P-320W
802.11g Wireless Firewall Router
User’s Guide
Version 1.00
11/2005
Edition 1
P-320W User’s Guide
Copyright
Copyright © 2005 by ZyXEL Communications Corporation.
The contents of this publication may not be reproduced in any part or as a whole, transcribed,
stored in a retrieval system, translated into any language, or transmitted in any form or by any
means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or
otherwise, without the prior written permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or
software described herein. Neither does it convey any license under its patent rights nor the
patent rights of others. ZyXEL further reserves the right to make changes in any products
described herein without notice. This publication is subject to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL
Communications, Inc. Other trademarks mentioned in this publication are used for
identification purposes only and may be properties of their respective owners.
Copyright 3
P-320W User’s Guide
Federal Communications
Commission (FCC) Interference
Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two
conditions:
• This device may not cause harmful interference.
• This device must accept any interference received, including interference that may cause
undesired operations.
This equipment has been tested and found to comply with the limits for a Class B digital
device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable
protection against harmful interference in a commercial environment. This equipment
generates, uses, and can radiate radio frequency energy, and if not installed and used in
accordance with the instructions, may cause harmful interference to radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be
determined by turning the equipment off and on, the user is encouraged to try to correct the
interference by one or more of the following measures:
• Reorient or relocate the receiving antenna.
• Increase the separation between the equipment and the receiver.
• Connect the equipment into an outlet on a circuit different from that to which the receiver
is connected.
• Consult the dealer or an experienced radio/TV technician for help.
Caution
1 To comply with FCC RF exposure compliance requirements, a separation distance of at
least 20 cm must be maintained between the antenna of this device and all persons.
2 This transmitter must not be co-located or operating in conjunction with any other
antenna or transmitter.
Notice 1
Changes or modifications not expressly approved by the party responsible for compliance
could void the user's authority to operate the equipment.
This Class B digital apparatus complies with Canadian ICES-003.
Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada.
4 Federal Communications Commission (FCC) Interference Statement
P-320W User’s Guide
Certifications
1 Go to www.zyxel.com
2 Select your product from the drop-down list box on the ZyXEL home page to go to that
product's page.
3 Select the certification you wish to view from this page.
Federal Communications Commission (FCC) Interference Statement 5
P-320W User’s Guide
For your safety, be sure to read and follow all warning notices and instructions.
• To reduce the risk of fire, use only No. 26 AWG (American Wire Gauge) or larger
telecommunication line cord.
• Do NOT open the device or unit. Opening or removing covers can expose you to
dangerous high voltage points or other risks. ONLY qualified service personnel can
service the device. Please contact your vendor for further information.
• Use ONLY the dedicated power supply for your device. Connect the power cord or
power adaptor to the right supply voltage (110V AC in North America or 230V AC in
Europe).
• Do NOT use the device if the power supply is damaged as it might cause electrocution.
• If the power supply is damaged, remove it from the power outlet.
• Do NOT attempt to repair the power supply. Contact your local vendor to order a new
power supply.
• Place connecting cables carefully so that no one will step on them or stumble over them.
Do NOT allow anything to rest on the power cord and do NOT locate the product where
anyone can walk on the power cord.
• If you wall mount your device, make sure that no electrical, gas or water pipes will be
damaged.
• Do NOT install nor use your device during a thunderstorm. There may be a remote risk of
electric shock from lightning.
• Do NOT expose your device to dampness, dust or corrosive liquids.
• Do NOT use this product near water, for example, in a wet basement or near a swimming
pool.
• Make sure to connect the cables to the correct ports.
• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your
device.
• Do NOT store things on the device.
• Connect ONLY suitable accessories to the device.
Safety Warnings
6 Safety Warnings
P-320W User’s Guide
ZyXEL Limited Warranty
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects
in materials or workmanship for a period of up to two years from the date of purchase. During
the warranty period, and upon proof of purchase, should the product have indications of failure
due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the
defective products or components without charge for either parts or labor, and to whatever
extent it shall deem necessary to restore the product or components to proper operating
condition. Any replacement will consist of a new or re-manufactured functionally equivalent
product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not
apply if the product is modified, misused, tampered with, damaged by an act of God, or
subjected to abnormal working conditions.
Note
Repair or replacement, as provided under this warranty, is the exclusive remedy of the
purchaser. This warranty is in lieu of all other warranties, express or implied, including any
implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in
no event be held liable for indirect or consequential damages of any kind of character to the
purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return
Material Authorization number (RMA). Products must be returned Postage Prepaid. It is
recommended that the unit be insured when shipped. Any returned products without proof of
purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of
ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products
will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty
gives you specific legal rights, and you may also have other rights that vary from country to
country.
ZyXEL Limited Warranty 7
P-320W User’s Guide
Please have the following information ready when you contact customer support.
• Product model and serial number.
• Warranty Information.
• Date that you received your device.
• Brief description of the problem and the steps you took to solve it.
