Page 1 NBG334W 802.11g Wireless Firewall Router User’s Guide Version 3.60 10/2007 Edition 2 DEFAULT LOGIN IP Address http://192.168.1.1 User Name admin Password 1234 www.zyxel.com...
Page 3: About This User's Guide
Help us help you. Send all User Guide-related comments, questions or suggestions for improvement to the following address, or use e-mail instead. Thank you! The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan.
Page 4: Document Conventions
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. Warnings tell you about things that could harm you or your device. Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.
Page 5 Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The NBG334W icon is not an exact representation of your device. NBG334W Server Telephone Modem NBG334W User’s Guide Computer Notebook computer DSLAM Firewall Switch Router NBG334W Document Conventions...
Page 6: Safety Warnings
Safety Warnings For your safety, be sure to read and follow all warning notices and instructions. • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. •...
Page 7 Safety Warnings NBG334W User’s Guide...
Page 8 Safety Warnings NBG334W User’s Guide...
Page 9: Table Of Contents
Introduction ... 29 Getting to Know Your NBG334W ... 31 Introducing the Web Configurator ... 35 Connection Wizard ... 47 AP Mode ... 63 Network ... 71 Wireless LAN ... 73 Wireless Tutorial ... 93 WAN ... 101 LAN ...111 Guest WLAN ...117 DHCP ...
Page 10 Contents Overview NBG334W User’s Guide...
Page 11: Table Of Contents
About This User's Guide ... 3 Document Conventions... 4 Safety Warnings... 6 Contents Overview ... 9 Table of Contents... 11 List of Figures ... 19 List of Tables... 25 Part I: Introduction... 29 Chapter 1 Getting to Know Your NBG334W... 31 1.1 Overview ...
Page 12 Table of Contents 2.5.6 Summary: Wireless Station Status Chapter 3 Connection Wizard ... 47 3.1 Wizard Setup ... 47 3.2 Connection Wizard: STEP 1: System Information ... 48 3.2.1 System Name ... 48 3.2.2 Domain Name ... 49 3.3 Connection Wizard: STEP 2: Wireless LAN ... 49 3.3.1 Basic (WEP) Security ...
Page 13 5.2.1 SSID ... 75 5.2.2 MAC Address Filter ... 75 5.2.3 User Authentication ... 76 5.2.4 Encryption ... 76 5.3 Roaming ... 77 5.3.1 Requirements for Roaming ... 78 5.4 Quality of Service ... 78 5.4.1 WMM QoS ... 79 5.5 General Wireless LAN Screen ...
Page 14 Table of Contents 8.1 LAN Overview ...111 8.1.1 IP Pool Setup ...111 8.1.2 System DNS Servers ...111 8.2 LAN TCP/IP ...111 8.2.1 Factory LAN Defaults ...111 8.2.2 IP Address and Subnet Mask ...112 8.2.3 Multicast ...112 8.2.4 Any IP ...112 8.3 LAN IP Screen ...114 8.4 LAN IP Alias ...114 8.5 Advanced LAN Screen ...115...
Page 15 12.1.1 DynDNS Wildcard ... 139 12.2 Dynamic DNS Screen ... 139 Part III: Security... 141 Chapter 13 Firewall... 143 13.1 Introduction to ZyXEL’s Firewall 13.1.1 What is a Firewall? ... 143 13.1.2 Stateful Inspection Firewall ... 143 13.1.3 About the NBG334W Firewall ... 143 13.1.4 Guidelines For Enhancing Security With Your Firewall ...
Page 16 Table of Contents 16.2 Application-based Bandwidth Management ... 159 16.3 Subnet-based Bandwidth Management ... 159 16.4 Application and Subnet-based Bandwidth Management ... 160 16.5 Bandwidth Management Priorities ... 160 16.6 Predefined Bandwidth Management Services ... 161 16.6.1 Services and Port Numbers ... 162 16.7 Default Bandwidth Management Classes and Priorities ...
Page 17 Chapter 20 Logs ... 193 20.1 View Log ... 193 20.2 Log Settings ... 194 20.3 Log Descriptions ... 197 Chapter 21 Tools... 207 21.1 Firmware Upload Screen ... 207 21.2 Configuration Screen ... 208 21.2.1 Backup Configuration ... 209 21.2.2 Restore Configuration ...
Page 18 Table of Contents Appendix B Pop-up Windows, JavaScripts and Java Permissions ... 235 Appendix C IP Addresses and Subnetting ... 241 Appendix D Setting up Your Computer’s IP Address ... 249 25.6.1 Verifying Settings ... 264 Appendix E Wireless LANs ... 265 25.6.2 WPA(2)-PSK Application Example ...
Page 19: List Of Figures
List of Figures List of Figures Figure 1 Wireless Internet Access in AP Mode ... 31 Figure 2 Secure Wireless Internet Access in Router Mode ... 32 Figure 3 Front Panel ... 33 Figure 4 Change Password Screen ... 36 Figure 5 Web Configurator Status Screen ...
Page 20 List of Figures Figure 39 Network > Wireless LAN > General: WPA/WPA2 ... 84 Figure 40 Network > Wireless LAN > MAC Filter ... 86 Figure 41 Network > Wireless LAN > Advanced ... 87 Figure 42 Network > Wireless LAN > QoS ... 88 Figure 43 Network >...
Page 21 List of Figures Figure 82 Security > Content Filter > Filter ... 150 Figure 83 Security > Content Filter > Schedule ... 151 Figure 84 Example of Static Routing Topology ... 155 Figure 85 Management > Static Route > IP Static Route ... 156 Figure 86 Management >...
Page 22 List of Figures Figure 125 Maintenance > Config Mode > General ... 213 Figure 126 LAN and WAN IP Addresses in Router Mode ... 215 Figure 127 IP Address in AP Mode ... 216 Figure 128 Maintenance > Sys OP Mode > General ... 216 Figure 129 Maintenance >...
Page 23 List of Figures Figure 168 Peer-to-Peer Communication in an Ad-hoc Network ... 265 Figure 169 Basic Service Set ... 266 Figure 170 Infrastructure WLAN ... 267 Figure 171 RTS/CTS ... 268 Figure 172 WPA(2)-PSK Authentication ... 274 NBG334W User’s Guide...
Page 24 List of Figures NBG334W User’s Guide...
Page 25: List Of Tables
Table 1 Features Available in Router Mode vs. AP Mode ... 32 Table 2 Front Panel LEDs ... 33 Table 3 Status Screen Icon Key ... 38 Table 4 Web Configurator Status Screen Table 5 Screens Summary ... 41 Table 6 Summary: DHCP Table ... 44 Table 7 Summary: Packet Statistics ...
Page 26 List of Tables Table 39 Network > WAN > Internet Connection: PPTP Encapsulation ... 108 Table 40 WAN > Advanced ...110 Table 41 Network > LAN > IP ...114 Table 42 Network > LAN > IP Alias ...115 Table 43 Network > LAN > Advanced ...116 Table 44 Network >...
Page 27 List of Tables Table 82 Packet Filter Logs ... 199 Table 83 ICMP Logs ... 199 Table 84 CDR Logs ... 200 Table 85 PPP Logs ... 200 Table 86 UPnP Logs ... 200 Table 87 Content Filtering Logs ... 200 Table 88 Attack Logs ...
Page 28 List of Tables NBG334W User’s Guide...
Page 29: Introduction
Introduction Getting to Know Your NBG334W (31) Introducing the Web Configurator (35) Connection Wizard (47) AP Mode (63)
Page 31: Getting To Know Your Nbg334W
H A P T E R Getting to Know Your NBG334W This chapter introduces the main features and applications of the NBG334W. 1.1 Overview The NBG334W acts as either an access point (AP) or a secure broadband router for all data passing between the Internet and your local network.
Page 32: Router Mode
Chapter 1 Getting to Know Your NBG334W 1.3 Router Mode Select Router Mode if you need to route traffic between your network and another network such as the Internet, and require important network services such as a firewall or bandwidth management.
Page 33: Ways To Manage The Nbg334W
1.5 Ways to Manage the NBG334W Use any of the following methods to manage the NBG334W. • Web Configurator. This is recommended for everyday management of the NBG334W using a (supported) web browser. • Command Line Interface. Line commands are mostly used for troubleshooting by service engineers.
Page 34 Chapter 1 Getting to Know Your NBG334W Table 2 Front Panel LEDs (continued) COLOR LAN 1-4 Green Amber Green Amber WLAN Green WPS (WiFi Protected Setup) automatically sets up security on your wireless network. This function is currently unavailable. STATUS DESCRIPTION The NBG334W has a successful 10MB Ethernet connection.
Page 35: Introducing The Web Configurator
H A P T E R This chapter describes how to access the NBG334W web configurator and provides an overview of its screens. 2.1 Web Configurator Overview The web configurator is an HTML-based management interface that allows easy setup and management of the NBG334W via Internet browser.
Page 36: Figure 4 Change Password Screen
Chapter 2 Introducing the Web Configurator 4 Type "1234" (default) as the password and click Login. In some versions, the default password appears automatically - if this is the case, click Login. 5 You should see a screen asking you to change your password (highly recommended) as shown next.
Page 37: Resetting The Nbg334W
2.3 Resetting the NBG334W If you forget your password or IP address, or you cannot access the web configurator, you will need to use the RESET button at the back of the NBG334W to reload the factory-default configuration file. This means that you will lose all configurations that you had previously saved, the password will be reset to “1234”...
Page 38: Figure 5 Web Configurator Status Screen
Chapter 2 Introducing the Web Configurator Figure 5 Web Configurator Status Screen The following table describes the icons shown in the Status screen. Table 3 Status Screen Icon Key ICON DESCRIPTION Select a language from the drop-down list box to have the web configurator display in that language.
Page 39: Table 4 Web Configurator Status Screen
Table 3 Status Screen Icon Key (continued) ICON DESCRIPTION Select a number of seconds or None from the drop-down list box to refresh all screen statistics automatically at the end of every time interval or to not refresh the screen statistics.
Page 40: Navigation Panel
Chapter 2 Introducing the Web Configurator Table 4 Web Configurator Status Screen (continued) LABEL DESCRIPTION System Status System Up Time This is the total time the NBG334W has been on. Current Date/Time This field displays your NBG334W’s present date and time. System Resource - CPU Usage This displays what percentage of the NBG334W’s processing ability is currently...
Page 41: Table 5 Screens Summary
The following table describes the sub-menus. Table 5 Screens Summary LINK Status Network Wireless General MAC Filter Advanced WPS Station Internet Connection Advanced IP Alias Advanced Guest WLAN General MAC Filter Bandwidth DHCP General Server Advanced Client List General Application Advanced DDNS General...
Page 42 Chapter 2 Introducing the Web Configurator Table 5 Screens Summary LINK Content Filter Filter Schedule Management Static Route IP Static Route Bandwidth General MGMT Advanced Monitor Remote MGMT Telnet UPnP General Maintenance System General Time Setting Logs View Log Log Settings Tools Firmware Configuration...
Page 43: Summary: Any Ip Table
2.5.2 Summary: Any IP Table This screen displays the IP address of each computer that is using the NBG334W via the any IP feature. Any IP allows computers to access the Internet through the NBG334W without changing their network settings when NAT is enabled. To access this screen, open the Status screen (see Section 2.5 on page Figure 6 Any IP Table...
Page 44: Summary: Packet Statistics
Chapter 2 Introducing the Web Configurator Figure 8 Summary: DHCP Table The following table describes the labels in this screen. Table 6 Summary: DHCP Table LABEL DESCRIPTION This is the index number of the host computer. IP Address This field displays the IP address relative to the # field listed above. Host Name This field displays the computer host name.
Page 45: Summary: Wireless Station Status
