Page 1 PMG5317-T20A Wireless N GPON IAD with 4-port GbE LAN Version 5.20 (ABCI.0) Edition 1, 10/2016 Quick Start Guide User’s Guide Default Login Details LAN IP Address http://192.168.1.1 User Name admin Password 1234 www.zyxel.com Copyright © 2016 ZyXEL Communications Corporation...
Page 2 Every effort has been made to ensure that the information in this manual is accurate. Related Documentation • Quick Start Guide The Quick Start Guide shows how to connect the GPON Device and get up and running right away. PMG5317-T20A User’s Guide...
Page 3: Table Of Contents
Traffic Status ............................237 VoIP Status ............................240 ARP Table .............................244 Routing Table ............................246 System ..............................248 User Account ............................249 Remote Management ..........................251 SNMP ..............................254 Time Settings ............................256 E-mail Notification ..........................258 Log Setting ............................260 Firmware Upgrade ..........................263 Backup/Restore .............................265 Diagnostic .............................268 PMG5317-T20A User’s Guide...
Page 4 Contents Overview SLID ..............................270 Troubleshooting ............................271 Appendices ............................277 PMG5317-T20A User’s Guide...
Page 5: Table Of Contents
The Web Configurator ........................22 2.1 Overview ............................22 2.1.1 Accessing the Web Configurator .....................22 2.2 Web Configurator Layout ........................24 2.2.1 Title Bar ...........................24 2.2.2 Navigation Panel ........................25 Chapter 3 Quick Start............................29 3.1 Overview ............................29 3.2 Quick Start Setup ..........................29 PMG5317-T20A User’s Guide...
Page 6 5.2 The Network Map Screen .........................66 5.3 The Status Screen ..........................67 Chapter 6 Broadband............................72 6.1 Overview ............................72 6.1.1 What You Can Do in This Chapter ...................72 6.1.2 What You Need to Know ......................72 6.1.3 Before You Begin ........................74 PMG5317-T20A User’s Guide...
Page 7 8.4 The UPnP Screen ........................... 117 8.4.1 Turning On UPnP in Windows 7 Example ................118 8.5 The Additional Subnet Screen ......................120 8.6 The TFTP Server Name Screen .....................121 8.7 Technical Reference ........................121 8.7.1 LANs, WANs and the GPON Device ..................121 PMG5317-T20A User’s Guide...
Page 8 11.1.2 What You Need To Know .....................151 11.2 The Port Forwarding Screen ......................152 11.2.1 Add/Edit Port Forwarding ....................154 11.3 The Applications Screen .......................155 11.3.1 Add New Application ......................155 11.4 The Port Triggering Screen ......................156 11.4.1 Add/Edit Port Triggering Rule .....................158 PMG5317-T20A User’s Guide...
Page 9 14.2 The File Sharing Screen .......................177 14.2.1 The Add New Share Screen ....................179 14.2.2 The Add New User Screen ....................180 14.3 The Media Server Screen ......................180 Chapter 15 Firewall ..............................182 15.1 Overview ............................182 15.1.1 What You Can Do in this Chapter ..................182 PMG5317-T20A User’s Guide...
Page 10 19.4.1 View Trusted CA Certificate ....................202 19.4.2 Import Trusted CA Certificate ....................203 Chapter 20 Voice ..............................205 20.1 Overview ............................205 20.1.1 What You Can Do in this Chapter ..................205 20.1.2 What You Need to Know About VoIP ...................206 20.2 Before You Begin ..........................206 PMG5317-T20A User’s Guide...
Page 11 Chapter 23 VoIP Status ............................240 23.1 The VoIP Status Screen ........................240 Chapter 24 ARP Table ............................244 24.1 Overview ............................244 24.1.1 How ARP Works ........................244 24.2 ARP Table Screen .........................244 Chapter 25 Routing Table ............................246 25.1 Overview ............................246 PMG5317-T20A User’s Guide...
Page 12 31.1 Overview ............................258 31.2 The E-mail Notification Screen ......................258 31.2.1 E-mail Notification Edit ......................258 Chapter 32 Log Setting ............................260 32.1 Overview ............................260 32.2 The Log Settings Screen .......................260 32.2.1 Example E-mail Log ......................261 Chapter 33 Firmware Upgrade ..........................263 PMG5317-T20A User’s Guide...
Page 13 37.4 Wireless Internet Access .......................274 37.5 USB Device Connection ........................275 37.6 UPnP .............................275 Part III: Appendices ..................277 Appendix A Customer Support ......................278 Appendix B Wireless LANs......................284 Appendix C IPv6 ..........................296 Appendix D Services ........................304 Appendix E Legal Information......................308 Index ..............................316 PMG5317-T20A User’s Guide...
Page 14: User's Guide
User’s Guide...
Page 15: Introduction
Introduction 1.1 Overview The PMG5317-T20A combines a fiber optic (GPON) router with a built-in switch to provide you local fiber-speed internet access. The GPON Device supports OMCI to connect to the ISP’s OLT (Optical Line Terminal), and it can also be remotely managed using TR-069. QoS is also supported to make sure bandwidth-hungry applications such as games and Video-on-Demand (VoD) get the bandwidth they need.
Page 16: Triple Play
Figure 1 Triple Play Example 1.4.2 Internet Access Your GPON Device provides shared Internet access by connecting a fiber optic line provided by the ISP to the PON port. Figure 2 GPON Device’s Router Features Internet PMG5317-T20A User’s Guide...
Page 17: Voip Features
The GPON Device’s PON port is trying to build the connection. The GPON Device’s PON port is not connected. The optical transceiver may have malfunctioned or the fiber cable may not be connected or may be broken or damaged enough to break the PON connection. PMG5317-T20A User’s Guide...
Page 18: The Reset Button
If you forget your password or cannot access the web configurator, you will need to use the RESET button at the back of the device to reload the factory-default configuration file. This means that you will lose all configurations that you had previously and the password will be reset to the default. PMG5317-T20A User’s Guide...
Page 19: Using The Reset Button
Also, if you wish to carry out WPS function, you need to activate wireless LAN first. Figure 5 Wi-Fi Button 1.7.1 Using the Wi-Fi button Make sure the POWER LED is on (not blinking). Press the Wi-Fi button for over 2 seconds and release it. See above for Wi-Fi button location PMG5317-T20A User’s Guide...
Page 20: The Wps Button
M4 Screws Screw anchors (optional) Select a position free of obstructions on a wall strong enough to hold the weight of the device. Mark two holes on the wall at the appropriate distance apart for the screws. PMG5317-T20A User’s Guide...
Page 21 Make sure the screws are fastened well enough to hold the weight of the GPON Device with the connection cables. Align the holes on the back of the GPON Device with the screws on the wall. Hang the GPON Device on the screws. Figure 7 Wall Mounting Example PMG5317-T20A User’s Guide...
Page 22: The Web Configurator
Login. If you have changed the password, enter your password and click Login. Figure 8 Password Screen The following screen displays if you have not yet changed your password. Enter a new password, retype it to confirm and click Apply. PMG5317-T20A User’s Guide...
Page 23 After you finished or closed the Quick Start Wizard screen, the Network Map page appears. Figure 10 Network Map Click Status to display the Status screen, where you can view the GPON Device’s interface and system information. PMG5317-T20A User’s Guide...
Page 24: Web Configurator Layout
As illustrated above, the main screen is divided into these parts: • A - title bar • B - main window • C - navigation panel 2.2.1 Title Bar The title bar provides some icons in the upper right corner. PMG5317-T20A User’s Guide...
Page 25: Navigation Panel
WAN interface to its DNS server(s). Policy Route Use this screen to configure policy routing on the GPON Device. Use this screen to configure Routing Information Protocol to exchange routing information with other routers. PMG5317-T20A User’s Guide...
Page 26 (such as parental control) is enforced. Certificates Local Certificates Use this screen to view a summary list of certificates and manage certificates and certification requests. Trusted CA Use this screen to view and manage the list of the trusted CAs. VoIP PMG5317-T20A User’s Guide...
Page 27 Use this screen to view the routing table on the GPON Device. Maintenance System Use this screen to set Device name and Domain name. User Account User Account Use this screen to change user password on the GPON Device. PMG5317-T20A User’s Guide...
Page 28 Use this screen to identify problems with the DSL connection. You can Traceroute & use Ping, TraceRoute, or Nslookup to help you identify problems. Nslookup SLID SLID Use this screen to change your GPON Device’s Subscriber Location ID (SLID) setting. PMG5317-T20A User’s Guide...
Page 29: Quick Start
Select the time zone of your location. Click Next. Figure 12 Quick Start - Welcome Enter your Internet connection information in this screen. The screen and fields to enter may vary depending on your current connection type. Click Next. PMG5317-T20A User’s Guide...
Page 30 GPON Device. Click Save. Figure 14 Quick Start - Wireless Setting Your GPON Device saves your settings and attempts to connect to the Internet. Click Close to complete the setup. PMG5317-T20A User’s Guide...
Page 31 Chapter 3 Quick Start Figure 15 Quick Start - Result Summary PMG5317-T20A User’s Guide...
Page 32: Tutorials
Service Provider (ISP) to configure the GPON Device. Be sure to contact your service provider for any information you need to configure the Broadband screens. Click Network Setting > Broadband to open the following screen. Click Add New WAN Interface. In this example, the GPON connection has the following information. PMG5317-T20A User’s Guide...
Page 33 Then select DNS as Static and enter the DNS server addresses provided to you, such as 192.168.5.2 (DNS server1)/192.168.5.1 (DNS server2). Leave the rest of the fields to the default settings. Click Apply to save your settings. PMG5317-T20A User’s Guide...
Page 34 You should see a summary of your new GPON connection setup in the Broadband screen as follows. Try to connect to a website to see if you have correctly set up your Internet connection. Be sure to contact your service provider for any information you need to configure the WAN screens. PMG5317-T20A User’s Guide...
Page 35: Setting Up A Secure Wireless Network
802.11b/g/n Mixed Click Network Setting > Wireless to open the General screen. Select More Secure as the security level and WPA2-PSK as the security mode. Configure the screen using the provided parameters (see page 35). Click Apply. PMG5317-T20A User’s Guide...
Page 36 Thomas can now use the WPS feature to establish a wireless connection between his notebook and the GPON Device (see Section 4.3.2 on page 37). He can also use the notebook’s wireless client to search for the GPON Device (see Section 4.3.3 on page 40). PMG5317-T20A User’s Guide...
Page 37: Using Wps
Note: Your GPON Device has a WPS button located on its side panel as well as a WPS button in its configuration utility. Both buttons have exactly the same function: you can use one or the other. PMG5317-T20A User’s Guide...
Page 38 Launch your wireless client’s configuration utility. Go to the WPS settings and select the PIN method to get a PIN number. Log into GPON Device’s web configurator and go to the Network Setting > Wireless > WPS screen. Enable the WPS function and click Apply. PMG5317-T20A User’s Guide...
Page 39 This may take up to two minutes. The wireless client is then able to communicate with the GPON Device securely. The following figure shows you how to set up a wireless network and its security on a GPON Device and a wireless client by using PIN method. PMG5317-T20A User’s Guide...
Page 40: Without Wps
“DoNotStealMyWirelessNetwork” pre-shared key to establish an wireless Internet connection. Note: The GPON Device supports IEEE 802.11b and IEEE 802.11g wireless clients. Make sure that your notebook or computer’s wireless adapter supports one of these standards. PMG5317-T20A User’s Guide...
Page 41: Setting Up Multiple Wireless Groups
Pre-Shared Key ForCompanyOnly 123456789 guest123 Click Network Setting > Wireless to open the General screen. Use this screen to set up the company’s general wireless network group. Configure the screen using the provided parameters and click Apply. PMG5317-T20A User’s Guide...
