User’s Guide PDF. Related Documentation • Quick Start Guide The Quick Start Guide is designed to help you get your NBG4604 up and running right away. It contains information on setting up your network and configuring for Internet access.
Page 4
About This User's Guide Documentation Feedback Send your comments, questions or suggestions to: techwriters@zyxel.com.tw Thank you! The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 30099, Taiwan. Need More Help? More help is available at www.zyxel.com.
Page 5
ZyXEL office for the region in which you bought the device. See http://www.zyxel.com/web/contact_us.php for contact information. Please have the following information ready when you contact an office. • Product model and serial number. • Warranty Information. • Date that you received your device. NBG4604 User’s Guide...
Syntax Conventions • The NBG4604 may be referred to as the “NBG4604”, the “device”, the “product” or the “system” in this User’s Guide. • Product labels, screen names, field labels and field choices are all in bold font.
Page 7
Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The NBG4604 icon is not an exact representation of your device. NBG4604 Computer Notebook computer Server Modem Firewall Telephone Switch Router NBG4604 User’s Guide...
Your product is marked with this symbol, which is known as the WEEE mark. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should not be mixed with general waste. Used electrical and electronic equipment should be treated separately. NBG4604 User’s Guide...
Introduction ..........................21 1.1 Overview ..........................21 1.2 Applications ......................... 21 1.3 Ways to Manage the NBG4604 ................... 22 1.4 Good Habits for Managing the NBG4604 ................22 1.5 LEDs ............................ 22 Chapter 2 The WPS Button........................25 2.1 Overview ..........................25 Chapter 3 The Web Configurator ......................
Page 12
6.1 Overview ..........................63 6.2 How to Connect to the Internet from an AP ................. 63 6.2.1 Configure Wireless Security Using WPS on both your NBG4604 and Wireless Client 63 6.2.2 Enable and Configure Wireless Security without WPS on your NBG4604 ....67 6.3 Bandwidth Management for your Network ................
Page 13
8.4.1 Ethernet Encapsulation .................... 105 8.4.2 PPPoE Encapsulation ....................106 8.4.3 PPTP Encapsulation ....................108 8.5 Advanced WAN Screen ......................111 Chapter 9 LAN............................113 9.1 Overview ..........................113 9.2 What You Can Do .......................113 9.3 What You Need To Know ....................114 NBG4604 User’s Guide...
Page 14
13.1 Overview ........................135 13.2 What You Can Do ......................136 13.3 What You Need To Know ....................136 13.3.1 About the NBG4604 Firewall .................. 136 13.4 General Firewall Screen ....................137 13.5 The Access Control Rule Screen ..................137 13.5.1 Add/Edit an ACL Rule ..................
Page 15
17.5 The Telnet Screen ......................162 17.6 The FTP Screen ......................162 17.7 The SNMP Screen ......................163 17.7.1 Configuring SNMP ....................165 17.8 The ACS Screen ......................166 17.9 ACS Screen ........................167 17.9.1 STUN ........................167 NBG4604 User’s Guide...
Page 16
21.4.3 Back to Factory Defaults ..................194 21.5 Restart Screen ......................... 194 Chapter 22 Sys OP Mode ......................... 195 22.1 Overview .......................... 195 22.2 What You Can Do ......................195 22.3 What You Need to Know ....................196 NBG4604 User’s Guide...
Page 17
24.1 Power, Hardware Connections, and LEDs ..............201 24.2 NBG4604 Access and Login ................... 202 24.3 Internet Access ........................ 204 24.4 Resetting the NBG4604 to Its Factory Defaults ............... 205 24.5 Wireless Router/AP Troubleshooting ................206 Chapter 25 Product Specifications ......................209 25.1 Wall-mounting Instructions ....................211...
1.2 Applications Your can create the following networks using the NBG4604: • Wired. You can connect network devices via the Ethernet ports of the NBG4604 so that they can communicate with each other and access the Internet. • Wireless. Wireless clients can connect to the NBG4604 to access network resources.
NBG4604 using a (supported) web browser. 1.4 Good Habits for Managing the NBG4604 Do the following things regularly to make the NBG4604 more secure and to manage the NBG4604 more effectively. • Change the password. Use a password that’s not easy to guess and that consists of different types of characters, such as numbers and letters.
Page 23
Table 1 Front Panel LEDs and WPS Button COLOR STATUS DESCRIPTION WLAN Green The NBG4604 is ready, but is not sending/ receiving data through the wireless LAN. Blinking The NBG4604 is sending/receiving data through the wireless LAN. The NBG4604 is negotiating a WPS connection with a wireless client.
H A P T E R The WPS Button 2.1 Overview Your NBG4604 supports WiFi Protected Setup (WPS), which is an easy way to set up a secure wireless network. WPS is an industry standard specification, defined by the WiFi Alliance.
Page 26
Chapter 2 The WPS Button NBG4604 User’s Guide...
Internet Explorer. 3.2 Login Accounts There are two system accounts that you can use to log in to the NBG4604: “admin” and “supervisor”. These two accounts have different privilege levels. The web configurator screens vary depending on which account you use to log in.
Chapter 3 The Web Configurator 3.3 Accessing the Web Configurator Make sure your NBG4604 hardware is properly connected and prepare your computer or computer network to connect to the NBG4604 (refer to the Quick Start Guide). Launch your web browser.
Page 29
• Click Go to Wizard Setup to use the Configuration Wizard for basic Internet and Wireless setup. • Click Go to Advanced Setup to view and configure all the NBG4604’s settings. • Select a language to go to the basic Web Configurator in that language. To...
If you forget your password or IP address, or you cannot access the Web Configurator, you will need to use the RESET button at the back of the NBG4604 to reload the factory-default configuration file. This means that you will lose all configurations that you had previously saved, the password will be reset to “1234”...
Page 31
Select a number of seconds or None from the drop-down list box to refresh all screen statistics automatically at the end of every time interval or to not refresh the screen statistics. Click this button to refresh the status screen statistics. NBG4604 User’s Guide...
Page 32
LAN. - 802.11 Mode This shows the wireless standard. - SSID This shows a descriptive name used to identify the NBG4604 in the wireless LAN. - WPS This displays Configured when the WPS has been set up.
This shows whether UPnP is active or not. Interface Status Interface This displays the NBG4604 port types. The port types are: WAN, LAN and WLAN. Status For the LAN and WAN ports, this field displays Down (line is down) or Up (line is up or connected).
Page 34
Wireless General Use this screen to configure wireless LAN. MAC Filter Use the MAC filter screen to configure the NBG4604 to block access to devices or block the devices from accessing the NBG4604. Advanced This screen allows you to configure advanced wireless settings.
DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server. You can configure the NBG4604’s LAN as a DHCP server or disable it. When configured as a NBG4604 User’s Guide...
Chapter 3 The Web Configurator server, the NBG4604 provides the TCP/IP configuration for the clients. If DHCP service is disabled, you must have another DHCP server on that network, or else the computer must be manually configured. Click the DHCP Table (Details...) hyperlink in the Status screen. Read-only information here relates to your DHCP status.
3.6.4 Summary: WLAN Station Status Click the WLAN Station Status (Details...) hyperlink in the Status screen. View the wireless stations that are currently associated to the NBG4604 in the Association List. Association means that a wireless client (for example, your...
Page 38
MAC Address This field displays the MAC address of an associated wireless station. Association Time This field displays the time a wireless station first associated with the NBG4604’s WLAN network. Refresh Click Refresh to reload the list. NBG4604 User’s Guide...
Guide to know what to enter in each field. Leave a field blank if you don’t have that information. After you access the NBG4604 Web Configurator, click the Go to Wizard setup hyperlink. You can click Go to Advanced setup hyperlink to skip this wizard setup and configure basic or advanced features accordingly.
4.2 Connection Wizard: STEP 1: System Information System Information contains administrative and system-related information. 4.2.1 System Name System Name is for identification purposes. However, because some ISPs check this name you should enter your computer's "Computer Name". NBG4604 User’s Guide...
