Page 1 ADSL Router Series P-660HN-TxA, P-660HN-Tx, P-660N-TxA, P-660HN-T1H, P- 660HNU-Tx and P-660HU-Tx ADSL2+ Gateway Default Login Details IP Address http://192.168.1.1 Username admin Password 1234 Firmware Version 1.02 Edition 1, 11/2011 www.zyxel.com www.zyxel.com Copyright © 2011 ZyXEL Communications Corporation...
Page 3: About This User's Guide
Please refer to www.zyxel.com for additional support documentation and product certifications. Documentation Feedback Send your comments, questions or suggestions to: techwriters@zyxel.com.tw Thank you! The Technical Writing Team, ZyXEL Communications Corp. Need More Help? More help is available at www.zyxel.com. • Download Library Search for the latest product updates and documentation from this link.
Page 4 About This User's Guide • Knowledge Base If you have a specific question about your product, the answer may be here. This is a collection of answers to previously asked questions about ZyXEL products. • Forum This contains discussions on ZyXEL products. Learn from others who use ZyXEL products and share your experiences as well.
Page 5: Document Conventions
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. Warnings tell you about things that could harm you or your device. Note: Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.
Page 6 Document Conventions Server Firewall Telephone Router Switch ADSL Router Series User’s Guide...
Page 7: Safety Warnings
Safety Warnings Safety Warnings • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store things on the device. •...
Page 8 Safety Warnings ADSL Router Series User’s Guide...
Page 9: Table Of Contents
Contents Overview Contents Overview User’s Guide ............................21 Introduction .............................23 The Web Configurator ..........................29 Status Screens ............................35 Tutorials ..............................41 Technical Reference ..........................77 Internet and Wireless Setup Wizard......................79 WAN Setup .............................93 LAN Setup .............................109 Wireless LAN ............................123 Network Address Translation (NAT) ......................151 Firewall ..............................163 Filters ..............................181 Certificate ..............................189...
Page 10 Contents Overview ADSL Router Series User’s Guide...
Page 11: Table Of Contents
Table of Contents Table of Contents About This User's Guide ........................3 Document Conventions ........................5 Safety Warnings............................7 Contents Overview ..........................9 Table of Contents ..........................11 Part I: User’s Guide ..................21 Chapter 1 Introduction............................23 1.1 Overview ............................23 1.2 Ways to Manage the ZyXEL Device ....................23 1.3 Good Habits for Managing the ZyXEL Device ..................24 1.4 Applications for the ZyXEL Device ....................24 1.4.1 Internet Access ........................24...
Page 12 Table of Contents Chapter 4 Tutorials ...............................41 4.1 Overview ............................41 4.2 Setting Up Your DSL Connection ......................41 4.3 IPv6 Address Configuration ......................43 4.3.1 6to4 Tunneling .........................44 4.4 Setting Up a Secure Wireless Network .....................45 4.4.1 Configuring the Wireless Network Settings ................45 4.4.2 Using WPS ..........................46 4.4.3 Connecting Wirelessly to your ZyXEL Device .................50 4.5 Configuring the MAC Address Filter for Restricting Wireless Internet Access ........52...
Page 13 Table of Contents Chapter 6 WAN Setup ............................93 6.1 Overview ............................93 6.1.1 What You Can Do in the WAN Screens ...................93 6.1.2 What You Need to Know About WAN ..................93 6.1.3 Before You Begin ........................94 6.2 The Internet Access Setup Screen ....................95 6.2.1 Advanced Internet Access Setup ....................98 6.3 The More Connections Screen .......................100 6.3.1 More Connections Edit ......................101...
Page 14 Table of Contents Chapter 8 Wireless LAN.............................123 8.1 Overview ............................123 8.1.1 What You Can Do in the Wireless LAN Screens ..............123 8.1.2 What You Need to Know About Wireless ................123 8.1.3 Before You Start ........................124 8.2 The AP Screen ..........................125 8.2.1 No Security ..........................126 8.2.2 WEP Encryption ........................127 8.2.3 WPA(2)-PSK ..........................128...
Page 15 Table of Contents 9.6.3 How NAT Works ........................160 9.6.4 NAT Application ........................161 9.6.5 NAT Mapping Types ......................161 Chapter 10 Firewall ..............................163 10.1 Overview ............................163 10.1.1 What You Can Do in the Firewall Screens ................163 10.1.2 What You Need to Know About Firewall ................164 10.2 The Firewall Screen ........................166 10.3 The Firewall General Screen ......................167 10.4 The Default Action Screen ......................168...
Page 16 Table of Contents Chapter 13 Static Route ............................193 13.1 Overview ............................193 13.1.1 What You Can Do in the Static Route Screens ..............194 13.2 The Static Route Screen .......................194 13.2.1 Static Route Edit ........................195 13.2.2 IPv6 Static Route .........................196 13.2.3 IPv6 Static Route Edit ......................197 Chapter 14 Port Binding ............................199 14.1 Overview ............................199...
Page 17 Table of Contents 17.1.2 What You Need To Know About DDNS ................217 17.2 The Dynamic DNS Screen ......................218 Chapter 18 Remote Management........................219 18.1 Overview ............................219 18.1.1 What You Can Do in the Remote Management Screens ............219 18.1.2 What You Need to Know About Remote Management ............220 18.2 The WWW Screen ........................220 18.2.1 Configuring the WWW Screen .....................221 18.3 The Telnet Screen .........................221...
Page 18 Table of Contents 21.4 The Print Server Screen ........................246 21.5 Add a New Printer Using Windows ....................247 21.6 Add a New Printer Using Macintosh OS X ..................251 21.6.1 Mac OS 10.3 and 10.4 ......................251 21.6.2 Mac OS 10.5 and 10.6 ......................254 Chapter 22 CWMP ..............................259 22.1 Overview ............................259...
Page 19 Table of Contents 27.2 ZyXEL Device Access and Login ....................282 27.3 Internet Access ..........................283 Chapter 28 Product Specifications ........................285 28.1 Hardware Specifications ........................285 Appendix A Setting up Your Computer’s IP Address ...............287 Appendix B IP Addresses and Subnetting..................309 Appendix C Pop-up Windows, JavaScripts and Java Permissions ..........317 Appendix D Wireless LANs......................327 Appendix E IPv6 ..........................341 Appendix F Services........................351...
Page 20 Table of Contents ADSL Router Series User’s Guide...
Page 21: User's Guide
User’s Guide...
Page 23: Introduction
H A PT ER Introduction 1.1 Overview The ADSL Router series includes the P-660HN-TxA, P-660HN-Tx, P-660N-TxA, P-660HN-T1H, P- 660HNU-Tx and P-660HU-Tx (x stands for 1 or 3). The routers in this series are ADSL2+ routers. By integrating DSL and NAT, you are provided with ease of installation and high-speed, shared Internet access.
Page 24: Good Habits For Managing The Zyxel Device
Chapter 1 Introduction 1.3 Good Habits for Managing the ZyXEL Device Do the following things regularly to make the ZyXEL Device more secure and to manage the ZyXEL Device more effectively. • Change the password. Use a password that’s not easy to guess and that consists of different types of characters, such as numbers and letters.
Page 25: Wireless Access
Chapter 1 Introduction Use QoS to efficiently manage traffic on your network by giving priority to certain types of traffic and/or to particular computers. For example, you could make sure that the ZyXEL Device gives voice over Internet calls high priority, and/or limit bandwidth devoted to the boss’s excessive file downloading.
Page 26: The Reset Button
Chapter 1 Introduction To activate WPS: Make sure the POWER LED is on and not blinking. Press the WPS/WLAN button for 1-5 seconds and release it. See below for WPS button location. P-660HN-T1H P-660HN-TxA, P-660HN-Tx, P-660HNU-Tx, P-660HU-Tx P-660N-TxA Press the WPS button on another WPS-enabled device within range of the ZyXEL Device. The WPS/ WLAN LED should flash while the ZyXEL Device sets up a WPS connection with the other wireless device.
Page 27: Using The Reset Button
Chapter 1 Introduction 1.6.1 Using the Reset Button Make sure the POWER LED is on (not blinking). To set the device back to the factory default settings, press the RESET button for ten seconds or until the POWER LED begins to blink and then release it. When the POWER LED begins to blink, the defaults have been restored and the device restarts.
Page 28 Chapter 1 Introduction ADSL Router Series User’s Guide...
Page 29: The Web Configurator
H A PT ER The Web Configurator 2.1 Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and later versions. The recommended screen resolution is 1024 by 768 pixels. In order to use the web configurator you need to allow: •...
Page 30 Chapter 2 The Web Configurator The following screen displays if you have not yet changed your password. It is strongly recommended you change the default password. Enter a new password, retype it to confirm and click Apply; alternatively click Ignore to proceed to the main menu if you do not want to change the password now.
Page 31: The Main Screen
Chapter 2 The Web Configurator 2.2 The Main Screen Figure 6 Main Screen As illustrated above, the main screen is divided into these parts: • A - title bar • B - navigation panel • C - main window • D - status bar 2.2.1 Title Bar The title bar provides some icons in the upper right corner.
Page 32: Navigation Panel
Chapter 2 The Web Configurator 2.2.2 Navigation Panel Use the menu items on the navigation panel to open screens to configure ZyXEL Device features. The following tables describe each menu item. Table 2 Navigation Panel Summary LINK FUNCTION Status This screen shows the ZyXEL Device’s general device and network status information.
Page 33 Chapter 2 The Web Configurator Table 2 Navigation Panel Summary LINK FUNCTION Certificate Use this screen to view and manage the list of trusted CAs. Advanced Static Route Static Route Use this screen to configure IP static routes to tell your device about networks beyond the directly connected remote nodes.
Page 34: Main Window
Chapter 2 The Web Configurator Table 2 Navigation Panel Summary LINK FUNCTION Diagnostic General Use this screen to test the connections to other devices. DSL Line This screen displays information to help you identify problems with the DSL connection. 2.2.3 Main Window The main window displays information and configuration fields.
Page 35: Status Screens
H A PT ER Status Screens 3.1 Overview Use the Status screens to look at the current status of the device, system resources, and interfaces (LAN and WAN). The Status screen also provides detailed information from DHCP and statistics from bandwidth management, and traffic. ADSL Router Series User’s Guide...
Page 36: The Status Screen
Chapter 3 Status Screens 3.2 The Status Screen Use this screen to view the status of the ZyXEL Device. Click Status to open this screen. Figure 7 Status Screen Each field is described in the following table. Table 3 Status Screen LABEL DESCRIPTION Refresh Interval...
Page 37 Chapter 3 Status Screens Table 3 Status Screen LABEL DESCRIPTION DSL Firmware This is the current version of the device’s DSL modem code. Version WAN Information DSL Mode This is the DSL standard that your ZyXEL Device is using. Annex Type This is the ADSL Annex Type that your ZyXEL Device is using.
Page 38 Chapter 3 Status Screens Table 3 Status Screen LABEL DESCRIPTION IPv6 LAN DNS2 This is the second DNS server IPv6 address the ZyXEL Device passes to the DHCP clients. LAN IPv4/IPv6 This is the MTU (Maximum Transmission Unit) for IPv4 and IPv6 packets passing through the LAN interfaces.
Page 39 Chapter 3 Status Screens Table 3 Status Screen LABEL DESCRIPTION Status This field indicates whether or not the ZyXEL Device is using the interface. For the DSL interface, this field displays Down (line is down), Up (line is up or connected) and Drop (dropping a call) if you're using PPPoE encapsulation.
Page 40 Chapter 3 Status Screens ADSL Router Series User’s Guide...
Page 41: Tutorials
H A PT ER Tutorials 4.1 Overview This chapter shows you how to use the ZyXEL Device’s various features. • Setting Up Your DSL Connection, see page 41 • IPv6 Address Configuration, see page 43 • Setting Up a Secure Wireless Network, see page 45 •...
Page 42 Chapter 4 Tutorials Account Configuration For this example, the interface type is ADSL and the connection has the following information. General Mode Router Encapsulation PPPoE User Name 1234@DSL-Ex.com Password ABCDEF! Service Name My DSL Multiplex IPv6/IPv4 Dual Enabled Stack Auto Authentication Others IP Address: Obtain IP Address Automatically...
Page 43: Ipv6 Address Configuration
Chapter 4 Tutorials Enter or select these values and click Apply. This completes your DSL WAN connection setting. 4.3 IPv6 Address Configuration If the ISP’s network supports IPv6, the ISP may assign an IPv6 address to the ZyXEL Device automatically. IPv6 IPv6 IPv6...
Page 44: 6To4 Tunneling
Chapter 4 Tutorials In the Network > WAN screen’s IPv6 Address configuration section, select Obtain an IP Address Automatically. In the DHCP IPv6 field select DHCP to obtain an IPv6 address from a DHCPv6 server. In the DHCP PD field select Enable to have the ZyXEL Device pass the WAN prefix to LAN hosts.
Page 45: Setting Up A Secure Wireless Network
Chapter 4 Tutorials 4.4 Setting Up a Secure Wireless Network Thomas wants to set up a wireless network so that he can use his notebook to access the Internet. In this wireless network, the ZyXEL Device serves as an access point (AP), and the notebook is the wireless client.
Page 46: Using Wps
Chapter 4 Tutorials Click Network > Wireless LAN to open the AP screen. Configure the screen using the provided parameters (see page 45). Click Apply. Click the Advanced Setup button and select 802.11b+g+n in the 802.11 Mode field. Click Apply. Thomas can now use the WPS feature to establish a wireless connection between his notebook and the ZyXEL Device (see Section 4.4.2 on page...
