Chapter 11 Network Address Translation (NAT)
DSL
Figure 75 Multiple Servers Behind NAT Example
Click Network Setting > NAT > Port Forwarding to open the following screen.
See Appendix C on page 308 for port numbers commonly used for particular services.
Figure 76 Network Setting > NAT > Port Forwarding
The following table describes the fields in this screen.
Table 53 Network Setting > NAT > Port Forwarding
LABEL DESCRIPTION
Add New Rule Click this to add a new rule.
# This is the index number of the entry.
Status This field displays whether the NAT rule is active or not. A yellow bulb signifies that this rule is
active. A gray bulb signifies that this rule is not active.
Service Name This shows the service’s name.
Originating IP This shows the destination IP address that this NAT rule supports.
WAN Interface This shows the WAN interface through which the service is forwarded.
Server IP
Address
Start Port This is the first external port number that identifies a service.
End Port This is the last external port number that identifies a service.
Translation Start
Port
This is the server’s IP address.
This is the first internal port number that identifies a service.
XMG3563-B10A User’s Guide
153
Chapter 11 Network Address Translation (NAT)
Table 53 Network Setting > NAT > Port Forwarding (continued)
LABEL DESCRIPTION
Translation End
Port
Protocol This shows the IP protocol supported by this virtual server, whether it is TCP, UDP, or TCP/UDP.
Modify Click the Edit icon to edit this rule.
This is the last internal port number that identifies a service.
Click the Delete icon to delete an existing rule.
11.2.1 Add/Edit Port Forwarding
Click Add New Rule in the Port Forwarding screen or click the Edit icon next to an existing rule to open
the following screen.
Figure 77 Port Forwarding: Add/Edit
The following table describes the labels in this screen.
Table 54 Port Forwarding: Add/Edit
LABEL DESCRIPTION
Active Select to enable or disable the rule.
Service Name Enter a name to identify this rule using keyboard characters (A-Z, a-z, 1-2 and so on).
WAN Interface Select the WAN interface through which the service is forwarded.
You must have already configured a WAN connection with NAT enabled.
Start Port Enter the original destination port for the packets.
To forward only one port, enter the port number again in the End Port field.
To forward a series of ports, enter the start port number here and the end port number in the End
Port field.
XMG3563-B10A User’s Guide
154
Chapter 11 Network Address Translation (NAT)
Table 54 Port Forwarding: Add/Edit (continued)
LABEL DESCRIPTION
End Port Enter the last port of the original destination port range.
To forward only one port, enter the port number in the Start Port field above and then enter it
again in this field.
To forward a series of ports, enter the last port number in a series that begins with the port
number in the Start Port field above.
Translation Start
Port
Translation End
Port
Server IP
Address
Configure
Originating IP
Originating IP
Protocol Select the protocol supported by this virtual server. Choices are TCP, UDP, or TCP/UDP.
OK Click OK to save your changes.
Cancel Click Cancel to exit this screen without saving.
This shows the port number to which you want the XMG to translate the incoming port. For a
range of ports, enter the first number of the range to which you want the incoming ports
translated.
This shows the last port of the translated port range.
Enter the inside IP address of the virtual server here.
Specify the destination IP address of the packets received by this NAT rule.
Type the destination IP address that this NAT rule supports.
11.3 The Applications Screen
This screen provides a summary of all NAT applications and their configuration. In addition, this screen
allows you to create new applications and/or remove existing ones.
To access this screen, click Network Setting > NAT > Applications. The following screen appears.
Figure 78 Network Setting > NAT > Applications
The following table describes the labels in this screen.
Table 55 Network Setting > NAT > Applications
LABEL DESCRIPTION
Add New
Application
# This is the index number of the entry.
Application
Forwarded
WAN Interface This field shows the WAN interface through which the service is forwarded.
Click this to add a new NAT application rule.
This field shows the type of application that the service forwards.
XMG3563-B10A User’s Guide
155
Chapter 11 Network Address Translation (NAT)
Table 55 Network Setting > NAT > Applications (continued)
LABEL DESCRIPTION
Server IP
Address
Modify Click the Delete icon to delete the rule.
This field displays the destination IP address for the service.
11.3.1 Add New Application
This screen lets you create new NAT application rules. Click Add New Application in the Applications
screen to open the following screen.
Figure 79 Network Setting > NAT > Applications: Add
The following table describes the labels in this screen.
Table 56 Network Setting > NAT > Applications: Add
LABEL DESCRIPTION
WAN Interface Select the WAN interface that you want to apply this NAT rule to.
Server IP
Address
Application
Category
Application
Forwarded
View Rules Click this to display the configuration of the service that you have chosen in Application
OK Click OK to save your changes.
Cancel Click Cancel to exit this screen without saving.
Enter the inside IP address of the application here.
Select the category of the application from the drop-down list box.
Select a service from the drop-down list box and the XMG automatically configures the
protocol, start, end, and map port number that define the service.
Fowarded.
11.4 The Port Triggering Screen
Some services use a dedicated range of ports on the client side and a dedicated range of ports on the
server side. With regular port forwarding you set a forwarding port in NAT to forward a service (coming in
from the server on the WAN) to the IP address of a computer on the client side (LAN). The problem is that
port forwarding only forwards a service to a single LAN IP address. In order to use the same service on a
XMG3563-B10A User’s Guide
156
Chapter 11 Network Address Translation (NAT)
DSL
different LAN computer, you have to manually replace the LAN computer's IP address in the forwarding
port with another LAN computer's IP address.
Trigger port forwarding solves this problem by allowing computers on the LAN to dynamically take turns
using the service. The XMG records the IP address of a LAN computer that sends traffic to the WAN to
request a service with a specific port number and protocol (a "trigger" port). When the XMG's WAN port
receives a response with a specific port number and protocol ("open" port), the XMG forwards the traffic
to the LAN IP address of the computer that sent the request. After that computer’s connection for that
service closes, another computer on the LAN can use the service in the same manner. This way you do
not need to configure a new IP address each time you want a different LAN computer to use the
application.
For example:
Figure 80 Trigger Port Forwarding Process: Example
1 Jane requests a file from the Real Audio server (port 7070).
2 Port 7070 is a “trigger” port and causes the XMG to record Jane’s computer IP address. The XMG
associates Jane's computer IP address with the "open" port range of 6970-7170.
3 The Real Audio server responds using a port number ranging between 6970-7170.
4 The XMG forwards the traffic to Jane’s computer IP address.
5 Only Jane can connect to the Real Audio server until the connection is closed or times out. The XMG
times out in three minutes with UDP (User Datagram Protocol) or two hours with TCP/IP (Transfer Control
Protocol/Internet Protocol).
Click Network Setting > NAT > Port Triggering to open the following screen. Use this screen to view your
XMG’s trigger port settings.
Figure 81 Network Setting > NAT > Port Triggering
XMG3563-B10A User’s Guide
157
Chapter 11 Network Address Translation (NAT)
The following table describes the labels in this screen.
Table 57 Network Setting > NAT > Port Triggering
LABEL DESCRIPTION
Add New Rule Click this to create a new rule.
# This is the index number of the entry.
Status This field displays whether the port triggering rule is active or not. A yellow bulb signifies that this
Service Name This field displays the name of the service used by this rule.
WAN Interface This field shows the WAN interface through which the service is forwarded.
Trigger Start Port The trigger port is a port (or a range of ports) that causes (or triggers) the XMG to record the IP
Trigger End Port This is the last port number that identifies a service.
Trigger Proto. This is the trigger transport layer protocol.
Open Start Port The open port is a port (or a range of ports) that a server on the WAN uses when it sends out a
Open End Port This is the last port number that identifies a service.
Open Protocol This is the open transport layer protocol.
Modify Click the Edit icon to edit this rule.
rule is active. A gray bulb signifies that this rule is not active.
address of the LAN computer that sent the traffic to a server on the WAN.
This is the first port number that identifies a service.
particular service. The XMG forwards the traffic with this port (or range of ports) to the client
computer on the LAN that requested the service.
This is the first port number that identifies a service.
Click the Delete icon to remove an existing rule.
11.4.1 Add/Edit Port Triggering Rule
This screen lets you create new port triggering rules. Click Add new rule in the Port Triggering screen or
click a rule’s Edit icon to open the following screen.
Figure 82 Port Triggering: Add/Edit
XMG3563-B10A User’s Guide
158
Chapter 11 Network Address Translation (NAT)
The following table describes the labels in this screen.
Table 58 Port Triggering: Configuration Add/Edit
LABEL DESCRIPTION
Active Select to enable or disable this rule.
Service Name Enter a name to identify this rule using keyboard characters (A-Z, a-z, 1-2 and so on).
WAN Interface Select a WAN interface for which you want to configure port triggering rules.
Trigger Start Port The trigger port is a port (or a range of ports) that causes (or triggers) the XMG to record the IP
Trigger End Port Type a port number or the ending port number in a range of port numbers.
Trigger Protocol Select the transport layer protocol from TCP, UDP, or TCP/UDP.
Open Start Port The open port is a port (or a range of ports) that a server on the WAN uses when it sends out a
Open End Port Type a port number or the ending port number in a range of port numbers.
Open Protocol Select the transport layer protocol from TCP, UDP, or TCP/UDP.
OK Click OK to save your changes.
Cancel Click Cancel to exit this screen without saving.
address of the LAN computer that sent the traffic to a server on the WAN.
Type a port number or the starting port number in a range of port numbers.
particular service. The XMG forwards the traffic with this port (or range of ports) to the client
computer on the LAN that requested the service.
Type a port number or the starting port number in a range of port numbers.
11.5 The DMZ Screen
In addition to the servers for specified services, NAT supports a default server IP address. A default server
receives packets from ports that are not specified in the NAT Port Forwarding Setup screen.
Figure 83 Network Setting > NAT > DMZ
The following table describes the fields in this screen.
Table 59 Network Setting > NAT > DMZ
LABEL DESCRIPTION
Default Server
Address
Apply Click Apply to save your changes.
Cancel Click Cancel to restore your previously saved settings.
Enter the IP address of the default server which receives packets from ports that are not
specified in the NAT Port Forwarding screen.
Note: If you do not assign a Default Server Address, the XMG discards all packets
received for ports that are not specified in the NAT Port Forwarding screen.
XMG3563-B10A User’s Guide
159
Chapter 11 Network Address Translation (NAT)
11.6 The ALG Screen
Some NAT routers may include a SIP Application Layer Gateway (ALG). A SIP ALG allows SIP calls to pass
through NAT by examining and translating IP addresses embedded in the data stream. When the XMG
registers with the SIP register server, the SIP ALG translates the XMG’s private IP address inside the SIP
data stream to a public IP address. You do not need to use STUN or an outbound proxy if your XMG is
behind a SIP ALG.
Use this screen to enable and disable the ALGs in the XMG. To access this screen, click Network Setting >
NAT > ALG.
Figure 84 Network Setting > NAT > ALG
The following table describes the fields in this screen.
Table 60 Network Setting > NAT > ALG
LABEL DESCRIPTION
NAT ALG Enable this to make sure applications such as FTP and file transfer in IM applications work
correctly with port-forwarding and address-mapping rules.
SIP ALG
RTSP ALG
PPTP ALG
IPSEC ALG
Apply Click Apply to save your changes.
Cancel Click Cancel to restore your previously saved settings.
Enable this to make sure SIP (VoIP) works correctly with port-forwarding and address-mapping
rules.
Enable this to have the XMG detect RTSP traffic and help build RTSP sessions through its NAT. The
Real Time Streaming (media control) Protocol (RTSP) is a remote control for multimedia on the
Internet.
Enable this to turn on the PPTP ALG on the XMG to detect PPTP traffic and help build PPTP
sessions through the XMG’s NAT.
Enable this to turn on the IPsec ALG on the XMG to detect IPsec traffic and help build IPsec
sessions through the XMG’s NAT.
11.7 The Address Mapping Screen
Ordering your rules is important because the XMG applies the rules in the order that you specify. When a
rule matches the current packet, the XMG takes the corresponding action and the remaining rules are
ignored.
Click Network Setting > NAT > Address Mapping to display the following screen.
XMG3563-B10A User’s Guide
160
Chapter 11 Network Address Translation (NAT)
Figure 85 Network Setting > NAT > Address Mapping
The following table describes the fields in this screen.
Table 61 Network Setting > NAT > Address Mapping
LABEL DESCRIPTION
Add New Rule Click this to create a new rule.
Rule Name This shows the descriptive name to identify this rule.
Local Start IP This is the starting Inside Local IP Address (ILA).
Local End IP This is the ending Inside Local IP Address (ILA). If the rule is for all local IP addresses, then this field
Global Start IP This is the starting Inside Global IP Address (IGA). Enter 0.0.0.0 here if you have a dynamic IP
Global End IP This is the ending Inside Global IP Address (IGA). This field is blank for One-to-One and Many-to-
Type This is the address mapping type.
displays 0.0.0.0 as the Local Start IP address and 255.255.255.255 as the Local End IP address. This
field is blank for One-to-One mapping types.
address from your ISP. You can only do this for the Many-to-One mapping type.
One mapping types.
One-to-One: This mode maps one local IP address to one global IP address. Note that port
numbers do not change for the One-to-one NAT mapping type.
Many-to-One: This mode maps multiple local IP addresses to one global IP address. This is
equivalent to SUA (i.e., PAT, port address translation), the XMG's Single User Account feature that
previous routers supported only.
Many-to-Many: This mode maps multiple local IP addresses to shared global IP addresses.
WAN Interface
Name
Modify Click the Edit icon to go to the screen where you can edit the address mapping rule.
This is the WAN interface to which the address mapping rule applies.
Click the Delete icon to delete an existing address mapping rule. Note that subsequent address
mapping rules move up by one when you take this action.
11.7.1 Add/Edit Address Mapping Rule
To add or edit an address mapping rule, click Add new rule or the rule’s edit icon in the Address
Mapping screen to display the screen shown next.
XMG3563-B10A User’s Guide
161
Chapter 11 Network Address Translation (NAT)
Figure 86 Address Mapping: Add/Edit
The following table describes the fields in this screen.
Table 62 Address Mapping: Add/Edit
LABEL DESCRIPTION
Rule Name Enter a name to identify this rule using keyboard characters (A-Z, a-z, 1-2 and so on).
Type Choose the IP/port mapping type from one of the following.
One-to-One: This mode maps one local IP address to one global IP address. Note that port
numbers do not change for the One-to-one NAT mapping type.
Many-to-One: This mode maps multiple local IP addresses to one global IP address. This is
equivalent to SUA (i.e., PAT, port address translation), the XMG's Single User Account feature
that previous routers supported only.
Many-to-Many: This mode maps multiple local IP addresses to shared global IP addresses.
Local Start IP
Local End IP Enter the ending Inside Local IP Address (ILA). If the rule is for all local IP addresses, then this field
Global Start IP Enter the starting Inside Global IP Address (IGA). Enter 0.0.0.0 here if you have a dynamic IP
Global End IP Enter the ending Inside Global IP Address (IGA). This field is blank for One-to-One and Many-to-
WAN Interface Select a WAN interface to which the address mapping rule applies.
OK Click OK to save your changes.
Cancel Click Cancel to exit this screen without saving.
Enter the starting Inside Local IP Address (ILA).
displays 0.0.0.0 as the Local Start IP address and 255.255.255.255 as the Local End IP address. This
field is blank for One-to-One mapping types.
address from your ISP. You can only do this for the Many-to-One mapping type.
One mapping types.
11.8 The Sessions Screen
Use this screen to limit the number of concurrent NAT sessions a client can use. Click Network Setting >
NAT > Sessions to display the following screen.
XMG3563-B10A User’s Guide
162
Chapter 11 Network Address Translation (NAT)
Figure 87 Network Setting > NAT > Sessions
The following table describes the fields in this screen.
Table 63 Network Setting > NAT > Sessions
LABEL DESCRIPTION
MAX NAT
Session Per Host
Apply Click this to save your changes on this screen.
Cancel Click this to exit this screen without saving any changes.
Use this field to set a limit to the number of concurrent NAT sessions each client host can have.
If only a few clients use peer to peer applications, you can raise this number to improve their
performance. With heavy peer-to-peer application use, lower this number to ensure no single
client uses too many of the available NAT sessions.
11.9 Technical Reference
This part contains more information regarding NAT.
11.9.1 NAT Definitions
Inside/outside denotes where a host is located relative to the XMG, for example, the computers of your
subscribers are the inside hosts, while the web servers on the Internet are the outside hosts.
Global/local denotes the IP address of a host in a packet as the packet traverses a router, for example,
the local address refers to the IP address of a host when the packet is in the local network, while the
global address refers to the IP address of the host when the same packet is traveling in the WAN side.
Note that inside/outside refers to the location of a host, while global/local refers to the IP address of a
host used in a packet. Thus, an inside local address (ILA) is the IP address of an inside host in a packet
when the packet is still in the local network, while an inside global address (IGA) is the IP address of the
same inside host when the packet is on the WAN side. The following table summarizes this information.
