VMG8924-B10A and VMG8924B30A Series Dual Band Wireless AC/N VDSL2 VoIP Combo WAN Gigabit IAD Version 1.00 Edition 1, 11/2013 Quick Start Guide User’s Guide Default Login Details LAN IP Address http://192.168.1.1 Login www.zyxel.
IMPORTANT! READ CAREFULLY BEFORE USE. KEEP THIS GUIDE FOR FUTURE REFERENCE. Screenshots and graphics in this book may differ slightly from your product due to differences in your product firmware or your computer operating system. Every effort has been made to ensure that the information in this manual is accurate. Related Documentation • Quick Start Guide The Quick Start Guide shows how to connect the Device and get up and running right away.
Contents Overview Contents Overview User’s Guide .......................................................................................................................................15 Introducing the Device ............................................................................................................................17 The Web Configurator .............................................................................................................................27 Quick Start .............
Contents Overview E-mail Notification .................................................................................................................................305 Logs Setting .........................................................................................................................................307 Firmware Upgrade ................................................................................................................................ 311 Configuration ......................
Table of Contents Table of Contents Contents Overview ..............................................................................................................................3 Table of Contents .................................................................................................................................5 Part I: User’s Guide ......................................................................................... 15 Chapter 1 Introducing the Device ................................
Table of Contents Chapter 4 Network Map and Status Screens .....................................................................................................39 4.1 Overview ...........................................................................................................................................39 4.2 The Network Map Screen .................................................................................................................39 4.3 The Status Screen ............................
Table of Contents 6.10.3 Wireless Security Overview ...................................................................................................95 6.10.4 Signal Problems ....................................................................................................................98 6.10.5 BSS .......................................................................................................................................98 6.10.6 MBSSID ....................................................
Table of Contents 9.1 Overview ........................................................................................................................................139 9.1.1 What You Can Do in this Chapter ..........................................................................................139 9.2 What You Need to Know .................................................................................................................139 9.3 The Quality of Service General Screen .......................
Table of Contents 11.3 The Dynamic DNS Screen ............................................................................................................177 Chapter 12 Interface Group .................................................................................................................................179 12.1 Overview .......................................................................................................................................179 12.1.
Table of Contents 15.4.1 Add/Edit an ACL Rule ........................................................................................................202 15.5 The DoS Screen ............................................................................................................................204 Chapter 16 MAC Filter..........................................................................................................................................205 16.1 Overview ...............................
Table of Contents 20.5.5 IPSec and NAT ....................................................................................................................232 20.5.6 VPN, NAT, and NAT Traversal .............................................................................................232 20.5.7 ID Type and Content ............................................................................................................233 20.5.8 Pre-Shared Key ...........................................................
Table of Contents 24.1 The VoIP Status Screen ................................................................................................................275 Chapter 25 ARP Table ..........................................................................................................................................277 25.1 Overview .......................................................................................................................................277 25.1.1 How ARP Works ...........
Table of Contents Chapter 33 TR-064................................................................................................................................................297 33.1 Overview .......................................................................................................................................297 33.2 The TR-064 Screen .......................................................................................................................297 Chapter 34 SNMP ............
Table of Contents 40.3 Ping & TraceRoute & NsLookup ...................................................................................................318 40.4 802.1ag .........................................................................................................................................319 40.5 OAM Ping ......................................................................................................................................320 Chapter 41 Troubleshooting.......................
P ART I User’s Guide 15
C HAPT ER 1 Introducing the Device 1.1 Overview The Device is a wireless VDSL router and Gigabit Ethernet gateway. It has a DSL port and a Gigabit Ethernet port for super-fast Internet access. The Device supports both Packet Transfer Mode (PTM) and Asynchronous Transfer Mode (ATM). It is backward compatible with ADSL, ADSL2 and ADSL2+ in case VDSL is not available. Only use firmware for your Device’s specific model. Refer to the label on the bottom of your Device.
Chapter 1 Introducing the Device • Back up the configuration (and make sure you know how to restore it). Restoring an earlier working configuration may be useful if the device becomes unstable or even crashes. If you forget your password, you will have to reset the Device to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the Device. You could simply restore your last configuration. 1.
Chapter 1 Introducing the Device your network. This means that probes from the outside to your network are not allowed, but you can safely browse the Internet and download files.
Chapter 1 Introducing the Device 1.4.2 Device’s USB Support The USB port of the Device is used for file-sharing, media server and printer-sharing. File Sharing Use the built-in USB 2.0 port to share files on a USB memory stick or a USB hard drive (B). You can connect one USB hard drive to the Device at a time. Use FTP to access the files on the USB device. Figure 2 USB File Sharing Application B A Media Server You can also use the Device as a media server.
Chapter 1 Introducing the Device Printer Server The Device allows you to share a USB printer on your LAN. You can do this by connecting a USB printer to one of the USB ports on the Device and then configuring a TCP/IP port on the computers connected to your network. Figure 4 Sharing a USB Printer 1.5 LEDs (Lights) The following graphic displays the labels of the LEDs. Figure 5 LEDs on the Device 2.4G 5G None of the LEDs are on if the Device is not receiving power.
Chapter 1 Introducing the Device Table 1 LED Descriptions (continued) LED COLOR STATUS DESCRIPTION Green On The Device has an IP connection but no traffic. INTERNET Your device has a WAN IP address (either static or assigned by a DHCP server), PPP negotiation was successfully completed (if used) and the DSL connection is up. Blinking The Device is sending or receiving IP traffic. Off There is no Internet connection or the gateway is in bridged mode.
Chapter 1 Introducing the Device Table 1 LED Descriptions (continued) LED COLOR Green USB2 STATUS DESCRIPTION On The Device recognizes a USB connection through the USB2 slot. Blinking The Device is sending/receiving data to /from the USB device connected to it. Off The Device does not detect a USB connection through the USB2 slot. 1.
Chapter 1 Introducing the Device To activate WPS: 1 Make sure the PWR/SYS LED is on and not blinking. 2 Press the WPS button for five seconds and release it. 3 Press the WPS button on another WPS-enabled device within range of the Device. The WiFi 2.4G LED flashes orange while the Device sets up a WPS connection with the other wireless device. 4 Once the connection is successfully made, the WiFi 2.4G LED shines green. To turn off the wireless network, press the Wi-Fi button for one to five seconds.
Chapter 1 Introducing the Device 5 Push the bracket up to tightly attach it to the Device. 6 Mount the Device on the screws which are already installed on the wall. Make sure that the Device is firmly attached to the screws so it does not fall off.
Chapter 1 Introducing the Device 26 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPT ER 2 The Web Configurator 2.1 Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later versions or Mozilla Firefox 3 and later versions or Safari 2.0 and later versions. The recommended screen resolution is 1024 by 768 pixels. In order to use the web configurator you need to allow: • Web browser pop-up windows from your device.
Chapter 2 The Web Configurator 4 The following screen displays if you have not yet changed your password. It is strongly recommended you change the default password. Enter a new password, retype it to confirm and click Apply; alternatively click Skip to proceed to the main menu if you do not want to change the password now. Figure 8 Change Password Screen 5 The Quick Start Wizard screen appears. You can configure the Device’s time zone, basic Internet access, and wireless settings.
Chapter 2 The Web Configurator 2.2 Web Configurator Layout Figure 10 Screen Layout A B C As illustrated above, the main screen is divided into these parts: • A - title bar • B - main window • C - navigation panel 2.2.1 Title Bar The title bar provides some icons in the upper right corner. The icons provide the following functions. Table 2 Web Configurator Icons in the Title Bar ICON DESCRIPTION Language: Select the language you prefer.
Chapter 2 The Web Configurator Table 2 Web Configurator Icons in the Title Bar ICON DESCRIPTION Quick Start: Click this icon to open screens where you can configure the Device’s time zone Internet access, and wireless settings. Logout: Click this icon to log out of the web configurator. 2.2.2 Main Window The main window displays information and configuration fields. It is discussed in the rest of this document. After you click Status on the Connection Status page, the Status screen is displayed.
Chapter 2 The Web Configurator 2.2.3 Navigation Panel Use the menu items on the navigation panel to open screens to configure Device features. The following tables describe each menu item. Table 3 Navigation Panel Summary LINK TAB Connection Status FUNCTION This screen shows the network status of the Device and computers/ devices connected to it.
Chapter 2 The Web Configurator Table 3 Navigation Panel Summary (continued) LINK Routing QoS NAT DNS TAB FUNCTION Static Route Use this screen to view and set up static routes on the Device. DNS Route Use this screen to forward DNS queries for certain domain names through a specific WAN interface to its DNS server(s). Policy Forwarding Use this screen to configure policy routing on the Device.
Chapter 2 The Web Configurator Table 3 Navigation Panel Summary (continued) LINK TAB FUNCTION Parental Control Use this screen to block web sites with the specific URL. Scheduler Rules Use this screen to configure the days and times when a configured restriction (such as parental control) is enforced. Certificates IPSec VPN Local Certificates Use this screen to view a summary list of certificates and manage certificates and certification requests.
Chapter 2 The Web Configurator Table 3 Navigation Panel Summary (continued) LINK TAB User Account Use this screen to change user password on the Device. Remote MGMT Use this screen to enable specific traffic directions for network services. TR-069 Client Use this screen to configure the Device to be managed by an Auto Configuration Server (ACS). TR-064 Use this screen to enable management via TR-064 on the LAN. SNMP Use this screen to configure SNMP (Simple Network Management Protocol) settings.
C HAPT ER 3 Quick Start 3.1 Overview Use the Quick Start screens to configure the Device’s time zone, basic Internet access, and wireless settings. Note: See the technical reference chapters (starting on page 37) for background information on the features in this chapter. 3.2 Quick Start Setup 1 The Quick Start Wizard appears automatically after login. Or you can click the Click Start icon in the top right corner of the web configurator to open the quick start screens.
Chapter 3 Quick Start 2 Enter your Internet connection information in this screen. The screen and fields to enter may vary depending on your current connection type. Click Next. Click Next. Figure 13 Internet Connection 3 Turn the wireless LAN on or off. If you keep it on, record the security settings so you can configure your wireless clients to connect to the Device. Click Save. Figure 14 Internet Connection 4 36 Your Device saves your settings and attempts to connect to the Internet.
P ART II Technical Reference 37
C HAPT ER 4 Network Map and Status Screens 4.1 Overview After you log into the Web Configurator, the Network Map screen appears. This shows the network connection status of the Device and clients connected to it. You can use the Status screen to look at the current status of the Device, system resources, and interfaces (LAN, WAN, and WLAN). 4.2 The Network Map Screen Use this screen to view the network connection status of the device and its clients.
Chapter 4 Network Map and Status Screens If you want to view information about a client, click the client’s name and Info. Click the IP address if you want to change it. If you want to change the name or icon of the client, click Change name/ icon. If you prefer to view the status in a list, click List View in the Viewing mode selection box. You can configure how often you want the Device to update this screen in Refresh interval. Figure 16 Network Map: List View Mode 4.
Chapter 4 Network Map and Status Screens Each field is described in the following table. Table 4 Status Screen LABEL DESCRIPTION Refresh Interval Select how often you want the Device to update this screen. Device Information Host Name This field displays the Device system name. It is used for identification. Model Number This shows the model number of your Device. Firmware Version This is the current version of the firmware inside the Device.
Chapter 4 Network Map and Status Screens Table 4 Status Screen (continued) LABEL DESCRIPTION CPU Usage This field displays what percentage of the Device’s processing ability is currently used. When this percentage is close to 100%, the Device is running at full load, and the throughput is not going to improve anymore. If you want some applications to have more throughput, you should turn off other applications (for example, using QoS; see Chapter 9 on page 139).
Chapter 4 Network Map and Status Screens Table 4 Status Screen (continued) LABEL DESCRIPTION Account Status This field displays the current registration status of the SIP account. You have to register SIP accounts with a SIP server to use VoIP. Inactive - The SIP account is not active. You can activate it in VoIP > SIP > SIP Account. Not Registered - The last time the Device tried to register the SIP account with the SIP server, the attempt failed. Use the Register button to register the account again.
Chapter 4 Network Map and Status Screens 44 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPT ER 5 Broadband 5.1 Overview This chapter discusses the Device’s Broadband screens. Use these screens to configure your Device for Internet access. A WAN (Wide Area Network) connection is an outside connection to another network or the Internet. It connects your private networks, such as a LAN (Local Area Network) and other networks, so that a computer in one location can communicate with computers in other locations.
Chapter 5 Broadband • Use the Advanced screen to enable or disable PTM over ADSL, Annex M/Annex J, and DSL PhyR functions (Section 5.4 on page 63). • Use the 802.1x screen to view and configure the IEEE 802.1X settings on the Device (Section 5.5 on page 64). • Use the Wan Status screen to view a WAN interface’s historical traffic transmission rate. (Section 5.6 on page 65).
Chapter 5 Broadband WAN IP Address The WAN IP address is an IP address for the Device, which makes it accessible from an outside network. It is used by the Device to communicate with other devices in other networks. It can be static (fixed) or dynamically assigned by the ISP each time the Device tries to access the Internet. If your ISP assigns you a static WAN IP address, they should also assign you the subnet mask and DNS server IP address(es).
Chapter 5 Broadband • Any number of consecutive blocks of zeros can be replaced by a double colon. A double colon can only appear once in an IPv6 address. So 2001:0db8:0000:0000:1a2f:0000:0000:0015 can be written as 2001:0db8::1a2f:0000:0000:0015, 2001:0db8:0000:0000:1a2f::0015, 2001:db8::1a2f:0:0:15 or 2001:db8:0:0:1a2f::15. IPv6 Prefix and Prefix Length Similar to an IPv4 subnet mask, IPv6 uses an address prefix to represent the network address.
Chapter 5 Broadband Dual Stack Lite Use Dual Stack Lite when local network computers use IPv4 and the ISP has an IPv6 network. When the Device has an IPv6 WAN address and you set IPv6/IPv4 Mode to IPv6 Only, you can enable Dual Stack Lite to use IPv4 computers and services. The Device tunnels IPv4 packets inside IPv6 encapsulation packets to the ISP’s Address Family Transition Router (AFTR in the graphic) to connect to the IPv4 Internet. The local network can also use IPv6 services.
Chapter 5 Broadband The following table describes the labels in this screen. Table 6 Network Setting > Broadband LABEL DESCRIPTION Add New WAN Interface Click this button to create a new connection. # This is the index number of the entry. Name This is the service name of the connection. Type This shows whether it is an ATM, Ethernet or a PTM connection. Mode This shows whether the connection is in routing or bridge mode.
Chapter 5 Broadband 5.2.1 Add/Edit Internet Connection Click Add New WAN Interface in the Broadband screen or the Edit icon next to an existing WAN interface to configure a WAN connection. The screen varies depending on the interface type, mode, encapsulation, and IPv6/IPv4 mode you select. 5.2.1.1 Routing Mode Use Routing mode if your ISP give you one IP address only and you want multiple computers to share an Internet account.
Chapter 5 Broadband Table 7 Network Setting > Broadband > Add New WAN Interface/Edit (Routing Mode) (continued) LABEL DESCRIPTION Mode Select Routing if your ISP give you one IP address only and you want multiple computers to share an Internet account. Encapsulation Select the method of encapsulation used by your ISP from the drop-down list box. This option is available only when you select Routing in the Mode field. The choices depend on the connection type you selected.
Chapter 5 Broadband Table 7 Network Setting > Broadband > Add New WAN Interface/Edit (Routing Mode) (continued) LABEL DESCRIPTION Sustainable Cell Rate The Sustainable Cell Rate (SCR) sets the average cell rate (long-term) that can be transmitted. Type the SCR, which must be less than the PCR. Note that system default is 0 cells/sec. This field is available only when you select Non Realtime VBR or Realtime VBR.
Chapter 5 Broadband Table 7 Network Setting > Broadband > Add New WAN Interface/Edit (Routing Mode) (continued) LABEL DESCRIPTION Routing Feature (This is available only when you select IPv4 Only or IPv6/IPv4 DualStack in the IPv6/ IPv4 Mode field.) NAT Enable Select this option to activate NAT on this connection. IGMP Proxy Enable Internet Group Multicast Protocol (IGMP) is a network-layer protocol used to establish membership in a Multicast group - it is not used to carry user data.
Chapter 5 Broadband Table 7 Network Setting > Broadband > Add New WAN Interface/Edit (Routing Mode) (continued) LABEL DESCRIPTION IPv6 Address Select Automatic if you want to have the Device use the IPv6 prefix from the connected router’s Router Advertisement (RA) to generate an IPv6 address. • • Select Get IPv6 Address From DHCPv6 Server(IA_NA) if you want to obtain an IPv6 address from a DHCPv6 server.
Chapter 5 Broadband Table 7 Network Setting > Broadband > Add New WAN Interface/Edit (Routing Mode) (continued) LABEL DESCRIPTION MTU MTU Size Enter the MTU (Maximum Transfer Unit) size for this traffic. Apply Click Apply to save your changes back to the Device. Cancel Click Cancel to exit this screen without saving. 5.2.1.2 Bridge Mode Click the Add new WAN Interface in the Network Setting > Broadband screen or the Edit icon next to the connection you want to configure.
