ZyXEL Communications G-2000 Plus User Manual

ZyAIR G-2000 Plus

802.11g Wireless 4-port Router

User’s Guide

Version 3.60

4/2005

ZyAIR G-2000 Plus User’s Guide

Copyright

The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation.

Disclaimer

ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice. This publication is subject to change without notice.

Trademarks

ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.

ZyAIR G-2000 Plus User’s Guide

Federal Communications

Commission (FCC) Interference

Statement

This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:

• This device may not cause harmful interference.

• This device must accept any interference received, including interference that may cause undesired operations.

This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.

If this equipment does cause harmful interference to radio/television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:

• Reorient or relocate the receiving antenna.

• Increase the separation between the equipment and the receiver.

• Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.

• Consult the dealer or an experienced radio/TV technician for help.

Notice 1

Changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment.

Certifications

Go to www.zyxel.com

1 Select your product from the drop-down list box on the ZyXEL home page to go to that

product's page.

2 Select the certification you wish to view from this page

3 Federal Communications Commission (FCC) Interference Statement

ZyAIR G-2000 Plus User’s Guide

ZyXEL Limited Warranty

ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to proper operating condition. Any replacement will consist of a new or re-manufactured functionally equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.

Note

Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This warranty is in lieu of all other warranties, express or implied, including any implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect or consequential damages of any kind of character to the purchaser.

To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material Authorization number (RMA). Products must be returned Postage Prepaid. It is recommended that the unit be insured when shipped. Any returned products without proof of purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty gives you specific legal rights, and you may also have other rights that vary from country to country.

Safety Warnings

1 To reduce the risk of fire, use only No. 26 AWG or larger telephone wire.

2 Do not use this product near water, for example, in a wet basement or near a swimming

pool.

3 Avoid using this product during an electrical storm. There may be a remote risk of

electric shock from lightening.

This product has been designed for the WLAN 2.4 GHz network throughout the EC region and Switzerland, with restrictions in France.

ZyXEL Limited Warranty 4

ZyAIR G-2000 Plus User’s Guide

Please have the following information ready when you contact customer support.

• Product model and serial number.

• Warranty Information.

• Date that you received your device.

• Brief description of the problem and the steps you took to solve it.

Customer Support

method

location

Corporate HeadQuarters (Worldwide)

Czech Republic

Denmark support@zyxel.dk +45 39 55 07 00 www.zyxel.dk Z y X E L C o m m u n i c a t i o n s A / S

Finland support@zyxel.fi +358-9-4780-8411 www.zyxel.fi Zy X E L C o mm u n ic a t io n s Oy

France info@zyxel.fr +33 (0)4 72 52 97 97 www.zyxel.fr Z y XE L Fr a nc e

Germany support@zyxel.de +49-2405-6909-0 www.zyxel.de ZyXEL Deutschland GmbH.

North America support@zyxel.com +1-800-255-4101

Norway support@zyxel.no +47 22 80 61 80 www.zyxel.no Z y X E L C o m m u n i c a t i o n s A / S

Support e-mail Telephone

Sales e-mail Fax FTP Site

support@zyxel.com.tw +886-3-578-3942 www.zyxel.com

sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.com

info@cz.zyxel.com +420 241 091 350 www.zyxel.cz ZyXEL Communications

info@cz.zyxel.com +420 241 091 359

sales@zyxel.dk +45 39 55 07 07

sales@zyxel.fi +358-9-4780 8448

+33 (0)4 72 52 19 20

sales@zyxel.de +49-2405-6909-99

+1-714-632-0882

sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com

sales@zyxel.no +47 22 80 61 81

Web Site Regular Mail

ZyXEL Communications Corp.

www.europe.zyxel.com

ftp.europe.zyxel.com

www.us.zyxel.com ZyXEL Communications Inc.

6 Innov ati on Road II Sc ience Park Hs inchu 3 00 Ta iw a n

Czech s.r.o. Modranská 621 143 01 Praha 4 - Modrany Ceská Republika

Col um bu sv ej 5 2860 Soeborg Denmark

Mal mi nk aa ri 10 00700 Helsinki Finland

1 rue des Ve rg er s Ba t. 1 / C 69760 Limonest France

Adenauerstr. 20/A2 D-52146 Wuerselen Germany

1130 N. Miller St. Ana hei m

CA 92806- 2001 U.S.A.

Ni ls Hansens vei 13 0667 Oslo Norway

5 Customer Support

ZyAIR G-2000 Plus User’s Guide

SPAIN support@zyxel.es +34 902 195 420 www.zyxel.es Z y X E L C o m m u n i c at i o n s

sales@zyxel.es +34 913 005 345

Sweden support@zyxel.se +46 31 744 7700 www.zyxel.se ZyXEL Communications A/S

sales@zyxel.se +46 31 744 7701

United Kingdom

a. “+” is the (prefix) number you enter to make an international telephone call.

technical@zyxel.co.uk +44 (0) 8702 909090 www.zyxel.co.uk ZyXEL Communications UK

sales@zyxel.co.uk +44 (0) 8702 909091 ftp.zyxel.co.uk

A l e j a n d r o V i l l e g a s 3 3 1 º , 2 8 0 4 3 M a d r i d Spain

Sjöporten 4, 41764 Göteborg Sweden

Ltd.,11, The Courtyard, Eastern Road, Bracknell, Berkshire, RG12 2XB, United Kingdom (UK)

Customer Support 6

ZyAIR G-2000 Plus User’s Guide

7 Customer Support

ZyAIR G-2000 Plus User’s Guide

Copyright .................................................................................................................. 2

Federal Communications Commission (FCC) Interference Statement ............... 3

ZyXEL Limited Warranty.......................................................................................... 4

Customer Support.................................................................................................... 5

Preface .................................................................................................................... 32

Chapter 1

Getting to Know Your ZyAIR ................................................................................. 36

1.1 Introducing the ZyAIR .......................................................................................36

1.2 ZyAIR Features ..................................................................................................36

1.2.1 Physical Features .....................................................................................36

1.2.1.1 4-Port Switch ...................................................................................36

1.2.1.2 10/100M Auto-negotiating Ethernet/Fast Ethernet Interface ...........36

1.2.1.3 10/100M Auto-crossover Ethernet/Fast Ethernet Interface .............36

1.2.1.4 10/100 Mbps Ethernet WAN ............................................................37

1.2.1.5 Reset Button ...................................................................................37

1.2.1.6 ZyAIR LED ......................................................................................37

1.2.2 Firmware Features ....................................................................................37

1.2.2.1 Internal RADIUS Server ..................................................................37

1.2.2.2 Wi-Fi Protected Access ...................................................................37

1.2.2.3 802.11b Wireless LAN Standard .....................................................37

1.2.2.4 802.11g Wireless LAN Standard .....................................................38

