Page 1 P-660HNU-Fx, P-660HN-Fx, P-661HNU-Fx (x stands for 1 or 3) Default Login Details IP Address https://192.168.1.1 Admin User Name: admin Password: 1234 User User Name: user Password: 1234 Firmware Version 3.10 www.zyxel.com Edition 1, 12/2011 www.zyxel.com Copyright © 2011 ZyXEL Communications Corporation...
Page 2 Videos Videos File Sharing Video Example ..........................55 QoS Video Example .............................76 ADSL Series User’s Guide...
Page 3: About This User's Guide
Refer to the included CD for support documents. Documentation Feedback Send your comments, questions or suggestions to: techwriters@zyxel.com.tw Thank you! The Technical Writing Team, ZyXEL Communications Corp. Need More Help? More help is available at www.zyxel.com. • Download Library Search for the latest product updates and documentation from this link. Read the Tech Doc Overview to find out how to efficiently use the User Guide, Quick Start Guide and Command Line Interface Reference Guide in order to better understand how to use your product.
Page 4 About This User's Guide • Knowledge Base If you have a specific question about your product, the answer may be here. This is a collection of answers to previously asked questions about ZyXEL products. • Forum This contains discussions on ZyXEL products. Learn from others who use ZyXEL products and share your experiences as well.
Page 5: Document Conventions
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. Warnings tell you about things that could harm you or your device. Note: Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.
Page 6 Document Conventions Server Firewall Router Switch ADSL Series User’s Guide...
Page 7: Safety Warnings
Safety Warnings Safety Warnings • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store things on the device. •...
Page 8 Safety Warnings ADSL Series User’s Guide...
Page 9: Table Of Contents
Contents Overview Contents Overview User’s Guide ............................19 Introduction .............................21 Introducing the Web Configurator ......................27 Tutorials ..............................41 Technical Reference ..........................81 Connection Status and System Info Screens ..................83 Broadband ...............................87 Wireless ..............................105 Home Networking ..........................131 Routing ..............................157 DNS Route ............................161 Quality of Service (QoS) ........................165 Network Address Translation (NAT) ......................175 Dynamic DNS ............................183 Firewall ..............................185...
Page 10 Contents Overview ADSL Series User’s Guide...
Page 11: Table Of Contents
Table of Contents Table of Contents About This User's Guide ........................3 Document Conventions ........................5 Safety Warnings............................7 Contents Overview ..........................9 Table of Contents ..........................11 Part I: User’s Guide ..................19 Chapter 1 Introduction............................21 1.1 Overview ............................21 1.2 Applications for the ZyXEL Device ....................21 1.2.1 Internet Access ........................21 1.2.2 Wireless Connection ........................22 1.2.3 ZyXEL Device’s USB and Print Server Support ..............22...
Page 12 Table of Contents 2.3.7 Content Filter ...........................35 2.3.8 Firewall ............................36 2.3.9 Wireless Security ........................37 2.3.10 WPS ............................38 2.3.11 Media Server ..........................38 Chapter 3 Tutorials ...............................41 3.1 Overview ............................41 3.2 Setting Up Your DSL Connection ......................41 3.3 How to Set up a Wireless Network ....................44 3.3.1 Example Parameters .......................44 3.3.2 Configuring the ADSL Device ....................44 3.3.3 Connecting Wirelessly to your ADSL Device ................46...
Page 13 Table of Contents 5.1.3 Before You Begin ........................88 5.2 The Broadband Screen ........................88 5.2.1 Add/Edit Internet Connection ....................89 5.3 Technical Reference ........................100 Chapter 6 Wireless .............................105 6.1 Overview ............................105 6.1.1 What You Can Do in this Chapter ..................105 6.1.2 Wireless Network Overview ....................105 6.1.3 Before You Begin ........................107 6.2 The Wireless General Screen ......................107 6.2.1 No Security ..........................109...
Page 14 Table of Contents 7.6.1 The Media Server Screen ......................142 7.7 The Print Server Screen ........................143 7.7.1 Before You Begin ........................143 7.8 Technical Reference ........................144 7.9 Installing UPnP in Windows Example .....................148 7.10 Using UPnP in Windows XP Example ..................151 Chapter 8 Routing ..............................157 8.1 Overview ............................157 8.2 Configuring Static Route .........................157...
Page 15 Table of Contents 11.3 The Sessions Screen ........................178 11.4 The ALG Screen ..........................179 11.5 Technical Reference ........................180 11.5.1 NAT Definitions ........................180 11.5.2 What NAT Does ........................180 11.5.3 How NAT Works ........................180 Chapter 12 Dynamic DNS ............................183 12.1 Overview ............................183 12.1.1 What You Need To Know .....................183 12.2 The Dynamic DNS Screen ......................183 Chapter 13 Firewall ..............................185...
Page 16 Table of Contents Chapter 16 VPN ..............................203 16.1 Overview ............................203 16.1.1 What You Can Do in the VPN Screens ................203 16.1.2 What You Need to Know About IPSec VPN ................203 16.1.3 Before You Begin .........................205 16.2 VPN Setup Screen ........................205 16.3 The VPN Edit Screen ........................206 16.4 Configuring Advanced Settings ....................210 16.5 Viewing SA Monitor ........................212...
Page 17 Table of Contents Chapter 20 System ...............................231 20.1 Overview ............................231 20.1.1 What You Need to Know ......................231 20.2 The System Screen ........................231 Chapter 21 Time Setting ............................233 21.1 Overview ............................233 21.2 The Time Setting Screen ......................233 Chapter 22 Log Setting ............................235 22.1 Overview ............................235 22.2 The Log Setting Screen ........................235 Chapter 23...
Page 18 Table of Contents Chapter 27 Product Specifications ........................255 Appendix A IP Addresses and Subnetting..................263 Appendix B Setting Up Your Computer’s IP Address ..............273 Appendix C Pop-up Windows, Java Script and Java Permissions ..........303 Appendix D Wireless LANs......................311 Appendix E Common Services ......................331 Appendix F Open Software Announcements...................335 Appendix G Legal Information ......................357 Index ..............................361...
Page 19: User's Guide
User’s Guide...
Page 21: Introduction
H A PT ER Introduction 1.1 Overview The ADSL Router Series includes the P-660HNU-Fx, P-660HN-Fx, P-661HNU-Fx (x stands for 1 or 3). The routers in this series are ADSL2+ 4-Port Security Gateways with rich features and performance that use 802.11N technology to maximize the speed and range of your wireless signal. The ZyXEL Device is also a complete security solution with a robust firewall based on Stateful Packet Inspection (SPI) and Denial of Service (DoS) protection.
Page 22: Wireless Connection
Chapter 1 Introduction Figure 1 ZyXEL Device’s Internet Access Application You can also configure the firewall on the ZyXEL Device for secure Internet access. When the firewall is on, all incoming traffic from the Internet to your network is blocked unless it is initiated from your network.
Page 23: The Wps/Wlan Button
Chapter 1 Introduction Figure 3 USB File Sharing / Print Server Application 1.3 The WPS/WLAN Button You can use the WPS button ( ) on the top of the device to turn the wireless LAN off or on. You can also use it to activate WPS in order to quickly set up a wireless network with strong security. Turn the Wireless LAN On or Off Make sure the POWER LED is on (not blinking).
Page 24: Ways To Manage The Zyxel Device
Chapter 1 Introduction 1.4 Ways to Manage the ZyXEL Device Use any of the following methods to manage the ZyXEL Device. • Web Configurator. This is recommended for everyday management of the ZyXEL Device using a (supported) web browser. • FTP for firmware upgrades and configuration backup/restore. ADSL Series User’s Guide...
Page 25: Good Habits For Managing The Zyxel Device
Chapter 1 Introduction 1.5 Good Habits for Managing the ZyXEL Device Do the following things regularly to make the ZyXEL Device more secure and to manage the ZyXEL Device more effectively. • Change the password. Use a password that’s not easy to guess and that consists of different types of characters, such as numbers and letters.
Page 26 Chapter 1 Introduction ADSL Series User’s Guide...
Page 27: Introducing The Web Configurator
H A PT ER Introducing the Web Configurator 2.1 Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later versions, Mozilla Firefox 3 and later versions, or Safari 2.0 and later versions. The recommended screen resolution is 1024 by 768 pixels.
Page 28 Chapter 2 Introducing the Web Configurator Note: For security reasons, the ZyXEL Device automatically logs you out if you do not use the web configurator for five minutes (default). If this happens, log in again. The following screen displays if you have not yet changed your password. It is strongly recommended you change the default password.
Page 29: The Web Configurator Layout
Chapter 2 Introducing the Web Configurator 2.2 The Web Configurator Layout Click Connection Status > System Info to show the following screen. Figure 7 Web Configurator Layout Screen As illustrated above, the main screen is divided into these parts: • A - title bar •...
Page 30: Main Window
Chapter 2 Introducing the Web Configurator 2.2.2 Main Window The main window displays information and configuration fields. It is discussed in the rest of this document. After you click System Info on the Connection Status screen, the System Info screen is displayed.
Page 31 Chapter 2 Introducing the Web Configurator Table 1 Navigation Panel Summary LINK FUNCTION General Use this screen to enable QoS and decide allowable bandwidth using QoS. Queue Setup Use this screen to configure QoS queue assignment. Class Setup Use this screen to set up classifiers to sort traffic into different flows and assign priority and define actions to be performed for a classified traffic flow.
Page 32: User Mode
Chapter 2 Introducing the Web Configurator Table 1 Navigation Panel Summary LINK FUNCTION Reboot Reboot Use this screen to reboot the ZyXEL Device without turning the power off. Diagnostic Ping Use this screen to test the connections to other devices. DSL Line Use this screen to identify problems with the DSL connection.
Page 33: Navigation Panel
Chapter 2 Introducing the Web Configurator • Use the Network Map screen to check if your ZyXEL Device can ping the gateway and whether it is connected to the Internet (Section 2.3.4 on page 33). • Use the Control Panel to configure and enable ZyXEL Device features, including wireless security, wireless scheduling and bandwidth management and so on (Section 2.3.5 on page 34).
Page 34: Control Panel
Chapter 2 Introducing the Web Configurator response from the gateway. The same rule applies to the line connecting the gateway to the Internet. You can also view the devices (represented by icons indicating the kind of network device) connected to the ZyXEL Device, including those connecting wirelessly. Right-click on the ZyXEL Device icon to refresh the network map and go to the Wizard.
Page 35: Content Filter
Chapter 2 Introducing the Web Configurator Disabling the wireless capability lowers the energy consumption of the of the ZyXEL Device. Figure 12 Power Saving The following table describes the labels in this screen. Table 4 Power Saving LABEL DESCRIPTION WLAN Status Select On or Off to specify whether the Wireless LAN is turned on or off (depending on what you selected in the WLAN Status field).
Page 36: Firewall
Chapter 2 Introducing the Web Configurator Figure 13 Content Filter The following table describes the labels in this screen. Table 5 Content Filter LABEL DESCRIPTION Click Add after you have typed a keyword. Repeat this procedure to add other keywords. Up to 64 keywords are allowed. Note: The ZyXEL Device does not recognize wildcard characters as keywords.
Page 37: Wireless Security
Chapter 2 Introducing the Web Configurator 2.3.9 Wireless Security Use this screen to configure security for your the Wireless LAN. You can enter the SSID and select the wireless security mode in the following screen. Figure 15 Wireless Security The following table describes the general wireless LAN labels in this screen. Table 6 Wireless Security LABEL DESCRIPTION...
Page 38: Wps
Chapter 2 Introducing the Web Configurator 2.3.10 WPS Use this screen to add a wireless station to the network using WPS. Click WPS in the Wireless Security to open the following screen. Figure 16 Wireless Security: WPS The following table describes the labels in this screen. Table 7 Wireless Security: WPS LABEL DESCRIPTION...
Page 39 Chapter 2 Introducing the Web Configurator Figure 17 Media Server Click OK to close this screen. ADSL Series User’s Guide...
Page 40 Chapter 2 Introducing the Web Configurator ADSL Series User’s Guide...
Page 41: Tutorials
H A PT ER Tutorials 3.1 Overview This chapter contains the following tutorials: • Setting Up Your DSL Connection • How to Set up a Wireless Network • Setting Up NAT Port Forwarding to Allow Access to Network Servers from the Internet •...
Page 42 Chapter 3 Tutorials You can either modify the default ADSL WAN interface by clicking the Edit icon or create a new WAN interface (if you want to keep the default one). This example creates a new WAN interface. Click Add new WAN Interface. Note: You can create multiple ADSL WAN interfaces, however, only one of them is active at one time.
Page 43 Chapter 3 Tutorials Enter or select these values and click Apply. This completes your DSL WAN connection setting. You should see a summary of your new DSL connection setup in the Broadband screen as follows. The ADSL WAN interface you just created should be active (Yes in the Default Gateway field). ADSL Series User’s Guide...
Page 44: How To Set Up A Wireless Network
Chapter 3 Tutorials Try to connect to a website, such as “www.zyxel.com” to see if you have correctly set up your Internet connection. Be sure to contact your service provider for any information you need to configure the WAN screens. 3.3 How to Set up a Wireless Network This section gives you examples of how to connect the Internet wirelessly through the ADSL Device.
Page 45 Chapter 3 Tutorials Tutorial: Network > Wireless LAN > General Make sure Enable Wireless LAN is selected. Enter “SSID_Example3” as the SSID and select Auto in the Channel Selection field to have the device search for an available channel. Select 802.11b/g in the Mode Select field. Select More Secure as your security level and set security mode to WPA-PSK and enter “ThisismyWPA-PSKpre-sharedkey”...
Page 46: Connecting Wirelessly To Your Adsl Device
Chapter 3 Tutorials Tutorial: Status This finishes the configuration of the ADSL Device. 3.3.3 Connecting Wirelessly to your ADSL Device This section describes how to connect wirelessly to your ADSL Device. The connection procedure is shown here using Windows XP as an example. Right-click the wireless adapter icon which appears in the bottom right of your computer monitor.
Page 47 Chapter 3 Tutorials Tutorial: Status You are prompted to enter a password. Enter it (the pre-shared key) and click Connect. Tutorial: Network > Wireless LAN > SecuritOpen the Status screen. Verify your wireless and wireless security settings under Device Information and check if the WLAN connection is up under Interface Status Tutorial: Status You may have to wait several minutes while your computer connects to the wireless network.
