1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Wireless Access Point
  5. HES-309M
  6. User manual

ZyXEL Communications HES-309M User Manual

Wimax outdoor cpe
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
HES-309M
WiMAX Outdoor CPE
Default Login Details
IP Address:
http://192.168.1.1
User Name:
Password:
Firmware Version 2.00
www.zyxel.com
Edition 1, 10/2010
www.zyxel.com
admin
1234
Copyright © 2010
ZyXEL Communications Corporation

Advertisement

Table of Contents
loading

Related Manuals for ZyXEL Communications HES-309M

Summary of Contents for ZyXEL Communications HES-309M

  • Page 1 HES-309M WiMAX Outdoor CPE Default Login Details IP Address: http://192.168.1.1 User Name: admin Password: 1234 Firmware Version 2.00 www.zyxel.com Edition 1, 10/2010 www.zyxel.com Copyright © 2010 ZyXEL Communications Corporation...

  • Page 3: About This User's Guide

    Documentation Feedback Send your comments, questions or suggestions to: techwriters@zyxel.com.tw Thank you! The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 30099, Taiwan. Need More Help? More help is available at www.zyxel.com.
  • Page 4 • Product model and serial number. • Warranty Information. • Date that you received your device. • Brief description of the problem and the steps you took to solve it. HES-309M Series User’s Guide...

  • Page 5: Document Conventions

    For example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000” or “1048576” and so on. • “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”. HES-309M Series User’s Guide...
  • Page 6 Figures in this User’s Guide may use the following generic icons. The WiMAX Device icon is not an exact representation of your product. Table 1 Common Icons WiMAX Device Computer Wireless Signal Notebook Server Base Station Telephone Switch Router Internet Cloud Network Cloud HES-309M Series User’s Guide...

  • Page 7: Safety Warnings

    • Antenna Warning! This device meets ETSI and FCC certification requirements when using the included antenna(s). Only use the included antenna(s). • If you wall mount your device, make sure that no electrical lines, gas or water pipes will be damaged. HES-309M Series User’s Guide...
  • Page 8 Your product is marked with this symbol, which is known as the WEEE mark. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should not be mixed with general waste. Used electrical and electronic equipment should be treated separately. HES-309M Series User’s Guide...

  • Page 9: Table Of Contents

    The Web Configurator ....................... 19 Setup Wizard ..........................23 Tutorials ............................. 29 Technical Reference ......................45 System Status ..........................47 WiMAX ............................51 Network Settings ........................73 Security ............................ 105 Maintenance ..........................111 Troubleshooting ........................137 Product Specifications ......................143 HES-309M Series User’s Guide...
  • Page 10 Contents Overview HES-309M Series User’s Guide...

  • Page 11: Table Of Contents

    Setup Wizard ........................... 23 3.1 Overview ..........................23 3.1.1 Welcome to the Setup Wizard ..................23 3.1.2 LAN Settings ......................24 3.1.3 WiMAX Frequency Settings ..................25 3.1.4 WiMAX Authentication Settings ................. 27 3.1.5 Setup Complete ......................28 HES-309M Series User’s Guide...
  • Page 12 6.6 Wide Scan ........................... 66 6.7 Link Status ........................... 67 6.8 Link Statistics ........................69 6.9 Connection Info ........................70 6.10 Service Flow ........................70 6.11 Buzzer ..........................71 Chapter 7 Network Settings........................73 7.1 Overview ..........................73 HES-309M Series User’s Guide...
  • Page 13 9.1.1 What You Need to Know ...................111 9.2 Password ..........................118 9.3 HTTP ..........................119 9.4 Telnet ..........................120 9.5 SSH ........................... 121 9.6 SNMP ..........................122 9.7 CWMP ..........................123 9.8 OMA-DM ..........................125 9.9 Date ........................... 127 9.10 Time Zone ........................128 HES-309M Series User’s Guide...
  • Page 14 Appendix B Setting Up Your Computer’s IP Address ............151 Appendix C Pop-up Windows, JavaScript and Java Permissions........179 Appendix D IP Addresses and Subnetting ................189 Appendix E Importing Certificates ..................201 Appendix F Common Services..................... 233 Appendix G Legal Information....................237 Index............................241 HES-309M Series User’s Guide...

  • Page 15: User's Guide

    User’s Guide...

  • Page 17: Getting Started

    You can define time periods and days during which content filtering is enabled and include or exclude particular computers on your network from content filtering. For example, you could block access to certain web sites. HES-309M Series User’s Guide...

  • Page 18: Wimax Device Hardware

    If you forget your password, you will have to reset the WiMAX Device to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the WiMAX Device. You could simply restore your last configuration. HES-309M Series User’s Guide...

  • Page 19: The Web Configurator

    Enter the default Username (admin) and Password (1234), then click Login. The Main screen displays. Note: For security reasons, the WiMAX Device automatically logs you out if you do not use the Web Configurator for five minutes. If this happens, log in again. HES-309M Series User’s Guide...

  • Page 20: The Reset Button

    Click this to restore the settings on this page to their last saved values. Note: If you make changes to a page but do not save before switching to another page or exiting the Web Configurator, those changes are disgarded. HES-309M Series User’s Guide...

  • Page 21: Working With Tables

    This indicates an item’s position in the table. It has no bearing on that item’s importance or lack there of. Total Num This indicates the total number of items in the table, including items on pages that are not visible. HES-309M Series User’s Guide...

  • Page 22: The Main Screen

    Use this menu to select the Web Configurator’s language. Setup Wizard Click this to open the Setup Wizard, where you can configure the most essential settings for your WiMAX Device to work. Logout Click this to log out of the Web Configurator. HES-309M Series User’s Guide...

  • Page 23: Setup Wizard

    ISP’s base station. Set up your WiMAX Device’s login options, which are used to connect your LAN to the ISP’s network and verify your account. Figure 4 Setup Wizard > Welcome HES-309M Series User’s Guide...

  • Page 24: Lan Settings

    LAN and provides the subnet mask and DNS server information. Start IP Enter the IP address from which the WiMAX Device begins allocating IP addresses. End IP Enter the IP address at which the WiMAX Device stops allocating IP addresses. HES-309M Series User’s Guide...

  • Page 25: Wimax Frequency Settings

    3.1.3 WiMAX Frequency Settings The WiMAX Frequency Settings screen allows you to configure the broadcast radio frequency used by the WiMAX Device. Note: These settings should be provided by your ISP. Figure 6 Setup Wizard > WiMAX Frequency Settings HES-309M Series User’s Guide...
  • Page 26 Band End (KHz) Indicates the end of the frequency band in KHz. Total Num Displays the total number of items in the list. Back Click to display the previous screen. Next Click to proceed to the next screen. HES-309M Series User’s Guide...

  • Page 27: Wimax Authentication Settings

    User and Device authentication EAP Supplication EAP Mode Select an EAP authentication mode. Anonymous Enter your anonymous ID. Note: Some modes may not require this. Inner Mode Select an inner authentication mode. Note: Some modes may not require this. HES-309M Series User’s Guide...

  • Page 28: Setup Complete

    WiMAX Device features available in the more advanced web configurator. Note: If you cannot access the Internet, open the web configurator again to confirm that the Internet settings you configured in the wizard setup are correct. HES-309M Series User’s Guide...

  • Page 29: Tutorials

    Connect the WiMAX Device to the ISP’s nearest base station. See Section 6.2 on page Configure the WiMAX Device’s broadcast frequency. Section 6.3 on page Configure the WiMAX Device to connect securely to the ISP’s authentication servers. See Section 6.4 on page HES-309M Series User’s Guide...

