ZyXEL Communications NBG410W3G Series manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430

Ir a la página of

Buen manual de instrucciones

Las leyes obligan al vendedor a entregarle al comprador, junto con el producto, el manual de instrucciones ZyXEL Communications NBG410W3G Series. La falta del manual o facilitar información incorrecta al consumidor constituyen una base de reclamación por no estar de acuerdo el producto con el contrato. Según la ley, está permitido adjuntar un manual de otra forma que no sea en papel, lo cual últimamente es bastante común y los fabricantes nos facilitan un manual gráfico, su versión electrónica ZyXEL Communications NBG410W3G Series o vídeos de instrucciones para usuarios. La condición es que tenga una forma legible y entendible.

¿Qué es un manual de instrucciones?

El nombre proviene de la palabra latina “instructio”, es decir, ordenar. Por lo tanto, en un manual ZyXEL Communications NBG410W3G Series se puede encontrar la descripción de las etapas de actuación. El propósito de un manual es enseñar, facilitar el encendido o el uso de un dispositivo o la realización de acciones concretas. Un manual de instrucciones también es una fuente de información acerca de un objeto o un servicio, es una pista.

Desafortunadamente pocos usuarios destinan su tiempo a leer manuales ZyXEL Communications NBG410W3G Series, sin embargo, un buen manual nos permite, no solo conocer una cantidad de funcionalidades adicionales del dispositivo comprado, sino también evitar la mayoría de fallos.

Entonces, ¿qué debe contener el manual de instrucciones perfecto?

Sobre todo, un manual de instrucciones ZyXEL Communications NBG410W3G Series debe contener:
- información acerca de las especificaciones técnicas del dispositivo ZyXEL Communications NBG410W3G Series
- nombre de fabricante y año de fabricación del dispositivo ZyXEL Communications NBG410W3G Series
- condiciones de uso, configuración y mantenimiento del dispositivo ZyXEL Communications NBG410W3G Series
- marcas de seguridad y certificados que confirmen su concordancia con determinadas normativas

¿Por qué no leemos los manuales de instrucciones?

Normalmente es por la falta de tiempo y seguridad acerca de las funcionalidades determinadas de los dispositivos comprados. Desafortunadamente la conexión y el encendido de ZyXEL Communications NBG410W3G Series no es suficiente. El manual de instrucciones siempre contiene una serie de indicaciones acerca de determinadas funcionalidades, normas de seguridad, consejos de mantenimiento (incluso qué productos usar), fallos eventuales de ZyXEL Communications NBG410W3G Series y maneras de solucionar los problemas que puedan ocurrir durante su uso. Al final, en un manual se pueden encontrar los detalles de servicio técnico ZyXEL Communications en caso de que las soluciones propuestas no hayan funcionado. Actualmente gozan de éxito manuales de instrucciones en forma de animaciones interesantes o vídeo manuales que llegan al usuario mucho mejor que en forma de un folleto. Este tipo de manual ayuda a que el usuario vea el vídeo entero sin saltarse las especificaciones y las descripciones técnicas complicadas de ZyXEL Communications NBG410W3G Series, como se suele hacer teniendo una versión en papel.

¿Por qué vale la pena leer los manuales de instrucciones?

Sobre todo es en ellos donde encontraremos las respuestas acerca de la construcción, las posibilidades del dispositivo ZyXEL Communications NBG410W3G Series, el uso de determinados accesorios y una serie de informaciones que permiten aprovechar completamente sus funciones y comodidades.

Tras una compra exitosa de un equipo o un dispositivo, vale la pena dedicar un momento para familiarizarse con cada parte del manual ZyXEL Communications NBG410W3G Series. Actualmente se preparan y traducen con dedicación, para que no solo sean comprensibles para los usuarios, sino que también cumplan su función básica de información y ayuda.

Índice de manuales de instrucciones

  • Página 1

    www .zyxel.com NBG410W3G Series 3G Wireless Router User ’ s Guide V ersion 4.03 08/2008 Edition 1[...]

  • Página 2

    [...]

  • Página 3

    About This User's Guide NBG410W3G Series User’s Guide 3 About This User's Guide Intended Audience This manual is intended for people who want to configure the ZyXEL Device using the web configurator . Y ou should have at leas t a basic knowledge of TCP/IP networking concepts and topology . Related Document ation • Quick Start Guide Th[...]

  • Página 4

    Document Conventions NBG410W3G Series User’s Guide 4 Document Conventions W arnings and Notes These are how warnings and notes are shown in this User ’ s Guide. 1 W arnings tell you about things that could harm you or your device. " Notes tell you other important informati on (for example, other things you may need to configure or helpful [...]

  • Página 5

    Document Conventions NBG410W3G Series User’s Guide 5 Icons Used in Figures Figures in this User ’ s Guide may use the followi ng generic icons. The ZyXEL Device icon is not an exact representation of your device. ZyXEL Device Computer Notebook computer Server DSLAM Firewall T ele phone Switch Router[...]

  • Página 6

    Safety Warnings NBG410W3G Series User’s Guide 6 Safety Warnings 1 For your safety , be sure to read and follow all warni ng notices and instructions. • Do NOT use this product near water , for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store thin gs on the[...]

  • Página 7

    Safety Warnings NBG410W3G Series User’s Guide 7[...]

  • Página 8

    Safety Warnings NBG410W3G Series User’s Guide 8[...]

  • Página 9

    Contents Overview NBG410W3G Series User’s Guide 9 Contents Overview Introduction .......................................... ........................................................................ .......... 33 Getting to Know Y our ZyXEL Dev ice ............... ............. ................ ............. ................ ............. ... 35 In[...]

  • Página 10

    Contents Overview NBG410W3G Series User’s Guide 10[...]

  • Página 11

    Table of Contents NBG410W3G Series User’s Guide 11 Table of Contents About This User's Guide ...................... .................................................................................. .. 3 Document Conventions.................................................................. ......................................... .4 Safety [...]

  • Página 12

    Table of Contents NBG410W3G Series User’s Guide 12 2.4 Navigating the ZyXEL Device Web Configurator ....................... ............. ................ ............. 46 2.4.1 T i tle Bar ........ ................ ............. ............. ............. ............. ................ ............. ...... ....... 46 2.4.2 Main Window ... .....[...]

  • Página 13

    Table of Contents NBG410W3G Series User’s Guide 13 5.3.1 IP Pool Setup .. ............. ............. ................ ............. ............. ............. ................ ........ 103 5.4 RIP Setup ................. ................. ............ ............. ................. ............ ............. ............ ......... 103 5.5 Mult[...]

  • Página 14

    Table of Contents NBG410W3G Series User’s Guide 14 8.2 Wireless Security Overview ................... ............. ................. ............ ............. ................ ..... 1 48 8.2.1 SSID ... ................. ............. ............ ............. ............. ................ ............. ............. ... ..... 148 8.2.2 MAC Ad[...]

  • Página 15

    Table of Contents NBG410W3G Series User’s Guide 15 10.1 Authentication Server Over view .... ................ ............. ............. ................ ............. ........... 191 10.2 Local User Database ................ ................ ............. ................ ............. ............. ............. .1 9 1 10.3 RADIUS ............[...]

  • Página 16

    Table of Contents NBG410W3G Series User’s Guide 16 12.3 NA T Overv iew Screen ... ................ ............. ................ ............. ............. ................ ........... 2 30 12.4 NA T Address Mapping .............. ................ ............. ................ ............. ................ ........... 2 32 12.4.1 What NA T Do[...]

  • Página 17

    Table of Contents NBG410W3G Series User’s Guide 17 15.1.2 System T i meout ......... ................ ............. ............. ................ ............. ................ ..... 260 15.2 WWW (HTTP and HTTPS) ........ ................ ............. ................ ............. ................ ........... 260 15.3 WWW ............... .....[...]

  • Página 18

    Table of Contents NBG410W3G Series User’s Guide 18 16.5.2 Web Configurator Easy Access .................. ............. ................ ............. ............ ..... 288 Chapter 17 Custom Application .............................. ............................................................................... .2 9 1 17.1 Custom Application ..[...]

  • Página 19

    Table of Contents NBG410W3G Series User’s Guide 19 20.1 Maintenance Overview .................. ............. ................ ............. ................ ............. ........... 3 25 20.2 General Setup and System Name .............. ............. ............. ................ ............. ............. . 325 20.2.1 General Setup .........[...]

  • Página 20

    Table of Contents NBG410W3G Series User’s Guide 20 Appendix F Importing Certificates ....................................... ................................................. 403 Appendix G Legal Information ........................ ...................................................................... 415 Appendix H Customer Support ............[...]

  • Página 21

    List of Figures NBG410W3G Series User’s Guide 21 List of Figures Figure 1 3G W AN A pplication .......... ............. ................ ............. ................ ............. ................ .. .............. 36 Figure 2 Secure Internet Access via Cable or DSL Modem ...................... ................ ................ ............. 36[...]

  • Página 22

    List of Figure s NBG410W3G Series User’s Guide 22 Figure 39 T utorial Example: DNS > System Edit-1 ........ ............. ............. ............. ................ ............. .. .8 0 Figure 40 T utorial Example: DNS > System Edit-2 ........ ............. ............. ............. ................ ............. .. .8 1 Figure 41 T ut[...]

  • Página 23

    List of Figures NBG410W3G Series User’s Guide 23 Figure 82 DMZ Public Address Ex ample ............ ................ ............. ............. ................ ............. ....... .... 141 Figure 83 DMZ Private and Public Address Example ........ ............. ............. ................ ............. ........... 1 42 Figure 84 NETWORK >[...]

  • Página 24

    List of Figure s NBG410W3G Series User’s Guide 24 Figure 125 SECURITY > CERTIFICA TES > My Certific ates > Import: PKCS#12 ....... ............. ........... 204 Figure 126 SECURITY > CERTIFICA TES > My Certificates > Create (Basic) ......... ................ ........... 205 Figure 127 SECURITY > CERTIFICA TES > My Certific[...]

  • Página 25

    List of Figures NBG410W3G Series User’s Guide 25 Figure 168 ADV ANCED > REMOTE MGMT > SSH .................. ................ ............. ................ .............. 269 Figure 169 SSH Example 1: S tore Host Key ...... ... .......... ............. ............. ............. ................ ............ .. 270 Figure 170 SSH Example [...]

  • Página 26

    List of Figure s NBG410W3G Series User’s Guide 26 Figure 21 1 Masonry Plug and M4 T ap Screw ........................ ................. ............ ................. ................ .3 4 8 Figure 212 Pop-up Blocker ................. ................ ............. ................ ............. ................ .......... ......... ..... 353 Fig[...]

  • Página 27

    List of Figures NBG410W3G Series User’s Guide 27 Figure 254 Security Certificate ........... ................ ............. ................ ............. ................ .......... ......... ..... 403 Figure 255 Login Screen .... ................ ............. ............. ............. ................ ............. ............. .. .........[...]

  • Página 28

    List of Figure s NBG410W3G Series User’s Guide 28[...]

  • Página 29

    List of Tables NBG410W3G Series User’s Guide 29 List of Tables T able 1 NBG410W3G Front Panel Lights ............. .......... ................ ............. ............. ............. ........... ..... 39 T able 2 NBG412W3G Front Panel Lights ............. .......... ................ ............. ............. ............. ........... ..... 40[...]

  • Página 30

    List of Tables NBG410W3G Series User’s Guide 30 T able 39 WIR ELESS > Wi-Fi > MAC Filter ..................... ................ ............. ................ ................ ..... ... 163 T able 40 Bloc king All LAN to WAN IRC T raffic Example ... ................ ............. ................ ................ ..... 171 T able 41 Limited[...]

  • Página 31

    List of Tables NBG410W3G Series User’s Guide 31 T able 82 ADV ANCED > REMOTE MGMT > DNS ............. ................ ................ ............. ................ ..... 278 T able 83 ADV ANCED > REMOTE MGMT > CNM ....... ................ ............. ................ ................ ........... 279 T able 84 ADV ANCED > UPnP [...]

  • Página 32

    List of Tables NBG410W3G Series User’s Guide 32 T able 125 Alternativ e Subnet Mask Notation .................. ............. ................ ................ ............. ....... .... 379 T able 126 Subnet 1 ........ ................. ............. ................ ............. ............. ................ ........... ........... ........ 3[...]

  • Página 33

    33 P ART I Introduction Getting to Know Y our ZyXEL Device (35) Introducing the W eb Configurator (43) W izard Setup (59) T utorials (65)[...]

  • Página 34

    34[...]

  • Página 35

    NBG410W3G Series User’s Guide 35 C HAPTER 1 Getting to Know Your ZyXEL Device This chapter introduces the main features and applications of the ZyXEL Device. 1.1 O verview The ZyXEL Device is a high-security 3G router with wireless capability . Access the Internet with the 3G connection fro m any location with 3G coverage, with the option of usin[...]

  • Página 36

    Chapter 1 Getting to Know Your ZyXEL Device NBG410W3G Series User’s Guide 36 Figure 1 3G WAN Application 1.2.2 Secure Broadband Internet A ccess via Cable or DSL Modem For Internet access, connect the W AN Ethe rnet port to your existing Internet access gateway (company network, or your cable or DSL mo de m for example). Connect computers or serv[...]

  • Página 37

    Chapter 1 Getting to Know Your ZyXEL Device NBG410W3G Series User’s Guide 37 1.4 Configuring Y our ZyXEL Device’ s Security Features Y our ZyXEL Device comes with a variety of s ecurity features. This sec tion summarizes these features and provides links to sections in the User ’ s Guide to configure security settings on your ZyXEL Device. Fo[...]

  • Página 38

    Chapter 1 Getting to Know Your ZyXEL Device NBG410W3G Series User’s Guide 38 • Set the firewall to block ICMP requests. • Enable do not respond to requ ests for unauthorized services. • If you have a backup gatewa y (for example, backup Inte rnet access) on your ne twork, disable the Bypass T riangle Routes feature and e nable IP Alias to p[...]

  • Página 39

    Chapter 1 Getting to Know Your ZyXEL Device NBG410W3G Series User’s Guide 39 1.5.1 Front Panel Light s Figure 3 Front Panel The following tables describe the lights. T able 1 describes the light features in NBG410W3G , and T able 2 describes the light features in NBG412W3G . T able 1 NBG410W3G Front Panel Lights LED ICONS COLOR ST ATUS DESCRIPTIO[...]

  • Página 40

    Chapter 1 Getting to Know Your ZyXEL Device NBG410W3G Series User’s Guide 40 3G OPERA TION Green On The ZyXEL Device has a successful 3G connection. Flashing The ZyXEL Device has detected an availabl e 3G network, but has not yet connected to it. Blue On The ZyXEL Device has a successful 3.5G connection Flashing The ZyXEL Device has detected an a[...]

  • Página 41

    Chapter 1 Getting to Know Your ZyXEL Device NBG410W3G Series User’s Guide 41 Wi-Fi Green Off The wireless connection through the built-in Wi -Fi card is not ready , or has fai led. On The wireless LAN through the buil t-in wireless LAN card is ready . Flashing The wireless LAN through the buil t-in wireless LAN card is sending or receiving packet[...]

  • Página 42

    Chapter 1 Getting to Know Your ZyXEL Device NBG410W3G Series User’s Guide 42[...]

  • Página 43

    NBG410W3G Series User’s Guide 43 C HAPTER 2 Introducing the Web Configurator This chapter describes how to access the ZyX EL Device web configurator and provides an overview of its screens. 2.1 W eb Configurator Overview The web configurator is an HTML-based mana gement interface that allows easy ZyXEL Device setup and management via Internet bro[...]

  • Página 44

    Chapter 2 Introducing the Web Configur ator NBG410W3G Series User’s Guide 44 Figure 4 Login Screen 5 Y ou should see a screen askin g you to change your password (highl y recommended) as shown next. T ype a new password (and retype it to confirm) and click Apply or click Ignore . Figure 5 Change Password Screen 6 Click Apply in the Replace Certif[...]

  • Página 45

    Chapter 2 Introducing the Web Configurator NBG410W3G Series User’s Guide 45 " The management session auto matically times out when the time period set in the Ad ministrator Inactivity Timer field expires (default five minutes). Simply log back into the ZyXEL Device if this happens to you. 2.3 Resetting the ZyXEL Device If you forget your pas[...]

  • Página 46

    Chapter 2 Introducing the Web Configur ator NBG410W3G Series User’s Guide 46 Figure 7 Example Xmodem Upload 6 After successful firmware upload, en ter "atgo" to restart the router . 2.4 Navigating the ZyXEL Device W eb Configurator The following summarizes how to navigate the web configurator from the HOME scree n. Figure 8 HOME Screen [...]

  • Página 47

    Chapter 2 Introducing the Web Configurator NBG410W3G Series User’s Guide 47 The icons provide th e following functions. 2.4.2 Main Window The main window shows the screen you select in the navigation panel. It is discussed in more detail in the rest of this document. Right after you log in, the HOME screen is displayed. 2.4.3 HOME Screen This scr[...]

  • Página 48

    Chapter 2 Introducing the Web Configur ator NBG410W3G Series User’s Guide 48 System Information System Name This is the System Name you enter in the MAINTENANCE > General screen. It is for identification purpos es. Click the field label to go to the screen where you can specify a name for this ZyXEL Device. Model This is the model name of your[...]

  • Página 49

    Chapter 2 Introducing the Web Configurator NBG410W3G Series User’s Guide 49 S tatus For the LAN and DMZ ports, this displays the port speed and duplex setting. Ethernet port connections ca n be in half-d uplex o r full-duplex mod e. Full-duplex refers to a device's ability to send and receive simu ltaneously , while half-d uplex indicates th[...]

  • Página 50

    Chapter 2 Introducing the Web Configur ator NBG410W3G Series User’s Guide 50 Roaming Network This field is available only when you insert a 3G card that supports the roaming feature. This displays whether the card is able to connect to other ISPs’ base stations. Dormant S tate This field is available only when you insert a 3G card that supports[...]

