Wireless n vdsl2 combo wan small business security gateway (315 pages)
Summary of Contents for ZyXEL Communications ZyAIR B-4000
Page 1
ZyAIR B-4000 Hot Spot Gateway User's Guide Version 1.00 July 2003...
Page 2
Trademarks ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
Page 3
ZyAIR B-4000 Hot Spot Gateway Federal Communications Commission (FCC) Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations.
ZyAIR B-4000 Hot Spot Gateway ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and...
ZyAIR B-4000 Hot Spot Gateway Customer Support Please have the following information ready when you contact customer support. • Product model and serial number. • Warranty Information. • Date that you received your device. • Brief description of the problem and the steps you took to solve it.
ZyAIR B-4000 Hot Spot Gateway Table of Contents Copyright............................... ii Federal Communications Commission (FCC) Interference Statement ..........iii ZyXEL Limited Warranty.......................... iv Customer Support ............................v List of Figures ............................... x List of Tables ..............................xiii Preface ................................ xiv Getting Started...............................I Chapter 1 Getting to Know Your ZyAIR ....................1-1 Introducing the ZyAIR.........................1-1...
Page 7
ZyAIR B-4000 Hot Spot Gateway 4.6.1 PPP MTU ..........................4-3 4.6.2 TCP MSS ..........................4-3 PPTP ............................4-4 Configuring the WAN and LAN Settings ..................4-4 Server Configuration........................4-6 Subscriber Account Management ......................II Chapter 5 Authentication ..........................5-1 About the Built-in Authentication....................5-1 Authentication Settings ........................5-1 Chapter 6 Accounting..........................6-1 About Subscriber Accounts......................6-1...
Page 8
ZyAIR B-4000 Hot Spot Gateway 10.2.4 Fragmentation Threshold ....................10-5 10.2.5 Preamble Type ........................10-5 10.3 Wireless LAN Setup ........................10-5 10.3.1 Configuring WEP Keys .....................10-8 System Status, System Tools and Troubleshooting..................IV Chapter 11 System Status ........................11-1 11.1 About System Status........................11-1 11.2 View System Information ......................11-1 11.3...
Page 9
ZyAIR B-4000 Hot Spot Gateway Appendix E PPPoE ........................... E-1 Appendix F PPTP ............................. F-1 Appendix G IP Subnetting ........................G-1 Appendix H Subscriber Login ........................ H-1 Appendix I Cable Types and Cable Pin Assignments................I-1 Appendix J Index ............................J-1...
ZyAIR B-4000 Hot Spot Gateway List of Figures Figure 1-1 Application: Internet Access for LAN Networks...............1-5 Figure 1-2 Application: Internet Access in Public Areas................1-6 Figure 2-1 Entering ZyAIR IP Address in Internet Explorer...............2-1 Figure 2-2 Web Configurator: Login......................2-2 Figure 2-3 Web Configurator Navigation....................2-3 Figure 2-4 System Tools: System Account....................2-4...
Page 11
ZyAIR B-4000 Hot Spot Gateway Figure 11-2 Account Log ...........................11-5 Figure 11-3 Current User List ........................11-6 Figure 11-4 DHCP Clients .........................11-7 Figure 11-5 Session List ..........................11-8 Figure 12-1 Firmware Upgrade........................12-1 Figure 12-2 System Restart........................12-2 Figure 12-3 Scheduled Firmware Upgrade ....................12-3 Figure 12-4 Synchronization Check File Example ..................12-4...
ZyAIR B-4000 Hot Spot Gateway Preface Congratulations on your purchase of the ZyXEL ZyAIR B-4000 Hot Spot Gateway. The ZyAIR Hot Spot Gateway combines an 802.11b wireless access point, router, 4-port switch and service gateway in one box. An “exclusive printer” connects directly to the ZyAIR, allowing you to easily print subscriber statements.
Page 15
ZyAIR B-4000 Hot Spot Gateway • The ZyXEL ZyAIR B-4000 Hot Spot Gateway may be referred to as the “ZyAIR” in this manual. • The ZyXEL ZyAIR SP-100 Statement Printer may be referred to as the “statement printer” or the “exclusive printer”...
ZyAIR B-4000 Hot Spot Gateway Chapter 1 Getting to Know Your ZyAIR This chapter introduces the features and applications of the ZyAIR. Introducing the ZyAIR The ZyAIR Hot Spot Gateway combines an 802.11b wireless access point, router, 4-port switch and service gateway in one box.
ZyAIR B-4000 Hot Spot Gateway With Secure Socket Layer (SSL) activated upon login, data exchanged between the ZyAIR and client computers are encrypted and protected. PPTP Support Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables secure transfer of data from a remote client to a private server, creating a Virtual Private Network (VPN) using a TCP/IP-based network.
ZyAIR B-4000 Hot Spot Gateway Local Content and Advertising Links Once connected to the network, the ZyAIR directs the subscriber to a specified web site and display advertisement links. This can be a source of extra online advertising revenues and increased business exposure.
