Zyxel MAX-206M2 User Manual [ru]

MAX-206M2
WiMAX MIMO Indoor CPE (2.5 GHz)

User’s Guide

Firmware Version 1.0 Edition 1, 08/2008
DEFAULT LOGIN
www.zyxel.com

About This User's Guide

About This User's Guide
Intended Audience
This manual is intended for people who want to configure the ZyXEL WiMAX Modem using the web configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology.
Related Documentation
• Quick Start Guide The Quick Start Guide is designed to help you get up and running right away. It contains
information on setting up your network and configuring for Internet access.
• Web Configurator Online Help Embedded web help for descriptions of individual screens and supplementary
information.
• Command Reference Guide The Command Reference Guide explains how to use the Command-Line Interface (CLI)
and CLI commands to configure the WiMAX Modem.
" It is recommended you use the web configurator to configure the WiMAX
Modem.
• Support Disc Refer to the included CD for support documents.
• ZyXEL Web Site Please refer to www.zyxel.com
certifications.
User’s Guide Feedback
Help us help you. Send all User’s Guide-related comments, questions or suggestions for improvement to the following address, or use e-mail instead. Thank you!
The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan.
E-mail: techwriters@zyxel.com.tw
for additional support documentation and product
User’s Guide
3

Document Conventions

Document Conventions
Warnings and Notes
These are how warnings and notes are shown in this User’s Guide.
1 Warnings tell you about things that could harm you or your WiMAX Modem.
" Notes tell you other important information (for example, other things you may
need to configure or helpful tips) or recommendations.
Syntax Conventions
• The MAX-206M2 may be referred to as the “WiMAX Modem”, the “device”, the “system” or the “product” in this User’s Guide.
• Product labels, screen names, field labels and field choices are all in bold font.
• A key stroke is denoted by square brackets and uppercase text, for example, [ENTER] means the “enter” or “return” key on your keyboard.
• “Enter” means for you to type one or more characters and then press the [ENTER] key. “Select” or “choose” means for you to use one of the predefined choices.
• A right angle bracket ( > ) within a screen name denotes a mouse click. For example, TOOLS > Logs > Log Settings means you first click Tools in the navigation panel, then the Logs sub menu and finally the Log Settings tab to get to that screen.
• Units of measurement may denote the “metric” value or the “scientific” value. For example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000” or “1048576” and so on.
• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.
4
User’s Guide
Document Conventions
Icons Used in Figures
Figures in this User’s Guide may use the following generic icons. The W iMAX Modem icon is not an exact representation of your WiMAX Modem.\
Table 1 Common Icons
WiMAX Device WiMAX Access Point Computer
Notebook Server WiMAX Base Station
Telephone Switch Router
Internet Cloud Internet/WiMAX Cloud Wireless Signal
User’s Guide
5

Safety Warnings

Safety Warnings
1 For your safety, be sure to read and follow all warning notices and instructions.
• Do NOT use this product near water, for example, in a wet basement or near a swimming pool.
• Do NOT expose your device to dampness, dust or corrosive liquids.
• Do NOT store things on the device.
• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning.
• Connect ONLY suitable accessories to the device.
• Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks. ONLY qualified service personnel should service or disassemble this device. Please contact your vendor for further information.
• Make sure to connect the cables to the correct ports.
• Place connecting cables carefully so that no one will step on them or stumble over them.
• Always disconnect all cables from this device before servicing or disassembling.
• Use ONLY an appropriate power adaptor or cord for your device. Connect it to the right supply voltage (for example, 110V AC in North America or 230V AC in Europe).
• Do NOT remove the plug and connect it to a power outlet by itself; always attach the plug to the power adaptor first before connecting it to a power outlet.
• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or cord.
• Do NOT use the device if the power adaptor or cord is damaged as it might cause electrocution.
• If the power adaptor or cord is damaged, remove it from the device and the power source.
• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a new one.Do not use the device outside, and make sure all the connections are indoors. There is a remote risk of electric shock from lightning.
• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your device.Use only No. 26 AWG (American Wire Gauge) or larger telecommunication line cord.
• Antenna Warning! This device meets ETSI and FCC certification requirements when using the included antenna(s). Only use the included antenna(s).
• If you wall mount your device, make sure that no electrical lines, gas or water pipes will be damaged.
• Make sure that the cable system is grounded so as to provide some protection against voltage surges.
6
User’s Guide
Safety Warnings
Your product is marked with this symbol, which is known as the WEEE mark. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical
and electronic products should not be mixed with general waste. Used electrical and electronic equipment should be treated separately.
User’s Guide
7
Safety Warnings
8
User’s Guide

Contents Overview

Contents Overview
Introduction and Wizards ......................................................................................................29
Getting Started ...........................................................................................................................31
Introducing the Web Configurator .............................................................................................. 35
Internet Connection Wizard....................................................................................................... 41
VoIP Connection Wizard ............................................................................................................47
Basic Screens ........................................................................................................................51
The Setup Screens ....................................................................................................................53
Advanced Screens .................................................................................................................57
The LAN Configuration Screens ................................................................................................59
The WAN Configuration Screens ............................................................................................... 71
The VPN Transport Screens ......................................................................................................83
The NAT Configuration Screens ................................................................................................93
The System Configuration Screens ......................................................................................... 101
Voice Screens .......................................................................................................................109
The Service Configuration Screens ..........................................................................................111
The Phone Screens .................................................................................................................125
The Phone Book Screens ........................................................................................................ 133
Tools & Status Screens .......................................................................................................139
The Certificates Screens .........................................................................................................141
The Firewall Screens ...............................................................................................................159
Content Filter ......... ... ... .......................................................... .... ... ... ... ... .................................. 167
The Remote Management Screens ......................................................................................... 171
The Logs Screens ................................................................................................................... 181
The UPnP Screen .................................................................................................................... 195
The Status Screen ...................................................................................................................203
Troubleshooting and Specifications ..................................................................................215
Troubleshooting ..................................................... .................................................................. 217
Product Specifications ............................................................................................................. 223
Appendices and Index .........................................................................................................229
User’s Guide
9
Contents Overview
10
User’s Guide

Table of Contents

Table of Contents
About This User's Guide..........................................................................................................3
Document Conventions............................................................................................................4
Safety Warnings ........................................................................................................................6
Contents Overview ...................................................................................................................9
Table of Contents....................................................................................................................11
List of Figures.........................................................................................................................19
List of Tables...........................................................................................................................25
Part I: Introduction and Wizards........................................................... 29
Chapter 1
Getting Started........................................................................................................................31
1.1 About Your WiMAX Modem ................................................................................................. 31
1.1.1 WiMAX Internet Access ............................................................................................. 31
1.1.2 Make Calls via Internet Telephony Service Provider .................................................. 32
1.2 WiMAX Modem Hardware ................................................................................................... 33
1.2.1 LEDs ................................................................... ... .................................................... 33
1.3 Good Habits for Managing the WiMAX Modem ...................................................................34
Chapter 2
Introducing the Web Configurator ........................................................................................35
2.1 Overview ............. .......................................................... ... .... ... ... .......................................... 35
2.1.1 Accessing the Web Configurator ................................................................................ 35
2.1.2 The Reset Button .......................................................................................................38
2.2 The Main Screen ................................................................................................................. 38
Chapter 3
Internet Connection Wizard...................................................................................................41
3.1 Overview ............. .......................................................... ... .... ... ... .......................................... 41
User’s Guide
3.1.1 Welcome to the ZyXEL Setup Wizard ........................................................................ 41
3.1.2 System Information .......................................... ... ... .... ... ............................................. 42
3.1.3 Authentication Settings ....... ... ... ... .... ... ... ... .... .......................................................... ... 43
3.1.4 IP Address ........................... ... ... .......................................................... .... ... ... ... ..........45
11
Table of Contents
3.1.5 Setup Complete ............... ... ... ... ... .... ... ... ... .... .......................................................... ... 46
Chapter 4
VoIP Connection Wizard.........................................................................................................47
4.1 Overview ............. .......................................................... ... .... ... ... .......................................... 47
4.2 Welcome to the ZyXEL Setup Wizard .................................................................................47
4.2.1 First Voice Account Settings .................................. .... ................................................ 48
4.2.2 Setup Complete ............... ... ... ... ... .... ... ... ... .... .......................................................... ... 50
Part II: Basic Screens............................................................................ 51
Chapter 5
The Setup Screens..................................................................................................................53
5.1 Overview ............. .......................................................... ... .... ... ... .......................................... 53
5.1.1 What You Can Do in This Chapter ............................................................................. 53
5.1.2 What You Need to Know ........... ... .... ... ... .......................................................... ... .... ... 53
5.1.3 Before You Begin ...................................... .... ... ... ... .... ................................................ 54
5.2 Set IP Address .............. .......................................................... ... ... ... .... ................................ 54
5.3 Time Setting .................................................. ... ... .... ... ... ... .... ... ... .......................................... 55
5.3.1 Pre-Defined NTP Time Servers List ........................................... ... ... ... ....................... 56
5.3.2 Resetting the Time .............. ... ... ... .... .......................................................... ... ... ... .... ... 56
Part III: Advanced Screens.................................................................... 57
Chapter 6
The LAN Configuration Screens............................................................................................59
6.1 Overview ............. .......................................................... ... .... ... ... .......................................... 59
6.1.1 What You Can Do in This Chapter ............................................................................. 59
6.1.2 What You Need to Know ........... ... .... ... ... .......................................................... ... .... ... 59
6.2 DHCP Setup ....... ... ... .... ... ... ... .... ... .......................................................... ... ... .... ... ... .............60
6.3 Static DHCP ..................................... ... ... .... .......................................................... ... .............61
6.4 IP Alias .. ... ... .... ... ... .......................................................... .... ................................................ 62
6.5 IP Static Route ..................................................................................................................... 64
6.5.1 IP Static Route Setup .................................................................................................65
6.6 Other Settings ........ .......................................................... .... ... ............................................. 66
6.7 Technical Reference ........................................... .... ... ... ... .... ... ... ... ....................................... 67
6.7.1 IP Address and Subnet Mask .....................................................................................67
6.7.2 DHCP Setup ..................... ... ... ... ... .... ... ... ... .......................................................... .... ...67
6.7.3 LAN TCP/IP .................. .... ... ... .......................................................... ... .......................68
6.7.4 DNS Server Address .............................................. .... ... ............................................. 68
12
User’s Guide
Table of Contents
6.7.5 RIP Setup ............................................... ... .... ... ... ... .... ... ............................................. 68
6.7.6 Multicast .............. .......................................................... ... ... ....................................... 69
Chapter 7
The WAN Configuration Screens...........................................................................................71
7.1 Overview ............. .......................................................... ... .... ... ... .......................................... 71
7.1.1 What You Can Do in This Chapter ............................................................................. 71
7.1.2 What You Need to Know ........... ... .... ... ... .......................................................... ... .... ... 71
7.2 Internet Connection .............................................................................................................74
7.3 WiMAX Configuration ................................................................................................ ... ....... 76
7.3.1 Frequency Ranges ................................................. .... ... ... ... ... .... ... ... ... ....................... 77
7.3.2 Configuring Frequency Settings ................................................................................. 78
7.3.3 Using the WiMAX Frequency Screen ......................................................................... 79
7.4 Traffic Redirect .................................................................................... ... ... ... .... ...................80
7.5 Other Settings ........ .......................................................... .... ................................................ 81
Chapter 8
The VPN Transport Screens...................................................................................................83
8.1 Overview ............. .......................................................... ... .... ... ... .......................................... 83
8.1.1 What You Can Do in This Chapter ............................................................................. 84
8.1.2 What You Need to Know ........... ... .... ... ... .......................................................... ... .... ... 84
8.1.3 Before You Begin ...................................... .... ... ... ... .... ................................................ 85
8.2 General ......................................... ... ... ... .... .......................................................... ................85
8.3 Customer Interface .............................................................................................................. 86
8.3.1 Multi-Protocol Label Switching ...................................................................................86
8.3.2 Generic Routing Encapsulation .................................................................................. 87
8.3.3 Customer Interface Options ....................................................................................... 87
8.3.4 Customer Interface Setup .......................................................................................... 89
8.4 Ethernet Pseudowire .................................... ... ... .... ... ... ... .... ... ... ... ... .... ... ............................. 90
8.4.1 Ethernet Pseudowire Setup ............. .......................................................... ... ... ... .... ... 91
8.5 Statistics .......................... ... ... .... ... ... .......................................................... ... .......................92
Chapter 9
The NAT Configuration Screens............................................................................................93
9.1 Overview ............. .......................................................... ... .... ... ... .......................................... 93
9.1.1 What You Can Do in This Chapter ............................................................................. 93
9.2 General ......................................... ... ... ... ........................................................... ... ................93
9.3 Port Forwarding ........... ... ... .......................................................... ... .... ... ... ... .... ... ... ... .......... 94
9.3.1 Port Forwarding Options ............................................................................................ 95
9.3.2 Port Forwarding Rule Setup ....................................................................................... 96
9.4 Trigger Port ............ ... .... ... ... .......................................................... ... .... ... ... ..........................97
9.4.1 Trigger Port Forwarding Example .............................................................................. 98
9.5 ALG . ... ... .......................................................... ... ................................................................. 99
User’s Guide
13
Table of Contents
Chapter 10
The System Configuration Screens....................................................................................101
10.1 Overview .......................................................................................................................... 101
10.1.1 What You Can Do in This Chapter ......................................................................... 101
10.1.2 What You Need to Know ........................................................................................ 101
10.2 General ...........................................................................................................................102
10.3 Dynamic DNS .................................................................................................................. 103
10.4 Firmware .......................................................................................................................... 105
10.4.1 The Firmware Upload Process ...............................................................................106
10.5 Configuration ................................................................................................................... 106
10.5.1 The Restore Configuration Process .......................................................................107
10.6 Restart ............................................................................................................................. 108
10.6.1 The Restart Process .............................................................................................. 108
Part IV: Voice Screens ......................................................................... 109
Chapter 11
The Service Configuration Screens.................................................................................... 111
11.1 Overview ...........................................................................................................................1 11
11.1.1 What You Can Do in This Chapter ..........................................................................111
11.1.2 What You Need to Know .........................................................................................111
11.1.3 Before you Begin .....................................................................................................112
11.2 SIP Settings ......................................................................................................................113
11.2.1 Advanced SIP Settings ............................................................................................114
11.3 QoS ..................................................................................................................................120
11.4 Technical Reference ........................................................................................................121
11.4.1 SIP Call Progression ..............................................................................................121
11.4.2 SIP Client Server ....................................................................................................122
11.4.3 SIP User Agent .................................................................................. .... ... ..............122
11.4.4 SIP Proxy Server ....................................................................................................122
11.4.5 SIP Redirect Server ................................................................................................ 123
11.4.6 NAT and SIP ........................................................................................................... 123
11.4.7 DiffServ ................................................................................................................... 124
11.4.8 DSCP and Per-Hop Behavior ............................... .................................................. 124
Chapter 12
The Phone Screens...............................................................................................................125
14
12.1 Overview .......................................................................................................................... 125
12.1.1 What You Can Do in This Chapter ......................................................................... 125
12.1.2 What You Need to Know ........................................................................................ 125
12.2 Analog Phone .................................................................................................................. 126
User’s Guide
Table of Contents
12.2.1 Advanced Analog Phone Setup ............................................................................. 127
12.3 Common .......................................................................................................................... 128
12.4 Region ............................................................................................................................. 129
12.5 Technical Reference ........................................................................................................129
12.5.1 The Flash Key ........................................................................................................ 129
12.5.2 Europe Type Supplementary Phone Services .......................................................130
12.5.3 USA Type Supplementary Services ....................................................................... 131
Chapter 13
The Phone Book Screens.....................................................................................................133
13.1 Overview .......................................................................................................................... 133
13.1.1 What You Can Do in This Chapter ......................................................................... 133
13.1.2 What You Need to Know ........................................................................................ 133
13.2 Incoming Call Policy ........................................................................................................ 134
13.3 Speed Dial ....................................................................................................................... 136
Part V: Tools & Status Screens........................................................... 139
Chapter 14
The Certificates Screens......................................................................................................141
14.1 Overview .......................................................................................................................... 141
14.1.1 What You Can Do in This Chapter ......................................................................... 141
14.1.2 What You Need to Know ........................................................................................ 141
14.2 My Certificates .................................................................................................................142
14.2.1 My Certificates Create .................... ............. ............. ............ ............. .......... ........... 1 44
14.2.2 My Certificate Edit ................... ... .... ... ... ... .... .......................................................... . 1 47
14.2.3 My Certificate Import .............................................................................................. 149
14.3 Trusted CAs ..................................................................................................................... 150
14.3.1 Trusted CA Edit ...................................................................................................... 152
14.3.2 Trusted CA Import .................................................................................................. 154
14.4 Technical Reference ........................................................................................................155
14.4.1 Certificate Authorities .............................................................................................155
14.4.2 Verifying a Certificate ............................................................................................. 157
Chapter 15
The Firewall Screens............................................................................................................159
15.1 Overview .......................................................................................................................... 159
15.2 Firewall Setting ................................................................................................................ 160
User’s Guide
15.1.1 What You Can Do in This Chapter ......................................................................... 159
15.1.2 What You Need to Know ........................................................................................ 159
15.2.1 Firewall Rule Directions ......................................................................................... 160
15
Table of Contents
15.2.2 Triangle Route ........................................................................................................161
15.2.3 Firewall Setting Options ......................................................................................... 161
15.3 Service Setting ................................................................................................................ 163
15.4 Technical Reference ........................................................................................................164
15.4.1 Stateful Inspection Firewall. ................................................................................... 164
15.4.2 Guidelines For Enhancing Security With Your Firewall .......................................... 164
15.4.3 The “Triangle Route” Problem ........................................... ................................ ..... 165
Chapter 16
Content Filter.........................................................................................................................167
16.1 Overview .......................................................................................................................... 167
16.1.1 What You Can Do in This Chapter ......................................................................... 167
16.2 Filter ................................................................................................................................. 168
16.3 Schedule .......................................................................................................................... 170
Chapter 17
The Remote Management Screens .....................................................................................171
17.1 Overview .......................................................................................................................... 171
17.1.1 What You Can Do in This Chapter ......................................................................... 171
17.1.2 What You Need to Know ........................................................................................ 172
17.2 WWW .............................................................................................................................. 173
17.3 Telnet ...............................................................................................................................173
17.4 FTP ..................................................................................................................................174
17.5 SNMP .............................................................................................................................. 175
17.5.1 SNMP Traps ........................................................................................................... 176
17.5.2 SNMP Options ....................................................................................................... 176
17.6 DNS .................................................................................................................................177
17.7 Security ............................................................................................................................ 178
Chapter 18
The Logs Screens.................................................................................................................181
18.1 Overview .......................................................................................................................... 181
18.1.1 What You Can Do in This Chapter ......................................................................... 181
18.1.2 What You Need to Know ........................................................................................ 181
18.2 View Logs ........................................................................................................................183
18.3 Log Settings ..................................................................................................................... 185
18.4 Log Message Descriptions ..............................................................................................187
Chapter 19
The UPnP Screen..................................................................................................................195
19.1 Overview .......................................................................................................................... 195
19.1.1 What You Can Do in This Chapter ......................................................................... 195
19.1.2 What You Need to Know ........................................................................................ 195
16
User’s Guide
Table of Contents
19.2 UPnP ............................................................................................................................... 196
19.3 Technical Reference ........................................................................................................197
19.3.1 Installing UPnP in Windows XP .............................................................................197
19.3.2 Web Configurator Easy Access ............................................................................. 201
Chapter 20
The Status Screen.................................................................................................................203
20.1 Overview .......................................................................................................................... 203
20.2 Status Screen .................................................................................................................. 203
20.2.1 Packet Statistics .....................................................................................................207
20.2.2 WiMAX Site Information ......................................................................................... 208
20.2.3 DHCP Table ...........................................................................................................209
20.2.4 VoIP Statistics ........................................................................................................210
20.2.5 WiMAX Profile ........................................................................................................ 212
Part VI: Troubleshooting and Specifications .................................... 215
Chapter 21
Troubleshooting....................................................................................................................217
21.1 Power, Hardware Connections, and LEDs .... ... .... ... ... ... .... ... ........................................... 217
21.2 WiMAX Modem Access and Login ..................................................................................218
21.3 Internet Access ................................................................................................................219
21.4 Phone Calls and VoIP ......................................................................................................221
21.5 Reset the WiMAX Modem to Its Factory Defaults ........................................................... 222
21.5.1 Pop-up Windows, JavaScripts and Java Permissions ...........................................222
Chapter 22
Product Specifications.........................................................................................................223
Part VII: Appendices and Index.......................................................... 229
Appendix A WiMAX Security................................................................................................231
Appendix B Setting Up Your Computer’s IP Address...........................................................235
Appendix C Pop-up Windows, JavaScripts and Java Permissions......................................259
Appendix D IP Addresses and Subnetting ...........................................................................267
Appendix E Importing Certificates........................................................................................277
Appendix F SIP Passthrough ...............................................................................................301
User’s Guide
17
Table of Contents
Appendix G Common Services ............................................................................................303
Appendix H Legal Information..............................................................................................307
Appendix I Customer Support ..............................................................................................311
Index.......................................................................................................................................317
18
User’s Guide