  • Página 51

    Chapter 2 Introducing the Web Configurator NBG410W3G Series User’s Guide 51 New PIN Code Configure a PIN code for the SIM card . Y ou can specify an y four to eight digits to have a new PIN code or e nter the previous PIN code. Confirm New PIN Code Enter the PIN code a gain for confirmation. Apply Click Apply to sa ve your changes i n this sectio[...]

  • Página 52

    Chapter 2 Introducing the Web Configur ator NBG410W3G Series User’s Guide 52 2.4.4 Navigation Panel After you enter the password, us e the sub-menu s on the navigation panel to configure ZyXEL Device featur es. The following table describes the sub-menus. Latest Ale rts This t abl e displays the five most recent alerts recorded by the ZyXEL Devic[...]

  • Página 53

    Chapter 2 Introducing the Web Configurator NBG410W3G Series User’s Guide 53 Wi-Fi Wireless Card Use this screen to configure the wireless LAN setting s. Secur ity Use this screen to configure the Wi-Fi security se ttings. MAC Filter Use this scre en to change MAC filter sett ings on the Z yXEL Device SECURITY FIREW A LL Default Rule Use this scre[...]

  • Página 54

    Chapter 2 Introducing the Web Configur ator NBG410W3G Series User’s Guide 54 2.4.5 Port St atistics Click Port St a t i s t i c s in the HOME screen. Read-only information here includes port status and packet specific statistics. The Automatic Refresh Interval field is configurable. REMOTE MGMT WWW Use this screen to configure throug h which inte[...]

  • Página 55

    Chapter 2 Introducing the Web Configurator NBG410W3G Series User’s Guide 55 Figure 10 HOME > Show S tatistics The following table describes the labels in this screen. 2.4.6 Show St atistics: Line Chart Click the icon in the Show S tatistics screen. This screen shows you a line cha rt of each port’ s throughput statistics. T able 6 HOME > [...]

  • Página 56

    Chapter 2 Introducing the Web Configur ator NBG410W3G Series User’s Guide 56 Figure 1 1 HOME > Show Statistics > Line Chart The following table describes the labels in this screen. 2.4.7 DHCP T able Screen DHCP (Dynamic Host Configuration Protocol , RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up [...]

  • Página 57

    Chapter 2 Introducing the Web Configurator NBG410W3G Series User’s Guide 57 Figure 12 HOME > DHCP T able The following table describes the labels in this screen. T able 8 HOME > DH CP Table LABEL DESCRIPTION Interface Select LAN or DMZ to show the current DHCP client information for the specifi ed interface. # This is the index numb er of t[...]

  • Página 58

    Chapter 2 Introducing the Web Configur ator NBG410W3G Series User’s Guide 58[...]

  • Página 59

    NBG410W3G Series User’s Guide 59 C HAPTER 3 Wizard Setup This chapter provides information on the Wizard Setup screens in the web configurator . 3.1 Wizard Setup Overview The web configurator's setup wizards help you configure Internet connection settings. In the HOME screen, click the wizard icon to open the Wizard Setup W elcome screen. Th[...]

  • Página 60

    Chapter 3 Wizard Setup NBG410W3G Series User’s Guide 60 The wizard screen varies according to the ty pe of encapsulation that you select in the Encapsula tion field. 3.2.1.1 Ethernet For ISPs (such as T elstra) that send UDP heartbea t packets to verify that the customer is still online, please create a W AN-to-W AN/ZyXEL Device firewall rule for[...]

  • Página 61

    Chapter 3 Wizard Setup NBG410W3G Series User’s Guide 61 3.2.1.2 PPPoE Encap sulation Point-to-Point Protocol over Ethernet (PPPoE) functions as a dial-up connection. PPPoE is an IETF (Internet Engineering T ask Force) standard specifying ho w a host personal computer interacts with a broadband modem (for example DSL, cable , wireless, etc.) to ac[...]

  • Página 62

    Chapter 3 Wizard Setup NBG410W3G Series User’s Guide 62 3.2.1.3 PPTP Encap sulation Point-to-Point T u nneling Protocol (PP TP) is a network protocol tha t enables transfers of data from a remote client to a private server , crea ting a V irtual Private Network (VPN) using TCP / IP-based networks. PP TP supports on-demand, multi-protocol, and vir[...]

  • Página 63

    Chapter 3 Wizard Setup NBG410W3G Series User’s Guide 63 Figure 16 ISP Parameters: PPTP Encap sulation The following table describes the labels in this screen. Ta b l e 1 1 ISP Parameters: PP TP Encapsulation LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation Select PPTP from the drop-down list box. T o co nfigure a PPTP client, yo[...]

  • Página 64

    Chapter 3 Wizard Setup NBG410W3G Series User’s Guide 64 3.2.2 Internet Access Wizard Setup Complete The congratulations sc reen displays. Click Close to complete the Internet access setup. Figure 17 Internet Access Setup Complete Connection ID/ Name Enter the connection ID or connection name in this field. It must follo w the "c:id" and[...]

  • Página 65

    NBG410W3G Series User’s Guide 65 C HAPTER 4 Tutorials This section describes ho w to do the following. 1 Set up a DMZ (De-Militarized Zone). 2 Use an H.323 V oIP phone on your LAN. 3 Use NA T (Network Address Translatio n) with multiple public IP addresses. 4 Allow multiple game players to connect to the same server . 4.1 DMZ Overview The DMZ is [...]

  • Página 66

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 66 4.2 DMZ Setup Example In this example the DMZ uses private IP ad dresses and the default subnet mask of 255.255.255.0. (See Appendix C on page 377 for information on subn etting.) Y ou can also use a static public IP address for your file server . Figure 19 DMZ T utorial: DMZ Setup 4.2.1 Basic [...]

  • Página 67

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 67 Figure 20 DMZ T utorial: N ETWORK > DMZ > S tatic DHCP 4.2.1.3 Public and Private IP Addresse s 1 In Windows Networkin g (NetBIOS over TCP/IP) select Allow between DMZ and LAN. In this example, both the file server on the DMZ and a computer on the LAN use a W indows OS. Enable NetBIOS to [...]

  • Página 68

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 68 Figure 22 DMZ T utorial: ADV ANCED > NA T Overview This completes basic setup of your DMZ. 4.2.2 Advanced Setup In this scenario the file server runs an FTP (F ile T ransfer Protocol) download service. Since FTP is not compatible with NA T , you can use the ALG (Application Layer Gateway) to[...]

  • Página 69

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 69 Port Forwarding Setup 1 T o configure port forwarding , first configure a static IP on the file server if you haven’ t already . Se e Section 4.2.1.2 on pag e 66 . 2 Click ADV ANCED > NA T > Port Forwarding to open the Port Forwarding screen. 3 In the W AN Interface field select the cor[...]

  • Página 70

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 70 Y ou need to define two rules - one to drop a ll traffic from the W AN to the DMZ, the other to permit HTTP and FTP traf fic from the W AN to th e DMZ. This ensures that only HTTP and FTP traffic from the W AN to the DMZ is pe rmitted and all other traf fic is blocked. If you have not alre ady [...]

  • Página 71

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 71 Figure 26 DMZ T utorial: NETWOR K > Firewall > Rule Summary: Firewall - Edit 11 Repeat the firewall rule setup procedure to set up a rule for W AN1 to DMZ traffic with the same source and destination addresses. In the Edit Service section of the Fir ewall - Edit screen select HTTP and FTP[...]

  • Página 72

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 72 Figure 27 DMZ T utorial: SECURITY > Firewall > Rule Summary Example This completes setup of a firewall ru les for the file server on your DMZ. 4.4 Setting Up a V oIP Phone with H.323 Y ou can use the ZyXEL Devi ce to manage calls from your V oIP enabled phone using H.323. The following di[...]

  • Página 73

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 73 Figure 29 H.323 T utorial: NETWORK > LAN > St atic DHCP 4 Click NETWORK > LAN to display the LAN screen. Ensure that Server is selected in the drop-down box in the DHCP field. Set up ALG Follow these steps to set up ALG (Applicatio n Layer Gateway) to let your ZyXEL Device manage H.323[...]

  • Página 74

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 74 6 T ype the IP address of your V oIP phone in the Server IP Address field. In this example 192.168.1.33 is used. 7 Click Apply . Figure 31 H.323 T utorial: ADV ANCED > NA T > Port Forwarding Set up a Firewall Rule 1 Click SECURITY > Firewall > Rule Summary to display the Ru le Summa[...]

  • Página 75

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 75 field - 123.23.23 .23 and click Add so that the IP address appears in the Destination Address(es) field. If you are using a H.323 ser ver , use its IP address instead. 5 In the Edit Destination Addr ess section select Single Address in the drop-down box in the Addr ess T ype field. T ype the de[...]

  • Página 76

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 76 Figure 33 H.323 T utorial: SECURITY > Firewall > Rule Summary 8 Repeat the firewall rule setup procedure to add a similar firewall ru le for H.323 traffic from the W AN to the LAN, using the sam e W AN IP address and LAN IP address settings. 9 In the Rule Summary screen select Any and Any[...]

  • Página 77

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 77 Figure 34 H.323 T utorial: SECURITY > Firewall > Rule Summary That completes setup of your H.323 V oIP phone. 4.5 Using NA T with Multiple Public IP Addresses This section shows you examples of how to set up your ZyXEL Device if you have more than one fixed (static) IP addre ss from your [...]

  • Página 78

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 78 Figure 35 T utorial Example: Using NA T with S tatic Public IP Addresses T o set up this network, we are going to: 1 Configure the W AN 1 connection to use the first public IP address (1.2.3.4). 2 Configure NA T address mapping for other publ ic IP addresses (1.2.3.5 and 1.2.3.6). 3 Configure N[...]

  • Página 79

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 79 Figure 36 T utoria l Example: WAN Connection with a S tatic Public IP Address 1 Click NETWORK > W AN > W AN 1 . 2 Select PPPoE ( PPP over Ethernet ) from the Encapsulat ion drop-down list box. 3 In the ISP Parameters for Internet Access section, enter the info rmation (such as the user na[...]

  • Página 80

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 80 7 The System screen displays. Click the Insert button to configure the IP address of the DNS server the ZyXEL Device can query to resolve domain names. Figure 38 T utorial Example: DNS > System 8 Select Public DNS Server and enter the first DNS server ’ s IP a ddress given by your ISP . Cl[...]

  • Página 81

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 81 Figure 40 T utorial Example: DNS > System Edit-2 10 The DNS > System screen should look as shown. Figure 41 T utorial Example: DNS > System: Done 11 Go to the Home screen to check your W AN connection status. Make sure the status is not down.[...]

  • Página 82

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 82 Figure 42 T utorial Example: S tatus 4.5.3 Public IP Address Mapping T o have the local computers and servers use specific W AN IP addresses, you need to map static public IP addresses to them. " The one-to-one NA T addr ess mapping rules are for both incoming and outgoing connections. The[...]

  • Página 83

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 83 Figure 43 T utorial Example: Mapping Multiple Pub lic IP Addresses to Inside Servers " The ZyXEL Device applies the rules in th e order that you s pecify . Y ou should put any one-to-on e rules before a many-to-one rule. 1 Click ADV ANCED > NA T . 2 Enable NA T and select Full Feature f[...]

  • Página 84

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 84 Figure 44 T utorial Example: NA T > NA T Overview 3 Click the Address Mapping tab. 4 Select W AN 1 . 5 Click the first rule’ s Edit icon ( ) in the Modify column to display the Addr ess Mapping Rule screen.[...]

  • Página 85

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 85 Figure 45 T utorial Example: NA T > Address Mapping 6 Map a public IP address to the web server . Select the One-to-One type and enter 192.168.1.12 as the local start IP address and 1.2.3.5 as the global start IP address. Click Apply . Figure 46 T utorial Example: NA T Address Mappin g Edit:[...]

  • Página 86

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 86 Figure 47 T utorial Example: NA T Address Mappin g Edit: One-to-One (2) 9 Click the third rule’ s Edit icon ( ). 10 Map a public IP address to other outgoing LAN traffic. Select the Many-to-One type and enter 192.168.1.1 as the local start IP address, 192.168.1.254 as the local end IP addres [...]

  • Página 87

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 87 Figure 49 T utorial Example: NA T Address Mapping Done " T o allow traffic from t he W AN to be forwarded throu gh the ZyXEL Device, you must also create a firewall rule. Refe r to Section 4.5.5 on page 89 for more information. 4.5.4 Forwarding T raffic from the W AN to a Local Computer A [...]

  • Página 88

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 88 Figure 50 T utorial Example: Forwarding Incoming FTP T raffic to a Loca l Computer 1 Click ADV ANCED > NA T > Address Mapping . 2 Click the forth rule’ s Edit icon ( ) to configure a server rule. Figure 51 T utoria l Example: NA T Ad dress Mapp ing Edit: Serv er 3 Click the Port Forward[...]

  • Página 89

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 89 Figure 52 T utorial Example: NA T Port Forwarding 4.5.5 Allow W AN-to-LAN T raffic through the Firewall By default, the Zy XEL Device blocks any traf fi c initiated from the W AN to the LAN. T o have the ZyXEL Device forward traffic initiated from W AN 1 to a local computer or server on the LAN[...]

  • Página 90

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 90 1 Click SECURITY > FIREW ALL . 2 Make sure the firewall is enabled and traffic from W AN 1 to the LAN is dropped. Figure 54 T utorial Example: Firewall Default Rule 3 Go to the Rule Summary screen. 4 Select W AN1 to LAN as the packet direction and click Refr es h . 5 Click the insert icon to[...]

  • Página 91

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 91 6 Configure a firewall rule to allow HTTP traf fic from the W AN to the web server . Enter a descriptive name (W -L_W eb for example). Select Any in the Destination Address(es) box and click Delete . Select Single Addr ess as the destination address type. Enter 192.168 .1.12 and click Add . Fig[...]

  • Página 92

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 92 Figure 57 T utorial Example: Firewall Rule: WAN t o LAN Service Edit for Web Server 8 Click the insert icon to configure a firewall rule to allow traf fic from the W AN to the mail server . Enter a descriptive name (W -L_Mail for example). Select Any in the Destination Address(es) box and click[...]

  • Página 93

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 93 Figure 58 T utorial Example: Firewall Rule: WAN t o LAN Addres s Edit for Ma il Server 9 Select Any(All) in the A vailable Services box on the left, and click >> to add it to the Selected Service(s) box on the right. Click Apply . Figure 59 T utorial Example: Firewall Rule: WAN to LAN Ser[...]

  • Página 94

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 94 10 Click the insert icon to configure a firewa ll rule to allow FTP traffic from the W AN to the FTP server . Enter a descriptive name (W -L_FTP for example). Select Any in the Destination Address(es) box and click Delete . Select Single Addr ess as the destination address type. Enter 192.168 .[...]

  • Página 95

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 95 Figure 61 T utorial Example: Firewall Rule: WAN to LAN Service Edit for FTP Server 12 When you are done , the Rule Summary screen looks as shown. Figure 62 T utorial Example: Firewall Rule Summary[...]

  • Página 96

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 96 4.5.6 T esting the Connections 1 Open the web browser on one of the local co mputers and enter any web site’ s URL in the address bar . If you can access the web site, your W AN 1 connection and NA T address mapping are configured successfully . If you cannot access it, make sure you entered [...]

  • Página 97

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 97 Figure 63 T utorial Example: NA T Address Mapping Done: Game Playing " T o allow traffic from t he W AN to be forwarded throu gh the ZyXEL Device, you must also create a firewall rule. Refe r to Section 4.5.5 on page 89 for more information.[...]

  • Página 98

    Chapter 4 Tutorials NBG410W3G Series User’s Guide 98[...]

  • Página 99

    99 P ART II Network LAN Screens (101) W AN Screens (1 11) DMZ Screens (135)[...]

  • Página 100

    100[...]

  • Página 101

    NBG410W3G Series User’s Guide 101 C HAPTER 5 LAN Screens This chapter describes how to configure LAN settings. 5.1 LAN, W AN and the ZyXEL Device A network is a shared commun ication system to which ma ny computers are attached. The Local Area Network (LAN) includes the comp ut ers and networking devices in your h ome or office that you connect t[...]

  • Página 102

    Chapter 5 LAN Screens NBG410W3G Series User’s Guide 102 feature of the ZyXEL Device . The Internet Assi gned Number Authority (IANA) reserved this block of addresses specifically for private use; please do not use any other number unless you are told otherwise. If you select 19 2.168.1.0 as the network number; it covers 254 individ ual addresses,[...]

  • Página 103

    Chapter 5 LAN Screens NBG410W3G Series User’s Guide 103 5.3.1 IP Pool Setup The ZyXEL Device is pre-configured with a pool of IP addresses for the computers on your LAN. See Chapter 22 on page 345 for the default IP pool range. Do not assign your LAN computers static IP addresses that are in the DHCP pool. 5.4 RIP Setup RIP (Routing Information P[...]

  • Página 104

    Chapter 5 LAN Screens NBG410W3G Series User’s Guide 104 The ZyXEL Device supports both IGMP version 1 ( IGMP-v1 ) and IGMP version 2 ( IGMP- v2 ). At start up, the ZyXEL Device queries all di rectly connected networks to gather group membership. After that, the ZyXEL Device peri odically updates this information. IP multicasting can be enabled/di[...]

  • Página 105

    Chapter 5 LAN Screens NBG410W3G Series User’s Guide 105 The following table describes the labels in this screen. T able 12 NETWORK > LAN LABEL DESCRIPTION LAN TCP/IP IP Address T ype the IP address of your Zy XEL Device in d otted decimal notation. 192.1 68.1.1 is the factory default. Alter natively , click the right mouse bu tton to copy and/[...]

  • Página 106

    Chapter 5 LAN Screens NBG410W3G Series User’s Guide 106 5.8 LAN St atic DHCP This table allows you to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses. Every Ethernet device has a unique MAC (Med ia Access Control) addre ss. The MAC address is assigned at the factory and consists of six pairs of hexadec[...]

