ZyXEL Communications ZyAIR Wireless Gateway Series manual
- Read online or download the manual
- 420 pages
- 12.82 mb
Go to page of
Similar user manuals
-
Network Router
ZyXEL Communications 35 Series
807 pages 29.16 mb -
Network Router
ZyXEL Communications AMG1302
320 pages 6.18 mb -
Network Router
ZyXEL Communications EXT-118
2 pages 0.15 mb -
Network Router
ZyXEL Communications NBG334SH
290 pages 8.26 mb -
Network Router
ZyXEL Communications NWA570N
2 pages 0.22 mb -
Network Router
ZyXEL Communications AMG1202-T10A
296 pages 9.78 mb -
Network Router
ZyXEL Communications P-660R-T1/T3 V2
15 pages 0.86 mb -
Network Router
ZyXEL Communications MWR102
183 pages 4.3 mb
A good user manual
The rules should oblige the seller to give the purchaser an operating instrucion of ZyXEL Communications ZyAIR Wireless Gateway Series, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.
What is an instruction?
The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of ZyXEL Communications ZyAIR Wireless Gateway Series one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.
Unfortunately, only a few customers devote their time to read an instruction of ZyXEL Communications ZyAIR Wireless Gateway Series. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.
What should a perfect user manual contain?
First and foremost, an user manual of ZyXEL Communications ZyAIR Wireless Gateway Series should contain:
- informations concerning technical data of ZyXEL Communications ZyAIR Wireless Gateway Series
- name of the manufacturer and a year of construction of the ZyXEL Communications ZyAIR Wireless Gateway Series item
- rules of operation, control and maintenance of the ZyXEL Communications ZyAIR Wireless Gateway Series item
- safety signs and mark certificates which confirm compatibility with appropriate standards
Why don't we read the manuals?
Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of ZyXEL Communications ZyAIR Wireless Gateway Series alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of ZyXEL Communications ZyAIR Wireless Gateway Series, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the ZyXEL Communications service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of ZyXEL Communications ZyAIR Wireless Gateway Series.
Why one should read the manuals?
It is mostly in the manuals where we will find the details concerning construction and possibility of the ZyXEL Communications ZyAIR Wireless Gateway Series item, and its use of respective accessory, as well as information concerning all the functions and facilities.
After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.
Table of contents for the manual
-
Page 1
ZyAIR Wireless Gateway Series User's Guide Version 3.50 May 2004[...]
-
Page 2
ZyAIR Wireless Gatew ay Series User’s Guide ii Copyright Copyright Copyright © 2004 by Zy XEL Communications Corporation. The contents of this publ ication m ay not be reprod uced in any part or as a w hole, transcr ibed, stored i n a retrieval system, translated into any langu age, or tr ansmitted in any form or by any means, electronic, mechan[...]
-
Page 3
ZyAIR Wireless Gatew ay Series User’s Guide FCC Statement i ii Federal Communications Commission (FCC) Interference S t atement This device complies with Part 15 of FCC rules. Operation is subject to the following two cond itions: • This device m ay not cause harm ful interferen ce. • This device must accept any interference received, includi[...]
-
Page 4
ZyAIR Wireless Gatew ay Series User’s Guide iv ZyXEL Warranty ZyXEL Limited W arranty ZyXEL warrants to the original end us er (purchaser) that this product is free from any defects in materials or workm anship fo r a period of up to t wo years from the da te of purchase. Duri ng the war ranty period, and upon proof of purchase, should the produc[...]
-
Page 5
ZyAIR Wireless Gatew ay Series User’s Guide Customer Support v Customer Support Please have th e following i nformation re ady when you contact customer s upport. • Product model and serial number. • Warranty Information. • Date that you received your device. • Brief descri ption of t he problem and the steps you took to solve i t. SUPPOR[...]
-
Page 6
ZyAIR Wireless Gatew ay Series User’s Guide vi C ustome r Support SUPPORT E-MAIL TELEPHONE 1 WEB SITE METHOD LOCATION SALES E-MAIL FAX 1 FTP SITE REGULAR MAIL support@zyxel.se +46 31 744 7700 www.zyx el.se SWEDEN sales@zyx el.se +46 31 744 7701 ZyXEL Communications A /S Sjöporten 4, 41764 Göteborg Sweden support@zyxel.fi +358-9-4780-8411 www.zy[...]
-
Page 7
ZyAIR Wireless Gatew ay Series User’s Guide Table of Contents vii T able of Content s Copyright ...................................................................................................................... ................................... ii Federal Communications Commission (FCC) Interfer en ce S tatemen t ...........................[...]
-
Page 8
ZyAIR Wireless Gateway Series User’ s Guide viii Table of Contents 4.1 System Overview ................................................................................................................ ....... 4-1 4.2 Configuring Ge neral Se tup ...................................................................................................... .[...]
-
Page 9
ZyAIR Wireless Gatew ay Series User’s Guide Table of Contents ix 7.10 Security Parameters S u mmary ................................................................................................. 7-1 1 7.11 Wireless Client WP A Su pplicants............................................................................................ 7-12 7.12 Con[...]
-
Page 10
ZyAIR Wireless Gateway Series User’ s Guide x Ta ble of Contents Chapter 1 1 Introduction to Fir ewalls ........................................................................................... ............ 1 1-1 11.1 Firewall Ov erview .............................................................................................................[...]
-
Page 11
ZyAIR Wireless Gatew ay Series User’s Guide Table of Contents xi UPNP AND LOGS.................................................................................................................. ...................... VI Chapter 14 UPnP Screen ......................................................................................................... [...]
-
Page 12
ZyAIR Wireless Gateway Series User’ s Guide xii Table of Contents 17.3 Changing the Syst em Password ............................................................................................... 17-2 17.4 ZyAIR SMT Menu Over view Exam ple ................................................................................... 17-3 17.5 Navigating th[...]
-
Page 13
ZyAIR Wireless Gatew ay Series User’s Guide Table of Contents xiii 23.4.1 Example 1: Int ernet Access On ly ..................................................................................... 23-9 23.4.2 Example 2: Internet Access w ith an Inside Server .........................................................23-11 23.4.3 Example 3: Multiple Pu[...]
-
Page 14
ZyAIR Wireless Gateway Series User’ s Guide xiv Table of Contents 28.2.3 Example of FT P Commands from the Comm and Line.................................................... 28-4 28.2.4 GUI-based F TP Clients .................................................................................................... 28-4 28.2.5 TFTP and FTP over WAN Manag[...]
-
Page 15
ZyAIR Wireless Gatew ay Series User’s Guide Table of Contents xv APPENDICE S .............................................................................................................................................. XI Appendix A T ro ubleshoot ing ...............................................................................................[...]
-
Page 16
ZyAIR Wireless Gateway Series User’ s Guide xvi List of Figures List of Figures Figure 1-1 Internet Acces s Applicati on Example ................................................................................. .......... 1-7 Figure 2-1 W eb Brow ser Addre ss Field ..................................................................................[...]
-
Page 17
ZyAIR Wireless Gatew ay Series User’s Guide List of Figures xvii Figure 8-2 Service T ype ............................................................................................................................... ... 8-2 Figure 8-3 PPPoE Encapsulation ...........................................................................................[...]
-
Page 18
ZyAIR Wireless Gateway Series User’ s Guide xviii List of Figures Figure 16-4 As sociatio n List ................................................................................................... ...................... 16-5 Figure 16-5 Channel Usage (ZyAIR B- 20 00).................................................................................[...]
-
Page 19
ZyAIR Wireless Gatew ay Series User’s Guide List of Figures xix Figure 23-1 Menu 4 In ternet Acce ss Setup ....................................................................................... ........... 23-1 Figure 23-2 Menu 1 1.3 Remote Node Network La yer Options ................................................................... 23-2 Figur[...]
-
Page 20
ZyAIR Wireless Gateway Series User’ s Guide xx List of Figures Figure 26-5 Menu 23.4 Syst em Security : IEEE802 .1x ............................................................................. ... 26-4 Figure 27-1 Menu 24 System Main tenance ......................................................................................... ......... 27-1 [...]
-
Page 21
ZyAIR Wireless Gatew ay Series User’s Guide List of Figures xxi Figure 31-3 Applying Schedule Set( s) to a Remote Node (PP TP) ............................................................... 31-4[...]
-
Page 22
[...]
-
Page 23
ZyAIR Wireless Gatew ay Series User’s Guide Lists of Tables xxiii List of T ables T able 1-1 Model Sp ecific Features.............................................................................................. ................... 1-1 T able 3-1 W izard 1: General Setup ............................................................................[...]
-
Page 24
ZyAIR Wireless Gatew ay Series User’s Guide xxiv Lists of Tables T able 1 1-2 ICMP Commands That T rig ger Alerts ................................................................................... ..... 1 1-6 T able 1 1-3 Legal NetBIOS Commands ......................................................................................................[...]
-
Page 25
ZyAIR Wireless Gatew ay Series User’s Guide Lists of Tables xxv T able 20-1 Internet Account Information ........................................................................................ ............. 20-1 T able 20-2 Menu 4 In ternet Acce ss Setup ........................................................................................ ...[...]
-
Page 26
ZyAIR Wireless Gatew ay Series User’s Guide xxvi Preface Preface Congratulations on your purchase from the ZyAIR Wireless Gateway series. A wireless gateway is an access point and router rolled into one. It is a cost-effect solution to share Internet access with multiple computers and expand your wired network. Some features are not available in [...]
-
Page 27
ZyAIR Wireless Gatew ay Series User’s Guide Preface xxvii • Mouse action s equences are denoted usi ng a com ma. For ex ample, “cli ck the Appl e icon, Control Panels and then Modem ” means first click the Apple icon, then point your mouse pointer to Control Panels and then click Modem . • For brevity’s sake, we will use “e.g.,” as [...]
-
Page 28
[...]
-
Page 29
Overview I Part I: OVERVIEW This part introduces the ma in features and appl ications of the ZyAIR and shows how to access the web configurator and u s e the Wiza rd to configure for Internet Access .[...]
-
Page 30
[...]
-
Page 31
ZyAIR Wireless Gatew ay Series User’s Guide Getting to Know Your ZyAIR 1-1 Chapter 1 Getting to Know Your ZyAIR This chapter introduces the main features and applications of the ZyAIR. 1.1 Introducing the ZyAIR W ireless Gateway Series The ZyAIR Wireless Gateway prov ides wireless connectivity. As an Internet gateway, your ZyAIR can share an Inte[...]
-
Page 32
ZyAIR Wireless Gatew ay Series User’s Guide 1-2 Getting to Know Your ZyAIR Table 1-1 Model Specific Features ZYAIR MODEL FEATURES B-2000 B-2000 V.2 SPI/DoS prevention Firewall, including ACL O SSL Passthrough O O Wi-Fi Protected Access (WPA) O Table Key: An “O” in a model’s column sho ws that t he model has the specified f eature. A number [...]
-
Page 33
ZyAIR Wireless Gatew ay Series User’s Guide Getting to Know Your ZyAIR 1-3 ZyAIR LED The blue ZyA IR LED (als o known as t he Breathing LED) is on when the ZyAIR is on and blinks (or breaths) when data is being tran smitted to/from its wi reless stations. Yo u may use the web configurat or to turn this LED off even when the ZyAIR is on and data i[...]
-
Page 34
ZyAIR Wireless Gatew ay Series User’s Guide 1-4 Getting to Know Your ZyAIR connection start with “https” instead of “http”. The ZyAIR allows SSL c onnections to take place through the ZyAIR. Wi-Fi Protected Access Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specificatio n draft. Key differences between WPA and WE[...]
-
Page 35
ZyAIR Wireless Gatew ay Series User’s Guide Getting to Know Your ZyAIR 1-5 PPTP Encapsulation Point-to-Poi nt Tunnelin g Protocol (PPTP) is a net work prot ocol that enabl es secure transfer of data f rom a remote client to a private server, c reating a Virtual Private Network (VPN) using a TCP/IP-b ased network. PPTP supports on-demand, multi-pr[...]
-
Page 36
ZyAIR Wireless Gatew ay Series User’s Guide 1-6 Getting to Know Your ZyAIR SNMP SNMP (Sim ple Network Managem ent Protocol ) is a pr otocol used for exchanging manag ement informati on between netw ork devices. SNMP is a m e mber of the TC P/IP protoc ol suite. Your ZyAIR supports SNMP agent functionality, which allo ws a manger station to manage[...]
-
Page 37
ZyAIR Wireless Gatew ay Series User’s Guide Getting to Know Your ZyAIR 1-7 1.3 Application for the Zy AIR Here is an application exam ple of what you can do with your ZyAIR. 1.3.1 Internet Access Application Add a wireless LAN to your existing network without expensive network cabl es. Wireles s stations can move freely a nywhere in the covera ge[...]
-
Page 38
[...]
-
Page 39
ZyAIR Wireless Gatew ay Series User’s Guide Introducing the Web Configurato r 2-1 Chapter 2 Introducing the Web Configurator This chapter describes how to access the ZyAIR we b configurator and provides an overview of its screens. 2.1 W eb Configurator Overview The web configurator makes it easy to configure and manage the ZyAIR. The screens you [...]
-
Page 40
ZyAIR Wireless Gatew ay Series User’s Guide 2-2 Introducing the Web Configurator Figure 2-2 Change Password Screen Step 7. You should now see the MAIN MENU screen. The ZyAIR automatically times out af ter five minutes of inactivity . Simply log back into the ZyAIR if this happens to you. 2.3 Resetting the ZyAIR If you forget your password or ca n[...]
-
Page 41
ZyAIR Wireless Gatew ay Series User’s Guide Introducing the Web Configurato r 2-3 2.3.2 Uploading a Configurat ion File via Console Port This method i s only appl icable to Zy AIR models with a console port, suc h as the ZyAIR B-2000. Step 1. Download the defau lt configuration file from the ZyAIR FTP site, unzip it and save it in a folder. Step [...]
-
Page 42
ZyAIR Wireless Gatew ay Series User’s Guide 2-4 Introducing the Web Configurator 2.4 Navigating the Zy AIR W eb Configurator The followin g summari zes how to navi gate the web configurator from the MAIN MENU screen. We use the ZyAIR B-2000v.2 web conf igurator in this guid e as an example. The screen for your model may vary slightly for differe [...]
-
Page 43
ZyAIR Wireless Gatew ay Series User’s Guide Wizard Setup 3-1 Chapter 3 Wizard Setup This chapter provides information on the Wiza rd Setup screens in the web configurator. 3.1 W i zard Setup Overview The web configurator’s setup wizard helps you configur e your Zy AIR for Internet access and set up wireless LAN. 3.1.1 Channel A channel is t he [...]
-
Page 44
ZyAIR Wireless Gatew ay Series User’s Guide 3-2 Wizard Setup 3.2 W i zard Setup: General Setup General Setup contains administrative and syste m-related information. Figure 3-1 Wizard 1: General Setup The following table describes the labels in this screen.[...]
-
Page 45
ZyAIR Wireless Gatew ay Series User’s Guide Wizard Setup 3-3 Table 3-1 Wizard 1: General Setup LA BEL DESCRIPTION System Name It is recommended you type your comp uter 's "Computer name". some ISPs check this name you should enter your computer's "Compute r Name". In Windo ws 95/98 click Start , Settings , Contro[...]
-
Page 46
ZyAIR Wireless Gatew ay Series User’s Guide 3-4 Wizard Setup Figure 3-2 Wizard 2: Wireless LAN Setup The following table describes the labels in this screen. Table 3-2 Wizard 2: Wireless LAN Setup LA BEL DESCRIPTION ESSID Enter a descriptive name (up to 32 printable 7- bit ASCII characters) for the wireless LAN. If you change this field on the Zy[...]
-
Page 47
ZyAIR Wireless Gatew ay Series User’s Guide Wizard Setup 3-5 Table 3-2 Wizard 2: Wireless LAN Setup LA BEL DESCRIPTION WEP Encryption Select Disable allows all wireless computers to communicate with the access points without any data encryption. Select 64-bit WEP or 128-bit WEP to allo w data encryption. ASCII Select this option in order to enter[...]
-
Page 48
ZyAIR Wireless Gatew ay Series User’s Guide 3-6 Wizard Setup Figure 3-3 Wizard 3: Ethernet Encapsulation The following table describes the labels in this screen. Table 3-3 Wizard 3: Ethernet Enca psulation LA BEL DESCRIPTION ISP Parameters fo r Internet Access Encapsulation You must choo se the Ethernet option when the WAN port is used as a reg u[...]
-
Page 49
ZyAIR Wireless Gatew ay Series User’s Guide Wizard Setup 3-7 Table 3-3 Wizard 3: Ethernet Enca psulation LA BEL DESCRIPTION User Name Type the username given to you by your ISP. Password Type the password ass ociated with the username above. Login Server IP Address The ZyAIR will find the Roadrunner Server IP if this field is left blank. If it do[...]
-
Page 50
ZyAIR Wireless Gatew ay Series User’s Guide 3-8 Wizard Setup Figure 3-4 Wizard 3: PPTP Encapsulation The following table describes the labels in this screen. Table 3-4 Wizard 3: PPTP Encapsulation LABEL DESCRIPTION ISP Parameters fo r Internet Access Encapsulation Select PPTP from the drop-down list box. User Name Type the user name given to you [...]
-
Page 51
ZyAIR Wireless Gatew ay Series User’s Guide Wizard Setup 3-9 Table 3-4 Wizard 3: PPTP Encapsulation LABEL DESCRIPTION Nailed-Up Connection Select Nailed-Up Connection if you do not want the connection to time out. Idle Timeout Type the time in seconds that elap ses before the ZyAIR automatically disconnects from the PPTP server. PPTP Configuratio[...]
-
Page 52
ZyAIR Wireless Gatew ay Series User’s Guide 3-10 Wizard Setup Operationally, PPPoE saves sign ificant effort for both the subscri b er and the ISP/carrier, as it requires no specific configuration of the broadban d modem at the subscrib er’s site. By impl ementing PP PoE direct ly on the Zy AIR (rather than indi vidual co mputers), t he comput [...]
-
Page 53
ZyAIR Wireless Gatew ay Series User’s Guide Wizard Setup 3-11 Table 3-5 Wizard 3: PPPoE Encapsulation LABEL DESCRIPTION Encapsulation Choose a n encapsulation method from the p ull-down list box. PPPoE forms a dial- up connection. Service Name Type the name of your serv ice provider. User Name Type the user name given to you by your ISP. Password[...]
