Page 1 P-660N-T1A 802.11n Wireless ADSL2+ Gateway Default Login Details IP Address http://192.168.1.1 Password 1234 Firmware Version 3.40 www.zyxel.com Edition 2, 8/2010 www.zyxel.com Copyright © 2010 ZyXEL Communications Corporation...
Page 3: About This User's Guide
Documentation Feedback Send your comments, questions or suggestions to: techwriters@zyxel.com.tw Thank you! The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 30099, Taiwan. Need More Help? More help is available at www.zyxel.com.
Page 4 Graphics in this book may differ slightly from the product due to differences in operating systems, operating system versions, or if you installed updated firmware/software for your device. Every effort has been made to ensure that the information in this manual is accurate. P-660N-T1A User’s Guide...
Page 5: Document Conventions
Syntax Conventions • The P-660N-T1A may be referred to as the “ZyXEL Device”, the “device”, the “system” or the “product” in this User’s Guide. • Product labels, screen names, field labels and field choices are all in bold font.
Page 6 Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The ZyXEL Device icon is not an exact representation of your device. ZyXEL Device Computer Notebook computer Server Firewall Telephone Router Switch P-660N-T1A User’s Guide...
Page 7: Safety Warnings
Your product is marked with this symbol, which is known as the WEEE mark. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should not be mixed with general waste. Used electrical and electronic equipment should be treated separately. P-660N-T1A User’s Guide...
Page 8 Safety Warnings P-660N-T1A User’s Guide...
Page 9: Table Of Contents
Dynamic DNS Setup ........................ 175 Remote Management ......................177 Universal Plug-and-Play (UPnP) ..................... 187 CWMP ............................. 197 System Settings ........................201 Logs ............................205 Tools ............................215 Diagnostic ..........................223 Troubleshooting ........................227 Product Specifications ......................233 P-660N-T1A User’s Guide...
Page 10 Contents Overview P-660N-T1A User’s Guide...
Page 11: Table Of Contents
2.2 Main Screen ........................30 2.2.1 Title Bar ........................31 2.2.2 Navigation Panel ......................31 2.2.3 Main Window ......................33 2.2.4 Status Bar ........................34 Chapter 3 Status Screen .......................... 35 3.1 Overview ..........................35 3.2 The Status Screen ....................... 35 P-660N-T1A User’s Guide...
Page 12 6.4 Technical Reference ......................78 6.4.1 Encapsulation ......................78 6.4.2 Multiplexing ........................ 80 6.4.3 VPI and VCI ....................... 80 6.4.4 IP Address Assignment ....................80 6.4.5 Nailed-Up Connection (PPP) ..................81 6.4.6 NAT ..........................81 6.5 Traffic Shaping ........................81 P-660N-T1A User’s Guide...
Page 13 8.3 The More AP Screen ......................109 8.3.1 More AP Edit ......................110 8.4 The WPS Screen ........................111 8.5 The WPS Station Screen ....................112 8.6 The WDS Screen ........................113 8.7 The Scheduling Screen ......................115 8.8 Technical Reference ......................116 8.8.1 Wireless Network Overview ..................116 P-660N-T1A User’s Guide...
Page 14 11.1.1 What You Can Do in the Filter Screens ..............151 11.1.2 What You Need to Know ..................151 11.2 The URL Filter Screen ....................152 11.3 The Application Filter Screen ................... 153 11.4 The IP/MAC Filter Screen ....................154 P-660N-T1A User’s Guide...
Page 15 16.1.1 What You Can Do in the Remote Management Screens ........178 16.1.2 What You Need to Know ..................178 16.2 The WWW Screen ......................179 16.2.1 Configuring the WWW Screen ................179 16.3 The Telnet Screen ......................180 P-660N-T1A User’s Guide...
Page 16 Tools............................215 21.1 Overview .......................... 215 21.1.1 What You Can Do in the Tool Screens ..............215 21.1.2 What You Need To Know ..................215 21.1.3 Before You Begin ....................216 21.2 The Firmware Screen ...................... 216 P-660N-T1A User’s Guide...
Page 17 Appendix B IP Addresses and Subnetting ................269 Appendix C Pop-up Windows, JavaScripts and Java Permissions ........279 Appendix D Wireless LANs ....................289 Appendix E Services ......................305 Appendix F Legal Information ....................309 Index............................313 P-660N-T1A User’s Guide...
Page 18 Table of Contents P-660N-T1A User’s Guide...
Page 19: User's Guide
User’s Guide...
Page 21: Introduction
Please refer to the following description of the product name format. • Models ending in “1”, for example P-660N-T1A, denote a device that works over the analog telephone system, POTS (Plain Old Telephone Service). Models ending in “3”...
Page 22: Good Habits For Managing The Zyxel Device
Internet and download files. Use the filtering feaure to block access to specific web sites or Internet applications such as MSN or Yahoo Messanger. You can also configure IP/MAC filtering rules for incoming or outgoing traffic. P-660N-T1A User’s Guide...
Page 23: Wireless Access
WPS/WLAN LED turns green, the wireless network is active. You can also use the WPS/WLAN button to quickly set up a secure wireless connection between the ZyXEL Device and a WPS-compatible client by adding one device at a time. To activate WPS: P-660N-T1A User’s Guide...
Page 24 Press the WPS button on another WPS-enabled device within range of the ZyXEL Device. The WPS/WLAN LED should flash while the ZyXEL Device sets up a WPS connection with the other wireless device. Once the connection is successfully made, the WPS/WLAN LED shines green. P-660N-T1A User’s Guide...
Page 25: Leds (Lights)
The ZyXEL Device has an Ethernet connection with a device on the Local Area Network (LAN). Blinking The ZyXEL Device is sending/receiving data to /from the LAN. The ZyXEL Device does not have an Ethernet connection with the LAN. P-660N-T1A User’s Guide...
Page 26: The Reset Button
To set the device back to the factory default settings, press the RESET button for ten seconds or until the POWER LED begins to blink and then release it. When the POWER LED begins to blink, the defaults have been restored and the device restarts. P-660N-T1A User’s Guide...
Page 27: The Web Configurator
Internet Explorer. 2.1.1 Accessing the Web Configurator Make sure your ZyXEL Device hardware is properly connected (refer to the Quick Start Guide). Launch your web browser. Type "192.168.1.1" as the URL. P-660N-T1A User’s Guide...
Page 28 Enter a new password, retype it to confirm and click Apply; alternatively click Ignore to proceed to the main menu if you do not want to change the password now. Figure 5 Change Password Screen P-660N-T1A User’s Guide...
Page 29 Figure 6 Replace Factory Default Certificate Screen Note: For security reasons, the ZyXEL Device automatically logs you out if you do not use the web configurator for five minutes (default). If this happens, log in again. P-660N-T1A User’s Guide...
Page 30: Main Screen
This section introduces the Web Configurator’s main screen. Figure 7 Main Screen The main screen is divided into these parts: • A - title bar • B - navigation panel • C - main window • D - status bar P-660N-T1A User’s Guide...
Page 31: Title Bar
Client List Use this screen to view current DHCP client information and to always assign specific IP addresses to individual MAC addresses (and host names). IP Alias Use this screen to partition your LAN interface into subnets. P-660N-T1A User’s Guide...
Page 32 General Use this screen to enable QoS and traffic prioritizing. You can also configure the QoS rules and actions. Dynamic DNS This screen allows you to use a static hostname alias for a dynamic IP address. P-660N-T1A User’s Guide...
Page 33: Main Window
The main window displays information and configuration fields. It is discussed in the rest of this document. Right after you log in, the Status screen is displayed. See Chapter 3 on page 35 for more information about the Status screen. P-660N-T1A User’s Guide...
Page 34: Status Bar
Chapter 2 The Web Configurator 2.2.4 Status Bar Check the status bar when you click Apply or OK to verify that the configuration has been updated. P-660N-T1A User’s Guide...
Page 35: Status Screen
(LAN and WAN). The Status screen also provides information from DHCP and statistics from bandwidth management and traffic. 3.2 The Status Screen Use this screen to view the status of the ZyXEL Device. Click Status to open this screen. Figure 8 Status Screen P-660N-T1A User’s Guide...
Page 36 DHCP requests and responses between the remote server and the clients. None - The ZyXEL Device is not providing any DHCP services to the LAN. Click this to go to the screen where you can change it. WLAN Information P-660N-T1A User’s Guide...
Page 37 See Section 21.4 on page 221, or turn off the device (unplug the power) for a few seconds. Interface Status Interface This column displays each interface the ZyXEL Device has. P-660N-T1A User’s Guide...
Page 38 For the LAN interface, this displays the port speed and duplex setting. For the DSL interface, it displays the downstream and upstream transmission rate. For the WLAN interface, it displays the maximum transmission rate when WLAN is enabled or N/A when WLAN is disabled. P-660N-T1A User’s Guide...
Page 39: Tutorials
41) or manual configuration (Section 4.2.3 on page 45). 4.2.1 Configuring the Wireless Network Settings This example uses the following parameters to set up a wireless network. SSID Example Security Mode WPA-PSK Pre-Shared Key 1234567key7654321yek 802.11 Mode 802.11b+g+n P-660N-T1A User’s Guide...
Page 40 Thomas can now use the WPS feature to establish a wireless connection between his notebook and the ZyXEL Device (see Section 4.2.2 on page 41). He can also use the notebook’s wireless client to search for the ZyXEL Device (see Section 4.2.3 on page 45). P-660N-T1A User’s Guide...
Page 41: Using Wps
Note: Your ZyXEL Device has a WPS button located on its rear panel as well as a WPS button in its configuration utility. Both buttons have exactly the same function: you can use one or the other. P-660N-T1A User’s Guide...
Page 42 The following figure shows you an example of how to set up a wireless network and its security by pressing a button on both ZyXEL Device and wireless client. Example WPS Process: PBC Method ZyXEL Device Wireless Client WITHIN 2 MINUTES Press and hold for 5 seconds SECURITY INFO COMMUNICATION P-660N-T1A User’s Guide...
Page 43 The ZyXEL Device authenticates the wireless client and sends the proper configuration settings to the wireless client. This may take up to two minutes. The wireless client is then able to communicate with the ZyXEL Device securely. P-660N-T1A User’s Guide...
Page 44 The following figure shows you how to set up a wireless network and its security on a ZyXEL Device and a wireless client by using PIN method. Example WPS Process: PIN Method Wireless Client ZyXEL Device WITHIN 2 MINUTES Authentication by PIN SECURITY INFO COMMUNICATION P-660N-T1A User’s Guide...
Page 45: Without Wps
Here is how Thomas can set up a schedule to turn on the wireless network at specific time and days. Click Network > Wireless Network > Scheduling to open the following screen. P-660N-T1A User’s Guide...
Page 46: Configuring The Mac Address Filter
Internet so that she can concentrate on preparing for her final exams. Josephine’s computer connects wirelessly to the Internet through the ZyXEL Device. Thomas can deny access to the wireless network using the MAC address of Josephine’s computer. Thomas Josephine P-660N-T1A User’s Guide...