DHCP from the ISP is used. While you must enter the host name (System Name) on each individual computer, the domain name can be assigned from the NBG4604 via DHCP. Click Next to configure the NBG4604 for Internet access.
LABEL DESCRIPTION System System Name is a unique name to identify the NBG4604 in an Ethernet Name network. Enter a descriptive name. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes "-" and underscores "_"...
Page 43
Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the (SSID) wireless LAN. If you change this field on the NBG4604, make sure all wireless stations use the same SSID in order to access the network. Security Select a Security level from the drop-down list box.
4.4 Connection Wizard: STEP 3: Internet Configuration The NBG4604 offers three Internet connection types. They are Ethernet, PPP over Ethernet or PPTP. The wizard attempts to detect which WAN connection type you are using. If the wizard does not detect a connection type, you must select one from the drop-down list box.
PPTP Select the PPTP option for a dial-up connection. 4.4.1 Ethernet Connection Choose Ethernet when the WAN port is used as a regular Ethernet. Continue to Section 4.4.4 on page Figure 17 Wizard Step 3: Ethernet Connection NBG4604 User’s Guide...
By implementing PPPoE directly on the NBG4604 (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the NBG4604 does that part of the task. Furthermore, with NAT, all of the LAN's computers will have Internet access.
PPTP supports on-demand, multi-protocol, and virtual private networking over public networks, such as the Internet. Refer to the appendix for more information on PPTP. Note: The NBG4604 supports one PPTP server connection at any given time. Figure 19 Wizard Step 3: PPTP Connection NBG4604 User’s Guide...
Select this radio button if your ISP did not assign you a fixed IP automatically address. from ISP Use fixed IP Select this radio button, provided by your ISP to give the NBG4604 a address fixed, unique IP address. My IP Type the (static) IP address assigned to you by your ISP.
Similar to the way houses on a street share a common street name, so too do computers on a LAN share one common network number. Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP NBG4604 User’s Guide...
Once you have decided on the network number, pick an IP address that is easy to remember, for instance, 192.168.1.1, for your NBG4604, but make sure that no other device on your network is using that IP address.
The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it. The NBG4604 uses a system DNS server (in the order you specify here) to resolve domain names for DDNS and the time server.
This screen allows users to configure the WAN port's MAC address by either using the NBG4604’s MAC address, copying the MAC address from a computer on your LAN or manually entering a MAC address. Once it is successfully configured, the address will be copied to configuration file.
Chapter 4 Connection Wizard 4.5 Connection Wizard Complete Click Finish to complete the wizard setup. Figure 23 Connection Wizard Complete Well done! You have successfully set up your NBG4604 to operate on your network and access the Internet. NBG4604 User’s Guide...
AP mode. Use your NBG4604 as an AP if you already have a router or gateway on your network. In this mode your device bridges a wired network (LAN) and wireless LAN (WLAN) in the same subnet.
Chapter 5 AP Mode To set your NBG4604 to AP Mode, go to Maintenance > Sys OP Mode > General and select Access Point. Figure 25 Maintenance > Sys OP Mode > General A pop-up appears providing information on this mode. Click OK in the pop-up message window.
Page 57
Wireless clients must support the same standard in order to be able to connect to the NBG4604 - SSID This shows a descriptive name used to identify the NBG4604 in the wireless LAN. - WPS This shows the WPS (WiFi Protected Setup) Status. Click the status to display Network >...
Use this screen to view the wireless stations that are currently associated to the NBG4604. 5.3.1 Navigation Panel Use the menu in the navigation panel to configure NBG4604 features in AP Mode. The following screen and table show the features you can configure in AP Mode. Figure 27 Menu: AP Mode The following table describes the sub-menus.
Page 59
Wireless General Use this screen to configure wireless LAN. MAC Filter Use the MAC filter screen to configure the NBG4604 to block access to devices or block the devices from accessing the NBG4604. Advanced This screen allows you to configure advanced wireless settings.
5.4.1 LAN Settings Click Network > LAN to see the screen below. Note: If you change the IP address of the NBG4604 in the screen below, you will need to log into the NBG4604 again using the new IP address.
5.5 Logging in to the Web Configurator in AP Mode Connect your computer to the LAN port of the NBG4604. The default IP address of the NBG4604 is “192.168.1.2”. In this case, your computer must have an IP address in the range between “192.168.1.3” and “192.168.1.254”.
NBG4604 and Wireless Client This section gives you an example of how to set up wireless network using WPS. This example uses the NBG4604 as the AP and NWD210N as the wireless client which connects to a notebook. Note: The wireless client must be a WPS-aware device (for example, a WPS USB adapter or PCI card).
Page 64
Log into NBG4604’s Web Configurator and press the Push Button button in the Network > Wireless Client > WPS Station screen. Note: Your NBG4604 has a WPS button located on its panel, as well as a WPS button in its configuration utility. Both buttons have exactly the same function; you can use one or the other.
Chapter 6 Tutorials The following figure shows you an example to set up wireless network and security by pressing a button on both NBG4604 and wireless client (the NWD210N in this example). Figure 30 Example WPS Process: PBC Method NBG4604...
Page 66
Chapter 6 Tutorials The following figure shows you the example to set up wireless network and security on NBG4604 and wireless client (ex. NWD210N in this example) by using PIN method. Figure 31 Example WPS Process: PIN Method Wireless Client...
WPA-PSK (Pre-Shared Key: ThisismyWPA-PSKpre-sharedkey) Follow the steps below to configure the wireless settings on your NBG4604. The instructions require that your hardware is connected (see the Quick Start Guide) and you are logged into the Web Configurator through your LAN connection (see Section 3.3 on page...
Page 68
Note: We use the ZyXEL M-302 wireless adapter utility screens as an example for the wireless client. The screens may vary for different models. The NBG4604 supports IEEE 802.11b, IEEE 802.11g and IEEE 802.11n wireless clients. Make sure that your notebook or computer’s wireless adapter supports one of these standards.
Page 69
Figure 34 Connecting a Wireless Client to a Wireless Network t Select WPA-PSK and type the security key in the following screen. Click Next. Figure 35 Security Settings The Confirm Save window appears. Check your settings and click Save to continue. Figure 36 Confirm Save NBG4604 User’s Guide...
6.3 Bandwidth Management for your Network This section shows you how to configure the bandwidth management feature on the NBG4604 to limit the bandwidth for specific kinds of outgoing traffic. ZyXEL's bandwidth management feature allows you to specify bandwidth management rules based on an application or subnet.
Low. Note: You can also leave the Enable field blank for the rest of the applications. In doing so, the NBG4604 does not apply bandwidth management to these services. 6.3.2 Configuring Bandwidth Management by Custom...
TCP 7070 RTSP TCP or UDP 554 VDO LIVE TCP 7000 TCP 20 ~ 21 Click the Edit icon in Management > Bandwidth MGMT > Advanced to open the following screen. Figure 40 Tutorial: Bandwidth Allocation Example NBG4604 User’s Guide...
Page 73
Note: The Policy column displays either Max (maximum) or Min (minimum). This is directly directed to the value in the Rate column. For example, you selected Min and entered 30M as the rate for the VoIP service. The NBG4604 allocates at least 30 megabytes for the VoIP service.
Wireless LAN 7.1 Overview This chapter discusses how to configure the wireless network settings in your NBG4604. See the appendices for more detailed information about wireless networks. The following figure provides an example of a wireless network. Figure 42 Example of a Wireless Network The wireless network is the part in the blue circle.
• Use the WDS screen (Section 7.11 on page 96) to set the operating mode of your NBG4604 to AP + Bridge or Bridge Only and establish wireless links with other APs. 7.3 What You Should Know Every wireless network must follow these basic guidelines.
Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks. These kinds of wireless devices might not have MAC addresses. Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F. NBG4604 User’s Guide...
