AMG1202-T10A Wireless N-lite ADSL2+ 4-port Ethernet Gateway Default Login Details IP Address http://192.168.1.1 Password 1234 Firmware Version 1.00 Edition 1, 6/2011 www.zyxel.com www.zyxel.
About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the ZyXEL Device using the web configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology. Related Documentation • Quick Start Guide The Quick Start Guide is designed to help you get up and running right away. It contains information on setting up your network and configuring for Internet access.
About This User's Guide • Knowledge Base If you have a specific question about your product, the answer may be here. This is a collection of answers to previously asked questions about ZyXEL products. • Forum This contains discussions on ZyXEL products. Learn from others who use ZyXEL products and share your experiences as well. Customer Support In the event of problems that cannot be solved by using this manual, you should contact your vendor.
Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User’s Guide. Warnings tell you about things that could harm you or your device. Note: Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations. Syntax Conventions • The AMG1202-T10A may be referred to as the “ZyXEL Device”, the “device”, the “system” or the “product” in this User’s Guide.
Document Conventions 6 Server Firewall Router Switch Telephone AMG1202-T10A User’s Guide
Safety Warnings Safety Warnings • • • • • • • • • • • • • • • • • • • • Do NOT use this product near water, for example, in a wet basement or near a swimming pool. Do NOT expose your device to dampness, dust or corrosive liquids. Do NOT store things on the device. Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning. Connect ONLY suitable accessories to the device. Do NOT open the device or unit.
Safety Warnings 8 AMG1202-T10A User’s Guide
Contents Overview Contents Overview User’s Guide ........................................................................................................................... 19 Introduction ................................................................................................................................21 The Web Configurator ................................................................................................................27 Status Screens ........................................
Contents Overview 10 AMG1202-T10A User’s Guide
Table of Contents Table of Contents About This User's Guide .......................................................................................................... 3 Document Conventions ........................................................................................................... 5 Safety Warnings........................................................................................................................ 7 Contents Overview .......................................................
Table of Contents Chapter 4 Tutorials ................................................................................................................................... 37 4.1 Overview ..............................................................................................................................37 4.2 Setting Up a Secure Wireless Network ................................................................................37 4.2.1 Configuring the Wireless Network Settings ........................
Table of Contents 6.4.4 IP Address Assignment ..............................................................................................80 6.4.5 Nailed-Up Connection (PPP) ......................................................................................81 6.4.6 NAT .............................................................................................................................81 6.5 Traffic Shaping ........................................................................................
Table of Contents 8.6 The WDS Screen ............................................................................................................... 110 8.7 The Scheduling Screen ...................................................................................................... 112 8.8 Wireless LAN Technical Reference .................................................................................... 112 8.8.1 Wireless Network Overview ...................................................................
Table of Contents 11.2 The URL Filter Screen .....................................................................................................144 11.3 The Application Filter Screen ...........................................................................................145 11.4 The IP/MAC Filter Screen ................................................................................................146 Chapter 12 Static Route ............................................................................
Table of Contents 16.1.2 What You Need to Know About Remote Management ...........................................170 16.2 The WWW Screen ...........................................................................................................171 16.2.1 Configuring the WWW Screen ................................................................................171 16.3 The Telnet Screen ............................................................................................................171 16.
Table of Contents 21.1 Overview ..........................................................................................................................209 21.1.1 What You Can Do in the Diagnostic Screens .........................................................209 21.2 The General Screen .........................................................................................................209 21.3 The DSL Line Screen .....................................................................................
Table of Contents 18 AMG1202-T10A User’s Guide
P ART I User’s Guide 19
C HAPT ER 1 Introduction 1.1 Overview The AMG1202-T10A is an ADSL2+ router. By integrating DSL and NAT, you are provided with ease of installation and high-speed, shared Internet access. The AMG1202-T10A is also a complete security solution with a robust firewall and content filtering. Only use firmware for your ZyXEL Device’s specific model. Refer to the label on the bottom of your ZyXEL Device. Note: All screens displayed in this user’s guide are from the AMG1202-T10A model.
Chapter 1 Introduction 1.4 Applications for the ZyXEL Device Here are some example uses for which the ZyXEL Device is well suited. 1.4.1 Internet Access Your ZyXEL Device provides shared Internet access by connecting the DSL port to the DSL or MODEM jack on a splitter or your telephone jack. Computers can connect to the ZyXEL Device’s LAN ports (or wirelessly).
Chapter 1 Introduction You can configure your wireless network in either the built-in Web Configurator, or using the WPS button. Figure 2 Wireless Access Example 1.5.1 Using the WPS/WLAN Button By default, the wireless network is turned off on the ZyXEL Device. To turn it on, simply press the WPS/WLAN button on top of the device for 1 second. Once the WPS/WLAN LED turns green, the wireless network is active.
Chapter 1 Introduction 1.6 LEDs (Lights) The following graphic displays the labels of the LEDs. Figure 3 LEDs None of the LEDs are on if the ZyXEL Device is not receiving power. Table 1 LED Descriptions LED COLOR STATUS DESCRIPTION POWER Green On The ZyXEL Device is receiving power and ready for use. Blinking The ZyXEL Device is self-testing. On The ZyXEL Device detected an error while self-testing, or there is a device malfunction. Off The ZyXEL Device is not receiving power.
Chapter 1 Introduction 1.7 The RESET Button If you forget your password or cannot access the web configurator, you will need to use the RESET button at the back of the device to reload the factory-default configuration file. This means that you will lose all configurations that you had previously and the password will be reset to “1234”. 1.7.1 Using the Reset Button 1 Make sure the POWER LED is on (not blinking).
Chapter 1 Introduction 26 AMG1202-T10A User’s Guide
C HAPT ER 2 The Web Configurator 2.1 Overview The web configurator is an HTML-based management interface that allows easy device setup and management via Internet browser. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and later versions. The recommended screen resolution is 1024 by 768 pixels. In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. Web pop-up blocking is enabled by default in Windows XP SP (Service Pack) 2.
Chapter 2 The Web Configurator 5 The following screen displays if you have not yet changed your password. It is strongly recommended you change the default password. Enter a new password, retype it to confirm and click Apply; alternatively click Ignore to proceed to the main menu if you do not want to change the password now. Figure 5 Change Password Screen 6 Select Go to Wizard setup and click Apply to display the wizard main screen.
Chapter 2 The Web Configurator 2.2 The Main Screen Figure 7 Main Screen A B C D As illustrated above, the main screen is divided into these parts: • A - title bar • B - navigation panel • C - main window • D - status bar 2.2.1 Title Bar The title bar provides some icons in the upper right corner. The icons provide the following functions. Table 2 Web Configurator Icons in the Title Bar ICON DESCRIPTION Wizards: Click this icon to go to the configuration wizards.
Chapter 2 The Web Configurator 2.2.2 Navigation Panel Use the menu items on the navigation panel to open screens to configure ZyXEL Device features. The following tables describe each menu item. Table 3 Navigation Panel Summary LINK TAB Status FUNCTION This screen shows the ZyXEL Device’s general device and network status information. Use this screen to access the statistics and client list.
Chapter 2 The Web Configurator Table 3 Navigation Panel Summary LINK QoS TAB FUNCTION General Use this screen to enable QoS and traffic prioritizing. You can also configure the QoS rules and actions. Dynamic DNS Remote MGMT UPnP This screen allows you to use a static hostname alias for a dynamic IP address. WWW Use this screen to configure through which interface(s) and from which IP address(es) users can use HTTP to manage the ZyXEL Device.
Chapter 2 The Web Configurator 32 AMG1202-T10A User’s Guide
C HAPT ER 3 Status Screens 3.1 Overview Use the Status screens to look at the current status of the device, system resources, and interfaces (LAN and WAN). The Status screen also provides detailed information from DHCP and statistics from bandwidth management, and traffic. 3.2 The Status Screen Use this screen to view the status of the ZyXEL Device. Click Status to open this screen. Figure 8 Status Screen Each field is described in the following table.
Chapter 3 Status Screens Table 4 Status Screen LABEL DESCRIPTION Device Information Host Name This field displays the ZyXEL Device system name. It is used for identification. Model Number This is the model name of your device. MAC Address This is the MAC (Media Access Control) or Ethernet address unique to your ZyXEL Device. ZyNOS Firmware Version This is the current version of the firmware inside the device. Click this to go to the screen where you can change it.
Chapter 3 Status Screens Table 4 Status Screen LABEL DESCRIPTION System Uptime This field displays how long the ZyXEL Device has been running since it last started up. The ZyXEL Device starts up when you plug it in, when you restart it (Maintenance > Tools > Restart), or when you reset it. Current Date/ Time This field displays the current date and time in the ZyXEL Device. You can change this in Maintenance > System > Time Setting.
Chapter 3 Status Screens 36 AMG1202-T10A User’s Guide
C HAPT ER 4 Tutorials 4.1 Overview This chapter shows you how to use the ZyXEL Device’s various features. • Setting Up a Secure Wireless Network, see page 37 • Configuring the MAC Address Filter, see page 44 • Configuring Static Route for Routing to Another Network, see page 46 • Multiple Public and Private IP Address Mappings, see page 49 • Multiple WAN Connections Example, see page 52 4.
Chapter 4 Tutorials 1 Click Network > Wireless LAN to open the AP screen. Configure the screen using the provided parameters (see page 37). Click Apply. 2 Click the Advanced Setup button and select 802.11b+g+n in the 802.11 Mode field. Click Apply. Thomas can now use the WPS feature to establish a wireless connection between his notebook and the ZyXEL Device (see Section 4.2.2 on page 38). He can also use the notebook’s wireless client to search for the ZyXEL Device (see Section 4.2.3 on page 42). 4.
Chapter 4 Tutorials There are two WPS methods to set up the wireless client settings: • Push Button Configuration (PBC) - simply press a button. This is the easier of the two methods. • PIN Configuration - configure a Personal Identification Number (PIN) on the ZyXEL Device. A wireless client must also use the same PIN in order to download the wireless network settings from the ZyXEL Device.
Chapter 4 Tutorials The following figure shows you an example of how to set up a wireless network and its security by pressing a button on both ZyXEL Device and wireless client. Example WPS Process: PBC Method ZyXEL Device Wireless Client WITHIN 2 MINUTES Press and hold for 5 seconds SECURITY INFO COMMUNICATION PIN Configuration When you use the PIN configuration method, you need to use both the ZyXEL Device’s web configurator and the wireless client’s utility.
Chapter 4 Tutorials 2 Enter the PIN number in the PIN field in the Network > Wireless LAN > WPS Station screen on the ZyXEL Device. 3 Click the Start buttons (or the button next to the PIN field) on both the wireless client utility screen and the ZyXEL Device’s WPS Station screen within two minutes. The ZyXEL Device authenticates the wireless client and sends the proper configuration settings to the wireless client. This may take up to two minutes.
Chapter 4 Tutorials The following figure shows you how to set up a wireless network and its security on a ZyXEL Device and a wireless client by using PIN method. Example WPS Process: PIN Method Wireless Client ZyXEL Device WITHIN 2 MINUTES Authentication by PIN SECURITY INFO COMMUNICATION 4.2.3 Without WPS Use the wireless adapter’s utility installed on the notebook to search for the “Example” SSID.
