The contents of this publication may not be reproduced in any part or as a whole, transcribed,
stored in a retrieval system, translated into any language, or transmitted in any form or by any
means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or
otherwise, without the prior written permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or
software described herein. Neither does it convey any license under its patent rights nor the
patent rights of others. ZyXEL further reserves the right to make changes in any products
described herein without notice. This publication is subject to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL
Communications, Inc. Other trademarks mentioned in this publication are used for
identification purposes only and may be properties of their respective owners.
Copyright3
ZyXEL G-1000 v2 User’s Guide
Interference Statements and
Federal Communications Commission (FCC) Interference Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two
conditions:
• This device may not cause harmful interference.
• This device must accept any interference received, including interference that may cause
undesired operations.
This equipment has been tested and found to comply with the limits for a Class B digital
device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable
protection against harmful interference in a residential installation. This equipment generates,
uses, and can radiate radio frequency energy, and if not installed and used in accordance with
the instructions, may cause harmful interference to radio communications. However, there is
no guarantee that interference will not occur in a particular installation
Certifications
If this equipment does cause harmful interference to radio/television reception, which can be
determined by turning the equipment off and on, the user is encouraged to try to correct the
interference by one or more of the following measures:
• Reorient or relocate the receiving antenna.
• Increase the separation between the equipment and the receiver.
• Connect the equipment into an outlet on a circuit different from that to which the receiver
is connected.
• Consult the dealer or an experienced radio/TV technician for help.
This Class B digital apparatus complies with Canadian ICES-003.
Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada.
FCC Caution
Any changes or modifications not expressly approved by the party responsible for compliance
could void the user's authority to operate this equipment.
IMPORTANT NOTE: FCC Radiation Exposure Statement
This equipment complies with FCC radiation exposure limits set forth for an uncontrolled
environment. This equipment should be installed and operated with minimum distance 20cm
between the radiator & your body.
4Interference Statements and Certifications
ZyXEL G-1000 v2 User’s Guide
This transmitter must not be co-located or operating in conjunction with any other antenna or
transmitter.
ZyXEL Communications Corporation declared that G-1000 v2 is limited in CH1~11 from
2400 to 2483.5 MHz by specified firmware controlled in USA.
2 Select your product from the drop-down list box on the ZyXEL home
page to go to that product's page.
3 Select the certification you wish to view from this page.
Interference Statements and Certifications5
ZyXEL G-1000 v2 User’s Guide
For your safety, be sure to read and follow all warning notices and instructions.
• To reduce the risk of fire, use only No. 26 AWG (American Wire Gauge) or larger
telecommunication line cord.
• Do NOT open the device or unit. Opening or removing covers can expose you to
dangerous high voltage points or other risks. ONLY qualified service personnel can
service the device. Please contact your vendor for further information.
• Use ONLY the dedicated power supply for your device. Connect the power cord or
power adaptor to the right supply voltage (110V AC in North America or 230V AC in
Europe).
• Do NOT use the device if the power supply is damaged as it might cause electrocution.
• If the power supply is damaged, remove it from the power outlet.
• Do NOT attempt to repair the power supply. Contact your local vendor to order a new
power supply.
• Place connecting cables carefully so that no one will step on them or stumble over them.
Do NOT allow anything to rest on the power cord and do NOT locate the product where
anyone can walk on the power cord.
• If you wall mount your device, make sure that no electrical, gas or water pipes will be
damaged.
• Do NOT install nor use your device during a thunderstorm. There may be a remote risk of
electric shock from lightning.
• Do NOT expose your device to dampness, dust or corrosive liquids.
• Do NOT use this product near water, for example, in a wet basement or near a swimming
pool.
• Make sure to connect the cables to the correct ports.
• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your
device.
• Do NOT store things on the device.
• Connect ONLY suitable accessories to the device.
Safety Warnings
6Safety Warnings
ZyXEL G-1000 v2 User’s Guide
ZyXEL Limited Warranty
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects
in materials or workmanship for a period of up to two years from the date of purchase. During
the warranty period, and upon proof of purchase, should the product have indications of failure
due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the
defective products or components without charge for either parts or labor, and to whatever
extent it shall deem necessary to restore the product or components to proper operating
condition. Any replacement will consist of a new or re-manufactured functionally equivalent
product of equal or higher value, and will be solely at the discretion of ZyXEL. This warranty
shall not apply if the product has been modified, misused, tampered with, damaged by an act
of God, or subjected to abnormal working conditions.
Note
Repair or replacement, as provided under this warranty, is the exclusive remedy of the
purchaser. This warranty is in lieu of all other warranties, express or implied, including any
implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in
no event be held liable for indirect or consequential damages of any kind to the purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return
Material Authorization number (RMA). Products must be returned Postage Prepaid. It is
recommended that the unit be insured when shipped. Any returned products without proof of
purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of
ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products
will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty
gives you specific legal rights, and you may also have other rights that vary from country to
country.
ZyXEL Limited Warranty7
ZyXEL G-1000 v2 User’s Guide
Please have the following information ready when you contact customer support.
• Product model and serial number.
• Warranty Information.
• Date that you received your device.
• Brief description of the problem and the steps you took to solve it.
Table 87 Comparison of EAP Authentication Types .............................................. 186
List of Tables23
ZyXEL G-1000 v2 User’s Guide
24List of Tables
ZyXEL G-1000 v2 User’s Guide
Preface
Congratulations on your purchase of the ZyXEL G-1000 v2 IEEE 802.11g wireless access
point.
Your G-1000 v2 is easy to install and configure.
Note: Register your product online to receive e-mail notices of firmware upgrades and
information at www.zyxel.com
American products.
About This User's Guide
This User’s Guide is designed to guide you through the configuration of your ZyXEL device
using the web configurator or the SMT. The web configurator parts of this guide contain
background information on features configurable by web configurator. The SMT parts of this
guide contain background information solely on features not configurable by web configurator
for global products, or at www.us.zyxel.com for North
Note: Use the web configurator, System Management Terminal (SMT) or command
interpreter interface to configure your G-1000 v2. Not all features can be
configured through all interfaces.
Related Documentation
• Supporting Disk
Refer to the included CD for support documents.
• Quick Start Guide
The Quick Start Guide is designed to help you get up and running right away. It contains
connection information and instructions on getting started.
• Web Configurator Online Help
Embedded web help for descriptions of individual screens and supplementary
information.
• ZyXEL Glossary and Web Site
Please refer to www.zyxel.com
support documentation.
for an online glossary of networking terms and additional
User Guide Feedback
Help us help you! E-mail all User Guide-related comments, questions or suggestions for
improvement to techwriters@zyxel.com.tw or send regular mail to The Technical Writing
Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park,
Hsinchu, 300, Taiwan. Thank you!
Preface25
ZyXEL G-1000 v2 User’s Guide
Syntax Conventions
• “Enter” means for you to type one or more characters. “Select” or “Choose” means for
you to use one predefined choice.
• Mouse action sequences are denoted using a right angle bracket (>). For example, “In
Windows, click Start > Settings > Control Panel” means first click the Start button,
then point your mouse pointer to Settings and then click Control Panel.
• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.
• The ZyXEL G-1000 v2 may be referred to as the “G-1000 v2” in this User’s Guide.
Graphics Icons Key
ZyXEL deviceComputerNotebook computer
ServerDSLAMFirewall
ModemSwitchRouter
Wireless Signal
26Preface
CHAPTER1
Getting to Know Your Device
This chapter introduces the main features and applications of the G-1000 v2.
1.1 Introducing the ZyXEL G-1000 v2
The ZyXEL G-2000 Plus v2 is a wireless access point. The G-1000 v2 offers highly secured
wireless connectivity to your wired network with IEEE 802.1X, WEP data encryption,
WPA(2) (Wi-Fi Protected Access) and MAC address filtering.
The G-1000 v2 is easy to install and configure. The embedded web-based configurator and
SNMP network management enables remote configuration and management of your G-1000
v2.
ZyXEL G-1000 v2 User’s Guide
1.2 Features
The following sections describe the features of the G-1000 v2.
Note: See the product specifications in the appendix for detailed features and
This auto-negotiating feature allows the G-1000 v2 to detect the speed of incoming
transmissions and adjust appropriately without manual intervention. It allows data transfer of
either 10 Mbps or 100 Mbps in either half-duplex or full-duplex mode depending on your
Ethernet network.
The LAN interface automatically adjusts to either a crossover or straight-through Ethernet
cable.
Reset Button
The G-1000 v2 reset button is built into the side panel. Use this button to restore the factory
default password to 1234; IP address to 192.168.1.2 and subnet mask to 255.255.255.0.
Chapter 1 Getting to Know Your Device27
ZyXEL G-1000 v2 User’s Guide
ZyAIR LED
The blue ZyAIR LED (also known as the breathing light) is on when the G-1000 v2 is on and
blinks (or breaths) when data is being transmitted to/from its wireless stations. You may use
the web configurator to turn this light off even when the G-1000 v2 is on and data is being
transmitted/received.
1.2.2 Firmware Features
WPA and WPA2
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE
802.11i) is a wireless security standard that defines stronger encryption, authentication and
key management than WPA.
Key differences between WPA(2) and WEP are improved data encryption and user
authentication.
IEEE 802.11b Wireless LAN Standard
The G-1000 v2 complies with the IEEE 802.11b wireless standards.
The IEEE 802.11b data rate and corresponding modulation techniques are shown in the table
below. The modulation technique defines how bits are encoded onto radio waves.
The G-1000 v2, complies with the IEEE 802.11g wireless standard and is also fully
compatible with the IEEE 802.11b standard. This means an IEEE 802.11b radio card can
interface directly with an IEEE 802.11g device (and vice versa) at 11 Mbps or lower
depending on range.The IEEE 802.11g has several intermediate rate steps between the
maximum and minimum data rates. The IEEE 802.11g data rate and modulation are as
follows:.
Table 2 IEEE 802.11g
DATA RATE
(MBPS)
6/9/12/18/24/36/48/54OFDM (Orthogonal Frequency Division Multiplexing)
28Chapter 1 Getting to Know Your Device
MODULATION
ZyXEL G-1000 v2 User’s Guide
Note: The G-1000 v2 may be prone to RF (Radio Frequency) interference from other
2.4 GHz devices such as microwave ovens, wireless phones, Bluetooth
enabled devices, and other wireless LANs.
STP (Spanning Tree Protocol) / RSTP (Rapid STP)
(R)STP detects and breaks network loops and provides backup links between switches,
bridges or routers. It allows a bridge to interact with other (R)STP -compliant bridges in your
network to ensure that only one path exists between any two stations on the network.
Limit the number of Client Connections
You may set a maximum number of wireless stations that may connect to the G-1000 v2. This
may be necessary if for example, there is interference or difficulty with channel assignment
due to a high density of APs within a coverage area.
SSL Passthrough
SSL (Secure Sockets Layer) uses a public key to encrypt data that's transmitted over an SSL
connection. Both Netscape Navigator and Internet Explorer support SSL, and many Web sites
use the protocol to obtain confidential user information, such as credit card numbers. By
convention, URLs that require an SSL connection start with “https” instead of “http”. The G1000 v2 allows SSL connections to take place through the G-1000 v2.
Brute-Force Password Guessing Protection
The G-1000 v2 has a special protection mechanism to discourage brute-force password
guessing attacks on the G-1000 v2's management interfaces. You can specify a wait-time that
must expire before entering a fourth password after three incorrect passwords have been
entered. Please see the appendix for details about this feature.
Wireless LAN MAC Address Filtering
Your G-1000 v2 checks the MAC address of the wireless station against a list of allowed or
denied MAC addresses.
WEP Encryption
WEP (Wired Equivalent Privacy) encrypts data frames before transmitting over the wireless
network to help keep network communications private.