Page 80
When you select WPA2 or WPA2-PSK in your NBG4604, you can also select an option (WPA Compatible) to support WPA as well. In this case, if some wireless clients support WPA and some support WPA2, you should set up WPA2-PSK or NBG4604 User’s Guide...
Use this screen to enable the Wireless LAN, enter the SSID and select the wireless security mode. Note: If you are configuring the NBG4604 from a computer connected to the wireless LAN and you change the NBG4604’s SSID, channel or security settings, you will lose your wireless connection when you press Apply to confirm.
Page 82
This displays the channel the NBG4604 is currently using. Channel Channel Select whether the NBG4604 uses a wireless channel width of 20 or 40 Width MHz. A standard 20 MHz channel offers transfer speeds of up to 150Mbps whereas a 40MHz channel uses two standard channels and offers speeds of up to 300 Mbps.
Select No Security to allow wireless stations to communicate with the access points without any data encryption. Note: If you do not enable any wireless security on your NBG4604, your network is accessible to any wireless networking device that is within range.
Both the wireless stations and the access points must use the same WEP key. Your NBG4604 allows you to configure up to four 64-bit or 128-bit WEP keys but only one key can be enabled at any one time.
Page 85
WEP key to login to the wireless client. Keep this setting at Auto or Open System unless you want to force a key verification before communication between the wireless client and the ZyXEL Device occurs. Select Shared Key to force the clients to provide the WEP key prior to communication. NBG4604 User’s Guide...
Key 1 to Key 4 The WEP keys are used to encrypt data. Both the NBG4604 and the wireless stations must use the same WEP key for data transmission. If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal characters ("0-9", "A-F").
Click Reset to reload the previous configuration for this screen. 7.5 MAC Filter The MAC filter screen allows you to configure the NBG4604 to give exclusive access to up to 16 devices (Allow) or exclude up to 16 devices from accessing the NBG4604 (Deny).
Page 88
Chapter 7 Wireless LAN To change your NBG4604’s MAC filter settings, click Network > Wireless LAN > MAC Filter. The screen appears as shown. Figure 47 Network > Wireless LAN > MAC Filter The following table describes the labels in this menu.
This value can be set from 1 to 100. Preamble A preamble affects the timing in your wireless network. There are two preamble modes: long and short. If a device uses a different preamble mode than the NBG4604 does, it cannot communicate with the NBG4604. NBG4604 User’s Guide...
When set to Always, the NBG4604 improves performance within mixed wireless modes. Select Auto to let the NBG4604 determine whether to turn this feature on or off in the current environment. Tx Power This field controls the transmission power of the NBG4604. When using...
Page 91
LABEL DESCRIPTION WMM QoS Policy Select Default to have the NBG4604 automatically give a service a priority level according to the ToS value in the IP header of packets it sends. WMM QoS (Wifi MultiMedia Quality of Service) gives high priority to voice and video, which makes them run more smoothly.
Internet; rather, it is just one service on the Internet. Other services on the Internet include Internet Relay Chat and Newsgroups. The Web is accessed through use of a browser. • User-Defined User-defined services are user specific services configured using known ports and applications. NBG4604 User’s Guide...
Priority Select a priority from the drop-down list box. Apply Click Apply to save your changes back to the NBG4604. Cancel Click Cancel to return to the previous screen. 7.8 WPS Screen Use this screen to enable/disable WPS, view or generate a new PIN number and check current WPS status.
This displays Unconfigured if WPS is disabled and there are no wireless or wireless security changes on the NBG4604 or you click Release_Configuration to remove the configured wireless and wireless security settings.
LAN scheduling is disabled by default. The wireless LAN can be scheduled to turn on or off on certain days and at certain times. To open this screen, click Network > Wireless LAN > Scheduling tab. Figure 53 Network > Wireless LAN > Scheduling NBG4604 User’s Guide...
A Wireless Distribution System is a wireless connection between two or more APs. Use this screen to set the operating mode of your NBG4604 to AP + Bridge or Bridge Only and establish wireless links with other APs. You need to know the MAC address of the peer device, which also must be in bridge mode.
Page 97
Phy Mode Select a WDS physical layer transceiver mode. Remote MAC This is the MAC address of the peer device that your NBG4604 wants to Address make a bridge connection with. You can connect to up to 4 peer devices.
Chapter 7 Wireless LAN 7.11.1 Security Mode: Static WEP Use this screen to configure the Static WEP security for your NBG4604 when it is in AP + Bridge or Bridge Only mode. Figure 55 Network > Wireless LAN > WDS (Static WEP) The following table describes the labels in this screen.
The NBG4604 authenticates wireless clients using Shared Key mode that have the correct WEP key. ASCII/HEX The WEP keys are used to encrypt data. Both the NBG4604 and the wireless stations must use the same WEP key for data transmission. Keys 1 to 4t If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal characters ("0-9", "A-F").
Page 100
Table 35 on page for descriptions of other fields in this screen. Table 37 Network > Wireless LAN > WDS (WPA-PSK/WPA2-PSK) LABEL DESCRIPTION Pre-Shared Key Type a pre-shared key from 8 to 63 case-sensitive ASCII characters (including spaces and symbols). NBG4604 User’s Guide...
H A P T E R 8.1 Overview This chapter discusses the NBG4604’s WAN screens. Use these screens to configure your NBG4604 for Internet access. A WAN (Wide Area Network) connection is an outside connection to another network or the Internet. It connects your private networks (such as a LAN (Local Area Network) and other networks, so that a computer in one location can communicate with computers in other locations.
(and service name) for user authentication. WAN IP Address The WAN IP address is an IP address for the NBG4604, which makes it accessible from an outside network. It is used by the NBG4604 to communicate with other devices in other networks. It can be static (fixed) or dynamically assigned by the ISP each time the NBG4604 tries to access the Internet.
NBG4604 supports both IGMP version 1 (IGMP-v1) and IGMP version 2 (IGMP- v2). At start up, the NBG4604 queries all directly connected networks to gather group membership. After that, the NBG4604 periodically updates this information. IP multicasting can be enabled/disabled on the NBG4604 LAN and/or WAN interfaces in the Web Configurator (LAN;...
WAN in order to find a computer on the WAN. 8.3.4 Auto-Bridge In the rear panel of your NBG4604, you can see four LAN ports (1 to 4) and one WAN port. The WAN port is for your Internet access connection, and the LAN ports are for your network devices.
Chapter 8 WAN 8.4 Internet Connection Use this screen to change your NBG4604’s Internet access settings. Click Network > WAN. The screen differs according to the encapsulation you choose. 8.4.1 Ethernet Encapsulation This screen displays when you select Ethernet encapsulation.
DNS Servers First DNS Server Select From ISP if your ISP dynamically assigns DNS server information (and the NBG4604's WAN IP address). The field to the right Second DNS displays the (read-only) DNS server IP address that the ISP assigns.
Page 107
By implementing PPPoE directly on the NBG4604 (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the NBG4604 does that part of the task. Furthermore, with NAT, all of the LANs’ computers will have access.
DNS Servers First DNS Select From ISP if your ISP dynamically assigns DNS server information Server (and the NBG4604's WAN IP address). The field to the right displays the (read-only) DNS server IP address that the ISP assigns. Second DNS Server Select User-Defined if you have the IP address of a DNS server.
Page 109
PPTP supports on-demand, multi-protocol, and virtual private networking over public networks, such as the Internet. The NBG4604 supports only one PPTP server connection at any given time. To configure a PPTP client, you must configure the User Name and Password fields for a PPP connection and the PPTP parameters for a PPTP connection.
Page 110
DNS Servers First DNS Server Select From ISP if your ISP dynamically assigns DNS server information (and the NBG4604's WAN IP address). The field to the Second DNS Server right displays the (read-only) DNS server IP address that the ISP assigns.