Page 47 Chapter 4 Tutorials Note: The wireless client must be a WPS-aware device (for example, a WPS USB adapter or PCMCIA card). There are two WPS methods to set up the wireless client settings: • Push Button Configuration (PBC) - simply press a button. This is the easier of the two methods.
Page 48 Chapter 4 Tutorials The following figure shows you an example of how to set up a wireless network and its security by pressing a button on both ZyXEL Device and wireless client. Example WPS Process: PBC Method ZyXEL Device Wireless Client WITHIN 2 MINUTES Press and hold for 5 seconds...
Page 49 Chapter 4 Tutorials Enter the PIN number in the PIN field in the Network > Wireless LAN > WPS Station screen on the ZyXEL Device. Click the Start buttons (or the button next to the PIN field) on both the wireless client utility screen and the ZyXEL Device’s WPS Station screen within two minutes.
Page 50: Connecting Wirelessly To Your Zyxel Device
Chapter 4 Tutorials The following figure shows you how to set up a wireless network and its security on a ZyXEL Device and a wireless client by using PIN method. Example WPS Process: PIN Method Wireless Client ZyXEL Device WITHIN 2 MINUTES Authentication by PIN SECURITY INFO COMMUNICATION...
Page 51 Chapter 4 Tutorials Right-click the wireless adapter icon which appears in the bottom right of your computer monitor. Click View Available Wireless Networks. Tutorial: Network > Wireless LAN > SecuritOpen the Status screen. Verify your wireless and wireless security settings under Device Information and check if the WLAN connection is up under Interface Status Tutorial: Status Select the ZyXEL Device’s SSID name and click Connect (A).
Page 52: Configuring The Mac Address Filter For Restricting Wireless Internet Access
Chapter 4 Tutorials You should now be securely connected wirelessly to the ZyXEL Device. Tutorial: Network > Wireless LAN > SecuritOpen the Status screen. Verify your wireless and wireless security settings under Device Information and check if the WLAN connection is up under Interface Status Tutorial: Status Congratulations! Your computer is now ready to connect to the Internet wirelessly through your ZyXEL Device.
Page 53 Chapter 4 Tutorials Click Network > LAN > Client List to open the following screen. Look for the MAC address of Josephine’s computer. Click Network > Wireless LAN to open the AP screen. Click the Edit button in the MAC Filter field.
Page 54: Multiple Public And Private Ip Address Mappings
Chapter 4 Tutorials Select Enable MAC Filter and Deny Association. Enter the MAC address you found in the Client List screen. Click Apply. Josephine will no longer be able to access the Internet through the ZyXEL Device. 4.6 Multiple Public and Private IP Address Mappings If your ISP gives you more than one static IPv4 address for your Internet access, you can map each IP address for a specific service.
Page 55: Full Feature Nat + Many-To-Many No Overload Mapping
Chapter 4 Tutorials This tutorial uses the following example settings: Table 4 IP Settings in this Tutorial DEVICE / COMPUTER IP ADDRESS The ZyXEL Device’s WAN 172.16.1.253 (IP-1) 172.16.1.254 (IP-2) The ZyXEL Device’s LAN 192.168.1.1 192.168.1.2 192.168.1.3 a.b.c.d To do this, you can use either of the following settings: •...
Page 56 Chapter 4 Tutorials Select Active Network Address Translation(NAT) and Full Feature in the General screen. Click Apply. Click the Address Mapping tab, and then click the Edit icon on a new rule. Configure the rule using the following settings: • Type: Many-to-Many No Overload •...
Page 57: Full Feature Nat + One-To-One Mapping
Chapter 4 Tutorials 4.6.2 Full Feature NAT + One-to-One Mapping Use this setting if your applications must use fixed public IP addresses and the applications can be initiated either from the Intranet computers (A and B) or the Internet computer (C). For example, gaming application. IP-1 To configure this setting: Click Network >...
Page 58: Setting Up Nat Forwarding For A Game Server
Chapter 4 Tutorials • Rule 2 (This maps the public IP address 172.16.1.254 to the private IP address 192.168.1.3) Type: One-to-One Local Start IP: 192.168.1.3 Global Start IP: 172.16.1.254 Click Apply on each of the screens. 4.7 Setting Up NAT Forwarding for a Game Server Thomas manages a Doom server on a computer behind the ZyXEL Device.
Page 59 Chapter 4 Tutorials Thomas may set up the port settings by configuring the port settings for the Doom server computer (see Section 9.3 on page 153 for more information). Click Network > NAT > Port Forwarding and in the Service Name field select User Define. Configure the screen with the following values: Service Name Doom_Server...
Page 60: Configuring Firewall Rules To Allow A Specified Service
Chapter 4 Tutorials 4.8 Configuring Firewall Rules to Allow a Specified Service By default the firewall will block traffic originating from the WAN (1). However, if you are running a server or other service, you may need to allow access from the WAN (2). The following tutorial will show how to allow traffic from WAN to LAN if it matches a specified port number.
Page 61 Chapter 4 Tutorials Click the Rules tab. In the Packet Direction field select WAN to LAN and click Add. Tutorial: Advanced > QoS > Queue Setup The Edit Rule screen will appear. Click the Edit Customized Services link to access the following screen.
Page 62 Chapter 4 Tutorials In the Edit Rule screen, select Active. In the Available Services field, select the service you configured, My_Service. Click Apply to save your settings and Back to return to the previous screen. Tutorial: Advanced > QoS > Queue Setup The firewall rule you configured appears in the table.
Page 63: Configuring Static Route For Routing To Another Network
Chapter 4 Tutorials 4.9 Configuring Static Route for Routing to Another Network In order to extend your Intranet and control traffic flowing directions, you may connect a router to the ZyXEL Device’s LAN. The router may be used to separate two department networks. This tutorial shows how to configure a static routing rule for two network routings.
Page 64 Chapter 4 Tutorials This tutorial uses the following example IP settings: Table 5 IP Settings in this Tutorial DEVICE / COMPUTER IP ADDRESS The ZyXEL Device’s WAN 172.16.1.1 The ZyXEL Device’s LAN 192.168.1.1 192.168.1.34 R’s N1 192.168.1.253 R’s N2 192.168.10.2 192.168.10.33 To configure a static route to route traffic from N1 to N2: Log into the ZyXEL Device’s Web Configurator in advanced mode.
Page 65: Port BindingConfiguration
Chapter 4 Tutorials Now B should be able to receive traffic from A. You may need to additionally configure B’s firewall settings to allow specific traffic to pass through. 4.10 Port Binding Configuration This tutorial shows you how to configure port binding for WAN connections with different ATM QoS settings for different types of traffic.
Page 66 Chapter 4 Tutorials To configure dedicated bandwidth of 400kbps for the VoIP connection, select CBR in the ATM QoS Type field and enter the Peak Cell Rate as 943 (divide the bandwidth 400000 bps by 424). Click Apply to save the settings. To configure variable bandwidth of 2mbps for MOD data connection, select Realtime VBR in the ATM QoS Type field.
Page 67: Configuring Port Binding
Chapter 4 Tutorials Configured WAN connections can be viewed by clicking the More Connections tab under Network > WAN. See the WAN Setup chapter (Chapter 6 on page 93) for more information on configuring WAN connections and ATM QoS settings. 4.10.2 Configuring Port Binding You can then group specific WAN PVCs with LAN ports or WLANs, so traffic from these ports is forwarded through specific WAN PVCs.
Page 68: Configuring Qos To Prioritize Traffic
Chapter 4 Tutorials 4.11 Configuring QoS to Prioritize Traffic This section contains tutorials on how you can configure the QoS screen. Let’s say you are a team leader of a small sales branch office. You want to prioritize e-mail traffic because your task includes sending urgent updates to clients at least twice every hour.
Page 69 Chapter 4 Tutorials Click Advanced > QoS and check Enabled. Click Apply to save your settings. Tutorial: Advanced > QoS Go to Advanced > QoS > Queue Setup. In the Queue Enable field select Enabled and in the Queue Priority field select 1. Then click Add. Tutorial: Advanced >...
Page 70 Chapter 4 Tutorials Go to Advanced > QoS > Class Setup. In the Rule Enable field select Enabled and follow the settings as shown in the screen below. Then click Add. Tutorial: Advanced > QoS > Class Setup Source MAC Type the MAC address of your computer - AA:FF:AA:FF:AA:FF.
Page 71: Access The Zyxel Device From The Internet Using Ddns
Chapter 4 Tutorials 4.12 Access the ZyXEL Device from the Internet Using DDNS If you connect your ZyXEL Device to the Internet and it uses a dynamic WAN IP address, it is inconvenient for you to manage the device from the Internet. The ZyXEL Device’s WAN IP address changes dynamically.
Page 72: Testing The Ddns Setting
Chapter 4 Tutorials • Select Active Dynamic DNS. • Select www.dyndns.org in the Service Provider field. • Type zyxelrouter.dyndns.org in the Host Name field. • Enter the user name (UserName1) and password (12345). Click Apply. 4.12.3 Testing the DDNS Setting Now you should be able to access the ZyXEL Device from the Internet.
Page 73: Access Your Shared Files From A Computer
Chapter 4 Tutorials In the Share Directory Access Level, you can select Public to allow all users on the network to access the shared files. In this example, select Security to require users to log in to access shared files. To set up a new file sharing user account, click the Edit icon next to a User Name. Select Active and enter a user name and password.
Page 74: How To Share A Usb Printer Via Your Zyxel Device
Chapter 4 Tutorials In Windows Explorer’s Address bar type a double backslash “\\” followed by the IP address of the ZyXEL Device (the default IP address of the ZyXEL Device is 192.168.1.1) and press [ENTER]. Double-click the Public Share folder. A screen asking for password authentication appears. Type the user name and password you set up for file sharing and click OK.
Page 75 Chapter 4 Tutorials Section 21.5 on page 247 and/or Section 21.6 on page 251 for examples of how to set up a printer on your computer. The computers on your network must have the printer software already installed before they can use the printer. ADSL Router Series User’s Guide...
Page 76 Chapter 4 Tutorials ADSL Router Series User’s Guide...
Page 77: Technical Reference
Technical Reference...
Page 79: Internet And Wireless Setup Wizard
H A PT ER Internet and Wireless Setup Wizard 5.1 Overview Use the wizard setup screens to configure your system for Internet access with the information given to you by your ISP. Note: See the advanced menu chapters for background information on these fields. 5.2 Internet Access Wizard Setup After you enter the password to access the web configurator, click the wizard icon ( ) in the top...
Page 80 Chapter 5 Internet and Wireless Setup Wizard If you would like to skip your Internet setup and configure the wireless LAN settings, leave Yes selected and click Next. Figure 10 Auto Detection: No DSL Connection The following screen displays if a PPPoE or PPPoA connection is detected. Enter your Internet account information (username, password and/or service name) exactly as provided by your ISP.
Page 81 Chapter 5 Internet and Wireless Setup Wizard The following screen appears if the ZyXEL device detects a connection but not the connection type. Click Next and refer to Section 5.2.1 on page 82 on how to manually configure the ZyXEL Device for Internet access.
Page 82: Manual Configuration
Chapter 5 Internet and Wireless Setup Wizard 5.2.1 Manual Configuration If the ZyXEL Device fails to detect your DSL connection type but the physical line is connected, enter your Internet access information in the wizard screen exactly as your service provider gave it to you.
Page 83 Chapter 5 Internet and Wireless Setup Wizard Table 7 Internet Access Wizard Setup: ISP Parameters LABEL DESCRIPTION Enter the VPI assigned to you. This field may already be configured. Enter the VCI assigned to you. This field may already be configured. Back Click this to return to the previous screen without saving.
Page 84 Chapter 5 Internet and Wireless Setup Wizard The following table describes the fields in this screen. Internet Connection with PPPoE Table 8 LABEL DESCRIPTION User Name Enter the user name exactly as your ISP assigned. If assigned a name in the form user@domain where domain identifies a service name, then enter both components exactly as given.
Page 85 Chapter 5 Internet and Wireless Setup Wizard The following table describes the fields in this screen. Table 9 Internet Connection with RFC 1483 LABEL DESCRIPTION IP Address This field is available if you select Routing in the Mode field. Type your ISP assigned IP address in this field. Back Click this to return to the previous screen without saving.
Page 86 Chapter 5 Internet and Wireless Setup Wizard The following table describes the fields in this screen. Table 10 Internet Connection with ENET ENCAP LABEL DESCRIPTION Obtain an IP A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not Address fixed;...
Page 87: Wireless Connection Wizard Setup
Chapter 5 Internet and Wireless Setup Wizard Table 11 Internet Connection with PPPoA (continued) LABEL DESCRIPTION Apply Click this to save your changes. Exit Click this to close the wizard screen without saving. • If the user name and/or password you entered for PPPoE or PPPoA connection are not correct, the screen displays as shown next.
Page 88 Chapter 5 Internet and Wireless Setup Wizard Select Yes and click Next to configure wireless settings. Otherwise, select No and skip to Step 6. Figure 20 Connection Test Successful Use this screen to activate the wireless LAN. Click Next to continue. Figure 21 Wireless LAN Setup Wizard 1 The following table describes the labels in this screen.
Page 89 Chapter 5 Internet and Wireless Setup Wizard Configure your wireless settings in this screen. Click Next. Figure 22 Wireless LAN The following table describes the labels in this screen. Table 13 Wireless LAN Setup Wizard 2 LABEL DESCRIPTION Network Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless Name(SSID) LAN.
Page 90: Manually Assign A Wpa-Psk Key
Chapter 5 Internet and Wireless Setup Wizard 5.3.1 Manually Assign a WPA-PSK key Choose Manually assign a WPA-PSK key in the Wireless LAN setup screen to set up a Pre- Shared Key. Figure 23 Manually Assign a WPA-PSK key The following table describes the labels in this screen. Table 14 Manually Assign a WPA-PSK key LABEL DESCRIPTION...
Page 91 Chapter 5 Internet and Wireless Setup Wizard The following table describes the labels in this screen. Table 15 Manually Assign a WEP key LABEL DESCRIPTION The WEP keys are used to encrypt data. Both the ZyXEL Device and the wireless stations must use the same WEP key for data transmission.
