Cable Modem/Router with Wireless-N U S E R M A N U A L
NOTICE This document contains proprietary information protected by copyright, and this Manual and all the accompanying hardware, software, and documentation are copyrighted. No part of this document may be photocopied or reproduced by mechanical, electronic, or other means in any form.
CONTENTS OVERVIEW 4 1 INSTALLING THE CABLE MODEM/ROUTER WITH WIRELESS-N 2 SETTING WIRELESS SECURITY 7 15 WPA/WPA2 Security .......................................................................................................................... 16 Setting Up Security Using WEP .........................................................................................................
Overview This User Manual provides instructions for connecting and configuring your Cable Modem/Router with Wireless-N and setting up wireless and wired local area networks. It also includes details about security, firewalls, VPNs (Virtual Private Networks) and administrative tasks.
Go to this section if you want to… See Page Status troubleshoot problems with the cable modem/router 25 Basic make some modifications for more advanced uses 33 Advanced make use of advanced router 40 features supported by the cable modem/router 6 Firewall configure the firewall application to protect the private LAN from attacks from the WAN interface 7 Parental Control configure access policies or rules to specific network 62 devices based on the time of day and Internet contents Wireless
automatically opening up the corresponding incoming port(s). It will automatically forward the traffic on the incoming port to the computer that accessed the outgoing port. If your game uses one port to send outgoing data and a different port (or ports) for incoming data, you may want to use port triggering. You do not need to know the IP address of your gaming station to set up port triggering.
1 Installing the Cable Modem/Router with Wireless-N This chapter provides basic instructions for connecting the hardware and configuring the Cable Modem/Router with Wireless-N using the Zoom Configuration Manager. This chapter is almost identical to the printed Quick Start.
the kit’s instructions and use them to install your Zoom cable modem/router. This cable modem/router is DOCSIS 3.0 certified by CableLabs, and connects like a normal cable modem. You may be asked by your cable service provider to provide the serial number and Cable MAC address, which are printed on the label on the bottom of the modem. Your cable service provider may also ask for your cable modem’s model name and number, which is Zoom 5350.
1 Be sure your computer is on and the cable modem/router is unplugged. Note: Please refer to the Hardware Connection section if you would like to see a diagram of the back of the cable modem and a description of the connections as you read the following steps. 2 Connect one end of the coaxial cable to the cable outlet or splitter. Connect the other end of the coaxial cable to the Cable connector on the rear panel of the cable modem. Hand-tighten the connectors to avoid damaging them.
Please note the following: • Do not block the modem/router vents in any way. • Do not use the modem where it’s very hot or very cold. • Place the cable modem/router in a vertical orientation (using the “feet” at the bottom of the unit to create a stable placement). The Power LED on the front panel should be at the top of the unit.
For those computer(s) and/or device(s) that support WPS, see Using WPS to set up your wireless network. For those computer(s) and/or device(s) that do support WPA/WPA2 but that don’t support WPS, enter the default SSID and Pre-Shared Key below in the wireless network portion of the device’s configuration menus. (If you want setup tips for computers and other wireless-enabled devices, go to Appendix A: Tips for setting up computers and other devices on a wireless network.
Press the Wi‑Fi Protected Setup (WPS) button on the router for 5 seconds. (You do not need to type a security key or passphrase in the Security key text box on your Windows machine). The cable modem/router will automatically set up the computer to connect to the network and apply the network's security settings. Then click OK on the Connect to a Network dialog box. 3 Congratulations! You should now have a secure connection between your cable modem/router and a device.
cable modem/router. (If you are connecting a hub or a switch, this is typically called an Uplink or Expansion port.) If you are connecting a computer or game station, go to step 5 of this section. 3 If you are connecting a network device such as a switching hub, use the instructions that came with that device. Then reboot any computer that is part of your network. For example, if you connected a switching hub, reboot any computer that will be connected to that switching hub.
2 In the Enter Network Password dialog box, type the following User Name and Password in lower case, then click OK. User Name: admin Password: admin 3 The Status page should appear. If the Status page doesn’t appear, please see Appendix B: Troubleshooting Tips. From the Zoom Configuration Manager, you can configure advanced features and make changes to the default wireless security options including the SSID and Pre-Shared Key.
