ZyXEL NBG4604 Users Manual

Chapter 16Bandwidth Management

16.3 What You Need To Know

You can limit an application’s uplink or downlink bandwidth. This limit keeps the
traffic from using up too much of the out-going interface’s bandwidth. This way
you can make sure there is bandwidth for other applications. Use the following
guidelines:

• The sum of the bandwidth allotments that apply to the WAN interface (LAN to
WAN, WLAN to WAN) must be less than or equal to the Uplink value that you
configure in the Bandwidth ManagementGeneral screen.

• The sum of the bandwidth allotments that apply to the LAN port (WAN to LAN,
WAN to WLAN) must be less than or equal to the Downlink value that you
configure in the Bandwidth ManagementGeneral screen.

16.4 General Configuration

Use this screen to enable bandwidth management and assign uplink/downlink
limits. You can use either one of the following types:

• Priority Queue. Enable bandwidth management to give uplink traffic that
matches a bandwidth rule priority over traffic that does not match a bandwidth
rule. (This type does not apply to downlink traffic.)

• Bandwidth Allocation. Enabling bandwidth management also allows you to
control the maximum or minimum amounts of bandwidth that can be used by
traffic that matches a bandwidth rule.

Note: You cannot apply both bandwidth management types at the same time.

Click Management> Bandwidth MGMT to open the bandwidth management
General screen.

Figure 82 Management > Bandwidth MGMT > General

Company Confidential

148

NBG4604 User’s Guide

Chapter 16Bandwidth Management

The following table describes the labels in this screen.

Table 55 Management > Bandwidth MGMT > General

LABEL DESCRIPTION

Service Management
Bandwidth

Management
Type

Total Bandwidth Setting. The fields below appear when you enable Bandwidth
Management.

Uplink Type or select the total amount of bandwidth (from 64 Kbps to 30

This field allows you to have NBG4604 apply bandwidth management.
Select Priority Queue or Bandwidth Allocation to enable

bandwidth management.

• Select Priority Queue to allocate bandwidth based on the pre-
defined priority assigned to an application. Refer to Section 16.5 on

page 149.

• Select Bandwidth Allocation allocate specific amounts of
bandwidth to specific protocols on an IP or IP range. Refer to

Section 16.5 on page 149.

Select Disable if you do not want to use this feature.

Mbps) that you want to dedicate to uplink traffic.
If you type the amount of bandwidth, the selection automatically

becomes User Defined. If you select the amount of bandwidth, the
field automatically displays the value in Kbps.

This is traffic from LAN/WLAN to WAN.

Downlink Type or select the total amount of bandwidth (from 64 Kbps to 30

Mbps) that you want to dedicate to downlink traffic.
If you type the amount of bandwidth, the selection automatically

becomes User Defined. If you select the amount of bandwidth, the
field automatically displays the value in Kbps.

This is traffic from WAN to LAN/WLAN.
Apply Click Apply to save your customized settings.
Reset Click Reset to begin configuring this screen afresh.

16.5 Advanced Configuration

Use this screen to configure bandwidth managements rule for the pre-defined
services or applications.

Use this screen to configure bandwidth managements rule for specific protocols on
an IP or IP range.

Note: This screen contains the Priority Queue and Bandwidth Allocation tables.

Company Confidential

Though both tables are described in this section, you can only apply the rules in
one table. Fill out the table of the Bandwidth Management Type you selected
in Section 16.4 on page 148.

NBG4604 User’s Guide

149

Chapter 16Bandwidth Management

Click Management > Bandwidth MGMT > Advanced to open the bandwidth
management Advanced screen.

Figure 83 Management > Bandwidth MGMT > Advanced

The following table describes the labels in this screen.

Table 56 Management > Bandwidth MGMT > Advanced

LABEL DESCRIPTION

Priority Queue
Local IP

Company Confidential

Address
Priority Queue Use this table to allocate specific amounts of bandwidth based on the

150

Enter the IP address of the computer to which bandwidth management
does not apply.

pre-defined service.