IEEE 802.1X Network Security
The G-1000 v2 supports the IEEE 802.1x standard to enhance user authentication. Use the
built-in user profile database to authenticate up to 32 users using MD5 encryption. Use an
EAP-compatible RADIUS (RFC2138, 2139 - Remote Authentication Dial In User Service)
server to authenticate a limitless number of users using EAP (Extensible Authentication
Protocol). EAP is an authentication protocol that supports multiple types of authentication.
Chapter 1 Getting to Know Your Device29
ZyXEL G-1000 v2 User’s Guide
SNMP
SNMP (Simple Network Management Protocol) is a protocol used for exchanging
management information between network devices. SNMP is a member of the TCP/IP
protocol suite. Your G-1000 v2 supports SNMP agent functionality, which allows a manager
station to manage and monitor the G-1000 v2 through the network. The G-1000 v2 supports
SNMP version one (SNMPv1) and version two c (SNMPv2c).
Full Network Management
The embedded web configurator is an all-platform web-based utility that allows you to easily
access the G-1000 v2’s management settings. Most functions of the G-1000 v2 are also
software configurable via the SMT (System Management Terminal) interface. The SMT is a
menu-driven interface that you can access from a terminal emulator over a telnet connection.
Logging and Tracing
• Built-in message logging.
• Unix syslog facility support.
Diagnostics Capabilities
The G-1000 v2 can perform self-diagnostic tests. These tests check the integrity of the
following circuitry:
• FLASH memory
•DRAM
• LAN port
• Wireless port
Embedded FTP and TFTP Servers
The G-1000 v2’s embedded FTP and TFTP servers enable fast firmware upgrades as well as
configuration file backups and restoration.
Wireless Association List
With the wireless association list, you can see the list of the wireless stations that are currently
using the G-1000 v2 to access your wired network.
1.3 Applications for the G-1000 v2
Here are application examples of what you can do with your G-1000 v2.
30Chapter 1 Getting to Know Your Device
1.3.1 Internet Access Application
The G-1000 is an ideal access solution for wireless Internet connection. A typical Internet
access application for your G-1000 is shown as follows. Stations A, B and C can access the
wired network through the G-1000s.
Figure 1 Internet Access Application
ZyXEL G-1000 v2 User’s Guide
1.3.2 Corporation Network Application
In situations where users are always on the move in the coverage area but still need access to
corporate network access, the G-1000 is an ideal solution for wireless stations to connect to the
corporate network without expensive network cabling.
The following figure depicts a typical application of the G-1000 in an enterprise environment.
Stations A and B with wireless adapters are allowed to access the network resource through
the G-1000 after account validation by the network authentication server.
Figure 2 Corporation Network Application
1.4 Front Panel of the G-1000
The LEDs on the front panel indicate the operational status of your G-1000.
Chapter 1 Getting to Know Your Device31
ZyXEL G-1000 v2 User’s Guide
Figure 3 G-1000 v2 Front Panel
The following table describes the lights.
Table 3 Front Panel Light Description
LIGHTCOLORSTATUSDESCRIPTION
SYSGreenOnThe wireless card on the G-1000 v2 is working properly.
OffThe wireless card on the G-1000 v2 is not ready or has a
malfunction.
RedBlinkingThe G-1000 v2 is not ready or rebooting.
ZyAIR BlueBreathingThe G-1000 v2 is sending or receiving data.
On (dim)The G-1000 v2 is ready, but is not sending or receiving
data.
ETHNGreenOnThe G-1000 v2 has a successful 10Mb Ethernet
connection.
BlinkingThe G-1000 v2 is sending/receiving data.
OffThe G-1000 v2 does not have 10Mb Ethernet connection.
OrangeOnThe G-1000 v2 has a successful 100Mb Ethernet
connection.
BlinkingThe G-1000 v2 is sending or receiving data.
OffThe G-1000 v2 does not have 100Mb Ethernet connection.
PWRGreenOnThe G-1000 v2 is receiving power.
OffThe G-1000 v2 is not receiving power.
32Chapter 1 Getting to Know Your Device
Introducing the Web
This chapter describes how to access the G-1000 v2 web configurator and provides an
overview of its screens. The default IP address of the G-1000 v2 is 192.168.1.2.
2.1 Web Configurator Overview
The embedded web configurator allows you to manage the G-1000 v2 from anywhere through
a browser such as Microsoft Internet Explorer or Netscape Navigator. Use Internet Explorer
6.0 and later or Netscape Navigator 7.0 and later versions with JavaScript enabled. It is
recommended that you set your screen resolution to 1024 by 768 pixels.
ZyXEL G-1000 v2 User’s Guide
CHAPTER2
Configurator
2.2 Accessing the G-1000 v2 Web Configurator
1 Make sure your G-1000 v2 hardware is properly connected and prepare your computer/
computer network to connect to the G-1000 v2 (refer to the Quick Start Guide).
Launch your web browser.
2
3
Type "192.168.1.2" as the URL.
4
Type "1234" (default) as the password and click Login.
You should see a screen asking you to change your password (highly recommended) as
5
shown next. Type a new password (and retype it to confirm) and click Apply or click
Ignore.
Note: If you do not change the password, the following screen appears every time
you login.
Chapter 2 Introducing the Web Configurator33
ZyXEL G-1000 v2 User’s Guide
Figure 4 Change Password Screen
6 On this screen you can access the wizard setup or the advanced setup.
Click Go to Advanced setup to access the status screen of the web configurator.
Note: The management session automatically times out when the time period set in
the Administrator Inactivity Timer field expires (default five minutes). Simply log
back into the G-1000 v2 if this happens to you.
2.3 Resetting the G-1000 v2
If you forget your password or cannot access the web configurator, you will need to reload the
factory-default configuration file or use the RESET button on the top panel of the G-1000 v2.
Uploading this configuration file replaces the current configuration file with the factorydefault configuration file. This means that you will lose all configurations that you had
previously and the password will be reset to 1234.
2.3.1 .Procedure To Use The Reset Button
Make sure the SYS light is on (not blinking) before you begin this procedure.
Press the RESET button for ten seconds or until the SYS light starts to blink, and then
1
release it. If the SYS light begins to blink, the defaults have been restored and the G-1000
v2 restarts. Otherwise, go to step 2.
2
Turn the G-1000 v2 off.
While pressing the RESET button, turn the G-1000 v2 on.
3
4
Continue to hold the RESET button. The SYS light will begin to blink andflicker very
quickly after about 20 seconds. This indicates that the defaults have been restored and the
G-1000 v2 is now restarting.
5
Release the RESETbutton and wait for the G-1000 v2 to finish restarting.
34Chapter 2 Introducing the Web Configurator
Note: You can also restore defaults via the web configurator.(refer to the Maintenance
chapter).
2.4 Navigating the Web Configurator
We use the P-662HW-D1 web screens in this guide as an example. Screens vary slightly for
different G-1000 v2 models.
2.4.1 Navigation Panel
After you enter the password, use the sub-menus on the navigation panel to configure G-1000
v2 features. The following table describes the sub-menus.
Figure 5 Web Configurator: Main Screen
ZyXEL G-1000 v2 User’s Guide
Click the Logout icon at any time
Click the Logout icon at any time
to exit the web configurator.
to exit the web configurator.
Use
submenus
to configure
G-1000 v2
features.
Note: Click the icon (located in the top right corner of most screens) to view
embedded help.
Table 4 Web Configurator Screens Summary
LINK/ICONSUB-LINKFUNCTION
Wizard Use these screens for initial configuration including general
setup, wireless security and IP address assignment.
Logout Click this icon to exit the web configurator.
Chapter 2 Introducing the Web Configurator35
ZyXEL G-1000 v2 User’s Guide
Table 4 Web Configurator Screens Summary (continued)
LINK/ICONSUB-LINKFUNCTION
AboutClick this icon to see general information about G-1000 v2.
StatusThis screen shows the G-1000 v2’s general device, system and
Network
Wireless LAN GeneralUse this screen to configure the wireless LAN settings and
IPInternet
Management
Remote MGMT
Maintenance
System GeneralThis screen contains administrative and system-related
LogsView LogUse this screen to view the logs for the categories that you
ToolsFirmwareUse this screen to upload firmware to your G-1000 v2.
interface status information. Use this screen to access the
summary statistics tables.
WLAN authentication/security settings.
MAC FilterUse this screen to configure the G-1000 v2 to block access to
devices or block the devices from accessing the G-1000 v2.
AdvancedUse this screen to enable roaming and setup advanced
wireless features.
Use this screen to configure IP address assignment.
Connection
AdvancedUse this screen to configure your DNS server settings.
WWWUse this screen to configure through which interface(s) and
from which IP address(es) users can use HTTPS or HTTP to
manage the G-1000 v2.
Te ln e tUse this screen to configure through which interface(s) and
from which IP address(es) users can use Telnet to manage the
G-1000 v2.
FTPUse this screen to configure through which interface(s) and
from which IP address(es) users can use FTP to access the G1000 v2.
SNMPUse this screen to configure your G-1000 v2’s settings for
Simple Network Management Protocol management.
information and also allows you to change your password.
Time SettingUse this screen to change your G-1000 v2’s time and date.
selected.
Log SettingsUse this screen to change your G-1000 v2’s log settings.
ConfigurationUse this screen to backup and restore the configuration or reset
the factory defaults to your G-1000 v2.
RestartThis screen allows you to reboot the G-1000 v2 without turning
the power off.
2.4.2 Status Screen
The following summarizes how to navigate the web configurator from the Status screen.
36Chapter 2 Introducing the Web Configurator
Figure 6 Status Screen
ZyXEL G-1000 v2 User’s Guide
The following table describes the labels shown in the Status screen.
Table 5 Status Screen
LABELDESCRIPTION
Refresh IntervalSelect a number of seconds or None from the drop-down list box to refresh all
screen statistics automatically at the end of every time interval or to not refresh the
screen statistics.
Refresh NowClick this button to refresh the status screen statistics.
Device Information
System NameThis is the System Name you enter in the Maintenance, System, General
Firmware VersionThis is the Firmware version and the date created.
Ethernet
Information
IP AddressThis is the LAN port IP address.
IP Subnet MaskThis is the LAN port IP subnet mask.
DHCPThis is the WAN port DHCP role - Relay or None.
WLAN Information
SSIDThis is the descriptive name used to identify the G-1000 v2 in the wireless LAN.
ChannelThis is the channel number used by the G-1000 v2 now.
Security Mode This displays the security mode you are using.
System Status
screen. It is for identification purposes.
Chapter 2 Introducing the Web Configurator37
ZyXEL G-1000 v2 User’s Guide
Table 5 Status Screen
LABELDESCRIPTION
System UptimeThis is the total time the G-1000 v2 has been on.
Current Date/Time This field displays your G-1000 v2’s presentdate and time.
System Resource
CPU UsageThis number shows how many kilobytes of the heap memory the G-1000 v2 is
Memory UsageThis number shows the G-1000 v2's total heap memory (in kilobytes).
Interface Status
InterfaceThis displays the G-1000 v2 port types. The port types are Ethernet and WLAN.
StatusThis field displays Down (line is down), Up (line is up or connected.
RateFor the Ethernet port, this displays the port speed and duplex setting.
Summary
Packet StatisticsUse this screen to view port status and packet specific statistics.
WLAN Station
Status
using. Heap memory refers to the memory that is not used by ZyNOS (ZyXEL
Network Operating System).
The bar displays what percent of the G-1000 v2's heap memory is in use. The bar
turns from green to red when the maximum is being approached.
The bar displays what percent of the G-1000 v2's heap memory is in use. The bar
turns from green to red when the maximum is being approached.
For the WAN port, it displays the downstream and upstream transmission rate.
