Manuel d'utilisation / d'entretien du produit P-660HW-D Series du fabricant ZyXEL Communications
Aller à la page of 339
P-660HW -D Series 802.1 1g Wireless ADSL 2+ 4-port Gateway User ’ s Guide V ersion 3.4 0 Edition 1 3/2006.
.
P-660HW-D Se ries User’s Guide Copyright 2 Copyright Copyright © 2006 by ZyXEL Communications Corpo ration. The contents of this publication may not be reprod uced in any part or as a wh ole, trans.
P-660HW-D Series User’s Guide 3 Federal Communications Commission (FCC) Interference Statement Federal Communications Commission (FCC) Interference S t atement This device complies with Part 15 of FCC rul es. Operation is subject to the following two conditions: • This device may not cause harmful interference.
P-660HW-D Se ries User’s Guide Federal Com munications Co mmission (F CC) Interfer ence Statem ent 4 This transmitter must not be co-located or op erating in conj unction with any other an tenna or transmitter . ZyXEL Communications Corporation declared that ZyXEL device is limited in CH1~1 1 from 2400 to 2483.
P-660HW-D Series User’s Guide 5 Safety Warnings Safety W arnings For your safety , be sure to read and fo llow all warning notices and instructions. • T o reduce the risk of fire, use only No. 26 A WG (American W ire Gauge) or larger telecommunication line cord.
P-660HW-D Se ries User’s Guide ZyXEL Limited Warranty 6 ZyXEL Limited W arranty ZyXEL warrants to the original en d user (purchaser) that this product is free from any defects in materials or workmansh ip for a period of up to two ye ars from the date of purchase.
P-660HW-D Series User’s Guide 7 Customer Suppo rt Customer Support Please have the following information r eady when you contact customer support. • Product model and serial number . • W arranty Information. • Date that you received your de vice.
P-660HW-D Se ries User’s Guide Customer Support 8 POLAND info@pl.zyxel.com +48-22-5286603 www .pl.zyxel.com ZyXEL Communications ul.Emilli Plater 53 00-1 13 W arszawa Poland +48-22-5206701 RUSSIA http://zyxel.ru/support +7-095-542- 89-29 www .zyxel.
P-660HW-D Series User’s Guide 9 Customer Suppo rt.
P-660HW-D Se ries User’s Guide Table of Contents 10 T able of Content s Copyright .................................................. .......................................... ...................... 2 Federal Communications Commissi on (FCC) Interference S t atement .
P-660HW-D Series User’s Guide 11 Table of Contents 2.4.6 S tatus: Packet S tatistics ............. ............. ................ ............. ................ ..... 50 2.4.7 Changing Login Password ........... .......... ................ .........
P-660HW-D Se ries User’s Guide Table of Contents 12 5.3.1 A TM Traf f ic Classes ................... ................ ............. ................ ................ ..79 5.3.1.1 Constant Bit Rate (CBR) ........ ................ ................ ...
P-660HW-D Series User’s Guide 13 Table of Contents 7.3 Wireless Performance Overview ............... ................ ................ ............. .......... 109 7.3.1 Quality of Service (QoS) ..... ................ ................ ..............
P-660HW-D Se ries User’s Guide Table of Contents 14 Chapter 9 Firewalls ......................................... ..................................................... .................. 142 9.1 Firewall Overview ..................... ..............
P-660HW-D Series User’s Guide 15 Table of Contents 10.4.2 Alerts ....... ............. ................ ................. ............ ................. ................ ...157 10.5 General Firewall Policy .............. ................. ..........
P-660HW-D Se ries User’s Guide Table of Contents 16 13.6.3 Bandwidth Management Priorities ................. ............. ................ .......... 188 13.7 Over Allotment of Bandw idth ......... ................. ................ ...............
P-660HW-D Series User’s Guide 17 Table of Contents 16.4.2 Web Configurator Easy Access .................. ................ ................ .......... 218 Chapter 17 System ........................................... ................................
P-660HW-D Se ries User’s Guide Table of Contents 18 Introduction to DSL .......................... ................ ............. ................ ................ ......... 250 ADSL Overview ............. ................ ................ .........
P-660HW-D Series User’s Guide 19 Table of Contents PPPoE .................................. .......................................... ....................................... 288 PPPoE in Action ............ .........................................
P-660HW-D Se ries User’s Guide List of Figure s 20 List of Figures Figure 1 Protected Internet A ccess Applications ... ................ ................ ............. ................ 36 Figure 2 LAN-to-LAN Applicat ion Example ........ ...........
P-660HW-D Series User’s Guide 21 List of Figures Figure 39 Internet Connecti on (PP PoE) .... ............. ................ ................ ................ ............. 80 Figure 40 Advanced Internet Connection Setu p ....... ............. .....
P-660HW-D Se ries User’s Guide List of Figure s 22 Figure 82 SYN Flood .......... ............. ................ ................ ............. ................ ................ ....... 146 Figure 83 Smurf Attack ...................... .............
P-660HW-D Series User’s Guide 23 List of Figures Figure 125 Internet Connection Properties: Adva nced Settings .. ................ ............. .......... 217 Figure 126 Internet Connection Properties: Adva nced Settings: Add . ................ ...
P-660HW-D Se ries User’s Guide List of Figure s 24 Figure 168 Red Hat 9.0: S tatic IP Address Settin g in ifconfig-eth0 .................. ................ 268 Figure 169 Red Hat 9.0: DNS Setti ngs in resolv .conf ...................... ............
P-660HW-D Series User’s Guide 25 List of Figures.
P-660HW-D Se ries User’s Guide List of Tables 26 List of T ables T able 1 ADSL St andards ................... ................ ............. ................ ................. ................ ... 32 T able 2 Front Panel LEDs .... ................ .
P-660HW-D Series User’s Guide 27 List of Tables T able 39 MAC Address Filter ...................... ................ ................ ............. ................ .......... 123 T able 40 WMM QoS Priorities ..... ................ ................ .
P-660HW-D Se ries User’s Guide List of Tables 28 T able 82 Remote Management: FTP ............. ... ....... ................ ............. ................ ............. 204 T able 83 SNMP Trap s . ............. ................ ................ ...
P-660HW-D Series User’s Guide 29 List of Tables T able 125 PPP Logs ....... ................ ................ ............. ................ ................ ................ ....... 297 T able 126 UPnP Logs .... ............. ................ .....
P-660HW-D Se ries User’s Guide Preface 30 Preface Congratulations on your p urchase of the P-660HW -D series 802.1 1g W ireless ADSL 2+ 4- port Gateway .
P-660HW-D Series User’s Guide 31 Preface User Guide Feedback Help us help you. E-mail all User Guide-related comments, questions or suggestions for improvement to techwriters@zyxel.com.tw or send regular mail to The T echnical W riting T eam, ZyXEL Communications Corp.
P-660HW-D Se ries User’s Guide Chapter 1 Getting To Kn ow Your P-660HW- D 32 C HAPTER 1 Getting T o Know Y our P-660HW - D This chapter describes the key features and applications of your ZyXEL device .
P-660HW-D Series User’s Guide 33 Chapter 1 Getting To Know Your P-66 0HW-D 1.2 Features High Speed Internet Access Y our ZyXEL device can support downstream tran smission rates of up to 24Mb ps and upstream transmission rates of 3.
P-660HW-D Se ries User’s Guide Chapter 1 Getting To Kn ow Your P-660HW- D 34 Universal Plug and Play (UPnP) Using the standard TCP/IP protocol, the ZyXEL device and other UPnP enabled d evices can dynamically join a network, obtain an IP addr ess and convey its capab ilities to other devices on the network.
P-660HW-D Series User’s Guide 35 Chapter 1 Getting To Know Your P-66 0HW-D Housing Y our ZyXEL device's compact and ventilated housing minimizes space requirements making it easy to position anywhere in your busy of fice. 4-port Switch A combination of switch an d router makes your ZyXEL device a cost-effective and viable network solution.
P-660HW-D Se ries User’s Guide Chapter 1 Getting To Kn ow Your P-660HW- D 36 Output Power Management Output power management is the ability to set the level of output power . There may be interference or dif ficulty with ch annel assignment when there is a high density of APs within a coverage area.
P-660HW-D Series User’s Guide 37 Chapter 1 Getting To Know Your P-66 0HW-D Figure 2 LAN-to-LAN Applic ation Example 1.4 Front Panel LEDs The following figure shows the front panel LEDs.
P-660HW-D Se ries User’s Guide Chapter 1 Getting To Kn ow Your P-660HW- D 38 1.5 Hardware Connection Refer to the Quick S tart Guide for in formation on hard ware connection. DSL Green On The DSL lin e is up. Blinking The ZyXEL device is initializing the DSL li ne.
P-660HW-D Series User’s Guide 39 Chapter 1 Getting To Know Your P-66 0HW-D.
P-660HW-D Se ries User’s Guide Chapter 2 Introducing the Web Configur ator 40 C HAPTER 2 Introducing the W eb Configurator This chapter describes how to access and navigate the web configurator .
P-660HW-D Series User’s Guide 41 Chapter 2 Introducing the Web Configurator status only . Click Login to proceed to a screen asking you to change your password or click Cancel to revert to the default password. Figure 4 Password Screen 6 If you entered the user password, skip the next two steps and refer to Section 2.
P-660HW-D Se ries User’s Guide Chapter 2 Introducing the Web Configur ator 42 Figure 6 Select a Mode Note: The management session automatically time s out when the time period set in the Administrator Inactivity T imer field expires (default five minute s).
P-660HW-D Series User’s Guide 43 Chapter 2 Introducing the Web Configurator Figure 7 Web Configur ator: Main Screen Note: Click the icon (located in the top right corner of most screens) to view embedded help.
P-660HW-D Se ries User’s Guide Chapter 2 Introducing the Web Configur ator 44 LAN IP Use this screen to configure LAN TCP/IP settings, enable Any IP and other advanced properties.
P-660HW-D Series User’s Guide 45 Chapter 2 Introducing the Web Configurator 2.4.2 St atus Screen The following summarizes how to navigate the web configurator from the St a t u s screen. Some fields or links are not available if you entered the user password in the login password screen (see Figure 4 on page 41 ).
P-660HW-D Se ries User’s Guide Chapter 2 Introducing the Web Configur ator 46 Figure 8 S tatus Scr een The following table describes the labels shown in the St a t u s screen.
P-660HW-D Series User’s Guide 47 Chapter 2 Introducing the Web Configurator LAN Informati on IP Address This is the LAN port IP address. IP Subnet Mask This is the LAN port IP subnet mask. DHCP This is the W AN port DHCP role - Server , Relay or None .