Page 48: Configuring The Wireless Client Using The Wps Pin Number
Chapter 3 Tutorials 3.3.4 Configuring the Wireless Client using the WPS PIN number This section describes how to connect the wireless client to a network using the WPS PIN method. You need to log into the Web Configurator for this. Place a WPS-enabled device that supports the WPS PIN configuration method near the ADSL Device.
Page 49: Setting Up Nat Port Forwarding To Allow Access To Network Servers From The Internet
Chapter 3 Tutorials Note: You must repeat this procedure for every device you want to add to your network using WPS. 3.4 Setting Up NAT Port Forwarding to Allow Access to Network Servers from the Internet In this tutorial, you manage the Doom server on a computer behind the ADSL Device. In order for players on the Internet (like A in the figure below) to communicate with the Doom server, you need to configure the port settings and IP address on the ADSL Device.
Page 50: Using The File Sharing Feature
Chapter 3 Tutorials The port forwarding settings you configured should appear in the table. Make sure the Status check box for this rule is selected. Click Apply to have the ADSL Device start forwarding port 666 traffic to the computer with IP address 192.168.1.34. Players on the Internet then can have access to your Doom server.
Page 51: Set Up File Sharing
Chapter 3 Tutorials Note: Remember to control physical access to the USB drive so someone doesn’t access files by simply connecting it to a computer. 3.5.1 Set Up File Sharing To set up file sharing you need to connect your USB device, create user account(s) (only if you want to restrict a share’s access to certain users), enable file sharing and set up your share(s).
Page 52 Chapter 3 Tutorials Enter a user name. A user name can be any combination of letters and numbers. It must be between 5 and 15 characters long. This examples uses Bob77 as the username. Enter the password that this user name must type when accessing the share. Retype it in the field below for confirmation.
Page 53 Chapter 3 Tutorials Note: Select the first option on this list to include all files and folders on the USB device. You can add a description for the share or leave it blank. The Add Share Directory screen should look like the following. Leave the Access Level as Public to allow anyone connected to the ADSL Device to access the share.
Page 54: Access Your Shared Files From A Computer
Chapter 3 Tutorials Because you just want to share the Bob_private and Bob_public folders, you don't need the first share the system created, which shares the whole USB drive with everyone. So click the entry’s Delete icon and confirm the delete action. Finally, click Apply again to save the changes.
Page 55 Chapter 3 Tutorials To access Bob_private, you need to enter the correct user name and password. Once you access Bob_private via your ADSL Device, you do not have to relogin unless you restart your computer. 3.5.3 File Sharing Video Example Use Adobe Reader 9 or later to play this example video.
Page 56: Using The Print Server Feature
Chapter 3 Tutorials 3.6 Using the Print Server Feature In this section you can: • Configure a TCP/IP Printer Port. This allows a printer connected to the ADSL Device to be used by all users in your LAN as if it was directly connected to their computers. •...
Page 57 Chapter 3 Tutorials documentation for instructions on how to do this or follow the instructions below if you have a Windows 2000/XP operating system. Click Start > Settings, then right click on Printers and select Open. Tutorial: Open Printers Window The Printers folder opens up.
Page 58 Chapter 3 Tutorials Tutorial: Printer Properties Window A Printer Ports window appears. Select Standard TCP/IP Port and click New Port... Tutorial: Add a Port Window Add Standard TCP/IP Printer Port Wizard window opens up. Click Next to start configuring the printer port.
Page 59 Chapter 3 Tutorials Note: The computer from which you are configuring the TCP/IP printer port must be on the same LAN in order to use the printer sharing function. Tutorial: Enter IP Address of the ADSL Device Select Custom under Device Type and click Settings. Tutorial: Custom Port Settings Confirm the IP address of the ADSL Device in the IP Address field.
Page 60 Chapter 3 Tutorials Tutorial: Custom Port Settings 12 Continue through the wizard, apply your settings and close the wizard window. 13 Repeat steps 1 to 12 to add this printer to other computers on your network. Add a New Printer Using Windows This example shows how to connect a printer to your ADSL Device using the Windows XP Professional operating system.
Page 61 Chapter 3 Tutorials Click Start > Control Panel > Printers and Faxes to open the Printers and Faxes screen. Click Add a Printer. Tutorial: Printers Folder The Add Printer Wizard screen displays. Click Next. Tutorial: Add Printer Wizard: Welcome Select Local printer attached to this computer and click Next. ADSL Series User’s Guide...
Page 62 Chapter 3 Tutorials Tutorial: Add Printer Wizard: Local or Network Printer Select Create a new port and Standard TCP/IP Port. Click Next. Tutorial: Add Printer Wizard: Select the Printer Port Add Standard TCP/IP Printer Port Wizard window opens up. Click Next to start configuring the printer port.
Page 63 Chapter 3 Tutorials Enter the IP address of the ADSL Device to which the printer is connected in the Printer Name or IP Address: field. In our example we use the default IP address of the ADSL Device, 192.168.1.1. The Port Name field updates automatically to reflect the IP address of the port. Click Next. Note: The computer from which you are configuring the TCP/IP printer port must be on the same LAN in order to use the printer sharing function.
Page 64 Chapter 3 Tutorials Tutorial: Custom Port Settings 11 Click Finish to close the wizard window. Tutorial: Finish Adding the TCP/IP Port 12 Select the make of the printer that you want to connect to the print server in the Manufacturer list of printers.
Page 65 Chapter 3 Tutorials Tutorial: Add Printer Wizard: Printer Driver 16 If the following screen displays, select Keep existing driver radio button and click Next if you already have a printer driver installed on your computer and you do not want to change it. Otherwise, select Replace existing driver to replace it with the new driver you selected in the previous screen and click Next.
Page 66 Chapter 3 Tutorials Tutorial: Add Printer Wizard: Name Your Printer 18 The ADSL Device is a print server itself and you do not need to have your computer act as a print server by sharing the printer with other users in the same network; just select Do not share this printer and click Next to proceed to the following screen.
Page 67 Chapter 3 Tutorials Tutorial: Add Printer Wizard: Print Test Page 20 The following screen shows your current printer settings. Select Finish to complete adding a new printer. Tutorial: Add Printer Wizard Complete Add a New Printer Using Macintosh OS X Complete the following steps to set up a print server driver on your Macintosh computer.
Page 68 Chapter 3 Tutorials Tutorial: Macintosh HD folder Double-click the Utilities folder. Tutorial: Applications Folder Double-click the Print Center icon. Tutorial: Utilities Folder Click the Add icon at the top of the screen. Tutorial: Printer List Folder Set up your printer in the Printer List configuration screen. Select IP Printing from the drop- down list box.
Page 69 Chapter 3 Tutorials 11 Select your Printer Model from the drop-down list box. If the printer's model is not listed, select Generic. Tutorial: Printer Configuration 12 Click Add to select a printer model, save and close the Printer List configuration screen. Tutorial: Printer Model 13 The Name LP1 on 192.168.1.1 displays in the Printer List field.
Page 70: Configuring The Mac Address Filter For Restricting Wireless Internet Access
Chapter 3 Tutorials 3.7 Configuring the MAC Address Filter for Restricting Wireless Internet Access Thomas noticed that his daughter Josephine spends too much time surfing the web and downloading media files. He decided to prevent Josephine from accessing the Internet so that she can concentrate on preparing for her final exams.
Page 71: Configuring Static Route For Routing To Another Network
Chapter 3 Tutorials Thomas can also grant access to the computers of other members of his family and friends. However, Josephine and others not listed in this screen will no longer be able to access the Internet through the ADSL Device. 3.8 Configuring Static Route for Routing to Another Network In order to extend your Intranet and control traffic flowing directions, you may connect a router to...
Page 72 Chapter 3 Tutorials You need to specify a static routing rule on the ADSL Device to specify R as the router in charge of forwarding traffic to N2. In this case, the ADSL Device routes traffic from A to R and then R routes the traffic to B.This tutorial uses the following example IP settings: Table 8 IP Settings in this Tutorial DEVICE / COMPUTER...
Page 73: Configuring Qos Queue And Class Setup
Chapter 3 Tutorials Click Apply. The Routing screen should display the route you just added. Now B should be able to receive traffic from A. You may need to additionally configure B’s firewall settings to allow specific traffic to pass through. 3.9 Configuring QoS Queue and Class Setup This section contains tutorials on how you can configure the QoS screen.
Page 74 Chapter 3 Tutorials QoS allows the ADSL Device to group and prioritize application traffic and fine-tune network performance. The ADSL Device assigns each packet a priority and queues the packet according to your configured classifiers. Classifiers define how to sort traffic into different flows, assign priority, and define actions to be performed for classified traffic flows.
Page 75 Chapter 3 Tutorials Class Name Give a class name to this traffic, such as Email in this example. To Queue Link this to a queue created in the QoS > Queue Setup screen, which is the Email queue created in this example. From Interface This is the interface from which the traffic will be coming from.
Page 76 Chapter 3 Tutorials Tutorial: Advanced > QoS > Monitor 3.9.1 QoS Video Example Use Adobe Reader 9 or later to play this example video. You may need to allow playback in Adobe reader and click play again to get it to start. ADSL Series User’s Guide...
Page 77: Access The Adsl Device Using Ddns
Chapter 3 Tutorials 3.10 Access the ADSL Device Using DDNS If you connect your ADSL Device to the Internet and it uses a dynamic WAN IP address, it is inconvenient for you to manage the device from the Internet. The ADSL Device’s WAN IP address changes dynamically.
Page 78: Registering A Ddns Account On Www.dyndns.org
Chapter 3 Tutorials http://zyxelrouter.dyndns.org a.b.c.d w.x.y.z To use this feature, you have to apply for DDNS service at www.dyndns.org. This tutorial shows you how to: • Registering a DDNS Account on www.dyndns.org • Configuring DDNS on Your ADSL Device • Testing the DDNS Setting Note: If you have a private WAN IP address, then you cannot use DDNS.
Page 79: Testing The Ddns Setting
Chapter 3 Tutorials Click Apply. 3.10.3 Testing the DDNS Setting Now you should be able to access the ADSL Device from the Internet. To test this: Open a web browser on the computer (using the IP address a.b.c.d) that is connected to the Internet.
Page 80 Chapter 3 Tutorials ADSL Series User’s Guide...
Page 81: Technical Reference
Technical Reference...
Page 83: Connection Status And System Info Screens
H A PT ER Connection Status and System Info Screens 4.1 Overview After you log into the web configurator, the Connection Status screen appears. This shows the network connection status of the ZyXEL Device and clients connected to it. Use the System Info screen to look at the current status of the device, system resources and interfaces (LAN, WAN, WLAN).
Page 84: The System Info Screen
Chapter 4 Connection Status and System Info Screens Figure 19 Connection Status: List View In Icon View, if you want to view information about a client, click the client’s name and then click on Info. If you want to change the name or icon of the client, click the client’s name and then click on Change name/icon.
Page 85 Chapter 4 Connection Status and System Info Screens Table 9 System Info Screen LABEL DESCRIPTION Refresh Interval Select how often you want the ZyXEL Device to update this screen from the drop-down list box. Device Information Host Name This field displays the ZyXEL Device system name. It is used for identification. You can change this in the Maintenance >...
Page 86 Chapter 4 Connection Status and System Info Screens LABEL DESCRIPTION Status This field indicates whether or not the ZyXEL Device is using the interface. For the DSL interface, this field displays Down (line is down), Up (line is up or connected), Initializing (line is initializing), Establishing Link (line is establishing a link) if you're using Ethernet encapsulation and Down (line is down), Up (line is up or connected), Idle (line (ppp) idle), Dial (starting to trigger a call) and Drop (dropping a...
Page 87: Broadband
H A PT ER Broadband 5.1 Overview This chapter discusses the ZyXEL Device’s Broadband screens. Use these screens to configure your ZyXEL Device for Internet access. A WAN (Wide Area Network) connection is an outside connection to another network or the Internet.
Page 88: Before You Begin
Chapter 5 Broadband WAN IP Address The WAN IP address is an IP address for the ZyXEL Device, which makes it accessible from an outside network. It is used by the ZyXEL Device to communicate with other devices in other networks.
Page 89: Add/Edit Internet Connection
Chapter 5 Broadband The following table describes the fields in this screen. Table 10 Network Setting > Broadband LABEL DESCRIPTION Add new WAN Click this to create a new WAN interface. Interface Internet Setup This is the index number of the connection. Name This is the service name of the connection.
Page 90 Chapter 5 Broadband Figure 23 Broadband Add/Edit: Routing- PPPoE The following table describes the fields in this screen. Table 11 Broadband Add/Edit: Routing- PPPoE Label DESCRIPTION General Name Enter a service name of the connection. Type ADSL: The ZyXEL Device uses the ADSL technology for data transmission over the DSL port.
Page 91 Chapter 5 Broadband Table 11 Broadband Add/Edit: Routing- PPPoE (continued) Label DESCRIPTION WAN Service Type This field is available only when you select Routing in the Mode field. Select the method of encapsulation used by your ISP. • PPP over Ethernet (PPPoE) - PPPoE (Point to Point Protocol over Ethernet) provides access control and billing functionality in a manner similar to dial-up services using PPP.
Page 92 Chapter 5 Broadband Table 11 Broadband Add/Edit: Routing- PPPoE (continued) Label DESCRIPTION PPP User Name Enter the user name exactly as your ISP assigned. If assigned a name in the form user@domain where domain identifies a service name, then enter both components exactly as given.
Page 93 Chapter 5 Broadband Table 11 Broadband Add/Edit: Routing- PPPoE (continued) Label DESCRIPTION Apply Click Apply to save your changes. Back Click Back to return to the previous screen. 5.2.1.2 Routing- IPoE Click the Add new WAN Interface in the Network Setting > Broadband screen or the Edit icon next to the connection you want to configure.
Page 94 Chapter 5 Broadband The following table describes the fields in this screen. Table 12 Broadband Add/Edit: Routing- IPoE Label DESCRIPTION General Name Enter a service name of the connection. Type ADSL: The ZyXEL Device uses the ADSL technology for data transmission over the DSL port.
Page 95 Chapter 5 Broadband Table 12 Broadband Add/Edit: Routing- IPoE (continued) Label DESCRIPTION The Maximum Transmission Unit (MTU) defines the size of the largest packet allowed on an interface or connection. Enter the MTU in this field. For IPoE, the MTU value is 1500. IP Address This section is available only when you select Routing in the Mode field and IPoE in the WAN Service Type field.
Page 96 Chapter 5 Broadband 5.2.1.3 Routing- PPPoA Click the Add new WAN Interface in the Network Setting > Broadband screen or the Edit icon next to the connection you want to configure. Select Routing as the encapsulation mode and PPPoA as the WAN service type. Figure 25 Broadband Add/Edit: Routing- PPPoA The following table describes the fields in this screen.