List of Figures

List of Figures
Figure 1 Mobile Station and Base Station ............................................................................................... 31
Figure 2 WiMAX Modem’s VoIP Features - Peer-to-Peer Calls ............................................................. 32
Figure 3 WiMAX Modem’s VoIP Features - Calls via VoIP Service Provider ......................................... 32
Figure 4 The WiMAX Modem’s LEDs .....................................................................................................33
Figure 5 Password Screen .....................................................................................................................36
Figure 6 Change Password Screen ........................................................................................................ 36
Figure 7 Replace Certificate Screen ....................................................................................................... 37
Figure 8 Wizard or Advanced Screen .................................................................................................... 37
Figure 9 Main Screen ............................................................................................................................. 38
Figure 10 Select a Mode ........................................................................................................................ 41
Figure 11 Internet Connection Wizard > System Information .................................................................42
Figure 12 Internet Connection Wizard > Authentication Settings Screen ............................................... 43
Figure 13 Internet Connection Wizard > IP Address ..............................................................................45
Figure 14 Internet Connection Wizard > Complete ................................................................................46
Figure 15 Select a Mode ........................................................................................................................ 47
Figure 16 VoIP Connection > First Voice Account Settings ................................................. ................... 48
Figure 17 VoIP Connection > SIP Registration Test ............................................................................... 49
Figure 18 VoIP Connection > SIP Registration Fail ......................................................... ....................... 49
Figure 19 VoIP Connection > Finish ...................................................................................................... 50
Figure 20 SETUP > Set IP Address .......................................................................................................54
Figure 21 SETUP > Time Setting ........................................................................................................... 55
Figure 22 ADVANCED > LAN Configuration > DHCP Setup .................................................................60
Figure 23 ADVANCED > LAN Configuration > Static DHCP .................................................................. 61
Figure 24 ADVANCED > LAN Configuration> IP Alias .............................................. ............................. 62
Figure 25 Advanced> LAN Configuration > IP Static Route ................................................................... 64
Figure 26 Advanced> LAN Configuration > IP Static Route Setup ......................................................... 65
Figure 27 ADVANCED > LAN Configuration > Advanced ...................................................................... 66
Figure 28 WiMax: Mobile Station ............................................................................................................ 72
Figure 29 WiMAX: Multiple Mobile Stations ............................................... ... ... ... .... ... ... ..........................72
Figure 30 Using an AAA Server ............................................................................................................. 72
Figure 31 Traffic Redirect WAN Setup .................................................................................................... 73
Figure 32 Traffic Redirect LAN Setup ..................................................................................................... 73
Figure 33 ADVANCED > WAN Configuration > Internet Connection ..................................................... 74
Figure 34 ADVANCED > WAN Configuration >WiMAX Configuration ................................................ 76
Figure 35 Frequency Ranges ................................................................................................................. 77
Figure 36 Completing the WiMAX Frequency Screen ............................................................................ 79
Figure 37 ADVANCED > WAN Configuration > Traffic Redirect ............................................. ................ 80
Figure 38 ADVANCED > WAN Configuration > Advanced ................................................................81
User’s Guide
19
List of Figures
Figure 39 VPN Transport Example .........................................................................................................83
Figure 40 Identifying Users ..................................................................................................................... 84
Figure 41 ADVANCED > VPN Transport > General ............................................................................... 85
Figure 42 Pseudowire Mapping ..............................................................................................................86
Figure 43 VPLS Tunneling ......................................................................................................................87
Figure 44 ADVANCED > VPN Transport > Customer Interface ............................................................. 87
Figure 45 ADVANCED > VPN Transport > Customer Interface Setup .............................................. 89
Figure 46 Ethernet Pseudowire Settings Example ................................................................................90
Figure 47 Advance > VPN Transport > Ethernet Pseudowire ................................................................ 90
Figure 48 ADVANCED > VPN Transport > Ethernet Pseudowire Setup ..............................................91
Figure 49 ADVANCED > VPN Transport > Statistics .............................................................................. 92
Figure 50 ADVANCED > NAT Configuration > General ......................................................................... 93
Figure 51 Multiple Servers Behind NAT Example ..................................................................................95
Figure 52 ADVANCED > NAT Configuration > Port Forwarding ................... ............. .......... ............ ....... 95
Figure 53 ADVANCED > NAT Configuration > Port Forwarding > Rule Setup ....................................... 96
Figure 54 ADVANCED > NAT Configuration > Trigger Port ................................................................... 97
Figure 55 Trigger Port Forwarding Example ........................................................................................... 98
Figure 56 ADVANCED > NAT Configuration > ALG ...............................................................................99
Figure 57 ADVANCED > System Configuration > General .................................................................. 102
Figure 58 ADVANCED > System Configuration > Dynamic DNS .........................................................104
Figure 59 ADVANCED > System Configuration > Firmware ................................................................ 105
Figure 60 ADVANCED > System Configuration > Configuration ..................................................... ..... 106
Figure 61 ADVANCED > System Configuration > Restart ......................................................... ...... ..... 108
Figure 62 VOICE > Service Configuration > SIP Setting .......................................................................113
Figure 63 STUN .....................................................................................................................................115
Figure 64 VOICE > Service Configuration > SIP Settings > Advanced .................................................116
Figure 65 VOICE > Service Configuration > QoS ................................................................................120
Figure 66 SIP User Agent ............................. ... ... ... ... .... ... ... ..................................................................122
Figure 67 SIP Proxy Server ....................................................... ... ........................................................ 122
Figure 68 SIP Redirect Server ......................... ... ... ... .... ... ... ... .... ... ... ... .................................................. 123
Figure 69 DiffServ: Differentiated Service Field .................................................................................... 124
Figure 70 VOICE > Phone > Analog Phone .........................................................................................126
Figure 71 VOICE > Phone > Analog Phone > Advanced ....................... .............................................. 127
Figure 72 VOICE > Phone > Common ................................................................................................. 128
Figure 73 VOICE > Phone > Region ....................................................................................................129
Figure 74 VOICE > Phone Book > Incoming Call Policy ...................................................................... 134
Figure 75 VOICE > Phone Book > Speed Dial ..................................................................................... 136
Figure 76 TOOLS > Certificates > My Certificates ............................................................................142
Figure 77 TOOLS > Certificates > My Certificates > Create ........................ ... ... .... ... ... ... .... ... ... ... ... .... . 144
Figure 78 TOOLS > Certificates > My Certificates > Edit ............................ ... ... .................................. 147
Figure 79 TOOLS > Certificates > My Certificates > Import ................................................................. 149
Figure 80 TOOLS > Certificates > Trusted CAs ...................................................................................150
Figure 81 TOOLS > Certificates > Trusted CAs > Edit ...................................................................... 152
20
User’s Guide
List of Figures
Figure 82 TOOLS > Certificates > Trusted CAs > Import ..................................................................... 154
Figure 83 Remote Host Certificates .....................................................................................................157
Figure 84 Certificate Details ................................................................................................................157
Figure 85 Firewall Rule Directions ........................................................................................................160
Figure 86 Ideal Firewall Setup ..............................................................................................................161
Figure 87 TOOLS > Firewall > Firewall Setting ....................................................................................161
Figure 88 TOOLS > Firewall > Service Setting ....................................................................................163
Figure 89 “Triangle Route” Problem ..................................................................................................... 165
Figure 90 IP Alias ................................................................................................................................. 166
Figure 91 TOOLS > Content Filter > Filter ........................................................................................... 168
Figure 92 TOOLS > Content Filter > Schedule ....................................................................................170
Figure 93 TOOLS > Remote Management > WWW ............................................................................ 173
Figure 94 TOOLS > Remote Management > Telnet .............................................................................173
Figure 95 TOOLS > Remote Management > FTP ................................................................................174
Figure 96 SNMP Management Model ..................................................................................................175
Figure 97 TOOLS > Remote Management > SNMP ............................................................................ 176
Figure 98 TOOLS > Remote Management > DNS ............................................................................... 177
Figure 99 TOOLS > Remote Management > Security ......................................................................... 178
Figure 100 TOOLS > Logs > View Logs ............................................................................................... 183
Figure 101 TOOLS > Logs > Log Settings ........................................................................................... 185
Figure 102 TOOLS > UPnP .................................................................................................................. 196
Figure 103 Network Connections .........................................................................................................197
Figure 104 Windows Optional Networking Components Wizard ............................... ... ... .... .................197
Figure 105 Networking Services ........................................................................................................... 198
Figure 106 Network Connections .........................................................................................................198
Figure 107 Internet Connection Properties .......................................................................................... 199
Figure 108 Internet Connection Properties: Advanced Settings ...........................................................199
Figure 109 Internet Connection Properties: Advanced Settings: Add .................................................. 200
Figure 110 System Tray Icon ................................................................................................................ 200
Figure 111 Internet Connection Status ................................................ ....... ......... .......... .......... .............. 200
Figure 112 Network Connections .........................................................................................................201
Figure 113 Network Connections: My Network Places ......................................................................... 201
Figure 114 Network Connections: My Network Places: Properties: Example ...................................... 202
Figure 115 Status .................................................................................................................................. 203
Figure 116 Packet Statistics ................................................................................................................. 207
Figure 117 WiMAX Site Information ....................................................................................................208
Figure 118 DHCP Table ........................................................................................................................ 209
Figure 119 VoIP Statistics ..................................................................................................................... 210
Figure 120 WiMAX Profile ................................................................................................................... 212
Figure 121 Windows XP: Start Menu .................................................................................................... 236
Figure 122 Windows XP: Control Panel ...............................................................................................236
Figure 123 Windows XP: Control Panel > Network Connections > Properties ......................... ... ... .... . 237
Figure 124 Windows XP: Local Area Connection Properties ............................................................... 237
User’s Guide
21
List of Figures
Figure 125 Windows XP: Internet Protocol (TCP/IP) Properties ........................ .... ... ... ... .... ... ... ... ... .....238
Figure 126 Windows Vista: Start Menu ................................................................................................. 239
Figure 127 Windows Vista: Control Panel ............................................................................................ 239
Figure 128 Windows Vista: Network And Internet ................................................................................ 239
Figure 129 Windows Vista: Network and Sharing Center ..................................................................... 240
Figure 130 Windows Vista: Network and Sharing Center ..................................................................... 240
Figure 131 Windows Vista: Local Area Connection Properties ............................................................ 241
Figure 132 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties ................................... 242
Figure 133 Mac OS X 10.4: Apple Menu .............................................................................................. 243
Figure 134 Mac OS X 10.4: System Preferences ................................................................................. 243
Figure 135 Mac OS X 10.4: Network Preferences ............................................................................... 244
Figure 136 Mac OS X 10.4: Network Preferences > TCP/IP Tab. ........................................................244
Figure 137 Mac OS X 10.4: Network Preferences > Ethernet ................ ................................... ........... 245
Figure 138 Mac OS X 10.4: Network Utility .......................................................................................... 245
Figure 139 Mac OS X 10.5: Apple Menu .............................................................................................. 246
Figure 140 Mac OS X 10.5: Systems Preferences ............................................................................... 246
Figure 141 Mac OS X 10.5: Network Preferences > Ethernet ................ ................................... ........... 247
Figure 142 Mac OS X 10.5: Network Preferences > Ethernet ................ ................................... ........... 248
Figure 143 Mac OS X 10.5: Network Utility .......................................................................................... 248
Figure 144 Ubuntu 8: System > Administration Menu ..........................................................................249
Figure 145 Ubuntu 8: Network Settings > Connections ...................... .... .............................................. 249
Figure 146 Ubuntu 8: Administrator Account Authentication ................................................................ 250
Figure 147 Ubuntu 8: Network Settings > Connections ...................... .... .............................................. 250
Figure 148 Ubuntu 8: Network Settings > Properties ........................................................................... 251
Figure 149 Ubuntu 8: Network Settings > DNS ...................................................................................251
Figure 150 Ubuntu 8: Network Tools .................................................................................................... 252
Figure 151 openSUSE 10.3: K Menu > Computer Menu .....................................................................253
Figure 152 openSUSE 10.3: K Menu > Computer Menu .....................................................................253
Figure 153 openSUSE 10.3: YaST Control Center .............................................................................. 254
Figure 154 openSUSE 10.3: Network Settings ....................................................................................254
Figure 155 openSUSE 10.3: Network Card Setup ............................................................................... 255
Figure 156 openSUSE 10.3: Network Settings ....................................................................................256
Figure 157 openSUSE 10.3: KNetwork Manager ................................................................................. 257
Figure 158 openSUSE: Connection Status - KNetwork Manager ........................................................257
Figure 159 Pop-up Blocker ...................................................................................................................259
Figure 160 Internet Options: Privacy .................................................................................................... 260
Figure 161 Internet Options: Privacy .................................................................................................... 261
Figure 162 Pop-up Blocker Settings .....................................................................................................261
Figure 163 Internet Options: Security ................................................................................................... 262
Figure 164 Security Settings - Java Scripting ....................................................................................... 263
Figure 165 Security Settings - Java ...................................................................................................... 263
Figure 166 Java (Sun) .......................................................................................................................... 264
Figure 167 Mozilla Firefox: TOOLS > Options .............................. ........................................................ 265
22
User’s Guide
List of Figures
Figure 168 Mozilla Firefox Content Security .........................................................................................265
Figure 169 Network Number and Host ID ............................................................................................ 268
Figure 170 Subnetting Example: Before Subnetting ....................................... ... .... ... ... ... .....................270
Figure 171 Subnetting Example: After Subnetting ....................................... ... ... .... ... ... ... .....................271
Figure 172 Conflicting Computer IP Addresses Example .................................................................... 275
Figure 173 Conflicting Computer IP Addresses Example .................................................................... 276
Figure 174 Conflicting Computer and Router IP Addresses Example .................................................. 276
Figure 175 Internet Explorer 7: Certification Error ................................................................................ 278
Figure 176 Internet Explorer 7: Certification Error ................................................................................ 278
Figure 177 Internet Explorer 7: Certificate Error ........................ ................ ................ ................ ........... 278
Figure 178 Internet Explorer 7: Certificate ............................................................................................ 279
Figure 179 Internet Explorer 7: Certificate Import Wizard .................................................................... 279
Figure 180 Internet Explorer 7: Certificate Import Wizard .................................................................... 280
Figure 181 Internet Explorer 7: Certificate Import Wizard .................................................................... 280
Figure 182 Internet Explorer 7: Select Certificate Store ......................................................... ... ...........280
Figure 183 Internet Explorer 7: Certificate Import Wizard .................................................................... 281
Figure 184 Internet Explorer 7: Security Warning ............................................ .......... ...... .......... ........... 281
Figure 185 Internet Explorer 7: Certificate Import Wizard .................................................................... 282
Figure 186 Internet Explorer 7: Website Identification .................................. ............................. ........... 282
Figure 187 Internet Explorer 7: Public Key Certificate File ........................................ ... ... .... ... ..............283
Figure 188 Internet Explorer 7: Open File - Security Warning ... ... ... ... .... ... ... ........................................ 283
Figure 189 Internet Explorer 7: Tools Menu .........................................................................................284
Figure 190 Internet Explorer 7: Internet Options .................................................................................. 284
Figure 191 Internet Explorer 7: Certificates .......................................................................................... 285
Figure 192 Internet Explorer 7: Certificates .......................................................................................... 285
Figure 193 Internet Explorer 7: Root Certificate Store .......................................................................... 285
Figure 194 Firefox 2: Website Certified by an Unknown Authority .......................................................286
Figure 195 Firefox 2: Page Info ............................................................................................................ 286
Figure 196 Firefox 2: Tools Menu ......................................................................................................... 287
Figure 197 Firefox 2: Options ............................................................................................................... 287
Figure 198 Firefox 2: Certificate Manager ...........................................................................................288
Figure 199 Firefox 2: Select File ........................... ................ ................. ................ ..............................288
Figure 200 Firefox 2: Tools Menu ......................................................................................................... 289
Figure 201 Firefox 2: Options ............................................................................................................... 289
Figure 202 Firefox 2: Certificate Manager ...........................................................................................290
Figure 203 Firefox 2: Delete Web Site Certificates .............................................................................. 290
Figure 204 Opera 9: Certificate signer not found ................................................................................. 291
Figure 205 Opera 9: Security information ............................................................................................. 291
Figure 206 Opera 9: Tools Menu .......................................................................................................... 292
Figure 207 Opera 9: Preferences ......................................................................................................... 292
Figure 208 Opera 9: Certificate manager ............................................................................................293
Figure 209 Opera 9: Import certificate .................................................................................................293
Figure 210 Opera 9: Install authority certificate ........................ ........................................................... 294
User’s Guide
23
List of Figures
Figure 211 Opera 9: Install authority certificate ................................................................................... 294
Figure 212 Opera 9: Tools Menu .......................................................................................................... 295
Figure 213 Opera 9: Preferences ......................................................................................................... 295
Figure 214 Opera 9: Certificate manager ............................................................................................296
Figure 215 Konqueror 3.5: Server Authentication ................................................................................297
Figure 216 Konqueror 3.5: Server Authentication ................................................................................297
Figure 217 Konqueror 3.5: KDE SSL Information ................................................................................ 297
Figure 218 Konqueror 3.5: Public Key Certificate File ..................... ... .... ... ... ... ... .... ... ... ... .... ... ... ... ... .....298
Figure 219 Konqueror 3.5: Certificate Import Result ............................................................................298
Figure 220 Konqueror 3.5: Kleopatra ...................................................................................................298
Figure 221 Konqueror 3.5: Settings Menu ............................................................................................299
Figure 222 Konqueror 3.5: Configure ...................................................................................................299
24
User’s Guide

