ZyXEL Communications P873HNUP User Manual
  1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Gateway
  5. P873HNUP -
  6. User manual
ZyXEL Communications P873HNUP User Manual

ZyXEL Communications P873HNUP User Manual

802.11n wireless vdsl2 4-port gateway
Hide thumbs Also See for P873HNUP:
Table of Contents

Advertisement

Quick Links

Download this manual
P-873HNUP-51B
802.11n Wireless VDSL2 4-port Gateway
Default Login Details
IP Address
http://192.168.1.1
User Name
Password
Firmware Version 1.10
Edition 1, 5/2011
www.zyxel.com
www.zyxel.com
admin
1234
Copyright © 2011
ZyXEL Communications Corporation

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the P873HNUP and is the answer not in the manual?

Questions and answers

Related Manuals for ZyXEL Communications P873HNUP

Summary of Contents for ZyXEL Communications P873HNUP

  • Page 1 P-873HNUP-51B 802.11n Wireless VDSL2 4-port Gateway Default Login Details IP Address http://192.168.1.1 User Name admin Password 1234 Firmware Version 1.10 Edition 1, 5/2011 www.zyxel.com www.zyxel.com Copyright © 2011 ZyXEL Communications Corporation...

  • Page 3: About This User's Guide

    About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the ZyXEL Device using the web configurator. Related Documentation • Quick Start Guide The Quick Start Guide is designed to help you get up and running right away. It contains information on setting up your network and configuring for Internet access.
  • Page 4 Document Conventions Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The ZyXEL Device icon is not an exact representation of your device. ZyXEL Device Computer Notebook computer Server Firewall Telephone Router Switch P-873HNUP-51B User’s Guide...

  • Page 5: Safety Warnings

    Safety Warnings Safety Warnings • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store things on the device. •...
  • Page 6 Safety Warnings P-873HNUP-51B User’s Guide...

  • Page 7: Table Of Contents

    Contents Overview Contents Overview User’s Guide ........................... 19 Introducing the P-873HNUP-51B ....................21 The Web Configurator ........................29 Quick Start ..........................37 Tutorials .............................39 Technical Reference ......................63 Network Map and Status Screens ....................65 Broadband ..........................71 Wireless .............................87 Home Networking ........................115 Static Routing ...........................135 Quality of Service (QoS) ......................139 Network Address Translation (NAT) ..................159 Dynamic DNS Setup ........................175...
  • Page 8 Contents Overview P-873HNUP-51B User’s Guide...

  • Page 9: Table Of Contents

    Table of Contents Table of Contents About This User's Guide ......................3 Document Conventions ......................3 Safety Warnings........................5 Contents Overview ........................7 Table of Contents ........................9 Part I: User’s Guide ................19 Chapter 1 Introducing the P-873HNUP-51B ................... 21 1.1 Overview ..........................21 1.2 Ways to Manage the ZyXEL Device ..................21 1.3 Good Habits for Managing the ZyXEL Device ..............22...
  • Page 10 Table of Contents Chapter 4 Tutorials ........................... 39 4.1 Overview ..........................39 4.2 Setting Up an ADSL PPPoE Connection ................39 4.3 HomePNA Example Setup ....................42 4.4 Setting Up a Secure Wireless Network ................44 4.4.1 Configuring the Wireless Network Settings ..............44 4.4.2 Using WPS .........................46 4.4.3 Without WPS ......................49 4.5 Setting Up Multiple Wireless Groups ...................50 4.6 Setting Up NAT Port Forwarding ..................53...
  • Page 11 Table of Contents 6.4.7 ATM Traffic Classes ....................84 6.4.8 Introduction to VLANs ....................85 Chapter 7 Wireless ........................... 87 7.1 Overview ..........................87 7.1.1 What You Can Do in this Chapter ................87 7.1.2 What You Need to Know .....................88 7.2 The General Screen ......................88 7.2.1 No Security .........................90 7.2.2 Basic (WEP Encryption) .....................91 7.2.3 More Secure (WPA(2)-PSK) ..................93...
  • Page 12 Table of Contents 8.11 Technical Reference ......................132 8.11.1 LANs, WANs and the ZyXEL Device ..............132 8.11.2 DHCP Setup ......................132 8.11.3 DNS Server Addresses ...................133 8.11.4 LAN TCP/IP ......................133 Chapter 9 Static Routing........................135 9.1 Overview ...........................135 9.2 The Routing Screen ......................136 9.2.1 Add/Edit Static Route ....................137 Chapter 10 Quality of Service (QoS).......................
  • Page 13 Table of Contents 11.8.2 What NAT Does ......................170 11.8.3 How NAT Works ......................171 11.8.4 NAT Application ......................172 Chapter 12 Dynamic DNS Setup ......................175 12.1 Overview ..........................175 12.1.1 What You Can Do in this Chapter ................176 12.1.2 What You Need To Know ..................176 12.2 The DNS Entry Screen .....................176 12.2.1 Add/Edit DNS Entry ....................177 12.3 The Dynamic DNS Screen ....................178...
  • Page 14 Table of Contents Chapter 16 MAC Filter..........................203 16.1 Overview .........................203 16.2 The MAC Filter Screen .....................203 Chapter 17 Parental Control ........................205 17.1 Overview ..........................205 17.2 The Parental Control Screen ....................205 17.2.1 Add/Edit Parental Control Rule ................206 Chapter 18 Scheduler Rules........................
  • Page 15 Table of Contents Chapter 22 Logs ............................227 22.1 Overview ..........................227 22.1.1 What You Can Do in this Chapter ................227 22.1.2 What You Need To Know ..................227 22.2 The System Log Screen ....................228 22.3 The Security Log Screen ....................229 Chapter 23 Traffic Status ........................
  • Page 16 Table of Contents Chapter 28 Time Settings ........................251 28.1 Overview ..........................251 28.2 The Time Setting Screen ....................251 Chapter 29 Logs Setting ......................... 253 29.1 Overview .........................253 29.2 The Logs Setting Screen ....................253 29.2.1 Example E-mail Log ....................255 Chapter 30 Firmware Upgrade ........................
  • Page 17 Table of Contents Appendix A Setting up Your Computer’s IP Address ............279 Appendix B IP Addresses and Subnetting................301 Appendix C Pop-up Windows, JavaScript and Java Permissions ........309 Appendix D Wireless LANs....................319 Appendix E Services......................333 Appendix F Open Software Announcements............... 337 Appendix G Legal Information .....................
  • Page 18 Table of Contents P-873HNUP-51B User’s Guide...

  • Page 19: User's Guide

    User’s Guide...

  • Page 21: Introducing The P-873Hnup-51B

    H A PT ER Introducing the P-873HNUP-51B 1.1 Overview The P-873HNUP-51B is a wireless VDSL router and Gigabit Ethernet gateway with Home Phoneline Networking Alliance (HPNA) capability. It has two DSL ports and a Gigabit Ethernet port for super- fast Internet access over analog (POTS) telephone lines. If the DSLAM of the ISP supports bonding function, the two DSL ports on the P-873HNUP-51B can be connected to two separate telephone jacks to provide increased throughput at longer distances.

  • Page 22: Good Habits For Managing The Zyxel Device

    Chapter 1 Introducing the P-873HNUP-51B 1.3 Good Habits for Managing the ZyXEL Device Do the following things regularly to make the ZyXEL Device more secure and to manage the ZyXEL Device more effectively. • Change the password. Use a password that’s not easy to guess and that consists of different types of characters, such as numbers and letters.

  • Page 23: Homepna

    Chapter 1 Introducing the P-873HNUP-51B Computers can connect to the ZyXEL Device’s LAN ports (or wirelessly). Figure 1 ZyXEL Device’s Internet Access Application WLAN Bridging IPoE PPPoE ADSL / VDSL WLAN IPoA / PPPoA ADSL WLAN Bridging IPoE PPPoE Ethernet You can also configure IP filtering on the ZyXEL Device for secure Internet access.
  • Page 24 Chapter 1 Introducing the P-873HNUP-51B The figure below shows your ZyXEL Device (A) connecting to a phone line outlet for DSL Internet access and a coaxial outlet to relay Internet connectivity to other coaxial outlets in the building. The laptop (B) connects wirelessly to the ZyXEL Device. The set-up box (C) connects into a coaxial outlet in another part of the house for access to online videos.

  • Page 25: Leds (Lights)

    Chapter 1 Introducing the P-873HNUP-51B 1.5 LEDs (Lights) The following graphic displays the labels of the LEDs. Figure 3 LEDs on the Device None of the LEDs are on if the ZyXEL Device is not receiving power. Table 1 LED Descriptions COLOR STATUS DESCRIPTION...

  • Page 26: The Reset Button

    Chapter 1 Introducing the P-873HNUP-51B Table 1 LED Descriptions (continued) COLOR STATUS DESCRIPTION ETHERNET Green The Gigabit Ethernet connection is working. Blinking The ZyXEL Device is sending or receiving data to/from the Gigabit Ethernet link. There is no Gigabit Ethernet link. Green The ZyXEL Device recognizes a USB connection.

  • Page 27: Wireless Access

    Chapter 1 Introducing the P-873HNUP-51B 1.7 Wireless Access The ZyXEL Device is a wireless Access Point (AP) for wireless clients, such as notebook computers or PDAs and iPads. It allows them to connect to the Internet without having to rely on inconvenient Ethernet cables.
  • Page 28 Chapter 1 Introducing the P-873HNUP-51B Press the WLAN/WPS button for five seconds and release it. Press the WPS button on another WPS-enabled device within range of the ZyXEL Device. The WLAN/WPS LED flashes green and orange while the ZyXEL Device sets up a WPS connection with the other wireless device.

  • Page 29: The Web Configurator

    H A PT ER The Web Configurator 2.1 Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later versions or Mozilla Firefox 3 and later versions or Safari 2.0 and later versions. The recommended screen resolution is 1024 by 768 pixels.
  • Page 30 Chapter 2 The Web Configurator password field from knowing the length of your password. If you have changed the password, enter your password and click Login. For security reasons, you will be temporarily denied access to the ZyXEL Device for a period of time (15 minutes by default) if you have entered the incorrect username and password for a certain number of times (three times by default).
  • Page 31 Chapter 2 The Web Configurator The Network Map page appears. Figure 7 Network Map Note: For security reasons, the ZyXEL Device automatically logs you out if you do not use the web configurator for ten minutes (default). If this happens, log in again. Click Status to display the Status screen, where you can view the ZyXEL Device’s interface and system information.

  • Page 32: Web Configurator Layout

    Chapter 2 The Web Configurator 2.2 Web Configurator Layout Figure 8 Screen Layout As illustrated above, the main screen is divided into these parts: • A - title bar • B - main window • C - navigation panel 2.2.1 Title Bar The title bar provides some icons in the upper right corner.

  • Page 33: Main Window

    Chapter 2 The Web Configurator The icons provide the following functions. Table 2 Web Configurator Icons in the Title Bar ICON DESCRIPTION Quick Start: Click this icon to open screens where you can configure the ZyXEL Device’s time zone Internet access, and wireless settings. Logout: Click this icon to log out of the web configurator.
  • Page 34 Chapter 2 The Web Configurator Table 3 Navigation Panel Summary (continued) LINK FUNCTION Home LAN Setup Use this screen to configure LAN TCP/IP settings, and other advanced Networking properties. Static DHCP Use this screen to assign specific IP addresses to individual MAC addresses.
  • Page 35 Chapter 2 The Web Configurator Table 3 Navigation Panel Summary (continued) LINK FUNCTION Parental Parental Control Use this screen to block web sites with the specific URL. Control Scheduler Rule Scheduler Rule Use this screen to configure the days and times when a configured restriction (such as parental control) is enforced.
  • Page 36 Chapter 2 The Web Configurator Table 3 Navigation Panel Summary (continued) LINK FUNCTION Diagnostic Ping & Use this screen to identify problems with the DSL connection. You can use TraceRoute & Ping, TraceRoute, or Nslookup to help you identify problems. NsLookup 802.1ag Use this screen to configure CFM (Connectivity Fault Management) MD...

  • Page 37: Quick Start

    H A PT ER Quick Start 3.1 Overview Use the Quick Start screens to configure the ZyXEL Device’s time zone and basic Internet access and wireless settings. Note: See the technical reference chapters (starting on page 63) for background information on the features in this chapter. 3.2 Quick Start Setup Click the Click Start icon in the top right corner of the web configurator to open the quick start screens.
  • Page 38 Chapter 3 Quick Start Enter your PPPoE account’s user name and password exactly as provided by your Internet Service Provider (ISP). If your ISP also gave you static IP address settings to use, select Yes and enter them in the fields that display. Click Next. Figure 10 Internet Connection Turn the wireless LAN on or off.