1.2.2.5 STP (Spanning Tree Protocol) / RSTP (Rapid STP) .......................38

1.2.2.6 Certificates ......................................................................................38

1.2.2.7 Limit the number of Client Connections ..........................................38

1.2.2.8 SSL Passthrough ............................................................................38

1.2.2.9 Firewall ............................................................................................39

1.2.2.10 Brute-Force Password Guessing Protection ................................39

1.2.2.11 Wireless LAN MAC Address Filtering ............................................39

1.2.2.12 WEP Encryption ............................................................................39

1.2.2.13 IEEE 802.1X Network Security .....................................................39

1.2.2.14 Universal Plug and Play (UPnP) ...................................................39

1.2.2.15 Dynamic DNS Support ..................................................................39

Table of Contents 8

ZyAIR G-2000 Plus User’s Guide

1.2.2.16 PPPoE Support (RFC2516) ..........................................................40

1.2.2.17 PPTP Encapsulation .....................................................................40

1.2.2.18 Network Address Translation (NAT) ..............................................40

1.2.2.19 Traffic Redirect ..............................................................................40

1.2.2.20 NAT for Single-IP-address Internet Access ...................................40

1.2.2.21 DHCP (Dynamic Host Configuration Protocol) ..............................40

1.2.2.22 Multicast ........................................................................................41

1.2.2.23 IP Alias ..........................................................................................41

1.2.2.24 IP Policy Routing ...........................................................................41

1.2.2.25 SNMP ............................................................................................41

1.2.2.26 Full Network Management ............................................................41

1.2.2.27 Logging and Tracing ......................................................................41

1.2.2.28 Diagnostics Capabilities ................................................................41

1.2.2.29 Embedded FTP and TFTP Servers ...............................................42

1.2.2.30 Wireless Association List ..............................................................42

1.2.2.31 Wireless LAN Channel Usage .......................................................42

1.3 Applications for the ZyAIR ..................................................................................42

1.3.1 Internet Access Application ......................................................................42

Chapter 2

Introducing the Web Configurator........................................................................ 44

2.1 Web Configurator Overview ...............................................................................44

2.2 Accessing the ZyAIR Web Configurator .............................................................44

2.3 Resetting the ZyAIR ...........................................................................................46

2.3.1 .Procedure To Use The Reset Button .......................................................46

2.3.2 Method of Restoring Factory-Defaults Via Web Configurator ...................46

2.4 Navigating the ZyAIR Web Configurator ............................................................46

Chapter 3

Wizard Setup .......................................................................................................... 48

3.1 Wizard Setup Overview ......................................................................................48

3.1.1 Channel ....................................................................................................48

3.1.2 ESS ID ......................................................................................................48

3.1.3 WEP Encryption ........................................................................................48

3.1.4 WPA-PSK .................................................................................................49

3.2 Wizard Setup: General Setup ............................................................................49

3.3 Wizard Setup: Wireless LAN ..............................................................................50

3.4 Wizard Setup: Screen 3 .....................................................................................51

3.5 Wizard Setup: Screen 4 .....................................................................................53

3.5.1 Ethernet ....................................................................................................53

3.5.2 PPPoE Encapsulation ...............................................................................55

3.5.3 PPTP Encapsulation .................................................................................56

3.6 Wizard Setup: Screen 5 .....................................................................................58

9 Table of Contents

ZyAIR G-2000 Plus User’s Guide

3.6.1 WAN IP Address Assignment ...................................................................58

3.6.2 IP Address and Subnet Mask ...................................................................59

3.6.3 DNS Server Address Assignment .............................................................59

3.6.4 WAN MAC Address ..................................................................................59

3.7 Basic Setup Complete ........................................................................................62

Chapter 4

System Screens ..................................................................................................... 64

4.1 System Overview ...............................................................................................64

4.2 Configuring General Setup .................................................................................64

4.3 Dynamic DNS .....................................................................................................65

4.3.1 DynDNS Wildcard .....................................................................................65

4.4 Configuring Dynamic DNS .................................................................................66

4.5 Configuring Password ........................................................................................67

4.6 Configuring Time Setting ...................................................................................68

Chapter 5

LAN Screens...........................................................................................................70

5.1 LAN Overview ....................................................................................................70

5.2 DHCP Setup .......................................................................................................70

5.2.1 IP Pool Setup ............................................................................................70

5.2.2 System DNS Servers ................................................................................70

5.3 LAN TCP/IP ........................................................................................................70

5.3.1 Factory LAN Defaults ................................................................................70

5.3.2 IP Address and Subnet Mask ...................................................................71

5.3.3 RIP Setup .................................................................................................71

5.3.4 Multicast ....................................................................................................71

5.4 Configuring IP ....................................................................................................72

5.5 Configuring Static DHCP ....................................................................................75

5.6 Configuring IP Alias ............................................................................................76

Chapter 6

Wireless Configuration and Roaming .................................................................. 78

6.1 Wireless LAN Overview .....................................................................................78

6.1.1 IBSS ..........................................................................................................78

6.1.2 BSS ...........................................................................................................78

6.1.3 ESS ...........................................................................................................79

6.2 Wireless LAN Basics ..........................................................................................80

6.2.1 RTS/CTS .................................................................................................80

6.2.2 Fragmentation Threshold ..........................................................................81

6.3 Configuring Wireless ..........................................................................................82

6.4 Configuring Roaming .........................................................................................84

6.4.1 Requirements for Roaming .......................................................................85

Table of Contents 10

ZyAIR G-2000 Plus User’s Guide

Chapter 7

Wireless Security ................................................................................................... 88

7.1 Wireless Security Overview ...............................................................................88

7.2 Security Parameters Summary ..........................................................................90

7.3 WEP Overview ...................................................................................................90

7.3.1 Data Encryption .......................................................................................90

7.3.1.1 Authentication .................................................................................90

7.4 Configuring WEP Encryption ..............................................................................91

7.5 Introduction to WPA ...........................................................................................93

7.5.1 User Authentication .................................................................................93

7.5.2 Encryption ................................................................................................94

7.5.3 WPA-PSK Application Example ................................................................94

7.6 Configuring WPA-PSK Authentication ................................................................95

7.7 Wireless Client WPA Supplicants .......................................................................97

7.7.1 WPA with RADIUS Application Example ..................................................97

7.8 Configuring WPA Authentication ........................................................................98

7.9 Introduction to RADIUS ....................................................................................100

7.9.1 Types of RADIUS Messages ..................................................................100

7.9.1.1 Access-Challenge .........................................................................100

7.9.1.2 Accounting-Request ......................................................................101

7.9.1.3 Accounting-Response ...................................................................101

7.9.1.4 EAP Authentication Overview .......................................................101

7.10 Configuring RADIUS ......................................................................................102

7.11 802.1x Overview .............................................................................................104

