such as Common Name CN Organizational Unit OU Organization O and Country C Certificate This read only text box displays the certificate in Privacy Enhanced Mail PEM format PEM uses base 64 to convert the binary certificate into a...

Страница 235: ...screen Table 91 Trusted CA Import Certificate LABEL DESCRIPTION Certificate File Path Type in the location of the certificate you want to upload in this field or click Browse to find it Enable Trusted CA for 802 1x Authentication If you select this checkbox the trusted CA will be used for 802 1x authentication The selected trusted CA will be displayed in the Network Setting Broadband 802 1x Edit s...

Страница 236: ...Chapter 19 Certificates VMG4380 B10A VMG4325 B10A User s Guide 236 ...

Страница 237: ...rrors consist of both logs and alerts You may differentiate them by their color in the View Log screen Alerts display in red and logs display in black Syslog Overview The syslog protocol allows devices to send event notification messages across an IP network to syslog servers that collect the event messages A syslog enabled device can generate a syslog message and send it to a syslog server Syslog...

Страница 238: ...verity level you have selected When you select a severity the Device searches through all logs of that severity or higher Category Select the type of logs to display Clear Log Click this to delete all the logs Refresh Click this to renew the log screen Export Log Click this to export the selected log s Email Log Now Click this to send the log file s to the E mail address you specify in the Mainten...

Страница 239: ... through all logs of that severity or higher Category Select the type of logs to display Clear Log Click this to delete all the logs Refresh Click this to renew the log screen Export Log Click this to export the selected log s Email Log Now Click this to send the log file s to the E mail address you specify in the Maintenance Logs Setting screen This field is a sequential value and is not associat...

Страница 240: ...Chapter 20 Log VMG4380 B10A VMG4325 B10A User s Guide 240 ...

Страница 241: ...hat You Can Do in this Chapter Use the WAN screen to view the WAN traffic statistics Section 21 2 on page 241 Use the LAN screen to view the LAN traffic statistics Section 21 3 on page 243 21 2 The WAN Status Screen Click System Monitor Traffic Status to open the WAN screen The figure in this screen shows the number of bytes received and sent on the Device Figure 123 System Monitor Traffic Status ...

Страница 242: ... This indicates the number of frames with errors received on this interface Drop This indicates the number of received packets dropped on this interface more hide more Click more to show more information Click hide more to hide them Disabled Interface This shows the name of the WAN interface that is currently disconnected Packets Sent Data This indicates the number of transmitted packets on this i...

Страница 243: ...e LAN or WLAN interface Bytes Sent This indicates the number of bytes transmitted on this interface more hide more Click more to show more information Click hide more to hide them Interface This shows the LAN or WLAN interface Sent Packets Data This indicates the number of transmitted packets on this interface Error This indicates the number of frames with errors transmitted on this interface Drop...

Страница 244: ...Chapter 21 Traffic Status VMG4380 B10A VMG4325 B10A User s Guide 244 ...

Страница 245: ... in its own MAC and IP address in the sender address fields and puts the known IP address of the target in the target IP address field In addition the device puts all ones in the target MAC field FF FF FF FF FF FF is the Ethernet broadcast address The replying device which is either the IP address of the device being sought or the router that knows the way replaces the broadcast address with the t...

Страница 246: ...6 MAC Address This is the MAC address of the device with the listed IP address Device This is the type of interface used by the device You can click on the device type to go to its configuration screen Table 97 System Monitor ARP Table continued LABEL DESCRIPTION ...

Страница 247: ... the gateway that helps forward this route s traffic Subnet Mask This indicates the destination subnet mask of this route Flag This indicates the route status U Up The route is up Reject The route is blocked and will force a route lookup to fail G Gateway The route uses a gateway to forward traffic H Host The target of the route is a host R Reinstate The route is reinstated for dynamic routing D D...

Страница 248: ...sed to forward the route Interface This indicates the name of the interface through which the route is forwarded br0 indicates the LAN interface ptm0 indicates the WAN interface using IPoE or in bridge mode ppp0 indicates the WAN interface using PPPoE Table 98 System Monitor Routing Table continued LABEL DESCRIPTION ...

Страница 249: ...ble 99 System Monitor IGMP Group Status LABEL DESCRIPTION Interface This field displays the name of an interface on the Device that belongs to an IGMP multicast group Multicast Group This field displays the name of the IGMP multicast group to which the interface belongs Filter Mode INCLUDE means that only the IP addresses in the Source List get to receive the multicast group s traffic EXCLUDE mean...

Страница 250: ...Chapter 24 IGMP Status VMG4380 B10A VMG4325 B10A User s Guide 250 ...

Страница 251: ...er s Guide 251 CHAPTER 25 xDSL Statistics 25 1 The xDSL Statistics Screen Use this screen to view detailed DSL statistics Click System Monitor xDSL Statistics to open the following screen Figure 128 System Monitor xDSL Statistics ...

Страница 252: ...Delay This is the upstream and downstream interleave delay It is the wait in milliseconds that determines the size of a single block of data to be interleaved assembled and then transmitted Interleave delay is used when transmission error correction Reed Solomon is necessary due to a less than ideal telephone line The bigger the delay the bigger the data block size allowing better error correction...

Страница 253: ...ic Redundancy Checks ES This is the number of Errored Seconds meaning the number of seconds containing at least one errored block or at least one defect SES This is the number of Severely Errored Seconds meaning the number of seconds containing 30 or more errored blocks or at least one defect This is a subset of ES UAS This is the number of UnAvailable Seconds LOS This is the number of Loss Of Sig...

