ZyXEL Communications P-663HN-51 Support Notes
  1. Manuals
  2. Brands
  3. ZyXEL Communications Manuals
  4. Gateway
  5. P-663HN-51
  6. Support notes
ZyXEL Communications P-663HN-51 Support Notes

ZyXEL Communications P-663HN-51 Support Notes

802.11n adsl2+ bonded 4-port gateway
Hide thumbs Also See for P-663HN-51:
Table of Contents

Advertisement

Quick Links

Download this manual See also: User Manual
P-663HN-51 Support Notes
P-663HN-51
802.11n ADSL2+ Bonded 4-Port Gateway
Support Notes
Version 3.70
Jul. 2009
1
All contents copyright © 2009 ZyXEL Communications Corporation.

Advertisement

Table of Contents
loading

Related Manuals for ZyXEL Communications P-663HN-51

Summary of Contents for ZyXEL Communications P-663HN-51

  • Page 1 P-663HN-51 Support Notes P-663HN-51 802.11n ADSL2+ Bonded 4-Port Gateway Support Notes Version 3.70 Jul. 2009 All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 2: Table Of Contents

    3. What’s the difference between ‘Common User Account’ and ‘Administrator Account’? ................9 4. How do I know the P-663HN-51's WAN IP address assigned by the ISP? ....................9 5. What is the micro filter or splitter used for? ........... 9 6.
  • Page 3 P-663HN-51 Support Notes 18. How do I setup my P-663HN-51 for routing IPSec packets over NAT? ....................13 ADSL FAQ ................14 1. How does ADSL compare to Cable modems? ........14 2. What is the expected throughput? ............15 3.
  • Page 4 8. What is Server Set ID (SSID)? ............32 9. What is an ESSID? ................32 Security FAQ ................33 1. How do I secure the data across the P-663HN-51 Access Point's radio link? ....................33 2. What is WEP? ..................33 3.

  • Page 5: Faq

    10. What is Wireless Sniffer? ..............34 Application Notes ..............36 General Application Notes ..............36 1. Internet Access Using P-663HN-51 under Bridge mode ..... 36 2. Internet Access Using P-663HN-51 under Routing mode ....41 3. Setup the P-663HN-51 as a DHCP Relay .......... 45 4.

  • Page 6: General Faq

    Note: It is protected by super password, ‘1234’ by factory default. 2. How do I update the firmware and configuration file? You can do this if you access the P-663HN-51 as Administrator. You can upload the firmware and configuration file to Prestige from Web Condigurator, or using FTP or TFTP client software.

  • Page 7: What Should I Do If I Forget The System Password

    In case you forget the system password, you can erase the current configuration and restore factory defaults this way: Use the RESET button on the rear panel of P-663HN-51 to reset the router. After the router is reset, the LAN IP address will be reset to '192.168.1.1', the common user password will be reset to 'user', the Administrator password will be reset to ‘1234’.

  • Page 8: What Is Nat Port Triggering

    LAN computer's IP address in the forwarding port with another LAN computer's IP address. 10. How many network users can the NAT support? P-663HN-51 do limit the number of the sessions. It can support 3960 sessions that you can use. Product FAQ 1.

  • Page 9: What Is The Default Password For Web Configurator

    Moreover, only with Administrator Password, you could manage the P-663HN-51 via FTP/TFTP or Telnet. 4. How do I know the P-663HN-51's WAN IP address assigned by the ISP? You can view Device Info>>WAN, IP address is shown in WAN Info>>IPv4 Address.

  • Page 10: The P-663Hn-51 Supports Five Types Of Network Protocol For Ip Over Ethernet As Wan Interface, What's The Difference Between Mer(Mac Encapsulation Routing) And Bridge

    Internet. To use the service, you must first apply an account from several free Web servers such as http://www.dyndns.org/. Without DDNS, we always tell the users to use the WAN IP of the P-663HN-51 to reach our internal server. It is inconvenient for the users if this IP is dynamic.

  • Page 11: When Do I Need Ddns Service

    IP address we can use the DDNS service. The DDNS server allows to alias a dynamic IP address to a static hostname. Whenever the ISP assigns you a new IP, the P-663HN-51 sends this IP to the DDNS server for its updates.

  • Page 12: Why Do We Perform Traffic Shaping In The P-663Hn-51

    All applications have their own natural bit rate. Large data transactions have a fluctuating natural bit rate. The P-663HN-51 is able to support variable traffic among different virtual connections. Certain traffic may be discarded if the virtual connection experiences congestion.

