1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Gateway
  5. SBG Series
  6. Support notes

ZyXEL Communications SBG Series Support Notes

Wireless n fiber wan small business gateway
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
SBG Series
Wireless N Fiber WAN Small Business Gateway
(Green Product)
Version 1.00
Edition 1, 04/2014
Support Notes
Copyright © 2014 ZyXEL Communications Corporation

Advertisement

Table of Contents
loading

Related Manuals for ZyXEL Communications SBG Series

Summary of Contents for ZyXEL Communications SBG Series

  • Page 1 SBG Series Wireless N Fiber WAN Small Business Gateway (Green Product) Version 1.00 Edition 1, 04/2014 Support Notes Copyright © 2014 ZyXEL Communications Corporation...

  • Page 2: Table Of Contents

    Table of Contents Chapter 1 ..............................3 Introduction ............................3 Feature/Function Introduction ...................... 3 Application Scenario Introduction ....................3 Chapter 2 ..............................4 Multi-WAN connectivity with load balancing and fail over ..........4 Increased bandwidth and reach ....................4 Robust security designs ........................4 Secure business access via VPN ....................

  • Page 3: Chapter 1

    ZyXEL – SBG Support Notes Chapter 1 Introduction The ZyXEL SBG (Small Business Gateway) Series is the ―Multi-WAN Gateway‖ which provides high speed internet access for business users. It features not only VDSL2/ADSL2+ functionality, but also one GbE WAN with SFP interface (SBG3500-N Series only).

  • Page 4: Chapter 2

    Chapter 2 Multi-WAN connectivity with load balancing and fail-over The ZyXEL SBG Series provides multiple WAN interfaces including DSL, Gigabit Ethernet and 3G WAN backup to establish load balancing or backup WAN connectivity. Service providers can flexibly offer WAN services of the highest availability in one single box for small business owners to enjoy.

  • Page 5: Secure Business Access Via Vpn

    Road warriors and telecommuters can use IPsec as well as L2TP or PPTP VPN to safely access corporate networks without maintaining VPN software on their PCs. The SBG Series is also designed with VPN HA features to ensure that the VPN connectivity is always on for the business needs.

  • Page 6: Chapter 3

    ZyXEL – SBG Support Notes Chapter 3 Scenario 1 – VLAN 1.1 Application scenario Since security is an issue, the IT manager would like to move the server to a distinct broadcast domain called ServerGroup. General user cannot access the Server or capture the server packets even if they plug into same physical LAN.

  • Page 7: Scenario 2 - Firewall

    ZyXEL – SBG Support Notes Scenario 2 – Firewall 2.1 Application scenario SBG Series Firewall has the capability to limit only specific users from accessing the LAN Server. The others users‘ access requests will be dropped or rejected. 2.2 Configuration Guide 1.
  • Page 8 ZyXEL – SBG Support Notes 2. Select the Order ―2‖. 3. Select direction from ―WAN‖ to ―LAN‖. Select Source Device ―Specific IP Address‖. 5. Keep Source IP address empty (It means Any). Select Destination Device ―PC-1(192.168.1.50)‖. 7. Select IP Type ―IPv4‖.

  • Page 9: Scenario 3 - User Access Control

    ZyXEL – SBG Support Notes Scenario 3 – User Access Control 3.1 Application scenario The SBG Series User Access Control allows the IT manager to arrange Internet access scheduling to limit specific or all LAN PCs Internet access usage time.

  • Page 10: Scenario 4 - 3G Backup

    ZyXEL – SBG Support Notes Scenario 4 – 3G Backup 4.1 Application scenario 3G backup allows the SBG Series to keep the Internet connection when the primary WAN connection has failed. 4.2 Configuration Guide 1. Go to Network Setting> Broadband >...

  • Page 11: Scenario 5 - Nat

    NAT port forwarding feature implemented in the CPE. In a scenario shown in the above diagram, we have an RDP server installed behind the SBG Series with an IP assigned by the local DHCP server (192.168.1.100). How should we configure the SBG Series, so that the notebook at the WAN site can access the RDP server? The following step-by-step guide illustrates the setup procedure.

  • Page 12: Scenario 6 - Fullfeature Nat

    ZyXEL – SBG Support Notes 11. Select Protocol ―TCP‖. 12. Click on ―Apply‖. 5.2.2 Applications 1. Go to Network Setting> > Applications. 2. Click on ―Add new application‖. 3. Select current WAN Interface (ex: ADSL). 4. Enter Server IP Address 192.168.1.100.

