ZyXEL NBG-415N
Draft 802.11n Wireless Broadband Router
User’s Guide
Version 1.00
10/2006
Edition 1.00
ZyXEL NBG-415N User’s Guide
Copyright
Copyright © 2006 by ZyXEL Communications Corporation.
The contents of this publication may not be reproduced in any part or as a whole, transcribed,
stored in a retrieval system, translated into any language, or transmitted in any form or by any
means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or
otherwise, without the prior written permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or
software described herein. Neither does it convey any license under its patent rights nor the
patent rights of others. ZyXEL further reserves the right to make changes in any products
described herein without notice. This publication is subject to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL
Communications, Inc. Other trademarks mentioned in this publication are used for
identification purposes only and may be properties of their respective owners.
Copyright 2
ZyXEL NBG-415N User’s Guide
Federal Communications Commission (FCC) Interference Statement
The device complies with Part 15 of FCC rules. Operation is subject to the following two
conditions:
• This device may not cause harmful interference.
• This device must accept any interference received, including interference that may cause
undesired operations.
This device has been tested and found to comply with the limits for a Class B digital device
pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable
protection against harmful interference in a residential installation. This device generates,
uses, and can radiate radio frequency energy, and if not installed and used in accordance with
the instructions, may cause harmful interference to radio communications. However, there is
no guarantee that interference will not occur in a particular installation.
Certifications
If this device does cause harmful interference to radio/television reception, which can be
determined by turning the device off and on, the user is encouraged to try to correct the
interference by one or more of the following measures:
1 Reorient or relocate the receiving antenna.
2 Increase the separation between the equipment and the receiver.
3 Connect the equipment into an outlet on a circuit different from that to which the receiver
is connected.
4 Consult the dealer or an experienced radio/TV technician for help.
FCC Radiation Exposure Statement
• This transmitter must not be co-located or operating in conjunction with any other
antenna or transmitter.
• IEEE 802.11b or 802.11g operation of this product in the U.S.A. is firmware-limited to
channels 1 through 11.
• To comply with FCC RF exposure compliance requirements, a separation distance of at
least 20 cm must be maintained between the antenna of this device and all persons.
注意 !
依據 低功率電波輻射性電機管理辦法
3 Certifications
ZyXEL NBG-415N User’s Guide
第十二條 經型式認證合格之低功率射頻電機,非經許可,公司、商號或使用
者均不得擅自變更頻率、加大功率或變更原設計之特性及功能。
第十四條 低功率射頻電機之使用不得影響飛航安全及干擾合法通信;經發現
有干擾現象時,應立即停用,並改善至無干擾時方得繼續使用。
前項合法通信,指依電信規定作業之無線電信。低功率射頻電機須忍
受合法通信或工業、科學及醫療用電波輻射性電機設備之干擾。
Notices
Changes or modifications not expressly approved by the party responsible for compliance
could void the user's authority to operate the equipment.
This device has been designed for the WLAN 2.4 GHz network throughout the EC region and
Switzerland, with restrictions in France.
This Class B digital apparatus complies with Canadian ICES-003.
Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada.
Certifications
1 Go to www.zyxel.com
2 Select your product from the drop-down list box on the ZyXEL home page to go to that
product's page.
3 Select the certification you wish to view from this page
Certifications 4
ZyXEL NBG-415N User’s Guide
For your safety, be sure to read and follow all warning notices and instructions.
• Do NOT use this product near water, for example, in a wet basement or near a swimming
pool.
• Do NOT expose your device to dampness, dust or corrosive liquids.
• Do NOT store things on the device.
• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk
of electric shock from lightning.
• Connect ONLY suitable accessories to the device.
• ONLY qualified service personnel should service or disassemble this device.
• Make sure to connect the cables to the correct ports.
• Place connecting cables carefully so that no one will step on them or stumble over them.
• Always disconnect all cables from this device before servicing or disassembling.
• Use ONLY an appropriate power adaptor or cord for your device.
• Connect the power adaptor or cord to the right supply voltage (for example, 110V AC in
North America or 230V AC in Europe).
• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the
product where anyone can walk on the power adaptor or cord.
• Do NOT use the device if the power adaptor or cord is damaged as it might cause
electrocution.
• If the power adaptor or cord is damaged, remove it from the power outlet.
• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a
new one.
• Do not use the device outside, and make sure all the connections are indoors. There is a
remote risk of electric shock from lightning.
• Antenna Warning! This device meets ETSI and FCC certification requirements when
using the included antenna(s).
Safety Warnings
This product is recyclable. Dispose of it properly.
5 Safety Warnings
ZyXEL NBG-415N User’s Guide
ZyXEL Limited Warranty
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects
in materials or workmanship for a period of up to two years from the date of purchase. During
the warranty period, and upon proof of purchase, should the product have indications of failure
due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the
defective products or components without charge for either parts or labor, and to whatever
extent it shall deem necessary to restore the product or components to proper operating
condition. Any replacement will consist of a new or re-manufactured functionally equivalent
product of equal or higher value, and will be solely at the discretion of ZyXEL. This warranty
shall not apply if the product has been modified, misused, tampered with, damaged by an act
of God, or subjected to abnormal working conditions.
Note
Repair or replacement, as provided under this warranty, is the exclusive remedy of the
purchaser. This warranty is in lieu of all other warranties, express or implied, including any
implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in
no event be held liable for indirect or consequential damages of any kind to the purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return
Material Authorization number (RMA). Products must be returned Postage Prepaid. It is
recommended that the unit be insured when shipped. Any returned products without proof of
purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of
ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products
will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty
gives you specific legal rights, and you may also have other rights that vary from country to
country.
Registration
Register your product online to receive e-mail notices of firmware upgrades and information
at www.zyxel.com for global products, or at www.us.zyxel.com for North American products.
ZyXEL Limited Warranty 6
ZyXEL NBG-415N User’s Guide
Please have the following information ready when you contact customer support.
• Product model and serial number.
• Warranty Information.
• Date that you received your device.
• Brief description of the problem and the steps you took to solve it.
Customer Support
METHOD
LOCATION
CORPORATE
HEADQUARTERS
(WORLDWIDE)
COSTA RICA
CZECH REPUBLIC
DENMARK
FINLAND
FRANCE
GERMANY
HUNGARY
KAZAKHSTAN
NORTH AMERICA
SUPPORT E-MAIL TELEPHONE WEB SITE
SALES E-MAIL FAX FTP SITE
support@zyxel.com.tw +886-3-578-3942 www.zyxel.com
www.europe.zyxel.com
sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.com
ftp.europe.zyxel.com
soporte@zyxel.co.cr +506-2017878 www.zyxel.co.cr ZyXEL Costa Rica
sales@zyxel.co.cr +506-2015098 ftp.zyxel.co.cr
info@cz.zyxel.com +420-241-091-350 www.zyxel.cz ZyXEL Communications
info@cz.zyxel.com +420-241-091-359
support@zyxel.dk +45-39-55-07-00 www.zyxel.dk ZyXEL Communications A/S
sales@zyxel.dk +45-39-55-07-07
support@zyxel.fi +358-9-4780-8411 www.zyxel.fi ZyXEL Communications Oy
sales@zyxel.fi +358-9-4780 8448
info@zyxel.fr +33-4-72-52-97-97 www.zyxel.fr ZyXEL France
+33-4-72-52-19-20
support@zyxel.de +49-2405-6909-0 www.zyxel.de ZyXEL Deutschland GmbH.
sales@zyxel.de +49-2405-6909-99
support@zyxel.hu +36-1-3361649 www.zyxel.hu ZyXEL Hungary
info@zyxel.hu +36-1-3259100
http://zyxel.kz/support +7-3272-590-698 www.zyxel.kz ZyXEL Kazakhstan
sales@zyxel.kz +7-3272-590-689
support@zyxel.com 1-800-255-4101
+1-714-632-0882
sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com
www.us.zyxel.com ZyXEL Communications Inc.
REGULAR MAIL
ZyXEL Communications Corp.
6 Innovation Road II
Science Park
Hsinchu 300
Ta iw a n
Plaza Roble Escazú
Etapa El Patio, Tercer Piso
San José, Costa Rica
Czech s.r.o.
Modranská 621
143 01 Praha 4 - Modrany
Ceská Republika
Columbusvej
2860 Soeborg
Denmark
Malminkaari 10
00700 Helsinki
Finland
1 rue des Vergers
Bat. 1 / C
69760 Limonest
France
Adenauerstr. 20/A2 D-52146
Wuerselen
Germany
48, Zoldlomb Str.
H-1025, Budapest
Hungary
43, Dostyk ave.,Office 414
Dostyk Business Centre
050010, Almaty
Republic of Kazakhstan
1130 N. Miller St.
Anaheim
CA 92806-2001
U.S.A.
7 Customer Support
ZyXEL NBG-415N User’s Guide
METHOD
LOCATION
NORWAY
POLAND
RUSSIA
SPAIN
SWEDEN
UKRAINE
UNITED KINGDOM
SUPPORT E-MAIL TELEPHONE WEB SITE
SALES E-MAIL FAX FTP SITE
support@zyxel.no +47-22-80-61-80 www.zyxel.no ZyXEL Communications A/S
sales@zyxel.no +47-22-80-61-81
info@pl.zyxel.com +48 (22) 333 8250 www.pl.zyxel.com ZyXEL Communications
+48 (22) 333 8251
http://zyxel.ru/support +7-095-542-89-29 www.zyxel.ru ZyXEL Russia
sales@zyxel.ru +7-095-542-89-25
support@zyxel.es +34-902-195-420 www.zyxel.es ZyXEL Communications
sales@zyxel.es +34-913-005-345
support@zyxel.se +46-31-744-7700 www.zyxel.se ZyXEL Communications A/S
sales@zyxel.se +46-31-744-7701
support@ua.zyxel.com +380-44-247-69-78 www.ua.zyxel.com ZyXEL Ukraine
sales@ua.zyxel.com +380-44-494-49-32
support@zyxel.co.uk +44-1344 303044
08707 555779 (UK only)
sales@zyxel.co.uk +44-1344 303034 ftp.zyxel.co.uk
www.zyxel.co.uk ZyXEL Communications UK
REGULAR MAIL
Nils Hansens vei 13
0667 Oslo
Norway
ul. Okrzei 1A
03-715 Warszawa
Poland
Ostrovityanova 37a Str.
Moscow, 117279
Russia
Arte, 21 5ª planta
28033 Madrid
Spain
Sjöporten 4, 41764 Göteborg
Sweden
13, Pimonenko Str.
Kiev, 04050
Ukraine
Ltd.,11 The Courtyard,
Eastern Road, Bracknell,
Berkshire, RG12 2XB,
United Kingdom (UK)
Customer Support 8
ZyXEL NBG-415N User’s Guide
9 Customer Support
ZyXEL NBG-415N User’s Guide
Table of Contents
Copyright ..................................................................................................................2
Certifications ............................................................................................................3
Safety Warnings ....................................................................................................... 5
ZyXEL Limited Warranty.......................................................................................... 6
Customer Support.................................................................................................... 7
Table of Contents ................................................................................................... 10
List of Figures ........................................................................................................ 14
List of Tables .......................................................................................................... 18
Preface ....................................................................................................................20
Chapter 1
Getting Started ....................................................................................................... 22
1.1 Overview ............................................................................................................22
1.1.1 Internet Sharing Network ..........................................................................22
1.1.2 Wireless Network ......................................................................................23
1.2 Good Habits for Managing Your ZyXEL Device .................................................23
1.2.1 LEDs .........................................................................................................23
1.3 Rear Panel .........................................................................................................24
Chapter 2
The Web Configurator............................................................................................ 26
2.1 Introduction ........................................................................................................26
2.2 Login ..................................................................................................................26
2.3 Web Configurator Screen Buttons .....................................................................28
2.4 Saving Configuration Changes ..........................................................................28
2.5 Changing Your Password ...................................................................................29
2.5.1 Resetting the ZyXEL Device .....................................................................30
2.5.1.1 Using the Reset Button ...................................................................30
Chapter 3
Basic........................................................................................................................ 32
3.1 Setup Wizard ......................................................................................................32
3.1.1 Internet Connection Setup Wizard ............................................................32
Table of Contents 10
ZyXEL NBG-415N User’s Guide
3.2 Wireless Security Setup Wizard .........................................................................39
Chapter 4
WAN......................................................................................................................... 42
4.1 WAN Overview ...................................................................................................42
4.1.1 WAN IP Address Assignment ...................................................................42
4.1.2 DNS Server Address Assignment .............................................................43
4.2 WAN Configuration .............................................................................................43
4.2.1 WAN Connection: Dynamic IP ..................................................................43
4.2.2 WAN Configuration: Static IP ....................................................................45
4.2.3 WAN Configuration: PPPoE .....................................................................46
4.2.4 WAN Connection: PPTP ...........................................................................48
4.2.5 WAN Connection: L2TP ............................................................................49
4.3 Internet Connection Test ....................................................................................51
Chapter 5
LAN..........................................................................................................................52
5.1 Overview ............................................................................................................52
5.1.1 Router Settings .........................................................................................53
5.1.2 RIP Setup .................................................................................................54
5.1.3 DHCP Server Settings ..............................................................................56
5.1.4 DHCP Reservation ...................................................................................57
Chapter 6
WLAN ...................................................................................................................... 60
6.1 General Wireless LAN Setup .............................................................................60
6.2 Wireless LAN Security ......................................................................................62
6.2.1 WLAN Security Setup: WEP .....................................................................62
6.2.2 WLAN Security Setup: WPA-Personal ......................................................64
6.2.3 WLAN Security Setup: WPA-Enterprise ...................................................65
6.3 Wireless Client Setup using Windows® Connect Now ......................................68
Chapter 7
Advanced ................................................................................................................ 72
7.1 Game Hosting ....................................................................................................72
7.2 Virtual Server .....................................................................................................73
7.2.1 Common Services and Port Numbers ......................................................74
7.2.2 Virtual Server Setup ..................................................................................74
7.3 Applications ........................................................................................................76
7.3.1 Port Triggering ........................................................................................76
7.3.2 Configuring Special Applications ..............................................................77
7.4 StreamEngine
7.5 Routing ...............................................................................................................81
TM .......................................................................................................................... 78
11 Table of Contents
ZyXEL NBG-415N User’s Guide
7.6 Access Control ...................................................................................................83
7.7 Web Filter ...........................................................................................................90
7.8 MAC Filter ..........................................................................................................91
7.9 Firewall ...............................................................................................................93
7.9.1 DMZ ..........................................................................................................93
7.9.2 ALG ...........................................................................................................93
7.9.3 NAT Endpoint Filtering ..............................................................................93
7.9.4 Configuring Firewall ..................................................................................94
7.10 Inbound Filter ...................................................................................................96
7.11 Advanced Wireless ...........................................................................................98
7.12 Schedules ........................................................................................................99
Chapter 8
Tools...................................................................................................................... 102
8.1 Administrator Settings ......................................................................................102
8.1.1 Login Accounts .......................................................................................102
8.1.2 UPnP ......................................................................................................102
8.1.3 The Admin Screen ..................................................................................102
8.2 System Time and Date .....................................................................................104
8.3 E-mail ...............................................................................................................106
8.4 System .............................................................................................................108
8.4.1 Save Configuration .................................................................................108
8.4.2 Load Configuration .................................................................................109
8.4.3 Reset Configuration ................................................................................ 111
8.4.4 Rebooting Your ZyXEL Device ............................................................... 111
8.5 Firmware .......................................................................................................... 111
8.6 DDNS ............................................................................................................... 113
8.7 Ping .................................................................................................................. 114
