ZyXEL G-560 802.11g Wireless Access Point User’s Guide Version 3.
ZyXEL G-560 User’s Guide Copyright Copyright © 2005 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation.
ZyXEL G-560 User’s Guide Federal Communications Commission (FCC) Interference Statement This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions: • This device may not cause harmful interference. • This device must accept any interference received, including interference that may cause undesired operations. This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules.
ZyXEL G-560 User’s Guide Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada. Certifications 1 Go to www.zyxel.com. 2 Select your product from the drop-down list box on the ZyXEL home page to go to that product's page. 3 Select the certification you wish to view from this page.
ZyXEL G-560 User’s Guide Safety Warnings For your safety, be sure to read and follow all warning notices and instructions. • Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks. ONLY qualified service personnel can service the device. Please contact your vendor for further information. • Connect the power cord to the right supply voltage (110V AC in North America or 230V AC in Europe).
ZyXEL G-560 User’s Guide ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase.
ZyXEL G-560 User’s Guide Customer Support Please have the following information ready when you contact customer support. • • • • Product model and serial number. Warranty Information. Date that you received your device. Brief description of the problem and the steps you took to solve it. METHOD SUPPORT E-MAIL TELEPHONEA WEB SITE FAX FTP SITE REGULAR MAIL LOCATION CORPORATE HEADQUARTERS (WORLDWIDE) CZECH REPUBLIC DENMARK FINLAND SALES E-MAIL support@zyxel.com.tw +886-3-578-3942 sales@zyxel.com.
ZyXEL G-560 User’s Guide TELEPHONEA WEB SITE SALES E-MAIL FAX FTP SITE support@zyxel.co.uk +44 (0) 1344 303044 08707 555779 (UK only) www.zyxel.co.uk sales@zyxel.co.uk +44 (0) 1344 303034 ftp.zyxel.co.uk METHOD SUPPORT E-MAIL REGULAR MAIL LOCATION UNITED KINGDOM ZyXEL Communications UK Ltd.,11 The Courtyard, Eastern Road, Bracknell, Berkshire, RG12 2XB, United Kingdom (UK) a. “+” is the (prefix) number you enter to make an international telephone call.
ZyXEL G-560 User’s Guide 10 Customer Support
ZyXEL G-560 User’s Guide Table of Contents Copyright .................................................................................................................. 3 Federal Communications Commission (FCC) Interference Statement ............... 4 Safety Warnings ....................................................................................................... 6 ZyXEL Limited Warranty.......................................................................................... 7 Customer Support.......
ZyXEL G-560 User’s Guide Chapter 3 Introducing the Web Configurator........................................................................ 37 3.1 Web Configurator Overview ...............................................................................37 3.2 Accessing the G-560 Web Configurator .............................................................37 3.3 Configuring the G-560 Using the Wizard ...........................................................39 3.3.1 Basic Settings .........................
ZyXEL G-560 User’s Guide 6.4.1 Access Point Mode ...................................................................................58 6.4.2 Access Point + Bridge Mode ....................................................................61 6.4.2.1 Bridge Loop .....................................................................................61 6.4.2.2 Configuring Access Point + Bridge Mode ........................................63 6.5 Wireless Security Overview ............................................
ZyXEL G-560 User’s Guide 7.4 Configuration Screen .........................................................................................87 7.4.1 Backup Configuration ...............................................................................88 7.4.2 Restore Configuration ...............................................................................88 7.4.3 Back to Factory Defaults ...........................................................................89 7.5 F/W Upload Screen ....................
ZyXEL G-560 User’s Guide List of Figures Figure 1 WDS Functionality Example ................................................................................. 23 Figure 2 Internet Access Application ................................................................................... 26 Figure 3 Corporation Network Application .......................................................................... 27 Figure 4 AP+Bridge Application ............................................................................
ZyXEL G-560 User’s Guide Figure 39 WPA(2)-PSK Authentication ............................................................................... 72 Figure 40 WPA with RADIUS Application Example ............................................................ 73 Figure 41 Wireless Security: Disable .................................................................................. 74 Figure 42 Wireless Security: WEP ......................................................................................
ZyXEL G-560 User’s Guide Figure 82 Windows XP: Internet Protocol (TCP/IP) Properties ........................................... 109 Figure 83 Windows XP: Advanced TCP/IP Properties ........................................................ 110 Figure 84 Windows XP: Internet Protocol (TCP/IP) Properties ........................................... 111 Figure 85 Macintosh OS 8/9: Apple Menu .......................................................................... 112 Figure 86 Macintosh OS 8/9: TCP/IP ........
ZyXEL G-560 User’s Guide 18 List of Figures
ZyXEL G-560 User’s Guide List of Tables Table 1 Front Panel LED Description ................................................................................. 28 Table 2 Factory Defaults .................................................................................................... 35 Table 3 Status ..................................................................................................................... 46 Table 4 Status: View Statistics .....................................................
ZyXEL G-560 User’s Guide Table 39 Subnet 2 .............................................................................................................. 137 Table 40 Subnet 3 .............................................................................................................. 137 Table 41 Subnet 4 .............................................................................................................. 138 Table 42 Eight Subnets .................................................................
ZyXEL G-560 User’s Guide Preface Congratulations on your purchase from the ZyXEL G-560 802.11g Wireless Access Point. Note: Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com for North American products. An access point (AP) acts as a bridge between the wireless and wired networks, extending your existing wired network without any additional wiring.
ZyXEL G-560 User’s Guide • The ZyXEL G-560 802.11g Wireless Access Point may be referred to simply as the G560 in the user's guide.
ZyXEL G-560 User’s Guide CHAPTER 1 Getting to Know Your G-560 This chapter introduces the main features and applications of the G-560. 1.1 Introducing the G-560 Wireless Access Point The G-560 is an access point (AP) through which wireless stations can communicate and/or access a wired network. It can also work as a bridge to extend your wireless network. The G560 uses IEEE 802.
