ZyXEL Communications VMG1312-B manuals
Computer Equipment > Network Router
When we buy new device such as ZyXEL Communications VMG1312-B we often through away most of the documentation but the warranty.
Very often issues with ZyXEL Communications VMG1312-B begin only after the warranty period ends and you may want to find how to repair it or just do some service work.
Even oftener it is hard to remember what does each function in Network Router ZyXEL Communications VMG1312-B is responsible for and what options to choose for expected result.
Fortunately you can find all manuals for Network Router on our side using links below.
ZyXEL Communications VMG1312-B Manual
374 pages 5.98 Mb
1 IMPORTANTLAN IP http://192.168.1.1 Address User Name admin Password READ CAREFULLY BEFORE USE Version Edition 1, 7/2012Copyright © ZyXEL Communications Corporation 2 KEEP THIS GUIDE FOR FUTURE REFERENCERelated Documentation 3 Contents Overview5 Table of Contents17 Introducing the Device1.1 Overview 1.2Ways to Manage the Device 1.3Good Habits for Managing the Device1.4 Applications for the Device 18 1.4.1 Internet AccessFigure 1 Device’s Internet Access Application Bridging ADSL / VDSL PPPoA IPoA ADSLChapter 1 Introducing the Device The USB port of the Device is used for file-sharing 19 File SharingFigure 2 USB File Sharing Application Media ServerFigure 3 USB Media Server Application 20 1.5 LEDs (Lights)21 1.6 The RESET Button1.7Wireless Access22 Figure 5 Wireless Access ExampleWLAN/WPS To activate WPS: 1Make sure the POWER LED is on and not blinking 2Press the WLAN/WPS button for five seconds and release it WLAN/WPS 4Once the connection is successfully made, the WLAN/WPS LED shines green 23 The Web Configurator31 Quick Start3.1 Overview 3.2Quick Start Setup 33 Tutorials77 Network Map and Status Screens5.1 Overview 5.2 The Network Map Screen 78 5.3 The Status Screen79 Chapter 5 Network Map and Status ScreensTable 5 Status Screen (continued) Model This shows the model number of your Device Number This is the current version of the firmware inside the Device Version WAN Information (These fields display when you have a WAN connection.) WAN Type This field displays the current WAN connection type your IP address to 0.0.0.0. If you want to renew your IP address, click Renew Renew IP Subnet Mask This field displays the current subnet mask in the WAN This field displays the current encapsulation method This is the current IP address of the Device in the LAN IP Subnet This is the current subnet mask in the LAN Mask Server computers in the LAN Relay - The Device acts as a surrogate DHCP server and relays DHCP requests and Relay responses between the remote server and the clients None - The Device is not providing any DHCP services to the LAN None Address WLAN Information This displays whether WLAN is activated This is the descriptive name used to identify the Device in a wireless LAN This is the channel number used by the Device now Security This displays the type of 802.11 mode the Device is using in the wireless LAN This displays whether WPS is activated This displays the firewall’s current security level System Status System Up reset it Current Date/Time Maintenance> Time Setting System Resource 80 CPU UsageMemory Usage 279, or turn off the device (unplug the power) for a few seconds 81 Broadband6.1 OverviewSection 6.4 on page Section 6.5 on page Table 6 WAN Setup Overview LAYER-2INTERFACE INTERNET CONNECTION CONNECTION DSL LINK MODE ENCAPSULATION CONNECTION SETTINGS TYPE The following terms and concepts may help as you read this chapter 82 Encapsulation MethodWAN IP Address ATM 83 PTMIPv6 Introduction IPv6 Addressing•Leading zeros in a block can be omitted. So can be written as IPv6 Prefix and Prefix Length 84 6.2 The Broadband ScreenTable 7 Network Setting > Broadband (continued) Add new WAN Interface 85 6.2.1.1 Routing ModeFigure 20 Routing Mode 86 Table 8 Routing ModeActive Select this to activate the WAN configuration settings Specify a descriptive name for this connection Select whether it is an ADSL/VDSL over PTM or ADSL over ATM connection share an Internet account option is available only when you select Routing in the Mode field Routing Mode ATM, the choices are PPPoE, PPPoA, IPoE and IPoA ATM PPPoE PPPoA IPoE IPoA Select IPv4 Only if you want the Device to run IPv4 only IPv4 Only Select IPv6 Only if you want the Device to run IPv6 only IPv6 Only Type ADSL over ATM VPI The valid range for the VPI is 0 to 255. Enter the VPI assigned to you VCI traffic). Enter the VCI assigned to you DSL Link Type EoA encapsulation methods PPPoA (PPP over ATM) allows just one PPPoA connection over a PVC IPoA (IP over ATM) allows just one RFC 1483 routing connection over a PVC are: • LLC/SNAP-BRIDGING: In LCC encapsulation, bridged PDUs are encapsulated by LLC/SNAP-BRIDGING: you select IPoE or PPPoE in the Select DSL Link Type field VC/MUX: Data Unit (PDU) payload is available only when you select PPPoA in the Encapsulation field Encapsulation followed by an IEEE 802.1a SubNetwork Attachment Point (SNAP) header. This is available only when you select IPoA in the Encapsulation field 87 Chapter 6 BroadbandTable 8 Routing Mode (continued) Category such as e-mail traffic require closely controlled delay and delay variation that require closely controlled delay and delay variation Peak Cell Rate field is not available when you select UBR Without PCR Sustainable Cell Rate cells/sec This field is available only when you select Non Realtime VBR or Realtime VBR Maximum Burst Size peak rate. Type the MBS, which is less than PPP This is available only when you select PPPoE or PPPoA in the Mode field Information as given Enter the password associated with the user name above PPP Auto Select this option if you do not want the connection to time out IDLE Timeout disconnects from the PPPoE server This field is not configurable if you select PPP Auto Connect PPP Auto Connect