Page 1 Wireless N VDSL2 Bonding Combo WAN Gateway with USB Default Login Details IMPORTANT! LAN IP https://192.168.1.1 READ CAREFULLY Address BEFORE USE. User Name admin Password 1234 KEEP THIS GUIDE FOR FUTURE REFERENCE. Version 1.10 Edition 2, 4/2012 www.zyxel.com www.zyxel.com Copyright © 2012 ZyXEL Communications Corporation...
Page 2 IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Note: This guide is a reference for a series of products. Therefore some graphics may differ from your product and some features or options in this guide may not be available in your product.
Page 3: Table Of Contents
Contents Overview Contents Overview User’s Guide ............................15 Introducing the P-873HNU(P)-51B ......................17 The Web Configurator ..........................25 Quick Start ...............................33 Tutorials ..............................35 Technical Reference ..........................57 Network Map and Status Screens ......................59 Broadband ...............................65 Wireless ..............................81 Home Networking ..........................109 Static Routing ............................129 Quality of Service (QoS) ........................133 Network Address Translation (NAT) ......................153 Dynamic DNS Setup ..........................169 IGMP ..............................173...
Page 4 Contents Overview P-873HNU(P)-51B User’s Guide...
Page 5: Table Of Contents
Table of Contents Table of Contents Contents Overview ..........................3 Table of Contents ..........................5 Part I: User’s Guide ..................15 Chapter 1 Introducing the P-873HNU(P)-51B.....................17 1.1 Overview ............................17 1.2 Ways to Manage the VDSL Router ....................17 1.3 Good Habits for Managing the VDSL Router ..................18 1.4 Applications for the VDSL Router ....................18 1.4.1 Internet Access ........................18 1.4.2 HomePNA ..........................19...
Page 6 Table of Contents 4.4 Setting Up a Secure Wireless Network .....................39 4.4.1 Configuring the Wireless Network Settings ................39 4.4.2 Using WPS ..........................41 4.4.3 Without WPS ...........................44 4.5 Setting Up Multiple Wireless Groups ....................45 4.6 Setting Up NAT Port Forwarding .......................48 4.7 Configuring Static Route for Routing to Another Network ..............50 4.8 Configuring QoS Queue and Class Setup ..................52 4.9 Access the VDSL Router Using DDNS .....................55...
Page 7 Table of Contents 7.1 Overview ............................81 7.1.1 What You Can Do in this Chapter ....................81 7.1.2 What You Need to Know ......................82 7.2 The General Screen .........................82 7.2.1 No Security ..........................84 7.2.2 Basic (WEP Encryption) ......................85 7.2.3 More Secure (WPA(2)-PSK) ....................87 7.2.4 WPA(2) Authentication ......................88 7.3 The More AP Screen .........................89 7.3.1 Edit More AP ..........................90...
Page 8 Table of Contents Chapter 9 Static Routing............................129 9.1 Overview ............................129 9.2 The Routing Screen ........................129 9.2.1 Add/Edit Static Route ......................130 Chapter 10 Quality of Service (QoS)........................133 10.1 Overview ............................133 10.1.1 What You Can Do in this Chapter ..................133 10.2 What You Need to Know .......................134 10.3 The Quality of Service General Screen ..................135 10.4 The Queue Setup Screen ......................137 10.4.1 Adding a QoS Queue ......................138...
Page 9 Table of Contents 12.1 Overview ............................169 12.1.1 What You Can Do in this Chapter ..................170 12.1.2 What You Need To Know .....................170 12.2 The DNS Entry Screen ........................170 12.2.1 Add/Edit DNS Entry ......................171 12.3 The Dynamic DNS Screen ......................171 Chapter 13 IGMP..............................173 13.1 Overview ............................173 13.1.1 What You Can Do in this Chapter ..................173...
Page 10 Table of Contents Chapter 17 Parental Control ..........................199 17.1 Overview ............................199 17.2 The Parental Control Screen ......................199 17.2.1 Add/Edit Parental Control Rule ....................200 Chapter 18 Scheduler Rules..........................203 18.1 Overview ............................203 18.2 The Scheduler Rules Screen ......................203 18.2.1 Add/Edit a Schedule ......................204 Chapter 19 Certificates ............................205 19.1 Overview ............................205...
Page 11 Table of Contents 22.3 The Security Log Screen .......................223 Chapter 23 Traffic Status ............................225 23.1 Overview ............................225 23.1.1 What You Can Do in this Chapter ..................225 23.2 The WAN Status Screen .......................225 23.3 The LAN Status Screen .........................226 23.4 The HPNA Status Screen ......................227 Chapter 24 IGMP Status ............................229 24.1 Overview ............................229...
Page 12 Table of Contents 29.1 Overview ............................247 29.2 The Logs Setting Screen .......................247 29.2.1 Example E-mail Log ......................249 Chapter 30 Firmware Upgrade ..........................251 30.1 Overview ............................251 30.2 The Firmware Screen ........................251 Chapter 31 Configuration ............................253 31.1 Overview ............................253 31.2 The Configuration Screen ......................253 31.3 The Reboot Screen ........................255 Chapter 32 Diagnostic ............................257...
Page 13 Table of Contents Appendix F Legal Information......................329 Index ..............................333 P-873HNU(P)-51B User’s Guide...
Page 14 Table of Contents P-873HNU(P)-51B User’s Guide...
Page 15: User's Guide
User’s Guide...
Page 17: Introducing The P-873Hnu(P)-51B
H A PT ER Introducing the P-873HNU(P)-51B 1.1 Overview The P-873HNU(P)-51B is a wireless VDSL router and Gigabit Ethernet gateway. It has two DSL ports and a Gigabit Ethernet port for super-fast Internet access over analog (POTS) telephone lines. If the DSLAM of the ISP supports bonding function, the two DSL ports on the P-873HNU(P)-51B can be connected to two separate telephone jacks to provide increased throughput at longer distances.
Page 18: Good Habits For Managing The Vdsl Router
Chapter 1 Introducing the P-873HNU(P)-51B 1.3 Good Habits for Managing the VDSL Router Do the following things regularly to make the VDSL Router more secure and to manage the VDSL Router more effectively. • Change the password. Use a password that’s not easy to guess and that consists of different types of characters, such as numbers and letters.
Page 19: Homepna
Chapter 1 Introducing the P-873HNU(P)-51B Figure 1 VDSL Router’s Internet Access Application WLAN Bridging IPoE PPPoE ADSL / VDSL WLAN IPoA / PPPoA ADSL WLAN Bridging IPoE PPPoE Ethernet You can also configure IP filtering on the VDSL Router for secure Internet access. When the IP filter is on, all incoming traffic from the Internet to your network is blocked by default unless it is initiated from your network.
Page 20: Leds (Lights)
Chapter 1 Introducing the P-873HNU(P)-51B laptop (B) connects wirelessly to the VDSL Router. The set-up box (C) connects into a coaxial outlet in another part of the house for access to online videos. Figure 2 HomePNA Application 1.5 LEDs (Lights) The following graphic displays the labels of the LEDs.
Page 21 Chapter 1 Introducing the P-873HNU(P)-51B Figure 3 LEDs on the Device None of the LEDs are on if the VDSL Router is not receiving power. Table 1 LED Descriptions COLOR STATUS DESCRIPTION POWER Green The VDSL Router is receiving power and ready for use. Blinking The VDSL Router is self-testing.
Page 22: The Reset Button
Chapter 1 Introducing the P-873HNU(P)-51B Table 1 LED Descriptions (continued) COLOR STATUS DESCRIPTION Green The VDSL Router recognizes a USB connection. Blinking The VDSL Router is sending/receiving data to /from the USB device connected to it. The VDSL Router does not detect a USB connection. DSL1,2 Green The ADSL line is up.
Page 23: Wireless Access
Chapter 1 Introducing the P-873HNU(P)-51B 1.7 Wireless Access The VDSL Router is a wireless Access Point (AP) for wireless clients, such as notebook computers or PDAs and iPads. It allows them to connect to the Internet without having to rely on inconvenient Ethernet cables.
Page 24 Chapter 1 Introducing the P-873HNU(P)-51B Press the WPS button on another WPS-enabled device within range of the VDSL Router. The WLAN/WPS LED flashes green and orange while the VDSL Router sets up a WPS connection with the other wireless device. Once the connection is successfully made, the WLAN/WPS LED shines green.
Page 25: The Web Configurator
H A PT ER The Web Configurator 2.1 Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later versions or Mozilla Firefox 3 and later versions or Safari 2.0 and later versions. The recommended screen resolution is 1024 by 768 pixels.
Page 26 Chapter 2 The Web Configurator Figure 5 Password Screen A welcome screen appears showing a summary of your last login, such as the time, number of failed login attempts, and when the password expires. It also shows if you are logged on from an IP address.
Page 27 Chapter 2 The Web Configurator Figure 7 Network Map Note: For security reasons, the VDSL Router automatically logs you out if you do not use the web configurator for ten minutes (default). If this happens, log in again. Click Status to display the Status screen, where you can view the VDSL Router’s interface and system information.
Page 28: Web Configurator Layout
Chapter 2 The Web Configurator 2.2 Web Configurator Layout Figure 8 Screen Layout As illustrated above, the main screen is divided into these parts: • A - title bar • B - main window • C - navigation panel 2.2.1 Title Bar The title bar provides some icons in the upper right corner.
Page 29: Main Window
Chapter 2 The Web Configurator The icons provide the following functions. Table 2 Web Configurator Icons in the Title Bar ICON DESCRIPTION Quick Start: Click this icon to open screens where you can configure the VDSL Router’s time zone Internet access, and wireless settings. Logout: Click this icon to log out of the web configurator.
Page 30 Chapter 2 The Web Configurator Table 3 Navigation Panel Summary (continued) LINK FUNCTION Home LAN Setup Use this screen to configure LAN TCP/IP settings, and other advanced Networking properties. Static DHCP Use this screen to assign specific IP addresses to individual MAC addresses.
Page 31 Chapter 2 The Web Configurator Table 3 Navigation Panel Summary (continued) LINK FUNCTION Parental Parental Control Use this screen to block web sites with the specific URL. Control Scheduler Rule Scheduler Rule Use this screen to configure the days and times when a configured restriction (such as parental control) is enforced.
Page 32 Chapter 2 The Web Configurator P-873HNU(P)-51B User’s Guide...
Page 33: Quick Start
H A PT ER Quick Start 3.1 Overview Use the Quick Start screens to configure the VDSL Router’s time zone and basic Internet access and wireless settings. Note: See the technical reference chapters (starting on page 57) for background information on the features in this chapter. 3.2 Quick Start Setup Click the Click Start icon in the top right corner of the web configurator to open the quick start screens.
Page 34 Chapter 3 Quick Start Figure 10 Internet Connection Turn the wireless LAN on or off. If you keep it on, record the security settings so you can configure your wireless clients to connect to the VDSL Router. Click Save. Figure 11 Internet Connection Your VDSL Router saves your settings and attempts to connect to the Internet.
Page 35: Tutorials
H A PT ER Tutorials 4.1 Overview This chapter shows you how to use the VDSL Router’s various features. • Setting Up an ADSL PPPoE Connection, see page 35 • HomePNA Example Setup, see page 38 • Setting Up a Secure Wireless Network, see page 39 •...
Page 36 Chapter 4 Tutorials In this example, the DSL connection has the following information. General Connection Name MyDSLConnection Type ADSL over ATM Connection Mode Routing Encapsulation PPPoE ATM PVC Configuration VPI/VCI 36/48 Encapsulation Mode LLC/SNAP-Bridging Service Category UBR without PCR Account Information PPP User Name 1234@DSL-Ex.com PPP Password...
Page 37 Chapter 4 Tutorials You should see a summary of your new DSL connection setup in the Broadband screen as follows. P-873HNU(P)-51B User’s Guide...
Page 38: Homepna Example Setup
Chapter 4 Tutorials Try to connect to a website, such as zyxel.com to see if you have correctly set up your Internet connection. Be sure to contact your service provider for any information you need to configure the WAN screens. 4.3 HomePNA Example Setup This tutorial shows you how you can use the VDSL Router’s HomePNA feature to connect a television in another part of the house to the Internet through the coaxial port.
Page 39: Setting Up A Secure Wireless Network
Chapter 4 Tutorials Log into the VDSL Router’s Web Configurator. Go to the Network Settings > HPNA screen. Select Enable in the State field to enable your HPNA port. Connect your VDSL Router to the Internet source. This could be either DSL or Ethernet. Connect the VDSL Router’s coaxial port a coaxial outlet in your house.
Page 40 Chapter 4 Tutorials Pre-Shared Key DoNotStealMyWirelessNetwork 802.11 Mode 802.11b/g/n Mixed Click Network Settings > Wireless to open the General screen. Select More Secure as the security level and WPA-PSK as the security mode. Configure the screen using the provided parameters (see page 39).
Page 41: Using Wps
Chapter 4 Tutorials 4.4.2 Using WPS This section shows you how to set up a wireless network using WPS. It uses the VDSL Router as the AP and ZyXEL NWD210N as the wireless client which connects to the notebook. Note: The wireless client must be a WPS-aware device (for example, a WPS USB adapter or PCMCIA card).
Page 42 Chapter 4 Tutorials Note: Your VDSL Router has a WPS button located on its front panel as well as a WPS button in its configuration utility. Both buttons have exactly the same function: you can use one or the other. Note: It doesn’t matter which button is pressed first.
Page 43 Chapter 4 Tutorials Enter the PIN number of the wireless client and click the Register button. Activate WPS function on the wireless client utility screen within two minutes. The VDSL Router authenticates the wireless client and sends the proper configuration settings to the wireless client.
Page 44: Without Wps
Chapter 4 Tutorials Example WPS Process: PIN Method Wireless Client ZyXEL Device WITHIN 2 MINUTES Authentication by PIN SECURITY INFO COMMUNICATION 4.4.3 Without WPS Use the wireless adapter’s utility installed on the notebook to search for the “Example” SSID. Then enter the “DoNotStealMyWirelessNetwork”...
Page 45: Setting Up Multiple Wireless Groups