Page 47 Click Network > LAN > Client List to open the following screen. Look for the MAC address of Josephine’s computer. Click Network > Wireless LAN to open the AP screen. Click the Edit button in the MAC Filter field. P-660N-T1A User’s Guide...
Page 48: Multiple Wan Connections Example
Figure 9, three WAN connections are configured over the ADSL line: • The connection with VPI/VCI, 0/33, is dedicated for Media-On-Demand (MOD) service. • The connection with VPI/VCI, 0/34, is dedicated for VoIP service. P-660N-T1A User’s Guide...
Page 49 Chapter 4 Tutorials • The connection with VPI/VCI, 0/35, is dedicated for general data transmission. Figure 9 Example for Multiple WAN Connections P-660N-T1A User’s Guide...
Page 50 Chapter 4 Tutorials P-660N-T1A User’s Guide...
Page 51: Technical Reference
Technical Reference...
Page 53: Internet And Wireless Setup Wizard
After you enter the password to access the web configurator, select Go to Wizard setup and click Apply. Otherwise, click the wizard icon in the top right corner of the web configurator to go to the wizards. Figure 10 Select a Mode P-660N-T1A User’s Guide...
Page 54 ISP. See Section 5.2.1 on page 56 for more details. If you would like to skip your Internet setup and configure the wireless LAN settings, leave Yes selected and click Next. Figure 12 Auto Detection: No DSL Connection P-660N-T1A User’s Guide...
Page 55 The following screen appears if the ZyXEL device detects a connection but not the connection type. Click Next and refer to Section 5.2.1 on page 56 on how to manually configure the ZyXEL Device for Internet access. Figure 14 Auto Detection: Failed P-660N-T1A User’s Guide...
Page 56: Manual Configuration
Choices vary depending on what you select in the Mode field. If you select Bridge in the Mode field, select either PPPoA or RFC 1483. If you select Routing in the Mode field, select PPPoA, RFC 1483, ENET ENCAP or PPPoE. P-660N-T1A User’s Guide...
Page 57 The next wizard screen varies depending on what mode and encapsulation type you use. All screens shown are with routing mode. Configure the fields and click Next to continue. See Section 5.3 on page 62 for wireless connection wizard setup Figure 16 Internet Connection with PPPoE P-660N-T1A User’s Guide...
Page 58 Type the name of your PPPoE service here. Name Back Click this to return to the previous screen without saving. Apply Click this to save your changes. Exit Click this to close the wizard screen without saving. Figure 17 Internet Connection with RFC 1483 P-660N-T1A User’s Guide...
Page 59 Click this to return to the previous screen without saving. Next Click this to continue to the next wizard screen. Exit Click this to close the wizard screen without saving. Figure 18 Internet Connection with ENET ENCAP P-660N-T1A User’s Guide...
Page 60 As above. Server Back Click this to return to the previous screen without saving. Apply Click this to save your changes. Exit Click this to close the wizard screen without saving. Figure 19 Internet Connection with PPPoA P-660N-T1A User’s Guide...
Page 61 Password setup to go back to the screen where you can modify them. Figure 20 Connection Test Failed-1 • If the following screen displays, check if your account is activated or click Restart the Internet/Wireless Setup Wizard to verify your Internet access settings. Figure 21 Connection Test Failed-2. P-660N-T1A User’s Guide...
Page 62: Wireless Connection Wizard Setup
The following table describes the labels in this screen. Table 10 Wireless LAN Setup Wizard 1 LABEL DESCRIPTION Active Select the check box to turn on the wireless LAN. Back Click this to return to the previous screen without saving. P-660N-T1A User’s Guide...
Page 63 Select Disable wireless security to have no wireless LAN security configured and your network is accessible to any wireless networking device that is within range. Back Click this to return to the previous screen without saving. P-660N-T1A User’s Guide...
Page 64: Manually Assign A Wpa-Psk Key
You need to configure an authentication server to do this. Back Click this to return to the previous screen without saving. Next Click this to continue to the next wizard screen. Exit Click this to close the wizard screen without saving. P-660N-T1A User’s Guide...
Page 65: Manually Assign A Wep Key
Click this to return to the previous screen without saving. Next Click this to continue to the next wizard screen. Exit Click this to close the wizard screen without saving. Click Apply to save your wireless LAN settings. Figure 27 Wireless LAN Setup 3 P-660N-T1A User’s Guide...
Page 66 Refer to the rest of this guide for more detailed information on the complete range of ZyXEL Device features. If you cannot access the Internet, open the web configurator again to confirm that the Internet settings you configured in the wizard setup are correct. P-660N-T1A User’s Guide...
Page 67: Wan Setup
To set up a WAN connection to the Internet, you need to use the same encapsulation method used by your ISP (Internet Service Provider). If your ISP offers a dial-up Internet connection using PPPoE (PPP over Ethernet) or PPPoA, P-660N-T1A User’s Guide...
Page 68: Before You Begin
Finding Out More Section 6.4 on page 78 for technical background information on WAN. 6.1.3 Before You Begin You need to know your Internet access settings such as encapsulation and WAN IP address. Get this information from your ISP. P-660N-T1A User’s Guide...
Page 69: The Internet Connection Screen
6.2 The Internet Connection Screen Use this screen to change your ZyXEL Device’s WAN settings. Click Network > WAN > Internet Connection. The screen differs by the WAN type and encapsulation you select. Figure 30 Network > WAN >Internet Connection (PPPoE) P-660N-T1A User’s Guide...
Page 70 The valid range for the VPI is 0 to 255. Enter the VPI assigned to you. The valid range for the VCI is 32 to 65535 (0 to 31 is reserved for local management of ATM traffic). Enter the VCI assigned to you. P-660N-T1A User’s Guide...
Page 71 Internet session will not timeout. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. Advanced Setup Click this to display the Advanced WAN Setup screen and edit more details of your WAN setup. P-660N-T1A User’s Guide...
Page 72: Advanced Setup
Select the RIP direction from None, Both, In Only and Out Only. RIP Version This field is not configurable if you select None in the RIP Direction field. Select the RIP version from RIP-1, RIP-2B and RIP-2M. P-660N-T1A User’s Guide...
Page 73 For PPPoE, the MTU value is 1492. For PPPoA and RFC 1483, the MTU is 65535. Back Click this to return to the previous screen without saving. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 74: The More Connections Screen
Internet access setup. Click the Remove icon to delete the Internet access setup from your connection list. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 75: More Connections Edit
Select Routing from the drop-down list box if your ISP allows multiple computers to share an Internet account. If you select Bridge, the ZyXEL Device will forward any packet that it does not route to this remote node; otherwise, the packets are discarded. P-660N-T1A User’s Guide...
Page 76 The ZyXEL Device will try to bring up the connection automatically if it is disconnected. Connect on Demand Select Connect on Demand when you don't want the connection up all the time and specify an idle time-out in the Max Idle Timeout field. P-660N-T1A User’s Guide...
Page 77: Advanced Setup
Use this screen to edit your ZyXEL Device's advanced WAN settings. Click the Advanced Setup button in the More Connections Edit screen. The screen appears as shown. Figure 34 Network > WAN > More Connections: Edit: Advanced Setup P-660N-T1A User’s Guide...
Page 78: Technical Reference
6.4 Technical Reference This section provides some technical background information about the topics covered in this chapter. 6.4.1 Encapsulation Be sure to use the encapsulation method required by your ISP. The ZyXEL Device supports the following methods. P-660N-T1A User’s Guide...
Page 79 PPPoA. Refer to RFC 1661 for more information on PPP. 6.4.1.4 RFC 1483 RFC 1483 describes two methods for Multiprotocol Encapsulation over ATM Adaptation Layer 5 (AAL5). The first method allows multiplexing of multiple protocols over a single ATM virtual circuit (LLC-based multiplexing) and the second P-660N-T1A User’s Guide...
Page 80: Multiplexing
If you have a dynamic IP, then the IP Address and Gateway IP Address fields are not applicable (N/A). If you have a static IP, then you only need to fill in the IP Address field and not the Gateway IP Address field. P-660N-T1A User’s Guide...
Page 81: Nailed-Up Connection (Ppp)
(but not higher) than the maximum line speed. 1 ATM cell is 53 bytes (424 bits), so a maximum speed of 832Kbps gives a maximum PCR of 1962 cells/sec. This rate is not guaranteed because it is dependent on the line speed. P-660N-T1A User’s Guide...
Page 82: Atm Traffic Classes
Variable Bit Rate (VBR) The Variable Bit Rate (VBR) ATM traffic class is used with bursty connections. Connections that use the Variable Bit Rate (VBR) traffic class can be grouped into real time (VBR-RT) or non-real time (VBR-nRT) connections. P-660N-T1A User’s Guide...
Page 83 Unspecified Bit Rate (UBR) The Unspecified Bit Rate (UBR) ATM traffic class is for bursty data transfers. However, UBR doesn't guarantee any bandwidth and only delivers traffic when the network has spare bandwidth. An example application is background file transfer. P-660N-T1A User’s Guide...
Page 84 Chapter 6 WAN Setup P-660N-T1A User’s Guide...
Page 85: Lan Setup
(Section 7.4 on page 90) to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses. • Use the IP Alias screen (Section 7.5 on page 91) to change your ZyXEL Device’s IP alias settings. P-660N-T1A User’s Guide...
Page 86: What You Need To Know
There are three versions of IGMP. IGMP version 2 and 3 are improvements over version 1, but IGMP version 1 is still in wide use. DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because P-660N-T1A User’s Guide...
Page 87: Before You Begin
Enter the IP subnet mask into the IP Subnet Mask field. Unless instructed otherwise it is best to leave this alone, the configurator will automatically compute a subnet mask based upon the IP address you entered. Click Apply to save your settings. Figure 36 Network > LAN > IP P-660N-T1A User’s Guide...
Page 88: The Advanced Setup Screen
The ZyXEL Device supports IGMP-v1, IGMP-v2 and IGMP-v3. Select None to disable Back Click this to return to the previous screen without saving. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 89: The Dhcp Server Screen
This field specifies the size, or count of the IP address pool. Remote DHCP If Relay is selected in the DHCP field above then enter the IP Server address of the actual remote DHCP server here. DNS Server P-660N-T1A User’s Guide...
Page 90: The Client List Screen
IP Address Enter the IP address that you want to assign to the computer on your LAN with the MAC address that you will also specify. MAC Address Enter the MAC address of a computer on your LAN. P-660N-T1A User’s Guide...
Page 91: The Ip Alias Screen
LAN network. When you use IP alias, you can also configure firewall rules to control access between the LAN's logical networks (subnets). Note: Make sure that the subnets of the logical networks do not overlap. P-660N-T1A User’s Guide...
Page 92: Configuring The Lan Ip Alias Screen
Alternatively, click the right mouse button to copy and/or paste the IP address. IP Subnet Mask Your ZyXEL Device will automatically calculate the subnet mask based on the IP address that you assign. Unless you are implementing subnetting, use the subnet mask computed by the ZyXEL Device. P-660N-T1A User’s Guide...
Page 93 By default, RIP direction is set to Both and the Version set to RIP-1. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 94: Technical Reference