Page 97 Chapter 5 Broadband Table 13 Broadband Add/Edit: Routing- PPPoA Label DESCRIPTION Type ADSL: The ZyXEL Device uses the ADSL technology for data transmission over the DSL port. Mode Select Routing (default) from the drop-down list box if your ISP give you one IP address only and you want multiple computers to share an Internet account.
Page 98 Chapter 5 Broadband Table 13 Broadband Add/Edit: Routing- PPPoA Label DESCRIPTION PPP Password Enter the password associated with the user name above. Authentication The ZyXEL Device supports PAP (Password Authentication Protocol) and CHAP Method (Challenge Handshake Authentication Protocol). CHAP is more secure than PAP; however, PAP is readily available on more platforms.
Page 99 Chapter 5 Broadband Figure 26 Broadband Add/Edit: Bridge (ADSL) The following table describes the fields in this screen. Table 14 Broadband Add/Edit: Bridge (ADSL) Label DESCRIPTION General Name Enter a service name of the connection. Type Select ADSL as the interface for which you want to configure here. The ZyXEL Device uses the ADSL technology for data transmission over the DSL port.
Page 100: Technical Reference
Chapter 5 Broadband Table 14 Broadband Add/Edit: Bridge (ADSL) (continued) Label DESCRIPTION Encapsulation Mode The encapsulation method of multiplexing used by your is LLC/SNAP-BRIDGING. In LCC encapsulation, bridged PDUs are encapsulated by identifying the type of the bridged media in the SNAP header. Service Category Select UBR Without PCR for applications that are non-time sensitive, such as e-mail.
Page 101 Chapter 5 Broadband For the service provider, PPPoE offers an access and authentication method that works with existing access control systems (for example RADIUS). One of the benefits of PPPoE is the ability to let you access one of multiple network services, a function known as dynamic service selection.
Page 102 Chapter 5 Broadband congestion, which is important for transmission of real time data such as audio and video connections. Peak Cell Rate (PCR) is the maximum rate at which the sender can send cells. This parameter may be lower (but not higher) than the maximum line speed. 1 ATM cell is 53 bytes (424 bits), so a maximum speed of 832Kbps gives a maximum PCR of 1962 cells/sec.
Page 103 Chapter 5 Broadband The VBR-RT (real-time Variable Bit Rate) type is used with bursty connections that require closely controlled delay and delay variation. It also provides a fixed amount of bandwidth (a PCR is specified) but is only available when data is being sent. An example of an VBR-RT connection would be video conferencing.
Page 104 Chapter 5 Broadband and is used by IP multicast computers. The address 224.0.0.1 is used for query messages and is assigned to the permanent group of all IP hosts (including gateways). All hosts must join the 224.0.0.1 group in order to participate in IGMP. The address 224.0.0.2 is assigned to the multicast routers group.
Page 105: Wireless
H A PT ER Wireless 6.1 Overview This chapter describes the ZyXEL Device’s Network Setting > Wireless screens. Use these screens to set up your ZyXEL Device’s wireless connection. 6.1.1 What You Can Do in this Chapter • Use the General screen to enable the Wireless LAN, enter the SSID and select the wireless security mode (Section 6.2 on page 107).
Page 106 Chapter 6 Wireless Figure 28 Example of a Wireless Network The wireless network is the part in the blue circle. In this wireless network, devices A and B use the access point (AP) to interact with the other devices (such as the printer) or with the Internet. Your ZyXEL Device is the AP.
Page 107: Before You Begin
Chapter 6 Wireless 6.1.3 Before You Begin Before you start using these screens, ask yourself the following questions. See Section 6.7 on page if some of the terms used here do not make sense to you. • What wireless standards do the other wireless devices support (IEEE 802.11g, for example)? What is the most appropriate standard to use? •...
Page 108 Chapter 6 Wireless The following table describes the labels in this screen. Table 15 Network > Wireless LAN > General LABEL DESCRIPTION Wireless Network Setup Wireless Select the Enable Wireless LAN check box to activate the wireless LAN. Wireless Network Settings Wireless The SSID (Service Set IDentity) identifies the service set with which a wireless device is Network Name...
Page 109: No Security
Chapter 6 Wireless 6.2.1 No Security Select No Security to allow wireless stations to communicate with the access points without any data encryption or authentication. Note: If you do not enable any wireless security on your ZyXEL Device, your network is accessible to any wireless networking device that is within range.
Page 110 Chapter 6 Wireless Figure 31 Wireless > General: Basic (Static WEP/Shared WEP) The following table describes the labels in this screen. Table 17 Wireless > General: Basic (Static WEP/Shared WEP) LABEL DESCRIPTION Security Mode Choose Static WEP or Shared WEP from the drop-down list box. •...
Page 111: More Secure (Wpa(2)-Psk)
Chapter 6 Wireless 6.2.3 More Secure (WPA(2)-PSK) The WPA-PSK security mode provides both improved data encryption and user authentication over WEP. Using a Pre-Shared Key (PSK), both the ZyXEL Device and the connecting client share a common password in order to validate the connection. This type of encryption, while robust, is not as strong as WPA, WPA2 or even WPA2-PSK.
Page 112: Wpa(2) Authentication
Chapter 6 Wireless Table 18 Wireless > General: WPA(2)-PSK (continued) LABEL DESCRIPTION WPA-PSK This field appears when you choose WPA-PSK2 as the Security Mode. Compatible Check this field to allow wireless devices using WPA-PSK security mode to connect to your ZyXEL Device. The ZyXEL Device supports WPA-PSK and WPA2-PSK simultaneously.
Page 113: The More Ap Screen
Chapter 6 Wireless The following table describes the labels in this screen. Table 19 Wireless > General: More Secure: WPA(2) LABEL DESCRIPTION Security Level Select More Secure to enable WPA(2)-PSK data encryption. Security Mode Choose WPA or WPA2 from the drop-down list box. Authentication Server IP Address Enter the IP address of the external authentication server in dotted decimal notation.
Page 114: Edit More Ap
Chapter 6 Wireless The following table describes the labels in this screen. Table 20 Network Settings > Wireless > More AP LABEL DESCRIPTION This is the index number of the entry. Active This field indicates whether this SSID is active. A yellow bulb signifies that this SSID is active.
Page 115: The Wps Screen
Chapter 6 Wireless Table 21 Wireless > More AP: Edit LABEL DESCRIPTION Wireless Network Name The SSID (Service Set IDentity) identifies the service set with which a wireless (SSID) device is associated. Wireless devices associating to the access point (AP) must have the same SSID.
Page 116 Chapter 6 Wireless Figure 36 Network Setting > Wireless > WPS The following table describes the labels in this screen. Table 22 Network Setting > Wireless > WPS LABEL DESCRIPTION Enable WPS Select Enable to activate WPS on the ZyXEL Device. Add a new device with WPS Method Method 1 PBC Use this section to set up a WPS wireless network using Push Button Configuration...
Page 117: The Wmm Screen
Chapter 6 Wireless Table 22 Network Setting > Wireless > WPS (continued) LABEL DESCRIPTION AP PIN The PIN of the ZyXEL Device is shown here. Enter this PIN in the configuration utility of the device you want to connect to using WPS. The PIN is not necessary when you use WPS push-button method.
Page 118: Scheduling Screen
Chapter 6 Wireless The following table describes the labels in this screen. Table 23 Network Setting > Wireless > WMM LABEL DESCRIPTION Enable WMM of This enables the ZyXEL Device to automatically give a service a priority level according SSID1~4 to the ToS value in the IP header of packets it sends.
Page 119: Technical Reference
Chapter 6 Wireless Table 24 Network Setting > Wireless > Scheduling LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. 6.7 Technical Reference This section discusses wireless LANs in depth. For more information, see the appendix. 6.7.1 Additional Wireless Terms The following table describes some wireless network terms and acronyms used in the ZyXEL Device’s web configurator.
Page 120 Chapter 6 Wireless These security standards vary in effectiveness. Some can be broken, such as the old Wired Equivalent Protocol (WEP). Using WEP is better than using no security at all, but it will not keep a determined attacker out. Other security standards are secure in themselves but can be broken if a user does not use them properly.
Page 121 Chapter 6 Wireless 6.7.2.3 User Authentication Authentication is the process of verifying whether a wireless device is allowed to use the wireless network. You can make every user log in to the wireless network before using it. However, every device in the wireless network has to support IEEE 802.1x to do this. For wireless networks, you can store the user names and passwords for each user in a RADIUS server.
Page 122: Signal Problems
Chapter 6 Wireless Many types of encryption use a key to protect the information in the wireless network. The longer the key, the stronger the encryption. Every device in the wireless network must have the same key. 6.7.3 Signal Problems Because wireless networks are radio networks, their signals are subject to limitations of distance, interference and absorption.
Page 123: Wifi Protected Setup (Wps)
Chapter 6 Wireless 6.7.5.1 Notes on Multiple BSSs • A maximum of eight BSSs are allowed on one AP simultaneously. • You must use different keys for different BSSs. If two wireless devices have different BSSIDs (they are in different BSSs), but have the same keys, they may hear each other’s communications (but not communicate with each other).
Page 124 Chapter 6 Wireless Use the PIN method instead of the push-button configuration (PBC) method if you want to ensure that the connection is established between the devices you specify, not just the first two devices to activate WPS in range of each other. However, you need to log into the configuration interfaces of both devices to use the PIN method.
Page 125 Chapter 6 Wireless Figure 40 Example WPS Process: PIN Method ENROLLEE REGISTRAR This device’s WPS PIN: 123456 Enter WPS PIN from other device: START START WITHIN 2 MINUTES SECURE EAP TUNNEL SSID WPA(2)-PSK COMMUNICATION 6.7.6.3 How WPS Works When two WPS-enabled devices connect, each device must assume a specific role. One device acts as the registrar (the device that supplies network and security settings) and the other device acts as the enrollee (the device that receives network and security settings.
Page 126 Chapter 6 Wireless Figure 41 How WPS works ACTIVATE ACTIVATE WITHIN 2 MINUTES WPS HANDSHAKE ENROLLEE REGISTRAR SECURE TUNNEL SECURITY INFO COMMUNICATION The roles of registrar and enrollee last only as long as the WPS setup process is active (two minutes).
Page 127 Chapter 6 Wireless Figure 42 WPS: Example Network Step 1 ENROLLEE REGISTRAR SECURITY INFO CLIENT 1 In step 2, you add another wireless client to the network. You know that Client 1 supports registrar mode, but it is better to use AP1 for the WPS handshake with the new client since you must connect to the access point anyway in order to use the network.
Page 128 Chapter 6 Wireless In step 3, you add another access point (AP2) to your network. AP2 is out of range of AP1, so you cannot use AP1 for the WPS handshake with the new access point. However, you know that Client 2 supports the registrar function, so you use it to perform the WPS handshake instead.
Page 129 Chapter 6 Wireless • When you use the PBC method, there is a short period (from the moment you press the button on one device to the moment you press the button on the other device) when any WPS-enabled device could join the network. This is because the registrar has no way of identifying the “correct”...
Page 130 Chapter 6 Wireless ADSL Series User’s Guide...
Page 131: Home Networking
H A PT ER Home Networking 7.1 Overview A Local Area Network (LAN) is a shared communication system to which many computers are attached. A LAN is usually located in one immediate area such as a building or floor of a building. The LAN screens can help you configure a LAN DHCP server and manage IP addresses.
Page 132 Chapter 7 Home Networking Subnet Mask The subnet mask specifies the network number portion of an IP address. Your ZyXEL Device will compute the subnet mask automatically based on the IP address that you entered. You don't need to change the subnet mask computed by the ZyXEL Device unless you are instructed to do otherwise.
Page 133 Chapter 7 Home Networking 7.1.2.3 About File Sharing User Account This gives you access to the file sharing server. It includes your user name and password. Workgroup name This is the name given to a set of computers that are connected on a network and share resources such as a printer or files.
Page 134: The Lan Setup Screen
Chapter 7 Home Networking 7.1.2.5 About Printer Server Print Server This is a computer or other device which manages one or more printers, and which sends print jobs to each printer from the computer itself or other devices. Operating System An operating system (OS) is the interface which helps you manage a computer.
Page 135 Chapter 7 Home Networking Figure 45 Network Setting > Home Networking > LAN Setup The following table describes the fields on this screen. Table 27 Network Setting > Home Networking > LAN Setup LABEL DESCRIPTION LAN IP Setup IP Address Enter the LAN IP address you want to assign to your ZyXEL Device in dotted decimal notation, for example, 192.168.1.1 (factory default).
Page 136: The Static Dhcp Screen
Chapter 7 Home Networking Table 27 Network Setting > Home Networking > LAN Setup (continued) LABEL DESCRIPTION DNS Server 1-3 Select From ISP if your ISP dynamically assigns DNS server information (and the ZyXEL Device's WAN IP address). Select User-Defined if you have the IP address of a DNS server. Enter the DNS server's IP address in the field to the right.
Page 137: The Upnp Screen
Chapter 7 Home Networking Table 28 Network Setting > Home Networking > Static DHCP (continued) LABEL DESCRIPTION MAC Address The MAC (Media Access Control) or Ethernet address on a LAN (Local Area Network) is unique to your computer (six pairs of hexadecimal notation). A network interface card such as an Ethernet adapter has a hardwired address that is assigned at the factory.
Page 138: The File Sharing Screen
Chapter 7 Home Networking Figure 48 Network Setting > Home Networking > UPnP The following table describes the labels in this screen. Table 30 Network Settings > Home Networking > UPnP LABEL DESCRIPTION UPnP Select Enable to activate UPnP. Be aware that anyone could use a UPnP application to open the web configurator's login screen without entering the ZyXEL Device's IP address (although you must still enter the password to access the web configurator).
Page 139: Before You Begin
Chapter 7 Home Networking 7.5.1 Before You Begin Make sure the ZyXEL Device is connected to your network and turned on. Connect the USB device to the ZyXEL Device’s USB port. Make sure the ZyXEL Device is connected to your network. The ZyXEL Device detects the USB device and makes its contents available for browsing.
Page 140: Add/Edit File Sharing
Chapter 7 Home Networking Table 31 Network Setting > Home Networking > File Sharing LABEL DESCRIPTION Add New User Click this only if you want to define a user name and a password required to access the share - see 7.5.3. Note: By default, everyone connected to the ZyXEL Device can access the share.
Page 141: Add New User
Chapter 7 Home Networking Table 32 File Sharing: Add New Share LABEL DESCRIPTION Access Level Select Public to make the share available to all users on your network. This is the default option. Select Security if you wish define usernames and passwords required to access a specific share - see 7.5.3 to create users.
Page 142: The Media Server Screen
Chapter 7 Home Networking 7.6 The Media Server Screen You can set up your ZyXEL Device to act as a media server to provide media (like video) to DLNA- compliant players, such as Windows Media Player, ZyXEL DMAs (Digital Media Adapters), Xboxes or PS3s.
Page 143: The Print Server Screen
