ZyXEL Communications Wireless-11g Access Point ZyXEL G-1000 v2 User Manual
  1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Wireless Access Point
  5. Wireless-11g Access Point ZyXEL G-1000 v2
  6. User manual
ZyXEL Communications Wireless-11g Access Point ZyXEL G-1000 v2 User Manual

ZyXEL Communications Wireless-11g Access Point ZyXEL G-1000 v2 User Manual

Wireless-11g access point
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
ZyXEL G-1000 v2
Wireless-11g Access Point
User's Guide
Version 3.60
Edition 1
3/2006

Advertisement

Table of Contents
loading

Related Manuals for ZyXEL Communications Wireless-11g Access Point ZyXEL G-1000 v2

Summary of Contents for ZyXEL Communications Wireless-11g Access Point ZyXEL G-1000 v2

  • Page 1 ZyXEL G-1000 v2 Wireless-11g Access Point User’s Guide Version 3.60 Edition 1 3/2006...

  • Page 3: Copyright

    ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved.

  • Page 4: Interference Statements And Certifications

    ZyXEL G-1000 v2 User’s Guide Interference Statements and Federal Communications Commission (FCC) Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations.
  • Page 5 This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter. ZyXEL Communications Corporation declared that G-1000 v2 is limited in CH1~11 from 2400 to 2483.5 MHz by specified firmware controlled in USA. 注意 ! 依據...

  • Page 6: Safety Warnings

    ZyXEL G-1000 v2 User’s Guide For your safety, be sure to read and follow all warning notices and instructions. • To reduce the risk of fire, use only No. 26 AWG (American Wire Gauge) or larger telecommunication line cord. • Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks.

  • Page 7: Zyxel Limited Warranty

    ZyXEL G-1000 v2 User’s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever...

  • Page 8: Customer Support

    +7-3272-590-689 1-800-255-4101 www.us.zyxel.com +1-714-632-0882 +1-714-632-0858 ftp.us.zyxel.com +47-22-80-61-80 www.zyxel.no +47-22-80-61-81 REGULAR MAIL ZyXEL Communications Corp. 6 Innovation Road II Science Park Hsinchu 300 Taiwan ZyXEL Communications Czech s.r.o. Modranská 621 143 01 Praha 4 - Modrany Ceská Republika ZyXEL Communications A/S...
  • Page 9 Poland ZyXEL Russia Ostrovityanova 37a Str. Moscow, 117279 Russia ZyXEL Communications Alejandro Villegas 33 1º, 28043 Madrid Spain ZyXEL Communications A/S Sjöporten 4, 41764 Göteborg Sweden ZyXEL Ukraine 13, Pimonenko Str. Kiev, 04050 Ukraine ZyXEL Communications UK Ltd.,11 The Courtyard,...
  • Page 10 ZyXEL G-1000 v2 User’s Guide Customer Support...

  • Page 11: Table Of Contents

    Copyright ... 3 Interference Statements and Certifications ... 4 Safety Warnings ... 6 ZyXEL Limited Warranty... 7 Customer Support... 8 Table of Contents ... 11 List of Figures ... 17 List of Tables ... 21 Preface ... 25 Chapter 1 Getting to Know Your Device ...
  • Page 12 ZyXEL G-1000 v2 User’s Guide Chapter 3 Wizard Setup ... 41 3.1 Wizard Setup Overview ...41 3.2 General Setup ...41 3.3 Wizard Setup Wireless LAN ...42 3.3.1 Name (SSID), Channel ID and Security ...42 3.3.2 Configuring WEP or WPA(2) PSK Security ...43 3.3.3 IP Address Assignment ...46 3.3.4 Apply Settings ...47 Chapter 4...
  • Page 13 Chapter 8 Logs ... 81 8.1.1 Alerts and Logs ...81 8.4 SMTP Error Messages ...84 Chapter 9 Tools ... 87 9.2.1 Backup Configuration ...89 9.2.2 Restore Configuration ...89 9.2.3 Back to Factory Defaults ...90 Chapter 10 Introducing the SMT ... 93 10.1 Connect to your G-1000 v2 Using Telnet ...93 10.2 Changing the System Password ...93 10.3 G-1000 v2 SMT Menus Overview ...94...
  • Page 14 ZyXEL G-1000 v2 User’s Guide 15.3 Log and Trace ...116 15.3.1 Syslog Logging ...117 15.4 Diagnostic ...117 Chapter 16 Firmware and Configuration File Maintenance ... 119 16.1 Filename Conventions ...119 16.2 Backup Configuration ...120 16.2.1 Backup Configuration Using FTP ...120 16.2.2 Using the FTP command from the DOS Prompt ...121 16.2.3 Backup Configuration Using TFTP ...122 16.2.4 Example: TFTP Command ...123...
  • Page 15 ZyXEL G-1000 v2 User’s Guide Command Interpreter... 161 Appendix G Log Descriptions... 163 Appendix H Wireless LAN and IEEE 802.11 ... 167 Appendix I Wireless LAN Security... 173 Appendix J Types of EAP Authentication ... 185 Appendix K Antenna Selection and Positioning Recommendation... 187 Table of Contents...
  • Page 16 ZyXEL G-1000 v2 User’s Guide Table of Contents...

  • Page 17: List Of Figures

    ZyXEL G-1000 v2 User’s Guide List of Figures Figure 1 Internet Access Application ... 31 Figure 2 Corporation Network Application ... 31 Figure 3 G-1000 v2 Front Panel ... 32 Figure 4 Change Password Screen ... 34 Figure 5 Web Configurator: Main Screen ... 35 Figure 6 Status Screen ...
  • Page 18 ZyXEL G-1000 v2 User’s Guide Figure 39 Configuration Restore Successful ... 90 Figure 40 Temporarily Disconnected ... 90 Figure 41 Configuration Restore Error ... 90 Figure 42 Restart Screen ... 91 Figure 43 Login Screen ... 93 Figure 44 Menu 23.1 System Security: Change Password ... 93 Figure 45 G-1000 v2 SMT Main Menu ...
  • Page 19 ZyXEL G-1000 v2 User’s Guide Figure 82 Windows XP: Start Menu ... 141 Figure 83 Windows XP: Control Panel ... 141 Figure 84 Windows XP: Control Panel: Network Connections: Properties ... 142 Figure 85 Windows XP: Local Area Connection Properties ... 142 Figure 86 Windows XP: Advanced TCP/IP Settings ...
  • Page 20 ZyXEL G-1000 v2 User’s Guide List of Figures...

  • Page 21: List Of Tables

    ZyXEL G-1000 v2 User’s Guide List of Tables Table 1 IEEE 802.11b ... 28 Table 2 IEEE 802.11g ... 28 Table 3 Front Panel Light Description ... 32 Table 4 Web Configurator Screens Summary ... 35 Table 5 Status Screen ... 37 Table 6 Status: Packet Statistics ...
  • Page 22 ZyXEL G-1000 v2 User’s Guide Table 39 Main Menu Summary ... 96 Table 40 Menu 1 General Setup ... 97 Table 41 Menu 3.2 TCP/IP Setup ... 100 Table 42 Menu 3.5 Wireless LAN Setup ... 101 Table 43 Menu 3.5.1 WLAN MAC Address Filter ... 103 Table 44 Menu 3.5.4 Bridge Link Configuration ...
  • Page 23 ZyXEL G-1000 v2 User’s Guide Table 82 Sys log ... 164 Table 83 Log Categories and Available Settings ... 165 Table 84 IEEE 802.11g ... 173 Table 85 Comparison of EAP Authentication Types ... 176 Table 86 Wireless Security Relational Matrix ... 181 Table 87 Comparison of EAP Authentication Types ...
  • Page 24 ZyXEL G-1000 v2 User’s Guide List of Tables...

  • Page 25: Preface

    Help us help you! E-mail all User Guide-related comments, questions or suggestions for improvement to techwriters@zyxel.com.tw or send regular mail to The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you! Preface www.zyxel.com...