DNS (Domain Name System) maps a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it. The DNS P-660N-T1A User’s Guide...
Page 95: Lan Tcp/Ip
Let's say you select 192.168.1.0 as the network number; which covers 254 individual addresses, from 192.168.1.1 to 192.168.1.254 (zero and 255 are reserved). In other words, the first three numbers specify the network number while the last number identifies an individual computer on that network. P-660N-T1A User’s Guide...
Page 96: Rip Setup
• In Only - the ZyXEL Device will not send any RIP packets but will accept all RIP packets received. • Out Only - the ZyXEL Device will send out RIP packets but will not accept any RIP packets received. P-660N-T1A User’s Guide...
Page 97: Multicast
After that, the ZyXEL Device periodically updates this information. IP multicasting can be enabled/ disabled on the ZyXEL Device LAN and/or WAN interfaces in the web configurator (LAN; WAN). Select None to disable IP multicasting on these interfaces. P-660N-T1A User’s Guide...
Page 98 Chapter 7 LAN Setup P-660N-T1A User’s Guide...
Page 99: Wireless Lan
Distribution System, in which the ZyXEL Device acts as a bridge with other ZyXEL access points. • Use the Scheduling screen (see Section 8.7 on page 115) to configure the dates/times to enable or disable the wireless LAN. P-660N-T1A User’s Guide...
Page 100: What You Need To Know
The MAC address filter controls access to the wireless network. You can use the MAC address of each wireless client to allow or deny access to the wireless network. Finding Out More Section 8.8 on page 116 for advanced technical information on wireless networks. P-660N-T1A User’s Guide...
Page 101: Before You Start
8.2 The AP Screen Use this screen to configure the wireless settings of your ZyXEL Device. Click Network > Wireless LAN to open the AP screen. Figure 43 Network > Wireless LAN > AP P-660N-T1A User’s Guide...
Page 102: No Security
8.2.1 No Security In the Network > Wireless LAN > AP screen, select No Security from the Security Mode list to allow wireless devices to communicate with the ZyXEL Device without any data encryption or authentication. P-660N-T1A User’s Guide...
Page 103: Wep Encryption
WPA2-PSK if all your wireless devices support it, or use WPA or WPA2 if your wireless devices support it and you have a RADIUS server. If your wireless devices support nothing stronger than WEP, use the highest encryption level available. Figure 45 Network > Wireless LAN > AP: Static WEP P-660N-T1A User’s Guide...
Page 104: Wpa(2)-Psk
The re- keying process is the WPA(2) equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis. P-660N-T1A User’s Guide...
Page 105: Wpa(2) Authentication
The re- keying process is the WPA(2) equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis. P-660N-T1A User’s Guide...
Page 106: Advanced Setup
Table 29 Network > Wireless LAN > AP: Advanced Setup LABEL DESCRIPTION RTS/CTS Enter a value between 0 and 2432. Threshold Fragmentation This is the maximum data fragment size that can be sent. Enter a value Threshold between 256 and 2432. P-660N-T1A User’s Guide...
Page 107 Device. The transmission rate of your ZyXEL Device might be reduced. Back Click this to return to the previous screen without saving. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 108: Mac Filter
Enter the MAC addresses of the wireless devices that are allowed or denied Address access to the ZyXEL Device in these address fields. Enter the MAC addresses in a valid MAC address format, that is, six hexadecimal character pairs, for example, 12:34:56:78:9a:bc. P-660N-T1A User’s Guide...
Page 109: The More Ap Screen
Modify Click the Edit icon to configure the SSID profile. Click the Remove icon to hide the SSID in the outgoing beacon frame so a station cannot obtain the SSID through scanning using a site survey tool. P-660N-T1A User’s Guide...
Page 110: More Ap Edit
ZyXEL Device using this SSID. Edit Click this to go to the MAC Filter screen to configure MAC filter settings. See Section 8.2.6 on page 108 for more details. P-660N-T1A User’s Guide...
Page 111: The Wps Screen
Figure 52 Network > Wireless LAN > WPS The following table describes the labels in this screen. Table 33 Network > Wireless LAN > WPS LABEL DESCRIPTION WPS Setup WPS Setup Select the check box to activate WPS on the ZyXEL Device. P-660N-T1A User’s Guide...
Page 112: The Wps Station Screen
Use this screen to set up a WPS wireless network using either Push Button Configuration (PBC) or PIN Configuration. Click Network > Wireless LAN > WPS Station. The following screen displays. Figure 53 Network > Wireless LAN > WPS Station P-660N-T1A User’s Guide...
Page 113: The Wds Screen
Note: WDS security is independent of the security settings between the ZyXEL Device and any wireless clients. Note: At the time of writing, WDS is compatible with other ZyXEL APs only. Not all models support WDS links. Check your other AP’s documentation. P-660N-T1A User’s Guide...
Page 114 (six hexadecimal character pairs, for example 12:34:56:78:9a:bc). Enter a Pre-Shared Key (PSK) from 8 to 63 case-sensitive ASCII characters (including spaces and symbols). Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 115: The Scheduling Screen
For example, if you set the time range from 12:00 to 23:00, the wireless LAN will be turned on only during this time period. Apply Click this to save your changes. Reset Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 116: Technical Reference
• An “ad-hoc” type of network is one in which there is no access point. Wireless clients connect to one another in order to exchange information. The following figure provides an example of a wireless network. Figure 56 Example of a Wireless Network P-660N-T1A User’s Guide...
Page 117 This allows a variety of networks to exist in the same place without interfering with one another. When you create a network, you must select a channel to use. Since the available unlicensed spectrum varies from one country to another, the number of available channels also varies. P-660N-T1A User’s Guide...
Page 118: Additional Wireless Terms
“key” phrase) can access the network. Second, they encrypt. This means that the information sent over the air is encoded. Only people with the code key can understand the information, and only people who have been authenticated are given the code key. P-660N-T1A User’s Guide...
Page 119: Mac Address Filter
Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks. These kinds of wireless devices might not have MAC addresses. Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F. P-660N-T1A User’s Guide...
Page 120 The types of encryption you can choose depend on the type of authentication. (See Section 8.8.3.3 on page 120 for information about this.) Table 38 Types of Encryption for Each Type of Authentication NO AUTHENTICATION RADIUS SERVER Weakest No Security Static WEP WPA-PSK Strongest WPA2-PSK WPA2 P-660N-T1A User’s Guide...
Page 121: Signal Problems
(AP). Intra-BSS traffic is traffic between wireless stations in the BSS. When Intra-BSS traffic blocking is disabled, wireless station A and B can access the wired network P-660N-T1A User’s Guide...
Page 122: Mbssid
BSSIDs (they are in different BSSs), but have the same keys, they may hear each other’s communications (but not communicate with each other). • MBSSID should not replace but rather be used in conjunction with 802.1x security. P-660N-T1A User’s Guide...
Page 123: Wireless Distribution System (Wds)
Number that allows one device to authenticate the other) in each of the two devices. When WPS is activated on a device, it has two minutes to find another device that also has WPS activated. Then, the two devices connect and set up a secure network by themselves. P-660N-T1A User’s Guide...
Page 124: Push Button Configuration
Then, when WPS is activated on the first device, it presents its PIN to the second device. If the PIN matches, one device sends the network and security information to the other, allowing it to join the network. P-660N-T1A User’s Guide...
Page 125 On a computer connected to the wireless client, try to connect to the Internet. If you can connect, WPS was successful. If you cannot connect, check the list of associated wireless clients in the AP’s configuration utility. If you see the wireless client in the list, WPS was successful. P-660N-T1A User’s Guide...
Page 126 PSK or WPA2-PSK pre-shared key to the enrollee. Whether WPA-PSK or WPA2-PSK is used depends on the standards supported by the devices. If the registrar is already part of a network, it sends the existing information. If not, it generates the SSID and WPA(2)-PSK randomly. P-660N-T1A User’s Guide...
Page 127 It will be the registrar in all subsequent WPS connections in which it is involved. If you want a configured AP to act as an enrollee, you must reset it to its factory defaults. P-660N-T1A User’s Guide...
Page 128 CLIENT 1 ENROLLEE CLIENT 2 In step 3, you add another access point (AP2) to your network. AP2 is out of range of AP1, so you cannot use AP1 for the WPS handshake with the new access P-660N-T1A User’s Guide...
Page 129 (if the device supports this feature). Then, you can enter the key into the non-WPS device and join the network as normal (the non-WPS device must also support WPA-PSK or WPA2-PSK). P-660N-T1A User’s Guide...
Page 130 Check the MAC addresses of your wireless clients (usually printed on a label on the bottom of the device). If there is an unknown MAC address you can remove it or reset the AP. P-660N-T1A User’s Guide...
Page 131: Network Address Translation (Nat)
Internet are the outside hosts. Global/Local Global/local denotes the IP address of a host in a packet as the packet traverses a router, for example, the local address refers to the IP address of a host when the P-660N-T1A User’s Guide...
Page 132: Port Forwarding
• Choose SUA Only if you have just one public WAN IP address for your ZyXEL Device. • Choose Full Feature if you have multiple public WAN IP addresses for your ZyXEL Device. Finding Out More Section 9.6 on page 142 for advanced technical information on NAT. P-660N-T1A User’s Guide...
Page 133: The General Setup Screen
NAT sessions they can establish. If your network has a large number of users using peer to peer applications, you can lower this number to ensure no single client is exhausting all of the available NAT sessions. P-660N-T1A User’s Guide...
Page 134: The Port Forwarding Screen
A default server receives packets from ports that are not specified in this screen. Note: If you do not assign a Default Server IP address, the ZyXEL Device discards all packets received for ports that are not specified here or in the remote management setup. P-660N-T1A User’s Guide...
Page 135: Configuring The Port Forwarding Screen
9.3.1 Configuring the Port Forwarding Screen Click Network > NAT > Port Forwarding to open the following screen. Appendix E on page 305 for port numbers commonly used for particular services. Figure 66 Network > NAT > Port Forwarding P-660N-T1A User’s Guide...
Page 136 Click the delete icon to delete an existing port forwarding rule. Note that subsequent address mapping rules move up by one when you take this action. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 137: The Port Forwarding Rule Edit Screen
Port translated, the device automatically calculates the last port of the translated port range. Back Click this to return to the previous screen without saving. P-660N-T1A User’s Guide...
Page 138: The Address Mapping Screen
4, rules 5 to 7 will be pushed up by 1 rule, so old rules 5, 6 and 7 become new rules 4, 5 and 6. To change your ZyXEL Device’s address mapping settings, click Network > NAT > Address Mapping to open the following screen. Figure 68 Network > NAT > Address Mapping P-660N-T1A User’s Guide...
Page 139 Click the edit icon to go to the screen where you can edit the address mapping rule. Click the delete icon to delete an existing address mapping rule. Note that subsequent address mapping rules move up by one when you take this action. P-660N-T1A User’s Guide...