  • Página 107

    Chapter 5 LAN Screens NBG410W3G Series User’s Guide 107 Figure 66 NETWORK > LAN > S tatic DHCP The following table describes the labels in this screen. 5.9 LAN IP Alias IP alias allows you to partition a physical network into dif fer ent logical networks over the same Ethernet interface. The ZyXEL Device has a single LAN interface. Even tho[...]

  • Página 108

    Chapter 5 LAN Screens NBG410W3G Series User’s Guide 108 The ZyXEL Device supports three logical LAN interfaces via its single physical LAN Ethernet interface. The ZyXEL Device itself is the gateway for each of the logical LAN networks. When you use IP alias, you can also configur e firewall rules to control access between the LAN's logical n[...]

  • Página 109

    Chapter 5 LAN Screens NBG410W3G Series User’s Guide 109 The following table describes the labels in this screen. 5.10 LAN Port Roles Use the Port Roles screen to set ports as part of the LAN or DMZ interface. Ports 1~4 on the ZyXEL Device can be part of the LAN or DMZ interface. " Do the following if you ar e configuring from a comput er con[...]

  • Página 110

    Chapter 5 LAN Screens NBG410W3G Series User’s Guide 11 0 " Y our changes are also reflected in the DMZ Port Roles screen. Figure 69 NETWORK > LAN > Port Rol es The following table describes the labels in this screen. After you change the LAN or DMZ port roles and click Apply , please wait for few seconds until the following screen appe[...]

  • Página 111

    NBG410W3G Series User’s Guide 111 C HAPTER 6 WAN Screens This chapter describes how to configure W A N settings. " W AN 2 refers to the 3G card on the supported ZyXEL Device. 6.1 W AN Overview • Use the W AN General scre en to configure operation mode, route priority and connection test for the ZyXEL Device. • Use the W AN 1 screen to co[...]

  • Página 112

    Chapter 6 WAN Screens NBG410W3G Series User’s Guide 11 2 6.3 TCP/IP Priority (Metric) The metric represents the "cost of transmissi on". A router determines the best route for transmission by choosing a path with the lowest "cost". RI P routing uses hop count as the measurement of cost, with a minimum of "1" for dire[...]

  • Página 113

    Chapter 6 W AN Screen s NBG410W3G Series User’s Guide 11 3 Figure 71 NETWORK > W AN General[...]

  • Página 114

    Chapter 6 WAN Screens NBG410W3G Series User’s Guide 11 4 The following table describes the labels in this screen. T able 16 NETWORK > W AN General LABEL DESCRIPTION Active/Passive (Fail Over) Mode The ZyXEL Device uses the second highest priority W AN interface as a back up. This means that the ZyXEL Device will norm ally use the hig hest prio[...]

  • Página 115

    Chapter 6 W AN Screen s NBG410W3G Series User’s Guide 11 5 6.5 W AN IP Address Assignment Every computer on the Internet must have a unique IP address. If your networks are is olated from the Internet, for instance, only between your two branch of fices, you can as sign any IP addresses to the hosts without problems. However , the Internet Assign[...]

  • Página 116

    Chapter 6 WAN Screens NBG410W3G Series User’s Guide 11 6 Y ou can obtain your IP address from the IANA, from an ISP or have it assigned by a private network. If you belong to a small organization an d your Internet a ccess is through an ISP , the ISP can provide you with the Intern et addresses for your local networks. On the other hand, if you a[...]

  • Página 117

    Chapter 6 W AN Screen s NBG410W3G Series User’s Guide 11 7 6.8 W AN 1 Use this screen to change your ZyXEL Devi ce's W AN 1 ISP , IP and MAC settings. Click NETWORK > WA N > WA N 1 to display this screen. The scre en differs by the encapsulation. " The W AN 1 and W AN 2 IP addresses of a ZyXEL Device with multiple W AN interfaces [...]

  • Página 118

    Chapter 6 WAN Screens NBG410W3G Series User’s Guide 11 8 The following table describes the labels in this screen. T able 18 NETWORK > WAN > W AN 1 (Ethernet Encapsula tion) LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation Y ou must choose the Ethernet option when the WAN port is used as a regular Ethernet. Service T ype Ch[...]

  • Página 119

    Chapter 6 W AN Screen s NBG410W3G Series User’s Guide 11 9 RIP Direction RIP (Routing Information Protocol ) a llows a route r to exchange routi ng information with other routers. The RIP Direction field controls the sending and receiv ing of RIP packet s. Choose Both , None , In Only or Ou t Only . When set to Both or Out Only , the ZyXEL Device[...]

  • Página 120

    Chapter 6 WAN Screens NBG410W3G Series User’s Guide 120 6.8.2 PPPoE Encap sulation The ZyXEL Device supports PPPoE (Point-to-Poin t Protocol over Ethernet ). PPPoE is an IETF standard (RFC 2516) speci fying how a personal computer (PC) interacts with a broadband modem (DSL, cable, wireless, etc .) connection. The PPPoE option is for a dial-up con[...]

  • Página 121

    Chapter 6 W AN Screen s NBG410W3G Series User’s Guide 121 Figure 73 N E T W O R K > WA N > WA N 1 ( PPPoE Encapsulation) The following table describes the labels in this screen. T able 19 NETWORK > WAN > W AN 1 (PPPoE Encapsulation) LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation Select PPPoE for a dial-up connectio[...]

  • Página 122

    Chapter 6 WAN Screens NBG410W3G Series User’s Guide 122 Authentication Ty p e The ZyXEL Device supports P AP (Password Authentication Protocol) a nd CHAP (Challenge Handshake Authentica tion Protoc ol). CHAP is more secure than P AP; however , P AP is readily avail able on more platforms. Use the drop-down list box to select an au thentication pr[...]

  • Página 123

    Chapter 6 W AN Screen s NBG410W3G Series User’s Guide 123 6.8.3 PPTP Encap sulation Point-to-Point T unneling Protocol (PP TP) is a ne twork protocol that enables secure transfer of data from a remote client to a private server , creating a V irtual Private Network (VPN) using TCP/IP-based networks. PP TP supports on-demand, multi-protoco l and v[...]

  • Página 124

    Chapter 6 WAN Screens NBG410W3G Series User’s Guide 124 Figure 74 NETWORK > W AN > WAN 1 (PP TP Encapsul ation) The following table describes the labels in this screen. T able 20 NETWORK > WAN > W AN 1 (PPTP Encapsulation) LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation Set the encapsulation method to PPTP . The ZyX[...]

  • Página 125

    Chapter 6 W AN Screen s NBG410W3G Series User’s Guide 125 Authentication Ty p e The ZyXEL Device supports P AP (Password Authentication Protocol) and CHAP (Challenge Handshake Authenticatio n Protoc ol). CHAP is more secure than P AP; however , P AP is readily availa ble on more p latforms. Use the drop-down li st box to select an authenticatio n[...]

  • Página 126

    Chapter 6 WAN Screens NBG410W3G Series User’s Guide 126 6.9 3G (W AN 2) 3G (Third Generation) is a digital, packet-s witched wireless technology . Bandwidth usage is optimized as multiple users shar e the same channel and bandwidt h is only allocated to users when they send data. It allows fast transf er of voice and no n-voice data and provides [...]

  • Página 127

    Chapter 6 W AN Screen s NBG410W3G Series User’s Guide 127 " The actual data rate you ob t ain varies depending on y our 3G card, the signal strength of the service provider ’s bas e station, your service plan, etc. " For NBG410W3G , you can use either t he built-in 3G modul e or an external USB dongle to establish a 3G connecti on. Bo[...]

  • Página 128

    Chapter 6 WAN Screens NBG410W3G Series User’s Guide 128 T o change yo ur ZyXEL Device's 3G W AN settings, click NETW ORK > WA N > 3G (W AN 2) or WIRELESS > 3G (W AN 2) . " The W AN 1 and W AN 2 IP addresses of a ZyXEL Device with multiple W AN interfaces must be on different subnet s.[...]

  • Página 129

    Chapter 6 W AN Screen s NBG410W3G Series User’s Guide 129 Figure 75 NETWORK > W AN > 3G (WAN 2)[...]

  • Página 130

    Chapter 6 WAN Screens NBG410W3G Series User’s Guide 130 The following table describes the labels in this screen. T able 22 NETWORK > WAN > 3G (W AN 2) LABEL DESCRIPTION W AN2 Se tup Enable Select this option to enable WAN 2. The Network T ype and Network Selection fields appear . 3G Card Configuration 3G Interface This d isplays the model o[...]

  • Página 131

    Chapter 6 W AN Screen s NBG410W3G Series User’s Guide 131 Authentication Ty p e The ZyXEL Device supp orts P AP (Password Auth entication Protocol) and CHAP (Challenge Handshake Authen tication Protoc ol). CHAP is more secure than P AP; however , P AP is read ily available on more platforms. Use the drop-down list box to select an authentication [...]

  • Página 132

    Chapter 6 WAN Screens NBG410W3G Series User’s Guide 132 Enable Mu lticast Select this check box to turn on IG MP (In ternet Group Multicast Protocol). IGMP is a network-layer protocol used to establish membership in a Multicast group - it is not used to carry user data. Multicast V ersion Choose None (default), IGMP-V1 or IGMP-V2 . IGMP (Internet[...]

  • Página 133

    Chapter 6 W AN Screen s NBG410W3G Series User’s Guide 133 6.10 T raffic Redirect T raffic redirect forwards W AN traffic to a backup gateway when the ZyXEL D evice cannot connect to the Internet through its normal gate way . Connect the backup gateway on the W AN so that the ZyXEL Device still provid es firewall protection for the LAN. Figure 76 [...]

  • Página 134

    Chapter 6 WAN Screens NBG410W3G Series User’s Guide 134 6.1 1 Configuring T raffic Redirect T o change your ZyXEL Device’ s traffic redirect settings, click NETWORK > WA N > T raffic Redirect . The screen appears as shown. Figure 78 NETWORK > WAN > T raffic Redirect The following table describes the labels in this screen. Internet W[...]

  • Página 135

    NBG410W3G Series User’s Guide 135 C HAPTER 7 DMZ Screens This chapter describes how to configure the ZyXEL Device’ s DMZ. 7.1 DMZ The DeMilitarized Zone (DMZ) pr ovides a way for public servers (W eb, e-mail, FTP , etc.) to be visible to the outside world (while still being protected from DoS (Denial of Service) attacks such as SYN flooding and[...]

  • Página 136

    Chapter 7 DMZ Scre ens NBG410W3G Series User’s Guide 136 Figure 79 NETWORK > DMZ The following table describes the labels in this screen. T able 24 NETWORK > DMZ LABEL DESCRIPTION DMZ TCP/IP IP Address T ype the IP address of your ZyXEL Device’s DMZ port in dotted decimal notation. Note: Make sure the IP addresses of the LAN, W AN and DMZ[...]

  • Página 137

    Chapter 7 DMZ Screens NBG410W3G Series User’s Guide 137 Multicast Select IGMP V -1 or IGMP V -2 or None . IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to estab lish membership in a Multicast group - it is not used to carry user data. IGMP ve rsion 2 (RFC 2236) is an improvement over version 1 (RFC 1 1 12) but IGMP ver[...]

  • Página 138

    Chapter 7 DMZ Scre ens NBG410W3G Series User’s Guide 138 7.3 DMZ S t atic DHCP This table allows you to assign IP addresses on the DMZ to specific individual computers based on their MAC Addresses. Every Ethernet device has a unique MAC (Med ia Access Control) addre ss. The MAC address is assigned at the factory and consists of six pairs of hexad[...]

  • Página 139

    Chapter 7 DMZ Screens NBG410W3G Series User’s Guide 139 7.4 DMZ IP Alias IP alias allows you to partition a physical network into dif fer ent logical networks over the same Ethernet interface. The ZyXEL Device has a single DMZ interface. Ev en though more than one of ports 1~4 may be in the DMZ port role, they are all still part of a single physi[...]

  • Página 140

    Chapter 7 DMZ Scre ens NBG410W3G Series User’s Guide 140 Figure 81 NETWORK > DMZ > IP Alias The following table describes the labels in this screen. T able 26 NETWORK > D MZ > IP Alias LABEL DESCRIPTION Enable IP Alias 1, 2 Select the check box to configure anot her DMZ network for the ZyXEL Device. IP Address Enter the IP address of [...]

  • Página 141

    Chapter 7 DMZ Screens NBG410W3G Series User’s Guide 141 7.5 DMZ Public IP Address Example The following figure shows a simple network set up with public IP addresses on the W AN and DMZ and private IP addresses on the LAN. Lowe r case letters represent public IP addresses (like a.b.c.d for example). The LAN port and co nnected computers (A th rou[...]

  • Página 142

    Chapter 7 DMZ Scre ens NBG410W3G Series User’s Guide 142 Figure 83 DMZ Private and Public Address Example 7.7 DMZ Port Roles Use the Port Roles screen to set ports as part of the LAN and/or DMZ interface. Ports 1~4 on the ZyXEL Device can be part of the LAN and/or DMZ interface. " Do the following if you ar e configuring from a comput er con[...]

  • Página 143

    Chapter 7 DMZ Screens NBG410W3G Series User’s Guide 143 Figure 84 NETWORK > DMZ > Port Roles The following table describes the labels in this screen. T able 27 NETWORK > DMZ > Port Roles LABEL DESCRIPTION LAN Select a port’s LAN radio button to use the port as part of the LAN. T he port will use the ZyXEL Device’s LAN IP address a[...]

  • Página 144

    Chapter 7 DMZ Scre ens NBG410W3G Series User’s Guide 144[...]

  • Página 145

    145 P ART III W ireless W i-Fi (147)[...]

  • Página 146

    146[...]

  • Página 147

    NBG410W3G Series User’s Guide 147 C HAPTER 8 Wi-Fi This chapter discusses how to configure wireless LAN on the ZyXEL Device. 8.1 Wi-Fi Introduction Y our ZyXEL Device comes with an internal W i-Fi card, providing AP (access point) functionality , and allowi ng you to set up a wireless LAN (WLAN). Before you set up your WLAN it is important to und[...]

  • Página 148

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 148 Every wireless network must follow these basi c guidelines. • Every wireless client in the same wire less network must use the same SSID. The SSID is the name of the wireless netw ork. It stands for Service Set IDentity . • If two wireless ne tworks overlap, th ey should use different channels[...]

  • Página 149

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 149 Y ou can use the MAC address filter to tell the AP which wireless client s are allowed or not allowed to use the wireless netw ork. If a wireless client is allowed to use the wireless network, it still has to have the correct se ttings (SSID, channel, and security). If a wi reless client is not al[...]

  • Página 150

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 150 The types of encryption you can choose depend on the ty pe of user authentication. (See Section 8.2.3 on page 149 for information about this.) For example, if the wireless network has a RADIUS server , you can choose WP A or WP A2 . If users do not log in to the wi reless network, you can choose n[...]

  • Página 151

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 151 8.2.5 Additional Inst allation Requirement s for Using 802.1x • A computer with an IEEE 802.1 1b/g wireless LAN card. • A computer equipped with a web browser (with JavaScript enabled) and/or T elnet. • A wireless station must be running IEEE 80 2.1x-compliant software. Currently , this is o[...]

  • Página 152

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 152 The following table describes the labels in this screen. T able 29 WIRELESS > Wi-Fi > Wireless Card LABEL DESCRIPTION Enable Wireless Card The wireless LAN thro ugh a wireless LAN card is turned off by default. Before you enable the wireless LAN you should configur e security by setting MAC [...]

  • Página 153

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 153 8.3.1 SSID Profile Configure wireless network secu rity by configuring and applying an SSID profile. Y ou can configure multiple profiles but you ca n only apply one to your network. Use the Wireless Card screen to see information abou t the SSID profiles on the ZyXEL Device, and use the Wir eless[...]

  • Página 154

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 154 Figure 87 WIRELESS > Wi-Fi > Configuring SSID The following table describes the labels in this screen. 8.4 Configuring Wireless Security Click WIRELESS > W i-Fi > Security to open the Security screen. Use this screen to create security profiles. A security profile is a group of configu[...]

  • Página 155

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 155 The following table describes the security modes you can configure. Figure 88 WIRELESS > Wi-Fi > Security The following table describes the labels in this screen. T able 31 Security Modes SECURITY MODE DESCRIPTION None Select this to have no data encryption. WEP Select this to use WEP encryp[...]

  • Página 156

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 156 8.4.1 No Security " If you do not enable any wi reless security on your Zy XEL Device, your network is accessible to any wireless networking device within range. Figure 89 WIRELESS > Wi-Fi > Security: None The following table describes the wireless LAN security labels in this screen. 8.[...]

  • Página 157

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 157 Figure 90 WIRELESS > Wi-Fi > Security: WEP The following table describes the labels in this screen. 8.4.3 IEEE 802.1x Only Click the WIRELESS > Wi-Fi > Security > Edit . Select 8021X-Only from the Security Mode list. T able 34 WIRELESS > Wi-Fi > Security: WEP LABEL DESCRIPTION[...]

  • Página 158

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 158 Figure 91 WIRELESS > Wi-Fi > Secu rity: 802.1x Only The following table describes the labels in this screen. 8.4.4 IEEE 802.1x + S tatic WEP Click the WIRELESS > Wi-Fi > Security > Edit . Select 8021X-S tatic 64 or 8021X- S tatic128 in the Security Mode field to display the followin[...]

  • Página 159

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 159 Figure 92 WIRELESS > Wi-Fi > Security : 802.1x + S tatic WEP The following table describes the labels in this screen. T able 36 WIRELESS > Wi-Fi > Security : 802.1x + Static WEP LABEL DESCRIPTION Name T ype a name to identify this security profil e. Security Mode Select 8021X-St atic64[...]

