Page 1 P-334U/P-335U 802.11a/g Wireless Router User’s Guide Version 3.60 Edition 2 11/2006...
Page 4: Certifications
P-334U/P-335U User’s Guide Federal Communications Commission (FCC) Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations.
Page 5 Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada. Viewing Certifications 1 Go to http://www.zyxel.com. 2 Select your product on the ZyXEL home page to go to that product's page. 3 Select the certification you wish to view from this page. Certifications P-334U/P-335U User’s Guide...
Page 6: Safety Warnings
P-334U/P-335U User’s Guide For your safety, be sure to read and follow all warning notices and instructions. • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids.
Page 7: Zyxel Limited Warranty
Registration Register your product online to receive e-mail notices of firmware upgrades and information www.zyxel.com for global products, or at ZyXEL Limited Warranty P-334U/P-335U User’s Guide www.us.zyxel.com for North American products.
Page 8: Customer Support
P-334U/P-335U User’s Guide Please have the following information ready when you contact customer support. • Product model and serial number. • Warranty Information. • Date that you received your device. • Brief description of the problem and the steps you took to solve it.
Page 9 +34-913-005-345 +46-31-744-7700 www.zyxel.se +46-31-744-7701 www.ua.zyxel.com +380-44-494-49-32 +44-1344 303044 www.zyxel.co.uk 08707 555779 (UK only) +44-1344 303034 ftp.zyxel.co.uk P-334U/P-335U User’s Guide REGULAR MAIL ZyXEL Communications ul. Okrzei 1A 03-715 Warszawa Poland ZyXEL Russia Ostrovityanova 37a Str. Moscow, 117279 Russia ZyXEL Communications Arte, 21 5ª planta...
Page 10 P-334U/P-335U User’s Guide Customer Support...
Page 11: Table Of Contents
1.2.1 Secure Broadband Internet Access via Cable or DSL Modem ...31 1.2.2 Wireless LAN Application ...32 1.2.3 Print Server and Router Combined Application (P-335U Only) ...33 1.2.4 VPN Application (P-335U Only) ...33 1.3 Ways to Manage the ZyXEL Device ...33 1.4 Good Habits for Managing Your ZyXEL Device ...34...
Page 12 P-334U/P-335U User’s Guide Chapter 3 Connection Wizard... 49 3.1 Wizard Setup ...49 3.2 Connection Wizard: STEP 1: System Information ...50 3.2.1 System Name ...50 3.2.2 Domain Name ...51 3.3 Connection Wizard: STEP 2: Wireless LAN ...51 3.3.1 Basic(WEP) Security ...53 3.3.2 Extend(WPA-PSK or WPA2-PSK) Security ...54...
Page 13 7.4 LAN IP Alias ...107 7.5 Advanced LAN Screen ...108 Chapter 8 DHCP Server ...111 8.1 DHCP ... 111 8.2 DHCP Server General Screen ... 111 8.3 DHCP Server Advanced Screen 8.4 Client List Screen ...113 Table of Contents P-334U/P-335U User’s Guide ...112...
Page 14 P-334U/P-335U User’s Guide Chapter 9 Network Address Translation (NAT) ... 115 9.1 NAT Overview 9.2 Using NAT ...115 9.2.1 Port Forwarding: Services and Port Numbers ...115 9.2.2 Configuring Servers Behind Port Forwarding (Example) ...116 9.3 General NAT Screen ...116 9.4 NAT Application Screen 9.4.1 Game List Example ...119...
Page 15 Static Route Screens ... 169 14.1 Static Route Overview ...169 14.2 IP Static Route Screen ...170 14.2.1 Static Route Setup Screen ...171 Chapter 15 Bandwidth Management ... 173 15.1 Bandwidth Management Overview ...173 Table of Contents P-334U/P-335U User’s Guide ...153 ...159...
Page 16 P-334U/P-335U User’s Guide 15.2 Application-based Bandwidth Management ...173 15.3 Subnet-based Bandwidth Management ...174 15.4 Application and Subnet-based Bandwidth Management ...174 15.5 Bandwidth Management Priorities ...175 15.6 Predefined Bandwidth Management Services ...175 15.6.1 Services and Port Numbers ...176 15.7 Default Bandwidth Management Classes and Priorities ...178 15.8 Bandwidth Management General Configuration ...179...
Page 17 Configuration Mode ... 229 Chapter 24 Troubleshooting ... 231 24.1 Problems Starting Up the ZyXEL Device ...231 24.2 Problems with the LAN ...231 24.3 Problems with the WAN ...232 24.4 Problems Accessing the ZyXEL Device ...233 Table of Contents P-334U/P-335U User’s Guide...
Page 18 P-334U/P-335U User’s Guide 24.5 Problems with Restricted Web Pages and Keyword Blocking ...233 24.5.1 Pop-up Windows, JavaScripts and Java Permissions ...235 24.5.1.1 Internet Explorer Pop-up Blockers ...235 24.5.1.2 JavaScripts ...238 24.5.1.3 Java Permissions ...240 24.5.2 ActiveX Controls in Internet Explorer ...242 Appendix A Product Specifications ...
Page 19 Figure 3 Print Server Application ... 33 Figure 4 VPN Application ... 33 Figure 5 Front Panel (P-334U) ... 34 Figure 6 Front Panel (P-335U) ... 34 Figure 7 Change Password Screen ... 38 Figure 8 Web Configurator Status Screen ... 39 Figure 9 Summary: BW MGMT Monitor ...
Page 20 P-334U/P-335U User’s Guide Figure 37 Wireless: WPA-PSK/WPA2-PSK ... 74 Figure 38 Wireless: WPA/WPA2 ... 76 Figure 39 OTIST ... 78 Figure 40 Example Wireless Client OTIST Screen ... 79 Figure 41 Security Key ... 80 Figure 42 OTIST in Progress (AP) ... 80 Figure 43 OTIST in Progress (Client) ...
Page 21 P-334U/P-335U User’s Guide Figure 80 Content Filter: Filter ... 134 Figure 81 Content Filter: Schedule ... 135 Figure 82 VPN: Example ... 139 Figure 83 VPN: IKE SA and IPSec SA ... 140 Figure 84 IKE SA: Main Negotiation Mode, Steps 1 - 2: IKE SA Proposal ... 141 Figure 85 IKE SA: Main Negotiation Mode, Steps 3 - 4: DH Key Exchange ...
Page 22 P-334U/P-335U User’s Guide Figure 123 Add Printer Help ... 207 Figure 124 Add Printer Wizard: Welcome ... 207 Figure 125 Add Printer Wizard: Local or Network Printer ... 208 Figure 126 Add Printer Wizard: Select the Printer Port ... 208 Figure 127 Add Printer Wizard: Printer Driver ...
Page 23 P-334U/P-335U User’s Guide Figure 166 Windows 95/98/Me: TCP/IP Properties: IP Address ... 257 Figure 167 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ... 258 Figure 168 Windows XP: Start Menu ... 259 Figure 169 Windows XP: Control Panel ... 259 Figure 170 Windows XP: Control Panel: Network Connections: Properties ... 260 Figure 171 Windows XP: Local Area Connection Properties ...
Page 24 P-334U/P-335U User’s Guide...
Page 25 P-334U/P-335U User’s Guide List of Tables Table 1 Front Panel LEDs ... 35 Table 2 Status Screen Icon Key ... 39 Table 3 Web Configurator Status Screen ... 40 Table 4 Screens Summary ... 42 Table 5 Summary: DHCP Table ... 44 Table 6 Summary: VPN Monitor ...
Page 26 P-334U/P-335U User’s Guide Table 37 Advanced LAN ... 108 Table 38 DHCP Server General ... 111 Table 39 DHCP Server Advanced ... 113 Table 40 Client List ... 114 Table 41 NAT General ... 117 Table 42 NAT Application ... 118 Table 43 NAT Advanced ...
Page 27 P-334U/P-335U User’s Guide Table 80 Maintenance Firmware Upload ... 223 Table 81 Maintenance Restore Configuration ... 225 Table 82 Config Mode: Advanced Screens ... 229 Table 83 Troubleshooting Starting Up Your ZyXEL Device ... 231 Table 84 Troubleshooting the LAN ... 231 Table 85 Troubleshooting the WAN ...
Page 28 P-334U/P-335U User’s Guide Table 123 Content Filtering Logs ... 297 Table 124 Attack Logs ... 298 Table 125 IPSec Logs ... 299 Table 126 IKE Logs ... 299 Table 127 PKI Logs ... 302 Table 128 Certificate Path Verification Failure Reason Codes ... 303 Table 129 802.1X Logs ...
Page 29: Preface
Congratulations on your purchase of the P-334U or P-335U 802.11a/g Wireless Router. This manual is designed to guide you through the configuration of your P-334U or P-335U for its various applications. About This User's Guide This User’s Guide is designed to guide you through the configuration of your ZyXEL Device using the web configurator.
Page 30 P-334U/P-335U User’s Guide • The P-334U or P-335U series may be referred to as the “ZyXEL Device” in this User’s Guide. Graphics Icons Key ZyXEL Device Server Modem Wireless Signal Computer Notebook computer DSLAM Firewall Switch Router Preface...
Page 31: Getting To Know Your Zyxel Device
The P-335U provides a USB port to connect to a USB v1.1 compliant printer and can act as a print server. The computers connected to the P-335U can share a priner without a dedicated or standalone print server.
Page 32: Wireless Lan Application
P-334U/P-335U User’s Guide The ZyXEL Device guarantees not only high speed Internet access, but secure internal network protection and traffic management as well. Figure 1 Secure Internet Access via Cable or DSL Modem You can also configure firewall and content filtering on the ZyXEL Device for secure Internet access.
Page 33: Print Server And Router Combined Application (P-335U Only)
The P-335U’s built-in print server allows your network’s computers to share a printer. Simply connect a USB printer to the USB port on the ZyXEL Device. The following figure shows how you can setup your printer to operate on a LAN using the P-335U as a router and print server.
Page 34: Good Habits For Managing Your Zyxel Device
If you backed up an earlier configuration file, you would not have to totally re-configure the ZyXEL Device. You could simply restore your last configuration. 1.4.1 Front Panel LEDs Figure 5 Front Panel (P-334U) Figure 6 Front Panel (P-335U) Chapter 1 Getting to Know Your ZyXEL Device...
Page 35: Table 1 Front Panel Leds
OTIST is not activated or WLAN settings are manually configured after OTIST is successful. The print server connection is not ready, or has failed. The print server has a successful connection. Blinking The print server is sending/receiving data. P-334U/P-335U User’s Guide...
Page 36 P-334U/P-335U User’s Guide Chapter 1 Getting to Know Your ZyXEL Device...
Page 37: Introducing The Web Configurator
5 You should see a screen asking you to change your password (highly recommended) as shown next. Type a new password (and retype it to confirm) and click Apply or click Ignore. Chapter 2 Introducing the Web Configurator H A P T E R Introducing the Web Configurator P-334U/P-335U User’s Guide...
Page 38: Resetting The Zyxel Device
P-334U/P-335U User’s Guide Figure 7 Change Password Screen Note: The management session automatically times out when the time period set in the Administrator Inactivity Timer field expires (default five minutes). Simply log back into the ZyXEL Device if this happens to you.
Page 39: Figure 8 Web Configurator Status Screen
Click this icon to open the setup wizard. The ZyXEL Device has a connection wizard and a bandwidth management wizard. Click this icon to view copyright and a link for related product information. Click this icon at any time to exit the web configurator. Chapter 2 Introducing the Web Configurator P-334U/P-335U User’s Guide...
Page 40: Table 3 Web Configurator Status Screen
P-334U/P-335U User’s Guide Table 2 Status Screen Icon Key ICON DESCRIPTION Select a number of seconds or None from the drop-down list box to refresh all screen statistics automatically at the end of every time interval or to not refresh the screen statistics.
Page 41: Navigation Panel
Use this screen to view the wireless stations that are currently associated to the ZyXEL Device. 2.4.1 Navigation Panel After you enter the password, use the sub-menus on the navigation panel to configure ZyXEL Device features. Chapter 2 Introducing the Web Configurator P-334U/P-335U User’s Guide...
Page 42: Table 4 Screens Summary
P-334U/P-335U User’s Guide The following table describes the sub-menus. Table 4 Screens Summary LINK Status Network Wireless LAN General OTIST MAC Filter Advanced Internet Connection Advanced IP Alias Advanced DHCP Server General Advanced Client List General Application Advanced DDNS General...
Page 43: Summary: Bandwidth Management Monitor
Use this screen to backup and restore the configuration or reset the factory defaults to your ZyXEL Device. This screen allows you to reboot the ZyXEL Device without turning the power off. This screen allows you to display or hide the advanced screens or features. P-334U/P-335U User’s Guide...
Page 44: Summary: Dhcp Table
P-334U/P-335U User’s Guide Figure 9 Summary: BW MGMT Monitor 2.4.3 Summary: DHCP Table DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server. You can configure the ZyXEL Device as a DHCP server or disable it.
Page 45: Summary: Packet Statistics
This is the number of transmitted packets on this port. This is the number of received packets on this port. This is the number of collisions on this port. This displays the transmission speed in bytes per second on this port. P-334U/P-335U User’s Guide...
Page 46: Vpn Monitor
P-334U/P-335U User’s Guide Figure 12 Summary: Packet Statistics LABEL Rx B/s Up Time System Up Time Poll Interval(s) Set Interval Stop 2.4.5 VPN Monitor Click VPN Monitor (Details...) hyperlink in the Status screen. This screen displays read-only information about the active VPN connections. A Security Association (SA) is the group of security settings related to a specific VPN tunnel.