ZyXEL G-560 User’s Guide OTIST (One-Touch Intelligent Security Technology) OTIST allows your G-560 to assign its SSID and security settings (WEP or WPA-PSK) to the ZyXEL wireless adapters that support OTIST and are within transmission range. The ZyXEL wireless adapters must also have OTIST enabled. 10/100M Auto-negotiating Ethernet/Fast Ethernet Interface This auto-negotiating feature allows the G-560 to detect the speed of incoming transmissions and adjust appropriately without manual intervention.
ZyXEL G-560 User’s Guide SSL Passthrough The G-560 allows SSL connections to go through the G-560. SSL (Secure Sockets Layer) uses a public key to encrypt data that's transmitted over an SSL connection. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, URLs that require an SSL connection start with "https" instead of "http".
ZyXEL G-560 User’s Guide Limit the Number of Client Connections You may set a maximum number of wireless stations that may connect to the G-560. This may be necessary if for example, there is interference or difficulty with channel assignment due to a high density of APs within a coverage area. 1.3 Applications for the G-560 Here are some application examples of what you can do with your G-560. 1.3.1 Access Point 1.3.1.
ZyXEL G-560 User’s Guide Figure 3 Corporation Network Application 1.3.2 Access Point + Bridge In Access Point + Bridge mode, the G-560 supports both AP (A and B can connect to the wired network through X) and bridge (X can communicate with Y) connection at the same time. The G-560 can act as a wireless network bridge and establish wireless links with other APs.
ZyXEL G-560 User’s Guide Figure 4 AP+Bridge Application 1.4 The LED Display Figure 5 Front Panel The following table describes the LEDs on the G-560. Table 1 Front Panel LED Description LED COLOR STATUS DESCRIPTION PWR Green Blinking The G-560 is not ready or rebooting. On The G-560 has a successful reboot and is receiving power. Off The G-560 is not receiving power. Blinking The G-560 is sending/receiving data. On The G-560 has a successful 10Mbps Ethernet connection.
ZyXEL G-560 User’s Guide Table 1 Front Panel LED Description LED COLOR STATUS DESCRIPTION OTIST Green Blinking The OTIST automatic wireless configuration is in progress. On The OTIST feature is activated on the G-560. Off The OTIST feature is not activated or activated but the wireless settings are changed again. Blinking The G-560 is sending or receiving data through the wireless LAN. On The G-560 is ready, but is not sending/receiving data.
ZyXEL G-560 User’s Guide 30 Chapter 1 Getting to Know Your G-560
ZyXEL G-560 User’s Guide CHAPTER 2 Management Computer Setup This chapter describes how to prepare your computer to access the G-560 web configurator. 2.1 Introduction You can connect a computer to the G-560 for management purposes either using an Ethernet connection (recommended for a first time management session) or wirelessly. 2.2 Wired Connection You must prepare your computer/computer network to connect to the G-560 if you are using a wired connection.
ZyXEL G-560 User’s Guide 2.2.1.1 Windows 2000/NT/XP The following example figures use the default Windows XP GUI theme. 1 Click start (Start in Windows 2000/NT) > Settings > Control Panel. 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 7 Control Panel 3 Right-click Local Area Connection and then Properties. Figure 8 Network Connection 4 Select Internet Protocol (TCP/IP) and then click Properties.
ZyXEL G-560 User’s Guide Figure 9 Local Area Connection Properties 5 Select Use the following IP Address and fill in an IP address (between 192.168.1.3 and 192.168.1.254). • Type 255.255.255.0 as the Subnet mask. • Click Advanced1. Figure 10 Internet Protocol Properties 6 Remove any previously installed gateways in the IP Settings tab and click OK to go back to the Internet Protocol TCP/IP Properties screen. 1. See the appendices for information on configuring DNS server addresses.
ZyXEL G-560 User’s Guide Figure 11 Advanced TCP/IP Settings No gateways configured. 7 Click OK to close the Internet Protocol (TCP/IP) Properties window. 8 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 9 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT). 2.3 Wireless Connection Ensure that the wireless stations have a compatible wireless card/adapter with the same wireless settings as the G-560.
ZyXEL G-560 User’s Guide Note: The wireless stations and G-560 must use the same SSID, channel and wireless security settings for wireless communication. If you do not enable any wireless security on your G-560, your network traffic is visible to any wireless networking device that is within range. 2.4 Resetting the G-560 If you forget the G-560's IP address or your password, to access the G-560, you will need to reload the factory-default using the RESET button.
ZyXEL G-560 User’s Guide 36 Chapter 2 Management Computer Setup
ZyXEL G-560 User’s Guide CHAPTER 3 Introducing the Web Configurator This chapter describes how to configure the G-560 using the Wizard. 3.1 Web Configurator Overview The web configurator is an HTML-based management interface that allows easy G-560 setup and management via Internet browser. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and later versions. The recommended screen resolution is 1024 by 768 pixels.
ZyXEL G-560 User’s Guide Figure 13 Welcome Screen Default password is 1234. 6 You should see a screen asking you to change your password (highly recommended) as shown next. Type a new password (and retype it to confirm) and click Apply or click Ignore to allow access without password change. Note: If you do not change the password, the following screen appears every time you login. Figure 14 Change Password Screen Change default password. The field is case sensitive.
ZyXEL G-560 User’s Guide Figure 15 Status Screen Click SETUP WIZARD to help you configure your G-560 to set up a wireless network. Use the submenus under SETTINGS to configure advanced G-560 features. Click LOGOUT at any time to exit the web configurator. Note: See the rest of this User's Guide for configuration details and background information on all G-560 features using the web configurator. 3.
ZyXEL G-560 User’s Guide Enter a Subnet Mask appropriate to your network and the Gateway IP Address of the neighboring device, if you know it. If you do not, leave the Gateway IP Address field as 0.0.0.0. Figure 16 Wizard 1: Basic Settings Do not select this unless you have a router that can assign the G-560 an IP address. Note: If you change the ZyXEL G-560's IP address, you must use the new IP address if you want to access the web configurator again. 3.3.