  • Page 13: What Is Ip Filtering

    Because the remote gateway checks this source port during connections, the port thus is not allowed to be changed. 18. How do I setup my P-663HN-51 for routing IPSec packets over NAT? For outgoing IPSec tunnels, no extra setting is required.

  • Page 14: Adsl Faq

    Web configurator. Thus NAT is able to forward the incoming packets to the requested service behind NAT and the outside users access the server using the P-663HN-51's WAN IP address. So, we have to configure the internal IPsec client as a default server (unspecified service port) when it acts a server gateway.

  • Page 15: What Is The Expected Throughput

    ADSL physical layer is up. 5. How does the P-663HN-51 work on a noisy ADSL? Depending on the line quality, the P-663HN-51 uses "Fall Back" and "Fall Forward" to automatically adjust the date rate. 6. Does the VC-based multiplexing perform better than the LLC-based...

  • Page 16: How Do I Know The Details Of My Adsl Line Statistics

    8. What are the signaling pins of the ADSL connector? The signaling pins on the P-663HN-51's ADSL connector are pin 2, pin 3, pin 4, and pin 5. DSL 1 is pin 3 and pin 4. DSL 2 is pin 2 and pin 5. The middle 4 pins for a RJ11 cable.

  • Page 17: How Do I Use Single Dsl Line

    P-663HN-51 Support Notes 9. How do I use single DSL line? If you want to use single line mode, you need to enable it in Web Configurator: Advanced Setup -> DSL: All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 18: Firewall Faq

    A proxy server is an application gateway or circuit-level gateway that runs on top of general operating system such as UNIX or Windows NT. It hides valuable data by requiring users to All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 19: Why Do You Need A Firewall When Your Router Has Packet Filtering And Nat Built-In

    6. What is Ping of Death attack? Ping of Death uses a 'PING' utility to create an IP packet that exceeds the maximum 65535 bytes of data allowed by the IP specification. The oversize All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 20: What Is Teardrop Attack

    ICMP traffic will not only clog up the 'intermediary' network, but will also congest the network of the spoofed source IP address, known as the 'victim' network. This flood of broadcast traffic consumes all available bandwidth, making communications impossible. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 21: What Is Ip Spoofing Attack

    IP Spoofing, a hacker must modify the packet headers so that it appears that the packets originate from a trusted host and should be allowed through the router or firewall. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 22: Configuration

    Configuration 1. How do I configure the firewall? You can use the Web Configurator to configure the firewall for P-663HN-51. By factory default, if you connect your PC to the LAN Interface of P-663HN-51, you can access Web Configurator via ‘http://192.168.1.1’.

  • Page 23: Why Can't I Configure My P-663Hn-51 Using Web Configurator/Telnet Over Wan

    P-663HN-51 Support Notes 3. Why can't I configure my P-663HN-51 using Web Configurator/Telnet over WAN? There are three reasons that WWW/Telnet from WAN is blocked. (1) When the firewall is turned on, all connections from WAN to LAN are blocked by the default ACL rule. To enable Telnet from WAN, you must turn on the service on WAN.

  • Page 24: Why Can't I Upload The Firmware And Configuration File Using Ftp Over Wan

    ACL rule. To enable FTP from WAN, you must turn the firewall off or create a firewall rule to allow FTP connection from WAN. The WAN-to-LAN ACL summary will look like as shown below. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 25: Log And Alert

    Log and Alert 1. When does the P-663HN-51 generate the firewall log? The P-663HN-51 generates the firewall log immediately when the packet matches a firewall rule. The log for Default Firewall Policy (LAN to WAN, WAN to LAN, WAN to WAN) is generated automatically with factory default setting, but you can change it in Web Configurator.

  • Page 26: What Does The Log Show To Us

    Maintenance -> System Log -> Configure System Log. 4. What is the difference between the log and alert? A log entry is just added to the log inside the P-663HN-51 and e-mailed together with all other log entries at the scheduled time as configured. An alert is e-mailed immediately after an attacked is detected.