Chapter 5 Broadband Table 8 Network Setting > Broadband > Add New WAN Interface/Edit (Bridge Mode) (continued) LABEL DESCRIPTION 802.1p IEEE 802.1p defines up to 8 separate traffic types by inserting a tag into a MAC-layer frame that contains bits to define class of service. Select the IEEE 802.1p priority level (from 0 to 7) to add to traffic through this connection. The greater the number, the higher the priority level. 802.
Chapter 5 Broadband Table 9 Network Setting > Broadband > Add New WAN Interface/Edit (ADSL over ATM - Bridge Mode) (continued) LABEL DESCRIPTION Mode Select Bridge when your ISP provides you more than one IP address and you want the connected computers to get individual IP address from ISP’s DHCP server directly. If you select Bridge, you cannot use routing functions, such as QoS, Firewall, DHCP server and NAT on traffic from the selected LAN port(s).
Chapter 5 Broadband Table 9 Network Setting > Broadband > Add New WAN Interface/Edit (ADSL over ATM - Bridge Mode) (continued) LABEL DESCRIPTION QoS Rate Limit Enter the rate limit for the connection. This is the maximum transmission rate allowed for traffic on this connection. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 5.
Chapter 5 Broadband Note: The actual data rate you obtain varies depending the 3G card you use, the signal strength to the service provider’s base station, and so on. Figure 27 Network Setting > Broadband > 3G Backup The following table describes the labels in this screen. Table 10 Network Setting > Broadband > 3G Backup LABEL DESCRIPTION General 3G Backup Select Enable to have the Device use the 3G connection as your WAN or a backup when the wired WAN connection fails.
Chapter 5 Broadband Table 10 Network Setting > Broadband > 3G Backup (continued) LABEL DESCRIPTION Username Type the user name (of up to 64 ASCII printable characters) given to you by your service provider. Password Type the password (of up to 64 ASCII printable characters) associated with the user name above. PIN A PIN (Personal Identification Number) code is a key to a 3G card. Without the PIN code, you cannot use the 3G card.
Chapter 5 Broadband Table 10 Network Setting > Broadband > 3G Backup (continued) LABEL DESCRIPTION Send Notification to Email Notifications are sent to the e-mail address specified in this field. If this field is left blank, notifications cannot be sent via e-mail. Advanced Click this to show the advanced 3G backup settings. Budget Setup Enable Budget Control Select Enable to set a monthly limit for the user account of the installed 3G card. You can set a limit on the total traffic and/or call time.
Chapter 5 Broadband Table 10 Network Setting > Broadband > 3G Backup (continued) LABEL DESCRIPTION Mail Server Select a mail server for the e-mail address specified below. If you do not select a mail server, e-mail notifications cannot be sent via e-mail. You must have configured a mail server already in the Maintenance > Email Notification screen. Over Budget Email Title Type a title that you want to be in the subject line of the e-mail notifications that the Device sends.
Chapter 5 Broadband Table 11 Network Setting > Network Setting > Broadband (continued) LABEL DESCRIPTION PhyR DS Enable or disable PhyR DS (downstream) for downstream transmission from the WAN. PhyR DS should be enabled if data being transmitted downstream is sensitive to noise. However, enabling PhyR DS can decrease the DS line rate. Enabling or disabling PhyR will require the CPE to retrain. For PhyR to function, the DSLAM must also support PhyR and have it enabled.
Chapter 5 Broadband 5.5.1 Edit 802.1X Settings Use this screen to edit 802.1X authentication settings. Click the Edit icon next to the rule you want to edit. The screen shown next appears. Figure 30 Network Setting > Broadband > 802.1x: Edit The following table describes the labels in this screen. Table 13 Network Setting > Broadband > 802.1x: Edit LABEL DESCRIPTION Active This field allows you to activate/deactivate the authentication. Select this to enable the authentication.
Chapter 5 Broadband Figure 31 Network Setting > Broadband > Wan Status The following table describes the labels in this screen. Table 14 Network Setting > Broadband > Wan Status LABEL DESCRIPTION Interface Select a WAN interface to see its historical traffic transmission rate in the chart. Direction Select RX or TX to display received traffic only or transmitted traffic only in the chart. Time Interval Select the time periods to display in the chart. Available choices are Minute, Day, and Month.
Chapter 5 Broadband and the WAN interface and then formatted so that they can be understood in a bridged environment. For instance, it encapsulates routed Ethernet frames into bridged Ethernet cells. PPP over ATM (PPPoA) PPPoA stands for Point to Point Protocol over ATM Adaptation Layer 5 (AAL5). A PPPoA connection functions like a dial-up Internet connection.
Chapter 5 Broadband In this case one VC carries multiple protocols with protocol identifying information being contained in each packet header. Despite the extra bandwidth and processing overhead, this method may be advantageous if it is not practical to have a separate VC for each carried protocol, for example, if charging heavily depends on the number of simultaneous VCs.
Chapter 5 Broadband that continuously require a specific amount of bandwidth. A PCR is specified and if traffic exceeds this rate, cells may be dropped. Examples of connections that need CBR would be high-resolution video and voice. Variable Bit Rate (VBR) The Variable Bit Rate (VBR) ATM traffic class is used with bursty connections. Connections that use the Variable Bit Rate (VBR) traffic class can be grouped into real time (VBR-RT) or non-real time (VBR-nRT) connections.
Chapter 5 Broadband Introduction to IEEE 802.1Q Tagged VLAN A tagged VLAN uses an explicit tag (VLAN ID) in the MAC header to identify the VLAN membership of a frame across bridges - they are not confined to the switch on which they were created. The VLANs can be created statically by hand or dynamically through GVRP. The VLAN ID associates a frame with a specific VLAN and provides the information that switches need to process the frame across the network.
Chapter 5 Broadband 1 The ISP tells you the DNS server addresses, usually in the form of an information sheet, when you sign up. If your ISP gives you DNS server addresses, manually enter them in the DNS server fields. 2 If your ISP dynamically assigns the DNS server IP addresses (along with the Device’s WAN IP address), set the DNS server fields to get the DNS server address from the ISP. IPv6 Addressing The 128-bit IPv6 address is written as eight 16-bit hexadecimal blocks separated by colons (:).
Chapter 5 Broadband 72 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPT ER 6 Wireless 6.1 Overview This chapter describes the Device’s Network Setting > Wireless screens. Use these screens to set up your Device’s wireless connection. 6.1.1 What You Can Do in this Chapter This section describes the Device’s Wireless screens. Use these screens to set up your Device’s wireless connection. • Use the General screen to enable the Wireless LAN, enter the SSID and select the wireless security mode (Section 6.2 on page 74).
Chapter 6 Wireless 6.1.2 What You Need to Know Wireless Basics “Wireless” is essentially radio communication. In the same way that walkie-talkie radios send and receive information over the airwaves, wireless networking devices exchange information with one another. A wireless networking device is just like a radio that lets your computer exchange information with radios attached to other computers.
Chapter 6 Wireless Click Network Setting > Wireless to open the General screen. Figure 33 Network Setting > Wireless > General The following table describes the general wireless LAN labels in this screen. Table 15 Network Setting > Wireless > General LABEL DESCRIPTION Wireless Network Setup Wireless You can Enable or Disable the wireless LAN in this field. Band This shows the wireless band which this radio profile is using. 2.4 GHz is the frequency used by IEEE 802.11b/g/n wireless clients.
Chapter 6 Wireless Table 15 Network Setting > Wireless > General (continued) LABEL DESCRIPTION Channel Set the channel depending on your particular region. Select a channel or use Auto to have the Device automatically determine a channel to use. If you are having problems with wireless interference, changing the channel may help. Try to use a channel that is as many channels away from any channels used by neighboring APs as possible.
Chapter 6 Wireless Table 15 Network Setting > Wireless > General (continued) LABEL DESCRIPTION BSSID This shows the MAC address of the wireless interface on the Device when wireless LAN is enabled. Security Level Security Mode Select Basic (WEP, for 2.4 GHz frequency band only) or More Secure (WPA(2)-PSK, WPA(2)) to add security on this wireless network. The wireless clients which want to associate to this network must have same wireless security settings as the Device.
Chapter 6 Wireless Note: WEP is extremely insecure. Its encryption can be broken by an attacker, using widely-available software. It is strongly recommended that you use a more effective security mechanism. Use the strongest security mechanism that all the wireless devices in your network support. For example, use WPA-PSK or WPA2-PSK if all your wireless devices support it, or use WPA or WPA2 if your wireless devices support it and you have a RADIUS server.
Chapter 6 Wireless Table 17 Wireless > General: Basic (WEP) (continued) LABEL DESCRIPTION more.../less Click more... to show more fields in this section. Click less to hide them. WEP Encryption Select 64-bits or 128-bits. This dictates the length of the security key that the network is going to use.
Chapter 6 Wireless 6.2.3 More Secure (WPA(2)-PSK) The WPA-PSK security mode provides both improved data encryption and user authentication over WEP. Using a Pre-Shared Key (PSK), both the Device and the connecting client share a common password in order to validate the connection. This type of encryption, while robust, is not as strong as WPA, WPA2 or even WPA2-PSK. The WPA2-PSK security mode is a newer, more robust version of the WPA encryption standard.
Chapter 6 Wireless Table 18 Wireless > General: More Secure: WPA(2)-PSK (continued) LABEL DESCRIPTION Encryption Select the encryption type (TKIP, AES or TKIP+AES) for data encryption. Select TKIP if your wireless clients can all use TKIP. Select AES if your wireless clients can all use AES. Select TKIP+AES to allow the wireless clients to use either TKIP or AES. Group Key Update Timer The Group Key Update Timer is the rate at which the RADIUS server sends a new group key out to all clients. 6.2.
Chapter 6 Wireless Table 19 Wireless > General: More Secure: WPA(2) (continued) LABEL DESCRIPTION Authentication Server IP Address Enter the IP address of the external authentication server in dotted decimal notation. Port Number Enter the port number of the external authentication server. The default port number is 1812. You need not change this value unless your network administrator instructs you to do so with additional information.
Chapter 6 Wireless The following table describes the labels in this screen. Table 20 Network Setting > Wireless > More AP LABEL DESCRIPTION # This is the index number of the entry. Status This field indicates whether this SSID is active. A yellow bulb signifies that this SSID is active. A gray bulb signifies that this SSID is not active. SSID An SSID profile is the set of parameters relating to one of the Device’s BSSs.
Chapter 6 Wireless 6.3.1 Edit More AP Use this screen to edit an SSID profile. Click the Edit icon next to an SSID in the More AP screen. The following screen displays. Figure 39 Network Setting > Wireless > More AP > Edit The following table describes the fields in this screen. Table 21 Network Setting > Wireless > More AP > Edit LABEL DESCRIPTION Wireless Network Setup Wireless You can Enable or Disable the wireless LAN in this field. Passphrase Type Passphrase type cannot be changed.
Chapter 6 Wireless Table 21 Network Setting > Wireless > More AP > Edit (continued) LABEL DESCRIPTION Wireless Network Name (SSID) The SSID (Service Set IDentity) identifies the service set with which a wireless device is associated. Wireless devices associating to the access point (AP) must have the same SSID. Max clients Specify the maximum number of clients that can connect to this network at the same time.
Chapter 6 Wireless 6.4 MAC Authentication This screen allows you to configure the ZyXEL Device to give exclusive access to specific devices (Allow) or exclude specific devices from accessing the ZyXEL Device (Deny). Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. You need to know the MAC addresses of the devices to configure this screen.
Chapter 6 Wireless 6.5 The WPS Screen Use this screen to configure WiFi Protected Setup (WPS) on your Device. WPS allows you to quickly set up a wireless network with strong security, without having to configure security settings manually. Set up each WPS connection between two devices. Both devices must support WPS. See Section 6.10.9.3 on page 102 for more information about WPS. Note: The Device applies the security settings of the SSID1 profile (see Section 6.2 on page 74).
Chapter 6 Wireless Table 23 Network Setting > Wireless > WPS (continued) LABEL Register DESCRIPTION Enter the PIN of the device that you are setting up a WPS connection with and click Register to authenticate and add the wireless device to your wireless network. You can find the PIN either on the outside of the device, or by checking the device’s settings. Note: You must also activate WPS on that device within two minutes to have it present its PIN to the Device.
Chapter 6 Wireless Table 24 Network Setting > Wireless > WMM (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. 6.7 The WDS Screen An AP using the Wireless Distribution System (WDS) can function as a wireless network bridge allowing you to wirelessly connect two wired network segments. The WDS screen allows you to configure the Device to connect to two or more APs wirelessly when WDS is enabled.
Chapter 6 Wireless The following table describes the labels in this screen. Table 25 Network Setting > Wireless > WDS LABEL DESCRIPTION Wireless Bridge Setup AP Mode Select the operating mode for your Device. • • Bridge Restrict Access Point - The Device functions as a bridge and access point simultaneously. Wireless Bridge - The Device acts as a wireless network bridge and establishes wireless links with other APs. In this mode, clients cannot connect to the Device wirelessly.
Chapter 6 Wireless The following table describes the labels in this screen. Table 26 WDS: Scan LABEL DESCRIPTION Wireless Bridge Scan Setup Refresh Click Refresh to update the table. # This is the index number of the entry. SSID This shows the SSID of the available wireless device within range. BSSID This shows the MAC address of the available wireless device within range. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. 6.
Chapter 6 Wireless Table 27 Network Setting > Wireless > Others (continued) LABEL DESCRIPTION Auto Channel Timer If you set the channel to Auto in the Network Setting > Wireless > General screen, specify the interval in minutes for how often the Device scans for the best channel. Enter 0 to disable the periodical scan. Output Power Set the output power of the Device. If there is a high density of APs in an area, decrease the output power to reduce interference with other APs.
Chapter 6 Wireless Table 27 Network Setting > Wireless > Others (continued) LABEL DESCRIPTION OBSS Coexistence Select Enable to allow the coexistence of 20 MHz and 40 MHz Overlapping Basic Service Sets (OBSS) in wireless local area networks. Select Disabled to disable this feature. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. 6.9 The Channel Status Screen Use the Channel Status screen to scan wireless LAN channel noises and view the results.
Chapter 6 Wireless 6.10.1 Wireless Network Overview Wireless networks consist of wireless clients, access points and bridges. • A wireless client is a radio connected to a user’s computer. • An access point is a radio with a wired connection to a network, which can connect with numerous wireless clients and let them access the network. • A bridge is a radio that relays communications between access points and wireless clients, extending a network’s range.
Chapter 6 Wireless • If two wireless networks overlap, they should use a different channel. Like radio stations or television channels, each wireless network uses a specific channel, or frequency, to send and receive information. • Every device in the same wireless network must use security compatible with the AP. Security stops unauthorized devices from using the wireless network. It can also protect the information that is sent in the wireless network.
Chapter 6 Wireless These security standards do two things. First, they authenticate. This means that only people presenting the right credentials (often a username and password, or a “key” phrase) can access the network. Second, they encrypt. This means that the information sent over the air is encoded. Only people with the code key can understand the information, and only people who have been authenticated are given the code key. These security standards vary in effectiveness.
Chapter 6 Wireless This type of security does not protect the information that is sent in the wireless network. Furthermore, there are ways for unauthorized wireless devices to get the MAC address of an authorized device. Then, they can use that MAC address to use the wireless network. 6.10.3.3 User Authentication Authentication is the process of verifying whether a wireless device is allowed to use the wireless network. You can make every user log in to the wireless network before using it.
Chapter 6 Wireless support WPA2, you should set up WPA2-PSK or WPA2 (depending on the type of wireless network login) and select the WPA compatible option in the Device. Many types of encryption use a key to protect the information in the wireless network. The longer the key, the stronger the encryption. Every device in the wireless network must have the same key. 6.10.
Chapter 6 Wireless 6.10.6 MBSSID Traditionally, you need to use different APs to configure different Basic Service Sets (BSSs). As well as the cost of buying extra APs, there is also the possibility of channel interference. The Device’s MBSSID (Multiple Basic Service Set IDentifier) function allows you to use one access point to provide several BSSs simultaneously. You can then assign varying QoS priorities and/or security modes to different SSIDs.
Chapter 6 Wireless establish a WDS link with access point AP 2, which has a wired Internet connection. When AP 1 has a WDS link with AP 2, the notebook computer can access the Internet through AP 2. Figure 49 WDS Link Example WDS A AP 1 AP 2 6.10.9 WiFi Protected Setup (WPS) Your Device supports WiFi Protected Setup (WPS), which is an easy way to set up a secure wireless network. WPS is an industry standard specification, defined by the WiFi Alliance.
Chapter 6 Wireless 6.10.9.2 PIN Configuration Each WPS-enabled device has its own PIN (Personal Identification Number). This may either be static (it cannot be changed) or dynamic (in some devices you can generate a new PIN by clicking on a button in the configuration interface).
Chapter 6 Wireless The following figure shows a WPS-enabled wireless client (installed in a notebook computer) connecting to the WPS-enabled AP via the PIN method. Figure 50 Example WPS Process: PIN Method ENROLLEE REGISTRAR WPS This device’s WPS PIN: 123456 WPS Enter WPS PIN from other device: WPS START WPS START WITHIN 2 MINUTES SECURE EAP TUNNEL SSID WPA(2)-PSK COMMUNICATION 6.10.9.3 How WPS Works When two WPS-enabled devices connect, each device must assume a specific role.