Page 47: Figure 14 Summary: Wireless Association List
This is the index number of an associated wireless station. This field displays the MAC address of an associated wireless station. This field displays the time a wireless station first associated with the ZyXEL Device. Click Refresh to redisplay the current screen. P-334U/P-335U User’s Guide...
Page 48 P-334U/P-335U User’s Guide Chapter 2 Introducing the Web Configurator...
Page 49: Chapter 3 Connection Wizard
Figure 15 Select Wizard or Advanced Mode 2 Choose your language from the drop-down list box. 3 Click the Next button to proceed to the next screen. Chapter 3 Connection Wizard P-334U/P-335U User’s Guide H A P T E R Connection Wizard...
Page 50: Connection Wizard: Step 1: System Information
P-334U/P-335U User’s Guide Figure 16 Select a Language 4 Read the on-screen information and click Next. Figure 17 Welcome to the Connection Wizard 3.2 Connection Wizard: STEP 1: System Information System Information contains administrative and system-related information. 3.2.1 System Name System Name is for identification purposes.
Page 51: Domain Name
Click Next to proceed to the next screen. Exit Click Exit to close the wizard screen without saving. 3.3 Connection Wizard: STEP 2: Wireless LAN Set up your wireless LAN using the following screen. Chapter 3 Connection Wizard P-334U/P-335U User’s Guide...
Page 52: Figure 19 Wizard Step 2: Wireless Lan
P-334U/P-335U User’s Guide Figure 19 Wizard Step 2: Wireless LAN The following table describes the labels in this screen. Table 9 Wizard Step 2: Wireless LAN LABEL DESCRIPTION Name(SSID) Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless LAN.
Page 53: Basic(Wep) Security
Encryption ASCII Select this option in order to enter ASCII characters as the WEP keys. HEX Select this option to enter hexadecimal characters as the WEP keys. The preceding “0x” is entered automatically. Chapter 3 Connection Wizard P-334U/P-335U User’s Guide...
Page 54: Extend(Wpa-Psk Or Wpa2-Psk) Security
P-334U/P-335U User’s Guide Table 10 Wizard Step 2: Basic(WEP) Security LABEL DESCRIPTION Key 1 to Key 4 The WEP keys are used to encrypt data. Both the ZyXEL Device and the wireless stations must use the same WEP key for data transmission.
Page 55: Otist
Be sure to use the same OTIST Setup Key on the ZyXEL Device and wireless clients. Click Back to display the previous screen. Click Next to proceed to the next screen. Click Exit to close the wizard screen without saving. P-334U/P-335U User’s Guide...
Page 56: Connection Wizard: Step 3: Internet Configuration
P-334U/P-335U User’s Guide 3.4 Connection Wizard: STEP 3: Internet Configuration The ZyXEL Device offers three Internet connection types. They are Ethernet, PPP over Ethernet or PPTP. The wizard attempts to detect which WAN connection type you are using. If the wizard does not detect a connection type, you must select one from the drop-down list box.
Page 57: Pppoe Connection
LAN do not need PPPoE software installed, since the ZyXEL Device does that part of the task. Furthermore, with NAT, all of the LAN's computers will have Internet access. Refer to the appendix for more information on PPPoE. Chapter 3 Connection Wizard P-334U/P-335U User’s Guide...
Page 58: Pptp Connection
P-334U/P-335U User’s Guide Figure 25 Wizard Step 3: PPPoE Connection The following table describes the labels in this screen. Table 14 Wizard Step 3: PPPoE Connection LABEL DESCRIPTION ISP Parameter for Internet Access Connection Type Select the PPP over Ethernet option for a dial-up connection.
Page 59: Figure 26 Wizard Step 3: Pptp Connection
This field is optional and depends on the requirements of your ISP. Back Click Back to return to the previous screen. Next Click Next to continue. Exit Click Exit to close the wizard screen without saving. Chapter 3 Connection Wizard P-334U/P-335U User’s Guide...
Page 60: Your Ip Address
P-334U/P-335U User’s Guide 3.4.4 Your IP Address The following wizard screen allows you to assign a fixed IP address or give the ZyXEL Device an automatically assigned IP address depending on your ISP. Figure 27 Wizard Step 3: Your IP Address...
Page 61: Ip Address And Subnet Mask
IP address of www.zyxel.com is 204.217.0.2. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it. The ZyXEL Device can get the DNS server addresses in the following ways. Chapter 3 Connection Wizard P-334U/P-335U User’s Guide...
Page 62: Wan Ip And Dns Server Address Assignment
P-334U/P-335U User’s Guide 1 The ISP tells you the DNS server addresses, usually in the form of an information sheet, when you sign up. If your ISP gives you DNS server addresses, enter them in the DNS Server fields in the Wizard and/or WAN > Internet Connection screen.
Page 63: Wan Mac Address
If you do not configure a system DNS server, you must use IP addresses when configuring DDNS and the time server. Click Back to return to the previous screen. Click Next to continue. Click Exit to close the wizard screen without saving. 192.168.1.2-192.168.1.32; 192.168.1.65-192.168.1.254. 255.255.255.0 192.168.1.1(ZyXEL Device LAN IP) P-334U/P-335U User’s Guide...
Page 64: Connection Wizard: Step 4: Bandwidth Management
P-334U/P-335U User’s Guide The following table describes the fields in this screen. Table 20 Wizard Step 3: WAN MAC Address LABEL Factory Default Clone the computer’s MAC address Set WAN MAC Address Back Next Exit 3.5 Connection Wizard: STEP 4: Bandwidth management Bandwidth management allows you to control the amount of bandwidth going out through the ZyXEL Device’s WAN, LAN or WLAN port and prioritize the distribution of the bandwidth...
Page 65: Connection Wizard Complete
Well done! You have successfully set up your ZyXEL Device to operate on your network and access the Internet. Chapter 3 Connection Wizard DESCRIPTION Click Next to continue. Click Exit to close the wizard screen without saving. P-334U/P-335U User’s Guide...
Page 66 P-334U/P-335U User’s Guide Chapter 3 Connection Wizard...
Page 67: Chapter 4 Wireless Lan
• If two wireless networks overlap, they should use different channels. Like radio stations or television channels, each wireless network uses a specific channel, or frequency, to send and receive information. Chapter 4 Wireless LAN P-334U/P-335U User’s Guide H A P T E R Wireless LAN...
Page 68: Wireless Security Overview
P-334U/P-335U User’s Guide • Every wireless client in the same wireless network must use security compatible with the Security stops unauthorized devices from using the wireless network. It can also protect the information that is sent in the wireless network.
Page 69: Encryption
Device A only supports WEP, and device B supports WEP and WPA. Therefore, you should set up Static WEP in the wireless network. Chapter 4 Wireless LAN for information about this.) RADIUS Server No Security Static WEP WPA-PSK WPA2-PSK WPA2 P-334U/P-335U User’s Guide...
Page 70: One-Touch Intelligent Security Technology (Otist)
P-334U/P-335U User’s Guide Note: It is recommended that wireless networks use WPA-PSK, WPA, or stronger encryption. IEEE 802.1x and WEP encryption are better than none at all, but it is still possible for unauthorized devices to figure out the original information pretty quickly.
Page 71: No Security
See the rest of this chapter for information on the other labels in this screen. 4.3.1 No Security Select No Security to allow wireless stations to communicate with the access points without any data encryption. Chapter 4 Wireless LAN P-334U/P-335U User’s Guide...
Page 72: Wep Encryption
P-334U/P-335U User’s Guide Note: If you do not enable any wireless security on your ZyXEL Device, your network is accessible to any wireless networking device that is within range. Figure 35 Wireless: No Security The following table describes the labels in this screen.
Page 73: Figure 36 Wireless: Static Wep Encryption
Select this option in order to enter ASCII characters as WEP key. Select this option in order to enter hexadecimal characters as a WEP key. The preceding "0x", that identifies a hexadecimal key, is entered automatically. Chapter 4 Wireless LAN P-334U/P-335U User’s Guide...
Page 74: Wpa-Psk/Wpa2-Psk
P-334U/P-335U User’s Guide Table 25 Wireless: Static WEP Encryption LABEL DESCRIPTION Key 1 to Key 4 The WEP keys are used to encrypt data. Both the ZyXEL Device and the wireless stations must use the same WEP key for data transmission.
Page 75: Wpa/Wpa2
Reset Click Reset to reload the previous configuration for this screen. 4.3.4 WPA/WPA2 Click Network > Wireless LAN to display the General screen. Chapter 4 Wireless LAN server, the reauthentication timer on the RADIUS server has priority. P-334U/P-335U User’s Guide...
Page 76: Figure 38 Wireless: Wpa/Wpa2
P-334U/P-335U User’s Guide Figure 38 Wireless: WPA/WPA2 The following table describes the labels in this screen. Table 27 Wireless: WPA/WPA2 LABEL DESCRIPTION WPA Compatible This check box is available only when you select WPA2-PSK or WPA2 in the Security Mode field.
Page 77: Otist
WEP or WPA-PSK security settings to wireless clients that support OTIST and are within transmission range. You can also choose to have OTIST generate a WPA-PSK key for you if you didn’t configure one manually. Note: OTIST replaces the pre-configured wireless settings on the wireless clients. Chapter 4 Wireless LAN P-334U/P-335U User’s Guide...
Page 78: Enabling Otist
P-334U/P-335U User’s Guide 4.4.1 Enabling OTIST You must enable OTIST on both the AP and wireless client before you start transferring settings. Note: The AP and wireless client(s) MUST use the same Setup key. 4.4.1.1 AP You can enable OTIST using the OTIST button or the web configurator.
Page 79: Wireless Client
Click Start to encrypt the wireless security data using the setup key and have the ZyXEL Device set the wireless station to use the same wireless settings as the ZyXEL Device. You must also activate and start OTIST on the wireless station within three minutes. P-334U/P-335U User’s Guide...
Page 80: Starting Otist
P-334U/P-335U User’s Guide 4.4.2 Starting OTIST Note: You must press the OTIST button or click Start in the AP OTIST web configurator screen and in the wireless client(s) Adapter screen all within three minutes (at the time of writing). You can start OTIST in the wireless clients and AP in any order but they must all be within range and have OTIST enabled.
Page 81: Mac Filter
00:A0:C5:00:00:02. You need to know the MAC address of the devices to configure this screen. To change your ZyXEL Device’s MAC filter settings, click Network > Wireless LAN > MAC Filter. The screen appears as shown. Chapter 4 Wireless LAN P-334U/P-335U User’s Guide...
Page 82: Figure 46 Mac Address Filter
P-334U/P-335U User’s Guide Figure 46 MAC Address Filter The following table describes the labels in this menu. Table 29 MAC Address Filter LABEL DESCRIPTION Active Select Yes from the drop down list box to enable MAC address filtering. Filter Action Define the filter action for the list of MAC addresses in the MAC Address table.
Page 83: Wireless Lan Advanced Screen
Select the check box to also allow the WLAN devices which do not support IEEE 802.11h to associate with the ZyXEL Device. Otherwise, clear the check box to allow only IEEE 802.11h compliant WLAN devices to associate with the ZyXEL Device. Chapter 4 Wireless LAN P-334U/P-335U User’s Guide...
Page 84 P-334U/P-335U User’s Guide Table 30 Advanced LABEL DESCRIPTION Apply Click Apply to save your changes back to the ZyXEL Device. Reset Click Reset to reload the previous configuration for this screen. Chapter 4 Wireless LAN...
Page 85: Chapter 5 Wireless Tutorial
IEEE 802.11b/g be able to associate with the AP. 2 Open the Wireless LAN > General screen in the AP’s web configurator. Chapter 5 Wireless Tutorial H A P T E R Wireless Tutorial SSID_Example3 Auto WPA-PSK (Pre-Shared Key: ThisismyWPA-PSKpre-sharedkey) IEEE 802.11b/g P-334U/P-335U User’s Guide...
Page 86: Figure 48 Ap: Wireless Lan > General
P-334U/P-335U User’s Guide Figure 48 AP: Wireless LAN > General 3 Make sure the Enable Wireless LAN check box is selected. 4 Enter SSID_Example3 as the SSID, select a channel or select Auto Channel Selection to have the AP choose a channel which is not used by another AP and display the channel number in the field below after you click Apply.
Page 87: Configuring The Wireless Client
7 Click the WLAN Station Status hyperlink in the AP’s Status screen. You can see if any wireless client has connected to the AP. Figure 50 AP: Status: WLAN Station Status 5.3 Configuring the Wireless Client This section describes how to connect the wireless client to a network. Chapter 5 Wireless Tutorial P-334U/P-335U User’s Guide...