  • Página 160

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 160 8.4.5 WP A, WP A2, WP A2-MIX Click WIRELESS > W i-Fi > Security > Edit . Select WP A , WP A2 or WP A2-MIX from the Security Mode list. Figure 93 WIRELESS > Wi-Fi > Security: WP A, WP A2 or WP A2-MIX The following table describes the labels in this screen. Apply Click Apply to save y[...]

  • Página 161

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 161 8.4.6 WP A-PSK, WP A2-PSK, WP A2-PSK-MIX Click WIRELESS > Wi-Fi > Security > Edit . Select WP A-PSK , WP A2-PSK or WP A2- PSK-MIX from the Security Mode list. Figure 94 WIRELESS > Wi-Fi > Security: WP A(2)-PSK The following table describes the labels in this screen. PMK Cache This f[...]

  • Página 162

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 162 8.5 MAC Filter The MAC filter screen allows you to configure t h e ZyXEL Device to give exclusive access to specific devices ( Allow ) or exclude specific devices from accessing the ZyXEL De vice ( Deny ). Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is as[...]

  • Página 163

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 163 Figure 95 WIRELESS > Wi-Fi > MAC Filter The following table describes the labels in this menu. T able 39 WIRELESS > Wi-Fi > MAC Filter LABEL DESCRIPTION Association Define the filter action for the list of MAC addresses in the MAC address fi lter table. Select Deny to blo ck access to [...]

  • Página 164

    Chapter 8 Wi-Fi NBG410W3G Series User’s Guide 164[...]

  • Página 165

    165 P ART IV Security Firewall (167) Certificates (195) Authentication Server (191)[...]

  • Página 166

    166[...]

  • Página 167

    NBG410W3G Series User’s Guide 167 C HAPTER 9 Firewall This chapter shows you how to conf igure your ZyXEL Device’ s firewall. 9.1 Firewall Overview The networking term firewall is a system or group of systems that enforces an access-control policy between two networks. It is generally a mechanism used to protect a trusted network from an untrus[...]

  • Página 168

    Chapter 9 Firewall NBG410W3G Series User’s Guide 168 9.2 Packet Direction Matrix The ZyXEL Device’ s packet direc tion matrix al lows you to apply certain security settings (like firewall) to traffi c flowing in specific directions. For example, click SECURITY > FIREW ALL to open the following screen. This screen configures general firewall [...]

  • Página 169

    Chapter 9 Firewall NBG410W3G Series User’s Guide 169 Figure 98 Default Block T raf fic From W AN1 to DMZ Example 9.3 Packet Direction Examples Firewall rules are grouped based on the direction of travel of packets to which they apply . This section gives some examples of why you migh t configure firewall rules for specific connection directions. [...]

  • Página 170

    Chapter 9 Firewall NBG410W3G Series User’s Guide 170 By default, the ZyXEL Device drops packet s traveling in the fo llowing directions. 9.4 Security Considerations " Incorrectly configuri ng the firewall may block valid access or introduce security risks to the ZyXEL Device and your protected network. Use caution when creating or deleting f[...]

  • Página 171

    Chapter 9 Firewall NBG410W3G Series User’s Guide 171 1 Does this rule stop LAN us ers from accessing critical reso urces on the Internet? For example, if IRC is blocke d, are th ere us ers that require this service? 2 Is it possible to modify the rule to be more specific? For ex ample, if IRC is blocked for all users, will a rule that blocks just[...]

  • Página 172

    Chapter 9 Firewall NBG410W3G Series User’s Guide 172 The ZyXEL Device applies the firewall rules in order . So for this example, when the ZyXEL Device receives traffic from the LAN, it checks it against the first rule. If the traffic matches (if it is IRC traffic) the firewall takes the action in the rule (drop) and st ops checking the firewall r[...]

  • Página 173

    Chapter 9 Firewall NBG410W3G Series User’s Guide 173 9.6 Asymmetrical Routes If an alternate gateway on the LAN has an IP address in the same subnet as the ZyXEL Device’ s LAN IP address, return traf fic may no t go through the ZyXEL Device. This is called an asymmetrical or “triangle” route. This causes the ZyXEL De vice to reset the conne[...]

  • Página 174

    Chapter 9 Firewall NBG410W3G Series User’s Guide 174 Figure 102 SECURITY > FIREWALL > Default Rule The following table describes the labels in this screen. T able 42 SECURITY > FIREWALL > Default Rule LABEL DESCRIPTION 0-100% This bar displays the percentage of the ZyXEL Device’s firewall rules storage space that is currently in use[...]

  • Página 175

    Chapter 9 Firewall NBG410W3G Series User’s Guide 175 9.8 Firewall Rule Summary Click SECURITY > FIREW ALL > Rule Summary to open the screen. This screen displays a list of the configured firewall rules. " The ordering of your rules is very important as rule s are applied in the order that they are listed. See Section 9.1 on page 1 67 f[...]

  • Página 176

    Chapter 9 Firewall NBG410W3G Series User’s Guide 176 Figure 103 SECURITY > FIREW ALL > Rule Summary The following table describes the labels in this screen. T able 43 SECURITY > FIREWALL > Rule Summary LABEL DESCRIPTION Packet Direction Use the drop-down list boxes and click Refresh to select a direction of travel of packets for which[...]

  • Página 177

    Chapter 9 Firewall NBG410W3G Series User’s Guide 177 9.8.1 Firewall Edit Rule In the Rule Summary screen, click the edit icon or the insert icon to display the Fire wall Edit Rule screen. Use this screen to create or edit a firewall rule . Refer to the following table for information on the labels. See Section 9.1 on page 1 67 for more informatio[...]

  • Página 178

    Chapter 9 Firewall NBG410W3G Series User’s Guide 178 Figure 104 SECURITY > FIREW ALL > Rule Summary > Edit[...]

  • Página 179

    Chapter 9 Firewall NBG410W3G Series User’s Guide 179 The following table describes the labels in this screen. T able 44 SECURITY > FIREWALL > Rule Summary > Edit LABEL DESCRIPTION Rule Name Enter a descriptive name of up to 31 printable ASCII characters (except Extended ASCII characters) for the firewall rule. S paces are allowed. Edit S[...]

  • Página 180

    Chapter 9 Firewall NBG410W3G Series User’s Guide 180 9.9 Anti-Probing Click SECURITY > FIREW ALL > Anti-Probing to open the following screen. Configure this screen to help keep the ZyXEL Device hidden from probing attempts. Y ou can specify which of the ZyXEL Device’ s in terfaces will respond to Ping re quests and whether or not the ZyXE[...]

  • Página 181

    Chapter 9 Firewall NBG410W3G Series User’s Guide 181 The following table describes the labels in this screen. 9.10 Firewall Thresholds For DoS attacks, the ZyXEL Device uses thresholds to determine when to start dropping sessions that do not become fully established (half-open sessions). These thresholds apply globally to all sessions. For TCP , [...]

  • Página 182

    Chapter 9 Firewall NBG410W3G Series User’s Guide 182 9.10.1 Threshold V alues If everything is working properly , you probably do not need to ch ange the threshold settings as the default threshold values should work for mo st small of fices. Tune these parameters when you believe the ZyXEL Device has been receiving DoS attacks that are not recor[...]

  • Página 183

    Chapter 9 Firewall NBG410W3G Series User’s Guide 183 The following table describes the labels in this screen. T able 46 SECURITY > FIREWALL > Threshold LABEL DESCRIPTION Disable DoS Attack Protec tion on Select the check boxes of any interfaces for which you want the ZyXEL Device to not use the Den ial of Service protection thresholds. This[...]

  • Página 184

    Chapter 9 Firewall NBG410W3G Series User’s Guide 184 9.12 Service Click SECURITY > FIREW ALL > Service to open the screen as shown next. U se this screen to configure custom services for use in firewall rules or view the services that are predefined in the ZyXEL Device. See Section 9.1 on page 1 67 for more informatio n about the firewall. [...]

  • Página 185

    Chapter 9 Firewall NBG410W3G Series User’s Guide 185 The following table describes the labels in this screen. 9.12.1 Firewall Edit Custom Service Click SECURITY > FIREW ALL > Service > Add to display the followi ng screen. Use this screen to configure a custom service entry not is not predefined in the ZyXEL Device. See Appendix D on pag[...]

  • Página 186

    Chapter 9 Firewall NBG410W3G Series User’s Guide 186 The following table describes the labels in this screen. 9.13 My Service Firewall Rule Example The following Internet firewa ll rule example allows a hypot hetical My Service connection from the Internet. 1 In the Service screen, click Add to open th e Edit Custom Service screen. Figure 1 10 My[...]

  • Página 187

    Chapter 9 Firewall NBG410W3G Series User’s Guide 187 Figure 1 1 1 My Service Firewall Rule Exam ple: Edit Custom Service 3 Click Rule Summary . Select WA N 1 and LAN from the Packet Dir ection drop-down list boxes and click Refresh to display existing firewall rules for the selected direction of travel of packets. 4 Click the insert icon at the t[...]

  • Página 188

    Chapter 9 Firewall NBG410W3G Series User’s Guide 188 Figure 1 13 My Service Firewall Rule Example: Rule Edit: Source and Destination Addresses 8 In the Edit Service section, use the arrows between A vailable Services and Selected Service(s) to configure it as follows. Click Apply w hen you are do ne. " Custom services show up with an * befor[...]

  • Página 189

    Chapter 9 Firewall NBG410W3G Series User’s Guide 189 Figure 1 14 My Service Firewall Rule Example: Edit Rule: Service Configuration Rule 1 allows a My Service connection fro m W AN 1 to IP addres ses 10.0.0.10 through 10.0.0.15 on the LAN.[...]

  • Página 190

    Chapter 9 Firewall NBG410W3G Series User’s Guide 190 Figure 1 15 My Service Firewall Rule Exampl e: Rule Summary: Completed[...]

  • Página 191

    NBG410W3G Series User’s Guide 191 C HAPTER 10 Authentication Server This chapter discusses how to configure the ZyXEL Device’ s authentication server feature. 10.1 Authentication Server Overview A ZyXEL Device can use either the local user database internal to the ZyXEL Device or an external RADIUS server to auth enticate wireless clients. See [...]

  • Página 192

    Chapter 10 Authen tication Serv er NBG410W3G Series User’s Guide 192 Figure 1 16 SECURITY > AUTH SERVER > Local User Dat a base[...]

  • Página 193

    Chapter 10 Authentication Server NBG410W3G Series User’s Guide 193 The following table describes the labels in this screen. 10.3 RADIUS Click SECURITY > AUTH SER VER > RADIUS to open the RADIUS screen. Configure this screen to use an external RA DIUS server to authenticate users. Figure 1 17 SECURITY > AUTH SERVER > RADIUS The followi[...]

  • Página 194

    Chapter 10 Authen tication Serv er NBG410W3G Series User’s Guide 194 Key Enter a password (up to 31 alphanumeri c characters) as the key to be shared between the external authentication server and the ZyXEL Device. The key is not sent over the network . This key must be the same on the external authentication se rver and ZyXEL Device. Accounting [...]

  • Página 195

    NBG410W3G Series User’s Guide 195 C HAPTER 11 Certificates This chapter gives background in formation about public-key certificates and explains how to use them. 1 1.1 Certificates Overview The ZyXEL Device can use certificates (also ca lled digital IDs) to authenticate users. Certificates are based on public -private key pairs. A certificate con[...]

  • Página 196

    Chapter 11 Certificates NBG410W3G Series User’s Guide 196 Certification authorities maintain directory ser vers with databases of valid and revoked certificates. A directory of certificates that have been revoked before the scheduled exp iration is called a CRL (Certificate Revocation List ). The ZyXEL Device can check a peer ’ s certificate ag[...]

  • Página 197

    Chapter 11 Certificates NBG410W3G Series User’s Guide 197 Figure 1 19 Certificate Det ails 4 Use a secure method to verify that the certificate owner ha s the same information in the Thumbprint Algorithm and Thumbprint fields. The secure method may very based on your situation. Possible examples would be over the telephone or through an HTTPS con[...]

  • Página 198

    Chapter 11 Certificates NBG410W3G Series User’s Guide 198 1 1.5 My Certificates Click SECURITY > CER TIFICA TES > My Certificates to open the My Certificates screen. This is the ZyXEL Device’ s summary lis t of certificates and certification requests. Certificates dis play in black and cer tification requests display in gray . Figure 121 [...]

  • Página 199

    Chapter 11 Certificates NBG410W3G Series User’s Guide 199 Subject This field displays identi fying informa t ion about the certificate’s owner , such as CN (Common Name), OU (Organiza tional Unit or department), O (Organization or company) and C (Country). It is recommended that each certificate have unique subject information. Issuer This fiel[...]

  • Página 200

    Chapter 11 Certificates NBG410W3G Series User’s Guide 200 1 1.6 My Certificate Det ails Click SECURITY > CER TIFICA TES > My Certificates to open the My Certificates screen (see Figure 121 on page 198 ). Click the details icon to open the My Certificate Details screen. Y ou can us e this screen to view in -depth certificate inform ation and[...]

  • Página 201

    Chapter 11 Certificates NBG410W3G Series User’s Guide 201 Serial Number T his field displays th e certificate’ s identification number given by the certification authority or generated b y the ZyXEL De vice. Subject This field disp lays information that identif ies th e owner of the certificate, such as Common Name (CN), Organizati onal Un it ([...]

  • Página 202

    Chapter 11 Certificates NBG410W3G Series User’s Guide 202 1 1.7 My Certificate Export Click SECURITY > CERTIFICA TES > My Certificates and then a ce rtificate’ s export icon to open the My Certificate Export screen. Follow the instructions in this screen to choose the file format to use for saving the certif icate from the ZyXEL Device to[...]

  • Página 203

    Chapter 11 Certificates NBG410W3G Series User’s Guide 203 1 1.8 My Certificate Import Click SECURITY > CER TIFICA TES > My Certificates and then Import to open the My Certificate I mport screen. Follow the instructions in this screen to save an existing certificate from a computer to the ZyXEL Device. " Y ou can only import a cert ific[...]

  • Página 204

    Chapter 11 Certificates NBG410W3G Series User’s Guide 204 Figure 124 SECURITY > CERTIFICA TES > My Certificates > Import The following table describes the labels in this screen. When you import a binary PKCS#12 format certificate, another screen displays for y ou to enter the password. Figure 125 SECURITY > CERTIFICA TES > My Ce rt[...]

  • Página 205

    Chapter 11 Certificates NBG410W3G Series User’s Guide 205 1 1.9 My Certificate Create Click SECURITY > CER TIFICA TES > My Certificates > Create to open the My Certificate Cr eate screen. Use this screen to have the ZyXEL Device create a self-signed certificate, enroll a certificate with a certificatio n authority or generate a certifica[...]

  • Página 206

    Chapter 11 Certificates NBG410W3G Series User’s Guide 206 Figure 127 SECURITY > CERTIFICA TES > My Cert ificates > Crea te (Advanced) The following table describes the labels in this screen. T able 56 SECURITY > CERTIFICATES > My Certificates > Create LABEL DESCRIPTION Certificate Name T ype up to 31 ASCII characters (not includ[...]

  • Página 207

    Chapter 11 Certificates NBG410W3G Series User’s Guide 207 Common Name Select a radio button to identify th e certificate’s owner by IP address, domain name or e-mail address. T y pe the IP address (in dotted decimal notation), domain name or e-mail address in the field provide d. The domain name or e- mail address can be up to 31 ASCII char act[...]

  • Página 208

    Chapter 11 Certificates NBG410W3G Series User’s Guide 208 Subject Alternative Name Select a radio button to identify the cert ifica te’s owner by IP address, domain name or e-mail address. T y pe the IP address (in dotted decimal notation), domain name or e-mail address in the field provide d. The domain name or e- mail address can be up to 31 [...]

  • Página 209

    Chapter 11 Certificates NBG410W3G Series User’s Guide 209 After you click Apply in the My Certificate Create screen, you see a screen that tells you the ZyXEL Device is generating the self-signe d certificate or certification request. After the ZyXEL Device successfully enrolls a ce rtificate or generates a certification request or a self-signed [...]

  • Página 210

    Chapter 11 Certificates NBG410W3G Series User’s Guide 210 Figure 128 SECURITY > CERTIFICA TES > T rusted CAs The following table describes the labels in this screen. T able 57 SECURITY > CERTIFICA TES > T rusted CAs LABEL DESCRIPTION PKI S torage S pace in Use This bar displays the percentage of the ZyXEL Device’s PKI storage sp a c[...]

  • Página 211

    Chapter 11 Certificates NBG410W3G Series User’s Guide 21 1 1 1.1 1 T rusted CA Det ails Click SECURITY > CER TIFICA TES > T rusted CAs to open the T rusted CAs screen. Click the details icon to open the T rusted CA Details screen. Use this screen to view in-depth information about the certification authority’ s certif icate, change the ce[...]

  • Página 212

    Chapter 11 Certificates NBG410W3G Series User’s Guide 212 Figure 129 SECURITY > CERTIFICA TES > T rusted CAs > Details The following table describes the labels in this screen. T able 58 SECURITY > CERTIFICA TES > T rusted CAs > Details LABEL DESCRIPTION Name This field displays the id entifying name of this certi ficate. If you [...]

  • Página 213

    Chapter 11 Certificates NBG410W3G Series User’s Guide 213 Certification Path Click the Refresh button to have this read-only text box display the end entity’s certificat e and a list of cert ification authority certificat es that shows the hierarchy of certification author ities that validate the end entity’ s certificate. If the issuing cert[...]

  • Página 214

    Chapter 11 Certificates NBG410W3G Series User’s Guide 214 1 1.12 T rusted CA Import Click SECURITY > CER TIFICA TES > T rusted CAs to open the T rusted CAs screen and then click Import to open the T rusted CA Import screen. Follow t he instructions in this screen to save a trusted certification authority ’ s certificate from a computer to[...]

