ZyXEL Prestige P-330W User Manual

Page 1
P-330W
802.11g Secure Wireless Internet Sharing Router

User’s Guide

Version 1.1
July 2006
Page 2
ZyXEL P-330W User’s Guide

Copyright

The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.

Disclaimer

ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice. This publication is subject to change without notice.

Trademarks

ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
Copyright 2
Page 3
ZyXEL P-330W User’s Guide
Federal Communications
Commission (FCC) Interference
Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:
• This device may not cause harmful interference.
• This device must accept any interference received, including interference that may cause undesired operations.
This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:
• Reorient or relocate the receiving antenna.
• Increase the separation between the equipment and the receiver.
• Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
• Consult the dealer or an experienced radio/TV technician for help.

Notice 1

Changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment.

Certifications

Go to www.us.zyxel.com
1 Select your product from the drop-down list box on the ZyXEL home page to go to that
product's page.
2 Select the certification you wish to view from this page

3 Federal Communications Commission (FCC) Interference Statement

Page 4
ZyXEL P-330W User’s Guide

ZyXEL Limited Warranty

ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to proper operating condition. Any replacement will consist of a new or re-manufactured functionally equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.

Note

Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This warranty is in lieu of all other warranties, express or implied, including any implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect or consequential damages of any kind of character to the purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material Authorization number (RMA). Products must be returned Postage Prepaid. It is recommended that the unit be insured when shipped. Any returned products without proof of purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty gives you specific legal rights, and you may also have other rights that vary from country to country.

Safety Warnings

1 To reduce the risk of fire, use only No. 26 AWG or larger telephone wire.
2 Do not use this product near water, for example, in a wet basement or near a swimming
pool.
3 Avoid using this product during an electrical storm. There may be a remote risk of
electric shock from lightening.
This product has been designed for the WLAN 2.4 GHz network throughout the EC region and Switzerland, with restrictions in France.
ZyXEL Limited Warranty 4
Page 5
ZyXEL P-330W User’s Guide
Please have the following information ready when you contact customer support.
• Product model and serial number.
• Warranty Information.
• Date that you received your device.
• Brief description of the problem and the steps you took to solve it.

Customer Support

METHOD
LOCATION
NORTH AMERICA
SUPPORT E-MAIL TELEPHONE WEB SITE
SALES E-MAIL FAX FTP SITE
support@zyxel.com +1-800-978-7222
+1-714-632-0882
sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com
www.us.zyxel.com ZyXEL Communications Inc.
REGULAR MAIL
1130 N. Miller St. Ana hei m
CA 92806- 2001 U.S.A.
5 Customer Support
Page 6
ZyXEL P-330W User’s Guide

Table of Contents

Copyright ..................................................................................................................2
Federal Communications Commission (FCC) Interference Statement ............... 3
ZyXEL Limited Warranty.......................................................................................... 4
Customer Support.................................................................................................... 5
Preface ....................................................................................................................18
Chapter 1
Getting to Know Your P-330W............................................................................... 20
1.1 P-330W Internet Security Gateway Overview ....................................................20
1.2 P-330W Features ...............................................................................................20
1.2.1 Physical Features .....................................................................................20
1.2.1.1 10/100M Auto-negotiating Ethernet/Fast Ethernet Interface(s) .......20
1.2.1.2 Auto-crossover 10/100 Mbps Ethernet Interface(s) .........................20
1.2.1.3 4-Port Switch ...................................................................................20
1.2.1.4 Time and Date .................................................................................21
1.2.1.5 Reset Button ...................................................................................21
1.2.2 Removable Antenna .................................................................................21
1.2.3 Non-Physical Features .............................................................................21
1.2.3.1 Firewall ............................................................................................21
1.2.3.2 802.11b Wireless LAN Standard .....................................................21
1.2.3.3 802.11g Wireless LAN Standard .....................................................22
1.2.3.4 Packet Filtering ...............................................................................22
1.2.3.5 Universal Plug and Play (UPnP) .....................................................22
1.2.3.6 PPPoE .............................................................................................22
1.2.3.7 PPTP Encapsulation .......................................................................22
1.2.3.8 Dynamic DNS Support ....................................................................22
1.2.3.9 Network Address Translation (NAT) ................................................23
1.2.3.10 Port Forwarding .............................................................................23
1.2.3.11 DHCP (Dynamic Host Configuration Protocol) ..............................23
1.2.3.12 Logging and Tracing ......................................................................23
1.2.3.13 Wireless Association List ..............................................................23
1.3 Applications for the P-330W ...............................................................................23
1.3.1 Secure Broadband Internet Access via Cable or DSL Modem .................23
Table of Contents 6
Page 7
ZyXEL P-330W User’s Guide
1.3.2 Internet Access Application ......................................................................24
Chapter 2
Introducing the Web Configurator........................................................................ 26
2.1 Web Configurator Overview ...............................................................................26
2.2 Accessing the P-330W Web Configurator ..........................................................26
2.2.1 Navigating the P-330W Web Configurator ................................................27
2.2.2 Navigation Panel .......................................................................................27
Chapter 3
Wizard Setup .......................................................................................................... 30
3.1 Wizard Setup Overview ......................................................................................30
3.2 Wizard Setup: Screen 2 .....................................................................................30
3.2.1 DHCP Client .............................................................................................30
3.2.2 Static IP .....................................................................................................30
3.2.3 PPPoE Encapsulation ...............................................................................31
3.2.4 PPTP Encapsulation .................................................................................32
3.2.5 L2TP Encapsulation ..................................................................................33
3.3 Wizard Setup: Screen 3 .....................................................................................34
3.4 Wizard Setup: Screen 4 .....................................................................................35
3.4.1 No Encryption ...........................................................................................36
3.4.2 WEP Encryption ........................................................................................36
3.4.3 WPA ..........................................................................................................37
3.4.4 WPA2 (AES) .............................................................................................37
3.4.5 WPA2 Mixed .............................................................................................38
3.5 Basic Setup Complete ........................................................................................39
2.2.0.1 Resetting the P-330W .....................................................................26
Chapter 4
System Screens ..................................................................................................... 40
4.1 Setup Wizard ......................................................................................................40
4.2 Operation Mode .................................................................................................40
4.3 LAN Overview ....................................................................................................41
4.3.1 DHCP Setup .............................................................................................42
4.3.2 IP Pool Setup ............................................................................................42
4.3.3 System DNS Servers ................................................................................42
4.3.4 LAN TCP/IP ..............................................................................................42
4.3.5 Factory LAN Defaults ................................................................................42
4.3.6 IP Address and Subnet Mask ...................................................................42
4.3.7 Configuring IP ...........................................................................................42
4.4 Configuring Password ........................................................................................44
4.5 Status Screen .....................................................................................................44
7 Table of Contents
Page 8
ZyXEL P-330W User’s Guide
Chapter 5
Wireless .................................................................................................................. 46
5.1 Wireless LAN Overview .....................................................................................46
5.1.1 IBSS ..........................................................................................................46
5.1.2 BSS ...........................................................................................................46
5.1.3 ESS ...........................................................................................................47
5.1.4 RTS/CTS .................................................................................................48
5.2 Configuring Wireless ..........................................................................................49
5.3 Basic Settings ....................................................................................................49
5.4 Wireless Advanced Settings ..............................................................................51
5.4.1 Authentication ...........................................................................................51
5.4.2 Preamble Type ..........................................................................................52
5.5 Site Survey .........................................................................................................53
5.6 Wireless Security Overview ...............................................................................53
5.7 Security Parameters Summary ..........................................................................56
5.7.1 WEP Overview ..........................................................................................56
5.7.2 Data Encryption .......................................................................................56
5.7.3 Configuring WEP Encryption ....................................................................56
5.7.4 Introduction to WPA ..................................................................................59
5.7.4.1 User Authentication ........................................................................59
5.7.4.2 Encryption ......................................................................................59
5.7.4.3 WPA-PSK Application Example ......................................................60
5.7.5 Introduction to WPA2 ................................................................................60
5.7.6 Configuring WPA-PSK Authentication ......................................................60
5.7.7 Introduction to RADIUS ...........................................................................62
5.7.7.1 Types of RADIUS Messages ...........................................................62
5.7.7.2 Access-Challenge ...........................................................................62
5.7.7.3 Accounting-Request ........................................................................62
5.7.7.4 Accounting-Response .....................................................................62
5.7.7.5 EAP Authentication Overview .........................................................63
5.7.7.6 WPA with RADIUS Application Example .........................................63
5.7.8 Configuring WPA Authentication ...............................................................64
5.8 WDS Settings .....................................................................................................66
5.9 Wireless Trusted Stations ...................................................................................67
Chapter 6
Advanced Options ................................................................................................. 70
6.1 Access Control ...................................................................................................70
6.2 Dynamic DNS .....................................................................................................71
6.3 Configuring Dynamic DNS .................................................................................72
6.4 DMZ ...................................................................................................................73
6.5 Virtual Servers (Port Forwarding) .......................................................................73
6.5.0.1 Configuring Servers Behind SUA (Example) ..................................74
Table of Contents 8
Page 9
ZyXEL P-330W User’s Guide
6.5.1 Configuring Virtual Servers .......................................................................75
6.6 Special Applications ...........................................................................................76
6.7 WAN Port ...........................................................................................................77
6.7.1 Static IP Encapsulation .............................................................................77
6.7.2 DHCP IP Encapsulation ............................................................................79
6.7.3 PPPoE Encapsulation ...............................................................................80
6.7.4 PPTP Encapsulation .................................................................................82
6.7.5 L2TP Encapsulation ..................................................................................84
6.8 Ping ....................................................................................................................86
6.9 DoS Setting ........................................................................................................87
6.10 Diagnostics .......................................................................................................88
Chapter 7
Administrator Options ........................................................................................... 90
7.1 Remote Management .........................................................................................90
7.2 Configuration Screen .........................................................................................90
7.2.1 Backup Configuration ...............................................................................91
7.2.2 Restore Configuration ..............................................................................91
7.2.3 Back to Factory Defaults ...........................................................................92
7.3 Logs ...................................................................................................................92
7.4 IP Filtering ..........................................................................................................94
7.5 MAC Filtering .....................................................................................................95
7.6 URL Filtering ......................................................................................................95
7.7 Statistics .............................................................................................................96
7.8 Time Zone Setting ..............................................................................................96
7.9 Upgrade Firmware .............................................................................................97
Appendix A
PPPoE ................................................................................................................... 100
Appendix B
PPTP......................................................................................................................102
Appendix C
Setting up Your Computer’s IP Address............................................................ 106
Appendix D
Wireless LAN and IEEE 802.11 ...........................................................................118
Appendix E
Wireless LAN With IEEE 802.1x .......................................................................... 122
Appendix F
Types of EAP Authentication.............................................................................. 124
Appendix G
9 Table of Contents
Page 10
ZyXEL P-330W User’s Guide
Antenna Selection and Positioning Recommendation..................................... 126
Appendix H
Open Saftware Announcements......................................................................... 128
Table of Contents 10
Page 11
ZyXEL P-330W User’s Guide
11 Table of Contents
Page 12
ZyXEL P-330W User’s Guide

