Page 1
P-662H/HW-D Series
802.11g ADSL 2+ 4-Port Security Gateway
User’s Guide
Version 3.40
Edition 1
7/2006
Page 2
Page 3
P-662H/HW-D Series User’s Guide
Copyright
Copyright © 2006 by ZyXEL Communications Corporation.
The contents of this publication may not be reproduced in any part or as a whole, transcribed,
stored in a retrieval system, translated into any language, or transmitted in any form or by any
means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or
otherwise, without the prior written permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or
software described herein. Neither does it convey any license under its patent rights nor the
patent rights of others. ZyXEL further reserves the right to make changes in any products
described herein without notice. This publication is subject to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL
Communications, Inc. Other trademarks mentioned in this publication are used for
identification purposes only and may be properties of their respective owners.
Copyright 3
Page 4
P-662H/HW-D Series User’s Guide
Federal Communications Commission (FCC) Interference Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two
conditions:
• This device may not cause harmful interference.
• This device must accept any interference received, including interference that may cause
undesired operations.
This equipment has been tested and found to comply with the limits for a Class B digital
device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable
protection against harmful interference in a residential installation. This equipment generates,
uses, and can radiate radio frequency energy, and if not installed and used in accordance with
the instructions, may cause harmful interference to radio communications. However, there is
no guarantee that interference will not occur in a particular installation
Certifications
If this equipment does cause harmful interference to radio/television reception, which can be
determined by turning the equipment off and on, the user is encouraged to try to correct the
interference by one or more of the following measures:
• Reorient or relocate the receiving antenna.
• Increase the separation between the equipment and the receiver.
• Connect the equipment into an outlet on a circuit different from that to which the receiver
is connected.
• Consult the dealer or an experienced radio/TV technician for help.
This Class B digital apparatus complies with Canadian ICES-003.
Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada.
FCC Caution
Any changes or modifications not expressly approved by the party responsible for compliance
could void the user's authority to operate this equipment.
IMPORTANT NOTE: FCC Radiation Exposure Statement
This equipment complies with FCC radiation exposure limits set forth for an uncontrolled
environment. This equipment should be installed and operated with minimum distance 20cm
between the radiator & your body.
This transmitter must not be co-located or operating in conjunction with any other antenna or
transmitter.
4 Certifications
Page 5
P-662H/HW-D Series User’s Guide
ZyXEL Communications Corporation declared that P-662H/HW-D is limited in CH1~11 from
2400 to 2483.5 MHz by specified firmware controlled in USA.
Viewing Certifications
1 Go to www.zyxel.com
2 Select your product from the drop-down list box on the ZyXEL home page to go to that
product's page.
3 Select the certification you wish to view from this page.
Certifications 5
Page 6
P-662H/HW-D Series User’s Guide
For your safety, be sure to read and follow all warning notices and instructions.
• To reduce the risk of fire, use only No. 26 AWG (American Wire Gauge) or larger
telecommunication line cord.
• Do NOT open the device or unit. Opening or removing covers can expose you to
dangerous high voltage points or other risks. ONLY qualified service personnel can
service the device. Please contact your vendor for further information.
• Use ONLY the dedicated power supply for your device. Connect the power cord or
power adaptor to the right supply voltage (110V AC in North America or 230V AC in
Europe).
• Do NOT use the device if the power supply is damaged as it might cause electrocution.
• If the power supply is damaged, remove it from the power outlet.
• Do NOT attempt to repair the power supply. Contact your local vendor to order a new
power supply.
• Place connecting cables carefully so that no one will step on them or stumble over them.
Do NOT allow anything to rest on the power cord and do NOT locate the product where
anyone can walk on the power cord.
• If you wall mount your device, make sure that no electrical, gas or water pipes will be
damaged.
• Do NOT install nor use your device during a thunderstorm. There may be a remote risk of
electric shock from lightning.
• Do NOT expose your device to dampness, dust or corrosive liquids.
• Do NOT use this product near water, for example, in a wet basement or near a swimming
pool.
• Make sure to connect the cables to the correct ports.
• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your
device.
• Do NOT store things on the device.
• Connect ONLY suitable accessories to the device.
Safety Warnings
This product is recyclable. Dispose of it properly.
6 Safety Warnings
Page 7
P-662H/HW-D Series User’s Guide
ZyXEL Limited Warranty
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects
in materials or workmanship for a period of up to two years from the date of purchase. During
the warranty period, and upon proof of purchase, should the product have indications of failure
due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the
defective products or components without charge for either parts or labor, and to whatever
extent it shall deem necessary to restore the product or components to proper operating
condition. Any replacement will consist of a new or re-manufactured functionally equivalent
product of equal or higher value, and will be solely at the discretion of ZyXEL. This warranty
shall not apply if the product has been modified, misused, tampered with, damaged by an act
of God, or subjected to abnormal working conditions.
Note
Repair or replacement, as provided under this warranty, is the exclusive remedy of the
purchaser. This warranty is in lieu of all other warranties, express or implied, including any
implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in
no event be held liable for indirect or consequential damages of any kind to the purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return
Material Authorization number (RMA). Products must be returned Postage Prepaid. It is
recommended that the unit be insured when shipped. Any returned products without proof of
purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of
ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products
will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty
gives you specific legal rights, and you may also have other rights that vary from country to
country.
ZyXEL Limited Warranty 7
Page 8
P-662H/HW-D Series User’s Guide
Please have the following information ready when you contact customer support.
• Product model and serial number.
• Warranty Information.
• Date that you received your device.
• Brief description of the problem and the steps you took to solve it.
Customer Support
METHOD
LOCATION
CORPORATE
HEADQUARTERS
(WORLDWIDE)
COSTA RICA
CZECH REPUBLIC
DENMARK
FINLAND
FRANCE
GERMANY
HUNGARY
KAZAKHSTAN
NORTH AMERICA
SUPPORT E-MAIL TELEPHONE WEB SITE
SALES E-MAIL FAX FTP SITE
support@zyxel.com.tw +886-3-578-3942 www.zyxel.com
www.europe.zyxel.com
sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.com
ftp.europe.zyxel.com
soporte@zyxel.co.cr +506-2017878 www.zyxel.co.cr ZyXEL Costa Rica
sales@zyxel.co.cr +506-2015098 ftp.zyxel.co.cr
info@cz.zyxel.com +420-241-091-350 www.zyxel.cz ZyXEL Communications
info@cz.zyxel.com +420-241-091-359
support@zyxel.dk +45-39-55-07-00 www.zyxel.dk ZyXEL Communications A/S
sales@zyxel.dk +45-39-55-07-07
support@zyxel.fi +358-9-4780-8411 www.zyxel.fi ZyXEL Communications Oy
sales@zyxel.fi +358-9-4780 8448
info@zyxel.fr +33-4-72-52-97-97 www.zyxel.fr ZyXEL France
+33-4-72-52-19-20
support@zyxel.de +49-2405-6909-0 www.zyxel.de ZyXEL Deutschland GmbH.
sales@zyxel.de +49-2405-6909-99
support@zyxel.hu +36-1-3361649 www.zyxel.hu ZyXEL Hungary
info@zyxel.hu +36-1-3259100
http://zyxel.kz/support +7-3272-590-698 www.zyxel.kz ZyXEL Kazakhstan
sales@zyxel.kz +7-3272-590-689
support@zyxel.com 1-800-255-4101
+1-714-632-0882
sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com
www.us.zyxel.com ZyXEL Communications Inc.
REGULAR MAIL
ZyXEL Communications Corp.
6 Innovation Road II
Science Park
Hsinchu 300
Ta iw a n
Plaza Roble Escazú
Etapa El Patio, Tercer Piso
San José, Costa Rica
Czech s.r.o.
Modranská 621
143 01 Praha 4 - Modrany
Ceská Republika
Columbusvej
2860 Soeborg
Denmark
Malminkaari 10
00700 Helsinki
Finland
1 rue des Vergers
Bat. 1 / C
69760 Limonest
France
Adenauerstr. 20/A2 D-52146
Wuerselen
Germany
48, Zoldlomb Str.
H-1025, Budapest
Hungary
43, Dostyk ave.,Office 414
Dostyk Business Centre
050010, Almaty
Republic of Kazakhstan
1130 N. Miller St.
Anaheim
CA 92806-2001
U.S.A.
8 Customer Support
Page 9
P-662H/HW-D Series User’s Guide
METHOD
LOCATION
NORWAY
POLAND
RUSSIA
SPAIN
SWEDEN
UKRAINE
UNITED KINGDOM
SUPPORT E-MAIL TELEPHONE WEB SITE
SALES E-MAIL FAX FTP SITE
support@zyxel.no +47-22-80-61-80 www.zyxel.no ZyXEL Communications A/S
sales@zyxel.no +47-22-80-61-81
info@pl.zyxel.com +48 (22) 333 8250 www.pl.zyxel.com ZyXEL Communications
+48 (22) 333 8251
http://zyxel.ru/support +7-095-542-89-29 www.zyxel.ru ZyXEL Russia
sales@zyxel.ru +7-095-542-89-25
support@zyxel.es +34-902-195-420 www.zyxel.es ZyXEL Communications
sales@zyxel.es +34-913-005-345
support@zyxel.se +46-31-744-7700 www.zyxel.se ZyXEL Communications A/S
sales@zyxel.se +46-31-744-7701
support@ua.zyxel.com +380-44-247-69-78 www.ua.zyxel.com ZyXEL Ukraine
sales@ua.zyxel.com +380-44-494-49-32
support@zyxel.co.uk +44-1344 303044
08707 555779 (UK only)
sales@zyxel.co.uk +44-1344 303034 ftp.zyxel.co.uk
www.zyxel.co.uk ZyXEL Communications UK
REGULAR MAIL
Nils Hansens vei 13
0667 Oslo
Norway
ul. Okrzei 1A
03-715 Warszawa
Poland
Ostrovityanova 37a Str.
Moscow, 117279
Russia
Arte, 21 5ª planta
28033 Madrid
Spain
Sjöporten 4, 41764 Göteborg
Sweden
13, Pimonenko Str.
Kiev, 04050
Ukraine
Ltd.,11 The Courtyard,
Eastern Road, Bracknell,
Berkshire, RG12 2XB,
United Kingdom (UK)
+” is the (prefix) number you enter to make an international telephone call.
Customer Support 9
Page 10
P-662H/HW-D Series User’s Guide
10 Customer Support
Page 11
P-662H/HW-D Series User’s Guide
Table of Contents
Copyright ..................................................................................................................3
Certifications ............................................................................................................4
Safety Warnings ....................................................................................................... 6
ZyXEL Limited Warranty.......................................................................................... 7
Customer Support.................................................................................................... 8
Table of Contents ................................................................................................... 11
List of Figures ........................................................................................................ 25
List of Tables .......................................................................................................... 33
Preface ....................................................................................................................39
Chapter 1
Getting To Know Your ZyXEL Device................................................................... 41
1.1 Introducing the ZyXEL Device ............................................................................41
1.1.1 Features of the ZyXEL Device ..................................................................41
1.1.1.1 P-662HW Wireless Features ...........................................................45
1.1.2 Applications for the ZyXEL Device ...........................................................45
1.1.2.1 Internet Access ...............................................................................46
1.1.2.2 LAN to LAN Application ...................................................................46
1.1.3 Firewall for Secure Broadband Internet Access .......................................46
1.1.4 Front Panel LEDs .....................................................................................47
Chapter 2
Introducing the Web Configurator........................................................................ 49
2.1 Web Configurator Overview ...............................................................................49
2.2 Accessing the Web Configurator ........................................................................49
2.3 Resetting the ZyXEL Device ..............................................................................51
2.3.1 Using the Reset Button .............................................................................52
2.4 Navigating the Web Configurator ......................................................................52
2.4.1 Navigation Panel .......................................................................................52
2.4.2 Status Screen ............................................................................................55
2.4.3 Status: Any IP Table...................................................................................58
2.4.4 Status: WLAN Status .................................................................................58
2.4.5 Status: Bandwidth Status ...........................................................................59
Table of Contents 11
Page 12
P-662H/HW-D Series User’s Guide
2.4.6 Status: VPN Status ....................................................................................59
2.4.7 Status: Packet Statistics.............................................................................60
2.4.8 Changing Login Password .......................................................................62
Chapter 3
Wizard Setup for Internet Access......................................................................... 65
3.1 Introduction ........................................................................................................65
3.2 Internet Access Wizard Setup ............................................................................65
3.2.1 Automatic Detection ..................................................................................67
3.2.2 Manual Configuration ................................................................................67
3.3 Wireless Connection Wizard Setup ....................................................................72
3.3.1 Automatically assign a WPA key ...............................................................75
3.3.2 Manually assign a WPA-PSK key..............................................................75
3.3.3 Manually assign a WEP key ......................................................................76
Chapter 4
Bandwidth Management Wizard ........................................................................... 79
4.1 Introduction ........................................................................................................79
4.2 Predefined Media Bandwidth Management Services ........................................79
4.3 Bandwidth Management Wizard Setup ..............................................................80
Chapter 5
WAN Setup.............................................................................................................. 85
5.1 WAN Overview ..................................................................................................85
5.1.1 Encapsulation ...........................................................................................85
5.1.1.1 ENET ENCAP .................................................................................85
5.1.1.2 PPP over Ethernet ..........................................................................85
5.1.1.3 PPPoA .............................................................................................86
5.1.1.4 RFC 1483 ........................................................................................86
5.1.2 Multiplexing ...............................................................................................86
5.1.2.1 VC-based Multiplexing ....................................................................86
5.1.2.2 LLC-based Multiplexing ...................................................................86
5.1.3 VPI and VCI ..............................................................................................86
5.1.4 IP Address Assignment ............................................................................87
5.1.4.1 IP Assignment with PPPoA or PPPoE Encapsulation .....................87
5.1.4.2 IP Assignment with RFC 1483 Encapsulation .................................87
5.1.4.3 IP Assignment with ENET ENCAP Encapsulation ..........................87
5.1.5 Nailed-Up Connection (PPP) ....................................................................87
5.1.6 NAT ...........................................................................................................87
5.2 Metric ................................................................................................................88
5.3 Traffic Shaping ...................................................................................................88
5.3.1 ATM Traffic Classes ..................................................................................89
5.3.1.1 Constant Bit Rate (CBR) .................................................................89
12 Table of Contents
Page 13
P-662H/HW-D Series User’s Guide
5.3.1.2 Variable Bit Rate (VBR) ...................................................................89
5.3.1.3 Unspecified Bit Rate (UBR) .............................................................90
5.4 Zero Configuration Internet Access ....................................................................90
5.5 Internet Connection ...........................................................................................90
5.5.1 Configuring Advanced Internet Connection ...............................................92
5.6 Configuring More Connections ...........................................................................94
5.6.1 More Connections Edit .............................................................................95
5.6.2 Configuring More Connections Advanced Setup.......................................98
5.7 Traffic Redirect ...................................................................................................99
5.8 Configuring WAN Backup ................................................................................100
5.9 WAN Backup Advanced Screen ......................................................................102
5.10 Dial Backup Modem Setup ............................................................................105
Chapter 6
LAN Setup............................................................................................................. 109
6.1 LAN Overview .................................................................................................109
6.1.1 LANs, WANs and the ZyXEL Device ......................................................109
6.1.2 DHCP Setup ........................................................................................... 110
6.1.2.1 IP Pool Setup ................................................................................110
6.1.3 DNS Server Address .............................................................................. 110
6.1.4 DNS Server Address Assignment ........................................................... 111
6.2 LAN TCP/IP ...................................................................................................... 111
6.2.1 IP Address and Subnet Mask ................................................................. 111
6.2.1.1 Private IP Addresses ..................................................................... 112
6.2.2 RIP Setup ............................................................................................... 112
6.2.3 Multicast .................................................................................................. 113
6.2.4 Any IP .....................................................................................................113
6.2.4.1 How Any IP Works ........................................................................ 114
6.3 Configuring LAN IP ..........................................................................................115
6.3.1 Configuring Advanced LAN Setup ........................................................... 115
6.4 DHCP Setup .....................................................................................................117
6.5 LAN Client List ................................................................................................. 118
6.6 LAN IP Alias ..................................................................................................... 119
Chapter 7
Wireless LAN ........................................................................................................ 123
7.1 Wireless Network Overview .............................................................................123
7.2 Wireless Security Overview .............................................................................124
7.2.1 SSID .......................................................................................................124
7.2.2 MAC Address Filter .................................................................................124
7.2.3 User Authentication ................................................................................124
7.2.4 Encryption ...............................................................................................125
7.2.5 One-Touch Intelligent Security Technology (OTIST) ...............................126
Table of Contents 13
Page 14
P-662H/HW-D Series User’s Guide
7.3 Wireless Performance Overview ......................................................................126
7.3.1 Quality of Service (QoS) .........................................................................126
7.4 Additional Wireless Terms ................................................................................127
7.5 General Wireless LAN Screen ........................................................................127
7.5.1 No Security .............................................................................................129
7.5.2 WEP Encryption Screen .........................................................................129
7.5.3 WPA(2)-PSK ...........................................................................................130
7.5.4 WPA(2) Authentication Screen ...............................................................132
7.5.5 Wireless LAN Advanced Setup................................................................134
7.6 OTIST ...............................................................................................................135
7.6.1 Enabling OTIST ......................................................................................135
7.6.1.1 AP .................................................................................................136
7.6.1.2 Wireless Client ..............................................................................137
7.6.2 Starting OTIST ........................................................................................138
7.6.3 Notes on OTIST ......................................................................................138
7.7 MAC Filter ...................................................................................................139
7.8 WMM QoS ........................................................................................................141
7.8.1 WMM QoS Example ...............................................................................141
7.8.2 WMM QoS Priorities ...............................................................................141
7.8.3 Services ..................................................................................................142
7.9 QoS Screen ......................................................................................................144
7.9.1 ToS (Type of Service) and WMM QoS ....................................................144
7.9.2 Application Priority Configuration.............................................................146
7.10 Multiple SSID (P-662HW-D Models only) .......................................................147
7.10.1 Multiple SSID Commands .....................................................................148
7.10.2 Multiple SSID Example .........................................................................150
Chapter 8
DMZ ....................................................................................................................... 151
8.1 Introduction ......................................................................................................151
8.2 Configuring DMZ .............................................................................................151
8.3 DMZ Public IP Address Example .....................................................................153
8.4 DMZ Private and Public IP Address Example ..................................................154
Chapter 9
Network Address Translation (NAT) Screens .................................................... 157
9.1 NAT Overview .................................................................................................157
9.1.1 NAT Definitions .......................................................................................157
9.1.2 What NAT Does ......................................................................................158
9.1.3 How NAT Works .....................................................................................158
9.1.4 NAT Application ......................................................................................159
9.1.5 NAT Mapping Types ...............................................................................159
9.2 SUA (Single User Account) Versus NAT ..........................................................160
14 Table of Contents
Page 15
P-662H/HW-D Series User’s Guide
9.3 NAT General Setup .........................................................................................160
9.4 Port Forwarding ................................................................................................161
9.4.1 Default Server IP Address ......................................................................162
9.4.2 Port Forwarding: Services and Port Numbers ........................................162
9.4.3 Configuring Servers Behind Port Forwarding (Example) ........................163
9.5 Configuring Port Forwarding ...........................................................................163
9.5.1 Port Forwarding Rule Edit .......................................................................164
9.6 Address Mapping ............................................................................................165
9.6.1 Address Mapping Rule Edit ....................................................................167
Chapter 10
Firewalls................................................................................................................ 169
10.1 Firewall Overview ..........................................................................................169
10.2 Types of Firewalls ..........................................................................................169
10.2.1 Packet Filtering Firewalls ......................................................................169
10.2.2 Application-level Firewalls ....................................................................170
10.2.3 Stateful Inspection Firewalls ................................................................170
10.3 Introduction to ZyXEL’s Firewall .....................................................................170
10.3.1 Denial of Service Attacks ......................................................................171
10.4 Denial of Service ............................................................................................171
10.4.1 Basics ...................................................................................................171
10.4.2 Types of DoS Attacks ...........................................................................172
10.4.2.1 ICMP Vulnerability ......................................................................174
10.4.2.2 Illegal Commands (NetBIOS and SMTP) ....................................174
10.4.2.3 Traceroute ...................................................................................175
10.5 Stateful Inspection ..........................................................................................175
10.5.1 Stateful Inspection Process ..................................................................176
10.5.2 Stateful Inspection and the ZyXEL Device ............................................176
10.5.3 TCP Security .........................................................................................177
10.5.4 UDP/ICMP Security ..............................................................................177
10.5.5 Upper Layer Protocols ..........................................................................178
10.6 Guidelines for Enhancing Security with Your Firewall ....................................178
10.6.1 Security In General ...............................................................................179
10.7 Packet Filtering Vs Firewall ............................................................................179
10.7.1 Packet Filtering: ....................................................................................180
10.7.1.1 When To Use Filtering .................................................................180
10.7.2 Firewall .................................................................................................180
10.7.2.1 When To Use The Firewall ..........................................................180
Chapter 11
Firewall Configuration ......................................................................................... 181
11.1 Access Methods .............................................................................................181
11.2 Firewall Policies Overview ..............................................................................181
Table of Contents 15
Page 16
P-662H/HW-D Series User’s Guide
11.3 Rule Logic Overview ......................................................................................182
11.3.1 Rule Checklist .......................................................................................182