  • Página 215

    Chapter 11 Certificates NBG410W3G Series User’s Guide 215 Figure 130 SECURITY > CERTIFICA TES > T rusted CAs > Import The following table describes the labels in this screen. 1 1.13 T rusted Remote Host s Click SECURITY > CER TIFICA TES > T rusted Remote Hosts to open the T rusted Remote Hosts screen. This screen displays a list of[...]

  • Página 216

    Chapter 11 Certificates NBG410W3G Series User’s Guide 216 Figure 131 SECURITY > CERTIFICA TES > Trusted Remote Host s The following table describes the labels in this screen. T able 60 SECURITY > CERTIFICA TES > T rusted Remote Hosts LABEL DESCRIPTION PKI S torage S pace in Use This bar displays the percentage of the Zy XEL Device’s[...]

  • Página 217

    Chapter 11 Certificates NBG410W3G Series User’s Guide 217 1 1.14 T rusted Remote Host s Import Click SECURITY > CER TIFICA TES > T rusted Remote Hosts to open the T rusted Remote Hosts screen and then click Import to open the T rusted Remote Host Import screen. Y ou may have peers with certificates that you want to trust, but the certificat[...]

  • Página 218

    Chapter 11 Certificates NBG410W3G Series User’s Guide 218 1 1.15 T rusted Remote Host Certificate Det ails Click SECURITY > CER TIFICA TES > T rusted Remote Hosts to open the T rusted Remote Hosts screen. Click the details icon to open the T rusted Remote Host Details screen. Y ou can use this screen to vie w in-depth information about the [...]

  • Página 219

    Chapter 11 Certificates NBG410W3G Series User’s Guide 219 The following table describes the labels in this screen. T able 62 SECURITY > CERTIFICA TES > T rusted Remote Hosts > Details LABEL DESCRIPTION Name This field displays the identi fying name of this certificate . If you want to change the name, ty pe up to 31 characters to id enti[...]

  • Página 220

    Chapter 11 Certificates NBG410W3G Series User’s Guide 220 1 1.16 Directory Servers Click SECURITY > CER TIFICA TES > Dire c tory Servers to open the Dir ec tory Servers screen. This screen displays a summary list of di rectory servers (that contain lists of valid and revoked certificates) that have bee n saved into the ZyXEL Device. If you [...]

  • Página 221

    Chapter 11 Certificates NBG410W3G Series User’s Guide 221 The following table describes the labels in this screen. 1 1.17 Directory Server Add or Edit Click SECURITY > CER TIFICA TES > Directory Servers to open the Directory Servers screen. Click Add (or the details icon) to open the Directory Server Add screen. Use this screen to configure[...]

  • Página 222

    Chapter 11 Certificates NBG410W3G Series User’s Guide 222 Access Protocol Use the drop-down list box to se lect the access protocol used by the directory server . LDAP (Lightweight Directory Access Prot ocol) is a protocol over TCP that specifies how clients access directories o f certificates and lists of revoked certificates. A Server Address T[...]

  • Página 223

    223 P ART V Advanced Network Address T ranslation (NA T) (225) S tatic Route (243) DNS (247) Remote Management (259) UPnP (281) Custom Application (291) ALG Screen (293)[...]

  • Página 224

    224[...]

  • Página 225

    NBG410W3G Series User’s Guide 225 C HAPTER 12 Network Address Translation (NAT) This chapter discusses how to configure NA T on the ZyXEL Device. 12.1 NA T Overview NA T (Network Address Translation - NA T , RFC 1631) is the translation of the IP address of a host in a packet. For example, the source address of an outg oing packet, used within on[...]

  • Página 226

    Chapter 12 Network Addr ess Translation (NAT) NBG410W3G Series User’s Guide 226 " NA T never changes the IP address (e ither local or global) of an out side host. 12.1.2 What NA T Does In the simplest form, NA T changes the sour ce IP address in a packet received from a subscriber (the inside local address) to anothe r (the inside global add[...]

  • Página 227

    Chapter 12 N etwork A ddress Trans lation (NAT ) NBG410W3G Series User’s Guide 227 Figure 136 How NA T Works 12.1.4 NA T Application The following figure illustrates a possible NA T application, wher e three inside LANs (logical LANs using IP Alias) behind the ZyXEL Devi ce can communicate with three distinct W AN networks. More examples follow a[...]

  • Página 228

    Chapter 12 Network Addr ess Translation (NAT) NBG410W3G Series User’s Guide 228 Figure 137 NA T Application With IP Alias 12.1.5 Port Restricted Cone NA T ZyXEL Device ZyNOS version 4.00 and late r uses port restricted cone NA T . Port restricted cone NA T maps all outgoing packets from an internal IP address and port to a single IP address and p[...]

  • Página 229

    Chapter 12 N etwork A ddress Trans lation (NAT ) NBG410W3G Series User’s Guide 229 Figure 138 Port Restricted Cone NA T Example 12.1.6 NA T Mapping T ypes NA T supports five types of IP/port mapping. They are: • One to One : In One-to-One mode, the ZyXEL Devi ce maps one local IP address to one global IP address. • Many to One : In Many-to-On[...]

  • Página 230

    Chapter 12 Network Addr ess Translation (NAT) NBG410W3G Series User’s Guide 230 The following table summarizes the NA T mapping types. 12.2 Using NA T " Y ou must create a firewall rule in addi tion to setting up SUA/NA T , to allow traffic from the W AN to be forw arded through the ZyXEL Device. 12.2.1 SUA (Single User Account) V ersus NA T[...]

  • Página 231

    Chapter 12 N etwork A ddress Trans lation (NAT ) NBG410W3G Series User’s Guide 231 Figure 139 ADV ANCED > NA T > NA T Overview The following table describes the labels in this screen. T able 67 ADVANCED > NAT > NAT Overview LABEL DESCRIPTION Global Settings Max. Concurrent Sessions This read-only field disp lays the highest number of [...]

  • Página 232

    Chapter 12 Network Addr ess Translation (NAT) NBG410W3G Series User’s Guide 232 12.4 NA T Address Mapping Click ADV ANCED > NA T > Address Mapping to open the following screen. 12.4.1 What NA T Does In the simplest form, NA T changes the sour ce IP address in a packet received from a subscriber (the inside local address) to anothe r (the in[...]

  • Página 233

    Chapter 12 N etwork A ddress Trans lation (NAT ) NBG410W3G Series User’s Guide 233 Figure 140 ADV ANCED > NA T > Address Mapping The following table describes the labels in this screen. T able 68 ADVANCED > NAT > Address Mapping LABEL DESCRIPTI ON SUA Add ress Mapping Rules This read-only table displays the default address mapping rul[...]

  • Página 234

    Chapter 12 Network Addr ess Translation (NAT) NBG410W3G Series User’s Guide 234 12.4.2 NA T Address Mapping Edit Click the edit icon to display the NA T Address Mapping Edit screen. Use this screen to edit an address mapping rule. See Section 12.1 on page 225 for information on NA T and address mapping. Figure 141 ADV ANCED > NA T > Address[...]

  • Página 235

    Chapter 12 N etwork A ddress Trans lation (NAT ) NBG410W3G Series User’s Guide 235 The following table describes the labels in this screen. 12.5 Port Forwarding A port forwarding set is a list of inside (behind NA T on the LAN) servers, for example, web or FTP , that you can make visible to the outside world even thoug h NA T makes your whole ins[...]

  • Página 236

    Chapter 12 Network Addr ess Translation (NAT) NBG410W3G Series User’s Guide 236 " If you do not assign a Default Server IP address, the Zy XEL Device discards all packet s received for ports that are not specified here or in the remote management setup. 12.5.2 Port Forwarding: Services and Port Numbers The ZyXEL Device provides the additiona[...]

  • Página 237

    Chapter 12 N etwork A ddress Trans lation (NAT ) NBG410W3G Series User’s Guide 237 Figure 142 Multiple Servers Behind NA T Example 12.5.4 NA T and Multiple W A N The ZyXEL Device has two W AN interfaces. Y ou can configure port forwarding and trigger port rule sets for the first W AN interface and separate sets of rules for the second W AN interf[...]

  • Página 238

    Chapter 12 Network Addr ess Translation (NAT) NBG410W3G Series User’s Guide 238 Figure 143 Port T ranslation Example 12.6 Port Forwarding Screen Click ADV ANCED > NA T > Port Forwarding to open the Port Forwarding screen. " If you do not assign a Default Server IP address, the Zy XEL Device discards all packet s received for ports that[...]

  • Página 239

    Chapter 12 N etwork A ddress Trans lation (NAT ) NBG410W3G Series User’s Guide 239 Figure 144 ADV ANCED > NA T > Port Forwarding The following table describes the labels in this screen. T able 71 ADVANCED > NAT > Port Forwarding LABEL DESCRIPTION W AN Interface Select the W AN i nterface for which yo u want to view or con figure addre[...]

  • Página 240

    Chapter 12 Network Addr ess Translation (NAT) NBG410W3G Series User’s Guide 240 12.7 Port T riggering Some services use a dedicated range of ports on the client side and a dedica ted range of ports on the server side. W ith regular port forwarding you set a forwarding port in NA T to forward a service (coming in from the server on the W AN) to th[...]

  • Página 241

    Chapter 12 N etwork A ddress Trans lation (NAT ) NBG410W3G Series User’s Guide 241 Figure 146 ADV ANCED > NA T > Port T riggering The following table describes the labels in this screen. T able 72 ADVANCED > NAT > Port Triggering LABEL DESCRIPTION WA N Interface Select the W AN interface for which you wa nt to vi ew or configure addre[...]

  • Página 242

    Chapter 12 Network Addr ess Translation (NAT) NBG410W3G Series User’s Guide 242[...]

  • Página 243

    NBG410W3G Series User’s Guide 243 C HAPTER 13 Static Route This chapter shows you how to configure static routes for your ZyXEL Device. 13.1 IP S t atic Route The ZyXEL Device usually uses th e default gateway to route outbound traf fic from local computers to the Internet. T o have the ZyX EL Device send data to de vices not reachable through th[...]

  • Página 244

    Chapter 13 Static Rou te NBG410W3G Series User’s Guide 244 13.2 IP S t atic Route Click ADV ANCED > ST A TIC ROUTE to op en the IP S tatic Route screen. The first two static route entries are for de fa ult W AN 1 and W AN 2 routes on a ZyXEL Device with multiple W AN interfaces. Y ou cannot modify or dele te a static default route. The default[...]

  • Página 245

    Chapter 13 Static Route NBG410W3G Series User’s Guide 245 The following table describes the labels in this screen. 13.2.1 IP St atic Route Edit Click the edit icon in the IP S tatic Route screen. The screen shown next appears. Use this screen to configure the required information for a static route. Figure 149 ADV ANCED > ST A TIC ROUTE > I[...]

  • Página 246

    Chapter 13 Static Rou te NBG410W3G Series User’s Guide 246 Gateway IP Address Enter the IP address of the g ateway . The gateway is a route r or switch on the same network segment as the device's LAN or WA N port. The gateway helps forward packets to their destinations. Metric Metric represents the “cost” of transmission for routing purp[...]

  • Página 247

    NBG410W3G Series User’s Guide 247 C HAPTER 14 DNS This chapter shows you how to configure the DNS screens. 14.1 DNS Overview DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely impo rtant because without it, you must know the IP address of a machine before you can acc e[...]

  • Página 248

    Chapter 14 DNS NBG410W3G Series User’s Guide 248 14.4 Address Record An address record contains the mapping of a fu lly qualified domain na me (FQDN) to an IP address. An FQDN consists of a hos t and doma in name and includes the top-level domain. For example, www .zyxel.com.tw is a fully qualif ied domain name, where “www” is the host, “zy[...]

  • Página 249

    Chapter 14 DNS NBG410W3G Series User’s Guide 249 Figure 150 ADV ANCED > DNS > System DNS The following table describes the labels in this screen. LABEL DESCRIPTION Address Record An address record specifies the mapping of a fully qual ified domain name (FQDN) to an IP address. An FQDN consists of a host and domain name and includes the top-[...]

  • Página 250

    Chapter 14 DNS NBG410W3G Series User’s Guide 250 14.6.1 Adding an Address Record Click Add in the System screen to open this screen. Use th is screen to add an address record. An address record contains the mapping of a fu lly qualified domain na me (FQDN) to an IP address. Configure address record s about the ZyXEL De vice itself or another devi[...]

  • Página 251

    Chapter 14 DNS NBG410W3G Series User’s Guide 251 The following table describes the labels in this screen. 14.6.2 Inserting a Name Server Record Click Inser t in the System screen to open this screen. Use this screen to insert a name server record. A name server record contains a DNS se rver ’ s IP ad dress. The ZyXE L Device can query the DNS s[...]

  • Página 252

    Chapter 14 DNS NBG410W3G Series User’s Guide 252 The following table describes the labels in this screen. 14.7 DNS Cache DNS cache is the temporary storage area where a router stores responses from DNS servers. When the ZyXEL Device re ceives a positive or negative res ponse for a DNS query , it records the response in the DNS cache. A positive r[...]

  • Página 253

    Chapter 14 DNS NBG410W3G Series User’s Guide 253 Figure 153 ADV ANCED > DNS > Cache The following table describes the labels in this screen. LABEL DESCRIPTION DNS Cache Setup Cache Positive DNS Resolutions Select the check box to record the positive DNS resolutions in the cache. Caching positive DNS re solutions helps speed up the ZyXEL Dev[...]

  • Página 254

    Chapter 14 DNS NBG410W3G Series User’s Guide 254 14.9 Configuring DNS DHCP Click ADV ANCED > DNS > DHCP to open the DNS DHCP screen shown next. Use this screen to configure the DNS server information that the ZyXEL Device sends to its LAN or DMZ DHCP clients. Figure 154 ADV ANCED > DNS > DHCP The following table describes the labels i[...]

  • Página 255

    Chapter 14 DNS NBG410W3G Series User’s Guide 255 14.10 Dynamic DNS Dynamic DNS allows you to update your curre nt dynamic IP address with one or many dynamic DNS services so that anyone can c ont act you (in NetMeeting, CU-SeeMe, etc.). Y ou can also access your FTP server or W eb site on your own computer using a domain name (for instance myhost[...]

  • Página 256

    Chapter 14 DNS NBG410W3G Series User’s Guide 256 " If you have a private W A N IP address, then you cannot use Dynamic DNS. 14.10.2 High A vailability A DNS server maps a domain name to a port's IP address. If that W AN port loses its connection, high availability allo ws the router to substitute anot her port's IP address for the [...]

  • Página 257

    Chapter 14 DNS NBG410W3G Series User’s Guide 257 Username Enter your user name. Y ou can use up to 31 alphanumeric characte rs (and the underscore). S paces are not allowed. Password Enter the password associated with the user name above . Y ou can use up to 31 alphanumeric characters (and the un derscore). S paces are not allowed. My Domain Name[...]

  • Página 258

    Chapter 14 DNS NBG410W3G Series User’s Guide 258[...]

  • Página 259

    NBG410W3G Series User’s Guide 259 C HAPTER 15 Remote Management This chapter provides information on the Remote Management screens. 15.1 Remote Management Overview Remote management allows you to determ ine which services/protocols can access which ZyXEL Device interface (if any) from which computers. The following figure shows secure and insecur[...]

  • Página 260

    Chapter 15 Remo te Management NBG410W3G Series User’s Guide 260 3 Te l n e t 4 HTTPS and HTTP 15.1.1 Remote Management Limit ations Remote management do es not work when: 1 Y ou have not enabled that service on th e interface in the corresponding remote management screen. 2 Y ou have disabled that service in one of the remote management screens. [...]

  • Página 261

    Chapter 15 Remote Manag ement NBG410W3G Series User’s Guide 261 2 HTTP connection requests from a web browser go to port 80 (by defa ult) on the ZyXEL Device’ s WS (web server). Figure 157 HTTPS Implement ation " If you disable the HTTP service in the REMOTE MGMT > WWW screen, then the ZyXEL Device blocks all HTTP c onnection attempts. [...]

  • Página 262

    Chapter 15 Remo te Management NBG410W3G Series User’s Guide 262 Figure 158 ADV ANCED > REMOTE MGMT > WWW The following table describes the labels in this screen. T able 76 ADVANCED > REMOTE MGMT > WWW LABEL DESCRIPTION HTTPS Serve r Certifica te Select the Server Certificate that the ZyXEL Device will use to identify itself. The ZyXEL[...]

  • Página 263

    Chapter 15 Remote Manag ement NBG410W3G Series User’s Guide 263 15.4 HTTPS Example If you haven’t changed the default HTTPS port on the ZyXEL Device, then in your browser enter “https://ZyXEL Device IP Address/” as the web site ad dress where “ZyXEL Device IP Address” is the IP address or domain na me of the ZyXEL Device you wish to acc[...]

  • Página 264

    Chapter 15 Remo te Management NBG410W3G Series User’s Guide 264 If Accept this certificate temporarily for this session is selected, then click OK to continue in Netscape. Select Accept this certificate permanently to import the ZyXEL Devi ce’ s certificate into the SSL client. Figure 160 Security Certificate 1 (Net scape) Figure 161 Security C[...]

  • Página 265

    Chapter 15 Remote Manag ement NBG410W3G Series User’s Guide 265 • The actual IP address of the HTTPS server (the IP address of the ZyXEL Device’ s port that you are trying to access) does not matc h the common name specified in the ZyXEL Device’ s HTTPS server certificate that your brow ser received. Do the following to check the common nam[...]

  • Página 266

    Chapter 15 Remo te Management NBG410W3G Series User’s Guide 266 Figure 163 Replace Certificate Click Apply in the Replace Certificate scre en to create a certificate using your ZyXEL Device’ s MAC address that will be specific to this device. Click CERTIFICA TES to open the My Certificates screen. Y ou will see information sim ilar to that show[...]