Chapter 6 Wireless The following figure shows a WPS-enabled client (installed in a notebook computer) connecting to a WPS-enabled access point. Figure 51 How WPS works ACTIVATE WPS ACTIVATE WPS WITHIN 2 MINUTES WPS HANDSHAKE ENROLLEE REGISTRAR SECURE TUNNEL SECURITY INFO COMMUNICATION The roles of registrar and enrollee last only as long as the WPS setup process is active (two minutes). The next time you use WPS, a different device can be the registrar if necessary.
Chapter 6 Wireless is the registrar, and Client 1 is the enrollee. The registrar randomly generates the security information to set up the network, since it is unconfigured and has no existing information. Figure 52 WPS: Example Network Step 1 ENROLLEE REGISTRAR SECURITY INFO AP1 CLIENT 1 In step 2, you add another wireless client to the network.
Chapter 6 Wireless In step 3, you add another access point (AP2) to your network. AP2 is out of range of AP1, so you cannot use AP1 for the WPS handshake with the new access point. However, you know that Client 2 supports the registrar function, so you use it to perform the WPS handshake instead. Figure 54 WPS: Example Network Step 3 EXISTING CONNECTION CLIENT 1 IS EX O GC TIN ION CT E NN AP1 REGISTRAR CLIENT 2 SE CU RIT Y ENROLLEE INF O AP2 6.10.9.
Chapter 6 Wireless • When you use the PBC method, there is a short period (from the moment you press the button on one device to the moment you press the button on the other device) when any WPS-enabled device could join the network. This is because the registrar has no way of identifying the “correct” enrollee, and cannot differentiate between your enrollee and a rogue device. This is a possible way for a hacker to gain access to a network. You can easily check to see if this has happened.
C HAPT ER 7 Home Networking 7.1 Overview A Local Area Network (LAN) is a shared communication system to which many networking devices are connected. It is usually located in one immediate area such as a building or floor of a building. Use the LAN screens to help you configure a LAN DHCP server and manage IP addresses. LAN DSL 7.1.1 What You Can Do in this Chapter • Use the LAN Setup screen to set the LAN IP address, subnet mask, and DHCP settings of your Device (Section 7.2 on page 109).
Chapter 7 Home Networking 7.1.2 What You Need To Know 7.1.2.1 About LAN IP Address IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet Mask Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
Chapter 7 Home Networking • Assigning lease times to mappings Windows Messenger is an example of an application that supports NAT traversal and UPnP. See the Chapter 10 on page 157 for more information on NAT. Cautions with UPnP The automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues. Network information and configuration may also be obtained and modified by users in some network environments.
Chapter 7 Home Networking 3 Click Apply to save your settings. Figure 55 Network Setting > Home Networking > LAN Setup The following table describes the fields in this screen. Table 30 Network Setting > Home Networking > LAN Setup LABEL DESCRIPTION Interface Group Group Name Select the interface group name for which you want to configure LAN settings. See Chapter 12 on page 179 for how to create a new interface group.
Chapter 7 Home Networking Table 30 Network Setting > Home Networking > LAN Setup (continued) LABEL DESCRIPTION IPv4 Address Enter the IPv4 IP address of the actual remote DHCP server in this field. IP Addressing Values This field is only available when you select Enable in the DHCP field. Beginning IP Address This field specifies the first of the contiguous addresses in the IP address pool. Ending IP Address This field specifies the last of the contiguous addresses in the IP address pool.
Chapter 7 Home Networking Table 30 Network Setting > Home Networking > LAN Setup (continued) LABEL DESCRIPTION MLD Snooping Multicast Listener Discovery (MLD) allows an IPv6 switch or router to discover the presence of MLD hosts who wish to receive multicast packets and the IP addresses of multicast groups the hosts want to join on its network. Select Enable MLD Snooping to activate MLD Snooping on the Device.
Chapter 7 Home Networking 7.3 The Static DHCP Screen This table allows you to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses. Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. Use this screen to change your Device’s static DHCP settings.
Chapter 7 Home Networking The following table describes the labels in this screen. Table 32 Static DHCP: Add/Edit LABEL DESCRIPTION Active Select this to activate the connection between the client and the Device. Group Name Select the interface group name for which you want to configure static DHCP settings. See Chapter 12 on page 179 for how to create a new interface group.
Chapter 7 Home Networking The following table describes the labels in this screen. Table 33 Network Setting > Home Networking > UPnP LABEL DESCRIPTION UPnP Select Enable to activate UPnP. Be aware that anyone could use a UPnP application to open the web configurator's login screen without entering the Device's IP address (although you must still enter the password to access the web configurator).
Chapter 7 Home Networking 2 Click on the Windows Setup tab and select Communication in the Components selection box. Click Details. Add/Remove Programs: Windows Setup: Communication 3 In the Communications window, select the Universal Plug and Play check box in the Components selection box.
Chapter 7 Home Networking 4 Click OK to go back to the Add/Remove Programs Properties window and click Next. 5 Restart the computer when prompted. Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. 1 Click Start and Control Panel. 2 Double-click Network Connections. 3 In the Network Connections window, click Advanced in the main menu and select Optional Networking Components ….
Chapter 7 Home Networking 5 In the Networking Services window, select the Universal Plug and Play check box. Networking Services 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. 7.6 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the Device. Make sure the computer is connected to a LAN port of the Device.
Chapter 7 Home Networking 2 Right-click the icon and select Properties. Network Connections 3 In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created.
Chapter 7 Home Networking 4 You may edit or delete the port mappings or click Add to manually add port mappings. Internet Connection Properties: Advanced Settings Internet Connection Properties: Advanced Settings: Add 5 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically. 6 Select Show icon in notification area when connected option and click OK. An icon displays in the system tray.
Chapter 7 Home Networking 7 Double-click on the icon to display your current Internet connection status. Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the Device without finding out the IP address of the Device first. This comes helpful if you do not know the IP address of the Device. Follow the steps below to access the web configurator. 1 Click Start and then Control Panel. 2 Double-click Network Connections.
Chapter 7 Home Networking 3 Select My Network Places under Other Places. Network Connections 4 An icon with the description for each UPnP-enabled device displays under Local Network. 5 Right-click on the icon for your Device and select Invoke. The web configurator login screen displays.
Chapter 7 Home Networking 6 Right-click on the icon for your Device and select Properties. A properties window displays with basic information about the Device.
Chapter 7 Home Networking 7.7 The Additional Subnet Screen Use the Additional Subnet screen to configure IP alias and public static IP. IP alias allows you to partition a physical network into different logical networks over the same Ethernet interface. The Device supports multiple logical LAN interfaces via its physical Ethernet interface with the Device itself as the gateway for the LAN network.
Chapter 7 Home Networking Table 34 Network Setting > Home Networking > Additional Subnet (continued) LABEL DESCRIPTION Offer Public IP by DHCP Select the checkbox to enable the Device to provide public IP addresses by DHCP server. Enable ARP Proxy Select the checkbox to enable the ARP (Address Resolution Protocol) proxy. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 7.
Chapter 7 Home Networking Note: The Device needs to restart to make the role change take effect. Figure 61 Network Setting > Home Networking > 5th Ethernet Port The following table describes the labels in this screen. Table 36 Network Setting > Home Networking > 5th Ethernet Port LABEL DESCRIPTION State Select Enable to use the Ethernet WAN port as a LAN port on the Device. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 7.
Chapter 7 Home Networking The following table describes the labels in this screen. Table 37 Network Setting > Home Networking > LAN VLAN LABEL DESCRIPTION Lan Port These represent the Device’s LAN ports. Tag Operation Select what you want the Device to do to the IEEE 802.1q VLAN ID and priority tags of downstream traffic before sending it out through this LAN port. • • • • Unchange - Don’t do anything to the traffic’s VLAN ID and priority tags. Add - Add VLAN ID and priority tags to untagged traffic.
Chapter 7 Home Networking 7.12 Technical Reference This section provides some technical background information about the topics covered in this chapter. 7.12.1 LANs, WANs and the Device The actual physical connection determines whether the Device ports are LAN or WAN ports. There are two separate IP networks, one inside the LAN network and the other outside the WAN network as shown next. Figure 64 LAN and WAN IP Addresses LAN WAN 7.12.
Chapter 7 Home Networking • Some ISPs choose to disseminate the DNS server addresses using the DNS server extensions of IPCP (IP Control Protocol) after the connection is up. If your ISP did not give you explicit DNS servers, chances are the DNS servers are conveyed through IPCP negotiation. The Device supports the IPCP DNS server extensions through the DNS proxy feature. Please note that DNS proxy works only when the ISP uses the IPCP DNS server extensions.
Chapter 7 Home Networking You can obtain your IP address from the IANA, from an ISP or it can be assigned from a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks. On the other hand, if you are part of a much larger organization, you should consult your network administrator for the appropriate IP addresses.
C HAPT ER 8 Routing 8.1 Overview The Device usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the Device send data to devices not reachable through the default gateway, use static routes. For example, the next figure shows a computer (A) connected to the Device’s LAN interface. The Device routes most traffic from A to the Internet through the Device’s default gateway (R1).
Chapter 8 Routing 8.2 The Routing Screen Use this screen to view and configure the static route rules on the Device. Click Network Setting > Routing > Static Route to open the following screen. Figure 66 Network Setting > Routing > Static Route The following table describes the labels in this screen. Table 39 Network Setting > Routing > Static Route LABEL DESCRIPTION Add new static route Click this to configure a new static route. # This is the index number of the entry.
Chapter 8 Routing 8.2.1 Add/Edit Static Route Use this screen to add or edit a static route. Click Add new static route in the Routing screen or the Edit icon next to the static route you want to edit. The screen shown next appears. Figure 67 Routing: Add/Edit The following table describes the labels in this screen. Table 40 Routing: Add/Edit LABEL DESCRIPTION Active This field allows you to activate/deactivate this static route. Select this to enable the static route.
Chapter 8 Routing 8.3 The DNS Route Screen Use this screen to view and configure DNS routes on the Device. Click Network Setting > Routing > DNS Route to open the following screen. Figure 68 Network Setting > Routing > DNS Route The following table describes the labels in this screen. Table 41 Network Setting > Routing > DNS Route LABEL DESCRIPTION Add new DNS Route Click this to add a new DNS route. # This is the index number of a DNS route.
Chapter 8 Routing The following table describes the labels in this screen. Table 42 DNS Route Add LABEL DESCRIPTION Domain Name Enter the domain name of the DNS route entry. Interface Select the WAN connection through which the Device forwards DNS requests for this domain name. Subnet Mask Enter the subnet mask of the DNS route entry. OK Click this to save your changes. Cancel Click this to exit this screen without saving any changes. 8.
Chapter 8 Routing Table 43 Network Setting > Routing >Policy Forwarding (continued) LABEL DESCRIPTION WAN This is the WAN interface through which the traffic is routed. Modify Click the Edit icon to edit this policy. Click the Delete icon to remove a policy from the Device. A window displays asking you to confirm that you want to delete the policy. 8.4.1 Add/Edit Policy Forwarding Click Add new Policy Forward Rule in the Policy Forwarding screen or click the Edit icon next to a policy.
Chapter 8 Routing 8.5 RIP Routing Information Protocol (RIP, RFC 1058 and RFC 1389) allows a device to exchange routing information with other routers. 8.5.1 The RIP Screen Click Network Setting > Routing > RIP to open the RIP screen. Figure 72 RIP The following table describes the labels in this screen. Table 45 RIP LABEL DESCRIPTION # This is the index of the interface in which the RIP setting is used. Interface This is the name of the interface in which the RIP setting is used.
Chapter 8 Routing 138 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPT ER 9 Quality of Service (QoS) 9.1 Overview Quality of Service (QoS) refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to control the use of bandwidth. Without QoS, all traffic data is equally likely to be dropped when the network is congested. This can cause a reduction in network performance and make the network inadequate for time-critical application such as video-ondemand.
Chapter 9 Quality of Service (QoS) similar types of traffic together and treating each type as a class. You can use CoS to give different priorities to different packet types. CoS technologies include IEEE 802.1p layer 2 tagging and DiffServ (Differentiated Services or DS). IEEE 802.1p tagging makes use of three bits in the packet header, while DiffServ is a new protocol and defines a new DS field, which replaces the eight-bit ToS (Type of Service) field in the IP header.
Chapter 9 Quality of Service (QoS) which are performed on the colored packets. See Section 9.8 on page 152 for more information on each metering algorithm. 9.3 The Quality of Service General Screen Click Network Setting > QoS > General to open the screen as shown next. Use this screen to enable or disable QoS and set the upstream bandwidth. See Section 9.1 on page 139 for more information. Figure 73 Network Settings > QoS > General The following table describes the labels in this screen.
Chapter 9 Quality of Service (QoS) Table 46 Network Setting > QoS > General (continued) (continued) LABEL DESCRIPTION LAN Managed Downstream Bandwidth Enter the amount of downstream bandwidth for the LAN interfaces (including WLAN) that you want to allocate using QoS. The recommendation is to set this speed to match the WAN interfaces’ actual transmission speed. For example, set the LAN managed downstream bandwidth to 100000 kbps if you use a 100 Mbps wired Ethernet WAN connection.
Chapter 9 Quality of Service (QoS) The following table describes the labels in this screen. Table 47 Network Setting > QoS > Queue Setup LABEL DESCRIPTION Add new Queue Click this button to create a new queue entry. # This is the index number of the entry. Status This field displays whether the queue is active or not. A yellow bulb signifies that this queue is active. A gray bulb signifies that this queue is not active. Name This shows the descriptive name of this queue.
Chapter 9 Quality of Service (QoS) Table 48 Queue Setup: Add (continued) LABEL DESCRIPTION Priority Select the priority level (from 1 to 7) of this queue. The smaller the number, the higher the priority level. Traffic assigned to higher priority queues gets through faster while traffic in lower priority queues is dropped if the network is congested. Weight Select the weight (from 1 to 8) of this queue.
Chapter 9 Quality of Service (QoS) Table 49 Network Setting > QoS > Class Setup (continued) LABEL DESCRIPTION DSCP Mark This is the DSCP number added to traffic of this classifier. 802.1P Mark This is the IEEE 802.1p priority level assigned to traffic of this classifier. VLAN ID Tag This is the VLAN ID number assigned to traffic of this classifier. To Queue This is the name of the queue in which traffic of this classifier is put. Modify Click the Edit icon to edit the classifier.
Chapter 9 Quality of Service (QoS) 9.5.1 Add/Edit QoS Class Click Add new Classifier in the Class Setup screen or the Edit icon next to a classifier to open the following screen.
Chapter 9 Quality of Service (QoS) The following table describes the labels in this screen. Table 50 Class Setup: Add/Edit LABEL DESCRIPTION Active Select this to enable this classifier. Class Name Enter a descriptive name of up to 15 printable English keyboard characters, not including spaces. Classification Order Select an existing number for where you want to put this classifier to move the classifier to the number you selected after clicking Apply.
Chapter 9 Quality of Service (QoS) Table 50 Class Setup: Add/Edit (continued) LABEL Service DESCRIPTION This field is available only when you select IP in the Ether Type field. This field simplifies classifier configuration by allowing you to select a predefined application. When you select a predefined application, you do not configure the rest of the filter fields. IP Protocol This field is available only when you select IP in the Ether Type field.
Chapter 9 Quality of Service (QoS) Table 50 Class Setup: Add/Edit (continued) LABEL DESCRIPTION To Queue Index Select a queue that applies to this class. You should have configured a queue in the Queue Setup screen already. Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving. 9.6 The QoS Policer Setup Screen Use this screen to configure QoS policers that allow you to limit the transmission rate of incoming traffic.
Chapter 9 Quality of Service (QoS) 9.6.1 Add/Edit a QoS Policer Click Add new Policer in the Policer Setup screen or the Edit icon next to a policer to show the following screen. Figure 79 Policer Setup: Add/Edit The following table describes the labels in this screen. Table 52 Policer Setup: Add/Edit LABEL DESCRIPTION Active Select the check box to activate this policer. Name Enter the descriptive name of this policer. Meter Type This shows the traffic metering algorithm used in this policer.
Chapter 9 Quality of Service (QoS) Table 52 Policer Setup: Add/Edit LABEL DESCRIPTION Available Class Select a QoS classifier to apply this QoS policer to traffic that matches the QoS classifier. Selected Class Highlight a QoS classifier in the Available Class box and use the > button to move it to the Selected Class box. To remove a QoS classifier from the Selected Class box, select it and use the < button. Apply Click Apply to save your changes.
Chapter 9 Quality of Service (QoS) Table 53 Network Setting > QoS > Monitor (continued) LABEL DESCRIPTION Name This shows the name of the queue. Pass Rate This shows how many packets assigned to this queue are transmitted successfully. Drop Rate This shows how many packets assigned to this queue are dropped. 9.8 Technical Reference The following section contains additional technical information about the Device features described in this chapter. IEEE 802.1Q Tag The IEEE 802.
Chapter 9 Quality of Service (QoS) indicating the level of service desired. This allows the intermediary DiffServ-compliant network devices to handle the packets differently depending on the code points without the need to negotiate paths or remember state information for every flow. In addition, applications do not have to request a particular service or give advanced notice of where the traffic is going.