List of Figures

Figure 1 Secure Internet Access via Cable, DSL or Wireless Modem ................................ 24
Figure 2 Internet Access Application Example .................................................................... 24
Figure 3 The MAIN MENU Screen of the Web Configurator ............................................... 27
Figure 4 Wizard 2: DHCP Client Encapsulation .................................................................. 30
Figure 5 Wizard 2: Static IP Encapsulation ......................................................................... 31
Figure 6 Wizard 2: PPPoE Encapsulation ........................................................................... 32
Figure 7 Wizard 2: PPTP Encapsulation ............................................................................. 33
Figure 8 Wizard 2: L2TP Encapsulation .............................................................................. 34
Figure 9 Wizard 3: Wireless LAN Basic Setup .................................................................... 35
Figure 10 Wizard 4: Wireless LAN Setup: WEP Security ................................................... 36
Figure 11 Wizard 4: Wireless LAN Setup: WPA Security .................................................... 37
Figure 12 Wizard 4: Wireless LAN Setup: WPA2 Security .................................................. 38
Figure 13 Wizard 4: Wireless LAN Setup: WPA2 Security .................................................. 39
Figure 14 System Screen Menu Options ............................................................................ 40
Figure 15 Operation Mode Setup ....................................................................................... 41
Figure 16 LAN IP Setup ...................................................................................................... 43
Figure 17 Password ............................................................................................................ 44
Figure 18 Status .................................................................................................................. 45
Figure 19 IBSS (Ad-hoc) Wireless LAN .............................................................................. 46
Figure 20 Basic Service set ................................................................................................ 47
Figure 21 Extended Service Set ......................................................................................... 48
Figure 22 RTS/CTS ............................................................................................................ 48
Figure 23 The Wireless Options Screen ............................................................................ 49
Figure 24 Wireless: Basic Settings .................................................................................... 50
Figure 25 WEP Authentication Steps .................................................................................. 51
Figure 26 Wireless: Advanced Settings ............................................................................. 52
Figure 27 Wireless: Site Survey .......................................................................................... 53
Figure 28 P-330W Wireless Security Levels ....................................................................... 54
Figure 29 Wireless Security Setup: No Security ................................................................. 55
Figure 30 Wireless Security Setup: WEP Encryption ......................................................... 57
Figure 31 Wireless Security Setup: WEP Encryption ......................................................... 58
Figure 32 WPA - PSK Authentication .................................................................................. 60
Figure 33 Wireless Security Setup: WPA-PSK ................................................................... 61
Figure 34 EAP Authentication ............................................................................................. 63
Figure 35 WPA with RADIUS Application Example ............................................................ 64
Figure 36 Wireless Security Setup: WPA With RADIUS ..................................................... 65
List of Figures 12
Page 13
ZyXEL P-330W User’s Guide
Figure 37 Wireless: WDS Settings ...................................................................................... 66
Figure 38 Wireless: Trusted Stations MAC Address Filter .................................................. 68
Figure 39 The Advanced Menu Options ............................................................................. 70
Figure 40 Advanced: Access Control .................................................................................. 71
Figure 41 Advanced: Dynamic DNS ................................................................................... 72
Figure 42 Advanced: DMZ .................................................................................................. 73
Figure 43 Multiple Servers Behind NAT Example ............................................................... 75
Figure 44 Advanced: Virtual Servers .................................................................................. 75
Figure 45 Advanced: Special Applications .......................................................................... 77
Figure 46 Advanced: WAN Static IP Encapsulation ............................................................ 78
Figure 47 Advanced: WAN DHCP IP Encapsulation ........................................................... 79
Figure 48 Advanced: WAN PPPoE Encapsulation .............................................................. 81
Figure 49 Advanced: WAN PPTP Encapsulation ................................................................ 83
Figure 50 Advanced: WAN L2TP Encapsulation ................................................................. 85
Figure 51 Advanced: Ping ................................................................................................... 87
Figure 52 Advanced: DoS ................................................................................................... 88
Figure 53 Advanced: Diagnostic ......................................................................................... 89
Figure 54 Administrator: Remote Management .................................................................. 90
Figure 55 Administrator: Configuration File ......................................................................... 91
Figure 56 Temporarily Disconnected ................................................................................... 92
Figure 57 Administrator: Logs ............................................................................................. 93
Figure 58 Administrator: IP Filtering .................................................................................... 94
Figure 59 Administrator: MAC Filtering ............................................................................... 95
Figure 60 Administrator: URL Filtering ................................................................................ 96
Figure 61 Administrator: Time Zone Setting ........................................................................ 97
Figure 62 Administrator: Upgrade Firmware ....................................................................... 98
Figure 63 Upload Warning .................................................................................................. 98
Figure 64 Network Temporarily Disconnected .................................................................... 99
Figure 65 Single-Computer per Router Hardware Configuration ........................................ 101
Figure 66 P-330W as a PPPoE Client ................................................................................ 101
Figure 67 Transport PPP frames over Ethernet ................................................................. 102
Figure 68 PPTP Protocol Overview .................................................................................... 103
Figure 69 Example Message Exchange between Computer and an ANT .......................... 104
Figure 70 WIndows 95/98/Me: Network: Configuration ....................................................... 107
Figure 71 Windows 95/98/Me: TCP/IP Properties: IP Address ........................................... 108
Figure 72 Windows 95/98/Me: TCP/IP Properties: DNS Configuration .............................. 109
Figure 73 Windows XP: Start Menu .................................................................................... 110
Figure 74 Windows XP: Control Panel ................................................................................ 110
Figure 75 Windows XP: Control Panel: Network Connections: Properties ......................... 111
Figure 76 Windows XP: Local Area Connection Properties ................................................ 111
Figure 77 Windows XP: Advanced TCP/IP Settings ........................................................... 112
Figure 78 Windows XP: Internet Protocol (TCP/IP) Properties ........................................... 113
Figure 79 Macintosh OS 8/9: Apple Menu .......................................................................... 114
13 List of Figures
Page 14
ZyXEL P-330W User’s Guide
Figure 80 Macintosh OS 8/9: TCP/IP .................................................................................. 115
Figure 81 Macintosh OS X: Apple Menu ............................................................................. 115
Figure 82 Macintosh OS X: Network ................................................................................... 116
Figure 83 Peer-to-Peer Communication in an Ad-hoc Network .......................................... 119
Figure 84 ESS Provides Campus-Wide Coverage ............................................................. 120
Figure 85 Sequences for EAP MD5–Challenge Authentication .......................................... 123
List of Figures 14
Page 15
ZyXEL P-330W User’s Guide
15 List of Figures
Page 16
ZyXEL P-330W User’s Guide

List of Tables

Table 1 IEEE 802.11b ......................................................................................................... 21
Table 2 IEEE 802.11g ......................................................................................................... 22
Table 3 Screens Summary ................................................................................................. 28
Table 4 Wizard 2: Ethernet Encapsulation ......................................................................... 31
Table 5 Wizard 2: PPPoE Encapsulation ........................................................................... 32
Table 6 Wizard 2: PPTP Encapsulation ............................................................................. 33
Table 7 Wizard 2: L2TP Encapsulation .............................................................................. 34
Table 8 Wizard 3: Wireless LAN Basic Setup .................................................................... 35
Table 9 Wizard 4: Wireless LAN Setup: WEP Security ...................................................... 36
Table 10 Wizard 4: Wireless LAN Setup: WPA Security .................................................... 37
Table 11 Wizard 4: Wireless LAN Setup: WPA2 Security ................................................... 38
Table 12 Wizard 4: Wireless LAN Setup: WPA2 Security .................................................. 39
Table 13 System General Setup ........................................................................................ 41
Table 14 LAN IP Setup ....................................................................................................... 43
Table 15 Password .............................................................................................................44
Table 16 Status ................................................................................................................... 45
Table 17 Wireless: Basic Settings ...................................................................................... 50
Table 18 Wireless: Advanced Settings ............................................................................... 52
Table 19 Wireless Security Setup: No Security .................................................................. 55
Table 20 Wireless Security Relational Matrix ..................................................................... 56
Table 21 Wireless Security Setup: Static WEP Encryption ................................................ 57
Table 22 Wireless Security Setup: WEP Encryption ......................................................... 58
Table 23 Wireless Security Setup: WPA-PSK .................................................................... 61
Table 24 Wireless Security Setup: WPA ............................................................................ 65
Table 25 Wireless: WDS Settings ...................................................................................... 66
Table 26 Wireless: Trusted Stations MAC Address Filter ................................................... 68
Table 27 Advanced: Access Control .................................................................................. 71
Table 28 Advanced: Dynamic DNS .................................................................................... 72
Table 29 Advanced: DMZ ................................................................................................... 73
Table 30 Services and Port Numbers ................................................................................. 74
Table 31 Advanced: Virtual Servers ................................................................................... 75
Table 32 Advanced: Special Applications ........................................................................... 77
Table 33 Advanced: WAN Static IP Encapsulation ............................................................. 78
Table 34 Advanced: WAN DHCP IP Encapsulation ........................................................... 79
Table 35 PPPoE Encapsulation ......................................................................................... 81
Table 36 Advanced: WAN PPTP Encapsulation ................................................................ 83
List of Tables 16
Page 17
ZyXEL P-330W User’s Guide
Table 37 Advanced: WAN L2PT Encapsulation ................................................................. 85
Table 38 Advanced: Ping ................................................................................................... 87
Table 39 Advanced: DoS .................................................................................................... 88
Table 40 Advanced: Diagnostic .......................................................................................... 89
Table 41 Administrator: Remote Management ................................................................... 90
Table 42 Maintenance Restore Configuration .................................................................... 91
Table 43 Administrator: Remote Management ................................................................... 93
Table 44 Administrator: IP Filtering .................................................................................... 94
Table 45 Administrator: MAC Filtering ................................................................................ 95
Table 46 Administrator: URL Filtering ................................................................................ 96
Table 47 Administrator: Time Zone Setting ........................................................................ 97
Table 48 Administrator: Upgrade Firmware ........................................................................ 98
Table 49 Comparison of EAP Authentication Types ........................................................... 125
17 List of Tables
Page 18
ZyXEL P-330W User’s Guide

Preface

Congratulations on your purchase of the P-330W, 802.11g Secure Wireless Internet Sharing Router. This manual is designed to guide you through the configuration of your P-330W for its various applications.
This manual may refer to the P-330W or 802.11g Secure Wireless Internet Sharing Router as the router.
Note: Register your product online to receive e-mail notices of firmware upgrades and information at

About This User's Guide

This User’s Guide is designed to guide you through the configuration of your P-330W using the web configurator(GUI). The web configurator parts of this guide contain background information on features configurable by web configurator.
www.us.zyxel.com.

Related Documentation

• Support Disk
Refer to the included CD for support documents.
• Quick Start Guide
The Quick Start Guide is designed to help you get up and running right away. They contain connection information and instructions on getting started.
• ZyXEL Glossary and Web Site
Please refer to www.us.zyxel.com for an online glossary of networking terms and additional support documentation.

User Guide Feedback

Help us help you! E-mail all User Guide-related comments, questions or suggestions for improvement to techwriters@zyxel.com

Syntax Conventions

• “Enter” means for you to type one or more characters. “Select” or “Choose” means for you to use one predefined choices.
• Mouse action sequences are denoted using a comma. For example, “click the Apple icon, Control Panels and then Modem” means first click the Apple icon, then point your mouse pointer to Control Panels and then click Modem.
• For brevity’s sake, we will use “e.g.,” as a shorthand for “for instance”, and “i.e.,” for “that is” or “in other words” throughout this manual.
Preface 18
Page 19
ZyXEL P-330W User’s Guide

Graphics Icons Key

P-330W Computer Notebook computer
Server DSLAM Firewall
Modem Switch Router
Wireless Signal
19 Preface
Page 20
ZyXELP-330W User’s Guide
CHAPTER 1

Getting to Know Your P-330W

This chapter introduces the main features and applications of the P-330W.

1.1 P-330W Internet Security Gateway Overview

The P-330W is the ideal secure gateway for all data passing between the Internet and LAN’s.
By integrating NAT, firewall, wireless access point and 4-port switch, ZyXEL’s P-330W is a complete security solution that protects your Intranet and efficiently manages data traffic on your network.
The embedded web configurator is easy to operate.

1.2 P-330W Features

The following sections describe P-330W features..

1.2.1 Physical Features

1.2.1.1 10/100M Auto-negotiating Ethernet/Fast Ethernet Interface(s)
This auto-negotiation feature allows the P-330W to detect the speed of incoming transmissions and adjust appropriately without manual intervention. It allows data transfer of either 10 Mbps or 100 Mbps in either half-duplex or full-duplex mode depending on your Ethernet network.
1.2.1.2 Auto-crossover 10/100 Mbps Ethernet Interface(s)
These interfaces automatically adjust to either a crossover or straight-through Ethernet cable.
1.2.1.3 4-Port Switch
A combination of switch and router makes your P-330W a cost-effective and viable network solution. You can add up to four computers to the P-330W without the cost of a hub. Add more than four computers to your LAN by using a hub.
Chapter 1 Getting to Know Your P-330W 20
Page 21
ZyXEL P-330W User’s Guide
1.2.1.4 Time and Date
The P-330W allows you to get the current time and date from an external server when you turn on your P-330W. You can also set the time manually.
1.2.1.5 Reset Button
The P-330W reset button is built into the rear panel. You can use this button to either cause the P-330W to reboot, or to reset the P-330W to factor defaults. Use this button to restore the factory default password to 1234; IP address to 192.168.10.1, subnet mask to 255.255.255.0 and DHCP server enabled with a pool of 32 IP addresses starting at 192.168.10.33. For further instructions see Chapter 2.

1.2.2 Removable Antenna

The P-330W antenna uses an RP-SMA connection to attach to the P-330W. It is possible to remove the antenna and replace it with another antenna that offers different performance characteristics.