  • Página 267

    Chapter 15 Remote Manag ement NBG410W3G Series User’s Guide 267 Figure 165 Common ZyXEL Device Certificate 15.5 SSH Y ou can use SSH (Secure SHell) to secure ly access the ZyXEL Device’ s command line interface. Specify which interfaces allow SS H acces s and from which IP address the access can come. Unlike T elnet or FTP , which transmit data[...]

  • Página 268

    Chapter 15 Remo te Management NBG410W3G Series User’s Guide 268 Figure 167 How SSH Works 1 Host Identification The SSH client s ends a connection reque s t to the SSH server . The server identifies itself with a host key . The client encrypts a rand omly generated session ke y with the host key and server key and sends the result back to the serv[...]

  • Página 269

    Chapter 15 Remote Manag ement NBG410W3G Series User’s Guide 269 15.8 Configuring SSH Click ADV ANCED > REMOTE MGMT > SSH to change yo ur ZyXEL Device’ s Secure Shell settings. " It is recommended that y ou disable T elnet and FTP when you configure SSH for secure connections. Figure 168 ADV ANCED > REMOTE MGMT > SSH The followi[...]

  • Página 270

    Chapter 15 Remo te Management NBG410W3G Series User’s Guide 270 15.9 Secure T elnet Using SSH Exampl es This section shows two examples using a comm and interface and a graphical interface SSH client program to remotely a ccess the ZyXEL Device. The configuration and connection steps are similar for most SSH client programs. Refe r to your SSH cl[...]

  • Página 271

    Chapter 15 Remote Manag ement NBG410W3G Series User’s Guide 271 2 Enter “ ssh –1 192.168.1.1 ”. This command forces your computer to connect to the ZyXEL Device using SSH version 1. If this is the first time you are connecting to the ZyXEL Device using SSH, a message displa ys prompting you to save the host information of the ZyXEL Device. [...]

  • Página 272

    Chapter 15 Remo te Management NBG410W3G Series User’s Guide 272 Figure 172 Secure FTP: Firmware Upload Example 15.1 1 T elnet Y ou can use T elnet to access the ZyXEL De vice’ s command line inte rfa ce. Specify which interfaces allow T elnet access and fro m which IP address the access can come . 15.12 Configuring TELNET Click ADV ANCED > R[...]

  • Página 273

    Chapter 15 Remote Manag ement NBG410W3G Series User’s Guide 273 The following table describes the labels in this screen. 15.13 FTP Y ou can use FTP (File T ransfer Protocol) to upload and download the ZyXEL Device’ s firmware and configuration files, please see the User ’ s Guide chapter on firmware and configuration file maintenance for deta[...]

  • Página 274

    Chapter 15 Remo te Management NBG410W3G Series User’s Guide 274 The following table describes the labels in this screen. 15.14 SNMP Simple Network Management Protocol is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP pro tocol suite. Y our ZyXEL Device supports SNMP ag ent functionali[...]

  • Página 275

    Chapter 15 Remote Manag ement NBG410W3G Series User’s Guide 275 Figure 175 SNMP Managemen t Model An SNMP managed network consis ts of two main types of comp onent: agen ts and a manager . An agent is a management software module that resi des in a managed device (the ZyXEL Device). An agent translates the local manageme nt information from the m[...]

  • Página 276

    Chapter 15 Remo te Management NBG410W3G Series User’s Guide 276 15.14.2 SNMP T rap s The ZyXEL Device will send traps to the SNMP manager when any on e of the following events occurs: 15.14.3 REMOTE MANAGEMENT : SNMP T o change your ZyXEL Device’ s SNMP settings, click ADV ANCED > REMOTE MGMT > SNMP . The screen appears as shown. Figure 1[...]

  • Página 277

    Chapter 15 Remote Manag ement NBG410W3G Series User’s Guide 277 The following table describes the labels in this screen. 15.15 DNS Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa. Refer to Chapter 6 on page 1 11 for more information. Click ADV ANCED > REMOTE MGMT > DNS to change your Zy XEL D[...]

  • Página 278

    Chapter 15 Remo te Management NBG410W3G Series User’s Guide 278 The following table describes the labels in this screen. 15.16 Introducing V ant age CNM V antage CNM (Centralized Network Management) is a bro wser-based global management solution that allows an administrator from any location to easily conf igure, manage, monitor and troubleshoot [...]

  • Página 279

    Chapter 15 Remote Manag ement NBG410W3G Series User’s Guide 279 Figure 178 ADV ANCED > REMOTE MGMT > CNM The following table describes the labels in this screen. T able 83 ADV ANCED > RE MOTE MGMT > CNM LABEL DESCRIPTION Registration Information Registration S tatus This read only field displays No t Registered when Enable is not sele[...]

  • Página 280

    Chapter 15 Remo te Management NBG410W3G Series User’s Guide 280 15.17.1 Additional Configuration for V ant age CNM If you have NA T router s or firewalls between the ZyXEL Devi ce and the V antage CNM server , you must configure them to forward TCP ports 8080 (HTTP), 443 (HTTPS) and 20 and 21 (FTP). They must also fo rward UDP ports 1864 and 1 86[...]

  • Página 281

    NBG410W3G Series User’s Guide 281 C HAPTER 16 UPnP This chapter introduces the Universal Plug and Play feature. 16.1 Universal Plug and Play Overview Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectiv ity between devices. A UPnP device can dynamically join a network[...]

  • Página 282

    Chapter 16 UPnP NBG410W3G Series User’s Guide 282 All UPnP-enabled devices may communicate freely with eac h other without additional configuration. Disable UPnP if this is not your intention. 16.1.4 UPnP and ZyXEL ZyXEL has achieved UPnP certification from th e Universal Plug and Play Forum UPnP™ Implementers Corp. (UIC). ZyXEL's UPnP imp[...]

  • Página 283

    Chapter 16 UPnP NBG410W3G Series User’s Guide 283 16.3 Displaying UPnP Port Mapping Click ADV ANCED > UPnP > Ports to display the UPnP Ports sc reen. Use this screen to view the NA T port mapping rules that UPnP creates on the ZyXEL Device. Figure 180 ADV ANCED > UPnP > Ports The following table describes the labels in this screen. Ou[...]

  • Página 284

    Chapter 16 UPnP NBG410W3G Series User’s Guide 284 16.4 Inst alling UPnP in Windows Example This section shows ho w to install UPnP in W indows Me and W indows XP . External Port This field displays the port number that the ZyXEL Device “l istens” on (on the W AN port) for connection requests destined for th e NA T rule’s Internal Port and I[...]

  • Página 285

    Chapter 16 UPnP NBG410W3G Series User’s Guide 285 16.4.1 Inst alling UPnP in Windows Me Follow the steps below to in stall UPnP in Wi ndows Me. 1 Click St a r t , Settings and Co ntrol Panel . Double-click Add/Remove Programs . 2 Click on the Win d o ws S et u p tab and select Communication in the Components selection box. Click Details . 3 In th[...]

  • Página 286

    Chapter 16 UPnP NBG410W3G Series User’s Guide 286 16.4.2 Inst alling UPnP in Windows XP Follow the steps below to install UPnP in W indows XP . 16.5 Using UPnP in Windows XP Example This section shows yo u how to use the UPnP feature in W indows XP . Y ou must already have UPnP installed in W indows XP and UPnP activated on the ZyXEL device. Make[...]

  • Página 287

    Chapter 16 UPnP NBG410W3G Series User’s Guide 287 16.5.1 Auto-discover Y our UPnP-enabled Network Device 1 Click St a r t and Contr ol Panel . Double-click Network Connections . An icon disp lays under Inte rnet Gateway . 2 Right-click the icon and select Properties . 3 In the Internet Connection Properties window , click Settings to see the port[...]

  • Página 288

    Chapter 16 UPnP NBG410W3G Series User’s Guide 288 " When the UPnP-enabled device is disconn ected from your computer , all port mappings will be delet ed automatically . 16.5.2 We b Configurator Easy Access W ith UPnP , you can access the web-based configur ator on the ZyXEL de vice without finding out the IP address of the ZyXEL device firs[...]

  • Página 289

    Chapter 16 UPnP NBG410W3G Series User’s Guide 289 Follow the steps below to access the web configurator . 1 Click St a r t and then Contr ol Panel . 2 Double-click Network Connections . 3 Select My Network Places under Other Places . 4 An icon with the d escription for each UPnP-enabled device displays under Local Network . 5 Right-click the icon[...]

  • Página 290

    Chapter 16 UPnP NBG410W3G Series User’s Guide 290 6 Right-click the icon for your ZyXEL device and select Properties . A properties window displays with basic information about the ZyXEL device. EXAMPLE[...]

  • Página 291

    NBG410W3G Series User’s Guide 291 C HAPTER 17 Custom Application This chapter covers how to set the ZyXEL De vice’ s to monitor custom port numbers for specific applications. 17.1 Custom Application Use custom application to have the ZyXEL Device’ s ALG feature monitor traffic on custom ports, in addition to the default ports. By default, the[...]

  • Página 292

    Chapter 17 Custom Application NBG410W3G Series User’s Guide 292 Figure 181 ADV ANCED > Custom APP The following table describes the labels in this screen. T able 86 ADV ANCED > Custom AP P LABEL DESCRIPTION Applic ation Select the application for which you want the ZyXEL Devi ce to monitor specific ports. Y ou can use the same applicati on [...]

  • Página 293

    NBG410W3G Series User’s Guide 293 C HAPTER 18 ALG Screen This chapter co vers how to use the ZyXEL Dev ice ’ s ALG feature to allow certain applications to pass through the ZyXEL Device. 18.1 ALG Introduction An Application Layer Gateway (ALG) manages a specific protocol (such as SIP , H.323 or FTP) at the application layer . The ZyXEL Devi ce [...]

  • Página 294

    Chapter 18 ALG Screen NBG410W3G Series User’s Guide 294 18.1.3 ALG and Multiple W AN When the ZyXEL Device has two W AN interfaces and uses the second highest priority W AN interfaces as a back up, traffic cannot pass through when the primar y W AN connection fails. The ZyXEL Device does not automatically ch ange the connection to the secondary W[...]

  • Página 295

    Chapter 18 ALG Scr een NBG410W3G Series User’s Guide 295 Figure 182 H.323 ALG Examp le • W ith multiple W A N IP addresses on the ZyXEL Device, you can configure different firewall and port forwarding rules to allo w incoming calls from each W AN IP address to go to a specific IP address on the LAN or DMZ. For example, you configure firewall an[...]

  • Página 296

    Chapter 18 ALG Screen NBG410W3G Series User’s Guide 296 18.5.2 SIP ALG Det ails • SIP clients can be connected to the LAN or DMZ. A SIP server must be on the W AN. • Y ou can make and receive calls between the LAN and the W AN, between the DMZ and the W AN. Y ou cannot make a call between th e LAN and the LAN, between the LAN and the DMZ, bet[...]

  • Página 297

    Chapter 18 ALG Scr een NBG410W3G Series User’s Guide 297 Figure 185 ADV ANCED > ALG The following table describes the labels in this screen. T able 87 ADV ANCED > ALG LABEL DESCRIPTION Enable FT P ALG Select this check box to allow FTP sessions to pass through th e ZyXEL Device. FTP (File T ransfe r Program) is a program that enables fast t[...]

  • Página 298

    Chapter 18 ALG Screen NBG410W3G Series User’s Guide 298[...]

  • Página 299

    299 P ART VI Logs and Maintenance Logs Screens (301) Maintenance (325)[...]

  • Página 300

    300[...]

  • Página 301

    NBG410W3G Series User’s Guide 301 C HAPTER 19 Logs Screens This chapter contains inform ation about configuring genera l log settings and viewing the ZyXEL Device’ s logs. Refer to Section 19.5 on page 312 for exa mple log message explanations. 19.1 Configuring V iew Log The web confi gurator allows you to look at a ll of the ZyXEL Device’ s [...]

  • Página 302

    Chapter 19 Logs Scre ens NBG410W3G Series User’s Guide 302 The following table describes the labels in this screen. 19.2 Log Description Example The following is an example of how a log di splays in the command line interpreter and a description of the sample log. Refer to the Section 19.5 on page 312 for more log message descriptions and the app[...]

  • Página 303

    Chapter 1 9 Logs Scre ens NBG410W3G Series User’s Guide 303 19.2.1 About the Cert ificate Not T rusted Log myZyXEL.com and the update server use cer tificates signed by V eriSign to identify themselves. If the ZyXEL Device does not have a CA certificate signed by V eriSign as a trusted CA, the ZyXEL Device will not trust the certificate from myZy[...]

  • Página 304

    Chapter 19 Logs Scre ens NBG410W3G Series User’s Guide 304 Figure 188 myZyXEL.com: Certificate Download 19.3 Configuring Log Settings T o change your ZyXEL De vice’ s log settings, click LOGS > Log Settings . The scre en appears as shown. Use the Log Settings screen to configure to where the Zy XEL Device is to send logs; the schedule for wh[...]

  • Página 305

    Chapter 1 9 Logs Scre ens NBG410W3G Series User’s Guide 305 Figure 189 LOGS > Log Settings[...]

  • Página 306

    Chapter 19 Logs Scre ens NBG410W3G Series User’s Guide 306 The following table describes the labels in this screen. T able 90 LOGS > Log Settings LABEL DESCRIPTION E-mail Log Settings Mail Server Enter the server name or the IP address of the mail server for the e-mail addresses specified below . If this field is left blank, logs and alert mes[...]

  • Página 307

    Chapter 1 9 Logs Scre ens NBG410W3G Series User’s Guide 307 19.4 Configuring Report s The Reports screen displays which computers on th e LAN or DMZ send and receive the most traffic, what kinds of traf fic are used the most and which web sites are visited the most often. The ZyXEL Device can record and displa y the following network usa ge detai[...]

  • Página 308

    Chapter 19 Logs Scre ens NBG410W3G Series User’s Guide 308 Figure 190 LOGS > Report s " Enabling the ZyXEL Device ’s reporting function decreases the overall throughput by about 1 Mbps. The following table describes the labels in this screen. T able 91 LOGS > Reports LABEL DESCRIPTION Collect St a t i s t i c s Select the check box a[...]

  • Página 309

    Chapter 1 9 Logs Scre ens NBG410W3G Series User’s Guide 309 " All of the recorded reports dat a is erased when you tu rn off the ZyXEL Device. 19.4.1 V iewing Web Site Hit s In the Reports sc reen, select W eb Site Hits from the Report T ype drop-down list box to have the ZyXEL Device record an d display which web sites have been visited the[...]

  • Página 310

    Chapter 19 Logs Scre ens NBG410W3G Series User’s Guide 310 " Computers take turns using dynamical ly assigned LAN or DMZ IP addresses. The ZyXEL Device continues recording th e bytes sent to or from a LAN or DMZ IP address when it is assi gned to a different computer . Figure 192 LOGS > Reports: Hos t IP Addres s Example The following tab[...]

  • Página 311

    Chapter 1 9 Logs Scre ens NBG410W3G Series User’s Guide 31 1 Figure 193 LOGS > Reports: Pro tocol/Por t Example The following table describes the labels in this screen. T able 94 LOGS > Reports: Protocol/ Port LABEL DESCRIPTION Protoc ol/Port This column lists the protocols or servic e ports for which the most traf fic has gone through the [...]

  • Página 312

    Chapter 19 Logs Scre ens NBG410W3G Series User’s Guide 312 19.4.4 System Report s Specifications The following table lists detailed specifications on the reports feature. 19.5 Log Descriptions This section provides descriptio ns of example log messages. T able 95 Report Specifications LABEL DESCRIPTION Number of web sites/p rotocols or ports/IP a[...]

  • Página 313

    Chapter 1 9 Logs Scre ens NBG410W3G Series User’s Guide 313 Connect to Daytime server fail The router was n ot able to connect to the Daytime server . Connect to Time server fail The router was not ab le to connect to the T ime server . Connect to NTP server fail The router wa s not able to co nnect to the NTP se rver . Too large ICMP packet has [...]

  • Página 314

    Chapter 19 Logs Scre ens NBG410W3G Series User’s Guide 314 T able 98 Access Contro l Logs LOG MESSAGE DESCRIPTION Firewall default policy: [ TCP | UDP | IGMP | ESP | GRE | OSPF ] <Packet Direction> Attempted TCP/UDP/IGMP/ESP/GRE/ OSPF access matched the d efault policy and was b locked or forwarded according to the de fault policy’s setti[...]

  • Página 315

    Chapter 1 9 Logs Scre ens NBG410W3G Series User’s Guide 315 F or type and code details, see T able 1 10 on page 321 . Exceed MAX incomplete, sent TCP RST The router sent a TCP reset packet when the nu mber of incomplete connections (TCP and UDP) exceeded the user- configured threshold. (Incomplete count is for all TCP and UDP connections through [...]

  • Página 316

    Chapter 19 Logs Scre ens NBG410W3G Series User’s Guide 316 Remote Management: HTTPS denied Attempted use of H TTPS service was blocked according to remo te management settings. Remote Management: SSH denied Attempted us e of SSH service was block ed according to remote management settings. Remote Management: ICMP Ping response denied Attempted us[...]

  • Página 317

    Chapter 1 9 Logs Scre ens NBG410W3G Series User’s Guide 317 For type and code details, see T able 1 10 on page 321 . T able 106 Attack Logs LOG MESSAGE DESCRIPTION attack [ TCP | UDP | IGMP | ESP | GRE | OSPF ] The firewall detected a TCP/ UDP/IGMP/ESP/GR E/OSPF attack. attack ICMP (type:%d, code:%d) The firewall dete cted an ICMP attack. land [ [...]

  • Página 318

    Chapter 19 Logs Scre ens NBG410W3G Series User’s Guide 318 IP address in FTP port command is different from the client IP address. It maybe a bounce attack. The IP address in an FTP port command is different from the client IP address. It may be a bounce attack. Fragment packet size is smaller than the MTU size of output interface. The fragm ent [...]