  • Page 30: Configuring Lan Dhcp

    IP Address to 192.168.100.1. Use the default IP Subnet Mask of 255.255.255.0. Click Save. Manually change the IP address of your computer that your are using to 192.168.100.x (for example, 192.168.100.5) and keep the subnet set to 255.255.255.0. HES-309M Series User’s Guide...
  • Page 31 Leave the other settings as their defaults and click Save. Next, go to the Networking Setting > WAN screen and select NAT in the Operation Mode field. Click Save. Connect your computers to the WiMAX Device’s Ethernet ports and you’re all set! HES-309M Series User’s Guide...

  • Page 32: Changing Certificate

    ISP. Configure your new Internet access settings based on the information provided by the ISP. Note: You can also use the Internet Connection Wizard to configure the Internet access settings. HES-309M Series User’s Guide...

  • Page 33: Blocking Web Access

    Section 7.16 on page 102. Open the Networking Setting > Content Filter. Select Enable URL Filter. Select Blacklist. Click Add and configure a URL filter rule by selecting Active and entering www.example.com as the URL. Click OK. HES-309M Series User’s Guide...

  • Page 34: Configuring The Mac Address Filter

    IP address. 4.6 Configuring the MAC Address Filter This tutorial shows you how to use the MAC filter to block a DHCP client’s access to hosts and to the WiMAX network. HES-309M Series User’s Guide...
  • Page 35 MAC address in the Network Setting > LAN > DHCP screen. (192.168.100.3 mapping to 00:02:E3:53:16:95 in this example). Click Security > Firewall > MAC Filter. Select Blacklist and click the Add button in the MAC Filter Rules table. HES-309M Series User’s Guide...

  • Page 36: Setting Up Nat Port Forwarding

    WiMAX Device has assigned a DHCP IP address to the Xbox 360. Check the DHCP Leased Hosts table in the Network > LAN > DHCP screen. Look for the IP address for the Xbox 360. HES-309M Series User’s Guide...
  • Page 37 NAT is selected in the Operation Mode field. Click Save. Click Network Setting > NAT > Port Forwarding and then click the first entry to edit the rule. Configure the screen as follows to open TCP/UDP port 53 for the Xbox 360. Click HES-309M Series User’s Guide...
  • Page 38 WiMAX Device from the Internet, he has to assign an unused port to WWW remote access. Click Advanced > Remote MGMT. Enter an unused port in the Port field (81 in this example). Click Save. HES-309M Series User’s Guide...

  • Page 39: Access The Wimax Device Using Ddns

    • IP Address: Enter the WAN IP address that your WiMAX Device is currently using. You can find the IP address on the WiMAX Device’s Web Configurator Status page. Then you will need to configure the same account and host name on the WiMAX Device later. HES-309M Series User’s Guide...

  • Page 40: Configuring Ddns On Your Wimax Device

    In order to extend your Intranet and control traffic flowing directions, you may connect a router to the WiMAX Device’s LAN. The router may be used to separate two department networks. This tutorial shows how to configure a static routing rule for two network routings. HES-309M Series User’s Guide...
  • Page 41 You need to specify a static routing rule on the WiMAX Device to specify R as the router in charge of forwarding traffic to N2. In this case, the WiMAX Device routes traffic from computer A to R and then R routes the traffic to computer B. HES-309M Series User’s Guide...
  • Page 42 Enter 192.168.1.253 (R’s IP address on N1) in the IP Address field under Next Hop. Click Save. Now computer B should be able to receive traffic from computer A. You may need to additionally configure R’s firewall settings to accept specific traffic to pass through. HES-309M Series User’s Guide...

  • Page 43: Remotely Managing Your Wimax Device

    Select Enable in both HTTP Server and HTTPS Server sections and leave the Port Number settings as “80” and “443”. Select Allow Connection from WAN. This allows remote management connections not only from the local network but also the WAN network (Internet). Click Save. HES-309M Series User’s Guide...
  • Page 44 Chapter 4 Tutorials HES-309M Series User’s Guide...

  • Page 45: Technical Reference

    Technical Reference...

  • Page 47: System Status

    5.2 System Status This screen allows you to view the current status of the device, system resources, and interfaces (LAN and WAN). Click System Status to open this screen as shown next. Figure 9 System Status HES-309M Series User’s Guide...
  • Page 48 Network Search - The WiMAX Device is scanning for any available WiMAX connections. Disconnected - No WiMAX connection is available. Network Entry - A WiMAX connection is initializing. Normal - The WiMAX connection has successfully established. HES-309M Series User’s Guide...
  • Page 49 This field displays the current IP address of the WiMAX Device in the LAN. Subnet Mask This field displays the current subnet mask in the LAN. This field indicates the Maximum Transmission Unit (MTU) between the WiMAX Device and the client devices to which it is connected. HES-309M Series User’s Guide...
  • Page 50 Chapter 5 System Status HES-309M Series User’s Guide...

  • Page 51: Wimax

    (IEEE 802.16-2004, for example). The following figure shows an MS-equipped notebook computer MS1 moving from base station BS1’s coverage area and connecting to BS2. Figure 10 WiMax: Mobile Station HES-309M Series User’s Guide...
  • Page 52 EAP secured connection between the mobile station, the base station and the AAA server. See the WiMAX security appendix for more details. HES-309M Series User’s Guide...
  • Page 53 There are commercial certification authorities like CyberTrust or VeriSign and government certification authorities. You can use the WiMAX Device to generate certification requests that contain identifying information and public keys and then send the certification requests to a certification authority. HES-309M Series User’s Guide...
  • Page 54 (CA). Certificates (also called digital IDs) can be used to authenticate users and a CA issues certificates and guarantees the identity of each certificate owner. HES-309M Series User’s Guide...

  • Page 55: Connection Settings

    Make sure your base station also supports this before selecting this. Idle Mode Set the idle duration in minutes. This is how long the WiMAX Device Interval waits during periods of no activity before going into idle mode. HES-309M Series User’s Guide...
  • Page 56 R3/R1 for the current connection. This value is an indication of overal radio signal quality, where a higher value means a better quality signal. Search Click this to have the WiMAX Device scan for base stations. HES-309M Series User’s Guide...

  • Page 57: Frequency Settings

    (given by your WiMAX service provider) to find available connections to base stations. Click WiMAX > Profile > Frequency Settings to open this screen as shown next. Figure 15 Frequency Settings Screen (By List) Figure 16 Frequency Settings Screen (By Range) HES-309M Series User’s Guide...
  • Page 58 Click this field to modify it. Step (KHz) This indicates the frequency step within each band in kilohertz (KHz). Click this field to modify it. Bandwidth This indicates the bandwidth in megahertz (MHz). (MHz) Click this field to modify it. HES-309M Series User’s Guide...
  • Page 59 A must be within this range. Band Start This indicates the beginning of the frequency band in kilohertz (KHz). (KHz) Band End This indicates the end of the frequency band in kilohertz (KHz). (KHz) HES-309M Series User’s Guide...

  • Page 60: Authentication Settings

    6.4 Authentication Settings These settings allow the WiMAX Device to establish a secure (authenticated) connection with the service provider. Click WiMAX > Profile > Authentication Settings to open this screen as shown next. Figure 17 Authentication Settings Screen HES-309M Series User’s Guide...
  • Page 61 This field displays information about the assigned server root CA Info certificate. Device Cert Browse for and choose a device certificate file, if required. File Device Cert This field displays information about the assigned device certificate. Info HES-309M Series User’s Guide...
  • Page 62 Select this to use the same EAP to the outer ID when reauthenticating. OuterID in ReAuth MAC address Adds the MAC address of the WiMAX Device to the outer ID while the in EAP-TLS EAP mode is set to EAP-TLS. outer Id HES-309M Series User’s Guide...