Page 42 Chapter 4 Tutorials Click Network Setting > Wireless > Guest/More AP to open the following screen. Click the Edit icon to configure the second wireless network group. Configure the screen using the provided parameters and click Apply. PMG5317-T20A User’s Guide...
Page 43 Chapter 4 Tutorials In the Guest/More AP screen, click the Edit icon to configure the third wireless network group. Configure the screen using the provided parameters and click Apply. PMG5317-T20A User’s Guide...
Page 44: How To Make A Voip Call
Check the status of VIP and Guest in the Guest/More AP screen. The yellow bulbs signify that the SSIDs are active and ready for wireless access. 4.5 How to Make a VoIP Call You can register a SIP account with the SIP server and make voice calls over the Internet to another VoIP device. PMG5317-T20A User’s Guide...
Page 45: Voip Calls With A Registered Sip Account
Select the Enable check box of SIP Service Provider and enter ServiceProvider1 as the SIP Service Provider Name. Enter the SIP Server Address, REGISTER Server Address, and SIP Service Domain provided by your ISP accordingly. Click Apply. PMG5317-T20A User’s Guide...
Page 46 Click Connection Status > System Info to check if your SIP account has been registered successfully. If the status is Not Registered, check your Internet connection and click Register to register your SIP account. Tutorial: Registration Status PMG5317-T20A User’s Guide...
Page 47: Using The File Sharing Feature
Pick up the phone receiver. Dial the VoIP phone number you want to call. 4.6 Using the File Sharing Feature In this section you can: • Set up file sharing of your USB device from the GPON Device PMG5317-T20A User’s Guide...
Page 48: Set Up File Sharing
You also need to set up file sharing on your GPON Device in order to share files. Click Add new Share in the File Sharing screen to configure a new user. Select your USB device from the Volume drop-down list box. PMG5317-T20A User’s Guide...
Page 49 Account Management, if you want to configure the Access Level to Security. For detailed information, please refer to the steps below. The Add Share Directory screen should look like the following. Click Apply to finish. Tutorial: USB Services > File Sharing > Share Configuration PMG5317-T20A User’s Guide...
Page 50: Access Your Shared Files From A Computer
Note: The examples in this User’s Guide show you how to use Microsoft’s Windows 7 to browse your shared files. Refer to your operating system’s documentation for how to browse your file structure. Open Windows Explorer to access BobShare using Windows Explorer browser. PMG5317-T20A User’s Guide...
Page 51: Using The Media Server Feature
Enter the path clients use to access the media files on a USB storage device connected to the GPON Device, and click Apply. This enables DLNA-compliant media clients to play the video, music and image files in your USB storage device. PMG5317-T20A User’s Guide...
Page 52: Using Windows Media Player
Tutorial: Media Server Setup (Using Windows Media Player) USB Storage Device Computer with Windows Media Player ZyXEL Device Windows 7 Open Windows Media Player. It should automatically detect the GPON Device. Tutorial: Media Sharing using Windows 7 (1) PMG5317-T20A User’s Guide...
Page 53 (Select the folder containing the media you wish to upload to Windows Media Player.) Tutorial: Media Sharing using Windows 7 (2) In the right panel, you should see a list of files available in the USB storage device. Tutorial: Media Sharing using Windows 7 (2) PMG5317-T20A User’s Guide...
Page 54: Using A Digital Media Adapter
Turn on the TV and wait for the DMA-2500 Home screen to appear. Using the remote control, go to MyMedia to open the following screen. Select the GPON Device as your media server. Tutorial: Media Sharing using DMA-2500 PMG5317-T20A User’s Guide...
Page 55: Configuring Static Route For Routing To Another Network
N1 (192.168.1.x/24) and N2 (192.168.10.x/24). If you want to send traffic from computer A (in N1 network) to computer B (in N2 network), the traffic is sent to the GPON Device’s WAN default gateway by default. In this case, B will never receive the traffic. PMG5317-T20A User’s Guide...
Page 56 Click Network Setting > Routing. Click Add new Static Route in the Static Route screen. Configure the Static Route Setup screen using the following settings: Select Enable in Active field. Enter the Route Name as R. Set IP Type to IPv4. PMG5317-T20A User’s Guide...
Page 57: Configuring Qos Queue And Class Setup
7. Note: QoS is applied to traffic flowing out of the GPON Device. Traffic that does not match this class is assigned a priority queue based on the internal QoS mapping table on the GPON Device. PMG5317-T20A User’s Guide...
Page 58 Click Queue Setup > Add new Queue to create a new queue. In the screen that opens, select Enable in Active field and enter or select the following values: • Name: E-mail • Interface: WAN • Priority: 1 (High) • Weight: 8 • Rate Limit: 5,000 (kbps) Tutorial: Advanced > QoS > Queue Setup PMG5317-T20A User’s Guide...
Page 59 Ether Type Select IP to identify the traffic source by its IP address or MAC address. IP Address Type the IP address of your computer - 192.168.1.23. Type the IP Subnet Mask if you know it. PMG5317-T20A User’s Guide...
Page 60: Access The Gpon Device Using Ddns
Apply for a user account. This tutorial uses UserName1 and 12345 as the username and password. Log into www.dyndns.org using your account. Add a new DDNS host name. This tutorial uses the following settings as an example. • Hostname: zyxelrouter.dyndns.org • Service Type: Host with IP address PMG5317-T20A User’s Guide...
Page 61: Configuring Ddns On Your Gpon Device
Open a web browser on the computer (using the IP address a.b.c.d) that is connected to the Internet. Type http://zyxelrouter.dyndns.org and press [Enter]. The GPON Device’s login page should appear. You can then log into the GPON Device and manage PMG5317-T20A User’s Guide...
Page 62: Configuring The Mac Address Filter
Click Security > MAC Filter to open the MAC Filter screen. Select the Enable check box to activate MAC filter function. Select Allow. Then enter the host name and MAC address of Thomas’ computer in this screen. Click Apply. PMG5317-T20A User’s Guide...
Page 63: Access Your Shared Files From A Computer
Note: This example uses the FileZilla FTP program to browse your shared files. In FileZilla enter the IP address of the GPON Device (the default is 192.168.1.1), your account’s user name and password and port 21 and click Quickconnect. A screen asking for password authentication appears. PMG5317-T20A User’s Guide...
Page 64 Chapter 4 Tutorials File Sharing via Windows Explorer Once you log in the USB device displays in the folder. PMG5317-T20A User’s Guide...
Page 65: Technical Reference
Technical Reference...
Page 66: Network Map And Status Screens
5.2 The Network Map Screen Use this screen to view the network connection status of the device and its clients. A warning message appears if there is a connection problem. Figure 16 Network Map: Icon View Mode PMG5317-T20A User’s Guide...
Page 67: The Status Screen
GPON Device to update this screen in Refresh interval. Figure 17 Network Map: List View Mode 5.3 The Status Screen Use this screen to view the status of the GPON Device. Click Status to open this screen. PMG5317-T20A User’s Guide...
Page 68 This is the current version of the firmware inside the GPON Device. Version WAN Information (These fields display when you have a WAN connection.) Encapsulation This field displays the current encapsulation method. IP Address This field displays the current IP address of the GPON Device in the WAN. PMG5317-T20A User’s Guide...
Page 69 The GPON Device starts up when you plug it in, when you restart it (Maintenance > Reboot), or when you reset it. Current Date/ This field displays the current date and time in the GPON Device. You can change this in Time Maintenance> Time Setting. System Resource PMG5317-T20A User’s Guide...
Page 70 Tx Power (dbm) This displays the optical transceiver’s optical transmitting power in dBm. Temperature This displays the optical transceiver’s temperature in Celsius. The normal range is 0-55 degrees. Registration Status Account This column displays each SIP account in the GPON Device. PMG5317-T20A User’s Guide...
Page 71 This column displays the service provider name and SIP number for each SIP account. Provider This field displays the account number and service domain of the SIP account. You can change these in the VoIP > SIP screens. PMG5317-T20A User’s Guide...
Page 72: Broadband
It can be static (fixed) or dynamically assigned by the ISP each time the GPON Device tries to access the Internet. If your ISP assigns you a static WAN IP address, they should also assign you the subnet mask and DNS server IP address(es). PMG5317-T20A User’s Guide...
Page 73 ISP’s Border Relay router (BR in the figure) to connect to the native IPv6 Internet. The local network can also use IPv4 services. The GPON Device uses it’s configured IPv4 WAN IP to route IPv4 traffic to the IPv4 Internet. PMG5317-T20A User’s Guide...
Page 74: Before You Begin
ISP (IPv6) IPv6 Internet IPv6 IPv6 IPv4 IPv4 in IPv6 AFTR IPv4 Internet 6.1.3 Before You Begin You need to know your Internet access settings such as encapsulation and WAN IP address. Get this information from your ISP. PMG5317-T20A User’s Guide...
Page 75: The Broadband Screen
Click Add New WAN Interface in the Broadband screen or the Edit icon next to an existing WAN interface to configure a WAN connection. The screen varies depending on the mode, encapsulation, and IPv6/IPv4 mode you select. PMG5317-T20A User’s Guide...
Page 76 The following example screen displays when you select Routing mode, and PPPoE encapsulation. The screen varies when you select other interface type, encapsulation, and IPv4/IPv6 mode. Figure 23 Network Setting > Broadband > Add New WAN Interface/Edit (Routing Mode) PMG5317-T20A User’s Guide...
Page 77 IP address. Static IP Select this option If the ISP assigned a fixed IP address. Address IP Address Enter the static IP address provided by your ISP. VLAN Active Select this to enable VLAN on this WAN interface. PMG5317-T20A User’s Guide...
Page 78 The 6RD (IPv6 rapid deployment) fields display when you set the IPv6/IPv4 Mode field to IPv4 Only. See IPv6 Rapid Deployment on page 73 for more information. Select Enable to tunnel IPv6 traffic from the local network through the ISP’s IPv4 network. PMG5317-T20A User’s Guide...
Page 79 GPON Device's interface(s). The gateway helps forward packets to Gateway their destinations. IPv6 Routing Feature (This is available only when you select IPv4 IPv6 DualStack or IPv6 Only in the IPv4/IPv6 Mode field. You can enable IPv6 routing features in the following section.) PMG5317-T20A User’s Guide...
Page 80: Bridge Mode
Select Bridge when your ISP provides you more than one IP address and you want the connected computers to get individual IP address from ISP’s DHCP server directly. If you select Bridge, you cannot use routing functions, such as QoS, Firewall, DHCP server and NAT on traffic from the selected LAN port(s). PMG5317-T20A User’s Guide...
Page 81 802.1q Type the VLAN ID number (from 0 to 4094) for traffic through this connection. Click OK to save your changes. Cancel Click Cancel to exit this screen without saving. PMG5317-T20A User’s Guide...
Page 82: Wireless
However, wireless networking is different from that of most traditional radio communications in that there a number of wireless networking standards available with different methods of data encryption. PMG5317-T20A User’s Guide...
Page 83: The General Screen
Apply to confirm. You must then change the wireless settings of your computer to match the GPON Device’s new settings. Click Network Setting > Wireless to open the General screen. PMG5317-T20A User’s Guide...
Page 84 This shows the wireless band which this radio profile is using. 2.4GHz is the frequency used by IEEE 802.11b/g/n wireless clients. Wireless You can Enable or Disable the wireless LAN in this field. Channel Use Auto to have the GPON Device automatically determine a channel to use. PMG5317-T20A User’s Guide...
Page 85: No Security
Select No Security to allow wireless stations to communicate with the access points without any data encryption or authentication. Note: If you do not enable any wireless security on your GPON Device, your network is accessible to any wireless networking device that is within range. PMG5317-T20A User’s Guide...
Page 86: Basic (Wep Encryption)
In order to configure and enable WEP encryption, click Network Setting > Wireless to display the General screen, then select Basic as the security level. Figure 27 Wireless > General: Basic (WEP) PMG5317-T20A User’s Guide...
Page 87: More Secure (Wpa(2)-Psk)
Note: WPA-PSK is not available if you enable WPS before you configure them. Click Network Setting > Wireless to display the General screen. Select More Secure as the security level. Then select WPA-PSK, WPA2-PSK, or WPA/WPA2-PSK from the Security Mode list. PMG5317-T20A User’s Guide...
Page 88: The Guest/More Ap Screen