-
Page 54
ZyAIR Wireless Gatew ay Series User’s Guide 3-12 Wizard Setup Regardless of your p articular situation, do not create an arbitrary IP address; always follow the guidelines above. For more information on address assig nment, please refer to RFC 1597, Address Allocation for Private Internet s and RFC 1466, Guidelines for Management of IP Address Sp[...]
-
Page 55
ZyAIR Wireless Gatew ay Series User’s Guide Wizard Setup 3-13 3.5.4 W AN MAC Address Every Ethernet device ha s a unique MAC (Media Access Control) address. The MAC address is assigned at the factory an d consists of six pairs of he xadeci mal characters, for exampl e, 00:A 0:C5:00: 00:02. You can co nfigure the WA N port's MAC address by ei[...]
-
Page 56
ZyAIR Wireless Gatew ay Series User’s Guide 3-14 Wizard Setup Figure 3-6 Wizard 4: WAN and DNS The following table describes the labels in this screen. Table 3-8 Wizard 4: WAN and DNS LA BEL DESCRIPTION WAN IP Address Assignment Get automatically from ISP Select this option If your ISP did not assign you a fixed IP address. T his is the default s[...]
-
Page 57
ZyAIR Wireless Gatew ay Series User’s Guide Wizard Setup 3-15 Table 3-8 Wizard 4: WAN and DNS LA BEL DESCRIPTION My WAN IP Subnet Mask Enter the IP subnet mask in this field if you selected Use Fixed IP Address . This field is not available when you select PPPoE and PPTP encapsul ation in the previous wizard screen. Gateway/Remote IP Address Ente[...]
-
Page 58
ZyAIR Wireless Gatew ay Series User’s Guide 3-16 Wizard Setup Table 3-8 Wizard 4: WAN and DNS LA BEL DESCRIPTION Spoof this Computer's MAC address - IP Address Select this option and enter the IP addr ess of the computer on the LAN whose MAC address you are cloning . Once it is successfully configured, the MAC address will be copied to the r[...]
-
Page 59
ZyAIR Wireless Gatew ay Series User’s Guide Wizard Setup 3-17 Figure 3-7 Setup Complete Well done! You have successfully set up your ZyAIR to operate on your networ k and access the Internet.[...]
-
Page 60
[...]
-
Page 61
System, LAN and Wireless II Part II: SYSTEM, LAN AND WIRELESS This part discusse s the System, LAN, and Wireless setup scre ens.[...]
-
Page 62
[...]
-
Page 63
ZyAIR Wireless Gatew ay Series User’s Guide System Screens 4-1 Chapter 4 System Screens This chapter provides information on the System screens. 4.1 System Overview This section provides i nformation on general system setup. 4.2 Configuring General Setup Click ADVANC ED and th en SYSTEM to open the General screen. Figure 4-1 System General Setup [...]
-
Page 64
ZyAIR Wireless Gatew ay Series User’s Guide 4-2 System Screens Table 4-1 System General Setup LABEL DESCRIPTION System Name Type a descriptive name for identific atio n purposes. Some ISPs check this name, so it is recommended you enter your comp uter's "Computer name" This name can be up to 30 alpha numeric charac ters long. Space[...]
-
Page 65
ZyAIR Wireless Gatew ay Series User’s Guide System Screens 4-3 First of all, y ou need to have registere d a dynamic DNS accou nt with ww w.dyndns .org. This is for pe ople with a dynamic IP from their ISP or DHCP serv er th at would still like to have a DNS name. The dynamic DNS service provider will give you a password or key. 4.3.1 DYNDNS Wild[...]
-
Page 66
ZyAIR Wireless Gatew ay Series User’s Guide 4-4 System Screens Figure 4-2 DDNS The following table describes the labels in this screen. Table 4-2 DDNS LABEL DESCRIPTION Enable DDNS Select this check box to activate DDNS. Service Provider Select the name of your DDNS service provi der. DDNS Type Select the t ype of service that you are register ed[...]
-
Page 67
ZyAIR Wireless Gatew ay Series User’s Guide System Screens 4-5 Table 4-2 DDNS LABEL DESCRIPTION User Name Type your user name. Password Type the password assigned to you. Enable Wildcard Option Your ZyAIR supports DYNDNS wildcard. Select the check box to enable. Enable off line option This option is availabl e when CustomDNS is selected in the DD[...]
-
Page 68
ZyAIR Wireless Gatew ay Series User’s Guide 4-6 System Screens Figure 4-3 Password The following table describes the labels in this screen. Table 4-3 Password LABEL DESCRIPTION Old Password Type in your existing system pass word (1234 is the default password). New Password Type your ne w system password (up to 31 characters). Not e that as you ty[...]
-
Page 69
ZyAIR Wireless Gatew ay Series User’s Guide System Screens 4-7 Figure 4-4 Time Setting The following table describes the labels in this screen. Table 4-4 Time Setting LABEL DESCRIPTION Time Protocol Select the time service protocol that your tim e server sends when you turn on the ZyAIR. Not all time servers support all prot ocols, so you ma y ha[...]
-
Page 70
ZyAIR Wireless Gatew ay Series User’s Guide 4-8 System Screens Table 4-4 Time Setting LABEL DESCRIPTION Time Server Address Enter the IP address or the URL of your time server. Check with your ISP/network administrator if you are unsur e of this info rmation (the default is tick.stdtime.gov.tw). Current Time (hh:mm:ss) This field displays the tim[...]
-
Page 71
ZyAIR Wireless Gatew ay Series User’s Guide LAN Screens 5-1 Chapter 5 LAN Screens This chapter describes how to configure LAN settings. 5.1 LAN Overview Local Area Network (L AN) is a shared comm unication sy stem to which many computers are attached. The LAN screens can help you configure a LAN DHCP server , manag e IP addresses, and partition y[...]
-
Page 72
ZyAIR Wireless Gatew ay Series User’s Guide 5-2 LAN Screens 5.3 DHCP Setup DHCP (Dynamic H ost Configuration Protoco l, RFC 2131 and RFC 2132) allows indiv idual clients to obtain TCP/IP config uration at start -up from a ser ver. You can configure the ZyAIR as a DHCP server or disable it. When confi gured as a server, the ZyAIR provides the TCP/[...]
-
Page 73
ZyAIR Wireless Gatew ay Series User’s Guide LAN Screens 5-3 5.6 Multicast Traditionally, IP packets are tran smitted in one of eith er two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everyb ody on the network). Multi cast delivers IP packets to a group of hosts o n the network - not e verybody and not just 1. IGMP (Inte rnet [...]
-
Page 74
ZyAIR Wireless Gatew ay Series User’s Guide 5-4 LAN Screens Figure 5-2 IP The following table describes the labels in this screen. Table 5-1 IP LABEL DESCRIPTION DHCP Setup DHCP Server Select this option to allow your ZyAIR to assign IP addresses, an IP default gateway and DNS servers to Windows 95, Windo ws NT and other systems that support the [...]
-
Page 75
ZyAIR Wireless Gatew ay Series User’s Guide LAN Screens 5-5 Table 5-1 IP LABEL DESCRIPTION Pool Size This field specifies the size or count of the IP addr ess pool. DNS Servers Assigned by DHCP Server First DNS Server Second DNS Server Third DNS Server Select From ISP if your ISP dynamically assigns DNS serv er information (and the ZyAIR's W[...]
-
Page 76
ZyAIR Wireless Gatew ay Series User’s Guide 5-6 LAN Screens Table 5-1 IP LABEL DESCRIPTION Reset Click Reset to reload the pr evious configurati on for this screen.[...]
-
Page 77
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Configuration and Roamin g 6-1 Chapter 6 Wireless Configuration and Roaming This chapter discusses how to configure the Wireless and Roaming screen s on the ZyAIR. 6.1 Wireless LAN Overview This section introduces the wireless LA N(WLAN) and so me basi c scenar ios. 6.1.1 IBSS An Independent Ba[...]
-
Page 78
ZyAIR Wireless Gatew ay Series User’s Guide 6-2 Wireless Configuration and Roaming Figure 6-2 Basic Service set 6.1.3 ESS An Extended Service Set (ESS) consists of a series of overlapping BSSs, each contai ning an access point, with each access point conne cted together by a wired ne twork. This wired connection between APs is called a Distributi[...]
-
Page 79
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Configuration and Roamin g 6-3 Figure 6-3 Extended Service Set 6.2 W ireless LAN Basics Refer also to the Wizard Setup chapter for more backgro und information on Wireless LAN features, such as channels. 6.2.1 RTS/CTS A hidden node occurs when two stati ons are within range of the sam e acce ss[...]
-
Page 80
ZyAIR Wireless Gatew ay Series User’s Guide 6-4 Wireless Configuration and Roaming Figure 6-4 RTS/CTS When station A sends data to th e ZyAIR, it might not know that station B is already using the channel. If these two stations send data at the same time, collision s may occur when both sets of data arrive at the AP at the same time, resulting in[...]
-
Page 81
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Configuration and Roamin g 6-5 A large Fragmentation Thre shold is recommend ed for networks no t prone to interfere nce while you shou ld set a smaller t hreshold for busy networ ks or networ ks that are prone to i nterference . If the Fragmentation Thres hold value is smaller than th e RTS/CT[...]
-
Page 82
ZyAIR Wireless Gatew ay Series User’s Guide 6-6 Wireless Configuration and Roaming Figure 6-5 Wireless The following table describes the general wireless LAN labels in this screen.[...]
-
Page 83
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Configuration and Roamin g 6-7 Table 6-1 Wireless LABEL DESCRIPTION Enable Wireless LAN Click the check box to activate wireless LAN. ESSID (Extended Service Set IDentity) T he ESSI D identifies the Service Set with which a wireless station is associated . Wireless stations associating to the a[...]
-
Page 84
ZyAIR Wireless Gatew ay Series User’s Guide 6-8 Wireless Configuration and Roaming 6.4 Configuring Roaming A wireless station is a device with an IEEE 802.11b c o mpliant wireless a dapter. An access point (AP) acts as a bridge betwe en the wireless and wi red network s. An AP creates its own wireless coverage area. A wireless station can associa[...]
-
Page 85
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Configuration and Roamin g 6-9 Step 1. As wireless station Y moves from the cover age area of a ccess point AP 1 to that of access point AP 2 , it scans and uses the signal of access point AP 2 . Step 2. Access point AP 2 acknowledges the presence of wireless station Y and relays this informati[...]
-
Page 86
ZyAIR Wireless Gatew ay Series User’s Guide 6-10 Wireless Configuration and Roaming Table 6-2 Roaming LABEL DESCRIPTION Active Select Yes from the drop-down list box to e nable roaming on the ZyAIR if you have two or more ZyAIRs on the same subnet. All APs on the same subnet and the wireless st ations must have the same ESSID to allo w roaming. P[...]
-
Page 87
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Security 7-1 Chapter 7 Wireless Security This Chapter describes how to use the MAC F ilter, 802.1x, Local User Database and RADIUS to configure wireless security on your ZyAIR. 7.1 Wireless Security Overview Wireless security is vital to your network to prot ect wireless communicati on between [...]
-
Page 88
ZyAIR Wireless Gatew ay Series User’s Guide 7-2 Wireless Security 7.2.1 Dat a Encr yption WEP provides a mechanism for encrypting data us ing en cryption keys. Both th e AP and the wireless stations must use the same WEP key t o encrypt and decrypt data. Your ZyAIR allows you to configure up to four 64- bit or 128- bit WEP key s, but o nly one ke[...]
-
Page 89
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Security 7-3 Shared key authentication involves a four-message procedure. A wireless station sends a shared key authentication request to the AP, which will then reply with a challenge text message. The wireless station must then use the AP’s default WEP key to en crypt the challenge text an [...]
-
Page 90
ZyAIR Wireless Gatew ay Series User’s Guide 7-4 Wireless Security Figure 7-3 Wireless The following table d escribes the wireless LAN security lab els in this screen.[...]
-
Page 91
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Security 7-5 Table 7-1 Wireless : WEP Fields LABEL DESCRIPTION WEP Encryption Select Disable to allow wireless stations to communi cate with the access points without any data encryption. Select 64-bit WEP or 128-bit WEP to enable data e ncryption. Authentication Method This field is activated [...]
-
Page 92
ZyAIR Wireless Gatew ay Series User’s Guide 7-6 Wireless Security 7.4 MAC Filter The MAC filter screen allows you to confi gure the ZyAIR to give exclusive access to up to 32 devices (Allow Association) or exclude up to 32 devices from accessing the ZyAIR (D eny Association). Every Ethernet devic e has a uni que MAC (M edia Access C ontro l) addr[...]
-
Page 93
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Security 7-7 Figure 7-4 MAC Address Filter The following table describes the labels in this menu.[...]
-
Page 94
ZyAIR Wireless Gatew ay Series User’s Guide 7-8 Wireless Security Table 7-2 MAC Address Filter LA BEL DESCRIPTION Active Select Yes from the drop down list bo x to enable MAC address filtering. Filter Action Define the filter action for t he list of MAC addresses in the MAC A ddress table. Select Deny Association to block access to the ZyAIR, MAC[...]
-
Page 95
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Security 7-9 7.7 Introduction to WP A Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specificatio n draft. Key differences between WPA and WEP are user authenti cation an d improve d data encrypt ion. 7.7.1 User Authentication WPA applies IEEE 802.1x a nd Extensible Authe[...]
-
Page 96
ZyAIR Wireless Gatew ay Series User’s Guide 7-10 Wireless Security Step 1. First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key (PSK) must consist of between 8 a nd 63 ASCII characters (including spaces and symbols). Step 2. The AP checks each clie nt’s password and (only) allows it t o join the network if it[...]
-
Page 97
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Security 7-11 Figure 7-6 WPA with RADIUS Application Example 7.10 Security Parameters Summary Refer to this table to see what other secu rity pa rameters you shoul d configure for each Authentication Method/ key m anagement protocol ty pe. Yo u e nter manual keys by first selecting 64-bit WEP o[...]
-
Page 98
ZyAIR Wireless Gatew ay Series User’s Guide 7-12 Wireless Security Table 7-3 Wireless Security Relational Matrix AUTHENTICATION METHOD/ KEY MANAGEMENT PROTOCOL ENCRYPTION METHOD ENTER MA NUAL KE Y IEEE 802.1X Open None No Disable No Enable with Dynamic WEP Key Yes Enable without Dynamic WEP Key Open WEP Yes Disable No Enable with Dynamic WEP Key [...]
-
Page 99
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Security 7-13 Figure 7-7 Wireless LAN: 802.1x/WPA The following table describes the labels in this screen. Table 7-4 Wireless LAN: 802.1x/WPA LABEL DESCRIPTION Wireless Port Control To control wireless stations access to the wired net work, select a control method from the drop-down list box. C[...]
-
Page 100
ZyAIR Wireless Gatew ay Series User’s Guide 7-14 Wireless Security Figure 7-8 Wireless LAN: 802. 1x/WPA for 802.1x Protocol The following table describes the labels in this screen. Table 7-5 Wireless LAN: 802.1x/WPA for 802.1x Protocol LABEL DESCRIPTION Wireless Port Control To control wireless stations access to the wired net work, select a cont[...]
-
Page 101
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Security 7-15 Table 7-5 Wireless LAN: 802.1x/WPA for 802.1x Protocol LABEL DESCRIPTION ReAuthentication Timer (In Seconds) Specify how often wireless stations have to reenter usern ames and passwords in order to stay connected. This field is activated on ly when you select Authentication Requir[...]
-
Page 102
ZyAIR Wireless Gatew ay Series User’s Guide 7-16 Wireless Security Table 7-5 Wireless LAN: 802.1x/WPA for 802.1x Protocol LABEL DESCRIPTION Authentication Databases The authentication databas e cont ains wireless station login information. The local user database is the built-in databas e on the ZyAIR. The RADIUS is an external server. Use this d[...]
-
Page 103
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Security 7-17 Figure 7-9 Wireless LAN: 802. 1x/WPA for WPA Protocol The following table describes the labels not previousl y discusse d Table 7-6 Wireless LAN: 802.1x/WPA for WPA Protocol LABEL DESCRIPTION Key Management Protocol Choose WPA in this field. WPA Mixed Mode The ZyAIR can operate in[...]
-
Page 104
ZyAIR Wireless Gatew ay Series User’s Guide 7-18 Wireless Security Table 7-6 Wireless LAN: 802.1x/WPA for WPA Protocol LABEL DESCRIPTION Authentication Databases When you configure Key Management Protocol to WPA , the Authentication Databases must be RADIUS Only . You can only use the L ocal User Database Only with 802.1x Key Management Protocol [...]
-
Page 105
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Security 7-19 Table 7-7 Wireless LAN: 802.1x/WPA for WPA-PSK Proto col LABEL DESCRIPTION Key Management Protocol Choose WPA-PSK in this field. Pre-Shared Key The encryption mechanisms used for WPA and WPA- PSK are the same. The only difference between the t wo is that WPA-PSK uses a simple comm[...]
-
Page 106
ZyAIR Wireless Gatew ay Series User’s Guide 7-20 Wireless Security Figure 7-11 Local User Database The following table describes the labels in this screen.[...]
-
Page 107
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Security 7-21 Table 7-8 Local User Database LABEL DESCRIPTION Active Select this option to activate the user profile. User Name Enter the user name (up to 31 characters) for this user profile. Password T ype a password (up to 31 characters) for this user profil e. Note that as you type a passwo[...]
-
Page 108
ZyAIR Wireless Gatew ay Series User’s Guide 7-22 Wireless Security • Access-Challenge Sent by a RADIUS server requesting m ore inform ation in order to allow access. The access point sends a proper response from the user and then sends another Access-Request m essage. The following types of RADIUS m essages are exchange d between the access poi[...]
-
Page 109
ZyAIR Wireless Gatew ay Series User’s Guide Wireless Security 7-23 • The ZyAIR sends a “request identity” message to the wireless station for identity information. • The wireless station replies with identity information, including username and p assword. • The RADIUS serve r checks the user inform ation against its user profile d ataba[...]
-
Page 110
ZyAIR Wireless Gatew ay Series User’s Guide 7-24 Wireless Security Table 7-9 RADIUS LABEL DESCRIPTION Authentication Server Active Select Yes from the drop down list box to enab le user authentic ation through an external authenticati on server. Server IP Address Enter the IP address of the external authentication server in dotted dec imal notati[...]