The following table describes the labels in this screen. Table 7 Summary: Packet Statistics LABEL DESCRIPTION Port This is the NBG334W’s port type. Status For the LAN ports, this displays the port speed and duplex setting or Down when the line is disconnected. For the WAN port, it displays the port speed and duplex setting if you’re using Ethernet encapsulation and Idle (line (ppp) idle), Dial (starting to trigger a call) and Drop (dropping a call) if you're using PPPoE or PPTP encapsulation.
Page 46: Table 8 Summary: Wireless Association List
Chapter 2 Introducing the Web Configurator The following table describes the labels in this screen. Table 8 Summary: Wireless Association List LABEL MAC Address Association Time Refresh DESCRIPTION This is the index number of an associated wireless station. This field displays the MAC address of an associated wireless station. This field displays the time a wireless station first associated with the NBG334W’s LAN or Guest WLAN network.
Page 47: Connection Wizard
H A P T E R This chapter provides information on the wizard setup screens in the web configurator. 3.1 Wizard Setup The web configurator’s wizard setup helps you configure your device to access the Internet. Refer to your ISP (Internet Service Provider) checklist in the Quick Start Guide to know what to enter in each field.
Page 48: Connection Wizard: Step 1: System Information
Chapter 3 Connection Wizard Figure 12 Select a Language 4 Read the on-screen information and click Next. Figure 13 Welcome to the Connection Wizard 3.2 Connection Wizard: STEP 1: System Information System Information contains administrative and system-related information. 3.2.1 System Name System Name is for identification purposes.
Page 49: Domain Name
3.2.2 Domain Name The Domain Name entry is what is propagated to the DHCP clients on the LAN. If you leave this blank, the domain name obtained by DHCP from the ISP is used. While you must enter the host name (System Name) on each individual computer, the domain name can be assigned from the NBG334W via DHCP.
Page 50: Figure 15 Wizard Step 2: Wireless Lan
Chapter 3 Connection Wizard Figure 15 Wizard Step 2: Wireless LAN The following table describes the labels in this screen. Table 10 Wizard Step 2: Wireless LAN LABEL DESCRIPTION Name (SSID) Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless LAN.
Page 51: Basic (Wep) Security
3.3.1 Basic (WEP) Security Choose Basic (WEP) to setup WEP Encryption parameters. Figure 16 Wizard Step 2: Basic (WEP) Security The following table describes the labels in this screen. Table 11 Wizard Step 2: Basic (WEP) Security LABEL DESCRIPTION Passphrase Type a Passphrase (up to 32 printable characters) and click Generate.
Page 52: Extend (Wpa-Psk Or Wpa2-Psk) Security
Chapter 3 Connection Wizard Table 11 Wizard Step 2: Basic (WEP) Security LABEL DESCRIPTION Next Click Next to proceed to the next screen. Exit Click Exit to close the wizard screen without saving. 3.3.2 Extend (WPA-PSK or WPA2-PSK) Security Choose Extend (WPA-PSK) or Extend (WPA2-PSK) security in the Wireless LAN setup screen to set up a Pre-Shared Key.
Page 53: Ethernet Connection
Figure 18 Wizard Step 3: ISP Parameters. The following table describes the labels in this screen, Table 13 Wizard Step 3: ISP Parameters CONNECTION TYPE Ethernet PPPoE PPTP 3.4.1 Ethernet Connection Choose Ethernet when the WAN port is used as a regular Ethernet. Figure 19 Wizard Step 3: Ethernet Connection 3.4.2 PPPoE Connection Point-to-Point Protocol over Ethernet (PPPoE) functions as a dial-up connection.
Page 54: Pptp Connection
Chapter 3 Connection Wizard One of the benefits of PPPoE is the ability to let end users access one of multiple network services, a function known as dynamic service selection. This enables the service provider to easily create and offer new IP services for specific users. Operationally, PPPoE saves significant effort for both the subscriber and the ISP/carrier, as it requires no specific configuration of the broadband modem at the subscriber’s site.
Page 55: Figure 21 Wizard Step 3: Pptp Connection
The NBG334W supports one PPTP server connection at any given time. Figure 21 Wizard Step 3: PPTP Connection The following table describes the fields in this screen Table 15 Wizard Step 3: PPTP Connection LABEL DESCRIPTION ISP Parameters for Internet Access Connection Type Select PPTP from the drop-down list box.
Page 56: Your Ip Address
Chapter 3 Connection Wizard Table 15 Wizard Step 3: PPTP Connection LABEL Next Exit 3.4.4 Your IP Address The following wizard screen allows you to assign a fixed IP address or give the NBG334W an automatically assigned IP address depending on your ISP. Figure 22 Wizard Step 3: Your IP Address The following table describes the labels in this screen Table 16 Wizard Step 3: Your IP Address...
Page 57: Ip Address And Subnet Mask
You can obtain your IP address from the IANA, from an ISP or have it assigned by a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks. On the other hand, if you are part of a much larger organization, you should consult your network administrator for the appropriate IP addresses.
Page 58: Wan Ip And Dns Server Address Assignment
Chapter 3 Connection Wizard 2 If the ISP did not give you DNS server information, leave the DNS Server fields set to 0.0.0.0 in the Wizard screen and/or set to From ISP in the WAN > Internet Connection screen for the ISP to dynamically assign the DNS server IP addresses. 3.4.8 WAN IP and DNS Server Address Assignment The following wizard screen allows you to assign a fixed WAN IP address and DNS server addresses.
Page 59: Wan Mac Address
3.4.9 WAN MAC Address Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. Table 19 Example of Network Properties for LAN Servers with Fixed IP Addresses Choose an IP address Subnet mask Gateway (or default route)
Page 60: Connection Wizard: Step 4: Bandwidth Management
Chapter 3 Connection Wizard 3.5 Connection Wizard: STEP 4: Bandwidth management Bandwidth management allows you to control the amount of bandwidth going out through the NBG334W’s WAN, LAN or WLAN port and prioritize the distribution of the bandwidth according to the traffic type. This helps keep one service from using all of the available bandwidth and shutting out other users.
Page 61: Figure 26 Connection Wizard Save
Chapter 3 Connection Wizard Figure 26 Connection Wizard Save Follow the on-screen instructions and click Finish to complete the wizard setup. Figure 27 Connection Wizard Complete Well done! You have successfully set up your NBG334W to operate on your network and access the Internet.
Page 62 Chapter 3 Connection Wizard NBG334W User’s Guide...
Page 63: Ap Mode
H A P T E R This chapter discusses how to configure settings while your NBG334W is set to AP Mode. Many screens that are available in Router Mode are not available in AP Mode. Chapter 6 on page 93 AP mode.
Page 64: The Status Screen In Ap Mode
Chapter 4 AP Mode Maintenance > Sys OP Mode > General Figure 29 3 A pop-up appears providing information on this mode. Click OK in the pop-up message window. (See Section 23.2 on page 216 Apply. Your NBG334W is now in AP Mode. You do not have to log in again or restart your device when you change modes.
Page 65: Table 22 Web Configurator Status Screen
The following table describes the labels shown in the Status screen. Table 22 Web Configurator Status Screen LABEL DESCRIPTION Device Information System Name This is the System Name you enter in the Maintenance > System > General screen. It is for identification purposes. Firmware Version This is the firmware version and the date created.
Page 66: Navigation Panel
Chapter 4 AP Mode Table 22 Web Configurator Status Screen (continued) LABEL DESCRIPTION Rate For the LAN ports, this displays the port speed and duplex setting or N/A when the line is disconnected. For the WLAN, it displays the maximum transmission rate when the WLAN is enabled and N/A when the WLAN is disabled.
Page 67: Configuring Your Settings
Table 23 Screens Summary LINK Wireless General MAC Filter Advanced WPS Station Maintenance System General Time Setting Logs View Log Log Settings Tools Firmware Configuration Restart Config Mode General Language 4.4 Configuring Your Settings 4.4.1 LAN Settings Use this section to configure your LAN settings while in AP Mode. Click Network >...
Page 68: Wlan And Maintenance Settings
Chapter 4 AP Mode Figure 32 Network > LAN > IP The table below describes the labels in the screen. Table 24 Network > LAN > IP LABEL DESCRIPTION Get form Select this option to allow the NBG334W to obtain an IP address from a DHCP DHCP Server server on the network.
Page 69 4 Type “cmd” in the dialog box. 5 Type “ipconfig” to show your computer’s IP address. If your computer’s IP address is not in the correct range then see your computer’s IP address. 6 After you’ve set your computer’s IP address, open a web browser such as Internet Explorer and type “192.168.1.1”...
Page 70 Chapter 4 AP Mode NBG334W User’s Guide...
Page 71: Network
Network Wireless LAN (73) Wireless Tutorial (93) WAN (101) LAN (111) Guest WLAN (117) DHCP (123) Network Address Translation (NAT) (129) Dynamic DNS (139)
Page 73: Wireless Lan
H A P T E R This chapter discusses how to configure the wireless network settings in your NBG334W. See the appendices for more detailed information about wireless networks. 5.1 Wireless Network Overview The following figure provides an example of a wireless network. Figure 33 Example of a Wireless Network The wireless network is the part in the blue circle.
Page 74: Setup Information
Chapter 5 Wireless LAN • Every wireless client in the same wireless network must use security compatible with the Security stops unauthorized devices from using the wireless network. It can also protect the information that is sent in the wireless network. Requirements To add a wireless LAN to your existing network, make sure you have the following: 1 an access point (AP) or a router with the wireless feature...
Page 75: Wireless Security Overview
• Preamble type (if available): auto, short or long To set up your wireless network without an AP or wireless router, make sure wireless network cards/adapters use the same following settings: • Network type: Ad-Hoc • SSID:_____________________ • Channel: _________________ •...
Page 76: User Authentication
Chapter 5 Wireless LAN 5.2.3 User Authentication You can make every user log in to the wireless network before they can use it. This is called user authentication. However, every wireless client in the wireless network has to support IEEE 802.1x to do this. For wireless networks, there are two typical places to store the user names and passwords for each user.
Page 77: Roaming
It is recommended that wireless networks use WPA-PSK, WPA, or stronger encryption. IEEE 802.1x and WEP encryption are better than none at all, but it is still possible for unauthorized devices to figure out the original information pretty quickly. It is not possible to use WPA-PSK, WPA or stronger encryption with a local user database.
Page 78: Requirements For Roaming
Chapter 5 Wireless LAN Figure 34 Roaming Example The steps below describe the roaming process. 1 Wireless station Y moves from the coverage area of access point AP 1 to that of access point AP 2. 2 Wireless station Y scans and detects the signal of access point AP 2. 3 Wireless station Y sends an association request to access point AP 2.
