1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Wireless Access Point
  5. P-3202HN-Ba
  6. User manual

ZyXEL Communications P-3202HN-Ba User Manual

802.11n gpon voip iad
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
P-3202HN-Ba
802.11N GPON VoIP IAD
Default Login Details
IP Address
192.168.1.1
User Name
admin
Password
1234
Version 1.0
www.zyxel.com
Edition 1, 12/2009
www.zyxel.com
Copyright © 2009
ZyXEL Communications Corporation

Advertisement

Table of Contents
loading

Related Manuals for ZyXEL Communications P-3202HN-Ba

Summary of Contents for ZyXEL Communications P-3202HN-Ba

  • Page 1 P-3202HN-Ba 802.11N GPON VoIP IAD Default Login Details IP Address 192.168.1.1 User Name admin Password 1234 Version 1.0 www.zyxel.com Edition 1, 12/2009 www.zyxel.com Copyright © 2009 ZyXEL Communications Corporation...
  • Page 3 Refer to the included CD for support documents. Documentation Feedback Send your comments, questions or suggestions to: techwriters@zyxel.com.tw Thank you! The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 30099, Taiwan. Need More Help? More help is available at www.zyxel.com.
  • Page 4 About This User's Guide • Download Library Search for the latest product updates and documentation from this link. Read the Tech Doc Overview to find out how to efficiently use the documentation in order to better understand how to use your product. •...

  • Page 5: Document Conventions

    Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. Warnings tell you about things that could harm you or your device. Note: Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.
  • Page 6 Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The IAD icon is not an exact representation of your device. Computer Notebook computer Server DSLAM Firewall Telephone Switch Router IAD User’s Guide...

  • Page 7: Safety Warnings

    Safety Warnings Safety Warnings • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store things on the device. •...
  • Page 8 Safety Warnings IAD User’s Guide...
  • Page 9 Contents Overview Contents Overview User’s Guide ........................... 19 Introduction ..........................21 The Web Configurator ....................... 29 Tutorials ............................. 35 Technical Reference ......................39 Status Screens .......................... 41 Device Mode Screen ......................... 51 WAN ............................55 LAN Setup ..........................59 Wireless LAN ..........................69 Network Address Translation (NAT) ..................
  • Page 10 Contents Overview IAD User’s Guide...
  • Page 11 Table of Contents Table of Contents About This User's Guide ......................3 Document Conventions......................5 Safety Warnings........................7 Contents Overview ........................9 Table of Contents........................11 Part I: User’s Guide................19 Chapter 1 Introduction ..........................21 1.1 Overview ..........................21 1.2 Managing the IAD ........................
  • Page 12 Table of Contents 3.1 Overview ..........................35 3.2 Getting Starting with the IAD ....................35 3.3 Placing Phone Calls Over the Internet ................36 Part II: Technical Reference ..............39 Chapter 4 Status Screens ........................41 4.1 Overview ..........................41 4.2 Status Screen ........................
  • Page 13 Table of Contents 8.1 Overview ..........................69 8.1.1 What You Can Do in this Chapter ................69 8.2 What You Need to Know ...................... 70 8.3 Before You Begin ......................... 72 8.4 The General Screen ......................73 8.4.1 No Security ......................... 75 8.4.2 WEP Encryption ......................
  • Page 14 Table of Contents Chapter 10 Voice............................117 10.1 Introduction ........................117 10.1.1 What You Need to Know ..................117 10.2 SIP Service Provider ......................118 10.2.1 Advanced SIP Settings ..................120 10.3 SIP Account ........................122 10.3.1 Advanced Account Settings ................... 123 10.4 Analog Phone ......................... 125 10.5 Speed Dial ........................
  • Page 15 Table of Contents Chapter 13 Static Route ........................... 159 13.1 Overview ........................159 13.1.1 What You Can Do in this Chapter ................159 13.2 The Static Route Screen ....................160 13.2.1 Static Route Edit ....................161 Chapter 14 Quality of Service (QoS)....................... 163 14.1 Overview .........................
  • Page 16 Table of Contents 16.7 The ICMP Screen ......................192 16.8 SSH ..........................193 16.9 How SSH Works ......................194 16.10 SSH Implementation on the IAD ..................195 16.10.1 Requirements for Using SSH ................195 16.11 The SSH Screen ......................195 Chapter 17 Universal Plug-and-Play (UPnP)..................
  • Page 17 Table of Contents 21.2 General ........................... 223 Chapter 22 Troubleshooting........................225 22.1 Overview .......................... 225 22.2 Power, Hardware Connections, and LEDs ..............225 22.3 IAD Access and Login ..................... 226 22.4 Internet Access ........................ 227 22.5 Phone Calls and VoIP ...................... 228 Chapter 23 Product Specifications ......................
  • Page 18 Table of Contents IAD User’s Guide...

  • Page 19: User's Guide

    User’s Guide...

  • Page 21: Introduction

    H A P T E R Introduction 1.1 Overview This device is an Integrated Access Device (IAD) which combines high-speed fiber optic (G-PON) Internet access, a built-in switch, wireless networking capability and Voice over IP (VoIP) technology to allow you to use an analog telephone to make phone calls over the Internet.
  • Page 22 Chapter 1 Introduction • Back up the configuration (and make sure you know how to restore it). Restoring an earlier working configuration may be useful if the device becomes unstable or even crashes. If you forget your password, you will have to reset the IAD to its factory default settings.

  • Page 23: Wireless Connection

    Chapter 1 Introduction 1.4.2 Internet Calls (VoIP) You can register up to 2 SIP (Session Initiation Protocol) accounts and use the IAD to make and receive VoIP telephone calls: Figure 2 VoIP Applicarion • Peer-to-Peer calls (A) - Use the IAD to make a call to the recipient’s IP address without using a SIP proxy server.
  • Page 24 Chapter 1 Introduction 1.4.3.1 The WPS/WLAN Button You can use the WPS/WLAN button on the top of the device to turn the wireless LAN off or on. You can also use it to activate WPS in order to quickly set up a wireless network with strong security.

  • Page 25: Using The Reset Button

    Chapter 1 Introduction and streaming video/audio media, all at the same time with no noticeable loss in bandwidth. Figure 4 Triple Play Example 1.5 The Reset Button If you forget your password or cannot access the web configurator, you will need to use the RESET button at the back of the device to reload the factory-default configuration file.
  • Page 26 Chapter 1 Introduction 1.6 LEDs (Lights) The following graphic displays the labels of the LEDs. Figure 5 LEDs on the Top Panel None of the LEDs are on if the IAD is not receiving power. Table 1 LED Descriptions COLOR STATUS DESCRIPTION POWER Green...
  • Page 27 Chapter 1 Introduction Table 1 LED Descriptions COLOR STATUS DESCRIPTION INTERNET Green The IAD has an IP connection but no traffic. Your device has a WAN IP address (either static or assigned by a DHCP server), PPP negotiation was successfully completed (if used) and the DSL connection is up.
  • Page 28 Chapter 1 Introduction IAD User’s Guide...

  • Page 29: The Web Configurator

    H A P T E R The Web Configurator 2.1 Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later or Firefox 2.0 and later versions. The recommended screen resolution is 1024 by 768 pixels.
  • Page 30 Chapter 2 The Web Configurator A password screen displays. Enter your user name and password. The default user name is admin and the default password is 1234. Click Login. Figure 6 Password Screen The following screen displays if you have not yet changed your password. It is strongly recommended you change the default password.

  • Page 31: Title Bar

    Chapter 2 The Web Configurator 2.2 Web Configurator Main Screen The main screen is divided into these parts: Figure 8 Main Screen • A - title bar • B - navigation panel • C - main window • D - status bar 2.2.1 Title Bar The title bar allows you to change the language and provides some icons in the upper right corner.

  • Page 32: Navigation Panel

    Chapter 2 The Web Configurator 2.2.2 Navigation Panel Use the menu items on the navigation panel to open screens to configure IAD features. The following tables describe each menu item. Table 3 Navigation Panel Summary LINK FUNCTION Status This screen shows the IAD’s general device and network status information.
  • Page 33 Chapter 2 The Web Configurator Table 3 Navigation Panel Summary LINK FUNCTION Static Route Static Route Use this screen to configure IP static routes to tell your device about networks beyond the directly connected remote nodes. Bandwidth General Use this screen to enable QoS and configure bandwidth MGMT management on the WAN.

  • Page 34: Main Window

    Chapter 2 The Web Configurator 2.2.3 Main Window The main window displays information and configuration fields. It is discussed in the rest of this document. Right after you log in, the Status screen is displayed. See Chapter 4 on page 41 for more information about the Status screen.