7.3 The Guest/More AP Screen This screen allows you to enable and configure multiple Basic Service Sets (BSSs) on the GPON Device. Click Network Setting > Wireless > Guest/More AP. The following screen displays. PMG5317-T20A User’s Guide...
Page 89: Edit Guest/More Ap
Click the Edit icon to configure the SSID profile. 7.3.1 Edit Guest/More AP Use this screen to edit an SSID profile. Click the Edit icon next to an SSID in the Guest/More AP screen. The following screen displays. PMG5317-T20A User’s Guide...
Page 90 Access Scenario field. Access If you select Home Guest, clients connecting to the same SSID can communicate with each Scenario other directly. If you select External Guest, clients are blocked from connecting to each other directly. PMG5317-T20A User’s Guide...
Page 91: Mac Authentication
MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. You need to know the MAC addresses of the devices to configure this screen. PMG5317-T20A User’s Guide...
Page 92: The Wps Screen
WPS allows you to quickly set up a wireless network with strong security, without having to configure security settings manually. Set up each WPS connection between two devices. Both devices must support WPS. See Section 7.9.8.3 on page 105 for more information about WPS. PMG5317-T20A User’s Guide...
Page 93 You can find the PIN either on the outside of the device, or by checking the device’s settings. Note: You must also activate WPS on that device within two minutes to have it present its PIN to the GPON Device. PMG5317-T20A User’s Guide...
Page 94: The Wmm Screen
GPON Device until the GPON Device "wakes up". The GPON Device wakes up periodically to (APSD) check for incoming data. Note: This works only if the wireless device to which the GPON Device is connected also supports this feature. PMG5317-T20A User’s Guide...
Page 95: The Others Screen
Delivery Traffic Indication Message (DTIM) is the time period after which broadcast and multicast packets are transmitted to mobile clients in the Power Saving mode. A high DTIM value can cause clients to lose connectivity with the network. This value can be set from 1 to 255. PMG5317-T20A User’s Guide...
Page 96: The Channel Status Screen
Note: The Scan button only works when the GPON Device uses 20MHz for the wireless channel width. You can go to the General screen, Network Setting > Wireless > click the more link, and then change the channel width setting in the Bandwidth field. PMG5317-T20A User’s Guide...
Page 97: Technical Reference
The wireless clients connect to the access points. • An “ad-hoc” type of network is one in which there is no access point. Wireless clients connect to one another in order to exchange information. The following figure provides an example of a wireless network. PMG5317-T20A User’s Guide...
Page 98 When you create a network, you must select a channel to use. Since the available unlicensed spectrum varies from one country to another, the number of available channels also varies. PMG5317-T20A User’s Guide...
Page 99: Additional Wireless Terms
Because of the damage that can be done by a malicious attacker, it’s not just people who have sensitive information on their network who should use security. Everybody who uses any wireless network should ensure that effective security is in place. PMG5317-T20A User’s Guide...
Page 100: Mac Address Filter
Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks. These kinds of wireless devices might not have MAC addresses. Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F. PMG5317-T20A User’s Guide...
Page 101: Signal Problems
Problems with absorption occur when physical objects (such as thick walls) are between the two radios, muffling the signal. PMG5317-T20A User’s Guide...
Page 102: Bss
• You must use different keys for different BSSs. If two wireless devices have different BSSIDs (they are in different BSSs), but have the same keys, they may hear each other’s communications (but not communicate with each other). PMG5317-T20A User’s Guide...
Page 103: Preamble Type
(see the device’s User’s Guide for how to do this - for the GPON Device, Section 7.6 on page 94). Press the button on one of the devices (it doesn’t matter which). For the GPON Device you must press the WPS button for more than three seconds. PMG5317-T20A User’s Guide...
Page 104: Pin Configuration
If you cannot connect, check the list of associated wireless clients in the AP’s configuration utility. If you see the wireless client in the list, WPS was successful. The following figure shows a WPS-enabled wireless client (installed in a notebook computer) connecting to the WPS-enabled AP via the PIN method. PMG5317-T20A User’s Guide...
Page 105 If the registrar is already part of a network, it sends the existing information. If not, it generates the SSID and WPA(2)-PSK randomly. The following figure shows a WPS-enabled client (installed in a notebook computer) connecting to a WPS-enabled access point. PMG5317-T20A User’s Guide...
Page 106 When WPS is activated on both, they perform the handshake. In this example, AP1 is the registrar, and Client 1 is the enrollee. The registrar randomly generates the security information to set up the network, since it is unconfigured and has no existing information. PMG5317-T20A User’s Guide...
Page 107 In step 3, you add another access point (AP2) to your network. AP2 is out of range of AP1, so you cannot use AP1 for the WPS handshake with the new access point. However, you know that Client 2 supports the registrar function, so you use it to perform the WPS handshake instead. PMG5317-T20A User’s Guide...
Page 108: Limitations Of Wps
If this happens, open the access point’s configuration interface and look at the list of associated clients (usually displayed by MAC address). It does not matter if the PMG5317-T20A User’s Guide...
Page 109 Check the MAC addresses of your wireless clients (usually printed on a label on the bottom of the device). If there is an unknown MAC address you can remove it or reset the AP. PMG5317-T20A User’s Guide...
Page 110: Home Networking
8.1.2.1 About LAN IP Address IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. PMG5317-T20A User’s Guide...
Page 111 The automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues. Network information and configuration may also be obtained and modified by users in some network environments. PMG5317-T20A User’s Guide...
Page 112: Before You Begin
This will become the IP address of your GPON Device. Enter the IP subnet mask into the Subnet Mask field. Unless instructed otherwise it is best to leave this alone, the configurator will automatically compute a subnet mask based upon the IP address you entered. PMG5317-T20A User’s Guide...
Page 113 Chapter 8 Home Networking Click Apply to save your settings. Figure 43 Network Setting > Home Networking > LAN Setup PMG5317-T20A User’s Guide...
Page 114 Enter the first and second DNS (Domain Name System) server IP addresses the GPON Device passes to the DHCP clients. LAN IPv6 Mode Setup IPv6 Active Select Enable to activate the IPv6 mode and configure IPv6 settings on the GPON Device. PMG5317-T20A User’s Guide...
Page 115 Select User-Defined if you have the IPv6 address of a DNS server. Enter the DNS server IPv6 addresses the GPON Device passes to the DHCP clients. Select None if you do not want to configure IPv6 DNS servers. PMG5317-T20A User’s Guide...
Page 116: The Static Dhcp Screen
(six pairs of hexadecimal notation). A network interface card such as an Ethernet adapter has a hardwired address that is assigned at the factory. This address follows an industry standard that ensures no other adapter has a similar address. PMG5317-T20A User’s Guide...
Page 117: The Upnp Screen
A UPnP device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network. In turn, a device can leave a network smoothly and automatically when it is no longer in use. PMG5317-T20A User’s Guide...
Page 118: Turning On Upnp In Windows 7 Example
Windows 7. Activate UPnP on the GPON Device. Make sure the computer is connected to a LAN port of the GPON Device. Turn on your computer and the GPON Device. Click the start icon, Control Panel and then the Network and Sharing Center. PMG5317-T20A User’s Guide...
Page 119 Select Turn on network discovery and click Save Changes. Network discovery allows your computer to find other computers and devices on the network and other computers on the network to find your computer. This makes it easier to share files and printers. PMG5317-T20A User’s Guide...
Page 120: The Additional Subnet Screen
Enter the public IP address provided by your ISP. Subnet Mask Enter the public IPv4 subnet mask provided by your ISP. Offer Public IP Select Enable to enable the GPON Device to provide public IP addresses by DHCP server. by DHCP PMG5317-T20A User’s Guide...
Page 121: The Tftp Server Name Screen
This section provides some technical background information about the topics covered in this chapter. 8.7.1 LANs, WANs and the GPON Device There are two separate IP networks, one inside the LAN network and the other outside the WAN network as shown next. PMG5317-T20A User’s Guide...
Page 122: Dhcp Setup
DNS servers out of the DHCP setup under all circumstances. If your ISP gives you explicit DNS servers, make sure that you enter their IP addresses in the DHCP Setup screen. PMG5317-T20A User’s Guide...
Page 123: Lan Tcp/Ip
If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks. On the other hand, if you are part of a much larger organization, you should consult your network administrator for the appropriate IP addresses. PMG5317-T20A User’s Guide...
Page 124 Note: Regardless of your particular situation, do not create an arbitrary IP address; always follow the guidelines above. For more information on address assignment, please refer to RFC 1597, “Address Allocation for Private Internets” and RFC 1466, “Guidelines for Management of IP Address Space”. PMG5317-T20A User’s Guide...
Page 125: Routing
Figure 50 Example of Routing Topology 9.2 The Routing Screen Use this screen to view and configure the static route rules on the GPON Device. Click Network Setting > Routing > Static Route to open the following screen. PMG5317-T20A User’s Guide...
Page 126: Add/Edit Static Route
Use this screen to add or edit a static route. Click Add new static route in the Routing screen or the Edit icon next to the static route you want to edit. The screen shown next appears. Figure 52 Routing: Add/Edit PMG5317-T20A User’s Guide...
Page 127: The Dns Route Screen
DNS route is active. A gray bulb signifies that this DNS route is not active. Domain Name This is the host name or domain name of the DNS route entry. WAN Interface This is the WAN connection through which the GPON Device forwards DNS requests for this domain name. PMG5317-T20A User’s Guide...
Page 128: The Dns Route Add Screen
Policy-based routing is applied to outgoing packets, prior to the normal routing. You can use source-based policy forwarding to direct traffic from different users through different connections or distribute traffic among multiple paths for load sharing. PMG5317-T20A User’s Guide...
Page 129 This is the WAN interface through which the traffic is routed. Modify Click the Edit icon to edit this policy. Click the Delete icon to remove a policy from the GPON Device. A window displays asking you to confirm that you want to delete the policy. PMG5317-T20A User’s Guide...
Page 130: Add/Edit Policy Route
Select a WAN interface through which the traffic is sent. You must have the WAN interface(s) already configured in the Broadband screens. Click OK to save your changes. Cancel Click Cancel to exit this screen without saving. PMG5317-T20A User’s Guide...
Page 131: Rip
Select the check box to set the VMG to not send the route information to the default Gateway gateway. Apply Click Apply to save your changes back to the GPON Device. Cancel Click Cancel to restore your previously saved settings. PMG5317-T20A User’s Guide...
Page 132: Quality Of Service (Qos)
• Use the Shaper Setup screen to limit outgoing traffic transmission rate on the selected interface (Section 10.6 on page 142). • Use the Policer Setup screen to control incoming traffic transmission rate and bursts (Section 10.7 on page 143). PMG5317-T20A User’s Guide...
Page 133: What You Need To Know
(or queues). Your GPON Device uses the Token Bucket algorithm to allow a certain amount of large bursts while keeping a limit at the average rate. Traffic Rate Traffic Rate Time Time (Before Traffic Shaping) (After Traffic Shaping) PMG5317-T20A User’s Guide...
Page 134: The Quality Of Service General Screen
Click Network Setting > QoS > General to open the screen as shown next. Use this screen to enable or disable QoS and set the upstream bandwidth. See Section 10.1 on page 132 for more information. Figure 58 Network Settings > QoS > General PMG5317-T20A User’s Guide...
Page 135: The Queue Setup Screen
Cancel Click Cancel to restore your previously saved settings. 10.4 The Queue Setup Screen Click Network Setting > QoS > Queue Setup to open the screen as shown next. Use this screen to configure QoS queue assignment. PMG5317-T20A User’s Guide...
