Page 1 VMG8924-B10A Dual Band Wireless AC/N VDSL2 VoIP Combo WAN Gigabit IAD Version 1.00 Edition 1, 6/2013 Quick Start Guide User’s Guide Default Login Details LAN IP Address http://192.168.1.1 Login admin Password 1234 www.zyxel.com Copyright © 2013 ZyXEL Communications Corporation...
Page 2 Every effort has been made to ensure that the information in this manual is accurate. Related Documentation • Quick Start Guide The Quick Start Guide shows how to connect the Device and get up and running right away. VMG8924-B10A User’s Guide...
Page 3: Table Of Contents
Traffic Status ............................269 VoIP Status ............................273 ARP Table .............................275 Routing Table ............................277 IGMP/MLD Status ..........................279 xDSL Statistics ............................281 3G Statistics ............................285 User Account ............................287 Remote Management ..........................289 TR-069 Client ............................293 TR-064 ..............................295 SNMP ..............................297 Time Settings ............................299 VMG8924-B10A User’s Guide...
Page 4 Contents Overview E-mail Notification ..........................303 Logs Setting ............................305 Firmware Upgrade ..........................309 Configuration ............................311 Diagnostic .............................315 Troubleshooting ............................321 VMG8924-B10A User’s Guide...
Page 5: Table Of Contents
2.1.1 Accessing the Web Configurator .....................25 2.2 Web Configurator Layout ........................27 2.2.1 Title Bar ...........................27 2.2.2 Main Window ...........................28 2.2.3 Navigation Panel ........................29 Chapter 3 Quick Start............................33 3.1 Overview ............................33 3.2 Quick Start Setup ..........................33 Part II: Technical Reference................35 VMG8924-B10A User’s Guide...
Page 6 6.6 The WMM Screen ..........................86 6.7 The WDS Screen ..........................87 6.7.1 WDS Scan ..........................88 6.8 The Others Screen ..........................89 6.9 The Channel Status Screen ......................91 6.10 Technical Reference ........................91 6.10.1 Wireless Network Overview ....................92 6.10.2 Additional Wireless Terms .....................93 VMG8924-B10A User’s Guide...
Page 7 8.3 The DNS Route Screen ........................132 8.3.1 The DNS Route Add Screen ....................132 8.4 The Policy Forwarding Screen ......................133 8.4.1 Add/Edit Policy Forwarding ....................134 8.5 RIP ..............................135 8.5.1 The RIP Screen ........................135 Chapter 9 Quality of Service (QoS)........................137 VMG8924-B10A User’s Guide...
Page 8 10.10.4 NAT Application .........................171 Chapter 11 Dynamic DNS Setup .........................173 11.1 Overview ............................173 11.1.1 What You Can Do in this Chapter ..................173 11.1.2 What You Need To Know .....................174 11.2 The DNS Entry Screen ........................174 11.2.1 Add/Edit DNS Entry ......................175 VMG8924-B10A User’s Guide...
Page 9 15.1.1 What You Can Do in this Chapter ..................195 15.1.2 What You Need to Know ......................196 15.2 The Firewall Screen ........................197 15.3 The Protocol Screen ........................197 15.3.1 Add/Edit a Service ......................198 15.4 The Access Control Screen ......................199 VMG8924-B10A User’s Guide...
Page 10 20.2 The IPSec VPN General Screen ....................219 20.3 The IPSec VPN Add/Edit Screen ....................220 20.4 The IPSec VPN Monitor Screen ....................226 20.5 Technical Reference ........................226 20.5.1 IPSec Architecture .......................226 20.5.2 Encapsulation ........................227 20.5.3 IKE Phases .........................228 20.5.4 Negotiation Mode ........................229 VMG8924-B10A User’s Guide...
Page 11 Traffic Status ............................269 23.1 Overview ............................269 23.1.1 What You Can Do in this Chapter ..................269 23.2 The WAN Status Screen .......................269 23.3 The LAN Status Screen .........................271 23.4 The NAT Status Screen .........................272 Chapter 24 VoIP Status ............................273 VMG8924-B10A User’s Guide...
Page 12 Remote Management........................289 31.1 Overview ............................289 31.2 The Remote MGMT Screen ......................289 31.3 The Trust Domain Screen ......................290 31.4 The Add Trust Domain Screen ......................291 Chapter 32 TR-069 Client.............................293 32.1 Overview ............................293 32.2 The TR-069 Client Screen ......................293 VMG8924-B10A User’s Guide...
Page 13 39.1 Overview ............................311 39.2 The Configuration Screen ......................311 39.3 The Reboot Screen ........................313 Chapter 40 Diagnostic ............................315 40.1 Overview ............................315 40.1.1 What You Can Do in this Chapter ..................315 40.2 What You Need to Know .......................315 VMG8924-B10A User’s Guide...
Page 14 Appendix A Setting up Your Computer’s IP Address ...............327 Appendix B IP Addresses and Subnetting..................349 Appendix C Pop-up Windows, JavaScripts and Java Permissions ..........357 Appendix D Wireless LANs......................367 Appendix E IPv6 ..........................381 Appendix F Services........................389 Appendix G Legal Information ......................393 Index ..............................397 VMG8924-B10A User’s Guide...
Page 15: User's Guide
User’s Guide...
Page 17: Introducing The Device
Device to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the Device. You could simply restore your last configuration. VMG8924-B10A User’s Guide...
Page 18: Applications For The Device
Internet to your network is blocked by default unless it is initiated from your network. This means that probes from the outside to your network are not allowed, but you can safely browse the Internet and download files. VMG8924-B10A User’s Guide...
Page 19: Device's Usb Support
You can also use the Device as a media server. This lets anyone on your network play video, music, and photos from a USB device (B) connected to the Device’s USB port (without having to copy them to another computer). Figure 3 USB Media Server Application VMG8924-B10A User’s Guide...
Page 20: Leds (Lights)
The Device is not receiving power. Green The ADSL line is up. Blinking The Device is initializing the ADSL line. Orange The VDSL line is up. Blinking The Device is initializing the VDSL line. The DSL line is down. VMG8924-B10A User’s Guide...
Page 21 The Device recognizes a USB connection through the USB1 slot. Blinking The Device is sending/receiving data to /from the USB device connected USB1 to it. The Device does not detect a USB connection through the USB1 slot. VMG8924-B10A User’s Guide...
Page 22: The Reset Button
LED turns green, the wireless network is active. You can also use the WPS button to quickly set up a secure wireless connection between the Device and a WPS-compatible client by adding one device at a time. VMG8924-B10A User’s Guide...
Page 23: Wall-Mounting Instructions
Drill the two screw holes in the wall. Be careful to avoid damaging pipes or cables located inside the wall when drilling holes for the screws. Align and insert the bracket to the wall-mounting notches on the rear panel of the Device. VMG8924-B10A User’s Guide...
Page 24 Push the bracket up to tightly attach it to the Device. Mount the Device on the screws which are already installed on the wall. Make sure that the Device is firmly attached to the screws so it does not fall off. VMG8924-B10A User’s Guide...
Page 25: The Web Configurator
If you have changed the password, enter your password and click Login. Figure 7 Password Screen VMG8924-B10A User’s Guide...
Page 26 After you finished or closed the Quick Start Wizard screen, the Network Map page appears. Figure 9 Network Map Click Status to display the Status screen, where you can view the Device’s interface and system information. VMG8924-B10A User’s Guide...
Page 27: Web Configurator Layout
2.2.1 Title Bar The title bar provides some icons in the upper right corner. The icons provide the following functions. Table 2 Web Configurator Icons in the Title Bar ICON DESCRIPTION Language: Select the language you prefer. VMG8924-B10A User’s Guide...
Page 28: Main Window
If you click Virtual Device on the StatusSystem Info screen, a visual graphic appears, showing the connection status of the Device’s ports. The connected ports are in color and disconnected ports are gray. Figure 11 Virtual Device VMG8924-B10A User’s Guide...
Page 29: Navigation Panel
LAN VLAN Use this screen to control the VLAN ID and IEEE 802.1p priority tags of traffic sent out through individual LAN ports. Wake on Lan Use this screen to remotely turn on a device on the network. VMG8924-B10A User’s Guide...
Page 30 Use this screen to enable specific traffic directions for network services. Use this screen to activate protection against Denial of Service (DoS) attacks. MAC Filter Use this screen to block or allow traffic from devices of certain MAC addresses to the Device. VMG8924-B10A User’s Guide...
Page 31 Use this screen to view the status of all IGMP settings on the Device. Group Status xDSL Statistics Use this screen to view the Device’s xDSL traffic statistics. 3G Statistics Use this screen to look at 3G Internet connection status. Maintenance VMG8924-B10A User’s Guide...
Page 32 Use this screen to configure CFM (Connectivity Fault Management) MD (maintenance domain) and MA (maintenance association), perform connectivity tests and view test reports. OAM Ping Use this screen to view information to help you identify problems with the DSL connection. VMG8924-B10A User’s Guide...
Page 33: Quick Start
The Quick Start Wizard appears automatically after login. Or you can click the Click Start icon in the top right corner of the web configurator to open the quick start screens. Select the time zone of the Device’s location and click Next. Figure 12 Time Zone VMG8924-B10A User’s Guide...
Page 34 Turn the wireless LAN on or off. If you keep it on, record the security settings so you can configure your wireless clients to connect to the Device. Click Save. Figure 14 Internet Connection Your Device saves your settings and attempts to connect to the Internet. VMG8924-B10A User’s Guide...
Page 35: Technical Reference
Technical Reference...
Page 37: Network Map And Status Screens
4.2 The Network Map Screen Use this screen to view the network connection status of the device and its clients. A warning message appears if there is a connection problem. Figure 15 Network Map: Icon View Mode VMG8924-B10A User’s Guide...
Page 38: The Status Screen
Device to update this screen in Refresh interval. Figure 16 Network Map: List View Mode 4.3 The Status Screen Use this screen to view the status of the Device. Click Status to open this screen. Figure 17 Status Screen VMG8924-B10A User’s Guide...
Page 39 Device starts up when you plug it in, when you restart it (Maintenance > Reboot), or when you reset it. Current Date/ This field displays the current date and time in the Device. You can change this in Time Maintenance> Time Setting. System Resource VMG8924-B10A User’s Guide...
Page 40 If the SIP account is not registered with the SIP server, the Account Status field displays Not Registered. Click Register to have the Device attempt to register the SIP account with the SIP server. The button is grayed out if the SIP account is disabled. VMG8924-B10A User’s Guide...
Page 41 This column displays the service provider name and SIP number for each SIP account. This field displays the account number and service domain of the SIP account. You can change these in the VoIP > SIP screens. VMG8924-B10A User’s Guide...
Page 42 Chapter 4 Network Map and Status Screens VMG8924-B10A User’s Guide...
Page 43: Broadband
• Use the Broadband screen to view, remove or add a WAN interface. You can also configure the WAN settings on the Device for Internet access (Section 5.2 on page 47). • Use the 3G Backup screen to configure 3G WAN connection (Section 5.3 on page 57). VMG8924-B10A User’s Guide...
Page 44: What You Need To Know
WAN connection to the Internet, you need to use the same encapsulation method used by your ISP (Internet Service Provider). If your ISP offers a dial-up Internet connection using PPPoE (PPP over Ethernet), they should also provide a username and password (and service name) for user authentication. VMG8924-B10A User’s Guide...
Page 45 The 128-bit IPv6 address is written as eight 16-bit hexadecimal blocks separated by colons (:). This is an example IPv6 address 2001:0db8:1a2b:0015:0000:0000:1a2f:0000. IPv6 addresses can be abbreviated in two ways: • Leading zeros in a block can be omitted. So 2001:0db8:1a2b:0015:0000:0000:1a2f:0000 can be written as 2001:db8:1a2b:15:0:0:1a2f:0. VMG8924-B10A User’s Guide...
Page 46 IPv4 services. The Device uses it’s configured IPv4 WAN IP to route IPv4 traffic to the IPv4 Internet. Figure 20 IPv6 Rapid Deployment - IPv6 - IPv4 - IPv4 - IPv6 in IPv4 ISP (IPv4) IPv6 Internet IPv6 in IPv4 IPv4 IPv6 IPv4 IPv4 Internet VMG8924-B10A User’s Guide...
Page 47: Before You Begin
Use this screen to change your Device’s Internet access settings. Click Network Setting > Broadband from the menu. The summary table shows you the configured WAN services (connections) on the Device. Figure 22 Network Setting > Broadband VMG8924-B10A User’s Guide...
Page 48 This shows whether Multicast Listener Discovery (MLD) is activated or not for this connection. MLD is not available when the connection uses the bridging service. Modify Click the Edit icon to configure the WAN connection. Click the Delete icon to remove the WAN connection. VMG8924-B10A User’s Guide...
Page 49: Add/Edit Internet Connection
Table 7 Network Setting > Broadband > Add New WAN Interface/Edit (Routing Mode) LABEL DESCRIPTION General Active Select this to activate the WAN configuration settings. Name Specify a descriptive name for this connection. Type Select whether it is an ADSL/VDSL over PTM, ADSL over ATM connection or Ethernet. VMG8924-B10A User’s Guide...
Page 50 Divide the DSL line rate (bps) by 424 (the size of an ATM cell) to find the Peak Cell Rate (PCR). This is the maximum rate at which the sender can send cells. Type the PCR here.This field is not available when you select UBR Without PCR. VMG8924-B10A User’s Guide...
Page 51 Select this option If the ISP assigned a fixed IP address. Address IP Address Enter the static IP address provided by your ISP. Subnet Enter the subnet mask provided by your ISP. Mask Gateway IP Enter the gateway IP address provided by your ISP. Address VMG8924-B10A User’s Guide...
Page 52 Enter an IPv6 prefix for tunneling IPv6 traffic to the ISP’s border relay router and connecting to the native IPv6 Internet. IPv6 Address (This is available only when you select IPv6/IPv4 DualStack or IPv6 Only in the IPv6/IPv4 Mode field.) VMG8924-B10A User’s Guide...
Page 53 Enter the rate limit for the connection. This is the maximum transmission rate allowed for traffic on this connection. WAN Outgoing Select Enable and enter a DSCP (DiffServ Code Point) value to have the Device add it in the Default Tag packets sent by this WAN interface. VMG8924-B10A User’s Guide...
Page 54: Bridge Mode
NAT on traffic from the selected LAN port(s). VLAN This section is available only when you select ADSL/VDSL over PTM in the Type field. Active Select this to add the VLAN Tag (specified below) to the outgoing traffic through this connection. VMG8924-B10A User’s Guide...