  • Page 63: Connect

    This screen allows you to view the available WiMAX frequency band(s) and base station(s) the WiMAX Device found through scanning and choose a base station to which to connect. Click WiMAX > Connect to open this screen as shown next. Figure 18 Connect Screen HES-309M Series User’s Guide...
  • Page 64 Search Click this to have the WiMAX Device scan for base stations in the frequency band(s) listed in the Applied Frequency Information table. Connected BS Info HES-309M Series User’s Guide...
  • Page 65 CINR (dB) This field displays the average Carrier to Interference plus Noise Ratio for the current connection. This value is an indication of overal radio signal quality, where a higher value means a better quality signal. HES-309M Series User’s Guide...

  • Page 66: Wide Scan

    Click this to add a range of frequencies to the wide scan range list. Click this so save any changes to the wide scan range list. Wide Scan Result This table displays the available frequency band(s) found through the wide scan. HES-309M Series User’s Guide...

  • Page 67: Link Status

    CINR R1 This field displays the average Carrier to Interference plus Noise Ratio (R1) for the current connection. This value is an indication of overal radio signal quality, where a higher value means a better quality signal. HES-309M Series User’s Guide...
  • Page 68 This field displays the Uplink Modulation and Coding Sequence (UL MCS). DL MCS This field displays the Downlink Modulation and Coding Sequence (DL MCS). RF Temperature This field displays the temperature of the WiMAX Device’s RF circuit. HES-309M Series User’s Guide...

  • Page 69: Link Statistics

    This section provides a detailed overview of Hybrid Automatic Repeat Request link statistics. TX/RX This section provides a detailed overview of transmission and receiving link statistics. This section provides a detailed overview of Modulation and Coding Sequence (MCS) link statistics HES-309M Series User’s Guide...

  • Page 70: Connection Info

    This screen contains the following fields: Table 18 Service Flow LABEL DESCRIPTION SFID This displays a 32-bit service flow identifier. SF Status This display the service flow status. SF Direction This displays the service flow direction. HES-309M Series User’s Guide...

  • Page 71: Buzzer

    Figure 24 Buzzer Screen This screen contains the following fields: Table 19 Buzzer LABEL DESCRIPTION Enable Buzzer Select this to enable the buzzer. Whenever a connection is made to a WiMAX signal, the device emits a small buzz. HES-309M Series User’s Guide...
  • Page 72 Chapter 6 WiMAX HES-309M Series User’s Guide...

  • Page 73: Network Settings

    You can also use subnet masks to divide one network into multiple sub-networks. DHCP A DHCP (Dynamic Host Configuration Protocol) server can assign your WiMAX Device an IP address, subnet mask, DNS and other routing information when it’s turned on. HES-309M Series User’s Guide...
  • Page 74 • TX Only - the WiMAX Device will send out RIP packets but will not accept any RIP packets received. • None - the WiMAX Device will not send any RIP packets and will ignore any RIP packets received. HES-309M Series User’s Guide...
  • Page 75 IP address of 192.168.1.35 to a third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 25 Multiple Servers Behind NAT Example HES-309M Series User’s Guide...
  • Page 76 UPnP hardware is identified as an icon in the Network Connections folder (Windows XP). Each UPnP compatible device installed on your network will appear as a separate icon. Selecting the icon of a UPnP device will allow you to access the information and properties of that device. HES-309M Series User’s Guide...
  • Page 77 The WiMAX Device only sends UPnP multicasts to the LAN. Content Filter Internet content filtering allows you to create and enforce Internet access policies tailored to their needs. Content filtering is the ability to block certain specific URL keywords. HES-309M Series User’s Guide...

  • Page 78: Wan

    Chapter 7 Network Settings 7.2 WAN Use these settings to configure the WAN connection between the WiMAX Device and the service provider. Click Network Setting > WAN to open this screen as shown next. Figure 26 WAN Screen HES-309M Series User’s Guide...
  • Page 79 If the WiMAX Device gets its gateway IP address from the user, enter Address the IP address it is to use. Enter the Maximum Transmission Unit (MTU) for the WiMAX Device. This is the largest protocol unit that the WiMAX Device allows to pass through it. HES-309M Series User’s Guide...

  • Page 80: Pppoe

    User Define - Select this to manually enter the DNS server used by the WiMAX Device. 7.3 PPPoE Use these settings to configure the PPPoE connection between the WiMAX Device and the service provider. Click Network Setting > WAN > PPPoE Figure 27 PPPoE Screen HES-309M Series User’s Guide...
  • Page 81 Enter in seconds the duration the WiMAX Device waits for idle activity Timeout before disconnecting from the WAN. PPPoE Connect Click this to connect to the WAN using PPPoE. PPPoE Click this to disconnect from the WAN. Disconnect HES-309M Series User’s Guide...

  • Page 82: Gre

    Click Network Setting > WAN > EtherIP to open this screen as shown next. Figure 29 EtherIP Screen This screen contains the following fields: Table 23 EtherIP LABEL DESCRIPTION Peer IP Address Enter the IP address of the EtherIP peer. HES-309M Series User’s Guide...
  • Page 83 This screen contains the following fields: Table 24 IP LABEL DESCRIPTION IP address Enter the IP address of the LAN interface for the WiMAX Device. IP Subnet Mask Enter the IP subnet maks of the LAN interface for the WiMAX Device. HES-309M Series User’s Guide...

  • Page 84: Dhcp

    Server - This sets the WiMAX Device as a DHCP server for the LAN. • Relay - This sets the WiMAX Device as a DHCP relay for the LAN, allowing it to pass-through IP addresses assigned to LAN devices from the ISP servers. HES-309M Series User’s Guide...

  • Page 85: Static Route

    Click this to refresh the list. 7.8 Static Route Use these settings to create fixed paths through the network. Click Network Setting > Route > Static Route to open this screen as shown next. Figure 32 Static Route Screen HES-309M Series User’s Guide...

  • Page 86: Rip

    Click this to add a new static route to the list. 7.9 RIP Use these settings to configure how the WiMAX Device exchanges information with other routers. Click Network Setting > Route > RIP to open this screen as shown next. Figure 33 RIP Screen HES-309M Series User’s Guide...

  • Page 87: Port Forwarding

    Use these settings to forward incoming service requests to the ports on your local network. Note: Make sure you did not configure a DMZ host in the Network Setting > NAT > DMZ screen if you want to make the settings of this screen work. HES-309M Series User’s Guide...
  • Page 88 Click this to delete a specified rule. Wizard Click this to open the port forwarding “wizard”. Click this to add a new port forwarding rule. Click this to save any changes made to the port forwarding list. HES-309M Series User’s Guide...

  • Page 89: Port Forwarding Wizard

    Enter the starting port number for forwarded traffic for the port Start Port forwarding rule. Forwarding End Enter the ending port number for forwarded traffic for the port Port forwarding rule. Server IP Enter the port forwarding server IP address. HES-309M Series User’s Guide...

  • Page 90: Port Trigger

    End Port field. If you want to delete this rule, click the Delete icon. Open Protocol This indicates which protocol is used to open the port trigger ports. Open Port(s) HES-309M Series User’s Guide...

  • Page 91: Port Trigger Wizard

    Click Network Setting > NAT > Port Trigger > Wizard Figure 37 Port Trigger Wizard Screen HES-309M Series User’s Guide...

