Copyright © 2009 ZyXEL Communications Corporation DEFAULT LOGIN DETAILS IP Address http://192.168.10.1 Password 1234 Firmware Version 1.
MWR222 Mobile Wireless Router MWR211 User’s Guide 2
About This User's Guide Intended Audience This manual is intended for people who want to configure the MWR222 using the Web Configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology. Related Documentation • Quick Start Guide The Quick Start Guide is designed to help you get up and running right away. It contains information on setting up your network and configuring for Internet access. • Supporting Disc Refer to the included CD for support documents.
Customer Support Please have the following information ready when you contact Customer Support: • Product model and serial number • Warranty information • Date that you received or purchased your device • Brief description of the problem including any steps that you have taken before contacting the ZyXEL Customer Support representative Support Email support@zyxel.com Toll-Free 1-800-978-7222 Website www.us.zyxel.com Postal mail ZyXEL Communications Inc. 1130 N.
Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide: Warnings tell you about things that could harm you or your device. Note: Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations. Syntax Conventions • The MWR222 may be referred to as the “MWR222”, the “device”, the “product” or the “system” in this User’s Guide.
Icons Used in Figures Figures in this User’s Guide may use the following generic icons. The MWR222 icon is not an exact representation of your device.
Safety Warnings • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. • Do not leave the device exposed to a heat source or in a high-temperature location such as in the sun or in an unattended vehicle.
Battery Warnings Please follow the safety guidelines described in the safety warning and battery warning. Failing to do so may shorten the lifespan of the internal lithium ion battery or may present a risk of damage to the unit, fire, chemical burn, electrolyte leak and/or injury. • Do not leave unit exposed to a heat source or in a location that may become hot, such as a parked vehicle or in direct sunlight. Do not leave in a glove box, trunk or other location that may become hot.
Table of Contents About This User's Guide ........................................................................................................ 3 Document Conventions ......................................................................................................... 5 Safety Warnings ..................................................................................................................... 7 Part I: Introduction ............................................................................
Chapter 4 MWR222 Modes .................................................................................................................... 32 4.1 Overview ............................................................................................................................... 32 4.1.1 Device Modes ............................................................................................................. 32 Chapter 5 Router Mode ......................................................................
Chapter 8 Tutorials ................................................................................................................................ 69 8.1 Overview ............................................................................................................................... 69 8.2 Connecting to the Internet ..................................................................................................... 69 8.2.1 DSL Modem ................................................................
10.4.1 Ethernet Encapsulation ........................................................................................... 103 10.4.2 PPPoE Encapsulation ............................................................................................. 106 10.4.3 PPTP Encapsulation ............................................................................................... 109 10.4.4 L2TP Encapsulation ................................................................................................ 113 10.
Chapter 15 OpenDNS ............................................................................................................................ 146 15.1 Overview .......................................................................................................................... 146 15.2 What You Can Do ............................................................................................................. 146 15.3 OpenDNS Screen ....................................................................
20.2 What You Can Do ............................................................................................................. 165 20.3 What You Need To Know ................................................................................................. 166 20.4 General Screen ............................................................................................................... 166 20.5 Advanced Screen ...........................................................................................
Chapter 25 Time ................................................................................................................................. 191 25.1 Overview ........................................................................................................................... 191 25.2 What You Can Do ............................................................................................................. 191 25.3 Time Setting Screen ............................................................
Chapter 32 Product Specifications ...................................................................................................... 218 Part VI: Appendices and Index .......................................................... 222 Appendix A Pop-up Windows, JavaScripts and Java Permissions ..................................... 223 Appendix B IP Addresses and Subnetting .......................................................................... 231 Appendix C Setting up Your Computer’s IP Address.........
Part I: Introduction Getting to Know Your MWR222 Introducing the Web Configurator Monitor MWR222 Modes Tutorials MWR211 User’s Guide 17
1. Getting to Know Your MWR222 1.1 Overview This chapter introduces the main features and applications of the MWR222. Like a high performance wireless router, the MWR222 extends the range of your existing wired network without additional wiring, providing easy network access to in-home and in-office users. It also features two USB ports - One on the back, to connect to a compatible 3G modem when the land line is down or simply not available, and one on the side which is reserved for future expansion.
Figure 1 MWR222 Network 1.3 Ways to Manage the MWR222 Use any of the following methods to manage the MWR222. • Web Configurator. This is recommended for everyday management of the MWR222 using a (supported) web browser. • SNMP management. This allows you to manage your MWR222 with a group of networked devices from a management program. Currently MWR222 supports SNMP v1, with further support available for future releases. • Wireless switch.
• Back up the configuration (and make sure you know how to restore it). Restoring an earlier working configuration may be useful if the device becomes unstable or even crashes. If you forget your password, you will have to reset the MWR222 to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the MWR222. You could simply restore your last configuration. 1.
WLAN Green Green WPS Green On The MWR222 is ready, but is not sending/receiving data through the wireless LAN. Blinking The MWR222 is sending/receiving data through the wireless LAN. Off The wireless LAN is not ready or has failed. On WPS is enabled. Blinking The MWR222 is negotiating a WPS connection with a wireless client. Off The wireless LAN is not ready or has failed. On The MWR222 has a successful 10/100MB Ethernet connection.
2. Introducing the Web Configurator 2.1 Overview This chapter describes how to access the MWR222 Web Configurator and provides an overview of its screens. The Web Configurator is an HTML-based management interface that allows easy setup and management of the MWR222 via Internet browser. Use Internet Explorer 7.0 and later or Firefox 3.0 and later versions or Safari 4.0 or later versions. The recommended screen resolution is 1024 by 768 pixels or higher.
Figure 3 Login screen The following table describes the labels in this screen. Table 2 Login screen LABEL DESCRIPTION Password Type “1234” (default) as the password. 2.2.2 Password Screen You should see a screen asking you to change your password (highly recommended) as shown next. Figure 4 Change Password Screen The following table describes the labels in this screen. Table 3 Change Password Screen LABEL DESCRIPTION New Password Type a new password.
Confirm Apply Click Apply to save your changes to the MWR222. Ignore Click Ignore if you do not want to change the password at this time. Note: The management session automatically times out when the time period set in the Administrator Inactivity Timer field expires (default five minutes; go to Chapter 24 to see how to change this). Simply log back into the MWR222 if this happens. 2.
3. Monitor 3.1 Overview This chapter discusses read-only information related to the device state of the MWR222. Note: To access the Monitor screens, you can also click the links in the Summary table of the Status screen to view the bandwidth consumed, packets sent/received as well as the status of clients connected to the MWR222. 3.2 What You Can Do • Use the BW MGMT Monitor screen to view the amount of network bandwidth that applications running in the network are using.
Figure 5 Summary: BW MGMT Monitor 3.4 DHCP Table DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server. You can configure the MWR222’s LAN as a DHCP server or disable it. When configured as a server, the MWR222 provides the TCP/IP configuration for the clients. If DHCP service is disabled, you must have another DHCP server on that network. Otherwise, the computer must be manually configured.
Table 4 Summary: DHCP Table LABEL DESCRIPTION # This is the index number of the host computer. MAC Address This field shows the MAC address of the computer with the name in the Host Name field. Every Ethernet device has a unique MAC (Media Access Control) address which uniquely identifies a device. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02.
Table 5 Summary: Packet Statistics LABEL DESCRIPTION Port Displays the MWR222’s port type. Status The LAN Port field displays the port speed and duplex setting if the device is currently connected, or Down if the device is disconnected. The WAN Port field displays the port speed and duplex setting if you’re using Ethernet encapsulation.
3.6 WLAN Station Status Click the WLAN Station Status (Details...) hyperlink in the Status screen. The Association List displays the wireless stations that are currently associated with the MWR222. Association means that a wireless client (for example, your network or computer with a wireless network card) has connected successfully to the AP (or wireless router) using the same SSID, channel and security settings.
Figure 9 Summary: Mobile WAN Connection Information Figure 10 Summary: LTE/3G Mobile WAN Connection Information Table 7 Summary: Mobile WAN Connection Information LABEL DESCRIPTION Connection Status This field displays the status of your 3G connection. Network Type This field displays the type of your network. Signal Strength This field displays the signal strength of your 3G connection. Manufacturer This field displays the manufacturer of your mobile USB device.
Product This field displays the product name of your mobile USB device. Firmware Version This displays the firmware version of your mobile USB device. Network Operater This field displays the name of your mobile ISP. Network Mode This displays the current network mode of your 3G connection. SIM status This field displays the status of your SIM card. Figure 11 Summary: WiMAX Mobile WAN Connection Information The following table describes the labels in this screen.
Rx Power Mean This field displays the average receiving power of your WiMAX connection. CINR Mean This displays the average CINR of your WiMAX connection Center Freq. This displays the center frequency of your WiMAX connection. 4. MWR222 Modes 4.1 Overview This chapter introduces the different modes available on your MWR222. 4.1.1 Device Modes This refers to the operating mode of the MWR222, which can act as a: • Router. This is the default device mode of the MWR222.
For more information on these modes and to change the mode of your MWR222, refer to Chapter 30. Note: Choose your Device Mode carefully to avoid having to change it later. When changing to another mode, the IP address of the MWR222 changes. The running applications and services of the network devices connected to the MWR222 can be interrupted. In WISP mode, you should know the SSID and wireless security details of the access point to which you want to connect.
5. Router Mode 5.1 Overview The MWR222 is set to router mode by default. Routers are used to connect the local network to another network (for example, the Internet). In the figure below, the MWR222 connects the local network (LAN1) to the Internet. Figure 13 MWR222 Network Note: The Status screen is shown in the Web Configurator. It varies depending on the device mode of your MWR222. 5.2 What You Can Do Use the Status screen to view read-only information about your MWR222.
5.3 Status Screen Click to open the status screen.
Table 9 Status Screen Icon Key: Router Mode ICON DESCRIPTION Click this icon to view copyright and a link for related product information. Select a number of seconds or None from the drop-down list box to refresh all screen statistics automatically at the end of every time interval or to not refresh the screen statistics. Click this button to refresh the status screen statistics. Click this icon to see the Status page. The information in this screen depends on the device mode you select.
Sys OP Mode This is the device mode ( Device Modes) to which the MWR222 is set – Router Mode. WAN Information - MAC Address - Active WAN type This shows the WAN Ethernet adapter MAC Address of your device. This shows the kind of WAN connection is active. There are two types of WAN: Ethernet and Mobile WAN - IP Address This shows the WAN port’s IP address. - IP Subnet Mask This shows the WAN port’s subnet mask. - Default Gateway This shows the WAN port’s gateway IP address.
- Operating Channel This field shows the channel number which the MWR222 is currently using over the wireless LAN. - Security Mode This field shows the level of wireless security the MWR222 is using. - 802.11 Mode This field shows the wireless standard. - WPS This displays Configured when the WPS has been set up, or Unconfigured if it has not. Click the status to display Network > Wireless LAN > WPS screen. System Status Item This column shows the type of data the MWR222 is recording.
- Quota Usage When Quota management is enabled and MWAN is the primary WAN, it shows the number of MBs that are currently being used. - Percentage Usage When Quota management is enabled and MWAN is the primary WAN, it shows the percentage of the maximum quota that has been reached. Interface Status Interface This displays the MWR222 port types. The port types are: WAN, LAN, WLAN and Mobile WAN. For the LAN and WAN ports, this field displays Down (line is down) or Up (line is up or connected).
5.3.1 Navigation Panel Use the sub-menus on the navigation panel to configure MWR222 features. Figure 15 Navigation Panel: Router Mode The following table describes the sub-menus. Table 11 Navigation Panel: Router Mode LINK TAB Status FUNCTION This screen shows the MWR222’s general device, system and interface status information. Use this screen to access the wizard, and summary statistics tables. MONITOR Log Use this screen to view the list of activities recorded by your MWR222.
WLAN Station Status Use this screen to view the wireless stations that are currently associated to the MWR222. MWAN MGMT Monitor Use this screen to view the MWAN connection information. CONFIGURATION Network Wireless LAN General Use this screen to configure wireless LAN. MAC Filter Use the MAC filter screen to configure the MWR222 to block access to devices or block the devices from accessing the MWR222. Advanced This screen allows you to configure advanced wireless settings.
Advanced Use this screen to configure other advanced properties. IGMP Snooping Use this screen to enable IGMP snooping if you have LAN users that subscribe to multicast services. LAN IP DHCP Server IP Alias Use this screen to have the MWR222 apply IP alias to create LAN subnets. General Use this screen to enable the MWR222’s DHCP server. See Chapter 12 for more information about DHCP.
Services Content Filter This screen shows a summary of the firewall rules, and allows you to edit/add a firewall rule. Use this screen to block certain web features and sites containing certain keywords in the URL. Management Bandwidth Management Remote Management UPnP General Use this screen to enable bandwidth management. Advanced Use this screen to set the upstream bandwidth and edit a bandwidth management rule.
MAINTENANCE General Password Time Use this screen to view and change administrative settings such as system and domain names. Password Setup Use this screen to change the password of your MWR222. Time Setting Use this screen to change your MWR222’s time and date. Firmware Upgrade Use this screen to upload firmware to your MWR222. Backup/ Restore/ Reset Restart Use this screen to backup and restore the configuration or reset the factory defaults to your MWR222.
