P-660RU-T v2 Series
ADSL 2+ USB / Ethernet Router
User’s Guide
Version 3.40
12/2006
Edition 1
www.zyxel.com
About This User's Guide
About This User's Guide
Intended Audience
This manual is intended for people who want to configure the ZyXEL Device using the web
configurator. You should have at least a basic knowledge of TCP/IP networking concepts and
topology.
Related Documentation
• Quick Start Guide
The Quick Start Guide is designed to help you get up and running right away. It contains
information on setting up your network and configuring for Internet access.
• Web Configurator Online Help
Embedded web help for descriptions of individual screens and supplementary
information.
" It is recommended you use the web configurator to configure the ZyXEL
Device.
• Supporting Disk
Refer to the included CD for support documents.
• ZyXEL Web Site
Please refer to www.zyxel.com
certifications.
User Guide Feedback
Help us help you. Send all User Guide-related comments, questions or suggestions for
improvement to the following address, or use e-mail instead. Thank you!
The Technical Writing Team,
ZyXEL Communications Corp.,
6 Innovation Road II,
Science-Based Industrial Park,
Hsinchu, 300, Taiwan.
E-mail: techwriters@zyxel.com.tw
for additional support documentation and product
P-660RU-T v2 User’s Guide
3
Document Conventions
Document Conventions
Warnings and Notes
These are how warnings and notes are shown in this User’s Guide.
1 Warnings tell you about things that could harm you or your device.
" Notes tell you other important information (for example, other things you may
need to configure or helpful tips) or recommendations.
Syntax Conventions
• The P-660RU-T v2 may be referred to as the “ZyXEL Device”, the “device”, the
“product” or the “system” in this User’s Guide.
• Product labels, screen names, field labels and field choices are all in bold font.
• A key stroke is denoted by square brackets and uppercase text, for example, [ENTER]
means the “enter” or “return” key on your keyboard.
• “Enter” means for you to type one or more characters and then press the [ENTER] key.
“Select” or “choose” means for you to use one of the predefined choices.
• A right angle bracket ( > ) within a screen name denotes a mouse click. For example,
Maintenance > Log > Log Setting means you first click Maintenance in the navigation
panel, then the Log sub menu and finally the Log Setting tab to get to that screen.
• Units of measurement may denote the “metric” value or the “scientific” value. For
example, “k” for kilo may denote “1000” or “1024”, “M” for mega may denote “1000000”
or “1048576” and so on.
• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.
4
P-660RU-T v2 User’s Guide
Document Conventions
Icons Used in Figures
Figures in this User’s Guide may use the following generic icons. The ZyXEL Device icon is
not an exact representation of your device.
ZyXEL Device Computer Notebook computer
Server DSLAM Firewall
Telephone Switch Router
P-660RU-T v2 User’s Guide
5
Safety Warnings
Safety Warnings
1 For your safety, be sure to read and follow all warning notices and instructions.
• Do NOT use this product near water, for example, in a wet basement or near a swimming
pool.
• Do NOT expose your device to dampness, dust or corrosive liquids.
• Do NOT store things on the device.
• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk
of electric shock from lightning.
• Connect ONLY suitable accessories to the device.
• Do NOT open the device or unit. Opening or removing covers can expose you to
dangerous high voltage points or other risks. ONLY qualified service personnel should
service or disassemble this device. Please contact your vendor for further information.
• Make sure to connect the cables to the correct ports.
• Place connecting cables carefully so that no one will step on them or stumble over them.
• Always disconnect all cables from this device before servicing or disassembling.
• Use ONLY an appropriate power adaptor or cord for your device.
• Connect the power adaptor or cord to the right supply voltage (for example, 110V AC in
North America or 230V AC in Europe).
• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the
product where anyone can walk on the power adaptor or cord.
• Do NOT use the device if the power adaptor or cord is damaged as it might cause
electrocution.
• If the power adaptor or cord is damaged, remove it from the device and the power outlet.
• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a
new one.
• Do not use the device outside, and make sure all the connections are indoors. There is a
remote risk of electric shock from lightning.
• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your
device.
• Use only No. 26 AWG (American Wire Gauge) or larger telecommunication line cord.
• If you wall mount your device, make sure that no electrical lines, gas or water pipes will
be damaged.
6
This product is recyclable. Dispose of it properly.
P-660RU-T v2 User’s Guide
Safety Warnings
P-660RU-T v2 User’s Guide
7
Safety Warnings
8
P-660RU-T v2 User’s Guide
Contents Overview
Contents Overview
Introduction ............................................................................................................................23
Introducing the ZyXEL Device ...................................................................................................25
Introducing the Web Configurator .............................................................................................. 29
Wizard .....................................................................................................................................35
Wizard Setup ............................................................................................................................ 37
Advanced ................................................................................................................................49
Password Setup ........................................................................................................................ 51
LAN Setup ................................................................................................................................. 53
WAN Setup ................................................................................................................................ 59
Security ...................................................................................................................................... 69
Dynamic DNS Setup .................................................................................................................. 71
Time and Date ........................................................................................................................... 73
Remote Management Configuration .......................................................................................... 75
Universal Plug-and-Play (UPnP) ............................................................................................... 79
Network Address Translation (NAT) Screens ............................................................................ 91
Maintenance and Troubleshooting .....................................................................................101
Maintenance ............................................................................................................................ 103
Troubleshooting ........................................................................................................................115
Appendices and Index ......................................................................................................... 119
P-660RU-T v2 User’s Guide
9
Contents Overview
10
P-660RU-T v2 User’s Guide
Table of Contents
Table of Contents
About This User's Guide ..........................................................................................................3
Document Conventions............................................................................................................4
Safety Warnings........................................................................................................................6
Contents Overview ...................................................................................................................9
Table of Contents....................................................................................................................11
List of Figures .........................................................................................................................17
List of Tables...........................................................................................................................21
Part I: Introduction................................................................................. 23
Chapter 1
Introducing the ZyXEL Device...............................................................................................25
1.1 Overview .............................................................................................................................. 25
1.2 Ways to Manage the ZyXEL Device .................................................................................... 26
1.3 Good Habits for Managing the ZyXEL Device ..................................................................... 27
1.4 ZyXEL Device Hardware Installation and Connection ......................................................... 27
1.5 LEDs .................................................................................................................................... 27
Chapter 2
Introducing the Web Configurator ........................................................................................29
2.1 Web Configurator Overview ................................................................................................. 29
2.1.1 Accessing the ZyXEL Device Web Configurator ........................................................ 29
2.2 Resetting the ZyXEL Device ................................................................................................ 30
2.3 Navigating the ZyXEL Device Web Configurator ................................................................. 31
2.4 The Site Map Screen ........................................................................................................... 32
Part II: Wizard ......................................................................................... 35
Chapter 3
Wizard Setup ..........................................................................................................................37
3.1 Introduction .......................................................................................................................... 37
P-660RU-T v2 User’s Guide
11
Table of Contents
3.1.1 Encapsulation ............................................................................................................. 37
3.1.2 Multiplexing ................................................................................................................ 38
3.1.3 VPI and VCI ............................................................................................................... 38
3.1.4 Internet Access Wizard Setup: First Screen .............................................................. 38
3.2 IP Address and Subnet Mask .............................................................................................. 39
3.2.1 IP Address Assignment .............................................................................................. 39
3.2.2 Nailed-Up Connection (PPP) ..................................................................................... 40
3.2.3 NAT ............................................................................................................................ 41
3.2.4 Internet Access Wizard Setup: Second Screen ......................................................... 41
3.2.5 DHCP Setup ...............................................................................................................45
3.2.6 Internet Access Wizard Setup: Third Screen ............................................................. 45
3.2.7 Internet Access Wizard Setup: Connection Test ........................................................ 46
Part III: Advanced................................................................................... 49
Chapter 4
Password Setup...................................................................................................................... 51
4.1 Password Overview ............................................................................................................. 51
4.1.1 Configuring Password ................................................................................................ 51
Chapter 5
LAN Setup................................................................................................................................53
5.1 LAN Overview ...................................................................................................................... 53
5.1.1 LANs, WANs and the ZyXEL Device .......................................................................... 53
5.2 DNS Server Addresses .......................................................................................................54
5.3 LAN TCP/IP ......................................................................................................................... 54
5.3.1 Factory LAN Defaults ................................................................................................. 54
5.3.2 IP Address and Subnet Mask ..................................................................................... 54
5.3.3 RIP Setup ................................................................................................................... 55
5.3.4 Multicast ..................................................................................................................... 55
5.4 Any IP .................................................................................................................................. 56
5.4.1 How Any IP Works ..................................................................................................... 56
5.5 Configuring the LAN ............................................................................................................ 57
Chapter 6
WAN Setup............................................................................................................................... 59
6.1 WAN Overview .................................................................................................................... 59
6.2 Metric .................................................................................................................................. 59
6.3 PPPoE Encapsulation ......................................................................................................... 60
6.4 Traffic Shaping ..................................................................................................................... 60
6.5 Zero Configuration Internet Access ..................................................................................... 61
12
P-660RU-T v2 User’s Guide
Table of Contents
6.6 Configuring WAN Setup ....................................................................................................... 61
6.7 Traffic Redirect ................................................................................................................... 64
6.8 Configuring WAN Backup .................................................................................................... 65
Chapter 7
Security....................................................................................................................................69
7.1 Configuring Internet Security ............................................................................................... 69
Chapter 8
Dynamic DNS Setup ...............................................................................................................71
8.1 Dynamic DNS ...................................................................................................................... 71
8.1.1 DYNDNS Wildcard ..................................................................................................... 71
8.2 Configuring Dynamic DNS ................................................................................................... 71
Chapter 9
Time and Date .........................................................................................................................73
9.1 Configuring Time and Date ..................................................................................................73
Chapter 10
Remote Management Configuration .....................................................................................75
10.1 Remote Management Overview ........................................................................................ 75
10.1.1 Remote Management Limitations ............................................................................ 75
10.1.2 Remote Management and NAT ................................................................................ 76
10.1.3 System Timeout ...................................................................................................... 76
10.2 Telnet ................................................................................................................................. 76
10.3 FTP .................................................................................................................................... 76
10.4 Web ................................................................................................................................... 76
10.5 Configuring Remote Management ..................................................................................... 76
Chapter 11
Universal Plug-and-Play (UPnP)............................................................................................ 79
11.1 Introducing Universal Plug and Play (UPnP) .................................................................... 79
11.1.1 How do I know if I'm using UPnP? ........................................................................... 79
11.1.2 NAT Traversal ...........................................................................................................79
11.1.3 Cautions with UPnP ................................................................................................. 79
11.2 UPnP and ZyXEL ............................................................................................................... 80
11.2.1 Configuring UPnP ..................................................................................................... 80
11.3 Installing UPnP in Windows ............................................................................................... 80
11.3.1 Installing UPnP in Windows Me ............................................................................... 81
11.3.2 Installing UPnP in Windows XP ................................................................................ 82
11.4 Using UPnP in Windows XP: Example .............................................................................. 84
11.4.1 Web Configurator Easy Access ................................................................................ 87
P-660RU-T v2 User’s Guide
13
Table of Contents
Chapter 12
Network Address Translation (NAT) Screens.......................................................................91
12.1 NAT Overview .................................................................................................................... 91
12.1.1 NAT Definitions ........................................................................................................ 91
12.1.2 What NAT Does ....................................................................................................... 92
12.1.3 How NAT Works ....................................................................................................... 92
12.1.4 NAT Application ........................................................................................................ 93
12.1.5 NAT Mapping Types ................................................................................................. 93
12.2 SUA (Single User Account) Versus NAT ........................................................................... 94
12.3 SUA Server ........................................................................................................................ 95
12.3.1 Default Server IP Address ........................................................................................ 95
12.3.2 Port Forwarding: Services and Port Numbers .......................................................... 95
12.3.3 Configuring Servers Behind SUA (Example) ........................................................... 96
12.4 Selecting the NAT Mode ....................................................................................................96
12.5 Configuring SUA Server ....................................................................................................97
12.6 Configuring Address Mapping ........................................................................................... 98
12.7 Editing an Address Mapping Rule ..................................................................................... 99
Part IV: Maintenance and Troubleshooting ....................................... 101
Chapter 13
Maintenance ..........................................................................................................................103
13.1 Maintenance Overview .................................................................................................... 103
13.2 System Status Screen ..................................................................................................... 103
13.2.1 System Statistics .................................................................................................... 105
13.3 DHCP Table Screen ........................................................................................................ 106
13.4 Any IP Table Screen ........................................................................................................ 107
13.5 Diagnostic Screens .......................................................................................................... 108
13.5.1 Diagnostic General Screen .................................................................................... 108
13.5.2 Diagnostic DSL Line Screen .................................................................................. 109
13.6 Firmware Screen ..............................................................................................................110
13.7 Configuration Screen ....................................................................................................... . 111
13.7.1 Backup Configuration ..............................................................................................112
13.7.2 Restore Configuration .............................................................................................112
13.7.3 Reset to Factory Defaults ........................................................................................114
Chapter 14
Troubleshooting.................................................................................................................... 115
14
14.1 Power, Hardware Connections, and LEDs .......................................................................115
14.2 ZyXEL Device Access and Login .....................................................................................116
14.3 Internet Access .................................................................................................................117