List of Tables

List of Tables
Table 1 Common Icons ............................................................................................................................ 5
Table 2 The WiMAX Modem .................................................................................................................. 33
Table 3 Main > Icons ............................................................................................................................. 39
Table 4 Main .......................................................................................................................................... 39
Table 5 Internet Connection Wizard > System Information ................................... ................................ 42
Table 6 Internet Connection Wizard > Authentication Settings Screen ................................................. 43
Table 7 Internet Connection Wizard > IP Address ....... ................................... ....................................... 45
Table 8 VoIP Connection > First Voice Account Settings ...................................................................... 48
Table 9 SETUP > Set IP Address .......................................................................................................... 54
Table 10 SETUP > DHCP Client ............................................................................................................ 55
Table 11 Pre-defined NTP Time Servers ............................................................................................... 56
Table 12 ADVANCED > LAN Configuration > DHCP Setup ..... ... ... ... .................................................... 60
Table 13 ADVANCED > LAN Configuration > Static DHCP ................................................................... 62
Table 14 ADVANCED > LAN Configuration> IP Alias ........................................................................... 62
Table 15 Advanced> LAN Configuration > IP Static Route .................................................................... 64
Table 16 Advanced> LAN Configuration > IP Static Route .................................................................... 64
Table 17 Management > Static Route > IP Static Route > Edit .............................................................65
Table 18 ADVANCED > LAN Configuration > Other Settings ................................................................66
Table 19 ADVANCED > WAN Configuration > Internet Connection > ISP Parameters for Internet Access
74
Table 20 Radio Frequency Conversion .................................................................................................76
Table 21 ADVANCED > WAN Configuration >WiMAX Configuration .................................................... 77
Table 22 DL Frequency Example Settings ............................................................................................ 78
Table 23 ADVANCED > WAN Configuration > Tr affic Redirect ............................................................. 80
Table 24 ADVANCED > WAN Configuration > Advanced ..................................................................... 82
Table 25 ADVANCED > VPN Transport > General ................................................................................ 85
Table 26 Advanced> VPN Transport > Customer Interface ................................................................... 88
Table 27 ADVANCED > VPN Transport > Customer Interface ..............................................................88
Table 28 ADVANCED > VPN Transport > Customer Interface Setup ................................................... 89
Table 29 Advanced> VPN Transport > Customer Interface ................................................................... 90
Table 30 ADVANCED > VPN Transport > Ethernet Pseudowire ................................. ... .... ... ... ... ... .......91
Table 31 ADVANCED > VPN Transport > Ethernet Pseudowire Setup .................................... ... ... .......91
Table 32 ADVANCED > VPN Transport > Statistics .............................................................................. 92
Table 33 ADVANCED > NAT Configuration > General .......................................................................... 94
Table 34 Advanced> VPN Transport > Customer Interface ................................................................... 95
Table 35 ADVANCED > NAT Configuration > Port Forwarding ............................................................. 95
Table 36 ADVANCED > NAT Configuration > Port Forwarding > Rule Setup ....................................... 96
Table 37 ADVANCED > NAT Configuration > Trigger Port .................................................................... 98
User’s Guide
25
List of Tables
Table 38 ADVANCED > NAT Configuration > ALG ................................................................................ 99
Table 39 ADVANCED > System Configuration > General ................................................................... 103
Table 40 ADVANCED > System Configuration > Dynamic DNS .........................................................104
Table 41 ADVANCED > System Configuration > Firmware .................................................................105
Table 42 ADVANCED > System Configuration > Configuration .......................................................... 107
Table 43 ADVANCED > System Configuration > Firmware .................................................................108
Table 44 VOICE > Service Configuration > SIP Setting .......................................................................113
Table 45 VOICE > Service Configuration > SIP Settings > Advanced .................................................116
Table 46 Custom Tones Details ............................................ .... ... ... ... .... ... ... ... ... .... ... ... ... ......................119
Table 47 VOICE > Service Configuration > QoS ...................................................... ... ... .... ... ... ... ... .....120
Table 48 SIP Call Progression ........................................ ... .................................................................. 121
Table 49 VOICE > Phone > Analog Phone .......................................................................................... 126
Table 50 VOICE > Phone > Analog Phone > Advanced ......................................................................127
Table 51 VOICE > Phone > Common ....................................................................... ... ... .... ... ... ... ... ..... 128
Table 52 VOICE > Phone > Region ..................................................................................................... 129
Table 53 European Type Flash Key Commands ................................................................................. 130
Table 54 USA Type Flash Key Commands ......................................................................................... 131
Table 55 VOICE > Phone Book > Incoming Call Policy ....................................................................... 134
Table 56 Advanced> LAN Configuration > IP Static Route .................................................................. 136
Table 57 VOICE > Phone Book > Speed Dial ......................................................................................136
Table 58 TOOLS > Certificates > My Certificates ................................................................................142
Table 59 TOOLS > Certificates > My Certificates ................................................................................142
Table 60 TOOLS > Certificates > My Certificates > Create ................................................................. 144
Table 61 TOOLS > Certificates > My Certificates > Edit ...................................................................... 147
Table 62 TOOLS > Certificates > My Certificates > Import .................................................................. 149
Table 63 TOOLS > Certificates > Trusted CAs ....................................................................................150
Table 64 TOOLS > Certificates > Trusted CAs ....................................................................................150
Table 65 TOOLS > Certificates > Trusted CAs > Edit ..........................................................................152
Table 66 TOOLS > Certificates > Trusted CAs Import ......................................................................... 155
Table 67 TOOLS > Firewall > Firewall Setting ..................................................................................... 162
Table 68 TOOLS > Firewall > Service Setting .....................................................................................163
Table 69 TOOLS > Content Filter > Filter ............................................................................................169
Table 70 TOOLS > Content Filter > Schedule ..................................................................................... 170
Table 71 Remote Management ...........................................................................................................171
Table 72 TOOLS > Remote Management > WWW .............................................................................173
Table 73 TOOLS > Remote Management > Telnet ............................................................................. 174
Table 74 TOOLS > Remote Management > FTP ................................................................................174
Table 75 SNMP Traps .......................................................................................................................... 176
Table 76 TOOLS > Remote Management > SNMP ............................................................................. 177
Table 77 TOOLS > Remote Management > DNS ...............................................................................178
Table 78 TOOLS > Remote Management > Security .......................................................................... 178
Table 79 Syslog Logs .......................................................................................................................... 182
Table 80 RFC-2408 ISAKMP Payload Types ......................................................................................182
26
User’s Guide
List of Tables
Table 81 TOOLS > Logs > View Logs ................................................................................................. 183
Table 82 TOOLS > Logs > Log Settings .............................................................................................. 186
Table 83 System Error Logs ................................................................................................................ 187
Table 84 System Maintenance Logs .................................................................................................... 187
Table 85 Access Control Logs .............................................................................................................188
Table 86 TCP Reset Logs ....................................................................................................................188
Table 87 Packet Filter Logs ................................................................................................................. 189
Table 88 ICMP Logs ............................. ... .......................................................... .... ... ... ... .....................189
Table 89 PPP Logs .............................................................................................................................. 189
Table 90 UPnP Logs ............................................................................................................................ 190
Table 91 Content Filtering Logs ........................................................................................................... 190
Table 92 Attack Logs ............................ ... .... ... ... ... .......................................................... .....................190
Table 93 Remote Management Logs ................................................................................................... 192
Table 94 ICMP Notes .. ... .... ... ... ... .... ... ... ... .... .......................................................... ... ... ... .....................192
Table 95 SIP Logs ............................................................................................. .... ... ... ... .....................193
Table 96 RTP Logs ..............................................................................................................................193
Table 97 FSM Logs: Caller Side ............................................................... ... ........................................ 194
Table 98 FSM Logs: Callee Side ................................. ... ... ... .... ... ... ... .... ... ... ... ... .................................. 194
Table 99 Lifeline Logs .......................................................................................................................... 194
Table 100 TOOLS > UPnP ..................................................................................................................196
Table 101 Status .................................................................................................................................. 204
Table 102 Packet Statistics ..................................................................................................................208
Table 103 WiMAX Site Information ......................................................................................................209
Table 104 DHCP Table ........................................................................................................................ 209
Table 105 VoIP Statistics ..................................................................................................................... 210
Table 106 The WiMAX Profile Screen ................................................................................................. 212
Table 107 Environmental and Hardware Specifications ......................................................................223
Table 108 Radio Specifications ............................................................................................................223
Table 109 Firmware Specifications ......................................................................................................224
Table 110 Standards Supported .......................................................................................................... 225
Table 111 Voice Features ............................................. ... ... ... .... ... ........................................................ 227
Table 112 Star (*) and Pound (#) Code Support .................................................................................. 228
Table 113 IP Address Network Number and Host ID Example ............................................................268
Table 114 Subnet Masks ..................................................................................................................... 269
Table 115 Maximum Host Numbers .....................................................................................................269
Table 116 Alternative Subnet Mask Notation ....................................................................................... 270
Table 117 Subnet 1 .............................................................................................................................. 271
Table 118 Subnet 2 .............................................................................................................................. 272
Table 119 Subnet 3 .............................................................................................................................. 272
Table 120 Subnet 4 ..............................................................................................................................272
Table 121 Eight Subnets ...................................................................................................................... 273
Table 122 24-bit Network Number Subnet Planning ............................................................................273
Table 123 16-bit Network Number Subnet Planning ............................................................................273
User’s Guide
27
List of Tables
Table 124 Commonly Used Services .............................................................. ... .... ... ... ... .... ... ... ... ........ 303
28
User’s Guide
PART I
Introduction and
Wizards
Getting Started (31) Introducing the Web Configurator (35) Internet Connection Wizard (41) VoIP Connection Wizard (47)
29
30
CHAPTER 1

Getting Started

1.1 About Your WiMAX Modem

The WiMAX Modem has a built-in switch and two phone ports. It allows you to access the Internet by connecting to a WiMAX wireless network.
You can use a traditional analog telephone to make Internet calls using the WiMAX Modem’s Voice over IP (VoIP) communication capabilities.
You can configure firewall and content filtering as well as a host of other features. The web browser-based Graphical User Interface (GUI), also known as the web configurator,
provides easy management. See Chapter 22 on page 223 for a complete list of features for your model.
1.1.1 WiMAX Internet Access
Connect your computer or network to the WiMAX Modem for WiMAX Internet access. See the Quick Start Guide for instructions on hardware connection.
In a wireless metropolitan area network (MAN), the WiMAX Modem connects to a WiMAX base station (BS) for Internet access.
The following diagram shows a notebook computer equipped with the WiMAX Modem connecting to the Internet through a WiMAX base station (marked BS).
Figure 1 Mobile Station and Base St ation
When the firewall is on, all incoming traffic from the Internet to your network is blocked unless it is initiated from your network.
Use content filtering to block access to web sites with URLs containing keywords that you specify. You can define time periods and days during which content filtering is enabled and include or exclude particular computers on your network from content filtering. For example, you could block access to certain web sites for the kids.
User’s Guide
31
Chapter 1 Getting Started
1.1.2 Make Calls via Internet Telephony Service Provider
In a home or small office environment, you can use the WiMAX Modem to make and receive the following types of VoIP telephone calls:
• Peer-to-Peer calls - Use the WiMAX Modem to make a call directly to the recipient’s IP address without using a SIP proxy server.
Figure 2 WiMAX Modem’s VoIP Features - Peer-to-Peer Calls
• Calls via a VoIP service provider - The WiMAX Modem sends your call to a VoIP service provider’s SIP server which forwards your calls to either VoIP or PSTN phones.
Figure 3 WiMAX Modem’s VoIP Features - Calls via VoIP Service Provider
32
User’s Guide