Use this screen to view the wireless stations that are currently associated to the G1000 v2.
2.4.3 Status: Packet Statistics
To view packet statistics, click on Packet Statistics(Details...) link in the status screen under
the Summary heading.
Figure 7 Status: Packet Statistics
38Chapter 2 Introducing the Web Configurator
ZyXEL G-1000 v2 User’s Guide
The following table describes the labels in this screen.
Table 6 Status: Packet Statistics
LABELDESCRIPTION
PortThis is the Ethernet or wireless port. The wireless port may be the WLAN – Built-
in card or the WLAN – Removable wireless card.
StatusThis shows the port speed and duplex setting if you are using Ethernet
encapsulation for the Ethernet port.
This shows the transmission speed only for wireless port.
TxPktsThis is the number of transmitted packets on this port.
RxPktsThis is the number of received packets on this port.
CollisionsThis is the number of collisions on this port.
Tx B/sThis shows the transmission speed in bytes per second on this port.
Rx B/sThis shows the reception speed in bytes per second on this port.
Up TimeThis is total amount of time the line has been up.
System Up TimeThis is the total time the G-1000 has been on.
Poll Interval(s)Enter the time interval for refreshing statistics.
Set IntervalClick this button to apply the new poll interval you entered above.
StopClick this button to stop refreshing statistics.
2.4.4 Status: WLAN Association List
To view packet statistics, click on Packet Statistics(Details...) link in the status screen under
the Summary heading.
The following table describes the labels in this screen.
Table 7 Association List
LABELDESCRIPTION
# This is the index number of an associated wireless station.
MAC Address This field displays the MAC address of an associated wireless station.
Association TimeThis field displays the time a wireless station first associated with the G-1000
v2.
Chapter 2 Introducing the Web Configurator39
ZyXEL G-1000 v2 User’s Guide
Table 7 Association List
LABELDESCRIPTION
QoSThis field displays the priority level of a wireless device associated with the G-
RefreshClick Refresh to reload the screen.
1000 v2
40Chapter 2 Introducing the Web Configurator
The web configurator’s setup wizard helps you set up a wireless LAN and configure security
settings on your G-1000 v2.
3.1 Wizard Setup Overview
The wizard will guide you through several steps. You will need to enter some information for
identification purposes, you will then setup your wireless LAN and security. The wizard will
then guide you through configuring your Internet settings.
3.2 General Setup
ZyXEL G-1000 v2 User’s Guide
CHAPTER3
Wizard Setup
General Setup contains administrative and system-related information.
The Domain Name entry is what is propagated to the DHCP clients on the LAN. If you leave
this blank, the domain name obtained by DHCP from the ISP is used. While you must enter
the host name (System Name) on each individual computer, the domain name can be relayed
via the G-1000 v2 from the DHCP server.
Figure 8 Enter System and Domain Names.
Chapter 3 Wizard Setup41
ZyXEL G-1000 v2 User’s Guide
The following table describes the labels in this screen.
Table 8 Enter System and Domain Names
LABELDESCRIPTION
System NameEnter a name to help you identify your ISP on the network. This is not a required
field and you can safely leave this field blank.
Domain NameThis is not a required field. Leave this field blank or enter the domain name here
if you know it.
BackClick Back to return to the previous screen.
NextClick Next to proceed to the next screen.
ExitClick Exit to quit the wizard without saving the changes.
3.3 Wizard Setup Wireless LAN
This wizard helps you configure your wireless network and security.
3.3.1 Name (SSID), Channel ID and Security
This screen allows you to setup a unique name for your G-1000 v2 on the wireless network.
You also decide on the channel for your wireless transmission and what kind of security you
would like to use.
Figure 9 Enter Name and Select Security
42Chapter 3 Wizard Setup
The following table describes the labels in this screen.
Table 9 Enter Name and Select Security
LABELDESCRIPTION
Wireless LAN Setup
ZyXEL G-1000 v2 User’s Guide
Name(SSID)Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the
Choose Channel IDTo manually set the G-1000 v2 to use a specific channel, select a channel from
SecurityThe level of Security can be selected as none, basic or extended. Choose
BackClick Back to return to the previous screen.
NextClick Next to continue.
ExitClick Exit to quit the wizard without saving the changes.
wireless LAN.
If you change this field on the G-1000 v2, make sure all wireless stations use
the same SSID in order to access the network.
the drop-down list box.
None security to have no wireless LAN security configured and proceed to the
“Apply Settings” on page 47section.
Choose Basic (WEP) security if you want to configure WEP Encryption
parameters.
Choose Extend(WPA-PSK with customized key) or Extend (WPA2-PSK with customized key) security to configure a Pre-Shared Key.
The next screen varies depending on which security level you select.
Note: The wireless stations and G-1000 v2 must use the same SSID, channel ID and
WEP encryption key (if WEP is enabled) or WPA-PSK (if WPA-PSK is enabled)
for wireless communication.
3.3.2 Configuring WEP or WPA(2) PSK Security
Choose Basic (WEP) security to setup WEP Encryption parameters.
Chapter 3 Wizard Setup43
ZyXEL G-1000 v2 User’s Guide
Figure 10 Wireless LAN Basic Security
The following table describes the labels in this screen.
Table 10 Wireless LAN Basic Security
LABELDESCRIPTION
PassphraseYou can generate or manually enter a WEP key by either:
Entering a Passphrase (up to 32 printable characters) and clicking Generate. The G1000 v2 automatically generates a WEP key.
Or
Entering a manual key in a Key field and selecting ASCII or Hex WEP key input
method.
WEP
Encryption
ASCII
HEX
Key 1 to Key 4 The WEP keys are used to encrypt data. Both the G-1000 v2 and the wireless stations
Select 64-bit WEP or 128-bit WEP to allow data encryption.
Select this option in order to enter ASCII characters as the WEP keys.
Select this option to enter hexadecimal characters as the WEP keys.
The preceding “0x” is entered automatically.
must use the same WEP key for data transmission.
If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal
characters ("0-9", "A-F").
If you chose 128-bit WEP, then enter 13 ASCII characters or 26 hexadecimal
characters ("0-9", "A-F").
You must configure all four keys, but only one key can be activated at any one time.
The default key is key 1.
44Chapter 3 Wizard Setup
ZyXEL G-1000 v2 User’s Guide
Table 10 Wireless LAN Basic Security
LABELDESCRIPTION
BackClick Back to display the previous screen.
NextClick Next to proceed to the next screen.
ExitClick Exit to quit the wizard without saving the changes.
Choose Extend(WPA-PSK with customized key) or Extend(WPA2-PSK with customized
security in the Wireless LAN Setup screen to set up a Pre-Shared Key.
key)
Figure 11 Wireless LAN Extend Security
The following table describes the labels in this screen.
Table 11 Wireless LAN Extend Security
LABELDESCRIPTION
Pre-Shared
Key
BackClick Back to display the previous screen.
NextClick Next to proceed to the next screen.
ExitClick Exit to quit the wizard without saving the changes.
Type from 8 to 63 case-sensitive ASCII characters. You can set up the most secure
wireless connection by configuring WPA in the advanced wireless screen. You need to
configure an authentication server to do this.
Refer to the chapter on wireless LAN for more information.
Chapter 3 Wizard Setup45
ZyXEL G-1000 v2 User’s Guide
3.3.3 IP Address Assignment
Your G-1000 v2 needs an IP address to communicate with your wired network.
Figure 12 IP Address Assignment
The following table describes the labels in this screen.
Table 12 IP Address Assignment
LABELDESCRIPTION
Obtain IP
Address
Automatically
Use fixed IP
address
BackClick Back to display the previous screen.
NextClick Next to proceed to the next screen.
ExitClick Exit to quit the wizard without saving the changes.
Select this choice if your G-1000 v2 is using a dynamically assigned IP address from a
DHCP server.
Select this choice if your G-1000 v2 is using a static IP address.
Note: If you change the IP address assigned to the G-1000 v2 or if a DHCP server
assigns a new one to it, you must know it to access the G-1000 again.
46Chapter 3 Wizard Setup
3.3.4 Apply Settings
If you changed the SSID on your device or implemented any security, then you will have to
make the corresponding changes on your wireless station to reconnect to the G-1000 v2.
ZyXEL G-1000 v2 User’s Guide
The following table describes the labels in this screen.
Table 13 Apply Settings
LABELDESCRIPTION
BackClick Back to display the previous screen.
ApplyClick Apply to save your configuration settings.
ExitClick Exit to quit the wizard without saving the changes.
Note: If you changed the SSID on your device or implemented any security, then you
will have to make the corresponding changes on your wireless stations to
reconnect to the AP.
If you changed the IP address of your G-1000 v2 or if an IP address is assigned
to the G-1000 v2 automatically, you can access the device by using the new IP
address or typing “http://zyxelXXXX” (where XXXX are the last four digits of
your devices MAC address) in your browser. The MAC address can be found
on the back label of your G-1000 v2.
Congratulations, you have completed your configuration wizard. Click Finish to exit the
wizard.
Chapter 3 Wizard Setup47
ZyXEL G-1000 v2 User’s Guide
Figure 13 Wizard Completed
48Chapter 3 Wizard Setup
This chapter discusses how to configure the wireless network settings in your G-1000 v2. See
the appendices for more detailed information about wireless networks.
4.1 Wireless Network Overview
The following figure provides an example of a wireless network.
Figure 14 Example of a Wireless Network
ZyXEL G-1000 v2 User’s Guide
CHAPTER4
Wireless LAN
The wireless network is the part in the blue circle. In this wireless network, devices A and B
are called wireless clients. The wireless clients use the access point (AP) to interact with other
devices (such as the printer) or with the Internet. Your G-1000 v2 is the AP.
Every wireless network must follow these basic guidelines.
• Every wireless client in the same wireless network must use the same SSID.
The SSID is the name of the wireless network. It stands for Service Set IDentity.
• If two wireless networks overlap, they should use different channels.
Like radio stations or television channels, each wireless network uses a specific channel,
or frequency, to send and receive information.
• Every wireless client in the same wireless network must use security compatible with the
AP.
Chapter 4 Wireless LAN49
ZyXEL G-1000 v2 User’s Guide
Security stops unauthorized devices from using the wireless network. It can also protect
the information that is sent in the wireless network.
4.2 Wireless Security Overview
The following sections introduce different types of wireless security you can set up in the
wireless network.
4.2.1 SSID
Normally, the AP acts like a beacon and regularly broadcasts the SSID in the area. You can
hide the SSID instead, in which case the AP does not broadcast the SSID. In addition, you
should change the default SSID to something that is difficult to guess.
This type of security is fairly weak, however, because there are ways for unauthorized devices
to get the SSID. In addition, unauthorized devices can still see the information that is sent in
the wireless network.
4.2.2 MAC Address Filter
Every wireless client has a unique identification number, called a MAC address.1 A MAC
address is usually written using twelve hexadecimal characters
or 00:A0:C5:00:00:02. To get the MAC address for each wireless client, see the appropriate
User’s Guide or other documentation.
You can use the MAC address filter to tell the AP which wireless clients are allowed or not
allowed to use the wireless network. If a wireless client is allowed to use the wireless network,
it still has to have the correct settings (SSID, channel, and security). If a wireless client is not
allowed to use the wireless network, it does not matter if it has the correct settings.
This type of security does not protect the information that is sent in the wireless network.
Furthermore, there are ways for unauthorized devices to get the MAC address of an authorized
wireless client. Then, they can use that MAC address to use the wireless network.
4.2.3 User Authentication
You can make every user log in to the wireless network before they can use it. This is called
user authentication. However, every wireless client in the wireless network has to support
IEEE 802.1x to do this.
2
; for example, 00A0C5000002
For wireless networks, there are two typical places to store the user names and passwords for
each user.