Chapter 9
Status .................................................................................................................... 116
9.1 Device Info ....................................................................................................... 116
9.2 Wireless ........................................................................................................... 118
9.3 Logs .................................................................................................................118
9.4 Statistics ...........................................................................................................120
Chapter 10
Troubleshooting ................................................................................................... 122
10.1 Problems Starting Up the ZyXEL Device .......................................................122
10.2 Problems with the LAN ...................................................................................122
10.3 Problems with the WAN .................................................................................123
10.4 Problems with the WLAN ...............................................................................123
10.5 Problems Accessing the ZyXEL Device .........................................................124
Table of Contents 12
ZyXEL NBG-415N User’s Guide
10.6 Problems with Internet Access .......................................................................124
Appendix A
Product Specifications ....................................................................................... 126
Appendix B
Wireless LANs ...................................................................................................... 128
10.6.1 WPA(2)-PSK Application Example .......................................................137
10.6.2 WPA(2) with RADIUS Application Example ..........................................138
Appendix C
Setting up Your Computer’s IP Address............................................................ 140
Index...................................................................................................................... 152
13 Table of Contents
ZyXEL NBG-415NUser’s Guide
List of Figures
Figure 1 ZyXEL Device for Internet Sharing ......................................................... 22
Figure 2 Wireless Network Setup Using the ZyXEL Device ................................. 23
Figure 3 Front Panel ............................................................................................. 23
Figure 4 Rear Panel .............................................................................................. 25
Figure 5 Web Configurator: Login ......................................................................... 27
Figure 6 Web Configurator: Main Screen .............................................................. 27
Figure 7 Save Settings: Success ......................................................................... 29
Figure 8 Change Password ................................................................................... 29
Figure 9 Basic: Start (Wizard) ............................................................................... 32
Figure 10 Internet Connection Setup Wizard: Welcome ....................................... 33
Figure 11 Internet Connection Setup Wizard: Welcome (Internet Connection
Detected) ..................................................................................... 33
Figure 12 Internet Connection Setup Wizard: Step 1 ............................................ 33
Figure 13 Internet Connection Setup Wizard: Step 2 ............................................ 33
Figure 14 Internet Connection Setup Wizard: Step 3 ............................................ 34
Figure 15 Internet Connection Setup Wizard: Step 3 (Static IP Address) ............. 34
Figure 16 Internet Connection Setup Wizard: Step 3 (Dynamic IP Address) ........ 35
Figure 17 Internet Connection Setup Wizard: Step 3 (PPPoE) ............................. 35
Figure 18 Internet Connection Setup Wizard: Step 3 (PPTP) ............................... 36
Figure 19 Internet Connection Setup Wizard: Step 3 (L2TP) ................................ 37
Figure 20 Internet Connection Setup Wizard: Step 3 (BigPond) ........................... 38
Figure 21 Internet Connection Setup Wizard: Setup Complete ............................ 38
Figure 22 Internet Connection Setup Wizard: Success ........................................ 39
Figure 23 Internet Connection Setup Wizard: Rebooting ...................................... 39
Figure 24 Wireless Security Setup Wizard ............................................................ 39
Figure 25 Wireless Security Setup Wizard: Network Name .................................. 40
Figure 26 Wireless Security Setup Wizard: Security ............................................ 40
Figure 27 Wireless Security Setup Wizard: Security Key ................................... 40
Figure 28 Wireless Security Setup Wizard: Finish ............................................... 41
Figure 29 Wireless Security Setup Wizard: Success ............................................ 41
Figure 30 Wireless Security Setup Wizard: Rebooting ......................................... 41
Figure 31 Basic: WAN: Dynamic IP ...................................................................... 43
Figure 32 Basic: WAN: Static IP ............................................................................ 46
Figure 33 Basic: WAN: PPPoE ............................................................................. 47
Figure 34 Basic: WAN: PPTP ................................................................................ 48
Figure 35 Basic: WAN: L2TP ................................................................................ 50
Figure 36 Basic: LAN ............................................................................................ 52
Figure 37 Basic: LAN: Router Settings ................................................................. 53
List of Figures 14
ZyXEL NBG-415NUser’s Guide
Figure 38 Basic: LAN: RIP .................................................................................... 55
Figure 39 Basic: LAN: DHCP Server Settings ...................................................... 56
Figure 40 Basic: LAN: DHCP Reservation ............................................................ 57
Figure 41 Basic: Wireless: General Setup ............................................................ 60
Figure 42 Basic: Wireless: WLAN Security Setup ................................................. 62
Figure 43 Basic: Wireless: WLAN Security Setup: WEP ...................................... 63
Figure 44 Basic: Wireless: WLAN Security Setup: WPA-Personal ....................... 64
Figure 45 Basic: Wireless: WLAN Security Setup: WPA-Enterprise ..................... 66
Figure 46 Advanced: Game Hosting ..................................................................... 72
Figure 47 Advanced: Virtual Server ...................................................................... 75
Figure 48 Advanced: Applications ......................................................................... 77
Figure 49 Advanced: StreamEgine ....................................................................... 79
Figure 50 Example of Static Routing Topology ...................................................... 81
Figure 51 Advanced: Routing ................................................................................ 82
Figure 52 Advanced: Access Control .................................................................... 83
Figure 53 Advanced: Access Control: Wizard ....................................................... 84
Figure 54 Advanced: Access Control: Wizard: Policy Name ................................ 84
Figure 55 Advanced: Access Control: Wizard: Select Schedule ........................... 84
Figure 56 Advanced: Access Control: Wizard: Select Machine ............................ 85
Figure 57 Advanced: Access Control: Wizard: Filtering Method ........................... 86
Figure 58 Advanced: Access Control: Wizard: Filtering Method ........................... 88
Figure 59 Advanced: Access Control: Wizard: Port Filter ..................................... 89
Figure 60 Advanced: Access Control: Wizard: Web Access Logging ................... 89
Figure 61 Advanced: Access Control: Example .................................................... 90
Figure 62 Advanced: Web Filter ............................................................................ 90
Figure 63 Advanced: MAC Filter ........................................................................... 91
Figure 64 Advanced: Firewall ................................................................................ 94
Figure 65 Advanced: Inbound Filter ...................................................................... 97
Figure 66 Advanced: Wireless ‘ ............................................................................. 98
Figure 67 Advanced: Schedule ............................................................................. 100
Figure 68 Tools: Admin ......................................................................................... 103
Figure 69 Tools: Time ............................................................................................ 105
Figure 70 Tools: E-mail ......................................................................................... 107
Figure 71 Tools: System ........................................................................................ 108
Figure 72 Tools: Admin: File Download ................................................................. 109
Figure 73 Tools: Admin: Save As .......................................................................... 109
Figure 74 Tools: Admin: ........................................................................................ 109
Figure 75 Tools: Admin: Configuration Restore Progress ..................................... 110
Figure 76 Tools: Admin: Configuration Restore Progress: Success ..................... 110
Figure 77 Tools: Admin: Configuration Restore Progress: Prompt ....................... 110
Figure 78 Tools: Admin: Configuration Restore Progress: Redirect ...................... 110
Figure 79 Tools: System: Reset ............................................................................ 111
Figure 80 Tools: System: Reboot the Device ........................................................ 111
15 List of Figures
ZyXEL NBG-415NUser’s Guide
Figure 81 Tools: Firmware ..................................................................................... 112
Figure 82 Tools: Firmware: Prompt ....................................................................... 112
Figure 83 Tools: Firmware: Confirm ...................................................................... 112
Figure 84 Tools: Firmware: Wait ............................................................................ 112
Figure 85 Tools: DDNS ......................................................................................... 113
Figure 86 Tool: Ping .............................................................................................. 114
Figure 87 Status: Device Info ................................................................................ 116
Figure 88 Status: Wireless .................................................................................... 118
Figure 89 Status: Logs .......................................................................................... 119
Figure 90 Status: Statistics .................................................................................... 120
Figure 91 Peer-to-Peer Communication in an Ad-hoc Network ............................. 128
Figure 92 Basic Service Set ................................................................................... 129
Figure 93 Infrastructure WLAN .............................................................................. 130
Figure 94 RTS/CTS ............................................................................................... 131
Figure 95 WPA(2)-PSK Authentication .................................................................. 138
Figure 96 WIndows 95/98/Me: Network: Configuration .......................................... 141
Figure 97 Windows 95/98/Me: TCP/IP Properties: IP Address .............................. 142
Figure 98 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ................. 143
Figure 99 Windows XP: Start Menu ....................................................................... 144
Figure 100 Windows XP: Control Panel ................................................................. 144
Figure 101 Windows XP: Control Panel: Network Connections: Properties .......... 145
Figure 102 Windows XP: Local Area Connection Properties ................................. 145
Figure 103 Windows XP: Advanced TCP/IP Settings ............................................ 146
Figure 104 Windows XP: Internet Protocol (TCP/IP) Properties ............................ 147
Figure 105 Macintosh OS 8/9: Apple Menu ........................................................... 148
Figure 106 Macintosh OS 8/9: TCP/IP ................................................................... 148
Figure 107 Macintosh OS X: Apple Menu .............................................................. 149
Figure 108 Macintosh OS X: Network .................................................................... 150
List of Figures 16
ZyXEL NBG-415NUser’s Guide
17 List of Figures
ZyXEL NBG-415N User’s Guide
List of Tables
Table 1 Front Panel LEDs ..................................................................................... 24
Table 2 Rear Panel ................................................................................................ 25
Table 3 Web Configurator: Menus ......................................................................... 28
Table 4 Web Configurator: Common Screen Buttons ........................................... 28
Table 5 Change Password .................................................................................... 30
Table 6 Internet Connection Setup Wizard: Step 3 (Dynamic IP Address) ........... 34
Table 7 Internet Connection Setup Wizard: Step 3 (Dynamic IP Address) ........... 35
Table 8 Internet Connection Setup Wizard: Step 3 (PPPoE) ................................ 35
Table 9 Internet Connection Setup Wizard: Step 3 (PPTP) ................................... 36
Table 10 Internet Connection Setup Wizard: Step 3 (L2TP) ................................. 37
Table 11 Internet Connection Setup Wizard: Step 3 (BigPond) ............................. 38
Table 12 Private IP Address Ranges .................................................................... 42
Table 13 Basic: WAN: Dynamic IP ........................................................................ 44
Table 14 Basic: WAN: Static IP ............................................................................. 46
Table 15 Basic: WAN: PPPoE ............................................................................... 47
Table 16 Basic: WAN: PPTP ................................................................................. 49
Table 17 Basic: WAN: L2TP .................................................................................. 50
Table 18 Basic: LAN: Router Settings ................................................................... 54
Table 19 Basic: LAN: RIP ...................................................................................... 55
Table 20 Basic: LAN: DHCP Server Settings ........................................................ 56
Table 21 Basic: LAN: DHCP Reservation ............................................................. 58
Table 22 Basic: Wireless: General Setup .............................................................. 61
Table 23 Basic: Wireless: WLAN Security Setup: WEP ........................................ 63
Table 24 Basic: WLAN Security Setup: WPA-Personal ......................................... 65
Table 25 Basic: WLAN Security Setup: WPA-Enterprise ....................................... 67
Table 26 Advanced: Game Hosting ....................................................................... 73
Table 27 Virtual Server: Common Services and Port Numbers ............................ 74
Table 28 Advanced: Virtual Server ........................................................................ 75
Table 29 Advanced: Applications .......................................................................... 77
Table 30 Advanced: StreamEngine ....................................................................... 79
Table 31 Advanced: Routing ................................................................................. 82
Table 32 Advanced: Access Control: Wizard: Select Machine .............................. 85
Table 33 Advanced: Access Control: Wizard: Filtering Method ............................ 86
Table 34 Advanced: Access Control: Wizard: Filtering Method ............................ 88
Table 35 Advanced: Access Control: Wizard: Filtering Method ............................ 89
Table 36 Advanced: Web Filter ............................................................................. 90
Table 37 Advanced: MAC Filter ............................................................................. 92
Table 38 Advanced: Firewall ................................................................................. 95
List of Tables 18
ZyXEL NBG-415N User’s Guide
Table 39 Advanced: Inbound Filter ........................................................................ 97
Table 40 Advanced: Wireless ................................................................................ 98
Table 41 Advanced: Schedule ............................................................................... 100
Table 42 Tools: Admin ........................................................................................... 103
Table 43 Tools: Time ............................................................................................. 105
Table 44 Tools: E-mail ........................................................................................... 107
Table 45 Tools: DDNS ........................................................................................... 113
Table 46 Tools: Ping .............................................................................................. 114
Table 47 Status: Device Information ...................................................................... 117
Table 48 Status: Wireless ...................................................................................... 118
Table 49 Status: Logs ............................................................................................ 119
Table 50 Status: Statistics ..................................................................................... 120
Table 51 Troubleshooting Starting Up Your ZyXEL Device ................................... 122
Table 52 Troubleshooting the LAN ........................................................................ 122
Table 53 Troubleshooting the WAN ....................................................................... 123
Table 54 Troubleshooting the WLAN ..................................................................... 123
Table 55 Troubleshooting Accessing the ZyXEL Device ....................................... 124
Table 56 Troubleshooting Restricted Web Pages and Keyword Blocking ............. 124
Table 57 Hardware Features ................................................................................. 126
Table 58 Firmware Features ................................................................................. 126
Table 59 Default LAN and Management Settings ................................................. 127
Table 60 IEEE 802.11g .......................................................................................... 132
Table 61 Comparison of EAP Authentication Types .............................................. 136
Table 62 Wireless Security Relational Matrix ........................................................ 138
19 List of Tables
ZyXEL NBG-415N User’s Guide
Preface
Congratulations on your purchase of the ZyXEL NBG-415N Wireless Broadband Router.
Note: Register your product online to receive e-mail notices of firmware upgrades and
information at www.zyxel.com for global products, or at www.us.zyxel.com for
North American products.
Your NBG-415N is easy to install and configure.
About This User's Guide
This manual is designed to guide you through the configuration of your NBG-415N for its
various applications.
Syntax Conventions
• “Enter” means for you to type one or more characters. “Select” or “Choose” means for
you to use one predefined choices.
• The SMT menu titles and labels are in Bold Times New Roman font. Predefined field
choices are in Bold Arial font. Command and arrow keys are enclosed in square
brackets. [ENTER] means the Enter, or carriage return key; [ESC] means the Escape key
and [SPACE BAR] means the Space Bar.