6. Access Point Mode 6.1 Overview Use your MWR222 as an access point (AP) if you already have a router or gateway on your network. In this mode your MWR222 bridges a wired network (LAN) and wireless LAN (WLAN) in the same subnet. See the figure below for an example. Figure 16 Wireless Internet Access in Access Point Mode Many screens that are available in Router mode are not available in Access Point mode, such as bandwidth management and firewall.
• Use the LAN screen to set the IP address for your MWR222 acting as an access point. 6.3 What You Need to Know See Chapter 10 for a tutorial on setting up a network with the MWR222 as an access point. 6.3.1 Setting your MWR222 to AP Mode 1 Log into the Web Configurator if you haven’t already. See the Quick Start Guide for instructions on how to do this. 2 To use your MWR222 as an access point, go to Maintenance > Sys OP Mode > General and select Access Point mode.
Figure 18 Pop up for Access Point mode Click OK. The Web Configurator refreshes once the change to Access Point mode is successful. 6.3.2 Accessing the Web Configurator in Access Point Mode Log in to the Web Configurator in Access Point mode, do the following: 1 Connect your computer to the LAN port of the MWR222. 2 The default IP address of the MWR222 is “192.168.10.2”. In this case, your computer must have an IP address in the range between “192.168.10.3” and “192.168.10.254”.
• See Chapter 20 for information on configuring your Bandwidth Management screen. • See Maintenance and Troubleshooting for information on configuring your Maintenance settings. 6.4 AP Mode Status Screen Click to open the Status screen. Figure 19 Status Screen: Access Point Mode The following table describes the labels shown in the Status screen. Table 12 Status Screen: Access Point Mode LABEL DESCRIPTION Logout Click this at any time to exit the Web Configurator.
Host Name This is the System Name you enter in the Maintenance > General screen. It is for identification purposes. Firmware Version This is the firmware version and the date created. Sys OP Mode This is the device mode ( Device Modes) to which the MWR222 is set Access Point Mode. LAN Information - MAC Address This shows the LAN Ethernet adapter MAC Address of your device. - IP Address This shows the LAN port’s IP address. - IP Subnet Mask This shows the LAN port’s subnet mask.
System Status Item This column shows the type of data the MWR222 is recording. Data This column shows the actual data recorded by the MWR222. System Up Time This is the total time the MWR222 has been on. Current Date/Time This field displays your MWR222’s present date and time. System Resource - CPU Usage This displays what percentage of the MWR222’s processing ability is currently used.
WLAN Station Status Click Details... to go to the Monitor > WLAN Station Status screen. Use this screen to view the wireless stations that are currently associated to the MWR222. 6.4.1 Navigation Panel Use the menu in the navigation panel to configure MWR222 features in Access Point mode. The following screen and table show the features you can configure in Access Point mode.
Figure 21 Network > LAN > IP The table below describes the labels in the screen. Table 13 Network > LAN > IP LABEL DESCRIPTION Click this to deploy the MWR222 as an access point in the network. Get from DHCP Server When you enable this, the MWR222 gets its IP address from the network’s DHCP server (for example, your ISP). Users connected to the MWR222 can now access the network (i.e., the Internet if the IP address is given by the ISP).
Select From ISP if your ISP dynamically assigns DNS server information (and the MWR222's WAN IP address). The field to the right displays the (read-only) DNS server IP address that the ISP assigns. First DNS Server Second DNS Server Select User-Defined if you have the IP address of a DNS server. Enter the DNS server's IP address in the field to the right. If you chose UserDefined, but leave the IP address set to 0.0.0.0, User-Defined changes to None after you click Apply.
7. WISP Mode 7.1 Overview Your MWR222 can receive a WAN IP address from an 802.11 WIFI connection. In WISP mode, it can connect to an existing network via an access point. Use this mode if your Internet Service Provider allows you to connect to their network via 802.11 WIFI. This mode is meant to allow a Public IP address to be received via a Wi-Fi connection. If when you connect your MWR222 to an access point you receive a Private IP address (i.e. 192.168.10.
7.2 What You Can Do • Use the Status screen to view read-only information about your MWR222. • Use the LAN screen to set the IP address for your MWR222 acting as an access point. • Use the Wireless LAN screen to associate your MWR222 (acting as a wireless client) with an existing access point. 7.3 What You Need to Know With the exception of the LAN screen, the Monitor, Configuration and Maintenance screens in WISP mode are similar to the ones in Router Mode. 7.3.
Figure 24 Pop up window for WISP mode Click OK. The Web Configurator refreshes once the change to WISP mode is successful. 7.3.2 Accessing the Web Configurator in WISP Mode To login to Web Configurator in WISP mode, do the following 1 Connect your computer to the LAN port of the MWR222. 2 The default IP address of the MWR222 is “192.168.10.1”. If you did not change this, you can use the same IP address in WISP mode. Open a web browser such as Internet Explorer and type “192.168.10.
7.4 WISP Mode Status Screen Click to open the status screen. Figure 25 Status: WISP Mode The following table describes the labels shown in the Status screen. Table 14 Status Screen: WISP Mode LABEL DESCRIPTION Logout Click this at any time to exit the Web Configurator. Device Information Host Name This is the System Name you enter in the Maintenance > General screen. It is for identification purposes. Firmware Version This is the firmware version and the date created.
Sys OP Mode This is the device mode ( Device Modes) to which the MWR222 is set WISP Mode. WAN Information - MAC Address This shows the WAN Ethernet adapter MAC Address of your device. - IP Address This shows the WAN port’s IP address. - IP Subnet Mask This shows the WAN port’s subnet mask. - Default Gateway This shows the WAN port’s gateway IP address. - DHCP This shows the LAN port’s DHCP role - Client or Server.
- 802.11 Mode This shows the wireless standard. System Status Item This column shows the type of data the MWR222 is recording. Data This column shows the actual data recorded by the MWR222. System Up Time This is the total time the MWR222 has been on. Current Date/Time This field displays your MWR222’s present date and time. System Resource - CPU Usage This displays what percentage of the MWR222’s processing ability is currently used.
For the LAN ports, this displays the port speed and duplex setting or N/A when the line is disconnected. Rate For the WAN port, it displays the port speed and duplex setting if you’re using Ethernet encapsulation and Idle (line (ppp) idle), Dial (starting to trigger a call) and Drop (dropping a call) if you're using PPPoE or PPTP encapsulation. This field displays N/A when the line is disconnected.
Table 15 WISP Mode: LAN > General Screen LABEL DESCRIPTION Wireless Setup Network Name (SSID) Enter the name of the access point to which you are connecting. Security Security Mode Select the security mode of the access point to which you want to connect. Apply Click Apply to save your changes back to the MWR222. Reset Click Reset to reload the previous configuration for this screen. 7.5.1 No Security Use this screen if the access point to which you want to connect does not use encryption.
Table 16 No Security (WISP) LABEL DESCRIPTION Wireless Setup Network Name (SSID) Enter the name of the access point to which you are connecting. Security Security Mode Select No Security in this field. Apply Click Apply to save your changes back to the MWR222. Reset Click Reset to reload the previous configuration for this screen. 7.5.2 Static WEP Use this screen if the access point to which you want to connect to uses WEP security mode.
The following table describes the labels in this screen. Table 17 WEP (WISP) LABEL DESCRIPTION Wireless Setup Network Enter the name of the access point to which you are connecting. Name (SSID) Security Security Mode Select Static WEP to enable data encryption. Passphrase Enter a Passphrase (up to 26 printable characters) and click Generate. A passphrase functions like a password. In WEP security mode, it is further converted by the MWR222 into a complicated string that is referred to as the “key.
Key 1 to Key 4 The WEP keys are used to encrypt data. Both the MWR222 and the wireless stations must use the same WEP key for data transmission. If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal characters ("0-9", "A-F"). If you chose 128-bit WEP, then enter 13 ASCII characters or 26 hexadecimal characters ("0-9", "A-F"). You must configure at least one key, only one key can be activated at any one time. The default key is key 1.
Network Name (SSID) Enter the name of the access point to which you are connecting. Security Encryption Type Select the type of wireless encryption employed by the access point to which you want to connect. Pre-Shared Key WPA-PSK/WPA2-PSK uses a simple common password for authentication. Type the pre-shared key employed by the access point to which you want to connect. Apply Click Apply to save your changes back to the MWR222. Reset Click Reset to reload the previous configuration for this screen.
Table 19 Configuration > Wireless LAN > Advance Screen (WISP) LABEL Power Saving Mode RTS Threshold Fragment Threshold DESCRIPTION Select CAM (Constantly Awake Mode) if you do not want your MWR222 to go to “sleep” when no wireless activity is detected in the Wireless LAN. Select Power Saving Mode if you want the MWR222 to go to sleep when no wireless connection is needed for a period of time. This means the MWR222 consumes less electrical power.
Figure 31 Configuration > Wireless LAN > Site Survey (WISP) The following table describes the labels in this screen. Table 20 Configuration > Wireless LAN > Site Survey (WISP) LABEL DESCRIPTION Station Site Survey # Use this option to select the wireless network you want to connect to. SSID This displays the Network Name (SSID) of the wireless networks close to you. This displays the MAC address of the wireless device listed.
Setting Click this after selecting a network to set the MWR211 User’s Guide 68
8 Tutorials 8.1 Overview This chapter provides tutorials for your MWR222 as follows: • Wired and Wireless 3G connection to the Internet • Connecting to the Internet from an Access Point • Configuring Wireless Security Using WPS • 8.5 Enabling and Configuring Wireless Security (N 8.2 Connecting to the Internet When first connecting your MWR222 to a wired or wireless 3G Internet connection, you will want to ensure you are connecting with the best possible settings for the modem being used.
this is done user can no longer use the wired connection for the web configurator.) • Open your browser and log into the MWR222. Click on Configuration > Network > Wired WAN, for the encryption select “PPPoE” and enter your PPPoE “Username and Password.” 8.2.2 Cable Modem • Connect the cable modem to your MWR222 on the WAN port. (MWR222 has only one Ethernet port, and it is configured to be a LAN port by default.
• When a 3G USB adapter is removed from the USB port, the USB LED will turn off in about 10 seconds. Do not re-insert the 3G USB adapter into the USB port until the USB LED has turned off, or 10 seconds have passed. • The Data Usage Count, if enabled, will be written to MWR222 internal storage when the 3G USB adapter is removed. Do not power off MWR222 before the USB LED has turned off, or 10 seconds have passed. 8.
8.4 Configuring Wireless Security Using WPS This section gives you an example of how to set up wireless network using WPS. This example uses the MWR222 as the AP and NWD210N as the wireless client which connects to a notebook. Note: The wireless client must be a WPS-aware device (for example, a WPS USB adapter or PCI card). There are two WPS methods for creating a secure connection. This tutorial shows you how to do both.
The following figure shows you an example to set up wireless network and security by pressing a button on both MWR222 and wireless client (the NWD210N in this example). Figure 33 Example WPS Process: PBC Method 8.4.2 PIN Configuration When you use the PIN configuration method, you need to use both MWR222’s configuration interface and the client’s utilities. 1 Launch your wireless client’s configuration utility. Go to the WPS settings and select the PIN method to get a PIN number.
Figure 34 Example WPS Process: PIN Method 8.5 Enabling and Configuring Wireless Security (No WPS) This example shows you how to configure wireless security settings with the following parameters on your MWR222.
Follow the steps below to configure the wireless settings on your MWR222. The instructions require that your hardware is connected (see the Quick Start Guide) and you are logged into the Web Configurator through your LAN connection. 1 Open the Wireless LAN > General screen in the AP’s Web Configurator. 2 Make sure the Enable Wireless LAN check box is selected. 3 Enter SSID_Example3 as the SSID and select a channel.
Figure 36 Tutorial: Checking Wireless Settings 8.5.1 Configure Your Notebook Note: We use the ZyXEL M-302 wireless adapter utility screens as an example for the wireless client. The screens may vary for different models. 1 The MWR222 supports IEEE 802.11b, IEEE 802.11g and IEEE 802.11n wireless clients. Make sure that your notebook or computer’s wireless adapter supports one of these standards. 2 Wireless adapters come with software sometimes called a “utility” that you install on your computer.
Figure 37 Connecting a Wireless Client to a Wireless Network 5 Select WPA-PSK and type the security key in the following screen. Click Next. Figure 38 Security Settings 6 The Confirm Save window appears. Check your settings and click Save to continue. Figure 39 Confirm Save 7 Check the status of your wireless connection in the screen below. If your wireless connection is weak or you have no connection, see the Troubleshooting section of this User’s Guide.
Figure 40 Link Status If your connection is successful, open your Internet browser and enter http://us.zyxel.com or the URL of any other web site in the address bar. If you are able to access the web site, your wireless connection is successfully configured.
