ZyXEL G-1000 v2 Wireless-11g Access Point User’s Guide Version 3.
ZyXEL G-1000 v2 User’s Guide Copyright Copyright © 2006 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
ZyXEL G-1000 v2 User’s Guide Interference Statements and Certifications Federal Communications Commission (FCC) Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations.
ZyXEL G-1000 v2 User’s Guide This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter. ZyXEL Communications Corporation declared that G-1000 v2 is limited in CH1~11 from 2400 to 2483.5 MHz by specified firmware controlled in USA.
ZyXEL G-1000 v2 User’s Guide Safety Warnings For your safety, be sure to read and follow all warning notices and instructions. • To reduce the risk of fire, use only No. 26 AWG (American Wire Gauge) or larger telecommunication line cord. • Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks. ONLY qualified service personnel can service the device. Please contact your vendor for further information.
ZyXEL G-1000 v2 User’s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase.
ZyXEL G-1000 v2 User’s Guide Customer Support Please have the following information ready when you contact customer support. • • • • Product model and serial number. Warranty Information. Date that you received your device. Brief description of the problem and the steps you took to solve it. METHOD SUPPORT E-MAIL TELEPHONE1 WEB SITE FAX FTP SITE REGULAR MAIL LOCATION CORPORATE HEADQUARTERS (WORLDWIDE) CZECH REPUBLIC DENMARK FINLAND SALES E-MAIL support@zyxel.com.tw +886-3-578-3942 sales@zyxel.
ZyXEL G-1000 v2 User’s Guide TELEPHONE1 WEB SITE SALES E-MAIL FAX FTP SITE info@pl.zyxel.com +48-22-5286603 www.pl.zyxel.com ZyXEL Communications ul.Emilli Plater 53 00-113 Warszawa Poland www.zyxel.ru ZyXEL Russia Ostrovityanova 37a Str. Moscow, 117279 Russia www.zyxel.es ZyXEL Communications Alejandro Villegas 33 1º, 28043 Madrid Spain www.zyxel.se ZyXEL Communications A/S Sjöporten 4, 41764 Göteborg Sweden www.ua.zyxel.com ZyXEL Ukraine 13, Pimonenko Str.
ZyXEL G-1000 v2 User’s Guide 10 Customer Support
ZyXEL G-1000 v2 User’s Guide Table of Contents Copyright .................................................................................................................. 3 Interference Statements and Certifications ........................................................... 4 Safety Warnings ....................................................................................................... 6 ZyXEL Limited Warranty........................................................................................
ZyXEL G-1000 v2 User’s Guide Chapter 3 Wizard Setup .......................................................................................................... 41 3.1 Wizard Setup Overview ......................................................................................41 3.2 General Setup ....................................................................................................41 3.3 Wizard Setup Wireless LAN ...............................................................................
ZyXEL G-1000 v2 User’s Guide Chapter 8 Logs ........................................................................................................................ 81 8.1.1 Alerts and Logs .........................................................................................81 8.4 SMTP Error Messages .......................................................................................84 Chapter 9 Tools ..................................................................................................
ZyXEL G-1000 v2 User’s Guide 15.3 Log and Trace ................................................................................................116 15.3.1 Syslog Logging .....................................................................................117 15.4 Diagnostic ......................................................................................................117 Chapter 16 Firmware and Configuration File Maintenance ................................................. 119 16.
ZyXEL G-1000 v2 User’s Guide Command Interpreter........................................................................................... 161 Appendix G Log Descriptions.................................................................................................. 163 Appendix H Wireless LAN and IEEE 802.11 ........................................................................... 167 Appendix I Wireless LAN Security.....................................................................................
ZyXEL G-1000 v2 User’s Guide 16 Table of Contents
ZyXEL G-1000 v2 User’s Guide List of Figures Figure 1 Internet Access Application ...................................................................... 31 Figure 2 Corporation Network Application ............................................................. 31 Figure 3 G-1000 v2 Front Panel ............................................................................. 32 Figure 4 Change Password Screen .......................................................................
ZyXEL G-1000 v2 User’s Guide Figure 39 Configuration Restore Successful .......................................................... 90 Figure 40 Temporarily Disconnected ...................................................................... 90 Figure 41 Configuration Restore Error ................................................................... 90 Figure 42 Restart Screen ....................................................................................... 91 Figure 43 Login Screen .....................
ZyXEL G-1000 v2 User’s Guide Figure 82 Windows XP: Start Menu ....................................................................... 141 Figure 83 Windows XP: Control Panel ................................................................... 141 Figure 84 Windows XP: Control Panel: Network Connections: Properties ............ 142 Figure 85 Windows XP: Local Area Connection Properties ................................... 142 Figure 86 Windows XP: Advanced TCP/IP Settings ......................................
ZyXEL G-1000 v2 User’s Guide 20 List of Figures
ZyXEL G-1000 v2 User’s Guide List of Tables Table 1 IEEE 802.11b ............................................................................................ 28 Table 2 IEEE 802.11g ............................................................................................ 28 Table 3 Front Panel Light Description ................................................................... 32 Table 4 Web Configurator Screens Summary ....................................................... 35 Table 5 Status Screen ..
ZyXEL G-1000 v2 User’s Guide Table 39 Main Menu Summary ............................................................................. 96 Table 40 Menu 1 General Setup ........................................................................... 97 Table 41 Menu 3.2 TCP/IP Setup .......................................................................... 100 Table 42 Menu 3.5 Wireless LAN Setup ............................................................... 101 Table 43 Menu 3.5.1 WLAN MAC Address Filter .......
ZyXEL G-1000 v2 User’s Guide Table 82 Sys log .................................................................................................... 164 Table 83 Log Categories and Available Settings ................................................... 165 Table 84 IEEE 802.11g .......................................................................................... 173 Table 85 Comparison of EAP Authentication Types ..............................................
ZyXEL G-1000 v2 User’s Guide 24 List of Tables
ZyXEL G-1000 v2 User’s Guide Preface Congratulations on your purchase of the ZyXEL G-1000 v2 IEEE 802.11g wireless access point. Your G-1000 v2 is easy to install and configure. Note: Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com for North American products.
ZyXEL G-1000 v2 User’s Guide Syntax Conventions • “Enter” means for you to type one or more characters. “Select” or “Choose” means for you to use one predefined choice. • Mouse action sequences are denoted using a right angle bracket (>). For example, “In Windows, click Start > Settings > Control Panel” means first click the Start button, then point your mouse pointer to Settings and then click Control Panel. • “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.
ZyXEL G-1000 v2 User’s Guide CHAPTER 1 Getting to Know Your Device This chapter introduces the main features and applications of the G-1000 v2. 1.1 Introducing the ZyXEL G-1000 v2 The ZyXEL G-2000 Plus v2 is a wireless access point. The G-1000 v2 offers highly secured wireless connectivity to your wired network with IEEE 802.1X, WEP data encryption, WPA(2) (Wi-Fi Protected Access) and MAC address filtering. The G-1000 v2 is easy to install and configure.
ZyXEL G-1000 v2 User’s Guide ZyAIR LED The blue ZyAIR LED (also known as the breathing light) is on when the G-1000 v2 is on and blinks (or breaths) when data is being transmitted to/from its wireless stations. You may use the web configurator to turn this light off even when the G-1000 v2 is on and data is being transmitted/received. 1.2.2 Firmware Features WPA and WPA2 Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.
ZyXEL G-1000 v2 User’s Guide Note: The G-1000 v2 may be prone to RF (Radio Frequency) interference from other 2.4 GHz devices such as microwave ovens, wireless phones, Bluetooth enabled devices, and other wireless LANs. STP (Spanning Tree Protocol) / RSTP (Rapid STP) (R)STP detects and breaks network loops and provides backup links between switches, bridges or routers.
ZyXEL G-1000 v2 User’s Guide SNMP SNMP (Simple Network Management Protocol) is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your G-1000 v2 supports SNMP agent functionality, which allows a manager station to manage and monitor the G-1000 v2 through the network. The G-1000 v2 supports SNMP version one (SNMPv1) and version two c (SNMPv2c).
ZyXEL G-1000 v2 User’s Guide 1.3.1 Internet Access Application The G-1000 is an ideal access solution for wireless Internet connection. A typical Internet access application for your G-1000 is shown as follows. Stations A, B and C can access the wired network through the G-1000s. Figure 1 Internet Access Application 1.3.
ZyXEL G-1000 v2 User’s Guide Figure 3 G-1000 v2 Front Panel The following table describes the lights. Table 3 Front Panel Light Description LIGHT COLOR STATUS DESCRIPTION SYS Green On The wireless card on the G-1000 v2 is working properly. Off The wireless card on the G-1000 v2 is not ready or has a malfunction. Red Blinking The G-1000 v2 is not ready or rebooting. Blue Breathing The G-1000 v2 is sending or receiving data.