Chapter 7 Home Networking Each field is described in the following table. Table 34 Network Setting > Home Networking > Media Server LABEL DESCRIPTION Enable Media Select this to have the ZyXEL Device function as a DLNA-compliant media server. Server Apply Click Apply to save your changes back to the ZyXEL Device.
Page 144: Technical Reference
Chapter 7 Home Networking Figure 56 Network Setting > Home Networking > Printer Server The following table describes the labels in this menu. Table 35 Network Setting > Home Networking > Print Server LABEL DESCRIPTION ZyXEL Device share a USB printer Printer Server Select Enable to have the Apply...
Page 145 Chapter 7 Home Networking IP Pool Setup The ZyXEL Device is pre-configured with a pool of IP addresses for the DHCP clients (DHCP Pool). See the product specifications in the appendices. Do not assign static IP addresses from the DHCP pool to your LAN computers.
Page 146 Chapter 7 Home Networking You can obtain your IP address from the IANA, from an ISP or it can be assigned from a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks.
Page 147 Chapter 7 Home Networking Table 36 Compatible USB Printers (continued) BRAND MODEL EPSON Stylus Color 670 Deskjet 5550 Deskjet 5652 Deskjet 830C Deskjet 845C Deskjet 1125C Deskjet 1180C Deskjet 1220C Deskjet F4185 Laserjet 1022 Laserjet 1200 Laserjet 2200D Laserjet 2420 Color Laserjet 1500L Laserjet 3015 Officejet 4255...
Page 148: Installing Upnp In Windows Example
Chapter 7 Home Networking Table 36 Compatible USB Printers (continued) BRAND MODEL B4350 SAMSUNG ML-1710 SAMSUNG SCX-4016 7.9 Installing UPnP in Windows Example This section shows how to install UPnP in Windows Me and Windows XP. Installing UPnP in Windows Me Follow the steps below to install the UPnP in Windows Me.
Page 149 Chapter 7 Home Networking Figure 59 Add/Remove Programs: Windows Setup: Communication: Components Click OK to go back to the Add/Remove Programs Properties window and click Next. Restart the computer when prompted. Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. Click Start and Control Panel.
Page 150 Chapter 7 Home Networking Figure 61 Windows Optional Networking Components Wizard In the Networking Services window, select the Universal Plug and Play check box. Figure 62 Networking Services Click OK to go back to the Windows Optional Networking Component Wizard window and click Next.
Page 151: Using Upnp In Windows Xp Example
Chapter 7 Home Networking 7.10 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the ZyXEL Device. Make sure the computer is connected to a LAN port of the ZyXEL Device.
Page 152 Chapter 7 Home Networking Figure 64 Internet Connection Properties You may edit or delete the port mappings or click Add to manually add port mappings. ADSL Series User’s Guide...
Page 153 Chapter 7 Home Networking Figure 65 Internet Connection Properties: Advanced Settings Figure 66 Internet Connection Properties: Advanced Settings: Add When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. Select Show icon in notification area when connected option and click OK. An icon displays in the system tray.
Page 154 Chapter 7 Home Networking Figure 67 System Tray Icon Double-click on the icon to display your current Internet connection status. Figure 68 Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the ZyXEL Device without finding out the IP address of the ZyXEL Device first.
Page 155 Chapter 7 Home Networking Figure 69 Network Connections An icon with the description for each UPnP-enabled device displays under Local Network. Right-click on the icon for your ZyXEL Device and select Invoke. The web configurator login screen displays. ADSL Series User’s Guide...
Page 156 Chapter 7 Home Networking Figure 70 Network Connections: My Network Places Right-click on the icon for your ZyXEL Device and select Properties. A properties window displays with basic information about the ZyXEL Device. Figure 71 Network Connections: My Network Places: Properties: Example ADSL Series User’s Guide...
Page 157: Routing
H A PT ER Routing 8.1 Overview The ZyXEL Device usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the ZyXEL Device send data to devices not reachable through the default gateway, use static routes.
Page 158: Add/Edit Static Route
Chapter 8 Routing Figure 73 Network Setting > Routing The following table describes the labels in this screen. Table 37 Network Setting > Routing LABEL DESCRIPTION Add New Static Click this to set up a new static route on the ZyXEL Device. Route This is the number of an individual static route.
Page 159 Chapter 8 Routing The following table describes the labels in this screen. Table 38 Routing: Add/Edit LABEL DESCRIPTION Active Click this to activate this static route. Route Name Enter the name of the IP static route. Leave this field blank to delete this static route. Destination IP This parameter specifies the IP network address of the final destination.
Page 160 Chapter 8 Routing ADSL Series User’s Guide...
Page 161: Dns Route
H A PT ER DNS Route 9.1 Overview DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a machine before you can access it.
Page 162: The Dns Route Screen
Chapter 9 DNS Route 9.2 The DNS Route Screen The DNS Route screens let you view and configure DNS routes on the ZyXEL Device. Click Network Setting > DNS Route to open the DNS Route screen. Figure 76 Network Setting > DNS Route The following table describes the labels in this screen.
Page 163 Chapter 9 DNS Route The following table describes the labels in this screen. Table 40 DNS Route: Add/Edit LABEL DESCRIPTION Active Select this to activate this DNS route. Domain Name Enter the domain name you want to resolve. You can use the wildcard character, an “*” (asterisk) as the left most part of a domain name, such as *.example.com.
Page 164 Chapter 9 DNS Route ADSL Series User’s Guide...
Page 165: Quality Of Service (Qos)
HAPTER Quality of Service (QoS) 10.1 Overview This chapter discusses the ZyXEL Device’s QoS screens. Use these screens to set up your ZyXEL Device to use QoS for traffic management. Quality of Service (QoS) refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth.
Page 166: The Qos General Screen
Chapter 10 Quality of Service (QoS) CoS technologies include IEEE 802.1p layer 2 tagging and DiffServ (Differentiated Services or DS). IEEE 802.1p tagging makes use of three bits in the packet header, while DiffServ is a new protocol and defines a new DS field, which replaces the eight-bit ToS (Type of Service) field in the IP header. Tagging and Marking In a QoS class, you can configure whether to add or change the DSCP (DiffServ Code Point) value, IEEE 802.1p priority level and VLAN ID number in a matched packet.
Page 167: The Queue Setup Screen
Chapter 10 Quality of Service (QoS) The following table describes the labels in this screen. Table 41 Network Setting > QoS > General LABEL DESCRIPTION Active QoS Select the check box to turn on QoS to improve your network performance. You can give priority to traffic that the ZyXEL Device forwards out through the WAN interface.
Page 168: Add/Edit A Qos Queue
Chapter 10 Quality of Service (QoS) The following table describes the labels in this screen. Table 42 Network Setting > QoS > Queue Setup LABEL DESCRIPTION Add new Queue Click this to create a new entry. This is the index number of this entry. Status Select the check box to enable the queue.
Page 169: The Class Setup Screen
Chapter 10 Quality of Service (QoS) Table 43 Queue Setup: Add/Edit LABEL DESCRIPTION Priority Select the priority level (from 1 to 7) of this queue. The larger the number, the higher the priority level. Traffic assigned to higher priority queues gets through faster while traffic in lower priority queues is dropped if the network is congested.
Page 170: Add/Edit Qos Class
Chapter 10 Quality of Service (QoS) Table 44 Network Setting > QoS > Class Setup (continued) LABEL DESCRIPTION To Queue This is the name of the queue in which traffic of this classifier is put. Modify Click the Edit icon to edit the classifier. Click the Delete icon to delete an existing classifier.
Page 171 Chapter 10 Quality of Service (QoS) The following table describes the labels in this screen. Table 45 Class Setup: Add/Edit LABEL DESCRIPTION Class Configuration Active Select to enable this classifier. Class Name Enter a descriptive name of up to 32 printable English keyboard characters, including spaces.
Page 172 Chapter 10 Quality of Service (QoS) Table 45 Class Setup: Add/Edit (continued) LABEL DESCRIPTION MAC Mask Type the mask for the specified MAC address to determine which bits a packet’s MAC address should match. Enter “f” for each bit of the specified source MAC address that the traffic’s MAC address should match.
Page 173: The Qos Monitor Screen
Chapter 10 Quality of Service (QoS) 10.5 The QoS Monitor Screen To view the ZyXEL Device’s QoS packet statistics, click Network Setting > QoS > Monitor. The screen appears as shown. Figure 83 Network Setting > QoS > Monitor The following table describes the labels in this screen. Table 46 Network Setting >...
Page 174: Ip Precedence
Chapter 10 Quality of Service (QoS) 10.6.1 IP Precedence Similar to IEEE 802.1p prioritization at layer-2, you can use IP precedence to prioritize packets in a layer-3 network. IP precedence uses three bits of the eight-bit ToS (Type of Service) field in the IP header.
Page 175: Network Address Translation (Nat)
HAPTER Network Address Translation (NAT) 11.1 Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network.
Page 176: The Port Forwarding Screen
Chapter 11 Network Address Translation (NAT) Port Forwarding A port forwarding set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visible to the outside world even though NAT makes your whole inside network appear as a single computer to the outside world.
Page 177: The Port Forwarding Screen
Chapter 11 Network Address Translation (NAT) 11.2.1 The Port Forwarding Screen Click Network Setting > NAT to open the Port Forwarding screen. Appendix E on page 331 for port numbers commonly used for particular services. Figure 85 Network Setting > NAT > Port Forwarding The following table describes the fields in this screen.
Page 178: The Sessions Screen
Chapter 11 Network Address Translation (NAT) Figure 86 Port Forwarding: Add/Edit The following table describes the labels in this screen. Table 48 Port Forwarding: Add/Edit LABEL DESCRIPTION Service Name Enter a name to identify this rule using keyboard characters (A-Z, a-z, 1-2 and so on). WAN Interface Select the WAN interface through which the service is forwarded.
Page 179: The Alg Screen
Chapter 11 Network Address Translation (NAT) Figure 87 Network Setting > NAT > Sessions The following table describes the fields in this screen. Table 49 Network Setting > NAT > Sessions LABEL DESCRIPTION MAX NAT Sessions Use this field to set a common limit to the number of concurrent NAT sessions each client computer can have.
Page 180: Technical Reference
Chapter 11 Network Address Translation (NAT) 11.5 Technical Reference This section provides some technical background information about the topics covered in this chapter. 11.5.1 NAT Definitions Inside/outside denotes where a host is located relative to the ZyXEL Device, for example, the computers of your subscribers are the inside hosts, while the web servers on the Internet are the outside hosts.
Page 181 Chapter 11 Network Address Translation (NAT) Address) is the source address on the WAN. For incoming packets, the ILA is the destination address on the LAN, and the IGA is the destination address on the WAN. NAT maps private (local) IP addresses to globally unique ones required for communication with hosts on other networks.
Page 182 Chapter 11 Network Address Translation (NAT) ADSL Series User’s Guide...
Page 183: Dynamic Dns
HAPTER Dynamic DNS 12.1 Overview This chapter discusses how to configure your ZyXEL Device to use Dynamic DNS. Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in applications such as NetMeeting and CU-SeeMe). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect.
Page 184 Chapter 12 Dynamic DNS Figure 90 Network Setting > DNS The following table describes the fields in this screen. Table 52 Network Setting > DNS LABEL DESCRIPTION Dynamic DNS Configuration Active Dynamic Select this check box to use dynamic DNS. Service Provider Select the name of your Dynamic DNS service provider.
Page 185: Firewall
HAPTER Firewall 13.1 Overview Use the ZyXEL Device firewall screens to enable and configure the firewall that protects your ZyXEL Device and network from attacks by hackers on the Internet and control access to it. By default the firewall: • allows traffic that originates from your LAN and WLAN computers to go to all other networks. •...
Page 186: The General Screen
Chapter 13 Firewall It is designed to protect against Denial of Service (DoS) attacks when activated. The ZyXEL Device's purpose is to allow a private Local Area Network (LAN) to be securely connected to the Internet. The ZyXEL Device can be used to prevent theft, destruction and modification of data, as well as log events, which may be important to the security of your network.
Page 187: The Services Screen
Chapter 13 Firewall 13.3 The Services Screen Use this screen to enable service blocking and to maintain the list of services you want to block. To access this screen, click Security > Firewall > Services. Note: These rules specify which computers on the LAN can access which computers or services on the WAN.
Page 188: Firewall Technical Reference
Chapter 13 Firewall Table 54 Security > Firewall > Services (continued) LABEL DESCRIPTION Delete Select a service in the Blocked Services, and click this to remove the service from the list. Clear All Click this to remove all the services in the Blocked Services list. Apply Click Apply to save your changes.
Page 189 Chapter 13 Firewall Does this rule conflict with any existing rules? Once these questions have been answered, adding rules is simply a matter of entering the information into the correct fields in the web configurator screens. ADSL Series User’s Guide...
Page 190 Chapter 13 Firewall ADSL Series User’s Guide...
Page 191: Mac Filter
HAPTER MAC Filter 14.1 Overview This chapter discusses MAC address filtering. You can configure the ZyXEL Device to permit access to clients based on their MAC addresses in the MAC Filter screen. This applies to wired and wireless connections. 14.1.1 What You Need to Know Every Ethernet device has a unique MAC (Media Access Control) address.
Page 192 Chapter 14 MAC Filter The following table describes the labels in this menu. Table 55 Security > MAC Filter LABEL DESCRIPTION MAC Address Select Enable to activate MAC address filtering. Filter This is the index number of the MAC address. Allow Select Allow to permit access to the ZyXEL Device.
Page 193: Certificates
HAPTER Certificates 15.1 Overview The ZyXEL Device can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication. 15.1.1 What You Can Do in this Chapter •...
Page 194 Chapter 15 Certificates The ZyXEL Device uses certificates based on public-key cryptology to authenticate users attempting to establish a connection. The method used to secure the data that you send through an established connection depends on the type of connection. For example, a VPN tunnel might use the triple DES encryption algorithm.
Page 195: Verifying A Certificate
Chapter 15 Certificates 15.1.3 Verifying a Certificate Before you import a trusted CA or trusted remote host certificate into the ZyXEL Device, you should verify that you have the actual certificate. This is especially true of trusted CA certificates since the ZyXEL Device also trusts any valid certificate signed by any of the imported trusted CA certificates.
Page 196: Local Certificates
Chapter 15 Certificates 15.2 Local Certificates Use this screen to view the ZyXEL Device’s summary list of certificates and certification requests. You can import the following certificates to your ZyXEL Device: • Web Server - This certificate secures HTTP connections. •...
Page 197: Trusted Cas
Chapter 15 Certificates Table 56 Security > Certificates > Local Certificates (continued) LABEL DESCRIPTION Browse Click Browse to find the certificate file you want to upload. Current File This field displays the name used to identify this certificate. It is recommended that you give each certificate a unique name.
Page 198: Trusted Ca Import
