Page 2: Table Of Contents
3. What’s the difference between ‘Common User Account’ and ‘Administrator Account’? ............... 12 4. How do I know the P-660HN-T1A's WAN IP address assigned by the ISP?..................... 12 5. What is the micro filter or splitter used for? ........13 6.
Page 3 3. What is the microfilter used for? ............17 4. How do I know the ADSL line is up? ..........17 5. How does the P-660HN-T1A work on a noisy ADSL? ....17 6. Does the VC-based multiplexing perform better than the LLC-based multiplexing? ...............
Page 4 5. What is Frequency-hopping Spread Spectrum Technology – (FHSS)? ................... 32 Security FAQ .................... 33 1. How do I secure the data across the P-660HN-T1A Access Point's radio link?..............33 2. What is WEP?................ 33 3. What is WPA-PSK? .............. 34 4.
Page 5 12. Using Call Scheduling ............75 13. Using IP Multicast ..............78 14. Using Zero-Configuration ............. 79 15. How to configure packet filter on P-660HN-T1A? ....81 16. Change WAN MTU via WEB-GUI........84 Wireless Application Notes..............86 1. Configure a Wireless Client to Ad hoc mode......86 2.
Page 6: Faq
Note: It is protected by super password, ‘1234’ by factory default. 3. How do I update the firmware and configuration file? You can do this if you access the P-660HN-T1A as Administrator. You can upload the firmware and configuration file to Prestige from Web Condigurator, or using FTP or TFTP client software.
Page 7: How Do I Restore P-660Hn-T1A Configurations By Using Tftp Client
In case you forget the system password, you can erase the current configuration and restore factory defaults this way: Use the RESET button on the rear panel of P-660HN-T1A to reset the router. After the router is reset, the LAN IP address will be reset to '192.168.1.1', the common user password will be reset to 'user', the Administrator password will be reset to „1234’.
Page 8: What Is The Difference Between Sua And Full Feature Nat
LAN for outside access. The P-660HN-T1A supports NAT sets on a remote node basis. They are reusable, but only one set is allowed for each remote node. The P-660HN-T1A supports 8 sets since there are 8 remote nodes.
Page 9: What Ip/Port Mapping Does Multi-Nat Support
IP addresses as the Internal Local Addresses (ILA) and the global IP addresses as the Inside Global Address (IGA),  One to One: In One-to-One mode, the P-660HN-T1A maps one ILA to one IGA.  Many to One: In Many-to-One mode, the P-660HN-T1A maps multiple ILA to one IGA.
Page 10: How Many Network Users Can The Sua/Nat Support
The Prestige does not limit the number of the users but the number of the sessions. The P-660HN-T1A supports 4k sessions that you can use the 'ip nat session' command in CLI to see. You can also use „ip nat hashTable wanif0‟...
Page 11 Destination IP Addr =a.b.c.d  Destination IP Mask =w.x.y.z  Action Matched =Drop  Action No Matched =Forward Where a.b.c.d is an IP address on your local network and w.x.y.z is your netmask. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 12: Product Faq
Moreover, only with Administrator Password, you could manage the P-660HN-T1A via FTP/TFTP or Telnet. 4. How do I know the P-660HN-T1A's WAN IP address assigned by the ISP? You can view "My WAN IP <from ISP> : x.x.x.x" shown in Web Configurator „Status->Device Information ->WAN Information‟...
Page 13: What Is The Micro Filter Or Splitter Used For
You can also check your ISP or the information sheet given by the ISP. Please choose PPPoE as the encapsulation type in the P-660HN-T1A if the ISP uses PPPoE. 8. Why does my provider use PPPoE? PPPoE emulates a familiar Dial-Up connection.
Page 14: When Do I Need Ddns Service
IP address we can use the DDNS service. The DDNS server allows to alias a dynamic IP address to a static hostname. Whenever the ISP assigns you a new IP, the P-660HN-T1A sends this IP to the DDNS server for its updates.
Page 15: Why Do We Perform Traffic Shaping In The P-660Hn-T1A
All applications have their own natural bit rate. Large data transactions have a fluctuating natural bit rate. The P-660HN-T1A is able to support variable traffic among different virtual connections. Certain traffic may be discarded if the virtual connection experiences congestion.
Page 16: What Is Content Filter
(that you specify) in the URL. You can set a schedule for when the P-660HN-T1A performs content filtering. You can also specify trusted IP Addresses on LAN for which the P-660HN-T1A will not perform content filtering. You can configure the details about it in Web Configurator, Advanced setup, Security ->...
Page 17: Adsl Faq