P-660RU-T v2 User’s Guide
Table of Contents
Part V: Appendices and Index .............................................................119
Appendix A Product Specifications.......................................................................................121
Appendix B Setting up Your Computer’s IP Address............................................................125
Appendix C IP Addresses and Subnetting ...........................................................................141
Appendix D Pop-up Windows, JavaScripts and Java Permissions ...................................... 149
Appendix E Virtual Circuit Topology .....................................................................................155
Appendix F Legal Information ..............................................................................................157
Appendix G Customer Support ............................................................................................161
Index.......................................................................................................................................165
P-660RU-T v2 User’s Guide
15
Table of Contents
16
P-660RU-T v2 User’s Guide
List of Figures
List of Figures
Figure 1 ZyXEL Device Internet Access Application ..............................................................................25
Figure 2 ZyXEL Device LAN-to-LAN Application .................................................................................... 25
Figure 3 Password Screen ..................................................................................................................... 30
Figure 4 Change Password at Login ...................................................................................................... 30
Figure 5 Web Configurator: Site Map Screen ....................................................................................... 32
Figure 6 Internet Access Wizard Setup: First Screen ............................................................................. 39
Figure 7 Internet Connection with PPPoE .............................................................................................. 41
Figure 8 Internet Connection with RFC 1483 ........................................................................................ 42
Figure 9 Internet Connection with ENET ENCAP ...................................................................................43
Figure 10 Internet Connection with PPPoA ............................................................................................ 44
Figure 11 Internet Access Wizard Setup: Third Screen .......................................................................... 45
Figure 12 Internet Access Wizard Setup: LAN Configuration ................................................................. 46
Figure 13 Internet Access Wizard Setup: Connection Tests .................................................................. 47
Figure 14 Password ................................................................................................................................ 51
Figure 15 LAN and WAN IP Addresses .................................................................................................. 53
Figure 16 Any IP Example ...................................................................................................................... 56
Figure 17 LAN Setup .............................................................................................................................. 57
Figure 18 Example of Traffic Shaping .................................................................................................... 61
Figure 19 WAN Setup (PPPoE) .............................................................................................................. 62
Figure 20 Traffic Redirect Example ........................................................................................................ 64
Figure 21 Traffic Redirect LAN Setup ..................................................................................................... 65
Figure 22 WAN Backup .......................................................................................................................... 66
Figure 23 Internet Security ..................................................................................................................... 69
Figure 24 Dynamic DNS ......................................................................................................................... 72
Figure 25 Time and Date ........................................................................................................................ 73
Figure 26 Remote Management ............................................................................................................. 77
Figure 27 Configuring UPnP ................................................................................................................... 80
Figure 28 Add/Remove Programs: Windows Setup: Communication .................................................... 81
Figure 29 Add/Remove Programs: Windows Setup: Communication: Components .............................. 82
Figure 30 Network Connections ............................................................................................................. 82
Figure 31 Windows Optional Networking Components Wizard .............................................................. 83
Figure 32 Networking Services ............................................................................................................... 83
Figure 33 Network Connections ............................................................................................................. 84
Figure 34 Internet Connection Properties .............................................................................................. 85
Figure 35 Internet Connection Properties: Advanced Settings ............................................................... 85
Figure 36 Internet Connection Properties: Advanced Settings: Add ...................................................... 86
Figure 37 System Tray Icon .................................................................................................................... 86
Figure 38 Internet Connection Status ..................................................................................................... 87
P-660RU-T v2 User’s Guide
17
List of Figures
Figure 39 Network Connections ............................................................................................................. 88
Figure 40 Network Connections: My Network Places ............................................................................ 89
Figure 41 Network Connections: My Network Places: Properties: Example .......................................... 89
Figure 42 How NAT Works ..................................................................................................................... 92
Figure 43 NAT Application With IP Alias ................................................................................................ 93
Figure 44 Multiple Servers Behind NAT Example ..................................................................................96
Figure 45 NAT Mode .............................................................................................................................. 96
Figure 46 Edit SUA/NAT Server Set ....................................................................................................... 97
Figure 47 Address Mapping Rules ......................................................................................................... 98
Figure 48 Address Mapping Rule Edit .................................................................................................... 99
Figure 49 System Status ...................................................................................................................... 104
Figure 50 System Status: Show Statistics ............................................................................................ 105
Figure 51 DHCP Table .......................................................................................................................... 107
Figure 52 Any IP Table ......................................................................................................................... 107
Figure 53 Diagnostic: General .............................................................................................................. 108
Figure 54 Diagnostic: DSL Line ............................................................................................................ 109
Figure 55 Firmware Upgrade .................................................................................................................110
Figure 56 Network Temporarily Disconnected ....................................................................................... 111
Figure 57 Error Message .......................................................................................................................111
Figure 58 Configuration .........................................................................................................................112
Figure 59 Backup Configuration ............................................................................................................112
Figure 60 Restore Configuration ...........................................................................................................113
Figure 61 Restore Configuration Successful .........................................................................................113
Figure 62 Network Temporarily Disconnected .......................................................................................114
Figure 63 Reset to Factory Default Settings ..........................................................................................114
Figure 64 WIndows 95/98/Me: Network: Configuration ........................................................................ 126
Figure 65 Windows 95/98/Me: TCP/IP Properties: IP Address ............................................................ 127
Figure 66 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ................................................ 128
Figure 67 Windows XP: Start Menu ...................................................................................................... 129
Figure 68 Windows XP: Control Panel ................................................................................................. 129
Figure 69 Windows XP: Control Panel: Network Connections: Properties ........................................... 130
Figure 70 Windows XP: Local Area Connection Properties ................................................................. 130
Figure 71 Windows XP: Internet Protocol (TCP/IP) Properties ............................................................ 131
Figure 72 Windows XP: Advanced TCP/IP Properties ......................................................................... 132
Figure 73 Windows XP: Internet Protocol (TCP/IP) Properties ............................................................ 133
Figure 74 Macintosh OS 8/9: Apple Menu ............................................................................................ 134
Figure 75 Macintosh OS 8/9: TCP/IP ................................................................................................... 134
Figure 76 Macintosh OS X: Apple Menu .............................................................................................. 135
Figure 77 Macintosh OS X: Network .................................................................................................... 136
Figure 78 Red Hat 9.0: KDE: Network Configuration: Devices ........................................................... 137
Figure 79 Red Hat 9.0: KDE: Ethernet Device: General .................................................................... 137
Figure 80 Red Hat 9.0: KDE: Network Configuration: DNS ................................................................. 138
Figure 81 Red Hat 9.0: KDE: Network Configuration: Activate .......................................................... 138
18
P-660RU-T v2 User’s Guide
List of Figures
Figure 82 Red Hat 9.0: Dynamic IP Address Setting in ifconfig-eth0 ................................................. 139
Figure 83 Red Hat 9.0: Static IP Address Setting in ifconfig-eth0 ..................................................... 139
Figure 84 Red Hat 9.0: DNS Settings in resolv.conf ..........................................................................139
Figure 85 Red Hat 9.0: Restart Ethernet Card ................................................................................... 139
Figure 86 Red Hat 9.0: Checking TCP/IP Properties ......................................................................... 140
Figure 87 Network Number and Host ID .............................................................................................. 142
Figure 88 Subnetting Example: Before Subnetting .............................................................................. 144
Figure 89 Subnetting Example: After Subnetting .................................................................................145
Figure 90 Pop-up Blocker ..................................................................................................................... 149
Figure 91 Internet Options: Privacy ...................................................................................................... 150
Figure 92 Internet Options: Privacy ...................................................................................................... 151
Figure 93 Pop-up Blocker Settings ....................................................................................................... 151
Figure 94 Internet Options: Security ..................................................................................................... 152
Figure 95 Security Settings - Java Scripting ......................................................................................... 153
Figure 96 Security Settings - Java ........................................................................................................ 153
Figure 97 Java (Sun) ............................................................................................................................ 154
Figure 98 Virtual Circuit Topology ......................................................................................................... 155
P-660RU-T v2 User’s Guide
19
List of Figures
20
P-660RU-T v2 User’s Guide
List of Tables
List of Tables
Table 1 ADSL Standards ....................................................................................................................... 26
Table 2 LED Description ........................................................................................................................ 27
Table 3 Web Configurator Screens Summary ....................................................................................... 32
Table 4 Internet Access Wizard Setup: First Screen ............................................................................. 39
Table 5 Internet Connection with PPPoE .............................................................................................. 41
Table 6 Internet Connection with RFC 1483 .......................................................................................... 42
Table 7 Internet Connection with ENET ENCAP ...................................................................................43
Table 8 Internet Connection with PPPoA ............................................................................................... 44
Table 9 Internet Access Wizard Setup: LAN Configuration ................................................................... 46
Table 10 Password ................................................................................................................................ 51
Table 11 LAN Setup ............................................................................................................................... 58
Table 12 WAN Setup ............................................................................................................................. 62
Table 13 WAN Backup ........................................................................................................................... 66
Table 14 Internet Security ...................................................................................................................... 70
Table 15 Dynamic DNS ......................................................................................................................... 72
Table 16 Time and Date ......................................................................................................................... 74
Table 17 Remote Management ............................................................................................................. 77
Table 18 Configuring UPnP ................................................................................................................... 80
Table 19 NAT Definitions ....................................................................................................................... 91
Table 20 NAT Mapping Types ................................................................................................................ 94
Table 21 Services and Port Numbers .................................................................................................... 95
Table 22 NAT Mode ............................................................................................................................... 96
Table 23 Edit SUA/NAT Server Set ....................................................................................................... 98
Table 24 Address Mapping Rules .......................................................................................................... 99
Table 25 Address Mapping Rule Edit .................................................................................................. 100
Table 26 System Status ....................................................................................................................... 104
Table 27 System Status: Show Statistics ............................................................................................. 106
Table 28 DHCP Table .......................................................................................................................... 107
Table 29 Any IP Table .......................................................................................................................... 107
Table 30 Diagnostic: General .............................................................................................................. 109
Table 31 Diagnostic: DSL Line ............................................................................................................ 109
Table 32 Firmware Upgrade .................................................................................................................110
Table 33 Backup Configuration .............................................................................................................112
Table 34 Maintenance Restore Configuration ......................................................................................113
Table 35 Hardware Features ............................................................................................................... 121
Table 36 Firmware Specifications ........................................................................................................ 121
Table 37 Subnet Mask Example .......................................................................................................... 142
Table 38 Subnet Masks ....................................................................................................................... 143
P-660RU-T v2 User’s Guide
21
List of Tables
Table 39 Maximum Host Numbers ...................................................................................................... 143
Table 40 Alternative Subnet Mask Notation ......................................................................................... 143
Table 41 Subnet 1 ................................................................................................................................ 145
Table 42 Subnet 2 ................................................................................................................................ 146
Table 43 Subnet 3 ................................................................................................................................ 146
Table 44 Subnet 4 ................................................................................................................................ 146
Table 45 Eight Subnets ........................................................................................................................ 146
Table 46 24-bit Network Number Subnet Planning .............................................................................. 147
Table 47 16-bit Network Number Subnet Planning .............................................................................. 147
22
P-660RU-T v2 User’s Guide
PART I
Introduction
Introducing the ZyXEL Device (25)
Introducing the Web Configurator (29)
23
24
CHAPTER 1
Introducing the ZyXEL Device
This chapter introduces the main applications and features of the ZyXEL Device. It also
introduces the ways you can manage the ZyXEL Device.
1.1 Overview
Your ZyXEL Device integrates a high-speed 10/100Mbps auto-negotiating Ethernet LAN
interface, a USB 1.1 LAN interface and a high-speed ADSL port into a single package. See
Appendix A on page 121 for a complete list of features.
The ZyXEL Device is designed for high-speed Internet access at home.A typical Internet
access application is shown below.
Figure 1 ZyXEL Device Internet Access Application
You can use the ZyXEL Device to connect two geographically dispersed networks over the
ADSL line. A typical LAN-to-LAN application for your ZyXEL Device is shown as follows.
Figure 2 ZyXEL Device LAN-to-LAN Application
P-660RU-T v2 User’s Guide
25
Chapter 1 Introducing the ZyXEL Device
The ZyXEL Device is an ADSL router compatible with the ADSL/ADSL2/ADSL2+
standards. It allows super-fast, secure Internet access over the analog (POTS) or digital
(ISDN) telephone line (depending on your model). Maximum data rates attainable for each
standard are shown in the next table.
Table 1 ADSL Standards
DATA RATE STANDARD UPSTREAM
ADSL
ADSL2
ADSL2+
832 kbps 8Mbps
3.5Mbps 12Mbps
3.5Mbps 24Mbps
DOWNSTREA
M
" If your ZyXEL Device does not support Annex M, the maximum ADSL2/2+
upstream data rate is 1.2 Mbps. ZyXEL Devices which work over ISDN do not
support Annex M.
" The standard your ISP supports determines the maximum upstream and
downstream speeds attainable. Actual speeds attained also depend on the
distance from your ISP, line quality, etc.
Models ending in "1", for example P-660RU-T1, denote a device that works over the analog
telephone system, POTS (Plain Old Telephone Service). Models ending in "3" denote a device
that works over ISDN (Integrated Synchronous Digital System). Models ending in "7" denote
a device that works over T-ISDN (U-R2).
1.2 Ways to Manage the ZyXEL Device
Use any of the following methods to manage the ZyXEL Device.
• Web Configurator. This is recommended for everyday management of the ZyXEL Device
using a (supported) web browser.
• Command Line Interface. Line commands are mostly used for troubleshooting by service
engineers.
• FTP for firmware upgrades and configuration backup/restore.