Page 55 Select this to activate the WAN configuration settings. Name Enter a service name of the connection. Type Select ADSL over ATM as the interface for which you want to configure here. The Device uses the ADSL technology for data transmission over the DSL port. VMG8924-B10A User’s Guide...
Page 56 Maximum Burst Size (MBS) refers to the maximum number of cells that can be sent at the Size peak rate. Type the MBS, which is less than 65535. This field is available only when you select Non Realtime VBR or Realtime VBR. VMG8924-B10A User’s Guide...
Page 57: The 3G Backup Screen
WAN connection. The Device automatically uses a wired WAN connection when available. Note: This Device supports connecting one 3G dongle at a time. Figure 26 Internet Access Application: 3G WAN Use this screen to configure your 3G settings. Click Network Setting > Broadband > 3G Backup. VMG8924-B10A User’s Guide...
Page 58 Select this to have the Device ping the particular host name or IP address you typed in this field. 3G Connection Settings Card This field displays the manufacturer and model name of your 3G card if you inserted one in description the Device. Otherwise, it displays N/A. VMG8924-B10A User’s Guide...
Page 59 Maintenance > Email Notification screen. 3G backup Type a title that you want to be in the subject line of the e-mail notifications that the Device Send Email sends. Title VMG8924-B10A User’s Guide...
Page 60 Select Keep to maintain an existing 3G connection or Drop to disconnect it. connection Actions Enable Email Select this to enable the e-mail notification function. The Device will e-mail you a Notification notification when there over budget occurs. VMG8924-B10A User’s Guide...
Page 61: The Advanced Screen
However, enabling PhyR US can decrease the US line rate. Enabling or disabling PhyR will require the CPE to retrain. For PhyR to function, the DSLAM must also support PhyR and have it enabled. VMG8924-B10A User’s Guide...
Page 62: The 802.1X Screen
This shows the Trusted CA used for this authentication. This displays N/A when there is no Trusted CA assigned. Apply Click Apply to save your changes back to the Device. Cancel Click Cancel to return to the previous configuration. VMG8924-B10A User’s Guide...
Page 63: Edit 802.1X Settings
Click Network Setting > Broadband > Wan Status to open this screen. Use this screen to query and view the historical traffic transmission rate for a WAN interface in a bar chart. N/A displays if the specified WAN interface was disconnected at that time. VMG8924-B10A User’s Guide...
Page 64: Technical Reference
When the Device is in routing mode, it supports the following methods. IP over Ethernet IP over Ethernet (IPoE) is an alternative to PPPoE. IP packets are being delivered across an Ethernet network, without using PPP encapsulation. They are routed between the Ethernet interface VMG8924-B10A User’s Guide...
Page 65 In this case, by prior mutual agreement, each protocol is assigned to a specific virtual circuit; for example, VC1 carries IP, etc. VC-based multiplexing may be dominant in environments where dynamic creation of large numbers of ATM VCs is fast and economical. LLC-based Multiplexing VMG8924-B10A User’s Guide...
Page 66 These are the basic ATM traffic classes defined by the ATM Forum Traffic Management 4.0 Specification. Constant Bit Rate (CBR) Constant Bit Rate (CBR) provides fixed bandwidth that is always available even if no data is being sent. CBR traffic is generally time-sensitive (doesn't tolerate delay). CBR is used for connections VMG8924-B10A User’s Guide...
Page 67 VLAN also increases network performance by limiting broadcasts to a smaller and more manageable logical broadcast domain. In traditional switched environments, all broadcast packets go to each and every individual port. With VLAN, all broadcasts are confined to a specific broadcast domain. VMG8924-B10A User’s Guide...
Page 68 IP address of www.zyxel.com is 204.217.0.2. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access The Device can get the DNS server addresses in the following ways. VMG8924-B10A User’s Guide...
Page 69 IPv6 prefix length specifies how many most significant bits (start from the left) in the address compose the network address. The prefix length is written as “/x” where x is a number. For example, 2001:db8:1a2b:15::1a2f:0/32 means that the first 32 bits (2001:db8) is the subnet prefix. VMG8924-B10A User’s Guide...
Page 70 Chapter 5 Broadband VMG8924-B10A User’s Guide...
Page 71: Wireless
• Use the Others screen to configure wireless advanced features, such as the RTS/CTS Threshold (Section 6.8 on page 89). • Use the Channel Status screen to scan wireless LAN channel noises and view the results (Section 6.9 on page 91). VMG8924-B10A User’s Guide...
Page 72: What You Need To Know
Device’s SSID, channel or security settings, you will lose your wireless connection when you press Apply to confirm. You must then change the wireless settings of your computer to match the Device’s new settings. VMG8924-B10A User’s Guide...
Page 73 However, 5 GHz signals do not penetrate solid objects like walls as well as 2.4 GHz signals can do. It is easy to get signal attenuation if there are many walls between the Device and a client. 5 GHz is used by IEEE 802.11a/n/ac wireless clients. VMG8924-B10A User’s Guide...
Page 74 Specify the maximum rate for upstream wireless traffic to the WAN from this WLAN in Bandwidth kilobits per second (Kbps). Max. Specify the maximum rate for downstream wireless traffic to this WLAN from the WAN in Downstream kilobits per second (Kbps). Bandwidth VMG8924-B10A User’s Guide...
Page 75: No Security
6.2.2 Basic (WEP Encryption) WEP encryption scrambles the data transmitted between the wireless stations and the access points (AP) to keep network communications private. Both the wireless stations and the access points must use the same WEP key. VMG8924-B10A User’s Guide...
Page 76 If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal characters ("0-9", "A-F"). If you chose 128-bit WEP, then enter 13 ASCII characters or 26 hexadecimal characters ("0-9", "A-F"). You must configure at least one password, only one password can be activated at any one time. VMG8924-B10A User’s Guide...
Page 77 DESCRIPTION more.../less Click more... to show more fields in this section. Click less to hide them. WEP Encryption Select 64-bits or 128-bits. This dictates the length of the security key that the network is going to use. VMG8924-B10A User’s Guide...
Page 78: More Secure (Wpa(2)-Psk)
Click more... to show more fields in this section. Click less to hide them. WPA-PSK This field appears when you choose WPA-PSK2 as the Security Mode. Compatible Check this field to allow wireless devices using WPA-PSK security mode to connect to your Device. The Device supports WPA-PSK and WPA2-PSK simultaneously. VMG8924-B10A User’s Guide...
Page 79: Wpa(2) Authentication
The following table describes the labels in this screen. Table 19 Wireless > General: More Secure: WPA(2) LABEL DESCRIPTION Security Level Select More Secure to enable WPA(2)-PSK data encryption. Security Mode Choose WPA or WPA2 from the drop-down list box. VMG8924-B10A User’s Guide...
Page 80: The More Ap Screen
This screen allows you to enable and configure multiple Basic Service Sets (BSSs) on the Device. Click Network Setting > Wireless > More AP. The following screen displays. Figure 38 Network Setting > Wireless > More AP VMG8924-B10A User’s Guide...
Page 81 If Home Guest displays, clients can connect to each other directly. If External Guest displays, clients are blocked from connecting to each other directly. N/A displays if guest WLAN is disabled. Modify Click the Edit icon to configure the SSID profile. VMG8924-B10A User’s Guide...
Page 82: Edit More Ap
Table 21 Network Setting > Wireless > More AP > Edit LABEL DESCRIPTION Wireless Network Setup Wireless You can Enable or Disable the wireless LAN in this field. Passphrase Passphrase type cannot be changed. The default is None. Type Wireless Network Settings VMG8924-B10A User’s Guide...
Page 83 Or you can select No Security to allow any client to associate this network without any data encryption or authentication. Section 6.2.1 on page 75 for more details about this field. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 84: Mac Authentication
This is the MAC addresses of the wireless devices that are allowed or denied access to the Device. Delete Click the Delete icon to delete the entry. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 85: The Wps Screen
Note: You must press the other wireless device’s WPS button within two minutes of pressing this button. Method 2 Use this section to set up a WPS wireless network by entering the PIN of the client into the Device. VMG8924-B10A User’s Guide...
Page 86: The Wmm Screen
The AP buffers the packets sent to the Device Delivery until the Device "wakes up". The Device wakes up periodically to check for incoming data. Note: Note: This works only if the wireless device to which the Device is connected also supports this feature. VMG8924-B10A User’s Guide...
Page 87: The Wds Screen
Note: At the time of writing, WDS is compatible with other ZyXEL APs only. Not all models support WDS links. Check your other AP’s documentation. Click Network Setting > Wireless > WDS. The following screen displays. Figure 43 Network Setting > Wireless > WDS VMG8924-B10A User’s Guide...
Page 88: Wds Scan
You can click the Scan icon in Wireless > WDS to have the Device automatically search and display the available APs within range. Select an AP and click Apply to have the Device establish a wireless link with the selected wireless device. Figure 44 WDS: Scan VMG8924-B10A User’s Guide...
Page 89: The Others Screen
Data with its frame size larger than this value will perform the RTS (Request To Send)/CTS Threshold (Clear To Send) handshake. Enter a value between 0 and 2347. Fragmentation This is the maximum data fragment size that can be sent. Enter a value between 256 and Threshold 2346. VMG8924-B10A User’s Guide...
Page 90 Select Enable for higher speeds, especially if you have both IEEE 802.11b and IEEE Technology 802.11g wireless clients. The wireless clients do not have to support XPress™ Technology, although the performance enhancement is greater if they do. Select Disabled to disable this feature. VMG8924-B10A User’s Guide...
Page 91: The Channel Status Screen
Time for last scan field shows how long ago this screen was updated. Figure 46 Network Setting > Wireless > Channel Status 6.10 Technical Reference This section discusses wireless LANs in depth. For more information, see Appendix D on page 367. VMG8924-B10A User’s Guide...
Page 92: Wireless Network Overview
Device is the AP. Every wireless network must follow these basic guidelines. • Every device in the same wireless network must use the same SSID. The SSID is the name of the wireless network. It stands for Service Set IDentifier. VMG8924-B10A User’s Guide...
Page 93: Additional Wireless Terms
(malicious software) intended to compromise the network. For these reasons, a variety of security systems have been developed to ensure that only authorized people can use a wireless data network, or understand the data carried on it. VMG8924-B10A User’s Guide...
Page 94 Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks. These kinds of wireless devices might not have MAC addresses. Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F. VMG8924-B10A User’s Guide...
Page 95 When you select WPA2 or WPA2-PSK in your Device, you can also select an option (WPA compatible) to support WPA as well. In this case, if some of the devices support WPA and some VMG8924-B10A User’s Guide...
Page 96: Signal Problems
A and B can access the wired network and communicate with each other. When Intra-BSS traffic blocking is enabled, wireless station A and B can still access the wired network but cannot communicate with each other. Figure 48 Basic Service set VMG8924-B10A User’s Guide...
Page 97: Mbssid
The following figure illustrates how WDS link works between APs. Notebook computer A is a wireless client connecting to access point AP 1. AP 1 has no wired Internet connection, but it can VMG8924-B10A User’s Guide...
Page 98: Wifi Protected Setup (Wps)
(SSID) and security key through an secure connection to the enrollee. If you need to make sure that WPS worked, check the list of associated wireless clients in the AP’s configuration utility. If you see the wireless client in the list, WPS was successful. VMG8924-B10A User’s Guide...
Page 99 On a computer connected to the wireless client, try to connect to the Internet. If you can connect, WPS was successful. If you cannot connect, check the list of associated wireless clients in the AP’s configuration utility. If you see the wireless client in the list, WPS was successful. VMG8924-B10A User’s Guide...
Page 100 WPA-PSK or WPA2-PSK pre-shared key to the enrollee. Whether WPA-PSK or WPA2-PSK is used depends on the standards supported by the devices. If the registrar is already part of a network, it sends the existing information. If not, it generates the SSID and WPA(2)-PSK randomly. VMG8924-B10A User’s Guide...
Page 101 This section shows how security settings are distributed in an example WPS setup. The following figure shows an example network. In step 1, both AP1 and Client 1 are unconfigured. When WPS is activated on both, they perform the handshake. In this example, AP1 VMG8924-B10A User’s Guide...
Page 102 (it already has security information for the network). AP1 supplies the existing security information to Client 2. Figure 53 WPS: Example Network Step 2 REGISTRAR EXISTING CONNECTION CLIENT 1 ENROLLEE CLIENT 2 VMG8924-B10A User’s Guide...
Page 103 (if the device supports this feature). Then, you can enter the key into the non-WPS device and join the network as normal (the non-WPS device must also support WPA-PSK or WPA2-PSK). VMG8924-B10A User’s Guide...
Page 104 Check the MAC addresses of your wireless clients (usually printed on a label on the bottom of the device). If there is an unknown MAC address you can remove it or reset the AP. VMG8924-B10A User’s Guide...
Page 105: Home Networking
• Use the LAN VLAN screen to control the VLAN ID and IEEE 802.1p priority tags of traffic sent out through individual LAN ports (Section 7.10 on page 124). • Use the Wake on Lan screen to remotely turn on a device on the network. (Section 7.11 on page 125). VMG8924-B10A User’s Guide...
Page 106: What You Need To Know
UPnP devices and enable exchange of simple product and service descriptions. NAT traversal allows the following: • Dynamic port mapping • Learning public IP addresses VMG8924-B10A User’s Guide...
Page 107: Before You Begin
This will become the IP address of your Device. Enter the IP subnet mask into the IP Subnet Mask field. Unless instructed otherwise it is best to leave this alone, the configurator will automatically compute a subnet mask based upon the IP address you entered. VMG8924-B10A User’s Guide...
Page 108 Select Disable to stop the DHCP server on the Device. Select DHCP Relay to have the Device forward DHCP request to the DHCP server. DHCP Relay This field is only available when you select DHCP Relay in the DHCP field. Server Address VMG8924-B10A User’s Guide...
Page 109 LAN IPv6 address. An IPv6 prefix length specifies how many most significant bits (starting from the left) in the address compose the network address. This field displays the bit number of the IPv6 subnet mask. VMG8924-B10A User’s Guide...
Page 110 IPv4 DNS Server First: The Device forwards the requests to the IPv4 DNS server first and then the IPv6 DNS server. Then it sends clients the first DNS information it receives. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. VMG8924-B10A User’s Guide...
Page 111: The Static Dhcp Screen