2 Setting Wireless Security Your cable modem/router comes from the factory with, security turned on by default. If you want to use another security mode instead of the default security mode of WPA-PSK/WPA2-PSK , or if you want to change the Pre-Shared Key, this chapter explains how. There are two basic wireless security modes, WPA and WEP. There are two versions of WPA: WPA and WPA2. When configured as part of a typical home or small office network, WPA and WPA2 require a Pre-Shared Key, or PSK.
If you need to set up an unsecured network, see Disabling Security. Changing the Pre-Shared Key and SSID from the default settings In the default security setting, both WPA-PSK and WPA2-PSK are enabled. The default SSID is ZOOM and Pre-Shared Key is zoom#### where #### represents the last 4 characters of the Cable MAC address of the unit, which can be found on the label on the bottom of the cable modem/router. If you want to change the SSID and/or the Pre-Shared Key, go to WPA/WPA2 Security.
If you know that all your devices support the more secure WPA2 you can enable WPA2 only (or WPA2-PSK if you want to use a Pre-Shared Key) instead of WPA and WPA2. 7 In the WPA Pre-Shared Key text box (only if you selected an option requiring a Pre-Shared Key), enter a passphrase of your choice (a minimum of 8 characters). Write down this passphrase and put it where you can find it – on the bottom of the Cable Modem/Router case, for instance. 8 Click Apply.
Wi‑Fi Protected Setup (WPS) button on the router for 5 seconds. (You do not need to type a security key or passphrase in the Security Key text box on your Windows machine). The cable modem/router will automatically set up the computer to connect to the network and apply the network's security settings. Then click OK on the Connect to a Network dialog box. Skip (e) and (f). e Enter the Pre-Shared Key that you just wrote down in Step 7. f Save your settings.
5 From the WEP Encryption drop-down menu, select WEP-64 bit (or WEP-128 bit for more security). 6 For Network Key 1, you can either enter your own WEP Key or you can have WEP Keys generated. If you are entering a network key of your choice, enter 13 ASCII characters or 26 hexadecimal digits for 128-bit encryption keys. Enter 5 ASCII characters or 10 hexadecimal digits for 64-bit encryption keys.
7 Now you need to set up each of your wireless devices with the SSID. a First, make sure that the device's wireless capability is switched on. (Many notebooks have a switch for wireless, for instance.) b Next go to the device’s area for configuring a wireless network connection. (If you need them, tips for finding this area are in Appendix A.) • For a Windows computer, click the Wireless Networking icon at the lower right corner of the screen.
Chapter Menu Options Go to this section if you want to… See Page Status monitor or troubleshoot problems with the cable modem/router 25 Basic make some modifications for more advanced uses 33 Advanced make use of advanced router 40 features supported by the cable modem/router 6 Firewall configure the firewall application to protect the private LAN from attacks from the WAN interface 7 Parental Control configure access policies or rules to specific network 62 devices based on the time of day
Accessing the Cable Modem/Router’s Configuration Manager From your Web browser, you will log in to the interface to define system parameters, change password settings, view status windows to monitor network conditions, and control the cable modem/router and its ports. To access the cable modem/router’s Configuration Manager, use the following procedure: 1 Launch a Web browser. Note: Your computer does not have to be online to configure your cable modem/router.
4 Click the Login button to access the cable modem/router. The Status page appears, showing connection status information about your cable modem/router. Understanding the Configuration Manager Interface Screens The top of the management interface contains a menu bar you use to select menus for configuring the cable modem/router. When you click a menu item, information and any configuration settings associated with the menu appear in the main area of the interface (see Figure 2).
Figure 3. Example of Status Submenu The right-most item on the menu bar is the logout option. Click it to log out from the Configuration Manager interface. Configuration Manager Interface Menus Table 1 describes the menus in the Configuration Manager interface. Table 1.
3 Status Menu Options The Status Menu lets you: ¾ View the status and connection information of the cable modem/router ¾ Change the administrator password ¾ Use diagnostic tools for troubleshooting Software The Software page is a read-only screen that shows the cable modem/router’s current system software version. This page appears when you first log in to the Configuration Manager interface. You can also display it by clicking Status in the menu bar and then click the Software submenu.
Figure 4. Software Menu Table 2. Software Menu Option Option Description Information Shows the information on the current system software. Status Shows the system up time, network accessibility, and IP address of the Cable modem/router. Connection The Connection page is a read-only screen that shows the status of steps in your cable modem/router registration process. It also shows your cable modem/router’s upstream and downstream channel status.