Table 64 NAT Definitions
ITEM DESCRIPTION
Inside This refers to the host on the LAN.
Outside This refers to the host on the WAN.
Local This refers to the packet address (source or destination) as the packet travels on the LAN.
Global This refers to the packet address (source or destination) as the packet travels on the WAN.
NAT never changes the IP address (either local or global) of an outside host.
XMG3563-B10A User’s Guide
163
11.9.2 What NAT Does
DSL
In the simplest form, NAT changes the source IP address in a packet received from a subscriber (the
inside local address) to another (the inside global address) before forwarding the packet to the WAN
side. When the response comes back, NAT translates the destination address (the inside global address)
back to the inside local address before forwarding it to the original inside host. Note that the IP address
(either local or global) of an outside host is never changed.
The global IP addresses for the inside hosts can be either static or dynamically assigned by the ISP. In
addition, you can designate servers, for example, a web server and a telnet server, on your local
network and make them accessible to the outside world. If you do not define any servers (for Many-toOne and Many-to-Many Overload mapping), NAT offers the additional benefit of firewall protection.
With no servers defined, your XMG filters out all incoming inquiries, thus preventing intruders from probing
your network. For more information on IP address translation, refer to RFC 1631, The IP Network Address
Translator (NAT).
11.9.3 How NAT Works
Each packet has two addresses – a source address and a destination address. For outgoing packets,
the ILA (Inside Local Address) is the source address on the LAN, and the IGA (Inside Global Address) is
the source address on the WAN. For incoming packets, the ILA is the destination address on the LAN,
and the IGA is the destination address on the WAN. NAT maps private (local) IP addresses to globally
unique ones required for communication with hosts on other networks. It replaces the original IP source
address (and TCP or UDP source port numbers for Many-to-One and Many-to-Many Overload NAT
mapping) in each packet and then forwards it to the Internet. The XMG keeps track of the original
addresses and port numbers so incoming reply packets can have their original values restored. The
following figure illustrates this.
Chapter 11 Network Address Translation (NAT)
Figure 88 How NAT Works
11.9.4 NAT Application
The following figure illustrates a possible NAT application, where three inside LANs (logical LANs using IP
alias) behind the XMG can communicate with three distinct WAN networks.
XMG3563-B10A User’s Guide
164
Chapter 11 Network Address Translation (NAT)
DSL
Figure 89 NAT Application With IP Alias
Port Forwarding: Services and Port Numbers
The most often used port numbers are shown in the following table. Please refer to RFC 1700 for further
information about port numbers. Please also refer to the Supporting CD for more examples and details
on port forwarding and NAT.
Table 65 Services and Port Numbers
SERVICES PORT NUMBER
ECHO 7
FTP (File Transfer Protocol) 21
SMTP (Simple Mail Transfer Protocol) 25
DNS (Domain Name System) 53
Finger 79
HTTP (Hyper Text Transfer protocol or WWW, Web) 80
POP3 (Post Office Protocol) 110
NNTP (Network News Transport Protocol) 119
SNMP (Simple Network Management Protocol) 161
SNMP trap 162
PPTP (Point-to-Point Tunneling Protocol) 1723
Port Forwarding Example
Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to
another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the
example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network
appears as a single host on the Internet.
XMG3563-B10A User’s Guide
165
Chapter 11 Network Address Translation (NAT)
DSL
Figure 90 Multiple Servers Behind NAT Example
XMG3563-B10A User’s Guide
166
12.1 Overview
DNS
DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice
versa. The DNS server is extremely important because without it, you must know the IP address of a
machine before you can access it.
In addition to the system DNS server(s), each WAN interface (service) is set to have its own static or
dynamic DNS server list. You can configure a DNS static route to forward DNS queries for certain domain
names through a specific WAN interface to its DNS server(s). The XMG uses a system DNS server (in the
order you specify in the Broadband screen) to resolve domain names that do not match any DNS
routing entry. After the XMG receives a DNS reply from a DNS server, it creates a new entry for the
resolved IP address in the routing table.
CHAPTER 12
DNS
Dynamic DNS
Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS
services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your
FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where
myhost is a name of your choice) that will never change instead of using an IP address that changes
each time you reconnect. Your friends or relatives will always be able to call you even if they don't know
your IP address.
First of all, you need to have registered a dynamic DNS account with www.dyndns.org. This is for people
with a dynamic IP from their ISP or DHCP server that would still like to have a domain name. The Dynamic
DNS service provider will give you a password or key.
12.1.1 What You Can Do in this Chapter
• Use the DNS Entry screen to view, configure, or remove DNS routes (Section 12.2 on page 168).
• Use the Dynamic DNS screen to enable DDNS and configure the DDNS settings on the XMG (Section
12.3 on page 169).
12.1.2 What You Need To Know
DYNDNS Wildcard
Enabling the wildcard feature for your host causes *.yourhost.dyndns.org to be aliased to the same IP
address as yourhost.dyndns.org. This feature is useful if you want to be able to use, for example,
www.yourhost.dyndns.org and still reach your hostname.
XMG3563-B10A User’s Guide
167
Chapter 12 DNS
If you have a private WAN IP address, then you cannot use Dynamic DNS.
12.2 The DNS Entry Screen
Use this screen to view and configure DNS routes on the XMG. Click Network Setting > DNS to open the
DNS Entry screen.
Figure 91 Network Setting > DNS > DNS Entry
The following table describes the fields in this screen.
Table 66 Network Setting > DNS > DNS Entry
LABEL DESCRIPTION
Add New DNS
Entry
# This is the index number of the entry.
Hostname This indicates the host name or domain name.
IP Address This indicates the IP address assigned to this computer.
Modify Click the Edit icon to edit the rule.
Click this to create a new DNS entry.
Click the Delete icon to delete an existing rule.
12.2.1 Add/Edit DNS Entry
You can manually add or edit the XMG’s DNS name and IP address entry. Click Add New DNS Entry in
the DNS Entry screen or the Edit icon next to the entry you want to edit. The screen shown next appears.
Figure 92 DNS Entry: Add/Edit
XMG3563-B10A User’s Guide
168
Chapter 12 DNS
The following table describes the labels in this screen.
Table 67 DNS Entry: Add/Edit
LABEL DESCRIPTION
Host Name Enter the host name of the DNS entry.
IPv4 Address Enter the IPv4 address of the DNS entry.
OK Click OK to save your changes.
Cancel Click Cancel to exit this screen without saving.
12.3 The Dynamic DNS Screen
Use this screen to change your XMG’s DDNS. Click Network Setting > DNS > Dynamic DNS. The screen
appears as shown.
Figure 93 Network Setting > DNS > Dynamic DNS
The following table describes the fields in this screen.
Table 68 Network Setting > DNS > > Dynamic DNS
LABEL DESCRIPTION
Dynamic DNS Setup
Dynamic DNS Select Enable to use dynamic DNS.
Service Provider Select your Dynamic DNS service provider from the drop-down list box.
Host Name Type the domain name assigned to your XMG by your Dynamic DNS provider.
You can specify up to two host names in the field separated by a comma (",").
Host/Domain
Name
Username Type your user name.
Password Type the password assigned to you.
Dynamic DNS Status
User
Authentication
Result
Type the domain name the XMG can route.
This shows Success if the account is correctly set up with the Dynamic DNS provider
account.
XMG3563-B10A User’s Guide
169
Chapter 12 DNS
Table 68 Network Setting > DNS > > Dynamic DNS (continued)
LABEL DESCRIPTION
Last Updated Time This shows the last time the IP address the Dynamic DNS provider has associated with the
hostname was updated.
Current Dynamic IPThis shows the IP address your Dynamic DNS provider has currently associated with the
hostname.
Apply Click Apply to save your changes.
Cancel Click Cancel to exit this screen without saving.
XMG3563-B10A User’s Guide
170
13.1 Overview
Use the IGMP/MLD screen to configure IGMP/MLD protocols.
13.2 The IGMP/MLD Screen
Click Network Setting > IGMP/MLD to open the following screen.
Figure 94 Network Setting > IGMP/MLD
CHAPTER 13
IGMP/MLD
XMG3563-B10A User’s Guide
171
Chapter 13 IGMP/MLD
The following table describes the labels in this screen.
Table 69 Network Setting > IGMP/MLD
LABEL DESCRIPTION
IGMP Configuration/MLD Configuration
Default Version Enter the version (1~3) of the IGMP/MLD packets that the XMG should use.
Query Interval Specify the amount of time in seconds (1~30000) between general query messages
Query Response Interval Specify the amount of time in seconds (1~30000) the router waits for a response to a
Last Member Query Interval Specify the amount of time in seconds (1~30000) the router waits for a response to a
Robustness Value Specify how susceptible (1~7) the subnet is to lost packets.
Maximum Multicast Groups Enter a number to limit the number of multicast groups of an interface on the XMG is
Maximum Multicast Data
Sources (for IGMPv3/mldv2)
sent by the router.
general query message.
group specific query message.
allowed to join. Once a multicast member is registered in the specified number of
multicast groups, any new IGMP or MLD join report frames are dropped by the
interface.
Enter a number to limit the number of multicast data sources (1-24) a multicast
group is allowed to have.
Note: The setting only works for IGMPv3 and MLDv2.
Maximum Multicast Group
Members
Fast Leave Enable Select this option to set the XMG to remove a port from the multicast tree
LAN to LAN (Intra LAN)
Multicast Enable
Membership Join
Immediate (IPTV)
Apply Click Apply to save your changes.
Cancel Click Cancel to exit this screen without saving.
Enter a number to limit the number of multicast members a multicast group can
have.
immediately (without sending an IGMP or MLD membership query message) once it
receives an IGMP or MLD message. This is helpful if a user wants to quickly change a
TV channel (multicast group change) especially for IPTV applications.
Select this to enable LAN to LAN IGMP snooping capability.
Select this to have the XMG add a host to a multicast group immediately once the
XMG receives an IGMP or MLD join messages.
XMG3563-B10A User’s Guide
172
14.1 Overview
DSL
Virtual LAN IDs are used to identify different traffic types over the same physical link.
In the following example, the XMG (DSL) can use VLAN IDs (VID) 100 and 200 to identify Video-onDemand and IPTV traffic respectively coming from the two VoD and IPTV multicast servers. The XMG
(DSL) can also tag outgoing requests to these servers with these VLAN IDs.
Figure 95 VLAN Group Example
CHAPTER 14
VLAN Group
14.1.1 What You Can Do in this Chapter
Use these screens to group separate VLAN groups together to be treated as one VLAN group.
14.2 The VLAN Group Screen
Click Network Setting > Vlan Group to open the following screen.
Figure 96 Network Setting > Vlan Group
XMG3563-B10A User’s Guide
173
Chapter 14 VLAN Group
The following table describes the fields in this screen.
Table 70 Network Setting > Vlan Group
LABEL DESCRIPTION
Add New Vlan
Group
# This is the index number of the VLAN group.
Group Name This shows the descriptive name of the VLAN group.
VLAN ID This shows the unique ID number that identifies the VLAN group.
Interfaces This shows the LAN ports included in the VLAN group and if traffic leaving the port will be tagged
Modify Click the Edit icon to change an existing VLAN group setting or click the Delete icon to remove
Click this button to create a new VLAN group.
with the VLAN ID.
the VLAN group.
14.2.1 Add/Edit a VLAN Group
Click the Add New VLAN Group button in the Vlan Group screen to open the following screen. Use this
screen to create a new VLAN group.
Figure 97 Add/Edit VLAN Group
The following table describes the fields in this screen.
Table 71 Add/Edit VLAN Group
LABEL DESCRIPTION
VLAN Group
Name
VLAN ID Enter a unique ID number, from 1 to 4,094, to identify this VLAN group. Outgoing traffic is tagged
LAN 1~5 Select Include to add the associated LAN interface to this VLAN group.
OK Click OK to save your changes back to the XMG.
Cancel Click Cancel to exit this screen without saving.
Enter a name to identify this group. You can enter up to 30 characters. You can use letters,
numbers, hyphens (-) and underscores (_). Spaces are not allowed.
with this ID if Tx Tagging is selected below.
Select Tx Tagging to tag outgoing traffic from the associated LAN port with the VLAN ID number
entered above.
XMG3563-B10A User’s Guide
174
Interface Grouping
DSL
15.1 Overview
By default, all LAN and WAN interfaces on the XMG are in the same group and can communicate with
each other. Create interface groups to have the XMG assign the IP addresses in different domains to
different groups. Each group acts as an independent network on the XMG. This lets devices connected
to an interface group’s LAN interfaces communicate through the interface group’s WAN or LAN
interfaces but not other WAN or LAN interfaces.
15.1.1 What You Can Do in this Chapter
The Interface Grouping screens let you create multiple networks on the XMG (Section 15.2 on page 175).
CHAPTER 15
15.2 The Interface Grouping Screen
You can manually add a LAN interface to a new group. Alternatively, you can have the XMG
automatically add the incoming traffic and the LAN interface on which traffic is received to an
interface group when its DHCP Vendor ID option information matches one listed for the interface group.
Use the LAN screen to configure the private IP addresses the DHCP server on the XMG assigns to the
clients in the default and/or user-defined groups. If you set the XMG to assign IP addresses based on the
client’s DHCP Vendor ID option information, you must enable DHCP server and configure LAN TCP/IP
settings for both the default and user-defined groups. See Chapter 8 on page 111 for more information.
In the following example, the client that sends packets with the DHCP Vendor ID option set to MSFT 5.0
(meaning it is a Windows 2000 DHCP client) is assigned the IP address 192.168.2.2 and uses the WAN
VDSL_PoE/ppp0.1 interface.
Figure 98 Interface Grouping Application
XMG3563-B10A User’s Guide
175
Chapter 15 Interface Grouping
Click Network Setting > Interface Grouping to open the following screen.
Figure 99 Network Setting > Interface Grouping
The following table describes the fields in this screen.
Table 72 Network Setting > Interface Grouping
LABEL DESCRIPTION
Add New
Interface Group
Group Name This shows the descriptive name of the group.
WAN Interface This shows the WAN interfaces in the group.
LAN Interfaces This shows the LAN interfaces in the group.
Criteria This shows the filtering criteria for the group.
Modify Click the Delete icon to remove the group.
Click this button to create a new interface group.
15.2.1 Interface Group Configuration
Click the Add New Interface Group button in the Interface Grouping screen to open the following
screen. Use this screen to create a new interface group.
Note: An interface can belong to only one group at a time.
XMG3563-B10A User’s Guide
176
Chapter 15 Interface Grouping
Figure 100 Interface Group Configuration
The following table describes the fields in this screen.
Table 73 Interface Group Configuration
LABEL DESCRIPTION
Group Name Enter a name to identify this group. You can enter up to 30 characters. You can use letters,
numbers, hyphens (-) and underscores (_). Spaces are not allowed.
WAN Interfaces
used in the
grouping
Selected LAN
Interfaces
Available LAN
Interfaces
Automatically
Add Clients With
the following
DHCP Vendor
IDs
# This shows the index number of the rule.
Select the WAN interface this group uses. The group can have up to one PTM interface, up to
one ATM interface, up to one ETH interface, and and up to one WWAN interface.
Select None to not add a WAN interface to this group.
Select one or more LAN interfaces (Ethernet LAN, HPNA or wireless LAN) on the Available LAN
Interfaces list and use the left arrow to move them to the interface list on the left to add the
interfaces to this group.
To remove a LAN or wireless LAN interface from the interface list on the left, use the right-facing
arrow.
Click Add to identify LAN hosts to add to the interface group by criteria such as the type of the
hardware or firmware. See Section 15.2.2 on page 178 for more information.
XMG3563-B10A User’s Guide
177
Chapter 15 Interface Grouping
Table 73 Interface Group Configuration (continued)
LABEL DESCRIPTION
Filter Criteria This shows the filtering criteria. The LAN interface on which the matched traffic is received will
belong to this group automatically.
WildCard
Support
Modify Click the Modify icon to edit this rule on the XMG.
OK Click OK to save your changes back to the XMG.
Cancel Click Cancel to exit this screen without saving.
This shows if wildcard on DHCP option 60 is enabled.
15.2.2 Interface Grouping Criteria
Click the Add button in the Interface Grouping Configuration screen to open the following screen.
Figure 101 Interface Grouping Criteria
The following table describes the fields in this screen.
Table 74 Interface Grouping Criteria
LABEL DESCRIPTION
Source MAC
Address
DHCP Option 60 Select this option and enter the Vendor Class Identifier (Option 60) of the matched traffic, such
Enable
wildcard
DHCP Option 61 Select this and enter the device identity of the matched traffic.
DHCP Option
125
Enterprise
Number
Manufactur
er OUI
Select this option and enter the source MAC address of the packet.
as the type of the hardware or firmware.
Select this option to be able to use wildcards in the Vendor Class Identifier configured for DHCP
option 60.
Select this and enter vendor specific information of the matched traffic.
Enter the vendor’s 32-bit enterprise number registered with the IANA (Internet Assigned Numbers
Authority).