Chapter 4 Tutorials Note: The ZyXEL Device supports IEEE 802.11b and IEEE 802.11g wireless clients. Make sure that your notebook or computer’s wireless adapter supports one of these standards. 4.2.4 Setting Up Wireless Network Scheduling Thomas mostly uses his notebook to access the Internet on weekends; occasionally he uses it at night on weekdays. Here is how Thomas can set up a schedule to turn on the wireless network at specific time and days.
Chapter 4 Tutorials 2 Configure the screen as follows. Turn on the wireless network from Mondays to Fridays between 18:00 and 23:30. Turn on the wireless network all day on Saturdays and Sundays. Click Apply. 4.3 Configuring the MAC Address Filter Thomas noticed that his daughter Josephine spends too much time surfing the web and downloading media files. He decided to prevent Josephine from accessing the Internet so that she can concentrate on preparing for her final exams.
Chapter 4 Tutorials 1 Click Network > LAN > Client List to open the following screen. Look for the MAC address of Josephine’s computer. 2 Click Network > Wireless LAN to open the AP screen. Click the Edit button in the MAC Filter field.
Chapter 4 Tutorials 3 Select Active MAC Filter and Deny Filter Action. Enter the MAC address you found in the Client List screen. Click Apply. Josephine will no longer be able to access the Internet through the ZyXEL Device. 4.4 Configuring Static Route for Routing to Another Network In order to extend your Intranet and control traffic flowing directions, you may connect a router to the ZyXEL Device’s LAN. The router may be used to separate two department networks.
Chapter 4 Tutorials computer A (in N1 network) to computer B (in N2 network), the traffic is sent to the ZyXEL Device’s WAN default gateway by default. In this case, B will never receive the traffic. N1 A R N2 B You need to specify a static routing rule on the ZyXEL Device to specify R as the router in charge of forwarding traffic to N2. In this case, the ZyXEL Device routes traffic from A to R and then R routes the traffic to B.
Chapter 4 Tutorials Table 5 IP Settings in this Tutorial DEVICE / COMPUTER IP ADDRESS R’s N2 192.168.10.2 B 192.168.10.33 To configure a static route to route traffic from N1 to N2: 1 Log into the ZyXEL Device’s Web Configurator in advanced mode. 2 Click Advanced > Static Route. 3 Click Edit on a new rule in the Static Route screen. 4 Configure the Static Route Setup screen using the following settings: 4a Type 192.168.10.0 and subnet mask 255.255.255.0 for the destination, N2. 4b Type 192.
Chapter 4 Tutorials 4.5 Multiple Public and Private IP Address Mappings If your ISP gives you more than one static IP address for your Internet access, you can map each IP address for a specific service. This tutorial assumes you are given two static public IP addresses. You want to map them to two servers A and B. IP-1 IP-2 A B C This tutorial uses the following example settings: Table 6 IP Settings in this Tutorial DEVICE / COMPUTER IP ADDRESS The ZyXEL Device’s WAN 172.16.1.253 (IP-1) 172.16.1.
Chapter 4 Tutorials To configure this: 1 Click Network > NAT. 2 Select Active Network Address Translation(NAT) and Full Feature in the General screen. Click Apply. 3 Click the Address Mapping tab, and then click the Edit icon on a new rule. 4 Configure the rule using the following settings: • Type: Many-to-Many No Overload • Local IP addresses: 192.168.1.2 ~ 192.168.1.3 • Global IP addresses: 172.16.1.253 ~ 172.16.1.254 Then click Apply.
Chapter 4 Tutorials 4.5.2 Full Feature NAT + One-to-One Mapping Use this setting if your applications must use fixed public IP addresses and the applications can be initiated either from the Intranet computers (A and B) or the Internet computer (C). For example, gaming application. IP-1 A B C To configure this setting: 1 Click Network > NAT. 2 Select Active Network Address Translation(NAT) and Full Feature in the General screen. Click Apply.
Chapter 4 Tutorials Global Start IP: 172.16.1.254 Click Apply on each of the screens. 4.6 Multiple WAN Connections Example This example shows an application for multiple WAN connections. Your ISP may configure more than one WAN connection on the ZyXEL Device to record traffic statistics or calculate service charges. In Figure 9, three WAN connections are configured over the ADSL line: • The connection with VPI/VCI, 0/33, is dedicated for Media-On-Demand (MOD) service.
P ART II Technical Reference 53
C HAPT ER 5 Internet and Wireless Setup Wizard 5.1 Overview Use the wizard setup screens to configure your system for Internet access with the information given to you by your ISP. Note: See the advanced menu chapters for background information on these fields. 5.2 Internet Access Wizard Setup 1 After you enter the password to access the web configurator, select Go to Wizard setup and click Apply. Otherwise, click the wizard icon ( ) in the top right corner of the web configurator to go to the wizards.
Chapter 5 Internet and Wireless Setup Wizard 2 Click INTERNET/WIRELESS SETUP to configure the system for Internet access and wireless connection. Figure 11 Wizard Welcome 3 Your ZyXEL device attempts to detect your DSL connection and your connection type. 3a The following screen appears if a connection is not detected. Check your hardware connections and click Restart the INTERNET/WIRELESS SETUP Wizard to return to the wizard welcome screen.
Chapter 5 Internet and Wireless Setup Wizard 3b The following screen displays if a PPPoE or PPPoA connection is detected. Enter your Internet account information (username, password and/or service name) exactly as provided by your ISP. Then click Next and see Section 5.3 on page 63 for wireless connection wizard setup. Figure 13 Auto-Detection: PPPoE 3c The following screen appears if the ZyXEL device detects a connection but not the connection type. Click Next and refer to Section 5.2.
Chapter 5 Internet and Wireless Setup Wizard 5.2.1 Manual Configuration 1 If the ZyXEL Device fails to detect your DSL connection type but the physical line is connected, enter your Internet access information in the wizard screen exactly as your service provider gave it to you. Leave the defaults in any fields for which you were not given information. Figure 15 Internet Access Wizard Setup: ISP Parameters The following table describes the fields in this screen.
Chapter 5 Internet and Wireless Setup Wizard Table 7 Internet Access Wizard Setup: ISP Parameters LABEL 2 DESCRIPTION VCI Enter the VCI assigned to you. This field may already be configured. Back Click this to return to the previous screen without saving. Next Click this to continue to the next wizard screen. The next wizard screen you see depends on what protocol you chose above. Exit Click this to close the wizard screen without saving.
Chapter 5 Internet and Wireless Setup Wizard The following table describes the fields in this screen. Table 8 LABEL DESCRIPTION User Name Enter the user name exactly as your ISP assigned. If assigned a name in the form user@domain where domain identifies a service name, then enter both components exactly as given. Password Enter the password associated with the user name above. Service Name Type the name of your PPPoE service here. Back Click this to return to the previous screen without saving.
Chapter 5 Internet and Wireless Setup Wizard The following table describes the fields in this screen. Table 9 Internet Connection with RFC 1483 LABEL DESCRIPTION IP Address This field is available if you select Routing in the Mode field. Type your ISP assigned IP address in this field. Back Click this to return to the previous screen without saving. Next Click this to continue to the next wizard screen. Exit Click this to close the wizard screen without saving.
Chapter 5 Internet and Wireless Setup Wizard The following table describes the fields in this screen. Table 10 Internet Connection with ENET ENCAP LABEL DESCRIPTION Obtain an IP Address Automatically A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not fixed; the ISP assigns you a different one each time you connect to the Internet. Static IP Address Select Static IP Address if your ISP gave you an IP address to use. IP Address Enter your ISP assigned IP address.
Chapter 5 Internet and Wireless Setup Wizard Table 11 Internet Connection with PPPoA (continued) LABEL DESCRIPTION Apply Click this to save your changes. Exit Click this to close the wizard screen without saving. • If the user name and/or password you entered for PPPoE or PPPoA connection are not correct, the screen displays as shown next. Click Back to Username and Password setup to go back to the screen where you can modify them.
Chapter 5 Internet and Wireless Setup Wizard 1 Select Yes and click Next to configure wireless settings. Otherwise, select No and skip to Step 6. Figure 22 Connection Test Successful 2 Use this screen to activate the wireless LAN. Click Next to continue. Figure 23 Wireless LAN Setup Wizard 1 The following table describes the labels in this screen. Table 12 Wireless LAN Setup Wizard 1 64 LABEL DESCRIPTION Active Select the check box to turn on the wireless LAN.
Chapter 5 Internet and Wireless Setup Wizard 3 Configure your wireless settings in this screen. Click Next. Figure 24 Wireless LAN The following table describes the labels in this screen. Table 13 Wireless LAN Setup Wizard 2 LABEL DESCRIPTION Network Name(SSID) Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless LAN. If you change this field on the ZyXEL Device, make sure all wireless stations use the same SSID in order to access the network.
Chapter 5 Internet and Wireless Setup Wizard 5.3.1 Manually Assign a WPA-PSK key Choose Manually assign a WPA-PSK key in the Wireless LAN setup screen to set up a PreShared Key. Figure 25 Manually Assign a WPA-PSK key The following table describes the labels in this screen. Table 14 Manually Assign a WPA-PSK key LABEL DESCRIPTION Pre-Shared Key Type from 8 to 63 case-sensitive ASCII characters. You can set up the most secure wireless connection by configuring WPA in the wireless LAN screens.
Chapter 5 Internet and Wireless Setup Wizard The following table describes the labels in this screen. Table 15 Manually Assign a WEP key LABEL DESCRIPTION Key The WEP keys are used to encrypt data. Both the ZyXEL Device and the wireless stations must use the same WEP key for data transmission. Enter any 5 or 13 ASCII characters, or 10 or 26 hexadecimal characters ("0-9", "AF") for a 64-bit or 128-bit WEP key respectively. 5 Back Click this to return to the previous screen without saving.
Chapter 5 Internet and Wireless Setup Wizard Note: No wireless LAN settings display if you chose not to configure wireless LAN settings. Figure 28 Internet Access and WLAN Wizard Setup Complete 7 68 Launch your web browser and navigate to www.zyxel.com. Internet access is just the beginning. Refer to the rest of this guide for more detailed information on the complete range of ZyXEL Device features.
C HAPT ER 6 WAN Setup 6.1 Overview This chapter describes how to configure WAN settings from the WAN screens. Use these screens to configure your ZyXEL Device for Internet access. A WAN (Wide Area Network) connection is an outside connection to another network or the Internet. It connects your private networks (such as a LAN (Local Area Network) and other networks, so that a computer in one location can communicate with computers in other locations. Figure 29 LAN and WAN LAN WAN 6.1.
Chapter 6 WAN Setup networks. It can be static (fixed) or dynamically assigned by the ISP each time the ZyXEL Device tries to access the Internet. If your ISP assigns you a static WAN IP address, they should also assign you the subnet mask and DNS server IP address(es) (and a gateway IP address if you use the Ethernet or ENET ENCAP encapsulation method).