Part II Network Wireless LAN WAN LAN DHCP Server Network Address Translation (NAT) Dynamic DNS OpenDNS Static Route RIP MWR211 User’s Guide 79
9 Wireless LAN 9.1 Overview This chapter discusses how to configure the wireless network settings in your MWR222. See the appendices for more detailed information about wireless networks. The following figure provides an example of a wireless network. Figure 41 Example of a Wireless Network The wireless network is the part in the blue circle. In this wireless network, devices A and B are called wireless clients.
9.2 What You Can Do • Use the General screen to enable the Wireless LAN, enter the SSID and select the wireless security mode. • Use the MAC Filter screen to allow or deny wireless stations based on their MAC addresses from connecting to the MWR222. • Use the Advanced screen to allow wireless advanced features, such as intraBSS networking and set the RTS/CTS Threshold. • Use the QoS screen to set priority levels to services, such as e-mail, VoIP, chat, and so on.
This type of security is fairly weak, however, because there are ways for unauthorized devices to get the SSID. In addition, unauthorized devices can still see the information that is sent in the wireless network. 9.3.1.2 MAC Address Filter Every wireless client has a unique identification number, called a MAC address. 1 A MAC address is usually written using twelve hexadecimal characters 2; for example, 00A0C5000002 or 00:A0:C5:00:00:02.
WPA-Personal (TKIP) WPA-Enterprise Strongest WPA2-Personal (AES) WPA2-Enterprise Usually, you should set up the strongest encryption that every wireless client in the wireless network supports. Suppose the wireless network has two wireless clients. Device A only supports WEP, and device B supports WEP and WPA-PSK. Therefore, you should set up WEP in the wireless network. Note: It is recommended that wireless networks use WPA-Personal/Enterprise or stronger encryption. IEEE 802.
9.4 General Wireless LAN Screen Use this screen to enable the Wireless LAN, enter the SSID and select the wireless security mode. Note: If you are configuring the MWR222 from a computer connected to the wireless LAN and you change the MWR222’s SSID, channel or security settings, you will lose your wireless connection when you press Apply to confirm. You must then change the wireless settings of your computer to match the MWR222’s new settings. Click Network > Wireless LAN to open the General screen.
Network Name(SSID) Name (SSID1, SSID2, SSID3) Hide SSID (Service Set IDentity) The SSID identifies the Service Set with which a wireless station is associated. Wireless stations associating to the MWR222 must have the same SSID. Enter a descriptive name (up to 32 keyboard characters) for the wireless LAN. Select this check box to hide the SSID in the outgoing beacon frame so a station cannot obtain the SSID through scanning using a site survey tool.
Figure 43 Network > Wireless LAN > Security: No Security WPA2-PSK has been reworded to WPA-Personal and WPA2-Personal) The following table describes the labels in this screen. Table 23 Network > Wireless LAN > Security: No Security LABEL DESCRIPTION Security Mode Choose No Security from the drop-down list box. Apply Click Apply to save your changes back to the MWR222. Reset Click Reset to reload the previous configuration for this screen.
Figure 44 Network > Wireless LAN > Security: Static WEP The following table describes the wireless LAN security labels in this screen. Table 24 Network > Wireless LAN > Security: Static WEP LABEL DESCRIPTION Security Mode Select Static WEP to enable data encryption. Enter a Passphrase (up to 26 printable characters) and click Generate. Passphrase A passphrase functions like a password.
WEP Encryption Select 64-bit WEP or 128-bit WEP. This dictates the length of the security key that the network is going to use. Select Auto or Shared Key from the drop-down list box. Authenticatio n Method This field specifies whether the wireless clients have to provide the WEP key to login to the wireless client. Keep this setting at Auto unless you want to force a key verification before communication between the wireless client and the ZyXEL Device occurs.
Figure 45 Network > Wireless LAN > Security: WPA-PSK/WPA2-PSK The following table describes the labels in this screen. Table 25 Network > Wireless LAN > Security: WPA-Personal/Enterprise/WPA2Persional/Enterprise LABEL DESCRIPTION Security Mode Select WPA-Personal/Enterprise or WPA2-Personal/Enterprise to enable data encryption. WPACompatible Pre-Shared Key Group Key Update Timer Apply This field appears when you choose WPA2-Personal/Enterprise as the Security Mode.
Reset Click Reset to reload the previous configuration for this screen. Refer to Table 22 Network > Wireless LAN > Gener for descriptions of the other labels in this screen. 9.6 MAC Filter The MAC filter screen allows you to configure the MWR222 to give exclusive access to devices (Allow) or exclude devices from accessing the MWR222 (Deny). Every Ethernet device has a unique MAC (Media Access Control) address.
Table 26 Network > Wireless LAN > MAC Filter LABEL DESCRIPTION Access Policy Define the filter action for the list of MAC addresses in the MAC Address table. Policy Select Allow to permit access to the MWR222, MAC addresses not listed will be denied access to the MWR222.
Figure 47 Network > Wireless LAN > Advanced The following table describes the labels in this screen. Table 27 Network > Wireless LAN > Advanced LABEL RTS/CTS Threshold Fragmentation Threshold DESCRIPTION Data with its frame size larger than this value will perform the RTS (Request To Send)/CTS (Clear To Send) handshake. Enter a value between 256 and 2432. The threshold (number of bytes) for the fragmentation boundary for directed messages. It is the maximum data fragment size that can be sent.
Output Power Set the output power of the MWR222 in this field. If there is a high density of APs in an area, decrease the output power of the MWR222 to reduce interference with other APs. Select one of the following 100%, 90%, 75%, 50%, 25%, 10% or Minimum. See the product specifications for more information on your MWR222’s output power. HT (High Throughput) Physical Mode - Use the fields below to configure the 802.11 wireless environment of your MWR222.
Click Network > Wireless LAN > QoS. The following screen appears. Figure 48 Network > Wireless LAN > QoS The following table describes the labels in this screen. Table 28 Network > Wireless LAN > QoS LABEL DESCRIPTION Enable WMM QoS Check this to have the MWR222 automatically give a service a priority level according to the ToS value in the IP header of packets it sends. WMM QoS (Wifi MultiMedia Quality of Service) gives high priority to voice and video, which makes them run more smoothly.
The following table describes the labels in this screen. Table 29 Network > Wireless LAN > WPS LABEL DESCRIPTION WPS Setup Enable WPS Select this to enable the WPS feature. PIN Number This displays a PIN number last time system generated. Click Generate to generate a new PIN number. Status Status Release Configuration This displays Configured when the MWR222 has connected to a wireless network using WPS or when Enable WPS is selected and wireless or wireless security settings have been changed.
9.10 WPS Station Screen Use this screen when you want to add a wireless station using WPS. To open this screen, click Network > Wireless LAN > WPS Station tab. Note: Note: After you click Push Button on this screen, you have to press a similar button in the wireless station utility within 2 minutes. To add the second wireless station, you have to press these buttons on both device and the wireless station again after the first 2 minutes.
9.11 Scheduling Screen Use this screen to set the times your wireless LAN is turned on and off. Wireless LAN scheduling is disabled by default. The wireless LAN can be scheduled to turn on or off on certain days and at certain times. To open this screen, click Network > Wireless LAN > Scheduling tab. Figure 51 Network > Wireless LAN > Scheduling The following table describes the labels in this screen.
Day Select Everyday or the specific days to turn the Wireless LAN on or off. If you select Everyday you cannot select any specific days. This field works in conjunction with the Except for the following times field. For the following times (24-Hour Format) Select a begin time using the first set of hour and minute (min) drop down boxes and select an end time using the second set of hour and minute (min) drop down boxes.
The following table describes the labels in this screen. Table 32 Network > Wireless LAN > WDS LABEL DESCRIPTION WDS Setup Select the operating mode for your MWR222. Basic Settings Local MAC Address Phy Mode Remote MAC Address • AP + Bridge - The MWR222 functions as a bridge and access point simultaneously. • Bridge - The MWR222 acts as a wireless network bridge. It establishes wireless links with other APs. You need to know the MAC address of the peer device, which also must be in bridge mode.
10 WAN 10.1 Overview This chapter discusses the MWR222’s WAN screens. Use these screens to configure your MWR222 for Internet access. A WAN (Wide Area Network) connection is an outside connection to another network or the Internet. It connects your private networks such as a LAN (Local Area Network) and other networks, so that a computer in one location can communicate with computers in other locations. Figure 53 LAN and WAN The MWR222 has two different types of WAN connection.
The 3G WAN connection uses wireless 3G adapters connected to a USB port on the MWR222. The USB port is located on the back of the MWR222. 10.2 What You Can Do • Use the Internet Connection screen to enter your ISP information and set how the computer acquires its IP, DNS and WAN MAC Address • Use the Advanced screen to enable multicasting, configure Windows networking and bridge. • Use IGMP Snooping screen to enable IGMP snooping in the LAN ports. 10.
DNS Server Address Assignment Use Domain Name System (DNS) to map a domain name to its corresponding IP address and vice versa, for instance, the IP address of www.zyxel.com is 204.217.0.2. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it. The MWR222 can get the DNS server addresses in the following ways. 1 The ISP tells you the DNS server addresses, usually in the form of an information sheet, when you sign up.
Figure 55 Multicast Example In the multicast example above, systems A and D comprise one multicast group. In multicasting, the server only needs to send one data stream and this is delivered to systems A and D. IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a multicast group - it is not used to carry user data. The MWR222 supports both IGMP version 1 (IGMP-v1) and IGMP version 2 (IGMPv2).
Figure 56 Network > WAN > Wired WAN: Ethernet Encapsulation The following table describes the labels in this screen. Table 33 Network > WAN > Wired WAN: Ethernet Encapsulation LABEL DESCRIPTION Ethernet Port Type Sets the Ethernet port to function as either LAN or WAN. ISP Parameters for Internet Access Encapsulation You must choose the Ethernet option when the WAN port is used as a regular Ethernet.
First DNS Server Second DNS Server Select From ISP if your ISP dynamically assigns DNS server information (and the MWR222's WAN IP address). The field to the right displays the (read-only) DNS server IP address that the ISP assigns. Select User-Defined if you have the IP address of a DNS server. Enter the DNS server's IP address in the field to the right. If you chose User-Defined, but leave the IP address set to 0.0.0.0, User-Defined changes to None after you click Apply.
10.4.2 PPPoE Encapsulation The MWR222 supports PPPoE (Point-to-Point Protocol over Ethernet). PPPoE is an IETF standard (RFC 2516) specifying how a personal computer (PC) interacts with a broadband modem (DSL, cable, wireless, etc.) connection. The PPP over Ethernet option is for a dial-up connection using PPPoE. For the service provider, PPPoE offers an access and authentication method that works with existing access control systems (for example Radius).
Figure 57 Network > WAN > Wired WAN: PPPoE Encapsulation MWR211 User’s Guide 107
The following table describes the labels in this screen. Table 34 Network > WAN > Wired WAN: PPPoE Encapsulation LABEL DESCRIPTION Ethernet Port Configuration Ethernet Port Type Select WAN when using the Ethernet port for WAN configuration ISP Parameters for Internet Access Encapsulation Select PPP over Ethernet if you connect to your Internet via dial-up. User Name Type the user name given to you by your ISP. Password Type the password associated with the user name above.
WAN DNS Assignment Select From ISP if your ISP dynamically assigns DNS server information (and the MWR222's WAN IP address). The field to the right displays the (read-only) DNS server IP address that the ISP assigns. First DNS Server Second DNS Server Select User-Defined if you have the IP address of a DNS server. Enter the DNS server's IP address in the field to the right. If you chose UserDefined, but leave the IP address set to 0.0.0.0, User-Defined changes to None after you click Apply.
This screen displays when you select PPTP encapsulation. Figure 58 Network > WAN > Wired WAN: PPTP Encapsulation The following table describes the labels in this screen.
Table 35 Network > WAN > Wired WAN: PPTP Encapsulation LABEL DESCRIPTION Ethernet Port Configuration Ethernet Port Type Select WAN when using the Ethernet port for WAN configuration ISP Parameters for Internet Access Connection Type To configure a PPTP client, you must configure the User Name and Password fields for a PPP connection and the PPTP parameters for a PPTP connection. User Name Type the user name given to you by your ISP. Password Type the password associated with the User Name above.
IP Subnet Mask Your MWR222 will automatically calculate the subnet mask based on the IP address that you assign. Unless you are implementing subnetting, use the subnet mask computed by the MWR222. Gateway IP Address Enter a Gateway IP Address (if your ISP gave you one) in this field. WAN IP Address Assignment Get automatically from ISP Select this to get your WAN IP address from your ISP. Use Fixed IP Address Select this option If the ISP assigned a fixed IP address.
Set WAN MAC Address Select this option and enter the MAC address you want to use. Apply Click Apply to save your changes back to the MWR222. Reset Click Reset to begin configuring this screen afresh. 10.4.4 L2TP Encapsulation The Layer 2 Tunneling Protocol (L2TP) works at layer 2 (the data link layer) to tunnel network traffic between two peer devices over another network (like the Internet). This screen displays when you select L2TP encapsulation.
