About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the NBG334S using the web configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology.
Syntax Conventions • The NBG334S may be referred to as the “NBG334S”, the “device”, the “product” or the “system” in this User’s Guide. • Product labels, screen names, field labels and field choices are all in bold font.
Page 5
Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The NBG334S icon is not an exact representation of your device. NBG334S Computer Notebook computer Server DSLAM Firewall Telephone Switch Router Modem NBG334S User’s Guide...
Only use the included antenna(s). • If you wall mount your device, make sure that no electrical lines, gas or water pipes will be damaged. This product is recyclable. Dispose of it properly. NBG334S User’s Guide...
Contents Overview Contents Overview Introduction ..........................27 Getting to Know Your NBG334S ....................29 Introducing the Web Configurator ....................33 Connection Wizard ........................45 AP Mode ............................ 61 Network ........................... 67 Wireless LAN ..........................69 Wireless Tutorial ........................89 WAN ............................93 LAN ............................
1.3 Router Mode ........................30 1.4 Router Features vs. AP Features ..................30 1.5 Ways to Manage the NBG334S ................... 31 1.6 Good Habits for Managing the NBG334S ................31 1.7 LEDs ............................ 31 Chapter 2 Introducing the Web Configurator ..................33 2.1 Web Configurator Overview ....................
Page 12
Chapter 4 AP Mode........................... 61 4.1 AP Mode Overview ......................61 4.2 Setting your NBG334S to AP Mode ..................61 4.3 The Status Screen in AP Mode ................... 62 4.3.1 Navigation Panel ......................64 4.4 Configuring Your Settings ....................65 4.4.1 LAN Settings ......................
Page 13
Wireless Tutorial ........................89 6.1 How to Connect to the Internet from a Notebook ..............89 6.1.1 Example Parameters ....................89 6.2 Enable and Configure Wireless Security on your NBG334S ..........89 6.3 Configure Your Notebook ....................91 Chapter 7 WAN............................
Page 14
11.1.1 DynDNS Wildcard ....................123 11.2 Dynamic DNS Screen ....................123 Part III: Security..................125 Chapter 12 Firewall........................... 127 12.1 Introduction to ZyXEL’s Firewall ..................127 12.1.1 What is a Firewall? ....................127 12.1.2 Stateful Inspection Firewall ..................127 NBG334S User’s Guide...
Page 15
Table of Contents 12.1.3 About the NBG334S Firewall ................. 127 12.1.4 Guidelines For Enhancing Security With Your Firewall .......... 128 12.2 Triangle Routes ....................... 128 12.2.1 Triangle Routes and IP Alias .................. 128 12.3 General Firewall Screen ....................129 12.4 Services Screen ......................130 Chapter 13 Content Filtering ........................
Page 17
23.1 Power, Hardware Connections, and LEDs ..............203 23.2 NBG334S Access and Login ................... 204 23.3 Internet Access ........................ 206 23.4 Resetting the NBG334S to Its Factory Defaults .............. 207 23.5 Wireless Router/AP Troubleshooting ................207 23.6 Advanced Features ......................208 Part VI: Appendices and Index ............
This chapter introduces the main features and applications of the NBG334S. 1.1 Overview The NBG334S acts as either an access point (AP) or a secure broadband router for all data passing between the Internet and your local network. In both AP and Router Mode you can set up a wireless network with other IEEE 802.11b/g compatible devices.
The following figure shows computers in a WLAN connecting to the NBG334S (A), which has a DSL connection to the Internet. The NBG334S is set to Router Mode and has router features such as a built-in firewall (B). Figure 2 Secure Wireless Internet Access in Router Mode 1.4 Router Features vs.
If you forget your password, you will have to reset the NBG334S to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the NBG334S.
Page 32
Blinking The NBG334S is sending/receiving data. The WAN connection is not ready, or has failed. WLAN Green The NBG334S is ready, but is not sending/receiving data through the wireless LAN. Blinking The NBG334S is sending/receiving data through the wireless LAN.
• In Router Mode enable the DHCP Server. The NBG334S assigns your computer an IP address on the same subnet. • In AP Mode the NBG334S does not assign an IP address to your computer, so you should check it’s in the same subnet. See Section 4.5 on page 66...
The management session automatically times out when the time period set in the Administrator Inactivity Timer field expires (default five minutes). Simply log back into the NBG334S if this happens. 6 Select your language. 7 Select the setup mode you want to use.
If you forget your password or IP address, or you cannot access the web configurator, you will need to use the RESET button at the back of the NBG334S to reload the factory-default configuration file. This means that you will lose all configurations that you had previously saved, the password will be reset to “1234”...
Device Information System Name This is the System Name you enter in the Maintenance > System > General screen. It is for identification purposes. Firmware Version This is the firmware version and the date created. WAN Information NBG334S User’s Guide...
Page 37
This displays what percentage of the NBG334S’s processing ability is currently used. When this percentage is close to 100%, the NBG334S is running at full load, and the throughput is not going to improve anymore. If you want some applications to have more throughput, you should turn off other applications (for example, using bandwidth management.
Use this screen to view details of IP addresses assigned to devices not in the same subnet as the NBG334S. BW MGMT Monitor Use this screen to view the NBG334S’s bandwidth usage and allotments. DHCP Table Use this screen to view current DHCP client information.
Page 39
Content Filter Filter Use this screen to block certain web features and sites containing certain keywords in the URL. Schedule Use this screen to set the days and times for the NBG334S to perform content filtering. Management Static Route IP Static Use this screen to configure IP static routes.
2.5.2 Summary: Any IP Table This screen displays the IP address of each computer that is using the NBG334S via the any IP feature. Any IP allows computers to access the Internet through the NBG334S without changing their network settings when NAT is enabled. To access this screen, open the Status screen (see Section 2.5 on page...
TCP/IP configuration at start-up from a server. You can configure the NBG334S as a DHCP server or disable it. When configured as a server, the NBG334S provides the TCP/IP configuration for the clients. If DHCP service is disabled, you must have another DHCP server on your LAN, or else the computer must be manually configured.
Click the WLAN Station Status (Details...) hyperlink in the Status screen. View the wireless stations that are currently associated to the NBG334S in the Association List screen. Association means that a wireless client (for example, your network or computer with a wireless network card) has connected successfully to the AP (or wireless router) using the same SSID, channel and security settings.
This is the index number of an associated wireless station. MAC Address This field displays the MAC address of an associated wireless station. Association Time This field displays the time a wireless station first associated with the NBG334S. Refresh Click Refresh to reload the list. NBG334S User’s Guide...