  • Page 39: Tutorials

    H A PT ER Tutorials 4.1 Overview This chapter shows you how to use the ZyXEL Device’s various features. • Setting Up an ADSL PPPoE Connection, see page 39 • HomePNA Example Setup, see page 42 • Setting Up a Secure Wireless Network, see page 44 •...
  • Page 40 Chapter 4 Tutorials In this example, the DSL connection has the following information. General Connection Name MyDSLConnection Type ADSL over ATM Connection Mode Routing Encapsulation PPPoE ATM PVC Configuration VPI/VCI 36/48 Encapsulation Mode LLC/SNAP-Bridging Service Category UBR without PCR Account Information PPP User Name 1234@DSL-Ex.com PPP Password...
  • Page 41 Chapter 4 Tutorials Click Apply to save your settings. P-873HNUP-51B User’s Guide...

  • Page 42: Homepna Example Setup

    Chapter 4 Tutorials You should see a summary of your new DSL connection setup in the Broadband screen as follows. Try to connect to a website, such as zyxel.com to see if you have correctly set up your Internet connection. Be sure to contact your service provider for any information you need to configure the WAN screens.
  • Page 43 Chapter 4 Tutorials The figure below shows the hardware setup for this tutorial: Log into the ZyXEL Device’s Web Configurator. Go to the Network Settings > HPNA screen. Select Enable in the State field to enable your HPNA port. Connect your ZyXEL Device to the Internet source. This could be either DSL or Ethernet. Connect the ZyXEL Device’s coaxial port a coaxial outlet in your house.

  • Page 44: Setting Up A Secure Wireless Network

    Chapter 4 Tutorials 4.4 Setting Up a Secure Wireless Network Thomas wants to set up a wireless network so that he can use his notebook to access the Internet. In this wireless network, the ZyXEL Device serves as an access point (AP), and the notebook is the wireless client.
  • Page 45 Chapter 4 Tutorials Click Network Settings > Wireless to open the General screen. Select More Secure as the security level and WPA-PSK as the security mode. Configure the screen using the provided parameters (see page 44). Click Apply. Go to the Wireless > Others screen and select 802.11b/g/n Mixed in the 802.11 Mode field. Click Apply.

  • Page 46: Using Wps

    Chapter 4 Tutorials 4.4.2 Using WPS This section shows you how to set up a wireless network using WPS. It uses the ZyXEL Device as the AP and ZyXEL NWD210N as the wireless client which connects to the notebook. Note: The wireless client must be a WPS-aware device (for example, a WPS USB adapter or PCMCIA card).
  • Page 47 Chapter 4 Tutorials Note: Your ZyXEL Device has a WPS button located on its front panel as well as a WPS button in its configuration utility. Both buttons have exactly the same function: you can use one or the other. Note: It doesn’t matter which button is pressed first.
  • Page 48 Chapter 4 Tutorials PIN Configuration When you use the PIN configuration method, you need to use both the ZyXEL Device’s web configurator and the wireless client’s utility. Launch your wireless client’s configuration utility. Go to the WPS settings and select the PIN method to get a PIN number.

  • Page 49: Without Wps

    Chapter 4 Tutorials The following figure shows you how to set up a wireless network and its security on a ZyXEL Device and a wireless client by using PIN method. Example WPS Process: PIN Method Wireless Client ZyXEL Device WITHIN 2 MINUTES Authentication by PIN SECURITY INFO COMMUNICATION...

  • Page 50: Setting Up Multiple Wireless Groups

    Chapter 4 Tutorials 4.5 Setting Up Multiple Wireless Groups Company A wants to create different wireless network groups for different types of users as shown in the following figure. Each group has its own SSID and security mode. Company Guest •...
  • Page 51 Chapter 4 Tutorials Click Network Settings > Wireless to open the General screen. Use this screen to set up the company’s general wireless network group. Configure the screen using the provided parameters and click Apply. Click Network Settings > Wireless > More AP to open the following screen. Click the Edit icon to configure the second wireless network group.
  • Page 52 Chapter 4 Tutorials Configure the screen using the provided parameters and click Apply. In the More AP screen, click the Edit icon to configure the third wireless network group. P-873HNUP-51B User’s Guide...

  • Page 53: Setting Up Nat Port Forwarding

    Chapter 4 Tutorials Configure the screen using the provided parameters and click Apply. Check the status of VIP and Guest in the More AP screen. The yellow bulbs signify that the SSIDs are active and ready for wireless access. 4.6 Setting Up NAT Port Forwarding Thomas manages the Doom server on a computer behind the ZyXEL Device.
  • Page 54 Chapter 4 Tutorials configure the port settings and IP address on the ZyXEL Device. Traffic should be forwarded to the port 666 of the Doom server computer which has an IP address of 192.168.1.34. Tutorial: NAT Port Forwarding Setup D=192.168.1.34 port 666 Thomas may set up the port settings by configuring the port settings for the Doom server computer (see...

  • Page 55: Configuring Static Route For Routing To Another Network

    Chapter 4 Tutorials The port forwarding settings you configured appear in the table. The ZyXEL Device forwards port 666 traffic to the computer with IP address 192.168.1.34. Players on the Internet then can have access to Thomas’ Doom server. 4.7 Configuring Static Route for Routing to Another Network In order to extend your Intranet and control traffic flowing directions, you may connect a router to the ZyXEL Device’s LAN.
  • Page 56 Chapter 4 Tutorials You need to specify a static routing rule on the ZyXEL Device to specify R as the router in charge of forwarding traffic to N2. In this case, the ZyXEL Device routes traffic from A to R and then R routes the traffic to B.

  • Page 57: Configuring Qos Queue And Class Setup

    Chapter 4 Tutorials Select the interface that is in use. Select Enable in the Use Gateway IP Address field. Type 192.168.1.253 (R’s N1 address) in the Gateway IP Address field. Click Apply. Now B should be able to receive traffic from A. You may need to additionally configure B’s firewall settings to allow specific traffic to pass through.
  • Page 58 Chapter 4 Tutorials Note: QoS is applied to traffic flowing out of the ZyXEL Device. Traffic that does not match this class is assigned a priority queue based on the internal QoS mapping table on the ZyXEL Device. QoS Example 10,000 kbps Your computer IP=192.168.1.23...
  • Page 59 Chapter 4 Tutorials • Rate Limit: 5,000 (kbps) Tutorial: Advanced > QoS > Queue Setup Click Class Setup > Add new Classifier to create a new class. Check Active and follow the settings as shown in the screen below. Tutorial: Advanced > QoS > Class Setup P-873HNUP-51B User’s Guide...

  • Page 60: Access The Zyxel Device Using Ddns

    Chapter 4 Tutorials Class Name Give a class name to this traffic, such as E-mail in this example. From Interface This is the interface from which the traffic will be coming from. Select LAN1 for this example. Ether Type Select IP to identify the traffic source by its IP address or MAC address. IP Address Type the IP address of your computer - 192.168.1.23.

  • Page 61: Registering A Ddns Account On Www.dyndns.org

    Chapter 4 Tutorials 4.9.1 Registering a DDNS Account on www.dyndns.org Open a browser and type http://www.dyndns.org. Apply for a user account. This tutorial uses UserName1 and 12345 as the username and password. Log into www.dyndns.org using your account. Add a new DDNS host name. This tutorial uses the following settings as an example. •...
  • Page 62 Chapter 4 Tutorials P-873HNUP-51B User’s Guide...

  • Page 63: Technical Reference

    Technical Reference...

  • Page 65: Network Map And Status Screens

    H A PT ER Network Map and Status Screens 5.1 Overview After you log into the Web Configurator, the Network Map screen appears. This shows the network connection status of the ZyXEL Device and clients connected to it. You can use the Status screen to look at the current status of the ZyXEL Device, system resources, and interfaces (LAN, WAN, and WLAN).
  • Page 66 Chapter 5 Network Map and Status Screens Figure 13 Network Map: List Mode In Icon Mode, if you want to view information about a client, click the client’s name and Info. Click the IP address if you want to change it. If you want to change the name or icon of the client, click Change name/icon.

  • Page 67: The Status Screen

    Chapter 5 Network Map and Status Screens 5.3 The Status Screen Use this screen to view the status of the ZyXEL Device. Click Status to open this screen. Figure 15 Status Screen Each field is described in the following table. Table 5 Status Screen LABEL DESCRIPTION...
  • Page 68 Chapter 5 Network Map and Status Screens Table 5 Status Screen (continued) LABEL DESCRIPTION IP Address This is the current IP address of the ZyXEL Device in the LAN. IP Subnet This is the current subnet mask in the LAN. Mask DHCP This field displays what DHCP services the ZyXEL Device is providing to the LAN.
  • Page 69 Chapter 5 Network Map and Status Screens Table 5 Status Screen (continued) LABEL DESCRIPTION CPU Usage This field displays what percentage of the ZyXEL Device’s processing ability is currently used. When this percentage is close to 100%, the ZyXEL Device is running at full load, and the throughput is not going to improve anymore.
  • Page 70 Chapter 5 Network Map and Status Screens P-873HNUP-51B User’s Guide...

  • Page 71: Broadband

    H A PT ER Broadband 6.1 Overview This chapter describes how to configure WAN settings from the Broadband screen. Use this screen to configure your ZyXEL Device for Internet access. If the DSLAM of your ISP supports DSL bonding, you can connect the two DSL ports on the ZyXEL Device to two separate telephone jacks and enable the bonding feature in the DSL screen.

  • Page 72: Before You Begin

    Chapter 6 Broadband WAN IP Address The WAN IP address is an IP address for the ZyXEL Device, which makes it accessible from an outside network. It is used by the ZyXEL Device to communicate with other devices in other networks.

  • Page 73: The Broadband Screen

    Chapter 6 Broadband 6.2 The Broadband Screen Use this screen to change your ZyXEL Device’s Internet access settings. Click Network Settings> Broadband from the menu. The summary table shows you the configured WAN services (connections) on the ZyXEL Device. Figure 17 Network Settings > Broadband The following table describes the labels in this screen.

  • Page 74: Add/Edit Broadband

    Chapter 6 Broadband 6.2.1 Add/Edit Broadband Click Add new WAN interface in the Broadband screen or the Edit icon next to an existing WAN interface to configure a WAN connection. The screen differs according to the mode and encapsulation you choose. This screen displays when you select Routing mode and PPPoE encapsulation.
  • Page 75 Chapter 6 Broadband The following table describes the labels in this screen. Table 7 Broadband: Add/Edit: PPPoE Encapsulation LABEL DESCRIPTION General Active Select this to activate the WAN configuration settings. Name Specify a descriptive name for this connection. This field is view only if you are editing the WAN connection.
  • Page 76 Chapter 6 Broadband Table 7 Broadband: Add/Edit: PPPoE Encapsulation (continued) LABEL DESCRIPTION Encapsulation Select the method of multiplexing used by your ISP from the drop-down list box. Mode Choices are: • LLC/SNAP-BRIDGING: In LCC encapsulation, bridged PDUs are encapsulated by identifying the type of the bridged media in the SNAP header.
  • Page 77 Chapter 6 Broadband Table 7 Broadband: Add/Edit: PPPoE Encapsulation (continued) LABEL DESCRIPTION PPPoE This field is available when you select PPPoE encapsulation. Passthrough In addition to the ZyXEL Device’s built-in PPPoE client, you can enable PPPoE pass through to allow up to ten hosts on the LAN to use PPPoE client software on their computers to connect to the ISP via the ZyXEL Device.
  • Page 78 Chapter 6 Broadband Table 7 Broadband: Add/Edit: PPPoE Encapsulation (continued) LABEL DESCRIPTION Apply Click Apply to save your changes back to the ZyXEL Device. Cancel Click Cancel to exit this screen without saving. 6.2.1.1 Bridge This screen displays when you select the Bridge mode. Figure 19 Broadband: Add/Edit: Bridge Mode The following table describes the labels in this screen.
  • Page 79 Chapter 6 Broadband Table 8 Broadband: Add/Edit: Bridge Mode (continued) LABEL DESCRIPTION The valid range for the VCI is 32 to 65535 (0 to 31 is reserved for local management of ATM traffic). Enter the VCI assigned to you. DSL Link Type This field is not editable.

  • Page 80: The Dsl Screen

    Chapter 6 Broadband 6.3 The DSL Screen If the DSLAM of your ISP supports DSL bonding, you can connect the two DSL ports on the ZyXEL Device to two separate telephone jacks and enable the bonding feature in the DSL screen. DSL signals have distance limitations.
  • Page 81 Chapter 6 Broadband Click Broadband > DSL to display the following screen. Figure 20 Broadband > DSL The following table describes the labels in this screen. Table 10 Broadband > DSL LABEL DESCRIPTION DSL Bonding State Select Enable to use the DSL bonding and ADSL fallback features. Make sure your ISP supports these functions.

  • Page 82: Technical Reference

    Chapter 6 Broadband 6.4 Technical Reference This section provides some technical background information about the topics covered in this chapter. 6.4.1 Encapsulation Be sure to use the encapsulation method required by your ISP. The ZyXEL Device supports the following methods. 6.4.1.1 PPP over Ethernet The ZyXEL Device supports PPPoE (Point-to-Point Protocol over Ethernet).

