Zyxel NXC2500, NXC5500 User Manual

Name: Zyxel NXC2500
Brand: Zyxel
SKU: 2506244
Rating: 4 (1 reviews)

4 (1)

User’s Guide

NXC Series

Wireless LAN Controller

Default Login Details

Version 5.30 Edition 1, 08/2018

LAN IP Address

https://192.168.1.1

User Name

admin

Password

1234

IMPORTANT!

READ CAREFULLY BEFORE USE.

KEEP THIS GUIDE FOR FUTURE REFERENCE.

This is a User’s Guide for a series of products. Not all products support all firmware features. Screenshots and graphics in this book may differ slightly from your product due to differences in your product firmware or your computer operating system. Every effort has been made to ensure that the information in this manual is accurate.

Document Conventions

Warnings and Notes

These are how warnings and notes are shown in this guide.

Warnings tell you about things that could harm you or your device.

Note: Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations.

Syntax Conventions

•All models in this series may be referred to as the “NXC” in this guide.

•Product labels, screen names, field labels and field choices are all in bold font.

•A right angle bracket ( > ) within a screen name denotes a mouse click. For example, Configuration > Network > Interface means you first click Configuration in the navigation panel, then the Network sub menu and finally the Interface tab to get to that screen.

Icons Used in Figures

Figures in this guide may use the following generic icons. The NXC icon is not an exact representation of your device.

NXC

Router

Switch

Internet

Server

Desktop

Laptop

NXC Series User’s Guide

Contents Overview
Contents Overview
User’s Guide .....................................................................................................................................	17
Introduction ...........................................................................................................................................	18
Hardware Installation and Connection .............................................................................................	24
The Web Configurator .........................................................................................................................	30
Setup Wizard .........................................................................................................................................	44
Technical Reference .......................................................................................................................	54
Dashboard ............................................................................................................................................	55
Monitor ...................................................................................................................................................	67
Registration ..........................................................................................................................................	108
Wireless .................................................................................................................................................	111
Interfaces .............................................................................................................................................	137
Policy and Static Routes ....................................................................................................................	167
Zones ....................................................................................................................................................	176
NAT .......................................................................................................................................................	179
ALG .......................................................................................................................................................	186
IP/MAC Binding ...................................................................................................................................	188
Captive Portal .....................................................................................................................................	193
RTLS .......................................................................................................................................................	216
Firewall .................................................................................................................................................	219
User/Group ..........................................................................................................................................	227
AP Profile ..............................................................................................................................................	246
MON Profile .........................................................................................................................................	266
ZyMesh Profile ......................................................................................................................................	271
Addresses ............................................................................................................................................	275
Services ................................................................................................................................................	280
Schedules ............................................................................................................................................	285
AAA Server ..........................................................................................................................................	289
Authentication Method .....................................................................................................................	300
Certificates ..........................................................................................................................................	303
DHCPv6 ................................................................................................................................................	318
System ..................................................................................................................................................	320
Log and Report ...................................................................................................................................	362
File Manager .......................................................................................................................................	377
Diagnostics ..........................................................................................................................................	388
Packet Flow Explore ...........................................................................................................................	402
Reboot .................................................................................................................................................	408
Shutdown .............................................................................................................................................	409
NXC Series User’s Guide

Contents Overview

Troubleshooting ..................................................................................................................................

410

NXC Series User’s Guide

	Table of Contents
		Table of Contents
Document Conventions .....................................................................................................................		3
Contents Overview ............................................................................................................................		4
Table of Contents ................................................................................................................................		6
Part I: User’s Guide..........................................................................................		17
Chapter 1
Introduction .......................................................................................................................................		18
1.1	Overview .........................................................................................................................................	18
1.2	Zones, Interfaces, and Physical Ports ...........................................................................................	18
	1.2.1 Interface Types ......................................................................................................................	19
	1.2.2 Interface and Zone Configuration ......................................................................................	19
1.3	Applications ....................................................................................................................................	20
	1.3.1 AP Management ..................................................................................................................	20
	1.3.2 Wireless Security ....................................................................................................................	20
	1.3.3 Captive Portal .......................................................................................................................	20
	1.3.4 Load Balancing .....................................................................................................................	21
	1.3.5 Dynamic Channel Selection ................................................................................................	21
	1.3.6 User-Aware Access Control .................................................................................................	21
1.4 Management Overview ................................................................................................................		22
1.5	Object-based Configuration ........................................................................................................	22
1.6	Starting and Stopping the NXC ....................................................................................................	23
Chapter 2
Hardware Installation and Connection ..........................................................................................		24
2.1	Rack-mounted Installation ............................................................................................................	24
	2.1.1 Rack-Mounted Installation Procedure ...............................................................................	24
2.2	Front Panel .......................................................................................................................................	25
	2.2.1 NXC2500 .................................................................................................................................	25
	2.2.2 NXC5500 .................................................................................................................................	25
	2.2.3 Front Panel LEDs ....................................................................................................................	27
2.3	Rear Panel .......................................................................................................................................	28
Chapter 3
The Web Configurator.......................................................................................................................		30
3.1	Overview .........................................................................................................................................	30
	NXC Series User’s Guide