Page 136 This shows the maximum transmission rate allowed for traffic on this queue. Modify Click the Edit icon to edit the queue. Click the Delete icon to delete an existing queue. Note that subsequent rules move up by one when you take this action. PMG5317-T20A User’s Guide...
Page 137: Adding A Qos Queue
(packets are transmitted out of it). Rate Limit Specify the maximum transmission rate (in Kbps) allowed for traffic on this queue. Click OK to save your changes. Cancel Click Cancel to exit this screen without saving. PMG5317-T20A User’s Guide...
Page 138: The Classification Setup Screen
Click the Delete icon to delete an existing classifier. Note that subsequent rules move up by one when you take this action. 10.5.1 Add/Edit QoS Class Click Add New Classification in the Classification Setup screen or the Edit icon next to a classifier to open the following screen. PMG5317-T20A User’s Guide...
Page 139 Chapter 10 Quality of Service (QoS) Figure 62 Classification Setup: Add/Edit PMG5317-T20A User’s Guide...
Page 140 Port Range If you select TCP or UDP in the IP Protocol field, select the check box and enter the port number(s) of the destination. Select the check box and enter the destination MAC address of the packet. PMG5317-T20A User’s Guide...
Page 141 This field is available only when you select IP in the Ether Type field. If you select this option, the matched TCP packets must contain the ACK (Acknowledge) flag. Exclude Select this option to exclude the packets that match the specified criteria from this classifier. Step3: Packet Modification PMG5317-T20A User’s Guide...
Page 142: The Qos Shaper Setup Screen
This is the index number of the entry. Status This field displays whether the shaper is active or not. A yellow bulb signifies that this policer is active. A gray bulb signifies that this shaper is not active. PMG5317-T20A User’s Guide...
Page 143: Add/Edit A Qos Shaper
Use this screen to view QoS policers that allow you to limit the transmission rate of incoming traffic and apply actions, such as drop, pass, or modify the DSCP value for matched traffic. Click Network Setting > QoS > Policer Setup. The screen appears as shown. PMG5317-T20A User’s Guide...
Page 144 QoS classes. Modify Click the Edit icon to edit the policer. Click the Delete icon to delete an existing policer. Note that subsequent rules move up by one when you take this action. PMG5317-T20A User’s Guide...
Page 145: Add/Edit A Qos Policer
Burst Size peak burst size (two rate three color) or excess burst size (single rate three color) if it is also configured. This is the maximum size of the (first) token bucket in a traffic metering algorithm. PMG5317-T20A User’s Guide...
Page 146: Technical Reference
Typically used for controlled load, latency-sensitive traffic such as SNA (Systems Network Architecture) transactions. Level 3 Typically used for “excellent effort” or better than best effort and would include important business traffic that can tolerate some delay. Level 2 This is for “spare bandwidth”. PMG5317-T20A User’s Guide...
Page 147 Automatic Priority Queue Assignment If you enable QoS on the GPON Device, the GPON Device can automatically base on the IEEE 802.1p priority level, IP precedence and/or packet length to assign priority to traffic which does not match a class. PMG5317-T20A User’s Guide...
Page 148 • A packet can be transmitted if the number of tokens in the bucket is equal to or greater than the size of the packet (in bytes). • After a packet is transmitted, a number of tokens corresponding to the packet size is removed from the bucket. PMG5317-T20A User’s Guide...
Page 149 (CIR) and the Peak Information Rate (PIR). The CIR specifies the average rate at which packets are admitted to the network. The PIR is greater than or equal to the CIR. CIR and PIR values are based PMG5317-T20A User’s Guide...
Page 150 • If the PBS bucket has enough tokens, the GPON Device checks the CBS bucket. The packet is marked green and can be transmitted if the number of tokens in the CBS bucket is equal to or greater than the size of the packet (in bytes). Otherwise, the packet is marked yellow. PMG5317-T20A User’s Guide...
Page 151: Network Address Translation (Nat)
IP address of a host when the packet is in the local network, while the global address refers to the IP address of the host when the same packet is traveling in the WAN side. PMG5317-T20A User’s Guide...
Page 152: The Port Forwarding Screen
80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. PMG5317-T20A User’s Guide...
Page 153 Protocol This shows the IP protocol supported by this virtual server, whether it is TCP, UDP, or TCP/ UDP. Modify Click the Edit icon to edit this rule. Click the Delete icon to delete an existing rule. PMG5317-T20A User’s Guide...
Page 154: Add/Edit Port Forwarding
This shows the port number to which you want the GPON Device to translate the incoming Start Port port. For a range of ports, enter the first number of the range to which you want the incoming ports translated. Translation End This shows the last port of the translated port range. Port PMG5317-T20A User’s Guide...
Page 155: The Applications Screen
This field displays the destination IP address for the service. Address Modify Click the Delete icon to delete the rule. 11.3.1 Add New Application This screen lets you create new NAT application rules. Click Add New Application in the Applications screen to open the following screen. PMG5317-T20A User’s Guide...
Page 156: The Port Triggering Screen
After that computer’s connection for that service closes, another computer on the LAN can use the service in the same manner. This way you do not need to configure a new IP address each time you want a different LAN computer to use the application. PMG5317-T20A User’s Guide...
Page 157 IP address of the LAN computer that sent the traffic to a server on the WAN. This is the first port number that identifies a service. Trigger End This is the last port number that identifies a service. Port Trigger Proto. This is the trigger transport layer protocol. PMG5317-T20A User’s Guide...
Page 158: Add/Edit Port Triggering Rule
Type a port number or the starting port number in a range of port numbers. Trigger End Type a port number or the ending port number in a range of port numbers. Port Trigger Protocol Select the transport layer protocol from TCP, or UDP. PMG5317-T20A User’s Guide...
Page 159: The Dmz Screen
STUN or an outbound proxy if your GPON Device is behind a SIP ALG. Use this screen to enable and disable the ALGs in the GPON Device. To access this screen, click Network Setting > NAT > ALG. PMG5317-T20A User’s Guide...
Page 160: The Address Mapping Screen
This is the ending Inside Local IP Address (ILA). If the rule is for all local IP addresses, then this field displays 0.0.0.0 as the Local Start IP address and 255.255.255.255 as the Local End IP address. This field is blank for One-to-One mapping types. PMG5317-T20A User’s Guide...
Page 161: Add/Edit Address Mapping Rule
11.7.1 Add/Edit Address Mapping Rule To add or edit an address mapping rule, click Add new rule or the rule’s edit icon in the Address Mapping screen to display the screen shown next. Figure 78 Address Mapping: Add/Edit PMG5317-T20A User’s Guide...
Page 162: The Sessions Screen
With heavy peer-to-peer application use, lower this number to ensure no single client uses too many of the available NAT sessions. Apply Click this to save your changes on this screen. Cancel Click this to exit this screen without saving any changes. PMG5317-T20A User’s Guide...
Page 163: Technical Reference
With no servers defined, your GPON Device filters out all incoming inquiries, thus preventing intruders from probing your network. For more information on IP address translation, refer to RFC 1631, The IP Network Address Translator (NAT). PMG5317-T20A User’s Guide...
Page 164: How Nat Works
Address (ILA) Address (IGA) 192.168.1.11 192.168.1.10 11.9.4 NAT Application The following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP alias) behind the GPON Device can communicate with three distinct WAN networks. PMG5317-T20A User’s Guide...
Page 165 80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. PMG5317-T20A User’s Guide...
Page 166 Chapter 11 Network Address Translation (NAT) Figure 82 Multiple Servers Behind NAT Example A=192.168.1.33 192.168.1.1 B=192.168.1.34 IP address assigned by ISP C=192.168.1.35 D=192.168.1.36 PMG5317-T20A User’s Guide...
Page 167: Dynamic Dns Setup
Enabling the wildcard feature for your host causes *.yourhost.dyndns.org to be aliased to the same IP address as yourhost.dyndns.org. This feature is useful if you want to be able to use, for example, www.yourhost.dyndns.org and still reach your hostname. PMG5317-T20A User’s Guide...
Page 168: The Dns Entry Screen
You can manually add or edit the GPON Device’s DNS name and IP address entry. Click Add New DNS Entry in the DNS Entry screen or the Edit icon next to the entry you want to edit. The screen shown next appears. Figure 84 DNS Entry: Add/Edit PMG5317-T20A User’s Guide...
Page 169: The Dynamic Dns Screen
Select the check box to enable DynDNS Wildcard. Option Enable Offline Check with your Dynamic DNS service provider to have traffic redirected to a URL (that Option (Only you can specify) while you are off line. applies to custom DNS) Dynamic DNS Status PMG5317-T20A User’s Guide...
Page 170 Current Dynamic This shows the IP address your Dynamic DNS provider has currently associated with the hostname. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. PMG5317-T20A User’s Guide...
Page 171: Interface Grouping
In the following example, the client that sends packets with the DHCP Vendor ID option set to MSFT 5.0 (meaning it is a Windows 2000 DHCP client) is assigned the IP address 192.168.2.2 and uses the WAN VDSL_PoE/ppp0.1 interface. PMG5317-T20A User’s Guide...
Page 172: Interface Group Configuration
Click the Add New Interface Group button in the Interface Grouping screen to open the following screen. Use this screen to create a new interface group. Note: An interface can belong to only one group at a time. PMG5317-T20A User’s Guide...
Page 173 Click Add to identify LAN hosts to add to the interface group by criteria such as the type of Add Clients the hardware or firmware. See Section 13.2.2 on page 174 for more information. With the following DHCP Vendor IDs PMG5317-T20A User’s Guide...
Page 174: Interface Grouping Criteria
Select this and enter the device identity of the matched traffic. DHCP Option Select this and enter vendor specific information of the matched traffic. Enterprise Enter the vendor’s 32-bit enterprise number registered with the IANA (Internet Assigned Number Numbers Authority). PMG5317-T20A User’s Guide...
Page 175 Enter the serial number of the device. Number Product Enter the product class of the device. Class Click OK to save your changes back to the GPON Device. Cancel Click Cancel to exit this screen without saving. PMG5317-T20A User’s Guide...
Page 176: Usb Service
• Use the Media Server screen to enable or disable the sharing of media files (Section 14.3 on page 180). 14.1.2 What You Need To Know The following terms and concepts may help as you read this chapter. PMG5317-T20A User’s Guide...
Page 177: Before You Begin
Use this screen to set up file sharing through the GPON Device. The GPON Device’s LAN users can access the shared folder (or share) from the USB device inserted in the GPON Device. To access this screen, click Network Setting > USB Service > File Sharing. PMG5317-T20A User’s Guide...
Page 178 Click the Delete icon to delete this share in the list. Account Management Add New User Click this button to create a user account to access the secured shares. Active Select this to allow the user to access the secured shares. PMG5317-T20A User’s Guide...
Page 179: The Add New Share Screen
You can either enter a short description of the share, or leave this field blank. Access Level Select Public if you want the share to be accessed by users connecting to the GPON Device. Otherwise, select Security. PMG5317-T20A User’s Guide...
Page 180: The Add New User Screen
DLNA-compliant media clients (like Windows Media Player). The Digital Living Network Alliance (DLNA) is a group of personal computer and electronics companies that works to make products compatible in a home network. The GPON Device media server enables you to: PMG5317-T20A User’s Guide...
Page 181 Enter the path clients use to access the media files on a USB storage device connected to Path the GPON Device. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. PMG5317-T20A User’s Guide...
Page 182: Firewall
• Use the Access Control screen to view and configure incoming/outgoing filtering rules (Section 15.4 on page 186). • Use the DoS screen to activate protection against Denial of Service (DoS) attacks (.Section 15.5 on page 188). PMG5317-T20A User’s Guide...
Page 183: What You Need To Know
Use this screen to set the security level of the firewall on the GPON Device. Firewall rules are grouped based on the direction of travel of packets to which they apply. Click Security > Firewall to display the General screen. PMG5317-T20A User’s Guide...
Page 184: The Protocol Screen