Customer Support
METHOD
LOCATION
CORPORATE
HEADQUARTERS
(WORLDWIDE)
CZECH REPUBLIC
DENMARK
FINLAND
FRANCE
GERMANY
HUNGARY
KAZAKHSTAN
NORTH AMERICA
NORWAY
SUPPORT E-MAIL TELEPHONE
SALES E-MAIL FAX FTP SITE
support@zyxel.com.tw +886-3-578-3942 www.zyxel.com
sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.com
info@cz.zyxel.com +420-241-091-350 www.zyxel.cz ZyXEL Communications
info@cz.zyxel.com +420-241-091-359
support@zyxel.dk +45-39-55-07-00 www.zyxel.dk ZyXEL Communications A/S
sales@zyxel.dk +45-39-55-07-07
support@zyxel.fi +358-9-4780-8411 www.zyxel.fi ZyXEL Communications Oy
sales@zyxel.fi +358-9-4780 8448
info@zyxel.fr +33-4-72-52-97-97 www.zyxel.fr ZyXEL France
+33-4-72-52-19-20
support@zyxel.de +49-2405-6909-0 www.zyxel.de ZyXEL Deutschland GmbH.
sales@zyxel.de +49-2405-6909-99
support@zyxel.hu +36-1-3361649 www.zyxel.hu ZyXEL Hungary
info@zyxel.hu +36-1-3259100
http://zyxel.kz/support +7-3272-590-698 www.zyxel.kz ZyXEL Kazakhstan
sales@zyxel.kz +7-3272-590-689
support@zyxel.com 1-800-255-4101
+1-714-632-0882
sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com
support@zyxel.no +47-22-80-61-80 www.zyxel.no ZyXEL Communications A/S
sales@zyxel.no +47-22-80-61-81
A
WEB SITE
www.europe.zyxel.com
ftp.europe.zyxel.com
www.us.zyxel.com ZyXEL Communications Inc.
REGULAR MAIL
ZyXEL Communications Corp.
6 Innovation Road II
Science Park
Hsinchu 300
Ta iw a n
Czech s.r.o.
Modranská 621
143 01 Praha 4 - Modrany
Ceská Republika
Columbusvej
2860 Soeborg
Denmark
Malminkaari 10
00700 Helsinki
Finland
1 rue des Vergers
Bat. 1 / C
69760 Limonest
France
Adenauerstr. 20/A2 D-52146
Wuerselen
Germany
48, Zoldlomb Str.
H-1025, Budapest
Hungary
43, Dostyk ave.,Office 414
Dostyk Business Centre
050010, Almaty
Republic of Kazakhstan
1130 N. Miller St.
Anaheim
CA 92806-2001
U.S.A.
Nils Hansens vei 13
0667 Oslo
Norway
8 Customer Support
P-320W User’s Guide
METHOD
LOCATION
POLAND
RUSSIA
SPAIN
SWEDEN
UKRAINE
UNITED KINGDOM
A. “+” is the (prefix) number you enter to make an international telephone call.
SUPPORT E-MAIL TELEPHONE
SALES E-MAIL FAX FTP SITE
info@pl.zyxel.com +48-22-5286603 www.pl.zyxel.com ZyXEL Communications
+48-22-5206701
http://zyxel.ru/support +7-095-542-89-29 www.zyxel.ru ZyXEL Russia
sales@zyxel.ru +7-095-542-89-25
support@zyxel.es +34-902-195-420 www.zyxel.es ZyXEL Communications
sales@zyxel.es +34-913-005-345
support@zyxel.se +46-31-744-7700 www.zyxel.se ZyXEL Communications A/S
sales@zyxel.se +46-31-744-7701
support@ua.zyxel.com +380-44-247-69-78 www.ua.zyxel.com ZyXEL Ukraine
sales@ua.zyxel.com +380-44-494-49-32
support@zyxel.co.uk +44-1344 303044
08707 555779 (UK only)
sales@zyxel.co.uk +44-1344 303034 ftp.zyxel.co.uk
A
WEB SITE
REGULAR MAIL
ul.Emilli Plater 53
00-113 Warszawa
Poland
Ostrovityanova 37a Str.
Moscow, 117279
Russia
Alejandro Villegas 33
1º, 28043 Madrid
Spain
Sjöporten 4, 41764 Göteborg
Sweden
13, Pimonenko Str.
Kiev, 04050
Ukraine
www.zyxel.co.uk ZyXEL Communications UK
Ltd.,11 The Courtyard,
Eastern Road, Bracknell,
Berkshire, RG12 2XB,
United Kingdom (UK)
Customer Support 9
P-320W User’s Guide
10 Customer Support
P-320W User’s Guide
Table of Contents
Copyright ..................................................................................................................3
Federal Communications Commission (FCC) Interference Statement ............... 4
Safety Warnings ....................................................................................................... 6
ZyXEL Limited Warranty.......................................................................................... 7
Customer Support.................................................................................................... 8
Table of Contents ................................................................................................... 11
Preface ....................................................................................................................25
Chapter 1
Getting to Know Your Prestige ............................................................................. 27
1.1 Prestige Overview ..............................................................................................27
1.2 Prestige Features ...............................................................................................27
1.2.1 Physical Features .....................................................................................27
1.2.2 Non-Physical Features .............................................................................28
1.2.3 Wireless Features .....................................................................................30
1.3 Applications for the Prestige ..............................................................................31
1.3.1 Secure Broadband Internet Access via Cable or DSL Modem .................31
1.3.2 Wireless LAN Application .........................................................................32
1.3.3 Front Panel LEDs .....................................................................................32
Chapter 2
Introducing the Web Configurator........................................................................ 35
2.1 Web Configurator Overview ...............................................................................35
2.2 Accessing the Prestige Web Configurator .........................................................35
2.3 Resetting the Prestige ........................................................................................37
2.3.1 Procedure To Use The Reset Button ........................................................37
2.4 Navigating the Prestige Web Configurator .........................................................37
2.4.1 Navigation Panel .......................................................................................39
2.4.2 Summary: DHCP Table..............................................................................41
2.4.3 Summary: Association List ........................................................................42
2.4.4 Summary: Packet Statistics .......................................................................42
Chapter 3
Connection Wizard................................................................................................. 45
3.1 Wizard Setup ......................................................................................................45
Table of Contents 11
P-320W User’s Guide
Chapter 4
Wireless LAN .......................................................................................................... 61
3.2 Connection Wizard: STEP 1: System Information .............................................46
3.2.1 System Name ...........................................................................................46
3.2.2 Domain Name ...........................................................................................46
3.3 Connection Wizard: STEP 2: Wireless LAN .......................................................47
3.3.1 Basic(WEP) Security .................................................................................49
3.3.2 Extend(WPA-PSK) Security.......................................................................50
3.3.3 OTIST ........................................................................................................51
3.4 Connection Wizard: STEP 3: Internet Configuration ..........................................52
3.4.1 Ethernet Connection Type ........................................................................53
3.4.2 PPPoE Connection Type ..........................................................................53
3.4.3 PPTP Connection Type ............................................................................55
3.4.4 Your IP Address .........................................................................................56
3.4.5 WAN MAC Address ...................................................................................57
3.4.6 Connection Wizard Complete ....................................................................58
4.1 Introduction ........................................................................................................61
4.2 Wireless Security Overview ...............................................................................61
4.2.1 Encryption .................................................................................................61
4.2.2 Authentication ...........................................................................................61
4.2.3 Restricted Access .....................................................................................62
4.2.4 Hide Prestige Identity ................................................................................62
4.2.5 Using OTIST .............................................................................................62
4.3 Configuring Wireless LAN on the Prestige .........................................................62
4.4 General Wireless LAN Screen ..........................................................................63
4.4.1 No Security ...............................................................................................64