ZyAIR B-4000 Hot Spot Gateway The ZyAIR may be prone to RF (Radio Frequency) interference from other 2.4 GHz devices such as microwave ovens, wireless phones, Bluetooth enabled devices, and other wireless LANs. Antennas The ZyAIR is equipped with two reverse SMA connectors and two detachable omni-directional 2dBi antennas to provide a clear radio signal between the wireless stations and the access points.
ZyAIR B-4000 Hot Spot Gateway Applications The following sections describe network application examples in which the ZyAIR is used. 1.3.1 Internet Access for LAN Networks With a broadband service account set up, the ZyAIR allows the attached computers to enjoy high speed Internet access.
ZyAIR B-4000 Hot Spot Gateway Chapter 2 The Web Configurator This chapter introduces how to access the web configurator to perform general system configuration. Introducing the Web Configurator The web configurator is best viewed with Internet Explorer (version 4.0 or above) or Netscape Navigator (version 6.0 or above).
ZyAIR B-4000 Hot Spot Gateway The user name and password are case sensitive. Figure 2-2 Web Configurator: Login Step 4. You should see the first screen of the Wizard Setup. Refer to the Quick Installation Guide for more information on configuring the Wizard Setup screens.
ZyAIR B-4000 Hot Spot Gateway 2.4.2 Sub-menu Panels The sub-menu panel on the left of each web configurator screen provides a consistent way to access the configuration screens in a navigation tab. Click a link to open the corresponding screen.
ZyAIR B-4000 Hot Spot Gateway Use the super subscriber account to test the Internet connection between the ZyAIR and the ISP. The ZyAIR does not impose time limitations or charges on this account. Thus, anyone who logs in with this account is able to gain Internet access for free.
ZyAIR B-4000 Hot Spot Gateway The account user names and passwords are case sensitive. Table 2-1 System Tools: System Account LABEL DESCRIPTION Administrator Account Enter the user name for the administrative account. The default is admin. Username Password Enter a new administrative account password.
ZyAIR B-4000 Hot Spot Gateway 2.6.1 The Reset Button The reset button is located on the left side panel. Use a pointed object to press this button in once to reset the ZyAIR back to the factory defaults. All of your custom configuration including the local subscriber database will be erased.
ZyAIR B-4000 Hot Spot Gateway Table 2-2 Default Settings LABEL DESCRIPTION Clear all Select this option to reset system configuration back to the factory defaults and erase configuration all custom configuration (including as subscriber account information). Keep subscriber Select this option to reset the system configuration back to the factory default but profile retain subscriber account information.
ZyAIR B-4000 Hot Spot Gateway Chapter 3 General System Setup This chapter describes how to configure the System and LAN/WAN advanced setup screens. General System Settings Click the ADVANCED SETUP tab and then System to open this screen. The Domain Name entry is what is propagated to the DHCP clients on the LAN. If you leave this blank, the domain name obtained by a DHCP server is used.
ZyAIR B-4000 Hot Spot Gateway Table 3-1 System LABEL DESCRIPTION System Name Enter a descriptive name (up to 40 characters) for identification purposes. Domain Name Enter the domain name (if you know it) here. If you leave this field blank, the ZyAIR may obtain a domain name from a DHCP server.
ZyAIR B-4000 Hot Spot Gateway Chapter 4 WAN, LAN and Server Setup This chapter shows you how to configure LAN and WAN ports and server settings. Factory Ethernet Defaults The Ethernet parameters of the ZyAIR are preset to the following values: •...
ZyAIR B-4000 Hot Spot Gateway 4.4.1 IP Address and Subnet Mask Like houses on a street that share a common street name, the computers on a LAN share one common network number. Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
ZyAIR B-4000 Hot Spot Gateway DNS server addresses that you enter in the DHCP setup are passed to the client machines along with the assigned IP address and subnet mask. There are two ways that an ISP disseminates the DNS server addresses. The first is for an ISP to tell a customer the DNS server addresses, usually in the form of an information sheet, when s/he signs up.
ZyAIR B-4000 Hot Spot Gateway The maximum segment size (MSS) is the largest amount of data, specified in bytes, that a computer or communications device can handle in a single, unfragmented piece. For optimum communications, the number of bytes in the data segment and the header must add up to less than the number of bytes in the maximum transmission unit (MTU).
ZyAIR B-4000 Hot Spot Gateway Table 4-1 WAN/LAN LABEL DESCRIPTION IP Address Enter the LAN IP address of the ZyAIR in dotted decimal notation. The default is 192.168.1.1. Subnet Mask Enter the LAN subnet mask in dotted decimal notation. The default is 255.255.255.0.
ZyAIR B-4000 Hot Spot Gateway Table 4-1 WAN/LAN LABEL DESCRIPTION Keep Alive Select this option when you want the Internet connection up all the time and specify a redial period in the Redial Period field. When disconnected, the ZyAIR will attempt to bring up the connection after the redial period.