IANA (Internet Assigned Number Authority) website. See Appendix D on page 304 for some examples. Click Security > Firewall > Protocol to display the following screen. Figure 97 Security > Firewall > Protocol PMG5317-T20A User’s Guide...
Page 185: Add/Edit A Service
Type a single port number or the range of port numbers that define your customized service. Protocol This field is displayed if you select Other as the protocol. Number Enter the protocol number of your customized port. PMG5317-T20A User’s Guide...
Page 186: The Access Control Screen
Click the Move To icon to change the order of the rule. Enter the number in the # field. 15.4.1 Add/Edit an ACL Rule Click Add new ACL rule or the Edit icon next to an existing ACL rule in the Access Control screen. The following screen displays. PMG5317-T20A User’s Guide...
Page 187 Enter a single port number or the range of port numbers of the source. Custom This field is displayed only when you select Specific Protocol in Select Protocol. Destination Port Enter a single port number or the range of port numbers of the destination. PMG5317-T20A User’s Guide...
Page 188: The Dos Screen
The following table describes the labels in this screen. Table 74 Security > Firewall > DoS LABEL DESCRIPTION DoS Protection Select Enable to enable protection against DoS attacks. Blocking Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. PMG5317-T20A User’s Guide...
Page 189: Mac Filter
MAC addresses of the devices to configure this screen. 16.2 The MAC Filter Screen Use this screen to allow wireless and LAN clients access to the GPON Device. Click Security > MAC Filter. The screen appears as shown. Figure 102 Security > MAC Filter PMG5317-T20A User’s Guide...
Page 190 GPON Device in these address fields. Enter the MAC addresses in a valid MAC address format, that is, six hexadecimal character pairs, for example, 12:34:56:78:9a:bc. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. PMG5317-T20A User’s Guide...
Page 191: Parental Control
This shows the day(s) and time on which parental control is enabled. Schedule Network This shows whether the network service is configured. If not, None will be shown. Service Website This shows whether the website block is configured. If not, None will be shown. Blocked PMG5317-T20A User’s Guide...
Page 192: Add/Edit A Parental Control Profile
Use this screen to configure a restricted access schedule and/or URL filtering settings to block the users on your network from accessing certain web sites. Figure 104 Parental Control Rule: Add/Edit Rule PMG5317-T20A User’s Guide...
Page 193 This shows the URL of web site or URL keyword to which the GPON Device blocks or allows access. Modify Click the Edit icon to go to the screen where you can edit the rule. Click the Delete icon to delete an existing rule. PMG5317-T20A User’s Guide...
Page 194 Select the transport layer protocol used for the service. Choices are TCP, UDP, or TCP & UDP. Port Enter the port of the service. If you have chosen a pre-defined service in the Service Name field, this field will not be configurable. PMG5317-T20A User’s Guide...
Page 195 Enter a keyword and click OK to have the GPON Device block access to the website URLs Keyword that contain the keyword. Click OK to save your changes. Cancel Click Cancel to exit this screen without saving. PMG5317-T20A User’s Guide...
Page 196: Scheduler Rule
18.2.1 Add/Edit a Schedule Click the Add New Rule button in the Scheduler Rule screen or click the Edit icon next to a schedule rule to open the following screen. Use this screen to configure a restricted access schedule. PMG5317-T20A User’s Guide...
Page 197 Enter the time period of each day, in 24-hour format, during which the rule will be enforced. Range Description Enter a description for this scheduler rule. Click OK to save your changes. Cancel Click Cancel to exit this screen without saving. PMG5317-T20A User’s Guide...
Page 198: Certificates
19.3 The Local Certificates Screen Click Security > Certificates to open the Local Certificates screen. This is the GPON Device’s summary list of certificates and certification requests. Figure 110 Security > Certificates > Local Certificates PMG5317-T20A User’s Guide...
Page 199: Create Certificate Request
19.3.1 Create Certificate Request Click Security > Certificates > Local Certificates and then Create Certificate Request to open the following screen. Use this screen to have the GPON Device generate a certification request. PMG5317-T20A User’s Guide...
Page 200 After you click Apply, the following screen displays to notify you that you need to get the certificate request signed by a Certificate Authority. If you already have, click Load_Signed to import the signed certificate into the GPON Device. Otherwise click Back to return to the Local Certificates screen. PMG5317-T20A User’s Guide...
Page 201: Load Signed Certificate
Certificates screen click the certificate request’s Load Signed icon to import the signed certificate into the GPON Device. Note: You must remove any spaces from the certificate’s filename before you can import Figure 113 Load Signed Certificate PMG5317-T20A User’s Guide...
Page 202: The Trusted Ca Screen
19.4.1 View Trusted CA Certificate Click the View icon in the Trusted CA screen to open the following screen. Use this screen to view in-depth information about the certification authority’s certificate. PMG5317-T20A User’s Guide...
Page 203: Import Trusted Ca Certificate
Click Back to return to the previous screen. 19.4.2 Import Trusted CA Certificate Click the Import Certificate button in the Trusted CA screen to open the following screen. The GPON Device trusts any valid certificate signed by any of the imported trusted CA certificates. PMG5317-T20A User’s Guide...
Page 204 Type in the location of the certificate you want to upload in this field or click Choose File to Path find it. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. PMG5317-T20A User’s Guide...
Page 205: Voice
You don’t necessarily need to use all these screens to set up your account. In fact, if your service provider did not supply information on a particular field in a screen, it is usually best to leave it at its default setting. PMG5317-T20A User’s Guide...
Page 206: What You Need To Know About Voip
• Before you can use these screens, you need to have a VoIP account already set up. If you don’t have one yet, you can sign up with a VoIP service provider over the Internet. • You should have the information your VoIP service provider gave you ready, before you start to configure the GPON Device. PMG5317-T20A User’s Guide...
Page 207: The Sip Account Screen
Use this screen to configure a SIP account and map it to a phone port. To access this screen, click the Add New Account button or click the Edit icon of an entry in the VoIP > SIP > SIP Account screen. PMG5317-T20A User’s Guide...
Page 208 Chapter 20 Voice Figure 118 VoIP > SIP > SIP Account > Add New Account/Edit PMG5317-T20A User’s Guide...
Page 209 GPON Device to accept the first or second choice. Speaking Volume Select the loudness that the GPON Device uses for speech that it sends to the peer device. Control -12 is the quietest, and 12 is the loudest. PMG5317-T20A User’s Guide...
Page 210 Line Number Warm Line Select this to have the GPON Device dial the specified warm line number after you pick up the telephone and do not press any keys on the keypad for a period of time. PMG5317-T20A User’s Guide...
Page 211: The Sip Service Provider Screen
This shows the name of the SIP service provider. Provider Name SIP Proxy Server This shows the IP address or domain name of the SIP server. Address REGISTER Server This shows the IP address or domain name of the SIP register server. Address PMG5317-T20A User’s Guide...
Page 212: The Sip Service Provider Add/Edit Screen
Note: Click more to see all the fields in the screen. You don’t necessarily need to use all these fields to set up your account. Click less to see and configure only the fields needed for this feature. PMG5317-T20A User’s Guide...
Page 213 Chapter 20 Voice Figure 120 VoIP > SIP > SIP Service Provider > Add New Provider/Edit PMG5317-T20A User’s Guide...
Page 214 If you select MultiWAN, you also need to select two or more pre-configured WAN interfaces that you set up in Network Setting > Broadband > Add New WAN Interface. The VoIP service is activated only when one of the selected WAN connections is up. Outbound Proxy PMG5317-T20A User’s Guide...
Page 215 Enter the number of seconds your SIP account is registered with the SIP register server Expiration before it is deleted. The GPON Device automatically tries to re-register your SIP account Duration when one-half of this time has passed. (The SIP register server might have a different expiration.) PMG5317-T20A User’s Guide...
Page 216: The Phone Device Screen
This field displays the name of a phone port on the GPON Device. Internal Number This field displays the internal call prefix of a phone port on the GPON Device. Incoming SIP This field displays the SIP number that you use to receive calls on this phone port. Number PMG5317-T20A User’s Guide...
Page 217: The Phone Device Edit Screen
If you select this, dial the phone number, and then press the pound key. The VMG makes the call immediately, instead of waiting. You can still wait, if you want. Click OK to save your changes. Cancel Click Cancel to exit this screen without saving. PMG5317-T20A User’s Guide...
Page 218: The Region Screen
SIP numbers that contain letters. Once you have configured a speed dial rule, you can use a shortcut (the speed dial number, #01 for example) on your phone's keypad to call the phone number. Click VoIP > Call Rule > Speed Dial. The following screen displays. PMG5317-T20A User’s Guide...
Page 219: The Call History Screen
Table 96 VoIP > Call History > Call History LABEL DESCRIPTION Classify Select the type of the calls. The call types are: Incoming, Outgoing and Missed. Clear List Click this button to remove all entries from the call history list. PMG5317-T20A User’s Guide...
Page 220: The Call Summary Screen
Missing Calls This displays how many incoming calls were not answered that day. Total Duration This displays how long all calls lasted that day. (hh:mm:ss) 20.10 Technical Reference This section contains background material relevant to the VoIP screens. PMG5317-T20A User’s Guide...
Page 221 IP address (for the routing of incoming SIP requests). After successful registration, the SIP server knows that the users (identified by their dedicated SIP URIs) are represented by the UA, and knows the IP address to which the SIP requests and responses should be sent. PMG5317-T20A User’s Guide...
Page 222 In the following example, you want to use client device A to call someone who is using client device The client device (A in the figure) sends a call invitation to the SIP proxy server (B). The SIP proxy server forwards the call invitation to C. PMG5317-T20A User’s Guide...
Page 223 Client device A sends a call invitation for C to the SIP redirect server (B). The SIP redirect server sends the invitation back to A with C’s IP address (or domain name). Client device A then sends the call invitation to client device C. PMG5317-T20A User’s Guide...
Page 224 SIP Call Progression The following figure displays the basic steps in the setup and tear down of a SIP call. A calls B. Table 98 SIP Call Progression 1. INVITE 2. Ringing 3. OK 4. ACK 5.Dialogue (voice traffic) PMG5317-T20A User’s Guide...
Page 225 The following figure shows the SIP and session traffic flow between the user agents (UA 1 and UA 2) and the proxy servers (this example shows two proxy servers, PROXY 1 and PROXY 2). Figure 130 SIP Call Through Proxy Servers PROXY 1 PROXY 2 & UA 1 UA 2 PMG5317-T20A User’s Guide...
Page 226 • G.711 is a Pulse Code Modulation (PCM) waveform codec. PCM measures analog signal amplitudes at regular time intervals and converts them into digital samples. G.711 provides very good sound quality but requires 64 kbps of bandwidth. PMG5317-T20A User’s Guide...
Page 227 You can record up to 5 different custom tones but the total time must be 900 seconds or less. Recording Custom Tones Use the following steps if you would like to create new tones or change your tones: PMG5317-T20A User’s Guide...
Page 228: Quality Of Service (Qos)
DiffServ is a class of service (CoS) model that marks packets so that they receive specific per-hop treatment at DiffServ-compliant network devices along the route based on the application types and traffic flow. Packets are marked with DiffServ Code Points (DSCP) indicating the level of service PMG5317-T20A User’s Guide...
Page 229: Phone Services Overview
• Three-Way Conference • Internal Calls • Call Park and Pickup • Do not Disturb • IVR • Call Completion • CCBS • Outgoing SIP The GPON Device does not support DiffServ at the time of writing. PMG5317-T20A User’s Guide...
Page 230: The Flash Key
Press the flash key and then “1” to disconnect the current call and resume the call on hold. If you hang up the phone but a caller is still on hold, there will be a remind ring. PMG5317-T20A User’s Guide...
Page 231 “2”. 20.10.2.3 USA Type Supplementary Services This section describes how to use supplementary phone services with the USA Type Call Service Mode. Commands for supplementary services are listed in the table below. PMG5317-T20A User’s Guide...