Figure 5. Example of Connection Page Security The Security page allows you to configure access privileges and restore the cable modem/router to its factory defaults. To access the Security page, click Status in the menu bar and then click the Security submenu. Figure 6 shows an example of the menu and Table 3 describes the items you can select.
Figure 6. Example of Security Page To restore the cable modem/router to factory defaults: 1 In the Security submenu, select the Yes button next to Restore Factory Defaults. 2 Click Apply. 3 Click OK to reboot the cable modem/router. The reboot is complete when the POWER LED stops blinking. 4 If the Login screen doesn’t reappear, click the Refresh link to log back in to the Configuration Manager. Table 3.
Diagnostics Note: Some versions may not support this feature. The Diagnostics page allows you to troubleshoot connectivity problems. Two utilities are provided for troubleshooting network connectivity: Ping and Traceroute. Ping allows you to check connectivity between the cable modem/router and devices on the LAN while Traceroute allows you to map the network path from the cable modem/router to a public host.
Table 4 describes the items you can select. Figure 7.
Figure 8. Example of Diagnostics - Traceroute Page To run either utility: 1 Select the utility from the Utility drop-down list. 2 Make any changes to the default parameters. 3 Select Start Test to begin. The window will automatically be refreshed as the results are displayed in the Results table.
Table 4. Diagnostics Menu Option Option Description Utility Select the utility for troubleshooting. Parameters Enter the required parameters to perform diagnostics. Start Test Click this button to begin diagnostic after making any changes to the default parameters. Abort Test Click this button to abort Ping diagnostics. Clear Results Click this button to clear the results table. Event Log The Event Log page shows the SNMP event log.
4 Basic Menu Options The Basic Menu lets you: ¾ Configure the basic settings of your cable modem/router ¾ Configure DHCP server for the LAN ¾ Configure DDNS service ¾ Backup and restore of configuration settings Setup The Setup page allows you to configure the basic features of the cable modem/router related to your ISP’s connection. To access the Setup page, click Basic in the menu bar and then click the Setup submenu. Figure 10 shows an example of the menu and Table 6 describes the items you can select.
Figure 10. Example of Setup Page Table 6. Setup Menu Option Option Description LAN IP Address Set the base LAN IP for your private network. By default this is 192.168.0.1 There is normally no need to change this. WAN Connection Type Select how your cable modem/router obtains an IP address. The options are via DHCP or manual configuration of a static IP address. Unless you have arranged for a static IP address from your service provider, you should leave this setting at its default, DHCP.
DHCP The DHCP page allows you to configure your cable modem/router’s DHCP server. To access the DHCP page: 1 Click Basic in the menu bar. 2 Then click the DHCP submenu. Figure 11 shows an example of the menu and Table 7 describes the items you can select. Figure 11.
In the unusual event that you have a separate DHCP server on your LAN, you can disable the cable modem/router’s DHCP server by selecting the No radio button. If you do this, make sure the IP address assigned to the cable modem/router is on the same subnet as that of the external DHCP server, or you won’t be able to access the cable modem/router from the LAN. The base LAN IP address of the cable modem/router can be set from the Basic Setup page.
Figure 12 shows an example of the menu and Table 8 describes the items you can select. Figure 12. Example of DDNS Page To activate the DDNS client: 1 Go to the DynDNS website and create an account for the Dynamic DNS service. 2 You will create a username and password, and be asked to choose a host name for your server, and the dynamic DNS domain to which your host will be assigned. 3 You will also be asked for your host’s current IP address.
Table 8. DDNS Menu Option Option Description DDNS Service Select the type of service that you are registered for from your DDNS service provider. User Name Enter your DDNS account username subscribed to the service provider. Password Enter the password of the account. Host Name Enter the host name of your service host. IP Address Shows the current WAN side public IP address. Status Shows the status of DDNS service. Backup Note: Some versions may not support this feature.
Figure 13.
5 Advanced Menu Options The Advanced Menu lets you: ¾ Enable advanced features of the cable modem/router ¾ Configure LAN IP address, MAC address, and port number filtering ¾ Configure WAN to LAN port forwarding and triggers ¾ Configure DMZ hosting ¾ Configure RIP parameters Options The Options page allows you to configure the cable modem/router to operate in different modes that adjust how the device routes IP traffic.
Figure 14. Example of Options Page To enable a feature: 1 Click the appropriate check box (a check mark will appear). 2 When you are done with your selections, click on the Apply button.