ZyXEL G-560 User’s Guide Figure 17 Wizard 2: Wireless Settings 3.3.3 Security Settings Fill in the fields in the third wizard configuration screen. The screen varies depending on what you select in the Encryption Method field. Select Disable to have no wireless security configured, select WEP, or select WPA-PSK if your wireless clients support WPA-PSK. Go to SETTINGS > WIRELESS > Security if you want WPA2, WPA or 802.1x. See Chapter 6 on page 53 for background information. 3.3.3.
ZyXEL G-560 User’s Guide Figure 18 Setup Wizard 3: Disable 3.3.3.2 WEP 1 WEP (Wired Equivalent Privacy) encrypts data frames before transmitting over the wireless network. Select 64-bit, 128-bit or 256-bit from the WEP Encryption dropdown list box and then follow the on-screen instructions to set up the WEP keys. 2 Choose an encryption level from the drop-down list. The higher the WEP encryption, the higher the security but the slower the throughput.
ZyXEL G-560 User’s Guide Figure 19 Wizard 3: WEP Use Passphrase to automatically generate keys or manually enter a key in the Key 1 field. 3.3.3.3 WPA-PSK 1 Type a pre-shared key to have a more secure wireless connection. Choose this option only if your wireless clients support it. 2 Type from 8 to 63 ASCII characters (including spaces and symbols). This field is casesensitive. Figure 20 Wizard 3: WPA-PSK 3.3.4 Confirm Your Settings The following read-only screen shows the status of the current settings.
ZyXEL G-560 User’s Guide Figure 21 Wizard 4: Confirm Your Settings For more detailed background information, see the rest of this User's Guide.
ZyXEL G-560 User’s Guide CHAPTER 4 Status Screens This chapter describes the Status screens. 4.1 System Status Click STATUS to display a snapshot of your G-560 settings. You can also view network statistics and a list of wireless stations currently associated with the G-560. Note that these labels are READ-ONLY and are meant to be used for diagnostic purposes.
ZyXEL G-560 User’s Guide The following table describes the labels in this screen. Table 3 Status LABEL DESCRIPTION Device Information Device Name This is the same as Device Name you entered in the first wizard screen if you entered one there. It is for identification purposes. Operation Mode This field shows whether the G-560 is functioning as an access point or an access point and bridge simultaneously. MAC Address This field displays the MAC address of the G-560.
ZyXEL G-560 User’s Guide Figure 23 Status: View Statistics The following table describes the labels in this screen. Table 4 Status: View Statistics LABEL DESCRIPTION Port This is the Ethernet or wireless port. TxPkts This is the number of transmitted packets on this port. RxPkts This is the number of received packets on this port. Collisions This is the number of collisions on this port. System Up Time This is the total time the G-560 has been on.
ZyXEL G-560 User’s Guide The following table describes the labels in this screen. Table 5 Status: View Association List 48 LABEL DESCRIPTION No. This is the index number of an associated wireless station. MAC Address This field displays the MAC address of an associated wireless station. Association Time This field displays the time a wireless station first associated with the G-560. Refresh Click Refresh to reload the screen.
ZyXEL G-560 User’s Guide CHAPTER 5 System Screens This chapter provides information on the System screens. 5.1 Factory Ethernet Defaults The Ethernet parameters of the G-560 are preset in the factory with the following values: • IP address of 192.168.1.2 • Subnet mask of 255.255.255.0 (24 bits) • Encryption: Disable These parameters should work for the majority of installations. 5.2 TCP/IP Parameters 5.2.1 IP Address Assignment Every computer on the Internet must have a unique IP address.
ZyXEL G-560 User’s Guide Note: Regardless of your particular situation, do not create an arbitrary IP address; always follow the guidelines above. For more information on address assignment, please refer to RFC 1597, Address Allocation for Private Internets and RFC 1466, Guidelines for Management of IP Address Space. 5.2.2 IP Address and Subnet Mask Similar to the way houses on a street share a common street name, so too do computers on a LAN share one common network number.
ZyXEL G-560 User’s Guide Figure 25 System Settings The following table describes the labels in this screen. Table 7 System Settings LABEL DESCRIPTION Device Name This name can be up to 30 printable characters long. Spaces are allowed. IP Address Assignment Obtain IP Address Select this option to have your G-560 use a dynamically assigned IP address from Automatically a router each time. Note: You must know the IP address assigned to the G-560 (by the router) to access the G-560 again.
ZyXEL G-560 User’s Guide 5.4 Time Settings To change your G-560's time and date, click SETTINGS > SYSTEM > Time Settings. The screen appears as shown. Use this screen to manually enter a time and date. Log times and dates are based on the time and date you configure here. Figure 26 Time Settings The following table describes the labels in this screen. Table 8 Time Settings 52 LABEL DESCRIPTION Time (hh-mm-ss) This field displays the time of your G-560 in hour-minute-second format.
ZyXEL G-560 User’s Guide CHAPTER 6 Wireless Screens This chapter discusses how to configure wireless settings and wireless security on your G-560. 6.1 Wireless LAN Overview This section introduces the wireless LAN (WLAN) and some basic scenarios. 6.1.1 IBSS An Independent Basic Service Set (IBSS), also called an Ad-hoc network, is the simplest WLAN configuration.
ZyXEL G-560 User’s Guide Figure 28 Basic Service set 6.1.3 ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). An ESSID (ESS IDentification) uniquely identifies each ESS. All access points and their associated wireless stations within the same ESS must have the same ESSID in order to communicate.
ZyXEL G-560 User’s Guide Figure 29 Extended Service Set 6.2 Wireless LAN Basics This section describes the wireless LAN network terms. 6.2.1 Channel A channel is the radio frequency(ies) used by IEEE 802.11b wireless devices. Channels available depend on your geographical area. You may have a choice of channels (for your region) so you should use a different channel than an adjacent AP (access point) to reduce interference.
ZyXEL G-560 User’s Guide 6.2.3 RTS/CTS A hidden node occurs when two stations are within range of the same access point, but are not within range of each other. The following figure illustrates a hidden node. Both stations (STA) are within range of the access point (AP) or wireless gateway, but out-of-range of each other, so they cannot “hear” each other, that is they do not know if the channel is currently being used. Therefore, they are considered hidden from each other.