4.4.2 WEP Encryption ........................................................................................65
4.4.3 Introduction to WPA .................................................................................67
4.4.4 WPA-PSK Application Example ................................................................67
4.4.5 WPA-PSK Authentication Screen .............................................................68
4.4.6 WPA with RADIUS Application Example ..................................................69
4.4.7 Wireless Client WPA Supplicants .............................................................69
4.4.8 WPA Authentication Screen ......................................................................69
4.4.9 IEEE 802.1x Overview ..............................................................................70
4.4.10 IEEE 802.1x and Dynamic WEP Key Exchange Screen ........................71
4.5 OTIST .................................................................................................................72
4.5.1 Enabling OTIST ........................................................................................72
4.5.1.1 AP ...................................................................................................72
4.5.1.2 Wireless Client ................................................................................74
4.5.2 Starting OTIST ..........................................................................................75
4.5.3 Notes on OTIST ........................................................................................75
4.6 MAC Filter ..........................................................................................................76
12 Table of Contents
P-320W User’s Guide
4.7 Wireless LAN Advanced Screen ........................................................................78
Chapter 5
WAN......................................................................................................................... 81
5.1 WAN IP Address Assignment .............................................................................81
5.2 IP Address and Subnet Mask .............................................................................81
5.3 DNS Server Address Assignment ......................................................................82
5.4 TCP/IP Priority (Metric) ......................................................................................82
5.5 WAN MAC Address ............................................................................................83
5.6 Internet Connection ............................................................................................83
5.6.1 Ethernet Encapsulation .............................................................................83
5.6.2 PPPoE Encapsulation ...............................................................................85
5.6.3 PPTP Encapsulation .................................................................................87
5.7 Advanced WAN Screen ......................................................................................89
5.8 Traffic Redirect ...................................................................................................90
5.9 Traffic Redirect Screen .......................................................................................90
Chapter 6
LAN..........................................................................................................................93
6.1 LAN Overview ....................................................................................................93
6.1.1 IP Pool Setup ............................................................................................93
6.1.2 System DNS Servers ................................................................................93
6.2 LAN TCP/IP ........................................................................................................93
6.2.1 Factory LAN Defaults ................................................................................93
6.2.2 IP Address and Subnet Mask ...................................................................94
6.3 IP Screen ...........................................................................................................94
Chapter 7
DHCP Server........................................................................................................... 95
7.1 DHCP .................................................................................................................95
7.2 DHCP Screen .....................................................................................................95
7.3 Static DHCP Screen ...........................................................................................96
7.4 Client List Screen ...............................................................................................97
Chapter 8
Network Address Translation (NAT).....................................................................99
8.1 NAT Overview ....................................................................................................99
8.1.1 NAT Definitions .........................................................................................99
8.1.2 What NAT Does ......................................................................................100
8.1.3 How NAT Works .....................................................................................100
8.1.4 NAT Application ......................................................................................101
8.1.5 Default Server IP Address ......................................................................101
8.1.6 Port Forwarding: Services and Port Numbers ........................................102
Table of Contents 13
P-320W User’s Guide
Chapter 9
Firewall..................................................................................................................109
8.1.7 Configuring Servers Behind SUA (Example) ..........................................103
8.2 General NAT Screen ........................................................................................103
8.3 Port Forwarding Screen ...................................................................................104
8.3.1 Rule Setup Screen...................................................................................105
8.4 Trigger Port Forwarding ...................................................................................106
8.4.1 Trigger Port Forwarding Example ...........................................................106
8.4.2 Two Points To Remember About Trigger Ports .......................................107
8.5 Trigger Port Forwarding Screen .......................................................................107
9.1 Introduction to Firewall .....................................................................................109
9.1.1 What is a Firewall? .................................................................................109
9.1.2 Stateful Inspection Firewall. ....................................................................109
9.1.3 About the Prestige Firewall .....................................................................109
9.1.4 Guidelines For Enhancing Security With Your Firewall ..........................110
9.2 General Firewall Screen ...................................................................................110
9.3 Services Screen .............................................................................................. 111
9.3.1 Services ..................................................................................................113
Chapter 10
Static Route Screens ........................................................................................... 115
10.1 Static Route Overview ....................................................................................115
10.2 IP Static Route Screen ................................................................................... 115
10.2.1 Static Route Setup Screen.....................................................................116
Chapter 11
Remote Management Screens ............................................................................ 119
11.1 Remote Management Overview ..................................................................... 119
11.1.1 Remote Management Limitations .........................................................119
11.1.2 Remote Management and NAT ............................................................119
11.1.3 System Timeout ...................................................................................120
11.2 WWW Screen .................................................................................................120
11.3 SNMP .............................................................................................................121
11.3.1 Supported MIBs ....................................................................................122
11.3.2 SNMP Traps ..........................................................................................122
11.4 SNMP Screen .................................................................................................122