  • Page 35: Tutorials

    H A P T E R Tutorials 3.1 Overview This chapter introduces you to some basic networking and Voice over IP (VoIP) concepts as well as how to configure your IAD for specific functions. 3.2 Getting Starting with the IAD This quick overview provides pointers on where in this User’s Guide you can go to get started with configuring and using the IAD.
  • Page 36 Chapter 3 Tutorials 3.3 Placing Phone Calls Over the Internet The IAD allows you to plug an analog phone into it and place calls over the Internet as if you were using an IP Phone or a SIP phone. Making Internet phone calls requries that first have a SIP account set up with either your ISP (if they provide such a service) with...
  • Page 37 Chapter 3 Tutorials Click VoIP > SIP > SIP Account to enter your SIP account information: SIP Account Selector - The IAD allows you to set up multiple SIP accounts. The first time you do this, you won’t need to make a selection but in the future if you set up additional SIP accounts this is where you choose the one to configure.
  • Page 38 Chapter 3 Tutorials Select a phone from the Phone Port Settings list, then select a SIP Account to use for all outgoing calls. The phone you choose corresponds to one of two phones physically connected to your IAD. For Incoming Calls, you can assign multiple SIP accounts to a single phone. This means any call sent to the selected SIP account is forwarded to the phone chosen in Phone Port Settings.

  • Page 39: Technical Reference

    Technical Reference...

  • Page 41: Status Screens

    H A P T E R Status Screens 4.1 Overview Use the Status screens to look at the current status of the device, system resources, interfaces (LAN and WAN), and SIP accounts. You can also register and unregister SIP accounts. IAD User’s Guide...

  • Page 42: Status Screen

    Chapter 4 Status Screens 4.2 Status Screen Click Status to open this screen. The screen varies slightly depending on the IAD’s device mode. See Chapter 5 on page 51 for more information. Figure 9 Status Screen (Bridge Mode) IAD User’s Guide...
  • Page 43 Chapter 4 Status Screens Figure 10 Status Screen (Hybrid Mode) Each field is described in the following table. Table 4 Status Screen LABEL DESCRIPTION Refresh Interval Enter how often you want the IAD to update this screen. Apply Click this to update this screen immediately. Device Information Host Name...
  • Page 44 Chapter 4 Status Screens Table 4 Status Screen LABEL DESCRIPTION Firmware This field displays the current version of the firmware inside the device. Version It also shows the date the firmware version was created. Click this to go to the screen where you can change it. Information IP Address This field displays the current IP address of the IAD in the WAN.
  • Page 45 Chapter 4 Status Screens Table 4 Status Screen LABEL DESCRIPTION System This field displays how long the IAD has been running since it last Uptime started up. The IAD starts up when you plug it in, when you restart it (Maintenance >...
  • Page 46 Chapter 4 Status Screens Table 4 Status Screen LABEL DESCRIPTION Registration This field displays the current registration status of the SIP account. You have to register SIP accounts with a SIP server to use VoIP. If the SIP account is already registered with the SIP server, •...
  • Page 47 Chapter 4 Status Screens Table 4 Status Screen LABEL DESCRIPTION Associate This field displays the VoIP service provider’s name that you specified in Service the VoIP > SIP > SIP Service Provider screen. Provider Name This field displays the account number and service domain of the SIP account.
  • Page 48 Chapter 4 Status Screens Table 5 VoIP Status LABEL DESCRIPTION Registration This field displays the current registration status of the SIP account. You can change this in the Status screen. Registered - The SIP account is registered with a SIP server. Error - The last time the IAD tried to register the SIP account with the SIP server, the attempt failed.

  • Page 49: Wlan Status

    Chapter 4 Status Screens Table 5 VoIP Status LABEL DESCRIPTION Phone This field displays each phone port in the IAD. Outgoing This field displays the SIP number that you use to make calls on this Number phone port. Incomming This field displays the SIP number that you use to receive calls on this Number phone port.
  • Page 50 Chapter 4 Status Screens IAD User’s Guide...

  • Page 51: Device Mode Screen

    H A P T E R Device Mode Screen 5.1 Overview The Status screen lets you configure whether the IAD is a router or bridge. You can choose between Hybride Mode and Bridge Mode depending on your network topology and the features you require from your IAD. See Section 1.4 on page 22 for more information on which mode to choose.
  • Page 52 Chapter 5 Device Mode Screen IP address to be in the same subnet as the IAD since the DHCP server is also disabled on the IAD in bridge mode. Figure 14 IP Addresses in Bridge Mode 192.168.1.x 192.168.1.1 IP Address Assigned by ISP 5.2 Device Mode Screen Click Device >...
  • Page 53 Chapter 5 Device Mode Screen Table 7 Hybrid and Bridge Modes Features Comparison FEATURE HYBRID MODE BRIDGE MODE Phone Book VoIP Status Firewall Static Route Bandwidth MGMT Dynamic DNS Remote MGMT System Logs Tools Diagnostic Table Key: A Y in a mode’s column shows that the device mode has the specified feature.
  • Page 54 Chapter 5 Device Mode Screen IAD User’s Guide...
  • Page 55 H A P T E R 6.1 Overview This chapter describes how to configure WAN settings. A WAN (Wide Area Network) is an outside connection to another network or the Internet. 6.1.1 What You Need to Know The following terms and concepts may help as you read through the chapter. Encapsulation Be sure to use the encapsulation method required by your ISP.
  • Page 56 Chapter 6 WAN IP Address Assignment A static IP is a fixed IP that your ISP gives you. A dynamic IP is not fixed; the ISP assigns you a different one each time. The Single User Account feature can be enabled or disabled if you have either a dynamic or static IP.
  • Page 57 Chapter 6 WAN Figure 17 Internet Access Setup - IP The following table describes the labels in this screen. Table 8 Internet Access Setup LABEL DESCRIPTION General Encapsulation Select the method of encapsulation used by your ISP from the drop- down list box User Name Enter the user name exactly as your ISP assigned.
  • Page 58 Chapter 6 WAN Table 8 Internet Access Setup (continued) LABEL DESCRIPTION First DNS Server Select FromISP if your ISP dynamically assigns DNS server information (and the IAD's WAN IP address) and you select Obtain Second DNS an IP Address Automatically. Server Select UserDefined if you have the IP address of a DNS server.

  • Page 59: Lan Setup

    H A P T E R LAN Setup This chapter describes how to configure LAN settings. 7.1 LAN Overview A Local Area Network (LAN) is a shared communication system to which many computers are attached. A LAN is a computer network limited to the immediate area, usually the same building or floor of a building.

  • Page 60: Ip Pool Setup

    Chapter 7 LAN Setup configure the IAD as a DHCP server or disable it. When configured as a server, the IAD provides the TCP/IP configuration for the clients. If you turn DHCP service off, you must have another DHCP server on your LAN, or else the computer must be manually configured.

  • Page 61: Ip Address And Subnet Mask

    Chapter 7 LAN Setup 7.3.1 IP Address and Subnet Mask Similar to the way houses on a street share a common street name, so too do computers on a LAN share one common network number. Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
  • Page 62 Chapter 7 LAN Setup your local networks. On the other hand, if you are part of a much larger organization, you should consult your network administrator for the appropriate IP addresses. Note: Regardless of your particular situation, do not create an arbitrary IP address; always follow the guidelines above.
  • Page 63 Chapter 7 LAN Setup assigned to any group and is used by IP multicast computers. The address 224.0.0.1 is used for query messages and is assigned to the permanent group of all IP hosts (including gateways). All hosts must join the 224.0.0.1 group in order to participate in IGMP.
  • Page 64 Chapter 7 LAN Setup The following table describes the fields in this screen. Table 9 LAN IP & DHCP LABEL DESCRIPTION LAN TCP/IP IP Address Enter the LAN IP address you want to assign to your IAD in dotted decimal notation, for example, 10.0.0.138 (factory default). IP Subnet Mask Type the subnet mask of your network in dotted decimal notation, for example 255.255.255.0 (factory default).
  • Page 65 Chapter 7 LAN Setup Table 9 LAN IP & DHCP (continued) LABEL DESCRIPTION First DNS Server Select FromISP if your ISP dynamically assigns DNS server information (and the IAD's WAN IP address). Second DNS Server Select UserDefined if you have the IP address of a DNS server. Enter the DNS server's IP address in the field to the right.
  • Page 66 Chapter 7 LAN Setup DHCP server. Use this screen to view IP addresses on the LAN assigned to specific individual computers based on their MAC Addresses. Figure 20 LAN Client List The following table describes the labels in this screen. Table 10 LAN Client List LABEL DESCRIPTION...
  • Page 67 Chapter 7 LAN Setup The following figure shows a LAN divided into subnets A, B, and C. Figure 21 Physical Network & Partitioned Logical Networks A: 192.168.1.1 - 192.168.1.24 Ethernet B: 192.168.2.1 - 192.168.2.24 Interface C: 192.168.3.1 - 192.168.3.24 Click Network > LAN > IP Alias to open the following screen. Use this screen to change your IAD’s IP alias settings.
  • Page 68 Chapter 7 LAN Setup IAD User’s Guide...