ZyAIR B-4000 Hot Spot Gateway Figure 4-2 Server The following table describes the fields in this screen. Table 4-2 Server LABEL DESCRIPTION Web Server Web Server Port Specify the port number of the embedded web server on the ZyAIR for accessing the web configurator.
Page 42
ZyAIR B-4000 Hot Spot Gateway Table 4-2 Server LABEL DESCRIPTION SSL Security Secure Socket Layer (SSL) security allows you to create a secure connection between the ZyAIR and the client computer(s). Refer to the SSL (Secure Socket Layer) Security chapter for more information.
ZyAIR B-4000 Hot Spot Gateway Chapter 5 Authentication This chapter shows you how to set up subscriber authentication on the ZyAIR. About the Built-in Authentication You can use the built-in subscriber database to manage the subscribers. The ZyAIR also provides a simple, built-in billing mechanism to set up accounting information without using an accounting software or an accounting server (such as RADIUS).
Page 46
ZyAIR B-4000 Hot Spot Gateway Table 5-1 System Settings: Authentication LABEL DESCRIPTION SSL Login Page Select Enable to activate SSL security upon accessing the login screen so that user Security names and passwords are encrypted before being transmitted to the ZyAIR.
ZyAIR B-4000 Hot Spot Gateway Chapter 6 Accounting This chapter shows you how to set up and manage subscriber accounts. About Subscriber Accounts Once the time allocated to a dynamic account is used up or a dynamic account remains un-used after the expiration time, the account is deleted from the account list.
ZyAIR B-4000 Hot Spot Gateway The following table describes the labels in this screen. Table 6-1 Accounting LABEL DESCRIPTION Preview/Operate Click Preview/Operate to open the Account Generator Panel (see Figure 6-3). This read-only field displays the button index number (Button 1..4). The button numbers correspond to the buttons displayed in the Account Generator Panel (see Figure 6-3).
Page 50
ZyAIR B-4000 Hot Spot Gateway Table 6-1 Accounting LABEL DESCRIPTION Username Enter the label name for the field that displays the account username. Password Enter the label name for the field that displays the account password. Usage Time Type a label name for the maximum time allowed for a subscriber to access the Internet via the ZyAIR.
ZyAIR B-4000 Hot Spot Gateway Figure 6-2 Printout Label Preview Example Creating Accounts There are two ways to create subscriber accounts: using the Account Generator Panel screen in the web configurator or using the exclusive printer. 6.3.1 Creating Accounts in the Web Configurator To create subscriber accounts, click Preview/Operate in the Accounting screen to display the Account Generator Panel screen shown next.
ZyAIR B-4000 Hot Spot Gateway The settings for the first button apply to the button on the exclusive printer. Click a button to generate an account based on the settings you configure for the button in the Accounting screen. A window displays showing a printout preview of the account generated.
ZyAIR B-4000 Hot Spot Gateway The settings of the button on the statement printer correspond to the first button in the Account Operator Panel screen. Refer to Figure 6-3. Refer to section 6.2 to configure the printout page. Viewing the Account List Do one of the following to view the account list.
Page 54
ZyAIR B-4000 Hot Spot Gateway Table 6-2 Account List LABEL DESCRIPTION This field displays the index number of an entry. The maximum number of subscriber account entries is 512. Status This field displays IN-Used when the account is currently in use. Otherwise it displays UN- Used.
ZyAIR B-4000 Hot Spot Gateway Chapter 7 Subscriber Login Screen This chapter shows you how to customize the subscriber login screen when subscriber control is activated. About the Subscriber Login Screen When subscriber authentication is activated in the Authentication screen, the subscriber login screen is the first screen that all subscribers see when trying to access the Internet.
ZyAIR B-4000 Hot Spot Gateway Figure 7-1 Login Page 7.2.1 Standard Subscriber Login Screen The standard subscriber login screen is the ZyAIR’s pre-configured, default simple login screen. In Login Screen, select Standard. The following figure shows an example of what a subscriber sees when logging...
ZyAIR B-4000 Hot Spot Gateway 7.2.2 Redirect Subscriber Login Screen You can set the ZyAIR to redirect the subscribers to another login screen. In the Login Screen Configuration screen, select Redirect. Figure 7-3 Subscriber Login Screen: Redirect The following table describes the related labels.
ZyAIR B-4000 Hot Spot Gateway Figure 7-4 Subscriber Login Screen: Redirect Code 7.2.3 Advanced Subscriber Login Screen Use the Advanced login screen option to customize a login screen where you can create a welcome slogan and add advertising information. Subscriber Login Screen...
ZyAIR B-4000 Hot Spot Gateway Figure 7-5 Subscriber Login Screen: Advanced The following table describes the related labels. Table 7-2 Subscriber Login Screen: Advanced LABEL DESCRIPTION Advanced Select this option to set the ZyAIR to display the advanced subscriber login screen.