1.2.3 Non-Physical Features

1.2.3.1 Firewall
The P-330W is a home firewall with DoS (Denial of Service) protection. By default, all incoming traffic from the WAN to the LAN is blocked unless it is initiated from the LAN.
1.2.3.2 802.11b Wireless LAN Standard
The P-330W, complies with the 802.11b wireless standard.
The 802.11b data rate and corresponding modulation techniques are as follows. The modulation technique defines how bits are encoded onto radio waves.
Table 1 IEEE 802.11b
DATA RATE (KBPS) MODULATION
1 DBPSK (Differential Binary Phase Shift Keyed)
2 DQPSK (Differential Quadrature Phase Shift Keying)
5.5 / 11 CCK (Complementary Code Keying)
Note: The P-330W may be prone to RF (Radio Frequency) interference from other 2.4 GHz devices such as microwave ovens, wireless phones, Bluetooth enabled devices, and other wireless LANs
21 Chapter 1 Getting to Know Your P-330W
Page 22
1.2.3.3 802.11g Wireless LAN Standard
The P-330W, complies with the 802.11g wireless standard and is also fully compatible with the 802.11b standard. This means an 802.11b radio card can interface directly with an 802.11g device (and vice versa) at 11 Mbps or lower depending on range. 802.11g has several intermediate rate steps between the maximum and minimum data rates. The 802.11g data rate and modulation are as follows:
Table 2 IEEE 802.11g
DATA RATE (MBPS) MODULATION
6/9/12/18/24/36/48/54 OFDM (Orthogonal Frequency Division Multiplexing)
1.2.3.4 Packet Filtering
The packet filtering mechanism blocks unwanted traffic from entering/leaving your network.
1.2.3.5 Universal Plug and Play (UPnP)
ZyXELP-330W User’s Guide
Using the standard TCP/IP protocol, the P-330W and other UPnP enabled devices can dynamically join a network, obtain an IP address and convey its capabilities to other devices on the network.
1.2.3.6 PPPoE
PPPoE facilitates the interaction of a host with an Internet modem to achieve access to high­speed data networks via a familiar "dial-up networking" user interface.
1.2.3.7 PPTP Encapsulation
Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables secure transfer of data from a remote client to a private server, creating a Virtual Private Network (VPN) using a TCP/IP-based network.
PPTP supports on-demand, multi-protocol and virtual private networking over public networks, such as the Internet. The P-330W supports one PPTP server connection at any given time.
1.2.3.8 Dynamic DNS Support
With Dynamic DNS (Domain Name System) support, you can have a static hostname alias for a dynamic IP address, allowing the host to be more easily accessible from various locations on the Internet. You must register for this service with a Dynamic DNS service provider.
Chapter 1 Getting to Know Your P-330W 22
Page 23
ZyXEL P-330W User’s Guide
1.2.3.9 Network Address Translation (NAT)
Network Address Translation (NAT) allows the translation of an Internet protocol address used within one network (for example a private IP address used in a local network) to a different IP address known within another network (for example a public IP address used on the Internet).
1.2.3.10 Port Forwarding
Use this feature to forward incoming service requests to a server on your local network. You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server.
1.2.3.11 DHCP (Dynamic Host Configuration Protocol)
DHCP (Dynamic Host Configuration Protocol) allows the individual client computers to obtain the TCP/IP configuration at start-up from a centralized DHCP server. The P-330W has built-in DHCP server capability, enabled by default, which means it can assign IP addresses, an IP default gateway and DNS servers to all systems that support the DHCP client.
1.2.3.12 Logging and Tracing
•System Logs
• Wireless Logs
•DoS Logs
1.2.3.13 Wireless Association List
With the Wireless Association List, you can see the list of the wireless stations that are currently using the P-330W to access your wired network.

1.3 Applications for the P-330W

Here are some examples of what you can do with your P-330W.

1.3.1 Secure Broadband Internet Access via Cable or DSL Modem

You can connect a cable modem, DSL or wireless modem to the P-330W for broadband Internet access via an Ethernet or a wireless port on the modem. The P-330W guarantees not only high speed Internet access, but secure internal network protection and traffic management as well.
23 Chapter 1 Getting to Know Your P-330W
Page 24
Figure 1 Secure Internet Access via Cable, DSL or Wireless Modem

1.3.2 Internet Access Application

Add a wireless LAN to your existing network without expensive network cables. Wireless stations can move freely anywhere in the coverage area and use resources on the wired network.
ZyXELP-330W User’s Guide
Figure 2 Internet Access Application Example
Chapter 1 Getting to Know Your P-330W 24
Page 25
ZyXEL P-330W User’s Guide
25 Chapter 1 Getting to Know Your P-330W
Page 26
Introducing the Web
This chapter describes how to access the P-330W web configurator and provides an overview of its screens.

2.1 Web Configurator Overview

The embedded web configurator allows you to manage the P-330W from anywhere through a browser such as Microsoft Internet Explorer or Netscape Navigator. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and later versions with JavaScript enabled. It is recommended that you set your screen resolution to 1024 by 768 pixels. The screens you see in the web configurator may vary somewhat from the ones shown in this document due to differences between individual P-330W models or firmware versions.
ZyXELP-330W User’s Guide
CHAPTER 2
Configurator

2.2 Accessing the P-330W Web Configurator

1 Make sure your P-330W hardware is properly connected and prepare your computer/
computer network to connect to the P-330W (refer to the Quick Start Guide).
2 Launch your web browser.
3 Type "192.168.10.1" as the URL.
4 Type “admin” as the User Name
5 Type "1234" (default) as the password.
6 Click OK to login.
You should now see the MAIN MENU screen)
Note: The management session automatically times out when there has been no activity for several minutes. Simply log back into the P-330W if this happens to you.

2.2.0.1 Resetting the P-330W

If you forget your password or cannot access the web configurator, you will need to use the RESET button at the back of the P-330W to reload the factory-default configuration file. This means that you will lose all configurations that you had previously and the password will be reset to “1234”.
Chapter 2 Introducing the Web Configurator 26
Page 27
ZyXEL P-330W User’s Guide
2.2.0.1.1 Procedure To Use The Reset Button
1 Make sure the PWR LED is on (not blinking).
2 Press the RESET button for approximately ten seconds or until the PWR LED begins to
blink and then release it. When the PWR LED begins to blink, the defaults have been restored and the P-330W restarts. (If you press the RESET button for less than 5 seconds, the P-330W will reboot, but will not reset the configuration).

2.2.1 Navigating the P-330W Web Configurator

The following summarizes how to navigate the web configurator from the SITE MAP screen.
• Click SETUP WIZARD for initial configuration including general setup, Wireless LAN Setup, ISP parameters for Internet Access and WAN IP/DNS Server/MAC address assignment.
• Click a link under WIRELESS to configure wireless settings.
• Click a link under ADVANCED to configure advanced P-330W features.
• Click LOGOUT at any time to exit the web configurator.
• Click ADMINISTRATOR to view information about your P-330W or upgrade configuration/firmware files. Administrator includes Statistics, Remote Management, Upgrade Firmware, Config File (Backup, Restore, Defaults) and Time Zone Settings.
Figure 3 The MAIN MENU Screen of the Web Configurator

2.2.2 Navigation Panel

After you log in, use the sub-menus on the navigation panel to configure P-330W features.
27 Chapter 2 Introducing the Web Configurator
Page 28
ZyXELP-330W User’s Guide
The following table describes the sub-menus.
Table 3 Screens Summary
LINK TAB FUNCTION
SETUP WIZARD Use these screens for initial configuration including general
setup, Wireless LAN setup, ISP parameters for Internet Access and WAN IP/DNS Server/MAC address assignment.
OPERATION MODE
LAN Use this screen to configure you LAN, including default IP
PAS SWOR D Use this screen to change your password.
STATUS This screen contains administrative and system-related
WIRELESS Basic Settings Use this screen to configure the wireless LAN.
Advanced Settings
Security Use this screen to configure wireless encryption and
Trusted Stations Use this screen to set up MAC address filtering for WLAN clients.
ADVANCED Access Control Use this screen to set up packet filtering policies.
Dynamic DNS Use this screen to configure dynamic DNS service settings.
DMZ Use this screen to isolate a specific device from the rest of the
Virtual Servers Use this screen to configure servers behind the P-330W.
Special Applications
ALG Use this screen to selection which applications require special
WAN Port Use this screen to change your P-330W’s WAN ISP settings.
Ping Use this screen to verify network connectivity.
DoS Settings Use this screen to configure Denial of Service settings.
Diagnostics Use this page to look up DNS information.
Administrator Remote
Management
Config File Use this screen to backup and restore the configuration or reset
Logs Use this screen to change your P-330W’s log settings and to
IP Filtering Use this page to configure a list of IP addresses that the router
MAC Filtering Use the MAC filter screen to configure the P-330W to block
URL Filtering This screen allows you to block sites containing certain web sites
Use this screen to switch the P-330W between gateway, bridge, and wireless client mode.
address of the P-330W, LAN DHCP, and viewing current DHCP clients.
information.
Use this screen to configured advanced wireless system behavior.
authorization settings.
network.
Use this screen to change your P-330W’s trigger port settings.
NAT rules.
Use this page to allow remote clients to manage the P-330W.
the factory defaults to your P-330W.
view the logs for the categories that you selected.
will not allow traffic to or from.
access to devices or block the devices from accessing the P­330W.
based on their URL.
Chapter 2 Introducing the Web Configurator 28
Page 29
ZyXEL P-330W User’s Guide
Table 3 Screens Summary
LINK TAB FUNCTION
Administrator Stat istics This screen contains administrative and system-related
LOG OUT Click this label to exit the web configurator.
Time Zone Setting
Upgrade Firmware
information.
Use this screen to change your P-330W’s time and date or enable NTP server use.
Use this screen to upload firmware to your P-330W.
29 Chapter 2 Introducing the Web Configurator
Page 30
This chapter provides information on the Wizard Setup screens in the web configurator.

3.1 Wizard Setup Overview

The web configurator’s setup wizard helps you configure your device to access the Internet. The second screen has five variations depending on what encapsulation type you use. Refer to your ISP checklist in the Quick Start Guide to know what to enter in each field. Leave a field blank if you don’t have that information.
The fifth wizard screen varies according to the type of encapsulation that you select in the third wizard screen.
ZyXELP-330W User’s Guide
CHAPTER 3

Wizard Setup

3.2 Wizard Setup: Screen 2

The P-330W offers five choices of encapsulation. They are DHCP Client, Static IP, PPP over Ethernet, L2TP or PPTP.

3.2.1 DHCP Client

Choose DHCP Client when the WAN port is used as regular Ethernet and your ISP assigns you an IP address via DHCP.
Figure 4 Wizard 2: DHCP Client Encapsulation

3.2.2 Static IP

Choose Static IP when the WAN port is used as regular Ethernet and your ISP assigns you a fixed IP address.
Chapter 3 Wizard Setup 30
Page 31
ZyXEL P-330W User’s Guide
Figure 5 Wizard 2: Static IP Encapsulation
The following table describes the labels in this screen.
Table 4 Wizard 2: Ethernet Encapsulation
LABEL DESCRIPTION
ISP Parameters for Internet Access
IP Address The fixed IP address should be in the same subnet as your broadband modem or
router. This should be provided to you by your ISP
Subnet Mask Enter a Subnet Mask appropriate to your network.
Default Gateway Enter the Gateway IP Address of the neighboring device, if you know it. If you do
not, leave the Gateway IP Address field blank.
DNS DNS (Domain Name System) is for mapping a domain name to its corresponding
Cancel Click Cancel to abort the setup wizard.
Back Click Back to return to the previous screen.
Next Click Next to continue.
IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it. Enter your DNS Server IP address here.

3.2.3 PPPoE Encapsulation

Point-to-Point Protocol over Ethernet (PPPoE) functions as a dial-up connection. PPPoE is an IETF (Internet Engineering Task Force) draft standard specifying how a host personal computer interacts with a broadband modem (for example DSL, cable, wireless, etc.) to achieve access to high-speed data networks.
For the service provider, PPPoE offers an access and authentication method that works with existing access control systems (for instance, Radius). For the user, PPPoE provides a login and authentication method that the existing Microsoft Dial-Up Networking software can activate, and therefore requires no new learning or procedures for Windows users.
31 Chapter 3 Wizard Setup
Page 32
ZyXELP-330W User’s Guide
One of the benefits of PPPoE is the ability to let end users access one of multiple network services, a function known as dynamic service selection. This enables the service provider to easily create and offer new IP services for specific users.
Operationally, PPPoE saves significant effort for both the subscriber and the ISP/carrier, as it requires no specific configuration of the broadband modem at the subscriber’s site.
By implementing PPPoE directly on the P-330W (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the P-330W does that part of the task. Furthermore, with NAT, all of the LAN's computers will have Internet access.
Refer to the appendix for more information on PPPoE.
Figure 6 Wizard 2: PPPoE Encapsulation
The following table describes the labels in this screen.
Table 5 Wizard 2: PPPoE Encapsulation
LABEL DESCRIPTION
ISP Parameter for Internet Access
User Name Type the user name given to you by your ISP.
Password Type the password associated with the user name above.
Cancel Click Cancel to abort the setup wizard.
Next Click Next to continue.
Back Click Back to return to the previous screen.

3.2.4 PPTP Encapsulation

Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables transfers of data from a remote client to a private server, creating a Virtual Private Network (VPN) using TCP/ IP-based networks.
PPTP supports on-demand, multi-protocol, and virtual private networking over public networks, such as the Internet.
Chapter 3 Wizard Setup 32
Page 33
ZyXEL P-330W User’s Guide
Refer to the appendix for more information on PPTP.
Figure 7 Wizard 2: PPTP Encapsulation
Note: The P-330W supports one PPTP server connection at
any given time.
The following table describes the fields in this screen
Table 6 Wizard 2: PPTP Encapsulation
LABEL DESCRIPTION
ISP Parameters for Internet Access
IP Address Type the (static) IP address assigned to you by your ISP.
IP Subnet Mask Type the subnet mask assigned to you by your ISP.
Default Gateway Type the default gateway assigned to you by your ISP.
Server IP Address Type the IP address of the PPTP server.
User Name Type the user name given to you by your ISP.
Password Type the password associated with the User Name above.
Cancel Click Cancel to abort the setup wizard.
Back Click Back to return to the previous screen.
Next Click Next to continue.