7.12 Dynamic WEP Key Exchange ........................................................................104

7.13 Configuring 802.1x and Dynamic WEP Key Exchange ..................................105

7.14 Configuring 802.1x and Static WEP Key Exchange .......................................107

7.15 Configuring 802.1x .........................................................................................110

7.16 MAC Filter ......................................................................................................112

Chapter 8

Internal RADIUS Server ....................................................................................... 114

8.1 Internal RADIUS Overview ...............................................................................114

8.2 Internal RADIUS Server Setting ....................................................................... 116

8.3 Trusted AP Overview .......................................................................................118

8.4 Configuring Trusted AP .................................................................................... 119

8.5 Trusted Users Overview ...................................................................................120

8.6 Configuring Trusted Users ...............................................................................120

Chapter 9

WAN....................................................................................................................... 124

9.1 WAN Overview .................................................................................................124

9.2 Configuring WAN ISP .......................................................................................124

11 Table of Contents

ZyAIR G-2000 Plus User’s Guide

9.2.1 Ethernet Encapsulation ...........................................................................124

9.2.1.1 Service Type .................................................................................125

9.2.2 PPPoE Encapsulation .............................................................................126

9.2.3 PPTP Encapsulation ...............................................................................129

9.3 TCP/IP Priority (Metric) ....................................................................................131

9.4 Configuring WAN IP .........................................................................................131

9.5 Configuring WAN MAC .....................................................................................134

Chapter 10

Single User Account (SUA) / Network Address Translation (NAT).................. 136

10.1 NAT Overview ................................................................................................136

10.1.1 NAT Definitions .....................................................................................136

10.1.2 What NAT Does ....................................................................................137

10.1.3 How NAT Works ...................................................................................137

10.1.4 NAT Application ....................................................................................138

10.1.5 NAT Mapping Types .............................................................................139

10.2 Using NAT ......................................................................................................140

10.2.1 SUA (Single User Account) Versus NAT ..............................................140

10.3 SUA Server ....................................................................................................140

10.3.1 Default Server IP Address ....................................................................141

10.3.2 Port Forwarding: Services and Port Numbers ......................................141

10.3.3 Configuring Servers Behind SUA (Example) ........................................142

10.4 Configuring SUA Server ................................................................................143

10.5 Configuring Address Mapping ........................................................................145

10.5.1 Configuring Address Mapping ..............................................................147

10.6 Trigger Port Forwarding .................................................................................148

10.6.1 Trigger Port Forwarding Example .........................................................148

10.6.2 Two Points To Remember About Trigger Ports .....................................149

10.7 Configuring Trigger Port Forwarding ..............................................................149

Chapter 11

Static Route Screens ........................................................................................... 152

11.1 Static Route Overview ....................................................................................152

11.2 Configuring IP Static Route ............................................................................152

11.2.1 Configuring Route Entry ........................................................................153

Chapter 12

Remote Management Screens ............................................................................ 156

12.1 Remote Management Overview .....................................................................156

12.1.1 Remote Management Limitations .........................................................156

12.1.2 Remote Management and NAT ............................................................157

12.1.3 System Timeout ...................................................................................157

12.2 Configuring WWW ..........................................................................................157

Table of Contents 12

ZyAIR G-2000 Plus User’s Guide

12.3 Configuring Telnet ..........................................................................................158

12.4 Configuring TELNET ......................................................................................159

12.5 Configuring FTP .............................................................................................160

12.6 SNMP .............................................................................................................161

12.6.1 Supported MIBs ....................................................................................162

12.6.2 SNMP Traps .........................................................................................162

12.6.3 Configuring SNMP ................................................................................163

12.7 Configuring DNS ............................................................................................165

12.8 Configuring Security .......................................................................................166

Chapter 13

UPnP...................................................................................................................... 168

13.1 Universal Plug and Play Overview ................................................................168

13.1.1 How Do I Know If I'm Using UPnP? ......................................................168

13.1.2 NAT Traversal .......................................................................................168

13.1.3 Cautions with UPnP ..............................................................................168

13.2 UPnP and ZyXEL ...........................................................................................169

13.3 Configuring UPnP ..........................................................................................169

13.4 Installing UPnP in Windows Example ............................................................170

13.4.1 Installing UPnP in Windows Me ............................................................171

13.4.2 Installing UPnP in Windows XP ............................................................172

13.5 Using UPnP in Windows XP Example ...........................................................173

13.5.1 Auto-discover Your UPnP-enabled Network Device .............................174

13.5.2 Web Configurator Easy Access ............................................................175

13.5.3 Web Configurator Easy Access ............................................................176

Chapter 14

Firewalls................................................................................................................178

14.1 Firewall Overview ...........................................................................................178

14.2 Types of Firewalls ..........................................................................................178

14.2.1 Packet Filtering Firewalls ......................................................................178

14.2.2 Application-level Firewalls ....................................................................178

14.2.3 Stateful Inspection Firewalls .................................................................179

14.3 Introduction to ZyXEL’s Firewall .....................................................................179

14.4 Denial of Service ............................................................................................180

14.4.1 Basics ...................................................................................................180

14.4.2 Types of DoS Attacks ...........................................................................181

14.4.2.1 ICMP Vulnerability ......................................................................184

14.4.2.2 Traceroute ...................................................................................184

14.5 Stateful Inspection ..........................................................................................185

14.5.1 Stateful Inspection Process ..................................................................185

14.5.2 Stateful Inspection and the ZyAIR ........................................................186

14.5.3 TCP Security .........................................................................................187

13 Table of Contents

ZyAIR G-2000 Plus User’s Guide

14.5.4 UDP/ICMP Security ..............................................................................187

14.5.5 Upper Layer Protocols ..........................................................................188

14.6 Guidelines For Enhancing Security With Your Firewall ..................................188

14.7 Packet Filtering Vs Firewall ............................................................................188

14.7.1 Packet Filtering: ....................................................................................189

14.7.1.1 When To Use Filtering .................................................................189

14.7.2 Firewall .................................................................................................189

14.7.2.1 When To Use The Firewall ..........................................................189

Chapter 15

Firewall Screens...................................................................................................192

15.1 Access Methods .............................................................................................192

15.2 Firewall Policies Overview .............................................................................192

15.3 Rule Logic Overview ......................................................................................193

15.3.1 Rule Checklist .......................................................................................193

15.3.2 Security Ramifications ..........................................................................194

15.3.3 Key Fields For Configuring Rules .........................................................194

15.3.3.1 Action ..........................................................................................194

15.3.3.2 Service ........................................................................................194

15.3.3.3 Source Address ...........................................................................194

15.3.3.4 Destination Address ....................................................................194

15.4 Connection Direction Examples .....................................................................195

15.4.1 LAN to WAN Rules ...............................................................................195

15.4.2 WAN to LAN Rules ...............................................................................195

15.5 Alerts ..............................................................................................................196