11.3.2 Security Ramifications ..........................................................................182
11.3.3 Key Fields For Configuring Rules .........................................................183
11.3.3.1 Action ...........................................................................................183
11.3.3.2 Service .........................................................................................183
11.3.3.3 Source Address ...........................................................................183
11.3.3.4 Destination Address ....................................................................183
11.4 Connection Direction ......................................................................................183
11.4.1 LAN to WAN Rules ................................................................................184
11.4.2 Alerts .....................................................................................................184
11.5 General Firewall Policy ................................................................................184
11.6 Firewall Rules Summary ...............................................................................185
11.6.1 Configuring Firewall Rules ...................................................................187
11.6.2 Customized Services ............................................................................190
11.6.3 Configuring A Customized Service .......................................................191
11.7 Example Firewall Rule ....................................................................................191
11.8 Predefined Services .......................................................................................195
11.9 Anti-Probing ....................................................................................................197
11.10 DoS Thresholds ...........................................................................................198
11.10.1 Threshold Values ................................................................................198
11.10.2 Half-Open Sessions ............................................................................199
11.10.2.1 TCP Maximum Incomplete and Blocking Time ..........................199
11.10.3 Configuring Firewall Thresholds ..........................................................200
Chapter 12
Anti-Virus Packet Scan........................................................................................ 203
12.1 Overview ........................................................................................................203
12.1.1 Types of Computer Viruses ..................................................................203
12.2 Signature-Based Virus Scan ..........................................................................203
12.2.1 Computer Virus Infection and Prevention .............................................204
12.3 Introduction to the ZyXEL Device Anti-virus Packet Scan .............................204
12.3.1 How the ZyXEL Device Virus Scan Works ..........................................205
12.3.2 Limitations of the ZyXEL Device Packet Scan ......................................205
12.4 Anti-Virus Packet Scan Configuration ...........................................................205
12.5 Registration and Online Update ....................................................................207
12.5.1 Updating the Anti-Virus Packet Scan ....................................................209
Chapter 13
Content Filtering .................................................................................................. 211
13.1 Content Filtering Overview ............................................................................ 211
13.2 Configuring Keyword Blocking ...................................................................... 211
13.3 Configuring the Schedule ..............................................................................212
16 Table of Contents
Page 17
P-662H/HW-D Series User’s Guide
13.4 Configuring Trusted Computers ....................................................................213
Chapter 14
Content Access Control ...................................................................................... 215
14.1 Content Access Control Overview .................................................................215
14.1.1 Content Access Control WLAN Application ..........................................215
14.1.2 Configuration Steps ..............................................................................215
14.2 Activating CAC and Creating User Groups ..................................................216
14.2.1 Configuring Time Schedule ..................................................................217
14.2.2 Configuring Services .............................................................................219
14.2.2.1 Available Services .......................................................................220
14.2.3 Configuring Web Site Filters .................................................................222
14.2.4 Testing Web Site Access Privileges ......................................................227
14.3 User Account Setup ......................................................................................228
14.4 User Online Status ........................................................................................229
14.5 Content Access Control Logins ......................................................................230
14.5.1 User Login ............................................................................................230
14.5.2 Administrator Login ...............................................................................231
Chapter 15
Introduction to IPSec ........................................................................................... 233
15.1 VPN Overview ................................................................................................233
15.1.1 IPSec ....................................................................................................233
15.1.2 Security Association .............................................................................233
15.1.3 Other Terminology ................................................................................233
15.1.3.1 Encryption ...................................................................................233
15.1.3.2 Data Confidentiality .....................................................................234
15.1.3.3 Data Integrity ...............................................................................234
15.1.3.4 Data Origin Authentication ..........................................................234
15.1.4 VPN Applications ..................................................................................234
15.2 IPSec Architecture .........................................................................................235
15.2.1 IPSec Algorithms ..................................................................................235
15.2.2 Key Management ..................................................................................235
15.3 Encapsulation .................................................................................................235
15.3.1 Transport Mode ....................................................................................236
15.3.2 Tunnel Mode ........................................................................................236
15.4 IPSec and NAT ...............................................................................................236
Chapter 16
VPN Screens......................................................................................................... 239
16.1 VPN/IPSec Overview .....................................................................................239
16.2 IPSec Algorithms ............................................................................................239
16.2.1 AH (Authentication Header) Protocol ....................................................239
Table of Contents 17
Page 18
P-662H/HW-D Series User’s Guide
16.2.2 ESP (Encapsulating Security Payload) Protocol ..................................239
16.3 My IP Address ................................................................................................240
16.4 Secure Gateway Address ..............................................................................241
16.4.1 Dynamic Secure Gateway Address ......................................................241
16.5 VPN Setup Screen ........................................................................................241
16.6 Keep Alive ......................................................................................................243
16.7 VPN, NAT, and NAT Traversal .......................................................................244
16.8 Remote DNS Server ......................................................................................245
16.9 ID Type and Content ......................................................................................245
16.9.1 ID Type and Content Examples ............................................................246
16.10 Pre-Shared Key ............................................................................................247
16.11 Editing VPN Policies ....................................................................................247
16.12 IKE Phases .................................................................................................252
16.12.1 Negotiation Mode ................................................................................253
16.12.2 Diffie-Hellman (DH) Key Groups .........................................................254
16.12.3 Perfect Forward Secrecy (PFS) .........................................................254
16.13 Configuring Advanced IKE Settings ............................................................254
16.14 Manual Key Setup ........................................................................................257
16.14.1 Security Parameter Index (SPI) .........................................................257
16.15 Configuring Manual Key ..............................................................................257
16.16 Viewing SA Monitor .....................................................................................260
16.17 Configuring Global Setting ..........................................................................261
16.18 Telecommuter VPN/IPSec Examples ...........................................................262
16.18.1 Telecommuters Sharing One VPN Rule Example ..............................262
16.18.2 Telecommuters Using Unique VPN Rules Example ...........................263
16.19 VPN and Remote Management ...................................................................264
Chapter 17
Certificates............................................................................................................ 265
17.1 Certificates Overview .....................................................................................265
17.1.1 Advantages of Certificates ....................................................................266
17.2 Self-signed Certificates ..................................................................................266
17.3 Configuration Summary .................................................................................266
17.4 My Certificates ..............................................................................................267
17.5 My Certificate Import .....................................................................................269
17.5.1 Certificate File Formats .........................................................................269
17.6 My Certificate Create ....................................................................................270
17.7 My Certificate Details ....................................................................................272
17.8 Trusted CAs .................................................................................................275
17.9 Trusted CA Import ........................................................................................277
17.10 Trusted CA Details .......................................................................................278
17.11 Trusted Remote Hosts ................................................................................280
17.12 Verifying a Trusted Remote Host’s Certificate ..............................................282
18 Table of Contents
Page 19
P-662H/HW-D Series User’s Guide
17.12.1 Trusted Remote Host Certificate Fingerprints .....................................282
17.13 Trusted Remote Hosts Import ....................................................................283
17.14 Trusted Remote Host Certificate Details ....................................................283
17.15 Directory Servers .........................................................................................286
17.16 Directory Server Add or Edit ......................................................................287
Chapter 18
Static Route .......................................................................................................... 289
18.1 Static Route .................................................................................................289
18.2 Configuring Static Route ...............................................................................289
18.2.1 Static Route Edit ..................................................................................290
Chapter 19
Bandwidth Management...................................................................................... 293
19.1 Bandwidth Management Overview ...............................................................293
19.2 Application-based Bandwidth Management ...................................................293
19.3 Subnet-based Bandwidth Management .........................................................293
19.4 Application and Subnet-based Bandwidth Management ...............................294
19.5 Scheduler .......................................................................................................294
19.5.1 Priority-based Scheduler ......................................................................294
19.5.2 Fairness-based Scheduler ....................................................................295
19.6 Maximize Bandwidth Usage ...........................................................................295
19.6.1 Reserving Bandwidth for Non-Bandwidth Class Traffic ........................295
19.6.2 Maximize Bandwidth Usage Example ..................................................296
19.6.2.1 Priority-based Allotment of Unused and Unbudgeted Bandwidth 296
19.6.2.2 Fairness-based Allotment of Unused and Unbudgeted
Bandwidth ...........................................................................................297
19.6.3 Bandwidth Management Priorities ........................................................297
19.7 Configuring Summary ...................................................................................297
19.8 Bandwidth Management Rule Setup ............................................................299
19.8.1 Rule Configuration .................................................................................300
19.9 Bandwidth Monitor ........................................................................................302
Chapter 20
Dynamic DNS Setup............................................................................................. 305
20.1 Dynamic DNS Overview ................................................................................305
20.1.1 DYNDNS Wildcard ................................................................................305
20.2 Configuring Dynamic DNS ............................................................................305
Chapter 21
Remote Management Configuration .................................................................. 309
21.1 Remote Management Overview ....................................................................309
21.1.1 Remote Management Limitations .........................................................309
Table of Contents 19
Page 20
P-662H/HW-D Series User’s Guide
21.1.2 Remote Management and NAT ............................................................310
21.1.3 System Timeout ...................................................................................310
21.2 WWW .............................................................................................................310
21.3 Telnet .............................................................................................................. 311
21.4 Configuring Telnet .......................................................................................... 311
21.5 Configuring FTP ............................................................................................312
21.6 SNMP .............................................................................................................313
21.6.1 Supported MIBs ....................................................................................314
21.6.2 SNMP Traps .........................................................................................315
21.6.3 Configuring SNMP .................................................................................315
21.7 Configuring DNS ...........................................................................................317
21.8 Configuring ICMP ...........................................................................................317
21.9 TR-069 ...........................................................................................................319
Chapter 22
Universal Plug-and-Play (UPnP) ......................................................................... 321
22.1 Introducing Universal Plug and Play .............................................................321
22.1.1 How do I know if I'm using UPnP? ........................................................321
22.1.2 NAT Traversal .......................................................................................321
22.1.3 Cautions with UPnP ..............................................................................322
22.2 UPnP and ZyXEL ...........................................................................................322
22.2.1 Configuring UPnP .................................................................................322
22.3 Installing UPnP in Windows Example ............................................................323
22.4 Using UPnP in Windows XP Example ...........................................................326
Chapter 23
System .................................................................................................................. 333
23.1 General Setup ................................................................................................333
23.1.1 General Setup and System Name ........................................................333
23.1.2 General Setup .......................................................................................333
23.2 Time Setting ..................................................................................................335
Chapter 24
Logs ...................................................................................................................... 339
24.1 Logs Overview ..............................................................................................339
24.1.1 Alerts and Logs .....................................................................................339
24.2 Viewing the Logs ............................................................................................339
24.3 Configuring Log Settings ...............................................................................340
24.4 SMTP Error Messages ...................................................................................343
24.4.1 Example E-mail Log .............................................................................343
20 Table of Contents
Page 21
P-662H/HW-D Series User’s Guide
Chapter 25
Tools ...................................................................................................................... 345
25.1 Firmware Upgrade ........................................................................................345
25.2 Configuration Screen .....................................................................................347
25.2.1 Backup Configuration ...........................................................................347
25.2.2 Restore Configuration ...........................................................................348
25.2.3 Back to Factory Defaults .......................................................................349
25.3 Restart ............................................................................................................349
Chapter 26
Diagnostic............................................................................................................. 351
26.1 General Diagnostic ........................................................................................351
26.2 DSL Line Diagnostic .....................................................................................352
Chapter 27
Troubleshooting ................................................................................................... 353
27.1 Problems Starting Up the ZyXEL Device .......................................................353
27.2 Problems with the LAN ...................................................................................353
27.3 Problems with the WAN .................................................................................354
27.4 Problems Accessing the ZyXEL Device .........................................................355
27.4.1 Pop-up Windows, JavaScripts and Java Permissions ..........................355
27.4.1.1 Internet Explorer Pop-up Blockers ..............................................355
27.4.1.2 JavaScripts ..................................................................................358
27.4.1.3 Java Permissions ........................................................................360
27.4.2 ActiveX Controls in Internet Explorer ....................................................362
Appendix A
Product Specifications ....................................................................................... 365
Appendix B
About ADSL .......................................................................................................... 369
Introduction to DSL ................................................................................................ 369
ADSL Overview...................................................................................................... 369
Advantages of ADSL.............................................................................................. 369
Appendix C
Wall-mounting Instructions................................................................................. 371
Appendix D
Setting up Your Computer’s IP Address............................................................ 373
Windows 95/98/Me................................................................................................. 373
Windows 2000/NT/XP ............................................................................................ 376
Macintosh OS 8/9................................................................................................... 381
Table of Contents 21
Page 22
P-662H/HW-D Series User’s Guide
Macintosh OS X ..................................................................................................... 383
Linux....................................................................................................................... 384
Appendix E
IP Addresses and Subnetting ............................................................................. 389
Introduction to IP Addresses .................................................................................. 389
Subnet Masks ........................................................................................................ 391
Subnetting .............................................................................................................. 391
Example: Two Subnets .......................................................................................... 392
Example: Four Subnets.......................................................................................... 393
Example Eight Subnets.......................................................................................... 394
Subnetting With Class A and Class B Networks. ................................................... 395
Appendix F
Wireless LANs ...................................................................................................... 397
Wireless LAN Topologies ....................................................................................... 397
Channel.................................................................................................................. 399
RTS/CTS................................................................................................................ 399
Fragmentation Threshold ....................................................................................... 400
Preamble Type....................................................................................................... 401
IEEE 802.11g Wireless LAN .................................................................................. 401
IEEE 802.1x ........................................................................................................... 402
RADIUS.................................................................................................................. 402
Types of Authentication.......................................................................................... 403
WPA(2)................................................................................................................... 405
Security Parameters Summary .............................................................................. 407
Appendix G
Importing Certificates .......................................................................................... 409
Import ZyXEL Device Certificates into Netscape Navigator ................................... 409
Importing the ZyXEL Device’s Certificate into Internet Explorer ............................ 409
Enrolling and Importing SSL Client Certificates ..................................................... 413
Using a Certificate When Accessing the ZyXEL Device Example ......................... 417
Appendix H
Command Interpreter........................................................................................... 419
Command Syntax................................................................................................... 419
Access via Telnet .................................................................................................. 419
Command Usage ................................................................................................... 419
Appendix I
Certificates Commands ....................................................................................... 421
22 Table of Contents
Page 23
P-662H/HW-D Series User’s Guide
Appendix J
Boot Commands ..................................................................................................425
Appendix K
Firewall Commands ............................................................................................. 427
Appendix L
NetBIOS Filter Commands .................................................................................. 433
Introduction ............................................................................................................ 433
Display NetBIOS Filter Settings ............................................................................. 433
NetBIOS Filter Configuration.................................................................................. 434
Appendix M
Internal SPTGEN .................................................................................................. 437
Internal SPTGEN Overview ................................................................................... 437
The Configuration Text File Format ........................................................................ 437
Internal SPTGEN FTP Download Example............................................................ 438
Internal SPTGEN FTP Upload Example ................................................................ 439
Command Examples.............................................................................................. 460
Appendix N
Splitters and Microfilters ..................................................................................... 463
Connecting a POTS Splitter ................................................................................... 463
Telephone Microfilters ............................................................................................ 463
ZyXEL Device With ISDN....................................................................................... 464
Appendix O
Log Descriptions.................................................................................................. 465
Log Commands...................................................................................................... 479
Log Command Example......................................................................................... 480
Appendix P
Triangle Route ...................................................................................................... 481
The Ideal Setup...................................................................................................... 481
The “Triangle Route” Problem................................................................................ 481
The “Triangle Route” Solutions .............................................................................. 482
IP Aliasing .............................................................................................................. 482
Gateways on the WAN Side................................................................................... 483
Index...................................................................................................................... 485
Table of Contents 23
Page 24
P-662H/HW-D Series User’s Guide
24 Table of Contents
Page 25
P-662H/HW-D Series User’s Guide
List of Figures
Figure 1 ZyXEL Device Internet Access Application ........................................................... 46
Figure 2 ZyXEL Device LAN-to-LAN Application Example ................................................. 46
Figure 3 Firewall Application ............................................................................................... 47