PPPoE Service Enter the name of your PPPoE service here This field is available when you select PPPoE encapsulation Passthrough software on their computers to connect to the ISP IPv4 Mode field Obtain an IP Automatically have a dynamic IP address Static IP Select this option If the ISP assigned a fixed IP address Enter the static IP address provided by your ISP Enter the subnet mask provided by your ISP 88 Gateway IPEnter the gateway IP address provided by your ISP Routing Feature NAT Enable Select this option to activate NAT on this connection membership in a Multicast group - it is not used to carry user data multicast group. It can reduce multicast traffic significantly Apply as DNS Server Enter the first DNS server address assigned by the ISP Enter the second DNS server address assigned by the ISP IPv6 Address router’s Router Advertisement (RA) to generate an IPv6 address automatically Select Static if you have a fixed IPv6 address assigned by your ISP Static WAN IPv6 Enter the IPv6 address assigned by your ISP Prefix Length compose the network address Next Hop destinations IPv6 Routing You can enable IPv6 routing features in the following section Feature IPv6 DNS Configure the IPv6 DNS server in the following section Server Dynamic manually Enter the first IPv6 DNS server address assigned by the ISP Enter the second IPv6 DNS server address assigned by the ISP VLAN These fields appear when the Type is set to ADSL/VDSL over PTM ADSL/VDSL over PTM connection that contains bits to define class of service The greater the number, the higher the priority level Type the VLAN ID number (from 1 to 4094) for traffic through this connection Rate Limit traffic on this connection MTU MTU Size Enter the MTU (Maximum Transfer Unit) size for this traffic Click Apply to save your changes back to the Device Click Cancel to exit this screen without saving Cancel 89 6.2.1.2 Bridge Modescreen or the icon next to the connection you want to configure. Select 90 ADSL/VDSL over PTMThe following table describes the fields in this screen Table 9 Bridge Mode (ADSL/VDSL over PTM) Enter a service name of the connection the VDSL technology for data transmission over the DSL port NAT on traffic from the selected LAN port(s) Type the VLAN ID number (from 0 to 4094) for traffic through this connection Click Apply to save your changes 91 Table 10 Bridge Mode (ADSL over ATM)uses the ADSL technology for data transmission over the DSL port 92 6.3 The 3G Backup Screen93 Figure 23 Network Setting > Broadband > 3G BackupTable 11 Network Setting > Broadband > 3G Backup wired WAN connection fails Ping Check triggering 3G backup Check Cycle Enter the frequency of the ping check in this field Consecutive Enter how many consecutive failures are required before 3G backup is triggered Fail Ping Default Ping the Host 3G Connection Settings Card description the Device. Otherwise, it displays N/A 94 Table 11 Network Setting > Broadband > 3G Backup (continued)Username provider Password above PIN you cannot use the 3G card your ISP and you cannot use the account to access the Internet If your ISP disabled PIN code authentication, leave this field blank Dial string base station. Your ISP should provide the phone number APN Messaging Service)) and charge method You can enter up to 32 ASCII printable characters. Spaces are allowed Connection Select Nailed UP if you do not want the connection to time out Nailed UP time-outin the Max Idle Timeout field Max Idle Timeout Max Idle Timeout disconnects from the ISP Select this option If your ISP did not assign you a fixed IP address Use the following static IP address Use the following static IP address Obtain DNS info dynamically DNS IP address Primary DNS server Secondary DNS Click this to show the advanced 3G backup settings Budget Setup Enable Budget when a limit is exceeded during the month Time Budget the Device resets the statistics 95 Data Budget(Mbytes) transmitted via the 3G connection within one month Select Download/Upload to set a limit on the total traffic in both directions Download/Upload Download Upload statistics (kPackets) Reset all budget counters on number of the date you want the Device to reset the budget Reset time and data budget counters budget counters will still reset on the second Actions before Specify the actions the Device takes before the time or data limit exceeds over budget Enable % of time budget (Mbytes)/data Actions when Specify the actions the Device takes when the time or data limit is exceeded Current 3G Select Keep to maintain an existing 3G connection or Drop to disconnect it Keep Drop connection Enable Email notification when there over budget occurs Mail Server Select a mail server for the e-mailaddress specified below Over Budget Email Title sends Send Notification to notifications cannot be sent via e-mail Interval Enter the interval of how many minutes you want the Device to e-mailyou Enable Log Click this to hide the advanced settings of 3G backup 96 6.4 The Advanced Screen97 6.5 The 8021x Screen98 6.6 Technical Reference105 Wireless7.1 Overview 106 7.2 The General Screen107 Click Network Setting > Wireless to open the General screenFigure 29 Network Setting > Wireless > General LABEL DESCRIPTION Wireless Network Setup You can Enable or Disable the wireless LAN in this field Disable Band by IEEE 802.11b/g/n wireless clients Set the channel depending on your particular region this field more.../less Click more... to show more information. Click less to hide them more less Bandwidth Select whether the Device uses a wireless channel width of 20MHz or 40MHz 20MHz 40MHz channel uses two standard channels and offers speeds of up to 300 Mbps MHz setting in a location where the environment hinders the wireless signal neighborhood or the wireless clients do not support channel bonding 108 Table 15 Network Setting > Wireless > General (continued)Sideband Lower or Upper range of channel bands Lower