1.Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless
networks. These kinds of wireless devices might not have MAC addresses.
2.Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F.
50Chapter 4 Wireless LAN
• In the AP: this feature is called a local user database or a local database.
• In a RADIUS server: this is a server used in businesses more than in homes.
If your AP does not provide a local user database and if you do not have a RADIUS server,
you cannot set up user names and passwords for your users.
Unauthorized devices can still see the information that is sent in the wireless network, even if
they cannot use the wireless network. Furthermore, there are ways for unauthorized wireless
users to get a valid user name and password. Then, they can use that user name and password
to use the wireless network.
Local user databases also have an additional limitation that is explained in the next section.
4.2.4 Encryption
Wireless networks can use encryption to protect the information that is sent in the wireless
network. Encryption is like a secret code. If you do not know the secret code, you cannot
understand the message.
ZyXEL G-1000 v2 User’s Guide
The types of encryption you can choose depend on the type of authentication. (See Section
4.2.3 on page 50 for information about this.)
Table 14 Types of Encryption for Each Type of Authentication
No AuthenticationRADIUS Server
WeakestNoneIEEE 802.1x
Static WEPIEEE 802.1x + Static WEP
WPA-PSKWPA
StrongestWPA2-PSKWPA2
For example, if the wireless network has a RADIUS server, you can choose IEEE 802.1x,
IEEE 802.1x + Static WEP, IEEE 802.1x + Dynamic WEP, WPA or WPA2. If users do not
log in to the wireless network, you can choose no encryption, Static WEP, WPA-PSK, or
WPA2-PSK.
Usually, you should set up the strongest encryption that every device in the wireless network
supports. For example, suppose you have a wireless network with the G-1000 v2. The G-1000
v2 does not have a local user database, and you do not have a RADIUS server. Therefore,
there is no authentication. Suppose the wireless network has two devices. Device A only
supports WEP, and device B supports WEP and WPA. Therefore, you should set up Static WEP in the wireless network.
Chapter 4 Wireless LAN51
ZyXEL G-1000 v2 User’s Guide
Note: It is recommended that wireless networks use WPA-PSK, WPA, or stronger
encryption. IEEE 802.1x and WEP encryption are better than none at all, but it
is still possible for unauthorized wireless devices to figure out the original
information pretty quickly.
It is not possible to use WPA-PSK, WPA or stronger encryption with a local
user database. In this case, it is better to set up stronger encryption with no
authentication than to set up weaker encryption with the local user database.
When you select WPA2 or WPA2-PSK in your G-1000 v2, you can also select an option
(WPA compatible) to support WPA as well. In this case, if some of the devices support WPA
and some support WPA2, you should set up WPA2-PSK or WPA2 (depending on the type of
wireless network login) and select the WPA compatible option in the G-1000 v2.
Many types of encryption use a key to protect the information in the wireless network. The
longer the key, the stronger the encryption. Every device in the wireless network must have
the same key.
4.3 Additional Wireless Terms
The following table describes wireless network terms and acronyms used in the G-1000 v2.
Table 15 Additional Wireless Terms
TERMDESCRIPTION
Intra-BSS TrafficThis describes communication (through the AP) between two wireless clients
within a wireless network. You might disable this kind of communication to
enhance security within your wireless network.
RTS/CTS ThresholdIn a wireless network which covers a large area, wireless clients are
sometimes not aware of each other’s presence. This may cause them to send
information to the AP at the same time and result in information colliding and
not getting through.
By setting this value lower than the default value, the wireless clients must
sometimes get permission to send information to the AP. The lower the value,
the more often the wireless clients must get permission.
If this value is greater than the fragmentation threshold value (see below), then
wireless clients never have to get permission to send information to the AP.
PreambleA preamble affects the timing in your wireless network. There are two
preamble modes: long and short.Most wireless clients can detect the AP’s
preamble automatically. However, if a wireless client tries to use a different
preamble mode than the AP does, it cannot communicate with the AP.
Max. Frame BurstEnable this to improve the performance of pure IEEE 802.11g and mixed IEEE
802.11b/g networks. In pure IEEE 802.11g networks, set this to the maximum
value. In mixed networks, the higher the value, the higher the priority of IEEE
802.11g traffic.
Fragmentation
Threshold
RoamingIf you have two or more APs on your wireless network, you can enable this
A small fragmentation threshold is recommended for busy networks, while a
larger threshold provides faster performance if the network is not very busy.
option so that wireless clients can change locations without having to log in
again. This is useful for wireless clients, such as notebooks, that move around
a lot.
52Chapter 4 Wireless LAN
4.4 Wireless LAN Screen
Note: If you are configuring the G-1000 v2 from a computer connected to the wireless
LAN and you change the G-1000 v2’s SSID or WEP settings, you will lose your
wireless connection when you press Apply to confirm. You must then change
the wireless settings of your computer to match the G-1000 v2’s new settings.
Click Network > Wireless LAN to open the General screen.
Figure 15 Wireless LAN: General
ZyXEL G-1000 v2 User’s Guide
The following table describes the general wireless LAN labels in this screen.
Table 16 Wireless LAN: General
LABELDESCRIPTION
Wireless Setup
Name(SSID)(Service Set IDentity) The SSID identifies the Service Set with which a wireless
station is associated. Wireless stations associating to the access point (AP) must
have the same SSID. Enter a descriptive name (up to 32 printable 7-bit ASCII
characters) for the wireless LAN.
Note: If you are configuring the G-1000 v2 from a computer
connected to the wireless LAN and you change the G-1000 v2’s
SSID or WEP settings, you will lose your wireless connection
when you press Apply to confirm. You must then change the
wireless settings of your computer to match the G-1000 v2’s
new settings.
Hide SSIDSelect this check box to hide the SSID in the outgoing beacon frame so a station
cannot obtain the SSID through scanning using a site survey tool.
Channel
Selection
SecuritySee the rest of this chapter for information on the other labels in this screen.
Set the operating frequency/channel depending on your particular region.
Select a channel from the drop-down list box.
Chapter 4 Wireless LAN53
ZyXEL G-1000 v2 User’s Guide
Table 16 Wireless LAN: General
LABELDESCRIPTION
ApplyClick Apply to save your changes back to the G-1000 v2.
ResetClick Reset to reload the previous configuration for this screen.
See the rest of this chapter for information on the other labels in this screen.
4.4.1 No Security
Select No Security to allow wireless stations to communicate with the access points without
any data encryption.
Note: If you do not enable any wireless security on your G-1000 v2, your network is
accessible to any wireless networking device that is within range.
Figure 16 Wireless: No Security
The following table describes the labels in this screen.
Table 17 Wireless No Security
LABELDESCRIPTION
Security ModeChoose No Security from the drop-down list box.
ApplyClick Apply to save your changes back to the G-1000 v2.
CancelClick Cancel to reload the previous configuration for this screen.
54Chapter 4 Wireless LAN
4.4.2 WEP Encryption
WEP encryption scrambles the data transmitted between the wireless stations and the access
points to keep network communications private. It encrypts unicast and multicast
communications in a network. Both the wireless stations and the access points must use the
same WEP key.
Your G-1000 v2 allows you to configure up to four 64-bit, 128-bit or 256-bit WEP keys but
only one key can be enabled at any one time.
4.4.3 WEP Encryption Screen
In order to configure and enable WEP encryption; click Network > Wireless LAN to display
the General screen. Select Static WEP from the Security Mode list.
Figure 17 Wireless: Static WEP Encryption
ZyXEL G-1000 v2 User’s Guide
Chapter 4 Wireless LAN55
ZyXEL G-1000 v2 User’s Guide
The following table describes the wireless LAN security labels in this screen.
Table 18 Wireless: Static WEP Encryption
LABELDESCRIPTION
Security ModeChoose Static WEP from the drop-down list box.
PassphraseYou can generate or manually enter a WEP key by either:
Entering a Passphrase (up to 32 printable characters) and clicking Generate. The G1000 v2 automatically generates a WEP key.
Or
Entering a manual key in a Key field and selecting ASCII or Hex WEP key input
method.
WEP
Encryption
Authentication
Method
ASCII
HEX
Key 1 to Key 4 The WEP keys are used to encrypt data. Both the G-1000 v2 and the wireless stations
WEP
Encryption
WEP KeyThe WEP keys are used to encrypt data. Both the G-1000 v2 and the wireless stations
ApplyClick Apply to save your changes back to the G-1000 v2.
ResetClick Reset to reload the previous configuration for this screen.
Select 64-bit WEP, 128-bit WEP or 256-bit WEP to allow data encryption.
Select Auto, Open System or Shared Key.
Select this option in order to enter ASCII characters as the WEP keys.
Select this option to enter hexadecimal characters as the WEP keys.
The preceding “0x” is entered automatically.
must use the same WEP key for data transmission.
If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal
characters ("0-9", "A-F").
If you chose 128-bit WEP, then enter 13 ASCII characters or 26 hexadecimal
characters ("0-9", "A-F").
If you chose 256-bit WEP, then enter 29 ASCII characters or 58 hexadecimal
characters ("0-9", "A-F").
You must configure all four keys, but only one key can be activated at any one time.
The default key is key 1.
must use the same WEP key for data transmission.
If you want to manually set the WEP key, enter any 5, 13 or 29 characters (ASCII
string) or 10, 26 or 58 hexadecimal characters ("0-9", "A-F") for a 64-bit, 128-bit or
256-bit WEP key respectively.
4.4.4 WPA(2)-PSK
In order to configure and enable WPA(2)-PSK authentication; click Network > Wireless
LAN to display the General screen. Select WPA-PSK or WPA2-PSK from the Security
Mode list.
56Chapter 4 Wireless LAN
Figure 18 Wireless: WPA(2)-PSK
ZyXEL G-1000 v2 User’s Guide
The following table describes the wireless LAN security labels in this screen.
Table 19 Wireless: WPA(2)-PSK
LABELDESCRIPTION
Security ModeChoose WPA-PSK or WPA2-PSK from the drop-down list box.
WPA CompatibleThis check box is available only when you select WPA2-PSK or WPA2 in the
Pre-Shared Key The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same.
ReAuthentication
Timer (In
Seconds)
Security Mode field.
Select the check box to have both WPA2 and WPA wireless clients be able to
communicate with the G-1000 v2 even when the G-1000 v2 is using WPA2-PSK or
WPA2.
The only difference between the two is that WPA(2)-PSK uses a simple common
password, instead of user-specific credentials.
Type a pre-shared key from 8 to 63 case-sensitive ASCII characters (including
spaces and symbols).
Specify how often wireless stations have to resend usernames and passwords in
order to stay connected. Enter a time interval between 10 and 9999 seconds. The
default time interval is 1800 seconds (30 minutes).
Note: If wireless station authentication is done using a RADIUS
server, the reauthentication timer on the RADIUS server has
priority.
Idle Timeout (In
Seconds)
The G-1000 v2 automatically disconnects a wireless station from the wired network
after a period of inactivity. The wireless station needs to enter the username and
password again before access to the wired network is allowed. The default time
interval is 3600 seconds (or 1 hour).
Chapter 4 Wireless LAN57
ZyXEL G-1000 v2 User’s Guide
Table 19 Wireless: WPA(2)-PSK
LABELDESCRIPTION
Group Key Update
Timer (In
Seconds)
ApplyClick Apply to save your changes back to the G-1000 v2.
ResetClick Reset to reload the previous configuration for this screen.
The Group Key Update Timer is the rate at which the AP (if using WPA(2)-PSK
key management) or RADIUS server (if using WPA(2) key management) sends a
new group key out to all clients. The re-keying process is the WPA(2) equivalent of
automatically changing the WEP key for an AP and all stations in a WLAN on a
periodic basis. Setting of the Group Key Update Timer is also supported in
WPA(2)-PSK mode. The G-1000 v2 default is 1800 seconds (30 minutes).