P-660HW-D Se ries User’s Guide Chapter 2 Introducing the Web Configur ator 48 2.4.3 St atus: Any IP T able Click the Any IP T able hyperlink in the St a t u s screen.
P-660HW-D Series User’s Guide 49 Chapter 2 Introducing the Web Configurator The following table describes the labels in this screen. 2.4.5 St atus: Bandwid th S t atus Click the Bandwidth S tatus hyperlink in the St a t u s screen. Se lect an interface from the drop- down list box to view the bandwidth usage of its b andwidth rules.
P-660HW-D Se ries User’s Guide Chapter 2 Introducing the Web Configur ator 50 Figure 12 S tatus: Packet S t atistics The following table describes th e fields in this screen. Table 7 S tatus: Pack et S tatistics LABEL DESCRIPTION System Monitor System up T ime This is the elapsed time the system has been up.
P-660HW-D Series User’s Guide 51 Chapter 2 Introducing the Web Configurator 2.4.7 Changing Login Password It is highly recommended that you periodically change the password for accessing the ZyXEL device.
P-660HW-D Se ries User’s Guide Chapter 3 Wizard Setup for Internet Acces s 52 C HAPTER 3 W izard Setup for Internet Access This chapter provides informatio n on the W izard Setup screens for Internet access in the web configurator .
P-660HW-D Series User’s Guide 53 Chapter 3 Wiz ard Setup f or Internet Ac cess Figure 15 Wizard: Welcome 3 The wizard attempts to detect whic h W AN connection type you are using. If the wizard detects your connection type and your ISP uses PPPo E or PPPoA, go to Section 3.
P-660HW-D Se ries User’s Guide Chapter 3 Wizard Setup for Internet Acces s 54 Figure 17 Auto Detection: Failed 3.2.1 Automatic Detection 1 If you have a PPPoE or PPPoA connection, a scr een displays prompting you to ent er your Internet account information.
P-660HW-D Series User’s Guide 55 Chapter 3 Wiz ard Setup f or Internet Ac cess Figure 19 Internet Access Wizard Setup: ISP Parameters The following table describes the fields in this screen.
P-660HW-D Se ries User’s Guide Chapter 3 Wizard Setup for Internet Acces s 56 2 The next wizard screen varies depending on wh at mode and encapsulatio n type you use. All screens shown are with routing mode. Configure the fields and click Next to continue.
P-660HW-D Series User’s Guide 57 Chapter 3 Wiz ard Setup f or Internet Ac cess The following table describes the fields in this screen. Figure 22 Internet Connection with ENET ENCAP The following table describes the fields in this screen.
P-660HW-D Se ries User’s Guide Chapter 3 Wizard Setup for Internet Acces s 58 Figure 23 Internet Connection with PPPoA The following table describes the fields in this screen. • If the user name and/or password you ente red for PPPoE or PPPoA connection are not correct, the screen displays as shown next.
P-660HW-D Series User’s Guide 59 Chapter 3 Wiz ard Setup f or Internet Ac cess Figure 24 Connection T est Failed- 1 • If the following screen displays, check if your account is activated or click Restart the Internet/Wir eless Setup Wizard to verify your In ternet access settings.
P-660HW-D Se ries User’s Guide Chapter 3 Wizard Setup for Internet Acces s 60 Figure 26 Connection T est Successful 2 Use this screen to activate the wireless LAN and OTIST .
P-660HW-D Series User’s Guide 61 Chapter 3 Wiz ard Setup f or Internet Ac cess The following table describes the labels in this screen. 3 Configure your wireless settin gs in this screen.
P-660HW-D Se ries User’s Guide Chapter 3 Wizard Setup for Internet Acces s 62 The following table describes the labels in this screen. Note: The wireless stations and ZyXEL device must use the same SSID, chan nel ID and WEP encryption key (if WEP is enabled), WP A-PSK (if WP A-PSK is enabled) for wireless communicatio n.
P-660HW-D Series User’s Guide 63 Chapter 3 Wiz ard Setup f or Internet Ac cess Figure 29 Manually assign a WP A key The following table describes the labels in this screen. 3.3.2 Manually assign a WEP key Choose Manually assign a WEP key to setup WEP Encryption parameters.
P-660HW-D Se ries User’s Guide Chapter 3 Wizard Setup for Internet Acces s 64 The following table describes the labels in this screen. 5 Click Apply to save your wireless LAN settings. Figure 31 Wireless LAN Setup 3 6 Use the read-only summary table to check whet her what you have configured is correct.
P-660HW-D Series User’s Guide 65 Chapter 3 Wiz ard Setup f or Internet Ac cess Figure 32 Internet Access and WLAN Wizard Se tup Complete 7 Launch your web browser and navigate to www .zyxel.com. Internet access is just the beginning. Refer to the rest of this guide for more detailed inform ation on the complete range of ZyXEL device features.
P-660HW-D Se ries User’s Guide Chapter 4 Bandwidth Management Wiza rd 66 C HAPTER 4 Bandwid th Management Wizard This chapter shows you h ow to configure basic bandwidth management usin g the wizard screens.
P-660HW-D Series User’s Guide 67 Chapter 4 Bandwidth Manage ment Wizard 4.3 Bandwid th Management Wizard Setup 1 After you enter the admin password to access the web configura tor , select Go to Wizard setup and click Apply . Otherwise, click the wizard icon ( ) in the top right corner of the web configura tor to display the wizard main screen.
P-660HW-D Se ries User’s Guide Chapter 4 Bandwidth Management Wiza rd 68 Figure 34 Wizard: Welcome 3 Activate bandwidth management and select to allocate bandwidth to packets based on the service requirements. Figure 35 Bandwidt h Management Wizard: General In formation The following fields describe the label in this screen.
P-660HW-D Series User’s Guide 69 Chapter 4 Bandwidth Manage ment Wizard 4 Use the second wizard screen to select the se rvices that you want to apply bandwidth management and select the priorities that you want to apply to the services listed.
P-660HW-D Se ries User’s Guide Chapter 4 Bandwidth Management Wiza rd 70 5 Follow the on-screen instructions and click Finish to complete the wizard setup and save your configuratio n. Figure 37 Bandwidt h Management Wizard: Complete Apply Click Apply to save your changes back to the ZyXEL device.
P-660HW-D Series User’s Guide 71 Chapter 4 Bandwidth Manage ment Wizard.
P-660HW-D Se ries User’s Guide Chapter 4 Bandwidth Management Wiza rd 72.
P-660HW-D Series User’s Guide 73 Chapter 4 Bandwidth Manage ment Wizard.
P-660HW-D Se ries User’s Guide Chapter 5 WAN Setup 74 C HAPTER 5 W AN Setup This chapter describes how to configure W AN settings. 5.1 W AN Overview A W AN (W ide Area Network) is an outside conn ection to another network or the Internet. 5.1.1 Encap sulation Be sure to use the encap sulation method req uired by your ISP .
P-660HW-D Series User’s Guide 75 Chapter 5 WAN Setup 5.1.1.3 PPPoA PPPoA stands for Point to Point Protocol over A TM Adaptation Layer 5 (AAL5). A PPPoA connection functions like a dial -up Internet connection.
P-660HW-D Se ries User’s Guide Chapter 5 WAN Setup 76 5.1.3.1 Scenario 1: On e VC, Multiple Protocols PPPoA (RFC-2364) encapsulation with VC-based multiplexing is th e best combination because no extra protocol identifying headers are needed. The PPP pro tocol already contains this information.
P-660HW-D Series User’s Guide 77 Chapter 5 WAN Setup 5.1.5.3 IP Assignment with ENET ENCAP Encap sulation In this case you can have either a static or dynamic IP . For a stat ic IP you must fill in all the IP Address an d ENET ENCAP Gateway fiel ds as supplied by your ISP .
P-660HW-D Se ries User’s Guide Chapter 5 WAN Setup 78 If you want the dial-backup route to take first prio rity over the traffic-redirect route or even the normal route, all you ne ed to do is set the dial-backup route’ s me tric to "1" and the others to "2" (or greater).
P-660HW-D Series User’s Guide 79 Chapter 5 WAN Setup 5.3.1 A TM T raffic Classes These are the basic A TM traffic classes define d by the A TM Forum T raffic Management 4.0 Specification. 5.3.1.1 Const ant Bit Rate (CBR) Constant Bit Rate (CBR) provides fixed bandwidth that is always available even if no data is being sent.
P-660HW-D Se ries User’s Guide Chapter 5 WAN Setup 80 • the ZyXEL device is in bridge mode • you set the ZyXEL device to use a static (fixed) W AN IP address. 5.5 Internet Connection T o change your ZyXEL device’ s W AN Internet access settings, click Network > W AN .
P-660HW-D Series User’s Guide 81 Chapter 5 WAN Setup Encapsulation Selec t the method of encapsulatio n used by your ISP from the drop-down list box. Choices vary depending on the mode you select in th e Mode field. If you select Bridge in the Mode field, select either PPPoA or RFC 1483 .
P-660HW-D Se ries User’s Guide Chapter 5 WAN Setup 82 5.5.1 Configuring Advanced Internet Connection Setup T o edit your ZyXEL device's adva nced W AN settings, click the Advanced Setup button in the Internet Connection screen. The screen appears as shown.
P-660HW-D Series User’s Guide 83 Chapter 5 WAN Setup 5.6 Configuring More Connections This section describes the protocol-independent parameters for a remote network. They are required for placing calls to a remote gate way and the network behind it across a W AN connection.
P-660HW-D Se ries User’s Guide Chapter 5 WAN Setup 84 Figure 41 More Connections The following table describes the labels in this screen. 5.6.1 More Connections Edit Click the edit icon in the More Connections screen to configure a connection . Table 22 More Connections LABEL DESCRIPTION # This is the index number of a connection.
P-660HW-D Series User’s Guide 85 Chapter 5 WAN Setup Figure 42 More Connections Edit The following table describes the labels in this screen. Table 23 More Connections Edit LABEL DESCRIPTION Active Select the check box to activate or clear the check box to deactivate this connection.
P-660HW-D Se ries User’s Guide Chapter 5 WAN Setup 86 User Name (PPPoA and PPPoE encapsulation only ) Enter the user nam e exactly as your ISP assigned. If assigned a name in the form user@domain where doma in identifies a service name, then ent er both components exactly as given.
P-660HW-D Series User’s Guide 87 Chapter 5 WAN Setup 5.6.2 Configuring More Co nnections Advanced Setup T o edit your ZyXEL device's adva nced W AN settings, click the Advanced Setup button in the Mor e Connections Edit screen. The screen appears as shown.
P-660HW-D Se ries User’s Guide Chapter 5 WAN Setup 88 5.7 T raffic Redirect T ra ffic redirect forwards traf fic to a backup gatew ay when the ZyXEL de vice cannot conn ect to the Internet.