Figure 59 Network > WAN > Wired WAN: L2TP Encapsulation MWR211 User’s Guide 114
The following table describes the labels in this screen. Table 36 Network > WAN > Wired WAN: L2TP Encapsulation LABEL DESCRIPTION Ethernet Port Configuration Ethernet Port Type Select WAN when using the Ethernet port for WAN configuration ISP Parameters for Internet Access Connection Type To configure a L2TP client, you must configure the User Name and Password fields for a layer-2 connection and the L2TP parameters for an L2TP connection. User Name Type the user name given to you by your ISP.
WAN IP Address Assignment Get automatically from ISP Select this to get your WAN IP address from your ISP. Use Fixed IP Address Select this option If the ISP assigned a fixed IP address. My WAN IP Address Enter your WAN IP address in this field if you selected Use Fixed IP Address. WAN DNS Assignment Select From ISP if your ISP dynamically assigns DNS server information (and the MWR222's WAN IP address). The field to the right displays the (read-only) DNS server IP address that the ISP assigns.
10.5 Mobile WAN The Mobile WAN connection uses a broadband 3G connection via USB adapter provided by a mobile broadband ISP. This allows for mobile connection to the internet within the 3G coverage of your selected mobile provider. This screen displays when you select the Mobile WAN tab.
Figure 60(b) Network > WAN > Mobile WAN > Verizon LTE MWR211 User’s Guide 118
Figure 60(c) Network > WAN > Mobile WAN > 3G Only MWR211 User’s Guide 119
The following table describes the labels in this screen. Table 37 Network > WAN > Mobile WAN LABEL DESCRIPTION Mobile WAN Configuration Once your connection setting shave been applied, click the Connect Connection Status button to connect your Mobile WAN. When the Status says Disconnected, the Mobile WAN is not connected. When it says Connected, it has successfully established a connection. Choose Auto for an automatic detection of wireless WAN type.
Failure WiMAX Configuration Realm WiMAX Signal Threshold Enter this field accordingly provided by your ISP. In most cases, it can be left blank unless ISP notices otherwise. WiMAX signal threshold marked with CINR in dB, which stands for “Carrier Interferrence and Noise Ratio.” MWR detects CINR when it tries to connect to a WiMAX base station. The value is default at “15” and is better when its higher. LTE/3G Configuration Username Type the user name given to you by your mobile provider.
Data Usage Limit (MB) Reset Data Usage Counter On Enter the desired data usage limit in megabytes. Example: 5 gigabytes equals 5000 megabytes. Select the day of the month for the Data Usage Counter Reset to the default value. Select the value in megabytes for the Data Usage Counter to begin counting from. Reset Data Usage counter Tear Down Connection when over Limit Example: You have 100Mb of data usage available but you do not want to allow the entire 100Mb to be used.
ISP Parameters for Internet Access Connection Status Once your connection settings have been applied, click the Connect button to connect your Mobile WAN. When the Status says Disconnected the Mobile WAN is not connected. When it says Connected it has successfully connected. User Name Type the user name given to you by your mobile provider. (not all ISP needs this) Password Type the password associated with the User Name above.
Reset Data Usage Counter on Select the day of the month for the Data Usage Counter Reset to the default value. Select the value in megabytes for the Data Usage Counter to begin counting from. Reset Data Usage Counter Tear Down Connection when over Limit Example: You have 100Mb of data usage available but you do not want to allow the entire 100Mb to be used. You can set the Reset Data Usage Counter to 60Mb and the Data Usage Counter will start at 60Mb.
Ping User Specified Address If the ping target is set to user specified address, the specific IP address to monitor. Select this option to have the MWR222 ping a remote host to determine if the wired WAN connection is alive. Check Wired WAN Connectivity Ping Default Gateway Ping User Specified Address Using a connectivity check consumes a minimal amount of network bandwidth but allows the MWR222 to detect network unavailability caused by an upstream interruption.
Set WAN MAC Address Select this option and enter the MAC address you want to use. Connect Click Connect to save your changes back to the MWR222. If a 3G adapter is inserted in the USB port, MWR222 will start connection. Reset Click Reset to begin configuring this screen afresh. 10.6 Advanced WAN Screen Use this screen to enable Multicast and enable Auto-bridge. Note: The categories shown in this screen are independent of each other.
Enable Auto-bridge mode Select this option to have the MWR222 switch to bridge mode automatically when the MWR222 gets a WAN IP address in the range of 192.168.x.y (where x and y are from zero to nine) no matter what the LAN IP address is. Apply Click Apply to save your changes back to the MWR222. Reset Click Reset to begin configuring this screen afresh. 10.7 IGMP Snooping Screen Use this screen to enable IGMP snooping if you have LAN users that subscribe to multicast services.
11 LAN 11.1 Overview This chapter describes how to configure LAN settings. A Local Area Network (LAN) is a shared communication system to which many computers are attached. A LAN is a computer network limited to the immediate area, usually the same building or floor of a building. The LAN screens can help you configure a LAN DHCP server, manage IP addresses, and partition your physical network into logical networks.
Figure 64 LAN and WAN IP Addresses (implies wired WAN connection) The LAN parameters of the MWR222 are preset in the factory with the following values: • IP address of 192.168.10.1 with subnet mask of 255.255.255.0 (24 bits) • DHCP server enabled with 32 client IP addresses starting from 192.168.10.33. These parameters should work for the majority of installations. If your ISP gives you explicit DNS server address(es), read the embedded Web Configurator help regarding what fields need to be configured.
Figure 65 Network > LAN > IP The following table describes the labels in this screen. Table 40 Network > LAN > IP LABEL IP Address DESCRIPTION Type the IP address of your MWR222 in dotted decimal notation. IP Subnet Mask The subnet mask specifies the network number portion of an IP address. Your MWR222 will automatically calculate the subnet mask based on the IP address that you assign. Unless you are implementing subnetting, use the subnet mask computed by the MWR222.
Figure 66 Network > LAN > IP Alias The following table describes the labels in this screen. Table 41 Network > LAN > IP Alias LABEL DESCRIPTION IP Alias Check this to enable IP alias. IP Address Type the IP alias address of your MWR222 in dotted decimal notation. IP Subnet Mask The subnet mask specifies the network number portion of an IP address. Your MWR222 will automatically calculate the subnet mask based on the IP address that you assign.
12 DHCP Server 12.1 Overview DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server. You can configure the MWR222’s LAN as a DHCP server or disable it. When configured as a server, the MWR222 provides the TCP/IP configuration for the clients. If DHCP service is disabled, you must have another DHCP server on your LAN, or else the computer must be manually configured. 12.
The following table describes the labels in this screen. Table 42 Network > DHCP Server > General LABEL DESCRIPTION Enable DHCP Server Enable or Disable DHCP for LAN. IP Pool Starting Address This field specifies the first of the contiguous addresses in the IP address pool for LAN. Pool Size This field specifies the size, or count of the IP address pool for LAN. Apply Click Apply to save your changes back to the MWR222. Reset Click Reset to begin configuring this screen afresh. 12.
Figure 68 Network > DHCP Server > Advanced The following table describes the labels in this screen. Table 43 Network > DHCP Server > Advanced LABEL DESCRIPTION LAN Static DHCP Table # This is the index number of the static IP table entry (row). MAC Address Type the MAC address (with colons) of a computer on your LAN. IP Address Type the LAN IP address of a computer on your LAN.
Select From ISP if your ISP dynamically assigns DNS server information (and the MWR222's WAN IP address). The field to the right displays the (read-only) DNS server IP address that the ISP assigns. First DNS Server Second DNS Server Select User-Defined if you have the IP address of a DNS server. Enter the DNS server's IP address in the field to the right. If you chose User-Defined, but leave the IP address set to 0.0.0.0, UserDefined changes to None after you click Apply.
13. Network Address Translation (NAT) 13.1 Overview NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet. For example, the source address of an outgoing packet, used within one network is changed to a different IP address known within another network. Each packet has two addresses – a source address and a destination address.
13.3 General NAT Screen Use this screen to enable NAT and set a default server. Click Network > NAT > General to open the following screen. Figure 70 Network > NAT > General The following table describes the labels in this screen.
13.4 NAT Application Screen Use the Application screen to forward incoming service requests to the server(s) on your local network. You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server. The port number identifies a service; for example, web service is on port 80 and FTP on port 21.
Figure 71 Network > NAT > Application The following table describes the labels in this screen. Table 45 Network > NAT > Application LABEL DESCRIPTION Add Application Rule Active Service Name Select the check box to enable this rule and the requested service can be forwarded to the host with a specified internal IP address. Clear the checkbox to disallow forwarding of these ports to an inside server without having to delete the entry.
by a comma without spaces, such as 123,567. Server IP Address Type the IP address of the server on your LAN that receives packets from the port(s) specified in the Port field. Application Rules Summary # This is the number of an individual port forwarding server entry. Active This icon is turned on when the rule is enabled. Name This field displays a name to identify this rule. Port This field displays the port number(s). Server IP Address This field displays the inside IP address of the server.
replace the LAN computer's IP address in the forwarding port with another LAN computer's IP address. Trigger port forwarding solves this problem by allowing computers on the LAN to dynamically take turns using the service. The MWR222 records the IP address of a LAN computer that sends traffic to the WAN to request a service with a specific port number and protocol (a "trigger" port).
All characters are permitted - including spaces. Incoming Incoming is a port (or a range of ports) that a server on the WAN uses when it sends out a particular service. The MWR222 forwards the traffic with this port (or range of ports) to the client computer on the LAN that requested the service. Start Port Type a port number or the starting port number in a range of port numbers. End Port Type a port number or the ending port number in a range of port numbers.
1 Jane requests a file from the Real Audio server (port 7070). 2 Port 7070 is a “trigger” port and causes the MWR222 to record Jane’s computer IP address. The MWR222 associates Jane's computer IP address with the "incoming" port range of 6970-7170. 3 The Real Audio server responds using a port number ranging between 6970-7170. 4 The MWR222 forwards the traffic to Jane’s computer IP address. 5 Only Jane can connect to the Real Audio server until the connection is closed or times out.
Ch apt er 16 14 Dynamic DNS 14.1 Overview Dynamic DNS (DDNS) services let you use a domain name with a dynamic IP address. 14.2 What You Can Do Use the Dynamic DNS screen to enable DDNS and configure the DDNS settings on the MWR222. 14.3 What You Need To Know Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CUSeeMe, etc.).
Figure 74 Network > DDNS The following table describes the labels in this screen. Table 47 Network > DDNS LABEL Enable Dynamic DNS DESCRIPTION Select this check box to use dynamic DNS. Service Provider Select the name of your Dynamic DNS service provider. Host Name Enter a host names in the field provided. You can specify up to two host names in the field separated by a comma (","). User Name Enter your user name. Password Enter the password assigned to you.
15. OpenDNS 15.1 Overview This chapter shows you how to configure OpenDNS for your MWR222. OpenDNS is the leading provider of free security and infrastructure services that make the Internet safer through integrated Web content filtering, anti-phishing and DNS. OpenDNS services enable consumers and network administrators to secure their networks from online threats, reduce costs and enforce Internet-use policies. OpenDNS is used today by millions of users and organizations around the world. http://www.
Figure 75 Network > OpenDNS The following table describes the labels on this screen. Table 48 Network > OpenDNS LABEL DESCRIPTION OpenDNS Setup Create New Account / Configure Personalized Setting Use the “Click here to OpenDNS” link to open http://www.opendns.com. Enable OpenDNS Select this check box to use OpenDNS after configuring an account on http://www.opendns.com. Host Name Type the Host Name provided by OpenDNS. User Name Type the User Name you created with OpenDNS.
16 Static Route 16.1 Overview This chapter shows you how to configure static routes for your MWR222. Each remote node specifies only the network to which the gateway is directly connected, and the MWR222 has no knowledge of the networks beyond. For instance, the MWR222 knows about network N2 in the following figure through remote node Router 1.
Figure 77 Network > Static Route The following table describes the labels in this screen. Table 49 Network > Static Route LABEL DESCRIPTION Static Routing Settings Route Name Enter the name that describes or identifies this route. Destination IP Address Enter the IP network address of the final destination. IP Subnet Netmask This is the subnet to which the route’s final destination belongs. Gateway IP Address Enter the IP address of the gateway. Metric Assign a number to identify the route.
No. This is the number of an individual static route. Active The rules are always on and this is indicated by the icon. Name This is the name that describes or identifies this route. Destination This parameter specifies the IP network address of the final destination. Routing is always based on network number. Gateway This is the IP address of the gateway. The gateway is a router or switch on the same network segment as the device's LAN or WAN port.
17. Routing Information Protocol 17.1 Overview Routing Information Protocol (RIP) is an interior or intra-domain routing protocol that uses distance-vector routing algorithms. RIP is used on the Internet and is common in the NetWare environment as a method for exchanging routing information between routers. 17.2 What You Can Do Use the RIP screen to enable RIPv1 or RIPv2, which are LAN broadcast protocols. 17.3 RIP Screen Use this screen to enable RIPv1 or RIPv2, which are LAN broadcast protocols.
The following table describes the labels in this screen. Table 50 Network > RIP LABEL RIP DESCRIPTION Select the RIPv1 or RIPv2 you want the MWR222 to use. Otherwise select None. Apply Click Apply to save your changes back to the MWR222. Reset Click Reset to begin configuring this screen afresh.