If you click Add new static lease in the Static DHCP screen or the Edit icon next to a static DHCP entry, the following screen displays. Figure 57 Static DHCP: Add/Edit VMG8924-B10A User’s Guide...
Page 112: The Upnp Screen
UPnP. Use the following screen to configure the UPnP settings on your Device. Click Network Setting > Home Networking > UPnP to display the screen shown next. Figure 58 Network Setting > Home Networking > UPnP VMG8924-B10A User’s Guide...
Page 113: Installing Upnp In Windows Example
This section shows how to install UPnP in Windows Me and Windows XP. Installing UPnP in Windows Me Follow the steps below to install the UPnP in Windows Me. Click Start and Control Panel. Double-click Add/Remove Programs. VMG8924-B10A User’s Guide...
Page 114 Click on the Windows Setup tab and select Communication in the Components selection box. Click Details. Add/Remove Programs: Windows Setup: Communication In the Communications window, select the Universal Plug and Play check box in the Components selection box. Add/Remove Programs: Windows Setup: Communication: Components VMG8924-B10A User’s Guide...
Page 115 In the Network Connections window, click Advanced in the main menu and select Optional Networking Components …. Network Connections The Windows Optional Networking Components Wizard window displays. Select Networking Service in the Components selection box and click Details. Windows Optional Networking Components Wizard VMG8924-B10A User’s Guide...
Page 116: Using Upnp In Windows Xp Example
Make sure the computer is connected to a LAN port of the Device. Turn on your computer and the Device. Auto-discover Your UPnP-enabled Network Device Click Start and Control Panel. Double-click Network Connections. An icon displays under Internet Gateway. VMG8924-B10A User’s Guide...
Page 117 Chapter 7 Home Networking Right-click the icon and select Properties. Network Connections In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created. Internet Connection Properties VMG8924-B10A User’s Guide...
Page 118 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. Select Show icon in notification area when connected option and click OK. An icon displays in the system tray. System Tray Icon VMG8924-B10A User’s Guide...
Page 119 Device first. This comes helpful if you do not know the IP address of the Device. Follow the steps below to access the web configurator. Click Start and then Control Panel. Double-click Network Connections. VMG8924-B10A User’s Guide...
Page 120 Select My Network Places under Other Places. Network Connections An icon with the description for each UPnP-enabled device displays under Local Network. Right-click on the icon for your Device and select Invoke. The web configurator login screen displays. Network Connections: My Network Places VMG8924-B10A User’s Guide...
Page 121 Chapter 7 Home Networking Right-click on the icon for your Device and select Properties. A properties window displays with basic information about the Device. Network Connections: My Network Places: Properties: Example VMG8924-B10A User’s Guide...
Page 122: The Additional Subnet Screen
Select the checkbox to enable the Public LAN feature. Your ISP must support Public LAN and Static IP. IP Address Enter the public IP address provided by your ISP. IP Subnet Mask Enter the public IP subnet mask provided by your ISP. VMG8924-B10A User’s Guide...
Page 123: The Stb Vendor Id Screen
If you use a DSL connection, you can configure your Ethernet WAN port as an extra LAN port. This Gigabit Ethernet port provides faster transmission speeds. Click Network Setting > Home Networking > 5th Ethernet Port to open this screen. VMG8924-B10A User’s Guide...
Page 124: The Lan Vlan Screen
Click Network Setting > Home Networking > LAN VLAN to open this screen. Use this screen to control the VLAN ID and IEEE 802.1p priority tags of traffic sent out through individual LAN ports. Figure 62 Network Setting > Home Networking > LAN VLAN VMG8924-B10A User’s Guide...
Page 125: The Wake On Lan Screen
MAC Address Enter the MAC address of the device to turn it on. A MAC address consists of six hexadecimal character pairs. Wake up Click this to send a wake up packet to wake up the specified device. VMG8924-B10A User’s Guide...
Page 126: Technical Reference
• The ISP tells you the DNS server addresses, usually in the form of an information sheet, when you sign up. If your ISP gives you DNS server addresses, enter them in the DNS Server fields in the DHCP Setup screen. VMG8924-B10A User’s Guide...
Page 127: Lan Tcp/Ip
Internet, for example, only between your two branch offices, you can assign any IP addresses to the hosts without problems. However, the Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of IP addresses specifically for private networks: • 10.0.0.0 — 10.255.255.255 • 172.16.0.0 — 172.31.255.255 • 192.168.0.0 — 192.168.255.255 VMG8924-B10A User’s Guide...
Page 128 Note: Regardless of your particular situation, do not create an arbitrary IP address; always follow the guidelines above. For more information on address assignment, please refer to RFC 1597, “Address Allocation for Private Internets” and RFC 1466, “Guidelines for Management of IP Address Space”. VMG8924-B10A User’s Guide...
Page 129: Routing
ISP behind router R2. You create another static route to communicate with a separate network behind a router R3 connected to the LAN. Figure 65 Example of Routing Topology VMG8924-B10A User’s Guide...
Page 130: The Routing Screen
Click the Edit icon to edit the static route on the Device. Click the Delete icon to remove a static route from the Device. A window displays asking you to confirm that you want to delete the route. VMG8924-B10A User’s Guide...
Page 131: Add/Edit Static Route
Enter the IP address of the gateway. Address Use Interface Select the WAN interface you want to use for this static route. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 132: The Dns Route Screen
8.3.1 The DNS Route Add Screen You can manually add the Device’s DNS route entry. Click Add new DNS Route in the Network Setting > Routing > DNS Route screen. The screen shown next appears. Figure 69 DNS Route Add VMG8924-B10A User’s Guide...
Page 133: The Policy Forwarding Screen
This is the name of the rule. Source IP This is the source IP address. Source Subnet his is the source subnet mask address. Mask Protocol This is the transport layer protocol. Source Port This is the source port number. VMG8924-B10A User’s Guide...
Page 134: Add/Edit Policy Forwarding
Select a WAN interface through which the traffic is sent. You must have the WAN interface(s) already configured in the Broadband screens. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 135: Rip
Select Active to have the Device advertise its route information and also listen for routing updates from neighboring routers. Enabled Select the check box to activate the settings. Apply Click Apply to save your changes back to the Device. VMG8924-B10A User’s Guide...
Page 136 Chapter 8 Routing VMG8924-B10A User’s Guide...
Page 137: Quality Of Service (Qos)
QoS versus Cos QoS is used to prioritize source-to-destination traffic flows. All packets in the same flow are given the same priority. CoS (class of service) is a way of managing traffic in a network by grouping VMG8924-B10A User’s Guide...
Page 138 Time Time (Before Traffic Policing) (After Traffic Policing) The Device supports three incoming traffic metering algorithms: Token Bucket Filter (TBF), Single Rate Two Color Maker (srTCM), and Two Rate Two Color Marker (trTCM). You can specify actions VMG8924-B10A User’s Guide...
Page 139: The Quality Of Service General Screen
You can also set this number lower than the interfaces’ actual transmission speed. This will cause the Device to not use some of the interfaces’ available bandwidth. If you leave this field blank, the Device automatically sets this number to be 95% of the WAN interfaces’ actual upstream transmission speed. VMG8924-B10A User’s Guide...
Page 140: The Queue Setup Screen
9.4 The Queue Setup Screen Click Network Setting > QoS > Queue Setup to open the screen as shown next. Use this screen to configure QoS queue assignment. Figure 74 Network Setting > QoS > Queue Setup VMG8924-B10A User’s Guide...
Page 141: Adding A Qos Queue
DESCRIPTION Active Select to enable or disable this queue. Name Enter the descriptive name of this queue. Interface Select the interface to which this queue is applied. This field is read-only if you are editing the queue. VMG8924-B10A User’s Guide...
Page 142: The Class Setup Screen
This is the name of the classifier. Classification This shows criteria specified in this classifier, for example the interface from which Criteria traffic of this class should come and the source MAC address of traffic that matches this classifier. VMG8924-B10A User’s Guide...
Page 143 This is the name of the queue in which traffic of this classifier is put. Modify Click the Edit icon to edit the classifier. Click the Delete icon to delete an existing classifier. Note that subsequent rules move up by one when you take this action. VMG8924-B10A User’s Guide...
Page 144: Add/Edit Qos Class
Chapter 9 Quality of Service (QoS) 9.5.1 Add/Edit QoS Class Click Add new Classifier in the Class Setup screen or the Edit icon next to a classifier to open the following screen. Figure 77 Class Setup: Add/Edit VMG8924-B10A User’s Guide...
Page 145 For example, if you set the MAC address to 00:13:49:00:00:00 and the mask to ff:ff:ff:00:00:00, a packet with a MAC address of 00:13:49:12:34:56 matches this criteria. Exclude Select this option to exclude the packets that match the specified criteria from this classifier. Others VMG8924-B10A User’s Guide...
Page 146 If you select Unchange, the Device keep the VLAN ID in the packets. Forward to Select a WAN interface through which traffic of this class will be forwarded out. If you select Interface Unchange, the Device forward traffic of this class according to the default routing table. VMG8924-B10A User’s Guide...
Page 147: The Qos Policer Setup Screen
This shows the how the policer has the Device treat different types of traffic belonging to the policer’s member QoS classes. Modify Click the Edit icon to edit the policer. Click the Delete icon to delete an existing policer. Note that subsequent rules move up by one when you take this action. VMG8924-B10A User’s Guide...
Page 148: Add/Edit A Qos Policer
(red-marked packets). Action • Drop: Discard the packets. • DSCP Mark: Change the DSCP mark value of the packets. Enter the DSCP mark value to use. The packets may be dropped if there is congestion on the network. VMG8924-B10A User’s Guide...
Page 149: The Qos Monitor Screen
Pass Rate This shows how many packets forwarded to this interface are transmitted successfully. Drop Rate This shows how many packets forwarded to this interface are dropped. Queue Monitor This is the index number of the entry. VMG8924-B10A User’s Guide...
Page 150: Technical Reference
DiffServ (Differentiated Services) is a class of service (CoS) model that marks packets so that they receive specific per-hop treatment at DiffServ-compliant network devices along the route based on the application types and traffic flow. Packets are marked with DiffServ Code Points (DSCPs) VMG8924-B10A User’s Guide...
Page 151 Table 55 Internal Layer2 and Layer3 QoS Mapping LAYER 2 LAYER 3 PRIORITY IEEE 802.1P USER QUEUE PRIORITY TOS (IP IP PACKET DSCP (ETHERNET PRECEDENCE) LENGTH (BYTE) PRIORITY) 000000 000000 >1100 001110 250~1100 001100 001010 001000 VMG8924-B10A User’s Guide...
Page 152 • Holds it in the queue until enough tokens are available in the bucket. In traffic policing: • Drops it. • Transmits it but adds a DSCP mark. The Device may drop these marked packets if the network is overloaded. VMG8924-B10A User’s Guide...
Page 153 The trTCM is based on the token bucket filter and has two token buckets (Committed Burst Size (CBS) and Peak Burst Size (PBS)). Tokens are generated and added into the two buckets at the CIR and PIR respectively. VMG8924-B10A User’s Guide...
Page 154 • If the PBS bucket has enough tokens, the Device checks the CBS bucket. The packet is marked green and can be transmitted if the number of tokens in the CBS bucket is equal to or greater than the size of the packet (in bytes). Otherwise, the packet is marked yellow. VMG8924-B10A User’s Guide...
Page 155: Network Address Translation (Nat)
IP address of a host when the packet is in the local network, while the global address refers to the IP address of the host when the same packet is traveling in the WAN side. VMG8924-B10A User’s Guide...
Page 156: The Port Forwarding Screen
Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a VMG8924-B10A User’s Guide...
Page 157 This is the first external port number that identifies a service. End Port This is the last external port number that identifies a service. Translation This is the first internal port number that identifies a service. Start Port VMG8924-B10A User’s Guide...
Page 158: Add/Edit Port Forwarding
You must have already configured a WAN connection with NAT enabled. WAN IP Enter the WAN IP address for which the incoming service is destined. If the packet’s destination IP address doesn’t match the one specified here, the port forwarding rule will not be applied. VMG8924-B10A User’s Guide...
Page 159: The Applications Screen
This screen provides a summary of all NAT applications and their configuration. In addition, this screen allows you to create new applications and/or remove existing ones. To access this screen, click Network Setting > NAT > Applications. The following screen appears. Figure 84 Network Setting > NAT > Applications VMG8924-B10A User’s Guide...
Page 160: Add New Application
View Rule Click this to display the configuration of the service that you have chosen in Application Fowarded. Click OK to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 161: The Port Triggering Screen
Only Jane can connect to the Real Audio server until the connection is closed or times out. The Device times out in three minutes with UDP (User Datagram Protocol) or two hours with TCP/IP (Transfer Control Protocol/Internet Protocol). VMG8924-B10A User’s Guide...
Page 162 This is the last port number that identifies a service. Open Proto. This is the open transport layer protocol. Modify Click the Edit icon to edit this rule. Click the Delete icon to delete an existing rule. VMG8924-B10A User’s Guide...
Page 163: Add/Edit Port Triggering Rule
Type a port number or the ending port number in a range of port numbers. Open Protocol Select the transport layer protocol from TCP, UDP, or TCP/UDP. Click OK to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 164: The Dmz Screen
Device is behind a SIP ALG. Use this screen to enable and disable the NAT and SIP (VoIP) ALG in the Device. To access this screen, click Network Setting > NAT > ALG. Figure 90 Network Setting > NAT > ALG VMG8924-B10A User’s Guide...
Page 165: The Address Mapping Screen
IP address from your ISP. You can only do this for the Many-to-One mapping type. Global End IP This is the ending Inside Global IP Address (IGA). This field is blank for One-to-One and Many-to-One mapping types. VMG8924-B10A User’s Guide...
Page 166: Add/Edit Address Mapping Rule
End IP address. This field is blank for One-to-One mapping types. Global Start IP Enter the starting Inside Global IP Address (IGA). Enter 0.0.0.0 here if you have a dynamic IP address from your ISP. You can only do this for the Many-to-One mapping type. VMG8924-B10A User’s Guide...
Page 167: The Address Mapping Screen
Click the Edit icon to go to the screen where you can edit the address mapping rule. Click the Delete icon to delete an existing address mapping rule. Note that subsequent address mapping rules move up by one when you take this action. VMG8924-B10A User’s Guide...
Page 168: The Sessions Screen