1.2 WiMAX Modem Hardware

Follow the instructions in the Quick Start Guide to make hardware connections.
1.2.1 LEDs
The following figure shows the LEDs (lights) on the WiMAX Modem.
Figure 4 The WiMAX Modem’s LEDs
Chapter 1 Getting Started
WIMAX
LINK
STRENGTH
INDICATOR
VOICE
LEDS 1 & 2 1 & 2
LAN
LEDS
POWER
LED
The following table describes your WiMAX Modem’s LEDs (from right to left).
Table 2 The WiMAX Modem
LED STATE DESCRIPTION
Power Off The WiMAX Modem is not receiving power.
Red The WiMAX Modem is receiving power but has been
Green The WiMAX Modem is receiving power and functioning
LAN Off The LAN is not connected.
Green The WiMAX Modem has a successful Local Area Network
Voice Off No SIP account is registered, or the WiMAX Modem is not
Green A SIP account is registered. Green (Blinking) A SIP account is registered, and the phone attached to the
Yellow A SIP account is registered and has a voice message on
Yellow (Blinking) A SIP account is registered and has a voice message on
unable to start up correctly or is not receiving enough power. See the Tr oubleshooting section for more information.
correctly.
(Ethernet) connection and is active during modem activity.
receiving power.
LINE port is in use (off the hook).
the SIP server.
the SIP server, and the phone attached to the LINE port is in use (off the hook).
User’s Guide
33
Chapter 1 Getting Started
Table 2 The WiMAX Modem
LED STATE DESCRIPTION
WiMAN Link Off The WiMAX Modem is not connected to a wireless
Strength Indicator
(WiMAX) network.
Green The WiMAX Modem is successfully connected to a wireless
(WiMAX) network.
Green (Blinking Slowly)
Green (Blinking Quickly)
The Strength Indicator LEDs display the Received Signal Strength Indication (RSSI) of the wireless (WiMAX) connection.
No Signal LEDS There is no wireless connection. Signal 1 On The signal strength is less than or equal to -70 dBm Signal 2 On The signal strength is less than or equal to -50 dBm Signal 3 On The signal strength is less than or equal to -30 dBm
The WiMAX Modem is searching for a wireless (WiMAX) network.
The WiMAX Modem has found a wi reless (WiMAX) network and is connecting.

1.3 Good Habits for Managing the WiMAX Modem

Do the following things regularly to make the WiMAX Modem more secure and to manage the WiMAX Modem more effectively.
• Change the password. Use a password that’s not easy to guess and that consists of different types of characters, such as numbers and letters.
• Write down the password and put it in a safe place.
• Back up the configuration (and make sure you know how to restore it). Restoring an earlier working configuration may be useful if the WiMAX Modem becomes unstable or even crashes. If you forget your password, you will have to reset the WiMAX Modem to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the WiMAX Modem. You could simply restore your last configuration.
34
User’s Guide
CHAPTER 2
Introducing the Web
Configurator

2.1 Overview

The web configurator is an HTML-based management interface that allows easy device set up and management via any web browser that supports: HTML 4.0, CSS 2.0, and JavaScript 1.5, and higher . The recommended screen resolution for using the web co nfigurator is 1024 by 768 pixels and 16-bit color, or higher.
In order to use the web configurator you need to allow:
• Web browser pop-up windows from your device. Web pop-up blocking is enabled by default in many operating systems and web browsers.
• JavaScript (enabled by default in most web browsers).
• Java permissions (enabled by default in most web browsers).
See the Appendix C on page 259 for more information on configuring your web browser.
2.1.1 Accessing the Web Configurator
1 Make sure your WiMAX Modem hardware is properly connected (refer to the Quick
Start Guide for more information).
2 Launch your web browser. 3 Enter "192.168.100.1" as the URL.
User’s Guide
35
Chapter 2 Introducing the Web Configurator
4 A password screen displays. The default password (“1234”) displays in non-readable
characters. If you haven’t changed the password yet, you can just click Login. Click Cancel to revert to the default password in the password field. If you have changed the password, enter your password and click Login.
Figure 5 Password Screen
5 The following screen displays if you have not yet changed your password. It is highly
recommended you change the default password. Enter a new password, retype it to confirm and click Apply; alternatively click Ignore to proceed to the main menu if you do not want to change the password now.
Figure 6 Change Password Screen
36
User’s Guide
Chapter 2 Introducing the Web Configurator
6 Click Apply in the next screen to create a certificate using your W iMAX Modem’s MAC
address that will be specific to this device. This certificate is used for authentication when using a secure HTTPS connection over the Internet.
Figure 7 Replace Certificate Screen
7 A screen displays to let you choose whether to go to the wizard or the advanced screens.
• Click Go to Wizard setup if you are logging in for the first time or if you want to make basic changes. The wizard selection screen appears after you click Apply. See Chapter 3 on page 41 for more information.
• Click Go to Advanced setup if you want to configure features that are not available in the wizards. The main screen appears after you click Apply. See
Section 3 on page 38 for more information.
• Click Exit if you want to log out.
Figure 8 Wizard or Advanced Screen
" For security reasons, the WiMAX Modem automatically logs you out if you do
not use the web configurator for five minutes. If this happens, simply log in again.
User’s Guide
37
Chapter 2 Introducing the Web Configurator
2.1.2 The Reset Button
If you forget your password or cannot access the web configurator, you will need to use the Reset button to reload the factory-default configuration file. This means that you will lose all configurations that you had previously and the password will be reset to “1234”.
2.1.2.1 Using The Reset Button 1 Make sure the Power light is on (not blinking).
2 To set the device back to the factory default settings, press the Reset button for ten
seconds or until the Power light begins to blink and then release it. When the Power light begins to blink, the defaults have been restored and the device restarts.
3 Reconfigure the WiMAX Modem following the steps in your Quick Start Guide.

2.2 The Main Screen

When you first log into the web configurator and by-pass the wizard, the Main screen appears. Here you can view a concise summary of your WiMAX Modem connection status. This is also the default “home” page for the ZyXEL web configurator and it contains conveniently-placed shortcuts to all of the other screens.
" Some features in the web configurator may not be available depending on
your firmware version and/or configuration.
Figure 9 Main Screen
38
User’s Guide
Chapter 2 Introducing the Web Configurator
The following table describes the icons in this screen.
Table 3 Main > Icons
ICON
DESCRIPTION MAIN
Click to return to the Main screen.
SETUP
Click to go the Setup screen, where you can configure LAN, DHCP and WAN settings.
ADVANCED
Click to go to the Advanced screen, where you can configure features like Port Forwarding and Triggering, SNTP and so on.
VOICE
Click to go to the Voice screen, where you can configure your voice service and phone settings.
TOOLS
Click to go the Tools screen, where you can configure your firewall, QoS, and content filter, among other things.
STATUS
Click to go to the Status screen, where you can view status and statistical information for all connections and interfaces.
Strength Indicator
Displays a visual representation of the quality of your WiMAX connection.
Disconnected - Zero bars
Poor reception - One bar
Good reception - Two bars
Excellent reception - Three bars
The following table describes the labels in this screen.
Table 4 Main
LABEL DESCRIPTION
Help Click to open the web configurator’s online help. Wizard Click to run the Internet Connection and VoIP Connection Setup Wizard.
All of the settings that you can configure in this wizard are also available in these web configurator screens.
Logout Click to log out of the web configurator.
Note: This does not log you off the WiMAX network, it simply
logs you out of the WiMAX Modem’s browser-based configuration interface.
User’s Guide
39
Chapter 2 Introducing the Web Configurator
Table 4 Main (continued)
LABEL DESCRIPTION
WiMAX Connection Status
Software Version This field indicates the version number of the WiMAX Modem’s firmware.
Version Date This field indicates the exact date and time the current firmware was
System Uptime This field indicates how long the WiMAX Modem has been on. This resets
WiMAX Uptime This field indicates how long the WiMAX Modem has been connected to
Voice 1 This field indicates the number and receiver status of the first voice
This field indicates the current status of your WiMAX connection. Stat us messa ge s are as fo l low s:
Connected - Indicates that the WiMAX Modem is connected to the WiMAX network. Use the Strength Indicator icon to determine the quality of your network connection.
Disconnected - Indicates that the WiMAX Modem is not connected to the WiMAX network.
DL_SYN - Indicates a download synchronization is in progress. This means the firmware is checking with the server for any updates or settings alterations.
The version number takes the form of: Version(Build),release status (candidate) | Version Release Date.
For example: V3.60(BCC.0)c4 | 07/08/2008 indicates that the firmware is
3.60, build BCC.0, candidate4, released on July 08, 2008.
compiled.
every time you shut the device down or restart it.
the WiMAX network. This resets every time you disconnect from the WiMAX network, shut the device down, or restart it.
account.
40
User’s Guide
CHAPTER 3

Internet Connection Wizard

3.1 Overview

This chapter provides information on the ZyXEL Setup Wizard screens. The wizard guides you through several steps where you can configure your Internet and VoIP settings.
3.1.1 Welcome to the ZyXEL Setup Wizard
This is the welcome screen for the ZyXEL Setup Wizard. You can choose to either configure your Internet connection or your VoIP connection.
The Internet Connection Wizard screens are described in detail in the following sections.
Figure 10 Select a Mode
User’s Guide
41
Chapter 3 Internet Connection Wizard
3.1.2 System Information
This Internet Connection Wizard screen allows you to configure your WiMAX Modem’s system information. The settings here correspond to the ADVANCED > System Configuration > General screen (see Section 10.2 on page 102 for more).
Figure 11 Internet Connection Wizard > System Information
The following table describes the labels in this screen.
Table 5 Internet Connection Wizard > System Information
LABEL DESCRIPTION
System Name System Name is a unique name to identify the WiMAX Modem in an Ethernet network.
Enter a descriptive name. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes "-" and underscores "_" are accepted.
Domain Name Type the domain name (if you know it) here. If you leave this field blank, the ISP may
assign a domain name via DHCP. The domain name entered by you is given priority
over the ISP assigned domain name. Back Click to display the previous screen. Next Click to proceed to the next screen. Exit Click to close the wizard without saving.
42
User’s Guide
3.1.3 Authentication Settings
This Internet Connection Wizard screen allows you to configure your Internet access settings. The settings here correspond to the ADVANCED > WAN Configuration > Internet Connection screen (see Section 7.2 on page 74 for more).
Figure 12 Internet Connection Wizard > Authentication Settings Screen
Chapter 3 Internet Connection Wizard
The following table describes the labels in this screen.
Table 6 Internet Connection Wizard > Authentication Settings Screen
LABEL DESCRIPTION
Authentication
User Use this field to enter the username associated with your Internet
Password Use this field to enter the password associated with your Internet
Anonymous Identity Enter the anonymous identity provided by your Internet Service
PKM This field displays the Privacy Key Management version number.
access account. You can enter up to 61 printable ASCII characters.
access account. You can enter up to 47 printable ASCII characters.
Provider. Anonymous identity (also known as outer identity) is used with EAP-TTLS encryption. The anonymous identity is used to route your authentication request to the correct authentication server, and does not reveal your real user name. Your real user name and password are encrypted in the TLS tunnel, and only the anonymous identity can be seen.
Leave this field blank if your ISP did not give you an anonymous identity to use.
PKM provides security between the WiMAX Modem and the base station. At the time of writing, the WiMAX Modem supports PKMv2 only. See the WiMAX security appendix for more information.
User’s Guide
43
Chapter 3 Internet Connection Wizard
Table 6 Internet Connection Wizard > Authentication Settings Screen (continued)
LABEL DESCRIPTION
Authentication This field displays the user authentication method. Authentication is
TTLS Inner EAP This field displays th e type of secondary authentication method. Once
Auth Mode Select the authentication mode from the drop-down list box.
Certificate This is the security certificate the WiMAX Modem uses to
Back Click to display the previous screen. Next Click to proceed to the next screen. Exit Click to close the wizard without saving.
the process of confirming the identity of a mobile station (by means of a username and password, for example).
Check with your service provider if you are unsure of the correct setting for your account.
Choose from the following user authentication methods:
TTLS (Tunnelled Transport Layer Security)
TLS (Transport Layer Security)
Note: Not all WiMAX Modems support TLS
authentication. Check with your service provider for details.
a secure EAP-TTLS connection is established, the inner EAP is the protocol used to exchange security information between the mobile station, the base station and the AAA server to authenticate the mobile station. See the WiMAX security appendix for more details. The WiMAX Modem supports the following inner authentication types:
CHAP (Challenge Handshake Authentication Protocol)
MSCHAP (Microsoft CHAP)
MSCHAPV2 (Microsoft CHAP version 2)
PAP (Password Authentication Protocol)
This field is not available in all WiMAX Modems. Check with your service provider for details.
The WiMAX Modem supports the following authentication modes:
•User Only
Device Only with Cert
Certs and User Authentication
authenticate the AAA server. Use the TOOLS > Certificates >
Trusted CA screen to import certificates to the WiMAX Modem.
44
User’s Guide
3.1.4 IP Address
This Internet Connection Wizard screen allows you to configure your IP address. The settings here correspond to the SETUP > Set IP Address screen (see Section 5.2 on page 54).
A fixed IP address is a static IP that your ISP gives you. An automatic (dynamic) IP address is not fixed; the ISP assigns you a different one each time you connect to the Internet.
Figure 13 Internet Connection Wizard > IP Address
Chapter 3 Internet Connection Wizard
The following table describes the labels in this screen.
Table 7 Internet Connection Wizard > IP Address
LABEL DESCRIPTION
IP Address
My computer gets its IP address automatically from the network (Default)
Use Fixed IP Address A static IP address is a fixed IP that your ISP gives you. Back Click to display the previous screen. Next Exit
Select this if you have a dynamic IP address. A dynamic IP address is not fixed; the ISP assigns you a different one each time you connect to the Internet.
Click to proceed to the next screen. Click to close the wizard screen without saving.
User’s Guide
45
Chapter 3 Internet Connection Wizard
3.1.5 Setup Complete
Click Close to complete and save the Internet Connection Wizard settings.
Figure 14 Internet Connection Wizard > Complete
Launch your web browser and navigate to www.zyxel.com. If if everything was configured properly, the web page should display. You can now surf the Internet!
Refer to the rest of this guide for more detailed information on the complete range of WiMAX Modem features available in the more advanced web configurator.
" If you cannot access the Internet, open the web configurator again to confirm
that the Internet settings you configured in the wizard setup are correct.
46
User’s Guide
CHAPTER 4

VoIP Connection Wizard

4.1 Overview

This chapter shows you how to use the wizard to set up your voice account(s). The WiMAX Modem has Voice over IP (VoIP) communication capabilities that allow you to
use a traditional analog telephone to make Internet calls. You can configure the WiMAX Modem to use up to two SIP based VoIP accounts.

