802.11g Wireless 4-port Router User's Guide

ManualsBrandsZyXEL Communications ManualsNetwork RouterG-2000 Plus

111

112

113

114

115

116

117

118

119

120

Table Of Contents

User’s Guide
Copyright
- Disclaimer
- Trademarks
Federal Communications Commission (FCC) Interference Statement
- Notice 1
- Certifications
ZyXEL Limited Warranty
- Note
- Safety Warnings
Customer Support
Table of Contents
List of Figures
List of Tables
Preface
- About This User's Guide
- Related Documentation
- User Guide Feedback
- Syntax Conventions
- Graphics Icons Key
Getting to Know Your ZyAIR
- 1.1 Introducing the ZyAIR
- 1.2 ZyAIR Features
  - 1.2.1 Physical Features
  - 1.2.2 Firmware Features
- 1.3 Applications for the ZyAIR
  - 1.3.1 Internet Access Application
Introducing the Web Configurator
- 2.1 Web Configurator Overview
- 2.2 Accessing the ZyAIR Web Configurator
- 2.3 Resetting the ZyAIR
  - 2.3.1 .Procedure To Use The Reset Button
  - 2.3.2 Method of Restoring Factory-Defaults Via Web Configurator
- 2.4 Navigating the ZyAIR Web Configurator
Wizard Setup
- 3.1 Wizard Setup Overview
- 3.2 Wizard Setup: General Setup
- 3.3 Wizard Setup: Wireless LAN
- 3.4 Wizard Setup: Screen 3
- 3.5 Wizard Setup: Screen 4
- 3.6 Wizard Setup: Screen 5
- 3.7 Basic Setup Complete
System Screens
- 4.1 System Overview
- 4.2 Configuring General Setup
- 4.3 Dynamic DNS
  - 4.3.1 DynDNS Wildcard
- 4.4 Configuring Dynamic DNS
- 4.5 Configuring Password
- 4.6 Configuring Time Setting
LAN Screens
- 5.1 LAN Overview
- 5.2 DHCP Setup
  - 5.2.1 IP Pool Setup
  - 5.2.2 System DNS Servers
- 5.3 LAN TCP/IP
- 5.4 Configuring IP
- 5.5 Configuring Static DHCP
- 5.6 Configuring IP Alias
Wireless Configuration and Roaming
- 6.1 Wireless LAN Overview
- 6.2 Wireless LAN Basics
  - 6.2.1 RTS/CTS
  - 6.2.2 Fragmentation Threshold
- 6.3 Configuring Wireless
- 6.4 Configuring Roaming
  - 6.4.1 Requirements for Roaming
Wireless Security
- 7.1 Wireless Security Overview
- 7.2 Security Parameters Summary
- 7.3 WEP Overview
  - 7.3.1 Data Encryption
    - 7.3.1.1 Authentication
- 7.4 Configuring WEP Encryption
- 7.5 Introduction to WPA
- 7.6 Configuring WPA-PSK Authentication
- 7.7 Wireless Client WPA Supplicants
  - 7.7.1 WPA with RADIUS Application Example
- 7.8 Configuring WPA Authentication
- 7.9 Introduction to RADIUS
  - 7.9.1 Types of RADIUS Messages
- 7.10 Configuring RADIUS
- 7.11 802.1x Overview
- 7.12 Dynamic WEP Key Exchange
- 7.13 Configuring 802.1x and Dynamic WEP Key Exchange
- 7.14 Configuring 802.1x and Static WEP Key Exchange
- 7.15 Configuring 802.1x
- 7.16 MAC Filter
Internal RADIUS Server
- 8.1 Internal RADIUS Overview
- 8.2 Internal RADIUS Server Setting
- 8.3 Trusted AP Overview
- 8.4 Configuring Trusted AP
- 8.5 Trusted Users Overview
- 8.6 Configuring Trusted Users
WAN
- 9.1 WAN Overview
- 9.2 Configuring WAN ISP
- 9.3 TCP/IP Priority (Metric)
- 9.4 Configuring WAN IP
- 9.5 Configuring WAN MAC
Single User Account (SUA) / Network Address Translation (NAT)
- 10.1 NAT Overview
- 10.2 Using NAT
  - 10.2.1 SUA (Single User Account) Versus NAT
- 10.3 SUA Server
- 10.4 Configuring SUA Server
- 10.5 Configuring Address Mapping
  - 10.5.1 Configuring Address Mapping
- 10.6 Trigger Port Forwarding
  - 10.6.1 Trigger Port Forwarding Example
  - 10.6.2 Two Points To Remember About Trigger Ports
- 10.7 Configuring Trigger Port Forwarding