  • Page 26: Syntax Conventions

    ZyXEL G-1000 v2 User’s Guide Syntax Conventions • “Enter” means for you to type one or more characters. “Select” or “Choose” means for you to use one predefined choice. • Mouse action sequences are denoted using a right angle bracket (>). For example, “In Windows, click Start >...

  • Page 27: Getting To Know Your Device

    Getting to Know Your Device This chapter introduces the main features and applications of the G-1000 v2. 1.1 Introducing the ZyXEL G-1000 v2 The ZyXEL G-2000 Plus v2 is a wireless access point. The G-1000 v2 offers highly secured wireless connectivity to your wired network with IEEE 802.1X, WEP data encryption, WPA(2) (Wi-Fi Protected Access) and MAC address filtering.

  • Page 28: Firmware Features

    ZyXEL G-1000 v2 User’s Guide ZyAIR LED The blue ZyAIR LED (also known as the breathing light) is on when the G-1000 v2 is on and blinks (or breaths) when data is being transmitted to/from its wireless stations. You may use the web configurator to turn this light off even when the G-1000 v2 is on and data is being transmitted/received.

  • Page 29: Limit The Number Of Client Connections

    Note: The G-1000 v2 may be prone to RF (Radio Frequency) interference from other 2.4 GHz devices such as microwave ovens, wireless phones, Bluetooth enabled devices, and other wireless LANs. STP (Spanning Tree Protocol) / RSTP (Rapid STP) (R)STP detects and breaks network loops and provides backup links between switches, bridges or routers.

  • Page 30: Applications For The G-1000 V2

    ZyXEL G-1000 v2 User’s Guide SNMP SNMP (Simple Network Management Protocol) is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your G-1000 v2 supports SNMP agent functionality, which allows a manager station to manage and monitor the G-1000 v2 through the network.

  • Page 31: Internet Access Application

    1.3.1 Internet Access Application The G-1000 is an ideal access solution for wireless Internet connection. A typical Internet access application for your G-1000 is shown as follows. Stations A, B and C can access the wired network through the G-1000s. Figure 1 Internet Access Application 1.3.2 Corporation Network Application In situations where users are always on the move in the coverage area but still need access to...

  • Page 32: Figure 3 G-1000 V2 Front Panel

    ZyXEL G-1000 v2 User’s Guide Figure 3 G-1000 v2 Front Panel The following table describes the lights. Table 3 Front Panel Light Description LIGHT COLOR Green ZyAIR Blue ETHN Green Orange Green STATUS DESCRIPTION The wireless card on the G-1000 v2 is working properly. The wireless card on the G-1000 v2 is not ready or has a malfunction.

  • Page 33: Introducing The Web Configurator

    This chapter describes how to access the G-1000 v2 web configurator and provides an overview of its screens. The default IP address of the G-1000 v2 is 192.168.1.2. 2.1 Web Configurator Overview The embedded web configurator allows you to manage the G-1000 v2 from anywhere through a browser such as Microsoft Internet Explorer or Netscape Navigator.

  • Page 34: Resetting The G-1000 V2

    ZyXEL G-1000 v2 User’s Guide Figure 4 Change Password Screen 6 On this screen you can access the wizard setup or the advanced setup. Click Go to Advanced setup to access the status screen of the web configurator Note: The management session automatically times out when the time period set in the Administrator Inactivity Timer field expires (default five minutes).

  • Page 35: Navigating The Web Configurator

    Note: You can also restore defaults via the web configurator.(refer to the Maintenance chapter). 2.4 Navigating the Web Configurator We use the P-662HW-D1 web screens in this guide as an example. Screens vary slightly for different G-1000 v2 models. 2.4.1 Navigation Panel After you enter the password, use the sub-menus on the navigation panel to configure G-1000 v2 features.

  • Page 36: Status Screen

    ZyXEL G-1000 v2 User’s Guide Table 4 Web Configurator Screens Summary (continued) LINK/ICON SUB-LINK About Status Network Wireless LAN General MAC Filter Advanced Internet Connection Advanced Management Remote MGMT Telnet SNMP Maintenance System General Time Setting Logs View Log Log Settings Tools Firmware Configuration...

  • Page 37: Figure 6 Status Screen

    Figure 6 Status Screen The following table describes the labels shown in the Status screen. Table 5 Status Screen LABEL DESCRIPTION Refresh Interval Select a number of seconds or None from the drop-down list box to refresh all screen statistics automatically at the end of every time interval or to not refresh the screen statistics.

  • Page 38: Status: Packet Statistics

    ZyXEL G-1000 v2 User’s Guide Table 5 Status Screen LABEL DESCRIPTION System Uptime This is the total time the G-1000 v2 has been on. Current Date/Time This field displays your G-1000 v2’s present date and time. System Resource CPU Usage This number shows how many kilobytes of the heap memory the G-1000 v2 is using.

  • Page 39: Status: Wlan Association List

    The following table describes the labels in this screen. Table 6 Status: Packet Statistics LABEL DESCRIPTION Port This is the Ethernet or wireless port. The wireless port may be the WLAN – Built- in card or the WLAN – Removable wireless card. Status This shows the port speed and duplex setting if you are using Ethernet encapsulation for the Ethernet port.
  • Page 40 ZyXEL G-1000 v2 User’s Guide Table 7 Association List LABEL Refresh DESCRIPTION This field displays the priority level of a wireless device associated with the G- 1000 v2 Click Refresh to reload the screen. Chapter 2 Introducing the Web Configurator...

  • Page 41: Chapter 3 Wizard Setup

    The web configurator’s setup wizard helps you set up a wireless LAN and configure security settings on your G-1000 v2. 3.1 Wizard Setup Overview The wizard will guide you through several steps. You will need to enter some information for identification purposes, you will then setup your wireless LAN and security.

  • Page 42: Wizard Setup Wireless Lan

    ZyXEL G-1000 v2 User’s Guide The following table describes the labels in this screen. Table 8 Enter System and Domain Names LABEL System Name Domain Name Back Next Exit 3.3 Wizard Setup Wireless LAN This wizard helps you configure your wireless network and security. 3.3.1 Name (SSID), Channel ID and Security This screen allows you to setup a unique name for your G-1000 v2 on the wireless network.

  • Page 43: Configuring Wep Or Wpa(2) Psk Security

    The following table describes the labels in this screen. Table 9 Enter Name and Select Security LABEL Wireless LAN Setup Name(SSID) Choose Channel ID Security Back Next Exit Note: The wireless stations and G-1000 v2 must use the same SSID, channel ID and WEP encryption key (if WEP is enabled) or WPA-PSK (if WPA-PSK is enabled) for wireless communication.

  • Page 44: Figure 10 Wireless Lan Basic Security

    ZyXEL G-1000 v2 User’s Guide Figure 10 Wireless LAN Basic Security The following table describes the labels in this screen. Table 10 Wireless LAN Basic Security LABEL DESCRIPTION Passphrase You can generate or manually enter a WEP key by either: Entering a Passphrase (up to 32 printable characters) and clicking Generate.

  • Page 45: Figure 11 Wireless Lan Extend Security

    Table 10 Wireless LAN Basic Security LABEL DESCRIPTION Back Click Back to display the previous screen. Next Click Next to proceed to the next screen. Exit Click Exit to quit the wizard without saving the changes. Choose Extend(WPA-PSK with customized key) or Extend(WPA2-PSK with customized key) security in the Wireless LAN Setup screen to set up a Pre-Shared Key.

  • Page 46: Ip Address Assignment

    ZyXEL G-1000 v2 User’s Guide 3.3.3 IP Address Assignment Your G-1000 v2 needs an IP address to communicate with your wired network. Figure 12 IP Address Assignment The following table describes the labels in this screen. Table 12 IP Address Assignment LABEL DESCRIPTION Obtain IP...