Page 88: Connecting To A Wireless Lan
P-334U/P-335U User’s Guide 5.3.1 Connecting to a Wireless LAN The following sections show you how to join a wireless network using the ZyXEL utility, as in the following diagram. The wireless client is labeled C and the access point is labeled AP.
Page 89: Figure 51 Zyxel Utility: Security Settings
Check the network information in the Link Info screen to verify that you have successfully connected to the selected network. If the wireless client is not connected to a network, the fields in this screen remain blank. Chapter 5 Wireless Tutorial P-334U/P-335U User’s Guide...
Page 90: Creating And Using A Profile
P-334U/P-335U User’s Guide Figure 53 ZyXEL Utility: Link Info 6 Open your Internet browser and enter site in the address bar. If you are able to access the web site, your wireless connection is successfully configured. If you cannot access the web site, try changing the encryption type in the Security Settings screen, check the Troubleshooting section of this User's Guide or contact your network administrator.
Page 91: Figure 55 Zyxel Utility: Add New Profile
5 This screen varies depending on the encryption method you selected in the previous screen. Enter the pre-shared key and leave the encryption type at the default setting. Figure 57 ZyXEL Utility: Profile Encryption Chapter 5 Wireless Tutorial P-334U/P-335U User’s Guide...
Page 92: Figure 58 Profile: Wireless Protocol Settings
P-334U/P-335U User’s Guide 6 In the next screen, leave both boxes checked. Figure 58 Profile: Wireless Protocol Settings. 7 Verify the profile settings in the read-only screen. Click Save to save and go to the next screen. Figure 59 Profile: Confirm Save 8 Click Activate Now to use the new profile immediately.
Page 93 Edit. Check the details you entered previously. Also, refer to the Troubleshooting section of this User's Guide or contact your network administrator if necessary. Chapter 5 Wireless Tutorial P-334U/P-335U User’s Guide http://www.zyxel.com or the URL of any other web...
Page 94 P-334U/P-335U User’s Guide Chapter 5 Wireless Tutorial...
Page 95: Chapter 6 Wan
To change your ZyXEL Device’s Internet access settings, click Network > WAN. The screen differs by the encapsulation. 6.3.1 Ethernet Encapsulation The screen shown next is for Ethernet encapsulation. Chapter 6 WAN P-334U/P-335U User’s Guide H A P T E R...
Page 96: Figure 61 Ethernet Encapsulation
P-334U/P-335U User’s Guide Figure 61 Ethernet Encapsulation The following table describes the labels in this screen. Table 31 Ethernet Encapsulation LABEL DESCRIPTION Encapsulation You must choose the Ethernet option when the WAN port is used as a regular Ethernet. Service Type...
Page 97: Pppoe Encapsulation
One of the benefits of PPPoE is the ability to let you access one of multiple network services, a function known as dynamic service selection. This enables the service provider to easily create and offer new IP services for individuals. Chapter 6 WAN P-334U/P-335U User’s Guide...
Page 98: Figure 62 Pppoe Encapsulation
P-334U/P-335U User’s Guide Operationally, PPPoE saves significant effort for both you and the ISP or carrier, as it requires no specific configuration of the broadband modem at the customer site. By implementing PPPoE directly on the ZyXEL Device (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the ZyXEL Device does that part of the task.
Page 99: Table 32 Pppoe Encapsulation
RIP broadcasts. If set to Yes, this route is kept private and not included in RIP broadcast. If No, the route to this remote node will be propagated to other hosts through RIP broadcasts. DNS Servers Chapter 6 WAN P-334U/P-335U User’s Guide...
Page 100: Pptp Encapsulation
P-334U/P-335U User’s Guide Table 32 PPPoE Encapsulation LABEL DESCRIPTION First DNS Server Select From ISP if your ISP dynamically assigns DNS server information (and the ZyXEL Device's WAN IP address). The field to the right displays the (read-only) Second DNS DNS server IP address that the ISP assigns.
Page 101: Figure 63 Pptp Encapsulation
P-334U/P-335U User’s Guide Figure 63 PPTP Encapsulation Chapter 6 WAN...
Page 102: Table 33 Pptp Encapsulation
P-334U/P-335U User’s Guide The following table describes the labels in this screen. Table 33 PPTP Encapsulation LABEL ISP Parameters for Internet Access Encapsulation User Name Password Retype to Confirm Nailed-up Connection Idle Timeout PPTP Configuration Get automatically from Use Fixed IP Address...
Page 103: Advanced Wan Screen
It will not change unless you change the setting or upload a different ROM file. Select this option and enter the MAC address you want to use. Click Apply to save your changes back to the ZyXEL Device. Click Reset to begin configuring this screen afresh. P-334U/P-335U User’s Guide...
Page 104: Figure 64 Advanced
P-334U/P-335U User’s Guide Figure 64 Advanced The following table describes the labels in this screen. Table 34 Advanced LABEL Multicast Setup Multicast Windows Networking (NetBIOS over TCP/IP): NetBIOS (Network Basic Input/Output System) are TCP or UDP broadcast packets that enable a computer to connect to and communicate with a LAN. For some dial-up services such as PPPoE or PPTP, NetBIOS packets cause unwanted calls.
Page 105: Chapter 7 Lan
These parameters should work for the majority of installations. If your ISP gives you explicit DNS server address(es), read the embedded web configurator help regarding what fields need to be configured. Chapter 7 LAN P-334U/P-335U User’s Guide H A P T E R...
Page 106: Ip Address And Subnet Mask
P-334U/P-335U User’s Guide 7.2.2 IP Address and Subnet Mask Refer to the IP Address and Subnet Mask section in the Connection Wizard chapter for this information. 7.2.3 Multicast Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everybody on the network).
Page 107: Lan Ip Alias
Ethernet interface with the ZyXEL Device itself as the gateway for each LAN network. To change your ZyXEL Device’s IP alias settings, click Network > LAN > IP Alias. The screen appears as shown. Figure 66 LAN IP Alias Chapter 7 LAN P-334U/P-335U User’s Guide...
Page 108: Advanced Lan Screen
P-334U/P-335U User’s Guide The following table describes the labels in this screen. Table 36 LAN IP Alias LABEL DESCRIPTION IP Alias 1,2 Select the check box to configure another LAN network for the ZyXEL Device. IP Address Enter the IP address of your ZyXEL Device in dotted decimal notation.
Page 109 Clear this check box to block all NetBIOS packets going from the LAN to the WAN and from the WAN to the LAN. Click Apply to save your changes back to the ZyXEL Device. Click Reset to begin configuring this screen afresh. P-334U/P-335U User’s Guide...
Page 110 P-334U/P-335U User’s Guide Chapter 7 LAN...
Page 111: Chapter 8 Dhcp Server
When set as a server, fill in the following four fields. This field specifies the first of the contiguous addresses in the IP address pool. This field specifies the size, or count of the IP address pool. P-334U/P-335U User’s Guide...
Page 112: Dhcp Server Advanced Screen
P-334U/P-335U User’s Guide Table 38 DHCP Server General LABEL Apply Reset 8.3 DHCP Server Advanced Screen This screen allows you to assign IP addresses on the LAN to specific individual computers based on their MAC addresses. You can also use this screen to configure the DNS server information that the ZyXEL Device sends to the DHCP clients.
Page 113: Client List Screen
Configure this screen to always assign an IP address to a MAC address (and host name). Click Network > DHCP Server > Client List. Note: You can also view a read-only client list by clicking the DHCP Table (Details...) hyperlink in the Status screen. The following screen displays. Chapter 8 DHCP Server P-334U/P-335U User’s Guide...
Page 114: Figure 70 Client List
P-334U/P-335U User’s Guide Figure 70 Client List The following table describes the labels in this screen. Table 40 Client List LABEL IP Address Host Name MAC Address Reserve Refresh DESCRIPTION This is the index number of the host computer. This field displays the IP address relative to the # field listed above.
Page 115: Network Address Translation (Nat)
If you are unsure, refer to your ISP. Chapter 9 Network Address Translation (NAT) P-334U/P-335U User’s Guide H A P T E R (NAT)
Page 116: Configuring Servers Behind Port Forwarding (Example)
P-334U/P-335U User’s Guide 9.2.2 Configuring Servers Behind Port Forwarding (Example) Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the example).
Page 117: Nat Application Screen
ZyXEL Device discards all packets received for ports that are not specified in this screen or remote management. Refer to Appendix G on page 309 Chapter 9 Network Address Translation (NAT) P-334U/P-335U User’s Guide for port numbers commonly used for particular services.
Page 118: Figure 73 Nat Application
P-334U/P-335U User’s Guide Figure 73 NAT Application The following table describes the labels in this screen. Table 42 NAT Application LABEL DESCRIPTION Game List Update A game list includes the pre-defined service name(s) and port number(s). You can edit and upload it to the ZyXEL Device to replace the existing entries in the second field next to Service Name.
Page 119: Game List Example
(no spaces). Use the name=xxx (where xxx is the service name) to create a new service. Port range can be separated with a hyphen (-) (no spaces). Multiple (non-consecutive) ports can be separated by commas. Chapter 9 Network Address Translation (NAT) P-334U/P-335U User’s Guide...
Page 120: Trigger Port Forwarding
P-334U/P-335U User’s Guide Figure 74 Game List Example version=1 1;name=Battlefield 1942;port=14567,22000,23000-23009,27900,28900 2;name=Call of Duty;port=28960 3;name=Civilization IV;port=2056 4;name=Diablo I and II;port=6112-6119,4000 5;name=Doom 3;port=27666 6;name=F.E.A.R;port=27888 7;name=Final Fantasy XI;port=25,80,110,443,50000-65535 8;name=Guild Wars;port=6112,80 9;name=Half Life;port=6003,7002,27005,27010,27011,27015 10;name=Jedi Knight III: Jedi Academy;port=28060-28062,28070-28081 11;name=Need for Speed: Hot Pursuit 2;port=1230,8511- 8512,27900,28900,61200-61230 12;name=Neverwinter Nights;port=5120-5300,6500,27900,28900...
Page 121: Trigger Port Forwarding Example
To change your ZyXEL Device’s trigger port settings, click Network > NAT > Advanced. The screen appears as shown. Note: Only one LAN computer can use a trigger port (range) at a time. Chapter 9 Network Address Translation (NAT) P-334U/P-335U User’s Guide...
Page 122: Figure 76 Nat Advanced
P-334U/P-335U User’s Guide Figure 76 NAT Advanced The following table describes the labels in this screen. Table 43 NAT Advanced LABEL DESCRIPTION Max NAT/Firewall Type a number ranging from 1 to 2048 to limit the number of NAT/firewall sessions Session Per User that a host can create.
Page 123 Type a port number or the ending port number in a range of port numbers. Apply Click Apply to save your changes back to the ZyXEL Device. Reset Click Reset to begin configuring this screen afresh. Chapter 9 Network Address Translation (NAT) P-334U/P-335U User’s Guide...
Page 124 P-334U/P-335U User’s Guide Chapter 9 Network Address Translation (NAT)
Page 125: Chapter 10 Dynamic Dns
Note: If you have a private WAN IP address, then you cannot use Dynamic DNS. 10.2 Dynamic DNS Screen To change your ZyXEL Device’s DDNS, click Network > DDNS. The screen appears as shown. Chapter 10 Dynamic DNS P-334U/P-335U User’s Guide H A P T E R Dynamic DNS...
Page 126: Figure 77 Dynamic Dns
P-334U/P-335U User’s Guide Figure 77 Dynamic DNS The following table describes the labels in this screen. Table 44 Dynamic DNS LABEL Enable Dynamic DNS Service Provider Dynamic DNS Type Host Name User Name Password Enable Wildcard Option Select the check box to enable DynDNS Wildcard.
Page 127: Chapter 11 Firewall
Area Network (LAN) to be securely connected to the Internet. The ZyXEL Device can be used to prevent theft, destruction and modification of data, as well as log events, which may be important to the security of your network. Chapter 11 Firewall P-334U/P-335U User’s Guide H A P T E R Firewall...
Page 128: Guidelines For Enhancing Security With Your Firewall
P-334U/P-335U User’s Guide The ZyXEL Device is installed between the LAN and a broadband modem connecting to the Internet. This allows it to act as a secure gateway for all data passing between the Internet and the LAN. The ZyXEL Device has one Ethernet WAN port and four Ethernet LAN ports, which are used to physically separate the network into two areas.The WAN (Wide Area Network) port...