Chapter 15 Certificates 15.2.2 Trusted CA Import Click Import Certificate in the Trusted CAs screen to open the Import Certificate screen. You can save a trusted certification authority’s certificate to the ZyXEL Device. Note: You must remove any spaces from the certificate’s filename before you can import the certificate.
Page 199: Vpn Certificates
Chapter 15 Certificates Figure 100 Trusted CA: View The following table describes the labels in this screen. Table 59 Trusted CA: View LABEL DESCRIPTION Certificate Name This field displays the identifying name of this certificate. If you want to change the name, type up to 31 characters to identify this key certificate.
Page 200: Import Certificate
Chapter 15 Certificates The following table describes the labels in this screen. Table 60 Security > Certificates > VPN Certificates LABEL DESCRIPTION Import Certificate Click this button to open a screen where you can save the certificate of a certification authority that you trust to the ZyXEL Device.
Page 201 Chapter 15 Certificates Security > Certificates > VPN Certificates Figure 102 The following table describes the labels in this screen. Table 61 VPN Certificates > Import LABEL DESCRIPTION Name Type a name for this certificate Public Key The value provided by a designated authority, which combined with a private key, can be used to encrypt messages.
Page 202 Chapter 15 Certificates ADSL Series User’s Guide...
Page 203: Vpn
HAPTER 16.1 Overview A virtual private network (VPN) provides secure communications between sites without the expense of leased site-to-site lines. A secure VPN is a combination of tunneling, encryption, authentication, access control and auditing. It is used to transport traffic over the Internet or any insecure network that uses TCP/IP for communication.
Page 204 Chapter 16 VPN Figure 104 VPN: IKE SA and IPSec SA IPSec SA IKE SA In this example, a computer in network A is exchanging data with a computer in network B. Inside networks A and B, the data is transmitted the same way data is normally transmitted in the networks.
Page 205: Before You Begin
Chapter 16 VPN Finding Out More Section 16.6 on page 212 for advanced technical information on IPSec VPN. 16.1.3 Before You Begin If a VPN tunnel uses Telnet, FTP, WWW, then you should configure remote management (Remote MGMT) to allow access for that service. 16.2 VPN Setup Screen The following figure helps explain the main fields in the web configurator.
Page 206: The Vpn Edit Screen
Chapter 16 VPN The following table describes the fields in this screen. Table 62 Security > VPN > Setup LABEL DESCRIPTION Add New Tunnel Click this button to set up VPN policies for a new tunnel This is the VPN policy index number. Click a number to edit VPN policies. Active This field displays whether the VPN policy is active or not.
Page 207 Chapter 16 VPN Figure 107 Security > VPN > Setup > Edit The following table describes the fields in this screen. Table 63 Security > VPN > Setup > Edit LABEL DESCRIPTION IPSec Setup Active Select this check box to activate this VPN policy. This option determines whether a VPN rule is applied before a packet leaves the firewall.
Page 208 Chapter 16 VPN Table 63 Security > VPN > Setup > Edit LABEL DESCRIPTION Local Specify the IP addresses of the devices behind the ZyXEL Device that can use the VPN tunnel. The local IP addresses must correspond to the remote IPSec router's configured remote IP addresses.
Page 209 Chapter 16 VPN Table 63 Security > VPN > Setup > Edit LABEL DESCRIPTION Content When you select IP in the Local ID Type field, type the IP address of your computer in the local Content field. The ZyXEL Device automatically uses the IP address in the My IP Address field (refer to the My IP Address field description) if you configure the local Content field to 0.0.0.0 or leave it blank.
Page 210: Configuring Advanced Settings
Chapter 16 VPN Table 63 Security > VPN > Setup > Edit LABEL DESCRIPTION Advanced Setup Click Advanced Setup to configure more detailed settings of your IKE key management. Apply Click Apply to save your changes back to the ZyXEL Device. Back Click Back to return to the previous screen.
Page 211 Chapter 16 VPN Table 64 Security > VPN > Setup > Edit > Advanced Setup (continued) LABEL DESCRIPTION Authentication Select MD5, SHA1, SHA2-256 or SHA2-512 from the drop-down list box. MD5 Algorithm (Message Digest 5) and SHA1 (Secure Hash Algorithm) and SHA2 are hash algorithms used to authenticate packet data.
Page 212: Viewing Sa Monitor
Chapter 16 VPN 16.5 Viewing SA Monitor Click Security > VPN > Monitor to open the screen as shown. Use this screen to display and manage active VPN connections. A Security Association (SA) is the group of security settings related to a specific VPN tunnel. This screen displays active VPN connections.
Page 213: Ipsec And Nat
Chapter 16 VPN Figure 110 IPSec Architecture IPSec Algorithms The ESP (Encapsulating Security Payload) Protocol (RFC 2406) and AH (Authentication Header) protocol (RFC 2402) describe the packet formats and the default standards for packet structure (including implementation algorithms). The Encryption Algorithm describes the use of encryption techniques such as DES (Data Encryption Standard) and Triple DES algorithms.
Page 214: Vpn, Nat, And Nat Traversal
Chapter 16 VPN IPSec using ESP in Tunnel mode encapsulates the entire original packet (including headers) in a new IP packet. The new IP packet's source address is the outbound address of the sending VPN gateway, and its destination address is the inbound address of the VPN device at the receiving end. When using ESP protocol with authentication, the packet contents (in this case, the entire original packet) are encrypted.
Page 215: Encapsulation
Chapter 16 VPN • Set the NAT router to forward UDP port 500 to IPSec router A. Finally, NAT is compatible with ESP in tunnel mode because integrity checks are performed over the combination of the "original header plus original payload," which is unchanged by a NAT device. The compatibility of AH and ESP with NAT in tunnel and transport modes is summarized in the following table.
Page 216: Ike Phases
Chapter 16 VPN 16.6.5 IKE Phases There are two phases to every IKE (Internet Key Exchange) negotiation – phase 1 (Authentication) and phase 2 (Key Exchange). A phase 1 exchange establishes an IKE SA and the second one uses that SA to negotiate SAs for IPSec. Figure 113 Two Phases to Set Up the IPSec SA In phase 1 you must: •...
Page 217: Negotiation Mode
Chapter 16 VPN 16.6.6 Negotiation Mode The phase 1 Negotiation Mode you select determines how the Security Association (SA) will be established for each connection through IKE negotiations. • Main Mode ensures the highest level of security when the communicating parties are negotiating authentication (phase 1).
Page 218: Id Type And Content
Chapter 16 VPN 16.6.8 ID Type and Content With aggressive negotiation mode (seeSection 16.6.6 on page 217), the ZyXEL Device identifies incoming SAs by ID type and content since this identifying information is not encrypted. This enables the ZyXEL Device to distinguish between multiple rules for SAs that connect from remote IPSec routers that have dynamic WAN IP addresses.
Page 219: Pre-Shared Key
Chapter 16 VPN 16.6.8.1 ID Type and Content Examples Two IPSec routers must have matching ID type and content configuration in order to set up a VPN tunnel. The two ZyXEL Devices in this example can complete negotiation and establish a VPN tunnel. Table 70 Matching ID Type and Content Configuration Example ZYXEL DEVICE A ZYXEL DEVICE B...
Page 220 Chapter 16 VPN WAN IP addresses of their IPSec routers. The telecommuters must all use the same IPSec parameters but the local IP addresses (or ranges of addresses) should not overlap. Figure 115 Telecommuters Sharing One VPN Rule Example 192.168.2.12 192.168.1.10 192.168.3.2 192.168.4.15...
Page 221 Chapter 16 VPN Figure 116 Telecommuters Using Unique VPN Rules Example 192.168.2.12 192.168.1.10 192.168.3.2 192.168.4.15 Table 73 Telecommuters Using Unique VPN Rules Example TELECOMMUTERS HEADQUARTERS All Telecommuter Rules: All Headquarters Rules: 0.0.0.0 My IP Address: bigcompanyhq.com Secure Gateway Address: bigcompanyhq.com Local IP Address: 192.168.1.10 Remote IP Address: 192.168.1.10 Local ID Type: E-mail...
Page 222 Chapter 16 VPN ADSL Series User’s Guide...
Page 223: System Monitor
HAPTER System Monitor 17.1 Overview Use the System Monitor screens to look at network traffic status and statistics of the WAN, LAN interfaces and NAT. 17.1.1 What You Can Do in this Chapter • Use the WAN screen to view the WAN traffic statistics (Section 17.2 on page 223).
Page 224: The Lan Status Screen
Chapter 17 System Monitor Table 74 System Monitor > Traffic Status > WAN LABEL DESCRIPTION Packets Sent Data This indicates the number of transmitted packets on this interface. Error This indicates the number of frames with errors transmitted on this interface. Drop This indicates the number of outgoing packets dropped on this interface.
Page 225: The Nat Status Screen
Chapter 17 System Monitor Table 75 System Monitor > Traffic Status > LAN LABEL DESCRIPTION Received (Packet) Data This indicates the number of received packets on this interface. Error This indicates the number of frames with errors received on this interface. Drop This indicates the number of received packets dropped on this interface.
Page 226 Chapter 17 System Monitor ADSL Series User’s Guide...
Page 227: User Account
HAPTER User Account 18.1 Overview You can configure system password for different user accounts in the User Account screen. 18.2 The User Account Screen Use the User Account screen to configure system password. Click Maintenance > User Account to open the following screen. Figure 120 Maintenance >...
Page 228 Chapter 18 User Account ADSL Series User’s Guide...
Page 229: Remote Mgmt
HAPTER Remote MGMT 19.1 Overview Remote MGMT allows you to manage your ZyXEL Device from a remote location through the following interfaces: • LAN and WLAN • WAN only Note: The ZyXEL Device is managed using the web configurator. 19.1.1 What You Need to Know The following terms and concepts may help as you read this chapter TR-064 TR-064 is a LAN-Side DSL CPE Configuration protocol defined by the DSL Forum.
Page 230 Chapter 19 Remote MGMT Figure 121 Maintenance > Remote MGMT The following table describes the fields in this screen. Table 78 Maintenance > Remote MGMT LABEL DESCRIPTION Services This is the service you may use to access the ZyXEL Device. LAN/WLAN Select the Enable check box for the corresponding services that you want to allow access to the ZyXEL Device from the LAN and WLAN.
Page 231: System
HAPTER System 20.1 Overview You can configure system settings, including the host name, domain name and the inactivity time- out interval in the System screen. 20.1.1 What You Need to Know The following terms and concepts may help as you read this chapter. Domain Name This is a network address that identifies the owner of a network connection.
Page 232 Chapter 20 System The following table describes the labels in this screen. Table 79 Maintenance > System LABEL DESCRIPTION Host Name Choose a descriptive name for identification purposes. It is recommended you enter your computer’s “Computer name” in this field. This name can be up to 30 alphanumeric characters long.
Page 233: Time Setting
HAPTER Time Setting 21.1 Overview You can configure the system’s time and date in the Time Setting screen. 21.2 The Time Setting Screen To change your ZyXEL Device’s time and date, click Maintenance > Time Setting. The screen appears as shown. Use this screen to configure the ZyXEL Device’s time based on your local time zone.
Page 234 Chapter 21 Time Setting Table 80 Maintenance > Time Setting (continued) LABEL DESCRIPTION Time Server Enter the IP address or URL (up to 20 extended ASCII characters in length) of your time Address server. Check with your ISP/network administrator if you are unsure of this information. Time Zone Choose the time zone of your location.
Page 235: Log Setting
HAPTER Log Setting 22.1 Overview You can configure where the ZyXEL Device sends logs and which logs and/or immediate alerts the ZyXEL Device records in the Log Setting screen. 22.2 The Log Setting Screen To change your ZyXEL Device’s log settings, click Maintenance > Log Setting. The screen appears as shown.
Page 236 Chapter 22 Log Setting The following table describes the fields in this screen. Table 81 Maintenance > Log Setting LABEL DESCRIPTION Syslog Logging The ZyXEL Device sends a log to an external syslog server. Select the Enable check box to enable syslog logging. Syslog Server Enter the server name or IP address of the syslog server that will log the selected categories of logs.
Page 237: Firmware Upgrade
HAPTER Firmware Upgrade 23.1 Overview This chapter explains how to upload new firmware to your ZyXEL Device. You can download new firmware releases from your nearest ZyXEL FTP site (or www.zyxel.com) to use to upgrade your device’s performance. Only use firmware for your device’s specific model. Refer to the label on the bottom of your ZyXEL Device.
Page 238 Chapter 23 Firmware Upgrade Figure 126 Firmware Uploading The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 127 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen. If the upload was not successful, an error screen will appear.
Page 239: Backup/Restore
HAPTER Backup/Restore 24.1 Overview The Backup/Restore screen allows you to backup and restore device configurations. You can also reset your device settings back to the factory default. 24.2 The Backup/Restore Screen Click Maintenance > Backup/Restore. Information related to factory defaults, backup configuration, and restoring configuration appears in this screen, as shown next.
Page 240 Chapter 24 Backup/Restore Restore Configuration Restore Configuration allows you to upload a new or previously saved configuration file from your computer to your ZyXEL Device. Table 83 Restore Configuration LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ... to find it. Browse...
Page 241: The Reboot Screen
Chapter 24 Backup/Restore 24.3 The Reboot Screen System restart allows you to reboot the ZyXEL Device remotely without turning the power off. You may need to do this if the ZyXEL Device hangs, for example. Click Maintenance > Reboot. Click the Reboot button to have the ZyXEL Device reboot. This does not affect the ZyXEL Device's configuration.
Page 242 Chapter 24 Backup/Restore ADSL Series User’s Guide...
Page 243: Diagnostic
HAPTER Diagnostic 25.1 Overview You can use different diagnostic methods to test a connection and see the detailed information. These read-only screens display information to help you identify problems with the ZyXEL Device. 25.1.1 What You Can Do in this Chapter •...
Page 244: The Dsl Line Screen
Chapter 25 Diagnostic 25.3 The DSL Line Screen Click Maintenance > Diagnostic > DSL Line to open the screen shown next. Figure 133 Maintenance > Diagnostic > DSL Line The following table describes the fields in this screen. Table 85 Maintenance > Diagnostic > DSL Line ITEM DESCRIPTION ATM Status...
Page 245 Chapter 25 Diagnostic Table 85 Maintenance > Diagnostic > DSL Line ITEM DESCRIPTION DSL Line Click this button to view statistics about the DSL connections. Status 1. noise margin downstream is the signal to noise ratio for the downstream part of the connection (coming into the ZyXEL Device from the ISP).
Page 246 Chapter 25 Diagnostic ADSL Series User’s Guide...
Page 247: Troubleshooting
HAPTER Troubleshooting 26.1 Overview This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • ZyXEL Device Access and Login • Internet Access • Wireless Internet Access •...
Page 248: Zyxel Device Access And Login
Chapter 26 Troubleshooting Turn the ZyXEL Device off and on. If the problem continues, contact the vendor. 26.3 ZyXEL Device Access and Login I forgot the IP address for the ZyXEL Device. The default IP address is 192.168.1.1. If you changed the IP address and have forgotten it, you might get the IP address of the ZyXEL Device by looking up the IP address of the default gateway for your computer.
Page 249 Chapter 26 Troubleshooting Reset the device to its factory defaults, and try to access the ZyXEL Device with the default IP address. See Section 1.6 on page If the problem continues, contact the network administrator or vendor, or try one of the advanced suggestions.
Page 250: Internet Access