Page 44
Chapter 2 Introducing the Web Configurator NBG334S User’s Guide...
Refer to your ISP (Internet Service Provider) checklist in the Quick Start Guide to know what to enter in each field. Leave a field blank if you don’t have that information. 1 After you access the NBG334S web configurator, choose your language. 2 To begin the wizard, click the Go to Wizard setup hyperlink.
Computer name field and enter it as the System Name. • In Windows XP, click Start, My Computer, View system information and then click the Computer Name tab. Note the entry in the Full computer name field and enter it as the NBG334S System Name. NBG334S User’s Guide...
DESCRIPTION System Name System Name is a unique name to identify the NBG334S in an Ethernet network. Enter a descriptive name. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes "-" and underscores "_" are accepted.
Name (SSID) Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless LAN. If you change this field on the NBG334S, make sure all wireless stations use the same SSID in order to access the network. Security Select a Security level from the drop-down list box.
The preceding “0x” is entered automatically. Key 1 to Key 4 The WEP keys are used to encrypt data. Both the NBG334S and the wireless stations must use the same WEP key for data transmission. If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal characters ("0-9", "A-F").
Click Exit to close the wizard screen without saving. 3.4 Connection Wizard: STEP 3: Internet Configuration The NBG334S offers three Internet connection types. They are Ethernet, PPP over Ethernet or PPTP. The wizard attempts to detect which WAN connection type you are using. If the wizard does not detect a connection type, you must select one from the drop-down list box.
(for example DSL, cable, wireless, etc.) to achieve access to high-speed data networks. For the service provider, PPPoE offers an access and authentication method that works with existing access control systems (for instance, RADIUS). NBG334S User’s Guide...
By implementing PPPoE directly on the NBG334S (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the NBG334S does that part of the task. Furthermore, with NAT, all of the LAN's computers will have Internet access.
Select this radio button if your ISP did not assign you a fixed IP address. from ISP Use fixed IP Select this radio button, provided by your ISP to give the NBG334S a fixed, address unique IP address. My IP Address Type the (static) IP address assigned to you by your ISP.
Click Exit to close the wizard screen without saving. 3.4.4 Your IP Address The following wizard screen allows you to assign a fixed IP address or give the NBG334S an automatically assigned IP address depending on your ISP. Figure 22 Wizard Step 3: Your IP Address...
The subnet mask specifies the network number portion of an IP address. Your NBG334S will compute the subnet mask automatically based on the IP address that you entered. You don't need to change the subnet mask computed by the NBG334S unless you are instructed to do otherwise.
The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it. The NBG334S uses a system DNS server (in the order you specify here) to resolve domain names for DDNS and the time server.
This screen allows users to configure the WAN port's MAC address by either using the NBG334S’s MAC address, copying the MAC address from a computer on your LAN or manually entering a MAC address. Once it is successfully configured, the address will be copied to the "rom"...
Bandwidth management allows you to control the amount of bandwidth going out through the NBG334S’s WAN, LAN or WLAN port and prioritize the distribution of the bandwidth according to the traffic type. This helps keep one service from using all of the available bandwidth and shutting out other users.
Figure 26 Connection Wizard Save Follow the on-screen instructions and click Finish to complete the wizard setup. Figure 27 Connection Wizard Complete Well done! You have successfully set up your NBG334S to operate on your network and access the Internet. NBG334S User’s Guide...
AP mode. 4.1 AP Mode Overview Use your NBG334S as an AP if you already have a router or gateway on your network. In this mode your device bridges a wired network (LAN) and wireless LAN (WLAN) in the same subnet.
(See Section 22.2 on page 200 for more information on the pop-up.) Click Apply. Your NBG334S is now in AP Mode. You do not have to log in again or restart your device when you change modes. 4.3 The Status Screen in AP Mode Click on Status.
This displays what percentage of the NBG334S’s processing ability is currently used. When this percentage is close to 100%, the NBG334S is running at full load, and the throughput is not going to improve anymore. If you want some applications to have more throughput, you should turn off other applications (for example, using bandwidth management.
Use this screen to view the wireless stations that are currently associated to the NBG334S. 4.3.1 Navigation Panel Use the menu in the navigation panel to configure NBG334S features in AP Mode. The following screen and table show the features you can configure in AP Mode. Figure 31 Menu: AP Mode The following table describes the sub-menus.
Use this section to configure your LAN settings while in AP Mode. Click Network > LAN to see the screen below. If you change the IP address of the NBG334S in the screen below, you will need to log into the NBG334S again using the new IP address.
LABEL DESCRIPTION Get form Select this option to allow the NBG334S to obtain an IP address from a DHCP server DHCP Server on the network. You must connect the WAN port to a device with a DHCP server enabled (such as a router or gateway). Without a DHCP server the NBG334S will have no IP address.
H A P T E R Wireless LAN This chapter discusses how to configure the wireless network settings in your NBG334S. See the appendices for more detailed information about wireless networks. 5.1 Wireless Network Overview The following figure provides an example of a wireless network.
Page 70
( ) WEP (64bit, 128bit or 256bit key) (ASCII or Hex):________________ ( ) IEEE 802.1x ( ) WPA-PSK (TKIP or AES):_______________ ( ) WPA (TKIP or AES) ( ) WPA2-PSK (TKIP or AES):______________ ( ) WPA2 (TKIP or AES) NBG334S User’s Guide...
Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks. These kinds of wireless devices might not have MAC addresses. Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F. NBG334S User’s Guide...
RADIUS server. Therefore, there is no user authentication. Suppose the wireless network has two wireless clients. Device A only supports WEP, and device B supports WEP and WPA. Therefore, you should set up Static WEP in the wireless network. NBG334S User’s Guide...
When you select WPA2 or WPA2-PSK in your NBG334S, you can also select an option (WPA Compatible) to support WPA as well. In this case, if some wireless clients support WPA and some support WPA2, you should set up WPA2-PSK or WPA2 (depending on the type of wireless network login) and select the WPA Compatible option in the NBG334S.
5 The access points must be connected to the Ethernet and be able to get IP addresses from a DHCP server if using dynamic IP address assignment. 5.4 Quality of Service This section discusses the Quality of Service (QoS) features available on the NBG334S. NBG334S User’s Guide...
The NBG334S uses WMM QoS to prioritize traffic streams according to the IEEE 802.1q tag or DSCP information in each packet’s header. The NBG334S automatically determines the priority to use for an individual traffic stream.
Select No Security to allow wireless stations to communicate with the access points without any data encryption. If you do not enable any wireless security on your NBG334S, your network is accessible to any wireless networking device that is within range.