Page 140: The Address Mapping Rule Edit Screen
255.255.255.255 as the Local End IP address. This field is N/A for One-to-One and Server mapping types. Global Start This is the starting global IP address (IGA). Enter 0.0.0.0 here if you have a dynamic IP address from your ISP. P-660N-T1A User’s Guide...
Page 141: The Alg Screen
Table 44 Network > NAT > ALG LABEL DESCRIPTION Enable SIP ALG Select this to make sure SIP (VoIP) works correctly with port- forwarding and address-mapping rules. Apply Click this to save your changes. Reset Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 142: Technical Reference
The global IP addresses for the inside hosts can be either static or dynamically assigned by the ISP. In addition, you can designate servers, for example, a web server and a telnet server, on your local network and make them accessible to the P-660N-T1A User’s Guide...
Page 143: How Nat Works
Figure 71 How NAT Works NAT Table Inside Local Inside Global IP Address IP Address 192.168.1.10 IGA 1 192.168.1.13 192.168.1.11 IGA 2 192.168.1.12 IGA 3 192.168.1.13 IGA 4 192.168.1.12 192.168.1.10 IGA1 Inside Local Inside Global Address (ILA) Address (IGA) 192.168.1.11 192.168.1.10 P-660N-T1A User’s Guide...
Page 144: Nat Application
• Many-to-Many No Overload: In Many-to-Many No Overload mode, the ZyXEL Device maps each local IP address to a unique global IP address. • Server: This type allows you to specify inside servers of different services behind the NAT to be accessible to the outside world. P-660N-T1A User’s Guide...
Page 145 ILA2 IGA1 … Many-to-Many Overload ILA1 IGA1 ILA2 IGA2 ILA3 IGA1 ILA4 IGA2 … Many-to-Many No Overload ILA1 IGA1 ILA2 IGA2 ILA3 IGA3 … Server Server 1 IP IGA1 Server 2 IP IGA1 Server 3 IP IGA1 P-660N-T1A User’s Guide...
Page 146 Chapter 9 Network Address Translation (NAT) P-660N-T1A User’s Guide...
Page 147: Firewall
SYN-ACK responses on a backlog queue. SYN-ACKs are moved off the queue only when an ACK comes back or when an internal timer terminates the three-way handshake. Once the queue is full, the system will ignore all incoming SYN requests, making the system unavailable for legitimate users. P-660N-T1A User’s Guide...
Page 148 Filtering decisions are based not only on rules but also context. For example, traffic from the WAN may only be allowed to cross the firewall in response to a request from the LAN. P-660N-T1A User’s Guide...
Page 149: The Firewall Screen
SAVE Click this to save your changes. CANCEL Click this to restore your previously saved settings. Enabling SPI blocks all traffic initiated from the WAN side, including the DMZ, virtual server and ACL on the WAN side. P-660N-T1A User’s Guide...
Page 150 Chapter 10 Firewall P-660N-T1A User’s Guide...
Page 151: Filters
An IP/MAC filter set consists of one or more filter rules. The ZyXEL Device allows you to configure up to twelve filter sets with six rules in each set, for a total of 72 filter rules in the system. P-660N-T1A User’s Guide...
Page 152: The Url Filter Screen
This is the index number of the filter rule. This is the URL you have configured the ZyXEL Device to block. Apply Click this to save your changes. Delete Click this to remove the filter rule. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 153: The Application Filter Screen
Use this field to allow or deny ICQ traffic. Use this field to allow or deny MSN traffic. YMSG Use this field to allow or deny Yahoo Messenger traffic Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 154: The Ip/Mac Filter Screen
Interface Select the PVC to which to apply the filter. Direction Apply the filter to Both, Incoming or Outgoing traffic direction. IP/MAC Filter Rule Editing IP/MAC Filter Rule Select the index number of the filter rule. Index P-660N-T1A User’s Guide...
Page 155 This is the destination port number. Protocol This is the upper layer protocol. Unmatched When a packet doesn’t match the rule, this is the action the ZyXEL Device takes on the packet. SAVE Click this to save your changes. P-660N-T1A User’s Guide...
Page 156 Chapter 11 Filters Table 50 Access Management > Filter (IP/MAC) (continued) LABEL DESCRIPTION DELETE Click this to remove the filter rule. CANCEL Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 157: Static Route
ISP behind router R2. You create another static route to communicate with a separate network behind a router R3 connected to the LAN. Figure 77 Example of Static Routing Topology P-660N-T1A User’s Guide...
Page 158: What You Can Do In The Static Route Screens
Gateway This is the IP address of the gateway. The gateway is a router or switch on the same network segment as the device's LAN or WAN port. The gateway helps forward packets to their destinations. P-660N-T1A User’s Guide...
Page 159: Static Route Edit
LAN or WAN port. The gateway helps forward packets to their destinations. Back Click this to return to the previous screen without saving. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 160 Chapter 12 Static Route P-660N-T1A User’s Guide...
Page 161: Q/1P
The following terms and concepts may help as you read this chapter. IEEE 802.1P Priority IEEE 802.1P specifies the user priority field and defines up to eight separate traffic types by inserting a tag into a MAC-layer frame that contains bits to define class of service. P-660N-T1A User’s Guide...
Page 162 (recall that a port can belong to multiple VLANs). If the tagging on the egress port is enabled for the VID of a frame, then the frame is transmitted as a tagged frame; otherwise, it is transmitted as an untagged frame. P-660N-T1A User’s Guide...
Page 163: The 802.1Q/1P Group Setting Screen
Select this check box to activate the 802.1P/1Q feature. Summary This field displays the index number of the VLAN group. Active This field displays whether 802.1P/1Q is active for the VLAN group. This field displays the ID number of the VLAN group. P-660N-T1A User’s Guide...
Page 164: Editing 802.1Q/1P Group Setting
Use this screen to configure the settings for each VLAN group. In the 802.1Q/1P screen, click the Edit button from the Modify filed to display the following screen. Figure 82 Advanced > 802.1Q/1P > Group Setting > Edit P-660N-T1A User’s Guide...
Page 165 VLAN. You select this if you want to create VLANs across different devices and not just the ZyXEL Device. Back Click this to return to the previous screen without saving. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 166: The 802.1Q/1P Port Setting Screen
Assign a VLAN ID for the port. The valid VID range is between 1 and 4094. The ZyXEL Device assigns the PVID to untagged frames or priority-tagged frames received on this port. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 167: Quality Of Service (Qos)
(6) to VoIP traffic from the LAN interface, so that voice traffic would not get delayed when there is network congestion. Traffic from the boss’s IP address (192.168.1.23 for example) is mapped to queue 5. Traffic that does not match P-660N-T1A User’s Guide...
Page 168: What You Can Do In The Qos Screens
When the packet passes through a compatible network, the networking device, such as a backbone switch, can provide specific treatment or service based on the tag or marker. Finding Out More Section 14.3 on page 172 for advanced technical information on QoS. P-660N-T1A User’s Guide...
Page 169: The Qos Screen
Use this screen to enable or disable QoS and have the ZyXEL Device assign priority levels to traffic according to the port range, IEEE 802.1p priority level and/ or IP precedence. Click Advanced Setup > QoS to open the screen as shown next. Figure 85 Advanced Setup > QoS P-660N-T1A User’s Guide...
Page 170 Select IPP/TOS to specify an IP precedence range and type of services. Select DSCP to specify a DiffServ Code Point (DSCP) range. IP Precedence Enter a range from 0 to 7 for IP precedence. Zero is the lowest priority Range and seven is the highest. P-660N-T1A User’s Guide...
Page 171: The Qos Settings Summary Screen
Use this screen to display a summary of rules and actions configured for the ZyXEL Device. In the Advanced > QoS screen, click the QoS Settings Summary button to open the following screen. Figure 86 Advanced Setup > QoS > QoS Settings Summary P-660N-T1A User’s Guide...
Page 172: Technical Reference
Table 58 IEEE 802.1p Priority Level and Traffic Type PRIORITY TRAFFIC TYPE LEVEL Level 7 Typically used for network control traffic such as router configuration messages. Level 6 Typically used for voice traffic that is especially sensitive to jitter (jitter is the variations in delay). P-660N-T1A User’s Guide...
Page 173: Ip Precedence
Table 59 Internal Layer2 and Layer3 QoS Mapping LAYER 2 LAYER 3 IEEE 802.1P PRIORITY USER PRIORITY TOS (IP IP PACKET QUEUE PRECEDENCE) DSCP (ETHERNET LENGTH (BYTE) PRIORITY) 000000 000000 >1100 P-660N-T1A User’s Guide...
Page 174 IEEE 802.1P PRIORITY QUEUE USER PRIORITY TOS (IP IP PACKET PRECEDENCE) DSCP (ETHERNET LENGTH (BYTE) PRIORITY) 001110 250~1100 001100 001010 001000 010110 010100 010010 010000 011110 <250 011100 011010 011000 100110 100100 100010 100000 101110 101000 110000 111000 P-660N-T1A User’s Guide...
Page 175: Dynamic Dns Setup
IP address as yourhost.dyndns.org. This feature is useful if you want to be able to use, for example, www.yourhost.dyndns.org and still reach your hostname. If you have a private WAN IP address, then you cannot use Dynamic DNS. P-660N-T1A User’s Guide...
Page 176: The Dynamic Dns Screen
Type your user name. Password Type the password assigned to you. Enable Select the check box to enable DynDNS Wildcard. Wildcard Option Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 177: Remote Management
You may manage your ZyXEL Device from a remote location via: • Internet (WAN only) • LAN only • WLAN only • LAN and WAN • LAN and WLAN • WLAN and WAN • ALL (WAN, LAN and WLAN) • None (Disable) P-660N-T1A User’s Guide...
Page 178: What You Can Do In The Remote Management Screens
• You have disabled that service in one of the remote management screens. • The IP address in the Secured Client IP Address field does not match the client IP address. If it does not match, the ZyXEL Device will disconnect the session immediately. P-660N-T1A User’s Guide...
Page 179: The Www Screen
Note: If you disable the WWW service in the Remote MGMT > WWW screen, then the ZyXEL Device blocks all HTTP connection attempts. 16.2.1 Configuring the WWW Screen Click Advanced > Remote MGMT to display the WWW screen. Figure 89 Advanced > Remote MGMT > WWW P-660N-T1A User’s Guide...
Page 180: The Telnet Screen
You can use Telnet to access the ZyXEL Device’s command line interface. Specify which interfaces allow Telnet access and from which IP address the access can come. Click Advanced > Remote MGMT > Telnet tab to display the screen as shown. Figure 90 Advanced > Remote MGMT > Telnet P-660N-T1A User’s Guide...
Page 181: The Ftp Screen
Use this screen to specify which interfaces allow FTP access and from which IP address the access can come. To change your ZyXEL Device’s FTP settings, click Advanced > Remote MGMT > FTP. The screen appears as shown. Figure 91 Advanced > Remote MGMT > FTP P-660N-T1A User’s Guide...
Page 182: The Snmp Screen
SNMP agent functionality, which allows a manager station to manage and monitor the ZyXEL Device through the network. The ZyXEL Device supports SNMP version one (SNMPv1) and version two (SNMPv2c). The next figure illustrates an SNMP management operation. Figure 92 SNMP Management Model P-660N-T1A User’s Guide...
Page 183: Supported Mibs
1.3.6.1.6.3.1.1.5.3 This trap is sent when the Ethernet link is down. linkUp 1.3.6.1.6.3.1.1.5.4 This trap is sent when the Ethernet link is authenticationFailure 1.3.6.1.6.3.1.1.5.5 This trap is sent when an SNMP request comes from non-authenticated hosts. P-660N-T1A User’s Guide...
Page 184: Configuring Snmp