  • Page 27: Wireless Faq

    Configurations are easily changed and range from peer-to-peer networks suitable for a small number of users to full infrastructure networks of thousands of users that enable roaming over a broad area. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 28: What Is The Disadvantage Of Wireless Lan

    Various spread spectrum radio communication applications use the 2.4 GHz band. This includes WLAN systems (not necessarily of the type IEEE 802.11b), cordless phones, wireless medical telemetry equipment and Bluetooth™ short-range wireless applications, which include connecting All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 29: Does The 802.11 Interfere With Bluetooth Device

    (1) Minimizing the number of walls and ceilings (2) Antenna is positioned for best reception (3) Keep WLAN products away from electrical devices, eg: microwaves, monitors, electric motors,…, etc. (4) Add additional APs if necessary. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 30: What's The Difference Between A Wlan And A Wwan

    Yes, it supports up to 32 MAC Address filtering. 17. Does P-663HN-51 support auto rate adaption? Yes, it means that the AP on P-663HN-51 will automatically decelerate when devices move beyond the optimal range, or other interference is present. If the device moves back within the range of a higher-speed transmission, the connection will automatically speed up again.

  • Page 31: Advanced Faq

    "logical channel". To an unsynchronised receiver an FHSS transmission appears to be short-duration impulse noise. 802.11 may use FHSS or DSSS. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 32: Do I Need The Same Kind Of Antenna On Both Sides Of A Link

    ESSID stands for Extended Service Set Identifier and identifies the wireless LAN. The ESSID of the mobile device must match the ESSID of the AP to communicate with the AP. The ESSID is a 32-character maximum string and is case-sensitive. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 33: Security Faq

    Security FAQ 1. How do I secure the data across the P-663HN-51 Access Point's radio link? To secure the date across the P-663HN-51 Access Point’s radio link, we could select any one of the security mode. 2. What is WEP? Wired Equivalent Privacy.

  • Page 34: What Is A Wep Key

    The insertion attacks are based on placing unauthorized devices on the wireless network without going through a security process and review. 10. What is Wireless Sniffer? An attacker can sniff and capture legitimate traffic. Many of the sniffer tools for All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 35 An intruder can masquerade as that user by using this captured information. An intruder who monitors the wireless network can apply this same attack principle on the wireless. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 36: Application Notes

    In this case, we use P-663HN-51 which works as an ADSL bridge modem to connect to the ISP. The ISP will generally give one Internet account and limit only one computer to access the Internet.
  • Page 37 P-663HN-51 Support Notes Setup your P-663HN-51 under bridge mode The following procedure shows you how to configure your P-663HN-51 as bridge mode. We will use Web Configurator to guide you through the related menu. 1. Retrieve Prestige Web Please enter the LAN IP address of the Prestige router in the URL location to retrieve the web screen from the Prestige.
  • Page 38 P-663HN-51 Support Notes 2. Login first The default password is '1234'. (1) Configure P-663HN-51 as bridge mode and configure Internet setup parameters in Web Configurator, Advanced Setup -> WAN All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 39 Type the SCR, which must be less than the PCR. SCR applies with the VBR traffic classes. Type a number of (ATM) cells per second. The SCR must be less than the PCR. All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 40 (like VoIP or video conferencing). Service Back Click this to return to the previous screen. Next Click this to go to the following screen. Then choose Connect Type as bridging like the picture below: All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 41: Internet Access Using P-663Hn-51 Under Routing Mode

    Ethernet cable. (2) TCP/IP configuration Since the P-663HN-51 is set to DHCP server as default, so you need only to configure the workstations as the DHCP clients in the networking settings. In this case, the IP address of the computer is assigned by the P-663HN-51. The P-663HN-51 can also provide the DNS to the clients via DHCP if it is available.
  • Page 42 P-663HN-51 Support Notes Set up your P-663HN-51 under routing mode The following procedure shows you how to configure your P-663HN-51 as Routing mode for routing traffic. We will use Web Configurator to guide you through the related menu. (1) Configure P-663HN-51 as routing mode and configure Internet setup parameters in Web Configurator, Advanced Setup >...
  • Page 43 If you configure static default gateway over this PVC in MER mode, you must enter the IP address of the remote gateway in the "Use IP address". The "Use WAN interface" is optional. All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 44 P-663HN-51 Support Notes (3) Configure the following page: All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 45: Setup The P-663Hn-51 As A Dhcp Relay

     What is DHCP Relay? DHCP stands for Dynamic Host Configuration Protocol. In addition to the DHCP server feature, the P-663HN-51 supports the DHCP relay function. When it is configured as DHCP server, it assigns the IP addresses to the LAN clients.