Страница 254: ...Chapter 25 xDSL Statistics VMG4380 B10A VMG4325 B10A User s Guide 254 ...

Страница 255: ...ccount LABEL DESCRIPTION User Name This field displays the name of the account that you used to log in the system Old Password Type the default password or the existing password you use to access the system in this field New Password Type your new system password up to 30 characters Note that as you type a password the screen displays a for each character you type After you change the password use...

Страница 256: ...Chapter 26 User Account VMG4380 B10A VMG4325 B10A User s Guide 256 ...

Страница 257: ...ote location through the following interfaces LAN WAN Trust Domain Note The Device is managed using the Web Configurator 27 2 The Remote MGMT Screen Use this screen to configure through which interface s users can use which service s to manage the Device Click Maintenance Remote MGMT to open the following screen Figure 130 Maintenance Remote MGMT ...

Страница 258: ...ble check box for the corresponding services that you want to allow access to the Device from the WAN Trust Domain Select the Enable check box for the corresponding services that you want to allow access to the Device from the Trust Domain Port You may change the server port number for a service if needed however you must use the same port number in order to use that service for remote management ...

Страница 259: ...te Procedure Calls RPCs between an ACS and a client device RPCs are sent in Extensible Markup Language XML format over HTTP or HTTPS An administrator can use an ACS to remotely set up the Device modify settings perform firmware upgrades as well as monitor and diagnose the Device You have to enable the device to be managed by the ACS and specify the ACS IP address or domain name and username and pa...

Страница 260: ... the pre configured WAN connection s Display SOAP messages on serial console Select Enable to show the SOAP messages on the console Connection Request Authentication Select this option to enable authentication when there is a connection request from the ACS Connection Request User Name Enter the connection request user name When the ACS makes a connection request to the Device this user name is us...

Страница 261: ...se a TR 064 compliant CPE management application on their computers from the LAN to discover the CPE and configure user specific parameters such as the username and password Click Maintenance TR 064 to open the following screen Figure 132 Maintenance TR 064 The following table describes the fields in this screen Table 104 Maintenance TR 064 LABEL DESCRIPTION State Select Enable to activate managem...

Страница 262: ...Chapter 29 TR 064 VMG4380 B10A VMG4325 B10A User s Guide 262 ...

Страница 263: ...em related settings such as system time password name the domain name and the inactivity timeout interval 30 2 The Time Screen To change your Device s time and date click Maintenance Time The screen appears as shown Use this screen to configure the Device s time based on your local time zone Figure 133 Maintenance Time Setting ...

Страница 264: ...ts of the United States on the second Sunday of March Each time zone in the United States starts using Daylight Saving Time at 2 A M local time So in the United States set the day to Second Sunday the month to March and the time to 2 in the Hour field Daylight Saving Time starts in the European Union on the last Sunday of March All of the time zones in the European Union start using Daylight Savin...

Страница 265: ...Time Settings VMG4380 B10A VMG4325 B10A User s Guide 265 Apply Click Apply to save your changes Cancel Click Cancel to exit this screen without saving Table 105 Maintenance Time Setting continued LABEL DESCRIPTION ...

Страница 266: ...Chapter 30 Time Settings VMG4380 B10A VMG4325 B10A User s Guide 266 ...

Страница 267: ...iew remove and add mail server information on the Device Figure 134 Maintenance Email Notification The following table describes the labels in this screen Table 106 Maintenance Email Notification LABEL DESCRIPTION Add New Email Click this button to create a new entry Mail Server Address This field displays the server name or the IP address of the mail server Username This field displays the user n...

Страница 268: ...field If this field is left blank reports logs or notifications will not be sent via e mail Authentication Username Enter the user name up to 32 characters This is usually the user name of a mail account you specified in the Account Email Address field Authentication Password Enter the password associated with the user name above Account Email Address Enter the e mail address that you want to be i...

Страница 269: ...can configure where the Device sends logs and which logs and or immediate alerts the Device records in the Logs Setting screen 32 2 The Log Settings Screen To change your Device s log settings click Maintenance Logs Setting The screen appears as shown Figure 136 Maintenance Logs Setting ...

Страница 270: ... be sent via E mail System Log Mail Subject Type a title that you want to be in the subject line of the system log e mail message that the Device sends Security Log Mail Subject Type a title that you want to be in the subject line of the security log e mail message that the Device sends Send Log to The Device sends logs to the e mail address specified in this field If this field is left blank the ...

Страница 271: ...00 From 192 168 1 131 To 192 168 1 255 default policy forward 09 54 17 UDP src port 00520 dest port 00520 1 00 3 Apr 7 00 From 192 168 1 6 To 10 10 10 10 match forward 09 54 19 UDP src port 03516 dest port 00053 1 01 snip snip 126 Apr 7 00 From 192 168 1 1 To 192 168 1 255 match forward 10 05 00 UDP src port 00520 dest port 00520 1 02 127 Apr 7 00 From 192 168 1 131 To 192 168 1 255 match forward ...

Страница 272: ...Chapter 32 Logs Setting VMG4380 B10A VMG4325 B10A User s Guide 272 ...

Страница 273: ... Protocol and may take up to two minutes After a successful upload the system will reboot Do NOT turn off the Device while firmware upload is in progress Figure 138 Maintenance Firmware Upgrade The following table describes the labels in this screen Table 109 Maintenance Firmware Upgrade LABEL DESCRIPTION Current Firmware Version This is the present Firmware version and the date created File Path ...