Table 9. Options Menu Option Option Description WAN Blocking Prevents the cable modem/router or the PCs behind it from being visible to the WAN (i.e. from the Internet). For instance, pings to the cable modem/router’s WAN IP address or to the devices behind it are not returned. This makes it more difficult for hackers to attack your PCs and other devices on your network. IPSec/PPTP PassThrough Enable to support VPN devices or software on your network.
IP Filtering The IP Filtering page allows you to configure IP address filters in order to block Internet traffic to specific network device on your LAN. By entering starting and ending IP address ranges, you can configure which local PCs are denied access to the WAN. To access the IP Filtering page: 1 Click Advanced in the menu bar. 2 Then click the IP Filtering submenu. Figure 15 shows an example of the menu and Table 10 describes the items you can select. Figure 15.
To activate the IP address filter: 1 Enter the last byte (the numbers after the last period) of the IP address in Start Address and End Address. 2 Check the Enable box to the right of the entry to store settings. 3 Click the Apply button to activate the filter rules. Table 10. IP Filtering Menu Option Option Description Start/End Address Enter the last byte of the IP address. The upper bytes of the IP address are set automatically from the cable modem/router IP address.
Figure 16. Example of MAC Filtering Page Table 11. MAC Filtering Menu Option Option Description MAC Address PCs and other devices can be added to the MAC filter table by entering their MAC addresses into the Add MAC Address box, and clicking the Add MAC Address button. Internet traffic to and from each listed Address will be blocked.
Port Filtering The Port Filtering page allows you to configure port filters in order to block Internet traffic to specific ports on all devices on your LAN. Similarly, you can prevent PCs from sending outgoing TCP/UDP traffic to the Internet from specific IP port numbers. This can be configured using the Port Filtering page. To access the Port Filtering page: 1 Click Advanced in the menu bar. 2 Then click the Port Filtering submenu.
For example, if you would like to block all PCs on the private LAN from accessing HTTP sites (or “web surfing”): 1 Set the Start Port to 80, the End Port to 80. 2 Set the protocol to TCP. 3 Check the Enable box to the right of the entry to store settings. 4 Click Apply button to activate the filter rules. Table 12.
Figure 18. Example of Forwarding Page To activate the port forwarding: 1 Enter the port range of the Internet traffic that you want to forward, and the IP address of the server to which you want to forward that traffic. 2 Select the protocol(s) to be forwarded. 3 Check the Enable box to the right of the entry to store settings. 4 Click the Apply button to activate the forwarding rules. Table 13.
Port Triggers The Port Triggers page allows you to configure dynamic triggers to specific devices on the LAN. This allows for special applications that require specific port numbers with bi-directional traffic to function properly. Applications such as video conferencing, voice, gaming, and some messaging program features may require these special settings. Port Triggers are similar to Port Forwarding except that they are not static ports held open all the time.
3 Check the Enable box to the right of the entry to store settings. 4 Click the Apply button to activate the forwarding rules. Table 14. Port Triggers Menu Option Option Description Trigger Range Enter the trigger range (starting and ending ports) of the application for which you want to enable port triggering. The application will send data from these ports.
Figure 20. Example of DMZ Host Page To configure DMZ settings: 1 Enter the last byte of the LAN IP address of the PC or other device on your network that you want to configure as a DMZ host. 2 Click Apply. Note: If a specific PC is set as a DMZ Host, remember to set this back to “0” when finished with the needed application, since this PC will be effectively exposed to the public Internet.
Figure 21. Example of RIP Setup Page Note: RIP messages will only be sent when the cable modem/router is configured for Static IP Addressing (see the Basic – Setup page). It is unlikely that your cable Internet service supports this mode. If they do, and you want to enable RIP, you will need to ask for the CMTS’s key name and number. You may need additional information.
Table 15. RIP Setup Menu Option Option RIP Authentication RIP Authentication Key RIP Authentication Key ID RIP Reporting Interval RIP Destination IP Address RIP Destination IP Subnet Mask Description Check this box to enable RIP authentication for routing protocols Enter the set of keys for your interface. Enter the ID to identify the key used to create the authentication data. Enter the interval at which to update routing table. Enter the destination IP address for RIP.
6 Firewall Menu Options The Firewall Menu lets you: ¾ Configure web contents filter ¾ View the local and remote logs Web Filter The Web Filter page allows you to block or exclusively permit different types of data through the cable modem/router from the WAN to the LAN. To access the Web Filter page: 1 Click Firewall in the menu bar. 2 Then click the Web Filter submenu. Figure 22 shows an example of the menu and Table 16 describes the items you can select.