Upper Passphrase setting in this field determines how the Device generates the password Select Fixed to use a 16 character passphrase for generating a password Fixed Variable must contain both letters and numbers and is case-sensitive spaces). It must contain both letters and numbers and is case-sensitive Wireless Network Settings Network Name (SSID) Hide SSID obtain the SSID through scanning using a site survey tool Client Isolation through the Device MBSSID/LAN Isolation SSIDs or wired LAN devices through the Device clients to only connect to the Internet through the Device Enhanced Multicast unicast traffic BSSID Security Level options appears in this screen encryption or authentication See the following sections for more details about this field Click Cancel to restore your previously saved settings No Security 110 Network SettingBasic Figure 31 Wireless > General: Basic (WEP) Table 17 Wireless > General: Basic (WEP) Select Basic to enable WEP data encryption Basic Generate password will not be configurable when you select this option automatically Password 1~4 stations must use the same password (WEP key) for data transmission ("0-9", "A-F") time. The default password is Passowrd Passowrd Click more... to show more fields in this section. Click less to hide them WEP Encryption Select 64-bits or 128-bits This dictates the length of the security key that the network is going to use 111 to display theas the security level. Then select from the list Figure 32 Wireless > General: More Secure: WPA(2)-PSK Table 18 Wireless > General: More Secure: WPA(2)-PSK Select More Secure to enable WPA(2)-PSKdata encryption More Secure Select WPA-PSK or WPA2-PSK from the drop-downlist box WPA-PSK WPA2-PSK The encryption mechanisms used for WPA(2) and WPA(2)-PSKare the same. The only user-specificcredentials shared key from 8 to 64 case-sensitivekeyboard characters This field appears when you choose WPA-PSK2 as the Security Mode WPA-PSK2 Compatible Device. The Device supports WPA-PSKand WPA2-PSKsimultaneously 112 Table 18 Wireless > General: More Secure: WPA(2)-PSK(continued)Encryption Select the encryption type (AES or TKIP+AES) for data encryption AES TKIP+AES Select AES if your wireless clients can all use AES Select TKIP+AES to allow the wireless clients to use either TKIP or AES Group Key Update Timer key out to all clients Figure 33 Wireless > General: More Secure: WPA(2) Table 19 Wireless > General: More Secure: WPA(2) Choose WPA or WPA2 from the drop-downlist box WPA WPA2 Authentication Server 113 7.3 The More AP Screen114 Table 20 Network Setting > Wireless > More APactive. A gray bulb signifies that this SSID is not active client utility This field indicates the security mode of the SSID profile Click the Edit icon to configure the SSID profile Figure 35 More AP: Edit Table 21 More AP: Edit 115 7.4 MAC Authentication116 7.5 The WPS Screen117 SSID1Section 7.2 on page WPA2-PSK No Security Figure 37 Network Setting > Wireless > WPS Table 23 Network Setting > Wireless > WPS Select Enable to activate WPS on the Device Method this button Register Register to authenticate and add the wireless device to your wireless network Register settings to the Device client 118 7.6 The WMM Screen119 7.7 The WDS Screen120 Table 25 Network Setting > Wireless > WDS (continued)Remote Bridge This shows the MAC address of the peer device You can connect to up to 4 peer devices format (six hexadecimal character pairs, for example 12:34:56:78:9a:bc) Click the Delete icon to remove this entry Scan Click the Scan icon to search and display the available APs within range Scan Scan Wireless > WDS Figure 40 WDS: Scan WDS: Scan Wireless Bridge Scan Setup Refresh Click Refresh to update the table Refresh This shows the SSID of the available wireless device within range This shows the MAC address of the available wireless device within range 121 7.8 The Others Screen122 Table 27 Network Setting > Wireless > Others (continued)802.11 Mode the Device reduced Select 802.11b/g/n Mixed to allow IEEE 802.11b, IEEE 802.11g or IEEE802.11n 802.11b/g/n Mixed might be reduced Protection both IEEE 802.11b and IEEE 802.11g traffic) helps improve IEEE 802.11g performance Off reduced in a mixed-modenetwork 802.11b Only Preamble Long Short Section 7.10.7 on page 129 for more information This field is configurable only when you set 802.11 Mode to 802.11b 123 7.9 The Channel Status Screen7.10 Technical ReferenceThe following figure provides an example of a wireless network Figure 43 Example of a Wireless Network Every wireless network must follow these basic guidelines •Every device in the same wireless network must use the same SSID •If two wireless networks overlap, they should use a different channel 124 Radio Channels125 Table 28 Additional Wireless TermsTERM RTS/CTS Threshold at the same time and result in information colliding and not getting through By setting this value lower than the default value, the wireless devices must more often the devices must get permission A preamble affects the timing in your wireless network. There are two preamble does, it cannot communicate with the Device network threshold provides faster performance if the network is not very busy 126 7.10.3.1 SSID7.10.3.2 MAC Address Filter 7.10.3.3 User Authentication 127 7.10.3.4 EncryptionSection 7.10.3.3 on page Table 29 Types of Encryption for Each Type of Authentication NO AUTHENTICATION RADIUS SERVER Weakest Strongest WPA WPA-PSK WPA WPA compatible 128 7.10.6.1Notes on Multiple BSSs130 7.10.9.1 Push Button ConfigurationTake the following steps to set up WPS using the button 7.10.9.2 PIN Configuration131 1Ensure WPS is enabled on both devices4Enter the client’s PIN in the AP’s configuration interface 6Start WPS on both devices within two minutes Use the configuration utility to activate WPS, not the Figure 46 Example WPS Process: PIN Method ENROLLEE REGISTRAR WITHIN 2 MINUTES SECURE EAP TUNNEL SSID