Страница 274: ...atically restarts in this time causing a temporary network disconnect In some operating systems you may see the following icon on your desktop Figure 140 Network Temporarily Disconnected After two minutes log in again and check your new firmware version in the Status screen If the upload was not successful the following screen will appear Click OK to go back to the Firmware Upgrade screen Figure 1...

Страница 275: ... restoring configuration appears in this screen as shown next Figure 142 Maintenance Configuration Backup Configuration Backup Configuration allows you to back up save the Device s current configuration to a file on your computer Once your Device is configured and functioning properly it is highly recommended that you back up your configuration file before making configuration changes The backup c...

Страница 276: ...twork Temporarily Disconnected If you uploaded the default configuration file you may need to change the IP address of your computer to be in the same subnet as that of the default device IP address 192 168 1 1 See Appendix A on page 291 for details on how to set up your computer s IP address If the upload was not successful the following screen will appear Click OK to go back to the Configuration...

Страница 277: ...et In Process Message You can also press the RESET button on the rear panel to reset the factory defaults of your Device Refer to Section 1 6 on page 22 for more information on the RESET button 34 3 The Reboot Screen System restart allows you to reboot the Device remotely without turning the power off You may need to do this if the Device hangs for example Click Maintenance Reboot Click Reboot to ...

Страница 278: ...The OAM Ping Test screen lets you send an ATM OAM Operation Administration and Maintenance packet to verify the connectivity of a specific PVC Section 35 5 on page 281 35 2 What You Need to Know The following terms and concepts may help as you read through this chapter How CFM Works A Maintenance Association MA defines a VLAN and associated Maintenance End Point MEP ports on the device under a Mai...

Страница 279: ...scribes the fields in this screen Table 111 Maintenance Diagnostic Ping TraceRoute NsLookup LABEL DESCRIPTION URL or IP Address Type the IP address of a computer that you want to perform ping traceroute or nslookup in order to test a connection Ping Click this to ping the IP address that you entered TraceRoute Click this button to perform the traceroute function This determines the path a packet t...

Страница 280: ...h the Device performs a CFM loopback test 802 1Q VLAN ID Type a VLAN ID 0 4095 for this MA VDSL Traffic Type This shows whether the VDSL traffic is activated Loopback Message LBM This shows how many Loop Back Messages LBMs are sent and if there is any inorder or outorder Loop Back Response LBR received from a remote MEP Linktrace Message LTM This shows the destination MAC address in the Link Trace...

Страница 281: ...the virtual channel VC level F4 cells use the same VPI as the user data cells on VP connections but use different predefined VCI values F5 cells use the same VPI and VCI as the user data cells on the VC connections and are distinguished from data cells by a predefinded Payload Type Identifier PTI in the cell header Both F4 flows and F5 flows are bidirectional and have two types segment F4 flows VC...

Страница 282: ...bes the fields in this screen Table 113 Maintenance Diagnostic OAM Ping Test LABEL DESCRIPTION Select a PVC on which you want to perform the loopback test F4 segment Press this to perform an OAM F4 segment loopback test F4 end end Press this to perform an OAM F4 end to end loopback test F5 segment Press this to perform an OAM F5 segment loopback test F5 end end Press this to perform an OAM F5 end ...

Страница 283: ...Ds turn on 1 Make sure the Device is turned on 2 Make sure you are using the power adaptor or cord included with the Device 3 Make sure the power adaptor or cord is connected to the Device and plugged in to an appropriate power source Make sure the power source is turned on 4 Turn the Device off and on 5 If the problem continues contact the vendor One of the LEDs does not behave as expected 1 Make...

Страница 284: ...ee Section 1 6 on page 22 I forgot the password 1 The default admin password is 1234 2 If this does not work you have to reset the device to its factory defaults See Section 1 6 on page 22 I cannot see or access the Login screen in the web configurator 1 Make sure you are using the correct IP address The default IP address is 192 168 1 1 If you changed the IP address Section 8 2 on page 135 use th...

Страница 285: ...n but I cannot log in to the Device 1 Make sure you have entered the password correctly The default admin password is 1234 The field is case sensitive so make sure Caps Lock is not on 2 You cannot log in to the web configurator while someone is using Telnet to access the Device Log out of the Device in the other session or ask the person who is logged in to log out 3 Turn the Device off and on 4 I...

Страница 286: ... you have the DSL WAN port connected to a telephone jack or the DSL or modem jack on a splitter if you have one 2 Make sure you configured a proper DSL WAN interface Network Setting Broadband screen with the Internet account information provided by your ISP and that it is enabled 3 Check that the LAN interface you are connected to is in the same interface group as the DSL connection Network Settin...

Страница 287: ... if the signal strength is low Reduce wireless interference that may be caused by other wireless networks or surrounding wireless electronics such as cordless phones Place the AP where there are minimum obstacles such as walls and ceilings between the AP and the wireless client Reduce the number of wireless clients connecting to the same AP simultaneously or add additional APs if necessary Try clo...

Страница 288: ... and is mostly used in business networks WEP Wired Equivalent Privacy WEP encryption scrambles the data transmitted between the wireless stations and the access points to keep network communications private 36 5 USB Device Connection The Device fails to detect my USB device 1 Disconnect the USB device 2 Reboot the Device 3 If you are connecting a USB hard drive that comes with an external power su...