Chapter 6 WAN Setup 6.2 The Internet Access Setup Screen Use this screen to change your ZyXEL Device’s WAN settings. Click Network > WAN > Internet Access Setup. The screen differs by the WAN type and encapsulation you select. Figure 30 Network > WAN >Internet Access Setup (PPPoE) The following table describes the labels in this screen. Table 16 Network > WAN > Internet Access Setup LABEL DESCRIPTION Line ADSL Mode Select the mode supported by your ISP.
Chapter 6 WAN Setup Table 16 Network > WAN > Internet Access Setup (continued) LABEL DESCRIPTION Mode Select Routing (default) from the drop-down list box if your ISP gives you one IP address only and you want multiple computers to share an Internet account. Select Bridge when your ISP provides you more than one IP address and you want the connected computers to get individual IP address from ISP’s DHCP server directly.
Chapter 6 WAN Setup Table 16 Network > WAN > Internet Access Setup (continued) LABEL DESCRIPTION Cancel Click this to restore your previously saved settings. Advanced Setup Click this to display the Advanced WAN Setup screen and edit more details of your WAN setup. 6.2.1 Advanced Internet Access Setup Use this screen to edit your ZyXEL Device's advanced WAN settings. Click the Advanced Setup button in the Internet Access Setup screen. The screen appears as shown.
Chapter 6 WAN Setup Table 17 Network > WAN > Internet Access Setup: Advanced Setup (continued) LABEL DESCRIPTION Multicast Multicast packets are sent to a group of computers on the LAN and are an alternative to unicast packets (packets sent to one computer) and broadcast packets (packets sent to every computer). Internet Group Multicast Protocol (IGMP) is a network-layer protocol used to establish membership in a multicast group. The ZyXEL Device supports IGMPv1, IGMP-v2 and IGMP-v3.
Chapter 6 WAN Setup differs by the encapsulation you select. When you use the WAN > Internet Access Setup screen to set up Internet access, you are configuring the first WAN connection. Figure 32 Network > WAN > More Connections The following table describes the labels in this screen. Table 18 Network > WAN > More Connections LABEL DESCRIPTION # This is an index number indicating the number of the corresponding connection. Active This field indicates whether the connection is active or not.
Chapter 6 WAN Setup 6.3.1 More Connections Edit Use this screen to configure a connection. Click the edit icon in the More Connections screen to display the following screen. Figure 33 Network > WAN > More Connections: Edit The following table describes the labels in this screen. Table 19 Network > WAN > More Connections: Edit LABEL DESCRIPTION General Active Select the check box to activate or clear the check box to deactivate this connection.
Chapter 6 WAN Setup Table 19 Network > WAN > More Connections: Edit (continued) LABEL DESCRIPTION Encapsulation Select the method of encapsulation used by your ISP from the drop-down list box. Choices vary depending on the mode you select in the Mode field. If you select Bridge in the Mode field, select either PPPoA or RFC 1483. If you select Routing in the Mode field, select PPPoA, RFC 1483, ENET ENCAP or PPPoE. Multiplexing Select the method of multiplexing used by your ISP from the drop-down list.
Chapter 6 WAN Setup Table 19 Network > WAN > More Connections: Edit (continued) LABEL DESCRIPTION Back Click this to return to the previous screen without saving. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. Advanced Setup Click this to display the More Connections Advanced Setup screen and edit more details of your WAN setup. 6.3.2 Configuring More Connections Advanced Setup Use this screen to edit your ZyXEL Device's advanced WAN settings.
Chapter 6 WAN Setup Table 20 Network > WAN > More Connections: Edit: Advanced Setup (continued) LABEL DESCRIPTION MTU The Maximum Transmission Unit (MTU) defines the size of the largest packet allowed on an interface or connection. Enter the MTU in this field. For ENET ENCAP, the MTU value is 1500. For PPPoE, the MTU value is 1492. For PPPoA and RFC, the MTU is 65535. Back Click this to return to the previous screen without saving. Apply Click this to save your changes.
Chapter 6 WAN Setup By implementing PPPoE directly on the ZyXEL Device (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the ZyXEL Device does that part of the task. Furthermore, with NAT, all of the LANs’ computers will have access. 6.4.1.3 PPPoA PPPoA stands for Point to Point Protocol over ATM Adaptation Layer 5 (AAL5). A PPPoA connection functions like a dial-up Internet connection.
Chapter 6 WAN Setup IP Assignment with PPPoA or PPPoE Encapsulation If you have a dynamic IP, then the IP Address and Gateway IP Address fields are not applicable (N/A). If you have a static IP, then you only need to fill in the IP Address field and not the Gateway IP Address field. IP Assignment with RFC 1483 Encapsulation In this case the IP address assignment must be static. IP Assignment with ENET ENCAP Encapsulation In this case you can have either a static or dynamic IP.
Chapter 6 WAN Setup Maximum Burst Size (MBS) is the maximum number of cells that can be sent at the PCR. After MBS is reached, cell rates fall below SCR until cell rate averages to the SCR again. At this time, more cells (up to the MBS) can be sent at the PCR again. If the PCR, SCR or MBS is set to the default of "0", the system will assign a maximum value that correlates to your upstream line rate. The following figure illustrates the relationship between PCR, SCR and MBS.
Chapter 6 WAN Setup Unspecified Bit Rate (UBR) The Unspecified Bit Rate (UBR) ATM traffic class is for bursty data transfers. However, UBR doesn't guarantee any bandwidth and only delivers traffic when the network has spare bandwidth. An example application is background file transfer.
Chapter 6 WAN Setup 84 AMG1202-T10A User’s Guide
C HAPT ER 7 LAN Setup 7.1 Overview A Local Area Network (LAN) is a shared communication system to which many networking devices are connected. It is usually located in one immediate area such as a building or floor of a building. Use the LAN screens to help you configure a LAN DHCP server and manage IP addresses. LAN DSL 7.1.1 What You Can Do in the LAN Screens • Use the LAN IP screen (Section 7.2 on page 86) to set the LAN IP address and subnet mask of your ZyXEL device.
Chapter 7 LAN Setup Subnet Mask Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks. DHCP A DHCP (Dynamic Host Configuration Protocol) server can assign your ZyXEL Device an IP address, subnet mask, DNS and other routing information when it's turned on. RIP RIP (Routing Information Protocol) allows a router to exchange routing information with other routers.
Chapter 7 LAN Setup 1 Enter an IP address into the IP Address field. The IP address must be in dotted decimal notation. This will become the IP address of your ZyXEL Device. 2 Enter the IP subnet mask into the IP Subnet Mask field. Unless instructed otherwise it is best to leave this alone, the configurator will automatically compute a subnet mask based upon the IP address you entered. 3 Click Apply to save your settings.
Chapter 7 LAN Setup The following table describes the labels in this screen. Table 22 Network > LAN > IP: Advanced Setup LABEL DESCRIPTION RIP & Multicast Setup RIP Direction Select the RIP direction from None, Both, In Only and Out Only. RIP Version Select the RIP version from RIP-1, RIP-2B and RIP-2M. Multicast IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a multicast group. The ZyXEL Device supports IGMPv1, IGMP-v2 and IGMP-v3.
Chapter 7 LAN Setup The following table describes the labels in this screen. Table 23 Network > LAN > DHCP Setup LABEL DESCRIPTION DHCP Setup DHCP If set to Server, your ZyXEL Device can assign IP addresses, an IP default gateway and DNS servers to Windows 95, Windows NT and other systems that support the DHCP client. If set to None, the DHCP server will be disabled.
Chapter 7 LAN Setup Use this screen to change your ZyXEL Device’s static DHCP settings. Click Network > LAN > Client List to open the following screen. Figure 39 Network > LAN > Client List The following table describes the labels in this screen. Table 24 Network > LAN > Client List LABEL DESCRIPTION IP Address Enter the IP address that you want to assign to the computer on your LAN with the MAC address that you will also specify. MAC Address Enter the MAC address of a computer on your LAN.
Chapter 7 LAN Setup When you use IP alias, you can also configure firewall rules to control access between the LAN's logical networks (subnets). Note: Make sure that the subnets of the logical networks do not overlap. The following figure shows a LAN divided into subnets A, B, and C. Figure 40 Physical Network & Partitioned Logical Networks A: 192.168.1.1 - 192.168.1.24 Ethernet Interface B: 192.168.2.1 - 192.168.2.24 C: 192.168.3.1 - 192.168.3.24 7.5.
Chapter 7 LAN Setup Table 25 Network > LAN > IP Alias LABEL DESCRIPTION RIP Direction RIP (Routing Information Protocol, RFC 1058 and RFC 1389) allows a router to exchange routing information with other routers. The RIP Direction field controls the sending and receiving of RIP packets. Select the RIP direction from Both/In Only/Out Only/None. When set to Both or Out Only, the ZyXEL Device will broadcast its routing table periodically.
Chapter 7 LAN Setup 7.6.2 DHCP Setup DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server. You can configure the ZyXEL Device as a DHCP server or disable it. When configured as a server, the ZyXEL Device provides the TCP/IP configuration for the clients. If you turn DHCP service off, you must have another DHCP server on your LAN, or else the computer must be manually configured.
Chapter 7 LAN Setup 192.168.255.0 and you must enable the Network Address Translation (NAT) feature of the ZyXEL Device. The Internet Assigned Number Authority (IANA) reserved this block of addresses specifically for private use; please do not use any other number unless you are told otherwise. Let's say you select 192.168.1.0 as the network number; which covers 254 individual addresses, from 192.168.1.1 to 192.168.1.254 (zero and 255 are reserved).
Chapter 7 LAN Setup The Version field controls the format and the broadcasting method of the RIP packets that the ZyXEL Device sends (it recognizes both formats when receiving). RIP-1 is universally supported; but RIP-2 carries more information. RIP-1 is probably adequate for most networks, unless you have an unusual network topology. Both RIP-2B and RIP-2M sends the routing data in RIP-2 format; the difference being that RIP-2B uses subnet broadcasting while RIP-2M uses multicasting. 7.6.
Chapter 7 LAN Setup 96 AMG1202-T10A User’s Guide
C HAPT ER 8 Wireless LAN 8.1 Overview This chapter describes how to perform tasks related to setting up and optimizing your wireless network, including the following. • Turning the wireless connection on or off. • Configuring a name, wireless channel and security for the network. • Using WiFi Protected Setup (WPS) to configure your wireless network. • Setting up multiple wireless networks. • Using a MAC (Media Access Control) address filter to restrict access to the wireless network.
Chapter 8 Wireless LAN 8.1.2 What You Need to Know About Wireless Wireless Basics “Wireless” is essentially radio communication. In the same way that walkie-talkie radios send and receive information over the airwaves, wireless networking devices exchange information with one another. A wireless networking device is just like a radio that lets your computer exchange information with radios attached to other computers.
Chapter 8 Wireless LAN 8.2 The AP Screen Use this screen to configure the wireless settings of your ZyXEL Device. Click Network > Wireless LAN to open the AP screen. Figure 43 Network > Wireless LAN > AP The following table describes the labels in this screen. Table 26 Network > Wireless LAN > AP LABEL DESCRIPTION Wireless Setup Enable Wireless LAN Click the check box to activate wireless LAN. Channel Selection Set the operating frequency/channel.