• SNMP. The device can be monitored by an SNMP manager. See the SNMP chapter in this
User’s Guide.
• TR-069. TR-069 is a protocol that defines how your ZyXEL Device can be remotely
managed via a management server.
26
P-660RU-T v2 User’s Guide
Chapter 1 Introducing the ZyXEL Device
1.3 Good Habits for Managing the ZyXEL Device
Do the following things regularly to make the ZyXEL Device more secure and to manage the
ZyXEL Device more effectively.
• Change the password. Use a password that’s not easy to guess and that consists of
different types of characters, such as numbers and letters.
• Write down the password and put it in a safe place.
• Back up the configuration (and make sure you know how to restore it). Restoring an
earlier working configuration may be useful if the device becomes unstable or even
crashes, or if you forget your password and have to reset the ZyXEL Device to its factory
default settings. If you backed up an earlier configuration file, you would not have to
totally re-configure the ZyXEL Device. You could simply restore your last configuration.
1.4 ZyXEL Device Hardware Installation and Connection
Refer to the Quick Start Guide for information on hardware installation and connection.
1.5 LEDs
The following table describes the LEDs on the ZyXEL Device.
Table 2 LED Description
LED COLOR STATUS DESCRIPTION
POWER Green On The ZyXEL Device is receiving power and functioning properly.
ETHERNET Green On The ZyXEL Device has a successful Ethernet connection.
Blinking The ZyXEL Device is rebooting.
Red On The power to the ZyXEL Device is too low.
Off The ZyXEL Device is not ready or has malfunctioned.
Blinking The ZyXEL Device has a successful Ethernet connection and
is receiving or sending data.
Off The ZyXEL Device does not have an Ethernet connection.
P-660RU-T v2 User’s Guide
27
Chapter 1 Introducing the ZyXEL Device
Table 2 LED Description
LED COLOR STATUS DESCRIPTION
DSL Green On The ZyXEL Device is linked successfully to a DSLAM.
Blinking
(Slow)
Blinking
(Fast)
Off The ZyXEL Device does not have a DSL link.
INTERNET Amber On The ZyXEL Device has a PPP (PPPoA or PPPoE) connection.
Blinking The ZyXEL Device is sending or receiving PPPoA or PPPoE
Off The ZyXEL Device does not have a PPP (PPPoA or PPPoE)
USB Green On The ZyXEL Device has a successful USB connection.
Blinking The ZyXEL Device has a successful USB connection and is
Off The ZyXEL Device does not have a USB connection.
The ZyXEL Device is initializing the DSL line.
The ZyXEL Device is sending or receiving non-PPP traffic.
traffic.
connection.
sending or receiving traffic.
28
P-660RU-T v2 User’s Guide
CHAPTER 2
Introducing the Web
Configurator
This chapter describes how to access and navigate the web configurator.
2.1 Web Configurator Overview
The web configurator is an HTML-based management interface that allows easy setup and
management via an Internet browser. Use Internet Explorer 6.0 and later or Netscape
Navigator 7.0 and later versions. The recommended screen resolution is 1024 by 768 pixels.
In order to use the web configurator you need to allow:
• Web browser pop-up windows from your device. Web pop-up blocking is enabled by
default in Windows XP SP (Service Pack) 2.
• JavaScript (enabled by default).
• Java permissions (enabled by default).
2.1.1 Accessing the ZyXEL Device Web Configurator
1 Make sure your ZyXEL Device hardware is properly connected (refer to the Quick Start
Guide).
2 Prepare your computer or computer network to connect to the ZyXEL Device (refer to
Appendix B on page 125).
3 Launch your web browser.
4 Type "192.168.1.1" as the URL.
5 An Enter Network Password window displays. Enter the password (“1234” is the
default). Click Login to proceed to a screen asking you to change your password. Click
Cancel to revert to the default password in the password field.
P-660RU-T v2 User’s Guide
29
Chapter 2 Introducing the Web Configurator
Figure 3 Password Screen
6 It is highly recommended you change the default password! Enter a new password,
retype it to confirm and click Apply; alternatively click Ignore to proceed to the main
menu if you do not want to change the password now.
" If you do not change the password, the following screen appears every time
you log in.
Figure 4 Change Password at Login
7 The SITE MAP screen displays.
" The ZyXEL Device automatically times out after five minutes of inactivity.
Simply log back into the ZyXEL Device if this happens.
2.2 Resetting the ZyXEL Device
Reset the ZyXEL Device in the following situations:
30
P-660RU-T v2 User’s Guide
Chapter 2 Introducing the Web Configurator
• You forgot your password.
• You cannot access the ZyXEL Device using the web configurator. Check
Troubleshooting in the Quick Start Guide to make sure you cannot access the device
anymore.
If you reset the ZyXEL Device, you lose all of the changes you have made. The ZyXEL
Device re-loads its default settings, and the password resets to “1234”. You have to make all
of your changes again.
Note: You will lose all of your changes when you push the RESET button.
To reset the ZyXEL Device,
1 Make sure the POWER LED is on and not blinking.
2
Press and hold the RESET button for five to ten seconds. Release the RESET button
when the POWER LED begins to blink. The default settings have been restored.
If the ZyXEL Device restarts automatically, wait for the ZyXEL Device to finish restarting,
and log in to the web configurator. The password is “1234”. You have finished.
If the ZyXEL Device does not restart automatically,
Device’s power. Then, follow the directions above again.
disconnect and reconnect the ZyXEL
2.3 Navigating the ZyXEL Device Web Configurator
The following summarizes how to navigate the web configurator from the SITE MAP screen.
• Click Wizard Setup to begin a series of screens to configure your ZyXEL Device for the
first time.
• Click a link under Advanced Setup to configure advanced ZyXEL Device features.
• Click a link under Maintenance to see ZyXEL Device performance statistics, upload
firmware and back up, restore or upload a configuration file.
• Click SITE MAP to go to the Site Map screen.
• Click Logout in the navigation panel when you have finished a ZyXEL Device
management session.
P-660RU-T v2 User’s Guide
31
Chapter 2 Introducing the Web Configurator
2.4 The Site Map Screen
Figure 5 Web Configurator: Site Map Screen
Click the icon (located in the top right corner of most screens) to view embedded help.
The following table describes the labels in this screen.
Table 3 Web Configurator Screens Summary
LINK SUB-LINK FUNCTION
Wizard Setup Connection
Setup
Advanced Setup
Password Use this screen to change your password.
LAN Use this screen to configure LAN DHCP and TCP/IP settings.
WAN WAN Setup Use this screen to change the ZyXEL Device’s WAN remote
WAN Backup Use this screen to configure your traffic redirect properties and
NAT SUA Only Use this screen to configure servers behind the ZyXEL Device.
Full Feature Use this screen to configure network address translation
Security Use this screen to configure Internet security and apply the
Dynamic DNS Use this screen to set up dynamic DNS.
Time and Date Use this screen to change your ZyXEL Device’s time and date.
Remote
Management
UPnP Use this screen to enable UPnP on the ZyXEL Device.
Maintenance
System Status This screen contains administrative and system-related
DHCP Table This screen displays DHCP (Dynamic Host Configuration
Use these screens for initial configuration including ISP
parameters for Internet Access and WAN IP / DHCP server
address assignment.
node settings.
WAN backup settings.
mapping rules.
predefined filter rules.
Use this screen to configure through which interface(s) and from
which IP address(es) users can use Telnet/FTP/Web to manage
the ZyXEL Device.
information and is read-only.
Protocol) related information and is read-only.
32
P-660RU-T v2 User’s Guide
Chapter 2 Introducing the Web Configurator
Table 3 Web Configurator Screens Summary (continued)
LINK SUB-LINK FUNCTION
Any IP Table This screen displays current read-only information of all network
devices that use the Any IP feature to communicate with the
ZyXEL Device.
Diagnostic General These screens display information to help you identify problems
with the ZyXEL Device general connection.
DSL Line These screens display information to help you identify problems
Firmware Use this screen to upload firmware to your ZyXEL Device.
Configuration Use these screens to backup, restore or reset the configuration
LOGOUT Click this label to exit the web configurator.
with the DSL line.
of your ZyXEL Device.
P-660RU-T v2 User’s Guide
33
Chapter 2 Introducing the Web Configurator
34
P-660RU-T v2 User’s Guide
PART II
Wizard Setup (37)
Wizard
35
36
CHAPTER 3
Wizard Setup
This chapter provides information on the Wizard Setup screens for Internet access in the web
configurator.
3.1 Introduction
Use the Wizard Setup screens to configure your system for Internet access with the
information provided by your ISP. Your ISP may have already configured some of the fields
in the wizard screens for you.
3.1.1 Encapsulation
Be sure to use the encapsulation method required by your ISP. The ZyXEL Device supports
the following methods.
3.1.1.1 ENET ENCAP
The MAC Encapsulated Routing Link Protocol (ENET ENCAP) is only implemented with the
IP network protocol. IP packets are routed between the Ethernet interface and the WAN
interface and then formatted so that they can be understood in a bridged environment. For
instance, it encapsulates routed Ethernet frames into bridged ATM cells. ENET ENCAP
requires that you specify a gateway IP address in the ENET ENCAP Gateway field in the
second wizard screen. You can get this information from your ISP.
3.1.1.2 PPP over Ethernet
PPPoE provides access control and billing functionality in a manner similar to dial-up services
using PPP. The ZyXEL Device bridges a PPP session over Ethernet (PPP over Ethernet, RFC
2516) from your computer to an ATM PVC (Permanent Virtual Circuit) which connects to
ADSL Access Concentrator where the PPP session terminates. One PVC can support any
number of PPP sessions from your LAN. For more information on PPPoE, see the appendices.
3.1.1.3 PPPoA
PPPoA stands for Point to Point Protocol over ATM Adaptation Layer 5 (AAL5). A PPPoA
connection functions like a dial-up Internet connection. The ZyXEL Device encapsulates the
PPP session based on RFC1483 and sends it through an ATM PVC (Permanent Virtual
Circuit) to the Internet Service Provider’s (ISP) DSLAM (Digital Subscriber Line (DSL)
Access Multiplexer). Please refer to RFC 2364 for more information on PPPoA. Refer to RFC
1661 for more information on PPP.
P-660RU-T v2 User’s Guide
37
Chapter 3 Wizard Setup
3.1.1.4 RFC 1483
RFC 1483 describes two methods for Multiprotocol Encapsulation over ATM Adaptation
Layer 5 (AAL5). The first method allows multiplexing of multiple protocols over a single
ATM virtual circuit (LLC-based multiplexing) and the second method assumes that each
protocol is carried over a separate ATM virtual circuit (VC-based multiplexing). Please refer
to the RFC for more detailed information.
3.1.2 Multiplexing
There are two conventions to identify what protocols the virtual circuit (VC) is carrying. Be
sure to use the multiplexing method required by your ISP.
3.1.2.1 VC-based Multiplexing
In this case, by prior mutual agreement, each protocol is assigned to a specific virtual circuit;
for example, VC1 carries IP, etc. VC-based multiplexing may be dominant in environments
where dynamic creation of large numbers of ATM VCs is fast and economical.
3.1.2.2 LLC-based Multiplexing
In this case one VC carries multiple protocols with protocol identifying information being
contained in each packet header. Despite the extra bandwidth and processing overhead, this
method may be advantageous if it is not practical to have a separate VC for each carried
protocol, for example, if charging heavily depends on the number of simultaneous VCs.
3.1.3 VPI and VCI
Be sure to use the correct Virtual Path Identifier (VPI) and Virtual Channel Identifier (VCI)
numbers assigned to you. The valid range for the VPI is 0 to 255 and for the VCI is 32 to
65535 (0 to 31 is reserved for local management of ATM traffic). Please see the appendix for
more information.
3.1.4 Internet Access Wizard Setup: First Screen
In the SITE MAP screen click Wizard Setup to display the first wizard screen.
38
P-660RU-T v2 User’s Guide
Chapter 3 Wizard Setup
Figure 6 Internet Access Wizard Setup: First Screen
The following table describes the labels in this screen.
Table 4 Internet Access Wizard Setup: First Screen
LABEL DESCRIPTION
Mode From the Mode drop-down list box, select Routing (default) if your ISP allows
multiple computers to share an Internet account. Otherwise select Bridge.
Encapsulation Select the encapsulation type your ISP uses from the Encapsulation drop-down list
box. Choices vary depending on what you select in the Mode field.
If you select Bridge in the Mode field, select either PPPoA or RFC 1483.
If you select Routing in the Mode field, select PPPoA, RFC 1483, ENET ENCAP or
PPPoE.
Multiplex Select the multiplexing method used by your ISP from the Multiplex drop-down list
Virtual Circuit IDVPI (Virtual Path Identifier) and VCI (Virtual Channel Identifier) define a virtual circuit.
VPI Enter the VPI assigned to you. This field may already be configured.
VCI Enter the VCI assigned to you. This field may already be configured.
Next Click this button to go to the next wizard screen. The next wizard screen you see
box either VC-based or LLC-based.
Refer to the appendix for more information.
depends on what protocol you chose above. Click on the protocol link to see the next
wizard screen for that protocol.
3.2 IP Address and Subnet Mask
See Appendix C on page 141 for background information on IP addresses and subnetting.
3.2.1 IP Address Assignment
A static IP is a fixed IP that your ISP gives you. A dynamic IP is not fixed; the ISP assigns you
a different one each time. The Single User Account feature can be enabled or disabled if you
have either a dynamic or static IP. However the encapsulation method assigned influences
your choices for IP address and ENET ENCAP gateway.