Страница 289: ...eshooting VMG4380 B10A VMG4325 B10A User s Guide 289 I cannot open special applications such as white board file transfer and video when I use the MSN messenger 1 Wait more than three minutes 2 Restart the applications ...

Страница 290: ...Chapter 36 Troubleshooting VMG4380 B10A VMG4325 B10A User s Guide 290 ...

Страница 291: ...y TCP IP application package TCP IP should already be installed on computers using Windows NT 2000 XP Macintosh OS 7 and later operating systems After the appropriate TCP IP components are installed configure the TCP IP settings in order to communicate with your network If you manually assign IP information instead of using dynamic assignment make sure that your computers have IP addresses that pl...

Страница 292: ...k window click Add 2 Select Protocol and then click Add 3 Select Microsoft from the list of manufacturers 4 Select TCP IP from the list of network protocols and then click OK If you need Client for Microsoft Networks 1 Click Add 2 Select Client and then click Add 3 Select Microsoft from the list of manufacturers 4 Select Client for Microsoft Networks from the list of network clients and then click...

Страница 293: ... the IP Address and Subnet Mask fields Figure 153 Windows 95 98 Me TCP IP Properties IP Address 3 Click the DNS Configuration tab If you do not know your DNS information select Disable DNS If you know your DNS information select Enable DNS and type the information in the fields below you may not need to fill them all in Figure 154 Windows 95 98 Me TCP IP Properties DNS Configuration ...

Страница 294: ...OK to close the Network window Insert the Windows CD if prompted 7 Turn on your Device and restart your computer when prompted Verifying Settings 1 Click Start and then Run 2 In the Run window type winipcfg and then click OK to open the IP Configuration window 3 Select your network adapter You should see your computer s IP address subnet mask and default gateway Windows 2000 NT XP The following ex...

Страница 295: ... Guide 295 2 In the Control Panel double click Network Connections Network and Dial up Connections in Windows 2000 NT Figure 156 Windows XP Control Panel 3 Right click Local Area Connection and then click Properties Figure 157 Windows XP Control Panel Network Connections Properties ...

Страница 296: ...en click Properties Figure 158 Windows XP Local Area Connection Properties 5 The Internet Protocol TCP IP Properties window opens the General tab in Windows XP If you have a dynamic IP address click Obtain an IP address automatically If you have a static IP address click Use the following IP Address and fill in the IP address Subnet mask and Default gateway fields ...

Страница 297: ...tab in IP addresses click Add In TCP IP Address type an IP address in IP address and a subnet mask in Subnet mask and then click Add Repeat the above two steps for each IP address you want to add Configure additional default gateways in the IP Settings tab by clicking Add in Default gateways In TCP IP Gateway Address type the IP address of the default gateway in Gateway To manually configure a def...

Страница 298: ...IP Properties 7 In the Internet Protocol TCP IP Properties window the General tab in Windows XP Click Obtain DNS server address automatically if you do not know your DNS server IP address es If you know your DNS server IP address es click Use the following DNS server addresses and type them in the Preferred DNS server and Alternate DNS server fields ...

Страница 299: ...to close the Local Area Connection Properties window 10 Close the Network Connections window Network and Dial up Connections in Windows 2000 NT 11 Turn on your Device and restart your computer if prompted Verifying Settings 1 Click Start All Programs Accessories and then Command Prompt 2 In the Command Prompt window type ipconfig and then press ENTER You can also open Network Connections right cli...

Страница 300: ...B10A User s Guide 300 1 Click the Start icon Control Panel Figure 162 Windows Vista Start Menu 2 In the Control Panel double click Network and Internet Figure 163 Windows Vista Control Panel 3 Click Network and Sharing Center Figure 164 Windows Vista Network And Internet ...

Страница 301: ...etwork connections Figure 165 Windows Vista Network and Sharing Center 5 Right click Local Area Connection and then click Properties Note During this procedure click Continue whenever Windows displays a screen saying that it needs your permission to continue Figure 166 Windows Vista Network and Sharing Center ...

Страница 302: ...erties Figure 167 Windows Vista Local Area Connection Properties 7 The Internet Protocol Version 4 TCP IPv4 Properties window opens the General tab If you have a dynamic IP address click Obtain an IP address automatically If you have a static IP address click Use the following IP address and fill in the IP address Subnet mask and Default gateway fields ...

Страница 303: ...ttings tab in IP addresses click Add In TCP IP Address type an IP address in IP address and a subnet mask in Subnet mask and then click Add Repeat the above two steps for each IP address you want to add Configure additional default gateways in the IP Settings tab by clicking Add in Default gateways In TCP IP Gateway Address type the IP address of the default gateway in Gateway To manually configur...

Страница 304: ...CP IP Properties 9 In the Internet Protocol Version 4 TCP IPv4 Properties window the General tab Click Obtain DNS server address automatically if you do not know your DNS server IP address es If you know your DNS server IP address es click Use the following DNS server addresses and type them in the Preferred DNS server and Alternate DNS server fields ...

Страница 305: ... Internet Protocol Version 4 TCP IPv4 Properties window 11 Click Close to close the Local Area Connection Properties window 12 Close the Network Connections window 13 Turn on your Device and restart your computer if prompted Verifying Settings 1 Click Start All Programs Accessories and then Command Prompt 2 In the Command Prompt window type ipconfig and then press ENTER You can also open Network C...