11.5 Security Screen ..............................................................................................123
Chapter 12
UPnP...................................................................................................................... 125
12.1 Universal Plug and Play Overview ................................................................125
12.1.1 How Do I Know If I'm Using UPnP? ......................................................125
14 Table of Contents
P-320W User’s Guide
12.1.2 NAT Traversal .......................................................................................125
12.1.3 Cautions with UPnP ..............................................................................125
12.2 UPnP and ZyXEL ...........................................................................................126
12.3 UPnP Screen .................................................................................................126
12.4 Installing UPnP in Windows Example ............................................................127
12.4.1 Installing UPnP in Windows Me ............................................................127
12.4.2 Installing UPnP in Windows XP ............................................................128
12.5 Using UPnP in Windows XP Example ..........................................................129
12.5.1 Auto-discover Your UPnP-enabled Network Device .............................130
12.5.2 Web Configurator Easy Access ............................................................133
Chapter 13
System .................................................................................................................. 135
13.1 System Overview ...........................................................................................135
13.2 General Screen ..............................................................................................135
13.3 Dynamic DNS .................................................................................................136
13.3.1 DynDNS Wildcard .................................................................................136
13.4 Dynamic DNS Screen ....................................................................................137
13.5 Time Setting Screen .......................................................................................137
Chapter 14
Logs....................................................................................................................... 141
14.1 View Log .......................................................................................................141
14.2 Log Settings ...................................................................................................142
Chapter 15
Tools ...................................................................................................................... 145
15.1 Firmware Upload Screen ...............................................................................145
15.2 Configuration Screen .....................................................................................146
15.2.1 Backup Configuration ...........................................................................147
15.2.2 Restore Configuration ...........................................................................147
15.2.3 Back to Factory Defaults .......................................................................148
15.3 Restart Screen ...............................................................................................148
Chapter 16
Troubleshooting ...................................................................................................151
16.1 Problems Starting Up the Prestige .................................................................151
16.2 Problems with the LAN ...................................................................................151
16.3 Problems with the WAN .................................................................................152
16.4 Problems with the Password ..........................................................................152
16.5 Problems with Remote Management .............................................................153
16.6 Problems Accessing the Prestige ..................................................................153
16.6.1 Pop-up Windows, JavaScripts and Java Permissions ..........................154
Table of Contents 15
P-320W User’s Guide
Appendix A
Product Specifications ........................................................................................ 163
Appendix B
IP Subnetting ........................................................................................................ 165
Appendix C
Setting up Your Computer’s IP Address............................................................ 173
Appendix D
PPPoE ................................................................................................................... 189
Appendix E
PPTP......................................................................................................................191
16.6.1.1 Internet Explorer Pop-up Blockers ..............................................154
16.6.1.2 JavaScripts ..................................................................................157
16.6.1.3 Java Permissions ........................................................................159
16.6.2 ActiveX Controls in Internet Explorer ....................................................161
Appendix F
Wireless LANs ...................................................................................................... 195
Appendix G
Antenna Selection and Positioning Recommendation..................................... 209
16 Table of Contents
P-320W User’s Guide
List of Figures
Figure 1 Secure Internet Access via Cable, DSL or Wireless Modem ................................ 31
Figure 2 Internet Access Application Example .................................................................... 32
Figure 3 Front Panel ...........................................................................................................32
Figure 4 Login ..................................................................................................................... 36
Figure 5 Language Selection .............................................................................................. 36
Figure 6 Change Password Screen .................................................................................... 36
Figure 7 Select the Mode .................................................................................................... 37
Figure 8 Web Configurator Status Screen .......................................................................... 38
Figure 9 Summary: DHCP Table ......................................................................................... 41
Figure 10 Summary: Association List .................................................................................. 42
Figure 11 Summary: Packet Statistics ................................................................................. 43
Figure 12 Select a Mode ..................................................................................................... 45
Figure 13 Welcome to the Connection Wizard .................................................................... 46
Figure 14 Connection Wizard: STEP 1: System Information .............................................. 47
Figure 15 Connection Wizard: STEP 2: Wireless LAN ....................................................... 48
Figure 16 Basic(WEP) Security ........................................................................................... 49
Figure 17 Extend(WPA-PSK) Security ................................................................................ 50
Figure 18 OTIST ................................................................................................................. 51
Figure 19 Connection Wizard: STEP 3: WAN Connection Type. ........................................ 52
Figure 20 Ethernet Connection Type .................................................................................. 53
Figure 21 PPPoE Connection Type .................................................................................... 54
Figure 22 PPTP Connection Type ....................................................................................... 55
Figure 23 Your IP Address .................................................................................................. 56
Figure 24 WAN MAC Address ............................................................................................. 58
Figure 25 Connection Wizard Complete ............................................................................. 59
Figure 26 Connection Wizard: Congratulation .................................................................... 59
Figure 27 Wireless: General .............................................................................................. 63
Figure 28 Wireless: No Security .......................................................................................... 65