Figure 4 P-662H Front Panel .............................................................................................. 47
Figure 5 P-662HW Front Panel ........................................................................................... 47
Figure 6 Password Screen .................................................................................................. 50
Figure 7 Change Password at Login ................................................................................... 50
Figure 8 Replace Factory Default Certificate ...................................................................... 51
Figure 9 Select a Mode ....................................................................................................... 51
Figure 10 Web Configurator: Main Screen ........................................................................ 52
Figure 11 Status Screen ...................................................................................................... 56
Figure 12 Status: Any IP Table ............................................................................................ 58
Figure 13 Status: WLAN Status ........................................................................................... 59
Figure 14 Status: Bandwidth Status .................................................................................... 59
Figure 15 Status: VPN Status .............................................................................................. 60
Figure 16 Status: Packet Statistics ...................................................................................... 61
Figure 17 System General .................................................................................................. 62
Figure 18 Select a Mode ..................................................................................................... 65
Figure 19 Wizard: Welcome ................................................................................................ 66
Figure 20 Auto Detection: No DSL Connection ................................................................... 66
Figure 21 Auto Detection: Failed ......................................................................................... 67
Figure 22 Auto-Detection: PPPoE ....................................................................................... 67
Figure 23 Internet Access Wizard Setup: ISP Parameters ................................................. 68
Figure 24 Internet Connection with PPPoE ......................................................................... 69
Figure 25 Internet Connection with RFC 1483 ................................................................... 69
Figure 26 Internet Connection with ENET ENCAP ............................................................. 70
Figure 27 Internet Connection with PPPoA ......................................................................... 71
Figure 28 Connection Test Failed-1 .................................................................................... 72
Figure 29 Connection Test Failed-2. ................................................................................... 72
Figure 30 Connection Test Successful ................................................................................ 73
Figure 31 Wireless LAN Setup Wizard 1 ............................................................................. 73
Figure 32 Wireless LAN Setup Wizard 2 ............................................................................. 74
Figure 33 Manually assign a WPA key ................................................................................ 76
Figure 34 Manually assign a WEP key ............................................................................... 76
Figure 35 Wireless LAN Setup 3 ......................................................................................... 77
Figure 36 Internet Access and WLAN Wizard Setup Complete .......................................... 78
Figure 37 Select a Mode ..................................................................................................... 80
Figure 38 Wizard: Welcome ................................................................................................ 81
List of Figures 25
Page 26
P-662H/HW-D Series User’s Guide
Figure 39 Bandwidth Management Wizard: General Information ....................................... 81
Figure 40 Bandwidth Management Wizard: Configuration .................................................. 82
Figure 41 Bandwidth Management Wizard: Complete ........................................................ 83
Figure 42 Example of Traffic Shaping ................................................................................. 89
Figure 43 Internet Connection (PPPoE) .............................................................................. 91
Figure 44 Advanced Internet Connection ............................................................................ 93
Figure 45 More Connections ............................................................................................... 95
Figure 46 More Connections Edit ........................................................................................ 96
Figure 47 More Connections Advanced Setup ................................................................... 98
Figure 48 Traffic Redirect Example ..................................................................................... 99
Figure 49 Traffic Redirect LAN Setup ................................................................................. 100
Figure 50 WAN Backup Setup ............................................................................................ 101
Figure 51 WAN Backup Advanced Setup ........................................................................... 103
Figure 52 WAN Dial Backup Modem Setup ........................................................................ 106
Figure 53 LAN and WAN IP Addresses .............................................................................. 109
Figure 54 Any IP Example .................................................................................................. 114
Figure 55 LAN IP ................................................................................................................. 115
Figure 56 Advanced LAN Setup .......................................................................................... 116
Figure 57 DHCP Setup ....................................................................................................... 117
Figure 58 LAN Client List .................................................................................................... 118
Figure 59 Physical Network & Partitioned Logical Networks .............................................. 120
Figure 60 LAN IP Alias ........................................................................................................ 120
Figure 61 Example of a Wireless Network .......................................................................... 123
Figure 62 Wireless LAN: General ...................................................................................... 128
Figure 63 Wireless: No Security .......................................................................................... 129
Figure 64 Wireless: Static WEP Encryption ........................................................................ 130
Figure 65 Wireless: WPA(2)-PSK ....................................................................................... 131
Figure 66 Wireless: WPA(2) ................................................................................................ 132
Figure 67 Advanced ............................................................................................................ 134
Figure 68 OTIST ................................................................................................................. 136
Figure 69 Example Wireless Client OTIST Screen ............................................................. 137
Figure 70 Security Key ........................................................................................................ 138
Figure 71 OTIST in Progress (AP) ...................................................................................... 138
Figure 72 OTIST in Progress (Client) .................................................................................. 138
Figure 73 No AP with OTIST Found ................................................................................... 138
Figure 74 Start OTIST? ....................................................................................................... 139
Figure 75 MAC Address Filter ............................................................................................. 140
Figure 76 Wireless LAN: QoS ............................................................................................. 145
Figure 77 Application Priority Configuration ........................................................................ 146
Figure 78 Multiple SSID Network Example ......................................................................... 148
Figure 79 DMZ .................................................................................................................... 152
Figure 80 DMZ Public Address Example ............................................................................ 154
Figure 81 DMZ Private and Public Address Example ......................................................... 155
26 List of Figures
Page 27
P-662H/HW-D Series User’s Guide
Figure 82 How NAT Works .................................................................................................. 158
Figure 83 NAT Application With IP Alias ............................................................................. 159
Figure 84 NAT General ....................................................................................................... 161
Figure 85 Multiple Servers Behind NAT Example ............................................................... 163
Figure 86 NAT Port Forwarding .......................................................................................... 163
Figure 87 Port Forwarding Rule Setup ............................................................................... 164
Figure 88 Address Mapping Rules ...................................................................................... 166
Figure 89 Edit Address Mapping Rule ............................................................................... 167
Figure 90 Firewall Application ............................................................................................. 171
Figure 91 Three-Way Handshake ....................................................................................... 172
Figure 92 SYN Flood ........................................................................................................... 173
Figure 93 Smurf Attack ....................................................................................................... 174
Figure 94 Stateful Inspection ............................................................................................... 175
Figure 95 Firewall: General ................................................................................................. 184
Figure 96 Firewall Rules .................................................................................................... 186
Figure 97 Firewall: Edit Rule ............................................................................................... 188
Figure 98 Firewall: Customized Services ............................................................................ 190
Figure 99 Firewall: Configure Customized Services ........................................................... 191
Figure 100 Firewall Example: Rules ................................................................................... 192
Figure 101 Edit Custom Port Example ................................................................................ 192
Figure 102 Firewall Example: Edit Rule: Destination Address ........................................... 193
Figure 103 Firewall Example: Edit Rule: Select Customized Services ............................... 194
Figure 104 Firewall Example: Rules: MyService ................................................................ 195
Figure 105 Firewall: Anti Probing ........................................................................................ 197
Figure 106 Firewall: Threshold ............................................................................................ 200
Figure 107 ZyXEL Device Anti-virus Application ................................................................ 204
Figure 108 Anti-Virus: Packet Scan .................................................................................... 206
Figure 109 Anti-Virus: Registration and Virus Information Update ...................................... 208
Figure 110 Virus Scan Update in Progress ......................................................................... 209
Figure 111 Virus Scan Update Successful .......................................................................... 209
Figure 112 Content Filter: Keyword ..................................................................................... 211
Figure 113 Content Filter: Schedule .................................................................................... 212
Figure 114 Content Filter: Trusted ....................................................................................... 213
Figure 115 Content Access Control with WLAN Application .............................................. 215
Figure 116 Content Access Control: General ..................................................................... 216
Figure 117 Control Access Control: General: Time Scheduling ......................................... 218
Figure 118 Content Access Control: General: Services ..................................................... 219
Figure 119 Content Access Control: General: Web Site Filter ........................................... 222
Figure 120 Content Access Control: General: Diagnose ................................................... 227
Figure 121 Content Access Control: User Profiles ............................................................. 228
Figure 122 Content Access Control: Online Status ............................................................ 229
Figure 123 Content Access Control: User Login Screen .................................................. 230
Figure 124 Content Access Control: User Logout Screen ................................................. 230
List of Figures 27
Page 28
P-662H/HW-D Series User’s Guide
Figure 125 Encryption and Decryption ................................................................................ 234
Figure 126 IPSec Architecture ............................................................................................ 235
Figure 127 Transport and Tunnel Mode IPSec Encapsulation ............................................ 236
Figure 128 IPSec Summary Fields ..................................................................................... 241
Figure 129 VPN Setup ........................................................................................................ 242
Figure 130 NAT Router Between IPSec Routers ................................................................ 244
Figure 131 VPN Host using Intranet DNS Server Example ................................................ 245
Figure 132 Edit VPN Policies ............................................................................................. 248
Figure 133 Two Phases to Set Up the IPSec SA ................................................................ 252
Figure 134 Advanced VPN Policies .................................................................................... 255
Figure 135 VPN: Manual Key .............................................................................................. 258
Figure 136 VPN: SA Monitor ............................................................................................... 261
Figure 137 VPN: Global Setting .......................................................................................... 261
Figure 138 Telecommuters Sharing One VPN Rule Example ............................................. 262
Figure 139 Telecommuters Using Unique VPN Rules Example ......................................... 263
Figure 140 Certificate Configuration Overview ................................................................... 266
Figure 141 My Certificates ................................................................................................. 267
Figure 142 My Certificate Import ......................................................................................... 269
Figure 143 My Certificate Create ........................................................................................ 270
Figure 144 My Certificate Details ........................................................................................ 273
Figure 145 Trusted CAs ...................................................................................................... 276
Figure 146 Trusted CA Import ............................................................................................. 277
Figure 147 Trusted CA Details ............................................................................................ 278
Figure 148 Trusted Remote Hosts ...................................................................................... 281
Figure 149 Remote Host Certificates .................................................................................. 282
Figure 150 Certificate Details ............................................................................................. 282
Figure 151 Trusted Remote Host Import ............................................................................. 283
Figure 152 Trusted Remote Host Details ............................................................................ 284
Figure 153 Directory Servers .............................................................................................. 287
Figure 154 Directory Server Add ......................................................................................... 288
Figure 155 Example of Static Routing Topology ................................................................. 289
Figure 156 Static Route ....................................................................................................... 290
Figure 157 Static Route Edit ............................................................................................... 291
Figure 158 Subnet-based Bandwidth Management Example ............................................. 294
Figure 159 Bandwidth Management: Summary .................................................................. 298
Figure 160 Bandwidth Management: Rule Setup ............................................................... 299
Figure 161 Bandwidth Management Rule Configuration .................................................... 300
Figure 162 Bandwidth Management: Monitor .................................................................... 303
Figure 163 Dynamic DNS ................................................................................................... 306
Figure 164 Remote Management: WWW ........................................................................... 310
Figure 165 Telnet Configuration on a TCP/IP Network ....................................................... 311
Figure 166 Remote Management: Telnet ............................................................................ 312
Figure 167 Remote Management: FTP ............................................................................... 313
28 List of Figures
Page 29
P-662H/HW-D Series User’s Guide
Figure 168 SNMP Management Model ............................................................................... 314
Figure 169 Remote Management: SNMP ........................................................................... 316
Figure 170 Remote Management: DNS .............................................................................. 317
Figure 171 Remote Management: ICMP ............................................................................ 318
Figure 172 Enabling TR-069 .............................................................................................. 319
Figure 173 Configuring UPnP ............................................................................................. 322
Figure 174 Add/Remove Programs: Windows Setup: Communication ............................... 324
Figure 175 Add/Remove Programs: Windows Setup: Communication: Components ........ 324
Figure 176 Network Connections ........................................................................................ 325
Figure 177 Windows Optional Networking Components Wizard ........................................ 325
Figure 178 Networking Services ......................................................................................... 326
Figure 179 Network Connections ........................................................................................ 327
Figure 180 Internet Connection Properties ........................................................................ 327
Figure 181 Internet Connection Properties: Advanced Settings ......................................... 328
Figure 182 Internet Connection Properties: Advanced Settings: Add ................................. 328
Figure 183 System Tray Icon .............................................................................................. 329
Figure 184 Internet Connection Status ................................................................................ 329
Figure 185 Network Connections ........................................................................................ 330
Figure 186 Network Connections: My Network Places ....................................................... 331
Figure 187 Network Connections: My Network Places: Properties: Example ..................... 331
Figure 188 System General Setup ...................................................................................... 334
Figure 189 System Time Setting ......................................................................................... 335
Figure 190 View Log ........................................................................................................... 340
Figure 191 Log Settings ...................................................................................................... 341
Figure 192 E-mail Log Example .......................................................................................... 343
Figure 193 Firmware Upgrade ............................................................................................ 345
Figure 194 Firmware Upload In Progress ........................................................................... 346
Figure 195 Network Temporarily Disconnected .................................................................. 346
Figure 196 Error Message .................................................................................................. 347
Figure 197 Configuration ..................................................................................................... 347
Figure 198 Configuration Restore Successful ..................................................................... 348
Figure 199 Temporarily Disconnected ................................................................................. 348
Figure 200 Configuration Restore Error .............................................................................. 349
Figure 201 Restart Screen .................................................................................................. 349
Figure 202 Diagnostic: General .......................................................................................... 351
Figure 203 Diagnostic: DSL Line ........................................................................................ 352
Figure 204 Pop-up Blocker ................................................................................................. 356
Figure 205 Internet Options ............................................................................................... 356
Figure 206 Internet Options ................................................................................................ 357
Figure 207 Pop-up Blocker Settings ................................................................................... 358
Figure 208 Internet Options ................................................................................................ 359
Figure 209 Security Settings - Java Scripting ..................................................................... 360
Figure 210 Security Settings - Java .................................................................................... 361
List of Figures 29
Page 30
P-662H/HW-D Series User’s Guide
Figure 211 Java (Sun) ......................................................................................................... 361
Figure 212 Internet Options Security .................................................................................. 362
Figure 213 Security Setting ActiveX Controls ..................................................................... 363
Figure 214 Wall-mounting Example .................................................................................... 371
Figure 215 WIndows 95/98/Me: Network: Configuration ..................................................... 374
Figure 216 Windows 95/98/Me: TCP/IP Properties: IP Address ......................................... 375
Figure 217 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ............................ 376
Figure 218 Windows XP: Start Menu .................................................................................. 377
Figure 219 Windows XP: Control Panel .............................................................................. 377
Figure 220 Windows XP: Control Panel: Network Connections: Properties ....................... 378
Figure 221 Windows XP: Local Area Connection Properties .............................................. 378
Figure 222 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 379
Figure 223 Windows XP: Advanced TCP/IP Properties ...................................................... 380
Figure 224 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 381
Figure 225 Macintosh OS 8/9: Apple Menu ........................................................................ 382
Figure 226 Macintosh OS 8/9: TCP/IP ................................................................................ 382
Figure 227 Macintosh OS X: Apple Menu ........................................................................... 383
Figure 228 Macintosh OS X: Network ................................................................................. 384
Figure 229 Red Hat 9.0: KDE: Network Configuration: Devices ........................................ 385
Figure 230 Red Hat 9.0: KDE: Ethernet Device: General .................................................. 385
Figure 231 Red Hat 9.0: KDE: Network Configuration: DNS ............................................. 386
Figure 232 Red Hat 9.0: KDE: Network Configuration: Activate .................................. 386
Figure 233 Red Hat 9.0: Dynamic IP Address Setting in ifconfig-eth0 ............................... 387
Figure 234 Red Hat 9.0: Static IP Address Setting in ifconfig-eth0 .................................. 387
Figure 235 Red Hat 9.0: DNS Settings in resolv.conf ...................................................... 387
Figure 236 Red Hat 9.0: Restart Ethernet Card ................................................................. 388
Figure 237 Red Hat 9.0: Checking TCP/IP Properties ....................................................... 388
Figure 238 Peer-to-Peer Communication in an Ad-hoc Network ........................................ 397
Figure 239 Basic Service Set .............................................................................................. 398
Figure 240 Infrastructure WLAN ......................................................................................... 399
Figure 241 RTS/CTS .......................................................................................................... 400
Figure 242 Security Certificate ............................................................................................ 409
Figure 243 Login Screen ..................................................................................................... 410
Figure 244 Certificate General Information before Import ................................................... 410
Figure 245 Certificate Import Wizard 1 ............................................................................... 411
Figure 246 Certificate Import Wizard 2 ............................................................................... 411
Figure 247 Certificate Import Wizard 3 ............................................................................... 412
Figure 248 Root Certificate Store ........................................................................................ 412
Figure 249 Certificate General Information after Import ...................................................... 413
Figure 250 ZyXEL Device Trusted CA Screen .................................................................... 414
Figure 251 CA Certificate Example ..................................................................................... 414
Figure 252 Personal Certificate Import Wizard 1 ................................................................ 415
Figure 253 Personal Certificate Import Wizard 2 ................................................................ 415
30 List of Figures
Page 31
P-662H/HW-D Series User’s Guide
Figure 254 Personal Certificate Import Wizard 3 ................................................................ 416
Figure 255 Personal Certificate Import Wizard 4 ................................................................ 416
Figure 256 Personal Certificate Import Wizard 5 ................................................................ 417
Figure 257 Personal Certificate Import Wizard 6 ................................................................ 417
Figure 258 Access the ZyXEL Device Via HTTPS .............................................................. 417
Figure 259 SSL Client Authentication ................................................................................. 418
Figure 260 ZyXEL Device Secure Login Screen ................................................................. 418
Figure 261 Option to Enter Debug Mode ............................................................................ 425
Figure 262 Boot Module Commands .................................................................................. 426
Figure 263 Configuration Text File Format: Column Descriptions ....................................... 437
Figure 264 Invalid Parameter Entered: Command Line Example ....................................... 438