Страница 306: ...p Your Computer s IP Address VMG4380 B10A VMG4325 B10A User s Guide 306 Macintosh OS 8 9 1 Click the Apple menu Control Panel and double click TCP IP to open the TCP IP Control Panel Figure 171 Macintosh OS 8 9 Apple Menu ...

Страница 307: ...n the IP Address box Type your subnet mask in the Subnet mask box Type the IP address of your Device in the Router address box 5 Close the TCP IP Control Panel 6 Click Save if prompted to save changes to your configuration 7 Turn on your Device and restart your computer if prompted Verifying Settings Check your TCP IP properties in the TCP IP Control Panel window Macintosh OS X 1 Click the Apple m...

Страница 308: ...ure 174 Macintosh OS X Network 4 For statically assigned settings do the following From the Configure box select Manually Type your IP address in the IP Address box Type your subnet mask in the Subnet mask box Type the IP address of your Device in the Router address box 5 Click Apply Now and close the window 6 Turn on your Device and restart your computer if prompted Verifying Settings Check your ...

Страница 309: ...and file location may vary depending on your Linux distribution and release version Note Make sure you are logged in as the root administrator Using the K Desktop Environment KDE Follow the steps below to configure your computer IP address using the KDE 1 Click the Red Hat button located on the bottom left corner select System Setting and click Network Figure 175 Red Hat 9 0 KDE Network Configurat...

Страница 310: ...lly obtain IP address settings with and select dhcp from the drop down list If you have a static IP address click Statically set IP Addresses and fill in the Address Subnet mask and Default Gateway Address fields 3 Click OK to save the changes and close the Ethernet Device General screen 4 If you know your DNS server IP address es click the DNS tab in the Network Configuration screen Enter the DNS...

Страница 311: ...ere eth0 is the name of the Ethernet card Open the configuration file with any plain text editor If you have a dynamic IP address enter dhcp in the BOOTPROTO field The following figure shows an example Figure 179 Red Hat 9 0 Dynamic IP Address Setting in ifconfig eth0 If you have a static IP address enter static in the BOOTPROTO field Type IPADDR followed by the IP address in dotted decimal notati...

Страница 312: ...Settings Enter ifconfig in a terminal screen to check your TCP IP properties Figure 183 Red Hat 9 0 Checking TCP IP Properties nameserver 172 23 5 1 nameserver 172 23 5 2 root localhost init d network restart Shutting down interface eth0 OK Shutting down loopback interface OK Setting network parameters OK Bringing up loopback interface OK Bringing up interface eth0 OK root localhost ifconfig eth0 ...

Страница 313: ...rk number and the other part is the host ID In the same way that houses on a street share a common street name the hosts on a network share a common network number Similarly as each house has its own house number each host on the network has its own unique identifying number the host ID Routers use the network number to send packets to the correct network while the host ID determines to which host...

Страница 314: ...sk has 32 bits If a bit in the subnet mask is a 1 then the corresponding bit in the IP address is part of the network number If a bit in the subnet mask is 0 then the corresponding bit in the IP address is part of the host ID The following example shows a subnet mask identifying the network number in bold text and host ID of an IP address 192 168 1 2 in decimal By convention subnet masks always co...

Страница 315: ... example As these two IP addresses cannot be used for individual hosts calculate the maximum number of possible hosts in a network as follows Notation Since the mask is always a continuous number of ones beginning from the left followed by a continuous number of zeros for the remainder of the 32 bit mask you can simply specify the number of ones instead of writing the value of each octet This is u...

Страница 316: ...llowing a maximum of 28 2 or 254 possible hosts The following figure shows the company network before subnetting Figure 185 Subnetting Example Before Subnetting You can borrow one of the host ID bits to divide the network 192 168 1 0 into two separate sub networks The subnet mask is now 25 bits 255 255 255 128 or 25 The borrowed host ID bit can have a value of either 0 or 1 allowing two subnets 19...

Страница 317: ... is 192 168 1 1 and the highest is 192 168 1 126 Similarly the host ID range for subnet B is 192 168 1 129 to 192 168 1 254 Example Four Subnets The previous example illustrated using a 25 bit subnet mask to divide a 24 bit address into two subnets Similarly to divide a 24 bit address into four subnets you need to borrow two host ID bits to give four possible combinations 00 01 10 and 11 The subne...

Страница 318: ...ghest Host ID 192 168 1 126 Table 120 Subnet 3 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address 192 168 1 128 Lowest Host ID 192 168 1 129 Broadcast Address 192 168 1 191 Highest Host ID 192 168 1 190 Table 121 Subnet 4 IP SUBNET MASK NETWORK NUMBER...

Страница 319: ...SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 1 255 255 255 128 25 2 126 2 255 255 255 192 26 4 62 3 255 255 255 224 27 8 30 4 255 255 255 240 28 16 14 5 255 255 255 248 29 32 6 6 255 255 255 252 30 64 2 7 255 255 255 254 31 128 1 Table 124 16 bit Network Number Subnet Planning NO BORROWED HOST BITS SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 1 255 255 128 0 17 2 32766 2 255 255 192 0 18 4 16382 3 255...

Страница 320: ...dress Your Device will compute the subnet mask automatically based on the IP address that you entered You don t need to change the subnet mask computed by the Device unless you are instructed to do otherwise Private IP Addresses Every machine on the Internet must have a unique address If your networks are isolated from the Internet running only between two branch offices for example you can assign...