Chapter 8 Wireless LAN Table 26 Network > Wireless LAN > AP LABEL Edit DESCRIPTION Click this to go to the MAC Filter screen to configure MAC filter settings. See Section 8.2.6 on page 106 for more details. QoS Select this check box to activate Quality of Service (QoS). Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. Advanced Setup Click this to display the Wireless Advanced Setup screen and edit more details of your WLAN setup. See Section 8.2.
Chapter 8 Wireless LAN Note: WEP is extremely insecure. Its encryption can be broken by an attacker, using widely-available software. It is strongly recommended that you use a more effective security mechanism. Use the strongest security mechanism that all the wireless devices in your network support. For example, use WPA-PSK or WPA2-PSK if all your wireless devices support it, or use WPA or WPA2 if your wireless devices support it and you have a RADIUS server.
Chapter 8 Wireless LAN 8.2.3 WPA(2)-PSK Use this screen to configure and enable WPA(2)-PSK authentication. Click Network > Wireless LAN to display the AP screen. Select WPA-PSK or WPA2-PSK from the Security Mode list. Figure 46 Network > Wireless LAN > AP: WPA(2)-PSK The following table describes the wireless LAN security labels in this screen. Table 29 Network > Wireless LAN > AP: WPA(2)-PSK LABEL DESCRIPTION Security Mode Choose WPA-PSK or WPA2-PSK from the drop-down list box.
Chapter 8 Wireless LAN 8.2.4 WPA(2) Authentication Use this screen to configure and enable WPA or WPA2 authentication. Click the Wireless LAN link under Network to display the AP screen. Select WPA, WPA2 or WPAMixed from the Security Mode list. Figure 47 Network > Wireless LAN > AP: WPA(2) The following table describes the wireless LAN security labels in this screen. Table 30 Network > Wireless LAN > AP: WPA(2) LABEL DESCRIPTION Security Mode Choose WPA or WPA2 from the drop-down list box.
Chapter 8 Wireless LAN Table 30 Network > Wireless LAN > AP: WPA(2) LABEL DESCRIPTION WPA Group Key Update Timer The Group Key Update Timer is the rate at which the AP (if using WPA(2)PSK key management) or RADIUS server (if using WPA(2) key management) sends a new group key out to all clients. The re-keying process is the WPA(2) equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis.
Chapter 8 Wireless LAN Table 31 Network > Wireless LAN > AP: Advanced Setup LABEL DESCRIPTION Preamble Select a preamble type from the drop-down list menu. Choices are Long or Short. See the Appendix D on page 269 for more information. 802.11 Mode Select 802.11b Only to allow only IEEE 802.11b compliant WLAN devices to associate with the ZyXEL Device. Select 802.11g Only to allow only IEEE 802.11g compliant WLAN devices to associate with the ZyXEL Device. Select 802.11b+g to allow either IEEE 802.
Chapter 8 Wireless LAN 8.2.6 MAC Filter Use this screen to change your ZyXEL Device’s MAC filter settings. Click the Edit button in the AP screen. The screen appears as shown. Figure 49 Network > Wireless LAN > AP: MAC Address Filter The following table describes the labels in this screen. Table 32 Network > Wireless LAN > AP: MAC Address Filter LABEL DESCRIPTION Active MAC Filter Select the check box to enable MAC address filtering.
Chapter 8 Wireless LAN 8.3 The More AP Screen This screen allows you to enable and configure multiple Basic Service Sets (BSSs) on the ZyXEL Device. Click Network > Wireless LAN > More AP. The following screen displays. Figure 50 Network > Wireless LAN > More AP The following table describes the labels in this screen. Table 33 Network > Wireless LAN > More AP LABEL DESCRIPTION # This is the index number of each SSID profile. Active This field indicates whether this SSID is active.
Chapter 8 Wireless LAN 8.3.1 More AP Edit Use this screen to edit an SSID profile. Click the Edit icon next to an SSID in the More AP screen. The following screen displays. Figure 51 Network > Wireless LAN > More AP: Edit The following table describes the fields in this screen. Table 34 Network > Wireless LAN > More AP: Edit LABEL DESCRIPTION Network Name (SSID) The SSID (Service Set IDentity) identifies the service set with which a wireless device is associated.
Chapter 8 Wireless LAN WPS allows you to quickly set up a wireless network with strong security, without having to configure security settings manually. Set up each WPS connection between two devices. Both devices must support WPS. Click Network > Wireless LAN > WPS. The following screen displays. Figure 52 Network > Wireless LAN > WPS The following table describes the labels in this screen.
Chapter 8 Wireless LAN 8.5 The WPS Station Screen Use this screen to set up a WPS wireless network using either Push Button Configuration (PBC) or PIN Configuration. Click Network > Wireless LAN > WPS Station. The following screen displays. Figure 53 Network > Wireless LAN > WPS Station The following table describes the labels in this screen.
Chapter 8 Wireless LAN Note: WDS security is independent of the security settings between the ZyXEL Device and any wireless clients. Note: At the time of writing, WDS is compatible with other ZyXEL APs only. Not all models support WDS links. Check your other AP’s documentation. Click Network > Wireless LAN > WDS. The following screen displays. Figure 54 Network > Wireless LAN > WDS The following table describes the labels in this screen.
Chapter 8 Wireless LAN 8.7 The Scheduling Screen Use the wireless LAN scheduling to configure the days you want to enable or disable the wireless LAN. Click Network > Wireless LAN > Scheduling. The following screen displays. Figure 55 Network > Wireless LAN > Scheduling The following table describes the labels in this screen. Table 38 Network > Wireless LAN > QoS LABEL DESCRIPTION Enable Wireless LAN Scheduling Select this box to activate wireless LAN scheduling on your ZyXEL Device.
Chapter 8 Wireless LAN 8.8.1 Wireless Network Overview Wireless networks consist of wireless clients, access points and bridges. • A wireless client is a radio connected to a user’s computer. • An access point is a radio with a wired connection to a network, which can connect with numerous wireless clients and let them access the network. • A bridge is a radio that relays communications between access points and wireless clients, extending a network’s range.
Chapter 8 Wireless LAN • If two wireless networks overlap, they should use a different channel. Like radio stations or television channels, each wireless network uses a specific channel, or frequency, to send and receive information. • Every device in the same wireless network must use security compatible with the AP. Security stops unauthorized devices from using the wireless network. It can also protect the information that is sent in the wireless network.
Chapter 8 Wireless LAN These security standards do two things. First, they authenticate. This means that only people presenting the right credentials (often a username and password, or a “key” phrase) can access the network. Second, they encrypt. This means that the information sent over the air is encoded. Only people with the code key can understand the information, and only people who have been authenticated are given the code key. These security standards vary in effectiveness.
Chapter 8 Wireless LAN This type of security does not protect the information that is sent in the wireless network. Furthermore, there are ways for unauthorized wireless devices to get the MAC address of an authorized device. Then, they can use that MAC address to use the wireless network. 8.8.3.3 User Authentication Authentication is the process of verifying whether a wireless device is allowed to use the wireless network. You can make every user log in to the wireless network before using it.
Chapter 8 Wireless LAN support WPA2, you should set up WPA2-PSK or WPA2 (depending on the type of wireless network login) and select the WPA compatible option in the ZyXEL Device. Many types of encryption use a key to protect the information in the wireless network. The longer the key, the stronger the encryption. Every device in the wireless network must have the same key. 8.8.
Chapter 8 Wireless LAN 8.8.6 MBSSID Traditionally, you need to use different APs to configure different Basic Service Sets (BSSs). As well as the cost of buying extra APs, there is also the possibility of channel interference. The ZyXEL Device’s MBSSID (Multiple Basic Service Set IDentifier) function allows you to use one access point to provide several BSSs simultaneously. You can then assign varying QoS priorities and/or security modes to different SSIDs.
Chapter 8 Wireless LAN to authenticate the other) in each of the two devices. When WPS is activated on a device, it has two minutes to find another device that also has WPS activated. Then, the two devices connect and set up a secure network by themselves. 8.8.8.1 Push Button Configuration WPS Push Button Configuration (PBC) is initiated by pressing a button on each WPS-enabled device, and allowing them to connect automatically. You do not need to enter any information.
Chapter 8 Wireless LAN 3 Look for the client’s WPS PIN; it will be displayed either on the device, or in the WPS section of the client’s configuration interface (see the device’s User’s Guide for how to find the WPS PIN - for the ZyXEL Device, see Section 8.4 on page 108). 4 Enter the client’s PIN in the AP’s configuration interface.
Chapter 8 Wireless LAN The following figure shows a WPS-enabled wireless client (installed in a notebook computer) connecting to the WPS-enabled AP via the PIN method. Figure 59 Example WPS Process: PIN Method ENROLLEE REGISTRAR WPS This device’s WPS PIN: 123456 WPS Enter WPS PIN from other device: WPS START WPS START WITHIN 2 MINUTES SECURE EAP TUNNEL SSID WPA(2)-PSK COMMUNICATION 8.8.8.3 How WPS Works When two WPS-enabled devices connect, each device must assume a specific role.
Chapter 8 Wireless LAN The following figure shows a WPS-enabled client (installed in a notebook computer) connecting to a WPS-enabled access point. Figure 60 How WPS works ACTIVATE WPS ACTIVATE WPS WITHIN 2 MINUTES WPS HANDSHAKE ENROLLEE SECURE TUNNEL REGISTRAR SECURITY INFO COMMUNICATION The roles of registrar and enrollee last only as long as the WPS setup process is active (two minutes). The next time you use WPS, a different device can be the registrar if necessary.
Chapter 8 Wireless LAN is the registrar, and Client 1 is the enrollee. The registrar randomly generates the security information to set up the network, since it is unconfigured and has no existing information. Figure 61 WPS: Example Network Step 1 ENROLLEE REGISTRAR SECURITY INFO AP1 CLIENT 1 In step 2, you add another wireless client to the network.
Chapter 8 Wireless LAN In step 3, you add another access point (AP2) to your network. AP2 is out of range of AP1, so you cannot use AP1 for the WPS handshake with the new access point. However, you know that Client 2 supports the registrar function, so you use it to perform the WPS handshake instead. Figure 63 WPS: Example Network Step 3 EXISTING CONNECTION CLIENT 1 IS EX O GC TIN ION CT E NN AP1 REGISTRAR CLIENT 2 SE CU RIT Y ENROLLEE INF O AP2 8.8.8.
Chapter 8 Wireless LAN • When you use the PBC method, there is a short period (from the moment you press the button on one device to the moment you press the button on the other device) when any WPS-enabled device could join the network. This is because the registrar has no way of identifying the “correct” enrollee, and cannot differentiate between your enrollee and a rogue device. This is a possible way for a hacker to gain access to a network. You can easily check to see if this has happened.
Chapter 8 Wireless LAN 126 AMG1202-T10A User’s Guide
C HAPT ER 9 Network Address Translation (NAT) 9.1 Overview This chapter discusses how to configure NAT on the ZyXEL Device. NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a host in a packet, for example, the source address of an outgoing packet, used within one network to a different IP address known within another network. 9.1.1 What You Can Do in the NAT Screens • Use the NAT General Setup screen (Section 9.2 on page 128) to configure the NAT setup settings.