Chapter 9 Quality of Service (QoS) Table 55 Internal Layer2 and Layer3 QoS Mapping LAYER 2 LAYER 3 PRIORITY QUEUE IEEE 802.1P USER PRIORITY (ETHERNET PRIORITY) TOS (IP PRECEDENCE) DSCP 4 4 2 010110 IP PACKET LENGTH (BYTE) 010100 010010 010000 5 5 3 011110 <250 011100 011010 011000 6 6 4 100110 100100 100010 100000 5 101110 101000 7 7 6 110000 7 111000 Token Bucket The token bucket algorithm uses tokens in a bucket to control when traffic can be transmitted.
Chapter 9 Quality of Service (QoS) Configure the bucket size to be equal to or less than the amount of the bandwidth that the interface can support. It does not help if you set it to a bucket size over the interface’s capability. The smaller the bucket size, the lower the data transmission rate and that may cause outgoing packets to be dropped. A larger transmission rate requires a big bucket size. For example, use a bucket size of 10 kbytes to get the transmission rate up to 10 Mbps.
Chapter 9 Quality of Service (QoS) All packets are evaluated against the PIR. If a packet exceeds the PIR it is marked red. Otherwise it is evaluated against the CIR. If it exceeds the CIR then it is marked yellow. Finally, if it is below the CIR then it is marked green. The following shows how tokens work with incoming packets in trTCM: • A packet arrives.
C HAPTER 10 Network Address Translation (NAT) 10.1 Overview This chapter discusses how to configure NAT on the Device. NAT (Network Address Translation NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network. 10.1.
Chapter 10 Network Address Translation (NAT) NAT In the simplest form, NAT changes the source IP address in a packet received from a subscriber (the inside local address) to another (the inside global address) before forwarding the packet to the WAN side. When the response comes back, NAT translates the destination address (the inside global address) back to the inside local address before forwarding it to the original inside host.
Chapter 10 Network Address Translation (NAT) third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 81 Multiple Servers Behind NAT Example A=192.168.1.33 LAN WAN B=192.168.1.34 192.168.1.1 IP Address assigned by ISP C=192.168.1.3 D=192.168.1.36 Click Network Setting > NAT > Port Forwarding to open the following screen.
Chapter 10 Network Address Translation (NAT) Table 56 Network Setting > NAT > Port Forwarding (continued) LABEL DESCRIPTION Translation End Port This is the last internal port number that identifies a service. Protocol This shows the IP protocol supported by this virtual server, whether it is TCP, UDP, or TCP/ UDP. Modify Click the Edit icon to edit this rule. Click the Delete icon to delete an existing rule. 10.2.
Chapter 10 Network Address Translation (NAT) Table 57 Port Forwarding: Add/Edit (continued) LABEL DESCRIPTION Start Port Enter the original destination port for the packets. To forward only one port, enter the port number again in the End Port field. To forward a series of ports, enter the start port number here and the end port number in the End Port field. End Port Enter the last port of the original destination port range.
Chapter 10 Network Address Translation (NAT) The following table describes the labels in this screen. Table 58 Network Setting > NAT > Applications LABEL DESCRIPTION Add new application Click this to add a new NAT application rule. Application Forwarded This field shows the type of application that the service forwards. WAN Interface This field shows the WAN interface through which the service is forwarded. Server IP Address This field displays the destination IP address for the service.
Chapter 10 Network Address Translation (NAT) 10.4 The Port Triggering Screen Some services use a dedicated range of ports on the client side and a dedicated range of ports on the server side. With regular port forwarding you set a forwarding port in NAT to forward a service (coming in from the server on the WAN) to the IP address of a computer on the client side (LAN). The problem is that port forwarding only forwards a service to a single LAN IP address.
Chapter 10 Network Address Translation (NAT) Click Network Setting > NAT > Port Triggering to open the following screen. Use this screen to view your Device’s trigger port settings. Figure 87 Network Setting > NAT > Port Triggering The following table describes the labels in this screen. Table 60 Network Setting > NAT > Port Triggering LABEL DESCRIPTION Add Click this to create a new rule. # This is the index number of the entry.
Chapter 10 Network Address Translation (NAT) 10.4.1 Add/Edit Port Triggering Rule This screen lets you create new port triggering rules. Click Add new rule in the Port Triggering screen or click a rule’s Edit icon to open the following screen. Figure 88 Port Triggering: Add/Edit The following table describes the labels in this screen. Table 61 Port Triggering: Configuration Add/Edit LABEL DESCRIPTION Active Select the check box to enable this rule.
Chapter 10 Network Address Translation (NAT) 10.5 The DMZ Screen In addition to the servers for specified services, NAT supports a default server IP address. A default server receives packets from ports that are not specified in the NAT Port Forwarding Setup screen. Figure 89 Network Setting > NAT > DMZ The following table describes the fields in this screen.
Chapter 10 Network Address Translation (NAT) The following table describes the fields in this screen. Table 63 Network Setting > NAT > ALG LABEL DESCRIPTION NAT ALG Enable this to make sure applications such as FTP and file transfer in IM applications work correctly with port-forwarding and address-mapping rules. SIP ALG Enable this to make sure SIP (VoIP) works correctly with port-forwarding and addressmapping rules.
Chapter 10 Network Address Translation (NAT) Table 64 Network Setting > NAT > Address Mapping (continued) LABEL DESCRIPTION Type This is the address mapping type. One-to-One: This mode maps one local IP address to one global IP address. Note that port numbers do not change for the One-to-one NAT mapping type. Many-to-One: This mode maps multiple local IP addresses to one global IP address. This is equivalent to SUA (i.e.
Chapter 10 Network Address Translation (NAT) Table 65 Address Mapping: Add/Edit (continued) LABEL DESCRIPTION Global End IP Enter the ending Inside Global IP Address (IGA). This field is blank for One-to-One and Many-to-One mapping types. Set Select the number of the mapping set for which you want to configure. OK Click OK to save your changes. Cancel Click Cancel to exit this screen without saving. 10.
Chapter 10 Network Address Translation (NAT) 10.9 The Sessions Screen Use this screen to limit the number of concurrent NAT sessions a client can use. Click Network Setting > NAT > Sessions to display the following screen. Figure 94 Network Setting > NAT > Sessions The following table describes the fields in this screen. Table 67 Network Setting > NAT > Sessions LABEL DESCRIPTION WAX NAT Session Per Host Use this field to set a limit to the number of concurrent NAT sessions each client host can have.
Chapter 10 Network Address Translation (NAT) Note that inside/outside refers to the location of a host, while global/local refers to the IP address of a host used in a packet. Thus, an inside local address (ILA) is the IP address of an inside host in a packet when the packet is still in the local network, while an inside global address (IGA) is the IP address of the same inside host when the packet is on the WAN side. The following table summarizes this information.
Chapter 10 Network Address Translation (NAT) 10.10.3 How NAT Works Each packet has two addresses – a source address and a destination address. For outgoing packets, the ILA (Inside Local Address) is the source address on the LAN, and the IGA (Inside Global Address) is the source address on the WAN. For incoming packets, the ILA is the destination address on the LAN, and the IGA is the destination address on the WAN.
Chapter 10 Network Address Translation (NAT) 10.10.4 NAT Application The following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP alias) behind the Device can communicate with three distinct WAN networks. Figure 96 NAT Application With IP Alias Port Forwarding: Services and Port Numbers The most often used port numbers are shown in the following table. Please refer to RFC 1700 for further information about port numbers.
Chapter 10 Network Address Translation (NAT) Port Forwarding Example Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 97 Multiple Servers Behind NAT Example A=192.168.1.33 192.168.1.1 B=192.168.1.
C HAPTER 11 Dynamic DNS Setup 11.1 Overview DNS DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a machine before you can access it. In addition to the system DNS server(s), each WAN interface (service) is set to have its own static or dynamic DNS server list.
Chapter 11 Dynamic DNS Setup 11.1.2 What You Need To Know DYNDNS Wildcard Enabling the wildcard feature for your host causes *.yourhost.dyndns.org to be aliased to the same IP address as yourhost.dyndns.org. This feature is useful if you want to be able to use, for example, www.yourhost.dyndns.org and still reach your hostname. If you have a private WAN IP address, then you cannot use Dynamic DNS. 11.2 The DNS Entry Screen Use this screen to view and configure DNS routes on the Device.
Chapter 11 Dynamic DNS Setup 11.2.1 Add/Edit DNS Entry You can manually add or edit the Device’s DNS name and IP address entry. Click Add new DNS entry in the DNS Entry screen or the Edit icon next to the entry you want to edit. The screen shown next appears. Figure 99 DNS Entry: Add/Edit The following table describes the labels in this screen. Table 71 DNS Entry: Add/Edit LABEL DESCRIPTION Host Name Enter the host name of the DNS entry. IP Address Enter the IP address of the DNS entry.
Chapter 11 Dynamic DNS Setup The following table describes the fields in this screen. Table 72 Network Setting > DNS > > Dynamic DNS LABEL DESCRIPTION Dynamic DNS Select Enable to use dynamic DNS. Service Provider Select your Dynamic DNS service provider from the drop-down list box. Hostname Type the domain name assigned to your Device by your Dynamic DNS provider. You can specify up to two host names in the field separated by a comma (","). 178 Username Type your user name.
C HAPTER 12 Interface Group 12.1 Overview By default, all LAN and WAN interfaces on the Device are in the same group and can communicate with each other. Create interface groups to have the Device assign the IP addresses in different domains to different groups. Each group acts as an independent network on the Device. This lets devices connected to an interface group’s LAN interfaces communicate through the interface group’s WAN or LAN interfaces but not other WAN or LAN interfaces. 12.1.
Chapter 12 Interface Group In the following example, the client that sends packets with the DHCP Vendor ID option set to MSFT 5.0 (meaning it is a Windows 2000 DHCP client) is assigned the IP address 192.168.2.2 and uses the WAN VDSL_PoE/ppp0.1 interface. Figure 101 Interface Grouping Application Default: ETH 2~4 192.168.1.x/24 eth10.0 Internet VDSL_PoE/ppp0.1 192.168.2.x/24 DHCP Vendor ID option: MSFT 5.0 Click Network Setting > Interface Group to open the following screen.
Chapter 12 Interface Group Note: An interface can belong to only one group at a time. Figure 103 Interface Group Configuration The following table describes the fields in this screen. Table 74 Interface Group Configuration LABEL DESCRIPTION Group Name Enter a name to identify this group. You can enter up to 30 characters. You can use letters, numbers, hyphens (-) and underscores (_). Spaces are not allowed. WAN Interface used in the grouping Select the WAN interface this group uses.
Chapter 12 Interface Group Table 74 Interface Group Configuration (continued) LABEL DESCRIPTION # This shows the index number of the rule. Filter Criteria This shows the filtering criteria. The LAN interface on which the matched traffic is received will belong to this group automatically. WildCard Support This shows if wildcard on DHCP option 60 is enabled. Remove Click the Remove icon to delete this rule from the Device. Apply Click Apply to save your changes back to the Device.
Chapter 12 Interface Group Table 75 Interface Grouping Criteria (continued) LABEL DESCRIPTION DHCP Option 61 Select this and enter the device identity of the matched traffic. IAID Enter the Identity Association Identifier (IAID) of the device, for example, the WAN connection index number. DUID type Select DUID-LLT (DUID Based on Link-layer Address Plus Time) to enter the hardware type, a time value and the MAC address of the device.
Chapter 12 Interface Group 184 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPTER 13 USB Service 13.1 Overview You can share files on a USB memory stick or hard drive connected to your Device with users on your network. The following figure is an overview of the Device’s file server feature. Computers A and B can access files on a USB device (C) which is connected to the Device. Figure 105 File Sharing Overview B C A The Device will not be able to join the workgroup if your local area network has restrictions set up that do not allow devices to join a workgroup.
Chapter 13 USB Service 13.1.2.1 About File Sharing Workgroup name This is the name given to a set of computers that are connected on a network and share resources such as a printer or files. Windows automatically assigns the workgroup name when you set up a network. Shares When settings are set to default, each USB device connected to the Device is given a folder, called a “share”. If a USB hard drive connected to the Device has more than one partition, then each partition will be allocated a share.
Chapter 13 USB Service Supported OSs Your operating system must support TCP/IP ports for printing and be compatible with the RAW (port 9100) protocol. The following OSs support Device’s printer sharing feature. • Microsoft Windows 95, Windows 98 SE (Second Edition), Windows Me, Windows NT 4.0, Windows 2000, Windows XP or Macintosh OS X. 13.1.3 Before You Begin Make sure the Device is connected to your network and turned on. 1 Connect the USB device to one of the Device’s USB port.
Chapter 13 USB Service 13.2 The File Sharing Screen Use this screen to set up file sharing through the Device. The Device’s LAN users can access the shared folder (or share) from the USB device inserted in the Device. To access this screen, click Network Setting > USB Service > File Sharing. Figure 106 Network Setting > USB Service > File Sharing Each field is described in the following table.
Chapter 13 USB Service Table 76 Network Setting > Home Networking > File Sharing LABEL DESCRIPTION Share Name This field shows the name of a folder that is shared through the Device. Share Path This field shows the location of the share in the Device. Share Description This field shows a short description of the share. Modify Click the Edit icon to modify the share. Click the Delete icon to remove the share from the Device.
Chapter 13 USB Service Table 77 Network Setting > Home Networking > File Sharing > Add new share LABEL DESCRIPTION Access Level Select Public to allow all users on the network to access the shared files. Select Security to require users to log in to access shared files. Set up user accounts in the Account Management section. Apply Click this to save your changes to the Device. Back Click this to return to the previous screen. 13.2.
Chapter 13 USB Service media clients (like Windows Media Player). The Digital Living Network Alliance (DLNA) is a group of personal computer and electronics companies that works to make products compatible in a home network. The Device media server enables you to: • Publish all shares for everyone to play media files in the USB storage device connected to the Device. • Use hardware-based media clients like the DMA-2500 to play the files.
Chapter 13 USB Service • A USB printer with the driver already installed on your computer. • The computers on your network must have the printer software already installed before they can create a TCP/IP port for printing via the network. Follow your printer manufacturers instructions on how to install the printer software on your computer. Note: Your printer’s installation instructions may ask that you connect the printer to your computer. Connect your printer to the Device instead. 13.4.
C HAPTER 14 Power Management 14.1 Overview Power management allows you to turn on/off one or more interfaces and all LED lights without power off the whole system when necessary. You can configure a schedule to do so automatically or manually do it on the Web Configurator. 14.1.1 What You Can Do in this Chapter • Use the Power Management screen to manually turn on/off interface(s) and/or LEDs (Section 14.2 on page 193).
Chapter 14 Power Management Each field is described in the following table. Table 81 Network Setting > Power Management LABEL DESCRIPTION Manually Switch On/Off Select POWER ON or POWER OFF to turn on/off the interface or LED lights. Apply Click Apply to save your changes. Cancel Click Cancel to restore your previously saved settings. 14.3 The Auto Switch Off Screen Use this screen to view schedules to turn on or off specific interface(s) and/or all LED lights on the Device.
Chapter 14 Power Management 14.3.1 The Auto Switch Off Add/Edit Screen Use this screen to manage the auto switch off schedules. To access this screen, click the Add or modify rules link in the Network Setting > Power Management > Auto Switch Off screen. Figure 113 Network Setting > Power Managment > Auto Switch Off > Add or modify rules The following table describes the labels in this menu.
Chapter 14 Power Management Each field is described in the following table. Table 84 Network Setting > Power Management > Auto Switch Off > Add or modify rules > Add new rule/Edit> LABEL DESCRIPTION Rule Name Type up to 31 alphanumberic characters for the name of this rule. Day Select the week day(s) of the schedule. Time of Day Range Enter the From and To times (in hh:mm format) to set a time period for the schedule. You can only enter a time period between 00:00 and 23:59.
C HAPTER 15 Firewall 15.1 Overview This chapter shows you how to enable and configure the Device’s security settings. Use the firewall to protect your Device and network from attacks by hackers on the Internet and control access to it. By default the firewall: • allows traffic that originates from your LAN computers to go to all other networks. • blocks traffic that originates on other networks from going to the LAN. The following figure illustrates the default firewall action.
Chapter 15 Firewall 15.1.2 What You Need to Know SYN Attack A SYN attack floods a targeted system with a series of SYN packets. Each packet causes the targeted system to issue a SYN-ACK response. While the targeted system waits for the ACK that follows the SYN-ACK, it queues up all outstanding SYN-ACK responses on a backlog queue. SYNACKs are moved off the queue only when an ACK comes back or when an internal timer terminates the three-way handshake.
Chapter 15 Firewall 15.2 The Firewall Screen Use this screen to set the security level of the firewall on the Device. Firewall rules are grouped based on the direction of travel of packets to which they apply. Click Security > Firewall to display the General screen. Figure 116 Security > Firewall > General The following table describes the labels in this screen. Table 85 Security > Firewall > General LABEL DESCRIPTION Firewall Select Enable to activate the firewall feature on the Device.
Chapter 15 Firewall Click Security > Firewall > Protocol to display the following screen. Figure 117 Security > Firewall > Protocol The following table describes the labels in this screen. Table 86 Security > Firewall > Protocol LABEL DESCRIPTION Add new service entry Click this to add a new service. Name This is the name of your customized service. Description This is the description of your customized service.