Page 129: Services Screen
ZyXEL Device when unsupported ports are probed. You can also use this screen to enable service blocking, enter/delete/modify the services you want to block and the date/time you want to block them. Chapter 11 Firewall P-334U/P-335U User’s Guide...
Page 130: Figure 79 Services
P-334U/P-335U User’s Guide Figure 79 Services The following table describes the labels in this screen. Table 46 Firewall Services LABEL DESCRIPTION ICMP Internet Control Message Protocol is a message control and error-reporting protocol between a host server and a gateway to the Internet. ICMP uses Internet Protocol (IP) datagrams, but the messages are processed by the TCP/IP software and directly apparent to the application user.
Page 131 Type a number ranging from 1 to 2048 to limit the number of NAT/firewall sessions Session Per User that a host can create. Apply Click Apply to save the settings. Reset Click Reset to start configuring this screen again. Chapter 11 Firewall P-334U/P-335U User’s Guide...
Page 132 P-334U/P-335U User’s Guide Chapter 11 Firewall...
Page 133: Chapter 12 Content Filtering
The ZyXEL Device also allows you to define time periods and days during which the ZyXEL Device performs content filtering. 12.4 Filter Screen Click Security > Content Filter to open the Filter screen. Chapter 12 Content Filtering P-334U/P-335U User’s Guide H A P T E R Content Filtering...
Page 134: Figure 80 Content Filter: Filter
P-334U/P-335U User’s Guide Figure 80 Content Filter: Filter The following table describes the labels in this screen. Table 47 Content Filter: Filter LABEL DESCRIPTION Trusted Computer To enable this feature, type an IP address of any one of the computers in your IP Address network that you want to have as a trusted computer.
Page 135: Schedule
Click Apply to save your changes. Reset Click Reset to begin configuring this screen afresh 12.5 Schedule Click Security > Content Filter > Schedule. The following screen displays. Figure 81 Content Filter: Schedule Chapter 12 Content Filtering P-334U/P-335U User’s Guide...
Page 136: Customizing Keyword Blocking Url Checking
P-334U/P-335U User’s Guide The following table describes the labels in this screen. Table 48 Content Filter: Schedule LABEL Day to Block Time of Day to Block (24-Hour Format) Apply Reset 12.6 Customizing Keyword Blocking URL Checking You can use commands to set how much of a website’s URL the content filter is to check for keyword blocking.
Page 137: File Name Url Checking
For example, filename URL checking searches for keywords within the URL www.zyxel.com.tw/news/pressroom.php. Use the ip urlfilter customize actionFlags 8 [disable | enable] command to extend (or not extend) the keyword blocking search to include the URL's complete filename. Chapter 12 Content Filtering P-334U/P-335U User’s Guide...
Page 138 P-334U/P-335U User’s Guide Chapter 12 Content Filtering...
Page 139: Chapter 13 Ipsec Vpn
This chapter explains how to set up and maintain IPSec VPNs in the ZyXEL Device. First, it provides an overview of IPSec VPNs. Then, it introduces each screen for IPSec VPN in the ZyXEL Device. This chapter applies to the P-335U. 13.1 IPSec VPN Overview A virtual private network (VPN) provides secure communications between sites without the expense of leased site-to-site lines.
Page 140: Ike Sa (Ike Phase 1) Overview
P-334U/P-335U User’s Guide Figure 83 VPN: IKE SA and IPSec SA In this example, a computer in network A is exchanging data with a computer in network B. Inside networks A and B, the data is transmitted the same way data is normally transmitted in the networks.
Page 141: Ike Sa Proposal
Before the ZyXEL Device and remote IPSec router establish an IKE SA, they have to verify each other’s identity. This process is based on pre-shared keys and router identities. Chapter 13 IPSec VPN P-334U/P-335U User’s Guide Diffie-Hellman (DH) Key Exchange on page 141...
Page 142: Figure 86 Ike Sa: Main Negotiation Mode, Steps 5 - 6: Authentication
P-334U/P-335U User’s Guide In main mode, the ZyXEL Device and remote IPSec router authenticate each other in steps 5 and 6, as illustrated below. Their identities are encrypted using the encryption algorithm and encryption key the ZyXEL Device and remote IPSec router selected in previous steps.
Page 143: Negotiation Mode
Y try to establish a VPN tunnel, the authentication fails because it depends on this information. The routers cannot establish a VPN tunnel. Chapter 13 IPSec VPN P-334U/P-335U User’s Guide REMOTE IPSEC ROUTER Peer ID type: E-mail Peer ID content: tom@yourcompany.com...
Page 144: Ipsec Sa (Ike Phase 2) Overview
P-334U/P-335U User’s Guide Most routers like router A now have an IPSec pass-through feature. This feature helps router A recognize VPN packets and route them appropriately. If router A has this feature, router X and router Y can establish a VPN tunnel as long as the IPSec protocol is ESP. (See on page 144 for more information about active protocols.)
Page 145: Encapsulation
As a result, if one encryption key is compromised, other encryption keys remain secure. Chapter 13 IPSec VPN IP Header Data Header IP Header AH/ESP Header Header IP Header AH/ESP IP Header Header IKE SA Proposal on page P-334U/P-335U User’s Guide Data Data Header 141),...
Page 146: Additional Ipsec Vpn Topics
P-334U/P-335U User’s Guide If you do not enable PFS, the ZyXEL Device and remote IPSec router use the same root key that was generated when the IKE SA was established to generate encryption keys. The DH key exchange is time-consuming and may be unnecessary for data that does not require such security.
Page 147: Remote Dns Server
Click Security > VPN to display the Summary screen. This is a read-only menu of your VPN rules (tunnels). Edit a VPN by clicking the Edit icon. Figure 90 Security > VPN > Summary Chapter 13 IPSec VPN P-334U/P-335U User’s Guide...
Page 148: Vpn Rule Setup (Ike)
P-334U/P-335U User’s Guide The following table describes the fields in this screen. Table 51 Security > VPN > Summary LABEL DESCRIPTION This is the VPN policy index number. Active This field displays whether the VPN policy is active or not.
Page 149: Figure 92 Security > Vpn > Rule Setup: Ike (Basic)
Select this check box to have the ZyXEL Device automatically reinitiate the SA after the SA lifetime times out, even if there is no traffic. The remote IPSec router must also have keep alive enabled in order for this feature to work. Chapter 13 IPSec VPN P-334U/P-335U User’s Guide...
Page 150 P-334U/P-335U User’s Guide Table 52 Security > VPN > Rule Setup: IKE (Basic) (continued) LABEL DESCRIPTION NAT Traversal Select this check box to enable NAT traversal. NAT traversal allows you to set up a VPN connection when there are NAT routers between the two IPSec routers.
Page 151 When there is a NAT router between the two IPSec routers. When you want the remote IPSec router to be able to distinguish between VPN connection requests that come in from IPSec routers with dynamic WAN IP addresses. P-334U/P-335U User’s Guide...
Page 152 P-334U/P-335U User’s Guide Table 52 Security > VPN > Rule Setup: IKE (Basic) (continued) LABEL DESCRIPTION Secure Gateway Type the WAN IP address or the domain name (up to 31 characters) of the IPSec Address router with which you're making the VPN connection. Set this field to 0.0.0.0 if the remote IPSec router has a dynamic WAN IP address (the IPSec Keying Mode field must be set to IKE).
Page 153: Advanced Vpn Rule Setup (Ike)
Click Apply to save your changes back to the ZyXEL Device. Reset Click Reset to begin configuring this screen afresh. 13.5 Advanced VPN Rule Setup (IKE) Click Advanced... in the Rule Setup screen to open this screen. Chapter 13 IPSec VPN P-334U/P-335U User’s Guide...
Page 154: Figure 93 Security > Vpn > Rule Setup: Ike (Advanced)
P-334U/P-335U User’s Guide Figure 93 Security > VPN > Rule Setup: IKE (Advanced) Chapter 13 IPSec VPN...
Page 155: Table 53 Security > Vpn > Rule Setup: Ike (Advanced)
If you configure an active rule with 0.0.0.0 in the Secure Gateway Address field and the LAN’s full IP address range as the local IP address, then you cannot configure any other active rules with the Secure Gateway Address field set to 0.0.0.0. P-334U/P-335U User’s Guide for more...
Page 156 P-334U/P-335U User’s Guide Table 53 Security > VPN > Rule Setup: IKE (Advanced) (continued) LABEL Local Address Local Address End / Mask Local Port Start Local Port End Remote Policy Remote Address Remote Address End /Mask Remote Port Start Remote Port End...
Page 157 IP address). Select IP to identify the remote IPSec router by its IP address. Select DNS to identify the remote IPSec router by a domain name. Select E-mail to identify the remote IPSec router by an e-mail address. P-334U/P-335U User’s Guide...
Page 158 P-334U/P-335U User’s Guide Table 53 Security > VPN > Rule Setup: IKE (Advanced) (continued) LABEL Peer Content IKE Phase 1 Negotiation Mode Encryption Algorithm Select which key size and encryption algorithm to use in the IKE SA. Choices Authentication Algorithm...
Page 159: Ipsec Sa Using Manual Keys
PFS changes the root key that is used to generate encryption keys for each IPSec SA. It is more secure but takes more time. Click Basic... to go to the previous VPN configuration screen. Click Apply to save the changes. Click Reset to begin configuring this screen afresh. P-334U/P-335U User’s Guide...
Page 160: Ipsec Sa Proposal Using Manual Keys
P-334U/P-335U User’s Guide 13.6.1 IPSec SA Proposal Using Manual Keys In IPSec SA using manual keys, you can only specify one encryption algorithm and one authentication algorithm. There is no DH key exchange, so you have to provide the encryption key and the authentication key the ZyXEL Device and remote IPSec router use.
Page 161: Figure 94 Security > Vpn > Rule Setup: Manual
Manual is a useful option for troubleshooting if you have problems using IKE key management. Protocol Number Enter 1 for ICMP, 6 for TCP, 17 for UDP, etc. 0 is the default and signifies any protocol. Chapter 13 IPSec VPN P-334U/P-335U User’s Guide...
Page 162 P-334U/P-335U User’s Guide Table 54 Security > VPN > Rule Setup: Manual (continued) LABEL DESCRIPTION DNS Server (for If there is a private DNS server that services the VPN, type its IP address here. IPSec VPN) The ZyXEL Device assigns this additional DNS server to the ZyXEL Device's DHCP clients that have IP addresses in this IPSec rule's range of local addresses.
Page 163 DDNS. The ZyXEL Device has to rebuild the VPN tunnel each time the remote secure gateway’s WAN IP address changes (there may be a delay until the DDNS servers are updated with the remote gateway’s new WAN IP address). P-334U/P-335U User’s Guide...
Page 164: Vpn Sa Monitor
P-334U/P-335U User’s Guide Table 54 Security > VPN > Rule Setup: Manual (continued) LABEL DESCRIPTION IPSec Protocol Select the security protocols used for an SA. Both AH and ESP increase processing requirements and communications latency (delay). If you select ESP here, you must select options from the Encryption Algorithm and Authentication Algorithm fields (described below).
Page 165: Vpn Global Setting
Select this check box to send NetBIOS packets through the VPN connection. Click Apply to save your changes back to the ZyXEL Device. Click Reset to begin configuring this screen afresh. P-334U/P-335U User’s Guide...
Page 166: Telecommuters Sharing One Vpn Rule Example
P-334U/P-335U User’s Guide 13.10.1 Telecommuters Sharing One VPN Rule Example See the following figure and table for an example configuration that allows multiple telecommuters (A, B and C in the figure) to use one VPN rule to simultaneously access a ZyXEL Device at headquarters (HQ in the figure).
Page 167: Figure 98 Telecommuters Using Unique Vpn Rules Example
Telecommuter B (telecommuterb.dydns.org) Local ID Type: DNS Local ID Content: telecommuterb.com Local IP Address: 192.168.3.2 Chapter 13 IPSec VPN P-334U/P-335U User’s Guide HEADQUARTERS All Headquarters Rules: My ZyXEL Device: bigcompanyhq.com Local Network - Single IP Address: 192.168.1.10 Local ID Type: E-mail Local ID Content: bob@bigcompanyhq.com...
Page 168: Vpn And Remote Management
P-334U/P-335U User’s Guide Table 58 Telecommuters Using Unique VPN Rules Example TELECOMMUTERS Telecommuter C (telecommuterc.dydns.org) Local ID Type: E-mail Local ID Content: myVPN@myplace.com Local IP Address: 192.168.4.15 13.11 VPN and Remote Management You can allow someone to use a service (like Telnet or HTTP) through a VPN tunnel to manage the ZyXEL Device.
Page 169: Chapter 14 Static Route Screens