Figure 265 Valid Parameter Entered: Command Line Example ......................................... 438
Figure 266 Internal SPTGEN FTP Download Example ..................................................... 439
Figure 267 Internal SPTGEN FTP Upload Example ........................................................... 439
Figure 268 Connecting a POTS Splitter .............................................................................. 463
Figure 269 Connecting a Microfilter .................................................................................... 464
Figure 270 ZyXEL Device with ISDN .................................................................................. 464
Figure 271 Displaying Log Categories Example ................................................................. 479
Figure 272 Displaying Log Parameters Example ................................................................ 479
Figure 273 Ideal Setup ........................................................................................................ 481
Figure 274 “Triangle Route” Problem .................................................................................. 482
Figure 275 IP Alias .............................................................................................................. 483
Figure 276 Gateways on the WAN Side .............................................................................. 483
List of Figures 31
Page 32
P-662H/HW-D Series User’s Guide
32 List of Figures
Page 33
P-662H/HW-D Series User’s Guide
List of Tables
Table 1 ADSL Standards .................................................................................................... 42
Table 2 Front Panel LEDs .................................................................................................. 47
Table 3 Web Configurator Screens Summary .................................................................... 53
Table 4 Status Screen ........................................................................................................ 56
Table 5 Status: Any IP Table .............................................................................................. 58
Table 6 Status: WLAN Status ............................................................................................. 59
Table 7 Status: VPN Status ................................................................................................ 60
Table 8 Status: Packet Statistics ........................................................................................ 61
Table 9 System General: Password ................................................................................... 63
Table 10 Internet Access Wizard Setup: ISP Parameters .................................................. 68
Table 11 Internet Connection with PPPoE ........................................................................ 69
Table 12 Internet Connection with RFC 1483 .................................................................... 70
Table 13 Internet Connection with ENET ENCAP .............................................................. 70
Table 14 Internet Connection with PPPoA ......................................................................... 71
Table 15 Wireless LAN Setup Wizard 1 ............................................................................. 74
Table 16 Wireless LAN Setup Wizard 2 ............................................................................. 75
Table 17 Manually assign a WPA key ................................................................................ 76
Table 18 Manually assign a WEP key ................................................................................ 77
Table 19 Media Bandwidth Management Setup: Services ................................................. 79
Table 20 Bandwidth Management Wizard: General Information ........................................ 81
Table 21 Bandwidth Management Wizard: Configuration .................................................. 82
Table 22 Internet Connection ............................................................................................. 91
Table 23 Advanced Internet Connection ............................................................................ 93
Table 24 More Connections ............................................................................................... 95
Table 25 More Connections Edit ........................................................................................ 96
Table 26 More Connections Advanced Setup .................................................................... 98
Table 27 WAN Backup Setup ............................................................................................. 101
Table 28 WAN Backup Advanced Setup ............................................................................ 103
Table 29 WAN Dial Backup Modem Setup ......................................................................... 106
Table 30 LAN IP ................................................................................................................. 115
Table 31 Advanced LAN Setup .......................................................................................... 116
Table 32 DHCP Setup ........................................................................................................ 117
Table 33 LAN Client List ..................................................................................................... 119
Table 34 LAN IP Alias ........................................................................................................ 120
Table 35 Types of Encryption for Each Type of Authentication .......................................... 125
Table 36 Additional Wireless Terms ................................................................................... 127
Table 37 Wireless LAN: General ........................................................................................ 128
Table 38 Wireless No Security ........................................................................................... 129
List of Tables 33
Page 34
P-662H/HW-D Series User’s Guide
Table 39 Wireless: Static WEP Encryption ......................................................................... 130
Table 40 Wireless: WPA(2)-PSK ........................................................................................ 131
Table 41 Wireless: WPA(2) ................................................................................................ 133
Table 42 Wireless LAN: Advanced ..................................................................................... 134
Table 43 OTIST .................................................................................................................. 136
Table 44 MAC Address Filter ............................................................................................. 140
Table 45 WMM QoS Priorities ............................................................................................ 141
Table 46 Commonly Used Services ................................................................................... 143
Table 47 Wireless LAN: QoS .............................................................................................. 145
Table 48 Application Priority Configuration ........................................................................ 146
Table 49 Multiple SSID Commands ................................................................................... 149
Table 50 Multiple SSID Example Configuration ................................................................. 150
Table 51 DMZ ..................................................................................................................... 152
Table 52 NAT Definitions .................................................................................................... 157
Table 53 NAT Mapping Types ............................................................................................ 160
Table 54 NAT General ........................................................................................................ 161
Table 55 Services and Port Numbers ................................................................................. 162
Table 56 NAT Port Forwarding ........................................................................................... 164
Table 57 Port Forwarding Rule Setup ................................................................................ 165
Table 58 Address Mapping Rules ...................................................................................... 166
Table 59 Edit Address Mapping Rule ................................................................................. 167
Table 60 Common IP Ports ................................................................................................ 172
Table 61 ICMP Commands That Trigger Alerts .................................................................. 174
Table 62 Legal NetBIOS Commands ................................................................................. 174
Table 63 Legal SMTP Commands .................................................................................... 174
Table 64 Firewall: General ................................................................................................. 185
Table 65 Firewall Rules ...................................................................................................... 186
Table 66 Firewall: Edit Rule ................................................................................................ 189
Table 67 Customized Services ........................................................................................... 190
Table 68 Firewall: Configure Customized Services ............................................................ 191
Table 69 Predefined Services ........................................................................................... 195
Table 70 Firewall: Anti Probing ........................................................................................... 198
Table 71 Firewall: Threshold .............................................................................................. 200
Table 72 Common Computer Virus Types ......................................................................... 203
Table 73 Anti-Virus: Packet Scan ....................................................................................... 206
Table 74 Anti-Virus: Registration and Virus Information Update ........................................ 208
Table 75 Content Filter: Keyword ....................................................................................... 212
Table 76 Content Filter: Schedule ...................................................................................... 213
Table 77 Content Filter: Trusted ......................................................................................... 213
Table 78 Content Access Control: General ........................................................................ 216
Table 79 Control Access Control: General: Time Scheduling ............................................ 218
Table 80 Content Access Control: General: Services ........................................................ 219
Table 81 Available Services ............................................................................................... 220
34 List of Tables
Page 35
P-662H/HW-D Series User’s Guide
Table 82 Content Access Control: General: Web Site Filter .............................................. 222
Table 83 Content Access Control: General: Diagnose ....................................................... 227
Table 84 Content Access Control: User Profiles ................................................................ 228
Table 85 Content Access Control: Online Status ............................................................... 229
Table 86 VPN and NAT ...................................................................................................... 237
Table 87 AH and ESP ........................................................................................................ 240
Table 88 VPN Setup ........................................................................................................... 242
Table 89 VPN and NAT ...................................................................................................... 244
Table 90 Local ID Type and Content Fields ....................................................................... 246
Table 91 Peer ID Type and Content Fields ........................................................................ 246
Table 92 Matching ID Type and Content Configuration Example ....................................... 247
Table 93 Mismatching ID Type and Content Configuration Example ................................. 247
Table 94 Edit VPN Policies ................................................................................................. 248
Table 95 Advanced VPN Policies ....................................................................................... 255
Table 96 VPN: Manual Key ................................................................................................ 258
Table 97 VPN: SA Monitor ................................................................................................. 261
Table 98 VPN: Global Setting ............................................................................................. 262
Table 99 Telecommuters Sharing One VPN Rule Example ............................................... 263
Table 100 Telecommuters Using Unique VPN Rules Example .......................................... 264
Table 101 My Certificates ................................................................................................... 267
Table 102 My Certificate Import ......................................................................................... 270
Table 103 My Certificate Create ......................................................................................... 271
Table 104 My Certificate Details ......................................................................................... 274
Table 105 Trusted CAs ....................................................................................................... 276
Table 106 Trusted CA Import ............................................................................................. 277
Table 107 Trusted CA Details ............................................................................................. 279
Table 108 Trusted Remote Hosts ....................................................................................... 281
Table 109 Trusted Remote Host Import ............................................................................. 283
Table 110 Trusted Remote Host Details ............................................................................. 285
Table 111 Directory Servers ............................................................................................... 287
Table 112 Directory Server Add ......................................................................................... 288
Table 113 Static Route ....................................................................................................... 290
Table 114 Static Route Edit ................................................................................................ 291
Table 115 Application and Subnet-based Bandwidth Management Example .................... 294
Table 116 Maximize Bandwidth Usage Example ................................................................ 296
Table 117 Priority-based Allotment of Unused and Unbudgeted Bandwidth Example ....... 296
Table 118 Fairness-based Allotment of Unused and Unbudgeted Bandwidth Example .... 297
Table 119 Bandwidth Management Priorities ..................................................................... 297
Table 120 Media Bandwidth Management: Summary ........................................................ 298
Table 121 Bandwidth Management: Rule Setup ................................................................ 299
Table 122 Bandwidth Management Rule Configuration ..................................................... 301
Table 123 Services and Port Numbers ............................................................................... 302
Table 124 Dynamic DNS .................................................................................................... 306
List of Tables 35
Page 36
P-662H/HW-D Series User’s Guide
Table 125 Remote Management: WWW ............................................................................ 311
Table 126 Remote Management: Telnet ............................................................................ 312
Table 127 Remote Management: FTP ............................................................................... 313
Table 128 SNMP Traps ...................................................................................................... 315
Table 129 Remote Management: SNMP ............................................................................ 316
Table 130 Remote Management: DNS .............................................................................. 317
Table 131 Remote Management: ICMP ............................................................................. 318
Table 132 TR-069 Commands ........................................................................................... 319
Table 133 Configuring UPnP .............................................................................................. 323
Table 134 System General Setup ...................................................................................... 334
Table 135 System Time Setting .......................................................................................... 336
Table 136 View Log ............................................................................................................340
Table 137 Log Settings ....................................................................................................... 341
Table 138 SMTP Error Messages ...................................................................................... 343
Table 139 Firmware Upgrade ............................................................................................. 345
Table 140 Maintenance Restore Configuration .................................................................. 348
Table 141 Diagnostic: General ........................................................................................... 351
Table 142 Diagnostic: DSL Line ......................................................................................... 352
Table 143 Troubleshooting Starting Up Your ZyXEL Device .............................................. 353
Table 144 Troubleshooting the LAN ................................................................................... 353
Table 145 Troubleshooting the WAN .................................................................................. 354
Table 146 Troubleshooting Accessing the ZyXEL Device .................................................. 355
Table 147 Device ................................................................................................................ 365
Table 148 Firmware ............................................................................................................366
Table 149 Classes of IP Addresses ................................................................................... 390
Table 150 Allowed IP Address Range By Class ................................................................. 390
Table 151 “Natural” Masks ................................................................................................ 391
Table 152 Alternative Subnet Mask Notation ..................................................................... 391
Table 153 Two Subnets Example ....................................................................................... 392
Table 154 Subnet 1 ............................................................................................................392
Table 155 Subnet 2 ............................................................................................................393
Table 156 Subnet 1 ............................................................................................................393
Table 157 Subnet 2 ............................................................................................................394
Table 158 Subnet 3 ............................................................................................................394
Table 159 Subnet 4 ............................................................................................................394
Table 160 Eight Subnets .................................................................................................... 395
Table 161 Class C Subnet Planning ................................................................................... 395
Table 162 Class B Subnet Planning ................................................................................... 396
Table 163 IEEE 802.11g ..................................................................................................... 401
Table 164 Comparison of EAP Authentication Types ......................................................... 405
Table 165 Wireless Security Relational Matrix ................................................................... 407
Table 166 Certificates Commands ..................................................................................... 421
Table 167 Firewall Commands ........................................................................................... 427
36 List of Tables
Page 37
P-662H/HW-D Series User’s Guide
Table 168 NetBIOS Filter Default Settings ......................................................................... 434
Table 169 Abbreviations Used in the Example Internal SPTGEN Screens Table .............. 439
Table 170 Menu 1 General Setup (SMT Menu 1) .............................................................. 440
Table 171 Menu 3 (SMT Menu 3 ) ...................................................................................... 440
Table 172 Menu 4 Internet Access Setup (SMT Menu 4) .................................................. 443
Table 173 Menu 12 (SMT Menu 12) ................................................................................... 445
Table 174 Menu 15 SUA Server Setup (SMT Menu 15) .................................................... 449
Table 175 Menu 21.1 Filter Set #1 (SMT Menu 21.1) ........................................................ 451
Table 176 Menu 21.1 Filer Set #2, (SMT Menu 21.1) ........................................................ 454
Table 177 Menu 23 System Menus (SMT Menu 23) .......................................................... 459
Table 178 Menu 24.11 Remote Management Control (SMT Menu 24.11) ......................... 460
Table 179 Command Examples ......................................................................................... 460
Table 180 System Maintenance Logs ................................................................................ 465
Table 181 System Error Logs ............................................................................................. 466
Table 182 Access Control Logs .......................................................................................... 466
Table 183 TCP Reset Logs ................................................................................................ 467
Table 184 Packet Filter Logs .............................................................................................. 467
Table 185 ICMP Logs ......................................................................................................... 468
Table 186 CDR Logs .......................................................................................................... 468
Table 187 PPP Logs ........................................................................................................... 468
Table 188 UPnP Logs ........................................................................................................ 469
Table 189 Content Filtering Logs ....................................................................................... 469
Table 190 Attack Logs ........................................................................................................ 470
Table 191 IPSec Logs ........................................................................................................ 471
Table 192 IKE Logs ............................................................................................................471
Table 193 PKI Logs ............................................................................................................474
Table 194 Certificate Path Verification Failure Reason Codes ........................................... 475
Table 195 802.1X Logs ...................................................................................................... 476
Table 196 ACL Setting Notes ............................................................................................. 477
Table 197 ICMP Notes ....................................................................................................... 477
Table 198 Syslog Logs ....................................................................................................... 478
Table 199 RFC-2408 ISAKMP Payload Types ................................................................... 478
List of Tables 37
Page 38
P-662H/HW-D Series User’s Guide
38 List of Tables
Page 39
P-662H/HW-D Series User’s Guide
Preface
Congratulations on your purchase of the P-662H/HW-D series 802.11g Wireless ADSL 2+ 4port Gateway. P-662H-D has a 4-port switch that allows you to connect up to 4 computers to
the ZyXEL Device without purchasing a switch/hub. P-662HW-D comes with built-in IEEE
802.11g wireless capability allowing wireless connectivity.
Note: Register your product online to receive e-mail notices of firmware upgrades and
information at www.zyxel.com for global products, or at www.us.zyxel.com for
North American products.
About This User's Guide
This manual is designed to guide you through the configuration of your ZyXEL Device for its
various applications. The web configurator parts of this guide contain background information
on features configurable by web configurator.
Note: Use the web configurator or command interpreter interface to configure your
ZyXEL Device. Not all features can be configured through all interfaces.
Syntax Conventions
• “Enter” means for you to type one or more characters. “Select” or “Choose” means for
you to use one predefined choice.
• Mouse action sequences are denoted using a right angle bracket ( > ). For example, “In
Windows, click Start > Settings > Control Panel” means first click the Start button,
then point your mouse pointer to Settings and then click Control Panel.
• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.
• The P-662HW-D and P-662H-D may be referred to as the “ZyXEL Device” in this User’s
Guide.
Related Documentation
• Supporting Disk
Refer to the included CD for support documents.
• Quick Start Guide
The Quick Start Guide is designed to help you get up and running right away. It contains
connection information and instructions on getting started.
• Web Configurator Online Help
Embedded web help for descriptions of individual screens and supplementary
information.
• ZyXEL Glossary and Web Site
Please refer to www.zyxel.com for an online glossary of networking terms and additional
support documentation.
Preface 39
Page 40
P-662H/HW-D Series User’s Guide
User Guide Feedback
Help us help you. E-mail all User Guide-related comments, questions or suggestions for
improvement to techwriters@zyxel.com.tw or send regular mail to The Technical Writing
Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park,
Hsinchu, 300, Taiwan. Thank you.
Graphics Icons Key
ZyXEL Device Computer Notebook computer
Server DSLAM Firewall
Telephone Switch Router
Wireless Signal
40 Preface
Page 41
Getting To Know Your ZyXEL
This chapter describes the key features and applications of your ZyXEL Device.
1.1 Introducing the ZyXEL Device
Your ZyXEL Device integrates high-speed 10/100Mbps auto-negotiating LAN interface(s)
and a high-speed ADSL port into a single package. The ZyXEL Device is ideal for high-speed
Internet browsing and making LAN-to-LAN connections to remote networks.
P-662H/HW-D Series User’s Guide
CHAPTER 1
Device
In the ZyXEL Device product name, “H” denotes an integrated 4-port hub and “W” denotes
wireless functionality. The P-662HW-Dx has an embedded mini-PCI module for 802.11g+
Wireless LAN connectivity.
Note: All wireless features in this guide pertain to the P-662HW-Dx series only.
Models ending in “1”, for example P-662HW-D1, denote a device that works over the analog
telephone system, POTS (Plain Old Telephone Service). Models ending in “3” denote a device
that works over ISDN (Integrated Services Digital Network). Models ending in “7” denote a
device that works over T-ISDN (UR-2).
Note: Only use firmware for your ZyXEL Device’s specific model. Refer to the label on
the bottom of your ZyXEL Device.
1.1.1 Features of the ZyXEL Device
The following sections describe the features of the ZyXEL Device.
Note: See the product specifications in the appendix for detailed features and
standards support.
Chapter 1 Getting To Know Your ZyXEL Device 41
Page 42
P-662H/HW-D Series User’s Guide
High Speed Internet Access
The ZyXEL Device is an ADSL router compatible with the ADSL/ADSL2/ADSL2+
standards. Maximum data rates attainable for each standard are shown in the next table.
Table 1 ADSL Standards
DATA RATE
STANDARD
ADSL
ADSL2
ADSL2+
UPSTREAM DOWNSTREAM
832 kbps 8Mbps
3.5Mbps 12Mbps
3.5Mbps 24Mbps
Note: If your ZyXEL Device does not support Annex M, the maximum ADSL2/2+
upstream data rate is 1.2 Mbps. ZyXEL Devices which work over ISDN do not
support Annex M.
The standard your ISP supports determines the maximum upstream and downstream speeds
attainable. Actual speeds attained also depend on the distance from your ISP, line quality, etc.
Zero Configuration Internet Access
Once you connect and turn on the ZyXEL Device, it automatically detects the Internet
connection settings (such as the VCI/VPI numbers and the encapsulation method) from the
ISP and makes the necessary configuration changes. In cases where additional account
information (such as an Internet account user name and password) is required or the ZyXEL
Device cannot connect to the ISP, you will be redirected to web screen(s) for information input
or troubleshooting.
Any IP
The Any IP feature allows a computer to access the Internet and the ZyXEL Device without
changing the network settings (such as IP address and subnet mask) of the computer, when the
IP addresses of the computer and the ZyXEL Device are not in the same subnet.
Firewall
The ZyXEL Device is a stateful inspection firewall with DoS (Denial of Service) protection.