-
Page 111
WAN III Part III: WAN This part covers the web configurator screen and information about W AN.[...]
-
Page 112
[...]
-
Page 113
ZyAIR Wireless Gatew ay Series User’s Guide WAN Screens 8-1 Chapter 8 WAN Screens This chapter describes how to c onfigure the ZyAIR WAN screens. 8.1 W AN Overview A WAN (Wi de Area Netw ork) is an outside con nection to a nother net work or the I nternet. See the Wizard Setup cha pter for more back ground inform ation on most fields in the WAN s[...]
-
Page 114
ZyAIR Wireless Gatew ay Series User’s Guide 8-2 WAN Screens Table 8-1 Ethernet Encapsulation LABEL DESCRIPTION Encapsulation You must choose the Ethernet opt ion when the WAN port is used as a regular Ethernet. Service Type Select from Standard , RR-Toshiba (RoadRunner Toshiba authentication method), RR-Manager (Roadrunner Manager authent ication[...]
-
Page 115
ZyAIR Wireless Gatew ay Series User’s Guide WAN Screens 8-3 Table 8-2 Service Type LABEL DESCRIPTION Encapsulation You must choose the Ethern et opt ion when the WAN port is used as a regular Ethernet. Service Type Select from Standard , RR-Toshiba (RoadRunner Toshiba authenticatio n method), RR-Manager (Roadrunner Manager authent ication method)[...]
-
Page 116
ZyAIR Wireless Gatew ay Series User’s Guide 8-4 WAN Screens Figure 8-3 PPPoE Encapsulation The following table describes the labels in this screen. Table 8-3 PPPoE Encapsulation LABEL DESCRIPTION ISP Parameters fo r Internet Access Encapsulation The PPP over Ethernet choice is for a dial-up connection using PPPoE. The Z yAIR supports PPPoE (Point[...]
-
Page 117
ZyAIR Wireless Gatew ay Series User’s Guide WAN Screens 8-5 Table 8-3 PPPoE Encapsulation LABEL DESCRIPTION Apply Click Apply to save your changes back to the ZyAIR. Reset Click Reset to beg in configuring this screen afresh. 8.2.3 PPTP Encapsulation Point-to-Poi nt Tunnelin g Protocol (PPTP) is a net work prot ocol that enabl es secure transfer [...]
-
Page 118
ZyAIR Wireless Gatew ay Series User’s Guide 8-6 WAN Screens Figure 8-4 PPTP Encapsulation The following table describes the labels in this screen. Table 8-4 PPTP Encapsulation LABEL DESCRIPTION ISP Parameters fo r Internet Access Encapsulation PPTP supports on-deman d, multi-pr otocol, and virtual privat e networking o ver public networks, such a[...]
-
Page 119
ZyAIR Wireless Gatew ay Series User’s Guide WAN Screens 8-7 Table 8-4 PPTP Encapsulation LABEL DESCRIPTION User Name Type the user name given to you b y your ISP. Password Type the password associated with the user name abov e. Retype to Confirm Type your pass word again here to ensure that what you entered i n the Password field above was what y[...]
-
Page 120
ZyAIR Wireless Gatew ay Series User’s Guide 8-8 WAN Screens 8.4 Configur ing W AN IP To change your ZyAIR’s WAN IP settings, click ADVANCED , WAN an d then the IP tab. Figure 8-5 IP Setup The following table describes the labels in this screen. Table 8-5 IP Setup LA BEL DESCRIPTION WAN IP Address Assignment[...]
-
Page 121
ZyAIR Wireless Gatew ay Series User’s Guide WAN Screens 8-9 Table 8-5 IP Setup LA BEL DESCRIPTION Get automatically from ISP Select this option If your ISP did not assign you a fixed IP address. This is the default selection. Use fixed IP address Select this option If the ISP assigned a fixed IP address. My WAN IP Address Enter the ZyAIR WAN IP a[...]
-
Page 122
ZyAIR Wireless Gatew ay Series User’s Guide 8-10 WAN Screens Table 8-5 IP Setup LA BEL DESCRIPTION Private (PPPoE and PPTP only) This parameter determines if the Z yAIR will include the route to this remote node in its RIP broadcasts. If select Yes , this route is kept privat e and not included in RIP broadcast. If select No , the route to this r[...]
-
Page 123
ZyAIR Wireless Gatew ay Series User’s Guide WAN Screens 8- 11 Table 8-5 IP Setup LA BEL DESCRIPTION Allow between LAN and WAN Select this check box to forward NetBIOS packets from the LAN to the WAN and from the WAN to the LAN. If your firewall is enabled with the default polic y set to block WAN to LAN traffic, you also need to enable the def au[...]
-
Page 124
[...]
-
Page 125
SUA/NAT and Static Route IV Part IV: SUA/NAT AND STATIC ROUTE This part covers the inform ation about SUA/NA T and S tatic Route setup.[...]
-
Page 126
[...]
-
Page 127
ZyAIR Wireless Gatew ay Series User’s Guide SUA/NAT 9-1 Chapter 9 Single User Account (SUA) / Network Address Translation (NAT) This chapter discusses how to configure SUA/NAT on the ZyAIR . 9.1 NA T Overview NAT (Network Address Tran slation - NAT, RFC 1631) is the translation of the IP addr ess of a host in a packet. For example, the so urce ad[...]
-
Page 128
ZyAIR Wireless Gatew ay Series User’s Guide 9-2 SUA/NAT NA T never changes the IP address (either local or global) of an outside host. 9.1.2 What NA T Does In the simplest form, NAT changes the source IP address in a packet recei ved from a subscriber (the inside local address) t o another (the inside global address ) before forwarding t he packe[...]
-
Page 129
ZyAIR Wireless Gatew ay Series User’s Guide SUA/NAT 9-3 Figure 9-1 How NAT Works 9.1.4 NA T Application The following figure illu strates a possible NAT applicatio n, where three inside LANs (logical LANs using IP Alias) behi nd the ZyAIR ca n comm unicate with three distinct WA N networks. More exam ples follow at the end of this chapter.[...]
-
Page 130
ZyAIR Wireless Gatew ay Series User’s Guide 9-4 SUA/NAT Figure 9-2 NAT Application w ith IP Alias 9.1.5 NA T Mapping T ypes NAT supports five types of IP/port m apping. They are: One to One : In One-to-One mode, the ZyAIR maps o ne local IP address to one gl obal IP addres s. Many to One : In Many-to-One m ode, the ZyAIR maps multiple loc[...]
-
Page 131
ZyAIR Wireless Gatew ay Series User’s Guide SUA/NAT 9-5 Server : This type allows you to sp ecify inside server s of different services b ehind the NAT to be accessible to the outside world. Port numbers do not change for One-to-One and Many-One-to-One NA T mapping types. The following table su mm arizes these types. T able 9-2 NA T Mapping T[...]
-
Page 132
ZyAIR Wireless Gatew ay Series User’s Guide 9-6 SUA/NAT 9.2 SUA Server An SUA server set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visibl e to the outside w o rld even thou gh SUA makes y our whole inside networ k appear as a si ngle computer to the outside world. You may enter a single port n[...]
-
Page 133
ZyAIR Wireless Gatew ay Series User’s Guide SUA/NAT 9-7 Table 9-3 Services and Port Numbers SERVICES PORT NUMBER SNMP (Simple Network Management Protocol) 161 SNMP trap 162 PPTP (Point-to-Point Tunnelin g Protocol) 1723 9.2.2 Configuring Server s Behind SUA (Example) Let's say you want to assign ports 22 -25 to one server, por t 80 to an oth[...]
-
Page 134
ZyAIR Wireless Gatew ay Series User’s Guide 9-8 SUA/NAT Figure 9-4 SUA/NAT Setup The following table describes the labels in this screen. Table 9-4 SUA/NAT Setup LABEL DESCRIPTION Default Server In addition to the servers for specified services, NAT supp orts a default server. A default server receives packets from ports that are not specified in[...]
-
Page 135
ZyAIR Wireless Gatew ay Series User’s Guide SUA/NAT 9-9 Table 9-4 SUA/NAT Setup LABEL DESCRIPTION Start Port End Port Enter a port number here. To forward only one port, enter the port num ber in the Start Port field and then type it again in the End Port field. To specify a range of ports, ent er the start port number in the Start Port field and[...]
-
Page 136
ZyAIR Wireless Gatew ay Series User’s Guide 9-10 SUA/NAT Figure 9-5 Address Mapping The following table describes the labels in this screen. Table 9-5 Address Mapping LABEL DESCRIPTION # T his field displays the index number of the address mappin g rule. Local Start IP This refers to the Inside Local Addre ss (ILA), that is the starti ng local IP[...]
-
Page 137
ZyAIR Wireless Gatew ay Series User’s Guide SUA/NAT 9-11 Table 9-5 Address Mapping LABEL DESCRIPTION Insert Click Insert to insert a new mapping rule before an existin g one. Edit Click Edit to go to the Address Ma pping Rule screen. Delete Click Delete to delete an address mapping rule. 9.4.1 Configuring Address Mapping Rule To edit an address m[...]
-
Page 138
ZyAIR Wireless Gatew ay Series User’s Guide 9-12 SUA/NAT Table 9-6 Address Mapping Rule LABEL DESCRIPTION Local End IP This is the end local IP address (ILA). If your rule is for all lo cal IP addresses, then enter 0.0.0.0 as the Local Start IP address and 255.255.2 55.255 as the Local End IP address. This field is N/A for One-to-One and Serv er [...]
-
Page 139
ZyAIR Wireless Gatew ay Series User’s Guide Static Route 10-1 Chapter 10 Static Route This chapter shows you how to config ure static routes for your ZyAIR. 10.1 S t atic Route Overview Each remote n ode specifies only the netw ork to which t he gateway is directly conne cted, and the ZyAIR has no knowledge of the networks bey o nd. For i nstance[...]
-
Page 140
ZyAIR Wireless Gatew ay Series User’s Guide 10-2 Static Route Figure 10-2 IP Static Route Summary The following table describes the labels in this screen. Table 10-1 IP Static Route Summary LABEL DESCRIPTION # This field displays an individual static route i ndex number. Name This field displays the name that describes or identifi es this route. [...]
-
Page 141
ZyAIR Wireless Gatew ay Series User’s Guide Static Route 10-3 Table 10-1 IP Static Route Summary LABEL DESCRIPTION Delete To remove a static route on the ZyAIR, click the radio button next to the static route index number you want to remove, then click Delete . 10.2.1 Configuring Route Entry Select a static route index num ber and click Edit . Th[...]
-
Page 142
ZyAIR Wireless Gatew ay Series User’s Guide 10-4 Static Route Table 10-2 Edit IP Static Route LABEL DESCRIPTION Destination IP Address Type the IP network address of the final destination. Routing is al ways based on network number. If you need to specify a route to a singl e host, use a subnet mask of 255.255.255.255 in the subn et mask field to[...]
-
Page 143
Firewall and Remote Manageme nt V Part V: FIREWALL A ND REMOTE MANAGEMENT This part introduces fire walls in general and the ZyAIR firewall. It also explains custom port s and gives example firewall rules and informa tion on Remote Management.[...]
-
Page 144
[...]
-
Page 145
ZyAIR Wireless Gatew ay Series User’s Guide Introduction to Firewalls 11-1 Chapter 11 Introduction to Firewalls This chapter gives some background information on firewalls and introduces the ZyAIR firewall. This chapter is not applicable to the ZyAIR B-2000 . 11.1 Firewall Overview Originally, the term firewall referred to a construction techn iq[...]
-
Page 146
ZyAIR Wireless Gatew ay Series User’s Guide 11-2 Introduction to Firewalls i. Information hi ding prevents the nam es of internal systems from being made known via D NS to outside system s, since the ap plication gate way is the only host wh ose name m ust be made know n to outside systems. ii. Robust au thentication and logging pre-au thenticat [...]
-
Page 147
ZyAIR Wireless Gatew ay Series User’s Guide Introduction to Firewalls 11-3 Figure 11-1 Fire wall Application 11.4.1 Basics Computers s hare inform ation over the Internet usi ng a com mon languag e called TCP/ IP. TCP/IP, in turn, i s a set of applicati on protocol s that perform specific functions. An “extensi on number”, call ed the "T[...]
-
Page 148
ZyAIR Wireless Gatew ay Series User’s Guide 11-4 Introduction to Firewalls 11.4.2 T ypes of DoS Att acks There are four types of DoS a ttacks: 1. Those that e xploit bu gs in a TCP/IP im plementation. 2. Those that exploit weaknesse s in the TCP/IP specification. 3. Brute-force attacks that flood a network with useless data. 4. IP Spoofing. 1. &q[...]
-
Page 149
ZyAIR Wireless Gatew ay Series User’s Guide Introduction to Firewalls 11-5 2-a SYN Attack floods a targeted system with a series of SYN packets. Each packet causes the targeted system to issue a SYN-ACK response. Wh ile the targeted system waits for the ACK that follows the SYN-ACK, it queues up all outstandi ng SYN-ACK responses on what is k now[...]
-
Page 150
ZyAIR Wireless Gatew ay Series User’s Guide 11-6 Introduction to Firewalls Figure 11-4 Smurf Attack ICMP Vulnerability ICMP is a n error-re porting protocol t hat works i n conc ert with IP. The following ICMP types trigger an alert: Table 11-2 ICMP Commands That Tr igger Alerts 5 REDIRECT 13 TIMESTAMP_REQUEST 14 TIMESTAMP_REPLY 17 ADDRESS_MA[...]
-
Page 151
ZyAIR Wireless Gatew ay Series User’s Guide Introduction to Firewalls 11-7 Table 11-4 Legal SMTP Commands AUTH DATA EHLO ETRN EXPN HELO HELP MAIL NOOP QUIT RCPT RSET SAML SEND SOML TURN VRFY Traceroute Traceroute is a utility used to determ ine the path a packet takes between t w o endpoints. Some times when a packet filter firewall is config[...]
-
Page 152
ZyAIR Wireless Gatew ay Series User’s Guide 11-8 Introduction to Firewalls Figure 11-5 Stateful Inspection The previous figure shows the Zy AIR’s defaul t firewall rules in action as well as demonstrates how stateful inspection works. User A can initiate a Teln et session from within the LAN and responses to this request are allowed. However ot[...]
-
Page 153
ZyAIR Wireless Gatew ay Series User’s Guide Firewall Screens 12-1 Chapter 12 Firewall Screens This chapter shows you how to configure your ZyAIR firewall. This chapter is not applicable to the ZyAIR B-2000. 12.1 Access Methods The web confi gurator is, by far, the most comprehensi ve firewall c onfiguration tool your ZyAIR has t o offer. For this[...]
-
Page 154
ZyAIR Wireless Gatew ay Series User’s Guide 12-2 Firewall Screens If you configure firewall rules without a good underst anding of how they work, you might inadvertently introduce security risks to the fire w all and to the protected network. Make sure y ou test your rules af ter you configure th em. For example, you may create rules t o : ♦ Bl[...]
-
Page 155
ZyAIR Wireless Gatew ay Series User’s Guide Firewall Screens 12-3 2. Is it possible to modify the rule to be more specifi c? For example, if IRC is blocked for all users, will a rule that blocks just certain users be more ef fective? 3. Does a rule that allows Inte rnet users access to resources on the LAN create a security vulnerability? For exa[...]
-
Page 156
ZyAIR Wireless Gatew ay Series User’s Guide 12-4 Firewall Screens 12.5 Connection Direction Examples This section de scribes examples for fire wall rules for conne ctions goin g from LAN t o WAN and from WA N to LAN. LAN to LAN/ZyAIR and WAN to WAN/ ZyAIR rules apply to packets com i ng in on the associated interface (LAN or WAN respectiv ely). L[...]
-
Page 157
ZyAIR Wireless Gatew ay Series User’s Guide Firewall Screens 12-5 Figure 12-1 LAN to WAN Traffic 12.5.2 W AN to LAN Rules WAN-to-LAN rules are Internet to your local network firewall rules. The default is to block all traffic from the Internet to your local network. How can you forward certain WAN to LAN traffic ? You may allow traffic originatin[...]
-
Page 158
ZyAIR Wireless Gatew ay Series User’s Guide 12-6 Firewall Screens Figure 12-2 WAN to LA N Traffic 12.6 Enabling Firewall The ordering of your rules is very import ant as rules are applied in turn. The default rules allow LAN-to-WAN traffic and deny traffic initiated from WAN-to-LAN. You may block traffic initiated from the LAN by configuring bloc[...]
-
Page 159
ZyAIR Wireless Gatew ay Series User’s Guide Firewall Screens 12-7 Figure 12-3 Fire wall Settings The following table describes the labels in this screen. Table 12-1 Firewall Settings LA BEL DESCRIPTION Enable Firewall Select this che ck box to activate the firewall. The ZyAIR per forms access control and protects against Denial of Service (DoS ) [...]
-
Page 160
ZyAIR Wireless Gatew ay Series User’s Guide 12-8 Firewall Screens Table 12-1 Firewall Settings LA BEL DESCRIPTION Packets to Log Choose what LA N to W AN packets to log. Choose from: • No Log • Log Blocked (blocked LAN to WAN services appear in the Blocked Services textbox in the Services screen (with Enable Ser vices Blocking selected)) • [...]
-
Page 161
ZyAIR Wireless Gatew ay Series User’s Guide Firewall Screens 12-9 Figure 12-4 Fire wall Filter The following table describes the labels in this screen. Table 12-2 Firewall Filter LABEL DESCRIPTION Restrict Web Features Select the categories of web featur es that you want to restrict.[...]
-
Page 162
ZyAIR Wireless Gatew ay Series User’s Guide 12-10 Firewall Screens Table 12-2 Firewall Filter LABEL DESCRIPTION ActiveX ActiveX is a tool for building dynamic and act ive Web pages and distri buted object applications. When yo u visit an ActiveX Web site, ActiveX controls ar e downloaded to your browser, where they remain in case yo u visit the s[...]
-
Page 163
ZyAIR Wireless Gatew ay Series User’s Guide Firewall Screens 12-11 12.6.2 Configuring Firewall Services Click ADVANC ED , FIREWALL and then the Services tab to open the Services screen. Use this screen to enable service blocking, e n ter/delet e/modify t he services yo u want to bl ock and t he date/tim e you want to block them . Figure 12-5 Fire[...]