Page 92 Chapter 5 Internet and Wireless Setup Wizard Note: No wireless LAN settings display if you chose not to configure wireless LAN settings. Figure 26 Internet Access and WLAN Wizard Setup Complete Launch your web browser and navigate to www.zyxel.com. Internet access is just the beginning. Refer to the rest of this guide for more detailed information on the complete range of ZyXEL Device features.
Page 93: Wan Setup
H A PT ER WAN Setup 6.1 Overview This chapter describes how to configure WAN settings from the WAN screens. Use these screens to configure your ZyXEL Device for Internet access. A WAN (Wide Area Network) connection is an outside connection to another network or the Internet.
Page 94: Before You Begin
Chapter 6 WAN Setup networks. It can be static (fixed) or dynamically assigned by the ISP each time the ZyXEL Device tries to access the Internet. If your ISP assigns you a static WAN IP address, they should also assign you the subnet mask and DNS server IP address(es) (and a gateway IP address if you use the Ethernet or ENET ENCAP encapsulation method).
Page 95: The Internet Access Setup Screen
Chapter 6 WAN Setup 6.2 The Internet Access Setup Screen Use this screen to change your ZyXEL Device’s WAN settings. Click Network > WAN > Internet Access Setup. The screen differs by the WAN type and encapsulation you select. Figure 28 Network > WAN >Internet Access Setup ADSL Router Series User’s Guide...
Page 96 Chapter 6 WAN Setup The following table describes the labels in this screen. Table 16 Network > WAN > Internet Access Setup LABEL DESCRIPTION Line ADSL Mode Select the mode supported by your ISP. Use Auto Sync-Up if you are not sure which mode to choose from. The ZyXEL Device dynamically diagnoses the mode supported by the ISP and selects the best compatible one for your connection.
Page 97 Chapter 6 WAN Setup Table 16 Network > WAN > Internet Access Setup (continued) LABEL DESCRIPTION IP Address This option is available if you select Routing in the Mode field. A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not fixed;...
Page 98: Advanced Internet Access Setup
Chapter 6 WAN Setup Table 16 Network > WAN > Internet Access Setup (continued) LABEL DESCRIPTION WAN Identifier If you selected Manual, enter the WAN Identifier in this field. The WAN identifier should be unique and 64 bits in hexadecimal form. Every 16 bit block should be separated by a colon as in XXXX:XXXX:XXXX:XXXX where X is a hexadecimal character.
Page 99 Chapter 6 WAN Setup The following table describes the labels in this screen. Table 17 Network > WAN > Internet Access Setup: Advanced Setup LABEL DESCRIPTION RIP & Multicast Setup This section is not available when you configure the ZyXEL Device to be in bridge mode.
Page 100: The More Connections Screen
Chapter 6 WAN Setup 6.3 The More Connections Screen The ZyXEL Device allows you to configure more than one Internet access connection. To configure additional Internet access connections click Network > WAN > More Connections. The screen differs by the encapsulation you select. When you use the WAN > Internet Access Setup screen to set up Internet access, you are configuring the first WAN connection.
Page 101: More Connections Edit
Chapter 6 WAN Setup 6.3.1 More Connections Edit Use this screen to configure a connection. Click the edit icon in the More Connections screen to display the following screen. Figure 31 Network > WAN > More Connections: Edit The following table describes the labels in this screen. Table 19 Network >...
Page 102 Chapter 6 WAN Setup Table 19 Network > WAN > More Connections: Edit (continued) LABEL DESCRIPTION Encapsulation Select the method of encapsulation used by your ISP from the drop-down list box. Choices vary depending on the mode you select in the Mode field. If you select Routing in the Mode field, select PPPoA, RFC 1483, ENET ENCAP or PPPoE.
Page 103: Configuring More Connections Advanced Setup
Chapter 6 WAN Setup Table 19 Network > WAN > More Connections: Edit (continued) LABEL DESCRIPTION IPv6 Default Gateway If Static IP Address is enabled, enter the IPv6 address of the default gateway IPv6 DNS Server1 If Static IP Address is enabled, enter the primary DNS server IPv6 address for the ZyXEL Device.
Page 104: Wan Technical Reference
Chapter 6 WAN Setup The following table describes the labels in this screen. Table 20 Network > WAN > More Connections: Edit: Advanced Setup LABEL DESCRIPTION RIP & Multicast Setup RIP Direction Select the RIP Direction from None, Both, In Only and Out Only. Version This field is not configurable if you select None in the RIP Direction field.
Page 105: Multiplexing
Chapter 6 WAN Setup 6.4.1.1 ENET ENCAP The MAC Encapsulated Routing Link Protocol (ENET ENCAP) is only implemented with the IP network protocol. IP packets are routed between the Ethernet interface and the WAN interface and then formatted so that they can be understood in a bridged environment. For instance, it encapsulates routed Ethernet frames into bridged ATM cells.
Page 106: Vpi And Vci
Chapter 6 WAN Setup VC-based Multiplexing In this case, by prior mutual agreement, each protocol is assigned to a specific virtual circuit; for example, VC1 carries IP, etc. VC-based multiplexing may be dominant in environments where dynamic creation of large numbers of ATM VCs is fast and economical. LLC-based Multiplexing In this case one VC carries multiple protocols with protocol identifying information being contained in each packet header.
Page 107: Nat
Chapter 6 WAN Setup Do not specify a nailed-up connection unless your telephone company offers flat-rate service or you need a constant connection and the cost is of no concern. 6.4.6 NAT NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network.
Page 108: Atm Traffic Classes
Chapter 6 WAN Setup 6.5.1 ATM Traffic Classes These are the basic ATM traffic classes defined by the ATM Forum Traffic Management 4.0 Specification. Constant Bit Rate (CBR) Constant Bit Rate (CBR) provides fixed bandwidth that is always available even if no data is being sent.
Page 109: Lan Setup
H A PT ER LAN Setup 7.1 Overview A Local Area Network (LAN) is a shared communication system to which many networking devices are connected. It is usually located in one immediate area such as a building or floor of a building. Use the LAN screens to help you configure a LAN DHCP server and manage IP addresses.
Page 110: Before You Begin
Chapter 7 LAN Setup Subnet Mask Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks. DHCP A DHCP (Dynamic Host Configuration Protocol) server can assign your ZyXEL Device an IP address, subnet mask, DNS and other routing information when it's turned on.
Page 111: The Advanced Lan Ip Setup Screen
Chapter 7 LAN Setup Enter an IP address into the IP Address field. The IP address must be in dotted decimal notation. This will become the IP address of your ZyXEL Device. Enter the IP subnet mask into the IP Subnet Mask field. Unless instructed otherwise it is best to leave this alone, the configurator will automatically compute a subnet mask based upon the IP address you entered.
Page 112: The Dhcp Setup Screen
Chapter 7 LAN Setup The following table describes the labels in this screen. Table 22 Network > LAN > IP: Advanced Setup LABEL DESCRIPTION RIP & Multicast Setup RIP Direction Select the RIP Direction from None, Both, In Only and Out Only. RIP Version This field is not configurable if you select None in the RIP Direction field.
Page 113: The Client List Screen
Chapter 7 LAN Setup The following table describes the labels in this screen. Table 23 Network > LAN > DHCP Setup LABEL DESCRIPTION DHCP Setup DHCP If set to Server, your ZyXEL Device can assign IP addresses, an IP default gateway and DNS servers to Windows 95, Windows NT and other systems that support the DHCP client.
Page 114: The Ip Alias Screen
Chapter 7 LAN Setup Use this screen to change your ZyXEL Device’s static DHCP settings. Click Network > LAN > Client List to open the following screen. Figure 37 Network > LAN > Client List The following table describes the labels in this screen. Table 24 Network >...
Page 115: Configuring The Lan Ip Alias Screen
Chapter 7 LAN Setup 7.5.1 Configuring the LAN IP Alias Screen Use this screen to change your ZyXEL Device’s IP alias settings. Click Network > LAN > IP Alias to open the following screen. Figure 38 Network > LAN > IP Alias The following table describes the labels in this screen.
Page 116: The Ipv6 Screen
Chapter 7 LAN Setup 7.6 The IPv6 Screen Use this screen to configure the IPv6 settings for your ZyXEL Device’s LAN interface. See Appendix E on page 341 for background information about IPv6. Figure 39 Network > LAN > IPv6 ADSL Router Series User’s Guide...
Page 117 Chapter 7 LAN Setup The following table describes the labels in this screen. Table 26 Network > LAN > IPv6 LABEL DESCRIPTION IPv6 Link Local Address Select Manual to manually enter a link local address. Select EUI64 to use the EUI-64 Type format to generate a link local address from the Ethernet MAC address.
Page 118 Chapter 7 LAN Setup LABEL DESCRIPTION Delegate M/O flag Select this to have the ZyXEL Device obtain the M/O (Managed/Other) flag setting from WAN from the service provider or uplink router. Manual Select this to specify the M/O flag setting manually. Managed config Select this to have the ZyXEL Device indicate to hosts to obtain network settings (such flag on...
Page 119: Lan Technical Reference
Chapter 7 LAN Setup 7.7 LAN Technical Reference This section provides some technical background information about the topics covered in this chapter. 7.7.1 LANs, WANs and the ZyXEL Device The actual physical connection determines whether the ZyXEL Device ports are LAN or WAN ports. There are two separate IP networks, one inside the LAN network and the other outside the WAN network as shown next.
Page 120: Lan Tcp/Ip
Chapter 7 LAN Setup • Some ISPs choose to disseminate the DNS server addresses using the DNS server extensions of IPCP (IP Control Protocol) after the connection is up. If your ISP did not give you explicit DNS servers, chances are the DNS servers are conveyed through IPCP negotiation. The ZyXEL Device supports the IPCP DNS server extensions through the DNS proxy feature.
Page 121: Rip Setup
Chapter 7 LAN Setup • 192.168.0.0 — 192.168.255.255 You can obtain your IP address from the IANA, from an ISP or it can be assigned from a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks.
Page 122 Chapter 7 LAN Setup (including gateways). All hosts must join the 224.0.0.1 group in order to participate in IGMP. The address 224.0.0.2 is assigned to the multicast routers group. At start up, the ZyXEL Device queries all directly connected networks to gather group membership. After that, the ZyXEL Device periodically updates this information.
Page 123: Wireless Lan
H A PT ER Wireless LAN 8.1 Overview This chapter describes how to perform tasks related to setting up and optimizing your wireless network, including the following. • Turning the wireless connection on or off. • Configuring a name, wireless channel and security for the network. •...
Page 124: Before You Start
Chapter 8 Wireless LAN another. A wireless networking device is just like a radio that lets your computer exchange information with radios attached to other computers. Like walkie-talkies, most wireless networking devices operate at radio frequency bands that are open to the public and do not require a license to use.
Page 125: The Ap Screen
Chapter 8 Wireless LAN 8.2 The AP Screen Use this screen to configure the wireless settings of your ZyXEL Device. Click Network > Wireless LAN to open the AP screen. Figure 41 Network > Wireless LAN > AP The following table describes the labels in this screen. Table 27 Network >...
Page 126: No Security
Chapter 8 Wireless LAN Table 27 Network > Wireless LAN > AP LABEL DESCRIPTION Edit Click this to go to the MAC Filter screen to configure MAC filter settings. See Section 8.2.5 on page 130 for more details. This shows whether Quality of Service (QoS) is activated or the priority level for wireless traffic with this SSID.
Page 127: Wep Encryption
Chapter 8 Wireless LAN 8.2.2 WEP Encryption Use this screen to configure and enable WEP encryption. Click Network > Wireless LAN to display the AP screen. Select Static WEP from the Security Mode list. Note: WEP is extremely insecure. Its encryption can be broken by an attacker, using widely-available software.
Page 128: Wpa(2)-Psk
Chapter 8 Wireless LAN 8.2.3 WPA(2)-PSK Use this screen to configure and enable WPA(2)-PSK authentication. Click Network > Wireless LAN to display the AP screen. Select WPA-PSK or WPA2-PSK from the Security Mode list. Figure 44 Network > Wireless LAN > AP: WPA(2)-PSK The following table describes the wireless LAN security labels in this screen.
Page 129 Chapter 8 Wireless LAN Section 8.8.2 on page 139 for detailed definitions of the terms listed in this screen. Figure 45 Network > Wireless LAN > AP: Advanced Setup The following table describes the labels in this screen. Table 31 Network > Wireless LAN > AP: Advanced Setup LABEL DESCRIPTION RTS/CTS...
Page 130: Mac Filter
Chapter 8 Wireless LAN Table 31 Network > Wireless LAN > AP: Advanced Setup LABEL DESCRIPTION Channel Width Select whether the ZyXEL Device uses a wireless channel width of 20MHz or Auto. If Auto is selected, the ZyXEL Device will use 40MHz if it is supported. A standard 20MHz channel offers transfer speeds of up to 150Mbps whereas a 40MHz channel uses two standard channels and offers speeds of up to 300 Mbps.
Page 131: The More Ap Screen
Chapter 8 Wireless LAN The following table describes the labels in this screen. Table 32 Network > Wireless LAN > AP: MAC Address Filter LABEL DESCRIPTION Enable MAC Select the check box to enable MAC address filtering. Filter Define the filter action for the list of MAC addresses in the MAC Address table. Filter Action Select Deny to block access to the ZyXEL Device.
Page 132: More Ap Edit
Chapter 8 Wireless LAN Table 33 Network > Wireless LAN > More AP LABEL DESCRIPTION Security This field indicates the security mode of the SSID profile. Modify Click the Edit icon to configure the SSID profile. Click the Remove icon to hide the SSID in the outgoing beacon frame so a station cannot obtain the SSID through scanning using a site survey tool.
Page 133: The Wps Screen
Chapter 8 Wireless LAN Table 34 Network > Wireless LAN > More AP: Edit LABEL DESCRIPTION Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. 8.4 The WPS Screen Use this screen to configure WiFi Protected Setup (WPS) on your ZyXEL Device. WPS allows you to quickly set up a wireless network with strong security, without having to configure security settings manually.
Page 134: The Wps Station Screen