4.2 Welcome to the ZyXEL Setup Wizard

This is the welcome screen for the ZyXEL Setup Wizard. You can choose to either configure your Internet connection or your VoIP connection.
The VoIP Connection Wizard screens are described in detail in the following sections.
Figure 15 Select a Mode
User’s Guide
47
Chapter 4 VoIP Connection Wizard
4.2.1 First Voice Account Settings
This VoIP Connection Wizard screen allows you to configure your vo ice account. The settings here correspond to the VOICE > Service Configuration > SIP Setting screen (see Section
11.2 on page 113 for more information).
Figure 16 VoIP Connection > First Voice Account Settings
The following table describes the labels in this screen
Table 8 VoIP Connection > First Voice Account Settings
LABEL DESCRIPTION
SIP Number Enter your SIP number in this field (use the number or text that comes
SIP Server Address Type the IP address or domain name of the SIP server in this field. It
SIP Service Domain Enter the SIP service domain name in this field (the domain name that
User Name This is the user name for registering this SIP account with the SIP register
Password Type the password associated with the user name above. You can use up
Check here to set up SIP2 settings.
Back Click to return to the previous screen. Apply Click to complete the wizard setup and save your configuration. Exit Click to close the wizard without saving your settings.
before the @ symbol in a SIP account like 1234@VoIP-provider.com You can use up to 127 ASCII characters.
doesn’t matter whether the SIP server is a proxy, redirect or register server. You can use up to 95 ASCII characters.
comes af ter the @ sy mbol in a SIP account like 1234@VoIP-
provider.com). You can use up to 127 ASCII Extended set characters.
server. Type the user name exactly as it was given to you. You can use up to 95 ASCII characters.
to 95 ASCII Extended set characters. This screen configures SIP account 1. Select the check box if you have
a second SIP account that you want to use. You will need to configure the same fields for the second SIP account.
).
48
User’s Guide
Chapter 4 VoIP Connection Wizard
After you enter your voice account settings and click Next, the WiMAX Modem attempts to register your SIP account with the SIP server.
Figure 17 VoIP Connection > SIP Registration Test
This screen displays if SIP account registration fails. Check your WiMAX connection using the WiMAX Link and Strength Indicator LEDs on the front of the WiMAX Modem, then wait a few seconds and click Register Again. If your Internet connection was already working, you can click Back and try re-entering your SIP account settings.
Figure 18 VoIP Connection > SIP Registration Fail
User’s Guide
49
Chapter 4 VoIP Connection Wizard
4.2.2 Setup Complete
Click Close to complete and save the VoIP Connection settings or Run Setup Wizard Again to configure your Internet Connection settings.
Figure 19 VoIP Connection > Finish
This screen displays if your SIP account registration was successful.
50
User’s Guide
PART II

Basic Screens

The Main Screen (38) The Setup Screens (53)
51
52
CHAPTER 5

The Setup Screens

5.1 Overview

Use these screens to configure or view LAN, DHCP Client and WAN settings.
5.1.1 What You Can Do in This Chap ter
•The Set IP Address screen (Section 5.2 on page 54) lets you configure the WiMAX
Modem’s IP address and subnet mask.
•The Time Setting screen (Section 5.3 on page 55) let s you configu r e yo ur WiMAX
Modem’s time and date keeping settings.
5.1.2 What You Need to Know
The following terms and concepts may help as you read through this chapter.
LAN
A Local Area Network, or a shared communication system to which many computers are attached. A LAN, as its name implies, is limited to a local area such as a home or office environment. LANs have different topologies, the most common being the linear bus and the star configuration.
IP Address
IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts.
Subnet Mask
The subnet mask specifies the network number portion of an IP address. Your device will compute the subnet mask automatically based on the IP Address that you entered. You do not need to change the computer subnet mask unless you are instructed to do so.
Daytime
A network protocol used by devices for debugging and time measurement. A computer can use this protocol to set its internal clock but only if it knows in which order the year, month, and day are returned by the server. Not all servers use the same format.
User’s Guide
53
Chapter 5 The Setup Screens
Time
A network protocol for retrieving the current time from a server. The computer issuing the command compares the time on its clock to the information returned by the server, adjusts itself automatically for time zone differences, then calculates the difference and corrects itself if there has been any temporal drift.
NTP
NTP stands for Network Time Protocol. It is employed by devices connected to the Internet in order to obtain a precise time setting from an official time server. These time servers are accurate to within 200 microseconds.
5.1.3 Before You Begin
• Make sure that you have made all the appropriate hardware connections to the WiMAX Modem, as described in the Quick Start Guide.
• Make sure that you have logged in to the web configurator at least one time and changed your password from the default, as described in the Quick Start Guide.

5.2 Set IP Address

Click the SETUP icon in the navigation bar to set up the WiMAX Modem’s IP address and subnet mask. This screen displays this screen by default. If you are in any other sub-screen you can simply choose Set IP Address from the navigation menu on the left to open it again.
Figure 20 SETUP > Set IP Address
The following table describes the labels in this screen.
Table 9 SETUP > Set IP Address
LABEL DESCRIPTION
IP Address Enter the IP address of the WiMAX Modem on the LAN.
IP Subnet Mask Enter the subnet mask of the LAN. Apply Reset
Note: This field is the IP address you use to access the
WiMAX Modem on the LAN. If the web configurator is running on a computer on the LAN, you lose access to it as soon as you change this field and click Apply. You can access the web configurator again by typing the new IP address in the browser.
Click to save your changes. Click to restore your previously saved settings.
54
User’s Guide

5.3 Time Setting

Click SETUP > Time Setting to set the date, time, and time zone for the WiMAX Modem.
Figure 21 SETUP > Time Setting
Chapter 5 The Setup Screens
The following table describes the labels in this screen.
Table 10 SETUP > DHCP Client
LABEL DESCRIPTION
Current Time and Date Current Time Displays the current time according to the WiMAX Modem. Current Date Displays the current time according to the WiMAX Modem. Time and Date Setup Manual
New Time New Date
Get from Time Server Select this if you want to use a time server to update the current date and
Time Protocol Select the time service protocol that your time server uses.Check with
Time Server Address Enter the IP address or URL of your time server. Check with your ISP or
Select this if you want to specify the current date and time in the fields below.
Enter the new time in this field, and click Apply. Enter the new date in this field, and click Apply.
time in the WiMAX Modem.
your ISP or network administrator, or use trial-and-error to find a protocol that works.
Daytime (RFC 867) - This format is day/month/year/time zone. Time (RFC 868) - This format displays a 4-byte integer giving the total
number of seconds since 1970/1/1 at 0:0:0. NTP (RFC 1305) - This format is similar to Time (RFC 868).
network administrator if you are unsure of this information.
User’s Guide
55
Chapter 5 The Setup Screens
Table 10 SETUP > DHCP Client (continued)
LABEL DESCRIPTION
Time Zone Setup Time Zone Select the time zone at your location. Daylight Savings Select this if your location uses daylight savings time. Daylight savings is
a period from late spring to early fall when many places set their clocks ahead of normal local time by one hour to give more daytime light in the evening.
Start Date Enter which hour on which day of which week of which month daylight-
savings time starts.
End Date Enter which hour on the which day of which week of which month
Apply Reset Click to restore your previously saved settings.
daylight-savings time ends. Click to save your changes.
5.3.1 Pre-Defined NTP Time Servers List
The WiMAX Modem uses a pre-defined list of NTP time servers if you do not specify a time server or it cannot synchronize with the time server you specified. It can use this list regardless of the time protocol you select.
When the WiMAX Modem uses the list, it randomly selects one server and tries to synchronize with it. If the synchronization fails, then it goes through the rest of the list in order until either it is successful or all the pre-defined NTP time servers have been tried.
Table 11 Pre-defined NTP Time Servers
ntp1.cs.wisc.edu ntp1.gbg.netnod.se ntp2.cs.wisc.edu tock.usno.navy.mil ntp3.cs.wisc.edu ntp.cs.strath.ac.uk ntp1.sp.se time1.stupi.se tick.stdtime.gov.tw tock.stdtime.gov.tw time.stdtime.gov.tw
5.3.2 Resetting the Time
The WiMAX Modem automatically resets the time in the following circumstances:
• When the device starts up, such as when you press the Power button.
• When you click Apply in the SETUP > Time Setting screen.
• Once every 24-hours after starting up.
56
User’s Guide
PART III

Advanced Screens

The LAN Configuration Screens (59) The WAN Configuration Screens (71) The VPN Transport Screens (83) The NAT Configuration Screens (93) The System Configuration Screens (101)
57
58
CHAPTER 6

The LAN Configuration Screens

6.1 Overview

Use the ADVANCED > LAN Configuration screens to set up the WiMAX Modem on the LAN. You can configure its IP address and subnet mask, DHCP services, and other subnets. You can also control how the WiMAX Modem sends routing information using RIP.
A Local Area Network (LAN) is a shared communication system to which many computers are attached. A LAN is usually a computer network limited to the immediate area, such as the same building or floor of a building.
6.1.1 What You Can Do in This Chap ter
•The DHCP Setup screen (Section 6.2 on page 60) lets you enable, disable, and configure the DHCP server in the WiMAX Modem.
•The Static DHCP screen (Section 6.3 on page 61) lets you assign specific IP addresses to specific computers on the LAN.
•The IP Alias screen (Section 6.4 on page 62) lets you add subnets on the LAN port. You can also control what routing information is sent and received by each subnet.
•The IP Static Route screen (Section 6.5 on page 64) lets you examine the static routes configured in the WiMAX Modem.
•The Other Settings screen (Section 6.6 on page 66) lets you control the routing information that is sent and received by each subnet assign specific IP addresses to specific computers on the LAN.
6.1.2 What You Need to Know
The following terms and concepts may help as you read through this chapter.
IP Address
IP addresses identify individual devices on a network. Every networking device (including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts.
Subnet Masks
Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks.
User’s Guide
59
Chapter 6 The LAN Configuration Screens
DNS
DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a networking device before you can access it.
DHCP
A DHCP (Dynamic Host Configuration Protocol) server can assign your WiMAX Modem an IP address, subnet mask, DNS and other routing information when it’s turned on.

6.2 DHCP Setup

Click ADVANCED > LAN Configuration > DHCP Setup to enable, disable, and configure the DHCP server in the WiMAX Modem.
Figure 22 ADVANCED > LAN Configuration > DHCP Setup
The following table describes the labels in this screen.
Table 12 ADVANCED > LAN Configuration > DHCP Setup
LABEL DESCRIPTION
DHCP Setup Enable DHCP
Server
IP Pool Starting Address
Pool Size
DNS Server
Select this if you want the WiMAX Modem to be the DHCP server on the LAN. As a DHCP server, the WiMAX Modem assigns IP addresses to DHCP clients on the LAN and provides the subnet mask and DNS server information.
Enter the IP address from which the WiMAX Modem begi ns al l o cating IP addresses, if you have not specified an IP address for this computer in ADVANCED > LAN Configuration > Static DHCP.
Enter the number of IP addresses to allocate. This number must be at least one and is limited by a subnet mask of 255.255.255.0 (regardless of the subnet the WiMAX Modem is in). For example, if the IP Pool Start Address is 10.10.10.10, the WiMAX Modem can allocate up to 10.10.10.254, or 245 IP addresses.
60
User’s Guide
Table 12 ADVANCED > LAN Configuration > DHCP Setup (continued)
LABEL DESCRIPTION
First, Second and Third DNS Server
Apply Reset Click to restore your previously saved settings.

6.3 Static DHCP

Click ADVANCED > LAN Configuration > Static DHCP to assign specific IP addresses to specific computers on the LAN.
Chapter 6 The LAN Configuration Screens
Specify the IP addresses of a maximum of three DNS servers that the network can use. The WiMAX Modem provides these IP addresses to DHCP clients. You can specify these IP addresses two ways.
From ISP - provide the DNS servers provided by the ISP on the WAN port. User Defined - enter a static IP address. DNS Relay - this setting will relay DNS information from the DNS server obtained
by the WiMAX Modem. None - no DNS service will be provided by the WiMAX Modem.
Click to save your changes.
" This screen has no effect if the DHCP server is not enabled. You can enable it
in ADVANCED > LAN Configuration > DHCP Setup.
Figure 23 ADVANCED > LAN Configuration > Static DHCP
User’s Guide
61
Chapter 6 The LAN Configuration Screens
The following table describes the labels in this screen.
Table 13 ADVANCED > LAN Configuration > Static DHCP
LABEL DESCRIPTION
# The number of the item in this list. MAC Address
IP Address Apply Click to save your changes. Reset
Enter the MAC address of the computer to which you want the WiMAX Modem to assign the same IP address.
Enter the IP address you want the WiMAX Modem to assign to the computer.
Click to restore your previously saved settings.

6.4 IP Alias

Click ADVANCED > LAN Configuration > IP Alias to add subnets on the LAN port. You can also control what routing information is sent and received by each subnet.
Figure 24 ADVANCED > LAN Configuration> IP Alias
62
The following table describes the labels in this screen.
Table 14 ADVANCED > LAN Configuration> IP Alias
LABEL DESCRIPTION
IP Alias 1
IP Address IP Subnet
Mask
Select this to add the specified subnet to the LAN port. Enter the IP address of the WiMAX Modem on the subnet. Enter the subnet mask of the subnet.
User’s Guide
Chapter 6 The LAN Configuration Screens
Table 14 ADVANCED > LAN Configuration> IP Alias (continued)
LABEL DESCRIPTION
RIP Direction Use this field to control how much routing information the WiMAX Modem sends
and receives on the subnet.
None - The WiMAX Modem does not send or receive routing information on the subnet.
Both - The WiMAX Modem sends and receives routing information on the subnet.
In Only - The WiMAX Modem only receives routing information on the subnet.
Out Only - The WiMAX Modem only sends routing information on the subn et.
RIP Version
IP Alias 2
IP Address Enter the IP address of the WiMAX Modem on the subnet. IP Subnet
Mask RIP Direction
RIP Version
Apply Reset
Select which version of RIP the WiMAX Modem uses when it sends or receives information on the subnet.
RIP-1 - The WiMAX Modem uses RIPv1 to exchange routing information.
RIP-2B - The WiMAX Modem broadcasts RIPv2 to exchange routing information.
RIP-2M - The WiMAX Modem multicasts RIPv2 to exchange routing information.
Select this to add the specified subnet to the LAN port.
Enter the subnet mask of the subnet.
Use this field to control how much routing information the WiMAX Modem sends and receives on the subnet.
None - The WiMAX Modem does not send or receive routing information on the subnet.
Both - The WiMAX Modem sends and receives routing information on the subnet.
In Only - The WiMAX Modem only receives routing information on the subnet.
Out Only - The WiMAX Modem only sends routing information on the subn et.
Select which version of RIP the WiMAX Modem uses when it sends or receives information on the subnet.
RIP-1 - The WiMAX Modem uses RIPv1 to exchange routing information.
RIP-2B - The WiMAX Modem broadcasts RIPv2 to exchange routing information.
RIP-2M - The WiMAX Modem multicasts RIPv2 to exchange routing information.
Click to save your changes. Click to restore your previously saved settings.
User’s Guide
63
Chapter 6 The LAN Configuration Screens

6.5 IP Static Route

Click ADVANCED > LAN Configuration > IP Static Route to look at the static routes configured in the WiMAX Modem.
" The first static route is the default route and cannot be modified or deleted.
Figure 25 Advanced> LAN Configuration > IP Static Route
The following table describes the icons in this screen.
Table 15 Advanced> LAN Configuration > IP Static Route
ICON DESCRIPTION
Edit Click to edit this item.
Delete Click to delete this item.
The following table describes the labels in this screen.
Table 16 Advanced> LAN Configuration > IP Static Route
LABEL DESCRIPTION
# Name This field displays the name that describes the static route. Active Destination Gateway This field displays the IP address of the gateway to which the WiMAX Modem
Apply Reset
The number of the item in this list.
This field shows whether this static route is active (Yes) or not (No). This field displays the destination IP address(es) that this static route affects.
should send packets for the specified Destination. The gateway is a router or a switch on the same network segment as the device's LAN or WAN port. The gateway helps forward packets to their destinations.
Click to save your changes. Click to restore your previously saved settings.
64
User’s Guide
6.5.1 IP Static Route Setup
Click an Edit icon in ADVANCED > LAN Configuration > IP Static Route to edit a static route in the WiMAX Modem.
Figure 26 Advanced> LAN Configuration > IP Static Route Setup
Chapter 6 The LAN Configuration Screens
The following table describes the labels in this screen.
Table 17 Management > Static Route > IP Static Route > Edit
LABEL DESCRIPTION
Route Name Enter the name of the static route. Active
Private
Destination IP Address
IP Subnet Mask
Gateway IP Address
Metric
Apply Cancel
Select this if you want th e static route to be used. Clear this if you do not want the static route to be used.
Select this if you do not want the WiMAX Modem to tell other routers about this static route. For example, you might select this if the static route is in your LAN. Clear this if you want the WiMAX Modem to tell other routers about this static route.
Enter one of the destination IP addresses that this static route affects.
Enter the subnet mask that defines the range of destination IP addresses that this static route affects. If this static route affects only one IP address, enter
255.255.255.255.
Enter the IP address of the gateway to which the WiMAX Modem should send packets for the specified Destination. The gateway is a router or a switch on the same network segment as the device's LAN or WAN port. The gateway helps forward packets to their destinations.
Usually, you should keep the default value. This field is related to RIP. The metric represents the "cost of transmission". A router determines the best
route for transmission by choosing a path with the lowest "cost". The smaller the metric, the lower the "cost". RIP uses hop count as the measurement of cost, where 1 is for a directly-connected network. The metric must be 1-15; if you use a value higher than 15, the routers assume the link is down.
Click to save your changes. Click to return to the previous screen without saving your changes.
User’s Guide
65
Chapter 6 The LAN Configuration Screens