WPA(2)-PSK COMMUNICATION 132 7.10.9.3 How WPS WorksFigure 47 How WPS works ACTIVATE WPS HANDSHAKE SECURE TUNNEL SECURITY INFO 133 7.10.9.4 Example WPS Network Setup135 SECURITY INFO7.10.9.5 Limitations of WPSWPS has some limitations of which you should be aware WPS works only with other 137 Home Networking8.1 OverviewDSL 138 8.1.2.1 About LANIP Address Subnet Mask DHCP RADVD (Router Advertisement Daemon) 8.1.2.2 About UPnP Identifying UPnP Devices NAT Traversal 139 8.2 The LAN Setup Screen140 3Click Apply to save your settingsFigure 51 Network Setting > Home Networking > LAN Setup Table 30 Network Setting > Home Networking > LAN Setup Interface Group Group Name 13 on page 203 for how to create a new interface group LAN IP Setup example, 192.168.1.1 (factory default) Subnet Mask Type the subnet mask of your network in dotted decimal notation, for example do so IGMP Snooping Enable IGMP Snooping multicast group IGMP Mode WAN DHCP Server State Select Enable to have the Device act as a DHCP server or DHCP relay agent Select Disable to stop the DHCP server on the Device Select DHCP Relay to have the Device forward DHCP request to the DHCP server DHCP Relay 141 Chapter 8 Home NetworkingTable 30 Network Setting > Home Networking > LAN Setup (continued) DHCP Relay This field is only available when you select DHCP Relay in the DHCP field DHCP Server Address Enter the IP address of the actual remote DHCP server in this field IP Addressing This field is only available when you select Enable in the DHCP field Values Beginning IP Ending IP DHCP Server Lease Time to other systems Days/Hours Enter the lease time of the DHCP server Minutes DNS Values Select Dynamic if you have the Dynamic DNS service Select Static if you have the Static DNS service to the DHCP clients LAN IPv6 Mode Setup IPv6 State LAN IPv6 Address Setup Delegate prefix from WAN or an uplink router Static ULA IPv6 Address Setup LAN IPv6 address Prefix Length generate the LAN IPv6 address mask MLD Snooping learn the multicast group membership. It helps reduce multicast traffic 142 8.3 The Static DHCP Screen143 Network Setting > Home Networking > Static DHCPFigure 52 Network Setting > Home Networking > Static DHCP Table 31 Network Setting > Home Networking > Static DHCP Add new static Click this to add a new static DHCP entry lease This field displays whether the client is connected to the Device unique to your computer (six pairs of hexadecimal notation) adapter has a similar address This field displays the IP address relative to the # field listed above Click the Edit icon to have the IP address field editable and change it confirm that you want to delete the selected entry Add new static lease Figure 53 Static DHCP: Add/Edit Table 32 Static DHCP: Add/Edit Select this to activate the connection between the client and the Device See Chapter 13 on page 203 for how to create a new interface group 144 8.4 The UPnP Screen145 8.5 Installing UPnP in Windows ExampleCommunications Universal Plug and Play Add/Remove Programs Properties 146 Installing UPnP in Windows XP1Click Start and Control Panel 2Double-click Network Connections Network Connections Optional Networking Components … 147 8.6Using UPnP in Windows XP Example153 8.7 The Additional Subnet Screen154 8.8 The STB Vendor ID Screen155 8.9 The LAN VLAN Screen8.10 Technical Reference 159 Routing9.1 Overview 160 9.2 The Routing Screen161 9.3 The Policy Forwarding Screen162 Network Setting > Routing > Policy ForwardingFigure 62 Network Setting > Routing > Policy Forwarding Table 39 Network Setting > Routing >Policy Forwarding Add new Policy Click this to create a new policy forwarding rule Forward Rule Policy Name This is the name of the rule Source IP This is the source IP address Source Subnet his is the source subnet mask address Protocol This is the transport layer protocol Source Port This is the source port number This is the WAN interface through which the traffic is routed Click the Edit icon to edit this policy confirm that you want to delete the policy 163 screen or click theFigure 63 Policy Forwarding: Add/Edit Table 40 Policy Forwarding: Add/Edit spaces Enter the source IP address Enter the source subnet mask address Select the transport layer protocol (TCP or UDP) Enter the source port number Source MAC Enter the source MAC address Select a WAN interface through which the traffic is sent. You must have the WAN interface(s) already configured in the Broadband screens Broadband 165 Quality of Service (QoS)10.1 Overview 166 10.2 What You Need to Know167 10.3 The Quality of Service General Screen168 10.4 The Queue Setup Screen169 Use this screen to configure QoS queue assignmentFigure 65 Network Setting > QoS > Queue Setup Table 42 Network Setting > QoS > Queue Setup Add new Queue Click this button to create a new queue entry is active. A gray bulb signifies that this queue is not active This shows the descriptive name of this queue Priority This shows the priority of this queue Weight This shows the weight of this queue Buffer This shows the queue management algorithm used for this queue Management receives too many (network congestion) This shows the maximum transmission rate allowed for traffic on this queue Click the Edit icon to edit the queue one when you take this action 170 10.5 The Class Setup Screen171 Click Network Setting > QoS > Class Setup to open the following screento open the following screen Figure 67 Network Setting > QoS > Class Setup Table 44 Network Setting > QoS > Class Setup Add new Classifier Click this to create a new classifier classifier is active. A gray bulb signifies that this classifier is not active Class Name This is the name of the classifier Classification Criteria classifier DSCP Mark This is the DSCP number added to traffic of this classifier This is the IEEE 802.1p priority level assigned to traffic of this classifier VLAN ID Tag This is the VLAN ID number assigned to traffic of this