ZyXEL G-560 User’s Guide 6.2.4 Fragmentation Threshold A Fragmentation Threshold is the maximum data fragment size (between 256 and 2432 bytes) that can be sent in the wireless network before the G-560 will fragment the packet into smaller data frames. A large Fragmentation Threshold is recommended for networks not prone to interference while you should set a smaller threshold for busy networks or networks that are prone to interference.
ZyXEL G-560 User’s Guide Table 9 WMM QoS Priorities PRIORITY LEVELS: Mid Typically used for traffic from applications or devices that lack QoS capabilities. Use mid priority for traffic that is less sensitive to latency, but is affected by long delays, such as Internet surfing. Low This is typically used for non-critical “background” traffic such as bulk transfers and print jobs that are allowed but that should not affect other applications and users.
ZyXEL G-560 User’s Guide Figure 31 Wireless Settings: Access Point The following table describes the labels in this screen. Table 10 Wireless Settings: Access Point Operation Mode Select the operation mode from the drop-down list. The options are Access Point and Access Point + Bridge. SSID Wireless stations associating to the access point (AP) must have the same SSID. Enter a descriptive name (up to 32 printable characters) for the wireless LAN. Spaces are allowed.
ZyXEL G-560 User’s Guide Table 10 Wireless Settings: Access Point (continued) Wireless Mode Select Pure B Mode to allow only IEEE 802.11b compliant WLAN devices to associate with the G-560. Select Pure G Mode to allow only IEEE 802.11g compliant WLAN devices to associate with the G-560. Select Mixed Mode to allow either IEEE 802.11b or IEEE 802.11g compliant WLAN devices to associate with the G-560. The transmission rate of your G-560 might be reduced.
ZyXEL G-560 User’s Guide 6.4.2 Access Point + Bridge Mode The G-560 can act as a wireless network bridge and establish up to four wireless links with other APs. You need to know the MAC address of the peer device, which also must be in bridge mode. In the example below, when both G-560s are in Access Point + Bridge mode, they form a WDS (Wireless Distribution System) allowing the computers in LAN 1 to connect to the computers in LAN 2. Figure 32 Bridging Example 6.4.2.
ZyXEL G-560 User’s Guide Figure 33 Bridge Loop: Two Bridges Connected to Hub If your G-560 (in bridge mode) is connected to a wired LAN while communicating with another wireless bridge that is also connected to the same wired LAN as shown next. Figure 34 Bridge Loop: Bridges Connected to the Same Wired LAN If three or more G-560s (in bridge mode) are on different wired LANs but wirelessly connected to each other as shown next.
ZyXEL G-560 User’s Guide Figure 35 Bridge Loop: Bridges on Different Wired LANs To prevent bridge loops, do not set the G-560 to bridge mode while connected to both wired and wireless segments of the same LAN. Also make sure that you do not have three or more G-560s (in bridge mode and on different wired LANs) wirelessly connect to each other. 6.4.2.2 Configuring Access Point + Bridge Mode Select Access Point + Bridge in the Operation Mode drop-down list box to display the screen as shown next.
ZyXEL G-560 User’s Guide Figure 36 Wireless Settings: Access Point + Bridge The following table describes the labels in this screen. Table 11 Wireless Settings: Access Point + Bridge Operation Mode Select the operation mode from the drop-down list. The options are Access Point and Access Point + Bridge. SSID Wireless stations associating to the access point (AP) must have the same SSID. Enter a descriptive name (up to 32 printable characters) for the wireless LAN. Spaces are allowed.
ZyXEL G-560 User’s Guide Table 11 Wireless Settings: Access Point + Bridge (continued) Channel Set the operating frequency/channel depending on your particular region. Select a channel from the drop-down list box. Refer to the chapter on wizard setup for more information about channels. Wireless Mode Select Pure B Mode to allow only IEEE 802.11b compliant WLAN devices to associate with the G-560. Select Pure G Mode to allow only IEEE 802.11g compliant WLAN devices to associate with the G-560.
ZyXEL G-560 User’s Guide Table 11 Wireless Settings: Access Point + Bridge (continued) Preamble Type Preamble is used to signal that data is coming to the receiver. Short preamble increases performance as less time sending preamble means more time for sending data. All IEEE 802.11b compliant wireless adapters support long preamble, but not all support short preamble.
ZyXEL G-560 User’s Guide 6.5.1 Encryption • Use WPA(2) security if you have WP(2)A-aware wireless clients and a RADIUS server. WPA(2) has user authentication and improved data encryption over WEP. • Use WPA(2)-PSK if you have WPA(2)-aware wireless clients but no RADIUS server. • If you don’t have WPA(2)-aware wireless clients, then use WEP key encrypting. A higher bit key offers better security at a throughput trade-off.
ZyXEL G-560 User’s Guide Figure 37 WEP Authentication Steps Open system authentication involves an unencrypted two-message procedure. A wireless station sends an open system authentication request to the AP, which will then automatically accept and connect the wireless station to the network. In effect, open system is not authentication at all as any station can gain access to the network. Shared key authentication involves a four-message procedure.
ZyXEL G-560 User’s Guide 6.8 Introduction to RADIUS RADIUS is based on a client-sever model that supports authentication and accounting, where access point is the client and the server is the RADIUS server. The RADIUS server handles the following tasks among others: • Authentication Determines the identity of the users. • Accounting Keeps track of the client’s network activity.
ZyXEL G-560 User’s Guide 6.9 EAP Authentication Overview EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE802.1x transport mechanism in order to support multiple types of user authentication. By using EAP to interact with an EAP-compatible RADIUS server, the access point helps a wireless station and a RADIUS server perform authentication. The type of authentication you use depends on the RADIUS server or the AP.