Part III Part III Security Firewall Content Filter MWR211 User’s Guide 153
Ch apt er 18. 18.1 19 Firewall Overview This chapter shows you how to enable and configure the firewall that protects your MWR222 and your LAN from unwanted or malicious traffic. Enable the firewall to protect your LAN computers from attacks by hackers on the Internet and control access between the LAN and WAN. By default the firewall: • Allows traffic that originates from your LAN computers to go to all of the networks. • Blocks traffic that originates on the other networks from going to the LAN.
• Use the Services screen screen enable service blocking, enter/delete/modify the services you want to block and the date/time you want to block them. 18.3 What You Need To Know The MWR222’s firewall feature physically separates the LAN and the WAN and acts as a secure gateway for all data passing between the networks. It is designed to protect against Denial of Service (DoS) attacks when activated (click the General tab under Firewall and then click the Enable Firewall check box).
The following table describes the labels in this screen. Table 51 Security > Firewall > General LABEL DESCRIPTION Enable DoS Select this check box to activate the firewall. The MWR222 performs access control and protects against Denial of Service (DoS) attacks when the firewall is activated. Apply Click Apply to save the settings. Reset Click Reset to start configuring this screen again. 18.
Figure 81 Security > Firewall > Services The following table describes the labels in this screen. Table 52 Security > Firewall > Services LABEL DESCRIPTION ICMP Internet Control Message Protocol is a message control and errorreporting protocol between a host server and a gateway to the Internet. ICMP uses Internet Protocol (IP) datagrams, but the messages are processed by the TCP/IP software and directly apparent to the application user.
Enable Firewall Rule Enable Firewall Rule Select this check box to activate the firewall rules that you define (see Add Firewall Rule below) Apply Click Apply to save the settings. Add Firewall Rule Service Name Enter a name that identifies or describes the firewall rule. MAC Address Enter the MAC address of the computer for which the firewall rule applies. Dest IP Address Source IP Address Enter the IP address of the computer to which traffic for the application or service is entering.
MAC Address This is the MAC address of the computer for which the firewall rule applies. Dest IP Address This is the IP address of the computer to which traffic for the application or service is entering. Source IP Address This is the IP address of the computer from which traffic for the application or service is initialized. Protocol This is the protocol (TCP, UDP, ICMP or None) used to transport the packets for which you want to apply the firewall rule.
19. 19.1 Content Filter Overview This chapter provides a brief overview of content filtering using the embedded web GUI. Internet content filtering allows you to create and enforce Internet access policies tailored to your needs. Content filtering is the ability to block certain web features or specific URL keywords. 19.2 What You Can Do Use the Content Filter screen to restrict web features, add keywords for blocking and designate a trusted computer. 19.
The URL’s domain name or IP address is the characters that come before the first slash in the URL. For example, with the URL http://us.zyxel.com/Corporate/Pressroom/, the domain name is http://us.zyxel.com/. The file path is the characters that come after the first slash in the URL. For example, with the URL http://us.zyxel.com/Corporate/Pressroom/, the file path is Corporate/Pressroom.
Table 53 Security > Content Filter > Content Filter LABEL DESCRIPTION To enable this feature, type an IP address of any one of the computers in your network that you want to have as a trusted Trusted IP Setup computer. This allows the trusted computer to have full access to all features that are configured to be blocked by content filtering. Leave this field blank to have no trusted computers. Restrict Web Features Select the box(es) to restrict a feature.
Click Add after you have typed a keyword. Add Repeat this procedure to add other keywords. Up to 64 keywords are allowed. When you try to access a web page containing a keyword, you will get a message telling you that the content filter is blocking this request. Delete Highlight a keyword in the lower box and click Delete to remove it. The keyword disappears from the text box after you click Apply. Clear All Click this button to remove all of the listed keywords.
Part IV Part IV Management Bandwidth Management Remote Management Universal Plug-and-Play (UPnP) MWR211 User’s Guide 164
Ch apt er 20. 20.1 21 Bandwidth Management Overview This chapter contains information about configuring bandwidth management and editing rules. ZyXEL’s Bandwidth Management allows you to specify bandwidth management rules based on an application. In the figure below, uplink traffic goes from the LAN device (A) to the WAN device (B). Bandwidth management is applied before sending the packets out to the WAN. Downlink traffic comes back from the WAN device (B) to the LAN device (A).
• Use the Advanced screen to configure bandwidth managements rule for the predefined services and applications. • Use the Monitor screen to view the amount of network bandwidth that applications running in the network are using. 20.3 What You Need To Know The sum of the bandwidth allotments that apply to the WAN interface (LAN to WAN, WLAN to WAN) must be less than or equal to the Upstream Bandwidth that you configure in the Bandwidth Management Advanced screen.
Table 54 Management > Bandwidth Management > General LABEL DESCRIPTION This field allows you to have MWR222 apply bandwidth management. Enable Bandwidth Management Enable bandwidth management to give traffic that matches a bandwidth rule priority over traffic that does not match a bandwidth rule. Enabling bandwidth management also allows you to control the maximum or minimum amounts of bandwidth that can be used by traffic that matches a bandwidth rule.
Figure 85 Management > Bandwidth Management > Advanced The following table describes the labels in this screen. Table 55 Management > Bandwidth Management > Advanced LABEL DESCRIPTION Management Bandwidth Upstream Bandwidth Downstream Bandwidth Select the total amount of bandwidth (from 64 Kilobits to 32 Megabits) that you want to dedicate to uplink traffic. This is traffic from LAN/WLAN to WAN.
Application List Use this table to allocate specific amounts of bandwidth based on a pre-defined service. # This is the number of an individual bandwidth management rule. Select a priority from the drop down list box. Choose High, Mid or Low. Priority Category • High - Select this for voice traffic or video that is especially sensitive to jitter (jitter is the variations in delay).
Modify Click the Edit icon to open the Rule Configuration screen. Modify an existing rule or create a new rule in the Rule Configuration screen. See Rule Configuration: User Defined Service Rule Co for more information. Click the Remove icon to delete a rule. Apply Click Apply to save your customized settings. Reset Click Reset to begin configuring this screen afresh. 20.5.
Bandwidth Destination Port Source Port Select Maximum Bandwidth or Minimum Bandwidth and specify the maximum or minimum bandwidth allowed for the rule in kilobits per second. This is the port number of the destination that define the traffic type, for example TCP port 80 defines web traffic. See Appendix E for some common services and port numbers. This is the port number of the source that define the traffic type, for example TCP port 80 defines web traffic.
Table 57 Bandwidth Management Rule Configuration: User-defined Service LABEL DESCRIPTION BW Budget Select Maximum Bandwidth or Minimum Bandwidth and specify the maximum or minimum bandwidth allowed for the rule in kilobits per second. Destination Address Destination Subnet Netmask Destination Port Source Address Enter the IP address of the destination computer. The MWR222 applies bandwidth management to the service or application that is entering this computer.
20.6 Monitor Screen Use this screen to view the amount of network bandwidth that applications running in the network are using. The bandwidth is measured in kilobits per second (kbps). The monitor shows what kinds of applications are running in the network, the maximum kbps that each application can use, as well as the percentage of bandwidth it is using. Figure 88 Management > Bandwidth Management > Monitor 20.6.
mail: VoIP (SIP) Sending voice signals over the Internet is called Voice over IP or VoIP. Session Initiated Protocol (SIP) is an internationally recognized standard for implementing VoIP. SIP is an application-layer control (signaling) protocol that handles the setting up, altering and tearing down of voice and multimedia sessions over the Internet. SIP is transported primarily over UDP but can also be transported over TCP.
21. Remote Management 21.1 Overview This chapter provides information on the Remote Management screens. Remote Management allows you to manage your MWR222 from a remote location through the following interfaces: • LAN and WAN • LAN only • WAN only • SNMP v1 Note: The MWR222 is managed using the Web Configurator. 21.2 What You Can Do Use the WWW screen ( WWW) to define the interface/s from which the MWR222 can be managed remotely and specify a secure client that can manage the MWR222.
21.3.1 Remote Management and NAT When NAT is enabled: • Use the MWR222’s WAN IP address when configuring from the WAN. • Use the MWR222’s LAN IP address when configuring from the LAN. 21.3.2 System Timeout There is a default system management idle timeout of five minutes (three hundred seconds). The MWR222 automatically logs you out if the management session remains idle for longer than this timeout period. The management session does not time out when a statistics screen is polling.
Apply Click Apply to save your customized settings and exit this screen. Reset Click Reset to begin configuring this screen afresh. 21.5 SNMP Screen To configure your MWR222’s SNMP settings, click Management > Remote Management > SNMP. Figure 90 Management > Remote Management > SNMP The following table describes the labels in this screen. Table 60 Management > Remote Management > SNMP LABEL Enable SNMP DESCRIPTION Select the Enable SNMP check box to enable the SNMP functions.
22. Universal Plug-andPlay (UPnP) 22.1 Overview This chapter introduces the UPnP feature in the web configurator. Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices. A UPnP device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network. In turn, a device can leave a network smoothly and automatically when it is no longer in use. 22.
See the NAT chapter for more information on NAT. 22.3.2 Cautions with UPnP The automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues. Network information and configuration may also be obtained and modified by users in some network environments. When a UPnP device joins a network, it announces its presence with a multicast message. For security reasons, the MWR222 allows multicast messages on the LAN only.
Apply Click Apply to save the setting to the MWR222. Cancel Click Cancel to return to the previously saved settings. 22.5 Technical Reference The sections show examples of using UPnP. 22.5.1 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the MWR222. Make sure the computer is connected to a LAN port of the MWR222. Turn on your computer and the MWR222. 22.5.1.
Figure 92 Network Connections 3 In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created. Figure 93 Internet Connection Properties 4 You may edit or delete the port mappings or click Add to manually add port mappings.
Figure 94 Internet Connection Properties: Advanced Settings Figure 95 Internet Connection Properties: Advanced Settings: Add Note: When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. 5 Select Show icon in notification area when connected option and click OK. An icon displays in the system tray. Figure 96 System Tray Icon 6 Double-click on the icon to display your current Internet connection status.
Figure 97 Internet Connection Status 22.5.2 Web Configurator Easy Access With UPnP, you can access the web-based configurator on the MWR222 without finding out the IP address of the MWR222 first. This comes helpful if you do not know the IP address of the MWR222. Follow the steps below to access the web configurator. 1 Click Start and then Control Panel. 2 Double-click Network Connections. 3 Select My Network Places under Other Places.
Figure 98 Network Connections 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click on the icon for your MWR222 and select Invoke. The web configurator login screen displays. Figure 99 Network Connections: My Network Places 6 Right-click on the icon for your MWR222 and select Properties. A properties window displays with basic information about the MWR222.
Figure 100 Network Connections: My Network Places: Properties: Example MWR211 User’s Guide 185
Part V Maintenance and Troubleshooting Maintenance Password Time Firmware Upgrade Backup/Restore/Reset Restart Sys OP Mode Alert Troubleshooting MWR211 User’s Guide 186
23. 23.1 Maintenance Overview This chapter provides information on the Maintenance > General screen. 23.2 What You Can Do • Use the General screen to enter a name to identify the MWR222 in the network and set the password. • Use the Time Setting screen to change your MWR222’s time and date. 23.3 General Screen Use this screen to enter a name to identify the MWR222 in the network and set the password. Click Maintenance > General. The following screen displays.
Table 62 Maintenance > General LABEL DESCRIPTION System Setup System Name System Name is a unique name to identify the MWR222 in an Ethernet network. Domain Name Enter the domain name you want to give to the MWR222. Administrator Inactivity Timer Type how many minutes a management session can be left idle before the session times out. The default is 5 minutes. After it times out you have to log in with your password again. Very long idle timeouts may have security risks.
24. Password 24.1 Overview This chapter contains information about configuring general log settings and viewing the MWR222’s logs. Refer to the appendices for example log message explanations. The Web Configurator allows you to look at all of the MWR222’s logs in one location. 24.2 What You Can Do Use the View Log screen to see the logs for the categories such as system maintenance, system errors, access control, allowed or blocked web sites, blocked web features, and so on. 24.
Click Maintenance > Password. Figure 102 Maintenance > Password The following table describes the labels in this screen. Table 63 Maintenance > Password LABEL DESCRIPTION Password Setup Change your MWR222’s password (recommended) using the fields as shown. Old Password Type the default password or the existing password you use to access the system in this field. New Password Type your new system password (up to 30 characters).
25. 25.1 T i me Overview This chapter provides information on the Time Setting screens. See Section 3.2.3 for more information on how to set up the MWR222’s date and time. 25.2 What You Can Do Use the Time Setting screen to change your MWR222’s time and date. 25.3 Time Setting Screen Use this screen to configure the MWR222’s time based on your local time zone. To change your MWR222’s time and date, click Maintenance > System > Time Setting. The screen appears as shown.