P-660HW-D Series User’s Guide 89 Chapter 5 WAN Setup Figure 45 T raf fic Redirect LAN Setup 5.8 Configuring W AN Backup T o change your ZyXEL devi ce’ s W AN backup settings, click Network > W AN > WA N Backup Setup . The screen appears as shown.
P-660HW-D Se ries User’s Guide Chapter 5 WAN Setup 90 The following table describes the labels in this screen. Table 25 W AN Backup Setup LABEL DESCRIPTION Backup T ype Select the method that the ZyXEL devi ce uses to check the DSL connection. Select DSL Link to have the ZyXEL device check if the co nnection to the DSLAM is up.
P-660HW-D Series User’s Guide 91 Chapter 5 WAN Setup.
P-660HW-D Se ries User’s Guide Chapter 6 LAN Setup 92 C HAPTER 6 LAN Setup This chapter describes how to configure LAN settings. 6.1 LAN Overview A Local Area Network (LAN) is a shared comm unication system to which many computers are attached.
P-660HW-D Series User’s Guide 93 Chapter 6 LAN Setup 6.1.2 DHCP Setup DHCP (Dynamic Host Configuration Protocol , RFC 2131 and RFC 2132) allows in dividual clients to obtain TCP/IP configuration at start-up from a server . Y ou can configure the ZyXEL device as a DHCP server or disable it.
P-660HW-D Se ries User’s Guide Chapter 6 LAN Setup 94 6.1.4 DNS Server Address Assignment Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because wit hout it, you must know the IP address of a computer before you can access it.
P-660HW-D Series User’s Guide 95 Chapter 6 LAN Setup 6.2.1.1 Private IP Addresses Every machine on the Internet must ha ve a unique address. If your ne tworks are isolated from the Internet, for example, only between your two branch of fices, you can assign any IP addresses to the hosts without problems.
P-660HW-D Se ries User’s Guide Chapter 6 LAN Setup 96 6.2.3 Multicast T raditionally , IP packets are transmitted in one of either two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everybody on the network). Multicast delivers IP packets to a group of host s on the networ k - not everybody and not just 1.
P-660HW-D Series User’s Guide 97 Chapter 6 LAN Setup Figure 48 Any IP Example The Any IP fe ature does n ot apply to a computer using either a dy namic IP address or a static IP address that is in the same subnet a s the ZyXEL device’ s IP addre ss.
P-660HW-D Se ries User’s Guide Chapter 6 LAN Setup 98 6.3 Configuring LAN IP Click LAN to open the IP screen. See Section 6.1 on page 92 for background information.
P-660HW-D Series User’s Guide 99 Chapter 6 LAN Setup Figure 50 Advanced LAN Setup The following table describes the labels in this screen. Table 27 Advanced LAN Setup LABEL DESCRIPTION RIP & Multicast Setup RIP Direction Select the RIP direction from None , Both , In Only and Out Only .
P-660HW-D Se ries User’s Guide Chapter 6 LAN Setup 100 6.4 DHCP Setup Use this screen to configure th e DNS server informa tion that the Zy XEL device sends to the DHCP client devices on the LAN. Figure 51 DHCP Setup The following table describes the labels in this screen.
P-660HW-D Series User’s Guide 101 Chapter 6 LAN Se tup 6.5 LAN Client List This table allows you to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses. Every Ethernet device has a unique MAC (Med ia Access Control) addre ss.
P-660HW-D Se ries User’s Guide Chapter 6 LAN Setup 102 The following table describes the labels in this screen. 6.6 LAN IP Alias IP alias allows you to partition a physical network into dif fer ent logical networks over the same Ethernet interface.
P-660HW-D Series User’s Guide 103 Chapter 6 LAN Se tup Figure 53 Physical Network & Partitioned Logical Networks T o change your ZyXEL device’ s IP alias se ttings, click Network > LAN > IP Alias . The screen appears as shown. Figure 54 LAN IP Alias The following table describes the labels in this screen.
P-660HW-D Se ries User’s Guide Chapter 6 LAN Setup 104 RIP Direction RIP (Routing Information Protocol , RFC 1058 and RFC 1389) allows a router to exchange routing informatio n with other routers. The RIP Direct ion field co ntrols the sending and receiving of RIP packe ts.
P-660HW-D Series User’s Guide 105 Chapter 6 LAN Se tup.
P-660HW-D Se ries User’s Guide Chapter 7 Wireless LAN 106 C HAPTER 7 W ireless LAN This chapter discusses how to configure the wire less network settings in your ZyXEL device. See the appendices for more detailed information ab out wireless networks.
P-660HW-D Series User’s Guide 107 Chapter 7 Wireless LAN • Every wireless client in the same wirel ess network must use security compatible with the AP . Security stops unauthorized devices from using the wireless network. It can also protect the information that is sent in the wireless network.
P-660HW-D Se ries User’s Guide Chapter 7 Wireless LAN 108 7.2.3 User Authentication Authentication is the process of verifying whet her a wireless device is allowed to use the wireless network. Y ou can make every user log in to the wireless network before they can use it.
P-660HW-D Series User’s Guide 109 Chapter 7 Wireless LAN Usually , you should set up the st rongest encryption that every wireless client in the wireless network supports. For example, suppose the AP does not have a local user database, and you do not have a RADIUS serve r .
P-660HW-D Se ries User’s Guide Chapter 7 Wireless LAN 110 7.4 General Wireless LAN Screen Note: If you are configuring the ZyXEL device from a computer conn ected to the wireless LAN and you change the ZyXEL de vice’ s SSID or WEP settings, you will lose your wireless connection when you press Apply to confirm.
P-660HW-D Series User’s Guide 111 Chapter 7 Wireless LAN See the rest of this chapter for informa tion on the other labels in this screen. 7.4.1 No Security Select No Security to allow wireless clients to commun icate with the access points without any data encryption.
P-660HW-D Se ries User’s Guide Chapter 7 Wireless LAN 112 7.4.2 WEP Encryption WEP encryption scrambles the da ta transmitted between the wire less clients and the access points to keep network communications pr ivate. It encrypts unicast and multicast communications in a network.
P-660HW-D Series User’s Guide 113 Chapter 7 Wireless LAN 7.4.3 WP A-PSK/WP A2-PSK In order to configure and enable WP A(2)-PSK authentication; click Network > Wir eless LAN to display the Ge neral screen. Select WP A-PSK or WP A2-PSK from the Security Mode list.
P-660HW-D Se ries User’s Guide Chapter 7 Wireless LAN 114 The following table describes the wireless LAN security labels in this screen. 7.4.4 WP A/WP A2 In order to configure and enable WP A/WP A2; click the Wir eles s LAN link under Network to display the General screen.
P-660HW-D Series User’s Guide 115 Chapter 7 Wireless LAN Figure 60 Wireless: WP A/WP A2 The following table describes the wireless LAN security labels in this screen. Table 36 Wireless: WPA/WPA2 LABEL DESCRIPTION WP A Compatible This check box is available only when you select WP A2-PSK or WP A2 in the Security Mode field.
P-660HW-D Se ries User’s Guide Chapter 7 Wireless LAN 116 7.4.5 Wireless LAN Advanced Setup T o configure advanced wi reless settings, click the Advanced Setup button in the General screen.
P-660HW-D Series User’s Guide 117 Chapter 7 Wireless LAN Figure 61 Advanced The following table describes the labels in this screen. Table 37 Wireless LAN: Advanced LABEL DESCRIPTION Wireless Advanced Setup RTS/ CT S Threshold Enter a value between 0 and 2432.
P-660HW-D Se ries User’s Guide Chapter 7 Wireless LAN 118 7.5 OTIST In a wireless network, the wireless clients mu st have the same SSID and security settings as the access point (AP) or wireless router (we wi ll refer to both as “AP” here) in order to associate with it.
P-660HW-D Series User’s Guide 119 Chapter 7 Wireless LAN Note: If you hold in the RESET button t oo long, the device will reset to the factory defaults! 7.5.1.1.2 W eb Configur ator Click the Network > Wireless LAN > OTIST . The following screen displays.
P-660HW-D Se ries User’s Guide Chapter 7 Wireless LAN 120 7.5.1.2 Wireless Client Start the ZyXEL utility and click the Adapter tab. Select the OTIST check box, enter the same Setup Key as your AP’ s and cl ick Save . Figure 63 Example Wireless Client OTIST Screen 7.
P-660HW-D Series User’s Guide 121 Chapter 7 Wireless LAN 3 In the wireless client, you see this screen if i t can't find an OTIST -enabled AP (with the same Setup key ).
P-660HW-D Se ries User’s Guide Chapter 7 Wireless LAN 122 7.6 MAC Filter The MAC filter screen allows you to configur e the ZyXEL device to give exclusive access to up to 32 devices ( Allow ) or exclude up to 32 de vices from accessing the ZyXEL device ( Deny ).
P-660HW-D Series User’s Guide 123 Chapter 7 Wireless LAN The following table describes the labels in this menu. 7.7 WMM QoS WMM (W i-Fi MultiMedia) QoS (Quality of Service) allows you to prioritize wireless traf fic according to the delivery requirements of individual services.
P-660HW-D Se ries User’s Guide Chapter 7 Wireless LAN 124 7.7.2 WMM QoS Priorities The following table describes the priorities that you can apply to traffi c that the ZyXEL device sends to the wireless network. 7.7.3 Services The commonly used services and port numbers ar e shown in the following table.
P-660HW-D Series User’s Guide 125 Chapter 7 Wireless LAN HTTP(TCP:80) Hyper T ext Transfer Protocol - a cl ient/server protocol for the worl d wide web. HTTPS(TCP:443) HTTPS is a secured ht tp session of ten used in e-commerce. ICQ(UDP:4000) This is a popular Internet chat program.
P-660HW-D Se ries User’s Guide Chapter 7 Wireless LAN 126 7.8 QoS Screen The QoS screen by default allows you to au tomatically give a service a priority level according to the T oS value in the IP header of the packets it sends.
P-660HW-D Series User’s Guide 127 Chapter 7 Wireless LAN Figure 70 Wireless LAN: QoS The following table describes the fields in this screen. Table 42 Wireless LAN: QoS LABEL DESCRIPTION QoS Enable WMM QoS Select the check box to enable WMM QoS on the ZyXEL device.
P-660HW-D Se ries User’s Guide Chapter 7 Wireless LAN 128 7.8.2 Application Pr iority Configuration T o edit a WMM QoS application entry , click the edit icon under Modify . The following screen displays. Figure 71 Application Priority Configuration The following table describes the fields in this screen.