P-660RU-T v2 User’s Guide
39
Chapter 3 Wizard Setup
3.2.1.1 IP Assignment with PPPoA or PPPoE Encapsulation
If you have a dynamic IP, then the IP Address and ENET ENCAP Gateway fields are not
applicable (N/A). If you have a static IP, then you only need to fill in the IP Address field and
not the ENET ENCAP Gateway field.
3.2.1.2 IP Assignment with RFC 1483 Encapsulation
In this case the IP Address Assignment must be static with the same requirements for the IP
Address and ENET ENCAP Gateway fields as stated above.
3.2.1.3 IP Assignment with ENET ENCAP Encapsulation
In this case you can have either a static or dynamic IP. For a static IP you must fill in all the IP
Address and ENET ENCAP Gateway fields as supplied by your ISP. However for a
dynamic IP, the ZyXEL Device acts as a DHCP client on the WAN port and so the IP
Address and ENET ENCAP Gateway fields are not applicable (N/A) as the DHCP server
assigns them to the ZyXEL Device.
3.2.1.4 Private IP Addresses
Every machine on the Internet must have a unique address. If your networks are isolated from
the Internet, for example, only between your two branch offices, you can assign any IP
addresses to the hosts without problems. However, the Internet Assigned Numbers Authority
(IANA) has reserved the following three blocks of IP addresses specifically for private
networks:
• 10.0.0.0 — 10.255.255.255
• 172.16.0.0 — 172.31.255.255
• 192.168.0.0 — 192.168.255.255
You can obtain your IP address from the IANA, from an ISP or it can be assigned from a
private network. If you belong to a small organization and your Internet access is through an
ISP, the ISP can provide you with the Internet addresses for your local networks. On the other
hand, if you are part of a much larger organization, you should consult your network
administrator for the appropriate IP addresses.
" Regardless of your particular situation, do not create an arbitrary IP address;
always follow the guidelines above. For more information on address
assignment, please refer to RFC 1597, Address Allocation for Private Internets
and RFC 1466, Guidelines for Management of IP Address Space.
3.2.2 Nailed-Up Connection (PPP)
A nailed-up connection is a dial-up line where the connection is always up regardless of traffic
demand. The ZyXEL Device does two things when you specify a nailed-up connection. The
first is that idle timeout is disabled. The second is that the ZyXEL Device will try to bring up
the connection when turned on and whenever the connection is down. A nailed-up connection
can be very expensive for obvious reasons.
40
P-660RU-T v2 User’s Guide
Do not specify a nailed-up connection unless your telephone company offers flat-rate service
or you need a constant connection and the cost is of no concern
3.2.3 NAT
NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a
host in a packet, for example, the source address of an outgoing packet, used within one
network to a different IP address known within another network.
3.2.4 Internet Access Wizard Setup: Second Screen
The second wizard screen varies depending on what mode and encapsulation type you use. All
screens shown are with routing mode. Configure the fields and click Next to continue.
Figure 7 Internet Connection with PPPoE
Chapter 3 Wizard Setup
The following table describes the labels in this screen.
Table 5 Internet Connection with PPPoE
LABEL DESCRIPTION
Service Name Type the name of your PPPoE service here.
User Name Enter the user name exactly as your ISP assigned. If assigned a name in the form
Password Enter the password associated with the user name above.
IP Address A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not
P-660RU-T v2 User’s Guide
user@domain
exactly as given.
fixed; the ISP assigns you a different one each time you connect to the Internet.
Select Obtain an IP Address Automatically if you have a dynamic IP address;
otherwise select Static IP Address and type your ISP assigned IP address in the text
box below.
where domain identifies a service name, then enter both components
41
Chapter 3 Wizard Setup
Table 5 Internet Connection with PPPoE (continued)
LABEL DESCRIPTION
Connection Select Connect on Demand when you don't want the connection up all the time and
Network
Address
Translation
Back Click Back to go back to the first wizard screen.
Next Click Next to continue to the next wizard screen.
Figure 8 Internet Connection with RFC 1483
specify an idle time-out (in seconds) in the Max. Idle Timeout field. The default
setting selects Connection on Demand with 0 as the idle time-out, which means the
Internet session will not timeout.
Select Nailed-Up Connection when you want your connection up all the time. The
ZyXEL Device will try to bring up the connection automatically if it is disconnected.
Select None, SUA Only or Full Feature from the drop-sown list box. Refer to the
NAT chapter for more details.
The following table describes the labels in this screen.
Table 6 Internet Connection with RFC 1483
LABEL DESCRIPTION
IP Address This field is available if you select Routing in the Mode field.
Type your ISP assigned IP address in this field.
Network Address
Translation
Back Click Back to go back to the first wizard screen.
Next Click Next to continue to the next wizard screen.
Select None, SUA Only or Full Feature from the drop-down list box. Refer to
Chapter 12 on page 91 for more details.
42
P-660RU-T v2 User’s Guide
Chapter 3 Wizard Setup
Figure 9 Internet Connection with ENET ENCAP
The following table describes the labels in this screen.
Table 7 Internet Connection with ENET ENCAP
LABEL DESCRIPTION
IP Address A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not
fixed; the ISP assigns you a different one each time you connect to the Internet.
Select Obtain an IP Address Automatically if you have a dynamic IP address;
otherwise select Static IP Address and type your ISP assigned IP address in the IP
Address text box below.
Subnet Mask Enter a subnet mask in dotted decimal notation.
Refer to Appendix C on page 141 to calculate a subnet mask If you are implementing
subnetting.
ENET
ENCAP
Gateway
Network
Address
Translation
Back Click Back to go back to the first wizard screen.
Next Click Next to continue to the next wizard screen.
You must specify a gateway IP address (supplied by your ISP) when you use ENET
ENCAP in the Encapsulation field in the previous screen.
Select None, SUA Only or Full Feature from the drop-down list box. Refer to the NAT
chapter for more details.
P-660RU-T v2 User’s Guide
43
Chapter 3 Wizard Setup
Figure 10 Internet Connection with PPPoA
The following table describes the labels in this screen.
Table 8 Internet Connection with PPPoA
LABEL DESCRIPTION
User Name Enter the login name that your ISP gives you.
Password Enter the password associated with the user name above.
IP Address This option is available if you select Routing in the Mode field.
A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is not
fixed; the ISP assigns you a different one each time you connect to the Internet.
Click Obtain an IP Address Automatically if you have a dynamic IP address;
otherwise click Static IP Address and type your ISP assigned IP address in the IP
Address text box below.
Connection Select Connect on Demand when you don't want the connection up all the time and
specify an idle time-out (in seconds) in the Max. Idle Timeout field. The default
setting selects Connection on Demand with 0 as the idle time-out, which means the
Internet session will not timeout.
Select Nailed-Up Connection when you want your connection up all the time. The
ZyXEL Device will try to bring up the connection automatically if it is disconnected.
Network
Address
Translation
Back Click Back to go back to the first wizard screen.
Next Click Next to continue to the next wizard screen.
This option is available if you select Routing in the Mode field.
Select None, SUA Only or Full Feature from the drop-sown list box. Refer to
Chapter 12 on page 91 for more details.
44
P-660RU-T v2 User’s Guide
3.2.5 DHCP Setup
DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual
clients to obtain TCP/IP configuration at start-up from a server. You can configure the ZyXEL
Device as a DHCP server or disable it. When configured as a server, the ZyXEL Device
provides the TCP/IP configuration for the clients. If you turn DHCP service off, you must
have another DHCP server on your LAN, or else the computer must be manually configured.
3.2.5.1 IP Pool Setup
The ZyXEL Device is pre-configured with a pool of IP addresses for the DHCP clients (DHCP
Pool). See the product specifications in the appendices. Do not assign static IP addresses from
the DHCP pool to your LAN computers.
3.2.6 Internet Access Wizard Setup: Third Screen
Verify the settings in the screen shown next.
Figure 11 Internet Access Wizard Setup: Third Screen
Chapter 3 Wizard Setup
If you want to change your ZyXEL Device LAN settings, click Change LAN Configuration
to display the screen shown next. Otherwise, click Log on to the Internet! to save the
configuration. Skip to Section 3.2.7 on page 46.
P-660RU-T v2 User’s Guide
45
Chapter 3 Wizard Setup
Figure 12 Internet Access Wizard Setup: LAN Configuration
The following table describes the labels in this screen.
Table 9 Internet Access Wizard Setup: LAN Configuration
LABEL DESCRIPTION
LAN IP Address Enter the IP address of your ZyXEL Device in dotted decimal notation, for
example, 192.168.1.1 (factory default).
Note: If you changed the ZyXEL Device's LAN IP address, you
must use the new IP address if you want to access
the web configurator again.
LAN Subnet Mask Enter a subnet mask in dotted decimal notation.
DHCP
DHCP Server From the DHCP Server drop-down list box, select On to allow your ZyXEL
Device to assign IP addresses, an IP default gateway and DNS servers to
computer systems that support the DHCP client. Select Off to disable DHCP
server.
When DHCP server is used, set the following items:
Client IP Pool Starting
Address
Size of Client IP Pool This field specifies the size or count of the IP address pool.
Primary DNS Server Enter the IP addresses of the DNS servers. The DNS servers are passed to
Secondary DNS
Server
Back Click Back to go back to the previous screen.
Finish Click Finish to save the settings and proceed to the next wizard screen.
This field specifies the first of the contiguous addresses in the IP address
pool.
the DHCP clients along with the IP address and the subnet mask.
As above.
3.2.7 Internet Access Wizard Setup: Connection Test
46
The ZyXEL Device automatically tests the connection to the computer(s) connected to the
LAN ports. To test the connection from the ZyXEL Device to the ISP, click Start Diagnose.
Otherwise click Return to Main Menu to go back to the Site Map screen.
P-660RU-T v2 User’s Guide
Figure 13 Internet Access Wizard Setup: Connection Tests
3.2.7.1 Test Your Internet Connection
Launch your web browser and navigate to www.zyxel.com
beginning. Refer to the rest of this User’s Guide for more detailed information on the complete
range of ZyXEL Device features. If you cannot access the Internet, open the web configurator
again to confirm that the Internet settings you configured in the Wizard Setup are correct.
Chapter 3 Wizard Setup
. Internet access is just the
P-660RU-T v2 User’s Guide
47
Chapter 3 Wizard Setup
48
P-660RU-T v2 User’s Guide
PART III
Advanced
Password Setup (51)
LAN Setup (53)
WA N S e t u p (5 9 )
Security (69)
Dynamic DNS Setup (71)
Time and Date (73)
Remote Management Configuration (75)
Universal Plug-and-Play (UPnP) (79)
Network Address Translation (NAT) Screens (91)
49
50
CHAPTER 4
Password Setup
This chapter provides information on the Password screen.
4.1 Password Overview
It is strongly recommended that you change the password for accessing the ZyXEL Device.
4.1.1 Configuring Password
To change your ZyXEL Device’s password (recommended), click Password in the Site Map
screen. The screen appears as shown.
Figure 14 Password
The following table describes the labels in this screen.
Table 10 Password
LABEL DESCRIPTION
Old Password Type the default password or the existing password you use to access the system
New Password Type the new password in this field.
Retype to Confirm Type the new password again in this field.
Apply Click Apply to save your changes back to the ZyXEL Device.
Cancel Click Cancel to begin configuring this screen afresh.
P-660RU-T v2 User’s Guide
in this field.
51
Chapter 4 Password Setup
52
P-660RU-T v2 User’s Guide
CHAPTER 5
LAN Setup
This chapter describes how to configure LAN settings.
5.1 LAN Overview
A Local Area Network (LAN) is a shared communication system to which many computers
are attached. A LAN is a computer network limited to the immediate area, usually the same
building or floor of a building. The LAN screens can help you configure a LAN DHCP server
and manage IP addresses.
5.1.1 LANs, WANs and the ZyXEL Device
The actual physical connection determines whether the ZyXEL Device ports are LAN or
WAN ports. There are two separate IP networks, one inside the LAN network and the other
outside the WAN network, as shown next.
Figure 15 LAN and WAN IP Addresses
P-660RU-T v2 User’s Guide
53
Chapter 5 LAN Setup
5.2 DNS Server Addresses
DNS (Domain Name System) maps a domain name to its corresponding IP address and vice
versa. The DNS server is extremely important because without it, you must know the IP
address of a computer before you can access it. The DNS server addresses you enter when you
set up DHCP are passed to the client machines along with the assigned IP address and subnet
mask.
There are two ways that an ISP disseminates the DNS server addresses.
• The ISP tells you the DNS server addresses, usually in the form of an information sheet,
when you sign up. If your ISP gives you DNS server addresses, enter them in the DNS
Server fields in the LAN Setup screen.
• Some ISPs choose to disseminate the DNS server addresses using the DNS server
extensions of IPCP (IP Control Protocol) after the connection is up. If your ISP did not
give you explicit DNS servers, chances are the DNS servers are conveyed through IPCP
negotiation. The ZyXEL Device supports the IPCP DNS server extensions through the
DNS proxy feature.
The ZyXEL Device acts as a DNS proxy when the Primary and Secondary DNS Server
fields are left blank in the LAN Setup screen.
Please note that DNS proxy works only when the ISP uses the IPCP DNS server
extensions. It does not mean you can leave the DNS servers out of the DHCP setup under
all circumstances. If your ISP gives you explicit DNS servers, make sure that you enter
their IP addresses in the LAN Setup screen.