ZyXEL G-1000 v2 User’s Guide CHAPTER 2 Introducing the Web Configurator This chapter describes how to access the G-1000 v2 web configurator and provides an overview of its screens. The default IP address of the G-1000 v2 is 192.168.1.2. 2.1 Web Configurator Overview The embedded web configurator allows you to manage the G-1000 v2 from anywhere through a browser such as Microsoft Internet Explorer or Netscape Navigator. Use Internet Explorer 6.0 and later or Netscape Navigator 7.
ZyXEL G-1000 v2 User’s Guide Figure 4 Change Password Screen 6 On this screen you can access the wizard setup or the advanced setup. Click Go to Advanced setup to access the status screen of the web configurator. Note: The management session automatically times out when the time period set in the Administrator Inactivity Timer field expires (default five minutes). Simply log back into the G-1000 v2 if this happens to you. 2.
ZyXEL G-1000 v2 User’s Guide Note: You can also restore defaults via the web configurator.(refer to the Maintenance chapter). 2.4 Navigating the Web Configurator We use the P-662HW-D1 web screens in this guide as an example. Screens vary slightly for different G-1000 v2 models. 2.4.1 Navigation Panel After you enter the password, use the sub-menus on the navigation panel to configure G-1000 v2 features. The following table describes the sub-menus.
ZyXEL G-1000 v2 User’s Guide Table 4 Web Configurator Screens Summary (continued) LINK/ICON SUB-LINK FUNCTION About Click this icon to see general information about G-1000 v2. Status This screen shows the G-1000 v2’s general device, system and interface status information. Use this screen to access the summary statistics tables. Network Wireless LAN General IP Use this screen to configure the wireless LAN settings and WLAN authentication/security settings.
ZyXEL G-1000 v2 User’s Guide Figure 6 Status Screen The following table describes the labels shown in the Status screen. Table 5 Status Screen LABEL DESCRIPTION Refresh Interval Select a number of seconds or None from the drop-down list box to refresh all screen statistics automatically at the end of every time interval or to not refresh the screen statistics. Refresh Now Click this button to refresh the status screen statistics.
ZyXEL G-1000 v2 User’s Guide Table 5 Status Screen LABEL DESCRIPTION System Uptime This is the total time the G-1000 v2 has been on. Current Date/Time This field displays your G-1000 v2’s present date and time. System Resource CPU Usage This number shows how many kilobytes of the heap memory the G-1000 v2 is using. Heap memory refers to the memory that is not used by ZyNOS (ZyXEL Network Operating System). The bar displays what percent of the G-1000 v2's heap memory is in use.
ZyXEL G-1000 v2 User’s Guide The following table describes the labels in this screen. Table 6 Status: Packet Statistics LABEL DESCRIPTION Port This is the Ethernet or wireless port. The wireless port may be the WLAN – Builtin card or the WLAN – Removable wireless card. Status This shows the port speed and duplex setting if you are using Ethernet encapsulation for the Ethernet port. This shows the transmission speed only for wireless port.
ZyXEL G-1000 v2 User’s Guide Table 7 Association List 40 LABEL DESCRIPTION QoS This field displays the priority level of a wireless device associated with the G1000 v2 Refresh Click Refresh to reload the screen.
ZyXEL G-1000 v2 User’s Guide CHAPTER 3 Wizard Setup The web configurator’s setup wizard helps you set up a wireless LAN and configure security settings on your G-1000 v2. 3.1 Wizard Setup Overview The wizard will guide you through several steps. You will need to enter some information for identification purposes, you will then setup your wireless LAN and security. The wizard will then guide you through configuring your Internet settings. 3.
ZyXEL G-1000 v2 User’s Guide The following table describes the labels in this screen. Table 8 Enter System and Domain Names LABEL DESCRIPTION System Name Enter a name to help you identify your ISP on the network. This is not a required field and you can safely leave this field blank. Domain Name This is not a required field. Leave this field blank or enter the domain name here if you know it. Back Click Back to return to the previous screen. Next Click Next to proceed to the next screen.
ZyXEL G-1000 v2 User’s Guide The following table describes the labels in this screen. Table 9 Enter Name and Select Security LABEL DESCRIPTION Wireless LAN Setup Name(SSID) Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless LAN. If you change this field on the G-1000 v2, make sure all wireless stations use the same SSID in order to access the network.
ZyXEL G-1000 v2 User’s Guide Figure 10 Wireless LAN Basic Security The following table describes the labels in this screen. Table 10 Wireless LAN Basic Security LABEL DESCRIPTION Passphrase You can generate or manually enter a WEP key by either: Entering a Passphrase (up to 32 printable characters) and clicking Generate. The G1000 v2 automatically generates a WEP key. Or Entering a manual key in a Key field and selecting ASCII or Hex WEP key input method.
ZyXEL G-1000 v2 User’s Guide Table 10 Wireless LAN Basic Security LABEL DESCRIPTION Back Click Back to display the previous screen. Next Click Next to proceed to the next screen. Exit Click Exit to quit the wizard without saving the changes. Choose Extend(WPA-PSK with customized key) or Extend(WPA2-PSK with customized key) security in the Wireless LAN Setup screen to set up a Pre-Shared Key. Figure 11 Wireless LAN Extend Security The following table describes the labels in this screen.
ZyXEL G-1000 v2 User’s Guide 3.3.3 IP Address Assignment Your G-1000 v2 needs an IP address to communicate with your wired network. Figure 12 IP Address Assignment The following table describes the labels in this screen. Table 12 IP Address Assignment LABEL DESCRIPTION Obtain IP Address Automatically Select this choice if your G-1000 v2 is using a dynamically assigned IP address from a DHCP server. Use fixed IP address Select this choice if your G-1000 v2 is using a static IP address.
ZyXEL G-1000 v2 User’s Guide 3.3.4 Apply Settings If you changed the SSID on your device or implemented any security, then you will have to make the corresponding changes on your wireless station to reconnect to the G-1000 v2. The following table describes the labels in this screen. Table 13 Apply Settings LABEL DESCRIPTION Back Click Back to display the previous screen. Apply Click Apply to save your configuration settings. Exit Click Exit to quit the wizard without saving the changes.
ZyXEL G-1000 v2 User’s Guide Figure 13 Wizard Completed 48 Chapter 3 Wizard Setup
ZyXEL G-1000 v2 User’s Guide CHAPTER 4 Wireless LAN This chapter discusses how to configure the wireless network settings in your G-1000 v2. See the appendices for more detailed information about wireless networks. 4.1 Wireless Network Overview The following figure provides an example of a wireless network. Figure 14 Example of a Wireless Network The wireless network is the part in the blue circle. In this wireless network, devices A and B are called wireless clients.
ZyXEL G-1000 v2 User’s Guide Security stops unauthorized devices from using the wireless network. It can also protect the information that is sent in the wireless network. 4.2 Wireless Security Overview The following sections introduce different types of wireless security you can set up in the wireless network. 4.2.1 SSID Normally, the AP acts like a beacon and regularly broadcasts the SSID in the area. You can hide the SSID instead, in which case the AP does not broadcast the SSID.
ZyXEL G-1000 v2 User’s Guide • In the AP: this feature is called a local user database or a local database. • In a RADIUS server: this is a server used in businesses more than in homes. If your AP does not provide a local user database and if you do not have a RADIUS server, you cannot set up user names and passwords for your users. Unauthorized devices can still see the information that is sent in the wireless network, even if they cannot use the wireless network.
ZyXEL G-1000 v2 User’s Guide Note: It is recommended that wireless networks use WPA-PSK, WPA, or stronger encryption. IEEE 802.1x and WEP encryption are better than none at all, but it is still possible for unauthorized wireless devices to figure out the original information pretty quickly. It is not possible to use WPA-PSK, WPA or stronger encryption with a local user database.
ZyXEL G-1000 v2 User’s Guide 4.4 Wireless LAN Screen Note: If you are configuring the G-1000 v2 from a computer connected to the wireless LAN and you change the G-1000 v2’s SSID or WEP settings, you will lose your wireless connection when you press Apply to confirm. You must then change the wireless settings of your computer to match the G-1000 v2’s new settings. Click Network > Wireless LAN to open the General screen.
ZyXEL G-1000 v2 User’s Guide Table 16 Wireless LAN: General LABEL DESCRIPTION Apply Click Apply to save your changes back to the G-1000 v2. Reset Click Reset to reload the previous configuration for this screen. See the rest of this chapter for information on the other labels in this screen. 4.4.1 No Security Select No Security to allow wireless stations to communicate with the access points without any data encryption.