  • Page 83: Multiplexing

    Chapter 6 Broadband 6.4.2 Multiplexing There are two conventions to identify what protocols the virtual circuit (VC) is carrying. Be sure to use the multiplexing method required by your ISP. VC-based Multiplexing In this case, by prior mutual agreement, each protocol is assigned to a specific virtual circuit; for example, VC1 carries IP, etc.

  • Page 84: Nat

    Chapter 6 Broadband 6.4.5 NAT NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network.

  • Page 85: Introduction To Vlans

    Chapter 6 Broadband Constant Bit Rate (CBR) Constant Bit Rate (CBR) provides fixed bandwidth that is always available even if no data is being sent. CBR traffic is generally time-sensitive (doesn't tolerate delay). CBR is used for connections that continuously require a specific amount of bandwidth. A PCR is specified and if traffic exceeds this rate, cells may be dropped.
  • Page 86 Chapter 6 Broadband VLANs can be created statically by hand or dynamically through GVRP. The VLAN ID associates a frame with a specific VLAN and provides the information that switches need to process the frame across the network. A tagged frame is four bytes longer than an untagged frame and contains two bytes of TPID (Tag Protocol Identifier), residing within the type/length field of the Ethernet frame) and two bytes of TCI (Tag Control Information), starts after the source address field of the Ethernet frame).

  • Page 87: Wireless

    H A PT ER Wireless 7.1 Overview This chapter describes the ZyXEL Device’s Network Settings > Wireless screens. Use these screens to set up your ZyXEL Device’s wireless connection. 7.1.1 What You Can Do in this Chapter This section describes the ZyXEL Device’s Wireless screens. Use these screens to set up your ZyXEL Device’s wireless connection.

  • Page 88: What You Need To Know

    Chapter 7 Wireless 7.1.2 What You Need to Know Wireless Basics “Wireless” is essentially radio communication. In the same way that walkie-talkie radios send and receive information over the airwaves, wireless networking devices exchange information with one another. A wireless networking device is just like a radio that lets your computer exchange information with radios attached to other computers.
  • Page 89 Chapter 7 Wireless Click Network Settings > Wireless to open the General screen. Figure 22 Network Settings > Wireless > General The following table describes the general wireless LAN labels in this screen. Table 11 Network Settings > Wireless > General LABEL DESCRIPTION Wireless Network Setup...

  • Page 90: No Security

    Chapter 7 Wireless Table 11 Network Settings > Wireless > General (continued) LABEL DESCRIPTION Wireless Network Settings Wireless The SSID (Service Set IDentity) identifies the service set with which a wireless Network Name device is associated. Wireless devices associating to the access point (AP) must (SSID) have the same SSID.

  • Page 91: Basic (Wep Encryption)

    Chapter 7 Wireless The following table describes the labels in this screen. Table 12 Wireless > General: No Security LABEL DESCRIPTION Security Level Choose No Security from the drop-down list box. 7.2.2 Basic (WEP Encryption) WEP encryption scrambles the data transmitted between the wireless stations and the access points (AP) to keep network communications private.
  • Page 92 Chapter 7 Wireless The following table describes the labels in this screen. Table 13 Wireless > General: Basic (WEP) LABEL DESCRIPTION Security Level Select Basic to enable WEP data encryption. Generate Select this option to have the ZyXEL Device automatically generate a password. The password password field will not be configurable when you select this option.

  • Page 93: More Secure (Wpa(2)-Psk)

    Chapter 7 Wireless 7.2.3 More Secure (WPA(2)-PSK) The WPA-PSK security mode provides both improved data encryption and user authentication over WEP. Using a Pre-Shared Key (PSK), both the ZyXEL Device and the connecting client share a common password in order to validate the connection. This type of encryption, while robust, is not as strong as WPA, WPA2 or even WPA2-PSK.

  • Page 94: Wpa(2) Authentication

    Chapter 7 Wireless Table 14 Wireless > General: More Secure: WPA(2)-PSK (continued) LABEL DESCRIPTION Encryption Select the encryption type (AES or TKIP+AES) for data encryption. Select AES if your wireless clients can all use AES. Select TKIP+AES to allow the wireless clients to use either TKIP or AES. Group Key The Group Key Update Timer is the rate at which the RADIUS server sends a Update Timer...

  • Page 95: The More Ap Screen

    Chapter 7 Wireless The following table describes the labels in this screen. Table 15 Wireless > General: More Secure: WPA(2) LABEL DESCRIPTION Security Level Select More Secure to enable WPA(2)-PSK data encryption. Security Mode Choose WPA or WPA2 from the drop-down list box. Authentication Server IP Address Enter the IP address of the external authentication server in dotted decimal...

  • Page 96: Edit More Ap

    Chapter 7 Wireless The following table describes the labels in this screen. Table 16 Network Settings > Wireless > More AP LABEL DESCRIPTION This is the index number of the entry. Status This field indicates whether this SSID is active. A yellow bulb signifies that this SSID is active.

  • Page 97: Mac Authentication

    Chapter 7 Wireless Table 17 More AP: Edit (continued) LABEL DESCRIPTION Wireless Network The SSID (Service Set IDentity) identifies the service set with which a Name (SSID) wireless device is associated. Wireless devices associating to the access point (AP) must have the same SSID. Enter a descriptive name (up to 32 English keyboard characters) for the wireless LAN.

  • Page 98: The Wps Screen

    Chapter 7 Wireless The following table describes the labels in this screen. Table 18 Wireless > MAC Authentication LABEL DESCRIPTION SSID Select the SSID for which you want to configure MAC filter settings. MAC List Define the filter action for the list of MAC addresses in the MAC Address table. Select Disable to turn off MAC filtering.
  • Page 99 Chapter 7 Wireless Click Network Settings > Wireless > WPS. The following screen displays. Select Enable and click Apply to activate the WPS function. Then you can configure the WPS settings in this screen. Figure 30 Network Settings > Wireless > WPS The following table describes the labels in this screen.

  • Page 100: The Others Screen

    Chapter 7 Wireless Table 19 Network Settings > Wireless > WPS (continued) LABEL DESCRIPTION Release The default WPS status is configured. Configuration Click this button to remove all configured wireless and wireless security settings for WPS connections on the ZyXEL Device. Generate New The PIN (Personal Identification Number) of the ZyXEL Device is shown here.

  • Page 101: Technical Reference

    Chapter 7 Wireless Table 20 Network Settings > Wireless > Others (continued) LABEL DESCRIPTION Output Power Set the output power of the ZyXEL Device. If there is a high density of APs in an area, decrease the output power to reduce interference with other APs. Select one of the following: 20%, 40%, 60%, 80% or 100%.
  • Page 102 Chapter 7 Wireless • An “infrastructure” type of network has one or more access points and one or more wireless clients. The wireless clients connect to the access points. • An “ad-hoc” type of network is one in which there is no access point. Wireless clients connect to one another in order to exchange information.

  • Page 103: Additional Wireless Terms

    Chapter 7 Wireless variety of networks to exist in the same place without interfering with one another. When you create a network, you must select a channel to use. Since the available unlicensed spectrum varies from one country to another, the number of available channels also varies.
  • Page 104 Chapter 7 Wireless long string of apparently random numbers and letters - but it is not very secure if you use a short key which is very easy to guess - for example, a three-letter word from the dictionary. Because of the damage that can be done by a malicious attacker, it’s not just people who have sensitive information on their network who should use security.

  • Page 105: Signal Problems

    Chapter 7 Wireless Unauthorized wireless devices can still see the information that is sent in the wireless network, even if they cannot use the wireless network. Furthermore, there are ways for unauthorized wireless users to get a valid user name and password. Then, they can use that user name and password to use the wireless network.

  • Page 106: Bss

    Chapter 7 Wireless transmissions, such as military or air traffic control communications, or from machines that are coincidental emitters such as electric motors or microwaves. Problems with absorption occur when physical objects (such as thick walls) are between the two radios, muffling the signal. 7.7.5 BSS A Basic Service Set (BSS) exists when all communications between wireless stations or between a wireless station and a wired network client go through one access point (AP).

  • Page 107: Preamble Type

    Chapter 7 Wireless 7.7.6.1 Notes on Multiple BSSs • A maximum of eight BSSs are allowed on one AP simultaneously. • You must use different keys for different BSSs. If two wireless devices have different BSSIDs (they are in different BSSs), but have the same keys, they may hear each other’s communications (but not communicate with each other).
  • Page 108 Chapter 7 Wireless Ensure that the two devices you want to set up are within wireless range of one another. Look for a WPS button on each device. If the device does not have one, log into its configuration utility and locate the button (see the device’s User’s Guide for how to do this - for the ZyXEL Device, see Section 7.6 on page 100).
  • Page 109 Chapter 7 Wireless On a computer connected to the wireless client, try to connect to the Internet. If you can connect, WPS was successful. If you cannot connect, check the list of associated wireless clients in the AP’s configuration utility. If you see the wireless client in the list, WPS was successful.
  • Page 110 Chapter 7 Wireless depends on the standards supported by the devices. If the registrar is already part of a network, it sends the existing information. If not, it generates the SSID and WPA(2)-PSK randomly. The following figure shows a WPS-enabled client (installed in a notebook computer) connecting to a WPS-enabled access point.
  • Page 111 Chapter 7 Wireless The following figure shows an example network. In step 1, both AP1 and Client 1 are unconfigured. When WPS is activated on both, they perform the handshake. In this example, AP1 is the registrar, and Client 1 is the enrollee. The registrar randomly generates the security information to set up the network, since it is unconfigured and has no existing information.
  • Page 112 Chapter 7 Wireless In step 3, you add another access point (AP2) to your network. AP2 is out of range of AP1, so you cannot use AP1 for the WPS handshake with the new access point. However, you know that Client 2 supports the registrar function, so you use it to perform the WPS handshake instead.
  • Page 113 Chapter 7 Wireless • When you use the PBC method, there is a short period (from the moment you press the button on one device to the moment you press the button on the other device) when any WPS-enabled device could join the network. This is because the registrar has no way of identifying the “correct”...
  • Page 114 Chapter 7 Wireless P-873HNUP-51B User’s Guide...

  • Page 115: Home Networking

    H A PT ER Home Networking 8.1 Overview A Local Area Network (LAN) is a shared communication system to which many networking devices are connected. It is usually located in one immediate area such as a building or floor of a building. Use the LAN screens to help you configure a LAN DHCP server and manage IP addresses.

  • Page 116: What You Need To Know

    Chapter 8 Home Networking 8.1.2 What You Need To Know 8.1.2.1 About LAN IP Address IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network.

  • Page 117: Before You Begin

    Chapter 8 Home Networking Cautions with UPnP The automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues. Network information and configuration may also be obtained and modified by users in some network environments. When a UPnP device joins a network, it announces its presence with a multicast message.
  • Page 118 Chapter 8 Home Networking Click Apply to save your settings. Figure 39 Network Settings > Home Networking > LAN Setup The following table describes the fields in this screen. Table 23 Network Settings > Home Networking > LAN Setup LABEL DESCRIPTION Group Name Select the interface group name for which you want to configure LAN settings.

  • Page 119: The Static Dhcp Screen

    Chapter 8 Home Networking Table 23 Network Settings > Home Networking > LAN Setup (continued) LABEL DESCRIPTION DHCP Relay Server This field is only available when you select DHCP Relay in the DHCP field. Address IP Address Enter the IP address of the actual remote DHCP server in this field. IP Addressing This field is only available when you select Enable in the DHCP field.
  • Page 120 Chapter 8 Home Networking The following table describes the labels in this screen. Table 24 Network Settings > Home Networking > Static DHCP LABEL DESCRIPTION Add new static Click this to add a new static DHCP entry. lease This is the index number of the entry. Status This field displays whether the client is connected to the ZyXEL Device.

  • Page 121: The Upnp Screen

    Chapter 8 Home Networking Table 25 Static DHCP: Add/Edit (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 8.4 The UPnP Screen Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices.
  • Page 122 Chapter 8 Home Networking Click on the Windows Setup tab and select Communication in the Components selection box. Click Details. Add/Remove Programs: Windows Setup: Communication In the Communications window, select the Universal Plug and Play check box in the Components selection box. Add/Remove Programs: Windows Setup: Communication: Components P-873HNUP-51B User’s Guide...
  • Page 123 Chapter 8 Home Networking Click OK to go back to the Add/Remove Programs Properties window and click Next. Restart the computer when prompted. Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. Click Start and Control Panel. Double-click Network Connections.