classifier To Queue This is the name of the queue in which traffic of this classifier is put Click the Edit icon to edit the classifier up by one when you take this action 173 Table 45 Class Setup: Add/EditSelect this to enable this classifier Order the number you selected after clicking Apply Select Last to put this rule in the back of the classifier list Last From Interface Interface drop-downlist box Ether Type Select a predefined application to configure a class for the matched traffic DHCP options, DSCP value or the protocol type If you select 802.1Q, you can configure an 802.1p priority level 802.1Q Source source IP address means any source IP address Enter the source subnet mask Netmask Port Range number(s) of the source Select the check box and enter the source MAC address of the packet MAC Mask address should match any hexadecimal character(s). For example, if you set the MAC address to 00:13:49:12:34:56 matches this criteria Exclude Destination 174 Table 45 Class Setup: Add/Edit (continued)This field is available only when you select IP in the Ether Type field filter fields IP Protocol you select User defined, enter the protocol (service type) number User defined Select this option and select a DHCP option Vendor Class ID (DHCP Option 60) category or application type in the matched DHCP packets Packet the fields provided DSCP field provided 802.1P This field is available only when you select 802.1Q in the Ether Type field "0" is the lowest priority level and "7" is the highest Select this option and specify a VLAN ID number TCP ACK flag packets If you select Unchange, the Device keep the DSCP field in the packets of the frames them out If you select Unchange, the Device keep the VLAN ID in the packets Forward to 175 10.6 The QoS Policer Setup Screen176 Add new PolicerFigure 70 Policer Setup: Add/Edit Table 47 Policer Setup: Add/Edit Select the check box to activate this policer Enter the descriptive name of this policer This shows the traffic metering algorithm used in this policer which is also the bucket size Committed Burst Size (CBS) and the Excess Burst Size (EBS) The Two Rate Three Color Marker (trTCM) is based on the token bucket filter and Two Rate Three Color Marker Peak Information Rate (PIR) Committed Burst Size configured Conforming marked packets) • Pass: Send the packets without modification Pass: use Non burst size (red-markedpackets) • Drop: Discard the packets Drop: use. The packets may be dropped if there is congestion on the network 177 10.7 The QoS Monitor Screen178 10.8 Technical Reference179 IP PrecedenceAutomatic Priority Queue AssignmentTable 50 Internal Layer2 and Layer3 QoS Mapping LAYER IEEE 802.1P USER TOS (IP IP PACKET QUEUE DSCP (ETHERNET PRECEDENCE) LENGTH (BYTE) PRIORITY) 180 Token BucketIn traffic shaping: •Drops it Single Rate Three Color MarkerThe following shows how tokens work with incoming packets in srTCM: 181 Two Rate Three Color MarkerThe following shows how tokens work with incoming packets in trTCM: 183 Network Address Translation (NAT)11.1 Overview 184 11.2 The Port Forwarding ScreenFigure 72 Multiple Servers Behind NAT Example A=192.168.1.33 185 LANWANB=192.168.1.34 IP Address assigned by ISP C=192.168.1.3 D=192.168.1.36 to open the following screen. See for port numbers commonly used for particular services Network Setting > NAT > Port Forwarding Table 51 Network Setting > NAT > Port Forwarding Add new rule Click this to add a new rule is active. A gray bulb signifies that this rule is not active Service Name This shows the service’s name WAN Interface This shows the WAN interface through which the service is forwarded WAN IP This field displays the incoming packet’s destination IP address Server IP This is the server’s IP address Start Port This is the first external port number that identifies a service This is the last external port number that identifies a service Translation This is the first internal port number that identifies a service Translation End This is the last internal port number that identifies a service 186 Table 51 Network Setting > NAT > Port Forwarding (continued)UDP Click the Edit icon to edit this rule Click the Delete icon to delete an existing rule Figure 74 Port Forwarding: Add/Edit Table 52 Port Forwarding: Add/Edit Clear the checkbox to disable the rule. Select the check box to enable it Select the WAN interface through which the service is forwarded You must have already configured a WAN connection with NAT enabled not be applied Enter the original destination port for the packets To forward only one port, enter the port number again in the End Port field End Port the End Port field 187 11.3 The Applications Screen188 11.4 The Port Triggering Screen189 For example:Figure 77 Trigger Port Forwarding Process: Example 1Jane requests a file from the Real Audio server (port 7070) 3The Real Audio server responds using a port number ranging between 4The Device forwards the traffic to Jane’s computer IP address Network Setting > NAT > Port Triggering Figure 78 Network Setting > NAT > Port Triggering Table 55 Network Setting > NAT > Port Triggering Click this to create a new rule that this rule is active. A gray bulb signifies that this rule is not active This field displays the name of the service used by this rule Trigger Start This is the first port number that identifies a service Trigger End This is the last port number that identifies a service Trigger Proto This is the trigger transport layer protocol 190 Table 55 Network Setting > NAT > Port Triggering (continued)Open Start Port the client computer on the LAN that requested the service Open End Port Open Proto This is the open transport layer protocol Figure 79 Port Triggering: Add/Edit Table 56 Port Triggering: Configuration Add/Edit Select the check box to enable this rule Select a WAN interface for which you want to configure port triggering rules Type a port number or the starting port