15.6 Configuring Firewall .......................................................................................196

15.6.1 Rule Summary ......................................................................................197

15.6.2 Configuring Firewall Rules ....................................................................199

15.6.3 Configuring Custom Services ...............................................................202

15.7 Example Firewall Rule ...................................................................................203

15.8 Predefined Services .......................................................................................206

Chapter 16

Content Filtering ................................................................................................. 210

16.1 Introduction to Content Filtering .....................................................................210

16.2 Restrict Web Features ...................................................................................210

16.3 Days and Times .............................................................................................210

16.4 Configure Content Filtering ............................................................................210

Chapter 17

Certificates............................................................................................................ 214

17.1 Certificates Overview .....................................................................................214

17.1.1 Advantages of Certificates ....................................................................215

Table of Contents 14

ZyAIR G-2000 Plus User’s Guide

17.2 Self-signed Certificates ..................................................................................215

17.3 Configuration Summary .................................................................................215

17.4 My Certificates ...............................................................................................215

17.5 Certificate File Formats ..................................................................................218

17.6 Importing a Certificate ....................................................................................218

17.7 Creating a Certificate .....................................................................................219

17.8 My Certificate Details .....................................................................................222

17.9 Trusted CAs ...................................................................................................225

17.10 Importing a Trusted CA’s Certificate .............................................................227

17.11 Trusted CA Certificate Details ......................................................................228

Chapter 18

Log Screens.......................................................................................................... 232

18.1 Configuring View Log .....................................................................................232

18.2 Configuring Log Settings ................................................................................233

18.3 Configuring Reports .......................................................................................236

Chapter 19

Maintenance ......................................................................................................... 240

19.1 Maintenance Overview ...................................................................................240

19.2 System Status Screen ....................................................................................240

19.2.1 System Statistics ...................................................................................242

19.3 DHCP Table Screen .......................................................................................242

19.4 Association List ..............................................................................................243

19.5 F/W Upload Screen ........................................................................................244

19.6 Configuration Screen .....................................................................................247

19.6.1 Backup Configuration ...........................................................................248

19.6.2 Restore Configuration ..........................................................................248

19.6.3 Back to Factory Defaults .......................................................................250

19.7 Restart Screen ...............................................................................................250

Chapter 20

Introducing the SMT ............................................................................................252

20.1 SMT Introduction ............................................................................................252

20.2 Connect to your ZyAIR Using Telnet ..............................................................252

20.2.1 Entering Password ................................................................................252

20.3 Changing the System Password ....................................................................253

20.4 ZyAIR SMT Menu Overview Example ............................................................253

20.5 Navigating the SMT Interface .........................................................................254

20.5.1 System Management Terminal Interface Summary ..............................256

20.6 Changing the System Password ....................................................................256

15 Table of Contents

ZyAIR G-2000 Plus User’s Guide

Chapter 21

General Setup.......................................................................................................258

21.1 General Setup ................................................................................................258

21.1.1 Procedure To Configure Menu 1 ...........................................................258

21.1.2 Procedure to Configure Dynamic DNS .................................................260

Chapter 22

Menu 2 WAN Setup .............................................................................................. 262

22.1 Introduction to WAN .......................................................................................262

22.2 WAN Setup .....................................................................................................262

Chapter 23

LAN Setup.............................................................................................................264

23.1 LAN Setup ......................................................................................................264

23.1.1 General Ethernet Setup ........................................................................264

23.2 Protocol Dependent Ethernet Setup ..............................................................265

23.3 TCP/IP Ethernet Setup and DHCP ................................................................265

23.3.1 IP Alias Setup .......................................................................................267

23.4 Wireless LAN Setup .......................................................................................268

23.4.1 Configuring MAC Address Filter ...........................................................270

Chapter 24

Internet Access .................................................................................................... 274

24.1 Introduction to Internet Access Setup ............................................................274

24.2 Ethernet Encapsulation ..................................................................................274

24.3 Configuring the PPTP Client ..........................................................................276

24.4 Configuring the PPPoE Client ........................................................................277

24.5 Basic Setup Complete ....................................................................................278

Chapter 25

Remote Node Configuration ...............................................................................280

25.1 Introduction to Remote Node Setup ...............................................................280

25.2 Remote Node Profile Setup ...........................................................................280

25.2.1 Ethernet Encapsulation .........................................................................280

25.2.2 PPPoE Encapsulation ...........................................................................282

25.2.2.1 Outgoing Authentication Protocol ................................................283

25.2.2.2 Nailed-Up Connection .................................................................283

25.2.3 PPTP Encapsulation .............................................................................284

25.3 Edit IP .............................................................................................................285

25.4 Remote Node Filter ........................................................................................287

Table of Contents 16

ZyAIR G-2000 Plus User’s Guide

Chapter 26

Static Route Setup ............................................................................................... 290

26.1 IP Static Route Setup .....................................................................................290

Chapter 27

Dial-in User Setup ................................................................................................ 292

27.1 Dial-in User Setup ..........................................................................................292

Chapter 28

Network Address Translation (NAT)...................................................................294

28.1 Using NAT ......................................................................................................294

28.1.1 SUA (Single User Account) Versus NAT ..............................................294

28.2 Applying NAT .................................................................................................294

28.3 NAT Setup ......................................................................................................296

28.3.1 Address Mapping Sets ..........................................................................297

28.3.1.1 User-Defined Address Mapping Sets ..........................................298

28.3.1.2 Ordering Your Rules ....................................................................299

28.4 Configuring a Server behind NAT ..................................................................301

28.5 General NAT Examples ..................................................................................302

28.5.1 Example 1: Internet Access Only ..........................................................302

28.5.2 Example 2: Internet Access with an Inside Server ...............................303

28.5.3 Example 3: Multiple Public IP Addresses With Inside Servers .............304

28.5.4 Example 4: NAT Unfriendly Application Programs ...............................308

28.6 Configuring Trigger Port Forwarding .............................................................310

Chapter 29

Filter Configuration..............................................................................................312

29.1 Introduction to Filters ......................................................................................312

29.1.1 The Filter Structure of the ZyAIR ..........................................................313

29.2 Configuring a Filter Set ..................................................................................314

29.2.1 Configuring a Filter Rule .......................................................................316

29.2.2 Configuring a TCP/IP Filter Rule ..........................................................317

29.2.3 Configuring a Generic Filter Rule .........................................................319

29.3 Example Filter ................................................................................................321

29.4 Filter Types and NAT ......................................................................................323

29.5 Firewall Versus Filters ....................................................................................324

29.6 Applying a Filter ............................................................................................324

29.6.1 Applying LAN Filters .............................................................................324

29.6.2 Applying Remote Node Filters ..............................................................325

Chapter 30

Enabling the Firewall ........................................................................................... 326