The static routes are for you to tell the ZyXEL Device about the networks beyond the remote nodes. Figure 100 Example of Static Routing Topology Chapter 14 Static Route Screens H A P T E R Static Route Screens P-334U/P-335U User’s Guide...
Page 170: Ip Static Route Screen
P-334U/P-335U User’s Guide 14.2 IP Static Route Screen Click Management > Static Route to open the IP Static Route screen. The following screen displays. Figure 101 IP Static Route The following table describes the labels in this screen. Table 59 IP Static Route...
Page 171: Static Route Setup Screen
1 and 15. In practice, 2 or 3 is usually a good number. Apply Click Apply to save your changes back to the ZyXEL Device. Cancel Click Cancel to return to the previous screen and not save your changes. Chapter 14 Static Route Screens P-334U/P-335U User’s Guide...
Page 172 P-334U/P-335U User’s Guide Chapter 14 Static Route Screens...
Page 173: Chapter 15 Bandwidth Management
54,000 kbps (you cannot configure the bandwidth budget for the WLAN port). 15.2 Application-based Bandwidth Management You can create bandwidth classes based on individual applications (like VoIP, Web, FTP, E- mail and Video for example). Chapter 15 Bandwidth Management P-334U/P-335U User’s Guide H A P T E R...
Page 174: Subnet-Based Bandwidth Management
P-334U/P-335U User’s Guide 15.3 Subnet-based Bandwidth Management You can create bandwidth classes based on subnets. The following figure shows LAN subnets. You could configure one bandwidth class for subnet A and another for subnet B. Figure 103 Subnet-based Bandwidth Management Example 15.4 Application and Subnet-based Bandwidth Management...
Page 175: Bandwidth Management Priorities
Typically used for “excellent effort” or better than best effort and would include important business traffic that can tolerate some delay. This is typically used for non-critical “background” traffic such as bulk transfers that are allowed but that should not affect other applications and users. P-334U/P-335U User’s Guide...
Page 176: Services And Port Numbers
P-334U/P-335U User’s Guide Table 63 Media Bandwidth Management Setup: Services (continued) SERVICE DESCRIPTION MSN Webcam MSN messenger allows you to chat online and send instant messages. If you use MSN messenger and also have a webcam, you can send your image/photo in real-...
Page 177 UNIX systems and network servers. Secure Shell Remote Login Program. Stream Works Protocol. Syslog allows you to send system logs to a UNIX server. Login Host Protocol used for (Terminal Access Controller Access Control System). P-334U/P-335U User’s Guide...
Page 178: Default Bandwidth Management Classes And Priorities
P-334U/P-335U User’s Guide Table 64 Commonly Used Services SERVICE TELNET(TCP:23) TFTP(UDP:69) VDOLIVE(TCP:7000) 15.7 Default Bandwidth Management Classes and Priorities If you enable bandwidth management but do not configure a rule for critical traffic like VoIP, the voice traffic may then get delayed due to insufficient bandwidth. With the automatic traffic classifier feature activated, the ZyXEL Device automatically assigns a default bandwidth management class and priority to traffic that does not match any of the user-defined rules.
Page 179: Bandwidth Management General Configuration
Select this check box to have the ZyXEL Device base on the default bandwidth classes to apply bandwidth management. Real-time packets, such as VoIP traffic always get higher priority. Click Apply to save your customized settings. Click Reset to begin configuring this screen afresh. P-334U/P-335U User’s Guide...
Page 180: Bandwidth Management Advanced Configuration
P-334U/P-335U User’s Guide 15.9 Bandwidth Management Advanced Configuration Click Management > Bandwidth MGMT > Advanced to open the bandwidth management Advanced screen. Figure 105 Bandwidth Management: Advanced Chapter 15 Bandwidth Management...
Page 181: Table 67 Bandwidth Management: Advanced
183 Click the Remove icon to delete a rule. Apply Click Apply to save your customized settings. Reset Click Reset to begin configuring this screen afresh. Chapter 15 Bandwidth Management for more information. P-334U/P-335U User’s Guide Section 15.9.2 on...
Page 182: Rule Configuration With The Pre-Defined Service
P-334U/P-335U User’s Guide 15.9.1 Rule Configuration with the Pre-defined Service To edit a bandwidth management rule for the pre-defined service in the ZyXEL Device, click the Edit icon in the Application List table of the Advanced screen. The following screen displays.
Page 183: Rule Configuration With The User-Defined Service
(service type) number. Click OK to save your customized settings. Cancel Click Cancel to exit this screen without saving. Chapter 15 Bandwidth Management P-334U/P-335U User’s Guide Table 64 on page 176 for some Table 64 on page 176 for some common...
Page 184: Bandwidth Management Monitor
P-334U/P-335U User’s Guide 15.10 Bandwidth Management Monitor Click Management > Bandwidth MGMT > Monitor to open the bandwidth management Monitor screen. View the bandwidth usage of the WAN configured bandwidth rules. This is also shown as bandwidth usage over the bandwidth budget for each rule. The gray section of the bar represents the percentage of unused bandwidth and the blue color represents the percentage of bandwidth in use.
Page 185: Remote Management Screens
2 The IP address in the Secured Client IP Address field does not match the client IP address. If it does not match, the ZyXEL Device will disconnect the session immediately. Chapter 16 Remote Management Screens H A P T E R • ALL (LAN and WAN) • Neither (Disable). P-334U/P-335U User’s Guide...
Page 186: Remote Management And Nat
P-334U/P-335U User’s Guide 3 There is already another remote management session with an equal or higher priority running. You may only have one remote management session running at one time. 4 There is a firewall rule that blocks it. 16.1.2 Remote Management and NAT When NAT is enabled: •...
Page 187: Telnet
You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Server Access Select the interface(s) through which a computer may access the ZyXEL Device using this service. Chapter 16 Remote Management Screens P-334U/P-335U User’s Guide...
Page 188: Ftp Screen
P-334U/P-335U User’s Guide Table 71 Telnet Remote Management LABEL DESCRIPTION Secured Client IP A secured client is a “trusted” computer that is allowed to communicate with the Address ZyXEL Device using this service. Select All to allow any computer to access the ZyXEL Device using this service.
Page 189: Dns Screen
Choose Selected to just allow the computer with the IP address that you specify to send DNS queries to the ZyXEL Device. Apply Click Apply to save your customized settings and exit this screen. Reset Click Reset to begin configuring this screen afresh. Chapter 16 Remote Management Screens P-334U/P-335U User’s Guide...
Page 190 P-334U/P-335U User’s Guide Chapter 16 Remote Management Screens...
Page 191: Chapter 17 Upnp
The automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues. Network information and configuration may also be obtained and modified by users in some network environments. Chapter 17 UPnP P-334U/P-335U User’s Guide H A P T E R UP N P...
Page 192: Upnp And Zyxel
P-334U/P-335U User’s Guide All UPnP-enabled devices may communicate freely with each other without additional configuration. Disable UPnP if this is not your intention. 17.2 UPnP and ZyXEL ZyXEL has achieved UPnP certification from the Universal Plug and Play Forum Creates UPnP™...
Page 193: Installing Upnp In Windows Example
Clear this check box if you do not want to create a hole in the firewall for UPnP application packets (for example, MSN packets). Click Apply to save your changes back to the ZyXEL Device. Click Reset to begin configuring this screen afresh. P-334U/P-335U User’s Guide...
Page 194: Installing Upnp In Windows Xp
P-334U/P-335U User’s Guide 1 Click Start and Control Panel. Double- click Add/Remove Programs. 2 Click on the Windows Setup tab and select Communication in the Components selection box. Click Details. 3 In the Communications window, select the Universal Plug and Play check box in the Components selection box.
Page 195: Using Upnp In Windows Xp Example
ZyXEL device. 17.5.1 Auto-discover Your UPnP-enabled Network Device 1 Click Start and Control Panel. Double- click Network Connections. An icon displays under Internet Gateway. 2 Right-click the icon and select Properties. Chapter 17 UPnP P-334U/P-335U User’s Guide...
Page 196: Web Configurator Easy Access
P-334U/P-335U User’s Guide 3 In the Internet Connection Properties window, click Settings to see the port mappings that were automatically created. 4 You may edit or delete the port mappings or click Add to manually add port mappings. Note: When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically.
Page 197: Web Configurator Easy Access
With UPnP, you can access the web-based configurator on the ZyXEL device without finding out the IP address of the ZyXEL device first. This is helpful if you do not know the IP address of the ZyXEL device. Follow the steps below to access the web configurator. Chapter 17 UPnP P-334U/P-335U User’s Guide...
Page 198 P-334U/P-335U User’s Guide 1 Click Start and then Control Panel. 2 Double-click Network Connections. 3 Select My Network Places under Other Places. 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click the icon for your ZyXEL device and select Invoke.
Page 199: Chapter 18 Print Server
USB printer are turned on. Chapter 19 on page 201 driver. Chapter 18 Print Server H A P T E R Print Server to set up your computer to use the ZyXEL Device print server P-334U/P-335U User’s Guide...
Page 200: Print Server Screen
P-334U/P-335U User’s Guide 18.3 Print Server Screen Click the Print Server link under Management to display the Print Server screen. Figure 114 Configuring Print Server The following table describes the labels in this screen. Table 75 Configuring Print Server LABEL...
Page 201: Print Server Driver Setup
1 Insert the CD (supplied with the ZyXEL Device) into the CD-ROM driver on your computer. The CD Autorun screen is displayed. 2 Select Network Print Server Setup. Figure 115 CD Autorun Screen Chapter 19 Print Server Driver Setup P-334U/P-335U User’s Guide H A P T E R...
Page 202: Print Server Driver Setup Wizard
P-334U/P-335U User’s Guide 3 You can either • use the Setup Wizard for Windows NT/2000/XP to install the print monitor and open the setup wizard automatically • use the Setup Wizard for Windows 98/ME/NT/2000/XP to install the print monitor in a specified file location and open the setup wizard (by running the PSWizard.exe file in the...
Page 203: Figure 117 Network Print Server Setup Wizard: Welcome
USB printer is connected to the ZyXEL Device. Highlight the print server and click Next to continue. Figure 118 Network Print Server Setup Wizard: Select A Print Server Chapter 19 Print Server Driver Setup P-334U/P-335U User’s Guide...
Page 204: Figure 119 Network Print Server Setup Wizard: Change Settings
P-334U/P-335U User’s Guide 3 The Change Settings screen displays. If you want to change your print server’s IP address, select Yes, I want to change settings, leave the Password field blank and click Next. The print server’s IP address is the ZyXEL Device’s IP address. Since the wizard detects your print server’s IP address automatically, it’s recommended that you select...
Page 205: Figure 120 Network Print Server Setup Wizard: Select A Printer
P-334U/P-335U User’s Guide 4 Select the USB printer that is connected to the ZyXEL Device if you have added it on your computer already and click Next. If your printer is not listed, click Add New Printer and see Section 19.2.2 on page 207 for how to add a printer on your computer.
Page 206: Figure 121 Network Print Server Setup Wizard: Summary
P-334U/P-335U User’s Guide 5 A Summary screen displays. Check your settings and click Next to continue. Figure 121 Network Print Server Setup Wizard: Summary 6 Click Finish to save and close your Network Print Server Setup Wizard. Your print server driver setup is complete.
Page 207: Adding A New Printer
Figure 123 Add Printer Help 2 The Add Printer Wizard screen then also displays. Click Next. Figure 124 Add Printer Wizard: Welcome Chapter 19 Print Server Driver Setup P-334U/P-335U User’s Guide 205). A help dialog box pops up to guide you through the...
Page 208: Figure 125 Add Printer Wizard: Local Or Network Printer
P-334U/P-335U User’s Guide 3 Select Local printer and click Next. Figure 125 Add Printer Wizard: Local or Network Printer 4 Select an LPT (Line Printing Terminal) port (a parallel port) as the computer interface for the USB printer. Figure 126 Add Printer Wizard: Select the Printer Port...