Page 232 When you are on the phone talking to someone (party A), press the flash key to put the caller on hold and get a dial tone. Dial a phone number directly to make another call (to party B). When party B answers the second call, press the flash key to create a three-way conversation. PMG5317-T20A User’s Guide...
Page 233: Phone Functions Summary
#### Internal Call Call the phone(s) connected to the GPON Device. One Shot Caller Display Call Activate or deactivate caller ID for the next call only. One Shot Caller Hidden Call PMG5317-T20A User’s Guide...
Page 234: Log
CODE SEVERITY Emergency: The system is unusable. Alert: Action must be taken immediately. Critical: The system condition is critical. Error: There is an error condition on the system. Warning: There is a warning condition on the system. PMG5317-T20A User’s Guide...
Page 235: The System Log Screen
This field states the reason for the log. 21.3 The Security Log Screen Use the Security Log screen to see the security-related logs for the categories that you select. Click System Monitor > Log > Security Log to open the following screen. PMG5317-T20A User’s Guide...
Page 236 This field displays the severity level of the log that the device is to send to this syslog server. Category This field displays the type of the log. Messages This field states the reason for the log. PMG5317-T20A User’s Guide...
Page 237: Traffic Status
Click System Monitor > Traffic Status to open the WAN screen. The figure in this screen shows the number of bytes received and sent on the GPON Device. Figure 134 System Monitor > Traffic Status > WAN PMG5317-T20A User’s Guide...
Page 238: The Lan Status Screen
Click System Monitor > Traffic Status > LAN to open the following screen. The figure in this screen shows the interface that is currently connected on the GPON Device. Figure 135 System Monitor > Traffic Status > LAN PMG5317-T20A User’s Guide...
Page 239: The Nat Status Screen
This displays what percentage of NAT sessions the GPON Device can support is currently being used by all connected hosts. You can also see the number of active NAT sessions and the maximum number of NAT sessions the GPON Device can support. PMG5317-T20A User’s Guide...
Page 240: Voip Status
VoIP > SIP > SIP Account > Edit > Enable SIP Account. Registration This field displays the last time the GPON Device successfully registered the SIP account on Time the SIP server. The field is blank if the SIP has not yet successfully registered this account. PMG5317-T20A User’s Guide...
Page 241 SIP account, and the remote peer is in the OnHold state. This situation happens under the following two scenarios: (a) the remote peer put the call on hold, or (b) the local user put the call on hold. PMG5317-T20A User’s Guide...
Page 242 Phone Status (This table displays the name and the SIP account binding relationship of different local phone ports. The SIP account binding relationship can be configured in VoIP > Phone > Phone Device.) Phone This field displays the name of each local phone port on the GPON Device. PMG5317-T20A User’s Guide...
Page 243 This field displays the single SIP account number that you use to make outgoing calls on Number this phone port. Incoming This field displays the SIP account number that you use to receive incoming calls on this Number phone port. PMG5317-T20A User’s Guide...
Page 244: Arp Table
MAC address that replied. 24.2 ARP Table Screen Use the ARP table to view IP-to-MAC address mapping(s). To open this screen, click System Monitor > ARP Table. Figure 138 System Monitor > ARP Table PMG5317-T20A User’s Guide...
Page 245 This is the learned IPv4 or IPv6 IP address of a device connected to a port. Address MAC Address This is the MAC address of the device with the listed IP address. Device This is the type of interface used by the device. PMG5317-T20A User’s Guide...
Page 246: Routing Table
This indicates the destination IPv4 address or IPv6 address and prefix of this route. Gateway This indicates the IPv4 address or IPv6 address of the gateway that helps forward this route’s traffic. Subnet Mask This indicates the destination subnet mask of the IPv4 route. PMG5317-T20A User’s Guide...
Page 247 LAN interface where x can be 0~3 to represent LAN1 to LAN4 respectively. ptm0 indicates a DSL WAN interface using IPoE, IPoA or in bridge mode. ethx indicates an Ethernet WAN interface using IPoE or in bridge mode. ppp0 indicates a WAN interface using PPPoE or PPPoA. PMG5317-T20A User’s Guide...
Page 248: System
Type a hostname for your GPON Device. Enter a descriptive name of up to 16 alphanumeric characters, not including spaces, underscores, and dashes. Domain Name Type a Domain name for your host GPON Device. Apply Click Apply to save your changes. Cancel Click Cancel to abandon this screen without saving. PMG5317-T20A User’s Guide...
Page 249: User Account
Click the Delete icon to remove the entry. 27.2.1 The User Account Add/Edit Screen Click Add New Account or the Edit icon of an existing account in the Maintenance > User Account to open the following screen. PMG5317-T20A User’s Guide...
Page 250 Retry Times. Group Specify whether this user will have Administrator or User privileges. Click OK to save your changes. Cancel Click Cancel to exit this screen without saving. PMG5317-T20A User’s Guide...
Page 251: Remote Management
Select Multi_WAN and then select one or more WAN connections to have the GPON Device activate the remote management service when the selected WAN connections are up. service This is the service you may use to access the GPON Device. PMG5317-T20A User’s Guide...
Page 252: The Trust Domain Screen
Use this screen to configure a public IP address which is allowed to access the GPON Device. Click the Add Trust Domain button in the Maintenance > Remote Management > Trust Domain screen to open the following screen. PMG5317-T20A User’s Guide...
Page 253 Enter a public IPv4 IP address which is allowed to access the service on the GPON Device from the WAN. Click OK to save your changes back to the GPON Device. Cancel Click Cancel to exit this screen without saving. PMG5317-T20A User’s Guide...
Page 254: Snmp
The managed devices contain object variables/managed objects that define each piece of information to be collected about a device. Examples of variables include such as number of packets received, node port status etc. A Management Information Base (MIB) is a collection of PMG5317-T20A User’s Guide...
Page 255 Enter the SNMP system contact. Trap Destination Type the IP address of the station to send your SNMP traps to. Apply Click this to save your changes back to the GPON Device. Cancel Click this to restore your previously saved settings. PMG5317-T20A User’s Guide...
Page 256: Time Settings
The following table describes the fields in this screen. Table 120 Maintenance > Time LABEL DESCRIPTION Current Date/Time Current Time This field displays the time of your GPON Device. Each time you reload this page, the GPON Device synchronizes the time with the time server. PMG5317-T20A User’s Guide...
Page 257 2 in the Time field because Germany's time zone is one hour ahead of GMT or UTC (GMT+1). Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. PMG5317-T20A User’s Guide...
Page 258: E-Mail Notification
Remove Click this button to delete the selected entry(ies). 31.2.1 E-mail Notification Edit Click the Add button in the E-mail Notification screen. Use this screen to configure the required information for sending e-mail via a mail server. PMG5317-T20A User’s Guide...
Page 259 Select STARTTLS to upgrade a plain text connection to a secure connection using SSL/TLS. Click this button to save your changes and return to the previous screen. Cancel Click this button to exit this screen without saving. PMG5317-T20A User’s Guide...
Page 260: Log Setting
You can configure where the GPON Device sends logs and which logs and/or immediate alerts the GPON Device records in the Logs Setting screen. 32.2 The Log Settings Screen To change your GPON Device’s log settings, click Maintenance > Logs Setting. The screen appears as shown. Figure 151 Maintenance > Logs Setting PMG5317-T20A User’s Guide...
Page 261: Example E-Mail Log
• You may edit the subject title. • The date format here is Day-Month-Year. • The date format here is Month-Day-Year. The time format is Hour-Minute-Second. • "End of Log" message shows that a complete log has been sent. PMG5317-T20A User’s Guide...
Page 262 |<1,02> 127|Apr 7 00 |From:192.168.1.131 To:192.168.1.255 |match |forward | 10:05:17 |UDP src port:00520 dest port:00520 |<1,02> 128|Apr 7 00 |From:192.168.1.1 To:192.168.1.255 |match |forward | 10:05:30 |UDP src port:00520 dest port:00520 |<1,02> End of Firewall Log PMG5317-T20A User’s Guide...
Page 263: Firmware Upgrade
Firmware Upgrade Current This is the present Firmware version and the date created. Firmware Version File Path Type in the location of the file you wasn’t to upload in this field or click Choose File to find PMG5317-T20A User’s Guide...
Page 264 The GPON Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 155 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen. PMG5317-T20A User’s Guide...
Page 265: Backup/Restore
The backup configuration file will be useful in case you need to return to your previous settings. Click Backup to save the GPON Device’s current configuration to your computer. PMG5317-T20A User’s Guide...
Page 266 If the upload was not successful, the following screen will appear. Click OK to go back to the Configuration screen. Figure 158 Configuration Upload Error Reset to Factory Defaults Click the Reset button to clear all user-entered configuration information and return the GPON Device to its factory defaults. The following warning screen appears. PMG5317-T20A User’s Guide...
Page 267: The Reboot Screen
GPON Device hangs, for example. Click Maintenance > Reboot. Click Reboot to have the GPON Device reboot. This does not affect the GPON Device's configuration. Figure 161 Maintenance > Reboot PMG5317-T20A User’s Guide...
Page 268: Diagnostic
If an MEP port does not respond to the source MEP, this may indicate a fault. Administrators can take further action to check and resume services from the fault according to the line connectivity status report. PMG5317-T20A User’s Guide...
Page 269: Ping & Traceroute & Nslookup
Click this button to perform the traceroute function. This determines the path a packet takes to the specified computer. Nslookup Click this button to perform a DNS lookup on the IP address of a computer you enter. PMG5317-T20A User’s Guide...
Page 270: Chapter 36 Slid
Enter the SLID used for gaining access to the service provider’s network. It is case- sensitive, so make sure [Caps Lock] is not on. Apply Click Apply to save your changes back to the GPON Device. Cancel Click Cancel to begin configuring this screen afresh. PMG5317-T20A User’s Guide...
Page 271: Chapter 37 Troubleshooting
Make sure you understand the normal behavior of the LED. See Section 1.5 on page Check the hardware connections. Inspect your cables for damage. Contact the vendor to replace any damaged cables. Turn the GPON Device off and on. PMG5317-T20A User’s Guide...
Page 272: Gpon Device Access And Login
Make sure your Internet browser does not block pop-up windows and has JavaScripts and Java enabled. If it is possible to log in from another interface, check the service control settings for HTTP and HTTPS (Maintenance > Remote MGMT). PMG5317-T20A User’s Guide...
Page 273 I cannot use FTP to upload / download the configuration file. / I cannot use FTP to upload new firmware. See the troubleshooting suggestions for I cannot see or access the Login screen in the web configurator. Ignore the suggestions about your browser. PMG5317-T20A User’s Guide...
Page 274: Internet Access
If the problem continues, contact your vendor. 37.4 Wireless Internet Access What factors may cause intermittent or unstabled wireless connection? How can I solve this problem? The following factors may cause interference: • Obstacles: walls, ceilings, furniture, and so on. PMG5317-T20A User’s Guide...
Page 275: Usb Device Connection
If you are connecting a USB hard drive that comes with an external power supply, make sure it is connected to an appropriate power source that is on. Re-connect your USB device to the GPON Device. 37.6 UPnP When using UPnP and the GPON Device reboots, my computer cannot detect UPnP. PMG5317-T20A User’s Guide...
Page 276 Chapter 37 Troubleshooting Disconnect the Ethernet cable from the GPON Device’s LAN port or from your computer. Re-connect the Ethernet cable. The Local Area Connection icon for UPnP disappears in the screen. Restart your computer. PMG5317-T20A User’s Guide...
Page 277: Part Iii Appendices
Appendices Appendices contain general information. Some information may not apply to your device.
Page 278: Appendix A Customer Support
• Brief description of the problem and the steps you took to solve it. Corporate Headquarters (Worldwide) Taiwan • ZyXEL Communications Corporation • http://www.zyxel.com Asia China • ZyXEL Communications (Shanghai) Corp. ZyXEL Communications (Beijing) Corp. ZyXEL Communications (Tianjin) Corp. • http://www.zyxel.cn India • ZyXEL Technology India Pvt Ltd • http://www.zyxel.in Kazakhstan •...