Chapter 4 Tutorials 4.5 Setting Up Multiple Wireless Groups Company A wants to create different wireless network groups for different types of users as shown in the following figure. Each group has its own SSID and security mode. Company Guest •...
Page 46 Chapter 4 Tutorials Click Network Settings > Wireless > More AP to open the following screen. Click the Edit icon to configure the second wireless network group. Configure the screen using the provided parameters and click Apply. P-873HNU(P)-51B User’s Guide...
Page 47 Chapter 4 Tutorials In the More AP screen, click the Edit icon to configure the third wireless network group. Configure the screen using the provided parameters and click Apply. P-873HNU(P)-51B User’s Guide...
Page 48: Setting Up Nat Port Forwarding
Chapter 4 Tutorials Check the status of VIP and Guest in the More AP screen. The yellow bulbs signify that the SSIDs are active and ready for wireless access. 4.6 Setting Up NAT Port Forwarding Thomas manages the Doom server on a computer behind the VDSL Router. In order for players on the Internet (like A in the figure below) to communicate with the Doom server, Thomas needs to configure the port settings and IP address on the VDSL Router.
Page 49 Chapter 4 Tutorials Tutorial: NAT Port Forwarding Setup D=192.168.1.34 port 666 Thomas may set up the port settings by configuring the port settings for the Doom server computer (see Section 11.2 on page 154 for more information). Click Network Settings > NAT > Add new rule and configure the screen with the following values: Service Name Doom_Server...
Page 50: Configuring Static Route For Routing To Another Network
Chapter 4 Tutorials Players on the Internet then can have access to Thomas’ Doom server. 4.7 Configuring Static Route for Routing to Another Network In order to extend your Intranet and control traffic flowing directions, you may connect a router to the VDSL Router’s LAN.
Page 51 Chapter 4 Tutorials This tutorial uses the following example IP settings: Table 4 IP Settings in this Tutorial DEVICE / COMPUTER IP ADDRESS The VDSL Router’s WAN 172.16.1.1 The VDSL Router’s LAN 192.168.1.1 192.168.1.34 R’s N1 192.168.1.253 R’s N2 192.168.10.2 192.168.10.33 To configure a static route to route traffic from N1 to N2: Log into the VDSL Router’s Web Configurator in advanced mode.
Page 52: Configuring Qos Queue And Class Setup
Chapter 4 Tutorials Select Enable in the Use Gateway IP Address field. Type 192.168.1.253 (R’s N1 address) in the Gateway IP Address field. Click Apply. Now B should be able to receive traffic from A. You may need to additionally configure B’s firewall settings to allow specific traffic to pass through.
Page 53 Chapter 4 Tutorials QoS Example 10,000 kbps Your computer IP=192.168.1.23 and/or MAC=AA:FF:AA:FF:AA:FF A colleague’s computer E-mail traffic: Highest priority Other traffic: Automatic classifier Click Network Settings > QoS > General and select Active. Set your WAN Managed Upstream Bandwidth to 10,000 kbps (or leave this blank to have the VDSL Router automatically determine this figure).
Page 54 Chapter 4 Tutorials Tutorial: Advanced > QoS > Queue Setup Click Class Setup > Add new Classifier to create a new class. Check Active and follow the settings as shown in the screen below. Tutorial: Advanced > QoS > Class Setup P-873HNU(P)-51B User’s Guide...
Page 55: Access The Vdsl Router Using Ddns
Chapter 4 Tutorials Class Name Give a class name to this traffic, such as E-mail in this example. From Interface This is the interface from which the traffic will be coming from. Select LAN1 for this example. Ether Type Select IP to identify the traffic source by its IP address or MAC address. IP Address Type the IP address of your computer - 192.168.1.23.
Page 56: Registering A Ddns Account On Www.dyndns.org
Chapter 4 Tutorials 4.9.1 Registering a DDNS Account on www.dyndns.org Open a browser and type http://www.dyndns.org. Apply for a user account. This tutorial uses UserName1 and 12345 as the username and password. Log into www.dyndns.org using your account. Add a new DDNS host name. This tutorial uses the following settings as an example. •...
Page 57: Technical Reference
Technical Reference...
Page 59: Network Map And Status Screens
H A PT ER Network Map and Status Screens 5.1 Overview After you log into the Web Configurator, the Network Map screen appears. This shows the network connection status of the VDSL Router and clients connected to it. You can use the Status screen to look at the current status of the VDSL Router, system resources, and interfaces (LAN, WAN, and WLAN).
Page 60: The Status Screen
Chapter 5 Network Map and Status Screens Figure 13 Network Map: List Mode In Icon Mode, if you want to view information about a client, click the client’s name and Info. Click the IP address if you want to change it. If you want to change the name or icon of the client, click Change name/icon.
Page 61 Chapter 5 Network Map and Status Screens Figure 15 Status Screen Each field is described in the following table. Table 5 Status Screen LABEL DESCRIPTION Refresh Interval Select how often you want the VDSL Router to update this screen. Device Information Host Name This field displays the VDSL Router system name.
Page 62 Chapter 5 Network Map and Status Screens Table 5 Status Screen (continued) LABEL DESCRIPTION DHCP This field displays what DHCP services the VDSL Router is providing to the LAN. Choices are: Server - The VDSL Router is a DHCP server in the LAN. It assigns IP addresses to other computers in the LAN.
Page 63 Chapter 5 Network Map and Status Screens Table 5 Status Screen (continued) LABEL DESCRIPTION CPU Usage This field displays what percentage of the VDSL Router’s processing ability is currently used. When this percentage is close to 100%, the VDSL Router is running at full load, and the throughput is not going to improve anymore.
Page 64 Chapter 5 Network Map and Status Screens P-873HNU(P)-51B User’s Guide...
Page 65: Broadband
H A PT ER Broadband 6.1 Overview This chapter describes how to configure WAN settings from the Broadband screen. Use this screen to configure your VDSL Router for Internet access. If the DSLAM of your ISP supports DSL bonding, you can connect the two DSL ports on the VDSL Router to two separate telephone jacks and enable the bonding feature in the DSL screen.
Page 66: Before You Begin
Chapter 6 Broadband WAN IP Address The WAN IP address is an IP address for the VDSL Router, which makes it accessible from an outside network. It is used by the VDSL Router to communicate with other devices in other networks.
Page 67: The Broadband Screen
Chapter 6 Broadband 6.2 The Broadband Screen Use this screen to change your VDSL Router’s Internet access settings. Click Network Settings> Broadband from the menu. The summary table shows you the configured WAN services (connections) on the VDSL Router. Figure 17 Network Settings > Broadband The following table describes the labels in this screen.
Page 68: Add/Edit Broadband
Chapter 6 Broadband 6.2.1 Add/Edit Broadband Click Add new WAN interface in the Broadband screen or the Edit icon next to an existing WAN interface to configure a WAN connection. The screen differs according to the mode and encapsulation you choose. This screen displays when you select Routing mode and PPPoE encapsulation.
Page 69 Chapter 6 Broadband The following table describes the labels in this screen. Table 7 Broadband: Add/Edit: PPPoE Encapsulation LABEL DESCRIPTION General Active Select this to activate the WAN configuration settings. Name Specify a descriptive name for this connection. This field is view only if you are editing the WAN connection.
Page 70 Chapter 6 Broadband Table 7 Broadband: Add/Edit: PPPoE Encapsulation (continued) LABEL DESCRIPTION Encapsulation Select the method of multiplexing used by your ISP from the drop-down list box. Mode Choices are: • LLC/SNAP-BRIDGING: In LCC encapsulation, bridged PDUs are encapsulated by identifying the type of the bridged media in the SNAP header.
Page 71 Chapter 6 Broadband Table 7 Broadband: Add/Edit: PPPoE Encapsulation (continued) LABEL DESCRIPTION PPPoE This field is available when you select PPPoE encapsulation. Passthrough In addition to the VDSL Router’s built-in PPPoE client, you can enable PPPoE pass through to allow up to ten hosts on the LAN to use PPPoE client software on their computers to connect to the ISP via the VDSL Router.
Page 72 Chapter 6 Broadband Table 7 Broadband: Add/Edit: PPPoE Encapsulation (continued) LABEL DESCRIPTION Apply Click Apply to save your changes back to the VDSL Router. Cancel Click Cancel to exit this screen without saving. 6.2.1.1 Bridge This screen displays when you select the Bridge mode. Figure 19 Broadband: Add/Edit: Bridge Mode The following table describes the labels in this screen.
Page 73 Chapter 6 Broadband Table 8 Broadband: Add/Edit: Bridge Mode (continued) LABEL DESCRIPTION The valid range for the VCI is 32 to 65535 (0 to 31 is reserved for local management of ATM traffic). Enter the VCI assigned to you. DSL Link Type This field is not editable.
Page 74: The Dsl Screen
Chapter 6 Broadband 6.3 The DSL Screen If the DSLAM of your ISP supports DSL bonding, you can connect the two DSL ports on the VDSL Router to two separate telephone jacks and enable the bonding feature in the DSL screen. DSL signals have distance limitations.
Page 75 Chapter 6 Broadband Figure 20 Broadband > DSL The following table describes the labels in this screen. Table 10 Broadband > DSL LABEL DESCRIPTION DSL Bonding State Select Enable to use the DSL bonding and ADSL fallback features. Make sure your ISP supports these functions.
Page 76: Technical Reference
Chapter 6 Broadband 6.4 Technical Reference This section provides some technical background information about the topics covered in this chapter. 6.4.1 Encapsulation Be sure to use the encapsulation method required by your ISP. The VDSL Router supports the following methods. 6.4.1.1 PPP over Ethernet The VDSL Router supports PPPoE (Point-to-Point Protocol over Ethernet).
Page 77: Multiplexing
Chapter 6 Broadband 6.4.2 Multiplexing There are two conventions to identify what protocols the virtual circuit (VC) is carrying. Be sure to use the multiplexing method required by your ISP. VC-based Multiplexing In this case, by prior mutual agreement, each protocol is assigned to a specific virtual circuit; for example, VC1 carries IP, etc.
Page 78: Nat
Chapter 6 Broadband 6.4.5 NAT NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network.
Page 79: Introduction To Vlans
Chapter 6 Broadband Constant Bit Rate (CBR) Constant Bit Rate (CBR) provides fixed bandwidth that is always available even if no data is being sent. CBR traffic is generally time-sensitive (doesn't tolerate delay). CBR is used for connections that continuously require a specific amount of bandwidth. A PCR is specified and if traffic exceeds this rate, cells may be dropped.
Page 80 Chapter 6 Broadband VLANs can be created statically by hand or dynamically through GVRP. The VLAN ID associates a frame with a specific VLAN and provides the information that switches need to process the frame across the network. A tagged frame is four bytes longer than an untagged frame and contains two bytes of TPID (Tag Protocol Identifier), residing within the type/length field of the Ethernet frame) and two bytes of TCI (Tag Control Information), starts after the source address field of the Ethernet frame).
Page 81: Wireless
H A PT ER Wireless 7.1 Overview This chapter describes the VDSL Router’s Network Settings > Wireless screens. Use these screens to set up your VDSL Router’s wireless connection. 7.1.1 What You Can Do in this Chapter This section describes the VDSL Router’s Wireless screens. Use these screens to set up your VDSL Router’s wireless connection.
Page 82: What You Need To Know
Chapter 7 Wireless 7.1.2 What You Need to Know Wireless Basics “Wireless” is essentially radio communication. In the same way that walkie-talkie radios send and receive information over the airwaves, wireless networking devices exchange information with one another. A wireless networking device is just like a radio that lets your computer exchange information with radios attached to other computers.
Page 83 Chapter 7 Wireless Figure 22 Network Settings > Wireless > General The following table describes the general wireless LAN labels in this screen. Table 11 Network Settings > Wireless > General LABEL DESCRIPTION Wireless Network Setup Wireless You can Enable or Disable the wireless LAN in this field. Channel Set the channel depending on your particular region.
Page 84: No Security
Chapter 7 Wireless Table 11 Network Settings > Wireless > General (continued) LABEL DESCRIPTION Wireless The SSID (Service Set IDentity) identifies the service set with which a wireless Network Name device is associated. Wireless devices associating to the access point (AP) must (SSID) have the same SSID.
Page 85: Basic (Wep Encryption)
Chapter 7 Wireless The following table describes the labels in this screen. Table 12 Wireless > General: No Security LABEL DESCRIPTION Security Level Choose No Security from the drop-down list box. 7.2.2 Basic (WEP Encryption) WEP encryption scrambles the data transmitted between the wireless stations and the access points (AP) to keep network communications private.
Page 86 Chapter 7 Wireless The following table describes the labels in this screen. Table 13 Wireless > General: Basic (WEP) LABEL DESCRIPTION Security Level Select Basic to enable WEP data encryption. Generate Select this option to have the VDSL Router automatically generate a password. The password password field will not be configurable when you select this option.
Page 87: More Secure (Wpa(2)-Psk)
Chapter 7 Wireless 7.2.3 More Secure (WPA(2)-PSK) The WPA-PSK security mode provides both improved data encryption and user authentication over WEP. Using a Pre-Shared Key (PSK), both the VDSL Router and the connecting client share a common password in order to validate the connection. This type of encryption, while robust, is not as strong as WPA, WPA2 or even WPA2-PSK.
Page 88: Wpa(2) Authentication
Chapter 7 Wireless Table 14 Wireless > General: More Secure: WPA(2)-PSK (continued) LABEL DESCRIPTION Encryption Select the encryption type (AES or TKIP+AES) for data encryption. Select AES if your wireless clients can all use AES. Select TKIP+AES to allow the wireless clients to use either TKIP or AES. Group Key The Group Key Update Timer is the rate at which the RADIUS server sends a Update Timer...
Page 89: The More Ap Screen
Chapter 7 Wireless The following table describes the labels in this screen. Table 15 Wireless > General: More Secure: WPA(2) LABEL DESCRIPTION Security Level Select More Secure to enable WPA(2)-PSK data encryption. Security Mode Choose WPA or WPA2 from the drop-down list box. Authentication Server IP Address Enter the IP address of the external authentication server in dotted decimal...
Page 90: Edit More Ap
Chapter 7 Wireless The following table describes the labels in this screen. Table 16 Network Settings > Wireless > More AP LABEL DESCRIPTION This is the index number of the entry. Status This field indicates whether this SSID is active. A yellow bulb signifies that this SSID is active.