Figure 29 Wireless: Static WEP Encryption ........................................................................ 66
Figure 30 WPA-PSK Authentication .................................................................................... 68
Figure 31 Wireless: WPA-PSK ............................................................................................ 68
Figure 32 WPA with RADIUS Application Example ............................................................ 69
Figure 33 Wireless: WPA .................................................................................................... 70
Figure 34 Wireless: 802.1x and Dynamic WEP .................................................................. 71
Figure 35 Wireless: OTIST .................................................................................................. 73
Figure 36 Example Wireless Client OTIST Screen ............................................................. 74
17
P-320W User’s Guide
Figure 37 Security Key ........................................................................................................ 75
Figure 38 OTIST in Progress (AP) ...................................................................................... 75
Figure 39 OTIST in Progress (Client) .................................................................................. 75
Figure 40 No AP with OTIST Found ........................................................................... 75
Figure 41 Start OTIST? ....................................................................................................... 76
Figure 42 Wireless: MAC Address Filter ............................................................................. 77
Figure 43 Wireless: Advanced ............................................................................................ 78
Figure 44 WAN: Ethernet Encapsulation ............................................................................. 84
Figure 45 WAN: PPPoE Encapsulation ............................................................................... 86
Figure 46 PPTP Encapsulation ........................................................................................... 88
Figure 47 Advanced ............................................................................................................ 90
Figure 48 Traffic Redirect WAN Setup ................................................................................ 90
Figure 49 WAN: Traffic Redirect .......................................................................................... 91
Figure 50 LAN IP ................................................................................................................. 94
Figure 51 General ............................................................................................................... 95
Figure 52 Static DHCP ........................................................................................................ 97
Figure 53 Client List ............................................................................................................ 98
Figure 54 How NAT Works .................................................................................................. 101
Figure 55 NAT Application With IP Alias ............................................................................. 101
Figure 56 Multiple Servers Behind NAT Example ............................................................... 103
Figure 57 NAT: General ....................................................................................................... 103
Figure 58 Port Forwarding .................................................................................................. 104
Figure 59 NAT: Port Forwarding: Rule Setup ...................................................................... 105
Figure 60 Trigger Port Forwarding Process: Example ........................................................ 107
Figure 61 NAT: Trigger Port ................................................................................................. 108
Figure 62 Firewall: General ................................................................................................. 110
Figure 63 Firewall: Services ................................................................................................ 111
Figure 64 Example of Static Routing Topology ................................................................... 115
Figure 65 IP Static Route .................................................................................................... 116
Figure 66 Static Route Setup .............................................................................................. 117
Figure 67 WWW Remote Management .............................................................................. 120
Figure 68 SNMP Management Model ................................................................................. 121
Figure 69 SNMP Remote Management .............................................................................. 123
Figure 70 Security Remote Management ........................................................................... 124
Figure 71 Configuring UPnP ............................................................................................... 126
Figure 72 Add/Remove Programs: Windows Setup: Communication ................................. 127
Figure 73 Add/Remove Programs: Windows Setup: Communication: Components .......... 128
Figure 74 Network Connections .......................................................................................... 128
Figure 75 Windows Optional Networking Components Wizard .......................................... 129
Figure 76 Networking Services ........................................................................................... 129
Figure 77 Network Connections .......................................................................................... 130
Figure 78 Internet Connection Properties .......................................................................... 131
Figure 79 Internet Connection Properties: Advanced Settings ........................................... 131
18
P-320W User’s Guide
Figure 80 Internet Connection Properties: Advanced Settings: Add ................................... 132
Figure 81 System Tray Icon ................................................................................................ 132
Figure 82 Internet Connection Status .................................................................................. 132
Figure 83 Network Connections .......................................................................................... 133
Figure 84 Network Connections: My Network Places ......................................................... 134
Figure 85 Network Connections: My Network Places: Properties: Example ....................... 134
Figure 86 System General ................................................................................................. 135
Figure 87 Dynamic DNS ..................................................................................................... 137
Figure 88 Time Setting ........................................................................................................ 138
Figure 89 View Log .............................................................................................................141
Figure 90 Log Settings ........................................................................................................ 143
Figure 91 Maintenance Firmware Upload ........................................................................... 145
Figure 92 Upload Warning .................................................................................................. 146
Figure 93 Network Temporarily Disconnected .................................................................... 146
Figure 94 Upload Error Message ........................................................................................ 146
Figure 95 Configuration ....................................................................................................... 147
Figure 96 Configuration Restore Successful ....................................................................... 148
Figure 97 Temporarily Disconnected ................................................................................... 148
Figure 98 Configuration Restore Error ................................................................................ 148
Figure 99 System Restart ................................................................................................... 149
Figure 100 Pop-up Blocker ................................................................................................. 154
Figure 101 Internet Options ............................................................................................... 155
Figure 102 Internet Options ................................................................................................ 156
Figure 103 Pop-up Blocker Settings ................................................................................... 157