5.3 LAN TCP/IP
The ZyXEL Device has built-in DHCP server capability that assigns IP addresses and DNS
servers to systems that support DHCP client capability.
5.3.1 Factory LAN Defaults
The LAN parameters of the ZyXEL Device are preset in the factory with the following values:
• IP address of 192.168.1.1 with subnet mask of 255.255.255.0 (24 bits)
• DHCP server enabled with 32 client IP addresses starting from 192.168.1.33.
These parameters should work for the majority of installations. If your ISP gives you explicit
DNS server address(es), read the embedded web configurator help regarding what fields need
to be configured.
5.3.2 IP Address and Subnet Mask
54
Refer to Section 3.2 on page 39 for this information.
P-660RU-T v2 User’s Guide
5.3.3 RIP Setup
RIP (Routing Information Protocol) allows a router to exchange routing information with
other routers. The RIP Direction field controls the sending and receiving of RIP packets.
When set to:
• None - the ZyXEL Device will not send any RIP packets and will ignore any RIP packets
received.
• Both - the ZyXEL Device will broadcast its routing table periodically and incorporate the
RIP information that it receives.
• In Only - the ZyXEL Device will not send any RIP packets but will accept all RIP packets
received.
• Out Only - the ZyXEL Device will send out RIP packets but will not accept any RIP
packets received.
The Version field controls the format and the broadcasting method of the RIP packets that the
ZyXEL Device sends (it recognizes both formats when receiving). RIP-1 is universally
supported; but RIP-2 carries more information. RIP-1 is probably adequate for most
networks, unless you have an unusual network topology.
Both RIP-2B and RIP-2M sends the routing data in RIP-2 format; the difference being that
RIP-2B uses subnet broadcasting while RIP-2M uses multicasting.
Chapter 5 LAN Setup
5.3.4 Multicast
Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender - 1
recipient) or Broadcast (1 sender - everybody on the network). Multicast delivers IP packets to
a group of hosts on the network - not everybody and not just 1.
IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish
membership in a Multicast group - it is not used to carry user data. IGMP version 2 (RFC
2236) is an improvement over version 1 (RFC 1112) but IGMP version 1 is still in wide use. If
you would like to read more detailed information about interoperability between IGMP
version 2 and version 1, please see sections 4 and 5 of RFC 2236. The class D IP address is
used to identify host groups and can be in the range 224.0.0.0 to 239.255.255.255. The address
224.0.0.0 is not assigned to any group and is used by IP multicast computers. The address
224.0.0.1 is used for query messages and is assigned to the permanent group of all IP hosts
(including gateways). All hosts must join the 224.0.0.1 group in order to participate in IGMP.
The address 224.0.0.2 is assigned to the multicast routers group.
The ZyXEL Device supports both IGMP version 1 (IGMP-v1) and IGMP version 2 (IGMP-
v2). At start up, the ZyXEL Device queries all directly connected networks to gather group
membership. After that, the ZyXEL Device periodically updates this information. IP
multicasting can be enabled/disabled on the ZyXEL Device LAN and/or WAN interfaces in
the web configurator (LAN; WAN). Select None to disable IP multicasting on these
interfaces.
P-660RU-T v2 User’s Guide
55
Chapter 5 LAN Setup
5.4 Any IP
Traditionally, you must set the IP addresses and the subnet masks of a computer and the
ZyXEL Device to be in the same subnet to allow the computer to access the Internet (through
the ZyXEL Device). In cases where your computer is required to use a static IP address in
another network, you may need to manually configure the network settings of the computer
every time you want to access the Internet via the ZyXEL Device.
With the Any IP feature and NAT enabled, the ZyXEL Device allows a computer to access the
Internet without changing the network settings (such as IP address and subnet mask) of the
computer, when the IP addresses of the computer and the ZyXEL Device are not in the same
subnet. Whether a computer is set to use a dynamic or static (fixed) IP address, you can
simply connect the computer to the ZyXEL Device and access the Internet.
The following figure depicts a scenario where a computer is set to use a static private IP
address in the corporate environment. In a residential house where a ZyXEL Device is
installed, you can still use the computer to access the Internet without changing the network
settings, even when the IP addresses of the computer and the ZyXEL Device are not in the
same subnet.
Figure 16 Any IP Example
The Any IP feature does not apply to a computer using either a dynamic IP address or a static
IP address that is in the same subnet as the ZyXEL Device’s IP address.
" You must enable NAT/SUA to use the Any IP feature on the ZyXEL Device.
5.4.1 How Any IP Works
Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP
address) to a physical machine address, also known as a Media Access Control or MAC
address, on the local area network. IP routing table is defined on IP Ethernet devices (the
ZyXEL Device) to decide which hop to use,
destination.
56
to help forward data along to its specified
P-660RU-T v2 User’s Guide
Chapter 5 LAN Setup
The following lists out the steps taken, when a computer tries to access the Internet for the first
time through the ZyXEL Device.
1 When a computer (which is in a different subnet) first attempts to access the Internet, it
sends packets to its default gateway (which is not the ZyXEL Device) by looking at the
MAC address in its ARP table.
2 When the computer cannot locate the default gateway, an ARP request is broadcast on
the LAN.
3 The ZyXEL Device receives the ARP request and replies to the computer with its own
MAC address.
4 The computer updates the MAC address for the default gateway to the ARP table. Once
the ARP table is updated, the computer is able to access the Internet through the ZyXEL
Device.
5 When the ZyXEL Device receives packets from the computer, it creates an entry in the
IP routing table so it can properly forward packets intended for the computer.
After all the routing information is updated, the computer can access the ZyXEL Device and
the Internet as if it is in the same subnet as the ZyXEL Device.
5.5 Configuring the LAN
Click LAN to open the following screen.
Figure 17 LAN Setup
P-660RU-T v2 User’s Guide
57
Chapter 5 LAN Setup
The following table describes the labels in this screen.
Tabl e 11 LAN Setup
LABEL DESCRIPTION
DHCP
DHCP If set to Server, your ZyXEL Device can assign IP addresses, an IP default
Client IP Pool
Starting Address
Size of Client IP
Pool
Primary /
Secondary DNS
Server
Remote DHCP
Server
TCP/IP
IP Address Enter the IP address of your ZyXEL Device in dotted decimal notation, for
IP Subnet Mask Type the subnet mask assigned to you by your ISP (if given).
RIP Direction RIP (Routing Information Protocol) allows a router to exchange routing
RIP Version Select the RIP version from RIP-1, RIP-2B and RIP-2M.
Multicast Select which version of IGMP the ZyXEL Device uses to support multicasting on
Any IP Setup Select the Active checkbox to enable the Any IP feature. This allows a computer
Apply Click Apply to save your changes.
Cancel Click Cancel to begin configuring this screen afresh.
gateway and DNS servers to Windows 95, Windows NT and other systems that
support the DHCP client.
If set to None, the DHCP server will be disabled.
If set to Relay, the ZyXEL Device acts as a surrogate DHCP server and relays
DHCP requests and responses between the remote server and the clients. Enter
the IP address of the actual, remote DHCP server in the Remote DHCP Server
field in this case.
When DHCP is used, the following items need to be set:
This field specifies the first of the contiguous addresses in the IP address pool.
This field specifies the size or count of the IP address pool.
Enter the IP addresses of the DNS servers. The DNS servers are passed to the
DHCP clients along with the IP address and the subnet mask.
If Relay is selected in the DHCP field above then enter the IP address of the
actual remote DHCP server here.
example, 192.168.1.1 (factory default).
information with other routers. Use this field to control how much routing
information the ZyXEL Device sends and receives on the subnet.
Select the RIP direction from None, Both, In Only and Out Only.
the LAN. Multicast packets are sent to a group of computers on the LAN and are
an alternative to unicast packets (packets sent to one computer) and broadcast
packets (packets sent to every computer).
IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to
establish membership in a multicast group. The ZyXEL Device supports both
IGMP version 1 (IGMP-v1) and IGMP-v2. Select None to disable it.
to access the Internet without changing the network settings (such as IP address
and subnet mask) of the computer, even when the IP addresses of the computer
and the ZyXEL Device are not in the same subnet.
When you disable the Any IP feature, only computers with dynamic IP addresses
or static IP addresses in the same subnet as the ZyXEL Device’s LAN IP
address can connect to the ZyXEL Device or access the Internet through the
ZyXEL Device.
58
P-660RU-T v2 User’s Guide
CHAPTER 6
WAN Setup
This chapter describes how to configure WAN settings.
6.1 WAN Overview
A WAN (Wide Area Network) is an outside connection to another network or the Internet.
See Section on page 31 for more information on the fields in the WAN screens.
6.2 Metric
The metric represents the "cost of transmission". A router determines the best route for
transmission by choosing a path with the lowest "cost". RIP routing uses hop count as the
measurement of cost, with a minimum of "1" for directly connected networks. The number
must be between "1" and "15"; a number greater than "15" means the link is down. The
smaller the number, the lower the "cost".
The metric sets the priority for the ZyXEL Device’s routes to the Internet. If any two of the
default routes have the same metric, the ZyXEL Device uses the following pre-defined
priorities:
• Normal route: designated by the ISP (see Section 6.5 on page 61)
• Traffic-redirect route (see Section 6.7 on page 64)
• WAN-backup route, also called dial-backup (see Section 6.8 on page 65)
For example, if the normal route has a metric of "1" and the traffic-redirect route has a metric
of "2" and dial-backup route has a metric of "3", then the normal route acts as the primary
default route. If the normal route fails to connect to the Internet, the ZyXEL Device tries the
traffic-redirect route next. In the same manner, the ZyXEL Device uses the dial-backup route
if the traffic-redirect route also fails.
If you want the dial-backup route to take first priority over the traffic-redirect route or even the
normal route, all you need to do is set the dial-backup route’s metric to "1" and the others to
"2" (or greater).
" IP Policy Routing overrides the default routing behavior and takes priority over
all of the routes mentioned above.
P-660RU-T v2 User’s Guide
59
Chapter 6 WAN Setup
6.3 PPPoE Encapsulation
The ZyXEL Device supports PPPoE (Point-to-Point Protocol over Ethernet). PPPoE is an
IETF standard (RFC 2516) specifying how a personal computer (PC) interacts with a
broadband modem (DSL, cable, wireless, etc.) connection. The PPPoE option is for a dial-up
connection using PPPoE.
For the service provider, PPPoE offers an access and authentication method that works with
existing access control systems (for example Radius).
One of the benefits of PPPoE is the ability to let you access one of multiple network services,
a function known as dynamic service selection. This enables the service provider to easily
create and offer new IP services for individuals.
Operationally, PPPoE saves significant effort for both you and the ISP or carrier, as it requires
no specific configuration of the broadband modem at the customer site.
By implementing PPPoE directly on the ZyXEL Device (rather than individual computers),
the computers on the LAN do not need PPPoE software installed, since the ZyXEL Device
does that part of the task. Furthermore, with NAT, all of the LANs’ computers will have
access.
6.4 Traffic Shaping
Traffic Shaping is an agreement between the carrier and the subscriber to regulate the average
rate and fluctuations of data transmission over an ATM network. This agreement helps
eliminate congestion, which is important for transmission of real time data such as audio and
video connections.
Peak Cell Rate (PCR) is the maximum rate at which the sender can send cells. This parameter
may be lower (but not higher) than the maximum line speed. 1 ATM cell is 53 bytes (424 bits),
so a maximum speed of 832Kbps gives a maximum PCR of 1962 cells/sec. This rate is not
guaranteed because it is dependent on the line speed.
Sustained Cell Rate (SCR) is the mean cell rate of each bursty traffic source. It specifies the
maximum average rate at which cells can be sent over the virtual connection. SCR may not be
greater than the PCR.
Maximum Burst Size (MBS) is the maximum number of cells that can be sent at the PCR.
After MBS is reached, cell rates fall below SCR until cell rate averages to the SCR again. At
this time, more cells (up to the MBS) can be sent at the PCR again.
If the PCR, SCR or MBS is set to the default of "0", the system will assign a maximum value
that correlates to your upstream line rate.
The following figure illustrates the relationship between PCR, SCR and MBS.
60
P-660RU-T v2 User’s Guide
Figure 18 Example of Traffic Shaping
6.5 Zero Configuration Internet Access
Once you turn on and connect the ZyXEL Device to a telephone jack, it automatically detects
the Internet connection settings (such as the VCI/VPI numbers and the encapsulation method)
from the ISP and makes the necessary configuration changes. In cases where additional
account information (such as an Internet account user name and password) is required or the
ZyXEL Device cannot connect to the ISP, you will be redirected to web screen(s) for
information input or troubleshooting.
Chapter 6 WAN Setup
Zero configuration for Internet access is disable when
• the ZyXEL Device is in bridge mode
• you set the ZyXEL Device to use a static (fixed) WAN IP address.
6.6 Configuring WAN Setup
To change your ZyXEL Device’s WAN remote node settings, click WA N > WAN S e t u p. The
screen differs by the encapsulation you select.
P-660RU-T v2 User’s Guide
61
Chapter 6 WAN Setup
Figure 19 WAN Setup (PPPoE)
62
The following table describes the labels in this screen.
Table 12 WAN Setup
LABEL DESCRIPTION
Name Enter the name of your Internet Service Provider, for example “MyISP”. This
information is for identification purposes only.
Mode Select Routing (default) from the drop-down list box if your ISP allows multiple
computers to share an Internet account. Otherwise select Bridge.