Page 79: Wmm Qos
5.4.1 WMM QoS WMM (Wi-Fi MultiMedia) QoS (Quality of Service) ensures quality of service in wireless networks. It controls WLAN transmission priority on packets to be transmitted over the wireless network. WMM QoS prioritizes wireless traffic according to delivery requirements. WMM QoS is a part of the IEEE 802.11e QoS enhancement to certified Wi-Fi wireless networks.
Page 80: Figure 35 Network > Wireless Lan > General
Chapter 5 Wireless LAN Figure 35 Network > Wireless LAN > General The following table describes the general wireless LAN labels in this screen. Table 27 Network > Wireless LAN > General LABEL DESCRIPTION Enable Click the check box to activate wireless LAN. Wireless LAN Name(SSID) (Service Set IDentity) The SSID identifies the Service Set with which a wireless...
Page 81: No Security
5.5.1 No Security Select No Security to allow wireless stations to communicate with the access points without any data encryption. If you do not enable any wireless security on your NBG334W, your network is accessible to any wireless networking device that is within range. Figure 36 Network >...
Page 82: Figure 37 Network > Wireless Lan > General: Static Wep
Chapter 5 Wireless LAN Figure 37 Network > Wireless LAN > General: Static WEP The following table describes the wireless LAN security labels in this screen. Table 29 Network > Wireless LAN > General: Static WEP LABEL DESCRIPTION Passphrase Enter a passphrase (password phrase) of up to 32 printable characters and click Generate.
Page 83: Wpa-Psk/Wpa2-Psk
5.5.3 WPA-PSK/WPA2-PSK Click Network > Wireless LAN to display the General screen. Select WPA-PSK or WPA2- PSK from the Security Mode list. Figure 38 Network > Wireless LAN > General: WPA-PSK/WPA2-PSK The following table describes the labels in this screen. Table 30 Network >...
Page 84: Wpa/Wpa2
Chapter 5 Wireless LAN Table 30 Network > Wireless LAN > General: WPA-PSK/WPA2-PSK LABEL DESCRIPTION Group Key The Group Key Update Timer is the rate at which the AP (if using WPA-PSK/ Update Timer WPA2-PSK key management) or RADIUS server (if using WPA/WPA2 key management) sends a new group key out to all clients.
Page 85: Table 31 Network > Wireless Lan > General: Wpa/Wpa2
The following table describes the labels in this screen. Table 31 Network > Wireless LAN > General: WPA/WPA2 LABEL DESCRIPTION WPA Compatible This check box is available only when you select WPA2-PSK or WPA2 in the Security Mode field. Select the check box to have both WPA2 and WPA wireless clients be able to communicate with the NBG334W even when the NBG334W is using WPA2-PSK or WPA2.
Page 86: Mac Filter
Chapter 5 Wireless LAN 5.6 MAC Filter The MAC filter screen allows you to configure the NBG334W to give exclusive access to up to 32 devices (Allow) or exclude up to 32 devices from accessing the NBG334W (Deny). Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02.
Page 87: Figure 41 Network > Wireless Lan > Advanced
Figure 41 Network > Wireless LAN > Advanced The following table describes the labels in this screen. Table 33 Network > Wireless LAN > Advanced LABEL DESCRIPTION Roaming Configuration Enable Select this option if your network environment has multiple APs and you want your Roaming wireless device to be able to access the network as you move between wireless networks.
Page 88: Quality Of Service (Qos) Screen
Chapter 5 Wireless LAN Table 33 Network > Wireless LAN > Advanced LABEL DESCRIPTION Apply Click Apply to save your changes back to the NBG334W. Reset Click Reset to reload the previous configuration for this screen. 5.8 Quality of Service (QoS) Screen The QoS screen allows you to automatically give a service (such as e-mail, VoIP or FTP) a priority level.
Page 89: Application Priority Configuration
Table 34 Network > Wireless LAN > QoS (continued) LABEL Priority Modify Apply 5.8.1 Application Priority Configuration Use this screen to edit a WMM QoS application entry. Click the edit icon under Modify. The following screen displays. Figure 43 Network > Wireless LAN > QoS: Application Priority Configuration Appendix F on page 277 following table describes the fields in this screen.
Page 90: Wifi Protected Setup
Chapter 5 Wireless LAN Network > Wireless LAN > QoS: Application Priority Configuration (continued) LABEL Service Dest Port Priority Apply Cancel 5.9 WiFi Protected Setup WiFi Protected Setup (WPS) is an industry standard specification, defined by the WiFi Alliance. WPS allows you to quickly set up a wireless network with strong security, without having to configure security settings manually.
Page 91: Wps Station Screen
Figure 44 WPS The following table describes the labels in this screen. Table 35 WPS LABEL DESCRIPTION WPS Setup Enable Select this to enable the WPS feature. PIN Number This displays a PIN number last time system generated. Click Generate to generate a new PIN number.
Page 92: Figure 45 Wps Station
Chapter 5 Wireless LAN Figure 45 WPS Station The following table describes the labels in this screen. Table 36 WPS Station LABEL DESCRIPTION Push Button Use this button when you use the PBC (Push Button Configuration) method to configure wireless stations’s wireless settings. See Click this to start WPS-aware wireless station scanning and the wireless security information synchronization.
Page 93: Wireless Tutorial
H A P T E R 6.1 How to Connect to the Internet from an AP This section gives you an example of how to set up an access point (AP) and wireless client (a notebook (B), in this example) for wireless communication. B can access the Internet through the AP wirelessly.
Page 94: Push Button Configuration (Pbc)
Chapter 6 Wireless Tutorial 6.2.1 Push Button Configuration (PBC) 1 Make sure that your NBG334W is turned on and that it is within range of your computer. 2 Make sure that you have installed the wireless client (this example uses the NWD210N) driver and utility in your notebook.
Page 95: Pin Configuration
Figure 47 Example WPS Process: PBC Method Wireless Client 6.2.2 PIN Configuration When you use the PIN configuration method, you need to use both NBG334W’s configuration interface and the client’s utilities. 1 Launch your wireless client’s configuration utility. go to the WPS settings and select the PIN method to get a PIN number.
Page 96: Enable And Configure Wireless Security Without Wps On Your Nbg334W
Chapter 6 Wireless Tutorial Figure 48 Example WPS Process: PIN Method Wireless Client 6.3 Enable and Configure Wireless Security without WPS on your NBG334W This example shows you how to cofnigure wireless security settings with the following parameters on your NBG334W. SSID WITHIN 2 MINUTES Authentication by PIN...
Page 97: Figure 49 Network > Wireless Lan > General
Channel Security WPA-PSK (Pre-Shared Key: ThisismyWPA-PSKpre-sharedkey) Follow the steps below to configure the wireless settings on your NBG334W. The instructions require that your hardware is connected (see the Quick Start Guide) and you are logged into the web configurator through your LAN connection (see 35).
Page 98: Configure Your Notebook
Chapter 6 Wireless Tutorial Figure 50 Status: AP Mode 6.4 Configure Your Notebook We use the ZyXEL M-302 wireless adapter utility screens as an example for the wireless client. The screens may vary for different models. 1 The NBG334W supports IEEE 802.11b and IEEE 802.11g wireless clients. Make sure that your notebook or computer’s wireless adapter supports one of these standards.
Page 99: Figure 51 Connecting A Wireless Client To A Wireless Network T
Figure 51 Connecting a Wireless Client to a Wireless Network t 5 Select WPA-PSK and type the security key in the following screen. Click Next. Figure 52 Security Settings 6 The Confirm Save window appears. Check your settings and click Save to continue. Figure 53 Confirm Save 7 Check the status of your wireless connection in the screen below.
Page 100: Figure 54 Link Status
Chapter 6 Wireless Tutorial Figure 54 Link Status 8 If your connection is successful, open your Internet browser and enter http:// www.zyxel.com or the URL of any other web site in the address bar. If you are able to access the web site, your wireless connection is successfully configured. NBG334W User’s Guide...
Page 101: Wan
H A P T E R This chapter describes how to configure WAN settings. 7.1 WAN Overview See the chapter about the connection wizard for more information on the fields in the WAN screens. 7.2 WAN MAC Address The MAC address screen allows users to configure the WAN port's MAC address by either using the factory default or cloning the MAC address from a computer on your LAN.
Page 102: Internet Connection
Chapter 7 WAN The NBG334W supports both IGMP version 1 (IGMP-v1) and IGMP version 2 (IGMP-v2). At start up, the NBG334W queries all directly connected networks to gather group membership. After that, the NBG334W periodically updates this information. IP multicasting can be enabled/disabled on the NBG334W LAN and/or WAN interfaces in the web configurator (LAN;...
Page 103: Pppoe Encapsulation
The following table describes the labels in this screen. Table 37 Network > WAN > Internet Connection: Ethernet Encapsulation LABEL DESCRIPTION Encapsulation You must choose the Ethernet option when the WAN port is used as a regular Ethernet. Service Type Choose from Standard, RR-Telstra (RoadRunner Telstra authentication method), RR-Manager (Roadrunner Manager authentication method), RR-Toshiba (Roadrunner Toshiba authentication method) or Telia Login.
Page 104: Figure 56 Network > Wan > Internet Connection: Pppoe Encapsulation
Chapter 7 WAN For the service provider, PPPoE offers an access and authentication method that works with existing access control systems (for example Radius). One of the benefits of PPPoE is the ability to let you access one of multiple network services, a function known as dynamic service selection.
Page 105: Table 38 Network > Wan > Internet Connection: Pppoe Encapsulation
The following table describes the labels in this screen. Table 38 Network > WAN > Internet Connection: PPPoE Encapsulation LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation The PPP over Ethernet choice is for a dial-up connection using PPPoE. The NBG334W supports PPPoE (Point-to-Point Protocol over Ethernet).
Page 106: Pptp Encapsulation
Chapter 7 WAN Table 38 Network > WAN > Internet Connection: PPPoE Encapsulation LABEL DESCRIPTION Clone the Select Clone the computer's MAC address - IP Address and enter the IP computer’s MAC address of the computer on the LAN whose MAC you are cloning. Once it is address successfully configured, the address will be copied to the rom file (ZyNOS configuration file).
Page 107: Figure 57 Network > Wan > Internet Connection: Pptp Encapsulation
Chapter 7 WAN Figure 57 Network > WAN > Internet Connection: PPTP Encapsulation NBG334W User’s Guide...
Page 108: Table 39 Network > Wan > Internet Connection: Pptp Encapsulation
Chapter 7 WAN The following table describes the labels in this screen. Table 39 Network > WAN > Internet Connection: PPTP Encapsulation LABEL ISP Parameters for Internet Access Encapsulation User Name Password Retype to Confirm Nailed-up Connection Idle Timeout PPTP Configuration Get automatically from Use Fixed IP Address My IP Address...