Specify the vendor’s OUI (Organization Unique Identifier). It is usually the first three bytes of the
MAC address.
XMG3563-B10A User’s Guide
178
Chapter 15 Interface Grouping
Table 74 Interface Grouping Criteria (continued)
LABEL DESCRIPTION
Serial
Number
Product
Class
VLAN Group Select this and the VLAN group of the matched traffic from the drop-down list box.
OK Click OK to save your changes back to the XMG.
Cancel Click Cancel to exit this screen without saving.
Enter the serial number of the device.
Enter the product class of the device.
XMG3563-B10A User’s Guide
179
16.1 Overview
DSL
You can share files on a USB memory stick or hard drive connected to your XMG with users on your
network.
The following figure is an overview of the XMG’s file server feature. Computers A and B can access files
on a USB device (C) which is connected to the XMG.
Figure 102 File Sharing Overview
CHAPTER 16
USB Service
The XMG will not be able to join the workgroup if your local area network has restrictions set up
that do not allow devices to join a workgroup. In this case, contact your network administrator.
16.1.1 What You Can Do in this Chapter
• Use the File Sharing screen to enable file-sharing server (Section 16.1.3 on page 181).
• Use the Media Server screen to enable or disable the sharing of media files (Section 16.3 on page
182).
16.1.2 What You Need To Know
The following terms and concepts may help as you read this chapter.
XMG3563-B10A User’s Guide
180
16.1.2.1 About File Sharing
Workgroup name
This is the name given to a set of computers that are connected on a network and share resources such
as a printer or files. Windows automatically assigns the workgroup name when you set up a network.
Shares
When settings are set to default, each USB device connected to the XMG is given a folder, called a
“share”. If a USB hard drive connected to the XMG has more than one partition, then each partition will
be allocated a share. You can also configure a “share” to be a sub-folder or file on the USB device.
File Systems
A file system is a way of storing and organizing files on your hard drive and storage device. Often
different operating systems such as Windows or Linux have different file systems. The file sharing feature
on your XMG supports File Allocation Table (FAT) and FAT32.
Common Internet File System
Chapter 16 USB Service
The XMG uses Common Internet File System (CIFS) protocol for its file sharing functions. CIFS compatible
computers can access the USB file storage devices connected to the XMG. CIFS protocol is supported
on Microsoft Windows, Linux Samba and other operating systems (refer to your systems specifications for
CIFS compatibility).
16.1.3 Before You Begin
Make sure the XMG is connected to your network and turned on.
1 Connect the USB device to one of the XMG’s USB port. Make sure the XMG is connected to your
network.
2 The XMG detects the USB device and makes its contents available for browsing. If you are connecting a
USB hard drive that comes with an external power supply, make sure it is connected to an appropriate
power source that is on.
Note: If your USB device cannot be detected by the XMG, see the troubleshooting for
suggestions.
16.2 The File Sharing Screen
Use this screen to set up file sharing through the XMG. The XMG’s LAN users can access the shared folder
(or share) from the USB device inserted in the XMG. To access this screen, click Network Setting > USB
Service > File Sharing.
XMG3563-B10A User’s Guide
181
Chapter 16 USB Service
Figure 103 Network Setting > USB Service > File Sharing
Each field is described in the following table.
Table 75 Network Setting > USB Service > File Sharing
LABEL DESCRIPTION
Information
Volume This is the volume name the XMG gives to an inserted USB device.
Capacity This is the total available memory size (in megabytes) on the USB device.
Used Space This is the memory size (in megabytes) already used on the USB device.
Server Configuration
File Sharing
Services
Account Management
Add New User
Active
Status This field shows the status of the user.
Select Enable to activate file sharing through the XMG.
Click this button to access the User Account screen, use this screen to create a new user
account to access the secured shared. For more information see Section 31.2 on page 256.
Select this to allow the user to access the secured shares.
: The user account is not activated for the share.
: The user account is activated for the share.
User Name
Modify Click the Edit icon to modify the user account.
Apply
Cancel Click this to restore your previously saved settings.
This is the name of a user who is allowed to access the secured shares on the USB device.
Click the Delete icon to remove the user account from the XMG.
Click this to save your changes to the XMG.
16.3 The Media Server Screen
The media server feature lets anyone on your network play video, music, and photos from the USB
storage device connected to your XMG (without having to copy them to another computer). The XMG
can function as a DLNA-compliant media server. The XMG streams files to DLNA-compliant media
XMG3563-B10A User’s Guide
182
Chapter 16 USB Service
clients (like Windows Media Player). The Digital Living Network Alliance (DLNA) is a group of personal
computer and electronics companies that works to make products compatible in a home network.
The XMG media server enables you to:
• Publish all shares for everyone to play media files in the USB storage device connected to the XMG.
• Use hardware-based media clients like the DMA-2500 to play the files.
Note: Anyone on your network can play the media files in the published shares. No user name
and password or other form of security is used. The media server is enabled by default
with the video, photo, and music shares published.
To change your XMG’s media server settings, click Network Setting > USB Service > Media Server. The
screen appears as shown.
Figure 104 Network Setting > USB Service > Media Server
The following table describes the labels in this menu.
Table 76 Network Setting > USB Service > Media Server
LABEL DESCRIPTION
Media Server Select Enable to have the XMG function as a DLNA-compliant media server.
Enable the media server to let (DLNA-compliant) media clients on your network play media files
located in the shares.
Interface Select an interface on which you want to enable the media server function.
Media Library
Path
Apply Click Apply to save your changes.
Cancel
Enter the path clients use to access the media files on a USB storage device connected to the
XMG.
Click Cancel to restore your previously saved settings.
XMG3563-B10A User’s Guide
183
17.1 Overview
DSL
This chapter shows you how to enable and configure the XMG’s security settings. Use the firewall to
protect your XMG and network from attacks by hackers on the Internet and control access to it. By
default the firewall:
• allows traffic that originates from your LAN computers to go to all other networks.
• blocks traffic that originates on other networks from going to the LAN.
The following figure illustrates the default firewall action. User A can initiate an IM (Instant Messaging)
session from the LAN to the WAN (1). Return traffic for this session is also allowed (2). However other traffic
initiated from the WAN is blocked (3 and 4).
Figure 105 Default Firewall Action
CHAPTER 17
Firewall
17.1.1 What You Can Do in this Chapter
• Use the General screen to configure the security level of the firewall on the XMG (Section 17.2 on
page 185).
• Use the Protocol screen to add or remove predefined Internet services and configure firewall rules
(Section 17.3 on page 186).
• Use the Access Control screen to view and configure incoming/outgoing filtering rules (Section 17.4
on page 188).
• Use the DoS screen to activate protection against Denial of Service (DoS) attacks (.Section 17.5 on
page 190).
XMG3563-B10A User’s Guide
184
17.1.2 What You Need to Know
SYN Attack
A SYN attack floods a targeted system with a series of SYN packets. Each packet causes the targeted
system to issue a SYN-ACK response. While the targeted system waits for the ACK that follows the SYNACK, it queues up all outstanding SYN-ACK responses on a backlog queue. SYN-ACKs are moved off the
queue only when an ACK comes back or when an internal timer terminates the three-way handshake.
Once the queue is full, the system will ignore all incoming SYN requests, making the system unavailable
for legitimate users.
DoS
Denials of Service (DoS) attacks are aimed at devices and networks with a connection to the Internet.
Their goal is not to steal information, but to disable a device or network so users no longer have access
to network resources. The XMG is pre-configured to automatically detect and thwart all known DoS
attacks.
DDoS
Chapter 17 Firewall
A DDoS attack is one in which multiple compromised systems attack a single target, thereby causing
denial of service for users of the targeted system.
LAND Attack
In a LAND attack, hackers flood SYN packets into the network with a spoofed source IP address of the
target system. This makes it appear as if the host computer sent the packets to itself, making the system
unavailable while the target system tries to respond to itself.
Ping of Death
Ping of Death uses a "ping" utility to create and send an IP packet that exceeds the maximum 65,536
bytes of data allowed by the IP specification. This may cause systems to crash, hang or reboot.
SPI
Stateful Packet Inspection (SPI) tracks each connection crossing the firewall and makes sure it is valid.
Filtering decisions are based not only on rules but also context. For example, traffic from the WAN may
only be allowed to cross the firewall in response to a request from the LAN.
17.2 The Firewall Screen
Use this screen to set the security level of the firewall on the XMG. Firewall rules are grouped based on
the direction of travel of packets to which they apply.
Click Security > Firewall to display the General screen.
XMG3563-B10A User’s Guide
185
Chapter 17 Firewall
Figure 106 Security > Firewall > General
The following table describes the labels in this screen.
Table 77 Security > Firewall > General
LABEL DESCRIPTION
IPv4/IPv6
Firewall
Low Select Low to allow LAN to WAN and WAN to LAN packet directions.
Medium Select Medium to allow LAN to WAN but deny WAN to LAN packet directions.
High Select High to deny LAN to WAN and WAN to LAN packet directions.
Apply Click Apply to save your changes.
Cancel Click Cancel to restore your previously saved settings.
Select Enable to activate the firewall feature on the XMG.
17.3 The Protocol Screen
You can configure customized services and port numbers in the Protocol screen. For a comprehensive
list of port numbers and services, visit the IANA (Internet Assigned Number Authority) website. See
Appendix C on page 308 for some examples.
Click Security > Firewall > Protocol to display the following screen.
Figure 107 Security > Firewall > Protocol
XMG3563-B10A User’s Guide
186
The following table describes the labels in this screen.
Table 78 Security > Firewall > Protocol
LABEL DESCRIPTION
Add New
Protocol Entry
Name This is the name of your customized service.
Description This is the description of your customized service.
Ports/Protocol
Number
Modify Click the Edit icon to edit the entry.
Click this to add a new service.
This shows the IP protocol (TCP, UDP, ICMP, or TCP/UDP) and the port number or range of ports
that defines your customized service. Other and the protocol number displays if the service uses
another IP protocol.
Click the Delete icon to remove this entry.
17.3.1 Add/Edit a Service
Use this screen to add a customized service rule that you can use in the firewall’s ACL rule configuration.
Click Add New Protocol Entry or the edit icon next to an existing service rule in the Protocol screen to
display the following screen.
Chapter 17 Firewall
Figure 108 Security > Firewall > Protocol: Add/Edit
The following table describes the labels in this screen.
Table 79 Security > Firewall > Protocol: Add/Edit
LABEL DESCRIPTION
Service Name Enter a unique name (up to 32 printable English keyboard characters, including spaces) for your
customized port.
Description Enter a description for your customized port.
Protocol Choose the IP protocol (TCP, UDP, ICMP, ICMPv6 or Other) that defines your customized port
from the drop-down list box. Select Other to be able to enter a protocol number.
Source/
Destination Port
Protocol
Number
ICMPv6 Type This field is displayed if you select ICMPv6 as the protocol.
These fields are displayed if you select TCP or UDP as the IP port.
Select Single to specify one port only or Range to specify a span of ports that define your
customized service. If you select Any, the service is applied to all ports.
Type a single port number or the range of port numbers that define your customized service.
This field is displayed if you select Other as the protocol.
Enter the protocol number of your customized port.
Enter the type value for the ICMPv6 messages.
XMG3563-B10A User’s Guide
187
Chapter 17 Firewall
Table 79 Security > Firewall > Protocol: Add/Edit (continued)
LABEL DESCRIPTION
OK Click OK to save your changes.
Cancel Click Cancel to exit this screen without saving.
17.4 The Access Control Screen
Click Security > Firewall > Access Control to display the following screen. This screen displays a list of the
configured incoming or outgoing filtering rules.
Figure 109 Security > Firewall > Access Control
The following table describes the labels in this screen.
Table 80 Security > Firewall > Access Control
LABEL DESCRIPTION
Add New ACL
Rule
# This is the index number of the entry.
Name This displays the name of the rule.
Src IP This displays the source IP addresses to which this rule applies. Please note that a blank source
Dst IP This displays the destination IP addresses to which this rule applies. Please note that a blank
Service This displays the transport layer protocol that defines the service and the direction of traffic to
Action This field displays whether the rule silently discards packets (DROP), discards packets and sends a
Modify Click the Edit icon to edit the rule.
Click this to go to add a filter rule for incoming or outgoing IP traffic.
address is equivalent to Any.
destination address is equivalent to Any.
which this rule applies.
TCP reset packet or an ICMP destination-unreachable message to the sender (REJECT) or allows
the passage of packets (ACCEPT).
Click the Delete icon to delete an existing rule. Note that subsequent rules move up by one
when you take this action.
Click the Move To icon to change the order of the rule. Enter the number in the # field.
17.4.1 Add/Edit an ACL Rule
Click Add new ACL rule or the Edit icon next to an existing ACL rule in the Access Control screen. The
following screen displays.
XMG3563-B10A User’s Guide
188
Figure 110 Access Control: Add/Edit
Chapter 17 Firewall
The following table describes the labels in this screen.
Table 81 Access Control: Add/Edit
LABEL DESCRIPTION
Filter Name Enter a descriptive name of up to 16 alphanumeric characters, not including spaces,
Order Select the order of the ACL rule.
Select Source
Device
Source IP
Address
Select
Destination
Device
Destination IP
Address
IP Type Select whether your IP type is IPv4 or IPv6.
Select Service Select the transport layer protocol that defines your customized port from the drop-down list
Protocol This field is displayed only when you select Specific Protocol in Select Protocol.
underscores, and dashes.
You must enter the filter name to add an ACL rule. This field is read-only if you are editing the
ACL rule.
Select the source device to which the ACL rule applies. If you select Specific IP Address, enter
the source IP address in the field below.
Enter the source IP address.
Select the destination device to which the ACL rule applies. If you select Specific IP Address,
enter the destiniation IP address in the field below.
Enter the destination IP address.
box. The specific protocol rule sets you add in the Security > Firewall > Service > Add screen
display in this list.
If you want to configure a customized protocol, select Specific Service.
Choose the IP port (TCP/UDP, TCP, UDP, ICMP, or ICMPv6) that defines your customized port from
the drop-down list box.
XMG3563-B10A User’s Guide
189
Chapter 17 Firewall
Table 81 Access Control: Add/Edit (continued)
LABEL DESCRIPTION
Custom Source
Port
Custom
Destination Port
Policy Use the drop-down list box to select whether to discard (DROP), deny and send an ICMP
Direction Use the drop-down list box to select the direction of traffic to which this rule applies.
Enable Rate
Limit
Scheduler Rules Select a schedule rule for this ACL rule form the drop-down list box. You can configure a new
OK Click OK to save your changes.
Cancel Click Cancel to exit this screen without saving.
This field is displayed only when you select Specific Protocol in Select Protocol.
Enter a single port number or the range of port numbers of the source.
This field is displayed only when you select Specific Protocol in Select Protocol.
Enter a single port number or the range of port numbers of the destination.
destination-unreachable message to the sender of (REJECT) or allow the passage of (ACCEPT)
packets that match this rule.
Select Enable to set a limit on the upstream/downstream transmission rate for the specified
protocol.
Specify how many packets per minute or second the transmission rate is.
schedule rule by click Add New Rule. This will bring you to the Security > Scheduler Rules screen.
17.5 The DoS Screen
DoS (Denial of Service) attacks can flood your Internet connection with invalid packets and connection
requests, using so much bandwidth and so many resources that Internet access becomes unavailable.
Use the DoS screen to activate protection against DoS attacks. Click Security > Firewall > DoS to display
the following screen.
Figure 111 Security > Firewall > DoS
The following table describes the labels in this screen.
Table 82 Security > Firewall > DoS
LABEL DESCRIPTION
DoS Protection
Blocking
Apply Click Apply to save your changes.
Cancel Click Cancel to exit this screen without saving.
Select Enable to enable protection against DoS attacks.
XMG3563-B10A User’s Guide
190
18.1 Overview
You can configure the XMG to permit access to clients based on their MAC addresses in the MAC Filter
screen. This applies to wired and wireless connections. Every Ethernet device has a unique MAC (Media
Access Control) address. The MAC address is assigned at the factory and consists of six pairs of
hexadecimal characters, for example, 00:A0:C5:00:00:02. You need to know the MAC addresses of the
devices to configure this screen.
18.2 The MAC Filter Screen
Use this screen to allow wireless and LAN clients access to the XMG. Click Security > MAC Filter. The
screen appears as shown.
CHAPTER 18
MAC Filter
Figure 112 Security > MAC Filter
XMG3563-B10A User’s Guide
191
Chapter 18 MAC Filter
The following table describes the labels in this screen.
Table 83 Security > MAC Filter
LABEL DESCRIPTION
MAC Address Filter Select Enable to activate the MAC filter function.
MAC Restrict Mode Select Allow to only permit the listed MAC addresses access to the XMG. Select Deny to
Set This is the index number of the MAC address.
Active Select Active to enable the MAC filter rule. . The rule will not be applied if Active is not
Host Name Enter the host name of the wireless or LAN clients that are allowed access to the XMG.