4. How do I know the ADSL line is up? You can see the DSL LED Green on the P-660HN-T1A's front panel is on when the ADSL physical layer is up.
Page 18: Does The Vc-Based Multiplexing Perform Better Than The Llc-Based Multiplexing
Maintenance -> Diagnostic -> DSL Line -> DSL Status: 8. What are the signaling pins of the ADSL connector? The signaling pins on the P-660HN-T1A's ADSL connector are pin 3 and pin 4. The middle two pins for a RJ11 cable.
Page 19 The low priority is internet access such as ftp etc … Triple Play is a port-based policy to forward packets from different LAN port to different PVCs, thus you can configure each PVC separately to assign different QoS to different application. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 20: Firewall Faq
2. What makes P-660HN-T1A secure? The P-660HN-T1A is pre-configured to automatically detect and thwart Denial of Service (DoS) attacks such as Ping of Death, SYN Flood, LAND attack, IP Spoofing, etc. It also uses stateful packet inspection to determine if an inbound connection is allowed through the firewall to the private LAN.
Page 21: What Kind Of Firewall In The P-660Hn-T1A
4. The P-660HN-T1A's firewall is fast. It uses a hashing function to search the matched session cache instead of going through every individual rule for a packet.
Page 22: What Is Ping Of Death Attack
IP address of the targeted system. This makes it appear as if the host computer sent the packets to itself, making the system unavailable while the target system tries to respond to itself. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 23: What Is Brute-Force Attack
13. What are the default ACL firewall rules in P-660HN-T1A? There are two default ACLs pre-configured in the P-660HN-T1A, one allows all connections from LAN to WAN and the other blocks all connections from WAN to LAN except of the DHCP packets.
Page 24: Why Can't I Configure My P-660Hn-T1A Using Web Configurator/Telnet Over Wan
1. Change the default Administrator password since it is required when setting up the firewall. 2. Limit who can access to your P-660HN-T1A‟s Web Configurator or CLI. You can enter the IP address of the secured LAN host in Web Configurator, Advanced Setup, Advanced ->...
Page 25: Why Can't I Upload The Firmware And Configuration File Using Ftp Over Wan
FTP connection from WAN. The WAN-to-LAN ACL summary will look like as shown below. Source IP= FTP host Destination IP= P-660HN-T1A's WAN IP Service= FTP TCP/21, TCP/20 Action=Forward All contents copyright © 2010 ZyXEL Communications Corporation.
Page 26: Log And Alert
3. How do I view the firewall log? All logs generated in P-660HN-T1A, including firewall logs, IPSec logs, system logs are migrated to centralized logs. So you can view firewall logs in Centralized logs: Web Configurator, Advanced setup, Maintenance -> Logs ->View Log.
Page 27: When Does The P-660Hn-T1A Generate The Firewall Alert
5. What is the difference between the log and alert? A log entry is just added to the log inside the P-660HN-T1A and e-mailed together with all other log entries at the scheduled time as configured. An alert is e-mailed immediately after an attacked is detected.
Page 29: Where Can You Find 802.11 Wireless Networks
(interoperate) with any brand of Access Point that is also Wi-Fi certified. 8. What types of devices use the 2.4GHz Band? Various spread spectrum radio communication applications use the 2.4 GHz band. This includes WLAN systems (not necessarily of the type IEEE All contents copyright © 2010 ZyXEL Communications Corporation.
Page 30: Does The 802.11 Interfere With Bluetooth Device
(1) Minimizing the number of walls and ceilings (2) Antenna is positioned for best reception (3) Keep WLAN products away from electrical devices, eg: microwaves, monitors, electric motors,…, etc. (4) Add additional APs if necessary. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 31: What's The Difference Between A Wlan And A Wwan
Yes, it supports up to 32 MAC Address filtering. 17. Does P-660HN-T1A support auto rate adaption? Yes, it means that the AP on P-660HN-T1A will automatically decelerate when devices move beyond the optimal range, or other interference is present. If the device moves back within the range of a higher-speed transmission, the connection will automatically speed up again.
Page 32: Advanced Faq
This avoids problems with fixed channel narrowband noise and simple jamming. Both transmitter and receiver must have their hopping sequences synchronized to create the effect of a All contents copyright © 2010 ZyXEL Communications Corporation.
Page 33: Security Faq