3.2.5 L2TP Encapsulation

Layer Two Tunneling Protocol (L2TP) is a network protocol that enables transfers of data from a remote client to a private server, creating a Virtual Private Network (VPN) using TCP/ IP-based networks.
33 Chapter 3 Wizard Setup
Page 34
Figure 8 Wizard 2: L2TP Encapsulation
ZyXELP-330W User’s Guide
The following table describes the fields in this screen
Table 7 Wizard 2: L2TP Encapsulation
LABEL DESCRIPTION
Attain IP Automatically
Set IP Manually Select this if your ISP has assigned you a fixed IP address.
IP Address Type the (static) IP address assigned to you by your ISP.
IP Subnet Mask Type the subnet mask assigned to you by your ISP.
Default Gateway Type the default gateway assigned to you by your ISP.
Server IP Address Type the IP address of the L2TP server.
User Name Type the user name given to you by your ISP.
Password Type the password associated with the User Name above.
Cancel Click Cancel to abort the setup wizard.
Back Click Back to return to the previous screen.
Next Click Next to continue.
Select this if your ISP automatically assigns you an IP Address.

3.3 Wizard Setup: Screen 3

Set up the basics of your wireless LAN using the third wizard screen.
Chapter 3 Wizard Setup 34
Page 35
ZyXEL P-330W User’s Guide
Figure 9 Wizard 3: Wireless LAN Basic Setup
The following table describes the labels in this screen.
Table 8 Wizard 3: Wireless LAN Basic Setup
LABEL DESCRIPTION
Band Choose the operating mode of your wireless access point. 2.4Ghz (B+G) offers the
SSID Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless
Channel Number
Disable Access Point
Cancel Click Cancel to abort the setup wizard.
Back Click Back to display the previous screen.
Next Click Next to proceed to the next screen.
greatest compatibility. 2.4 GHz (B) will only allow 802.11b clients to connect to the wireless LAN. 2.4 GHz (G) will only allow 802.11g clients to connect to the wireless LAN.
LAN. If you change this field on the P-330W, make sure all wireless stations use the same
SSID in order to access the network.
To manually set the P-330W to use a channel, select a channel from the drop-down list box.
Select this check box to disable the wireless LAN capabilities of your P-330W.
Note: The wireless stations and P-330W must use the same SSID, channel ID and encryption key (if encryption is enabled) for wireless communication

3.4 Wizard Setup: Screen 4

There are 5 different versions of this page depending on what method of encryption you want to enable on your wireless LAN.
35 Chapter 3 Wizard Setup
Page 36

3.4.1 No Encryption

Choose None to allow the WLAN to operate without encryption. Warning: With no encryption enabled anyone will be able to access your network and view any data you send over the wireless LAN.

3.4.2 WEP Encryption

Choose WEP to setup WEP Encryption parameters.
Figure 10 Wizard 4: Wireless LAN Setup: WEP Security
ZyXELP-330W User’s Guide
The following table describes the labels in this screen.
Table 9 Wizard 4: Wireless LAN Setup: WEP Security
LABEL DESCRIPTION
Key Length Select 64-bit WEP or 128-bit WEP data encryption.
Key Format Select ASCII in order to enter ASCII characters as the WEP keys.
Select Hex to enter hexadecimal characters as the WEP keys.
Default Tx Key This key refers to which key below will be used as the default key.
Key 1 to Key 4 The WEP keys are used to encrypt data. Both the P-330W and the wireless stations
must use the same WEP key for data transmission. If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal
characters ("0-9", "A-F"). If you chose 128-bit WEP, then enter 13 ASCII characters or 26 hexadecimal
characters ("0-9", "A-F"). You must configure at least one key, only one key can be activated at any one time.
The default key is key 1.
Chapter 3 Wizard Setup 36
Page 37
ZyXEL P-330W User’s Guide
Table 9 Wizard 4: Wireless LAN Setup: WEP Security
LABEL DESCRIPTION
Cancel Click Cancel to abort the setup wizard.
Back Click Back to display the previous screen.
Next Click Next to proceed to the next screen.

3.4.3 WPA

Choose WPA security in the Wireless LAN Setup screen to set up a Pre-Shared Key using TKIP or AES encryption.
Figure 11 Wizard 4: Wireless LAN Setup: WPA Security
The following table describes the labels in this screen.
Table 10 Wizard 4: Wireless LAN Setup: WPA Security
LABEL DESCRIPTION
WPA Format You can choose to enter the pre-shared key manually in HEX format or use a
Pre-Shared Key
Cancel Click Cancel to abort the setup wizard.
Back Click Back to display the previous screen.
Next Click Next to proceed to the next screen.

3.4.4 WPA2 (AES)

Choose WPA2 (AES) security in the Wireless LAN Setup screen to set up a Pre-Shared Key using AES encryption.
passphrase. Note, many client devices only allow entry via passphrase.
For Passphrase: Type from 8 to 63 case-sensitive ASCII characters. For HEX: Type a 64 character hex key.
37 Chapter 3 Wizard Setup
Page 38
Figure 12 Wizard 4: Wireless LAN Setup: WPA2 Security
The following table describes the labels in this screen.
Table 11 Wizard 4: Wireless LAN Setup: WPA2 Security
LABEL DESCRIPTION
ZyXELP-330W User’s Guide
WPA Format You can choose to enter the pre-shared key manually in HEX format or use a
Pre-Shared Key
Cancel Click Cancel to abort the setup wizard.
Back Click Back to display the previous screen.
Next Click Next to proceed to the next screen.

3.4.5 WPA2 Mixed

Choose WPA2 Mixed security in the Wireless LAN Setup screen to set up a Pre-Shared Key using both TKIP and AES encryption. This allows both WPA and WPA2 clients to connect.
passphrase. Note, many client devices only allow entry via passphrase.
For Passphrase: Type from 8 to 63 case-sensitive ASCII characters. For HEX: Type a 64 character hex key.
Chapter 3 Wizard Setup 38
Page 39
ZyXEL P-330W User’s Guide
Figure 13 Wizard 4: Wireless LAN Setup: WPA2 Security
The following table describes the labels in this screen.
Table 12 Wizard 4: Wireless LAN Setup: WPA2 Security
LABEL DESCRIPTION
WPA Format You can choose to enter the pre-shared key manually in HEX format or use a
Pre-Shared Key
Cancel Click Cancel to abort the setup wizard.
Back Click Back to display the previous screen.
Next Click Next to proceed to the next screen.
passphrase. Note, many client devices only allow entry via passphrase.
For Passphrase: Type from 8 to 63 case-sensitive ASCII characters. For HEX: Type a 64 character hex key.

3.5 Basic Setup Complete

Click Finish to complete the wizard setup and save your configuration.
Well done! You have successfully set up your P-330W to operate on your network and access the Internet
39 Chapter 3 Wizard Setup
Page 40
ZyXEL P-330W User’s Guide
CHAPTER 4

System Screens

This chapter provides information on the options configurable from the main System screens.
Figure 14 System Screen Menu Options

4.1 Setup Wizard

See the Setup Wizard chapter for more information on this selection.

4.2 Operation Mode

Click Operation Mode to open the Operation Mode screen.
Chapter 4 System Screens 40
Page 41
ZyXEL P-330W User’s Guide
Figure 15 Operation Mode Setup
The following table describes the labels in this screen.
Table 13 System General Setup
LABEL DESCRIPTION
Gateway This is the standard operating mode. The P-330W takes on all the usual roles of
Bridge Select this to turn your P-330W into a pure bridge, directly linking all computers
Wireless ISP In this mode, the wireless LAN is disabled and instead the wireless module is acts
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.

4.3 LAN Overview

Local Area Network (LAN) is a shared communication system to which many computers are attached. The LAN screens can help you configure a LAN DHCP server, manage IP addresses, and partition your physical network into logical networks.
a home router, including NAT, DHCP Server, and Firewall.
on your network to the WAN. In this mode, you have no protection from Internet based threats.
as a client to connect to a Wireless ISP. All the normal router functions are enabled.
41 Chapter 4 System Screens
Page 42

4.3.1 DHCP Setup

DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server. You can configure the P­330W as a DHCP server or disable it. When configured as a server, the P-330W provides the TCP/IP configuration for the clients. If DHCP service is disabled, you must have another DHCP server on your LAN, or else the computer must be manually configured.

4.3.2 IP Pool Setup

The P-330W is pre-configured with a pool of 33 IP addresses starting from 192.168.10.33 to
192.168.10.65. This configuration leaves 32 IP addresses (excluding the P-330W itself) in the lower range for other server computers, for instance, servers for mail, FTP, TFTP, web, etc., that you may have.

4.3.3 System DNS Servers

Refer to the IP Address and Subnet Mask section in the Setup Wizard chapter.
ZyXEL P-330W User’s Guide

4.3.4 LAN TCP/IP

The P-330W has built-in DHCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability.

4.3.5 Factory LAN Defaults

The LAN parameters of the P-330W are preset in the factory with the following values:
• IP address of 192.168.10.1 with subnet mask of 255.255.255.0 (24 bits)
• DHCP server enabled with 33 client IP addresses starting from 192.168.10.33.
These parameters should work for the majority of installations. If your ISP gives you explicit DNS server address(es), read the embedded web configurator help regarding what fields need to be configured.

4.3.6 IP Address and Subnet Mask

Refer to the IP Address and Subnet Mask section in the Wizard Setup chapter for this information.

4.3.7 Configuring IP

Click LAN to open the IP screen.
Chapter 4 System Screens 42
Page 43
ZyXEL P-330W User’s Guide
Figure 16 LAN IP Setup
The following table describes the labels in this screen.
Table 14 LAN IP Setup
LABEL DESCRIPTION
IP Address Type the IP address of your P-330W in dotted decimal notation 192.168.10.1
IP Subnet Mask The subnet mask specifies the network number portion of an IP address. Your P-
DHCP DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows
DHCP Client Range This field specifies the contiguous addresses in the IP address pool.
Show DHCP Client Push this button opens a new window which will show you a list of the clients that
MAC Address Type the MAC address of computer which you want to assign specific IP on you
Lease IP Address Type the IP address that you want to assign the computer on your LAN.
Save Click Apply to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.
(factory default).
330W will automatically calculate the subnet mask based on the IP address that you assign. Unless you are implementing subnetting, use the subnet mask computed by the P-330W 255.255.255.0.
individual clients (computers) to obtain TCP/IP configuration at startup from a server. Choose Server box selected unless your ISP instructs you to do otherwise. Choose Disabled the P-330W acting as a DHCP server. When configured as a server, the P-330W provides TCP/IP configuration for the clients. If not, DHCP service is disabled and you must have another DHCP server on your LAN, or else the computers must be manually configured. When set as a server, fill in the following four fields.
have recieved an IP address from the internal DHCP server.
LAN.
43 Chapter 4 System Screens
Page 44

4.4 Configuring Password

To change your P-330W’s password (recommended), click the Password tab. The screen appears as shown. This screen allows you to change the P-330W’s password.
Figure 17 Password
The following table describes the labels in this screen.
Table 15 Password
ZyXEL P-330W User’s Guide
LABEL DESCRIPTION
New Password Type the new password in this field. The password is case sensitive and may
Confirmed Password Type the new password again in this field.
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.

4.5 Status Screen

Click STATUS to open the Status screen, which you can use to monitor your P-330W. Note that these fields are READ-ONLY and only for diagnostic purposes.
be up to 36 characters long.
Chapter 4 System Screens 44
Page 45
ZyXEL P-330W User’s Guide
Figure 18 Status
The following table describes the labels in this screen.
Table 16 Status
LABEL DESCRIPTION
Connection Method
Internet IP Address This is the WAN port IP address.
Connection Details This button opens a new window that provides you with more detail on the WAN
LAN
IP Address This is the LAN port IP address.
IP Subnet Mask This is the LAN port subnet mask.
DHCP Server This is the LAN port DHCP role - Server (ON) or Disabled.
System
Firmware Version Displays the current version number of the firmware on the P-330W.
System Data Provides a greater level of detail on your current system configuration.
Refresh Screen Causes the P-330W to refresh the screen with the latest information.
This is the method you have selected for connection to the Internet. You can change it using the Setup Wizard.
connection.
45 Chapter 4 System Screens
Page 46
This chapter discusses how to configure the Wireless screens on the P-330W.

5.1 Wireless LAN Overview

This section introduces the wireless LAN(WLAN) and some basic scenarios.