Use this screen to enable Multicast, allow Windows Networking and enable Auto-bridge. Note: The three categories shown in this screen are independent of each other. To change your NBG4604’s advanced WAN settings, click Network > WAN > Advanced. The screen appears as shown. Figure 63 Network > WAN > Advanced...
Page 112
Select this option to allow NetBIOS packets to initiate calls. Auto-bridge Enable Auto-bridge Select this option to have the NBG4604 switch to bridge mode mode automatically when the NBG4604 gets a WAN IP address in the range of 192.168.x.y (where x and y are from zero to nine) no matter what the LAN IP address is.
Figure 64 LAN Setup The LAN screens can help you configure a LAN DHCP server and manage IP addresses. 9.2 What You Can Do Use the IP screen (Section 9.4 on page 115) to change your basic LAN settings. NBG4604 User’s Guide...
WAN network as shown next. Figure 65 LAN and WAN IP Addresses The LAN parameters of the NBG4604 are preset in the factory with the following values: • IP address of 192.168.1.1 with subnet mask of 255.255.255.0 (24 bits) •...
Table 42 Network > LAN > IP LABEL DESCRIPTION Get from DHCP Select this to have your NBG4604 receive its IP address automatically Server from a DHCP server. User Defined LAN Select this to manually enter the IP address and Subnet Mask as they were provided to you by your network administrator.
TCP/IP configuration at start-up from a server. You can configure the NBG4604’s LAN as a DHCP server or disable it. When configured as a server, the NBG4604 provides the TCP/IP configuration for the clients. If DHCP service is disabled, you must have another DHCP server on your LAN, or else the computer must be manually configured.
Leave the Enable DHCP Server check box selected unless your ISP instructs you to do otherwise. Clear it to disable the NBG4604 acting as a DHCP server. When configured as a server, the NBG4604 provides TCP/IP configuration for the clients.
Page 119
Chapter 10 DHCP Server To change your NBG4604’s static DHCP settings, click Network > DHCP Server > Advanced. The following screen displays. Figure 68 Network > DHCP Server > Advanced The following table describes the labels in this screen. Table 44 Network > DHCP Server > Advanced...
User-Defined, and enter the same IP address, the second User- Defined changes to None after you click Apply. Select DNS Relay to have the NBG4604 act as a DNS proxy. The NBG4604's LAN IP address displays in the field to the right (read- only).
Page 121
Reserve Select this check box in the DHCP Setup section to have the NBG4604 always assign the IP address(es) to the MAC address(es) (and host name(s)). After you click Apply, the MAC address and IP address also display in the Advanced screen (where you can edit them).
Page 122
Chapter 10 DHCP Server NBG4604 User’s Guide...
It replaces the original IP source address in each packet and then forwards it to the Internet. The NBG4604 keeps track of the original addresses and port numbers so incoming reply packets can have their original values restored. The following figure illustrates this.
Chapter 11 Network Address Translation (NAT) Note: You must create a firewall rule in addition to setting up NAT, to allow traffic from the WAN to be forwarded through the NBG4604. 11.2 What You Can Do • Use the General screen (Section 11.3 on page...
Network > NAT > Application. The screen appears as shown. Note: If you do not assign a Default Server IP address in the NAT > General screen, the NBG4604 discards all packets received for ports that are not specified in this screen or remote management.
Page 126
Port field. Apply Click Apply to save your changes to the Application Rules Summary table. Reset Click Reset to not save and return your new changes in the Service Name and Port fields to the previous one. NBG4604 User’s Guide...
Page 127
This field displays the inside IP address of the server. Address Modify Click the Edit icon to display and modify an existing rule setting in the fields under Add Application Rule. Click the Remove icon to delete a rule. NBG4604 User’s Guide...
(a "trigger" port). When the NBG4604's WAN port receives a response with a specific port number and protocol ("incoming" port), the NBG4604 forwards the traffic to the LAN IP address of the computer that sent the request. After that computer’s connection for that service closes, another computer on the LAN can use the service in the same manner.
Trigger The trigger port is a port (or a range of ports) that causes (or triggers) the NBG4604 to record the IP address of the LAN computer that sent the traffic to a server on the WAN. Start Port Type a port number or the starting port number in a range of port numbers.
Chapter 11 Network Address Translation (NAT) Port 7070 is a “trigger” port and causes the NBG4604 to record Jane’s computer IP address. The NBG4604 associates Jane's computer IP address with the "incoming" port range of 6970-7170. The Real Audio server responds using a port number ranging between 6970-7170.
Use the Dynamic DNS screen (Section 12.4 on page 132) to enable DDNS and configure the DDNS settings on the NBG4604. 12.3 What You Need To Know Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU- SeeMe, etc.).
Chapter 12 Dynamic DNS 12.4 Dynamic DNS Screen To change your NBG4604’s DDNS, click Network > DDNS. The screen appears as shown. Figure 75 Network > Dynamic DNS The following table describes the labels in this screen. Table 49 Network > Dynamic DNS...
Page 133
Type the IP address of the host name(s). Use this if you have a Address static IP address. Apply Click Apply to save your changes back to the NBG4604. Reset Click Reset to begin configuring this screen afresh. NBG4604 User’s Guide...
Page 134
Chapter 12 Dynamic DNS NBG4604 User’s Guide...
H A P T E R Firewall 13.1 Overview Use these screens to enable and configure the firewall that protects your NBG4604 and your LAN from unwanted or malicious traffic. Enable the firewall to protect your LAN computers from attacks by hackers on the Internet and control access between the LAN and WAN.
Internet. This allows it to act as a secure gateway for all data passing between the Internet and the LAN. The NBG4604 has one Ethernet WAN port and four Ethernet LAN ports, which are used to physically separate the network into two areas.The WAN (Wide Area Network) port attaches to the broadband (cable or DSL) modem to the Internet.
Chapter 13 Firewall 13.4 General Firewall Screen Use this screen to enable or disable the NBG4604’s firewall, and set up firewall logs. Click Security > Firewall to open the General screen. Figure 77 Security > Firewall > General The following table describes the labels in this screen.
Page 138
The NBG4604 stops computers on the WAN from managing the NBG4604 or using the NBG4604 as a gateway to communicate with other computers on the WAN. This is your firewall rule number. The ordering of your rules is important as rules are applied in turn.
Port Range Enter a single port number or the range of port numbers of the destination. Apply Click Apply to save the settings. Reset Click Reset to start configuring this screen again. NBG4604 User’s Guide...
Chapter 13 Firewall 13.6 Services Screen If an outside user attempts to probe an unsupported port on your NBG4604, an ICMP response packet is automatically returned. This allows the outside user to know the NBG4604 exists. Use this screen to prevent the ICMP response packet from being sent.
Page 141
Chapter 13 Firewall Table 53 Security > Firewall > Services LABEL DESCRIPTION Apply Click Apply to save the settings. Reset Click Reset to start configuring this screen again. NBG4604 User’s Guide...
14.3.1 Content Filtering Profiles A content filtering profile conveniently stores your custom settings for the following features. Restrict Web Features The NBG4604 can disable web proxies and block web features such as ActiveX controls, Java applets and cookies. NBG4604 User’s Guide...
URL www.zyxel.com.tw/news/pressroom.php, the file path is news/pressroom.php. Since the NBG4604 checks the URL’s domain name (or IP address) and file path separately, it will not find items that go across the two. For example, with the URL www.zyxel.com.tw/news/pressroom.php, the NBG4604 would find “tw”...
Domain Name or IP Address URL Checking By default, the NBG4604 checks the URL’s domain name or IP address when performing keyword blocking. This means that the NBG4604 checks the characters that come before the first slash in the URL.
Page 146
(or not extend) the keyword blocking search to include the URL's full path. File Name URL Checking Filename URL checking has the NBG4604 check all of the characters in the URL. For example, filename URL checking searches for keywords within the URL www.zyxel.com.tw/news/pressroom.php.