AP. The ESSID is a 32-character maximum string and is case-sensitive. Security FAQ 1. How do I secure the data across the P-660HN-T1A Access Point's radio link? To secure the date across the P-660HN-T1A Access Point‟s radio link, we could select any one of the security mode: Static 64/128 bit WEP, WPA-PSK, WPA, WPA2-PSK, WPA2.
Page 34: What Is Wpa-Psk
24 bit Initialization Vector, but it uses a 104 bit as secret key. Users need to use the same encryption level in order to make a connection. 7. Can the SSID be encrypted? No, WEP only encrypts the data packets not the 802.11n management All contents copyright © 2010 ZyXEL Communications Corporation.
Page 35: By Turning Off The Broadcast Of Ssid, Can Someone Still Sniff The Ssid
An intruder can masquerade as that user by using this captured information. An intruder who monitors the wireless network can apply this same attack principle on the wireless. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 36: Application Notes
In this case, we use P-660HN-T1A which works as an ADSL bridge modem to connect to the ISP. The ISP will generally give one Internet account and limit only one computer to access the Internet.
Page 37 P-660HN Series Support Notes Setup your P-660HN-T1A under bridge mode The following procedure shows you how to configure your P-660HN-T1A as bridge mode. We will use Web Configurator to guide you through the related menu. 1. Retrieve Prestige Web Please enter the LAN IP address of the Prestige router in the URL location to retrieve the web screen from the Prestige.
Page 38 P-660HN Series Support Notes 2. Login first The default username and password is the default SMT password '1234'. (1) Configure P-660HN-T1A as bridge mode and configure Internet setup parameters in Web Configurator, Advanced Setup, Network -> WAN -> Internet Connection.
Page 39: Internet Access Using P-660Hn-T1A Under Routing Mode
Identifier) given to you by your ISP. (2) Turn off DHCP Server and configure a LAN IP for the P-660HN-T1A in Web Configurator, Advanced Setup, Network -> LAN. We use 192.168.1.1 as the LAN IP for P-660HN-T1A in this case: Step 1: Disactive DHCP Server and apply it: Step 2: Assign an IP to the LAN Interface of P-660HN-T1A, e.g.: 192.168.1.1:...
Page 40 P-660HN Series Support Notes Set up your P-660HN-T1A under routing mode The following procedure shows you how to configure your P-660HN-T1A as Routing mode for routing traffic. We will use Web Configurator to guide you through the related menu. (1) Configure P-660HN-T1A as routing mode and configure Internet setup parameters in Web Configurator, Advanced Setup, Network ->...
Page 41 Specify a VPI (Virtual Path Identifier) and a VCI (Virtual Channel number Identifier) given to you by your ISP. Set to Dynamic if the ISP provides the IP for the P-660HN-T1A IP Address dynamically. Otherwise, set to Static and enter the IP in the IP Assignment Address field.
Page 42: Setup The P-660Hn-T1A As A Dhcp Relay
P-660HN Series Support Notes (2) Configure a LAN IP for the P-660HN-T1A and the DHCP settings in Web Configurator, Advanced Setup, Network -> LAN. 3. Setup the P-660HN-T1A as a DHCP Relay  What is DHCP Relay? DHCP stands for Dynamic Host Configuration Protocol. In addition to the DHCP server feature, the P-660HN-T1A supports the DHCP relay function.
Page 43: Sua Notes
Cu-SeeMe, and ICQ will need to connect to the local user behind the P-660HN-T1A. In such case, a SUA server must be configured to forward the incoming packets to the true destination behind SUA. After the required server are configured in Web Configurator, Advanced Setup, Network ->...
Page 44 Default/Client Microsoft Messenger Service 6901/client IP 6901/client IP Microsoft Messenger Service None for Chat, File None for Chat, File 4.6/ 4.7/ 5.0/… transfer, Video and transfer ,Video and Voice (none UPnP) Voice All contents copyright © 2010 ZyXEL Communications Corporation.
Page 45 Certain Quake servers do not allow multiple users to login using the same unique IP, so only one Quake user will be allowed in this case. Moreover, when a Quake server is configured behind SUA, P-660HN-T1A will not be able to provide information of that server on the internet.
Page 46 A service is identified by the port number. Also, since you need to specify the IP address of a server behind the P-660HN-T1A, a server must have a fixed IP address and not be a DHCP client whose IP address potentially changes each time P-660HN-T1A is powered on.
Page 47 Web Configurator, Advanced Setup, Network -> NAT -> Port Forwarding. The outside users can access the local server using the P-660HN-T1A's WAN IP address which can be obtained from Web Configurator, Status -> WAN Information.