5.1.1 IBSS

An Independent Basic Service Set (IBSS), also called an Ad-hoc network, is the simplest WLAN configuration. An IBSS is defined as two or more computers with wireless adapters within range of each other that from an independent (wireless) network without the need of an access point (AP).
ZyXEL P-330W User’s Guide
CHAPTER 5

Wireless

Figure 19 IBSS (Ad-hoc) Wireless LAN

5.1.2 BSS

A Basic Service Set (BSS) exists when all communications between wireless stations or between a wireless station and a wired network client go through one access point (AP).
Intra-BSS traffic is traffic between wireless stations in the BSS. When Intra-BSS is enabled, wireless station A and B can access the wired network and communicate with each other. When Intra-BSS is disabled, wireless station A and B can still access the wired network but cannot communicate with each other.
Chapter 5 Wireless 46
Page 47
ZyXEL P-330W User’s Guide
Figure 20 Basic Service set

5.1.3 ESS

An Extended Service Set (ESS) consists of a series of overlapping BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). An ESSID (ESS IDentification) uniquely identifies each ESS. All access points and their associated wireless stations within the same ESS must have the same ESSID in order to communicate.
47 Chapter 5 Wireless
Page 48
Figure 21 Extended Service Set
ZyXEL P-330W User’s Guide

5.1.4 RTS/CTS

A hidden node occurs when two stations are within range of the same access point, but are not within range of each other. The following figure illustrates a hidden node. Both stations (STA) are within range of the access point (AP) or wireless gateway, but out-of-range of each other, so they cannot “hear” each other, that is they do not know if the channel is currently being used. Therefore, they are considered hidden from each other.
Figure 22 RTS/CTS
When station A sends data to the P-330W, it might not know that station B is already using the channel. If these two stations send data at the same time, collisions may occur when both sets of data arrive at the AP at the same time, resulting in a loss of messages for both stations.
Chapter 5 Wireless 48
Page 49
ZyXEL P-330W User’s Guide

5.2 Configuring Wireless

Note: If you are configuring the P-330W from a computer
connected to the wireless LAN and you change the P-330W’s SSID or WEP settings, you will lose your wireless connection when you press Save. You must then change the wireless settings of your computer to match the P-330W’s new settings.
Click the WIRELESS link to open the Wireless Options screen.
Figure 23 The Wireless Options Screen

5.3 Basic Settings

Click BASIC SETTINGS to configure the basic settings of your wireless LAN.
49 Chapter 5 Wireless
Page 50
ZyXEL P-330W User’s Guide
Figure 24 Wireless: Basic Settings
The following table describes the basic wireless LAN labels in this screen.
Table 17 Wireless: Basic Settings
LABEL DESCRIPTION
Disable Access Point
Band Choose the operating mode of your wireless access point. 2.4Ghz (B+G) offers the
Mode Mode allows you to change the wireless behavior of the P-330W. AP allows wireless
Network Type Used when operating in Client mode. This allows you to switch between
SSID (Service Set IDentity) The SSID identifies the Service Set with which a wireless
Select this check box to disable the wireless LAN capabilities of your P-330W.
greatest compatibility. 2.4 GHz (B) will only allow 802.11b clients to connect to the wireless LAN. 2.4 GHz (G) will only allow 802.11g clients to connect to the wireless LAN.
clients to connect to the P-330W. Client mode activates the Wireless ISP mode of the router. Use this mode to connect to a WISP or metro-area wireless network.
Infrastructure and Ad Hoc networking modes.
station is associated. Wireless stations associating to the access point (AP) must have the same SSID. Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless LAN.
Note: If you are configuring the P-330W from a computer connected to the wireless LAN and you change the P-330W’s SSID or WEP settings, you will lose your wireless connection when you press Apply to confirm. You must then change the wireless settings of your computer to match the P-330W’s new settings.
Channel Number
Associated Clients
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to reload the previous configuration for this screen.
To manually set the P-330W to use a channel, select a channel from the drop-down list box.
Click Show Active Clients to be shown a list of wireless clients currently connected to the Wireless LAN
Chapter 5 Wireless 50
Page 51
ZyXEL P-330W User’s Guide

5.4 Wireless Advanced Settings

Click ADVANCED SETTINGS to configure the advanced settings of your wireless LAN.

5.4.1 Authentication

Three different methods can be used to authenticate wireless stations to the network: Open System, Shared Key, and Auto. The following figure illustrates the steps involved.
Figure 25 WEP Authentication Steps
Open system authentication involves an unencrypted two-message procedure. A wireless station sends an open system authentication request to the AP, which will then automatically accept and connect the wireless station to the network. In effect, open system is not authentication at all as any station can gain access to the network.
Shared key authentication involves a four-message procedure. A wireless station sends a shared key authentication request to the AP, which will then reply with a challenge text message. The wireless station must then use the AP’s default WEP key to encrypt the challenge text and return it to the AP, which attempts to decrypt the message using the AP’s default WEP key. If the decrypted message matches the challenge text, the wireless station is authenticated.
51 Chapter 5 Wireless
Page 52
When your P-330W's authentication method is set to open system, it will only accept open system authentication requests. The same is true for shared key authentication. However, when it is set to auto authentication, the P-330W will accept either type of authentication request and the P-330W will fall back to use open authentication if the shared key does not match.

5.4.2 Preamble Type

A preamble is used to synchronize the transmission timing in your wireless network. There are two preamble modes: Long and Short.
Short preamble takes less time to process and minimizes overhead, so it should be used in a good wireless network environment when all wireless clients support it.
Select Long if you have a ‘noisy’ network or are unsure of what preamble mode your wireless clients support as all IEEE 802.11b compliant wireless adapters must support long preamble. However, not all wireless adapters support short preamble. Use long preamble if you are unsure what preamble mode the wireless adapters support, to ensure interpretability between the P-330W and the wireless stations and to provide more reliable communication in ‘noisy’ networks..
ZyXEL P-330W User’s Guide
Note: The P-330W and the wireless stations MUST use the same preamble mode in order to communicate.
Figure 26 Wireless: Advanced Settings
The following table describes the advanced wireless LAN labels in this screen.
Table 18 Wireless: Advanced Settings
LABEL DESCRIPTION
Authentication Type
Preamble Type Select a preamble type from the drop-down list menu. Choices are Long or Short.
Chapter 5 Wireless 52
Select Auto, Open System or Shared Key from the menu..
The default setting is Long.
Page 53
ZyXEL P-330W User’s Guide
Table 18 Wireless: Advanced Settings
LABEL DESCRIPTION
Broadcast SSID Select this to hide the SSID in the outgoing beacon frame so a station cannot obtain
IAPP Used in a multiple AP environment where 802.1x is used for authentication.
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to reload the previous configuration for this screen.

5.5 Site Survey

Click Site Survey to scan the wireless network. If any Access Point or IBSS is found, you could choose to connect it when P330’s wireless mode is set to Client mode.
Figure 27 Wireless: Site Survey
the SSID through passive scanning using a site survey tool.

5.6 Wireless Security Overview

Wireless security is vital to your network to protect wireless communication between wireless stations, access points and the wired network.
The figure below shows the possible wireless security levels. EAP (Extensible Authentication Protocol) is used for authentication and utilizes dynamic WEP key exchange. It requires interaction with a RADIUS (Remote Authentication Dial-In User Service) server either on the WAN or your LAN to provide authentication service for wireless stations.
53 Chapter 5 Wireless
Page 54
ZyXEL P-330W User’s Guide
Figure 28 P-330W Wireless Security Levels
If you do not enable any wireless security on your P-330W, your network is accessible to any wireless networking device that is within range.
Select NONE for Encryption to allow wireless stations to communicate with the access points without any data encryption.
Chapter 5 Wireless 54
Page 55
ZyXEL P-330W User’s Guide
Figure 29 Wireless Security Setup: No Security
The following table describes the labels in this screen.
Table 19 Wireless Security Setup: No Security
LABEL DESCRIPTION
Encryption Choose None from the drop-down list box.
Use 802.1x Authentication
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to reload the previous configuration for this screen.
Mark this check box to enable 802.1x security using an external RADIUS server. Data will not be encrypted, however wireless clients will be required to authenticate before they are allowed to pass traffic to the network. Both the client and the RADIUS server will need to support the same EAP protocols.
55 Chapter 5 Wireless
Page 56

5.7 Security Parameters Summary

Refer to this table to see what other security parameters you should configure for each Authentication Method/ key management protocol type. You enter manual keys by first selecting 64-bit WEP or 128-bit WEP from the WEP Encryption field and then typing the keys (in ASCII or hexadecimal format) in the key text boxes. MAC address filters are not dependent on how you configure these security features.
Table 20 Wireless Security Relational Matrix
ZyXEL P-330W User’s Guide
AUTHENTICATION METHOD/ KEY MANAGEMENT PROTOCOL
Open None No Disabled
Open WEP No Enable with 802.1x
Shared WEP No Enable with 802.1x
WPA TKIP No Enable
WPA-PSK TKIP Ye s Disabled
WPA2 AES No Enable
WPA2-PSK AES Ye s Disabled
WPA2-Mixed AES & TKIP No Enable
WPA2-Mixed PSK AES & TKIP Ye s Disabled

5.7.1 WEP Overview

WEP (Wired Equivalent Privacy) as specified in the IEEE 802.11 standard provides methods for both data encryption and wireless station authentication.
ENCRYPTION METHOD
ENTER
MANUAL KEY
Yes Disabled
Yes Disable
IEEE 802.1X

5.7.2 Data Encryption

WEP provides a mechanism for encrypting data using encryption keys. Both the AP and the wireless stations must use the same WEP key to encrypt and decrypt data. Your P-330W allows you to configure up to four 64-bit or 128-bit WEP keys, but only one key can be enabled at any one time.

5.7.3 Configuring WEP Encryption

In order to configure and enable WEP encryption; click the SECURITY link under WIRELESS to display the Wireless Security screen. Select Static WEP from the Encryption list.
Chapter 5 Wireless 56
Page 57
ZyXEL P-330W User’s Guide
Figure 30 Wireless Security Setup: WEP Encryption
The following table describes the wireless LAN security labels in this screen
Table 21 Wireless Security Setup: Static WEP Encryption
LABEL DESCRIPTION
Encryption Choose WEP from the drop-down list box.
Set WEP Key Click this to configure WEP without 802.1x.
Use 802.1x Authentication
WEP Encryption
Authentication RADIUS Server
Port The port number on the RADIUS server.
IP Address
Password
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to reload the previous configuration for this screen.
Mark the check box here to use 802.1x authentication.
Select 64-bit WEP or 128-bit WEP. Used only when using 802.1x authentication.
Enter the IP address of the RADIUS server.
Enter the password (shared secret) for the RADIUS server.
Click SET WEP KEY to configure WEP encryption.
57 Chapter 5 Wireless
Page 58
Figure 31 Wireless Security Setup: WEP Encryption
ZyXEL P-330W User’s Guide
The following table describes the wireless LAN security labels in this screen
Table 22 Wireless Security Setup: WEP Encryption
LABEL DESCRIPTION
Key Length Select 64-bit WEP or 128-bit WEP.
Key Format ASCII: Select this option in order to enter ASCII characters as WEP key.
Hex: Select this option in order to enter hexadecimal characters as a WEP key.
Default Tx Key You must configure at least one key, only one key can be activated at any one time.
Encryption Key 1 to 4
Passphrase Enter a Passphrase (up to 32 printable characters) and clicking Generate WEP KEY.
Save Click Save to save your changes back to the P-330W.
Close Click Close to close this window.
Reset Click Reset to reload the previous configuration for this screen.
The default key is key 1.
The WEP keys are used to encrypt data. Both the P-330W and the wireless stations must use the same WEP key for data transmission.
If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal characters ("0-9", "A-F").
If you chose 128-bit WEP, then enter 13 ASCII characters or 26 hexadecimal characters ("0-9", "A-F").
The P-330W automatically generates a WEP key.
Chapter 5 Wireless 58
Page 59
ZyXEL P-330W User’s Guide

5.7.4 Introduction to WPA

Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specification draft. Key differences between WPA and WEP are user authentication and improved data encryption.
5.7.4.1 User Authentication
WPA applies IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients using appendices for more information on IEEE 802.1x, RADIUS and EAP. Your wireless client will need to be able to support 802.1x authentication to use RADIUS authentication.
Therefore, if you don’t have an external RADIUS server you should use WPA-PSK (WPA ­Pre-Shared Key) that only requires a single (identical) password entered into each access point, wireless gateway and wireless client. As long as the passwords match, a client will be granted access to a WLAN.
5.7.4.2 Encryption
an external RADIUS database. See later in this chapter and the
WPA improves data encryption by using Temporal Key Integrity Protocol (TKIP), Message Integrity Check (MIC) and IEEE 802.1x.
Temporal Key Integrity Protocol (TKIP) uses 128-bit keys that are dynamically generated and distributed by the authentication server. It includes a per-packet key mixing function, a Message Integrity Check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism.
TKIP regularly changes and rotates the encryption keys so that the same encryption key is never used twice. AP that then sets up a key hierarchy and management system, using the pair-wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients. This all happens in the background automatically.
The Message Integrity Check (MIC) is designed to prevent an attacker from capturing data packets, altering them and resending them. The MIC provides a strong mathematical function in which the receiver and the transmitter each compute and then compare the MIC. If they do not match, it is assumed that the data has been tampered with and the packet is dropped.
By generating unique data encryption keys for every data packet and by creating an integrity checking mechanism (MIC), TKIP makes it much more difficult to decode data on a Wi-Fi network than WEP, making it difficult for an intruder to break into the network.
The RADIUS server distributes a Pairwise Master Key (PMK) key to the
The encryption mechanisms used for WPA and WPA-PSK are the same. The only difference between the two is that WPA-PSK uses a simple common password, instead of user-specific credentials. The common-password approach makes WPA-PSK susceptible to brute-force password-guessing attacks but it’s still an improvement over WEP as it employs an easier-to­use, consistent, single, alphanumeric password.
59 Chapter 5 Wireless
Page 60
5.7.4.3 WPA-PSK Application Example
A WPA-PSK application looks as follows.
1 First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key
(PSK) must consist of between 8 and 63 ASCII characters (including spaces and symbols).
2 The AP checks each client’s password and (only) allows it to join the network if it
matches its password.
3 The AP derives and distributes keys to the wireless clients.
4 The AP and wireless clients use the TKIP encryption process to encrypt data exchanged
between them.
Figure 32 WPA - PSK Authentication
ZyXEL P-330W User’s Guide

5.7.5 Introduction to WPA2

WPA2 is based on the same 802.11i spec as WPA. The primary difference between WPA and WPA2 is that WPA2 uses AES encryption in places of TKIP. Like WPA, WPA2 can function either using a pre-shared key or by using a RADIUS server to perform authentication. WPA2 also offers a mixed mode which allows WPA clients to authenticate and use TKIP encryption while still allowing WPA2 clients to use AES. Configuration of WPA2 is the same as WPA.