Page 91: Mac Authentication
Chapter 7 Wireless Table 17 More AP: Edit (continued) LABEL DESCRIPTION Wireless Network The SSID (Service Set IDentity) identifies the service set with which a Name (SSID) wireless device is associated. Wireless devices associating to the access point (AP) must have the same SSID. Enter a descriptive name (up to 32 English keyboard characters) for the wireless LAN.
Page 92: The Wps Screen
Chapter 7 Wireless The following table describes the labels in this screen. Table 18 Wireless > MAC Authentication LABEL DESCRIPTION SSID Select the SSID for which you want to configure MAC filter settings. MAC List Define the filter action for the list of MAC addresses in the MAC Address table. Select Disable to turn off MAC filtering.
Page 93 Chapter 7 Wireless Figure 30 Network Settings > Wireless > WPS The following table describes the labels in this screen. Table 19 Network Settings > Wireless > WPS LABEL DESCRIPTION Enable WPS Select Enable to activate WPS on the VDSL Router. Method 1 Use this section to set up a WPS wireless network using Push Button Configuration (PBC).
Page 94: The Others Screen
Chapter 7 Wireless Table 19 Network Settings > Wireless > WPS (continued) LABEL DESCRIPTION Generate New The PIN (Personal Identification Number) of the VDSL Router is shown here. PIN Number Enter this PIN in the configuration utility of the device you want to connect to using WPS.
Page 95: Technical Reference
Chapter 7 Wireless Table 20 Network Settings > Wireless > Others (continued) LABEL DESCRIPTION 802.11 Mode Select 802.11b Only to allow only IEEE 802.11b compliant WLAN devices to associate with the VDSL Router. Select 802.11g Only to allow only IEEE 802.11g compliant WLAN devices to associate with the VDSL Router.
Page 96 Chapter 7 Wireless • An “ad-hoc” type of network is one in which there is no access point. Wireless clients connect to one another in order to exchange information. The following figure provides an example of a wireless network. Figure 32 Example of a Wireless Network The wireless network is the part in the blue circle.
Page 97: Additional Wireless Terms
Chapter 7 Wireless Since the available unlicensed spectrum varies from one country to another, the number of available channels also varies. 7.7.2 Additional Wireless Terms The following table describes some wireless network terms and acronyms used in the VDSL Router’s Web Configurator.
Page 98 Chapter 7 Wireless Because of the damage that can be done by a malicious attacker, it’s not just people who have sensitive information on their network who should use security. Everybody who uses any wireless network should ensure that effective security is in place. A good way to come up with effective security keys, passwords and so on is to use obscure information that you personally will easily remember, and to enter it in a way that appears random and does not include real words.
Page 99: Signal Problems
Chapter 7 Wireless wireless users to get a valid user name and password. Then, they can use that user name and password to use the wireless network. 7.7.3.4 Encryption Wireless networks can use encryption to protect the information that is sent in the wireless network.
Page 100: Bss
Chapter 7 Wireless coincidental emitters such as electric motors or microwaves. Problems with absorption occur when physical objects (such as thick walls) are between the two radios, muffling the signal. 7.7.5 BSS A Basic Service Set (BSS) exists when all communications between wireless stations or between a wireless station and a wired network client go through one access point (AP).
Page 101: Preamble Type
Chapter 7 Wireless • You must use different keys for different BSSs. If two wireless devices have different BSSIDs (they are in different BSSs), but have the same keys, they may hear each other’s communications (but not communicate with each other). •...
Page 102 Chapter 7 Wireless Look for a WPS button on each device. If the device does not have one, log into its configuration utility and locate the button (see the device’s User’s Guide for how to do this - for the VDSL Router, Section 7.6 on page 94).
Page 103 Chapter 7 Wireless The following figure shows a WPS-enabled wireless client (installed in a notebook computer) connecting to the WPS-enabled AP via the PIN method. Figure 34 Example WPS Process: PIN Method ENROLLEE REGISTRAR This device’s WPS PIN: 123456 Enter WPS PIN from other device: START START...
Page 104 Chapter 7 Wireless Figure 35 How WPS works ACTIVATE ACTIVATE WITHIN 2 MINUTES WPS HANDSHAKE ENROLLEE REGISTRAR SECURE TUNNEL SECURITY INFO COMMUNICATION The roles of registrar and enrollee last only as long as the WPS setup process is active (two minutes).
Page 105 Chapter 7 Wireless Figure 36 WPS: Example Network Step 1 ENROLLEE REGISTRAR SECURITY INFO CLIENT 1 In step 2, you add another wireless client to the network. You know that Client 1 supports registrar mode, but it is better to use AP1 for the WPS handshake with the new client since you must connect to the access point anyway in order to use the network.
Page 106 Chapter 7 Wireless Figure 38 WPS: Example Network Step 3 EXISTING CONNECTION CLIENT 1 REGISTRAR CLIENT 2 ENROLLEE 7.7.8.5 Limitations of WPS WPS has some limitations of which you should be aware. • WPS works in Infrastructure networks only (where an AP and a wireless client communicate). It does not work in Ad-Hoc networks (where there is no AP).
Page 107 Chapter 7 Wireless access point is the WPS registrar, the enrollee, or was not involved in the WPS handshake; a rogue device must still associate with the access point to gain access to the network. Check the MAC addresses of your wireless clients (usually printed on a label on the bottom of the device). If there is an unknown MAC address you can remove it or reset the AP.
Page 108 Chapter 7 Wireless P-873HNU(P)-51B User’s Guide...
Page 109: Home Networking
H A PT ER Home Networking 8.1 Overview A Local Area Network (LAN) is a shared communication system to which many networking devices are connected. It is usually located in one immediate area such as a building or floor of a building. Use the LAN screens to help you configure a LAN DHCP server and manage IP addresses.
Page 110: What You Need To Know
Chapter 8 Home Networking 8.1.2 What You Need To Know 8.1.2.1 About LAN IP Address IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network.
Page 111: Before You Begin
Chapter 8 Home Networking Cautions with UPnP The automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues. Network information and configuration may also be obtained and modified by users in some network environments. When a UPnP device joins a network, it announces its presence with a multicast message.
Page 112 Chapter 8 Home Networking Figure 39 Network Settings > Home Networking > LAN Setup The following table describes the fields in this screen. Table 23 Network Settings > Home Networking > LAN Setup LABEL DESCRIPTION Group Name Select the interface group name for which you want to configure LAN settings. Chapter 14 on page 183 for how to create a new interface group.
Page 113: The Static Dhcp Screen
Chapter 8 Home Networking Table 23 Network Settings > Home Networking > LAN Setup (continued) LABEL DESCRIPTION DHCP Relay Server This field is only available when you select DHCP Relay in the DHCP field. Address IP Address Enter the IP address of the actual remote DHCP server in this field. IP Addressing This field is only available when you select Enable in the DHCP field.
Page 114 Chapter 8 Home Networking The following table describes the labels in this screen. Table 24 Network Settings > Home Networking > Static DHCP LABEL DESCRIPTION Add new static Click this to add a new static DHCP entry. lease This is the index number of the entry. Status This field displays whether the client is connected to the VDSL Router.
Page 115: The Upnp Screen
Chapter 8 Home Networking Table 25 Static DHCP: Add/Edit (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 8.4 The UPnP Screen Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices.
Page 116 Chapter 8 Home Networking Click on the Windows Setup tab and select Communication in the Components selection box. Click Details. Add/Remove Programs: Windows Setup: Communication In the Communications window, select the Universal Plug and Play check box in the Components selection box. Add/Remove Programs: Windows Setup: Communication: Components P-873HNU(P)-51B User’s Guide...
Page 117 Chapter 8 Home Networking Click OK to go back to the Add/Remove Programs Properties window and click Next. Restart the computer when prompted. Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. Click Start and Control Panel. Double-click Network Connections.
Page 118: Using Upnp In Windows Xp Example
Chapter 8 Home Networking Networking Services Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. 8.6 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the VDSL Router.
Page 119 Chapter 8 Home Networking Network Connections In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created. Internet Connection Properties You may edit or delete the port mappings or click Add to manually add port mappings. P-873HNU(P)-51B User’s Guide...
Page 120 Chapter 8 Home Networking Internet Connection Properties: Advanced Settings Internet Connection Properties: Advanced Settings: Add When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. Select Show icon in notification area when connected option and click OK. An icon displays in the system tray.
Page 121 Chapter 8 Home Networking Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the VDSL Router without finding out the IP address of the VDSL Router first. This comes helpful if you do not know the IP address of the VDSL Router.
Page 122 Chapter 8 Home Networking Network Connections An icon with the description for each UPnP-enabled device displays under Local Network. Right-click on the icon for your VDSL Router and select Invoke. The web configurator login screen displays. Network Connections: My Network Places Right-click on the icon for your VDSL Router and select Properties.
Page 123: The Stb Vendor Id Screen
Chapter 8 Home Networking Network Connections: My Network Places: Properties: Example Screen STB Vendor ID Click Network Settings > Home Networking > STB Vendor ID to open this screen. Set Top Box (STB) devices with dynamic IP addresses sometimes don’t renew their IP addresses before the lease time expires.
Page 124: The Hpna Screen
Chapter 8 Home Networking The following table describes the fields in this screen. Table 27 Network Settings > Home Networking > STB Vendor ID LABEL DESCRIPTION Vendor ID 1 ~ 5 Enter the STB’s vendor ID. Apply Click Apply to save your changes back to the VDSL Router. Cancel Click Cancel to exit this screen without saving.
Page 125: The Lan Vlan Screen
Chapter 8 Home Networking The following table describes the fields in this screen. Table 29 Network Settings > Home Networking > 5th Ethernet Port LABEL DESCRIPTION State Select Enable to use the Ethernet WAN port as a LAN port on the VDSL Router. Apply Click Apply to save your changes back to the VDSL Router.
Page 126: Technical Reference
Chapter 8 Home Networking Table 30 Network Settings > Home Networking > LAN VLAN (continued) LABEL DESCRIPTION VLAN ID If you will add or remark tags for this LAN port’s downstream traffic, specify the VLAN ID (from 0 to 4094) to use here. Apply Click Apply to save your changes back to the VDSL Router.
Page 127: Dns Server Addresses
Chapter 8 Home Networking 8.11.3 DNS Server Addresses DNS (Domain Name System) maps a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it.
Page 128 Chapter 8 Home Networking The subnet mask specifies the network number portion of an IP address. Your VDSL Router will compute the subnet mask automatically based on the IP address that you entered. You don't need to change the subnet mask computed by the VDSL Router unless you are instructed to do otherwise.
Page 129: Static Routing
H A PT ER Static Routing 9.1 Overview The VDSL Router usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the VDSL Router send data to devices not reachable through the default gateway, use static routes.
Page 130: Add/Edit Static Route
Chapter 9 Static Routing Figure 49 Network Settings > Routing > Static Route The following table describes the labels in this screen. Table 31 Network Settings > Routing > Static Route LABEL DESCRIPTION Add new Static Click this to configure a new static route. Route Entry This is the index number of the entry.
Page 131 Chapter 9 Static Routing The following table describes the labels in this screen. Table 32 Routing: Add/Edit LABEL DESCRIPTION Active This field allows you to activate/deactivate this static route. Select this to enable the static route. Clear this to disable this static route without having to delete the entry.
Page 132 Chapter 9 Static Routing P-873HNU(P)-51B User’s Guide...
Page 133: Quality Of Service (Qos)
HAPTER Quality of Service (QoS) 10.1 Overview Quality of Service (QoS) refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. Without QoS, all traffic data is equally likely to be dropped when the network is congested.
Page 134: What You Need To Know
Chapter 10 Quality of Service (QoS) 10.2 What You Need to Know The following terms and concepts may help as you read through this chapter. QoS versus Cos QoS is used to prioritize source-to-destination traffic flows. All packets in the same flow are given the same priority.
Page 135: The Quality Of Service General Screen
Chapter 10 Quality of Service (QoS) Traffic Policing Traffic policing is the limiting of the input or output transmission rate of a class of traffic on the basis of user-defined criteria. Traffic policing methods measure traffic flows against user-defined criteria and identify it as either conforming, exceeding or violating the criteria. Traffic Rate Traffic Rate Time...
Page 136 Chapter 10 Quality of Service (QoS) The following table describes the labels in this screen. Table 33 Network Settings > QoS > General LABEL DESCRIPTION State Select the Enable check box to turn on QoS to improve your network performance. WAN Managed Upstream Enter the amount of upstream bandwidth for the WAN interfaces that you want to...
Page 137: The Queue Setup Screen
Chapter 10 Quality of Service (QoS) 10.4 The Queue Setup Screen Click Network Settings > QoS > Queue Setup to open the screen as shown next. Use this screen to configure QoS queue assignment. Figure 52 Network Settings > QoS > Queue Setup The following table describes the labels in this screen.
Page 138: Adding A Qos Queue
Chapter 10 Quality of Service (QoS) Table 34 Network Settings > QoS > Queue Setup (continued) LABEL DESCRIPTION Rate Limit This shows the maximum transmission rate allowed for traffic on this queue. Modify Click the Edit icon to edit the queue. Click the Delete icon to delete an existing queue.
Page 139: The Class Setup Screen
Chapter 10 Quality of Service (QoS) Table 35 Queue Setup: Add (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 10.5 The Class Setup Screen Use this screen to add, edit or delete QoS classifiers. A classifier groups traffic into data flows according to specific criteria such as the source address, destination address, source port number, destination port number or incoming interface.