-
Page 164
ZyAIR Wireless Gatew ay Series User’s Guide 12-12 Firewall Screens Table 12-3 Creating/Editing A Fire w all Rule LABEL DESCRIPTION Enable Services Blocking Select the check box to activate service blocking. Available Services This is a list of pre-defined se rvices (ports) yo u may proh ibit your LAN com puters from using. Select the port you wan[...]
-
Page 165
ZyAIR Wireless Gatew ay Series User’s Guide Firewall Screens 12-13 12.6.3 Predefined Services The Available Services list box in the Services screen (see Figure 12-5 ) displays all predefined services that the ZyAIR already supports. Next to the na me of the se rvice, two fields a ppear in brackets. The first fi eld indicates the I P protocol typ[...]
-
Page 166
ZyAIR Wireless Gatew ay Series User’s Guide 12-14 Firewall Screens Table 12-4 Predefined Services SERVICE DESCRIPTION NNTP(TCP:119) Network News Transport Protoc ol is the deli very mechanism for the USENET newsgroup service. PING(ICMP:0) Packet INternet Groper is a prot ocol that sends out ICMP echo requests to test whether or not a remote host [...]
-
Page 167
ZyAIR Wireless Gatew ay Series User’s Guide Firewall Screens 12-15 Table 12-4 Predefined Services SERVICE DESCRIPTION TFTP(UDP:69) T rivial File Transfer Protocol is an Internet file transfe r protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather tha n TCP (Transmission Control Protocol). VDOLIVE(TCP:7000) Another vi deoconfer[...]
-
Page 168
[...]
-
Page 169
ZyAIR Wireless Gatew ay Series User’s Guide Remote Management 13-1 Chapter 13 Remote Management This chapter provides information on the Remo te Management screens. This chapter is not applicable to the ZyAIR B-2000. 13.1 Remote Management Overview Remote management allows you to determine which se rvices/protocols ca n access which ZyAIR interfa[...]
-
Page 170
ZyAIR Wireless Gatew ay Series User’s Guide 13-2 Remote Management 1. A filter in SMT m enu 3.1 (LAN) or in menu 11.5 (WAN) is applied to block a Telnet, FTP or Web service. 2. You have disabled that service in one of the remote m anagement screens. 3. The IP addres s in the Secured Client IP Address field does not match the client IP address. If[...]
-
Page 171
ZyAIR Wireless Gatew ay Series User’s Guide Remote Management 13-3 13.3 Configuring TELNET Click ADVANC ED and th en REMOTE MGNT to open the TELNET s creen. Figure 13-2 Telnet The following table describes the labels in this screen. Table 13-1 Telnet LABEL DESCRIPTION Server Port You may change the server port num ber for a service if needed, ho [...]
-
Page 172
ZyAIR Wireless Gatew ay Series User’s Guide 13-4 Remote Management 13.4 Configuring FTP You can uploa d and download the Zy AIR’s firm ware and configuration fil es using FTP, please see the chapter on firmware and configuration file maintenance for details. To use this feature, your computer must have an FTP cl ient. To change your ZyAIR’s F[...]
-
Page 173
ZyAIR Wireless Gatew ay Series User’s Guide Remote Management 13-5 Table 13-2 FTP LABEL DESCRIPTION Reset Click Reset to beg in configuring this screen afresh. 13.5 Configuring WWW To change your ZyAIR’s World Wide Web setting s, click ADVANC ED , REMOTE MGNT and then the WWW tab. The sc reen ap pears a s shown. Figure 13-4 WWW The following ta[...]
-
Page 174
ZyAIR Wireless Gatew ay Series User’s Guide 13-6 Remote Management Table 13-3 WWW LABEL DESCRIPTION Secured Client IP Address A secured client is a “trusted” computer that is allowed to communicate with the ZyAIR using this service. Select Al l to allo w any computer to access the ZyAIR using this service. Choose Selected to just allo w the c[...]
-
Page 175
ZyAIR Wireless Gatew ay Series User’s Guide Remote Management 13-7 Figure 13-5 SNMP Management Mod el An SNMP m a naged netwo rk consists of two m ain types of compone nt: agents and a manager. An agent is a managem ent software m o dule that resides i n a managed device (the Zy AIR). An agent translates the local management information from the [...]
-
Page 176
ZyAIR Wireless Gatew ay Series User’s Guide 13-8 Remote Management • Set - Allows the manager to set values for object variables within an agent. • Trap - Used by the a gent to inform the manager of some events. 13.6.1 Supported MIBs The ZyAIR supports MIB II that is defin ed in RFC-1213 and RFC-1215. The focu s of the MIBs is to let administ[...]
-
Page 177
ZyAIR Wireless Gatew ay Series User’s Guide Remote Management 13-9 13.6.3 REMOTE MANAGEMENT : SNMP To change your ZyAIR’s SNMP settings, click ADVANCED , REMOTE MGNT a nd then the SNMP tab. The screen appears as shown. Figure 13-6 SNMP The following table describes the labels in this screen. Table 13-6 SNMP LABEL DESCRIPTION SNMP Configuration [...]
-
Page 178
ZyAIR Wireless Gatew ay Series User’s Guide 13-10 Remote Management Table 13-6 SNMP LABEL DESCRIPTION Set Community Enter the Set community , which is the password for incoming Set request s from the management station. Trusted Host If you enter a trusted host, your ZyAI R will only respond to SNMP messages from this address. A blank (default) fi[...]
-
Page 179
ZyAIR Wireless Gatew ay Series User’s Guide Remote Management 13-11 Figure 13-7 DNS The following table describes the labels in this screen. Table 13-7 DNS LABEL DESCRIPTION Server Port The DNS service port num ber is 53 and cannot be changed here. Server Access Select the int erface(s) through wh ich a computer may send DNS queries to the ZyAIR.[...]
-
Page 180
ZyAIR Wireless Gatew ay Series User’s Guide 13-12 Remote Management anti-probing, which prevents the ICMP respons e packet from being sent. This keeps out siders from discovering y our ZyAIR w hen unsu pported po rts are probe d. Figure 13-8 Security The following table describes the labels in this screen. Table 13-8 Security LABEL DESCRIPTION IC[...]
-
Page 181
ZyAIR Wireless Gatew ay Series User’s Guide Remote Management 13-13 Table 13-8 Security LABEL DESCRIPTION Do not respond to requests for unauthorized services Select this option to prevent hackers from finding the Z yAIR by probing for unused ports. If you select this option, the ZyAIR wi ll not respond to port request(s) for unused ports, thus l[...]
-
Page 182
[...]
-
Page 183
UPnP and Logs VI Part VI: UPNP AND LOGS This part prov ides information and configuration instructions for UPnP (Universal Plug and Play) and the logs.[...]
-
Page 184
[...]
-
Page 185
ZyAIR Wireless Gatew ay Series User’s Guide UPnP Screens 14-1 Chapter 14 UPnP Screen This chapter introduces the Universal Plug and Play feature. 14.1 Universal Plug and Play Overview Universal Plug and Play (U PnP) is a distri buted, open networking st andard that uses TCP/IP for si mple peer-to-peer network connectiv ity between dev ices. A UP [...]
-
Page 186
ZyAIR Wireless Gatew ay Series User’s Guide 14-2 UPnP Screens 14.1.3 Cautions with UPnP The automat ed nature of N AT traversal a pplications in establi shing their own services a nd openin g firewall ports may present netwo rk security issues. Networ k information and confi guration may also be obt ained and modifi ed by users i n some net work [...]
-
Page 187
ZyAIR Wireless Gatew ay Series User’s Guide UPnP Screens 14-3 Figure 14-1 Configuring UPnP The following table describes the labels in this screen. Table 14-1 Configuring UPnP LA BEL DESCRIPTION Device Name (or UPnP Name) This identifies the ZyAIR in UPnP applic ations. Enable the Universal Plug and Play (UPnP) feature Select this check box to ac[...]
-
Page 188
ZyAIR Wireless Gatew ay Series User’s Guide 14-4 UPnP Screens Table 14-1 Configuring UPnP LA BEL DESCRIPTION Allow UPnP to pass through Firewall Select this check box to create a static LAN to LAN/ ZyAIR rule that allows forwarding of ports 1900 and 80. Selecting t his check box also creates a dynamic firewall rule every tim e a NAT forwarding po[...]
-
Page 189
ZyAIR Wireless Gatew ay Series User’s Guide UPnP Screens 14-5 Step 3. In the Communications window, select the Universal Plug and Play check box i n the Components selection box. Step 4. Click OK to go back to the Add/Remove Programs Properties window and click Next . Step 5. Restart the computer when prom pted. 14.4.2 Installing UPnP in Windows [...]
-
Page 190
ZyAIR Wireless Gatew ay Series User’s Guide 14-6 UPnP Screens Step 5. In the Networ king Services window, select the Universal Plu g and Play check box. Step 6. Click OK to go back to the Windows Optional Ne tworking Component Wizard window and click Next . 14.5 Using UPnP in Windows XP Example This section sh ows you ho w to use the UPnP feat ur[...]
-
Page 191
ZyAIR Wireless Gatew ay Series User’s Guide UPnP Screens 14-7 Step 3. In the Internet Connection P roperties window, click Settings to see th e por t mappings that were aut omatically created. Step 4. You may edit or delete the port mappings or cli ck Add to manually ad d port m appings.[...]
-
Page 192
ZyAIR Wireless Gatew ay Series User’s Guide 14-8 UPnP Screens When the UPnP-enabled device is disconn ected from your computer , all port mappings will be deleted automaticall y . Step 5. Select the Show icon in notification area when connected check box and click OK . A n icon displays in the system tray Step 6. Double-click the icon to display [...]
-
Page 193
ZyAIR Wireless Gatew ay Series User’s Guide UPnP Screens 14-9 Step 1. Click Start and then Control Panel . Step 2. Double-click Network Connections . Step 3. Select My Network Pl aces under Other Places . Step 4. An icon with the description for each UPnP-enabled device displays un der Local Network . Step 5. Right-click the icon fo r your ZyAIR [...]
-
Page 194
ZyAIR Wireless Gatew ay Series User’s Guide 14-10 UPnP Screens Step 6. Right-click the icon fo r your ZyAIR and select Properties . A properties window displays with basic in formation about the ZyAIR.[...]
-
Page 195
ZyAIR Wireless Gatew ay Series User’s Guide Logs Screens 15-1 Chapter 15 Logs Screens This chapter contains informati on about configuring general log s ettings and viewing the ZyAIR’s logs. Refer to the appendix for example log message explanations. 15.1 Using the V iew Log Screen The web configurator allows you to look at all of the ZyAIR’s[...]
-
Page 196
ZyAIR Wireless Gatew ay Series User’s Guide 15-2 Logs Screen s Figure 15-1 View Log The following table describes the labels in this screen. Table 15-1 View Log LABEL DESCRIPTION Display Select a log category from the drop do wn list box to display l ogs within the selected category. To vie w all logs, select All Logs . The number of categories s[...]
-
Page 197
ZyAIR Wireless Gatew ay Series User’s Guide Logs Screens 15-3 Table 15-1 View Log LABEL DESCRIPTION Email Log Now Click Email Log Now to send the log screen to the e-mail address specified in the Log Settings page. Refresh Click Refresh to rene w the log screen. Clear Log Click Clear Log to clear all the logs. 15.2 Configuring Log Settings To cha[...]
-
Page 198
ZyAIR Wireless Gatew ay Series User’s Guide 15-4 Logs Screen s Figure 15-2 Log Settings[...]
-
Page 199
ZyAIR Wireless Gatew ay Series User’s Guide Logs Screens 15-5 The following table describes the labels in this screen. Table 15-2 Log Settings LABEL DESCRIPTION Address Info Mail Server Enter the server name or the IP address of the mail server for the e-mai l addresses specified belo w. If this field is left blank, logs and alert messages will n[...]
-
Page 200
ZyAIR Wireless Gatew ay Series User’s Guide 15-6 Logs Screen s Table 15-2 Log Settings LABEL DESCRIPTION Time for Sending Log Enter the time of the day in 24-hour format (for example 23:00 equ als 11:00 pm) to send the logs. Log Select the categories of logs that you want to record. Send Immediate Alert Select the categories of alerts for whic h [...]
-
Page 201
ZyAIR Wireless Gatew ay Series User’s Guide Logs Screens 15-7 The web site hit count may not be 100% accurate because sometimes when an individual web page loads, it may cont ain references to other web sites that also get counted as hit s. The ZyAIR records web site hits by counting the H TTP GET packets. Ma ny web sites include HTT P GET refere[...]
-
Page 202
ZyAIR Wireless Gatew ay Series User’s Guide 15-8 Logs Screen s Table 15-3 Reports LABEL DESCRIPTION Report Type Use the drop-down list box to select the type of reports to displa y. Web Site Hits displays the web sites that have bee n visited the most often from the LAN and how many times they have been visited. Protocol/Port displays the protoco[...]
-
Page 203
ZyAIR Wireless Gatew ay Series User’s Guide Logs Screens 15-9 Figure 15-4 Protocol/Port Report The following table describes the labels in this screen. Table 15-4 Protocol/Port Report LABEL DESCRIPTION Protocol/Port This column lists the protocols or service ports for which the most traffic has gone through the ZyAIR. The protocol s or servic e p[...]
-
Page 204
ZyAIR Wireless Gatew ay Series User’s Guide 15-10 Logs Screens Table 15-4 Protocol/Port Report LABEL DESCRIPTION Refresh Click Refresh to update the report d isplay. The re port also re freshes automa tically when you close and reopen the scre en. Direction This field displays Incoming to denote traffic that is coming in from the WAN to the LAN. [...]
-
Page 205
ZyAIR Wireless Gatew ay Series User’s Guide Logs Screens 15-11 The following table describes the labels in this screen. Table 15-5 LAN IP Address Rep ort LABEL DESCRIPTION Start Collection/ Stop Collection The button text sho ws Start Collection when the ZyAIR is not recording report data and Stop Collection w hen the ZyAIR is recording report da[...]
-
Page 206
[...]
-
Page 207
Maintenance VII Part VII: MAINTENANCE This part describ es the Maintenan ce web configurator screen s.[...]
-
Page 208
[...]
-
Page 209
ZyAIR Wireless Gatew ay Series User’s Guide Maintenance 16-1 Chapter 16 Maintenance This chapter displays system information such as ZyNOS firmware, port IP addresses and port traffic statistics. 16.1 Maintenance Overview The maintenance scree ns can help you view syst em info rm ation, upload new firmware, m anage configurati on and restart your[...]
-
Page 210
ZyAIR Wireless Gatew ay Series User’s Guide 16-2 Maintenance Table 16-1 Status LA BEL DESCRIPTION Syst em Na me This is the System Name you enter in the first Internet Access Wizard screen. It is for identification purposes. Model Name The model name identifies your device type. The model n ame should also be on a sticker on your device. If you a[...]
-
Page 211
ZyAIR Wireless Gatew ay Series User’s Guide Maintenance 16-3 Figure 16-2 Status: Show Statis tics The following table describes the labels in this screen. Table 16-2 Status: Show Statistics LA BEL DESCRIPTION Port This is the LAN or WAN port. Status This shows the port speed and duple x setting if you are using Ethernet encapsu lation for the Eth[...]
-
Page 212
ZyAIR Wireless Gatew ay Series User’s Guide 16-4 Maintenance Table 16-2 Status: Show Statistics LA BEL DESCRIPTION Stop Click this button to stop refreshing statistics. 16.3 DHCP T able Screen DHCP (Dynamic Ho st Configuration Protoco l, RFC 2131 and RFC 2132) allows indiv idual clients to obtain TCP/IP config uration at sta rt-up from a server. [...]
-
Page 213
ZyAIR Wireless Gatew ay Series User’s Guide Maintenance 16-5 Table 16-3 DHCP Table LA BEL DESCRIPTION MAC Address The MAC (Media Access Control) or Ethern et addr ess on a LAN (Local Area Net work) is unique to your computer (six pai rs of he xadecimal notation). A network interface card such as an Ether net adapter has a hardwired addr ess that [...]
-
Page 214
ZyAIR Wireless Gatew ay Series User’s Guide 16-6 Maintenance 16.5 Channel Usage The Channel Usage screen displays w hether a cha nnel is used by another wireless netw ork or not. If a channel is bein g used, y ou should select a c hannel removed from it by five channels to c o mpletel y avoid overlap. Click MAINTENANCE , ( WIRELESS ) and then the[...]
-
Page 215
ZyAIR Wireless Gatew ay Series User’s Guide Maintenance 16-7 Table 16-5 Channel Usage (ZyAIR B-2 000) LA BEL DESCRIPTION Channel T his is the index number of the channel currently used by the associate d AP in an Infrastructure wireless network or wireless station in an Ad- Hoc wireless network. Activity This field display Yes if the channel is u[...]
-
Page 216
ZyAIR Wireless Gatew ay Series User’s Guide 16-8 Maintenance Table 16-6 Channel Usage LA BEL DESCRIPTION Channel T his is the index number of the channel currently used by the associate d AP in an Infrastructure wireless network or wireless station in an Ad- Hoc wireless network. Signal This field displa ys the strength of the AP’s signal. If y[...]
-
Page 217
ZyAIR Wireless Gatew ay Series User’s Guide Maintenance 16-9 Table 16-7 Firmware Upload LA BEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse ... to find it. Browse... Click Browse... to find the .bin file you want to upl oad. Remember that you must decompress compressed (.zip) files before[...]
-
Page 218
ZyAIR Wireless Gatew ay Series User’s Guide 16-10 Maintenance If the upload was not successful, the fo llowing screen will appear. Click Ret urn to go back to the F/W Upload screen. Figure 16-10 Firmware Upload Error 16.7 Configuration Screen See the Firmware and Configuration File Maintenance chapter for tran sferri ng config uration files usin [...]
-
Page 219
ZyAIR Wireless Gatew ay Series User’s Guide Maintenance 16-11 Figure 16-11 Configurati on 16.7.1 Backup Configuration Backup config uration allows you to back up (save) th e Zy AIR’s cu rrent configuration to a file on your computer. O nce your Zy AIR is configured a nd functioni ng properly, it is highly rec ommende d that you back up your con[...]