  • Page 69: Wireless Lan

    H A P T E R Wireless LAN 8.1 Overview This chapter describes how to perform tasks related to setting up and optimizing your wireless network, including the following. • Turning the wireless connection on or off. • Configuring a name, wireless channel and security for the network. •...
  • Page 70 Chapter 8 Wireless LAN • The WDS screen lets you set up a Wireless Distribution System, in which the IAD acts as a bridge with other ZyXEL access points (Section 8.8 on page 86). • The Advanced Setup screen lets you change the wireless mode, and make other advanced wireless configuration changes (Section 8.9 on page 88).
  • Page 71 Chapter 8 Wireless LAN networks’ coverage areas overlap and you have a variety of networks to choose from. Radio Channels In the radio spectrum, there are certain frequency bands allocated for unlicensed, civilian use. For the purposes of wireless networking, these bands are divided into numerous channels.

  • Page 72: Before You Begin

    Chapter 8 Wireless LAN A good way to come up with effective security keys, passwords and so on is to use obscure information that you personally will easily remember, and to enter it in a way that appears random and does not include real words. For example, if your mother owns a 1970 Dodge Challenger and her favorite movie is Vanishing Point (which you know was made in 1971) you could use “70dodchal71vanpoi”...
  • Page 73 Chapter 8 Wireless LAN 8.4 The General Screen Note: If you are configuring the IAD from a computer connected to the wireless LAN and you change the IAD’s SSID or security settings, you will lose your wireless connection when you press Apply to confirm. You must then change the wireless settings of your computer to match the IAD’s new settings.
  • Page 74 Chapter 8 Wireless LAN Table 12 Network > Wireless LAN > General LABEL DESCRIPTION Bandwidth Select whether the IAD uses a wireless channel width of 20MHz or 40MHz. A standard 20MHz channel offers transfer speeds of up to 150Mbps whereas a 40MHz channel uses two standard channels and offers speeds of up to 300 Mbps.
  • Page 75 Chapter 8 Wireless LAN 8.4.1 No Security Select No Security to allow wireless devices to communicate with the access points without any data encryption or authentication. Note: If you do not enable any wireless security on your IAD, your network is accessible to any wireless networking device that is within range.

  • Page 76: Wep Encryption

    Chapter 8 Wireless LAN 8.4.2 WEP Encryption In order to configure and enable WEP encryption; click Network > Wireless LAN to display the General screen. Select WEP from the Security Mode list. Figure 25 Wireless LAN > General: Static WEP Encryption The following table describes the wireless LAN security labels in this screen.
  • Page 77 Chapter 8 Wireless LAN Table 14 Network > Wireless LAN > General: Static WEP Encryption LABEL DESCRIPTION WEP (Wired Equivalent Privacy) provides data encryption to prevent Encryption unauthorized wireless stations from accessing data transmitted over the wireless network. Select 64-bit or 128-bit to enable data encryption. Key 1 to Key The WEP key is used to secure your data from eavesdropping by unauthorized wireless users.
  • Page 78 Chapter 8 Wireless LAN The following table describes the wireless LAN security labels in this screen. Table 15 Wireless LAN > General: WPA(2)-PSK LABEL DESCRIPTION Auto Generate This field is only available for WPA-PSK. Select this option to have the IAD automatically generate an SSID and pre-shared key.
  • Page 79 Chapter 8 Wireless LAN Note: If you select WPA or WPA2 in the Wireless LAN > General screen, the WDS and WPS features are not available on the IAD. Figure 27 Wireless LAN > General: WPA(2) The following table describes the wireless LAN security labels in this screen. Table 16 Wireless LAN >...

  • Page 80: Mac Filter

    Chapter 8 Wireless LAN Table 16 Wireless LAN > General: WPA(2) LABEL DESCRIPTION WPA2 This field is available only when you select WPA2. Preauthenticatio Pre-authentication enables fast roaming by allowing the wireless client (already connecting to an AP) to perform IEEE 802.1x authentication with another AP before connecting to it.
  • Page 81 Chapter 8 Wireless LAN Use this screen to change your IAD’s MAC filter settings. Click the Edit button in the Wireless LAN > General screen. The following screen displays. Figure 28 Wireless LAN > MAC Filter The following table describes the labels in this screen. Table 17 Wireless LAN >...
  • Page 82 Chapter 8 Wireless LAN The following table describes the labels in this screen. Table 18 Wireless LAN > MAC Filter > Add LABEL DESCRIPTION Enter the MAC addresses of the wireless devices that are allowed or denied Address access to the IAD in these address fields. Enter the MAC addresses in a valid MAC address format, that is, six hexadecimal character pairs, for example, 12:34:56:78:9a:bc.
  • Page 83 Chapter 8 Wireless LAN Table 19 Network > Wireless LAN > More AP LABEL DESCRIPTION Apply Click Apply to save your changes back to the IAD. Reset Click Reset to reload the previous configuration for this screen. 8.5.1 More AP Edit Use this screen to edit an SSID profile.
  • Page 84 Chapter 8 Wireless LAN Click Network > Wireless LAN >WPS. The following screen displays. Figure 32 Network > Wireless LAN > WPS The following table describes the labels in this screen. Table 20 Network > Wireless LAN > WPS LABEL DESCRIPTION WPS Setup Enable WPS...
  • Page 85 Chapter 8 Wireless LAN 8.7 The WPS Station Screen Use this screen to set up a WPS wireless network using either Push Button Configuration (PBC) or PIN Configuration. Note: If you select No Security in the Wireless LAN > General screen and click Push Button in the WPS Station screen, the IAD automatically changes to use WPA-PSK/WPA2-PSK mixed mode and generates a pre-shared key.
  • Page 86 Chapter 8 Wireless LAN 8.8 The WDS Screen A Wireless Distribution System (WDS) is a wireless connection between two or more APs. Use this screen to set up your WDS links between the IADs. You need to know the MAC address of the peer device. Once the security settings of peer sides match one another, the connection between the devices is made.
  • Page 87 Chapter 8 Wireless LAN The following table describes the labels in this screen. Table 22 Network > Wireless LAN > WDS LABEL DESCRIPTION Operating Mode Select the operating mode for your IAD. • Access Point + Bridge - The IAD functions as a bridge and access point simultaneously.
  • Page 88 Chapter 8 Wireless LAN 8.9 The Advanced Setup Screen To configure advanced wireless settings, click Network > Wireless LAN > Advanced Setup. The screen appears as shown. Figure 35 Wireless LAN > Advanced Setup The following table describes the labels in this screen. Table 23 Wireless LAN >...
  • Page 89 Chapter 8 Wireless LAN Table 23 Wireless LAN > Advanced Setup LABEL DESCRIPTION 802.11 Mode Select 802.11b Only to only allow IEEE 802.11b compliant WLAN devices to associate with the IAD. Select 802.11g Only to allow IEEE 802.11g compliant WLAN devices to associate with the IAD.
  • Page 90 Chapter 8 Wireless LAN 8.10.1 Wireless Network Overview The following figure provides an example of a wireless network. Figure 36 Example of a Wireless Network The wireless network is the part in the blue circle. In this wireless network, devices A and B use the access point (AP) to interact with the other devices (such as the printer) or with the Internet.

  • Page 91: Additional Wireless Terms

    Chapter 8 Wireless LAN 8.10.2 Additional Wireless Terms The following table describes some wireless network terms and acronyms used in the IAD’s Web Configurator. Table 24 Additional Wireless Terms TERM DESCRIPTION RTS/CTS Threshold In a wireless network which covers a large area, wireless devices are sometimes not aware of each other’s presence.

  • Page 92: User Authentication

    Chapter 8 Wireless LAN characters ; for example, 00A0C5000002 or 00:A0:C5:00:00:02. To get the MAC address for each device in the wireless network, see the device’s User’s Guide or other documentation. You can use the MAC address filter to tell the IAD which devices are allowed or not allowed to use the wireless network.