Use this screen to set from which IP address the ZyXEL Device will accept DNS queries and on which interface it can send them your ZyXEL Device’s DNS settings. This feature is not available when the ZyXEL Device is set to bridge P-660N-T1A User’s Guide...
Page 185: The Icmp Screen
ICMP response packet is automatically returned. This allows the outside user to know the ZyXEL Device exists. Your ZyXEL Device supports anti-probing, which prevents the ICMP response packet from being sent. This keeps outsiders from discovering your ZyXEL Device when unsupported ports are probed. P-660N-T1A User’s Guide...
Page 186 Select WAN to reply to incoming WAN Ping requests. Otherwise select LAN & WAN to reply to both incoming LAN and WAN Ping requests. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 187: Universal Plug-And-Play (Upnp)
NAT. UPnP network devices can automatically configure network addressing, announce their presence in the network to other UPnP devices and enable exchange of simple product and service descriptions. NAT traversal allows the following: • Dynamic port mapping • Learning public IP addresses P-660N-T1A User’s Guide...
Page 188 UPnP and ZyXEL ZyXEL has achieved UPnP certification from the Universal Plug and Play Forum UPnP™ Implementers Corp. (UIC). ZyXEL's UPnP implementation supports Internet Gateway Device (IGD) 1.0. See the following sections for examples of installing and using UPnP. P-660N-T1A User’s Guide...
Page 189: The Upnp Screen
UPnP enabled device; this eliminates the need to manually configure port forwarding for the UPnP enabled application. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 190: Installing Upnp In Windows
Windows 7 already has UPnP installed. To enable it: Click Start > Control Panel and select Network and Internet. Click Network and Sharing Center. In the Network and Sharing window, set Network Discovery to On. This activates the UPnP feature in Windows 7 P-660N-T1A User’s Guide...
Page 191 In the Network Connections window, click Advanced in the main menu and select Optional Networking Components …. Network Connections The Windows Optional Networking Components Wizard window displays. Select Networking Service in the Components selection box and click Details. Windows Optional Networking Components Wizard P-660N-T1A User’s Guide...
Page 192: Using Upnp In Windows Xp
This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the ZyXEL Device. Make sure the computer is connected to a LAN port of the ZyXEL Device. Turn on your computer and the ZyXEL Device. P-660N-T1A User’s Guide...
Page 193 Click Start and Control Panel. Double-click Network Connections. An icon displays under Internet Gateway. Right-click the icon and select Properties. Network Connections In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created. Internet Connection Properties P-660N-T1A User’s Guide...
Page 194 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. Select Show icon in notification area when connected option and click OK. An icon displays in the system tray. System Tray Icon P-660N-T1A User’s Guide...
Page 195: Web Configurator Easy Access
Follow the steps below to access the web configurator. Click Start and then Control Panel. Double-click Network Connections. Select My Network Places under Other Places. Network Connections An icon with the description for each UPnP-enabled device displays under Local Network. P-660N-T1A User’s Guide...
Page 196 Network Connections: My Network Places Right-click on the icon for your ZyXEL Device and select Properties. A properties window displays with basic information about the ZyXEL Device. Network Connections: My Network Places: Properties: Example P-660N-T1A User’s Guide...
Page 197: Cwmp
H A P T E R CWMP 18.1 Overview The ZyXEL Device supports TR-069 Amendment 1 (CPE WAN Management Protocol Release 2.0) and TR-069 Amendment 2 (CPE WAN Management Protocol v1.1, Release 3.0). TR-069 is a protocol that defines how your ZyXEL Device (ZD) can be managed via a management server (MS) such as ZyXEL’s Vantage Access.
Page 198: The Cwmp Setup Screen
Chapter 18 CWMP 18.2 The CWMP Setup Screen Use this screen to configure your ZyXEL Device to be managed by a management server. Click Advanced> CWMP to display the following screen. Figure 98 Advanced > CWMP The following table describes the fields in this screen. Table 69 Advanced >...
Page 199 Chapter 18 CWMP Table 69 Advanced > CWMP (continued) LINK DESCRIPTION Password The password is used to authenticate the ZyXEL Device when making a connection to the management server. This password on the management server and the ZyXEL Device must be the same. Type a password of up to 255 printable characters found on an English-language keyboard.
Page 200 Chapter 18 CWMP P-660HN-T1A User’s Guide...
Page 201: System Settings
(Section 19.3 on page 202) to set the system time. 19.2 The General Screen Use this screen to configure system admin password. Click Maintenance > System to open the General screen. Figure 99 Maintenance > System > General P-660N-T1A User’s Guide...
Page 202: The Time And Date Screen
Use this screen to configure the ZyXEL Device’s time based on your local time zone. To change your ZyXEL Device’s time and date, click Maintenance > System > Time and Date. The screen appears as shown. Figure 100 Maintenance > System > Time and Date P-660N-T1A User’s Guide...
Page 203 Daylight saving is a period from late spring to early fall when many Savings countries set their clocks ahead of normal local time by one hour to give more daytime light in the evening. Select this option if you use Daylight Saving Time. P-660N-T1A User’s Guide...
Page 204 In Germany for instance, you would type 2 because Germany's time zone is one hour ahead of GMT or UTC (GMT+1). Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. P-660N-T1A User’s Guide...
Page 205: Logs
20.2 The System Log Screen Use the System Log screen to configure and view the logs you wish to display. To change your ZyXEL Device’s log settings, click Maintenance > Logs > Log Settings. The screen appears as shown. P-660N-T1A User’s Guide...
Page 206 Select the types of logs that you want to display and record. Then click Submit to display the details. Clear Log Click this to delete all the logs. Save Log Click this to save the logs in a text file. P-660N-T1A User’s Guide...
Page 207: Log Descriptions
The router is saving configuration changes. Configuration Change: PC = 0x%x, Task ID = 0x%x Someone has logged on to the router’s SSH server. Successful SSH login Someone has failed to log on to the router’s SSH SSH login failed server. P-660N-T1A User’s Guide...
Page 208 [ TCP | UDP | IGMP | ESP | GRE | OSPF ] The router sent a message to notify a user that Router sent blocked web site the router blocked access to a web site that the message: TCP user requested. P-660N-T1A User’s Guide...
Page 209 Attempted access matched a configured filter rule [ TCP | UDP | ICMP | IGMP | (denoted by its set and rule number) and was blocked Generic ] packet filter or forwarded according to the rule. matched (set: %d, rule: %d) P-660N-T1A User’s Guide...
Page 210 Opening The PPP connection’s Challenge Handshake Authentication Protocol ppp:CHAP Opening stage is opening. The PPP connection’s Internet Protocol Control Protocol stage is ppp:IPCP starting. Starting The PPP connection’s Internet Protocol Control Protocol stage is ppp:IPCP Opening opening. P-660N-T1A User’s Guide...
Page 211 The firewall detected a TCP teardrop attack. teardrop TCP The firewall detected an UDP teardrop attack. teardrop UDP The firewall detected an ICMP teardrop attack. teardrop ICMP (type:%d, code:%d) The firewall detected a TCP illegal command attack. illegal command TCP P-660N-T1A User’s Guide...
Page 212 DIRECTION DESCRIPTION DIRECTION (L to W) LAN to WAN ACL set for packets traveling from the LAN to the WAN. (W to L) WAN to LAN ACL set for packets traveling from the WAN to the LAN. P-660N-T1A User’s Guide...
Page 213 Redirect datagrams for the Type of Service and Host Echo Echo message Time Exceeded Time to live exceeded in transit Fragment reassembly time exceeded Parameter Problem Pointer indicates the error Timestamp Timestamp request message Timestamp Reply Timestamp reply message Information Request P-660N-T1A User’s Guide...
Page 214 Please refer to RFC 2408 for detailed information on each type. Table 88 RFC-2408 ISAKMP Payload Types LOG DISPLAY PAYLOAD TYPE Security Association Proposal PROP Transform TRANS Key Exchange Identification Certificate Certificate Request CER_REQ Hash HASH Signature Nonce NONCE Notification NOTFY Delete Vendor ID P-660N-T1A User’s Guide...
Page 215: Tools
You can also reset your device settings back to the factory default. • Use the Restart screen (Section 21.4 on page 221) to restart your ZyXEL device. 21.1.2 What You Need To Know The following terms and concepts may help as you read this chapter. P-660N-T1A User’s Guide...
Page 216: Before You Begin
HTTP (Hypertext Transfer Protocol) and may take up to two minutes. After a successful upload, the system will reboot. Do NOT turn off the ZyXEL Device while firmware upload is in progress! Figure 102 Maintenance > Tools > Firmware P-660N-T1A User’s Guide...
Page 217 The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 104 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen. P-660N-T1A User’s Guide...
Page 218: The Configuration Screen
Figure 105 Error Message 21.3 The Configuration Screen Click Maintenance > Tools > Configuration. Information related to factory defaults, backup configuration, and restoring configuration appears in this screen, as shown next. Figure 106 Maintenance > Tools > Configuration P-660N-T1A User’s Guide...
Page 219 Do not turn off the ZyXEL Device while configuration file upload is in progress. After you see a “restore configuration successful” screen, you must then wait one minute before logging into the ZyXEL Device again. Figure 107 Configuration Upload Successful P-660N-T1A User’s Guide...
Page 220 Appendix A on page 241 for details on how to set up your computer’s IP address. If the upload was not successful, the following screen will appear. Click Return to go back to the Configuration screen. Figure 109 Configuration Upload Error P-660N-T1A User’s Guide...
Page 221: The Restart Screen
You may need to do this if the ZyXEL Device hangs, for example. Click Maintenance > Tools > Restart. Click Restart to have the ZyXEL Device reboot. This does not affect the ZyXEL Device's configuration. Figure 112 Maintenance > Tools >Restart P-660N-T1A User’s Guide...
Page 222 Chapter 21 Tools P-660N-T1A User’s Guide...
Page 223: Diagnostic
DSL line statistics and reset the ADSL line. 22.2 The General Diagnostic Screen Use this screen to ping an IP address. Click Maintenance > Diagnostic to open the screen shown next. Figure 113 Maintenance > Diagnostic > General P-660N-T1A User’s Guide...
Page 224: The Dsl Line Diagnostic Screen
22.3 The DSL Line Diagnostic Screen Use this screen to view the DSL line statistics and reset the ADSL line. Click Maintenance > Diagnostic > DSL Line to open the screen shown next. Figure 114 Maintenance > Diagnostic > DSL Line P-660N-T1A User’s Guide...
Page 225 ZyXEL Device sends an OAM F5 packet to the DSLAM/ATM switch and then returns it (loops it back) to the ZyXEL Device. The ATM loopback test is useful for troubleshooting problems with the DSLAM and ATM network. P-660N-T1A User’s Guide...
Page 226 Reset ADSL Line Successfully!" Capture All Click this to display information and statistics about your ZyXEL Device’s Logs ATM statistics, DSL connection statistics, DHCP settings, firmware version, WAN and gateway IP address, VPI/VCI and LAN IP address. P-660N-T1A User’s Guide...
Page 227: Troubleshooting
Turn the ZyXEL Device off and on. If the problem continues, contact the vendor. One of the LEDs does not behave as expected. Make sure you understand the normal behavior of the LED. See Section 1.5 on page P-660N-T1A User’s Guide...
Page 228: Zyxel Device Access And Login