Static Route Screens
- 11.1 Static Route Overview
- 11.2 Configuring IP Static Route
  - 11.2.1 Configuring Route Entry
Remote Management Screens
- 12.1 Remote Management Overview
- 12.2 Configuring WWW
- 12.3 Configuring Telnet
- 12.4 Configuring TELNET
- 12.5 Configuring FTP
- 12.6 SNMP
- 12.7 Configuring DNS
- 12.8 Configuring Security
UPnP
- 13.1 Universal Plug and Play Overview
- 13.2 UPnP and ZyXEL
- 13.3 Configuring UPnP
- 13.4 Installing UPnP in Windows Example
  - 13.4.1 Installing UPnP in Windows Me
  - 13.4.2 Installing UPnP in Windows XP
- 13.5 Using UPnP in Windows XP Example
Firewalls
- 14.1 Firewall Overview
- 14.2 Types of Firewalls
- 14.3 Introduction to ZyXEL’s Firewall
- 14.4 Denial of Service
  - 14.4.1 Basics
  - 14.4.2 Types of DoS Attacks
    - 14.4.2.1 ICMP Vulnerability
    - 14.4.2.2 Traceroute
- 14.5 Stateful Inspection
- 14.6 Guidelines For Enhancing Security With Your Firewall
- 14.7 Packet Filtering Vs Firewall
  - 14.7.1 Packet Filtering:
    - 14.7.1.1 When To Use Filtering
  - 14.7.2 Firewall
    - 14.7.2.1 When To Use The Firewall
Firewall Screens
- 15.1 Access Methods
- 15.2 Firewall Policies Overview
- 15.3 Rule Logic Overview
- 15.4 Connection Direction Examples
  - 15.4.1 LAN to WAN Rules
  - 15.4.2 WAN to LAN Rules
- 15.5 Alerts
- 15.6 Configuring Firewall
- 15.7 Example Firewall Rule
- 15.8 Predefined Services
Content Filtering
- 16.1 Introduction to Content Filtering
- 16.2 Restrict Web Features
- 16.3 Days and Times
- 16.4 Configure Content Filtering
Certificates
- 17.1 Certificates Overview
  - 17.1.1 Advantages of Certificates
- 17.2 Self-signed Certificates
- 17.3 Configuration Summary
- 17.4 My Certificates
- 17.5 Certificate File Formats
- 17.6 Importing a Certificate
- 17.7 Creating a Certificate
- 17.8 My Certificate Details
- 17.9 Trusted CAs
- 17.10 Importing a Trusted CA’s Certificate
- 17.11 Trusted CA Certificate Details
Log Screens
- 18.1 Configuring View Log
- 18.2 Configuring Log Settings
- 18.3 Configuring Reports
Maintenance
- 19.1 Maintenance Overview
- 19.2 System Status Screen
  - 19.2.1 System Statistics
- 19.3 DHCP Table Screen
- 19.4 Association List
- 19.5 F/W Upload Screen
- 19.6 Configuration Screen
- 19.7 Restart Screen
Introducing the SMT
- 20.1 SMT Introduction
- 20.2 Connect to your ZyAIR Using Telnet
  - 20.2.1 Entering Password
- 20.3 Changing the System Password
- 20.4 ZyAIR SMT Menu Overview Example
- 20.5 Navigating the SMT Interface
  - 20.5.1 System Management Terminal Interface Summary
- 20.6 Changing the System Password
General Setup
- 21.1 General Setup
  - 21.1.1 Procedure To Configure Menu 1
  - 21.1.2 Procedure to Configure Dynamic DNS
Menu 2 WAN Setup
- 22.1 Introduction to WAN
- 22.2 WAN Setup
LAN Setup
- 23.1 LAN Setup
  - 23.1.1 General Ethernet Setup
- 23.2 Protocol Dependent Ethernet Setup
- 23.3 TCP/IP Ethernet Setup and DHCP
  - 23.3.1 IP Alias Setup
- 23.4 Wireless LAN Setup
  - 23.4.1 Configuring MAC Address Filter
Internet Access
- 24.1 Introduction to Internet Access Setup
- 24.2 Ethernet Encapsulation
- 24.3 Configuring the PPTP Client
- 24.4 Configuring the PPPoE Client
- 24.5 Basic Setup Complete
Remote Node Configuration
- 25.1 Introduction to Remote Node Setup
- 25.2 Remote Node Profile Setup
- 25.3 Edit IP
- 25.4 Remote Node Filter
Static Route Setup
- 26.1 IP Static Route Setup