Chapter 26 Troubleshooting 26.4 Internet Access I cannot access the Internet. Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide and page 255. Make sure you entered your ISP account information correctly. These fields are case-sensitive, so make sure [Caps Lock] is not on.
Page 251: Wireless Internet Access
Chapter 26 Troubleshooting If the problem continues, contact your ISP. The Internet connection is slow or intermittent. There might be a lot of traffic on the network. Look at the LEDs, and check page 255. If the ZyXEL Device is sending or receiving a lot of information, try closing some programs that use the Internet, especially peer-to-peer applications.
Page 252: Usb Device Connection
Chapter 26 Troubleshooting • Position the antennas for best reception. If the AP is placed on a table or floor, point the antennas upwards. If the AP is placed at a high position, point the antennas downwards. Try pointing the antennas in different directions and check which provides the strongest signal to the wireless clients.
Page 253: Upnp
Chapter 26 Troubleshooting If the USB device is connected to the ZyXEL Device, it won’t be listed directly under My Computer in Windows. To access the USB device - see Section 3.5.2 on page If you still cannot see the specific share you are trying to access, open the Web Configurator and go to Network Setting >...
Page 254 Chapter 26 Troubleshooting ADSL Series User’s Guide...
Page 255: Product Specifications
HAPTER Product Specifications The following tables summarize the ZyXEL Device’s hardware and firmware features. LEDs (Lights) The following table describes the LEDs. None of the LEDs are on if the ZyXEL Device is not receiving power. Table 86 LED Descriptions NAME COLOR STATUS...
Page 256 Chapter 27 Product Specifications Table 86 LED Descriptions NAME COLOR STATUS DESCRIPTION Green The ZyXEL Device recognizes a USB connection but there is no traffic. Blinking The ZyXEL Device is sending/receiving data to/from the USB device connected to it. The ZyXEL Device does not detect a USB connection. Table 87 Hardware Specifications Power Specification 12V 1.0A DC...
Page 257 Chapter 27 Product Specifications Table 88 Firmware Specifications (continued) Network Address Each computer on your network must have its own unique IP address. Use Translation (NAT) NAT to convert your public IP address(es) to multiple private IP addresses for the computers on your network. Port Forwarding If you have a server (mail or web server for example) on your network, you can use this feature to let people access it from the Internet.
Page 258 Chapter 27 Product Specifications Table 88 Firmware Specifications (continued) ADSL Standards ANSI T1.413 Issue 2 ETSI ADSL over ISDN ITU G.dmt (G.992.1) Annex A,B ITU G.dmt.bis (G.992.3) (ADSL2) Annex A, B, I, J, L, M ITU G.dmt.plus (G.992.5) (ADSL2+) Annex A, B, I, J RE-ADSL (Reach-Extended ADSL) SRA (Seamless Rate Adaption) Auto-negotiating rate adaption...
Page 259 Chapter 27 Product Specifications Table 89 Wireless Features WPA2 WPA 2 is a wireless security standard that defines stronger encryption, authentication and key management than WPA. Wi-Fi Protected Setup Other Wireless Features IEEE 802.11b/g/n Compliance Frequency Range: 2.4 GHz ISM Band Operating Frequency: •...
Page 260 Chapter 27 Product Specifications Table 90 Standards Supported (continued) STANDARD DESCRIPTION IEEE 802.11 Also known by the brand Wi-Fi, denotes a set of Wireless LAN/WLAN standards developed by working group 11 of the IEEE LAN/MAN Standards Committee (IEEE 802) IEEE 802.11b Uses the 2.4 gigahertz (GHz) band IEEE 802.11g Uses the 2.4 gigahertz (GHz) band...
Page 261 Chapter 27 Product Specifications Align the holes on the back of the ZyXEL Device with the screws on the wall. Hang the ZyXEL Device on the screws. Figure 134 Wall-mounting Example The following are dimensions of an M4 tap screw and masonry plug used for wall mounting. All measurements are in millimeters (mm).
Page 262 Chapter 27 Product Specifications ADSL Series User’s Guide...
Page 263: Appendix A Ip Addresses And Subnetting
PP EN D I X IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (such as computers, servers, routers, and printers) needs an IP address to communicate across the network. These networking devices are also known as hosts.
Page 264 Appendix A IP Addresses and Subnetting Figure 136 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation).
Page 265 Appendix A IP Addresses and Subnetting Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks. Table 92 Subnet Masks BINARY DECIMAL 1ST OCTET 2ND OCTET 3RD OCTET...
Page 266 Appendix A IP Addresses and Subnetting Table 94 Alternative Subnet Mask Notation (continued) ALTERNATIVE LAST OCTET LAST OCTET SUBNET MASK NOTATION (BINARY) (DECIMAL) 255.255.255.240 1111 0000 255.255.255.248 1111 1000 255.255.255.252 1111 1100 Subnetting You can use subnetting to divide one network into multiple sub-networks. In the following example a network administrator creates two sub-networks to isolate a group of servers from the rest of the company network for security reasons.
Page 267 Appendix A IP Addresses and Subnetting Figure 138 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 2 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address).
Page 268 Appendix A IP Addresses and Subnetting Table 96 Subnet 2 LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE IP Address 192.168.1. IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: Lowest Host ID: 192.168.1.65 192.168.1.64 Broadcast Address: Highest Host ID: 192.168.1.126 192.168.1.127 Table 97 Subnet 3...
Page 269 Appendix A IP Addresses and Subnetting Table 99 Eight Subnets (continued) SUBNET LAST BROADCAST SUBNET FIRST ADDRESS ADDRESS ADDRESS ADDRESS Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 100 24-bit Network Number Subnet Planning NO.
Page 270 Appendix A IP Addresses and Subnetting Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established.
Page 271 Appendix A IP Addresses and Subnetting Conflicting Computer IP Addresses Example More than one device can not use the same IP address. In the following example computer A has a static (or fixed) IP address that is the same as the IP address that a DHCP server assigns to computer B which is a DHCP client.
Page 272 Appendix A IP Addresses and Subnetting Figure 141 Conflicting Computer and Router IP Addresses Example ADSL Series User’s Guide...
Page 273: Appendix B Setting Up Your Computer's Ip Address
PP EN D I X Setting Up Your Computer’s IP Address Note: Your specific ZyXEL Device may not support all of the operating systems described in this appendix. See the product specifications for more information about which operating systems are supported. This appendix shows you how to configure the IP settings on your computer in order for it to be able to communicate with the other devices on your network.
Page 274 Appendix B Setting Up Your Computer’s IP Address Figure 142 Windows XP: Start Menu In the Control Panel, click the Network Connections icon. Figure 143 Windows XP: Control Panel Right-click Local Area Connection and then select Properties. Figure 144 Windows XP: Control Panel > Network Connections > Properties ADSL Series User’s Guide...
Page 275 Appendix B Setting Up Your Computer’s IP Address On the General tab, select Internet Protocol (TCP/IP) and then click Properties. Figure 145 Windows XP: Local Area Connection Properties The Internet Protocol TCP/IP Properties window opens. ADSL Series User’s Guide...
Page 276 Appendix B Setting Up Your Computer’s IP Address Figure 146 Windows XP: Internet Protocol (TCP/IP) Properties Select Obtain an IP address automatically if your network administrator or ISP assigns your IP address dynamically. Select Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields if you have a static IP address that was assigned to you by your network administrator or ISP.
Page 277 Appendix B Setting Up Your Computer’s IP Address Windows Vista This section shows screens from Windows Vista Professional. Click Start > Control Panel. Figure 147 Windows Vista: Start Menu In the Control Panel, click the Network and Internet icon. Figure 148 Windows Vista: Control Panel Click the Network and Sharing Center icon.
Page 278 Appendix B Setting Up Your Computer’s IP Address Figure 150 Windows Vista: Network and Sharing Center Right-click Local Area Connection and then select Properties. Figure 151 Windows Vista: Network and Sharing Center Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue.
Page 279 Appendix B Setting Up Your Computer’s IP Address Figure 152 Windows Vista: Local Area Connection Properties The Internet Protocol Version 4 (TCP/IPv4) Properties window opens. ADSL Series User’s Guide...
Page 280 Appendix B Setting Up Your Computer’s IP Address Figure 153 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties Select Obtain an IP address automatically if your network administrator or ISP assigns your IP address dynamically. Select Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields if you have a static IP address that was assigned to you by your network administrator or ISP.
Page 281 Appendix B Setting Up Your Computer’s IP Address Windows 7 This section shows screens from Windows 7 Enterprise. Click Start > Control Panel. Figure 154 Windows 7: Start Menu In the Control Panel, click View network status and tasks under the Network and Internet category.
Page 282 Appendix B Setting Up Your Computer’s IP Address Figure 157 Windows 7: Local Area Connection Status Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue. Select Internet Protocol Version 4 (TCP/IPv4) and then select Properties. ADSL Series User’s Guide...
Page 283 Appendix B Setting Up Your Computer’s IP Address Figure 158 Windows 7: Local Area Connection Properties The Internet Protocol Version 4 (TCP/IPv4) Properties window opens. ADSL Series User’s Guide...
Page 284 Appendix B Setting Up Your Computer’s IP Address Figure 159 Windows 7: Internet Protocol Version 4 (TCP/IPv4) Properties Select Obtain an IP address automatically if your network administrator or ISP assigns your IP address dynamically. Select Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields if you have a static IP address that was assigned to you by your network administrator or ISP.
Page 285 Appendix B Setting Up Your Computer’s IP Address Figure 160 Windows 7: Internet Protocol Version 4 (TCP/IPv4) Properties Mac OS X: 10.3 and 10.4 The screens in this section are from Mac OS X 10.4 but can also apply to 10.3. Click Apple >...
Page 286 Appendix B Setting Up Your Computer’s IP Address Figure 162 Mac OS X 10.4: System Preferences When the Network preferences pane opens, select Built-in Ethernet from the network connection type list, and then click Configure. Figure 163 Mac OS X 10.4: Network Preferences For dynamically assigned settings, select Using DHCP from the Configure IPv4 list in the TCP/IP tab.
Page 287 Appendix B Setting Up Your Computer’s IP Address Figure 164 Mac OS X 10.4: Network Preferences > TCP/IP Tab. For statically assigned settings, do the following: • From the Configure IPv4 list, select Manually. • In the IP Address field, type your IP address. •...
Page 288 Appendix B Setting Up Your Computer’s IP Address Figure 165 Mac OS X 10.4: Network Preferences > Ethernet Click Apply Now and close the window. Verifying Settings Check your TCP/IP properties by clicking Applications > Utilities > Network Utilities, and then selecting the appropriate Network Interface from the Info tab.
Page 289 Appendix B Setting Up Your Computer’s IP Address Click Apple > System Preferences. Figure 167 Mac OS X 10.5: Apple Menu In System Preferences, click the Network icon. Figure 168 Mac OS X 10.5: Systems Preferences When the Network preferences pane opens, select Ethernet from the list of available connection types.
Page 290 Appendix B Setting Up Your Computer’s IP Address Figure 169 Mac OS X 10.5: Network Preferences > Ethernet From the Configure list, select Using DHCP for dynamically assigned settings. For statically assigned settings, do the following: • From the Configure list, select Manually. •...
Page 291 Appendix B Setting Up Your Computer’s IP Address Figure 170 Mac OS X 10.5: Network Preferences > Ethernet Click Apply and close the window. Verifying Settings Check your TCP/IP properties by clicking Applications > Utilities > Network Utilities, and then selecting the appropriate Network interface from the Info tab.
Page 292 Appendix B Setting Up Your Computer’s IP Address Figure 171 Mac OS X 10.5: Network Utility Linux: Ubuntu 8 (GNOME) This section shows you how to configure your computer’s TCP/IP settings in the GNU Object Model Environment (GNOME) using the Ubuntu 8 Linux distribution. The procedure, screens and file locations may vary depending on your specific distribution, release version, and individual configuration.
Page 293 Appendix B Setting Up Your Computer’s IP Address Figure 173 Ubuntu 8: Network Settings > Connections In the Authenticate window, enter your admin account name and password then click the Authenticate button. Figure 174 Ubuntu 8: Administrator Account Authentication In the Network Settings window, select the connection that you want to configure, then click Properties.
Page 294 Appendix B Setting Up Your Computer’s IP Address Figure 175 Ubuntu 8: Network Settings > Connections The Properties dialog box opens. Figure 176 Ubuntu 8: Network Settings > Properties • In the Configuration list, select Automatic Configuration (DHCP) if you have a dynamic IP address.
Page 295 Appendix B Setting Up Your Computer’s IP Address Figure 177 Ubuntu 8: Network Settings > DNS Click the Close button to apply the changes. Verifying Settings Check your TCP/IP properties by clicking System > Administration > Network Tools, and then selecting the appropriate Network device from the Devices tab.
Page 296 Appendix B Setting Up Your Computer’s IP Address Figure 178 Ubuntu 8: Network Tools Linux: openSUSE 10.3 (KDE) This section shows you how to configure your computer’s TCP/IP settings in the K Desktop Environment (KDE) using the openSUSE 10.3 Linux distribution. The procedure, screens and file locations may vary depending on your specific distribution, release version, and individual configuration.
Page 297 Appendix B Setting Up Your Computer’s IP Address Figure 179 openSUSE 10.3: K Menu > Computer Menu When the Run as Root - KDE su dialog opens, enter the admin password and click OK. Figure 180 openSUSE 10.3: K Menu > Computer Menu When the YaST Control Center window opens, select Network Devices and then click the Network Card icon.
Page 298 Appendix B Setting Up Your Computer’s IP Address Figure 181 openSUSE 10.3: YaST Control Center When the Network Settings window opens, click the Overview tab, select the appropriate connection Name from the list, and then click the Configure button. Figure 182 openSUSE 10.3: Network Settings When the Network Card Setup window opens, click the Address tab ADSL Series User’s Guide...
Page 299 Appendix B Setting Up Your Computer’s IP Address Figure 183 openSUSE 10.3: Network Card Setup Select Dynamic Address (DHCP) if you have a dynamic IP address. Select Statically assigned IP Address if you have a static IP address. Fill in the IP address, Subnet mask, and Hostname fields.
Page 300 Appendix B Setting Up Your Computer’s IP Address Figure 184 openSUSE 10.3: Network Settings Click Finish to save your settings and close the window. Verifying Settings Click the KNetwork Manager icon on the Task bar to check your TCP/IP properties. From the Options sub-menu, select Show Connection Information.
Page 301 Appendix B Setting Up Your Computer’s IP Address Figure 186 openSUSE: Connection Status - KNetwork Manager ADSL Series User’s Guide...
Page 302 Appendix B Setting Up Your Computer’s IP Address ADSL Series User’s Guide...
Page 303: Appendix C Pop-Up Windows, Java Script And Java Permissions
PP EN D I X Pop-up Windows, Java Script and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScript (enabled by default). • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here.
Page 304 Appendix C Pop-up Windows, Java Script and Java Permissions Figure 188 Internet Options: Privacy Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. In Internet Explorer, select Tools, Internet Options and then the Privacy tab.
Page 305 Appendix C Pop-up Windows, Java Script and Java Permissions Figure 189 Internet Options: Privacy Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. Click Add to move the IP address to the list of Allowed sites. Figure 190 Pop-up Blocker Settings ADSL Series User’s Guide...
