3. What’s the difference between ‘Common User Account’ and ‘Administrator Account’? ................9 4. How do I know the P-663HN-51's WAN IP address assigned by the ISP? ....................9 5. What is the micro filter or splitter used for? ........... 9 6.
Page 3
P-663HN-51 Support Notes 18. How do I setup my P-663HN-51 for routing IPSec packets over NAT? ....................13 ADSL FAQ ................14 1. How does ADSL compare to Cable modems? ........14 2. What is the expected throughput? ............15 3.
Page 4
8. What is Server Set ID (SSID)? ............32 9. What is an ESSID? ................32 Security FAQ ................33 1. How do I secure the data across the P-663HN-51 Access Point's radio link? ....................33 2. What is WEP? ..................33 3.
10. What is Wireless Sniffer? ..............34 Application Notes ..............36 General Application Notes ..............36 1. Internet Access Using P-663HN-51 under Bridge mode ..... 36 2. Internet Access Using P-663HN-51 under Routing mode ....41 3. Setup the P-663HN-51 as a DHCP Relay .......... 45 4.
Note: It is protected by super password, ‘1234’ by factory default. 2. How do I update the firmware and configuration file? You can do this if you access the P-663HN-51 as Administrator. You can upload the firmware and configuration file to Prestige from Web Condigurator, or using FTP or TFTP client software.
In case you forget the system password, you can erase the current configuration and restore factory defaults this way: Use the RESET button on the rear panel of P-663HN-51 to reset the router. After the router is reset, the LAN IP address will be reset to '192.168.1.1', the common user password will be reset to 'user', the Administrator password will be reset to ‘1234’.
LAN computer's IP address in the forwarding port with another LAN computer's IP address. 10. How many network users can the NAT support? P-663HN-51 do limit the number of the sessions. It can support 3960 sessions that you can use. Product FAQ 1.
Moreover, only with Administrator Password, you could manage the P-663HN-51 via FTP/TFTP or Telnet. 4. How do I know the P-663HN-51's WAN IP address assigned by the ISP? You can view Device Info>>WAN, IP address is shown in WAN Info>>IPv4 Address.
Internet. To use the service, you must first apply an account from several free Web servers such as http://www.dyndns.org/. Without DDNS, we always tell the users to use the WAN IP of the P-663HN-51 to reach our internal server. It is inconvenient for the users if this IP is dynamic.
IP address we can use the DDNS service. The DDNS server allows to alias a dynamic IP address to a static hostname. Whenever the ISP assigns you a new IP, the P-663HN-51 sends this IP to the DDNS server for its updates.
All applications have their own natural bit rate. Large data transactions have a fluctuating natural bit rate. The P-663HN-51 is able to support variable traffic among different virtual connections. Certain traffic may be discarded if the virtual connection experiences congestion.
Because the remote gateway checks this source port during connections, the port thus is not allowed to be changed. 18. How do I setup my P-663HN-51 for routing IPSec packets over NAT? For outgoing IPSec tunnels, no extra setting is required.
Web configurator. Thus NAT is able to forward the incoming packets to the requested service behind NAT and the outside users access the server using the P-663HN-51's WAN IP address. So, we have to configure the internal IPsec client as a default server (unspecified service port) when it acts a server gateway.
ADSL physical layer is up. 5. How does the P-663HN-51 work on a noisy ADSL? Depending on the line quality, the P-663HN-51 uses "Fall Back" and "Fall Forward" to automatically adjust the date rate. 6. Does the VC-based multiplexing perform better than the LLC-based...
8. What are the signaling pins of the ADSL connector? The signaling pins on the P-663HN-51's ADSL connector are pin 2, pin 3, pin 4, and pin 5. DSL 1 is pin 3 and pin 4. DSL 2 is pin 2 and pin 5. The middle 4 pins for a RJ11 cable.
Configuration 1. How do I configure the firewall? You can use the Web Configurator to configure the firewall for P-663HN-51. By factory default, if you connect your PC to the LAN Interface of P-663HN-51, you can access Web Configurator via ‘http://192.168.1.1’.
P-663HN-51 Support Notes 3. Why can't I configure my P-663HN-51 using Web Configurator/Telnet over WAN? There are three reasons that WWW/Telnet from WAN is blocked. (1) When the firewall is turned on, all connections from WAN to LAN are blocked by the default ACL rule. To enable Telnet from WAN, you must turn on the service on WAN.
Log and Alert 1. When does the P-663HN-51 generate the firewall log? The P-663HN-51 generates the firewall log immediately when the packet matches a firewall rule. The log for Default Firewall Policy (LAN to WAN, WAN to LAN, WAN to WAN) is generated automatically with factory default setting, but you can change it in Web Configurator.