  • Page 92: Trigger Port Forwarding Example

    IP address. The WiMAX Device associates Jane's computer IP address with the "incoming" port range of 6970-7170. The Real Audio server responds using a port number ranging between 6970-7170. The WiMAX Device forwards the traffic to Jane’s computer IP address. HES-309M Series User’s Guide...

  • Page 93: Dmz

    Figure 39 DMZ Screen This screen contains the following fields: Table 32 DMZ LABEL DESCRIPTION DMZ Host Enter the IP address of your network DMZ host, if you have one. 0.0.0.0 means this feature is disabled. HES-309M Series User’s Guide...

  • Page 94: Alg

    Turns on the SIP ALG to detect SIP traffic and helps build SIP sessions through the WiMAX Device’s NAT. SIP Port If you are using a custom UDP port number (not 5060) for SIP traffic, enter it here. HES-309M Series User’s Guide...

  • Page 95: Upnp

    Follow the steps below to install the UPnP in Windows XP. Click Start > Control Panel. Double-click Network Connections. In the Network Connections window, click Advanced in the main menu and select Optional Networking Components …. HES-309M Series User’s Guide...
  • Page 96 Select Networking Service in the Components selection box and click Details. In the Networking Services window, select the Universal Plug and Play check box. Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. HES-309M Series User’s Guide...
  • Page 97 Make sure the computer is connected to a LAN port of the WiMAX Device. Turn on your computer and the WiMAX Device. Click Start and Control Panel. Double-click Network Connections. An icon displays under Internet Gateway. Right-click the icon and select Properties. HES-309M Series User’s Guide...
  • Page 98 You may edit or delete the port mappings or click Add to manually add port mappings. When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. HES-309M Series User’s Guide...

  • Page 99: Web Configurator Easy Access

    IP address of the WiMAX Device first. This becomes helpful if you do not know the IP address of the WiMAX Device. Follow the steps below to access the web configurator: Click Start and then Control Panel. Double-click Network Connections. HES-309M Series User’s Guide...
  • Page 100 Select My Network Places under Other Places. An icon with the description for each UPnP-enabled device displays under Local Network. Right-click on the icon for your WiMAX Device and select Invoke. The web configurator login screen displays. HES-309M Series User’s Guide...

  • Page 101: Ddns

    Right-click on the icon for your WiMAX Device and select Properties. A properties window displays with basic information about the WiMAX Device. 7.15 DDNS Use this page to configure the WiMAX Device as a dynamic DNS client. Click Network Setting > DDNS Figure 42 DDNS Screen HES-309M Series User’s Guide...

  • Page 102: Content Filter

    Use these settings to allow ("whitelist") or block ("blacklist") connections to and from specific web sites through the WiMAX Device. Click Network Setting > Content Filter to open this screen as shown next. Figure 43 Content Filter Screen HES-309M Series User’s Guide...
  • Page 103 Indicates the URL to be filtered according to blacklist or whitelist rules. Delete Click this to delete a specified rule. Click this to add a new filter rule. Click this to save any changes made to the list. HES-309M Series User’s Guide...
  • Page 104 Chapter 7 Network Settings HES-309M Series User’s Guide...

  • Page 105: Security

    These computers will have access to Internet services such as e-mail, FTP and the World Wide Web. However, “inbound access” is not allowed (by default) unless the remote host is authorized to use a specific service. HES-309M Series User’s Guide...

  • Page 106: Ip Filter

    If you want to delete this rule, click the Delete icon. Delete Click this to delete a specified rule. Click this to add a new filter rule. Click this to save any changes made to the list. HES-309M Series User’s Guide...

  • Page 107: Mac Filter

    Select what time each day you want the filter rule to be effective. Enter Time times in 24-hour format; for example, 3:00pm should be entered as 15:00. Click this to add a new filter rule. Click this to save any changes made to the list. HES-309M Series User’s Guide...

  • Page 108: Ddos

    A Local Area Network Denial (LAND) attack is a type of denial of service attack where a spoofed TCP SYN packet targets a client device’s IP address and forces it into an infinite recursive loop of querying itself and then replying, effectively locking it down. HES-309M Series User’s Guide...
  • Page 109 This results in the client device suffering from a buffer overflow and subsequent system crash. Prevent from Select this to ignore ping requests from the WAN. PING from WAN HES-309M Series User’s Guide...
  • Page 110 Chapter 8 Security HES-309M Series User’s Guide...

  • Page 111: Maintenance

    If it does not match, the WiMAX Device will disconnect the session immediately. There is already another remote management session with an equal or higher priority running. You may only have one remote management session running at one time. HES-309M Series User’s Guide...
  • Page 112 WiMAX Device through the network. The WiMAX Device supports SNMP version one (SNMPv1) and version two (SNMPv2). The next figure illustrates an SNMP management operation. Note: SNMP is only available if TCP/IP is configured. HES-309M Series User’s Guide...
  • Page 113 ACS. The WiMAX Device can be configured to periodically check for updates from the auto-configuration server so that the end user need not be worried about it. HES-309M Series User’s Guide...
  • Page 114 • GetNext - Allows the manager to retrieve the next object variable from a table or list within an agent. In SNMPv1, when a manager wants to retrieve all elements of a table from an agent, it initiates a Get operation, followed by a series of GetNext operations. HES-309M Series User’s Guide...
  • Page 115 The WiMAX Device responds by sending back its credentials (2), to which the server responds with its credentials along with a string of management operations (3). The client responds to the management operations (4), perhaps confirming file alterations or confirming receipt of file uploads and so on. HES-309M Series User’s Guide...
  • Page 116 – Hash Message Authentication Code Also known as HMAC, this code relies on cryptographic hash functions to bolster an existing protocol, such as MD5. It is a method for generating a stronger, significantly higher encryption key. HES-309M Series User’s Guide...
  • Page 117 HES-309M Series User’s Guide...

  • Page 118: Password

    Enter the new password for the login group. Password Retype Retype the new password for the login group. Change User name Group Select a group for which want to change a username. Enter the username to be changed. Username HES-309M Series User’s Guide...

  • Page 119: Http

    Enable Select this to enable remote management using this service. Port Number Enter the port number this service can use to access the WiMAX Device. The computer must use the same port number. HTTP and HTTPS HES-309M Series User’s Guide...

  • Page 120: Telnet

    The computer must use the same port number. Allow Select this to allow connections using this service that originate on the Connection WAN. from WAN Allow Select this to allow connection using this service that originate on the Connection LAN. from LAN HES-309M Series User’s Guide...

  • Page 121: Ssh

    The computer must use the same port number. Allow Select this to allow connections using this service that originate on the Connection WAN. from WAN Allow Select this to allow connection using this service that originate on the Connection LAN. from LAN HES-309M Series User’s Guide...

  • Page 122: Snmp

    Enter the IP address of the station to send your SNMP traps to. Trap Enter the trap community, which is the password sent with each trap to Community the SNMP manager. The default is public and allows all requests. HES-309M Series User’s Guide...

  • Page 123: Cwmp

    Enter the password sent when the WiMAX Device connects to an ACS and which is used for authentication. You can enter up to 31 alphanumeric characters (a-z, A-Z, 0-9) and underscores but spaces are not allowed. HES-309M Series User’s Guide...
  • Page 124 This displays information about the currently active CA certificate. Info Client Click Browse to upload a client certificate to the WiMAX Device. Certificate File Client This displays information about the currently active client certificate. Certificate Info HES-309M Series User’s Guide...