NBG4604 knows about network N2 in the following figure through remote node Router 1. However, the NBG4604 is unable to route a packet to network N3 because it doesn't know that there is a route through the same remote node Router 1 (via gateway Router 2).
NBG4604 that will forward the packet to the destination. On the LAN, the gateway must be a router on the same segment as your NBG4604; over the WAN, the gateway must be the IP address of one of the remote nodes.
NBG4604 that will forward the packet to the destination. On the LAN, the gateway must be a router on the same segment as your NBG4604; over the WAN, the gateway must be the IP address of one of the Remote Nodes.
• Use the General screen (Section 16.4 on page 152) to enable bandwidth management and assign uplink/downlink limits. • Use the Advanced screen (Section 16.5 on page 153) to configure bandwidth management rules for the pre-defined services and applications. NBG4604 User’s Guide...
Note: You cannot apply both bandwidth management types at the same time. Click Management > Bandwidth MGMT to open the bandwidth management General screen. Figure 86 Management > Bandwidth MGMT > General NBG4604 User’s Guide...
The following table describes the labels in this screen. Table 57 Management > Bandwidth MGMT > General LABEL DESCRIPTION Service Management Bandwidth This field allows you to have NBG4604 apply bandwidth management. Management Select Priority Queue or Bandwidth Allocation to enable Type bandwidth management. •...
Page 154
LABEL DESCRIPTION Priority Queue Local IP Enter the IP address of the computer to which bandwidth management Address does not apply. Priority Queue Use this table to allocate specific amounts of bandwidth based on the pre-defined service. NBG4604 User’s Guide...
Page 155
LABEL DESCRIPTION This is the number of an individual bandwidth management rule. Enable Select this check box to have the NBG4604 apply this bandwidth management rule. Service This is the name of the service. You can also enter the name (up to 10 keyboard characters) of a service you want to add in the priority queue (for example, Messenger).
To WAN applies bandwidth management to traffic from LAN/WLAN to WAN (i.e., uplink). Select Both applies bandwidth management to traffic that the NBG4604 forwards to both the LAN and the WAN. LAN IP Range Specify the range of IP addresses for which the bandwidth management rule applies.
Its primary function is to allow users to log into remote host systems. Telnet uses port 23. E-Mail Electronic mail consists of messages sent through a computer network to specific groups or individuals. Here are some default ports for e-mail: POP3 - port 110 SMTP - port 25 NBG4604 User’s Guide...
Online gaming services lets you play multiplayer games on the Internet via broadband technology. One example is Microsoft’s Xbox Live, which uses port 3074. As of this writing, your NBG4604 supports Xbox, Playstation, Battlenet and MSN Game Zone. 16.5.4 Services and Port Numbers Appendix E on page 261 for commonly used services and port numbers.
IP address(es) users can use FTP to access the NBG4604. • Your NBG4604 can act as an SNMP agent, which allows a manager station to manage and monitor the NBG4604 through the network. Use the SNMP screen (see Section 17.7 on page...
You have disabled that service in one of the remote management screens. The IP address in the Secured Client IP Address field does not match the client IP address. If it does not match, the NBG4604 will disconnect the session immediately.
A secured client is a “trusted” computer that is allowed to communicate IP Address with the NBG4604 using this service. Select All to allow any computer to access the NBG4604 using this service. Choose Selected to just allow the computer with the IP address that you specify to access the NBG4604 using this service.
Click Reset to begin configuring this screen afresh. 17.6 The FTP Screen You can use FTP (File Transfer Protocol) to upload and download the NBG4604’s firmware and configuration files. Please see the User’s Guide chapter on firmware NBG4604 User’s Guide...
FTP client. Use this screen to specify which interfaces allow FTP access and from which IP address the access can come. To change your NBG4604’s FTP settings, click Management > Remote MGMT > FTP. The screen appears as shown.
Page 164
An agent is a management software module that resides in a managed device (the NBG4604). An agent translates the local management information from the managed device into a form compatible with SNMP. The manager is the console through which network administrators perform network management functions. It executes applications that control and monitor managed devices.
Server Port The SNMP agent listens on port 161 by default. If you change the SNMP server port to a different number on the NBG4604, for example 8161, then you must notify people who need to access the NBG4604 SNMP agent to use the same port.
Click Reset to begin configuring this screen afresh. 17.8 The ACS Screen An administrator can use an ACS to remotely set up the NBG4604, modify its settings, perform firmware upgrades, and monitor and diagnose it. In order to do so, you must enable the TR-069 feature on your NBG4604 and then configure it appropriately.
Internet. 17.9 ACS Screen The ACS screen allows you to set up the ACS server information on your NBG4604 so it can be remotely updated. Only use information provided by your network administrator.
Page 168
DESCRIPTION ACS Server Setup Enter the URL of the ACS server. Account Name Enter the login name used by the NBG4604 to log into the ACS server. Password Enter the password for the account used to log into the ACS server.
Page 169
Enter the product class if this was provided by the network adminstrator. Otherwise, leave it at its default setting. Model Name This displays the model name. In this case, it is ‘NBG4604’ and cannot be edited. Device Connection Request Username Enter the username required for the ACS server to connect directly to the NBG4604.
TR-069 is an abbreviation of “Technical Reference 069”, a protocol designed to facilitate the remote management of Customer Premise Equipement (CPE), such as the NBG4604. It can be managed over a WAN by means of an Auto Configuration Server (ACS). TR-069 is based on sending Remote Procedure Calls (RPCs) between the ACS and the client device.
UPnP NAT traversal automates the process of allowing an application to operate through NAT. UPnP network devices can automatically configure network addressing, announce their presence in the network to other UPnP devices and enable exchange of simple product and service descriptions. NAT traversal allows the following: NBG4604 User’s Guide...
When a UPnP device joins a network, it announces its presence with a multicast message. For security reasons, the NBG4604 allows multicast messages on the LAN only. All UPnP-enabled devices may communicate freely with each other without additional configuration.
This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the NBG4604. Make sure the computer is connected to a LAN port of the NBG4604. Turn on your computer and the NBG4604.
Page 174
Chapter 18 Universal Plug-and-Play (UPnP) Right-click the icon and select Properties. Figure 98 Network Connections In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created. Figure 99 Internet Connection Properties NBG4604 User’s Guide...
Page 175
Note: When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. Select Show icon in notification area when connected option and click OK. An icon displays in the system tray. Figure 102 System Tray Icon NBG4604 User’s Guide...
18.5.2 Web Configurator Easy Access With UPnP, you can access the web-based configurator on the NBG4604 without finding out the IP address of the NBG4604 first. This comes helpful if you do not know the IP address of the NBG4604.
Page 177
Figure 104 Network Connections An icon with the description for each UPnP-enabled device displays under Local Network. Right-click on the icon for your NBG4604 and select Invoke. The Web Configurator login screen displays. Figure 105 Network Connections: My Network Places...
Page 178
Chapter 18 Universal Plug-and-Play (UPnP) Right-click on the icon for your NBG4604 and select Properties. A properties window displays with basic information about the NBG4604. Figure 106 Network Connections: My Network Places: Properties: Example NBG4604 User’s Guide...
NBG4604’s time and date. 19.3 System General Screen Use this screen to enter a name to identify the NBG4604 in the network and set the password. Click Maintenance > System. The following screen displays. Figure 107 Maintenance > System > General...
Page 180
DESCRIPTION System Setup System Name System Name is a unique name to identify the NBG4604 in an Ethernet network. It is recommended you enter your computer’s “Computer name” in this field (see the chapter about wizard setup for how to find your computer’s name).
Chapter 19 System 19.4 Time Setting Screen To change your NBG4604’s time and date, click Maintenance > System > Time Setting. The screen appears as shown. Use this screen to configure the NBG4604’s time based on your local time zone.
Page 182
When you set Time and Date Setup to Manual, enter the new date in this field and then click Apply. Get from Time Select this radio button to have the NBG4604 get the time and date Server from the time server you specified below.