  • Página 319

    Chapter 1 9 Logs Scre ens NBG410W3G Series User’s Guide 319 Warning: (%ESN% or %IMSI%) Over data budget! (budget =%CONFIGURED_BUDGET%(2 decimals Mbytes, used = %USED_VOLUME%(2 decimals) Mbytes). This shows that the preconfigured d ata limit was exceeded . The ID number of the selected 3G interface or SIM card is displayed. The amount of data (i n[...]

  • Página 320

    Chapter 19 Logs Scre ens NBG410W3G Series User’s Guide 320 Failed to decode the received ARL The router received a corrupted ARL (Autho rity Revocation List) from the LDAP server wh ose address and port are recorded in the Source field. Rcvd data <size> too large! Max size allowed: <max size> The router received di rectory data that w[...]

  • Página 321

    Chapter 1 9 Logs Scre ens NBG410W3G Series User’s Guide 321 27 Path was not verified. 28 Maximum path length reached. T able 109 ACL Setting Notes P ACKET DIRECTION DIRECT ION DESCRIPTION (L to W) LAN to W AN ACL set for packets traveling from the LAN to the W AN. (W to L) W AN to LAN ACL set for packets traveli ng from the W AN to the LAN. (D to[...]

  • Página 322

    Chapter 19 Logs Scre ens NBG410W3G Series User’s Guide 322 0 Echo mess age 11 T ime Exceeded 0 T ime to live exceeded in transit 1 Fragment reassembly time exceeded 12 Parameter Problem 0 Pointer in dicates the error 13 T imestamp 0 T imestamp requ est message 14 T imestamp Rep ly 0 T imestamp repl y message 15 Information Request 0 Information r[...]

  • Página 323

    Chapter 1 9 Logs Scre ens NBG410W3G Series User’s Guide 323 19.6 Syslog Logs There are two types of syslog: event logs and traffic logs. The device generates an event log when a system event occurs, for example, when a user logs in or the device is under attack. The device generates a traffic log when a "session " is terminated. A traf [...]

  • Página 324

    Chapter 19 Logs Scre ens NBG410W3G Series User’s Guide 324 The following table shows RFC-2408 ISAKMP payload types that the log displays. Please refer to the RFC for detailed information on each type. Event Log: <Facility*8 + Severity>Mon dd hr:mm:ss hostname src="<srcIP:srcPort>" dst="<dstIP:dstPort>" ob=&qu[...]

  • Página 325

    NBG410W3G Series User’s Guide 325 C HAPTER 20 Maintenance This chapter displays informat ion on the maintenance screens. 20.1 Maintenance Overview The maintenanc e screens can help you view system informa tio n, upload new firmware, manage configuratio n and restart your ZyXEL Device. 20.2 General Setup and System Name General Setup contains admi[...]

  • Página 326

    Chapter 20 Maintenance NBG410W3G Series User’s Guide 326 Figure 194 MAINTENANCE > General Setup The following table describes the labels in this screen. 20.3 Configuring Password Click MAINTENANCE > Password to open the following scre en. Use this screen to change the ZyXEL Device’ s management pas sword. T able 1 13 MAINTENANCE > Gene[...]

  • Página 327

    Chapter 20 Maintenance NBG410W3G Series User’s Guide 327 Figure 195 MAINTENANCE > Password The following table describes the labels in this screen. 20.4 T ime and Date The ZyXEL Device’ s Real Time Chip (R TC) keeps track of the time and date. There is also a software mechanism to set the time manually or get the current time and date from a[...]

  • Página 328

    Chapter 20 Maintenance NBG410W3G Series User’s Guide 328 Figure 196 MAINTENANCE > T ime and Date The following table describes the labels in this screen. T able 1 15 MAINTENANCE > T ime and Date LABEL DESCRIPTION Current T ime and Date Current T ime T his field displays the ZyXEL Device ’s present time. Current Date This field di splays t[...]

  • Página 329

    Chapter 20 Maintenance NBG410W3G Series User’s Guide 329 T ime Protocol Select the time service protocol that your time server uses. Not all time servers support all protocols, so you may ha ve to check with your ISP/network administrator or use trial and error to find a protocol that works. The main difference between them is the format. Daytime[...]

  • Página 330

    Chapter 20 Maintenance NBG410W3G Series User’s Guide 330 20.5 Pre-defined NTP T ime Server Pools When you turn on the ZyXEL De vice for the first time, the date and time start at 2000-01-01 00:00:00. The ZyXEL Device then attempts to synchronize with an N TP time server from one of the 0.pool.ntp.org, 1.pool.ntp.org or 2.pool.ntp.or g NTP time se[...]

  • Página 331

    Chapter 20 Maintenance NBG410W3G Series User’s Guide 331 Figure 198 Synchronization is Successful If the update was not successful, the following screen appears. Click Return to go back to the Tim e an d Da t e screen. Figure 199 Synchronization Fail 20.6 F/W Upload Screen Find firmware at www .zyxel.com in a file that (usually) uses the system m[...]

  • Página 332

    Chapter 20 Maintenance NBG410W3G Series User’s Guide 332 Figure 200 MAINTENANCE > Firmware Upload The following table describes the labels in this screen. 1 Do not turn off the ZyXEL Device wh ile firmware uploa d is in progress! After you see the Firmware Upload in Pr ocess screen, wait two minutes before logging into the ZyXEL Device again. [...]

  • Página 333

    Chapter 20 Maintenance NBG410W3G Series User’s Guide 333 Figure 202 Network T emporarily Disconnected After two minutes, log in again an d check your new firmware version in the HOME screen. If the upload was not successful, the following screen will appear . Click Return to go back to the F/W Upload screen. Figure 203 Firmware Upload Error 20.7 [...]

  • Página 334

    Chapter 20 Maintenance NBG410W3G Series User’s Guide 334 Figure 204 MAINTENANCE > Backup and Restore 20.7.1 Backup Configuration Backup configuration allows you to b ack up (save) the ZyXEL Device’ s current configuration to a file on your co mputer . Once your ZyXEL Dev ice is configured and functionin g properly , it is highly recommended [...]

  • Página 335

    Chapter 20 Maintenance NBG410W3G Series User’s Guide 335 After you see a “restore configuration successf ul” scree n, you must then wait one minute before logging into th e ZyXEL Device again. Figure 205 Configuration Upload Successfu l The ZyXEL Device automatically restarts in this time causing a temporary network disconnect. In some operat[...]

  • Página 336

    Chapter 20 Maintenance NBG410W3G Series User’s Guide 336 Figure 208 Reset W arning Message Y ou can also press the hardware RESET button to reset the factor y defaults of your ZyXEL Device. Refer to Section 2.3 on page 45 for more information on the RESET button. 20.8 Rest art Screen System restart allows you t o reboot the Zy XEL Device without [...]

  • Página 337

    337 P ART VII T roubleshooting and S pecifications T roubleshooting (339) Product Specification s (345)[...]

  • Página 338

    338[...]

  • Página 339

    NBG410W3G Series User’s Guide 339 C HAPTER 21 Troubleshooting This chapter offers some sugg estions to solve problems you might encounter . The potential problems are divided into the following categories. • Power , Hardware Connections, and LEDs • ZyXEL Device Access and Login • Internet Access • 3G Connection 21.1 Power , Hardware Conne[...]

  • Página 340

    Chapter 21 Trou bleshooting NBG410W3G Series User’s Guide 340 21.2 ZyXEL Device Access and Login V I forgot the LAN IP addre ss for the ZyXEL Device. 1 The default LAN IP address is 192.168.1.1 . 2 Use the console port to lo g in to the ZyXEL Device. 3 If you changed the IP addre ss and have forgotten it, you might get the IP addre ss of the ZyXE[...]

  • Página 341

    Chapter 21 Trou bleshooting NBG410W3G Series User’s Guide 341 • If there is a DHCP server on your netwo r k, make sure your computer is u sing a dynamic IP address. See Appendix B on pag e 361 . Y our ZyXE L Device is a DHCP server by default. 6 Reset the device to its factory defaults, an d try to access the ZyXEL Device with the default IP ad[...]

  • Página 342

    Chapter 21 Trou bleshooting NBG410W3G Series User’s Guide 342 V I cannot use FTP to upload / download the configuratio n file. / I cannot use FTP to upload new firmware. See the troubleshooting suggestions for I cannot see or access the Login screen in the web configurator . Ignore the suggestions about your bro wser . 21.3 Internet Access V I ca[...]

  • Página 343

    Chapter 21 Trou bleshooting NBG410W3G Series User’s Guide 343 1 Check the hardware connections , and make su re the LEDs are be having as expected. See the Quick S tart Guide and Section 1.5.1 on p age 39 . 2 If you use PPPoA or PPPoE encapsulation, chec k the idle time-out setting. Refer to the Chapter 6 on page 1 11 . 3 Reboot the ZyXEL Device.[...]

  • Página 344

    Chapter 21 Trou bleshooting NBG410W3G Series User’s Guide 344 V The 3G SIGNAL STRENG TH LED shows the 3G si gnal is weak or not available. • Check that your 3G service provider has coverage in your area. • Check that in the 3G (W AN2) screen you have selecte d the correct 3G service for your area. In some areas certain kinds of 3G may not be [...]

  • Página 345

    NBG410W3G Series User’s Guide 345 C HAPTER 22 Product Specifications This chapter gives details about your ZyX EL Device’ s hardware and firmware features. 22.1 General ZyXEL Device S pecifications The following tables summarize the ZyXEL De vice’ s hardware and firmware features. T able 1 19 Hardware Specifications Dimensions 190 (W) x 150 ([...]

  • Página 346

    Chapter 22 Product Specifications NBG410W3G Series User’s Guide 346 T able 120 Firmware Specifications FEATURE DESCRIPTION Default IP Address 192.168 .1.1 Default Subnet Mask 255.255 .255.0 (24 bits) Default Password 1234 Default DHCP Pool 1 92.168.1.33 to 19 2.168.1.160 Device Management Use the we b config urator to easily configure t he rich r[...]

  • Página 347

    Chapter 22 Product Specifications NBG410W3G Series User’s Guide 347 22.2 W a ll-mounting Instructions Complete the following step s to hang your ZyXEL Device on a wall. " See T able 1 19 on page 345 for the size of screws to use and how far ap art to place them. 1 Select a position free of obstructions on a sturdy wall. 2 Drill two holes for[...]

  • Página 348

    Chapter 22 Product Specifications NBG410W3G Series User’s Guide 348 1 Be careful to avoid damaging pipes or cables located in side the wall when drilling holes for the screws. 3 Do not insert the screws all the way into th e wall. Leave a small gap of about 0.5 cm between the heads of th e screws and the wall. 4 Make sure the scre ws are snugly f[...]

  • Página 349

    Chapter 22 Product Specifications NBG410W3G Series User’s Guide 349 22.3 Power Adaptor Sp ecifications NORTH AMERICAN PLUG ST ANDARDS AC POWER ADAPT OR MODEL PSA18R-120P (ZA)-R INPUT POWER 100-240V AC, 50/60HZ, 0.5A OUTPUT POWER 12VDC, 1.5A POWER CONSUMPTION 18 W MAX. SAFETY ST ANDARD S UL, CUL (UL 60950-1 FIRST EDITIONCSA C22.2 NO. 60950-1-03 1S[...]

  • Página 350

    Chapter 22 Product Specifications NBG410W3G Series User’s Guide 350[...]

  • Página 351

    351 P ART VIII Appendices and Index " The appendices provide general informatio n. Some details may not apply to your ZyXEL Device. Pop-up W indows, JavaScripts and Java Permissions (353) Setting up Y our Computer ’ s IP Address (361) IP Addresses and Subnetting (377) Common Services (385) W ireless LANs (389) Importing Certificates (403) Le[...]

  • Página 352

    352[...]

  • Página 353

    NBG410W3G Series User’s Guide 353 A PPENDIX A Pop-up Windows, JavaScript s and Java Permissions In order to use the web configurator you need to allow: • W eb browser pop-u p windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). " Internet Explorer 6 screens are used here. Screens for ot[...]

  • Página 354

    Appendix A Po p-up Wind ows, JavaS cripts and Ja va Permission s NBG410W3G Series User’s Guide 354 2 Clear the Block pop-ups check box in the Pop-up Block e r section of the screen. This disables any web po p-up blockers you may have ena bled. Figure 213 Internet Options: Privacy 3 Click Apply to save this setting. Enable Pop-up Blockers with Exc[...]

  • Página 355

    Appendix A Pop-u p Windows, JavaScripts and Java Permissio ns NBG410W3G Series User’s Guide 355 Figure 214 Internet Options: Privacy 3 T ype the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. 4 Click Add to move the IP address to the list of Allowed s[...]

  • Página 356

    Appendix A Po p-up Wind ows, JavaS cripts and Ja va Permission s NBG410W3G Series User’s Guide 356 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScript s If pages of the web configura tor do not display properly in Internet Explorer, check that JavaScripts are allowed. 1 In Internet Explorer , click T ools[...]

  • Página 357

    Appendix A Pop-u p Windows, JavaScripts and Java Permissio ns NBG410W3G Series User’s Guide 357 Figure 217 Security Settings - Java Scripting Java Permissions 1 From Internet Explorer , click To o l s , Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM . 4 Under Java permissions make sur[...]

  • Página 358

    Appendix A Po p-up Wind ows, JavaS cripts and Ja va Permission s NBG410W3G Series User’s Guide 358 JA V A (Sun) 1 From Internet Explorer , click To o l s , Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for <applet> under Java (Sun) is sele cted. 3 Click OK to clos e the window . Figure 219 Java (Sun) Mozilla Firefo[...]

  • Página 359

    Appendix A Pop-u p Windows, JavaScripts and Java Permissio ns NBG410W3G Series User’s Guide 359 Figure 220 Mozilla Firefox: T ools > Options Click Content .to show the screen below . Select the check boxes as shown in the follo wing screen. Figure 221 Mozilla Firefox Content Security[...]

  • Página 360

    Appendix A Po p-up Wind ows, JavaS cripts and Ja va Permission s NBG410W3G Series User’s Guide 360[...]

  • Página 361

    NBG410W3G Series User’s Guide 361 A PPENDIX B Setting up Y our Computer ’ s IP Address All computers must have a 10M or 100M Et hernet adapter card and TCP/IP installed. W indows 95/98/Me/NT/2000/XP , Macintosh OS 7 and later opera ting systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on [...]

  • Página 362

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 362 Figure 222 WIndows 95/98 /Me: Networ k: Configura tion Inst alling Components The Network window Configuration tab displays a list of installed components. Y ou need a network adapter , the TCP/IP protocol and Client for Microso ft Networks. If you need the adapt[...]

  • Página 363

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 363 Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab. • If your IP address is dynamic, select Obtain an IP address automatically . • If you have a static IP addr[...]

  • Página 364

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 364 Figure 224 Windows 95/98/Me : TCP/IP Pr operties: DNS Configuration 4 Click the Gateway tab. • If you do not know you r gateway’ s IP addr ess, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and cl[...]

  • Página 365

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 365 Figure 225 Windows XP: S tart Menu 2 In the Control Panel , double-click Network Connections ( Network and Dial-up Connections in W indow s 2000/NT). Figure 226 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Pr operties .[...]

  • Página 366

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 366 Figure 227 Windows XP: Control Panel: Network Connections: Pro perties 4 Select Internet Protocol (TCP/IP) (under the Genera l tab in W in XP) and then click Properties . Figure 228 Windows XP: Local Area Conne ction Properties 5 The Internet Protocol TCP/IP Prop[...]

  • Página 367

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 367 Figure 229 Windows XP: Internet Protocol (TCP/IP) Propert ies 6 If you do not know your gateway's IP ad dress, remove any previously installed gateways in the IP Settings tab and click OK . Do one or more of the fo llowing if you want to configure additi ona[...]

  • Página 368

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 368 Figure 230 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Pr operties window (the General tab in W indow s XP): • Click Obtain DNS server address automatically if yo u do not know your DNS server IP address(es). • If you know your DN[...]

  • Página 369

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 369 Figure 231 Windows XP: Internet Protocol (TCP/IP) Propert ies 8 Click OK to close the Internet Protocol (TCP/IP) Properties window . 9 Click Close ( OK in W i ndows 2000/NT) to close the Local Area Connection Properties window . 10 Close the Network Connections w[...]

  • Página 370

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 370 Figure 232 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 233 Macintosh O S 8/9: TC P/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. 4 For statically assigned settings, do the [...]

  • Página 371

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 371 • T ype your IP address in the IP Address box. • T ype your subnet mask in the Subnet mask box. • T ype the IP address of your ZyXEL Device in the Router address box. 5 Close the TCP/IP Contr ol Panel . 6 Click Save if prompted, to save chan ges to your con[...]

  • Página 372

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 372 Figure 235 Macintosh O S X: Netw ork 4 For statically assigned settings, do the following: •F r o m t h e Configure box, select Manually . • T ype your IP address in the IP Address box. • T ype your subnet mask in the Subnet mask box. • T ype the IP addre[...]

  • Página 373

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 373 " Make sure you are logged in as the root administrator . Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE. 1 Click the Red Hat button (located on the bottom left corner), select System Setting [...]

  • Página 374

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 374 • If you have a dyna mic IP address, clic k Automatically obtain IP address settings with and select dhcp from the drop down list. • If you have a static IP address, click S tatically set IP Addresses and fill in the Address , Sub net mask , and Default Gatew[...]

  • Página 375

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 375 Figure 240 Red Hat 9.0: Dynamic IP Address Setting in ifconfig-eth0 • If you have a static IP address, enter static in t he BOOTPROTO= field. T ype IPADDR = followed by the IP address (in do tted decimal notation) and type NETMASK = followed by the subnet mask.[...]

  • Página 376

    Appendix B Setting up Your Computer’s IP Address NBG410W3G Series User’s Guide 376 V erifying Settings Enter ifconfig in a terminal screen to ch eck your TCP/IP properties. Figure 244 Red Hat 9.0: Checking TCP/IP Properties [root@localhost]# ifconfig eth0 Link encap:Ethernet HWadd r 00:50:BA:72:5B:44 inet addr:172.23.19.129 B cast:172.23.19.255[...]