ZyXEL G-560 User’s Guide To use Dynamic WEP, enable and configure the RADIUS server and enable Dynamic WEP Key Exchange in the WIRELESS Security 802.1x screen. Ensure that the wireless station’s EAP type is configured to one of the following: • EAP-TLS • EAP-TTLS • PEAP Note: EAP-MD5 cannot be used with Dynamic WEP Key Exchange. 6.11 Introduction to WPA and WPA2 Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.
ZyXEL G-560 User’s Guide 6.11.2 User Authentication WPA or WPA2 applies IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database. 6.12 WPA(2)-PSK Application Example A WPA(2)-PSK application looks as follows. 1 First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key (PSK) must consist of between 8 and 63 ASCII characters (including spaces and symbols).
ZyXEL G-560 User’s Guide generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients. Figure 40 WPA with RADIUS Application Example 6.14 Security Parameters Summary Refer to this table to see what other security parameters you should configure for each authentication method/ key management protocol type.
ZyXEL G-560 User’s Guide Table 13 Wireless Security Relational Matrix AUTHENTICATION METHOD/ KEY MANAGEMENT PROTOCOL ENCRYPTION METHOD ENTER MANUAL KEY IEEE 802.1X WPA2 AES No Enable WPA2-PSK AES Yes Enable 6.15 Wireless Client WPA Supplicants A wireless client supplicant is the software that runs on an operating system instructing the wireless client how to use WPA.
ZyXEL G-560 User’s Guide The following table describes the labels in this screen. Table 14 Wireless Security: Disable LABEL DESCRIPTION Encryption Method Select Disable to have no wireless LAN security configured. Apply Click Apply to save your changes back to the G-560. Reset Click Reset to begin configuring this screen afresh. 6.16.2 WEP WEP provides a mechanism for encrypting data using encryption keys. Both the AP and the wireless stations must use the same WEP key to encrypt and decrypt data.
ZyXEL G-560 User’s Guide Table 15 Wireless Security: WEP LABEL DESCRIPTION Passphrase Enter a “passphrase” (password phrase) of up to 32 case-sensitive printable characters and click Generate to have the G-560 create four different WEP keys. Generate After you enter the passphrase, click Generate to have the G-560 generates four different WEP keys automatically. ASCII Select this option to enter ASCII characters as the WEP keys.
ZyXEL G-560 User’s Guide The following table describes the labels in this screen. Table 16 Wireless Security: WPA-PSK LABEL DESCRIPTION Encryption Method Select WPA-PSK if you want to configure a pre-shared key but your wireless clients don’t support WPA2. Select WPA2-PSK if you want to configure a pre-shared key and your wireless clients support WPA2. Select WPA-PSK/WPA2-PSK Mixed if you want to configure a pre-shared key and your wireless clients support either WPA or WPA2.
ZyXEL G-560 User’s Guide The following table describes the labels in this screen. Table 17 Wireless Security: WPA LABEL DESCRIPTION Encryption Method Select WPA to configure user authentication and improved data encryption if your wireless clients don’t support WPA2. Select WPA2 to configure user authentication and improved data encryption when your wireless clients support WPA2.
ZyXEL G-560 User’s Guide Figure 45 Wireless Security: 802.1x The following table describes the labels in this screen. Table 18 Wireless Security: 802.1x LABEL DESCRIPTION Encryption Method Select 802.1x to configure authentication of wireless stations and encryption key management. Dynamic WEP Key Exchange Select Disable to allow wireless stations to communicate with the access points without using dynamic WEP key exchange. Select 64-bit WEP or 128-bit WEP to enable data encryption.
ZyXEL G-560 User’s Guide 6.17 MAC Filter The MAC filter screen allows you to configure the G-560 to give exclusive access to up to 32 devices (Allow Association) or exclude up to 32 devices from accessing the G-560 (Deny Association). Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. You need to know the MAC address of the devices to configure this screen.
ZyXEL G-560 User’s Guide The following table describes the labels in this screen. Table 19 MAC Filter LABEL DESCRIPTION Active Select the check box to enable MAC address filtering and define the filter action for the list of MAC addresses in the MAC address filter table. Select Allow the following MAC address to associate to permit access to the G560, MAC addresses not listed will be denied access to the G-560.
ZyXEL G-560 User’s Guide Hold in the Reset button for one or two seconds. Note: If you hold in the Reset button too long, the device will reset to the factory defaults! 6.18.1.1.2 Web Configurator Click WIRELESS > SETTINGS > OTIST to configure and enable OTIST. The screen appears as shown. Figure 47 OTIST The following table describes the labels in this screen. Table 20 OTIST LABEL DESCRIPTION One-Touch Intelligent Security Technology Setup Key Enter the setup key of up to eight printable characters.
ZyXEL G-560 User’s Guide Figure 48 Example Wireless Client OTIST Screen 6.18.2 Starting OTIST Note: You must click Start in the AP OTIST web configurator screen and in the wireless client(s) Adapter screen all within three minutes (at the time of writing). You can start OTIST in the wireless clients and AP in any order but they must all be within range and have OTIST enabled. 1 In the AP, a web configurator screen pops up showing you the security settings to transfer.
ZyXEL G-560 User’s Guide Figure 52 No AP with OTIST Found • If there is more than one OTIST-enabled AP within range, you see a screen asking you to select one AP to get settings from. 6.18.3 Notes on OTIST 1 If you enabled OTIST in the wireless client, you see this screen each time you start the utility. Click Yes for it to search for an OTIST-enabled AP.
ZyXEL G-560 User’s Guide CHAPTER 7 Management Screens This chapter describes the Maintenance screens. 7.1 Maintenance Overview Use these maintenance screens to change the password, view logs, back up or restore the G560 configuration and change the web configurator language. 7.2 Configuring Password To change your G-560's password (recommended), click SETTINGS > MANAGEMENT. The screen appears as shown. This screen allows you to change the G-560's password.
ZyXEL G-560 User’s Guide Table 21 Management: Password (continued) LABEL DESCRIPTION Retype to Confirm Retype your new system password for confirmation. Apply Click Apply to save your changes back to the G-560. Cancel Click Cancel to reload the previous configuration for this screen. 7.3 Logs The web configurator allows you to look at all of the G-560's logs in one location. Click SETTINGS > MANAGEMENT > Logs to open the Logs screen. You can view logs and alert messages in this page.