  • Page 124: Using Upnp In Windows Xp Example

    Chapter 8 Home Networking In the Networking Services window, select the Universal Plug and Play check box. Networking Services Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. 8.6 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP.
  • Page 125 Chapter 8 Home Networking Right-click the icon and select Properties. Network Connections In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created. Internet Connection Properties P-873HNUP-51B User’s Guide...
  • Page 126 Chapter 8 Home Networking You may edit or delete the port mappings or click Add to manually add port mappings. Internet Connection Properties: Advanced Settings Internet Connection Properties: Advanced Settings: Add When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically.
  • Page 127 Chapter 8 Home Networking Double-click on the icon to display your current Internet connection status. Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the ZyXEL Device without finding out the IP address of the ZyXEL Device first. This comes helpful if you do not know the IP address of the ZyXEL Device.
  • Page 128 Chapter 8 Home Networking Select My Network Places under Other Places. Network Connections An icon with the description for each UPnP-enabled device displays under Local Network. Right-click on the icon for your ZyXEL Device and select Invoke. The web configurator login screen displays.

  • Page 129: The Stb Vendor Id Screen

    Chapter 8 Home Networking Right-click on the icon for your ZyXEL Device and select Properties. A properties window displays with basic information about the ZyXEL Device. Network Connections: My Network Places: Properties: Example Screen STB Vendor ID Click Network Settings > Home Networking > STB Vendor ID to open this screen. Set Top Box (STB) devices with dynamic IP addresses sometimes don’t renew their IP addresses before the lease time expires.

  • Page 130: The Hpna Screen

    Chapter 8 Home Networking The following table describes the fields in this screen. Table 27 Network Settings > Home Networking > STB Vendor ID LABEL DESCRIPTION Vendor ID 1 ~ 5 Enter the STB’s vendor ID. Apply Click Apply to save your changes back to the ZyXEL Device. Cancel Click Cancel to exit this screen without saving.

  • Page 131: The Lan Vlan Screen

    Chapter 8 Home Networking The following table describes the fields in this screen. Table 29 Network Settings > Home Networking > 5th Ethernet Port LABEL DESCRIPTION State Select Enable to use the Ethernet WAN port as a LAN port on the ZyXEL Device. Apply Click Apply to save your changes back to the ZyXEL Device.

  • Page 132: Technical Reference

    Chapter 8 Home Networking Table 30 Network Settings > Home Networking > LAN VLAN (continued) LABEL DESCRIPTION VLAN ID If you will add or remark tags for this LAN port’s downstream traffic, specify the VLAN ID (from 0 to 4094) to use here. Apply Click Apply to save your changes back to the ZyXEL Device.

  • Page 133: Dns Server Addresses

    Chapter 8 Home Networking 8.11.3 DNS Server Addresses DNS (Domain Name System) maps a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it.
  • Page 134 Chapter 8 Home Networking The subnet mask specifies the network number portion of an IP address. Your ZyXEL Device will compute the subnet mask automatically based on the IP address that you entered. You don't need to change the subnet mask computed by the ZyXEL Device unless you are instructed to do otherwise.

  • Page 135: Static Routing

    H A PT ER Static Routing 9.1 Overview The ZyXEL Device usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the ZyXEL Device send data to devices not reachable through the default gateway, use static routes.

  • Page 136: The Routing Screen

    Chapter 9 Static Routing 9.2 The Routing Screen Use this screen to view and configure the static route rules on the ZyXEL Device. Click Network Settings > Routing > Static Route to open the following screen. Figure 49 Network Settings > Routing > Static Route The following table describes the labels in this screen.

  • Page 137: Add/Edit Static Route

    Chapter 9 Static Routing 9.2.1 Add/Edit Static Route Use this screen to add or edit a static route. Click Add new Static Route Entry in the Routing screen or the Edit icon next to the static route you want to edit. The screen shown next appears. Figure 50 Routing: Add/Edit The following table describes the labels in this screen.
  • Page 138 Chapter 9 Static Routing P-873HNUP-51B User’s Guide...

  • Page 139: Quality Of Service (Qos)

    HAPTER Quality of Service (QoS) 10.1 Overview Quality of Service (QoS) refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. Without QoS, all traffic data is equally likely to be dropped when the network is congested.

  • Page 140: What You Need To Know

    Chapter 10 Quality of Service (QoS) 10.2 What You Need to Know The following terms and concepts may help as you read through this chapter. QoS versus Cos QoS is used to prioritize source-to-destination traffic flows. All packets in the same flow are given the same priority.

  • Page 141: The Quality Of Service General Screen

    Chapter 10 Quality of Service (QoS) Traffic Policing Traffic policing is the limiting of the input or output transmission rate of a class of traffic on the basis of user-defined criteria. Traffic policing methods measure traffic flows against user-defined criteria and identify it as either conforming, exceeding or violating the criteria. Traffic Rate Traffic Rate Time...
  • Page 142 Chapter 10 Quality of Service (QoS) The following table describes the labels in this screen. Table 33 Network Settings > QoS > General LABEL DESCRIPTION State Select the Enable check box to turn on QoS to improve your network performance. WAN Managed Upstream Enter the amount of upstream bandwidth for the WAN interfaces that you want to...

  • Page 143: The Queue Setup Screen

    Chapter 10 Quality of Service (QoS) 10.4 The Queue Setup Screen Click Network Settings > QoS > Queue Setup to open the screen as shown next. Use this screen to configure QoS queue assignment. Figure 52 Network Settings > QoS > Queue Setup The following table describes the labels in this screen.

  • Page 144: Adding A Qos Queue

    Chapter 10 Quality of Service (QoS) Table 34 Network Settings > QoS > Queue Setup (continued) LABEL DESCRIPTION Rate Limit This shows the maximum transmission rate allowed for traffic on this queue. Modify Click the Edit icon to edit the queue. Click the Delete icon to delete an existing queue.

  • Page 145: The Class Setup Screen

    Chapter 10 Quality of Service (QoS) Table 35 Queue Setup: Add (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 10.5 The Class Setup Screen Use this screen to add, edit or delete QoS classifiers. A classifier groups traffic into data flows according to specific criteria such as the source address, destination address, source port number, destination port number or incoming interface.
  • Page 146 Chapter 10 Quality of Service (QoS) Table 36 Network Settings > QoS > Class Setup (continued) LABEL DESCRIPTION To Queue This is the name of the queue in which traffic of this classifier is put. Modify Click the Edit icon to edit the classifier. Click the Delete icon to delete an existing classifier.

  • Page 147: Add/Edit Qos Class

    Chapter 10 Quality of Service (QoS) 10.5.1 Add/Edit QoS Class Click Add new Classifier in the Class Setup screen or the Edit icon next to a classifier to open the following screen. Figure 55 Class Setup: Add/Edit P-873HNUP-51B User’s Guide...
  • Page 148 Chapter 10 Quality of Service (QoS) The following table describes the labels in this screen. Table 37 Class Setup: Add/Edit LABEL DESCRIPTION Active Select this to enable this classifier. Class Name Enter a descriptive name of up to 15 printable English keyboard characters, not including spaces.
  • Page 149 Chapter 10 Quality of Service (QoS) Table 37 Class Setup: Add/Edit (continued) LABEL DESCRIPTION Exclude Select this option to exclude the packets that match the specified criteria from this classifier. Others Service This field is available only when you select IP in the Ether Type field. This field simplifies classifier configuration by allowing you to select a predefined application.

  • Page 150: The Qos Policer Setup Screen

    Chapter 10 Quality of Service (QoS) Table 37 Class Setup: Add/Edit (continued) LABEL DESCRIPTION VLAN ID If you select Remark, enter a VLAN ID number with which the ZyXEL Device replaces the VLAN ID of the frames. If you select Remove, the ZyXEL Device deletes the VLAN ID of the frames before forwarding them out.

  • Page 151: Add/Edit A Qos Policer

    Chapter 10 Quality of Service (QoS) Table 38 Network Settings > QoS > Policer Setup (continued) LABEL DESCRIPTION Action This shows the how the policer has the ZyXEL Device treat different types of traffic belonging to the policer’s member QoS classes. Modify Click the Edit icon to edit the policer.

  • Page 152: The Qos Monitor Screen

    Chapter 10 Quality of Service (QoS) Table 39 Policer Setup: Add/Edit (continued) LABEL DESCRIPTION Committed Specify the committed burst size for packet bursts. This must be equal to or less Burst Size than the peak burst size (two rate three color) or excess burst size (single rate three color) if it is also configured.

  • Page 153: Technical Reference

    Chapter 10 Quality of Service (QoS) The following table describes the labels in this screen. Table 40 Network Settings > QoS > Monitor LABEL DESCRIPTION Refresh Interval Enter how often you want the ZyXEL Device to update this screen. Select None to stop refreshing statistics.
  • Page 154 Chapter 10 Quality of Service (QoS) Table 41 IEEE 802.1p Priority Level and Traffic Type (continued) PRIORITY TRAFFIC TYPE LEVEL Level 1 This is typically used for non-critical “background” traffic such as bulk transfers that are allowed but that should not affect other applications and users. Level 0 Typically used for best-effort traffic.
  • Page 155 Chapter 10 Quality of Service (QoS) The following table shows you the internal layer-2 and layer-3 QoS mapping on the ZyXEL Device. On the ZyXEL Device, traffic assigned to higher priority queues gets through faster while traffic in lower index queues is dropped if the network is congested. Table 42 Internal Layer2 and Layer3 QoS Mapping LAYER 2 LAYER 3...
  • Page 156 Chapter 10 Quality of Service (QoS) • If there are no tokens in the bucket, the ZyXEL Device stops transmitting until enough tokens are generated. • If not enough tokens are available, the ZyXEL Device treats the packet in either one of the following ways: In traffic shaping: •...
  • Page 157 Chapter 10 Quality of Service (QoS) on the guaranteed and maximum bandwidth respectively as negotiated between a service provider and client. The trTCM evaluates incoming packets and marks them with one of three colors which refer to packet loss priority levels. High packet loss priority level is referred to as red, medium is referred to as yellow and low is referred to as green.
  • Page 158 Chapter 10 Quality of Service (QoS) P-873HNUP-51B User’s Guide...

  • Page 159: Network Address Translation (Nat)

    HAPTER Network Address Translation (NAT) 11.1 Overview This chapter discusses how to configure NAT on the ZyXEL Device. NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network.

  • Page 160: The Port Forwarding Screen

    Chapter 11 Network Address Translation (NAT) WAN side. When the response comes back, NAT translates the destination address (the inside global address) back to the inside local address before forwarding it to the original inside host. Port Forwarding A port forwarding set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visible to the outside world even though NAT makes your whole inside network appear as a single computer to the outside world.
  • Page 161 Chapter 11 Network Address Translation (NAT) third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 59 Multiple Servers Behind NAT Example A=192.168.1.33 B=192.168.1.34 192.168.1.1...

  • Page 162: Add/Edit Port Forwarding

    Chapter 11 Network Address Translation (NAT) Table 43 Network Settings > NAT > Port Forwarding (continued) LABEL DESCRIPTION Server IP Address This is the server’s IP address. Modify Click the Edit icon to edit this rule. Click the Delete icon to delete an existing rule. 11.2.1 Add/Edit Port Forwarding Click Add new rule in the Port Forwarding screen or click the Edit icon next to an existing rule to open the following screen.

  • Page 163: The Applications Screen

    Chapter 11 Network Address Translation (NAT) Table 44 Port Forwarding: Add/Edit (continued) LABEL DESCRIPTION External End Enter the last port of the original destination port range. Port To forward only one port, enter the port number in the External Start Port field above and then enter it again in this field.

  • Page 164: Add New Application

    Chapter 11 Network Address Translation (NAT) 11.3.1 Add New Application This screen lets you create new NAT application rules. Click Add new application in the Applications screen to open the following screen. Figure 63 Applications: Add The following table describes the labels in this screen. Table 46 Applications: Add LABEL DESCRIPTION...
  • Page 165 Chapter 11 Network Address Translation (NAT) LAN can use the service in the same manner. This way you do not need to configure a new IP address each time you want a different LAN computer to use the application. For example: Figure 64 Trigger Port Forwarding Process: Example Jane requests a file from the Real Audio server (port 7070).

  • Page 166: Add/Edit Port Triggering Rule

    Chapter 11 Network Address Translation (NAT) Table 47 Network Settings > NAT > Port Triggering (continued) LABEL DESCRIPTION Trigger Port The trigger port is a port (or a range of ports) that causes (or triggers) the ZyXEL Device to record the IP address of the LAN computer that sent the traffic to a server on the WAN.

  • Page 167: The Dmz Screen

    Chapter 11 Network Address Translation (NAT) The following table describes the labels in this screen. Table 48 Port Triggering: Configuration Add/Edit LABEL DESCRIPTION Active Select the check box to enable this rule. This field is read-only in the Port Triggering Configuration screen. Service Name Enter a name to identify this rule using keyboard characters (A-Z, a-z, 1-2 and so on).

  • Page 168: The Alg Screen

    Chapter 11 Network Address Translation (NAT) The following table describes the fields in this screen. Table 49 Network Settings > NAT > DMZ LABEL DESCRIPTION Default Server Enter the IP address of the default server which receives packets from ports that Address are not specified in the NAT Port Forwarding screen.