Both the wireless stations and the access points must use the same WEP key. Your NBG334S allows you to configure up to four 64-bit or 128-bit WEP keys but only one key can be enabled at any one time.
The preceding "0x", that identifies a hexadecimal key, is entered automatically. Key 1 to Key 4 The WEP keys are used to encrypt data. Both the NBG334S and the wireless stations must use the same WEP key for data transmission.
This check box is available only when you select WPA2-PSK or WPA2 in the Security Mode field. Select the check box to have both WPA2 and WPA wireless clients be able to communicate with the NBG334S even when the NBG334S is using WPA2-PSK or WPA2. Pre-Shared Key The encryption mechanisms used for WPA/WPA2 and WPA-PSK/WPA2-PSK are the same.
WLAN on a periodic basis. Setting of the Group Key Update Timer is also supported in WPA-PSK/WPA2-PSK mode. The default is 1800 seconds (30 minutes). Apply Click Apply to save your changes back to the NBG334S. Reset Click Reset to reload the previous configuration for this screen. 5.5.4 WPA/WPA2 Click Network >...
This check box is available only when you select WPA2-PSK or WPA2 in the Security Mode field. Select the check box to have both WPA2 and WPA wireless clients be able to communicate with the NBG334S even when the NBG334S is using WPA2-PSK or WPA2. ReAuthentication...
Chapter 5 Wireless LAN 5.6 MAC Filter The MAC filter screen allows you to configure the NBG334S to give exclusive access to up to 32 devices (Allow) or exclude up to 32 devices from accessing the NBG334S (Deny). Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02.
Enter the MAC addresses of the wireless station that are allowed or denied access to Address the NBG334S in these address fields. Enter the MAC addresses in a valid MAC address format, that is, six hexadecimal character pairs, for example, 12:34:56:78:9a:bc.
Output Power Set the output power of the NBG334S in this field. If there is a high density of APs within an area, decrease the output power of the NBG334S to reduce interference with other APs.
WMM information in its header, it is assigned the default priority. WMM QoS Policy Select Default to have the NBG334S automatically give a service a priority level according to the ToS value in the IP header of packets it sends. WMM QoS (Wifi MultiMedia Quality of Service) gives high priority to voice and video, which makes them run more smoothly.
Click the Remove icon to delete an application entry. Apply Click Apply to save your changes to the NBG334S. 5.8.1 Application Priority Configuration Use this screen to edit a WMM QoS application entry. Click the edit icon under Modify. The following screen displays.
Page 87
Priority Select a priority from the drop-down list box. Apply Click Apply to save your changes back to the NBG334S. Cancel Click Cancel to return to the previous screen. NBG334S User’s Guide...
Page 88
Chapter 5 Wireless LAN NBG334S User’s Guide...
6.2 Enable and Configure Wireless Security on your NBG334S Follow the steps below to configure the wireless settings on your NBG334S. The instructions require that your hardware is connected (see the Quick Start Guide) and you are logged into the web configurator through your LAN connection (see Section 2.2 on page...
Figure 45 Network > Wireless LAN > General 5 Open the Status screen. Verify your wireless and wireless security settings under Device Information and check if the WLAN connection is up under Interface Status. Figure 46 Status: AP Mode NBG334S User’s Guide...
We use the ZyXEL M-302 wireless adapter utility screens as an example for the wireless client. The screens may vary for different models. 1 The NBG334S supports IEEE 802.11b and IEEE 802.11g wireless clients. Make sure that your notebook or computer’s wireless adapter supports one of these standards.
8 If your connection is successful, open your Internet browser and enter http:// www.zyxel.com or the URL of any other web site in the address bar. If you are able to access the web site, your wireless connection is successfully configured. NBG334S User’s Guide...
224.0.0.1 is used for query messages and is assigned to the permanent group of all IP hosts (including gateways). All hosts must join the 224.0.0.1 group in order to participate in IGMP. The address 224.0.0.2 is assigned to the multicast routers group. NBG334S User’s Guide...
(LAN; WAN). Select None to disable IP multicasting on these interfaces. 7.4 Internet Connection Use this screen to change your NBG334S’s Internet access settings. Click Network > WAN. The screen differs according to the encapsulation you choose. 7.4.1 Ethernet Encapsulation This screen displays when you select Ethernet encapsulation.
DNS Servers First DNS Server Select From ISP if your ISP dynamically assigns DNS server information (and the NBG334S's WAN IP address). The field to the right displays the (read-only) DNS Second DNS server IP address that the ISP assigns.
By implementing PPPoE directly on the NBG334S (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the NBG334S does that part of the task. Furthermore, with NAT, all of the LANs’ computers will have access.
DNS Servers First DNS Server Select From ISP if your ISP dynamically assigns DNS server information (and the NBG334S's WAN IP address). The field to the right displays the (read-only) DNS Second DNS server IP address that the ISP assigns.
Set WAN MAC Select this option and enter the MAC address you want to use. Address Apply Click Apply to save your changes back to the NBG334S. Reset Click Reset to begin configuring this screen afresh. 7.4.3 PPTP Encapsulation Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables secure transfer of data from a remote client to a private server, creating a Virtual Private Network (VPN) using TCP/IP-based networks.
Virtual Private Network (VPN) using TCP/IP-based networks. PPTP supports on-demand, multi-protocol, and virtual private networking over public networks, such as the Internet. The NBG334S supports only one PPTP server connection at any given time. To configure a PPTP client, you must configure the User Name and Password fields for a PPP connection and the PPTP parameters for a PPTP connection.
First DNS Server Select From ISP if your ISP dynamically assigns DNS server information (and the NBG334S's WAN IP address). The field to the right displays the (read- Second DNS Server only) DNS server IP address that the ISP assigns.
WAN and from the WAN to the LAN. Allow Trigger Dial Select this option to allow NetBIOS packets to initiate calls. Apply Click Apply to save your changes back to the NBG334S. Reset Click Reset to begin configuring this screen afresh. NBG334S User’s Guide...
IP addresses, and partition your physical network into logical networks. 8.1.1 IP Pool Setup The NBG334S is pre-configured with a pool of 32 IP addresses starting from 192.168.1.33 to 192.168.1.64. This configuration leaves 31 IP addresses (excluding the NBG334S itself) in the lower range (192.168.1.2 to 192.168.1.32) for other server computers, for instance, servers for...
Traditionally, you must set the IP addresses and the subnet masks of a computer and the NBG334S to be in the same subnet to allow the computer to access the Internet (through the NBG334S). In cases where your computer is required to use a static IP address in another network, you may need to manually configure the network settings of the computer every time you want to access the Internet via the NBG334S.