ZyAIR B-4000 Hot Spot Gateway Table 7-2 Subscriber Login Screen: Advanced LABEL DESCRIPTION Comments Enter any comments (up to 80 characters long) in the text box provided. The web-friendly color sets are displayed in the figure shown. Figure 7-6 Subscriber Login Screen: Color Grid The following figure shows an advanced subscriber login screen example.
ZyAIR B-4000 Hot Spot Gateway Welcome Slogan Article Information Comment Figure 7-7 Subscriber Login Screen Example: Advanced 7.2.4 Framed Subscriber Login Screen The Frame login screen splits the login screen into two frames: top and bottom. You can specify a web site to be displayed in the top frame with the user name and password prompt displayed in the bottom frame.
ZyAIR B-4000 Hot Spot Gateway Table 7-3 Subscriber Login Screen: Frame LABEL DESCRIPTION Frame Select this option to configure and set the ZyAIR to display the subscriber login screen in two frames. TOP Frame Enter a web site address in the URL Link field, for example, http://www.zyxel.com.
ZyAIR B-4000 Hot Spot Gateway Chapter 8 Advertisement Links and Walled Garden This chapter shows you how to set advertisement links and create walled garden web sites. Advertisement Links and Walled Garden Overview When you enable subscriber authentication in the Authentication screen, you can set the ZyAIR to display advertisement links or activate the walled garden feature for generating on-line advertising revenues.
ZyAIR B-4000 Spot Gateway The following table describes the labels in this screen. Table 8-1 Advertisement LABEL DESCRIPTION Frequency Select One Time Only to display an advertisement web site in an active browser window once after a subscriber logs in successfully.
ZyAIR B-4000 Hot Spot Gateway Figure 8-2 Walled Garden The following table describes the labels in this screen. Advertisement Links and Walled Garden...
ZyAIR B-4000 Spot Gateway Table 8-2 Walled Garden LABEL DESCRIPTION Link 1 … 10 In the Name field, enter a descriptive name (up to 80 characters) for the walled garden link to be displayed in the web browser. In the URL field, enter the web site address (up to 200 characters) of the web site.
ZyAIR B-4000 Hot Spot Gateway Chapter 9 Syslog This chapter shows you how to configure syslog on the ZyAIR. Syslog Configuration Use the Syslog Configuration screen to configure to where the ZyAIR is to send logs; which logs the ZyAIR is to send and the schedule for when the ZyAIR is to send the logs.
ZyAIR B-4000 Hot Spot Gateway The following table describes the labels in this screen. Table 9-1 Syslog Configuration LABEL DESCRIPTION Syslog Select Enable to activate the syslog function. Select Disable to de-activate the syslog function. Syslog Server Syslog on LAN Select this check box to specify a syslog server on the LAN.
ZyAIR B-4000 Hot Spot Gateway Chapter 10 Wireless LAN This chapter shows you how to configure wireless LAN settings on the ZyAIR and set up WEP encryption keys. 10.1 Wireless LAN Overview This section introduces the wireless LAN (WLAN) and some basic scenarios.
ZyAIR B-4000 Spot Gateway Figure 10-2 Basic Service set 10.1.3 ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS).
ZyAIR B-4000 Hot Spot Gateway 10.2 Wireless LAN Basics This section provides background information on Wireless LAN features. 10.2.1 Channel The range of radio frequencies used by IEEE 802.11b wireless devices is called a “channel”. Channels available depend on your geographical area. You may have a choice of channels (for your region) so you should use a different channel than an adjacent AP (access point) to reduce interference.
ZyAIR B-4000 Spot Gateway Figure 10-4 RTS/CTS When station A sends data to the ZyAIR, it might not know that station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
ZyAIR B-4000 Hot Spot Gateway Enabling the RTS Threshold causes redundant network overhead that could negatively affect the throughput performance instead of providing a remedy. 10.2.4 Fragmentation Threshold A Fragmentation Threshold is the maximum data fragment size (between 256 and 2432 bytes) that can be sent in the wireless network before the ZyAIR will fragment the packet into smaller data frames.
ZyAIR B-4000 Spot Gateway Figure 10-5 Wireless The following table describes the general wireless LAN fields in this screen. Table 10-1 Wireless LABEL DESCRIPTION ESSID (Extended Service Set IDentity) The ESSID identifies the Service Set with which a wireless station is associated. Wireless stations associating to the access point (AP) must have the same ESSID.
Page 79
ZyAIR B-4000 Hot Spot Gateway Table 10-1 Wireless LABEL DESCRIPTION Select Disable to allow all wireless computers to communicate with the access points Encryption without any data encryption. Select Mandatory to enable WEP data encryption. Then click WEP Key Setup to open a screen where you can configure the WEP keys on the ZyAIR.
ZyAIR B-4000 Spot Gateway Table 10-1 Wireless LABEL DESCRIPTION Authentication Select Open System to allow any device to authenticate and then attempt to Method communicate with the ZyAIR. Using open authentication, any wireless device can authenticate with the ZyAIR, but the device can only communicate if its WEP keys match the ZyAIR.