• Mouse action sequences are denoted using a comma. For example, “click the Apple icon,
Control Panels and then Modem” means first click the Apple icon, then point your
mouse pointer to Control Panels and then click Modem.
• For brevity’s sake, we will use “e.g.,” as a shorthand for “for instance”, and “i.e.,” for
“that is” or “in other words” throughout this manual.
• The ZyXEL NBG-415N Wireless Broadband Router may be referred to as “the NBG415N” or “the ZyXEL Device” in this user’s guide.
Preface 20
ZyXEL NBG-415N User’s Guide
Graphics Icons Key
NBG-415N Computer Notebook Computer
Server Modem Wireless Signal
Internet Cloud Switch Router
Related Documentation
• Supporting Disk
Refer to the included CD for support documents.
• Quick Start Guide
The Quick Start Guide is designed to help you get up and running right away. They
contain hardware installation/connection information.
• ZyXEL Glossary and Web Site
Please refer to www.zyxel.com for an online glossary of networking terms and additional
support documentation.
User Guide Feedback
Help us help you. Send all User Guide-related comments, questions or suggestions for improvement to
the following address, or use e-mail instead. Thank you!
The Technical Writing Team,
ZyXEL Communications Corp.,
6 Innovation Road II,
Science-Based Industrial Park,
Hsinchu, 300, Taiwan.
E-mail: techwriters@zyxel.com.tw
21 Preface
This chapter introduces the main features and applications of your ZyXEL Device.
1.1 Overview
This ZyXEL Device is a secure wireless broadband router with a 4-port switch. The ZyXEL
Device is best suited for setting up an Internet sharing network or a wireless network in a
home or small business.
As a wireless router based on the draft IEEE 802.11n standard (also known as pre-N), the
ZyXEL Device is able to connect to another draft IEEE 802.11n wireless device at a up to 300
Mbps using two simultaneous data streams. With the smart antenna technology, MIMO
(Multiple Input Multiple Output), the ZyXEL Device uses three antennas to transmit and
receives data over the wireless network. The use of multiple antennas reduces interference and
signal distortion. For backward compatibility, the ZyXEL Device is also able to connect to
IEEE 802.11b and IEEE 802.11g devices.
ZyXEL NBG-415N User’s Guide
CHAPTER 1
Getting Started
Refer to Appendix A on page 126 for the product specifications.
1.1.1 Internet Sharing Network
For Internet access, connect the WAN Ethernet port to your existing Internet access gateway
(company network, or your cable or DSL modem for example) and connect computers or
servers to the LAN ports for shared Internet access. See the Quick Start Guide for instructions
on hardware connections.
Figure 1 ZyXEL Device for Internet Sharing
Internet
Chapter 1 Getting Started 22
ZyXEL NBG-415N User’s Guide
1.1.2 Wireless Network
By default, the integrated wireless feature is enabled on the ZyXEL Device that allows you to
set up a wireless network in your home or small office. Once connected, wireless clients can
access network resources (such Internet access, printers or servers).
Figure 2 Wireless Network Setup Using the ZyXEL Device
You can also configure firewall on the ZyXEL Device for secure Internet access. When the
firewall is on, all incoming traffic from the Internet to your network is blocked unless it is
initiated from your network. This means that probes from the outside to your network are not
allowed, but you can safely browse the Internet and download files for example.
Internet
Use web filters to block access to web site addresses that you specify. You can define time
periods and days during which web filters are enabled and include or exclude particular
computers on your network from content filtering. For example, you could block access to
certain web sites for the kids.
1.2 Good Habits for Managing Your ZyXEL Device
Here are some things you should do regularly.
• Change your password.
• Back up your configuration (and make sure you know how to reload it).
1.2.1 LEDs
The following figure shows the LEDs on the ZyXEL Device.
Figure 3 Front Panel
23 Chapter 1 Getting Started
ZyXEL NBG-415N User’s Guide
The following table describes the LEDs.
Table 1 Front Panel LEDs
LED COLOR STATUS DESCRIPTION
PWR Off The ZyXEL Device is not receiving power.
Green On The ZyXEL Device is receiving power and ready.
Blinking The ZyXEL Device is resetting to the factory defaults.
LAN1 ..
4
WAN Off The WAN connection is not ready, or has failed.
WLAN Off The WLAN is disabled.
USB Off The USB port is not in use
Green On An Ethernet device is connected to this port.
Green On The ZyXEL Device has a successful WAN connection for
Amber On Pre-N WLAN is enabled on the ZyXEL Device.
Green On IEEE 802.11b/g WLAN is enabled on the ZyXEL Device.
Green Blinking (3
Off No device is connected to this port.
Blinking The ZyXEL Device is sending/receiving data on this port.
Internet access.
Blinking The ZyXEL Device is sending/receiving data over the WAN port.
Blinking The ZyXEL Device is sending/receiving data over the pre-N
Blinking The ZyXEL Device is sending/receiving data over the IEEE
Times)
Blinking
(Continuous)
WLAN.
802.11b/g WLAN.
Windows Connect Now setup is successful.
Windows Connect Now setup is not successful.
1.3 Rear Panel
The following figure shows the rear panel.
Chapter 1 Getting Started 24
ZyXEL NBG-415N User’s Guide
Figure 4 Rear Panel
The following table describes the labels on the rear panel.
Table 2 Rear Panel
LABEL DESCRIPTION
POWER Use the included power adaptor to connect this port to an appropriate power
source.
RESET You only need to use this button when you have changed the device login
password and have now forgotten it.
Note: Using the RESET button erases all custom settings and
resets the device back to the factory defaults.
Use a pointed object to press this button in for more than 10 seconds and release.
The device resets to the factory default settings and automatically restarts.
USB Connect a USB storage device to this port to configure wireless settings on
ON OFF Use this switch to enable (ON) or disable (OFF) the wireless LAN on the device.
WAN Use the Ethernet cable that comes with your DSL/cable modem to connect to
LAN 1 .. 4 Use Ethernet cables to connect up to four computers to the ZyXEL Device. To
wireless clients using the Windows Wireless Now feature (currently available on
Windows XP with service pack 2). Refer to Section 6.3 on page 68 for more
information.
the Ethernet port on the DSL/cable modem.
connect more than four computers, use a switch.
25 Chapter 1 Getting Started
This chapter introduces the main features and applications of your ZyXEL Device.
2.1 Introduction
The web configurator is an HTML-based management interface that allows easy device setup
and management via Internet browser. Use Internet Explorer 6.0 and later or Netscape
Navigator 7.0 and later versions. The recommended screen resolution is 1024 by 768 pixels.
In order to use the web configurator you need to allow:
• Web browser pop-up windows from your device. Web pop-up blocking is enabled by
default in Windows XP SP (Service Pack) 2.
• JavaScript (enabled by default).
• Java permissions (enabled by default).
ZyXEL NBG-415N User’s Guide
CHAPTER 2
The Web Configurator
Note: By default, you can only access the web configurator through a LAN port. To
2.2 Login
Follow the steps below to log into the web configurator.
1 Start your web browser.
2 Type “http://” and the IP address of the ZyXEL Device (for example, the default is
3 The login screen appears. Select admin in the User Name field to log in as an
4 Enter the associated password. The default administrative login password is “1234”.
access via the WAN, enable remote management in the Admin screen.
192.168.1.1) in the Location or Address field. Press [ENTER].
administrator.
Chapter 2 The Web Configurator 26
ZyXEL NBG-415N User’s Guide
Figure 5 Web Configurator: Login
5 Click Login to view the first web configurator screen. The Device Information screen is
the first screen that displays when you access the web configurator.
Figure 6 Web Configurator: Main Screen
Note: The management session automatically times out after five minutes of
inactivity. Simply log back into the ZyXEL Device if this happens to you.
27 Chapter 2 The Web Configurator
ZyXEL NBG-415N User’s Guide
The following table lists the various web configurator screens.
Table 3 Web Configurator: Menus
BASIC ADVANCED TOOLS STATUS HELP
Start
WAN
LAN
Wireless
Game Hosting
Virtual Server
Applications
StreamEngine
Routing
Access Control
Web Filter
MAC Filter
Firewall
Inbound Filter
Wireless
Schedules
Admin
Time
E-mail
System
Firmware
DDNS
Ping
2.3 Web Configurator Screen Buttons
The following table describes the common buttons in the web configurator.
Table 4 Web Configurator: Common Screen Buttons
BUTTON DESCRIPTION
Click this button to save all changes permanently to the device.
Click this button to discard all changes.
Device Info
Wireless
Logs
Statistics
Menu
Basic
Advanced
To ol s
Status
Glossary
Note: All unsaved changes in all screens will be lost.
Click this button to save the changes of a configuration screen for the current
session.
Click this button to start configuring a screen again.
Click this button to change the settings of the selected rule.
Click this button to remove the selected rule.
2.4 Saving Configuration Changes
Note: You must save the current configuration in the ZyXEL Device to make the
changes take effect.
Do NOT turn off the ZyXEL Device during the updating process, as it may
corrupt the firmware and make your ZyXEL Device unusable.
Follow the steps below to save configuration changes.
Chapter 2 The Web Configurator 28
ZyXEL NBG-415N User’s Guide
1 Click Save Settings in a configuration screen.
2 A Success screen displays.
Figure 7 Save Settings: Success
• Click Reboot the Device to restart the ZyXEL Device and make the changes take effect.
Wait before the ZyXEL Device finishes rebooting before accessing the web configurator
again.
• Alternatively, click Continue to return to the previous configuration screen.
2.5 Changing Your Password
It is highly recommended that you periodically change the password for the login accounts for
security reasons. Click To o l s > A d m i n to display the screen as shown next.
Configure the password fields for the admin and user accounts then click Save Settings and
reboot the device to make the changes take effect.
Figure 8 Change Password
29 Chapter 2 The Web Configurator
The following table describes the related fields in this screen.
Table 5 Change Password
LABEL DESCRIPTION
Admin Password
Password Type the new password in this field.
Verify Password Type the new password again in this field.
User Password
Password Type the new password in this field.
Verify Password Type the new password again in this field.
2.5.1 Resetting the ZyXEL Device
If you forget your administrative login password or cannot access the web configurator, you
will need to use the RESET button to reload the factory-default configuration file. This means
that you will lose all configurations that you had previously and the password will be reset to
“1234”.
ZyXEL NBG-415N User’s Guide
2.5.1.1 Using the Reset Button
1 Use a pointed object to press the RESET button for more than 10 seconds and then
release.
2 Wait until the WAN, LAN and WLAN LEDs turn off and blink. This indicates that the
ZyXEL Device has reset the configuration to the factory defaults.
3 Wait until the ZyXEL Device finishes restarting before accessing it again.
Chapter 2 The Web Configurator 30
ZyXEL NBG-415N User’s Guide
31 Chapter 2 The Web Configurator
This chapter describes the Basic screens you use to configure the wizard, LAN, WAN and
WLAN settings.
3.1 Setup Wizard
You can use the wizard screens to configure the ZyXEL Device for Internet access and secure
wireless connection.
Click Basic > Start to display the main Wizard screen. Use the wizard screens to configure
basic settings for Internet access and wireless connection.
ZyXEL NBG-415N User’s Guide
CHAPTER 3
Basic
Figure 9 Basic: Start (Wizard)
3.1.1 Internet Connection Setup Wizard
Follow the steps below to use the wizard setup screens to configure the ZyXEL Device for
Internet access with the information given to you by your ISP.
Note: See the advanced menu chapters for background information on these fields.
Chapter 3 Basic 32
ZyXEL NBG-415N User’s Guide
1 Click START > WIZARD > Launch Internet Connection Setup Wizard to display
the first wizard screen. This screen states whether the ZyXEL Device can automatically
detect the connection type and access the Internet. If Internet connection is not available,
this screen outlines the steps to set up your ZyXEL Device. Click Next to continue.
Figure 10 Internet Connection Setup Wizard: Welcome
Figure 11 Internet Connection Setup Wizard: Welcome (Internet Connection Detected)
2 The second wizard screen prompts you to change the login password. Enter a new
password in the Password field and retype the password in Ve r i f y P a s s w o r d field to
verify. Click Next.
Note: Passwords are case sensitive.
Figure 12 Internet Connection Setup Wizard: Step 1
3 Select the time zone for your geographical location. For example, if you are in California,
select (GMT-08:00) Pacific Time (US/Canada), Tijuana. Click Next.
Figure 13 Internet Connection Setup Wizard: Step 2
4 Select your Internet connection type and click Next to continue.
33 Chapter 3 Basic
ZyXEL NBG-415N User’s Guide
Figure 14 Internet Connection Setup Wizard: Step 3
5 The next wizard screen varies depending on the connection type you have selected.
Configure the fields with the information provided by your ISP and click Next.
Figure 15 Internet Connection Setup Wizard: Step 3 (Static IP Address)
The following table describes the related fields in this screen.
Table 6 Internet Connection Setup Wizard: Step 3 (Dynamic IP Address)
field description
IP Address Enter the IP address that your ISP gave you. This should be a static, public IP
Subnet Mask Enter the subnet mask for the IP address.
Gateway Address Enter the IP address of the router through which this WAN connection will send
Primary/
Secondary DNS
Address
address.
traffic (the default gateway).
DNS (Domain Name System) is for mapping a domain name to its corresponding
IP address and vice versa. The DNS server is extremely important because
without it, you must know the IP address of a computer before you can access it.
The ZyXEL Device uses a system DNS server (in the order you specify here) to
resolve domain names for VPN, DDNS and the time server.
Enter the DNS server IP addresses.
Chapter 3 Basic 34
ZyXEL NBG-415N User’s Guide
Figure 16 Internet Connection Setup Wizard: Step 3 (Dynamic IP Address)
The following table describes the related fields in this screen.
Table 7 Internet Connection Setup Wizard: Step 3 (Dynamic IP Address)
FIELD DESCRIPTION
MAC Address If required by your ISP, enter your computer MAC address in the MAC Address
Host Name If a host name is necessary for a successful Internet connection, enter it in the
field or click Clone Your PC's MAC Address to copy the MAC address of the
computer connecting to your ISP onto the ZyXEL Device.
Host Name field. Click Next to continue.
Figure 17 Internet Connection Setup Wizard: Step 3 (PPPoE)
The following table describes the related fields in this screen.
Table 8 Internet Connection Setup Wizard: Step 3 (PPPoE)
FIELD DESCRIPTION
Address Mode Select Dynamic IP If your ISP did not assign you a fixed IP address. This is the
default selection.
Select Static IP If your ISP assigned a fixed IP address. The set the following
fields.
35 Chapter 3 Basic
ZyXEL NBG-415N User’s Guide
Table 8 Internet Connection Setup Wizard: Step 3 (PPPoE) (continued)
FIELD DESCRIPTION
IP Address This field is applicable if you select Static IP in the Address Mode field.
Enter the IP address that your ISP gave you. This should be a static, public IP
address.
User Name Type the user name given to you by your ISP. You can use alphanumeric and -
_@$./ characters, and it can be up to 31 characters long.
Password Type the password associated with the user name above. Use up to 64 ASCII
Verify Password Type your password again for confirmation.