IP routing table is defined on IP Ethernet devices (the NBG334S) to decide which hop to use, to help forward data along to its specified destination. The following lists out the steps taken, when a computer tries to access the Internet for the first time through the NBG334S.
Ethernet interface. The NBG334S supports three logical LAN interfaces via its single physical Ethernet interface with the NBG334S itself as the gateway for each LAN network. To change your NBG334S’s IP alias settings, click Network > LAN > IP Alias. The screen appears as shown.
Reset Click Reset to begin configuring this screen afresh. 8.5 Advanced LAN Screen To change your NBG334S’s advanced IP settings, click Network > LAN > Advanced. The screen appears as shown. Figure 58 Network > LAN > Advanced NBG334S User’s Guide...
Clear this check box to block all NetBIOS packets going from the LAN to the WAN and from the WAN to the LAN. Apply Click Apply to save your changes back to the NBG334S. Reset Click Reset to begin configuring this screen afresh.
TCP/IP configuration at start-up from a server. You can configure the NBG334S as a DHCP server or disable it. When configured as a server, the NBG334S provides the TCP/IP configuration for the clients. If DHCP service is disabled, you must have another DHCP server on your LAN, or else the computer must be manually configured.
00:A0:C5:00:00:02. To change your NBG334S’s static DHCP settings, click Network > DHCP Server > Advanced. The following screen displays. Figure 60 Network > DHCP Server > Advanced The following table describes the labels in this screen.
LAN IP address displays in the field to the right (read-only). The NBG334S tells the DHCP clients on the LAN that the NBG334S itself is the DNS server. When a computer on the LAN sends a DNS query to the NBG334S, the NBG334S forwards the query to the NBG334S's system DNS server (configured in the WAN >...
Reserve Select this check box to have the NBG334S always assign this IP address to this MAC address (and host name). After you click Apply, the MAC address and IP address also display in the Advanced screen (where you can edit them).
H A P T E R Network Address Translation (NAT) This chapter discusses how to configure NAT on the NBG334S. 10.1 NAT Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet.
WAN IP address. The NAT network appears as a single host on the Internet Figure 62 Multiple Servers Behind NAT Example 10.3 General NAT Screen Click Network > NAT to open the General screen. Figure 63 Network > NAT > General NBG334S User’s Guide...
Application screen. If you do not assign a Default Server IP address, the NBG334S discards all packets received for ports that are not specified in the Application screen or remote management.
LABEL DESCRIPTION Game List Update A game list includes the pre-defined service name(s) and port number(s). You can edit and upload it to the NBG334S to replace the existing entries in the second field next to Service Name. File Path Type in the location of the file you want to upload in this field or click Browse...
(no spaces). Use the name=xxx (where xxx is the service name) to create a new service. Port range can be separated with a hyphen (-) (no spaces). Multiple (non-consecutive) ports can be separated by commas. NBG334S User’s Guide...
Trigger port forwarding solves this problem by allowing computers on the LAN to dynamically take turns using the service. The NBG334S records the IP address of a LAN computer that sends traffic to the WAN to request a service with a specific port number and protocol (a "trigger"...
1 Jane requests a file from the Real Audio server (port 7070). 2 Port 7070 is a “trigger” port and causes the NBG334S to record Jane’s computer IP address. The NBG334S associates Jane's computer IP address with the "incoming" port range of 6970-7170.
Each NAT session establishes a corresponding firewall session. Use this field to limit the number of NAT/firewall sessions each client computer can establish through the NBG334S. If your network has a small number of clients using peer to peer applications, you can raise this number to ensure that their performance is not degraded by the number of NAT sessions they can establish.
Page 121
Type a port number or the ending port number in a range of port numbers. Trigger The trigger port is a port (or a range of ports) that causes (or triggers) the NBG334S to record the IP address of the LAN computer that sent the traffic to a server on the WAN. Start Port Type a port number or the starting port number in a range of port numbers.
If you have a private WAN IP address, then you cannot use Dynamic DNS. 11.2 Dynamic DNS Screen To change your NBG334S’s DDNS, click Network > DDNS. The screen appears as shown. NBG334S User’s Guide...
Type the IP address of the host name(s). Use this if you have a static IP Address address. Apply Click Apply to save your changes back to the NBG334S. Reset Click Reset to begin configuring this screen afresh. NBG334S User’s Guide...
Denial of Service attacks when activated (click the General tab under Firewall and then click the Enable Firewall check box). The NBG334S's purpose is to allow a private Local Area Network (LAN) to be securely connected to the Internet. The NBG334S can be used to prevent theft, destruction and modification of data, as well as log events, which may be important to the security of your network.
7 Keep the firewall in a secured (locked) room. 12.2 Triangle Routes If an alternate gateway on the LAN has an IP address in the same subnet as the NBG334S’s LAN IP address, return traffic may not go through the NBG334S. This is called an asymmetrical or “triangle”...
2 The NBG334S reroutes the packet to Gateway A, which is in Subnet 2. 3 The reply from the WAN goes to the NBG334S. 4 The NBG334S then sends it to the computer on the LAN in Subnet 1. Figure 69 Using IP Alias to Solve the Triangle Route Problem 12.3 General Firewall Screen...
Click Security > Firewall > Services. The screen appears as shown next. If an outside user attempts to probe an unsupported port on your NBG334S, an ICMP response packet is automatically returned. This allows the outside user to know the NBG334S exists.
Respond to Ping The NBG334S will not respond to any incoming Ping requests when Disable is selected. Select LAN to reply to incoming LAN Ping requests. Select WAN to reply to incoming WAN Ping requests. Otherwise select LAN & WAN to reply to both incoming LAN and WAN Ping requests.
Page 132
NBG334S services unseen. By default this option is not selected and the NBG334S will reply with an ICMP Port Unreachable packet for a port probe on its unused UDP ports, and a TCP Reset packet for a port probe on its unused TCP ports.
The NBG334S can block web features such as ActiveX controls, Java applets, cookies and disable web proxies. 13.3 Days and Times The NBG334S also allows you to define time periods and days during which the NBG334S performs content filtering. 13.4 Filter Screen Click Security >...
Keyword Blocking Enable URL The NBG334S can block Web sites with URLs that contain certain keywords in Keyword Blocking the domain name or IP address. For example, if the keyword "bad" was enabled, all sites containing this keyword in the domain name or IP address will be blocked, e.g., URL http://www.website.com/bad.html would be blocked.