4.4.5 WPA(2) Authentication Screen
In order to configure and enable WPA(2) Authentication; click the Wireless LAN link under
Network to display the Wireless screen. Select WPA or WPA2 from the Security Mode list.
Figure 19 Wireless: WPA(2)
58Chapter 4 Wireless LAN
ZyXEL G-1000 v2 User’s Guide
The following table describes the wireless LAN security labels in this screen.
Table 20 Wireless: WPA(2)
LABELDESCRIPTION
WPA CompatibleThis check box is available only when you select WPA2-PSK or WPA2 in the
Security Mode field.
Select the check box to have both WPA2 and WPA wireless clients be able to
communicate with the G-1000 v2 even when the G-1000 v2 is using WPA2-PSK
or WPA2.
ReAuthentication
Timer (In Seconds)
Specify how often wireless stations have to resend usernames and passwords in
order to stay connected. Enter a time interval between 10 and 9999 seconds. The
default time interval is 1800 seconds (30 minutes).
Note: If wireless station authentication is done using a RADIUS
server, the reauthentication timer on the RADIUS server
has priority.
Idle Timeout (In
Seconds)
Group Key Update
Timer (In Seconds)
Authentication Server
IP AddressEnter the IP address of the external authentication server in dotted decimal
Port NumberEnter the port number of the external authentication server. The default port
Shared SecretEnter a password (up to 31 alphanumeric characters) as the key to be shared
Accounting Server (optional)
ActiveSelect Yes from the drop down list box to enable user accounting through an
IP AddressEnter the IP address of the external accounting server in dotted decimal notation.
Port NumberEnter the port number of the external accounting server. The default port number
Shared SecretEnter a password (up to 31 alphanumeric characters) as the key to be shared
ApplyClick Apply to save your changes back to the G-1000 v2.
ResetClick Reset to reload the previous configuration for this screen.
The G-1000 v2 automatically disconnects a wireless station from the wired
network after a period of inactivity. The wireless station needs to enter the
username and password again before access to the wired network is allowed.
The default time interval is 3600 seconds (or 1 hour).
The Group Key Update Timer is the rate at which the AP (if using WPA(2)-PSK
key management) or RADIUS server (if using WPA(2) key management) sends a
new group key out to all clients. The re-keying process is the WPA(2) equivalent
of automatically changing the WEP key for an AP and all stations in a WLAN on a
periodic basis. Setting of the Group Key Update Timer is also supported in
WPA(2)-PSK mode. The G-1000 v2 default is 1800 seconds (30 minutes).
notation.
number is 1812.
You need not change this value unless your network administrator instructs you
to do so with additional information.
between the external authentication server and the G-1000 v2.
The key must be the same on the external authentication server and your G-1000
v2. The key is not sent over the network.
external authentication server.
is 1813.
You need not change this value unless your network administrator instructs you
to do so with additional information.
between the external accounting server and the G-1000 v2.
The key must be the same on the external accounting server and your G-1000
v2. The key is not sent over the network.
Chapter 4 Wireless LAN59
ZyXEL G-1000 v2 User’s Guide
4.5 MAC Filter
The MAC filter screen allows you to configure the G-1000 v2 to give exclusive access to up to
32 devices (Allow) or exclude up to 32 devices from accessing the G-1000 v2 (Deny). Every
Ethernet device has a unique MAC (Media Access Control) address. The MAC address is
assigned at the factory and consists of six pairs of hexadecimal characters, for example,
00:A0:C5:00:00:02. You need to know the MAC address of the devices to configure this
screen.
To change your G-1000 v2’s MAC filter settings, click Network > Wireless LAN > MAC Filter. The screen appears as shown.
Figure 20 MAC Address Filter
60Chapter 4 Wireless LAN
ZyXEL G-1000 v2 User’s Guide
The following table describes the labels in this menu.
Table 21 MAC Address Filter
LABELDESCRIPTION
Active Select the check box to enable MAC address filtering.
Filter Action
Set
MAC Address
ApplyClick Apply to save your changes back to the G-1000 v2.
ResetClick Reset to reload the previous configuration for this screen.
Define the filter action for the list of MAC addresses in the MAC Address table.
Select Deny to block access to the G-1000 v2, MAC addresses not listed will be
allowed to access the G-1000 v2
Select Allow to permit access to the G-1000 v2, MAC addresses not listed will be
denied access to the G-1000 v2.
This is the index number of the MAC address.
Enter the MAC addresses of the wireless station that are allowed or denied access to
the G-1000 v2 in these address fields. Enter the MAC addresses in a valid MAC
address format, that is, six hexadecimal character pairs, for example,
12:34:56:78:9a:bc.
4.6 Wireless LAN Advanced Setup
To configure advanced wireless settings, click Network > Wireless LAN > Advanced. The
screen appears as shown.
Figure 21 Wireless LAN: Advanced
Chapter 4 Wireless LAN61
ZyXEL G-1000 v2 User’s Guide
The following table describes the labels in this screen.
Table 22 Wireless LAN: Advanced
LABELDESCRIPTION
Roaming Configuration
Enable
Roaming
Select this checkbox to enable roaming on the G-1000 v2 if you have two or more G1000 v2s on the same subnet.
Note: All APs on the same subnet and the wireless stations must
PortEnter the port number to communicate roaming information between APs. The port
number must be the same on all APs. The default is 3517. Make sure this port is not
used by other services.
Wireless Advanced Setup
RTS/CTS
Threshold
Fragmentation
Threshold
Enable IntraBSS Traffic
Enable
Breathing LED
Number of
Wireless
Stations
Allowed
802.11 ModeSelect 802.11b Only to allow only IEEE 802.11b compliant WLAN devices to
ApplyClick Apply to save your changes back to the G-1000 v2.
ResetClick Reset to reload the previous configuration for this screen.
Enter a value between 0 and 2432. If you select the Enable 802.11g+ mode
checkbox, this field is grayed out and the G-1000 v2 uses 4096 automatically.
It is the maximum data fragment size that can be sent. Enter a value between 256 and
2432. If you select the Enable 802.11g+ mode checkbox, this field is grayed out and
the G-1000 v2 uses 4096 automatically.
Intra-BSS traffic is traffic between wireless stations in the BSS (Basic Service Set).
Select this check box to enable Intra-BSS Traffic.
Select this check box to enable the Breathing LED, also known as the ZyAIR LED.
The blue ZyAIR LED is on when the G-1000 v2 is on and blinks (or breaths) when
data is being transmitted to/from its wireless stations.
Clear the check box to turn this LED off even when the G-1000 v2 is on and data is
being transmitted/received.
Enter a number from 1 to 32, to limit the number of wireless devices which can
communicate in your wireless network.
associate with the G-1000 v2.
Select 802.11g Only to allow only IEEE 802.11g compliant WLAN devices to
associate with the G-1000 v2.
Select Mixed to allow either IEEE802.11b or IEEE802.11g compliant WLAN devices
to associate with the G-1000 v2. The transmission rate of your G-1000 v2 might be
reduced.
have the same SSID to allow roaming.
62Chapter 4 Wireless LAN
This chapter describes how to configure your G-1000 v2 to interact with the wired network.
5.1 Configuring IP
To configure Internet connection, click Network > IP > Internet Connection. The screen
appears as shown.
Figure 22 Network: Internet Connection
ZyXEL G-1000 v2 User’s Guide
CHAPTER5
IP and DNS Screens
The following table describes the labels in this screen.
Table 23 Network: Internet Connection
LABELDESCRIPTION
IP Address Assignment
Get
automatically
from
DHCP
Use fixed IP
address
Chapter 5 IP and DNS Screens63
Select this option if your G-1000 v2 is using a dynamically assigned IP address
from a DHCP server each time.
Note: If you change the IP address of your G-1000 v2 or if an IP
address is assigned to the G-1000 v2 automatically, you can
access the device by using the new IP address or typing
“http://zyxelXXXX” (where XXXX are the last four digits of your
device’s MAC address) in your browser. The MAC address can
be found on the back label of your G-1000 v2.
Select this option if your G-1000 v2 is using a static IP address. When you select
this option, fill in the fields below.
ZyXEL G-1000 v2 User’s Guide
Table 23 Network: Internet Connection
LABELDESCRIPTION
IP AddressEnter the IP address of your G-1000 v2 in dotted decimal notation.
IP Subnet Mask Type the subnet mask.
Gateway IP
Address
ApplyClick Apply to save your changes back to the G-1000 v2.
ResetClick Reset to reload the previous configuration for this screen.
Type the IP address of the gateway. The gateway is an immediate neighbor of your
G-1000 v2 that will forward the packet to the destination. On the LAN, the gateway
must be a router on the same segment as your G-1000 v2; over the WAN, the
gateway must be the IP address of one of the remote nodes.
5.2 Configuring DNS
To configure DNS settings, click Network > IP > Advanced. The screen appears as shown.
Figure 23 Network: Advanced
The following table describes the labels in this screen.
Table 24 Network: Advanced
LABELDESCRIPTION
DNS Servers
First DNS
Server
Second DNS
Server
Third DNS
Server
64Chapter 5 IP and DNS Screens
Select From ISP if your DHCP server dynamically assigns DNS server information
(and the G-1000 v2's Ethernet IP address). The field to the right displays the (readonly) DNS server IP address that the DHCP assigns.
Select User-Defined if you have the IP address of a DNS server. Enter the DNS
server's IP address in the field to the right. If you chose User-Defined, but leave the
IP address set to 0.0.0.0, User-Defined changes to None after you click Apply. If you
set a second choice to User-Defined, and enter the same IP address, the second
User-Defined changes to None after you click Apply.
Select None if you do not want to configure DNS servers. If you do not configure a
DNS server, you must know the IP address of a machine in order to access it.
The default setting is None.
ZyXEL G-1000 v2 User’s Guide
Table 24 Network: Advanced
LABELDESCRIPTION
ApplyClick Apply to save your changes back to the G-1000 v2.
ResetClick Reset to reload the previous configuration for this screen.
Chapter 5 IP and DNS Screens65
ZyXEL G-1000 v2 User’s Guide
66Chapter 5 IP and DNS Screens
CHAPTER6
Remote Management
This chapter provides information on configuring remote management.
6.1 Remote Management Overview
Remote management allows you to determine which services/protocols can access which G1000 v2 interface (if any) from which computers.
Note: When you configure remote management to allow management from the WAN,
you still need to configure a firewall rule to allow access.
ZyXEL G-1000 v2 User’s Guide
Configuration
You may manage your G-1000 v2 from a remote location via:
• Internet (WAN only)
• ALL (LAN and WAN)
• LAN only,
• Neither (Disable).
Note: When you choose WAN only or LAN & WAN, you still need to configure a
firewall rule to allow access.
To disable remote management of a service, select Disable in the corresponding Access
Status field.
You may only have one remote management session running at a time. The G-1000 v2
automatically disconnects a remote management session of lower priority when another
remote management session of higher priority starts. The priorities for the different types of
remote management sessions are as follows.
1 Telnet
2 HTTP
6.1.1 Remote Management Limitations
Remote management over LAN or WAN will not work when:
• You have disabled that service in one of the remote management screens.
Chapter 6 Remote Management Configuration67
ZyXEL G-1000 v2 User’s Guide
• The IP address in the Secured Client IP field does not match the client IP address. If it
does not match, the G-1000 v2 will disconnect the session immediately.
• There is already another remote management session with an equal or higher priority
running. You may only have one remote management session running at one time.
• There is a firewall rule that blocks it.
6.1.2 System Timeout
There is a default system management idle timeout of five minutes (three hundred seconds).