Page 109: Advanced Wan Screen
Table 39 Network > WAN > Internet Connection: PPTP Encapsulation LABEL First DNS Server Second DNS Server Third DNS Server WAN MAC Address Factory default Clone the computer’s MAC address Set WAN MAC Address Apply Reset 7.5 Advanced WAN Screen To change your NBG334W’s advanced WAN settings, click Network >...
Page 110: Table 40 Wan > Advanced
Chapter 7 WAN The following table describes the labels in this screen. Table 40 WAN > Advanced LABEL Multicast Setup Multicast Windows Networking (NetBIOS over TCP/IP): NetBIOS (Network Basic Input/Output System) are TCP or UDP broadcast packets that enable a computer to connect to and communicate with a LAN. For some dial-up services such as PPPoE or PPTP, NetBIOS packets cause unwanted calls.
Page 111: Lan
H A P T E R This chapter describes how to configure LAN settings. 8.1 LAN Overview A Local Area Network (LAN) is a shared communication system to which many computers are attached. A LAN is a computer network limited to the immediate area, usually the same building or floor of a building.
Page 112: Ip Address And Subnet Mask
Chapter 8 LAN 8.2.2 IP Address and Subnet Mask Refer to the IP address and subnet mask section in the Connection Wizard chapter for this information. 8.2.3 Multicast Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everybody on the network).
Page 113: Figure 59 Any Ip Example
Figure 59 Any IP Example The Any IP feature does not apply to a computer using either a dynamic IP address or a static IP address that is in the same subnet as the NBG334W’s IP address. You must enable NAT to use the Any IP feature on the NBG334W. Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network.
Page 114: Lan Ip Screen
Chapter 8 LAN 8.3 LAN IP Screen Use this screen to change your basic LAN settings. Click Network > LAN. Figure 60 Network > LAN > IP The following table describes the labels in this screen. Table 41 Network > LAN > IP LABEL LAN TCP/IP IP Address...
Page 115: Advanced Lan Screen
Network > LAN > IP Alias Figure 61 The following table describes the labels in this screen. Table 42 Network > LAN > IP Alias LABEL DESCRIPTION IP Alias 1,2 Select the check box to configure another LAN network for the NBG334W. IP Address Enter the IP address of your NBG334W in dotted decimal notation.
Page 116: Table 43 Network > Lan > Advanced
Chapter 8 LAN The following table describes the labels in this screen. Table 43 Network > LAN > Advanced LABEL Multicast Any IP Setup Active Windows Networking (NetBIOS over TCP/IP): NetBIOS (Network Basic Input/Output System) are TCP or UDP broadcast packets that enable a computer to connect to and communicate with a LAN. For some dial-up services such as PPPoE or PPTP, NetBIOS packets cause unwanted calls.
Page 117: Guest Wlan
H A P T E R Guest WLAN allows you to set up a wireless network where users can access to Internet via the NBG334W (Z), but not other networks connected to the Z. In the following figure, a guest user can access the Internet from the guest wireless network A via Z but not the home or company network N.
Page 118: General Guest Wlan Screen
Chapter 9 Guest WLAN 9.1 General Guest WLAN Screen Click Network > Guest WLAN to open the General screen. Figure 64 Network > Guest WLAN > General The following table describes the general wireless LAN labels in this screen. Table 44 Network > Guest WLAN > General LABEL DESCRIPTION Enable Guest...
Page 119: Guest Wlan Ip Screen
To change your NBG334W’s MAC filter settings for guest wireless network, click Network > Guest WLAN > MAC Filter. The screen appears as shown. Figure 65 Network > Guest WLAN > MAC Filter The following table describes the labels in this menu. Table 45 Network >...
Page 120: Guest Wlan Bandwidth Screen
Chapter 9 Guest WLAN Figure 66 Network > Guest WLAN > IP The following table describes the labels in this screen. Table 46 Network > Guest WLAN > IP LABEL DESCRIPTION IP Address Type an IP address for the devices on the Guest WLAN using this as the gateway IP address.
Page 121: Figure 68 Network > Guest Wlan > Bandwidth
Click Network > Guest WLAN > Bandwidth. The following screen appears. Figure 68 Network > Guest WLAN > Bandwidth The following table describes the labels in this screen. Table 47 Network > Guest WLAN > Bandwidth LABEL Enable Bandwidth Management for Guest WLAN Priority Maximum Bandwidth...
Page 122 Chapter 9 Guest WLAN NBG334W User’s Guide...
Page 123: Dhcp
H A P T E R 10.1 DHCP DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server. You can configure the NBG334W’s LAN and/or Guest WLAN as DHCP server(s) or disable them. When configured as a server, the NBG334W provides the TCP/IP configuration for the clients.
Page 124: Dhcp Server Advanced Screen
Chapter 10 DHCP The following table describes the labels in this screen. Table 48 Network > DHCP Server > General LABEL LAN DHCP Setup Enable DHCP Server IP Pool Starting Address Pool Size Apply Reset 10.3 DHCP Server Advanced Screen This screen allows you to assign IP addresses on the LAN or Guest WLAN to specific individual computers based on their MAC addresses.
Page 125: Figure 70 Network > Dhcp Server > Advanced
Figure 70 Network > DHCP Server > Advanced The following table describes the labels in this screen. Table 49 Network > DHCP Server > Advanced LABEL DESCRIPTION Interface Interface Selection Select LAN or Guest WLAN for the settings in this screen. LAN Static DHCP Table / Guest WAN Static DHCP Table...
Page 126: Client List Screen
Chapter 10 DHCP Table 49 Network > DHCP Server > Advanced LABEL First DNS Server Second DNS Server Third DNS Server Apply Reset 10.4 Client List Screen The DHCP table shows current DHCP client information (including IP Address, Host Name and MAC Address) of LAN or Guest WLAN network clients using the NBG334W’s DHCP servers.
Page 127: Figure 71 Network > Dhcp Server > Client List
Figure 71 Network > DHCP Server > Client List The following table describes the labels in this screen. Table 50 Network > DHCP Server > Client List LABEL IP Address Host Name MAC Address Reserve Apply Refresh NBG334W User’s Guide DESCRIPTION This is the index number of the host computer.
Page 128 Chapter 10 DHCP NBG334W User’s Guide...
Page 129: Network Address Translation (Nat)
H A P T E R Network Address Translation This chapter discusses how to configure NAT on the NBG334W. 11.1 NAT Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet. For example, the source address of an outgoing packet, used within one network is changed to a different IP address known within another network.
Page 130: Configuring Servers Behind Port Forwarding Example
Chapter 11 Network Address Translation (NAT) Many residential broadband ISP accounts do not allow you to run any server processes (such as a Web or FTP server) from your location. Your ISP may periodically check for servers and may suspend your account if it discovers any active services at your location.
Page 131: Nat Application Screen
The following table describes the labels in this screen. Table 51 Network > NAT > General LABEL DESCRIPTION Enable Network Network Address Translation (NAT) allows the translation of an Internet protocol Address address used within one network (for example a private IP address used in a local Translation network) to a different IP address known within another network (for example a public IP address used on the Internet).
Page 132: Figure 74 Network > Nat > Application
Chapter 11 Network Address Translation (NAT) Figure 74 Network > NAT > Application The following table describes the labels in this screen. Table 52 NAT Application LABEL Game List Update A game list includes the pre-defined service name(s) and port number(s). You can File Path Browse...
Page 133: Game List Example
Table 52 NAT Application (continued) LABEL DESCRIPTION Port Type a port number(s) to be forwarded. To specify a range of ports, enter a hyphen (-) between the first port and the last port, such as 10-20. To specify two or more non-consecutive port numbers, separate them by a comma without spaces, such as 123,567.
Page 134: Trigger Port Forwarding
Chapter 11 Network Address Translation (NAT) Figure 75 Game List Example version=1 1;name=Battlefield 1942;port=14567,22000,23000-23009,27900,28900 2;name=Call of Duty;port=28960 3;name=Civilization IV;port=2056 4;name=Diablo I and II;port=6112-6119,4000 5;name=Doom 3;port=27666 6;name=F.E.A.R;port=27888 7;name=Final Fantasy XI;port=25,80,110,443,50000-65535 8;name=Guild Wars;port=6112,80 9;name=Half Life;port=6003,7002,27005,27010,27011,27015 10;name=Jedi Knight III: Jedi Academy;port=28060-28062,28070-28081 11;name=Need for Speed: Hot Pursuit 2;port=1230,8511- 8512,27900,28900,61200-61230 12;name=Neverwinter Nights;port=5120-5300,6500,27900,28900 13;name=Quake 2;port=27910...
Page 135: Two Points To Remember About Trigger Ports
Figure 76 Trigger Port Forwarding Process: Example 1 Jane requests a file from the Real Audio server (port 7070). 2 Port 7070 is a “trigger” port and causes the NBG334W to record Jane’s computer IP address. The NBG334W associates Jane's computer IP address with the "incoming" port range of 6970-7170.
Page 136: Figure 77 Network > Nat > Advanced
Chapter 11 Network Address Translation (NAT) Figure 77 Network > NAT > Advanced The following table describes the labels in this screen. Table 53 Network > NAT > Advanced LABEL Max NAT/Firewall Session Per User Port Triggering Rules Name DESCRIPTION Type a number ranging from 1 to 2048 to limit the number of NAT/firewall sessions that a host can create.
Page 137 Table 53 Network > NAT > Advanced LABEL DESCRIPTION Incoming Incoming is a port (or a range of ports) that a server on the WAN uses when it sends out a particular service. The NBG334W forwards the traffic with this port (or range of ports) to the client computer on the LAN that requested the service.
Page 138 Chapter 11 Network Address Translation (NAT) NBG334W User’s Guide...
Page 139: Dynamic Dns
H A P T E R 12.1 Dynamic DNS Introduction Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect.
Page 140: Figure 78 Dynamic Dns
Chapter 12 Dynamic DNS Figure 78 Dynamic DNS The following table describes the labels in this screen. Table 54 Dynamic DNS LABEL Enable Dynamic DNS Service Provider Dynamic DNS Type Host Name User Name Password Enable Wildcard Option Enable off line option IP Address Update Policy: Use WAN IP Address Dynamic DNS server...
Page 141: Security
Security Firewall (143) Content Filtering (149)
Page 143: Firewall
H A P T E R This chapter gives some background information on firewalls and explains how to get started with the NBG334W’s firewall. 13.1 Introduction to ZyXEL’s Firewall 13.1.1 What is a Firewall? Originally, the term “firewall” referred to a construction technique designed to prevent the spread of fire from one room to another.
Page 144: Guidelines For Enhancing Security With Your Firewall