Figure 22. Example of Web Filter Page To enable web content filter: 1 Click the appropriate check box. A check-mark will appear. 2 When you are done with your selections, click on the Apply button. Table 16. Web Filter Menu Option Option Description Filter Proxy Check this box to filter proxies. Filter cookies Check this box to filter cookies. Filter Java Check this box to filter Javas. Applets Check this box to filter Applets. Filter ActiveX Check this box to filter ActiveX.
Block Fragmented IP packets Prevents all fragmented IP packets from passing through the firewall. IP Flood Detection Detects and blocks packet floods originating on both the LAN and WAN. Firewall Protection Turns on the Stateful Packet Inspection (SPI) firewall features. Note: Java applets, ActiveX controls, and popup windows function filtering will fail if the web pages are sent in uncompressed format to the web browser.
Figure 23. Example of Remote Log Page Table 17. Local Log Menu Option Option Description Contact Email Address Enter the email address where you want to receive the alert email. SMTP Server Name Enter the SMTP (Outgoing) mail server address of the email account you will send from. SMTP Username Enter the username of the email account you will send from. SMTP Password Enter the password of the email account you will send from.
To access the Remote Log page: 1 Click Firewall in the menu bar. 2 Then click the Remote Log submenu. Figure 24 shows an example of the menu and Table 18 describes the items you can select. Figure 24. Example of Remote Log Page Below is a complete list of the capable SysLog server attack/notification types and their format.
Table 18. SysLog Server Event Format Parameter Description MMM The three-letter abbreviation for the month (e.g., JUN, JUL AUG, etc.) DD The two-digit day of the month (e.g., 01, 02, 03, etc.) HH:MM:SS The time displayed as two-digit values for the hour, minute, and second, respectively. YYYY The four-digit year. HostIP The IP address of cable modem/router sending the SysLog event. This is the LAN IP Address on the Basic - Setup page.
The table below lists all events that can be sent to the SysLog server. Table 19. SysLog Server Event and Meaning Event Text Meaning ALLOW: Inbound access request An inbound request was made, and accepted, from a public network client to use a service hosted on the firewall or a client behind the firewall. ALLOW: Outbound access request An outbound request was made, and accepted, from a public client to use a service hosted on a public network server.
Time Of Day established The system established the current system time via the DOCSIS cable modem registration process. The system time is used by the firewall to timestamp events. The firewall successfully obtained an IP address for the public Public Network Interface up network (WAN) interface via DHCP. This process takes place after (IP address x.x.x.x) the cable modem registration process successfully completes.
7 Parental Control Menu Options The Parental Control Menu lets you: ¾ Configure the rules for Internet access based on user or time period ¾ Configure the rules to block certain Internet contents and certain web sites ¾ View the event logs related to parental control To set up Parental Control, you first set up Policies in the Basic Setup Menu. Next, you assign a user name and password for each user on your network. Finally you apply the Policies to individual users in the User Setup Menu.
Figure 25.
Table 20. Basic Setup Menu Option Option Description Enable Parental Control Check the box to enable Parental Control. Content Policy Configuration Enter a name for a content policy, and click Add New Policy. Keyword List Enter a keyword in the field at the bottom of the keyword list, and click Add Keyword. The keyword is associated with the respective entries in the Blocked and Allowed Domain Lists. See the User Setup page for more details.
User Setup The User Setup page is the master page to which each individual “user” is linked to a specified time access rule, content filtering rule, and login password. To access the User Setup page: 1 Click Parental Control in the menu bar. 2 Then click the User Setup submenu. Figure 26 shows an example of the menu and Table 21 describes the items you can select. Note: Always remember to click on the appropriate Apply, Add or Remote button to store and activate the settings. Figure 26.
Table 21. User Setup Menu Option Option Description User Configuration Enter a user name (e.g. Mom, Dad, Bro, Sis) and click Add User. Users Settings Select a user from the drop-down list. Click the checkbox to enable parental control for this user. Password Enter the password for this user. Re-Enter Password Re-enter (confirm) the password for this user. Trusted User Select Enable to grant this user access to all Internet content regardless of any policy or time settings.