Page 140: Add/Edit Qos Class
Chapter 10 Quality of Service (QoS) Table 36 Network Settings > QoS > Class Setup (continued) LABEL DESCRIPTION To Queue This is the name of the queue in which traffic of this classifier is put. Modify Click the Edit icon to edit the classifier. Click the Delete icon to delete an existing classifier.
Page 141 Chapter 10 Quality of Service (QoS) Figure 55 Class Setup: Add/Edit The following table describes the labels in this screen. Table 37 Class Setup: Add/Edit LABEL DESCRIPTION Active Select this to enable this classifier. Class Name Enter a descriptive name of up to 15 printable English keyboard characters, not including spaces.
Page 142 Chapter 10 Quality of Service (QoS) Table 37 Class Setup: Add/Edit (continued) LABEL DESCRIPTION Classification Order Select an existing number for where you want to put this classifier to move the classifier to the number you selected after clicking Apply. Select Last to put this rule in the back of the classifier list.
Page 143 Chapter 10 Quality of Service (QoS) Table 37 Class Setup: Add/Edit (continued) LABEL DESCRIPTION Service This field is available only when you select IP in the Ether Type field. This field simplifies classifier configuration by allowing you to select a predefined application.
Page 144: The Qos Policer Setup Screen
Chapter 10 Quality of Service (QoS) Table 37 Class Setup: Add/Edit (continued) LABEL DESCRIPTION VLAN ID If you select Remark, enter a VLAN ID number with which the VDSL Router replaces the VLAN ID of the frames. If you select Remove, the VDSL Router deletes the VLAN ID of the frames before forwarding them out.
Page 145: Add/Edit A Qos Policer
Chapter 10 Quality of Service (QoS) Table 38 Network Settings > QoS > Policer Setup (continued) LABEL DESCRIPTION Action This shows the how the policer has the VDSL Router treat different types of traffic belonging to the policer’s member QoS classes. Modify Click the Edit icon to edit the policer.
Page 146: The Qos Monitor Screen
Chapter 10 Quality of Service (QoS) Table 39 Policer Setup: Add/Edit (continued) LABEL DESCRIPTION Committed Specify the committed burst size for packet bursts. This must be equal to or less Burst Size than the peak burst size (two rate three color) or excess burst size (single rate three color) if it is also configured.
Page 147: Technical Reference
Chapter 10 Quality of Service (QoS) The following table describes the labels in this screen. Table 40 Network Settings > QoS > Monitor LABEL DESCRIPTION Refresh Interval Enter how often you want the VDSL Router to update this screen. Select None to stop refreshing statistics.
Page 148 Chapter 10 Quality of Service (QoS) Table 41 IEEE 802.1p Priority Level and Traffic Type (continued) PRIORITY TRAFFIC TYPE LEVEL Level 1 This is typically used for non-critical “background” traffic such as bulk transfers that are allowed but that should not affect other applications and users. Level 0 Typically used for best-effort traffic.
Page 149 Chapter 10 Quality of Service (QoS) The following table shows you the internal layer-2 and layer-3 QoS mapping on the VDSL Router. On the VDSL Router, traffic assigned to higher priority queues gets through faster while traffic in lower index queues is dropped if the network is congested. Table 42 Internal Layer2 and Layer3 QoS Mapping LAYER 2 LAYER 3...
Page 150 Chapter 10 Quality of Service (QoS) • If there are no tokens in the bucket, the VDSL Router stops transmitting until enough tokens are generated. • If not enough tokens are available, the VDSL Router treats the packet in either one of the following ways: In traffic shaping: •...
Page 151 Chapter 10 Quality of Service (QoS) on the guaranteed and maximum bandwidth respectively as negotiated between a service provider and client. The trTCM evaluates incoming packets and marks them with one of three colors which refer to packet loss priority levels. High packet loss priority level is referred to as red, medium is referred to as yellow and low is referred to as green.
Page 152 Chapter 10 Quality of Service (QoS) P-873HNU(P)-51B User’s Guide...
Page 153: Network Address Translation (Nat)
HAPTER Network Address Translation (NAT) 11.1 Overview This chapter discusses how to configure NAT on the VDSL Router. NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network.
Page 154: The Port Forwarding Screen
Chapter 11 Network Address Translation (NAT) WAN side. When the response comes back, NAT translates the destination address (the inside global address) back to the inside local address before forwarding it to the original inside host. Port Forwarding A port forwarding set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visible to the outside world even though NAT makes your whole inside network appear as a single computer to the outside world.
Page 155 Chapter 11 Network Address Translation (NAT) Figure 59 Multiple Servers Behind NAT Example A=192.168.1.33 B=192.168.1.34 192.168.1.1 IP Address assigned by ISP C=192.168.1.3 D=192.168.1.36 Click Network Settings > NAT > Port Forwarding to open the following screen. Appendix E on page 325 for port numbers commonly used for particular services.
Page 156: Add/Edit Port Forwarding
Chapter 11 Network Address Translation (NAT) 11.2.1 Add/Edit Port Forwarding Click Add new rule in the Port Forwarding screen or click the Edit icon next to an existing rule to open the following screen. Figure 61 Port Forwarding: Add/Edit The following table describes the labels in this screen. Table 44 Port Forwarding: Add/Edit LABEL DESCRIPTION...
Page 157: The Applications Screen
Chapter 11 Network Address Translation (NAT) Table 44 Port Forwarding: Add/Edit (continued) LABEL DESCRIPTION Server IP Enter the inside IP address of the virtual server here. Address Protocol Select the protocol supported by this virtual server. Choices are TCP, UDP, or TCP/UDP.
Page 158: The Port Triggering Screen
Chapter 11 Network Address Translation (NAT) Figure 63 Applications: Add The following table describes the labels in this screen. Table 46 Applications: Add LABEL DESCRIPTION WAN Interface Select the WAN interface that you want to apply this NAT rule to. Server IP Enter the inside IP address of the application here.
Page 159 Chapter 11 Network Address Translation (NAT) Figure 64 Trigger Port Forwarding Process: Example Jane requests a file from the Real Audio server (port 7070). Port 7070 is a “trigger” port and causes the VDSL Router to record Jane’s computer IP address. The VDSL Router associates Jane's computer IP address with the "open"...
Page 160: Add/Edit Port Triggering Rule
Chapter 11 Network Address Translation (NAT) Table 47 Network Settings > NAT > Port Triggering (continued) LABEL DESCRIPTION Open The open port is a port (or a range of ports) that a server on the WAN uses when it sends out a particular service. The VDSL Router forwards the traffic with this port (or range of ports) to the client computer on the LAN that requested the service.
Page 161: The Dmz Screen
Chapter 11 Network Address Translation (NAT) Table 48 Port Triggering: Configuration Add/Edit (continued) LABEL DESCRIPTION Trigger Start Port The trigger port is a port (or a range of ports) that causes (or triggers) the VDSL Router to record the IP address of the LAN computer that sent the traffic to a server on the WAN.
Page 162: The Alg Screen
Chapter 11 Network Address Translation (NAT) 11.6 The ALG Screen Some NAT routers may include a SIP Application Layer Gateway (ALG). A SIP ALG allows SIP calls to pass through NAT by examining and translating IP addresses embedded in the data stream. When the VDSL Router registers with the SIP register server, the SIP ALG translates the VDSL Router’s private IP address inside the SIP data stream to a public IP address.
Page 163: Technical Reference
Chapter 11 Network Address Translation (NAT) Figure 69 Network Settings > NAT > Sessions The following table describes the fields in this screen. Table 51 Network Settings > NAT > Sessions LABEL DESCRIPTION MAX NAT Session Use this field to set a common limit to the number of concurrent NAT sessions all per Host client computers can have.
Page 164: What Nat Does
Chapter 11 Network Address Translation (NAT) Note that inside/outside refers to the location of a host, while global/local refers to the IP address of a host used in a packet. Thus, an inside local address (ILA) is the IP address of an inside host in a packet when the packet is still in the local network, while an inside global address (IGA) is the IP address of the same inside host when the packet is on the WAN side.
Page 165: How Nat Works
Chapter 11 Network Address Translation (NAT) 11.8.3 How NAT Works Each packet has two addresses – a source address and a destination address. For outgoing packets, the ILA (Inside Local Address) is the source address on the LAN, and the IGA (Inside Global Address) is the source address on the WAN.
Page 166 Chapter 11 Network Address Translation (NAT) Figure 71 NAT Application With IP Alias Port Forwarding: Services and Port Numbers The most often used port numbers are shown in the following table. Please refer to RFC 1700 for further information about port numbers. Please also refer to the Supporting CD for more examples and details on port forwarding and NAT.
Page 167 Chapter 11 Network Address Translation (NAT) third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 72 Multiple Servers Behind NAT Example A=192.168.1.33 192.168.1.1 B=192.168.1.34...
Page 168 Chapter 11 Network Address Translation (NAT) P-873HNU(P)-51B User’s Guide...
Page 169: Dynamic Dns Setup
HAPTER Dynamic DNS Setup 12.1 Overview DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a machine before you can access it. In addition to the system DNS server(s), each WAN interface (service) is set to have its own static or dynamic DNS server list.
Page 170: What You Can Do In This Chapter
Chapter 12 Dynamic DNS Setup Dynamic DNS Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect.
Page 171: Add/Edit Dns Entry
Chapter 12 Dynamic DNS Setup The following table describes the fields in this screen. Table 54 Advanced > DNS Setting > DNS Setting LABEL DESCRIPTION Add new DNS Click this to create a new DNS entry. entry This is the index number of the entry. Hostname This indicates the host name or domain name.
Page 172 Chapter 12 Dynamic DNS Setup Figure 76 Advanced > DNS Setting > Dynamic DNS The following table describes the fields in this screen. Table 56 Advanced > DNS Setting > Dynamic DNS LABEL DESCRIPTION Dynamic DNS Select this check box to use dynamic DNS. Service Provider Select your Dynamic DNS service provider from the drop-down list box.
Page 173: Igmp
HAPTER IGMP 13.1 Overview Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast delivers IP packets to just a group of hosts on the network. IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a multicast group - it is not used to carry user data.
Page 174 Chapter 13 IGMP IGMP Proxy To allow better network performance, you can use IGMP proxy instead of a multicast routing protocol in a simple tree network topology. Note: Your VDSL Router is an IGMP proxy. In IGMP proxy, an upstream interface is the port that is closer to the source (or the root of the multicast tree) and is able to receive multicast traffic.
Page 175: The Igmp General Screen
Chapter 13 IGMP 13.2 The IGMP General Screen Use the General screen to configure general IGMP proxy and IGMP packet processing settings. Click Network Settings > IGMP Setting > General to open the following screen. Figure 78 Network Settings > IGMP Setting > General The following table describes the fields in this screen.
Page 176: Igmp Filter Configuration
Chapter 13 IGMP Table 57 Network Settings > IGMP Setting > General (continued) LABEL DESCRIPTION Ignore IGMP query Select this to discard IGMP query packets with a destination IP address other which destination than 224.0.0.1, the all-hosts multicast address. IP is not 224.0.0.1 Apply Click this button to save your settings back to the VDSL Router.
Page 177: Igmp Host Limitation Edit
Chapter 13 IGMP The following table describes the fields in this screen. Table 58 Network Settings > IGMP Setting > IGMP Filter LABEL DESCRIPTION Allow IGMP packets Select this to accept IGMP packets received on any of the LAN Ethernet ports. from Ethernet Clear this to discard IGMP packets received on any of the LAN Ethernet ports.
Page 178: Igmp Service Add
Chapter 13 IGMP Figure 80 Network Settings > IGMP Setting > IGMP Filter > LAN Host Edit The following table describes the fields in this screen. Table 59 Network Settings > IGMP Setting > IGMP Filter > LAN Host Edit LABEL DESCRIPTION LAN Host...
Page 179: Igmp Host Limitation Add
Chapter 13 IGMP The following table describes the fields in this screen. Table 60 Network Settings > IGMP Setting > IGMP Filter > Add a new service LABEL DESCRIPTION Service Name Specify a name to identify the IGMP service domain. You can enter up to 30 characters.
Page 180: Igmp Acl Configuration
Chapter 13 IGMP Table 61 Network Settings > IGMP Setting > IGMP Filter > Add a new host limitation (continued) LABEL DESCRIPTION Max Allowed This shows to how many of the IGMP multicast service domain’s channels the Channels LAN device using the specified IP address can subscribe. IGMP Enabled Select whether or not the LAN device is allowed to access IGMP services through the VDSL Router.
Page 181: Igmp Acl Add
Chapter 13 IGMP Table 62 Network Settings > IGMP Setting > IGMP ACL (continued) LABEL DESCRIPTION Multicast Address This is the subnet mask of the multicast IP address. Mask Black List These rules are for blocking access to specific multicast IP addresses. Multicast Address This is the multicast IP address of a multicast media channel to which you want to block access.
Page 182 Chapter 13 IGMP P-873HNU(P)-51B User’s Guide...
Page 183: Interface Group
HAPTER Interface Group 14.1 Overview By default, all LAN and WAN interfaces on the VDSL Router are in the same group and can communicate with each other. Create interface groups to have the VDSL Router assign the IP addresses in different domains to different groups. Each group acts as an independent network on the VDSL Router.
Page 184: Interface Group Configuration
Chapter 14 Interface Group Figure 86 Network Settings > Interface Group The following table describes the fields in this screen. Table 64 Network Settings > Interface Group LABEL DESCRIPTION Add New Interface Click this button to create a new interface group. Group Group Name This shows the descriptive name of the group.
Page 185 Chapter 14 Interface Group Figure 87 Interface Group Configuration The following table describes the fields in this screen. Table 65 Interface Group Configuration LABEL DESCRIPTION Group Name Enter a name to identify this group. You can enter up to 30 characters. You can use letters, numbers, hyphens (-) and underscores (_).
Page 186: Interface Grouping Criteria
Chapter 14 Interface Group Table 65 Interface Group Configuration (continued) LABEL DESCRIPTION WildCard Support This shows if wildcard on DHCP option 60 is enabled. Remove Click the Remove icon to delete this rule from the VDSL Router. Apply Click Apply to save your changes back to the VDSL Router. Cancel Click Cancel to exit this screen without saving.