ZyXEL G-560 User’s Guide Table 22 Management: Logs (continued) LABEL DESCRIPTION Destination This field lists the destination IP address and the port number of the outgoing packet that caused the log. Note This field displays additional information about the log entry. 7.4 Configuration Screen The configuration file (often called the romfile or rom-0) contains the factory default settings such as password and TCP/IP Setup, etc. It arrives from ZyXEL with a .rom filename extension.
ZyXEL G-560 User’s Guide 7.4.1 Backup Configuration Backup configuration allows you to back up (save) the G-560's current configuration to a file on your computer. Once your G-560 is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes. The backup configuration file will be useful in case you need to return to your previous settings. Click Backup to save the G-560's current configuration to your computer. 7.4.
ZyXEL G-560 User’s Guide Figure 58 Network Temporarily Disconnected If you uploaded the default configuration file you may need to change the IP address of your computer to be in the same subnet as that of the default G-560 IP address (192.168.1.2). If the upload was not successful, the following screen will appear. Click Return to go back to the Configuration File screen. Figure 59 Configuration Upload Error 7.4.
ZyXEL G-560 User’s Guide 7.5 F/W Upload Screen Find firmware at www.zyxel.com in a file that (usually) uses the system model name with a .bin extension, for example, "zyxel.bin". The upload process uses HTTP (Hypertext Transfer Protocol) and may take up to two minutes. After a successful upload, the system will reboot. Click SETTINGS > MANAGEMENT > F/W Upload to display the screen as shown. Follow the instructions in this screen to upload firmware to your G-560.
ZyXEL G-560 User’s Guide Figure 62 Firmware Upload In Process The G-560 automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 63 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the System Status screen. If the upload was not successful, the following screen will appear. Click Return to go back to the F/W Upload screen.
ZyXEL G-560 User’s Guide Figure 65 Management: Language 92 Chapter 7 Management Screens
ZyXEL G-560 User’s Guide CHAPTER 8 Troubleshooting This chapter covers potential problems and possible remedies. After each problem description, some instructions are provided to help you to diagnose and to solve the problem. 8.1 Problems Starting Up the G-560 Table 25 Troubleshooting the Start-Up of Your G-560 PROBLEM CORRECTIVE ACTION None of the LEDs turn on when I plug in the power adaptor. Make sure you are using the supplied power adaptor and that it is plugged in to an appropriate power source.
ZyXEL G-560 User’s Guide 8.3 Problems with the WLAN Interface Table 27 Troubleshooting the WLAN Interface PROBLEM CORRECTIVE ACTION Cannot access the G-560 from the WLAN. Make sure the wireless adapter on the wireless station is working properly. Check that both the G-560 and your wireless station are using the same ESSID, channel and security settings. I cannot ping any computer on the WLAN. Make sure the wireless adapter on the wireless station(s) is working properly.
ZyXEL G-560 User’s Guide Table 28 Troubleshooting the Ethernet Interface (continued) PROBLEM CORRECTIVE ACTION Cannot access the web configurator. Your computer’s and the G-560’s IP addresses must be on the same subnet for LAN access. If you changed the G-560’s IP address, then enter the new one as the URL. See the following section to check that pop-up windows, JavaScripts and Java permissions are allowed. You may also need to clear your Internet browser’s cache.
ZyXEL G-560 User’s Guide Figure 66 Pop-up Blocker You can also check if pop-up blocking is disabled in the Pop-up Blocker section in the Privacy tab. 1 In Internet Explorer, select Tools, Internet Options, Privacy. 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 67 Internet Options 3 Click Apply to save this setting. 8.4.1.1.
ZyXEL G-560 User’s Guide Figure 68 Internet Options 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.1.1. 4 Click Add to move the IP address to the list of Allowed sites.
ZyXEL G-560 User’s Guide Figure 69 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. 8.4.1.2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. 1 In Internet Explorer, click Tools, Internet Options and then the Security tab.
ZyXEL G-560 User’s Guide Figure 70 Internet Options 2 Click the Custom Level... button. 3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default). 6 Click OK to close the window.
ZyXEL G-560 User’s Guide Figure 71 Security Settings - Java Scripting 8.4.1.3 Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected. 5 Click OK to close the window.
ZyXEL G-560 User’s Guide Figure 72 Security Settings - Java 8.4.1.3.1 JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 make sure that Use Java 2 for
ZyXEL G-560 User’s Guide Figure 73 Java (Sun) 8.5 Testing the Connection to the G-560 1 Click Start, (All) Programs, Accessories and then Command Prompt. 2 In the Command Prompt window, type “ping” followed by a space and the IP address of the G-560 (192.168.1.2 is the default). 3 Press ENTER. The following screen displays. Figure 74 Pinging the G-650 C:\>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data: Reply Reply Reply Reply from from from from 192.168.1.2: 192.168.1.2: 192.168.1.2: 192.168.
ZyXEL G-560 User’s Guide APPENDIX A Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/ IP on your computer. Windows 3.1 requires the purchase of a third-party TCP/IP application package.
ZyXEL G-560 User’s Guide Figure 75 WIndows 95/98/Me: Network: Configuration Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add. 2 Select Adapter and then click Add. 3 Select the manufacturer and model of your network adapter and then click OK. If you need TCP/IP: 1 In the Network window, click Add.
ZyXEL G-560 User’s Guide 3 Select Microsoft from the list of manufacturers. 4 Select Client for Microsoft Networks from the list of network clients and then click OK. 5 Restart your computer so the changes you made take effect. Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab. • • If your IP address is dynamic, select Obtain an IP address automatically.
ZyXEL G-560 User’s Guide Figure 77 Windows 95/98/Me: TCP/IP Properties: DNS Configuration 4 Click the Gateway tab. • • If you do not know your gateway’s IP address, remove previously installed gateways. If you have a gateway IP address, type it in the New gateway field and click Add. 5 Click OK to save and close the TCP/IP Properties window. 6 Click OK to close the Network window. Insert the Windows CD if prompted. 7 Turn on your G-560 and restart your computer when prompted.