ZyXEL G-1000 v2 User’s Guide 4.4.2 WEP Encryption WEP encryption scrambles the data transmitted between the wireless stations and the access points to keep network communications private. It encrypts unicast and multicast communications in a network. Both the wireless stations and the access points must use the same WEP key. Your G-1000 v2 allows you to configure up to four 64-bit, 128-bit or 256-bit WEP keys but only one key can be enabled at any one time. 4.4.
ZyXEL G-1000 v2 User’s Guide The following table describes the wireless LAN security labels in this screen. Table 18 Wireless: Static WEP Encryption LABEL DESCRIPTION Security Mode Choose Static WEP from the drop-down list box. Passphrase You can generate or manually enter a WEP key by either: Entering a Passphrase (up to 32 printable characters) and clicking Generate. The G1000 v2 automatically generates a WEP key.
ZyXEL G-1000 v2 User’s Guide Figure 18 Wireless: WPA(2)-PSK The following table describes the wireless LAN security labels in this screen. Table 19 Wireless: WPA(2)-PSK LABEL DESCRIPTION Security Mode Choose WPA-PSK or WPA2-PSK from the drop-down list box. WPA Compatible This check box is available only when you select WPA2-PSK or WPA2 in the Security Mode field.
ZyXEL G-1000 v2 User’s Guide Table 19 Wireless: WPA(2)-PSK LABEL DESCRIPTION Group Key Update The Group Key Update Timer is the rate at which the AP (if using WPA(2)-PSK Timer (In key management) or RADIUS server (if using WPA(2) key management) sends a Seconds) new group key out to all clients. The re-keying process is the WPA(2) equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis.
ZyXEL G-1000 v2 User’s Guide The following table describes the wireless LAN security labels in this screen. Table 20 Wireless: WPA(2) LABEL DESCRIPTION WPA Compatible This check box is available only when you select WPA2-PSK or WPA2 in the Security Mode field. Select the check box to have both WPA2 and WPA wireless clients be able to communicate with the G-1000 v2 even when the G-1000 v2 is using WPA2-PSK or WPA2.
ZyXEL G-1000 v2 User’s Guide 4.5 MAC Filter The MAC filter screen allows you to configure the G-1000 v2 to give exclusive access to up to 32 devices (Allow) or exclude up to 32 devices from accessing the G-1000 v2 (Deny). Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. You need to know the MAC address of the devices to configure this screen.
ZyXEL G-1000 v2 User’s Guide The following table describes the labels in this menu. Table 21 MAC Address Filter LABEL DESCRIPTION Active Select the check box to enable MAC address filtering. Filter Action Define the filter action for the list of MAC addresses in the MAC Address table.
ZyXEL G-1000 v2 User’s Guide The following table describes the labels in this screen. Table 22 Wireless LAN: Advanced LABEL DESCRIPTION Roaming Configuration Enable Roaming Select this checkbox to enable roaming on the G-1000 v2 if you have two or more G1000 v2s on the same subnet. Note: All APs on the same subnet and the wireless stations must have the same SSID to allow roaming. Port Enter the port number to communicate roaming information between APs. The port number must be the same on all APs.
ZyXEL G-1000 v2 User’s Guide CHAPTER 5 IP and DNS Screens This chapter describes how to configure your G-1000 v2 to interact with the wired network. 5.1 Configuring IP To configure Internet connection, click Network > IP > Internet Connection. The screen appears as shown. Figure 22 Network: Internet Connection The following table describes the labels in this screen.
ZyXEL G-1000 v2 User’s Guide Table 23 Network: Internet Connection LABEL DESCRIPTION IP Address Enter the IP address of your G-1000 v2 in dotted decimal notation. IP Subnet Mask Type the subnet mask. Gateway IP Address Type the IP address of the gateway. The gateway is an immediate neighbor of your G-1000 v2 that will forward the packet to the destination.
ZyXEL G-1000 v2 User’s Guide Table 24 Network: Advanced LABEL DESCRIPTION Apply Click Apply to save your changes back to the G-1000 v2. Reset Click Reset to reload the previous configuration for this screen.
ZyXEL G-1000 v2 User’s Guide 66 Chapter 5 IP and DNS Screens
ZyXEL G-1000 v2 User’s Guide CHAPTER 6 Remote Management Configuration This chapter provides information on configuring remote management. 6.1 Remote Management Overview Remote management allows you to determine which services/protocols can access which G1000 v2 interface (if any) from which computers. Note: When you configure remote management to allow management from the WAN, you still need to configure a firewall rule to allow access.
ZyXEL G-1000 v2 User’s Guide • The IP address in the Secured Client IP field does not match the client IP address. If it does not match, the G-1000 v2 will disconnect the session immediately. • There is already another remote management session with an equal or higher priority running. You may only have one remote management session running at one time. • There is a firewall rule that blocks it. 6.1.2 System Timeout There is a default system management idle timeout of five minutes (three hundred seconds).
ZyXEL G-1000 v2 User’s Guide Table 25 Remote Management: WWW LABEL DESCRIPTION Apply Click Apply to save your settings back to the G-1000 v2. Cancel Click Cancel to begin configuring this screen afresh. 6.3 Telnet You can configure your G-1000 v2 for remote Telnet access as shown next. The administrator uses Telnet from a computer on a remote network to access the G-1000 v2. Figure 25 Telnet Configuration on a TCP/IP Network 6.
ZyXEL G-1000 v2 User’s Guide Figure 26 Remote Management: Telnet The following table describes the labels in this screen. Table 26 Remote Management: Telnet LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Server Access Select the interface(s) through which a computer may access the G-1000 v2 using this service.
ZyXEL G-1000 v2 User’s Guide Figure 27 Remote Management: FTP The following table describes the labels in this screen. Table 27 Remote Management: FTP LABEL DESCRIPTION Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Server Access Select the interface(s) through which a computer may access the G-1000 v2 using this service.
ZyXEL G-1000 v2 User’s Guide Figure 28 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the G-1000 v2). An agent translates the local management information from the managed device into a form compatible with SNMP. The manager is the console through which network administrators perform network management functions.
ZyXEL G-1000 v2 User’s Guide 6.6.2 SNMP Traps The G-1000 v2 will send traps to the SNMP manager when any one of the following events occurs: Table 28 SNMP Traps TRAP NAME DESCRIPTION 0 coldStart (defined in RFC-1215) A trap is sent after booting (power on). 1 warmStart (defined in RFC-1215) A trap is sent after booting (software reboot). 6 whyReboot (defined in ZYXELMIB) A trap is sent with the reason of restart before rebooting when the system is going to restart (warm start).
ZyXEL G-1000 v2 User’s Guide Figure 29 Remote Management: SNMP The following table describes the labels in this screen. Table 29 Remote Management: SNMP LABEL DESCRIPTION SNMP Configuration Get Community Enter the Get Community, which is the password for the incoming Get and GetNext requests from the management station. The default is public and allows all requests. Set Community Enter the Set community, which is the password for incoming Set requests from the management station.
ZyXEL G-1000 v2 User’s Guide CHAPTER 7 System Use this screen to configure the G-1000 v2’s time and date settings. 7.1 General Setup 7.1.1 General Setup and System Name General Setup contains administrative and system-related information. System Name is for identification purposes. However, because some ISPs check this name you should enter your computer's "Computer Name". • In Windows 95/98 click Start, Settings, Control Panel, Network.
ZyXEL G-1000 v2 User’s Guide Figure 30 System General Setup The following table describes the labels in this screen. Table 30 System General Setup LABEL DESCRIPTION System Setup System Name Enter a name to help you identify your ISP on the network. This is not a required field and you can safely leave this field blank. Domain Name Enter the domain name (if you know it) here. If you leave this field blank, the ISP may assign a domain name via DHCP.
ZyXEL G-1000 v2 User’s Guide 7.2 Time Setting To change your G-1000 v2’s time and date, click Maintenance > System > Time Setting. The screen appears as shown. Use this screen to configure the G-1000 v2’s time based on your local time zone. Figure 31 System Time Setting The following table describes the fields in this screen. Table 31 System Time Setting LABEL DESCRIPTION Current Time and Date Current Time This field displays the time of your G-1000 v2.
ZyXEL G-1000 v2 User’s Guide Table 31 System Time Setting (continued) LABEL DESCRIPTION New Time (hh:mm:ss) This field displays the last updated time from the time server or the last time configured manually. When you set Time and Date Setup to Manual, enter the new time in this field and then click Apply. New Date (yyyy/mm/dd) This field displays the last updated date from the time server or the last date configured manually.