The G-1000 v2 automatically logs you out if the management session remains idle for longer
than this timeout period. The management session does not time out when a statistics screen is
polling.
6.2 WWW
To change your G-1000 v2’s World Wide Web settings, click Advanced > Remote MGMT
to display the WWW screen.
Figure 24 Remote Management: WWW
The following table describes the labels in this screen.
Table 25 Remote Management: WWW
LABELDESCRIPTION
PortYou may change the server port number for a service if needed, however you must
use the same port number in order to use that service for remote management.
Server AccessSelect the interface(s) through which a computer may access the G-1000 v2 using
Secured Client IP
Address
this service.
A secured client is a “trusted” computer that is allowed to communicate with the G1000 v2 using this service.
Select All to allow any computer to access the G-1000 v2 using this service.
Choose Selected to just allow the computer with the IP address that you specify to
access the G-1000 v2 using this service.
68Chapter 6 Remote Management Configuration
Table 25 Remote Management: WWW
LABELDESCRIPTION
ApplyClick Apply to save your settings back to the G-1000 v2.
CancelClick Cancel to begin configuring this screen afresh.
6.3 Telnet
You can configure your G-1000 v2 for remote Telnet access as shown next. The administrator
uses Telnet from a computer on a remote network to access the G-1000 v2.
Figure 25 Telnet Configuration on a TCP/IP Network
ZyXEL G-1000 v2 User’s Guide
6.4 Configuring Telnet
Click Advanced > Remote MGMT > Tel ne t tab to display the screen as shown.
Chapter 6 Remote Management Configuration69
ZyXEL G-1000 v2 User’s Guide
Figure 26 Remote Management: Telnet
The following table describes the labels in this screen.
Table 26 Remote Management: Telnet
LABEL
PortYou may change the server port number for a service if needed, however you must
Server AccessSelect the interface(s) through which a computer may access the G-1000 v2 using
Secured Client IP
Address
ApplyClick Apply to save your customized settings and exit this screen.
CancelClick Cancel to begin configuring this screen afresh.
use the same port number in order to use that service for remote management.
this service.
A secured client is a “trusted” computer that is allowed to communicate with the G1000 v2 using this service.
Select All to allow any computer to access the G-1000 v2 using this service.
Choose Selected to just allow the computer with the IP address that you specify to
access the G-1000 v2 using this service.
6.5 Configuring FTP
You can upload and download the G-1000 v2’s firmware and configuration files using FTP,
please see the chapter on firmware and configuration file maintenance for details. To use this
feature, your computer must have an FTP client.
To change your G-1000 v2’s FTP settings, click Advanced > Remote MGMT > FTP tab.
The screen appears as shown.
DESCRIPTION
70Chapter 6 Remote Management Configuration
Figure 27 Remote Management: FTP
The following table describes the labels in this screen.
Table 27 Remote Management: FTP
LABELDESCRIPTION
ZyXEL G-1000 v2 User’s Guide
PortYou may change the server port number for a service if needed, however you must
Server AccessSelect the interface(s) through which a computer may access the G-1000 v2 using
Secured Client IP
Address
ApplyClick Apply to save your customized settings and exit this screen.
CancelClick Cancel to begin configuring this screen afresh.
6.6 SNMP
Simple Network Management Protocol (SNMP) is a protocol used for exchanging
management information between network devices. SNMP is a member of the TCP/IP
protocol suite. Your G-1000 v2 supports SNMP agent functionality, which allows a manager
station to manage and monitor the G-1000 v2 through the network. The G-1000 v2 supports
SNMP version one (SNMPv1) and version two (SNMPv2). The next figure illustrates an
SNMP management operation.
use the same port number in order to use that service for remote management.
this service.
A secured client is a “trusted” computer that is allowed to communicate with the G1000 v2 using this service.
Select All to allow any computer to access the G-1000 v2 using this service.
Choose Selected to just allow the computer with the IP address that you specify to
access the G-1000 v2 using this service.
Note: SNMP is only available if TCP/IP is configured.
Chapter 6 Remote Management Configuration71
ZyXEL G-1000 v2 User’s Guide
Figure 28 SNMP Management Model
An SNMP managed network consists of two main types of component: agents and a manager.
An agent is a management software module that resides in a managed device (the G-1000 v2).
An agent translates the local management information from the managed device into a form
compatible with SNMP. The manager is the console through which network administrators
perform network management functions. It executes applications that control and monitor
managed devices.
The managed devices contain object variables/managed objects that define each piece of
information to be collected about a device. Examples of variables include such as number of
packets received, node port status etc. A Management Information Base (MIB) is a collection
of managed objects. SNMP allows a manager and agents to communicate for the purpose of
accessing these objects.
SNMP itself is a simple request/response protocol based on the manager/agent model. The
manager issues a request and the agent returns responses using the following protocol
operations:
• Get - Allows the manager to retrieve an object variable from the agent.
• GetNext - Allows the manager to retrieve the next object variable from a table or list
within an agent. In SNMPv1, when a manager wants to retrieve all elements of a table
from an agent, it initiates a Get operation, followed by a series of GetNext operations.
• Set - Allows the manager to set values for object variables within an agent.
• Trap - Used by the agent to inform the manager of some events.
6.6.1 Supported MIBs
The G-1000 v2 supports MIB II that is defined in RFC-1213 and RFC-1215. The focus of the
MIBs is to let administrators collect statistical data and monitor status and performance.
72Chapter 6 Remote Management Configuration
6.6.2 SNMP Traps
The G-1000 v2 will send traps to the SNMP manager when any one of the following events
occurs:
Table 28 SNMP Traps
ZyXEL G-1000 v2 User’s Guide
TRAP #
0coldStart (defined in RFC-1215)A trap is sent after booting (power on).
1warmStart (defined in RFC-1215)A trap is sent after booting (software reboot).
6whyReboot (defined in ZYXEL-
6aFor intentional reboot:A trap is sent with the message "System reboot by
6bFor fatal error: A trap is sent with the message of the fatal code if the
TRAP NAMEDESCRIPTION
MIB)
6.6.3 Configuring SNMP
To change your G-1000 v2’s SNMP settings, click Advanced > Remote MGMT > SNMP.
The screen appears as shown.
A trap is sent with the reason of restart before
rebooting when the system is going to restart (warm
start).
user!" if reboot is done intentionally, (for example,
download new files, CI command "sys reboot", etc.).
system reboots because of fatal errors.
Chapter 6 Remote Management Configuration73
ZyXEL G-1000 v2 User’s Guide
Figure 29 Remote Management: SNMP
The following table describes the labels in this screen.
Table 29 Remote Management: SNMP
LABELDESCRIPTION
SNMP Configuration
Get CommunityEnter the Get Community, which is the password for the incoming Get and
Set CommunityEnter the Set community, which is the password for incoming Set requests
Trap CommunityType the trap community, which is the password sent with each trap to the
Trap DestinationType the IP address of the station to send your SNMP traps to.
SNMP
Service PortYou may change the server port number for a service if needed, however you
Server AccessSelect the interface(s) through which a computer may access the G-1000 v2
Secured Client IP
Address
ApplyClick Apply to save your customized settings and exit this screen.
CancelClick Cancel to begin configuring this screen afresh.
GetNext requests from the management station. The default is public and allows
all requests.
from the management station. The default is public and allows all requests.
SNMP manager. The default is public and allows all requests.
must use the same port number in order to use that service for remote
management.
using this service.
A secured client is a “trusted” computer that is allowed to communicate with the
G-1000 v2 using this service.
Select All to allow any computer to access the G-1000 v2 using this service.
Choose Selected to just allow the computer with the IP address that you specify
to access the G-1000 v2 using this service.
74Chapter 6 Remote Management Configuration
Use this screen to configure the G-1000 v2’s time and date settings.
7.1 General Setup
7.1.1 General Setup and System Name
General Setup contains administrative and system-related information. System Name is for
identification purposes. However, because some ISPs check this name you should enter your
computer's "Computer Name".
• In Windows 95/98 click Start, Settings, Control Panel, Network. Click the
Identification tab, note the entry for the Computer Name field and enter it as the System Name.
• In Windows 2000, click Start, Settings, Control Panel and then double-click System.
Click the Network Identification tab and then the Properties button. Note the entry for
the Computer name field and enter it as the System Name.
• In Windows XP, click start, My Computer, View system information and then click
the Computer Name tab. Note the entry in the Full computer name field and enter it as
the G-1000 v2 System Name.
ZyXEL G-1000 v2 User’s Guide
CHAPTER7
System
7.1.2 General Setup
The Domain Name entry is what is propagated to the DHCP clients on the LAN. If you leave
this blank, the domain name obtained by DHCP from the ISP is used. While you must enter
the host name (System Name), the domain name can be assigned from the G-1000 v2 via
DHCP.
Click Maintenance > System to open the General screen.
Chapter 7 System75
ZyXEL G-1000 v2 User’s Guide
Figure 30 System General Setup
The following table describes the labels in this screen.
Table 30 System General Setup
LABELDESCRIPTION
System Setup
System NameEnter a name to help you identify your ISP on the network. This is not a required
Domain NameEnter the domain name (if you know it) here. If you leave this field blank, the ISP
Administrator
Inactivity Timer
Password Setup
User PasswordType your current password. The default password is 1234.
New Password
Retype to
Confirm
ApplyClick Apply to save your changes back to the G-1000 v2.
CancelClick Cancel to begin configuring this screen afresh.
field and you can safely leave this field blank.
may assign a domain name via DHCP.
The domain name entered by you is given priority over the ISP assigned domain
name.
Type how many minutes a management session (either via the web configurator or
CLI (Command Line Interpreter)) can be left idle before the session times out. The
default is 5 minutes. After it times out you have to log in with your password again.
Very long idle timeouts may have security risks. A value of "0" means a
management session never times out, no matter how long it has been left idle (not
recommended).
Type your new password (up to 30 characters). Note that as you type a password,
the screen displays a (*) for each character you type. After you change the
password, use the new password to access the G-1000 v2.
Type the new password again for confirmation.
76Chapter 7 System
7.2 Time Setting
To change your G-1000 v2’s time and date, click Maintenance > System > Time Setting.
The screen appears as shown. Use this screen to configure the G-1000 v2’s time based on your
local time zone.
Figure 31 System Time Setting
ZyXEL G-1000 v2 User’s Guide
The following table describes the fields in this screen.
Table 31 System Time Setting
LABELDESCRIPTION
Current Time and
Date
Current Time This field displays the time of your G-1000 v2.
Each time you reload this page, the G-1000 v2 synchronizes the time with the time
server.
Current Date This field displays the date of your G-1000 v2.
Each time you reload this page, the G-1000 v2 synchronizes the date with the time
server.
Time and Date
Setup
ManualSelect this radio button to enter the time and date manually. If you configure a new
Chapter 7 System77
time and date, Time Zone and Daylight Saving at the same time, the new time and
date you entered has priority and the Time Zone and Daylight Saving settings do
not affect it.
ZyXEL G-1000 v2 User’s Guide
Table 31 System Time Setting (continued)
LABELDESCRIPTION
New Time
(hh:mm:ss)
New Date
(yyyy/mm/dd)
Get from Time
Server
Time Protocol Select the time service protocol that your time server uses. Not all time servers
Time Server
Address
Time Zone Setup
Time ZoneChoose the time zone of your location. This will set the time difference between
Enable Daylight
Savings
Start DateConfigure the day and time when Daylight Saving Time starts if you selected
This field displays the last updated time from the time server or the last time
configured manually.
When you set Time and Date Setup to Manual, enter the new time in this field
and then click Apply.
This field displays the last updated date from the time server or the last date
configured manually.
When you set Time and Date Setup to Manual, enter the new date in this field
and then click Apply.