Page 183
Germany for instance, you would type 2 because Germany's time zone is one hour ahead of GMT or UTC (GMT+1). Apply Click Apply to save your changes back to the NBG4604. Reset Click Reset to begin configuring this screen afresh.
Page 184
Chapter 19 System NBG4604 User’s Guide...
20.1 Overview This chapter contains information about configuring general log settings and viewing the NBG4604’s logs. The Web Configurator allows you to look at all of the NBG4604’s logs in one location. 20.2 What You Can Do • Use the View Log screen (Section 20.4 on page...
Chapter 20 Logs 20.4 View Log Screen Use the View Log screen to see the logged messages for the NBG4604. Options include logs about system maintenance, system errors, access control, allowed or blocked web sites, blocked web features (such as ActiveX controls, Java and cookies), attacks (such as DoS) and IPSec.
Chapter 20 Logs 20.5 Log Settings Screen Use this screen to send copies of the NBG4604 syslog files to a dedicated syslog server. For information on setting up a syslog server, consult the documentation that came with your syslog server product.
(usually) uses the system model name with a “*.bin” extension, e.g., “NBG4604.bin”. The upload process uses HTTP (Hypertext Transfer Protocol) and may take up to two minutes. After a successful upload, the system will reboot.
Page 190
Click Upload to begin the upload process. This process may take up to two minutes. Note: Do not turn off the NBG4604 while firmware upload is in progress! After you see the Firmware Upload In Process screen, wait two minutes before logging into the NBG4604 again.
Page 191
Chapter 21 Tools The NBG4604 automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 113 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen.
21.4.1 Backup Configuration Backup configuration allows you to back up (save) the NBG4604’s current configuration to a file on your computer. Once your NBG4604 is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes. The backup configuration file will be useful in case you need to return to your previous settings.
Upload Click Upload to begin the upload process. Note: Do not turn off the NBG4604 while configuration file upload is in progress After you see a “configuration upload successful” screen, you must then wait one minute before logging into the NBG4604 again.
Configurator for more information on the RESET button. 21.5 Restart Screen System restart allows you to reboot the NBG4604 without turning the power off. Click Maintenance > Tools > Restart. Click Restart to have the NBG4604 reboot. This does not affect the NBG4604's configuration.
22.1 Overview The Sys OP Mode (System Operation Mode) function lets you configure whether your NBG4604 is a router or AP. You can choose between Router Mode and AP Mode depending on your network topology and the features you require from your device. See Section 1.1 on page...
An AP extends one network and so has just one IP address. All Ethernet ports on the AP have the same IP address. To connect to the Internet, another device, such as a router, is required. Figure 121 IP Address in AP Mode NBG4604 User’s Guide...
• The DHCP server on your device is disabled. In AP mode there must be a device with a DHCP server on your network such as a router or gateway which can allocate IP addresses. The IP address of the device on the local network is set to 192.168.1.2. NBG4604 User’s Guide...
Page 198
Select Access Point if your device bridges traffic between clients on the same network. Apply Click Apply to save your settings. Reset Click Reset to return your settings to the default (Router) Note: If you select the incorrect System Operation Mode you cannot connect to the Internet. NBG4604 User’s Guide...
H A P T E R Language 23.1 Language Screen Use this screen to change the language for the Web Configurator display. Click the language you prefer. The Web Configurator language changes after a while without restarting the NBG4604. Figure 125 Language NBG4604 User’s Guide...
Page 200
Chapter 23 Language NBG4604 User’s Guide...
Make sure you are using the power adaptor or cord included with the NBG4604. Make sure the power adaptor or cord is connected to the NBG4604 and plugged in to an appropriate power source. Make sure the power source is turned on.
IP address from a DHCP server on the network. If your NBG4604 is a DHCP client, you can find your IP address from the DHCP server. This information is only available from the DHCP server which allocates IP addresses on your network.
Page 203
Appendix B on page 223. Make sure your computer is in the same subnet as the NBG4604. (If you know that there are routers between your computer and the NBG4604, skip this step.) • If there is a DHCP server on your network, make sure your computer is using a dynamic IP address.
AP. • Go to Network > Wireless LAN > General > WDS and check if the NBG4604 is set to bridge mode. Select Disable and try to connect to the Internet again.
24.4 Resetting the NBG4604 to Its Factory Defaults If you reset the NBG4604, you lose all of the changes you have made. The NBG4604 re-loads its default settings, and the password resets to 1234. You have to make all of your changes again.
Chapter 24 Troubleshooting Press the RESET button for longer than 1 second to restart/reboot the NBG4604. Press the RESET button for longer than five seconds to set the NBG4604 back to its factory-default configurations. If the NBG4604 restarts automatically, wait for the NBG4604 to finish restarting, and log in to the Web Configurator.
Page 207
When you change from router mode to AP mode, your computer must have an IP address in the range between “192.168.1.3” and “192.168.1.254”. Refer to Appendix C on page 231 for instructions on how to change your computer’s IP address. NBG4604 User’s Guide...
Auto-crossover: Use either crossover or straight-through Ethernet cables. 4-5 Port Switch A combination of switch and router makes your NBG4604 a cost- effective and viable network solution. You can add up to four computers to the NBG4604 without the cost of a hub when connecting to the Internet through the WAN port.
Page 210
Configuration Backup & Make a copy of the NBG4604’s configuration and put it back on Restoration the NBG4604 later if you decide you want to revert back to an earlier configuration. Network Address Each computer on your network must have its own unique IP Translation (NAT) address.
Time and Date Get the current time and date from an external server when you turn on your NBG4604. You can also set the time manually. These dates and times are then used in logs. Port Forwarding If you have a server (mail or web server for example) on your network, then use this feature to let people access it from the Internet.
Page 212
Make sure the screws are snugly fastened to the wall. They need to hold the weight of the NBG4604 with the connection cables. Align the holes on the back of the NBG4604 with the screws on the wall. Hang the NBG4604 on the screws.
192.168.1.1). Each of these four parts is known as an octet. An octet is an eight-digit binary number (for example 11000000, which is 192 in decimal notation). Therefore, each octet has a possible range of 00000000 to 11111111 in binary, or 0 to 255 in decimal. NBG4604 User’s Guide...
ID of an IP address (192.168.1.2 in decimal). Table 76 Subnet Mask - Identifying Network Number OCTET: OCTET: OCTET: OCTET (192) (168) IP Address (Binary) 11000000 10101000 00000001 00000010 Subnet Mask (Binary) 11111111 11111111 11111111 00000000 NBG4604 User’s Guide...
Page 215
An IP address with host IDs of all zeros is the IP address of the network (192.168.1.0 with a 24-bit subnet mask, for example). An IP address with host IDs of all ones is the broadcast address for that network (192.168.1.255 with a 24-bit subnet mask, for example). NBG4604 User’s Guide...
Page 217
You can “borrow” one of the host ID bits to divide the network 192.168.1.0 into two separate sub-networks. The subnet mask is now 25 bits (255.255.255.128 or /25). The “borrowed” host ID bit can have a value of either 0 or 1, allowing two subnets; 192.168.1.0 /25 and 192.168.1.128 /25. NBG4604 User’s Guide...
Page 218
Similarly, to divide a 24-bit address into four subnets, you need to “borrow” two host ID bits to give four possible combinations (00, 01, 10 and 11). The subnet mask is 26 bits (11111111.11111111.11111111.11000000) or 255.255.255.192. NBG4604 User’s Guide...
Page 219
Lowest Host ID: 192.168.1.129 192.168.1.128 Broadcast Address: Highest Host ID: 192.168.1.190 192.168.1.191 Table 83 Subnet 4 LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001 11000000 Subnet Mask (Binary) 11111111.11111111.11111111 11000000 NBG4604 User’s Guide...