Service Name Type the PPPoE service name given to you by your ISP. PPPoE uses a service
characters except the [, ] and ?. This field can be blank.
name to identify and reach the PPPoE server. You can use alphanumeric and _@$./ characters, and it can be up to 64 characters long.
Figure 18 Internet Connection Setup Wizard: Step 3 (PPTP)
The following table describes the related fields in this screen.
Table 9 Internet Connection Setup Wizard: Step 3 (PPTP)
FIELD DESCRIPTION
Address Mode Select Dynamic IP If your ISP did not assign you a fixed IP address. This is the
default selection.
Select Static IP If your ISP assigned a fixed IP address. The set the following
fields.
PPTP IP Address This field is applicable if you select Static IP in the Address Mode field.
Enter the IP address that your ISP gave you. This should be a static, public IP
address.
PPTP Subnet
Mask
PPTP Gateway IP
Address
Chapter 3 Basic 36
This field is applicable if you select Static IP in the Address Mode field.
Enter the subnet mask for the IP address.
This field is applicable if you select Static IP in the Address Mode field.
Enter the IP address of the router through which this WAN connection will send
traffic (the default gateway).
ZyXEL NBG-415N User’s Guide
Table 9 Internet Connection Setup Wizard: Step 3 (PPTP)
FIELD DESCRIPTION
PPTP Server IP
Address (may be
same as gateway)
User Name Type the user name given to you by your ISP. You can use alphanumeric and -
Password Type the password associated with the user name above. Use up to 64 ASCII
Verify Password Type your password again for confirmation.
Type the IP address of the PPTP server.
_@$./ characters, and it can be up to 31 characters long.
characters except the [, ] and ?. This field can be blank.
Figure 19 Internet Connection Setup Wizard: Step 3 (L2TP)
The following table describes the related fields in this screen.
Table 10 Internet Connection Setup Wizard: Step 3 (L2TP)
FIELD DESCRIPTION
Address Mode Select Dynamic IP If your ISP did not assign you a fixed IP address. This is the
default selection.
Select Static IP If your ISP assigned a fixed IP address. The set the following
fields.
L2TP IP Address This field is applicable if you select Static IP in the Address Mode field.
Enter the IP address that your ISP gave you. This should be a static, public IP
address.
L2TP Subnet
Mask
L2TP Gateway IP
Address
L2TP Server IP
Address (may be
same as gateway)
User Name Type the user name given to you by your ISP. You can use alphanumeric and -
This field is applicable if you select Static IP in the Address Mode field.
Enter the subnet mask for the IP address.
This field is applicable if you select Static IP in the Address Mode field.
Enter the IP address of the router through which this WAN connection will send
traffic (the default gateway).
Type the IP address of the L2TP server.
_@$./ characters, and it can be up to 31 characters long.
37 Chapter 3 Basic
ZyXEL NBG-415N User’s Guide
Table 10 Internet Connection Setup Wizard: Step 3 (L2TP) (continued)
FIELD DESCRIPTION
Password Type the password associated with the user name above. Use up to 64 ASCII
characters except the [, ] and ?. This field can be blank.
Verify Password Type your password again for confirmation.
Figure 20 Internet Connection Setup Wizard: Step 3 (BigPond)
The following table describes the related fields in this screen.
Table 11 Internet Connection Setup Wizard: Step 3 (BigPond)
FIELD DESCRIPTION
User Name Type the user name given to you by your ISP. You can use alphanumeric and -
_@$./ characters, and it can be up to 31 characters long.
Password Type the password associated with the user name above. Use up to 64 ASCII
Verify Password Type your password again for confirmation.
BigPond Server Type the IP address of the BigPond server.
characters except the [, ] and ?. This field can be blank.
6 In the las wizard screen, click Connect to save the settings to the ZyXEL Device.
Figure 21 Internet Connection Setup Wizard: Setup Complete
7 Click Reboot the Device to restart the ZyXEL Device and make the changes take effect.
Chapter 3 Basic 38
ZyXEL NBG-415N User’s Guide
Figure 22 Internet Connection Setup Wizard: Success
8 Wait until the ZyXEL Device finishes rebooting before accessing it again.
Figure 23 Internet Connection Setup Wizard: Rebooting
9 Test your Internet connection. Launch your web browser and enter any web site address
for example, http://www.zyxel.com).
3.2 Wireless Security Setup Wizard
Follow the steps below to use the wizard setup screens to configure a wireless LAN and
wireless security setting on the ZyXEL Device.
Note: See the advanced menu chapters for background information on these fields.
1 Click START > WIZARD > Launch Wireless Security Setup Wizard to display the
first wizard screen. This screen outlines the steps to set up your ZyXEL Device. Click
Next to continue.
Figure 24 Wireless Security Setup Wizard
2 In the Wireless Network Name field, enter a descriptive name for identifying the
wireless network. To connect to this wireless network, wireless clients must associate to
this ID. Click Next.
39 Chapter 3 Basic
ZyXEL NBG-415N User’s Guide
Figure 25 Wireless Security Setup Wizard: Network Name
3 Follow the on-screen instruction and select a wireless security mode. Click Next.
Figure 26 Wireless Security Setup Wizard: Security
4 The next screen displays if you enable a wireless security mode. Follow the on-screen
instruction. Enter a WEP key if you select GOOD security level. If you select BETTER
or BEST security level, enter a password that the ZyXEL Device uses to generate a
unique wireless secret key. Click Next.
Figure 27 Wireless Security Setup Wizard: Security Key
5 Check your wireless LAN settings in this screen and click Save to save the settings to the
ZyXEL Device.
Chapter 3 Basic 40
ZyXEL NBG-415N User’s Guide
Figure 28 Wireless Security Setup Wizard: Finish
6 Click Reboot the Device to restart the ZyXEL Device and make the changes take effect.
Figure 29 Wireless Security Setup Wizard: Success
7 Wait until the ZyXEL Device finishes rebooting before accessing it again.
Figure 30 Wireless Security Setup Wizard: Rebooting
8 Test your wireless connection. On a wireless client, associate to the wireless network on
the ZyXEL Device (the default network name is “ZyXEL”). See the documentation that
comes with the wireless client for more information.
41 Chapter 3 Basic
This chapter introduces shows you how to configure the WAN using the advanced
configuration screen for Internet access.
4.1 WAN Overview
You can use the advanced WA N configuration screen to configure the WAN port for Internet
access. Select the Internet access mode (Static IP, Dynamic IP, PPPoE, PPTP and L2TP)
your ISP uses on the ZyXEL Device.
4.1.1 WAN IP Address Assignment
ZyXEL NBG-415N User’s Guide
CHAPTER 4
WAN
Every computer on the Internet must have a unique IP address. If your networks are isolated
from the Internet, for instance, only between your two branch offices, you can assign any IP
addresses to the hosts without problems. However, the Internet Assigned Numbers Authority
(IANA) has reserved the following three blocks of IP addresses specifically for private
networks.
Table 12 Private IP Address Ranges
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
You can obtain your IP address from the IANA, from an ISP or have it assigned by a private
network. If you belong to a small organization and your Internet access is through an ISP, the
ISP can provide you with the Internet addresses for your local networks. On the other hand, if
you are part of a much larger organization, you should consult your network administrator for
the appropriate IP addresses.
Note: Regardless of your particular situation, do not create an arbitrary IP address;
always follow the guidelines above. For more information on address
assignment, please refer to RFC 1597, Address Allocation for Private Internets
and RFC 1466, Guidelines for Management of IP Address Space.
Chapter 4 WAN 42
ZyXEL NBG-415N User’s Guide
4.1.2 DNS Server Address Assignment
Use DNS (Domain Name System) to map a domain name to its corresponding IP address and
vice versa, for instance, the IP address of www.zyxel.com is 204.217.0.2. The DNS server is
extremely important because without it, you must know the IP address of a computer before
you can access it.
The ZyXEL Device can get the DNS server addresses in the following ways.
1 The ISP tells you the DNS server addresses, usually in the form of an information sheet,
when you sign up. If your ISP gives you DNS server addresses, manually enter them in
the DNS server fields.
2 If your ISP dynamically assigns the DNS server IP addresses (along with the ZyXEL
Device’s WAN IP address), set the DNS server fields to get the DNS server address from
the ISP.
3 You can manually enter the IP addresses of other DNS servers. These servers can be
public or private. A DNS server could even be behind a remote IPSec router.
4.2 WAN Configuration
To display the advanced WA N configuration screen, click BASIC > WAN. Fields in this
screen vary depending on the option you select in the WAN Mode field.
4.2.1 WAN Connection: Dynamic IP
Select Dynamic IP in the WA N screen when your ISP gives you a fixed public IP address.
Figure 31 Basic: WAN: Dynamic IP
43 Chapter 4 WAN
ZyXEL NBG-415N User’s Guide
The following table describes the fields in this screen.
Table 13 Basic: WAN: Dynamic IP
LABEL DESCRIPTION
MODES
WAN Select Dynamic IP if you are not given a fixed public IP address and the account
information (such as the user name and password).
Dynamic IP
Hostname This field is optional.
Enter your computer’s hostname which the ISP checks before Internet access is
allowed.
Use Unicasting Select this option If your ZyXEL Device is unable to obtain a WAN IP address
from the ISP. This allows the ZyXEL Device to accept unicast DHCP responses
from the DHCP server instead of broadcast DHCP responses.
Enable BigPond Select Enable BigPond if you subscribe to Internet service from BigPond in
Australia. Then configure the fields below with the information provided.
BigPond Settings
BigPond Server Type the IP address of the BigPond server.
BigPond User IDType the user name given to you by your ISP. You can use alphanumeric and -
_@$./ characters, and it can be up to 31 characters long.
Chapter 4 WAN 44
ZyXEL NBG-415N User’s Guide
Table 13 Basic: WAN: Dynamic IP (continued)
LABEL DESCRIPTION
BigPond
Password
Verify
Password
DNS Settings
Use these DNS
Servers
Primary/
Secondary
DNS Server
Advanced >> Click Advanced >> to display more WAN configuration fields.
<< Advanced Click << Advanced to hide the advanced WAN configuration fields.
Use the Default
MTU
MTU Enter the MTU size (between 256 and 2296). Typical values are 1500 bytes for
Link Drop Delay
MAC Cloning
Enabled
MAC Address Enter the IP address of the computer on the LAN whose MAC you are cloning.
Clone Your PC’s
MAC Address
Type the password associated with the user name above. Use up to 64 ASCII
characters except [, ] and ?. This field can be blank.
Type your password again for confirmation.
Select this option to manually enter the DNS server IP address(es) in the field(s)
provided.
Enter the IP address (provided by your ISP) of the DNS server in dotted decimal
notation.
Maximum Transmission Unit (MTU) is a parameter that determines the largest
packet size (in bytes) that the ZyXEL Device will send to the WAN. If LAN devices
send larger packets, the ZyXEL Device will break them into smaller packets.
Ideally, you should set this to match the MTU of the connection to your ISP.
Select this option to use the default MTU. Clear this checkbox to manually enter
an MTU size below.
an Ethernet connection and 1492 bytes for a PPPoE connection. Make sure the
MTU size matches the ISP’s network or Internet connection may fail.
Select this option to set the ZyXEL Device to copy the MAC address of your
computer.
It is recommended that you clone the MAC address prior to hooking up the WAN
port.
Click Clone Your PC’s MAC Address to have the ZyXEL Device automatically
copy the MAC address from your computer.
4.2.2 WAN Configuration: Static IP
Select Dynamic IP in the WA N screen when your ISP gives you a fixed public IP address.
45 Chapter 4 WAN
Figure 32 Basic: WAN: Static IP
ZyXEL NBG-415N User’s Guide
The following table describes the related fields in this screen.
Table 14 Basic: WAN: Static IP
LABEL DESCRIPTION
MODES
WAN Select Static IP if your ISP gives you a fixed public IP address.
STATIC IP
IP Address Enter the WAN IP address exactly as given by your ISP in dotted decimal
notation.
Subnet Mask Enter the IP subnet mask as given by your ISP in dotted decimal notation.
Default
Gateway
Enter the gateway IP address as given by your ISP in dotted decimal notation.
Refer to Table 13 on page 44 for other field descriptions.
4.2.3 WAN Configuration: PPPoE
If your ISP uses the PPPoE (Point-to-Point Protocol over Ethernet) protocol for Internet
access, select PPPoE in the WA N M ode field.
Chapter 4 WAN 46
ZyXEL NBG-415N User’s Guide
Figure 33 Basic: WAN: PPPoE
The following table describes the related fields in this screen.
Table 15 Basic: WAN: PPPoE
LABEL DESCRIPTION
MODES
WAN Select PPPoE if your ISP gives you Internet access account information (such as
the username and password).
PPPoE WAN
MODE
Address Mode Select Dynamic IP If your ISP did not assign you a fixed IP address. This is the
default selection.
Select Static IP If your ISP assigned a fixed IP address. The set the following
fields.
IP Address This field is applicable if you select Static IP in the Address Mode field.
Enter the IP address that your ISP gave you. This should be a static, public IP
address.
User Name Type the user name given to you by your ISP. You can use alphanumeric and -
Password Type the password associated with the user name above. Use up to 64 ASCII
Verify Password Type your password again for confirmation.
_@$./ characters, and it can be up to 31 characters long.
characters except the [, ] and ?. This field can be blank.
47 Chapter 4 WAN
Table 15 Basic: WAN: PPPoE (continued)
LABEL DESCRIPTION
Service Name Type the PPPoE service name given to you by your ISP. PPPoE uses a service
name to identify and reach the PPPoE server. You can use alphanumeric and _@$./ characters, and it can be up to 64 characters long.
Reconnect Mode Specify how you want to re-establish an Internet connection after the idle timeout.
Select Always On when you want your connection up all the time. The ZyXEL
Device will try to bring up the connection automatically if it is disconnected.
Select On Demand when you don't want the connection up all the time and
specify an idle time-out in the Maximum Idle Timeout field.
Select Manual when you want to manually re-establish the connection if it is
disconnected.
Maximum Idle
Time
This value specifies the time in seconds that elapses before the ZyXEL Device
automatically disconnects from the PPPoE server.
Refer to Table 13 on page 44 for other field descriptions.
4.2.4 WAN Connection: PPTP
ZyXEL NBG-415N User’s Guide
If your ISP uses PPTP protocol for Internet access, select PPTP in the WAN Mode field.
Figure 34 Basic: WAN: PPTP
Chapter 4 WAN 48
ZyXEL NBG-415N User’s Guide
The following table describes the related fields in this screen.
Table 16 Basic: WAN: PPTP
LABEL DESCRIPTION
MODES
WAN Select PPTP if your ISP gives you Internet access account information (such as
PPTP WAN MODE
Address Mode Select Dynamic IP If your ISP did not assign you a fixed IP address. This is the
PPTP IP Address This field is applicable if you select Static IP in the Address Mode field.
PPTP Subnet
Mask
PPTP Gateway IP
Address
PPTP Server IP
Address (may be
same as gateway)
User Name Type the user name given to you by your ISP. You can use alphanumeric and -
Password Type the password associated with the user name above. Use up to 64 ASCII
Verify Password Type your password again for confirmation.