ToD Filter (Time of Day Filter) The ToD page allows you to configure the Internet access policies according the time of day settings. This page is tied to the Parental Control - User Setup page. You can define up to 30 time access policies. You can define policies that block all public Internet traffic for entire days or for specific time periods within each day. You can combine these policies in any way you want. To access the ToD Filter page: 1 Click Parental Control in the menu bar.
Table 22. ToD Filter Menu Option Option Time Access Policy Configuration Time Access Policy List Days to Block Time to Block Description Enter a name for the time access policy and click Add New Policy. Select a policy from the drop-down list. Click the Enable checkbox to enable this rule. Click the checkboxes of the days that this rule applies to.
To access the Local Log page: 1 Click Parental Control in the menu bar. 2 Then click the Local Log submenu. Figure 28 shows an example of the menu. Figure 28.
8 Wireless Menu Options The Wireless Menu lets you: ¾ Configure cable modem/router to serve as a wireless access point (AP) ¾ Configure essential and advanced settings of wireless network ¾ Configure guest network for temporary visitors ¾ Configure WMM QoS Note: Your cable modem/router has been preconfigured to support wireless connections without any further configuration. Please see page 10 for details. Most users will not need to read this chapter.
Figure 29.
Table 23. Radio Menu Option Option Description Wireless Select Enable to enable the wireless function. Country Your device is configured for operation in the U.S. only. Set the strength of the wireless signal that the cable modem/router Output Power transmits. 802.11 Band Your device supports 2.4 GHz only. In Auto mode, your cable modem/router will automatically adjust to avoid 802.11n-mode interference with neighboring devices.
automating the processes of configuring new wireless networks and adding devices to existing networks. • SES establishes a private connection between the devices and automatically configures the network's SSID and WPA-Personal security settings. It configures a new network only on each new device that is authorized to join the network. To access the Primary Network page: 1 Click Wireless in the menu bar. 2 Then click the Primary Network submenu.
Table 25. Primary Network Menu Option Option Description Primary Network Select Enable to enable primary wireless network. Set the Network Name (also known as SSID) of the wireless Network Name (SSID) network. This is a 1-32 ASCII character string. Closed Network Select Enable to suppress broadcast of the SSID. WiFi Protected Access (WPA) offers stronger encryption than WPA WEP. Enable WPA alone if you have a RADIUS server – otherwise WPA-PSK. Offers stronger encryption than WEP.
802.1x Authentication (only available when WEP is enabled) Network Key 1-4 Current Network Key PassPhase Generate WEP Keys Automatic Security Configuration Device Name WPS Setup AP PIN WPS Add Client Push-Button PIN Select Enable to enable 802.1x authentication. You can pre-define up to 4 keys for 64-bit or 128-bit WEP. 64-bit keys require 10 hexadecimal digits and 128-bit key require 26 hexadecimal digits. Select one of the four pre-defined keys as the current network key.
Figure 31. SES Configuration Window - Success! Open SES Window This button opens a window that allows a SES client to connect. The window remains open for 2 minutes. Only 1 SES client may connect during an Open Window period. If you have more than 1 client to connect to your SES, you must open the window multiple times. When the SES window is open, the pop-up window below indicates the cable modem/router is waiting for a SES client. Figure 32.
Figure 34. SES Configuration Window - Timeout! Finally, if the current security configuration does not meet the SES requirements of WPA-PSK authentication with TKIP, the window will not open and the error message shown below will be displayed. Figure 35. Authentication Error Message Guest Network The Guest Network page allows you to configure a guest network. A guest network is a small section of an organization's computer network designed for use by temporary visitors.
Figure 36 shows an example of the menu and Table 26 describes the items you can select. Figure 36.
Table 26. Guest Network Menu Option Option Description Guest Network Select Enable to enable guest network. Guest Network Name Enter a name for the guest network. (SSID) Closed Network Select Enable to supress broadcast of the SSID. WiFi Protected Access (WPA) offers stronger encryption than WPA WEP. Enable WPA alone if you have a RADIUS server – otherwise WPA-PSK. Offers stronger encryption than WEP. When enabled, you must WPA-PSK also enter a Pre-Shared Key. Offers state-of-the-art security.
2.1x Authentication (only available when WEP is enabled) Network Key 1-4 Current Network Key PassPhase Generate WEP Keys DHCP Server IP Address Subnet Mask Lease Pool Start Lease Pool End Lease Time Select Enable to enable 802.1x authentication. You can pre-define up to 4 keys for 64-bit or 128-bit WEP. 64-bit keys require 10 hexadecimal digits and 128-bit key require 26 hexadecimal digits. Select one of the four pre-defined keys as the current network key.