	Table of Contents
3.2	Access ..............................................................................................................................................	30
3.3	The Main Screen .............................................................................................................................	31
	3.3.1 Title Bar ...................................................................................................................................	32
	3.3.2 Navigation Panel ..................................................................................................................	35
	3.3.3 Warning Messages ................................................................................................................	40
	3.3.4 Tables and Lists ......................................................................................................................	40
Chapter 4
Setup Wizard......................................................................................................................................		44
4.1	Accessing the Wizard .....................................................................................................................	44
4.2	Using the Wizard .............................................................................................................................	44
	4.2.1 Step 1 Password and Time Settings .....................................................................................	44
	4.2.2 Step 2 Uplink Connection and Management VLAN .......................................................	45
	4.2.3 Step 3 VLAN Settings .............................................................................................................	46
	4.2.4 Step 4 SSID .............................................................................................................................	49
	4.2.5 Step 5 Radio .........................................................................................................................	51
	4.2.6 Summary ...............................................................................................................................	52
Part II: Technical Reference...........................................................................		54
Chapter 5
Dashboard.........................................................................................................................................		55
5.1	Overview .........................................................................................................................................	55
	5.1.1 What You Can Do in this Chapter .......................................................................................	55
5.2 Dashboard ......................................................................................................................................		56
	5.2.1 CPU Usage .............................................................................................................................	60
	5.2.2 Memory Usage ......................................................................................................................	60
	5.2.3 Session Usage ........................................................................................................................	61
	5.2.4 DHCP Table ............................................................................................................................	61
	5.2.5 Number of Login Users ..........................................................................................................	62
	5.2.6 AP Status ................................................................................................................................	63
	5.2.7 Station Traffic .........................................................................................................................	65
Chapter 6
Monitor ...............................................................................................................................................		67
6.1	Overview .........................................................................................................................................	67
	6.1.1 What You Can Do in this Chapter .......................................................................................	67
6.2 What You Need to Know ...............................................................................................................		68
6.3	Port Statistics ...................................................................................................................................	69
	6.3.1 Port Statistics Graph .............................................................................................................	70
6.4	Interface Status ...............................................................................................................................	71
	NXC Series User’s Guide

	Table of Contents
6.5	Traffic Statistics ................................................................................................................................	73
6.6	Session Monitor ..............................................................................................................................	76
6.7	IP/MAC Binding Monitor ................................................................................................................	78
6.8	Login Users ......................................................................................................................................	79
	6.8.1 Dynamic Guest ....................................................................................................................	80
	6.8.2 Trusted MAC Address List .....................................................................................................	81
6.9	USB Storage ....................................................................................................................................	82
6.10 Ethernet Neighbor .......................................................................................................................		83
6.11 AP List ............................................................................................................................................		84
	6.11.1 Station Count of AP ...........................................................................................................	87
	6.11.2 Config AP ............................................................................................................................	89
6.12 Radio List .......................................................................................................................................		95
	6.12.1 AP Mode Radio Information ..............................................................................................	96
6.13 ZyMesh Link Info ............................................................................................................................		98
6.14 SSID Info .........................................................................................................................................		99
6.15 Station List ...................................................................................................................................		100
6.16 Detected Device .......................................................................................................................		101
6.17 View Log ......................................................................................................................................		103
6.18 View AP Log ...............................................................................................................................		105
Chapter 7
Registration......................................................................................................................................		108
7.1	Overview .......................................................................................................................................	108
	7.1.1 What You Can Do in this Chapter .....................................................................................	108
	7.1.2 What you Need to Know ....................................................................................................	108
7.2	Registration ....................................................................................................................................	109
7.3	Service ...........................................................................................................................................	109
Chapter 8
Wireless ............................................................................................................................................		111
8.1	Overview .......................................................................................................................................	111
	8.1.1 What You Can Do in this Chapter .....................................................................................	111
	8.1.2 What You Need to Know ...................................................................................................	111
8.2	Controller ......................................................................................................................................	112
8.3 AP Management ..........................................................................................................................		112
	8.3.1 Mgmt. AP List .......................................................................................................................	113
	8.3.2 AP Policy ..............................................................................................................................	121
	8.3.3 AP Group .............................................................................................................................	122
	8.3.4 Firmware ...............................................................................................................................	128
8.4 Rogue AP .......................................................................................................................................		130
	8.4.1 Add/Edit Rogue/Friendly List ..............................................................................................	132
8.5	Auto Healing .................................................................................................................................	132
8.6	Technical Reference ....................................................................................................................	133
	NXC Series User’s Guide

Table of Contents
8.6.1 Dynamic Channel Selection ..............................................................................................	133
8.6.2 Load Balancing ...................................................................................................................	134
8.6.3 Disassociating and Delaying Connections ......................................................................	135
Chapter 9
Interfaces.........................................................................................................................................	137
9.1 Interface Overview ......................................................................................................................	137
9.1.1 What You Can Do in this Chapter .....................................................................................	137
9.1.2 What You Need to Know ...................................................................................................	137
9.2 Ethernet Summary .......................................................................................................................	138
9.2.1 Edit Ethernet ........................................................................................................................	139
9.2.2 Object References ..............................................................................................................	146
9.2.3 Add DHCPv6 Request Options ..........................................................................................	146
9.2.4 Add/Edit DHCP Extended Options ...................................................................................	147
9.3 VLAN Interfaces ...........................................................................................................................	149
9.3.1 VLAN Summary ....................................................................................................................	150
9.3.2 Add/Edit VLAN ...................................................................................................................	151
9.4 LAG ................................................................................................................................................	157
9.4.1 LAG Summary Screen .........................................................................................................	157
9.4.2 LAG Add/Edit .....................................................................................................................	158
9.5 Technical Reference ....................................................................................................................	164
Chapter 10
Policy and Static Routes.................................................................................................................	167
10.1 Overview .....................................................................................................................................	167
10.1.1 What You Can Do in this Chapter ...................................................................................	167
10.1.2 What You Need to Know ................................................................................................	167
10.2 Policy Route ...............................................................................................................................	168
10.2.1 Add/Edit Policy Route ......................................................................................................	170
10.3 Static Route ................................................................................................................................	173
10.3.1 Static Route Setting ..........................................................................................................	174
10.4 Technical Reference ..................................................................................................................	174
Chapter 11
Zones................................................................................................................................................	176
11.1 Overview .....................................................................................................................................	176
11.1.1 What You Can Do in this Chapter ...................................................................................	176
11.1.2 What You Need to Know .................................................................................................	176
11.2 Zone .............................................................................................................................................	177
11.2.1 Add/Edit Zone ..................................................................................................................	177
Chapter 12
NAT ...................................................................................................................................................	179
NXC Series User’s Guide