IP address of a host when the packet is in the local network, while the global address refers to the IP address of the host when the same packet is traveling in the WAN side. VMG8924-B10A User’s Guide...
Page 169: What Nat Does
Many-to-Many Overload mapping), NAT offers the additional benefit of firewall protection. With no servers defined, your Device filters out all incoming inquiries, thus preventing intruders from probing your network. For more information on IP address translation, refer to RFC 1631, The IP Network Address Translator (NAT). VMG8924-B10A User’s Guide...
Page 170: How Nat Works
Figure 95 How NAT Works NAT Table Inside Local Inside Global IP Address IP Address 192.168.1.10 IGA 1 192.168.1.13 192.168.1.11 IGA 2 192.168.1.12 IGA 3 192.168.1.13 IGA 4 192.168.1.12 192.168.1.10 IGA1 Inside Local Inside Global Address (ILA) Address (IGA) 192.168.1.11 192.168.1.10 VMG8924-B10A User’s Guide...
Page 171: Nat Application
SMTP (Simple Mail Transfer Protocol) DNS (Domain Name System) Finger HTTP (Hyper Text Transfer protocol or WWW, Web) POP3 (Post Office Protocol) NNTP (Network News Transport Protocol) SNMP (Simple Network Management Protocol) SNMP trap PPTP (Point-to-Point Tunneling Protocol) 1723 VMG8924-B10A User’s Guide...
Page 172 (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 97 Multiple Servers Behind NAT Example A=192.168.1.33 192.168.1.1 B=192.168.1.34 IP address assigned by ISP C=192.168.1.35 D=192.168.1.36 VMG8924-B10A User’s Guide...
Page 173: Dynamic Dns Setup
• Use the DNS Entry screen to view, configure, or remove DNS routes (Section 11.2 on page 174). • Use the Dynamic DNS screen to enable DDNS and configure the DDNS settings on the Device (Section 11.3 on page 175). VMG8924-B10A User’s Guide...
Page 174: What You Need To Know
This indicates the host name or domain name. IP Address This indicates the IP address assigned to this computer. Modify Click the Edit icon to edit the rule. Click the Delete icon to delete an existing rule. VMG8924-B10A User’s Guide...
Page 175: Add/Edit Dns Entry
Click Cancel to exit this screen without saving. 11.3 The Dynamic DNS Screen Use this screen to change your Device’s DDNS. Click Network Setting > DNS > Dynamic DNS. The screen appears as shown. Figure 100 Network Setting > DNS > Dynamic DNS VMG8924-B10A User’s Guide...
Page 176 If you select TZO in the Service Provider field, enter the password you used to register for this service. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 177: Interface Group
If you set the Device to assign IP addresses based on the client’s DHCP Vendor ID option information, you must enable DHCP server and configure LAN TCP/IP settings for both the default and user-defined groups. See Chapter 7 on page for more information. VMG8924-B10A User’s Guide...
Page 178: Interface Group Configuration
Click this button to create a new group. 12.2.1 Interface Group Configuration Click the Add New Interface Group button in the Interface Group screen to open the following screen. Use this screen to create a new interface group. VMG8924-B10A User’s Guide...
Page 179 Click Add to identify LAN hosts to add to the interface group by criteria such as the type of Add Clients the hardware or firmware. See Section 12.2.2 on page 180 for more information. With the following DHCP Vendor IDs VMG8924-B10A User’s Guide...
Page 180: Interface Grouping Criteria
Select this option and enter the Vendor Class Identifier (Option 60) of the matched traffic, such as the type of the hardware or firmware. Enable Select this option to be able to use wildcards in the Vendor Class Identifier configured for wildcard on DHCP option 60. DHCP option 60 option VMG8924-B10A User’s Guide...
Page 181 Enter the model name of the device. Name Serial Enter the serial number of the device. Number Apply Click Apply to save your changes back to the Device. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 182 Chapter 12 Interface Group VMG8924-B10A User’s Guide...
Page 183: Usb Service
(Section 13.3 on page 188). • Use the Printer Server screen to enable the print server (Section 13.4 on page 189). 13.1.2 What You Need To Know The following terms and concepts may help as you read this chapter. VMG8924-B10A User’s Guide...
Page 184 A port maps a network service such as http to a process running on your computer, such as a process run by your web browser. When traffic from the Internet is received on your computer, the port number is used to identify which process running on your computer it is intended for. VMG8924-B10A User’s Guide...
Page 185: Before You Begin
USB hard drive that comes with an external power supply, make sure it is connected to an appropriate power source that is on. Note: If your USB device cannot be detected by the Device, see the troubleshooting for suggestions. VMG8924-B10A User’s Guide...
Page 186: The File Sharing Screen
This field shows the status of the share. : The share is not activated. : The share is activated and shared to all users. : The share is activated and only shared to the specified users listed in the Account Management section below. VMG8924-B10A User’s Guide...
Page 187: The Add New Share Screen
Select the volume where you want to create the share. Share Path Type in the location of the share or click the Browse button to locate the folder. Description Type more information to describe the share optionally. VMG8924-B10A User’s Guide...
Page 188: The Add New User Screen
The media server feature lets anyone on your network play video, music, and photos from the USB storage device connected to your Device (without having to copy them to another computer). The Device can function as a DLNA-compliant media server. The Device streams files to DLNA-compliant VMG8924-B10A User’s Guide...
Page 189: Printer Server
13.4.1 Before You Begin To configure the print server you need the following: • Your Device must be connected to your computer and any other devices on your network. The USB printer must be connected to your Device. VMG8924-B10A User’s Guide...
Page 190: The Printer Server Screen
System Printer This field shows the printer’s system name the Device has detected from one of the USB Name ports. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. VMG8924-B10A User’s Guide...
Page 191: Power Management
LEDs in one of the two screens. 14.2 The Power Management Screen Use this screen to manually turn on/off interface(s) or LEDs. Click Network Setting > Power Management > Power Management. The screen appears as shown. Figure 111 Network Setting > Power Management VMG8924-B10A User’s Guide...
Page 192: The Auto Switch Off Screen
This field shows whether this schedule applies to the corresponding LAN interface. This field shows whether this schedule applies to the LEDs. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. VMG8924-B10A User’s Guide...
Page 193: The Auto Switch Off Add/Edit Screen
Edit icon in the Network Setting > Power Management > Auto Switch Off > Add or modify rules screen. Figure 114 Network Setting > Power Management > Auto Switch Off > Add or modify rules > Add new rule/Edit VMG8924-B10A User’s Guide...
Page 194 For example, for a time period from 10:00 PM to the next day’s 8:00 AM, you can set one schedule for 22:00~23:59 and another schedule for 00:00~08:00. Description Enter more information for this rule here. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. VMG8924-B10A User’s Guide...
Page 195: Firewall
• Use the Access Control screen to view and configure incoming/outgoing filtering rules (Section 15.4 on page 199). • Use the DoS screen to activate protection against Denial of Service (DoS) attacks (.Section 15.5 on page 202). VMG8924-B10A User’s Guide...
Page 196: What You Need To Know
Stateful Packet Inspection (SPI) tracks each connection crossing the firewall and makes sure it is valid. Filtering decisions are based not only on rules but also context. For example, traffic from the WAN may only be allowed to cross the firewall in response to a request from the LAN. VMG8924-B10A User’s Guide...
Page 197: The Firewall Screen
You can configure customized services and port numbers in the Protocol screen. For a comprehensive list of port numbers and services, visit the IANA (Internet Assigned Number Authority) website. See Appendix F on page 389 for some examples. VMG8924-B10A User’s Guide...
Page 198: Add/Edit A Service
Use this screen to add a customized service rule that you can use in the firewall’s ACL rule configuration. Click Add new service entry or the edit icon next to an existing service rule in the Service screen to display the following screen. Figure 118 Service: Add/Edit VMG8924-B10A User’s Guide...
Page 199: The Access Control Screen
Table 88 Security > Firewall > Access Control LABEL DESCRIPTION Add new ACL Click this to go to add a filter rule for incoming or outgoing IP traffic. rule This is the index number of the entry. VMG8924-B10A User’s Guide...
Page 200: Add/Edit An Acl Rule
Click the Move To icon to change the order of the rule. Enter the number in the # field. 15.4.1 Add/Edit an ACL Rule Click Add new ACL rule or the Edit icon next to an existing ACL rule in the Access Control screen. The following screen displays. Figure 120 Access Control: Add/Edit VMG8924-B10A User’s Guide...
Page 201 Scheduler Rules Select a schedule rule for this ACL rule form the drop-down list box. You can configure a new schedule rule by click Add New Rule. This will bring you to the Security > Scheduler Rules screen. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 202: The Dos Screen
DoS Protection Select Enable to enable protection against DoS attacks. Blocking Deny Ping Select Enable to block ping request packets. Response Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 203: Mac Filter
16.2 The MAC Filter Screen Use this screen to allow wireless and LAN clients access to the Device. Click Security > MAC Filter. The screen appears as shown. Figure 122 Security > MAC Filter VMG8924-B10A User’s Guide...
Page 204 Device in these address fields. Enter the MAC addresses in a valid MAC address format, that is, six hexadecimal character pairs, for example, 12:34:56:78:9a:bc. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. VMG8924-B10A User’s Guide...
Page 205: Parental Control
A yellow bulb signifies that this rule is active. A gray bulb signifies that this rule is not active. PCP Name This shows the name of the rule. Home Network This shows the MAC address of the LAN user’s computer to which this rule applies. User (MAC) VMG8924-B10A User’s Guide...
Page 206: Add/Edit A Parental Control Rule
Use this screen to configure a restricted access schedule and/or URL filtering settings to block the users on your network from accessing certain web sites. Figure 124 Parental Control Rule: Add/Edit VMG8924-B10A User’s Guide...
Page 207 Click Add to show a screen to enter the URL of web site or URL keyword to which the Device URL Keyword blocks access. Click Delete to remove it. Apply Click this button to save your settings back to the Device. Cancel Click Cancel to restore your previously saved settings. VMG8924-B10A User’s Guide...
Page 208 Chapter 17 Parental Control VMG8924-B10A User’s Guide...
Page 209: Scheduler Rule
This shows the description of this rule. Modify Click the Edit icon to edit the schedule. Click the Delete icon to delete a scheduler rule. Note: You cannot delete a scheduler rule once it is applied to a certain feature. VMG8924-B10A User’s Guide...
Page 210: Add/Edit A Schedule
Enter the time period of each day, in 24-hour format, during which the rule will be enforced. Range Description Enter a description for this scheduler rule. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 211: Certificates
19.3 The Local Certificates Screen Click Security > Certificates to open the Local Certificates screen. This is the Device’s summary list of certificates and certification requests. Figure 127 Security > Certificates > Local Certificates VMG8924-B10A User’s Guide...
Page 212: Create Certificate Request
19.3.1 Create Certificate Request Click Security > Certificates > Local Certificates and then Create Certificate Request to open the following screen. Use this screen to have the Device generate a certification request. Figure 128 Create Certificate Request VMG8924-B10A User’s Guide...
Page 213: Load Signed Certificate
19.3.2 Load Signed Certificate After you create a certificate request and have it signed by a Certificate Authority, in the Local Certificates screen click the certificate request’s Load Signed icon to import the signed certificate into the Device. VMG8924-B10A User’s Guide...
Page 214: The Trusted Ca Screen
Click Security > Certificates > Trusted CA to open the following screen. This screen displays a summary list of certificates of the certification authorities that you have set the Device to accept as trusted. The Device accepts any valid certificate signed by a certification authority on this list as VMG8924-B10A User’s Guide...
Page 215 Click the View icon to open a screen with an in-depth list of information about the certificate (or certification request). Click the Remove button to delete the certificate (or certification request). You cannot delete a certificate that one or more features is configured to use. VMG8924-B10A User’s Guide...
Page 216: View Trusted Ca Certificate
You can copy and paste the certificate into an e-mail to send to friends or colleagues or you can copy and paste the certificate into a text editor and save the file on a management computer for later distribution (via floppy disk for example). Back Click Back to return to the previous screen. VMG8924-B10A User’s Guide...
Page 217: Import Trusted Ca Certificate
CA will be displayed in the Network Setting > Broadband > 802.1x: Authentication Edit screen. Certificate Copy and paste the certificate into the text box to store it on the Device. Click OK to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 218 Chapter 19 Certificates VMG8924-B10A User’s Guide...
Page 219: Vpn
Use this screen to view and manage your VPN tunnel policies. The following figure helps explain the main fields in the web configurator. Figure 134 IPSec Fields Summary Remote Network Local Network VPN Tunnel Click Security > IPSec VPN to open this screen as shown next. Figure 135 Security > IPSec VPN VMG8924-B10A User’s Guide...
Page 220: The Ipsec Vpn Add/Edit Screen
Click the Delete icon to delete the VPN policy. 20.3 The IPSec VPN Add/Edit Screen Use these settings to add or edit VPN policies. Click the Add New Connection button in the Security > VPN screen to open this screen as shown next. VMG8924-B10A User’s Guide...
Page 221 Enter the IP address of the remote IPSec router in the IKE SA. Gateway Address Tunnel access Select Single Address to have only one local LAN IP address use the VPN tunnel. Select from local IP Subnet to specify local LAN IP addresses by their subnet mask. addresses VMG8924-B10A User’s Guide...
Page 222 Select E-mail to identify this Device by an e-mail address. Select DNS to identify this Device by a domain name. Select ASN1DN (Abstract Syntax Notation one - Distinguished Name) to this Device by the subject field in a certificate. This is used only with certificate-based authentication. VMG8924-B10A User’s Guide...
Page 223 Main - this encrypts the Device’s and remote IPSec router’s identities but takes more time to establish the IKE SA. Aggressive - this is faster but does not encrypt the identities. The Device and the remote IPSec router must use the same negotiation mode. VMG8924-B10A User’s Guide...
Page 224 Longer keys require more processing power, resulting in increased latency and decreased throughput. Integrity Select which hash algorithm to use to authenticate packet data. Choices are MD5 and Algorithm SHA1. SHA is generally considered stronger than MD5, but it is also slower. VMG8924-B10A User’s Guide...