  • Page 47: Apply Settings

    3.3.4 Apply Settings If you changed the SSID on your device or implemented any security, then you will have to make the corresponding changes on your wireless station to reconnect to the G-1000 v2. The following table describes the labels in this screen. Table 13 Apply Settings LABEL DESCRIPTION...

  • Page 48: Figure 13 Wizard Completed

    ZyXEL G-1000 v2 User’s Guide Figure 13 Wizard Completed Chapter 3 Wizard Setup...

  • Page 49: Chapter 4 Wireless Lan

    This chapter discusses how to configure the wireless network settings in your G-1000 v2. See the appendices for more detailed information about wireless networks. 4.1 Wireless Network Overview The following figure provides an example of a wireless network. Figure 14 Example of a Wireless Network The wireless network is the part in the blue circle.

  • Page 50: Wireless Security Overview

    ZyXEL G-1000 v2 User’s Guide Security stops unauthorized devices from using the wireless network. It can also protect the information that is sent in the wireless network. 4.2 Wireless Security Overview The following sections introduce different types of wireless security you can set up in the wireless network.

  • Page 51: Encryption

    • In the AP: this feature is called a local user database or a local database. • In a RADIUS server: this is a server used in businesses more than in homes. If your AP does not provide a local user database and if you do not have a RADIUS server, you cannot set up user names and passwords for your users.

  • Page 52: Additional Wireless Terms

    ZyXEL G-1000 v2 User’s Guide Note: It is recommended that wireless networks use WPA-PSK, WPA, or stronger encryption. IEEE 802.1x and WEP encryption are better than none at all, but it is still possible for unauthorized wireless devices to figure out the original information pretty quickly.

  • Page 53: Figure 15 Wireless Lan: General

    4.4 Wireless LAN Screen Note: If you are configuring the G-1000 v2 from a computer connected to the wireless LAN and you change the G-1000 v2’s SSID or WEP settings, you will lose your wireless connection when you press Apply to confirm. You must then change the wireless settings of your computer to match the G-1000 v2’s new settings.

  • Page 54: No Security

    ZyXEL G-1000 v2 User’s Guide Table 16 Wireless LAN: General LABEL DESCRIPTION Apply Click Apply to save your changes back to the G-1000 v2. Reset Click Reset to reload the previous configuration for this screen. See the rest of this chapter for information on the other labels in this screen. 4.4.1 No Security Select No Security to allow wireless stations to communicate with the access points without any data encryption.

  • Page 55: Wep Encryption

    4.4.2 WEP Encryption WEP encryption scrambles the data transmitted between the wireless stations and the access points to keep network communications private. It encrypts unicast and multicast communications in a network. Both the wireless stations and the access points must use the same WEP key.

  • Page 56: Wpa(2)-Psk

    ZyXEL G-1000 v2 User’s Guide The following table describes the wireless LAN security labels in this screen. Table 18 Wireless: Static WEP Encryption LABEL DESCRIPTION Security Mode Choose Static WEP from the drop-down list box. Passphrase You can generate or manually enter a WEP key by either: Entering a Passphrase (up to 32 printable characters) and clicking Generate.

  • Page 57: Figure 18 Wireless: Wpa(2)-Psk

    Figure 18 Wireless: WPA(2)-PSK The following table describes the wireless LAN security labels in this screen. Table 19 Wireless: WPA(2)-PSK LABEL DESCRIPTION Security Mode Choose WPA-PSK or WPA2-PSK from the drop-down list box. WPA Compatible This check box is available only when you select WPA2-PSK or WPA2 in the Security Mode field.

  • Page 58: Wpa(2) Authentication Screen

    ZyXEL G-1000 v2 User’s Guide Table 19 Wireless: WPA(2)-PSK LABEL DESCRIPTION Group Key Update The Group Key Update Timer is the rate at which the AP (if using WPA(2)-PSK Timer (In key management) or RADIUS server (if using WPA(2) key management) sends a Seconds) new group key out to all clients.

  • Page 59: Table 20 Wireless: Wpa(2)

    The following table describes the wireless LAN security labels in this screen. Table 20 Wireless: WPA(2) LABEL DESCRIPTION WPA Compatible This check box is available only when you select WPA2-PSK or WPA2 in the Security Mode field. Select the check box to have both WPA2 and WPA wireless clients be able to communicate with the G-1000 v2 even when the G-1000 v2 is using WPA2-PSK or WPA2.

  • Page 60: Figure 20 Mac Address Filter

    ZyXEL G-1000 v2 User’s Guide 4.5 MAC Filter The MAC filter screen allows you to configure the G-1000 v2 to give exclusive access to up to 32 devices (Allow) or exclude up to 32 devices from accessing the G-1000 v2 (Deny). Every Ethernet device has a unique MAC (Media Access Control) address.

  • Page 61: Figure 21 Wireless Lan: Advanced

    The following table describes the labels in this menu. Table 21 MAC Address Filter LABEL DESCRIPTION Active Select the check box to enable MAC address filtering. Define the filter action for the list of MAC addresses in the MAC Address table. Filter Action Select Deny to block access to the G-1000 v2, MAC addresses not listed will be allowed to access the G-1000 v2...

  • Page 62: Table 22 Wireless Lan: Advanced

    ZyXEL G-1000 v2 User’s Guide The following table describes the labels in this screen. Table 22 Wireless LAN: Advanced LABEL DESCRIPTION Roaming Configuration Enable Select this checkbox to enable roaming on the G-1000 v2 if you have two or more G- Roaming 1000 v2s on the same subnet.

  • Page 63: Chapter 5 Ip And Dns Screens

    This chapter describes how to configure your G-1000 v2 to interact with the wired network. 5.1 Configuring IP To configure Internet connection, click Network > IP > Internet Connection. The screen appears as shown. Figure 22 Network: Internet Connection The following table describes the labels in this screen. Table 23 Network: Internet Connection LABEL DESCRIPTION...

  • Page 64: Configuring Dns

    ZyXEL G-1000 v2 User’s Guide Table 23 Network: Internet Connection LABEL DESCRIPTION IP Address Enter the IP address of your G-1000 v2 in dotted decimal notation. IP Subnet Mask Type the subnet mask. Gateway IP Type the IP address of the gateway. The gateway is an immediate neighbor of your Address G-1000 v2 that will forward the packet to the destination.
  • Page 65 Table 24 Network: Advanced LABEL DESCRIPTION Apply Click Apply to save your changes back to the G-1000 v2. Reset Click Reset to reload the previous configuration for this screen. Chapter 5 IP and DNS Screens ZyXEL G-1000 v2 User’s Guide...
  • Page 66 ZyXEL G-1000 v2 User’s Guide Chapter 5 IP and DNS Screens...

  • Page 67: Remote Management Configuration

    This chapter provides information on configuring remote management. 6.1 Remote Management Overview Remote management allows you to determine which services/protocols can access which G- 1000 v2 interface (if any) from which computers. Note: When you configure remote management to allow management from the WAN, you still need to configure a firewall rule to allow access.

  • Page 68: System Timeout

    ZyXEL G-1000 v2 User’s Guide • The IP address in the Secured Client IP field does not match the client IP address. If it does not match, the G-1000 v2 will disconnect the session immediately. • There is already another remote management session with an equal or higher priority running.

  • Page 69: Telnet

    Table 25 Remote Management: WWW LABEL DESCRIPTION Apply Click Apply to save your settings back to the G-1000 v2. Cancel Click Cancel to begin configuring this screen afresh. 6.3 Telnet You can configure your G-1000 v2 for remote Telnet access as shown next. The administrator uses Telnet from a computer on a remote network to access the G-1000 v2.

  • Page 70: Figure 26 Remote Management: Telnet

    ZyXEL G-1000 v2 User’s Guide Figure 26 Remote Management: Telnet The following table describes the labels in this screen. Table 26 Remote Management: Telnet LABEL Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management.