  • Page 169: The Sessions Screen

    Chapter 11 Network Address Translation (NAT) 11.7 The Sessions Screen Use the Sessions screen to limit the number of concurrent NAT sessions all clients can use. Click Network Settings > NAT > Sessions to display the following screen. Figure 69 Network Settings > NAT > Sessions The following table describes the fields in this screen.

  • Page 170: What Nat Does

    Chapter 11 Network Address Translation (NAT) Note that inside/outside refers to the location of a host, while global/local refers to the IP address of a host used in a packet. Thus, an inside local address (ILA) is the IP address of an inside host in a packet when the packet is still in the local network, while an inside global address (IGA) is the IP address of the same inside host when the packet is on the WAN side.

  • Page 171: How Nat Works

    Chapter 11 Network Address Translation (NAT) 11.8.3 How NAT Works Each packet has two addresses – a source address and a destination address. For outgoing packets, the ILA (Inside Local Address) is the source address on the LAN, and the IGA (Inside Global Address) is the source address on the WAN.

  • Page 172: Nat Application

    Chapter 11 Network Address Translation (NAT) 11.8.4 NAT Application The following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP alias) behind the ZyXEL Device can communicate with three distinct WAN networks. Figure 71 NAT Application With IP Alias Port Forwarding: Services and Port Numbers The most often used port numbers are shown in the following table.
  • Page 173 Chapter 11 Network Address Translation (NAT) Port Forwarding Example Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the example).
  • Page 174 Chapter 11 Network Address Translation (NAT) P-873HNUP-51B User’s Guide...

  • Page 175: Dynamic Dns Setup

    HAPTER Dynamic DNS Setup 12.1 Overview DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a machine before you can access it. In addition to the system DNS server(s), each WAN interface (service) is set to have its own static or dynamic DNS server list.

  • Page 176: What You Can Do In This Chapter

    Chapter 12 Dynamic DNS Setup Dynamic DNS Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect.

  • Page 177: Add/Edit Dns Entry

    Chapter 12 Dynamic DNS Setup The following table describes the fields in this screen. Table 54 Advanced > DNS Setting > DNS Setting LABEL DESCRIPTION Add new DNS Click this to create a new DNS entry. entry This is the index number of the entry. Hostname This indicates the host name or domain name.

  • Page 178: The Dynamic Dns Screen

    Chapter 12 Dynamic DNS Setup 12.3 The Dynamic DNS Screen Use this screen to change your ZyXEL Device’s DDNS. Click Advanced > DNS Setting > Dynamic DNS. The screen appears as shown. Figure 76 Advanced > DNS Setting > Dynamic DNS The following table describes the fields in this screen.

  • Page 179: Igmp

    HAPTER IGMP 13.1 Overview Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender to 1 recipient) or Broadcast (1 sender to everybody on the network). Multicast delivers IP packets to just a group of hosts on the network. IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a multicast group - it is not used to carry user data.
  • Page 180 Chapter 13 IGMP IGMP Proxy To allow better network performance, you can use IGMP proxy instead of a multicast routing protocol in a simple tree network topology. Note: Your ZyXEL Device is an IGMP proxy. In IGMP proxy, an upstream interface is the port that is closer to the source (or the root of the multicast tree) and is able to receive multicast traffic.

  • Page 181: The Igmp General Screen

    Chapter 13 IGMP 13.2 The IGMP General Screen Use the General screen to configure general IGMP proxy and IGMP packet processing settings. Click Network Settings > IGMP Setting > General to open the following screen. Figure 78 Network Settings > IGMP Setting > General The following table describes the fields in this screen.

  • Page 182: Igmp Filter Configuration

    Chapter 13 IGMP Table 57 Network Settings > IGMP Setting > General (continued) LABEL DESCRIPTION Ignore IGMP query Select this to discard IGMP query packets with a destination IP address other which destination than 224.0.0.1, the all-hosts multicast address. IP is not 224.0.0.1 Apply Click this button to save your settings back to the ZyXEL Device.
  • Page 183 Chapter 13 IGMP The following table describes the fields in this screen. Table 58 Network Settings > IGMP Setting > IGMP Filter LABEL DESCRIPTION Allow IGMP packets Select this to accept IGMP packets received on any of the LAN Ethernet ports. from Ethernet Clear this to discard IGMP packets received on any of the LAN Ethernet ports.

  • Page 184: Igmp Host Limitation Edit

    Chapter 13 IGMP 13.3.1 IGMP Host Limitation Edit Use this screen to control a LAN host’s access to IGMP services through the ZyXEL Device. Click Network Settings > IGMP Setting > IGMP Filter and then a LAN host’s Edit icon to open the following screen.

  • Page 185: Igmp Host Limitation Add

    Chapter 13 IGMP The following table describes the fields in this screen. Table 60 Network Settings > IGMP Setting > IGMP Filter > Add a new service LABEL DESCRIPTION Service Name Specify a name to identify the IGMP service domain. You can enter up to 30 characters.

  • Page 186: Igmp Acl Configuration

    Chapter 13 IGMP Table 61 Network Settings > IGMP Setting > IGMP Filter > Add a new host limitation (continued) LABEL DESCRIPTION Max Allowed This shows to how many of the IGMP multicast service domain’s channels the Channels LAN device using the specified IP address can subscribe. IGMP Enabled Select whether or not the LAN device is allowed to access IGMP services through the ZyXEL Device.

  • Page 187: Igmp Acl Add

    Chapter 13 IGMP Table 62 Network Settings > IGMP Setting > IGMP ACL (continued) LABEL DESCRIPTION Multicast Address This is the subnet mask of the multicast IP address. Mask Black List These rules are for blocking access to specific multicast IP addresses. Multicast Address This is the multicast IP address of a multicast media channel to which you want to block access.
  • Page 188 Chapter 13 IGMP P-873HNUP-51B User’s Guide...

  • Page 189: Interface Group

    HAPTER Interface Group 14.1 Overview By default, all LAN and WAN interfaces on the ZyXEL Device are in the same group and can communicate with each other. Create interface groups to have the ZyXEL Device assign the IP addresses in different domains to different groups. Each group acts as an independent network on the ZyXEL Device.

  • Page 190: Interface Group Configuration

    Chapter 14 Interface Group Click Network Settings > Interface Group to open the following screen. Figure 86 Network Settings > Interface Group The following table describes the fields in this screen. Table 64 Network Settings > Interface Group LABEL DESCRIPTION Add New Interface Click this button to create a new interface group.
  • Page 191 Chapter 14 Interface Group Note: An interface can belong to only one group at a time. Figure 87 Interface Group Configuration The following table describes the fields in this screen. Table 65 Interface Group Configuration LABEL DESCRIPTION Group Name Enter a name to identify this group. You can enter up to 30 characters. You can use letters, numbers, hyphens (-) and underscores (_).

  • Page 192: Interface Grouping Criteria

    Chapter 14 Interface Group Table 65 Interface Group Configuration (continued) LABEL DESCRIPTION Filter Criteria This shows the filtering criteria. The LAN interface on which the matched traffic is received will belong to this group automatically. WildCard Support This shows if wildcard on DHCP option 60 is enabled. Remove Click the Remove icon to delete this rule from the ZyXEL Device.
  • Page 193 Chapter 14 Interface Group Table 66 Interface Grouping Criteria (continued) LABEL DESCRIPTION DUID type Select DUID-LLT (DUID Based on Link-layer Address Plus Time) to enter the hardware type, a time value and the MAC address of the device. Select DUID-EN (DUID Assigned by Vendor Based upon Enterprise Number) to enter the vendor’s registered enterprise number.
  • Page 194 Chapter 14 Interface Group P-873HNUP-51B User’s Guide...

  • Page 195: Firewall

    HAPTER Firewall 15.1 Overview This chapter shows you how to enable and configure the ZyXEL Device firewall. Use the firewall to protect your ZyXEL Device and network from attacks by hackers on the Internet and control access to it. By default the firewall: •...
  • Page 196 Chapter 15 Firewall follows the SYN-ACK, it queues up all outstanding SYN-ACK responses on a backlog queue. SYN- ACKs are moved off the queue only when an ACK comes back or when an internal timer terminates the three-way handshake. Once the queue is full, the system will ignore all incoming SYN requests, making the system unavailable for legitimate users.

  • Page 197: The Firewall Screen

    Chapter 15 Firewall 15.2 The Firewall Screen Use this screen to set the security level of the firewall on the ZyXEL Device. Firewall rules are grouped based on the direction of travel of packets to which they apply. Click Security Settings > Firewall to display the following screen. Figure 90 Security Settings >...
  • Page 198 Chapter 15 Firewall Click Security Settings > Firewall > Protocol to display the following screen. Figure 91 Security Settings > Firewall > Protocol The following table describes the labels in this screen. Table 68 Security Settings > Firewall > Protocol LABEL DESCRIPTION Add New...

  • Page 199: Add A Protocol

    Chapter 15 Firewall 15.3.1 Add a Protocol Use this screen to add a customized service rule that you can use in the firewall’s ACL rule configuration. Click Add New Protocol Entry in the Protocol screen to display the following screen. Figure 92 Security Settings >...

  • Page 200: The Access Control Screen

    Chapter 15 Firewall Table 69 Security Settings > Firewall > Protocol > Add (continued) LABEL DESCRIPTION Service Enter a description for your customized port. Description Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 15.4 The Access Control Screen Click Security Settings >...

  • Page 201: Add/Edit An Acl Rule

    Chapter 15 Firewall Table 70 Security Settings > Firewall > Access Control (continued) LABEL DESCRIPTION Direction This displays the direction of traffic to which this rule applies. Action This field displays whether the rule silently discards packets (DROP), discards packets and sends a TCP reset packet or an ICMP destination-unreachable message to the sender (REJECT) or allows the passage of packets (ACCEPT).
  • Page 202 Chapter 15 Firewall Table 71 Security Settings > Firewall > Access Control > Add/Edit (continued) LABEL DESCRIPTION Select Source Select the source device to which the ACL rule applies. If you select Specific Device IP Address, enter the source IP address in the field below. Source IP Address Enter the source IP address.

  • Page 203: Mac Filter

    HAPTER MAC Filter 16.1 Overview This screen allows you to configure the ZyXEL Device to give exclusive access to specific devices or exclude specific devices from accessing the ZyXEL Device. Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02.
  • Page 204 Chapter 16 MAC Filter Table 72 Security Settings > MAC Filter (continued) LABEL DESCRIPTION Allow List The devices in this list are permitted or denied access to the ZyXEL Device. Block List Select an entry from the Allow List and use the > button to add it to the Block List.

  • Page 205: Parental Control

    HAPTER Parental Control 17.1 Overview Parental control allows you to permit or block access to certain web sites from home network computers. You can define time periods and days during which the ZyXEL Device performs parental control on a specific user in the Security Settings > Scheduler Rules screen (see Chapter 18 on page 209 detailed information).

  • Page 206: Add/Edit Parental Control Rule

    Chapter 17 Parental Control The following table describes the fields in this screen. Table 73 Parental Control LABEL DESCRIPTION Add new rule Click this to create a new parental control rule. This is the index number of the rule. PC Name/IP/MAC The ZyXEL Device allows or prohibits the users from viewing the Web sites with the URLs listed below.
  • Page 207 Chapter 17 Parental Control The following table describes the fields in this screen. Table 74 Parental Control: Add/Edit LABEL DESCRIPTION PC Name/IP/MAC Select the user that you want to apply this rule to from the drop-down list box. If you want to add an user that is not listed, select User Defined and enter its MAC address.
  • Page 208 Chapter 17 Parental Control P-873HNUP-51B User’s Guide...

  • Page 209: Scheduler Rules

    HAPTER Scheduler Rules 18.1 Overview You can define time periods and days during which the ZyXEL Device performs scheduled rules of certain features (such as Firewall Access Control, Parental Control) on a specific user in the Scheduler Rules screen. 18.2 The Scheduler Rules Screen Use this screen to view, add, or edit time schedule rules.

  • Page 210: Add/Edit A Schedule

    Chapter 18 Scheduler Rules 18.2.1 Add/Edit a Schedule Click the Add button in the Scheduler Rules screen or click the Edit icon next to a schedule rule to open the following screen. Use this screen to configure a restricted access schedule for a specific user on your network.

  • Page 211: Certificates

    HAPTER Certificates 19.1 Overview The ZyXEL Device can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication. 19.1.1 What You Can Do in this Chapter •...

  • Page 212: The Local Certificates Screen

    Chapter 19 Certificates 19.3 The Local Certificates Screen Click Security Settings > Certificates to open the Local Certificates screen. This is the ZyXEL Device’s summary list of certificates and certification requests. Figure 100 Security Settings > Certificates > Local Certificates The following table describes the labels in this screen.

  • Page 213: Create Certificate Request

    Chapter 19 Certificates 19.3.1 Create Certificate Request Click Security Settings > Certificates > Local Certificates and then Create Certificate Request to open the following screen. Use this screen to have the ZyXEL Device generate a certification request. Figure 101 Create Certificate Request The following table describes the labels in this screen.