ZyXEL G-1000 v2 User’s Guide Table 31 System Time Setting (continued) LABEL DESCRIPTION End Date Configure the day and time when Daylight Saving Time ends if you selected Enable Daylight Saving. The o'clock field uses the 24 hour format. Here are a couple of examples: Daylight Saving Time ends in the United States on the last Sunday of October. Each time zone in the United States stops using Daylight Saving Time at 2 A.M. local time.
ZyXEL G-1000 v2 User’s Guide 80 Chapter 7 System
ZyXEL G-1000 v2 User’s Guide CHAPTER 8 Logs This chapter contains information about configuring general log settings and viewing the G1000 v2’s logs. Refer to the appendix for example log message explanations. 8.1 Logs Overview The web configurator allows you to choose which categories of events and/or alerts to have the G-1000 v2 log and then display the logs or have the G-1000 v2 send them to an administrator (as e-mail) or to a syslog server. 8.1.
ZyXEL G-1000 v2 User’s Guide The following table describes the fields in this screen. Table 32 View Log LABEL DESCRIPTION Display The categories that you select in the Log Settings screen display in the drop-down list box. Select a category of logs to view; select All Logs to view logs from all of the log categories that you selected in the Log Settings page. Time This field displays the time the log was recorded. Message This field states the reason for the log.
ZyXEL G-1000 v2 User’s Guide Figure 33 Log Settings The following table describes the fields in this screen. Table 33 Log Settings LABEL DESCRIPTION E-mail Log Settings Mail Server Enter the server name or the IP address of the mail server for the e-mail addresses specified below. If this field is left blank, logs and alert messages will not be sent via E-mail. Mail Subject Type a title that you want to be in the subject line of the log e-mail message that the G-1000 v2 sends.
ZyXEL G-1000 v2 User’s Guide Table 33 Log Settings LABEL DESCRIPTION Password Enter the password associated with the user name above. Log Schedule This drop-down menu is used to configure the frequency of log messages being sent as E-mail: • Daily • Weekly • Hourly • When Log is Full • None. If you select Weekly or Daily, specify a time of day when the E-mail should be sent. If you select Weekly, then also specify which day of the week the E-mail should be sent.
ZyXEL G-1000 v2 User’s Guide Table 34 SMTP Error Messages -6 means RCPT TO fail -7 means DATA fail -8 means mail data send fail Chapter 8 Logs 85
ZyXEL G-1000 v2 User’s Guide 86 Chapter 8 Logs
ZyXEL G-1000 v2 User’s Guide CHAPTER 9 Tools This chapter describes how to upload new firmware, manage configuration and restart your G1000 v2. 9.1 Firmware Upgrade Find firmware at www.zyxel.com in a file that (usually) uses the system model name with a.bin extension, for example, "G-1000 v2.bin". The upload process uses HTTP (Hypertext Transfer Protocol) and may take up to two minutes. After a successful upload, the system will reboot. Only use firmware for your device’s specific model.
ZyXEL G-1000 v2 User’s Guide After you see the Firmware Upload in Progress screen, wait two minutes before logging into the G-1000 v2 again. Figure 35 Firmware Upload In Progress The G-1000 v2 automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 36 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen.
ZyXEL G-1000 v2 User’s Guide 9.2 Configuration Screen Click Maintenance > Tools > Configuration. Information related to factory defaults, backup configuration, and restoring configuration appears as shown next. Figure 38 Configuration 9.2.1 Backup Configuration Backup configuration allows you to back up (save) the G-1000 v2’s current configuration to a file on your computer.
ZyXEL G-1000 v2 User’s Guide After you see a “Restore Configuration successful” screen, you must then wait one minute before logging into the G-1000 v2 again. Figure 39 Configuration Restore Successful The G-1000 v2 automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop.
ZyXEL G-1000 v2 User’s Guide You can also press the RESET button on the rear panel to reset the factory defaults of your G1000 v2. Refer to the chapter about introducing the web configurator for more information on the RESET button. 9.3 Restart System restart allows you to reboot the G-1000 v2 without turning the power off. Click Maintenance > Tools > Restart. Click Restart to have the G-1000 v2 reboot. This does not affect the G-1000 v2's configuration.
ZyXEL G-1000 v2 User’s Guide 92 Chapter 9 Tools
ZyXEL G-1000 v2 User’s Guide CHAPTER 10 Introducing the SMT This chapter describes how to access the SMT and provides an overview of its menus. 10.1 Connect to your G-1000 v2 Using Telnet The following procedure details how to telnet into your G-1000 v2. 1 In Windows, click Start (usually in the bottom left corner), Run and then type “telnet 192.168.1.2” (the default IP address) and click OK. 2 For your first login, enter the default password “1234”.
ZyXEL G-1000 v2 User’s Guide 4 Type your new system password in the New Password field (up to 30 characters), and press [ENTER]. 5 Re-type your new system password in the Retype to confirm field for confirmation and press [ENTER]. Note that as you type a password, the screen displays an asterisk “*” for each character you type. 10.3 G-1000 v2 SMT Menus Overview The following table gives you an overview of your G-1000 v2’s various SMT menus. Table 37 SMT Menus Overview MENUS SUB MENUS 1 General Setup 1.
ZyXEL G-1000 v2 User’s Guide 10.4 Navigating the SMT Interface The SMT (System Management Terminal) is the interface that you use to configure your G1000 v2. Several operations that you should be familiar with before you attempt to modify the configuration are listed in the table below. Table 38 Main Menu Commands OPERATION KEYSTROKE DESCRIPTION Move down to another menu [ENTER] To move forward to a submenu, type in the number of the desired submenu and press [ENTER].
ZyXEL G-1000 v2 User’s Guide Figure 45 G-1000 v2 SMT Main Menu Copyright (c) 1994 - 2006 ZyXEL Communications Corp. G-1000v2 Main Menu Getting Started 1. General Setup 3. LAN Setup Advanced Management 22. SNMP Configuration 23. System Security 24. System Maintenance 99. Exit Enter Menu Selection Number: This menu is summarized below. Table 39 Main Menu Summary # MENU TITLE DESCRIPTION 1 General Setup Use this menu to set up your general information.
ZyXEL G-1000 v2 User’s Guide C H A P T E R 11 General Setup The chapter shows you the information on general setup. Menu 1 – General Setup contains administrative and system-related information (shown next). The System Name field is for identification purposes. It is recommended you type your computer's "Computer name". The Domain Name entry is what is propagated to the DHCP clients on the LAN.
ZyXEL G-1000 v2 User’s Guide Table 40 Menu 1 General Setup FIELD DESCRIPTION IP Address Enter the IP addresses of the DNS servers. This field is available when you select User-Defined in the field above. When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save your configuration, or press [ESC] at any time to cancel.
ZyXEL G-1000 v2 User’s Guide CHAPTER 12 LAN Setup This chapter shows you how to configure the LAN on your G-1000 v2. 12.1 LAN Setup This section describes how to configure the Ethernet using Menu 3 – LAN Setup. From the main menu, enter 3 to display menu 3. Figure 47 Menu 3 LAN Setup Menu 3 - LAN Setup 2. TCP/IP Setup 5. Wireless LAN Setup Enter Menu Selection Number: Detailed explanation about the LAN Setup menu is given in the next chapter. 12.2 TCP/IP Ethernet Setup Use menu 3.
ZyXEL G-1000 v2 User’s Guide Follow the instructions in the following table on how to configure the fields in this menu. Table 41 Menu 3.2 TCP/IP Setup FIELD DESCRIPTION IP Address Assignment Press [SPACE BAR] and then [ENTER] to select Dynamic to have the G-1000 v2 obtain an IP address from a DHCP server. You must know the IP address assigned to the G-1000 v2 (by the DHCP server) to access the G-1000 v2 again. Select Static to give the G-1000 v2 a fixed, unique IP address.
ZyXEL G-1000 v2 User’s Guide The following table describes the fields in this menu. Table 42 Menu 3.5 Wireless LAN Setup FIELD DESCRIPTION ESSID The ESSID (Extended Service Set IDentity) identifies the AP to which the wireless stations associate. Wireless stations associating to the AP must have the same ESSID. Enter a descriptive name of up to 32 printable 7-bit ASCII characters. This field is only available when you select Access Point or AP + Bridge in the Operating Mode field.
ZyXEL G-1000 v2 User’s Guide Table 42 Menu 3.5 Wireless LAN Setup FIELD DESCRIPTION 802.11 Mode Select B Only to allow only IEEE 802.11b compliant WLAN devices to associate with the G-1000 v2. Select G Only to allow only IEEE 802.11g compliant WLAN devices to associate with the G-1000 v2. Select Mixed to allow either IEEE802.11b or IEEE802.11g compliant WLAN devices to associate with the G-1000 v2. The transmission rate of your G-1000 v2 might be reduced.