  • Page 71: Snmp

    Figure 27 Remote Management: FTP The following table describes the labels in this screen. Table 27 Remote Management: FTP LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Server Access Select the interface(s) through which a computer may access the G-1000 v2 using this service.

  • Page 72: Supported Mibs

    ZyXEL G-1000 v2 User’s Guide Figure 28 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the G-1000 v2). An agent translates the local management information from the managed device into a form compatible with SNMP.

  • Page 73: Snmp Traps

    6.6.2 SNMP Traps The G-1000 v2 will send traps to the SNMP manager when any one of the following events occurs: Table 28 SNMP Traps TRAP # TRAP NAME coldStart (defined in RFC-1215) warmStart (defined in RFC-1215) whyReboot (defined in ZYXEL- MIB) For intentional reboot: For fatal error:...

  • Page 74: Figure 29 Remote Management: Snmp

    ZyXEL G-1000 v2 User’s Guide Figure 29 Remote Management: SNMP The following table describes the labels in this screen. Table 29 Remote Management: SNMP LABEL SNMP Configuration Get Community Set Community Trap Community Trap Destination SNMP Service Port Server Access Secured Client IP Address Apply...

  • Page 75: Chapter 7 System

    Use this screen to configure the G-1000 v2’s time and date settings. 7.1 General Setup 7.1.1 General Setup and System Name General Setup contains administrative and system-related information. System Name is for identification purposes. However, because some ISPs check this name you should enter your computer's "Computer Name".

  • Page 76: Figure 30 System General Setup

    ZyXEL G-1000 v2 User’s Guide Figure 30 System General Setup The following table describes the labels in this screen. Table 30 System General Setup LABEL DESCRIPTION System Setup System Name Enter a name to help you identify your ISP on the network. This is not a required field and you can safely leave this field blank.

  • Page 77: Figure 31 System Time Setting

    7.2 Time Setting To change your G-1000 v2’s time and date, click Maintenance > System > Time Setting. The screen appears as shown. Use this screen to configure the G-1000 v2’s time based on your local time zone. Figure 31 System Time Setting The following table describes the fields in this screen.
  • Page 78 ZyXEL G-1000 v2 User’s Guide Table 31 System Time Setting (continued) LABEL DESCRIPTION New Time This field displays the last updated time from the time server or the last time configured manually. (hh:mm:ss) When you set Time and Date Setup to Manual, enter the new time in this field and then click Apply.
  • Page 79 Table 31 System Time Setting (continued) LABEL DESCRIPTION End Date Configure the day and time when Daylight Saving Time ends if you selected Enable Daylight Saving. The o'clock field uses the 24 hour format. Here are a couple of examples: Daylight Saving Time ends in the United States on the last Sunday of October.
  • Page 80 ZyXEL G-1000 v2 User’s Guide Chapter 7 System...

  • Page 81: Chapter 8 Logs

    This chapter contains information about configuring general log settings and viewing the G- 1000 v2’s logs. Refer to the appendix for example log message explanations. 8.1 Logs Overview The web configurator allows you to choose which categories of events and/or alerts to have the G-1000 v2 log and then display the logs or have the G-1000 v2 send them to an administrator (as e-mail) or to a syslog server.

  • Page 82: Table 32 View Log

    ZyXEL G-1000 v2 User’s Guide The following table describes the fields in this screen. Table 32 View Log LABEL DESCRIPTION Display The categories that you select in the Log Settings screen display in the drop-down list box. Select a category of logs to view; select All Logs to view logs from all of the log categories that you selected in the Log Settings page.

  • Page 83: Figure 33 Log Settings

    Figure 33 Log Settings The following table describes the fields in this screen. Table 33 Log Settings LABEL DESCRIPTION E-mail Log Settings Mail Server Enter the server name or the IP address of the mail server for the e-mail addresses specified below.

  • Page 84: Smtp Error Messages

    ZyXEL G-1000 v2 User’s Guide Table 33 Log Settings LABEL DESCRIPTION Password Enter the password associated with the user name above. Log Schedule This drop-down menu is used to configure the frequency of log messages being sent as E-mail: • •...
  • Page 85 ZyXEL G-1000 v2 User’s Guide Table 34 SMTP Error Messages -6 means RCPT TO fail -7 means DATA fail -8 means mail data send fail Chapter 8 Logs...
  • Page 86 ZyXEL G-1000 v2 User’s Guide Chapter 8 Logs...

  • Page 87: Chapter 9 Tools

    This chapter describes how to upload new firmware, manage configuration and restart your G- 1000 v2. 9.1 Firmware Upgrade Find firmware at www.zyxel.com in a file that (usually) uses the system model name with a.bin extension, for example, "G-1000 v2.bin". The upload process uses HTTP (Hypertext Transfer Protocol) and may take up to two minutes.

  • Page 88: Figure 35 Firmware Upload In Progress

    ZyXEL G-1000 v2 User’s Guide After you see the Firmware Upload in Progress screen, wait two minutes before logging into the G-1000 v2 again. Figure 35 Firmware Upload In Progress The G-1000 v2 automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop.

  • Page 89: Backup Configuration

    9.2 Configuration Screen Click Maintenance > Tools > Configuration. Information related to factory defaults, backup configuration, and restoring configuration appears as shown next. Figure 38 Configuration 9.2.1 Backup Configuration Backup configuration allows you to back up (save) the G-1000 v2’s current configuration to a file on your computer.

  • Page 90: Back To Factory Defaults

    ZyXEL G-1000 v2 User’s Guide After you see a “Restore Configuration successful” screen, you must then wait one minute before logging into the G-1000 v2 again. Figure 39 Configuration Restore Successful The G-1000 v2 automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop.

  • Page 91: Figure 42 Restart Screen

    You can also press the RESET button on the rear panel to reset the factory defaults of your G- 1000 v2. Refer to the chapter about introducing the web configurator for more information on the RESET button. 9.3 Restart System restart allows you to reboot the G-1000 v2 without turning the power off. Click Maintenance >...
  • Page 92 ZyXEL G-1000 v2 User’s Guide Chapter 9 Tools...

  • Page 93: Chapter 10 Introducing The Smt

    This chapter describes how to access the SMT and provides an overview of its menus 10.1 Connect to your G-1000 v2 Using Telnet The following procedure details how to telnet into your G-1000 v2. 1 In Windows, click Start (usually in the bottom left corner), Run and then type “telnet 192.168.1.2”...

  • Page 94: G-1000 V2 Smt Menus Overview

    ZyXEL G-1000 v2 User’s Guide 4 Type your new system password in the New Password field (up to 30 characters), and press [ENTER]. 5 Re-type your new system password in the Retype to confirm field for confirmation and press [ENTER]. Note that as you type a password, the screen displays an asterisk “*”...

  • Page 95: Navigating The Smt Interface

    10.4 Navigating the SMT Interface The SMT (System Management Terminal) is the interface that you use to configure your G- 1000 v2. Several operations that you should be familiar with before you attempt to modify the configuration are listed in the table below. Table 38 Main Menu Commands OPERATION KEYSTROKE...

  • Page 96: Figure 45 G-1000 V2 Smt Main Menu

    ZyXEL G-1000 v2 User’s Guide Figure 45 G-1000 v2 SMT Main Menu Copyright (c) 1994 - 2006 ZyXEL Communications Corp. Getting Started 1. General Setup 3. LAN Setup This menu is summarized below. Table 39 Main Menu Summary MENU TITLE...

  • Page 97: Chapter 11 General Setup

    The chapter shows you the information on general setup. Menu 1 – General Setup contains administrative and system-related information (shown next). The System Name field is for identification purposes. It is recommended you type your computer's "Computer name". The Domain Name entry is what is propagated to the DHCP clients on the LAN. While you must enter the host name (System Name) on each individual computer, the domain name can be assigned from the G-1000 v2 via DHCP.
  • Page 98 ZyXEL G-1000 v2 User’s Guide Table 40 Menu 1 General Setup FIELD IP Address When you have completed this menu, press [ save your configuration, or press [ DESCRIPTION Enter the IP addresses of the DNS servers. This field is available when you select User-Defined in the field above.