Click Reset to begin configuring this screen afresh 13.5 Schedule Use this screen to set the day(s) and time you want the NBG334S to use content filtering. Click Security > Content Filter > Schedule. The following screen displays. Figure 73 Security > Content Filter > Schedule The following table describes the labels in this screen.
By default, the NBG334S checks the URL’s domain name or IP address when performing keyword blocking. This means that the NBG334S checks the characters that come before the first slash in the URL. For example, with the URL www.zyxel.com.tw/news/pressroom.php, content filtering only searches for keywords within www.zyxel.com.tw.
N2 in the following figure through remote node router R1. However, the NBG334S is unable to route a packet to network N3 because it doesn't know that there is a route through the same remote node router R1 (via gateway router R2). The static routes are for you to tell the NBG334S about the networks beyond the remote nodes.
This is the IP address of the gateway. The gateway is an immediate neighbor of your NBG334S that will forward the packet to the destination. On the LAN, the gateway must be a router on the same segment as your NBG334S; over the WAN, the gateway must be the IP address of one of the remote nodes.
NBG334S that will forward the packet to the destination. On the LAN, the gateway must be a router on the same segment as your NBG334S; over the WAN, the gateway must be the IP address of one of the Remote Nodes.
• The sum of the bandwidth allotments that apply to the WAN interface (LAN to WAN, WLAN to WAN, WAN to WAN / NBG334S) must be less than or equal to the Upstream Bandwidth that you configure in the Bandwidth Management Advanced screen.
64 Kbps 64 Kbps 15.5 Bandwidth Management Priorities The following table describes the priorities that you can apply to traffic that the NBG334S forwards out through an interface. Table 57 Bandwidth Management Priorities PRIORITY LEVELS: TRAFFIC WITH A HIGHER PRIORITY GETS THROUGH FASTER WHILE TRAFFIC WITH A LOWER PRIORITY IS DROPPED IF THE NETWORK IS CONGESTED.
World Wide Web. The Web is not synonymous with the Internet; rather, it is just one service on the Internet. Other services on the Internet include Internet Relay Chat and Newsgroups. The Web is accessed through use of a browser. NBG334S User’s Guide...
The second field indicates the IP port number that defines the service. (Note that there may be more than one IP protocol type. For example, look at the DNS service. means (UDP/TCP:53) UDP port 53 and TCP port 53. NBG334S User’s Guide...
This is the control channel. PPTP_TUNNEL(GRE:0) Point-to-Point Tunneling Protocol enables secure transfer of data over public networks. This is the data channel. RCMD(TCP:512) Remote Command Service. REAL_AUDIO(TCP:7070) A streaming audio service that enables real time sound over the web. NBG334S User’s Guide...
With the automatic traffic classifier feature activated, the NBG334S automatically assigns a default bandwidth management class and priority to traffic that does not match any of the user-defined rules. The traffic is classified based on the traffic type.
This field is only applicable when you select the Enable Bandwidth Traffic Classifier Management check box. Select this check box to have the NBG334S base on the default bandwidth classes to apply bandwidth management. Real-time packets, such as VoIP traffic always get higher priority.
Use this table to allocate specific amounts of bandwidth based on the pre-defined service. This is the number of an individual bandwidth management rule. Enable Select this check box to have the NBG334S apply this bandwidth management rule. Service This is the name of the service.
Table 62 Management > Bandwidth MGMT > Advanced (continued) LABEL DESCRIPTION Enable Select this check box to have the NBG334S apply this bandwidth management rule. Direction Select To LAN to apply bandwidth management to traffic that the NBG334S forwards to the LAN.
The gray section of the bar represents the percentage of unused bandwidth and the blue color represents the percentage of bandwidth in use. Figure 81 Management > Bandwidth MGMT > Monitor NBG334S User’s Guide...
To disable remote management of a service, select Disable in the corresponding Server Access field. You may only have one remote management session running at a time. The NBG334S automatically disconnects a remote management session of lower priority when another remote management session of higher priority starts.
There is a default system management idle timeout of five minutes (three hundred seconds). The NBG334S automatically logs you out if the management session remains idle for longer than this timeout period. The management session does not time out when a statistics screen is polling.
Click Reset to begin configuring this screen afresh. 16.3 Telnet You can configure your NBG334S for remote Telnet access as shown next. The administrator uses Telnet from a computer on a remote network to access the NBG334S. Figure 83 Telnet Configuration on a TCP/IP Network 16.4 Telnet Screen...
To use this feature, your computer must have an FTP client. To change your NBG334S’s FTP settings, click Management > Remote MGMT > FTP. The screen appears as shown.
Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa. Refer to the chapter on Wizard Setup for background information. To change your NBG334S’s DNS settings, click Management > Remote MGMT > DNS. The screen appears as shown.
The automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues. Network information and configuration may also be obtained and modified by users in some network environments. NBG334S User’s Guide...
Chapter 17 Universal Plug-and-Play (UPnP) When a UPnP device joins a network, it announces its presence with a multicast message. For security reasons, the NBG334S allows multicast messages on the LAN only. All UPnP-enabled devices may communicate freely with each other without additional configuration.
Table 68 Management > UPnP > General LABEL DESCRIPTION Apply Click Apply to save the setting to the NBG334S. Cancel Click Cancel to return to the previously saved settings. 17.4 Installing UPnP in Windows Example This section shows how to install UPnP in Windows Me and Windows XP.
3 In the Network Connections window, click Advanced in the main menu and select Optional Networking Components …. Figure 90 Network Connections 4 The Windows Optional Networking Components Wizard window displays. Select Networking Service in the Components selection box and click Details. NBG334S User’s Guide...
Figure 91 Windows Optional Networking Components Wizard 5 In the Networking Services window, select the Universal Plug and Play check box. Figure 92 Networking Services 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. NBG334S User’s Guide...
This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the NBG334S. Make sure the computer is connected to a LAN port of the NBG334S. Turn on your computer and the NBG334S.
Chapter 17 Universal Plug-and-Play (UPnP) Figure 94 Internet Connection Properties 4 You may edit or delete the port mappings or click Add to manually add port mappings. NBG334S User’s Guide...
5 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. 6 Select Show icon in notification area when connected option and click OK. An icon displays in the system tray. NBG334S User’s Guide...
Web Configurator Easy Access With UPnP, you can access the web-based configurator on the NBG334S without finding out the IP address of the NBG334S first. This comes helpful if you do not know the IP address of the NBG334S. Follow the steps below to access the web configurator.