Encapsulation Select the method of encapsulation used by your ISP from the drop-down list
box. Choices vary depending on the mode you select in the Mode field.
If you select Bridge in the Mode field, select either PPPoA or RFC 1483.
If you select Routing in the Mode field, select PPPoA, RFC 1483, ENET
ENCAP or PPPoE.
P-660RU-T v2 User’s Guide
Chapter 6 WAN Setup
Table 12 WAN Setup (continued)
LABEL DESCRIPTION
Multiplex Select the method of multiplexing used by your ISP from the drop-down list.
Choices are VC or LLC.
Virtual Circuit ID VPI (Virtual Path Identifier) and VCI (Virtual Channel Identifier) define a virtual
circuit. Refer to the appendix for more information.
VPI The valid range for the VPI is 0 to 255. Enter the VPI assigned to you.
VCI The valid range for the VCI is 32 to 65535 (0 to 31 is reserved for local
management of ATM traffic). Enter the VCI assigned to you.
ATM QoS Type Select CBR (Constant Bit Rate) to specify fixed (always-on) bandwidth for voice
or data traffic. Select UBR (Unspecified Bit Rate) for applications that are nontime sensitive, such as e-mail. Select VBR (Variable Bit Rate) for bursty traffic
and bandwidth sharing with other applications.
Cell Rate Cell rate configuration often helps eliminate traffic congestion that slows
transmission of real time data such as audio and video connections.
Peak Cell Rate Divide the DSL line rate (bps) by 424 (the size of an ATM cell) to find the Peak
Cell Rate (PCR). This is the maximum rate at which the sender can send cells.
Type the PCR here.
Sustain Cell Rate The Sustain Cell Rate (SCR) sets the average cell rate (long-term) that can be
transmitted. Type the SCR, which must be less than the PCR. Note that system
default is 0 cells/sec.
Maximum Burst
Size
Maximum Burst Size (MBS) refers to the maximum number of cells that can be
sent at the peak rate. Type the MBS, which is less than 65535.
Login Information (PPPoA and PPPoE encapsulation only)
Service Name (PPPoE only) Type the name of your PPPoE service here.
User Name Enter the user name exactly as your ISP assigned. If assigned a name in the
form user@domain where domain identifies a service name, then enter both
components exactly as given.
Password Enter the password associated with the user name above.
IP Address This option is available if you select Routing in the Mode field.
A static IP address is a fixed IP that your ISP gives you. A dynamic IP address is
not fixed; the ISP assigns you a different one each time you connect to the
Internet.
Select Obtain an IP Address Automatically if you have a dynamic IP address;
otherwise select Static IP Address and type your ISP assigned IP address in
the IP Address field below.
Connection
(PPPoA and PPPoE
encapsulation only)
Nailed-Up
Connection
Connect on
Demand
Max Idle Timeout Specify an idle time-out in the Max Idle Timeout field when you select Connect
Select Nailed-Up Connection when you want your connection up all the time.
The ZyXEL Device will try to bring up the connection automatically if it is
disconnected.
Select Connect on Demand when you don't want the connection up all the time
and specify an idle time-out in the Max Idle Timeout field.
on Demand. The default setting is 0, which means the Internet session will not
timeout.
P-660RU-T v2 User’s Guide
63
Chapter 6 WAN Setup
Table 12 WAN Setup (continued)
LABEL DESCRIPTION
PPPoE
Passthrough
(PPPoE
encapsulation only)
Subnet Mask
(ENET ENCAP
encapsulation only)
ENET ENCAP
Gateway
(ENET ENCAP
encapsulation only)
Zero Configuration This feature is not applicable/available when you configure the ZyXEL Device to
Back Click Back to return to the previous screen.
Apply Click Apply to save the changes.
Cancel Click Cancel to begin configuring this screen afresh.
This field is available when you select PPPoE encapsulation.
In addition to the ZyXEL Device's built-in PPPoE client, you can enable PPPoE
pass through to allow up to ten hosts on the LAN to use PPPoE client software
on their computers to connect to the ISP via the ZyXEL Device. Each host can
have a separate account and a public WAN IP address.
PPPoE pass through is an alternative to NAT for application where NAT is not
appropriate.
Disable PPPoE pass through if you do not need to allow hosts on the LAN to use
PPPoE client software on their computers to connect to the ISP.
Enter a subnet mask in dotted decimal notation.
Refer to Appendix C on page 141 to calculate a subnet mask If you are
implementing subnetting.
You must specify a gateway IP address (supplied by your ISP) when you select
ENET ENCAP in the Encapsulation field
use a static WAN IP address or in bridge mode.
Select Yes to set the ZyXEL Device to automatically detect the Internet
connection settings (such as the VCI/VPI numbers and the encapsulation
method) from the ISP and make the necessary configuration changes.
Select No to disable this feature. You must manually configure the ZyXEL
Device for Internet access.
6.7 Traffic Redirect
Traffic redirect forwards traffic to a backup gateway when the ZyXEL Device cannot connect
to the Internet. An example is shown in the figure below.
Figure 20 Traffic Redirect Example
64
P-660RU-T v2 User’s Guide
Chapter 6 WAN Setup
The following network topology allows you to avoid triangle route security issues when the
backup gateway is connected to the LAN. Use IP alias to configure the LAN into two or three
logical networks with the ZyXEL Device itself as the gateway for each LAN network. Put the
protected LAN in one subnet (Subnet 1 in the following figure) and the backup gateway in
another subnet (Subnet 2). Configure filters that allow packets from the protected LAN
(Subnet 1) to the backup gateway (Subnet 2).
Figure 21 Traffic Redirect LAN Setup
6.8 Configuring WAN Backup
To change your ZyXEL Device’s WAN backup settings, click WA N > WAN Backup. The
screen appears as shown.
P-660RU-T v2 User’s Guide
65
Chapter 6 WAN Setup
Figure 22 WAN Backup
The following table describes the labels in this screen.
Table 13 WAN Backup
LABEL DESCRIPTION
Backup Type Select the method that the ZyXEL Device uses to check the DSL connection.
Select DSL Link to have the ZyXEL Device check if the connection to the DSLAM
is up. Select ICMP to have the ZyXEL Device periodically ping the IP addresses
configured in the Check WAN IP Address fields.
Check WAN IP
Address1-3
Configure this field to test your ZyXEL Device's WAN accessibility. Type the IP
address of a reliable nearby computer (for example, your ISP's DNS server
address).
Note: If you activate either traffic redirect or dial backup, you
must configure at least one IP address here.
When using a WAN backup connection, the ZyXEL Device periodically pings the
addresses configured here and uses the other WAN backup connection (if
configured) if there is no response.
Fail Tolerance Type the number of times (2 recommended) that your ZyXEL Device may ping the
IP addresses configured in the Check WAN IP Address field without getting a
response before switching to a WAN backup connection (or a different WAN
backup connection).
Recovery Interval When the ZyXEL Device is using a lower priority connection (usually a WAN
backup connection), it periodically checks to whether or not it can use a higher
priority connection.
Type the number of seconds (30 recommended) for the ZyXEL Device to wait
between checks. Allow more time if your destination IP address handles lots of
traffic.
66
P-660RU-T v2 User’s Guide
Chapter 6 WAN Setup
Table 13 WAN Backup (continued)
LABEL DESCRIPTION
Timeout Type the number of seconds (3 recommended) for your ZyXEL Device to wait for a
ping response from one of the IP addresses in the Check WAN IP Address field
before timing out the request. The WAN connection is considered "down" after the
ZyXEL Device times out the number of times specified in the Fail Tolerance field.
Use a higher value in this field if your network is busy or congested.
Traffic Redirect
Active Select this check box to have the ZyXEL Device use traffic redirect if the normal
WAN connection goes down.
Note: If you activate traffic redirect, you must configure at least
one Check WAN IP Address.
Metric This field sets this route's priority among the routes the ZyXEL Device uses.
The metric represents the "cost of transmission". A router determines the best
route for transmission by choosing a path with the lowest "cost". RIP routing uses
hop count as the measurement of cost, with a minimum of "1" for directly
connected networks. The number must be between "1" and "15"; a number greater
than "15" means the link is down. The smaller the number, the lower the "cost".
Backup Gateway Type the IP address of your backup gateway in dotted decimal notation. The
ZyXEL Device automatically forwards traffic to this IP address if the ZyXEL
Device's Internet connection terminates.
Back Click Back to return to the previous screen.
Apply Click Apply to save the changes.
Cancel Click Cancel to begin configuring this screen afresh.
P-660RU-T v2 User’s Guide
67
Chapter 6 WAN Setup
68
P-660RU-T v2 User’s Guide
CHAPTER 7
Security
This chapter shows how to configure Internet security filters on your ZyXEL Device.
7.1 Configuring Internet Security
The ZyXEL Device can use predefined filters to stop packets of specified types from passing
from the WAN to the LAN, or from the LAN to the WAN.
" If you want to enable remote management of the ZyXEL Device from the WAN,
ensure that the settings in this screen allow packets of the relevant type to pass
from the WAN.
Click Security in the navigation panel to open the following screen.
Figure 23 Internet Security
P-660RU-T v2 User’s Guide
69
Chapter 7 Security
The following table describes the labels in this screen.
Table 14 Internet Security
LABEL DESCRIPTION
Telnet Select this to stop all telnet packets passing from the WAN to the
FTP Select this to stop all FTP traffic passing from the WAN to the LAN.
TFTP Select this to stop all TFTP traffic passing from the WAN to the LAN.
Web Select this to stop all HTTP traffic passing from the WAN to the LAN.
SNMP Select this to stop all SNMP traffic passing from the WAN to the
Ping Select this to stop all ICMP Echo traffic passing from the WAN to the
Apply Click this button to save the settings in this screen.
Cancel Click this button to return the fields in this screen to their previously-
LAN. Telnet traffic from the LAN can still pass through to the WAN.
FTP traffic from the LAN can still pass through to the WAN.
TFTP traffic from the LAN can still pass through to the WAN.
ZyXEL Device. SNMP traffic from the LAN can still access the ZyXEL
Device.
LAN, and from the LAN to the WAN. You can still ping devices on the
LAN.
saved values.
70
P-660RU-T v2 User’s Guide
CHAPTER 8
Dynamic DNS Setup
This chapter discusses how to configure your ZyXEL Device to use Dynamic DNS.
8.1 Dynamic DNS
Dynamic DNS allows you to update your current dynamic IP address with one or many
dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You
can also access your FTP server or Web site on your own computer using a domain name (for
instance myhost.dhs.org, where myhost is a name of your choice) that will never change
instead of using an IP address that changes each time you reconnect. Your friends or relatives
will always be able to call you even if they don't know your IP address.
First of all, you need to have registered a dynamic DNS account with www.dyndns.org. This is
for people with a dynamic IP from their ISP or DHCP server that would still like to have a
domain name. The Dynamic DNS service provider will give you a password or key.
8.1.1 DYNDNS Wildcard
Enabling the wildcard feature for your host causes *.yourhost.dyndns.org to be aliased to the
same IP address as yourhost.dyndns.org. This feature is useful if you want to be able to use,
for example, www.yourhost.dyndns.org and still reach your hostname.
" If you have a private WAN IP address, then you cannot use Dynamic DNS.
8.2 Configuring Dynamic DNS
To change your ZyXEL Device’s DDNS, click Dynamic DNS. The screen appears as shown.
P-660RU-T v2 User’s Guide
71
Chapter 8 Dynamic DNS Setup
Figure 24 Dynamic DNS
The following table describes the labels in this screen.
Table 15 Dynamic DNS
LABEL DESCRIPTION
Active Select this check box to use dynamic DNS.
Service Provider This is the name of your Dynamic DNS service provider.
Host Names Type the domain name assigned to your ZyXEL Device by your Dynamic DNS
E-mail Address Type your e-mail address.
User Type your user name.
Password Type the password assigned to you.
Enable Wildcard Select the check box to enable DYNDNS Wildcard.
Apply Click Apply to save your changes back to the ZyXEL Device.
Cancel Click Cancel to begin configuring this screen afresh.
provider.
72
P-660RU-T v2 User’s Guide
CHAPTER 9
Time and Date
This screen is not available on all models. Use this screen to configure the ZyXEL Device’s
time and date settings.
9.1 Configuring Time and Date
To change your ZyXEL Device’s time and date, click Time And Date. The screen appears as
shown. Use this screen to configure the ZyXEL Device’s time based on your local time zone.
Figure 25 Time and Date
P-660RU-T v2 User’s Guide
73
Chapter 9 Time and Date
The following table describes the labels in this screen.
Table 16 Time and Date
LABEL DESCRIPTION
Time Server
Use Protocol
when Bootup
IP Address or URL Enter the IP address or URL of your time server. Check with your ISP/network
Time and Date Choose the time zone of your location. This will set the time difference between
Daylight Savings Select this option if you use daylight savings time. Daylight saving is a period from
Start Date Enter the month and day that your daylight-savings time starts on if you selected
End Date Enter the month and day that your daylight-savings time ends on if you selected
Synchronize
system clock with
Time Server now.
Date
Current Date This field displays the date set on your ZyXEL Device.
New Date (yyyymm-dd)
Time
Current Time This field displays the time set on your ZyXEL Device.
New Time This field displays the last updated time from the time server.
Apply Click Apply to save your changes back to the ZyXEL Device.
Cancel Click Cancel to begin configuring this screen afresh.
Select the time service protocol that your time server uses. Not all time servers
support all protocols, so you may have to check with your ISP/network
administrator or use trial and error to find a protocol that works.
The main difference between them is the format.
When you select the Daytime (RFC 867) format, the switch displays the day,
month, year and time with no time zone adjustment. When you use this format it
is recommended that you use a Daytime timeserver within your geographical time
zone.
Time (RFC 868) format displays a 4-byte integer giving the total number of
seconds since 1970/1/1 at 0:0:0.
NTP (RFC 1305) is similar to Time (RFC 868).
Select None to enter the time and date manually.
administrator if you are unsure of this information.
your time zone and Greenwich Mean Time (GMT).
late spring to early fall when many countries set their clocks ahead of normal local
time by one hour to give more daytime light in the evening.
Daylight Savings.
Daylight Savings.
Select this option to have your ZyXEL Device use the time server (that you
configured above) to set its internal system clock.
Please wait for up to 60 seconds while the ZyXEL Device locates the time server.
If the ZyXEL Device cannot find the time server, please check the time server
protocol and its IP address. If the IP address was entered correctly, try pinging it
for example to test the connection.
Each time you reload this page, the ZyXEL Device synchronizes the time with the
time server.
This field displays the last updated date from the time server.
When you select None in the Use Protocol when Bootup field, enter the new
date in this field and then click Apply.
Each time you reload this page, the ZyXEL Device synchronizes the time with the
time server.
When you select None in the Use Protocol when Bootup field, enter the new
time in this field and then click Apply.
74
P-660RU-T v2 User’s Guide
CHAPTER 10
Remote Management
Configuration
This chapter provides information on configuring remote management.
10.1 Remote Management Overview
Remote management allows you to determine which services/protocols can access which
ZyXEL Device interface (if any) from which computers.
You may manage your ZyXEL Device from a remote location via:
• Internet (WAN only)
• ALL (LAN and WAN)
• LAN only,
• Neither (Disable).
To disable remote management of a service, select Disable in the corresponding Server
Access field.
You may only have one remote management session running at a time. The ZyXEL Device
automatically disconnects a remote management session of lower priority when another
remote management session of higher priority starts. The priorities for the different types of
remote management sessions are as follows.
1 Te lnet
2 HTTP
10.1.1 Remote Management Limitations
Remote management over LAN or WAN will not work when:
• You have not enabled that service on the interface in the corresponding remote
management screen.
• The IP address in the Secured Client IP field does not match the client IP address. If it
does not match, the ZyXEL Device will disconnect the session immediately.
• There is already another remote management session with an equal or higher priority
running. You may only have one remote management session running at one time.
• A filter is applied (in the Security screen) to block a Telnet, FTP or Web service.
P-660RU-T v2 User’s Guide
75
Chapter 10 Remote Management Configuration
10.1.2 Remote Management and NAT
When NAT is enabled:
• Use the ZyXEL Device’s WAN IP address when configuring from the WAN.
• Use the ZyXEL Device’s LAN IP address when configuring from the LAN.
10.1.3 System Timeout
There is a default system management idle timeout of five minutes (three hundred seconds).
The ZyXEL Device automatically logs you out if the management session remains idle for
longer than this timeout period. The management session does not time out when a statistics
screen is polling.
10.2 Telnet
You can use Telnet to access the ZyXEL Device’s command line interface. Specify which
interfaces allow Telnet access and from which IP address the access can come.
10.3 FTP
You can upload and download ZyXEL Device firmware and configuration files using FTP. To
use this feature, your computer must have an FTP client.
10.4 Web
You can set the ZyXEL Device to use HTTP or HTTPS (HTTPS adds security) for web
configurator sessions. Specify which interfaces allow web configurator access and from which
IP address the access can come.
HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web
protocol that encrypts and decrypts web pages. Secure Socket Layer (SSL) is an applicationlevel protocol that enables secure transactions of data by ensuring confidentiality (an
unauthorized party cannot read the transferred data), authentication (one party can identify the
other party) and data integrity (you know if data has been changed).
10.5 Configuring Remote Management
Click Remote Management to open the following screen.
76
P-660RU-T v2 User’s Guide
Chapter 10 Remote Management Configuration
Figure 26 Remote Management
The following table describes the labels in this screen.
Table 17 Remote Management
LABEL DESCRIPTION
Server Type Each of these labels denotes a service that you may use to remotely manage the
Access Status Select the access interface. Choices are All, LAN Only, WAN Only and Disable.
Port This field shows the port number for the remote management service. You may
Secured Client IPThe default 0.0.0.0 allows any client to use this service to remotely manage the
Apply Click Apply to save your settings back to the ZyXEL Device.
Cancel Click Cancel to begin configuring this screen afresh.
ZyXEL Device.
change the port number for a service in this field, but you must use the same port
number to use that service for remote management.
ZyXEL Device. Type an IP address to restrict access to a client with a matching IP
address.
P-660RU-T v2 User’s Guide
77
Chapter 10 Remote Management Configuration
78
P-660RU-T v2 User’s Guide
CHAPTER 11
Universal Plug-and-Play (UPnP)
This chapter introduces the UPnP feature in the web configurator.
11.1 Introducing Universal Plug and Play (UPnP)
Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP
for simple peer-to-peer network connectivity between devices. A UPnP device can
dynamically join a network, obtain an IP address, convey its capabilities and learn about other
devices on the network. In turn, a device can leave a network smoothly and automatically
when it is no longer in use.
See Section 11.2.1 on page 80 for configuration instructions.
11.1.1 How do I know if I'm using UPnP?
UPnP hardware is identified as an icon in the Network Connections folder (Windows XP).
Each UPnP compatible device installed on your network will appear as a separate icon.
Selecting the icon of a UPnP device will allow you to access the information and properties of
that device.
11.1.2 NAT Traversal
UPnP NAT traversal automates the process of allowing an application to operate through
NAT. UPnP network devices can automatically configure network addressing, announce their
presence in the network to other UPnP devices and enable exchange of simple product and
service descriptions. NAT traversal allows the following:
• Dynamic port mapping
• Learning public IP addresses
• Assigning lease times to mappings
Windows Messenger is an example of an application that supports NAT traversal and UPnP.
See the NAT chapter for more information on NAT.
11.1.3 Cautions with UPnP
The automated nature of NAT traversal applications in establishing their own services and
opening firewall ports may present network security issues. Network information and
configuration may also be obtained and modified by users in some network environments.
P-660RU-T v2 User’s Guide
79
Chapter 11 Universal Plug-and-Play (UPnP)
When a UPnP device joins a network, it announces its presence with a multicast message. For
security reasons, the ZyXEL Device allows multicast messages on the LAN only.
All UPnP-enabled devices may communicate freely with each other without additional
configuration. Disable UPnP if this is not your intention.
11.2 UPnP and ZyXEL
ZyXEL has achieved UPnP certification from the Universal Plug and Play Forum UPnP™
Implementers Corp. (UIC). ZyXEL's UPnP implementation supports Internet Gateway Device
(IGD) 1.0.
See the following sections for examples of installing and using UPnP.
11.2.1 Configuring UPnP
Click UPnP to display the screen shown next.
Figure 27 Configuring UPnP
The following table describes the labels in this screen.
Table 18 Configuring UPnP
LABEL DESCRIPTION
Enable the Universal Plug
and Play (UPnP) Service
Allow users to make
configuration changes
through UPnP
Apply Click Apply to save the setting to the ZyXEL Device.
Cancel Click Cancel to return to the previously saved settings.
Select this checkbox to activate UPnP. Be aware that anyone could use
a UPnP application to open the web configurator's login screen without
entering the ZyXEL Device's IP address (although you must still enter
the password to access the web configurator).
Select this check box to allow UPnP-enabled applications to
automatically configure the ZyXEL Device so that they can
communicate through the ZyXEL Device, for example by using NAT
traversal, UPnP applications automatically reserve a NAT forwarding
port in order to communicate with another UPnP enabled device; this
eliminates the need to manually configure port forwarding for the UPnP
enabled application.
11.3 Installing UPnP in Windows
This section shows how to install UPnP in Windows Me and Windows XP.
80
P-660RU-T v2 User’s Guide
11.3.1 Installing UPnP in Windows Me
Follow the steps below to install the UPnP in Windows Me.
1 Click Start and Control Panel. Double-click Add/Remove Programs.
2 Click on the Windows Setup tab and select Communication in the Components
selection box. Click Details.
Figure 28 Add/Remove Programs: Windows Setup: Communication
Chapter 11 Universal Plug-and-Play (UPnP)
3 In the Communications window, select the Universal Plug and Play check box in the
Components selection box.
P-660RU-T v2 User’s Guide
81
Chapter 11 Universal Plug-and-Play (UPnP)
Figure 29 Add/Remove Programs: Windows Setup: Communication: Components
4 Click OK to go back to the Add/Remove Programs Properties window and click
Next.
5 Restart the computer when prompted.
11.3.2 Installing UPnP in Windows XP
Follow the steps below to install the UPnP in Windows XP.
1 Click Start and Control Panel.
2 Double-click Network Connections.
3 In the Network Connections window, click Advanced in the main menu and select
Optional Networking Components ….
Figure 30 Network Connections
82
4 The Windows Optional Networking Components Wizard window displays. Select
Networking Service in the Components selection box and click Details.
P-660RU-T v2 User’s Guide
Chapter 11 Universal Plug-and-Play (UPnP)
Figure 31 Windows Optional Networking Components Wizard
5 In the Networking Services window, select the Universal Plug and Play check box.
Figure 32 Networking Services
6 Click OK to go back to the Windows Optional Networking Component Wizard
window and click Next.
P-660RU-T v2 User’s Guide
83
Chapter 11 Universal Plug-and-Play (UPnP)
11.4 Using UPnP in Windows XP: Example
This section shows you how to use the UPnP feature in Windows XP. You must already have
UPnP installed in Windows XP and UPnP activated on the ZyXEL Device.
Make sure the computer is connected to a LAN port of the ZyXEL Device. Turn on your
computer and the ZyXEL Device.
Auto-discover Your UPnP-enabled Network Device
1 Click Start and Control Panel. Double-click Network Connections. An icon displays
under Internet Gateway.
2 Right-click the icon and select Properties.
Figure 33 Network Connections
84
3 In the Internet Connection Properties window, click Settings to see the port mappings
there were automatically created.
P-660RU-T v2 User’s Guide
Figure 34 Internet Connection Properties
Chapter 11 Universal Plug-and-Play (UPnP)
4 You may edit or delete the port mappings or click Add to manually add port mappings.
Figure 35 Internet Connection Properties: Advanced Settings
P-660RU-T v2 User’s Guide
85
Chapter 11 Universal Plug-and-Play (UPnP)
Figure 36 Internet Connection Properties: Advanced Settings: Add
5 When the UPnP-enabled device is disconnected from your computer, all port mappings
will be deleted automatically.
6 Select Show icon in notification area when connected option and click OK. An icon
displays in the system tray.
Figure 37 System Tray Icon
7 Double-click on the icon to display your current Internet connection status.
86
P-660RU-T v2 User’s Guide
Figure 38 Internet Connection Status
Chapter 11 Universal Plug-and-Play (UPnP)
11.4.1 Web Configurator Easy Access
With UPnP, you can access the web-based configurator on the ZyXEL Device without finding
out the IP address of the ZyXEL Device first. This becomes helpful if you do not know the IP
address of the ZyXEL Device.
Follow the steps below to access the web configurator.
1 Click Start and then Control Panel.
2 Double-click Network Connections.
3 Select My Network Places under Other Places.
P-660RU-T v2 User’s Guide
87
Chapter 11 Universal Plug-and-Play (UPnP)
Figure 39 Network Connections
88
4 An icon with the description for each UPnP-enabled device displays under Local
Network.
5 Right-click on the icon for your ZyXEL Device and select Invoke. The web configurator
login screen displays.
P-660RU-T v2 User’s Guide
Chapter 11 Universal Plug-and-Play (UPnP)
Figure 40 Network Connections: My Network Places
6 Right-click on the icon for your ZyXEL Device and select Properties. A window
displays with basic information about the ZyXEL Device.
Figure 41 Network Connections: My Network Places: Properties: Example
P-660RU-T v2 User’s Guide
89
Chapter 11 Universal Plug-and-Play (UPnP)
90
P-660RU-T v2 User’s Guide
CHAPTER 12
Network Address Translation
(NAT) Screens
This chapter discusses how to configure NAT on the ZyXEL Device.
12.1 NAT Overview
NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address of a
host in a packet, for example, the source address of an outgoing packet, used within one
network to a different IP address known within another network.
12.1.1 NAT Definitions
Inside/outside denotes where a host is located relative to the ZyXEL Device, for example, the
computers of your subscribers are the inside hosts, while the web servers on the Internet are
the outside hosts.
Global/local denotes the IP address of a host in a packet as the packet traverses a router, for
example, the local address refers to the IP address of a host when the packet is in the local
network, while the global address refers to the IP address of the host when the same packet is
traveling on the WAN side.
Note that inside/outside refers to the location of a host, while global/local refers to the IP
address of a host used in a packet. Thus, an inside local address (ILA) is the IP address of an
inside host in a packet when the packet is still in the local network, while an inside global
address (IGA) is the IP address of the same inside host when the packet is on the WAN side.
The following table summarizes this information.
Table 19 NAT Definitions
ITEM DESCRIPTION
Inside This refers to the host on the LAN.
Outside This refers to the host on the WAN.