  • Page 99: Chapter 12 Lan Setup

    This chapter shows you how to configure the LAN on your G-1000 v2. 12.1 LAN Setup This section describes how to configure the Ethernet using Menu 3 – LAN Setup. From the main menu, enter 3 to display menu 3. Figure 47 Menu 3 LAN Setup 2.

  • Page 100: Wireless Lan Setup

    ZyXEL G-1000 v2 User’s Guide Follow the instructions in the following table on how to configure the fields in this menu. Table 41 Menu 3.2 TCP/IP Setup FIELD DESCRIPTION IP Address Press [SPACE BAR] and then [ENTER] to select Dynamic to have the G-1000 v2 Assignment obtain an IP address from a DHCP server.

  • Page 101: Table 42 Menu 3.5 Wireless Lan Setup

    The following table describes the fields in this menu. Table 42 Menu 3.5 Wireless LAN Setup FIELD DESCRIPTION ESSID The ESSID (Extended Service Set IDentity) identifies the AP to which the wireless stations associate. Wireless stations associating to the AP must have the same ESSID. Enter a descriptive name of up to 32 printable 7-bit ASCII characters.

  • Page 102: Configuring Mac Address Filter

    ZyXEL G-1000 v2 User’s Guide Table 42 Menu 3.5 Wireless LAN Setup FIELD DESCRIPTION 802.11 Mode Select B Only to allow only IEEE 802.11b compliant WLAN devices to associate with the G-1000 v2. Select G Only to allow only IEEE 802.11g compliant WLAN devices to associate with the G-1000 v2.

  • Page 103: Configuring Roaming

    Figure 51 Menu 3.5.1 WLAN MAC Address Filter Active= No Filter Action= Allowed Association ------------------------------------------------------------------------------ 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 00:00:00:00:00:00 ------------------------------------------------------------------------------ The following table describes the fields in this menu. Table 43 Menu 3.5.1 WLAN MAC Address Filter FIELD DESCRIPTION Active...

  • Page 104: Figure 52 Menu 3.5 Wireless Lan Setup

    ZyXEL G-1000 v2 User’s Guide Figure 52 Menu 3.5 Wireless LAN Setup ESSID= ZyXEL Hide ESSID= No Channel ID= CH06 2437MHz RTS Threshold= 2432 Frag. Threshold= 2432 WEP Encryption= 64-bit WEP Default Key= 1 Key1= ******** Key2= ******** Key3= ******** Key4= ******** Authen.

  • Page 105: Chapter 13 Snmp Configuration

    This chapter shows you how to use SMT to configure SNMP on the G-1000 v2. To configure SNMP, select option 22 from the main menu to open Menu 22 – SNMP Configuration as shown next. The “community” for Get, Set and Trap fields is SNMP terminology for password.
  • Page 106 ZyXEL G-1000 v2 User’s Guide Chapter 13 SNMP Configuration...

  • Page 107: Chapter 14 System Security

    This chapter describes how to configure the system password, an external RADIUS server and 802.1x in SMT. 14.1 System Password Figure 55 Menu 23 System Security Enter Menu Selection Number: You should change the default password. If you forget your password you have to restore the default configuration file.

  • Page 108: Figure 57 Menu 23.2 System Security: Radius Server

    ZyXEL G-1000 v2 User’s Guide Figure 57 Menu 23.2 System Security: RADIUS Server The following table describes the fields in this menu. Table 46 Menu 23.2 System Security: RADIUS Server FIELD Authentication Server Active Server Address Port Shared Secret Accounting Server Active Server Address Port...

  • Page 109: 109

    14.3 802.1x The IEEE 802.1x standards outline enhanced security methods for both the authentication of wireless stations and encryption key management. Follow the steps below to enable EAP authentication on your G-1000 v2. 1 From the main menu, enter 23 to display Menu23 – System Security. Figure 58 Menu 23 System Security 1.

  • Page 110: Table 47 Menu 23.4 System Security: Ieee802.1X

    ZyXEL G-1000 v2 User’s Guide The following table describes the fields in this menu. Table 47 Menu 23.4 System Security: IEEE802.1x FIELD Wireless Port Control Press [SPACE BAR] and select a security mode for the wireless LAN access. ReAuthentication Timer (in second) Idle Timeout (in second) Key Management...
  • Page 111 Table 47 Menu 23.4 System Security: IEEE802.1x FIELD Authentication Databases When you have completed this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [ESC] to cancel and go back to the previous screen. Once you enable user authentication, you need to specify an external RADIUS server or create local user accounts on the G-1000 v2 for authentication Chapter 14 System Security...
  • Page 112 ZyXEL G-1000 v2 User’s Guide Chapter 14 System Security...

  • Page 113: System Information And Diagnosis

    System Information and This chapter covers the information and diagnostic tools in SMT menus 24.1 to 24.4. These tools include updates on system status, port status, log and trace capabilities and upgrades for the system software. This chapter describes how to use these tools in detail. Type 24 in the main menu and press [ENTER] to open Menu 24 –...

  • Page 114: Figure 61 Menu 24.1 System Maintenance: Status

    This is the time the G-1000 v2 is up and running from the last reboot. ZyNOS F/W Version Refers to the ZyNOS (ZyXEL Network Operating System) system firmware version. ZyNOS is a registered trademark of ZyXEL Communications Corporation. Name This displays the device name.

  • Page 115: System Information

    15.2 System Information To get to the System Information: 1 Enter 24 to display Menu 24 – System Maintenance. 2 Enter 2 to display Menu 24.2 – System Information and Console Port Speed. 3 From this menu you have two choices as shown in the next figure: Figure 62 Menu 24.2 System Information and Console Port Speed Menu 24.2 - System Information and Console Port Speed 1.

  • Page 116: Console Port Speed

    3 From this menu you have one choice as shown in the next figure: DESCRIPTION Refers to the ZyNOS (ZyXEL Network Operating System) system firmware version. ZyNOS is a registered trademark of ZyXEL Communications Corporation. Refers to the country code of the firmware.

  • Page 117: Syslog Logging

    Figure 65 Menu 24.3 Log and Trace Menu 24.3 - System Maintenance - Log and Trace Note: The console port is internal and reserved for technician use only. 15.3.1 Syslog Logging Enter 2 in menu 24.2 to display the screen shown next. Figure 66 Menu 24.3.2 System Maintenance - Syslog Logging Syslog: Active= No...

  • Page 118: Figure 67 Menu 24.4 System Maintenance: Diagnostic

    ZyXEL G-1000 v2 User’s Guide Figure 67 Menu 24.4 System Maintenance: Diagnostic Follow the procedure next to get to display this menu: 1 From the main menu, type 24 to open Menu 24 – System Maintenance. 2 From this menu, type 4. Diagnostic to open Menu 24.4 – System Maintenance – Diagnostic.

  • Page 119: Firmware And Configuration File Maintenance

    Firmware and Configuration File This chapter tells you how to backup and restore your configuration file as well as upload new firmware and configuration files using the SMT screens. 16.1 Filename Conventions The configuration file (often called the romfile or rom-0) contains the factory default settings in the menus such as password and TCP/IP Setup, etc.

  • Page 120: Backup Configuration

    ZyXEL G-1000 v2 User’s Guide The following table is a summary. Please note that the internal filename refers to the filename on the G-1000 v2 and the external filename refers to the filename not on the G-1000 v2, that is, on your computer, local network or FTP site and so the name (but not the extension) will vary.

  • Page 121: Using The Ftp Command From The Dos Prompt

    Figure 68 Menu 24.5 Backup Configuration Menu 24.5 – Backup Configuration To transfer the configuration file to your workstation, follow the procedure below: 1. Launch the FTP client on your workstation. 2. Type "open" and the IP address of your router. Then type "root" and SMT password as requested.