Table 64 Maintenance > Time LABEL DESCRIPTION Current Time and Date This field displays the time of your MWR222. Current Time Each time you reload this page, the MWR222 synchronizes the time with the time server. This field displays the date of your MWR222. Current Date Each time you reload this page, the MWR222 synchronizes the date with the time server. Current Time and Date Manual New Time (hh:mm:ss) New Date Select this radio button to enter the time and date manually.
Time Zone Setup Time Zone Daylight Savings Choose the time zone of your location. This will set the time difference between your time zone and Greenwich Mean Time (GMT). Daylight saving is a period from late spring to early fall when many countries set their clocks ahead of normal local time by one hour to give more daytime light in the evening. Select this option if you use Daylight Saving Time. Configure the day and time when Daylight Saving Time starts if you selected Daylight Savings.
26. 26.1 Firmware Upgrade Overview This chapter shows you how to upload a new firmware, upload or save backup configuration files and restart the MWR222. 26.2 What You Can Do Use the Firmware screen to upload firmware to your MWR222. 26.3 Firmware Upload Screen Find firmware at http://us.zyxel.com/Support/Download-Library.aspx. The upload process uses HTTP (Hypertext Transfer Protocol) and may take up to two minutes. After a successful upload, the system will reboot.
Table 65 Maintenance > Firmware Upgrade LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse... to find it. Browse... Click Browse... to find the .bin file you want to upload. Remember that you must decompress compressed (.zip) files before you can upload them. Upload Click Upload to begin the upload process. This process may take up to two minutes.
27. Backup/Restore/ Reset 27.1 Overview This chapter shows you how to backup, restore and reset your MWR222. Backup configuration allows you to back up (save) the MWR222’s current configuration to a file on your computer. Once your MWR222 is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes. The backup configuration file will be useful in case you need to return to your previous settings.
Figure 106 Maintenance > Backup/Restore The following table describes the labels in this screen. Table 66 Maintenance > Backup/Restore LABEL DESCRIPTION Backup Click Backup to save the MWR222’s current configuration to your computer. File Path Type in the location of the file you want to upload in this field or click Browse... to find it. Browse... Click Browse... to find the file you want to upload. Remember that you must decompress compressed (.ZIP) files before you can upload them.
Pressing the Reset button in this section clears all user-entered configuration information and returns the MWR222 to its factory defaults. Reset You can also press the RESET button on the rear panel to reset the factory defaults of your MWR222. Refer to the chapter about introducing the Web Configurator for more information on the RESET button.
28. Restart 28.1 Overview This chapter shows you how to restart your MWR222. 28.2 What You Can Do Use the Restart screen to boot the MWR222 without turning the power off. 28.3 Restart Screen System restart allows you to reboot the MWR222 without turning the power off. Click Maintenance > Restart to open the following screen. Figure 107 Maintenance > Reset/Restart Click Restart to have the MWR222 reboot. This does not affect the MWR222's configuration.
29. Sys OP Mode 29.1 Overview The Sys OP Mode (System Operation Mode) function lets you configure your MWR222 as a router, access point or Wireless ISP (WISP) client. You can choose between Router Mode, Access Point Mode and WISP Mode depending on your network topology and the features you require from your device. See Section 5.1.2 for more information on which mode to choose. 29.2 What You Can Do Use the Sys OP Mode screen (Sys Op Mode Screen) to select how you want to use your MWR222. 29.
Figure 108 LAN and WAN IP Addresses in Router Mode Access Point An access point enabled all Ethernet ports to be bridged together and be in the same subnet. To connect to the Internet, another device, such as a router, is required. Figure 109 IP Address in Access Point Mode WISP A WISP client connects to an existing access point wirelessly. It acts just like a wireless client in notebooks/computers.
29.4 Sys Op Mode Screen Use this screen to select how you want to use your MWR222. Figure 111 Maintenance > Sys OP Mode The following table describes the labels in the General screen. Table 67 Maintenance > Sys OP Mode LABEL DESCRIPTION System Operation Mode Router Select Router Mode if your device routes traffic between a local network and another network such as the Internet. This mode offers services such as a firewall or bandwidth management.
Select WISP Mode if your device needs a wireless client to connect to an existing access point. WISP Mode • You cannot configure Wireless LAN settings (including WPS) and scheduling in the WISP mode. • The IP address of the device on the local network is the same as the IP address given to the MWR222 while in router mode (default is 192.168.10.1). Apply Click Apply to save your settings.
30. Alert 30.1 Overview The Alert (SMTP) function enable MWR222 sends mobile data usage alert to the users. When the router has downloaded data reaching 90% of the usage allowance, the quota manager will send a warning alert to the users (if the EmailAlert is enabled) and /or post a log to the system. All the subsequent alerts will indicate the percentage of the current quota usage in the email and/or log as well. See Section 5.1.2 for more information on which mode to choose. 30.
Figure 112 Maintenance > Alert The following table describes the labels in the Alert screen. Table 68 Maintenance > Alert LABEL DESCRIPTION Enable Alert Select Enable Alert to use the alert functions of the MWR222. Enable Log Select Enable Log to send system log information in the alert. Enable Email Select Enable Email to allow alert information to be sent by email. Email Address Type the Email Address you want the alerts sent to.
Enable Secondary Email Recipient Select Enable Secondary Email Recipient to set up a second email address to send alerts to. Apply Click Apply to save your settings.
C h a p t e r 3 1 31 Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • Internet Access • Resetting • Wireless Router/AP Troubleshooting 31.1 LEDs Power, Hardware Connections, and The MWR222 does not turn on. None of the LEDs turn on. 1 Make sure you are using the power adaptor or cord included with the MWR222.
2 Check the hardware connections. See the Quick Start Guide. 3 Inspect your cables for damage. Contact the vendor to replace any damaged cables. 4 Disconnect and re-connect the power adaptor to the MWR222. 5 If the problem continues, contact the vendor. 31.2 MWR222 Access and Login I don’t know the IP address of my MWR222. 1 The default IP address is 192.168.10.1.
I cannot see or access the Login screen in the Web Configurator. 1 Make sure you are using the correct IP address. • The default IP address is 192.168.10.1. • If you changed the IP address (Section 13.4), use the new IP address. • If you changed the IP address and have forgotten it, see the troubleshooting suggestions for I don’t know the IP address of my 2 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide.
31.3 Internet Access I cannot access the Internet. 1 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide. 2 Make sure you entered your ISP account information correctly. These fields are case-sensitive, so make sure [Caps Lock] is not on. 3 If you are trying to access the Internet wirelessly, make sure the wireless settings in the wireless client are the same as the settings in the AP.
3 If the problem continues, contact your ISP. The Internet connection is slow or intermittent. 1 There might be a lot of traffic on the network. Look at the LEDs, and check Section 1.5. If the MWR222 is sending or receiving a lot of information, try closing some programs that use the Internet, especially peer-to-peer applications. 2 Check the signal strength.
If the MWR222 restarts automatically, wait for the MWR222 to finish restarting, and log in to the Web Configurator. The password is “1234”. If the MWR222 does not restart automatically, disconnect and reconnect the MWR222’s power. Then, follow the directions above again. 31.5 Wireless Router/AP Troubleshooting I cannot access the MWR222 or ping any computer from the WLAN (wireless AP or router).
In the Network > LAN > Advanced screen, make sure Allow between LAN and WAN is checked. This is not checked by default to keep the LAN secure. If you still cannot access a network folder, make sure your account has access rights to the folder you are trying to open. I can access the Web Configurator after I switched to AP mode. When you change from router mode to AP mode, your computer must have an IP address in the range between “192.168.10.3” and “192.168.10.254”.
Table 69 Hardware Features Dimensions (W x D x H) 162 mm x 115 mm x 33 mm Weight 252 g Power Specification Ethernet ports Input: 100~240 V AC, 50~60 Hz Output: 5V DC 2A Auto-negotiating: 10 Mbps, 100 Mbps in either half-duplex or full-duplex mode. Auto-crossover: Use either crossover or straight-through Ethernet cables. LEDs PWR, Battery, LAN/WAN, WLAN, WPS, USB Reset Button The reset button is built into the rear panel. Use this button to restore the MWR222 to its factory default settings.
Table 70 Firmware Features FEATURE Default IP Address DESCRIPTION 192.168.10.1 (router) 192.168.10.2. (AP) Default Subnet Mask 255.255.255.0 (24 bits) Default Password 1234 DHCP Pool 192.168.10.33 to 192.168.10.64 Wireless Interface Wireless LAN Default Wireless SSID ZyXEL Default Wireless DHCP Pool Size Wireless LAN: Same as LAN (32 from 192.168.10.33 to 192.168.10.64) Device Management Use the Web Configurator to easily configure the rich range of features on the MWR222. Allows IEEE 802.
Network Address Translation (NAT) Each computer on your network must have its own unique IP address. Use NAT to convert a single public IP address to multiple private IP addresses for the computers on your network. Firewall You can configure firewall on the MWR222 for secure Internet access. When the firewall is on, by default, all incoming traffic from the Internet to your network is blocked unless it is initiated from your network.
IP Multicast IP Multicast is used to send traffic to a specific group of computers. The MWR222 supports versions 1 and 2 of IGMP (Internet Group Management Protocol) used to join multicast groups (see RFC 2236). Logging Use logs for troubleshooting. You can view logs in the Web Configurator. PPPoE PPPoE mimics a dial-up Internet access connection. PPTP Encapsulation Point-to-Point Tunneling Protocol (PPTP) enables secure transfer of data through a Virtual Private Network (VPN).
32 Product Specifications The following tables summarize the MWR222’s hardware and firmware features. Table 71 Hardware Features Dimensions (W x D x H) 162 mm x 115 mm x 33 mm Weight 252 g Power Specification Ethernet ports Input: 100~240 V AC, 50~60 Hz Output: 5V DC 2A Auto-negotiating: 10 Mbps, 100 Mbps in either half-duplex or full-duplex mode. Auto-crossover: Use either crossover or straight-through Ethernet cables.
Table 72 Firmware Features FEATURE Default IP Address DESCRIPTION 192.168.10.1 (router) 192.168.10.2. (AP) Default Subnet Mask 255.255.255.0 (24 bits) Default Password 1234 DHCP Pool 192.168.10.33 to 192.168.10.64 Wireless Interface Wireless LAN Default Wireless SSID ZyXEL Default Wireless DHCP Pool Size Wireless LAN: Same as LAN (32 from 192.168.10.33 to 192.168.10.64) Device Management Use the Web Configurator to easily configure the rich range of features on the MWR222. Allows IEEE 802.
Network Address Translation (NAT) Each computer on your network must have its own unique IP address. Use NAT to convert a single public IP address to multiple private IP addresses for the computers on your network. Firewall You can configure firewall on the MWR222 for secure Internet access. When the firewall is on, by default, all incoming traffic from the Internet to your network is blocked unless it is initiated from your network.
IP Multicast IP Multicast is used to send traffic to a specific group of computers. The MWR222 supports versions 1 and 2 of IGMP (Internet Group Management Protocol) used to join multicast groups (see RFC 2236). Logging Use logs for troubleshooting. You can view logs in the Web Configurator. PPPoE PPPoE mimics a dial-up Internet access connection. PPTP Encapsulation Point-to-Point Tunneling Protocol (PPTP) enables secure transfer of data through a Virtual Private Network (VPN).
Part VI Appendices and Index Pop-up Windows, JavaScripts and Java Permissions IP Addresses and Subnetting Setting up Your Computer’s IP Address Wireless LANs Common Services Legal Information MWR211 User’s Guide 222
Ap pe ndi x A Appendix A Pop-up Windows, JavaScripts and Java Permissions In order to use the Web Configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device.
Figure 113 Pop-up Blocker You can also check if pop-up blocking is disabled in the Pop-up Blocker section in the Privacy tab. 1 In Internet Explorer, select Tools, Internet Options, Privacy. 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 114 Internet Options: Privacy 3 Click Apply to save this setting.
2 Select Settings…to open the Pop-up Blocker Settings screen. Figure 115 Internet Options: Privacy 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. 4 Click Add to move the IP address to the list of Allowed sites.
Figure 116 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScripts If pages of the Web Configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. 1 In Internet Explorer, click Tools, Internet Options and then the Security tab.
Figure 117 Internet Options: Security 2 Click the Custom Level... button. 3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default). 6 Click OK to close the window.
Figure 118 Security Settings - Java Scripting Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected. 5 Click OK to close the window.
Figure 119 Security Settings – Java JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for
Figure 120 Java (Sun) MWR211 User’s Guide 230
Appendix B IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
Figure 121 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation). The term “subnet” is short for “sub-network”. A subnet mask has 32 bits. If a bit in the subnet mask is a “1” then the corresponding bit in the IP address is part of the network number.