NBG4604 User’s Guide

Chapter 16Bandwidth Management

Table 56 Management > Bandwidth MGMT > Advanced (continued)

LABEL DESCRIPTION

# This is the number of an individual bandwidth management rule.
Enable Select this check box to have the NBG4604 apply this bandwidth

Service This is the name of the service.

Priority Select a priority from the drop down list box. Choose High or Low.
Specific Port This displays the port/s assigned to the service.

management rule.

You can also enter the name (up to 10 keyboard characters) of a service
you want to add in the priority queue (for example, Messenger).

You can also specify the port/s to services to which you want to allocate
bandwidth. Choose either Both, TCP or UDP in the drop-down menu
and enter the port or range of ports in the provided boxes.

Note: If you are entering a specific port and not a range of ports,

you can either leave the second port field blank or enter the
same port number again.

Bandwidth
Allocation

# This is the number of an individual bandwidth management rule.
Enable Select this check box to have the NBG4604 apply this bandwidth

LAN IP Range This displays the range of IP addresses for which the bandwidth

Direction These read-only labels represent uplink or downlink traffic.

Use this table to allocate specific amounts of bandwidth to specific
protocols on an IP or IP range.

management rule.

management rule applies.

To LAN applies bandwidth management to traffic from WAN to LAN/
WLAN (i.e., downlink).

To WAN applies bandwidth management to traffic from LAN/WLAN to
WAN (i.e., uplink).

Both applies bandwidth management to traffic that the NBG4604
forwards to both the LAN and the WAN.

Port Range This displays the range of ports for which the bandwidth management

rule applies.

Policy This displays either Max (maximum) or Min (minimum) and refers to

the maximum or minimum bandwidth allowed for the rule in kilobits per
second in the field below.

Rate This is the maximum or minimum bandwidth allowed (refer to the field

above) for the rule in bits per second.

Modify Click the Edit icon to open the Rule Configuration screen. Modify an

Apply Click Apply to save your customized settings.

Company Confidential

NBG4604 User’s Guide

Reset Click Reset to begin configuring this screen afresh.

existing rule or create a new rule in the Rule Configuration screen.
See Section 16.5.2 on page 152 for more information.

Click the Remove icon to delete a rule.

151

Chapter 16Bandwidth Management

16.5.1 Priority Levels

Traffic with a higher priority gets through faster while traffic with a lower priority is
dropped if the network is congested.

The following describes the priorities that you can apply to traffic that the
NBG4604 forwards out through an interface.

• High - Typically used for voice traffic or video that is especially sensitive to jitter
(jitter is the variations in delay).

• Low - This is typically used for all other traffic that are not time-sensitive.

16.5.2 User Defined Service Rule Configuration

If you want to edit a bandwidth management rule for specific protocols on an IP or
IP range, click the Edit icon in the Bandwidth Allocation table of the Advanced
screen. The following screen displays.

Figure 84 Management > Bandwidth MGMT > Advanced: Allocation Setup

The following table describes the labels in this screen.

Table 57 Management > Bandwidth MGMT > Advanced: Allocation Setup

LABEL DESCRIPTION

Active Select this check box to turn on this bandwidth management rule.
Direction Enter whether you want to apply the rule to uplink or downlink traffic.

To LAN applies bandwidth management to traffic from WAN to LAN/
WLAN (i.e., downlink).

To WAN applies bandwidth management to traffic from LAN/WLAN to
WAN (i.e., uplink).

Select Both applies bandwidth management to traffic that the
NBG4604 forwards to both the LAN and the WAN.

LAN IP Range Specify the range of IP addresses for which the bandwidth management

rule applies.

Company Confidential

152

Protocol Select the protocol (TCP, UDP, SMTP, HTTP, POP3, FTP or ALL) for

which the bandwidth management rule applies.

NBG4604 User’s Guide

Chapter 16Bandwidth Management

LABEL DESCRIPTION

Port Range Enter the range of ports for which the bandwidth management rule

applies.

Policy Select Max or Min and specify the maximum or minimum bandwidth

Rate (bps) Type or select the maximum or minimum bandwidth allowed (refer to

Apply Click Apply to save your customized settings.
Reset Click Reset to begin configuring this screen afresh.

allowed for the rule in bits per second in the field below.

the field above) for the rule in bits per second.
If you type the amount of bandwidth, the selection automatically

becomes User Defined. If you select the amount of bandwidth, the
field automatically displays the value in Kbps.