  • Página 377

    NBG410W3G Series User’s Guide 377 A PPENDIX C IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify ind ividual devices on a network. Every networking device (includin g computers, servers, routers, printe rs, etc.) ne eds an IP address to communicate across the network. These networking devices[...]

  • Página 378

    Appendix C IP Addresses a nd Subnetti ng NBG410W3G Series User’s Guide 378 Figure 245 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the s ubnet mask. Subnet Masks A subnet mask is used to dete rmine which bits are part of th e network number , and which bits are part of[...]

  • Página 379

    Appendix C IP Addresses and Subnetting NBG410W3G Series User’s Guide 379 Subnet masks are expressed in dotted decimal no tation just like IP addresses. The follow ing examples show the binary and decimal not ation for 8-bit, 16-bit, 24-bit an d 29-bit subnet masks. Network Size The size of the network number determines the maximum number of possi[...]

  • Página 380

    Appendix C IP Addresses a nd Subnetti ng NBG410W3G Series User’s Guide 380 Subnetting Y ou can use subnetting to divide one network into multiple sub-networks. In the following example a network administrator creates two sub-networks to isolate a group of servers from the rest of the c ompany network for security reasons. In this example, the com[...]

  • Página 381

    Appendix C IP Addresses and Subnetting NBG410W3G Series User’s Guide 381 Figure 247 Subnetting Example: Af ter Subnetting In a 25-bit subnet the host ID has 7 bits , so each sub-network has a maximum of 2 7 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’ s address itself, all ones is the subnet’ s broadcast address). 192.1[...]

  • Página 382

    Appendix C IP Addresses a nd Subnetti ng NBG410W3G Series User’s Guide 382 Example: Eight Subnet s Similarly , use a 27-bit mask to create eight subnets (000, 00 1, 010, 01 1, 100, 101, 1 10 and 111 ) . The following table shows IP address last octet values for each subnet. T able 127 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST O CTET BIT VA L U [...]

  • Página 383

    Appendix C IP Addresses and Subnetting NBG410W3G Series User’s Guide 383 Subnet Planning The following table is a summary for su bnet planning on a network with a 24-bit network number . The following table is a summary for su bnet planning on a network with a 16-bit network number . 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 225[...]

  • Página 384

    Appendix C IP Addresses a nd Subnetti ng NBG410W3G Series User’s Guide 384 Configuring IP Addresses Where you obtain your netwo rk number depends on your particular situation. If the ISP or your network administrator assigns yo u a bloc k of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If t[...]

  • Página 385

    NBG410W3G Series User’s Guide 385 A PPENDIX D Common Services The following table l ists some commonly-used se rvices and their associated protocols and port numbers. For a comprehensive list of port numbers, ICMP type/code numbers and services, visit the IANA (Internet Assigned Number Authority) web site . • Name : This is a short, descrip tiv[...]

  • Página 386

    Appendix D Common Services NBG410W3G Series User’s Guide 386 FTP TCP TCP 20 21 File Tr a nsfer Program, a program to enable fast transfer of files, including large fil es that may not be possible by e-mail. H.323 TCP 1720 NetMeeting uses this protocol. HTTP TCP 80 Hyper T ext T ransfer Protoco l - a client/ server protocol for the world wide web.[...]

  • Página 387

    Appendix D Common Services NBG410W3G Series User’s Guide 387 RTE L N ET TC P 107 Remote T elnet. RTS P TCP/UDP 554 The Real Time S treaming (media control) Protocol (RTSP) is a remote control for multimedia on the Internet. SFTP TCP 11 5 Simple File Transfer Protocol. SMTP TCP 25 Simple Mail Transfer Protocol is the message-exchange standard for [...]

  • Página 388

    Appendix D Common Services NBG410W3G Series User’s Guide 388[...]

  • Página 389

    NBG410W3G Series User’s Guide 389 A PPENDIX E W ireless LANs Wireless LAN T opologies This section discusses ad-hoc and in frastructure w ireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an inde pendent (Ad-hoc) WLAN that connects a se t of computers with wireless adapters (A, B, C). An y time two or mo[...]

  • Página 390

    Appendix E Wireless LANs NBG410W3G Series User’s Guide 390 Figure 249 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of overlappi ng BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This type of wir[...]

  • Página 391

    Appendix E Wir eless LANs NBG410W3G Series User’s Guide 391 Figure 250 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by wireless devices to transmit and receive data. Channels available depend on your g eographical area. Y ou may have a choice o f channels (for your region) so you should use a channel different from an ad[...]

  • Página 392

    Appendix E Wireless LANs NBG410W3G Series User’s Guide 392 Figure 251 RTS/ CT S When station A sends data to the AP , it might not know that the station B is already using the channel. If these two stations se nd data at the same time, collis ions may occur when both sets of data arrive at the AP at the same time, r esulting in a loss of me ssage[...]

  • Página 393

    Appendix E Wir eless LANs NBG410W3G Series User’s Guide 393 If the Fragmentation Threshold value is smaller than the RT S / C T S value (see previously) you set then the R TS (Request T o Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmen ted before they reach R TS/CTS size. Preamble T ype Preamble is used to sign[...]

  • Página 394

    Appendix E Wireless LANs NBG410W3G Series User’s Guide 394 W ireless security methods availabl e on the ZyXEL Device are data encryption, wireless client authentication, restricting access by devi ce MAC address and hiding the ZyXEL Device identity . The following figure shows th e relative effectiveness of th ese wireless security methods availa[...]

  • Página 395

    Appendix E Wir eless LANs NBG410W3G Series User’s Guide 395 Determines the network services available to authenticated users once they are connected to the network. • Accounting Keeps track of the client’ s network activity . RADIUS is a simple package exchange in whic h your AP acts as a message rela y between the wireless client and the net[...]

  • Página 396

    Appendix E Wireless LANs NBG410W3G Series User’s Guide 396 For EAP-TLS authentication type, you must firs t hav e a wired connection to the network and obtain the certificate(s) from a certificate authorit y (CA). A certificate (als o called digital IDs) can be used to authenticate users and a CA issu es certificates and guar antees the identity [...]

  • Página 397

    Appendix E Wir eless LANs NBG410W3G Series User’s Guide 397 Dynamic WEP Key Exchange The AP maps a unique ke y that is generated w ith the RADIUS server . This key expires when the wireless connection times out, disconnects or reauthentic ation times out. A new WEP key is generated each time r eauthentication is performed. If this feature is enab[...]

  • Página 398

    Appendix E Wireless LANs NBG410W3G Series User’s Guide 398 Encryption Both WP A and WP A2 improve data encryp tion by using T emporal Key Integrity Protocol (TKIP), Message Integrity Check (MIC) and IE EE 802.1x. WP A and WP A2 use Advanced Encryption S tandard (AES) in the Counter mode with Cipher block chaining Message authentication code Proto[...]

  • Página 399

    Appendix E Wir eless LANs NBG410W3G Series User’s Guide 399 Wireless Client WP A Supplicant s A wireless client supplicant is the software that runs on an operating system instructing the wireless client how to use WP A. At the time of writing, the most widely available supplicant is the WP A patch for W indows XP , Funk Software's Odyssey c[...]

  • Página 400

    Appendix E Wireless LANs NBG410W3G Series User’s Guide 400 3 The AP and wireless clients generate a common PMK (Pairwise Master Key). The key itself is not sent over the network, but is derived from the PSK and the SSID. 4 The AP and wireless clients use the TKIP or AES encryption process, the PMK and information exchanged in a handshake to creat[...]

  • Página 401

    Appendix E Wir eless LANs NBG410W3G Series User’s Guide 401 Antenna Overview An antenna couples RF signals onto air . A tran smitter within a wireless device sends an RF signal to the antenna, which propagates the signal through the air . The antenna also operates in reverse by capturing RF signals fro m the air . Positioning the antennas properl[...]

  • Página 402

    Appendix E Wireless LANs NBG410W3G Series User’s Guide 402 Positioning Antennas In general, antennas should be mounted as high as practically possible and free of obstructions. In point-to–point ap plication, position both antennas at the same height and in a direct line of si ght to each othe r to attain the best performance. For omni-directio[...]

  • Página 403

    NBG410W3G Series User’s Guide 403 A PPENDIX F Importing Certificates This appendix shows importing certificat es examples using In ternet Ex plorer 5. Import ZyXEL Device Certificates into Net scape Navigator In Netscape Navigator , you ca n permanently tr ust the ZyXEL Device’ s server certificate by importing it into your operating system as [...]

  • Página 404

    Appendix F Importi ng Certificates NBG410W3G Series User’s Guide 404 1 In Internet Explorer , double click th e lock shown in the following screen. Figure 255 Login Screen 2 Click Install Certificate to open the Install Certificate wizard. Figure 256 Certificate General Information befor e Import 3 Click Next to begin the Install Certificate wiza[...]

  • Página 405

    Appendix F Importing Certificates NBG410W3G Series User’s Guide 405 Figure 257 Certificate Import Wizard 1 4 Select where you would like to store the certificate and then click Next . Figure 258 Certificate Import Wizard 2 5 Click Finish to complete the Import Certificate wizard.[...]

  • Página 406

    Appendix F Importi ng Certificates NBG410W3G Series User’s Guide 406 Figure 259 Certificate Import Wizard 3 6 Click Ye s to add the ZyXEL Device certificate to the root store. Figure 260 Root Certificate S tore[...]

  • Página 407

    Appendix F Importing Certificates NBG410W3G Series User’s Guide 407 Figure 261 Certificate General Information af ter Import Enrolling and Importing SSL Client Certificates The SSL client needs a certificate if Authenticate Client Certificates is selected on the ZyXEL Device. Y ou must have imported at least one trusted CA to the ZyXEL Device in [...]

  • Página 408

    Appendix F Importi ng Certificates NBG410W3G Series User’s Guide 408 Figure 262 ZyXEL Device Trusted CA Screen The CA sends you a package containing the CA ’ s trusted certificate(s), your personal certificate(s) and a password to inst all the personal certificate(s). Inst allin g the CA ’s Certificate 1 Double click the CA ’ s trusted cert[...]

  • Página 409

    Appendix F Importing Certificates NBG410W3G Series User’s Guide 409 Figure 263 CA Certificate Example 2 Click Install Certificate and follow the wizard as show n earlier in this appendix. Inst allin g Y our Personal Certificate(s) Y ou need a password in a dvance. The CA may is sue the password or yo u may have to specify it during the enrollment[...]

  • Página 410

    Appendix F Importi ng Certificates NBG410W3G Series User’s Guide 410 2 The file name and path of the certificate y ou double-clicked should automatically appear in the File name text box. Click Br ow se if you wish to import a different certificate. Figure 265 Personal Certificate Import Wizard 2 3 Enter the password give n to you by the CA. Figu[...]

  • Página 411

    Appendix F Importing Certificates NBG410W3G Series User’s Guide 41 1 Figure 267 Personal Certificate Import Wizard 4 5 Click Finish to complete the wizard and begin the import process. Figure 268 Personal Certificate Import Wizard 5 6 Y ou should see the following screen when the ce rtificate is correctly installed on your computer . Figure 269 P[...]

  • Página 412

    Appendix F Importi ng Certificates NBG410W3G Series User’s Guide 412 Using a Certificate When Accessing the ZyXEL Device Example Use the following procedure to access the ZyXEL Device via HTTPS. 1 Enter ‘https://ZyXEL Device IP Address/ in your browser ’ s web address field. Figure 270 Access th e ZyXEL Device Via HTTPS 2 When Authenticate Cl[...]

  • Página 413

    Appendix F Importing Certificates NBG410W3G Series User’s Guide 413[...]

  • Página 414

    Appendix F Importi ng Certificates NBG410W3G Series User’s Guide 414[...]

  • Página 415

    NBG410W3G Series User’s Guide 415 A PPENDIX G Legal Information Copyright Copyright © 2008 by ZyXEL Communications Corporation. The contents of this publication may not be reprod uced in any part or as a whole, transcribed, stored in a retrieval system, tran slated into any language, or transmitted in any form or by any means, el ectronic, mecha[...]

  • Página 416

    Appendix G Legal Information NBG410W3G Series User’s Guide 416 This device has been tested and foun d to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. Thes e limits are designed to provide reasonable protection against harmful interference in a resi dential installation. This device generates, uses, and[...]

  • Página 417

    Appendix G Legal Information NBG410W3G Series User’s Guide 417 This Class B digital apparatus complies with Canadian ICES-003. Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada. Vie wing Certifications 1 Go to http://www .zyxel.com . 2 Select your product on the ZyXEL home pag e to go to that product's page. 3[...]

  • Página 418

    Appendix G Legal Information NBG410W3G Series User’s Guide 418[...]

  • Página 419

    NBG410W3G Series User’s Guide 419 A PPENDIX H Customer Support In the event of problems that cannot be solved by using this manual, you should contact your vendor . If you cannot contact yo ur vendor , then contac t a ZyXEL office for the region in which you bought the dev ice. Regional of fices are listed below (see also http:// www .zyxel.com/w[...]

  • Página 420

    Appendix H Custo mer Support NBG410W3G Series User’s Guide 420 • Address: 1005F , ShengGao Internationa l T ower , No.137 XianXia Rd., Shanghai • W eb: http://www .zyxel.cn Cost a Rica • Support E-mail: soporte@zyxel.co.cr • Sales E-mail: sales@zyxel.co.cr • T elephone: +506-2017878 • Fax: +506-2 015098 • W eb: www .zyxel.co.cr • [...]

  • Página 421

    Appendix H Customer Support NBG410W3G Series User’s Guide 421 Germany • Support E-mail: support@zyxel.de • Sales E-mail: sales@zyxel.de • T elephone: +49-2405-6909-69 • Fax: +49-2405-6909-99 • W eb: www .zyxel.de • Re g u l ar M a i l: ZyXEL Deut schland GmbH., Adenauerstr . 20/A2 D-52146, W u erselen, Germany Hungary • Support E-ma[...]

  • Página 422

    Appendix H Custo mer Support NBG410W3G Series User’s Guide 422 Malaysia • Support E-mail: support@zyxel.com.my • Sales E-mail: sales@zyxel.com.my • T elephone: +603-8076-9933 • Fax: +603-8076- 9833 • W eb: http://www .zyxel.com.my • Regular Mail: ZyXEL Malaysia Sdn Bhd., 1-02 & 1-03, Jalan Kenari 17F , Bandar Puchong Jaya, 47100 P[...]

  • Página 423

    Appendix H Customer Support NBG410W3G Series User’s Guide 423 Singapore • Support E-mail: support@zyxel.com.sg • Sales E-mail: sales@zyxel.com.sg • T elephone: +65-6899-6678 • Fax: +65-6899-8887 • W eb: http://www .zyxel.com.sg • Regular Mail: ZyXEL Singapore Pte Ltd., No. 2 International Business Park, The Strategy #03-28, Sin gapore[...]

  • Página 424

    Appendix H Custo mer Support NBG410W3G Series User’s Guide 424 T urkey • Support E-mail: cso@zyxel.com.tr • T elephone: +90 212 222 55 22 • Fax: +90-212-220-2 526 • W eb: http:www .zyxel.com.tr • Address: Kaptanpasa Mahallesi Piyalep asa Bulvari Ortadogu Plaza N:14/13 K:6 Okmeydani/Sisli Istanbul/T urkey Ukraine • Support E-mail: su p[...]

  • Página 425

    Index NBG410W3G Series User’s Guide 425 Index Numerics 3G introduction 126 3G . See th ird generation 126 A access point 147 See also AP . address assignment 11 5 , 247 Advanced Encryption St andard See AES. AES 398 ALG 293 RTP 294 SIP 295 STUN 295 alternative subnet mask notation 379 antenna directional 401 gain 401 omni-directional 401 anti-pro[...]

  • Página 426

    Index NBG410W3G Series User’s Guide 426 DHCP clients 326 DHCP table 56 disclaimer 415 DNS 277 DNS server private LAN 248 DNS server address assignment 11 6 DNS service 236 domain name 325 Domain Name System. See DNS. DoS 167 , 183 Dynamic DNS 255 , 256 Dynamic Host Configurat ion Protocol. See DHCP . dynamic WEP key exchange 397 DYNDNS wildcard 2[...]

  • Página 427

    Index NBG410W3G Series User’s Guide 427 IP protocol type 179 ISP paramete rs 59 L LAN 104 load balancing 111 load sharing 111 loading a confi guration file 334 local (user) database 149 and encryption 150 M MAC address 11 6 , 148 filter 162 MAC address filter 148 maintenance 325 Management Information Base. See MIB. managing the device good habit[...]

  • Página 428

    Index NBG410W3G Series User’s Guide 428 PSK 398 R RADIUS 394 message types 395 messages 395 shared secret key 395 RADIUS server 149 Real T ime T ransport Protocol . See RTP . registration product 417 related documentation 3 reload factory-default configura tion file 45 remote management 260 CNM 278 DNS 277 FTP 273 how SSH works 267 HTTPS 260 HTTP[...]

  • Página 429

    Index NBG410W3G Series User’s Guide 429 subnetting 380 syntax conventions 4 system name 325 timeout 260 T target market 35 TCP maximum incomplete 183 TCP/IP priority 11 2 Te l n e t 272 telnet 272 temperature (operation) 345 temperature (storage) 345 T emporal Ke y Integrity Protocol (TKIP) 398 threshold 182 time 327 daylight saving time 329 rese[...]

  • Página 430

    Index NBG410W3G Series User’s Guide 430 with RADIUS application example 399 WP A2 397 user authentication 398 vs WP A2-PSK 398 wireless client supplicant 399 with RADIUS application example 399 WP A2-Pre-Shared Key 397 WP A2-PSK 397 , 398 application example 399 WP A-PSK 397 , 398 application example 399 WWW 261[...]