Table 73 Subnet Mask - Identifying Network Number 1ST OCTET: 2ND OCTET: 3RD OCTET: 4TH OCTET (192) (168) (1) (2) IP Address (Binary) 11000000 10101000 00000001 00000010 Subnet Mask (Binary) 11111111 11111111 11111111 00000000 Network Number 11000000 10101000 00000001 Host ID 00000010 By convention, subnet masks always consist of a continuous sequence of ones beginning from the leftmost bit of the mask, followed by a continuous sequence of zeros, for a total number of 32 bits.
mask 29-bit mask 11111111 11111111 11111111 11111000 255.255.255.24 8 . Network Size The size of the network number determines the maximum number of possible hosts you can have on your network. The larger the number of network number bits, the smaller the number of remaining host ID bits. An IP address with host IDs of all zeros is the IP address of the network (192.168.1.0 with a 24-bit subnet mask, for example).
octet. This is usually specified by writing a “/” followed by the number of bits in the mask after the address. For example, 192.1.1.0 /25 is equivalent to saying 192.1.1.0 with subnet mask 255.255.255.128. The following table shows some possible subnet masks using both notations. Table 76 Alternative Subnet Mask Notation SUBNET MASK ALTERNATIV E NOTATION LAST OCTET (BINARY) LAST OCTET (DECIMAL) 255.255.255.0 /24 0000 0000 0 255.255.255.1 28 /25 1000 0000 128 255.255.255.
The following figure shows the company network before subnetting. Figure 122 Subnetting Example: Before Subnetting You can “borrow” one of the host ID bits to divide the network 192.168.1.0 into two separate sub-networks. The subnet mask is now 25 bits (255.255.255.128 or /25). The “borrowed” host ID bit can have a value of either 0 or 1, allowing two subnets; 192.168.1.0 /25 and 192.168.1.128 /25. The following figure shows the company network after subnetting. There are now two sub-networks, A and B.
In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 27 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address). 192.168.1.0 with mask 255.255.255.128 is subnet A itself, and 192.168.1.127 with mask 255.255.255.128 is its broadcast address. Therefore, the lowest IP address that can be assigned to an actual host for subnet A is 192.168.1.1 and the highest is 192.168.1.126.
Table 77 Subnet 1 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address (Decimal) 192.168.1. 0 IP Address (Binary) 11000000.10101000.00000001. 00000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.0 Lowest Host ID: 192.168.1.1 Broadcast Address: 192.168.1.63 Highest Host ID: 192.168.1.62 Table 78 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 64 IP Address (Binary) 11000000.10101000.00000001.
Table 79 Subnet 3 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 128 IP Address (Binary) 11000000.10101000.00000001. 10000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.128 Lowest Host ID: 192.168.1.129 Broadcast Address: 192.168.1.191 Highest Host ID: 192.168.1.190 Table 80 Subnet 4 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 192 IP Address (Binary) 11000000.10101000.00000001 .
Example: Eight Subnets Similarly, use a 27-bit mask to create eight subnets (000, 001, 010, 011, 100, 101, 110 and 111). The following table shows IP address last octet values for each subnet.
2 255.255.255.192 (/26) 4 62 3 255.255.255.224 (/27) 8 30 4 255.255.255.240 (/28) 16 14 5 255.255.255.248 (/29) 32 6 6 255.255.255.252 (/30) 64 2 7 255.255.255.254 (/31) 128 1 The following table is a summary for subnet planning on a network with a 16-bit network number. Table 83 16-bit Network Number Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 1 255.255.128.0 (/17) 2 32766 2 255.255.192.0 (/18) 4 16382 3 255.255.224.
10 255.255.255.192 (/26) 1024 62 11 255.255.255.224 (/27) 2048 30 12 255.255.255.240 (/28) 4096 14 13 255.255.255.248 (/29) 8192 6 14 255.255.255.252 (/30) 16384 2 15 255.255.255.254 (/31) 32768 1 Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of IP addresses specifically for private networks: • 10.0.0.0 • 172.16.0.0 — 10.255.255.255 — 172.31.255.255 • 192.168.0.0 — 192.168.255.255 You can obtain your IP address from the IANA, from an ISP, or it can be assigned from a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks.
Ap pe ndi x C Appendix C Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your computer. Windows 3.1 requires the purchase of a thirdparty TCP/IP application package.
Figure 124 Windows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add. 2 Select Adapter and then click Add. 3 Select the manufacturer and model of your network adapter and then click OK. If you need TCP/IP: 1 In the Network window, click Add.
1 Click Add. 2 Select Client and then click Add. 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click OK. 5 Restart your computer so the changes you made take effect. Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab. • If your IP address is dynamic, select Obtain an IP address automatically.
Figure 126 Windows 95/98/Me: TCP/IP Properties: DNS Configuration 4 Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add. 5 Click OK to save and close the TCP/IP Properties window. 6 Click OK to close the Network window. Insert the Windows CD if prompted. 7 Turn on your router and restart your computer when prompted.
1 Click start (Start in Windows 2000/NT), Settings, Control Panel. Figure 127 Windows XP: Start Menu 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 128 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties.
Figure 129 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 130 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). • If you have a dynamic IP address click Obtain an IP address automatically.
• Click Advanced. Figure 131 Windows XP: Internet Protocol (TCP/IP) Properties 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: • In the IP Settings tab, in IP addresses, click Add. • In TCP/IP Address, type an IP address in IP address and a subnet mask in Subnet mask, and then click Add.
Figure 132 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields. If you have previously configured DNS servers, click Advanced and then the DNS tab to order them.
Figure 133 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 10 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT). 11 Turn on your router and restart your computer (if prompted). Verifying Settings 1 Click Start, All Programs, Accessories and then Command Prompt.
Figure 134 Windows 7/Vista 3 Click on Network and Internet.
Figure 136 Windows 7/Vista 5 On the left side of the screen click on Change Adapter Settings (Windows 7), or Manage Network Connections (Vista). 6 Right click on Local Area Connection and select Properties. Figure 137 Windows 7/Vista 7 Highlight Internet Protocol Version 4 and click Properties.
Figure 138 Windows 7/Vista 8 Select Use the Following IP Address and enter your IP address, Subnet Mask, and Default Gateway. Enter your DNS server address (if trying to connect to the internet) and click OK. Figure 139 Windows 7/Vista 9 Click OK or Close on the Local Area Connection Properties window to apply the settings.
Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel. Figure 140 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list.
3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your Prestige in the Router address box. 5 Close the TCP/IP Control Panel. 6 Click Save if prompted, to save changes to your configuration.
Figure 143 Macintosh OS X: Network 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your Prestige in the Router address box. 5 Click Apply Now and close the window. 6 Turn on your router and restart your computer (if prompted). Verifying Settings Check your TCP/IP properties in the Network window.
Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE. 1 Click the Red Hat button (located on the bottom left corner), select System Setting and click Network. Figure 144 Red Hat 9.0: KDE: Network Configuration: Devices 2 Double-click on the profile of the network card you wish to configure. The Ethernet Device General screen displays as shown. Figure 145 Red Hat 9.
3 Click OK to save the changes and close the Ethernet Device General screen. 4 If you know your DNS server IP address(es), click the DNS tab in the Network Configuration screen. Enter the DNS server information in the fields provided. Figure 146 Red Hat 9.0: KDE: Network Configuration: DNS 5 Click the Devices tab. 6 Click the Activate button to apply the changes. The following screen displays. Click Yes to save the changes in all screens. Figure 147 Red Hat 9.
• If you have a dynamic IP address, enter dhcp in the BOOTPROTO= field. The following figure shows an example. Figure 148 Red Hat 9.0: Dynamic IP Address Setting in ifconfig-eth0 DEVICE=eth0 ONBOOT=yes BOOTPROTO=dhcp USERCTL=no PEERDNS=yes TYPE=Ethernet • If you have a static IP address, enter static in the BOOTPROTO= field. Type IPADDR= followed by the IP address (in dotted decimal notation) and type NETMASK= followed by the subnet mask.
Figure 152 Red Hat 9.0: Checking TCP/IP Properties [root@localhost]# ifconfig eth0 Link encap:Ethernet HWaddr 00:50:BA:72:5B:44 inet addr:172.23.19.129 Bcast:172.23.19.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:717 errors:0 dropped:0 overruns:0 frame:0 TX packets:13 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:730412 (713.2 Kb) TX bytes:1570 (1.
Ap pe ndi x Appendix D Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless stations (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an Ad-hoc network or Independent Basic Service Set (IBSS).
Intra-BSS traffic is traffic between wireless stations in the BSS. When Intra-BSS is enabled, wireless station A and B can access the wired network and communicate with each other. When Intra-BSS is disabled, wireless station A and B can still access the wired network but cannot communicate with each other. Figure 154 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network.
Figure 155 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by IEEE 802.11a/b/g wireless devices. Channels available depend on your geographical area. You may have a choice of channels (for your region) so you should use a different channel than an adjacent AP (access point) to reduce interference. Interference occurs when radio signals from different access points overlap causing interference and degrading performance. Adjacent channels partially overlap however.
When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations. RTS/CTS is designed to prevent collisions due to hidden nodes. An RTS/CTS defines the biggest size data frame you can send before an RTS (Request To Send)/CTS (Clear to Send) handshake is invoked.
A large Fragmentation Threshold is recommended for networks not prone to interference while you should set a smaller threshold for busy networks or networks that are prone to interference. If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size.
Table 84 IEEE 802.11g DATA RATE (MBPS) MODULATION 1 DBPSK (Differential Binary Phase Shift Keyed) 2 DQPSK (Differential Quadrature Phase Shift Keying) 5.5 / 11 CCK (Complementary Code Keying) 6/9/12/18/24/36/4 8/54 OFDM (Orthogonal Frequency Division Multiplexing) IEEE 802.1x In June 2001, the IEEE 802.1x standard was designed to extend the features of IEEE 802.11 to support extended authentication as well as providing additional accounting and control features.
• Accounting Keeps track of the client’s network activity. RADIUS is a simple package exchange in which your AP acts as a message relay between the wireless station and the network RADIUS server. Types of RADIUS Messages The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user authentication: • Access-Request Sent by an access point requesting authentication. • Access-Reject Sent by a RADIUS server rejecting access.
EAP-MD5 (Message-Digest Algorithm 5) MD5 authentication is the simplest one-way authentication method. The authentication server sends a challenge to the wireless station. The wireless station ‘proves’ that it knows the password by encrypting the password with the challenge and sends back the information. Password is not sent in plain text. However, MD5 authentication has some weaknesses. Since the authentication server needs to get the plaintext passwords, the passwords must be stored.
Dynamic WEP Key Exchange The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless connection times out, disconnects or reauthentication times out. A new WEP key is generated each time reauthentication is performed. If this feature is enabled, it is not necessary to configure a default encryption key in the Wireless screen. You may still configure and store keys here, but they will not be used while Dynamic WEP is enabled.
WPA(2) Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. Key differences between WPA(2) and WEP are improved data encryption and user authentication. Encryption Both WPA and WPA2 improve data encryption by using Temporal Key Integrity Protocol (TKIP), Message Integrity Check (MIC) and IEEE 802.1x.
instead of user-specific credentials. The common-password approach makes WPA-PSK susceptible to brute-force password-guessing attacks but it's still an improvement over WEP as it employs an easier-to-use, consistent, single, alphanumeric password. User Authentication WPA or WPA2 applies IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database.
Figure 157 WPA(2)-PSK Authentication WPA(2) with RADIUS Application Example You need the IP address of the RADIUS server, its port number (default is 1812), and the RADIUS shared secret. A WPA(2) application example with an external RADIUS server looks as follows. "A" is the RADIUS server. "DS" is the distribution system. 1 The AP passes the wireless client's authentication request to the RADIUS server.
Table 86 Wireless Security Relational Matrix AUTHENTICATION METHOD/ KEY MANAGEMENT PROTOCOL ENCRYPTI ON METHOD ENTER IEEE 802.
Ap pe ndi x Appendix E Common Services The following table lists some commonly-used services and their associated protocols and port numbers. For a comprehensive list of port numbers, ICMP type/code numbers and services, visit the IANA (Internet Assigned Number Authority) web site. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like. • Protocol: This is the type of IP protocol used by the service.
servers. BGP TCP 179 Border Gateway Protocol. BOOTP_CLIENT UDP 68 DHCP Client. BOOTP_SERVER UDP 67 DHCP Server. CU-SEEME TCP 7648 UDP 24032 A popular videoconferencing solution from White Pines Software. DNS TCP/UDP 53 Domain Name Server, a service that matches web names (for example http://us.zyxel.com) to IP numbers. ESP (IPSEC_TUNNEL) User-Defined 50 The IPSEC ESP (Encapsulation Security Protocol) tunneling protocol uses this service.
IGMP (MULTICAST) User-Defined 2 Internet Group Management Protocol is used when sending packets to a specific group of hosts. IKE UDP 500 The Internet Key Exchange algorithm is used for key distribution and management. IRC TCP/UDP 6667 This is another popular Internet chat program. MSN Messenger TCP 1863 Microsoft Networks’ messenger service uses this protocol. NEW-ICQ TCP 5190 An Internet chat program. NEWS TCP 144 A protocol for news groups.
RCMD TCP 512 Remote Command Service. REAL_AUDIO TCP 7070 A streaming audio service that enables real time sound over the web. REXEC TCP 514 Remote Execution Daemon. RLOGIN TCP 513 Remote Login. RTELNET TCP 107 Remote Telnet. RTSP TCP/UDP 554 The Real Time Streaming (media control) Protocol (RTSP) is a remote control for multimedia on the Internet. SFTP TCP 115 Simple File Transfer Protocol.