30.1 Remote Management and the Firewall ..........................................................326

17 Table of Contents

ZyAIR G-2000 Plus User’s Guide

30.2 Access Methods .............................................................................................326

30.3 Enabling the Firewall ......................................................................................326

Chapter 31

SNMP Configuration ............................................................................................ 328

31.1 About SNMP ..................................................................................................328

31.2 Supported MIBs ............................................................................................329

31.3 SNMP Configuration ......................................................................................329

31.4 SNMP Traps ...................................................................................................330

Chapter 32

System Security ................................................................................................... 332

32.1 System Security .............................................................................................332

32.1.1 System Password .................................................................................332

32.1.2 Configuring External RADIUS Server ...................................................332

32.1.3 802.1x ...................................................................................................334

Chapter 33

System Information and Diagnosis .................................................................... 338

33.1 System Status ................................................................................................338

33.2 System Information ........................................................................................340

33.2.1 System Information ...............................................................................340

33.2.2 Console Port Speed ..............................................................................341

33.3 Log and Trace ................................................................................................341

33.3.1 Viewing Error Log .................................................................................341

33.3.2 UNIX Syslog .........................................................................................342

33.3.2.1 CDR ............................................................................................343

33.3.2.2 Packet triggered ..........................................................................343

33.3.2.3 Filter log .....................................................................................344

33.3.2.4 PPP log ......................................................................................344

33.3.2.5 Firewall log ..................................................................................345

33.3.3 Call-Triggering Packet ..........................................................................345

33.4 Diagnostic ......................................................................................................346

33.4.1 WAN DHCP ..........................................................................................347

Chapter 34

Firmware and Configuration File Maintenance ................................................. 350

34.1 Filename Conventions ...................................................................................350

34.2 Backup Configuration .....................................................................................351

34.2.1 Backup Configuration Using FTP .........................................................351

34.2.2 Using the FTP command from the DOS Prompt ..................................352

34.2.3 GUI-based FTP Clients .........................................................................353

34.2.4 TFTP and FTP over WAN Management Limitations .............................353

Table of Contents 18

ZyAIR G-2000 Plus User’s Guide

34.2.5 Backup Configuration Using TFTP .......................................................354

34.2.6 Example: TFTP Command ...................................................................354

34.2.7 GUI-based TFTP Clients ......................................................................355

34.3 Restore Configuration ...................................................................................355

34.3.1 Restore Using FTP ...............................................................................355

34.3.2 Restore Using FTP Session Example ..................................................356

34.4 Uploading Firmware and Configuration Files .................................................357

34.4.1 Firmware Upload ..................................................................................357

34.4.2 Configuration File Upload .....................................................................358

34.4.3 Using the FTP command from the DOS Prompt Example ...................358

34.4.4 TFTP File Upload ..................................................................................359

34.4.5 Example: TFTP Command ...................................................................360

Chapter 35

System Maintenance and Information ...............................................................362

35.1 Command Interpreter Mode ...........................................................................362

35.2 Call Control Support .......................................................................................363

35.2.1 Budget Management ............................................................................364

35.2.2 Call History ...........................................................................................364

35.3 Time and Date Setting ....................................................................................365

35.3.1 Resetting the Time ................................................................................367

Chapter 36

Remote Management ........................................................................................... 368

36.1 Remote Management .....................................................................................368

36.1.1 Telnet ....................................................................................................369

36.1.2 FTP .......................................................................................................370

36.1.3 Web ......................................................................................................370

36.1.4 Remote Management Limitations .........................................................370

36.2 Remote Management and NAT ......................................................................370

36.3 System Timeout .............................................................................................371

Chapter 37

Call Scheduling .................................................................................................... 372

37.1 Introduction to Call Scheduling ......................................................................372

Appendix A

Troubleshooting................................................................................................... 376

Appendix B

Brute-Force Password Guessing Protection..................................................... 378

Appendix C

Setting up Your Computer’s IP Address............................................................ 380

19 Table of Contents

ZyAIR G-2000 Plus User’s Guide

Appendix D

IP Address Assignment Conflicts ......................................................................392

Appendix E

IP Subnetting ........................................................................................................ 396

Appendix F

Command Interpreter........................................................................................... 404

Appendix G

Log Descriptions.................................................................................................. 406

Appendix H

Wireless LAN and IEEE 802.11 ...........................................................................410

Appendix I

Wireless LAN With IEEE 802.1x .......................................................................... 414

Appendix J

Types of EAP Authentication.............................................................................. 418

Appendix K

Antenna Selection and Positioning Recommendation..................................... 420

Appendix L

Power Adaptor Specifications ............................................................................ 422

Table of Contents 20

ZyAIR G-2000 Plus User’s Guide

21 Table of Contents

ZyAIR G-2000 Plus User’s Guide

List of Figures

Figure 1 Internet Access Application Example .................................................................... 42

Figure 2 Change Password Screen .................................................................................... 45

Figure 3 Replace Certificate Screen ................................................................................... 45

Figure 4 The MAIN MENU Screen of the Web Configurator ............................................... 47

Figure 5 Wizard 1 : General Setup ...................................................................................... 50

Figure 6 Wizard 2 : Wireless LAN Setup ............................................................................. 51

Figure 7 Wizard 3: Wireless LAN Setup: Basic Security ..................................................... 52

Figure 8 Wizard 3: Wireless LAN Setup: Extend Security .................................................. 53

Figure 9 Wizard 4: Ethernet Encapsulation ......................................................................... 54

Figure 10 Wizard 4: PPPoE Encapsulation ......................................................................... 56

Figure 11 Wizard 4: PPTP Encapsulation ........................................................................... 57

Figure 12 Wizard 5: WAN Setup ......................................................................................... 61

Figure 13 Wizard Finish ...................................................................................................... 63

Figure 14 System General Setup ........................................................................................ 64

Figure 15 DDNS .................................................................................................................. 66

Figure 16 Password. ........................................................................................................... 67

Figure 17 Time Setting ........................................................................................................ 68

Figure 18 LAN IP ................................................................................................................. 73

Figure 19 Static DHCP ........................................................................................................ 76

Figure 20 IP Alias ................................................................................................................ 77

Figure 21 IBSS (Ad-hoc) Wireless LAN .............................................................................. 78

Figure 22 Basic Service set ................................................................................................ 79

Figure 23 Extended Service Set ......................................................................................... 80

Figure 24 RTS/CTS ............................................................................................................ 81

Figure 25 Wireless ............................................................................................................. 83

Figure 26 Roaming Example ............................................................................................... 84

Figure 27 Roaming ..............................................................................................................86

Figure 28 ZyAIR Wireless Security Levels .......................................................................... 88

Figure 29 Wireless: No Security .......................................................................................... 89

Figure 30 WEP Authentication Steps .................................................................................. 91