Page 220
The following table is a summary for subnet planning on a network with a 24-bit network number. Table 85 24-bit Network Number Subnet Planning NO. “BORROWED” NO. HOSTS PER SUBNET MASK NO. SUBNETS HOST BITS SUBNET 255.255.255.128 (/25) 255.255.255.192 (/26) 255.255.255.224 (/27) 255.255.255.240 (/28) 255.255.255.248 (/29) 255.255.255.252 (/30) 255.255.255.254 (/31) NBG4604 User’s Guide...
Network Address Translation (NAT) on the NBG4604. Once you have decided on the network number, pick an IP address for your NBG4604 that is easy to remember (for instance, 192.168.1.1) but make sure that no other device on your network is using that IP address.
Page 222
Appendix A IP Addresses and Subnetting that you entered. You don't need to change the subnet mask computed by the NBG4604 unless you are instructed to do otherwise. Private IP Addresses Every machine on the Internet must have a unique address. If your networks are isolated from the Internet (running only between two branch offices, for example) you can assign any IP addresses to the hosts without problems.
Disable pop-up Blockers In Internet Explorer, select Tools, Pop-up Blocker and then select Turn Off Pop-up Blocker. Figure 131 Pop-up Blocker You can also check if pop-up blocking is disabled in the Pop-up Blocker section in the Privacy tab. NBG4604 User’s Guide...
Page 224
Click Apply to save this setting. Enable pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. In Internet Explorer, select Tools, Internet Options and then the Privacy tab. NBG4604 User’s Guide...
Page 225
Select Settings…to open the Pop-up Blocker Settings screen. Figure 133 Internet Options: Privacy Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. NBG4604 User’s Guide...
Page 226
Figure 134 Pop-up Blocker Settings Click Close to return to the Privacy screen. Click Apply to save this setting. JavaScript If pages of the Web Configurator do not display properly in Internet Explorer, check that JavaScript are allowed. NBG4604 User’s Guide...
Page 227
Figure 135 Internet Options: Security Click the Custom Level... button. Scroll down to Scripting. Under Active scripting make sure that Enable is selected (the default). Under Scripting of Java applets make sure that Enable is selected (the default). NBG4604 User’s Guide...
Page 228
Figure 136 Security Settings - Java Scripting Java Permissions From Internet Explorer, click Tools, Internet Options and then the Security tab. Click the Custom Level... button. Scroll down to Microsoft VM. Under Java permissions make sure that a safety level is selected. NBG4604 User’s Guide...
Page 229
Click OK to close the window. Figure 137 Security Settings - Java JAVA (Sun) From Internet Explorer, click Tools, Internet Options and then the Advanced tab. Make sure that Use Java 2 for <applet> under Java (Sun) is selected. NBG4604 User’s Guide...
Page 230
Appendix B Pop-up Windows, JavaScript and Java Permissions Click OK to close the window. Figure 138 Java (Sun) NBG4604 User’s Guide...
"communicate" with your network. If you manually assign IP information instead of using dynamic assignment, make sure that your computers have IP addresses that place them in the same subnet as the Prestige’s LAN port. NBG4604 User’s Guide...
Page 232
In the Network window, click Add. Select Adapter and then click Add. Select the manufacturer and model of your network adapter and then click OK. If you need TCP/IP: In the Network window, click Add. Select Protocol and then click Add. NBG4604 User’s Guide...
Page 233
• If your IP address is dynamic, select Obtain an IP address automatically. • If you have a static IP address, select Specify an IP address and type your information into the IP Address and Subnet Mask fields. Figure 140 Windows 95/98/Me: TCP/IP Properties: IP Address NBG4604 User’s Guide...
Page 234
Click OK to close the Network window. Insert the Windows CD if prompted. Turn on your Prestige and restart your computer when prompted. Verifying Settings Click Start and then Run. In the Run window, type "winipcfg" and then click OK to open the IP Configuration window. NBG4604 User’s Guide...
Page 235
Select your network adapter. You should see your computer's IP address, subnet mask and default gateway. Windows 2000/NT/XP The following example figures use the default Windows XP GUI theme. Click start (Start in Windows 2000/NT), Settings, Control Panel. Figure 142 Windows XP: Start Menu NBG4604 User’s Guide...
Page 236
In the Control Panel, double-click Network Connections (Network and Dial- up Connections in Windows 2000/NT). Figure 143 Windows XP: Control Panel Right-click Local Area Connection and then click Properties. Figure 144 Windows XP: Control Panel: Network Connections: Properties NBG4604 User’s Guide...
Page 237
• If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields. NBG4604 User’s Guide...
Page 238
Gateway. To manually configure a default metric (the number of transmission hops), clear the Automatic metric check box and type a metric in Metric. • Click Add. • Repeat the previous three steps for each default gateway you want to add. NBG4604 User’s Guide...
Page 239
• Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields. NBG4604 User’s Guide...
Page 240
Click Start, All Programs, Accessories and then Command Prompt. In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can also open Network Connections, right-click a network connection, click Status and then click the Support tab. NBG4604 User’s Guide...
Page 241
Appendix C Setting up Your Computer’s IP Address Macintosh OS 8/9 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/ IP Control Panel. Figure 149 Macintosh OS 8/9: Apple Menu NBG4604 User’s Guide...
Page 242
Close the TCP/IP Control Panel. Click Save if prompted, to save changes to your configuration. Turn on your Prestige and restart your computer (if prompted). Verifying Settings Check your TCP/IP properties in the TCP/IP Control Panel window. NBG4604 User’s Guide...
• Select Automatic from the Location list. • Select Built-in Ethernet from the Show list. • Click the TCP/IP tab. For dynamically assigned settings, select Using DHCP from the Configure list. Figure 152 Macintosh OS X: Network NBG4604 User’s Guide...
Page 244
Follow the steps below to configure your computer IP address using the KDE. Click the Red Hat button (located on the bottom left corner), select System Setting and click Network. Figure 153 Red Hat 9.0: KDE: Network Configuration: Devices NBG4604 User’s Guide...
Page 245
Click OK to save the changes and close the Ethernet Device General screen. If you know your DNS server IP address(es), click the DNS tab in the Network Configuration screen. Enter the DNS server information in the fields provided. Figure 155 Red Hat 9.0: KDE: Network Configuration: DNS NBG4604 User’s Guide...
Page 246
• If you have a dynamic IP address, enter dhcp in the BOOTPROTO= field. The following figure shows an example. Figure 157 Red Hat 9.0: Dynamic IP Address Setting in ifconfig-eth0 DEVICE=eth0 ONBOOT=yes BOOTPROTO=dhcp USERCTL=no PEERDNS=yes TYPE=Ethernet NBG4604 User’s Guide...
Page 247
Figure 160 Red Hat 9.0: Restart Ethernet Card [root@localhost init.d]# network restart Shutting down interface eth0: [OK] Shutting down loopback interface: [OK] Setting network parameters: [OK] Bringing up loopback interface: [OK] Bringing up interface eth0: [OK] NBG4604 User’s Guide...
(AP). Intra-BSS traffic is traffic between wireless stations in the BSS. When Intra-BSS is enabled, wireless station A and B can access the wired network and communicate NBG4604 User’s Guide...
Page 250
This wired connection between APs is called a Distribution System (DS). This type of wireless LAN topology is called an Infrastructure WLAN. The Access Points not only provide communication with the wired network but also mediate wireless network traffic in the immediate neighborhood. NBG4604 User’s Guide...
Page 251
A hidden node occurs when two stations are within range of the same access point, but are not within range of each other. The following figure illustrates a hidden node. Both stations (STA) are within range of the access point (AP) or NBG4604 User’s Guide...
Page 252
RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. Note: Enabling the RTS Threshold causes redundant network overhead that could negatively affect the throughput performance instead of providing a remedy. NBG4604 User’s Guide...
IEEE 802.11g is fully compatible with the IEEE 802.11b standard. This means an IEEE 802.11b adapter can interface directly with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range. IEEE 802.11g has NBG4604 User’s Guide...