Page 48 All data sent over this connection can be encrypted and compressed, and multiple network level protocols (TCP/IP, NetBEUI and IPX) can be run correctly. Windows NT Domain Login level security is preserved even across the Internet. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 49 Configuration This application note explains how to establish a PPTP connection with a remote private network in the P-660HN-T1A SUA case. All PPTP packets can be forwarded to the internal PPTP Server (WinNT server) behind SUA. The port number of the PPTP has to be entered in the Web Configurator, Advanced Setup, Network ->...
Page 50 P-660HN Series Support Notes Example The following example shows how to dial to an ISP via the P-660HN-T1A and then establish a tunnel to a private network. There will be three items that you need to set up for PPTP application, these are PPTP server (WinNT), PPTP client (Win9x) and the P-660HN-T1A.
Page 51 Internet IP address that the ISP assigns to P-660HN-T1A router in SUA mode and enter this IP address in the VPN dial-up dialog box. You can check this Internet IP address from PNC Monitor or S Web Configurator, Status ->...
Page 52: Using Full Feature Nat
P-660HN Series Support Notes 5. Using Full Feature NAT When P-660HN-T1A is in Routing mode, you can select NAT Option as Full Feature in Network -> NAT -> General: Key Settings: Field Options Description When you select this option you can select...
Page 53 P-660HN Series Support Notes The P-660HN-T1A has 8 remote nodes and so allows you to configure 8 NAT Address Mapping Sets, You must specify which NAT Address Mapping Set (1~8) to use in the remote node when you select Full Feature NAT.
Page 54 Click the „Edit’ Button on the rule #1, then you can enter the window in which you can edit an individual rule and configure the Mapping Type, Local and Global Start/End IPs: All contents copyright © 2010 ZyXEL Communications Corporation.
Page 55 Start IP address.  Configure Address Mapping Sets in CLI Setp 1: Telnet to the P-660HN-T1A. (We suppose the LAN IP Address of P-660HN-T1A is 192.168.1.1) Step 2: Select one Address Mapping Set (#1~#8) by command „ip nat addrmap map [map #] [set name]‟ (set name is optional). Suppose we configure set 2 in the example.
Page 56 Load the server sets of NAT into buffer “disp 1” means to display the NAT server set in buffer, ip nat server disp [1] if parameter “1” is omitted, then it will display all the All contents copyright © 2010 ZyXEL Communications Corporation.
Page 57 192.168.1.36 and a FTP server at 192.168.1.33, then you need to specify for port 80 (Web) the server at IP address 192.168.1.36 and for port 21 (FTP) another at IP address 192.168.1.33. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 58 In our Internet Access example, we only need one rule where all our ILAs map to one IGA assigned by the ISP. You can just use the default SUA NAT, or you All contents copyright © 2010 ZyXEL Communications Corporation.
Page 59 In this case, we do exactly as the figure (use the convenient pre-configured SUA Only set) and also go to Web Configurator, Advanced Setup, Network -> NAT -> Port Forwarding to specify the Internet Server behind the NAT as All contents copyright © 2010 ZyXEL Communications Corporation.
Page 60 Rule 4 (Server type) to map a web server and mail server with ILA3 (192.168.1.20) to IGA3. Type Server allows us to specify multiple servers, of different types, to other machines behind NAT on the LAN. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 61 Step 1: In this case, we need to map ILA to more than one IGA, therefore we must choose the Full Feature option from the NAT field in currently active remote node, and assign IGA3 to P-660HN-T1A‟s WAN IP Address. Step 2: Go to Web Configurator, Advanced Setup, Network -> NAT ->...
Page 62 (200.0.0.3). Rule 4 Setup: Select Server type to map our web server and mail server with ILA3 (192.168.1.20) to IGA3. Menu Network -> NAT -> Address Mapping should look as follows now: All contents copyright © 2010 ZyXEL Communications Corporation.
Page 63 IP address. In this case it is better to use Many-to-Many No Overload or One-to-One NAT mapping types, thus each user login to the server using a unique global IP address. The following figure illustrates this. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 64: Using The Dynamic Dns (Ddns)
Without DDNS, we always tell the users to use the WAN IP of the P-660HN-T1A to access the internal server. It is inconvenient for the users if this IP is dynamic. With DDNS supported by the P-660HN-T1A, you apply a DNS name (e.g., www.zyxel.com.tw) for your server (e.g., Web server) from a...