Reconnect Mode Specify how you want to re-establish an Internet connection after the idle timeout.
Maximum Idle
Time
the username and password).
default selection.
Select Static IP If your ISP assigned a fixed IP address. The set the following
fields.
Enter the IP address that your ISP gave you. This should be a static, public IP
address.
This field is applicable if you select Static IP in the Address Mode field.
Enter the subnet mask for the IP address.
This field is applicable if you select Static IP in the Address Mode field.
Enter the IP address of the router through which this WAN connection will send
traffic (the default gateway).
Type the IP address of the PPTP server.
_@$./ characters, and it can be up to 31 characters long.
characters except the [, ] and ?. This field can be blank.
Select Always On when you want your connection up all the time. The ZyXEL
Device will try to bring up the connection automatically if it is disconnected.
Select On Demand when you don't want the connection up all the time and
specify an idle time-out in the Maximum Idle Timeout field.
Select Manual when you want to manually re-establish the connection if it is
disconnected.
This value specifies the time in seconds that elapses before the ZyXEL Device
automatically disconnects from the PPPoE server.
4.2.5 WAN Connection: L2TP
If your ISP uses L2TP protocol for Internet access, select L2TP in the WAN Mode field.
49 Chapter 4 WAN
Figure 35 Basic: WAN: L2TP
ZyXEL NBG-415N User’s Guide
The following table describes the related fields in this screen.
Table 17 Basic: WAN: L2TP
LABEL DESCRIPTION
MODES
WAN Select L2TP if your ISP gives you Internet access account information (such as
the username and password).
L2TP WAN MODE
Address Mode Select Dynamic IP If your ISP did not assign you a fixed IP address. This is the
L2TP IP Address This field is applicable if you select Static IP in the Address Mode field.
L2TP Subnet Mask This field is applicable if you select Static IP in the Address Mode field.
L2TP Gateway IP
Address
default selection.
Select Static IP If your ISP assigned a fixed IP address. The set the following
fields.
Enter the IP address that your ISP gave you. This should be a static, public IP
address.
Enter the subnet mask for the IP address.
This field is applicable if you select Static IP in the Address Mode field.
Enter the IP address of the router through which this WAN connection will send
traffic (the default gateway).
Chapter 4 WAN 50
ZyXEL NBG-415N User’s Guide
Table 17 Basic: WAN: L2TP (continued)
LABEL DESCRIPTION
L2TP Server IP
Address (may be
same as gateway)
User Name Type the user name given to you by your ISP. You can use alphanumeric and -
Password Type the password associated with the user name above. Use up to 64 ASCII
Verify Password Type your password again for confirmation.
Reconnect Mode Specify how you want to re-establish an Internet connection after the idle timeout.
Maximum Idle
Time
Type the IP address of the L2TP server.
_@$./ characters, and it can be up to 31 characters long.
characters except the [, ] and ?. This field can be blank.
Select Always On when you want your connection up all the time. The ZyXEL
Device will try to bring up the connection automatically if it is disconnected.
Select On Demand when you don't want the connection up all the time and
specify an idle time-out in the Maximum Idle Timeout field.
Select Manual when you want to manually re-establish the connection if it is
disconnected.
This value specifies the time in seconds that elapses before the ZyXEL Device
automatically disconnects from the L2TP server.
4.3 Internet Connection Test
After you have configured Internet connection settings on the ZyXEL Device, test the
connection. Launch a web browser and enter any web site address for example, http://
www.zyxel.com).
51 Chapter 4 WAN
5.1 Overview
Local Area Network (LAN) is a shared communication system to which many computers are
attached. Use LAN screen to set the IP address and subnet mask of the LAN interface on the
ZyXEL Device. You can also configure DHCP settings in the LAN screen.
Click Basic > LAN to display the configuration screen.
Figure 36 Basic: LAN
ZyXEL NBG-415N User’s Guide
CHAPTER 5
LAN
Chapter 5 LAN 52
ZyXEL NBG-415N User’s Guide
5.1.1 Router Settings
To set the LAN settings (such as the IP address, subnet mask) on the ZyXEL Device,
configure the fields in the ROUTER SETTINGS section in the LAN screen.
Figure 37 Basic: LAN: Router Settings
53 Chapter 5 LAN
ZyXEL NBG-415N User’s Guide
The following table describes the labels in this screen.
Table 18 Basic: LAN: Router Settings
LABEL DESCRIPTION
ROUTER SETTINGS
IP Address Type the IP address of your ZyXEL Device in dotted decimal notation. 192.168.1.1
is the factory default. Alternatively, click the right mouse button to copy and/or
paste the IP address.
Default Subnet
Mask
Local Domain
Name
Enable DNS Relay Select this option to set the ZyXEL Device to forward DNS requests to the ISP's
The subnet mask specifies the network number portion of an IP address. Your
ZyXEL Device automatically calculate the subnet mask based on the IP address
that you assign. Unless you are implementing subnetting, use the subnet mask
computed by the ZyXEL Device.
This field is optional.
The DHCP server on your ZyXEL Device assigns the domain name to the
computer(s) on the WLAN. for the wireless network. For example, if you enter
“mynetwork.net” here, and you have a wireless laptop with a computer name of
chris, that laptop will be known as “chris.mynetwork.net” to other computers on the
WLAN.
DNS server.
This allows computers behind the ZyXEL Device to always receive replies from a
DNS server even when the ZyXEL Device obtains a different DNS server address
from the ISP upon re-establishing the WAN connection.
5.1.2 RIP Setup
RIP (Routing Information Protocol) allows the ZyXEL Device to exchange routing
information with other routers.
RIP version controls the format and the broadcasting method of the RIP packets that the
ZyXEL Device sends (it recognizes both formats when receiving). RIP version 1 (V1)is
universally supported. RIP version 1 is probably adequate for most networks, unless you have
an unusual network topology.
RIP version 2 carries more information in the packets.Both V2 Broadcast and V2
Multicast sends the routing data in RIP version2 format; the difference being that V2
Broadcast uses subnet broadcasting while V2 Multicast uses multicasting.
To configure RIP settings on the ZyXEL Device, set the fields under RIP (ROUTING
INFORMATION PROTOCOL) section in the LAN screen.
Note: You should disable DNS relay if you have set up a DNS
server on the LAN in the Virtual Server screen.
Chapter 5 LAN 54
ZyXEL NBG-415N User’s Guide
Figure 38 Basic: LAN: RIP
The following table describes the labels in this screen.
Table 19 Basic: LAN: RIP
LABEL DESCRIPTION
RIP
Enable RIP Select this option to activate RIP on the ZyXEL Device.
RIP Operating
mode
Router Metric The metric represents the “cost” of transmission through the ZyXEL Device. IP
Allow RIP updates
from WAN
RIP Password When you set the ZyXEL Device to use RIP version 2, you may enter a password
Verify RIP
Password
Specify the RIP version the ZyXEL Device is to use.
Select V1 if the other routers do not support RIP version 2.
Select V2 Broadcast if some routers support RIP version 1 and some support RIP
version 2.
Select V2 Multicast if the ZyXEL Device is the only router on your network or that
tall other routers support RIP version 2 only.
routing uses hop count as the measurement of cost, with a minimum of 1 for
directly connected networks. Enter a number that approximates the cost for this
link. The number need not be precise, but it must be between 1 and 15. In practice,
2 or 3 is usually a good number.
Select this option to allow the ZyXEL Device to send/receive RIP packets through
the WAN port for RIP information update.
It is recommended that you disable this option unless requested to do so by your
ISP.
to allow only authorized RIP packets to the ZyXEL Device.
Enter the password if provided by your ISP.
Enter the password again to confirm.
55 Chapter 5 LAN
5.1.3 DHCP Server Settings
DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual
clients to obtain TCP/IP configuration at start-up from a server. You can configure the ZyXEL
Device as a DHCP server or disable it. When configured as a server, the ZyXEL Device
provides the TCP/IP configuration for the DHCP client. If DHCP service is disabled, you must
have another DHCP server on your LAN, or else the computer must be manually configured.
To configure DHCP settings on the ZyXEL Device, set the DHCP SERVER SETTINGS
fields in the LAN screen. You can also view the list of DHCP client computers in this screen.
Figure 39 Basic: LAN: DHCP Server Settings
ZyXEL NBG-415N User’s Guide
The following table describes the labels in this screen.
Table 20 Basic: LAN: DHCP Server Settings
LABEL DESCRIPTION
ENABLE
Enable DHCP
Server
DHCP Address
Range
Chapter 5 LAN 56
DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows
individual clients (workstations) to obtain TCP/IP configuration at startup from a
server.
Select this option to set the ZyXEL Device to assign network information (IP
address, DNS information etc.) to an Ethernet device connected to the LAN ports.
Clear this check box to stop the ZyXEL Device from acting as a DHCP server. you
must have another DHCP server on your LAN, or else the computer must be
manually configured.
The ZyXEL Device is pre-configured to provide IP addresses (ranging from
192.168.1.100 to 192.168.1.199) to DHCP clients. This configuration leaves some
IP addresses (excluding the ZyXEL Device itself) in the lower and upper ranges for
other server computers, for instance, servers for mail, FTP, TFTP, web, etc., that
you may have.
Specify the starting and end IP address for the DHCP clients.
ZyXEL NBG-415N User’s Guide
Table 20 Basic: LAN: DHCP Server Settings (continued)
LABEL DESCRIPTION
DHCP Lease
Time
Always Broadcast Some older DHSP client software disable DHCP broadcasting, thus some
NUMBER OF
DYNMAIC DHCP
CLIENTS
Computer Name This field displays the name of the DHCP client computer.
MAC Address This field displays the MAC address of the DHCP client computer.
IP Address This field displays the IP address of the DHCP client computer.
Specify the time (in minutes) a DHCP client is allowed to use the assigned IP
address from the ZyXEL Device. Once the lease time is up, the DHCP client has to
renew the lease.
computers may not be able to obtain an IP address from the ZyXEL Device.
Select this option to set the ZyXEL Device to broadcast DHCP replies. This
ensures that all LAN computers can get an IP address at the cost of increased
broadcast traffic on the LAN.
This field displays the number of DHCP clients.
5.1.4 DHCP Reservation
DHCP reservation, also known as static DHCP, allows the ZyXEL Device to assign specific IP
addresses on the LAN to specific individual computers based on their MAC addresses.
Configure DHCP Reservation settings in the LAN screen. You can also view the list of
reserved IP addresses in this screen.
Figure 40 Basic: LAN: DHCP Reservation
57 Chapter 5 LAN
ZyXEL NBG-415N User’s Guide
The following table describes the labels in this screen.
Table 21 Basic: LAN: DHCP Reservation
LABEL DESCRIPTION
ADD DHCP RESERVATION
Enable Select this option to enable static DHCP to set the ZyXEL Device to assign one IP
address on the LAN to a specific computer based on the MAC address.
Clear this check box to disable this feature.
Computer Name Enter the name of the DHCP client computer. This is for identification purposes.
You can also select the name of the client computer currently connected to the
ZyXEL Device. The ZyXEL Device automatically fills the information in the fields
below.
IP Address Type the IP address that you want to assign to the computer on your LAN.
Alternatively, select from the list of dynamic client computer names in the dropdown list box. The ZyXEL Device automatically enters the current assigned IP
address.
MAC Address Type the MAC address (with colons) of a computer on your LAN.
Or click Clone Your PC’s MAC Address to copy the MAC address of your
computer.
Save Click Save to save the settings in this part of the screen.
Clear Click Clear to start configuring this part of the screen again.
DHCP RESERVATIONS LIST
Enable Select this option to activate the static DHCP setting.
Computer Name This field displays the name of the DHCP client computer.
MAC Address This field displays the MAC address.
IP Address This field displays the IP address of the MAC address.
Chapter 5 LAN 58
ZyXEL NBG-415N User’s Guide
59 Chapter 5 LAN
This chapter shows how to configure general WLAN and WLAN security settings in the
WLAN screen.
6.1 General Wireless LAN Setup
Refer to Appendix B on page 128 for background information.
Configure general wireless LAN settings in the Wireless screen. Click Basic > Wireless to
display the configuration screen.
Figure 41 Basic: Wireless: General Setup
ZyXEL NBG-415N User’s Guide
CHAPTER 6
WLAN
Chapter 6 WLAN 60
ZyXEL NBG-415N User’s Guide
THe following table describes the related labels in this screen.
Table 22 Basic: Wireless: General Setup
LABEL DESCRIPTION
WIRELESS RADIO
STATUS
WIRELESS NETWORK SETTINS
Wireless Network
Name
Enable Auto
Channel Scan
Wireless Channel This field is disabled when you enable auto channel scan.
802.11 Mode Select 802.11b only to have the ZyXEL Device connect to an IEEE 802.11b
Channel Width Specify the wireless channel bandwidth mode the ZyXEL Device is to use.
Transmission Rate Select a transmission speed from the drop-down list box.
Visibility Status Select Invisible to hide the SSID in so a station cannot obtain the SSID through
This field displays whether the wireless LAN feature is enabled (ON) or disabled
(OFF).
You can enable and disable the wireless LAN feature on the ZyXEL Device by
using the wireless LAN switch at the rear panel of the ZyXEL Device. Refer to the
Quick Start Guide for more information.
This is also known as the SSID (Service Set IDentification), which is a unique
name to identify the ZyXEL Device in the wireless LAN. Wireless stations
associating to the ZyXEL Device must have the same SSID.
Enter a descriptive name of up to 32 printable characters (including spaces;
alphabetic characters are case-sensitive).
The radio frequency used by IEEE 802.11 wireless devices is called a channel.
Select this option to set the ZyXEL Device to automatically scan for and select the
optimum channel in the wireless network.
Select a channel from the drop-down list box.
wireless device only and vice versa.
Select Mixed 802.11b and 802.11g to have the ZyXEL Device connect to either
an IEEE 802.11g or IEEE 802.11b wireless device.
Select 802.11g only to have the ZyXEL Device connect to an IEEE 802.11g
wireless device only and vice versa.
Select 802.11ng only to have the ZyXEL Device connect to an IEEE 802.11ng
wireless device only and vice versa.
Select Mixed 802.11ng, 802.11g and 802.11b to have the ZyXEL Device connect
to either an IEEE 802.11ng, IEEE 802.11g or IEEE 802.11b wireless device.
Select 20 MHz to set the ZyXEL Device to transmit at up to 20 MHz to other
wireless devices (including draft-N compatible wireless devices). Select this option
to solve wireless connection problems in a mixed network.
Select Auto 20/40 MHz to set the ZyXEL Device to automatically switch between
the 20 MHz and 40 MHz operation. The ZyXEL Device will use 40 Mhz for
maximum transmission speed between other draft-N compatible wireless devices.
If an adjacent channel is used by an IEEE 802.11b/g device, the ZyXEL Device
reverts to use 20 MHz operation. This is the recommended option.
AP scanning.
Select Visible to make the ESSID visible so a station can obtain the SSID through
AP scanning.