  • Page 46: Using The Dynamic Dns (Ddns)

    This solves the problems if your DNS server uses an IP associated with dynamic IPs. Without DDNS, we always tell the users to use the WAN IP of the P-663HN-51 to access the internal server. It is inconvenient for the users if this IP is...
  • Page 47 The outside users can always access the web server using the www.zyxel.com.tw regardless of the WAN IP of the P-663HN-51. When the ISP assigns the P-663HN-51 a new IP, the P-663HN-51 must inform the DDNS server the change of this IP so that the server can update its IP-to-DNS entry.

  • Page 48: Using Syslog

    ZyXEL Device logs all events with that severity level or higher. Display Level Select the lowest level of events that you want the ZyXEL Device to display. The ZyXEL Device displays events with that severity level or higher. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 49: Using Ip Alias

    In a typical environment, a LAN router is required to connect two local networks. The P-663HN-51 can connect three local networks to the ISP or a remote node, we call this function as 'IP Alias'. In this case, an internal router is not required.

  • Page 50: Using Static Route

    P-663HN-51 Support Notes There are two internal virtual LAN interfaces for the P-663HN-51 to route the packets from/to the two networks correctly. 7. Using Static Route  What is Static Route? Traditionally, static route is a data communication concept describing one way of configuring path selection of routers in computer networks.

  • Page 51: Rip

    Both RIP-2B and RIP-2M send routing data in RIP-2 format; the difference being that RIP-2B uses subnet broadcasting while RIP-2M uses multicasting. Multicasting can reduce the load on non-router machines since they generally do not listen to the RIP multicast address All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 52 When set to Passive, the ZyXEL Device uses the RIP information that it receives, but does not broadcast its routing table. Enabled Select or clear this field to turn RIP on or off for the interface. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 53: Using Igmp Multicast

    A Certification Authority (CA) issues certificates and guarantees the identity of each certificate owner. There are commercial certification authorities like CyberTrust or VeriSign and government certification authorities. You can use the ZyXEL Device to generate certification requests that contain identifying All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 54: Interface Group

    At last, Save/Apply is needed. 12. Change WAN MTU via WEB-GUI. You can change WAN MTU by: Advanced Setup -> WAN, the default value is 1500. All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 55 P-663HN-51 Support Notes All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 56: Wireless Application Notes

    Step 1: Double click on the utility icon in your windows task bar the utility will pop up on your windows screen. Step 2: Select configuration tab. All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 57 Step 4: Since there is no DHCP server to give the host IP you must first designate a static IP for your station. From Windows Start select Control Panel >Network Connection>Wireless Network Connection. All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 58 P-663HN-51 Support Notes Step 5: From general tab select TCP/IP and click property Step 6: Fill in your network IP address and subnet mask and click OK to finish. All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 59 Step 4: Since there is no DHCP server to give the host IP you must first designate a static IP for your station. From Windows Start select Control Panel >Network Connection>Wireless Network Connection. All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 60 Step 5: From general tab select TCP/IP and click property Step 6: Fill in your network IP address and subnet mask and click OK to finish. Step 7: Station A now are able to connect to Station B. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 61: Mac Filter

    Before you configure the MAC filter, you need to know the MAC address of the client first. If not knowing what your MAC address is, please enter a command "ipconfig /all" after DOS prompt to get the MAC (physical) address of your wireless client. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 62: Ieee 802.11N

    802.11n which can simultaneously use two separate non-overlapping channels to transmit data. Channel bonding increases the amount of data that can be transmitted. 40 MHz mode of operation uses 2 All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 63: Site Survey

    AP required. 4. Determine the preliminary access point location on the facility diagram base on the service area needed, obstacles, power wall jack considerations. All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 64 Record down the changes at point where transfer rate drop and the link quality and signal strength information on the diagram as you go alone. All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 65 Step 8: Repeat step 1~6 of survey on site as necessary, upon completion you will have an diagram and information of site survey. As illustrated below. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 66: Configure 802.1X And Wpa