By default, when the firewall is activated, all incoming traffic from the WAN to the LAN is
blocked unless it is initiated from the LAN. The ZyXEL Device firewall supports TCP/UDP
inspection, DoS detection and prevention, real time alerts, reports and logs.
Content Filtering
Content filtering allows you to block access to forbidden Internet web sites, schedule when the
ZyXEL Device should perform the filtering and give trusted LAN IP addresses unfiltered
Internet access.
42 Chapter 1 Getting To Know Your ZyXEL Device
Page 43
P-662H/HW-D Series User’s Guide
LAN/DMZ Interface
The ZyXEL Device provides a LAN port that can function as a virtual DeMilitarized Zone
(DMZ) port. Public servers (Web, FTP, etc.) attached to the DMZ port are visible to the
outside world (while still being protected from DoS (Denial of Service) attacks such as SYN
flooding and Ping of Death) and can also be accessed from the secure LAN.
IPSec VPN Capability
Establish a Virtual Private Network (VPN) to connect with business partners and branch
offices using data encryption and the Internet to provide secure communications without the
expense of leased site-to-site lines. The ZyXEL Device VPN is based on the IPSec standard
and is fully interoperable with other IPSec-based VPN products.
Traffic Redirect
Traffic redirect forwards WAN traffic to a backup gateway when the ZyXEL Device cannot
connect to the Internet, thus acting as an auxiliary if your regular WAN connection fails.
Media Bandwidth Management
ZyXEL’s Media Bandwidth Management allows you to specify bandwidth classes based on an
application and/or subnet. You can allocate specific amounts of bandwidth capacity
(bandwidth budgets) to different bandwidth classes.
Universal Plug and Play (UPnP)
Using the standard TCP/IP protocol, the ZyXEL Device and other UPnP enabled devices can
dynamically join a network, obtain an IP address and convey its capabilities to other devices
on the network.
PPPoE (RFC2516)
PPPoE (Point-to-Point Protocol over Ethernet) emulates a dial-up connection. It allows your
ISP to use their existing network configuration with newer broadband technologies such as
ADSL. The PPPoE driver on the ZyXEL Device is transparent to the computers on the LAN,
which see only Ethernet and are not aware of PPPoE thus saving you from having to manage
PPPoE clients on individual computers. The ZyXEL Device also includes PPPoE idle time-out
(the PPPoE connection terminates after a period of no traffic that you configure) and PPPoE
Dial-on-Demand (the PPPoE connection is brought up only when an Internet access request is
made).
Network Address Translation (NAT)
Network Address Translation (NAT) allows the translation of an Internet protocol address
used within one network (for example a private IP address used in a local network) to a
different IP address known within another network (for example a public IP address used on
the Internet).
Chapter 1 Getting To Know Your ZyXEL Device 43
Page 44
P-662H/HW-D Series User’s Guide
Dynamic DNS Support
With Dynamic DNS support, you can have a static hostname alias for a dynamic IP address,
allowing the host to be more easily accessible from various locations on the Internet. You must
register for this service with a Dynamic DNS service provider.
DHCP
DHCP (Dynamic Host Configuration Protocol) allows the individual clients (computers)
to obtain the TCP/IP configuration at start-up from a centralized DHCP server. The
ZyXEL Device has built-in DHCP server capability enabled by default. It can assign IP
addresses, an IP default gateway and DNS servers to DHCP clients. The ZyXEL Device
can now also act as a surrogate DHCP server (DHCP Relay) where it relays IP address
assignment from the actual real DHCP server to the clients.
IP Alias
IP Alias allows you to partition a physical network into logical networks over the same
Ethernet interface. The ZyXEL Device supports three logical LAN interfaces via its
single physical Ethernet interface with the ZyXEL Device itself as the gateway for each
LAN network.
IP Policy Routing (IPPR)
Traditionally, routing is based on the destination address only and the router takes the
shortest path to forward a packet. IP Policy Routing (IPPR) provides a mechanism to
override the default routing behavior and alter the packet forwarding based on the policy
defined by the network administrator.
Packet Filters
The ZyXEL Device's packet filtering functions allows added network security and
management.
Housing
Your ZyXEL Device's compact and ventilated housing minimizes space requirements making
it easy to position anywhere in your busy office.
TR-069 Compliance
TR-069 is a protocol that defines how your ZyXEL Device can be managed via a management
server such as ZyXEL’s Vantage CNM Access. The management server can securely manage
and update configuration changes in ZyXEL Devices.
44 Chapter 1 Getting To Know Your ZyXEL Device
Page 45
1.1.1.1 P-662HW Wireless Features
Wireless LAN
The ZyXEL Device supports the IEEE 802.11g standard, which is fully compatible with the
IEEE 802.11b standard, meaning that you can have both IEEE 802.11b and IEEE 802.11g
wireless clients in the same wireless network.
Note: The P-662HW may be prone to RF (Radio Frequency) interference from other
2.4 GHz devices such as microwave ovens, wireless phones, Bluetooth
enabled devices, and other wireless LANs.
Wi-Fi Protected Access
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specification standard.
Key differences between WPA and WEP are user authentication and improved data
encryption.
Wireless g+
P-662H/HW-D Series User’s Guide
Wireless g+ technology allows super fast transmission rates (actual speed depends on
environment) among Wireless g+ enabled access points and wireless clients.
Antenna
The ZyXEL Device is equipped with a detachable SMA 5dBi high gain Antenna to provide
clear radio signal between the wireless stations and the access points.
Wireless LAN MAC Address Filtering
Your ZyXEL Device can check the MAC addresses of wireless stations against a list of
allowed or denied MAC addresses.
WEP Encryption
WEP (Wired Equivalent Privacy) encrypts data frames before transmitting over the wireless
network to help keep network communications private.
OTIST (One Touch Intelligent Security Technology)
OTIST allows your ZyXEL Device to assign its ESSID and security settings (WEP or WPAPSK) to the ZyXEL wireless adapters that support OTIST and are within transmission range.
The ZyXEL wireless adapters must also have OTIST enabled.
1.1.2 Applications for the ZyXEL Device
Here are some example uses for which the ZyXEL Device is well suited.
Chapter 1 Getting To Know Your ZyXEL Device 45
Page 46
P-662H/HW-D Series User’s Guide
1.1.2.1 Internet Access
The ZyXEL Device is the ideal high-speed Internet access solution. Your ZyXEL Device
supports the TCP/IP protocol, which the Internet uses exclusively. It is compatible with all
major ADSL DSLAM (Digital Subscriber Line Access Multiplexer) providers. A DSLAM is a
rack of ADSL line cards with data multiplexed into a backbone network interface/connection
(for example, T1, OC3, DS3, ATM or Frame Relay). Think of it as the equivalent of a modem
rack for ADSL. In addition, the ZyXEL Device allows wireless clients access to your network
resources. A typical Internet access application is shown below.
Figure 1 ZyXEL Device Internet Access Application
1.1.2.2 LAN to LAN Application
You can use the ZyXEL Device to connect two geographically dispersed networks over the
ADSL line. A typical LAN-to-LAN application example for the ZyXEL Device is shown as
follows.
Figure 2 ZyXEL Device LAN-to-LAN Application Example
1.1.3 Firewall for Secure Broadband Internet Access
The ZyXEL Device provides protection from attacks by Internet hackers. By default, the
firewall blocks all incoming traffic from the WAN. The firewall supports TCP/UDP
inspection and DoS (Denial of Services) detection and prevention, as well as real time alerts,
reports and logs.
46 Chapter 1 Getting To Know Your ZyXEL Device
Page 47
Figure 3 Firewall Application
1.1.4 Front Panel LEDs
Figure 4 P-662H Front Panel
P-662H/HW-D Series User’s Guide
Figure 5 P-662HW Front Panel
The following table describes the Lights.
Table 2 Front Panel LEDs
LED COLOR STATUS DESCRIPTION
PWR/SYS Green On The ZyXEL Device is receiving power and functioning
properly.
Blinking The ZyXEL Device is rebooting or performing diagnostics.
Red On Post (Power On Self Test) failure or the device has
Off The system is not receiving power.
LAN 1-4 Green On The ZyXEL Device has a successful 10/100Mb Ethernet
Blinking The ZyXEL Device is sending/receiving data.
None Off The LAN is not connected.
malfunctioned.
connection.
Chapter 1 Getting To Know Your ZyXEL Device 47
Page 48
P-662H/HW-D Series User’s Guide
Table 2 Front Panel LEDs (continued)
LED COLOR STATUS DESCRIPTION
WLAN (P-
662HW only)
DSL/ACT Green On The ZyXEL Device has a successful DSL connection.
INTERNET Green On The ZyXEL Device is connected with no traffic detected.
CON/AUX Green On The CON/AUX switch is set to CON, the CON/AUX port is
Green On The ZyXEL Device is ready, but is not sending/receiving data
through the wireless LAN.
Blinking The ZyXEL Device is sending/receiving data through the
wireless LAN.
None Off The wireless LAN is not ready or has failed.
Blinking The DSL is attempting to synchronize with the ZyXEL
Device.
Off The system is not receiving power or there is no DSL
connection.
Blinking The ZyXEL Device is sending/receiving data.
Red On The ZyXEL Device failed to authenticate.
Off The DSL line is down.
connected to a management computer and someone is
logged into the ZyXEL Device.
Amber On The CON/AUX switch is set to AUX and the CON/AUX port
has an Internet connection through a dial-up modem.
Blinking The CON/AUX switch is set to AUX and the CON/AUX port is
sending or receiving data through a dial-up modem or ISDN
TA.
Off The CON/AUX link is not ready, or has failed.
Refer to the Quick Start Guide for information on hardware connections.
48 Chapter 1 Getting To Know Your ZyXEL Device
Page 49
Introducing the Web
This chapter describes how to access and navigate the web configurator.
2.1 Web Configurator Overview
The web configurator is an HTML-based management interface that allows easy ZyXEL
Device setup and management via Internet browser. Use Internet Explorer 6.0 and later or
Netscape Navigator 7.0 and later versions. The recommended screen resolution is 1024 by 768
pixels.
P-662H/HW-D Series User’s Guide
CHAPTER 2
Configurator
In order to use the web configurator you need to allow:
• Web browser pop-up windows from your device. Web pop-up blocking is enabled by
default in Windows XP SP (Service Pack) 2.
• JavaScripts (enabled by default).
• Java permissions (enabled by default).
See the chapter on troubleshooting if you need to make sure these functions are allowed in
Internet Explorer.
2.2 Accessing the Web Configurator
Note: Even though you can connect to the ZyXEL Device wirelessly, it is
recommended that you connect your computer to a LAN port for initial
configuration.
1 Make sure your ZyXEL Device hardware is properly connected (refer to the Quick Start
Guide).
2 Prepare your computer/computer network to connect to the ZyXEL Device (refer to the
Quick Start Guide).
3 Launch your web browser.
4 Type "192.168.1.1" as the URL.
5 A window displays as shown. Enter the default admin password admin to configure the
wizards and the advanced features or the default user password user to view the status
Chapter 2 Introducing the Web Configurator 49
Page 50
P-662H/HW-D Series User’s Guide
only. Click Login to proceed to a screen asking you to change your password or click
Cancel to revert to the default password.
Figure 6 Password Screen
6 If you entered the user password, skip the next two steps and refer to Section 2.4.2 on
page 55 for more information about the Status screen.
If you entered the admin password, it is highly recommended you change the default
admin password! Enter a new password between 1 and 30 characters, retype it to confirm
and click Apply; alternatively click Ignore to proceed to the main menu if you do not
want to change the password now.
Note: If you do not change the password at least once, the following screen appears
every time you log in with the admin password.
Figure 7 Change Password at Login
7 It is highly recommended you replace the factory default certificate by creating your own
unique certificate based on your ZyXEL Device’s MAC address. Click Apply to create
the certificate, alternatively click Ignore to proceed to the next menu if you do not want
to replace the certificate now.
50 Chapter 2 Introducing the Web Configurator
Page 51
P-662H/HW-D Series User’s Guide
Note: If you do not replace the certificate, the following screen appears every time
you log in.
Figure 8 Replace Factory Default Certificate
8 Select Go to Wizard setup and click Apply to display the wizard main screen.
Otherwise, select Go to Advanced setup and click Apply to display the Status screen.
Figure 9 Select a Mode
Note: The management session automatically times out when the time period set in
the Administrator Inactivity Timer field expires (default five minutes). Simply
log back into the ZyXEL Device if this happens to you.
2.3 Resetting the ZyXEL Device
If you forget your password or cannot access the web configurator, you will need to use the
RESET button at the back of the ZyXEL Device to reload the factory-default configuration
file. This means that you will lose all configurations that you had previously and the password
will be reset to “1234”.
Chapter 2 Introducing the Web Configurator 51
Page 52
P-662H/HW-D Series User’s Guide
2.3.1 Using the Reset Button
1 Make sure the POWER LED is on (not blinking).
2 Press the RESET button for 10 seconds or until the POWER LED begins to blink and
then release it. When the POWER LED begins to blink, the defaults have been restored
and the ZyXEL Device restarts.
You can also use the RESET button to:
• Activate/Deactivate the wireless network - by pressing the RESET button for 1 second.
• Start OTIST - by pressing the RESET button for 3 seconds.
2.4 Navigating the Web Configurator
We use the P-662HW-D1 web screens in this guide as an example. Screens vary slightly for
different ZyXEL Device models.
2.4.1 Navigation Panel
After you enter the admin password, use the sub-menus on the navigation panel to configure
ZyXEL Device features. The following table describes the sub-menus.
Figure 10 Web Configurator: Main Screen
Use
submenus
to configure
ZyXEL
Device
Click the Logout icon at any time
Click the Logout icon at any time
to exit the web configurator.
to exit the web configurator.
52 Chapter 2 Introducing the Web Configurator
Page 53
P-662H/HW-D Series User’s Guide
Note: Click the icon (located in the top right corner of most screens) to view
embedded help.
Table 3 Web Configurator Screens Summary
LINK/ICON SUB-LINK FUNCTION
Wizard INTERNET/
WIRELESS
SETUP
BANDWIDTH
MANAGEMENT
SETUP
Logout Click this icon to exit the web configurator.
Status This screen shows the ZyXEL Device’s general device, system
Network
Remote Node Use this screen to configure placing calls to a remote gateway.
WAN Internet Access
Setup
WAN Backup
Setup
LAN IP Use this screen to configure LAN TCP/IP settings, enable Any
DHCP Setup Use this screen to configure LAN DHCP settings.
Client List
IP Alias Use this screen to partition your LAN interface into subnets.
Wireless LAN
(Wireless devices
only)
DMZ DMZ
NAT General Use this screen to enable NAT.
Security
Firewall General Use this screen to activate/deactivate the firewall and the
General Use this screen to configure the wireless LAN settings and
OTIST This screen allows you to assign wireless clients the ZyXEL
MAC Filter Use this screen to configure the ZyXEL Device to block access
QoS WMM QoS allows you to prioritize wireless traffic according to
Port Forwarding
Rules This screen shows a summary of the firewall rules, and allows
Anti Probing Use this screen to change your anti-probing settings.
Use these screens for initial configuration including general
setup, ISP parameters for Internet Access and WAN IP/DNS
Server/MAC address assignment.
Use these screens to limit bandwidth usage by application or
packet type.
and interface status information. Use this screen to access the
summary statistics tables.
This screen allows you to configure ISP parameters, WAN IP
address assignment, DNS servers and other advanced
properties.
Use this screen to configure your traffic redirect properties and
WAN backup settings.
IP and other advanced properties.
Use this screen to view current DHCP client information and to
always assign an IP address to a MAC address (and host
name).
WLAN authentication/security settings.
Device’s wireless security settings.
to devices or block the devices from accessing the ZyXEL
Device.
the delivery requirements of the individual and applications.
Use this screen to create and enable a DMZ port.
Use this screen to configure servers behind the ZyXEL Device.
direction of network traffic to which to apply the rule.
you to edit/add a firewall rule.
Chapter 2 Introducing the Web Configurator 53
Page 54
P-662H/HW-D Series User’s Guide
Table 3 Web Configurator Screens Summary (continued)
LINK/ICON SUB-LINK FUNCTION
Threshold Use this screen to configure the threshold for DoS attacks.
Anti Virus Packet Scan Use this screen to change your Packet Scan settings.
Registration Use this screen to register, activate or update your anti-virus
Content Filter Keyword Use this screen to block sites containing certain keywords in the
Schedule Use this screen to set the days and times for the ZyXEL Device
Trusted Use this screen to exclude a range of users on the LAN from
Content Access
Control
VPN Setup Use this screen to configure each VPN tunnel.
Certificates My Certificates Use this screen to generate and export self-signed certificates
Advanced
Static Route Use this screen to configure IP static routes.
Bandwidth
MGMT
Dynamic DNS Use this screen to set up dynamic DNS.
General Use this screen to activate Content Access Control and create
User Profile Use this screen to create user accounts.
Online Status Use this screen to view the online status.
Monitor Use this screen to look at the current status of each VPN
VPN Global
Setting
Trusted CAs Use this screen to save CA certificates to the ZyXEL Device.
Trusted Remote
Hosts
Directory Servers Use this screen to configure a list of addresses of directory
Summary Use this screen to enable bandwidth management on an
Rule Setup Use this screen to define a bandwidth rule.
Monitor Use this screen to view the ZyXEL Device’s bandwidth usage
services.
URL.
to perform content filtering.
content filtering on your ZyXEL Device.
user groups.
tunnel.
Use this screen to allow NetBIOS traffic through VPN tunnels.
or certification requests and import the ZyXEL Device’s CAsigned certificates.
Use this screen to import self-signed certificates.
servers (that contain lists of valid and revoked certificates).
interface.
and allotments.
54 Chapter 2 Introducing the Web Configurator
Page 55
P-662H/HW-D Series User’s Guide
Table 3 Web Configurator Screens Summary (continued)
LINK/ICON SUB-LINK FUNCTION
Remote MGMT WWW Use this screen to configure through which interface(s) and
from which IP address(es) users can use HTTPS or HTTP to
manage the ZyXEL Device.
Te ln e t Use this screen to configure through which interface(s) and
from which IP address(es) users can use Telnet to manage the
ZyXEL Device.
FTP Use this screen to configure through which interface(s) and
from which IP address(es) users can use FTP to access the
ZyXEL Device.
SNMP Use this screen to configure your ZyXEL Device’s settings for
Simple Network Management Protocol management.
DNS Use this screen to configure through which interface(s) and
ICMP Use this screen to change your anti-probing settings.
UPnP Use this screen to enable UPnP on the ZyXEL Device.