Page 65 WWW.DYNDNS.ORG where you apply the DNS from and update the WAN IP  Setup the DDNS 1. Before configuring the DDNS settings in the P-660HN-T1A, you must register an account from the DDNS server such as WWW.DYNDNS.ORG first. After the registration, you have a hostname for your internal server and a password using to update the IP to the DDNS server.
Page 66: Qos(802.1Q)
The following table describes the traffic types defined in the IEEE 802.1d standard (which incorporates the 802.1p). IEEE 802.1p Priority Level and Traffic Type All contents copyright © 2010 ZyXEL Communications Corporation.
Page 67: Network Management Using Snmp
 ZyXEL SNMP Implementation ZyXEL currently includes SNMP support in some P-660HN-T1A routers. It is implemented based on the SNMPv1, so it will be able to communicate with SNMPv1 NMSs. Further, users can also add ZyXEL's private MIB in the NMS to monitor and control additional system variables.
Page 68 And traps with the message "System reboot by user !" will be sent. (2) For fatal error : System has to reboot for some fatal errors. And traps with the message of the fatal code will be sent. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 69: Using Syslog
Downloading ZyXEL's private MIB  Configure the P-660HN-T1A for SNMP The SNMP related settings in P-660HN-T1A are configured in Web Configurator, Advanced Setup, Advanced -> Remote MGNT -> SNMP The following steps describe a simple setup procedure for configuring all SNMP settings.
Page 70: Using Ip Alias
In a typical environment, a LAN router is required to connect two local networks. The P-660HN-T1A can connect three local networks to the ISP or a remote node, we call this function as 'IP Alias'. In this case, an internal router is not required.
Page 71 IP alias 1 and enif0:1 for the IP alias 2. Therefore, three routes are created in the P-660HN-T1A as shown below when the three networks are configured. If the P-660HN-T1A's DHCP is also enabled, the IP pool for the clients can be any of the three networks.
Page 72: Using Ip Policy Routing
P-660HN Series Support Notes Key Settings: DHCP If the P-660HN-T1A's DHCP server is enabled, the IP pool for the clients Setup can be any of the three networks. TCP/IP Enter the first LAN IP address for the P-660HN-T1A. This will create the Setup first route in the enif0 interface.
Page 73 IP header. IPPR follows the existing packet filtering facility in style and in implementation. The policies are divided into sets, where related policies are grouped together. A use defines the policies before applying them to an All contents copyright © 2010 ZyXEL Communications Corporation.
Page 74 (Set the protocol ID as 6(TCP) for the rule) ip policyrouting set criteria serviceType (Set the criteria type of service as don‟t care for this rule) ip policyrouting set criteria precedence (Set the precedence as don‟t care for this rule) All contents copyright © 2010 ZyXEL Communications Corporation.
Page 75: Using Call Scheduling
12. Using Call Scheduling  What is Call Scheduling? Call scheduling enables the mechanism for the P-660HN-T1A to run the remote node connection according to the pre-defined schedule. This feature is All contents copyright © 2010 ZyXEL Communications Corporation.
Page 76 2005 12 27 (Set the schedule used just once, it works on 2005-12-27) wan callsch starttime 12 00 (Set the schedule start time as 12:00) wan callsch duration 16 00 All contents copyright © 2010 ZyXEL Communications Corporation.
Page 77  Time Service in P-660HN-T1A There is no RTC (Real-Time Clock) chip so the P-660HN-T1A should launch a mechanism to get current time and date from external server in boot time. Time service is implemented by the Daytime protocol(RFC-867), Time...
Page 78: Using Ip Multicast
P-660HN Series Support Notes protocol(RFC-868), and NTP protocol(RFC-1305). You have to assign an IP address of a time server and then, the P-660HN-T1A will get the date, time, and time-zone information from this server. You can configure it in Web Configurator, Advanced Setup, Maintenance ->...
Page 79: Using Zero-Configuration
P-660HN Series Support Notes P-660HN-T1A supports IGMP v1 ,v2 and IGMP v3 without source filtering.  IP Multicast Setup (1) Enable IGMP in P-660HN-T1A's LAN in Web Configurator, Advanced Setup, Network -> LAN -> IP -> Advanced Setup. (2) Enable IGMP in P-660HN-T1A's remote node in Web Configurator, Advanced Setup, Network ->...
Page 80 Note: <remote node> : input the remote node index 1-8 <vpi> : vpi value <vci> : vci value <service>: it‟s a hex value, bit0:PPPoE/VC (1), bit1:PPPoE/LLC (2) , bit2:PPPoA/VC (4), bit3:PPPoA/LLC (8), bit4:Enet/VC (16), bit5 :Enet/LLC (32) All contents copyright © 2010 ZyXEL Communications Corporation.
Page 81: How To Configure Packet Filter On P-660Hn-T1A