Page 225 Type a unique SPI (Security Parameter Index) in hexadecimal characters. The SPI is used to identify the Device during authentication. The Device and remote IPSec router must use the same SPI. Click OK to save your changes. Cancel Click Cancel to restore your previously saved settings. VMG8924-B10A User’s Guide...
Page 226: The Ipsec Vpn Monitor Screen
Click Trigger to establish a VPN connection with the remote network. 20.5 Technical Reference This section provides some technical background information about the topics covered in this section. 20.5.1 IPSec Architecture The overall IPSec architecture is shown as follows. VMG8924-B10A User’s Guide...
Page 227: Encapsulation
VPN. 20.5.2 Encapsulation The two modes of operation for IPSec VPNs are Transport mode and Tunnel mode. At the time of writing, the Device supports Tunnel mode only. Figure 139 Transport and Tunnel Mode IPSec Encapsulation VMG8924-B10A User’s Guide...
Page 228: Ike Phases
There are two phases to every IKE (Internet Key Exchange) negotiation – phase 1 (Authentication) and phase 2 (Key Exchange). A phase 1 exchange establishes an IKE SA and the second one uses that SA to negotiate SAs for IPSec. VMG8924-B10A User’s Guide...
Page 229: Negotiation Mode
(phase 1). It uses 6 messages in three round trips: SA negotiation, Diffie-Hellman exchange and an exchange of nonces (a nonce is a random number). This mode features identity protection (your identity is not revealed in the negotiation). VMG8924-B10A User’s Guide...
Page 230: Ipsec And Nat
NAT is not normally compatible with ESP in transport mode either, but the Device’s NAT Traversal feature provides a way to handle this. NAT traversal allows you to set up an IKE SA when there are NAT routers between the two IPSec routers. VMG8924-B10A User’s Guide...
Page 231: Id Type And Content
(DES, 3DES and AES), two authentication algorithms (MD5 and SHA1) and eight key groups when you configure a VPN rule (see Section 20.2 on page 219). The ID type and content act as an extra level of identification for incoming SAs. VMG8924-B10A User’s Guide...
Page 232: Pre-Shared Key
Diffie-Hellman is used within IKE SA setup to establish session keys. Upon completion of the Diffie-Hellman exchange, the two peers have a shared secret, but the IKE SA is not authenticated. For authentication, use pre-shared keys. VMG8924-B10A User’s Guide...
Page 233: Voice
You don’t necessarily need to use all these screens to set up your account. In fact, if your service provider did not supply information on a particular field in a screen, it is usually best to leave it at its default setting. VMG8924-B10A User’s Guide...
Page 234: What You Need To Know About Voip
21.3 The SIP Account Screen The Device uses a SIP account to make outgoing VoIP calls and check if an incoming call’s destination number matches your SIP account’s SIP number. In order to make or receive a VoIP VMG8924-B10A User’s Guide...
Page 235: The Sip Account Add/Edit Screen
Use this screen to configure a SIP account and map it to a phone port. To access this screen, click the Add new account button or click the Edit icon of an entry in the VoIP > SIP > SIP Account screen. VMG8924-B10A User’s Guide...
Page 236 You can use up to 95 printable ASCII characters. Password Enter the user name for registering this SIP account, exactly as it was given to you. You can use up to 95 printable ASCII Extended set characters. VMG8924-B10A User’s Guide...
Page 237 (Echo reverberating in the telephone receiver while you talk. Cancellation) Enable VAD Select this if the Device should stop transmitting when you are not speaking. (Voice Active This reduces the bandwidth the Device uses. Detector) Call Features VMG8924-B10A User’s Guide...
Page 238 Device subscribes to the service. Before this time passes, the Device automatically subscribes again. Hot Line / Warm Select this to enable the hot line or warm line feature on the Device. Line Enable VMG8924-B10A User’s Guide...
Page 239: The Sip Service Provider Screen
21.4 The SIP Service Provider Screen Use this screen to view the SIP service provider information on the Device. Click VoIP > SIP > SIP Service Provider to open the following screen. Figure 144 VoIP > SIP > SIP Service Provider VMG8924-B10A User’s Guide...
Page 240: The Sip Service Provider Add/Edit Screen
21.4.1 The SIP Service Provider Add/Edit Screen Use this screen to configure a SIP service provider on the Device. Click the Add new provider button or an Edit icon in the VoIP > SIP > SIP Service Provider to open the following screen. VMG8924-B10A User’s Guide...
Page 241 If you change this field, the screen automatically refreshes. Selection General SIP Service Enter the name of your SIP service provider. Provider Name SIP Local Port Enter the Device’s listening port number, if your VoIP service provider gave you one. Otherwise, keep the default value. VMG8924-B10A User’s Guide...
Page 242 Do not send a re-Invite packet to the remote party when the remote party answers that it Invite to the can support multiple codecs. remote party when there are multiple codecs answered in the Bound Interface Name VMG8924-B10A User’s Guide...
Page 243 (like G.711). Codecs that use compression (like G.729 and G.726) can distort the tones. SIP INFO - send the DTMF tones in SIP messages. Transport Type Transport Type Select the transport layer protocol UDP or TCP (usually UDP) used for SIP. VMG8924-B10A User’s Guide...
Page 244 Enter the key combinations that you can enter to forward all incoming calls to the phone Call Forward number you specified in the SIP > SIP Account screen. Enable Unconditional Enter the key combinations that you can enter to turn the unconditional call forward Call Forward function off. Disable VMG8924-B10A User’s Guide...
Page 245 If you select this, dial the phone number, and then press the pound key. The Device makes the call immediately, instead of waiting. You can still wait, if you want. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. VMG8924-B10A User’s Guide...
Page 246: Dial Plan Rules
In this example dial plan (0 | [49]11 | 1 [2-9]xx xxxxxxx | 1 947 xxxxxxx !), you can dial “0” to call the local operator, call 411 or 911, or make a long distance call with an area code starting from 2 to 9 in the US. The calls with the area code 947 will be dropped. VMG8924-B10A User’s Guide...
Page 247: The Phone Screen
Use this screen to add, edit, or remove speed-dial numbers for outgoing calls. Speed dial provides shortcuts for dialing frequently-used (VoIP) phone numbers. You also have to create speed-dial entries if you want to call SIP numbers that contain letters. Once you have configured a speed dial VMG8924-B10A User’s Guide...
Page 248: The Call History Summary Screen
The Device logs calls from or to your SIP numbers. This screen allows you to view the summary of received, dialed and missed calls. Click VoIP > Call History > Call History Summary. The following screen displays. Figure 148 VoIP > Call History > Call History Summary VMG8924-B10A User’s Guide...
Page 249: The Call History Outgoing Calls Screen
This is the SIP number you called. duration This displays how long the call lasted. 21.9 The Call History Incoming Calls Screen Use this screen to see detailed information for each incoming call from someone calling you. VMG8924-B10A User’s Guide...
Page 250: Technical Reference
SIP Identities A SIP account uses an identity (sometimes referred to as a SIP address). A complete SIP identity is called a SIP URI (Uniform Resource Identifier). A SIP account's URI identifies the SIP account in a VMG8924-B10A User’s Guide...
Page 251 When you use SIP to make a VoIP call, it originates at a client and terminates at a server. A SIP client could be a computer or a SIP phone. One device can act as both a SIP client and a SIP server. VMG8924-B10A User’s Guide...
Page 252 IP address back to the device that sent the request. Then the client device that originally sent the request can send requests to the IP address that it received back from the redirect server. Redirect servers do not initiate SIP requests. VMG8924-B10A User’s Guide...
Page 253 When you make a VoIP call using SIP, the RTP (Real time Transport Protocol) is used to handle voice data transfer. See RFC 1889 for details on RTP. Pulse Code Modulation Pulse Code Modulation (PCM) measures analog signal amplitudes at regular time intervals and converts them into bits. VMG8924-B10A User’s Guide...
Page 254 The response to the request goes to all the proxy servers through which the request passed, in reverse sequence. Once the session is set up, session traffic is sent between the UAs directly, bypassing all the proxy servers in between. VMG8924-B10A User’s Guide...
Page 255 Proxy 2 sends a SIP INVITE request to User Agent 2. User Agent 2 sends a response back to Proxy 2 indicating that the phone is ringing. The response is relayed back to User Agent 1 via Proxy 1. VMG8924-B10A User’s Guide...
Page 256 Enable Message Waiting Indication (MWI) enables your phone to give you a message–waiting (beeping) dial tone when you have a voice message(s). Your VoIP service provider must have a messaging system that sends message waiting status SIP packets as defined in RFC 3842. VMG8924-B10A User’s Guide...
Page 257 Press a number from 1301~1308 followed by the “#” key to delete the tone of your choice. Press 14 followed by the “#” key if you wish to clear all your custom tones. VMG8924-B10A User’s Guide...
Page 258: Quality Of Service (Qos)
21.10.2 Phone Services Overview Supplementary services such as call hold, call waiting, and call transfer. are generally available from your VoIP service provider. The Device supports the following services: The Device does not support DiffServ at the time of writing. VMG8924-B10A User’s Guide...
Page 259 Switch back to the call (if there is no second call). Flash Drop the call presently on hold or reject an incoming call which is waiting for answer. Flash Disconnect the current phone connection and answer the incoming call or resume with caller presently on hold. VMG8924-B10A User’s Guide...
Page 260 Press the flash key to put the caller on hold. When you hear the dial tone, dial “*98#” followed by the number to which you want to transfer the call. After you hear the ring signal or the second party answers it, hang up the phone. VMG8924-B10A User’s Guide...
Page 261 This allows you to place a call on hold while you answer another incoming call on the same telephone (directory) number. If there is a second call to your telephone number, you will hear a call waiting tone. Press the flash key to put the first call on hold and answer the second call. VMG8924-B10A User’s Guide...
Page 262: Usa Call Transfer
(the sound a caller hears before you pick up the phone) and on hold tones (the sound someone hears when you put their call on hold). #### Internal Call Call the phone(s) connected to the Device. VMG8924-B10A User’s Guide...
Page 263 Chapter 21 Voice Table 124 Phone Functions Summary ACTION FUNCTION DESCRIPTION One Shot Caller Display Call Activate or deactivate caller ID for the next call only. One Shot Caller Hidden Call VMG8924-B10A User’s Guide...
Page 264 Chapter 21 Voice VMG8924-B10A User’s Guide...
Page 265: Log
CODE SEVERITY Emergency: The system is unusable. Alert: Action must be taken immediately. Critical: The system condition is critical. Error: There is an error condition on the system. Warning: There is a warning condition on the system. VMG8924-B10A User’s Guide...
Page 266: The System Log Screen
Level This field displays the severity level of the logs that the device is to send to this syslog server. Messages This field states the reason for the log. VMG8924-B10A User’s Guide...
Page 267: The Security Log Screen
Level This field displays the severity level of the logs that the device is to send to this syslog server. Messages This field states the reason for the log. VMG8924-B10A User’s Guide...
Page 268 Chapter 22 Log VMG8924-B10A User’s Guide...
Page 269: Traffic Status
23.2 The WAN Status Screen Click System Monitor > Traffic Status to open the WAN screen. The figure in this screen shows the number of bytes received and sent on the Device. Figure 158 System Monitor > Traffic Status > WAN VMG8924-B10A User’s Guide...
Page 270 Packets Received Data This indicates the number of received packets on this interface. Error This indicates the number of frames with errors received on this interface. Drop This indicates the number of received packets dropped on this interface. VMG8924-B10A User’s Guide...
Page 271: The Lan Status Screen
Received (Packets) Data This indicates the number of received packets on this interface. Error This indicates the number of frames with errors received on this interface. Drop This indicates the number of received packets dropped on this interface. VMG8924-B10A User’s Guide...
Page 272: The Nat Status Screen
No. of Open This displays the number of NAT sessions currently opened for the connected Session host. Total This displays what percentage of NAT sessions the Device can support is currently being used by all connected hosts. VMG8924-B10A User’s Guide...
Page 273: Voip Status
This field displays the last time the Device successfully registered the SIP account. The field Time is blank if the Device has never successfully registered this account. This field displays the account number and service domain of the SIP account. You can change these in the VoIP > SIP screens. VMG8924-B10A User’s Guide...
Page 274 This field displays the name of a phone port on the Device. Outgoing This field displays the SIP number that you use to make calls on this phone port. Number Incoming This field displays the SIP number that you use to receive calls on this phone port. Number VMG8924-B10A User’s Guide...
Page 275: Arp Table
MAC address that replied. 25.2 ARP Table Screen Use the ARP table to view IP-to-MAC address mapping(s). To open this screen, click System Monitor > ARP Table. Figure 162 System Monitor > ARP Table VMG8924-B10A User’s Guide...
Page 276 This is the MAC address of the device with the listed IP address. Device This is the type of interface used by the device. You can click on the device type to go to its configuration screen. VMG8924-B10A User’s Guide...
Page 277: Routing Table
This indicates the destination IPv4 address or IPv6 address and prefix of this route. Gateway This indicates the IPv4 address or IPv6 address of the gateway that helps forward this route’s traffic. Subnet Mask This indicates the destination subnet mask of the IPv4 route. VMG8924-B10A User’s Guide...
Page 278 This indicates the name of the interface through which the route is forwarded. brx indicates a LAN interface where x can be 0~3 to represent LAN1 to LAN4 respectively. ptm0 indicates a WAN interface using IPoE or in bridge mode. ppp0 indicates a WAN interface using PPPoE. VMG8924-B10A User’s Guide...
Page 279: Igmp/Mld Status
This field displays the name of an interface on the Device that belongs to an IGMP or MLD multicast group. Multicast Group This field displays the name of the IGMP or MLD multicast group to which the interface belongs. VMG8924-B10A User’s Guide...
Page 280 EXCLUDE means that the IP addresses in the Source List are not allowed to receive the multicast group’s traffic but other IP addresses can. Source List This is the list of IP addresses that are allowed or not allowed to receive the multicast group’s traffic depending on the filter mode. VMG8924-B10A User’s Guide...
Page 281: Xdsl Statistics
HAPTER xDSL Statistics 28.1 The xDSL Statistics Screen Use this screen to view detailed DSL statistics. Click System Monitor > xDSL Statistics to open the following screen. Figure 165 System Monitor > xDSL Statistics VMG8924-B10A User’s Guide...
Page 282 Chapter 28 xDSL Statistics VMG8924-B10A User’s Guide...