  • Page 13: Configuration Guide

    ZyXEL – SBG Support Notes In this case, we have 2 IP addresses from an ISP via ADSL. We have a very busy internal FTP server and also LAN users. In this case, we want to assign the 2 IP addresses by the following way using 2 NAT rules.

  • Page 14: Scenario 7 - Virtual Private Network (Vpn)

    ZyXEL – SBG Support Notes 5. Select number 1. 6. Click on ―OK‖. Scenario 7 – Virtual Private Network (VPN) 7.1 Application scenario VPN provides business users a highly secure path to transmit data. The following two scenarios describe the general usage of VPNs. - IPSec VPN (Site-to-Site): - L2TP VPN: 7.2 Configuration Guide...
  • Page 15 ZyXEL – SBG Support Notes 7. Select Application Scenario ―Site-to-Site‖. 8. Select My Address ―ADSL‖. 9. Enter Primary Peer Gateway Address 10.59.3.20. Configure Authentication information 1. Select Key Exchange Mode ―Auto‖. 2. Select Pre-Shared Key and enter 12345678. Configure Phase 1 1.
  • Page 16 ZyXEL – SBG Support Notes 4. Enter Connection Name (ex: VPNtoSBG1). 5. Enable the ―Nailed-up‖ checkbox. 6. Enable the ―NAT Traversal (NAT-T)‖ checkbox. 7. Select Application Scenario ―Site-to-Site‖. 8. Select My Address ―ADSL‖. 9. Enter Primary Peer Gateway Address 10.59.3.10. Configure Authentication information 1.

  • Page 17: Scenario 8 - 802.1X

    4. Click on ―Apply‖. Scenario 8 – 802.1x 8.1 Application scenario SBG series supports 802.1x. This feature provides IT managers with a solution to control the enterprise wireless environment. The wireless users require RADIUS authentication when they connect to the SBG SSID.

  • Page 18: Scenario 9 - Maintenance Log

    9.1 Application Scenario Log file is an important method for IT Managers to monitor the device status. SBG Series has the capability to save the log to Local database, Remote Syslog Server and also Email inform user. Back to Table of Contents...
  • Page 19 ZyXEL – SBG Support Notes 9.2 Configuration Guide 9.2.1 Local File 1. Go to Maintenance > Setting. 2. Select Syslog Logging ―Enable‖. 3. Select Mode ―Local File‖. 4. Check Active Log and Alert ―Items (System, DHCP Client, etc.)‖. 5. Click on ―Apply‖. 9.2.2 Remote/Local File and Remote 1.

  • Page 20: Chapter 4

    Product FAQ: Will the device work with my Internet connection? SBG Series is designed to be compatible with major ISPs that utilize ADSL as a broadband service. SBG Series offers Ethernet ports to connect to your computer so the device is placed in the line between the computer and your ISP.
  • Page 21 IP packets and transports them to the carrier's Digital Subscriber Line Access Multiple (DSLAM) via ATM. It is a technology becoming more popular with DSL providers. Does the SBG Series support PPPoA? Yes. All SBG Series supports PPPoA. How do I know if I am using PPPoE/PPPoA? PPPoE/PPPoA requires a user account to log in to the provider's server.
  • Page 22 ZyXEL – SBG Support Notes easy remote management. b. Web browser – Using the embedded web server for easy configuration. What can we do with the device? Browse the World Wide Web (WWW), send and receive individual e-mail, and download software. These are just a few of many benefits you can enjoy when you put the whole office on-line with the device.
  • Page 23 ZyXEL – SBG Support Notes (the default IP address is 192.168.1.1, default password is 1234). What network interfaces does the new device Series support? The new device Series supports auto MDI/MDIX 10/100M Ethernet LAN port to connect to the computer or Switch on LAN. How does the device support TFTP? In addition to the direct console port connection, the device support uploading and downloading of the firmware and configuration file using...
  • Page 24 ZyXEL – SBG Support Notes multiple subnets on one VLAN or have one subnet spread across multiple VLANs. Virtual LANs and IP subnets provide independent Layer 2 and Layer 3 constructs that map to one another and this correspondence is useful during the network design process.
  • Page 25 ZyXEL – SBG Support Notes Internal Local Addresses (ILA) and the global IP addresses as the Inside Global Addresses (IGA). The term 'inside' refers to the set of networks that are subject to translation. The NAT operates by mapping the ILA to the IGA required for communication with hosts on other networks.
  • Page 26 Without DDNS, our users will always need to use the WAN IP address of the SBG Series to reach our internal server. It is inconvenient for the users if this IP is dynamic. With DDNS supported by the device, you can apply for a DNS name (e.g., www.zyxel.com.tw) for your server (e.g., web server)
  • Page 27 ZyXEL – SBG Support Notes network is congested. This can cause a reduction in network performance and make the network unfit for time critical applications such as video-on-demand. What is a Virtual Private Network (VPN)? VPN stands for ‗Virtual Private Network‘. In the past, when we needed to transmit data in a secure way, we would need to have a site-to-site leased line between the sites.