  • Page 93: Wifi Protected Setup

    Chapter 8 Wireless LAN The types of encryption you can choose depend on the type of authentication. (See Section 8.10.3.3 on page 92 for information about this.) Table 25 Types of Encryption for Each Type of Authentication NO AUTHENTICATION RADIUS SERVER Weakest No Security Static WEP...
  • Page 94 Chapter 8 Wireless LAN between two devices. Both devices must support WPS (check each device’s documentation to make sure). Depending on the devices you have, you can either press a button (on the device itself, or in its configuration utility) or enter a PIN (a unique Personal Identification Number that allows one device to authenticate the other) in each of the two devices.
  • Page 95 Chapter 8 Wireless LAN Use the PIN method instead of the push-button configuration (PBC) method if you want to ensure that the connection is established between the devices you specify, not just the first two devices to activate WPS in range of each other. However, you need to log into the configuration interfaces of both devices to use the PIN method.
  • Page 96 Chapter 8 Wireless LAN The following figure shows a WPS-enabled wireless client (installed in a notebook computer) connecting to the WPS-enabled AP via the PIN method. Figure 37 Example WPS Process: PIN Method ENROLLEE REGISTRAR This device’s WPS PIN: 123456 Enter WPS PIN from other device: START...
  • Page 97 Chapter 8 Wireless LAN The following figure shows a WPS-enabled client (installed in a notebook computer) connecting to a WPS-enabled access point. Figure 38 How WPS works ACTIVATE ACTIVATE WITHIN 2 MINUTES WPS HANDSHAKE REGISTRAR ENROLLEE SECURE TUNNEL SECURITY INFO COMMUNICATION The roles of registrar and enrollee last only as long as the WPS setup process is active (two minutes).
  • Page 98 Chapter 8 Wireless LAN 8.10.4.4 Example WPS Network Setup This section shows how security settings are distributed in an example WPS setup. The following figure shows an example network. In step 1, both AP1 and Client 1 are unconfigured. When WPS is activated on both, they perform the handshake. In this example, AP1 is the registrar, and Client 1 is the enrollee.
  • Page 99 Chapter 8 Wireless LAN point. However, you know that Client 2 supports the registrar function, so you use it to perform the WPS handshake instead. Figure 41 WPS: Example Network Step 3 EXISTING CONNECTION CLIENT 1 REGISTRAR CLIENT 2 ENROLLEE 8.10.4.5 Limitations of WPS WPS has some limitations of which you should be aware.
  • Page 100 Chapter 8 Wireless LAN • When you use the PBC method, there is a short period (from the moment you press the button on one device to the moment you press the button on the other device) when any WPS-enabled device could join the network. This is because the registrar has no way of identifying the “correct”...

  • Page 101: Network Address Translation (Nat)

    H A P T E R Network Address Translation (NAT) Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network.
  • Page 102 Chapter 9 Network Address Translation (NAT) packet is in the local network, while the global address refers to the IP address of the host when the same packet is traveling in the WAN side. In the simplest form, NAT changes the source IP address in a packet received from a subscriber (the inside local address) to another (the inside global address) before forwarding the packet to the WAN side.
  • Page 103 Chapter 9 Network Address Translation (NAT) Click Network > NAT to open the following screen. Figure 42 Network > NAT > General The following table describes the labels in this screen. Table 26 Network > NAT > General LABEL DESCRIPTION Active Select this check box to enable NAT.
  • Page 104 Chapter 9 Network Address Translation (NAT) Port Forwarding Screen Note: This screen is available only when you select SUA only in the NAT > General screen. Use the Port Forwarding screen to forward incoming service requests to the server(s) on your local network. You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server.
  • Page 105 Chapter 9 Network Address Translation (NAT) addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 43 Multiple Servers Behind NAT Example A=192.168.1.33 B=192.168.1.34 192.168.1.1 IP Address assigned by ISP D=192.168.1.36 C=192.168.1.35 9.3.1 Configuring the Port Forwarding Screen...
  • Page 106 Chapter 9 Network Address Translation (NAT) Table 27 Network > NAT > Port Forwarding LABEL DESCRIPTION Port Forwarding Service Name Select a service from the drop-down list box. Server IP Enter the IP address of the server for the specified service. Address Click this button to add a rule to the table below.
  • Page 107 Chapter 9 Network Address Translation (NAT) 9.3.2 Port Forwarding Rule Edit Screen Use this screen to edit a port forwarding rule. Select User define in the Service Name field of the Port Forwarding screen or click an existing rule’s edit icon in the Port Forwarding screen to display the screen shown next.
  • Page 108 Chapter 9 Network Address Translation (NAT) Table 28 Network > NAT > Port Forwarding: Edit (continued) LABEL DESCRIPTION Port Enter the port number here to which you want the IAD to translate the Translation incoming port. Start Port For a range of ports, enter the first number of the range to which you want the incoming ports translated.
  • Page 109 Chapter 9 Network Address Translation (NAT) The following table describes the fields in this screen. Table 29 Network > NAT > Address Mapping LABEL DESCRIPTION This is the rule index number. Local Start IP This is the starting Inside Local IP Address (ILA). Local IP addresses are - for Server port mapping.
  • Page 110 Chapter 9 Network Address Translation (NAT) 9.4.1 Address Mapping Rule Edit Screen To edit an address mapping rule, click the rule’s edit icon in the Address Mapping screen to display the screen shown next. Figure 47 Network > NAT > Address Mapping: Edit The following table describes the fields in this screen.
  • Page 111 Chapter 9 Network Address Translation (NAT) Table 30 Network > NAT > Address Mapping: Edit (continued) LABEL DESCRIPTION Server Only available when Type is set to Server. Mapping Set Select a number from the drop-down menu to choose a port forwarding set.
  • Page 112 Chapter 9 Network Address Translation (NAT) 9.6 NAT Technical Reference This chapter contains more information regarding NAT. 9.6.1 NAT Definitions Inside/outside denotes where a host is located relative to the IAD, for example, the computers of your subscribers are the inside hosts, while the web servers on the Internet are the outside hosts.
  • Page 113 Chapter 9 Network Address Translation (NAT) outside world. If you do not define any servers (for Many-to-One and Many-to- Many Overload mapping – see Table 33 on page 115), NAT offers the additional benefit of firewall protection. With no servers defined, your IAD filters out all incoming inquiries, thus preventing intruders from probing your network.
  • Page 114 Chapter 9 Network Address Translation (NAT) 9.6.4 NAT Application The following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP alias) behind the IAD can communicate with three distinct WAN networks. Figure 50 NAT Application With IP Alias Corporation B Corporation A Server in...
  • Page 115 Chapter 9 Network Address Translation (NAT) • Many to Many Overload: In Many-to-Many Overload mode, the IAD maps the multiple local IP addresses to shared global IP addresses. • Many-to-Many No Overload: In Many-to-Many No Overload mode, the IAD maps each local IP address to a unique global IP address. •...
  • Page 116 Chapter 9 Network Address Translation (NAT) The following example has two web servers on a LAN. Server A uses IP address 192.168.1.33 and server B uses 192.168.1.34. Both servers use port 80. The letters a.b.c.d represent the WAN port’s IP address. The IAD translates port 8080 of traffic received on the WAN port (IP address a.b.c.d) to port 80 and sends it to server A (IP address 192.168.1.33).

  • Page 117: Voice

    H A P T E R Voice 10.1 Introduction This chapter provides background information on VoIP and SIP and explains how to configure your device’s voice settings. VoIP is the sending of voice signals over Internet Protocol. This allows you to make phone calls and send faxes over the Internet at a fraction of the cost of using the traditional circuit-switched telephone network.
  • Page 118 Chapter 10 Voice address identifies an e-mail account. The format of a SIP identity is SIP- Number@SIP-Service-Domain. SIP Number The SIP number is the part of the SIP URI that comes before the “@” symbol. A SIP number can use letters like in an e-mail address (johndoe@your-ITSP.com for example) or numbers like a telephone number (1122334455@VoIP-provider.com for example).
  • Page 119 Chapter 10 Voice Each field is described in the following table. Table 34 VoIP > SIP > SIP Service Provider LABEL DESCRIPTION Server Profile Selection SIP Service Enter your SIP service provider’s name, using up to 256 printable Provider English-keyboard characters. Name Active Select this to make use these settings for all SIP phone calls.
  • Page 120 Chapter 10 Voice 10.2.1 Advanced SIP Settings Use this screen to maintain advanced settings for each SIP account. Click Advanced in VoIP > SIP > SIP Service Provider. The following screen displays. Figure 53 SIP Service Provider > Advanced Each field is described in the following table. Table 35 SIP Service Provider >...
  • Page 121 Chapter 10 Voice Table 35 SIP Service Provider > Advanced (continued) LABEL DESCRIPTION Min-SE Enter the minimum number of seconds the IAD accepts for a session expiration time when it receives a request to start a SIP session. If the request has a shorter time, the IAD rejects it.
  • Page 122 Chapter 10 Voice 10.3 SIP Account Use this screen to set up your basic SIP account information. Click VoIP > SIP > SIP Account to display this screen. Figure 54 VoIP > SIP > SIP Account Each field is described in the following table. Table 36 VoIP >...
  • Page 123 Chapter 10 Voice 10.3.1 Advanced Account Settings Use this screen to maintain advanced settings for each SIP account. Click Advanced in VoIP > SIP > SIP Account. The following screen displays. Figure 55 SIP Account > Advanced IAD User’s Guide...
  • Page 124 Chapter 10 Voice Each field is described in the following table. Table 37 SIP Account > Advanced LABEL DESCRIPTION Voice Feature Primary Select the type of voice coder/decoder (codec) that you want the Compression IAD to use. Type G.711 provides high voice quality but requires more bandwidth (64 kbps).
  • Page 125 Chapter 10 Voice 10.4 Analog Phone Use this screen to link the IAD’s analog phone ports with one or more SIP accounts to handle outgoing and incoming calls. Click VoIP > Phone. The following screen displays. Figure 56 Phone > Analog Phone Each field is described in the following table.
  • Page 126 Chapter 10 Voice 10.5 Speed Dial Speed dial provides shortcuts for dialing frequently used (VoIP) phone numbers. You also have to create speed-dial entries if you want to make peer-to-peer calls or call SIP numbers that contain letters. Once you have configured a speed dial rule, you can use a shortcut (the speed dial number, #01 for example) on your phone's keypad to call the phone number.
  • Page 127 Chapter 10 Voice Table 39 Phone Book > Speed Dial (continued) LABEL DESCRIPTION This field displays the speed-dial number you should dial to use this entry. Number This field displays the SIP number the IAD calls when you dial the speed-dial number.
  • Page 128 Chapter 10 Voice IAD User’s Guide...