Chapter 13 Firewall The NBG334W is installed between the LAN and a broadband modem connecting to the Internet. This allows it to act as a secure gateway for all data passing between the Internet and the LAN. The NBG334W has one Ethernet WAN port and four Ethernet LAN ports, which are used to physically separate the network into two areas.The WAN (Wide Area Network) port attaches to the broadband (cable or DSL) modem to the Internet.
Page 145: General Firewall Screen
1 A computer on the LAN initiates a connection by sending a SYN packet to a receiving server on the WAN. 2 The NBG334W reroutes the packet to Gateway A, which is in Subnet 2. 3 The reply from the WAN goes to the NBG334W. 4 The NBG334W then sends it to the computer on the LAN in Subnet 1.
Page 146: Services Screen
Chapter 13 Firewall The following table describes the labels in this screen. Table 55 Security > Firewall > General LABEL Enable Firewall Packet Direction Apply Reset 13.4 Services Screen Click Security > Firewall > Services. The screen appears as shown next. If an outside user attempts to probe an unsupported port on your NBG334W, an ICMP response packet is automatically returned.
Page 147: Table 56 Security > Firewall > Services
The following table describes the labels in this screen. Table 56 Security > Firewall > Services LABEL DESCRIPTION ICMP Internet Control Message Protocol is a message control and error-reporting protocol between a host server and a gateway to the Internet. ICMP uses Internet Protocol (IP) datagrams, but the messages are processed by the TCP/IP software and directly apparent to the application user.
Page 148 Chapter 13 Firewall Table 56 Security > Firewall > Services LABEL Misc setting Bypass Triangle Route Max NAT/Firewall Session Per User Apply Reset DESCRIPTION Select this check box to have the NBG334W firewall ignore the use of triangle route topology on the network. Type a number ranging from 1 to 2048 to limit the number of NAT/firewall sessions that a host can create.
Page 149: Content Filtering
H A P T E R This chapter provides a brief overview of content filtering using the embedded web GUI. 14.1 Introduction to Content Filtering Internet content filtering allows you to create and enforce Internet access policies tailored to your needs. Content filtering is the ability to block certain web features or specific URL keywords.
Page 150: Figure 82 Security > Content Filter > Filter
Chapter 14 Content Filtering Figure 82 Security > Content Filter > Filter The following table describes the labels in this screen. Table 57 Security > Content Filter > Filter LABEL Trusted Computer IP Address Restrict Web Features ActiveX Java Cookies Web Proxy Keyword Blocking Enable URL...
Page 151: Schedule
Table 57 Security > Content Filter > Filter LABEL DESCRIPTION Keyword Type a keyword in this field. You may use any character (up to 64 characters). Wildcards are not allowed. You can also enter a numerical IP address. Keyword List This list displays the keywords already added.
Page 152: Customizing Keyword Blocking Url Checking
Chapter 14 Content Filtering Table 58 Security > Content Filter > Schedule LABEL Apply Reset 14.6 Customizing Keyword Blocking URL Checking You can use commands to set how much of a website’s URL the content filter is to check for keyword blocking.
Page 153: Management
Management Static Route Screens (155) Bandwidth Management (159) Remote Management (169) Universal Plug-and-Play (UPnP) (175)
Page 155: Static Route Screens
H A P T E R This chapter shows you how to configure static routes for your NBG334W. 15.1 Static Route Overview Each remote node specifies only the network to which the gateway is directly connected, and the NBG334W has no knowledge of the networks beyond. For instance, the NBG334W knows about network N2 in the following figure through remote node router R1.
Page 156: Static Route Setup Screen
Chapter 15 Static Route Screens Figure 85 Management > Static Route > IP Static Route The following table describes the labels in this screen. Table 59 Management > Static Route > IP Static Route LABEL Name Active Destination Gateway Modify 15.2.1 Static Route Setup Screen To edit a static route, click the edit icon under Modify.
Page 157: Figure 86 Management > Static Route > Ip Static Route: Static Route Setup
Figure 86 Management > Static Route > IP Static Route: Static Route Setup The following table describes the labels in this screen. Table 60 Management > Static Route > IP Static Route: Static Route Setup LABEL DESCRIPTION Route Name Enter the name of the IP static route. Leave this field blank to delete this static route.
Page 158 Chapter 15 Static Route Screens NBG334W User’s Guide...
Page 159: Bandwidth Management
H A P T E R Bandwidth Management This chapter contains information about configuring bandwidth management, editing rules and viewing the NBG334W’s bandwidth management logs. 16.1 Bandwidth Management Overview ZyXEL’s Bandwidth Management allows you to specify bandwidth management rules based on an application and/or subnet.
Page 160: Application And Subnet-Based Bandwidth Management
Chapter 16 Bandwidth Management The following figure shows LAN subnets. You could configure one bandwidth class for subnet A and another for subnet B. Figure 87 Subnet-based Bandwidth Management Example 16.4 Application and Subnet-based Bandwidth Management You could also create bandwidth classes based on a combination of a subnet and an application.
Page 161: Predefined Bandwidth Management Services
Table 62 Bandwidth Management Priorities PRIORITY LEVELS: TRAFFIC WITH A HIGHER PRIORITY GETS THROUGH FASTER WHILE TRAFFIC WITH A LOWER PRIORITY IS DROPPED IF THE NETWORK IS CONGESTED. 16.6 Predefined Bandwidth Management Services The following is a description of the services that you can select and to which you can apply media bandwidth management using the wizard screens.
Page 162: Services And Port Numbers
Chapter 16 Bandwidth Management 16.6.1 Services and Port Numbers The commonly used services and port numbers are shown in the following table. Please refer to RFC 1700 for further information about port numbers. Next to the name of the service, two fields appear in brackets.
Page 163: Table 64 Commonly Used Services
Table 64 Commonly Used Services SERVICE AIM/New-ICQ(TCP:5190) AUTH(TCP:113) BGP(TCP:179) BOOTP_CLIENT(UDP:68) BOOTP_SERVER(UDP:67) CU-SEEME(TCP/UDP:7648, 24032) DNS(UDP/TCP:53) FINGER(TCP:79) FTP(TCP:20.21) H.323(TCP:1720) HTTP(TCP:80) HTTPS(TCP:443) ICQ(UDP:4000) IKE(UDP:500) IPSEC_TUNNEL(AH:0) IPSEC_TUNNEL(ESP:0) IRC(TCP/UDP:6667) MSN Messenger(TCP:1863) MULTICAST(IGMP:0) NEW-ICQ(TCP:5190) NEWS(TCP:144) NFS(UDP:2049) NNTP(TCP:119) PING(ICMP:0) POP3(TCP:110) PPTP(TCP:1723) PPTP_TUNNEL(GRE:0) RCMD(TCP:512) REAL_AUDIO(TCP:7070) NBG334W User’s Guide Chapter 16 Bandwidth Management DESCRIPTION AOL’s Internet Messenger service, used as a listening port by ICQ.
Page 164: Default Bandwidth Management Classes And Priorities
Chapter 16 Bandwidth Management Table 64 Commonly Used Services SERVICE REXEC(TCP:514) RLOGIN(TCP:513) RTELNET(TCP:107) RTSP(TCP/UDP:554) SFTP(TCP:115) SMTP(TCP:25) SNMP(TCP/UDP:161) SNMP-TRAPS(TCP/UDP:162) SQL-NET(TCP:1521) SSH(TCP/UDP:22) STRM WORKS(UDP:1558) SYSLOG(UDP:514) TACACS(UDP:49) TELNET(TCP:23) TFTP(UDP:69) VDOLIVE(TCP:7000) 16.7 Default Bandwidth Management Classes and Priorities If you enable bandwidth management but do not configure a rule for critical traffic like VoIP, the voice traffic may then get delayed due to insufficient bandwidth.
Page 165: Bandwidth Management General Configuration
Table 65 Bandwidth Management Priority with Default Classes CLASS TYPE AutoClass_M User-defined with low priority Default Class 16.8 Bandwidth Management General Configuration Click Management > Bandwidth MGMT to open the bandwidth management General screen. Figure 88 Management > Bandwidth MGMT > General The following table describes the labels in this screen.
Page 166: Figure 89 Management > Bandwidth Mgmt > Advanced
Chapter 16 Bandwidth Management Figure 89 Management > Bandwidth MGMT > Advanced The following table describes the labels in this screen. Table 67 Management > Bandwidth MGMT > Advanced LABEL Check my upstream bandwidth Upstream Bandwidth (kbps) Application List Enable Service Priority Advanced Setting...
Page 167: Rule Configuration
Table 67 Management > Bandwidth MGMT > Advanced (continued) LABEL DESCRIPTION Enable Select this check box to have the NBG334W apply this bandwidth management rule. Direction Select To LAN to apply bandwidth management to traffic that the NBG334W forwards to the LAN. Select To WAN to apply bandwidth management to traffic that the NBG334W forwards to the WAN.
Page 168: Bandwidth Management Monitor
Chapter 16 Bandwidth Management Configuration LABEL BW Budget Destination Address Destination Subnet Netmask Destination Port Source Address Source Subnet Netmask Source Port Protocol Cancel 16.10 Bandwidth Management Monitor Click Management > Bandwidth MGMT > Monitor to open the bandwidth management Monitor screen.
Page 169: Remote Management
H A P T E R This chapter provides information on the Remote Management screens. 17.1 Remote Management Overview Remote management allows you to determine which services/protocols can access which NBG334W interface (if any) from which computers. When you configure remote management to allow management from the WAN, you still need to configure a firewall rule to allow access.
Page 170: Remote Management And Nat
Chapter 17 Remote Management 1 You have disabled that service in one of the remote management screens. 2 The IP address in the Secured Client IP Address field does not match the client IP address. If it does not match, the NBG334W will disconnect the session immediately. 3 There is already another remote management session with an equal or higher priority running.
Page 171: Telnet
LABEL DESCRIPTION Secured Client IP A secured client is a “trusted” computer that is allowed to communicate with the Address NBG334W using this service. Select All to allow any computer to access the NBG334W using this service. Choose Selected to just allow the computer with the IP address that you specify to access the NBG334W using this service.
Page 172: Ftp Screen
Chapter 17 Remote Management The following table describes the labels in this screen. Table 70 Management > Remote MGMT > Telnet LABEL DESCRIPTION Server Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management.
Page 173: Dns Screen
Table 71 Management > Remote MGMT > FTP LABEL DESCRIPTION Apply Click Apply to save your customized settings and exit this screen. Reset Click Reset to begin configuring this screen afresh. 17.6 DNS Screen Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa.
Page 174 Chapter 17 Remote Management NBG334W User’s Guide...
Page 175: Universal Plug-And-Play (Upnp)
H A P T E R Universal Plug-and-Play (UPnP) This chapter introduces the UPnP feature in the web configurator. 18.1 Introducing Universal Plug and Play Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices. A UPnP device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network.
Page 176: Upnp And Zyxel
Chapter 18 Universal Plug-and-Play (UPnP) When a UPnP device joins a network, it announces its presence with a multicast message. For security reasons, the NBG334W allows multicast messages on the LAN only. All UPnP-enabled devices may communicate freely with each other without additional configuration.