MAC Address Enter the MAC addresses of the wireless or LAN clients that are allowed access to the XMG
Apply Click Apply to save your changes.
Cancel Click Cancel to restore your previously saved settings.
permit anyone access to the XMG except the listed MAC addresses.
selected.
in these address fields. Enter the MAC addresses in a valid MAC address format, that is, six
hexadecimal character pairs, for example, 12:34:56:78:9a:bc.
XMG3563-B10A User’s Guide
192
Parental Control
19.1 Overview
Parental control allows you to block web sites with the specific URL. You can also define time periods
and days during which the XMG performs parental control on a specific user.
19.2 The Parental Control Screen
Use this screen to enable parental control, view the parental control rules and schedules.
Click Security > Parental Control to open the following screen.
Figure 113 Security > Parental Control
CHAPTER 19
The following table describes the fields in this screen.
Table 84 Security > Parental Control
LABEL DESCRIPTION
General
Parental Control Select Enable to activate parental control.
Parental Control Profile (PCP)
Add New PCP Click this if you want to configure a new Parental Control Profile.
# This shows the index number of the rule.
Status This indicates whether the rule is active or not.
A yellow bulb signifies that this rule is active. A gray bulb signifies that this rule is not active.
PCP Name This shows the name of the rule.
Home Network
User MAC
Internet Access
Schedule
Network Service This shows whether the network service is configured. If not, None will be shown.
This shows the MAC address of the LAN user’s computer to which this rule applies.
This shows the day(s) and time on which parental control is enabled.
XMG3563-B10A User’s Guide
193
Chapter 19 Parental Control
Table 84 Security > Parental Control (continued)
LABEL DESCRIPTION
Website
Blocked
Modify Click the Edit icon to go to the screen where you can edit the rule.
Apply Click Apply to save your changes.
Cancel Click Cancel to restore your previously saved settings.
This shows whether the website block is configured. If not, None will be shown.
Click the Delete icon to delete an existing rule.
19.2.1 Add/Edit a Parental Control Profile
Click Add New PCP in the Parental Control screen to add a new rule or click the Edit icon next to an
existing rule to edit it. Use this screen to configure a restricted access schedule and/or URL filtering
settings to block the users on your network from accessing certain web sites.
Figure 114 Parental Control Rule: Add/Edit Rule
XMG3563-B10A User’s Guide
194
Chapter 19 Parental Control
The following table describes the fields in this screen.
Table 85 Parental Control Rule: Add/Edit
LABEL DESCRIPTION
General
Active Select to enable or disable this parental control rule.
Parental Control
Profile Name
Home Network
User
Rule List In Home Network User, select Custom, enter the LAN user’s MAC address, then click the Add
Internet Access Schedule
Day Select check boxes for the days that you want the XMG to perform parental control.
Time Drag the time bar to define the time that the LAN user is allowed access (Authorized access) or
Network Service
Network Service
Setting
Add New
Service
# This shows the index number of the rule.
Service Name This shows the name of the rule.
Protocol:Port This shows the protocol and the port of the rule.
Modify Click the Edit icon to go to the screen where you can edit the rule.
Site/URL Keyword
Block or Allow
the Web Site
Add Click Add to show a screen to enter the URL of web site or URL keyword to which the XMG blocks
# This shows the index number of the rule.
WebSite This shows the URL of web site or URL keyword to which the XMG blocks or allows access.
Modify Click the Edit icon to go to the screen where you can edit the rule.
Enter a descriptive name for the rule.
Select the LAN user that you want to apply this rule to from the drop-down list box. If you select
Custom, enter the LAN user’s MAC address. If you select All, the rule applies to all LAN users.
icon to enter a computer MAC address for this PCP. Up to five are allowed. Click the Delete icon
to remove one.
denied access (No access). Click the Add icon above the time bar to add a new time bar. Up
to three are allowed.
If you select Block, the XMG prohibits the users from viewing the Web sites with the URLs listed
below.
If you select Allow, the XMG blocks access to all URLs except ones listed below.
Click this to show a screen in which you can add a new service rule. You can configure the
Service Name, Protocol, and Name of the new rule.
Click the Delete icon to delete an existing rule.
If you select Block the Web URLs, the XMG prohibits the users from viewing the Web sites with the
URLs listed below.
If you select Allow the Web URLs, the XMG blocks access to all URLs except ones listed below.
or allows access.
Click the Delete icon to delete an existing rule.
XMG3563-B10A User’s Guide
195
Chapter 19 Parental Control
Table 85 Parental Control Rule: Add/Edit (continued)
LABEL DESCRIPTION
Redirect
blocked site to
Zyxel Family
Safety page
OK Click OK to save your changes.
Cancel Click Cancel to exit this screen without saving.
Select this to redirect users who access any blocked websites listed above to the Zyxel Family
Safety page as shown next.
Figure 115 Zyxel Family Safety Page Example
Click Security > Parental Control > Add/Edit Rule > Add New Service to open the following screen.
Figure 116 Parental Control Rule: Add/Edit Rule > Add New Service
The following table describes the fields in this screen.
Table 86 Parental Control Rule: Add/Edit Rule > Add New Service
LABEL DESCRIPTION
Service Name Select the name of the service. Otherwise, select User Define and manualy specify
Protocol Select the transport layer protocol used for the service. Choices are TCP, UDP, or TCP
Port Enter the port of the service.
OK Click OK to save your changes.
Cancel Click Cancel to exit this screen without saving.
the protocol and the port of the service.
If you have chosen a pre-defined service in the Service Name field, this field will not
be configurable.
& UDP.
If you have chosen a pre-defined service in the Service Name field, this field will not
be configurable.
Click Security > Parental Control > Add/Edit Rule > Add Keyword to open the following screen.
XMG3563-B10A User’s Guide
196
Chapter 19 Parental Control
Figure 117 Parental Control Rule: Add/Edit Rule > Add Keyword
The following table describes the fields in this screen.
Table 87 Parental Control Rule: Add/Edit Rule > Add Keyword
LABEL DESCRIPTION
Site/URL Keyword Enter a keyword and click OK to have the XMG to block access to the website URLs
OK Click OK to save your changes.
Cancel Click Cancel to exit this screen without saving.
that contain the keyword
XMG3563-B10A User’s Guide
197
Scheduler Rule
20.1 Overview
You can define time periods and days during which the XMG performs scheduled rules of certain
features (such as Firewall Access Control) in the Scheduler Rule screen.
20.2 The Scheduler Rule Screen
Use this screen to view, add, or edit time schedule rules.
Click Security > Scheduler Rule to open the following screen.
Figure 118 Security > Scheduler Rule
CHAPTER 20
The following table describes the fields in this screen.
Table 88 Security > Scheduler Rule
LABEL DESCRIPTION
Add New Rule Click this to create a new rule.
# This is the index number of the entry.
Rule Name This shows the name of the rule.
Day This shows the day(s) on which this rule is enabled.
Time This shows the period of time on which this rule is enabled.
Description This shows the description of this rule.
Modify Click the Edit icon to edit the schedule.
Click the Delete icon to delete a scheduler rule.
Note: You cannot delete a scheduler rule once it is applied to a certain feature.
20.2.1 Add/Edit a Schedule
Click the Add New Rule button in the Scheduler Rule screen or click the Edit icon next to a schedule rule
to open the following screen. Use this screen to configure a restricted access schedule.
XMG3563-B10A User’s Guide
198
Chapter 20 Scheduler Rule
Figure 119 Scheduler Rule: Add/Edit
The following table describes the fields in this screen.
Table 89 Scheduler Rule: Add/Edit
LABEL DESCRIPTION
Rule Name Enter a name (up to 31 printable English keyboard characters, not including spaces) for this
schedule.
Day Select check boxes for the days that you want the XMG to perform this scheduler rule.
Time of Day
Range
Description Enter a description for this scheduler rule.
OK Click OK to save your changes.
Cancel Click Cancel to exit this screen without saving.
Enter the time period of each day, in 24-hour format, during which the rule will be enforced.
XMG3563-B10A User’s Guide
199
CHAPTER 21
Certificates
21.1 Overview
The XMG can use certificates (also called digital IDs) to authenticate users. Certificates are based on
public-private key pairs. A certificate contains the certificate owner’s identity and public key.
Certificates provide a way to exchange public keys for use in authentication.
21.2 What You Can Do in this Chapter
• Use the Local Certificates screen to generate certification requests and import the XMG's CA-signed
certificates (Section 21.5 on page 204).
• Use the Trusted CA screen to save the certificates of trusted CAs to the XMG (Section 21.5 on page
204).
21.3 What You Need to Know
The following terms and concepts may help as you read through this chapter.
Certification Authority
A Certification Authority (CA) issues certificates and guarantees the identity of each certificate owner.
There are commercial certification authorities like CyberTrust or VeriSign and government certification
authorities. The certification authority uses its private key to sign certificates. Anyone can then use the
certification authority's public key to verify the certificates. You can use the XMG to generate
certification requests that contain identifying information and public keys and then send the
certification requests to a certification authority.
21.4 The Local Certificates Screen
Click Security > Certificates to open the Local Certificates screen. This is the XMG’s summary list of
certificates and certification requests.
XMG3563-B10A User’s Guide
200
Chapter 21 Certificates
Figure 120 Security > Certificates > Local Certificates
The following table describes the labels in this screen.
Table 90 Security > Certificates > Local Certificates
LABEL DESCRIPTION
Private Key is
protected by a
password
Choose File Click this to find the certificate file you want to upload.
Import Certificate Click this button to save the certificate that you have enrolled from a certification authority
Create Certificate
Request
Current File This field displays the name used to identify this certificate. It is recommended that you give
Subject This field displays identifying information about the certificate’s owner, such as CN (Common
Issuer This field displays identifying information about the certificate’s issuing certification authority,
Valid From This field displays the date that the certificate becomes applicable. The text displays in red
Valid To This field displays the date that the certificate expires. The text displays in red and includes an
Modify Click the View icon to open a screen with an in-depth list of information about the certificate
Select the checkbox and enter the private key into the text box to store it on the XMG. The
private key should not exceed 63 ASCII characters (not including spaces).
from your computer to the XMG.
Click this button to go to the screen where you can have the XMG generate a certification
request.
each certificate a unique name.
Name), OU (Organizational Unit or department), O (Organization or company) and C
(Country). It is recommended that each certificate have unique subject information.
such as a common name, organizational unit or department, organization or company and
country.
and includes a Not Yet Valid! message if the certificate has not yet become applicable.
Expiring! or Expired! message if the certificate is about to expire or has already expired.
(or certification request).
For a certification request, click Load Signed to import the signed certificate.
Click the Remove icon to delete the certificate (or certification request). You cannot delete a
certificate that one or more features is configured to use.
21.4.1 Create Certificate Request
Click Security > Certificates > Local Certificates and then Create Certificate Request to open the
following screen. Use this screen to have the XMG generate a certification request.
XMG3563-B10A User’s Guide
201
Chapter 21 Certificates
Figure 121 Create Certificate Request
The following table describes the labels in this screen.
Table 91 Create Certificate Request
LABEL DESCRIPTION
Certificate
Name
Common Name Select Auto to have the XMG configure this field automatically. Or select Customize to enter it
Type up to 63 ASCII characters (not including spaces) to identify this certificate.
manually.
Type the IP address (in dotted decimal notation), domain name or e-mail address in the field
provided. The domain name or e-mail address can be up to 63 ASCII characters. The domain
name or e-mail address is for identification purposes only and can be any string.
Organization
Name
State/Province
Name
Country/Region
Name
Apply Click Apply to save your changes.
Cancel Click Cancel to exit this screen without saving.
Type up to 63 characters to identify the company or group to which the certificate owner
belongs. You may use any character, including spaces, but the XMG drops trailing spaces.
Type up to 32 characters to identify the state or province where the certificate owner is located.
You may use any character, including spaces, but the XMG drops trailing spaces.
Select a country to identify the nation where the certificate owner is located.
After you click Apply, the following screen displays to notify you that you need to get the certificate
request signed by a Certificate Authority. If you already have, click Load_Signed to import the signed
certificate into the XMG. Otherwise click Back to return to the Local Certificates screen.
XMG3563-B10A User’s Guide
202
Chapter 21 Certificates
Figure 122 Certificate Request Created
21.4.2 Load Signed Certificate
After you create a certificate request and have it signed by a Certificate Authority, in the Local
Certificates screen click the certificate request’s Load Signed icon to import the signed certificate into
the XMG.
Note: You must remove any spaces from the certificate’s filename before you can import it.
Figure 123 Load Signed Certificate
XMG3563-B10A User’s Guide
203
Chapter 21 Certificates
The following table describes the labels in this screen.
Table 92 Load Signed Certificate
LABEL DESCRIPTION
Certificate
Name
Certificate Copy and paste the signed certificate into the text box to store it on the XMG.
Apply Click Apply to save your changes.
Cancel Click Cancel to exit this screen without saving.
This is the name of the signed certificate.
21.5 The Trusted CA Screen
Click Security > Certificates > Trusted CA to open the following screen. This screen displays a summary list
of certificates of the certification authorities that you have set the XMG to accept as trusted. The XMG
accepts any valid certificate signed by a certification authority on this list as being trustworthy; thus you
do not need to import any certificate that is signed by one of these certification authorities.
Figure 124 Security > Certificates > Trusted CA
The following table describes the fields in this screen.
Table 93 Security > Certificates > Trusted CA
LABEL DESCRIPTION
Import
Certificate
# This is the index number of the entry.
Name This field displays the name used to identify this certificate.
Subject This field displays information that identifies the owner of the certificate, such as Common Name
Type This field displays general information about the certificate. ca means that a Certification
Modify Click the View icon to open a screen with an in-depth list of information about the certificate (or
Click this button to open a screen where you can save the certificate of a certification authority
that you trust to the XMG.
(CN), OU (Organizational Unit or department), Organization (O), State (ST) and Country (C). It is
recommended that each certificate have unique subject information.
Authority signed the certificate.
certification request).
Click the Remove button to delete the certificate (or certification request). You cannot delete a
certificate that one or more features is configured to use.
21.5.1 View Trusted CA Certificate
Click the View icon in the Trusted CA screen to open the following screen. Use this screen to view indepth information about the certification authority’s certificate.
XMG3563-B10A User’s Guide
204
Chapter 21 Certificates
Figure 125 Trusted CA: View
The following table describes the fields in this screen.
Table 94 Trusted CA: View
LABEL DESCRIPTION
Name This field displays the identifying name of this certificate.
Type This field displays general information about the certificate. ca means that a Certification
Subject This field displays information that identifies the owner of the certificate, such as Common Name
Certificate This read-only text box displays the certificate in Privacy Enhanced Mail (PEM) format. PEM uses
Back Click Back to return to the previous screen.
Authority signed the certificate.
(CN), Organizational Unit (OU), Organization (O) and Country (C).
base 64 to convert the binary certificate into a printable form.
You can copy and paste the certificate into an e-mail to send to friends or colleagues or you
can copy and paste the certificate into a text editor and save the file on a management
computer for later distribution (via floppy disk for example).
21.5.2 Import Trusted CA Certificate
Click the Import Certificate button in the Trusted CA screen to open the following screen. The XMG trusts
any valid certificate signed by any of the imported trusted CA certificates.
XMG3563-B10A User’s Guide
205
Chapter 21 Certificates
Figure 126 Trusted CA: Import Certificate
The following table describes the fields in this screen.
Table 95 Trusted CA: Import Certificate
LABEL DESCRIPTION
Certificate File
Path
Apply Click Apply to save your changes.
Cancel Click Cancel to exit this screen without saving.
Type in the location of the certificate you want to upload in this field or click Choose File to find
it.
XMG3563-B10A User’s Guide
206
22.1 Overview
Use this chapter to:
• Connect an analog phone to the XMG.
• Make phone calls over the Internet, as well as the regular phone network.
• Configure settings such as speed dial.
• Configure network settings to optimize the voice quality of your phone calls.
22.1.1 What You Can Do in this Chapter
These screens allow you to configure your XMG to make phone calls over the Internet and your regular
phone line, and to set up the phones you connect to the XMG.
CHAPTER 22
VoIP
• Use the SIP Account screen () to set up information about your SIP account, control which SIP
accounts the phones connected to the XMG use and configure audio settings such as volume levels
for the phones connected to the XMG.
• Use the SIP Service Provider screen () to configure the SIP server information, QoS for VoIP calls, the
numbers for certain phone functions, and dialing plan.
• Use the Phone Device screen () to view detailed information of the XMG’s phone ports.
• Use the Region screen () to change settings that depend on the country you are in.
• Use the Call Rule screen () to set up shortcuts for dialing frequently-used (VoIP) phone numbers.
You don’t necessarily need to use all these screens to set up your account. In fact, if your service
provider did not supply information on a particular field in a screen, it is usually best to leave it at its
default setting.
22.1.2 What You Need to Know About VoIP
VoIP
VoIP stands for Voice over IP. IP is the Internet Protocol, which is the message-carrying standard the
Internet runs on. So, Voice over IP is the sending of voice signals (speech) over the Internet (or another
network that uses the Internet Protocol).