Page 209: Figure 127 Add Printer Wizard: Printer Driver
Otherwise, select Replace existing driver to replace it with the new driver you selected in the previous screen and click Next. Figure 128 Add Printer Wizard: Use Existing Driver Chapter 19 Print Server Driver Setup P-334U/P-335U User’s Guide...
Page 210: Figure 129 Add Printer Wizard: Name Your Printer
P-334U/P-335U User’s Guide 10 Type a name to identify the printer and then click Next to continue. Figure 129 Add Printer Wizard: Name Your Printer 11 The ZyXEL Device is a print server itself and you do not need to have your computer act as a print server by sharing the printer with other users in the same network;...
Page 211: Macintosh Os X
Proceed to step Print Center icon is not in the Macintosh Dock, proceed to the next step. Chapter 19 Print Server Driver Setup P-334U/P-335U User’s Guide located in the Macintosh Dock (a place holding a series to continue. If the...
Page 212: Figure 133 Macintosh Hd
P-334U/P-335U User’s Guide 2 On your desktop, double-click the Macintosh HD icon to open the Macintosh HD window. Figure 133 Macintosh HD 3 Double-click the Applications folder. Macintosh HD folder Figure 134 4 Double-click the Utilities folder. Figure 135 Applications Folder 5 Double-click the Print Center icon.
Page 213: Figure 137 Printer List Folder
10 Type LP1 (a parallel port) in the Queue Name field. 11 Select your Printer Model from the drop-down list box. If the printer's model is not listed, select Generic. Figure 138 Printer Configuration Chapter 19 Print Server Driver Setup P-334U/P-335U User’s Guide...
Page 214: Figure 139 Printer Model
P-334U/P-335U User’s Guide 12 Click Add to select a printer model, save and close the Printer List configuration screen. Figure 139 Printer Model 13 The Name LP1 on 192.168.1.1 displays in the Printer List field. The default printer Name displays in bold type.
Page 215: Chapter 20 System
See the chapter about wizard setup for more information on the next few screens. 20.2 System General Screen Click Maintenance > System. The following screen displays. Figure 141 System General Chapter 20 System P-334U/P-335U User’s Guide H A P T E R System...
Page 216: Time Setting Screen
P-334U/P-335U User’s Guide The following table describes the labels in this screen. Table 76 System General LABEL DESCRIPTION System Name System Name is a unique name to identify the ZyXEL Device in an Ethernet network. It is recommended you enter your computer’s “Computer name” in this field (see the chapter about wizard setup for how to find your computer’s name).
Page 217: Figure 142 Time Setting
This field displays the last updated time from the time server or the last time configured manually. When you set Time and Date Setup to Manual, enter the new time in this field and then click Apply. P-334U/P-335U User’s Guide...
Page 218 P-334U/P-335U User’s Guide Table 77 Time Setting LABEL New Date (yyyy/mm/dd) Get from Time Server Auto User Defined Time Server Address Time Zone Setup Time Zone Daylight Savings Start Date End Date Apply Reset DESCRIPTION This field displays the last updated date from the time server or the last date configured manually.
Page 219: Chapter 21 Logs
Click a column heading to sort the entries. A triangle indicates ascending or descending sort order. Figure 143 View Log Chapter 21 Logs H A P T E R Section 21.2 on page 220). Options include logs about system P-334U/P-335U User’s Guide Logs...
Page 220: Log Settings
P-334U/P-335U User’s Guide The following table describes the labels in this screen. Table 78 View Logs LABEL Display Time Message Source Destination Note Email Log Now Refresh Clear Log 21.2 Log Settings You can configure the ZyXEL Device’s general log settings in one location.
Page 221: Figure 144 Log Settings
If this field is left blank, logs and alert messages will not be sent via E-mail. Type a title that you want to be in the subject line of the log e-mail message that the ZyXEL Device sends. Not all ZyXEL Device models have this field. P-334U/P-335U User’s Guide...
Page 222 P-334U/P-335U User’s Guide Table 79 Log Settings LABEL Send Log To Send Alerts To SMTP Authentication SMTP (Simple Mail Transfer Protocol) is the message-exchange standard for User Name Password Log Schedule Day for Sending Log Use the drop down list box to select which day of the week to send the logs.
Page 223: Chapter 22 Tools
Click Upload to begin the upload process. This process may take up to two minutes. Note: Do not turn off the ZyXEL Device while firmware upload is in progress! Chapter 22 Tools P-334U/P-335U User’s Guide H A P T E R in a file that (usually) uses the system model name with a...
Page 224: Configuration Screen
P-334U/P-335U User’s Guide After you see the Firmware Upload In Process screen, wait two minutes before logging into the ZyXEL Device again. Figure 146 Upload Warning The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop.
Page 225: Backup Configuration
Note: Do not turn off the ZyXEL Device while configuration file upload is in progress After you see a “configuration upload successful” screen, you must then wait one minute before logging into the ZyXEL Device again. Chapter 22 Tools P-334U/P-335U User’s Guide...
Page 226: Back To Factory Defaults
P-334U/P-335U User’s Guide Figure 150 Configuration Restore Successful The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 151 Temporarily Disconnected If you uploaded the default configuration file you may need to change the IP address of your computer to be in the same subnet as that of the default ZyXEL Device IP address (192.168.1.1).
Page 227: Restart Screen
System restart allows you to reboot the ZyXEL Device without turning the power off. Click Maintenance > Tools > Restart. Click Restart to have the ZyXEL Device reboot. This does not affect the ZyXEL Device's configuration. Figure 153 System Restart Chapter 22 Tools P-334U/P-335U User’s Guide...
Page 228 P-334U/P-335U User’s Guide Chapter 22 Tools...
Page 229: Chapter 23 Configuration Mode
Chapter 23 Configuration Mode H A P T E R Configuration Mode LINK Wireless LAN OTIST MAC Filter Advanced Advanced IP Alias Advanced DHCP Server Advanced Advanced Firewall Services Content Filter Schedule Summary Rule Setup SA Monitor Global Setting P-334U/P-335U User’s Guide...
Page 230 P-334U/P-335U User’s Guide Table 82 Config Mode: Advanced Screens CATEGORY Management Maintenance LINK Static Route IP Static Route Bandwidth MGMT Advanced Monitor Remote MGMT Telnet Logs Log Settings Chapter 23 Configuration Mode...
Page 231: Chapter 24 Troubleshooting
If Any IP is disabled, make sure that the IP address and the subnet mask of the the ZyXEL ZyXEL Device and your computer(s) are on the same subnet. Device from the LAN. Chapter 24 Troubleshooting P-334U/P-335U User’s Guide H A P T E R Troubleshooting...
Page 232: Problems With The Wan
P-334U/P-335U User’s Guide 24.3 Problems with the WAN Table 85 Troubleshooting the WAN PROBLEM CORRECTIVE ACTION The WAN LED is Check the connections between the ZyXEL Device WAN port and the cable/DSL off. modem or ethernet jack. Check whether your cable/DSL device requires a crossover or straight-through cable.
Page 233: Problems Accessing The Zyxel Device
If a keyword that is listed in the Keyword List is not blocked when it is found in a URL, containing a customize the keyword blocking using commands. See the Customizing Keyword forbidden Blocking URL Checking section in the Content Filter chapter. keyword is not blocked. Chapter 24 Troubleshooting P-334U/P-335U User’s Guide...
Page 234: Table 88 Troubleshooting The Password
P-334U/P-335U User’s Guide Table 87 Troubleshooting Restricted Web Pages and Keyword Blocking PROBLEM CORRECTIVE ACTION Parental Restart the device to clear the cache. Control is The content filter server may be unavailable. The View Logs screen can display configured content filtering log messages. See the Log Descriptions appendix for a list of possible correctly, but I log messages.
Page 235: Pop-Up Windows, Javascripts And Java Permissions
Make sure the USB printer is powered on and can work properly. Make sure you install the print server driver on your computer. See on page 201 for how to set up the print server driver on your computer. Check the USB cable connections. P-334U/P-335U User’s Guide Chapter 19...
Page 236: Figure 156 Internet Options
P-334U/P-335U User’s Guide You can also check if pop-up blocking is disabled in the Pop-up Blocker section in the Privacy tab. 1 In Internet Explorer, select Tools, Internet Options, Privacy. 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled.
Page 237: Figure 157 Internet Options
4 Click Add to move the IP address to the list of Allowed sites. Note: If you change the IP address of your device, make sure that the new address matches the address you type in the Pop-up Blocker Settings screen. Chapter 24 Troubleshooting P-334U/P-335U User’s Guide...
Page 238: Javascripts
P-334U/P-335U User’s Guide Figure 158 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. 24.5.1.2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed.
Page 239: Figure 159 Internet Options
P-334U/P-335U User’s Guide Figure 159 Internet Options 2 Click the Custom Level... button. 3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default).
Page 240: Java Permissions
P-334U/P-335U User’s Guide Figure 160 Security Settings - Java Scripting 24.5.1.3 Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected.
Page 241: Figure 161 Security Settings - Java
1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for <applet> under Java (Sun) is selected. 3 Click OK to close the window. Chapter 24 Troubleshooting P-334U/P-335U User’s Guide...
Page 242: Activex Controls In Internet Explorer
P-334U/P-335U User’s Guide Figure 162 Java (Sun) 24.5.2 ActiveX Controls in Internet Explorer If ActiveX is disabled, you will not be able to download ActiveX controls or to use Trend Micro Security Serivces. Make sure that ActiveX controls are allowed in Internet Explorer.
Page 243: Figure 163 Internet Options Security
P-334U/P-335U User’s Guide Figure 163 Internet Options Security 3 Scroll down to ActiveX controls and plug-ins. 4 Under Download signed ActiveX controls select the Prompt radio button. 5 Under Run ActiveX controls and plug-ins make sure the Enable radio button is selected.
Page 244: Figure 164 Security Setting Activex Controls
P-334U/P-335U User’s Guide Figure 164 Security Setting ActiveX Controls Chapter 24 Troubleshooting...
Page 245: Product Specifications
Use the web configurator to easily configure the rich range of features on the ZyXEL Device. Allow the IEEE 802.11b and/or IEEE 802.11g or IEEE 802.11a wireless clients to connect to the ZyXEL Device wirelessly. Enable wireless security (WEP, WPA(2), WPA(2)-PSK) and/or MAC filtering to protect your wireless network. P-334U/P-335U User’s Guide...
Page 246 P-334U/P-335U User’s Guide Table 92 Firmware Specifications FEATURE Firmware Upgrade Configuration Backup & Restoration Network Address Translation (NAT) Port Forwarding DHCP (Dynamic Host Configuration Protocol) Dynamic DNS Support IP Multicast IP Alias Time and Date Logging and Tracing PPPoE PPTP Encapsulation...
Page 247 Table 92 Firmware Specifications FEATURE IPSec VPN (P-335U only) Print Server (P-335U only) Bandwidth Management Remote Managemet Appendix A Product Specifications DESCRIPTION Establish a Virtual Private Network (VPN) to connect with business partners and branch offices using data encryption and the Internet to provide secure communications without the expense of leased site-to- site lines.
Page 248 P-334U/P-335U User’s Guide Appendix A Product Specifications...
Page 249: Print Server Specifications
Windows NT 4.0/2000/XP/2003 Mac OS X or higher Print Monitor: UDP • Windows 95/98/98SE/Me • Windows NT 4.0/2000/XP/2003 LPD/LPR (RFC 1179): TCP/IP • Windows NT 4.0/2000/XP/2003 • Mac OS X or higher Web interface Windows-based wizard program P-334U/P-335U User’s Guide...
Page 250: Table 95 Compatible Usb Printers
P-334U/P-335U User’s Guide ZyXEL Device Print Server Compatible USB Printers The following is a list of USB printer models compatible with the ZyXEL Device print server. Table 95 Compatible USB Printers BRAND MODEL BJ F9000 CANON i2355 CANON i255 CANON...
Page 251 EPSON Stylus Photo830U EPSON TM-T88III EPSON DeskJet 1125C DeskJet 1220C DeskJet 3650 Appendix B Print Server Specifications P-334U/P-335U User’s Guide TYPE REMARK Color Laser Laser Disable bi-directional support on printer. Inkjet Disable bi-directional support on printer. Inkjet Disable bi-directional support on printer.