Page 177: Installing Upnp In Windows Example
Table 73 Management > UPnP > General LABEL Apply Cancel 18.4 Installing UPnP in Windows Example This section shows how to install UPnP in Windows Me and Windows XP. 18.4.0.1 Installing UPnP in Windows Me Follow the steps below to install the UPnP in Windows Me. 1 Click Start and Control Panel.
Page 178: Figure 99 Add/Remove Programs: Windows Setup: Communication: Components
Chapter 18 Universal Plug-and-Play (UPnP) Figure 99 Add/Remove Programs: Windows Setup: Communication: Components 4 Click OK to go back to the Add/Remove Programs Properties window and click Next. 5 Restart the computer when prompted. Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. 1 Click Start and Control Panel.
Page 179: Figure 101 Windows Optional Networking Components Wizard
Figure 101 Windows Optional Networking Components Wizard 5 In the Networking Services window, select the Universal Plug and Play check box. Figure 102 Networking Services 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. NBG334W User’s Guide Chapter 18 Universal Plug-and-Play (UPnP)
Page 180: Figure 103 Network Connections
Chapter 18 Universal Plug-and-Play (UPnP) 18.4.0.2 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the NBG334W. Make sure the computer is connected to a LAN port of the NBG334W.
Page 181: Figure 104 Internet Connection Properties
Chapter 18 Universal Plug-and-Play (UPnP) Figure 104 Internet Connection Properties 4 You may edit or delete the port mappings or click Add to manually add port mappings. NBG334W User’s Guide...
Page 182: Figure 105 Internet Connection Properties: Advanced Settings
Chapter 18 Universal Plug-and-Play (UPnP) Figure 105 Internet Connection Properties: Advanced Settings Figure 106 Internet Connection Properties: Advanced Settings: Add 5 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. 6 Select Show icon in notification area when connected option and click OK. An icon displays in the system tray.
Page 183: Figure 107 System Tray Icon
Figure 107 System Tray Icon 7 Double-click on the icon to display your current Internet connection status. Figure 108 Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the NBG334W without finding out the IP address of the NBG334W first.
Page 184: Figure 109 Network Connections
Chapter 18 Universal Plug-and-Play (UPnP) Figure 109 Network Connections 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click on the icon for your NBG334W and select Invoke. The web configurator login screen displays. NBG334W User’s Guide...
Page 185: Figure 110 Network Connections: My Network Places
Chapter 18 Universal Plug-and-Play (UPnP) Figure 110 Network Connections: My Network Places 6 Right-click on the icon for your NBG334W and select Properties. A properties window displays with basic information about the NBG334W. Figure 111 Network Connections: My Network Places: Properties: Example NBG334W User’s Guide...
Page 186 Chapter 18 Universal Plug-and-Play (UPnP) NBG334W User’s Guide...
Page 187: Maintenance And Troubleshooting
Maintenance and Troubleshooting System (189) Logs (193) Tools (207) Configuration Mode (213) Sys Op Mode (215) Language (219) Troubleshooting (221)
Page 189: System
H A P T E R This chapter provides information on the System screens. 19.1 System Overview See the chapter about wizard setup for more information on the next few screens. 19.2 System General Screen Click Maintenance > System. The following screen displays. Figure 112 Maintenance >...
Page 190: Time Setting Screen
Chapter 19 System Table 74 Maintenance > System > General LABEL Administrator Inactivity Timer Password Setup Old Password New Password Retype to Confirm Apply Reset 19.3 Time Setting Screen To change your NBG334W’s time and date, click Maintenance > System > Time Setting. The screen appears as shown.
Page 191: Table 75 Maintenance > System > Time Setting
The following table describes the labels in this screen. Table 75 Maintenance > System > Time Setting LABEL DESCRIPTION Current Time and Date Current Time This field displays the time of your NBG334W. Each time you reload this page, the NBG334W synchronizes the time with the time server.
Page 192 Chapter 19 System Table 75 Maintenance > System > Time Setting LABEL End Date Apply Reset DESCRIPTION Configure the day and time when Daylight Saving Time ends if you selected Daylight Savings. The o'clock field uses the 24 hour format. Here are a couple of examples: Daylight Saving Time ends in the United States on the last Sunday of October.
Page 193: Logs
H A P T E R This chapter contains information about configuring general log settings and viewing the NBG334W’s logs. Refer to the appendices for example log message explanations. 20.1 View Log The web configurator allows you to look at all of the NBG334W’s logs in one location. Click Maintenance >...
Page 194: Log Settings
Chapter 20 Logs The following table describes the labels in this screen. Table 76 Maintenance > Logs > View Log LABEL Display Email Log Now Refresh Clear Log Time Message Source Destination Note 20.2 Log Settings You can configure the NBG334W’s general log settings in one location. Click Maintenance >...
Page 195: Figure 115 Maintenance > Logs > Log Settings
Figure 115 Maintenance > Logs > Log Settings The following table describes the labels in this screen. Table 77 Maintenance > Logs > Log Settings LABEL DESCRIPTION E-mail Log Settings Mail Server Enter the server name or the IP address of the mail server for the e-mail addresses specified below.
Page 196 Chapter 20 Logs Table 77 Maintenance > Logs > Log Settings LABEL Send Alerts To SMTP Authentication User Name Password Log Schedule Day for Sending Log Use the drop down list box to select which day of the week to send the logs. Time for Sending Clear log after sending mail...
Page 197: Log Descriptions
20.3 Log Descriptions This section provides descriptions of example log messages. Table 78 System Maintenance Logs LOG MESSAGE Time calibration is successful Time calibration failed WAN interface gets IP:%s DHCP client IP expired DHCP server assigns%s Successful WEB login WEB login failed Successful TELNET login TELNET login failed Successful FTP login...
Page 198: Table 79 System Error Logs
Chapter 20 Logs Table 79 System Error Logs LOG MESSAGE %s exceeds the max. number of session per host! setNetBIOSFilter: calloc error readNetBIOSFilter: calloc error WAN connection is down. Table 80 Access Control Logs LOG MESSAGE Firewall default policy: [TCP | UDP | IGMP | ESP | GRE | OSPF] <Packet Direction>...
Page 199: Table 82 Packet Filter Logs
Table 81 TCP Reset Logs (continued) LOG MESSAGE Firewall session time out, sent TCP RST Exceed MAX incomplete, sent TCP RST Access block, sent TCP Table 82 Packet Filter Logs LOG MESSAGE [TCP | UDP | ICMP | IGMP | Generic] packet filter matched (set:%d, rule:%d) Table 83 ICMP Logs...
Page 200: Table 84 Cdr Logs
Chapter 20 Logs Table 84 CDR Logs LOG MESSAGE board%d line%d channel%d, call%d,%s C01 Outgoing Call dev=%x ch=%x%s board%d line%d channel%d, call%d,%s C02 OutCall Connected%d%s board%d line%d channel%d, call%d,%s C02 Call Terminated Table 85 PPP Logs LOG MESSAGE ppp:LCP Starting ppp:LCP Opening ppp:CHAP Opening ppp:IPCP...
Page 201: Table 88 Attack Logs
Table 87 Content Filtering Logs (continued) LOG MESSAGE %s: Proxy mode detected %s:%s %s(cache hit) %s:%s(cache hit) %s: Trusted Web site Waiting content filter server timeout DNS resolving failed Creating socket failed The NBG334W cannot issue a query because TCP/IP socket creation Connecting to content filter server fail License key is invalid The external content filtering license key is invalid.
Page 202: Table 89 Pki Logs
Chapter 20 Logs Table 88 Attack Logs (continued) LOG MESSAGE teardrop UDP teardrop ICMP (type:%d, code:%d) illegal command TCP NetBIOS TCP ip spoofing - no routing entry [TCP | UDP | IGMP | ESP | GRE | OSPF] ip spoofing - no routing entry ICMP (type:%d, code:%d) vulnerability ICMP...
Page 203: Table 90 802.1X Logs
Table 89 PKI Logs (continued) LOG MESSAGE Failed to decode the received ca cert Failed to decode the received user cert Failed to decode the received CRL Failed to decode the received ARL Rcvd data <size> too large! Max size allowed: <max size>...
Page 204: Table 91 Acl Setting Notes
Chapter 20 Logs Table 90 802.1X Logs (continued) LOG MESSAGE Local User Database does not support authentication method. No response from RADIUS. Pls check RADIUS Server. Use Local User Database to authenticate user. Use RADIUS to authenticate user. The RADIUS server is operating as the authentication No Server to authenticate user.
Page 205: Table 93 Syslog Logs
Table 92 ICMP Notes (continued) TYPE CODE DESCRIPTION Redirect datagrams for the Type of Service and Network Redirect datagrams for the Type of Service and Host Echo Echo message Time Exceeded Time to live exceeded in transit Fragment reassembly time exceeded Parameter Problem Pointer indicates the error Timestamp...
Page 206 Chapter 20 Logs Table 94 RFC-2408 ISAKMP Payload Types (continued) LOG DISPLAY NONCE NOTFY PAYLOAD TYPE Signature Nonce Notification Delete Vendor ID NBG334W User’s Guide...
Page 207: Tools
H A P T E R This chapter shows you how to upload a new firmware, upload or save backup configuration files and restart the NBG334W. 21.1 Firmware Upload Screen Find firmware at www.zyxel.com "*.bin" extension, e.g., “NBG334W.bin". The upload process uses HTTP (Hypertext Transfer Protocol) and may take up to two minutes.
Page 208: Configuration Screen
Chapter 21 Tools After you see the Firmware Upload In Process screen, wait two minutes before logging into the NBG334W again. Figure 117 Upload Warning The NBG334W automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 118 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen.
Page 209: Backup Configuration
Figure 120 Maintenance > Tools > Configuration 21.2.1 Backup Configuration Backup configuration allows you to back up (save) the NBG334W’s current configuration to a file on your computer. Once your NBG334W is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes.
Page 210: Back To Factory Defaults
Chapter 21 Tools Figure 121 Configuration Restore Successful The NBG334W automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 122 Temporarily Disconnected If you uploaded the default configuration file you may need to change the IP address of your computer to be in the same subnet as that of the default NBG334W IP address (192.168.1.1).
Page 211: Figure 124 Maintenance > Tools > Restart
Chapter 21 Tools Click Maintenance > Tools > Restart. Click Restart to have the NBG334W reboot. This does not affect the NBG334W's configuration. Figure 124 Maintenance > Tools > Restart NBG334W User’s Guide...
Page 212 Chapter 21 Tools NBG334W User’s Guide...
Page 213: Configuration Mode
H A P T E R Click Maintenance > Config Mode to open the following screen. This screen allows you to hide or display the advanced screens of some features or the advanced features, such as MAC filter or static route. Basic is selected by default and you cannot see the advanced screens or features.
Page 214: Table 98 Advanced Configuration Options