Chapter 8 Wireless LAN Table 35 Network > Wireless LAN > WPS LABEL DESCRIPTION Release This button is available when the WPS status is Configured. Click this button to remove all configured wireless and wireless security settings for WPS connections on the ZyXEL Device. Apply Click this to save your changes.
Page 135: The Wds Screen
Chapter 8 Wireless LAN 8.6 The WDS Screen An AP using the Wireless Distribution System (WDS) can function as a wireless network bridge allowing you to wirelessly connect two wired network segments. The WDS screen allows you to configure the ZyXEL Device to connect to two or more APs wirelessly when WDS is enabled. Use this screen to set up your WDS (Wireless Distribution System) links between the ZyXEL Device and other wireless APs.
Page 136: The Scheduling Screen
Chapter 8 Wireless LAN Table 37 Network > Wireless LAN > WDS LABEL DESCRIPTION Remote Bridge Type the MAC address of the peer device in a valid MAC address format (six hexadecimal MAC Address character pairs, for example 12:34:56:78:9a:bc). Enter a Pre-Shared Key (PSK) from 8 to 63 case-sensitive ASCII characters (including spaces and symbols).
Page 137: Wireless Lan Technical Reference
Chapter 8 Wireless LAN Table 38 Network > Wireless LAN > Scheduling LABEL DESCRIPTION Apply Click this to save your changes. Reset Click this to restore your previously saved settings. 8.8 Wireless LAN Technical Reference This section discusses wireless LANs in depth. For more information, see the appendix. 8.8.1 Wireless Network Overview Wireless networks consist of wireless clients, access points and bridges.
Page 138 Chapter 8 Wireless LAN The following figure provides an example of a wireless network. Figure 53 Example of a Wireless Network The wireless network is the part in the blue circle. In this wireless network, devices A and B use the access point (AP) to interact with the other devices (such as the printer) or with the Internet.
Page 139: Additional Wireless Terms
Chapter 8 Wireless LAN 8.8.2 Additional Wireless Terms The following table describes some wireless network terms and acronyms used in the ZyXEL Device’s Web Configurator. Table 39 Additional Wireless Terms TERM DESCRIPTION RTS/CTS Threshold In a wireless network which covers a large area, wireless devices are sometimes not aware of each other’s presence.
Page 140 Chapter 8 Wireless LAN A good way to come up with effective security keys, passwords and so on is to use obscure information that you personally will easily remember, and to enter it in a way that appears random and does not include real words. For example, if your mother owns a 1970 Dodge Challenger and her favorite movie is Vanishing Point (which you know was made in 1971) you could use “70dodchal71vanpoi”...
Page 141: Signal Problems
Chapter 8 Wireless LAN 8.8.3.4 Encryption Wireless networks can use encryption to protect the information that is sent in the wireless network. Encryption is like a secret code. If you do not know the secret code, you cannot understand the message. The types of encryption you can choose depend on the type of authentication.
Page 142: Bss
Chapter 8 Wireless LAN 8.8.5 BSS A Basic Service Set (BSS) exists when all communications between wireless stations or between a wireless station and a wired network client go through one access point (AP). Intra-BSS traffic is traffic between wireless stations in the BSS. When Intra-BSS traffic blocking is disabled, wireless station A and B can access the wired network and communicate with each other.
Page 143: Wireless Distribution System (Wds)
Chapter 8 Wireless LAN • MBSSID should not replace but rather be used in conjunction with 802.1x security. 8.8.7 Wireless Distribution System (WDS) The ZyXEL Device can act as a wireless network bridge and establish WDS (Wireless Distribution System) links with other APs. You need to know the MAC addresses of the APs you want to link to. Once the security settings of peer sides match one another, the connection between devices is made.
Page 144 Chapter 8 Wireless LAN Look for a WPS button on each device. If the device does not have one, log into its configuration utility and locate the button (see the device’s User’s Guide for how to do this - for the ZyXEL Device, see Section 8.5 on page 134).
Page 145 Chapter 8 Wireless LAN The following figure shows a WPS-enabled wireless client (installed in a notebook computer) connecting to the WPS-enabled AP via the PIN method. Figure 56 Example WPS Process: PIN Method ENROLLEE REGISTRAR This device’s WPS PIN: 123456 Enter WPS PIN from other device: START...
Page 146 Chapter 8 Wireless LAN The following figure shows a WPS-enabled client (installed in a notebook computer) connecting to a WPS-enabled access point. Figure 57 How WPS works ACTIVATE ACTIVATE WITHIN 2 MINUTES WPS HANDSHAKE ENROLLEE REGISTRAR SECURE TUNNEL SECURITY INFO COMMUNICATION The roles of registrar and enrollee last only as long as the WPS setup process is active (two minutes).
Page 147 Chapter 8 Wireless LAN is the registrar, and Client 1 is the enrollee. The registrar randomly generates the security information to set up the network, since it is unconfigured and has no existing information. Figure 58 WPS: Example Network Step 1 ENROLLEE REGISTRAR SECURITY INFO...
Page 148 Chapter 8 Wireless LAN In step 3, you add another access point (AP2) to your network. AP2 is out of range of AP1, so you cannot use AP1 for the WPS handshake with the new access point. However, you know that Client 2 supports the registrar function, so you use it to perform the WPS handshake instead.
Page 149 Chapter 8 Wireless LAN • When you use the PBC method, there is a short period (from the moment you press the button on one device to the moment you press the button on the other device) when any WPS-enabled device could join the network.
Page 150 Chapter 8 Wireless LAN ADSL Router Series User’s Guide...
Page 151: Network Address Translation (Nat)
H A PT ER Network Address Translation (NAT) 9.1 Overview This chapter discusses how to configure NAT on the ZyXEL Device. NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network.
Page 152: The Nat General Setup Screen
Chapter 9 Network Address Translation (NAT) Port Forwarding A port forwarding set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visible to the outside world even though NAT makes your whole inside network appear as a single computer to the outside world.
Page 153: The Port Forwarding Screen
Chapter 9 Network Address Translation (NAT) Table 41 Network > NAT > General (continued) LABEL DESCRIPTION Max NAT/Firewall When computers use peer to peer applications, such as file sharing applications, they Session Per User need to establish NAT sessions. If you do not limit the number of NAT sessions a single client can establish, this can result in all of the available NAT sessions being used.
Page 154: Configuring The Port Forwarding Screen
Chapter 9 Network Address Translation (NAT) third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 62 Multiple Servers Behind NAT Example A=192.168.1.33 B=192.168.1.34 192.168.1.1...
Page 155: The Port Forwarding Rule Edit Screen
Chapter 9 Network Address Translation (NAT) Table 42 Network > NAT > Port Forwarding (continued) LABEL DESCRIPTION Active This field indicates whether the rule is active or not. Clear the check box to disable the rule. Select the check box to enable it. Service Name This is a service’s name.
Page 156: The Address Mapping Screen
Chapter 9 Network Address Translation (NAT) Table 43 Network > NAT > Port Forwarding: Edit (continued) LABEL DESCRIPTION End Port Enter a port number in this field. To forward only one port, enter the port number again in the Start Port field above and then enter it again in this field.
Page 157: The Address Mapping Rule Edit Screen
Chapter 9 Network Address Translation (NAT) The following table describes the fields in this screen. Table 44 Network > NAT > Address Mapping LABEL DESCRIPTION This is the rule index number. Local Start IP This is the starting Inside Local IP Address (ILA). Local IP addresses are N/A for Server port mapping.
Page 158: The Alg Screen
Chapter 9 Network Address Translation (NAT) The following table describes the fields in this screen. Table 45 Network > NAT > Address Mapping: Edit LABEL DESCRIPTION Type Choose the port mapping type from one of the following. One-to-One: One-to-One mode maps one local IP address to one global IP address. Note that port numbers do not change for One-to-one NAT mapping type.
Page 159: Nat Technical Reference
Chapter 9 Network Address Translation (NAT) Use this screen to enable and disable the SIP (VoIP) ALG in the ZyXEL Device. To access this screen, click Network > NAT > ALG. Figure 67 Network > NAT > ALG The following table describes the fields in this screen. Table 46 Network >...
Page 160: What Nat Does
Chapter 9 Network Address Translation (NAT) Table 47 NAT Definitions (continued) ITEM DESCRIPTION Local This refers to the packet address (source or destination) as the packet travels on the LAN. Global This refers to the packet address (source or destination) as the packet travels on the WAN. NAT never changes the IP address (either local or global) of an outside host.
Page 161: Nat Application
Chapter 9 Network Address Translation (NAT) 9.6.4 NAT Application The following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP alias) behind the ZyXEL Device can communicate with three distinct WAN networks. Figure 69 NAT Application With IP Alias 9.6.5 NAT Mapping Types NAT supports five types of IP/port mapping.
Page 162 Chapter 9 Network Address Translation (NAT) The following table summarizes these types. Table 48 NAT Mapping Types TYPE IP MAPPING One-to-One ILA1 IGA1 Many-to-One (SUA/PAT) ILA1 IGA1 ILA2 IGA1 … Many-to-Many Overload ILA1 IGA1 ILA2 IGA2 ILA3 IGA1 ILA4 IGA2 …...
Page 163: Firewall
HAPTER Firewall 10.1 Overview This chapter shows you how to enable the ZyXEL Device firewall. Use the firewall to protect your ZyXEL Device and network from attacks by hackers on the Internet and control access to it. The firewall: • allows traffic that originates from your LAN computers to go to all other networks. •...
Page 164: What You Need To Know About Firewall
Chapter 10 Firewall • Use the DoS screen (Section 10.6 on page 174) to set the thresholds that the ZyXEL Device uses to determine when to start dropping sessions that do not become fully established (half-open sessions). 10.1.2 What You Need to Know About Firewall SYN Attack A SYN attack floods a targeted system with a series of SYN packets.
Page 165 Chapter 10 Firewall can be carried out through ICMPv6. Since ICMPv6 error messages are critical for establishing and maintaining communications, filtering policy focuses on ICMPv6 informational messages. Anti-Probing If an outside user attempts to probe an unsupported port on your ZyXEL Device, an ICMP response packet is automatically returned.
Page 166: The Firewall Screen
Chapter 10 Firewall 10.2 The Firewall Screen Use this screen to enable firewall and/or SPI. Click Security > Firewall to display the following screen. Note: The firewall configuration screen shown in this section is specific to the following devices: P-660HN-TxA, P-660HN-Tx, P-660N-TxA, P-660HN-T1H. Figure 71 Security >...
Page 167: The Firewall General Screen
Chapter 10 Firewall 10.3 The Firewall General Screen Use this screen to select the firewall protection level on the ZyXEL Device. Click Security > Firewall > General to display the following screen. Note: The firewall configuration screen shown in this section is specific to the following devices: P-660HNU-Tx, P-660HU-Tx.
Page 168: The Default Action Screen
Chapter 10 Firewall 10.4 The Default Action Screen Use this screen to set the default action that the firewall takes on packets that do not match any of the firewall rules. Click Security > Firewall > Default Action to display the following screen. Note: The firewall configuration screen shown in this section is specific to the following devices: P-660HNU-Tx, P-660HU-Tx.
Page 169: The Rules Screen
Chapter 10 Firewall 10.5 The Rules Screen Click Security > Firewall > Rules to display the following screen. This screen displays a list of the configured firewall rules. Note the order in which the rules are listed. Note: The firewall configuration screen shown in this section is specific to the following devices: P-660HNU-Tx, P-660HU-Tx.
Page 170: The Rules Add Screen
Chapter 10 Firewall Table 52 Security > Firewall > Rules LABEL DESCRIPTION Destination IP Address This column displays the destination addresses or ranges of addresses to which this firewall rule applies. Please note that a blank source or destination address is equivalent to Any.
Page 171 Chapter 10 Firewall Note: The firewall configuration screen shown in this section is specific to the following devices: P-660HNU-Tx, P-660HU-Tx devices. Figure 75 Security > Firewall > Rules > Add The following table describes the labels in this screen. Table 53 Security > Firewall > Rules > Add LABEL DESCRIPTION Active...
Page 172: Customized Services
Chapter 10 Firewall Table 53 Security > Firewall > Rules > Add LABEL DESCRIPTION Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. 10.5.2 Customized Services Note: The firewall configuration screen shown in this section is specific to the following devices: P-660HNU-Tx, P-660HU-Tx devices.
Page 173 Chapter 10 Firewall Use this screen to add a customized rule or edit an existing rule. Click a rule number in the Firewall Customized Services screen to display the following screen. Figure 77 Security > Firewall > Rules: Edit: Edit Customized Services: Config The following table describes the labels in this screen.
Page 174: The Dos Screen
Chapter 10 Firewall 10.6 The DoS Screen Use this screen to enable DoS protection. Click Security > Firewall > DoS to display the following screen. Figure 78 Security > Firewall > DoS The following table describes the labels in this screen. Table 56 Security >...
Page 175: Configuring Firewall Thresholds
Chapter 10 Firewall For UDP, half-open means that the firewall has detected no return traffic. An unusually high number (or arrival rate) of half-open sessions could indicate a DOS attack. 10.6.1.1 Threshold Values If everything is working properly, you probably do not need to change the threshold settings as the default threshold values should work for most small offices.
Page 176: Firewall Technical Reference
Chapter 10 Firewall The following table describes the labels in this screen. Table 57 Security > Firewall > DoS > Advanced LABEL DESCRIPTION TCP SYN-Request This is the rate of new TCP half-open sessions per second that causes the firewall to Count start deleting half-open sessions.
Page 177: Guidelines For Enhancing Security With Your Firewall
Chapter 10 Firewall • LAN to WAN These rules specify which computers on the LAN can access which computers or services on the WAN. By default, the ZyXEL Device’s stateful packet inspection drops packets traveling in the following directions: • WAN to LAN These rules specify which computers on the WAN can access which computers or services on the LAN.