Figure 37.
Table 27. Advanced Menu Option Option Description 54gTM Mode Auto by default. Select the wireless transmission rate to a particular speed or leave it Basic Rate Set as default (Auto) to allow the AP adjusts speed automatically. In Auto mode (Protection ON), the device will use RTS/CTS control to improve 802.11g performance in mixed networks. 54gTM Protection Turning protection OFF will maximize 802.11g throughput under most conditions.
Multicast Rate there is a possibility that 802.11b or 802.11g devices will use your wireless network. In Auto mode, the wireless devices use RTS/CTS to improve 802.11n performance in mixed 802.11g/802.11b networks. Turn protection off to maximize 802.11n throughput under most conditions. Specify the rate at which multicast packets are transmitted and received on your wireless network. Multicast packets are used to send a single message to a set of recipients in a defined group.
Table 28. Access Control Menu Option Option Description Wireless Select the wireless interface to configure the access control list. Interface MAC Restrict Select whether wireless clients with the specified MAC address are allowed or Mode denied wireless access. To allow all clients, select Disabled. Shows the list of wireless client MAC addresses to allow or deny based on MAC Addresses the Restrict Mode setting. Valid MAC address formats are XX:XX:XX:XX:XX:XX and XX-XX-XX-XX-XX-XX.
Figure 39.
Table 29. WMM Menu Option Option Description WMM Support Select On to include the WME Information Element in beacon frame. No-Acknowledgement Select On to not transmit acknowledgments for data. Select On to allow the AP (cable modem/router) queuing packets for Power Save Support stations/clients in power-save mode. Queued packets are transmitted when the station/client notifies AP that it has left power-save mode.
Figure 40. Example of Bridging Page Table 30. Bridging Menu Option Option Description Wireless Bridging Select to enable or disable wireless bridging. Table of remote bridge MAC addresses authorized to establish a wireless Remote Bridges bridge. Up to 4 remote bridges may be connected. Typically, you will also have to enter your AP’s MAC address on the remote bridge.
9 VPN (Virtual Private Network) Menu Options The VPN Menu lets you: ¾ Configure a VPN tunnel ¾ View VPN event logs Basic Setting This page allows you to enable VPN protocols and manage VPN tunnels. A virtual private network (VPN) is a computer network in which some of the links between nodes are carried by open connections or virtual circuits within some larger network (e.g., the Internet) as opposed to by physical wires, as in a traditional private network.
Table 31. Basic Menu Option Option Description L2TP Server Select Enable to enable L2TP (Layer 2 Tunneling Protocol) server. PPTP Server Select Enable to enable PPTP (Point-to-Point Tunneling Protocol) server. IPSec Endpoint Select Enable to enable IPSec endpoint. IPSec The IPSec page allows you to configure IPSec tunnel and endpoint settings. A VPN tunnel is usually established in two phases.
To access the IPSec page: 1 Click VPN in the menu bar. 2 Then click the IPSec submenu. Figure 42 shows an example of the menu and Table 32 describes the items you can select. Figure 42.
Table 32. IPSec Menu Option Option Description Tunnel This is a pull-down list of VPN Names defined below. Select the specific VPN tunnel to configure. Name Enter a VPN name and click Add New Tunnel. Local Endpoint Settings Configure the local network located at your cable modem/router’s AN side. Address Group Type Define the local address type.
Select the Diffie-Hellman key group (DHx) you want to use for encryption keys. Phase 1DH Group DH1: uses a 768-bit random number DH2: uses a 1024-bit random number DH5: uses a 1536-bit random number. Select the key size and encryption algorithm to use for data communications. DES: a 56-bit key with the DES encryption algorithm Phase 1 Encryption 3DES: a 168-bit key with the DES encryption algorithm.
Select the key size and encryption algorithm to use for data communications. Null: No data encryption in IPSec SA. Not recommended. DES: a 56-bit key with the DES encryption algorithm Phase 2 Encryption 3DES: a 168-bit key with the DES encryption algorithm. Both the cable modem/router and the remote IPSec router must use the same algorithms and key , which can be used to encrypt and decrypt the message or to generate and verify a message authentication code.