5.7.6 Configuring WPA-PSK Authentication

In order to configure and enable WPA-PSK encryption; click the SECURITY link under WIRELESS to display the Wireless Security screen. Select WPA (TKIP) from the Encryption list. Select PERSONAL under WPA Encryption Mode.
Chapter 5 Wireless 60
Page 61
ZyXEL P-330W User’s Guide
Figure 33 Wireless Security Setup: WPA-PSK
The following table describes the labels in this screen.
Table 23 Wireless Security Setup: WPA-PSK
LABEL DESCRIPTION
Encryption Choose WPA from the drop-down list box for TKIP encryption.
Choose WPA2 (AES) from the drop-down list box to use WPA2’s AES encryption. Choose WPA2 Mixed from the drop-down list box to allow both TKIP or AES
encryption.
WPA Authentication Mode
WPA Format Choose whether to enter the PSK by either Passphrase or Hex key.
Pre-Shared Key The encryption mechanisms used for WPA and WPA-PSK are the same. The only
Group Key Life TIme
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to reload the previous configuration for this screen.
Choose Personal to enable PSK mode.
difference between the two is that WPA-PSK uses a simple common password, instead of user-specific credentials.
Type a pre-shared key from 8 to 63 case-sensitive ASCII characters (including spaces and symbols) or 64 hex characters.
The Group Key Life Time is the rate at which the AP sends a new group key out to all clients. The re-keying process is the WPA equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis.
61 Chapter 5 Wireless
Page 62

5.7.7 Introduction to RADIUS

RADIUS is based on a client-sever model that supports authentication and accounting, where access point is the client and the server is the RADIUS server. The RADIUS server handles the following tasks among others:
• Authentication
Determines the identity of the users.
• Accounting
Keeps track of the client’s network activity.
RADIUS user is a simple package exchange in which your P-330W acts as a message relay between the wireless station and the network RADIUS server.
5.7.7.1 Types of RADIUS Messages
The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user authentication:
ZyXEL P-330W User’s Guide
• Access-Request
Sent by an access point requesting authentication.
• Access-Reject
Sent by a RADIUS server rejecting access.
• Access-Accept
Sent by a RADIUS server allowing access.
5.7.7.2 Access-Challenge
Sent by a RADIUS server requesting more information in order to allow access. The access point sends a proper response from the user and then sends another Access-Request message.
The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user accounting:
5.7.7.3 Accounting-Request
Sent by the access point requesting accounting.
5.7.7.4 Accounting-Response
Sent by the RADIUS server to indicate that it has started or stopped accounting.
Chapter 5 Wireless 62
Page 63
ZyXEL P-330W User’s Guide
In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password, they both know. The key is not sent over the network. In addition to the shared key, password information exchanged is also encrypted to protect the wired network from unauthorized access.
5.7.7.5 EAP Authentication Overview
EAP (Extensible Authentication Protocol) is an authentication protocol that runs on top of the IEEE802.1x transport mechanism in order to support multiple types of user authentication. By using EAP to interact with an EAP-compatible RADIUS server, the access point helps a wireless station and a RADIUS server perform authentication.
The type of authentication you use depends on the RADIUS server or the AP. The P-330W supports EAP-TLS, EAP-TTLS and PEAP with RADIUS. Refer to the Types of EAP Authentication appendix for descriptions on the four common types.
Your P-330W supports EAP-MD5 (Message-Digest Algorithm 5) with RADIUS.
The following figure shows an overview of authentication when you specify a RADIUS server on your access point.
Figure 34 EAP Authentication
The details below provide a general description of how IEEE 802.1x EAP authentication works. For an example list of EAP-MD5 authentication steps, see the IEEE 802.1x appendix.
1 The wireless station sends a “start” message to the P-330W.
2 The P-330W sends a “request identity” message to the wireless station for identity
information.
3 The wireless station replies with identity information, including username and password.
4 The RADIUS server checks the user information against its user profile database and
determines whether or not to authenticate the wireless station.
5.7.7.6 WPA with RADIUS Application Example
You need the IP address of the RADIUS server, its port number (default is 1812), and the RADIUS shared secret. A WPA application example with an external RADIUS server looks as follows. “A” is the RADIUS server. “DS” is the distribution system.
1 The AP passes the wireless client’s authentication request to the RADIUS server.
63 Chapter 5 Wireless
Page 64
ZyXEL P-330W User’s Guide
2 The RADIUS server then checks the user's identification against its database and grants
or denies network access accordingly.
3 The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then
sets up a key hierarchy and management system, using the pair-wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients.
Figure 35 WPA with RADIUS Application Example

5.7.8 Configuring WPA Authentication

In order to configure and enable WPA encryption; click the SECURITY link under WIRELESS to display the Wireless Security screen. Select the mode (WPA, WPA2, WPA2 Mixed) from the Encryption list. Select ENTERPRISE under WPA Encryption Mode.
Chapter 5 Wireless 64
Page 65
ZyXEL P-330W User’s Guide
Figure 36 Wireless Security Setup: WPA With RADIUS
The following table describes the labels in this screen.
Table 24 Wireless Security Setup: WPA
LABEL DESCRIPTION
Encryption Choose WPA from the drop-down list box for TKIP encryption.
Choose WPA2 (AES) from the drop-down list box to use WPA2’s AES encryption.
Choose WPA2 Mixed from the drop-down list box to allow both TKIP or AES encryption.
WPA Group Key Update Timer
Authentication Server
IP Address Enter the IP address of the external authentication server in dotted decimal
Port Enter the port number of the external authentication server. The default port
The WPA Group Key Update Timer is the rate at which the AP (if using WPA- PSK key management) or RADIUS server (if using WPA key management) sends a new group key out to all clients. The re-keying process is the WPA equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis. Setting of the WPA Group Key Update Timer is also supported in WPA-PSK mode. The P-330W default is 1800 seconds (30 minutes).
notation.
number is 1812.
You need not change this value unless your network administrator instructs you to do so with additional information.
65 Chapter 5 Wireless
Page 66
Table 24 Wireless Security Setup: WPA
LABEL DESCRIPTION
ZyXEL P-330W User’s Guide
Password
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to reload the previous configuration for this screen.

5.8 WDS Settings

The WDS (Wireless Distribution System) allows you to configure the P-330W to connect two or more APs via wireless when P330’s wireless mode is set to WDS or AP+WDS mode. An AP using WDS can function as a wireless network bridge allowing you to wirelessly connect two wired network segments.
Figure 37 Wireless: WDS Settings
Enter a password (up to 31 alphanumeric characters) as the key to be shared between the external authentication server and the P-330W.
The key must be the same on the external authentication server and your P­330W. The key is not sent over the network.
The following table describes the labels in this screen.
Table 25 Wireless: WDS Settings
LABEL DESCRIPTION
Enable WDS Select this check box to enable the WDS.
MAC Address Enter the MAC addresses of the neighboring AP(s) that particapates in the
WDS. Enter the MAC addresses in a valid MAC address format, that is, six hexadecimal character pairs, for example, 001349556677.
Comment Enter in a descriptive name so you know which device the MAC address is
associated with.
Chapter 5 Wireless 66
Page 67
ZyXEL P-330W User’s Guide
Table 25 Wireless: WDS Settings
LABEL DESCRIPTION
Set Security Click Set Security to set up the wireless security for WDS. When enabled,
please make sure each WDS device has adopted the same encryption algorithm and key.
Show Statistics Click Show Statistics to show the WDS connection status.
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to reload the previous configuration for this screen.
Current WDS AP List
Delete Selected Click this button to delete selected WDS AP from the WDS AP list.
Delete All Click this button to delete all WDS AP from the WDS AP list.

5.9 Wireless Trusted Stations

The Trusted Stations screen allows you to configure the P-330W to give exclusive access to up to 20 devices. Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02. You need to know the MAC address of the devices to configure this screen.
To change your P-330W’s Trusted Stations settings, click the WIRELESS link, then the Trusted Stations link. The screen appears as shown.
67 Chapter 5 Wireless
Page 68
Figure 38 Wireless: Trusted Stations MAC Address Filter
The following table describes the labels in this menu.
ZyXEL P-330W User’s Guide
Table 26 Wireless: Trusted Stations MAC Address Filter
LABEL DESCRIPTION
Wireless Access Control Mode
MAC Address
Description
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to reload the previous configuration for this screen.
Current Access Control List
Delete Selected
Delete All Click this button to delete all clients from the trusted station list.
Select Allow Listed from the drop down list box to enable MAC address filtering.
Enter the MAC addresses of the wireless station that are allowed or denied access to the P-330W in these address fields. Enter the MAC addresses in a valid MAC address format, that is, six hexadecimal character pairs, for example, 123456789abc.
Enter in a descriptive name so you know which device the MAC address is associated with.
Click this button to delete selected clients from the trusted station list.
Chapter 5 Wireless 68
Page 69
ZyXEL P-330W User’s Guide
69 Chapter 5 Wireless
Page 70
ZyXEL P-330W User’s Guide
CHAPTER 6

Advanced Options

This chapter covers the options available under the ADVANCED section of the menu.
Figure 39 The Advanced Menu Options

6.1 Access Control

This screen allows you to block access to specified Internet services based on port number used. This can be used restrict Internet access to only certain applications or to block applications you feel may be harmful.
To change your P-330W’s Access Controls, click ADVANCED, then the Access Control link. The screen appears as shown.
Chapter 6 Advanced Options 70
Page 71
ZyXEL P-330W User’s Guide
Figure 40 Advanced: Access Control
The following table describes the labels in this screen.
Table 27 Advanced: Access Control
LABEL DESCRIPTION
Enable Access Control Check this box to enable Access Controls.
Select Services to Block
Port Range Enter in a range of ports to block.
Protocol Choose to block either TCP, UDP, or Both.
Description Give the rule you have created an easy to identify name.
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.

6.2 Dynamic DNS

Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect. Your friends or relatives will always be able to call you even if they don't know your IP address.
The P-330W comes preconfigured with settings for many common services. You can choose one to activate from the pull down menu.
71 Chapter 6 Advanced Options
Page 72
First of all, you need to have registered a dynamic DNS account with either www.dyndns.org or www.tzo.com. This is for people with a dynamic IP from their ISP or DHCP server that would still like to have a domain name. The Dynamic DNS service provider will give you a password or key.
Note: If you have a private WAN IP address, then you cannot use Dynamic DNS.

6.3 Configuring Dynamic DNS

To change your P-330W’s DDNS, click ADVANCED then the Dynamic DNS link. The screen appears as shown.
Figure 41 Advanced: Dynamic DNS
ZyXEL P-330W User’s Guide
The following table describes the labels in this screen.
Table 28 Advanced: Dynamic DNS
LABEL DESCRIPTION
Enable DDNS Select this check box to use dynamic DNS.
Service Provider Select the name of your Dynamic DNS service provider.
Domain Name Enter the host names in the field provided.
User Name Enter your user name.
Password Enter the password assigned to you.
Result Tells you the current result from trying to register your IP address with the
DDNS provider.
Chapter 6 Advanced Options 72
Page 73
ZyXEL P-330W User’s Guide
Table 28 Advanced: Dynamic DNS
LABEL DESCRIPTION
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.

6.4 DMZ

If the DMZ Host Function is enabled, it means that you set up DMZ host at a particular computer to be exposed to the Internet so that some applications/software, especially Internet / online game can have two-way connections. A device acting as DMZ is not protected by the P­330W’s firewall.
To enable DMZ, click ADVANCED then the DMZ link. The screen appears as shown.
Figure 42 Advanced: DMZ
The following table describes the labels in this screen.
Table 29 Advanced: DMZ
LABEL DESCRIPTION
Enable DMZ Select this check box to enable DMZ.
Host IP Address Enter the IP address of the device you which to be accessible from the
Internet.
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.