Maintenance
System General This screen contains administrative and system-related
Time Setting Use this screen to change your ZyXEL Device’s time and date.
Logs View Log Use this screen to view the logs for the categories that you
Log Settings Use this screen to change your ZyXEL Device’s log settings.
Tools Firmware Use this screen to upload firmware to your ZyXEL Device.
Configuration Use this screen to backup and restore the configuration or reset
Restart This screen allows you to reboot the ZyXEL Device without
Diagnostic General These screens display information to help you identify problems
DSL Line These screens display information to help you identify problems
from which IP address(es) users can send DNS queries to the
ZyXEL Device.
information and also allows you to change your password.
selected.
the factory defaults to your ZyXEL Device.
turning the power off.
with the ZyXEL Device general connection.
with the DSL line.
2.4.2 Status Screen
The following summarizes how to navigate the web configurator from the Status screen.
Some fields or links are not available if you entered the user password in the login password
screen (see Figure 6 on page 50).
Chapter 2 Introducing the Web Configurator 55
Page 56
P-662H/HW-D Series User’s Guide
Figure 11 Status Screen
The following table describes the labels shown in the Status screen.
Table 4 Status Screen
LABEL DESCRIPTION
Refresh Interval Select a number of seconds or None from the drop-down list box to refresh all
screen statistics automatically at the end of every time interval or to not refresh the
screen statistics.
Apply Click this button to refresh the status screen statistics.
Device Information
Host Name This is the System Name you enter in the Maintenance, System, General
Model Number
MAC Address This is the MAC (Media Access Control) or Ethernet address unique to your ZyXEL
ZyNOS Firmware
Version
DSL Firmware
Version
WAN Information
DSL Mode This is the standard that your ZyXEL Device is using.
IP Address
IP Subnet Mask
Default Gateway
screen. It is for identification purposes.
Device.
This is the ZyNOS Firmware version and the date created. ZyNOS is ZyXEL's
proprietary Network Operating System design.
This is the DSL firmware version associated with your ZyXEL Device.
This is the WAN port IP address.
This is the WAN port IP subnet mask.
This is the IP address of the default gateway, if applicable.
56 Chapter 2 Introducing the Web Configurator
Page 57
P-662H/HW-D Series User’s Guide
Table 4 Status Screen
LABEL DESCRIPTION
VPI/VCI This is the Virtual Path Identifier and Virtual Channel Identifier that you entered in
the Wizard or WAN screen.
LAN Information
IP Address This is the LAN port IP address.
IP Subnet Mask This is the LAN port IP subnet mask.
DHCP This is the WAN port DHCP role - Server, Relay or None.
WLAN Information (wireless devices only)
SSID This is the descriptive name used to identify the ZyXEL Device in the wireless
LAN.
Channel This is the channel number used by the ZyXEL Device now.
WEP This displays the status of WEP data encryption.
Security
Firewall This displays whether or not the ZyXEL Device’s firewall is activated.
Content Filter This displays whether or not the ZyXEL Device’s content filtering is activated.
Anti Virus This displays whether or not the ZyXEL Device’s anti-virus is activated.
System Status
System Uptime This is the total time the ZyXEL Device has been on.
Current Date/Time This field displays your ZyXEL Device’s present date and time.
System Mode This displays whether the ZyXEL Device is functioning as a router or a bridge.
CPU Usage This number shows how many kilobytes of the heap memory the ZyXEL Device is
using. Heap memory refers to the memory that is not used by ZyNOS (ZyXEL
Network Operating System) and is thus available for running processes like NAT,
VPN and the firewall.
The bar displays what percent of the ZyXEL Device's heap memory is in use. The
bar turns from green to red when the maximum is being approached.
Memory Usage This number shows the ZyXEL Device's total heap memory (in kilobytes).
The bar displays what percent of the ZyXEL Device's heap memory is in use. The
bar turns from green to red when the maximum is being approached.
Interface Status
Interface This displays the ZyXEL Device port types.
Status This field displays Down (line is down), Up (line is up or connected) if you're using
Ethernet encapsulation and Down (line is down), Up (line is up or connected), Idle
(line (ppp) idle), Dial (starting to trigger a call) and Drop (dropping a call) if you're
using PPPoE encapsulation.
For the WLAN port, it displays Active when WLAN is enabled or Inactive when
WLAN is disabled.
For the DMZ port, it displays the port speed, duplex mode and whether the port is
Active or Inactive.
Rate For the LAN ports, this displays the port speed and duplex setting.
For the WAN port, it displays the downstream and upstream transmission rate.
For the WLAN port, it displays the transmission rate when WLAN is enabled or N/A
when WLAN is disabled.
For the DMZ port, it displays the transmission rate when DMZ is enabled or N/A
when DMZ is disabled.
Chapter 2 Introducing the Web Configurator 57
Page 58
P-662H/HW-D Series User’s Guide
Table 4 Status Screen
LABEL DESCRIPTION
Summary
Any IP Table Use this screen to view a list of IP addresses and MAC addresses of computers,
WLAN Status
(wireless devices
only)
Bandwidth Status Use this screen to view the ZyXEL Device’s bandwidth usage and allotments.
Packet Statistics Use this screen to view port status and packet specific statistics.
VPN Status Use this screen to view VPN status and settings.
which are not in the same subnet as the ZyXEL Device.
This screen displays the MAC address(es) of the wireless stations that are
currently associating with the ZyXEL Device.
2.4.3 Status: Any IP Table
Click the Any IP Table hyperlink in the Status screen. The Any IP table shows current read-
only information (including the IP address and the MAC address) of all network devices that
use the Any IP feature to communicate with the ZyXEL Device.
Figure 12 Status: Any IP Table
The following table describes the labels in this screen.
Table 5 Status: Any IP Table
LABEL DESCRIPTION
# This is the index number of the host computer.
IP Address This field displays the IP address of the network device.
MAC Address This field displays the MAC (Media Access Control) address of the computer with the
Refresh Click Refresh to update this screen.
displayed IP address.
Every Ethernet device has a unique MAC address. The MAC address is assigned at
the factory and consists of six pairs of hexadecimal characters, for example,
00:A0:C5:00:00:02.
2.4.4 Status: WLAN Status
Click the WLAN Status hyperlink in the Status screen to view the wireless stations that are
currently associated to the ZyXEL Device.
58 Chapter 2 Introducing the Web Configurator
Page 59
P-662H/HW-D Series User’s Guide
Figure 13 Status: WLAN Status
The following table describes the labels in this screen.
Table 6 Status: WLAN Status
LABEL DESCRIPTION
# This is the index number of an associated wireless station.
MAC Address This field displays the MAC (Media Access Control) address of an associated wireless
Association
TIme
Refresh Click Refresh to reload this screen.
station.
This field displays the time a wireless station first associated with the P-662H/HW-Dx.
2.4.5 Status: Bandwidth Status
Select the Bandwidth Status hyperlink in the Status screen. View the bandwidth usage of the
LAN, WAN and WLAN configured bandwidth rules. This is also shown as bandwidth usage
over the bandwidth budget for each rule. The gray section of the bar represents the percentage
of unused bandwidth and the orange color represents the percentage of bandwidth in use.
Figure 14 Status: Bandwidth Status
2.4.6 Status: VPN Status
Click the VPN Status hyperlink in the Status screen. The VPN Status shows the current
status of any VPN tunnels the ZyXEL Device has negotiated.
Chapter 2 Introducing the Web Configurator 59
Page 60
P-662H/HW-D Series User’s Guide
Figure 15 Status: VPN Status
The following table describes the labels in this screen.
Table 7 Status: VPN Status
LABEL DESCRIPTION
No This is the security association index number.
Name This field displays the identification name for this VPN policy.
Encapsulation This field displays Tunnel or Transport mode.
IPSec
Algorithm
Disconnect Select one of the security associations, and then click Disconnect to stop that
Refresh Click Refresh to display the current active VPN connection(s).
This field displays the security protocol, encryption algorithm, and authentication
algorithm used in each SA.
security association.
2.4.7 Status: Packet Statistics
Click the Packet Statistics hyperlink in the Status screen. Read-only information here
includes port status and packet specific statistics. Also provided are "system up time" and "poll
interval(s)". The Poll Interval(s) field is configurable.
60 Chapter 2 Introducing the Web Configurator
Page 61
Figure 16 Status: Packet Statistics
P-662H/HW-D Series User’s Guide
The following table describes the fields in this screen.
Table 8 Status: Packet Statistics
LABEL DESCRIPTION
System Monitor
System up Time This is the elapsed time the system has been up.
Current Date/Time This field displays your ZyXEL Device’s present date and time.
CPU Usage This field specifies the percentage of CPU utilization.
Memory Usage This field specifies the percentage of memory utilization.
LAN or WAN Port
Stat istic s
Link Status This is the status of your WAN link.
Upstream Speed This is the upstream speed of your ZyXEL Device.
Downstream Speed This is the downstream speed of your ZyXEL Device.
Node-Link This field displays the remote node index number and link type. Link types are
Interface This field displays the type of port.
Status This field displays Down (line is down), Up (line is up or connected) if you're
TxPkts This field displays the number of packets transmitted on this port.
RxPkts This field displays the number of packets received on this port.
Errors This field displays the number of error packets on this port.
This is the WAN or LAN port.
PPPoA, ENET, RFC 1483 and PPPoE.
using Ethernet encapsulation and Down (line is down), Up (line is up or
connected), Idle (line (ppp) idle), Dial (starting to trigger a call) and Drop
(dropping a call) if you're using PPPoE encapsulation.
For the WLAN port, it displays the transmission rate when WLAN is enabled or N/
A when WLAN is disabled.
Chapter 2 Introducing the Web Configurator 61
Page 62
P-662H/HW-D Series User’s Guide
Table 8 Status: Packet Statistics (continued)
LABEL DESCRIPTION
Tx B/s This field displays the number of bytes transmitted in the last second.
Rx B/s This field displays the number of bytes received in the last second.
Up Time This field displays the elapsed time this port has been up.
Collisions This is the number of collisions on this port.
Poll Interval(s) Type the time interval for the browser to refresh system statistics.
Set Interval Click this button to apply the new poll interval you entered in the Poll Interval
Stop Click this button to halt the refreshing of the system statistics.
field above.
2.4.8 Changing Login Password
It is highly recommended that you periodically change the password for accessing the ZyXEL
Device. If you didn’t change the default one after you logged in or you want to change to a
new password again, then click Maintenance > System to display the screen as shown next.
Figure 17 System General
62 Chapter 2 Introducing the Web Configurator
Page 63
P-662H/HW-D Series User’s Guide
The following table describes the fields in this screen.
Table 9 System General: Password
LABEL DESCRIPTION
Old Password Type the default password or the existing password you use to access the system
in this field.
New Password Type the new password in this field.
Retype to Confirm Type the new password again in this field.
Apply Click Apply to save your changes back to the ZyXEL Device.
Cancel Click Cancel to begin configuring this screen afresh.
Chapter 2 Introducing the Web Configurator 63
Page 64
P-662H/HW-D Series User’s Guide
64 Chapter 2 Introducing the Web Configurator
Page 65
P-662H/HW-D Series User’s Guide
CHAPTER 3
Wizard Setup for Internet Access
This chapter provides information on the Wizard Setup screens for Internet access in the web
configurator.
3.1 Introduction
Use the Wizard Setup screens to configure your system for Internet access with the
information given to you by your ISP.
Note: See the advanced menu chapters for background information on these fields.
3.2 Internet Access Wizard Setup
1 After you enter the admin password to access the web configurator, select Go to Wizard
setup and click Apply. Otherwise, click the wizard icon ( ) in the top right corner of
the web configurator to display the wizard main screen.
Figure 18 Select a Mode
2 Click INTERNET/WIRELESS SETUP to configure the system for Internet access and
wireless connection.
Chapter 3 Wizard Setup for Internet Access 65
Page 66
P-662H/HW-D Series User’s Guide
Figure 19 Wizard: Welcome
3 The wizard attempts to detect which WAN connection type you are using.
If the wizard detects your connection type and your ISP uses PPPoE or PPPoA, go to
Section 3.2.1 on page 67. The screen varies depending on the connection type you use.
If the wizard does not detect a connection type and the following screen appears (see
Figure 20 on page 66), check your hardware connections and click Restart the Internet/
Wireless Setup Wizard to have the ZyXEL Device detect your connection again.
Figure 20 Auto Detection: No DSL Connection
If the wizard still cannot detect a connection type and the following screen appears (see
Figure 21 on page 67), click Next and refer to Section 3.2.2 on page 67 on how to
configure the ZyXEL Device for Internet access manually.
66 Chapter 3 Wizard Setup for Internet Access
Page 67
Figure 21 Auto Detection: Failed
3.2.1 Automatic Detection
1 If you have a PPPoE or PPPoA connection, a screen displays prompting you to enter your
Internet account information. Enter the username, password and/or service name exactly
as provided.
P-662H/HW-D Series User’s Guide
2 Click Next and see Section 3.3 on page 72 for wireless connection wizard setup.
Figure 22 Auto-Detection: PPPoE
3.2.2 Manual Configuration
1 If the ZyXEL Device fails to detect your DSL connection type, enter the Internet access
information given to you by your ISP exactly in the wizard screen. If not given, leave the
fields set to the default.
Chapter 3 Wizard Setup for Internet Access 67
Page 68
P-662H/HW-D Series User’s Guide
Figure 23 Internet Access Wizard Setup: ISP Parameters
The following table describes the fields in this screen.
Table 10 Internet Access Wizard Setup: ISP Parameters
LABEL DESCRIPTION
Mode From the Mode drop-down list box, select Routing (default) if your ISP allows
Encapsulation Select the encapsulation type your ISP uses from the Encapsulation drop-down list
Multiplexing Select the multiplexing method used by your ISP from the Multiplex drop-down list
Virtual Circuit IDVPI (Virtual Path Identifier) and VCI (Virtual Channel Identifier) define a virtual circuit.
VPI Enter the VPI assigned to you. This field may already be configured.
VCI Enter the VCI assigned to you. This field may already be configured.
Back Click Back to go back to the previous screen.
Next Click Next to continue to the next wizard screen. The next wizard screen you see
Exit Click Exit to close the wizard screen without saving your changes.
multiple computers to share an Internet account. Otherwise select Bridge.
box. Choices vary depending on what you select in the Mode field.
If you select Bridge in the Mode field, select either PPPoA or RFC 1483.
If you select Routing in the Mode field, select PPPoA, RFC 1483, ENET ENCAP or
PPPoE.
box either VC-based or LLC-based.
Refer to the appendix for more information.
depends on what protocol you chose above.
68 Chapter 3 Wizard Setup for Internet Access
Page 69
P-662H/HW-D Series User’s Guide
2 The next wizard screen varies depending on what mode and encapsulation type you use.
All screens shown are with routing mode. Configure the fields and click Next to continue.
See Section 3.3 on page 72 for wireless connection wizard setup
Figure 24 Internet Connection with PPPoE
The following table describes the fields in this screen.
Table 11 Internet Connection with PPPoE
LABEL DESCRIPTION
User Name Enter the user name exactly as your ISP assigned. If assigned a name in the form
user@domain where domain identifies a service name, then enter both components
exactly as given.
Password Enter the password associated with the user name above.
Service Name Type the name of your PPPoE service here.
Back Click Back to go back to the previous wizard screen.
Apply Click Apply to save your changes back to the ZyXEL Device.
Exit Click Exit to close the wizard screen without saving your changes.
Figure 25 Internet Connection with RFC 1483
Chapter 3 Wizard Setup for Internet Access 69
Page 70
P-662H/HW-D Series User’s Guide
The following table describes the fields in this screen.
Table 12 Internet Connection with RFC 1483
LABEL DESCRIPTION
IP Address This field is available if you select Routing in the Mode field.
Type your ISP assigned IP address in this field.
Back Click Back to go back to the previous wizard screen.
Next Click Next to continue to the next wizard screen.
Exit Click Exit to close the wizard screen without saving your changes.
Figure 26 Internet Connection with ENET ENCAP
The following table describes the fields in this screen.
Table 13 Internet Connection with ENET ENCAP
LABEL DESCRIPTION
Obtain an IP
Address
Automatically
Stat ic IP
Address
IP Address Enter your ISP assigned IP address.
Subnet Mask Enter a subnet mask in dotted decimal notation.
Gateway IP
address
70 Chapter 3 Wizard Setup for Internet Access
A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not
fixed; the ISP assigns you a different one each time you connect to the Internet.
Select Obtain an IP Address Automatically if you have a dynamic IP address.
A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not
fixed; the ISP assigns you a different one each time you connect to the Internet.
Select Static IP Address if your ISP gives you a fixed IP address.
Refer to the appendices to calculate a subnet mask If you are implementing subnetting.
You must specify a gateway IP address (supplied by your ISP) when you use ENET
ENCAP in the Encapsulation field in the previous screen.
Page 71
P-662H/HW-D Series User’s Guide
Table 13 Internet Connection with ENET ENCAP (continued)
LABEL DESCRIPTION
First DNS
Server
Second DNS
Server
Back Click Back to go back to the previous wizard screen.
Apply Click Apply to save your changes back to the ZyXEL Device.
Exit Click Exit to close the wizard screen without saving your changes.
Enter the IP addresses of the DNS servers. The DNS servers are passed to the DHCP
clients along with the IP address and the subnet mask.
As above.
Figure 27 Internet Connection with PPPoA
The following table describes the fields in this screen.
Table 14 Internet Connection with PPPoA
LABEL DESCRIPTION
User Name Enter the login name that your ISP gives you.
Password Enter the password associated with the user name above.
Back Click Back to go back to the previous wizard screen.
Apply Click Apply to save your changes back to the ZyXEL Device.
Exit Click Exit to close the wizard screen without saving your changes.
• If the user name and/or password you entered for PPPoE or PPPoA connection are not
correct, the screen displays as shown next. Click Back to Username and Password
setup to go back to the screen where you can modify them.
Chapter 3 Wizard Setup for Internet Access 71
Page 72
P-662H/HW-D Series User’s Guide
Figure 28 Connection Test Failed-1
• If the following screen displays, check if your account is activated or click Restart the
Internet/Wireless Setup Wizard to verify your Internet access settings.
Figure 29 Connection Test Failed-2.
3.3 Wireless Connection Wizard Setup
After you configure the Internet access information, use the following screens to set up your
wireless LAN.
1 Select Ye s and click Next to configure wireless settings. Otherwise, select No and skip to
Step 6.