Page 283 Attainable Net These are the highest theoretically possible transfer rates at which the port could send and Data Rate receive payload data without transport layer protocol headers and traffic. xDSL Counters VMG8924-B10A User’s Guide...
Page 284 30% or more errored blocks or at least one defect. This is a subset of ES. This is the number of UnAvailable Seconds. This is the number of Loss Of Signal seconds. This is the number of Loss Of Frame seconds. This is the number of Loss of Margin seconds. VMG8924-B10A User’s Guide...
Page 285: Statistics
WCDMA - Wideband Code Division Multiple Access, 3G HSDPA - High-Speed Downlink Packet Access, 3.5G HSUPA - High-Speed Uplink Packet Access, 3.75G HSPA - HSDPA+HSUPA, 3.75G Service This field displays the name of the service provider. Provider VMG8924-B10A User’s Guide...
Page 286 This field displays the firmware version of the 3G card. Version SIM Card IMSI The International Mobile Subscriber Identity or IMSI is a unique identification number associated with all cellular networks. This number is provisioned in the SIM card. VMG8924-B10A User’s Guide...
Page 287: User Account
After you change the password, use the new password to access the Device. Retype to Type the new password again for confirmation. confirm Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. VMG8924-B10A User’s Guide...
Page 288 Chapter 30 User Account VMG8924-B10A User’s Guide...
Page 289: Remote Management
Select the Enable check box for the corresponding services that you want to allow access to the Device from the LAN/WLAN. Select the Enable check box for the corresponding services that you want to allow access to the Device from the WAN. VMG8924-B10A User’s Guide...
Page 290: The Trust Domain Screen
Table 139 Maintenance > Remote MGMT > Trust Domain LABEL DESCRIPTION Add Trust Click this to add a trusted host IP address. Domain IPv4 Address This field shows a trusted host IP address. Delete Click the Delete icon to remove the trust IP address. VMG8924-B10A User’s Guide...
Page 291: The Add Trust Domain Screen
Enter a public IPv4 IP address which is allowed to access the service on the Device from the WAN. Apply Click Apply to save your changes back to the Device. Cancel Click Cancel to restore your previously saved settings. VMG8924-B10A User’s Guide...
Page 292 Chapter 31 Remote Management VMG8924-B10A User’s Guide...
Page 293: Client
ACS and specify the ACS IP address or domain name and username and password. Click Maintenance > TR-069 Client to open the following screen. Use this screen to configure your Device to be managed by an ACS. Figure 171 Maintenance > TR-069 Client VMG8924-B10A User’s Guide...
Page 294 You can choose a local certificate used by TR-069 client. The local certificate should be used by TR-069 imported in the Security > Certificates > Local Certificates screen. client Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 295: Chapter 33 Tr-064
The following table describes the fields in this screen. Table 142 Maintenance > TR-064 LABEL DESCRIPTION State Select Enable to activate management via TR-064 on the LAN. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 296 Chapter 33 TR-064 VMG8924-B10A User’s Guide...
Page 297: Snmp
The managed devices contain object variables/managed objects that define each piece of information to be collected about a device. Examples of variables include such as number of packets received, node port status etc. A Management Information Base (MIB) is a collection of VMG8924-B10A User’s Guide...
Page 298 Enter the SNMP system contact. Trap Destination Type the IP address of the station to send your SNMP traps to. Apply Click this to save your changes back to the Device. Cancel Click this to restore your previously saved settings. VMG8924-B10A User’s Guide...
Page 299: Time Settings
35.2 The Time Screen To change your Device’s time and date, click Maintenance > Time. The screen appears as shown. Use this screen to configure the Device’s time based on your local time zone. Figure 175 Maintenance > Time VMG8924-B10A User’s Guide...
Page 300 October. The time you select in the o'clock field depends on your time zone. In Germany for instance, you would select 2 in the Hour field because Germany's time zone is one hour ahead of GMT or UTC (GMT+1). VMG8924-B10A User’s Guide...
Page 301 Chapter 35 Time Settings Table 144 Maintenance > Time (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. VMG8924-B10A User’s Guide...
Page 302 Chapter 35 Time Settings VMG8924-B10A User’s Guide...
Page 303: E-Mail Notification
This field displays the password of the sender’s mail account. Email Address This field displays the e-mail address that you want to be in the from/sender line of the e- mail that the Device sends. Delete Click this button to delete the selected entry(ies). VMG8924-B10A User’s Guide...
Page 304: Email Notification Edit
If you activate SSL/TLS authentication, the e-mail address must be able to be authenticated by the mail server as well. Apply Click this button to save your changes and return to the previous screen. Cancel Click this button to begin configuring this screen afresh. VMG8924-B10A User’s Guide...
Page 305: Logs Setting
You can configure where the Device sends logs and which logs and/or immediate alerts the Device records in the Logs Setting screen. 37.2 The Log Settings Screen To change your Device’s log settings, click Maintenance > Logs Setting. The screen appears as shown. Figure 178 Maintenance > Logs Setting VMG8924-B10A User’s Guide...
Page 306: Example E-Mail Log
An "End of Log" message displays for each mail in which a complete log has been sent. The following is an example of a log sent by e-mail. • You may edit the subject title. • The date format here is Day-Month-Year. • The date format here is Month-Day-Year. The time format is Hour-Minute-Second. VMG8924-B10A User’s Guide...
Page 307 |<1,02> 127|Apr 7 00 |From:192.168.1.131 To:192.168.1.255 |match |forward | 10:05:17 |UDP src port:00520 dest port:00520 |<1,02> 128|Apr 7 00 |From:192.168.1.1 To:192.168.1.255 |match |forward | 10:05:30 |UDP src port:00520 dest port:00520 |<1,02> End of Firewall Log VMG8924-B10A User’s Guide...
Page 308 Chapter 37 Logs Setting VMG8924-B10A User’s Guide...
Page 309: Firmware Upgrade
Click this to find the .bin file you want to upload. Remember that you must decompress compressed (.zip) files before you can upload them. Upload Click this to begin the upload process. This process may take up to two minutes. VMG8924-B10A User’s Guide...
Page 310 After two minutes, log in again and check your new firmware version in the Status screen. If the upload was not successful, the following screen will appear. Click OK to go back to the Firmware Upgrade screen. Figure 183 Error Message VMG8924-B10A User’s Guide...
Page 311: Configuration
The backup configuration file will be useful in case you need to return to your previous settings. Click Backup to save the Device’s current configuration to your computer. VMG8924-B10A User’s Guide...
Page 312 Appendix A on page 327 for details on how to set up your computer’s IP address. If the upload was not successful, the following screen will appear. Click OK to go back to the Configuration screen. Figure 186 Configuration Upload Error VMG8924-B10A User’s Guide...
Page 313: The Reboot Screen
System restart allows you to reboot the Device remotely without turning the power off. You may need to do this if the Device hangs, for example. Click Maintenance > Reboot. Click Reboot to have the Device reboot. This does not affect the Device's configuration. Figure 189 Maintenance > Reboot VMG8924-B10A User’s Guide...
Page 314 Chapter 39 Configuration VMG8924-B10A User’s Guide...
Page 315: Diagnostic
If an MEP port does not respond to the source MEP, this may indicate a fault. Administrators can take further action to check and resume services from the fault according to the line connectivity status report. VMG8924-B10A User’s Guide...
Page 316: Ping & Traceroute & Nslookup
Click this button to perform the traceroute function. This determines the path a packet takes to the specified computer. Nslookup Click this button to perform a DNS lookup on the IP address of a computer you enter. VMG8924-B10A User’s Guide...
Page 317 Click this button to have the selected MEP send the LBM (Loop Back Message) to a specified remote end point. Send Linktrace Click this button to have the selected MEP send the LTMs (Link Trace Messages) to a specified remote end point. VMG8924-B10A User’s Guide...
Page 318: Oam Ping
Segment loopback tests allow you to verify integrity of a PVC to the nearest neighboring ATM device. End-to-end loopback tests allow you to verify integrity of an end-to-end PVC. Note: The DSLAM to which the Device is connected must also support ATM F4 and/or F5 to use this test. VMG8924-B10A User’s Guide...
Page 319 Press this to perform an OAM F4 segment loopback test. F4 end-end Press this to perform an OAM F4 end-to-end loopback test. F5 segment Press this to perform an OAM F5 segment loopback test. F5 end-end Press this to perform an OAM F5 end-to-end loopback test. VMG8924-B10A User’s Guide...
Page 320 Chapter 40 Diagnostic VMG8924-B10A User’s Guide...
Page 321: Troubleshooting
Make sure you understand the normal behavior of the LED. See Section 1.5 on page Check the hardware connections. Inspect your cables for damage. Contact the vendor to replace any damaged cables. Turn the Device off and on. VMG8924-B10A User’s Guide...
Page 322: Device Access And Login
Make sure your Internet browser does not block pop-up windows and has JavaScripts and Java enabled. See Appendix C on page 357. If it is possible to log in from another interface, check the service control settings for HTTP and HTTPS (Maintenance > Remote MGMT). VMG8924-B10A User’s Guide...
Page 323 I cannot use FTP to upload / download the configuration file. / I cannot use FTP to upload new firmware. See the troubleshooting suggestions for I cannot see or access the Login screen in the web configurator. Ignore the suggestions about your browser. VMG8924-B10A User’s Guide...
Page 324: Internet Access
I cannot access the Internet anymore. I had access to the Internet (with the Device), but my Internet connection is not available anymore. Your session with the Device may have expired. Try logging into the Device again. VMG8924-B10A User’s Guide...
Page 325: Wireless Internet Access
Internet. What is a Server Set ID (SSID)? An SSID is a name that uniquely identifies a wireless network. The AP and all the clients within a wireless network must use the same SSID. VMG8924-B10A User’s Guide...
Page 326: Usb Device Connection
The Local Area Connection icon for UPnP disappears in the screen. Restart your computer. I cannot open special applications such as white board, file transfer and video when I use the MSN messenger. Wait more than three minutes. Restart the applications. VMG8924-B10A User’s Guide...
Page 327: Appendix A Setting Up Your Computer's Ip Address
IP addresses that place them in the same subnet as the Device’s LAN port. Windows 95/98/Me Click Start, Settings, Control Panel and double-click the Network icon to open the Network window. Figure 194 WIndows 95/98/Me: Network: Configuration VMG8924-B10A User’s Guide...
Page 328 Restart your computer so the changes you made take effect. Configuring In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties Click the IP Address tab. • If your IP address is dynamic, select Obtain an IP address automatically. VMG8924-B10A User’s Guide...
Page 329 • If you do not know your DNS information, select Disable DNS. • If you know your DNS information, select Enable DNS and type the information in the fields below (you may not need to fill them all in). Figure 196 Windows 95/98/Me: TCP/IP Properties: DNS Configuration VMG8924-B10A User’s Guide...
Page 330 Select your network adapter. You should see your computer's IP address, subnet mask and default gateway. Windows 2000/NT/XP The following example figures use the default Windows XP GUI theme. Click start (Start in Windows 2000/NT), Settings, Control Panel. Figure 197 Windows XP: Start Menu VMG8924-B10A User’s Guide...
Page 331 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 198 Windows XP: Control Panel Right-click Local Area Connection and then click Properties. Figure 199 Windows XP: Control Panel: Network Connections: Properties VMG8924-B10A User’s Guide...
Page 332 • If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields. VMG8924-B10A User’s Guide...
Page 333 (the number of transmission hops), clear the Automatic metric check box and type a metric in Metric. • Click Add. • Repeat the previous three steps for each default gateway you want to add. VMG8924-B10A User’s Guide...
Page 334 • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields. VMG8924-B10A User’s Guide...
Page 335 In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can also open Network Connections, right-click a network connection, click Status and then click the Support tab. Windows Vista This section shows screens from Windows Vista Enterprise Version 6.0. VMG8924-B10A User’s Guide...
Page 336 Click the Start icon, Control Panel. Figure 204 Windows Vista: Start Menu In the Control Panel, double-click Network and Internet. Figure 205 Windows Vista: Control Panel Click Network and Sharing Center. Figure 206 Windows Vista: Network And Internet VMG8924-B10A User’s Guide...
Page 337 Figure 207 Windows Vista: Network and Sharing Center Right-click Local Area Connection and then click Properties. Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue. Figure 208 Windows Vista: Network and Sharing Center VMG8924-B10A User’s Guide...
Page 338 • If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP address and fill in the IP address, Subnet mask, and Default gateway fields. VMG8924-B10A User’s Guide...
Page 339 (the number of transmission hops), clear the Automatic metric check box and type a metric in Metric. • Click Add. • Repeat the previous three steps for each default gateway you want to add. VMG8924-B10A User’s Guide...
Page 340 • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields. VMG8924-B10A User’s Guide...
Page 341 Click Start, All Programs, Accessories and then Command Prompt. In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can also open Network Connections, right-click a network connection, click Status and then click the Support tab. VMG8924-B10A User’s Guide...
Page 342 Appendix A Setting up Your Computer’s IP Address Macintosh OS 8/9 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel. Figure 213 Macintosh OS 8/9: Apple Menu VMG8924-B10A User’s Guide...
Page 343 Macintosh OS X Click the Apple menu, and click System Preferences to open the System Preferences window. Figure 215 Macintosh OS X: Apple Menu Click Network in the icon bar. • Select Automatic from the Location list. VMG8924-B10A User’s Guide...
Page 344 • Type the IP address of your Device in the Router address box. Click Apply Now and close the window. Turn on your Device and restart your computer (if prompted). Verifying Settings Check your TCP/IP properties in the Network window. VMG8924-B10A User’s Guide...
Page 345 Follow the steps below to configure your computer IP address using the KDE. Click the Red Hat button (located on the bottom left corner), select System Setting and click Network. Figure 217 Red Hat 9.0: KDE: Network Configuration: Devices VMG8924-B10A User’s Guide...
Page 346 If you know your DNS server IP address(es), click the DNS tab in the Network Configuration screen. Enter the DNS server information in the fields provided. Figure 219 Red Hat 9.0: KDE: Network Configuration: DNS Click the Devices tab. VMG8924-B10A User’s Guide...
Page 347: Using Configuration Files
The following example shows an example where the static IP address is 192.168.1.10 and the subnet mask is 255.255.255.0. Figure 222 Red Hat 9.0: Static IP Address Setting in ifconfig-eth0 DEVICE=eth0 ONBOOT=yes BOOTPROTO=static IPADDR=192.168.1.10 NETMASK=255.255.255.0 USERCTL=no PEERDNS=yes TYPE=Ethernet VMG8924-B10A User’s Guide...