number in a range of port numbers Type a port number or the ending port number in a range of port numbers Select the transport layer protocol from TCP, UDP, or TCP/UDP 191 11.5 The DMZ Screen192 11.6 The ALG Screen11.7 The Address Mapping Screen193 Table 59 Network Setting > NAT > Address MappingSet This is the index number of the address mapping set Local Start IP This is the starting Inside Local IP Address (ILA) Local End IP End IP address. This field is blank for One-to-One mapping types Global Start IP Global End IP Many-to-One mapping types This is the address mapping type numbers do not change for the One-to-oneNAT mapping type feature that previous routers supported only address mapping rules move up by one when you take this action Figure 83 Address Mapping: Add/Edit 194 11.8 Technical Reference199 Dynamic DNS Setup203 Interface Group13.1 Overview 13.2 The Interface Group Screen204 Default: ETH 2~4eth10.0 VDSL_PoE/ppp0.1 DHCP Vendor ID option: MSFT 205 Note: An interface can belong to only one group at a timeFigure 92 Interface Group Configuration Table 67 Interface Group Configuration numbers, hyphens (-)and underscores (_). Spaces are not allowed used in the up to one ATM interface grouping Select None to not add a WAN interface to this group Grouped LAN Interfaces Available LAN list to add the interfaces to this group right-facingarrow Add Clients the hardware or firmware. See Section 13.2.2 on page 206 for more information With the following DHCP Vendor IDs This shows the index number of the rule Filter Criteria will belong to this group automatically WildCard This shows if wildcard on DHCP option 60 is enabled Support 206 Table 67 Interface Group Configuration (continued)Click the Remove icon to delete this rule from the Device Remove Interface Grouping Configuration Figure 93 Interface Grouping Criteria Table 68 Interface Grouping Criteria Enter the source MAC address of the packet DHCP Option such as the type of the hardware or firmware wildcard on DHCP option option Select this and enter the device identity of the matched traffic IAID connection index number 207 Table 68 Interface Grouping Criteria (continued)DUID type type, a time value and the MAC address of the device vendor’s registered enterprise number and hardware address (MAC address) in the following fields Select Other to enter any string that identifies the device in the DUID field Select this and enter vendor specific information of the matched traffic Enterprise Numbers Authority) Manufactur er OUI of the MAC address Product Enter the product class of the device Class Enter the model name of the device Serial Enter the serial number of the device 209 USB Service215 Firewall15.1 Overview 217 15.2 The Firewall Screen15.3 The Service Screen218 Click Security > Firewall > Service to display the following screenFigure 101 Security > Firewall > Service Table 73 Security > Firewall > Service Click this to add a new service service entry This is the name of your customized service Description This is the description of your customized service Ports/Protocol service uses another IP protocol Click the Edit icon to edit the entry Add new service entry Figure 102 Service: Add/Edit 219 15.4 The Access Control Screen220 Table 75 Security > Firewall > Access ControlDoS Protection becomes unavailable Select the Enable check box to enable protection against DoS attacks Add new ACL Click this to go to add a filter rule for incoming or outgoing IP traffic rule This displays the name of the rule Src IP source address is equivalent to Any Dst IP blank destination address is equivalent to Any to which this rule applies (REJECT) or allows the passage of packets (ACCEPT) REJECT ACCEPT when you take this action 221 Add new ACL ruleFigure 104 Access Control: Add/Edit Table 76 Access Control: Add/Edit Filter Name underscores, and dashes the ACL rule Select the order of the ACL rule Select Source Device enter the source IP address in the field below Specific IP Address, enter the destiniation IP address in the field below Address Enter the destination IP address 222 15.5 The DoS Screen225 MAC Filter16.1 Overview 16.2 The MAC Filter Screen226 Chapter 16 MAC FilterTable 78 Security > MAC Filter MAC Address Filter Select Enable to activate the MAC filter function This is the index number of the MAC address Allow access to the Device If you clear this, the MAC Address field for this set clears Host name that is, six hexadecimal character pairs, for example, 12:34:56:78:9a:bc 227 Parental Control17.1 Overview 17.2 The Parental Control Screen228 Chapter 17 Parental ControlTable 79 Security > Parental Control (continued) Add new PCP Figure 108 Parental Control Rule: Add/Edit 229 Table 80 Parental Control Rule: Add/EditSelect the checkbox to activate this parental control rule Enter a descriptive name for the rule Control Profile User LAN users Internet Access Schedule Day Drag the time bar to define the time that the LAN user is allowed access Service Setting listed below Allow service Service Name, Protocol, and Name of the new rule Protocol:Port This shows the protocol and the port of the rule Blocked Site URL Keyword blocks access. Click Delete to remove it Click this button to save your settings back to the Device 231 Scheduler Rules18.1 Overview 18.2 The Scheduler Rules Screen232 Chapter 18 Scheduler RulesScheduler Rules Figure 110 Scheduler Rules: Add/Edit Table 82 Scheduler Rules: Add/Edit schedule Time if Day Range enforced Enter a description for this scheduler rule 233 Certificates19.1 Overview 19.2 What You Need to Know 234 19.3 The Local Certificates Screen235 Clickand then Figure 112 Create Certificate Request Table 84 Create Certificate Request Common Name enter it manually Organization State/Province Country/Region Select a country to identify the nation where the certificate owner is located Load_Signed Back Local Certificates 236 Load Signed237 19.4 The Trusted CA