6.6 Other Settings

Click ADVANCED > LAN Configuration > Other Settings to set the RIP and Multicast options.
Figure 27 ADVANCED > LAN Configuration > Advanced
The following table describes the labels in this screen.
Table 18 ADVANCED > LAN Configuration > Other Settings
LABEL DESCRIPTION
RIP & Multicast Setup RIP Direction Use this field to control how much routing information the WiMAX Modem sends
RIP Version
Multicast
Apply Reset
and receives on the subnet.
None - The WiMAX Modem does not send or receive routing information on the subnet.
Both - The WiMAX Modem sends and receives routing information on the subnet.
In Only - The WiMAX Modem only receives routing information on the subnet.
Out Only - The WiMAX Modem only sends routing information on the subn et.
Select which version of RIP the WiMAX Modem uses when it sends or receives information on the subnet.
RIP-1 - The WiMAX Modem uses RIPv1 to exchange routing information.
RIP-2B - The WiMAX Modem broadcasts RIPv2 to exchange routing information.
RIP-2M - The WiMAX Modem multicasts RIPv2 to exchange routing information.
You do no t have to enable multicasting to use RIP-2M. (See RIP Ve rsion.) Select which version of IGMP the WiMAX Modem uses to support multicasting on
the LAN. Multicasting sends packets to some computers on the LAN and is an alternative to unicasting (sending packets to one computer) and broadcasting (sending packets to every computer).
None - The WiMAX Modem does not support multicasting.
IGMP-v1 - The WiMAX Modem supports IGMP version 1.
IGMP-v2 - The WiMAX Modem supports IGMP version 2.
Multicasting can improve overall network performance. However, it requires extra processing and generates more network traffic. In addition, other computers on the LAN have to support the same version of IGMP.
Click to save your changes. Click to restore your previously saved settings.
66
User’s Guide

6.7 Technical Reference

The following section contains additional technical information about the WiMAX Modem features described in this chapter.
6.7.1 IP Address and Subnet Mask
Similar to the way houses on a street share a common street name, computers on a LAN share one common network number.
Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established. If this is the case, it is recommended that you select a network number from
192.168.0.0 to 192.168.255.0 and you must enable the Network Address Translation (NAT) feature of the WiMAX Modem. The Internet Assigned Number Authority (IANA) reserved this block of addresses specifically for private use; please do not use any other number unless you are told otherwise. Let's say you select 192.168.1.0 as the network number; which covers 254 individual addresses, from 192.168.100.1 to 192.168.1.254 (zero and 255 are reserved). In other words, the first three numbers specify the network number while the last number identifies an individual computer on that network.
Chapter 6 The LAN Configuration Screens
Once you have decided on the network number, pick an IP address that is easy to remember, for instance, 192.168.100.1, for your WiMAX Modem, but make sure that no other device on your network is using that IP address.
The subnet mask specifies the network number portion of an IP address. Your WiMAX Modem will compute the subnet mask automatically based on the IP address that you entered. You don't need to change the subnet mask computed by the WiMAX Modem unless you are instructed to do otherwise.
6.7.2 DHCP Setup
DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server. You can configure the WiMAX Modem as a DHCP server or disable it. When configured as a server, the WiMAX Modem provides the TCP/IP configuration for the clients. If DHCP service is disabled, you must have another DHCP server on your LAN, or else each computer must be manually configured.
The WiMAX Modem is pre-configured with a pool of IP addresses for the DHCP clients (DHCP Pool). See the product specifications in the appendices. Do not assign static IP addresses from the DHCP pool to your LAN computers.
These parameters should work for the majority of installations. If your ISP gives you explicit DNS server address(es), see Section 6.3 on page 61.
User’s Guide
67
Chapter 6 The LAN Configuration Screens
6.7.3 LAN TCP/IP
The WiMAX Modem has built-in DHCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability.
The LAN parameters of the WiMAX Modem are preset in the factory with the following values:
• IP address of 192.168.100.1 with subnet mask of 255.255.255.0 (24 bits)
• DHCP server enabled with 32 client IP addresses starting from 192.168.1.33.
These parameters should work for the majority of installations. If your ISP gives you explicit DNS server address(es), see Section 6.3 on page 61.
6.7.4 DNS Server Address
DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a machine before you can access it. The DNS server addresses that you enter in the DHCP setup are passed to the client machines along with the assigned IP address and subnet mask.
There are two ways that an ISP disseminates the DNS server addresses. The first is for an ISP to tell a customer the DNS server addresses, usually in the form of an information sheet, when s/he signs up. If your ISP gives you the DNS server addresses, enter them in the DNS Server fields in DHCP Setup, otherwise, leave them blank.
Some ISPs choose to pass the DNS servers using the DNS server extensions of PPP IPCP (IP Control Protocol) after the connection is up. If your ISP did not give you explicit DNS servers, chances are the DNS servers are conveyed through IPCP negotiation. The WiMAX Modem supports the IPCP DNS server extensions through the DNS proxy feature.
If the Primary and Secondary DNS Server fields in the LAN Setup screen are not specified, for instance, left as 0.0.0.0, the W iMAX Modem tells the DHCP clients that it itself is the DNS server. When a computer sends a DNS query to the WiMAX Modem, the WiMAX Modem forwards the query to the real DNS server learned through IPCP and relays the response back to the computer.
Please note that DNS proxy works only when the ISP uses the IPCP DNS server extensions. It does not mean you can leave the DNS servers out of the DHCP setup under all circumstances. If your ISP gives you explicit DNS servers, make sure that you enter their IP addresses in the LAN Setup screen. This way, the W iMAX Modem can pass the DNS servers to the computers and the computers can query the DNS server directly without the WiMAX Modem’s intervention.
6.7.5 RIP Setup
68
RIP (Routing Information Protocol) allows a router to exchange routing information with other routers. The RIP Direction field controls the sending and receiving of RIP packets. When set to:
Both - the WiMAX Modem will broadcast its routing table periodically and incorporate
the RIP information that it receives.
User’s Guide
In Only - the WiMAX Modem will not send any RIP packets but will accept all RIP
packets received.
Out Only - the WiMAX Modem will send out RIP packets but will not accept any RIP
packets received.
None - the WiMAX Modem will not send any RIP packets and will ignore any RIP
packets received.
The Version field controls the format and the broadcasting method of the RIP packets that the WiMAX Modem sends (it recognizes both formats when receiving). RIP-1 is universally supported; but RIP-2 carries more information. RIP-1 is probably adequate for most networks, unless you have an unusual network topology.
Both RIP-2B and RIP-2M sends the routing data in RIP-2 format; the difference being that
RIP-2B uses subnet broadcasting while RIP-2M uses multicasting.
6.7.6 Multicast
Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everybody on the network). Multicast delivers IP packets to a group of hosts on the network - not everybody and not just 1.
Chapter 6 The LAN Configuration Screens
IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a Multicast group - it is not used to carry user data. IGMP version 2 (RFC
2236) is an improvement over version 1 (RFC 11 12) but IGMP versi on 1 is still in wide use. If you would like to read more detailed information about interoperability between IGMP version 2 and version 1, please see sections 4 and 5 of RFC 2236. The class D IP address is used to identify host groups and can be in the range 224.0.0.0 to 239 .255.255.255. The addr ess
224.0.0.0 is not assigned to any group and is used by IP multicast computers. The address
224.0.0.1 is used for query messages and is assigned to the permanent group of all IP hosts (including gateways). All hosts must join the 224.0.0.1 group in order to participate in IGMP. The address 224.0.0.2 is assigned to the multicast routers group.
The WiMAX Modem supports both IGMP version 1 (IGMP-v1) and IGMP version 2 (IGMP-v2). At start up, the WiMAX Modem queries all directly connected networks to gather group membership. After that, the WiMAX Modem periodically updates this information. IP multicasting can be enabled/disabled on the WiMAX Modem LAN and/or WAN interfaces in the web configurator (LAN; WAN). Select None to disable IP multicasting on these interfaces.
User’s Guide
69
Chapter 6 The LAN Configuration Screens
70
User’s Guide
CHAPTER 7

The WAN Configuration Screens

7.1 Overview

Use the ADVANCED > WAN Configuration screens to set up your W iMAX Modem’s Wide Area Network (WAN) or Internet features.
A Wide Area Network (or WAN) links geographically dispersed locations to other networks or the Internet. A WAN configuration can include switched and permanent telephone circuits, terrestrial radio systems and satellite systems.
7.1.1 What You Can Do in This Chap ter
•The Internet Connection screen (Section 7.2 on page 74) lets you set up your WiMAX
Modem’s Internet settings.
•The WiMAX Configuration screen (Section 7.3 on page 76) lets set up the frequencies
used by your WiMAX Modem.
•The T raffic Redir ect screen (Section 7.4 on page 80) lets ch ange your WiMAX Modem’s
traffic redirect settings.
•The Other Settings screen (Section 7.5 on page 81) lets configure your DNS server, RIP,
Multicast and Windows Networking settings.
7.1.2 What You Need to Know
The following terms and concepts may help as you read through this chapter.
WiMAX
WiMAX (Worldwide Interoperability for Microwave Access) is the IEEE 802.16 wireless networking standard, which provides high-bandwidth, wide-range wireless service across wireless Metropolitan Area Networks (MANs). ZyXEL is a member of the WiMAX Forum, the industry group dedicated to promoting and certifying interoperability of wireless broadband products.
In a wireless MAN, a wireless-equipped computer is known either as a mobile station (MS) or a subscriber station (SS). Mobile stations use the IEEE 802.16e standard and are able to maintain connectivity while switching their connection from one base station to another base station (handover) while subscriber stations use other standards that do not have this capability (IEEE 802.16-2004, for example). The following figure shows an MS-equipped notebook computer MS1 moving from base station BS1’s coverage area and connecting to BS2.
User’s Guide
71
Chapter 7 The WAN Configuration Screens
Figure 28 WiMax: Mobile Station
WiMAX technology uses radio signals (around 2 to 10 GHz) to connect subscriber stations and mobile stations to local base stations. Numerous subscriber stations and mobile stations connect to the network through a single base station (BS), as in the following figure.
Figure 29 WiMAX: Multiple Mobile Stations
A base station's coverage area can extend over many hundreds of meters, even under poor conditions. A base station provides network access to subscriber stations and mobile stations, and communicates with other base stations.
The radio frequency and bandwidth of the link between the WiMAX Modem and the base station are controlled by the base station. The WiMAX Modem follows the base station’s configuration.
Authentication
When authenticating a user, the base station uses a third-party RADIUS or Diameter server known as an AAA (Authentication, Authorization and Accounting) server to authenticate the mobile or subscriber stations.
The following figure shows a base station using an AAA server to authenticate mobile station MS, allowing it to access the Internet.
Figure 30 Using an AAA Server
72
User’s Guide
Chapter 7 The WAN Configuration Screens
In this figure, the dashed arrow shows the PKM (Privacy Key Management) secured connection between the mobile station and the base station, and the solid arrow shows the EAP secured connection between the mobile station, the base station and the AAA server. See the WiMAX security appendix for more details.
Traffic Redirect
Traffic redirect forwards WAN traffic to a backup gateway when the WiMAX Modem cannot connect to the Internet through its normal gateway. Connect the backup gateway on the WAN so that the WiMAX Modem still provides firewall protection for the LAN.
Figure 31 Traffic Redirect WAN Setup
IP alias allows you to avoid triangle route security issues when the backup gateway is connected to the LAN or DMZ. Use IP alias to configure the LAN into two or three logical networks with the WiMAX Modem itself as the gateway for each LAN network. Put the protected LAN in one subnet (Subnet 1 in the following figure) and the backup gateway in another subnet (Subnet 2). Configure a LAN to LAN/WiMAX Modem firewall rule that forwards packets from the protected LAN (Subnet 1) to the backup gateway (Subne t 2).
Figure 32 Traffic Redirect LAN Setup
User’s Guide
73
Chapter 7 The WAN Configuration Screens

7.2 Internet Connection

Click ADVANCED > WAN Configuration to set up your WiMAX Modem’s Internet settings.
" Not all WiMAX Modem models have all the fields shown here.
Figure 33 ADVANCED > WAN Configuration > Internet Connection
74
The following table describes the labels in this screen.
Table 19 ADVANCED > WAN Configuration > Internet Connection > ISP Parameters for
Internet Access
LABEL DESCRIPTION
ISP Parameters for Internet Access User Use this field to enter the username associated with your Internet access
account. You can enter up to 61 printable ASCII characters.
Password U se this field to enter the password associated with your Internet access
account. You can enter up to 47 printable ASCII characters.
User’s Guide
Chapter 7 The WAN Configuration Screens
Table 19 ADVANCED > WAN Configuration > Internet Connection > ISP Parameters for
Internet Access (continued)
LABEL DESCRIPTION
Anonymous Identity
PKM This field displays the Privacy Key Management version number. PKM
Authentication This field displays the user authentication method. Authentication is the
Enter the anonymous identity provided by your Internet Service Provider. Anonymous identity (also known as outer identity) is used with EAP-TTLS encryption. The anonymous identity is used to route your authentication request to the correct authentication server, and does not reveal your real user name. Your re al user name and password are encrypted in the TLS tunnel, and only the anonymous identity can be seen.
Leave this field blank if your ISP did not give you an anonymous identity to use.
provides security between the WiMAX Modem and the base station. At the time of writing, the WiMAX Modem supports PKMv2 only. See the WiMAX security appendix for more information.
process of confirming the identity of a mobile station (by means of a username and password, for example).
Check with your service provider if you are unsure of the correct setting for your account.
Choose from the following user authentication methods:
TTLS (Tunnelled Transport Layer Security)
TLS (Transport Layer Security)
Note: Not all WiMAX Modems support TLS authentication.
Check with your service provider for details.
TTLS Inner EAP This field displays the type of secondary authentication method. Once a
Auth Mode Select the authentication mode from the drop-down list box.
Certificate This is the security certificate the WiMAX Modem uses to authenticate the
WAN IP Address Assignment Get automatically
from ISP (Default)
Use Fixed IP Address
secure EAP-TTLS connection is established, the inner EAP is the protocol used to exchange security information between the mobile station, the base station and the AAA server to authenticate the mobile station. See the WiMAX security appendix for more details.
This field is available only when TTLS is selected in the Authentication field. The WiMAX Modem supports the following inner authentication types:
CHAP (Challenge Handshake Authentication Protocol)
MSCHAP (Microsoft CHAP)
MSCHAPV2 (Microsoft CHAP version 2)
PAP (Password Authentication Protocol)
This field is not available in all WiMAX Modems. Check with your service provider for details.
The WiMAX Modem supports the following authentication modes:
•User Only
Device Only with Cert
Certs and User Authentication
AAA server. Use the TOOLS > > Trusted CAs screen to import certificates to the WiMAX Modem.
Select this if you have a dynamic IP address. A dynamic IP address is not fixed; the ISP assigns you a different one each time you connect to the Internet.
A static IP address is a fixed IP that your ISP gives you. Type your ISP assigned IP address in the IP Address field below.
User’s Guide
75
Chapter 7 The WAN Configuration Screens
Table 19 ADVANCED > WAN Configuration > Internet Connection > ISP Parameters for
Internet Access (continued)
LABEL DESCRIPTION
IP Subnet Mask Enter a subnet mask in dotted decimal notation.
Refer to the appendices to calculate a subnet mask If you are implementing subnetting.
Gateway IP Address
Apply Click to save your changes. Reset Click to restore your previously saved settings.
Specify a gateway IP address (supplied by your ISP).