Page 187 Chapter 14 Interface Group Table 66 Interface Grouping Criteria (continued) LABEL DESCRIPTION DUID type Select DUID-LLT (DUID Based on Link-layer Address Plus Time) to enter the hardware type, a time value and the MAC address of the device. Select DUID-EN (DUID Assigned by Vendor Based upon Enterprise Number) to enter the vendor’s registered enterprise number.
Page 188 Chapter 14 Interface Group P-873HNU(P)-51B User’s Guide...
Page 189: Firewall
HAPTER Firewall 15.1 Overview This chapter shows you how to enable and configure the VDSL Router firewall. Use the firewall to protect your VDSL Router and network from attacks by hackers on the Internet and control access to it. By default the firewall: •...
Page 190 Chapter 15 Firewall follows the SYN-ACK, it queues up all outstanding SYN-ACK responses on a backlog queue. SYN- ACKs are moved off the queue only when an ACK comes back or when an internal timer terminates the three-way handshake. Once the queue is full, the system will ignore all incoming SYN requests, making the system unavailable for legitimate users.
Page 191: The Firewall Screen
Chapter 15 Firewall 15.2 The Firewall Screen Use this screen to set the security level of the firewall on the VDSL Router. Firewall rules are grouped based on the direction of travel of packets to which they apply. Click Security Settings > Firewall to display the following screen. Figure 90 Security Settings >...
Page 192: Add A Protocol
Chapter 15 Firewall Figure 91 Security Settings > Firewall > Protocol The following table describes the labels in this screen. Table 68 Security Settings > Firewall > Protocol LABEL DESCRIPTION Add New Click this to add a new protocol. Protocol Entry Name This is the name of your customized service.
Page 193: The Access Control Screen
Chapter 15 Firewall The following table describes the labels in this screen. Table 69 Security Settings > Firewall > Protocol > Add LABEL DESCRIPTION Add Protocol Protocol Choose the IP protocol (TCP, UDP, ICMP, or Other) that defines your customized port from the drop-down list box.
Page 194: Add/Edit An Acl Rule
Chapter 15 Firewall Figure 93 Security Settings > Firewall > Access Control The following table describes the labels in this screen. Table 70 Security Settings > Firewall > Access Control LABEL DESCRIPTION DoS Protection DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and connection requests, using so much bandwidth and so many resources that Internet access becomes unavailable.
Page 195 Chapter 15 Firewall Figure 94 Security Settings > Firewall > Access Control > Add/Edit The following table describes the labels in this screen. Table 71 Security Settings > Firewall > Access Control > Add/Edit LABEL DESCRIPTION General Filter Name Enter a descriptive name of up to 16 alphanumeric characters, not including spaces, underscores, and dashes.
Page 196 Chapter 15 Firewall Table 71 Security Settings > Firewall > Access Control > Add/Edit (continued) LABEL DESCRIPTION Custom Destination This field is displayed only when you select Specific Protocol in Select Port Protocol. Enter a single port number or the range of port numbers of the destination. Policy Use the drop-down list box to select whether to discard (DROP), deny and send an ICMP destination-unreachable message to the sender of (REJECT) or...
Page 197: Mac Filter
HAPTER MAC Filter 16.1 Overview This screen allows you to configure the VDSL Router to give exclusive access to specific devices or exclude specific devices from accessing the VDSL Router. Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02.
Page 198 Chapter 16 MAC Filter Table 72 Security Settings > MAC Filter (continued) LABEL DESCRIPTION Allow List The devices in this list are permitted or denied access to the VDSL Router. Block List Select an entry from the Allow List and use the > button to add it to the Block List.
Page 199: Parental Control
HAPTER Parental Control 17.1 Overview Parental control allows you to permit or block access to certain web sites from home network computers. You can define time periods and days during which the VDSL Router performs parental control on a specific user in the Security Settings > Scheduler Rules screen (see Chapter 18 on page 203 detailed information).
Page 200: Add/Edit Parental Control Rule
Chapter 17 Parental Control The following table describes the fields in this screen. Table 73 Parental Control LABEL DESCRIPTION Add new rule Click this to create a new parental control rule. This is the index number of the rule. PC Name/IP/MAC The VDSL Router allows or prohibits the users from viewing the Web sites with the URLs listed below.
Page 201 Chapter 17 Parental Control The following table describes the fields in this screen. Table 74 Parental Control: Add/Edit LABEL DESCRIPTION PC Name/IP/MAC Select the user that you want to apply this rule to from the drop-down list box. If you want to add an user that is not listed, select User Defined and enter its MAC address.
Page 202 Chapter 17 Parental Control P-873HNU(P)-51B User’s Guide...
Page 203: Scheduler Rules
HAPTER Scheduler Rules 18.1 Overview You can define time periods and days during which the VDSL Router performs scheduled rules of certain features (such as Firewall Access Control, Parental Control) on a specific user in the Scheduler Rules screen. 18.2 The Scheduler Rules Screen Use this screen to view, add, or edit time schedule rules.
Page 204: Add/Edit A Schedule
Chapter 18 Scheduler Rules 18.2.1 Add/Edit a Schedule Click the Add button in the Scheduler Rules screen or click the Edit icon next to a schedule rule to open the following screen. Use this screen to configure a restricted access schedule for a specific user on your network.
Page 205: Certificates
HAPTER Certificates 19.1 Overview The VDSL Router can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication. 19.1.1 What You Can Do in this Chapter •...
Page 206: Create Certificate Request
Chapter 19 Certificates Figure 100 Security Settings > Certificates > Local Certificates The following table describes the labels in this screen. Table 77 Security Settings > Certificates > Local Certificates LABEL DESCRIPTION Create Certificate Click this button to go to the screen where you can have the VDSL Router Request generate a certification request.
Page 207 Chapter 19 Certificates Figure 101 Create Certificate Request The following table describes the labels in this screen. Table 78 Create Certificate Request LABEL DESCRIPTION Certificate Name Type up to 63 ASCII characters (not including spaces) to identify this certificate. Common Name Type the IP address (in dotted decimal notation), domain name or e-mail address in the field provided.
Page 208: Load Signed Certificate
Chapter 19 Certificates Figure 102 Certificate Request Created 19.3.2 Load Signed Certificate After you create a certificate request and have it signed by a Certificate Authority, in the Local Certificates screen click the certificate request’s Load Signed icon to import the signed certificate into the VDSL Router.
Page 209: Import Certificate
Chapter 19 Certificates Figure 103 Load Signed Certificate The following table describes the labels in this screen. Table 79 Load Signed Certificate LABEL DESCRIPTION Certificate This is the name of the signed certificate. Name Certificate Copy and paste the signed certificate into the text box to store it on the VDSL Router. Apply Click Apply to save your changes.
Page 210 Chapter 19 Certificates Figure 104 Import Local Certificate The following table describes the labels in this screen. Table 80 Import Local Certificate LABEL DESCRIPTION Import from Click this check box to open a screen where you can save the certificate of a file certification authority that you trust, from your computer to the VDSL Router.
Page 211: Certificate Details
Chapter 19 Certificates If you click Import from file in the Import Local Certificate screen, the following screen is displayed. Figure 105 Import Local Certificate > Import from file The following table describes the labels in this screen. Table 81 Import Local Certificate > Import from file LABEL DESCRIPTION Certificate...
Page 212 Chapter 19 Certificates Figure 106 Certificate Details The following table describes the labels in this screen. Table 82 Certificate Details LABEL DESCRIPTION Name This field displays the identifying name of this certificate. If you want to change the name, type up to 63 characters to identify this certificate. You may use any character (not including spaces).
Page 213: The Trusted Ca Screen
Chapter 19 Certificates Table 82 Certificate Details (continued) LABEL DESCRIPTION Private Key This read-only text box displays the private key in Privacy Enhanced Mail (PEM) format. PEM uses base 64 to convert the binary certificate into a printable form. You can copy and paste the private key into an e-mail to send to friends or colleagues or you can copy and paste the certificate into a text editor and save the file on a management computer for later distribution (via floppy disk for example).
Page 214: View Trusted Ca Certificate
Chapter 19 Certificates Table 83 Security Settings > Certificates > Trusted CA (continued) LABEL DESCRIPTION Type This field displays general information about the certificate. ca means that a Certification Authority signed the certificate. Action Click the View icon to open a screen with an in-depth list of information about the certificate (or certification request).
Page 215: Import Trusted Ca Certificate
Chapter 19 Certificates 19.4.2 Import Trusted CA Certificate Click the Import Certificate button in the Trusted CA screen to open the following screen. The VDSL Router trusts any valid certificate signed by any of the imported trusted CA certificates. Figure 109 Trusted CA: Import Certificate The following table describes the fields in this screen.
Page 216 Chapter 19 Certificates Figure 110 Trusted CA: Import Certificate > Import from file The following table describes the labels in this screen. Table 86 Import Local Certificate LABEL DESCRIPTION Certificate Type in the location of the certificate you want to upload in this field or click Browse ... File Path to find it.
Page 217: Service Control
HAPTER Service Control 20.1 Overview This chapter provides information on the Service Control screens. Service Control allows you to manage your VDSL Router from a remote location through the following interfaces: • LAN • WAN Note: The VDSL Router is managed using the Web Configurator. 20.2 The Service Control Screen Use this screen to configure through which interface(s) users can use which service(s) to manage the VDSL Router.
Page 218 Chapter 20 Service Control The following table describes the fields in this screen. Table 87 Security Settings > Service Control LABEL DESCRIPTION General This is the index number of the entry. Services Name This is the service you may use to access the VDSL Router. Select the Enable check box for the corresponding services that you want to allow access to the VDSL Router from the LAN.
Page 219: Arp Table
HAPTER ARP Table 21.1 Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long.
Page 220 Chapter 21 ARP Table The following table describes the labels in this screen. Table 88 System Monitor > ARP Table LABEL DESCRIPTION This is the ARP table entry number. IP Address This is the learned IP address of a device connected to a port. MAC Address This is the MAC address of the device with the listed IP address.
Page 221: Logs
HAPTER Logs 22.1 Overview The web configurator allows you to choose which categories of events and/or alerts to have the VDSL Router log and then display the logs or have the VDSL Router send them to an administrator (as e-mail) or to a syslog server. 22.1.1 What You Can Do in this Chapter •...
Page 222: The System Log Screen
Chapter 22 Logs Table 89 Syslog Severity Levels (continued) CODE SEVERITY Warning: There is a warning condition on the system. Notice: There is a normal but significant condition on the system. Informational: The syslog contains an informational message. Debug: The message is intended for debug-level purposes. 22.2 The System Log Screen Use the System Log screen to see the system logs for the categories that you select in Maintenance >...
Page 223: The Security Log Screen
Chapter 22 Logs Table 90 System Monitor > Log > System Log (continued) LABEL DESCRIPTION This field is a sequential value and is not associated with a specific entry. Time This field displays the time the log was recorded. Facility The log facility allows you to send logs to different files in the syslog server.
Page 224 Chapter 22 Logs P-873HNU(P)-51B User’s Guide...
Page 225: Traffic Status
HAPTER Traffic Status 23.1 Overview Use the Traffic Status screens to look at network traffic status and statistics of the WAN and LAN interfaces. 23.1.1 What You Can Do in this Chapter • Use the WAN screen to view the WAN traffic statistics (Section 23.2 on page 225).
Page 226: The Lan Status Screen
Chapter 23 Traffic Status The following table describes the fields in this screen. Table 92 System Monitor > Traffic Status > WAN LABEL DESCRIPTION Connected This shows the name of the WAN interface that is currently connected. Interface Packets Sent Data This indicates the number of transmitted packets on this interface.
Page 227: The Hpna Status Screen
Chapter 23 Traffic Status Figure 116 System Monitor > Traffic Status > LAN The following table describes the fields in this screen. Table 93 System Monitor > Traffic Status > LAN LABEL DESCRIPTION Polls Interval(s) Select how often you want the VDSL Router to update this screen. Interface This shows the LAN or WLAN interface.
Page 228 Chapter 23 Traffic Status Figure 117 System Monitor > Traffic Status > HPNA The following table describes the fields in this screen. Table 94 System Monitor > Traffic Status > HPNA LABEL DESCRIPTION Role This shows the role of the client connected to the VDSL Router’s HPNA port. Device This shows the MAC address of the client connected to the VDSL Router’s HPNA port.
Page 229: Igmp Status
HAPTER IGMP Status 24.1 Overview Use the IGMP Status screens to look at IGMP group status and traffic statistics. 24.1.1 What You Can Do in this Chapter • Use the IGMP Group screen to look at the current list of multicast groups the VDSL Router has joined and which ports have joined each (Section 24.2 on page 229.
Page 230: Igmp Statistics Screen
Chapter 24 24.3 IGMP Statistics Screen Use this screen to look at the current number of IGMP-related packets received for each IGMP multicast group and from each LAN host. To open this screen, click System Monitor > IGMP Group Status > IGMP Statistics. Figure 119 System Monitor >...
Page 231: Xdsl Statistics
HAPTER xDSL Statistics 25.1 The xDSL Statistics Screen Use this screen to view detailed DSL statistics. Click System Monitor > xDSL Statistics to open the following screen. Figure 120 System Monitor > xDSL Statistics P-873HNU(P)-51B User’s Guide...
Page 232 Chapter 25 xDSL Statistics The following table describes the labels in this screen. Table 97 Status > xDSL Statistics LABEL DESCRIPTION Refresh Interval Select the time interval for refreshing statistics. Line Select which DSL line’s statistics you want to display. xDSL Training This displays the current state of setting up the DSL connection.