If this does not work, you have to reset the device to its factory defaults. See Section 1.6 on page I cannot see or access the Login screen in the web configurator. Make sure you are using the correct IP address. • The default IP address is 192.168.1.1. P-660N-T1A User’s Guide...
Page 229 You cannot log in to the web configurator while someone is using Telnet to access the ZyXEL Device. Log out of the ZyXEL Device in the other session, or ask the person who is logged in to log out. Turn the ZyXEL Device off and on. P-660N-T1A User’s Guide...
Page 230: Internet Access
LAN and have selected the correct channel in the Wireless LAN > AP screen. Disconnect all the cables from your device, and follow the directions in the Quick Start Guide again. If the problem continues, contact your ISP. P-660N-T1A User’s Guide...
Page 231 If the problem continues, contact the network administrator or vendor, or try one of the advanced suggestions. Advanced Suggestions • Check the settings for QoS. If it is disabled, you might consider activating it. If it is enabled, you might consider raising or lowering the priority for some applications. P-660N-T1A User’s Guide...
Page 232 Chapter 23 Troubleshooting P-660N-T1A User’s Guide...
Page 233: Product Specifications
1 second: turn on or off WLAN 5 seconds: enable WPS (Wi-Fi Protected Setup) Operation 0º C ~ 40º C Temperature Storage Temperature -20º ~ 60º C Operation Humidity 20% ~ 90% RH Storage Humidity 20% ~ 90% RH P-660N-T1A User’s Guide...
Page 234: Firmware Specifications
GS mark or TUV certificate EN60950-1 24.2 Firmware Specifications The following table summarizes the ZyXEL Device’s firmware features. Table 94 Firmware Specifications Basic Features Default IP 192.168.1.1 Address Default Subnet 255.255.255.0 (24 bits) Mask Default Admin 1234 Password P-660N-T1A User’s Guide...
Page 235 Support multi-protocol over AAL5 (RFC2684/1483) Support PPP over ATM AAL5 (RFC2364) PPP over Ethernet support for DSL connection (RFC 2516) Support VC-based and LLC-based multiplexing Support up to 8 PVCs I.610 F4/F5 OAM TR-067/TR-100 supported Annex A,B,I, J,L,M Bit swapping P-660N-T1A User’s Guide...
Page 236 Content Filtering URL Keyword Blocking Muti-NAT & Port Address Translation (PAT) 2048 NAT session Cone NAT Multimedia applications support (NetMeeting, CuSeeMe, ICQ, …etc) Microsoft PPTP under NAT/SUA Multiple VPN (IPSec/PPTP/L2TP) pass-through NAT loopback 12 NAT port forwarding P-660N-T1A User’s Guide...
Page 237 ADSL mode selectable on GUI Embedded FTP/TFTP Server for f/w upgrade and romfile backup and restore Remote Management Control: Telnet, FTP, and Web. TR-069 HTTPS(with motive certification) MTU adjustable on WebGUI WAN Backup Traffic redirect Other features rom-t Support IGMP Proxy P-660N-T1A User’s Guide...
Page 238: Standards Support
ITU standard (also referred to as ADSL2) that extends the (G.dmt.bis) capability of basic ADSL in data rates. ITU G.992.4 ITU standard (also referred to as ADSL2) that extends the (G.lite.bis) capability of basic ADSL in data rates. P-660N-T1A User’s Guide...
Page 239 MS PPTP (Microsoft's implementation of Point to Point Tunneling Protocol) MBM v2 Media Bandwidth Management v2 RFC 2383 ST2+ over ATM Protocol Specification - UNI 3.1 Version TR-069 TR-069 DSL Forum Standard for CPE Wan Management. 1.363.5 Compliant AAL5 SAR (Segmentation And Re-assembly) P-660N-T1A User’s Guide...
Page 240 Chapter 24 Product Specifications P-660N-T1A User’s Guide...
Page 241: Appendix A Setting Up Your Computer's Ip Address
• Windows 7 page 249 • Mac OS X: 10.3 and 10.4 page 253 • Mac OS X: 10.5 and 10.6 page 256 • Linux: Ubuntu 8 (GNOME) page 259 • Linux: openSUSE 10.3 (KDE) page 264 P-660N-T1A User’s Guide...
Page 242 Appendix A Setting Up Your Computer’s IP Address Windows XP/NT/2000 The following example uses the default Windows XP display theme but can also apply to Windows 2000 and Windows NT. Click Start > Control Panel. In the Control Panel, click the Network Connections icon. P-660N-T1A User’s Guide...
Page 243 Appendix A Setting Up Your Computer’s IP Address Right-click Local Area Connection and then select Properties. On the General tab, select Internet Protocol (TCP/IP) and then click Properties. P-660N-T1A User’s Guide...
Page 244 In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can also go to Start > Control Panel > Network Connections, right-click a network connection, click Status and then click the Support tab to view your IP address and connection information. P-660N-T1A User’s Guide...
Page 245: Windows Vista
Appendix A Setting Up Your Computer’s IP Address Windows Vista This section shows screens from Windows Vista Professional. Click Start > Control Panel. In the Control Panel, click the Network and Internet icon. Click the Network and Sharing Center icon. P-660N-T1A User’s Guide...
Page 246 Appendix A Setting Up Your Computer’s IP Address Click Manage network connections. Right-click Local Area Connection and then select Properties. Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue. P-660N-T1A User’s Guide...
Page 247 Appendix A Setting Up Your Computer’s IP Address Select Internet Protocol Version 4 (TCP/IPv4) and then select Properties. P-660N-T1A User’s Guide...
Page 248 ISP. You may also have to enter a Preferred DNS server and an Alternate DNS server, if that information was provided.Click Advanced. Click OK to close the Internet Protocol (TCP/IP) Properties window. 10 Click OK to close the Local Area Connection Properties window. P-660N-T1A User’s Guide...
Page 249 Status and then click the Support tab to view your IP address and connection information. Windows 7 This section shows screens from Windows 7 Enterprise. Click Start > Control Panel. In the Control Panel, click View network status and tasks under the Network and Internet category. P-660N-T1A User’s Guide...
Page 250 Appendix A Setting Up Your Computer’s IP Address Click Change adapter settings. Double click Local Area Connection and then select Properties. Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue. P-660N-T1A User’s Guide...
Page 251 Appendix A Setting Up Your Computer’s IP Address Select Internet Protocol Version 4 (TCP/IPv4) and then select Properties. P-660N-T1A User’s Guide...
Page 252 DNS server and an Alternate DNS server, if that information was provided. Click Advanced if you want to configure advanced settings for IP, DNS and WINS. Click OK to close the Internet Protocol (TCP/IP) Properties window. Click OK to close the Local Area Connection Properties window. P-660N-T1A User’s Guide...
Page 253 In the Command Prompt window, type "ipconfig" and then press [ENTER]. The IP settings are displayed as follows. Mac OS X: 10.3 and 10.4 The screens in this section are from Mac OS X 10.4 but can also apply to 10.3. Click Apple > System Preferences. P-660N-T1A User’s Guide...
Page 254 Appendix A Setting Up Your Computer’s IP Address In the System Preferences window, click the Network icon. When the Network preferences pane opens, select Built-in Ethernet from the network connection type list, and then click Configure. P-660N-T1A User’s Guide...
Page 255 • In the IP Address field, type your IP address. • In the Subnet Mask field, type your subnet mask. • In the Router field, type the IP address of your device. Click Apply Now and close the window. P-660N-T1A User’s Guide...
Page 256 Figure 115 Mac OS X 10.4: Network Utility Mac OS X: 10.5 and 10.6 The screens in this section are from Mac OS X 10.5 but can also apply to 10.6. Click Apple > System Preferences. P-660N-T1A User’s Guide...
Page 257 Appendix A Setting Up Your Computer’s IP Address In System Preferences, click the Network icon. When the Network preferences pane opens, select Ethernet from the list of available connection types. From the Configure list, select Using DHCP for dynamically assigned settings. P-660N-T1A User’s Guide...
Page 258 • In the IP Address field, enter your IP address. • In the Subnet Mask field, enter your subnet mask. • In the Router field, enter the IP address of your ZyXEL Device. Click Apply and close the window. P-660N-T1A User’s Guide...
Page 259 The procedure, screens and file locations may vary depending on your specific distribution, release version, and individual configuration. The following screens use the default Ubuntu 8 installation. Note: Make sure you are logged in as the root administrator. P-660N-T1A User’s Guide...
Page 260 When the Network Settings window opens, click Unlock to open the Authenticate window. (By default, the Unlock button is greyed out until clicked.) You cannot make changes to your configuration unless you first enter your admin password. P-660N-T1A User’s Guide...
Page 261 Appendix A Setting Up Your Computer’s IP Address In the Authenticate window, enter your admin account name and password then click the Authenticate button. In the Network Settings window, select the connection that you want to configure, then click Properties. P-660N-T1A User’s Guide...
Page 262 Network Settings screen. If you know your DNS server IP address(es), click the DNS tab in the Network Settings window and then enter the DNS server information in the fields provided. Click the Close button to apply the changes. P-660N-T1A User’s Guide...
Page 263 Check your TCP/IP properties by clicking System > Administration > Network Tools, and then selecting the appropriate Network device from the Devices tab. The Interface Statistics column shows data if your connection is working properly. Figure 117 Ubuntu 8: Network Tools P-660N-T1A User’s Guide...
Page 264 Follow the steps below to configure your computer IP address in the KDE: Click K Menu > Computer > Administrator Settings (YaST). When the Run as Root - KDE su dialog opens, enter the admin password and click OK. P-660N-T1A User’s Guide...
Page 265 When the YaST Control Center window opens, select Network Devices and then click the Network Card icon. When the Network Settings window opens, click the Overview tab, select the appropriate connection Name from the list, and then click the Configure button. P-660N-T1A User’s Guide...
Page 266 Select Dynamic Address (DHCP) if you have a dynamic IP address. Select Statically assigned IP Address if you have a static IP address. Fill in the IP address, Subnet mask, and Hostname fields. Click Next to save the changes and close the Network Card Setup window. P-660N-T1A User’s Guide...
Page 267 Click Finish to save your settings and close the window. Verifying Settings Click the KNetwork Manager icon on the Task bar to check your TCP/IP properties. From the Options sub-menu, select Show Connection Information. Figure 119 openSUSE 10.3: KNetwork Manager P-660N-T1A User’s Guide...
Page 268 Appendix A Setting Up Your Computer’s IP Address When the Connection Status - KNetwork Manager window opens, click the Statistics tab to see if your connection is working properly. Figure 120 openSUSE: Connection Status - KNetwork Manager P-660N-T1A User’s Guide...
Page 269: Appendix B Ip Addresses And Subnetting
192.168.1.1). Each of these four parts is known as an octet. An octet is an eight-digit binary number (for example 11000000, which is 192 in decimal notation). Therefore, each octet has a possible range of 00000000 to 11111111 in binary, or 0 to 255 in decimal. P-660N-T1A User’s Guide...
Page 270: Subnet Masks
ID of an IP address (192.168.1.2 in decimal). Table 96 Subnet Masks OCTET: OCTET: OCTET: OCTET (192) (168) IP Address (Binary) 11000000 10101000 00000001 00000010 Subnet Mask (Binary) 11111111 11111111 11111111 00000000 Network Number 11000000 10101000 00000001 Host ID 00000010 P-660N-T1A User’s Guide...
Page 271 MAXIMUM NUMBER OF SUBNET MASK HOST ID SIZE HOSTS 8 bits 255.0.0.0 24 bits – 2 16777214 16 bits 255.255.0.0 16 bits – 2 65534 24 bits 255.255.255.0 8 bits – 2 29 bits 255.255.255.2 3 bits – 2 P-660N-T1A User’s Guide...