ZyAIR B-4000 Hot Spot Gateway Figure 10-6 WEP Key Setup The following table describes the labels in this screen. Table 10-2 WEP Key Setup LABEL DESCRIPTION WEP Encryption Select 64 bit, 128 bit or 256 bit for the WEP key length.
Page 82
ZyAIR B-4000 Spot Gateway Table 10-2 WEP Key Setup LABEL DESCRIPTION 1 … 4 Enter the WEP keys in the fields provided and select a key as the default key to use. If you select 64 bit in the WEP Encryption field.
System Status, System Tools and Troubleshooting Part IV: System Status, System Tools and Troubleshooting This part covers the sub-menus in SYSTEM STATUS and SYSTEM TOOLS and troubleshooting.
ZyAIR B-4000 Hot Spot Gateway Chapter 11 System Status This chapter describes the screens under System Status. 11.1 About System Status The screens in SYSTEM STATUS show the current state of the ZyAIR. 11.2 View System Information Click SYSTEM STATUS and System to display the screen as shown next.
ZyAIR B-4000 Hot Spot Gateway Figure 11-1 System 11-2 System Status...
Page 87
ZyAIR B-4000 Hot Spot Gateway The following table describes the labels in this screen. Table 11-1 System LABEL DESCRIPTION System Status System Name This field displays the description name of the ZyAIR for identification purposes. Bootrom Version This field displays the version of the bootbase in the ZyAIR.
ZyAIR B-4000 Hot Spot Gateway Table 11-1 System LABEL DESCRIPTION Lease Time This field displays the time period (in minutes between 1 and 71582788) during which a DHCP client is allowed to use an assigned IP address. When the lease time expires, the DHCP client is given a new, unused IP address.
ZyAIR B-4000 Hot Spot Gateway Figure 11-2 Account Log The following table describes the labels in this screen. Table 2 Account Log FIELD DESCRIPTION Clear Log Click Clear Log to remove all of the log entries from the ZyAIR’s memory and this screen.
ZyAIR B-4000 Hot Spot Gateway Table 2 Account Log FIELD DESCRIPTION Login Time This field displays when the subscriber logged in to use the account (in yyyy/mm/dd HH/mm/ss format). Click the heading to sort the entries in ascending or descending order based on this column.
ZyAIR B-4000 Hot Spot Gateway Table 11-3 Current User List LABEL DESCRIPTION This field displays the index number of the entry. Username This field displays the user name of an account. IP Address This field displays the IP address of a subscriber’s computer.
ZyAIR B-4000 Hot Spot Gateway 11.7 Session List To display a list of incoming and outgoing packet information, click SYSTEM STATUS and Session List. Figure 11-5 Session List The following table describes the fields in this screen. Table 11-5 Session List...
Page 93
ZyAIR B-4000 Hot Spot Gateway Table 11-5 Session List LABEL DESCRIPTION Remote This field displays the port number of a remote device the client computer accesses. Port Idle This field displays how many seconds are left before the session times out if there is no more traffic.
ZyAIR B-4000 Hot Spot Gateway Chapter 12 Configuration, Firmware and Accounting Log Maintenance This chapter shows you how to upgrade the firmware and configuration file and back up configuration files and accounting logs. 12.1 Filename Conventions The configuration file contains the factory default settings in the menus such as password, DHCP Setup, TCP/IP Setup, etc.
ZyAIR B-4000 Hot Spot Gateway Step 2. Specify the name of the firmware file in the File Path field or click Browse to locate the file and click Apply to start the file transfer process. The firmware must be a binary file and should have a .bin extension.
ZyAIR B-4000 Hot Spot Gateway Figure 12-3 Scheduled Firmware Upgrade When the ZyAIRs restart, all connections terminate. Subscribers need to log in again. Table 12-1 Scheduled Firmware Upgrade LABEL DESCRIPTION Disable Select Disable or Enable to turn the scheduled firmware upgrade function on or off Enable (disabled by default).
ZyAIR B-4000 Hot Spot Gateway Table 12-1 Scheduled Firmware Upgrade LABEL DESCRIPTION Frequency Set how often (Weekly, Daily or Hourly) you want to have the ZyAIR check for new firmware and upgrade to new firmware if available (default Weekly). Then select the day (applies only when you select Weekly), the hour (applies when you select Daily or Hourly) and the minute that you want the ZyAIR to do the check and upload.
ZyAIR B-4000 Hot Spot Gateway Figure 12-5 Backup/Restore Step 2. Click Save current configuration to your computer. A File Download window displays (an example is shown next). Figure 12-6 Configuration Backup: File Download Example Step 3. Select the option to save the file to your computer and click OK. A Save As window displays.
ZyAIR B-4000 Hot Spot Gateway Figure 12-7 Configuration Backup: Save As Step 4. Specify the file name and/or location and click Save to start the backup process. 12.3.2 Restore Configuration This section shows you how to restore a previously saved configuration.