  • Page 214: Load Signed Certificate

    Chapter 19 Certificates Figure 102 Certificate Request Created 19.3.2 Load Signed Certificate After you create a certificate request and have it signed by a Certificate Authority, in the Local Certificates screen click the certificate request’s Load Signed icon to import the signed certificate into the ZyXEL Device.

  • Page 215: Import Certificate

    Chapter 19 Certificates Note: You must remove any spaces from the certificate’s filename before you can import Figure 103 Load Signed Certificate The following table describes the labels in this screen. Table 79 Load Signed Certificate LABEL DESCRIPTION Certificate This is the name of the signed certificate. Name Certificate Copy and paste the signed certificate into the text box to store it on the ZyXEL Device.
  • Page 216 Chapter 19 Certificates Note: You must remove any spaces from the certificate’s filename before you can import Figure 104 Import Local Certificate The following table describes the labels in this screen. Table 80 Import Local Certificate LABEL DESCRIPTION Import from Click this check box to open a screen where you can save the certificate of a file certification authority that you trust, from your computer to the ZyXEL Device.

  • Page 217: Certificate Details

    Chapter 19 Certificates Table 80 Import Local Certificate (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. If you click Import from file in the Import Local Certificate screen, the following screen is displayed.
  • Page 218 Chapter 19 Certificates Figure 106 Certificate Details The following table describes the labels in this screen. Table 82 Certificate Details LABEL DESCRIPTION Name This field displays the identifying name of this certificate. If you want to change the name, type up to 63 characters to identify this certificate. You may use any character (not including spaces).

  • Page 219: The Trusted Ca Screen

    Chapter 19 Certificates Table 82 Certificate Details (continued) LABEL DESCRIPTION Private Key This read-only text box displays the private key in Privacy Enhanced Mail (PEM) format. PEM uses base 64 to convert the binary certificate into a printable form. You can copy and paste the private key into an e-mail to send to friends or colleagues or you can copy and paste the certificate into a text editor and save the file on a management computer for later distribution (via floppy disk for example).

  • Page 220: View Trusted Ca Certificate

    Chapter 19 Certificates Table 83 Security Settings > Certificates > Trusted CA (continued) LABEL DESCRIPTION Type This field displays general information about the certificate. ca means that a Certification Authority signed the certificate. Action Click the View icon to open a screen with an in-depth list of information about the certificate (or certification request).

  • Page 221: Import Trusted Ca Certificate

    Chapter 19 Certificates 19.4.2 Import Trusted CA Certificate Click the Import Certificate button in the Trusted CA screen to open the following screen. The ZyXEL Device trusts any valid certificate signed by any of the imported trusted CA certificates. Figure 109 Trusted CA: Import Certificate The following table describes the fields in this screen.
  • Page 222 Chapter 19 Certificates If you click Import from file in the Import Local Certificate screen, the following screen is displayed. Figure 110 Trusted CA: Import Certificate > Import from file The following table describes the labels in this screen. Table 86 Import Local Certificate LABEL DESCRIPTION Certificate...

  • Page 223: Service Control

    HAPTER Service Control 20.1 Overview This chapter provides information on the Service Control screens. Service Control allows you to manage your ZyXEL Device from a remote location through the following interfaces: • LAN • WAN Note: The ZyXEL Device is managed using the Web Configurator. 20.2 The Service Control Screen Use this screen to configure through which interface(s) users can use which service(s) to manage the ZyXEL Device.
  • Page 224 Chapter 20 Service Control The following table describes the fields in this screen. Table 87 Security Settings > Service Control LABEL DESCRIPTION General This is the index number of the entry. Services Name This is the service you may use to access the ZyXEL Device. Select the Enable check box for the corresponding services that you want to allow access to the ZyXEL Device from the LAN.

  • Page 225: Arp Table

    HAPTER ARP Table 21.1 Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long.
  • Page 226 Chapter 21 ARP Table The following table describes the labels in this screen. Table 88 System Monitor > ARP Table LABEL DESCRIPTION This is the ARP table entry number. IP Address This is the learned IP address of a device connected to a port. MAC Address This is the MAC address of the device with the listed IP address.

  • Page 227: Logs

    HAPTER Logs 22.1 Overview The web configurator allows you to choose which categories of events and/or alerts to have the ZyXEL Device log and then display the logs or have the ZyXEL Device send them to an administrator (as e-mail) or to a syslog server. 22.1.1 What You Can Do in this Chapter •...

  • Page 228: The System Log Screen

    Chapter 22 Logs Table 89 Syslog Severity Levels (continued) CODE SEVERITY Warning: There is a warning condition on the system. Notice: There is a normal but significant condition on the system. Informational: The syslog contains an informational message. Debug: The message is intended for debug-level purposes. 22.2 The System Log Screen Use the System Log screen to see the system logs for the categories that you select in Maintenance >...

  • Page 229: The Security Log Screen

    Chapter 22 Logs Table 90 System Monitor > Log > System Log (continued) LABEL DESCRIPTION This field is a sequential value and is not associated with a specific entry. Time This field displays the time the log was recorded. Facility The log facility allows you to send logs to different files in the syslog server.
  • Page 230 Chapter 22 Logs P-873HNUP-51B User’s Guide...

  • Page 231: Traffic Status

    HAPTER Traffic Status 23.1 Overview Use the Traffic Status screens to look at network traffic status and statistics of the WAN and LAN interfaces. 23.1.1 What You Can Do in this Chapter • Use the WAN screen to view the WAN traffic statistics (Section 23.2 on page 231).
  • Page 232 Chapter 23 Traffic Status The following table describes the fields in this screen. Table 92 System Monitor > Traffic Status > WAN LABEL DESCRIPTION Connected This shows the name of the WAN interface that is currently connected. Interface Packets Sent Data This indicates the number of transmitted packets on this interface.

  • Page 233: The Lan Status Screen

    Chapter 23 Traffic Status 23.3 The LAN Status Screen Click System Monitor > Traffic Status > LAN to open the following screen. Figure 116 System Monitor > Traffic Status > LAN The following table describes the fields in this screen. Table 93 System Monitor >...

  • Page 234: The Hpna Status Screen

    Chapter 23 Traffic Status 23.4 The HPNA Status Screen Click System Monitor > Traffic Status > HPNA to open the following screen. Figure 117 System Monitor > Traffic Status > HPNA The following table describes the fields in this screen. Table 94 System Monitor >...

  • Page 235: Igmp Status

    HAPTER IGMP Status 24.1 Overview Use the IGMP Status screens to look at IGMP group status and traffic statistics. 24.1.1 What You Can Do in this Chapter • Use the IGMP Group screen to look at the current list of multicast groups the ZyXEL Device has joined and which ports have joined each (Section 24.2 on page 235.

  • Page 236: Igmp Statistics Screen

    Chapter 24 24.3 IGMP Statistics Screen Use this screen to look at the current number of IGMP-related packets received for each IGMP multicast group and from each LAN host. To open this screen, click System Monitor > IGMP Group Status > IGMP Statistics. Figure 119 System Monitor >...

  • Page 237: Xdsl Statistics

    HAPTER xDSL Statistics 25.1 The xDSL Statistics Screen Use this screen to view detailed DSL statistics. Click System Monitor > xDSL Statistics to open the following screen. Figure 120 System Monitor > xDSL Statistics P-873HNUP-51B User’s Guide...
  • Page 238 Chapter 25 xDSL Statistics The following table describes the labels in this screen. Table 97 Status > xDSL Statistics LABEL DESCRIPTION Refresh Interval Select the time interval for refreshing statistics. Line Select which DSL line’s statistics you want to display. xDSL Training This displays the current state of setting up the DSL connection.
  • Page 239 Chapter 25 xDSL Statistics Table 97 Status > xDSL Statistics (continued) LABEL DESCRIPTION Attainable Net These are the highest theoretically possible transfer rates at which the port could Data Rate send and receive payload data without transport layer protocol headers and traffic.
  • Page 240 Chapter 25 xDSL Statistics P-873HNUP-51B User’s Guide...

  • Page 241: Users Configuration

    HAPTER Users Configuration 26.1 Overview In the Users Configuration screen, you can view, add, and configure user accounts of the ZyXEL Device. 26.2 The Users Configuration Screen Click Maintenance > Users Configuration to open the following screen. Figure 121 Maintenance > Users Configuration P-873HNUP-51B User’s Guide...

  • Page 242: Add/Edit A Users Account

    Chapter 26 Users Configuration The following table describes the labels in this screen. Table 98 Maintenance > Users Configuration LABEL DESCRIPTION Advanced Select Enable to turn on advanced account security to enforce tighter security for Account the ZyXEL Device’s user accounts. This includes: Security •...
  • Page 243 Chapter 26 Users Configuration The following table describes the labels in this screen. Table 99 Users Configuration: Add/Edit LABEL DESCRIPTION User Name This field is read-only if you are editing the user account. Enter a descriptive name for the user account. The user name can be up to 15 alphanumeric characters (0-9, A-Z, a-z, -, _ with no spaces).
  • Page 244 Chapter 26 Users Configuration P-873HNUP-51B User’s Guide...

  • Page 245: Remote Management

    HAPTER Remote Management 27.1 Overview This chapter explains how to configure the ZyXEL Device’s TR-069 and TR-064 auto-configuration settings. 27.1.1 What You Can Do in this Chapter • The TR-069 screen lets you configure the ZyXEL Device’s TR-069 auto-configuration settings (Section 27.2 on page 245).
  • Page 246 Chapter 27 Remote Management Click Maintenance > Remote MGMT > TR-069 Client to open the following screen. Use this screen to configure your ZyXEL Device to be managed by an ACS. Figure 123 Maintenance > Remote MGMT > TR-069 Client The following table describes the fields in this screen.

  • Page 247: The Tr-064 Screen

    Chapter 27 Remote Management Table 100 Maintenance > Remote MGMT > TR-069 Client (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 27.3 The TR-064 Screen TR-064 is a LAN-Side DSL CPE Configuration protocol defined by the DSL Forum. TR-064 is built on top of UPnP.
  • Page 248 Chapter 27 Remote Management Figure 125 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the ZyXEL Device). An agent translates the local management information from the managed device into a form compatible with SNMP.
  • Page 249 Chapter 27 Remote Management Click Maintenance > Remote MGMT > SNMP to open the following screen. Use this screen to configure the ZyXEL Device SNMP settings. Figure 126 Maintenance > Remote MGMT > SNMP The following table describes the fields in this screen. Table 102 Maintenance >...
  • Page 250 Chapter 27 Remote Management P-873HNUP-51B User’s Guide...

  • Page 251: Time Settings

    HAPTER Time Settings 28.1 Overview This chapter shows you how to configure system related settings, such as system time, password, name, the domain name and the inactivity timeout interval. 28.2 The Time Setting Screen To change your ZyXEL Device’s time and date, click Maintenance > Time Setting. The screen appears as shown.
  • Page 252 Chapter 28 Time Settings The following table describes the fields in this screen. Table 103 Maintenance > Time Setting LABEL DESCRIPTION Current Date/Time System Time This field displays the time and fate of your ZyXEL Device. Each time you reload this page, the ZyXEL Device synchronizes the time and date with the time server.

  • Page 253: Logs Setting

    HAPTER Logs Setting 29.1 Overview You can configure where the ZyXEL Device sends logs and which logs and/or immediate alerts the ZyXEL Device records in the Logs Setting screen. 29.2 The Logs Setting Screen To change your ZyXEL Device’s log settings, click Maintenance > Logs Setting. The screen appears as shown.
  • Page 254 Chapter 29 Logs Setting The following table describes the fields in this screen. Table 104 Maintenance > Logs Setting LABEL DESCRIPTION Syslog Logging The ZyXEL Device sends a log to an external syslog server. Active Select the Active check box to enable syslog logging. Mode Select the syslog destination from the drop-down list box.

  • Page 255: Example E-Mail Log

    Chapter 29 Logs Setting 29.2.1 Example E-mail Log An "End of Log" message displays for each mail in which a complete log has been sent. The following is an example of a log sent by e-mail. • You may edit the subject title. •...
  • Page 256 Chapter 29 Logs Setting P-873HNUP-51B User’s Guide...

  • Page 257: Firmware Upgrade

    HAPTER Firmware Upgrade 30.1 Overview This chapter explains how to upload new firmware to your ZyXEL Device. You can download new firmware releases from your nearest ZyXEL FTP site (or www.zyxel.com) to use to upgrade your device’s performance. Only use firmware for your device’s specific model. Refer to the label on the bottom of your ZyXEL Device.
  • Page 258 Chapter 30 Firmware Upgrade Table 105 Maintenance > Firmware Upgrade (continued) LABEL DESCRIPTION Browse... Click this to find the .bin file you want to upload. Remember that you must decompress compressed (.zip) files before you can upload them. Upload Click this to begin the upload process. This process may take up to two minutes. After you see the firmware updating screen, wait two minutes before logging into the ZyXEL Device again.