72 Chapter 3 Wizard Setup for Internet Access
Page 73
P-662H/HW-D Series User’s Guide
Figure 30 Connection Test Successful
2 Use this screen to activate the wireless LAN and OTIST. Click Next to continue.
Figure 31 Wireless LAN Setup Wizard 1
Chapter 3 Wizard Setup for Internet Access 73
Page 74
P-662H/HW-D Series User’s Guide
The following table describes the labels in this screen.
Table 15 Wireless LAN Setup Wizard 1
LABEL DESCRIPTION
Active Select the check box to turn on the wireless LAN.
Note: You can also activate the wireless LAN by pressing the
Enable OTIST Select the check box to enable OTIST if you want to transfer your ZyXEL
Device’s SSID and WEP or WPA-PSK security settings to wireless clients that
support OTIST and are within transmission range.
You must also activate and start OTIST on the wireless client at the same time.
The process takes three minutes to complete.
Note: You can start OTIST by pressing the RESET button for 3
Setup Key Type an OTIST Setup Key of up to eight ASCII characters in length. Be sure to
use the same OTIST Setup Key on the ZyXEL Device and wireless clients.
Back
Next
Exit Click Exit to close the wizard screen without saving.
Click Back to display the previous screen.
Click Next to proceed to the next screen.
RESET button for 1 second.
seconds.
3 Configure your wireless settings in this screen. Click Next.
Figure 32 Wireless LAN Setup Wizard 2
74 Chapter 3 Wizard Setup for Internet Access
Page 75
The following table describes the labels in this screen.
Table 16 Wireless LAN Setup Wizard 2
LABEL DESCRIPTION
P-662H/HW-D Series User’s Guide
Network
Name(SSID)
Channel
Selection
Security Select Automatically assign a WPA key to allow the ZyXEL Device to configure a
Back Click Back to display the previous screen.
Next Click Next to proceed to the next screen.
Exit Click Exit to close the wizard screen without saving.
Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless
LAN.
If you change this field on the ZyXEL Device, make sure all wireless stations use the
same SSID in order to access the network.
The range of radio frequencies used by IEEE 802.11b/g wireless devices is called a
channel. Select a channel ID that is not already in use by a neighboring device.
WPA key for you based on the setup key you entered on the previous screen. This
option is only available if you selected Enable OTIST. See Section 3.3.1 on page 75
for more information.
Select Manually assign a WPA-PSK key to configure a Pre-Shared Key (WPA-PSK).
Choose this option only if your wireless clients support WPA. See Section 3.3.2 on
page 75 for more information.
Select Manually assign a WEP key to configure a WEP Key. See Section 3.3.3 on
page 76 for more information.
Select Disable wireless security to have no wireless LAN security configured and
your network is accessible to any wireless networking device that is within range.
Note: The wireless stations and ZyXEL Device must use the same SSID, channel ID
and WEP encryption key (if WEP is enabled), WPA-PSK (if WPA-PSK is
enabled) for wireless communication.
4 This screen varies depending on the security mode you selected in the previous screen.
Fill in the field (if available) and click Next.
3.3.1 Automatically assign a WPA key
Choose Manually assign a WPA key in the Wireless LAN setup screen to allow the ZyXEL
Device to configure a PSK key for you based on the setup key you entered on the previous
Wireless LAN setup screen. This key acts like a password to ensure only those Wireless LAN
devices you authorize are configured by OTIST.
3.3.2 Manually assign a WPA-PSK key
Choose Manually assign a WPA-PSK key in the Wireless LAN setup screen to set up a PreShared Key.
Chapter 3 Wizard Setup for Internet Access 75
Page 76
P-662H/HW-D Series User’s Guide
Figure 33 Manually assign a WPA key
The following table describes the labels in this screen.
Table 17 Manually assign a WPA key
LABEL DESCRIPTION
Pre-Shared
Key
Back Click Back to display the previous screen.
Next Click Next to proceed to the next screen.
Exit Click Exit to close the wizard screen without saving.
Type from 8 to 63 case-sensitive ASCII characters. You can set up the most secure
wireless connection by configuring WPA in the wireless LAN screens. You need to
configure an authentication server to do this.
3.3.3 Manually assign a WEP key
Choose Manually assign a WEP key to setup WEP Encryption parameters.
Figure 34 Manually assign a WEP key
76 Chapter 3 Wizard Setup for Internet Access
Page 77
P-662H/HW-D Series User’s Guide
The following table describes the labels in this screen.
Table 18 Manually assign a WEP key
LABEL DESCRIPTION
Key The WEP keys are used to encrypt data. Both the ZyXEL Device and the wireless
stations must use the same WEP key for data transmission.
Enter any 5, 13 or 29 ASCII characters or 10, 26 or 58 hexadecimal characters ("0-9",
"A-F") for a 64-bit, 128-bit or 256-bit WEP key respectively.
Back Click Back to display the previous screen.
Next Click Next to proceed to the next screen.
Exit Click Exit to close the wizard screen without saving.
5 Click Apply to save your wireless LAN settings.
Figure 35 Wireless LAN Setup 3
6 Use the read-only summary table to check whether what you have configured is correct.
Click Finish to complete and save the wizard setup.
Chapter 3 Wizard Setup for Internet Access 77
Page 78
P-662H/HW-D Series User’s Guide
Figure 36 Internet Access and WLAN Wizard Setup Complete
7 Launch your web browser and navigate to www.zyxel.com. Internet access is just the
beginning. Refer to the rest of this guide for more detailed information on the complete
range of ZyXEL Device features. If you cannot access the Internet, open the web
configurator again to confirm that the Internet settings you configured in the wizard setup
are correct.
78 Chapter 3 Wizard Setup for Internet Access
Page 79
P-662H/HW-D Series User’s Guide
CHAPTER 4
Bandwidth Management Wizard
This chapter shows you how to configure basic bandwidth management using the wizard
screens.
4.1 Introduction
Bandwidth management allows you to control the amount of bandwidth going out through the
ZyXEL Device’s WAN port and prioritize the distribution of the bandwidth according to
service bandwidth requirements. This helps keep one service from using all of the available
bandwidth and shutting out other users.
4.2 Predefined Media Bandwidth Management Services
The following is a description of the services that you can select and to which you can apply
media bandwidth management using the wizard screens.
Table 19 Media Bandwidth Management Setup: Services
SERVICE DESCRIPTION
WWW The World Wide Web (WWW) is an Internet system to distribute graphical, hyper-
linked information, based on Hyper Text Transfer Protocol (HTTP) - a client/server
protocol for the World Wide Web. The Web is not synonymous with the Internet;
rather, it is just one service on the Internet. Other services on the Internet include
Internet Relay Chat and Newsgroups. The Web is accessed through use of a
browser.
FTP File Transfer Program enables fast transfer of files, including large files that may
not be possible by e-mail. FTP uses port number 21.
E-Mail Electronic mail consists of messages sent through a computer network to specific
Telnet The purpose of the TELNET Protocol is to provide a fairly general, bi-directional,
NetMeeting
(H.323)
groups or individuals. Here are some default ports for e-mail:
POP3 - port 110
IMAP - port 143
SMTP - port 25
HTTP - port 80
eight-bit byte oriented communications facility.
It is typically used to provide user oriented command line login sessions between
hosts on the Internet. Telnet uses port number 23.
H.323 is an umbrella recommendation from the ITU-T, that defines the protocols to
provide audio-visual communication sessions on any packet network.
Chapter 4 Bandwidth Management Wizard 79
Page 80
P-662H/HW-D Series User’s Guide
Table 19 Media Bandwidth Management Setup: Services (continued)
SERVICE DESCRIPTION
VoIP (SIP) Sending voice signals over the Internet is called Voice over IP or VoIP. Session
Initiated Protocol (SIP) is an internationally recognized standard for implementing
VoIP. SIP is an application-layer control (signaling) protocol that handles the
setting up, altering and tearing down of voice and multimedia sessions over the
Internet.
SIP is transported primarily over UDP but can also be transported over TCP, using
the default port number 5060.
VoIP (H.323) H.323 is an umbrella recommendation from the ITU-T, that defines the protocols to
provide audio-visual communication sessions on any packet network.
TFTP Trivial File Transfer Protocol (TFTP) is a very simple file transfer protocol, with the
functionality of a very basic form of FTP. It is used to transfer small files between
hosts on a network, such as when a remote X Window System terminal or any
other thin client boots from a network host or server. TFTP is transported primarily
over UDP.
4.3 Bandwidth Management Wizard Setup
1 After you enter the password to access the web configurator, select Go to Wizard setup
and click Apply. Otherwise, click the wizard icon ( ) in the top right corner of the web
configurator to display the wizard main screen.
Figure 37 Select a Mode
2 Click BANDWIDTH MANAGEMENT SETUP to configure the system for Internet
access and wireless connection.
80 Chapter 4 Bandwidth Management Wizard
Page 81
P-662H/HW-D Series User’s Guide
Figure 38 Wizard: Welcome
3 Activate bandwidth management and select to allocate bandwidth to packets based on the
services.
Figure 39 Bandwidth Management Wizard: General Information
The following fields describe the label in this screen.
Table 20 Bandwidth Management Wizard: General Information
LABEL DESCRIPTION
Active Select the Active check box to have the ZyXEL Device apply bandwidth
Back Click Back to display the previous screen.
Next Click Next to proceed to the next screen.
Exit Click Exit to close the wizard screen without saving.
Chapter 4 Bandwidth Management Wizard 81
management to traffic going out through the ZyXEL Device’s WAN, LAN or WLAN
port.
Select Services Setup to allocate bandwidth based on the service requirements.
Page 82
P-662H/HW-D Series User’s Guide
4 Use the second wizard screen to select the services that you want to apply bandwidth
management and select the priorities that you want to apply to the services listed.
Figure 40 Bandwidth Management Wizard: Configuration
The following table describes the labels in this screen.
Table 21 Bandwidth Management Wizard: Configuration
LABEL DESCRIPTION
Active Select an entry’s Active check box to turn on bandwidth management for the service/
Service These fields display the services names.
Priority Select High, Mid or Low priority for each service to have your ZyXEL Device use a
Auto classifier
rest bandwidth
Back Click Back to go back to the previous wizard screen.
application.
priority for traffic that matches that service.
A service with High priority is given as much bandwidth as it needs.
If you select services as having the same priority, then bandwidth is divided equally
amongst those services.
Services not specified in bandwidth management are allocated bandwidth after all
specified services receive their bandwidth requirements.
If the rules set up in this wizard are changed in Advanced > Bandwidth MGMT >
Rule Setup, then the service priority radio button will be set to User Configured.
The Advanced > Bandwidth MGMT > Rule Setup screen allows you to edit these
rule configurations.
Select Auto classifier rest bandwidth to automatically allocate unbudgeted or
unused bandwidth to services based on the packet type.
82 Chapter 4 Bandwidth Management Wizard
Page 83
P-662H/HW-D Series User’s Guide
Table 21 Bandwidth Management Wizard: Configuration
LABEL DESCRIPTION
Apply Click Apply to save your changes back to the ZyXEL Device.
Exit Click Exit to close the wizard screen without saving your changes.
5 Follow the on-screen instructions and click Finish to complete the wizard setup and save
your configuration.
Figure 41 Bandwidth Management Wizard: Complete
Chapter 4 Bandwidth Management Wizard 83
Page 84
P-662H/HW-D Series User’s Guide
84 Chapter 4 Bandwidth Management Wizard
Page 85
This chapter describes how to configure WAN settings.
5.1 WAN Overview
A WAN (Wide Area Network) is an outside connection to another network or the Internet.
5.1.1 Encapsulation
Be sure to use the encapsulation method required by your ISP. The ZyXEL Device supports
the following methods.
P-662H/HW-D Series User’s Guide
CHAPTER 5
WAN Setup
5.1.1.1 ENET ENCAP
The MAC Encapsulated Routing Link Protocol (ENET ENCAP) is only implemented with the
IP network protocol. IP packets are routed between the Ethernet interface and the WAN
interface and then formatted so that they can be understood in a bridged environment. For
instance, it encapsulates routed Ethernet frames into bridged ATM cells. ENET ENCAP
requires that you specify a gateway IP address in the ENET ENCAP Gateway field in the
second wizard screen. You can get this information from your ISP.
5.1.1.2 PPP over Ethernet
PPPoE (Point-to-Point Protocol over Ethernet) provides access control and billing
functionality in a manner similar to dial-up services using PPP. PPPoE is an IETF standard
(RFC 2516) specifying how a personal computer (PC) interacts with a broadband modem
(DSL, cable, wireless, etc.) connection.
For the service provider, PPPoE offers an access and authentication method that works with
existing access control systems (for example RADIUS).
One of the benefits of PPPoE is the ability to let you access one of multiple network services,
a function known as dynamic service selection. This enables the service provider to easily
create and offer new IP services for individuals.
Operationally, PPPoE saves significant effort for both you and the ISP or carrier, as it requires
no specific configuration of the broadband modem at the customer site.
Chapter 5 WAN Setup 85
Page 86
P-662H/HW-D Series User’s Guide
By implementing PPPoE directly on the ZyXEL Device (rather than individual computers),
the computers on the LAN do not need PPPoE software installed, since the ZyXEL Device
does that part of the task. Furthermore, with NAT, all of the LANs’ computers will have
access.
5.1.1.3 PPPoA
PPPoA stands for Point to Point Protocol over ATM Adaptation Layer 5 (AAL5). A PPPoA
connection functions like a dial-up Internet connection. The ZyXEL Device encapsulates the
PPP session based on RFC1483 and sends it through an ATM PVC (Permanent Virtual
Circuit) to the Internet Service Provider’s (ISP) DSLAM (digital access multiplexer). Please
refer to RFC 2364 for more information on PPPoA. Refer to RFC 1661 for more information
on PPP.
5.1.1.4 RFC 1483
RFC 1483 describes two methods for Multiprotocol Encapsulation over ATM Adaptation
Layer 5 (AAL5). The first method allows multiplexing of multiple protocols over a single
ATM virtual circuit (LLC-based multiplexing) and the second method assumes that each
protocol is carried over a separate ATM virtual circuit (VC-based multiplexing). Please refer
to the RFC for more detailed information.
5.1.2 Multiplexing
There are two conventions to identify what protocols the virtual circuit (VC) is carrying. Be
sure to use the multiplexing method required by your ISP.
5.1.2.1 VC-based Multiplexing
In this case, by prior mutual agreement, each protocol is assigned to a specific virtual circuit;
for example, VC1 carries IP, etc. VC-based multiplexing may be dominant in environments
where dynamic creation of large numbers of ATM VCs is fast and economical.
5.1.2.2 LLC-based Multiplexing
In this case one VC carries multiple protocols with protocol identifying information being
contained in each packet header. Despite the extra bandwidth and processing overhead, this
method may be advantageous if it is not practical to have a separate VC for each carried
protocol, for example, if charging heavily depends on the number of simultaneous VCs.
5.1.3 VPI and VCI
Be sure to use the correct Virtual Path Identifier (VPI) and Virtual Channel Identifier (VCI)
numbers assigned to you. The valid range for the VPI is 0 to 255 and for the VCI is 32 to
65535 (0 to 31 is reserved for local management of ATM traffic). Please see the appendix for
more information.
86 Chapter 5 WAN Setup
Page 87
P-662H/HW-D Series User’s Guide
5.1.4 IP Address Assignment
A static IP is a fixed IP that your ISP gives you. A dynamic IP is not fixed; the ISP assigns you
a different one each time. The Single User Account feature can be enabled or disabled if you
have either a dynamic or static IP. However the encapsulation method assigned influences
your choices for IP address and ENET ENCAP gateway.
5.1.4.1 IP Assignment with PPPoA or PPPoE Encapsulation
If you have a dynamic IP, then the IP Address and ENET ENCAP Gateway fields are not
applicable (N/A). If you have a static IP, then you only need to fill in the IP Address field and
not the ENET ENCAP Gateway field.
5.1.4.2 IP Assignment with RFC 1483 Encapsulation
In this case the IP Address Assignment must be static with the same requirements for the IP
Address and ENET ENCAP Gateway fields as stated above.
5.1.4.3 IP Assignment with ENET ENCAP Encapsulation
In this case you can have either a static or dynamic IP. For a static IP you must fill in all the IP
Address and ENET ENCAP Gateway fields as supplied by your ISP. However for a
dynamic IP, the ZyXEL Device acts as a DHCP client on the WAN port and so the IP
Address and ENET ENCAP Gateway fields are not applicable (N/A) as the DHCP server
assigns them to the ZyXEL Device.
5.1.5 Nailed-Up Connection (PPP)
A nailed-up connection is a dial-up line where the connection is always up regardless of traffic
demand. The ZyXEL Device does two things when you specify a nailed-up connection. The
first is that idle timeout is disabled. The second is that the ZyXEL Device will try to bring up
the connection when turned on and whenever the connection is down. A nailed-up connection
can be very expensive for obvious reasons.
Do not specify a nailed-up connection unless your telephone company offers flat-rate service
or you need a constant connection and the cost is of no concern
5.1.6 NAT
NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a
host in a packet, for example, the source address of an outgoing packet, used within one
network to a different IP address known within another network.
Chapter 5 WAN Setup 87
Page 88
P-662H/HW-D Series User’s Guide
5.2 Metric
The metric represents the "cost of transmission". A router determines the best route for
transmission by choosing a path with the lowest "cost". RIP routing uses hop count as the
measurement of cost, with a minimum of "1" for directly connected networks. The number
must be between "1" and "15"; a number greater than "15" means the link is down. The
smaller the number, the lower the "cost".
The metric sets the priority for the ZyXEL Device’s routes to the Internet. If any two of the
default routes have the same metric, the ZyXEL Device uses the following pre-defined
priorities:
• Normal route: designated by the ISP (see Section 5.5 on page 90)
• Traffic-redirect route (see Section 5.7 on page 99)
• WAN-backup route, also called dial-backup (see Section 5.8 on page 100)
For example, if the normal route has a metric of "1" and the traffic-redirect route has a metric
of "2" and dial-backup route has a metric of "3", then the normal route acts as the primary
default route. If the normal route fails to connect to the Internet, the ZyXEL Device tries the
traffic-redirect route next. In the same manner, the ZyXEL Device uses the dial-backup route
if the traffic-redirect route also fails.
If you want the dial-backup route to take first priority over the traffic-redirect route or even the
normal route, all you need to do is set the dial-backup route’s metric to "1" and the others to
"2" (or greater).
IP Policy Routing overrides the default routing behavior and takes priority over all of the
routes mentioned above.
5.3 Traffic Shaping
Traffic Shaping is an agreement between the carrier and the subscriber to regulate the average
rate and fluctuations of data transmission over an ATM network. This agreement helps
eliminate congestion, which is important for transmission of real time data such as audio and
video connections.