ZyAIR B-4000 Hot Spot Gateway 12.3.3 Backup Accounting Logs Follow the steps below to back up accounting logs to a computer. Step 1. In the web configurator, click SYSTEM TOOLS and Backup Accounting Logs to displays a screen as shown next.
ZyAIR B-4000 Hot Spot Gateway Figure 12-11 Backup Accounting Logs: Save As Step 4. Specify the file name and/or location and click Save to start the backup process. To view the accounting logs, open the log file using any text editor. The following figure shows an example.
ZyAIR B-4000 Hot Spot Gateway Chapter 13 SSL (Secure Socket Layer) Security This chapter shows you how to setup and enable Secure Socket Layer (SSL) security on the ZyAIR. 13.1 About SSL SSL (Secure Socket Layer) security is a standard Internet protocol for secure communications that uses a combination of certificate-based authentication and public-key encryption.
ZyAIR B-4000 Hot Spot Gateway Step 2. Click Apply to save the changes and restart the ZyAIR when prompted. See section 13.3 for details on how to install the SSL security certificate in order to access the web configurator through a secure connection.
ZyAIR B-4000 Hot Spot Gateway Figure 13-5 Install the SSL Security Certificate: Certificate Import Wizard Step 5. Accept the default or specify the location to store the certificate. Click Next. Figure 13-6 Certificate Import Wizard: Location Step 6. Click Finish to import the certificate.
ZyAIR B-4000 Hot Spot Gateway Figure 13-7 Certificate Import Wizard: Finish Step 7. A Root Certificate Store window displays as shown. Click Yes to store the certificate to the computer. Figure 13-8 Root Certificate Store Step 8. When the certificate is saved successfully, a Certificate Import Wizard window displays.
ZyAIR B-4000 Hot Spot Gateway Figure 13-9 Certificate Import Wizard Step 9. A Certificate window displays the detail information. Figure 13-10 Certificate: Details Step 10. Click OK in the Certificate window to return to the Security Alert window as shown. Notice that the first item in the list changed to inform you that the certificate is from a trusted host.
ZyAIR B-4000 Hot Spot Gateway Figure 13-11 Security Alert: Trusted 13.4 Activating SSL Security for Subscriber Logins Follow the steps below to activate the SSL security for subscriber login connections to the ZyAIR. Step 1. Click the ADVANCED SETUP tab, Authentication and select Enable in the SSL Login Page...
ZyAIR B-4000 Hot Spot Gateway You must save the certificate and private key files from the CA on a computer that is connected to the ZyAIR. Figure 13-13 SSL Certificate Download The following table describes the labels in this screen.
ZyAIR B-4000 Hot Spot Gateway Chapter 14 Troubleshooting This chapter covers potential problems and possible remedies. After each problem description, some instructions are provided to help you to diagnose and to solve the problem. 14.1 Using LEDs to Diagnose Problems The LEDs are useful aides for finding possible problem causes.
ZyAIR B-4000 Hot Spot Gateway Table 14-3 Troubleshooting WAN LEDs STEPS CORRECTIVE ACTION Make sure you connect your cable or DSL modem or router to this port using the Ethernet cable that came with your cable or DSL modem or router.
ZyAIR B-4000 Hot Spot Gateway The web configurator does not display properly. Table 14-5 Troubleshooting the Internet Browser Display STEPS CORRECTIVE ACTION Make sure you are using either Internet Explorer (version 4.0 or above) or Netscape Navigator (6.0 or above).
ZyAIR B-4000 Hot Spot Gateway Table 14-7 Troubleshooting the Statement Printer STEPS CORRECTIVE ACTION Make sure the statement printer is connected to a power source and is turned on. Check that the statement printer is connected to the port labeled DEVICE PORT.
Additional Information Part V: ADDITIONAL INFORMATION This part provides contains background information on setting up your computer’s IP address, IP address assignment conflicts, wireless LAN, PPPoE, PPTP, IP subnetting, subscriber login, and cable types and cable pin assignments. It also provides an index of key terms.
ZyAIR B-4000 Hot Spot Gateway Appendix A Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your computer.
Page 118
ZyAIR B-4000 Hot Spot Gateway In the Network window, click Add. Select Adapter and then click Add. Select the manufacturer and model of your network adapter and then click OK. If you need TCP/IP: In the Network window, click Add.
Page 119
ZyAIR B-4000 Hot Spot Gateway Click the IP Address tab. -If your IP address is dynamic, select Obtain an IP address automatically. -If you have a static IP address, select Specify an IP address and type your information into the IP Address and Subnet Mask fields.
Page 120
ZyAIR B-4000 Hot Spot Gateway Click the Gateway tab. -If you do not know your gateway’s IP address, remove previously installed gateways. -If you have a gateway IP address, type it in the New gateway field and click Add. Click OK to save and close the TCP/IP Properties window.