P-660HW-D Series User’s Guide 129 Chapter 7 Wireless LAN Apply Click Apply to save your changes back to the ZyXEL device. Cancel Click Cance l to return to the previous sc reen without savin g your changes.
P-660HW-D Se ries User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 130 C HAPTER 8 Network Address T ranslation (NA T) Screens This chapter discusses how to configure NA T on the ZyXEL device.
P-660HW-D Series User’s Guide 131 Chapt er 8 Network Ad dress Transla tion (NAT) Scr eens 8.1.2 What NA T Do es In the simplest form, NA T changes the sour ce IP address in a packet received from a subscriber (the inside local address) to anothe r (the inside global address) before forwarding the packet to the W A N side.
P-660HW-D Se ries User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 132 8.1.4 NA T Application The following figure illustrates a possible NA T application, wher e three inside LANs (logical LANs using IP Alias) behind the ZyXEL devi ce can communicate with three distinct W AN networks.
P-660HW-D Series User’s Guide 133 Chapt er 8 Network Ad dress Transla tion (NAT) Scr eens Port numbers do NOT change for One-to-One and Many-to-Many No Overload NA T mapping types.
P-660HW-D Se ries User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 134 Figure 74 NA T General The following table describes the labels in this screen.
P-660HW-D Series User’s Guide 135 Chapt er 8 Network Ad dress Transla tion (NAT) Scr eens 8.4.1 Default Se rver IP Address In addition to the servers for specified services, NA T supports a default server IP address. A default server receives packets from ports that are not specifie d in this screen.
P-660HW-D Se ries User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 136 Figure 75 Multiple Servers Be hind NA T Example 8.5 Configuring Port Forwarding Note: The Port Forwarding screen is a vailable only when you select SUA Only in the NA T > General screen.
P-660HW-D Series User’s Guide 137 Chapt er 8 Network Ad dress Transla tion (NAT) Scr eens The following table describes th e fields in this screen. 8.5.1 Port Forwarding Rule Edit T o edit a port forwarding rule, c lick the rule’ s edit icon in the Port Forwarding screen to display the screen shown next.
P-660HW-D Se ries User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 138 The following table describes th e fields in this screen. 8.6 Address Mapping Note: The Address Mapping screen is available only when you select Ful l Feature in the NA T > General screen.
P-660HW-D Series User’s Guide 139 Chapt er 8 Network Ad dress Transla tion (NAT) Scr eens Figure 78 Address Mapping Rule s The following table describes th e fields in this screen. Table 50 Address Mapp ing Rules LABEL DESCRIPTION # This is the rule index number .
P-660HW-D Se ries User’s Guide Chapter 8 Network Address Translatio n (NAT) Screens 140 8.6.1 Address Mapping Rule Edit T o edit an address mapping rule, click the rule’ s edit icon in the Addr ess Mapping screen to display the screen shown next. Figure 79 Edit Address Mapping Rule The following table describes th e fields in this screen.
P-660HW-D Series User’s Guide 141 Chapt er 8 Network Ad dress Transla tion (NAT) Scr eens Edit Details Click this link to go to the Port Forwarding screen to edit a server mapping set that you have selected in the Server Mapping Set field. Back Click Back to return to the previous screen.
P-660HW-D Se ries User’s Guide Chapter 9 Firewalls 142 C HAPTER 9 Firewalls This chapter gives some back ground information on firewa lls and introduces the ZyXEL device firewall. 9.1 Firewall Overview Originally , the term firewall referred to a construction techni que designed to prevent the spread of fire from one room to another .
P-660HW-D Series User’s Guide 143 Chapter 9 Firewalls 9.2.2 Applicatio n-level Firewalls Application-level firewalls restrict access by serv ing as proxies for e xternal servers. Since they use programs written for specific Internet servic es, such as HTTP, FTP and tel net, they can evaluate network packets for valid applicatio n-sp ecific data.
P-660HW-D Se ries User’s Guide Chapter 9 Firewalls 144 • The LAN (Local Area Network) port attache s to a network of compute rs, which needs security from the outside world. These computer s will have access to Internet services such as e-mail, FTP , and the W orld W ide W e b.
P-660HW-D Series User’s Guide 145 Chapter 9 Firewalls Some of the most common IP ports are: 9.4.2 T ypes of DoS Attacks There are four types of DoS attacks: 1 Those that exploit bugs in a TCP/IP implementation. 2 Those that exploit weaknesses in the TCP/IP specification.
P-660HW-D Se ries User’s Guide Chapter 9 Firewalls 146 Under normal circumstances, the applica tion that initiates a session sends a SYN (synchronize) packet to the receiving server . The receiver sends back an ACK (acknowledgment) packet and its own SYN, and then the in itiator responds with an ACK (acknowledgment).
P-660HW-D Series User’s Guide 147 Chapter 9 Firewalls Figure 83 Smurf Attack 9.4.2.1 ICMP V ulnerability ICMP is an error -reporting protocol that works in concert with IP . The following ICMP types trigger an alert: 9.4.2.2 Illegal Comma nds (NetBIOS and SMTP) The only legal NetBIOS commands are the following - all others are illegal.
P-660HW-D Se ries User’s Guide Chapter 9 Firewalls 148 9.4.2.3 T r aceroute T raceroute is a utility used to determine th e path a packet takes between two endpoints. Sometimes when a packet filter firewall is conf igured incorrectly an at tacker can traceroute the firewall gaining knowledge of the network topology inside the firewall.
P-660HW-D Series User’s Guide 149 Chapter 9 Firewalls The previous figure show s the ZyXEL device’ s default firewall rules in action as well as demonstrates how stateful inspection works. User A can initiate a T elnet session from within the LAN and responses to this request are allowe d.
P-660HW-D Se ries User’s Guide Chapter 9 Firewalls 150 • Allow certain types of traffic from the In ternet to specific hosts on the LAN. • Allow access to a W eb server to everyone but competitors. • Restrict use of certain protocols, such as T elnet, to authoriz ed users on the LAN.
P-660HW-D Series User’s Guide 151 Chapter 9 Firewalls A similar situation exists for ICMP , except that the ZyXEL device is ev en more restrictive. Specifically , only outgoing echoes will allow in .
P-660HW-D Se ries User’s Guide Chapter 9 Firewalls 152 • Encourage your co mpany or organization to develop a co mprehensive security pla n. Good network administration takes into ac count what hackers can do and prepares against attacks. The best defense against hack ers and crackers is information.
P-660HW-D Series User’s Guide 153 Chapter 9 Firewalls 9.7.1.1 When T o Use Filterin g • T o block/allow LAN pa cket s by their MAC addresses. • T o block/allow special IP packets which are neither TCP nor UDP , nor ICMP packets.
P-660HW-D Se ries User’s Guide Chapter 10 Firewall Configurat ion 154 C HAPTER 10 Firewall Configuration This chapter shows you how to enable and configure t he ZyXEL device firewall. 10.1 Access Methods The web configurator is, by far , the most co mprehensive firewall configuration tool your ZyXEL device has to offer .
P-660HW-D Series User’s Guide 155 Chapter 10 Firewall Configuration Note: If you configure firewall rules wit hout a good underst anding of how they work, you might inadvertently introduce securi ty risks to the f irewall and to the protected network.
P-660HW-D Se ries User’s Guide Chapter 10 Firewall Configurat ion 156 4 Does a rule that allows Internet users acces s to resources on the LAN create a security vulnerability? For example, if FTP ports (TCP 20, 21) are al lowed from the Internet to t he LAN, Internet users may be able to connect to computers with running FTP servers.
P-660HW-D Series User’s Guide 157 Chapter 10 Firewall Configuration 10.4.1 LAN to W AN Rules The default rule for LAN to W AN traffic is that all users on the LAN are allowed non- restricted access to the W AN. When you config ure a LAN to W AN rule, you in essence want to limit some or all users from accessing cer tain services on the W AN.
P-660HW-D Se ries User’s Guide Chapter 10 Firewall Configurat ion 158 The following table describes the labels in this screen. 10.6 Firewall Rules Summary Note: The ordering of your rule s is very import ant as rules are app lied in turn. Refer to Section 9.
P-660HW-D Series User’s Guide 159 Chapter 10 Firewall Configuration Figure 86 Firewall Rules The following table describes the labels in this screen.
P-660HW-D Se ries User’s Guide Chapter 10 Firewall Configurat ion 160 10.6.1 Configuring Firewall Rules Refer to Section 9.1 on page 142 for more information. In the Rules screen, select an index number and click Add or click a rule’ s Edit icon to display this screen and refer to the following table for information on the labels.
P-660HW-D Series User’s Guide 161 Chapter 10 Firewall Configuration Figure 87 Firewall: Edit Rule.
P-660HW-D Se ries User’s Guide Chapter 10 Firewall Configurat ion 162 The following table describes the labels in this screen. Table 58 Firewall: Edit Rule LABEL DESCRIPTION Active Select this option to ena ble this firewall rule.
P-660HW-D Series User’s Guide 163 Chapter 10 Firewall Configuration 10.6.2 Customized Services Configure customized services and port numbers not predefined by the ZyXEL device. For a comprehensive list of port numbers and services, visit the IANA (Internet Assigned Number Authority) website.
P-660HW-D Se ries User’s Guide Chapter 10 Firewall Configurat ion 164 10.6.3 Configuring A Customized Service Click a rule number in the Firewall Customized Services screen to create a new custom port or edit an existing one. This actio n displays the following screen.
P-660HW-D Series User’s Guide 165 Chapter 10 Firewall Configuration Figure 90 Firewall Example: Rules 3 In the Rules screen, select the index number after that you want to add the rule. For example, if you select “6”, your new rule b ecomes number 7 and the previous rule 7 (if there is one) becomes rule 8.
P-660HW-D Se ries User’s Guide Chapter 10 Firewall Configurat ion 166 Figure 92 Firewall Example: Edit Ru le: Des tination Addres s 9 Use the Add >> and Remove buttons between A vailable Services and Selected Services list boxes to configure it as follows.
P-660HW-D Series User’s Guide 167 Chapter 10 Firewall Configuration Figure 93 Firewall Example: Edit Rule: Select Customized Services On completing the configuration procedure for this Internet firewall rule, the Rules screen should look like the following.
P-660HW-D Se ries User’s Guide Chapter 10 Firewall Configurat ion 168 Figure 94 Firewall Example: Rules: MyService 10.8 Predefined Services The A vailable Services list box in the Edit Rule screen (see Section 1 0.6.1 on page 160 ) displays all predefined services that the ZyXEL device already supports.