  • Page 259: Configuration

    HAPTER Configuration 31.1 Overview The Configuration screen allows you to backup and restore device configurations. You can also reset your device settings back to the factory default. 31.2 The Configuration Screen Click Maintenance > Configuration. Information related to factory defaults, backup configuration, and restoring configuration appears in this screen, as shown next.
  • Page 260 Chapter 31 Configuration Restore Configuration Restore Configuration allows you to upload a new or previously saved configuration file from your computer to your ZyXEL Device. Table 106 Restore Configuration LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ... to find it.

  • Page 261: The Reboot Screen

    Chapter 31 Configuration Reset to Factory Defaults Click the Reset button to clear all user-entered configuration information and return the ZyXEL Device to its factory defaults. The following warning screen appears. Figure 137 Reset Warning Message Figure 138 Reset In Process Message You can also press the RESET button on the rear panel to reset the factory defaults of your ZyXEL Device.

  • Page 262: Diagnostic

    HAPTER Diagnostic 32.1 Overview The Diagnostic screens display information to help you identify problems with the ZyXEL Device. The route between a CO VDSL switch and one of its CPE may go through switches owned by independent organizations. A connectivity fault point generally takes time to discover and impacts subscriber’s network access.

  • Page 263: Ping & Traceroute & Nslookup

    Chapter 32 Diagnostic 32.3 Ping & TraceRoute & NsLookup Use this screen to ping, traceroute, or nslookup an IP address. Click Maintenance > Diagnostic > Ping & TraceRoute & NsLookup to open the screen shown next. Figure 140 Maintenance > Diagnostic > Ping & TraceRoute & NsLookup The following table describes the fields in this screen.
  • Page 264 Chapter 32 Diagnostic 32.4 802.1ag Click Maintenance > Diagnostic > 8.2.1ag to open the following screen. Use this screen to perform CFM actions. Figure 141 802.1ag The following table describes the fields in this screen. Table 108 Maintenance > Diagnostic > 802.1ag LABEL DESCRIPTION 802.1ag Connectivity Fault Management...

  • Page 265: Oam Ping Test

    Chapter 32 Diagnostic 32.5 OAM Ping Test Click Maintenance > Diagnostic > OAM Ping Test to open the screen shown next. Use this screen to perform an OAM (Operation, Administration and Maintenance) F4 or F5 loopback test on a PVC. The ZyXEL Device sends an OAM F4 or F5 packet to the DSLAM or ATM switch and then returns it to the ZyXEL Device.
  • Page 266 Chapter 32 Diagnostic Note: This screen is available only when you configure an ATM layer-2 interface. Figure 143 Maintenance > Diagnostic > OAM Ping Test The following table describes the fields in this screen. Table 109 Maintenance > Diagnostic > OAM Ping Test LABEL DESCRIPTION Select a PVC on which you want to perform the loopback test.

  • Page 267: Troubleshooting

    HAPTER Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • ZyXEL Device Access and Login • Internet Access 33.1 Power, Hardware Connections, and LEDs The ZyXEL Device does not turn on.

  • Page 268: Zyxel Device Access And Login

    Chapter 33 Troubleshooting 33.2 ZyXEL Device Access and Login I forgot the IP address for the ZyXEL Device. The default LAN IP address is 192.168.1.1. If you changed the IP address and have forgotten it, you might get the IP address of the ZyXEL Device by looking up the IP address of the default gateway for your computer.

  • Page 269: Internet Access

    Chapter 33 Troubleshooting • Make sure you have logged out of any earlier management sessions using the same user account even if they were through a different interface or using a different browser. • Try to access the ZyXEL Device using another service, such as Telnet. If you can access the ZyXEL Device, check the remote management settings and firewall rules to find out why the ZyXEL Device does not respond to HTTP.
  • Page 270 Chapter 33 Troubleshooting Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide for hardware connections information and Section 1.5 on page 25 for LED behaviors. Make sure you entered your ISP account information correctly in the Network Settings > Broadband screen.

  • Page 271: Wireless Internet Access

    Chapter 33 Troubleshooting ADSL and VDSL connections cannot work at the same time. You can only use one type of DSL connection, either ADSL or VDSL connection at one time. I cannot access the Internet anymore. I had access to the Internet (with the ZyXEL Device), but my Internet connection is not available anymore.
  • Page 272 Chapter 33 Troubleshooting Wireless security is vital to your network. It protects communications between wireless stations, access points and the wired network. The available security modes in your ZyXEL device are as follows: • WPA2-PSK: (recommended) This uses a pre-shared key with the WPA2 standard. •...

  • Page 273: Product Specifications

    HAPTER Product Specifications The following tables summarize the ZyXEL Device’s hardware and firmware features. 34.1 Hardware Specifications Table 110 Hardware Specifications Dimensions 210 (L) x 154 (W) x 40 (H) mm (without external antenna) Weight 495g (without external antenna) Power Adaptor Output 12 V 1.5 A Power Adaptor Input 100-240V AC, 50/60Hz...

  • Page 274: Firmware Specifications

    Chapter 34 Product Specifications 34.2 Firmware Specifications Table 111 Firmware Specifications Default IP Address 192.168.1.1 Default Subnet Mask 255.255.255.0 (24 bits) Default User Name admin Default Password 1234 DHCP Server IP Pool 192.168.1.2 to 192.168.1.254 Static Routes Device Management Use the web configurator to easily configure the rich range of features on the ZyXEL Device.
  • Page 275 Chapter 34 Product Specifications Table 111 Firmware Specifications (continued) Remote Management This allows you to decide whether a service (HTTPS or FTP traffic for example) from a computer on a network (LAN or WAN for example) can access the ZyXEL Device. PPPoE Support PPPoE (Point-to-Point Protocol over Ethernet) emulates a dial-up (RFC2516)
  • Page 276 Chapter 34 Product Specifications Table 111 Firmware Specifications (continued) Other Protocol Support PPP (Point-to-Point Protocol) link layer protocol Transparent bridging for unsupported network layer protocols RIP I/RIP II ICMP ATM QoS IP Multicasting IGMP v2 and v3 IGMP Proxy Management Embedded Web Configurator Remote Firmware Upgrade Embedded FTP/TFTP Server for firmware upgrade and configuration file...
  • Page 277 Chapter 34 Product Specifications Table 112 Standards Supported (continued) STANDARD DESCRIPTION ITU G.992.2 (G. Lite) ITU standard for ADSL using discrete multitone modulation. ITU G.992.3 (G.dmt.bis) ITU standard (also referred to as ADSL2) that extends the capability of basic ADSL in data rates. ITU G.992.4 (G.lite.bis) ITU standard (also referred to as ADSL2) that extends the capability of basic ADSL in data rates.
  • Page 278 Chapter 34 Product Specifications P-873HNUP-51B User’s Guide...

  • Page 279: Appendix A Setting Up Your Computer's Ip Address

    PP EN D I X Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP/Vista, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your computer.
  • Page 280 Appendix A Setting up Your Computer’s IP Address Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: In the Network window, click Add. Select Adapter and then click Add.
  • Page 281 Appendix A Setting up Your Computer’s IP Address • If you have a static IP address, select Specify an IP address and type your information into the IP Address and Subnet Mask fields. Figure 145 Windows 95/98/Me: TCP/IP Properties: IP Address Click the DNS Configuration tab.
  • Page 282 Appendix A Setting up Your Computer’s IP Address Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add. Click OK to save and close the TCP/IP Properties window.
  • Page 283 Appendix A Setting up Your Computer’s IP Address In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 148 Windows XP: Control Panel Right-click Local Area Connection and then click Properties. Figure 149 Windows XP: Control Panel: Network Connections: Properties P-873HNUP-51B User’s Guide...
  • Page 284 Appendix A Setting up Your Computer’s IP Address Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 150 Windows XP: Local Area Connection Properties The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). •...
  • Page 285 Appendix A Setting up Your Computer’s IP Address • Click Advanced. Figure 151 Windows XP: Internet Protocol (TCP/IP) Properties If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: •...
  • Page 286 Appendix A Setting up Your Computer’s IP Address • Click OK when finished. Figure 152 Windows XP: Advanced TCP/IP Properties In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es).
  • Page 287 Appendix A Setting up Your Computer’s IP Address If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. Figure 153 Windows XP: Internet Protocol (TCP/IP) Properties Click OK to close the Internet Protocol (TCP/IP) Properties window. Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window.
  • Page 288 Appendix A Setting up Your Computer’s IP Address Click the Start icon, Control Panel. Figure 154 Windows Vista: Start Menu In the Control Panel, double-click Network and Internet. Figure 155 Windows Vista: Control Panel Click Network and Sharing Center. Figure 156 Windows Vista: Network And Internet P-873HNUP-51B User’s Guide...
  • Page 289 Appendix A Setting up Your Computer’s IP Address Click Manage network connections. Figure 157 Windows Vista: Network and Sharing Center Right-click Local Area Connection and then click Properties. Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue.
  • Page 290 Appendix A Setting up Your Computer’s IP Address Select Internet Protocol Version 4 (TCP/IPv4) and click Properties. Figure 159 Windows Vista: Local Area Connection Properties The Internet Protocol Version 4 (TCP/IPv4) Properties window opens (the General tab). • If you have a dynamic IP address click Obtain an IP address automatically. •...
  • Page 291 Appendix A Setting up Your Computer’s IP Address • Click Advanced. Figure 160 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: •...
  • Page 292 Appendix A Setting up Your Computer’s IP Address • Click OK when finished. Figure 161 Windows Vista: Advanced TCP/IP Properties In the Internet Protocol Version 4 (TCP/IPv4) Properties window, (the General tab): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es).
  • Page 293 Appendix A Setting up Your Computer’s IP Address If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. Figure 162 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 10 Click OK to close the Internet Protocol Version 4 (TCP/IPv4) Properties window. 11 Click Close to close the Local Area Connection Properties window.
  • Page 294 Appendix A Setting up Your Computer’s IP Address Macintosh OS 8/9 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel. Figure 163 Macintosh OS 8/9: Apple Menu P-873HNUP-51B User’s Guide...
  • Page 295 Appendix A Setting up Your Computer’s IP Address Select Ethernet built-in from the Connect via list. Figure 164 Macintosh OS 8/9: TCP/IP For dynamically assigned settings, select Using DHCP Server from the Configure: list. For statically assigned settings, do the following: •...
  • Page 296 Appendix A Setting up Your Computer’s IP Address • Select Built-in Ethernet from the Show list. • Click the TCP/IP tab. For dynamically assigned settings, select Using DHCP from the Configure list. Figure 166 Macintosh OS X: Network For statically assigned settings, do the following: •...
  • Page 297 Appendix A Setting up Your Computer’s IP Address Linux This section shows you how to configure your computer’s TCP/IP settings in Red Hat Linux 9.0. Procedure, screens and file location may vary depending on your Linux distribution and release version. Note: Make sure you are logged in as the root administrator.
  • Page 298 Appendix A Setting up Your Computer’s IP Address Double-click on the profile of the network card you wish to configure. The Ethernet Device General screen displays as shown. Figure 168 Red Hat 9.0: KDE: Ethernet Device: General • If you have a dynamic IP address, click Automatically obtain IP address settings with and select dhcp from the drop down list.
  • Page 299 Appendix A Setting up Your Computer’s IP Address Click the Activate button to apply the changes. The following screen displays. Click Yes to save the changes in all screens. Figure 170 Red Hat 9.0: KDE: Network Configuration: Activate After the network card restart process is complete, make sure the Status is Active in the Network Configuration screen.
  • Page 300 Appendix A Setting up Your Computer’s IP Address If you know your DNS server IP address(es), enter the DNS server information in the resolv.conf file in the /etc directory. The following figure shows an example where two DNS server IP addresses are specified.

  • Page 301: Appendix B Ip Addresses And Subnetting

    PP EN D I X IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network.
  • Page 302 Appendix B IP Addresses and Subnetting The following figure shows an example IP address in which the first three octets (192.168.1) are the network number, and the fourth octet (16) is the host ID. Figure 176 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask.
  • Page 303 Appendix B IP Addresses and Subnetting Subnet masks can be referred to by the size of the network number part (the bits with a “1” value). For example, an “8-bit mask” means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes.
  • Page 304 Appendix B IP Addresses and Subnetting The following table shows some possible subnet masks using both notations. Table 116 Alternative Subnet Mask Notation ALTERNATIVE LAST OCTET LAST OCTET SUBNET MASK NOTATION (BINARY) (DECIMAL) 255.255.255.0 0000 0000 255.255.255.128 1000 0000 255.255.255.192 1100 0000 255.255.255.224 1110 0000...
  • Page 305 Appendix B IP Addresses and Subnetting The following figure shows the company network after subnetting. There are now two sub- networks, A and B. Figure 178 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 2 –...
  • Page 306 Appendix B IP Addresses and Subnetting Table 117 Subnet 1 (continued) LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE Subnet Address: Lowest Host ID: 192.168.1.1 192.168.1.0 Broadcast Address: Highest Host ID: 192.168.1.62 192.168.1.63 Table 118 Subnet 2 LAST OCTET BIT IP/SUBNET MASK NETWORK NUMBER VALUE...
  • Page 307 Appendix B IP Addresses and Subnetting Table 121 Eight Subnets (continued) SUBNET LAST BROADCAST SUBNET FIRST ADDRESS ADDRESS ADDRESS ADDRESS Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 122 24-bit Network Number Subnet Planning NO.
  • Page 308 Appendix B IP Addresses and Subnetting Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established.