ZyXEL G-1000 v2 User’s Guide Figure 51 Menu 3.5.1 WLAN MAC Address Filter Menu 3.5.
ZyXEL G-1000 v2 User’s Guide Figure 52 Menu 3.5 Wireless LAN Setup Menu 3.5 - Wireless LAN Setup ESSID= ZyXEL Hide ESSID= No Channel ID= CH06 2437MHz RTS Threshold= 2432 Frag. Threshold= 2432 WEP Encryption= 64-bit WEP Default Key= 1 Key1= ******** Key2= ******** Key3= ******** Key4= ******** Authen. Method= Auto Edit MAC Address Filter= No Edit Roaming Configuration= Yes Breathing LED= No 802.
ZyXEL G-1000 v2 User’s Guide CHAPTER 13 SNMP Configuration This chapter shows you how to use SMT to configure SNMP on the G-1000 v2. To configure SNMP, select option 22 from the main menu to open Menu 22 – SNMP Configuration as shown next. The “community” for Get, Set and Trap fields is SNMP terminology for password. Figure 54 Menu 22 SNMP Configuration Menu 22 - SNMP Configuration SNMP: Get Community= public Set Community= public Trusted Host= 0.0.0.0 Trap: Community= public Destination= 0.0.0.
ZyXEL G-1000 v2 User’s Guide 106 Chapter 13 SNMP Configuration
ZyXEL G-1000 v2 User’s Guide CHAPTER 14 System Security This chapter describes how to configure the system password, an external RADIUS server and 802.1x in SMT. 14.1 System Password Figure 55 Menu 23 System Security Menu 23 - System Security 1. Change Password 2. RADIUS Server 4. IEEE802.1x Enter Menu Selection Number: You should change the default password. If you forget your password you have to restore the default configuration file.
ZyXEL G-1000 v2 User’s Guide Figure 57 Menu 23.2 System Security: RADIUS Server Menu 23.2 - System Security - RADIUS Server Authentication Server: Active= Yes Server Address= 192.168.1.1 Port #= 1812 Shared Secret= ******** Accounting Server: Active= Yes Server Address= 192.168.1.3 Port #= 1812 Shared Secret= ******** The following table describes the fields in this menu. Table 46 Menu 23.
ZyXEL G-1000 v2 User’s Guide 14.3 802.1x The IEEE 802.1x standards outline enhanced security methods for both the authentication of wireless stations and encryption key management. Follow the steps below to enable EAP authentication on your G-1000 v2. 1 From the main menu, enter 23 to display Menu23 – System Security. Figure 58 Menu 23 System Security Menu 23 - System Security 1. Change Password 2. RADIUS Server 4. IEEE802.1x Enter Menu Selection Number: 2 Enter 4 to display Menu 23.
ZyXEL G-1000 v2 User’s Guide The following table describes the fields in this menu. Table 47 Menu 23.4 System Security: IEEE802.1x FIELD DESCRIPTION Wireless Port Control Press [SPACE BAR] and select a security mode for the wireless LAN access. Select No Authentication Required to allow any wireless stations access to your wired network without entering usernames and passwords. This is the default setting.
ZyXEL G-1000 v2 User’s Guide Table 47 Menu 23.4 System Security: IEEE802.1x FIELD DESCRIPTION Authentication Databases The authentication database contains wireless station login information. The local user database is the built-in database on the G-1000 v2. The RADIUS is an external server. Use this field to decide which database the G-1000 v2 should use (first) to authenticate a wireless station. Before you specify the priority, make sure you have set up the corresponding database correctly first.
ZyXEL G-1000 v2 User’s Guide 112 Chapter 14 System Security
ZyXEL G-1000 v2 User’s Guide CHAPTER 15 System Information and Diagnosis This chapter covers the information and diagnostic tools in SMT menus 24.1 to 24.4. These tools include updates on system status, port status, log and trace capabilities and upgrades for the system software. This chapter describes how to use these tools in detail. Type 24 in the main menu and press [ENTER] to open Menu 24 – System Maintenance, as shown in the following figure.
ZyXEL G-1000 v2 User’s Guide The following table describes the fields present in Menu 24.1 – System Maintenance – Status which are read-only and meant for diagnostic purposes. Figure 61 Menu 24.1 System Maintenance: Status Port Status Ethernet Down Wireless 54M Menu 24.1 - System Maintenance - Status 04:35:01 Sat. Jan.
ZyXEL G-1000 v2 User’s Guide 15.2 System Information To get to the System Information: 1 Enter 24 to display Menu 24 – System Maintenance. 2 Enter 2 to display Menu 24.2 – System Information and Console Port Speed. 3 From this menu you have two choices as shown in the next figure: Figure 62 Menu 24.2 System Information and Console Port Speed Menu 24.2 - System Information and Console Port Speed 1. System Information 2.
ZyXEL G-1000 v2 User’s Guide Table 49 Menu 24.2.1 System Maintenance: Information FIELD DESCRIPTION ZyNOS F/W Version Refers to the ZyNOS (ZyXEL Network Operating System) system firmware version. ZyNOS is a registered trademark of ZyXEL Communications Corporation. Country Code Refers to the country code of the firmware. LAN Ethernet Address Refers to the Ethernet MAC (Media Access Control) of your G-1000 v2. IP Address This is the IP address of the G-1000 v2 in dotted decimal notation.
ZyXEL G-1000 v2 User’s Guide Figure 65 Menu 24.3 Log and Trace Menu 24.3 - System Maintenance - Log and Trace 2. Syslog Logging Please enter selection: Note: The console port is internal and reserved for technician use only. 15.3.1 Syslog Logging Enter 2 in menu 24.2 to display the screen shown next. Figure 66 Menu 24.3.2 System Maintenance - Syslog Logging Menu 24.3.2 - System Maintenance - Syslog Logging Syslog: Active= No Syslog Server IP Address= 0.0.0.
ZyXEL G-1000 v2 User’s Guide Figure 67 Menu 24.4 System Maintenance: Diagnostic Menu 24.4 - System Maintenance - Diagnostic TCP/IP 1. Ping Host 2. DHCP Release 3. DHCP Renewal System 11. Reboot System Enter Menu Selection Number: Host IP Address= N/A Follow the procedure next to get to display this menu: 1 From the main menu, type 24 to open Menu 24 – System Maintenance. 2 From this menu, type 4. Diagnostic to open Menu 24.4 – System Maintenance – Diagnostic.
ZyXEL G-1000 v2 User’s Guide CHAPTER 16 Firmware and Configuration File Maintenance This chapter tells you how to backup and restore your configuration file as well as upload new firmware and configuration files using the SMT screens. 16.1 Filename Conventions The configuration file (often called the romfile or rom-0) contains the factory default settings in the menus such as password and TCP/IP Setup, etc. It arrives from ZyXEL with a rom filename extension.
ZyXEL G-1000 v2 User’s Guide The following table is a summary. Please note that the internal filename refers to the filename on the G-1000 v2 and the external filename refers to the filename not on the G-1000 v2, that is, on your computer, local network or FTP site and so the name (but not the extension) will vary. After uploading new firmware see the ZyNOS F/W Version field in Menu 24.2.1 – System Maintenance – Information to confirm that you have uploaded the correct firmware version.
ZyXEL G-1000 v2 User’s Guide Figure 68 Menu 24.5 Backup Configuration Menu 24.5 – Backup Configuration To transfer the configuration file to your workstation, follow the procedure below: 1. Launch the FTP client on your workstation. 2. Type "open" and the IP address of your router. Then type "root" and SMT password as requested. 3. Locate the ‘rom-0’ file. 4. Type ‘get rom-0’ to back up the current router configuration to your workstation.
ZyXEL G-1000 v2 User’s Guide The following table describes some of the commands that you may see in third party FTP clients. Table 53 General Commands for Third Party FTP Clients COMMAND DESCRIPTION Host Address Enter the address of the host server. Login Type Anonymous. This is when a user I.D. and password is automatically supplied to the server for anonymous access. Anonymous logins will work only if your ISP or service administrator has enabled this option. Normal.
ZyXEL G-1000 v2 User’s Guide 16.2.4 Example: TFTP Command The following is an example TFTP command: TFTP [-i] host get rom-0 config.rom where “i” specifies binary image transfer mode (use this mode when transferring binary files), “host” is the G-1000 v2 IP address, “get” transfers the file source on the G-1000 v2 (rom-0 name of the configuration file on the G-1000 v2) to the file destination on the computer and renames it config.rom.