Figure 104 Internet Options ................................................................................................ 158
Figure 105 Security Settings - Java Scripting ..................................................................... 159
Figure 106 Security Settings - Java .................................................................................... 160
Figure 107 Java (Sun) ......................................................................................................... 160
Figure 108 Internet Options Security .................................................................................. 161
Figure 109 Security Setting ActiveX Controls ..................................................................... 162
Figure 110 WIndows 95/98/Me: Network: Configuration ..................................................... 174
Figure 111 Windows 95/98/Me: TCP/IP Properties: IP Address ......................................... 175
Figure 112 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ............................. 176
Figure 113 Windows XP: Start Menu .................................................................................. 177
Figure 114 Windows XP: Control Panel .............................................................................. 177
Figure 115 Windows XP: Control Panel: Network Connections: Properties ....................... 178
Figure 116 Windows XP: Local Area Connection Properties .............................................. 178
Figure 117 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 179
Figure 118 Windows XP: Advanced TCP/IP Properties ...................................................... 180
Figure 119 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 181
Figure 120 Macintosh OS 8/9: Apple Menu ........................................................................ 182
Figure 121 Macintosh OS 8/9: TCP/IP ................................................................................ 182
Figure 122 Macintosh OS X: Apple Menu ........................................................................... 183
19
P-320W User’s Guide
Figure 123 Macintosh OS X: Network ................................................................................. 184
Figure 124 Red Hat 9.0: KDE: Network Configuration: Devices ........................................ 185
Figure 125 Red Hat 9.0: KDE: Ethernet Device: General ................................................. 185
Figure 126 Red Hat 9.0: KDE: Network Configuration: DNS ............................................. 186
Figure 127 Red Hat 9.0: KDE: Network Configuration: Activate ....................................... 186
Figure 128 Red Hat 9.0: Dynamic IP Address Setting in ifconfig-eth0 .............................. 187
Figure 129 Red Hat 9.0: Static IP Address Setting in ifconfig-eth0 .................................. 187
Figure 130 Red Hat 9.0: DNS Settings in resolv.conf ...................................................... 187
Figure 131 Red Hat 9.0: Restart Ethernet Card ................................................................ 188
Figure 132 Red Hat 9.0: Checking TCP/IP Properties ...................................................... 188
Figure 133 Single-Computer per Router Hardware Configuration ...................................... 190
Figure 134 ZyWALL as a PPPoE Client .............................................................................. 190
Figure 135 Transport PPP frames over Ethernet ............................................................... 191
Figure 136 PPTP Protocol Overview .................................................................................. 192
Figure 137 Example Message Exchange between Computer and an ANT ........................ 193
Figure 138 Peer-to-Peer Communication in an Ad-hoc Network ........................................ 195
Figure 139 Basic Service Set .............................................................................................. 196
Figure 140 Infrastructure WLAN ......................................................................................... 197
Figure 141 RTS/CTS ........................................................................................................... 198
Figure 142 EAP Authentication ........................................................................................... 201
Figure 143 WEP Authentication Steps ................................................................................ 204
Figure 144 Roaming Example ............................................................................................. 207
20
P-320W User’s Guide
List of Tables
Table 1 Front Panel LEDs .................................................................................................. 32
Table 2 Status Screen Icon Key ......................................................................................... 38
Table 3 Web Configurator Status Screen ........................................................................... 38
Table 4 Screens Summary ................................................................................................. 39
Table 5 Summary: DHCP Table ......................................................................................... 41
Table 6 Summary: Wireless Association List ..................................................................... 42
Table 7 Summary: Packet Statistics ................................................................................... 43
Table 8 Connection Wizard: STEP 1: System Information ................................................. 47
Table 9 Connection Wizard: STEP 2: Wireless LAN ......................................................... 48
Table 10 Basic(WEP) Security ........................................................................................... 49
Table 11 Extend(WPA-PSK) Security ................................................................................. 51
Table 12 OTIST .................................................................................................................. 52
Table 13 Connection Wizard: STEP 3: WAN Connection Type .......................................... 53
Table 14 PPPoE Connection Type ..................................................................................... 54
Table 15 PPTP Connection Type ....................................................................................... 55
Table 16 Your IP Address ................................................................................................... 57
Table 17 Example of Network Properties for LAN Servers with Fixed IP Addresses ......... 57
Table 18 WAN MAC Address ............................................................................................. 58
Table 19 ZyAIR Wireless Security Levels .......................................................................... 63
Table 20 Wireless: General ................................................................................................ 64
Table 21 Wireless No Security ........................................................................................... 65
Table 22 Wireless: Static WEP Encryption ......................................................................... 66
Table 23 Wireless: WPA-PSK ............................................................................................ 68
Table 24 Wireless: WPA ..................................................................................................... 70
Table 25 Wireless: 802.1x and Dynamic WEP ................................................................... 71
Table 26 Wireless: OTIST .................................................................................................. 73
Table 27 MAC Address Filter ............................................................................................. 77
Table 28 Wireless: Advanced ............................................................................................. 78
Table 29 Private IP Address Ranges ................................................................................. 81
Table 30 Example of Network Properties for LAN Servers with Fixed IP Addresses ......... 83
Table 31 WAN: Ethernet Encapsulation ............................................................................. 84
Table 32 WAN: PPPoE Encapsulation ............................................................................... 86
Table 33 PPTP Encapsulation ............................................................................................ 88
Table 34 Advanced .............................................................................................................90
Table 35 Traffic Redirect .................................................................................................... 91
Table 36 LAN IP ................................................................................................................. 94
21
P-320W User’s Guide
Table 37 General ................................................................................................................ 96
Table 38 Static DHCP ......................................................................................................... 97