Page 279 • ZyXEL Singapore Pte Ltd. • http://www.zyxel.com.sg Taiwan • ZyXEL Communications Corporation • http://www.zyxel.com/tw/zh/ Thailand • ZyXEL Thailand Co., Ltd • http://www.zyxel.co.th Vietnam • ZyXEL Communications Corporation-Vietnam Office • http://www.zyxel.com/vn/vi Europe Austria • ZyXEL Deutschland GmbH • http://www.zyxel.de Belarus • ZyXEL BY • http://www.zyxel.by...
Page 280 Appendix A Customer Support Belgium • ZyXEL Communications B.V. • http://www.zyxel.com/be/nl/ • http://www.zyxel.com/be/fr/ Bulgaria • ZyXEL България • http://www.zyxel.com/bg/bg/ Czech Republic • ZyXEL Communications Czech s.r.o • http://www.zyxel.cz Denmark • ZyXEL Communications A/S • http://www.zyxel.dk Estonia • ZyXEL Estonia • http://www.zyxel.com/ee/et/ Finland •...
Page 281 • ZyXEL Communications Poland • http://www.zyxel.pl Romania • ZyXEL Romania • http://www.zyxel.com/ro/ro Russia • ZyXEL Russia • http://www.zyxel.ru Slovakia • ZyXEL Communications Czech s.r.o. organizacna zlozka • http://www.zyxel.sk Spain • ZyXEL Communications ES Ltd • http://www.zyxel.es Sweden • ZyXEL Communications • http://www.zyxel.se Switzerland •...
Page 282 Appendix A Customer Support • http://www.zyxel.ch/ Turkey • ZyXEL Turkey A.S. • http://www.zyxel.com.tr • ZyXEL Communications UK Ltd. • http://www.zyxel.co.uk Ukraine • ZyXEL Ukraine • http://www.ua.zyxel.com Latin America Argentina • ZyXEL Communication Corporation • http://www.zyxel.com/ec/es/ Brazil • ZyXEL Communications Brasil Ltda.
Page 283 Appendix A Customer Support North America • ZyXEL Communications, Inc. - North America Headquarters • http://www.zyxel.com/us/en/ Oceania Australia • ZyXEL Communications Corporation • http://www.zyxel.com/au/en/ Africa South Africa • Nology (Pty) Ltd. • http://www.zyxel.co.za PMG5317-T20A User’s Guide...
Page 284: Appendix B Wireless Lans
Intra-BSS traffic is traffic between wireless clients in the BSS. When Intra-BSS is enabled, wireless client A and B can access the wired network and communicate with each other. When Intra-BSS is disabled, wireless client A and B can still access the wired network but cannot communicate with each other. PMG5317-T20A User’s Guide...
Page 285 An ESSID (ESS IDentification) uniquely identifies each ESS. All access points and their associated wireless clients within the same ESS must have the same ESSID in order to communicate. PMG5317-T20A User’s Guide...
Page 286 (AP) or wireless gateway, but out-of-range of each other, so they cannot "hear" each other, that is they do not know if the channel is currently being used. Therefore, they are considered hidden from each other. PMG5317-T20A User’s Guide...
Page 287 If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. PMG5317-T20A User’s Guide...
Page 288 RADIUS is based on a client-server model that supports authentication, authorization and accounting. The access point is the client and the server is the RADIUS server. The RADIUS server handles the following tasks: • Authentication Determines the identity of the users. PMG5317-T20A User’s Guide...
Page 289 RADIUS server perform authentication. For EAP-TLS authentication type, you must first have a wired connection to the network and obtain the certificate(s) from a certificate authority (CA). A certificate (also called digital IDs) can be used PMG5317-T20A User’s Guide...
Page 290 The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless connection times out, disconnects or reauthentication times out. A new WEP key is generated each time reauthentication is performed. PMG5317-T20A User’s Guide...
Page 291 TKIP with Advanced Encryption Standard (AES) in the Counter mode with Cipher block chaining Message authentication code Protocol (CCMP). TKIP uses 128-bit keys that are dynamically generated and distributed by the authentication server. AES (Advanced Encryption Standard) is a block cipher that uses a 256-bit mathematical algorithm PMG5317-T20A User’s Guide...
Page 292 WPA. At the time of writing, the most widely available supplicant is the WPA patch for Windows XP, Funk Software's Odyssey client. The Windows XP patch is a free download that adds WPA capability to Windows XP's built-in "Zero Configuration" wireless client. However, you must run Windows XP to use it. PMG5317-T20A User’s Guide...
Page 293 The AP checks each wireless client's password and allows it to join the network only if the password matches. The AP and wireless clients generate a common PMK (Pairwise Master Key). The key itself is not sent over the network, but is derived from the PSK and the SSID. PMG5317-T20A User’s Guide...
Page 294: Security Parameters Summary
An antenna couples RF signals onto air. A transmitter within a wireless device sends an RF signal to the antenna, which propagates the signal through the air. The antenna also operates in reverse by capturing RF signals from the air. Positioning the antennas properly increases the range and coverage area of a wireless LAN. PMG5317-T20A User’s Guide...
Page 295 For a single AP application, place omni-directional antennas as close to the center of the coverage area as possible. For directional antennas, point the antenna in the direction of the desired coverage area. PMG5317-T20A User’s Guide...
Page 296: Appendix C Ipv6
“private IP address” in IPv4. You can have the same link-local address on multiple interfaces on a device. A link-local unicast address has a predefined prefix of fe80::/10. The link-local unicast address format is as follows. Table 132 Link-local Unicast Address Format 1111 1110 10 Interface ID 10 bits 54 bits 64 bits PMG5317-T20A User’s Guide...
Page 297 All DHCP severs on a local site. FF05:0:0:0:0:0:1:3 The following table describes the multicast addresses which are reserved and can not be assigned to a multicast group. Table 134 Reserved Multicast Address MULTICAST ADDRESS FF00:0:0:0:0:0:0:0 FF01:0:0:0:0:0:0:0 FF02:0:0:0:0:0:0:0 FF03:0:0:0:0:0:0:0 FF04:0:0:0:0:0:0:0 FF05:0:0:0:0:0:0:0 FF06:0:0:0:0:0:0:0 FF07:0:0:0:0:0:0:0 PMG5317-T20A User’s Guide...
Page 298 DHCPv6 server uses T1 and T2 to control the time at which the client contacts with the server to extend the lifetimes on any addresses in the IA_NA before the lifetimes expire. After T1, the client sends the server (S1) (from which the addresses in the IA_NA were obtained) a Renew message. If PMG5317-T20A User’s Guide...
Page 299 • Neighbor solicitation: A request from a host to determine a neighbor’s link-layer address (MAC address) and detect if the neighbor is still reachable. A neighbor being “reachable” means it responds to a neighbor solicitation message (from the host) with a neighbor advertisement message. PMG5317-T20A User’s Guide...
Page 300 An MLD Done message is equivalent to an IGMP Leave message. When an MLD host wants to leave a multicast group, it can send a Done message to the router or switch. The router or switch then PMG5317-T20A User’s Guide...
Page 301 Install Dibbler and select the DHCPv6 client option on your computer. After the installation is complete, select Start > All Programs > Dibbler-DHCPv6 > Client Install as service. Select Start > Control Panel > Administrative Tools > Services. Double click Dibbler - a DHCPv6 client. PMG5317-T20A User’s Guide...
Page 302 Windows 7 supports IPv6 by default. DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer. To enable IPv6 in Windows 7: Select Control Panel > Network and Sharing Center > Local Area Connection. Select the Internet Protocol Version 6 (TCP/IPv6) checkbox to enable it. Click OK to save the change. PMG5317-T20A User’s Guide...
Page 303 IPv4 Address... : 172.16.100.61 Subnet Mask ... : 255.255.255.0 Default Gateway ..: fe80::213:49ff:feaa:7125%11 172.16.100.254 PMG5317-T20A User’s Guide...
Page 304: Appendix D Services
• If the Protocol is TCP, UDP, or TCP/UDP, this is the IP port number. • If the Protocol is USER, this is the IP protocol number. • Description: This is a brief explanation of the applications that use this service or the situations in which this service is used. PMG5317-T20A User’s Guide...
Page 305 Microsoft Networks’ messenger service uses this protocol. NetBIOS TCP/UDP The Network Basic Input/Output System is used for communication between computers in a LAN. TCP/UDP TCP/UDP TCP/UDP NEW-ICQ 5190 An Internet chat program. NEWS A protocol for news groups. PMG5317-T20A User’s Guide...
Page 306 UNIX systems and network servers. SSDP 1900 The Simple Service Discovery Protocol supports Universal Plug-and-Play (UPnP). TCP/UDP Secure Shell Remote Login Program. STRM WORKS 1558 Stream Works Protocol. PMG5317-T20A User’s Guide...
Page 307 Internet and in UNIX environments. It operates over TCP/IP networks. Its primary function is to allow users to log into remote host systems. VDOLIVE 7000 A videoconferencing solution. The UDP port number is specified in the application. user- defined PMG5317-T20A User’s Guide...
Page 308: Appendix E Legal Information
The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved.
Page 309 ZyXEL tímto prohlašuje, že tento zařízení je ve shodě se základními požadavky a dalšími příslušnými ustanoveními (Czech) směrnice 1999/5/EC. Dansk (Danish) Undertegnede ZyXEL erklærer herved, at følgende udstyr udstyr overholder de væsentlige krav og øvrige relevante krav i direktiv 1999/5/EF. PMG5317-T20A User’s Guide...
Page 310 • Les liaisons sans fil pour une utilisation en extérieur d’une distance supérieure à 300 mètres doivent être notifiées à l’Institut Belge des services Postaux et des Télécommunications (IBPT). Visitez http://www.ibpt.be pour de plus amples détails. Denmark PMG5317-T20A User’s Guide...
Page 311: Safety Warnings
For detailed information about recycling of this product, please contact your local city office, your household waste disposal service or the store where you purchased the product. PMG5317-T20A User’s Guide...
Page 312 Symbolen innebär att enligt lokal lagstiftning ska produkten och/eller dess batteri kastas separat från hushållsavfallet. När den här produkten når slutet av sin livslängd ska du ta den till en återvinningsstation. Vid tiden för kasseringen bidrar du till en bättre miljö och mänsklig hälsa genom att göra dig av med den på ett återvinningsställe. PMG5317-T20A User’s Guide...
Page 313 Appendix E Legal Information Environmental Product Declaration PMG5317-T20A User’s Guide...
Page 314 Various symbols are used in this product to ensure correct usage, to prevent danger to the user and others, and to prevent property damage. The meaning of these symbols are described below. It is important that you read these descriptions thoroughly and fully understand the contents. PMG5317-T20A User’s Guide...
Page 315: Zyxel Limited Warranty
This product contains in part some free software distributed under GPL license terms and/or GPL like licenses. Open source licenses are provided with the firmware package. You can download the latest firmware at www.zyxel.com. To obtain the source code covered under those Licenses, please contact support@zyxel.com.tw to get it. PMG5317-T20A User’s Guide...
Page 316: Index
Basic Service Set, See BSS channel Basic Service Set, see BSS interference blinking LEDs channel, wireless LAN Broadband Class of Service 102, 284 Class of Service, see CoS example client list BYE request client-server protocol comfort noise generation configuration PMG5317-T20A User’s Guide...
Page 317 Domain Name Domain Name System, see DNS DS field 147, 229 DS, dee differentiated services G.168 DSCP 147, 228 General wireless LAN screen dynamic DNS wildcard Dynamic Host Configuration Protocol, see DHCP dynamic WEP key exchange DYNDNS wildcard PMG5317-T20A User’s Guide...
Page 318 MAC address 92, 116 prefix 73, 296 filter 91, 100 prefix delegation MAC authentication prefix length 73, 296 unspecified address Mac filter iTunes server Maintenance Association, see MA ITU-T Maintenance Domain, see MD Maintenance End Point, see MEP PMG5317-T20A User’s Guide...
Page 319 Network Address Translation, see NAT Network Map network map 132, 147, 228 marking NNTP setup non-proxy calls tagging versus CoS Quality of Service, see QoS Quick Start Guide OK response 225, 226 OLT (Optical Line Terminal) RADIUS message types PMG5317-T20A User’s Guide...
Page 320 Simple Network Management Protocol, see SNMP subnet mask 111, 123 Single Rate Three Color Marker, see srTCM supplementary services SYN attack account syslog call progression protocol client severity levels identities system INVITE request 225, 226 firmware number PMG5317-T20A User’s Guide...
Page 321 95, 99 security NAT traversal SSID USA type call service mode activation status WPA-PSK 103, 105 example voice activity detection limitations voice coding VoIP push button 20, 103 peer-to-peer calls wireless security tutorial Wireless tutorial VoIP features PMG5317-T20A User’s Guide...
Page 322 WPA2-PSK wireless client supplicant with RADIUS application example WPA2-Pre-Shared Key WPA2-PSK 291, 292 application example WPA-PSK 101, 291, 292 application example 103, 105 example limitations example push button 20, 103 ZyXEL Family Safety page PMG5317-T20A User’s Guide...