Local This refers to the packet address (source or destination) as the packet travels on the
Global This refers to the packet address (source or destination) as the packet travels on the
LAN.
WAN.
P-660RU-T v2 User’s Guide
91
Chapter 12 Network Address Translation (NAT) Screens
" NAT never changes the IP address (either local or global) of an outside host.
12.1.2 What NAT Does
In the simplest form, NAT changes the source IP address in a packet received from a
subscriber (the inside local address) to another (the inside global address) before forwarding
the packet to the WAN side. When the response comes back, NAT translates the destination
address (the inside global address) back to the inside local address before forwarding it to the
original inside host. Note that the IP address (either local or global) of an outside host is never
changed.
The global IP addresses for the inside hosts can be either static or dynamically assigned by the
ISP. In addition, you can designate servers (a web server and a telnet server, for example) on
your local network and make them accessible to the outside world. If you do not define any
servers (for Many-to-One and Many-to-Many Overload mapping – see Table 20 on page 94),
NAT offers the additional benefit of firewall protection. With no servers defined, your ZyXEL
Device filters out all incoming inquiries, thus preventing intruders from probing your network.
For more information on IP address translation, refer to RFC 1631, The IP Network Address
Translator (NAT).
12.1.3 How NAT Works
Each packet has two addresses – a source address and a destination address. For outgoing
packets, the ILA (Inside Local Address) is the source address on the LAN, and the IGA (Inside
Global Address) is the source address on the WAN. For incoming packets, the ILA is the
destination address on the LAN, and the IGA is the destination address on the WAN. NAT
maps private (local) IP addresses to globally unique ones required for communication with
hosts on other networks. It replaces the original IP source address (and TCP or UDP source
port numbers for Many-to-One and Many-to-Many Overload NAT mapping) in each packet
and then forwards it to the Internet. The ZyXEL Device keeps track of the original addresses
and port numbers so incoming reply packets can have their original values restored. The
following figure illustrates this.
Figure 42 How NAT Works
92
P-660RU-T v2 User’s Guide
12.1.4 NAT Application
The following figure illustrates a possible NAT application, where three inside LANs (logical
LANs using IP Alias) behind the ZyXEL Device can communicate with three distinct WAN
networks. More examples follow at the end of this chapter.
Figure 43 NAT Application With IP Alias
Chapter 12 Network Address Translation (NAT) Screens
12.1.5 NAT Mapping Types
NAT supports five types of IP/port mapping. They are:
• One to One: In One-to-One mode, the ZyXEL Device maps one local IP address to one
global IP address.
• Many to One: In Many-to-One mode, the ZyXEL Device maps multiple local IP
addresses to one global IP address. This is equivalent to SUA (for instance, PAT, port
address translation), ZyXEL’s Single User Account feature that previous ZyXEL routers
supported (the SUA Only option in today’s routers).
• Many to Many Overload: In Many-to-Many Overload mode, the ZyXEL Device maps
the multiple local IP addresses to shared global IP addresses.
• Many-to-Many No Overload:
maps each local IP address to a unique global IP address.
• Server: This type allows you to specify inside servers of different services behind the
NAT to be accessible to the outside world.
P-660RU-T v2 User’s Guide
In Many-to-Many No Overload mode, the ZyXEL Device
93
Chapter 12 Network Address Translation (NAT) Screens
" Port numbers do not change for One-to-One and Many-to-Many No Overload
NAT mapping types.
The following table summarizes these types.
Table 20 NAT Mapping Types
TYPE IP MAPPING
One-to-One ILA1ÅÆ IGA1
Many-to-One (SUA/PAT) ILA1ÅÆ IGA1
ILA2ÅÆ IGA1
…
Many-to-Many Overload ILA1ÅÆ IGA1
ILA2ÅÆ IGA2
ILA3ÅÆ IGA1
ILA4ÅÆ IGA2
…
Many-to-Many No Overload ILA1ÅÆ IGA1
ILA2ÅÆ IGA2
ILA3ÅÆ IGA3
…
Server Server 1 IPÅÆ IGA1
Server 2 IPÅÆ IGA1
Server 3 IPÅÆ IGA1
12.2 SUA (Single User Account) Versus NAT
SUA (Single User Account) is a ZyNOS implementation of a subset of NAT that supports two
types of mapping, Many-to-One and Server. The ZyXEL Device also supports Full
Feature NAT to map multiple global IP addresses to multiple private LAN IP addresses of
clients or servers using mapping types as outlined in Table 20 on page 94.
" Choose SUA Only if you have just one public WAN IP address for your ZyXEL
Device.
" Choose Full Feature if you have multiple public WAN IP addresses for your
ZyXEL Device.
94
P-660RU-T v2 User’s Guide
12.3 SUA Server
A SUA server set is a list of inside (behind NAT on the LAN) servers, for example, web or
FTP, that you can make visible to the outside world even though SUA makes your whole
inside network appear as a single computer to the outside world.
You may enter a single port number or a range of port numbers to be forwarded, and the local
IP address of the desired server. The port number identifies a service; for example, web
service is on port 80 and FTP on port 21. In some cases, such as for unknown services or
where one server can support more than one service (for example both FTP and web service),
it might be better to specify a range of port numbers. You can allocate a server IP address that
corresponds to a port or a range of ports.
Many residential broadband ISP accounts do not allow you to run any server processes (such
as a Web or FTP server) from your location. Your ISP may periodically check for servers and
may suspend your account if it discovers any active services at your location. If you are
unsure, refer to your ISP.
12.3.1 Default Server IP Address
In addition to the servers for specified services, NAT supports a default server IP address. A
default server receives packets from ports that are not specified in this screen.
Chapter 12 Network Address Translation (NAT) Screens
" If you do not assign an IP address in Server Set 1 (default server) the ZyXEL
Device discards all packets received for ports that are not specified here or in
the remote management setup.
12.3.2 Port Forwarding: Services and Port Numbers
The most often used port numbers are shown in the following table. Please refer to RFC 1700
for further information about port numbers.
Table 21 Services and Port Numbers
SERVICES PORT NUMBER
ECHO 7
FTP (File Transfer Protocol) 21
SMTP (Simple Mail Transfer Protocol) 25
DNS (Domain Name System) 53
Finger 79
HTTP (Hyper Text Transfer protocol or WWW, Web) 80
POP3 (Post Office Protocol) 110
NNTP (Network News Transport Protocol) 119
SNMP (Simple Network Management Protocol) 161
SNMP trap 162
PPTP (Point-to-Point Tunneling Protocol) 1723
P-660RU-T v2 User’s Guide
95
Chapter 12 Network Address Translation (NAT) Screens
12.3.3 Configuring Servers Behind SUA (Example)
Let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the
example), port 80 to another (B in the example) and assign a default server IP address of
192.168.1.35 to a third (C in the example). You assign the LAN IP addresses and the ISP
assigns the WAN IP address. The NAT network appears as a single host on the Internet.
IP address assigned by ISP.
Figure 44 Multiple Servers Behind NAT Example
12.4 Selecting the NAT Mode
Click NAT to open the following screen.
Figure 45 NAT Mode
The following table describes the labels in this screen.
Table 22 NAT Mode
LABEL DESCRIPTION
None Select this radio button to disable NAT.
SUA Only Select this radio button if you have just one public WAN IP address for your ZyXEL
Edit Details Click this link to go to the NAT - Edit SUA/NAT Server Set screen.
Full Feature Select this radio button if you have multiple public WAN IP addresses for your ZyXEL
Device. The ZyXEL Device uses Address Mapping Set 1 in the NAT - Edit SUA/NAT
Server Set screen.
Device.
96
P-660RU-T v2 User’s Guide
Chapter 12 Network Address Translation (NAT) Screens
Table 22 NAT Mode (continued)
LABEL DESCRIPTION
Edit Details Click this link to go to the NAT - Address Mapping Rules screen.
Apply Click Apply to save your configuration.
12.5 Configuring SUA Server
" If you do not assign an IP address in Server Set 1 (default server), the ZyXEL
Device discards all packets received for ports that are not specified here or in
the remote management setup.
Click NAT, select SUA Only and click Edit Details to open the following screen.
Refer to Table 21 on page 95 for port numbers commonly used for particular services.
Figure 46 Edit SUA/NAT Server Set
P-660RU-T v2 User’s Guide
97
Chapter 12 Network Address Translation (NAT) Screens
The following table describes the labels in this screen.
Table 23 Edit SUA/NAT Server Set
LABEL DESCRIPTION
Start Port No. Enter a port number in this field.
To forward only one port, enter the port number again in the End Port No. field.
To forward a series of ports, enter the start port number here and the end port
number in the End Port No. field.
End Port No. Enter a port number in this field.
To forward only one port, enter the port number again in the Start Port No. field
above and then enter it again in this field.
To forward a series of ports, enter the last port number in a series that begins with
the port number in the Start Port No. field above.
IP Address Enter your server IP address in this field.
Save Click Save to save your changes back to the ZyXEL Device.
Cancel Click Cancel to return to the previous configuration.
12.6 Configuring Address Mapping
Ordering your rules is important because the ZyXEL Device applies the rules in the order that
you specify. When a rule matches the current packet, the ZyXEL Device takes the
corresponding action and the remaining rules are ignored. If there are any empty rules before
your new configured rule, your configured rule will be pushed up by that number of empty
rules. For example, if you have already configured rules 1 to 6 in your current set and now you
configure rule number 9. In the set summary screen, the new rule will be rule 7, not 9. Now if
you delete rule 4, rules 5 to 7 will be pushed up by 1 rule, so old rules 5, 6 and 7 become new
rules 4, 5 and 6.
To change your ZyXEL Device’s address mapping settings, click NAT, Select Full Feature
and click Edit Details to open the following screen.
Figure 47 Address Mapping Rules
98
P-660RU-T v2 User’s Guide
Chapter 12 Network Address Translation (NAT) Screens
The following table describes the labels in this screen.
Table 24 Address Mapping Rules
LABEL DESCRIPTION
Local Start IP This is the starting Inside Local IP Address (ILA). Local IP addresses are N/A for
Local End IP This is the end Inside Local IP Address (ILA). If the rule is for all local IP addresses,
Global Start IP This is the starting Inside Global IP Address (IGA). Enter 0.0.0.0 here if you have a
Global End IP This is the ending Inside Global IP Address (IGA). This field is N/A for One-to-one,
Type 1-1: One-to-one mode maps one local IP address to one global IP address. Note
Back Click Back to return to the NAT Mode screen.
Server port mapping.
then this field displays 0.0.0.0 as the Local Start IP address and 255.255.255.255
as the Local End IP address. This field is N/A for One-to-one and Server mapping
types.
dynamic IP address from your ISP. You can only do this for Many-to-One and
Server mapping types.
Many-to-One and Server mapping types.
that port numbers do not change for the One-to-one NAT mapping type.
M-1: Many-to-One mode maps multiple local IP addresses to one global IP address.
This is equivalent to SUA (in other words, PAT, port address translation), ZyXEL's
Single User Account feature.
M-M Ov (Overload): Many-to-Many Overload mode maps multiple local IP
addresses to shared global IP addresses.
MM No (No Overload): Many-to-Many No Overload mode maps each local IP
address to unique global IP addresses.
Server: This type allows you to specify inside servers of different services behind
the NAT to be accessible to the outside world.
12.7 Editing an Address Mapping Rule
To edit an address mapping rule, click the rule’s link in the NAT Address Mapping Rules
screen to display the screen shown next.
Figure 48 Address Mapping Rule Edit
P-660RU-T v2 User’s Guide
99
Chapter 12 Network Address Translation (NAT) Screens
The following table describes the labels in this screen.
Table 25 Address Mapping Rule Edit
LABEL DESCRIPTION
Type Choose the port mapping type from one of the following.
• One-to-One: One-to-One mode maps one local IP address to one global IP
address. Note that port numbers do not change for One-to-one NAT mapping
type.
• Many-to-One: Many-to-One mode maps multiple local IP addresses to one
global IP address. This is equivalent to SUA (i.e., PAT, port address translation),
ZyXEL's Single User Account feature that previous ZyXEL routers supported
only.
• Many-to-Many Overload: Many-to-Many Overload mode maps multiple local IP
addresses to shared global IP addresses.
• Many-to-Many No Overload: Many-to-Many No Overload mode maps each
local IP address to unique global IP addresses.
• Server: This type allows you to specify inside servers of different services behind
the NAT to be accessible to the outside world.
Local Start IP This is the starting local IP address (ILA). Local IP addresses are N/A for Server port
mapping.
Local End IP This is the end local IP address (ILA). If your rule is for all local IP addresses, then
Global Start IP This is the starting global IP address (IGA). Enter 0.0.0.0 here if you have a dynamic
Global End IP This is the ending global IP address (IGA). This field is N/A for One-to-One, Many-
Server Mapping
Set
Edit Details Click this link to go to the NAT - Edit SUA/NAT Server Set screen to edit a server
Apply Click Apply to save your changes back to the ZyXEL Device.
Cancel Click Cancel to return to the previously saved settings.
Delete Click Delete to exit this screen without saving.
enter 0.0.0.0 as the Local Start IP address and 255.255.255.255 as the Local End
IP address.
This field is N/A for One-to-One and Server mapping types.
IP address from your ISP.
to-One and Server mapping types.
Only available when Type is set to Server.
Select a number from the drop-down menu to choose a server set from the NAT -
Address Mapping Rules screen.
set that you have selected in the Server Mapping Set field.
100
P-660RU-T v2 User’s Guide
Loading...