Table of Contents
12.1 Overview .....................................................................................................................................	179
12.1.1 What You Can Do in this Chapter ...................................................................................	179
12.2 NAT Summary ..............................................................................................................................	179
12.2.1 Add/Edit NAT .....................................................................................................................	180
12.3 Technical Reference ..................................................................................................................	183
Chapter 13
ALG...................................................................................................................................................	186
13.1 Overview .....................................................................................................................................	186
13.1.1 What You Can Do in this Chapter ...................................................................................	186
13.1.2 What You Need to Know .................................................................................................	186
13.1.3 Before You Begin ...............................................................................................................	186
13.2 ALG ..............................................................................................................................................	186
13.3 Technical Reference ..................................................................................................................	187
Chapter 14
IP/MAC Binding...............................................................................................................................	188
14.1 Overview .....................................................................................................................................	188
14.1.1 What You Can Do in this Chapter ...................................................................................	188
14.1.2 What You Need to Know .................................................................................................	188
14.2 IP/MAC Binding Summary .........................................................................................................	189
14.2.1 Edit IP/MAC Binding ..........................................................................................................	190
14.2.2 Add/Edit Static DHCP Rule ...............................................................................................	191
14.3 IP/MAC Binding Exempt List .......................................................................................................	191
Chapter 15
Captive Portal..................................................................................................................................	193
15.1 Overview .....................................................................................................................................	193
15.1.1 Captive Portal Type ..........................................................................................................	193
15.1.2 What You Can Do in this Chapter ...................................................................................	194
15.2 Captive Portal .............................................................................................................................	194
15.2.1 Add Exceptional Services ................................................................................................	196
15.3 Custom Captive Portal ..............................................................................................................	197
15.3.1 Add Customized Page .....................................................................................................	198
15.3.2 Custom Login and Access Pages ...................................................................................	201
15.3.3 External or Uploaded Web Portal Details .......................................................................	203
15.4 Redirect on Controller ................................................................................................................	206
15.4.1 Auth. Policy Add/Edit .......................................................................................................	207
15.5 Redirect on AP ............................................................................................................................	211
15.5.1 Auth. Policy Group Add/Edit ...........................................................................................	212
15.5.2 Auth. Policy Add/Edit .......................................................................................................	213
Chapter 16
RTLS ...................................................................................................................................................	216
NXC Series User’s Guide

	Table of Contents
16.1	Overview .....................................................................................................................................	216
16.1.1 What You Can Do in this Chapter ...................................................................................		216
16.2	Before You Begin ........................................................................................................................	217
16.3	Configuring RTLS .........................................................................................................................	217
Chapter 17
Firewall .............................................................................................................................................		219
17.1	Overview .....................................................................................................................................	219
17.1.1 What You Can Do in this Chapter ...................................................................................		219
17.1.2 What You Need to Know .................................................................................................		219
17.2	Firewall .........................................................................................................................................	221
17.2.1 Add/Edit Firewall Screen ..................................................................................................		223
17.3	Session Control ...........................................................................................................................	224
17.3.1 Add/Edit Session Limit .......................................................................................................		225
Chapter 18
User/Group ......................................................................................................................................		227
18.1	Overview .....................................................................................................................................	227
18.1.1 What You Can Do in this Chapter ...................................................................................		227
18.1.2 What You Need To Know .................................................................................................		227
18.2 User Summary ..............................................................................................................................		229
18.2.1 Add/Edit User .....................................................................................................................		230
18.3 Group Summary .........................................................................................................................		233
18.3.1 Add/Edit Group ................................................................................................................		234
18.4	Setting .........................................................................................................................................	235
18.4.1 Edit User Authentication Timeout Settings ......................................................................		239
18.4.2 Add/Edit Dynamic Guest Group .....................................................................................		240
18.4.3 User Aware Login Example ..............................................................................................		240
18.4.4 Guest Manager Login Example ......................................................................................		241
18.5 MAC Address ..............................................................................................................................		244
18.5.1 Add/Edit MAC Address ....................................................................................................		245
Chapter 19
AP Profile..........................................................................................................................................		246
19.1	Overview .....................................................................................................................................	246
19.1.1 What You Can Do in this Chapter ...................................................................................		246
19.1.2 What You Need To Know .................................................................................................		246
19.2	Radio ............................................................................................................................................	247
19.2.1 Add/Edit Radio Profile ......................................................................................................		248
19.3	SSID ..............................................................................................................................................	253
19.3.1 SSID List ..............................................................................................................................		253
19.3.2 Security List .........................................................................................................................		257
19.3.3 MAC Filter List .....................................................................................................................		262
	NXC Series User’s Guide

Table of Contents
19.3.4 Layer-2 Isolation List ...........................................................................................................	264
Chapter 20
MON Profile......................................................................................................................................	266
20.1 Overview .....................................................................................................................................	266
20.1.1 What You Can Do in this Chapter ...................................................................................	266
20.1.2 What You Need To Know .................................................................................................	266
20.2 MON Profile .................................................................................................................................	266
20.2.1 Add/Edit MON Profile .......................................................................................................	267
20.3 Technical Reference ..................................................................................................................	269
Chapter 21
ZyMesh Profile .................................................................................................................................	271
21.1 Overview .....................................................................................................................................	271
21.1.1 What You Can Do in this Chapter ...................................................................................	272
21.2 ZyMesh Profile ..............................................................................................................................	272
21.2.1 Add/Edit ZyMesh Profile ....................................................................................................	274
Chapter 22
Addresses ........................................................................................................................................	275
22.1 Overview .....................................................................................................................................	275
22.1.1 What You Can Do in this Chapter ...................................................................................	275
22.1.2 What You Need To Know .................................................................................................	275
22.2 Address Summary .......................................................................................................................	275
22.2.1 Add/Edit Address .............................................................................................................	276
22.3 Address Group Summary ...........................................................................................................	277
22.3.1 Add/Edit Address Group Rule ........................................................................................	278
Chapter 23
Services............................................................................................................................................	280
23.1 Overview .....................................................................................................................................	280
23.1.1 What You Can Do in this Chapter ...................................................................................	280
23.1.2 What You Need to Know .................................................................................................	280
23.2 Service Summary ........................................................................................................................	281
23.2.1 Add/Edit Service Rule ......................................................................................................	282
23.3 Service Group Summary ...........................................................................................................	283
23.3.1 Add/Edit Service Group Rule ..........................................................................................	283
Chapter 24
Schedules ........................................................................................................................................	285
24.1 Overview .....................................................................................................................................	285
24.1.1 What You Can Do in this Chapter ...................................................................................	285
24.1.2 What You Need to Know .................................................................................................	285
NXC Series User’s Guide

Table of Contents
24.2 Schedule Summary ....................................................................................................................	285
24.2.1 Add/Edit Schedule One-Time Rule ................................................................................	287
24.2.2 Add/Edit Schedule Recurring Rule ................................................................................	288
Chapter 25
AAA Server ......................................................................................................................................	289
25.1 Overview .....................................................................................................................................	289
25.1.1 What You Can Do in this Chapter ...................................................................................	289
25.1.2 What You Need To Know .................................................................................................	289
25.2 Active Directory / LDAP .............................................................................................................	292
25.2.1 Add/Edit Active Directory / LDAP Server .......................................................................	293
25.3 RADIUS .........................................................................................................................................	296
25.3.1 Add/Edit RADIUS ..............................................................................................................	296
Chapter 26
Authentication Method ..................................................................................................................	300
26.1 Overview .....................................................................................................................................	300
26.1.1 What You Can Do in this Chapter ...................................................................................	300
26.1.2 Before You Begin ...............................................................................................................	300
26.2 Authentication Method .............................................................................................................	300
26.2.1 Add Authentication Method ...........................................................................................	301
Chapter 27
Certificates ......................................................................................................................................	303
27.1 Overview .....................................................................................................................................	303
27.1.1 What You Can Do in this Chapter ...................................................................................	303
27.1.2 What You Need to Know .................................................................................................	303
27.1.3 Verifying a Certificate ......................................................................................................	305
27.2 My Certificates ...........................................................................................................................	306
27.2.1 Adding My Certificates ....................................................................................................	307
27.2.2 Editing My Certificates ......................................................................................................	309
27.2.3 Importing Certificates ......................................................................................................	311
27.3 Trusted Certificates .....................................................................................................................	312
27.3.1 Editing Trusted Certificates ...............................................................................................	314
27.3.2 Importing Trusted Certificates ..........................................................................................	316
27.4 Technical Reference ..................................................................................................................	317
Chapter 28
DHCPv6 ............................................................................................................................................	318
28.1 Overview .....................................................................................................................................	318
28.1.1 What You Can Do in this Chapter ...................................................................................	318
28.2 DHCPv6 Request ........................................................................................................................	318
28.2.1 Add/Edit DHCPv6 Request Object ................................................................................	319
NXC Series User’s Guide

Table of Contents
Chapter 29
System..............................................................................................................................................	320
29.1 Overview .....................................................................................................................................	320
29.1.1 What You Can Do in this Chapter ...................................................................................	320
29.2 Host Name ...................................................................................................................................	320
29.3 USB Storage .................................................................................................................................	321
29.4 Date and Time ...........................................................................................................................	322
29.4.1 Pre-defined NTP Time Servers List .....................................................................................	325
29.4.2 Time Server Synchronization ............................................................................................	325
29.5 Console Speed ...........................................................................................................................	326
29.6 DNS Overview ............................................................................................................................	327
29.6.1 DNS Server Address Assignment ......................................................................................	327
29.6.2 Configuring the DNS Screen ............................................................................................	327
29.6.3 Address Record ................................................................................................................	329
29.6.4 PTR Record .........................................................................................................................	329
29.6.5 Adding an Address/PTR Record ......................................................................................	329
29.6.6 Domain Zone Forwarder .................................................................................................	330
29.6.7 Add Domain Zone Forwarder ..........................................................................................	330
29.6.8 MX Record ........................................................................................................................	331
29.6.9 Add MX Record .................................................................................................................	331
29.6.10 Add Service Control .......................................................................................................	332
29.7 WWW Overview .........................................................................................................................	332
29.7.1 Service Access Limitations ...............................................................................................	333
29.7.2 System Timeout ..................................................................................................................	333
29.7.3 HTTPS ...................................................................................................................................	333
29.7.4 Configuring WWW Service Control .................................................................................	334
29.7.5 Service Control Rules ........................................................................................................	337
29.7.6 HTTPS Example ...................................................................................................................	338
29.7.7 Mozilla Firefox Warning Messages ...................................................................................	339
29.7.8 Google Chrome Warning Messages ..............................................................................	340
29.8 SSH .............................................................................................................................................	347
29.8.1 How SSH Works ..................................................................................................................	348
29.8.2 SSH Implementation on the NXC ....................................................................................	349
29.8.3 Requirements for Using SSH ..............................................................................................	349
29.8.4 Configuring SSH .................................................................................................................	349
29.8.5 Examples of Secure Telnet Using SSH ..............................................................................	350
29.9 Telnet ...........................................................................................................................................	351
29.10 FTP ..............................................................................................................................................	353
29.11 SNMP .........................................................................................................................................	354
29.11.1 Supported MIBs ...............................................................................................................	355
29.11.2 SNMP Traps .......................................................................................................................	355
29.11.3 Configuring SNMP ...........................................................................................................	356
29.11.4 Adding or Editing an SNMPv3 User Profile ....................................................................	357
NXC Series User’s Guide

	Table of Contents
29.12 Authentication Server .............................................................................................................		358
29.12.1 Add/Edit Trusted Client ..................................................................................................		359
29.13 Language .................................................................................................................................		360
29.14 IPv6 .............................................................................................................................................		361
Chapter 30
Log and Report................................................................................................................................		362
30.1	Overview .....................................................................................................................................	362
30.1.1 What You Can Do In this Chapter ...................................................................................		362
30.2	Email Daily Report .......................................................................................................................	362
30.3	Log Settings ................................................................................................................................	364
30.3.1 Log Settings Summary ......................................................................................................		365
30.3.2 Editing System Log Settings .............................................................................................		367
30.3.3 Editing USB Storage Log Settings ....................................................................................		370
30.3.4 Editing Remote Server Log Settings ...............................................................................		371
30.3.5 Log Category Settings .....................................................................................................		373
Chapter 31
File Manager ...................................................................................................................................		377
31.1	Overview .....................................................................................................................................	377
31.1.1 What You Can Do in this Chapter ...................................................................................		377
31.1.2 What you Need to Know ..................................................................................................		377
31.2	Configuration File .......................................................................................................................	379
31.3 Firmware Package ....................................................................................................................		383
31.4	Shell Script ...................................................................................................................................	385
Chapter 32
Diagnostics ......................................................................................................................................		388
32.1	Overview .....................................................................................................................................	388
32.1.1 What You Can Do in this Chapter ...................................................................................		388
32.2	Diagnostics .................................................................................................................................	388
32.2.1 Diagnostics - AP Configuration ........................................................................................		389
32.2.2 Diagnostics Files .................................................................................................................		391
32.3 Packet Capture .........................................................................................................................		392
32.3.1 Packet Capture Files ........................................................................................................		395
32.3.2 Example of Viewing a Packet Capture File ...................................................................		396
32.4 Core Dump ..................................................................................................................................		396
32.4.1 Core Dump Files ................................................................................................................		397
32.5	System Log .................................................................................................................................	398
32.6	Wireless Frame Capture ............................................................................................................	399
32.6.1 Wireless Frame Capture Files ..........................................................................................		401
Chapter 33
Packet Flow Explore .......................................................................................................................		402
	NXC Series User’s Guide

	Table of Contents
33.1	Overview .....................................................................................................................................	402
33.1.1 What You Can Do in this Chapter ...................................................................................		402
33.2	The Routing Status Screen .........................................................................................................	402
33.3	The SNAT Status Screen ..............................................................................................................	405
Chapter 34
Reboot..............................................................................................................................................		408
34.1	Overview .....................................................................................................................................	408
34.1.1 What You Need To Know .................................................................................................		408
34.2	Reboot .........................................................................................................................................	408
Chapter 35
Shutdown .........................................................................................................................................		409
35.1	Overview .....................................................................................................................................	409
35.1.1 What You Need To Know .................................................................................................		409
35.2 Shutdown .....................................................................................................................................		409
Chapter 36
Troubleshooting...............................................................................................................................		410
36.1	Overview .....................................................................................................................................	410
36.1.1 General ..............................................................................................................................		410
36.1.2 Wireless ...............................................................................................................................		415
36.2	Resetting the NXC ......................................................................................................................	417
36.3	Getting More Troubleshooting Help .........................................................................................	418
Appendix A Log Descriptions.........................................................................................................		419
Appendix B Common Services ......................................................................................................		446
Appendix C Importing Certificates ...............................................................................................		449
Appendix D Wireless LANs ..............................................................................................................		462
Appendix E IPv6...............................................................................................................................		474
Appendix F Customer Support ......................................................................................................		482
Appendix G Legal Information ......................................................................................................		488
Index ................................................................................................................................................		493

NXC Series User’s Guide

PART I

User’s Guide

CHAPTER 1

Introduction

1.1 Overview

This User’s Guide covers the following models: NXC2500 and NXC5500.

Table 1 NXC Series Comparison Table

FEATURES	NXC2500	NXC5500
Link Aggregation Group (LAG) Support	No	Yes

Two USB Ports	Yes	Yes

Console Port (Serial Port)	DB-9 Connector	RJ-45 Connector

The NXC is a comprehensive wireless LAN controller. Its flexible configuration helps network administrators set up wireless LAN networks and efficiently enforce security policies over them. In addition, the NXC provides excellent throughput, making it an ideal solution for reliable, secure service.

The NXC’s security features include firewall and certificates. It also provides captive portal configuration, NAT, port forwarding, policy routing, DHCP server, extensive wireless AP control options, and many other powerful features. Flexible configuration helps you set up the network and enforce security policies efficiently.

The front panel physical Gigabit Ethernet ports (labeled P1, P2, P3, and so on) are mapped to Gigabit Ethernet (ge) interfaces. By default P1 is mapped to ge1, P2 is mapped to ge2 and so on.

•The default LAN IP address is 192.168.1.1.

•The default administrator login user name and password are “admin” and “1234” respectively.

1.2Zones, Interfaces, and Physical Ports

Here is an overview of zones, interfaces, and physical ports in the NXC.

Table 2 Zones, Interfaces, and Physical Ethernet Ports

	Zones	A zone is a group of interfaces. Use zones to apply security settings such as firewall.
	(LAN)

	Interfaces	Interfaces are logical entities that (layer-3) packets pass through. Use interfaces in
	(Ethernet, VLAN)	configuring zones, policy routes, static routes, and NAT.
	(Ethernet, VLAN)	Port combine physical ports into interfaces.
		Port combine physical ports into interfaces.

	Physical Ethernet Ports	The physical port is where you connect a cable.
	(P1, P2, P3, and so on)

NXC Series User’s Guide

Chapter 1 Introduction

1.2.1 Interface Types

There are two types of interfaces in the NXC. In addition to being used in various features, interfaces also describe the network that is directly connected to it.

•Ethernet interfaces are the foundation for defining other interfaces and network policies.

•VLAN interfaces recognize tagged frames. The NXC automatically adds or removes the tags as needed. Each VLAN can only be associated with one Ethernet interface.

Note: By default, all Ethernet interfaces are placed into vlan0, allowing the NXC to function as a bridge device.

1.2.2 Interface and Zone Configuration

This section introduces the NXC’s default zone member physical interfaces and the default configuration of those interfaces. This section uses the NXC5500 drawings as an example.

Figure 1 Default Network Topology

Table 3 Default Interfaces Configuration

PORT	INTERFACE	ZONE	IP ADDRESS AND DHCP	SUGGESTED USE WITH DEFAULT
PORT	INTERFACE	ZONE	SETTINGS	SETTINGS
			SETTINGS	SETTINGS
P1~P6	ge1~ge6	LAN	192.168.1.1, DHCP server disabled	Dedicated LAN connections
		(vlan0)

CONSOLE	N/A	None	None	Local management

•The LAN zone contains the ge1~ ge6 interfaces (physical ports P1~P6). By default, all LAN interfaces are put in vlan0.

•The console port is not in a zone and can be directly accessed by a computer attached to it using a special console-to-Ethernet adapter.

NXC Series User’s Guide

Chapter 1 Introduction

1.3 Applications

These are some example applications for your NXC.

1.3.1 AP Management

Manage multiple separate Access Points (APs) from a single, persistent location. APs can also be configured to monitor for rogue APs.

Figure 2 AP Management Example

A B C D

Here, the NXC (A) connects to a number of Power over Ethernet (PoE) devices (B). They connect to the managed Access Points (C), such as NWA5123-NI, which in turn provide access to the network for the wireless clients (D) within their broadcast radius.

1.3.2 Wireless Security

Keep the connections between wireless clients and your APs secure with the NXC’s comprehensive wireless security tools. APs can be configured to require WEP and WPA encryption from all wireless clients attempting to associate with them. Furthermore, you can protect your network by monitoring for rogue APs. Rogue APs are wireless access points operating in a network’s coverage area that are not under the control of the network’s administrators, and can potentially open up critical holes in a network’s security policy.

1.3.3 Captive Portal

The NXC can be configured with a captive portal, which intercepts all network traffic, regardless of address or port, until a connecting user authenticates his or her session, through a designated login Web page.

NXC Series User’s Guide

Chapter 1 Introduction

Figure 3 Applications: Captive Portal

The captive portal page only appears once per authentication session. Unless a session times out or a user closes the connection, he or she generally will not see it again during the same session.

1.3.4 Load Balancing

With load balancing you can easily distribute wireless traffic across multiple APs to relieve strain on your network. When a station becomes overloaded, it can automatically delay a connection until the client associates with another network, or it can alternatively disassociate idle clients or those clients with weak connections from the network.

1.3.5 Dynamic Channel Selection

The NXC can automatically select the radio channel upon which its APs broadcast by scanning the area around those APs and determining what channels are currently being used by other devices not connected to the network.

1.3.6 User-Aware Access Control

Set up security policies that restrict access to sensitive information and shared resources based on the user who is trying to access it.

NXC Series User’s Guide

Chapter 1 Introduction

1.4 Management Overview

You can use the following ways to manage the NXC.

Web Configurator

The Web Configurator allows easy NXC setup and management using an Internet browser. This User’s Guide provides information about the Web Configurator.

Command-Line Interface (CLI)

The CLI allows you to use text-based commands to configure the NXC. You can access it using remote management (for example, SSH or Telnet) or via the physical or Web Configurator console port. See the Command Reference Guide for CLI details. The default settings for the console port are as follows:

Table 4 Console Port Default Settings

SETTING	VALUE
Speed	115200 bps

Data Bits	8

Parity	None

Stop Bit	1

Flow Control	Off

1.5 Object-based Configuration

The NXC stores information or settings as objects. You use these objects to configure many of the NXC’s features and settings. Once you configure an object, you can reuse it in configuring other features.

When you change an object’s settings, the NXC automatically updates all the settings or rules that use the object.

You can create address objects based on an interface’s IP address, subnet, or gateway. The NXC automatically updates every rule or setting that uses these objects whenever the interface’s IP address settings change. For example, if you change an Ethernet interface’s IP address, the NXC automatically updates the rules or settings that use the interface-based, LAN subnet address object.

You can use the Configuration > Object screens to create objects before you configure features that use them. If you are in a screen that uses objects, you can also usually select Create new Object to be able to configure a new object.

Use the Object Reference screen to see what objects are configured and which configuration settings reference specific objects.

NXC Series User’s Guide

Chapter 1 Introduction

1.6 Starting and Stopping the NXC

Here are some of the ways to start and stop the NXC.

Always use Maintenance > Shutdown or the shutdown command before you turn off the NXC or remove the power. Not doing so can cause the firmware to become corrupt.

Table 5 Starting and Stopping the NXC

METHOD	DESCRIPTION
Turning on the power	A cold start occurs when you turn on the power to the NXC. The NXC powers up, checks
	the hardware, and starts the system processes.

Rebooting the NXC	A warm start (without powering down and powering up again) occurs when you use the
	Reboot button in the Reboot screen or when you use the reboot command. The NXC
	writes all cached data to the local storage, stops the system processes, and then does a
	warm start.

Using the RESET button	If you press the RESET button, the NXC sets the configuration to its default values and then
	reboots.

Clicking Maintenance	Clicking Maintenance > Shutdown > Shutdown or using the shutdown command writes all
> Shutdown >	cached data to the local storage and stops the system processes. Wait for the device to
Shutdown or using the	shut down and then manually turn off or remove the power. It does not turn off the power.
shutdown command
Disconnecting the	Power off occurs when you turn off the power to the NXC. The NXC simply turns off. It does
power	not stop the system processes or write cached data to local storage.

The NXC does not stop or start the system processes when you apply configuration files or run shell scripts although you may temporarily lose access to network resources.

NXC Series User’s Guide

CHAPTER 2

Hardware Installation and

Connection

2.1 Rack-mounted Installation

Note: Zyxel provides a sliding rail accessory for your use with your device. Please contact your local vendor for details.

The NXC can be mounted on an EIA standard size, 19-inch rack or in a wiring closet with other equipment. Follow the steps below to mount your NXC on a standard EIA rack using a rack-mounting kit. Make sure the rack will safely support the combined weight of all the equipment it contains and that the position of the NXC does not make the rack unstable or top-heavy. Take all necessary precautions to anchor the rack securely before installing the unit.

Note: Leave 10 cm of clearance at the sides and 20 cm in the rear.

Use a #2 Phillips screwdriver to install the screws.

Note: Failure to use the proper screws may damage the unit.

2.1.1 Rack-Mounted Installation Procedure

This section uses the NXC5500 drawings as an example.

1Align one bracket with the holes on one side of the NXC and secure it with the included bracket screws (smaller than the rack-mounting screws).

2Attach the other bracket in a similar fashion.

NXC Series User’s Guide

Chapter 2 Hardware Installation and Connection

3After attaching both mounting brackets, position the NXC in the rack by lining up the holes in the brackets with the appropriate holes on the rack. Secure the NXC to the rack with the rack-mounting screws.

2.2 Front Panel

This section gives you an overview of the front panel.

2.2.1 NXC2500

There are LEDs, one reset button, two USB ports and six Ethernet ports on the NXC2500 front panel.

Figure 4 Front Panel: NXC2500

2.2.2 NXC5500

There are one reset button, six Ethernet ports, one console port, two USB ports and LEDs on the NXC5500 front panel.

Figure 5 Front Panel: NXC5500

NXC Series User’s Guide

Chapter 2 Hardware Installation and Connection

Ethernet Ports

The auto-negotiating, auto-crossover Ethernet ports support 10/100/1000 Mbps Gigabit Ethernet so the speed can be 10 Mbps, 100 Mbps or 1000 Mbps. The duplex mode can be both half or full duplex at 10/ 100 Mbps and full duplex only at 1000 Mbps. An auto-negotiating port can detect and adjust to the optimum Ethernet speed and duplex mode of the connected device.

An auto-crossover (auto-MDI/MDI-X) port automatically works with a straight-through or crossover Ethernet cable.

Default Ethernet Settings

The factory default negotiation settings for the Ethernet ports on the NXC are:

•Speed: Auto

•Duplex: Auto

•Flow control: On (you cannot configure the flow control setting, but the NXC can negotiate with the peer and turn it off if needed)

Console Port (NXC5500 Only)

Connect this port to your computer (using an RJ-45-to-DB-9 console cable) if you want to configure the NXC using the command line interface (CLI) via the console port.

For local management, you can use a computer with terminal emulation software configured to the following parameters:

•VT100 terminal emulation

•115200 bps

•No parity, 8 data bits, 1 stop bit

•No flow control

Connect the RJ-45 connector of the console cable to the console port of the NXC. Connect the female 9-pin end of the console cable to a serial port (COM1, COM2 or other COM port) of your computer.

The following table shows you the wire color codes and pin assignment for the console cable.