Screen238 ViewFigure 116 Trusted CA: View Table 87 Trusted CA: View This field displays the identifying name of this certificate Name (CN), Organizational Unit (OU), Organization (O) and Country (C) uses base 64 to convert the binary certificate into a printable form computer for later distribution (via floppy disk for example) Back Click Back to return to the previous screen 239 Import CertificateFigure 117 Trusted CA: Import Certificate Table 88 Trusted CA: Import Certificate Certificate File Path find it Enable Trusted CA for Edit screen Copy and paste the certificate into the text box to store it on the Device 241 Log245 Traffic Status249 ARP Table22.1 Overview 22.2 ARP Table Screen250 Chapter 22 ARP TableTable 94 System Monitor > ARP Table (continued) This is the MAC address of the device with the listed IP address configuration screen 251 Routing Table23.1 Overview 23.2The Routing Table Screen 253 IGMP Status24.1 Overview 24.2 The IGMP Group Status Screen 255 xDSL Statistics25.1 The xDSL Statistics Screen256 Chapter 25 xDSL StatisticsTable 97 Status > xDSL Statistics Select the time interval for refreshing statistics Line Select which DSL line’s statistics you want to display xDSL Training This displays the current state of setting up the DSL connection This displays the ITU standard used for this connection Traffic Type the DSL port is not currently sending or receiving traffic Link Uptime started Line Rate Actual Net Data transport layer protocol headers and traffic Trellis Coding throughput but it makes the connection more stable SNR Margin increase with the system still being able to meet its transmission targets Actual Delay data block size, allowing better error correction to be performed Transmit Power Receive Power is how much power the port is receiving from the service provider Actual INP Tone) symbols shows the level of impulse noise protection for the upstream and data quality, condition and length of the physical line) Attainable Net Data Rate receive payload data without transport layer protocol headers and traffic xDSL Counters 257 Chapter 25 xDSL StatisticsTable 97 Status > xDSL Statistics (continued) FEC This is the number of Far End Corrected blocks CRC This is the number of Cyclic Redundancy Checks one errored block or at least one defect SES 30% or more errored blocks or at least one defect. This is a subset of ES UAS This is the number of UnAvailable Seconds LOS This is the number of Loss Of Signal seconds LOF This is the number of Loss Of Frame seconds LOM This is the number of Loss of Margin seconds 259 User Account26.1 Overview 26.2 The User Account Screen 261 Remote Management27.1 Overview 27.2 The Remote MGMT Screen262 Chapter 27 Remote ManagementTable 99 Maintenance > Remote MGMT Trust Domain This field displays whether the Trust Domain is active or not Enter the Trust Domain IP address This is the service you may use to access the Device LAN/WLAN the Device from the LAN/WLAN the Device from the WAN the Device from the Trust Domain same port number in order to use that service for remote management HTTPS Certificates 263 TR-069Client28.1 Overview 28.2 The TR-069Client Screen264 Chapter 28 TR-069ClientTable 100 Maintenance > TR-069Client Inform select Disable Inform Interval configuration server ACS URL Enter the URL or IP address of the auto-configurationserver Enter the TR-069user name for authentication with the auto-configurationserver ACS Password Enter the TR-069password for authentication with the auto-configurationserver Select a WAN interface through which the TR-069traffic passes used by TR-069 Any_WAN client Display SOAP Select Enable to show the SOAP messages on the console messages on serial console Enter the connection request user name Request User authenticate the ACS Enter the connection request password When the ACS makes a connection request to the Device, this password is used to This shows the connection request URL Request URL The ACS can use this URL to make a connection request to the Device Local certificate imported in the Security > Certificates > Local Certificates screen 265 TR-06429.1 Overview 29.2 The TR-064Screen 267 Time Settings30.1 Overview 30.2 The Time Screen268 Chapter 30 Time SettingsTable 102 Maintenance > Time Setting LABELDESCRIPTION Current Date/Time Current Time This field displays the time of your Device Current Date This field displays the date of your Device NTP Time Server First ~ Fifth NTP Select an NTP time server from the drop-downlist box time server characters in length) of your time server Select None if you don’t want to configure the time server Time Zone Time zone offset zone and Greenwich Mean Time (GMT) Daylight Saving evening Select Enable if you use Daylight Saving Time Start rule: examples: and the time to 2 in the Hour field time zone is one hour ahead of GMT or UTC (GMT+1) End rule 269 Table 102 Maintenance > Time Setting (continued) 271 E-mailNotification31.1 Overview 31.2 The Email Notification Screen272 Chapter 31 E-mailNotificationEmail Notification Figure 132 Email Notification > Add Table 104 Email Notification > Add in the Account Email Address field you specified in the Account Email Address field Account Email Address Account Email notification that the Device sends by the mail server as well Click this button to save your changes and return to the previous screen Click this button to begin configuring this screen afresh 273 Logs Setting32.1 Overview 32.2 The Log Settings Screen274 Chapter 32 Logs SettingTable 105 Maintenance > Logs Setting Syslog Setting Syslog Logging Select the syslog destination from the drop-downlist box server and save it in a local file, select Local File and Remote Local File and Remote Syslog Server of logs UDP Port Enter the port number used by the syslog server E-mailLog Settings Mail Subject the Device sends Send Log to the Device does not send logs via E-mail Send Alarm to Alarm Interval Specify