Dial-in User Setup
- 27.1 Dial-in User Setup
Network Address Translation (NAT)
- 28.1 Using NAT
  - 28.1.1 SUA (Single User Account) Versus NAT
- 28.2 Applying NAT
- 28.3 NAT Setup
  - 28.3.1 Address Mapping Sets
    - 28.3.1.1 User-Defined Address Mapping Sets
    - 28.3.1.2 Ordering Your Rules
- 28.4 Configuring a Server behind NAT
- 28.5 General NAT Examples
- 28.6 Configuring Trigger Port Forwarding
Filter Configuration
- 29.1 Introduction to Filters
  - 29.1.1 The Filter Structure of the ZyAIR
- 29.2 Configuring a Filter Set
- 29.3 Example Filter
- 29.4 Filter Types and NAT
- 29.5 Firewall Versus Filters
- 29.6 Applying a Filter
  - 29.6.1 Applying LAN Filters
  - 29.6.2 Applying Remote Node Filters
Enabling the Firewall
- 30.1 Remote Management and the Firewall
- 30.2 Access Methods
- 30.3 Enabling the Firewall
SNMP Configuration
- 31.1 About SNMP
- 31.2 Supported MIBs
- 31.3 SNMP Configuration
- 31.4 SNMP Traps
System Security
- 32.1 System Security
System Information and Diagnosis
- 33.1 System Status
- 33.2 System Information
  - 33.2.1 System Information
  - 33.2.2 Console Port Speed
- 33.3 Log and Trace
- 33.4 Diagnostic
  - 33.4.1 WAN DHCP
Firmware and Configuration File Maintenance
- 34.1 Filename Conventions
- 34.2 Backup Configuration
- 34.3 Restore Configuration
  - 34.3.1 Restore Using FTP
  - 34.3.2 Restore Using FTP Session Example
- 34.4 Uploading Firmware and Configuration Files
System Maintenance and Information
- 35.1 Command Interpreter Mode
- 35.2 Call Control Support
  - 35.2.1 Budget Management
  - 35.2.2 Call History
- 35.3 Time and Date Setting
  - 35.3.1 Resetting the Time
Remote Management
- 36.1 Remote Management
- 36.2 Remote Management and NAT
- 36.3 System Timeout
Call Scheduling
- 37.1 Introduction to Call Scheduling
Appendix A
- Troubleshooting
Appendix B
- Brute-Force Password Guessing Protection
  - Example
Appendix C
- Setting up Your Computer’s IP Address
Appendix D
- IP Address Assignment Conflicts
Appendix E
- IP Subnetting
Appendix F
- Command Interpreter
  - Command Syntax
  - Command Usage
Appendix G
- Log Descriptions
  - Log Commands
    - Configuring What You Want the ZyAIR to Log
    - Displaying Logs
  - Log Command Example
Appendix H
- Wireless LAN and IEEE 802.11
Appendix I
- Wireless LAN With IEEE 802.1x
Appendix J
- Types of EAP Authentication
Appendix K
- Antenna Selection and Positioning Recommendation
Appendix L
- Power Adaptor Specifications
Index
- Numerics
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- Z

ZyAIR G-2000 Plus User’s Guide

Chapter 8 Internal RADIUS Server 114

CHAPTER 8

Internal RADIUS Server

This chapter describes how to use the internal RADIUS server to authenticate wireless clients

or other AP’s in other wireless networks.For more background information on RADIUS, see

section

7.9.

8.1 Internal RADIUS Overview

The ZyAIR has a built-in RADIUS server that can authenticate wireless clients or other AP’s

in other wireless networks.

The ZyAIR can function as an AP and as a RADIUS server at the same time.

PEAP (Protected EAP) and MD5 authentication is implemented on the internal RADIUS

server using simple username and password methods over a secure TLS connection. See the

Appendix for more information on the types of EAP authentication and the internal RADIUS

authentication method used in your ZyAIR.