  • Page 129: Phone Usage

    H A P T E R Phone Usage 11.1 Overview This chapter describes how to use a phone connected to your IAD for basic tasks. Note: Not all service providers support all features. 11.2 Dialing a Telephone Number The PHONE LED turns green when your SIP account is registered. Dial a SIP number like “12345”...
  • Page 130 Chapter 11 Phone Usage Pick up another phone’s receiver. Press “#97#” followed by the same number you entered before to continue the call. 11.5 Checking the IAD’s IP Address Do the following to listen to the IAD’s current IP address. Pick up your phone’s receiver.
  • Page 131 Chapter 11 Phone Usage 11.7 Phone Services Overview Supplementary services such as call hold, call waiting, call transfer, etc. are generally available from your VoIP service provider. The IAD supports the following services: • Call Hold • Call Waiting • Making a Second Call •...
  • Page 132 Chapter 11 Phone Usage After pressing the flash key, if you do not issue the sub-command before the default sub-command timeout (2 seconds) expires or issue an invalid sub- command, the current operation will be aborted. Table 40 European Flash Key Commands SUB- COMMAND DESCRIPTION...
  • Page 133 Chapter 11 Phone Usage • Disconnect the first call and answer the second call. Either press the flash key and press “1”, or just hang up the phone and then answer the phone after it rings. • Put the first call on hold and answer the second call. Press the flash key and then “2”.
  • Page 134 Chapter 11 Phone Usage After pressing the flash key, if you do not issue the sub-command before the default sub-command timeout (2 seconds) expires or issue an invalid sub- command, the current operation will be aborted. Table 41 USA Flash Key Commands SUB- COMMAND DESCRIPTION...
  • Page 135 Chapter 11 Phone Usage 11.7.3.4 USA Three-Way Conference Use the following steps to make three-way conference calls. When you are on the phone talking to someone (party A), press the flash key to put the caller on hold and get a dial tone. Dial a phone number directly to make another call (to party B).
  • Page 136 Chapter 11 Phone Usage Table 42 Phone Functions Summary ACTI FUNCTION DESCRIPTION *41# Enable call waiting Use these to allow you to put a call on hold while answering another, or to turn this function off. #41# Disable call waiting Section 11.7.2 on page 131 (Europe type) Section 11.7.3 on page 133...

  • Page 137: Firewalls

    H A P T E R Firewalls 12.1 Overview Use these screens to enable and configure the firewall that protects your IAD and your LAN from unwanted or malicious traffic. Enable the firewall to protect your LAN computers from attacks by hackers on the Internet and control access between the LAN and WAN.
  • Page 138 Chapter 12 Firewalls 12.1.1 What You Can Do in this Chapter • Use the General screen (Section 12.2 on page 143) to enable firewall and/or triangle route on the IAD, and set the default action that the firewall takes on packets that do not match any of the firewall rules.
  • Page 139 Chapter 12 Firewalls • LAN to LAN/ Router These rules specify which computers on the LAN can manage the IAD (remote management) and communicate between networks or subnets connected to the LAN interface (IP alias). Note: You can also configure the remote management settings to allow only a specific computer to manage the IAD.
  • Page 140 Chapter 12 Firewalls 12.1.3 Firewall Rule Setup Example The following Internet firewall rule example allows a “Doom” connection from the Internet. Click Security > Firewall > Rules. Select WAN to LAN in the Packet Direction field. Select the index number after that you want to add the rule. For example, if you select “6”, your new rule becomes number 7 and the previous rule 7 (if there is one) becomes rule 8.
  • Page 141 Chapter 12 Firewalls Click an index number to display the Customized Services Config screen and configure the screen as follows and click Apply. Figure 60 Edit Custom Port Example Select Any in the Destination Address List box and then click Delete. Configure the destination address screen as follows and click Add.
  • Page 142 Chapter 12 Firewalls Note: Custom services show up with an “*” before their names in the Services list box and the Rules list box. Figure 62 Firewall Example: Edit Rule: Select Customized Services On completing the configuration procedure for this Internet firewall rule, the Rules screen should look like the following.
  • Page 143 Chapter 12 Firewalls Rule 1 allows a “Doom” connection from the WAN to IP addresses 10.1.1.10 through 10.1.1.15 on the LAN. Figure 63 Firewall Example: Rules: MyService 12.2 The Firewall General Screen Click Security > Firewall to display the following screen. Activate the firewall by selecting the Active Firewall check box as seen in the following screen.
  • Page 144 Chapter 12 Firewalls The following table describes the labels in this screen. Table 43 Security > Firewall > General LABEL DESCRIPTION Active Firewall Select this check box to activate the firewall. The IAD performs access control and protects against Denial of Service (DoS) attacks when the firewall is activated.
  • Page 145 Chapter 12 Firewalls 12.3 The Firewall Rules Screen Note: The ordering of your rules is very important as rules are applied in turn. Refer to Section 12.5 on page 154 for more information. Click Security > Firewall > Rules to bring up the following screen. This screen displays a list of the configured firewall rules.
  • Page 146 Chapter 12 Firewalls Table 44 Security > Firewall > Rules (continued) LABEL DESCRIPTION Source IP This drop-down list box displays the source addresses or ranges of addresses to which this firewall rule applies. Please note that a blank source or destination address is equivalent to Any. Destination IP This drop-down list box displays the destination addresses or ranges of addresses to which this firewall rule applies.
  • Page 147 Chapter 12 Firewalls In the Rules screen, select an index number and click Add or click a rule’s Edit icon to display this screen and refer to the following table for information on the labels. Figure 66 Security > Firewall > Rules: Edit IAD User’s Guide...
  • Page 148 Chapter 12 Firewalls The following table describes the labels in this screen. Table 45 Security > Firewall > Rules: Edit LABEL DESCRIPTION Active Select this option to enable this firewall rule. Action for Use the drop-down list box to select whether to discard (Drop), deny Matched Packet and send an ICMP destination-unreachable message to the sender of (Reject) or allow the passage of (Permit) packets that match this...
  • Page 149 Chapter 12 Firewalls Table 45 Security > Firewall > Rules: Edit (continued) LABEL DESCRIPTION Send Alert Select the check box to have the IAD generate an alert when the rule Message to is matched. Administrator When Matched Back Click Back to return to the previous screen. Apply Click Apply to save your customized settings and exit this screen.
  • Page 150 Chapter 12 Firewalls Table 46 Security > Firewall > Rules: Edit: Edit Customized Services LABEL DESCRIPTION Protocol This shows the IP protocol (TCP, UDP or TCP/UDP) that defines your customized service. Port This is the port number or range that defines your customized service. Back Click Back to return to the Firewall Edit Rule screen.
  • Page 151 Chapter 12 Firewalls 12.4 The Firewall Threshold Screen For DoS attacks, the IAD uses thresholds to determine when to start dropping sessions that do not become fully established (half-open sessions). These thresholds apply globally to all sessions. For TCP, half-open means that the session has not reached the established state- the TCP three-way handshake has not yet been completed.
  • Page 152 Chapter 12 Firewalls Type of traffic for certain servers. Reduce the threshold values if your network is slower than average for any of these factors (especially if you have servers that are slow or handle many tasks and are often busy). •...
  • Page 153 Chapter 12 Firewalls Table 48 Security > Firewall > Threshold (continued) LABEL DESCRIPTION One Minute High This is the rate of new half-open sessions per minute that causes the firewall to start deleting half-open sessions. When the rate of new connection attempts rises above this number, the IAD deletes half- open sessions as required to accommodate new connection attempts.