7.3 WiMAX Configuration

Click ADVANCED > WAN Configuration > WiMAX Configuration to set up the frequencies used by your WiMAX Modem.
In a WiMAX network, a mobile or subscriber station must use a radio frequency su pported by the base station to communicate. When the WiMAX Modem looks for a connection to a base station, it can search a range of frequencies.
Radio frequency is measured in Hertz (Hz).
Table 20 Radio Frequency Conversion
1 kHz = 1000 Hz 1 MHz = 1000 kHz (1000000 Hz)
1 GHz = 1000 MHz (1000000 kHz)
Figure 34 ADVANCED > WAN Configuration >WiMAX Configuration
76
User’s Guide
The following table describes the labels in this screen.
Table 21 ADVANCED > WAN Configuration >WiMAX Configuration
LABEL DESCRIPTION
DL Frequency / Bandwidth
These fields show the downlink frequency settings in kilohertz (kHz). Enter values in these fields to have the WiMAX Modem scan these frequencies for available channels in ascending numerical order.
Note: The Bandwidth field is not user-configurable; when the
Contact your service provider for details of supported frequencies. Apply Click to save your changes. Reset Click to restore your previously saved settings.
7.3.1 Frequency Ranges
The following figure shows the WiMAX Modem searching a range of frequencies to find a connection to a base station.
Chapter 7 The WAN Configuration Screens
WiMAX Modem finds a WiMAX connection, its frequency is displayed in this field.
Figure 35 Frequency Ranges
In this figure, A is the WiMAX frequency range. “WiMAX frequency range” refers to the entire range of frequencies the WiMAX Modem is capable of using to transmit and receive (see the Product Specifications appendix for details).
In the figure, B shows the operator frequency range. This is the range of frequencies within the WiMAX frequency range supported by your operator (service provider).
The operator range is subdivided into bandwidth steps. In the figure, each C is a bandwidth step.
The arrow D shows the WiMAX Modem searching for a connection. Have the WiMAX Modem search only certain frequencies by configuring the downlink
frequencies. Your operator can give you information on the supported frequencies. The downlink frequencies are points of the frequency range your WiMAX Modem searches
for an available connection. Use the Site Survey screen to set these bands. You can set the downlink frequencies anywhere within the WiMAX frequency range. In this example, the downlink frequencies have been set to search all of the operator range for a connection.
User’s Guide
77
Chapter 7 The WAN Configuration Screens
7.3.2 Configuring Frequency Settings
You need to set the WiMAX Modem to scan one or more specific radio frequencies to find an available connection to a WiMAX base station.
Use the WiMAX Frequency screen to define the radio frequencies to be searched for available wireless connections. See Section 7.3.3 on page 79 for an example of using the WiMAX Frequency screen.
" It may take several minutes for the WiMAX Modem to find a connection.
• The WiMAX Modem searches the DL Frequency settings in ascending numerical order, from [1] to [9].
" The Bandwidth field is not user-configurable; when the WiMAX Modem finds
a WiMAX connection, its frequency is displayed in this field.
• If you enter a 0 in a DL Frequency field, the WiMAX Modem immediately moves on to the next DL Frequency field.
• When the WiMAX Modem connects to a base station, the values in this screen are automatically set to the base station’s frequency. The next time the WiMAX Modem searches for a connection, it searches only this frequency. If you want the WiMAX Modem to search other frequencies, enter them in the DL Frequency fields.
The following table describes some examples of DL Frequency settings.
Table 22 DL Frequency Example Settings
EXAMPLE 1 EXAMPLE 2
Bandwidth: 2500000 2500000 DL Frequency [1]: 2550000 2550000 DL Frequency [2] 0 2600000 DL Frequency [3]: 00 DL Frequency [4]: 00
The WiMAX Modem searches at 2500000 kHz, and then searches at 2550000 kHz if it has not found a connection.
The WiMAX Modem searches at 2500000 kHz and then at 2550000 kHz if it has not found an available connection. If it still does not find an available connection, it searches at 2600000 kHz.
78
User’s Guide
7.3.3 Using the WiMAX Frequency Screen
In this example, your Internet service provider has given you a list of supported frequencies:
2.51, 2.525, 2.6, and 2.625.
1 In the DL Frequency [1] field, enter 2510000 (2510000 kilohertz (kHz) is equal to 2.51
gigahertz).
2 In the DL Frequency [2] field, enter 2525000. 3 In the DL Frequency [3] field, enter 2600000. 4 In the DL Frequency [4] field, enter 2625000.
Leave the rest of the DL Frequency fields at zero. The screen appears as follows.
Figure 36 Completing the WiMAX Frequency Screen
Chapter 7 The WAN Configuration Screens
5 Click Apply. The WiMAX Modem stores your settings.
When the WiMAX Modem searches for available frequencies, it scans all frequencies from DL Frequency [1] to DL Frequency [4]. When it finds an available connection, the fields in this screen will be automatically set to use that frequency.
User’s Guide
79
Chapter 7 The WAN Configuration Screens

7.4 Traffic Redirect

Click ADVANCED > WAN Configuration > Traffic Redirect to change your WiMAX Modem’s traffic redirect settings.
Figure 37 ADVANCED > WAN Configuration > Traffic Redirect
The following table describes the labels in this screen.
Table 23 ADVANCED > WAN Configuration > Traffic Redirect
LABEL DESCRIPTION
Active Select this check box to have the WiMAX Modem use traffic redirect if the normal
WAN connection goes down.
Note: If you activate traffic redirect, you must configure the Check
WAN IP Address field.
Backup Gateway IP Address
Check WAN IP Address
Type the IP address of your backup gateway in dotted decimal notation. The WiMAX Modem automatically forwards traffic to this IP address if the WiMAX Modem's Internet connection terminates.
Configure this field to test your WiMAX Modem's WAN accessibility. Type the IP address of a reliable nearby computer (for example, your ISP's DNS server address).
Note: If you activate either traffic redirect or dial backup, you must
configure an IP address here.
When using a WAN backup connection, the WiMAX Modem periodically pings the addresses configured here and uses the other WAN backup connection (if configured) if there is no response.
Fail Tolerance Type the number of times (2 recommended) that your WiMAX Modem may ping
the IP addresses configured in the Check WAN IP Address field without getting a response before switching to a WAN backup connection (or a different WAN backup connection).
Period (sec) The WiMAX Modem tests a WAN connection by periodically sending a ping to
Timeout (sec) Type the number of seconds (1 to 10) for your WiMAX Modem to wait for a
either the default gateway or the address in the Check WAN IP Address field. Type a number of seconds (5 to 300) to set the time interval between checks.
Allow more time if your destination IP address handles lots of traffic.
response to the ping before considering the check to have failed. This setting must be less than the Period. Use a higher value in this field if your network is busy or congested.
80
User’s Guide
Table 23 ADVANCED > WAN Configuration > Traffic Redirect (continued)
LABEL DESCRIPTION
Apply Click to save your changes. Reset Click to restore your previously saved settings.

7.5 Other Settings

Click ADVANCED > WAN Configuration > Other Settings to configure your DNS server, RIP, Multicast and Windows Networking settings.
Figure 38 ADVANCED > WAN Configuration > Advanced
Chapter 7 The WAN Configuration Screens
User’s Guide
81
Chapter 7 The WAN Configuration Screens
The following table describes the labels in this screen.
Table 24 ADVANCED > WAN Configuration > Advanced
LABEL DESCRIPTION
DNS Servers First, Second and Third
DNS Server
RIP & Multicast Setup RIP Direction Select the RIP direction from None, Both, In Only and Out Only. RIP Version Select the RIP version from RIP-1, RIP-2B and RIP-2M. Multicast IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to
Windows Networking (NetBIOS over TCP/IP) Allow between LAN
and WAN
Allow Trigger Dial Select this option to allow NetBIOS packets to initiate calls. Apply Click to save your changes. Reset Click to restore your previously saved settings.
Select Obtained from ISP if your ISP dynamically assigns DNS server information (and the WiMAX Modem's WAN IP address). Use the drop-down list box to select a DNS server IP address that the ISP assigns in the field to the right.
Select UserDefined if you have the IP address of a DNS server. Enter the DNS server's IP address in the field to the right. If you chose UserDefined, but leave the IP address set to 0.0.0.0, UserDefined changes to None after you click Apply. If you set a second choice to UserDefined, and enter the same IP address, the second UserDefined changes to None after you click Apply.
Select None if you do not want to configure DNS servers. You must have another DHCP server on your LAN, or else the computers must have their DNS server addresses manually configured. If you do not configure a DNS server, you must know the IP address of a computer in order to access it.
establish membership in a multicast group. The WiMAX Modem supports both IGMP version 1 (IGMP-v1) and IGMP-v2. Select None to disable it.
Select this check box to forward NetBIOS packets from the LAN to the WAN and from the WAN to the LAN. If your firewall is enabled with the default policy set to block WAN to LAN traffic, you also need to enable the default WAN to LAN firewall rule that forwards NetBIOS traffic.
Clear this check box to block all NetBIOS packets going from the LAN to the WAN and from the WAN to the LAN.
82
User’s Guide
CHAPTER 8

The VPN Transport Screens

8.1 Overview

This chapter describes the ADVANCED > VPN Transport screens, where you can configure the WiMAX Modem to allow traffic from multiple users to pass through the WiMAX network to the service provider’s router. Each user has his own personal connection to the service provider, even though there is only a single WiMAX connection. This allows the service provider to identify which user traffic comes from.
VPN stands for “Virtual Private Network”. There are many types of VPN; the type used by the WiMAX Modem is known as Virtual Private LAN Service, or VPLS.
" Unlike some other types of VPN (such as IPSec VPNs) VPLS VPNs do not
use authentication or encryption to secure the data they carry.
The following figure shows two users (A and B), connecting to the WiMAX Modem (Z) through a switch (S). Each user has his own connection over the WiMAX network to the service provider’s router (R).
Figure 39 VPN Transport Example
A
B
SZ R
WiMAX
" The services available may vary, depending upon the service provider.
User’s Guide
83
Chapter 8 The VPN Transport Screens
8.1.1 What You Can Do in This Chap ter
•The General screen (Section 8.2 on page 85) lets you turn VPN tran sport on o r of f, and to set the VPN transport endpoint (your service provider’s router).
•The Customer Interface screen (Section 8.3 on page 86) lets you specify which users can use which WiMAX network links.
•The Ethernet Pseudowire screen (Section 8.4 on page 90) lets you configure the links over the WiMAX network between the WiMAX Modem and the service provider’s router.
•The Statistics screen (Section 8.5 on page 92) lets you view performance information about the VPN transport connections.
8.1.2 What You Need to Know
The following terms and concepts may help as you read through this chapter.
Identifying Users
For the WiMAX Modem’s VPN Transport feature to work, it must be able to identify users on the LAN. It does this by examining VLAN (Virtual Local Area Network) tags.
These tags must be added to the data packets by a switch on the LAN. In the following example, two users (A and B) are connected to a switch (C). A and B are connected to different ports on the switch (port 1 and port 2). A and B send untagged packets to the switch. The switch adds tags to packets depending on the physical port on which they arrive. Packets arriving on port 1 are given a VLAN ID (VLAN IDentifier) of 1, and packets arriving on port 2 are given a VLAN ID of 2. When the packets reach the WiMAX Modem (D), their source is identified by examining their VLAN tags.
Figure 40 Identifying Users
A
B
PORT 1 VLAN 1 PORT 2 VLAN 2
PORT 1
1
C
PORT 2
2
D
84
User’s Guide
8.1.3 Before You Begin
Before you start configuring your W iMAX Modem to use VPN transport, ensure that you have the following from the service provider:
• The IP address or domain name of the service provider’s edge router.
• Virtual circuit (VC) labels for each Ethernet Pseudowire you want to create.
• Also make sure that you know the VLAN IDs (Virtual LAN IDentifiers) of the VLANs on your LAN.

8.2 General

Click ADVANCED > VPN Transport to turn VPN transport on or off and to set the VPN transport endpoint (your service provider’s router).
Figure 41 ADVANCED > VPN Transport > General
Chapter 8 The VPN Transport Screens
The following table describes the labels in this screen.
Table 25 ADVANCED > VPN Transport > General
LABEL DESCRIPTION
L2/L3 VPN Transport General Setup Transport L2/L3
VPN... Remote GRE
Tunnel End Apply Click to save your changes. Reset Click to restore your previously saved settings.
Select this to turn the VPN transport feature on. Deselect it to turn the VPN transport feature off.
Enter the domain name or IP address of your service provider’s router.
User’s Guide
85
Chapter 8 The VPN Transport Screens

8.3 Customer Interface

Customer interfaces connect data coming from your computers to Ethernet pseudowires, according to the data’s VLAN (Virtual Local Area Network) information. One customer interface is for traffic that has no tag; this is the default interface (rule 0) which cannot be deleted in the GUI. All other customer interfaces are identified by their VLAN ID.
Once the WiMAX Modem has examined a frame’s VLAN tag, it is able to assign the frame to a specified path. This is done using a customer interface. The customer interface is simply a set of information that takes frames from a VLAN and put them on an Ethernet pseudowire, and vice versa.
In this example, the WiMAX Modem takes frames tagged with two different VLAN IDs (10 and 20) and using the customer interfaces, assigns them to specific pseudowires (PW1 and PW2).
Figure 42 Pseudowire Mapping
VLAN 10 PW1
VLAN 20 PW2
PW1
10
The WiMAX Modem has a default customer interface configured for frames that arrive at the WiMAX Modem without VLAN tags.
20
PW2
8.3.1 Multi-Protocol Label Switching
The WiMAX Modem uses MPLS VPNs to create virtual private LANs. MPLS stands for Multi-Protocol Label Switching, and is a packet-switching technology that allows packets with different VLAN tags to be transported on different paths (known as LSPs, or Label Switched Paths). Each packet is identified by its VLAN tag and sent to a specific LSP for transport over the WiMAX network.
Each LSP has a defined start-point and end-point. Since MPLS creates mono-directional paths (traffic flows in only one direction), each Ethernet pseudowire uses two LSPs so that traffic can flow both ways. One LSP carries upstream traffic, and the other carries downstream traffic.
1
WiMAX
2
R
86
User’s Guide
8.3.2 Generic Routing Encapsulation
In order to transport the VPLS traffic over the W iMAX network, the W iMAX Modem uses the Generic Routing Encapsulation (GRE) protocol. Like MPLS, GRE is a tunneling protocol that has specified endpoints. The GRE tunnel is bi-directional, and transports both LSPs. The GRE tunnel runs across the WiMAX network between the WiMAX Modem and your service provider’s router.
It is necessary to encapsulate the Ethernet pseudowire since the WiMAX connection is IP­only. MPLS information is carried in a packet’s Ethernet header and, without encapsulation, would be stripped from the packet prior to the packet’s transmission over the WiMAX link.
The following figure shows the VPLS connection between your WiMAX Modem (A) and your service provider’s router (B), consisting of GRE-encapsulated Ethernet pseudowire traffic.
Figure 43 VPLS Tunneling
ETHERNET PSEUDOWIRES
Chapter 8 The VPN Transport Screens
WiMAX CONNECTION
8.3.3 Customer Interface Options
Click ADVANCED > VPN Transport > Customer Interface to configure the VPNs used by the WiMAX Modem.
Figure 44 ADVANCED > VPN Transport > Customer Interface
GRE
TUNNEL
User’s Guide
87
Chapter 8 The VPN Transport Screens
The following table describes the icons in this screen.
Table 26 Advanced> VPN Transport > Customer Interface
ICON DESCRIPTION
Edit Click to edit this item.
Delete Click to delete this item.
The following table describes the labels in this screen.
Table 27 ADVANCED > VPN Transport > Customer Interface
LABEL DESCRIPTION
# The number of the item in this list. Active This icon is green if the associated interface is enabled. The icon is grey if the
Interface Type This displays either Tagged or Untagged. A tagged interface controls traffic with
VLAN ID For a tagged interface, this displays the IEEE 802.1Q VLAN ID number. For the
Mode This displays either B (bridging) or R (routing). Only the default interface,
Associated Ethernet Pseudowire (Ingress, Egress)
DSCP This displays the DiffServ Control Point value you previously entered in binary.
Interface Description
Action Click the Edit icon to set up a new interface or alter the configuration of an
associated interface is disabled. Enable or disable an interface by clicking its Edit icon and selecting or deselecting Active and clicking Apply in the screen that displays.
a specific IEEE 802.1Q VLAN tag, whereas an untagged interface controls traffic that does not have a VLAN tag. There can be only one untagged interface.
untagged interface, -1 displays.
interface 0, can be a routing interface. This displays the number of the Ethernet pseudowire that this interface uses, as
well as the ingress and egress MPLS (Multi-Protocol Label Switching) VC (Virtual Circuit) label numbers.
This determines the pseudowire’s priority on the network. The DSCP value is displayed in binary notation and has six bits.
This displays the information you previously entered describing the interface. For the default interface, interface 0, the description reads “for routing / NAT”.
existing interface. Click the Delete icon to remove an existing interface.
88
User’s Guide
8.3.4 Customer Interface Setup
Click the Edit icon in the ADVANCED > VPN Transport > Customer Interface screen to open the Customer Interface Setup.
Customer interfaces map traffic onto specific Ethernet pseudowires for transport over the WiMAX network. There is also a default customer interface for routing traffic that does not possess a VLAN tag.
Figure 45 ADVANCED > VPN Transport > Customer Interface Setup
Chapter 8 The VPN Transport Screens
The following table describes the labels in this screen.
Table 28 ADVANCED > VPN Transport > Customer Interface Setup
LABEL DESCRIPTION
Active Select to make this customer interface active. Deselect it to make the
customer interface inactive.
Customer Interface
Type A customer interface can be tagged (controlling traffic that has a specific
VLAN ID) or untagged (controlling traffic without a specific VLAN ID). There can be only one untagged interface.
VLAN ID Enter the Virtual Local Area Network Identifier number (1 ~ 4094) for this
interface. This VLAN ID must not be used by any other customer interface. For the untagged interface, -1 displays.
Mode This displays Bridging or Routing. A tagged interface can operate in bridging
mode only.
Associated Ethernet Pseudowire
DSCP If you wish to prioritize an interface, enter a DiffServ Code Point value of six
Interface Description Enter a brief (up to 31 characters) name or description for this interface. Apply Click to save your changes. Cancel Click to return to the previous screen without saving your changes.
Select the Ethernet pseudowire this interface should use for communications over the WiMAX network. You should configure the pseudowire (in the ADVANCED > VPN Transport > Ethernet Pseudowire screen) before you select it.
bits in binary notation. The higher the value, the higher the interface’s priority on the WiMAX Modem’s WiMAX link.
User’s Guide
89
Chapter 8 The VPN Transport Screens