Page 233 Chapter 25 xDSL Statistics Table 97 Status > xDSL Statistics (continued) LABEL DESCRIPTION Attainable Net These are the highest theoretically possible transfer rates at which the port could Data Rate send and receive payload data without transport layer protocol headers and traffic.
Page 234 Chapter 25 xDSL Statistics P-873HNU(P)-51B User’s Guide...
Page 235: Users Configuration
HAPTER Users Configuration 26.1 Overview In the Users Configuration screen, you can view, add, and configure user accounts of the VDSL Router. 26.2 The Users Configuration Screen Click Maintenance > Users Configuration to open the following screen. Figure 121 Maintenance > Users Configuration P-873HNU(P)-51B User’s Guide...
Page 236: Add/Edit A Users Account
Chapter 26 Users Configuration The following table describes the labels in this screen. Table 98 Maintenance > Users Configuration LABEL DESCRIPTION Advanced Select Enable to turn on advanced account security to enforce tighter security for Account the VDSL Router’s user accounts. This includes: Security •...
Page 237 Chapter 26 Users Configuration The following table describes the labels in this screen. Table 99 Users Configuration: Add/Edit LABEL DESCRIPTION User Name This field is read-only if you are editing the user account. Enter a descriptive name for the user account. The user name can be up to 15 alphanumeric characters (0-9, A-Z, a-z, -, _ with no spaces).
Page 238 Chapter 26 Users Configuration P-873HNU(P)-51B User’s Guide...
Page 239: Remote Management
HAPTER Remote Management 27.1 Overview This chapter explains how to configure the VDSL Router’s TR-069 and TR-064 auto-configuration settings. 27.1.1 What You Can Do in this Chapter • The TR-069 screen lets you configure the VDSL Router’s TR-069 auto-configuration settings (Section 27.2 on page 239).
Page 240 Chapter 27 Remote Management Figure 123 Maintenance > Remote MGMT > TR-069 Client The following table describes the fields in this screen. Table 100 Maintenance > Remote MGMT > TR-069 Client LABEL DESCRIPTION Inform Select Enable for the VDSL Router to send periodic inform via TR-069 on the WAN.
Page 241: The Tr-064 Screen
Chapter 27 Remote Management 27.3 The TR-064 Screen TR-064 is a LAN-Side DSL CPE Configuration protocol defined by the DSL Forum. TR-064 is built on top of UPnP. It allows the users to use a TR-064 compliant CPE management application on their computers from the LAN to discover the CPE and configure user-specific parameters, such as the username and password.
Page 242 Chapter 27 Remote Management Figure 125 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the VDSL Router). An agent translates the local management information from the managed device into a form compatible with SNMP.
Page 243 Chapter 27 Remote Management Figure 126 Maintenance > Remote MGMT > SNMP The following table describes the fields in this screen. Table 102 Maintenance > Remote MGMT > SNMP LABEL DESCRIPTION SNMP Agent Select Enable to allow a manager station to manage and monitor the VDSL Router through the network via SNMP.
Page 244 Chapter 27 Remote Management P-873HNU(P)-51B User’s Guide...
Page 245: Time Settings
HAPTER Time Settings 28.1 Overview This chapter shows you how to configure system related settings, such as system time, password, name, the domain name and the inactivity timeout interval. 28.2 The Time Setting Screen To change your VDSL Router’s time and date, click Maintenance > Time Setting. The screen appears as shown.
Page 246 Chapter 28 Time Settings The following table describes the fields in this screen. Table 103 Maintenance > Time Setting LABEL DESCRIPTION Current Date/Time System Time This field displays the time and fate of your VDSL Router. Each time you reload this page, the VDSL Router synchronizes the time and date with the time server.
Page 247: Logs Setting
HAPTER Logs Setting 29.1 Overview You can configure where the VDSL Router sends logs and which logs and/or immediate alerts the VDSL Router records in the Logs Setting screen. 29.2 The Logs Setting Screen To change your VDSL Router’s log settings, click Maintenance > Logs Setting. The screen appears as shown.
Page 248 Chapter 29 Logs Setting The following table describes the fields in this screen. Table 104 Maintenance > Logs Setting LABEL DESCRIPTION Syslog Logging The VDSL Router sends a log to an external syslog server. Active Select the Active check box to enable syslog logging. Mode Select the syslog destination from the drop-down list box.
Page 249: Example E-Mail Log
Chapter 29 Logs Setting 29.2.1 Example E-mail Log An "End of Log" message displays for each mail in which a complete log has been sent. The following is an example of a log sent by e-mail. • You may edit the subject title. •...
Page 250 Chapter 29 Logs Setting P-873HNU(P)-51B User’s Guide...
Page 251: Firmware Upgrade
HAPTER Firmware Upgrade 30.1 Overview This chapter explains how to upload new firmware to your VDSL Router. You can download new firmware releases from your nearest ZyXEL FTP site (or www.zyxel.com) to use to upgrade your device’s performance. Only use firmware for your device’s specific model. Refer to the label on the bottom of your VDSL Router.
Page 252 Chapter 30 Firmware Upgrade Table 105 Maintenance > Firmware Upgrade (continued) LABEL DESCRIPTION Browse... Click this to find the .bin file you want to upload. Remember that you must decompress compressed (.zip) files before you can upload them. Upload Click this to begin the upload process. This process may take up to two minutes. After you see the firmware updating screen, wait two minutes before logging into the VDSL Router again.
Page 253: Configuration
HAPTER Configuration 31.1 Overview The Configuration screen allows you to backup and restore device configurations. You can also reset your device settings back to the factory default. 31.2 The Configuration Screen Click Maintenance > Configuration. Information related to factory defaults, backup configuration, and restoring configuration appears in this screen, as shown next.
Page 254 Chapter 31 Configuration Restore Configuration Restore Configuration allows you to upload a new or previously saved configuration file from your computer to your VDSL Router. Table 106 Restore Configuration LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ... to find it.
Page 255: The Reboot Screen
Chapter 31 Configuration Figure 137 Reset Warning Message Figure 138 Reset In Process Message You can also press the RESET button on the rear panel to reset the factory defaults of your VDSL Router. Refer to Section 1.6 on page 22 for more information on the RESET button.
Page 256 Chapter 31 Configuration P-873HNU(P)-51B User’s Guide...
Page 257: Diagnostic
HAPTER Diagnostic 32.1 Overview The Diagnostic screens display information to help you identify problems with the VDSL Router. The route between a CO VDSL switch and one of its CPE may go through switches owned by independent organizations. A connectivity fault point generally takes time to discover and impacts subscriber’s network access.
Page 258: Ping & Traceroute & Nslookup
Chapter 32 Diagnostic 32.3 Ping & TraceRoute & NsLookup Use this screen to ping, traceroute, or nslookup an IP address. Click Maintenance > Diagnostic > Ping & TraceRoute & NsLookup to open the screen shown next. Figure 140 Maintenance > Diagnostic > Ping & TraceRoute & NsLookup The following table describes the fields in this screen.
Page 259: Oam Ping Test
Chapter 32 Diagnostic Figure 141 802.1ag The following table describes the fields in this screen. Table 108 Maintenance > Diagnostic > 802.1ag LABEL DESCRIPTION 802.1ag Connectivity Fault Management Maintenance Select a level (0-7) under which you want to create an MA. Domain (MD) Level Destination MAC Enter the target device’s MAC address to which the VDSL Router performs a...
Page 260 Chapter 32 Diagnostic ATM sets up virtual circuits over which end systems communicate. The terminology for virtual circuits is as follows: • Virtual Channel (VC) Logical connections between ATM devices • Virtual Path (VP) A bundle of virtual channels • Virtual Circuits A series of virtual paths between circuit end points Figure 142 Virtual Circuit Topology...
Page 261 Chapter 32 Diagnostic Figure 143 Maintenance > Diagnostic > OAM Ping Test The following table describes the fields in this screen. Table 109 Maintenance > Diagnostic > OAM Ping Test LABEL DESCRIPTION Select a PVC on which you want to perform the loopback test. F4 segment Press this to perform an OAM F4 segment loopback test.
Page 262 Chapter 32 Diagnostic P-873HNU(P)-51B User’s Guide...
Page 263: Troubleshooting
HAPTER Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • VDSL Router Access and Login • Internet Access 33.1 Power, Hardware Connections, and LEDs The VDSL Router does not turn on.
Page 264: Vdsl Router Access And Login
Chapter 33 Troubleshooting 33.2 VDSL Router Access and Login I forgot the IP address for the VDSL Router. The default LAN IP address is 192.168.1.1. If you changed the IP address and have forgotten it, you might get the IP address of the VDSL Router by looking up the IP address of the default gateway for your computer.
Page 265: Internet Access
Chapter 33 Troubleshooting • Make sure you have logged out of any earlier management sessions using the same user account even if they were through a different interface or using a different browser. • Try to access the VDSL Router using another service, such as Telnet. If you can access the VDSL Router, check the remote management settings and firewall rules to find out why the VDSL Router does not respond to HTTP.
Page 266 Chapter 33 Troubleshooting Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide for hardware connections information and Section 1.5 on page 20 for LED behaviors. Make sure you entered your ISP account information correctly in the Network Settings > Broadband screen.
Page 267: Wireless Internet Access
Chapter 33 Troubleshooting ADSL and VDSL connections cannot work at the same time. You can only use one type of DSL connection, either ADSL or VDSL connection at one time. I cannot access the Internet anymore. I had access to the Internet (with the VDSL Router), but my Internet connection is not available anymore.
Page 268 Chapter 33 Troubleshooting Wireless security is vital to your network. It protects communications between wireless stations, access points and the wired network. The available security modes in your ZyXEL device are as follows: • WPA2-PSK: (recommended) This uses a pre-shared key with the WPA2 standard. •...
Page 269: Product Specifications
HAPTER Product Specifications The following tables summarize the VDSL Router’s hardware and firmware features. 34.1 Hardware Specifications Table 110 Hardware Specifications Dimensions 210 (L) x 154 (W) x 40 (H) mm (without external antenna) Weight 495g (without external antenna) Power Adaptor Output 12 V 1.5 A Power Adaptor Input 100-240V AC, 50/60Hz...
Page 270: Firmware Specifications
Chapter 34 Product Specifications 34.2 Firmware Specifications Table 111 Firmware Specifications Default IP Address 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) Default User Name admin Default Password 1234 DHCP Server IP Pool 192.168.1.2 to 192.168.1.254 Static Routes Device Management Use the web configurator to easily configure the rich range of features on the VDSL Router.
Page 271 Chapter 34 Product Specifications Table 111 Firmware Specifications (continued) PPPoE Support PPPoE (Point-to-Point Protocol over Ethernet) emulates a dial-up (RFC2516) connection. It allows your ISP to use their existing network configuration with newer broadband technologies such as ADSL. The PPPoE driver on your device is transparent to the computers on the LAN, which see only Ethernet and are not aware of PPPoE thus saving you from having to manage PPPoE clients on individual computers.
Page 272 Chapter 34 Product Specifications Table 111 Firmware Specifications (continued) Other Protocol Support PPP (Point-to-Point Protocol) link layer protocol Transparent bridging for unsupported network layer protocols RIP I/RIP II ICMP ATM QoS IP Multicasting IGMP v2 and v3 IGMP Proxy Management Embedded Web Configurator Remote Firmware Upgrade Embedded FTP/TFTP Server for firmware upgrade and configuration file...
Page 273 Chapter 34 Product Specifications Table 112 Standards Supported (continued) STANDARD DESCRIPTION ITU G.992.2 (G. Lite) ITU standard for ADSL using discrete multitone modulation. ITU G.992.3 (G.dmt.bis) ITU standard (also referred to as ADSL2) that extends the capability of basic ADSL in data rates. ITU G.992.4 (G.lite.bis) ITU standard (also referred to as ADSL2) that extends the capability of basic ADSL in data rates.
Page 274 Chapter 34 Product Specifications P-873HNU(P)-51B User’s Guide...
Page 275: Appendix A Setting Up Your Computer's Ip Address
PP EN D I X Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP/Vista, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your computer.
Page 276 Appendix A Setting up Your Computer’s IP Address Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: In the Network window, click Add. Select Adapter and then click Add.
Page 277 Appendix A Setting up Your Computer’s IP Address Figure 145 Windows 95/98/Me: TCP/IP Properties: IP Address Click the DNS Configuration tab. • If you do not know your DNS information, select Disable DNS. • If you know your DNS information, select Enable DNS and type the information in the fields below (you may not need to fill them all in).
Page 278 Appendix A Setting up Your Computer’s IP Address • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add. Click OK to save and close the TCP/IP Properties window.
Page 279 Appendix A Setting up Your Computer’s IP Address Figure 148 Windows XP: Control Panel Right-click Local Area Connection and then click Properties. Figure 149 Windows XP: Control Panel: Network Connections: Properties Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. P-873HNU(P)-51B User’s Guide...
Page 280 Appendix A Setting up Your Computer’s IP Address Figure 150 Windows XP: Local Area Connection Properties The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). • If you have a dynamic IP address click Obtain an IP address automatically. •...
Page 281 Appendix A Setting up Your Computer’s IP Address If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: •...
Page 282 Appendix A Setting up Your Computer’s IP Address Figure 153 Windows XP: Internet Protocol (TCP/IP) Properties Click OK to close the Internet Protocol (TCP/IP) Properties window. Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT).
Page 283 Appendix A Setting up Your Computer’s IP Address Figure 154 Windows Vista: Start Menu In the Control Panel, double-click Network and Internet. Figure 155 Windows Vista: Control Panel Click Network and Sharing Center. Figure 156 Windows Vista: Network And Internet Click Manage network connections.
Page 284 Appendix A Setting up Your Computer’s IP Address Right-click Local Area Connection and then click Properties. Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue. Figure 158 Windows Vista: Network and Sharing Center Select Internet Protocol Version 4 (TCP/IPv4) and click Properties.