NetBIOS Broadcast Forwarding Select Enable to send NetBIOS (Network Basic Input/Output System) packets through the VPN connection. NetBIOS packets are TCP or UDP packets that enable a computer to find other computers. It may sometimes be necessary to allow NetBIOS packets to pass through VPN tunnels in order to allow local computers to find computers on the remote network and vice versa.
Figure 43.
Table 33. L2TP/PPTP Menu Option Option PPP Address Range (Start/End) Description Configure the dedicated IP address pool for L2TP/PPTP. The LAN IP subnet at one end of the VPN tunnel must be different from the LAN IP subnet at the other end of the VPN tunnel. For example, if one side’s LAN subnet is 192.168.0.x, then the other side should be 192.168.1.x (where the subnet mask in this example is 255.255.255.0).
Figure 44. Example of Event Log Page Table 34. Event Log Menu Option Option Description Time Shows the local time mapping to a certain log event. Description Shows detailed information of a VPN event log.
Appendix A: Tips for setting up computers and other devices on a wireless network This appendix provides tips for wireless setup up computers and/or other devices that have built-in wireless capabilities and/or a wireless adapter. This information supplements information in chapters 1 and 2. Note that for each computer or other device added to your wireless network, you will need to take appropriate steps for setting up that computer or other device.
4 characters of the Cable MAC address of the unit, which can be found on the label on the bottom of the cable modem/router or enter the Pre-Shared Key you previously created. In the unlikely event that you set up WEP security, enter the WEP Key. • Click Connect. If you have difficulty connecting, make sure you have entered the correct Pre-Shared Key or WEP Key. Then perform a power cycle on your computer and the Cable Modem/Router as described in Appendix B: Troubleshooting Tips.
4 Click Connect. If you have difficulty connecting, make sure you have entered the correct Pre-Shared Key or WEP Key. Then perform a power cycle on your computer and the Cable Modem/Router as described in Appendix B: Troubleshooting Tips. 5 In the Successfully connected to [desired network] dialog box, you have three options. You can: • Select Save the network and Start this connection automatically if you always want to connect to the same network. Then click Close.
5 Select ZOOM (or the SSID you changed it to) from the Available networks list, then click the Configure button to add it to the Preferred networks list. The notebook will try to connect to the Internet using the wireless networks listed here, in the order in which they appear. (If you already have networks listed here, we recommend you either remove them or use the Move up button to move ZOOM (or the SSID you changed it to) to the top of the list.) The cable/modem router comes set up with default security.
unlikely event that you have disabled security (described in the section Disabling Security), you do not need to enter the Pre-Shared Key; so you should skip step 2 and proceed to step 3.) Tip! If you need help, refer to the documentation that came with your wireless device. There are several site scan issues you should be aware of: ¾ More than one wireless network may appear in the list. These are other wireless networks that are within range of your network.
wireless networks in your area. When the SSID (Service Set Identifier) of your Cable Modem/Router wireless network appears in the list—the default SSID is ZOOM—select it (or the SSID you created) as the network you want to use to connect to the Internet. (The default security mode is WPA-PSK/WPA2-PSK. If you have disabled security (described in the section Disabling Security), you do not need to enter the Pre-Shared Key; skip step 2 and proceed to step 3.
To disconnect from the current network: 1 On your computer that has a wireless adapter, find the wireless network connection option (similar to the process of adding your computer to the network). 2 Click or highlight ZOOM (or the SSID you changed it to). 3 Select or click on Disconnect or similarly-named button.
Appendix B: Troubleshooting Tips Problem: Solution: I cannot access my Internet service or send or receive email. The following front panel lights on the cable modem/router – ONLINE, US (upstream), DS (downstream), and POWER – must be solidly lit before your modem will let you connect to the Internet. If they are not: ¾ Check all modem connections (power, Ethernet, and cable modem line). ¾ Unplug your cable modem/router and then plug it back in. ¾ Restart your computer.
Appendix C: If You Need Help We encourage you to register your product and to notice the many support options available from Zoom. Please go to www.zoomtel.com/techsupport. From here you can register your router and/or contact our technical support experts and/or use our intelligent database SmartFactstm and/or get warranty information.
Appendix D: Compliance FCC Interference Statement This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against radio interference in a commercial environment. This equipment can generate, use and radiate radio frequency energy and, if not installed and used in accordance with the instructions in this manual, may cause harmful interference to radio communications.
IMPORTANT NOTE: FCC Radiation Exposure Statement This equipment complies with FCC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance 20cm between the radiator & your body. This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter.