Chapter 15 Firewall The following table describes the labels in this screen. Table 87 Service: Add/Edit LABEL DESCRIPTION Protocol Choose the IP protocol (TCP, UDP, ICMP, or Other) that defines your customized port from the drop-down list box. Select Other to be able to enter a protocol number. Source/ These fields are displayed if you select TCP or UDP as the IP port. Destination Port Select Single to specify one port only or Range to specify a span of ports that define your customized service.
Chapter 15 Firewall Table 88 Security > Firewall > Access Control (continued) LABEL DESCRIPTION Name This displays the name of the rule. Src IP This displays the source IP addresses to which this rule applies. Please note that a blank source address is equivalent to Any. Dst IP This displays the destination IP addresses to which this rule applies. Please note that a blank destination address is equivalent to Any.
Chapter 15 Firewall The following table describes the labels in this screen. Table 89 Access Control: Add/Edit LABEL DESCRIPTION Filter Name Enter a descriptive name of up to 16 alphanumeric characters, not including spaces, underscores, and dashes. You must enter the filter name to add an ACL rule. This field is read-only if you are editing the ACL rule. Order Select the order of the ACL rule. Select Source Device Select the source device to which the ACL rule applies.
Chapter 15 Firewall 15.5 The DoS Screen DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and connection requests, using so much bandwidth and so many resources that Internet access becomes unavailable. Use the DoS screen to activate protection against DoS attacks. Click Security > Firewall > DoS to display the following screen. Figure 121 Security > Firewall > DoS The following table describes the labels in this screen.
C HAPTER 16 MAC Filter 16.1 Overview You can configure the Device to permit access to clients based on their MAC addresses in the MAC Filter screen. This applies to wired and wireless connections. Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. You need to know the MAC addresses of the devices to configure this screen. 16.
Chapter 16 MAC Filter The following table describes the labels in this screen. Table 91 Security > MAC Filter LABEL DESCRIPTION MAC Address Filter Select Enable to activate the MAC filter function. Set This is the index number of the MAC address. Allow Select Allow to permit access to the Device. MAC addresses not listed will be denied access to the Device. If you clear this, the MAC Address field for this set clears.
C HAPTER 17 Parental Control 17.1 Overview Parental control allows you to block web sites with the specific URL. You can also define time periods and days during which the Device performs parental control on a specific user. 17.2 The Parental Control Screen Use this screen to enable parental control, view the parental control rules and schedules. Click Security > Parental Control to open the following screen. Figure 123 Security > Parental Control The following table describes the fields in this screen.
Chapter 17 Parental Control Table 92 Security > Parental Control (continued) LABEL DESCRIPTION Internet Access Schedule This shows the day(s) and time on which parental control is enabled. Network Service This shows whether the network service is configured. If not, None will be shown. Website Block This shows whether the website block is configured. If not, None will be shown. Modify Click the Edit icon to go to the screen where you can edit the rule.
Chapter 17 Parental Control The following table describes the fields in this screen. Table 93 Parental Control Rule: Add/Edit LABEL DESCRIPTION General Active Select the checkbox to activate this parental control rule. Parental Control Profile Name Enter a descriptive name for the rule. Home Network User Select the LAN user that you want to apply this rule to from the drop-down list box. If you select Custom, enter the LAN user’s MAC address. If you select All, the rule applies to all LAN users.
Chapter 17 Parental Control 210 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPTER 18 Scheduler Rule 18.1 Overview You can define time periods and days during which the Device performs scheduled rules of certain features (such as Firewall Access Control) in the Scheduler Rule screen. 18.2 The Scheduler Rule Screen Use this screen to view, add, or edit time schedule rules. Click Security > Scheduler Rule to open the following screen. Figure 125 Security > Scheduler Rule The following table describes the fields in this screen.
Chapter 18 Scheduler Rule 18.2.1 Add/Edit a Schedule Click the Add button in the Scheduler Rule screen or click the Edit icon next to a schedule rule to open the following screen. Use this screen to configure a restricted access schedule. Figure 126 Scheduler Rule: Add/Edit The following table describes the fields in this screen. Table 95 Scheduler Rule: Add/Edit 212 LABEL DESCRIPTION Rule Name Enter a name (up to 31 printable English keyboard characters, not including spaces) for this schedule.
C HAPTER 19 Certificates 19.1 Overview The Device can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner’s identity and public key. Certificates provide a way to exchange public keys for use in authentication. 19.1.1 What You Can Do in this Chapter • The Local Certificates screen lets you generate certification requests and import the Device's CA-signed certificates (Section 19.4 on page 216).
Chapter 19 Certificates The following table describes the labels in this screen. Table 96 Security > Certificates > Local Certificates LABEL DESCRIPTION Private Key is protected by a password Select the checkbox and enter the private key into the text box to store it on the Device. The private key should not exceed 63 ASCII characters (not including spaces). Browse... Click this to find the certificate file you want to upload.
Chapter 19 Certificates The following table describes the labels in this screen. Table 97 Create Certificate Request LABEL DESCRIPTION Certificate Name Type up to 63 ASCII characters (not including spaces) to identify this certificate. Common Name Select Auto to have the Device configure this field automatically. Or select Customize to enter it manually. Type the IP address (in dotted decimal notation), domain name or e-mail address in the field provided.
Chapter 19 Certificates Note: You must remove any spaces from the certificate’s filename before you can import it. Figure 130 Load Signed Certificate The following table describes the labels in this screen. Table 98 Load Signed Certificate LABEL DESCRIPTION Certificate Name This is the name of the signed certificate. Certificate Copy and paste the signed certificate into the text box to store it on the Device. Apply Click Apply to save your changes.
Chapter 19 Certificates being trustworthy; thus you do not need to import any certificate that is signed by one of these certification authorities. Figure 131 Security > Certificates > Trusted CA The following table describes the fields in this screen. Table 99 Security > Certificates > Trusted CA LABEL DESCRIPTION Import Certificate Click this button to open a screen where you can save the certificate of a certification authority that you trust to the Device. # This is the index number of the entry.
Chapter 19 Certificates 19.4.1 View Trusted CA Certificate Click the View icon in the Trusted CA screen to open the following screen. Use this screen to view in-depth information about the certification authority’s certificate. Figure 132 Trusted CA: View The following table describes the fields in this screen. Table 100 Trusted CA: View LABEL DESCRIPTION Name This field displays the identifying name of this certificate. Type This field displays general information about the certificate.
Chapter 19 Certificates 19.4.2 Import Trusted CA Certificate Click the Import Certificate button in the Trusted CA screen to open the following screen. The Device trusts any valid certificate signed by any of the imported trusted CA certificates. Figure 133 Trusted CA: Import Certificate The following table describes the fields in this screen.
Chapter 19 Certificates 220 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPTER 20 VPN 20.1 Overview A virtual private network (VPN) provides secure communications over the the Internet. Internet Protocol Security (IPSec) is a standards-based VPN that provides confidentiality, data integrity, and authentication. This chapter shows you how to configure the Device’s VPN settings. 20.2 The IPSec VPN General Screen Use this screen to view and manage your VPN tunnel policies. The following figure helps explain the main fields in the web configurator.
Chapter 20 VPN This screen contains the following fields: Table 102 Security > IPSec VPN LABEL DESCRIPTION Add New Connection Click this button to add an item to the list. # This displays the index number of an entry. Status This displays whether the VPN policy is enabled (Enable) or not (Disable). Connection Name The name of the VPN policy. Remote Gateway This is the IP address of the remote IPSec router in the IKE SA.
Chapter 20 VPN Figure 136 Security > IPSec VPN: Add/Edit This screen contains the following fields: Table 103 Security > IPSec VPN: Add/Edit LABEL DESCRIPTION Active Select this to activate this VPN policy. IPSec Connection Name Enter the name of the VPN policy. Remote IPSec Gateway Address Enter the IP address of the remote IPSec router in the IKE SA. Tunnel access from local IP addresses Select Single Address to have only one local LAN IP address use the VPN tunnel.
Chapter 20 VPN Table 103 Security > IPSec VPN: Add/Edit LABEL DESCRIPTION IP Address for VPN If Single Address is selected, enter a (static) IP address on the LAN behind your Device. If Subnet is selected, specify IP addresses on a network by their subnet mask by entering a (static) IP address on the LAN behind your Device. Then enter the subnet mask to identify the network address. IP Subnetmask If Subnet is selected, enter the subnet mask to identify the network address.
Chapter 20 VPN Table 103 Security > IPSec VPN: Add/Edit LABEL DESCRIPTION Local ID Content When you select IP in the Local ID Type field, type the IP address of your computer in this field. If you configure this field to 0.0.0.0 or leave it blank, the Device automatically uses the Pre-Shared Key (refer to the Pre-Shared Key field description). It is recommended that you type an IP address other than 0.0.0.0 in this field or use the DNS or E-mail type in the following situations.
Chapter 20 VPN Table 103 Security > IPSec VPN: Add/Edit LABEL DESCRIPTION Encryption Algorithm Select which key size and encryption algorithm to use in the IKE SA.
Chapter 20 VPN Table 103 Security > IPSec VPN: Add/Edit LABEL DESCRIPTION Perfect Forward Secrecy (PFS) Select whether or not you want to enable Perfect Forward Secrecy (PFS) PFS changes the root key that is used to generate encryption keys for each IPSec SA. The longer the key, the more secure the encryption, but also the longer it takes to encrypt and decrypt information. Both routers must use the same DH key group. Choices are: None - do not use any random number.
Chapter 20 VPN 20.4 The IPSec VPN Monitor Screen Use this screen to check your VPN tunnel’s current status. You can also manually trigger a VPN tunnel to the remote network. Click Security > IPSec VPN > Monitor to open this screen as shown next. Figure 137 Security > IPSec VPN > Monitor This screen contains the following fields: Table 104 Security > IPSec VPN > Monitor LABEL DESCRIPTION Refresh Interval Select how often you want the Device to update this screen.
Chapter 20 VPN Figure 138 IPSec Architecture IPSec Algorithms The ESP (Encapsulating Security Payload) Protocol (RFC 2406) and AH (Authentication Header) protocol (RFC 2402) describe the packet formats and the default standards for packet structure (including implementation algorithms). The Encryption Algorithm describes the use of encryption techniques such as DES (Data Encryption Standard) and Triple DES algorithms.
Chapter 20 VPN Transport Mode Transport mode is used to protect upper layer protocols and only affects the data in the IP packet. In Transport mode, the IP packet contains the security protocol (AH or ESP) located after the original IP header and options, but before any upper layer protocols contained in the packet (such as TCP and UDP). With ESP, protection is applied only to the upper layer protocols contained in the packet.
Chapter 20 VPN Figure 140 Two Phases to Set Up the IPSec SA In phase 1 you must: • Choose a negotiation mode. • Authenticate the connection by entering a pre-shared key. • Choose an encryption algorithm. • Choose an authentication algorithm. • Choose a Diffie-Hellman public-key cryptography key group. • Set the IKE SA lifetime. This field allows you to determine how long an IKE SA should stay up before it times out. An IKE SA times out when the IKE SA lifetime period expires.
Chapter 20 VPN • Aggressive Mode is quicker than Main Mode because it eliminates several steps when the communicating parties are negotiating authentication (phase 1). However the trade-off is that faster speed limits its negotiating power and it also does not provide identity protection. It is useful in remote access situations where the address of the initiator is not know by the responder and both parties want to use pre-shared key authentication. 20.5.
Chapter 20 VPN Figure 141 NAT Router Between IPSec Routers B A Normally you cannot set up an IKE SA with a NAT router between the two IPSec routers because the NAT router changes the header of the IPSec packet. NAT traversal solves the problem by adding a UDP port 500 header to the IPSec packet. The NAT router forwards the IPSec packet with the UDP port 500 header unchanged.
Chapter 20 VPN The type of ID can be a domain name, an IP address or an e-mail address. The content is the IP address, domain name, or e-mail address. Table 107 Local ID Type and Content Fields LOCAL ID TYPE= CONTENT= IP Type the IP address of your computer. DNS Type a domain name (up to 31 characters) by which to identify this Device. E-mail Type an e-mail address (up to 31 characters) by which to identify this Device.
C HAPTER 21 Voice 21.1 Overview Use this chapter to: • Connect an analog phone to the Device. • Make phone calls over the Internet, as well as the regular phone network. • Configure settings such as speed dial. • Configure network settings to optimize the voice quality of your phone calls. 21.1.1 What You Can Do in this Chapter These screens allow you to configure your Device to make phone calls over the Internet and your regular phone line, and to set up the phones you connect to the Device.
Chapter 21 Voice 21.1.2 What You Need to Know About VoIP VoIP VoIP stands for Voice over IP. IP is the Internet Protocol, which is the message-carrying standard the Internet runs on. So, Voice over IP is the sending of voice signals (speech) over the Internet (or another network that uses the Internet Protocol). SIP SIP stands for Session Initiation Protocol. SIP is a signalling standard that lets one network device (like a computer or the Device) send messages to another.
Chapter 21 Voice call, you need to enable and configure a SIP account, and map it to a phone port. The SIP account contains information that allows your Device to connect to your VoIP service provider. See Section 21.3.1 on page 237 for how to map a SIP account to a phone port. Use this screen to view SIP account information. You can also enable and disable each SIP account. To access this screen, click VoIP > SIP > SIP Account.
Chapter 21 Voice Note: Click more to see all the fields in the screen. You don’t necessarily need to use all these fields to set up your account. Click less to see and configure only the fields needed for this feature. Figure 143 VoIP > SIP > SIP Account > Add new accoun/Edit Each field is described in the following table.
Chapter 21 Voice Table 111 VoIP > SIP > SIP Account > Add new accoun/Edit (continued) LABEL DESCRIPTION Apply To Phone Select a phone port on which you want to make or receive phone calls for this SIP account. If you map a phone port to more than one SIP account, there is no way to distinguish between the SIP accounts when you receive phone calls. The Device uses the most recently registered SIP account first when you make an outgoing call.
Chapter 21 Voice Table 111 VoIP > SIP > SIP Account > Add new accoun/Edit (continued) LABEL DESCRIPTION Send Caller ID Select this if you want to send identification when you make VoIP phone calls. Clear this if you do not want to send identification. Enable Call Transfer Select this to enable call transfer on the Device. This allows you to transfer an incoming call (that you have answered) to another phone. Enable Call Waiting Select this to enable call waiting on the Device.
Chapter 21 Voice Table 111 VoIP > SIP > SIP Account > Add new accoun/Edit (continued) LABEL DESCRIPTION Warm Line Select this to have the Device dial the specified warm line number after you pick up the telephone and do not press any keys on the keypad for a period of time. Hot Line Select this to have the Device dial the specified hot line number immediately when you pick up the telephone. Hot Line / Warm Line number Enter the number of the hot line or warm line that you want the Device to dial.
Chapter 21 Voice Each field is described in the following table. Table 112 VoIP > SIP > SIP Service Provider LABEL DESCRIPTION Add new provider # This is the index number of the entry. SIP Service Provider Name This shows the name of the SIP service provider. SIP Server Address This shows the IP address or domain name of the SIP server. REGISTER Server Address This shows the IP address or domain name of the SIP register server. SIP Service Domain This shows the SIP service domain name.
Chapter 21 Voice Note: Click more to see all the fields in the screen. You don’t necessarily need to use all these fields to set up your account. Click less to see and configure only the fields needed for this feature. Figure 145 VoIP > SIP > SIP Service Provider > Add new provider/Edit Each field is described in the following table.
Chapter 21 Voice Table 113 VoIP > SIP > SIP Service Provider > Add new provider/Edit (continued) LABEL DESCRIPTION SIP Server Address Enter the IP address or domain name of the SIP server provided by your VoIP service provider. You can use up to 95 printable ASCII characters. It does not matter whether the SIP server is a proxy, redirect or register server. SIP Server Port Enter the SIP server’s listening port number, if your VoIP service provider gave you one. Otherwise, keep the default value.
Chapter 21 Voice Table 113 VoIP > SIP > SIP Service Provider > Add new provider/Edit (continued) LABEL DESCRIPTION Bound Interface Name If you select LAN or Any_WAN, the Device automatically activates the VoIP service when any LAN or WAN connection is up. If you select Multi_WAN, you also need to select two or more pre-configured WAN interfaces. The VoIP service is activated only when one of the selected WAN connections is up.
Chapter 21 Voice Table 113 VoIP > SIP > SIP Service Provider > Add new provider/Edit (continued) LABEL DESCRIPTION Ignore Direct IP Select Enable to have the connected CPE devices accept SIP requests only from the SIP proxy/register server specified above. SIP requests sent from other IP addresses will be ignored. FAX Option This field controls how the Device handles fax messages. G711 Fax Passthrough Select this if the Device should use G.711 to send fax messages.
Chapter 21 Voice Table 113 VoIP > SIP > SIP Service Provider > Add new provider/Edit (continued) LABEL DESCRIPTION No Answer Call Forward Enable Enter the key combinations that you can enter to forward incoming calls to the phone number you specified in the SIP > SIP Account screen if the calls are unanswered. No Answer Call Forward Disable Enter the key combinations that you can enter to turn the no answer call forward function off.