Page 285 Appendix A Setting up Your Computer’s IP Address • If you have a static IP address click Use the following IP address and fill in the IP address, Subnet mask, and Default gateway fields. • Click Advanced. Figure 160 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK.
Page 286 Appendix A Setting up Your Computer’s IP Address Figure 161 Windows Vista: Advanced TCP/IP Properties In the Internet Protocol Version 4 (TCP/IPv4) Properties window, (the General tab): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es).
Page 287 Appendix A Setting up Your Computer’s IP Address Figure 162 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 10 Click OK to close the Internet Protocol Version 4 (TCP/IPv4) Properties window. 11 Click Close to close the Local Area Connection Properties window. Close the Network Connections window.
Page 288 Appendix A Setting up Your Computer’s IP Address Figure 163 Macintosh OS 8/9: Apple Menu Select Ethernet built-in from the Connect via list. Figure 164 Macintosh OS 8/9: TCP/IP For dynamically assigned settings, select Using DHCP Server from the Configure: list. For statically assigned settings, do the following: P-873HNU(P)-51B User’s Guide...
Page 289 Appendix A Setting up Your Computer’s IP Address • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your VDSL Router in the Router address box. Close the TCP/IP Control Panel.
Page 290 Appendix A Setting up Your Computer’s IP Address Figure 166 Macintosh OS X: Network For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. •...
Page 291 Appendix A Setting up Your Computer’s IP Address Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE. Click the Red Hat button (located on the bottom left corner), select System Setting and click Network.
Page 292 Appendix A Setting up Your Computer’s IP Address If you know your DNS server IP address(es), click the DNS tab in the Network Configuration screen. Enter the DNS server information in the fields provided. Figure 169 Red Hat 9.0: KDE: Network Configuration: DNS Click the Devices tab.
Page 293: Verifying Settings
Appendix A Setting up Your Computer’s IP Address Figure 171 Red Hat 9.0: Dynamic IP Address Setting in ifconfig-eth0 DEVICE=eth0 ONBOOT=yes BOOTPROTO=dhcp USERCTL=no PEERDNS=yes TYPE=Ethernet • If you have a static IP address, enter in the BOOTPROTO= field. Type IPADDR= followed static by the IP address (in dotted decimal notation) and type NETMASK= followed by the subnet mask.
Page 294 Appendix A Setting up Your Computer’s IP Address Figure 175 Red Hat 9.0: Checking TCP/IP Properties [root@localhost]# ifconfig eth0 Link encap:Ethernet HWaddr 00:50:BA:72:5B:44 inet addr:172.23.19.129 Bcast:172.23.19.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:717 errors:0 dropped:0 overruns:0 frame:0 TX packets:13 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:730412 (713.2 Kb) TX bytes:1570 (1.5 Kb)
Page 295: Appendix B Ip Addresses And Subnetting
PP EN D I X IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network.
Page 296 Appendix B IP Addresses and Subnetting Figure 176 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation).
Page 297 Appendix B IP Addresses and Subnetting Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks. Table 114 Subnet Masks BINARY DECIMAL 4TH OCTET OCTET...
Page 298 Appendix B IP Addresses and Subnetting Table 116 Alternative Subnet Mask Notation (continued) ALTERNATIVE LAST OCTET LAST OCTET SUBNET MASK NOTATION (BINARY) (DECIMAL) 255.255.255.224 1110 0000 255.255.255.240 1111 0000 255.255.255.248 1111 1000 255.255.255.252 1111 1100 Subnetting You can use subnetting to divide one network into multiple sub-networks. In the following example a network administrator creates two sub-networks to isolate a group of servers from the rest of the company network for security reasons.
Page 299 Appendix B IP Addresses and Subnetting Figure 178 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 2 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address).
Page 300 Appendix B IP Addresses and Subnetting Table 118 Subnet 2 LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: Lowest Host ID: 192.168.1.65 192.168.1.64 Broadcast Address: Highest Host ID: 192.168.1.126 192.168.1.127 Table 119 Subnet 3...
Page 301 Appendix B IP Addresses and Subnetting Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 122 24-bit Network Number Subnet Planning NO. “BORROWED” NO. HOSTS PER SUBNET MASK NO. SUBNETS HOST BITS SUBNET 255.255.255.128 (/25)
Page 302 Appendix B IP Addresses and Subnetting Once you have decided on the network number, pick an IP address for your VDSL Router that is easy to remember (for instance, 192.168.1.1) but make sure that no other device on your network is using that IP address.
Page 303: Appendix C Pop-Up Windows, Javascript And Java Permissions
PP EN D I X Pop-up Windows, JavaScript and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScript (enabled by default). • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here.
Page 304 Appendix C Pop-up Windows, JavaScript and Java Permissions Figure 180 Internet Options: Privacy Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. In Internet Explorer, select Tools, Internet Options and then the Privacy tab.
Page 305 Appendix C Pop-up Windows, JavaScript and Java Permissions Figure 181 Internet Options: Privacy Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. Click Add to move the IP address to the list of Allowed sites. Figure 182 Pop-up Blocker Settings P-873HNU(P)-51B User’s Guide...
Page 306 Appendix C Pop-up Windows, JavaScript and Java Permissions Click Close to return to the Privacy screen. Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. In Internet Explorer, click Tools, Internet Options and then the Security tab.
Page 307 Appendix C Pop-up Windows, JavaScript and Java Permissions Figure 184 Security Settings - Java Scripting Java Permissions From Internet Explorer, click Tools, Internet Options and then the Security tab. Click the Custom Level... button. Scroll down to Microsoft VM. Under Java permissions make sure that a safety level is selected. Click OK to close the window.
Page 308 Appendix C Pop-up Windows, JavaScript and Java Permissions Figure 185 Security Settings - Java JAVA (Sun) From Internet Explorer, click Tools, Internet Options and then the Advanced tab. Make sure that Use Java 2 for <applet> under Java (Sun) is selected. Click OK to close the window.
Page 309 Appendix C Pop-up Windows, JavaScript and Java Permissions Mozilla Firefox Mozilla Firefox 2.0 screens are used here. Screens for other versions may vary. You can enable Java, Javascript and pop-ups in one screen. Click Tools, then click Options in the screen that appears.
Page 310 Appendix C Pop-up Windows, JavaScript and Java Permissions P-873HNU(P)-51B User’s Guide...
Page 311: Appendix D Wireless Lans
PP EN D I X Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless adapters (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an ad-hoc network or Independent Basic Service Set (IBSS).
Page 312 Appendix D Wireless LANs Figure 190 Basic Service Set An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This type of wireless LAN topology is called an Infrastructure WLAN.
Page 313 Appendix D Wireless LANs Figure 191 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by wireless devices to transmit and receive data. Channels available depend on your geographical area. You may have a choice of channels (for your region) so you should use a channel different from an adjacent AP (access point) to reduce interference.
Page 314 Appendix D Wireless LANs RTS/CTS Figure 192 When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
Page 315 Appendix D Wireless LANs IEEE 802.11g Wireless LAN IEEE 802.11g is fully compatible with the IEEE 802.11b standard. This means an IEEE 802.11b adapter can interface directly with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range.
Page 316 Appendix D Wireless LANs • User based identification that allows for roaming. • Support for RADIUS (Remote Authentication Dial In User Service, RFC 2138, 2139) for centralized user profile and accounting management on a network RADIUS server. • Support for EAP (Extensible Authentication Protocol, RFC 2486) that allows additional authentication methods to be deployed with no changes to the access point or the wireless clients.
Page 317 Appendix D Wireless LANs In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password, they both know. The key is not sent over the network. In addition to the shared key, password information exchanged is also encrypted to protect the network from unauthorized access.
Page 318 Appendix D Wireless LANs authentication, EAP-TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2. PEAP (Protected EAP) Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity.
Page 319 Appendix D Wireless LANs If both an AP and the wireless clients support WPA2 and you have an external RADIUS server, use WPA2 for stronger data encryption. If you don't have an external RADIUS server, you should use WPA2-PSK (WPA2-Pre-Shared Key) that only requires a single (identical) password entered into each access point, wireless gateway and wireless client.
Page 320 Appendix D Wireless LANs messages from six to four (CCMP 4-way handshake) and shortens the time required to connect to a network. Other WPA2 authentication features that are different from WPA include key caching and pre-authentication. These two features are optional and may not be supported in all wireless devices.
Page 321 Appendix D Wireless LANs Figure 193 WPA(2) with RADIUS Application Example WPA(2)-PSK Application Example A WPA(2)-PSK application looks as follows. First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key (PSK) must consist of between 8 and 63 ASCII characters or 64 hexadecimal characters (including spaces and symbols).
Page 322 Appendix D Wireless LANs Security Parameters Summary Refer to this table to see what other security parameters you should configure for each authentication method or key management protocol type. MAC address filters are not dependent on how you configure these security features. Table 127 Wireless Security Relational Matrix AUTHENTICATION ENCRYPTIO...
Page 323 Appendix D Wireless LANs 2.5%. For an unobstructed outdoor site, each 1dB increase in gain results in a range increase of approximately 5%. Actual results may vary depending on the network environment. Antenna gain is sometimes specified in dBi, which is how much the antenna increases the signal power compared to using an isotropic antenna.
Page 324 Appendix D Wireless LANs P-873HNU(P)-51B User’s Guide...
Page 325: Appendix E Services
PP EN D I X Services The following table lists some commonly-used services and their associated protocols and port numbers. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like. •...
Page 326 Appendix E Services Table 128 Examples of Services NAME PROTOCOL PORT(S) DESCRIPTION AH (IPSEC_TUNNEL) User-Defined The IPSEC AH (Authentication Header) tunneling protocol uses this service. 5190 AOL’s Internet Messenger service. AUTH Authentication protocol used by some servers. Border Gateway Protocol. BOOTP_CLIENT DHCP Client.
Page 327 Appendix E Services Table 128 Examples of Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION NEW-ICQ 5190 An Internet chat program. NEWS A protocol for news groups. 2049 Network File System - NFS is a client/ server distributed file service that provides transparent file sharing for network environments.
Page 328 Appendix E Services Table 128 Examples of Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION SQL-NET 1521 Structured Query Language is an interface to access data on many different types of database systems, including mainframes, midrange systems, UNIX systems and network servers. SSDP 1900 The Simple Service Discovery Protocol...
Page 329: Legal Information
This publication is subject to change without notice. Trademarks ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
Page 330 Appendix F Legal Information If this device does cause harmful interference to radio/television reception, which can be determined by turning the device off and on, the user is encouraged to try to correct the interference by one or more of the following measures: Reorient or relocate the receiving antenna.
Page 331 Appendix F Legal Information Ce produit est conçu pour les bandes de fréquences 2,4 GHz et/ou 5 GHz conformément à la législation Européenne. En France métropolitaine, suivant les décisions n°03-908 et 03-909 de l’ARCEP, la puissance d’émission ne devra pas dépasser 10 mW (10 dB) dans le cadre d’une installation WiFi en extérieur pour les fréquences comprises entre 2454 MHz et 2483,5 MHz.
Page 332 Appendix F Legal Information • Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks. ONLY qualified service personnel should service or disassemble this device. Please contact your vendor for further information. •...
Page 333 Index Index ACL rule 205, 317 Canonical Format Indicator See CFI activation firewalls CCMs SIP ALG certificate SSID details Address Resolution Protocol factory default ADSL Certificate Authority compliance See CA. alternative subnet mask notation certificates antenna authentication directional gain creating omni-directional importing public key...
Page 334 Index reset restoring static route 130, 171, 236 EAP Authentication Connectivity Check Messages, see CCMs ECHO copyright e-mail log example CoS technologies encapsulation creating certificates PPPoA PPPoE CTS (Clear to Send) encryption CTS threshold 99, 319 94, 97 Extended Service Set IDentification 84, 91 Extended Service Set, See ESS data fragment threshold...
Page 335 Index HTTP humidity client list DHCP 110, 126 110, 127 IP address 110, 111, 127 IANA MAC address Internet Assigned Numbers Authority status see IANA subnet mask 110, 111, 127 IBSS LAN VLAN IEEE 802.11g LAND attack IEEE 802.1Q LAN-Side DSL CPE Configuration IGMP limitations Access Control List...
Page 336 Index MTU (Multi-Tenant Unit) Pairwise Master Key (PMK) 319, 321 multicast passwords IGMP Multiple BSS, see MBSSID multiplexing Per-Hop Behavior, see PHB LLC-based VC-based PIN, WPS example Ping of Death Point-to-Point Tunneling Protocol POP3 153, 155, 163, 164, 301 port forwarding applications ports IP alias...
Page 337 Index activation SMTP SNMP RADIUS 166, 241, 242, 272 agents message types messages GetNext shared secret key Manager RADIUS server managers registration product related documentation Trap remote management versions TR-069 SNMP trap Remote Procedure Calls, see RPCs reset 22, 254 srTCM restart SSID...
Page 338 Index time VDSL Virtual Local Area Network See VLAN VLAN Introduction Tag Control Information See TCI number of possible VIDs Tag Protocol Identifier See TPID priority frame static temperature VLAN ID thresholds VLAN Identifier See VID data fragment 94, 97 VLAN tag RTS/CTS 94, 97...
Page 339 Index encryption example example fragmentation threshold push button 94, 97 23, 101 limitations MAC address filter 91, 98 MBSSID preamble 95, 97 RADIUS server RTS/CTS threshold 94, 97 security SSID activation status WPA-PSK 101, 103 example limitations push button 23, 101 wireless security Wireless tutorial wizard setup...