Maintenance -> System Log -> Configure System Log. 4. What is the difference between the log and alert? A log entry is just added to the log inside the P-663HN-51 and e-mailed together with all other log entries at the scheduled time as configured. An alert is e-mailed immediately after an attacked is detected.
Yes, it supports up to 32 MAC Address filtering. 17. Does P-663HN-51 support auto rate adaption? Yes, it means that the AP on P-663HN-51 will automatically decelerate when devices move beyond the optimal range, or other interference is present. If the device moves back within the range of a higher-speed transmission, the connection will automatically speed up again.
Security FAQ 1. How do I secure the data across the P-663HN-51 Access Point's radio link? To secure the date across the P-663HN-51 Access Point’s radio link, we could select any one of the security mode. 2. What is WEP? Wired Equivalent Privacy.
In this case, we use P-663HN-51 which works as an ADSL bridge modem to connect to the ISP. The ISP will generally give one Internet account and limit only one computer to access the Internet.
Page 37
P-663HN-51 Support Notes Setup your P-663HN-51 under bridge mode The following procedure shows you how to configure your P-663HN-51 as bridge mode. We will use Web Configurator to guide you through the related menu. 1. Retrieve Prestige Web Please enter the LAN IP address of the Prestige router in the URL location to retrieve the web screen from the Prestige.
Ethernet cable. (2) TCP/IP configuration Since the P-663HN-51 is set to DHCP server as default, so you need only to configure the workstations as the DHCP clients in the networking settings. In this case, the IP address of the computer is assigned by the P-663HN-51. The P-663HN-51 can also provide the DNS to the clients via DHCP if it is available.
Page 42
P-663HN-51 Support Notes Set up your P-663HN-51 under routing mode The following procedure shows you how to configure your P-663HN-51 as Routing mode for routing traffic. We will use Web Configurator to guide you through the related menu. (1) Configure P-663HN-51 as routing mode and configure Internet setup parameters in Web Configurator, Advanced Setup >...
What is DHCP Relay? DHCP stands for Dynamic Host Configuration Protocol. In addition to the DHCP server feature, the P-663HN-51 supports the DHCP relay function. When it is configured as DHCP server, it assigns the IP addresses to the LAN clients.
This solves the problems if your DNS server uses an IP associated with dynamic IPs. Without DDNS, we always tell the users to use the WAN IP of the P-663HN-51 to access the internal server. It is inconvenient for the users if this IP is...
Page 47
The outside users can always access the web server using the www.zyxel.com.tw regardless of the WAN IP of the P-663HN-51. When the ISP assigns the P-663HN-51 a new IP, the P-663HN-51 must inform the DDNS server the change of this IP so that the server can update its IP-to-DNS entry.
In a typical environment, a LAN router is required to connect two local networks. The P-663HN-51 can connect three local networks to the ISP or a remote node, we call this function as 'IP Alias'. In this case, an internal router is not required.
P-663HN-51 Support Notes There are two internal virtual LAN interfaces for the P-663HN-51 to route the packets from/to the two networks correctly. 7. Using Static Route What is Static Route? Traditionally, static route is a data communication concept describing one way of configuring path selection of routers in computer networks.
WAP applies IEEE 802.1x Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database. You can not use the P-663HN-51's local user database for WPA authentication purpose since the local user database uses MD5 EAP which can not to generate keys.
Page 67
Authentication can be done using local user database internal to the P-663HN-51 or an external RADIUS server for an unlimited number of users. Step 1: To change your P-663HN-51's authentication settings, login Web Configurator, Advanced Setup ->...
Offline Trace--capture the trace first and display later The details for capturing the trace in CLI as follows: First of all, you need to telnet to the P-663HN-51 firstly. The password is Administrator passwords, ‘admin’ by default. Online Trace (1) Trace LAN packet ...
Page 76
P-663HN-51 Support Notes Capture the detailed logs by Hyper Terminal Step 1: Initiate a hyper terminal connection from your PC(suppose you connected to the LAN port of P-663HN-51) Step 2: Click the ‘properties’ to configure parameters to telnet to the P-663HN-51.
Page 79
Step 2: Type the command 'sys stdio 0' to disable console idle timeout in Command Line Interface (CLI). Step 3: Run the TFTP client software Step 4: To download the P-663HN-51 configuration, please get the remote file 'rom-0' from the Prestige. Step 5: To upload the P-663HN-51 configuration, please save the remote file as 'rom-0' in the Prestige.
Page 80
Step 2: Type the CI command 'sys stdio 0' to disable console idle timeout in Command Line Interface (CLI). Step 3: Download ZyNOS via LAN : c:\tftp -i [PrestigeIP] get ras [localfile] Step 4: Upload P-663HN-51 configurations via LAN: c:\tftp -i [PrestigeIP] put [localfile] rom-0 Step 5: Download P-663HN-51 configurations via LAN:...