  • Page 125: Oma-Dm

    HMAC - Server ID and Password are encoded using a keyed Hash Message Authentication Code. Server ID Enter the identification code for the server. This is used by the WiMAX Device during the communication handshake process to identify the server. HES-309M Series User’s Guide...
  • Page 126 OM-DM server initiates contact with it and if you selected the checkbox on this screen. Periodical Enter the time interval (in seconds) at which the WiMAX Device Client-Initiated connects to the OMA-DM server. Interval HES-309M Series User’s Guide...

  • Page 127: Date

    NTP (RFC 1305) - This format is similar to Time (RFC 868). Time Server Enter the IP address or URL of your time server. Check with your ISP or Address 1~4 network administrator if you are unsure of this information. HES-309M Series User’s Guide...

  • Page 128: Time Zone

    (Hypertext Transfer Protocol) and may take up to two minutes. After a successful upload, the system restarts. Contact your service provider for information on available firmware upgrades. Note: Only use firmware for your WiMAX Device’s specific model. HES-309M Series User’s Guide...

  • Page 129: The Firmware Upload Process

    After two minutes, log in again, and check your new firmware version in the Status screen. You might have to open a new browser window to log in. If the upload is not successful, you will be notified by error message. HES-309M Series User’s Guide...

  • Page 130: Upgrade Link

    9.13 CWMP Upgrade Use this screen to upgrade the firmware on the WiMAX Device using CWMP Request Download. Click Maintenance > Firmware Upgrade > CWMP Upgrade to open this screen as shown next. Figure 62 CWMP Upgrade Screen HES-309M Series User’s Guide...

  • Page 131: Backup

    Once your device is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes. The backup configuration file is useful if you need to return to your previous settings. HES-309M Series User’s Guide...

  • Page 132: Restore

    If the WiMAX Device’s IP address is different in the configuration file you selected, you may need to change the IP address of your computer to be in the same subnet as that of the default management IP address (192.168.5.1). See the HES-309M Series User’s Guide...

  • Page 133: Factory Defaults

    9.17 Log Setting Use this screen to configure which type of events on the WiMAX Device are logged. Click Maintenance > Log > Log Setting to open this screen as shown next. Figure 66 Log Setting Screen HES-309M Series User’s Guide...

  • Page 134: Log Display

    Figure 67 Log Display Screen This screen contains the following fields: Table 57 Log Display LABEL DESCRIPTION Display Level Select the type of logs to display from this menu. Refresh Click this to refresh the logs in the display window. HES-309M Series User’s Guide...

  • Page 135: About

    Use this screen to perform a software restart of the WiMAX Device. You may log in again within a few minutes of using the reboot button. Click Maintenance > Reboot to open this screen as shown next. Figure 69 Reboot Screen HES-309M Series User’s Guide...
  • Page 136 Click this button to have the device perform a software restart. The Power LED blinks as it restarts and the shines steadily if the restart is successful. Note: Wait one minute before logging back into the WiMAX Device after a restart. HES-309M Series User’s Guide...

  • Page 137: Troubleshooting

    One of the LEDs does not behave as expected. Make sure you understand the normal behavior of the LED. See Section 1.2.1 on page 18 for more information. Check the hardware connections. See the Quick Start Guide. HES-309M Series User’s Guide...

  • Page 138: Wimax Device Access And Login

    I cannot see or access the Login screen in the web configurator. Make sure you are using the correct IP address. • The default IP address is . • If you changed the IP address (Section 7.6 on page 83), use the new IP address. HES-309M Series User’s Guide...
  • Page 139 Disconnect and re-connect the power adapter or cord to the WiMAX Device. If this does not work, you have to reset the WiMAX Device to its factory defaults. Section 9.16 on page 133. HES-309M Series User’s Guide...

  • Page 140: Internet Access

    WiMAX Device), but my Internet connection is not available any more. Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide and Section 1.2.1 on page Disconnect and re-connect the power adapter to the WiMAX Device. HES-309M Series User’s Guide...

  • Page 141: Reset The Wimax Device To Its Factory Defaults

    If you reset the WiMAX Device, you lose all of the changes you have made. The WiMAX Device re-loads its default settings, and the password resets to 1234. You have to make all of your changes again. HES-309M Series User’s Guide...

  • Page 142: Pop-Up Windows, Javascript And Java Permissions

    The password is “1234”. If the WiMAX Device does not restart automatically, disconnect and reconnect the WiMAX Device’s power. Then, follow the directions above again. 10.4.1 Pop-up Windows, JavaScript and Java Permissions Please see Appendix C on page 179. HES-309M Series User’s Guide...

  • Page 143: Product Specifications

    4 LED : -50dBm <= RSSI > -60dBm • 3 LED : -60dBm <= RSSI > -70dBm • 2 LED : -70dBm <= RSSI > -80dBm • 1 LED : -80dBm <= RSSI > -90dBm • 0 LED : -90dBm >= RSSI HES-309M Series User’s Guide...
  • Page 144 1 Counts (1 sec) : -80dBm <= RSSI > -90dBm • 0 Counts no buzzer : -90dBm >= RSSI Antennna • Center Frequency: 3500 MHz (HES-319M), 2300 MHz (HES-339M), 2600 MHz (HES-309M) • Frequency Range: 3300 MHz~3600 MHz (HES-319M), 2300 MHz~2400 MHz (HES-339M), 2500 MHz~2700 MHz (HES-309M) •...
  • Page 145 25dB for QPSK ½, 14dB for 16QAM ¾, 7dB for 64QAM ¾. Receiver Non-Adjacent The receiver non-adjacent channel rejection measured Channel Rejection under the conditions defined in IEEE 802.16e-2005 is at least: 38dB for QPSK ½, 33dB for 16QAM ¾, 26dB for 64QAM ¾. HES-309M Series User’s Guide...
  • Page 146 Chapter 11 Product Specifications HES-309M Series User’s Guide...

  • Page 147: Appendix A Wimax Security

    (secret) key. The public key is used for encryption and the private key is used for decryption. You can decrypt a message only if you have the private key. Public key certificates (or ‘digital IDs’) allow users to verify each other’s identity. HES-309M Series User’s Guide...
  • Page 148 Sent by the RADIUS server to indicate that it has started or stopped accounting. In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password they both know. The key is not sent over HES-309M Series User’s Guide...
  • Page 149 This series of ‘chained’ blocks creates a message authentication code (MAC or CMAC) that ensures the encrypted data has not been tampered with. HES-309M Series User’s Guide...
  • Page 150 Client authentication is then done by sending username and password through the secure connection, thus client identity is protected. For client authentication, EAP-TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2. HES-309M Series User’s Guide...