16.5.3 Predefined Bandwidth Management Services

The following is a description of the services that you can select and to which you
can apply media bandwidth management in the Management > Bandwidth
MGMT > Advanced screen.

Table 58 Media Bandwidth Management Setup: Services

SERVICE DESCRIPTION

FTPFile Transfer Program enables fast transfer of files, including large files

WWWThe World Wide Web (WWW) is an Internet system to distribute

TelnetTelnet is the login and terminal emulation protocol common on the

E-MailElectronic mail consists of messages sent through a computer network

that may not be possible by e-mail. FTP uses port number 21.

graphical, hyper-linked information, based on Hyper Text Transfer
Protocol (HTTP) - a client/server protocol for the World Wide Web. The
Web is not synonymous with the Internet; rather, it is just one service
on the Internet. Other services on the Internet include Internet Relay
Chat and Newsgroups. The Web is accessed through use of a browser.
WWW uses port 80.

Internet and in UNIX environments. It operates over TCP/IP networks.
Its primary function is to allow users to log into remote host systems.
Telnet uses port 23.

to specific groups or individuals. Here are some default ports for e-mail:
POP3 - port 110
SMTP - port 25

VoIP (SIP)Sending voice signals over the Internet is called Voice over IP or VoIP.

Session Initiated Protocol (SIP) is an internationally recognized
standard for implementing VoIP. SIP is an application-layer control
(signaling) protocol that handles the setting up, altering and tearing
down of voice and multimedia sessions over the Internet.

SIP is transported primarily over UDP but can also be transported over

Company Confidential

NBG4604 User’s Guide

TCP, using the default port number 5060.

153

Chapter 16Bandwidth Management

Table 58 Media Bandwidth Management Setup: Services (continued)

SERVICE DESCRIPTION

BitTorrentBitTorrent is a free P2P (peer-to-peer) sharing tool allowing you to

distribute large software and media files using ports 6881 to 6889.
BitTorrent requires you to search for a file with a searching engine
yourself. It distributes files by corporation and trading, that is, the client
downloads the file in small pieces and share the pieces with other peers
to get other half of the file.

GamingOnline gaming services lets you play multiplayer games on the Internet

via broadband technology. One example is Microsoft’s Xbox Live, which
uses port 3074. As of this writing, your NBG4604 supports Xbox,
Playstation, Battlenet and MSN Game Zone.

16.5.4 Services and Port Numbers

See Appendix E on page 259 for commonly used services and port numbers.

Company Confidential

154

NBG4604 User’s Guide

CHAPTER 17

Remote Management

17.1 Overview

This chapter provides information on the Remote Management screens.

Remote management allows you to determine which services/protocols can access
which NBG4604 interface (if any) from which computers.

You may manage your NBG4604 from a remote location via:

• LAN only • LAN and WAN

Note: When you configure remote management to allow management from the LAN

and WAN in the options above, you still need to configure a firewall rule to allow
access. See the firewall chapters for details on configuring firewall rules.

17.2 What You Can Do

Use the WWW screen (Section 17.4 on page 157) to change your NBG4604’s
World Wide Web settings.

17.3 What You Need To Know

To disable remote management of a service, select Disable in the corresponding
Server Access field. You may only have one remote management session

running at a time.

Company Confidential

NBG4604 User’s Guide

155

Chapter 17Remote Management

17.3.1 Remote Management Limitations

Remote management over LAN or WAN will not work when:

1 You have disabled that service in one of the remote management screens.

2 The IP address in the Secured Client IP Address field does not match the client

IP address. If it does not match, the NBG4604 will disconnect the session
immediately.

3 There is already another remote management session with an equal or higher

priority running. You may only have one remote management session running at
one time.

4 There is a firewall rule that blocks it.

17.3.2 Remote Management and NAT

When NAT is enabled:

• Use the NBG4604’s WAN IP address when configuring from the WAN.

• Use the NBG4604’s LAN IP address when configuring from the LAN.