Page 121
ZyAIR B-4000 Hot Spot Gateway For Windows XP, click start, Control Panel. In Windows 2000/NT, click Start, Settings, Control Panel. For Windows XP, click Network Right-click Local Area Connection and Connections. For Windows 2000/NT, click then click Properties. Network and Dial-up Connections.
Page 122
ZyAIR B-4000 Hot Spot Gateway Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties. The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). -If you have a dynamic IP address click Obtain an IP address automatically.
Page 123
ZyAIR B-4000 Hot Spot Gateway -If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: -In the IP Settings tab, in IP addresses, click Add.
Page 124
ZyAIR B-4000 Hot Spot Gateway In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): -Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). -If you know your DNS server IP address(es),...
Page 125
ZyAIR B-4000 Hot Spot Gateway Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel. Select Ethernet built-in from the Connect via list. For dynamically assigned settings, select Using DHCP Server from the Configure: list.
ZyAIR B-4000 Hot Spot Gateway For statically assigned settings, do the following: -From the Configure box, select Manually. -Type your IP address in the IP Address box. -Type your subnet mask in the Subnet mask box. -Type the IP address of your ZyAIR in the Router address box.
Page 127
ZyAIR B-4000 Hot Spot Gateway Click Network in the icon bar. - Select Automatic from the Location list. - Select Built-in Ethernet from the Show list. - Click the TCP/IP tab. For dynamically assigned settings, select Using DHCP from the Configure list.
ZyAIR B-4000 Hot Spot Gateway Appendix B IP Address Assignment Conflicts This appendix describes situations where IP address conflicts may occur. Subscribers with duplicate IP addresses will not be able to access the Internet. Case A: The ZyAIR is using the same LAN and WAN IP addresses The following figure shows an example where the ZyAIR is using a WAN IP address that is the same as the IP address of a computer on the LAN.
Page 130
ZyAIR B-4000 Hot Spot Gateway Case C: The Subscriber IP address is the same as the IP address of a network device The following figure depicts an example where the subscriber IP address is the same as the IP address of a network device not attached to the ZyAIR.
Page 131
ZyAIR B-4000 Hot Spot Gateway Diagram B-4 IP Address Conflicts: Case D This problem can be solved by adding a VLAN-enabled switch or set the computers to obtain IP addresses dynamically. Setting Up Your Computer’s IP Address...
ZyAIR B-4000 Hot Spot Gateway Appendix C Wireless LAN and IEEE 802.11 A wireless LAN (WLAN) provides a flexible data communications system that you can use to access various services (navigating the Internet, email, printer services, etc.) without the use of a cabled connection.
Page 134
ZyAIR B-4000 Hot Spot Gateway Spread Spectrum (DSSS) and Frequency-Hopping Spread Spectrum (FHSS), in the 2.4 to 2.4825 GHz unlicensed ISM (Industrial, Scientific and Medical) band. The third method is infrared technology, using very high frequencies, just below visible light in the electromagnetic spectrum to carry data.
ZyAIR B-4000 Hot Spot Gateway Infrastructure Wireless LAN Configuration For infrastructure WLANs, multiple access points (APs) link the WLAN to the wired network and allow users to efficiently share network resources. The access points not only provide communication with the wired network but also mediate wireless network traffic in the immediate neighborhood.
Page 136
ZyAIR B-4000 Hot Spot Gateway Diagram C-2 ESS Provides Campus-Wide Coverage Wireless LAN and IEEE 802.11...
ZyAIR B-4000 Hot Spot Gateway Appendix D Antenna Selection and Positioning Recommendation An antenna couples RF signals onto air. A transmitter within a wireless device sends an RF signal to the antenna, which propagates the signal through the air. The antenna also operates in reverse by capturing RF signals from the air.
ZyAIR B-4000 Hot Spot Gateway • Directional antennas concentrate the RF signal in a beam, like a flashlight. The angle of the beam width determines the direction of the coverage pattern; typically ranges from 20 degrees (less directional) to 90 degrees (very directional). The directional antennas are ideal for hallways and outdoor point-to-point applications.
ZyAIR B-4000 Hot Spot Gateway Appendix E PPPoE PPPoE in Action An ADSL modem bridges a PPP session over Ethernet (PPP over Ethernet, RFC 2516) from your PC to an ATM PVC (Permanent Virtual Circuit), which connects to a DSL Access Concentrator where the PPP session terminates (see the next figure).
ZyAIR B-4000 Hot Spot Gateway How PPPoE Works The PPPoE driver makes the Ethernet appear as a serial link to the PC and the PC runs PPP over it, while the modem bridges the Ethernet frames to the Access Concentrator (AC). Between the AC and an ISP, the AC is acting as a L2TP (Layer 2 Tunneling Protocol) LAC (L2TP Access Concentrator) and tunnels the PPP frames to the ISP.
ZyAIR B-4000 Hot Spot Gateway Appendix F PPTP What is PPTP? PPTP (Point-to-Point Tunneling Protocol) is a Microsoft proprietary protocol (RFC 2637 for PPTP is informational only) to tunnel PPP frames. How can we transport PPP frames from a PC to a broadband modem over...