P-660HW-D Series User’s Guide 169 Chapter 10 Firewall Configuration H.323(TCP:1720) Net Meeting uses this proto col. HTTP(TCP:80) Hyper T ext Transfer Protocol - a cl ient/server protocol for the worl d wide web. HTTPS HTTPS is a secured ht tp session of ten used in e-commerce.
P-660HW-D Se ries User’s Guide Chapter 10 Firewall Configurat ion 170 10.9 Anti-Probing If an outside user attempts to probe an unsupp orted port on your ZyXEL device, an ICMP response packet is automatically returned. This allows the ou tside user to know the ZyXEL device exists.
P-660HW-D Series User’s Guide 171 Chapter 10 Firewall Configuration The following table describes the labels in this screen. 10.10 DoS Thresholds For DoS attacks, the ZyXEL device uses thresholds to dete rmine when to drop sessions that do not become fully established.
P-660HW-D Se ries User’s Guide Chapter 10 Firewall Configurat ion 172 If your network is slower than average for any of these factors (especially if you have servers that are slow or handle many tasks and are of ten busy), then the de fault values should be reduced.
P-660HW-D Series User’s Guide 173 Chapter 10 Firewall Configuration 10.10.3 Configuring Firewall Thresholds The ZyXEL device also sends alerts whenever TCP Maximum Incomplete is exceeded. The global values specified for the threshold an d timeout apply to all TCP connections.
P-660HW-D Se ries User’s Guide Chapter 10 Firewall Configurat ion 174 Maximum Incomplete Low This is the number of existing half-open sessions that cau ses the firewall to stop deleting half-open sessions.
P-660HW-D Series User’s Guide 175 Chapter 10 Firewall Configuration.
P-660HW-D Se ries User’s Guide Chapter 11 Content Filtering 176 C HAPTER 11 Content Filtering This chapter covers how to configure content filtering. 1 1 .1 Content Filtering Overview Internet content filtering allows you to create and enforce Internet access policies tailored to your needs.
P-660HW-D Series User’s Guide 177 Chapter 11 Content Filtering The following table describes the labels in this screen. 1 1 .3 Configuring the Schedule T o set the days and times for the ZyXEL device to perform content filtering, click Security > Content Filter > Schedule .
P-660HW-D Se ries User’s Guide Chapter 11 Content Filtering 178 The following table describes the labels in this screen. 1 1 .4 Configuring T rusted Computers T o exclude a range of users on the LAN from content filteri ng on your ZyXEL d evice, click Security > Content Filter > Tr u s t e d .
P-660HW-D Series User’s Guide 179 Chapter 11 Content Filtering.
P-660HW-D Se ries User’s Guide Chapter 12 Static Route 180 C HAPTER 12 S t atic Route This chapter shows you how to configure static routes for your ZyXEL device. 12.1 S t atic Route Each remote node specifies only the network to which the gateway is di rectly connected, and the ZyXEL device has no kn owledge of the ne tworks beyond.
P-660HW-D Series User’s Guide 181 Chapter 12 Static Route Figure 101 S tatic Route The following table describes the labels in this screen. 12.2.1 S t atic Route Edit Select a static route index numb er and click Edit . The screen shown next appears.
P-660HW-D Se ries User’s Guide Chapter 12 Static Route 182 Figure 102 S tatic Route Edit The following table describes the labels in this screen. T able 68 S tatic Route Edit LABEL DESCRIPTION Active This field allows you to activa te/deactivate this st atic route.
P-660HW-D Series User’s Guide 183 Chapter 12 Static Route.
P-660HW-D Se ries User’s Guide Chapter 13 Bandwidth Managemen t 184 C HAPTER 13 Bandwid th Management This chapter contains information about configuri ng bandwidth management, editing rules and viewing the ZyXEL device’ s bandwidth management logs.
P-660HW-D Series User’s Guide 185 Chapter 13 Bandwidth Management The following figure shows LAN subnets. Y ou could config ure one bandwidth class for subnet A and another for subnet B .
P-660HW-D Se ries User’s Guide Chapter 13 Bandwidth Managemen t 186 13.5.1 Priority-based Scheduler W ith the priority-based sc heduler , the ZyXEL de vice forwards traffic from bandwidth classes according to the priorities that you assign to the bandwidth classes.
P-660HW-D Series User’s Guide 187 Chapter 13 Bandwidth Management 13.6.2 Maximize Ba ndwid th Usage Example Here is an example of a ZyXEL de vice that has maximiz e bandwidth usage enab led on an interface. The following table shows each ba nd width class’ s bandwidth budget.
P-660HW-D Se ries User’s Guide Chapter 13 Bandwidth Managemen t 188 • Research requires more bandwidth but only gets its budgeted 20 48 kbps because all of the unbudgeted and unu sed bandwidth goes to the higher priority sales and marketing classes.
P-660HW-D Series User’s Guide 189 Chapter 13 Bandwidth Management 13.7 Over Allotment of Bandwid th Y ou can set the bandwidth management speed fo r an interface higher than the interface’ s actual transmission speed.
P-660HW-D Se ries User’s Guide Chapter 13 Bandwidth Managemen t 190 The following table describes the labels in this screen. 13.9 Bandwid th Management Rule Setup Y ou must use the Bandwidth Management Summary scr een to enab le bandwidth management on an interface before yo u can configure rules for that interface.
P-660HW-D Series User’s Guide 191 Chapter 13 Bandwidth Management Figure 105 Bandwidth Management: Rule Setup The following table describes the labels in this screen. Table 76 Bandwid th Manageme nt: Rule Setup LABEL DESCRIPTION Direction Select LAN to apply bandwi dth management to traffic that the ZyXEL device forwards to the LAN.
P-660HW-D Se ries User’s Guide Chapter 13 Bandwidth Managemen t 192 13.9.1 Rule Configuration Click the Edit icon or select User Defined from the Serv ice drop-down lis t in the Rule Setup screen to configure a bandwidth management ru le.
P-660HW-D Series User’s Guide 193 Chapter 13 Bandwidth Management Rule Name Use the auto-generated name or en ter a descriptive name of up to 20 alphanumeric characters, including spaces. BW Budget S pecify the maximum bandwidth allowed for the rule in kbps.
P-660HW-D Se ries User’s Guide Chapter 13 Bandwidth Managemen t 194 13.10 Bandwid th Monitor T o view the Zy XEL device’ s bandw idth usage and al lotments, click Advanced > Bandwidth MGMT > Mon itor . The screen appears as shown. Select an interface from the drop-down list box to view the bandwidth usage of its bandwidth rules .
P-660HW-D Series User’s Guide 195 Chapter 13 Bandwidth Management Figure 107 Bandwidth Ma nagement: Monitor.
P-660HW-D Se ries User’s Guide Chapter 14 Dynamic DNS Setup 196 C HAPTER 14 Dynamic DNS Setup This chapter discusses how to configure your ZyXEL device to use Dynamic DNS.
P-660HW-D Series User’s Guide 197 Chapter 1 4 Dynamic DNS Setup Figure 108 Dynamic DNS The following table describes th e fields in this screen. Table 79 Dynamic DNS LABEL DESCRIPTION Dynamic DNS Setup Active Dynamic DNS Select this check box to use dynamic DNS.
P-660HW-D Se ries User’s Guide Chapter 14 Dynamic DNS Setup 198 Dynamic DNS server auto detect IP Address Select this option only when there are one or more NA T routers be tween the ZyXEL device and the DDNS server. This feat ure has the DDNS server automatically detect and use the IP address of th e NA T router that has a public IP address.
P-660HW-D Series User’s Guide 199 Chapter 1 4 Dynamic DNS Setup.
P-660HW-D Se ries User’s Guide Chapter 15 Remote M anagement Configura tion 200 C HAPTER 15 Remote Management Configuration This chapter provides information on config uring remote management.
P-660HW-D Series User’s Guide 201 Chapter 15 Remote Manag ement Configuration • The IP address in the Secured Client IP field does not match th e client IP address. If it does not match, the ZyXEL device w ill disconnect the ses sion immediately .
P-660HW-D Se ries User’s Guide Chapter 15 Remote M anagement Configura tion 202 The following table describes the labels in this screen. 15.3 T elnet Y ou can configure your ZyXEL device for remote T elnet access as shown next. The administrator uses T elnet from a computer on a re mote network to access the ZyXEL device.
P-660HW-D Series User’s Guide 203 Chapter 15 Remote Manag ement Configuration Figure 1 1 1 Remo te Manage ment: T e lnet The following table describes the labels in this screen.
P-660HW-D Se ries User’s Guide Chapter 15 Remote M anagement Configura tion 204 Figure 1 12 Remote Management: FTP The following table describes the labels in this screen. 15.6 SNMP Simple Network Management Protocol (SNM P) i s a protocol u sed for ex changing management information b etween network devices.
P-660HW-D Series User’s Guide 205 Chapter 15 Remote Manag ement Configuration Figure 1 13 SNMP Management Model An SNMP managed network consis ts of two main types of comp onent: agen ts and a m anager . An agent is a management software module that resi des in a managed device (the ZyXEL device).
P-660HW-D Se ries User’s Guide Chapter 15 Remote M anagement Configura tion 206 15.6.2 SNMP T raps The ZyXEL device will send traps to the SNMP manager when any on e of the following events occurs: 15.6.3 Configuring SNMP T o change your ZyXEL de vice’ s SNMP settings, click Advance d > Remote MGMT > SNMP .
P-660HW-D Series User’s Guide 207 Chapter 15 Remote Manag ement Configuration The following table describes the labels in this screen. 15.7 Configuring DNS Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa.
P-660HW-D Se ries User’s Guide Chapter 15 Remote M anagement Configura tion 208 Figure 1 15 Remote Management: DNS The following table describes the labels in this screen. 15.8 Configuring ICMP T o change your ZyXEL devi ce’ s security settings, click Advanced > Remote MGMT > ICMP .
P-660HW-D Series User’s Guide 209 Chapter 15 Remote Manag ement Configuration Figure 1 16 Remote Management: ICMP The following table describes the labels in this screen.
P-660HW-D Se ries User’s Guide Chapter 16 Universa l Plug-and-Play (UPnP) 210 C HAPTER 16 Universal Plug-and-Play (UPnP) This chapter introduces the UPnP feature in the web configura tor .
P-660HW-D Series User’s Guide 211 Chapter 16 Universa l Plug-and-Play (UPnP) 16.1.3 Cautions with UPnP The automated nature of NA T traversal applications in establishing their own services and opening firewall ports ma y present network security issues.
P-660HW-D Se ries User’s Guide Chapter 16 Universa l Plug-and-Play (UPnP) 212 The following table describes the fields in this screen. 16.3 Inst alling UPnP in Windows Example This section shows ho w to install UPnP in W indows Me and W indows XP . 16.