-
Page 220
ZyAIR Wireless Gatew ay Series User’s Guide 16-12 Maintenance Click Backup to save your current ZyAIR confi guration t o your com puter. 16.7.2 Restore Configuration Restore configur ation replaces your ZyAIR's current configuration (conte nt filters, firewall settings, etc.) with a previously saved configur ation. Restore files (usually) ha[...]
-
Page 221
ZyAIR Wireless Gatew ay Series User’s Guide Maintenance 16-13 The ZyAIR automatically restarts in this time causing a te mporary net work disconnect. In som e operati ng systems, y ou may see the f ollowing i con on y our deskto p. Figure 16-13 Net work Temporarily Disconnected If you uploaded the d efault configuration file you may need to chang[...]
-
Page 222
ZyAIR Wireless Gatew ay Series User’s Guide 16-14 Maintenance Figure 16-15 Reset Warni ng Message You can also press the RESET button on the side panel to reset the factory defaults of your ZyAIR. Refer to the Resetting the ZyAIR section for more info rmation on the RESET button. 16.8 Rest art Screen System restart allows you to reboot the ZyAIR [...]
-
Page 223
SMT Getting Started Menus VIII Part VIII: SMT GETTING STARTED M ENUS This part introduces the SM T (System M anagement T erminal) and discusses the “Getting S tarted” SMT menus. See the web configurator p arts of this guide for background information on features configurable by web configurator a nd SMT .[...]
-
Page 224
[...]
-
Page 225
ZyAIR Wireless Gatew ay Series User’s Guide Introducing the SMT 17-1 Chapter 17 Introducing the SMT This chapter describes how to access the SMT and provides an overview of its menus . 17.1 Connect to your ZyAIR Using T elnet The following proced ure details how to telnet into your ZyAIR. Step 1. Make sure your computer IP address and t he ZyAI R[...]
-
Page 226
ZyAIR Wireless Gatew ay Series User’s Guide 17-2 Introducing the SMT Please note that if there is no activity for longer than fiv e minutes (default timeout period) af ter you log in, your ZyAIR will automatically log you out. 17.2.1 Initial Screen When you turn on your ZyAIR, it performs several internal tests as well as line initializatio n. Af[...]
-
Page 227
ZyAIR Wireless Gatew ay Series User’s Guide Introducing the SMT 17-3 Figure 17-3 Menu 23.1 Sy stem Securit y : Change Pass w ord Step 4. Type your new syst em password i n the New Password field (up t o 30 characters), and press [ENTER] . Step 5. Re-type you r new system password in the Retype to conf irm field for confi rmation a nd press [ENTER[...]
-
Page 228
ZyAIR Wireless Gatew ay Series User’s Guide 17-4 Introducing the SMT Menu 3 LAN Setup Menu 4 Intern et Access Setu p Menu 1 2 S tatic Routing Setup Menu 1 1.5 Remote Node Filter Menu 1 1 Remote N ode Profil e Menu 1 1.3 Remote Node Network Lay er O pt ions Menu 3. 2 TCP/IP and DHCP Setu p ZyAI R B-2000 v .2 Main Menu Menu 1 Genera l Setup Menu 15[...]
-
Page 229
ZyAIR Wireless Gatew ay Series User’s Guide Introducing the SMT 17-5 17.5 Navigating the SMT Interface Several operations that you should be familiar with before you attempt to modify the configuration are listed in the table below. Table 17-1 Main Menu Commands OPERATION KEYSTROKE DESCRIPTION Move down to another menu [ENTER] To move forward to [...]
-
Page 230
ZyAIR Wireless Gatew ay Series User’s Guide 17-6 Introducing the SMT Figure 17-5 ZyAIR B-200 0 v.2 SMT Main Menu 17.5.1 System Management T erminal Interface Summary Table 17-2 Main Menu Summary # MENU TITLE DESCRIPTION 1 General Setup Use this menu to set up your general information. 2 WAN Setup Use this menu to set up your WAN connecti on. 3 LA[...]
-
Page 231
ZyAIR Wireless Gatew ay Series User’s Guide Introducing the SMT 17-7 Table 17-2 Main Menu Summary # MENU TITLE DESCRIPTION 99 Exit Use this to exit from SMT and return to a blank screen.[...]
-
Page 232
[...]
-
Page 233
ZyAIR Wireless Gatew ay Series User’s Guide General and WAN Setup 18-1 Chapter 18 General and WAN Setup The chapter shows you the information on general setup and how t o configure the WAN. 18.1 General Setup Menu 1 – General Setup contains admini strative and syste m-related informati on (shown ne xt). The System Name fiel d is for id entifica[...]
-
Page 234
ZyAIR Wireless Gatew ay Series User’s Guide 18-2 General and WAN Setup Figure 18-1 Menu 1 General Setup Step 2. Fill in the required fields. Refer to the table shown nex t for more information about these fields. Table 18-1 Menu 1 General Setup FIELD DESCRIPTION EXAMPLE System Name Choose a descriptive name for identification purposes. This name [...]
-
Page 235
ZyAIR Wireless Gatew ay Series User’s Guide General and WAN Setup 18-3 Table 18-1 Menu 1 General Setup FIELD DESCRIPTION EXAMPLE Edit Dynamic DNS Press [SPACE BAR] to select Yes and press [ENTER] to configure Menu 1.1 – Configure Dy namic DNS (discussed next). No When you have compl eted this menu, press [ENTER] at the prompt “Press ENTER to [...]
-
Page 236
ZyAIR Wireless Gatew ay Series User’s Guide 18-4 General and WAN Setup Table 18-2 Menu 1.1 Configure Dy namic DNS FIELD DESCRIPTION EXAMPLE Active Press [SPACE BAR] to select Yes and then press [ENT ER] to make dynamic DNS active. Yes DDNS Type Press [SPACE BAR] and then [ENTER] to select DynamicDNS if you have a dynamic IP address(es). Select St[...]
-
Page 237
ZyAIR Wireless Gatew ay Series User’s Guide General and WAN Setup 18-5 Table 18-2 Menu 1.1 Configure Dy namic DNS FIELD DESCRIPTION EXAMPLE User Specified IP Address Press [SPACE BAR] to select Yes and then press [ENTER] to update the IP address of the ho st name(s) to the IP address specified below. Only select Yes if the ZyAIR uses or is behi n[...]
-
Page 238
ZyAIR Wireless Gatew ay Series User’s Guide 18-6 General and WAN Setup Table 18-3 Menu 2 WAN Setup FIELD DESCRIPTION EXAMPLE Assigned By Press [SPACE BAR] to select Factory de fault and press [ENTER] to use the factory assigned MAC address. Select IP address attached o n LAN and enter the IP address in the IP Address field below to clone the MAC [...]
-
Page 239
ZyAIR Wireless Gatew ay Series User’s Guide LAN Setup 19-1 Chapter 19 LAN Setup This chapter shows you how to configure the LAN on your ZyAIR. . 19.1 LAN Setup This section describes how to configure the Ethern et using Menu 3 – LAN Setup . From the main menu, enter 3 to displ ay menu 3. Figure 19-1 Menu 3 LAN Setup Detailed explanatio n about [...]
-
Page 240
ZyAIR Wireless Gatew ay Series User’s Guide 19-2 LAN Setup If you need to define filters, please read the Filter Set Configuration chapter first, then return to th is menu to define the filter sets. 19.2 TCP/IP Ethernet and DHCP Setup Use menu 3. 2 to config ure your Zy AIR for TC P/IP. To edit menu 3.2, enter 3 from the main men u to display Men[...]
-
Page 241
ZyAIR Wireless Gatew ay Series User’s Guide LAN Setup 19-3 Table 19-1 Menu 3.2 DHCP Ethernet Setup FIELD DESCRIPTION EXAMPLE DHCP If set to Ser ver , your ZyAIR can assign IP addresses, an IP default gateway and DNS servers to Windo ws 95, Windows NT and other systems that support the DHCP client. If set to None , the DHCP server will be disabled[...]
-
Page 242
ZyAIR Wireless Gatew ay Series User’s Guide 19-4 LAN Setup Table 19-2 Menu3.2 TCP/IP Ethernet Setup FIELD DESCRIPTION EXAMPLE Version Press [ SPACE BAR] to select the RIP version. Choices are RIP-1 , RIP-2B or RIP-2M . RIP-1 Multicast IGMP (Internet Group Multicast Pr otocol) is a session-layer protocol used to establish membership in a Multicast[...]
-
Page 243
ZyAIR Wireless Gatew ay Series User’s Guide LAN Setup 19-5 19.3.1 IP Alias Setup Use menu 3. 2 to confi gure the first netw ork. Move the cursor to Edit IP Alias field and press [ SPACE BAR] to choose Yes and press [ENTER] to configure the second and third ne twork. Figure 19-6 Menu 3.2 TCP/IP and DHCP Ethernet Setup Press [ ENTER ] to display Me[...]
-
Page 244
ZyAIR Wireless Gatew ay Series User’s Guide 19-6 LAN Setup Table 19-3 Menu 3.2.1 IP Alias Setup FIELD DESCRIPTION EXAMPLE IP Alias Choose Yes to configure the LAN network for the ZyAIR. Yes IP Address Enter the IP address of your ZyAIR in dotted decimal notation 192.168.1.1 IP Subnet Mask Your ZyAIR will automatical ly calculate the subnet mask b[...]
-
Page 245
ZyAIR Wireless Gatew ay Series User’s Guide LAN Setup 19-7 Figure 19-8 Menu 3.5 Wireless LAN Setup The following table describes the fields in this menu. Table 19-4 Menu 3.5 Wireless LAN Setup FIELD DESCRIPTION EXMAPLE ESSID The ESSID (Extended Service Set IDentit y) identifies the AP to which the wireless stations associate. Wireless stations as[...]
-
Page 246
ZyAIR Wireless Gatew ay Series User’s Guide 19-8 LAN Setup Table 19-4 Menu 3.5 Wireless LAN Setup FIELD DESCRIPTION EXMAPLE WEP Select Disable to allow wireless stations to communicate with the access points without any data encr yption. Select 64-bit WEP or 128-bit WEP to enable data e ncryption. Disable Default Key Enter the key number (1 to 4)[...]
-
Page 247
ZyAIR Wireless Gatew ay Series User’s Guide LAN Setup 19-9 Table 19-4 Menu 3.5 Wireless LAN Setup FIELD DESCRIPTION EXMAPLE When you have compl eted this menu, press [ENTER] at the prompt “Press ENTER to confirm or ESC to cancel” to save your configuration or press [E SC] to cancel and go back to the prev ious screen. 19.4.1 Configuring MAC A[...]
-
Page 248
ZyAIR Wireless Gatew ay Series User’s Guide 19-10 LAN Setup Figure 19-10 Menu 3.5.1 WLAN MAC Address Filter The following table describes the fields in this menu. Table 19-5 Menu 3.5.1 WLAN M AC Address Filter FIELD DESCRIPTION Active To enable MAC address filter ing, press [SPACE BAR] to select Yes and press [ENTER]. Filter Action Define the fil[...]
-
Page 249
ZyAIR Wireless Gatew ay Series User’s Guide LAN Setup 19-11 19.4.2 Configuring Ro aming on the ZyAIR Enable the roaming featur e if you have two or more ZyAIRs on the same subnet. Follow th e steps below to allow roam ing on your ZyAIR. Step 1. From the main menu, enter 3 to display Menu 3 – LAN Setup . Step 2. Enter 5 to displ ay Menu 3.5 – [...]
-
Page 250
ZyAIR Wireless Gatew ay Series User’s Guide 19-12 LAN Setup Table 19-6 Menu 3.5.2 Roaming Confi guration FIELD DESCRIPTION Active Press [SPACE BAR] and then [ENTER] to select Yes to enable roamin g on the ZyAIR if you have two or more ZyAIRs on the same subnet. Port # Enter the port number to communic ate roaming information bet ween access point[...]
-
Page 251
ZyAIR Wireless Gatew ay Series User’s Guide Internet Access 20-1 Chapter 20 Internet Access This chapter describes how to configu re the ZyAIR for Internet Access. 20.1 Internet Access Configuration Menu 4 allows you to enter the In ternet Access information in one screen. Menu 4 is actually a simplified setup for one of the remote nodes that you[...]
-
Page 252
ZyAIR Wireless Gatew ay Series User’s Guide 20-2 Internet Access Table 20-1 Internet Account Informa tion FIELD DESCRIPTION YOUR INFORMATION DNS Server Address Assignment Primary DNS server Secondary DNS s erver Enter when using RFC 1483 Encaps ulation or a static IP address. 20.2 Internet Access Setup From the m ain menu, type 4 to display Menu [...]
-
Page 253
ZyAIR Wireless Gatew ay Series User’s Guide Internet Access 20-3 Table 20-2 Menu 4 Internet Acces s Setup FIELD DESCRIPTION EXAMPLE Service Type This field is available if you select the Ethernet encaps ulation. Press [SPACE BAR] to select the se rvice type then press [ENTER]. Choose a RoadRunner flavor if your ISP is using Time Warner's Roa[...]
-
Page 254
[...]
-
Page 255
SMT Advanced Applications Menus IX Part IX: SMT ADVANCED APPLICATION M ENUS This part shows h ow to configure Remote Node, S tatic Routing, Dial-in Use r and NA T .[...]
-
Page 256
[...]
-
Page 257
ZyAIR Wirel ess Gateway Serie s User’s Guide Remote Node Configuration 21-1 Chapter 21 Remote Node Configuration This chapter shows you how to set up remote nodes on the WAN side. A remote node is required for placing calls to a remote gateway. A remote node represents both the remote gateway and th e network be hind it acr oss a WAN c onnection.[...]
-
Page 258
ZyAIR Wireless Gatew ay Series User’s Guide 21-2 Remote Node Configuration Figure 21-1 Menu 11.1 Remote Node Profile In Menu 11.1 – Remote N ode Profile , fill in the fields as described in the following table. Table 21-1 Menu 11.1 Remote Node Profile FIELD DESCRIPTION EXAMPLE Rem Node Name Type a uniqu e, descriptive name of up to eight charac[...]
-
Page 259
ZyAIR Wirel ess Gateway Serie s User’s Guide Remote Node Configuration 21-3 Table 21-1 Menu 11.1 Remote Node Profile FIELD DESCRIPTION EXAMPLE Outgoing: My Login Type the login name assign ed by your ISP when the ZyAIR calls this remote node. My Password Type the password assigned b y your ISP when the ZyAIR calls this remote node. This field set[...]
-
Page 260
ZyAIR Wireless Gatew ay Series User’s Guide 21-4 Remote Node Configuration Table 21-1 Menu 11.1 Remote Node Profile FIELD DESCRIPTION EXAMPLE Period (hr) This field is the time period that the budget should be reset. For example, if we are allowed to call this remote node for a ma ximum of 10 minutes every hour, then the Allocated Budget is (10 m[...]
-
Page 261
ZyAIR Wirel ess Gateway Serie s User’s Guide Remote Node Configuration 21-5 Move the cur sor to the Edit IP field, press [ SPACE BAR ] to select Yes , then press [ENTER] to display Menu 11.3 – Rem ote Node Network Layer Options shown below. Figure 21-2 Menu 11.3 Remote Node Net w ork Layer Options The next tabl e explains t he fields i n this m[...]
-
Page 262
ZyAIR Wireless Gatew ay Series User’s Guide 21-6 Remote Node Configuration Table 21-2 Menu 11.3 Remote Node Netw ork Layer Options FIELD DESCRIPTION EXAMPLE Network Address Translation Press [SPACE BAR] and then [ENTER] to select Full Feature if you have multiple public WAN IP address es for your ZyAIR. Select SUA Only if you have just one public[...]
-
Page 263
ZyAIR Wirel ess Gateway Serie s User’s Guide Remote Node Configuration 21-7 Figure 21-3 Menu 11.5 Remote Node Filter (Eth ernet Encapsulation ) Figure 21-4 Menu 11.5 Remote Node F ilter (PPTP or PPPoE Encapsulation) 21.2.1 IP S tatic Route Setup Static routes tell the ZyAIR routing information that it cannot learn automatically through other mean[...]
-
Page 264
ZyAIR Wireless Gatew ay Series User’s Guide 21-8 Remote Node Configuration Configuration Step 1. To configure an IP static route, use Menu 12 - Static Route Setup as shwon ne xt. Figure 21-5 Menu 12.1 IP Static Route Setup Step 2. Now, type the route number of a st atic route you want to confi gure. Figure 21-6 Menu 12.1 Edit IP Static Rou te The[...]
-
Page 265
ZyAIR Wirel ess Gateway Serie s User’s Guide Remote Node Configuration 21-9 Table 21-3 Menu 12.1 Edit IP Static Route FIELD DESCRIPTION Destination IP Address This parameter specifies the IP net work address of the final destination. Routing is always based on net work number. If you need to specify a route to a singl e host, use a subnet mask of[...]
-
Page 266
[...]
-
Page 267
ZyAIR Wirel ess Gateway Serie s User’s Guide Dial-in User Setup 22-1 Chapter 22 Dial-in User Setup This chapter shows you how to create user accounts on the ZyAIR. 22.1 Dial-in User Setup By storing user profiles locally, your ZyAIR is able to authenticate wireless users without interacting with a network RAD IUS server. Follow the steps below to[...]
-
Page 268
ZyAIR Wireless Gatew ay Series User’s Guide 22-2 Dial-in Use r Setup Table 22-1 Menu 14.1- Edit Dial-in User FIELD DESCRIPTION User Name Enter a usern ame up to 31 alphanumer ic characters long for this user profile. This field is case sensitive. Active Press [SPACE BAR] to select Yes and press [ENT ER] to enable the user profile. Password Enter [...]
-
Page 269
ZyAIR Wirel ess Gateway Serie s User’s Guide NAT 23-1 Chapter 23 Network Address Translation (NAT) This chapter discusses h ow to configure NAT on the ZyAIR. 23.1 Introduction NAT (Network Address Tran slation - NAT, RFC 1631) is the translation of the IP addr ess of a host in a packet, for exa mple, the source address of a n outgoing packet, use[...]
-
Page 270
ZyAIR Wireless Gatew ay Series User’s Guide 23-2 NAT Figure 23-2 Menu 11.3 Remote Node Net w ork Layer Options The following table describes the op tions for Network Address Translation. Table 23-1 Applying NAT in Menus 4 & 11.3 FIELD DESCRIPTION EX AMPLE Press [SPACE BAR] and then [ENTER] to select Full Feature if you have multiple public WA[...]