SIP
SIP stands for Session Initiation Protocol. SIP is a signalling standard that lets one network device (like a
computer or the XMG) send messages to another. In VoIP, these messages are about phone calls over
XMG3563-B10A User’s Guide
207
the network. For example, when you dial a number on your XMG, it sends a SIP message over the
network asking the other device (the number you dialed) to take part in the call.
SIP Accounts
A SIP account is a type of VoIP account. It is an arrangement with a service provider that lets you make
phone calls over the Internet. When you set the XMG to use your SIP account to make calls, the XMG is
able to send all the information about the phone call to your service provider on the Internet. Strictly
speaking, you don’t need a SIP account. It is possible for one SIP device (like the XMG) to call another
without involving a SIP service provider. However, the networking difficulties involved in doing this make
it tremendously impractical under normal circumstances. Your SIP account provider removes these
difficulties by taking care of the call routing and setup - figuring out how to get your call to the right
place in a way that you and the other person can talk to one another.
22.2 Before You Begin
• Before you can use these screens, you need to have a VoIP account already set up. If you don’t
have one yet, you can sign up with a VoIP service provider over the Internet.
• You should have the information your VoIP service provider gave you ready, before you start to
configure the XMG.
Chapter 22 VoIP
22.3 The SIP Account Screen
The XMG uses a SIP account to make outgoing VoIP calls and check if an incoming call’s destination
number matches your SIP account’s SIP number. In order to make or receive a VoIP call, you need to
enable and configure a SIP account, and map it to a phone port. The SIP account contains information
that allows your VMG to connect to your VoIP service provider.
See Section 21.3.1 on page 219 for how to map a SIP account to a phone port.
Use this screen to view SIP account information. You can also enable and disable each SIP account. To
access this screen, click VoIP > SIP > SIP Account.
Figure 127 VoIP > SIP > SIP Account
The following table describes the labels in this screen.
Table 96 VoIP > SIP > SIP Account
LABEL DESCRIPTION
Add New Account Click this to configure a SIP account.
# This is the index number of the entry.
XMG3563-B10A User’s Guide
208
Chapter 22 VoIP
Table 96 VoIP > SIP > SIP Account
LABEL DESCRIPTION
Enable This shows whether the SIP account is activated or not.
A yellow bulb signifies that this SIP account is activated. A gray bulb signifies that this
SIP account is not activated.
SIP Account This shows the name of the SIP account.
Service Provider This shows the name of the SIP service provider.
Account Number This shows the SIP number.
Modify Click the Edit icon to configure the SIP account.
Click the Delete icon to delete this SIP account from the XMG.
22.3.1 The SIP Account Add/Edit Screen
Use this screen to configure a SIP account and map it to a phone port. To access this screen, click the
Add New Account button or click the Edit icon of an entry in the VoIP > SIP > SIP Account screen.
XMG3563-B10A User’s Guide
209
Chapter 22 VoIP
Figure 128 VoIP > SIP > SIP Account > Add New Account/Edit
XMG3563-B10A User’s Guide
210
Chapter 22 VoIP
Each field is described in the following table.
Table 97 VoIP > SIP > SIP Account > Add New Account/Edit
LABEL DESCRIPTION
SIP Account Selection
SIP Account
Selection
SIP Service Provider Association
SIP Account
Associated with
General
Enable SIP
Account
SIP Account
Number
Authentication
Username Enter the user name for registering this SIP account, exactly as it was given to you. You can use
Password Enter the user name for registering this SIP account, exactly as it was given to you. You can use
URL Type
URL Type Select whether or not to include the SIP service domain name when the XMG sends the SIP
Voice Features
Primary
Compression Type
Secondary
Compression Type
Third Compression
Type
This field displays ADD_NEW if you are creating a new SIP account or the SIP account you are
modifying.
Select the SIP service provider profile to use for the SIP account you are configuring in this
screen. This field is read-only when you are modifying a SIP account.
Select this if you want the XMG to use this account. Clear it if you do not want the XMG to use
this account.
Enter your SIP number. In the full SIP URI, this is the part before the @ symbol. You can use up to
127 printable ASCII characters.
up to 95 printable ASCII characters.
up to 95 printable ASCII Extended set characters.
number.
SIP - include the SIP service domain name.
TEL - do not include the SIP service domain name.
Select the type of voice coder/decoder (codec) that you want the XMG to use.
G.711 provides high voice quality but requires more bandwidth (64 kbps). G.711 is the default
codec used by phone companies and digital handsets.
• G.711a is typically used in Europe.
• G.711u is typically used in North America and Japan.
G.726-24 operates at 24 kbps.
G.726-32 operates at 32 kbps.
Speaking Volume
Control
Listening Volume
Control
G.722 is a 7 KHz wideband voice codec that operates at 48, 56 and 64 kbps. By using a
sample rate of 16 kHz, G.722 can provide higher fidelity and better audio quality than
narrowband codecs like G.711, in which the voice signal is sampled at 8 KHz.
The XMG must use the same codec as the peer. When two SIP devices start a SIP session, they
must agree on a codec.
Select the XMG’s first choice for voice coder/decoder.
Select the XMG’s second choice for voice coder/decoder. Select None if you only want the
XMG to accept the first choice.
Select the XMG’s third choice for voice coder/decoder. Select None if you only want the
XMG to accept the first or second choice.
Select the loudness that the XMG uses for speech that it sends to the peer device.
-12 is the quietest, and 12 is the loudest.
Select the loudness that the XMG uses for speech that it receives from the peer device.
-12 is the quietest, and 12 is the loudest.
XMG3563-B10A User’s Guide
211
Chapter 22 VoIP
Table 97 VoIP > SIP > SIP Account > Add New Account/Edit (continued)
LABEL DESCRIPTION
Enable G.168
(Echo
Cancellation)
Enable VAD
(Voice Active
Detector)
Call Features
Send Caller ID Select this if you want to send identification when you make VoIP phone calls. Clear this if you
Enable Call
Transfer
Enable Call
Waiting
Call Waiting
Reject Timer
Enable
Unconditional
Forward
Enable Busy
Forward
Select this if you want to eliminate the echo caused by the sound of your voice reverberating
in the telephone receiver while you talk.
Select this if the XMG should stop transmitting when you are not speaking. This reduces the
bandwidth the XMG uses.
do not want to send identification.
Select this to enable call transfer on the XMG. This allows you to transfer an incoming call (that
you have answered) to another phone.
Select this to enable call waiting on the XMG. This allows you to place a call on hold while you
answer another incoming call on the same telephone number.
Specify a time of seconds that the XMG waits before rejecting the second call if you do not
answer it.
Select this if you want the XMG to forward all incoming calls to the specified phone number.
Specify the phone number in the To Number field on the right.
Select this if you want the XMG to forward incoming calls to the specified phone number if the
phone port is busy.
Specify the phone number in the To Number field on the right.
If you have call waiting, the incoming call is forwarded to the specified phone number if you
reject or ignore the second incoming call.
Enable No Answer
Forward
No Answer Time This field is used by the Active No Answer Forward feature.
Enable Do Not
Disturb (DND)
Active Incoming
Anonymous Call
Block
Enable MWI
(Message Waiting
Indication)
MWI Subscribe
Expiration Time
Hot Line / Warm
Line Number
Warm Line Select this to have the XMG dial the specified warm line number after you pick up the
Hot Line Select this to have the XMG dial the specified hot line number immediately when you pick up
Hot Line / Warm
Line Number
Select this if you want the XMG to forward incoming calls to the specified phone number if the
call is unanswered. (See No Answer Time.)
Specify the phone number in the To Number field on the right.
Enter the number of seconds the XMG should wait for you to answer an incoming call before it
considers the call is unanswered.
Select this to set your phone to not ring when someone calls you.
Select this if you do not want the phone to ring when someone tries to call you with caller ID
deactivated.
Select this if you want to hear a waiting (beeping) dial tone on your phone when you have at
least one voice message. Your VoIP service provider must support this feature.
Keep the default value for this field, unless your VoIP service provider tells you to change it.
Enter the number of seconds the SIP server should provide the message waiting service each
time the XMG subscribes to the service. Before this time passes, the XMG automatically
subscribes again.
Select this to enable the hot line or warm line feature on the XMG.
telephone and do not press any keys on the keypad for a period of time.
the telephone.
Enter the number of the hot line or warm line that you want the XMG to dial.
XMG3563-B10A User’s Guide
212
Chapter 22 VoIP
Table 97 VoIP > SIP > SIP Account > Add New Account/Edit (continued)
LABEL DESCRIPTION
Warm Line Timer Enter a number of seconds that the XMG waits before dialing the warm line number if you pick
up the telephone and do not press any keys on the keypad.
Enable Missed Call
E-mail Notification
Mail Account
Send
Notification to
E-mail
Missed Call Email Title
Early Media
IVR Play Index Select the tone you want people to hear when they call you.
Music On Hold
IVR Play Index Select the tone to play when you put someone on hold.
Select this option to have the XMG e-mail you a notification when there is a missed call.
Select a mail account for the e-mail address specified below. If you select None here, e-mail
notifications will not be sent via e-mail.
You must have configured a mail account already in the E-mail Notification screen.
Notifications are sent to the e-mail address specified in this field. If this field is left blank,
notifications will not be sent via e-mail.
Type a title that you want to be in the subject line of the e-mail notifications that the XMG
sends.
Select this option if you want people to hear a customized recording when they call you.
This field is configurable only when you select Early Media. See Section 22.10 on page 222 for
information on how to record these tones.
Select this option to play a customized recording when you put people on hold.
This field is configurable only when you select Music On Hold. See Section 22.10 on page 222
for information on how to record these tones.
Apply
Cancel Click this to set every field in this screen to its last-saved value.
Click this to save your changes and to apply them to the XMG.
22.4 The SIP Service Provider Screen
Use this screen to view the SIP service provider information on the XMG. Click VoIP > SIP > SIP Service
Provider to open the following screen.
Figure 129 VoIP > SIP > SIP Service Provider
Each field is described in the following table.
Table 98 VoIP > SIP > SIP Service Provider
LABEL DESCRIPTION
Add New Provider Click this to configure a new service provider on the XMG.
# This is the index number of the entry.
SIP Service
Provider Name
SIP Proxy Server
Address
This shows the name of the SIP service provider.
This shows the IP address or domain name of the SIP server.
XMG3563-B10A User’s Guide
213
Chapter 22 VoIP
Table 98 VoIP > SIP > SIP Service Provider (continued)
LABEL DESCRIPTION
REGISTER Server
Address
SIP Service
Domain
Modify Click the Edit icon to configure the SIP service provider.
This shows the IP address or domain name of the SIP register server.
This shows the SIP service domain name.
Click the Delete icon to delete this SIP service provider from the XMG.
22.4.1 The SIP Service Provider Add/Edit Screen
Use this screen to configure a SIP service provider on the XMG. Click the Add New Provider button or an
Edit icon in the VoIP > SIP > SIP Service Provider to open the following screen.
Note: Click more to see all the fields in the screen. You don’t necessarily need to use all these
fields to set up your account. Click less to see and configure only the fields needed for
this feature.
XMG3563-B10A User’s Guide
214
Chapter 22 VoIP
Figure 130 VoIP > SIP > SIP Service Provider > Add New Provider/Edit
XMG3563-B10A User’s Guide
215
Chapter 22 VoIP
Each field is described in the following table.
Table 99 VoIP > SIP > SIP Service Provider > Add New Provider/Edit
LABEL DESCRIPTION
SIP Service Provider Selection
Service Provider
Selection
General
SIP Service
Provider
SIP Service
Provider Name
SIP Local Port Enter the XMG’s listening port number, if your VoIP service provider gave you one. Otherwise,
SIP Proxy Server
Address
SIP Proxy Server
Port
SIP REGISTRAR
Server Address
SIP REGISTRAR
Server Port
SIP Service
Domain
RFC Support
PRACK (RFC
3262, Require:
100rel)
VoIP IOP Flags Select the VoIP inter-operability settings you want to activate.
Replace dial
digit '#' to '%23'
in SIP messages
Remove the
'Route' header
in SIP messages
Bound Interface Name
Bound Interface
Name
Outbound Proxy
Outbound Proxy
Address
Outbound Proxy
Port
Select the SIP service provider profile you want to use for the SIP account you configure in this
screen. If you change this field, the screen automatically refreshes.
Select this to enable the SIP service provider.
Enter the name of your SIP service provider.
keep the default value.
Enter the IP address or domain name of the SIP server provided by your VoIP service provider.
You can use up to 95 printable ASCII characters. It does not matter whether the SIP server is a
proxy, redirect or register server.
Enter the SIP server’s listening port number, if your VoIP service provider gave you one.
Otherwise, keep the default value.
Enter the IP address or domain name of the SIP register server, if your VoIP service provider gave
you one. Otherwise, enter the same address you entered in the SIP Server Address field. You can
use up to 95 printable ASCII characters.
Enter the SIP register server’s listening port number, if your VoIP service provider gave you one.
Otherwise, enter the same port number you entered in the SIP Server Port field.
Enter the SIP service domain name. In the full SIP URI, this is the part after the @ symbol. You can
use up to 127 printable ASCII Extended set characters.
PRACK (RFC 3262) defines a mechanism to provide reliable transmission of SIP provisional
response messages, which convey information on the processing progress of the request. This
uses the option tag 100rel and the Provisional Response ACKnowledgement (PRACK) method.
Select this to have the the peer device require the option tag 100rel to send provisional
responses reliably.
Replace a dial digit “#” with “%23” in the INVITE messages.
Remove the 'Route' header in SIP packets.
If you select Any_WAN, the XMG automatically activates the VoIP service when any WAN
connection is up.
If you select MultiWAN, you also need to select two or more pre-configured WAN interfaces. The
VoIP service is activated only when one of the selected WAN connections is up.
Enter the IP address or domain name of the SIP outbound proxy server if your VoIP service
provider has a SIP outbound server to handle voice calls. This allows the XMG to work with any
type of NAT router and eliminates the need for STUN or a SIP ALG. Turn off any SIP ALG on a NAT
router in front of the XMG to keep it from re-translating the IP address (since this is already
handled by the outbound proxy server).
Enter the SIP outbound proxy server’s listening port, if your VoIP service provider gave you one.
Otherwise, keep the default value.
XMG3563-B10A User’s Guide
216
Chapter 22 VoIP
Table 99 VoIP > SIP > SIP Service Provider > Add New Provider/Edit (continued)
LABEL DESCRIPTION
Use DHCP
Option 120 First
RTP Port Range
Start Port
End Port
SRTP Support
SRTP Support
Select this to enable the SIP server via DHCP option 120.
Enter the listening port number(s) for RTP traffic, if your VoIP service provider gave you this
information. Otherwise, keep the default values.
To enter one port number, enter the port number in the Start Port and End Port fields.
To enter a range of ports,
• enter the port number at the beginning of the range in the Start Port field.
• enter the port number at the end of the range in the End Port field.
When you make a VoIP call using SIP, the Real-time Transport Protocol (RTP) is used to handle
voice data transfer. The Secure Real-time Transport Protocol (SRTP) is a security profile of RTP. It is
designed to provide encryption and authentication for the RTP data in both unicast and
multicast applications.
The XMG supports encryption using AES with a 128-bit key. To protect data integrity, SRTP uses a
Hash-based Message Authentication Code (HMAC) calculation with Secure Hash Algorithm
(SHA)-1 to authenticate data. HMAC SHA-1 produces a 80 or 32-bit authentication tag that is
appended to the packet.
Both the caller and callee should use the same algorithms to establish an SRTP session.
Crypto Suite
DTMF Mode
DTMF Mode
Transport Type
Transport Type
Ignore Direct IP Select Enable to have the connected CPE devices accept SIP requests only from the SIP proxy/
FAX Option This field controls how the XMG handles fax messages.
G711 Fax
Passthrough
T38 Fax Relay Select this if the XMG should send fax messages as UDP or TCP/IP packets through IP networks.
QoS Tag
Select the encryption and authentication algorithm set used by the XMG to set up an SRTP
media session with the peer device.
Select AES_CM_128_HMAC_SHA1_80 or AES_CM_128_HMAC_SHA1_32 to enable both data
encryption and authentication for voice data.
Select AES_CM_128_NULL to use 128-bit data encryption but disable data authentication.
Select NULL_CIPHER_HMAC_SHA1_80 to disable encryption but require authentication using the
default 80-bit tag.
Control how the XMG handles the tones that your telephone makes when you push its buttons.
You should use the same mode your VoIP service provider uses.
RFC2833 - send the DTMF tones in RTP packets.
PCM - send the DTMF tones in the voice data stream. This method works best when you are using
a codec that does not use compression (like G.711). Codecs that use compression (like G.729
and G.726) can distort the tones.
SIP INFO - send the DTMF tones in SIP messages.