P-660HW-D Series User’s Guide 213 Chapter 16 Universa l Plug-and-Play (UPnP) Figure 1 18 Add/Remove Programs: Windows Setup: Communication 3 In the Communications window , select the Universal Plug and Play check box in the Components selection box.
P-660HW-D Se ries User’s Guide Chapter 16 Universa l Plug-and-Play (UPnP) 214 16.3.2 Inst alling UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP .
P-660HW-D Series User’s Guide 215 Chapter 16 Universa l Plug-and-Play (UPnP) Figure 122 Networking Services 6 Click OK to go back to the W indows Optional Networking Component Wizard window and click Next . 16.4 Using UPnP in Windows XP Example This section shows yo u how to use the UPn P feature in W indows XP .
P-660HW-D Se ries User’s Guide Chapter 16 Universa l Plug-and-Play (UPnP) 216 Figure 123 Network Connections 3 In the Internet Connection Properties window , click Se ttings to see the port mappings there were automatically created.
P-660HW-D Series User’s Guide 217 Chapter 16 Universa l Plug-and-Play (UPnP) Figure 125 Internet Connection Properties: Adva nced Settings Figure 126 Internet Connection Proper ties: Adva nced Settings: Add Note: When the UPnP-enabled device is disconnect ed from your computer , all port mappings will be deleted automatically .
P-660HW-D Se ries User’s Guide Chapter 16 Universa l Plug-and-Play (UPnP) 218 6 Double-click on the icon to display yo ur curr ent Internet co nnection sta tus.
P-660HW-D Series User’s Guide 219 Chapter 16 Universa l Plug-and-Play (UPnP) Figure 129 Network Connections 4 An icon with the description for e ach UPnP-enabled device disp lays under Local Network . 5 Right-click on the icon for your Zy XEL device and select Invoke .
P-660HW-D Se ries User’s Guide Chapter 16 Universa l Plug-and-Play (UPnP) 220 Figure 130 Network Connections: My Network Places 6 Right-click on the icon for your Zy XEL device and select Pr operties . A properties window displays with basic info rmation about the ZyXEL device.
P-660HW-D Series User’s Guide 221 Chapter 16 Universa l Plug-and-Play (UPnP).
P-660HW-D Se ries User’s Guide Chapter 17 System 222 C HAPTER 17 System Use this screen to configure the Zy XEL device’ s time and date settings. 17.1 General Setup 17.1.1 General Setup and System Name General Setup contains administrative and system-related information.
P-660HW-D Series User’s Guide 223 Chapter 17 Syst em Figure 132 System General Setu p The following table describes the labels in this screen. T able 88 System General Setup LABEL DESCRIPTION General Setup System Name Choose a descriptive name for identificatio n purposes.
P-660HW-D Se ries User’s Guide Chapter 17 System 224 17.2 T ime Setting T o change your ZyXEL devi ce’ s time and date, click Maintenance > System > Time Setting . The screen appears as shown. Use this screen to configure the ZyXEL device’ s time ba sed on your local time zone.
P-660HW-D Series User’s Guide 225 Chapter 17 Syst em The following table describes th e fields in this screen. Table 89 System T ime Setting LABEL DESCRIPTION Current T ime and Date Current T ime This field displays the ti me of your ZyXEL device. Each time you reload this page, the ZyXEL device synchronizes the time with the time server .
P-660HW-D Se ries User’s Guide Chapter 17 System 226 S tart Date Configure the day and time when Da ylight Saving Time starts if you selected Enable Daylight Saving . The o'clock field uses the 24 hour format. Here are a couple of examples: Daylight Saving Time st arts in most p arts of the United S tates on the first Sunday of April.
P-660HW-D Series User’s Guide 227 Chapter 17 Syst em.
P-660HW-D Se ries User’s Guide Chapter 18 Logs 228 C HAPTER 18 Logs This chapter contains inform ation about configuring genera l log settings and viewing the ZyXEL device’ s logs.
P-660HW-D Series User’s Guide 229 Chapter 18 Logs Figure 134 V iew Log The following table describes the fields in this screen. 18.3 Configuring Log Settings Use the Log Settings screen to configure.
P-660HW-D Se ries User’s Guide Chapter 18 Logs 230 Alerts are e-mailed as soon as they happen. Logs may be e-ma iled as soon as the log is full. Selecting many alert and/or log categories (especially Access Control ) may result in many e- mails being sent.
P-660HW-D Series User’s Guide 231 Chapter 18 Logs Send Log T o The ZyXEL device send s logs to the e-mail addr ess specified in this field. If this field is left blank, the ZyXEL device does not send logs via e-mail.
P-660HW-D Se ries User’s Guide Chapter 18 Logs 232 18.3.1 Example E-mail Log An "End of Log" message displays for each ma il in which a complete log has been sent. The following is an example of a log sent by e-mail. • Y ou may edit the subject title.
P-660HW-D Series User’s Guide 233 Chapter 18 Logs.
P-660HW-D Se ries User’s Guide Chapter 19 Tools 234 C HAPTER 19 To o l s This chapter describes how to upload new firm ware, manage configuration and restart your ZyXEL device. 19.1 Firmware Upgrade Find firmware at www .zyxel.com in a file that (usually) uses the system model name with a.
P-660HW-D Series User’s Guide 235 Chapter 19 Tools Note: Do NOT turn off th e ZyXEL device while firmware upload is in progress! After you see the Firmware Upload in Pr ogr ess screen, wait two minutes before logging into the ZyXEL device again.
P-660HW-D Se ries User’s Guide Chapter 19 Tools 236 Figure 140 Error Message 19.2 Configuration Screen Click Maintenance > T ools > Configuration . Information related to factory defaults, backup configuration, and rest oring configuration appears as shown next.
P-660HW-D Series User’s Guide 237 Chapter 19 Tools 19.2.2 Restore Configuration Restore configuration allows you to upload a new or previously saved configuration file from your computer to your ZyXEL device.
P-660HW-D Se ries User’s Guide Chapter 19 Tools 238 Figure 144 Configuration Restore Er ror 19.2.3 Back to Factory Default s Pressing the RESET button in this section clears all us er -entered configuration information and returns the ZyXEL device to its factory defaults.
P-660HW-D Series User’s Guide 239 Chapter 19 Tools.
P-660HW-D Se ries User’s Guide Chapter 20 Diagnostic 240 C HAPTER 20 Diagnostic These read-only screens display information to help you identify problems with the ZyXEL device. 20.1 General Diagnostic Click Maintenance > Diagnostic to open the screen shown next.
P-660HW-D Series User’s Guide 241 Chapter 20 Diagnostic 20.2 DSL Line Diagnostic Click Maintenance > Diagnostic > DSL Line to open the screen shown next . Figure 147 Diagnostic: DSL Line The following table describes th e fields in this screen.
P-660HW-D Se ries User’s Guide Chapter 21 Troubleshooting 242 C HAPTER 21 T roubleshooting This chapter covers potential proble ms and the corresponding remed ies.
P-660HW-D Series User’s Guide 243 Chapter 21 Troublesh ooting 21.3 Problems with the W AN Table 98 Troubleshootin g the WAN PROBLEM CORRECTIVE ACTION The DSL LED is off. Check the telephone wire and connection s between the ZyXEL device DSL port and the wall jack.
P-660HW-D Se ries User’s Guide Chapter 21 Troubleshooting 244 21.4 Problems Accessing the ZyXEL device Table 99 Troubleshoot ing Accessin g the ZyX EL device PROBLEM CORRECTIVE ACTION I cannot access the ZyXEL device. The default user password is “user” and admin password is “1234”.
P-660HW-D Series User’s Guide 245 Chapter 21 Troublesh ooting.
P-660HW-D Se ries User’s Guide Appendix A Product Specifications 246 A PPENDIX A Product S pecifications See also the Introduction ch apter for a general overv iew of the key featur es. S pecification T ables Table 100 Device Default IP Address 192.
P-660HW-D Series User’s Guide 247 Appendix A Product Specifications Table 101 Firmware ADSL S tandards Multi-Mode standard (ANSI T1.413,Issu e 2; G .dmt(G .992 .1); G . lite(G992.2)). ADSL2 G .dmt.bi s (G .992.3) ADSL2 G .lite.bis (G .992.4) ADSL2+ (G .
P-660HW-D Se ries User’s Guide Appendix A Product Specifications 248 Firewall S tateful Packet Inspection. Prevent Denial of Service attacks such as Ping of Death, SYN Flood, LAND, Smurf etc.
P-660HW-D Series User’s Guide 249 Appendix A Product Specifications.
P-660HW-D Se ries User’s Guide Appendix B About ADSL 250 A PPENDIX B About ADSL Introduction to DSL DSL (Digital Subscriber Line) te chnology enhances the data ca pacity of the existing twisted- pair wire that runs betwee n the local telephone co mpany switching of fi ces and most homes and offices.
P-660HW-D Series User’s Guide 251 Appendix B About ADSL 2 Because your line is dedicated (not shared ), transmission speed s between you and the device to which you con nect at your service provider are not af fected by oth er users. W ith cable modems, transmission sp eeds drop significa ntly as mo re users go on-line because the line is shared.
P-660HW-D Se ries User’s Guide Appendix C Wa ll-mounting In structions 252 A PPENDIX C W all-mounting Instructions Do the following to hang yo ur ZyXEL device on a wall. Note: See the product specifications appe ndix for the size of screws to use and how far apart to place them.
P-660HW-D Series User’s Guide 253 A ppendix C Wall-mounting Instr uctions.
P-660HW-D Se ries User’s Guide Appendix D Setting up Your Computer’s IP Address 254 A PPENDIX D Setting up Y our Computer ’ s IP Address All computers must have a 10M or 100M Et hernet adapter card and TCP/IP installed.
P-660HW-D Series User’s Guide 255 Appendix D Setting up Your Computer’s IP Address Figure 149 WIndows 95/98 /Me: Networ k: Configuratio n Inst alling Components The Network window Configuration tab displays a list of installed components. Y ou need a network adapter , the TCP/IP protocol and Client for Microso ft Networks.
P-660HW-D Se ries User’s Guide Appendix D Setting up Your Computer’s IP Address 256 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click OK . 5 Restart your computer so the changes you made take ef fect.
P-660HW-D Series User’s Guide 257 Appendix D Setting up Your Computer’s IP Address Figure 151 Windows 95/98/Me : TCP/IP Pr operties: DNS Configuration 4 Click the Gateway tab. • If you do not know your gateway’ s IP address, remove previously installed gateways.
P-660HW-D Se ries User’s Guide Appendix D Setting up Your Computer’s IP Address 258 Figure 152 Windows XP: S tart Menu 2 In the Control Panel , double-click Network Connections ( Network and Dial-up Connections in W indows 2000/NT). Figure 153 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Pr oper ties .