  • Page 151: Appendix B Setting Up Your Computer's Ip Address

    152 • Windows Vista page 155 • Mac OS X: 10.3 and 10.4 page 159 • Mac OS X: 10.5 page 163 • Linux: Ubuntu 8 (GNOME) page 166 • Linux: openSUSE 10.3 (KDE) page 172 HES-309M Series User’s Guide...
  • Page 152 The following example uses the default Windows XP display theme but can also apply to Windows 2000 and Windows NT. Click Start > Control Panel. Figure 70 Windows XP: Start Menu In the Control Panel, click the Network Connections icon. Figure 71 Windows XP: Control Panel HES-309M Series User’s Guide...
  • Page 153 Right-click Local Area Connection and then select Properties. Figure 72 Windows XP: Control Panel > Network Connections > Properties On the General tab, select Internet Protocol (TCP/IP) and then click Properties. Figure 73 Windows XP: Local Area Connection Properties HES-309M Series User’s Guide...
  • Page 154 In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can also go to Start > Control Panel > Network Connections, right-click a network connection, click Status and then click the Support tab to view your IP address and connection information. HES-309M Series User’s Guide...
  • Page 155 Figure 75 Windows Vista: Start Menu In the Control Panel, click the Network and Internet icon. Figure 76 Windows Vista: Control Panel Click the Network and Sharing Center icon. Figure 77 Windows Vista: Network And Internet HES-309M Series User’s Guide...
  • Page 156 Figure 78 Windows Vista: Network and Sharing Center Right-click Local Area Connection and then select Properties. Figure 79 Windows Vista: Network and Sharing Center Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue. HES-309M Series User’s Guide...
  • Page 157 Appendix B Setting Up Your Computer’s IP Address Select Internet Protocol Version 4 (TCP/IPv4) and then select Properties. Figure 80 Windows Vista: Local Area Connection Properties HES-309M Series User’s Guide...
  • Page 158 In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can also go to Start > Control Panel > Network Connections, right-click a network connection, click Status and then click the Support tab to view your IP address and connection information. HES-309M Series User’s Guide...
  • Page 159 The screens in this section are from Mac OS X 10.4 but can also apply to 10.3. Click Apple > System Preferences. Figure 82 Mac OS X 10.4: Apple Menu In the System Preferences window, click the Network icon. Figure 83 Mac OS X 10.4: System Preferences HES-309M Series User’s Guide...
  • Page 160 Configure. Figure 84 Mac OS X 10.4: Network Preferences For dynamically assigned settings, select Using DHCP from the Configure IPv4 list in the TCP/IP tab. Figure 85 Mac OS X 10.4: Network Preferences > TCP/IP Tab. HES-309M Series User’s Guide...
  • Page 161 • In the IP Address field, type your IP address. • In the Subnet Mask field, type your subnet mask. • In the Router field, type the IP address of your device. Figure 86 Mac OS X 10.4: Network Preferences > Ethernet HES-309M Series User’s Guide...
  • Page 162 Click Apply Now and close the window. Verifying Settings Check your TCP/IP properties by clicking Applications > Utilities > Network Utilities, and then selecting the appropriate Network Interface from the Info tab. Figure 87 Mac OS X 10.4: Network Utility HES-309M Series User’s Guide...
  • Page 163 The screens in this section are from Mac OS X 10.5. Click Apple > System Preferences. Figure 88 Mac OS X 10.5: Apple Menu In System Preferences, click the Network icon. Figure 89 Mac OS X 10.5: Systems Preferences HES-309M Series User’s Guide...
  • Page 164 From the Configure list, select Using DHCP for dynamically assigned settings. For statically assigned settings, do the following: • From the Configure list, select Manually. • In the IP Address field, enter your IP address. • In the Subnet Mask field, enter your subnet mask. HES-309M Series User’s Guide...
  • Page 165 Appendix B Setting Up Your Computer’s IP Address • In the Router field, enter the IP address of your WiMAX Device. Figure 91 Mac OS X 10.5: Network Preferences > Ethernet Click Apply and close the window. HES-309M Series User’s Guide...
  • Page 166 The following screens use the default Ubuntu 8 installation. Note: Make sure you are logged in as the root administrator. Follow the steps below to configure your computer IP address in GNOME: HES-309M Series User’s Guide...
  • Page 167 When the Network Settings window opens, click Unlock to open the Authenticate window. (By default, the Unlock button is greyed out until clicked.) You cannot make changes to your configuration unless you first enter your admin password. Figure 94 Ubuntu 8: Network Settings > Connections HES-309M Series User’s Guide...
  • Page 168 In the Authenticate window, enter your admin account name and password then click the Authenticate button. Figure 95 Ubuntu 8: Administrator Account Authentication In the Network Settings window, select the connection that you want to configure, then click Properties. Figure 96 Ubuntu 8: Network Settings > Connections HES-309M Series User’s Guide...
  • Page 169 • In the Configuration list, select Static IP address if you have a static IP address. Fill in the IP address, Subnet mask, and Gateway address fields. Click OK to save the changes and close the Properties dialog box and return to the Network Settings screen. HES-309M Series User’s Guide...
  • Page 170 Figure 98 Ubuntu 8: Network Settings > DNS Click the Close button to apply the changes. Verifying Settings Check your TCP/IP properties by clicking System > Administration > Network Tools, and then selecting the appropriate Network device from the Devices HES-309M Series User’s Guide...
  • Page 171 Appendix B Setting Up Your Computer’s IP Address tab. The Interface Statistics column shows data if your connection is working properly. Figure 99 Ubuntu 8: Network Tools HES-309M Series User’s Guide...
  • Page 172 Note: Make sure you are logged in as the root administrator. Follow the steps below to configure your computer IP address in the KDE: Click K Menu > Computer > Administrator Settings (YaST). Figure 100 openSUSE 10.3: K Menu > Computer Menu HES-309M Series User’s Guide...
  • Page 173 When the Run as Root - KDE su dialog opens, enter the admin password and click OK. Figure 101 openSUSE 10.3: K Menu > Computer Menu When the YaST Control Center window opens, select Network Devices and then click the Network Card icon. Figure 102 openSUSE 10.3: YaST Control Center HES-309M Series User’s Guide...
  • Page 174 Appendix B Setting Up Your Computer’s IP Address When the Network Settings window opens, click the Overview tab, select the appropriate connection Name from the list, and then click the Configure button. Figure 103 openSUSE 10.3: Network Settings HES-309M Series User’s Guide...
  • Page 175 Select Dynamic Address (DHCP) if you have a dynamic IP address. Select Statically assigned IP Address if you have a static IP address. Fill in the IP address, Subnet mask, and Hostname fields. Click Next to save the changes and close the Network Card Setup window. HES-309M Series User’s Guide...
  • Page 176 If you know your DNS server IP address(es), click the Hostname/DNS tab in Network Settings and then enter the DNS server information in the fields provided. Figure 105 openSUSE 10.3: Network Settings Click Finish to save your settings and close the window. HES-309M Series User’s Guide...
  • Page 177 From the Options sub-menu, select Show Connection Information. Figure 106 openSUSE 10.3: KNetwork Manager When the Connection Status - KNetwork Manager window opens, click the Statistics tab to see if your connection is working properly. Figure 107 openSUSE: Connection Status - KNetwork Manager HES-309M Series User’s Guide...
  • Page 178 Appendix B Setting Up Your Computer’s IP Address HES-309M Series User’s Guide...

  • Page 179: Appendix C Pop-Up Windows, Javascript And Java Permissions

    In Internet Explorer, select Tools, Pop-up Blocker and then select Turn Off Pop-up Blocker. Figure 108 Pop-up Blocker You can also check if pop-up blocking is disabled in the Pop-up Blocker section in the Privacy tab. HES-309M Series User’s Guide...
  • Page 180 Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. In Internet Explorer, select Tools, Internet Options and then the Privacy tab. HES-309M Series User’s Guide...
  • Page 181 Select Settings…to open the Pop-up Blocker Settings screen. Figure 110 Internet Options: Privacy Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. HES-309M Series User’s Guide...
  • Page 182 Figure 111 Pop-up Blocker Settings Click Close to return to the Privacy screen. Click Apply to save this setting. JavaScript If pages of the web configurator do not display properly in Internet Explorer, check that JavaScript is allowed. HES-309M Series User’s Guide...
  • Page 183 Figure 112 Internet Options: Security Click the Custom Level... button. Scroll down to Scripting. Under Active scripting make sure that Enable is selected (the default). Under Scripting of Java applets make sure that Enable is selected (the default). HES-309M Series User’s Guide...
  • Page 184 Figure 113 Security Settings - Java Scripting Java Permissions From Internet Explorer, click Tools, Internet Options and then the Security tab. Click the Custom Level... button. Scroll down to Microsoft VM. Under Java permissions make sure that a safety level is selected. HES-309M Series User’s Guide...
  • Page 185 Click OK to close the window. Figure 114 Security Settings - Java JAVA (Sun) From Internet Explorer, click Tools, Internet Options and then the Advanced tab. Make sure that Use Java 2 for <applet> under Java (Sun) is selected. HES-309M Series User’s Guide...
  • Page 186 Mozilla Firefox 2.0 screens are used here. Screens for other versions may vary. You can enable Java, Javascript and pop-ups in one screen. Click Tools, then click Options in the screen that appears. Figure 116 Mozilla Firefox: TOOLS > Options HES-309M Series User’s Guide...
  • Page 187 Appendix C Pop-up Windows, JavaScript and Java Permissions Click Content.to show the screen below. Select the check boxes as shown in the following screen. Figure 117 Mozilla Firefox Content Security HES-309M Series User’s Guide...
  • Page 188 Appendix C Pop-up Windows, JavaScript and Java Permissions HES-309M Series User’s Guide...