Figure 31 Wireless: Static WEP Encryption ........................................................................ 92

Figure 32 WPA - PSK Authentication .................................................................................. 95

Figure 33 Wireless: WPA-PSK ............................................................................................ 96

Figure 34 WPA with RADIUS Application Example ............................................................ 98

Figure 35 Wireless: WPA .................................................................................................... 99

Figure 36 EAP Authentication ............................................................................................. 101

List of Figures 22

ZyAIR G-2000 Plus User’s Guide

Figure 37 Wireless: WPA .................................................................................................... 103

Figure 38 Wireless: 802.1x and Dynamic WEP .................................................................. 106

Figure 39 Wireless: 802.1x and Static WEP ....................................................................... 108

Figure 40 Wireless: 802.1x ................................................................................................. 111

Figure 41 MAC Address Filter ............................................................................................. 113

Figure 42 ZyAIR Authenticates Wireless Stations ............................................................... 115

Figure 43 ZyAIR Authenicates other AP’s ........................................................................... 115

Figure 44 Internal RADIUS Server Setting Screen ............................................................ 117

Figure 45 Trusted AP Overview .......................................................................................... 118

Figure 46 Trusted AP Screen .............................................................................................. 119

Figure 47 Trusted Users Screen ......................................................................................... 121

Figure 48 Ethernet Encapsulation ....................................................................................... 125

Figure 49 Ethernet Encapsulation ....................................................................................... 126

Figure 50 PPPoE Encapsulation ......................................................................................... 128

Figure 51 PPTP Encapsulation ........................................................................................... 130

Figure 52 WAN: IP .............................................................................................................132

Figure 53 MAC Setup .......................................................................................................... 134

Figure 54 How NAT Works .................................................................................................. 138

Figure 55 NAT Application With IP Alias ............................................................................. 139

Figure 56 Multiple Servers Behind NAT Example ............................................................... 143

Figure 57 SUA/NAT Setup .................................................................................................. 144

Figure 58 Address Mapping ................................................................................................ 146

Figure 59 Address Mapping Edit ......................................................................................... 147

Figure 60 Trigger Port Forwarding Process: Example ........................................................ 149

Figure 61 Trigger Port .........................................................................................................150

Figure 62 Example of Static Routing Topology ................................................................... 152

Figure 63 Static Route .........................................................................................................153

Figure 64 Static Route: Edit ................................................................................................ 154

Figure 65 Remote Management: WWW ............................................................................. 158

Figure 66 Telnet Configuration on a TCP/IP Network ......................................................... 159

Figure 67 Remote Management: Telnet .............................................................................. 159

Figure 68 Remote Management: FTP ................................................................................. 160

Figure 69 SNMP Management Model ................................................................................. 161

Figure 70 Remote Management: SNMP ............................................................................. 164

Figure 71 Remote Management: DNS ................................................................................ 165

Figure 72 Security ............................................................................................................... 167

Figure 73 Configuring UPnP ............................................................................................... 170

Figure 74 ZyAIR Firewall Application .................................................................................. 180

Figure 75 Three-Way Handshake ....................................................................................... 182

Figure 76 SYN Flood ........................................................................................................... 183

Figure 77 Smurf Attack ....................................................................................................... 184

Figure 78 Stateful Inspection ............................................................................................... 185

Figure 79 LAN to WAN Traffic ............................................................................................. 195

23 List of Figures

ZyAIR G-2000 Plus User’s Guide

Figure 80 WAN to LAN Traffic ............................................................................................. 196

Figure 81 Default Rule ....................................................................................................... 197

Figure 82 Rule Summary .................................................................................................... 198

Figure 83 Creating/Editing A Firewall Rule ......................................................................... 200

Figure 84 Creating/Editing A Custom Service ..................................................................... 202

Figure 85 Rule Summary .................................................................................................... 203

Figure 86 Rule Edit Example .............................................................................................. 204

Figure 87 Edit Custom Service Example ............................................................................ 204

Figure 88 My Service Rule Configuration ........................................................................... 205

Figure 89 My Service Example Rule Summary .................................................................. 206

Figure 90 Content Filter ...................................................................................................... 211

Figure 91 My Certificates .................................................................................................... 216

Figure 92 My Certificate Import ........................................................................................... 219

Figure 93 My Certificate Create .......................................................................................... 220

Figure 94 My Certificate Details .......................................................................................... 223

Figure 95 Trusted CAs ........................................................................................................ 226

Figure 96 Trusted CA Import ............................................................................................... 227

Figure 97 Trusted CA Details .............................................................................................. 229

Figure 98 View Log .............................................................................................................232

Figure 99 Log Settings ........................................................................................................ 234

Figure 100 Reports .............................................................................................................237

Figure 101 System Status ................................................................................................... 241

Figure 102 System Status: Show Statistics ......................................................................... 242

Figure 103 Maintenance DHCP Table ................................................................................. 243

Figure 104 Association List ................................................................................................. 244

Figure 105 Firmware Upload ............................................................................................... 245

Figure 106 Firmware Upload In Process ............................................................................. 246

Figure 107 Network Temporarily Disconnecte .................................................................... 246

Figure 108 Firmware Upload Error ...................................................................................... 247

Figure 109 Configuration ..................................................................................................... 248

Figure 110 Configuration Upload Successful ...................................................................... 249

Figure 111 Network Temporarily Disconnected ................................................................... 249

Figure 112 Configuration Upload Error ............................................................................... 250

Figure 113 Reset Warning Message ................................................................................... 250

Figure 114 Restart Screen .................................................................................................. 251

Figure 115 Login Screen ..................................................................................................... 252

Figure 116 Login Screen ..................................................................................................... 253

Figure 117 Menu 23.1 System Security : Change Password .............................................. 253

Figure 118 ZyAIR G-2000 Plus SMT Menu Overview Example .......................................... 254

Figure 119 ZyAIR G-2000 Plus SMT Main Menu ............................................................... 256

Figure 120 Menu 23: System Security ................................................................................ 257

Figure 121 Menu 23 System Password .............................................................................. 257

Figure 122 Menu 1 General Setup ...................................................................................... 259

List of Figures 24

ZyAIR G-2000 Plus User’s Guide

Figure 123 Menu 1.1 Configure Dynamic DNS .................................................................. 260

Figure 124 Menu 2 WAN Setup .......................................................................................... 262

Figure 125 Menu 3 LAN Setup ........................................................................................... 264

Figure 126 Menu 3.1 LAN Port Filter Setup. ....................................................................... 264

Figure 127 Menu 3.2 TCP/IP Setup .................................................................................... 265

Figure 128 Physical Network & Partitioned Logical Networks ............................................ 267

Figure 129 Menu 3.2.1: IP Alias Setup ............................................................................... 268

Figure 130 Menu 3.5 Wireless LAN Setup .......................................................................... 269