P-660HW-D Series User’s Guide 259 Appendix D Setting up Your Computer’s IP Address Figure 154 Windows XP: Control Panel: Network Connections: Pro perties 4 Select Internet Protocol (TCP/IP) (under the Genera l tab in W in XP) and then click Properties .
P-660HW-D Se ries User’s Guide Appendix D Setting up Your Computer’s IP Address 260 • If you have a static IP address click Use the following IP Address and fill in the IP addr ess , Subnet mask , and Default gateway fields. • Click Advanced .
P-660HW-D Series User’s Guide 261 Appendix D Setting up Your Computer’s IP Address Figure 157 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Pr operties window (the General tab in W indows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP addre ss(es).
P-660HW-D Se ries User’s Guide Appendix D Setting up Your Computer’s IP Address 262 Figure 158 Windows XP: Internet Protocol (TCP/IP) Propert ies 8 Click OK to close the Internet Protocol (TCP/IP) Pr operties window . 9 Click Close ( OK in W indows 2000/NT) to close the Local Area Connection Pr operties window .
P-660HW-D Series User’s Guide 263 Appendix D Setting up Your Computer’s IP Address Figure 159 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 160 Macintosh O S 8/9: TC P/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configur e: list.
P-660HW-D Se ries User’s Guide Appendix D Setting up Your Computer’s IP Address 264 4 For statically assigned settings, do the following: •F r o m t h e Configure box, select Manually . • T ype your IP address in the IP Address box. • T ype your subnet mask in the Subnet mask box.
P-660HW-D Series User’s Guide 265 Appendix D Setting up Your Computer’s IP Address Figure 162 Macintosh O S X: Netw ork 4 For statically assigned settings, do the following: •F r o m t h e Configure box, select Manually . • T ype your IP address in the IP Address box.
P-660HW-D Se ries User’s Guide Appendix D Setting up Your Computer’s IP Address 266 Note: Make sure you are logged in as the ro ot administrator . Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE.
P-660HW-D Series User’s Guide 267 Appendix D Setting up Your Computer’s IP Address • If you have a dynamic IP address click Automatically obtain IP address settings with and select dhcp from the drop down list.
P-660HW-D Se ries User’s Guide Appendix D Setting up Your Computer’s IP Address 268 1 Assuming that you have only one network card on the computer , locate the ifconfig- eth0 configuration file (where eth0 is the name of the Ethernet card). Open the configuration file with any plain text editor .
P-660HW-D Series User’s Guide 269 Appendix D Setting up Your Computer’s IP Address Figure 170 Red Hat 9.0: Restart Eth ernet Card 21.4.1 V erifying Settings Enter ifconfig in a terminal screen to ch eck your TCP/IP properties. Figure 171 Red Hat 9.
P-660HW-D Se ries User’s Guide Appendix E IP Subnetting 270 A PPENDIX E IP Subnetting IP Addressing Routers “route” based on the network number .
P-660HW-D Series User’s Guide 271 Appendix E IP Subnettin g Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a valu e of 0 to 127.
P-660HW-D Se ries User’s Guide Appendix E IP Subnetting 272 For example, 192.1.1 .0 /25 is equivalent to saying 1 92.1.1.0 with mask 25 5.255.255.12 8. The following table shows all possible subnet masks for a class “C” address using both notations.
P-660HW-D Series User’s Guide 273 Appendix E IP Subnettin g The remaining 7 bits determine the number of hosts each subnet can have. Host IDs of all zeros represent the subnet itself and host IDs of.
P-660HW-D Se ries User’s Guide Appendix E IP Subnetting 274 Example: Four Subnet s The above exampl e illustrated using a 25-bit subne t mask to divide a class “C” address space into two subnets.
P-660HW-D Series User’s Guide 275 Appendix E IP Subnettin g Example Eight Subnet s Similarly use a 27-bit mask to create 8 subnets (001, 010, 01 1, 100, 101, 1 10). The following table shows class C IP ad dress last octet values for each subnet. The following table is a summary for class “C” subnet planning.
P-660HW-D Se ries User’s Guide Appendix E IP Subnetting 276 Subnetting With Class A and Class B Networks. For class “A” and class “B” addresses the subnet ma sk also determines which bits are part of the network number and which are part of the h ost ID.
P-660HW-D Series User’s Guide 277 Appendix E IP Subnettin g.
P-660HW-D Se ries User’s Guide Appendix F Comma nd Interpr eter 278 A PPENDIX F Command Interpreter The following describes how to u se the command interpreter . Y o u can telnet to access the CLI (Command Line Interface) on the ZyXEL device. See the included disk or zyxel.
P-660HW-D Series User’s Guide 279 Appendix F Command Interpr eter.
P-660HW-D Se ries User’s Guide Appendix G Firewall Com mands 280 A PPENDIX G Firewall Commands The following describes the firewall commands. Table 116 Firewall Commands FUNCTION COMMAND DESCRIPTION Firewall Se tUp config edit firewall active <yes | no> This command turns the firewall on or off.
P-660HW-D Series User’s Guide 281 App endix G Fire wall Commands E-mail config edit firewall e-mail mail-server <ip address of mail server> This command sets the IP address to which the e-mail messages are sent.
P-660HW-D Se ries User’s Guide Appendix G Firewall Com mands 282 config edit firewall attack minute-high <0-255> This command sets the threshold rate of new half-open sessions per minute where the ZyXEL device starts deleting old half-opened sessions until it gets t hem down to the minute- low threshold.
P-660HW-D Series User’s Guide 283 App endix G Fire wall Commands Config edit firewall set <set #> tcp-idle-timeout <seconds> This command sets how long ZyXEL device lets an inactive TCP connection re main open before considering it closed.
P-660HW-D Se ries User’s Guide Appendix G Firewall Com mands 284 config edit firewall set <set #> rule <rule #> destaddr- single <ip address> This command sets the rule to have the ZyXEL device check fo r traffic with this individual destination ad dress.
P-660HW-D Series User’s Guide 285 App endix G Fire wall Commands config delete firewall set <set #> rule<rule #> This command removes the specified rul e in a firewall configuration set.
P-660HW-D Se ries User’s Guide Appendix H NetBIOS Filter Commands 286 A PPENDIX H NetBIOS Filter Commands The following describes the Ne tBIOS packet filter commands. Introduction NetBIOS (Network Basic Input/Output System ) are TCP or UDP broadcast packets that enable a computer to connect to and communicate with a LAN.
P-660HW-D Series User’s Guide 287 Appendix H NetBIOS Filter Commands The filter types and their defa ult settings are as follows. NetBIOS Filter Configuration Syntax:sys filter netbios config <ty.
P-660HW-D Se ries User’s Guide Appendix I PPP oE 288 A PPENDIX I PPPoE PPPoE in Action An ADSL modem bridges a PPP session over Ethernet (PPP ov er Ethernet, RFC 2516) from your computer to an A TM PVC (Permanent V irt ual Circ uit) which connects to a DSL Access Concentrator where the PPP session terminates (see F igure 172 on p age 289 ).
P-660HW-D Series User’s Guide 289 Appendix I PPPoE Figure 172 Single-Compute r per Router Hard ware Configuration How PPPoE W orks The PPPoE driver makes the Ethernet appea r as a serial link to the computer and the computer runs PPP over it, while the modem bridges the Ethernet frames to the Access Concentrator (AC).
P-660HW-D Se ries User’s Guide Appendix J Splitters and Microfilters 290 A PPENDIX J S plitters and Microfilters This appendix tells you how to install a POTS splitter or a telephone microfilter . Connecting a POTS S plitter When you use the Full Rate (G .
P-660HW-D Series User’s Guide 291 Appen dix J Splitters and Microfilt ers 2 Connect a cable from the wall jack to the “wall side” of the microfilter . 3 Connect the “phone side” of the microfilter to your telephone as sh own in the following figure.
P-660HW-D Se ries User’s Guide Appendix J Splitters and Microfilters 292 ZyXEL device With ISDN This section relates to people who use thei r ZyXEL device with ADSL over ISDN (digital telephone service) only . The following is an ex ample installation for the ZyXEL device with ISDN.
P-660HW-D Series User’s Guide 293 Appen dix J Splitters and Microfilt ers.
P-660HW-D Se ries User’s Guide Appendix K L og Descriptions 294 A PPENDIX K Log Descriptions This appendix provides descrip tions of example log messages. Table 118 System Maintenance Logs LOG MESSAGE DESCRIPTION Time calibration is successful The router has adjusted its time based on informati on from the time server .
P-660HW-D Series User’s Guide 295 Appendix K Log Descriptions Successful HTTPS login Someone has logged on to the router's web configurator interface using HTTPS protocol. HTTPS login failed Someo ne has failed to log on to the router's web configurator interface using HTTPS protocol.
P-660HW-D Se ries User’s Guide Appendix K L og Descriptions 296 Table 121 TCP Reset Lo gs LOG MESSAGE DESCRIPTION Under SYN flood attack, sent TCP RST The router sent a TCP reset packet when a host was u nder a SYN flood attack (the TCP incomplete count is per desti nation host.
P-660HW-D Series User’s Guide 297 Appendix K Log Descriptions Table 123 ICMP Logs LOG MESSAGE DESCRIPTION Firewall default policy: ICMP <Packet Direction>, <type:%d>, <code:%d> ICMP access matched the default policy and was blocked or forwarded according to the user's setting.
P-660HW-D Se ries User’s Guide Appendix K L og Descriptions 298 ppp:LCP Closing Th e PPP connection’s Link Control Protocol stage is closing. ppp:IPCP Closing Th e PPP connection’s Internet Protocol Control Protocol stage is closing.
P-660HW-D Series User’s Guide 299 Appendix K Log Descriptions Connecting to content filter server fail The connection to the external content fi ltering server failed.
P-660HW-D Se ries User’s Guide Appendix K L og Descriptions 300 Table 129 IPSec Logs LOG MESSAGE DESCRIPTION Discard REPLAY packet The router re ceived and discarded a packet with an incorrect sequence number . Inbound packet authentication failed The router received a packet that has been altered.
P-660HW-D Series User’s Guide 301 Appendix K Log Descriptions Cannot resolve Secure Gateway Addr for rule <%d> The router couldn’t resolve t he IP address from the domain name that was used for the secure gateway address.
P-660HW-D Se ries User’s Guide Appendix K L og Descriptions 302 XAUTH fail! Username: <Username> The router was not able to use extended authentication to authenticate the listed username. Rule[%d] Phase 1 negotiation mode mismatch The listed rule’s IKE phase 1 negotiation mode did not ma tch between the router and the peer .