Страница 321: ... vary Internet Explorer Pop up Blockers You may have to disable pop up blocking to log into your device Either disable pop up blocking enabled by default in Windows XP SP Service Pack 2 or allow pop up blocking and create an exception for your device s IP address Disable Pop up Blockers 1 In Internet Explorer select Tools Pop up Blocker and then select Turn Off Pop up Blocker Figure 187 Pop up Blo...

Страница 322: ...ection of the screen This disables any web pop up blockers you may have enabled Figure 188 Internet Options Privacy 3 Click Apply to save this setting Enable Pop up Blockers with Exceptions Alternatively if you only want to allow pop up windows from your device see the following steps 1 In Internet Explorer select Tools Internet Options and then the Privacy tab ...

Страница 323: ...10A VMG4325 B10A User s Guide 323 2 Select Settings to open the Pop up Blocker Settings screen Figure 189 Internet Options Privacy 3 Type the IP address of your device the web page that you do not want to have blocked with the prefix http For example http 192 168 167 1 ...

Страница 324: ...4 Click Add to move the IP address to the list of Allowed sites Figure 190 Pop up Blocker Settings 5 Click Close to return to the Privacy screen 6 Click Apply to save this setting JavaScripts If pages of the web configurator do not display properly in Internet Explorer check that JavaScripts are allowed ...

Страница 325: ...net Explorer click Tools Internet Options and then the Security tab Figure 191 Internet Options Security 2 Click the Custom Level button 3 Scroll down to Scripting 4 Under Active scripting make sure that Enable is selected the default 5 Under Scripting of Java applets make sure that Enable is selected the default ...

Страница 326: ...6 6 Click OK to close the window Figure 192 Security Settings Java Scripting Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll down to Microsoft VM 4 Under Java permissions make sure that a safety level is selected ...

Страница 327: ...MG4380 B10A VMG4325 B10A User s Guide 327 5 Click OK to close the window Figure 193 Security Settings Java JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 Make sure that Use Java 2 for applet under Java Sun is selected ...

Страница 328: ... 3 Click OK to close the window Figure 194 Java Sun Mozilla Firefox Mozilla Firefox 2 0 screens are used here Screens for other versions may vary You can enable Java Javascripts and pop ups in one screen Click Tools then click Options in the screen that appears Figure 195 Mozilla Firefox Tools Options ...

Страница 329: ...indows JavaScripts and Java Permissions VMG4380 B10A VMG4325 B10A User s Guide 329 Click Content to show the screen below Select the check boxes as shown in the following screen Figure 196 Mozilla Firefox Content Security ...

Страница 330: ...Appendix C Pop up Windows JavaScripts and Java Permissions VMG4380 B10A VMG4325 B10A User s Guide 330 ...

Страница 331: ...rk which is commonly referred to as an ad hoc network or Independent Basic Service Set IBSS The following diagram shows an example of notebook computers using wireless adapters to form an ad hoc wireless LAN Figure 197 Peer to Peer Communication in an Ad hoc Network BSS A Basic Service Set BSS exists when all communications between wireless clients or between a wireless client and a wired network ...

Страница 332: ...ice Set ESS consists of a series of overlapping BSSs each containing an access point with each access point connected together by a wired network This wired connection between APs is called a Distribution System DS This type of wireless LAN topology is called an Infrastructure WLAN The Access Points not only provide communication with the wired network but also mediate wireless network traffic in ...

Страница 333: ... to reduce interference Interference occurs when radio signals from different access points overlap causing interference and degrading performance Adjacent channels partially overlap however To avoid interference due to overlap your AP should be on a channel at least five channels away from a channel that an adjacent AP is using For example if your region has 11 channels and an adjacent AP is usin...

Страница 334: ...o reserves and confirms with the requesting station the time frame for the requested transmission Stations can send frames smaller than the specified RTS CTS directly to the AP without the RTS Request To Send CTS Clear to Send handshake You should only configure RTS CTS if the possibility of hidden nodes exists on your network and the cost of resending large frames is more than the extra network o...

Страница 335: ...tween wireless clients access points and the wired network Wireless security methods available on the Device are data encryption wireless client authentication restricting access by device MAC address and hiding the Device identity The following figure shows the relative effectiveness of these wireless security methods available on your Device Note You must enable the same wireless security settin...

Страница 336: ...lient and the server is the RADIUS server The RADIUS server handles the following tasks Authentication Determines the identity of the users Authorization Determines the network services available to authenticated users once they are connected to the network Accounting Keeps track of the client s network activity RADIUS is a simple package exchange in which your AP acts as a message relay between t...

Страница 337: ... users and a CA issues certificates and guarantees the identity of each certificate owner EAP MD5 Message Digest Algorithm 5 MD5 authentication is the simplest one way authentication method The authentication server sends a challenge to the wireless client The wireless client proves that it knows the password by encrypting the password with the challenge and sends back the information Password is ...

Страница 338: ...xchange The AP maps a unique key that is generated with the RADIUS server This key expires when the wireless connection times out disconnects or reauthentication times out A new WEP key is generated each time reauthentication is performed If this feature is enabled it is not necessary to configure a default encryption key in the wireless security configuration screen You may still configure and st...

Страница 339: ...d distributed by the authentication server AES Advanced Encryption Standard is a block cipher that uses a 256 bit mathematical algorithm called Rijndael They both include a per packet key mixing function a Message Integrity Check MIC named Michael an extended initialization vector IV with sequencing rules and a re keying mechanism WPA and WPA2 regularly change and rotate the encryption keys so tha...