15. How to configure packet filter on P-660HN-T1A? The P-660HN-T1A allows you to configure up to twelve filter sets with six rules in each set, for a total of 72 filter rules in the system. You can apply up to four filter sets to a particular port to block multiple types of packets.
Page 82 P-660HN Series Support Notes The packet filter function on P-660HN-T1A is the same as before, just that you could only configure the filter set and apply them by command in CLI. It‟s very complex for common users to do it. So here‟s the recommendation: (1) Usually if you want to block special packets, you could edit a firewall rule in Web Configurator.
Page 83 [protocol #] Set the protocol ID of the rule sys filter set sourceroute [yes|no] Set the sourceroute yes/no sys filter set destip [address] [subnet Set the destination IP address and subnet mask of All contents copyright © 2010 ZyXEL Communications Corporation.
Page 84: Change Wan Mtu Via Web-Gui
Discard Changes 16. Change WAN MTU via WEB-GUI. You can change WAN MTU by: Network > WAN > Internet Connection > Advanced Setup, the default value is 1500. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 86: Wireless Application Notes
Step 1: Double click on the utility icon in your windows task bar the utility will pop up on your windows screen. Step 2: Select configuration tab. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 87 Step 4: Since there is no DHCP server to give the host IP you must first designate a static IP for your station. From Windows Start select Control Panel >Network Connection>Wireless Network Connection. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 89: Configuration For Wireless Station B
Step1: Double click on the utility icon in your windows task bar the utility will pop up on your windows screen. Step 2: Select configuration tab. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 90 Step 4: Since there is no DHCP server to give the host IP you must first designate a static IP for your station. From Windows Start select Control Panel >Network Connection>Wireless Network Connection. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 92: Mac Filter
This provides an additional layer of control layer in that only stations with registered MAC addresses can connect. This approach requires that the list of MAC addresses be configured. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 93 Allow or block association from MAC addresses contained in this list. If Allow Filter Action Association is selected in this field, hosts with MAC addresses configured in this list will be allowed to associate with AP. If Deny Association is selected in this field, All contents copyright © 2010 ZyXEL Communications Corporation.
Page 94: Setup Wep (Wired Equivalent Privacy)
You can set up the Access Point from Web configurator，Network -> Wireless LAN -> AP. (You can also configure it via CLI): Step 1: Select „Static WEP‟ from the pull down menu „Security Mode‟ in Web Configurator: All contents copyright © 2010 ZyXEL Communications Corporation.
Page 95 256-bit WEP key (secret key) with 58 hexadecimal digits There are two ways you can configure the WEP Key. (1) You can put in a special WEP key in the „WEP Key‟ menu directly. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 96 P-660HN Series Support Notes (2) You can also put in an arbitrary sequence of characters in the „Passphrase‟ and then press button „Generate‟ to let the P-660HN-T1A generate WEP Key for you:  Setting up the Station Step 1: Double click on the utility icon in your windows task bar or right click the utility icon then select 'Show Config Utility'.
Page 97 Note: If the utility icon doesn't exist in your task bar, click Start -> Programs -> …… to start the utility. Step 2: Select the 'Configuration' tab. Select „Set Security‟ to configure encryption type and parameters correspond with access point. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 98: Site Survey
P-660HN Series Support Notes Note: You should select Key 1 as default Transmit Key, since the P-660HN-T1A is supposed to use Key 1 by default. Key settings The WEP Encryption type of station has to equal to the access point.
Page 99 Step 3: Use a notebook with wireless client installed and run it's utility. An utility will provide information such as connection speed, current used channel, associated rate, link quality, signal strength and etc information as shown in utility below. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 100 Record down the changes at point where transfer rate drop and the link quality and signal strength information on the diagram as you go alone. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 101 Step 8: Repeat step 1~6 of survey on site as necessary, upon completion you will have an diagram and information of site survey. As illustrated below. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 102: Configure 802.1X And Wpa