  • Page 122: Backup Configuration Using Tftp

    ZyXEL G-1000 v2 User’s Guide The following table describes some of the commands that you may see in third party FTP clients. Table 53 General Commands for Third Party FTP Clients COMMAND Host Address Login Type Transfer Type Initial Remote Directory Initial Local Directory 16.2.3 Backup Configuration Using TFTP...

  • Page 123: Example: Tftp Command

    16.2.4 Example: TFTP Command The following is an example TFTP command: TFTP [-i] host get rom-0 config.rom where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the G-1000 v2 IP address, “get” transfers the file source on the G-1000 v2 (rom-0 name of the configuration file on the G-1000 v2) to the file destination on the computer and renames it config.rom.

  • Page 124: Figure 72 Backup Configuration Example

    ZyXEL G-1000 v2 User’s Guide 3 Run the HyperTerminal program by clicking Transfer, then Receive File as shown in the following screen. Figure 72 Backup Configuration Example 4 After a successful backup you will see the following screen. Press any key to return to the SMT menu.

  • Page 125: System Maintenance And Information

    Figure 74 Menu 24 System Maintenance Menu 24 - System Maintenance 10. Time and Date Setting 11. Remote Management Setup Figure 75 Valid CI Commands Copyright (c) 1994 - 2005 ZyXEL Communications Corp. G-1000v2> ? Valid commands are: exit config...

  • Page 126: Time And Date Setting

    ZyXEL G-1000 v2 User’s Guide 17.2 Time and Date Setting The G-1000 v2 keeps track of the time and date. There is also a software mechanism to set the time manually or get the current time and date from an external server when you turn on your G-1000 v2.

  • Page 127: Remote Management Setup

    Table 55 System Maintenance: Time and Date Setting FIELD Time Zone Daylight Saving Start Date End Date Once you have filled in this menu, press [ENTER] at the message “Press ENTER to Confirm or ESC to Cancel“ to save your configuration, or press [ESC] to cancel. The G-1000 v2 resets the time in three instances: 1 On leaving menu 24.10 after making changes.

  • Page 128: Remote Management Setup

    ZyXEL G-1000 v2 User’s Guide 17.3.4 Remote Management Setup Remote management setup is for managing Telnet, FTP and Web services. You can customize the service port, access interface and the secured client IP address to enhance security and flexibility. You may manage your G-1000 v2 from a remote location via: the Internet (WAN only), the LAN only, All (LAN and WAN) or Disable (neither).

  • Page 129: Remote Management Limitations

    The following table describes the fields in this menu. Table 57 Menu 24.11 Remote Management Control FIELD TELNET Server: FTP Server: Web Server: SNMP Service: DNS Service: Port Access Secured Client IP Once you have filled in this menu, press [ENTER] at the message "Press ENTER to Confirm or ESC to Cancel"...

  • Page 130: System Timeout

    ZyXEL G-1000 v2 User’s Guide 17.5 System Timeout There is a system timeout of five minutes (300 seconds) for Telnet/web/FTP connections. Your G-1000 v2 will automatically log you out if you do nothing in this timeout period, except when it is continuously updating the status in menu 24.1 or when sys stdio has been changed on the command line.

  • Page 131: Chapter 18 Troubleshooting

    This chapter covers potential problems and possible remedies. After each problem description, some instructions are provided to help you to diagnose and solve the problem. Problems Starting Up the G-1000 v2 Table 58 Troubleshooting the Start-Up of Your G-1000 v2 PROBLEM CORRECTIVE ACTION None of the lights...

  • Page 132: Table 60 Troubleshooting The Password

    ZyXEL G-1000 v2 User’s Guide Problems with the Password Table 60 Troubleshooting the Password PROBLEM CORRECTIVE ACTION I cannot access the The Password and Username fields are case-sensitive. Make sure that you enter the G-1000 v2. correct password and username using the proper casing. Use the RESET button on the top panel of the G-1000 v2 to restore the factory default configuration file (hold this button in for about 10 seconds or until the link light turns red).

  • Page 133: Product Specifications

    See also the Introduction chapter for a general overview of the key features. Specification Tables Table 62 Hardware Default IP Address 192.168.1.2 Default Subnet Mask 255.255.255.0 (24 bits) Default Password 1234 Dimensions (152 W) x (92 D) x (45 H) mm Weight 300g Power Specification...
  • Page 134 ZyXEL G-1000 v2 User’s Guide Table 63 Firmware (continued) Management Wireless Network Standard Operating Frequency Receiver Sensitivity Wireless Coverage RF Output Power Security Logs Embedded Web Configurator CLI (Command Line Interpreter) Remote Management via Telnet or Web SMT (System Management Terminal) SNMP Management Embedded FTP/TFTP server for firmware downloading, configuration backup and restoration with large rom file support...

  • Page 135: Brute-Force Password Guessing Protection

    Brute-Force Password Guessing The following describes the commands for enabling, disabling and configuring the brute-force password guessing protection mechanism for the password. See on the command structure. Table 64 Brute-Force Password Guessing Protection Commands COMMAND DESCRIPTION sys pwderrtm This command displays the brute-force guessing password protection settings. sys pwderrtm 0 This command turns off the password’s protection from brute-force guessing.
  • Page 136 ZyXEL G-1000 v2 User’s Guide...

  • Page 137: Setting Up Your Computer's Ip Address

    ZyXEL G-1000 v2 User’s Guide P P E N D I X Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ IP on your computer.

  • Page 138: Figure 79 Windows 95/98/Me: Network: Configuration

    ZyXEL G-1000 v2 User’s Guide Figure 79 WIndows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add.

  • Page 139: Figure 80 Windows 95/98/Me: Tcp/Ip Properties: Ip Address

    3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click 5 Restart your computer so the changes you made take effect. Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab.

  • Page 140: Figure 81 Windows 95/98/Me: Tcp/Ip Properties: Dns Configuration

    ZyXEL G-1000 v2 User’s Guide Figure 81 Windows 95/98/Me: TCP/IP Properties: DNS Configuration 4 Click the Gateway tab. • • 5 Click OK to save and close the TCP/IP Properties window. 6 Click OK to close the Network window. Insert the Windows CD if prompted. 7 Turn on your G-1000 v2 and restart your computer when prompted.

  • Page 141: Figure 82 Windows Xp: Start Menu

    Figure 82 Windows XP: Start Menu 2 For Windows XP, click Network Connections. For Windows 2000/NT, click Network and Dial-up Connections. Figure 83 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties. ZyXEL G-1000 v2 User’s Guide...

  • Page 142: Figure 84 Windows Xp: Control Panel: Network Connections: Properties

    ZyXEL G-1000 v2 User’s Guide Figure 84 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties. Figure 85 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP).

  • Page 143: Figure 86 Windows Xp: Advanced Tcp/Ip Settings

    • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields. Click Advanced. Figure 86 Windows XP: Advanced TCP/IP Settings 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK.

  • Page 144: Figure 87 Windows Xp: Internet Protocol (Tcp/Ip) Properties

    ZyXEL G-1000 v2 User’s Guide • • Figure 87 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click OK to close the Local Area Connection Properties window. 10Turn on your G-1000 v2 and restart your computer (if prompted). Verifying Settings 1 Click Start, All Programs, Accessories and then Command Prompt.

  • Page 145: Figure 88 Macintosh Os 8/9: Apple Menu

    Figure 88 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 89 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. ZyXEL G-1000 v2 User’s Guide...

  • Page 146: Figure 90 Macintosh Os X: Apple Menu

    ZyXEL G-1000 v2 User’s Guide 4 For statically assigned settings, do the following: • • • • 5 Close the TCP/IP Control Panel. 6 Click Save if prompted, to save changes to your configuration. 7 Turn on your G-1000 v2 and restart your computer (if prompted). Verifying Settings Check your TCP/IP properties in the TCP/IP Control Panel window.