Страница 340: ...entication process again Pre authentication enables fast roaming by allowing the wireless client already connecting to an AP to perform IEEE 802 1x authentication with another AP before connecting to it Wireless Client WPA Supplicants A wireless client supplicant is the software that runs on an operating system instructing the wireless client how to use WPA At the time of writing the most widely a...

Страница 341: ...ntical passwords into the AP and all wireless clients The Pre Shared Key PSK must consist of between 8 and 63 ASCII characters or 64 hexadecimal characters including spaces and symbols 2 The AP checks each wireless client s password and allows it to join the network only if the password matches 3 The AP and wireless clients generate a common PMK Pairwise Master Key The key itself is not sent over ...

Страница 342: ...2 11g or 5GHz IEEE 802 11a is needed to communicate efficiently in a wireless LAN Radiation Pattern A radiation pattern is a diagram that allows you to visualize the shape of the antenna s coverage area Antenna Gain Antenna gain measured in dB decibel is the increase in coverage within the RF beam width Higher antenna gain improves the range of the signal for better communications For an indoor si...

Страница 343: ...s possible to make circular overlapping coverage areas with multiple access points Directional antennas concentrate the RF signal in a beam like a flashlight does with the light from its bulb The angle of the beam determines the width of the coverage pattern Angles typically range from 20 degrees very directional to 120 degrees less directional Directional antennas are ideal for hallways and outdo...

Страница 344: ...Appendix D Wireless LANs VMG4380 B10A VMG4325 B10A User s Guide 344 ...

Страница 345: ...00 1a2f 0000 0000 0015 can be written as 2001 0db8 1a2f 0000 0000 0015 2001 0db8 0000 0000 1a2f 0015 2001 db8 1a2f 0 0 15 or 2001 db8 0 0 1a2f 15 Prefix and Prefix Length Similar to an IPv4 subnet mask IPv6 uses an address prefix to represent the network address An IPv6 prefix length specifies how many most significant bits start from the left in the address compose the network address The prefix ...

Страница 346: ...all hosts in a multicast group Multicast scope allows you to determine the size of the multicast group A multicast address has a predefined prefix of ff00 8 The following table describes some of the predefined multicast addresses The following table describes the multicast addresses which are reserved and can not be assigned to a multicast group Table 130 Predefined Multicast Address MULTICAST ADD...

Страница 347: ...wing example Identity Association An Identity Association IA is a collection of addresses assigned to a DHCP client through which the server and client can manage a set of related IP addresses Each IA must be associated with exactly one interface The DHCP client uses the IA assigned to an interface to obtain configuration from a DHCP server for that interface Each IA consists of a unique IAID and ...

Страница 348: ...fter the relay agent restarts Prefix Delegation Prefix delegation enables an IPv6 router to use the IPv6 prefix network address received from the ISP or a connected uplink router for its LAN The Device uses the received IPv6 prefix for example 2001 db2 48 to generate its LAN IP address Through sending Router Advertisements RAs regularly by multicast the Device passes the IPv6 prefix information to...

Страница 349: ...ched directly without passing through a router If the address is unlink the address is considered as the next hop Otherwise the Device determines the next hop from the default router list or routing table Once the next hop IP address is known the Device looks into the neighbor cache to get the link layer address and sends the packet when the neighbor is reachable If the Device cannot find an entry...

Страница 350: ...Pv6 If your network uses DHCPv6 for IP address assignment you have to additionally install a DHCPv6 client software on your Windows XP Note If you use static IP addresses or Router Advertisement for IPv6 address assignment in your network ignore this section This example uses Dibbler as the DHCPv6 client To enable DHCPv6 client on your computer 1 Install Dibbler and select the DHCPv6 client option...

Страница 351: ...dress from a DHCPv6 server Example Enabling IPv6 on Windows 7 Windows 7 supports IPv6 by default DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer To enable IPv6 in Windows 7 1 Select Control Panel Network and Sharing Center Local Area Connection 2 Select the Internet Protocol Version 6 TCP IPv6 checkbox to enable it 3 Click OK to save the change ...

Страница 352: ...ck your dynamic IPv6 address This example shows a global address 2001 b021 2d 1000 obtained from a DHCP server C ipconfig Windows IP Configuration Ethernet adapter Local Area Connection Connection specific DNS Suffix IPv6 Address 2001 b021 2d 1000 Link local IPv6 Address fe80 25d8 dcab c80a 5189 11 IPv4 Address 172 16 100 61 Subnet Mask 255 255 255 0 Default Gateway fe80 213 49ff feaa 7125 11 172 ...

Страница 353: ... the type of IP protocol used by the service If this is TCP UDP then the service uses the same port number with TCP and UDP If this is USER DEFINED the Port s is the IP protocol number not the port number Port s This value depends on the Protocol If the Protocol is TCP UDP or TCP UDP this is the IP port number If the Protocol is USER this is the IP protocol number Description This is a brief expla...

Страница 354: ...rotocol a program to enable fast transfer of files including large files that may not be possible by e mail H 323 TCP 1720 NetMeeting uses this protocol HTTP TCP 80 Hyper Text Transfer Protocol a client server protocol for the world wide web HTTPS TCP 443 HTTPS is a secured http session often used in e commerce ICMP User Defined 1 Internet Control Message Protocol is often used for diagnostic purp...