-
Page 271
ZyAIR Wirel ess Gateway Serie s User’s Guide NAT 23-3 Figure 23-3 Menu 15 NAT Setup 23.2.1 Address Mapping Sets Enter 1 to brin g up Menu 15.1 – Address Mapping Sets . Figure 23-4 Menu 15.1 Address Map ping Sets SUA Addr ess Mapping Set Enter 255 to display t he next screen . The fields in this m enu cannot be change d. Menu 15.1.255 is read-on[...]
-
Page 272
ZyAIR Wireless Gatew ay Series User’s Guide 23-4 NAT Figure 23-5 Menu 15.1.255 SUA Addr ess Mapping Rules The following table explains the fields in this menu. Table 23-2 Menu 15.1.255 SUA Ad dress Mapping Rules FIELD DESCRIPTION EX AMPLE Set Name This is the name of the set yo u selected in menu 15.1 or enter the name of a new set you want to cr[...]
-
Page 273
ZyAIR Wirel ess Gateway Serie s User’s Guide NAT 23-5 User-Defined Address Mapping Set s Now let’s look at option 1 in menu 15.1. Enter 1 to brin g up this menu. We’ll just look at the differences from the pre v ious m enu. Note the extra Act ion and Select Rule fields mean you can configure rules in this screen. Note also that the “ ? ” [...]
-
Page 274
ZyAIR Wireless Gatew ay Series User’s Guide 23-6 NAT Y ou must press [ENTER] at the bottom of the scr een to save the w hole set. Y ou must do this again if you make any changes to the set – includi ng deleting a rule. No changes to the set t ake place until this action is t aken. An End IP address must be numerically greate r than its correspo[...]
-
Page 275
ZyAIR Wirel ess Gateway Serie s User’s Guide NAT 23-7 Table 23-4 Menu 15.1.1.1 Address Ma pping Rule FIELD DESCRIPTION EXAMPLE End This is the ending local IP address (ILA). If the rule is for all l ocal IPs, then put the Start IP as 0.0.0. 0 and the End IP as 255.255. 255.255. This field is N/A for One-to-One and Server types. N/A Global IP Star[...]
-
Page 276
ZyAIR Wireless Gatew ay Series User’s Guide 23-8 NAT In addition to the servers for specified services, NAT supports a default server. A service request that does not have a server explicitly design ated for it is forwarded to the default server. If the default is not defined, the service request is simply discarded. Many residential broadband IS[...]
-
Page 277
ZyAIR Wirel ess Gateway Serie s User’s Guide NAT 23-9 Figure 23-8 Menu 15.2 Port For w arding Setup Step 3. Enter a port number in an unused Start Port No field. To forward only one port, en ter it again in the End Port No field. To specify a range of ports, e nte r the last po rt to be forwar ded in the End Port No field. Step 4. Enter the insid[...]
-
Page 278
ZyAIR Wireless Gatew ay Series User’s Guide 23-10 NAT Figure 23-9 NAT Example 1 Figure 23-10 Menu 4 Internet Access Setup From m enu 4, choose the SUA Onl y option from the Network Address Translation fi eld. This is the Many-to-One m apping discussed in section 23.4. The SUA On ly read-only optio n from the Network Address Translation field in m[...]
-
Page 279
ZyAIR Wirel ess Gateway Serie s User’s Guide NAT 23-11 23.4.2 Example 2: Internet A ccess with an Inside Server Figure 23-11 NAT Example 2 In this case, you do exactly as above (use the convenient pre-configured S UA Only set) and then go to menu 15.2 t o specify the Inside Server behind the NAT as shown in the next figu re. Figure 23-12 Menu 15.[...]
-
Page 280
ZyAIR Wireless Gatew ay Series User’s Guide 23-12 NAT an FTP server and all depart ments use the other IGA. Map the FTP servers to the first two IGAs and the other LAN traffic to the remaining IGA. Map the third IGA to an insi de web server and m ail server. Fo ur rules need to be configured, two bi-directional and two uni-directional as follo ws[...]
-
Page 281
ZyAIR Wirel ess Gateway Serie s User’s Guide NAT 23-13 Figure 23-14 Menu 11.3 Remote Node Net w ork Layer Options Step 2. Then enter 15 f rom the m ain menu. Step 3. Enter 1 to configure th e Address Mapping Sets. Step 4. Enter 1 to begin configur ing this new set. Enter a Set Name, choose the Edit Action and then enter 1 for the Select Rule fiel[...]
-
Page 282
ZyAIR Wireless Gatew ay Series User’s Guide 23-14 NAT Step 7. When finished, menu 15. 1.1 should look like as shown next. Figure 23-16 Menu 15.1.1 Address Ma pping Rules Now conf igure th e IGA3 to map to our web serv er and mail serv er on the LAN. Step 1. Enter 15 from the mai n menu. Step 2. Enter 2 to display Menu 15.2 – Port Forwarding Set[...]
-
Page 283
ZyAIR Wirel ess Gateway Serie s User’s Guide NAT 23-15 23.4.4 Example 4: NA T Unfr iendl y Application Programs Some applications do not support NAT Mapping using TC P or UDP port address translation. In this case it is better to use Many One-to -One mapping as port n u mbers do not change for Many One-to-One (and One-to-One ) NAT m app ing types[...]
-
Page 284
ZyAIR Wireless Gatew ay Series User’s Guide 23-16 NAT After you’ve configured your rule, you should b e able to check the settings in menu 15.1.1 as shown next. Figure 23-19 Menu 15.1.1 Address Ma pping Rules 23.5 T r igger Port Setup The ZyAIR records t he IP address of a LA N computer that requests a service that yo u have de fined as a “tr[...]
-
Page 285
ZyAIR Wirel ess Gateway Serie s User’s Guide NAT 23-17 2. Port 7070 is a “trigger” port and causes the ZyAIR to rec ord Jane’s c omputer IP ad dress. The ZyA IR associates Jane's com puter IP address with the "incoming" port range of 69 70-7170. 3. The Real Audio server respo nds using a port num ber ranging between 6970-717 [...]
-
Page 286
ZyAIR Wireless Gatew ay Series User’s Guide 23-18 NAT Table 23-6 Menu 15.3 Trigger Port Setup FIELD DESCRIPTION EXAMPLE Incoming Incoming is a port (or a range of ports) that a server on the WAN uses when it sends out a particular service. The ZyAIR forwards the traffic with this port (or range of ports) to the wireless station on the LAN that re[...]
-
Page 287
SMT Advanced Management Menus X Part X: SMT ADVANCED MANAGEMENT MENUS This part discusse s Filtering and Firewall setup, SNMP , System Security , System Information and Diagnosis, Firmware and Configuration F ile Main tenance, System Maintenance and Information, Call Scheduling and Remote Manage ment.[...]
-
Page 288
[...]
-
Page 289
ZyAIR Wireless Gatew ay Series User’s Guide Filter and Firewall Configuration 24 -1 Chapter 24 Filter and Firewall Configuration This chapter shows you how to create and apply filters and setup firewall. 24.1 About Filtering Your ZyAIR uses filters to decide whether or not to allow passage of a data packet and/or to make a call. There are two typ[...]
-
Page 290
ZyAIR Wireless Gatew ay Series User’s Guide 24-2 Filter and Firewall Configuration Two sets of factory filter rules have been configured in menu 21 to prevent NetBIOS traffic from triggering calls. A summary of their filter rules is shown in the figures that follow. The following figure illustrates the logic flow when executing a filter rule. Sta[...]
-
Page 291
ZyAIR Wireless Gatew ay Series User’s Guide Filter and Firewall Configuration 24 -3 You can apply up to four filter sets to a particular po rt to bl ock various types of packets. Because each filter set can have up to six rules, you can have a maximum of 24 rule s active for a si ngle port. For incoming packets, your ZyAIR applies da ta filters o[...]
-
Page 292
ZyAIR Wireless Gatew ay Series User’s Guide 24-4 Filter and Firewall Configuration Figure 24-4 NetBIOS_WAN Filte r Rules Summary Figure 24-5 NetBIOS_LAN Filter Rules Summary Figure 24-6 TEL_FTP_WEB_WAN Filter Rules Summary Menu 21.1.1 - Filter Rules Summary # A Type Filter Rules M m n - - ---- -----------------------------------------------------[...]
-
Page 293
ZyAIR Wireless Gatew ay Series User’s Guide Filter and Firewall Configuration 24 -5 24.2.1 Filter Rules Summary Menus The following tables briefly describe the abbreviations used in menus 21.1 .x. Table 24-1 Abbreviations Used in the Filter Rules Summary Menu FIELD DESCRIPTION # The filter rule number: 1 to 6. A Active: “Y” means the rule is [...]
-
Page 294
ZyAIR Wireless Gatew ay Series User’s Guide 24-6 Filter and Firewall Configuration Table 24-2 Rule Abbreviations Used FILTER TYPE DESCRIPTION Off Offset Len Length 24.3 Configuring a Filter Rule To configure a filter rule, type its number in Menu 21.1.1 – F ilter Rules Summary and press [ENTER] to open me nu 21.1. 1.x for the rule. There are tw[...]
-
Page 295
ZyAIR Wireless Gatew ay Series User’s Guide Filter and Firewall Configuration 24 -7 Figure 24-7 Menu 21.1.1 TCP/IP Filter Rule The following table describes how to con figure your TCP/IP filter rule. Table 24-3 Menu 21.1.1 TCP/IP Filter Rule FIELD DESCRIPTION EXAMPLE Filter # This is the filt er set, filter rule coordinates, for instance, 2, 3 re[...]
-
Page 296
ZyAIR Wireless Gatew ay Series User’s Guide 24-8 Filter and Firewall Configuration Table 24-3 Menu 21.1.1 TCP/IP Filter Rule FIELD DESCRIPTION EXAMPLE IP Addr Type the destination IP address of the packet you want to filter. This field is igno red if it is 0.0.0.0. IP Mask Type the IP mask to apply to the Destination: IP Addr field. Port # Type t[...]
-
Page 297
ZyAIR Wireless Gatew ay Series User’s Guide Filter and Firewall Configuration 24 -9 Table 24-3 Menu 21.1.1 TCP/IP Filter Rule FIELD DESCRIPTION EXAMPLE Action Matched Select the action for a matching packet. Choices are Check Next Rule , Forward or Drop . Check Next Rule (default) Action Not Matched Select the action for a packet not matching the[...]
-
Page 298
ZyAIR Wireless Gatew ay Series User’s Guide 24-10 Filter and Firewall Configuration Packet into IP Filter Matched Matched Yes Action Matched Action Not Matched More? No Filter Active? Check IP Protocol Drop Drop Packet Accept Packet Drop Forward Check Next Rule Check Next Rule Check Next Rule Forward Not Matched Yes No Check Src IP Addr Apply Src[...]
-
Page 299
ZyAIR Wireless Gatew ay Series User’s Guide Filter and Firewall Configuration 24 -11 24.3.2 Generic Filter Rule This section shows you how to co nfigure a generic filte r rule. The purpose of generic rules is to allow you to filter non-IP packets. For IP, it is generally easier to use the IP rules directly. For generic rules, the ZyAIR treats a p[...]
-
Page 300
ZyAIR Wireless Gatew ay Series User’s Guide 24-12 Filter and Firewall Configuration Table 24-4 Menu 21.1.4.1 Generic Filter Rule FIELD DESCRIPTION EX AMPLE Offset T ype the starting byte of the data portion in the packet that you want to compare. The range for this field is from 0 to 255. 0 (default) Length Type the byte count of the data portion[...]
-
Page 301
ZyAIR Wireless Gatew ay Series User’s Guide Filter and Firewall Configuration 24 -13 is receiving and sending the packets; for instance, the interface. T he in terface can be an Ethernet, or any other hardware port. The following figure illustrates this. Figure 24-10 Protocol and Dev ice Filter Sets 24.5 Example Filter Let’s look at an example [...]
-
Page 302
ZyAIR Wireless Gatew ay Series User’s Guide 24-14 Filter and Firewall Configuration Step 4. Press [ENTER] at the message “ Press ENTER to confirm or ESC to cance l” to open Menu 21.1.3.1 – TCP/IP Filter Rule . Step 5. Type 1 to conf igure the first filter rule. Make the entries in t his menu as shown next. Figure 24-12 Sample Filter - Menu [...]
-
Page 303
ZyAIR Wireless Gatew ay Series User’s Guide Filter and Firewall Configuration 24 -15 Figure 24-13 Sample Filter Rules Summary - Menu 21.1.3 After you have created the filter set, you must apply it. Step 1. Enter 11 in the main menu to display menu 11 and type the remote node number to edit. Step 2. Go to the Edit Filter Sets field, press [SPACE B[...]
-
Page 304
ZyAIR Wireless Gatew ay Series User’s Guide 24-16 Filter and Firewall Configuration 24.6.1 Ethernet T raffic You seldom need to filter Ethernet tr affic; however, the filter sets may be useful to block certain packets, reduce traffic and prevent security breaches. Go to menu 3.1 (shown next ) and type the number(s) of the filter set(s) that you w[...]
-
Page 305
ZyAIR Wireless Gatew ay Series User’s Guide Filter and Firewall Configuration 24 -17 24.7 Firewall Setup The ZyAIR wireless gateways employ a stateful in spection firewall with DoS (Denial of Service) protection. By default, when the firewall is activated, all incoming traffic from the WAN to the LAN is blocked unless it is initiated fro m the LA[...]
-
Page 306
[...]
-
Page 307
ZyAIR Wireless Gatew ay Series User’s Guide SNMP Configuration 25-1 Chapter 25 SNMP Configuration This chapter explains SNMP Configuration menu 22. 25.1 SNMP Configuration To configure SNMP, select optio n 22 from the m ain menu to ope n Menu 22 – S NMP Configuration as shown next . The “comm unity” for Get, Set and Tra p fields i s SNMP te[...]
-
Page 308
ZyAIR Wireless Gatew ay Series User’s Guide 25-2 SNMP C onfiguratio n Table 25-1 Menu 22 SNMP Configur ation FIELD DESCRIPTION EXAMPLE Community Type the trap community, which is the pass word sent with each trap to the SNMP manager. public Destination Type the IP address of the stat ion to send your SNMP trap s to. 0.0.0.0 When you have compl et[...]
-
Page 309
ZyAIR Wireless Gatew ay Series User’s Guide System Security 26-1 Chapter 26 System Security This chapter describes how to configu re the system security on the ZyAIR. 26.1 System Security You can confi gure the system password, a n external RADIUS server a nd 802.1x in t his menu. 26.1.1 System Password Figure 26-1 Menu 23 Sy s tem Security You s[...]
-
Page 310
ZyAIR Wireless Gatew ay Series User’s Guide 26-2 S ystem Security Figure 26-3 Menu 23.2 Sy stem Securit y : RADIUS Server The following table describes the fields in this screen. Table 26-1 Menu 23.2 Sy s tem Security : RADIUS Serv er FIELD DESCRIPTION EXAMPLE Authentication Server Active Press [SPACE BAR] to select Yes and press [ENTER] to enabl[...]
-
Page 311
ZyAIR Wireless Gatew ay Series User’s Guide System Security 26-3 Table 26-1 Menu 23.2 Sy s tem Security : RADIUS Serv er FIELD DESCRIPTION EXAMPLE Port The default port of the RADIUS server for accounting is 1813 . You need not change this value unl ess your network administrator instructs you to do so with additional information. 1813 Shared Sec[...]
-
Page 312
ZyAIR Wireless Gatew ay Series User’s Guide 26-4 S ystem Security Figure 26-5 Menu 23.4 Sy stem Securit y : IEEE802.1x The following table describes the fields in this menu. Table 26-2 Menu 23.4 Sy stem Security : IEEE802.1x FIELD DESCRIPTION Wireless Port Control Press [SPACE BAR] and select a security mode for the wireless LAN access. Select No[...]
-
Page 313
ZyAIR Wireless Gatew ay Series User’s Guide System Security 26-5 Table 26-2 Menu 23.4 Sy stem Security : IEEE802.1x FIELD DESCRIPTION Idle Timeout (in second) The ZyAIR automatically disconn ects a client from the wired net work after a period of inactivity. The client needs to enter the us ername and password again bef ore access to the wired ne[...]
-
Page 314
ZyAIR Wireless Gatew ay Series User’s Guide 26-6 S ystem Security Table 26-2 Menu 23.4 Sy stem Security : IEEE802.1x FIELD DESCRIPTION Authentication Databases The authentication databas e contains wireless station login information. The local user database is the built-in database on the Z yAIR. The RADIUS is an external server. Use this field t[...]
-
Page 315
ZyAIR Wireless Gatew ay Series User’s Guide System Information and Diagnosis 27-1 Chapter 27 System Information and Diagnosis This chapter covers the information and diag nostic tools in SMT menus 24.1 to 24.4. These tools include updates on system status, port status, log and trace capabilities and upgrades for the system software. This chapter [...]
-
Page 316
ZyAIR Wireless Gatew ay Series User’s Guide 27-2 System Information and Diagnos is Figure 27-2 Menu 24.1 Sy stem Maintenance : Status The following ta ble describe s the fields present in Menu 24.1 – System Maintenance – Status which are read-only and meant fo r diagnosti c purpose s. Table 27-1 Menu 24.1 Sy stem Maintenance : Status FIELD DE[...]
-
Page 317
ZyAIR Wireless Gatew ay Series User’s Guide System Information and Diagnosis 27-3 Table 27-1 Menu 24.1 Sy stem Maintenance : Status FIELD DESCRIPTION System Up Time T his is the time the ZyAI R is up and running from the last reboot. 27.2 System Information To get to the System Information: Step 1. Enter 24 to display Menu 24 – System Maintena [...]
-
Page 318
ZyAIR Wireless Gatew ay Series User’s Guide 27-4 System Information and Diagnos is The table bel ow describes t he fields f or configurat ion in thi s menu. Table 27-2 Menu 24.2.1 Sy stem Maintenance – Information FIELD DESCRIPTION Name Displa ys the system name of your Zy AIR. This information c an be changed in Menu 1 – General Setup . Rout[...]
-
Page 319
ZyAIR Wireless Gatew ay Series User’s Guide System Information and Diagnosis 27-5 27.3 Log and T race There are two logging facilities in the ZyAIR. The first is the error logs and trace records that are stored locally. The second is the UNIX sysl og facility for m essage logging. 27.3.1 Viewing Error Log The first place you should look for clues[...]
-
Page 320
ZyAIR Wireless Gatew ay Series User’s Guide 27-6 System Information and Diagnos is Figure 27-8 Sample Error and Information Mes sages 27.3.2 Syslog Logging The ZyAIR uses the syslog facility to log the CDR (C all Detail Record) and system messages to a syslog server. Syslog can be co nfigured in Menu 24.3.2 – System Maintenance – UNIX Syslog [...]
-
Page 321
ZyAIR Wireless Gatew ay Series User’s Guide System Information and Diagnosis 27-7 Figure 27-10 Menu 24.3.2 Sy stem Maintenance : Syslog Logging You need to configure the UNIX syslog parameters described in the following table to activate syslog and then choose what you want t o log. Table 27-3 Menu 24.3.2 Sy stem Maintenance : Syslog Logging FIEL[...]
-
Page 322
ZyAIR Wireless Gatew ay Series User’s Guide 27-8 System Information and Diagnos is 27.4 Diagnostic The diagnostic facility allows you to test the different aspects of your ZyAIR to determine if it is working properly. Menu 24.4 allows you to ch oose among va rious types of diagnostic tests to eva luate your system, as shown in the following figur[...]
-
Page 323
ZyAIR Wireless Gatew ay Series User’s Guide Firmware and Configuration File Maintenance 28-1 Chapter 28 Firmware and Configuration File Maintenance This chapter tells you how to back up and restore your configurati on file as well as upload new firmware and a new configuration file. 28.1 Filename Conventions The configu ration file ( often call e[...]
-
Page 324
ZyAIR Wireless Gatew ay Series User’s Guide 28-2 Firmware and Configuration File Maintenanc e Table 28-1 Filename Conventions FILE TYPE INTERNAL NAME EXTERN AL NA M E DESCRIPTION Configuration File Rom-0 T his is the configuration filenam e on the ZyAIR. Uploading the rom-0 file replaces the entire ROM file sy stem, including yo ur ZyAIR configur[...]
-
Page 325
ZyAIR Wireless Gatew ay Series User’s Guide Firmware and Configuration File Maintenance 28-3 28.2.1 Backup Configuration Follow the instructions as shown in the next screen. Figure 28-1 Telnet in Menu 24.5 28.2.2 Using the FTP Command from the Command Line Step 1. Launch the FTP client on your computer. Step 2. Enter “open”, followed by a s p[...]
-
Page 326
ZyAIR Wireless Gatew ay Series User’s Guide 28-4 Firmware and Configuration File Maintenanc e 28.2.3 Example of FTP Commands from the Command Line Figure 28-2 FTP Session Example 28.2.4 GUI-based FTP Client s The followin g table describes some of the comma nds that you m ay see in GUI-based FTP clie nts. Table 28-2 General Commands for GUI-based[...]
-
Page 327
ZyAIR Wireless Gatew ay Series User’s Guide Firmware and Configuration File Maintenance 28-5 3. The IP addres s in the Secured Client IP fie ld in menu 24.11 d oes not m atch the client IP. If it does not match, the ZyAIR will disconnect the Telnet session immediately. 4. You have a n SMT console session r unning. 28.2.6 Backup Confi guration Usi[...]
-
Page 328
ZyAIR Wireless Gatew ay Series User’s Guide 28-6 Firmware and Configuration File Maintenanc e Table 28-3 General Commands for GUI-based TFTP Clients COMMAND DESCRIPTION Host Enter the IP address of the ZyAIR. 192. 168.1 .1 is the ZyAIR’s default IP address when shipped. Send/Fetch Use “Sen d” to upload the file to the ZyAIR and “Fetch” [...]
-
Page 329
ZyAIR Wireless Gatew ay Series User’s Guide Firmware and Configuration File Maintenance 28-7 Step 3. Run the HyperT erminal pro gram by clickin g Transfer , then Receive File as shown in the following screen. Figure 28-5 Backup Configuration Example Step 4. After a successful backup you will see the following scr een. Press any key to return to t[...]
-
Page 330
ZyAIR Wireless Gatew ay Series User’s Guide 28-8 Firmware and Configuration File Maintenanc e WA R N I N G ! DO NOT INTERUPT THE FILE TRAN SFER PROCESS AS THIS MA Y PERMANENTL Y DAMAGE YOUR ZY AIR. WHEN THE RESTORE CONFIGURA TION PROCESS IS COMPLETE, THE ZY AIR WILL AUTOMA TICALL Y REST ART . 28.3.1 Restore Using FTP For details about backup usin[...]
-
Page 331
ZyAIR Wireless Gatew ay Series User’s Guide Firmware and Configuration File Maintenance 28-9 28.3.2 Restore Using FTP Session Example Figure 28-8 Restore Usi ng FTP Session Example Refer to section 28 .2.5 to read about configurations that disallo w TFTP and FTP over WAN. 28.3.3 Restore Via Console Po rt (only for Zy AIR B-2000) Restore confi gur[...]
-
Page 332
ZyAIR Wireless Gatew ay Series User’s Guide 28-10 Firmware and Configuration File Maintena nce Figure 28-11 Restore Configuration Example Step 4. After a successful restoration you will see the fo llowing screen. Press any key to restart the ZyAIR and ret urn to the SMT me nu. Figure 28-12 Successful Restoration Confirmation Screen 28.4 Uploading[...]
-
Page 333
ZyAIR Wireless Gatew ay Series User’s Guide Firmware and Configuration File Maintenance 28-11 Figure 28-13 Telnet Into Menu 24.7.1 Upload Sy stem Firmware 28.4.2 Configuration File Upload You see the following screen when you telnet into menu 24.7 .2. Figure 28-14 Telnet Into Menu 24.7.2 Sy stem Maintenance To upload the firmware and the conf igu[...]
-
Page 334
ZyAIR Wireless Gatew ay Series User’s Guide 28-12 Firmware and Configuration File Maintena nce 28.4.3 FTP File Upload Command from the DOS Prompt Example Step 1. Launch the FTP client on your computer. Step 2. Enter “open”, followed by a s pace and th e IP address of y o ur ZyAIR. Step 3. Press [ENTER] when prompted for a userna me. Step 4. E[...]
-
Page 335
ZyAIR Wireless Gatew ay Series User’s Guide Firmware and Configuration File Maintenance 28-13 Step 1. Use telnet from your computer to connect to th e ZyAIR and lo g in. Because T FTP does not ha ve any security checks, the ZyAIR records the IP address of the telnet client and accepts TFTP requests only from this address. Step 2. Put the SMT in c[...]
-
Page 336
ZyAIR Wireless Gatew ay Series User’s Guide 28-14 Firmware and Configuration File Maintena nce 28.4.8 Uploading Firmware File Via C onsole Port (only for ZyAIR B-2000) Step 1. Select 1 from Menu 24.7 – S ystem Maintenance – Upload Firmware to d ispla y Menu 24.7.1 – System Mainten a nce – Upload System Fi rmware , then follow the instruct[...]
-
Page 337
ZyAIR Wireless Gatew ay Series User’s Guide Firmware and Configuration File Maintenance 28-15 28.4.10Uploading Configur ation File V ia Console Port (only for Zy AIR B- 2000) Step 1. Select 2 from Menu 24.7 – S ystem Maintenance – Upload Firmware to d ispla y Menu 24.7.2 – System Maintenance – Up load System Configuration File . Follow th[...]
-
Page 338
ZyAIR Wireless Gatew ay Series User’s Guide 28-16 Firmware and Configuration File Maintena nce Figure 28-19 Example Xmodem Upload After the co nfiguration upload process has c ompleted, rest art the ZyAIR by enterin g “atgo”. Type the configuration file’s location, or click Browse to search for it. Choose the Xmodem protocol. Then click Sen[...]
-
Page 339
ZyAIR Wireless Gatew ay Series User’s Guide System Maintenance and SMT Menu 2 4 .8 to 24.10 29-1 Chapter 29 System Maintenance and SMT Menu 24.8 to 24.10 This chapter leads yo u through SMT menus 24.8 to 24.10. 29.1 Command Interpreter Mode The Command I nterpreter (CI) is a part o f the main system firmware. The CI provi des much of the same fun[...]
-
Page 340
ZyAIR Wireless Gatew ay Series User’s Guide 29-2 System Maintenance and SMT Menu 24.8 to 24.10 29.2 Call Control Support The ZyAIR pr ovides two cal l control funct ions: bu dget managem ent and call history. Pl ease note that thi s menu is only applicab le when Encapsulation is set to PPPoE or PPTP in me nu 4 or m enu 11.1. The budget management[...]
-
Page 341
ZyAIR Wireless Gatew ay Series User’s Guide System Maintenance and SMT Menu 2 4 .8 to 24.10 29-3 After each period, the total budget is reset. The default for the total budget is 0 minutes and the period is 0 hours, meaning no budget control. You can reset the accumulated connection time in this menu b y entering the index of a remote node. Enter[...]
-
Page 342
ZyAIR Wireless Gatew ay Series User’s Guide 29-4 System Maintenance and SMT Menu 24.8 to 24.10 Table 29-2 Menu 24.9.2 Call History FIELD DESCRIPTION Phone Number The PPPoE service nam es are shown here. Dir T his shows whether the call was incoming or outgo ing. Rate This is the transfer rate of the call. #call This is the number of calls made to[...]
-
Page 343
ZyAIR Wireless Gatew ay Series User’s Guide System Maintenance and SMT Menu 2 4 .8 to 24.10 29-5 Figure 29-6 Menu 24.10 Sy stem Maintenance : Time and Date Setting The following table describes the fields in this menu. Table 29-3 Menu 24.10 System Main tenance : Time and Date Setting FIELD DESCRIPTION Time Protocol Enter the time service protocol[...]
-
Page 344
ZyAIR Wireless Gatew ay Series User’s Guide 29-6 System Maintenance and SMT Menu 24.8 to 24.10 Table 29-3 Menu 24.10 System Main tenance : Time and Date Setting FIELD DESCRIPTION Current Date This field displays an updated date o nly when you re-enter this menu. New Date (yyyy-mm-dd) This field displays the last updated date from the time server.[...]
-
Page 345
ZyAIR Wireless Gatew ay Series User’s Guide Remote Management 30-1 Chapter 30 Remote Management This chapter cove rs remote management (SMT m enu 24.11). 30.1 T elnet You can configure y o ur ZyAIR for remote Telnet access as shown ne xt. Figure 30-1 Telnet Confi guration on a TCP/IP Network 30.2 FTP You can upl oad and d ownload Zy AIR firmware [...]
-
Page 346
ZyAIR Wireless Gatew ay Series User’s Guide 30-2 Remote Man agement 30.4.1 Remote Management Setup Remote manag ement setup is for managing Telnet, FTP an d Web services . You can cust omize the service port, access interface and t he secured client IP address to enhance sec urity and flexibility. You may manage your ZyAIR from a remote location [...]
-
Page 347
ZyAIR Wireless Gatew ay Series User’s Guide Remote Management 30-3 Table 30-1 Menu 24.11 Remote Man agement Control FIELD DESCRIPTION EX AMPLE Telnet Server FTP Server Web Server SNMP Service DNS Service Each of these read-only l abels denotes a serv er or service that you may use to remotely ma nage the Zy AIR. Port T his field shows the port nu[...]
-
Page 348
ZyAIR Wireless Gatew ay Series User’s Guide 30-4 Remote Man agement 30.5 Remote Management and NA T When NAT is enabled: Use the ZyAIR’s WAN IP address wh en confi guring from the WAN. Use the ZyAIR’s LAN IP address when configuring from the LAN. 30.6 System Timeout There is a system timeout of five minutes (300 seco nds) for Telnet/w[...]
-
Page 349
ZyAIR Wireless Gatew ay Series User’s Guide Call Scheduling 31-1 Chapter 31 Call Scheduling Call scheduling (applicable for PPPoE or PPTP encaps ulation only) allows you to dictate when a remote node should be call ed and for how long. 31.1 Introduction The call scheduling feature allows the ZyAIR to manage a remote node and dictate when a remote[...]
-
Page 350
ZyAIR Wireless Gatew ay Series User’s Guide 31-2 Call Scheduling T o delete a schedule set, enter the set number and press [SP ACE BAR] and then [ENTER] (or delete) in the Edit Name field. To setup a schedule set, select the schedule set you want to setup from men u 26 (1-12) and pr ess [ENTER] to see Menu 26.1 - Sch edule Set Setup as sho wn nex[...]
-
Page 351
ZyAIR Wireless Gatew ay Series User’s Guide Call Scheduling 31-3 Table 31-1 Menu 26.1 Schedule Set Setup FIELD DESCRIPTION EX AMPLE Once: Date If you selected Once in the How Often field above, then enter the date the set should activate here in year-month-date format. 2000-01-01 Weekday: Day If you selected Weekly in the How Often field above, t[...]
-
Page 352
ZyAIR Wireless Gatew ay Series User’s Guide 31-4 Call Scheduling Figure 31-3 Apply ing Schedule Set( s) to a Remote Node (PPTP) You can ap ply up to f our schedul e sets, separ ated by com mas, for one remote node. Chan ge the schedule set numbers to your pref erence(s). Menu 11.1 - Remote Node Profile Rem Node Name= ChangeMe Route= IP Active= Ye[...]
-
Page 353
Appendices XI Part XI: APPENDICES This part prov ides cont ains troubleshooting and additi onal background information on setting up your computer ’s IP address, wireless LA N, 802.1x, PPPoE, PPTP and IP subnetting. It also provides information on the command int erpreter interface, NetBIOS command s and logs.[...]
-
Page 354
[...]
-
Page 355
ZyAIR Wireless Gatew ay Series User’s Guide T r oubleshooting A-1 Appendix A Troubleshooting This appendix covers potential problems and possibl e remedies. After each problem description, some instructions are provided to help you to diagnose and to solve the problem. Problems S t arting Up the ZyAIR Chart A-1 Troubleshooti ng the Start-Up of Yo[...]
-
Page 356
ZyAIR Wireless Gatew ay Series User’s Guide Troubleshooting A-2 Problems with the Ethernet Interface Chart A-3 Troubleshooti ng the Ethernet Interfa ce PROBLEM CORRECTIVE ACTION I cannot access the ZyAIR from the Ethernet If all of the LA N LEDs on the front panel are o ff, check the Ethernet cable connection between your Z yAIR and the computer [...]
-
Page 357
ZyAIR Wireless Gatew ay Series User’s Guide T r oubleshooting A-3 Problems with Internet Access Chart A-5 Troubleshooti ng Internet Access PROBLEM CORRECTIVE ACTION Connect your cable/DSL mod em to the ZyAIR using the appropriate cable. Check with the manufacturer of your cable/D SL device about your cable requirement because for some devic es ma[...]
-
Page 358
ZyAIR Wireless Gatew ay Series User’s Guide Troubleshooting A-4 Problems with the WLAN Interface Chart A-7 Troubleshooti ng the WLAN Interface PROBLEM CORRECTIVE ACTION I cannot ping any computer on the WLAN. Make sure the wireless card is properl y inserted in the ZyAIR and the WLAN LED is on. Make sure the wireless adapter on the wireless stati[...]
-
Page 359
ZyAIR Wireless Gatew ay Series User’s Guide Brute-Force Password Guessing Protection B-1 Appendix B Brute-Force Password Guessing Protection The followin g describes t he commands for enablin g, disabl ing and configuring the brute -force passw ord guessing prote ction mechanism for the password. See the Com mand Interpreter a ppendix for informa[...]
-
Page 360
[...]
-
Page 361
ZyAIR Wireless Gatew ay Series User’s Guide Setting Up Y our Computer ’s IP Addres s C-1 Appendix C Setting up Your Computer’s IP Address All computers must have a 10M or 100M Ethe rnet adapter card and TCP/IP installed. Windows 95/ 98/Me/NT/ 2000/XP, Maci ntosh OS 7 and lat er operating system s and all versions of UNIX/LINU X include the so[...]
-
Page 362
ZyAIR Wireless Gatew ay Series User’s Guide Setting Up Your Computer’s IP Addre ss C-2 If yo u need th e adap ter: a. In the Network window, click Add . b. Select Ad a p te r and then click Ad d . c. Select the manufacturer and model of your net work adapter and then click OK . If you need TCP/IP: a. In the Network window, click Add . b. Select[...]
-
Page 363
ZyAIR Wireless Gatew ay Series User’s Guide Setting Up Y our Computer ’s IP Addres s C-3 1. Click the IP Address tab. -If your IP address is dynamic, select Obtain an IP address automatically . -If you have a static IP address, select Specify an IP address and type your informatio n into the IP Address and Subne t Mask fields. 2. Click the DNS [...]
-
Page 364
ZyAIR Wireless Gatew ay Series User’s Guide Setting Up Your Computer’s IP Addre ss C-4 3. Click the Gateway tab. -If you do not know your gateway’s IP address, remove previously installed gate ways. -If you have a gateway IP address, type it in the Ne w gat ewa y f iel d and click Add . 4. Click OK to save and close the TCP/IP Properties wind[...]
-
Page 365
ZyAIR Wireless Gatew ay Series User’s Guide Setting Up Y our Computer ’s IP Addres s C-5 1. For Windo ws XP, click start , Control Panel . In Windows 2000/NT, click Start , Settings , Control Panel . 2. For Windo ws XP, click Network Connections . For Windows 2000/NT, click Network and Dial-up Connections . 3. Right-click Local Area Connection [...]
-
Page 366
ZyAIR Wireless Gatew ay Series User’s Guide Setting Up Your Computer’s IP Addre ss C-6 4. Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and click Properties . 5. T he Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP). -If you have a dynamic IP address click Obtain an IP address automatically [...]
-
Page 367
ZyAIR Wireless Gatew ay Series User’s Guide Setting Up Y our Computer ’s IP Addres s C-7 6. -If you do not know your gate way's IP address, remove any previously installed gate ways in the IP Settin gs tab and click OK . Do one or more of the following if you want to configure additional IP addres ses: -In the IP Settings tab, in IP addres[...]
-
Page 368
ZyAIR Wireless Gatew ay Series User’s Guide Setting Up Your Computer’s IP Addre ss C-8 7. In the Internet Protocol TCP/IP Properties window (the Gene ral tab in W indows XP): -Click Obtain DNS server address automatically if you do not know your DNS server IP address(es). -If you know your DNS server IP address(es), click Use the follow ing DNS[...]
-
Page 369
ZyAIR Wireless Gatew ay Series User’s Guide Setting Up Y our Computer ’s IP Addres s C-9 1. Click the Apple menu, Control Pane l and double-click TCP/IP to open the TCP/IP Control Panel . 2. Select Ethernet built-in from the Connect v i a list. 3. For dynamically assigned settings, select Using DHCP Server from the Configure: list.[...]
-
Page 370
ZyAIR Wireless Gatew ay Series User’s Guide Setting Up Your Computer’s IP Addre ss C-10 4. For statically assigned settings, do the following: -From the Configure box, select Manually . -Type your IP address in the IP Address box. -Type your subnet mask in the Subnet mask box. -Type the IP address of your ZyAIR in the Router address box. 5. Clo[...]
-
Page 371
ZyAIR Wireless Gatew ay Series User’s Guide Setting Up Y our Computer ’s IP Addres s C-1 1 2. Click Network in the icon bar. - Select Automatic from the Location list. - Select Built-in Ethernet from the Show list. - Click the TCP/IP tab. 3. For dynamically assigned settings, select Using DHCP from the Configure list. 4. For statically assigned[...]
-
Page 372
[...]
-
Page 373
ZyAIR Wireless Gatew ay Series User’s Guide Wireless LAN and IEEE 802.1 1 D -1 Appendix D Wireless LAN and IEEE 802.11 A wireless LAN (WLA N) provides a flexi ble data co mmunications system that you can use to access various services (navi g ating the Internet, email, printer services, etc.) without t he use of a cabled connection. In effect a w[...]
-
Page 374
ZyAIR Wireless Gatew ay Series User’s Guide Wireless LAN and IEEE 802.11 D-2 unlicensed ISM (Industrial, Scientific and Medical) ba nd. The th ird method is infrared technology, using very high fre quencies, just below vi sible light i n the electrom agnetic spectrum to carry dat a. Ad-hoc Wireless LAN Configuration The simplest WL AN configurati[...]
-
Page 375
ZyAIR Wireless Gatew ay Series User’s Guide Wireless LAN and IEEE 802.1 1 D -3 The Extended Service Set (ESS) shown in the next figure consists of a series of overlapping BSSs (each containing an Access Point) connected together by means of a Distribution System (DS). Although the DS could be any type of net w ork, it i s almost inva riably an Et[...]
-
Page 376
[...]
-
Page 377
ZyAIR Wireless Gatew ay Series User’s Guide Wireless LAN with IEEE 802.1x E-1 Appendix E Wireless LAN With IEEE 802.1x As wireless networks becom e popular for both portable com puting an d corporate networks, sec urity is now a priority. Security Flaws with IEEE 802.1 1 Wireless networks based on the o riginal IEEE 802 .11 have a poor reputation[...]
-
Page 378
ZyAIR Wireless Gatew ay Series User’s Guide Wireless LAN with IEE E 802.1x E-2 RADIUS Server Authentication Seque nce The following figure depicts a ty pical wirele ss network wi th a re m ote RADIUS server for user authentication using EA POL (EAP Over LA N). Diagram E-1 Sequences for EAP MD5–Challenge Authentication Client computer access aut[...]
-
Page 379
ZyAIR Wireless Gatew ay Series User’s Guide Types of EAP Authentication F-1 Appendix F Types of EAP Authentication This appendix discu sses the four popular EAP authen tication types: EAP-MD5 , EAP-TLS , EAP-TTLS and PEAP . The type of auth entication you use depen ds on the RADIUS server or th e AP. Consult your network adm inistrator for mor e [...]
-
Page 380
ZyAIR Wireless Gatew ay Series User’s Guide F-2 Types of EAP Authentication hiding client identity. However, PEAP only su pports EAP methods, such as EAP-MD5 a nd EAP- MSCHAPv2, for client authenticatio n. For added sec urity, certifi cate-based authe ntications (EAP-TLS, EAP-TT LS and PEAP) use dynam ic keys for data enc ryption. They are ofte n[...]
-
Page 381
ZyAIR Wireless Gatew ay Series User’s Guide Antenna Selection and Positioning Recommendation G-1 Appendix G Antenna Selection and Positioning Recommendation An antenna couples RF signals onto air. A transmitter within a wireless device sends an RF signal to the antenna, which propag ates the signal through the air. The antenna also op erates in r[...]
-
Page 382
ZyAIR Wireless Gatew ay Series User’s Guide G-2 Antenna Selection and Positioning Recommendation • Directional antennas conce ntrate the RF signal in a beam , like a flashlight. The angle of the beam width determ ines the direction of the covera ge pattern; typically ranges from 20 degrees (less directional) t o 90 degrees (very directi onal). [...]
-
Page 383
ZyAIR Wireless Gatew ay Series User’s Guide PPPoE H-1 Appendix H PPPoE PPPoE in Action An ADSL m odem bridges a PPP session over Ether net (PPP ove r Ethernet , RFC 2516) from your PC to an ATM PVC (Pe rmanent Virt ual Circuit), which con nects to a DSL Access Concent rator where t he PPP session terminates (see the next figure). One PVC can supp[...]
-
Page 384
ZyAIR Wireless Gatew ay Series User’s Guide H-2 PPPoE How PPPoE Works The PPPoE driver m akes the Ethernet appear as a seri al link to the PC an d the PC runs PPP over it, while the modem bridge s the Ethernet frames to the Access Concentrator (AC ) . Between the AC and an ISP, the AC is acting as a L2TP (Layer 2 Tunneling Prot oc ol) L AC (L2TP [...]
-
Page 385
ZyAIR Wireless Gatew ay Series User’s Guide PPTP I-1 Appendix I PPTP What is PPTP? PPTP (Point -to-Point T u nneling Pr otocol) is a Microsoft proprietary protocol (RFC 2637 for PPTP is informational only) to tunnel PPP frames. How can we transport PPP frames from a PC to a broadband modem over Ethernet? A solution is to build PPTP into the ANT ([...]
-
Page 386
ZyAIR Wireless Gatew ay Series User’s Guide I-2 PPTP PPTP Protocol Overview PPTP is very si milar to L2TP, since L2T P is based on both PPTP a nd L2F (Cisco’s Layer 2 Forwardi ng). Conceptually, there are three parties in PPTP, name ly the PNS (PPTP Network Serve r), the PAC (PPTP Access Concentrator) and the PPTP user. The PNS is the box that [...]
-
Page 387
ZyAIR Wireless Gatew ay Series User’s Guide PPTP I-3 Diagram I-3 Example Message Exchange bet w een PC and an ANT PPP Data Connection The PPP frames are tunneled betwee n the PNS and PAC over GRE (General Ro uting Encapsulation, RFC 1701, 1702). The indiv idual calls within a tunnel are distingu ished using the Call ID field in the GRE header.[...]
-
Page 388
[...]
-
Page 389
ZyAIR Wireless Gatew ay Series User’s Guide IP Subnetting J-1 Appendix J IP Subnetting IP Addressing Routers “route” base d on the network num ber. The rout er that delivers the data packet to the correct destination hos t uses the host ID. IP Classes An IP address is made up of four octets (ei ght bits), written in dotted deci mal notation, [...]
-
Page 390
ZyAIR Wireless Gatew ay Series User’s Guide J-2 IP Subnetting A class “A” address (24 host bits) can have 2 24 –2 hosts (app roximately 16 m illion hosts). Since the first octet of a class “A” IP addre ss must c ontain a “0”, the first octet of a class “A” ad dress can have a value of 0 to 127. Similarly the first octet of a cla[...]
-
Page 391
ZyAIR Wireless Gatew ay Series User’s Guide IP Subnetting J-3 sequence of ones beginning from the left most bit of the mask, followed by a contin uous sequence of zeros, for a total number of 32 bits. Since the m ask is always a c ontinuous number of ones beginni ng from the left, follo wed by a c ontinuous number of zer os for the remainder of t[...]
-
Page 392
ZyAIR Wireless Gatew ay Series User’s Guide J-4 IP Subnetting Divide the network 19 2.168.1. 0 into two separate su bnets by co nverting one of the host ID bits of the IP address to a networ k number bit. The “borrow ed” host ID bit can be either “0” or “1” thus giving two subnets; 192.168.1.0 with mask 255 .255.255.128 and 19 2.168.1[...]
-
Page 393
ZyAIR Wireless Gatew ay Series User’s Guide IP Subnetting J-5 to an actual host for the first su bnet is 192.168.1.1 an d the highest is 192.168.1.126. Similarly th e host ID range for the second subnet is 19 2.168.1.129 to 192.1 68.1.254. Example: Four Subnet s The above exam ple illustrated using a 25-bit subnet mask to divide a class “C” a[...]
-
Page 394
ZyAIR Wireless Gatew ay Series User’s Guide J-6 IP Subnetting Broadcast Address: 192.168. 1.191 Hig hest Host ID: 192.168.1.190 Chart J-10 Subnet 4 NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192.168.1. 192 IP Address (Binary) 11000 000.10101000.0000 0001. 11 000 000 Subnet Mask (Binary) 11111111.11111111.1 1111111. 11 0 00000 Subnet Address: [...]
-
Page 395
ZyAIR Wireless Gatew ay Series User’s Guide IP Subnetting J-7 Chart J-12 Class C Subnet Planning NO. “BORROWED” HOST BITS SUBNET M ASK NO. SUBNETS NO. HOSTS PER SUBNET 1 255.255.255.128 (/25) 2 126 2 255.255.255.192 (/26) 4 62 3 255.255.255.224 (/27) 8 30 4 255.255.255.240 (/28) 16 14 5 255.255.255.248 (/29) 32 6 6 255.255.255.252 (/30) 64 2 [...]
-
Page 396
ZyAIR Wireless Gatew ay Series User’s Guide J-8 IP Subnetting Chart J-13 Class B Subnet Planning NO. “BORROWED” HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER SUBNET 10 255.255.255.192 (/26) 1024 62 11 255.255.255.224 (/27) 2048 30 12 255.255.255.240 (/28) 4096 14 13 255.255.255.248 (/29) 8192 6 14 255.255.255.252 (/30) 16384 2 15 255.255.25[...]
-
Page 397
ZyAIR Wireless Gatew ay Series User’s Guide Command Interpreter K-1 Appendix K Command Interpreter The following describes how to use the command interpreter. Enter 24 in the main menu to bring up the system m a intenance m enu. Enter 8 to go to Menu 24.8 - Comm and Interpreter Mode . See the included disk or zyxel.c o m for m ore detail ed infor[...]
-
Page 398
[...]
-
Page 399
ZyAIR Wireless Gatew ay Series User’s Guide NetBIOS Filter Commands L- 1 Appendix L NetBIOS Filter Commands The following describes the NetBIOS packet filter commands. See the Command Interpreter appendix for information on the comm and structure. Introduction NetBIOS (Network Basic Input/Output System) are TCP or UDP broadcast packets that enabl[...]
-
Page 400
ZyAIR Wireless Gatew ay Series User’s Guide L-2 NetBIOS Filter Com mands Chart L-1 NetBIOS Filter Def ault Settings NAME DESCRIPTION EXAMPLE WAN to LAN This field displays whether NetBIOS packets are block ed or forwarded from the WAN to the LAN. Forward IPSec Packets This field displays whether NetBIOS packets sent through a VPN connection are b[...]
-
Page 401
ZyAIR Wireless Gatew ay Series User’s Guide Boot Commands M-1 Appendix M Boot Commands The BootMod ule AT comm an ds execute from within the router’s boot up software, w hen debug m ode is selected before the m ain router firm ware (ZyNOS) is started. When yo u start up your Zy AIR, you are g iven a choice to go i n to debug m ode by pressing a[...]
-
Page 402
ZyAIR Wireless Gatew ay Series User’s Guide M-2 Bo ot Commands Diagram M-2 Boot Module Command s AT just answer OK ATHE print help ATBAx change baudrate. 1:38.4k, 2:19.2k, 3:9.6k 4:57.6k 5:115.2k ATENx,(y) set BootExtension Debug Flag (y=password) ATSE show the seed of password generator ATTI(h,m,s) change system time to hour:min:sec or show curr[...]
-
Page 403
ZyAIR Wireless Gatew ay Series User’s Guide Triangle Route N-1 Appendix N Triangle Route The Ideal Setup When the firewall is on, your ZyAIR acts as a secure gateway b etween your LAN and th e Internet. In an ideal network t opology, all i ncoming and outgoing network traf fic passes thro ugh the Zy AIR to prot ect your LAN against attacks. Diagr[...]
-
Page 404
ZyAIR Wireless Gatew ay Series User’s Guide N-2 Triangle Route Diagram N-2 “Triangle Route” Problem The “T riangle Route” Solutions This section presents you two solutions to the “triangle route” problem. IP Aliasing IP alias allows you to partition your network into logi cal sections over the same Ethernet interface. Your ZyAIR suppo[...]
-
Page 405
ZyAIR Wireless Gatew ay Series User’s Guide Triangle Route N-3 Diagram N-3 IP Alias Gateways on the W AN Side A second sol ution to the “triangle route” problem is to put all of y our network gateways on the WAN side as the following figure sh ows. This ensures t hat a ll incoming network traffic passes through you r ZyAIR to your LAN. Theref[...]
-
Page 406
[...]
-
Page 407
ZyAIR Wireless Gatew ay Series User’s Guide Log Descriptions O-1 Appendix O Log Descriptions Chart O-1 System Error Logs LOG MESSAGE DESCRIPTION %s exceeds the max. number of session per host! This attempt to create a NAT session exceeds the maximum number of NAT session table entries allowed to be crea ted per host. Chart O-2 System Mainte nance[...]
-
Page 408
ZyAIR Wireless Gatew ay Series User’s Guide O-2 Lo g Descriptions Chart O-2 System Mainte nance Logs LOG MESSAGE DESCRIPTION FTP Login Successfully Someone has logged on to the router via FT P. FTP Login Fail Someone has failed to log on to the router via FTP. NAT Session Table is Full! The maximum number of NAT session tab le entries has been ex[...]
-
Page 409
ZyAIR Wireless Gatew ay Series User’s Guide Log Descriptions O-3 Chart O-4 ICMP Notes TYPE CODE DESCRIPTION 0 A gateway may discard internet datagram s if it does not have the buffer space needed to queue the datagrams for output to the ne xt network on the route to the destination network. 5 Redirect 0 Redirect datagrams for the Network 1 Redire[...]
-
Page 410
ZyAIR Wireless Gatew ay Series User’s Guide O-4 Lo g Descriptions Chart O-5 Sys log LOG MESSAGE DESCRIPTION Mon dd hr:mm:ss hostname src="<srcIP:srcPort>" dst="<dstIP:dstPort>" msg="<msg>" note="<note>" This message is sent by the "RAS" when this syslog is generated. The me[...]
-
Page 411
ZyAIR Wireless Gatew ay Series User’s Guide Log Descriptions O-5 Displaying Logs Use the sys logs display command to show all of the logs in the ZyAIR’s log. Use the sys logs category display command to show the log settings for all of the log categories. Use the sys logs display [log category] comm and to show t he logs i n an indivi dual ZyAI[...]
-
Page 412
ZyAIR Wireless Gatew ay Series User’s Guide O-6 Lo g Descriptions 4|11/11/2002 15:10:10 |192.168.10.1:520 |192.168.10.255:520 |ACCESS BLOCK Firewall default policy: UDP(set:8) 5|11/11/2002 15:10:10 |172.21.4.67:137 |172.21.255.255:137 |ACCESS BLOCK[...]
-
Page 413
ZyAIR Wireless Gatew ay Series User’s Guide Power Adaptor Specifications P-1 Appendix P Power Adaptor Specifications NORTH AMERICAN PLUG STANDARDS AC Power Adaptor Model AD48 -120120 0DUY Input Power AC120Volts/60Hz/0.25A Output Power DC12Volts/1.2A Power Consumption 10 W Safety Standards UL, CUL (UL 1950, CSA C22. 2 No.234-M90) NORTH AMERICAN PL[...]
-
Page 414
ZyAIR Wireless Gatew ay Series User’s Guide P-2 Power Adaptor Specific ations JAPAN PLU G STANDA RDS AC Power Adaptor Model JOD-48-112 4 Input Power AC100Volts/ 50/60Hz/ 27VA Output Power DC12Volts/1.2A Power Consumption 10 W Safety Standards T-Mark (Japan Dentori) AUSTRALIA AND NEW ZEALAND PLUG STANDARDS AC Power Adaptor Model AD-1201200 DS or A[...]
-
Page 415
ZyAIR Wireless Gatew ay Series User’s Guide Index Q-1 Appendix Q Index 4 4-Port Switch .................................................. 1-2 A Address Assignment ........................... 3-11, 3-12 Ad-hoc Configuration .................................... D-2 Alternative Subnet Mask Notation .................. J-3 Antenna Directional.........[...]
-
Page 416
ZyAIR Wireless Gatew ay Series User’s Guide Q-2 Index DMZ Setup ..................................................... 8-1 DNS ................................................... 13-10, 19-3 Domain Nam e ....................... 3-3, 3-12, 9-6, 23- 8 DoS Basics ........................................................ 11-3 Types ....................[...]
-
Page 417
ZyAIR Wireless Gatew ay Series User’s Guide Index Q-3 Fragmentation Thre shold ................................ 6-4 Frequency-Hoppi ng Spread Spectrum ........... D-2 FTP....................... 4-2, 5-2 , 9-6, 13-1, 13 -4, 30-3 Restrictions ............................................... 30-3 FTP File Transfer ....................................[...]
-
Page 418
ZyAIR Wireless Gatew ay Series User’s Guide Q-4 Index Management Inform ati on Base (MIB).......... 13-7 Many to Many No Overloa d .................. See NAT Many to Many Overload ........................ See NAT Many to One .......................................... See NAT MD5 ................................................................ F-1[...]
-
Page 419
ZyAIR Wireless Gatew ay Series User’s Guide Index Q-5 Remote Node Profile................................. 21-2 Reports .......................................................... 15-6 Consideration ............................................ 15-7 Required fields .............................................. 17-5 Restore ........................[...]
-
Page 420
ZyAIR Wireless Gatew ay Series User’s Guide Q-6 Index And FTP Over WAN} .............................. 30-3 Restrictions ............................................... 30-3 TFTP and FTP over WAN Will Not Work When…..................................................... 28-4 TFTP and FTP Over WAN} ......................... 13-1 TFTP File Transfer[...]