    WAP applies IEEE 802.1x Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database. You can not use the P-663HN-51's local user database for WPA authentication purpose since the local user database uses MD5 EAP which can not to generate keys.
  • Page 67 Authentication can be done using local user database internal to the P-663HN-51 or an external RADIUS server for an unlimited number of users. Step 1: To change your P-663HN-51's authentication settings, login Web Configurator, Advanced Setup ->...
  • Page 68 Step 1: Double click on your wireless utility icon in your windows task bar, the utility will pop up on your windows screen. Step 2: Select the configuration tab, type in the SSID (Service Set Identifier), select the operating Mode as Infrastructure, and select proper channel. All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 69 P-663HN-51 Support Notes Step 3: Click Set Security to configure the security parameters: Step 4: Click OK for finish, and begin to Site survey. Connect to the AP as you have configured. All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 70 P-663HN-51 Support Notes Step 5: Click Link Info tab, if the PC associated and authenticated with AP successfully, we will see the following information. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 71: The Wps/Wlan Button

    The WPS/WLAN LED should change from on to off or vice versa. 2. Activate WPS (1) Make sure the POWER LED is on (not blinking). (2) Press the WPS WLAN ON/OFF button for 5 to 10 seconds and release it. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 72: What's The Difference Between Ieee802.11A/B/G/N

    The IEEE 802.11 is a wireless LAN industry standard, and the objective of IEEE 802.11 is to make sure that different manufactures' wireless LAN devices can communicate to each other. Below is a brief comparison for the IEEE802.11 a/b/g/n: All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 73: Support Tool

    Offline Trace--capture the trace first and display later The details for capturing the trace in CLI as follows: First of all, you need to telnet to the P-663HN-51 firstly. The password is Administrator passwords, ‘admin’ by default.  Online Trace (1) Trace LAN packet ...
  • Page 74 & sys trcl sw on  Display the brief trace online by entering: sys trcd brief  Display the detailed trace online by entering: sys trcd parse Example: All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 75: Offline Trace

     Disable the trace log by entering: sys trcp sw off & sys trcl sw off  Display the trace briefly by entering: sys trcp brief  Display specific packets by using: sys trcp parse <from_index> <to_index> All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 76 P-663HN-51 Support Notes  Capture the detailed logs by Hyper Terminal Step 1: Initiate a hyper terminal connection from your PC(suppose you connected to the LAN port of P-663HN-51) Step 2: Click the ‘properties’ to configure parameters to telnet to the P-663HN-51.
  • Page 77 P-663HN-51 Support Notes All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 78: Firmware/Configurations Uploading And Downloading Using Tftp

    Step 5:To upload the firmware, please save the remote file as 'ras' to Prestige. After the transfer is complete, the Prestige will program the upgraded firmware into FLASH ROM and reboot itself. An example: All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 79 Step 2: Type the command 'sys stdio 0' to disable console idle timeout in Command Line Interface (CLI). Step 3: Run the TFTP client software Step 4: To download the P-663HN-51 configuration, please get the remote file 'rom-0' from the Prestige. Step 5: To upload the P-663HN-51 configuration, please save the remote file as 'rom-0' in the Prestige.
  • Page 80 Step 2: Type the CI command 'sys stdio 0' to disable console idle timeout in Command Line Interface (CLI). Step 3: Download ZyNOS via LAN : c:\tftp -i [PrestigeIP] get ras [localfile] Step 4: Upload P-663HN-51 configurations via LAN: c:\tftp -i [PrestigeIP] put [localfile] rom-0 Step 5: Download P-663HN-51 configurations via LAN:...

  • Page 81: Using Ftp To Upload The Firmware And Configuration Files

    Enter the CLI password as the FTP login password, the default is Step 3 'admin'. Step 4 Enter command 'bin' to set the transfer type to binary. Step 5 Use 'put' command to transfer the file to the Prestige. Example: All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 82 Step 2: Press 'OK' to ignore the 'Username' prompt. Step 3: To upload the firmware file, we transfer the local 'ras' file to overwrite the remote 'ras' file. To upload the configuration file, we transfer the local 'rom-0' to overwrite All contents copyright © 2009 ZyXEL Communications Corporation.
  • Page 83 P-663HN-51 Support Notes the remote 'rom-0' file. Step 4: The Prestige reboots automatically after the uploading is finished. Please do not power off the router at this moment. All contents copyright © 2009 ZyXEL Communications Corporation.

  • Page 84: Command Syntax And General User Interface

    The latest CI Command list is available in release note of every ZyXEL firmware release. Please goto ZyXEL public WEB site http://www.zyxel.com/web/support_download.php to download firmware package (*.zip), you should unzip the package to get the release note in PDF format. All contents copyright © 2009 ZyXEL Communications Corporation.

Table of Contents