Page 178: Security Considerations
Chapter 10 Firewall 12 Keep the firewall in a secured (locked) room. 10.7.3 Security Considerations Note: Incorrectly configuring the firewall may block valid access or introduce security risks to the ZyXEL Device and your protected network. Use caution when creating or deleting firewall rules and test your rules after you configure them.
Page 179 Chapter 10 Firewall The ZyXEL Device reroutes the SYN packet through Gateway A on the LAN to the WAN. The reply from the WAN goes directly to the computer on the LAN without going through the ZyXEL Device. As a result, the ZyXEL Device resets the connection, as the connection has not been acknowledged. Figure 82 “Triangle Route”...
Page 180 Chapter 10 Firewall The ZyXEL Device then sends it to the computer on the LAN in Subnet 1. Figure 83 IP Alias Subnet 1 ISP 1 ISP 2 Subnet 2 ADSL Router Series User’s Guide...
Page 181: Filters
HAPTER Filters 11.1 Overview This chapter introduces three types of filters supported by the ZyXEL Device. You can configure rules to restrict traffic by IP addresses, MAC addresses, IPv6 addresses and/or URLs. 11.1.1 What You Can Do in the Filter Screens •...
Page 182: The Url Filter Screen
Chapter 11 Filters 11.2 The URL Filter Screen Use this screen to block websites by URL. Click Security > Filter > URL Filter. The screen appears as shown. Figure 84 Security > Filter > URL Filter The following table describes the labels in this screen. Table 58 Security >...
Page 183: The Application Filter Screen
Chapter 11 Filters 11.3 The Application Filter Screen Use this screen to allow or deny traffic for certain types of applications. The application filter provides a convenient way to manage the use of various applications on the network. Click Security > Filter > Application Filter. The screen appears as shown. Figure 85 Security >...
Page 184: The Ip/Mac Filter Screen
Chapter 11 Filters 11.4 The IP/MAC Filter Screen Use this screen to create and apply IP and MAC filters. Click Security > Filter > IP/MAC Filter. The screen appears as shown. Security > Filter > IP/MAC Filter Figure 86 The following table describes the labels in this screen. Security >...
Page 185 Chapter 11 Filters Security > Filter > IP/MAC Filter (continued) Table 60 LABEL DESCRIPTION Rule Type Select IP or MAC type to configure the rule. Use the IP Filter to block or allow traffic by IP addresses. Use the MAC Filter to block or allow traffic by MAC address. Source IP Address Enter the source IP address of the packets you wish to filter.
Page 186: Ipv6/Mac Filter
Chapter 11 Filters 11.5 IPv6/MAC Filter Use this screen to create and apply IPv6 filters. Click Security > Filter > IPv6/MAC Filter. The screen appears as shown. Security > Filter > IPv6/MAC Filter Figure 87 The following table describes the labels in this screen. Table 61 Security >...
Page 187 Chapter 11 Filters Table 61 Security > Filter > IPv6/MAC Filter (continued) LABEL DESCRIPTION Rule Type Select IP or MAC type to configure the rule. Use the IP Filter to block or allow traffic by IPv6 addresses. Use the MAC Filter to block or allow traffic by MAC address. Source IPv6 Address Enter the source IPv6 address of the packets you wish to filter.
Page 188 Chapter 11 Filters Table 61 Security > Filter > IPv6/MAC Filter (continued) LABEL DESCRIPTION Src IP/PrefixLength This displays the source IPv6 address and prefix length. Dest IP/PrefixLength This displays the destination IPv6 address and prefix length. Mac Address This is the MAC address of the packets being filtered. Protocol This is the (upper layer) protocol that defines the service to which this rule applies.
Page 189: Certificate
HAPTER Certificate 12.1 Overview The ZyXEL Device can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication. 12.1.1 What You Can Do in this Chapter •...
Page 190 Chapter 12 Certificate being trustworthy; thus you do not need to import any certificate that is signed by one of these certification authorities. Figure 88 Trusted CA The following table describes the fields in this screen. Table 62 Trusted CA LABEL DESCRIPTION Name...
Page 191: View Trusted Ca Certificate
Chapter 12 Certificate 12.3.1 View Trusted CA Certificate Click the View button in the Trusted CA screen to open the following screen. Use this screen to view in-depth information about the certification authority’s certificate. Figure 89 Trusted CA: View The following table describes the fields in this screen. Table 63 Trusted CA: View LABEL DESCRIPTION...
Page 192: Import Trusted Ca Certificate
Chapter 12 Certificate 12.3.2 Import Trusted CA Certificate Click the Import Certificate button in the Trusted CA screen to open the following screen. The ZyXEL Device trusts any valid certificate signed by any of the imported trusted CA certificates. Figure 90 Trusted CA: Import Certificate The following table describes the fields in this screen.
Page 193: Static Route
HAPTER Static Route 13.1 Overview The ZyXEL Device usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the ZyXEL Device send data to devices not reachable through the default gateway, use static routes. For example, the next figure shows a computer (A) connected to the ZyXEL Device’s LAN interface.
Page 194: What You Can Do In The Static Route Screens
Chapter 13 Static Route 13.1.1 What You Can Do in the Static Route Screens • Use the Static Route screens (Section 13.2 on page 194) to view and configure IP static routes on the ZyXEL Device. • Use the IPv6 Static Route screens (Section 13.2.2 on page 196) to view and configure IPv6 static routes on the ZyXEL Device.
Page 195: Static Route Edit
Chapter 13 Static Route 13.2.1 Static Route Edit Use this screen to configure the required information for a static route. Select a static route index number and click Edit. The screen shown next appears. Figure 93 Advanced > Static Route: Edit The following table describes the labels in this screen.
Page 196: Ipv6 Static Route
Chapter 13 Static Route 13.2.2 IPv6 Static Route Use this screen to view the IPv6 static route rules. Click Advanced > Static Route > IPv6 Static Route to open the IPv6 Static Route screen. Figure 94 Advanced > Static Route > IPv6 Static Route The following table describes the labels in this screen.
Page 197: Ipv6 Static Route Edit
Chapter 13 Static Route 13.2.3 IPv6 Static Route Edit Use this screen to configure the required information for an IPv6 static route. Select an IPv6 static route index number and click Edit. The screen shown next appears. Figure 95 Advanced > Static Route > IPv6 Static Route: Edit The following table describes the labels in this screen.
Page 198 Chapter 13 Static Route ADSL Router Series User’s Guide...
Page 199: Port Binding
HAPTER Port Binding 14.1 Overview This chapter describes how to configure the port binding settings. Port binding allows you to aggregate port connections into logical groups. You may bind WAN PVCs to Ethernet ports and WLANs to specify how traffic is forwarded. Different ATM QoS settings can be specified for each WAN PVC to meet bandwidth requirements for the type of traffic to be transferred.
Page 200: What You Can Do In The Port Binding Screens
Chapter 14 Port Binding If a WAN PVC is bound to an ethernet port, traffic from the ethernet port will only be forwarded through the specified WAN PVC and vice versa. If a port is not in a port binding group, traffic to and from the port will be forwarded according to the routing table.
Page 201: Port Binding Summary Screen
Chapter 14 Port Binding Table 69 Advanced > Port Binding (continued) LABEL DESCRIPTION Ethernet Select the Ethernet (Eth) ports to include in the port binding group. Each Ethernet port can only be bound to one group. WLAN Select the WLAN (AP) connections to include in the port binding group. Additional APs can be enabled on the More AP screen (Section 8.3 on page 131).
Page 202 Chapter 14 Port Binding ADSL Router Series User’s Guide...
Page 203: Q/1P
HAPTER 802.1Q/1P 15.1 Overview This chapter describes how to configure the 802.1Q/1P settings. A Virtual Local Area Network (VLAN) allows a physical network to be partitioned into multiple logical networks. A VLAN group can be treated as an individual device. Each group can have its own rules about where and how to forward traffic.
Page 204: The 802.1Q/1P Group Setting Screen
Chapter 15 802.1Q/1P A virtual circuit is a logical point-to-point circuit between customer sites. Permanent means that the circuit is preprogrammed by the carrier as a path through the network. It does not need to be set up or torn down for each session. Forwarding Tagged and Untagged Frames Each port on the device is capable of passing tagged or untagged frames.
Page 205 Chapter 15 802.1Q/1P Note: If the WAN interface in the VLAN group is not the default router, you need to create a static route to communicate with the WAN. Figure 100 Advanced > 802.1Q/1P > Group Setting The following table describes the labels in this screen. Table 71 Advanced >...
Page 206: Editing 802.1Q/1P Group Setting
Chapter 15 802.1Q/1P 15.2.1 Editing 802.1Q/1P Group Setting Use this screen to configure the settings for each VLAN group. In the 802.1Q/1P screen, click the Edit button from the Modify filed to display the following screen. Figure 101 Advanced > 802.1Q/1P > Group Setting > Edit The following table describes the labels in this screen.
Page 207: The 802.1Q/1P Port Setting Screen
Chapter 15 802.1Q/1P 15.3 The 802.1Q/1P Port Setting Screen Use this screen to configure the PVID for each port. Click Advanced > 802.1Q/1P > Port Setting to display the following screen. Figure 102 Advanced > 802.1Q/1P > Port Setting The following table describes the labels in this screen. Table 73 Advanced >...
Page 208 Chapter 15 802.1Q/1P ADSL Router Series User’s Guide...
Page 209: Quality Of Service (Qos)
HAPTER Quality of Service (QoS) 16.1 Overview Use the QoS screen to set up your ZyXEL Device to use QoS for traffic management. Quality of Service (QoS) refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to control bandwidth.
Page 210: What You Need To Know About Qos
Chapter 16 Quality of Service (QoS) • Use the QoS Summary List screen (Section 16.2.1 on page 211) to check the summary of QoS rules and actions you configured for the ZyXEL Device. • Use the Queue Setup screen (Section 16.3 on page 212) to configure QoS settings on the ZyXEL Device.
Page 211: The Qos Summary List Screen
Chapter 16 Quality of Service (QoS) The following table describes the labels in this screen. Table 74 Advanced Setup > QoS LABEL DESCRIPTION Use this field to turn on QoS to improve your network performance. You can give priority to traffic that the ZyXEL Device forwards out through the WAN interface.
Page 212: The Queue Setup Screen
Chapter 16 Quality of Service (QoS) 16.3 The Queue Setup Screen Use this screen to configure QoS queue disciplines and priorities. Click Advanced Setup > QoS > Queue Setup to open the screen as shown next. Figure 106 Advanced Setup > QoS > Queue Setup The following table describes the labels in this screen.
Page 213: The Class Setup Screen
Chapter 16 Quality of Service (QoS) 16.4 The Class Setup Screen Use this screen to set up QoS class rules and have the ZyXEL Device assign priority levels to traffic according to the port range, IEEE 802.1p priority level and/or IP precedence. Click Advanced Setup >...
Page 214 Chapter 16 Quality of Service (QoS) Table 77 Advanced Setup > QoS > Class Setup (continued) LABEL DESCRIPTION Application Select an application from the drop-down list box. The Destination Port Range and Protocol ID fields may change depending on the type of applications you choose. Physical Ports Select the ports to apply the rule to.
Page 215: Qos Technical Reference
Chapter 16 Quality of Service (QoS) Table 77 Advanced Setup > QoS > Class Setup (continued) LABEL DESCRIPTION 802.1p Remarking Select a priority level (0 to 7) to re-assign the priority level to matched traffic. Queue # Specify a queue tag to matched traffic. Traffic assigned to a higher queue gets through faster while traffic in lower queues is dropped when there is network congestion.
Page 216: Automatic Priority Queue Assignment
Chapter 16 Quality of Service (QoS) 16.5.3 Automatic Priority Queue Assignment If you enable QoS on the ZyXEL Device, the ZyXEL Device can automatically base on the IEEE 802.1p priority level, IP precedence and/or packet length to assign priority to traffic which does not match a class.
Page 217: Dynamic Dns Setup
HAPTER Dynamic DNS Setup 17.1 Overview Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect.
Page 218: The Dynamic Dns Screen
Chapter 17 Dynamic DNS Setup 17.2 The Dynamic DNS Screen Use this screen to change your ZyXEL Device’s DDNS. Click Advanced > Dynamic DNS. The screen appears as shown. Figure 108 Advanced > Dynamic DNS The following table describes the fields in this screen. Table 80 Advanced >...
Page 219: Remote Management
HAPTER Remote Management 18.1 Overview Remote management allows you to determine which services/protocols can access which ZyXEL Device interface (if any) from which computers. The following figure shows remote management of the ZyXEL Device coming in from the WAN. Figure 109 Remote Management From the WAN HTTP Telnet Note: When you configure remote management to allow management from the WAN, you...
Page 220: What You Need To Know About Remote Management
Chapter 18 Remote Management • Your ZyXEL Device can act as an SNMP agent, which allows a manager station to manage and monitor the ZyXEL Device through the network. Use the SNMP screen (see Section 18.5 on page 223) to configure through which interface(s) and from which IP address(es) users can use SNMP to access the ZyXEL Device.
Page 221: Configuring The Www Screen
Chapter 18 Remote Management 18.2.1 Configuring the WWW Screen Click Advanced > Remote MGMT to display the WWW screen. Figure 110 Advanced > Remote MGMT > WWW The following table describes the labels in this screen. Table 81 Advanced > Remote Management > WWW LABEL DESCRIPTION Server Port...
Page 222: The Ftp Screen
Chapter 18 Remote Management Click Advanced > Remote MGMT > Telnet tab to display the screen as shown. Figure 111 Advanced > Remote MGMT > Telnet The following table describes the labels in this screen. Table 82 Advanced > Remote Management > Telnet LABEL DESCRIPTION Server Port...
Page 223: The Snmp Screen
Chapter 18 Remote Management Use this screen to specify which interfaces allow FTP access and from which IP address the access can come. To change your ZyXEL Device’s FTP settings, click Advanced > Remote MGMT > FTP. The screen appears as shown. Figure 112 Advanced >...
Page 224 Chapter 18 Remote Management supports SNMP version one (SNMPv1) and version two (SNMPv2c). The next figure illustrates an SNMP management operation. Figure 113 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the ZyXEL Device).