Страница 355: ...TUNNEL GRE User Defined 47 PPTP Point to Point Tunneling Protocol enables secure transfer of data over public networks This is the data channel RCMD TCP 512 Remote Command Service REAL_AUDIO TCP 7070 A streaming audio service that enables real time sound over the web REXEC TCP 514 Remote Execution Daemon RLOGIN TCP 513 Remote Login ROADRUNNER TCP UDP 1026 This is an ISP that provides services main...

Страница 356: ...S UDP 1558 Stream Works Protocol SYSLOG UDP 514 Syslog allows you to send system logs to a UNIX server TACACS UDP 49 Login Host Protocol used for Terminal Access Controller Access Control System TELNET TCP 23 Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments It operates over TCP IP networks Its primary function is to allow users to log into remote ...

Страница 357: ...ons Commission FCC Interference Statement The device complies with Part 15 of FCC rules Operation is subject to the following two conditions This device may not cause harmful interference This device must accept any interference received including interference that may cause undesired operations This device has been tested and found to comply with the limits for a Class B digital device pursuant t...

Страница 358: ...用電波輻射性電機設備之干擾 本機限在不干擾合法電臺與不受被干擾保障條件下於室內使用 減少電磁波影響 請妥適使用 Notices Changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment This device has been designed for the WLAN 2 4 GHz network throughout the EC region and Switzerland with restrictions in France Ce produit est conçu pour les bandes de fréquences 2 4 GHz et o...

Страница 359: ...ary from country to country Registration Register your product online to receive e mail notices of firmware upgrades and information at www zyxel com for global products or at www us zyxel com for North American products Safety Warnings Do NOT use this product near water for example in a wet basement or near a swimming pool Do NOT expose your device to dampness dust or corrosive liquids Do NOT sto...

Страница 360: ...r use only utilisation intérieure exclusivement The screen of the coaxial cable is intended to be connected to earth in the building installation Your product is marked with this symbol which is known as the WEEE mark WEEE stands for Waste Electronics and Electrical Equipment It means that used electrical and electronic products should not be mixed with general waste Used electrical and electronic...

Страница 361: ...ation Server see ACS 259 B backup configuration 275 Basic Service Set See BSS 331 Basic Service Set see BSS blinking LEDs 21 Broadband 75 broadcast 99 BSS 124 331 example 124 C CA 229 337 Canonical Format Indicator See CFI CCMs 278 certificate factory default 230 Certificate Authority See CA certificates 229 authentication 229 CA creating 231 public key 229 replacing 230 storage space 230 Certific...

Страница 362: ...ystem See DNS DoS 212 DS field 174 DS dee differentiated services DSCP 174 dynamic DNS 195 wildcard 196 Dynamic Host Configuration Protocol see DHCP dynamic WEP key exchange 338 DYNDNS wildcard 196 E EAP Authentication 337 ECHO 193 e mail log example 270 Encapsulation 97 MER 97 PPP over Ethernet 97 encapsulation 76 encryption 123 339 ESS 332 Extended Service Set IDentification 104 111 Extended Ser...

Страница 363: ...AN 76 IP Address Assignment 98 IP alias NAT applications 193 IPv6 77 345 addressing 77 100 345 EUI 64 347 global address 346 interface ID 347 link local address 345 Neighbor Discovery Protocol 345 ping 345 prefix 77 100 345 prefix delegation 79 prefix length 77 100 345 unspecified address 346 ISP 76 iTunes server 208 L LAN 133 client list 138 DHCP 134 152 DNS 134 153 IP address 134 135 153 MAC add...

Страница 364: ...ddress Translation see NAT Network Address Translation see NAT Network Map 71 network map 29 NNTP 193 P Pairwise Master Key PMK 339 341 passwords 26 PBC 126 Per Hop Behavior see PHB 175 PHB 175 PIN WPS 126 example 128 Ping of Death 212 Point to Point Tunneling Protocol 193 POP3 193 port forwarding 180 ports 21 PPP over Ethernet see PPPoE PPPoE 76 97 Benefits 97 PPTP 193 preamble 118 121 preamble m...

Страница 365: ... control 257 Service Set 104 111 Services 193 setup firewalls 213 static route 96 157 197 Single Rate Three Color Marker see srTCM SIP ALG 188 activation 188 SMTP 193 SNMP 193 SNMP trap 193 SPI 212 srTCM 176 SSID 122 activation 110 MBSSID 124 static route 155 267 configuration 96 157 197 example 155 static VLAN status 71 firmware version 73 LAN 73 WAN 73 wireless LAN 73 status indicators 21 subnet...

Страница 366: ... 26 WEP 123 WEP Encryption 106 107 WEP encryption 105 WEP key 105 Wi Fi Protected Access 339 wireless client WPA supplicants 340 Wireless Distribution System see WDS wireless LAN 101 119 authentication 121 122 BSS 124 example 124 channel 120 encryption 123 example 120 fragmentation threshold 117 121 limitations 123 MAC address filter 111 122 MBSSID 124 preamble 118 121 RADIUS server 122 RTS CTS th...

Страница 367: ...cation example 340 WPA2 339 user authentication 340 vs WPA2 PSK 339 wireless client supplicant 340 with RADIUS application example 340 WPA2 Pre Shared Key 339 WPA2 PSK 339 application example 341 WPA PSK 123 339 application example 341 WPS 125 128 example 129 limitations 131 PIN 126 example 128 push button 23 126 ...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды