ZyAIR G-2000 Plus
802.11g Wireless 4-port Router
User’s Guide
Version 3.60
4/2005
ZyAIR G-2000 Plus User’s Guide
Copyright
Copyright © 2005 by ZyXEL Communications Corporation.
The contents of this publication may not be reproduced in any part or as a whole, transcribed,
stored in a retrieval system, translated into any language, or transmitted in any form or by any
means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or
otherwise, without the prior written permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or
software described herein. Neither does it convey any license under its patent rights nor the
patent rights of others. ZyXEL further reserves the right to make changes in any products
described herein without notice. This publication is subject to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL
Communications, Inc. Other trademarks mentioned in this publication are used for
identification purposes only and may be properties of their respective owners.
Copyright 2
ZyAIR G-2000 Plus User’s Guide
Federal Communications
Commission (FCC) Interference
Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two
conditions:
• This device may not cause harmful interference.
• This device must accept any interference received, including interference that may cause
undesired operations.
This equipment has been tested and found to comply with the limits for a Class B digital
device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable
protection against harmful interference in a commercial environment. This equipment
generates, uses, and can radiate radio frequency energy, and if not installed and used in
accordance with the instructions, may cause harmful interference to radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be
determined by turning the equipment off and on, the user is encouraged to try to correct the
interference by one or more of the following measures:
• Reorient or relocate the receiving antenna.
• Increase the separation between the equipment and the receiver.
• Connect the equipment into an outlet on a circuit different from that to which the receiver
is connected.
• Consult the dealer or an experienced radio/TV technician for help.
Notice 1
Changes or modifications not expressly approved by the party responsible for compliance
could void the user's authority to operate the equipment.
Certifications
Go to www.zyxel.com
1 Select your product from the drop-down list box on the ZyXEL home page to go to that
product's page.
2 Select the certification you wish to view from this page
3 Federal Communications Commission (FCC) Interference Statement
ZyAIR G-2000 Plus User’s Guide
ZyXEL Limited Warranty
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects
in materials or workmanship for a period of up to two years from the date of purchase. During
the warranty period, and upon proof of purchase, should the product have indications of failure
due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the
defective products or components without charge for either parts or labor, and to whatever
extent it shall deem necessary to restore the product or components to proper operating
condition. Any replacement will consist of a new or re-manufactured functionally equivalent
product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not
apply if the product is modified, misused, tampered with, damaged by an act of God, or
subjected to abnormal working conditions.
Note
Repair or replacement, as provided under this warranty, is the exclusive remedy of the
purchaser. This warranty is in lieu of all other warranties, express or implied, including any
implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in
no event be held liable for indirect or consequential damages of any kind of character to the
purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return
Material Authorization number (RMA). Products must be returned Postage Prepaid. It is
recommended that the unit be insured when shipped. Any returned products without proof of
purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of
ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products
will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty
gives you specific legal rights, and you may also have other rights that vary from country to
country.
Safety Warnings
1 To reduce the risk of fire, use only No. 26 AWG or larger telephone wire.
2 Do not use this product near water, for example, in a wet basement or near a swimming
pool.
3 Avoid using this product during an electrical storm. There may be a remote risk of
electric shock from lightening.
This product has been designed for the WLAN 2.4 GHz network throughout the EC region and
Switzerland, with restrictions in France.
ZyXEL Limited Warranty 4
ZyAIR G-2000 Plus User’s Guide
Please have the following information ready when you contact customer support.
• Product model and serial number.
• Warranty Information.
• Date that you received your device.
• Brief description of the problem and the steps you took to solve it.
Customer Support
method
location
Corporate
HeadQuarters
(Worldwide)
Czech
Republic
Denmark support@zyxel.dk +45 39 55 07 00 www.zyxel.dk Z y X E L C o m m u n i c a t i o n s A / S
Finland support@zyxel.fi +358-9-4780-8411 www.zyxel.fi Zy X E L C o mm u n ic a t io n s Oy
France info@zyxel.fr +33 (0)4 72 52 97 97 www.zyxel.fr Z y XE L Fr a nc e
Germany support@zyxel.de +49-2405-6909-0 www.zyxel.de ZyXEL Deutschland GmbH.
North America support@zyxel.com +1-800-255-4101
Norway support@zyxel.no +47 22 80 61 80 www.zyxel.no Z y X E L C o m m u n i c a t i o n s A / S
Support e-mail Telephone
Sales e-mail Fax FTP Site
support@zyxel.com.tw +886-3-578-3942 www.zyxel.com
sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.com
info@cz.zyxel.com +420 241 091 350 www.zyxel.cz ZyXEL Communications
info@cz.zyxel.com +420 241 091 359
sales@zyxel.dk +45 39 55 07 07
sales@zyxel.fi +358-9-4780 8448
+33 (0)4 72 52 19 20
sales@zyxel.de +49-2405-6909-99
+1-714-632-0882
sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com
sales@zyxel.no +47 22 80 61 81
a
Web Site Regular Mail
ZyXEL Communications Corp.
www.europe.zyxel.com
ftp.europe.zyxel.com
www.us.zyxel.com ZyXEL Communications Inc.
6 Innov ati on Road II
Sc ience Park
Hs inchu 3 00
Ta iw a n
Czech s.r.o.
Modranská 621
143 01 Praha 4 - Modrany
Ceská Republika
Col um bu sv ej 5
2860 Soeborg
Denmark
Mal mi nk aa ri 10
00700 Helsinki
Finland
1 rue des Ve rg er s
Ba t. 1 / C
69760 Limonest
France
Adenauerstr. 20/A2 D-52146
Wuerselen
Germany
1130 N. Miller St.
Ana hei m
CA 92806- 2001
U.S.A.
Ni ls Hansens vei 13
0667 Oslo
Norway
5 Customer Support
ZyAIR G-2000 Plus User’s Guide
SPAIN support@zyxel.es +34 902 195 420 www.zyxel.es Z y X E L C o m m u n i c at i o n s
sales@zyxel.es +34 913 005 345
Sweden support@zyxel.se +46 31 744 7700 www.zyxel.se ZyXEL Communications A/S
sales@zyxel.se +46 31 744 7701
United
Kingdom
a. “+” is the (prefix) number you enter to make an international telephone call.
technical@zyxel.co.uk +44 (0) 8702 909090 www.zyxel.co.uk ZyXEL Communications UK
sales@zyxel.co.uk +44 (0) 8702 909091 ftp.zyxel.co.uk
A l e j a n d r o V i l l e g a s 3 3
1 º , 2 8 0 4 3 M a d r i d
Spain
Sjöporten 4, 41764 Göteborg
Sweden
Ltd.,11, The Courtyard,
Eastern Road, Bracknell,
Berkshire, RG12 2XB,
United Kingdom (UK)
Customer Support 6
ZyAIR G-2000 Plus User’s Guide
7 Customer Support
ZyAIR G-2000 Plus User’s Guide
Table of Contents
Copyright .................................................................................................................. 2
Federal Communications Commission (FCC) Interference Statement ............... 3
ZyXEL Limited Warranty.......................................................................................... 4
Customer Support.................................................................................................... 5
Preface .................................................................................................................... 32
Chapter 1
Getting to Know Your ZyAIR ................................................................................. 36
1.1 Introducing the ZyAIR .......................................................................................36
1.2 ZyAIR Features ..................................................................................................36
1.2.1 Physical Features .....................................................................................36
1.2.1.1 4-Port Switch ...................................................................................36
1.2.1.2 10/100M Auto-negotiating Ethernet/Fast Ethernet Interface ...........36
1.2.1.3 10/100M Auto-crossover Ethernet/Fast Ethernet Interface .............36
1.2.1.4 10/100 Mbps Ethernet WAN ............................................................37
1.2.1.5 Reset Button ...................................................................................37
1.2.1.6 ZyAIR LED ......................................................................................37
1.2.2 Firmware Features ....................................................................................37
1.2.2.1 Internal RADIUS Server ..................................................................37
1.2.2.2 Wi-Fi Protected Access ...................................................................37
1.2.2.3 802.11b Wireless LAN Standard .....................................................37
1.2.2.4 802.11g Wireless LAN Standard .....................................................38
1.2.2.5 STP (Spanning Tree Protocol) / RSTP (Rapid STP) .......................38
1.2.2.6 Certificates ......................................................................................38
1.2.2.7 Limit the number of Client Connections ..........................................38
1.2.2.8 SSL Passthrough ............................................................................38
1.2.2.9 Firewall ............................................................................................39
1.2.2.10 Brute-Force Password Guessing Protection ................................39
1.2.2.11 Wireless LAN MAC Address Filtering ............................................39
1.2.2.12 WEP Encryption ............................................................................39
1.2.2.13 IEEE 802.1X Network Security .....................................................39
1.2.2.14 Universal Plug and Play (UPnP) ...................................................39
1.2.2.15 Dynamic DNS Support ..................................................................39
Table of Contents 8
ZyAIR G-2000 Plus User’s Guide
1.2.2.16 PPPoE Support (RFC2516) ..........................................................40
1.2.2.17 PPTP Encapsulation .....................................................................40
1.2.2.18 Network Address Translation (NAT) ..............................................40
1.2.2.19 Traffic Redirect ..............................................................................40
1.2.2.20 NAT for Single-IP-address Internet Access ...................................40
1.2.2.21 DHCP (Dynamic Host Configuration Protocol) ..............................40
1.2.2.22 Multicast ........................................................................................41
1.2.2.23 IP Alias ..........................................................................................41
1.2.2.24 IP Policy Routing ...........................................................................41
1.2.2.25 SNMP ............................................................................................41
1.2.2.26 Full Network Management ............................................................41
1.2.2.27 Logging and Tracing ......................................................................41
1.2.2.28 Diagnostics Capabilities ................................................................41
1.2.2.29 Embedded FTP and TFTP Servers ...............................................42
1.2.2.30 Wireless Association List ..............................................................42
1.2.2.31 Wireless LAN Channel Usage .......................................................42
1.3 Applications for the ZyAIR ..................................................................................42
1.3.1 Internet Access Application ......................................................................42
Chapter 2
Introducing the Web Configurator........................................................................ 44
2.1 Web Configurator Overview ...............................................................................44
2.2 Accessing the ZyAIR Web Configurator .............................................................44
2.3 Resetting the ZyAIR ...........................................................................................46
2.3.1 .Procedure To Use The Reset Button .......................................................46
2.3.2 Method of Restoring Factory-Defaults Via Web Configurator ...................46
2.4 Navigating the ZyAIR Web Configurator ............................................................46
Chapter 3
Wizard Setup .......................................................................................................... 48
3.1 Wizard Setup Overview ......................................................................................48
3.1.1 Channel ....................................................................................................48
3.1.2 ESS ID ......................................................................................................48
3.1.3 WEP Encryption ........................................................................................48
3.1.4 WPA-PSK .................................................................................................49
3.2 Wizard Setup: General Setup ............................................................................49
3.3 Wizard Setup: Wireless LAN ..............................................................................50
3.4 Wizard Setup: Screen 3 .....................................................................................51
3.5 Wizard Setup: Screen 4 .....................................................................................53
3.5.1 Ethernet ....................................................................................................53
3.5.2 PPPoE Encapsulation ...............................................................................55
3.5.3 PPTP Encapsulation .................................................................................56
3.6 Wizard Setup: Screen 5 .....................................................................................58
9 Table of Contents
ZyAIR G-2000 Plus User’s Guide
3.6.1 WAN IP Address Assignment ...................................................................58
3.6.2 IP Address and Subnet Mask ...................................................................59
3.6.3 DNS Server Address Assignment .............................................................59
3.6.4 WAN MAC Address ..................................................................................59
3.7 Basic Setup Complete ........................................................................................62
Chapter 4
System Screens ..................................................................................................... 64
4.1 System Overview ...............................................................................................64
4.2 Configuring General Setup .................................................................................64
4.3 Dynamic DNS .....................................................................................................65
4.3.1 DynDNS Wildcard .....................................................................................65
4.4 Configuring Dynamic DNS .................................................................................66
4.5 Configuring Password ........................................................................................67
4.6 Configuring Time Setting ...................................................................................68
Chapter 5
LAN Screens...........................................................................................................70
5.1 LAN Overview ....................................................................................................70
5.2 DHCP Setup .......................................................................................................70
5.2.1 IP Pool Setup ............................................................................................70
5.2.2 System DNS Servers ................................................................................70
5.3 LAN TCP/IP ........................................................................................................70
5.3.1 Factory LAN Defaults ................................................................................70
5.3.2 IP Address and Subnet Mask ...................................................................71
5.3.3 RIP Setup .................................................................................................71
5.3.4 Multicast ....................................................................................................71
5.4 Configuring IP ....................................................................................................72
5.5 Configuring Static DHCP ....................................................................................75
5.6 Configuring IP Alias ............................................................................................76
Chapter 6
Wireless Configuration and Roaming .................................................................. 78
6.1 Wireless LAN Overview .....................................................................................78
6.1.1 IBSS ..........................................................................................................78
6.1.2 BSS ...........................................................................................................78
6.1.3 ESS ...........................................................................................................79
6.2 Wireless LAN Basics ..........................................................................................80
6.2.1 RTS/CTS .................................................................................................80
6.2.2 Fragmentation Threshold ..........................................................................81
6.3 Configuring Wireless ..........................................................................................82
6.4 Configuring Roaming .........................................................................................84
6.4.1 Requirements for Roaming .......................................................................85
Table of Contents 10
ZyAIR G-2000 Plus User’s Guide
Chapter 7
Wireless Security ................................................................................................... 88
7.1 Wireless Security Overview ...............................................................................88
7.2 Security Parameters Summary ..........................................................................90
7.3 WEP Overview ...................................................................................................90
7.3.1 Data Encryption .......................................................................................90
7.3.1.1 Authentication .................................................................................90
7.4 Configuring WEP Encryption ..............................................................................91
7.5 Introduction to WPA ...........................................................................................93
7.5.1 User Authentication .................................................................................93
7.5.2 Encryption ................................................................................................94
7.5.3 WPA-PSK Application Example ................................................................94
7.6 Configuring WPA-PSK Authentication ................................................................95
7.7 Wireless Client WPA Supplicants .......................................................................97
7.7.1 WPA with RADIUS Application Example ..................................................97
7.8 Configuring WPA Authentication ........................................................................98
7.9 Introduction to RADIUS ....................................................................................100
7.9.1 Types of RADIUS Messages ..................................................................100
7.9.1.1 Access-Challenge .........................................................................100
7.9.1.2 Accounting-Request ......................................................................101
7.9.1.3 Accounting-Response ...................................................................101
7.9.1.4 EAP Authentication Overview .......................................................101
7.10 Configuring RADIUS ......................................................................................102
7.11 802.1x Overview .............................................................................................104
7.12 Dynamic WEP Key Exchange ........................................................................104
7.13 Configuring 802.1x and Dynamic WEP Key Exchange ..................................105
7.14 Configuring 802.1x and Static WEP Key Exchange .......................................107
7.15 Configuring 802.1x .........................................................................................110
7.16 MAC Filter ......................................................................................................112
Chapter 8
Internal RADIUS Server ....................................................................................... 114
8.1 Internal RADIUS Overview ...............................................................................114
8.2 Internal RADIUS Server Setting ....................................................................... 116
8.3 Trusted AP Overview .......................................................................................118
8.4 Configuring Trusted AP .................................................................................... 119
8.5 Trusted Users Overview ...................................................................................120
8.6 Configuring Trusted Users ...............................................................................120
Chapter 9
WAN....................................................................................................................... 124
9.1 WAN Overview .................................................................................................124
9.2 Configuring WAN ISP .......................................................................................124
11 Table of Contents
ZyAIR G-2000 Plus User’s Guide
9.2.1 Ethernet Encapsulation ...........................................................................124
9.2.1.1 Service Type .................................................................................125
9.2.2 PPPoE Encapsulation .............................................................................126
9.2.3 PPTP Encapsulation ...............................................................................129
9.3 TCP/IP Priority (Metric) ....................................................................................131
9.4 Configuring WAN IP .........................................................................................131
9.5 Configuring WAN MAC .....................................................................................134
Chapter 10
Single User Account (SUA) / Network Address Translation (NAT).................. 136
10.1 NAT Overview ................................................................................................136
10.1.1 NAT Definitions .....................................................................................136
10.1.2 What NAT Does ....................................................................................137
10.1.3 How NAT Works ...................................................................................137
10.1.4 NAT Application ....................................................................................138
10.1.5 NAT Mapping Types .............................................................................139
10.2 Using NAT ......................................................................................................140
10.2.1 SUA (Single User Account) Versus NAT ..............................................140
10.3 SUA Server ....................................................................................................140
10.3.1 Default Server IP Address ....................................................................141
10.3.2 Port Forwarding: Services and Port Numbers ......................................141
10.3.3 Configuring Servers Behind SUA (Example) ........................................142
10.4 Configuring SUA Server ................................................................................143
10.5 Configuring Address Mapping ........................................................................145
10.5.1 Configuring Address Mapping ..............................................................147
10.6 Trigger Port Forwarding .................................................................................148
10.6.1 Trigger Port Forwarding Example .........................................................148
10.6.2 Two Points To Remember About Trigger Ports .....................................149
10.7 Configuring Trigger Port Forwarding ..............................................................149
Chapter 11
Static Route Screens ........................................................................................... 152
11.1 Static Route Overview ....................................................................................152
11.2 Configuring IP Static Route ............................................................................152
11.2.1 Configuring Route Entry ........................................................................153
Chapter 12
Remote Management Screens ............................................................................ 156
12.1 Remote Management Overview .....................................................................156
12.1.1 Remote Management Limitations .........................................................156
12.1.2 Remote Management and NAT ............................................................157
12.1.3 System Timeout ...................................................................................157
12.2 Configuring WWW ..........................................................................................157
Table of Contents 12
ZyAIR G-2000 Plus User’s Guide
12.3 Configuring Telnet ..........................................................................................158
12.4 Configuring TELNET ......................................................................................159
12.5 Configuring FTP .............................................................................................160
12.6 SNMP .............................................................................................................161
12.6.1 Supported MIBs ....................................................................................162
12.6.2 SNMP Traps .........................................................................................162
12.6.3 Configuring SNMP ................................................................................163
12.7 Configuring DNS ............................................................................................165
12.8 Configuring Security .......................................................................................166
Chapter 13
UPnP...................................................................................................................... 168
13.1 Universal Plug and Play Overview ................................................................168
13.1.1 How Do I Know If I'm Using UPnP? ......................................................168
13.1.2 NAT Traversal .......................................................................................168
13.1.3 Cautions with UPnP ..............................................................................168
13.2 UPnP and ZyXEL ...........................................................................................169
13.3 Configuring UPnP ..........................................................................................169
13.4 Installing UPnP in Windows Example ............................................................170
13.4.1 Installing UPnP in Windows Me ............................................................171
13.4.2 Installing UPnP in Windows XP ............................................................172
13.5 Using UPnP in Windows XP Example ...........................................................173
13.5.1 Auto-discover Your UPnP-enabled Network Device .............................174
13.5.2 Web Configurator Easy Access ............................................................175
13.5.3 Web Configurator Easy Access ............................................................176
Chapter 14
Firewalls................................................................................................................178
14.1 Firewall Overview ...........................................................................................178
14.2 Types of Firewalls ..........................................................................................178
14.2.1 Packet Filtering Firewalls ......................................................................178
14.2.2 Application-level Firewalls ....................................................................178
14.2.3 Stateful Inspection Firewalls .................................................................179
14.3 Introduction to ZyXEL’s Firewall .....................................................................179
14.4 Denial of Service ............................................................................................180
14.4.1 Basics ...................................................................................................180
14.4.2 Types of DoS Attacks ...........................................................................181
14.4.2.1 ICMP Vulnerability ......................................................................184
14.4.2.2 Traceroute ...................................................................................184
14.5 Stateful Inspection ..........................................................................................185
14.5.1 Stateful Inspection Process ..................................................................185
14.5.2 Stateful Inspection and the ZyAIR ........................................................186
14.5.3 TCP Security .........................................................................................187
13 Table of Contents
ZyAIR G-2000 Plus User’s Guide
14.5.4 UDP/ICMP Security ..............................................................................187
14.5.5 Upper Layer Protocols ..........................................................................188
14.6 Guidelines For Enhancing Security With Your Firewall ..................................188
14.7 Packet Filtering Vs Firewall ............................................................................188
14.7.1 Packet Filtering: ....................................................................................189
14.7.1.1 When To Use Filtering .................................................................189
14.7.2 Firewall .................................................................................................189
14.7.2.1 When To Use The Firewall ..........................................................189
Chapter 15
Firewall Screens...................................................................................................192
15.1 Access Methods .............................................................................................192
15.2 Firewall Policies Overview .............................................................................192
15.3 Rule Logic Overview ......................................................................................193
15.3.1 Rule Checklist .......................................................................................193
15.3.2 Security Ramifications ..........................................................................194
15.3.3 Key Fields For Configuring Rules .........................................................194
15.3.3.1 Action ..........................................................................................194
15.3.3.2 Service ........................................................................................194
15.3.3.3 Source Address ...........................................................................194
15.3.3.4 Destination Address ....................................................................194
15.4 Connection Direction Examples .....................................................................195
15.4.1 LAN to WAN Rules ...............................................................................195
15.4.2 WAN to LAN Rules ...............................................................................195
15.5 Alerts ..............................................................................................................196
15.6 Configuring Firewall .......................................................................................196
15.6.1 Rule Summary ......................................................................................197
15.6.2 Configuring Firewall Rules ....................................................................199
15.6.3 Configuring Custom Services ...............................................................202
15.7 Example Firewall Rule ...................................................................................203
15.8 Predefined Services .......................................................................................206
Chapter 16
Content Filtering ................................................................................................. 210
16.1 Introduction to Content Filtering .....................................................................210
16.2 Restrict Web Features ...................................................................................210
16.3 Days and Times .............................................................................................210
16.4 Configure Content Filtering ............................................................................210
Chapter 17
Certificates............................................................................................................ 214
17.1 Certificates Overview .....................................................................................214
17.1.1 Advantages of Certificates ....................................................................215
Table of Contents 14
ZyAIR G-2000 Plus User’s Guide
17.2 Self-signed Certificates ..................................................................................215
17.3 Configuration Summary .................................................................................215
17.4 My Certificates ...............................................................................................215
17.5 Certificate File Formats ..................................................................................218
17.6 Importing a Certificate ....................................................................................218
17.7 Creating a Certificate .....................................................................................219
17.8 My Certificate Details .....................................................................................222
17.9 Trusted CAs ...................................................................................................225
17.10 Importing a Trusted CA’s Certificate .............................................................227
17.11 Trusted CA Certificate Details ......................................................................228
Chapter 18
Log Screens.......................................................................................................... 232
18.1 Configuring View Log .....................................................................................232
18.2 Configuring Log Settings ................................................................................233
18.3 Configuring Reports .......................................................................................236
Chapter 19
Maintenance ......................................................................................................... 240
19.1 Maintenance Overview ...................................................................................240
19.2 System Status Screen ....................................................................................240
19.2.1 System Statistics ...................................................................................242
19.3 DHCP Table Screen .......................................................................................242
19.4 Association List ..............................................................................................243
19.5 F/W Upload Screen ........................................................................................244
19.6 Configuration Screen .....................................................................................247
19.6.1 Backup Configuration ...........................................................................248
19.6.2 Restore Configuration ..........................................................................248
19.6.3 Back to Factory Defaults .......................................................................250
19.7 Restart Screen ...............................................................................................250
Chapter 20
Introducing the SMT ............................................................................................252
20.1 SMT Introduction ............................................................................................252
20.2 Connect to your ZyAIR Using Telnet ..............................................................252
20.2.1 Entering Password ................................................................................252
20.3 Changing the System Password ....................................................................253
20.4 ZyAIR SMT Menu Overview Example ............................................................253
20.5 Navigating the SMT Interface .........................................................................254
20.5.1 System Management Terminal Interface Summary ..............................256
20.6 Changing the System Password ....................................................................256
15 Table of Contents
ZyAIR G-2000 Plus User’s Guide
Chapter 21
General Setup.......................................................................................................258
21.1 General Setup ................................................................................................258
21.1.1 Procedure To Configure Menu 1 ...........................................................258
21.1.2 Procedure to Configure Dynamic DNS .................................................260
Chapter 22
Menu 2 WAN Setup .............................................................................................. 262
22.1 Introduction to WAN .......................................................................................262
22.2 WAN Setup .....................................................................................................262
Chapter 23
LAN Setup.............................................................................................................264
23.1 LAN Setup ......................................................................................................264
23.1.1 General Ethernet Setup ........................................................................264
23.2 Protocol Dependent Ethernet Setup ..............................................................265
23.3 TCP/IP Ethernet Setup and DHCP ................................................................265
23.3.1 IP Alias Setup .......................................................................................267
23.4 Wireless LAN Setup .......................................................................................268
23.4.1 Configuring MAC Address Filter ...........................................................270
Chapter 24
Internet Access .................................................................................................... 274
24.1 Introduction to Internet Access Setup ............................................................274
24.2 Ethernet Encapsulation ..................................................................................274
24.3 Configuring the PPTP Client ..........................................................................276
24.4 Configuring the PPPoE Client ........................................................................277
24.5 Basic Setup Complete ....................................................................................278
Chapter 25
Remote Node Configuration ...............................................................................280
25.1 Introduction to Remote Node Setup ...............................................................280
25.2 Remote Node Profile Setup ...........................................................................280
25.2.1 Ethernet Encapsulation .........................................................................280
25.2.2 PPPoE Encapsulation ...........................................................................282
25.2.2.1 Outgoing Authentication Protocol ................................................283
25.2.2.2 Nailed-Up Connection .................................................................283
25.2.3 PPTP Encapsulation .............................................................................284
25.3 Edit IP .............................................................................................................285
25.4 Remote Node Filter ........................................................................................287
Table of Contents 16
ZyAIR G-2000 Plus User’s Guide
Chapter 26
Static Route Setup ............................................................................................... 290
26.1 IP Static Route Setup .....................................................................................290
Chapter 27
Dial-in User Setup ................................................................................................ 292
27.1 Dial-in User Setup ..........................................................................................292
Chapter 28
Network Address Translation (NAT)...................................................................294
28.1 Using NAT ......................................................................................................294
28.1.1 SUA (Single User Account) Versus NAT ..............................................294
28.2 Applying NAT .................................................................................................294
28.3 NAT Setup ......................................................................................................296
28.3.1 Address Mapping Sets ..........................................................................297
28.3.1.1 User-Defined Address Mapping Sets ..........................................298
28.3.1.2 Ordering Your Rules ....................................................................299
28.4 Configuring a Server behind NAT ..................................................................301
28.5 General NAT Examples ..................................................................................302
28.5.1 Example 1: Internet Access Only ..........................................................302
28.5.2 Example 2: Internet Access with an Inside Server ...............................303
28.5.3 Example 3: Multiple Public IP Addresses With Inside Servers .............304
28.5.4 Example 4: NAT Unfriendly Application Programs ...............................308
28.6 Configuring Trigger Port Forwarding .............................................................310
Chapter 29
Filter Configuration..............................................................................................312
29.1 Introduction to Filters ......................................................................................312
29.1.1 The Filter Structure of the ZyAIR ..........................................................313
29.2 Configuring a Filter Set ..................................................................................314
29.2.1 Configuring a Filter Rule .......................................................................316
29.2.2 Configuring a TCP/IP Filter Rule ..........................................................317
29.2.3 Configuring a Generic Filter Rule .........................................................319
29.3 Example Filter ................................................................................................321
29.4 Filter Types and NAT ......................................................................................323
29.5 Firewall Versus Filters ....................................................................................324
29.6 Applying a Filter ............................................................................................324
29.6.1 Applying LAN Filters .............................................................................324
29.6.2 Applying Remote Node Filters ..............................................................325
Chapter 30
Enabling the Firewall ........................................................................................... 326
30.1 Remote Management and the Firewall ..........................................................326
17 Table of Contents
ZyAIR G-2000 Plus User’s Guide
30.2 Access Methods .............................................................................................326
30.3 Enabling the Firewall ......................................................................................326
Chapter 31
SNMP Configuration ............................................................................................ 328
31.1 About SNMP ..................................................................................................328
31.2 Supported MIBs ............................................................................................329
31.3 SNMP Configuration ......................................................................................329
31.4 SNMP Traps ...................................................................................................330
Chapter 32
System Security ................................................................................................... 332
32.1 System Security .............................................................................................332
32.1.1 System Password .................................................................................332
32.1.2 Configuring External RADIUS Server ...................................................332
32.1.3 802.1x ...................................................................................................334
Chapter 33
System Information and Diagnosis .................................................................... 338
33.1 System Status ................................................................................................338
33.2 System Information ........................................................................................340
33.2.1 System Information ...............................................................................340
33.2.2 Console Port Speed ..............................................................................341
33.3 Log and Trace ................................................................................................341
33.3.1 Viewing Error Log .................................................................................341
33.3.2 UNIX Syslog .........................................................................................342
33.3.2.1 CDR ............................................................................................343
33.3.2.2 Packet triggered ..........................................................................343
33.3.2.3 Filter log .....................................................................................344
33.3.2.4 PPP log ......................................................................................344
33.3.2.5 Firewall log ..................................................................................345
33.3.3 Call-Triggering Packet ..........................................................................345
33.4 Diagnostic ......................................................................................................346
33.4.1 WAN DHCP ..........................................................................................347
Chapter 34
Firmware and Configuration File Maintenance ................................................. 350
34.1 Filename Conventions ...................................................................................350
34.2 Backup Configuration .....................................................................................351
34.2.1 Backup Configuration Using FTP .........................................................351
34.2.2 Using the FTP command from the DOS Prompt ..................................352
34.2.3 GUI-based FTP Clients .........................................................................353
34.2.4 TFTP and FTP over WAN Management Limitations .............................353
Table of Contents 18
ZyAIR G-2000 Plus User’s Guide
34.2.5 Backup Configuration Using TFTP .......................................................354
34.2.6 Example: TFTP Command ...................................................................354
34.2.7 GUI-based TFTP Clients ......................................................................355
34.3 Restore Configuration ...................................................................................355
34.3.1 Restore Using FTP ...............................................................................355
34.3.2 Restore Using FTP Session Example ..................................................356
34.4 Uploading Firmware and Configuration Files .................................................357
34.4.1 Firmware Upload ..................................................................................357
34.4.2 Configuration File Upload .....................................................................358
34.4.3 Using the FTP command from the DOS Prompt Example ...................358
34.4.4 TFTP File Upload ..................................................................................359
34.4.5 Example: TFTP Command ...................................................................360
Chapter 35
System Maintenance and Information ...............................................................362
35.1 Command Interpreter Mode ...........................................................................362
35.2 Call Control Support .......................................................................................363
35.2.1 Budget Management ............................................................................364
35.2.2 Call History ...........................................................................................364
35.3 Time and Date Setting ....................................................................................365
35.3.1 Resetting the Time ................................................................................367
Chapter 36
Remote Management ........................................................................................... 368
36.1 Remote Management .....................................................................................368
36.1.1 Telnet ....................................................................................................369
36.1.2 FTP .......................................................................................................370
36.1.3 Web ......................................................................................................370
36.1.4 Remote Management Limitations .........................................................370
36.2 Remote Management and NAT ......................................................................370
36.3 System Timeout .............................................................................................371
Chapter 37
Call Scheduling .................................................................................................... 372
37.1 Introduction to Call Scheduling ......................................................................372
Appendix A
Troubleshooting................................................................................................... 376
Appendix B
Brute-Force Password Guessing Protection..................................................... 378
Appendix C
Setting up Your Computer’s IP Address............................................................ 380
19 Table of Contents
ZyAIR G-2000 Plus User’s Guide
Appendix D
IP Address Assignment Conflicts ......................................................................392
Appendix E
IP Subnetting ........................................................................................................ 396
Appendix F
Command Interpreter........................................................................................... 404
Appendix G
Log Descriptions.................................................................................................. 406
Appendix H
Wireless LAN and IEEE 802.11 ...........................................................................410
Appendix I
Wireless LAN With IEEE 802.1x .......................................................................... 414
Appendix J
Types of EAP Authentication.............................................................................. 418
Appendix K
Antenna Selection and Positioning Recommendation..................................... 420
Appendix L
Power Adaptor Specifications ............................................................................ 422
Table of Contents 20
ZyAIR G-2000 Plus User’s Guide
21 Table of Contents
ZyAIR G-2000 Plus User’s Guide
List of Figures
Figure 1 Internet Access Application Example .................................................................... 42
Figure 2 Change Password Screen .................................................................................... 45
Figure 3 Replace Certificate Screen ................................................................................... 45
Figure 4 The MAIN MENU Screen of the Web Configurator ............................................... 47
Figure 5 Wizard 1 : General Setup ...................................................................................... 50
Figure 6 Wizard 2 : Wireless LAN Setup ............................................................................. 51
Figure 7 Wizard 3: Wireless LAN Setup: Basic Security ..................................................... 52
Figure 8 Wizard 3: Wireless LAN Setup: Extend Security .................................................. 53
Figure 9 Wizard 4: Ethernet Encapsulation ......................................................................... 54
Figure 10 Wizard 4: PPPoE Encapsulation ......................................................................... 56
Figure 11 Wizard 4: PPTP Encapsulation ........................................................................... 57
Figure 12 Wizard 5: WAN Setup ......................................................................................... 61
Figure 13 Wizard Finish ...................................................................................................... 63
Figure 14 System General Setup ........................................................................................ 64
Figure 15 DDNS .................................................................................................................. 66
Figure 16 Password. ........................................................................................................... 67
Figure 17 Time Setting ........................................................................................................ 68
Figure 18 LAN IP ................................................................................................................. 73
Figure 19 Static DHCP ........................................................................................................ 76
Figure 20 IP Alias ................................................................................................................ 77
Figure 21 IBSS (Ad-hoc) Wireless LAN .............................................................................. 78
Figure 22 Basic Service set ................................................................................................ 79
Figure 23 Extended Service Set ......................................................................................... 80
Figure 24 RTS/CTS ............................................................................................................ 81
Figure 25 Wireless ............................................................................................................. 83
Figure 26 Roaming Example ............................................................................................... 84
Figure 27 Roaming ..............................................................................................................86
Figure 28 ZyAIR Wireless Security Levels .......................................................................... 88
Figure 29 Wireless: No Security .......................................................................................... 89
Figure 30 WEP Authentication Steps .................................................................................. 91
Figure 31 Wireless: Static WEP Encryption ........................................................................ 92
Figure 32 WPA - PSK Authentication .................................................................................. 95
Figure 33 Wireless: WPA-PSK ............................................................................................ 96
Figure 34 WPA with RADIUS Application Example ............................................................ 98
Figure 35 Wireless: WPA .................................................................................................... 99
Figure 36 EAP Authentication ............................................................................................. 101
List of Figures 22
ZyAIR G-2000 Plus User’s Guide
Figure 37 Wireless: WPA .................................................................................................... 103
Figure 38 Wireless: 802.1x and Dynamic WEP .................................................................. 106
Figure 39 Wireless: 802.1x and Static WEP ....................................................................... 108
Figure 40 Wireless: 802.1x ................................................................................................. 111
Figure 41 MAC Address Filter ............................................................................................. 113
Figure 42 ZyAIR Authenticates Wireless Stations ............................................................... 115
Figure 43 ZyAIR Authenicates other AP’s ........................................................................... 115
Figure 44 Internal RADIUS Server Setting Screen ............................................................ 117
Figure 45 Trusted AP Overview .......................................................................................... 118
Figure 46 Trusted AP Screen .............................................................................................. 119
Figure 47 Trusted Users Screen ......................................................................................... 121
Figure 48 Ethernet Encapsulation ....................................................................................... 125
Figure 49 Ethernet Encapsulation ....................................................................................... 126
Figure 50 PPPoE Encapsulation ......................................................................................... 128
Figure 51 PPTP Encapsulation ........................................................................................... 130
Figure 52 WAN: IP .............................................................................................................132
Figure 53 MAC Setup .......................................................................................................... 134
Figure 54 How NAT Works .................................................................................................. 138
Figure 55 NAT Application With IP Alias ............................................................................. 139
Figure 56 Multiple Servers Behind NAT Example ............................................................... 143
Figure 57 SUA/NAT Setup .................................................................................................. 144
Figure 58 Address Mapping ................................................................................................ 146
Figure 59 Address Mapping Edit ......................................................................................... 147
Figure 60 Trigger Port Forwarding Process: Example ........................................................ 149
Figure 61 Trigger Port .........................................................................................................150
Figure 62 Example of Static Routing Topology ................................................................... 152
Figure 63 Static Route .........................................................................................................153
Figure 64 Static Route: Edit ................................................................................................ 154
Figure 65 Remote Management: WWW ............................................................................. 158
Figure 66 Telnet Configuration on a TCP/IP Network ......................................................... 159
Figure 67 Remote Management: Telnet .............................................................................. 159
Figure 68 Remote Management: FTP ................................................................................. 160
Figure 69 SNMP Management Model ................................................................................. 161
Figure 70 Remote Management: SNMP ............................................................................. 164
Figure 71 Remote Management: DNS ................................................................................ 165
Figure 72 Security ............................................................................................................... 167
Figure 73 Configuring UPnP ............................................................................................... 170
Figure 74 ZyAIR Firewall Application .................................................................................. 180
Figure 75 Three-Way Handshake ....................................................................................... 182
Figure 76 SYN Flood ........................................................................................................... 183
Figure 77 Smurf Attack ....................................................................................................... 184
Figure 78 Stateful Inspection ............................................................................................... 185
Figure 79 LAN to WAN Traffic ............................................................................................. 195
23 List of Figures
ZyAIR G-2000 Plus User’s Guide
Figure 80 WAN to LAN Traffic ............................................................................................. 196
Figure 81 Default Rule ....................................................................................................... 197
Figure 82 Rule Summary .................................................................................................... 198
Figure 83 Creating/Editing A Firewall Rule ......................................................................... 200
Figure 84 Creating/Editing A Custom Service ..................................................................... 202
Figure 85 Rule Summary .................................................................................................... 203
Figure 86 Rule Edit Example .............................................................................................. 204
Figure 87 Edit Custom Service Example ............................................................................ 204
Figure 88 My Service Rule Configuration ........................................................................... 205
Figure 89 My Service Example Rule Summary .................................................................. 206
Figure 90 Content Filter ...................................................................................................... 211
Figure 91 My Certificates .................................................................................................... 216
Figure 92 My Certificate Import ........................................................................................... 219
Figure 93 My Certificate Create .......................................................................................... 220
Figure 94 My Certificate Details .......................................................................................... 223
Figure 95 Trusted CAs ........................................................................................................ 226
Figure 96 Trusted CA Import ............................................................................................... 227
Figure 97 Trusted CA Details .............................................................................................. 229
Figure 98 View Log .............................................................................................................232
Figure 99 Log Settings ........................................................................................................ 234
Figure 100 Reports .............................................................................................................237
Figure 101 System Status ................................................................................................... 241
Figure 102 System Status: Show Statistics ......................................................................... 242
Figure 103 Maintenance DHCP Table ................................................................................. 243
Figure 104 Association List ................................................................................................. 244
Figure 105 Firmware Upload ............................................................................................... 245
Figure 106 Firmware Upload In Process ............................................................................. 246
Figure 107 Network Temporarily Disconnecte .................................................................... 246
Figure 108 Firmware Upload Error ...................................................................................... 247
Figure 109 Configuration ..................................................................................................... 248
Figure 110 Configuration Upload Successful ...................................................................... 249
Figure 111 Network Temporarily Disconnected ................................................................... 249
Figure 112 Configuration Upload Error ............................................................................... 250
Figure 113 Reset Warning Message ................................................................................... 250
Figure 114 Restart Screen .................................................................................................. 251
Figure 115 Login Screen ..................................................................................................... 252
Figure 116 Login Screen ..................................................................................................... 253
Figure 117 Menu 23.1 System Security : Change Password .............................................. 253
Figure 118 ZyAIR G-2000 Plus SMT Menu Overview Example .......................................... 254
Figure 119 ZyAIR G-2000 Plus SMT Main Menu ............................................................... 256
Figure 120 Menu 23: System Security ................................................................................ 257
Figure 121 Menu 23 System Password .............................................................................. 257
Figure 122 Menu 1 General Setup ...................................................................................... 259
List of Figures 24
ZyAIR G-2000 Plus User’s Guide
Figure 123 Menu 1.1 Configure Dynamic DNS .................................................................. 260
Figure 124 Menu 2 WAN Setup .......................................................................................... 262
Figure 125 Menu 3 LAN Setup ........................................................................................... 264
Figure 126 Menu 3.1 LAN Port Filter Setup. ....................................................................... 264
Figure 127 Menu 3.2 TCP/IP Setup .................................................................................... 265
Figure 128 Physical Network & Partitioned Logical Networks ............................................ 267
Figure 129 Menu 3.2.1: IP Alias Setup ............................................................................... 268
Figure 130 Menu 3.5 Wireless LAN Setup .......................................................................... 269
Figure 131 Menu 3.5 Wireless LAN Setup ......................................................................... 271
Figure 132 Menu 3.5.1 WLAN MAC Address Filter ............................................................ 272
Figure 133 Menu 4 Internet Access Setup .......................................................................... 275
Figure 134 Internet Access Setup (PPTP) ......................................................................... 277
Figure 135 Internet Access Setup (PPPoE) ........................................................................ 278
Figure 136 Menu 11.1 Remote Node Profile for Ethernet Encapsulation ............................ 281
Figure 137 Menu 11.1 Remote Node Profile for PPPoE Encapsulation .............................. 283
Figure 138 Menu 11.1 Remote Node Profile for PPTP Encapsulation ................................ 285
Figure 139 Menu 11.3 Remote Node Network Layer Options for Ethernet Encapsulation . 286
Figure 140 Menu 11.5: Remote Node Filter (Ethernet Encapsulation) ................................ 288
Figure 141 Menu 11.5: Remote Node Filter (PPPoE and PPTP Encapsulation) ................ 288
Figure 142 Menu 12 IP Static Route Setup ........................................................................ 290
Figure 143 Menu12.1 Edit IP Static Route .......................................................................... 291
Figure 144 Menu 14- Dial-in User Setup ............................................................................. 292
Figure 145 Menu 14.1- Edit Dial-in User ............................................................................. 293
Figure 146 Menu 4 Applying NAT for Internet Access ........................................................ 295
Figure 147 Menu 11.3 Applying NAT to the Remote Node ................................................. 296
Figure 148 Menu 15 NAT Setup .......................................................................................... 297
Figure 149 Menu 15.1 Address Mapping Sets .................................................................... 297
Figure 150 Menu 15.1.255 SUA Address Mapping Rules ................................................. 298
Figure 151 Menu 15.1.1 First Set ........................................................................................ 299
Figure 152 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set ......................... 300
Figure 153 Menu 15.2.1 NAT Server Setup ........................................................................ 301
Figure 154 Multiple Servers Behind NAT Example ............................................................. 302
Figure 155 NAT Example 1 ................................................................................................. 303
Figure 156 Menu 4 Internet Access & NAT Example ......................................................... 303
Figure 157 NAT Example 2 ................................................................................................. 304
Figure 158 Menu 15.2.1 Specifying an Inside Server ......................................................... 304
Figure 159 NAT Example 3 ................................................................................................. 305
Figure 160 NAT Example 3: Menu 11.3 .............................................................................. 306
Figure 161 Example 3: Menu 15.1.1.1 ............................................................................... 307
Figure 162 Example 3: Final Menu 15.1.1 .......................................................................... 307
Figure 163 Example 3: Menu 15.2 ...................................................................................... 308
Figure 164 NAT Example 4 ................................................................................................. 309
Figure 165 Example 4: Menu 15.1.1.1 Address Mapping Rule. .......................................... 309
25 List of Figures
ZyAIR G-2000 Plus User’s Guide
Figure 166 Example 4: Menu 15.1.1 Address Mapping Rules ............................................ 310
Figure 167 Menu 15.3 Trigger Port Setup ........................................................................... 311
Figure 168 Outgoing Packet Filtering Process .................................................................... 312
Figure 169 Filter Rule Process ............................................................................................ 314
Figure 170 Menu 21: Filter and Firewall Setup ................................................................... 315
Figure 171 Menu 21.1: Filter Set Configuration .................................................................. 315
Figure 172 Menu 21.1.1.1 TCP/IP Filter Rule. .................................................................... 317
Figure 173 Executing an IP Filter ........................................................................................ 319
Figure 174 Menu 21.1.4.1 Generic Filter Rule .................................................................... 320
Figure 175 Telnet Filter Example ........................................................................................ 321
Figure 176 Example Filter: Menu 21.1.3.1 .......................................................................... 322
Figure 177 Example Filter Rules Summary: Menu 21.1.3 .................................................. 323
Figure 178 Protocol and Device Filter Sets ......................................................................... 324
Figure 179 Filtering LAN Traffic .......................................................................................... 325
Figure 180 Filtering Remote Node Traffic ........................................................................... 325
Figure 181 Menu 21.2 Firewall Setup ................................................................................. 327
Figure 182 SNMP Management Model ............................................................................... 328
Figure 183 Menu 22 SNMP Configuration ......................................................................... 330
Figure 184 Menu 23 System Security ................................................................................. 332
Figure 185 Menu 23 System Security ................................................................................. 333
Figure 186 Menu 23.2 System Security : RADIUS Server .................................................. 333
Figure 187 Menu 23 System Security ................................................................................. 334
Figure 188 Menu 23.4 System Security : IEEE802.1x ........................................................ 335
Figure 189 Menu 24 System Maintenance ......................................................................... 338
Figure 190 Menu 24.1 System Maintenance : Status ......................................................... 339
Figure 191 Menu 24.2 System Information and Console Port Speed ................................. 340
Figure 192 Menu 24.2.1 System Information : Information ................................................. 340
Figure 193 Menu 24.2.2 System Maintenance : Change Console Port Speed ................... 341
Figure 194 Menu 24.3 System Maintenance : Log and Trace ............................................ 342
Figure 195 Menu 24.3.2 System Maintenance : UNIX Syslog ........................................... 342
Figure 196 Call-Triggering Packet Example ........................................................................ 346
Figure 197 LAN & WAN DHCP ........................................................................................... 347
Figure 198 Menu 24.5 Backup Configuration ...................................................................... 352
Figure 199 FTP Session Example ...................................................................................... 353
Figure 200 Menu 24.6 Restore Configuration ..................................................................... 356
Figure 201 Restore Using FTP Session Examplei .............................................................. 356
Figure 202 Menu 24.7 System Maintenance: Upload Firmware ......................................... 357
Figure 203 Menu 24.7.1 System Maintenance : Upload System Firmware ........................ 358
Figure 204 Menu 24.7.2 System Maintenance: Upload System Configuration File ............ 358
Figure 205 FTP Session Example ...................................................................................... 359
Figure 206 Menu 24 System Maintenance ......................................................................... 363
Figure 207 Valid CI Commands .......................................................................................... 363
Figure 208 Menu 24.9 System Maintenance : Call Control ................................................. 364
List of Figures 26
ZyAIR G-2000 Plus User’s Guide
Figure 209 Budget Management ......................................................................................... 364
Figure 210 Menu 24.9.2 - Call History ................................................................................ 365
Figure 211 Menu 24.10 System Maintenance : Time and Date Setting .............................. 366
Figure 212 Menu 24.11 – Remote Management Control .................................................... 369
Figure 213 Telnet Configuration on a TCP/IP Network ....................................................... 370
Figure 214 Menu 26 Schedule Setup .................................................................................. 372