17.3.3 System Timeout

There is a default system management idle timeout of five minutes (three
hundred seconds). The NBG4604 automatically logs you out if the management
session remains idle for longer than this timeout period. The management session
does not time out when a statistics screen is polling. You can change the timeout
period in the System screen

Company Confidential

156

NBG4604 User’s Guide

17.4 WWW Screen

To change your NBG4604’s World Wide Web settings, click Management >
Remote MGMT to display the WWW screen.

Figure 85 Management > Remote MGMT > WWW

The following table describes the labels in this screen

Chapter 17Remote Management

Table 59 Management > Remote MGMT > WWW

LABEL DESCRIPTION

Server Port You may change the server port number for a service if needed,

however you must use the same port number in order to use that
service for remote management.

Server Access Select the interface(s) through which a computer may access the

NBG4604 using this service.

Secured Client
IP Address

Apply Click Apply to save your customized settings and exit this screen.
Reset Click Reset to begin configuring this screen afresh.

A secured client is a “trusted” computer that is allowed to communicate
with the NBG4604 using this service.

Select All to allow any computer to access the NBG4604 using this
service.

Choose Selected to just allow the computer with the IP address that
you specify to access the NBG4604 using this service.

Note: This only applies on WAN IP.

Company Confidential

NBG4604 User’s Guide

157

Chapter 17Remote Management

Company Confidential

158

NBG4604 User’s Guide

CHAPTER 18

Universal Plug-and-Play (UPnP)

18.1 Overview

This chapter introduces the UPnP feature in the Web Configurator.

Universal Plug and Play (UPnP) is a distributed, open networking standard that
uses TCP/IP for simple peer-to-peer network connectivity between devices. A
UPnP device can dynamically join a network, obtain an IP address, convey its
capabilities and learn about other devices on the network. In turn, a device can
leave a network smoothly and automatically when it is no longer in use.

18.2 What You Can Do

Use the UPnP screen (Section 18.4 on page 160) to enable UPnP on the
NBG4604.

18.3 What You Need to Know

How do I know if I'm using UPnP?

UPnP hardware is identified as an icon in the Network Connections folder
(Windows XP). Each UPnP compatible device installed on your network will appear
as a separate icon. Selecting the icon of a UPnP device will allow you to access the
information and properties of that device.

NAT Traversal

UPnP NAT traversal automates the process of allowing an application to operate
through NAT. UPnP network devices can automatically configure network
addressing, announce their presence in the network to other UPnP devices and

Company Confidential

enable exchange of simple product and service descriptions. NAT traversal allows
the following:

NBG4604 User’s Guide

159

Chapter 18Universal Plug-and-Play (UPnP)

• Dynamic port mapping

• Learning public IP addresses

• Assigning lease times to mappings

Windows Messenger is an example of an application that supports NAT traversal
and UPnP.

See the NAT chapter for more information on NAT.

Cautions with UPnP

The automated nature of NAT traversal applications in establishing their own
services and opening firewall ports may present network security issues. Network
information and configuration may also be obtained and modified by users in some
network environments.

When a UPnP device joins a network, it announces its presence with a multicast
message. For security reasons, the NBG4604 allows multicast messages on the
LAN only.

All UPnP-enabled devices may communicate freely with each other without
additional configuration. Disable UPnP if this is not your intention.

18.4 UPnP Screen

Use this screen to enable UPnP. Click the Management > UPnP to open the
following screen.

Figure 86 Management > UPnP > General

Company Confidential

160

NBG4604 User’s Guide

The following table describes the labels in this screen.

Table 60 Management > UPnP > General

LABEL DESCRIPTION

Enable the Universal Plug
and Play (UPnP) Feature

Allow users to make port
forwarding changes
through UPnP

Apply Click Apply to save the setting to the NBG4604.
Reset Click Reset to begin configuring this screen afresh.

Select this check box to activate UPnP. Be aware that anyone
could use a UPnP application to open the Web Configurator's
login screen without entering the NBG4604's IP address
(although you must still enter the password to access the Web
Configurator).