Chapter 9 Network Address Translation (NAT) Port Forwarding A port forwarding set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visible to the outside world even though NAT makes your whole inside network appear as a single computer to the outside world. SUA (Single User Account) Versus NAT SUA (Single User Account) is a ZyNOS implementation of a subset of NAT that supports two types of mapping, Many-to-One and Server.
Chapter 9 Network Address Translation (NAT) Table 41 Network > NAT > General (continued) LABEL DESCRIPTION Full Feature Select this radio button if you have multiple public WAN IP addresses for your ZyXEL Device. Max NAT/Firewall Session Per User When computers use peer to peer applications, such as file sharing applications, they need to establish NAT sessions.
Chapter 9 Network Address Translation (NAT) Configuring Servers Behind Port Forwarding (Example) Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 65 Multiple Servers Behind NAT Example A=192.168.1.
Chapter 9 Network Address Translation (NAT) Table 42 Network > NAT > Port Forwarding LABEL DESCRIPTION Service Name Select a service from the drop-down list box. Server IP Address Enter the IP address of the server for the specified service. Add Click this button to add a rule to the table below. # This is the rule index number (read-only). Active This field indicates whether the rule is active or not. Clear the check box to disable the rule. Select the check box to enable it.
Chapter 9 Network Address Translation (NAT) The following table describes the fields in this screen. Table 43 Network > NAT > Port Forwarding: Edit LABEL DESCRIPTION Rule Setup Active Click this check box to enable the rule. Service Name Enter a name to identify this port-forwarding rule. Start Port Enter a port number in this field. To forward only one port, enter the port number again in the End Port field.
Chapter 9 Network Address Translation (NAT) To change your ZyXEL Device’s address mapping settings, click Network > NAT > Address Mapping to open the following screen. Figure 68 Network > NAT > Address Mapping The following table describes the fields in this screen. Table 44 Network > NAT > Address Mapping LABEL DESCRIPTION # This is the rule index number. Local Start IP This is the starting Inside Local IP Address (ILA). Local IP addresses are N/A for Server port mapping.
Chapter 9 Network Address Translation (NAT) 9.4.1 The Address Mapping Rule Edit Screen Use this screen to edit an address mapping rule. Click the rule’s edit icon in the Address Mapping screen to display the screen shown next. Figure 69 Network > NAT > Address Mapping: Edit The following table describes the fields in this screen. Table 45 Network > NAT > Address Mapping: Edit LABEL DESCRIPTION Type Choose the port mapping type from one of the following.
Chapter 9 Network Address Translation (NAT) Table 45 Network > NAT > Address Mapping: Edit (continued) LABEL DESCRIPTION Back Click this to return to the previous screen without saving. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. 9.5 The ALG Screen Some NAT routers may include a SIP Application Layer Gateway (ALG). A SIP ALG allows SIP calls to pass through NAT by examining and translating IP addresses embedded in the data stream.
Chapter 9 Network Address Translation (NAT) Global/local denotes the IP address of a host in a packet as the packet traverses a router, for example, the local address refers to the IP address of a host when the packet is in the local network, while the global address refers to the IP address of the host when the same packet is traveling in the WAN side. Note that inside/outside refers to the location of a host, while global/local refers to the IP address of a host used in a packet.
Chapter 9 Network Address Translation (NAT) ZyXEL Device keeps track of the original addresses and port numbers so incoming reply packets can have their original values restored. The following figure illustrates this. Figure 71 How NAT Works NAT Table LAN Inside Local IP Address 192.168.1.10 192.168.1.11 192.168.1.12 192.168.1.13 192.168.1.13 192.168.1.12 SA SA 192.168.1.10 IGA1 Inside Local Address (ILA) 192.168.1.
Chapter 9 Network Address Translation (NAT) • One to One: In One-to-One mode, the ZyXEL Device maps one local IP address to one global IP address. • Many to One: In Many-to-One mode, the ZyXEL Device maps multiple local IP addresses to one global IP address. This is equivalent to SUA (for instance, PAT, port address translation), ZyXEL’s Single User Account feature that previous ZyXEL routers supported (the SUA Only option in today’s routers).
C HAPTER 10 Firewall 10.1 Overview This chapter shows you how to enable the ZyXEL Device firewall. Use the firewall to protect your ZyXEL Device and network from attacks by hackers on the Internet and control access to it. By default the firewall: • allows traffic that originates from your LAN computers to go to all other networks. • blocks traffic that originates on other networks from going to the LAN. • blocks SYN and port scanner attacks.
Chapter 10 Firewall LAND Attack In a LAND attack, hackers flood SYN packets into the network with a spoofed source IP address of the target system. This makes it appear as if the host computer sent the packets to itself, making the system unavailable while the target system tries to respond to itself. Ping of Death Ping of Death uses a "ping" utility to create and send an IP packet that exceeds the maximum 65,536 bytes of data allowed by the IP specification.
Chapter 10 Firewall 10.2 The Firewall Screen Use this screen to enable firewall and/or SPI. Click Advanced Setup > Firewall to display the following screen. Figure 73 Advanced Setup > Firewall The following table describes the labels in this screen. Table 49 Advanced > Firewall LABEL DESCRIPTION Firewall Use this field to enable or disable firewall on your ZyXEL Device. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings.
Chapter 10 Firewall 142 AMG1202-T10A User’s Guide
C HAPTER 11 Filters 11.1 Overview This chapter introduces three types of filters supported by the ZyXEL Device. You can configure rules to restrict traffic by IP addresses, MAC addresses, application types and/or URLs. 11.1.1 What You Can Do in the Filter Screens • Use the URL Filter screen (Section 11.2 on page 144) to block access to web sites. • Use the Application Filter screen (Section 11.3 on page 145) to allow or deny traffic from certain types of applications.
Chapter 11 Filters 11.2 The URL Filter Screen Use this screen to block websites by URL. Click Security > Filter > URL Filter. The screen appears as shown. Figure 74 Security > Filter > URL Filter The following table describes the labels in this screen. Table 50 Access Management > Filter (URL) LABEL DESCRIPTION URL Filter Editing Active Use this field to enable or disable the URL filter. URL Index Select the index number of the filter. URL Enter the URL for the ZyXEL Device to block.
Chapter 11 Filters 11.3 The Application Filter Screen Use this screen to allow or deny traffic for certain types of applications. The application filter provides a convenient way to manage the use of various applications on the network. Click Security > Filter > Application Filter. The screen appears as shown. Figure 75 Security > Filter > Application Filter The following table describes the labels in this screen.
Chapter 11 Filters 11.4 The IP/MAC Filter Screen Use this screen to create and apply IP/MAC filters. Click Security > Filter > IP/MAC Filter. The screen appears as shown. Figure 76 Security > Filter > IP/MAC Filter The following table describes the labels in this screen. Table 52 Access Management > Filter (IP/MAC) LABEL DESCRIPTION IP Filter Select IP Filter Select Select IP White Filter to configure traffic to allow. Select IP Black Filter to configure traffic to block.
Chapter 11 Filters Table 52 Access Management > Filter (IP/MAC) (continued) LABEL DESCRIPTION IP/MAC Filter Rule Editing IP/MAC Filter Rule Index Select the index number of the filter rule. Rule Type Select IP to allow or block traffic by IP addresses. Active Use this field to enable or disable the rule. Source Start IP Address Enter the source start IP address of the IP address range for the packets you wish to filter. This field is ignored if it is 0.0.0.0.
Chapter 11 Filters 148 AMG1202-T10A User’s Guide
C HAPTER 12 Static Route 12.1 Overview The ZyXEL Device usually uses the default gateway to route outbound traffic from computers on the LAN to the Internet. To have the ZyXEL Device send data to devices not reachable through the default gateway, use static routes. For example, the next figure shows a computer (A) connected to the ZyXEL Device’s LAN interface. The ZyXEL Device routes most traffic from A to the Internet through the ZyXEL Device’s default gateway (R1).
Chapter 12 Static Route 12.1.1 What You Can Do in the Static Route Screens Use the Static Route screens (Section 12.2 on page 150) to view and configure IP static routes on the ZyXEL Device. 12.2 The Static Route Screen Use this screen to view the static route rules. Click Advanced > Static Route to open the Static Route screen. Figure 78 Advanced > Static Route The following table describes the labels in this screen.
Chapter 12 Static Route Table 53 Advanced > Static Route LABEL DESCRIPTION Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. 12.2.1 Static Route Edit Use this screen to configure the required information for a static route. Select a static route index number and click Edit. The screen shown next appears. Figure 79 Advanced > Static Route: Edit The following table describes the labels in this screen.
Chapter 12 Static Route 152 AMG1202-T10A User’s Guide
C HAPTER 13 802.1Q/1P 13.1 Overview This chapter describes how to configure the 802.1Q/1P settings. A Virtual Local Area Network (VLAN) allows a physical network to be partitioned into multiple logical networks. A VLAN group can be treated as an individual device. Each group can have its own rules about where and how to forward traffic. You can assign any ports on the ZyXEL Device to a VLAN group and configure the settings for the group.
Chapter 13 802.1Q/1P PVC A virtual circuit is a logical point-to-point circuit between customer sites. Permanent means that the circuit is preprogrammed by the carrier as a path through the network. It does not need to be set up or torn down for each session. Forwarding Tagged and Untagged Frames Each port on the device is capable of passing tagged or untagged frames. To forward a frame from an 802.1Q VLAN-aware device to an 802.
Chapter 13 802.1Q/1P Note: If the WAN interface in the VLAN group is not the default router, you need to create a static route to communicate with the WAN. Figure 81 Advanced > 802.1Q/1P > Group Setting The following table describes the labels in this screen. Table 55 Advanced > 802.1Q/1P > Group Setting LABEL DESCRIPTION 802.1Q/1P Active Select this check box to activate the 802.1P/1Q feature. Summary # This field displays the index number of the VLAN group. Active This field displays whether 802.
Chapter 13 802.1Q/1P 13.2.1 Editing 802.1Q/1P Group Setting Use this screen to configure the settings for each VLAN group. In the 802.1Q/1P screen, click the Edit button from the Modify filed to display the following screen. Figure 82 Advanced > 802.1Q/1P > Group Setting > Edit The following table describes the labels in this screen. Table 56 Advanced > 802.1Q/1P > Group Setting > Edit LABEL DESCRIPTION Active Select this check box to activate the group setting.
Chapter 13 802.1Q/1P Table 56 Advanced > 802.1Q/1P > Group Setting > Edit (continued) LABEL DESCRIPTION Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. 13.3 The 802.1Q/1P Port Setting Screen Use this screen to configure the PVID for each port. Click Advanced > 802.1Q/1P > Port Setting to display the following screen. Figure 83 Advanced > 802.1Q/1P > Port Setting The following table describes the labels in this screen. Table 57 Advanced > 802.
Chapter 13 802.
C HAPTER 14 Quality of Service (QoS) 14.1 Overview Use the QoS screen to set up your ZyXEL Device to use QoS for traffic management. Quality of Service (QoS) refers to both a network’s ability to deliver data with minimum delay, and the networking methods used to control bandwidth. QoS allows the ZyXEL Device to group and prioritize application traffic and fine-tune network performance. Without QoS, all traffic data are equally likely to be dropped when the network is congested.
Chapter 14 Quality of Service (QoS) • Use the QoS Settings Summary screen (Section 14.2.1 on page 163) to check the summary of QoS rules and actions you configured for the ZyXEL Device. 14.1.2 What You Need to Know About QoS 802.1p QoS is used to prioritize source-to-destination traffic flows. All packets in the same flow are given the same priority. 802.1p is a way of managing traffic in a network by grouping similar types of traffic together and treating each type as a class. You can use 802.
Chapter 14 Quality of Service (QoS) Click Advanced Setup > QoS to open the screen as shown next. Figure 85 Advanced Setup > QoS The following table describes the labels in this screen. Table 58 Advanced Setup > QoS LABEL DESCRIPTION Quality of Service QoS Use this field to turn on QoS to improve your network performance. You can give priority to traffic that the ZyXEL Device forwards out through the WAN interface. Give high priority to voice and video to make them run more smoothly.
Chapter 14 Quality of Service (QoS) Table 58 Advanced Setup > QoS LABEL DESCRIPTION Active Use this field to enable or disable the rule. Application Select an application from the drop-down list box. The Destination Port Range and Protocol ID fields may change depending on the type of applications you choose. Physical Ports Select Enet1 to apply the rule to the Ethernet port. Destination MAC Type a destination MAC address here.
Chapter 14 Quality of Service (QoS) Table 58 Advanced Setup > QoS LABEL DESCRIPTION Queue # Specify a Low, Medium, High or Highest queue tag to matched traffic. Traffic assigned to a higher queue gets through faster while traffic in lower queues is dropped when there is network congestion. ADD Click this to add the rule. DELETE Click this to remove the rule. CANCEL Click this to restore previously saved settings. 14.2.
Chapter 14 Quality of Service (QoS) Table 59 Advanced Setup > QoS > QoS Settings Summary (continued) LABEL DESCRIPTION 802.1p Remarking The ZyXEL Device re-assigns the priority levels specified in this field to matched traffic. Queue # The ZyXEL Device assigns the queue level specified in this field to matched traffic. 14.3 QoS Technical Reference This section provides some technical background information about the topics covered in this chapter. 14.3.1 IEEE 802.1p IEEE 802.
Chapter 14 Quality of Service (QoS) The following table shows you the internal layer-2 and layer-3 QoS mapping on the ZyXEL Device. On the ZyXEL Device, traffic assigned to higher priority queues gets through faster while traffic in lower index queues is dropped if the network is congested. Table 61 Internal Layer2 and Layer3 QoS Mapping LAYER 2 LAYER 3 PRIORITY QUEUE IEEE 802.
Chapter 14 Quality of Service (QoS) 166 AMG1202-T10A User’s Guide
C HAPTER 15 Dynamic DNS Setup 15.1 Overview Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect.
Chapter 15 Dynamic DNS Setup 15.2 The Dynamic DNS Screen Use this screen to change your ZyXEL Device’s DDNS. Click Advanced > Dynamic DNS. The screen appears as shown. Figure 87 Advanced > Dynamic DNS The following table describes the fields in this screen. Table 62 Advanced > Dynamic DNS LABEL DESCRIPTION Dynamic DNS Setup Active Dynamic DNS Select this check box to use dynamic DNS. Service Provider This is the name of your Dynamic DNS service provider.
C HAPTER 16 Remote Management 16.1 Overview Remote management allows you to determine which services/protocols can access which ZyXEL Device interface (if any) from which computers. The following figure shows remote management of the ZyXEL Device coming in from the WAN. Figure 88 Remote Management From the WAN LAN WAN HTTP Telnet Note: When you configure remote management to allow management from the WAN, you still need to configure a firewall rule to allow access.
Chapter 16 Remote Management 16.1.1 What You Can Do in the Remote Management Screens • Use the WWW screen (Section 16.2 on page 171) to configure through which interface(s) and from which IP address(es) users can use HTTP to manage the ZyXEL Device. • Use the Telnet screen (Section 16.3 on page 171) to configure through which interface(s) and from which IP address(es) users can use Telnet to manage the ZyXEL Device. • Use the FTP screen (Section 16.
Chapter 16 Remote Management 16.2 The WWW Screen Use this screen to specify how to connect to the ZyXEL Device from a web browser, such as Internet Explorer. Note: If you disable the WWW service in the Remote MGMT > WWW screen, then the ZyXEL Device blocks all HTTP connection attempts. 16.2.1 Configuring the WWW Screen Click Advanced > Remote MGMT to display the WWW screen. Figure 89 Advanced > Remote MGMT > WWW The following table describes the labels in this screen.
Chapter 16 Remote Management Click Advanced > Remote MGMT > Telnet tab to display the screen as shown. Figure 90 Advanced > Remote MGMT > Telnet The following table describes the labels in this screen. Table 64 Advanced > Remote Management > Telnet LABEL DESCRIPTION Server Port You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management.
Chapter 16 Remote Management Use this screen to specify which interfaces allow FTP access and from which IP address the access can come. To change your ZyXEL Device’s FTP settings, click Advanced > Remote MGMT > FTP. The screen appears as shown. Figure 91 Advanced > Remote MGMT > FTP The following table describes the labels in this screen. Table 65 Advanced > Remote MGMT > FTP LABEL DESCRIPTION Server Port You may change the server port number for a service, if needed.
Chapter 16 Remote Management supports SNMP version one (SNMPv1) and version two (SNMPv2c). The next figure illustrates an SNMP management operation. Figure 92 SNMP Management Model An SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the ZyXEL Device). An agent translates the local management information from the managed device into a form compatible with SNMP.
Chapter 16 Remote Management 16.5.1 Configuring SNMP To change your ZyXEL Device’s SNMP settings, click Advanced > Remote MGMT > SNMP tab. The screen appears as shown. Figure 93 Advanced > Remote MGMT > SNMP The following table describes the labels in this screen. Table 66 Advanced > Remote MGMT > SNMP LABEL DESCRIPTION SNMP Server Port The SNMP agent listens on port 161 by default.
Chapter 16 Remote Management Table 66 Advanced > Remote MGMT > SNMP (continued) LABEL DESCRIPTION Apply Click Apply to save your changes back to the ZyXEL Device. Cancel Click Cancel to begin configuring this screen afresh. 16.6 The DNS Screen Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa. Refer to Chapter 7 on page 85 for background information.
Chapter 16 Remote Management 16.7 The ICMP Screen To change your ZyXEL Device’s security settings, click Advanced > Remote MGMT > ICMP. The screen appears as shown. If an outside user attempts to probe an unsupported port on your ZyXEL Device, an ICMP response packet is automatically returned. This allows the outside user to know the ZyXEL Device exists. Your ZyXEL Device supports anti-probing, which prevents the ICMP response packet from being sent.
C HAPTER 17 Universal Plug-and-Play (UPnP) 17.1 Overview Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices. A UPnP device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network. In turn, a device can leave a network smoothly and automatically when it is no longer in use. 17.1.
Chapter 17 Universal Plug-and-Play (UPnP) When a UPnP device joins a network, it announces its presence with a multicast message. For security reasons, the ZyXEL Device allows multicast messages on the LAN only. All UPnP-enabled devices may communicate freely with each other without additional configuration. Disable UPnP if this is not your intention. UPnP and ZyXEL ZyXEL has achieved UPnP certification from the Universal Plug and Play Forum UPnP™ Implementers Corp. (UIC).
Chapter 17 Universal Plug-and-Play (UPnP) Table 69 Advanced > UPnP > General LABEL DESCRIPTION Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. 17.3 Installing UPnP in Windows Example This section shows how to install UPnP in Windows Me and Windows XP. Installing UPnP in Windows Me Follow the steps below to install the UPnP in Windows Me. 1 Click Start and Control Panel. Double-click Add/Remove Programs.
Chapter 17 Universal Plug-and-Play (UPnP) 3 In the Communications window, select the Universal Plug and Play check box in the Components selection box. Add/Remove Programs: Windows Setup: Communication: Components 4 Click OK to go back to the Add/Remove Programs Properties window and click Next. 5 Restart the computer when prompted. Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP. 1 Click Start and Control Panel. 2 Double-click Network Connections.
Chapter 17 Universal Plug-and-Play (UPnP) 3 In the Network Connections window, click Advanced in the main menu and select Optional Networking Components …. Network Connections 4 The Windows Optional Networking Components Wizard window displays. Select Networking Service in the Components selection box and click Details.
Chapter 17 Universal Plug-and-Play (UPnP) 5 In the Networking Services window, select the Universal Plug and Play check box. Networking Services 6 Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. 17.4 Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the ZyXEL Device. Make sure the computer is connected to a LAN port of the ZyXEL Device.
Chapter 17 Universal Plug-and-Play (UPnP) 2 Right-click the icon and select Properties. Network Connections 3 In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created.
Chapter 17 Universal Plug-and-Play (UPnP) 4 You may edit or delete the port mappings or click Add to manually add port mappings. Internet Connection Properties: Advanced Settings Internet Connection Properties: Advanced Settings: Add 5 When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically.
Chapter 17 Universal Plug-and-Play (UPnP) 6 Select Show icon in notification area when connected option and click OK. An icon displays in the system tray. System Tray Icon 7 Double-click on the icon to display your current Internet connection status. Internet Connection Status Web Configurator Easy Access With UPnP, you can access the web-based configurator on the ZyXEL Device without finding out the IP address of the ZyXEL Device first.
Chapter 17 Universal Plug-and-Play (UPnP) 3 Select My Network Places under Other Places. Network Connections 4 An icon with the description for each UPnP-enabled device displays under Local Network.
Chapter 17 Universal Plug-and-Play (UPnP) 5 Right-click on the icon for your ZyXEL Device and select Invoke. The web configurator login screen displays. Network Connections: My Network Places 6 Right-click on the icon for your ZyXEL Device and select Properties. A properties window displays with basic information about the ZyXEL Device.
C HAPTER 18 System Settings 18.1 Overview This chapter shows you how to configure system related settings, such as system time, password, name, the domain name and the inactivity timeout interval. 18.1.1 What You Can Do in the System Settings Screens • Use the General screen (Section 18.2 on page 189) to configure system settings. • Use the Time and Date screen (Section 18.3 on page 190) to set the system time. 18.2 The General Screen Use this screen to configure system admin password.
Chapter 18 System Settings Table 70 Maintenance > System > General LABEL Retype to confirm DESCRIPTION Type the new password again for confirmation. Apply Click this to save your changes. Cancel Click this to restore your previously saved settings. 18.3 The Time and Date Screen Use this screen to configure the ZyXEL Device’s time based on your local time zone. To change your ZyXEL Device’s time and date, click Maintenance > System > Time and Date. The screen appears as shown.
Chapter 18 System Settings Table 71 Maintenance > System > Time and Date (continued) LABEL DESCRIPTION Manual Select this radio button to enter the time and date manually. If you configure a new time and date, Time Zone and Daylight Saving at the same time, the new time and date you entered has priority and the Time Zone and Daylight Saving settings do not affect it. New Time This field displays the last updated time from the time server or the last time configured manually.