Peak Cell Rate (PCR) is the maximum rate at which the sender can send cells. This parameter
may be lower (but not higher) than the maximum line speed. 1 ATM cell is 53 bytes (424 bits),
so a maximum speed of 832Kbps gives a maximum PCR of 1962 cells/sec. This rate is not
guaranteed because it is dependent on the line speed.
Sustained Cell Rate (SCR) is the mean cell rate of each bursty traffic source. It specifies the
maximum average rate at which cells can be sent over the virtual connection. SCR may not be
greater than the PCR.
88 Chapter 5 WAN Setup
Page 89
P-662H/HW-D Series User’s Guide
Maximum Burst Size (MBS) is the maximum number of cells that can be sent at the PCR.
After MBS is reached, cell rates fall below SCR until cell rate averages to the SCR again. At
this time, more cells (up to the MBS) can be sent at the PCR again.
If the PCR, SCR or MBS is set to the default of "0", the system will assign a maximum value
that correlates to your upstream line rate.
The following figure illustrates the relationship between PCR, SCR and MBS.
Figure 42 Example of Traffic Shaping
5.3.1 ATM Traffic Classes
These are the basic ATM traffic classes defined by the ATM Forum Traffic Management 4.0
Specification.
5.3.1.1 Constant Bit Rate (CBR)
Constant Bit Rate (CBR) provides fixed bandwidth that is always available even if no data is
being sent. CBR traffic is generally time-sensitive (doesn't tolerate delay). CBR is used for
connections that continuously require a specific amount of bandwidth. A PCR is specified and
if traffic exceeds this rate, cells may be dropped. Examples of connections that need CBR
would be high-resolution video and voice.
5.3.1.2 Variable Bit Rate (VBR)
The Variable Bit Rate (VBR) ATM traffic class is used with bursty connections. Connections
that use the Variable Bit Rate (VBR) traffic class can be grouped into real time (VBR-RT) or
non-real time (VBR-nRT) connections.
The VBR-RT (real-time Variable Bit Rate) type is used with bursty connections that require
closely controlled delay and delay variation. It also provides a fixed amount of bandwidth (a
PCR is specified) but is only available when data is being sent. An example of an VBR-RT
connection would be video conferencing. Video conferencing requires real-time data transfers
and the bandwidth requirement varies in proportion to the video image's changing dynamics.
Chapter 5 WAN Setup 89
Page 90
P-662H/HW-D Series User’s Guide
The VBR-nRT (non real-time Variable Bit Rate) type is used with bursty connections that do
not require closely controlled delay and delay variation. It is commonly used for "bursty"
traffic typical on LANs. PCR and MBS define the burst levels, SCR defines the minimum
level. An example of an VBR-nRT connection would be non-time sensitive data file transfers.
5.3.1.3 Unspecified Bit Rate (UBR)
The Unspecified Bit Rate (UBR) ATM traffic class is for bursty data transfers. However, UBR
doesn't guarantee any bandwidth and only delivers traffic when the network has spare
bandwidth. An example application is background file transfer.
5.4 Zero Configuration Internet Access
Once you turn on and connect the ZyXEL Device to a telephone jack, it automatically detects
the Internet connection settings (such as the VCI/VPI numbers and the encapsulation method)
from the ISP and makes the necessary configuration changes. In cases where additional
account information (such as an Internet account user name and password) is required or the
ZyXEL Device cannot connect to the ISP, you will be redirected to web screen(s) for
information input or troubleshooting.
Zero configuration for Internet access is disabled when
• the ZyXEL Device is in bridge mode
• you set the ZyXEL Device to use a static (fixed) WAN IP address.
5.5 Internet Connection
To change your ZyXEL Device’s WAN remote node settings, click Network > WAN. The
screen differs by the encapsulation.
See Section 5.1 on page 85 for more information.
90 Chapter 5 WAN Setup
Page 91
Figure 43 Internet Connection (PPPoE)
P-662H/HW-D Series User’s Guide
The following table describes the labels in this screen.
Table 22 Internet Connection
LABEL DESCRIPTION
General
Name Enter the name of your Internet Service Provider, e.g., MyISP. This information is
for identification purposes only.
Mode Select Routing (default) from the drop-down list box if your ISP allows multiple
Encapsulation Select the method of encapsulation used by your ISP from the drop-down list
User Name (PPPoA and PPPoE only) Enter the user name exactly as your ISP assigned. If
Password (PPPoA and PPPoE only) Enter the password associated with the user name
Service Name (PPPoE only) Type the name of your PPPoE service here.
Multiplexing Select the method of multiplexing used by your ISP from the drop-down list.
computers to share an Internet account. Otherwise select Bridge.
box. Choices vary depending on the mode you select in the Mode field.
If you select Bridge in the Mode field, select either PPPoA or RFC 1483.
If you select Routing in the Mode field, select PPPoA, RFC 1483, ENET
ENCAP or PPPoE.
assigned a name in the form user@domain where domain identifies a service
name, then enter both components exactly as given.
above.
Choices are VC or LLC.
Chapter 5 WAN Setup 91
Page 92
P-662H/HW-D Series User’s Guide
Table 22 Internet Connection
LABEL DESCRIPTION
Virtual Circuit ID VPI (Virtual Path Identifier) and VCI (Virtual Channel Identifier) define a virtual
circuit. Refer to the appendix for more information.
VPI The valid range for the VPI is 0 to 255. Enter the VPI assigned to you.
VCI The valid range for the VCI is 32 to 65535 (0 to 31 is reserved for local
management of ATM traffic). Enter the VCI assigned to you.
IP Address These fields only appear if the Mode is Routing.
A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is
not fixed; the ISP assigns you a different one each time you connect to the
Internet. ‘
Obtain an IP
Address
Automatically
Static IP Address (PPPoE, PPPoA, and ENET ENCAP only) Select this if you do not have a
IP Address Enter the static IP address provided by your ISP.
Subnet Mask (ENET ENCAP only) Enter the subnet mask provided by your ISP.
Gateway IP address (ENET ENCAP only) Enter the gateway IP address provided by your ISP.
Connection This section only appears if the Encapsulation is PPPoE and PPPoA.
Nailed-Up
Connection
Connect on Demand Select Connect on Demand when you don't want the connection up all the time
Max Idle Timeout Specify an idle time-out in the Max Idle Timeout field when you select Connect
Apply Click Apply to save the changes.
Cancel Click Cancel to begin configuring this screen afresh.
Advanced Setup Click this button to display the Advanced WAN Setup screen and edit more
(PPPoE, PPPoA, and ENET ENCAP only) Select this if you have a dynamic IP
address.
dynamic IP address.
Select Nailed-Up Connection when you want your connection up all the time.
The ZyXEL Device will try to bring up the connection automatically if it is
disconnected.
and specify an idle time-out in the Max Idle Timeout field.
on Demand. The default setting is 0, which means the Internet session will not
timeout.
details of your WAN setup.
5.5.1 Configuring Advanced Internet Connection
To edit your ZyXEL Device's advanced WAN settings, click the Advanced Setup button in
the Internet Connection screen. The screen appears as shown.
92 Chapter 5 WAN Setup
Page 93
Figure 44 Advanced Internet Connection
The following table describes the labels in this screen.
P-662H/HW-D Series User’s Guide
Table 23 Advanced Internet Connection
LABEL DESCRIPTION
RIP & Multicast
Setup
RIP Direction RIP (Routing Information Protocol, RFC 1058 and RFC 1389) allows a router to
exchange routing information with other routers. The RIP Direction field controls
the sending and receiving of RIP packets. Select the RIP direction from Both/In
Only/Out Only/None. When set to Both or Out Only, the ZyXEL Device will
broadcast its routing table periodically. When set to Both or In Only, it will
incorporate the RIP information that it receives; when set to None, it will not send
any RIP packets and will ignore any RIP packets received.
RIP Version This field is enabled if RIP Direction is not None. The RIP Version field controls
Multicast IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to
ATM Q o S
ATM QoS Type Select CBR (Continuous Bit Rate) to specify fixed (always-on) bandwidth for voice
the format and the broadcasting method of the RIP packets that the ZyXEL Device
sends (it recognizes both formats when receiving). RIP-1 is universally supported
but RIP-2 carries more information. RIP-1 is probably adequate for most networks,
unless you have an unusual network topology. Both RIP-2B and RIP-2M sends the
routing data in RIP-2 format; the difference being that RIP-2B uses subnet
broadcasting while RIP-2M uses multicasting. Multicasting can reduce the load on
non-router machines since they generally do not listen to the RIP multicast address
and so will not receive the RIP packets. However, if one router uses multicasting,
then all routers on your network must use multicasting, also.
establish membership in a multicast group. The ZyXEL Device supports both IGMP
version 1 (IGMP-v1) and IGMP-v2. Select None to disable it.
or data traffic. Select UBR (Unspecified Bit Rate) for applications that are non-time
sensitive, such as e-mail. Select VBR-nRT (Variable Bit Rate-non Real Time) or
VBR-RT (Variable Bit Rate-Real Time) for bursty traffic and bandwidth sharing with
other applications.
Chapter 5 WAN Setup 93
Page 94
P-662H/HW-D Series User’s Guide
Table 23 Advanced Internet Connection
LABEL DESCRIPTION
cell/sec Divide the DSL line rate (bps) by 424 (the size of an ATM cell) to find the Peak Cell
Rate (PCR). This is the maximum rate at which the sender can send cells. Type the
PCR here.
Sustain Cell Rate The Sustain Cell Rate (SCR) sets the average cell rate (long-term) that can be
transmitted. Type the SCR, which must be less than the PCR. Note that system
default is 0 cells/sec.
Maximum Burst
Size
Maximum Burst Size (MBS) refers to the maximum number of cells that can be sent
at the peak rate. Type the MBS, which is less than 65535.
Zero
Configuration
PPPoE
Passthrough
(PPPoE
encapsulation
only)
Back Click Back to return to the previous screen.
Apply Click Apply to save the changes.
Cancel Click Cancel to begin configuring this screen afresh.
This feature is not applicable/available when you configure the ZyXEL Device to
use a static WAN IP address or in bridge mode.
Select Yes to set the ZyXEL Device to automatically detect the Internet connection
settings (such as the VCI/VPI numbers and the encapsulation method) from the ISP
and make the necessary configuration changes.
Select No to disable this feature. You must manually configure the ZyXEL Device
for Internet access.
This field is available when you select PPPoE encapsulation.
In addition to the ZyXEL Device's built-in PPPoE client, you can enable PPPoE
pass through to allow up to ten hosts on the LAN to use PPPoE client software on
their computers to connect to the ISP via the ZyXEL Device. Each host can have a
separate account and a public WAN IP address.
PPPoE pass through is an alternative to NAT for application where NAT is not
appropriate.
Disable PPPoE pass through if you do not need to allow hosts on the LAN to use
PPPoE client software on their computers to connect to the ISP.
5.6 Configuring More Connections
This section describes the protocol-independent parameters for a remote network. They are
required for placing calls to a remote gateway and the network behind it across a WAN
connection. When you use the WAN > Internet Connection screen to set up Internet access,
you are configuring the first WAN connection.
Click Network > WAN > More Connections to display the screen as shown next.
94 Chapter 5 WAN Setup
Page 95
Figure 45 More Connections
The following table describes the labels in this screen.
Table 24 More Connections
LABEL DESCRIPTION
P-662H/HW-D Series User’s Guide
# This is the index number of a connection.
Active This display whether this connection is activated. Clear the check box to disable
the connection. Select the check box to enable it.
Name This is the descriptive name for this connection.
VPI/VCI This is the VPI and VCI values used for this connection.
Encapsulation This is the method of encapsulation used for this connection.
Modify The first (ISP) connection is read-only in this screen. Use the WAN > Internet
Connection screen to edit it.
Click the edit icon to go to the screen where you can edit the connection.
Click the delete icon to remove an existing connection. You cannot remove the
first connection.
Apply Click Apply to save the changes.
Cancel Click Cancel to begin configuring this screen afresh.
5.6.1 More Connections Edit
Click the edit icon in the More Connections screen to configure a connection.
Chapter 5 WAN Setup 95
Page 96
P-662H/HW-D Series User’s Guide
Figure 46 More Connections Edit
The following table describes the labels in this screen.
Table 25 More Connections Edit
LABEL DESCRIPTION
Active Select the check box to activate or clear the check box to deactivate this
connection.
Name Enter a unique, descriptive name of up to 13 ASCII characters for this
connection.
Mode Select Routing from the drop-down list box if your ISP allows multiple computers
Encapsulation Select the method of encapsulation used by your ISP from the drop-down list
User Name (PPPoA and PPPoE encapsulation only) Enter the user name exactly as your
Password (PPPoA and PPPoE encapsulation only) Enter the password associated with the
Service Name (PPPoE only) Type the name of your PPPoE service here.
to share an Internet account.
If you select Bridge, the ZyXEL Device will forward any packet that it does not
route to this remote node; otherwise, the packets are discarded.
box. Choices are PPPoA, RFC 1483, ENET ENCAP or PPPoE.
ISP assigned. If assigned a name in the form user@domain where domain
identifies a service name, then enter both components exactly as given.
user name above.
96 Chapter 5 WAN Setup
Page 97
P-662H/HW-D Series User’s Guide
Table 25 More Connections Edit (continued)
LABEL DESCRIPTION
Multiplexing Select the method of multiplexing used by your ISP from the drop-down list.
Choices are VC or LLC.
By prior agreement, a protocol is assigned a specific virtual circuit, for example,
VC1 will carry IP. If you select VC, specify separate VPI and VCI numbers for
each protocol.
For LLC-based multiplexing or PPP encapsulation, one VC carries multiple
protocols with protocol identifying information being contained in each packet
header. In this case, only one set of VPI and VCI numbers need be specified for
all protocols.
VPI The valid range for the VPI is 0 to 255. Enter the VPI assigned to you.
VCI The valid range for the VCI is 32 to 65535 (0 to 31 is reserved for local
management of ATM traffic). Enter the VCI assigned to you.
IP Address This option is available if you select Routing in the Mode field.
A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is
not fixed; the ISP assigns you a different one each time you connect to the
Internet.
If you use the encapsulation type except RFC 1483, select Obtain an IP
Address Automatically when you have a dynamic IP address; otherwise select
Static IP Address and type your ISP assigned IP address in the IP Address
field below.
If you use RFC 1483, enter the IP address given by your ISP in the IP Address
field.
Subnet Mask Enter a subnet mask in dotted decimal notation.
Refer to the appendices to calculate a subnet mask If you are implementing
subnetting.
Gateway IP address Specify a gateway IP address (supplied by your ISP).
Connection
Nailed-Up
Connection
Connect on Demand Select Connect on Demand when you don't want the connection up all the time
Max Idle Timeout Specify an idle time-out in the Max Idle Timeout field when you select Connect
NAT SUA only is available only when you select Routing in the Mode field.
Back Click Back to return to the previous screen.
Apply Click Apply to save the changes.
Cancel Click Cancel to begin configuring this screen afresh.
Advanced Setup Click this button to display the More Connections Advanced screen and edit
Select Nailed-Up Connection when you want your connection up all the time.
The ZyXEL Device will try to bring up the connection automatically if it is
disconnected.
and specify an idle time-out in the Max Idle Timeout field.
on Demand. The default setting is 0, which means the Internet session will not
timeout.
Select SUA Only if you have one public IP address and want to use NAT. Click
Edit to go to the Port Forwarding screen to edit a server mapping set.
Otherwise, select None to disable NAT.
more details of your WAN setup.
Chapter 5 WAN Setup 97
Page 98
P-662H/HW-D Series User’s Guide
5.6.2 Configuring More Connections Advanced Setup
To edit your ZyXEL Device's advanced WAN settings, click the Advanced Setup button in
the More Connections Edit screen. The screen appears as shown.
Figure 47 More Connections Advanced Setup
The following table describes the labels in this screen.
Table 26 More Connections Advanced Setup
LABEL DESCRIPTION
RIP & Multicast
Setup
RIP Direction Select the RIP direction from None, Both, In Only and Out Only.
RIP Version Select the RIP version from RIP-1, RIP-2B and RIP-2M.
Multicast IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to
ATM Q o S
ATM QoS Type Select CBR (Continuous Bit Rate) to specify fixed (always-on) bandwidth for voice
Peak Cell Rate Divide the DSL line rate (bps) by 424 (the size of an ATM cell) to find the Peak Cell
Sustain Cell Rate The Sustain Cell Rate (SCR) sets the average cell rate (long-term) that can be
Maximum Burst
Size
Back Click Back to return to the previous screen.
establish membership in a multicast group. The ZyXEL Device supports both IGMP
version 1 (IGMP-v1) and IGMP-v2. Select None to disable it.
or data traffic. Select UBR (Unspecified Bit Rate) for applications that are non-time
sensitive, such as e-mail. Select VBR-nRT (Variable Bit Rate-non Real Time) or
VBR-RT (Variable Bit Rate-Real Time) for bursty traffic and bandwidth sharing with
other applications.
Rate (PCR). This is the maximum rate at which the sender can send cells. Type the
PCR here.
transmitted. Type the SCR, which must be less than the PCR. Note that system
default is 0 cells/sec.
Maximum Burst Size (MBS) refers to the maximum number of cells that can be sent
at the peak rate. Type the MBS, which is less than 65535.
98 Chapter 5 WAN Setup
Page 99
Table 26 More Connections Advanced Setup (continued)
LABEL DESCRIPTION
Apply Click Apply to save the changes.
Cancel Click Cancel to begin configuring this screen afresh.
5.7 Traffic Redirect
Traffic redirect forwards traffic to a backup gateway when the ZyXEL Device cannot connect
to the Internet. An example is shown in the figure below.
Figure 48 Traffic Redirect Example
P-662H/HW-D Series User’s Guide
The following network topology allows you to avoid triangle route security issues when the
backup gateway is connected to the LAN. Use IP alias to configure the LAN into two or three
logical networks with the ZyXEL Device itself as the gateway for each LAN network. Put the
protected LAN in one subnet (Subnet 1 in the following figure) and the backup gateway in
another subnet (Subnet 2). Configure filters that allow packets from the protected LAN
(Subnet 1) to the backup gateway (Subnet 2).
Chapter 5 WAN Setup 99
Page 100
P-662H/HW-D Series User’s Guide
Figure 49 Traffic Redirect LAN Setup
5.8 Configuring WAN Backup
To change your ZyXEL Device’s WAN backup settings, click WA N > WAN Backup Setup.
The screen appears as shown.
100 Chapter 5 WAN Setup
Loading...