  • Page 154: Security Considerations

    Chapter 12 Firewalls 12.5 Technical Reference This section provides some technical background information about the topics covered in this chapter. 12.5.1 Guidelines For Enhancing Security With Your Firewall Change the default password via web configurator. Think about access control before you connect to the network in any way. Limit who can access your router.
  • Page 155 Chapter 12 Firewalls Does this rule conflict with any existing rules? Once these questions have been answered, adding rules is simply a matter of entering the information into the correct fields in the web configurator screens. 12.5.3 Triangle Route When the firewall is on, your IAD acts as a secure gateway between your LAN and the Internet.
  • Page 156 Chapter 12 Firewalls As a result, the IAD resets the connection, as the connection has not been acknowledged. Figure 72 “Triangle Route” Problem ISP 1 ISP 2 12.5.3.2 Solving the “Triangle Route” Problem If you have the IAD allow triangle route sessions, traffic from the WAN can go directly to a LAN computer without passing through the IAD and its firewall protection.
  • Page 157 Chapter 12 Firewalls The IAD then sends it to the computer on the LAN in Subnet 1. Figure 73 IP Alias Subnet 1 ISP 1 ISP 2 Subnet 2 IAD User’s Guide...
  • Page 158 Chapter 12 Firewalls IAD User’s Guide...

  • Page 159: Static Route

    H A P T E R Static Route 13.1 Overview The IAD usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the IAD send data to devices not reachable through the default gateway, use static routes. For example, the next figure shows a computer (A) connected to the IAD’s LAN interface.
  • Page 160 Chapter 13 Static Route 13.2 The Static Route Screen Click Advanced > Static Route to open the Static Route screen. Figure 75 Static Route The following table describes the labels in this screen. Table 49 Static Route LABEL DESCRIPTION This is the number of an individual static route. Active This field indicates whether the rule is active or not.
  • Page 161 Chapter 13 Static Route 13.2.1 Static Route Edit Select a static route index number and click Edit. The screen shown next appears. Use this screen to configure the required information for a static route. Figure 76 Static Route Edit The following table describes the labels in this screen. Table 50 Static Route Edit LABEL DESCRIPTION...
  • Page 162 Chapter 13 Static Route IAD User’s Guide...

  • Page 163: Quality Of Service (Qos)

    H A P T E R Quality of Service (QoS) 14.1 Overview Quality of Service (QoS) refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. Without QoS, all traffic data is equally likely to be dropped when the network is congested.
  • Page 164 Chapter 14 Quality of Service (QoS) 14.1.2 What You Need to Know The following terms and concepts may help as you read through this chapter. QoS versus Cos QoS is used to prioritize source-to-destination traffic flows. All packets in the same flow are given the same priority.
  • Page 165 Chapter 14 Quality of Service (QoS) Use this screen to enable or disable QoS, and select to have the IAD automatically assign priority to traffic according to the IEEE 802.1p priority level, IP precedence and/or packet length. See Section 14.1 on page 163 for more information.
  • Page 166 Chapter 14 Quality of Service (QoS) Table 51 QoS > General LABEL DESCRIPTION Traffic These fields are ignored if traffic matches a class you configured in the priority will Class Setup screen. If you select ON and traffic does not match a class configured in the Class automatical Setup screen, the IAD assigns priority to unmatched traffic based on the ly assigned...
  • Page 167 Chapter 14 Quality of Service (QoS) Click Advanced > QoS > Class Setup to open the following screen. Figure 78 QoS > Class Setup The following table describes the labels in this screen. Table 52 QoS > Class Setup LABEL DESCRIPTION Create a new Click Add to create a new classifier.
  • Page 168 Chapter 14 Quality of Service (QoS) 14.3.1 Class Configuration Click the Add button or the Edit icon in the Modify field to configure a classifier. Figure 79 QoS Class Configuration IAD User’s Guide...
  • Page 169 Chapter 14 Quality of Service (QoS) Appendix F on page 313 for a list of commonly-used services. The following table describes the labels in this screen. Table 53 QoS Class Configuration LABEL DESCRIPTION Class Configuration Active Select the check box to enable this classifier. Name Enter a descriptive name of up to 20 printable English keyboard characters, including spaces.
  • Page 170 Chapter 14 Quality of Service (QoS) Table 53 QoS Class Configuration (continued) LABEL DESCRIPTION Ethernet Select a priority level (between 0 and 7) from the drop down list box. Priority VLAN ID Specify a VLAN ID number between 2 and 4094. Filter Use the following fields to configure the criteria for traffic Configuration...
  • Page 171 Chapter 14 Quality of Service (QoS) Table 53 QoS Class Configuration (continued) LABEL DESCRIPTION Service This field simplifies classifier configuration by allowing you to select a predefined application. When you select a predefined application, you do not configure the rest of the filter fields. SIP (Session Initiation Protocol) is a signaling protocol used in Internet telephony, instant messaging and other VoIP (Voice over IP) applications.
  • Page 172 Chapter 14 Quality of Service (QoS) two classes are assigned priority queue based on the internal QoS mapping table on the IAD. Figure 80 QoS Example VoIP: Queue 6 Ethernet 50 Mbps Boss: Queue 5 IP=10.1.1.23 IAD User’s Guide...
  • Page 173 Chapter 14 Quality of Service (QoS) Figure 81 QoS Class Example: VoIP IAD User’s Guide...
  • Page 174 Chapter 14 Quality of Service (QoS) Figure 82 QoS Class Example: Boss IAD User’s Guide...
  • Page 175 Chapter 14 Quality of Service (QoS) 14.4 The QoS Monitor Screen To view the IAD’s QoS packet statistics, click Advanced > QoS > Monitor. The screen appears as shown. Figure 83 QoS Monitor The following table describes the labels in this screen. Table 54 QoS Monitor LABEL DESCRIPTION...
  • Page 176 Chapter 14 Quality of Service (QoS) 14.5.1 IEEE 802.1Q Tag The IEEE 802.1Q standard defines an explicit VLAN tag in the MAC header to identify the VLAN membership of a frame across bridges. A VLAN tag includes the 12-bit VLAN ID and 3-bit user priority. The VLAN ID associates a frame with a specific VLAN and provides the information that devices need to process the frame across the network.
  • Page 177 Chapter 14 Quality of Service (QoS) DiffServ (Differentiated Services) is a class of service (CoS) model that marks packets so that they receive specific per-hop treatment at DiffServ-compliant network devices along the route based on the application types and traffic flow. Packets are marked with DiffServ Code Points (DSCPs) indicating the level of service desired.
  • Page 178 Chapter 14 Quality of Service (QoS) Table 56 Internal Layer2 and Layer3 QoS Mapping LAYER 2 LAYER 3 IEEE 802.1P PRIORITY QUEUE USER PRIORITY TOS (IP IP PACKET PRECEDENCE) DSCP (ETHERNET LENGTH (BYTE) PRIORITY) 000000 >1100 001110 250~1100 001100 001010 001000 010110 010100...

  • Page 179: Dynamic Dns Setup

    H A P T E R Dynamic DNS Setup 15.1 Overview Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU- SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect.
  • Page 180 Chapter 15 Dynamic DNS Setup 15.2 The Dynamic DNS Screen To change your IAD’s DDNS, click Advanced > Dynamic DNS. The screen appears as shown. Section 15.1 on page 179 for more information. Figure 84 Dynamic DNS The following table describes the fields in this screen. Table 57 Dynamic DNS LABEL DESCRIPTION...
  • Page 181 Chapter 15 Dynamic DNS Setup Table 57 Dynamic DNS (continued) LABEL DESCRIPTION If you select WWW.TZO.com in the Service Provider field, enter the password you used to register for this service. Enable Select the check box to enable DynDNS Wildcard. Wildcard Option Enable off line...
  • Page 182 Chapter 15 Dynamic DNS Setup IAD User’s Guide...

  • Page 183: Remote Management

    H A P T E R Remote Management 16.1 Overview Remote management allows you to determine which services/protocols can access which IAD interface (if any) from which computers. The following figure shows remote management of the IAD coming in from the WAN.
  • Page 184 Chapter 16 Remote Management You may only have one remote management session running at a time. The IAD automatically disconnects a remote management session of lower priority when another remote management session of higher priority starts. The priorities for the different types of remote management sessions are as follows. Telnet HTTP 16.1.1 What You Can Do in this Chapter...
  • Page 185 Chapter 16 Remote Management • There is already another remote management session with an equal or higher priority running. You may only have one remote management session running at one time. • There is a firewall rule that blocks it. Remote Management and NAT When NAT is enabled: •...
  • Page 186 Chapter 16 Remote Management The following table describes the labels in this screen. Table 58 Remote Management > WWW LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management.