  • Page 309: Appendix C Pop-Up Windows, Javascript And Java Permissions

    PP EN D I X Pop-up Windows, JavaScript and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScript (enabled by default). • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here.
  • Page 310 Appendix C Pop-up Windows, JavaScript and Java Permissions Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 180 Internet Options: Privacy Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps.
  • Page 311 Appendix C Pop-up Windows, JavaScript and Java Permissions Select Settings…to open the Pop-up Blocker Settings screen. Figure 181 Internet Options: Privacy Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”.
  • Page 312 Appendix C Pop-up Windows, JavaScript and Java Permissions Click Add to move the IP address to the list of Allowed sites. Figure 182 Pop-up Blocker Settings Click Close to return to the Privacy screen. Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed.
  • Page 313 Appendix C Pop-up Windows, JavaScript and Java Permissions In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 183 Internet Options: Security Click the Custom Level... button. Scroll down to Scripting. Under Active scripting make sure that Enable is selected (the default). Under Scripting of Java applets make sure that Enable is selected (the default).
  • Page 314 Appendix C Pop-up Windows, JavaScript and Java Permissions Click OK to close the window. Figure 184 Security Settings - Java Scripting Java Permissions From Internet Explorer, click Tools, Internet Options and then the Security tab. Click the Custom Level... button. Scroll down to Microsoft VM.
  • Page 315 Appendix C Pop-up Windows, JavaScript and Java Permissions Click OK to close the window. Figure 185 Security Settings - Java JAVA (Sun) From Internet Explorer, click Tools, Internet Options and then the Advanced tab. Make sure that Use Java 2 for <applet> under Java (Sun) is selected. P-873HNUP-51B User’s Guide...
  • Page 316 Appendix C Pop-up Windows, JavaScript and Java Permissions Click OK to close the window. Figure 186 Java (Sun) Mozilla Firefox Mozilla Firefox 2.0 screens are used here. Screens for other versions may vary. You can enable Java, Javascript and pop-ups in one screen. Click Tools, then click Options in the screen that appears.
  • Page 317 Appendix C Pop-up Windows, JavaScript and Java Permissions Click Content.to show the screen below. Select the check boxes as shown in the following screen. Figure 188 Mozilla Firefox Content Security P-873HNUP-51B User’s Guide...
  • Page 318 Appendix C Pop-up Windows, JavaScript and Java Permissions P-873HNUP-51B User’s Guide...

  • Page 319: Appendix D Wireless Lans

    PP EN D I X Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless adapters (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an ad-hoc network or Independent Basic Service Set (IBSS).
  • Page 320 Appendix D Wireless LANs disabled, wireless client A and B can still access the wired network but cannot communicate with each other. Figure 190 Basic Service Set An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network.
  • Page 321 Appendix D Wireless LANs An ESSID (ESS IDentification) uniquely identifies each ESS. All access points and their associated wireless clients within the same ESS must have the same ESSID in order to communicate. Figure 191 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by wireless devices to transmit and receive data. Channels available depend on your geographical area.
  • Page 322 Appendix D Wireless LANs cannot "hear" each other, that is they do not know if the channel is currently being used. Therefore, they are considered hidden from each other. RTS/CTS Figure 192 When station A sends data to the AP, it might not know that the station B is already using the channel.
  • Page 323 Appendix D Wireless LANs If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. IEEE 802.11g Wireless LAN IEEE 802.11g is fully compatible with the IEEE 802.11b standard.
  • Page 324 Appendix D Wireless LANs IEEE 802.1x In June 2001, the IEEE 802.1x standard was designed to extend the features of IEEE 802.11 to support extended authentication as well as providing additional accounting and control features. It is supported by Windows XP and a number of network devices. Some advantages of IEEE 802.1x are: •...
  • Page 325 Appendix D Wireless LANs • Accounting-Request Sent by the access point requesting accounting. • Accounting-Response Sent by the RADIUS server to indicate that it has started or stopped accounting. In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password, they both know.
  • Page 326 Appendix D Wireless LANs EAP-TTLS (Tunneled Transport Layer Service) EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the server- side authentications to establish a secure connection. Client authentication is then done by sending username and password through the secure connection, thus client identity is protected. For client authentication, EAP-TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2.
  • Page 327 Appendix D Wireless LANs WPA and WPA2 Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. Key differences between WPA or WPA2 and WEP are improved data encryption and user authentication.
  • Page 328 Appendix D Wireless LANs password-guessing attacks but it’s still an improvement over WEP as it employs a consistent, single, alphanumeric password to derive a PMK which is used to generate unique temporal encryption keys. This prevent all wireless devices sharing the same encryption keys. (a weakness of WEP) User Authentication WPA and WPA2 apply IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate...
  • Page 329 Appendix D Wireless LANs The RADIUS server distributes the PMK to the AP. The AP then sets up a key hierarchy and management system, using the PMK to dynamically generate unique data encryption keys. The keys are used to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients.
  • Page 330 Appendix D Wireless LANs Security Parameters Summary Refer to this table to see what other security parameters you should configure for each authentication method or key management protocol type. MAC address filters are not dependent on how you configure these security features. Table 127 Wireless Security Relational Matrix AUTHENTICATION ENCRYPTIO...
  • Page 331 Appendix D Wireless LANs 2.5%. For an unobstructed outdoor site, each 1dB increase in gain results in a range increase of approximately 5%. Actual results may vary depending on the network environment. Antenna gain is sometimes specified in dBi, which is how much the antenna increases the signal power compared to using an isotropic antenna.
  • Page 332 Appendix D Wireless LANs P-873HNUP-51B User’s Guide...

  • Page 333: Appendix E Services

    PP EN D I X Services The following table lists some commonly-used services and their associated protocols and port numbers. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like. •...
  • Page 334 Appendix E Services Table 128 Examples of Services NAME PROTOCOL PORT(S) DESCRIPTION AH (IPSEC_TUNNEL) User-Defined The IPSEC AH (Authentication Header) tunneling protocol uses this service. 5190 AOL’s Internet Messenger service. AUTH Authentication protocol used by some servers. Border Gateway Protocol. BOOTP_CLIENT DHCP Client.
  • Page 335 Appendix E Services Table 128 Examples of Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION NEW-ICQ 5190 An Internet chat program. NEWS A protocol for news groups. 2049 Network File System - NFS is a client/ server distributed file service that provides transparent file sharing for network environments.
  • Page 336 Appendix E Services Table 128 Examples of Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION SQL-NET 1521 Structured Query Language is an interface to access data on many different types of database systems, including mainframes, midrange systems, UNIX systems and network servers. SSDP 1900 The Simple Service Discovery Protocol...

  • Page 337: Appendix F Open Software Announcements

    Open Software Announcements End-User License Agreement for “P-873HNUP-51B” WARNING: ZyXEL Communications Corp. IS WILLING TO LICENSE THE SOFTWARE TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS LICENSE AGREEMENT. PLEASE READ THE TERMS CAREFULLY BEFORE COMPLETING THE INSTALLATION PROCESS AS INSTALLING THE SOFTWARE WILL INDICATE YOUR ASSENT TO THEM.
  • Page 338 Appendix F Open Software Announcements The Software and Documentation contain material that is protected by international copyright law, trade secret law, international treaty provisions, and the applicable national laws of each respective country. All rights not granted to you herein are expressly reserved by ZyXEL. You may not remove any proprietary notice of ZyXEL or any of its licensors from any copy of the Software or Documentation.
  • Page 339 Appendix F Open Software Announcements THIRTY (30) DAYS FROM THE DATE OF PURCHASE OF THE SOFTWARE, AND NO WARRANTIES SHALL APPLY AFTER THAT PERIOD. 7.Limitation of Liability IN NO EVENT WILL ZyXEL BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING, WITHOUT LIMITATION, INDIRECT, SPECIAL, PUNITIVE, OR EXEMPLARY DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, BUSINESS INTERRUPTION, OR LOSS OF BUSINESS INFORMATION) ARISING OUT OF THE USE OF OR INABILITY TO USE THE...
  • Page 340 No part may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, except the express written permission of ZyXEL Communications Corporation. This Product includes MIPS Linux kernel , Bridge-Utils, BusyBox 1.0.0 toolset , Dproxy, ebtables, bftpd, iproute2, iptables, udhcp and zebra software under GPL 2.0 license.
  • Page 341 Appendix F Open Software Announcements applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Library General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price.
  • Page 342 Appendix F Open Software Announcements 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change.
  • Page 343 Appendix F Open Software Announcements operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code.
  • Page 344 Appendix F Open Software Announcements "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation.
  • Page 345 Appendix F Open Software Announcements The MIT License Copyright (c) <year> <copyright holders> Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:...
  • Page 346 Appendix F Open Software Announcements WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;...

  • Page 347: Appendix G Legal Information

    This publication is subject to change without notice. Trademarks ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
  • Page 348 Appendix G Legal Information If this device does cause harmful interference to radio/television reception, which can be determined by turning the device off and on, the user is encouraged to try to correct the interference by one or more of the following measures: Reorient or relocate the receiving antenna.
  • Page 349 Appendix G Legal Information Ce produit est conçu pour les bandes de fréquences 2,4 GHz et/ou 5 GHz conformément à la législation Européenne. En France métropolitaine, suivant les décisions n°03-908 et 03-909 de l’ARCEP, la puissance d’émission ne devra pas dépasser 10 mW (10 dB) dans le cadre d’une installation WiFi en extérieur pour les fréquences comprises entre 2454 MHz et 2483,5 MHz.
  • Page 350 Appendix G Legal Information P-873HNUP-51B User’s Guide...

  • Page 351: Index

    Index Index ACL rule 211, 325 Canonical Format Indicator See CFI activation firewalls CCMs SIP ALG certificate SSID details Address Resolution Protocol factory default ADSL Certificate Authority compliance See CA. alternative subnet mask notation certificates antenna authentication directional gain creating omni-directional importing public key...
  • Page 352 Index reset restoring static route 137, 177, 242 EAP Authentication Connectivity Check Messages, see CCMs ECHO copyright e-mail log example CoS technologies encapsulation creating certificates PPPoA PPPoE CTS (Clear to Send) encryption CTS threshold 105, 327 100, 103 Extended Service Set IDentification 90, 97 Extended Service Set, See ESS data fragment threshold...
  • Page 353 Index HTTP humidity client list DHCP 116, 132 116, 133 IP address 116, 117, 133 IANA MAC address Internet Assigned Numbers Authority status see IANA subnet mask 116, 117, 133 IBSS LAN VLAN IEEE 802.11g LAND attack IEEE 802.1Q LAN-Side DSL CPE Configuration IGMP limitations Access Control List...
  • Page 354 Index MTU (Multi-Tenant Unit) Pairwise Master Key (PMK) 327, 329 multicast passwords IGMP Multiple BSS, see MBSSID multiplexing Per-Hop Behavior, see PHB LLC-based VC-based PIN, WPS example Ping of Death Point-to-Point Tunneling Protocol POP3 159, 161, 169, 170, 308 port forwarding applications ports IP alias...
  • Page 355 Index activation SMTP SNMP RADIUS 172, 247, 248, 276 agents message types messages GetNext shared secret key Manager RADIUS server managers registration product related documentation Trap remote management versions TR-069 SNMP trap Remote Procedure Calls, see RPCs reset 26, 261 srTCM restart SSID...
  • Page 356 Index wireless LAN VBR-RT time VDSL Virtual Local Area Network See VLAN VLAN Introduction Tag Control Information See TCI number of possible VIDs Tag Protocol Identifier See TPID priority frame static temperature VLAN ID thresholds VLAN Identifier See VID data fragment 100, 103 VLAN tag RTS/CTS...
  • Page 357 Index channel limitations encryption example example fragmentation threshold push button 100, 103 27, 107 limitations MAC address filter 97, 104 MBSSID preamble 101, 103 RADIUS server RTS/CTS threshold 100, 103 security SSID activation status WPA-PSK 107, 109 example limitations push button 27, 107 wireless security Wireless tutorial...
  • Page 358 Index P-873HNUP-51B User’s Guide...
  • Page 359 Index P-873HNUP-51B User’s Guide...
  • Page 360 Index P-873HNUP-51B User’s Guide...

This manual is also suitable for:

P-873hnup-51b

Table of Contents