Select the transport layer protocol UDP or TCP (usually UDP) used for SIP.
register server specified above. SIP requests sent from other IP addresses will be ignored.
Select this if the XMG should use G.711 to send fax messages. You have to also select which
operating codec (G.711Mulaw or G.711Alaw) to use for encoding/decoding FAX data. The
peer devices must use the same settings.
This provides better quality, but it may have inter-operability problems. The peer devices must
also use T.38.
XMG3563-B10A User’s Guide
217
Chapter 22 VoIP
Table 99 VoIP > SIP > SIP Service Provider > Add New Provider/Edit (continued)
LABEL DESCRIPTION
SIP DSCP Mark
Setting
RTP DSCP Mark
Setting
Timer Setting
SIP Register
Expiration
Duration
SIP Register Fail
Re-try timer
Session Expires
(SE)
Min-SE Enter the minimum number of seconds the XMG lets a SIP session remain idle (without traffic)
Dialing Interval Selection
Dialing Interval
Selection
DNS SRV
Enable DNS SRV
Enter the DSCP (DiffServ Code Point) number for SIP message transmissions. The XMG creates
Class of Service (CoS) priority tags with this number to SIP traffic that it transmits.
Enter the DSCP (DiffServ Code Point) number for RTP voice transmissions. The XMG creates Class
of Service (CoS) priority tags with this number to RTP traffic that it transmits.
Enter the number of seconds your SIP account is registered with the SIP register server before it is
deleted. The XMG automatically tries to re-register your SIP account when one-half of this time
has passed. (The SIP register server might have a different expiration.)
Enter the number of seconds the XMG waits before it tries again to register the SIP account, if the
first try failed or if there is no response.
Enter the number of seconds the XMG lets a SIP session remain idle (without traffic) before it
automatically disconnects the session.
before it automatically disconnects the session. When two SIP devices start a SIP session, they
must agree on an expiration time for idle sessions. This field is the shortest expiration time that the
XMG accepts.
Enter the number of seconds the XMG should wait after you stop dialing numbers before it
makes the phone call. The value depends on how quickly you dial phone numbers.
Select this to have the XMG use DNS procedures to resolve the SIP domain and find the SIP
server’s IP address, port number and supported transport protocol(s).
The XMG first uses DNS Name Authority Pointer (NAPTR) records to determine the transport
protocols supported by the SIP server. It then performs DNS Service (SRV) query to determine the
port number for the protocol. The XMG resolves the SIP server’s IP address by a standard DNS
address record lookup.
The SIP Server Port and REGISTER Server Port fields in the General section above are grayed out
and not applicable and the Transport Type can also be set to AUTO if you enable this option.
Apply
Cancel Click Cancel to restore your previously saved settings.
Click Apply to save your changes.
22.5 The Phone Device Screen
Use this screen to view detailed information of the XMG’s phone ports. To access this screen, click VoIP >
Phone > Phone Device.
Figure 131 VoIP > Phone > Phone Device
XMG3563-B10A User’s Guide
218
Chapter 22 VoIP
Each field is described in the following table.
Table 100 VoIP > Phone > Phone Device
LABEL DESCRIPTION
# This displays the index number of the phone device.
Phone ID This field displays the name of a phone port on the XMG.
Internal Number This field displays the internal call prefix of a phone port on the XMG.
Incoming SIP
Number
Outgoing SIP
Number
Modify
This field displays the SIP number that you use to receive calls on this phone port.
This field displays the SIP number that you use to make calls on this phone port.
Click the Edit icon to configure the SIP account.
22.5.1 The Phone Device Edit Screen
Use this screen to control which SIP account and PSTN line each phone uses. Click an Edit icon in the
VoIP > Phone > Phone Device to open the following screen.
Figure 132 VoIP > Phone > Phone Device > Edit
Each field is described in the following table.
Table 101 VoIP > Phone > Phone Device > Edit
LABEL DESCRIPTION
SIP Account to
Make Outgoing
Call
SIP Account(s) to
Receive
Incomming Call
Select the SIP account you want to use when making outgoing calls with the analog phone
connected to this phone port.
Select a SIP account if you want to receive phone calls for the selected SIP account on this
phone port.
If you select more than one SIP account for incoming calls, there is no way to distinguish
between them when you receive phone calls. If you do not select a source for incoming calls,
you cannot receive any calls on this phone port.
XMG3563-B10A User’s Guide
219
Table 101 VoIP > Phone > Phone Device > Edit
LABEL DESCRIPTION
Immediate Dial
Enable
OK
Cancel Click Cancel to exit this screen without saving.
Select this if you want to use the pound key (#) to tell the XMG to make the phone call
immediately, instead of waiting the number of seconds you selected in the Dialing Interval
Selection field of the VoIP > SIP > SIP Service Provider > Add New Provider/Edit screen.
If you select this, dial the phone number, and then press the pound key. The XMG makes the
call immediately, instead of waiting. You can still wait, if you want.
Click OK to save your changes.
22.6 The Region Screen
Use this screen to maintain settings that depend on which region of the world the XMG is in. To access
this screen, click VoIP > Region.
Figure 133 VoIP > Region
Chapter 22 VoIP
Each field is described in the following table.
Table 102 VoIP > Region
LABEL DESCRIPTION
Region Settings Select the place in which the XMG is located.
Call Service Mode Select the mode for supplementary phone services (call hold, call waiting, call transfer and
Apply
Cancel Click this to set every field in this screen to its last-saved value.
three-way conference calls) that your VoIP service provider supports.
Europe Type - use supplementary phone services in European mode
USA Type - use supplementary phone services American mode
You might have to subscribe to these services to use them. Contact your VoIP service
provider.
Click this to save your changes and to apply them to the XMG.
22.7 The Call Rule Screen
Use this screen to add, edit, or remove speed-dial numbers for outgoing calls. Speed dial provides
shortcuts for dialing frequently-used (VoIP) phone numbers. You also have to create speed-dial entries if
you want to call SIP numbers that contain letters. Once you have configured a speed dial rule, you can
use a shortcut (the speed dial number, #01 for example) on your phone's keypad to call the phone
number.
XMG3563-B10A User’s Guide
220
Chapter 22 VoIP
Figure 134 VoIP > Call Rule
Each field is described in the following table.
Table 103 VoIP > Call Rule
LABEL DESCRIPTION
Clear All Speed
Dials
Keys This field displays the speed-dial number you should dial to use this entry.
Number Enter the SIP number you want the XMG to call when you dial the speed-dial number.
Description Enter a name to identify the party you call when you dial the speed-dial number. You can use
Apply
Cancel Click this to set every field in this screen to its last-saved value.
Click this to erase all the speed-dial entries on this screen.
up to 127 printable ASCII characters.
Click this to save your changes and to apply them to the XMG.
22.8 The Call History Screen
Use this screen to see detailed information for each outgoing call made. Click VoIP > Call History to
open the following screen.
Figure 135 VoIP > Call History
XMG3563-B10A User’s Guide
221
Chapter 22 VoIP
The following table describes the labels in this screen.
Table 104 VoIP > Call History
LABEL DESCRIPTION
Classify Select the type of calls you want to view in the dialed called list.
Clear List Click this button to remove all entries from the dialed called list.
Refresh Click this button to renew the dialed called list.
Type This displays the type of call it is: Incoming, Outgoing, or Missed.
Date This is the date when the call was made.
Name
Number This displays the phone number from which the call was made.
Phone Device
Outgoing Number This displays the phone number to which the call was made.
Duration (hh:mm:ss) This displays how long the call lasted.
Modify Click the Export button to extract a document containing the dialed called list.
22.9 The Call Summary Screen
The XMG logs calls from or to your SIP numbers. This screen allows you to view the summary of received,
dialed and missed calls. Click VoIP > Call History > Call Summary to open the following screen.
Figure 136 VoIP > Call History > Call Summary
The following table describes the labels in this screen.
Table 105 VoIP > Call History > Call Summary
LABEL DESCRIPTION
Refresh Click this button to renew the call history list.
Clear All Click this button to remove all entries from the call history list.
Date This is the date when the calls were made.
Total Calls This displays the total number of calls from or to your SIP numbers that day.
Outgoing Calls This displays how many calls originated from you that day.
Incoming Calls This displays how many calls you received that day.
Missing Calls This displays how many incoming calls were not answered that day.
Total Duration (hh:mm:ss) This displays how long all calls lasted that day,
22.10 Technical Reference
This section contains background material relevant to the VoIP screens.
XMG3563-B10A User’s Guide
222
Chapter 22 VoIP
VoIP
VoIP is the sending of voice signals over Internet Protocol. This allows you to make phone calls and send
faxes over the Internet at a fraction of the cost of using the traditional circuit-switched telephone
network. You can also use servers to run telephone service applications like PBX services and voice mail.
Internet Telephony Service Provider (ITSP) companies provide VoIP service.
Circuit-switched telephone networks require 64 kilobits per second (Kbps) in each direction to handle a
telephone call. VoIP can use advanced voice coding techniques with compression to reduce the
required bandwidth.
SIP
The Session Initiation Protocol (SIP) is an application-layer control (signaling) protocol that handles the
setting up, altering and tearing down of voice and multimedia sessions over the Internet.
SIP signaling is separate from the media for which it handles sessions. The media that is exchanged
during the session can use a different path from that of the signaling. SIP handles telephone calls and
can interface with traditional circuit-switched telephone networks.
SIP Identities
A SIP account uses an identity (sometimes referred to as a SIP address). A complete SIP identity is called
a SIP URI (Uniform Resource Identifier). A SIP account's URI identifies the SIP account in a way similar to
the way an e-mail address identifies an e-mail account. The format of a SIP identity is SIP-Number@SIPService-Domain.
SIP Number
The SIP number is the part of the SIP URI that comes before the “@” symbol. A SIP number can use letters
like in an e-mail address (johndoe@your-ITSP.com for example) or numbers like a telephone number
(1122334455@VoIP-provider.com for example).
SIP Service Domain
The SIP service domain of the VoIP service provider is the domain name in a SIP URI. For example, if the
SIP address is 1122334455@VoIP-provider.com
, then “VoIP-provider.com” is the SIP service domain.
SIP Registration
Each XMG is an individual SIP User Agent (UA). To provide voice service, it has a public IP address for SIP
and RTP protocols to communicate with other servers.
A SIP user agent has to register with the SIP registrar and must provide information about the users it
represents, as well as its current IP address (for the routing of incoming SIP requests). After successful
registration, the SIP server knows that the users (identified by their dedicated SIP URIs) are represented by
the UA, and knows the IP address to which the SIP requests and responses should be sent.
Registration is initiated by the User Agent Client (UAC) running in the VoIP gateway (the XMG). The
gateway must be configured with information letting it know where to send the REGISTER message, as
well as the relevant user and authorization data.
XMG3563-B10A User’s Guide
223
Chapter 22 VoIP
A SIP registration has a limited lifespan. The User Agent Client must renew its registration within this
lifespan. If it does not do so, the registration data will be deleted from the SIP registrar's database and
the connection broken.
The XMG attempts to register all enabled subscriber ports when it is switched on. When you enable a
subscriber port that was previously disabled, the XMG attempts to register the port immediately.
Authorization Requirements
SIP registrations (and subsequent SIP requests) require a username and password for authorization. These
credentials are validated via a challenge / response system using the HTTP digest mechanism (as
detailed in RFC 3261, "SIP: Session Initiation Protocol").
SIP Servers
SIP is a client-server protocol. A SIP client is an application program or device that sends SIP requests. A
SIP server responds to the SIP requests.
When you use SIP to make a VoIP call, it originates at a client and terminates at a server. A SIP client
could be a computer or a SIP phone. One device can act as both a SIP client and a SIP server.
SIP User Agent
A SIP user agent can make and receive VoIP telephone calls. This means that SIP can be used for peerto-peer communications even though it is a client-server protocol. In the following figure, either A or B
can act as a SIP user agent client to initiate a call. A and B can also both act as a SIP user agent to
receive the call.
Figure 137 SIP User Agent
SIP Proxy Server
A SIP proxy server receives requests from clients and forwards them to another server.
In the following example, you want to use client device A to call someone who is using client device C.
1 The client device (A in the figure) sends a call invitation to the SIP proxy server (B).
2 The SIP proxy server forwards the call invitation to C.
XMG3563-B10A User’s Guide
224
Figure 138 SIP Proxy Server
Chapter 22 VoIP
SIP Redirect Server
A SIP redirect server accepts SIP requests, translates the destination address to an IP address and sends
the translated IP address back to the device that sent the request. Then the client device that originally
sent the request can send requests to the IP address that it received back from the redirect server.
Redirect servers do not initiate SIP requests.
In the following example, you want to use client device A to call someone who is using client device C.
1 Client device A sends a call invitation for C to the SIP redirect server (B).
2 The SIP redirect server sends the invitation back to A with C’s IP address (or domain name).
3 Client device A then sends the call invitation to client device C.
XMG3563-B10A User’s Guide
225
Figure 139 SIP Redirect Server
Chapter 22 VoIP
SIP Register Server
A SIP register server maintains a database of SIP identity-to-IP address (or domain name) mapping. The
register server checks your user name and password when you register.
RTP
When you make a VoIP call using SIP, the RTP (Real time Transport Protocol) is used to handle voice data
transfer. See RFC 1889 for details on RTP.
Pulse Code Modulation
Pulse Code Modulation (PCM) measures analog signal amplitudes at regular time intervals and converts
them into bits.
SIP Call Progression
The following figure displays the basic steps in the setup and tear down of a SIP call. A calls B.
Table 106 SIP Call Progression
A B
1. INVITE
2. Ringing
4. ACK
3. OK
XMG3563-B10A User’s Guide
226
Chapter 22 VoIP
DSL
DSL
UA1
UA2
Proxy 1
Proxy 2
Table 106 SIP Call Progression (continued)
A B
5.Dialogue (voice traffic)
6. BYE
7. OK
1 A sends a SIP INVITE request to B. This message is an invitation for B to participate in a SIP telephone call.
2 B sends a response indicating that the telephone is ringing.
3 B sends an OK response after the call is answered.
4 A then sends an ACK message to acknowledge that B has answered the call.
5 Now A and B exchange voice media (talk).
6 After talking, A hangs up and sends a BYE request.
7 B replies with an OK response confirming receipt of the BYE request and the call is terminated.
SIP Call Progression Through Proxy Servers
Usually, the SIP UAC sets up a phone call by sending a request to the SIP proxy server. Then, the proxy
server looks up the destination to which the call should be forwarded (according to the URI requested
by the SIP UAC). The request may be forwarded to more than one proxy server before arriving at its
destination.
The response to the request goes to all the proxy servers through which the request passed, in reverse
sequence. Once the session is set up, session traffic is sent between the UAs directly, bypassing all the
proxy servers in between.
The following figure shows the SIP and session traffic flow between the user agents (UA 1 and UA 2) and
the proxy servers (this example shows two proxy servers, PROXY 1 and PROXY 2).
Figure 140 SIP Call Through Proxy Servers
XMG3563-B10A User’s Guide
227
Chapter 22 VoIP
The following table shows the SIP call progression.
Table 107 SIP Call Progression
UA 1 PROXY 1 PROXY 2 UA 2
Invite
Invite
100 Trying Invite
100 Trying
180 Ringing
180 Ringing
180 Ringing
200 OK
200 OK
ACK
RTP RTP
200 OK
200 OK
BYE
1 User Agent 1 sends a SIP INVITE request to Proxy 1. This message is an invitation to User Agent 2 to
participate in a SIP telephone call. Proxy 1 sends a response indicating that it is trying to complete the
request.
2 Proxy 1 sends a SIP INVITE request to Proxy 2. Proxy 2 sends a response indicating that it is trying to
complete the request.
3 Proxy 2 sends a SIP INVITE request to User Agent 2.
4 User Agent 2 sends a response back to Proxy 2 indicating that the phone is ringing. The response is
relayed back to User Agent 1 via Proxy 1.
5 User Agent 2 sends an OK response to Proxy 2 after the call is answered. This is also relayed back to User
Agent 1 via Proxy 1.
6 User Agent 1 and User Agent 2 exchange RTP packets containing voice data directly, without involving
the proxies.
7 When User Agent 2 hangs up, he sends a BYE request.
8 User Agent 1 replies with an OK response confirming receipt of the BYE request, and the call is
terminated.
Voice Coding
A codec (coder/decoder) codes analog voice signals into digital signals and decodes the digital
signals back into analog voice signals. The XMG supports the following codecs.
• G.711 is a Pulse Code Modulation (PCM) waveform codec. PCM measures analog signal amplitudes
at regular time intervals and converts them into digital samples. G.711 provides very good sound
quality but requires 64 kbps of bandwidth.
XMG3563-B10A User’s Guide
228
Chapter 22 VoIP
• G.726 is an Adaptive Differential PCM (ADPCM) waveform codec that uses a lower bitrate than
standard PCM conversion. ADPCM converts analog audio into digital signals based on the difference
between each audio sample and a prediction based on previous samples. The more similar the
audio sample is to the prediction, the less space needed to describe it. G.726 operates at 16, 24, 32 or
40 kbps.