  • Page 28: Wireless Faq

    ZyXEL – SBG Support Notes VPN. It allows a user to create a secure VPN connection remotely to the local networks. The intended use of this protocol is to provide similar levels of security and remote access as typical VPN products. Wireless FAQ What is a Wireless LAN? Wireless LANs provide all the functionality of wired LANs, without the need...
  • Page 29 ZyXEL – SBG Support Notes e. Scalability: Wireless LAN systems can be configured in a variety of topologies to meet the needs of specific applications and installations. Configurations are easily changed and range from peer-to-peer networks suitable for a small number of users to full infrastructure networks of thousands of users that enable roaming over a broad area.
  • Page 30 ZyXEL – SBG Support Notes DSSS modulation. What is 802.11b? 802.11b is the first revision of 802.11 standard allowing data rates up to 11 Mbps in the 2.4GHz ISM band. It is also known as 802.11 High-Rate and Wi-Fi. 802.11b only uses DSSS modulation, and the maximum speed of 11 Mbps has fallbacks to 5.5, 2 and 1 Mbps.
  • Page 31 ZyXEL – SBG Support Notes What is 802.11n? 802.11n supports frequencies in both 2.4 GHz and 5 GHz radio bands and its data rate ranges from 54 Mbit/s up to 600 Mbit/s in theory, using the 802.11n Channel Doubling technology which can double the channel bandwidth from 20 MHz to 40 MHz and effectively doubles data rates and throughput.
  • Page 32 ZyXEL – SBG Support Notes would not interfere with other 802.11 devices much more than another 802.11 device would interfere. While more collisions are possible with the introduction of a Bluetooth device, they are also possible with the introduction of another 802.11 device, or a new 2.4 GHz cordless phone for that matter.

  • Page 33: What Is Infrastructure Mode

    ZyXEL – SBG Support Notes owned by a service provider or carrier. Data rates are low and charges are based on usage. Specialized applications are characteristically designed around short, burst messaging. What is Ad-Hoc mode? A wireless network consists of a number of stations without access points or any connection to a wired network.
  • Page 34 ZyXEL – SBG Support Notes unsynchronized receiver an FHSS transmission appears to be short-duration impulse noise. 802.11 may use FHSS or DSSS. Do I need the same kind of antenna on both sides of a link? No. Provided that the antenna is optimally designed for 2.4 GHz or 5 GHz operations.
  • Page 35 ZyXEL – SBG Support Notes Wired Equivalent Privacy (WEP) is a security mechanism defined within the 802.11 standard and designed to make the security of the wireless medium equal to that of a cable (wire). WEP data encryption was designed to prevent access to the network by "intruders"...

  • Page 36: Authentication Type

    ZyXEL – SBG Support Notes message when a client associates to an AP. A sniffer just has to wait for a valid user to associate with the network to see the SSID. What are Insertion attacks? The insertion attacks are based on placing unauthorized devices on the wireless network without going through a security process and review.
  • Page 37 ZyXEL – SBG Support Notes What is the difference between No authentication required, No access allowed and Authentication required? No authentication required — disables 802.1X and causes the port to transition to the authorized state without any authentication exchange required. The port transmits and receives normal traffic without 802.1x-based authentication of the client.
  • Page 38 ZyXEL – SBG Support Notes authentication and improved data encryption. What is WPA-PSK? WPA-PSK (Wi-Fi Protected Access Pre-Shared Key) can be used if users do not have a RADIUS server but still want to benefit from WPA security, because WPA-PSK only requires a single password to be entered on wireless AP/gateway and wireless client.

Table of Contents