61 Chapter 6 WLAN
6.2 Wireless LAN Security
Wireless LAN security is vital to your network to protect wireless communications. If you do
not enable any wireless security on your ZyXEL Device, the ZyXEL Device’s wireless
communications are accessible to any wireless networking device that is in the coverage area.
Refer to Appendix B on page 128 for background information.
Configure the wireless LAN security using the Wireless screen. Click Basic > Wireless to
display the configuration screen. This screen varies depending on the option you select in the
Security Mode field.
Figure 42 Basic: Wireless: WLAN Security Setup
ZyXEL NBG-415N User’s Guide
6.2.1 WLAN Security Setup: WEP
To configure basic WEP key encryption, select WEP in the Security Mode field in the
Wireless screen.
Chapter 6 WLAN 62
ZyXEL NBG-415N User’s Guide
Figure 43 Basic: Wireless: WLAN Security Setup: WEP
The following table describes the related fields in this screen.
Table 23 Basic: Wireless: WLAN Security Setup: WEP
LABEL DESCRIPTION
WEP
WEP Key Length WEP (Wired Equivalent Privacy) encrypts data frames before transmitting over the
Key 1 .. 4 The WEP keys are used to encrypt data. Both the ZyXEL Device and the wireless
63 Chapter 6 WLAN
wireless network.
Select 64-bit (10 hex digits or 5 ASCII char) or 128-bit (26 hex digits or 13 ASCII
char).
stations must use the same WEP key for data transmission.
If you want to manually set the WEP keys, enter the key in the field provided.
If you chose 64-bit, then enter 10 hexadecimal characters ("0-9", "A-F").
If you chose 128-bit, then enter26 hexadecimal characters ("0-9", "A-F").
The values for the WEP keys must be set up exactly the same on all wireless
devices in the same wireless LAN.
You must configure all four keys, but only one key can be used at any one time. The
default key is key 1.
Table 23 Basic: Wireless: WLAN Security Setup: WEP (continued)
LABEL DESCRIPTION
Default WEP Key Select a default WEP key to use for data encryption.
Authentication Select an authentication method. Choices are Shared Key, Open and Auto.
6.2.2 WLAN Security Setup: WPA-Personal
If you want better WLAN security than WEP but do not have a RADIUS server on your
network, select WPA-Personal in the Security Mode field in the Wireless screen.
Figure 44 Basic: Wireless: WLAN Security Setup: WPA-Personal
ZyXEL NBG-415N User’s Guide
Chapter 6 WLAN 64
ZyXEL NBG-415N User’s Guide
The following table describes the related labels in this screen.
Table 24 Basic: WLAN Security Setup: WPA-Personal
LABEL DESCRIPTION
WPA
WPA Mode Specify a WPA mode. Make sure the peer device(s) is also set to use the same
Group Key Update
Interval
PRE SHARED KEY
Pre-Shared Key Type a pre-shared key from 8 to 63 case-sensitive ASCII characters (including
WPA mode.
Select Auto (WPA or WPA2) to set the ZyXEL Device to use WPA2 first and then
WPA if connection fails with WPA2.
Select WPA Only to set the ZyXEL Device to use WPA. WPA is a older
implementation than WPA2.
Select WPA2 Only to set the ZyXEL Device to use WPA2 only.
This is the rate at which an AP or RADIUS server sends a new group key out to all
clients. The re-keying process is the WPA equivalent of automatically changing the
WEP key for an AP and all stations in a WLAN on a periodic basis.
Enter an update time in seconds.
spaces and symbols).
6.2.3 WLAN Security Setup: WPA-Enterprise
If you want better WLAN security than WEP and have a RADIUS server on your network,
select WPA-Enterprise in the Security Mode field in the Wireless screen.
65 Chapter 6 WLAN
ZyXEL NBG-415N User’s Guide
Figure 45 Basic: Wireless: WLAN Security Setup: WPA-Enterprise
Chapter 6 WLAN 66
ZyXEL NBG-415N User’s Guide
The following table describes the related labels in this screen.
Table 25 Basic: WLAN Security Setup: WPA-Enterprise
LABEL DESCRIPTION
WPA
WPA Mode Specify a WPA mode. Make sure the peer device(s) is also set to use the same
Group Key Update
Interval
EAP (802.1X)
Authentication
Timeout
RADIUS Server IP
Address
RADIUS Server
Port
RADIUS Server
Shared Secret
MAC Address
Authentication
Advanced >> Click Advanced >> to display the fields to configure the second RADIUS server.
<< Advanced Click << Advanced to hide the fields.
Optional Backup RADIUS Server
Second RADIUS
Server IP Address
Second RADIUS
Server Port
Second RADIUS
Server Shared
Secret
Second MAC
Address
Authentication
WPA mode.
Select Auto (WPA or WPA2) to set the ZyXEL Device to use WPA2 first and then
WPA if connection fails with WPA2.
Select WPA Only to set the ZyXEL Device to use WPA. WPA is a older
implementation than WPA2.
Select WPA2 Only to set the ZyXEL Device to use WPA2 only.
This is the rate at which an AP or RADIUS server sends a new group key out to all
clients. The re-keying process is the WPA equivalent of automatically changing the
WEP key for an AP and all stations in a WLAN on a periodic basis.
Enter an update time in seconds.
Specify how often wireless stations have to reenter user names and passwords in
order to stay connected. Enter a time interval between 10 and 65535 seconds.
If wireless station authentication is done using a RADIUS server, the
reauthentication timer on the RADIUS server has priority.
Enter the IP address of the external authentication server in dotted decimal
notation.
The default port of the RADIUS server for authentication is 1812.
You need not change this value unless your network administrator instructs you to
do so with additional information.
Enter a password (up to 31 alphanumeric characters) as the key to be shared
between the external authentication server and the access points.
The key is not sent over the network. This key must be the same on the external
authentication server and ZyXEL Device.
Select this option to force a user to connect from the same computer when logging
into the wireless network.
Enter the IP address of the external authentication server in dotted decimal
notation.
The default port of the RADIUS server for authentication is 1812.
You need not change this value unless your network administrator instructs you to
do so with additional information.
Enter a password (up to 31 alphanumeric characters) as the key to be shared
between the external authentication server and the access points.
The key is not sent over the network. This key must be the same on the external
authentication server and ZyXEL Device.
Select this option to force a user to connect from the same computer when logging
into the wireless network.
67 Chapter 6 WLAN
ZyXEL NBG-415N User’s Guide
6.3 Wireless Client Setup using Windows® Connect Now
With Windows® Connect Now, you can transfer wireless settings on your ZyXEL Device to a
USB memory stick and then save the settings to the wireless client computer(s). This allows
you to easily set up a wireless LAN. To take advantage of this feature, you need:
• A USB memory stick with at least 300K of available memory.
• Windows XP with Service Pack 2 (SP2).
Follow the steps below to set up a wireless LAN using Windows® Connect Now.
1 Click Start > Control Panel
and double-click Wireless
Network Setup Wizard.
2 The first wizard screen displays.
Click Next in each screen to continue.
Chapter 6 WLAN 68
ZyXEL NBG-415N User’s Guide
3 Select Set up a new wireless network to
configure a new wireless network.
4 In the Network name (SSID) field,
specify a unique name to identify your
wireless LAN.
5 Select Automatically assign a network
key to have Windows create a security
key.
6 Select Use WPA encryption instead of
WEP for data encryption.
7 Select Use a USB Flash drive to set up a
wireless network.
69 Chapter 6 WLAN
8 Connect the USB drive to your computer
and specify the drive letter in the Flash
drive field.
9 Follow the instructions on the screen.
ZyXEL NBG-415N User’s Guide
10This screen displays when you have
successfully set up a secure wireless
network. Click Finish.
11From a wireless computer, test your
wireless LAN connection to the ZyXEL
Device.
Chapter 6 WLAN 70
ZyXEL NBG-415N User’s Guide
71 Chapter 6 WLAN
This chapter describes the Advanced screens you use to configure routing and security
features.
7.1 Game Hosting
Some Internet applications (such as video conferencing and Internet games) require multiple
connections between the clients and the server. These applications do not work through NATenabled networks. Your ZyXEL Device is a NAT-enabled device. In order to allow these
applications to work in your network, you have to configure the ZyXEL Device to forward
these applications to ports on a computer hosting the services.
ZyXEL NBG-415N User’s Guide
CHAPTER 7
Advanced
To set the ZyXEL Device to forward applications to allowed ports, click Advanced > Game
Hosting to display the configuration screen.
Figure 46 Advanced: Game Hosting
Chapter 7 Advanced 72
ZyXEL NBG-415N User’s Guide
The following table describes the fields in this screen.
Table 26 Advanced: Game Hosting
LABEL DESCRIPTION
Enable Click Enable to activate this feature.
Name Enter a descriptive name for this setting.
IP Address Enter the IP address (in dotted decimal notation) of a local computer hosting the
TCP Ports to Open Specify the TCP port(s) for the application. You can enter a port number and/or a
UDP Ports to
Open
Inbound Filter Select a filter action on the traffic. Select You can configure filter actions in the
Schedule Select the name of a time setting during which this setting is active. You can
Save Click Save to save the changes of a configuration screen for the current session.
Clear Click Clear to start configuring a screen again.
Game Rules List
Enable Select this option to activate this setting. Clear this checkbox to disable this setting.
Name This field displays the descriptive name for this setting.
IP Address This field displays the IP address of the local computer to which the specified traffic
TCP Ports This field displays the TCP port(s) the specified traffic is forwarded.
UDP Ports This field displays the UDP port(s) the specified traffic is forwarded.
Inbound Filter This field displays the name of the filter on the incoming traffic.
Schedule This field displays the name of the schedule to use.
Clear this check box to deactivate this feature. Note that some Internet applications
may not work in your network behind the ZyXEL Device.
Alternatively, select a pre-defined application name from the drop-down list box.
The pre-configured port number ranges for the selected application will be
automatically displayed below.
selected service.
Alternatively, select the name of a LAN computer from the drop-down list box. The
IP address of the selected computer will be displayed in this field.
range of ports. For example, 6159-6180, 99.
Specify the UDP port(s) for the application. You can enter a port number and/or a
range of ports. For example, 6159-6180, 99.
Inbound Filter screen.
configure schedules in the Schedules screen.
is forwarded.
7.2 Virtual Server
With the virtual server (also known as port forwarding) feature, you can make inside (behind
NAT on the LAN) servers, for example, web or FTP, visible to the outside world even though
NAT makes your whole inside network appear as a single computer to the outside world.
73 Chapter 7 Advanced
You may enter a single port number or a range of port numbers to be forwarded, and the local
IP address of the desired server. The port number identifies a service; for example, web service
is on port 80 and FTP on port 21. In some cases, such as for unknown services or where one
server can support more than one service (for example both FTP and web service), it might be
better to specify a range of port numbers. You can allocate a server IP address that corresponds
to a port or a range of ports.
Many residential broadband ISP accounts do not allow you to run any server processes (such
as a Web or FTP server) from your location. Your ISP may periodically check for servers and
may suspend your account if it discovers any active services at your location. If you are
unsure, refer to your ISP.
7.2.1 Common Services and Port Numbers
The most often used port numbers are shown in the following table. Please refer to RFC 1700
for further information about port numbers.
Table 27 Virtual Server: Common Services and Port Numbers
SERVICES PORT NUMBER
ZyXEL NBG-415N User’s Guide
ECHO 7
FTP (File Transfer Protocol) 21
SMTP (Simple Mail Transfer Protocol) 25
DNS (Domain Name System) 53
Finger 79
HTTP (Hyper Text Transfer protocol or WWW, Web) 80
POP3 (Post Office Protocol) 110
NNTP (Network News Transport Protocol) 119
SNMP (Simple Network Management Protocol) 161
SNMP trap 162
PPTP (Point-to-Point Tunneling Protocol) 1723
7.2.2 Virtual Server Setup
To configure virtual server settings, click Advanced > Virtual Server.
Chapter 7 Advanced 74
ZyXEL NBG-415N User’s Guide
Figure 47 Advanced: Virtual Server
The following table describes the labels in this screen.
Table 28 Advanced: Virtual Server
LABEL DESCRIPTION
Active Select this check box to enable this virtual server setting. Clear this check box to
Name Enter a name to identify this port-forwarding rule.
IP Address Enter the inside IP address of the inside server.
Protocol Select the protocol type (TCP, UDP or Both).
Private Port Enter the port number to which you want the ZyXEL Device to translate the public
Public Port Enter the incoming port number for the selected service.
Inbound Filter Select a filter action on the traffic. Select You can configure filter actions in the
Schedule Select the name of a time setting during which this setting is active. You can
Save Click this button to save the changes of a configuration screen for the current
Clear Click this button to start configuring a screen again.
Virtual Server List
disallow forwarding of these ports to an inside server without having to delete the
entry.
Alternatively, select a pre-defined name from the drop-down list box to have the
ZyXEL Device fill in the default port numbers for the selected service.
Alternatively, select the name of a LAN computer from the drop-down list box to have
the ZyXEL Device fill in the IP address of the computer.
port.
Inbound Filter screen.
configure schedules in the Schedules screen.
session.
75 Chapter 7 Advanced
Table 28 Advanced: Virtual Server (continued)
LABEL DESCRIPTION
Enable Select this check box to enable this virtual server setting. Clear this check box to
Name This field displays the descriptive name for this setting.
IP Address This field displays the IP address of the inside server.
Protocol This field displays the protocol type.
Private Port This field displays the port number to which you want the ZyXEL Device to translate
Public Port This field displays the incoming port number.
Inbound Filter This field displays the name of the filter on the incoming traffic.
Schedule This field displays the name of the schedule to use.
7.3 Applications
ZyXEL NBG-415N User’s Guide
disallow forwarding of these ports to an inside server without having to delete the
entry.
the public port.
You can enable Application Layer Gateway (ALG) to allow certain NAT un-friendly
applications (such as SIP) to operate properly through the ZyXEL Device. Alternatively, you
can configure port triggering to allow computers on the LAN to dynamically take turns using
the service
7.3.1 Port Triggering
Some services use a dedicated range of ports on the client side and a dedicated range of ports
on the server side. With regular port forwarding (or virtual server setup) you set a forwarding
port in NAT to forward a service (coming in from the server on the WAN) to the IP address of
a computer on the client side (LAN). The problem is that port forwarding only forwards a
service to a single LAN IP address. In order to use the same service on a different LAN
computer, you have to manually replace the LAN computer's IP address in the forwarding port
with another LAN computer's IP address.
Trigger port forwarding solves this problem by allowing computers on the LAN to
dynamically take turns using the service. The ZyXEL Device records the IP address of a LAN
computer that sends traffic to the WAN to request a service with a specific port number and
protocol ("trigger" port and protocol). When the ZyXEL Device's WAN port receives a
response with a specific port number and protocol ("input" port and protocol), the ZyXEL
Device forwards the traffic to the LAN IP address of the computer that sent the request. After
that computer’s connection for that service closes, another computer on the LAN can use the
service in the same manner. This way you do not need to configure a new IP address each time
you want a different LAN computer to use the application.