WAP applies IEEE 802.1x Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database. You can not use the P-660HN-T1A's local user database for WPA authentication purpose since the local user database uses MD5 EAP which can not to generate keys.
Page 103 Authentication can be done using local user database internal to the P-660HN-T1A (authenticate up to 32 users) or an external RADIUS server for an unlimited number of users. Step 1: To change your P-660HN-T1A's authentication settings, login Web Configurator, Advanced Setup, Network ->...
Page 104: Configuration For Your Pc
Step 2: Select the configuration tab, type in the SSID (Service Set Identifier), select the operating Mode as Infrastructure, and select proper channel. Step 3: Click Set Security to configure the security parameters: All contents copyright © 2010 ZyXEL Communications Corporation.
Page 106: The Wps/Wlan Button
The WPS/WLAN LED should change from on to off or vice versa. 2. Activate WPS (1) Make sure the POWER LED is on (not blinking). (2) Press the WPS WLAN ON/OFF button for 5 to 10 seconds and release it. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 107: Support Tool
Online Trace--display the trace real time on screen Offline Trace--capture the trace first and display later The details for capturing the trace in CLI as follows: First of all, you need to telnet to the P-660HN-T1A firstly. The password is Administrator passwords, „admin‟ by default. ...
Page 108 & sys trcl sw on  Display the brief trace online by entering: sys trcd brief  Display the detailed trace online by entering: sys trcd parse Example: All contents copyright © 2010 ZyXEL Communications Corporation.
Page 109: Offline Trace
Disable the trace log by entering: sys trcp sw off & sys trcl sw off  Display the trace briefly by entering: sys trcp brief  Display specific packets by using: sys trcp parse <from_index> <to_index> All contents copyright © 2010 ZyXEL Communications Corporation.
Page 110: Capture The Detailed Logs By Hyper Terminal
 Capture the detailed logs by Hyper Terminal Step 1: Initiate a hyper terminal connection from your PC(suppose you connected to the LAN port of P-660HN-T1A) Step 2: Click the „properties‟ to configure parameters to telnet to the P-660HN-T1A. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 112: Firmware/Configurations Uploading And Downloading Using Tftp
Step 5:To upload the firmware, please save the remote file as 'ras' to Prestige. After the transfer is complete, the Prestige will program the upgraded firmware into FLASH ROM and reboot itself. An example: All contents copyright © 2010 ZyXEL Communications Corporation.
Page 113 Step 3: Run the TFTP client software Step 4: To download the P-660HN-T1A configuration, please get the remote file 'rom-0' from the Prestige. Step 5: To upload the P-660HN-T1A configuration, please save the remote file as 'rom-0' in the Prestige. An example:...
Page 114: Using Tftp Command On Windows Nt
Step 2: Type the CI command 'sys stdio 0' to disable console idle timeout in Command Line Interface (CLI). Step 3: Download via LAN : c:\tftp -i [PrestigeIP] get ras [localfile] Step 4: Upload P-660HN-T1A configurations via LAN: c:\tftp -i [PrestigeIP] put [localfile] rom-0 Step 5: Download P-660HN-T1A configurations via LAN:...
Page 115: Using Ftp To Upload The Firmware And Configuration Files
Step 5 Use 'put' command to transfer the file to the Prestige. Example: Step 1: Connect to the Prestige by entering the Prestige's IP and Administrator password in the FTP software. Set the transfer type to 'Auto-Detect' or All contents copyright © 2010 ZyXEL Communications Corporation.
Page 116 Step 3: To upload the firmware file, we transfer the local 'ras' file to overwrite the remote 'ras' file. To upload the configuration file, we transfer the local 'rom-0' to overwrite the remote 'rom-0' file. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 117 P-660HN Series Support Notes Step 4: The Prestige reboots automatically after the uploading is finished. Please do not power off the router at this moment. All contents copyright © 2010 ZyXEL Communications Corporation.
Page 118: Ci Command Reference
The latest CI Command list is available in release note of every ZyXEL firmware release. Please goto ZyXEL public WEB site http://www.zyxel.com/support/download_index.php to download firmware package (*.zip), you should unzip the package to get the release note in PDF format. All contents copyright © 2010 ZyXEL Communications Corporation.