Table 39 Client List ............................................................................................................. 98
Table 40 NAT Definitions .................................................................................................... 100
Table 41 Services and Port Numbers ................................................................................. 102
Table 42 NAT: General ....................................................................................................... 103
Table 43 NAT: Port Forwarding .......................................................................................... 105
Table 44 NAT: Port Forwarding: Rule Setup ....................................................................... 106
Table 45 NAT: Trigger Port ................................................................................................. 108
Table 46 Firewall: General ................................................................................................. 111
Table 47 Firewall: Services ................................................................................................ 112
Table 48 Commonly Used Services ................................................................................... 113
Table 49 IP Static Route ..................................................................................................... 116
Table 50 Static Route Setup ............................................................................................... 117
Table 51 WWW Remote Management ............................................................................... 120
Table 52 SNMP Traps ........................................................................................................ 122
Table 53 SNMP Remote Management ............................................................................... 123
Table 54 Security Remote Management ............................................................................ 124
Table 55 Configuring UPnP ................................................................................................ 126
Table 56 System General ................................................................................................... 136
Table 57 Dynamic DNS ...................................................................................................... 137
Table 58 Time Setting ........................................................................................................ 138
Table 59 View Log .............................................................................................................. 142
Table 60 Log Settings .........................................................................................................143
Table 61 Maintenance Firmware Upload ............................................................................ 145
Table 62 Maintenance: Restore Configuration ................................................................... 147
Table 63 Troubleshooting Starting Up Your Prestige .......................................................... 151
Table 64 Troubleshooting the LAN ..................................................................................... 151
Table 65 Troubleshooting the WAN .................................................................................... 152
Table 66 Troubleshooting the Password ............................................................................ 152
Table 67 Troubleshooting Telnet ........................................................................................ 153
Table 68 Troubleshooting Accessing the Prestige ............................................................. 153
Table 69 Device .................................................................................................................. 163
Table 70 Firmware .............................................................................................................. 163
Table 71 Classes of IP Addresses ..................................................................................... 165
Table 72 Allowed IP Address Range By Class ................................................................... 166
Table 73 “Natural” Masks .................................................................................................. 166
Table 74 Alternative Subnet Mask Notation ....................................................................... 167
Table 75 Two Subnets Example ......................................................................................... 167
Table 76 Subnet 1 .............................................................................................................. 168
Table 77 Subnet 2 .............................................................................................................. 168
Table 78 Subnet 1 .............................................................................................................. 169
Table 79 Subnet 2 .............................................................................................................. 169
22
P-320W User’s Guide
Table 80 Subnet 3 .............................................................................................................. 169
Table 81 Subnet 4 .............................................................................................................. 170
Table 82 Eight Subnets ...................................................................................................... 170
Table 83 Class C Subnet Planning ..................................................................................... 170
Table 84 Class B Subnet Planning ..................................................................................... 171
Table 85 IEEE802.11g ........................................................................................................ 199
Table 86 Comparison of EAP Authentication Types ........................................................... 205
Table 87 Wireless Security Relational Matrix ..................................................................... 206
23
P-320W User’s Guide
24
P-320W User’s Guide
Preface
Congratulations on your purchase of the P-320W, 802.11g Wireless Firewall Router. This
manual is designed to guide you through the configuration of your Prestige for its various
applications.
This manual may refer to the P-320W, 802.11g Wireless Firewall Router as the Prestige.
Note: Register your product online to receive e-mail notices of firmware upgrades and
information at
American products.
About This User's Guide
This User’s Guide is designed to guide you through the configuration of your Prestige using
the web configurator.
Related Documentation
www.zyxel.com for global products, or at www.us.zyxel.com for North
• Supporting Disk
Refer to the included CD for support documents.
• Quick Start Guide
The Quick Start Guide is designed to help you get up and running right away. They
contain connection information and instructions on getting started.
• Web Configurator Online Help
Embedded web help for descriptions of individual screens and supplementary
information.
• ZyXEL Glossary and Web Site
Please refer to www.zyxel.com for an online glossary of networking terms and additional
support documentation.
User Guide Feedback
Help us help you! E-mail all User Guide-related comments, questions or suggestions for
improvement to techwriters@zyxel.com.tw or send regular mail to The Technical Writing
Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park,
Hsinchu, 300, Taiwan. Thank you!
Syntax Conventions
• “Enter” means for you to type one or more characters. “Select” or “Choose” means for
you to use one predefined choices.
• Mouse action sequences are denoted using a comma. For example, “In Windows, click
Start , Settings and then Control Panel ” means first click the Start button, then point
your mouse pointer to Settings and then click Control Panel .
Preface 25
P-320W User’s Guide
• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.
Graphics Icons Key
Prestige Computer Notebook computer
Server DSLAM Firewall
Modem Switch Router
26 Preface
Getting to Know Your Prestige
This chapter introduces the main features and applications of the Prestige.
1.1 Prestige Overview
The Prestige is the ideal secure wireless firewall router for all data passing between the
Internet and LAN’s.
The Prestige provides NAT, port forwarding, firewall, DHCP server and many other powerful
features. The Prestige has an embedded mini-PCI module for 802.11g Wireless LAN
connectivity.
P-320W User’s Guide
CHAPTER 1
The embedded web configurator is easy to operate.
Note: Only use firmware for your Prestige’s specific model.
1.2 Prestige Features
The following sections describe Prestige features.
1.2.1 Physical Features
10/100 Mbps Auto-negotiating Ethernet/Fast Ethernet Interface(s)
This auto-negotiation feature allows the Prestige to detect the speed of incoming transmissions
and adjust appropriately without manual intervention. It allows data transfer of either 10 Mbps
or 100 Mbps in either half-duplex or full-duplex mode depending on your Ethernet network.