Figure 215 Menu 26.1 Schedule Set Setup ....................................................................... 373
Figure 216 Applying Schedule Set(s) to a Remote Node (PPPoE) .................................... 374
Figure 217 WIndows 95/98/Me: Network: Configuration ..................................................... 381
Figure 218 Windows 95/98/Me: TCP/IP Properties: IP Address ......................................... 382
Figure 219 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ............................ 383
Figure 220 Windows XP: Start Menu .................................................................................. 384
Figure 221 Windows XP: Control Panel .............................................................................. 384
Figure 222 Windows XP: Control Panel: Network Connections: Properties ....................... 385
Figure 223 Windows XP: Local Area Connection Properties .............................................. 385
Figure 224 Windows XP: Advanced TCP/IP Settings ......................................................... 386
Figure 225 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 387
Figure 226 Macintosh OS 8/9: Apple Menu ........................................................................ 388
Figure 227 Macintosh OS 8/9: TCP/IP ................................................................................ 388
Figure 228 Macintosh OS X: Apple Menu ........................................................................... 389
Figure 229 Macintosh OS X: Network ................................................................................. 390
Figure 230 IP Address Conflicts: CaseA ............................................................................. 392
Figure 231 IP Address Conflicts: Case B ........................................................................... 393
Figure 232 IP Address Conflicts: Case C ............................................................................ 393
Figure 233 IP Address Conflicts: Case D ............................................................................ 394
Figure 234 Peer-to-Peer Communication in an Ad-hoc Network ........................................ 411
Figure 235 ESS Provides Campus-Wide Coverage ........................................................... 412
Figure 236 Sequences for EAP MD5–Challenge Authentication ........................................ 415
Figure 237 Sequences for PEAP, MS–CHAP V2 Authentication ........................................ 416
27 List of Figures
ZyAIR G-2000 Plus User’s Guide
List of Tables
Table 1 IEEE 802.11b ......................................................................................................... 37
Table 2 IEEE 802.11g ......................................................................................................... 38
Table 3 Wizard 1 : General Setup ...................................................................................... 50
Table 4 Wizard 2 : Wireless LAN Setup ............................................................................. 51
Table 5 Wizard 3: Wireless LAN Setup: Basic Security ..................................................... 52
Table 6 Wizard 3: Wireless LAN Setup: Extend Security ................................................... 53
Table 7 Wizard 4: Ethernet Encapsulation ......................................................................... 54
Table 8 Wizard 4: PPPoE Encapsulation ........................................................................... 56
Table 9 Wizard 4: PPTP Encapsulation ............................................................................. 57
Table 10 Private IP Address Ranges ................................................................................. 58
Table 11 Example of Network Properties for LAN Servers with Fixed IP Addresses ......... 60
Table 12 Wizard 5: WAN Setup .......................................................................................... 61
Table 13 System General Setup ........................................................................................ 64
Table 14 DDNS .................................................................................................................. 66
Table 15 Password .............................................................................................................67
Table 16 Time Setting ........................................................................................................ 68
Table 17 LAN IP ................................................................................................................. 73
Table 18 Static DHCP ......................................................................................................... 76
Table 19 IP Alias ................................................................................................................ 77
Table 20 Wireless ............................................................................................................... 83
Table 21 Roaming ..............................................................................................................86
Table 22 Wireless No Security ........................................................................................... 89
Table 23 Wireless Security Relational Matrix ..................................................................... 90
Table 24 Wireless: Static WEP Encryption ......................................................................... 92
Table 25 Wireless: WPA-PSK ............................................................................................ 96
Table 26 Wireless: WPA ..................................................................................................... 99
Table 27 RADIUS ...............................................................................................................103
Table 28 Wireless: 802.1x and Dynamic WEP ................................................................... 106
Table 29 Wireless: 802.1x and Static WEP ........................................................................ 108
Table 30 Wireless: 802.1x and No WEP ............................................................................ 111
Table 31 MAC Address Filter ............................................................................................. 113
Table 32 Internal RADIUS Server ...................................................................................... 115
Table 33 My Certificates ..................................................................................................... 117
Table 34 Trusted AP ...........................................................................................................119
Table 35 Trusted Users ...................................................................................................... 121
Table 36 Ethernet Encapsulation ....................................................................................... 125
List of Tables 28
ZyAIR G-2000 Plus User’s Guide
Table 37 Ethernet Encapsulation ....................................................................................... 126
Table 38 PPPoE Encapsulation ......................................................................................... 128
Table 39 PPTP Encapsulation ............................................................................................ 130
Table 40 WAN: IP ............................................................................................................... 132
Table 41 NAT Definitions .................................................................................................... 136
Table 42 NAT Mapping Types ............................................................................................ 140
Table 43 Services and Port Numbers ................................................................................. 142
Table 44 SUA/NAT Setup ................................................................................................... 144
Table 45 Address Mapping ................................................................................................. 146
Table 46 Address Mapping Edit ......................................................................................... 147
Table 47 Trigger Port .......................................................................................................... 150
Table 48 Static Route .........................................................................................................153
Table 49 Static Route: Edit ................................................................................................. 154
Table 50 Remote Management: WWW .............................................................................. 158
Table 51 Remote Management: Telnet .............................................................................. 159
Table 52 Remote Management: FTP ................................................................................. 160
Table 53 SNMP Traps ........................................................................................................ 162
Table 54 Remote Management: SNMP .............................................................................. 164
Table 55 Remote Management: DNS ................................................................................ 165
Table 56 Security ................................................................................................................ 167
Table 57 Configuring UPnP ................................................................................................ 170
Table 58 Common IP Ports ................................................................................................ 180
Table 59 ICMP Commands That Trigger Alerts .................................................................. 184
Table 60 Default Rule .........................................................................................................197
Table 61 Rule Summary ..................................................................................................... 198
Table 62 Creating/Editing A Firewall Rule .......................................................................... 201
Table 63 Creating/Editing A Custom Service ..................................................................... 202
Table 64 Predefined Services ............................................................................................ 206
Table 65 Content Filter .......................................................................................................211
Table 66 My Certificates ..................................................................................................... 216
Table 67 My Certificate Import ........................................................................................... 219
Table 68 My Certificate Create ........................................................................................... 221
Table 69 My Certificate Details ........................................................................................... 224
Table 70 Trusted CAs ......................................................................................................... 226
Table 71 Trusted CA Import ............................................................................................... 227
Table 72 Trusted CA Details ............................................................................................... 230
Table 73 View Log .............................................................................................................. 232
Table 74 Log Settings .........................................................................................................235
Table 75 Reports ................................................................................................................ 237
Table 76 System Status ...................................................................................................... 241
Table 77 System Status: Show Statistics ........................................................................... 242
Table 78 Maintenance DHCP Table ................................................................................... 243
Table 79 Association List .................................................................................................... 244
29 List of Tables