TACACS UDP 49 Login Host Protocol used for (Terminal Access Controller Access Control System). TELNET TCP 23 Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments. It operates over TCP/IP networks. Its primary function is to allow users to log into remote host systems.
Ap pe ndi x Appendix F Legal Information Copyright Copyright © 2010 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation.
This device has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This device generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
Industry Canada Statement This device complies with RSS-210 of the Industry Canada Rules. Operation is subject to the following two conditions: 1 this device may not cause interference and 2 this device must accept any interference, including interference that may cause undesired operation of the device This device has been designed to operate with an antenna having a maximum gain of 2dBi. Antenna having a higher gain is strictly prohibited per regulations of Industry Canada.
ZyXEL. This warranty shall not apply if the product has been modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions. Battery warranty: 1 year Note Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This warranty is in lieu of all other warranties, express or implied, including any implied warranty of merchantability or fitness for a particular use or purpose.
Appendix G Open Source Licenses End-User License Agreement for “MWR222” WARNING: ZyXEL Communications Corp. IS WILLING TO LICENSE THE SOFTWARE TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS LICENSE AGREEMENT. PLEASE READ THE TERMS CAREFULLY BEFORE COMPLETING THE INSTALLATION PROCESS AS INSTALLING THE SOFTWARE WILL INDICATE YOUR ASSENT TO THEM.
rights not expressly granted by ZyXEL to you are reserved by ZyXEL, and all implied licenses are disclaimed. 2.Ownership You have no ownership rights in the Software. Rather, you have a license to use the Software as long as this License Agreement remains in full force and effect. Ownership of the Software, Documentation and all intellectual property rights therein shall remain at all times with ZyXEL.
You acknowledge that the Software contains proprietary trade secrets of ZyXEL and you hereby agree to maintain the confidentiality of the Software using at least as great a degree of care as you use to maintain the confidentiality of your own most confidential information.
NOT EXPORT THE SOFTWARE, DOCUMENTATION OR INFORMATION ABOUT THE SOFTWARE AND DOCUMENTATION WITHOUT COMPLYING WITH SUCH LAWS, REGULATIONS, ORDERS, OR OTHER RESTRICTIONS. YOU AGREE TO INDEMNIFY ZyXEL AGAINST ALL CLAIMS, LOSSES, DAMAGES, LIABILITIES, COSTS AND EXPENSES, INCLUDING REASONABLE ATTORNEYS' FEES, TO THE EXTENT SUCH CLAIMS ARISE OUT OF ANY BREACH OF THIS SECTION 8. 9.
NOTE: Some components of this product incorporate free software programs covered under the open source code licenses which allows you to freely copy, modify and redistribute the software. For at least three (3) years from the date of distribution of the applicable product or software, we will give to anyone who contacts us at the ZyXEL Technical Support (freesoftware@zyxel.
Ntpclient 2000 345 0.5.7 http://doolittle.icarus.com/ntp client/ http://www.hpl.hp.com/perso nal/Jean_Tourrilhes/Linux/Tool s.html http://www.linuxfoundation.or g/en/Net:Bridge http://pptpclient.sourceforge.n et/ http://ppp.samba.org/ppp/do wnload.html http://sourceforge.net/project s/rp-l2tp/ http://hostap.epitest.fi/wpa_s upplicant/ 0.95a http://www.zebra.org/ GPL 2.0 3.4.2 http://gcc.gnu.org/ http://sourceforge.net/project s/u-boot/ ftp://ftp.infradead.org/pub/mt d-utils/ or http://www.linuxmtd.
libm 0.9.28 http://www.uclibc.org/ libnsl 0.9.28 http://www.uclibc.org/ libnvram 0.9.28 http://www.uclibc.org/ libpthread 0.9.28 http://www.uclibc.org/ libresolv 0.9.28 http://www.uclibc.org/ libusb0.1.12 libusb1.0.0 libutil 0.1.12 http://www.libusb.org/ 1.0.0 http://www.libusb.org/ 0.9.28 http://www.uclibc.org/ lsusb 1.0.0 lzma4.32.0beta 5 mkimage 4.32beta 5 mksquash_ lzma-3.2 lzma sdk 4.43 squashfs 3.2-r2 lzma sdk 4.43 4.43 squashfs 3.2-r2 mtd_write 3.2-r2 http://www.
Notice Information herein is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, except the express written permission of ZyXEL Communications Corporation. This Product includes Linux Kernel 2.6.21.x, Busybox 1.12.1, Dnsmasq 2.40, Goahead 2.1.8, Igmpproxy 0.1 beta2, Inadyn 1.96, Iproute2 2.6.24, Rp-pppoe 3.8, Iptables 1.4.
copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software.
modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License.
above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable.
any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice.
THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS All other trademarks or trade names mentioned herein, if any, are the property of their respective owners. This Product includes Uclibc 0.9.28, Uclibc++ 0.2.
When we speak of free software, we are referring to freedom of use, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish); that you receive source code or can get it if you want it; that you can change the software and use pieces of it in new free programs; and that you are informed that you can do these things.
However, the Lesser license provides advantages in certain special circumstances. For example, on rare occasions, there may be a special need to encourage the widest possible use of a certain library, so that it becomes a de-facto standard. To achieve this, non-free programs must be allowed to use the library. A more frequent case is that a free library does the same job as widely used non-free libraries.
running a program using the Library is not restricted, and output from such a program is covered only if its contents constitute a work based on the Library (independent of the use of the Library in a tool for writing it). Whether that is true depends on what the Library does and what the program that uses the Library does. 1.
License. (If a newer version than version 2 of the ordinary GNU General Public License has appeared, then you can specify that version instead if you wish.) Do not make any other change in these notices. Once this change is made in a given copy, it is irreversible for that copy, so the ordinary GNU General Public License applies to all subsequent copies and derivative works made from that copy. This option is useful when you wish to copy part of the code of the Library into a program that is not a library.
for the Library among them, as well as a reference directing the user to the copy of this License.
However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License.
13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number.
This Product includes Libupnp 1.3.1, openssl-0.9.8e, snmpd under the BSD License. BSD Copyright (c) [dates as appropriate to package] The Regents of the University of California. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
Copyright (C) 1995-2004 Jean-loup Gailly and Mark Adler This software is provided 'as-is', without any express or implied warranty. In no event will the authors be held liable for any damages arising from the use of this software. Permission is granted to anyone to use this software for any purpose, including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions: 1.
jloup@gzip.org madler@alumni.caltech.edu The data format used by the zlib library is described by RFCs (Request for Comments) 1950 to 1952 in the files ftp://ds.internic.net/rfc/rfc1950.txt (zlib format), rfc1951.txt (deflate format) and rfc1952.txt (gzip format). This Product includes curl-7.19.7 under the Curl MIT/X License. Curl License COPYRIGHT AND PERMISSION NOTICE Copyright (c) 1996 - 2010, Daniel Stenberg, . All rights reserved.
OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. Except as contained in this notice, the name of a copyright holder shall not be used in advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization of the copyright holder.
The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public Licenses are intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This license, the Library General Public License, applies to some specially designated Free Software Foundation software, and to any other libraries whose authors decide to use it. You can use it for your libraries, too.
individually obtain patent licenses, thus in effect transforming the program into proprietary software. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. Most GNU software, including some libraries, is covered by the ordinary GNU General Public License, which was designed for utility programs. This license, the GNU Library General Public License, applies to certain designated libraries.
TERMS AND CONDITIONS MODIFICATION FOR COPYING, DISTRIBUTION AND 0. This License Agreement applies to any software library which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Library General Public License (also called "this License"). Each licensee is addressed as "you".
You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: * a) The modified work must itself be a software library.
In addition, mere aggregation of another work not based on the Library with the Library (or with a work based on the Library) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may opt to apply the terms of the ordinary GNU General Public License instead of this License to a given copy of the Library.
is therefore covered by this License. Section 6 states terms for distribution of such executables. When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law.
files in the Library will not necessarily be able to recompile the application to use the modified definitions.) * b) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution. * c) If distribution of the work is made by offering access to copy from a designated place, offer equivalent access to copy the above specified materials from the same place.
However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Library or its derivative works. These actions are prohibited by law if you do not accept this License.
This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 12. If the distribution and/or use of the Library is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Library under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded.
WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 16.
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. GNU See the Library General Public License for more details. You should have received a copy of the GNU Library General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. Also add information on how to contact you by electronic and paper mail.
math library for Apple's MacOS X/Darwin math library, which was itself swiped from FreeBSD. The original copyright information is as follows: Copyright (C) 1993 by Sun Microsystems, Inc. All rights reserved. Developed at SunPro, a Sun Microsystems, Inc. business. Permission to use, copy, modify, and distribute this software is freely granted, provided that this notice is preserved. It has been ported to work with uClibc and generally behave by Erik Andersen
* Copyright (C) 2006 Tomas Matejicek, slax.org * * LICENSE must follow the one in squashfs. */ This Product includes radvd-1.0 under the radvd License. radvd License The author(s) grant permission for redistribution and use in source and binary forms, with documentation or without modification, of the software and provided that the following conditions are met: 0.
must display the following acknowledgement with the name(s) of the authors as specified in the copyright notice(s) substituted where indicated: This product includes software developed by the authors which are mentioned at the start of the source files and other contributors. 5. Neither the name(s) of the author(s) nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
This Product includes wsc_upnp under the Ralink and Intel License. wsc_upnp License /////////////////////////////////////////////////////////////////////////// // // Copyright (c) 2000-2003 Ralink Corporation // All rights reserved.
// EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, // PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR // PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY // OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING // NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS // SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS // "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT // LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR // A PARTICULAR PURPOSE ARE DISCLAIMED.
based at SourceForge, and Networks Associates Technology, Inc hold the copyright on behalf of the wider Net-SNMP community, covering all derivative work done since then. An additional copyright section has been added as Part 3 below also under a BSD license for the work contributed by Cambridge Broadband Ltd. to the project since 2001. An additional copyright section has been added as Part 4 below also under a BSD license for the work contributed by Sun Microsystems, Inc. to the project since 2003.
pertaining to distribution of the software without specific written permission. CMU AND THE REGENTS OF THE UNIVERSITY OF CALIFORNIA DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDER ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the Sun Microsystems, Inc. nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
documentation and/or other materials provided with the distribution. * Neither the name of Sparta, Inc nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* Neither the name of Cisco, Inc, Beijing University of Posts and Telecommunications, nor the names of their contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission.
“LZMA SDK Copyright (C) 1999-2006 Igor Pavlov LICENSE ------- LZMA SDK is available under any of the following licenses: 1) GNU Lesser General Public License (GNU LGPL) 2) Common Public License (CPL) 3) Simplified license for unmodified code (read SPECIAL EXCEPTION) 4) Proprietary license It means that you can select one of these four options and follow rules of that license.
while you keep LZMA SDK code unmodified. SPECIAL EXCEPTION #2: Igor Pavlov, as the author of this code, expressly permits you to use this code under the same terms and conditions contained in the License Agreement you have for any previous version of LZMA SDK developed by Igor Pavlov. SPECIAL EXCEPTION #2 allows owners of proprietary licenses to use latest version of LZMA SDK as update for previous versions.
You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA USA 02111-1307 You should have received a copy of the Common Public License along with this library.“ (squshfs3.2-r2) GPLv2 Copyright 2002-2007 Phillip Lougher http://squashfs.sourceforge.net/ This Product includes libnvram under the following License.
This Product includes mkimage under the following License. mkimage License NOTE! This copyright does *not* cover the so-called "standalone" applications that use U-Boot services by means of the jump table provided by U-Boot exactly for this purpose - this is merely considered normal use of U-Boot, and does *not* fall under the heading of "derived work".
This Product includes ntp-4.1.2 under the following License. ntp-4.1.2 License The following copyright notice applies to all files collectively called the Network Time Protocol Version 4 Distribution. Unless specifically declared otherwise in an individual file, this notice applies as if the text was explicitly included in the file.
The following individuals contributed in part to the Network Time Protocol Distribution Version 4 and are acknowledged as authors of this work. 1. Mark Andrews Leitch atomic clock controller 2. Bernd Altmeier hopf Elektronik serial line and PCI-bus devices 3. Viraj Bais and Clayton Kirkwood port to WindowsNT 3.5 4. Michael Barone GPSVME fixes 5.
18. Dave Hart General maintenance, Windows port interpolation rewrite. 19. Claas Hilbrecht NeoClock4X clock driver 20. Glenn Hollinger GOES clock driver 21. Mike Iglesias DEC Alpha port 22. Jim Jagielski A/UX port 23. Jeff Johnson massive prototyping overhaul 24. Hans Lambermont or ntpsweep 25.
38. Kamal A Mostafa SCO OpenServer port 39. Derek Mulcahy and Damon Hart-Davis ARCRON MSF clock driver 40. Rob Neal Bancomm refclock and config/parse code maintenance 41. Rainer Pruy monitoring/trap scripts, statistics file handling 42. Dirce Richards Digital UNIX V4.0 port 43. Wilfredo Sánchez added support for NetInfo 44. Nick Sayer