Page 225: Configuring Snmp
Chapter 18 Remote Management 18.5.1 Configuring SNMP To change your ZyXEL Device’s SNMP settings, click Advanced > Remote MGMT > SNMP tab. The screen appears as shown. Figure 114 Advanced > Remote MGMT > SNMP The following table describes the labels in this screen. Table 84 Advanced >...
Page 226: The Icmp Screen
Chapter 18 Remote Management Use this screen to set from which IP address the ZyXEL Device will accept DNS queries and on which interface it can send them your ZyXEL Device’s DNS settings. This feature is not available when the ZyXEL Device is set to bridge mode. Click Advanced > Remote MGMT > DNS to change your ZyXEL Device’s DNS settings.
Page 227: The Ssh Screen
Chapter 18 Remote Management Note: If you want your device to respond to pings and requests for unauthorized services, you will also need to configure the firewall accordingly by disabling SPI. Figure 116 Advanced > Remote Management > ICMP The following table describes the labels in this screen. Table 86 Advanced >...
Page 228: Ssh Example
Chapter 18 Remote Management The following table describes the labels in this screen. Table 87 Advanced > Remote Management > SSH LABEL DESCRIPTION Server Port This displays the service port number for accessing the ZyXEL Device. If the number is grayed out, it is not editable.
Page 229 Chapter 18 Remote Management A window displays prompting you to store the host key in your computer. Click Yes to continue. Enter your user name and password. The command line interface displays. ADSL Router Series User’s Guide...
Page 230: Universal Plug-And-Play (Upnp)
HAPTER Universal Plug-and-Play (UPnP) 19.1 Overview Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices. A UPnP device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network. In turn, a device can leave a network smoothly and automatically when it is no longer in use.
Page 231: The Upnp Screen
Chapter 19 Universal Plug-and-Play (UPnP) When a UPnP device joins a network, it announces its presence with a multicast message. For security reasons, the ZyXEL Device allows multicast messages on the LAN only. All UPnP-enabled devices may communicate freely with each other without additional configuration. Disable UPnP if this is not your intention.
Page 232: Installing Upnp In Windows Example
Chapter 19 Universal Plug-and-Play (UPnP) Table 88 Advanced > UPnP > General LABEL DESCRIPTION Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. 19.3 Installing UPnP in Windows Example This section shows how to install UPnP in Windows Me and Windows XP. Installing UPnP in Windows Me Follow the steps below to install the UPnP in Windows Me.
Page 233 Chapter 19 Universal Plug-and-Play (UPnP) In the Communications window, select the Universal Plug and Play check box in the Components selection box. Add/Remove Programs: Windows Setup: Communication: Components Click OK to go back to the Add/Remove Programs Properties window and click Next. Restart the computer when prompted.
Page 234 Chapter 19 Universal Plug-and-Play (UPnP) In the Network Connections window, click Advanced in the main menu and select Optional Networking Components …. Network Connections The Windows Optional Networking Components Wizard window displays. Select Networking Service in the Components selection box and click Details. Windows Optional Networking Components Wizard ADSL Router Series User’s Guide...
Page 235: Using Upnp In Windows Xp Example
Chapter 19 Universal Plug-and-Play (UPnP) In the Networking Services window, select the Universal Plug and Play check box. Networking Services Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. 19.4 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP.
Page 236 Chapter 19 Universal Plug-and-Play (UPnP) Right-click the icon and select Properties. Network Connections In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created. Internet Connection Properties ADSL Router Series User’s Guide...
Page 237 Chapter 19 Universal Plug-and-Play (UPnP) You may edit or delete the port mappings or click Add to manually add port mappings. Internet Connection Properties: Advanced Settings Internet Connection Properties: Advanced Settings: Add When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically.
Page 238 Chapter 19 Universal Plug-and-Play (UPnP) Select Show icon in notification area when connected option and click OK. An icon displays in the system tray. System Tray Icon Double-click on the icon to display your current Internet connection status. Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the ZyXEL Device without finding out the IP address of the ZyXEL Device first.
Page 239 Chapter 19 Universal Plug-and-Play (UPnP) Select My Network Places under Other Places. Network Connections An icon with the description for each UPnP-enabled device displays under Local Network. ADSL Router Series User’s Guide...
Page 240 Chapter 19 Universal Plug-and-Play (UPnP) Right-click on the icon for your ZyXEL Device and select Invoke. The web configurator login screen displays. Network Connections: My Network Places Right-click on the icon for your ZyXEL Device and select Properties. A properties window displays with basic information about the ZyXEL Device.
Page 241: File Sharing
HAPTER File Sharing 20.1 Overview Share files on a USB memory stick or hard drive connected to your ZyXEL Device with users on your network. The following figure is an overview of the ZyXEL Device’s file server feature. Computers A and B can access files on a USB device (C) which is connected to the ZyXEL Device.
Page 242: Before You Begin
Chapter 20 File Sharing Shares When settings are set to default, each USB device connected to the ZyXEL Device is given a folder, called a “share”. If a USB hard drive connected to the ZyXEL Device has more than one partition, then each partition will be allocated a share.
Page 243: The File Sharing Screen
Chapter 20 File Sharing The ZyXEL Device detects the USB device and makes its contents available for browsing. If you are connecting a USB hard drive that comes with an external power supply, make sure it is connected to an appropriate power source that is on. Note: If your USB device cannot be detected by the ZyXEL Device, see the troubleshooting for suggestions.
Page 244: User Edit
Chapter 20 File Sharing Table 89 Advanced > USB Application > File Sharing LABEL DESCRIPTION User Name This displays the user name that has been configured on the ZyXEL Device for file sharing. Edit Click this to go to the screen for editing user account information. Delete Click this to remove a user account from the list.
Page 245: Sharing A Usb Printer
HAPTER Sharing a USB Printer This chapter describes how you can share a USB printer via your ZyXEL Device. 21.1 Overview The ZyXEL Device allows you to share a USB printer on your LAN. You can do this by connecting a USB printer to one of the USB ports on the ZyXEL Device and then allowing the computers connected to your network to communicate with the print server (ZyXEL Device) using the Internet Printing Protocol.
Page 246: Before You Begin
Chapter 21 Sharing a USB Printer Operating System An operating system (OS) is the interface which helps you manage a computer. Common examples are Microsoft Windows, Mac OS or Linux. Port A port maps a network service such as http to a process running on your computer, such as a process run by your web browser.
Page 247: Add A New Printer Using Windows
Chapter 21 Sharing a USB Printer Click Advanced > USB Application > Print Server to display the Print Server screen. Figure 123 Advanced > USB Application > Print Server The following table describes the labels in this screen. Table 91 Advanced > USB Application > Print Server LABEL DESCRIPTION Active Print Server...
Page 248 Chapter 21 Sharing a USB Printer Click Start > Control Panel > Printers and Faxes to open the Printers and Faxes screen. Click Add a Printer. Figure 124 Printers Folder The Add Printer Wizard screen displays. Click Next. Figure 125 Add Printer Wizard: Welcome ADSL Router Series User’s Guide...
Page 249 Chapter 21 Sharing a USB Printer Select A network printer, or a printer attached to another computer and click Next. Figure 126 Add Printer Wizard: Local or Network Printer Select Connect to a printer on the Internet or on a home or office network: and enter “http://192.168.1.1:631/printers/USB_PRINTER”...
Page 250 Chapter 21 Sharing a USB Printer Click Next to continue. Figure 128 Add Printer Wizard: Printer Model Select Yes and then click the Next button if you want to use this printer as the default printer on your computer. Otherwise select No and then click Next to continue. Figure 129 Add Printer Wizard: Default Printer ADSL Router Series User’s Guide...
Page 251: Add A New Printer Using Macintosh Os X
Chapter 21 Sharing a USB Printer 10 The following screen shows your current printer settings. Select Finish to complete adding a new printer. Figure 130 Add Printer Wizard Complete 21.6 Add a New Printer Using Macintosh OS X Complete the following steps to set up a print server driver on your Macintosh computer. 21.6.1 Mac OS 10.3 and 10.4 This example shows how to connect a printer behind the ZyXEL Device to your computer using Mac OS X v10.4.11.
Page 252 Chapter 21 Sharing a USB Printer 12 Open the Applications folder. Figure 132 Macintosh HD Folder 13 Open the Utilities folder. Figure 133 Applications Folder ADSL Router Series User’s Guide...
Page 253 Chapter 21 Sharing a USB Printer 14 Double-click the Printer Setup Utility icon. Figure 134 Utilities Folder 15 Click the Add icon at the top of the screen. Figure 135 Printer List: Add 16 Click the IP Printer tab to set up your printer. •...
Page 254: Mac Os 10.5 And 10.6
Chapter 21 Sharing a USB Printer • Select your printer manufacturer from the Printer Model drop-down list and then select a printer model. Click Add to save and close the Printer Browser configuration screen. Figure 136 Printer Browser 17 The new network printer displays in the Printer List. The default printer Name displays in bold type.
Page 255 Chapter 21 Sharing a USB Printer Click the Finder icon on the Dock or double-click your Mac hard disk icon (Mac OS X in this example) on your desktop to open the Mac HD window. Figure 138 Mac OS X HD Open the Applications folder.
Page 256 Chapter 21 Sharing a USB Printer Click the Print & Fax icon. Figure 141 System Preferences Select the Printing tab and click the + icon to add a new printer. Figure 142 Print & Fax Click the Advanced button on the Add Printer toolbar to set up your printer. If the Advanced button doesn’t appear, Ctrl-click the toolbar, select Customize Toolbar...
Page 257 Chapter 21 Sharing a USB Printer • Enter a descriptive name for the printer and where it is located. • Select your printer manufacturer from the Print Using drop-down list and then select a printer model. Click Add to save and close the Printer Browser configuration screen. Figure 143 Add Printer The new network printer displays in the Printers list.
Page 258 Chapter 21 Sharing a USB Printer ADSL Router Series User’s Guide...
Page 259: Cwmp
HAPTER CWMP 22.1 Overview The ZyXEL Device supports TR-069 Amendment 1 (CPE WAN Management Protocol Release 2.0) and TR-069 Amendment 2 (CPE WAN Management Protocol v1.1, Release 3.0). TR-069 is a protocol that defines how your ZyXEL Device (ZD) can be managed via a management server (MS) such as ZyXEL’s Vantage Access.
Page 260: The Cwmp Setup Screen
Chapter 22 CWMP 22.2 The CWMP Setup Screen Use this screen to configure your ZyXEL Device to be managed by a management server. Click Advanced> CWMP to display the following screen. Figure 146 Advanced > CWMP The following table describes the fields in this screen. Table 92 Advanced >...
Page 261 Chapter 22 CWMP Table 92 Advanced > CWMP (continued) LINK DESCRIPTION Connection Use this part of the screen to allow the management server to connect to the ZyXEL Device Request after a successful login. Path Type the IP address or domain name of the ZyXEL Device. The management server uses this path to verify the ZyXEL Device.
Page 262 Chapter 22 CWMP ADSL Router Series User’s Guide...
Page 263: System Settings
HAPTER System Settings 23.1 Overview This chapter shows you how to configure system related settings, such as system time, password, name, the domain name and the inactivity timeout interval. 23.1.1 What You Can Do in the System Settings Screens • Use the General screen (Section 23.2 on page 263) to configure system settings.
Page 264: The Time Setting Screen
Chapter 23 System Settings Table 93 Maintenance > System > General LABEL DESCRIPTION Retype to Type the new password again for confirmation. confirm Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. 23.3 The Time Setting Screen Use this screen to configure the ZyXEL Device’s time based on your local time zone.
Page 265 Chapter 23 System Settings Table 94 Maintenance > System > Time Setting (continued) LABEL DESCRIPTION Manual Select this radio button to enter the time and date manually. If you configure a new time and date, Time Zone and Daylight Saving at the same time, the new time and date you entered has priority and the Time Zone and Daylight Saving settings do not affect New Time This field displays the last updated time from the time server or the last time configured...
Page 266 Chapter 23 System Settings ADSL Router Series User’s Guide...
Page 267: Logs
HAPTER Logs 24.1 Overview This chapter contains information about viewing the ZyXEL Device’s logs. The web configurator allows you to choose which types of events and/or alerts to have the ZyXEL Device log and then display the logs. 24.1.1 What You Need To Know About Logs Alerts An alert is a message that is enabled as soon as the event occurs.
Page 268: The Log Settings Screen
Chapter 24 Logs To view your ZyXEL Device’s logs, click Maintenance > Logs > View Log. The screen appears as shown. Figure 149 Maintenance > System Logs The following table describes the fields in this screen. Table 95 Maintenance > Logs > Log Settings LABEL DESCRIPTION System Log...
Page 269 Chapter 24 Logs The following table describes the fields in this screen. Table 96 Maintenance > Logs > Log Settings LABEL DESCRIPTION Active Select to enable or disable system logging. Mode Select Local File to record the logs and store them in the local memory of the ZyXEL Device only.
Page 270 Chapter 24 Logs ADSL Router Series User’s Guide...
Page 271: Tools
HAPTER Tools 25.1 Overview This chapter explains how to upload new firmware, manage configuration files and restart your ZyXEL Device. Use the instructions in this chapter to change the device’s configuration file or upgrade its firmware. After you configure your device, you can backup the configuration file to a computer. That way if you later misconfigure the device, you can upload the backed up configuration file to return to your previous settings.