  • Page 189: Appendix D Ip Addresses And Subnetting

    ). Each of these four parts is known as an octet. An octet is an eight- digit binary number (for example 11000000, which is 192 in decimal notation). Therefore, each octet has a possible range of 00000000 to 11111111 in binary, or 0 to 255 in decimal. HES-309M Series User’s Guide...
  • Page 190 Table 60 IP Address Network Number and Host ID Example OCTET: OCTET: OCTET: OCTET (192) (168) IP Address (Binary) 11000000 10101000 00000001 00000010 Subnet Mask (Binary) 11111111 11111111 11111111 00000000 Network Number 11000000 10101000 00000001 Host ID 00000010 HES-309M Series User’s Guide...
  • Page 191 SUBNET MASK HOST ID SIZE HOSTS 8 bits 255.0.0.0 24 bits – 2 16777214 16 bits 255.255.0.0 16 bits – 2 65534 24 bits 255.255.255.0 8 bits – 2 29 bits 255.255.255.2 3 bits – 2 HES-309M Series User’s Guide...
  • Page 192 In this example, the company network address is 192.168.1.0. The first three octets of the address (192.168.1) are the network number, and the remaining octet is the host ID, allowing a maximum of 2 – 2 or 254 possible hosts. HES-309M Series User’s Guide...
  • Page 193 You can “borrow” one of the host ID bits to divide the network 192.168.1.0 into two separate sub-networks. The subnet mask is now 25 bits (255.255.255.128 or /25). The “borrowed” host ID bit can have a value of either 0 or 1, allowing two subnets; 192.168.1.0 /25 and 192.168.1.128 /25. HES-309M Series User’s Guide...
  • Page 194 Similarly, to divide a 24-bit address into four subnets, you need to “borrow” two host ID bits to give four possible combinations (00, 01, 10 and 11). The subnet mask is 26 bits (11111111.11111111.11111111.11000000) or 255.255.255.192. HES-309M Series User’s Guide...
  • Page 195 Lowest Host ID: 192.168.1.129 192.168.1.128 Broadcast Address: Highest Host ID: 192.168.1.190 192.168.1.191 Table 67 Subnet 4 LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001 11000000 Subnet Mask (Binary) 11111111.11111111.11111111 11000000 HES-309M Series User’s Guide...
  • Page 196 The following table is a summary for subnet planning on a network with a 24-bit network number. Table 69 24-bit Network Number Subnet Planning NO. “BORROWED” NO. HOSTS PER SUBNET MASK NO. SUBNETS HOST BITS SUBNET 255.255.255.128 (/25) 255.255.255.192 (/26) 255.255.255.224 (/27) 255.255.255.240 (/28) 255.255.255.248 (/29) 255.255.255.252 (/30) 255.255.255.254 (/31) HES-309M Series User’s Guide...
  • Page 197 IP address. The subnet mask specifies the network number portion of an IP address. Your WiMAX Device will compute the subnet mask automatically based on the IP HES-309M Series User’s Guide...
  • Page 198 A has a static (or fixed) IP address that is the same as the IP address that a DHCP server assigns to computer B which is a DHCP client. Neither can access the Internet. This problem can be solved by assigning a different static IP HES-309M Series User’s Guide...
  • Page 199 Conflicting Computer and Router IP Addresses Example More than one device can not use the same IP address. In the following example, the computer and the router’s LAN port both use 192.168.1.1 as the IP address. HES-309M Series User’s Guide...
  • Page 200 Appendix D IP Addresses and Subnetting The computer cannot access the Internet. This problem can be solved by assigning a different IP address to the computer or the router’s LAN port. Figure 123 Conflicting Computer and Router IP Addresses Example HES-309M Series User’s Guide...