Page 252 P-334U/P-335U User’s Guide Table 95 Compatible USB Printers BRAND MODEL DeskJet 5550 DeskJet 810C DeskJet 845C DeskJet 920C Deskjet 1180c DeskJet 930C LaserJet 1200 LaserJet 1220 LaserJet 1300 LaserJet 2200 LaserJet 2200D LaserJet 3330 LaserJet 5000 LaserJet 5000LE Photosmart 7150...
Page 253 AR-M160 SHARP AR-M205 SHARP Phaser 3310 XEROX DocuPrint 240A XEROX PS: For MFP, the print server supports the printing function only. Appendix B Print Server Specifications P-334U/P-335U User’s Guide TYPE REMARK Laser Laser Color Laser Laser Laser Laser Laser Laser...
Page 254 P-334U/P-335U User’s Guide Appendix B Print Server Specifications...
Page 255: Setting Up Your Computer's Ip Address
IP addresses that place them in the same subnet as the ZyXEL Device’s LAN port. Windows 95/98/Me Click Start, Settings, Control Panel and double-click the Network icon to open the Network window. Appendix C Setting up Your Computer’s IP Address P-334U/P-335U User’s Guide P P E N D I X...
Page 256: Figure 165 Windows 95/98/Me: Network: Configuration
P-334U/P-335U User’s Guide Figure 165 WIndows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add.
Page 257: Figure 166 Windows 95/98/Me: Tcp/Ip Properties: Ip Address
If you do not know your DNS information, select Disable DNS. If you know your DNS information, select Enable DNS and type the information in the fields below (you may not need to fill them all in). P-334U/P-335U User’s Guide...
Page 258: Figure 167 Windows 95/98/Me: Tcp/Ip Properties: Dns Configuration
P-334U/P-335U User’s Guide Figure 167 Windows 95/98/Me: TCP/IP Properties: DNS Configuration 4 Click the Gateway tab. • • 5 Click OK to save and close the TCP/IP Properties window. 6 Click OK to close the Network window. Insert the Windows CD if prompted.
Page 259: Figure 168 Windows Xp: Start Menu
2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 169 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties. Appendix C Setting up Your Computer’s IP Address P-334U/P-335U User’s Guide...
Page 260: Figure 170 Windows Xp: Control Panel: Network Connections: Properties
P-334U/P-335U User’s Guide Figure 170 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 171 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP).
Page 261: Figure 172 Windows Xp: Internet Protocol (Tcp/Ip) Properties
Gateway. To manually configure a default metric (the number of transmission hops), clear the Automatic metric check box and type a metric in Metric. Click Add. Repeat the previous three steps for each default gateway you want to add. Click OK when finished. P-334U/P-335U User’s Guide...
Page 262: Figure 173 Windows Xp: Advanced Tcp/Ip Properties
P-334U/P-335U User’s Guide Figure 173 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es).
Page 263: Figure 174 Windows Xp: Internet Protocol (Tcp/Ip) Properties
Network Connections, right-click a network connection, click Status and then click the Support tab. Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel. Appendix C Setting up Your Computer’s IP Address P-334U/P-335U User’s Guide...
Page 264: Figure 175 Macintosh Os 8/9: Apple Menu
P-334U/P-335U User’s Guide Figure 175 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 176 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. Appendix C Setting up Your Computer’s IP Address...
Page 265: Figure 177 Macintosh Os X: Apple Menu
Type your subnet mask in the Subnet mask box. Type the IP address of your ZyXEL Device in the Router address box. Select Automatic from the Location list. Select Built-in Ethernet from the Show list. Click the TCP/IP tab. P-334U/P-335U User’s Guide...
Page 266: Figure 178 Macintosh Os X: Network
P-334U/P-335U User’s Guide Figure 178 Macintosh OS X: Network 4 For statically assigned settings, do the following: • • • • 5 Click Apply Now and close the window. 6 Turn on your ZyXEL Device and restart your computer (if prompted).
Page 267: Figure 179 Red Hat 9.0: Kde: Network Configuration: Devices
2 Double-click on the profile of the network card you wish to configure. The Ethernet Device General screen displays as shown. Figure 180 Red Hat 9.0: KDE: Ethernet Device: General Appendix C Setting up Your Computer’s IP Address P-334U/P-335U User’s Guide...
Page 268: Figure 181 Red Hat 9.0: Kde: Network Configuration: Dns
P-334U/P-335U User’s Guide • • 3 Click OK to save the changes and close the Ethernet Device General screen. 4 If you know your DNS server IP address(es), click the DNS tab in the Network Configuration screen. Enter the DNS server information in the fields provided.
Page 269: Figure 183 Red Hat 9.0: Dynamic Ip Address Setting In Ifconfig-Eth0
IP address is 192.168.1.10 and the subnet mask is 255.255.255.0. directory. The following figure shows an example where /etc in the /etc/rc.d/init.d P-334U/P-335U User’s Guide ifconfig- in the dhcp BOOTPROTO= in the...
Page 270: Figure 186 Red Hat 9.0: Restart Ethernet Card
P-334U/P-335U User’s Guide Figure 186 Red Hat 9.0: Restart Ethernet Card [root@localhost init.d]# network restart Shutting down interface eth0: Shutting down loopback interface: Setting network parameters: Bringing up loopback interface: Bringing up interface eth0: Verifying Settings Enter in a terminal screen to check your TCP/IP properties.
Page 271: Appendix Dip Subnetting
Host ID Network number Network number Network number Network number –2 or 254 hosts. –2 or 65534 hosts. –2 hosts (approximately 16 million hosts). P-334U/P-335U User’s Guide IP Subnetting OCTET 3 OCTET 4 Host ID Host ID Host ID Host ID...
Page 272: Table 97 Allowed Ip Address Range By Class
P-334U/P-335U User’s Guide Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a value of 0 to 127. Similarly the first octet of a class “B” must begin with “10”, therefore the first octet of a class “B”...
Page 273: Table 99 Alternative Subnet Mask Notation
192.168.1.0 with mask 255.255.255.128 and 192.168.1.128 with mask 255.255.255.128. Appendix D IP Subnetting SUBNET MASK “1” BITS NETWORK NUMBER 192.168.1. 11000000.10101000.00000001. 255.255.255. 11111111.11111111.11111111. P-334U/P-335U User’s Guide LAST OCTET BIT VALUE 0000 0000 1000 0000 1100 0000 1110 0000 1111 0000 1111 1000 1111 1100...
Page 274: Table 101 Subnet 1
P-334U/P-335U User’s Guide Note: In the following charts, shaded/bolded last octet bit values indicate host ID bits “borrowed” to form network ID bits. The number of “borrowed” host ID bits determines the number of subnets you can have. The remaining number of host ID bits (after “borrowing”) determines the number of hosts you can have...
Page 275: Table 103 Subnet 1
11111111.11111111.11111111. Lowest Host ID: 192.168.1.65 Highest Host ID: 192.168.1.126 NETWORK NUMBER 192.168.1. 11000000.10101000.00000001. 11111111.11111111.11111111. Lowest Host ID: 192.168.1.129 Highest Host ID: 192.168.1.190 P-334U/P-335U User’s Guide LAST OCTET BIT VALUE 00000000 11000000 LAST OCTET BIT VALUE 01000000 11000000 LAST OCTET BIT...
Page 276: Table 106 Subnet 4
P-334U/P-335U User’s Guide Table 106 Subnet 4 IP/SUBNET MASK IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address: 192.168.1.192 Broadcast Address: 192.168.1.255 Example Eight Subnets Similarly use a 27-bit mask to create 8 subnets (001, 010, 011, 100, 101, 110).
Page 277: Table 109 Class B Subnet Planning
255.255.248.0 (/21) 255.255.252.0 (/22) 255.255.254.0 (/23) 255.255.255.0 (/24) 255.255.255.128 (/25) 255.255.255.192 (/26) 1024 255.255.255.224 (/27) 2048 255.255.255.240 (/28) 4096 255.255.255.248 (/29) 8192 255.255.255.252 (/30) 16384 255.255.255.254 (/31) 32768 P-334U/P-335U User’s Guide NO. HOSTS PER SUBNET 32766 16382 8190 4094 2046 1022...
Page 278 P-334U/P-335U User’s Guide Appendix D IP Subnetting...
Page 279: Appendix E Wireless Lans
A and B can access the wired network and communicate with each other. When Intra-BSS is disabled, wireless client A and B can still access the wired network but cannot communicate with each other. Appendix E Wireless LANs P-334U/P-335U User’s Guide P P E N D I X Wireless LANs...
Page 280: Figure 189 Basic Service Set
P-334U/P-335U User’s Guide Figure 189 Basic Service Set An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS).
Page 281: Figure 190 Infrastructure Wlan
(AP) or wireless gateway, but out-of-range of each other, so they cannot "hear" each other, that is they do not know if the channel is currently being used. Therefore, they are considered hidden from each other. Appendix E Wireless LANs P-334U/P-335U User’s Guide...
Page 282: Figure 191 Rts/Cts
P-334U/P-335U User’s Guide Figure 191 RTS/CTS When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
Page 283: Table 110 Ieee 802.11G
Table 110 IEEE 802.11g DATA RATE (MBPS) 5.5 / 11 6/9/12/18/24/36/48/54 Appendix E Wireless LANs MODULATION DBPSK (Differential Binary Phase Shift Keyed) DQPSK (Differential Quadrature Phase Shift Keying) CCK (Complementary Code Keying) OFDM (Orthogonal Frequency Division Multiplexing) P-334U/P-335U User’s Guide...
Page 284: Table 111 Wireless Security Levels
P-334U/P-335U User’s Guide Wireless Security Overview Wireless security is vital to your network to protect wireless communication between wireless clients, access points and the wired network. Wireless security methods available on the Prestige are data encryption, wireless client authentication, restricting access by device MAC address and hiding the Prestige identity.
Page 285: Types Of Radius Messages
The key is not sent over the network. In addition to the shared key, password information exchanged is also encrypted to protect the network from unauthorized access. Appendix E Wireless LANs P-334U/P-335U User’s Guide...
Page 286: Types Of Authentication
P-334U/P-335U User’s Guide Types of Authentication This section discusses some popular authentication types: EAP-MD5, EAP-TLS, EAP- TTLS, PEAP and LEAP. The type of authentication you use depends on the RADIUS server or the AP. Consult your network administrator for more information.
Page 287: Table 112 Comparison Of Eap Authentication Types
WPA. Key differences between WPA or WPA2 and WEP are improved data encryption and user authentication. Appendix E Wireless LANs EAP-MD5 EAP-TLS EAP-TTLS Optional None Strong Strong Easy Hard Moderate P-334U/P-335U User’s Guide PEAP LEAP Optional Strong Moderate Moderate Moderate...
Page 288 P-334U/P-335U User’s Guide If both an AP and the wireless clients support WPA2 and you have an external RADIUS server, use WPA2 for stronger data encryption. If you don't have an external RADIUS server, you should use WPA2-PSK (WPA2-Pre-Shared Key) that only requires a single (identical) password entered into each access point, wireless gateway and wireless client.
Page 289: Wireless Client Wpa Supplicants
AP and the wireless clients. Appendix E Wireless LANs P-334U/P-335U User’s Guide...
Page 290: Figure 192 Wpa(2) With Radius Application Example
P-334U/P-335U User’s Guide Figure 192 WPA(2) with RADIUS Application Example WPA(2)-PSK Application Example A WPA(2)-PSK application looks as follows. 1 First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key (PSK) must consist of between 8 and 63 ASCII characters or 64 hexadecimal characters (including spaces and symbols).
Page 291: Table 113 Wireless Security Relational Matrix
None Disable Enable without Dynamic WEP Key Enable with Dynamic WEP Key Enable without Dynamic WEP Key Disable Enable with Dynamic WEP Key Enable without Dynamic WEP Key Disable TKIP/AES Enable TKIP/AES Disable TKIP/AES Enable TKIP/AES Disable P-334U/P-335U User’s Guide...
Page 292 P-334U/P-335U User’s Guide Appendix E Wireless LANs...
Page 293: Appendix F Log Descriptions
Configuration Change: PC = 0x%x, Task ID = 0x%x Successful SSH login SSH login failed Appendix F Log Descriptions P-334U/P-335U User’s Guide P P E N D I X Log Descriptions DESCRIPTION The router has adjusted its time based on information from the time server.
Page 294: Table 115 System Error Logs
P-334U/P-335U User’s Guide Table 114 System Maintenance Logs (continued) LOG MESSAGE Successful HTTPS login HTTPS login failed Table 115 System Error Logs LOG MESSAGE %s exceeds the max. number of session per host! setNetBIOSFilter: calloc error readNetBIOSFilter: calloc error WAN connection is down.
Page 295: Table 117 Tcp Reset Logs
[TCP | UDP | ICMP | IGMP | Generic] packet filter matched (set:%d, rule:%d) Appendix F Log Descriptions P-334U/P-335U User’s Guide DESCRIPTION The router sent a TCP reset packet when a host was under a SYN flood attack (the TCP incomplete count is per destination host.) The router sent a TCP reset packet when the number of TCP incomplete connections exceeded the user configured threshold.
Page 296: Table 119 Icmp Logs