6.5 Virtual Servers (Port Forwarding)

The Virtual Server function is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make visible to the outside world even though NAT makes your whole inside network appear as a single computer to the outside world.
73 Chapter 6 Advanced Options
Page 74
ZyXEL P-330W User’s Guide
You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server. The port number identifies a service; for example, web service is on port 80 and FTP on port 21. In some cases, such as for unknown services or where one server can support more than one service (for example both FTP and web service), it might be better to specify a range of port numbers. You can allocate a server IP address that corresponds to a port or a range of ports.
Many residential broadband ISP accounts do not allow you to run any server processes (such as a Web or FTP server) from your location. Your ISP may periodically check for servers and may suspend your account if it discovers any active services at your location. If you are unsure, refer to your ISP.
The most often used port numbers are shown in the following table. Please refer to RFC 1700 for further information about port numbers. .
Table 30 Services and Port Numbers
SERVICES PORT NUMBER
ECHO 7
FTP (File Transfer Protocol) 21
SMTP (Simple Mail Transfer Protocol) 25
DNS (Domain Name System) 53
Finger 79
HTTP (Hyper Text Transfer protocol or WWW, Web) 80
POP3 (Post Office Protocol) 110
NNTP (Network News Transport Protocol) 119
SNMP (Simple Network Management Protocol) 161
SNMP trap 162
PPTP (Point-to-Point Tunneling Protocol) 1723

6.5.0.1 Configuring Servers Behind SUA (Example)

Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of
192.168.10.35 to a third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet
Chapter 6 Advanced Options 74
Page 75
ZyXEL P-330W User’s Guide
Figure 43 Multiple Servers Behind NAT Example

6.5.1 Configuring Virtual Servers

To configure Virtual Server, click ADVANCED then the VIRTUAL SERVERS link. The screen appears as shown.
Figure 44 Advanced: Virtual Servers
The following table describes the labels in this screen.
Table 31 Advanced: Virtual Servers
LABEL DESCRIPTION
Enable Virtual Servers
Servers By selection an option in the pull down menu, the P-330W will automatically
75 Chapter 6 Advanced Options
Put a check in the box to enable Virtual Servers
populate the settings for the corresponding service.
Page 76
Table 31 Advanced: Virtual Servers
LABEL DESCRIPTION
ZyXEL P-330W User’s Guide
Local IP Address
Protocol You can select to forward TCP, UDP, or both type of traffic.
Name Enter a name to identify this port-forwarding rule.
Port Range Enter a port number here. To forward only one port, enter it again in the End Port
Description Enter in a description for this Virtual Server.
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.
Enter the inside IP address of the server here.
field. To specify a range of ports, enter the last port to be forwarded in the End Port field.

6.6 Special Applications

Some Internet applications (such as video conferencing and Internet games) require multiple connections between the clients and the server. These applications do not work through NAT­enabled networks. You P-330W is a NAT-enabled device. In order to allow these applications to work in your network, you have to configure the P-330W to forward these applications to ports on a computer hosting that service.
To set the P-330W to forward applications to allowed ports, click ADVANCED and the Special Applications link. The screen appears as shown.
Chapter 6 Advanced Options 76
Page 77
ZyXEL P-330W User’s Guide
Figure 45 Advanced: Special Applications
The following table describes the labels in this screen.
Table 32 Advanced: Special Applications
LABEL DESCRIPTION
Enable Put a check in this box next to the ALG rule you want to activate.
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.

6.7 WAN Port

To change your P-330W’s WAN ISP settings, click ADVANCED, then the WA N link. The screen differs by the encapsulation.

6.7.1 Static IP Encapsulation

The screen shown next is for Static IP encapsulation.
77 Chapter 6 Advanced Options
Page 78
Figure 46 Advanced: WAN Static IP Encapsulation
ZyXEL P-330W User’s Guide
The following table describes the labels in this screen.
Table 33 Advanced: WAN Static IP Encapsulation
LABEL DESCRIPTION
WAN Access Type You must choose the Static IP option when the WAN port is used as a regular
IP Address Enter your WAN IP address in this field.
My WAN IP Subnet Mask
DNS 1 - 3 Enter in your ISP’s DNS server IP address here. You must enter in 1.
Clone MAC Address
Respond to WAN Ping
Enable UPnP UPnP (Universal Plug and Play) allows automatic discovery and configuration of
IPSec Passthrough Put a check in this box to enable computers on your LAN to make IPSec VPN
PPTP Passthrough Put a check in this box to enable computers on your LAN to make PPTP VPN
L2TP Passthrough Put a check in this box to enable computers on your LAN to make L2TP VPN
Ethernet with a fixed IP address.
Type your network's IP subnet Mask.
Your ISP may require a particular MAC address in order for you to connect to the Internet. This MAC address is the PC’s MAC address that your ISP had originally connected your Internet connection to. Type in this Clone MAC address in this section to replace the WAN MAC address with the MAC address of that PC.
Put a check in this box to reply to ping packets.
the Wireless Router. UPnP is by supported by Windows ME, XP, or later. Put a check in this box to allow the router configuration to be changed by UPnP devices.
connections to servers on the Internet.
connections to servers on the Internet.
connections to servers on the Internet.
Chapter 6 Advanced Options 78
Page 79
ZyXEL P-330W User’s Guide
Table 33 Advanced: WAN Static IP Encapsulation
LABEL DESCRIPTION
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.

6.7.2 DHCP IP Encapsulation

The screen shown next is for DHCP IP encapsulation.
Figure 47 Advanced: WAN DHCP IP Encapsulation
The following table describes the labels in this screen.
Table 34 Advanced: WAN DHCP IP Encapsulation
LABEL DESCRIPTION
WAN Access Type You must choose the DHCP Client option when the WAN port is used as a regular
Ethernet using DHCP to be assigned an IP address.
Attain DNS Automatically
Set DNS Manually Use this if your ISP does not assign a DNSP server when it assigns you an IP
DNS 1 - 3 Enter in your ISP’s DNS server IP address here. You must enter in 1.
Clone MAC Address
Respond to WAN Ping
79 Chapter 6 Advanced Options
Select this if your ISP assigns you a DNS server at the same time it assigns you an IP Address.
address.
Your ISP may require a particular MAC address in order for you to connect to the Internet. This MAC address is the PC’s MAC address that your ISP had originally connected your Internet connection to. Type in this Clone MAC address in this section to replace the WAN MAC address with the MAC address of that PC.
Put a check in this box to reply to ping packets.
Page 80
Table 34 Advanced: WAN DHCP IP Encapsulation
LABEL DESCRIPTION
Enable UPnP UPnP (Universal Plug and Play) allows automatic discovery and configuration of
the Wireless Router. UPnP is by supported by Windows ME, XP, or later. Put a check in this box to allow the router configuration to be changed by UPnP devices.
IPSec Passthrough Put a check in this box to enable computers on your LAN to make IPSec VPN
connections to servers on the Internet.
PPTP Passthrough Put a check in this box to enable computers on your LAN to make PPTP VPN
connections to servers on the Internet.
L2TP Passthrough Put a check in this box to enable computers on your LAN to make L2TP VPN
connections to servers on the Internet.
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.

6.7.3 PPPoE Encapsulation

The P-330W supports PPPoE (Point-to-Point Protocol over Ethernet). PPPoE is an IETF Draft standard (RFC 2516) specifying how a personal computer (PC) interacts with a broadband modem (DSL, cable, wireless, etc.) connection. The PPP over Ethernet option is for a dial­up connection using PPPoE.
ZyXEL P-330W User’s Guide
For the service provider, PPPoE offers an access and authentication method that works with existing access control systems (for example Radius). PPPoE provides a login and authentication method that the existing Microsoft Dial-Up Networking software can activate, and therefore requires no new learning or procedures for Windows users.
One of the benefits of PPPoE is the ability to let you access one of multiple network services, a function known as dynamic service selection. This enables the service provider to easily create and offer new IP services for individuals.
Operationally, PPPoE saves significant effort for both you and the ISP or carrier, as it requires no specific configuration of the broadband modem at the customer site.
By implementing PPPoE directly on the P-330W (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the P-330W does that part of the task. Furthermore, with NAT, all of the LANs’ computers will have access.
The screen shown next is for PPPoE encapsulation.
Chapter 6 Advanced Options 80
Page 81
ZyXEL P-330W User’s Guide
Figure 48 Advanced: WAN PPPoE Encapsulation
The following table describes the labels in this screen.
Table 35 PPPoE Encapsulation
LABEL DESCRIPTION
WAN Access Type
User Name Type the User Name given to you by your ISP.
Password Type the password associated with the User Name above.
Service Name Type the PPPoE service name provided to you. PPPoE uses a service name to
Connection Type Select Continuous if you do not want the connection to time out.
Idle Time The amount of time before the PPPoE session times out and drops connection.
MTU Size Enter in the maximum MTU (packet size) here.
Attain DNS Automatically
You must choose the PPPoE option when the WAN port is used with PPPoE.
identify and reach the PPPOE server.
Select Connect On Demand if you want to only connect when you are sending data.
Select Manual if you do not want manually log the P-330W in via the GUI.
Select this if your ISP assigns you a DNS server at the same time it assigns you an IP Address.
81 Chapter 6 Advanced Options
Page 82
Table 35 PPPoE Encapsulation
LABEL DESCRIPTION
ZyXEL P-330W User’s Guide
Set DNS Manually
DNS 1 - 3 Enter in your ISP’s DNS server IP address here. You must enter in 1.
Clone MAC Address
Respond to WAN Ping
Enable UPnP UPnP (Universal Plug and Play) allows automatic discovery and configuration of the
IPSec Passthrough
PPTP Passthrough
L2TP Passthrough
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.
Use this if your ISP does not assign a DNSP server when it assigns you an IP address.
Your ISP may require a particular MAC address in order for you to connect to the Internet. This MAC address is the PC’s MAC address that your ISP had originally connected your Internet connection to. Type in this Clone MAC address in this section to replace the WAN MAC address with the MAC address of that PC.
Put a check in this box to reply to ping packets.
Wireless Router. UPnP is by supported by Windows ME, XP, or later. Put a check in this box to allow the router configuration to be changed by UPnP devices.
Put a check in this box to enable computers on your LAN to make IPSec VPN connections to servers on the Internet.
Put a check in this box to enable computers on your LAN to make PPTP VPN connections to servers on the Internet.
Put a check in this box to enable computers on your LAN to make L2TP VPN connections to servers on the Internet.

6.7.4 PPTP Encapsulation

Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables secure transfer of data from a remote client to a private server, creating a Virtual Private Network (VPN) using TCP/IP-based networks.
PPTP supports on-demand, multi-protocol and virtual private networking over public networks, such as the Internet.
The screen shown next is for PPTP encapsulation.
Chapter 6 Advanced Options 82
Page 83
ZyXEL P-330W User’s Guide
Figure 49 Advanced: WAN PPTP Encapsulation
The following table describes the labels in this screen.
Table 36 Advanced: WAN PPTP Encapsulation
LABEL DESCRIPTION
WAN Access Type You must choose the PPTP option when the WAN port is used with PPTP.
IP Address Type the (static) IP address assigned to you by your ISP.
IP Subnet Mask Type the subnet mask assigned to you by your ISP.
Default Gateway Type the default gateway assigned to you by your ISP.
Server IP Address Type the IP address of the PPTP server.
User Name Type the user name given to you by your ISP.
Password Type the password associated with the User Name above.
MTU Size Enter in the maximum MTU (packet size) here.
Attain DNS Automatically
Set DNS Manually Use this if your ISP does not assign a DNSP server when it assigns you an IP
DNS 1 - 3 Enter in your ISP’s DNS server IP address here. You must enter in 1.
83 Chapter 6 Advanced Options
Select this if your ISP assigns you a DNS server at the same time it assigns you an IP Address.
address.
Page 84
ZyXEL P-330W User’s Guide
Table 36 Advanced: WAN PPTP Encapsulation
LABEL DESCRIPTION
Clone MAC Address Your ISP may require a particular MAC address in order for you to connect to
the Internet. This MAC address is the PC’s MAC address that your ISP had originally connected your Internet connection to. Type in this Clone MAC address in this section to replace the WAN MAC address with the MAC address of that PC.
Respond to WAN Ping Put a check in this box to reply to ping packets.
Enable UPnP UPnP (Universal Plug and Play) allows automatic discovery and configuration
of the Wireless Router. UPnP is by supported by Windows ME, XP, or later. Put a check in this box to allow the router configuration to be changed by UPnP devices.
IPSec Passthrough Put a check in this box to enable computers on your LAN to make IPSec VPN
connections to servers on the Internet.
PPTP Passthrough Put a check in this box to enable computers on your LAN to make PPTP VPN
connections to servers on the Internet.
L2TP Passthrough Put a check in this box to enable computers on your LAN to make L2TP VPN
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.
connections to servers on the Internet.