Page 348: Verifying Settings
HWaddr 00:50:BA:72:5B:44 inet addr:172.23.19.129 Bcast:172.23.19.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:717 errors:0 dropped:0 overruns:0 frame:0 TX packets:13 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:730412 (713.2 Kb) TX bytes:1570 (1.5 Kb) Interrupt:10 Base address:0x1000 [root@localhost]# VMG8924-B10A User’s Guide...
Page 349: Appendix B Ip Addresses And Subnetting
192.168.1.1). Each of these four parts is known as an octet. An octet is an eight-digit binary number (for example 11000000, which is 192 in decimal notation). Therefore, each octet has a possible range of 00000000 to 11111111 in binary, or 0 to 255 in decimal. VMG8924-B10A User’s Guide...
Page 350 Host ID 00000010 By convention, subnet masks always consist of a continuous sequence of ones beginning from the leftmost bit of the mask, followed by a continuous sequence of zeros, for a total number of 32 bits. VMG8924-B10A User’s Guide...
Page 351 This is usually specified by writing a “/” followed by the number of bits in the mask after the address. For example, 192.1.1.0 /25 is equivalent to saying 192.1.1.0 with subnet mask 255.255.255.128. VMG8924-B10A User’s Guide...
Page 352 You can “borrow” one of the host ID bits to divide the network 192.168.1.0 into two separate sub- networks. The subnet mask is now 25 bits (255.255.255.128 or /25). The “borrowed” host ID bit can have a value of either 0 or 1, allowing two subnets; 192.168.1.0 /25 and 192.168.1.128 /25. VMG8924-B10A User’s Guide...
Page 353 Table 157 Subnet 1 LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE IP Address (Decimal) 192.168.1. IP Address (Binary) 11000000.10101000.00000001. 00000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 VMG8924-B10A User’s Guide...
Page 354 Similarly, use a 27-bit mask to create eight subnets (000, 001, 010, 011, 100, 101, 110 and 111). The following table shows IP address last octet values for each subnet. Table 161 Eight Subnets SUBNET LAST BROADCAST SUBNET FIRST ADDRESS ADDRESS ADDRESS ADDRESS VMG8924-B10A User’s Guide...
Page 355 16382 255.255.224.0 (/19) 8190 255.255.240.0 (/20) 4094 255.255.248.0 (/21) 2046 255.255.252.0 (/22) 1022 255.255.254.0 (/23) 255.255.255.0 (/24) 255.255.255.128 (/25) 255.255.255.192 (/26) 1024 255.255.255.224 (/27) 2048 255.255.255.240 (/28) 4096 255.255.255.248 (/29) 8192 255.255.255.252 (/30) 16384 255.255.255.254 (/31) 32768 VMG8924-B10A User’s Guide...
Page 356 Regardless of your particular situation, do not create an arbitrary IP address; always follow the guidelines above. For more information on address assignment, please refer to RFC 1597, Address Allocation for Private Internets and RFC 1466, Guidelines for Management of IP Address Space. VMG8924-B10A User’s Guide...
Page 357: Appendix C Pop-Up Windows, Javascripts And Java Permissions
In Internet Explorer, select Tools, Pop-up Blocker and then select Turn Off Pop-up Blocker. Figure 229 Pop-up Blocker You can also check if pop-up blocking is disabled in the Pop-up Blocker section in the Privacy tab. In Internet Explorer, select Tools, Internet Options, Privacy. VMG8924-B10A User’s Guide...
Page 358 Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. In Internet Explorer, select Tools, Internet Options and then the Privacy tab. VMG8924-B10A User’s Guide...
Page 359 Select Settings…to open the Pop-up Blocker Settings screen. Figure 231 Internet Options: Privacy Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. VMG8924-B10A User’s Guide...
Page 360 Figure 232 Pop-up Blocker Settings Click Close to return to the Privacy screen. Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. VMG8924-B10A User’s Guide...
Page 361 Figure 233 Internet Options: Security Click the Custom Level... button. Scroll down to Scripting. Under Active scripting make sure that Enable is selected (the default). Under Scripting of Java applets make sure that Enable is selected (the default). VMG8924-B10A User’s Guide...
Page 362 Figure 234 Security Settings - Java Scripting Java Permissions From Internet Explorer, click Tools, Internet Options and then the Security tab. Click the Custom Level... button. Scroll down to Microsoft VM. Under Java permissions make sure that a safety level is selected. VMG8924-B10A User’s Guide...
Page 363 Click OK to close the window. Figure 235 Security Settings - Java JAVA (Sun) From Internet Explorer, click Tools, Internet Options and then the Advanced tab. Make sure that Use Java 2 for <applet> under Java (Sun) is selected. VMG8924-B10A User’s Guide...
Page 364 Mozilla Firefox 2.0 screens are used here. Screens for other versions may vary. You can enable Java, Javascripts and pop-ups in one screen. Click Tools, then click Options in the screen that appears. Figure 237 Mozilla Firefox: Tools > Options VMG8924-B10A User’s Guide...
Page 365 Appendix C Pop-up Windows, JavaScripts and Java Permissions Click Content.to show the screen below. Select the check boxes as shown in the following screen. Figure 238 Mozilla Firefox Content Security VMG8924-B10A User’s Guide...
Page 366 Appendix C Pop-up Windows, JavaScripts and Java Permissions VMG8924-B10A User’s Guide...
Page 367: Appendix D Wireless Lans
(AP). Intra-BSS traffic is traffic between wireless clients in the BSS. When Intra-BSS is enabled, wireless client A and B can access the wired network and communicate with each other. When Intra-BSS is VMG8924-B10A User’s Guide...
Page 368 APs is called a Distribution System (DS). This type of wireless LAN topology is called an Infrastructure WLAN. The Access Points not only provide communication with the wired network but also mediate wireless network traffic in the immediate neighborhood. VMG8924-B10A User’s Guide...
Page 369 A hidden node occurs when two stations are within range of the same access point, but are not within range of each other. The following figure illustrates a hidden node. Both stations (STA) are within range of the access point (AP) or wireless gateway, but out-of-range of each other, so they VMG8924-B10A User’s Guide...
Page 370 AP will fragment the packet into smaller data frames. A large Fragmentation Threshold is recommended for networks not prone to interference while you should set a smaller threshold for busy networks or networks that are prone to interference. VMG8924-B10A User’s Guide...
Page 371 IEEE802.1x EAP with RADIUS Server Authentication Wi-Fi Protected Access (WPA) WPA2 Most Secure Note: You must enable the same wireless security settings on the Device and on all wireless clients that you want to associate with it. VMG8924-B10A User’s Guide...
Page 372 Sent by a RADIUS server requesting more information in order to allow access. The access point sends a proper response from the user and then sends another Access-Request message. The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user accounting: VMG8924-B10A User’s Guide...
Page 373 This makes user identity vulnerable to passive attacks. A digital certificate is an electronic ID card that authenticates the sender’s identity. However, to implement EAP-TLS, you need a Certificate Authority (CA) to handle certificates, which imposes a management overhead. VMG8924-B10A User’s Guide...
Page 374 Table 166 Comparison of EAP Authentication Types EAP-MD5 EAP-TLS EAP-TTLS PEAP LEAP Mutual Authentication Certificate – Client Optional Optional Certificate – Server Dynamic Key Exchange Credential Integrity None Strong Strong Strong Moderate Deployment Difficulty Easy Hard Moderate Moderate Moderate Client Identity Protection VMG8924-B10A User’s Guide...
Page 375 The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same. The only difference between the two is that WPA(2)-PSK uses a simple common password, instead of user-specific credentials. The common-password approach makes WPA(2)-PSK susceptible to brute-force VMG8924-B10A User’s Guide...
Page 376 The RADIUS server then checks the user's identification against its database and grants or denies network access accordingly. A 256-bit Pairwise Master Key (PMK) is derived from the authentication process by the RADIUS server and the client. VMG8924-B10A User’s Guide...
Page 377 The AP and wireless clients use the TKIP or AES encryption process, the PMK and information exchanged in a handshake to create temporal encryption keys. They use these keys to encrypt data exchanged between them. Figure 244 WPA(2)-PSK Authentication VMG8924-B10A User’s Guide...
Page 378 Antenna gain, measured in dB (decibel), is the increase in coverage within the RF beam width. Higher antenna gain improves the range of the signal for better communications. For an indoor site, each 1 dB increase in antenna gain results in a range increase of approximately VMG8924-B10A User’s Guide...
Page 379 For a single AP application, place omni-directional antennas as close to the center of the coverage area as possible. For directional antennas, point the antenna in the direction of the desired coverage area. VMG8924-B10A User’s Guide...
Page 380 Appendix D Wireless LANs VMG8924-B10A User’s Guide...
Page 381: Appendix E Ipv6
“private IP address” in IPv4. You can have the same link-local address on multiple interfaces on a device. A link-local unicast address has a predefined prefix of fe80::/10. The link-local unicast address format is as follows. Table 168 Link-local Unicast Address Format 1111 1110 10 Interface ID 10 bits 54 bits 64 bits VMG8924-B10A User’s Guide...
Page 382: Global Address
All DHCP severs on a local site. FF05:0:0:0:0:0:1:3 The following table describes the multicast addresses which are reserved and can not be assigned to a multicast group. Table 170 Reserved Multicast Address MULTICAST ADDRESS FF00:0:0:0:0:0:0:0 FF01:0:0:0:0:0:0:0 FF02:0:0:0:0:0:0:0 FF03:0:0:0:0:0:0:0 FF04:0:0:0:0:0:0:0 FF05:0:0:0:0:0:0:0 FF06:0:0:0:0:0:0:0 FF07:0:0:0:0:0:0:0 VMG8924-B10A User’s Guide...
Page 383 DHCPv6 server uses T1 and T2 to control the time at which the client contacts with the server to extend the lifetimes on any addresses in the IA_NA before the lifetimes expire. After T1, the client sends the server (S1) (from which the addresses in the IA_NA were obtained) a Renew message. If VMG8924-B10A User’s Guide...
Page 384 • Neighbor solicitation: A request from a host to determine a neighbor’s link-layer address (MAC address) and detect if the neighbor is still reachable. A neighbor being “reachable” means it responds to a neighbor solicitation message (from the host) with a neighbor advertisement message. VMG8924-B10A User’s Guide...
Page 385 Done message to the router or switch. The router or switch then sends a group-specific query to the port on which the Done message is received to determine if other devices connected to this port should remain in the group. VMG8924-B10A User’s Guide...
Page 386 Install Dibbler and select the DHCPv6 client option on your computer. After the installation is complete, select Start > All Programs > Dibbler-DHCPv6 > Client Install as service. Select Start > Control Panel > Administrative Tools > Services. VMG8924-B10A User’s Guide...
Page 387 Windows 7 supports IPv6 by default. DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer. To enable IPv6 in Windows 7: Select Control Panel > Network and Sharing Center > Local Area Connection. Select the Internet Protocol Version 6 (TCP/IPv6) checkbox to enable it. Click OK to save the change. VMG8924-B10A User’s Guide...
Page 388 IPv4 Address... : 172.16.100.61 Subnet Mask ... : 255.255.255.0 Default Gateway ..: fe80::213:49ff:feaa:7125%11 172.16.100.254 VMG8924-B10A User’s Guide...
Page 389: Appendix F Services
• If the Protocol is TCP, UDP, or TCP/UDP, this is the IP port number. • If the Protocol is USER, this is the IP protocol number. • Description: This is a brief explanation of the applications that use this service or the situations in which this service is used. VMG8924-B10A User’s Guide...
Page 390 6667 This is another popular Internet chat program. MSN Messenger 1863 Microsoft Networks’ messenger service uses this protocol. NetBIOS TCP/UDP The Network Basic Input/Output System is used for communication between TCP/UDP computers in a LAN. TCP/UDP TCP/UDP VMG8924-B10A User’s Guide...
Page 391 Internet. SMTP enables you to move messages from one e-mail server to another. SMTPS This is a more secure version of SMTP that runs over SSL. SNMP TCP/UDP Simple Network Management Program. SNMP-TRAPS TCP/UDP Traps for use with the SNMP (RFC:1215). VMG8924-B10A User’s Guide...
Page 392 UNIX environments. It operates over TCP/ IP networks. Its primary function is to allow users to log into remote host systems. VDOLIVE 7000 A videoconferencing solution. The UDP port number is specified in the application. user- defined VMG8924-B10A User’s Guide...
Page 394 Industry Canada (IC) CAN ICES-3 (B)/NMB-3(B) This device complies with RSS-210 of the Industry Canada Rules. Operation is subject to the following two conditions: VMG8924-B10A User’s Guide...
Page 395 Any returned products without proof of purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products will be shipped by ZyXEL to the VMG8924-B10A User’s Guide...
Page 396: Safety Warnings
Your product is marked with this symbol, which is known as the WEEE mark. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should not be mixed with general waste. Used electrical and electronic equipment should be treated separately. VMG8924-B10A User’s Guide...
Page 397: Index
Auto Configuration Server, see ACS storage space Certification Authority Certification Authority. see CA certifications notices backup configuration CCMs Basic Service Set, See BSS link trace test Basic Service Set, see BSS loopback test blinking LEDs Broadband VMG8924-B10A User’s Guide...
Page 398 Europe type call service mode Diffie-Hellman key groups Extended Service Set IDentification 74, 83 DiffServ Extended Service Set, See ESS marking rule DiffServ (Differentiated Services) code points marking rule digital IDs FCC interference statement disclaimer file sharing VMG8924-B10A User’s Guide...
Page 399 Neighbor Discovery Protocol Internet Assigned Numbers Authority ping see IANA prefix 46, 69, 381 IBSS prefix delegation IC (Industry Canada) statement prefix length 46, 69, 381 ID type and content unspecified address IEEE 802.11g IEEE 802.1Q iTunes server VMG8924-B10A User’s Guide...
Page 400 265, 269, 279, 285, 305 inside Loop Back Response, see LBR IPSec loopback local outside port forwarding port number services SIP ALG activation traversal NAT example MAC address 84, 111 NCC statement filter 84, 94 negotiation mode MAC authentication VMG8924-B10A User’s Guide...
Page 401 Power Mgmt Add Remote Procedure Calls, see RPCs PPP over Ethernet, see PPPoE reset PPPoE 22, 313 44, 65 Benefits restart PPTP restoring configuration preamble RFC 1058. See RIP. 90, 93 preamble mode RFC 1389. See RIP. prefix delegation VMG8924-B10A User’s Guide...
Page 402 SYN attack identities syslog INVITE request 254, 255 protocol number severity levels OK response system proxy server firmware redirect server version register server passwords servers 25, 26 reset service domain status user agent SIP ALG wireless LAN activation VMG8924-B10A User’s Guide...
Page 403 WEP Encryption 76, 78 installation WEP encryption NAT traversal WEP key USA type call service mode Wi-Fi Protected Access USB features wireless client WPA supplicants Wireless Distribution System, see WDS wireless LAN 71, 92 authentication 93, 95 VMG8924-B10A User’s Guide...
Page 404 WLAN interference security parameters 95, 375 key caching pre-authentication user authentication vs WPA-PSK wireless client supplicant with RADIUS application example WPA2 user authentication vs WPA2-PSK wireless client supplicant with RADIUS application example WPA2-Pre-Shared Key WPA2-PSK application example VMG8924-B10A User’s Guide...