  • Page 147: Figure 91 Macintosh Os X: Network

    Figure 91 Macintosh OS X: Network 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. •...
  • Page 148 ZyXEL G-1000 v2 User’s Guide...

  • Page 149: Ip Address Assignment Conflicts

    IP Address Assignment Conflicts This appendix describes situations where IP address conflicts may occur. Subscribers with duplicate IP addresses will not be able to access the Internet. Case A: The G-1000 v2 is using the same LAN and WAN IP addresses The following figure shows an example where the G-1000 v2 is using a WAN IP address that is the same as the IP address of a computer on the LAN.

  • Page 150: Figure 94 Ip Address Conflicts: Case C

    ZyXEL G-1000 v2 User’s Guide To solve this problem, make sure the G-1000 v2 LAN IP address is not in the DHCP IP address pool. Case C: The Subscriber IP address is the same as the IP address of a network device The following figure depicts an example where the subscriber IP address is the same as the IP address of a network device not attached to the G-1000 v2.

  • Page 151: Figure 95 Ip Address Conflicts: Case D

    ZyXEL G-1000 v2 User’s Guide Figure 95 IP Address Conflicts: Case D This problem can be solved by adding a VLAN-enabled switch or set the computers to obtain IP addresses dynamically.
  • Page 152 ZyXEL G-1000 v2 User’s Guide...

  • Page 153: Table 65 Classes Of Ip Addresses

    IP Addressing Routers “route” based on the network number. The router that delivers the data packet to the correct destination host uses the host ID. IP Classes An IP address is made up of four octets (eight bits), written in dotted decimal notation, for example, 192.168.1.1.

  • Page 154: Appendix Eip Subnetting

    ZyXEL G-1000 v2 User’s Guide Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a value of 0 to 127. Similarly the first octet of a class “B” must begin with “10”, therefore the first octet of a class “B”...

  • Page 155: Table 68 Alternative Subnet Mask Notation

    Since the mask is always a continuous number of ones beginning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet. This is usually specified by writing a “/”...

  • Page 156: Table 70 Subnet 1

    ZyXEL G-1000 v2 User’s Guide last octet bit values indicate host ID bits “borrowed” to form network ID bits. The number of “borrowed” host ID bits determines the number of subnets you can have. The remaining number of host ID bits (after “borrowing”) determines the number of hosts you can have on each subnet.

  • Page 157: Table 72 Subnet 1

    Example: Four Subnets The above example illustrated using a 25-bit subnet mask to divide a class “C” address space into two subnets. Similarly to divide a class “C” address into four subnets, you need to “borrow” two host ID bits to give four possible combinations of 00, 01, 10 and 11. The subnet mask is 26 bits (11111111.11111111.11111111.11000000) or 255.255.255.192.

  • Page 158: Table 75 Subnet 4

    ZyXEL G-1000 v2 User’s Guide Table 75 Subnet 4 IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address: 192.168.1.192 Broadcast Address: 192.168.1.255 Example Eight Subnets Similarly use a 27-bit mask to create 8 subnets (001, 010, 011, 100, 101, 110). The following table shows class C IP address last octet values for each subnet.

  • Page 159: Table 78 Class B Subnet Planning

    Subnetting With Class A and Class B Networks. For class “A” and class “B” addresses the subnet mask also determines which bits are part of the network number and which are part of the host ID. A class “B” address has two host ID octets available for subnetting and a class “A” address has three host ID octets (see Table The following table is a summary for class “B”...
  • Page 160 ZyXEL G-1000 v2 User’s Guide...

  • Page 161: Command Interpreter

    The following describes how to use the command interpreter. Enter 24 in the main menu to bring up the system maintenance menu. Enter 8 to go to Menu 24.8 - Command Interpreter Mode. See the included disk or zyxel.com for more detailed information on these commands. Note: Use of undocumented commands or misconfiguration can damage the unit and possibly render it unusable.
  • Page 162 ZyXEL G-1000 v2 User’s Guide...

  • Page 163: Appendix G Log Descriptions

    This appendix provides descriptions of example log messages Table 79 System Error Logs LOG MESSAGE DESCRIPTION %s exceeds the max. This attempt to create a NAT session exceeds the maximum number of NAT session number of session per table entries allowed to be created per host. host! Table 80 System Maintenance Logs LOG MESSAGE...

  • Page 164: Table 82 Sys Log

    ZyXEL G-1000 v2 User’s Guide Table 81 ICMP Notes (continued) TYPE CODE DESCRIPTION Port unreachable A packet that needed fragmentation was dropped because it was set to Don't Fragment (DF) Source route failed Source Quench A gateway may discard internet datagrams if it does not have the buffer space needed to queue the datagrams for output to the next network on the route to the destination network.

  • Page 165: Table 83 Log Categories And Available Settings

    Configuring What You Want the G-1000 v2 to Log Use the sys logs load command to load the log setting buffer that allows you to configure which logs G-1000 v2 is to record. Use sys logs category followed by a log category and a parameter to decide what to record Table 83 Log Categories and Available Settings LOG CATEGORIES 8021x...

  • Page 166: Log Command Example

    ZyXEL G-1000 v2 User’s Guide Log Command Example This example shows how to set the results. ras> sys logs load ras> sys logs category error 3 ras> sys logs save ras> sys logs display access # .time notes 0|11/11/2002 15:10:12 |172.22.3.80:137 |172.22.255.255:137 1|11/11/2002 15:10:12 |172.21.4.17:138 |172.21.255.255:138...

  • Page 167: Wireless Lan And Ieee 802.11

    ZyXEL G-1000 v2 User’s Guide P P E N D I X Wireless LAN and IEEE 802.11 A wireless LAN (WLAN) provides a flexible data communications system that you can use to access various services (navigating the Internet, email, printer services, etc.) without the use of a cabled connection.

  • Page 168: Figure 96 Ibss (Ad-Hoc) Wireless Lan

    ZyXEL G-1000 v2 User’s Guide Figure 96 IBSS (Ad-hoc) Wireless LAN A Basic Service Set (BSS) exists when all communications between wireless stations or between a wireless station and a wired network client go through one access point (AP). Intra-BSS traffic is traffic between wireless stations in the BSS. When Intra-BSS is enabled, wireless station A and B can access the wired network and communicate with each other.

  • Page 169: Figure 97 Basic Service Set

    ZyXEL G-1000 v2 User’s Guide Figure 97 Basic Service Set An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). An ESSID (ESS IDentification) uniquely identifies each ESS.

  • Page 170: Figure 98 Extended Service Set

    ZyXEL G-1000 v2 User’s Guide Figure 98 Extended Service Set Wireless LAN Basics RTS/CTS A hidden node occurs when two stations are within range of the same access point, but are not within range of each other. The following figure illustrates a hidden node. Both stations (STA) are within range of the access point (AP) or wireless gateway, but out-of-range of each other, so they cannot “hear”...

  • Page 171: Fragmentation Threshold

    ZyXEL G-1000 v2 User’s Guide When station A sends data to the G-1000 v2, it might not know that station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
  • Page 172 ZyXEL G-1000 v2 User’s Guide IEEE 802.11 The 1997 completion of the IEEE 802.11 standard for wireless LANs (WLANs) was a first important step in the evolutionary development of wireless networking technologies. The standard was developed to maximize interoperability between differing brands of wireless LANs as well as to introduce a variety of performance improvements and benefits.

  • Page 173: Wireless Lan Security

    As wireless networks become popular for both portable computing and corporate networks, security is now a priority. IEEE 802.11g Wireless LAN IEEE 802.11g is fully compatible with the IEEE 802.11b standard. This means an IEEE 802.11b adapter can interface directly with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range.

  • Page 174: Types Of Radius Messages

    ZyXEL G-1000 v2 User’s Guide RADIUS RADIUS is based on a client-server model that supports authentication, authorization and accounting. The access point is the client and the server is the RADIUS server. The RADIUS server handles the following tasks: • Authentication Determines the identity of the users.