Chapter 18 System Settings Table 71 Maintenance > System > Time and Date (continued) LABEL 192 DESCRIPTION Apply Click this to save your changes. Cancel Click this to restore your previously saved settings.
C HAPTER 19 Logs 19.1 Overview This chapter contains information about viewing the ZyXEL Device’s logs. The web configurator allows you to choose which types of events and/or alerts to have the ZyXEL Device log and then display the logs. 19.1.1 What You Need To Know About Logs Alerts An alert is a message that is enabled as soon as the event occurs. They include system errors, attacks (access control) and attempted access to blocked web sites.
Chapter 19 Logs Alerts are e-mailed as soon as they happen. Logs may be e-mailed as soon as the log is full. Selecting many alert and/or log categories (especially Access Control) may result in many e-mails being sent. Figure 99 Maintenance > System Logs The following table describes the fields in this screen. Table 72 Maintenance > Logs > Log Settings LABEL DESCRIPTION System Log Log Type Select the types of logs that you want to display and record. Then click Submit to display the details.
Chapter 19 Logs Table 73 System Maintenance Logs (continued) LOG MESSAGE DESCRIPTION DHCP client IP expired A DHCP client's IP address has expired. DHCP server assigns %s The DHCP server assigned an IP address to a client. Successful WEB login Someone has logged on to the router's web configurator interface. WEB login failed Someone has failed to log on to the router's web configurator interface. Successful TELNET login Someone has logged on to the router via telnet.
Chapter 19 Logs Table 74 System Error Logs (continued) LOG MESSAGE DESCRIPTION readNetBIOSFilter: calloc error The router failed to allocate memory for the NetBIOS filter settings. WAN connection is down. A WAN connection is down. You cannot access the network through this interface.
Chapter 19 Logs Table 76 TCP Reset Logs (continued) LOG MESSAGE DESCRIPTION Exceed MAX incomplete, sent TCP RST The router sent a TCP reset packet when the number of incomplete connections (TCP and UDP) exceeded the userconfigured threshold. (Incomplete count is for all TCP and UDP connections through the firewall.
Chapter 19 Logs Table 79 CDR Logs (continued) LOG MESSAGE DESCRIPTION board %d line %d channel %d, call %d, %s C02 OutCall Connected %d %s The PPPoE, PPTP or dial-up call is connected. board %d line %d channel %d, call %d, %s C02 Call Terminated The PPPoE, PPTP or dial-up call was disconnected. Table 80 PPP Logs LOG MESSAGE DESCRIPTION ppp:LCP Starting The PPP connection’s Link Control Protocol stage has started. ppp:LCP Opening The PPP connection’s Link Control Protocol stage is opening.
Chapter 19 Logs Table 83 Attack Logs (continued) LOG MESSAGE DESCRIPTION ip spoofing - WAN [ TCP | UDP | IGMP | ESP | GRE | OSPF ] The firewall detected an IP spoofing attack on the WAN port. ip spoofing - WAN ICMP (type:%d, code:%d) The firewall detected an ICMP IP spoofing attack on the WAN port. icmp echo : ICMP (type:%d, code:%d) The firewall detected an ICMP echo attack. syn flood TCP The firewall detected a TCP syn flood attack. ports scan TCP The firewall detected a TCP port scan attack.
Chapter 19 Logs Table 84 802.1X Logs (continued) LOG MESSAGE DESCRIPTION Use RADIUS to authenticate user. The RADIUS server is operating as the authentication server. No Server to authenticate user. There is no authentication server to authenticate a user. Table 85 ACL Setting Notes PACKET DIRECTION DIRECTION DESCRIPTION (L to W) LAN to WAN ACL set for packets traveling from the LAN to the WAN. (W to L) WAN to LAN ACL set for packets traveling from the WAN to the LAN.
Chapter 19 Logs Table 86 ICMP Notes (continued) TYPE CODE DESCRIPTION 0 Pointer indicates the error Timestamp 13 0 Timestamp request message Timestamp Reply 14 0 Timestamp reply message Information Request 15 0 Information request message Information Reply 16 0 Information reply message Table 87 Syslog Logs LOG MESSAGE DESCRIPTION Mon dd hr:mm:ss hostname src="" dst="" msg="" note="" devID="" cat=
Chapter 19 Logs 202 AMG1202-T10A User’s Guide
C HAPTER 20 Tools 20.1 Overview This chapter explains how to upload new firmware, manage configuration files and restart your ZyXEL Device. Use the instructions in this chapter to change the device’s configuration file or upgrade its firmware. After you configure your device, you can backup the configuration file to a computer. That way if you later misconfigure the device, you can upload the backed up configuration file to return to your previous settings.
Chapter 20 Tools Do NOT turn off the ZyXEL Device while firmware upload is in progress! Figure 100 Maintenance > Tools > Firmware The following table describes the labels in this screen. Table 89 Maintenance > Tools > Firmware LABEL DESCRIPTION Current Firmware Version This is the present Firmware version and the date created. File Path Type in the location of the file you want to upload in this field or click Browse ... to find it. Browse... Click this to find the .bin file you want to upload.
Chapter 20 Tools The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 102 Network Temporarily Disconnected After two minutes, log in again and check your new firmware version in the Status screen. If the upload was not successful, the following screen will appear. Click Return to go back to the Firmware screen.
Chapter 20 Tools 20.3 The Configuration Screen Click Maintenance > Tools > Configuration. Information related to factory defaults, backup configuration, and restoring configuration appears in this screen, as shown next. Figure 104 Maintenance > Tools > Configuration Backup Configuration Backup Configuration allows you to back up (save) the ZyXEL Device’s current configuration to a file on your computer.
Chapter 20 Tools Table 90 Restore Configuration LABEL DESCRIPTION Browse... Click this to find the file you want to upload. Remember that you must decompress compressed (.ZIP) files before you can upload them. Upload Click this to begin the upload process. Do not turn off the ZyXEL Device while configuration file upload is in progress. After you see a “restore configuration successful” screen, you must then wait one minute before logging into the ZyXEL Device again.
Chapter 20 Tools Reset to Factory Defaults Click the Reset button to clear all user-entered configuration information and return the ZyXEL Device to its factory defaults. The following warning screen appears. Figure 108 Reset Warning Message Figure 109 Reset In Process Message You can also press the RESET button on the rear panel to reset the factory defaults of your ZyXEL Device. Refer to Section 1.7 on page 25 for more information on the RESET button. 20.
C HAPTER 21 Diagnostic 21.1 Overview These read-only screens display information to help you identify problems with the ZyXEL Device. 21.1.1 What You Can Do in the Diagnostic Screens • Use the General screen (Section 21.2 on page 209) to ping an IP address. • Use the DSL Line screen (Section 21.3 on page 210) to view the DSL line statistics and reset the ADSL line. 21.2 The General Screen Use this screen to ping an IP address. Click Maintenance > Diagnostic to open the screen shown next.
Chapter 21 Diagnostic The following table describes the fields in this screen. Table 91 Maintenance > Diagnostic > General LABEL DESCRIPTION TCP/IP Address Type the IP address of a computer that you want to ping in order to test a connection. Ping Click this to ping the IP address that you entered. 21.3 The DSL Line Screen Use this screen to view the DSL line statistics and reset the ADSL line. Click Maintenance > Diagnostic > DSL Line to open the screen shown next.
Chapter 21 Diagnostic The following table describes the fields in this screen. Table 92 Maintenance > Diagnostic > DSL Line LABEL DESCRIPTION ATM Status Click this to view your DSL connection’s Asynchronous Transfer Mode (ATM) statistics. ATM is a networking technology that provides high-speed data transfer. ATM uses fixed-size packets of information called cells. With ATM, a high QoS (Quality of Service) can be guaranteed. The (Segmentation and Reassembly) SAR driver translates packets into ATM cells.
Chapter 21 Diagnostic Table 92 Maintenance > Diagnostic > DSL Line (continued) LABEL DESCRIPTION DSL Line Status Click this to view statistics about the DSL connections. noise margin downstream is the signal to noise ratio for the downstream part of the connection (coming into the ZyXEL Device from the ISP). It is measured in decibels. The higher the number the more signal and less noise there is.
C HAPTER 22 Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories. • Power, Hardware Connections, and LEDs • ZyXEL Device Access and Login • Internet Access 22.1 Power, Hardware Connections, and LEDs The ZyXEL Device does not turn on. None of the LEDs turn on. 1 Make sure the ZyXEL Device is turned on. 2 Make sure you are using the power adaptor or cord included with the ZyXEL Device.
Chapter 22 Troubleshooting 22.2 ZyXEL Device Access and Login I forgot the IP address for the ZyXEL Device. 1 The default IP address is 192.168.1.1. 2 If you changed the IP address and have forgotten it, you might get the IP address of the ZyXEL Device by looking up the IP address of the default gateway for your computer. To do this in most Windows computers, click Start > Run, enter cmd, and then enter ipconfig.
Chapter 22 Troubleshooting • Try to access the ZyXEL Device using another service, such as Telnet. If you can access the ZyXEL Device, check the remote management settings and firewall rules to find out why the ZyXEL Device does not respond to HTTP. • If your computer is connected to the WAN port or is connected wirelessly, use a computer that is connected to a ETHERNET port. I can see the Login screen, but I cannot log in to the ZyXEL Device. 1 Make sure you have entered the password correctly.
Chapter 22 Troubleshooting 3 If you are trying to access the Internet wirelessly, make sure the wireless settings in the wireless client are the same as the settings in the AP. 4 If you are trying to access the Internet wirelessly, make sure you enabled the wireless LAN and have selected the correct channel in the Wireless LAN > AP screen. 5 Disconnect all the cables from your device, and follow the directions in the Quick Start Guide again. 6 If the problem continues, contact your ISP.
C HAPTER 23 Product Specifications The following tables summarize the ZyXEL Device’s hardware and firmware features. 23.
Chapter 23 Product Specifications Table 94 Firmware Specifications (continued) Wireless Functionality (wireless devices only) Firmware Upgrade Allow the IEEE 802.11b/g/n wireless clients to connect to the ZyXEL Device wirelessly. Enable wireless security (WEP, WPA(2), WPA(2)-PSK) and/or MAC filtering to protect your wireless network. Download new firmware (when available) from the ZyXEL web site and use the web configurator to put it on the ZyXEL Device.
Chapter 23 Product Specifications Table 94 Firmware Specifications (continued) Multiple PVC (Permanent Virtual Circuits) Support Your device supports up to 8 Permanent Virtual Circuits (PVCs). IP Alias IP alias allows you to partition a physical network into logical networks over the same Ethernet interface. Your device supports three logical LAN interfaces via its single physical Ethernet interface with the your device itself as the gateway for each LAN network.
Chapter 23 Product Specifications Table 94 Firmware Specifications (continued) Other Protocol Support SIP pass-through DNS Proxy Dynamic DNS (www.dyndns.org) IP Alias DHCP client/server/relay RIP I/ RIP II supported Support 16 IP Static routes by Gateway IGMP v1 and v2 IP Policy Routing UPnP support Transparent bridging, VLAN-tagging pass-through bridge mode Static DHCP Management Embedded Web Configurator(remove webhelp) SNMP v1 & v2c with MIB II Remote Management Control: Telnet, FTP, and Web.