Page 272 Chapter 25 Tools Do NOT turn off the ZyXEL Device while firmware upload is in progress! Figure 151 Maintenance > Tools > Firmware The following table describes the labels in this screen. Table 97 Maintenance > Tools > Firmware LABEL DESCRIPTION Current Firmware This is the present Firmware version and the date created.
Page 273: The Configuration Screen
Chapter 25 Tools If the upload was not successful, the following screen will appear. Click Return to go back to the Firmware screen. Figure 154 Error Message 25.3 The Configuration Screen Click Maintenance > Tools > Configuration. Information related to factory defaults, backup configuration, and restoring configuration appears in this screen, as shown next.
Page 274 Chapter 25 Tools Restore Configuration Restore Configuration allows you to upload a new or previously saved configuration file from your computer to your ZyXEL Device. Table 98 Restore Configuration LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ... to find it. Browse...
Page 275: The Restart Screen
Chapter 25 Tools If the upload was not successful, the following screen will appear. Click Return to go back to the Configuration screen. Figure 158 Configuration Upload Error Reset to Factory Defaults Click the Reset button to clear all user-entered configuration information and return the ZyXEL Device to its factory defaults.
Page 276 Chapter 25 Tools Click Maintenance > Tools > Restart. Click Restart to have the ZyXEL Device reboot. This does not affect the ZyXEL Device's configuration. Figure 161 Maintenance > Tools >Restart ADSL Router Series User’s Guide...
Page 277: Diagnostic
HAPTER Diagnostic 26.1 Overview These read-only screens display information to help you identify problems with the ZyXEL Device. 26.1.1 What You Can Do in the Diagnostic Screens • Use the General screen (Section 26.2 on page 277) to ping an IP address. •...
Page 278: The Dsl Line Screen
Chapter 26 Diagnostic Table 99 Maintenance > Diagnostic > General (continued) LABEL DESCRIPTION Ping Click this to ping the IP address that you entered. PingV6 Click this to ping the IPv6 address that you entered. 26.3 The DSL Line Screen Use this screen to view the DSL line statistics and reset the ADSL line.
Page 279 Chapter 26 Diagnostic The following table describes the fields in this screen. Table 100 Maintenance > Diagnostic > DSL Line LABEL DESCRIPTION ATM Status Click this to view your DSL connection’s Asynchronous Transfer Mode (ATM) statistics. ATM is a networking technology that provides high-speed data transfer. ATM uses fixed- size packets of information called cells.
Page 280 Chapter 26 Diagnostic Table 100 Maintenance > Diagnostic > DSL Line (continued) LABEL DESCRIPTION DSL Line Status Click this to view statistics about the DSL connections. noise margin downstream is the signal to noise ratio for the downstream part of the connection (coming into the ZyXEL Device from the ISP).
Page 281: Troubleshooting
HAPTER Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • ZyXEL Device Access and Login • Internet Access 27.1 Power, Hardware Connections, and LEDs The ZyXEL Device does not turn on.
Page 282: Zyxel Device Access And Login
Chapter 27 Troubleshooting 27.2 ZyXEL Device Access and Login I forgot the IP address for the ZyXEL Device. The default IP address is 192.168.1.1. If you changed the IP address and have forgotten it, you might get the IP address of the ZyXEL Device by looking up the IP address of the default gateway for your computer.
Page 283: Internet Access
Chapter 27 Troubleshooting • Try to access the ZyXEL Device using another service, such as Telnet. If you can access the ZyXEL Device, check the remote management settings and firewall rules to find out why the ZyXEL Device does not respond to HTTP. •...
Page 284 Chapter 27 Troubleshooting If you are trying to access the Internet wirelessly, make sure the wireless settings in the wireless client are the same as the settings in the AP. If you are trying to access the Internet wirelessly, make sure you enabled the wireless LAN and have selected the correct country and channel in which your ZyXEL Device operates in the Wireless LAN >...
Page 285: Product Specifications
HAPTER Product Specifications The following tables summarize the ZyXEL Device’s hardware and firmware features. 28.1 Hardware Specifications Table 101 LED Descriptions for P-660HN-T1H, P-660HNU-Tx, P-660HU-Tx COLOR STATUS DESCRIPTION Green The ZyXEL Device is receiving power and ready for use. Blinking The ZyXEL Device is self-testing.
Page 286 Chapter 28 Product Specifications Table 101 LED Descriptions for P-660HN-T1H, P-660HNU-Tx, P-660HU-Tx COLOR STATUS DESCRIPTION Green The ZyXEL Device has an IP connection but no traffic. Your device has a WAN IP address (either static or assigned by a (INTERNET) DHCP server), PPP negotiation was successfully completed (if used) and the DSL connection is up.
Page 287: Appendix A Setting Up Your Computer's Ip Address
PP EN D I X Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP/Vista, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your computer.
Page 288 Appendix A Setting up Your Computer’s IP Address Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: In the Network window, click Add. Select Adapter and then click Add.
Page 289 Appendix A Setting up Your Computer’s IP Address • If you have a static IP address, select Specify an IP address and type your information into the IP Address and Subnet Mask fields. Figure 165 Windows 95/98/Me: TCP/IP Properties: IP Address Click the DNS Configuration tab.
Page 290 Appendix A Setting up Your Computer’s IP Address Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add. Click OK to save and close the TCP/IP Properties window.
Page 291 Appendix A Setting up Your Computer’s IP Address In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 168 Windows XP: Control Panel Right-click Local Area Connection and then click Properties. Figure 169 Windows XP: Control Panel: Network Connections: Properties ADSL Router Series User’s Guide...
Page 292 Appendix A Setting up Your Computer’s IP Address Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 170 Windows XP: Local Area Connection Properties The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). •...
Page 293 Appendix A Setting up Your Computer’s IP Address • Click Advanced. Figure 171 Windows XP: Internet Protocol (TCP/IP) Properties If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: •...
Page 294 Appendix A Setting up Your Computer’s IP Address • Click OK when finished. Figure 172 Windows XP: Advanced TCP/IP Properties In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es).
Page 295 Appendix A Setting up Your Computer’s IP Address If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. Figure 173 Windows XP: Internet Protocol (TCP/IP) Properties Click OK to close the Internet Protocol (TCP/IP) Properties window. Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window.
Page 296 Appendix A Setting up Your Computer’s IP Address Click the Start icon, Control Panel. Figure 174 Windows Vista: Start Menu In the Control Panel, double-click Network and Internet. Figure 175 Windows Vista: Control Panel Click Network and Sharing Center. Figure 176 Windows Vista: Network And Internet ADSL Router Series User’s Guide...
Page 297 Appendix A Setting up Your Computer’s IP Address Click Manage network connections. Figure 177 Windows Vista: Network and Sharing Center Right-click Local Area Connection and then click Properties. Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue.
Page 298 Appendix A Setting up Your Computer’s IP Address Select Internet Protocol Version 4 (TCP/IPv4) and click Properties. Figure 179 Windows Vista: Local Area Connection Properties The Internet Protocol Version 4 (TCP/IPv4) Properties window opens (the General tab). • If you have a dynamic IP address click Obtain an IP address automatically. •...
Page 299 Appendix A Setting up Your Computer’s IP Address • Click Advanced. Figure 180 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: •...
Page 300 Appendix A Setting up Your Computer’s IP Address • Click OK when finished. Figure 181 Windows Vista: Advanced TCP/IP Properties In the Internet Protocol Version 4 (TCP/IPv4) Properties window, (the General tab): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es).
Page 301 Appendix A Setting up Your Computer’s IP Address If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. Figure 182 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 10 Click OK to close the Internet Protocol Version 4 (TCP/IPv4) Properties window. 11 Click Close to close the Local Area Connection Properties window.
Page 302 Appendix A Setting up Your Computer’s IP Address Macintosh OS 8/9 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel. Figure 183 Macintosh OS 8/9: Apple Menu ADSL Router Series User’s Guide...
Page 303 Appendix A Setting up Your Computer’s IP Address Select Ethernet built-in from the Connect via list. Figure 184 Macintosh OS 8/9: TCP/IP For dynamically assigned settings, select Using DHCP Server from the Configure: list. For statically assigned settings, do the following: •...
Page 304 Appendix A Setting up Your Computer’s IP Address • Select Built-in Ethernet from the Show list. • Click the TCP/IP tab. For dynamically assigned settings, select Using DHCP from the Configure list. Figure 186 Macintosh OS X: Network For statically assigned settings, do the following: •...
Page 305 Appendix A Setting up Your Computer’s IP Address Linux This section shows you how to configure your computer’s TCP/IP settings in Red Hat Linux 9.0. Procedure, screens and file location may vary depending on your Linux distribution and release version. Note: Make sure you are logged in as the root administrator.
Page 306 Appendix A Setting up Your Computer’s IP Address Double-click on the profile of the network card you wish to configure. The Ethernet Device General screen displays as shown. Figure 188 Red Hat 9.0: KDE: Ethernet Device: General • If you have a dynamic IP address, click Automatically obtain IP address settings with and select dhcp from the drop down list.
Page 307 Appendix A Setting up Your Computer’s IP Address Click the Activate button to apply the changes. The following screen displays. Click Yes to save the changes in all screens. Figure 190 Red Hat 9.0: KDE: Network Configuration: Activate After the network card restart process is complete, make sure the Status is Active in the Network Configuration screen.
Page 308 Appendix A Setting up Your Computer’s IP Address If you know your DNS server IP address(es), enter the DNS server information in the resolv.conf file in the /etc directory. The following figure shows an example where two DNS server IP addresses are specified.
Page 309: Appendix B Ip Addresses And Subnetting
PP EN D I X IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network.
Page 310 Appendix B IP Addresses and Subnetting The following figure shows an example IP address in which the first three octets (192.168.1) are the network number, and the fourth octet (16) is the host ID. Figure 196 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask.
Page 311 Appendix B IP Addresses and Subnetting Subnet masks can be referred to by the size of the network number part (the bits with a “1” value). For example, an “8-bit mask” means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes.
Page 312 Appendix B IP Addresses and Subnetting The following table shows some possible subnet masks using both notations. Table 106 Alternative Subnet Mask Notation ALTERNATIVE LAST OCTET LAST OCTET SUBNET MASK NOTATION (BINARY) (DECIMAL) 255.255.255.0 0000 0000 255.255.255.128 1000 0000 255.255.255.192 1100 0000 255.255.255.224 1110 0000...
Page 313 Appendix B IP Addresses and Subnetting The following figure shows the company network after subnetting. There are now two sub- networks, A and B. Figure 198 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 2 –...
Page 314 Appendix B IP Addresses and Subnetting Table 107 Subnet 1 (continued) LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE Subnet Address: Lowest Host ID: 192.168.1.1 192.168.1.0 Broadcast Address: Highest Host ID: 192.168.1.62 192.168.1.63 Table 108 Subnet 2 LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE...
Page 315 Appendix B IP Addresses and Subnetting Table 111 Eight Subnets (continued) SUBNET LAST BROADCAST SUBNET FIRST ADDRESS ADDRESS ADDRESS ADDRESS Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 112 24-bit Network Number Subnet Planning NO.
Page 316 Appendix B IP Addresses and Subnetting Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established.
Page 317: Appendix C Pop-Up Windows, Javascripts And Java Permissions
PP EN D I X Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here.
Page 318 Appendix C Pop-up Windows, JavaScripts and Java Permissions Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 200 Internet Options: Privacy Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps.
Page 319 Appendix C Pop-up Windows, JavaScripts and Java Permissions Select Settings…to open the Pop-up Blocker Settings screen. Figure 201 Internet Options: Privacy Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”.
Page 320 Appendix C Pop-up Windows, JavaScripts and Java Permissions Click Add to move the IP address to the list of Allowed sites. Figure 202 Pop-up Blocker Settings Click Close to return to the Privacy screen. Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed.
Page 321 Appendix C Pop-up Windows, JavaScripts and Java Permissions In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 203 Internet Options: Security Click the Custom Level... button. Scroll down to Scripting. Under Active scripting make sure that Enable is selected (the default). Under Scripting of Java applets make sure that Enable is selected (the default).
Page 322 Appendix C Pop-up Windows, JavaScripts and Java Permissions Click OK to close the window. Figure 204 Security Settings - Java Scripting Java Permissions From Internet Explorer, click Tools, Internet Options and then the Security tab. Click the Custom Level... button. Scroll down to Microsoft VM.
Page 323 Appendix C Pop-up Windows, JavaScripts and Java Permissions Click OK to close the window. Figure 205 Security Settings - Java JAVA (Sun) From Internet Explorer, click Tools, Internet Options and then the Advanced tab. Make sure that Use Java 2 for <applet> under Java (Sun) is selected. ADSL Router Series User’s Guide...
Page 324 Appendix C Pop-up Windows, JavaScripts and Java Permissions Click OK to close the window. Figure 206 Java (Sun) Mozilla Firefox Mozilla Firefox 2.0 screens are used here. Screens for other versions may vary. You can enable Java, Javascripts and pop-ups in one screen. Click Tools, then click Options in the screen that appears.