ZyXEL G-1000 v2 User’s Guide 3 Run the HyperTerminal program by clicking Transfer, then Receive File as shown in the following screen. Figure 72 Backup Configuration Example Type a location for storing the configuration file or click Browse to look for one. Choose the Xmodem protocol. Then click Receive. 4 After a successful backup you will see the following screen. Press any key to return to the SMT menu. Figure 73 Successful Backup Confirmation Screen ** Backup Configuration completed. OK.
ZyXEL G-1000 v2 User’s Guide CHAPTER 17 System Maintenance and Information This chapter leads you through SMT menus 24.8 and 24.10. 17.1 Command Interpreter Mode The Command Interpreter (CI) is a part of the main system firmware. The CI provides much of the same functionality as the SMT, while adding some low-level setup and diagnostic functions. Enter the CI from the SMT by selecting menu 24.8. See the included disk or the zyxel.com web site for more detailed information on CI commands.
ZyXEL G-1000 v2 User’s Guide 17.2 Time and Date Setting The G-1000 v2 keeps track of the time and date. There is also a software mechanism to set the time manually or get the current time and date from an external server when you turn on your G-1000 v2. Menu 24.10 allows you to update the time and date settings of your G-1000 v2. The real time is then displayed in the G-1000 v2 error logs. 1 Select menu 24 in the main menu to open Menu 24 – System Maintenance. 2 Then enter 10 to go to Menu 24.
ZyXEL G-1000 v2 User’s Guide Table 55 System Maintenance: Time and Date Setting FIELD DESCRIPTION Time Zone Press [SPACE BAR] and then [ENTER] to set the time difference between your time zone and Greenwich Mean Time (GMT). Daylight Saving If you use daylight savings time, then choose Yes. Start Date If using daylight savings time, enter the month and day that it starts on.
ZyXEL G-1000 v2 User’s Guide 17.3.4 Remote Management Setup Remote management setup is for managing Telnet, FTP and Web services. You can customize the service port, access interface and the secured client IP address to enhance security and flexibility. You may manage your G-1000 v2 from a remote location via: the Internet (WAN only), the LAN only, All (LAN and WAN) or Disable (neither).
ZyXEL G-1000 v2 User’s Guide The following table describes the fields in this menu. Table 57 Menu 24.11 Remote Management Control FIELD TELNET Server: FTP Server: Web Server: SNMP Service: DNS Service: DESCRIPTION Each of these read-only labels denotes a server or service that you may use to remotely manage the G-1000 v2. Port This field shows the port number for the remote management service.
ZyXEL G-1000 v2 User’s Guide 17.5 System Timeout There is a system timeout of five minutes (300 seconds) for Telnet/web/FTP connections. Your G-1000 v2 will automatically log you out if you do nothing in this timeout period, except when it is continuously updating the status in menu 24.1 or when sys stdio has been changed on the command line.
ZyXEL G-1000 v2 User’s Guide CHAPTER 18 Troubleshooting This chapter covers potential problems and possible remedies. After each problem description, some instructions are provided to help you to diagnose and solve the problem. Problems Starting Up the G-1000 v2 Table 58 Troubleshooting the Start-Up of Your G-1000 v2 PROBLEM CORRECTIVE ACTION None of the lights Make sure you are using the supplied power adaptor and that it is plugged in to an turn on when I plug in appropriate power source.
ZyXEL G-1000 v2 User’s Guide Problems with the Password Table 60 Troubleshooting the Password PROBLEM CORRECTIVE ACTION I cannot access the The Password and Username fields are case-sensitive. Make sure that you enter the G-1000 v2. correct password and username using the proper casing. Use the RESET button on the top panel of the G-1000 v2 to restore the factory default configuration file (hold this button in for about 10 seconds or until the link light turns red).
ZyXEL G-1000 v2 User’s Guide APPENDIX A Product Specifications See also the Introduction chapter for a general overview of the key features. Specification Tables Table 62 Hardware Default IP Address 192.168.1.2 Default Subnet Mask 255.255.255.0 (24 bits) Default Password 1234 Dimensions (152 W) x (92 D) x (45 H) mm Weight 300g Power Specification 12V DC 1A Max Ethernet Interface One auto-negotiating MDI/MDI-X 10/100 Mbps RJ-45 Ethernet port Wireless LAN Interface One IEEE 802.
ZyXEL G-1000 v2 User’s Guide Table 63 Firmware (continued) 134 Management Embedded Web Configurator CLI (Command Line Interpreter) Remote Management via Telnet or Web SMT (System Management Terminal) SNMP Management Embedded FTP/TFTP server for firmware downloading, configuration backup and restoration with large rom file support Syslog Built-in Diagnostic Tools for FLASH memory, DRAM, LAN ports and wireless ports Wireless Network Standard IEEE 802.11bCompliance IEEE 802.
ZyXEL G-1000 v2 User’s Guide APPENDIX B Brute-Force Password Guessing Protection The following describes the commands for enabling, disabling and configuring the brute-force password guessing protection mechanism for the password. See Appendix F for information on the command structure. Table 64 Brute-Force Password Guessing Protection Commands COMMAND DESCRIPTION sys pwderrtm This command displays the brute-force guessing password protection settings.
ZyXEL G-1000 v2 User’s Guide 136
ZyXEL G-1000 v2 User’s Guide APPENDIX C Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ IP on your computer. Windows 3.1 requires the purchase of a third-party TCP/IP application package.
ZyXEL G-1000 v2 User’s Guide Figure 79 WIndows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add. 2 Select Adapter and then click Add. 3 Select the manufacturer and model of your network adapter and then click OK. If you need TCP/IP: 1 In the Network window, click Add.
ZyXEL G-1000 v2 User’s Guide 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click OK. 5 Restart your computer so the changes you made take effect. Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab. • • If your IP address is dynamic, select Obtain an IP address automatically.
ZyXEL G-1000 v2 User’s Guide Figure 81 Windows 95/98/Me: TCP/IP Properties: DNS Configuration 4 Click the Gateway tab. • • If you do not know your gateway’s IP address, remove previously installed gateways. If you have a gateway IP address, type it in the New gateway field and click Add. 5 Click OK to save and close the TCP/IP Properties window. 6 Click OK to close the Network window. Insert the Windows CD if prompted. 7 Turn on your G-1000 v2 and restart your computer when prompted.
ZyXEL G-1000 v2 User’s Guide Figure 82 Windows XP: Start Menu 2 For Windows XP, click Network Connections. For Windows 2000/NT, click Network and Dial-up Connections. Figure 83 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties.
ZyXEL G-1000 v2 User’s Guide Figure 84 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties. Figure 85 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). • 142 If you have a dynamic IP address click Obtain an IP address automatically.
ZyXEL G-1000 v2 User’s Guide • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields. Click Advanced. Figure 86 Windows XP: Advanced TCP/IP Settings 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: • • • • • • • • In the IP Settings tab, in IP addresses, click Add.
ZyXEL G-1000 v2 User’s Guide • • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields. If you have previously configured DNS servers, click Advanced and then the DNS tab to order them.
ZyXEL G-1000 v2 User’s Guide Figure 88 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 89 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list.
ZyXEL G-1000 v2 User’s Guide 4 For statically assigned settings, do the following: • • • • From the Configure box, select Manually. Type your IP address in the IP Address box. Type your subnet mask in the Subnet mask box. Type the IP address of your G-1000 v2 in the Router address box. 5 Close the TCP/IP Control Panel. 6 Click Save if prompted, to save changes to your configuration. 7 Turn on your G-1000 v2 and restart your computer (if prompted).
ZyXEL G-1000 v2 User’s Guide Figure 91 Macintosh OS X: Network 4 For statically assigned settings, do the following: • • • • From the Configure box, select Manually. Type your IP address in the IP Address box. Type your subnet mask in the Subnet mask box. Type the IP address of your G-1000 v2 in the Router address box. 5 Click Apply Now and close the window. 6 Turn on your G-1000 v2 and restart your computer (if prompted). Verifying Settings Check your TCP/IP properties in the Network window.
ZyXEL G-1000 v2 User’s Guide 148
ZyXEL G-1000 v2 User’s Guide APPENDIX D IP Address Assignment Conflicts This appendix describes situations where IP address conflicts may occur. Subscribers with duplicate IP addresses will not be able to access the Internet. Case A: The G-1000 v2 is using the same LAN and WAN IP addresses The following figure shows an example where the G-1000 v2 is using a WAN IP address that is the same as the IP address of a computer on the LAN.
ZyXEL G-1000 v2 User’s Guide To solve this problem, make sure the G-1000 v2 LAN IP address is not in the DHCP IP address pool. Case C: The Subscriber IP address is the same as the IP address of a network device The following figure depicts an example where the subscriber IP address is the same as the IP address of a network device not attached to the G-1000 v2.