Chapter 17 Universal Plug-and-Play (UPnP) Figure 99 Network Connections 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click on the icon for your NBG334S and select Invoke. The web configurator login screen displays. NBG334S User’s Guide...
Chapter 17 Universal Plug-and-Play (UPnP) Figure 100 Network Connections: My Network Places 6 Right-click on the icon for your NBG334S and select Properties. A properties window displays with basic information about the NBG334S. Figure 101 Network Connections: My Network Places: Properties: Example...
DESCRIPTION System Name System Name is a unique name to identify the NBG334S in an Ethernet network. It is recommended you enter your computer’s “Computer name” in this field (see the chapter about wizard setup for how to find your computer’s name).
Click Reset to begin configuring this screen afresh. 18.3 Time Setting Screen To change your NBG334S’s time and date, click Maintenance > System > Time Setting. The screen appears as shown. Use this screen to configure the NBG334S’s time based on your local time zone.
When you set Time and Date Setup to Manual, enter the new date in this field and then click Apply. Get from Time Select this radio button to have the NBG334S get the time and date from the Server time server you specified below.
Page 176
In Germany for instance, you would type 2 because Germany's time zone is one hour ahead of GMT or UTC (GMT+1). Apply Click Apply to save your changes back to the NBG334S. Reset Click Reset to begin configuring this screen afresh.
NBG334S’s logs. Refer to the appendices for example log message explanations. 19.1 View Log The web configurator allows you to look at all of the NBG334S’s logs in one location. Click Maintenance > Logs to open the View Log screen.
Click Maintenance > Logs > Log Settings to open the Log Settings screen. Use the Log Settings screen to configure to where the NBG334S is to send logs; the schedule for when the NBG334S is to send the logs and which logs and/or immediate alerts the NBG334S to send.
NBG334S sends. Not all NBG334S models have this field. Send Log To The NBG334S sends logs to the e-mail address specified in this field. If this field is left blank, the NBG334S does not send logs via e-mail. NBG334S User’s Guide...
Page 180
Enter the time of the day in 24-hour format (for example 23:00 equals 11:00 pm) to send the logs. Clear log after Select the checkbox to delete all the logs after the NBG334S sends an E-mail of sending mail the logs.
SSH login failed Someone has logged on to the router's web configurator Successful HTTPS login interface using HTTPS protocol. Someone has failed to log on to the router's web configurator HTTPS login failed interface using HTTPS protocol. NBG334S User’s Guide...
The router sent a TCP reset packet when a TCP connection state Peer TCP state out of was out of order.Note: The firewall refers to RFC793 Figure 6 to order, sent TCP RST check the TCP state. NBG334S User’s Guide...
ICMP The firewall does not support this kind of ICMP packets Unsupported/out-of-order ICMP: or the ICMP packets are out of order. ICMP The router sent an ICMP reply packet to the sender. Router reply ICMP packet: ICMP NBG334S User’s Guide...
%s: Forbidden Web site The web site is in the forbidden web site list. The web site contains ActiveX. %s: Contains ActiveX The web site contains a Java applet. %s: Contains Java applet The web site contains a cookie. %s: Contains cookie NBG334S User’s Guide...
The NBG334S cannot get the IP address of the external content DNS resolving failed filtering via DNS query. Creating socket failed The NBG334S cannot issue a query because TCP/IP socket creation failed, port:port number. The connection to the external content filtering server failed.
Source field. The router received an ARL (Authority Revocation List), with size and Rcvd ARL <size>: issuer name as recorded, from the LDAP server whose address and <issuer name> port are recorded in the Source field. NBG334S User’s Guide...
User logout because of no authentication response. authentication response from user. The router logged out a user whose idle timeout period User logout because of idle expired. timeout expired. A user logged out. User logout because of user request. NBG334S User’s Guide...
ACL set for packets traveling from the LAN to the LAN or NBG334S the NBG334S. (W to W/P) WAN to WAN/ ACL set for packets traveling from the WAN to the WAN NBG334S or the NBG334S. Table 87 ICMP Notes TYPE CODE DESCRIPTION Echo Reply Echo reply message...
The following table shows RFC-2408 ISAKMP payload types that the log displays. Please refer to the RFC for detailed information on each type. Table 89 RFC-2408 ISAKMP Payload Types LOG DISPLAY PAYLOAD TYPE Security Association Proposal PROP Transform TRANS Key Exchange Identification Certificate Certificate Request CER_REQ Hash HASH NBG334S User’s Guide...
(.zip) files before you can upload them. Upload Click Upload to begin the upload process. This process may take up to two minutes. Do not turn off the NBG334S while firmware upload is in progress! NBG334S User’s Guide...
After you see the Firmware Upload In Process screen, wait two minutes before logging into the NBG334S again. Figure 107 Upload Warning The NBG334S automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 108 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen.
Figure 110 Maintenance > Tools > Configuration 20.2.1 Backup Configuration Backup configuration allows you to back up (save) the NBG334S’s current configuration to a file on your computer. Once your NBG334S is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes.
If you uploaded the default configuration file you may need to change the IP address of your computer to be in the same subnet as that of the default NBG334S IP address (192.168.1.1). See your Quick Start Guide for details on how to set up your computer’s IP address.
Chapter 20 Tools Click Maintenance > Tools > Restart. Click Restart to have the NBG334S reboot. This does not affect the NBG334S's configuration. Figure 114 Maintenance > Tools > Restart NBG334S User’s Guide...
Apply Click on this to set the mode. Reset Click on this to reset your selection to the default (Advanced). The following table includes the screens that you can view and configure only when you select Advanced. NBG334S User’s Guide...
Content Filter Schedule Management Static Route IP Static Route Bandwidth MGMT Advanced Monitor Remote MGMT Telnet Maintenance Logs Log Settings In AP Mode many screens will not be available. See Chapter 4 on page 61 more information. NBG334S User’s Guide...
The Sys Op Mode (System Operation Mode) function lets you configure whether your NBG334S is a router or AP. You can choose between Router Mode and AP Mode depending on your network topology and the features you require from your device. See Section 1.1 on...
• The LAN IP address of the device on the local network is set to 192.168.1.1. • You can configure the IP address settings on your WAN port. Contact your ISP or system administrator for more information on appropriate settings. If you select Access Point the following pop-up message window appears. NBG334S User’s Guide...
Select Access Point if your device bridges traffic between clients on the same network. Apply Click Apply to save your settings. Reset Click Reset to return your settings to the default (Router) If you select the incorrect System Operation Mode you cannot connect to the Internet. NBG334S User’s Guide...
Page 202
Chapter 22 Sys Op Mode NBG334S User’s Guide...