Chapter 21 Voice 21.4.2 Dial Plan Rules A dial plan defines the dialing patterns, such as the length and range of the digits for a telephone number. It also includes country codes, access codes, area codes, local numbers, long distance numbers or international call prefixes. For example, the dial plan ([2-9]xxxxxx) does not allow a local number which begins with 1 or 0.
Chapter 21 Voice 21.5 The Phone Screen Use this screen to maintain settings that depend on which region of the world the Device is in. To access this screen, click VoIP > Phone. Figure 146 VoIP > Phone Each field is described in the following table. Table 114 VoIP > Phone LABEL DESCRIPTION Region Settings Select the place in which the Device is located.
Chapter 21 Voice rule, you can use a shortcut (the speed dial number, #01 for example) on your phone's keypad to call the phone number. Figure 147 VoIP > Call Rule Each field is described in the following table. Table 115 VoIP > Call Rule LABEL DESCRIPTION Clear all speed dials Click this to erase all the speed-dial entries on this screen. Keys This field displays the speed-dial number you should dial to use this entry.
Chapter 21 Voice Each field is described in the following table. Table 116 VoIP > Call History > Call History Summary LABEL DESCRIPTION Refresh Click this button to renew the call history list. Clear All Click this button to remove all entries from the call history list. # This is a read-only index number. Date This is the date when the calls were made. Total Calls This displays the total number of calls from or to your SIP numbers that day.
Chapter 21 Voice Click VoIP > Call History > Call History Incoming Calls. The following screen displays. Figure 150 VoIP > Call History > Call History Incoming Calls Each field is described in the following table. Table 118 VoIP > Call History > Call History Incoming LABEL DESCRIPTION Refresh Click this button to renew the received call list. Clear All Click this button to remove all entries from the received call list. # This is a read-only index number.
Chapter 21 Voice way similar to the way an e-mail address identifies an e-mail account. The format of a SIP identity is SIP-Number@SIP-Service-Domain. SIP Number The SIP number is the part of the SIP URI that comes before the “@” symbol. A SIP number can use letters like in an e-mail address (johndoe@your-ITSP.com for example) or numbers like a telephone number (1122334455@VoIP-provider.com for example).
Chapter 21 Voice SIP User Agent A SIP user agent can make and receive VoIP telephone calls. This means that SIP can be used for peer-to-peer communications even though it is a client-server protocol. In the following figure, either A or B can act as a SIP user agent client to initiate a call. A and B can also both act as a SIP user agent to receive the call. Figure 151 SIP User Agent SIP Proxy Server A SIP proxy server receives requests from clients and forwards them to another server.
Chapter 21 Voice In the following example, you want to use client device A to call someone who is using client device C. 1 Client device A sends a call invitation for C to the SIP redirect server (B). 2 The SIP redirect server sends the invitation back to A with C’s IP address (or domain name). 3 Client device A then sends the call invitation to client device C.
Chapter 21 Voice SIP Call Progression The following figure displays the basic steps in the setup and tear down of a SIP call. A calls B. Table 119 SIP Call Progression A B 1. INVITE 2. Ringing 3. OK 4. ACK 5.Dialogue (voice traffic) 6. BYE 7. OK 1 A sends a SIP INVITE request to B. This message is an invitation for B to participate in a SIP telephone call. 2 B sends a response indicating that the telephone is ringing. 3 B sends an OK response after the call is answered.
Chapter 21 Voice The following figure shows the SIP and session traffic flow between the user agents (UA 1 and UA 2) and the proxy servers (this example shows two proxy servers, PROXY 1 and PROXY 2). Figure 154 SIP Call Through Proxy Servers PROXY 1 PROXY 2 SIP SIP SIP SIP & RTP UA 1 UA 2 The following table shows the SIP call progression.
Chapter 21 Voice 5 User Agent 2 sends an OK response to Proxy 2 after the call is answered. This is also relayed back to User Agent 1 via Proxy 1. 6 User Agent 1 and User Agent 2 exchange RTP packets containing voice data directly, without involving the proxies. 7 When User Agent 2 hangs up, he sends a BYE request. 8 User Agent 1 replies with an OK response confirming receipt of the BYE request, and the call is terminated.
Chapter 21 Voice Custom Tones (IVR) IVR (Interactive Voice Response) is a feature that allows you to use your telephone to interact with the Device. The Device allows you to record custom tones for the Early Media and Music On Hold functions. The same recordings apply to both the caller ringing and on hold tones.
Chapter 21 Voice You can continue to add, listen to, or delete tones, or you can hang up the receiver when you are done. 21.10.1 Quality of Service (QoS) Quality of Service (QoS) refers to both a network's ability to deliver data with minimum delay, and the networking methods used to provide bandwidth for real-time multimedia applications.
Chapter 21 Voice • Call Return • Call Hold • Call Waiting • Making a Second Call • Call Transfer • Call Forwarding • Three-Way Conference • Internal Calls • Call Park and Pickup • Do not Disturb • IVR • Call Completion • CCBS • Outgoing SIP Note: To take full advantage of the supplementary phone services available through the Device's phone ports, you may need to subscribe to the services from your VoIP service provider. 21.10.2.
Chapter 21 Voice Table 122 European Flash Key Commands COMMAND SUB-COMMAND DESCRIPTION Flash 2 1. Switch back and forth between two calls. 2. Put a current call on hold to answer an incoming call. 3. Separate the current three-way conference call into two individual calls (one is on-line, the other is on hold). Flash 3 Create three-way conference connection. Flash *98# Transfer the call to another phone.
Chapter 21 Voice European Three-Way Conference Use the following steps to make three-way conference calls. 1 When you are on the phone talking to someone, press the flash key to put the caller on hold and get a dial tone. 2 Dial a phone number directly to make another call. 3 When the second call is answered, press the flash key and press “3” to create a three-way conversation. 4 Hang up the phone to drop the connection.
Chapter 21 Voice USA Call Transfer Do the following to transfer an incoming call (that you have answered) to another phone. 1 Press the flash key to put the caller on hold. 2 When you hear the dial tone, dial “*98#” followed by the number to which you want to transfer the call. 3 After you hear the ring signal or the second party answers it, hang up the phone. USA Three-Way Conference Use the following steps to make three-way conference calls.
Chapter 21 Voice Table 124 Phone Functions Summary ACTION FUNCTION DESCRIPTION *82 One Shot Caller Display Call Activate or deactivate caller ID for the next call only.
Chapter 21 Voice 266 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPTER 22 Log 22.1 Overview The web configurator allows you to choose which categories of events and/or alerts to have the Device log and then display the logs or have the Device send them to an administrator (as e-mail) or to a syslog server. 22.1.1 What You Can Do in this Chapter • Use the System Log screen to see the system logs (Section 22.2 on page 268). • Use the Security Log screen to see the security-related logs for the categories that you select (Section 22.3 on page 269). 22.1.
Chapter 22 Log Table 125 Syslog Severity Levels CODE SEVERITY 5 Notice: There is a normal but significant condition on the system. 6 Informational: The syslog contains an informational message. 7 Debug: The message is intended for debug-level purposes. 22.2 The System Log Screen Use the System Log screen to see the system logs. Click System Monitor > Log to open the System Log screen. Figure 156 System Monitor > Log > System Log The following table describes the fields in this screen.
Chapter 22 Log 22.3 The Security Log Screen Use the Security Log screen to see the security-related logs for the categories that you select. Click System Monitor > Log > Security Log to open the following screen. Figure 157 System Monitor > Log > Security Log The following table describes the fields in this screen. Table 127 System Monitor > Log > Security Log LABEL DESCRIPTION Level Select a severity level from the drop-down list box.
Chapter 22 Log 270 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPTER 23 Traffic Status 23.1 Overview Use the Traffic Status screens to look at network traffic status and statistics of the WAN, LAN interfaces and NAT. 23.1.1 What You Can Do in this Chapter • Use the WAN screen to view the WAN traffic statistics (Section 23.2 on page 271). • Use the LAN screen to view the LAN traffic statistics (Section 23.3 on page 273). • Use the NAT screen to view the NAT status of the Device’s client(s) (Section 23.4 on page 274) 23.
Chapter 23 Traffic Status The following table describes the fields in this screen. Table 128 System Monitor > Traffic Status > WAN LABEL DESCRIPTION Connected Interface This shows the name of the WAN interface that is currently connected. Packets Sent Data This indicates the number of transmitted packets on this interface. Error This indicates the number of frames with errors transmitted on this interface. Drop This indicates the number of outgoing packets dropped on this interface.
Chapter 23 Traffic Status 23.3 The LAN Status Screen Click System Monitor > Traffic Status > LAN to open the following screen. The figure in this screen shows the interface that is currently connected on the Device. Figure 159 System Monitor > Traffic Status > LAN The following table describes the fields in this screen. Table 129 System Monitor > Traffic Status > LAN LABEL DESCRIPTION Refresh Interval Select how often you want the Device to update this screen.
Chapter 23 Traffic Status 23.4 The NAT Status Screen Click System Monitor > Traffic Status > NAT to open the following screen. The figure in this screen shows the NAT session statistics for hosts currently connected on the Device. Figure 160 System Monitor > Traffic Status > NAT The following table describes the fields in this screen. Table 130 System Monitor > Traffic Status > NAT 274 LABEL DESCRIPTION Refresh Interval Select how often you want the Device to update this screen.
C HAPTER 24 VoIP Status 24.1 The VoIP Status Screen Click System Monitor > VoIP Status to open the following screen. You can view the VoIP registration, current call status and phone numbers in this screen. Figure 161 System Monitor > VoIP Status The following table describes the fields in this screen. Table 131 System Monitor > VoIP Status LABEL DESCRIPTION Poll Interval(s) Enter the number of seconds the Device needs to wait before updating this screen and then click Set Interval.
Chapter 24 VoIP Status Table 131 System Monitor > VoIP Status (continued) LABEL DESCRIPTION Message Waiting This field indicates whether or not there are any messages waiting for the SIP account. Last Incoming Number This field displays the last number that called the SIP account. The field is blank if no number has ever dialed the SIP account. Last Outgoing Number This field displays the last number the SIP account called. The field is blank if the SIP account has never dialed a number.
C HAPTER 25 ARP Table 25.1 Overview Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address, also known as a Media Access Control or MAC address, on the local area network. An IP (version 4) address is 32 bits long. In an Ethernet LAN, MAC addresses are 48 bits long. The ARP Table maintains an association between each MAC address and its corresponding IP address. 25.1.
Chapter 25 ARP Table The following table describes the labels in this screen. Table 132 System Monitor > ARP Table 278 LABEL DESCRIPTION # This is the ARP table entry number. IPv4/IPv6 Address This is the learned IPv4 or IPv6 IP address of a device connected to a port. MAC Address This is the MAC address of the device with the listed IP address. Device This is the type of interface used by the device. You can click on the device type to go to its configuration screen.
C HAPTER 26 Routing Table 26.1 Overview Routing is based on the destination address only and the Device takes the shortest path to forward a packet. 26.2 The Routing Table Screen Click System Monitor > Routing Table to open the following screen. Figure 163 System Monitor > Routing Table The following table describes the labels in this screen.
Chapter 26 Routing Table Table 133 System Monitor > Routing Table (continued) LABEL DESCRIPTION Flag This indicates the route status. U-Up: The route is up. !-Reject: The route is blocked and will force a route lookup to fail. G-Gateway: The route uses a gateway to forward traffic. H-Host: The target of the route is a host. R-Reinstate: The route is reinstated for dynamic routing. D-Dynamic (redirect): The route is dynamically installed by a routing daemon or redirect.
C HAPTER 27 IGMP/MLD Status 27.1 Overview Use the IGMP Status screens to look at IGMP/MLD group status and traffic statistics. 27.2 The IGMP/MLD Group Status Screen Use this screen to look at the current list of multicast groups the Device has joined and which ports have joined it. To open this screen, click System Monitor > IGMP/MLD Group Status. Figure 164 System Monitor > IGMP/MLD Group Status The following table describes the labels in this screen.
Chapter 27 IGMP/MLD Status Table 134 System Monitor > IGMP/MLD Group Status (continued) LABEL DESCRIPTION Filter Mode INCLUDE means that only the IP addresses in the Source List get to receive the multicast group’s traffic. EXCLUDE means that the IP addresses in the Source List are not allowed to receive the multicast group’s traffic but other IP addresses can.
C HAPTER 28 xDSL Statistics 28.1 The xDSL Statistics Screen Use this screen to view detailed DSL statistics. Click System Monitor > xDSL Statistics to open the following screen.
Chapter 28 xDSL Statistics 284 VMG8924-B10A and VMG8924-B30A Series User’s Guide
Chapter 28 xDSL Statistics The following table describes the labels in this screen. Table 135 Status > xDSL Statistics LABEL DESCRIPTION Refresh Interval Select the time interval for refreshing statistics. Line Select which DSL line’s statistics you want to display. xDSL Training Status This displays the current state of setting up the DSL connection. Mode This displays the ITU standard used for this connection.
Chapter 28 xDSL Statistics Table 135 Status > xDSL Statistics (continued) 286 LABEL DESCRIPTION Downstream These are the statistics for the traffic direction coming into the port from the service provider. Upstream These are the statistics for the traffic direction going out from the port to the service provider. FEC This is the number of Far End Corrected blocks. CRC This is the number of Cyclic Redundancy Checks.
C HAPTER 29 3G Statistics 29.1 Overview Use the 3G Statistics screens to look at 3G Internet connection status. 29.2 The 3G Statistics Screen To open this screen, click System Monitor > 3G Statistics. The 3G status is available on this screen only when you insert a compatible 3G dongle in a USB port on the Device. Figure 166 System Monitor > 3G Statistics The following table describes the labels in this screen.
Chapter 29 3G Statistics Table 136 System Monitor > 3G Statistics (continued) LABEL 288 DESCRIPTION Signal Strength This field displays the strength of the signal in dBm. Connection Uptime This field displays the time the connection has been up. 3G Card Manufacturer This field displays the manufacturer of the 3G card. 3G Card Model This field displays the model name of the 3G card. 3G Card F/W Version This field displays the firmware version of the 3G card.
C HAPTER 30 User Account 30.1 Overview In the Users Account screen, you can change the password of the “admin” user account that you used to log in the Device. 30.2 The User Account Screen Click Maintenance > User Account to open the following screen. Figure 167 Maintenance > User Account The following table describes the labels in this screen. Table 137 Maintenance > User Account LABEL DESCRIPTION User Name This field displays the name of the account that you used to log in the system.
Chapter 30 User Account 290 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPTER 31 Remote Management 31.1 Overview Remote management controls through which interface(s), which services can access the Device. Note: The Device is managed using the Web Configurator. 31.2 The Remote MGMT Screen Use this screen to configure through which interface(s), which services can access the Device. You can also specify the port numbers the services must use to connect to the Device. Click Maintenance > Remote MGMT to open the following screen.
Chapter 31 Remote Management Table 138 Maintenance > Remote MGMT (continued) LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Certificate HTTPS Certificate Select a certificate the HTTPS server (the Device) uses to authenticate itself to the HTTPS client. You must have certificates already configured in the Certificates screen.
Chapter 31 Remote Management 31.4 The Add Trust Domain Screen Use this screen to configure a public IP address which is allowed to access the Device. Click the Add Trust Domain button in the Maintenance > Remote MGMT > Turst Domain screen to open the following screen. Figure 170 Maintenance > Remote MGMT > Trust Domain > Add Trust Domain The following table describes the fields in this screen.
Chapter 31 Remote Management 294 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPTER 32 TR-069 Client 32.1 Overview This chapter explains how to configure the Device’s TR-069 auto-configuration settings. 32.2 The TR-069 Client Screen TR-069 defines how Customer Premise Equipment (CPE), for example your Device, can be managed over the WAN by an Auto Configuration Server (ACS). TR-069 is based on sending Remote Procedure Calls (RPCs) between an ACS and a client device. RPCs are sent in Extensible Markup Language (XML) format over HTTP or HTTPS.
Chapter 32 TR-069 Client The following table describes the fields in this screen. Table 141 Maintenance > TR-069 Client LABEL DESCRIPTION Inform Select Enable for the Device to send periodic inform via TR-069 on the WAN. Otherwise, select Disable. Inform Interval Enter the time interval (in seconds) at which the Device sends information to the autoconfiguration server. ACS URL Enter the URL or IP address of the auto-configuration server.
C HAPTER 33 TR-064 33.1 Overview This chapter explains how to configure the Device’s TR-064 auto-configuration settings. 33.2 The TR-064 Screen TR-064 is a LAN-Side DSL CPE Configuration protocol defined by the DSL Forum. TR-064 is built on top of UPnP. It allows the users to use a TR-064 compliant CPE management application on their computers from the LAN to discover the CPE and configure user-specific parameters, such as the username and password.
Chapter 33 TR-064 298 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPTER 34 SNMP 34.1 Overview This chapter explains how to configure the SNMP settings on the Device. 34.2 The SNMP Screen Simple Network Management Protocol is a protocol used for exchanging management information between network devices. Your Device supports SNMP agent functionality, which allows a manager station to manage and monitor the Device through the network. The Device supports SNMP version one (SNMPv1) and version two (SNMPv2c). The next figure illustrates an SNMP management operation.