• G.729 is an Analysis-by-Synthesis (AbS) hybrid waveform codec that uses a filter based on information
about how the human vocal tract produces sounds. G.729 provides good sound quality and reduces
the required bandwidth to 8 kbps.
Voice Activity Detection/Silence Suppression
Voice Activity Detection (VAD) detects whether or not speech is present. This lets the XMG reduce the
bandwidth that a call uses by not transmitting “silent packets” when you are not speaking.
Comfort Noise Generation
When using VAD, the XMG generates comfort noise when the other party is not speaking. The comfort
noise lets you know that the line is still connected as total silence could easily be mistaken for a lost
connection.
Echo Cancellation
G.168 is an ITU-T standard for eliminating the echo caused by the sound of your voice reverberating in
the telephone receiver while you talk.
MWI (Message Waiting Indication)
Enable Message Waiting Indication (MWI) enables your phone to give you a message–waiting
(beeping) dial tone when you have a voice message(s). Your VoIP service provider must have a
messaging system that sends message waiting status SIP packets as defined in RFC 3842.
Custom Tones (IVR)
IVR (Interactive Voice Response) is a feature that allows you to use your telephone to interact with the
XMG. The XMG allows you to record custom tones for the Early Media and Music On Hold functions. The
same recordings apply to both the caller ringing and on hold tones.
Table 108 Custom Tones Details
LABEL DESCRIPTION
Total Time for All Tones 900 seconds for all custom tones combined
Maximum Time per Individual
Tone
Total Number of Tones
Recordable
180 seconds
5
You can record up to 5 different custom tones but the total time must be 900
seconds or less.
Recording Custom Tones
Use the following steps if you would like to create new tones or change your tones:
XMG3563-B10A User’s Guide
229
Chapter 22 VoIP
1 Pick up the phone and press “****” on your phone’s keypad and wait for the message that says you are
in the configuration menu.
2 Press a number from 1101~1105 on your phone followed by the “#” key.
3 Play your desired music or voice recording into the receiver’s mouthpiece. Press the “#” key.
4 You can continue to add, listen to, or delete tones, or you can hang up the receiver when you are
done.
Listening to Custom Tones
Do the following to listen to a custom tone:
1 Pick up the phone and press “****” on your phone’s keypad and wait for the message that says you are
in the configuration menu.
2 Press a number from 1201~1208 followed by the “#” key to listen to the tone.
3 You can continue to add, listen to, or delete tones, or you can hang up the receiver when you are
done.
Deleting Custom Tones
Do the following to delete a custom tone:
1 Pick up the phone and press “****” on your phone’s keypad and wait for the message that says you are
in the configuration menu.
2 Press a number from 1301~1308 followed by the “#” key to delete the tone of your choice. Press 14
followed by the “#” key if you wish to clear all your custom tones.
You can continue to add, listen to, or delete tones, or you can hang up the receiver when you are
done.
22.10.1 Quality of Service (QoS)
Quality of Service (QoS) refers to both a network's ability to deliver data with minimum delay, and the
networking methods used to provide bandwidth for real-time multimedia applications.
Type of Service (ToS)
Network traffic can be classified by setting the ToS (Type of Service) values at the data source (for
example, at the XMG) so a server can decide the best method of delivery, that is the least cost, fastest
route and so on.
DiffServ
DiffServ is a class of service (CoS) model that marks packets so that they receive specific per-hop
treatment at DiffServ-compliant network devices along the route based on the application types and
traffic flow. Packets are marked with DiffServ Code Points (DSCP) indicating the level of service desired.
XMG3563-B10A User’s Guide
230
Chapter 22 VoIP
This allows the intermediary DiffServ-compliant network devices to handle the packets differently
depending on the code points without the need to negotiate paths or remember state information for
every flow. In addition, applications do not have to request a particular service or give advanced
notice of where the traffic is going.
3
DSCP and Per-Hop Behavior
DiffServ defines a new DS (Differentiated Services) field to replace the Type of Service (TOS) field in the IP
header. The DS field contains a 2-bit unused field and a 6-bit DSCP field which can define up to 64
service levels. The following figure illustrates the DS field.
DSCP is backward compatible with the three precedence bits in the ToS octet so that non-DiffServ
compliant, ToS-enabled network device will not conflict with the DSCP mapping.
Figure 141 DiffServ: Differentiated Service Field
DSCP
(6-bit)
The DSCP value determines the forwarding behavior, the PHB (Per-Hop Behavior), that each packet
gets across the DiffServ network. Based on the marking rule, different kinds of traffic can be marked for
different priorities of forwarding. Resources can then be allocated according to the DSCP values and
the configured policies.
Unused
(2-bit)
22.10.2 Phone Services Overview
Supplementary services such as call hold, call waiting, and call transfer. are generally available from
your VoIP service provider. The XMG supports the following services:
• Call Return
• Call Hold
• Call Waiting
• Making a Second Call
• Call Transfer
• Call Forwarding
• Three-Way Conference
• Internal Calls
• Call Park and Pickup
• Do not Disturb
•IVR
• Call Completion
•CCBS
• Outgoing SIP
3. The XMG does not support DiffServ at the time of writing.
XMG3563-B10A User’s Guide
231
Chapter 22 VoIP
Note: To take full advantage of the supplementary phone services available through the
XMG's phone ports, you may need to subscribe to the services from your VoIP service
provider.
22.10.2.1 The Flash Key
Flashing means to press the hook for a short period of time (a few hundred milliseconds) before releasing
it. On newer telephones, there should be a "flash" key (button) that generates the signal electronically. If
the flash key is not available, you can tap (press and immediately release) the hook by hand to achieve
the same effect. However, using the flash key is preferred since the timing is much more precise. With
manual tapping, if the duration is too long, it may be interpreted as hanging up by the XMG.
You can invoke all the supplementary services by using the flash key.
22.10.2.2 Europe Type Supplementary Phone Services
This section describes how to use supplementary phone services with the Europe Type Call Service
Mode. Commands for supplementary services are listed in the table below.
After pressing the flash key, if you do not issue the sub-command before the default sub-command
timeout (2 seconds) expires or issue an invalid sub-command, the current operation will be aborted.
Table 109 European Flash Key Commands
COMMAND SUB-COMMAND DESCRIPTION
Flash Put a current call on hold to place a second call.
Switch back to the call (if there is no second call).
Flash 0 Drop the call presently on hold or reject an incoming call which is waiting for
Flash 1 Disconnect the current phone connection and answer the incoming call or
Flash 2 1. Switch back and forth between two calls.
Flash 3 Create three-way conference connection.
Flash *98# Transfer the call to another phone.
answer.
resume with caller presently on hold.
2. Put a current call on hold to answer an incoming call.
3. Separate the current three-way conference call into two individual calls
(one is on-line, the other is on hold).
European Call Hold
Call hold allows you to put a call (A) on hold by pressing the flash key.
If you have another call, press the flash key and then “2” to switch back and forth between caller A and
B by putting either one on hold.
Press the flash key and then “0” to disconnect the call presently on hold and keep the current call on
line.
Press the flash key and then “1” to disconnect the current call and resume the call on hold.
If you hang up the phone but a caller is still on hold, there will be a remind ring.
XMG3563-B10A User’s Guide
232
Chapter 22 VoIP
European Call Waiting
This allows you to place a call on hold while you answer another incoming call on the same telephone
(directory) number.
If there is a second call to a telephone number, you will hear a call waiting tone. Take one of the
following actions.
• Reject the second call.
Press the flash key and then press “0”.
• Disconnect the first call and answer the second call.
Either press the flash key and press “1”, or just hang up the phone and then answer the phone after it
rings.
• Put the first call on hold and answer the second call.
Press the flash key and then “2”.
European Call Transfer
Do the following to transfer an incoming call (that you have answered) to another phone.
1 Press the flash key to put the caller on hold.
2 When you hear the dial tone, dial “*98#” followed by the number to which you want to transfer the call.
3 After you hear the ring signal or the second party answers it, hang up the phone.
European Three-Way Conference
Use the following steps to make three-way conference calls.
1 When you are on the phone talking to someone, press the flash key to put the caller on hold and get a
dial tone.
2 Dial a phone number directly to make another call.
3 When the second call is answered, press the flash key and press “3” to create a three-way conversation.
4 Hang up the phone to drop the connection.
5 If you want to separate the activated three-way conference into two individual connections (one is on-
line, the other is on hold), press the flash key and press “2”.
22.10.2.3 USA Type Supplementary Services
This section describes how to use supplementary phone services with the USA Type Call Service Mode.
Commands for supplementary services are listed in the table below.
XMG3563-B10A User’s Guide
233
Chapter 22 VoIP
After pressing the flash key, if you do not issue the sub-command before the default sub-command
timeout (2 seconds) expires or issue an invalid sub-command, the current operation will be aborted.
Table 110 USA Flash Key Commands
COMMAND SUB-COMMAND DESCRIPTION
Flash Put a current call on hold to place a second call. After the second call is
Flash *98# Transfer the call to another phone.
successful, press the flash key again to have a three-way conference call.
Put a current call on hold to answer an incoming call.
USA Call Hold
Call hold allows you to put a call (A) on hold by pressing the flash key.
If you have another call, press the flash key to switch back and forth between caller A and B by putting
either one on hold.
If you hang up the phone but a caller is still on hold, there will be a remind ring.
USA Call Waiting
This allows you to place a call on hold while you answer another incoming call on the same telephone
(directory) number.
If there is a second call to your telephone number, you will hear a call waiting tone.
Press the flash key to put the first call on hold and answer the second call.
USA Call Transfer
Do the following to transfer an incoming call (that you have answered) to another phone.
1 Press the flash key to put the caller on hold.
2 When you hear the dial tone, dial “*98#” followed by the number to which you want to transfer the call.
3 After you hear the ring signal or the second party answers it, hang up the phone.
USA Three-Way Conference
Use the following steps to make three-way conference calls.
1 When you are on the phone talking to someone (party A), press the flash key to put the caller on hold
and get a dial tone.
2 Dial a phone number directly to make another call (to party B).
3 When party B answers the second call, press the flash key to create a three-way conversation.
4 Hang up the phone to drop the connection.
XMG3563-B10A User’s Guide
234
5 If you want to separate the activated three-way conference into two individual connections (with party
A on-line and party B on hold), press the flash key.
6 If you want to go back to the three-way conversation, press the flash key again.
7 If you want to separate the activated three-way conference into two individual connections again,
press the flash key. This time the party B is on-line and party A is on hold.
22.10.2.4 Phone Functions Summary
The following table shows the key combinations you can enter on your phone’s keypad to use certain
features.
Table 111 Phone Functions Summary
ACTION FUNCTION DESCRIPTION
*98# Call transfer Transfer a call to another phone. See Section 22.10.2.2 on page 232
*66# Call return Place a call to the last person who called you.
*95# Enable Do Not Disturb Use these to set your phone not to ring when someone calls you, or to
#95# Disable Do Not Disturb
*41# Enable Call Waiting Use these to allow you to put a call on hold when you are answering
#41# Disable Call Waiting
**** IVR
#### Internal Call
*82 One Shot Caller Display Call Activate or deactivate caller ID for the next call only.
*67 One Shot Caller Hidden Call
Chapter 22 VoIP
(Europe type) and Section 22.10.2.3 on page 233 (USA type).
turn this function off.
another, or to turn this function off.
Use these to set up Interactive Voice Response (IVR). IVR allows you to
record custom caller ringing tones (the sound a caller hears before you
pick up the phone) and on hold tones (the sound someone hears when
you put their call on hold).
Call the phone(s) connected to the XMG.
XMG3563-B10A User’s Guide
235
23.1 Overview
The web configurator allows you to choose which categories of events and/or alerts to have the XMG
log and then display the logs or have the XMG send them to an administrator (as e-mail) or to a syslog
server.
23.1.1 What You Can Do in this Chapter
• Use the System Log screen to see the system logs (Section 23.2 on page 237).
• Use the Security Log screen to see the security-related logs for the categories that you select (Section
23.3 on page 237).
23.1.2 What You Need To Know
CHAPTER 23
Log
The following terms and concepts may help as you read this chapter.
Alerts and Logs
An alert is a type of log that warrants more serious attention. They include system errors, attacks (access
control) and attempted access to blocked web sites. Some categories such as System Errors consist of
both logs and alerts. You may differentiate them by their color in the View Log screen. Alerts display in
red and logs display in black.
Syslog Overview
The syslog protocol allows devices to send event notification messages across an IP network to syslog
servers that collect the event messages. A syslog-enabled device can generate a syslog message and
send it to a syslog server.
Syslog is defined in RFC 3164. The RFC defines the packet format, content and system log related
information of syslog messages. Each syslog message has a facility and severity level. The syslog facility
identifies a file in the syslog server. Refer to the documentation of your syslog program for details. The
following table describes the syslog severity levels.
Table 112 Syslog Severity Levels
CODE SEVERITY
0 Emergency: The system is unusable.
1 Alert: Action must be taken immediately.
2 Critical: The system condition is critical.
3 Error: There is an error condition on the system.
4 Warning: There is a warning condition on the system.
XMG3563-B10A User’s Guide
236
Chapter 23 Log
Table 112 Syslog Severity Levels
CODE SEVERITY
5 Notice: There is a normal but significant condition on the system.
6 Informational: The syslog contains an informational message.
7 Debug: The message is intended for debug-level purposes.
23.2 The System Log Screen
Use the System Log screen to see the system logs. Click System Monitor > Log to open the System Log
screen.
Figure 142 System Monitor > Log > System Log
The following table describes the fields in this screen.
Table 113 System Monitor > Log > System Log
LABEL DESCRIPTION
Level Select a severity level from the drop-down list box. This filters search results according to the
severity level you have selected. When you select a severity, the XMG searches through all logs
of that severity or higher.
Category Select the type of logs to display.
Clear Log Click this to delete all the logs.
Refresh Click this to renew the log screen.
Export Log Click this to export the selected log(s).
Email Log Now Click this to send the log file(s) to the E-mail address you specify in the Maintenance > Logs
# This field is a sequential value and is not associated with a specific entry.
Time This field displays the time the log was recorded.
Facility The log facility allows you to send logs to different files in the syslog server. Refer to the
Level This field displays the severity level of the log that the device is to send to this syslog server.
Category This field displays the type of the log.
Messages This field states the reason for the log.
Setting screen.
documentation of your syslog program for more details.
23.3 The Security Log Screen
Use the Security Log screen to see the security-related logs for the categories that you select. Click
System Monitor > Log > Security Log to open the following screen.
XMG3563-B10A User’s Guide
237
Chapter 23 Log
Figure 143 System Monitor > Log > Security Log
The following table describes the fields in this screen.
Table 114 System Monitor > Log > Security Log
LABEL DESCRIPTION
Level Select a severity level from the drop-down list box. This filters search results according to the
severity level you have selected. When you select a severity, the XMG searches through all logs
of that severity or higher.
Category Select the type of logs to display.
Clear Log Click this to delete all the logs.
Refresh Click this to renew the log screen.
Export Log Click this to export the selected log(s).
E-mail Log Now Click this to send the log file(s) to the E-mail address you specify in the Maintenance > Logs
# This field is a sequential value and is not associated with a specific entry.
Time This field displays the time the log was recorded.
Facility The log facility allows you to send logs to different files in the syslog server. Refer to the
Level This field displays the severity level of the log that the device is to send to this syslog server.
Category This field displays the type of the log.
Messages This field states the reason for the log.
Setting screen.
documentation of your syslog program for more details.
XMG3563-B10A User’s Guide
238
24.1 Overview
Use the Traffic Status screens to look at network traffic status and statistics of the WAN, LAN interfaces
and NAT.
24.1.1 What You Can Do in this Chapter
• Use the WAN screen to view the WAN traffic statistics (Section 24.2 on page 239).
• Use the LAN screen to view the LAN traffic statistics (Section 24.3 on page 240).
• Use the NAT screen to view the NAT status of the XMG’s client(s) (Section 24.4 on page 241)
CHAPTER 24
Traffic Status
24.2 The WAN Status Screen
Click System Monitor > Traffic Status to open the WAN screen. The figure in this screen shows the number
of bytes received and sent on the XMG.
Figure 144 System Monitor > Traffic Status > WAN
XMG3563-B10A User’s Guide
239
Chapter 24 Traffic Status
The following table describes the fields in this screen.
Table 115 System Monitor > Traffic Status > WAN
LABEL DESCRIPTION
Refresh Interval Select how often you want the XMG to update this screen.
Connected
Interface
Packets Sent
Data This indicates the number of transmitted packets on this interface.
Error This indicates the number of frames with errors transmitted on this interface.
Drop This indicates the number of outgoing packets dropped on this interface.
Packets Received
Data This indicates the number of received packets on this interface.
Error This indicates the number of frames with errors received on this interface.
Drop This indicates the number of received packets dropped on this interface.
Disabled
Interface
Packets Sent
Data This indicates the number of transmitted packets on this interface.