Figure 131 Menu 3.5 Wireless LAN Setup ......................................................................... 271

Figure 132 Menu 3.5.1 WLAN MAC Address Filter ............................................................ 272

Figure 133 Menu 4 Internet Access Setup .......................................................................... 275

Figure 134 Internet Access Setup (PPTP) ......................................................................... 277

Figure 135 Internet Access Setup (PPPoE) ........................................................................ 278

Figure 136 Menu 11.1 Remote Node Profile for Ethernet Encapsulation ............................ 281

Figure 137 Menu 11.1 Remote Node Profile for PPPoE Encapsulation .............................. 283

Figure 138 Menu 11.1 Remote Node Profile for PPTP Encapsulation ................................ 285

Figure 139 Menu 11.3 Remote Node Network Layer Options for Ethernet Encapsulation . 286

Figure 140 Menu 11.5: Remote Node Filter (Ethernet Encapsulation) ................................ 288

Figure 141 Menu 11.5: Remote Node Filter (PPPoE and PPTP Encapsulation) ................ 288

Figure 142 Menu 12 IP Static Route Setup ........................................................................ 290

Figure 143 Menu12.1 Edit IP Static Route .......................................................................... 291

Figure 144 Menu 14- Dial-in User Setup ............................................................................. 292

Figure 145 Menu 14.1- Edit Dial-in User ............................................................................. 293

Figure 146 Menu 4 Applying NAT for Internet Access ........................................................ 295

Figure 147 Menu 11.3 Applying NAT to the Remote Node ................................................. 296

Figure 148 Menu 15 NAT Setup .......................................................................................... 297

Figure 149 Menu 15.1 Address Mapping Sets .................................................................... 297

Figure 150 Menu 15.1.255 SUA Address Mapping Rules ................................................. 298

Figure 151 Menu 15.1.1 First Set ........................................................................................ 299

Figure 152 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set ......................... 300

Figure 153 Menu 15.2.1 NAT Server Setup ........................................................................ 301

Figure 154 Multiple Servers Behind NAT Example ............................................................. 302

Figure 155 NAT Example 1 ................................................................................................. 303

Figure 156 Menu 4 Internet Access & NAT Example ......................................................... 303

Figure 157 NAT Example 2 ................................................................................................. 304

Figure 158 Menu 15.2.1 Specifying an Inside Server ......................................................... 304

Figure 159 NAT Example 3 ................................................................................................. 305

Figure 160 NAT Example 3: Menu 11.3 .............................................................................. 306

Figure 161 Example 3: Menu 15.1.1.1 ............................................................................... 307

Figure 162 Example 3: Final Menu 15.1.1 .......................................................................... 307

Figure 163 Example 3: Menu 15.2 ...................................................................................... 308

Figure 164 NAT Example 4 ................................................................................................. 309

Figure 165 Example 4: Menu 15.1.1.1 Address Mapping Rule. .......................................... 309

25 List of Figures

ZyAIR G-2000 Plus User’s Guide

Figure 166 Example 4: Menu 15.1.1 Address Mapping Rules ............................................ 310

Figure 167 Menu 15.3 Trigger Port Setup ........................................................................... 311

Figure 168 Outgoing Packet Filtering Process .................................................................... 312

Figure 169 Filter Rule Process ............................................................................................ 314

Figure 170 Menu 21: Filter and Firewall Setup ................................................................... 315

Figure 171 Menu 21.1: Filter Set Configuration .................................................................. 315

Figure 172 Menu 21.1.1.1 TCP/IP Filter Rule. .................................................................... 317

Figure 173 Executing an IP Filter ........................................................................................ 319

Figure 174 Menu 21.1.4.1 Generic Filter Rule .................................................................... 320

Figure 175 Telnet Filter Example ........................................................................................ 321

Figure 176 Example Filter: Menu 21.1.3.1 .......................................................................... 322

Figure 177 Example Filter Rules Summary: Menu 21.1.3 .................................................. 323

Figure 178 Protocol and Device Filter Sets ......................................................................... 324

Figure 179 Filtering LAN Traffic .......................................................................................... 325

Figure 180 Filtering Remote Node Traffic ........................................................................... 325

Figure 181 Menu 21.2 Firewall Setup ................................................................................. 327

Figure 182 SNMP Management Model ............................................................................... 328

Figure 183 Menu 22 SNMP Configuration ......................................................................... 330

Figure 184 Menu 23 System Security ................................................................................. 332

Figure 185 Menu 23 System Security ................................................................................. 333

Figure 186 Menu 23.2 System Security : RADIUS Server .................................................. 333

Figure 187 Menu 23 System Security ................................................................................. 334

Figure 188 Menu 23.4 System Security : IEEE802.1x ........................................................ 335

Figure 189 Menu 24 System Maintenance ......................................................................... 338

Figure 190 Menu 24.1 System Maintenance : Status ......................................................... 339

Figure 191 Menu 24.2 System Information and Console Port Speed ................................. 340

Figure 192 Menu 24.2.1 System Information : Information ................................................. 340

Figure 193 Menu 24.2.2 System Maintenance : Change Console Port Speed ................... 341

Figure 194 Menu 24.3 System Maintenance : Log and Trace ............................................ 342

Figure 195 Menu 24.3.2 System Maintenance : UNIX Syslog ........................................... 342

Figure 196 Call-Triggering Packet Example ........................................................................ 346

Figure 197 LAN & WAN DHCP ........................................................................................... 347

Figure 198 Menu 24.5 Backup Configuration ...................................................................... 352

Figure 199 FTP Session Example ...................................................................................... 353

Figure 200 Menu 24.6 Restore Configuration ..................................................................... 356

Figure 201 Restore Using FTP Session Examplei .............................................................. 356

Figure 202 Menu 24.7 System Maintenance: Upload Firmware ......................................... 357

Figure 203 Menu 24.7.1 System Maintenance : Upload System Firmware ........................ 358

Figure 204 Menu 24.7.2 System Maintenance: Upload System Configuration File ............ 358

Figure 205 FTP Session Example ...................................................................................... 359

Figure 206 Menu 24 System Maintenance ......................................................................... 363

Figure 207 Valid CI Commands .......................................................................................... 363

Figure 208 Menu 24.9 System Maintenance : Call Control ................................................. 364

List of Figures 26

ZyAIR G-2000 Plus User’s Guide

Figure 209 Budget Management ......................................................................................... 364

Figure 210 Menu 24.9.2 - Call History ................................................................................ 365

Figure 211 Menu 24.10 System Maintenance : Time and Date Setting .............................. 366

Figure 212 Menu 24.11 – Remote Management Control .................................................... 369

Figure 213 Telnet Configuration on a TCP/IP Network ....................................................... 370

Figure 214 Menu 26 Schedule Setup .................................................................................. 372

Figure 215 Menu 26.1 Schedule Set Setup ....................................................................... 373