  • Page 187: The Ftp Screen

    Chapter 16 Remote Management The following table describes the labels in this screen. Table 59 Remote Management > Telnet LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management.
  • Page 188 Chapter 16 Remote Management The following table describes the labels in this screen. Table 60 Remote Management > FTP LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management.
  • Page 189 Chapter 16 Remote Management Note: SNMP is only available if TCP/IP is configured. Figure 89 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the IAD).

  • Page 190: Supported Mibs

    Chapter 16 Remote Management 16.5.1 Supported MIBs The IAD supports MIB II, which is defined in RFC-1213 and RFC-1215. The focus of the MIBs is to let administrators collect statistical data and monitor status and performance. 16.5.2 SNMP Traps The IAD will send traps to the SNMP manager when any one of the following events occurs: Table 61 SNMP Traps TRAP #...
  • Page 191 Chapter 16 Remote Management The following table describes the labels in this screen. Table 62 Remote Management > SNMP LABEL DESCRIPTION SNMP Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management.
  • Page 192 Chapter 16 Remote Management Click Advanced > Remote MGMT > DNS to change your IAD’s DNS settings. Use this screen to set from which IP address the IAD will accept DNS queries and on which interface it can send them your IAD’s DNS settings. Figure 91 Remote Management >...
  • Page 193 Chapter 16 Remote Management Note: If you want your device to respond to pings and requests for unauthorized services, you may also need to configure the firewall anti probing settings to match. Figure 92 Remote Management > ICMP The following table describes the labels in this screen. Table 64 Remote Management >...

  • Page 194: How Ssh Works

    Chapter 16 Remote Management Unlike Telnet or FTP, which transmit data in plaintext (clear or unencrypted text), SSH is a secure communication protocol that combines authentication and data encryption to provide secure encrypted communication between two hosts over an unsecured network. 16.9 How SSH Works The following table summarizes how a secure connection is established between two remote hosts.

  • Page 195: Requirements For Using Ssh

    Chapter 16 Remote Management Authentication and Data Transmission After the identification is verified and data encryption activated, a secure tunnel is established between the client and the server. The client then sends its authentication information (user name and password) to the server to log in to the server.
  • Page 196 Chapter 16 Remote Management The following table describes the labels in this screen. Table 65 Remote Management > SSH LABEL DESCRIPTION Server Host Select the certificate whose corresponding private key is to be used to identify the IAD for SSH connections. You must have certificates already configured in the My Certificates screen (Click My Certificates and Chapter 16 on page 37 for details).

  • Page 197: Universal Plug-And-Play (Upnp)

    H A P T E R Universal Plug-and-Play (UPnP) 17.1 Overview Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices. A UPnP device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network.
  • Page 198 Chapter 17 Universal Plug-and-Play (UPnP) Windows Messenger is an example of an application that supports NAT traversal and UPnP. See the NAT chapter for more information on NAT. Cautions with UPnP The automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues.
  • Page 199 Chapter 17 Universal Plug-and-Play (UPnP) Section 17.1 on page 197 for more information. Figure 95 Configuring UPnP The following table describes the fields in this screen. Table 66 Configuring UPnP LABEL DESCRIPTION Active the Universal Plug Select this check box to activate UPnP. Be aware that anyone and Play (UPnP) Feature could use a UPnP application to open the web configurator's login screen without entering the IAD's IP address (although...
  • Page 200 Chapter 17 Universal Plug-and-Play (UPnP) Click on the Windows Setup tab and select Communication in the Components selection box. Click Details. Figure 96 Add/Remove Programs: Windows Setup: Communication In the Communications window, select the Universal Plug and Play check box in the Components selection box.
  • Page 201 Chapter 17 Universal Plug-and-Play (UPnP) Click OK to go back to the Add/Remove Programs Properties window and click Next. Restart the computer when prompted. Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. Click Start and Control Panel.
  • Page 202 Chapter 17 Universal Plug-and-Play (UPnP) The Windows Optional Networking Components Wizard window displays. Select Networking Service in the Components selection box and click Details. Figure 99 Windows Optional Networking Components Wizard IAD User’s Guide...
  • Page 203 Chapter 17 Universal Plug-and-Play (UPnP) In the Networking Services window, select the Universal Plug and Play check box. Figure 100 Networking Services Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. 17.4 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP.
  • Page 204 Chapter 17 Universal Plug-and-Play (UPnP) Right-click the icon and select Properties. Figure 101 Network Connections IAD User’s Guide...
  • Page 205 Chapter 17 Universal Plug-and-Play (UPnP) In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created. Figure 102 Internet Connection Properties IAD User’s Guide...
  • Page 206 Chapter 17 Universal Plug-and-Play (UPnP) You may edit or delete the port mappings or click Add to manually add port mappings. Figure 103 Internet Connection Properties: Advanced Settings Figure 104 Internet Connection Properties: Advanced Settings: Add When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically.
  • Page 207 Chapter 17 Universal Plug-and-Play (UPnP) Select Show icon in notification area when connected option and click OK. An icon displays in the system tray. Figure 105 System Tray Icon Double-click on the icon to display your current Internet connection status. Figure 106 Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the IAD without finding...
  • Page 208 Chapter 17 Universal Plug-and-Play (UPnP) Select My Network Places under Other Places. Figure 107 Network Connections An icon with the description for each UPnP-enabled device displays under Local Network. IAD User’s Guide...
  • Page 209 Chapter 17 Universal Plug-and-Play (UPnP) Right-click on the icon for your IAD and select Invoke. The web configurator login screen displays. Figure 108 Network Connections: My Network Places Right-click on the icon for your IAD and select Properties. A properties window displays with basic information about the IAD.
  • Page 210 Chapter 17 Universal Plug-and-Play (UPnP) IAD User’s Guide...

  • Page 211: System

    H A P T E R System 18.1 Overview Use this screen to configure the IAD’s time and date settings. 18.1.1 What You Need to Know The following terms and concepts may help as you read through this chapter. General Setup and System Name General Setup contains administrative and system-related information.

  • Page 212: General Setup

    Chapter 18 System 18.2 General Setup Use this screen to configure the IAD’s system name, inactivity timer, and password. Click Maintenance > System to open the General screen. Figure 110 System > General Setup The following table describes the labels in this screen. Table 67 General Setup LABEL DESCRIPTION...

  • Page 213: Time Setting

    Chapter 18 System 18.3 Time Setting To change your IAD’s time and date, click Maintenance > System > Time Setting. The screen appears as shown. Use this screen to configure the IAD’s time based on your local time zone. Figure 111 System > Time Setting The following table describes the fields in this screen.
  • Page 214 Chapter 18 System IAD User’s Guide...

  • Page 215: Logs

    H A P T E R Logs 19.1 Overview This chapter contains information about configuring general log settings and viewing the IAD’s logs. The web configurator allows you to choose which categories of events and/or alerts to have the IAD log and then display the logs or have the IAD send them to an administrator (as e-mail) or to a syslog server.
  • Page 216 Chapter 19 Logs The following table describes the fields in this screen. Table 69 View Log LABEL DESCRIPTION Display The categories that you select in the Log Settings screen display in the drop-down list box. Select a category of logs to view; select All Logs to view logs from all of the log categories that you selected in the Log Settings page.

  • Page 217: Log Settings

    Chapter 19 Logs 19.3 Log Settings Use this screen to configure which logs to display on the View Logs screen (see Chapter 19 on page 215). Click Maintenance > Logs > Log Settings. Figure 113 Log Settings The following table describes the fields in this screen. Table 70 Log Settings LABEL DESCRIPTION...
  • Page 218 Chapter 19 Logs IAD User’s Guide...

  • Page 219: Tools

    H A P T E R Tools 20.1 Overview This chapter explains how to upload new firmware, manage configuration files and restart your IAD. Use the instructions in this chapter to change the device’s configuration file or upgrade its firmware. After you configure your device, you can backup the configuration file to a computer.

  • Page 220: Firmware Upgrade

    Chapter 20 Tools 20.2 Firmware Upgrade Click Maintenance > Tools to open the Firmware screen. Follow the instructions in this screen to upload firmware to your IAD. The upload process uses HTTP (Hypertext Transfer Protocol) and may take up to two minutes. After a successful upload, the system will reboot.