7 Make sure you are using the power adaptor or cord included with the NBG334S. 8 Make sure the power adaptor or cord is connected to the NBG334S and plugged in to an appropriate power source. Make sure the power source is turned on.
IP address from a DHCP server on the network. 4 If your NBG334S is a DHCP client, you can find your IP address from the DHCP server. This information is only available from the DHCP server which allocates IP addresses on your network.
Page 205
Appendix B on page 217. 4 Make sure your computer is in the same subnet as the NBG334S. (If you know that there are routers between your computer and the NBG334S, skip this step.) • If there is a DHCP server on your network, make sure your computer is using a dynamic IP address.
Internet, especially peer-to-peer applications. 2 Check the signal strength. If the signal strength is low, try moving the NBG334S closer to the AP if possible, and look around to see if there are any devices that might be...
23.4 Resetting the NBG334S to Its Factory Defaults If you reset the NBG334S, you lose all of the changes you have made. The NBG334S re-loads its default settings, and the password resets to 1234. You have to make all of your changes again.
4 Make sure your computer (with a wireless adapter installed) is within the transmission range of the NBG334S. 5 Check that both the NBG334S and your wireless station are using the same wireless and wireless security settings. 6 Make sure traffic between the WLAN and the LAN is not blocked by the firewall on the NBG334S.
Appendices and Index Product Specifications and Wall-Mounting Instructions (211) Pop-up Windows, JavaScripts and Java Permissions (217) IP Addresses and Subnetting (223) Setting up Your Computer’s IP Address (231) Wireless LANs (247) Services (259) Legal Information (263) Customer Support (267) Index (273)
NBG334S without the cost of a hub when connecting to the Internet through the WAN port. You can add up to five computers to the NBG334S when you connect to the Internet in AP mode. Add more than four computers to your LAN by using a hub.
Page 212
NBG334S. Note: Only upload firmware for your specific model! Configuration Backup & Make a copy of the NBG334S’s configuration and put it back on the Restoration NBG334S later if you decide you want to revert back to an earlier configuration.
Management Protocol) used to join multicast groups (see RFC 2236). IP Alias IP Alias allows you to subdivide a physical network into logical networks over the same Ethernet interface with the NBG334S itself as the gateway for each subnet. Logging and Tracing Use packet tracing and logs for troubleshooting.
Page 214
4 Make sure the screws are snugly fastened to the wall. They need to hold the weight of the NBG334S with the connection cables. 5 Align the holes on the back of the NBG334S with the screws on the wall. Hang the NBG334S on the screws.
Appendix A Product Specifications and Wall-Mounting Instructions Figure 121 Wall-mounting Example The following are dimensions of an M4 tap screw and masonry plug used for wall mounting. All measurements are in millimeters (mm). Figure 122 Masonry Plug and M4 Tap Screw NBG334S User’s Guide...
Page 216
Appendix A Product Specifications and Wall-Mounting Instructions NBG334S User’s Guide...
1 In Internet Explorer, select Tools, Pop-up Blocker and then select Turn Off Pop-up Blocker. Figure 123 Pop-up Blocker You can also check if pop-up blocking is disabled in the Pop-up Blocker section in the Privacy tab. 1 In Internet Explorer, select Tools, Internet Options, Privacy. NBG334S User’s Guide...
Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 In Internet Explorer, select Tools, Internet Options and then the Privacy tab. 2 Select Settings…to open the Pop-up Blocker Settings screen. NBG334S User’s Guide...
3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. 4 Click Add to move the IP address to the list of Allowed sites. Figure 126 Pop-up Blocker Settings NBG334S User’s Guide...
3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default). 6 Click OK to close the window. NBG334S User’s Guide...
2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected. 5 Click OK to close the window. Figure 129 Security Settings - Java NBG334S User’s Guide...
1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for <applet> under Java (Sun) is selected. 3 Click OK to close the window. Figure 130 Java (Sun) NBG334S User’s Guide...
Therefore, each octet has a possible range of 00000000 to 11111111 in binary, or 0 to 255 in decimal. The following figure shows an example IP address in which the first three octets (192.168.1) are the network number, and the fourth octet (16) is the host ID. NBG334S User’s Guide...
Subnet masks can be referred to by the size of the network number part (the bits with a “1” value). For example, an “8-bit mask” means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes. NBG334S User’s Guide...
For example, 192.1.1.0 /25 is equivalent to saying 192.1.1.0 with subnet mask 255.255.255.128. The following table shows some possible subnet masks using both notations. Table 102 Alternative Subnet Mask Notation ALTERNATIVE LAST OCTET LAST OCTET SUBNET MASK NOTATION (BINARY) (DECIMAL) 255.255.255.0 0000 0000 255.255.255.128 1000 0000 NBG334S User’s Guide...
The “borrowed” host ID bit can have a value of either 0 or 1, allowing two subnets; 192.168.1.0 /25 and 192.168.1.128 /25. The following figure shows the company network after subnetting. There are now two sub- networks, A and B. NBG334S User’s Guide...
Similarly, use a 27-bit mask to create eight subnets (000, 001, 010, 011, 100, 101, 110 and 111). The following table shows IP address last octet values for each subnet. Table 107 Eight Subnets SUBNET LAST BROADCAST SUBNET FIRST ADDRESS ADDRESS ADDRESS ADDRESS NBG334S User’s Guide...
You must also enable Network Address Translation (NAT) on the NBG334S. Once you have decided on the network number, pick an IP address for your NBG334S that is easy to remember (for instance, 192.168.1.1) but make sure that no other device on your network is using that IP address.
If you manually assign IP information instead of using dynamic assignment, make sure that your computers have IP addresses that place them in the same subnet as the Prestige’s LAN port. Windows 95/98/Me Click Start, Settings, Control Panel and double-click the Network icon to open the Network window. NBG334S User’s Guide...
2 Select Client and then click Add. 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click 5 Restart your computer so the changes you made take effect. NBG334S User’s Guide...
• If you do not know your DNS information, select Disable DNS. • If you know your DNS information, select Enable DNS and type the information in the fields below (you may not need to fill them all in). NBG334S User’s Guide...
3 Select your network adapter. You should see your computer's IP address, subnet mask and default gateway. Windows 2000/NT/XP The following example figures use the default Windows XP GUI theme. 1 Click start (Start in Windows 2000/NT), Settings, Control Panel. NBG334S User’s Guide...
Appendix D Setting up Your Computer’s IP Address Figure 137 Windows XP: Start Menu 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 138 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties. NBG334S User’s Guide...
• If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields. • Click Advanced. NBG334S User’s Guide...