Page 272 In this example, the company network address is 192.168.1.0. The first three octets of the address (192.168.1) are the network number, and the remaining octet is the host ID, allowing a maximum of 2 – 2 or 254 possible hosts. P-660N-T1A User’s Guide...
Page 273 The “borrowed” host ID bit can have a value of either 0 or 1, allowing two subnets; 192.168.1.0 /25 and 192.168.1.128 /25. The following figure shows the company network after subnetting. There are now two sub-networks, A and B. Figure 123 Subnetting Example: After Subnetting P-660N-T1A User’s Guide...
Page 274 Table 101 Subnet 2 LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: Lowest Host ID: 192.168.1.65 192.168.1.64 Broadcast Address: Highest Host ID: 192.168.1.126 192.168.1.127 P-660N-T1A User’s Guide...
Page 275 Similarly, use a 27-bit mask to create eight subnets (000, 001, 010, 011, 100, 101, 110 and 111). The following table shows IP address last octet values for each subnet. Table 104 Eight Subnets SUBNET LAST BROADCAST SUBNET FIRST ADDRESS ADDRESS ADDRESS ADDRESS P-660N-T1A User’s Guide...
Page 276: Configuring Ip Addresses
255.255.255.248 (/29) 8192 255.255.255.252 (/30) 16384 255.255.255.254 (/31) 32768 Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP P-660N-T1A User’s Guide...
Page 277 Regardless of your particular situation, do not create an arbitrary IP address; always follow the guidelines above. For more information on address assignment, please refer to RFC 1597, Address Allocation for Private Internets and RFC 1466, Guidelines for Management of IP Address Space. P-660N-T1A User’s Guide...
Page 278 Appendix B IP Addresses and Subnetting P-660N-T1A User’s Guide...
Page 279: Appendix C Pop-Up Windows, Javascripts And Java Permissions
Disable Pop-up Blockers In Internet Explorer, select Tools, Pop-up Blocker and then select Turn Off Pop-up Blocker. Figure 124 Pop-up Blocker You can also check if pop-up blocking is disabled in the Pop-up Blocker section in the Privacy tab. P-660N-T1A User’s Guide...
Page 280 Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. In Internet Explorer, select Tools, Internet Options and then the Privacy tab. P-660N-T1A User’s Guide...
Page 281 Select Settings…to open the Pop-up Blocker Settings screen. Figure 126 Internet Options: Privacy Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. P-660N-T1A User’s Guide...
Page 282 Figure 127 Pop-up Blocker Settings Click Close to return to the Privacy screen. Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. P-660N-T1A User’s Guide...
Page 283 Figure 128 Internet Options: Security Click the Custom Level... button. Scroll down to Scripting. Under Active scripting make sure that Enable is selected (the default). Under Scripting of Java applets make sure that Enable is selected (the default). P-660N-T1A User’s Guide...
Page 284 Figure 129 Security Settings - Java Scripting Java Permissions From Internet Explorer, click Tools, Internet Options and then the Security tab. Click the Custom Level... button. Scroll down to Microsoft VM. Under Java permissions make sure that a safety level is selected. P-660N-T1A User’s Guide...
Page 285 Click OK to close the window. Figure 130 Security Settings - Java JAVA (Sun) From Internet Explorer, click Tools, Internet Options and then the Advanced tab. Make sure that Use Java 2 for <applet> under Java (Sun) is selected. P-660N-T1A User’s Guide...
Page 286 Mozilla Firefox 2.0 screens are used here. Screens for other versions may vary. You can enable Java, Javascripts and pop-ups in one screen. Click Tools, then click Options in the screen that appears. Figure 132 Mozilla Firefox: Tools > Options P-660N-T1A User’s Guide...
Page 287 Appendix C Pop-up Windows, JavaScripts and Java Permissions Click Content.to show the screen below. Select the check boxes as shown in the following screen. Figure 133 Mozilla Firefox Content Security P-660N-T1A User’s Guide...
Page 288 Appendix C Pop-up Windows, JavaScripts and Java Permissions P-660N-T1A User’s Guide...
Page 289: Appendix D Wireless Lans
(AP). Intra-BSS traffic is traffic between wireless clients in the BSS. When Intra-BSS is enabled, wireless client A and B can access the wired network and communicate P-660N-T1A User’s Guide...
Page 290 This wired connection between APs is called a Distribution System (DS). This type of wireless LAN topology is called an Infrastructure WLAN. The Access Points not only provide communication with the wired network but also mediate wireless network traffic in the immediate neighborhood. P-660N-T1A User’s Guide...
Page 291 AP is using channel 1, then you need to select a channel between 6 or 11. RTS/CTS A hidden node occurs when two stations are within range of the same access point, but are not within range of each other. The following figure illustrates a P-660N-T1A User’s Guide...
Page 292 RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. Note: Enabling the RTS Threshold causes redundant network overhead that could negatively affect the throughput performance instead of providing a remedy. P-660N-T1A User’s Guide...
Page 293: Preamble Type
IEEE 802.11g is fully compatible with the IEEE 802.11b standard. This means an IEEE 802.11b adapter can interface directly with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range. IEEE 802.11g has P-660N-T1A User’s Guide...
Page 294 IEEE802.1x EAP with RADIUS Server Authentication Wi-Fi Protected Access (WPA) WPA2 Most Secure Note: You must enable the same wireless security settings on the ZyXEL Device and on all wireless clients that you want to associate with it. P-660N-T1A User’s Guide...
Page 295 The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user authentication: • Access-Request Sent by an access point requesting authentication. • Access-Reject Sent by a RADIUS server rejecting access. • Access-Accept Sent by a RADIUS server allowing access. P-660N-T1A User’s Guide...
Page 296 The wireless client ‘proves’ that it knows the password by encrypting the password with the challenge and sends back the information. Password is not sent in plain text. P-660N-T1A User’s Guide...
Page 297 However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is implemented only by Cisco. LEAP LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of IEEE 802.1x. P-660N-T1A User’s Guide...
Page 298 RADIUS server, you should use WPA2-PSK (WPA2-Pre-Shared Key) that only requires a single (identical) password entered into each access point, wireless gateway and wireless client. As long as the passwords match, a wireless client will be granted access to a WLAN. P-660N-T1A User’s Guide...
Page 299 The common-password approach makes WPA(2)-PSK susceptible to brute-force password-guessing attacks but it’s still an improvement over WEP as it employs a consistent, single, alphanumeric password to derive a PMK which is used to generate unique temporal encryption P-660N-T1A User’s Guide...
Page 300 The RADIUS server then checks the user's identification against its database and grants or denies network access accordingly. A 256-bit Pairwise Master Key (PMK) is derived from the authentication process by the RADIUS server and the client. P-660N-T1A User’s Guide...
Page 301 The AP checks each wireless client's password and allows it to join the network only if the password matches. The AP and wireless clients generate a common PMK (Pairwise Master Key). The key itself is not sent over the network, but is derived from the PSK and the SSID. P-660N-T1A User’s Guide...
Page 302 Enable without Dynamic WEP Open Enable with Dynamic WEP Key Enable without Dynamic WEP Disable Shared Enable with Dynamic WEP Key Enable without Dynamic WEP Disable TKIP/AES Enable WPA-PSK TKIP/AES Disable WPA2 TKIP/AES Enable WPA2-PSK TKIP/AES Disable P-660N-T1A User’s Guide...
Page 303: Antenna Overview
Types of Antennas for WLAN There are two types of antennas used for wireless LAN applications. P-660N-T1A User’s Guide...
Page 304 For omni-directional antennas mounted on a wall or ceiling, point the antenna down. For a single AP application, place omni-directional antennas as close to the center of the coverage area as possible. For directional antennas, point the antenna in the direction of the desired coverage area. P-660N-T1A User’s Guide...
Page 305: Appendix E Services
• If the Protocol is TCP, UDP, or TCP/UDP, this is the IP port number. • If the Protocol is USER, this is the IP protocol number. • Description: This is a brief explanation of the applications that use this service or the situations in which this service is used. P-660N-T1A User’s Guide...
Page 306 IMAP4 The Internet Message Access Protocol is used for e-mail. IMAP4S This is a more secure version of IMAP4 that runs over SSL. TCP/UDP 6667 This is another popular Internet chat program. P-660N-T1A User’s Guide...
Page 307 Remote Login. ROADRUNNER TCP/UDP 1026 This is an ISP that provides services mainly for cable modems. RTELNET Remote Telnet. RTSP TCP/UDP The Real Time Streaming (media control) Protocol (RTSP) is a remote control for multimedia on the Internet. P-660N-T1A User’s Guide...
Page 308 Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). VDOLIVE 7000 A videoconferencing solution. The UDP port number is specified in the user- application. defined P-660N-T1A User’s Guide...
Page 309: Appendix F Legal Information
ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved. Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein.
Page 310 焼兟偓喭琫鳔鮞唈鍫耭楦恲螁鯠谀躖鋔焗隓烷鋔鮞躖豜枻髪鞙釳烷蛏岽脧媰劜倅烷鋔憰奋枻唈鍫恲螁蕫贝靺偪釳憝孅喕烐捁焼耯澵憝孅澵譹鍪奂蛅烎鍫拹礩竤谉鉙憝孅譹騮螁砻硳唈鍫梫喕烐捁謼夎捁馝倜佋枻鉙现捁倅烷鋔憰奋赬陭喕烐捁鮞閮佋匦銡釳騦鍫珟憰鞙奋砬枻憝孅 P-660N-T1A User’s Guide...
Page 311: Zyxel Limited Warranty
Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This warranty is in lieu of all other warranties, express or implied, including any implied warranty of merchantability or fitness for a particular use or P-660N-T1A User’s Guide...
Page 312 Registration Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com for North American products. P-660N-T1A User’s Guide...
Page 313: Index
See CA. rules certifications types 139, 140, 144 notices administrator password 28, 202 viewing alerts channel alternative subnet mask notation interference antenna channel, wireless LAN directional gain client list omni-directional Command Line Interface, see CLI AP (access point) P-660N-T1A User’s Guide...
Page 314 86, 89, 94 structure diagnostic IP/MAC filter DiffServ Code Point, see DSCP configuration disclaimer MAC address 108, 119 activation 86, 90, 94, 184 151, 152 Domain Name System, see DNS firewalls configuration DSCP DDoS DSL connections, status dynamic DNS P-660N-T1A User’s Guide...
Page 315 134, 136 Management Information Base (MIB) ping private mapping address rules IP alias types 139, 140, 144 configuration NAT applications Maximum Burst Size, see MBS IP precedence 171, 173 Maximum Transmission Unit, see MTU P-660N-T1A User’s Guide...
Page 316 SIP ALG 802.1p 171, 172 activation activation 169, 170 132, 133 DSCP Network Address Translation example see NAT IP precedence 171, 173 Network Address Translation, see NAT priority queue Quality of Service, see QoS P-660N-T1A User’s Guide...
Page 317 LAN 102, 118 subnet mask 86, 95, 270 Security Parameter Index, see SPI subnetting Service Set IDentifier, see SSID Sustain Cell Rate, see SCR setup SYN attack DHCP firewalls syntax conventions IP alias system P-660N-T1A User’s Guide...
Page 318 Universal Plug and Play, see UPnP setup upgrading firmware status UPnP traffic shaping activation example cautions 70, 76, 80 NAT traversal 70, 76, 80 warranty note URL filter 113, 123 compatibility example web configurator 21, 27 login P-660N-T1A User’s Guide...
Page 319 112, 113, 124 wizard example 105, 121 push button 113, 124 authentication status reauthentication WPA-PSK 104, 121 pre-shared key 111, 123, 126 activation adding stations example limitations 112, 113, 124 push button 113, 124 status wireless security P-660N-T1A User’s Guide...
Page 320 Index P-660N-T1A User’s Guide...
Page 321 Index P-660N-T1A User’s Guide...
Page 322 Index P-660N-T1A User’s Guide...