8.4 Ethernet Pseudowire

Because VPLS mimics a simple wired Ethernet connection to your service provider’s router, the connection between the WiMAX Modem and the peer device is known as an “Ethernet pseudowire” or “PW”.
The Ethernet pseudowires use MPLS (MultiProtocol Label Switching) virtual circuit labels to define the connection. In any such pseudowire, the ingress label on one device must be the same as the egress label on the peer device, as shown in the following figure. A is your WiMAX Modem and B is your service provider’s router.
Figure 46 Ethernet Pseudowire Settings Example
A
INGRESS LABEL: X
EGRESS LABEL: Y
TO Y
PSEUDOWIRE
TO X
INGRESS LABEL: Y
EGRESS LABEL: X
Click ADVANCED > VPN Transport > Ethernet Pseudowire to configure the WiMAX Modem’s Ethernet ps eu do wi res.
Figure 47 Advance > VPN Transport > Ethernet Pseudowire
The following table describes the icons in this screen.
Table 29 Advanced> VPN Transport > Customer Interface
ICON DESCRIPTION
Edit Click to edit this item.
B
90
Delete Click to delete this item.
User’s Guide
The following table describes the labels in this screen.
Table 30 ADVANCED > VPN Transport > Ethernet Pseudowire
LABEL DESCRIPTION
# The number of the item in this list. Active This icon is green if the associated pseudowire is enabled. The icon is grey
if the associated pseudowire is disabled. Enable or disable a pseudowire by clicking its Edit icon.
MPLS VC Label
Ingress This is the MPLS virtual circuit label number for traffic coming from the peer
device.
Egress This is the MPLS virtual circuit label number for traffic going to the peer
device.
Pseudowire Description This displays the information you previously entered describing the
pseudowire.
Action Click the Edit icon to set up an Ethernet pseudowire or alter the
configuration of an existing Ethernet pseudowire. Click the Delete icon to remove an existing Ethernet pseudowire.
8.4.1 Ethernet Pseudowire Setup
Chapter 8 The VPN Transport Screens
Click a pseudowire entry’s Edit icon in the ADVANCED > VPN Transport > Ethernet Pseudowire screen to set up or modify an Ethernet pseudowire’s configuration.
Figure 48 ADVANCED > VPN Transport > Ethernet Pseudowire Setup
The following table describes the labels in this screen.
Table 31 ADVANCED > VPN Transport > Ethernet Pseudowire Setup
LABEL DESCRIPTION
Active Select this to enable the pseudowire. Deselect it to disable the
pseudowire.
MPLS VC Label
Ingress Enter the VC ingress label number for this pseudowire. This must be the
egress label number of the peer device. This should not be the ingress label number of any other Ethernet pseudowire configured on the WiMAX Modem.
User’s Guide
91
Chapter 8 The VPN Transport Screens
Table 31 ADVANCED > VPN Transport > Ethernet Pseudowire Setup (continued)
LABEL DESCRIPTION
Egress Enter the egress label number for this pseudowire. This must be the
Pseudowire Description Enter a brief (up to 31 characters) description for this pseudowire. Apply Click to save your changes. Cancel Click to return to the previous screen without saving your changes.

8.5 Statistics

Click ADVANCED > VPN Transport > Statistics to view details and performance information of each active customer interface and its associated Ethernet pseudowire.
Figure 49 ADVANCED > VPN Transport > Statistics
ingress label of the peer device. This should not be the egress label number of any other Ethernet pseudowire configured on the WiMAX Modem.
The following table describes the labels in this screen.
Table 32 ADVANCED > VPN Transport > Statistics
LABEL DESCRIPTION
# The number of the item in this list. Active This icon is green if the associated interface is enabled. The icon is grey if
Total Packets This displays the number of packets received (Receive) and sent
Total Bytes This displays the number of bytes received (Receive) and sent (Transmit)
Interface Description This is the brief name or description of the customer interface configured in
the associated interface is disabled. Enable or disable an interface by clicking its Edit icon.
(Transmit) on the customer interface since the interface was activated, or the Clear button pressed.
on the customer interface since the interface was activated, or the Clear button pressed.
the ADVANCED > VPN Transport > Customer Interface Setup screen.
92
User’s Guide
CHAPTER 9

The NAT Configuration Screens

9.1 Overview

Use these screens to configure port forwarding and trigger ports for the WiMAX Modem. You can also enable and disable SIP, FTP, and H.323 ALG.
Network Address Translation (NAT) maps a host’s IP address within one network to a different IP address in another network. For example, you can use a NAT router to map one IP address from your ISP to multiple private IP addresses for the devices in your home network.
9.1.1 What You Can Do in This Chap ter
•The General screen (Section 9.2 on page 93) lets you enable or disable NAT and to allocate memory for NAT and firewall rules.
•The Port Forwarding screen (Section 9.3 on page 94) lets you look at the current port- forwarding rules in the WiMAX Modem, and to enable, disable, activate, and deactivate each one.
•The Trigger Port screen (Section 9.4 on page 97) lets you maintain trigger port forwarding rules for the WiMAX Modem.
•The ALG screen (Section 9.5 on page 99) lets you enable and disable SIP (VoIP), FTP (file transfer), and H.323 (audio-visual) ALG in the WiMAX Modem.

9.2 General

Click ADVANCED > NAT Configuration > General to enable or disable NAT and to allocate memory for NAT and firewall rules.
Figure 50 ADVANCED > NAT Configuration > General
User’s Guide
93
Chapter 9 The NAT Configuration Screens
The following table describes the labels in this screen.
Table 33 ADVANCED > NAT Configuration > General
LABEL DESCRIPTION
Enable Network Address Translation
Max NAT/Firewall Session Per User
Apply Cancel Click to return to the previous screen without saving your changes.
Select this if you want to use port forwarding, trigger ports, or any of the ALG.
When computers use peer to peer applications, such as file sharing applications, they may use a large number of NAT sessions.
not limit the number of NAT sessions a single client can establish, this can result in all of the available NAT sessions being used. In this case, no additional NAT sessions can be established, and users may not be able to access the Internet.
Each NAT session establishes a corresponding firewall session. Use this field to limit the number of NAT/firewall sessions each client computer can establish through the WiMAX Modem.
If your network has a small number of clients using peer to peer applications, you can raise this number to ensure that their performance is not degraded by the number of NAT sessions they can establish. If your network has a large number of users using peer to peer applications, you can lower this number to ensure no single client is using all of the available NAT sessions.
Click to save your changes.
If you do

9.3 Port Forwarding

A NAT server set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make accessible to the outside world even though NAT makes your whole inside network appear as a single machine to the outside world.
Use the ADVANCED > NA T Configuration > Port Forwarding screen to forward incoming service requests to the server(s) on your local network. You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desi red server. The port number identifies a service; for example, web service is on port 80 and FTP on port 21. In some cases, such as for unknown services or where one server can support more than one service (for example both FTP and web service), it might be better to specify a range of port numbers.
In addition to the servers for specified services, NAT supports a default server. A service request that does not have a server explicitly designated for it is forwarded to the default server. If the default is not defined, the service request is simply discarded.
For example, let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of
192.168.1.35 to a third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet.
94
User’s Guide
Figure 51 Multiple Servers Behind NAT Example
9.3.1 Port Forwarding Options
Click ADVANCED > NAT Configuration > Port Forwarding to look at the current port- forwarding rules in the WiMAX Modem, and to enable, disable, activate, and deactivate each one. You can also set up a default server to handle ports not covered by rules.
Figure 52 ADVANCED > NAT Configuration > Port Forwarding
Chapter 9 The NAT Configuration Screens
User’s Guide
The following table describes the icons in this screen.
Table 34 Advanced> VPN Transport > Customer Interface
ICON DESCRIPTION
Edit Click to edit this item.
Delete Click to delete this item.
The following table describes the labels in this screen.
Table 35 ADVANCED > NAT Configuration > Port Forwarding
LABEL DESCRIPTION
Default Server Setup Default Server
Enter the IP address of the server to which the WiMAX Modem should forward packets for ports that are not specified in the Port Forwarding section below or in the TOOLS > Remote MGMT screens. Enter 0.0.0.0 if you want the WiMAX Modem to discard these packets instead.
95
Chapter 9 The NAT Configuration Screens
Table 35 ADVANCED > NAT Configuration > Port Forwarding (continued)
LABEL DESCRIPTION
Port Forwarding # The number of the item in this list. Active Name This field displays the name of the rule. It does not have to be unique. Start Port This field displays the beginning of the range of port numbers forwarded by this
End Port
Server IP Address
Action Click the Edit icon to set up a port forwarding rule or alter the configuration of an
Apply Reset Click to restore your previously saved settings.
Select this to enable this rule. Clear this to disable this rule.
rule. This field displays the end of the range of port numbers forwarded by this rule. If it
is the same as the Start Port, only one port number is forwarded. This field displays the IP address of the server to which packet for the selected
port(s) are forwarded.
existing port forwarding rule. Click the Delete icon to remove an existing port forwarding rule.
Click to save your changes.
9.3.2 Port Forwarding Rule Setup
Click a port forwarding rule’s Edit icon in the ADVANCED > NAT Configuration > Port Forwarding screen to activate, deactivate, or edit it.
Figure 53 ADVANCED > NAT Configuration > Port Forwarding > Rule Setup
The following table describes the labels in this screen.
Table 36 ADVANCED > NAT Configuration > Port Forwarding > Rule Setup
LABEL DESCRIPTION
Active Service Name
Select this to enable this rule. Clear this to disable this rule. Enter a name to identify this rule. You can use 1 - 31 printable ASCII characters, or
you can leave this field blank. It does not have to be a unique name.
96
User’s Guide
Table 36 ADVANCED > NAT Configuration > Port Forwarding > Rule Setup (continued)
LABEL DESCRIPTION
Start Port End Port
Server IP Address
Apply Cancel Click to return to the previous screen without saving your changes.

9.4 Trigger Port

Some services use a dedicated range of ports on the client side and a dedicated range of ports on the server side. With regular port forwarding you set a forwarding port in NAT to forward a service (coming in from the server on the WAN) to the IP address of a computer on the client side (LAN). The problem is that port forwarding only forwards a service to a single LAN IP address. In order to use the same service on a different LAN computer, you have to manually replace the LAN computer's IP address in the forwarding port with another LAN computer's IP address,
Chapter 9 The NAT Configuration Screens
Enter the port number or range of port numbers you want to forward to the specified server.
To forward one port number, enter the port number in the Start Port and End Port fields.
To forward a range of ports,
enter the port number at the beginning of the range in the Start Port field
enter the port number at the end of the range in the End Port field. Enter the IP address of the server to which to forward packets for the selected port
number(s). This server is usually on the LAN. Click to save your changes.
Trigger port forwarding solves this problem by allowing computers on the LAN to dynamically take turns using the service. The WiMAX Modem records the IP address of a LAN computer that sends traffic to the WAN to request a service with a specific port number and protocol (a "trigger" port). When the WiMAX Modem's WAN port receives a response with a specific port number and protocol ("incoming" port) , the WiMAX Modem forwards the traffic to the LAN IP address of the computer that sent the request. After that computer’s connection for that service closes, another computer on the LAN can use the service in the same manner. This way you do not need to configure a new IP address each time you want a different LAN computer to use the application.
Click ADVANCED > NAT Configuration > Trigger Port to maintain trigger port forwarding rules for the WiMAX Modem.
Figure 54 ADVANCED > NAT Configuration > Trigger Port
User’s Guide
97
Chapter 9 The NAT Configuration Screens
The following table describes the labels in this screen.
Table 37 ADVANCED > NAT Configuration > Trigger Port
LABEL DESCRIPTION
# The number of the item in this list. Name
Incoming
Start Port End Port
Trigger
Start Port End Port
Apply Cancel Click to return to the previous screen without saving your changes.
Enter a name to identify this rule. You can use 1 - 15 printable ASCII characters, or you can leave this field blank. It does not have to be a unique name.
Enter the incoming port number or range of port numbers you want to forward to the IP address the WiMAX Modem records.
To forward one port number, enter the port number in the Start Port and End Port fields.
To forward a range of ports,
enter the port number at the beginning of the range in the Start Port field
enter the port number at the end of the range in the End Port field. If you want to delete this rule, enter zero in the Start Port and End Port fields.
Enter the outgoing port number or range of port numbers that makes the WiMAX Modem record the source IP address and assign it to the selected incoming port number(s).
To select one port number, enter the port number in the Start Port and End Port fields.
To select a range of ports,
enter the port number at the beginning of the range in the Start Port field
enter the port number at the end of the range in the End Port field. If you want to delete this rule, enter zero in the Start Port and End Port fields.
Click to save your changes.
9.4.1 Trigger Port Forwarding Example
The following is an example of trigger port forwarding. In this example, J is Jane’s computer and S is the Real Audio server.
Figure 55 Trigger Port Forwarding Exa mple
1 Jane requests a file from the Real Audio server (port 7070). 2 Port 7070 is a “trigger” port and causes the WiMAX Modem to record Jane’s computer
IP address. The WiMAX Modem associates Jane's computer IP address with the "incoming" port range of 6970-7170.
98
User’s Guide
Two points to remember about trigger ports:

9.5 ALG

Some applications, such as SIP, cannot operate through NAT (are NAT un-friendly) because they embed IP addresses and port numbers in their packets’ data payload.
Some NAT routers may include a SIP Application Layer Gateway (ALG). An Application Layer Gateway (ALG) manages a specific protocol (such as SIP, H.323 or FTP) at the application layer.
Chapter 9 The NAT Configuration Screens
3 The Real Audio server responds using a port number ranging betwee n 6970-7170. 4 The WiMAX Modem forwards the traffic to Jane’s computer IP address. 5 Only Jane can connect to the Real Audio server until the connection is closed or times
out. The WiMAX Modem times out in three minutes with UDP (User Datagram Protocol), or two hours with TCP/IP (Transfer Control Protocol/Internet Protocol).
1 Trigger events only happen on data that is coming from inside the WiMAX Modem and
going to the outside.
2 If an application needs a continuous data stream, that port (range) will be tied up so that
another computer on the LAN can’t trigger it.
A SIP ALG allows SIP calls to pass through NAT by examining and translating IP addresses embedded in the data stream.
Click ADVANCED > NAT Configuration > ALG to enable and disable SIP (VoIP), FTP (file transfer), and H.323 (audio-visual) ALG in the WiMAX Modem.
Figure 56 ADVANCED > NAT Configuration > ALG
The following table describes the labels in this screen.
Table 38 ADVANCED > NAT Configuration > ALG
LABEL DESCRIPTION
Enable SIP ALG Select this to make sure SIP (VoIP) works correctly with port-forwarding and port-
triggering rules.
Enable FTP ALG
Enable H.323 ALG
Apply Cancel Click to return to the previous screen without saving your changes.
Select this to make sure FTP (file transfer) works correctly with port-forwarding and port-triggering rules.
Select this to make sure H.323 (audio-visual programs, such as NetMeeting) works correctly with port-forwarding and port-triggering rules.
Click to save your changes.
User’s Guide
99
Chapter 9 The NAT Configuration Screens
100
User’s Guide
Loading...