To manually configure a default metric (the number of transmission hops), clear the Automatic metric check box and type a metric in Metric. • Click Add. • Repeat the previous three steps for each default gateway you want to add. • Click OK when finished. NBG334S User’s Guide...
• If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields. If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. NBG334S User’s Guide...
2 In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can also open Network Connections, right-click a network connection, click Status and then click the Support tab. Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel. NBG334S User’s Guide...
Figure 144 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 145 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. 4 For statically assigned settings, do the following: NBG334S User’s Guide...
2 Click Network in the icon bar. • Select Automatic from the Location list. • Select Built-in Ethernet from the Show list. • Click the TCP/IP tab. 3 For dynamically assigned settings, select Using DHCP from the Configure list. NBG334S User’s Guide...
Check your TCP/IP properties in the Network window. Linux This section shows you how to configure your computer’s TCP/IP settings in Red Hat Linux 9.0. Procedure, screens and file location may vary depending on your Linux distribution and release version. NBG334S User’s Guide...
1 Click the Red Hat button (located on the bottom left corner), select System Setting and click Network. Figure 148 Red Hat 9.0: KDE: Network Configuration: Devices 2 Double-click on the profile of the network card you wish to configure. The Ethernet Device General screen displays as shown. NBG334S User’s Guide...
Configuration screen. Enter the DNS server information in the fields provided. Figure 150 Red Hat 9.0: KDE: Network Configuration: DNS 5 Click the Devices tab. 6 Click the Activate button to apply the changes. The following screen displays. Click Yes to save the changes in all screens. NBG334S User’s Guide...
The following example shows an example where the static IP address is 192.168.1.10 and the subnet mask is 255.255.255.0. Figure 153 Red Hat 9.0: Static IP Address Setting in ifconfig-eth0 DEVICE=eth0 ONBOOT=yes BOOTPROTO=static IPADDR=192.168.1.10 NETMASK=255.255.255.0 USERCTL=no PEERDNS=yes TYPE=Ethernet NBG334S User’s Guide...
Intra-BSS traffic is traffic between wireless stations in the BSS. When Intra-BSS is enabled, wireless station A and B can access the wired network and communicate with each other. When Intra-BSS is disabled, wireless station A and B can still access the wired network but cannot communicate with each other. NBG334S User’s Guide...
An ESSID (ESS IDentification) uniquely identifies each ESS. All access points and their associated wireless stations within the same ESS must have the same ESSID in order to communicate. NBG334S User’s Guide...
(AP) or wireless gateway, but out-of-range of each other, so they cannot "hear" each other, that is they do not know if the channel is currently being used. Therefore, they are considered hidden from each other. NBG334S User’s Guide...
AP will fragment the packet into smaller data frames. A large Fragmentation Threshold is recommended for networks not prone to interference while you should set a smaller threshold for busy networks or networks that are prone to interference. NBG334S User’s Guide...
In June 2001, the IEEE 802.1x standard was designed to extend the features of IEEE 802.11 to support extended authentication as well as providing additional accounting and control features. It is supported by Windows XP and a number of network devices. Some advantages of IEEE 802.1x are: NBG334S User’s Guide...
The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user accounting: • Accounting-Request Sent by the access point requesting accounting. • Accounting-Response Sent by the RADIUS server to indicate that it has started or stopped accounting. NBG334S User’s Guide...
Client authentication is then done by sending username and password through the secure connection, thus client identity is protected. For client authentication, EAP-TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2. NBG334S User’s Guide...
Moderate Moderate Moderate Client Identity Protection WPA(2) Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. NBG334S User’s Guide...
Page 255
If the AP or the wireless clients do not support WPA2, just use WPA or WPA-PSK depending on whether you have an external RADIUS server or not. Select WEP only when the AP and/or wireless clients do not support WPA or WPA2. WEP is less secure than WPA or WPA2. NBG334S User’s Guide...
3 The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then sets up a key hierarchy and management system, using the pair-wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients. NBG334S User’s Guide...
Finger is a UNIX or Internet related command that can be used to find out if a user is logged on. File Transfer Program, a program to enable fast transfer of files, including large files that may not be possible by e-mail. NBG334S User’s Guide...
Page 260
(TCP/IP or other). POP3S This is a more secure version of POP3 that runs over SSL. PPTP 1723 Point-to-Point Tunneling Protocol enables secure transfer of data over public networks. This is the control channel. NBG334S User’s Guide...
Page 261
Access Controller Access Control System). TELNET Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments. It operates over TCP/ IP networks. Its primary function is to allow users to log into remote host systems. NBG334S User’s Guide...
Page 262
Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). VDOLIVE 7000 A videoconferencing solution. The UDP port number is specified in the application. user- defined NBG334S User’s Guide...
ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved.
Page 264
This Class B digital apparatus complies with Canadian ICES-003. Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada. Viewing Certifications 1 Go to http://www.zyxel.com. 2 Select your product on the ZyXEL home page to go to that product's page. NBG334S User’s Guide...
Registration Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com for North American products. NBG334S User’s Guide...
Page 266
Appendix G Legal Information NBG334S User’s Guide...
DHCP client list services DHCP server 103, 109 subnet-based DHCP table 41, 111 Bandwidth management monitor DHCP client information Basic wireless security DHCP status BitTorrent Dimensions disclaimer 55, 110 DNS server see also Domain name system NBG334S User’s Guide...
Page 274
Stateful inspection IP alias ZyXEL device firewall IP packet transmission Firmware upload Broadcast file extension Multicast using HTTP Unicast firmware version 37, 63 IP Pool Fragmentation Threshold 83, 250 31, 156 FTP. see also File Transfer Program Java NBG334S User’s Guide...
Page 275
93, 104 PPTP 52, 98 IGMP 93, 104 see also Point-to-Point Tunneling Protocol Preamble Mode priorities Private product registration 113, 115, 230 overview port forwarding see also Network Address Translation server sets NAT session QoS priorities NAT Traversal NBG334S User’s Guide...
Page 276
Service and port numbers Trigger port forwarding Service Set example Service Set IDentification process Service Set IDentity. See SSID. services and port numbers and protocols Session Initiated Protocol Simple Mail Transfer Protocol Universal Plug and Play NBG334S User’s Guide...
Page 277
Web Proxy ZyNOS 37, 63 WEP Encryption WEP encryption WEP key Wi-Fi Multimedia QoS Wildcard Windows Networking Wireless association list wireless channel wireless LAN Wireless LAN wizard Wireless network basic guidelines channel encryption example NBG334S User’s Guide...