how often the alarm should be updated Allowed log e-mail Clear log after Select this to delete all the logs after the Device sends an E-mailof the logs sending mail Active Log and Alert Select the categories of system logs that you want to record Select the categories of security logs that you want to record immediate alert •You may edit the subject title •The date format here is Day-Month-Year •The date format here is Month-Day-Year.The time format is Hour-Minute-Second 275 Date:Fri, 07 Apr 2000 10:05:42 1|Apr | 09:54:03 End of Firewall Log 277 Firmware Upgrade33.1 Overview 33.2 The Firmware Screen 279 Configuration34.1 Overview 34.2 The Configuration ScreenChapter 34 Configuration 280 Restore ConfigurationTable 107 Restore Configuration compressed (.ZIP) files before you can upload them Click this to begin the upload process Do not turn off the Device while configuration file upload is in progressFigure 140 Network Temporarily Disconnected Appendix A on page Figure 141 Configuration Upload Error 281 34.3 The Reboot Screen282 Diagnostic287 Troubleshooting295 Setting up Your Computer’s IP Address296 Installing ComponentsAdapter Microsoft manufacturers TCP/IP Client for Microsoft Networks ConfiguringObtain an IP address automatically 297 Specify an IP addressSubnet Mask Disable DNS Enable DNS New gateway field TCP/IP Properties 298 Verifying SettingsWindows 2000/NT/XP 310 Macintosh OS 8/9Apple TCP/IP Control Panel 2Select Ethernet built-in from the Connect via list Using DHCP Server Configure: Configure Manually Router address 5Close the TCP/IP Control Panel 311 Macintosh OS313 LinuxNote: Make sure you are logged in as the root administrator Using the K Desktop Environment (KDE)System Setting 314 Ethernet Device GeneralStatically set IP Addresses Address Default Gateway Address Network Configuration Devices Activate Yes to save the changes in all screens 315 Using Configuration Filesdhcp BOOTPROTO=dhcp static BOOTPROTO=static IPADDR NETMASK 316 resolv.conf/etc Figure 178 Red Hat 9.0: DNS Settings in resolv.conf nameserver 172.23.5.1 nameserver Figure 179 Red Hat 9.0: Restart Ethernet Card [root@localhost init.d]# network restart Shutting down interface eth0: [OK] loopback interface: Setting network parameters: Bringing up loopback interface: up interface eth0: Enter ifconfig in a terminal screen to check your TCP/IP properties Figure 180 Red Hat 9.0: Checking TCP/IP Properties [root@localhost]# ifconfig Link encap:Ethernet HWaddr 00:50:BA:72:5B:44 inet addr:172.23.19.129 Bcast:172.23.19.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:717 errors:0 dropped:0 overruns:0 frame:0 TX packets:13 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 (1.5 Kb) RX bytes:730412 (713.2 Kb) TX bytes:1570 Interrupt:10 Base address:0x1000 [root@localhost]# 317 IP Addresses and SubnettingAppendix B IP Addresses and Subnetting Figure 181 Network Number and Host ID 318 Subnet MasksTable 111 Subnet Masks 1ST OCTET: 2ND 3RD 4TH OCTET OCTET: (192) (168) (1) (2) Table 112 Subnet Masks BINARY 1ST DECIMAL OCTET 319 Network SizeTable 113 Maximum Host Numbers SUBNET MASK HOST ID SIZE MAXIMUM NUMBER OF HOSTS NotationFor example, 192.1.1.0 /25 is equivalent to saying 192.1.1.0 with subnet mask ALTERNATIVE LAST OCTET NOTATION (BINARY) (DECIMAL) 320 Subnetting321 Example: Four SubnetsTable 115 Subnet IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE Table 115 Subnet 1 (continued) Table 116 Subnet Table 117 Subnet LAST OCTET BIT VALUE Table 118 Subnet 322 Example: Eight SubnetsEight Subnets SUBNET FIRST ADDRESS LAST BROADCAST ADDRESS Table 119 Eight Subnets (continued) 323 Subnet PlanningTable 120 24-bitNetwork Number Subnet Planning NO. “BORROWED” NO. SUBNETS NO. HOSTS PER HOST BITS Table 121 16-bitNetwork Number Subnet Planning 324 Configuring IP Addresses325 Pop-upWindows, JavaScripts and Java Permissions335 Wireless LANs336 ESSFigure 196 Infrastructure WLAN 337 ChannelRTS/CTSFigure 197 RTS/CTS RTS/CTS Fragmentation Threshold 338 Fragmentation Threshold339 IEEE 802.11g Wireless LANTable 122 IEEE 802.11g DATA RATE (MBPS) MODULATION Wireless Security OverviewTable 123 Wireless Security Levels SECURITY SECURITY TYPE 340 IEEE•User based identification that allows for roaming RADIUS•Authentication Determines the identity of the users •Authorization •Accounting Keeps track of the client’s network activity Types of RADIUS Messages•Access-Request Sent by an access point requesting authentication •Access-Reject Sent by a RADIUS server rejecting access •Access-Accept Sent by a RADIUS server allowing access •Access-Challenge 341 Types of EAP AuthenticationEAP-MD5 (Message-DigestAlgorithm 5) EAP-TLS(Transport Layer Security) 342 EAP-TTLS(Tunneled Transport Layer Service)PEAP (Protected EAP) LEAP Dynamic WEP Key ExchangeNote: EAP-MD5cannot be used with Dynamic WEP Key Exchange EAP-MD5 EAP-TLS EAP-TTLS PEAP LEAP 343 WPA and WPA2Encryption 344 User AuthenticationWireless Client WPA Supplicants WPA(2) with RADIUS Application Example 345 WPA(2)-PSKApplication Example346 Security Parameters SummaryAUTHENTICATION ENCRYPTIO ENTER METHOD/ KEY IEEE N METHOD MANUAL KEY MANAGEMENT PROTOCOL Antenna Overview Antenna Characteristics Frequency Radiation Pattern Antenna Gain 347 Types of Antennas for WLANThere are two types of antennas used for wireless LAN applications Omni-directional Positioning Antennas 349 IPv6357 Services361 Legal InformationAppendix G Legal Information 4Consult the dealer or an experienced radio/TV technician for help 362 FCC Radiation Exposure StatementThis transmitter must not be IEEE 802.11b or 802.11g operation of this product in the U.S.A. is NoticesThis Class B digital apparatus complies with Canadian ICES-003 Cet appareil numérique de la classe B est conforme à la norme NMB-003du Canada MitraStar Limited Warranty 363 NoteRegistration Safety Warnings
Also you can find more ZyXEL Communications manuals or manuals for other Computer Equipment.