Chapter 22 Configuration Mode Table 98 Advanced Configuration Options CATEGORY Network Security Management Maintenance In AP Mode many screens will not be available. See more information. LINK Wireless LAN MAC Filter Advanced Advanced IP Alias Advanced DHCP Server Advanced Advanced Firewall Services Content Filter...
Page 215: Sys Op Mode
H A P T E R 23.1 Overview The Sys Op Mode (System Operation Mode) function lets you configure whether your NBG334W is a router or AP. You can choose between Router Mode and AP Mode depending on your network topology and the features you require from your device. See page 31 for more information on which mode to choose.
Page 216: Selecting System Operation Mode
Chapter 23 Sys Op Mode Figure 127 IP Address in AP Mode 23.2 Selecting System Operation Mode Use this screen to select how you connect to the Internet. Figure 128 Maintenance > Sys OP Mode > General If you select Router Mode, the following pop-up message window appears. Figure 129 Maintenance >...
Page 217: Figure 130 Maintenance > Sys Op Mode > General: Ap
Figure 130 Maintenance > Sys Op Mode > General: AP • In AP Mode all Ethernet ports have the same IP address. • All ports on the rear panel of the device are LAN ports, including the port labeled WAN. There is no WAN port.
Page 218 Chapter 23 Sys Op Mode NBG334W User’s Guide...
Page 219: Language
H A P T E R Use this screen to change the language for the web configurator display. 24.1 Language Screen Click the language you prefer. The web configurator language changes after a while without restarting the NBG334W. Figure 131 Language NBG334W User’s Guide Language...
Page 220 Chapter 24 Language NBG334W User’s Guide...
Page 221: Troubleshooting
H A P T E R This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • NBG334W Access and Login • Internet Access •...
Page 222: Nbg334W Access And Login
Chapter 25 Troubleshooting 25.2 NBG334W Access and Login I don’t know the IP address of my NBG334W. 1 The default IP address is 192.168.1.1. 2 If you changed the IP address and have forgotten it, you might get the IP address of the NBG334W by looking up the IP address of the default gateway for your computer.
Page 223 2 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide. 3 Make sure your Internet browser does not block pop-up windows and has JavaScripts and Java enabled. See 4 Make sure your computer is in the same subnet as the NBG334W. (If you know that there are routers between your computer and the NBG334W, skip this step.) •...
Page 224: Internet Access
Chapter 25 Troubleshooting See the troubleshooting suggestions for configurator. Ignore the suggestions about your browser. 25.3 Internet Access I cannot access the Internet. 1 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide. 2 Make sure you entered your ISP account information correctly in the wizard.
Page 225: Resetting The Nbg334W To Its Factory Defaults
interfering with the wireless network (for example, microwaves, other wireless networks, and so on). 3 Reboot the NBG334W. 4 If the problem continues, contact the network administrator or vendor, or try one of the advanced suggestions. Advanced Suggestions • Check the settings for bandwidth management. If it is disabled, you might consider activating it.
Page 226: Advanced Features
Chapter 25 Troubleshooting 4 Make sure your computer (with a wireless adapter installed) is within the transmission range of the NBG334W. 5 Check that both the NBG334W and your wireless station are using the same wireless and wireless security settings. 6 Make sure traffic between the WLAN and the LAN is not blocked by the firewall on the NBG334W.
Page 227: Appendices And Index
Appendices and Index Product Specifications and Wall-Mounting Instructions (229) Pop-up Windows, JavaScripts and Java Permissions (235) IP Addresses and Subnetting (241) Setting up Your Computer’s IP Address (249) Wireless LANs (265) Services (277) Legal Information (281) Customer Support (285) Index (291)
Page 229: Appendix A Product Specifications And Wall-Mounting Instructions
P P E N D I X Product Specifications and Wall- Mounting Instructions The following tables summarize the NBG334W’s hardware and firmware features. Table 100 Hardware Features Dimensions (W x D x H) Weight Power Specification Ethernet ports 4-5 Port Switch LEDs Reset Button Antenna...
Page 230 Appendix A Product Specifications and Wall-Mounting Instructions Table 101 Firmware Features FEATURE Default Password DHCP Pool Wireless Interface Default Wireless SSID Default Wireless IP Address Wireless LAN: Same as LAN (192.168.1.1) Default Wireless Subnet Mask Default Wireless DHCP Pool Size Device Management Wireless Functionality Firmware Upgrade...
Page 231: Table 102 Feature Specifications
Table 101 Firmware Features FEATURE Time and Date Port Forwarding DHCP (Dynamic Host Configuration Protocol) Dynamic DNS Support IP Multicast IP Alias Logging and Tracing PPPoE PPTP Encapsulation Universal Plug and Play (UPnP) Table 102 Feature Specifications FEATURE Number of Static Routes Number of Port Forwarding Rules Number of NAT Sessions Number of Address Mapping Rules...
Page 232 Appendix A Product Specifications and Wall-Mounting Instructions Table 103 Standards Supported (continued) STANDARD RFC 1631 RFC 1723 RFC 2236 RFC 2516 RFC 2766 IEEE 802.11 IEEE 802.11b IEEE 802.11g IEEE 802.11d IEEE 802.11x IEEE 802.11e QoS Microsoft PPTP MBM v2 Wall-mounting Instructions Do the following to hang your NBG334W on a wall.
Page 233: Figure 132 Wall-Mounting Example
4 Make sure the screws are snugly fastened to the wall. They need to hold the weight of the NBG334W with the connection cables. 5 Align the holes on the back of the NBG334W with the screws on the wall. Hang the NBG334W on the screws.
Page 234 Appendix A Product Specifications and Wall-Mounting Instructions NBG334W User’s Guide...
Page 235: Appendix B Pop-Up Windows, Javascripts And Java Permissions
P P E N D I X Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). Internet Explorer 6 screens are used here.
Page 236: Figure 135 Internet Options: Privacy
Appendix B Pop-up Windows, JavaScripts and Java Permissions 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 135 Internet Options: Privacy 3 Click Apply to save this setting. Enable pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps.
Page 237: Figure 136 Internet Options: Privacy
Figure 136 Internet Options: Privacy 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. 4 Click Add to move the IP address to the list of Allowed sites. Figure 137 Pop-up Blocker Settings NBG334W User’s Guide Appendix B Pop-up Windows, JavaScripts and Java Permissions...
Page 238: Figure 138 Internet Options: Security
Appendix B Pop-up Windows, JavaScripts and Java Permissions 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed.
Page 239: Figure 139 Security Settings - Java Scripting
Figure 139 Security Settings - Java Scripting Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected. 5 Click OK to close the window.
Page 240: Figure 141 Java (Sun)
Appendix B Pop-up Windows, JavaScripts and Java Permissions JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for <applet> under Java (Sun) is selected. 3 Click OK to close the window. Figure 141 Java (Sun) NBG334W User’s Guide...
Page 241: Appendix C Ip Addresses And Subnetting
P P E N D I X IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network.
Page 242: Figure 142 Network Number And Host Id
Appendix C IP Addresses and Subnetting Figure 142 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation).
Page 243: Table 105 Subnet Masks
Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks. Table 105 Subnet Masks BINARY OCTET 8-bit mask 11111111 16-bit mask 11111111 24-bit mask 11111111...
Page 244: Figure 143 Subnetting Example: Before Subnetting
Appendix C IP Addresses and Subnetting Table 107 Alternative Subnet Mask Notation (continued) SUBNET MASK 255.255.255.192 255.255.255.224 255.255.255.240 255.255.255.248 255.255.255.252 Subnetting You can use subnetting to divide one network into multiple sub-networks. In the following example a network administrator creates two sub-networks to isolate a group of servers from the rest of the company network for security reasons.
Page 245: Figure 144 Subnetting Example: After Subnetting
Figure 144 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 2 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address).
Page 246: Table 109 Subnet 2
Appendix C IP Addresses and Subnetting Table 109 Subnet 2 IP/SUBNET MASK IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address: 192.168.1.64 Broadcast Address: 192.168.1.127 Table 110 Subnet 3 IP/SUBNET MASK IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address: 192.168.1.128 Broadcast Address:...
Page 247: Table 113 24-Bit Network Number Subnet Planning
Table 112 Eight Subnets (continued) SUBNET SUBNET ADDRESS Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 113 24-bit Network Number Subnet Planning NO. “BORROWED” HOST BITS The following table is a summary for subnet planning on a network with a 16-bit network number.
Page 248: Configuring Ip Addresses
Appendix C IP Addresses and Subnetting Table 114 16-bit Network Number Subnet Planning (continued) NO. “BORROWED” HOST BITS Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
Page 249: Appendix D Setting Up Your Computer's Ip Address
P P E N D I X Setting up Your Computer’s IP All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your computer.
Page 250: Figure 145 Windows 95/98/Me: Network: Configuration
Appendix D Setting up Your Computer’s IP Address Figure 145 WIndows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add.
Page 251: Figure 146 Windows 95/98/Me: Tcp/Ip Properties: Ip Address
Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab. • If your IP address is dynamic, select Obtain an IP address automatically. • If you have a static IP address, select Specify an IP address and type your information into the IP Address and Subnet Mask fields.
Page 252: Figure 147 Windows 95/98/Me: Tcp/Ip Properties: Dns Configuration
Appendix D Setting up Your Computer’s IP Address Figure 147 Windows 95/98/Me: TCP/IP Properties: DNS Configuration 4 Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add. 5 Click OK to save and close the TCP/IP Properties window.
Page 253: Figure 148 Windows Xp: Start Menu
Figure 148 Windows XP: Start Menu 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 149 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties. NBG334W User’s Guide Appendix D Setting up Your Computer’s IP Address...
Page 254: Figure 150 Windows Xp: Control Panel: Network Connections: Properties
Appendix D Setting up Your Computer’s IP Address Figure 150 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 151 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP).
Page 255: Figure 152 Windows Xp: Internet Protocol (Tcp/Ip) Properties
Figure 152 Windows XP: Internet Protocol (TCP/IP) Properties 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: •...
Page 256: Figure 153 Windows Xp: Advanced Tcp/Ip Properties
Appendix D Setting up Your Computer’s IP Address Figure 153 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es).