Select this radio button to have the G-1000 v2 get the time and date from the time
server you specified below.
support all protocols, so you may have to check with your ISP/network
administrator or use trial and error to find a protocol that works.
The main difference between them is the format.
Daytime (RFC 867) format is day/month/year/time zone of the server.
Time (RFC 868) format displays a 4-byte integer giving the total number of
seconds since 1970/1/1 at 0:0:0.
The default, NTP (RFC 1305), is similar to Time (RFC 868).
Enter the IP address or URL (up to 20 extended ASCII characters in length) of
your time server. Check with your ISP/network administrator if you are unsure of
this information.
your time zone and Greenwich Mean Time (GMT).
Daylight saving is a period from late spring to early fall when many countries set
their clocks ahead of normal local time by one hour to give more daytime light in
the evening.
Select this option if you use Daylight Saving Time.
Enable Daylight Saving. The o'clock field uses the 24 hour format. Here are a
couple of examples:
Daylight Saving Time starts in most parts of the United States on the first Sunday
of April. Each time zone in the United States starts using Daylight Saving Time at
2 A.M. local time. So in the United States you would select First, Sunday, April
and type 2 in the o'clock field.
Daylight Saving Time starts in the European Union on the last Sunday of March.
All of the time zones in the European Union start using Daylight Saving Time at
the same moment (1 A.M. GMT or UTC). So in the European Union you would
select Last, Sunday, March. The time you type in the o'clock field depends on
your time zone. In Germany for instance, you would type 2 because Germany's
time zone is one hour ahead of GMT or UTC (GMT+1).
78Chapter 7 System
ZyXEL G-1000 v2 User’s Guide
Table 31 System Time Setting (continued)
LABELDESCRIPTION
End DateConfigure the day and time when Daylight Saving Time ends if you selected
Enable Daylight Saving. The o'clock field uses the 24 hour format. Here are a
couple of examples:
Daylight Saving Time ends in the United States on the last Sunday of October.
Each time zone in the United States stops using Daylight Saving Time at 2 A.M.
local time. So in the United States you would select Last, Sunday, October and
type 2 in the o'clock field.
Daylight Saving Time ends in the European Union on the last Sunday of October.
All of the time zones in the European Union stop using Daylight Saving Time at the
same moment (1 A.M. GMT or UTC). So in the European Union you would select
Last, Sunday, October. The time you type in the o'clock field depends on your
time zone. In Germany for instance, you would type 2 because Germany's time
zone is one hour ahead of GMT or UTC (GMT+1).
ApplyClick Apply to save your changes back to the G-1000 v2.
CancelClick Cancel to begin configuring this screen afresh.
Chapter 7 System79
ZyXEL G-1000 v2 User’s Guide
80Chapter 7 System
This chapter contains information about configuring general log settings and viewing the G1000 v2’s logs. Refer to the appendix for example log message explanations.
8.1 Logs Overview
The web configurator allows you to choose which categories of events and/or alerts to have
the G-1000 v2 log and then display the logs or have the G-1000 v2 send them to an
administrator (as e-mail) or to a syslog server.
8.1.1 Alerts and Logs
ZyXEL G-1000 v2 User’s Guide
CHAPTER8
Logs
An alert is a type of log that warrants more serious attention. They include system errors,
attacks (access control) and attempted access to blocked web sites. Some categories such as
System Errors consist of both logs and alerts. You may differentiate them by their color in the
View Log screen. Alerts display in red and logs display in black.
8.2 Viewing the Logs
Click Maintenance > Logs to open the View Log screen. Use the View Log screen to see the
logs for the categories that you selected in the Log Settings screen (see “Configuring Log
Settings” on page 82).
Log entries in red indicate alerts. The log wraps around and deletes the old entries after it fills.
Click a column heading to sort the entries. A triangle indicates ascending or descending sort
order.
Figure 32 View Log
Chapter 8 Logs81
ZyXEL G-1000 v2 User’s Guide
The following table describes the fields in this screen.
Table 32 View Log
LABELDESCRIPTION
Display The categories that you select in the Log Settings screen display in the drop-down
list box.
Select a category of logs to view; select All Logs to view logs from all of the log
categories that you selected in the Log Settings page.
Time This field displays the time the log was recorded.
MessageThis field states the reason for the log.
SourceThis field lists the source IP address and the port number of the incoming packet.
Destination This field lists the destination IP address and the port number of the incoming
packet.
NotesThis field displays additional information about the log entry.
Email Log Now Click Email Log Now to send the log screen to the e-mail address specified in the
Log Settings page (make sure that you have first filled in the E-mail Log Settings
fields in Log Settings).
RefreshClick Refresh to renew the log screen.
Clear Log Click Clear Log to delete all the logs.
8.3 Configuring Log Settings
Use the Log Settings screen to configure to where the G-1000 v2 is to send logs; the schedule
for when the G-1000 v2 is to send the logs and which logs and/or immediate alerts the G-1000
v2 is to record. See “Logs Overview” on page 81 for more information.
To change your G-1000 v2’s log settings, click Maintenance > Logs > Log Settings. The
screen appears as shown.
Alerts are e-mailed as soon as they happen. Logs may be e-mailed as soon as the log is full.
Selecting many alert and/or log categories (especially Access Control) may result in many emails being sent.
82Chapter 8 Logs
Figure 33 Log Settings
ZyXEL G-1000 v2 User’s Guide
The following table describes the fields in this screen.
Table 33 Log Settings
LABELDESCRIPTION
E-mail Log Settings
Mail Server Enter the server name or the IP address of the mail server for the e-mail addresses
Mail SubjectType a title that you want to be in the subject line of the log e-mail message that the
Send Log To The G-1000 v2 sends logs to the e-mail address specified in this field. If this field is
Send Alerts To Alerts are real-time notifications that are sent as soon as an event, such as a DoS
SMTP
Authentication
User NameEnter the user name (up to 31 characters) (usually the user name of a mail account).
specified below. If this field is left blank, logs and alert messages will not be sent via
E-mail.
G-1000 v2 sends. Not all G-1000 v2 models have this field.
left blank, the G-1000 v2 does not send logs via e-mail.
attack, system error, or forbidden web access attempt occurs. Enter the E-mail
address where the alert messages will be sent. Alerts include system errors, attacks
and attempted access to blocked web sites. If this field is left blank, alert messages
will not be sent via E-mail.
SMTP (Simple Mail Transfer Protocol) is the message-exchange standard for the
Internet. SMTP enables you to move messages from one e-mail server to another.
Select the check box to activate SMTP authentication. If mail server authentication is
needed but this feature is disabled, you will not receive the e-mail logs.
Chapter 8 Logs83
ZyXEL G-1000 v2 User’s Guide
Table 33 Log Settings
LABELDESCRIPTION
PasswordEnter the password associated with the user name above.
Log ScheduleThis drop-down menu is used to configure the frequency of log messages being sent
Day for Sending
Log
Time for Sending
Log
Clear log after
sending mail
Syslog LoggingThe G-1000 v2 sends a log to an external syslog server.
ActiveClick Active to enable syslog logging.
Syslog Server IP
Address
Log Facility Select a location from the drop down list box. The log facility allows you to log the
Active Log and
Alert
LogSelect the categories of logs that you want to record.
Send Immediate
Alert
ApplyClick Apply to save your customized settings and exit this screen.
CancelClick Cancel to return to the previously saved settings.
as E-mail:
•Daily
•Weekly
•Hourly
•When Log is Full
•None.
If you select Weekly or Daily, specify a time of day when the E-mail should be sent.
If you select Weekly, then also specify which day of the week the E-mail should be
sent. If you select When Log is Full, an alert is sent when the log fills up. If you
select None, no log messages are sent.
Use the drop down list box to select which day of the week to send the logs.
Enter the time of the day in 24-hour format (for example 23:00 equals 11:00 pm) to
send the logs.
Select the checkbox to delete all the logs after the G-1000 v2 sends an E-mail of the
logs.
Enter the server name or IP address of the syslog server that will log the selected
categories of logs.
messages to different files in the syslog server. Refer to the syslog server manual for
more information.
Select log categories for which you want the G-1000 v2 to send E-mail alerts
immediately.
8.4 SMTP Error Messages
The following table lists common SMTP errors.
Table 34 SMTP Error Messages
-1 means G-1000 v2 out of socket
-2 means tcp SYN fail
-3 means smtp server OK fail
-4 means HELO fail
-5 means MAIL FROM fail
84Chapter 8 Logs
Table 34 SMTP Error Messages
-6 means RCPT TO fail
-7 means DATA fail
-8 means mail data send fail
ZyXEL G-1000 v2 User’s Guide
Chapter 8 Logs85
ZyXEL G-1000 v2 User’s Guide
86Chapter 8 Logs
This chapter describes how to upload new firmware, manage configuration and restart your G1000 v2.
9.1 Firmware Upgrade
Find firmware at www.zyxel.com in a file that (usually) uses the system model name with
a.bin extension, for example, "G-1000 v2.bin". The upload process uses HTTP (Hypertext
Transfer Protocol) and may take up to two minutes. After a successful upload, the system will
reboot.
Only use firmware for your device’s specific model. Refer to the label on the bottom of your
device.
ZyXEL G-1000 v2 User’s Guide
CHAPTER9
Tools
Click Maintenance > Tools to open the Firmware screen. Follow the instructions in this
screen to upload firmware to your G-1000 v2.
Figure 34 Firmware Upgrade
The following table describes the labels in this screen.
Table 35 Firmware Upgrade
LABELDESCRIPTION
File Path Type in the location of the file you want to upload in this field or click Browse ... to
find it.
Browse... Click Browse... to find the .bin file you want to upload. Remember that you must
Upload Click Upload to begin the upload process. This process may take up to two
decompress compressed (.zip) files before you can upload them.
minutes.
Note: Do NOT turn off the G-1000 v2 while firmware upload is in progress!
Chapter 9 Tools87
ZyXEL G-1000 v2 User’s Guide
After you see the Firmware Upload in Progress screen, wait two minutes before logging into
the G-1000 v2 again.
Figure 35 Firmware Upload In Progress
The G-1000 v2 automatically restarts in this time causing a temporary network disconnect. In
some operating systems, you may see the following icon on your desktop.
Figure 36 Network Temporarily Disconnected
After two minutes, log in again and check your new firmware version in the Status screen.
If the upload was not successful, the following screen will appear. Click Return to go back to
the Firmware screen.
Figure 37 Error Message
88Chapter 9 Tools
9.2 Configuration Screen
Click Maintenance > Tools > Configuration. Information related to factory defaults, backup
configuration, and restoring configuration appears as shown next.
Figure 38 Configuration
ZyXEL G-1000 v2 User’s Guide
9.2.1 Backup Configuration
Backup configuration allows you to back up (save) the G-1000 v2’s current configuration to a
file on your computer. Once your G-1000 v2 is configured and functioning properly, it is
highly recommended that you back up your configuration file before making configuration
changes. The backup configuration file will be useful in case you need to return to your
previous settings.
Click Backup to save the G-1000 v2’s current configuration to your computer
9.2.2 Restore Configuration
Restore configuration allows you to upload a new or previously saved configuration file from
your computer to your G-1000 v2.
Table 36 Maintenance Restore Configuration
LABELDESCRIPTION
File Path Type in the location of the file you want to upload in this field or click Browse... to find
it.
Browse... Click Browse... to find the file you want to upload. Remember that you must
decompress compressed (.ZIP) files before you can upload them.
Upload Click Upload to begin the upload process.
Note: Do not turn off the G-1000 v2 while configuration file upload is in progress
Chapter 9 Tools89
ZyXEL G-1000 v2 User’s Guide
After you see a “Restore Configuration successful” screen, you must then wait one minute
before logging into the G-1000 v2 again.