Page 254
• Accounting Keeps track of the client’s network activity. RADIUS is a simple package exchange in which your AP acts as a message relay between the wireless station and the network RADIUS server. NBG4604 User’s Guide...
Page 255
The wireless station ‘proves’ that it knows the password by encrypting the password with the challenge and sends back the information. Password is not sent in plain text. NBG4604 User’s Guide...
Page 256
The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless connection times out, disconnects or reauthentication times out. A new WEP key is generated each time reauthentication is performed. NBG4604 User’s Guide...
Page 257
Temporal Key Integrity Protocol (TKIP) uses 128-bit keys that are dynamically generated and distributed by the authentication server. It includes a per-packet key mixing function, a Message Integrity Check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. NBG4604 User’s Guide...
Page 258
If the AP or the wireless clients do not support WPA2, just use WPA or WPA-PSK depending on whether you have an external RADIUS server or not. Select WEP only when the AP and/or wireless clients do not support WPA or WPA2. WEP is less secure than WPA or WPA2. NBG4604 User’s Guide...
The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then sets up a key hierarchy and management system, using the pair-wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients. NBG4604 User’s Guide...
Page 260
PROTOCOL Open None Disable Enable without Dynamic WEP Open Enable with Dynamic WEP Enable without Dynamic WEP Disable Shared Enable with Dynamic WEP Enable without Dynamic WEP Disable TKIP Enable WPA-PSK TKIP Enable WPA2 Enable WPA2-PSK Enable NBG4604 User’s Guide...
IP numbers. User-Defined The IPSEC ESP (Encapsulation (IPSEC_TUNNEL) Security Protocol) tunneling protocol uses this service. FINGER Finger is a UNIX or Internet related command that can be used to find out if a user is logged on. NBG4604 User’s Guide...
Page 262
Network News Transport Protocol is the delivery mechanism for the USENET newsgroup service. PING User-Defined Packet INternet Groper is a protocol that sends out ICMP echo requests to test whether or not a remote host is reachable. NBG4604 User’s Guide...
Page 263
Program. SNMP-TRAPS TCP/UDP Traps for use with the SNMP (RFC:1215). SQL-NET 1521 Structured Query Language is an interface to access data on many different types of database systems, including mainframes, midrange systems, UNIX systems and network servers. NBG4604 User’s Guide...
Page 264
Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). VDOLIVE 7000 A videoconferencing solution. The UDP port number is specified in the user- application. defined NBG4604 User’s Guide...
Open Software Announcements End-User License Agreement for “NBG4604” WARNING: ZyXEL Communications Corp. IS WILLING TO LICENSE THE SOFTWARE TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS LICENSE AGREEMENT. PLEASE READ THE TERMS CAREFULLY BEFORE COMPLETING THE INSTALLATION PROCESS AS INSTALLING THE SOFTWARE WILL INDICATE YOUR ASSENT TO THEM.
Page 266
INSPECT AND AUDIT YOUR RECORDS TO ENSURE YOUR COMPLIANCE WITH THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT. Termination This License Agreement is effective until it is terminated. You may terminate this License Agreement at any time by destroying NBG4604 User’s Guide...
Page 267
NOTE: Some components of this product incorporate source code covered under the open source code licenses. To obtain the source code covered under those Licenses, please check ZyXEL Technical Support (support@zyxel.com.tw) to get it. NBG4604 User’s Guide...
Page 268
No part may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any pur- pose, except the express written permission of ZyXEL Communications Corporation. This Product includes Linux Kernel-2.6.21, busybox-1.7.5, libesmtp-1.0.4, igmpproxy-0.1-beta2, dnsmasq-2.39, iproute2-2.6.16, rp-pppoe-3.8, iptables-1.3.8, updatedd-2.6, linuxigd-1, wireless_tools-2.8, bridge-utils-1.2, pptp-client-1.7.1, ppp-2.4.3, udhcp-...
Page 269
License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) NBG4604 User’s Guide...
Page 270
Many people have made generous contributions to the wide range of software distributed through that system NBG4604 User’s Guide...
Page 271
GNU Library Public License, version 2, hence the version number 2.1. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Pub- NBG4604 User’s Guide...
Page 272
"work based on the library" and a "work that uses the library". The former contains code derived from the library, whereas the latter must be combined with the library in order to run. GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODI- NBG4604 User’s Guide...
Page 273
4. You may copy and distribute the Library (or a portion or derivative of it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you accompany it with the complete corresponding machine-readable NBG4604 User’s Guide...
Page 274
Library and of the other library facilities is otherwise permitted, and provided that you do these two things: a) Accompany the combined library with a copy of the same work based on the Library, uncombined with any other library facilities. NBG4604 User’s Guide...
Page 275
KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE NBG4604 User’s Guide...
Page 276
License, and how to view a copy of this License. If the interface presents a list of user commands or options, such as a menu, a prominent item in the list meets this crite- rion. NBG4604 User’s Guide...
Page 277
“aggregate” if the compilation and its resulting copyright are not used to limit the access or legal rights of the compilation's users beyond what the individual works permit. Inclusion of a covered work in an aggregate does not cause this License to apply to the other parts of the aggregate. 6. Conveying Non-Source Forms. NBG4604 User’s Guide...
Page 278
Prohibiting misrepresentation of the origin of that material, or requiring that modified versions of such material be marked in reasonable ways as different from the original version; or d) Limiting the use for publicity purposes of names of licensors or authors of the material; or NBG4604 User’s Guide...
Page 280
GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, NBG4604 User’s Guide...
Page 281
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This Product includes zlib-1.2.3 software under below license License /* zlib.h -- interface of the 'zlib' general purpose compression library NBG4604 User’s Guide...
Page 282
2. Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software. 3. This notice may not be removed or altered from any source distribution. Jean-loup Gailly jloup@gzip.org Mark Adler madler@alumni.caltech.edu NBG4604 User’s Guide...
ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein.
Page 284
20 cm must be maintained between the antenna of this device and all persons. Industry Canada Statement This device complies with RSS-210 of the Industry Canada Rules. Operation is subject to the following two conditions: this device may not cause interference and NBG4604 User’s Guide...
Page 285
This device has been designed for the WLAN 2.4 GHz network throughout the EC region and Switzerland, with restrictions in France. This Class B digital apparatus complies with Canadian ICES-003. Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada. NBG4604 User’s Guide...
Registration Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com for North American products. NBG4604 User’s Guide...
DNS Server DNS server Certificate Authority Domain name certifications vs host name. see also system name notices viewing Domain Name System Channel Domain Name System. See DNS. 32, 57, 251 Interference duplex setting 33, 58 channel Dynamic DNS NBG4604 User’s Guide...
Page 288
IP Pool Firmware upload file extension using HTTP firmware version 32, 57 Fragmentation Threshold IP pool setup FTP. see also File Transfer Program LAN overview LAN setup LAN TCP/IP Language Link type gateway 33, 57 NBG4604 User’s Guide...
Page 289
NAT traversal RADIUS Navigation Panel 33, 58 Shared Secret Key navigation panel 33, 58 RADIUS Message Types NetBIOS RADIUS Messages see also Network Basic Input/Output System RADIUS server registration Network Address Translation 123, 124 product related documentation NBG4604 User’s Guide...
Page 290
Simple Network Management Protocol, see SNMP SNMP 163, 164 agents Universal Plug and Play GetNext application Manager UPnP managers security issues URL Keyword Blocking network components Use Authentication user authentication Trap local (user) database versions RADIUS server SSID 32, 78, 82 NBG4604 User’s Guide...
Page 291
WEP Encryption WEP encryption WEP key Wildcard Wireless association list wireless channel wireless LAN wireless LAN scheduling Wireless LAN wizard Wireless network basic guidelines channel encryption example MAC address filter overview security SSID Wireless security overview type NBG4604 User’s Guide...