ZyXEL Communications PMG5317-T20A User Manual

Contents Overview

Table of Contents

User's Guide

PART I User's Guide

Chapter 1 Introduction

Chapter 2 The Web Configurator

Chapter 3 Quick Start

Chapter 4 Tutorials

Technical Reference

Part II: Technical Reference

Chapter 5 Network Map and Status Screens

Chapter 6 Broadband

Chapter 7 Wireless

Chapter 8 Home Networking

Chapter 9 Routing

Chapter 10 Quality of Service (Qos)

Chapter 11 Network Address Translation (NAT)

Chapter 12 Dynamic DNS Setup

Chapter 13 Interface Grouping

Chapter 14 USB Service

Chapter 15 Firewall

Chapter 16 MAC Filter

Chapter 17 Parental Control

Chapter 18 Scheduler Rule

Chapter 19 Certificates

Chapter 20 Voice

Chapter 21 Log

Chapter 22 Traffic Status

Chapter 23 Voip Status

Chapter 24 ARP Table

Chapter 25 Routing Table

Chapter 26 System

Chapter 27 User Account

Chapter 28 Remote Management

Chapter 29 SNMP

Chapter 30 Time Settings

Chapter 31 E-Mail Notification

Chapter 32 Log Setting

Chapter 33 Firmware Upgrade

Chapter 34 Backup/Restore

Chapter 35 Diagnostic

Chapter 36 SLID

Chapter 37 Troubleshooting

PART III Appendices

Appendix A Customer Support

Appendix B Wireless Lans

Quick Links

Related Manuals for ZyXEL Communications PMG5317-T20A

Summary of Contents for ZyXEL Communications PMG5317-T20A