Chapter 7 Advanced 76
ZyXEL NBG-415N User’s Guide
7.3.2 Configuring Special Applications
Use the Special Applications screen to configure port triggers and set up ALG passthroughs
for specific applications (such as online games).
Click Advanced > Applications to display the configuration screen.
Figure 48 Advanced: Applications
The following table describes the labels in this screen.
Table 29 Advanced: Applications
LABEL DESCRIPTION
Add Special Applications Rule
Enable Select this option to activate this rule.
Name Enter a descriptive name for identification purposes.
Alternatively, select a pre-defined application name from the drop-down list box
to have the ZyXEL Device fill in the default port numbers and protocol type for
the selected application.
Trigger Port Range The trigger port is a port (or a range of ports) that causes (or triggers) the ZyXEL
Device to record the IP address of the LAN computer that sent the traffic to a
server on the WAN.
Specify a port or a range of ports.
Trigger Protocol Select a protocol type for the application.
Input Port Range Incoming is a port (or a range of ports) that a server on the WAN uses when it
sends out a particular service. The ZyXEL Device forwards the traffic with this
port (or range of ports) to the client computer on the LAN that requested the
service.
Specify a port or a range of ports.
77 Chapter 7 Advanced
ZyXEL NBG-415N User’s Guide
Table 29 Advanced: Applications (continued)
LABEL DESCRIPTION
Input Protocol Select the protocol used by the traffic coming to the router through the opened
port range.
Schedule Select the name of a time setting during which this setting is active. You can
configure schedules in the Schedules screen.
Save Click Save to save the changes of a configuration screen for the current
session.
Clear Click Clear to start configuring a screen again.
Special Applications
Rule List
Enable Select this check box to enable this trigger port setting. Clear this check box to
deactivate it.
Name This field displays the descriptive name of this trigger port setting.
Trigger Protocol/
Ports
Input Protocol/Ports This field displays the input port (or port range) and the input protocol type.
Schedule This field displays the name of the schedule to use.
This field displays the trigger port (or port range) and the trigger protocol type.
7.4 StreamEngine
Use the StreamEngine screen to configure traffic priorities. This improves network quality
for your applications (such as online gaming). StreamEngine improves your online gaming
experience by ensuring that your game traffic is prioritized over other network traffic, such as
FTP or Web.
For better performance, use the Automatic Classification option to automatically set the
priority for your applications.
Click Advanced > StreamEngine to display the configuration screen.
TM
Chapter 7 Advanced 78
ZyXEL NBG-415N User’s Guide
Figure 49 Advanced: StreamEgine
The following table describes the labels in this screen.
Table 30 Advanced: StreamEngine
LABEL DESCRIPTION
Enable
StreamEngine
StreamEngine Setup
Automatic
Classification
Dynamic
Fragmentation
Automatic
Uplink Speed
Measured
Uplink Speed
79 Chapter 7 Advanced
Select this option to enable this feature.
Select this option to set the ZyXEL Device to automatically classify the traffic based
on the default
Select this option to set the ZyXEL Device to break up large packets with high
priority. This improves transmission quality.
Select this option to set the ZyXEL Device to automatically detect and set the
optimum WAN connection speed.
This field displays the detected transmission speed of the WAN connection that was
last established. This uplink speed may be different from the actual transmission
speed depending on your network environment and line condition.
Table 30 Advanced: StreamEngine (continued)
LABEL DESCRIPTION
ZyXEL NBG-415N User’s Guide
Manual Uplink
Speed
Connection
Type
Detected xDSL
or Framerelay
Network
Add StreamEngine Rule
Enable Select this option to enable this rule.
Name Enter a descriptive name for identification purposes.
Priority Specify a priority for the traffic type specified below. Enter a number between 1
Protocol Enter the protocol number or select a pre-defined protocol type from the drop-down
Source IP
Range
Source Port
Range
Destination IP
Range
Destination Port
Range
Save Click Save to save the settings.
Clear Click Clear to start configuring this part of the screen again.
StreamEngine Rule List
Enable Select this option to activate this rule. Clear this check box to disable this rule without
Name THis field displays the descriptive name for the rule.
Priority This field displays the priority level (1 to 255) of this rule.
Source IP
Range
Destination IP
Range
Protocol/Ports This field displays the protocol and port numbers.
This field is not applicable when you select the Automatic Uplink Speed option
above.
Enter a number or select a pre-defined choice from the drop-down list box to
manually set the uplink speed for the WAN connection.
Select Auto-detect to set the ZyXEL Device to automatically detect the Internet
connection type.
Select xDSL or Other Frame Relay Network if the ZyXEL Device connects to the
Internet via a DSL modem.
Select Cable or Other Broadband Network if the ZyXEL Device connects to the
Internet via a cable modem.
This field is applicable when you select Auto-detect in the Connection Type field.
This field displays the name of the detected line connection type.
(highest) and 255 (lowest).
list box.
Specify one or a range of source IP addresses in the fields provided. Enter the same
IP address in the to field if you want to specify one IP address.
Specify one or a range of source port numbers. Enter the same number in the to field
if you want to specify one source port.
Specify one or a range of destination IP addresses in the fields provided. Enter the
same IP address in the to field if you want to specify one IP address.
Specify one or a range of destination port numbers. Enter the same number in the to
field if you want to specify one destination port.
deleting it.
This field displays one or a range of source IP addresses.
This field displays one or a range of destination IP addresses.
Chapter 7 Advanced 80
ZyXEL NBG-415N User’s Guide
7.5 Routing
Each remote node specifies only the network to which the gateway is directly connected, and
the ZyXEL Device has no knowledge of the networks beyond. For instance, the ZyXEL
Device knows about network N2 in the following figure through remote node Router 1.
However, the ZyXEL Device is unable to route a packet to network N3 because it doesn't
know that there is a route through the same remote node Router 1 (via gateway Router 2). The
static routes are for you to tell the ZyXEL Device about the networks beyond the remote
nodes.
Figure 50 Example of Static Routing Topology
N1
N2
N3
Router 1
Router 2
To view the routing table configure static routes, click Advanced > Routing to display the
configuration screen.
81 Chapter 7 Advanced
Figure 51 Advanced: Routing
ZyXEL NBG-415N User’s Guide
The following table describes the labels in this screen.
Table 31 Advanced: Routing
LABEL DESCRIPTION
Add Route
Enable Select this option to activate this setting.
This field is not applicable for pre-defined routes.
Destination IP Enter the destination IP address in dotted decimal notation.
Netmask Enter the subnet mask.
Gateway Enter the IP address of the gateway device for the selected interface below.
Interface Select an interface to which you want to apply the setting.
Metric Metric represents the “cost” of transmission for routing purposes. IP routing uses
hop count as the measurement of cost, with a minimum of 1 for directly connected
networks. Enter a number that approximates the cost for this link. The number
need not be precise, but it must be between 1 and 15. In practice, 2 or 3 is usually
a good number.
Save Click Save to save the settings.
Clear Click Clear to start configuring this part of the screen again.
Routes List
Enable Select this option to activate this rule. Clear this check box to disable this rule
without deleting it.
Destination IP This field displays the destination IP address.
Netmask This field displays the subnet mask for the destination IP address above.
Gateway This field displays the IP address of the gateway device.
Chapter 7 Advanced 82
ZyXEL NBG-415N User’s Guide
Table 31 Advanced: Routing (continued)
LABEL DESCRIPTION
Metric This field displays the “cost” of this route.
Interface This field displays the interface to which this routing setting is applied.
Exiting Routes
Destination IP This field displays the destination IP address.
Netmask This field displays the subnet mask for the destination IP address above.
Gateway This field displays the IP address of the gateway device.
Metric This field displays the “cost” of this route.
Interface This field displays the interface to which this routing setting is applied.
Creator This field displays the person/device that created this static route on the ZyXEL
Device.
7.6 Access Control
Internet access control allows you to create and enforce Internet access policies tailored to
your needs. Access control gives you the ability to block specified computers and/or
applications from accessing the Internet. You can also set a schedule for when the ZyXEL
Device performs content filtering.
Follow the steps below to configure an access control rule.
1 Click Advanced > Access Control to display the configuration screen.
2 Select Enable Access Control to activate this feature.
Figure 52 Advanced: Access Control
3 Click Add Policy to display the wizard screen. This screen outlines the steps to create an
access control policy. Click Next.
83 Chapter 7 Advanced
ZyXEL NBG-415N User’s Guide
Figure 53 Advanced: Access Control: Wizard
4 In the first wizard screen, enter a descriptive name for identification purposes. Click Next
to continue.
Figure 54 Advanced: Access Control: Wizard: Policy Name
5 Specify the time this rule is active.
Select the name of a schedule from the drop-down list box. You can configure a schedule
in the Schedule screen.
Click Next to continue.
Figure 55 Advanced: Access Control: Wizard: Select Schedule
6 In this wizard screen, specify the address type and the Ethernet device(s) to which the
settings apply. Click Next.
Chapter 7 Advanced 84
ZyXEL NBG-415N User’s Guide
Figure 56 Advanced: Access Control: Wizard: Select Machine
The following table describes the labels in this screen.
Table 32 Advanced: Access Control: Wizard: Select Machine
LABEL DESCRIPTION
Address Type Select the address type this rule checks.
IP Address This field is applicable when you select IP in the Address Type field above.
Enter the IP address of a device to which you want to apply this rule. Alternatively,
select a device name from the drop-down list box.
MAC Address This field is applicable when you select MAC in the Address Type field.
Enter the MAc address of the device to which you want to apply this rule.
Alternatively, select a device name from the drop-down list box.
Copy Your PC’s
MAC Address
OK Click OK to add the Ethernet device settings.
Cancel Click Cancel to start configuring this part of the screen again.
Machine This field displays the IP address or MAC address of the Ethernet device(s) to
Schedule Specify the time this rule is active.
Apply Web Filter Select this option to apply the web filters you configure in the Web Filter screen.
Log Internet
Access
Filter Ports Click this button to display the fields you use to configure port filters.
Port Filter Rules
Enable Select this option to activate this rule. Clear this check box to deactivate this rule.
Name Enter a descriptive name for identification purposes.
Dest IP Start Enter the start of the destination IP address range.
Dest IP End Enter the end of the destination IP address range.
Protocol Select a protocol type from the drop-down list box.
This button is applicable when you select MAC in the Address Type field.
Click this button to copy the MAC address of your computer.
which the access control policy is applied.
Select the name of a schedule from the drop-down list box. You can configure a
schedule in the Schedule screen.
Select this option to set the ZyXEL Device to create logs for Internet access
activity.
85 Chapter 7 Advanced
ZyXEL NBG-415N User’s Guide
Table 32 Advanced: Access Control: Wizard: Select Machine (continued)
LABEL DESCRIPTION
Dest Port Start Enter the start of the destination port range.
Dest Port End Enter the end of the destination port range.
Save Click Save to save the settings in this part of the screen.
Clear Click Clear to start configuring this part of the screen again.
Access Control Rules List
Enable Select this option to activate the rule. Clear this check box to disable the rule
Policy This field displays the name of the port filter policy you configured for this access
Machine This field displays the IP or MAC address of the device to which this access control
Schedule This field displays the name of the schedule to use.
Web Filter This field indicates whether web filters apply to this access control rule.
Logged This field indicates whether Internet access activities are logged.
without deleting it.
control rule.
rule is applied.
7 Select the access control method, the filter(s) to apply and click Next.
Figure 57 Advanced: Access Control: Wizard: Filtering Method
The following table describes the labels in this screen.
Table 33 Advanced: Access Control: Wizard: Filtering Method
LABEL DESCRIPTION
Method
Log Web
Access Only
Block All
Access
Block Some
Access
Sentinel Services This field displays when you select Block Some Access.
Select this option to set the ZyXEL Device to create logs for Internet access
activity.
Select this option to disallow the specified Ethernet device(s) from accessing the
Internet.
Select this option to allow or deny access to specified destination(s).
Select this option to block access to web sites classified in the specified
category(ies).
Chapter 7 Advanced 86
ZyXEL NBG-415N User’s Guide
Table 33 Advanced: Access Control: Wizard: Filtering Method (continued)
LABEL DESCRIPTION
Apply Web Filter This field displays when you select Block Some Access.
Apply Advanced
Port Filters
Filter Ports Click this button to display the fields you use to configure port filters.
Port Filter Rules
Enable Select this option to activate this rule. Clear this check box to deactivate this rule.
Name Enter a descriptive name for identification purposes.
Dest IP Start Enter the start of the destination IP address range.
Dest IP End Enter the end of the destination IP address range.
Protocol Select a protocol type from the drop-down list box.
Dest Port Start Enter the start of the destination port range.
Dest Port End Enter the end of the destination port range.
Save Click Save to save the settings in this part of the screen.
Clear Click Clear to start configuring this part of the screen again.
Access Control Rules List
Enable Select this option to activate the rule. Clear this check box to disable the rule
Policy This field displays the name of the port filter policy you configured for this access
Machine This field displays the IP or MAC address of the device to which this access control
Schedule This field displays the name of the schedule to use.
Web Filter This field indicates whether web filters apply to this access control rule.
Logged This field indicates whether Internet access activities are logged.
Select this option to apply the web filters you configure in the Web Filter screen.
This field displays when you select Block Some Access.
Select this option to apply the web filters you configure in the Port Filter screen.
without deleting it.
control rule.
rule is applied.
8 If you select Sentinel Services in the previous screen, the Service Categories screen
displays. Use this screen to configure category-based content filtering.
This screen varies depending on what you select in the Categories Selection field.
87 Chapter 7 Advanced
ZyXEL NBG-415N User’s Guide
Figure 58 Advanced: Access Control: Wizard: Filtering Method
The following table describes the labels in this screen.
Table 34 Advanced: Access Control: Wizard: Filtering Method
LABEL DESCRIPTION
Category
Selection
Select Age
Category
Check All Select this option to select all categories below.
Block Unrated
Sites
Select By Age to block access to web sites categorized by age group.
Select Manually to select the web site categories manually.
Select an age group from the list.
Select this option to prevent users from accessing web pages that are not
categorized.
9 If you select Apply Advanced Port Filters in the previous screen, the Port Filter screen
displays. Use this screen to configure port filter(s) that blocks access to specified port(s)
on a computer.
Chapter 7 Advanced 88
ZyXEL NBG-415N User’s Guide
Figure 59 Advanced: Access Control: Wizard: Port Filter
The following table describes the labels in this screen.
Table 35 Advanced: Access Control: Wizard: Filtering Method
LABEL DESCRIPTION
Enable Select this option to activate this rule. Clear this check box to deactivate this rule.
Name Enter a descriptive name for identification purposes.
Dest IP Start Enter the start of the destination IP address range.
Dest IP End Enter the end of the destination IP address range.
Protocol Select a protocol type from the drop-down list box.
Dest Port Start Enter the start of the destination port range.
Dest Port End Enter the end of the destination port range.
10In this screen, select Enabled to set the ZyXEL Device to create logs for Internet access
activity. Select Disabled to deactivate this feature.