Figure 39 Configuration Restore Successful
The G-1000 v2 automatically restarts in this time causing a temporary network disconnect. In
some operating systems, you may see the following icon on your desktop.
Figure 40 Temporarily Disconnected
If you uploaded the default configuration file you may need to change the IP address of your
computer to be in the same subnet as that of the default G-1000 v2 IP address (192.168.1.2).
See the appendix for details on how to set up your computer’s IP address.
If the upload was not successful, the following screen will appear. Click Return to go back to
the Configuration screen.
Figure 41 Configuration Restore Error
9.2.3 Back to Factory Defaults
Pressing the Reset button in this section clears all user-entered configuration information and
returns the G-1000 v2 to its factory defaults.
90Chapter 9 Tools
You can also press the RESET button on the rear panel to reset the factory defaults of your G1000 v2. Refer to the chapter about introducing the web configurator for more information on
the RESET button.
9.3 Restart
System restart allows you to reboot the G-1000 v2 without turning the power off.
Click Maintenance > Tools > Restart. Click Restart to have the G-1000 v2 reboot. This does
not affect the G-1000 v2's configuration.
Figure 42 Restart Screen
ZyXEL G-1000 v2 User’s Guide
Chapter 9 Tools91
ZyXEL G-1000 v2 User’s Guide
92Chapter 9 Tools
ZyXEL G-1000 v2 User’s Guide
CHAPTER10
Introducing the SMT
This chapter describes how to access the SMT and provides an overview of its menus.
10.1 Connect to your G-1000 v2 Using Telnet
The following procedure details how to telnet into your G-1000 v2.
1 In Windows, click Start (usually in the bottom left corner), Run and then type “telnet
192.168.1.2” (the default IP address) and click OK.
2 For your first login, enter the default password “1234”. As you type the password, the
screen displays an asterisk “*” for each character you type.
Figure 43 Login Screen
Password: xxxx
3 After entering the password you will see the main menu.
Please note that if there is no activity for longer than five minutes (default timeout period)
after you log in, your G-1000 v2 will automatically log you out. You will then have to telnet
into the G-1000 v2 again. You can use the web configurator or the CI commands to change the
inactivity time out period.
10.2 Changing the System Password
Change the G-1000 v2 default password by following the steps shown next.
1 From the main menu, enter 23 to display Menu 23 – System Security.
2 Enter 1 to display Menu 23.1 – System Security – Change Password as shown next.
3 Type your existing system password in the Old Password field, and press [ENTER].
Figure 44 Menu 23.1 System Security: Change Password
Menu 23.1 - System Security - Change Password
Old Password= ?
New Password= ?
Retype to confirm= ? Menu 23.1 - System
Chapter 10 Introducing the SMT93
ZyXEL G-1000 v2 User’s Guide
4 Type your new system password in the New Password field (up to 30 characters), and
press [ENTER].
5 Re-type your new system password in the Retype to confirm field for confirmation and
press [ENTER].
Note that as you type a password, the screen displays an asterisk “*” for each character you
type.
10.3 G-1000 v2 SMT Menus Overview
The following table gives you an overview of your G-1000 v2’s various SMT menus.
Table 37 SMT Menus Overview
MENUSSUB MENUS
1 General Setup1.1 Configure Dynamic DNS
3 LAN Setup3.2 TCP/IP Setup
3.5 Wireless LAN Setup3.5.1 WLAN MAC Address
Filter
3.5.2 Roaming Configuration
22 SNMP Configuration
23 System Security23.1 Change Password
23.2 RADIUS Server
23.4 IEEE 802.1X
24 System Maintenance 24.1 Status
24.2 System Information and Console
Port Speed
24.3 Log and Trace24.3.2 Syslog Logging
24.4 Diagnostic
24.5 Backup Configuration
24.6 Restore Configuration
24.7 Upload Firmware24.7.1 Upload System
24.8 Command Interpreter Mode
24.10 Time and Date Setting
24.11 Remote Management Control
24.2.1 Information
24.2.2 Change Console Port
Speed
Firmware
24.7.2 Upload System
Configuration File
94Chapter 10 Introducing the SMT
10.4 Navigating the SMT Interface
The SMT (System Management Terminal) is the interface that you use to configure your G1000 v2. Several operations that you should be familiar with before you attempt to modify the
configuration are listed in the table below.
Table 38 Main Menu Commands
OPERATIONKEYSTROKEDESCRIPTION
ZyXEL G-1000 v2 User’s Guide
Move down to
another menu
Move up to a
previous menu
Move to a “hidden”
menu
Move the cursor[ENTER] or [UP]/
Entering information Type in or press
Required fields<?> or ChangeMeAll fields with the symbol <?> must be filled in order to be
N/A fields<N/A>Some of the fields in the SMT will show a <N/A>. This
Save your
configuration
Exit the SMTType 99, then press
[ENTER]To move forward to a submenu, type in the number of the
desired submenu and press [ENTER].
[ESC]Press [ESC] to move back to the previous menu.
Press [SPACE BAR]
to change No to Yes
then press [ENTER].
[DOWN] arrow keys.
[SPACE BAR], then
press [ENTER].
[ENTER]Save your configuration by pressing [ENTER] at the
[ENTER].
Fields beginning with “Edit” lead to hidden menus and
have a default setting of No. Press [SPACE BAR] once to
change No to Yes, then press [ENTER] to go to the
“hidden” menu.
Within a menu, press [ENTER] to move to the next field.
You can also use the [UP]/[DOWN] arrow keys to move to
the previous and the next field, respectively.
You need to fill in two types of fields. The first requires you
to type in the appropriate information. The second allows
you to cycle through the available choices by pressing
[SPACE BAR].
able to save the new configuration.
All fields with ChangeMe must not be left blank in order to
be able to save the new configuration.
symbol refers to an option that is Not Applicable.
message “Press ENTER to confirm or ESC to cancel”.
Saving the data on the screen will take you, in most cases
to the previous menu.
Type 99 at the main menu prompt and press [ENTER] to
exit the SMT interface.
After you enter the password, the SMT displays the main menu, as shown next.
1General SetupUse this menu to set up your general information.
3LAN SetupUse this menu to set up your LAN and WLAN connection.
22SNMP Configuration Use this menu to set up SNMP related parameters.
23System SecurityUse this menu to change your password and enable network user
24System MaintenanceThis menu provides system status, diagnostics, software upload, etc.
99ExitUse this to exit from SMT and return to a blank screen.
authentication.
96Chapter 10 Introducing the SMT
ZyXEL G-1000 v2 User’s Guide
CHAPTER11
General Setup
The chapter shows you the information on general setup.
Menu 1 – General Setup contains administrative and system-related information (shown
next). The System Name field is for identification purposes. It is recommended you type your
computer's "Computer name".
The DomainName entry is what is propagated to the DHCP clients on the LAN. While you
must enter the host name (System Name) on each individual computer, the domain name can
be assigned from the G-1000 v2 via DHCP.
Enter 1 in the Main Menu to open Menu 1 – General Setup as shown next.
Figure 46 Menu 1 General Setup
Menu 1 - General Setup
System Name= G1000v2
Domain Name=
First System DNS Server= None
IP Address= N/A
Second System DNS Server= None
IP Address= N/A
Third System DNS Server= None
IP Address= N/A
Fill in the required fields. Refer to the following table for more information about these fields.
Table 40 Menu 1 General Setup
FIELDDESCRIPTION
System NameChoose a descriptive name for identification purposes. This name can be up to
30 alphanumeric characters long. Spaces are not allowed, but dashes “-” and
underscores "_" are accepted.
Domain NameThis is not a required field. Leave this field blank or enter the domain name
here if you know it.
First/Second/Third
System DNS Server
Press [SPACE BAR] to select From DHCP, User Defined or None and press
[ENTER].
These fields are not available on all models.
Chapter 11 General Setup97
ZyXEL G-1000 v2 User’s Guide
Table 40 Menu 1 General Setup
FIELDDESCRIPTION
IP AddressEnter the IP addresses of the DNS servers. This field is available when you
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to
save your configuration, or press [
select User-Defined in the field above.
ESC] at any time to cancel.
98Chapter 11 General Setup
This chapter shows you how to configure the LAN on your G-1000 v2.
12.1 LAN Setup
This section describes how to configure the Ethernet using Menu 3 –LAN Setup. From the
main menu, enter 3 to display menu 3.
Figure 47 Menu 3 LAN Setup
ZyXEL G-1000 v2 User’s Guide
CHAPTER12
LAN Setup
Menu 3 - LAN Setup
2. TCP/IP Setup
5. Wireless LAN Setup
Enter Menu Selection Number:
Detailed explanation about the LAN Setup menu is given in the next chapter.
12.2 TCP/IP Ethernet Setup
Use menu 3.2 to configure your G-1000 v2 for TCP/IP.
To edit menu 3.2, enter 3 from the main menu to display Menu 3-LAN Setup. When menu 3
appears, press 2 and press [ENTER] to display Menu 3.2-TCP/IP Setup, as shown next
Figure 48 Menu 3.2 TCP/IP Setup
Menu 3.2 - TCP/IP Setup
IP Address Assignment= Static
IP Address= 192.168.1.2
IP Subnet Mask= 255.255.255.0
Gateway IP Address= 0.0.0.0
:
Chapter 12 LAN Setup99
ZyXEL G-1000 v2 User’s Guide
Follow the instructions in the following table on how to configure the fields in this menu.
Table 41 Menu 3.2 TCP/IP Setup
FIELDDESCRIPTION
IP Address
Assignment
IP AddressEnter the (LAN) IP address of your G-1000 v2 in dotted decimal notation
IP Subnet MaskYour G-1000 v2 will automatically calculate the subnet mask based on the IP
Gateway IP
Address
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to
save your configuration, or press [
Press [SPACE BAR] and then [ENTER] to select Dynamic to have the G-1000 v2
obtain an IP address from a DHCP server. You must know the IP address assigned
to the G-1000 v2 (by the DHCP server) to access the G-1000 v2 again.
Select Static to give the G-1000 v2 a fixed, unique IP address. Enter a subnet mask
appropriate to your network and the gateway IP address if applicable.
address that you assign. Unless you are implementing subnetting, use the subnet
mask computed by the G-1000 v2.
Type the IP address of the gateway. The gateway is an immediate neighbor of your
G-1000 v2 that will forward the packet to the destination. On the LAN, the gateway
must be a router on the same network segment as your G-1000 v2.
12.3 Wireless LAN Setup
Use menu 3.5 to set up your G-1000 v2 as the wireless access point. To edit menu 3.5, enter 3
from the main menu to display Menu 3 – LAN Setup. When menu 3 appears, press 5 and then
press [ENTER] to display Menu 3.5 – Wireless LAN Setup as shown next.
Figure 49 Menu 3.5 Wireless LAN Setup
ESC] at any time to cancel.
Menu 3.5 - Wireless LAN Setup
ESSID= ZyXEL
Hide ESSID= No
Channel ID= CH06 2437MHz Edit MAC Address Filter= No
RTS Threshold= 2432 Edit Roaming Configuration= No
Frag. Threshold= 2432 Breathing LED= No
WEP Encryption= 64-bit WEP
Default Key= 1 802.11 Mode= Mixed
Key1= ******** Output Power= 17 dBm
Key2= ******** Block Intra-BSS Traffic= No
Key3= ********
Key4= ********
Authen. Method= Auto
Press ENTER to Confirm or ESC to Cancel:
Note: In the SMT, the ESSID is referred to as SSID. Both of them refer to the same ID
for the G-1000 v2.
100Chapter 12 LAN Setup
Loading...
+ hidden pages
You need points to download manuals.
1 point = 1 manual.
You can buy points or you can get point for every manual you upload.