Select this check box to allow UPnP-enabled applications to
automatically configure the NBG4604 so that they can
communicate through the NBG4604, for example by using NAT
traversal, UPnP applications automatically reserve a NAT
forwarding port in order to communicate with another UPnP
enabled device; this eliminates the need to manually configure
port forwarding for the UPnP enabled application.

18.5 Technical Reference

Chapter 18Universal Plug-and-Play (UPnP)

The sections show examples of using UPnP.

18.5.1 Using UPnP in Windows XP Example

This section shows you how to use the UPnP feature in Windows XP. You must
already have UPnP installed in Windows XP and UPnP activated on the NBG4604.

Make sure the computer is connected to a LAN port of the NBG4604. Turn on your
computer and the NBG4604.

18.5.1.1 Auto-discover Your UPnP-enabled Network Device

1 Click start and Control Panel. Double-click Network Connections. An icon

displays under Internet Gateway.

Company Confidential

NBG4604 User’s Guide

161

Chapter 18Universal Plug-and-Play (UPnP)

2 Right-click the icon and select Properties.

Figure 87 Network Connections

3 In the Internet Connection Properties window, click Settings to see the port

mappings there were automatically created.

Figure 88 Internet Connection Properties

Company Confidential

162

NBG4604 User’s Guide

Chapter 18Universal Plug-and-Play (UPnP)

4 You may edit or delete the port mappings or click Add to manually add port

mappings.

Figure 89 Internet Connection Properties: Advanced Settings

Figure 90 Internet Connection Properties: Advanced Settings: Add

Note: When the UPnP-enabled device is disconnected from your computer, all port

mappings will be deleted automatically.

5 Select Show icon in notification area when connected option and click OK.

An icon displays in the system tray.

Figure 91 System Tray Icon

Company Confidential

NBG4604 User’s Guide

163

Chapter 18Universal Plug-and-Play (UPnP)

6 Double-click on the icon to display your current Internet connection status.

Figure 92 Internet Connection Status

18.5.2 Web Configurator Easy Access

With UPnP, you can access the web-based configurator on the NBG4604 without
finding out the IP address of the NBG4604 first. This comes helpful if you do not
know the IP address of the NBG4604.

Follow the steps below to access the Web Configurator.

1 Click Start and then Control Panel.

2 Double-click Network Connections.

Company Confidential

164

NBG4604 User’s Guide

Chapter 18Universal Plug-and-Play (UPnP)

3 Select My Network Places under Other Places.

Figure 93 Network Connections

4 An icon with the description for each UPnP-enabled device displays under Local

Network.

5 Right-click on the icon for your NBG4604 and select Invoke. The Web

Configurator login screen displays.

Figure 94 Network Connections: My Network Places

Company Confidential

NBG4604 User’s Guide

165

Chapter 18Universal Plug-and-Play (UPnP)

6 Right-click on the icon for your NBG4604 and select Properties. A properties

window displays with basic information about the NBG4604.

Figure 95 Network Connections: My Network Places: Properties: Example

Company Confidential

166

NBG4604 User’s Guide

CHAPTER 19

SNMP

19.1 Overview

Simple Network Management Protocol (SNMP) is a protocol for collecting and
managing information about network devices. Your NBG4604 supports SNMP
agent functionality, which allows a manager station to manage and monitor the
NBG4604 through the network. The NBG4604 supports SNMP version one
(SNMPv1) and version two (SNMPv2c).

Note: Only configure the SNMP feature with settings provided by your ISP.

19.2 What You Need to Know

An SNMP managed network consists of two main types of component: agents and
a manager.

Figure 96 SNMP Management Model

Company Confidential

NBG4604 User’s Guide

167

Chapter 19SNMP

An agent is a management software module that resides in a managed device (the
NBG4604). An agent translates the local management information from the
managed device into a form compatible with SNMP. The manager is the console
through which network administrators perform network management functions. It
executes applications that control and monitor managed devices.

The managed devices contain object variables/managed objects that define each
piece of information to be collected about a device. Examples of variables include
such as number of packets received, node port status etc. A Management
Information Base (MIB) is a collection of managed objects. SNMP allows a
manager and agents to communicate for the purpose of accessing these objects.