Page 142
ZyAIR B-4000 Hot Spot Gateway PPTP Protocol Overview PPTP is very similar to L2TP, since L2TP is based on both PPTP and L2F (Cisco’s Layer 2 Forwarding). Conceptually, there are three parties in PPTP, namely the PNS (PPTP Network Server), the PAC (PPTP Access Concentrator) and the PPTP user.
Page 143
ZyAIR B-4000 Hot Spot Gateway Diagram F-3 Example Message Exchange between PC and an ANT PPP Data Connection The PPP frames are tunneled between the PNS and PAC over GRE (General Routing Encapsulation, RFC 1701, 1702). The individual calls within a tunnel are distinguished using the Call ID field in the GRE header.
Page 145
ZyAIR B-4000 Hot Spot Gateway Appendix G IP Subnetting IP Addressing Routers “route” based on the network number. The router that delivers the data packet to the correct destination host uses the host ID. IP Classes An IP address is made up of four octets (eight bits), written in dotted decimal notation, for example, 192.168.1.1.
ZyAIR B-4000 Hot Spot Gateway A class “A” address (24 host bits) can have 2 –2 hosts (approximately 16 million hosts). Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a value of 0 to 127.
Page 147
ZyAIR B-4000 Hot Spot Gateway sequence of ones beginning from the left most bit of the mask, followed by a continuous sequence of zeros, for a total number of 32 bits. Since the mask is always a continuous number of ones beginning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet.
Page 148
ZyAIR B-4000 Hot Spot Gateway Divide the network 192.168.1.0 into two separate subnets by converting one of the host ID bits of the IP address to a network number bit. The “borrowed” host ID bit can be either “0” or “1” thus giving two subnets;...
Page 149
ZyAIR B-4000 Hot Spot Gateway to an actual host for the first subnet is 192.168.1.1 and the highest is 192.168.1.126. Similarly the host ID range for the second subnet is 192.168.1.129 to 192.168.1.254. Example: Four Subnets The above example illustrated using a 25-bit subnet mask to divide a class “C” address space into two subnets.
ZyAIR B-4000 Hot Spot Gateway The following table is a summary for class “C” subnet planning. Chart G-12 Class C Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 255.255.255.128 (/25) 255.255.255.192 (/26) 255.255.255.224 (/27) 255.255.255.240 (/28)
ZyAIR B-4000 Hot Spot Gateway Appendix H Subscriber Login To log in as a subscriber, enter a web site address such as www.zyxel.com in a web browser. If user authentication is activated, the login screen displays prompting you to enter the user name and password.
ZyAIR B-4000 Hot Spot Gateway Appendix I Cable Types and Cable Pin Assignments RJ-45 Ethernet Port The following table describes the types of network cable used for the different connection speeds. Make sure the Ethernet cable length between connections does not exceed 100 meters (328 feet).
Page 156
ZyAIR B-4000 Hot Spot Gateway Make sure that the Ethernet cable connection between the ZyAIR and the hub or router conforms to the following pin assignments. Chart I-3 WAN Port Cable Pin Assignments ETHERNET DEVICE ZYAIR (SWITCH/HUB/ROUTER ETC.) The LAN Port The following table describes the Ethernet cable pin assignments for the LAN port.
Page 157
ZyAIR B-4000 Hot Spot Gateway Chart I-5 LAN Port Cable Pin Assignments ETHERNET DEVICE ZYAIR (COMPUTER/ UPLINK PORT) The DEVICE Port The following table describes the printer cable pin assignments that the ZyAIR’s device port uses with the exclusive printer.
Page 158
ZyAIR Wireless Gateway Series User’s Guide...
ZyAIR B-4000 Hot Spot Gateway Appendix J Index Computer’s IP Address ........A-1 Account Manager Account ......2-3 Configuration and Firmware Files Ad-hoc Configuration ........C-2 Filename Convention ........12-1 Administrator Account........2-3 Configuration File Advertisement Links ........8-1 Backup ............12-4 Alternative Subnet Mask Notation....G-3 Restore ............12-6...
Page 160
ZyAIR Wireless Gateway Series User’s Guide IEEE 802.1Q Tagged VLAN ......1-1 Encapsulation Independent Basic Service Set....C-2, 10-1 PPP over Ethernet ........E-1 Infrastructure Configuration ......C-3 ESS ..See Extended Service Set. See Extended Internet Access..........1-2 Service Set Internet Assigned Numbers Authority .See IANA Ethernet............
Page 161
ZyAIR B-4000 Hot Spot Gateway Private IP Addresses ........4-2 Web configurator ........14-2 Type of system login accounts Quick Installation Guide ......... xiv account manager..........2-3 administrator ..........2-3 Related Documentation........xiv Types of Login Accounts ........2-3 Restarting the ZyAIR ........2-7 Reverse SMA connectors........1-4 Using LEDs To Diagnose Problems .....14-1...