Chapter 34 SNMP managed objects. SNMP allows a manager and agents to communicate for the purpose of accessing these objects. SNMP itself is a simple request/response protocol based on the manager/agent model. The manager issues a request and the agent returns responses using the following protocol operations: • Get - Allows the manager to retrieve an object variable from the agent. • GetNext - Allows the manager to retrieve the next object variable from a table or list within an agent.
C HAPTER 35 Time Settings 35.1 Overview This chapter shows you how to configure system related settings, such as system time, password, name, the domain name and the inactivity timeout interval. 35.2 The Time Screen To change your Device’s time and date, click Maintenance > Time. The screen appears as shown. Use this screen to configure the Device’s time based on your local time zone.
Chapter 35 Time Settings The following table describes the fields in this screen. Table 144 Maintenance > Time LABEL DESCRIPTION Current Date/Time Current Time This field displays the time of your Device. Each time you reload this page, the Device synchronizes the time with the time server. Current Date This field displays the date of your Device. Each time you reload this page, the Device synchronizes the date with the time server.
Chapter 35 Time Settings Table 144 Maintenance > Time (continued) LABEL DESCRIPTION Apply Click Apply to save your changes. Cancel Click Cancel to exit this screen without saving.
Chapter 35 Time Settings 304 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPTER 36 E-mail Notification 36.1 Overview A mail server is an application or a computer that runs such an application to receive, forward and deliver e-mail messages. To have the Device send reports, logs or notifications via e-mail, you must specify an e-mail server and the e-mail addresses of the sender and receiver. 36.2 The Email Notification Screen Click Maintenance > Email Notification to open the Email Notification screen.
Chapter 36 E-mail Notification 36.2.1 Email Notification Edit Click the Add button in the Email Notification screen. Use this screen to configure the required information for sending e-mail via a mail server. Figure 177 Email Notification > Add The following table describes the labels in this screen. Table 146 Email Notification > Add LABEL DESCRIPTION Mail Server Address Enter the server name or the IP address of the mail server for the e-mail address specified in the Account Email Address field.
C HAPTER 37 Logs Setting 37.1 Overview You can configure where the Device sends logs and which logs and/or immediate alerts the Device records in the Logs Setting screen. 37.2 The Log Settings Screen To change your Device’s log settings, click Maintenance > Logs Setting. The screen appears as shown.
Chapter 37 Logs Setting The following table describes the fields in this screen. Table 147 Maintenance > Logs Setting LABEL DESCRIPTION Syslog Setting Syslog Logging The Device sends a log to an external syslog server. Select Enable to enable syslog logging. Mode Select the syslog destination from the drop-down list box. If you select Remote, the log(s) will be sent to a remote syslog server. If you select Local File, the log(s) will be saved in a local file.
Chapter 37 Logs Setting • "End of Log" message shows that a complete log has been sent. Figure 179 E-mail Log Example Subject: Firewall Alert From Date: Fri, 07 Apr 2000 10:05:42 From: user@zyxel.com To: user@zyxel.com 1|Apr 7 00 |From:192.168.1.1 To:192.168.1.255 |default policy |forward | 09:54:03 |UDP src port:00520 dest port:00520 |<1,00> | 2|Apr 7 00 |From:192.168.1.131 To:192.168.1.255 |default policy |forward | 09:54:17 |UDP src port:00520 dest port:00520 |<1,00> | 3|Apr 7 00 |From:192.168.1.
Chapter 37 Logs Setting 310 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPTER 38 Firmware Upgrade 38.1 Overview This chapter explains how to upload new firmware to your Device. You can download new firmware releases from your nearest ZyXEL FTP site (or www.zyxel.com) to use to upgrade your device’s performance. Only use firmware for your device’s specific model. Refer to the label on the bottom of your Device. 38.2 The Firmware Screen Click Maintenance > Firmware Upgrade to open the following screen.
Chapter 38 Firmware Upgrade After you see the firmware updating screen, wait two minutes before logging into the Device again. Figure 181 Firmware Uploading The Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 182 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen.
C HAPTER 39 Configuration 39.1 Overview The Configuration screen allows you to backup and restore device configurations. You can also reset your device settings back to the factory default. 39.2 The Configuration Screen Click Maintenance > Configuration. Information related to factory defaults, backup configuration, and restoring configuration appears in this screen, as shown next.
Chapter 39 Configuration Restore Configuration Restore Configuration allows you to upload a new or previously saved configuration file from your computer to your Device. Table 149 Restore Configuration LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ... to find it. Browse... Click this to find the file you want to upload. Remember that you must decompress compressed (.ZIP) files before you can upload them.
Chapter 39 Configuration Reset to Factory Defaults Click the Reset button to clear all user-entered configuration information and return the Device to its factory defaults. The following warning screen appears. Figure 187 Reset Warning Message Figure 188 Reset In Process Message You can also press the RESET button on the rear panel to reset the factory defaults of your Device. Refer to Section 1.6 on page 23 for more information on the RESET button. 39.
Chapter 39 Configuration 316 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPTER 40 Diagnostic 40.1 Overview The Diagnostic screens display information to help you identify problems with the Device. The route between a CO VDSL switch and one of its CPE may go through switches owned by independent organizations. A connectivity fault point generally takes time to discover and impacts subscriber’s network access. In order to eliminate the management and maintenance efforts, IEEE 802.
Chapter 40 Diagnostic 40.3 Ping & TraceRoute & NsLookup Use this screen to ping, traceroute, or nslookup an IP address. Click Maintenance > Diagnostic > Ping&TraceRoute&NsLookup to open the screen shown next. Figure 190 Maintenance > Diagnostic > Ping &TraceRoute&NsLookup The following table describes the fields in this screen.
Chapter 40 Diagnostic 40.4 802.1ag Click Maintenance > Diagnostic > 8.2.1ag to open the following screen. Use this screen to perform CFM actions. Figure 191 Maintenance > Diagnostic > 802.1ag The following table describes the fields in this screen. Table 151 Maintenance > Diagnostic > 802.1ag LABEL DESCRIPTION 802.1ag Connectivity Fault Management Maintenance Domain (MD) Level Select a level (0-7) under which you want to create an MA.
Chapter 40 Diagnostic 40.5 OAM Ping Click Maintenance > Diagnostic > OAM Ping to open the screen shown next. Use this screen to perform an OAM (Operation, Administration and Maintenance) F4 or F5 loopback test on a PVC. The Device sends an OAM F4 or F5 packet to the DSLAM or ATM switch and then returns it to the Device. The test result then displays in the text box. ATM sets up virtual circuits over which end systems communicate.
Chapter 40 Diagnostic Note: This screen is available only when you configure an ATM layer-2 interface. Figure 193 Maintenance > Diagnostic > OAM Ping The following table describes the fields in this screen. Table 152 Maintenance > Diagnostic > OAM Ping LABEL DESCRIPTION Select a PVC on which you want to perform the loopback test. F4 segment Press this to perform an OAM F4 segment loopback test. F4 end-end Press this to perform an OAM F4 end-to-end loopback test.
Chapter 40 Diagnostic 322 VMG8924-B10A and VMG8924-B30A Series User’s Guide
C HAPTER 41 Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • Device Access and Login • Internet Access • Wireless Internet Access • USB Device Connection • UPnP 41.1 Power, Hardware Connections, and LEDs The Device does not turn on. None of the LEDs turn on. 1 Make sure the Device is turned on.
Chapter 41 Troubleshooting 5 If the problem continues, contact the vendor. 41.2 Device Access and Login I forgot the IP address for the Device. 1 The default LAN IP address is 192.168.1.1. 2 If you changed the IP address and have forgotten it, you might get the IP address of the Device by looking up the IP address of the default gateway for your computer. To do this in most Windows computers, click Start > Run, enter cmd, and then enter ipconfig.
Chapter 41 Troubleshooting 5 Reset the device to its factory defaults, and try to access the Device with the default IP address. See Section 1.6 on page 23. 6 If the problem continues, contact the network administrator or vendor, or try one of the advanced suggestions. Advanced Suggestions • Make sure you have logged out of any earlier management sessions using the same user account even if they were through a different interface or using a different browser.
Chapter 41 Troubleshooting 41.3 Internet Access I cannot access the Internet. 1 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide and Section 1.5 on page 21. 2 Make sure you entered your ISP account information correctly in the Network Setting > Broadband screen. These fields are case-sensitive, so make sure [Caps Lock] is not on.
Chapter 41 Troubleshooting 2 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide and Section 1.5 on page 21. 3 Turn the Device off and on. 4 If the problem continues, contact your ISP. 41.4 Wireless Internet Access What factors may cause intermittent or unstabled wireless connection? How can I solve this problem? The following factors may cause interference: • Obstacles: walls, ceilings, furniture, and so on.
Chapter 41 Troubleshooting 41.5 USB Device Connection The Device fails to detect my USB device. 1 Disconnect the USB device. 2 Reboot the Device. 3 If you are connecting a USB hard drive that comes with an external power supply, make sure it is connected to an appropriate power source that is on. 4 Re-connect your USB device to the Device. 41.6 UPnP When using UPnP and the Device reboots, my computer cannot detect UPnP and refresh My Network Places > Local Network.
A PPENDIX A Customer Support In the event of problems that cannot be solved by using this manual, you should contact your vendor. If you cannot contact your vendor, then contact a ZyXEL office for the region in which you bought the device. Regional websites are listed below (see also http://www.zyxel.com/ about_zyxel/zyxel_worldwide.shtml). Please have the following information ready when you contact an office. Required Information • Product model and serial number. • Warranty Information.
Appendix A Customer Support Korea • ZyXEL Korea Corp. • http://www.zyxel.kr Malaysia • ZyXEL Malaysia Sdn Bhd. • http://www.zyxel.com.my Pakistan • ZyXEL Pakistan (Pvt.) Ltd. • http://www.zyxel.com.pk Philipines • ZyXEL Philippines • http://www.zyxel.com.ph Singapore • ZyXEL Singapore Pte Ltd. • http://www.zyxel.com.sg Taiwan • ZyXEL Communications Corporation • http://www.zyxel.com Thailand • ZyXEL Thailand Co., Ltd • http://www.zyxel.co.
Appendix A Customer Support Belgium • ZyXEL Communications B.V. • http://www.zyxel.com/be/nl/ Bulgaria • ZyXEL България • http://www.zyxel.com/bg/bg/ Czech • ZyXEL Communications Czech s.r.o • http://www.zyxel.cz Denmark • ZyXEL Communications A/S • http://www.zyxel.dk Estonia • ZyXEL Estonia • http://www.zyxel.com/ee/et/ Finland • ZyXEL Communications • http://www.zyxel.fi France • ZyXEL France • http://www.zyxel.fr Germany • ZyXEL Deutschland GmbH • http://www.zyxel.
Appendix A Customer Support Lithuania • ZyXEL Lithuania • http://www.zyxel.com/lt/lt/homepage.shtml Netherlands • ZyXEL Benelux • http://www.zyxel.nl Norway • ZyXEL Communications • http://www.zyxel.no Poland • ZyXEL Communications Poland • http://www.zyxel.pl Romania • ZyXEL Romania • http://www.zyxel.com/ro/ro Russia • ZyXEL Russia • http://www.zyxel.ru Slovakia • ZyXEL Communications Czech s.r.o. organizacna zlozka • http://www.zyxel.sk Spain • ZyXEL Spain • http://www.zyxel.
Appendix A Customer Support Turkey • ZyXEL Turkey A.S. • http://www.zyxel.com.tr UK • ZyXEL Communications UK Ltd. • http://www.zyxel.co.uk Ukraine • ZyXEL Ukraine • http://www.ua.zyxel.com Latin America Argentina • ZyXEL Communication Corporation • http://www.zyxel.com/ec/es/ Ecuador • ZyXEL Communication Corporation • http://www.zyxel.com/ec/es/ Middle East Egypt • ZyXEL Communication Corporation • http://www.zyxel.com/homepage.shtml Middle East • ZyXEL Communication Corporation • http://www.zyxel.
Appendix A Customer Support Oceania Australia • ZyXEL Communications Corporation • http://www.zyxel.com/au/en/ Africa South Africa • Nology (Pty) Ltd. • http://www.zyxel.co.
A PPENDIX B Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP/Vista, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your computer. Windows 3.1 requires the purchase of a third-party TCP/IP application package.
Appendix B Setting up Your Computer’s IP Address Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add. 2 Select Adapter and then click Add. 3 Select the manufacturer and model of your network adapter and then click OK. If you need TCP/IP: 1 In the Network window, click Add. 2 Select Protocol and then click Add.
Appendix B Setting up Your Computer’s IP Address • If you have a static IP address, select Specify an IP address and type your information into the IP Address and Subnet Mask fields. Figure 195 Windows 95/98/Me: TCP/IP Properties: IP Address 3 Click the DNS Configuration tab. • If you do not know your DNS information, select Disable DNS. • If you know your DNS information, select Enable DNS and type the information in the fields below (you may not need to fill them all in).
Appendix B Setting up Your Computer’s IP Address 4 Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add. 5 Click OK to save and close the TCP/IP Properties window. 6 Click OK to close the Network window. Insert the Windows CD if prompted. 7 Turn on your Device and restart your computer when prompted. Verifying Settings 1 Click Start and then Run.
Appendix B Setting up Your Computer’s IP Address 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 198 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties.
Appendix B Setting up Your Computer’s IP Address 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 200 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). • If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields.
Appendix B Setting up Your Computer’s IP Address • Click Advanced. Figure 201 Windows XP: Internet Protocol (TCP/IP) Properties 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: • In the IP Settings tab, in IP addresses, click Add. • In TCP/IP Address, type an IP address in IP address and a subnet mask in Subnet mask, and then click Add.
Appendix B Setting up Your Computer’s IP Address • Click OK when finished. Figure 202 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
Appendix B Setting up Your Computer’s IP Address If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. Figure 203 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 10 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT).
Appendix B Setting up Your Computer’s IP Address 1 Click the Start icon, Control Panel. Figure 204 Windows Vista: Start Menu 2 In the Control Panel, double-click Network and Internet. Figure 205 Windows Vista: Control Panel 3 Click Network and Sharing Center.
Appendix B Setting up Your Computer’s IP Address 4 Click Manage network connections. Figure 207 Windows Vista: Network and Sharing Center 5 Right-click Local Area Connection and then click Properties. Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue.
Appendix B Setting up Your Computer’s IP Address 6 Select Internet Protocol Version 4 (TCP/IPv4) and click Properties. Figure 209 Windows Vista: Local Area Connection Properties 7 The Internet Protocol Version 4 (TCP/IPv4) Properties window opens (the General tab). • If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP address and fill in the IP address, Subnet mask, and Default gateway fields.
Appendix B Setting up Your Computer’s IP Address • Click Advanced. Figure 210 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 8 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: • In the IP Settings tab, in IP addresses, click Add.
Appendix B Setting up Your Computer’s IP Address • Click OK when finished. Figure 211 Windows Vista: Advanced TCP/IP Properties 9 In the Internet Protocol Version 4 (TCP/IPv4) Properties window, (the General tab): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
Appendix B Setting up Your Computer’s IP Address If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. Figure 212 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 10 Click OK to close the Internet Protocol Version 4 (TCP/IPv4) Properties window. 11 Click Close to close the Local Area Connection Properties window. 12 Close the Network Connections window. 13 Turn on your Device and restart your computer (if prompted).
Appendix B Setting up Your Computer’s IP Address Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel.
Appendix B Setting up Your Computer’s IP Address 2 Select Ethernet built-in from the Connect via list. Figure 214 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your Device in the Router address box.
Appendix B Setting up Your Computer’s IP Address • Select Built-in Ethernet from the Show list. • Click the TCP/IP tab. 3 For dynamically assigned settings, select Using DHCP from the Configure list. Figure 216 Macintosh OS X: Network 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your Device in the Router address box.
Appendix B Setting up Your Computer’s IP Address Linux This section shows you how to configure your computer’s TCP/IP settings in Red Hat Linux 9.0. Procedure, screens and file location may vary depending on your Linux distribution and release version. Note: Make sure you are logged in as the root administrator. Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE.
Appendix B Setting up Your Computer’s IP Address 2 Double-click on the profile of the network card you wish to configure. The Ethernet Device General screen displays as shown. Figure 218 Red Hat 9.0: KDE: Ethernet Device: General • If you have a dynamic IP address, click Automatically obtain IP address settings with and select dhcp from the drop down list. • If you have a static IP address, click Statically set IP Addresses and fill in the Address, Subnet mask, and Default Gateway Address fields.
Appendix B Setting up Your Computer’s IP Address 6 Click the Activate button to apply the changes. The following screen displays. Click Yes to save the changes in all screens. Figure 220 Red Hat 9.0: KDE: Network Configuration: Activate 7 After the network card restart process is complete, make sure the Status is Active in the Network Configuration screen. Using Configuration Files Follow the steps below to edit the network configuration files and set your computer IP address.
Appendix B Setting up Your Computer’s IP Address 2 If you know your DNS server IP address(es), enter the DNS server information in the resolv.conf file in the /etc directory. The following figure shows an example where two DNS server IP addresses are specified. Figure 223 Red Hat 9.0: DNS Settings in resolv.conf nameserver 172.23.5.1 nameserver 172.23.5.2 3 After you edit and save the configuration files, you must restart the network card. Enter ./network restart in the /etc/rc.d/init.d directory.