Table 6 RJ-45-to-DB-9 Console Cable Color Codes

DB-9 SIGNAL	DB-9 PIN#	WIRE COLOR	RJ45 PIN#
CTS	8	White/Orange	1

DSR/DCD	6+1	Orange	2

RD	2	White/Green	3

GND	5	Blue	4

GND	5	White/Blue	5

TD	3	Green	6

NXC Series User’s Guide

Chapter 2 Hardware Installation and Connection

Table 6 RJ-45-to-DB-9 Console Cable Color Codes

DB-9 SIGNAL	DB-9 PIN#	WIRE COLOR	RJ45 PIN#
DTR	4	White/Brown	7

RTS	7	Brown	8

USB 2.0 Ports

Connect a USB storage device to a USB port on the NXC to archive the NXC system logs or save the NXC operating system core dump to it.

2.2.3 Front Panel LEDs

This section describes the front panel LEDs.

2.2.3.1 NXC2500

The following table describes the LEDs.

Table 7 Front Panel LEDs: NXC2500

LED	COLOR	STATUS	DESCRIPTION
PWR		Off	The NXC is turned off.

	Green	On	The NXC is turned on.

SYS	Green	Off	The NXC is not ready or has failed.

		On	The NXC is ready and running.

		Blinking	The NXC is booting.

	Red	On	There is a hardware component failure. Shut down the device, wait for a few
			minutes and then restart the device (see Section 1.6 on page 23). If the LED turns
			red again, then please contact your vendor.

		Blinking	Firmware upgrade is in progress.

P1~P6	Green	Blinking	The NXC is sending or receiving packets to/from an Ethernet network on this
	(Traffic)		port.

		Off	The NXC is not sending or receiving packets on this port.
		Off	The NXC is not sending or receiving packets on this port.

	Orange	On	This port has a successful link to an Ethernet network.

	(Link)	Off	There is no connection on this port.

2.2.3.2 NXC5500

The following table describes the LEDs.

Table 8 Front Panel LEDs: NXC5500

LED	COLOR	STATUS	DESCRIPTION
PWR	Green	Off	The NXC is turned off.

		On	The NXC is turned on.

NXC Series User’s Guide

Chapter 2 Hardware Installation and Connection

Table 8 Front Panel LEDs: NXC5500 (continued)

LED	COLOR	STATUS	DESCRIPTION
SYS		Off	The NXC is not ready or has failed.

	Green	On	The NXC is ready and running.

		Blinking	The NXC is booting.

	Red	On	There is a hardware component failure. Shut down the device, wait for a few
			minutes and then restart the device (see Section 1.6 on page 23). If the LED turns
			red again, then please contact your vendor.

		Blinking	Firmware upgrade is in progress.

P1~P6	Green	Blinking	The NXC is sending or receiving packets to/from an Ethernet network on this
Traffic			port.

		Off	The NXC is not sending or receiving packets on this port.
(Left)		Off	The NXC is not sending or receiving packets on this port.
(Left)

P1~P6	Green	On	This Ethernet connection speed is 100 Mbps on this port.

Link	Orange	On	This Ethernet connection speed is 1000 Mbps on this port.
(Right)		Off	There is no connection on this port.
(Right)

2.3 Rear Panel

The NXC2500 rear panel contains a console port, a power switch and a connector for the power receptacle.

Figure 6 Rear Panel: NXC2500

The NXC5500 rear panel contains a power switch, a connector for the power receptacle and a fan module.

Figure 7 Rear Panel: NXC5500

Console Port (NXC2500 Only)

Connect this port to your computer (using an RS-232 cable) if you want to configure the NXC using the command line interface (CLI) via the console port.

For local management, you can use a computer with terminal emulation software configured to the following parameters:

•VT100 terminal emulation

•115200 bps

NXC Series User’s Guide

Chapter 2 Hardware Installation and Connection

•No parity, 8 data bits, 1 stop bit

•No flow control

Connect the male 9-pin end of the RS-232 console cable to the console port of the NXC. Connect the female end to a serial port (COM1, COM2 or other COM port) of your computer.

NXC Series User’s Guide

CHAPTER 3

The Web Configurator

3.1 Overview

The NXC Web Configurator allows easy management using an Internet browser. Browsers supported are:

•Firefox 36.0.1 or later

•Chrome 41.0 or later

•IE 10 or later

The recommended screen resolution is 1024 x 768 pixels and higher.

3.2 Access

1Make sure your NXC hardware is properly connected. See the Quick Start Guide.

2Browse to https://192.168.1.1. The Login screen appears.

3Enter the user name (default: “admin”) and password (default: “1234”). Select the language you prefer for the Web Configurator.

4Click Login. If you logged in using the default user name and password, the Update Admin Info screen appears. Otherwise, the dashboard appears.

NXC Series User’s Guide

+ 472 hidden pages

Zyxel NXC2500, NXC5500 User Manual

NXC Series

Document Conventions

Contents Overview

Table of Contents

User’s Guide

Introduction

1.1 Overview

1.2Zones, Interfaces, and Physical Ports

1.2.1 Interface Types

1.2.2 Interface and Zone Configuration

1.3 Applications

1.3.1 AP Management

1.3.2 Wireless Security

1.3.3 Captive Portal

1.3.4 Load Balancing

1.3.5 Dynamic Channel Selection

1.3.6 User-Aware Access Control

1.4 Management Overview

1.5 Object-based Configuration

1.6 Starting and Stopping the NXC

2.1 Rack-mounted Installation

2.1.1 Rack-Mounted Installation Procedure

2.2 Front Panel

2.2.3 Front Panel LEDs

2.3 Rear Panel

The Web Configurator

3.1 Overview

3.2 Access