ZyXEL G-560 User’s Guide Figure 78 Windows XP: Start Menu 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 79 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties.
ZyXEL G-560 User’s Guide Figure 80 Windows XP: Control Panel: Network Connections: Properties 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 81 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). • 108 If you have a dynamic IP address click Obtain an IP address automatically.
ZyXEL G-560 User’s Guide • • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields. Click Advanced. Figure 82 Windows XP: Internet Protocol (TCP/IP) Properties 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK.
ZyXEL G-560 User’s Guide Figure 83 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
ZyXEL G-560 User’s Guide Figure 84 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 10 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT). 11Turn on your G-560 and restart your computer (if prompted). Verifying Settings 1 Click Start, All Programs, Accessories and then Command Prompt.
ZyXEL G-560 User’s Guide Figure 85 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 86 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list.
ZyXEL G-560 User’s Guide 4 For statically assigned settings, do the following: • • • • From the Configure box, select Manually. Type your IP address in the IP Address box. Type your subnet mask in the Subnet mask box. Type the IP address of your G-560 in the Router address box. 5 Close the TCP/IP Control Panel. 6 Click Save if prompted, to save changes to your configuration. 7 Turn on your G-560 and restart your computer (if prompted).
ZyXEL G-560 User’s Guide Figure 88 Macintosh OS X: Network 4 For statically assigned settings, do the following: • • • • From the Configure box, select Manually. Type your IP address in the IP Address box. Type your subnet mask in the Subnet mask box. Type the IP address of your G-560 in the Router address box. 5 Click Apply Now and close the window. 6 Turn on your G-560 and restart your computer (if prompted). Verifying Settings Check your TCP/IP properties in the Network window.
ZyXEL G-560 User’s Guide Note: Make sure you are logged in as the root administrator. Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE. 1 Click the Red Hat button (located on the bottom left corner), select System Setting and click Network. Figure 89 Red Hat 9.0: KDE: Network Configuration: Devices 2 Double-click on the profile of the network card you wish to configure. The Ethernet Device General screen displays as shown.
ZyXEL G-560 User’s Guide • • If you have a dynamic IP address, click Automatically obtain IP address settings with and select dhcp from the drop down list. If you have a static IP address, click Statically set IP Addresses and fill in the Address, Subnet mask, and Default Gateway Address fields. 3 Click OK to save the changes and close the Ethernet Device General screen. 4 If you know your DNS server IP address(es), click the DNS tab in the Network Configuration screen.
ZyXEL G-560 User’s Guide 1 Assuming that you have only one network card on the computer, locate the ifconfigeth0 configuration file (where eth0 is the name of the Ethernet card). Open the configuration file with any plain text editor. • If you have a dynamic IP address, enter dhcp in the BOOTPROTO= field. The following figure shows an example. Figure 93 Red Hat 9.
ZyXEL G-560 User’s Guide Figure 96 Red Hat 9.0: Restart Ethernet Card [root@localhost init.d]# network restart Shutting down interface eth0: Shutting down loopback interface: Setting network parameters: Bringing up loopback interface: Bringing up interface eth0: [OK] [OK] [OK] [OK] [OK] Verifying Settings Enter ifconfig in a terminal screen to check your TCP/IP properties. Figure 97 Red Hat 9.
ZyXEL G-560 User’s Guide APPENDIX B Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an independent (Ad-hoc) WLAN that connects a set of computers with wireless stations (A, B, C).
ZyXEL G-560 User’s Guide Figure 99 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This type of wireless LAN topology is called an Infrastructure WLAN. The Access Points not only provide communication with the wired network but also mediate wireless network traffic in the immediate neighborhood.
ZyXEL G-560 User’s Guide Figure 100 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by IEEE 802.11a/b/g wireless devices. Channels available depend on your geographical area. You may have a choice of channels (for your region) so you should use a different channel than an adjacent AP (access point) to reduce interference. Interference occurs when radio signals from different access points overlap causing interference and degrading performance.
ZyXEL G-560 User’s Guide Figure 101 RTS/CTS When station A sends data to the AP, it might not know that the station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations. RTS/CTS is designed to prevent collisions due to hidden nodes.
ZyXEL G-560 User’s Guide A large Fragmentation Threshold is recommended for networks not prone to interference while you should set a smaller threshold for busy networks or networks that are prone to interference. If the Fragmentation Threshold value is smaller than the RTS/CTS value (see previously) you set then the RTS (Request To Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmented before they reach RTS/CTS size. IEEE 802.11g Wireless LAN IEEE 802.
ZyXEL G-560 User’s Guide • Authentication Determines the identity of the users. • Authorization Determines the network services available to authenticated users once they are connected to the network. • Accounting Keeps track of the client’s network activity. RADIUS is a simple package exchange in which your AP acts as a message relay between the wireless station and the network RADIUS server.
ZyXEL G-560 User’s Guide EAP Authentication EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE802.1x transport mechanism in order to support multiple types of user authentication. By using EAP to interact with an EAP-compatible RADIUS server, the access point helps a wireless station and a RADIUS server perform authentication. The type of authentication you use depends on the RADIUS server or the AP.
ZyXEL G-560 User’s Guide However, MD5 authentication has some weaknesses. Since the authentication server needs to get the plaintext passwords, the passwords must be stored. Thus someone other than the authentication server may access the password file. In addition, it is possible to impersonate an authentication server as MD5 authentication method does not perform mutual authentication. Finally, MD5 authentication method does not support data encryption with dynamic session key.
ZyXEL G-560 User’s Guide WEP Authentication Steps Three different methods can be used to authenticate wireless stations to the network: Open System, Shared Key, and Auto. The following figure illustrates the steps involved. Figure 103 WEP Authentication Steps Open system authentication involves an unencrypted two-message procedure. A wireless station sends an open system authentication request to the AP, which will then automatically accept and connect the wireless station to the network.