ZyXEL G-1000 v2 User’s Guide Figure 95 IP Address Conflicts: Case D This problem can be solved by adding a VLAN-enabled switch or set the computers to obtain IP addresses dynamically.
ZyXEL G-1000 v2 User’s Guide 152
ZyXEL G-1000 v2 User’s Guide APPENDIX E IP Subnetting IP Addressing Routers “route” based on the network number. The router that delivers the data packet to the correct destination host uses the host ID. IP Classes An IP address is made up of four octets (eight bits), written in dotted decimal notation, for example, 192.168.1.1. IP addresses are categorized into different classes. The class of an address depends on the value of its first octet. • Class “A” addresses have a 0 in the left most bit.
ZyXEL G-1000 v2 User’s Guide Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a value of 0 to 127. Similarly the first octet of a class “B” must begin with “10”, therefore the first octet of a class “B” address has a valid range of 128 to 191. The first octet of a class “C” address begins with “110”, and therefore has a range of 192 to 223.
ZyXEL G-1000 v2 User’s Guide Since the mask is always a continuous number of ones beginning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet. This is usually specified by writing a “/” followed by the number of bits in the mask after the address. For example, 192.1.1.0 /25 is equivalent to saying 192.1.1.0 with mask 255.255.255.128.
ZyXEL G-1000 v2 User’s Guide last octet bit values indicate host ID bits “borrowed” to form network ID bits. The number of “borrowed” host ID bits determines the number of subnets you can have. The remaining number of host ID bits (after “borrowing”) determines the number of hosts you can have on each subnet. Table 70 Subnet 1 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 0 IP Address (Binary) 11000000.10101000.00000001. 00000000 Subnet Mask 255.255.255.
ZyXEL G-1000 v2 User’s Guide Example: Four Subnets The above example illustrated using a 25-bit subnet mask to divide a class “C” address space into two subnets. Similarly to divide a class “C” address into four subnets, you need to “borrow” two host ID bits to give four possible combinations of 00, 01, 10 and 11. The subnet mask is 26 bits (11111111.11111111.11111111.11000000) or 255.255.255.192.
ZyXEL G-1000 v2 User’s Guide Table 75 Subnet 4 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 192 IP Address (Binary) 11000000.10101000.00000001. 11000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.192 Lowest Host ID: 192.168.1.193 Broadcast Address: 192.168.1.255 Highest Host ID: 192.168.1.254 Example Eight Subnets Similarly use a 27-bit mask to create 8 subnets (001, 010, 011, 100, 101, 110).
ZyXEL G-1000 v2 User’s Guide Subnetting With Class A and Class B Networks. For class “A” and class “B” addresses the subnet mask also determines which bits are part of the network number and which are part of the host ID. A class “B” address has two host ID octets available for subnetting and a class “A” address has three host ID octets (see Table 65) available for subnetting. The following table is a summary for class “B” subnet planning. Table 78 Class B Subnet Planning NO.
ZyXEL G-1000 v2 User’s Guide 160
ZyXEL G-1000 v2 User’s Guide APPENDIX F Command Interpreter The following describes how to use the command interpreter. Enter 24 in the main menu to bring up the system maintenance menu. Enter 8 to go to Menu 24.8 - Command Interpreter Mode. See the included disk or zyxel.com for more detailed information on these commands. Note: Use of undocumented commands or misconfiguration can damage the unit and possibly render it unusable. Command Syntax • • • • • The command keywords are in courier new font.
ZyXEL G-1000 v2 User’s Guide 162
ZyXEL G-1000 v2 User’s Guide APPENDIX G Log Descriptions This appendix provides descriptions of example log messages Table 79 System Error Logs LOG MESSAGE DESCRIPTION %s exceeds the max. number of session per host! This attempt to create a NAT session exceeds the maximum number of NAT session table entries allowed to be created per host. .
ZyXEL G-1000 v2 User’s Guide Table 81 ICMP Notes (continued) TYPE CODE DESCRIPTION 3 Port unreachable 4 A packet that needed fragmentation was dropped because it was set to Don't Fragment (DF) 5 Source route failed Source Quench 4 0 A gateway may discard internet datagrams if it does not have the buffer space needed to queue the datagrams for output to the next network on the route to the destination network.
ZyXEL G-1000 v2 User’s Guide Configuring What You Want the G-1000 v2 to Log Use the sys logs load command to load the log setting buffer that allows you to configure which logs the G-1000 v2 is to record.
ZyXEL G-1000 v2 User’s Guide Log Command Example This example shows how to set the G-1000 v2 to record the error logs and alerts and then view the results. ras> sys logs load ras> sys logs category error 3 ras> sys logs save ras> sys logs display access # .time source destination notes message 0|11/11/2002 15:10:12 |172.22.3.80:137 |172.22.255.255:137 |ACCESS BLOCK Firewall default policy: UDP(set:8) 1|11/11/2002 15:10:12 |172.21.4.17:138 |172.21.255.
ZyXEL G-1000 v2 User’s Guide APPENDIX H Wireless LAN and IEEE 802.11 A wireless LAN (WLAN) provides a flexible data communications system that you can use to access various services (navigating the Internet, email, printer services, etc.) without the use of a cabled connection. In effect a wireless LAN environment provides you the freedom to stay connected to the network while roaming around in the coverage area.
ZyXEL G-1000 v2 User’s Guide Figure 96 IBSS (Ad-hoc) Wireless LAN BSS A Basic Service Set (BSS) exists when all communications between wireless stations or between a wireless station and a wired network client go through one access point (AP). Intra-BSS traffic is traffic between wireless stations in the BSS. When Intra-BSS is enabled, wireless station A and B can access the wired network and communicate with each other.
ZyXEL G-1000 v2 User’s Guide Figure 97 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). An ESSID (ESS IDentification) uniquely identifies each ESS. All access points and their associated wireless stations within the same ESS must have the same ESSID in order to communicate.
ZyXEL G-1000 v2 User’s Guide Figure 98 Extended Service Set Wireless LAN Basics RTS/CTS A hidden node occurs when two stations are within range of the same access point, but are not within range of each other. The following figure illustrates a hidden node. Both stations (STA) are within range of the access point (AP) or wireless gateway, but out-of-range of each other, so they cannot “hear” each other, that is they do not know if the channel is currently being used.
ZyXEL G-1000 v2 User’s Guide When station A sends data to the G-1000 v2, it might not know that station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations. RTS/CTS is designed to prevent collisions due to hidden nodes.
ZyXEL G-1000 v2 User’s Guide IEEE 802.11 The 1997 completion of the IEEE 802.11 standard for wireless LANs (WLANs) was a first important step in the evolutionary development of wireless networking technologies. The standard was developed to maximize interoperability between differing brands of wireless LANs as well as to introduce a variety of performance improvements and benefits. The IEEE 802.
ZyXEL G-1000 v2 User’s Guide APPENDIX I Wireless LAN Security As wireless networks become popular for both portable computing and corporate networks, security is now a priority. IEEE 802.11g Wireless LAN IEEE 802.11g is fully compatible with the IEEE 802.11b standard. This means an IEEE 802.11b adapter can interface directly with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range. IEEE 802.11g has several intermediate rate steps between the maximum and minimum data rates.
ZyXEL G-1000 v2 User’s Guide RADIUS RADIUS is based on a client-server model that supports authentication, authorization and accounting. The access point is the client and the server is the RADIUS server. The RADIUS server handles the following tasks: • Authentication Determines the identity of the users. • Authorization Determines the network services available to authenticated users once they are connected to the network. • Accounting Keeps track of the client’s network activity.
ZyXEL G-1000 v2 User’s Guide In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password, they both know. The key is not sent over the network. In addition to the shared key, password information exchanged is also encrypted to protect the network from unauthorized access. Types of Authentication This appendix discusses some popular authentication types: EAP-MD5, EAP-TLS, EAPTTLS, PEAP and LEAP.
ZyXEL G-1000 v2 User’s Guide PEAP (Protected EAP) Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is implemented only by Cisco.
ZyXEL G-1000 v2 User’s Guide Figure 100 WEP Authentication Steps Open system authentication involves an unencrypted two-message procedure. A wireless station sends an open system authentication request to the AP, which will then automatically accept and connect the wireless station to the network. In effect, open system is not authentication at all as any station can gain access to the network. Shared key authentication involves a four-message procedure.
ZyXEL G-1000 v2 User’s Guide WPA(2) Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. Key differences between WPA(2) and WEP are improved data encryption and user authentication. If both an AP and the wireless clients support WPA2 and you have an external RADIUS server, use WPA2 for stronger data encryption.