SNMP itself is a simple request/response protocol based on the manager/agent
model. The manager issues a request and the agent returns responses using the
following protocol operations:

• Get - Allows the manager to retrieve an object variable from the agent.

• GetNext - Allows the manager to retrieve the next object variable from a table

or list within an agent. In SNMPv1, when a manager wants to retrieve all
elements of a table from an agent, it initiates a Get operation, followed by a
series of GetNext operations.

• Set - Allows the manager to set values for object variables within an agent.

• Trap - Used by the agent to inform the manager of some events.

19.3 SNMP Screen

Use this screen to enable SNMP. Click Management > SNMP to open the
following screen.

Figure 97 Management > SNMP > General

Company Confidential

168

NBG4604 User’s Guide

Chapter 19SNMP

The following table describes the labels in this screen.

Table 61 Management > UPnP > General

LABEL DESCRIPTION

Enable SNMP Select this to enable SNMP on this device.
SNMP version Select the SNMP version that corresponds the SNMP used by

the server.
Read Community Enter the SNMP read community information here.
Get Community Enter the SNMP get community information here.
System Location Enter the SNMP system location.
System Contact Enter the SNMP system contact.
Apply Click Apply to save the setting to the NBG4604.
Reset Click Reset to begin configuring this screen afresh.

Company Confidential

NBG4604 User’s Guide

169

Chapter 19SNMP

Company Confidential

170

NBG4604 User’s Guide

CHAPTER 20

ACS

20.1 Overview

This chapter shows you to configure the NBG4604’s ACS settings so that it can be
remotely configured by an Auto-Configuration Server (ACS).

An administrator can use an ACS to remotely set up the NBG4604, modify its
settings, perform firmware upgrades, and monitor and diagnose it. In order to do
so, you must enable the TR-069 feature on your NBG4604 and then configure it
appropriately. (The ACS server which it will use must also be configured by its
administrator.)

20.2 What You Can Do in this Chapter

• Use the General screen (Section 20.4 on page 172) to configure set up the ACS
server information on your NBG4604.

• Use the Certificate screen (Section 20.5 on page 175) to upload encrypted
security certificates to your NBG4604.

20.3 What You Need to Know

The following terms and concepts may help as you read this chapter.

ACS

An Auto-Configuration Server (ACS) centralizes the management and
configuration of a variety of networking devices such as routers, set-top boxes,
Voice over IP (VoIP) gateways, and other Customer Premises Equipment (CPE). It
is based on the TR-069 standard.

Company Confidential

NBG4604 User’s Guide

171

Chapter 20ACS

OUI Filter

An Organizationally Unique Identifier (OUI) filter blocks or forwards packets from
devices with the specified OUI in the MAC address. The OUI field is the first three
octets in a MAC address and uniquely identifies the manufacturer of a network
device.

STUN

STUN allows a device to find the public IP address assigned by a NAT router and/
or a firewall between it and the public Internet.

20.4 General Screen

The General screen allows you to set up the ACS server information on your
NBG4604 so it can be remotely updated. Only use information provided by your
network administrator.

20.4.1 STUN

STUN (Simple Traversal of User Datagram Protocol (UDP) through Network
Address Translators) allows the NBG4604 to find the presence and types of NAT
routers and/or firewalls between it and the public Internet. STUN also allows the
NBG4604 to find the public IP address that NAT assigned, so the NBG4604 can
embed it in the SIP data stream. STUN does not work with symmetric NAT routers
or firewalls. See RFC 3489 for details on STUN.

The following figure shows how STUN works.

1 The NBG4604 (A) sends SIP packets to the STUN server (B).

2 The STUN server (B) finds the public IP address and port number that the NAT

router used on the NBG4604’s SIP packets and sends them to the NBG4604.

Company Confidential

172

NBG4604 User’s Guide

Chapter 20ACS

3 The NBG4604 uses the public IP address and port number in the SIP packets that

it sends to the SIP server (C).

Figure 98 STUN

Click Management > ACS to open this screen.

Figure 99 Management > ACS > General

Company Confidential

NBG4604 User’s Guide

173

Chapter 20ACS

The following table describes the labels in this screen.