A PPENDIX C IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
Appendix C IP Addresses and Subnetting The following figure shows an example IP address in which the first three octets (192.168.1) are the network number, and the fourth octet (16) is the host ID. Figure 226 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask.
Appendix C IP Addresses and Subnetting Subnet masks can be referred to by the size of the network number part (the bits with a “1” value). For example, an “8-bit mask” means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes. Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks.
Appendix C IP Addresses and Subnetting The following table shows some possible subnet masks using both notations. Table 156 Alternative Subnet Mask Notation SUBNET MASK ALTERNATIVE NOTATION LAST OCTET (BINARY) LAST OCTET (DECIMAL) 255.255.255.0 /24 0000 0000 0 255.255.255.128 /25 1000 0000 128 255.255.255.192 /26 1100 0000 192 255.255.255.224 /27 1110 0000 224 255.255.255.240 /28 1111 0000 240 255.255.255.248 /29 1111 1000 248 255.255.255.
Appendix C IP Addresses and Subnetting The following figure shows the company network after subnetting. There are now two subnetworks, A and B. Figure 228 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 27 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address). 192.168.1.0 with mask 255.255.255.128 is subnet A itself, and 192.168.1.127 with mask 255.255.255.
Appendix C IP Addresses and Subnetting Table 157 Subnet 1 (continued) LAST OCTET BIT VALUE IP/SUBNET MASK NETWORK NUMBER Subnet Address: 192.168.1.0 Lowest Host ID: 192.168.1.1 Broadcast Address: 192.168.1.63 Highest Host ID: 192.168.1.62 Table 158 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 64 IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.
Appendix C IP Addresses and Subnetting Table 161 Eight Subnets (continued) SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BROADCAST ADDRESS 3 64 65 94 95 4 96 97 126 127 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 225 254 255 Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 162 24-bit Network Number Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO.
Appendix C IP Addresses and Subnetting Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established.
A PPENDIX D Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device.
Appendix D Pop-up Windows, JavaScripts and Java Permissions 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 230 Internet Options: Privacy 3 Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 366 In Internet Explorer, select Tools, Internet Options and then the Privacy tab.
Appendix D Pop-up Windows, JavaScripts and Java Permissions 2 Select Settings…to open the Pop-up Blocker Settings screen. Figure 231 Internet Options: Privacy 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1.
Appendix D Pop-up Windows, JavaScripts and Java Permissions 4 Click Add to move the IP address to the list of Allowed sites. Figure 232 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed.
Appendix D Pop-up Windows, JavaScripts and Java Permissions 1 In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 233 Internet Options: Security 2 Click the Custom Level... button. 3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default).
Appendix D Pop-up Windows, JavaScripts and Java Permissions 6 Click OK to close the window. Figure 234 Security Settings - Java Scripting Java Permissions 370 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected.
Appendix D Pop-up Windows, JavaScripts and Java Permissions 5 Click OK to close the window. Figure 235 Security Settings - Java JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for
Appendix D Pop-up Windows, JavaScripts and Java Permissions 3 Click OK to close the window. Figure 236 Java (Sun) Mozilla Firefox Mozilla Firefox 2.0 screens are used here. Screens for other versions may vary. You can enable Java, Javascripts and pop-ups in one screen. Click Tools, then click Options in the screen that appears.
Appendix D Pop-up Windows, JavaScripts and Java Permissions Click Content.to show the screen below. Select the check boxes as shown in the following screen.
Appendix D Pop-up Windows, JavaScripts and Java Permissions 374 VMG8924-B10A and VMG8924-B30A Series User’s Guide
A PPENDIX E Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless adapters (A, B, C). Any time two or more wireless adapters are within range of each other, they can set up an independent network, which is commonly referred to as an ad-hoc network or Independent Basic Service Set (IBSS).
Appendix E Wireless LANs disabled, wireless client A and B can still access the wired network but cannot communicate with each other. Figure 240 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This type of wireless LAN topology is called an Infrastructure WLAN.
Appendix E Wireless LANs An ESSID (ESS IDentification) uniquely identifies each ESS. All access points and their associated wireless clients within the same ESS must have the same ESSID in order to communicate. Figure 241 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by wireless devices to transmit and receive data. Channels available depend on your geographical area.
Appendix E Wireless LANs cannot "hear" each other, that is they do not know if the channel is currently being used. Therefore, they are considered hidden from each other. Figure 242 RTS/CTS When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
Appendix E Wireless LANs If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. IEEE 802.11g Wireless LAN IEEE 802.11g is fully compatible with the IEEE 802.11b standard. This means an IEEE 802.11b adapter can interface directly with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range.
Appendix E Wireless LANs IEEE 802.1x In June 2001, the IEEE 802.1x standard was designed to extend the features of IEEE 802.11 to support extended authentication as well as providing additional accounting and control features. It is supported by Windows XP and a number of network devices. Some advantages of IEEE 802.1x are: • User based identification that allows for roaming.
Appendix E Wireless LANs • Accounting-Request Sent by the access point requesting accounting. • Accounting-Response Sent by the RADIUS server to indicate that it has started or stopped accounting. In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password, they both know. The key is not sent over the network. In addition to the shared key, password information exchanged is also encrypted to protect the network from unauthorized access.
Appendix E Wireless LANs EAP-TTLS (Tunneled Transport Layer Service) EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the serverside authentications to establish a secure connection. Client authentication is then done by sending username and password through the secure connection, thus client identity is protected. For client authentication, EAP-TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2.
Appendix E Wireless LANs WPA and WPA2 Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. Key differences between WPA or WPA2 and WEP are improved data encryption and user authentication. If both an AP and the wireless clients support WPA2 and you have an external RADIUS server, use WPA2 for stronger data encryption.
Appendix E Wireless LANs password-guessing attacks but it’s still an improvement over WEP as it employs a consistent, single, alphanumeric password to derive a PMK which is used to generate unique temporal encryption keys. This prevent all wireless devices sharing the same encryption keys. (a weakness of WEP) User Authentication WPA and WPA2 apply IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database.
Appendix E Wireless LANs 4 The RADIUS server distributes the PMK to the AP. The AP then sets up a key hierarchy and management system, using the PMK to dynamically generate unique data encryption keys. The keys are used to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients. Figure 243 WPA(2) with RADIUS Application Example WPA(2)-PSK Application Example A WPA(2)-PSK application looks as follows.
Appendix E Wireless LANs Security Parameters Summary Refer to this table to see what other security parameters you should configure for each authentication method or key management protocol type. MAC address filters are not dependent on how you configure these security features. Table 167 Wireless Security Relational Matrix AUTHENTICATION ENCRYPTIO METHOD/ KEY MANAGEMENT PROTOCOL N METHOD ENTER MANUAL KEY IEEE 802.
Appendix E Wireless LANs 2.5%. For an unobstructed outdoor site, each 1dB increase in gain results in a range increase of approximately 5%. Actual results may vary depending on the network environment. Antenna gain is sometimes specified in dBi, which is how much the antenna increases the signal power compared to using an isotropic antenna. An isotropic antenna is a theoretical perfect antenna that sends out radio signals equally well in all directions.
Appendix E Wireless LANs 388 VMG8924-B10A and VMG8924-B30A Series User’s Guide
A PPENDIX F IPv6 Overview IPv6 (Internet Protocol version 6), is designed to enhance IP address size and features. The increase in IPv6 address size to 128 bits (from the 32-bit IPv4 address) allows up to 3.4 x 1038 IP addresses. IPv6 Addressing The 128-bit IPv6 address is written as eight 16-bit hexadecimal blocks separated by colons (:). This is an example IPv6 address 2001:0db8:1a2b:0015:0000:0000:1a2f:0000. IPv6 addresses can be abbreviated in two ways: • Leading zeros in a block can be omitted.
Appendix F IPv6 Global Address A global address uniquely identifies a device on the Internet. It is similar to a “public IP address” in IPv4. A global unicast address starts with a 2 or 3. Unspecified Address An unspecified address (0:0:0:0:0:0:0:0 or ::) is used as the source address when a device does not have its own address. It is similar to “0.0.0.0” in IPv4. Loopback Address A loopback address (0:0:0:0:0:0:0:1 or ::1) allows a host to send packets to itself. It is similar to “127.0.0.1” in IPv4.
Appendix F IPv6 Table 170 Reserved Multicast Address (continued) MULTICAST ADDRESS FF08:0:0:0:0:0:0:0 FF09:0:0:0:0:0:0:0 FF0A:0:0:0:0:0:0:0 FF0B:0:0:0:0:0:0:0 FF0C:0:0:0:0:0:0:0 FF0D:0:0:0:0:0:0:0 FF0E:0:0:0:0:0:0:0 FF0F:0:0:0:0:0:0:0 Subnet Masking Both an IPv6 address and IPv6 subnet mask compose of 128-bit binary digits, which are divided into eight 16-bit blocks and written in hexadecimal notation. Hexadecimal uses four bits for each character (1 ~ 10, A ~ F).
Appendix F IPv6 the time T2 is reached and the server does not respond, the client sends a Rebind message to any available server (S2). For an IA_TA, the client may send a Renew or Rebind message at the client's discretion. T2 T1 Renew Renew to S1 to S1 Renew Renew to S1 to S1 Renew to S1 Renew to S1 Rebind to S2 Rebind to S2 DHCP Relay Agent A DHCP relay agent is on the same network as the DHCP clients and helps forward messages between the DHCP server and clients.
Appendix F IPv6 • Neighbor advertisement: A response from a node to announce its link-layer address. • Router solicitation: A request from a host to locate a router that can act as the default router and forward packets. • Router advertisement: A response to a router solicitation or a periodical multicast advertisement from a router to advertise its presence and other parameters. IPv6 Cache An IPv6 host is required to have a neighbor cache, destination cache, prefix list and default router list.
Appendix F IPv6 Example - Enabling IPv6 on Windows XP/2003/Vista By default, Windows XP and Windows 2003 support IPv6. This example shows you how to use the ipv6 install command on Windows XP/2003 to enable IPv6. This also displays how to use the ipconfig command to see auto-generated IP addresses. C:\>ipv6 install Installing... Succeeded. C:\>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific IP Address. . . . . Subnet Mask . . . . IP Address. . . . .
Appendix F IPv6 4 Double click Dibbler - a DHCPv6 client. 5 Click Start and then OK. 6 Now your computer can obtain an IPv6 address from a DHCPv6 server. Example - Enabling IPv6 on Windows 7 Windows 7 supports IPv6 by default. DHCPv6 is also enabled when you enable IPv6 on a Windows 7 computer. To enable IPv6 in Windows 7: 1 Select Control Panel > Network and Sharing Center > Local Area Connection. 2 Select the Internet Protocol Version 6 (TCP/IPv6) checkbox to enable it.
Appendix F IPv6 4 Click Close to exit the Local Area Connection Status screen. 5 Select Start > All Programs > Accessories > Command Prompt. 6 Use the ipconfig command to check your dynamic IPv6 address. This example shows a global address (2001:b021:2d::1000) obtained from a DHCP server. C:\>ipconfig Windows IP Configuration Ethernet adapter Local Area Connection: Connection-specific DNS IPv6 Address. . . . . . Link-local IPv6 Address IPv4 Address. . . . . . Subnet Mask . . . . . .
A PPENDIX G Services The following table lists some commonly-used services and their associated protocols and port numbers. • Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like. • Protocol: This is the type of IP protocol used by the service. If this is TCP/UDP, then the service uses the same port number with TCP and UDP. If this is USER-DEFINED, the Port(s) is the IP protocol number, not the port number.
Appendix G Services Table 171 Examples of Services NAME 398 PROTOCOL PORT(S) DESCRIPTION AH (IPSEC_TUNNEL) User-Defined 51 The IPSEC AH (Authentication Header) tunneling protocol uses this service. AIM TCP 5190 AOL’s Internet Messenger service. AUTH TCP 113 Authentication protocol used by some servers. BGP TCP 179 Border Gateway Protocol. BOOTP_CLIENT UDP 68 DHCP Client. BOOTP_SERVER UDP 67 DHCP Server.
Appendix G Services Table 171 Examples of Services (continued) NAME PROTOCOL PORT(S) DESCRIPTION NEW-ICQ TCP 5190 An Internet chat program. NEWS TCP 144 A protocol for news groups. NFS UDP 2049 Network File System - NFS is a client/ server distributed file service that provides transparent file sharing for network environments. NNTP TCP 119 Network News Transport Protocol is the delivery mechanism for the USENET newsgroup service.
Appendix G Services Table 171 Examples of Services (continued) 400 NAME PROTOCOL PORT(S) DESCRIPTION SQL-NET TCP 1521 Structured Query Language is an interface to access data on many different types of database systems, including mainframes, midrange systems, UNIX systems and network servers. SSDP UDP 1900 The Simple Service Discovery Protocol supports Universal Plug-and-Play (UPnP). SSH TCP/UDP 22 Secure Shell Remote Login Program. STRM WORKS UDP 1558 Stream Works Protocol.
A PPENDIX H Legal Information Copyright Copyright © 2013 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
Appendix H Legal Information • Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. • Consult the dealer or an experienced radio/TV technician for help. Radiation Exposure Statement • This device and its antenna(s) must not be co-located or operating in conjunction with any other antenna or transmitter. • For operation within 5.15 ~ 5.25GHz frequency range, it is restricted to indoor environment. • IEEE 802.11b, 802.11g or 802.
Appendix H Legal Information (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. Ce dispositif est conforme à la norme CNR-192 d'Industrie Canada applicable aux appareils radio exempts de licence.
Appendix H Legal Information corresponding return address, Postage Paid. This warranty gives you specific legal rights, and you may also have other rights that vary from country to country. Registration Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com for North American products.
Index Index A broadcast 70 ACK message 256 BSS 98, 375 example 98 ACL rule 202 BYE request 256 ACS 295 activation firewalls 199 media server 191 SIP ALG 167 SSID 83 C CA 213, 381 administrator password 28 call history 250 incoming calls 251 outgoing calls 251 AH 229 call hold 262, 263 algorithms 229 call service mode 261, 263 alternative subnet mask notation 360 call transfer 262, 264 antenna directional 387 gain 386 omni-directional 387 call waiting 262, 263 Address Resolution Protocol 2
Index MEP 317 MIP 317 digital IDs 213 disclaimer 401 channel 377 interference 377 DLNA 190 channel, wireless LAN 95 DNS 108, 128 Class of Service 260 DNS server address assignment 70 Class of Service, see CoS client list 113 documentation related 2 client-server protocol 253 Domain Name 173 comfort noise generation 258 Domain Name System, see DNS compatibility, WDS 89 Domain Name System. See DNS.
Index F IC (Industry Canada) statement 402 ID type and content 233 FCC interference statement 401 IEEE 802.11g 379 file sharing 20 IEEE 802.
Index prefix delegation 49 prefix length 48, 71, 389 unspecified address 390 ISP 46 M MA 317 iTunes server 190 MAC address 86, 113 filter 86, 96 ITU-T 258 MAC authentication 86 Mac filter 205 Maintenance Association, see MA K Maintenance Domain, see MD Maintenance End Point, see MEP key combinations 264 Management Information Base (MIB) 299 keypad 264 managing the device good habits 17 Maximum Burst Size (MBS) 68 L MBSSID 99 LAN 107 and USB printer 192 client list 113 DHCP 108, 128 DNS 108, 1
Index SIP ALG 166 activation 167 traversal 232 PPPoE 46, 67 Benefits 67 PPTP 173 NAT example 174 preamble 92, 95 NCC statement 402 preamble mode 99 negotiation mode 231 prefix delegation 49 Network Address Translation see NAT pre-shared key 234 Network Address Translation, see NAT network map 31 printer sharing and LAN 192 requirements 191 NNTP 173 private IP address 129 non-proxy calls 249 product registration 404 Network Map 39 Printer Server 191 protocol 46 PSK 383 O push button 23
Index reset 23, 315 restart 315 restoring configuration 314 RFC 1058. See RIP. RFC 1389. See RIP. RFC 1483 67 RFC 1889 255 RFC 3164 267 RIP 137 router features 18 Routing Information Protocol.
Index passwords 27, 28 reset 23 status 39 LAN 41 WAN 41 wireless LAN 41 time 301 USA type call service mode 263 USB features 20 V VAD 258 VID T Virtual Circuit (VC) 67 Tag Control Information See TCI The 47 VLAN 69 Introduction 69 number of possible VIDs priority frame static three-way conference 263, 264 VLAN ID 70 thresholds data fragment 91, 95 RTS/CTS 91, 95 VLAN Identifier See VID Tag Protocol Identifier See TPID TCI time 301 ToS 260 TPID 70 TR-064 297 TR-069 295 ACS setup 295 authenticat
Index wireless client WPA supplicants 384 WPA2-Pre-Shared Key 383 Wireless Distribution System, see WDS WPA2-PSK 383 application example 385 wireless LAN 73, 94 authentication 95, 97 BSS 98 example 98 channel 95 encryption 97 example 94 fragmentation threshold 91, 95 limitations 98 MAC address filter 86, 96 MBSSID 99 preamble 92, 95 RADIUS server 97 RTS/CTS threshold 91, 95 security 95 SSID 96 activation 83 status 41 WDS 89, 99 compatibility 89 example 99 WEP 97 WPA 97 WPA-PSK 97 WPS 100, 102 example 1