P-334U/P-335U User’s Guide Table 119 ICMP Logs LOG MESSAGE Firewall default policy: ICMP <Packet Direction>, <type:%d>, <code:%d> Firewall rule [NOT] match: ICMP <Packet Direction>, <rule:%d>, <type:%d>, <code:%d> Triangle route packet forwarded: ICMP Packet without a NAT table entry blocked: ICMP...
Page 297: Table 122 Upnp Logs
"Block Matched Web Site” check box, the system forwards the web content. The external content filtering server did not respond within the timeout period. The ZyXEL Device cannot get the IP address of the external content filtering via DNS query. creation failed, port:port number. P-334U/P-335U User’s Guide...
Page 298: Table 124 Attack Logs
P-334U/P-335U User’s Guide Table 123 Content Filtering Logs (continued) LOG MESSAGE Connecting to content filter server fail License key is invalid The external content filtering license key is invalid. Table 124 Attack Logs LOG MESSAGE attack [TCP | UDP | IGMP |...
Page 299: Table 125 Ipsec Logs
3DES and the other being configured for DES causes the connection to fail. The security gateway is set to “0.0.0.0” and the router used the peer’s “Local Address” as the router’s “Remote Address”. This information conflicted with static rule #d; thus the connection is not allowed. P-334U/P-335U User’s Guide...
Page 300 P-334U/P-335U User’s Guide Table 126 IKE Logs (continued) LOG MESSAGE Cannot resolve Secure Gateway Addr for rule <%d> Peer ID: <peer id> <My remote type> -<My local type> vs. My Remote <My remote> - <My remote> vs. My Local <My local>-<My local>...
Page 301 Rule [%d] Phase 1 key length mismatch Rule [%d] phase 1 mismatch Appendix F Log Descriptions P-334U/P-335U User’s Guide DESCRIPTION The router was not able to use extended authentication to authenticate the listed username. The listed rule’s IKE phase 1 negotiation mode did not match between the router and the peer.
Page 302: Table 127 Pki Logs
P-334U/P-335U User’s Guide Table 126 IKE Logs (continued) LOG MESSAGE Rule [%d] phase 2 mismatch Rule [%d] Phase 2 key length mismatch Table 127 PKI Logs LOG MESSAGE Enrollment successful Enrollment failed Failed to resolve <SCEP CA server url> Enrollment successful Enrollment failed Failed to resolve <CMP...
Page 303: Table 128 Certificate Path Verification Failure Reason Codes
Due to the reasons listed, the certificate with the listed subject name has not passed the path verification. The recorded reason codes are only approximate reasons for not trusting the certificate. Please see Table 128 on page 303 for the corresponding descriptions of the codes. P-334U/P-335U User’s Guide...
Page 304: Table 129 802.1X Logs
P-334U/P-335U User’s Guide Table 128 Certificate Path Verification Failure Reason Codes (continued) CODE DESCRIPTION Database method failed. Path was not verified. Maximum path length reached. Table 129 802.1X Logs LOG MESSAGE Local User Database accepts user. Local User Database reports user credential error.
Page 305: Table 130 Acl Setting Notes
Redirect Redirect datagrams for the Network Redirect datagrams for the Host Redirect datagrams for the Type of Service and Network Redirect datagrams for the Type of Service and Host Echo Echo message P-334U/P-335U User’s Guide...
Page 306: Table 132 Syslog Logs
P-334U/P-335U User’s Guide Table 131 ICMP Notes (continued) TYPE CODE Table 132 Syslog Logs LOG MESSAGE <Facility*8 + Severity>Mon dd hr:mm:ss hostname src="<srcIP:srcPort>" dst="<dstIP:dstPort>" msg="<msg>" note="<note>" devID="<mac address last three numbers>" cat="<category> The following table shows RFC-2408 ISAKMP payload types that the log displays. Please refer to the RFC for detailed information on each type.
Page 307: Figure 194 Displaying Log Categories Example
ZyXEL Device is to record. 2 Use sys logs category to view a list of the log categories. Figure 194 Displaying Log Categories Example Copyright (c) 1994 - 2004 ZyXEL Communications Corp. ras>? Valid commands are: certificates ras>...
Page 308: Displaying Logs
P-334U/P-335U User’s Guide Use 0 to not record logs for that category, 1 to record only logs for that category, 2 to record only alerts for that category, and 3 to record both logs and alerts for that category. Not every parameter is available with every category.
Page 309: Appendix G Services
File Transfer Program, a program to enable fast transfer of files, including large files that may not be possible by e-mail. 1720 NetMeeting uses this protocol. P-334U/P-335U User’s Guide Services...
Page 310 P-334U/P-335U User’s Guide Table 134 Examples of Services (continued) NAME HTTP HTTPS ICMP IGMP (MULTICAST) IMAP4 IMAP4S MSN Messenger NetBIOS NEW-ICQ NEWS NNTP PING POP3 POP3S PPTP PPTP_TUNNEL (GRE) PROTOCOL PORT(S) DESCRIPTION Hyper Text Transfer Protocol - a client/ server protocol for the world wide web.
Page 311 Access Controller Access Control System). Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments. It operates over TCP/ IP networks. Its primary function is to allow users to log into remote host systems. P-334U/P-335U User’s Guide...
Page 312 P-334U/P-335U User’s Guide Table 134 Examples of Services (continued) NAME TFTP VDOLIVE PROTOCOL PORT(S) DESCRIPTION Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol).
Page 313: Appendix H Internal Sptgen
This appendix introduces Internal SPTGEN. All menus shown in this appendix are example menus meant to show SPTGEN usage. Actual menus for your product may differ. Appendix H Internal SPTGEN P-334U/P-335U User’s Guide P P E N D I X Internal SPTGEN parameter values allowed <0(No)| 1(Yes)>...
Page 314: Figure 197 Invalid Parameter Entered: Command Line Example
P-334U/P-335U User’s Guide Internal SPTGEN File Modification - Important Points to Remember Each parameter you enter must be preceded by one “=”sign and one space. Some parameters are dependent on others. For example, if you disable the Configured field in...
Page 315: Figure 199 Internal Sptgen Ftp Download Example
” file when you save it to your computer but it must rom-t ” when you upload it to your Prestige. ” sets the transfer mode to binary. ” file from your computer to the Prestige using the “ P-334U/P-335U User’s Guide ” command.
Page 316: Table 135 Abbreviations Used In The Example Internal Sptgen Screens Table
P-334U/P-335U User’s Guide Example Internal SPTGEN Menus This section provides example Internal SPTGEN menus. Table 135 Abbreviations Used in the Example Internal SPTGEN Screens Table ABBREVIATION MEANING Field Identification Number Field Name Parameter Values Allowed INPUT An example of what you may enter Applies to the Prestige.
Page 317 30201001 = IP Alias 1 30201002 = IP Address 30201003 = IP Subnet Mask 30201004 = RIP Direction Appendix H Internal SPTGEN P-334U/P-335U User’s Guide = 256 = 256 = 256 = 256 = 256 INPUT <0(None) | 1(Server) | 2(Relay)>...
Page 318 P-334U/P-335U User’s Guide Table 137 Menu 3 30201005 = Version 30201006 = IP Alias #1 Incoming protocol filters Set 1 30201007 = IP Alias #1 Incoming protocol filters Set 2 30201008 = IP Alias #1 Incoming protocol filters Set 3...
Page 319 Filter Action 30501003 = Address 30501004 = Address 30501005 = Address Continued … 30501034 = Address Appendix H Internal SPTGEN P-334U/P-335U User’s Guide INPUT Wireless <0(No) | 1(Yes)> <1|2|3|4|5|6|7 |8|9|10|11|12| 13> <0 ~ 2432> = 2432 <256 ~ 2432> = 2432 <0(DISABLE) |...
Page 320: Table 138 Menu 4 Internet Access Setup
P-334U/P-335U User’s Guide Table 138 Menu 4 Internet Access Setup / Menu 4 Internet Access Setup 40000000 = Configured 40000001 = 40000002 = Active 40000003 = ISP's Name 40000004 = Encapsulation 40000005 = Multiplexing 40000006 = VPI # 40000007 =...
Page 321: Table 139 Menu 12
IP Static Route set #8, Gateway 120108006 = IP Static Route set #8, Metric 120108007 = IP Static Route set #8, Private Appendix H Internal SPTGEN P-334U/P-335U User’s Guide <0(CBR) | (1 (UBR)> <0(None) | 1(Both) | 2(In Only) | 3(Out Only)>...
Page 322: Table 140 Menu 15 Sua Server Setup
P-334U/P-335U User’s Guide Table 140 Menu 15 SUA Server Setup / Menu 15 SUA Server Setup 150000001 = SUA Server IP address for default port 150000002 = SUA Server #2 Active 150000003 = SUA Server #2 Protocol 150000004 = SUA Server #2 Port Start...
Page 323: Table 141 Menu 21.1 Filter Set #1
210100001 = Filter Set 1, Name / Menu 21.1.1.1 set #1, rule #1 210101001 = IP Filter Set 1,Rule 1 Type Appendix H Internal SPTGEN P-334U/P-335U User’s Guide = 0.0.0.0 <0(No) | 1(Yes)> <0(All)|6(TCP)|17(U DP)> = 0.0.0.0 <0(No) | 1(Yes)>...
Page 324 P-334U/P-335U User’s Guide Table 141 Menu 21.1 Filter Set #1 (continued) 210101002 = IP Filter Set 1,Rule 1 Active 210101003 = IP Filter Set 1,Rule 1 Protocol 210101004 = IP Filter Set 1,Rule 1 Dest IP address 210101005 = IP Filter Set 1,Rule 1 Dest Subnet Mask...
Page 325: Table 142 Menu 21.1 Filer Set #2
IP Filter Set 2, Rule 1 Act Match 210201014 = IP Filter Set 2, Rule 1 Act Not Match / Menu 21.1.2.2 Filter set #2, rule #2 Appendix H Internal SPTGEN P-334U/P-335U User’s Guide <1(check next)|2(forward)| 3(drop)> <1(check next)|2(forward)| 3(drop)>...
Page 326: Table 143 Menu 23 System Menus
P-334U/P-335U User’s Guide Table 142 Menu 21.1 Filer Set #2, (continued) 210202001 = IP Filter Set 2, Rule 2 Type 210202002 = IP Filter Set 2, Rule 2 Active 210202003 = IP Filter Set 2, Rule 2 Protocol 210202004 =...
Page 327: Table 144 Menu 24.11 Remote Management Control
WPA Broadcast/Multicast Key Update Timer Table 144 Menu 24.11 Remote Management Control / Menu 24.11 Remote Management Control 241100001 = TELNET Server Port Appendix H Internal SPTGEN P-334U/P-335U User’s Guide 111111111111 111111111111 1111 <0(No) | 1(Yes)> <0(No) | 1(Yes)> 192.168.1.44...
Page 328: Table 145 Command Examples
P-334U/P-335U User’s Guide Table 144 Menu 24.11 Remote Management Control (continued) 241100002 = TELNET Server Access 241100003 = TELNET Server Secured IP address 241100004 = FTP Server Port 241100005 = FTP Server Access 241100006 = FTP Server Secured IP address...
Page 329: Appendix I Triangle Route
3 The reply from the WAN goes directly to the computer on the LAN without going through the Prestige. As a result, the Prestige resets the connection, as the connection has not been acknowledged. Appendix I Triangle Route P-334U/P-335U User’s Guide P P E N D I X Triangle Route...
Page 330: Figure 202 "Triangle Route" Problem
P-334U/P-335U User’s Guide Figure 202 “Triangle Route” Problem The “Triangle Route” Solutions This section presents you two solutions to the “triangle route” problem. IP Aliasing IP alias allows you to partition your network into logical sections over the same Ethernet interface.
Page 331 Authentication Header. See AH. Backup Bandwidth management monitor 43, 184 Basic wireless security Certificate Authority Certifications viewing certifications P-334U/P-335U User’s Guide notices Channel Interference channel Channel ID Configuration 44, 111 Contact Information Content Filtering Days and Times...
Page 332 P-334U/P-335U User’s Guide transport mode tunnel mode Encryption encryption and local (user) database WPA compatible encryption algorithms 141, 146 and active protocol and transport mode Ethernet Encapsulation Extended Service Set Extended Service Set IDentification Extended wireless security Factory LAN Defaults...
Page 333 FTP. See FTP. Message Integrity Check (MIC) Metric Multicast 104, 106, 108 and VPN Server Sets NAT traversal Navigation Panel P-334U/P-335U User’s Guide OTIST OTIST Wizard Packet statistics Pairwise Master Key (PMK) 288, 290 Patent Perfect Forward Secrecy. see PFS. Permission...
Page 334 P-334U/P-335U User’s Guide life time Safety Warnings security associations. See VPN. Security Parameters Service Set Service Set IDentity. See SSID. Service Type Services 115, 129 SNMP SSID hide Stateful Inspection Static DHCP Static Route 169, 170 Subnet Mask 106, 107...
Page 335 MAC address filter security SSID Wireless security wireless security WLAN Interference Security parameters WPA compatible WPA2 WPA2-Pre-Shared Key WPA2-PSK WPA-PSK Written Permission ZyNOS ZyXEL Communications Corporation ZyXEL Limited Warranty Note ZyXEL Network Operating System P-334U/P-335U User’s Guide...

This manual is also suitable for:

P-334u P-335 P-335wt

ZyXEL Communications P-335U User Manual

Chapter 1 Getting to Know Your Zyxel Device

Chapter 2 Introducing the Web Configurator

Chapter 3 Connection Wizard

Chapter 4 Wireless LAN

Chapter 5 Wireless Tutorial

Chapter 6 WAN

Chapter 7 LAN

Chapter 8 DHCP Server

Chapter 9 Network Address Translation (NAT)

Chapter 10 Dynamic DNS

Chapter 11 Firewall

Chapter 12 Content Filtering

Chapter 13 Ipsec VPN

Quick Links

Troubleshooting

Related Manuals for ZyXEL Communications P-335U

Summary of Contents for ZyXEL Communications P-335U