Page 306 Appendix C Pop-up Windows, Java Script and Java Permissions Click Close to return to the Privacy screen. Click Apply to save this setting. JavaScript If pages of the web configurator do not display properly in Internet Explorer, check that JavaScript are allowed.
Page 307 Appendix C Pop-up Windows, Java Script and Java Permissions Figure 192 Security Settings - Java Scripting Java Permissions From Internet Explorer, click Tools, Internet Options and then the Security tab. Click the Custom Level... button. Scroll down to Microsoft VM. Under Java permissions make sure that a safety level is selected.
Page 308 Appendix C Pop-up Windows, Java Script and Java Permissions Figure 193 Security Settings - Java JAVA (Sun) From Internet Explorer, click Tools, Internet Options and then the Advanced tab. Make sure that Use Java 2 for <applet> under Java (Sun) is selected. Click OK to close the window.
Page 309 Appendix C Pop-up Windows, Java Script and Java Permissions Mozilla Firefox Mozilla Firefox 2.0 screens are used here. Screens for other versions may vary. You can enable Java, JavaScript and pop-ups in one screen. Click Tools, then click Options in the screen that appears.
Page 310 Appendix C Pop-up Windows, Java Script and Java Permissions ADSL Series User’s Guide...
Page 311: Appendix D Wireless Lans
PP EN D I X Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless adapters (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an ad-hoc network or Independent Basic Service Set (IBSS).
Page 312 Appendix D Wireless LANs Figure 198 Basic Service Set An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This type of wireless LAN topology is called an Infrastructure WLAN.
Page 313 Appendix D Wireless LANs Figure 199 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by wireless devices to transmit and receive data. Channels available depend on your geographical area. You may have a choice of channels (for your region) so you should use a channel different from an adjacent AP (access point) to reduce interference.
Page 314 Appendix D Wireless LANs RTS/CTS Figure 200 When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
Page 315 Appendix D Wireless LANs Preamble Type Preamble is used to signal that data is coming to the receiver. Short and long refer to the length of the synchronization field in a packet. Short preamble increases performance as less time sending preamble means more time for sending data.
Page 316 Appendix D Wireless LANs The following figure shows the relative effectiveness of these wireless security methods available on your ZyXEL Device. Table 103 Wireless Security Levels SECURITY SECURITY TYPE LEVEL Least Unique SSID (Default) Secure Unique SSID with Hide SSID Enabled MAC Address Filtering WEP Encryption IEEE802.1x EAP with RADIUS Server Authentication...
Page 317 Appendix D Wireless LANs RADIUS is a simple package exchange in which your AP acts as a message relay between the wireless client and the network RADIUS server. Types of RADIUS Messages The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user authentication: •...
Page 318 Appendix D Wireless LANs EAP-MD5 (Message-Digest Algorithm 5) MD5 authentication is the simplest one-way authentication method. The authentication server sends a challenge to the wireless client. The wireless client ‘proves’ that it knows the password by encrypting the password with the challenge and sends back the information. Password is not sent in plain text.
Page 319 Appendix D Wireless LANs If this feature is enabled, it is not necessary to configure a default encryption key in the wireless security configuration screen. You may still configure and store keys, but they will not be used while dynamic WEP is enabled. Note: EAP-MD5 cannot be used with Dynamic WEP Key Exchange For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys for data encryption.
Page 320 Appendix D Wireless LANs called Rijndael. They both include a per-packet key mixing function, a Message Integrity Check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. WPA and WPA2 regularly change and rotate the encryption keys so that the same encryption key is never used twice.
Page 321 Appendix D Wireless LANs WPA(2) with RADIUS Application Example To set up WPA(2), you need the IP address of the RADIUS server, its port number (default is 1812), and the RADIUS shared secret. A WPA(2) application example with an external RADIUS server looks as follows.
Page 322 Appendix D Wireless LANs The AP and wireless clients use the TKIP or AES encryption process, the PMK and information exchanged in a handshake to create temporal encryption keys. They use these keys to encrypt data exchanged between them. Figure 202 WPA(2)-PSK Authentication Security Parameters Summary Refer to this table to see what other security parameters you should configure for each authentication method or key management protocol type.
Page 323 Appendix D Wireless LANs Antenna Characteristics Frequency An antenna in the frequency of 2.4GHz (IEEE 802.11b and IEEE 802.11g) or 5GHz (IEEE 802.11a) is needed to communicate efficiently in a wireless LAN Radiation Pattern A radiation pattern is a diagram that allows you to visualize the shape of the antenna’s coverage area.
Page 324 Appendix D Wireless LANs WiFi Protected Setup Your ZyXEL Device supports WiFi Protected Setup (WPS), which is an easy way to set up a secure wireless network. WPS is an industry standard specification, defined by the WiFi Alliance. WPS allows you to quickly set up a wireless network with strong security, without having to configure security settings manually.
Page 325 Appendix D Wireless LANs Decide which device you want to be the registrar (usually the AP) and which you want to be the enrollee (usually the client). Look for the enrollee’s WPS PIN; it may be displayed on the device. If you don’t see it, log into the enrollee’s configuration interface and locate the PIN.
Page 326 Appendix D Wireless LANs Figure 203 Example WPS Process: PIN Method ENROLLEE REGISTRAR This device’s WPS PIN: 123456 Enter WPS PIN from other device: START START WITHIN 2 MINUTES SECURE EAP TUNNEL SSID WPA(2)-PSK COMMUNICATION How WPS Works When two WPS-enabled devices connect, each device must assume a specific role. One device acts as the registrar (the device that supplies network and security settings) and the other device acts as the enrollee (the device that receives network and security settings.
Page 327 Appendix D Wireless LANs Figure 204 How WPS works ACTIVATE ACTIVATE WITHIN 2 MINUTES WPS HANDSHAKE ENROLLEE REGISTRAR SECURE TUNNEL SECURITY INFO COMMUNICATION The roles of registrar and enrollee last only as long as the WPS setup process is active (two minutes).
Page 328 Appendix D Wireless LANs Figure 205 WPS: Example Network Step 1 ENROLLEE REGISTRAR SECURITY INFO CLIENT 1 In step 2, you add another wireless client to the network. You know that Client 1 supports registrar mode, but it is better to use AP1 for the WPS handshake with the new client since you must connect to the access point anyway in order to use the network.
Page 329 Appendix D Wireless LANs Figure 207 WPS: Example Network Step 3 EXISTING CONNECTION CLIENT 1 REGISTRAR CLIENT 2 ENROLLEE Limitations of WPS WPS has some limitations of which you should be aware. • WPS works in Infrastructure networks only (where an AP and a wireless client communicate). It does not work in Ad-Hoc networks (where there is no AP).
Page 330 Appendix D Wireless LANs access point is the WPS registrar, the enrollee, or was not involved in the WPS handshake; a rogue device must still associate with the access point to gain access to the network. Check the MAC addresses of your wireless clients (usually printed on a label on the bottom of the device). If there is an unknown MAC address you can remove it or reset the AP.
Page 331: Appendix E Common Services
PP EN D I X Common Services The following table lists some commonly-used services and their associated protocols and port numbers. For a comprehensive list of port numbers, ICMP type/code numbers and services, visit the IANA (Internet Assigned Number Authority) web site. •...
Page 332 Appendix E Common Services Table 106 Commonly Used Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION HTTP Hyper Text Transfer Protocol - a client/ server protocol for the world wide web. HTTPS HTTPS is a secured http session often used in e-commerce. ICMP User-Defined Internet Control Message Protocol is often...
Page 333 Appendix E Common Services Table 106 Commonly Used Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION SMTP Simple Mail Transfer Protocol is the message-exchange standard for the Internet. SMTP enables you to move messages from one e-mail server to another. SNMP TCP/UDP Simple Network Management Program.
Page 334 Appendix E Common Services ADSL Series User’s Guide...
Page 335: Appendix F Open Software Announcements
Open Software Announcements End-User License Agreement for “P-661HNU-Fx” WARNING: ZyXEL Communications Corp. IS WILLING TO LICENSE THE SOFTWARE TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS LICENSE AGREEMENT. PLEASE READ THE TERMS CAREFULLY BEFORE COMPLETING THE INSTALLATION PROCESS AS INSTALLING THE SOFTWARE WILL INDICATE YOUR ASSENT TO THEM.
Page 336 Appendix F Open Software Announcements The Software and Documentation contain material that is protected by international copyright law, trade secret law, international treaty provisions, and the applicable national laws of each respective country. All rights not granted to you herein are expressly reserved by ZyXEL. You may not remove any proprietary notice of ZyXEL or any of its licensors from any copy of the Software or Documentation.
Page 337 Appendix F Open Software Announcements THIRTY (30) DAYS FROM THE DATE OF PURCHASE OF THE SOFTWARE, AND NO WARRANTIES SHALL APPLY AFTER THAT PERIOD. 7.Limitation of Liability IN NO EVENT WILL ZyXEL BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING, WITHOUT LIMITATION, INDIRECT, SPECIAL, PUNITIVE, OR EXEMPLARY DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, BUSINESS INTERRUPTION, OR LOSS OF BUSINESS INFORMATION) ARISING OUT OF THE USE OF OR INABILITY TO USE THE...
Page 338 No part may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, except the express written permission of ZyXEL Communications Corporation. This Product includes Bridge-utils, Busybox, Dnsmasq, Ebtables, Igmpproxy, Iproute2, Iptables,...
Page 339 Appendix F Open Software Announcements authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs;...
Page 340 Appendix F Open Software Announcements 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change.
Page 341 Appendix F Open Software Announcements operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code.
Page 342 Appendix F Open Software Announcements "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation.
Page 343 Appendix F Open Software Announcements The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS ORIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
Page 344 Appendix F Open Software Announcements This Product includes Mini_httpd under the license by ACME Labs Freeware ACME Labs Freeware License All the free software available on the ACME Labs web site has a copyright notice like this one: Copyright © 2000 by Jef Poskanzer <jef@mail.acme.com>. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:...
Page 345 Appendix F Open Software Announcements Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
Page 346 Appendix F Open Software Announcements Most GNU software, including some libraries, is covered by the ordinary GNU General Public License. This license, the GNU Lesser General Public License, applies to certain designated libraries, and is quite different from the ordinary General Public License. We use this license for certain libraries in order to permit linking those libraries into non-free programs.
Page 347 Appendix F Open Software Announcements "Source code" for a work means the preferred form of the work for making modifications to it. For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library.
Page 348 Appendix F Open Software Announcements accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code.
Page 349 Appendix F Open Software Announcements distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. It may happen that this requirement contradicts the license restrictions of other proprietary libraries that do not normally accompany the operating system.
Page 350 Appendix F Open Software Announcements 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded.
Page 351 Appendix F Open Software Announcements ============================================================= ======= * Copyright (c) 1998-2008 The OpenSSL Project. All rights reserved. * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1.
Page 352 Appendix F Open Software Announcements permission of the OpenSSL Project. * 6. Redistributions of any form whatsoever must retain the following acknowledgment: "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)" * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR * PURPOSE ARE DISCLAIMED.
Page 353 Appendix F Open Software Announcements Original SSLeay License ----------------------- /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * This package is an SSL implementation written * by Eric Young (eay@cryptsoft.com). * The implementation was written so as to conform with Netscapes SSL. * This library is free for commercial and non-commercial use as long as * the following conditions are aheared to.
Page 354 Appendix F Open Software Announcements notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * 3.
Page 355 Appendix F Open Software Announcements ADSL Series User’s Guide...
Page 356 Appendix F Open Software Announcements ADSL Series User’s Guide...
Page 358 Appendix G Legal Information Reorient or relocate the receiving antenna. Increase the separation between the equipment and the receiver. Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. Consult the dealer or an experienced radio/TV technician for help. FCC Radiation Exposure Statement •...
Page 359 Appendix G Legal Information warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to proper operating condition.
Page 360 Appendix G Legal Information ADSL Series User’s Guide...
Page 361: Index
Index Index Broadband broadcast AAL5 122, 311 example activation SIP ALG SSID wireless LAN scheduling adding a printer example 193, 318 administrator password CBR (Constant Bit Rate) 91, 94, 97, 100 Advanced Encryption Standard, see AES certificate factory default Certificate Authority, see CA algorithms certificates alternative subnet mask notation...
Page 362 Index data fragment threshold File Sharing default LAN IP address file sharing Denial of Service, see DoS filters MAC address firewalls DHCP 85, 132, 144, 145, 183 configuration diagnostic security Differentiated Services, see DiffServ firmware Diffie-Hellman key groups fragmentation threshold 119, 314 DiffServ (Differentiated Services) frequency range...
Page 363 Index intended audience Internet access Internet Assigned Numbers Authority 85, 191 See IANA MAC address Internet Assigned Numbers Authority, see IANA filter Internet Key Exchange MAC address filtering Internet Protocol Security, see IPSec MAC filter Internet Service Provider, see ISP managing the device good habits IP address...
Page 364 Index Quality of Service, see QoS Quick Start Guide operation humidity operation temperature outside header RADIUS message types messages shared secret key Pairwise Master Key (PMK) 320, 321 RADIUS server passphrase registration passwords product reinitialize the ADSL line 91, 94, 97, 100 related documentation Peak Cell Rate (PCR) Request To Send, see RTS...
Page 365 Index Service Set 37, 108, 115 Service Set IDentification SIP ALG unicast activation Universal Plug and Play, see UPnP SSID 37, 120 upgrading firmware activation UPnP MBSSID forum stateful inspection security issues static route USB features status USB printer storage humidity storage temperature subnet subnet mask...
Page 366 Index wireless with RADIUS application example client configuration WPA2 security user authentication tutorial vs WPA2-PSK wireless client WPA supplicants wireless client supplicant with RADIUS application example wireless LAN authentication WPA2-Pre-Shared Key, see WPA2-PSK 119, 121 WPA2-PSK 319, 320 example application example channel WPA-PSK 121, 319, 320...