ZyXEL Communications vmg8924-b10a User Manual

Contents Overview

Table of Contents

User's Guide

PART I User's Guide

Chapter 1 Introducing the Device

Chapter 2 The Web Configurator

Chapter 3 Quick Start

Technical Reference

Part II: Technical Reference

Chapter 4 Network Map and Status Screens

Chapter 5 Broadband

Chapter 6 Wireless

Chapter 7 Home Networking

Chapter 8 Routing

Chapter 9

Quality of Service (Qos)

Chapter 10 Network Address Translation (NAT)

Chapter 11 Dynamic DNS Setup

Chapter 12 Interface Group

Chapter 13 USB Service

Chapter 14 Power Management

Chapter 15 Firewall

Chapter 16 MAC Filter

Chapter 17 Parental Control

Chapter 18 Scheduler Rule

Chapter 19 Certificates

Chapter 20 VPN

Chapter 21 Voice

Chapter 22 Log

Chapter 23 Traffic Status

Chapter 24 Voip Status

Chapter 25 ARP Table

Chapter 26 Routing Table

Chapter 27 IGMP/MLD Status

Chapter 28 Xdsl Statistics

Chapter 29 3G Statistics

Chapter 30 User Account

Chapter 31 Remote Management

Chapter 32 TR-069 Client

Quick Links

Related Manuals for ZyXEL Communications vmg8924-b10a

Summary of Contents for ZyXEL Communications vmg8924-b10a