P-660HW-D Series User’s Guide 303 Appendix K Log Descriptions Rule [%d] phase 2 mismatch The l isted rule’s IKE phase 2 di d not ma tch betwe en the router and the peer . Rule [%d] Phase 2 key length mismatch The listed rule’s IKE phase 2 key lengths (with the AES encryption algorithm) di d not match between the router and the peer .
P-660HW-D Se ries User’s Guide Appendix K L og Descriptions 304 Rcvd data <size> too large! Max size allowed: <max size> The router received dire ctory data that was too large (the size is listed) from the LDAP server whose address and port are recorded in the Source field.
P-660HW-D Series User’s Guide 305 Appendix K Log Descriptions 26 Database method failed. 27 Path was not verified. 28 Maximum path length reached. Table 133 802.1X Logs LOG MESSAGE DESCRIPTION Local User Database accepts user. A user was authenticated by the local user database.
P-660HW-D Se ries User’s Guide Appendix K L og Descriptions 306 Table 134 ACL Setting Notes P ACKET DIRECTION DIRECTION DESCRIPTION (L to W) LAN to W AN ACL set for packet s traveling from the LAN to the W AN. (W to L) WAN to LAN ACL set for p ackets traveling from the W AN to the LAN.
P-660HW-D Series User’s Guide 307 Appendix K Log Descriptions The following table shows RFC-2408 ISAKMP payload types that the log displays. Please refer to the RFC for detailed information on each type.
P-660HW-D Se ries User’s Guide Appendix K L og Descriptions 308 Log Commands Go to the command in terpreter interface. Configuring What Y ou W ant the ZyXEL device to Log 1 Use the sys logs load command to load the log setting buffer that allows you to configure which logs the ZyXEL device is to reco rd.
P-660HW-D Series User’s Guide 309 Appendix K Log Descriptions • Use the sys logs display [log category] comm and to show the logs in an individ ual ZyXEL device log category . • Use the sys logs clear command to erase all of the ZyXEL device’ s logs.
P-660HW-D Se ries User’s Guide Appendix L W ireless LANs 310 A PPENDIX L Wireless LANs Wireless LAN T opologies This section discusses ad-hoc and in frastructure w ireless LAN topologies.
P-660HW-D Series User’s Guide 311 Appendix L Wireless LANs Figure 181 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of overlappi ng BSSs, each containing an access point, with each access point connected together by a wired network.
P-660HW-D Se ries User’s Guide Appendix L W ireless LANs 312 Figure 182 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by IEEE 802.
P-660HW-D Series User’s Guide 313 Appendix L Wireless LANs Figure 183 RTS/ CT S When station A sends data to the AP , it might not know that the station B is already using the channel.
P-660HW-D Se ries User’s Guide Appendix L W ireless LANs 314 A large Fragmentation Thr eshold is recommended for networks not prone to interference while you should set a smaller thresh old for busy networks or ne tworks that are prone to interference.
P-660HW-D Series User’s Guide 315 Appendix L Wireless LANs Wireless Security Overview W ireless security is vital to your netw ork to protect wireless co mmunication be tween wireless clients, access points and the wired network.
P-660HW-D Se ries User’s Guide Appendix L W ireless LANs 316 RADIUS RADIUS is based on a client-server model that supports authentication, authorization and accounting. The access point is the client and the server is th e RADIUS server . The RADIUS server handles the following tasks: • Authentication Determines the identity of the users.
P-660HW-D Series User’s Guide 317 Appendix L Wireless LANs In order to ensure network security , the access point and the RADIUS server use a shared secret key, which is a password, they both know .
P-660HW-D Se ries User’s Guide Appendix L W ireless LANs 318 PEAP (Protected EAP) Like EAP-TTLS, server-side certific ate authentication is used to establish a secure connection, then use simple username and p assword methods through the secured connection to authenticate the clients, thus hiding client identity .
P-660HW-D Series User’s Guide 319 Appendix L Wireless LANs WP A and WP A2 W i-Fi Protected Ac cess (WP A) is a subset of the IEEE 802.1 1i standard. WP A2 (IEEE 802.1 1 i) is a wireless security standard that defines stronger encryp tion, authentication and key manage ment than WP A.
P-660HW-D Se ries User’s Guide Appendix L W ireless LANs 320 By generating unique data encryption keys for ev ery data packet and by creating an integrity checking mechanism (MIC), with TKIP and AES it is more difficult to decrypt data on a W i-Fi network than WEP and dif ficult for an intruder to break into the network.
P-660HW-D Series User’s Guide 321 Appendix L Wireless LANs 3 The RADIUS server distributes a Pairwise Mast er Key (PMK) key to th e AP that then sets up a key hierarch y and management system, u sin.
P-660HW-D Se ries User’s Guide Appendix L W ireless LANs 322 Figure 185 WP A(2)-PSK Authentication Security Parameters Summary Refer to this table to see what other secur ity parameters you shou ld configure for each Authentication Method/ key management prot ocol type.
P-660HW-D Series User’s Guide 323 Appendix L Wireless LANs.
P-660HW-D Se ries User’s Guide Appendix M Pop-up Windows, JavaScr ipts and Java Permissions 324 A PPENDIX M Pop-up Windows, JavaScript s and Java Permissions In order to use the web configurator you need to allow: • W eb browser pop-up windows from your device.
P-660HW-D Series User’s Guide 325 Appendix M Pop-up Windows, JavaScr ipts and Java Permissions Figure 187 Intern et Options 3 Click Apply to save this setting. Enable pop-up Blockers with Except ions Alternatively , if you only want to allow pop-up windows from your device, see the follo wing steps.
P-660HW-D Se ries User’s Guide Appendix M Pop-up Windows, JavaScr ipts and Java Permissions 326 Figure 188 Internet Options 3 T ype the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.
P-660HW-D Series User’s Guide 327 Appendix M Pop-up Windows, JavaScr ipts and Java Permissions Figure 189 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScript s If pages of the web configura tor do not display properly in Internet Explorer , check that JavaScripts are allowed.
P-660HW-D Se ries User’s Guide Appendix M Pop-up Windows, JavaScr ipts and Java Permissions 328 Figure 190 Internet Options 2 Click the Custom Level... button. 3 Scroll down to Scripting . 4 Under Active scripting make sure that Enable is selected (the default).
P-660HW-D Series User’s Guide 329 Appendix M Pop-up Windows, JavaScr ipts and Java Permissions Figure 191 Security Settings - Java Scripting Java Permissions 1 From Internet Explorer , click To o l s , I nternet Options and then the Security tab. 2 Click the Custom Level.
P-660HW-D Se ries User’s Guide Appendix M Pop-up Windows, JavaScr ipts and Java Permissions 330 Figure 192 Security Settings - Java JA V A (Sun) 1 From Internet Explorer , click To o l s , I nternet Options and then the Advance d tab. 2 make sure that Use Java 2 for <applet> u nder Java (Sun) is selected.
P-660HW-D Series User’s Guide 331 Appendix M Pop-up Windows, JavaScr ipts and Java Permissions Figure 193 Java (Sun).
P-660HW-D Se ries User’s Guide Index 332 Index Numerics 11 0 V A C 5 230V AC 5 A Abnormal Working Conditions 6 AC 5 access point 106 access point. See also AP .
P-660HW-D Series User’s Guide 333 Index Copyright 2 Correcting Interference 3 Corrosive Liquids 5 Covers 5 CTS (Clear to Send) 313 Custom Ports Creating/Editing 164 Customer Support 7 Customized Ser.
P-660HW-D Se ries User’s Guide Index 334 Guidelines For Enhancing Security 151 Introduction 143 LAN to W AN Rules 157 Policies 154 Rule Checklist 155 Rule Logic 155 Rule Security Ra mificati ons 155.
P-660HW-D Series User’s Guide 335 Index LAND 145 , 146 Legal Rights 6 Liability 2 License 2 Lightning 5 Liquids, Corrosive 5 local (user) database 108 and encryption 10 9 Logs 228 M MAC address 107 .
P-660HW-D Se ries User’s Guide Index 336 Benefits 74 PPPoE (Point-to-Point Prot ocol over Ethernet) 34 PPTP 135 Preamble Mode 314 Priorities 124 , 188 Priority 191 Priority-based Scheduler 186 Produ.
P-660HW-D Series User’s Guide 337 Index Service Set IDentity . See SSID. Service T ype 164 , 243 Services 135 Shipping 6 Shock, Electric 5 SMTP 135 Smurf 146 , 147 SNMP 135 , 204 Manager 205 MIBs 20.
P-660HW-D Se ries User’s Guide Index 338 Virtual Channel Identifier (VCI) 76 virtual circuit (VC) 75 Virtual Path Identifier (VPI) 76 V oltage Supply 5 V oltage, High 5 VPI & VCI 76 W W all Moun.
Un point important après l'achat de l'appareil (ou même avant l'achat) est de lire le manuel d'utilisation. Nous devons le faire pour quelques raisons simples:
Si vous n'avez pas encore acheté ZyXEL Communications P-660HW-D Series c'est un bon moment pour vous familiariser avec les données de base sur le produit. Consulter d'abord les pages initiales du manuel d'utilisation, que vous trouverez ci-dessus. Vous devriez y trouver les données techniques les plus importants du ZyXEL Communications P-660HW-D Series - de cette manière, vous pouvez vérifier si l'équipement répond à vos besoins. Explorant les pages suivantes du manuel d'utilisation ZyXEL Communications P-660HW-D Series, vous apprendrez toutes les caractéristiques du produit et des informations sur son fonctionnement. Les informations sur le ZyXEL Communications P-660HW-D Series va certainement vous aider à prendre une décision concernant l'achat.
Dans une situation où vous avez déjà le ZyXEL Communications P-660HW-D Series, mais vous avez pas encore lu le manuel d'utilisation, vous devez le faire pour les raisons décrites ci-dessus,. Vous saurez alors si vous avez correctement utilisé les fonctions disponibles, et si vous avez commis des erreurs qui peuvent réduire la durée de vie du ZyXEL Communications P-660HW-D Series.
Cependant, l'un des rôles les plus importants pour l'utilisateur joués par les manuels d'utilisateur est d'aider à résoudre les problèmes concernant le ZyXEL Communications P-660HW-D Series. Presque toujours, vous y trouverez Troubleshooting, soit les pannes et les défaillances les plus fréquentes de l'apparei ZyXEL Communications P-660HW-D Series ainsi que les instructions sur la façon de les résoudre. Même si vous ne parvenez pas à résoudre le problème, le manuel d‘utilisation va vous montrer le chemin d'une nouvelle procédure – le contact avec le centre de service à la clientèle ou le service le plus proche.