Figure 60 Advanced: Access Control: Wizard: Web Access Logging
11Click Save to save the settings and return to the main Access Control screen. You should
see the new access control policy in the Policy Table.
89 Chapter 7 Advanced
Figure 61 Advanced: Access Control: Example
7.7 Web Filter
The Web Filter screen gives you the ability to allow access only to web sites that you specify.
ZyXEL NBG-415N User’s Guide
Click Advanced > Web Filter to display the configuration screen.
Figure 62 Advanced: Web Filter
The following table describes the labels in this screen.
Table 36 Advanced: Web Filter
LABEL DESCRIPTION
Add Web Site
Enable Select this option to activate this setting. Clear this check box to disable it.
Chapter 7 Advanced 90
ZyXEL NBG-415N User’s Guide
Table 36 Advanced: Web Filter (continued)
LABEL DESCRIPTION
Web Site Enter the web site address to which you want to allow access. For example, if you
Save Click Save to save the settings in this part of the screen.
Clear Click Clear to start configuring this part of the screen again.
Allowed Web Site
List
Enable Select this option to allow access to this web site. Clear this check box to block
Web Site This field displays the web site address.
enter zyxel.com, the ZyXEL Device allows access to www.zyxel.com,
support.zyxel.com or product.zyxel.com, etc.
For web sites that obtain data from another web site, you need to allow access to
those web sites as well. For example, if www.zyxel.com gets a graphic file from
www.mysite.com, then you must also enter www.mysite.com in this screen.
Note: Do NOT enter “http://”.
This table lists the addresses of the web sites that you want to allow access.
access.
7.8 MAC Filter
MAC address filtering means sifting traffic going through the ZyXEL Device based on the
source and/or destination MAC addresses. You can set the ZyXEL Device to filter packets
from connected wireless clients or computers on the wired LAN.
Click Advanced > MAC Filter to display the configuration screen.
Figure 63 Advanced: MAC Filter
91 Chapter 7 Advanced
ZyXEL NBG-415N User’s Guide
The following table describes the labels in this screen.
Table 37 Advanced: MAC Filter
LABEL DESCRIPTION
Enable Select Enable MAC Address Filter to activate this setting. Clear this check box to
disable it.
Filter Settings
Mode Select only deny listed machines to block frames to/from the specified MAC
address(es).
Select only allow listed machines to forward frames to/from the specified MAC
address(es).
Filter Wireless
Clients
Filter Wired
Clients
Add MAC Address
Enable Select Enable to activate this filter setting. Clear this check box to disable it.
MAC Address Enter the MAC address (in six pairs of dotted haxidecimal notation) of a computer
Copy Your PC’s
MAC Address
Select this option to apply the filter settings to the wireless clients.
Select this option to apply the filter settings to the wired computers on the LAN.
whose traffic you want to filter. Or select a computer MAC address from the dropdown list box.
Click this button to copy the MAC address of your computer.
Note: In order for the ZyXEL Device to copy your computer’s MAC
address, your computer must be connected directly to the
ZyXEL Device.
Save Click Save to save the settings in this part of the screen.
Clear Click Clear to start configuring this part of the screen again.
MAC Address List
Enable Select this option to activate this filter setting. Clear this check box to disable it
Computer Name This field displays the name of the computer.
MAC Address This field displays the MAC address of a computer whose traffic you want to filter.
without deleting it.
Chapter 7 Advanced 92
ZyXEL NBG-415N User’s Guide
7.9 Firewall
Stateful packet inspection (SPI) firewalls restrict access by screening data packets against
defined access rules. They make access control decisions based on IP address and protocol.
They also "inspect" the session data to assure the integrity of the connection and to adapt to
dynamic protocols. These firewalls generally provide the best speed and transparency;
however, they may lack the granular application level access control or caching that some
proxies support.
The ZyXEL Device firewall is a stateful inspection firewall and is designed to protect against
Denial of Service attacks when activated. The ZyXEL Device’s purpose is to allow a private
Local Area Network (LAN) to be securely connected to the Internet. The ZyXEL Device can
be used to prevent theft, destruction and modification of data, as well as log events, which may
be important to the security of your network. The ZyXEL Device also has packet-filtering
capabilities.
7.9.1 DMZ
The DeMilitarized Zone (DMZ) provides a way for public servers (Web, e-mail, FTP, etc.) to
be visible to the outside world (while still being protected from DoS (Denial of Service)
attacks such as SYN flooding and Ping of Death). These public servers can also still be
accessed from the secure LAN.
7.9.2 ALG
Some applications cannot operate through NAT (are NAT un-friendly) because they embed IP
addresses and port numbers in their packets’ data payload. The ZyXEL Device examines and
uses IP address and port number information embedded in the data stream. When a device
behind the ZyXEL Device uses an application for which the ZyXEL Device has ALG service
enabled, the ZyXEL Device translates the device’s private IP address inside the data stream to
a public IP address. It also records session port numbers and dynamically creates implicit NAT
port forwarding and firewall rules for the application’s traffic to come in from the WAN to the
LAN.
7.9.3 NAT Endpoint Filtering
NAT Endpoint Filtering controls how the ZyXEL Device’s NAT manages incoming
connection requests to ports that are already being used. Three filtering options are available
on UDP and TCP packets.
• Endpoint Independent
Once a LAN-side application has created a connection through a specific port, NAT will
forward any incoming connection requests with the same port to the LAN-side
application regardless of their origin. This is the least restrictive option, giving the best
connectivity and allowing some applications (for example, P2P applications) to behave
almost as if they are directly connected to the Internet.
93 Chapter 7 Advanced
ZyXEL NBG-415N User’s Guide
The Endpoint Independent filters take priority over inbound filters or schedules, so it is
possible for an incoming session request related to an outgoing session to enter through a
port in spite of an active inbound filter on that port. However, packets will be rejected as
expected when sent to blocked ports (whether blocked by the schedule or by inbound
filter) for which there are no active sessions.
• Address Restricted
With the Address Restricted option, NAT forwards incoming connection requests to a
LAN-side host only when they come from the same IP address with which a connection
was established. This allows the remote application to send data back through a port
different from the one used when the outgoing session was created.
Use Address Restricted Filters to allow your ZyXEL Device to communicate with routers
using other NAT types (such as symmetric NATs) and still apply inbound filters and
scheduled access to traffic.
• Port And Address Restricted
Port and Address Restricted Filtering does not forward any incoming connection requests
with the same port address as an already establish connection. This ensures that inbound
filters and schedules work. In some cases, you may need to configure port triggers, virtual
servers, or port forwarding to open the ports used by the applications.
7.9.4 Configuring Firewall
To configure the firewall and DMZ settings, click Advanced > Firewall to display the
configuration screen.
Figure 64 Advanced: Firewall
Chapter 7 Advanced 94
ZyXEL NBG-415N User’s Guide
The following table describes the labels in this screen.
Table 38 Advanced: Firewall
LABEL DESCRIPTION
Enable SPI Select this option to activate stateful packet inspection. Clear this check box to
NAT Endpoint
Filtering
UDP Endpoint
Filtering
TCP Endpoint
Filtering
DMZ Host
Enable DMZ Select this option to activate the DMZ feature to protect the specified device on the
DMZ IP
Address
Non-UDP/TCP/
ICMP LAN
Sessions
Application Level Gateway (ALG) Application
PPTP Select this option to allow multiple computers on the LAN to connect to a remote
disable this feature.
The NAT Endpoint Filtering options control how the router's NAT manages
incoming connection requests to ports that are already being used.
Select the end-point filtering option for UDP traffic.
Select the end-point filtering option for TCP traffic.
LAN.
Enter the IP address (in dotted decimal notation) of a computer which you want to
protect on the LAN. Or select a computer IP address from the drop-down list box.
You can set your ZyXEL Device to recognize sessions initiated by a VPN
connection from the LAN to the Internet (WAN) even though the VPN connection
uses an unknown protocol type (any protocols other than UDP, TCP, and ICMP).
This feature allows a single VPN connection to a remote host without the need for
an ALG. This feature does not apply to DMZ hosts (if enabled). DMZ hosts can
handles these sessions.
Select Enable to allow a single VPN connection to a remote host. For multiple VPN
connections, the appropriate VPN ALG must be enabled.
Clear the checkbox to disable this feature. However, you must also disable the
appropriate VPN ALG to deactivate the VPN connection.
network using the PPTP protocol.
95 Chapter 7 Advanced
ZyXEL NBG-415N User’s Guide
Table 38 Advanced: Firewall (continued)
LABEL DESCRIPTION
IPSec VPN Select this option to allow multiple VPN clients to connect to a remote network
using the IPSec protocol.
This ALG may affect VPN connections for VPN clients using NAT traversal. In this
case, clear this check box to disable this ALG.
RTSP Select this option to allow applications (such as QuickTime and Real Player) that
use Real Time Streaming Protocol (RTSP) to receive streaming media from the
Internet.
Windows
Messenger
Select this feature to allow the use of Microsoft Windows Messenger on computers
in the LAN.
Note: You must also enable the SIP ALG.
FTP Select this option to allow FTP data transfer through a NAT-enabled network. You
must also set up the FTP server settings in the Virtual Server screen.
H.232
(NetMeeting)
SIP Select this option to allow devices and applications using VoIP (Voice over IP) to
Wake-On-LAN Select this option to forward "magic packets" or wake-up packets from the WAN to
MMS Select this option to allow Windows Media Player, using MMS protocol, to receive
Select this option to allow Microsoft NetMeeting clients to communicate through a
NAT-enabled network. You must also set up the NetMeeting server settings in the
Virtual Server screen.
communicate over NAT.
Clear this check box to disable this ALG if the devices/applications use NAT
traversal.
a LAN computer or device with Wake-on-LAN (WOL) feature. You must also define
the WOL server settings in the Virtual Server screen. The LAN IP address for the
virtual server is typically set to the broadcast address of 192.168.0.255. The
computer on the LAN whose MAC address is contained in the magic packet will be
awakened.
streaming data from the Internet.
7.10 Inbound Filter
An inbound filter allows you to filter packets based on IP addresses. You can use inbound
filters to control access to network resources (such as a web server) or for remote management
of the device.
Click Advanced > Inbound Filter to display the configuration screen.
Chapter 7 Advanced 96
ZyXEL NBG-415N User’s Guide
Figure 65 Advanced: Inbound Filter
The following table describes the labels in this screen.
Table 39 Advanced: Inbound Filter
LABEL DESCRIPTION
Add Inbound Filter Rule
Name Enter a descriptive name (up to 16 characters) for this filter setting. This is for
Action Select Deny to block packets from the specified IP address(es).
Source IP Range
Enable Select this option to activate the filter action on the specified IP address range.
Source IP Start Enter the start of the source IP address range.
Source IP End Enter the end of the source IP address range.
Save Click Save to save the settings in this part of the screen.
Clear Click Clear to start configuring this part of the screen again.
Inbound Filter Rules List
Name This field displays the name of the inbound filter.
Action This field displays the action on the packets from the specified IP address range.
Source IP Range This field displays the source IP address range(s).
identification purposes only.
Select Allow to forward packets from the specified IP address(es).
Clear this check box to disable the filter action on the IP address range.
97 Chapter 7 Advanced
7.11 Advanced Wireless
Refer to Appendix B on page 128 for background information.
To configure advanced wireless settings, click Advanced > Wireless to display the screen.
Figure 66 Advanced: Wireless ‘
ZyXEL NBG-415N User’s Guide
The following table describes the labels in this screen.
Table 40 Advanced: Wireless
LABEL DESCRIPTION
Advanced Wireless Settings
Transmission
Power
Beacon Period A wireless AP sets out a beacon to announce its presence and maintain an orderly
RTS Threshold The RTS (Request To Send) threshold (number of bytes) is for enabling RTS/CTS.
Fragmentation
Threshold
Chapter 7 Advanced 98
Select an option in this field to set the transmission power of the antennas to
reduce your wireless coverage area.
communication between other wireless devices.
Enter the time (between 20 and 1000 ms) the ZyXEL Device waits before sending
a beacon to the wireless clients.
Data with its frame size larger than this value will perform the RTS/CTS
handshake. Setting this value to be larger than the maximum MSDU (MAC service
data unit) size turns off RTS/CTS. Setting this value to zero turns on RTS/CTS.
Enter a new value between 0 and 2432.
This is the threshold (number of bytes) for the fragmentation boundary for directed
messages. It is the maximum data fragment size that can be sent.
Enter a value between 256 and 2432.
ZyXEL NBG-415N User’s Guide
Table 40 Advanced: Wireless (continued)
LABEL DESCRIPTION
DTIM Interval A DTIM (Delivery Traffic Indication Message) is included in a beacon to
802.11d Enable 802.11d is a wireless communication specification for countries where other
WMM Enable Select this option to activate the WM (WiFi Multi-Media) feature on the ZyXEL
Short GI Select this option to set the ZyXEL Device to use a short guard interval (GI) of
WDS Enable Select this option to activate the WDS (Wireless Distribution System) feature.
WDS AP MAC
Address
synchronize wireless transmission. DTIM is a countdown information for wireless
clients to listen to the next broadcast or multicast messages.
Enter the time (between 1 and 255 ms) the ZyXEL Device waits between sending a
beacon with DTIM.
IEEE802.11 devices are not allowed. 802.11d is suitable if you want global roaming
(that is using your wireless devices worldwide).
Select this option to enable this feature.
Device. This helps reduce latency and jitter when transmitting multi-media content
over the wireless connection.
400ns. This increases throughput at the cost of increased error rate in certain
network environments with greater radio interference.
A Distribution System (DS) is a wired connection between two or more APs, while
a WDS is a wireless connection. An AP using WDS can function as a wireless
network bridge allowing you to wirelessly connect two wired network segments.
Note: You cannot enable WPA and WDS at the same time.
These fields display when you select WDS Enable.
Enter the MAC address (in six paris of dotted haxidecimal notation) of the
neighboring AP(s) that participates in the WDS.
7.12 Schedules
You can define schedule settings on the ZyXEL Device and apply these schedule settings in
other configuration screens (such as Game Hosting and Virtual Server).
Click Advanced > Schedules to display the configuration screen.
99 Chapter 7 Advanced
Figure 67 Advanced: Schedule
The following table describes the labels in this screen.
ZyXEL NBG-415N User’s Guide
Table 41 Advanced: Schedule
LABEL DESCRIPTION
Name Enter a descriptive name (up to 16 characters) for this schedule setting. This is for
identification purposes only.
Day(s) Select All Week or Select Day(s) to specify the day(s) of the week.
All Day - 24 hrs Select this option to enable the schedule for the entire day for the specified day(s).
Start Time Set the start of the schedule.
End Time Set the end of the schedule.
Save Click Save to save the settings in this part of the screen.
Clear Click Clear to start configuring this part of the screen again.
Schedule Rules List
Name This field displays the descriptive for the schedule.
Day(s) This field displays the day of the week the schedule is active.
Time Frame This field displays the time of the day the schedule is active.
Chapter 7 Advanced 100
Loading...