ZyXEL G-560 User’s Guide Dynamic WEP Key Exchange The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless connection times out, disconnects or reauthentication times out. A new WEP key is generated each time reauthentication is performed. If this feature is enabled, it is not necessary to configure a default encryption key in the Wireless screen. You may still configure and store keys here, but they will not be used while Dynamic WEP is enabled.
ZyXEL G-560 User’s Guide TKIP uses 128-bit keys that are dynamically generated and distributed by the authentication server. It includes a per-packet key mixing function, a Message Integrity Check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. TKIP regularly changes and rotates the encryption keys so that the same encryption key is never used twice.
ZyXEL G-560 User’s Guide If the roaming feature is not enabled on the access points, information is not communicated between the access points when a wireless station moves between coverage areas. The wireless station may not be able to communicate with other wireless stations on the network and vice versa. Figure 104 Roaming Example The steps below describe the roaming process.
ZyXEL G-560 User’s Guide 5 The access points must be connected to the Ethernet and be able to get IP addresses from a DHCP server if using dynamic IP address assignment.
ZyXEL G-560 User’s Guide 132 Appendix B Wireless LANs
ZyWALL 5/35/70 Series User’s Guide APPENDIX C IP Subnetting IP Addressing Routers “route” based on the network number. The router that delivers the data packet to the correct destination host uses the host ID. IP Classes An IP address is made up of four octets (eight bits), written in dotted decimal notation, for example, 192.168.1.1. IP addresses are categorized into different classes. The class of an address depends on the value of its first octet. • Class “A” addresses have a 0 in the left most bit.
ZyWALL 5/35/70 Series User’s Guide Since the first octet of a class “A” IP address must contain a “0”, the first octet of a class “A” address can have a value of 0 to 127. Similarly the first octet of a class “B” must begin with “10”, therefore the first octet of a class “B” address has a valid range of 128 to 191. The first octet of a class “C” address begins with “110”, and therefore has a range of 192 to 223.
ZyWALL 5/35/70 Series User’s Guide Since the mask is always a continuous number of ones beginning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet. This is usually specified by writing a “/” followed by the number of bits in the mask after the address. For example, 192.1.1.0 /25 is equivalent to saying 192.1.1.0 with mask 255.255.255.128.
ZyWALL 5/35/70 Series User’s Guide Note: In the following charts, shaded/bolded last octet bit values indicate host ID bits “borrowed” to form network ID bits. The number of “borrowed” host ID bits determines the number of subnets you can have. The remaining number of host ID bits (after “borrowing”) determines the number of hosts you can have on each subnet. Table 36 Subnet 1 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 0 IP Address (Binary) 11000000.10101000.00000001.
ZyWALL 5/35/70 Series User’s Guide Example: Four Subnets The above example illustrated using a 25-bit subnet mask to divide a class “C” address space into two subnets. Similarly to divide a class “C” address into four subnets, you need to “borrow” two host ID bits to give four possible combinations of 00, 01, 10 and 11. The subnet mask is 26 bits (11111111.11111111.11111111.11000000) or 255.255.255.192.
ZyWALL 5/35/70 Series User’s Guide Table 41 Subnet 4 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 192 IP Address (Binary) 11000000.10101000.00000001. 11000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.192 Lowest Host ID: 192.168.1.193 Broadcast Address: 192.168.1.255 Highest Host ID: 192.168.1.254 Example Eight Subnets Similarly use a 27-bit mask to create 8 subnets (001, 010, 011, 100, 101, 110).
ZyWALL 5/35/70 Series User’s Guide Subnetting With Class A and Class B Networks. For class “A” and class “B” addresses the subnet mask also determines which bits are part of the network number and which are part of the host ID. A class “B” address has two host ID octets available for subnetting and a class “A” address has three host ID octets (see Table 31 on page 133) available for subnetting. The following table is a summary for class “B” subnet planning. Table 44 Class B Subnet Planning NO.
ZyWALL 5/35/70 Series User’s Guide 140 Appendix C IP Subnetting
ZyXEL G-560 User’s Guide Index Numerics 110V AC 6 230V AC 6 A Abnormal Working Conditions 7 AC 6 Accessories 6 Acts of God 7 Address Assignment 49 Ad-hoc 53 Advanced Encryption Standard 128 Airflow 6 Alternative Subnet Mask Notation 135 AP (access point) 121 Association List 47 Authentication 67, 127 Authority 4 B Basement 6 Basic Service Set 53 BSS 53, 119 Circuit 4 Class B 4 Communications 4 Compliance, FCC 4 Components 7 Condition 7 Connecting Cables 6 Consequential Damages 7 Contact Information 8 Co
ZyXEL G-560 User’s Guide Europe 6 Exposure 6 Extended Service Set 54, 120 Extensible Authentication Protocol 72 Interference Statement 4 IP Address 49, 50 IP Addressing 133 IP Classes 133 F L Failure 7 FCC 4 Compliance 4 Rules, Part 15 4 FCC Rules 4 Federal Communications Commission 4 Finland, Contact Information 8 Fitness 7 Fragmentation Threshold 57, 122 Fragmentation threshold 122 France, Contact Information 8 Functionally Equivalent 7 Labor 7 Legal Rights 7 Liability 3 License 3 Lightning 6 Liquid
ZyXEL G-560 User’s Guide Parts 7 Patent 3 Permission 3 Photocopying 3 Pipes 6 Pool 6 Postage Prepaid.
ZyXEL G-560 User’s Guide T Tampering 7 Telephone 8 Television Interference 4 Television Reception 4 Temporal Key Integrity Protocol (TKIP) 128 Thunderstorm 6 Trademark 3 Trademark Owners 3 Trademarks 3 Translation 3 TV Technician 4 Wireless Client WPA Supplicants 74 WLAN Interference 121 Workmanship 7 Worldwide Contact Information 8 WPA 71 WPA with RADIUS Application 72 WPA2 71 WPA-PSK 71 WPA-PSK Application 72 Written Permission 3 Z U Undesired Operations 4 User Authentication 72, 128 ZyNOS 3 ZyXEL Com