Page 325 Appendix C Pop-up Windows, JavaScripts and Java Permissions Click Content to show the screen below. Select the check boxes as shown in the following screen. Figure 208 Mozilla Firefox Content Security ADSL Router Series User’s Guide...
Page 326 Appendix C Pop-up Windows, JavaScripts and Java Permissions ADSL Router Series User’s Guide...
Page 327: Appendix D Wireless Lans
PP EN D I X Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless adapters (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an ad-hoc network or Independent Basic Service Set (IBSS).
Page 328 Appendix D Wireless LANs disabled, wireless client A and B can still access the wired network but cannot communicate with each other. Figure 210 Basic Service Set An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network.
Page 329 Appendix D Wireless LANs An ESSID (ESS IDentification) uniquely identifies each ESS. All access points and their associated wireless clients within the same ESS must have the same ESSID in order to communicate. Figure 211 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by wireless devices to transmit and receive data. Channels available depend on your geographical area.
Page 330 Appendix D Wireless LANs cannot "hear" each other, that is they do not know if the channel is currently being used. Therefore, they are considered hidden from each other. RTS/CTS Figure 212 When station A sends data to the AP, it might not know that the station B is already using the channel.
Page 331 Appendix D Wireless LANs If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. Preamble Type Preamble is used to signal that data is coming to the receiver.
Page 332 Appendix D Wireless LANs The following figure shows the relative effectiveness of these wireless security methods available on your ZyXEL Device. Table 115 Wireless Security Levels SECURITY SECURITY TYPE LEVEL Least Unique SSID (Default) Secure Unique SSID with Hide SSID Enabled MAC Address Filtering WEP Encryption IEEE802.1x EAP with RADIUS Server Authentication...
Page 333 Appendix D Wireless LANs RADIUS is a simple package exchange in which your AP acts as a message relay between the wireless client and the network RADIUS server. Types of RADIUS Messages The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user authentication: •...
Page 334 Appendix D Wireless LANs EAP-MD5 (Message-Digest Algorithm 5) MD5 authentication is the simplest one-way authentication method. The authentication server sends a challenge to the wireless client. The wireless client ‘proves’ that it knows the password by encrypting the password with the challenge and sends back the information. Password is not sent in plain text.
Page 335 Appendix D Wireless LANs If this feature is enabled, it is not necessary to configure a default encryption key in the wireless security configuration screen. You may still configure and store keys, but they will not be used while dynamic WEP is enabled. Note: EAP-MD5 cannot be used with Dynamic WEP Key Exchange For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys for data encryption.
Page 336 Appendix D Wireless LANs called Rijndael. They both include a per-packet key mixing function, a Message Integrity Check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. WPA and WPA2 regularly change and rotate the encryption keys so that the same encryption key is never used twice.
Page 337 Appendix D Wireless LANs WPA(2) with RADIUS Application Example To set up WPA(2), you need the IP address of the RADIUS server, its port number (default is 1812), and the RADIUS shared secret. A WPA(2) application example with an external RADIUS server looks as follows.
Page 338 Appendix D Wireless LANs The AP and wireless clients use the TKIP or AES encryption process, the PMK and information exchanged in a handshake to create temporal encryption keys. They use these keys to encrypt data exchanged between them. Figure 214 WPA(2)-PSK Authentication Security Parameters Summary Refer to this table to see what other security parameters you should configure for each authentication method or key management protocol type.
Page 339 Appendix D Wireless LANs Antenna Characteristics Frequency An antenna in the frequency of 2.4GHz (IEEE 802.11b and IEEE 802.11g) or 5GHz (IEEE 802.11a) is needed to communicate efficiently in a wireless LAN Radiation Pattern A radiation pattern is a diagram that allows you to visualize the shape of the antenna’s coverage area.
Page 340 Appendix D Wireless LANs ADSL Router Series User’s Guide...
Page 341: Appendix E Ipv6
PP EN D I X IPv6 Overview IPv6 (Internet Protocol version 6), is designed to enhance IP address size and features. The increase in IPv6 address size to 128 bits (from the 32-bit IPv4 address) allows up to 3.4 x 10 addresses.
Page 342 Appendix E IPv6 Global Address A global address uniquely identifies a device on the Internet. It is similar to a “public IP address” in IPv4. A global unicast address starts with a 2 or 3. Unspecified Address An unspecified address (0:0:0:0:0:0:0:0 or ::) is used as the source address when a device does not have its own address.
Page 343 Appendix E IPv6 Table 120 Reserved Multicast Address (continued) MULTICAST ADDRESS FF08:0:0:0:0:0:0:0 FF09:0:0:0:0:0:0:0 FF0A:0:0:0:0:0:0:0 FF0B:0:0:0:0:0:0:0 FF0C:0:0:0:0:0:0:0 FF0D:0:0:0:0:0:0:0 FF0E:0:0:0:0:0:0:0 FF0F:0:0:0:0:0:0:0 Subnet Masking Both an IPv6 address and IPv6 subnet mask compose of 128-bit binary digits, which are divided into eight 16-bit blocks and written in hexadecimal notation. Hexadecimal uses four bits for each character (1 ~ 10, A ~ F).
Page 344 Appendix E IPv6 address which combines its interface ID and global and subnet information advertised from the router. This is a routable global IP address. DHCPv6 The Dynamic Host Configuration Protocol for IPv6 (DHCPv6, RFC 3315) is a server-client protocol that allows a DHCP server to assign and pass IPv6 network addresses, prefixes and other configuration information to DHCP clients.
Page 345 Appendix E IPv6 such as the system name. The interface-ID option provides slot number, port information and the VLAN ID to the DHCPv6 server. The remote-ID option (if any) is stripped from the Relay-Reply messages before the relay agent sends the packets to the clients. The DHCP server copies the interface-ID option from the Relay-Forward message into the Relay-Reply message and sends it to the relay agent.
Page 346 Appendix E IPv6 On the ZyXEL Device, you can either set up a configured tunnel or an automatic 6to4 tunnel. The following describes each method. Configured Tunnel A configured tunnel is a point-to-point tunnelling mechanism that encapsulates an IPv6 address with an IPv4 address.
Page 347 Appendix E IPv6 For example, if you have an IPv4 address of 192.168.1.1 (first converted to binary notation and then to the colon hexadecimal representation of ), then the 6to4 addresses is c0a8:0101 2002:c0a8:0101::1/ Example - Enabling IPv6 on Windows XP/2003/Vista By default, Windows XP and Windows 2003 support IPv6.
Page 348 Appendix E IPv6 Double click Dibbler - a DHCPv6 client. Click Start and then OK. Now your computer can obtain an IPv6 address from a DHCPv6 server. Example - Enabling IPv6 on Windows 7 Windows 7 supports IPv6 by default. DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer.
Page 349 Appendix E IPv6 Click Close to exit the Local Area Connection Status screen. Select Start > All Programs > Accessories > Command Prompt. Use the ipconfig command to check your dynamic IPv6 address. This example shows a global address (2001:b021:2d::1000) obtained from a DHCP server. C:\>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection:...
Page 350 Appendix E IPv6 ADSL Router Series User’s Guide...
Page 351: Appendix F Services
P P EN D I X Services The following table lists some commonly-used services and their associated protocols and port numbers. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like.
Page 352 Appendix F Services Table 121 Examples of Services NAME PROTOCOL PORT(S) DESCRIPTION AH (IPSEC_TUNNEL) User-Defined The IPSEC AH (Authentication Header) tunneling protocol uses this service. 5190 AOL’s Internet Messenger service. AUTH Authentication protocol used by some servers. Border Gateway Protocol. BOOTP_CLIENT DHCP Client.
Page 353 Appendix F Services Table 121 Examples of Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION NEW-ICQ 5190 An Internet chat program. NEWS A protocol for news groups. 2049 Network File System - NFS is a client/ server distributed file service that provides transparent file sharing for network environments.
Page 354 Appendix F Services Table 121 Examples of Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION SQL-NET 1521 Structured Query Language is an interface to access data on many different types of database systems, including mainframes, midrange systems, UNIX systems and network servers. SSDP 1900 The Simple Service Discovery Protocol...
Page 355: Appendix G Legal Information
This publication is subject to change without notice. Trademarks ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
Page 356 Appendix G Legal Information If this device does cause harmful interference to radio/television reception, which can be determined by turning the device off and on, the user is encouraged to try to correct the interference by one or more of the following measures: Reorient or relocate the receiving antenna.
Page 357 Appendix G Legal Information Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada. Viewing Certifications Go to http://www.zyxel.com. Select your product on the ZyXEL home page to go to that product's page. Select the certification you wish to view from this page. ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase.
Page 358 Appendix G Legal Information Declaration of Conformity with Regard to EU Directive 1999/5/EC (R&TTE Directive) Compliance Information for 2.4GHz and 5GHz Wireless Products Relevant to the EU and Other Countries Following the EU Directive 1999/5/EC (R&TTE Directive) [Czech] ZyXEL tímto prohlašuje, že tento zařízení je ve shodě se základními požadavky a dalšími příslušnými ustanoveními směrnice 1999/5/EC.
Page 359 Appendix G Legal Information [Polish] Niniejszym ZyXEL oświadcza, że sprzęt jest zgodny z zasadniczymi wymogami oraz pozostałymi stosownymi postanowieniami Dyrektywy 1999/5/EC. [Portuguese] ZyXEL declara que este equipamento está conforme com os requisitos essenciais e outras disposições da Directiva 1999/5/EC. [Slovenian] ZyXEL izjavlja, da je ta oprema v skladu z bistvenimi zahtevami in ostalimi relevantnimi določili direktive 1999/5/EC.
Page 360 Appendix G Legal Information In the majority of the EU and other European countries,the 2,4- and 5-GHz bands have been made available for the use of wireless local area networks (LANs). Later in this document you will find an overview of countries inwhich additional restrictions or requirements or both are applicable. The requirements for any country may evolve.
Page 361 Appendix G Legal Information Location Frequency Range(GHz) Power (EIRP) Indoor (No restrictions) 2.4 – 2.4835 100mW (20dBm) 2.4 – 2.454 100mW (20dBm) Outdoor 2.454 – 2.4835 10mW (10dBm) Italy This product meets the National Radio Interface and the requirements specified in the National Frequency Allocation Table for Italy.
Page 362 Appendix G Legal Information ADSL Router Series User’s Guide...
Page 363: Index
Index Index Numbers gain omni-directional anti-probing 802.1p 214, 215 AP (access point) 802.1Q/1P application filter activation group settings applications, NAT port settings Asynchronous Transfer Mode, see ATM priority 99, 104 PVID 99, 104 tagging frames 203, 204, 206 99, 104, 108 99, 104 status authentication...
Page 364 Index certifications DDoS notices default server, NAT 153, 154 viewing Denials of Service, see DoS channel DHCP 110, 113, 119 interference diagnostic channel, wireless LAN DiffServ Code Point, see DSCP CIFS digital IDs CIFS (Common Internet File System) disclaimer 110, 113, 119, 225 client list Domain Name System, see DNS Command Line Interface, see CLI...
Page 365 Index FCC interference statement hidden node file sharing filters application IP/MAC structure IANA IP/MAC filter Internet Assigned Numbers Authority configuration see IANA MAC address 130, 140 IBSS activation ICMP 165, 226 181, 182 IEEE 802.11g firewalls actions address types IGMP 94, 110, 112, 121 anti-probing configuration...
Page 366 Index stateless autoconfiguration MBSSID unspecified address 99, 104 multicast 94, 99, 110, 112, 121 IGMPInternet Group Multicast Protocol, see IGMP Multiple BSS, see MBSSID multiplexing 96, 102, 105 LLC-based VC-based and USB printer client list DHCP 110, 113, 119 110, 113, 119 IGMP 110, 121 IP address...
Page 367 Index Pairwise Master Key (PMK) Quality of Service, see QoS 336, 337 passwords 29, 30 administrator 99, 104, 107 Peak Cell Rate, see PCR RADIUS PIN, WPS 134, 144 message types example messages shared secret key Ping of Death RADIUS server port binding activation registration...
Page 368 Index setup Sustain Cell Rate, see SCR DHCP SYN attack firewalls syntax conventions IP alias system IP precedenceQoS firmware IP precedence version IP/MAC filter passwords 29, 30 logs administrator port forwarding reset static route 195, 197 status 32, 35 firewalls wireless LAN wizard shaping traffic...
Page 369 Index example traffic shaping installation example NAT traversal 96, 102, 106 96, 102, 106 warranty URL filter note 135, 143 compatibility printer sharing example web configurator 23, 29 login passwords 29, 30 127, 141 VBR-nRT 99, 104, 108 Wide Area Network, see WAN VBR-RT 99, 104, 108 Wi-Fi Protected Access...
Page 370 Index WPA-PSK 128, 141 pre-shared key 133, 143, 145 activation adding stations example limitations 134, 144 push button 25, 134, 143 status wireless security Wireless tutorial wizard configuration wireless LAN WLAN interference security parameters 141, 335 key caching pre-authentication user authentication vs WPA-PSK wireless client supplicant with RADIUS application example...
Page 371 Index ADSL Router Series User’s Guide...
Page 372 Index ADSL Router Series User’s Guide...

ZyXEL Communications P-660H-61 User Manual

Chapter 1 Introduction

Chapter 2 The Web Configurator

Chapter 3 Status Screens

Chapter 4 Tutorials

Chapter 5 Internet and Wireless Setup Wizard

Chapter 6 WAN Setup

Chapter 7 LAN Setup

Chapter 8 Wireless LAN

Chapter 9 Network Address Translation (NAT)

Chapter 10 Firewall

Chapter 11 Filters

Chapter 12 Certificate

Chapter 13 Static Route

Chapter 14 Port Binding

Chapter 15 Q/1P

Chapter 16 Quality of Service (Qos)

Chapter 17 Dynamic DNS Setup

Chapter 18 Remote Management

Chapter 19 Universal Plug-And-Play (Upnp)

Chapter 20 File Sharing

Chapter 21 Sharing a USB Printer

Chapter 22 CWMP

Chapter 23 System Settings

Chapter 24 Logs

Chapter 25 Tools

Chapter 26 Diagnostic

Quick Links

Related Manuals for ZyXEL Communications P-660H-61

Summary of Contents for ZyXEL Communications P-660H-61