  • Page 221: Backup Configuration

    Chapter 20 Tools 20.3 Configuration Click Maintenance > Tools > Configuration. Information related to factory defaults, backup configuration, and restoring configuration appears in this screen, as shown next. Figure 115 Configuration 20.3.1 Backup Configuration Backup Configuration allows you to back up (save) the IAD’s current configuration to a file on your computer.
  • Page 222 Chapter 20 Tools After you see a “restore configuration successful” screen, you must then wait one minute before logging into the IAD again. The IAD automatically restarts in this time causing a temporary network disconnect. If you uploaded the default configuration file you may need to change the IP address of your computer to be in the same subnet as that of the default device IP address (10.0.0.138).

  • Page 223: Diagnostic

    H A P T E R Diagnostic 21.1 Overview This read-only screen displays information to help you identify problems with the IAD. 21.2 General Click Maintenance > Diagnostic to open the screen shown next. Figure 117 Diagnostic > General The following table describes the fields in this screen. Table 73 General LABEL DESCRIPTION...
  • Page 224 Chapter 21 Diagnostic IAD User’s Guide...

  • Page 225: Troubleshooting

    H A P T E R Troubleshooting 22.1 Overview This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • IAD Access and Login •...
  • Page 226 Chapter 22 Troubleshooting One of the LEDs does not behave as expected. Make sure you understand the normal behavior of the LED. See Section 1.6 on page Check the hardware connections. See the Quick Start Guide. Inspect your cables for damage. Contact the vendor to replace any damaged cables.

  • Page 227: Internet Access

    Chapter 22 Troubleshooting • If you changed the IP address and have forgotten it, see the troubleshooting suggestions for I forgot the IP address for the IAD. Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide. Make sure your Internet browser does not block pop-up windows and has JavaScripts and Java enabled.
  • Page 228 Chapter 22 Troubleshooting Disconnect all the cables from your device, and follow the directions in the Quick Start Guide again. If the problem continues, contact your ISP. I cannot access the Internet anymore. I had access to the Internet (with the IAD), but my Internet connection is not available anymore.
  • Page 229 Chapter 22 Troubleshooting I can access the Internet, but cannot make VoIP calls. The PHONE light should come on. Make sure that your telephone is connected to the PHONE port. You can also check the VoIP status in the Status screen. If the VoIP settings are correct, use speed dial to make peer-to-peer calls.
  • Page 230 Chapter 22 Troubleshooting IAD User’s Guide...

  • Page 231: Product Specifications

    H A P T E R Product Specifications The following tables summarize the IAD’s hardware and firmware features. Hardware Specifications Table 74 Hardware Specifications Dimensions 215 W x 145 D x 35 H mm Weight 390 g Power Specification 18V DC 1A Built-in Switch Four auto-negotiating, auto MDI/MDI-X 10/100 Mbps RJ-45 Ethernet ports...

  • Page 232: Voice Specifications

    Chapter 23 Product Specifications Voice Specifications Note: To take full advantage of the supplementary phone services available through the IAD's phone port, you may need to subscribe to the services from your VoIP service provider. Note: Not all features are supported by all service providers. Consult your service provider for more information.
  • Page 233 Chapter 23 Product Specifications Table 75 Voice Features Firmware update If your service provider uses this feature, you hear a recorded enable / disable message when you pick up the phone when new firmware is available for your IAD. Enter *99# in your phone’s keypad to have the IAD upgrade the firmware, or enter #99# to not upgrade.
  • Page 234 Chapter 23 Product Specifications Table 75 Voice Features Echo Cancellation You device supports G.168, an ITU-T standard for eliminating the echo caused by the sound of your voice reverberating in the telephone receiver while you talk. Other Voice SIP version 2 (Session Initiating Protocol RFC 3261) Features SDP (Session Description Protocol RFC 2327) RTP (RFC 1889)
  • Page 235 Chapter 23 Product Specifications Table 76 Standards Supported (continued) STANDARD DESCRIPTION ANSI T1.413, Issue 2 Asymmetric Digital Subscriber Line (ADSL) standard. Microsoft PPTP MS PPTP (Microsoft's implementation of Point to Point Tunneling Protocol) RFC 2383 ST2+ over ATM Protocol Specification - UNI 3.1 Version 1.363.5 Compliant AAL5 SAR (Segmentation And Re-assembly) Power Adaptor Specifications...
  • Page 236 Chapter 23 Product Specifications G-PON Specification Table 78 G-PON Specifications SPECIFICATION DESCRIPTION Standard IEEE 802.3ah Upstream Bit Rate 1.25 Gb/s Downstream Bit Rate 1.25 Gb/s Distance 10 Km/20 Km Power Budget Class A: 5~20 dB Class B: 10~25 dB Wavelength Allocation Up: 1260~1360 nm Down: 1480~1500 nm Splitter Ratio...
  • Page 237 Chapter 23 Product Specifications Align the holes on the back of the IAD with the screws on the wall. Hang the IAD on the screws. Figure 118 Wall-mounting Example The following are dimensions of an M4 tap screw and masonry plug used for wall mounting.
  • Page 238 Chapter 23 Product Specifications IAD User’s Guide...
  • Page 239 P P E N D I X Passive Optical Networks Optical fiber allows for data to be transmitted in the form of staggered light impulses. It is composed of flexible plastic or glass piping. Light waves traverse the length of the piping by perpetually reflecting itself off of its mirrored inner core, much like an optical waveguide.
  • Page 240 Appendix A Passive Optical Networks An Optical Line Terminal (OLT) is placed at a broadband service provider’s central office, where it receives voice, video, and other data from the service provider’s networking servers. It then converts and transmits this data as light across a fiber optical network, where it is received and translated on the opposite end by one or more Optical Network Units (ONUs).

  • Page 241: How It Works

    Appendix A Passive Optical Networks How It Works There are no active components in the PON backbone that require power. Light impulses move from point A to point B with nothing inbetween to facilitate it other than optical physics. Although the devices at the point of origin and the point of termination undoubtedly require power, the network itself does not.
  • Page 242 Appendix A Passive Optical Networks Ethernet PON (EPON), meanwhile, offers slightly slower data transmission rates but shows a smaller overhead and is markedly better at transmitting over the Ethernet layer using IP. Because Ethernet is so widespread and relies on a well- established universal networking protocol, manufacturers can use existing hardware to build EPON units, making it a very cost effective solution in comparison to the other types of PON devices available.
  • Page 243 Appendix A Passive Optical Networks Absorption happens as the light’s energy is converted into heat; scattering occurs when the light hits stray particles of other matter inside the cable and some its photons are redirected in other directions. As a result, the further the light in the pipe travels, the less coherent it becomes and eventually it disintegrates.
  • Page 244 Appendix A Passive Optical Networks your connection speeds, check with your service provider or network administrator. Table 80 Applications and Required Bit Rates APPLICATION MINIMUM BIT RATE Voice over Internet Protocol (VoIP) 16 kbps Full-screen Video Conferenceing (H.263) 384 kbps Basic Web Browsing 1 Mbps 5-Megapixel JPG in 10 seconds...
  • Page 245 P P E N D I X Setting Up Your Computer’s IP Address Note: Your specific IAD may not support all of the operating systems described in this appendix. See the product specifications for more information about which operating systems are supported. This appendix shows you how to configure the IP settings on your computer in order for it to be able to communicate with the other devices on your network.
  • Page 246 Appendix B Setting Up Your Computer’s IP Address Click Start > Control Panel. Figure 121 Windows XP: Start Menu In the Control Panel, click the Network Connections icon. Figure 122 Windows XP: Control Panel IAD User’s Guide...
  • Page 247 Appendix B Setting Up Your Computer’s IP Address Right-click Local Area Connection and then select Properties. Figure 123 Windows XP: Control Panel > Network Connections > Properties On the General tab, select Internet Protocol (TCP/IP) and then click Properties. Figure 124 Windows XP: Local Area Connection Properties IAD User’s Guide...
  • Page 248 Appendix B Setting Up Your Computer’s IP Address The Internet Protocol TCP/IP Properties window opens. Figure 125 Windows XP: Internet Protocol (TCP/IP) Properties Select Obtain an IP address automatically if your network administrator or ISP assigns your IP address dynamically. Select Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields if you have a static IP address that was assigned to you by your network administrator or ISP.

  • Page 249: Windows Vista

    Appendix B Setting Up Your Computer’s IP Address In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can also go to Start > Control Panel > Network Connections, right-click a network connection, click Status and then click the Support tab to view your IP address and connection information.
  • Page 250 Appendix B Setting Up Your Computer’s IP Address Click the Network and Sharing Center icon. Figure 128 Windows Vista: Network And Internet Click Manage network connections. Figure 129 Windows Vista: Network and Sharing Center Right-click Local Area Connection and then select Properties. Figure 130 Windows Vista: Network and Sharing Center Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue.

Table of Contents