This manual is also suitable for:

P-873hnup-51b

ZyXEL Communications P-873HNU-51B User Manual

Contents Overview

Table of Contents

User's Guide

PART I User's Guide

Chapter 1 Introducing the P-873HNU(P)-51B

Chapter 2 The Web Configurator

Chapter 3 Quick Start

Chapter 4 Tutorials

Technical Reference

Part II: Technical Reference

Chapter 5 Network Map and Status Screens

Chapter 6 Broadband

Chapter 7

Wireless

Chapter 8 Home Networking

Chapter 9 Static Routing

Chapter 10 Quality of Service (Qos)

Chapter 11 Network Address Translation (NAT)

Chapter 12 Dynamic DNS Setup

Chapter 13 IGMP

Chapter 14 Interface Group

Chapter 15 Firewall

Chapter 16 MAC Filter

Chapter 17 Parental Control

Chapter 18 Scheduler Rules

Chapter 19 Certificates

Chapter 20 Service Control

Chapter 21 ARP Table

Chapter 22 Logs

Chapter 23 Traffic Status

Chapter 24 IGMP Status

Chapter 25 Xdsl Statistics

Chapter 26 Users Configuration

Chapter 27 Remote Management

Chapter 28 Time Settings

Chapter 29 Logs Setting

Chapter 30 Firmware Upgrade

Chapter 31 Configuration

Chapter 32 Diagnostic

Chapter 33 Troubleshooting

Chapter 34 Product Specifications

Appendix A Setting up Your Computer's IP Address

Appendix B IP Addresses and Subnetting

Appendix C Pop-Up Windows, Javascript and Java Permissions

Appendix D Wireless Lans

Appendix E Services

Quick Links

Related Manuals for ZyXEL Communications P-873HNU-51B

Summary of Contents for ZyXEL Communications P-873HNU-51B