Auto-negotiation allows data transfer of 100 Mbps in full-duplex mode
Auto-crossover 10/100 Mbps Ethernet Interface(s)
These interfaces automatically adjust to either a crossover or straight-through Ethernet cable.
4-Port Switch
A combination of switch and router makes your Prestige a cost-effective and viable network
solution. You can add up to four computers to the Prestige without the cost of a hub. Add more
than four computers to your LAN by using a hub.
Chapter 1 Getting to Know Your Prestige 27
P-320W User’s Guide
Reset Button
The Prestige reset button is built into the rear panel. Use this button to restore the factory
default password to 1234; IP address to 192.168.1.1, subnet mask to 255.255.255.0 and DHCP
server enabled with a pool of 32 IP addresses starting at 192.168.1.33.
1.2.2 Non-Physical Features
Firewall
The Prestige is a stateful inspection firewall with DoS (Denial of Service) protection. By
default, when the firewall is activated, all incoming traffic from the WAN to the LAN is
blocked unless it is initiated from the LAN. The Prestige firewall supports TCP/UDP
inspection, DoS detection and prevention, real time alerts, reports and logs.
Packet Filtering
The packet filtering mechanism blocks unwanted traffic from entering/leaving your network.
Time and Date
The Prestige allows you to get the current time and date from an external server when you turn
on your Prestige. You can also set the time manually.
Universal Plug and Play (UPnP)
Using the standard TCP/IP protocol, the Prestige and other UPnP enabled devices can
dynamically join a network, obtain an IP address and convey its capabilities to other devices
on the network.
PPPoE
PPPoE facilitates the interaction of a host with an Internet modem to achieve access to highspeed data networks via a familiar "dial-up networking" user interface.
PPTP Encapsulation
Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables secure transfer of
data from a remote client to a private server, creating a Virtual Private Network (VPN) using a
TCP/IP-based network.
PPTP supports on-demand, multi-protocol and virtual private networking over public
networks, such as the Internet. The Prestige supports one PPTP server connection at any given
time.
28 Chapter 1 Getting to Know Your Prestige
P-320W User’s Guide
Dynamic DNS Support
With Dynamic DNS (Domain Name System) support, you can have a static hostname alias for
a dynamic IP address, allowing the host to be more easily accessible from various locations on
the Internet. You must register for this service with a Dynamic DNS service provider.
IP Multicast
Deliver IP packets to a specific group of hosts using IP multicast. IGMP (Internet Group
Management Protocol) is the protocol used to support multicast groups. The latest version is
version 2 (see RFC 2236); the Prestige supports both versions 1 and 2.
SNMP
SNMP (Simple Network Management Protocol) is a protocol used for exchanging
management information between network devices. SNMP is a member of the TCP/IP
protocol suite. Your Prestige supports SNMP agent functionality, which allows a manager
station to manage and monitor the Prestige through the network. The Prestige supports SNMP
version one (SNMPv1) and version two (SNMPv2).
Network Address Translation (NAT)
Network Address Translation (NAT) allows the translation of an Internet protocol address
used within one network (for example a private IP address used in a local network) to a
different IP address known within another network (for example a public IP address used on
the Internet).
Traffic Redirect
Traffic Redirect forwards WAN traffic to a backup gateway on the LAN when the Prestige
cannot connect to the Internet, thus acting as an auxiliary backup when your regular WAN
connection fails.
Port Forwarding
Use this feature to forward incoming service requests to a server on your local network. You
may enter a single port number or a range of port numbers to be forwarded, and the local IP
address of the desired server.
DHCP (Dynamic Host Configuration Protocol)
DHCP (Dynamic Host Configuration Protocol) allows the individual client computers to
obtain the TCP/IP configuration at start-up from a centralized DHCP server. The Prestige has
built-in DHCP server capability, enabled by default, which means it can assign IP addresses,
an IP default gateway and DNS servers to all systems that support the DHCP client.
Chapter 1 Getting to Know Your Prestige 29
P-320W User’s Guide
Full Network Management
The embedded web configurator is an all-platform web-based utility that allows you to easily
access the Prestige’s management settings and configure the firewall. Most functions of the
Prestige are also software configurable via the SMT (System Management Terminal)
interface. The SMT is a menu-driven interface that you can access over a telnet connection.
RoadRunner Support
In addition to standard cable modem services, the Prestige supports Time Warner’s
RoadRunner Service.
Logging and Tracing
• Built-in message logging and packet tracing.
• Firewall logs.
• Content filtering logs.
Upgrade Prestige Firmware via LAN
The firmware of the Prestige can be upgraded via the LAN (refer to Maintenance- F/W Upload
Screen).
Embedded FTP and TFTP Servers
The Prestige’s embedded FTP and TFTP Servers enable fast firmware upgrades as well as
configuration file backups and restoration.
1.2.3 Wireless Features
Wireless LAN
The Prestige supports the IEEE 802.11g standard, which is fully compatible with the IEEE
802.11b standard, meaning that you can have both IEEE 802.11b and IEEE 802.11g wireless
clients in the same wireless network.
Note: The Prestige may be prone to RF (Radio Frequency) interference from other
2.4 GHz devices such as microwave ovens, wireless phones, Bluetooth
enabled devices, and other wireless LANs.
Wi-Fi Protected Access
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specification standard.
Key differences between WPA and WEP are user authentication and improved data
encryption.
30 Chapter 1 Getting to Know Your Prestige