Table 62 Management > ACS > General

LABEL DESCRIPTION

ACS Server Setup

Device Configuration
Manufacturer This displays the manufacturer name of the NBG4604, ‘ZyXEL’,

Device Connection Request

Device Connection Request

Logs

Apply Click Apply to save the setting to the NBG4604.
Reset Click Reset to begin configuring this screen afresh.

URL Enter the URL of the ACS server.
Account Name Enter the login name used by the NBG4604 to log into the ACS

server.

Password Enter the password for the account used to log into the ACS

server.

Period Enter the duration in seconds over which the NBG4604

attempts to log into the ACS server.

and cannot be edited.

Manufacturer Oui Enter the manufacturer organizational unit identifier. This

number must consist of a 3-octet MAC address.

Product Class Enter the product class if this was provided by the network

adminstrator. Otherwise, leave it at its default setting.

Model Name This displays the model name. In this case, it is ‘NBG4604’ and

cannot be edited.

Username Enter the username required for the ACS server to connect

directly to the NBG4604.

Password Enter the password required for the ACS server to connect

directly to the NBG4604.

STUN Server Enter the URL of the STUN server.
STUN Username Enter the username required to log into the STUN server.
STUN Password Enter the password of the username used to log into the STUN

server.

Backup Click Backup to save a copy of the NBG4604’s ACS activity.
Clear Logs Click Clear Logs to delete the files containing a record of the

NBG4604’s ACS activity.

Company Confidential

174

NBG4604 User’s Guide

20.5 Certificate Screen

This screen allows you to upload security certificates to the NBG4604. Click
Management > ACS > Certificates to open this screen.

Figure 100 Management > ACS > Certificates

The following table describes the labels in this screen.

Table 63 Management > UPnP > General

LABEL DESCRIPTION

File Path Enter the path of the certificate file’s location on your local

computer, or click the Browse button to open a browse dialog
box to search for it.

CA Certificate Click Upload to copy the certicate listed in File Path to the

NBG4604. Click Clear to remove the current CA Certificate
from the device.

Client Certificate Click Upload to copy the certicate listed in File Path to the

NBG4604. Click Clear to remove the current Client Certificate
from the device.

Client Key Click Upload to copy the certicate listed in File Path to the

NBG4604. Click Clear Key to remove the current CA
Certificate from the device.

Chapter 20ACS

Company Confidential

NBG4604 User’s Guide

175

Chapter 20ACS

20.6 Technical Reference

TR-069 is an abbreviation of “Technical Reference 069”, a protocol designed to
facilitate the remote management of Customer Premise Equipement (CPE), such
as the NBG4604. It can be managed over a WAN by means of an Auto
Configuration Server (ACS). TR-069 is based on sending Remote Procedure Calls
(RPCs) between the ACS and the client device. RPCs are sent in Extensible Markup
Language (XML) format over HTTP or HTTPS.

Figure 101 TR-069 Example

SIP

ACS

HTTP

In this example, the NBG4604 receives data from at least 3 sources: A SIP server
for handling voice calls, an HTTP server for handling web services, and an ACS, for
configuring the NBG4604 remotely. All three servers are owned and operated by
the client’s Internet Service Provider. However, without the configuration settings
from the ACS, the NBG4604 cannot access the other two servers. Once the
NBG4604 receives its configuration settings and implements them, it can connect
to the other servers. If the settings change, it will once again be unable to connect
until it receives its updates from the ACS.

The NBG4604 can be configured to periodically check for updates from the auto­configuration server so that the end user need not be worried about it.

Company Confidential

176

NBG4604 User’s Guide

CHAPTER 21

System

21.1 Overview

This chapter provides information on the System screens.

See the chapter about wizard setup for more information on the next few screens.

21.2 What You Can Do

• Use the General screen (Section 21.3 on page 177) to enter a name to identify
the NBG4604 in the network and set the password.

• Use the Time Setting screen (Section 21.4 on page 179) to change your
NBG4604’s time and date.

21.3 System General Screen

Use this screen to enter a name to identify the NBG4604 in the network and set
the password. Click Maintenance > System. The following screen displays.

Figure 102 Maintenance > System > General

Company Confidential

NBG4604 User’s Guide

177