Error This indicates the number of frames with errors transmitted on this interface.
Drop This indicates the number of outgoing packets dropped on this interface.
Packets Received
Data This indicates the number of received packets on this interface.
Error This indicates the number of frames with errors received on this interface.
Drop This indicates the number of received packets dropped on this interface.
This shows the name of the WAN interface that is currently connected.
Click more... to show more information. Click hide more to hide them.
This shows the name of the WAN interface that is currently disconnected.
24.3 The LAN Status Screen
Click System Monitor > Traffic Status > LAN to open the following screen. The figure in this screen shows
the interface that is currently connected on the XMG.
Figure 145 System Monitor > Traffic Status > LAN
XMG3563-B10A User’s Guide
240
Chapter 24 Traffic Status
The following table describes the fields in this screen.
Table 116 System Monitor > Traffic Status > LAN
LABEL DESCRIPTION
Refresh Interval Select how often you want the XMG to update this screen.
Interface This shows the LAN or WLAN interface.
Bytes Sent This indicates the number of bytes transmitted on this interface.
Bytes Received This indicates the number of bytes received on this interface.
Interface This shows the LAN or WLAN interfaces.
Sent (Packets)
Data This indicates the number of transmitted packets on this interface.
Error This indicates the number of frames with errors transmitted on this interface.
Drop This indicates the number of outgoing packets dropped on this interface.
Received (Packets)
Data This indicates the number of received packets on this interface.
Error This indicates the number of frames with errors received on this interface.
Drop This indicates the number of received packets dropped on this interface.
24.4 The NAT Status Screen
Click System Monitor > Traffic Status > NAT to open the following screen. The figure in this screen shows
the NAT session statistics for hosts currently connected on the XMG.
Figure 146 System Monitor > Traffic Status > NAT
The following table describes the fields in this screen.
Table 117 System Monitor > Traffic Status > NAT
LABEL DESCRIPTION
Refresh Interval Select how often you want the XMG to update this screen.
Device Name This displays the name of the connected host.
IPv4 Address This displays the IPv4 address of the connected host.
MAC Address This displays the MAC address of the connected host.
No. of Open
Session
Total This displays what percentage of NAT sessions the XMG can support is currently being used by
This displays the number of NAT sessions currently opened for the connected host.
all connected hosts. You can also see the number of active NAT sessions and the maximum
number of NAT sessions the XMG can support.
XMG3563-B10A User’s Guide
241
Chapter 25 VoIP Status
25.1 The VoIP Status Screen
Click System Monitor > VoIP Status to open the following screen. You can view the VoIP registration,
current call status and phone numbers in this screen.
Figure 147 System Monitor > VoIP Status
CHAPTER 25
VoIP Status
The following table describes the labels in this screen.
Table 118 System Monitor > VoIP Status
LABEL DESCRIPTION
Poll Interval(s) Enter the number of seconds the XMG needs to wait before updating this screen and then click
Set Interval. Click Stop to have the XMG stop updating this screen.
SIP Status
Account This column displays the index of each SIP account that has already configured in the XMG.
XMG3563-B10A User’s Guide
242
Chapter 25 VoIP Status
Table 118 System Monitor > VoIP Status (continued)
LABEL DESCRIPTION
Registration This field displays the current registration status of the SIP account.Registered - The SIP account is
activated and has registered with a SIP server.
Unregistered - The XMG is activated and triesto register the SIP account with the SIP server, the
attempt fails. A registration auto-recovery mechanism should be activated so that the XMG will
automatically try to register the SIP account again after a period of time, and you can activate
it in VoIP > SIP > SIP Service Provider > Edit > SIP Register Fail Re-Try Timer. The XMG will recover to
Registered state until the Register button in the Connection Status > Status page is pressed.
Disabled - The SIP account is not active. You have to make sure the corresponding SIP Service
Provider and SIP Account are both enabled for proper activation. You can activate them in
VoIP > SIP > SIP Service Provider > Edit > Enable SIP Service Provider and VoIP > SIP > SIP Account
> Edit > Enable SIP Account.
Registration
Time
URI This field displays the account number and service domain of the SIP account, which is used to
Message
Waiting
Last Incoming
Number
Last Outgoing
Number
This field displays the last time the XMG successfully registered the SIP account on the SIP server.
The field is blank if the SIP has not yet successfully registered this account.
identify the SIP account on the SIP server. You can change these in the VoIP > SIP > SIP Service
Provider > Edit > SIP Service Domain and VoIP > SIP > SIP Account > Edit > SIP Account Number.
This field indicates whether or not (Yes or No is displayed here, respectively) there are any new
voice messages leaving on the SIP server and waiting to be read. You have to enable the MWI
function in the VoIP >SIP > SIP Account > Edit > Enable MWI, and the SIP server should also
support the voice mailbox function.
Regardless of the status of the incoming call to this local SIP account, this field will display the SIP
account number of the remote peer at the last incoming VoIP call.
Regardless of the status of the outgoing call, this field will display the last phone number you
dialed to make an outgoing VoIP call via this SIP account,
Note: The dialed number is recorded in this field only during the outgoing (SIP-based)
call setup signaling procedure. If you dial numbers and on-hook quickly as well
as making the outgoing call before the outgoing (SIP-based) call signaling
procedure starts, the numbers you dial here will not be recorded.
Call Status (This table displays the status of all active and ongoing calls. If there are no active or ongoing calls, this
table will be blank.)
Account For the current VoIP call categorized as Outgoing Call or Incoming Call in the Call Type field, this
field displays the SIP account number used in the current VoIP call. For the current VoIP call
categorized as Internal Call, this field displays the local internal phone number of the calloriginating phone port.
Duration This field displays how long the current VoIP call has lasted.
Note: The time calculation starts from the beginning of the call setup signaling
procedure, rather than the moment when the call is successfully established.
XMG3563-B10A User’s Guide
243
Chapter 25 VoIP Status
Table 118 System Monitor > VoIP Status (continued)
LABEL DESCRIPTION
Status This field displays the current call progress or call process state of the VoIP phone call.
Calling - This state is only associated with the call categorized as Outgoing Call or Internal Call in
the Call Type field. For the Outgoing Call, it means the SIP account has issued a (SIP-based) call
setup signal to the SIP server, tries to make an outgoing VoIP call to the SIP account of remote
peers. As for the Internal Call, it means the call-originating local phone port has issued a
(Internal and Non-SIP) call setup signal to other target local phone ports, and the phones
attached to the target local phone ports will be ringing.
Ringing - The state is only associated with the call categorized as Incoming Call in the Call Type
field. This state indicates that there is an incoming VoIP call setup signaling coming to the SIP
account, and the phone ports configured to receive the incoming call from the SIP account will
be ringing.
InCall - Whichever type is in the Call Type field, this state will indicate that the call setup signaling
procedure has finished, and thus the call has been successfully established. The users of both
peers can begin to converse on the phone.
OnHold - This state is only associated with the call categorized as Outgoing Call or Incoming Call
in the Call Type field. This state indicates that the current call is connecting to the SIP account,
and the remote peer is in the OnHold state. This situation happens under the following two
scenarios: (a) the remote peer put the call on hold, or (b) the local user put the call on hold.
Call Type This field displays the call direction type of the current VoIP call.
Outgoing Call - It’s a SIP VoIP call made by local phone ports, and this SIP account is able to
issue a (SIP-based) call setup to the SIP account of remote peers for a VoIP call establishment.
This (SIP-based) call setup signal is sent to the SIP server first, and then the SIP server would relay it
to the target peer after correctly resolving and locating the target peer. During the call setup
(signaling) phase, Calling state is displayed in the Status field, and it turns to InCall state once
the call is successfully established.
Incoming Call - It’s a SIP VoIP call made or originated by remote SIP accounts to connect to this
local SIP account. One or more local phone ports can be configured to receive this type of call,
see the Incoming Number below, and all of them should begin to ring during the call setup
(signaling phase), see the Status above. Once some remote SIP accounts start to ring one local
phone, answer by off-hook to the call, and the call is successfully established. The other ringing
local phone ports will stop ringing and turning to InCall state in the Status field.
Internal Call - It’s a local VoIP call between two different local phone ports. No SIP signaling is
needed and thus no SIP server is involved to establish this type of call. This type of call is
established via the Internal and Non-SIP local setup signaling procedure between the calloriginating and call-terminating local phone ports. In general, one or more local phone ports
can be designed to receive this type of call, and once any of the ringing phones answer the
call, the other ringing ones will stop ringing. During the call setup phase (signaling phase),
Calling state is displayed in Status field, and turns to InCall state once the call is successfully
established.
Codec This field displays what voice codec is being used for a current VoIP call through a phone port.
Note: Before the call is established, meaning when it’s Calling or Ringing state
in Status, the state of this codec field will be Unknown, since the codec
hasn’t been determined during the call setup (signaling) phase.
From Phone Port
Type
This field displays the phone ports type used to originate, start, or create the current VoIP call.
Two possible type values will be displayed here:
SIP - For the current call which is categorized as Incoming Call in the Call Type filed, this field will
show the type SIP.
FXS - As for the other cases: Outgoing Call and Internal Call, this field will show the
corresponding local phone port type: FXS, the legacy analog phone port on the device.
XMG3563-B10A User’s Guide
244
Chapter 25 VoIP Status
Table 118 System Monitor > VoIP Status (continued)
LABEL DESCRIPTION
To Phone Port
Type
Peer Number This field displays the phone Number for the Outgoing Call and Internal Call cases or the SIP
Phone Status (This table displays the name and the SIP account binding relationship of different local phone ports.
The SIP account binding relationship can be configured in VoIP > Phone > Phone Device.)
Phone This field displays the name of each local phone port on the XMG.
Outgoing
Number
Incoming
Number
This field displays the phone ports type used to receive the current VoIP call. Three possible type
values will be displayed here:
SIP - For the current call which is categorized as Outgoing Call in the Call Type field, this field will
show the type SIP.
FXS and Unknown - As for the other cases: Incoming Call and Internal Call, this field will show the
corresponding local phone port type: FXS, the legacy analog phone port on the device. While
the call is established, this field shows Unknown during the call setup phase (signaling phase).
This is because one or more local phone ports can be configured or designed to receive these
two types of calls, see the Call Type above, and the local phone port will answer the call that
hasn’t been determined yet at that time.
account number for the Incoming Call case of the remote party that’s engaged in the current
VoIP call.
This field displays the single SIP account number that you use to make outgoing calls on this
phone port.
This field displays the SIP account number that you use to receive incoming calls on this phone
port.
XMG3563-B10A User’s Guide
245
26.1 Overview
Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to
a physical machine address, also known as a Media Access Control or MAC address, on the local area
network.
An IP (version 4) address is 32 bits long. In an Ethernet LAN, MAC addresses are 48 bits long. The ARP
Table maintains an association between each MAC address and its corresponding IP address.
26.1.1 How ARP Works
When an incoming packet destined for a host device on a local area network arrives at the device, the
device's ARP program looks in the ARP Table and, if it finds the address, sends it to the device.
CHAPTER 26
ARP Table
If no entry is found for the IP address, ARP broadcasts the request to all the devices on the LAN. The
device fills in its own MAC and IP address in the sender address fields, and puts the known IP address of
the target in the target IP address field. In addition, the device puts all ones in the target MAC field
(FF.FF.FF.FF.FF.FF is the Ethernet broadcast address). The replying device (which is either the IP address of
the device being sought or the router that knows the way) replaces the broadcast address with the
target's MAC address, swaps the sender and target pairs, and unicasts the answer directly back to the
requesting machine. ARP updates the ARP Table for future reference and then sends the packet to the
MAC address that replied.
26.2 ARP Table Screen
Use the ARP table to view IP-to-MAC address mapping(s). To open this screen, click System Monitor >
ARP Table.
Figure 148 System Monitor > ARP Table
XMG3563-B10A User’s Guide
246
Chapter 26 ARP Table
The following table describes the labels in this screen.
Table 119 System Monitor > ARP Table
LABEL DESCRIPTION
# This is the ARP table entry number.
IPv4/IPv6
Address
MAC Address This is the MAC address of the device with the listed IP address.
Device This is the type of interface used by the device.
This is the learned IPv4 or IPv6 address of a device connected to a port.
XMG3563-B10A User’s Guide
247
27.1 Overview
Routing is based on the destination address only and the XMG takes the shortest path to forward a
packet.
27.2 The Routing Table Screen
Click System Monitor > Routing Table to open the following screen.
Figure 149 System Monitor > Routing Table
CHAPTER 27
Routing Table
The following table describes the labels in this screen.
Table 120 System Monitor > Routing Table
LABEL DESCRIPTION
IPv4/IPv6 Routing Table
Destination This indicates the destination IPv4 address or IPv6 address and prefix of this route.
XMG3563-B10A User’s Guide
248
Chapter 27 Routing Table
Table 120 System Monitor > Routing Table (continued)
LABEL DESCRIPTION
Gateway This indicates the IPv4 address or IPv6 address of the gateway that helps forward this route’s
traffic.
Subnet Mask This indicates the destination subnet mask of the IPv4 route.
Flag This indicates the route status.
U-Up: The route is up.
!-Reject: The route is blocked and will force a route lookup to fail.
G-Gateway: The route uses a gateway to forward traffic.
H-Host: The target of the route is a host.
R-Reinstate: The route is reinstated for dynamic routing.
D-Dynamic (redirect): The route is dynamically installed by a routing daemon or redirect.
M-Modified (redirect): The route is modified from a routing daemon or redirect.
Metric The metric represents the "cost of transmission". A router determines the best route for
transmission by choosing a path with the lowest "cost". The smaller the number, the lower the
"cost".
Interface This indicates the name of the interface through which the route is forwarded.
brx indicates a LAN interface where x can be 0~3 to represent LAN1 to LAN4 respectively.
ptm0 indicates a DSL WAN interface using IPoE, IPoA or in bridge mode.
ethx indicates an Ethernet WAN interface using IPoE or in bridge mode.
ppp0 indicates a WAN interface using PPPoE or PPPoA.
XMG3563-B10A User’s Guide
249
Multicast Status
28.1 Overview
Use the Multicast Status screens to look at IGMP/MLD group status and traffic statistics.
28.2 The IGMP Status Screen
Use this screen to look at the current list of multicast groups the XMG has joined and which ports have
joined it. To open this screen, click System Monitor > Multicast Status > IGMP Status.
Figure 150 System Monitor > Multicast Status > IGMP Status
CHAPTER 28
The following table describes the labels in this screen.
Table 121 System Monitor > Multicast Status > IGMP Status
LABEL DESCRIPTION
Refresh Click this button to update the information on this screen.
Interface This field displays the name of an interface on the XMG that belongs to an IGMP multicast group.
Multicast Group This field displays the name of the IGMP multicast group to which the interface belongs.
Filter Mode INCLUDE means that only the IP addresses in the Source List get to receive the multicast group’s
traffic.
EXCLUDE means that the IP addresses in the Source List are not allowed to receive the multicast
group’s traffic but other IP addresses can.
Source List This is the list of IP addresses that are allowed or not allowed to receive the multicast group’s
traffic depending on the filter mode.
Member This is the list of the members of the multicast group.
28.3 The MLD Status Screen
Use this screen to look at the current list of multicast groups the XMG has joined and which ports have
joined it. To open this screen, click System Monitor > Multicast Status > MLD Status.
XMG3563-B10A User’s Guide
250
Chapter 28 Multicast Status
Figure 151 System Monitor > Multicast Status > MLD Status
The following table describes the labels in this screen.
Table 122 System Monitor > Multicast Status > MLD Status
LABEL DESCRIPTION
Refresh Click this button to update the status on this screen.
Interface This field displays the name of an interface on the XMG that belongs to an MLD multicast group.
Multicast Group This field displays the name of the MLD multicast group to which the interface belongs.
Filter Mode INCLUDE means that only the IP addresses in the Source List get to receive the multicast group’s
traffic.
EXCLUDE means that the IP addresses in the Source List are not allowed to receive the multicast
group’s traffic but other IP addresses can.
Source List This is the list of IP addresses that are allowed or not allowed to receive the multicast group’s
Member This is the list of members in the multicast group.
traffic depending on the filter mode.
XMG3563-B10A User’s Guide
251
29.1 The xDSL Statistics Screen
Use this screen to view detailed DSL statistics. Click System Monitor > xDSL Statistics to open the following
screen.
Figure 152 System Monitor > xDSL Statistics
CHAPTER 29
xDSL Statistics
The following table describes the labels in this screen.
Table 123 Status > xDSL Statistics
LABEL DESCRIPTION
Refresh Interval Select the time interval for refreshing statistics.
Line Select which DSL line’s statistics you want to display.
xDSL Training
Status
Mode This displays the ITU standard used for this connection.
Traffic Type This displays the type of traffic the DSL port is sending and receiving. Inactive displays if the DSL
This displays the current state of setting up the DSL connection.
port is not currently sending or receiving traffic.
XMG3563-B10A User’s Guide
252
Loading...