Page 257: Figure 154 Windows Xp: Internet Protocol (Tcp/Ip) Properties
Figure 154 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 10 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT).
Page 258: Figure 155 Macintosh Os 8/9: Apple Menu
Appendix D Setting up Your Computer’s IP Address Figure 155 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 156 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. 4 For statically assigned settings, do the following: NBG334W User’s Guide...
Page 259: Figure 157 Macintosh Os X: Apple Menu
• From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your Prestige in the Router address box. 5 Close the TCP/IP Control Panel.
Page 260: Figure 158 Macintosh Os X: Network
Appendix D Setting up Your Computer’s IP Address Figure 158 Macintosh OS X: Network 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. •...
Page 261: Figure 159 Red Hat 9.0: Kde: Network Configuration: Devices
Make sure you are logged in as the root administrator. Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE. 1 Click the Red Hat button (located on the bottom left corner), select System Setting and click Network.
Page 262: Figure 160 Red Hat 9.0: Kde: Ethernet Device: General
Appendix D Setting up Your Computer’s IP Address Figure 160 Red Hat 9.0: KDE: Ethernet Device: General • If you have a dynamic IP address click Automatically obtain IP address settings with and select dhcp from the drop down list. •...
Page 263: Figure 162 Red Hat 9.0: Kde: Network Configuration: Activate
Figure 162 Red Hat 9.0: KDE: Network Configuration: Activate 7 After the network card restart process is complete, make sure the Status is Active in the Network Configuration screen. Using Configuration Files Follow the steps below to edit the network configuration files and set your computer IP address.
Page 264: Verifying Settings
Appendix D Setting up Your Computer’s IP Address 2 If you know your DNS server IP address(es), enter the DNS server information in the resolv.conf two DNS server IP addresses are specified. Figure 165 Red Hat 9.0: DNS Settings in resolv.conf nameserver 172.23.5.1 nameserver 172.23.5.2 3 After you edit and save the configuration files, you must restart the network card.
Page 265: Appendix E Wireless Lans
P P E N D I X Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless stations (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an Ad-hoc network or Independent Basic Service Set (IBSS).
Page 266: Figure 169 Basic Service Set
Appendix E Wireless LANs Figure 169 Basic Service Set An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This type of wireless LAN topology is called an Infrastructure WLAN.
Page 267: Figure 170 Infrastructure Wlan
Figure 170 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by IEEE 802.11a/b/g wireless devices. Channels available depend on your geographical area. You may have a choice of channels (for your region) so you should use a different channel than an adjacent AP (access point) to reduce interference.
Page 268: Figure 171 Rts/Cts
Appendix E Wireless LANs Figure 171 RTS/CTS When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
Page 269: Table 115 Ieee 802.11G
If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. Preamble Type A preamble is used to synchronize the transmission timing in your wireless network.
Page 270: Types Of Radius Messages
Appendix E Wireless LANs • User based identification that allows for roaming. • Support for RADIUS (Remote Authentication Dial In User Service, RFC 2138, 2139) for centralized user profile and accounting management on a network RADIUS server. • Support for EAP (Extensible Authentication Protocol, RFC 2486) that allows additional authentication methods to be deployed with no changes to the access point or the wireless stations.
Page 271: Types Of Authentication
In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password, they both know. The key is not sent over the network. In addition to the shared key, password information exchanged is also encrypted to protect the network from unauthorized access.
Page 272: Table 116 Comparison Of Eap Authentication Types
Appendix E Wireless LANs PEAP (Protected EAP) Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication.
Page 273 Key differences between WPA(2) and WEP are improved data encryption and user authentication. Encryption Both WPA and WPA2 improve data encryption by using Temporal Key Integrity Protocol (TKIP), Message Integrity Check (MIC) and IEEE 802.1x. In addition to TKIP, WPA2 also uses Advanced Encryption Standard (AES) in the Counter mode with Cipher block chaining Message authentication code Protocol (CCMP) to offer stronger encryption.
Page 274: Wpa(2)-Psk Application Example
Appendix E Wireless LANs 25.6.2 WPA(2)-PSK Application Example A WPA(2)-PSK application looks as follows. 1 First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key (PSK) must consist of between 8 and 63 ASCII characters (including spaces and symbols).
Page 275: Table 117 Wireless Security Relational Matrix
Security Parameters Summary Refer to this table to see what other security parameters you should configure for each Authentication Method/ key management protocol type. MAC address filters are not dependent on how you configure these security features. Table 117 Wireless Security Relational Matrix AUTHENTICATION METHOD/ KEY MANAGEMENT PROTOCOL...
Page 276 Appendix E Wireless LANs NBG334W User’s Guide...
Page 277: Table 118 Examples Of Services
P P E N D I X The following table lists some commonly-used services and their associated protocols and port numbers. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like.
Page 278: Appendix F Services
Appendix F Services Table 118 Examples of Services (continued) NAME H.323 HTTP HTTPS ICMP IGMP (MULTICAST) User-Defined IMAP4 IMAP4S MSN Messenger NetBIOS NEW-ICQ NEWS NNTP PING POP3 POP3S PPTP PROTOCOL PORT(S) DESCRIPTION 1720 NetMeeting uses this protocol. Hyper Text Transfer Protocol - a client/ server protocol for the world wide web.
Page 279 Table 118 Examples of Services (continued) NAME PROTOCOL PPTP_TUNNEL User-Defined (GRE) RCMD REAL_AUDIO REXEC RLOGIN ROADRUNNER TCP/UDP RTELNET RTSP TCP/UDP SFTP SMTP SMTPS SNMP TCP/UDP SNMP-TRAPS TCP/UDP SQL-NET SSDP TCP/UDP STRM WORKS SYSLOG TACACS TELNET NBG334W User’s Guide Appendix F Services PORT(S) DESCRIPTION PPTP (Point-to-Point Tunneling Protocol)
Page 280 Appendix F Services Table 118 Examples of Services (continued) NAME TFTP VDOLIVE PROTOCOL PORT(S) DESCRIPTION Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). 7000 A videoconferencing solution.
Page 282 Appendix G Legal Information If this device does cause harmful interference to radio/television reception, which can be determined by turning the device off and on, the user is encouraged to try to correct the interference by one or more of the following measures: 1 Reorient or relocate the receiving antenna.
Page 283: Zyxel Limited Warranty
3 Select the certification you wish to view from this page. ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever...
Page 284 Appendix G Legal Information NBG334W User’s Guide...
Page 285: Appendix H Customer Support
• Sales E-mail: sales@zyxel.com.tw • Telephone: +886-3-578-3942 • Fax: +886-3-578-2439 • Web: www.zyxel.com, www.europe.zyxel.com • FTP: ftp.zyxel.com, ftp.europe.zyxel.com • Regular Mail: ZyXEL Communications Corp., 6 Innovation Road II, Science Park, Hsinchu 300, Taiwan Costa Rica • Support E-mail: soporte@zyxel.co.cr • Sales E-mail: sales@zyxel.co.cr •...
Page 286 Appendix H Customer Support • Regular Mail: ZyXEL Communications, Czech s.r.o., Modranská 621, 143 01 Praha 4 - Modrany, Ceská Republika Denmark • Support E-mail: support@zyxel.dk • Sales E-mail: sales@zyxel.dk • Telephone: +45-39-55-07-00 • Fax: +45-39-55-07-07 • Web: www.zyxel.dk • Regular Mail: ZyXEL Communications A/S, Columbusvej, 2860 Soeborg, Denmark Finland •...
Page 287 India • Support E-mail: support@zyxel.in • Sales E-mail: sales@zyxel.in • Telephone: +91-11-30888144 to +91-11-30888153 • Fax: +91-11-30888149, +91-11-26810715 • Web: http://www.zyxel.in • Regular Mail: India - ZyXEL Technology India Pvt Ltd., II-Floor, F2/9 Okhla Phase -1, New Delhi 110020, India Japan •...
Page 288 Appendix H Customer Support • Regular Mail: ZyXEL Communications Inc., 1130 N. Miller St., Anaheim, CA 92806- 2001, U.S.A. Norway • Support E-mail: support@zyxel.no • Sales E-mail: sales@zyxel.no • Telephone: +47-22-80-61-80 • Fax: +47-22-80-61-81 • Web: www.zyxel.no • Regular Mail: ZyXEL Communications A/S, Nils Hansens vei 13, 0667 Oslo, Norway Poland •...
Page 289 • Telephone: +44-1344-303044, 08707-555779 (UK only) • Fax: +44-1344-303034 • Web: www.zyxel.co.uk • FTP: ftp.zyxel.co.uk • Regular Mail: ZyXEL Communications UK Ltd., 11 The Courtyard, Eastern Road, Bracknell, Berkshire RG12 2XB, United Kingdom (UK) NBG334W User’s Guide Appendix H Customer Support...
Page 290 Appendix H Customer Support NBG334W User’s Guide...
Page 291: Index
Numerics 802.11 Mode ActiveX address resolution protocol (ARP) Alert alternative subnet mask notation any IP note AP (Access Point) AP Mode menu overview status screen AP network Asymmetrical routes and IP alias see also triangle routes Backup configuration Bandwidth management application-based classes and priorities monitor...
Page 292 Index DNS (Domain Name System) DNS server Domain name vs host name. see also system name Domain Name System duplex setting 40, 66 Dynamic DNS Dynamic Host Configuration Protocol Dynamic WEP Key Exchange DynDNS Wildcard EAP Authentication e-mail Encryption encryption and local (user) database WPA compatible ESSID...
Page 293 IP pool setup LAN overview LAN Setup LAN setup LAN TCP/IP Language Link type 40, 65 local (user) database and encryption Local Area Network 86, 118 MAC address 75, 101 cloning 59, 101 MAC address filter MAC address filtering 86, 118 MAC filter 86, 118 managing the device...
Page 294 Index RADIUS Shared Secret Key RADIUS Message Types RADIUS Messages RADIUS server registration product related documentation Remote management and NAT and the firewall limitations remote management session system timeout Reset button 37, 210 Reset the device Restore configuration Restrict Web Features RF (Radio Frequency) RoadRunner Roaming...
Page 295 user authentication local (user) database RADIUS server User Name VoIP IP address assignment WAN advanced WAN IP address WAN IP address assignment WAN MAC address warranty note Web Configurator how to access Overview Web configurator navigating web configurator Web Proxy WEP Encryption WEP encryption WEP key...
Page 296 Index NBG334W User’s Guide...

This manual is also suitable for:

Nbg334s

ZyXEL Communications ZyXEL NBG334W User Manual

Chapter 1 Getting to Know Your NBG334W

Chapter 2 Introducing the Web Configurator

Chapter 3 Connection Wizard

Chapter 4 AP Mode

Chapter 5 Wireless LAN

Chapter 6 Wireless Tutorial

Chapter 7 WAN

Chapter 8 LAN

Chapter 9 Guest WLAN

Chapter 10 DHCP

Chapter 11 Network Address Translation (NAT)

Chapter 12 Dynamic DNS

Chapter 13 Firewall

Quick Links

Troubleshooting

Related Manuals for ZyXEL Communications ZyXEL NBG334W

Summary of Contents for ZyXEL Communications ZyXEL NBG334W