6.7.5 L2TP Encapsulation

Layer Two Tunneling Protocol (L2TP) is a network protocol that enables secure transfer of data from a remote client to a private server, creating a Virtual Private Network (VPN) using TCP/IP-based networks.
The screen shown next is for L2TP encapsulation.
Chapter 6 Advanced Options 84
Page 85
ZyXEL P-330W User’s Guide
Figure 50 Advanced: WAN L2TP Encapsulation
The following table describes the labels in this screen.
Table 37 Advanced: WAN L2PT Encapsulation
LABEL DESCRIPTION
WAN Access Type You must choose the L2TP option when the WAN port is used with L2TP.
Attain IP Automatically Select this if your ISP dynamically assigns you an IP Address
Set IP Manually Select this if your IP has assigned you a static IP address
IP Address Type the (static) IP address assigned to you by your ISP.
IP Subnet Mask Type the subnet mask assigned to you by your ISP.
Default Gateway Type the default gateway assigned to you by your ISP.
Server IP Address Type the IP address of the L2TP server.
85 Chapter 6 Advanced Options
Page 86
ZyXEL P-330W User’s Guide
Table 37 Advanced: WAN L2PT Encapsulation
LABEL DESCRIPTION
User Name Type the user name given to you by your ISP.
Password Type the password associated with the User Name above.
Idle Time The amount of time before the L2TP session times out and drops connection.
MTU Size Enter in the maximum MTU (packet size) here.
Attain DNS Automatically
Set DNS Manually Use this if your ISP does not assign a DNSP server when it assigns you an IP
DNS 1 - 3 Enter in your ISP’s DNS server IP address here. You must enter in 1.
Clone MAC Address Your ISP may require a particular MAC address in order for you to connect to
Respond to WAN Ping Put a check in this box to reply to ping packets.
Enable UPnP UPnP (Universal Plug and Play) allows automatic discovery and configuration
IPSec Passthrough Put a check in this box to enable computers on your LAN to make IPSec VPN
PPTP Passthrough Put a check in this box to enable computers on your LAN to make PPTP VPN
L2TP Passthrough Put a check in this box to enable computers on your LAN to make L2TP VPN
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.
Select this if your ISP assigns you a DNS server at the same time it assigns you an IP Address.
address.
the Internet. This MAC address is the PC’s MAC address that your ISP had originally connected your Internet connection to. Type in this Clone MAC address in this section to replace the WAN MAC address with the MAC address of that PC.
of the Wireless Router. UPnP is by supported by Windows ME, XP, or later. Put a check in this box to allow the router configuration to be changed by UPnP devices.
connections to servers on the Internet.
connections to servers on the Internet.
connections to servers on the Internet.

6.8 Ping

The Ping screen allows you to send out PING requests from your P-330W to a network address you specify and then reports back the test result. You can use this command to help diagnose network problems.
To access the Ping command, click ADVANCED then the Ping link. The screen appears as shown.
Chapter 6 Advanced Options 86
Page 87
ZyXEL P-330W User’s Guide
Figure 51 Advanced: Ping
The following table describes the labels in this screen.
Table 38 Advanced: Ping
LABEL DESCRIPTION
IP Address / Host Name
Run Performs the Ping command.
Reset Click Reset to begin configuring this screen afresh.
Response The results of your ping request will show up here.

6.9 DoS Setting

DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and connection requests, using so much bandwidth and so many resources that Internet access becomes unavailable. The Wireless Router incorporates protection against DoS attacks. This screen allows you to configure DoS protection.
To access the DoS settings, click ADVANCED then the DoS link. The screen appears as shown.
Enter in a host name or IP address that you would like to ping.
87 Chapter 6 Advanced Options
Page 88
Figure 52 Advanced: DoS
ZyXEL P-330W User’s Guide
The following table describes the labels in this screen.
Table 39 Advanced: DoS
LABEL DESCRIPTION
Enable DoS Protection
Select All Puts a check next to all DoS protection services.
Clear All Resets all check boxes to blank.
Apply Changes Applies DoS protections.
Put a check in this box to enable DoS protection.

6.10 Diagnostics

This screen allows you to perform a DNS lookup on any host name you enter. This can be used to help diagnose network problems.
Chapter 6 Advanced Options 88
Page 89
ZyXEL P-330W User’s Guide
To access the Diagnostic service, click ADVANCED then the DIAGNOSTIC link. The screen appears as shown.
Figure 53 Advanced: Diagnostic
The following table describes the labels in this screen.
Table 40 Advanced: Diagnostic
LABEL DESCRIPTION
Domain Name/ URL
Start Lookup Click this button to activate the DNS lookup.
Enter the domain name you want to lookup.
89 Chapter 6 Advanced Options
Page 90

Administrator Options

7.1 Remote Management

Remote management allows you to remotely configure your P-330W over your Internet connection. Since this is a potential security risk, this feature is turned off by default.
To access the Remote Management configuration screen, click ADMINISTRATOR then the REMOTE MANAGEMENT link. The screen appears as shown.
Figure 54 Administrator: Remote Management
ZyXEL P-330W User’s Guide
CHAPTER 7
The following table describes the labels in this screen.
Table 41 Administrator: Remote Management
LABEL DESCRIPTION
Enable Web Server Access via WAN
Port Number Enter in the port number you want the P-330W to respond on when accessed from
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.
Put a check in this box to allow your P-330W to be accessed over the Internet.
the Internet.

7.2 Configuration Screen

Click Administrator, and then the Config File link. The screen you are presented with is next.
Chapter 7 Administrator Options 90
Page 91
ZyXEL P-330W User’s Guide
Figure 55 Administrator: Configuration File

7.2.1 Backup Configuration

Backup configuration allows you to back up (save) the P-330W’s current configuration to a file on your computer. Once your P-330W is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes. The backup configuration file will be useful in case you need to return to your previous settings.
Click Download to save the P-330W’s current configuration to your computer.

7.2.2 Restore Configuration

Restore configuration allows you to upload a new or previously saved configuration file from your computer to your P-330W.
Table 42 Maintenance Restore Configuration
LABEL DESCRIPTION
File Path Type in the location of the file you want to upload in this field or click Browse ... to find it.
Browse... Click Browse... to find the file you want to upload. Remember that you must decompress
compressed (.ZIP) files before you can upload them.
Restore Click Restore to begin the upload process.
Note: Do not turn off the P-330W while configuration file upload is in progress
The P-330W automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop.
91 Chapter 7 Administrator Options
Page 92
Figure 56 Temporarily Disconnected

7.2.3 Back to Factory Defaults

Pressing the Restore Defaults button in this section clears all user-entered configuration information and returns the P-330W to its factory defaults.
You can also press the RESET button on the rear panel to reset the factory defaults of your P­330W. Refer to the Introducing the Web Configurator chapter for more information on the RESET button.

7.3 Logs

ZyXEL P-330W User’s Guide
The Logs record various types of activity on the Wireless Router. This data is useful for troubleshooting, but enabling all logs will generate a large amount of data and adversely affect performance.
To access the Logs configuration screen, click ADMINISTRATOR then the LOGS link. The screen appears as shown.
Chapter 7 Administrator Options 92
Page 93
ZyXEL P-330W User’s Guide
Figure 57 Administrator: Logs
The following table describes the labels in this screen.
Table 43 Administrator: Remote Management
LABEL DESCRIPTION
Enable Log Activates the logging function.
System All Activates all logging functions.
Wireless Only Only logs related to the wireless LAN will be recorded.
DoS Only Only logs related to the DoS protection will be recorded.
WAN Only Only logs related to the WAN will be recorded.
DHCP Server Only
URL Filter Only Only logs related to the URL Filter will be recorded.
Apply Changes Activate the logging feature.
Refresh Refreshes the current display to show the latest log activity.
Clear Deletes the logs.
Only logs related to the DHCP Server will be recorded.
93 Chapter 7 Administrator Options
Page 94

7.4 IP Filtering

Entries in this table are used to restrict certain types of data packets from your local network to Internet through the Router. Here you can restrict local LAN clients to access Internet application/services by IP Address. Use of such filters can be helpful in securing or restricting your local network.
To access the IP Filtering configuration screen, click ADMINISTRATOR then the IP FILTERING link. The screen appears as shown.
Figure 58 Administrator: IP Filtering
ZyXEL P-330W User’s Guide
The following table describes the labels in this screen.
Table 44 Administrator: IP Filtering
LABEL DESCRIPTION
Enable IP Filtering
Local IP Address
Description Enter in a descriptive description for this rule.
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.
Chapter 7 Administrator Options 94
Enables IP Filtering.
Enter the IP address of the local device whose access you want to restrict.
Page 95
ZyXEL P-330W User’s Guide

7.5 MAC Filtering

This screen is used to restrict devices on your local network from being able to access the Internet. You do this by entering the MAC address of any device you want to restrict.
To access the MAC Filtering configuration screen, click ADMINISTRATOR then the MAC FILTERING link. The screen appears as shown.
Figure 59 Administrator: MAC Filtering
The following table describes the labels in this screen.
Table 45 Administrator: MAC Filtering
LABEL DESCRIPTION
Enable MAC Filtering
MAC Address Enter the MAC address of the local device whose access you want to restrict.
Description Enter in a descriptive description for this rule.
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.

7.6 URL Filtering

This screen is used to restrict devices on your local network from being able to access the Internet. You can enter in a list of Internet URL’s that you wish to restrict access to.
To access the URL Filtering configuration screen, click ADMINISTRATOR then the URL FILTERING link. The screen appears as shown.
Enables MAC Filtering.
95 Chapter 7 Administrator Options
Page 96
Figure 60 Administrator: URL Filtering
The following table describes the labels in this screen.
Table 46 Administrator: URL Filtering
ZyXEL P-330W User’s Guide
LABEL DESCRIPTION
Enable URL Filtering
URL Address Enter the URL address of the Internet site you want to restrict.
Exempt IP Pool Star t
Pool Size Enter the size of exempt IP Pool.
Apply Changes Click Apply Changes to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.
Enables URL Filtering.
Enter the initial IP address you want to allow to access the blocked URLs.

7.7 Statistics

The statistics screen provides you with information on each interface on your P-330W. This includes the WAN, LAN, and wireless network connections. This page will show you how many packets of data have been sent and received.

7.8 Time Zone Setting

To change your P-330W’s time and date, click ADMINISTRATOR, then the Time Zone Setting link. The screen appears as shown. Use this screen to configure the P-330W’s time
based on your local time zone.
Chapter 7 Administrator Options 96
Page 97
ZyXEL P-330W User’s Guide
Figure 61 Administrator: Time Zone Setting
The following table describes the labels in this screen.
Table 47 Administrator: Time Zone Setting
LABEL DESCRIPTION
Current Time This field displays the time of your P-330W.
If you are not using an NTP server, you can make changes here and they will be applied when you click Save.
Enable NTP client update
Time Zone Select Choose the Time Zone of your location. This will set the time difference between
NTP Server Select Auto or Enter the IP address manually. Check with your ISP/network
Daylight Saving Time Put a check in this box to enable the use of Daylight Saving Time.
Save Click Save to save your changes back to the P-330W.
Reset Click Reset to begin configuring this screen afresh.
Refresh Click Refresh to display the current time.
Put a check in this box to enable the use of an external NTP server.
your time zone and Greenwich Mean Time (GMT).
administrator if you are unsure of this information.

7.9 Upgrade Firmware

Find firmware at www.us.zyxel.com in a file that (usually) uses the system model name with a "*.bin" extension, e.g., "P-330W.bin". The upload process uses HTTP (Hypertext Transfer Protocol) and may take up to two minutes. After a successful upload, the system will reboot.
Click Administrator, and then the Upgrade Firmware link. Follow the instructions in this screen to upload firmware to your P-330W.
97 Chapter 7 Administrator Options
Page 98
ZyXEL P-330W User’s Guide
Figure 62 Administrator: Upgrade Firmware
The following table describes the labels in this screen.
Table 48 Administrator: Upgrade Firmware
LABEL DESCRIPTION
Select File Type in the location of the file you want to upload in this field or click Browse ... to find it.
Browse... Click Browse... to find the .bin file you want to upload. Remember that you must
decompress compressed (.zip) files before you can upload them.
Star t Upgrade
Click Start Upgrade to begin the upload process. This process may take up to two minutes.
Note: Do not turn off the P-330W while firmware upload is in progress!
After you see the Firmware Upload in Process screen, wait two minutes before logging into the P-330W again.
Figure 63 Upload Warning
The P-330W automatically restarts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop.
Chapter 7 Administrator Options 98
Page 99
ZyXEL P-330W User’s Guide
Figure 64 Network Temporarily Disconnected
After two minutes, log in again and check your new firmware version in the System Status screen.
If the upload was not successful, a warning screen will appear. Click Return to go back to the F/W Upload screen.
99 Chapter 7 Administrator Options
Page 100
PPPoE in Action
An ADSL modem bridges a PPP session over Ethernet (PPP over Ethernet, RFC 2516) from your computer to an ATM PVC (Permanent Virtual Circuit) which connects to a DSL Access Concentrator where the PPP session terminates (see the next figure). One PVC can support any number of PPP sessions from your LAN. PPPoE provides access control and billing functionality in a manner similar to dial-up services using PPP.
Benefits of PPPoE
PPPoE offers the following benefits:
ZyXEL P-330W User’s Guide

Appendix A

PPPoE
• It provides you with a familiar dial-up networking (DUN) user interface.
• It lessens the burden on the carriers of provisioning virtual circuits all the way to the ISP on multiple switches for thousands of users. For GSTN (PSTN and ISDN), the switching fabric is already in place.
• It allows the ISP to use the existing dial-up model to authenticate and (optionally) to provide differentiated services.
Traditional Dial-up Scenario
The following diagram depicts a typical hardware configuration where the computers use traditional dial-up networking.
Appendix A PPPoE 100
Loading...