ZyXEL G-1000 v2 User’s Guide By generating unique data encryption keys for every data packet and by creating an integrity checking mechanism (MIC), with TKIP and AES it is more difficult to decrypt data on a Wi-Fi network than WEP and difficult for an intruder to break into the network. The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same. The only difference between the two is that WPA(2)-PSK uses a simple common password, instead of user-specific credentials.
ZyXEL G-1000 v2 User’s Guide 2 The RADIUS server then checks the user's identification against its database and grants or denies network access accordingly. 3 The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then sets up a key hierarchy and management system, using the pair-wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients.
ZyXEL G-1000 v2 User’s Guide Security Parameters Summary • Refer to this table to see what other security parameters you should configure for each Authentication Method/ key management protocol type. MAC address filters are not dependent on how you configure these security features. Table 86 Wireless Security Relational Matrix AUTHENTICATION ENCRYPTION ENTER METHOD/ KEY METHOD MANUAL KEY MANAGEMENT PROTOCOL Open None No IEEE 802.
ZyXEL G-1000 v2 User’s Guide Figure 102 Sequences for EAP MD5–Challenge Authentication Mutual Authentication with Internal RADIUS server. Microsofts Challenge-Handshake Authentication Protocol (MS-CHAP V2) is used to periodically verify the identity of the peer (station or other AP) using a three-way handshake. The following figure depicts a typical wireless network with a G-1000 v2 RADIUS server for user authentication using PEAP (Protected EAP) and MS-CHAP V2.
ZyXEL G-1000 v2 User’s Guide Figure 103 Sequences for PEAP, MS–CHAP V2 Authentication 183
ZyXEL G-1000 v2 User’s Guide 184
ZyXEL G-1000 v2 User’s Guide APPENDIX J Types of EAP Authentication This appendix discusses popular EAP authentication types. The type of authentication you use depends on the RADIUS server or the AP. Consult your network administrator for more information. EAP-MD5 (Message-Digest Algorithm 5) MD5 authentication is the simplest one-way authentication method. The authentication server sends a challenge to the wireless station.
ZyXEL G-1000 v2 User’s Guide PEAP (Protected EAP) Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is implemented only by Cisco.
ZyXEL G-1000 v2 User’s Guide APPENDIX K Antenna Selection and Positioning Recommendation An antenna couples RF signals onto air. A transmitter within a wireless device sends an RF signal to the antenna, which propagates the signal through the air. The antenna also operates in reverse by capturing RF signals from the air. Choosing the right antennas and positioning them properly increases the range and coverage area of a wireless LAN. Antenna Characteristics Frequency An antenna in the frequency of 2.
ZyXEL G-1000 v2 User’s Guide Types of Antennas For WLAN There are two types of antennas used for wireless LAN applications. • Omni-directional antennas send the RF signal out in all directions on a horizontal plane. The coverage area is torus-shaped (like a donut) which makes these antennas ideal for a room environment. With a wide coverage area, it is possible to make circular overlapping coverage areas with multiple access points.
ZyXEL G-1000 v2 User’s Guide Index Numerics 110V AC 6 230V AC 6 A Abnormal Working Conditions 7 AC 6 access point 49 access point. See also AP. Accessories 6 Acts of God 7 Advanced Encryption Standard 178 Airflow 6 Alternative Subnet Mask Notation 155 American Wire Gauge 6 Antenna Directional 188 Omni-directional 188 Antenna gain 187 AP 49 AP. See also access point.
ZyXEL G-1000 v2 User’s Guide C CA 175, 185 Cables, Connecting 6 Certificate Authority 175, 185 Certifications 5 channel 49 Channel ID 53, 101 Charge 7 Circuit 4 Class B 4 Collision 114 Command Interpreter 125 Communications 4 Community 105 Compliance, FCC 4 Components 7 Condition 7 Connecting Cables 6 Consequential Damages 7 Contact Information 8 Contacting Customer Support 8 Copyright 3 Correcting Interference 4 Corrosive Liquids 6 Covers 6 CPU Load 114 Customer Support 8 D Damage 6 Dampness 6 Danger 6 D
ZyXEL G-1000 v2 User’s Guide Dust 6 Dynamic WEP Key Exchange 176 E EAP 29 EAP Authentication 175, 185 Electric Shock 6 Electrical Pipes 6 Electrocution 6 embedded help 35 Encryption 178 encryption 51 Equal Value 7 ESS 169 Europe 6 Exposure 6 Extended Service Set 169 Extended Service Set IDentification 53 F Failure 7 FCC 4 Rules, Part 15 4 FCC Rules 4 Federal Communications Commission 4 FHSS 172 Filename Conventions 119 Finland, Contact Information 8 firmware 87 upgrade 87 upload 87 upload error 88 Fitnes
ZyXEL G-1000 v2 User’s Guide G Gas Pipes 6 General Setup 41, 75, 97 General wireless LAN screen 53 Germany, Contact Information 8 God, act of 7 H Harmful Interference 4 Hidden Menus 95 hide SSID 50 High Voltage Points 6 Host 76 Host IDs 153 HTTP (Hypertext Transfer Protocol) 87 HyperTerminal program 123 I IBSS 167 IEEE 802.11g 173 max frame burst 52 IEEE 802.
ZyXEL G-1000 v2 User’s Guide License 3 Lightning 6 Link type 114 Liquids, Corrosive 6 local (user) database 51 Log Descriptions 163 Logs 81 M MAC address 50 MAC address filter 50 weaknesses 50 MAC Address Filter Action 61, 103 MAC Address Filtering 60, 102 MAC Filter 60 MAC Filtering 29 Main Menu 95 Management Information Base (MIB) 72 Materials 7 max frame burst 52 Merchantability 7 Message Integrity Check (MIC) 178 N navigating the web configurator 35 Network Management 30 New 7 North America 6 North A
ZyXEL G-1000 v2 User’s Guide P Packets 114 Pairwise Master Key (PMK) 178 Parts 7 Password 93, 105 Patent 3 Permission 3 Photocopying 3 Ping 118 Pipes 6 Pool 6 Postage Prepaid.
ZyXEL G-1000 v2 User’s Guide Rate Receiving 114 Transmission 114 Receiving Antenna 4 Registered 3 Registered Trademark 3 Regular Mail 8 Related Documentation 25 Relocate 4 Re-manufactured 7 Remote Authentication Dial In User Service 29 Remote Management Limitations 67, 129 Remote Management Setup 128 Remote Node 114 Removing 6 Reorient 4 Repair 6, 7 Replace 7 Replacement 7 Reproduction 3 Required fields 95 Reset Button 27 Restore 7, 89 Return Material Authorization (RMA) Number 7 Returned Products 7 Return
ZyXEL G-1000 v2 User’s Guide Shock, Electric 6 SMT Menu Overview 94 SMTP Error Messages 84 SNMP 30, 71 Community 105 Manager 72 MIBs 72 Trusted Host 105 Spain, Contact Information 9 SSID 49, 50 hide 50 SSID security 50 weaknesses 50 SSL Passthrough 29 STP (Spanning Tree Protocol) 29 Subnet Mask 100, 116 Subnet Masks 154 Subnetting 154 Supply Voltage 6 Support E-mail 8 Sweden, Contact Information 9 Swimming Pool 6 Syntax Conventions 26 System Console Port Speed 116 Diagnostic 117 System Information 115 Syst
ZyXEL G-1000 v2 User’s Guide Thunderstorm 6 Time and Date Setting 126 Time Zone 127 Trademark 3 Trademark Owners 3 Trademarks 3 Translation 3 Troubleshooting Accessing ZyAIR 132 Ethernet Port 131 Start-Up 131 TV Technician 4 U Undesired Operations 4 User Authentication 179 user authentication 50 local (user) database 51 RADIUS server 51 weaknesses 51 V Valid CI Commands 125 Value 7 Vendor 6 Ventilation Slots 6 Viewing Certifications 5 Voltage Supply 6 Voltage, High 6 W Wall Mount 6 Warnings 6 Warranty 7
ZyXEL G-1000 v2 User’s Guide WEP Encryption 29, 57, 101 WEP encryption 55 Wet Basement 6 Wi-Fi Protected Access 28, 178 wireless client 49 Wireless Client WPA Supplicants 179 Wireless LAN 100, 167 Wireless LAN Setup 100 wireless network 49 basic guidelines 49 wireless networks channel 49 encryption 51 MAC address filter 50 security 49 SSID 49 user authentication 50 wireless security 49 Wizard Setup 41, 42 WLAN 167 Security parameters 181 Workmanship 7 Worldwide Contact Information 8 WPA 28, 178 WPA2 28, 17