Figure 216 Applying Schedule Set(s) to a Remote Node (PPPoE) .................................... 374

Figure 217 WIndows 95/98/Me: Network: Configuration ..................................................... 381

Figure 218 Windows 95/98/Me: TCP/IP Properties: IP Address ......................................... 382

Figure 219 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ............................ 383

Figure 220 Windows XP: Start Menu .................................................................................. 384

Figure 221 Windows XP: Control Panel .............................................................................. 384

Figure 222 Windows XP: Control Panel: Network Connections: Properties ....................... 385

Figure 223 Windows XP: Local Area Connection Properties .............................................. 385

Figure 224 Windows XP: Advanced TCP/IP Settings ......................................................... 386

Figure 225 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 387

Figure 226 Macintosh OS 8/9: Apple Menu ........................................................................ 388

Figure 227 Macintosh OS 8/9: TCP/IP ................................................................................ 388

Figure 228 Macintosh OS X: Apple Menu ........................................................................... 389

Figure 229 Macintosh OS X: Network ................................................................................. 390

Figure 230 IP Address Conflicts: CaseA ............................................................................. 392

Figure 231 IP Address Conflicts: Case B ........................................................................... 393

Figure 232 IP Address Conflicts: Case C ............................................................................ 393

Figure 233 IP Address Conflicts: Case D ............................................................................ 394

Figure 234 Peer-to-Peer Communication in an Ad-hoc Network ........................................ 411

Figure 235 ESS Provides Campus-Wide Coverage ........................................................... 412

Figure 236 Sequences for EAP MD5–Challenge Authentication ........................................ 415

Figure 237 Sequences for PEAP, MS–CHAP V2 Authentication ........................................ 416

27 List of Figures

ZyAIR G-2000 Plus User’s Guide

List of Tables

Table 1 IEEE 802.11b ......................................................................................................... 37

Table 2 IEEE 802.11g ......................................................................................................... 38

Table 3 Wizard 1 : General Setup ...................................................................................... 50

Table 4 Wizard 2 : Wireless LAN Setup ............................................................................. 51

Table 5 Wizard 3: Wireless LAN Setup: Basic Security ..................................................... 52

Table 6 Wizard 3: Wireless LAN Setup: Extend Security ................................................... 53

Table 7 Wizard 4: Ethernet Encapsulation ......................................................................... 54

Table 8 Wizard 4: PPPoE Encapsulation ........................................................................... 56

Table 9 Wizard 4: PPTP Encapsulation ............................................................................. 57

Table 10 Private IP Address Ranges ................................................................................. 58

Table 11 Example of Network Properties for LAN Servers with Fixed IP Addresses ......... 60

Table 12 Wizard 5: WAN Setup .......................................................................................... 61

Table 13 System General Setup ........................................................................................ 64

Table 14 DDNS .................................................................................................................. 66

Table 15 Password .............................................................................................................67

Table 16 Time Setting ........................................................................................................ 68

Table 17 LAN IP ................................................................................................................. 73

Table 18 Static DHCP ......................................................................................................... 76

Table 19 IP Alias ................................................................................................................ 77

Table 20 Wireless ............................................................................................................... 83

Table 21 Roaming ..............................................................................................................86

Table 22 Wireless No Security ........................................................................................... 89

Table 23 Wireless Security Relational Matrix ..................................................................... 90

Table 24 Wireless: Static WEP Encryption ......................................................................... 92

Table 25 Wireless: WPA-PSK ............................................................................................ 96

Table 26 Wireless: WPA ..................................................................................................... 99

Table 27 RADIUS ...............................................................................................................103

Table 28 Wireless: 802.1x and Dynamic WEP ................................................................... 106

Table 29 Wireless: 802.1x and Static WEP ........................................................................ 108

Table 30 Wireless: 802.1x and No WEP ............................................................................ 111

Table 31 MAC Address Filter ............................................................................................. 113

Table 32 Internal RADIUS Server ...................................................................................... 115

Table 33 My Certificates ..................................................................................................... 117

Table 34 Trusted AP ...........................................................................................................119

Table 35 Trusted Users ...................................................................................................... 121

Table 36 Ethernet Encapsulation ....................................................................................... 125

List of Tables 28

ZyAIR G-2000 Plus User’s Guide

Table 37 Ethernet Encapsulation ....................................................................................... 126

Table 38 PPPoE Encapsulation ......................................................................................... 128

Table 39 PPTP Encapsulation ............................................................................................ 130

Table 40 WAN: IP ............................................................................................................... 132

Table 41 NAT Definitions .................................................................................................... 136

Table 42 NAT Mapping Types ............................................................................................ 140

Table 43 Services and Port Numbers ................................................................................. 142

Table 44 SUA/NAT Setup ................................................................................................... 144

Table 45 Address Mapping ................................................................................................. 146

Table 46 Address Mapping Edit ......................................................................................... 147

Table 47 Trigger Port .......................................................................................................... 150

Table 48 Static Route .........................................................................................................153

Table 49 Static Route: Edit ................................................................................................. 154

Table 50 Remote Management: WWW .............................................................................. 158

Table 51 Remote Management: Telnet .............................................................................. 159

Table 52 Remote Management: FTP ................................................................................. 160

Table 53 SNMP Traps ........................................................................................................ 162

Table 54 Remote Management: SNMP .............................................................................. 164

Table 55 Remote Management: DNS ................................................................................ 165

Table 56 Security ................................................................................................................ 167

Table 57 Configuring UPnP ................................................................................................ 170

Table 58 Common IP Ports ................................................................................................ 180

Table 59 ICMP Commands That Trigger Alerts .................................................................. 184

Table 60 Default Rule .........................................................................................................197

Table 61 Rule Summary ..................................................................................................... 198

Table 62 Creating/Editing A Firewall Rule .......................................................................... 201

Table 63 Creating/Editing A Custom Service ..................................................................... 202

Table 64 Predefined Services ............................................................................................ 206

Table 65 Content Filter .......................................................................................................211

Table 66 My Certificates ..................................................................................................... 216

Table 67 My Certificate Import ........................................................................................... 219

Table 68 My Certificate Create ........................................................................................... 221

Table 69 My Certificate Details ........................................................................................... 224

Table 70 Trusted CAs ......................................................................................................... 226

Table 71 Trusted CA Import ............................................................................................... 227

Table 72 Trusted CA Details ............................................................................................... 230

Table 73 View Log .............................................................................................................. 232

Table 74 Log Settings .........................................................................................................235

Table 75 Reports ................................................................................................................ 237

Table 76 System Status ...................................................................................................... 241

Table 77 System Status: Show Statistics ........................................................................... 242

Table 78 Maintenance DHCP Table ................................................................................... 243

Table 79 Association List .................................................................................................... 244

29 List of Tables

+ 400 hidden pages