  • Page 175: Types Of Authentication

    ZyXEL G-1000 v2 User’s Guide In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password, they both know. The key is not sent over the network. In addition to the shared key, password information exchanged is also encrypted to protect the network from unauthorized access.

  • Page 176: Table 85 Comparison Of Eap Authentication Types

    ZyXEL G-1000 v2 User’s Guide PEAP (Protected EAP) Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication.

  • Page 177: Figure 100 Wep Authentication Steps

    ZyXEL G-1000 v2 User’s Guide Figure 100 WEP Authentication Steps Open system authentication involves an unencrypted two-message procedure. A wireless station sends an open system authentication request to the AP, which will then automatically accept and connect the wireless station to the network. In effect, open system is not authentication at all as any station can gain access to the network.
  • Page 178 ZyXEL G-1000 v2 User’s Guide WPA(2) Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. Key differences between WPA(2) and WEP are improved data encryption and user authentication.

  • Page 179: Wireless Client Wpa Supplicants

    ZyXEL G-1000 v2 User’s Guide By generating unique data encryption keys for every data packet and by creating an integrity checking mechanism (MIC), with TKIP and AES it is more difficult to decrypt data on a Wi-Fi network than WEP and difficult for an intruder to break into the network. The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same.

  • Page 180: Figure 101 Wpa With Radius Application Example

    ZyXEL G-1000 v2 User’s Guide 2 The RADIUS server then checks the user's identification against its database and grants or denies network access accordingly. 3 The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then sets up a key hierarchy and management system, using the pair-wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients.

  • Page 181: Table 86 Wireless Security Relational Matrix

    Security Parameters Summary • Refer to this table to see what other security parameters you should configure for each Authentication Method/ key management protocol type. MAC address filters are not dependent on how you configure these security features. Table 86 Wireless Security Relational Matrix AUTHENTICATION METHOD/ KEY MANAGEMENT PROTOCOL...

  • Page 182: Figure 102 Sequences For Eap Md5-Challenge Authentication

    ZyXEL G-1000 v2 User’s Guide Figure 102 Sequences for EAP MD5–Challenge Authentication Mutual Authentication with Internal RADIUS server. Microsofts Challenge-Handshake Authentication Protocol (MS-CHAP V2) is used to periodically verify the identity of the peer (station or other AP) using a three-way handshake. The following figure depicts a typical wireless network with a G-1000 v2 RADIUS server for user authentication using PEAP (Protected EAP) and MS-CHAP V2.

  • Page 183: Figure 103 Sequences For Peap, Ms-Chap V2 Authentication

    ZyXEL G-1000 v2 User’s Guide Figure 103 Sequences for PEAP, MS–CHAP V2 Authentication...
  • Page 184 ZyXEL G-1000 v2 User’s Guide...

  • Page 185: Types Of Eap Authentication

    Types of EAP Authentication This appendix discusses popular EAP authentication types. The type of authentication you use depends on the RADIUS server or the AP. Consult your network administrator for more information. EAP-MD5 (Message-Digest Algorithm 5) MD5 authentication is the simplest one-way authentication method. The authentication server sends a challenge to the wireless station.

  • Page 186: Table 87 Comparison Of Eap Authentication Types

    ZyXEL G-1000 v2 User’s Guide PEAP (Protected EAP) Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication.

  • Page 187: Antenna Selection And Positioning Recommendation

    ZyXEL G-1000 v2 User’s Guide P P E N D I X Antenna Selection and Positioning Recommendation An antenna couples RF signals onto air. A transmitter within a wireless device sends an RF signal to the antenna, which propagates the signal through the air. The antenna also operates in reverse by capturing RF signals from the air.

  • Page 188: Types Of Antennas For Wlan

    ZyXEL G-1000 v2 User’s Guide Types of Antennas For WLAN There are two types of antennas used for wireless LAN applications. • Omni-directional antennas send the RF signal out in all directions on a horizontal plane. The coverage area is torus-shaped (like a donut) which makes these antennas ideal for a room environment.
  • Page 189 Index Numerics 110V AC 230V AC Abnormal Working Conditions access point access point. See also AP. Accessories Acts of God Advanced Encryption Standard Airflow Alternative Subnet Mask Notation American Wire Gauge Antenna Directional Omni-directional Antenna gain AP. See also access point. Applications Authentication Auto-crossover Ethernet/Fast Ethernet Interface...
  • Page 190 ZyXEL G-1000 v2 User’s Guide 175, 185 Cables, Connecting Certificate Authority 175, 185 Certifications channel Channel ID 53, 101 Charge Circuit Class B Collision Command Interpreter Communications Community Compliance, FCC Components Condition Connecting Cables Consequential Damages Contact Information Contacting Customer Support Copyright Correcting Interference Corrosive Liquids...
  • Page 191 Dust Dynamic WEP Key Exchange EAP Authentication 175, 185 Electric Shock Electrical Pipes Electrocution embedded help Encryption encryption Equal Value Europe Exposure Extended Service Set Extended Service Set IDentification Failure Rules, Part 15 FCC Rules Federal Communications Commission FHSS Filename Conventions Finland, Contact Information firmware upgrade...
  • Page 192 ZyXEL G-1000 v2 User’s Guide Gas Pipes General Setup 41, 75, 97 General wireless LAN screen Germany, Contact Information God, act of Harmful Interference Hidden Menus hide SSID High Voltage Points Host Host IDs HTTP (Hypertext Transfer Protocol) HyperTerminal program IBSS IEEE 802.11g max frame burst...
  • Page 193 License Lightning Link type Liquids, Corrosive local (user) database Log Descriptions Logs MAC address MAC address filter weaknesses MAC Address Filter Action 61, 103 MAC Address Filtering 60, 102 MAC Filter MAC Filtering Main Menu Management Information Base (MIB) Materials max frame burst Merchantability Message Integrity Check (MIC)
  • Page 194 ZyXEL G-1000 v2 User’s Guide Packets Pairwise Master Key (PMK) Parts Password 93, 105 Patent Permission Photocopying Ping Pipes Pool Postage Prepaid. Power Adaptor Power Cord Power Outlet Power Supply Power Supply, repair preamble Product Model Product Page Product Serial Number Products Proof of Purchase Proper Operating Condition...
  • Page 195 Rate Receiving Transmission Receiving Antenna Registered Registered Trademark Regular Mail Related Documentation Relocate Re-manufactured Remote Authentication Dial In User Service Remote Management Limitations 67, 129 Remote Management Setup Remote Node Removing Reorient Repair 6, 7 Replace Replacement Reproduction Required fields Reset Button Restore 7, 89...
  • Page 196 ZyXEL G-1000 v2 User’s Guide Shock, Electric SMT Menu Overview SMTP Error Messages SNMP 30, 71 Community Manager MIBs Trusted Host Spain, Contact Information SSID 49, 50 hide SSID security weaknesses SSL Passthrough STP (Spanning Tree Protocol) Subnet Mask 100, 116 Subnet Masks Subnetting Supply Voltage...
  • Page 197 Thunderstorm Time and Date Setting Time Zone Trademark Trademark Owners Trademarks Translation Troubleshooting Accessing ZyAIR Ethernet Port Start-Up TV Technician Undesired Operations User Authentication user authentication local (user) database RADIUS server weaknesses Valid CI Commands Value Vendor Ventilation Slots Viewing Certifications Voltage Supply Voltage, High Wall Mount...
  • Page 198 Security parameters Workmanship Worldwide Contact Information 28, 178 WPA2 28, 178 WPA2-Pre-Shared Key WPA2-PSK WPA-PSK Written Permission ZyAIR LED ZyNOS 3, 120 ZyNOS F/W Version ZyXEL Communications Corporation ZyXEL Home Page ZyXEL Limited Warranty Note ZyXEL Network Operating System 28, 178...

This manual is also suitable for:

G-1000 v2

Table of Contents