ZyXEL Communications P-660N-T1A User Manual

About this User's Guide

Document Conventions

Safety Warnings

Contents Overview

Table of Contents

User's Guide

Part I: User's Guide

Chapter 1 Introduction

Chapter 2 The Web Configurator

Chapter 3 Status Screen

Chapter 4 Tutorials

Technical Reference

Part II: Technical Reference

Chapter 5 Internet and Wireless Setup Wizard

Chapter 6 WAN Setup

Chapter 7 LAN Setup

Chapter 8 Wireless LAN

Chapter 9 Network Address Translation (NAT)

Chapter 10 Firewall

Chapter 11 Filters

Chapter 12 Static Route

Chapter 13 Q/1P

Chapter 14 Quality of Service (Qos)

Chapter 15 Dynamic DNS Setup

Chapter 16 Remote Management

Chapter 17 Universal Plug-And-Play (Upnp)

Chapter 18 CWMP

Chapter 19 System Settings

Chapter 20 Logs

Chapter 21 Tools

Chapter 22 Diagnostic

Chapter 23 Troubleshooting

Chapter 24 Product Specifications

Appendix A Setting up Your Computer's IP Address

Appendix B IP Addresses and Subnetting

Appendix C Pop-Up Windows, Javascripts and Java Permissions

Appendix D Wireless Lans

Appendix E Services

Appendix F Legal Information

Index

Quick Links

Related Manuals for ZyXEL Communications P-660N-T1A

Summary of Contents for ZyXEL Communications P-660N-T1A