This manual is also suitable for:

P-660hn-t1h

ZyXEL Communications P-660HN-T1A Support Notes

Faq

System FAQ

What's Multilingual Embedded Web Configurator

How Do I Access the P-660HN-T1A Command Line Interface (CLI)

How Do I Update the Firmware and Configuration File

How Do I Upgrade/Backup the Firmware by Using TFTP Client

Program Via LAN

How Do I Restore P-660HN-T1A Configurations by Using TFTP Client

Program Via LAN

What Should I Do if I Forget the System Password

How to Use the Reset Button

What Is SUA? When Should I Use SUA

What Is the Difference between SUA and Full Feature NAT

Is It Possible to Access a Server Running Behind SUA from the Outside Internet? How Can I Do It

When Do I Need Select Full Feature NAT

What Ip/Port Mapping Does Multi-NAT Support

How Many Network Users Can the SUA/NAT Support

What Are Device Filters and Protocol Filters

How Can I Protect against IP Spoofing Attacks

Product FAQ

How Can I Manage P-660HN-T1A

What Is the Default Password for Web Configurator

What's the Difference between 'Common User Account' and 'Administrator Account

How Do I Know the P-660HN-T1A's WAN IP Address Assigned by the ISP

What Is the Micro Filter or Splitter Used for

The P-660HN-T1A Supports Bridge and Router Mode, What's the Difference between Them

How Do I Know I am Using Pppoe

Why Does My Provider Use Pppoe

What Is DDNS

When Do I Need DDNS Service

What Is DDNS Wildcard? Does the P-660HN-T1A Support DDNS Wildcard

What Is Traffic Shaping

Why Do We Perform Traffic Shaping in the P-660HN-T1A

What Do the Parameters (PCR, SCR, MBS) Mean

What Do the ATM Qos Types (CBR, UBR, VBR-Nrt, VBR-RT) Mean

What Is Content Filter

How Does ADSL Compare to Cable Modems

What Is the Expected Throughput

What Is the Microfilter Used for

How Do I Know the ADSL Line Is up

How Does the P-660HN-T1A Work on a Noisy ADSL

Adsl Faq

Does the VC-Based Multiplexing Perform Better than the LLC-Based Multiplexing

How Do I Know the Details of My ADSL Line Statistics

What Are the Signaling Pins of the ADSL Connector

What Is Triple Play

Firewall FAQ

General

Configuration

Log and Alert

Wireless FAQ

General FAQ

Advanced FAQ

Security FAQ

Application Notes

General Application Notes

Wireless Application Notes

Support Tool

LAN/WAN Packet Trace

Firmware/Configurations Uploading and Downloading Using TFTP

Using FTP to Upload the Firmware and Configuration Files

CI Command Reference

Command Syntax and General User Interface

Quick Links

Related Manuals for ZyXEL Communications P-660HN-T1A

Summary of Contents for ZyXEL Communications P-660HN-T1A

This manual is also suitable for:

Table of Contents