Chapter 23 Product Specifications Table 95 Wireless Features WMM QoS WMM (Wi-Fi MultiMedia) QoS (Quality of Service) allows you to prioritize wireless traffic according to the delivery requirements of individual services. Other Wireless Features WDS(wireless client: G-570S v2) IEEE 802.11n Compliance Frequency Range:2.
Chapter 23 Product Specifications Table 96 Standards Supported (continued) STANDARD DESCRIPTION IEEE 802.11g Uses the 2.4 gigahertz (GHz) band IEEE 802.11n Uses the 2.4 gigahertz (GHz) band IEEE 802.11g+ Turbo and Super G modes IEEE 802.11d Standard for Local and Metropolitan Area Networks: Media Access Control (MAC) Bridges IEEE 802.11x Port Based Network Access Control. IEEE 802.11e QoS IEEE 802.11 e Wireless LAN for Quality of Service ANSI T1.
Chapter 23 Product Specifications AMG1202-T10A User’s Guide 223
Chapter 23 Product Specifications 224 AMG1202-T10A User’s Guide
A PPENDIX A Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed. Windows 95/98/Me/NT/2000/XP/Vista, Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your computer. Windows 3.1 requires the purchase of a third-party TCP/IP application package.
Appendix A Setting up Your Computer’s IP Address Installing Components The Network window Configuration tab displays a list of installed components. You need a network adapter, the TCP/IP protocol and Client for Microsoft Networks. If you need the adapter: 1 In the Network window, click Add. 2 Select Adapter and then click Add. 3 Select the manufacturer and model of your network adapter and then click OK. If you need TCP/IP: 1 In the Network window, click Add. 2 Select Protocol and then click Add.
Appendix A Setting up Your Computer’s IP Address • If you have a static IP address, select Specify an IP address and type your information into the IP Address and Subnet Mask fields. Figure 114 Windows 95/98/Me: TCP/IP Properties: IP Address 3 Click the DNS Configuration tab. • If you do not know your DNS information, select Disable DNS. • If you know your DNS information, select Enable DNS and type the information in the fields below (you may not need to fill them all in).
Appendix A Setting up Your Computer’s IP Address 4 Click the Gateway tab. • If you do not know your gateway’s IP address, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add. 5 Click OK to save and close the TCP/IP Properties window. 6 Click OK to close the Network window. Insert the Windows CD if prompted. 7 Turn on your ZyXEL Device and restart your computer when prompted. Verifying Settings 1 Click Start and then Run.
Appendix A Setting up Your Computer’s IP Address 2 In the Control Panel, double-click Network Connections (Network and Dial-up Connections in Windows 2000/NT). Figure 117 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Properties.
Appendix A Setting up Your Computer’s IP Address 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties. Figure 119 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). • If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields.
Appendix A Setting up Your Computer’s IP Address • Click Advanced. Figure 120 Windows XP: Internet Protocol (TCP/IP) Properties 6 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: • In the IP Settings tab, in IP addresses, click Add. • In TCP/IP Address, type an IP address in IP address and a subnet mask in Subnet mask, and then click Add.
Appendix A Setting up Your Computer’s IP Address • Click OK when finished. Figure 121 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
Appendix A Setting up Your Computer’s IP Address If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. Figure 122 Windows XP: Internet Protocol (TCP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window. 9 Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties window. 10 Close the Network Connections window (Network and Dial-up Connections in Windows 2000/NT).
Appendix A Setting up Your Computer’s IP Address 1 Click the Start icon, Control Panel. Figure 123 Windows Vista: Start Menu 2 In the Control Panel, double-click Network and Internet. Figure 124 Windows Vista: Control Panel 3 Click Network and Sharing Center.
Appendix A Setting up Your Computer’s IP Address 4 Click Manage network connections. Figure 126 Windows Vista: Network and Sharing Center 5 Right-click Local Area Connection and then click Properties. Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue.
Appendix A Setting up Your Computer’s IP Address 6 Select Internet Protocol Version 4 (TCP/IPv4) and click Properties. Figure 128 Windows Vista: Local Area Connection Properties 7 The Internet Protocol Version 4 (TCP/IPv4) Properties window opens (the General tab). • If you have a dynamic IP address click Obtain an IP address automatically. • If you have a static IP address click Use the following IP address and fill in the IP address, Subnet mask, and Default gateway fields.
Appendix A Setting up Your Computer’s IP Address • Click Advanced. Figure 129 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 8 If you do not know your gateway's IP address, remove any previously installed gateways in the IP Settings tab and click OK. Do one or more of the following if you want to configure additional IP addresses: • In the IP Settings tab, in IP addresses, click Add.
Appendix A Setting up Your Computer’s IP Address • Click OK when finished. Figure 130 Windows Vista: Advanced TCP/IP Properties 9 In the Internet Protocol Version 4 (TCP/IPv4) Properties window, (the General tab): • Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). • If you know your DNS server IP address(es), click Use the following DNS server addresses, and type them in the Preferred DNS server and Alternate DNS server fields.
Appendix A Setting up Your Computer’s IP Address If you have previously configured DNS servers, click Advanced and then the DNS tab to order them. Figure 131 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 10 Click OK to close the Internet Protocol Version 4 (TCP/IPv4) Properties window. 11 Click Close to close the Local Area Connection Properties window. 12 Close the Network Connections window. 13 Turn on your ZyXEL Device and restart your computer (if prompted).
Appendix A Setting up Your Computer’s IP Address Macintosh OS 8/9 1 Click the Apple menu, Control Panel and double-click TCP/IP to open the TCP/IP Control Panel.
Appendix A Setting up Your Computer’s IP Address 2 Select Ethernet built-in from the Connect via list. Figure 133 Macintosh OS 8/9: TCP/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your ZyXEL Device in the Router address box.
Appendix A Setting up Your Computer’s IP Address • Select Built-in Ethernet from the Show list. • Click the TCP/IP tab. 3 For dynamically assigned settings, select Using DHCP from the Configure list. Figure 135 Macintosh OS X: Network 4 For statically assigned settings, do the following: • From the Configure box, select Manually. • Type your IP address in the IP Address box. • Type your subnet mask in the Subnet mask box. • Type the IP address of your ZyXEL Device in the Router address box.
Appendix A Setting up Your Computer’s IP Address Linux This section shows you how to configure your computer’s TCP/IP settings in Red Hat Linux 9.0. Procedure, screens and file location may vary depending on your Linux distribution and release version. Note: Make sure you are logged in as the root administrator. Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE.
Appendix A Setting up Your Computer’s IP Address 2 Double-click on the profile of the network card you wish to configure. The Ethernet Device General screen displays as shown. Figure 137 Red Hat 9.0: KDE: Ethernet Device: General • If you have a dynamic IP address, click Automatically obtain IP address settings with and select dhcp from the drop down list. • If you have a static IP address, click Statically set IP Addresses and fill in the Address, Subnet mask, and Default Gateway Address fields.
Appendix A Setting up Your Computer’s IP Address 6 Click the Activate button to apply the changes. The following screen displays. Click Yes to save the changes in all screens. Figure 139 Red Hat 9.0: KDE: Network Configuration: Activate 7 After the network card restart process is complete, make sure the Status is Active in the Network Configuration screen. Using Configuration Files Follow the steps below to edit the network configuration files and set your computer IP address.
Appendix A Setting up Your Computer’s IP Address 2 If you know your DNS server IP address(es), enter the DNS server information in the resolv.conf file in the /etc directory. The following figure shows an example where two DNS server IP addresses are specified. Figure 142 Red Hat 9.0: DNS Settings in resolv.conf nameserver 172.23.5.1 nameserver 172.23.5.2 3 After you edit and save the configuration files, you must restart the network card. Enter ./network restart in the /etc/rc.d/init.d directory.
A PPENDIX B IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
Appendix B IP Addresses and Subnetting The following figure shows an example IP address in which the first three octets (192.168.1) are the network number, and the fourth octet (16) is the host ID. Figure 145 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask.
Appendix B IP Addresses and Subnetting Subnet masks can be referred to by the size of the network number part (the bits with a “1” value). For example, an “8-bit mask” means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes. Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks.
Appendix B IP Addresses and Subnetting The following table shows some possible subnet masks using both notations. Table 101 Alternative Subnet Mask Notation SUBNET MASK ALTERNATIVE NOTATION LAST OCTET (BINARY) LAST OCTET (DECIMAL) 255.255.255.0 /24 0000 0000 0 255.255.255.128 /25 1000 0000 128 255.255.255.192 /26 1100 0000 192 255.255.255.224 /27 1110 0000 224 255.255.255.240 /28 1111 0000 240 255.255.255.248 /29 1111 1000 248 255.255.255.
Appendix B IP Addresses and Subnetting The following figure shows the company network after subnetting. There are now two subnetworks, A and B. Figure 147 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 27 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s broadcast address). 192.168.1.0 with mask 255.255.255.128 is subnet A itself, and 192.168.1.127 with mask 255.255.255.
Appendix B IP Addresses and Subnetting Table 102 Subnet 1 (continued) IP/SUBNET MASK NETWORK NUMBER Subnet Address: 192.168.1.0 Lowest Host ID: 192.168.1.1 Broadcast Address: 192.168.1.63 Highest Host ID: 192.168.1.62 LAST OCTET BIT VALUE Table 103 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 64 IP Address (Binary) 11000000.10101000.00000001. 01000000 Subnet Mask (Binary) 11111111.11111111.11111111. 11000000 Subnet Address: 192.168.1.
Appendix B IP Addresses and Subnetting Table 106 Eight Subnets (continued) SUBNET SUBNET ADDRESS FIRST ADDRESS LAST ADDRESS BROADCAST ADDRESS 3 64 65 94 95 4 96 97 126 127 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 225 254 255 Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. Table 107 24-bit Network Number Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO.
Appendix B IP Addresses and Subnetting Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established.
A PPENDIX C Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow: • Web browser pop-up windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device.
Appendix C Pop-up Windows, JavaScripts and Java Permissions 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 149 Internet Options: Privacy 3 Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 256 In Internet Explorer, select Tools, Internet Options and then the Privacy tab.
Appendix C Pop-up Windows, JavaScripts and Java Permissions 2 Select Settings…to open the Pop-up Blocker Settings screen. Figure 150 Internet Options: Privacy 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1.
Appendix C Pop-up Windows, JavaScripts and Java Permissions 4 Click Add to move the IP address to the list of Allowed sites. Figure 151 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed.
Appendix C Pop-up Windows, JavaScripts and Java Permissions 1 In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 152 Internet Options: Security 2 Click the Custom Level... button. 3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default).
Appendix C Pop-up Windows, JavaScripts and Java Permissions 6 Click OK to close the window. Figure 153 Security Settings - Java Scripting Java Permissions 260 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected.
Appendix C Pop-up Windows, JavaScripts and Java Permissions 5 Click OK to close the window. Figure 154 Security Settings - Java JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for