  • Page 201: Appendix E Importing Certificates

    In this appendix, you can import a public key certificate for: • Internet Explorer on page 202 • Firefox on page 212 • Opera on page 218 • Konqueror on page 226 HES-309M Series User’s Guide...
  • Page 202 If your device’s web configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error. Figure 124 Internet Explorer 7: Certification Error Click Continue to this website (not recommended). Figure 125 Internet Explorer 7: Certification Error HES-309M Series User’s Guide...
  • Page 203 Appendix E Importing Certificates In the Address Bar, click Certificate Error > View certificates. Figure 126 Internet Explorer 7: Certificate Error In the Certificate dialog box, click Install Certificate. Figure 127 Internet Explorer 7: Certificate HES-309M Series User’s Guide...
  • Page 204 Figure 128 Internet Explorer 7: Certificate Import Wizard If you want Internet Explorer to Automatically select certificate store based on the type of certificate, click Next again and then go to step 9. Figure 129 Internet Explorer 7: Certificate Import Wizard HES-309M Series User’s Guide...
  • Page 205 Figure 130 Internet Explorer 7: Certificate Import Wizard In the Select Certificate Store dialog box, choose a location in which to save the certificate and then click OK. Figure 131 Internet Explorer 7: Select Certificate Store HES-309M Series User’s Guide...
  • Page 206 In the Completing the Certificate Import Wizard screen, click Finish. Figure 132 Internet Explorer 7: Certificate Import Wizard 10 If you are presented with another Security Warning, click Yes. Figure 133 Internet Explorer 7: Security Warning HES-309M Series User’s Guide...
  • Page 207 12 The next time you start Internet Explorer and go to a ZyXEL web configurator page, a sealed padlock icon appears in the address bar. Click it to view the page’s Website Identification information. Figure 135 Internet Explorer 7: Website Identification HES-309M Series User’s Guide...
  • Page 208 Figure 136 Internet Explorer 7: Public Key Certificate File In the security warning dialog box, click Open. Figure 137 Internet Explorer 7: Open File - Security Warning Refer to steps 4-12 in the Internet Explorer procedure beginning on page 202 complete the installation process. HES-309M Series User’s Guide...
  • Page 209 This section shows you how to remove a public key certificate in Internet Explorer Open Internet Explorer and click TOOLS > Internet Options. Figure 138 Internet Explorer 7: Tools Menu In the Internet Options dialog box, click Content > Certificates. Figure 139 Internet Explorer 7: Internet Options HES-309M Series User’s Guide...
  • Page 210 Remove. Figure 140 Internet Explorer 7: Certificates In the Certificates confirmation, click Yes. Figure 141 Internet Explorer 7: Certificates In the Root Certificate Store dialog box, click Yes. Figure 142 Internet Explorer 7: Root Certificate Store HES-309M Series User’s Guide...
  • Page 211 Appendix E Importing Certificates The next time you go to the web site that issued the public key certificate you just removed, a certification error appears. HES-309M Series User’s Guide...
  • Page 212 If your device’s web configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error. Select Accept this certificate permanently and click OK. Figure 143 Firefox 2: Website Certified by an Unknown Authority HES-309M Series User’s Guide...
  • Page 213 The certificate is stored and you can now connect securely to the web configurator. A sealed padlock appears in the address bar, which you can click to open the Page Info > Security window to view the web page’s security information. Figure 144 Firefox 2: Page Info HES-309M Series User’s Guide...
  • Page 214 Open Firefox and click TOOLS > Options. Figure 145 Firefox 2: Tools Menu In the Options dialog box, click ADVANCED > Encryption > View Certificates. Figure 146 Firefox 2: Options HES-309M Series User’s Guide...
  • Page 215 Figure 148 Firefox 2: Select File The next time you visit the web site, click the padlock in the address bar to open the Page Info > Security window to see the web page’s security information. HES-309M Series User’s Guide...
  • Page 216 This section shows you how to remove a public key certificate in Firefox 2. Open Firefox and click TOOLS > Options. Figure 149 Firefox 2: Tools Menu In the Options dialog box, click ADVANCED > Encryption > View Certificates. Figure 150 Firefox 2: Options HES-309M Series User’s Guide...
  • Page 217 In the Delete Web Site Certificates dialog box, click OK. Figure 152 Firefox 2: Delete Web Site Certificates The next time you go to the web site that issued the public key certificate you just removed, a certification error appears. HES-309M Series User’s Guide...
  • Page 218 If your device’s web configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error. Click Install to accept the certificate. Figure 153 Opera 9: Certificate signer not found HES-309M Series User’s Guide...
  • Page 219 Appendix E Importing Certificates The next time you visit the web site, click the padlock in the address bar to open the Security information window to view the web page’s security details. Figure 154 Opera 9: Security information HES-309M Series User’s Guide...
  • Page 220 Rather than browsing to a ZyXEL web configurator and installing a public key certificate when prompted, you can install a stand-alone certificate file if one has been issued to you. Open Opera and click TOOLS > Preferences. Figure 155 Opera 9: Tools Menu HES-309M Series User’s Guide...
  • Page 221 Appendix E Importing Certificates In Preferences, click ADVANCED > Security > Manage certificates. Figure 156 Opera 9: Preferences HES-309M Series User’s Guide...
  • Page 222 Appendix E Importing Certificates In the Certificates Manager, click Authorities > Import. Figure 157 Opera 9: Certificate manager Use the Import certificate dialog box to locate the certificate and then click Open. Figure 158 Opera 9: Import certificate HES-309M Series User’s Guide...
  • Page 223 Next, click OK. Figure 160 Opera 9: Install authority certificate The next time you visit the web site, click the padlock in the address bar to open the Security information window to view the web page’s security details. HES-309M Series User’s Guide...
  • Page 224 This section shows you how to remove a public key certificate in Opera 9. Open Opera and click TOOLS > Preferences. Figure 161 Opera 9: Tools Menu In Preferences, ADVANCED > Security > Manage certificates. Figure 162 Opera 9: Preferences HES-309M Series User’s Guide...
  • Page 225 The next time you go to the web site that issued the public key certificate you just removed, a certification error appears. Note: There is no confirmation when you delete a certificate authority, so be absolutely certain that you want to go through with it before clicking the button. HES-309M Series User’s Guide...
  • Page 226 If your device’s web configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error. Click Continue. Figure 164 Konqueror 3.5: Server Authentication Click Forever when prompted to accept the certificate. Figure 165 Konqueror 3.5: Server Authentication HES-309M Series User’s Guide...
  • Page 227 Appendix E Importing Certificates Click the padlock in the address bar to open the KDE SSL Information window and view the web page’s security details. Figure 166 Konqueror 3.5: KDE SSL Information HES-309M Series User’s Guide...
  • Page 228 Figure 167 Konqueror 3.5: Public Key Certificate File In the Certificate Import Result - Kleopatra dialog box, click OK. Figure 168 Konqueror 3.5: Certificate Import Result The public key certificate appears in the KDE certificate manager, Kleopatra. Figure 169 Konqueror 3.5: Kleopatra HES-309M Series User’s Guide...
  • Page 229 Appendix E Importing Certificates The next time you visit the web site, click the padlock in the address bar to open the KDE SSL Information window to view the web page’s security details. HES-309M Series User’s Guide...
  • Page 230 On the Peer SSL Certificates tab, select the certificate you want to delete and then click Remove. Figure 171 Konqueror 3.5: Configure The next time you go to the web site that issued the public key certificate you just removed, a certification error appears. HES-309M Series User’s Guide...
  • Page 231 Appendix E Importing Certificates Note: There is no confirmation when you remove a certificate authority, so be absolutely certain you want to go through with it before clicking the button. HES-309M Series User’s Guide...
  • Page 232 Appendix E Importing Certificates HES-309M Series User’s Guide...

  • Page 233: Appendix F Common Services

    Border Gateway Protocol. BOOTP_CLIENT DHCP Client. BOOTP_SERVER DHCP Server. CU-SEEME 7648 A popular videoconferencing solution from White Pines Software. 24032 TCP/UDP Domain Name Server, a service that matches web names (for example www.zyxel.com) to IP numbers. HES-309M Series User’s Guide...
  • Page 234 ICMP echo requests to test whether or not a remote host is reachable. POP3 Post Office Protocol version 3 lets a client computer get e-mail from a POP3 server through a temporary connection (TCP/IP or other). HES-309M Series User’s Guide...
  • Page 235 System). TELNET Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments. It operates over TCP/IP networks. Its primary function is to allow users to log into remote host systems. HES-309M Series User’s Guide...
  • Page 236 NAME PROTOCOL PORT(S) DESCRIPTION TFTP Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). VDOLIVE 7000 Another videoconferencing solution. HES-309M Series User’s Guide...

  • Page 237: Appendix G Legal Information

    ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved. Disclaimers ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein.
  • Page 238 This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter. To comply with FCC RF exposure compliance requirements, a separation distance of at least 40 cm must be maintained between the antenna of this device and all persons. HES-309M Series User’s Guide...
  • Page 239 ZyXEL. This warranty shall not apply if the product has been modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions. HES-309M Series User’s Guide...
  • Page 240 To obtain the services of this warranty, contact your vendor. You may also refer to the warranty policy for the region in which you bought the device at http:// www.zyxel.com/web/support_warranty_info.php. Registration Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com. HES-309M Series User’s Guide...

  • Page 241: Index

    DHCP server diameter base station digital ID 54, 147 see BS Dynamic Host Configuration Protocol 51–52 see DHCP links 53, 54 EAP (Extensible Authentication Protocol) CBC-MAC EAP-TLS CCMP 147, 149 EAP-TTLS cell encryption 147–149 certificates HES-309M Series User’s Guide...
  • Page 242 RADIUS 52, 54, 148 Message Types Messages Shared Secret Key registration product related documentation Management Information Base (MIB) remote management and NAT Message Authentication Code remote management limitations HES-309M Series User’s Guide...
  • Page 243 MAN tampering wireless network TCP/IP configuration access standard TFTP restrictions wireless security wizard setup transport encryption key see TEK transport layer security see TLS trigger port forwarding process TTLS 147, 150 tunneled TLS see TTLS HES-309M Series User’s Guide...
  • Page 244 Index HES-309M Series User’s Guide...
  • Page 245 Index HES-309M Series User’s Guide...
  • Page 246 Index HES-309M Series User’s Guide...

Table of Contents