This manual is also suitable for:

P-660hn-f1 P-661hnu-f1 P-660hnu-f3 P-660hn-f3 P-661hnu-f3

ZyXEL Communications P-660HNU-F1 User Manual

About this User's Guide

Document Conventions

Safety Warnings

Contents Overview

Table of Contents

User's Guide

PART I User's Guide

Chapter 1 Introduction

Chapter 2 Introducing the Web Configurator

Chapter 3 Tutorials

Technical Reference

Part II: Technical Reference

Chapter 4 Connection Status and System Info Screens

Chapter 5 Broadband

Chapter 6 Wireless

Chapter 7 Home Networking

Chapter 8 Routing

Chapter 9 DNS Route

Chapter 10 Quality of Service (Qos)

Chapter 11 Network Address Translation (NAT)

Chapter 12 Dynamic DNS

Chapter 13 Firewall

Chapter 14 MAC Filter

Chapter 15 Certificates

Chapter 16 VPN

Chapter 17 System Monitor

Chapter 18 User Account

Chapter 19 Remote MGMT

Chapter 20 System

Chapter 21 Time Setting

Chapter 22 Log Setting

Chapter 23 Firmware Upgrade

Chapter 24 Backup/Restore

Chapter 25 Diagnostic

Chapter 26 Troubleshooting

Chapter 27 Product Specifications

Appendix A IP Addresses and Subnetting

Appendix B Setting up Your Computer's IP Address

Appendix C Pop-Up Windows, Java Script and Java Permissions

Appendix D Wireless Lans

Appendix E Common Services

Appendix F Open Software Announcements

Appendix G Legal Information

Index

Quick Links

Related Manuals for ZyXEL Communications P-660HNU-F1

Summary of Contents for ZyXEL Communications P-660HNU-F1