ZyXEL Communications P-870HW-I User Manual

P-870HW-I Series

802.11g Wireless VDSL2 4-port Gateway

User’s Guide

Version 3.50

8/2006

Edition 1

P-870HW-I1 User’s Guide

Copyright

Copyright © 2006 by ZyXEL Communications Corporation.

The contents of this publication may not be reproduced in any part or as a whole, transcribed,
stored in a retrieval system, translated into any language, or transmitted in any form or by any
means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or
otherwise, without the prior written permission of ZyXEL Communications Corporation.

Published by ZyXEL Communications Corporation. All rights reserved.

Disclaimer

ZyXEL does not assume any liability arising out of the application or use of any products, or
software described herein. Neither does it convey any license under its patent rights nor the
patent rights of others. ZyXEL further reserves the right to make changes in any products
described herein without notice. This publication is subject to change without notice.

Trademarks

ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL
Communications, Inc. Other trademarks mentioned in this publication are used for
identification purposes only and may be properties of their respective owners.

Copyright 3

P-870HW-I1 User’s Guide

Federal Communications Commission (FCC) Interference Statement

The device complies with Part 15 of FCC rules. Operation is subject to the following two
conditions:

• This device may not cause harmful interference.

• This device must accept any interference received, including interference that may cause
undesired operations.

This device has been tested and found to comply with the limits for a Class B digital device
pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable
protection against harmful interference in a residential installation. This device generates,
uses, and can radiate radio frequency energy, and if not installed and used in accordance with
the instructions, may cause harmful interference to radio communications. However, there is
no guarantee that interference will not occur in a particular installation.

Certifications

If this device does cause harmful interference to radio/television reception, which can be
determined by turning the device off and on, the user is encouraged to try to correct the
interference by one or more of the following measures:

1 Reorient or relocate the receiving antenna.

2 Increase the separation between the equipment and the receiver.

3 Connect the equipment into an outlet on a circuit different from that to which the receiver

is connected.

4 Consult the dealer or an experienced radio/TV technician for help.

FCC Radiation Exposure Statement

• This transmitter must not be co-located or operating in conjunction with any other
antenna or transmitter.

• IEEE 802.11b or 802.11g operation of this product in the U.S.A. is firmware-limited to
channels 1 through 11.

• To comply with FCC RF exposure compliance requirements, a separation distance of at
least 20 cm must be maintained between the antenna of this device and all persons.

注意 !

依據 低功率電波輻射性電機管理辦法

4 Certifications

P-870HW-I1 User’s Guide

第十二條 經型式認證合格之低功率射頻電機，非經許可，公司、商號或使用

者均不得擅自變更頻率、加大功率或變更原設計之特性及功能。

第十四條 低功率射頻電機之使用不得影響飛航安全及干擾合法通信；經發現

有干擾現象時，應立即停用，並改善至無干擾時方得繼續使用。

前項合法通信，指依電信規定作業之無線電信。低功率射頻電機須忍
受合法通信或工業、科學及醫療用電波輻射性電機設備之干擾。

本機限在不干擾合法電臺與不受被干擾保障條件下於室內使用。
減少電磁波影響，請妥適使用。

Notices

Changes or modifications not expressly approved by the party responsible for compliance
could void the user's authority to operate the equipment.

This device has been designed for the WLAN 2.4 GHz and 5 GHz networks throughout the EC
region and Switzerland, with restrictions in France.

This device has been designed for the WLAN 2.4 GHz network throughout the EC region and
Switzerland, with restrictions in France.

This Class B digital apparatus complies with Canadian ICES-003.

Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada.

Viewing Certifications

1 Go to http://www.zyxel.com.

2 Select your product on the ZyXEL home page to go to that product's page.

3 Select the certification you wish to view from this page.

Certifications 5

P-870HW-I1 User’s Guide

For your safety, be sure to read and follow all warning notices and instructions.

• Do NOT use this product near water, for example, in a wet basement or near a swimming
pool.

• Do NOT expose your device to dampness, dust or corrosive liquids.

• Do NOT store things on the device.

• Do NOT install, use, or service this device during a thunderstorm. There is a remote risk
of electric shock from lightning.

• Connect ONLY suitable accessories to the device.

• Do NOT open the device or unit. Opening or removing covers can expose you to
dangerous high voltage points or other risks. ONLY qualified service personnel should
service or disassemble this device. Please contact your vendor for further information.

• Make sure to connect the cables to the correct ports.

• Place connecting cables carefully so that no one will step on them or stumble over them.

• Always disconnect all cables from this device before servicing or disassembling.

• Use ONLY an appropriate power adaptor or cord for your device.

• Connect the power adaptor or cord to the right supply voltage (for example, 110V AC in
North America or 230V AC in Europe).

• Do NOT allow anything to rest on the power adaptor or cord and do NOT place the
product where anyone can walk on the power adaptor or cord.

• Do NOT use the device if the power adaptor or cord is damaged as it might cause
electrocution.

• If the power adaptor or cord is damaged, remove it from the power outlet.

• Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a
new one.

• Do not use the device outside, and make sure all the connections are indoors. There is a
remote risk of electric shock from lightning.

• CAUTION: RISK OF EXPLOSION IF BATTERY (on the motherboard) IS REPLACED
BY AN INCORRECT TYPE. DISPOSE OF USED BATTERIES ACCORDING TO
THE INSTRUCTIONS. Dispose them at the applicable collection point for the recycling
of electrical and electronic equipment. For detailed information about recycling of this
product, please contact your local city office, your household waste disposal service or
the store where you purchased the product.

• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your
device.

• Use only No. 26 AWG (American Wire Gauge) or larger telecommunication line cord.

• Antenna Warning! This device meets ETSI and FCC certification requirements when
using the included antenna(s). Only use the included antenna(s).

Safety Warnings

6 Safety Warnings

This product is recyclable. Dispose of it properly.

P-870HW-I1 User’s Guide

Safety Warnings 7

P-870HW-I1 User’s Guide

ZyXEL warrants to the original end user (purchaser) that this product is free from any defects
in materials or workmanship for a period of up to two years from the date of purchase. During
the warranty period, and upon proof of purchase, should the product have indications of failure
due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the
defective products or components without charge for either parts or labor, and to whatever
extent it shall deem necessary to restore the product or components to proper operating
condition. Any replacement will consist of a new or re-manufactured functionally equivalent
product of equal or higher value, and will be solely at the discretion of ZyXEL. This warranty
shall not apply if the product has been modified, misused, tampered with, damaged by an act
of God, or subjected to abnormal working conditions.

Note

Repair or replacement, as provided under this warranty, is the exclusive remedy of the
purchaser. This warranty is in lieu of all other warranties, express or implied, including any
implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in
no event be held liable for indirect or consequential damages of any kind to the purchaser.

ZyXEL Limited Warranty

To obtain the services of this warranty, contact ZyXEL's Service Center for your Return
Material Authorization number (RMA). Products must be returned Postage Prepaid. It is
recommended that the unit be insured when shipped. Any returned products without proof of
purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of
ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products
will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty
gives you specific legal rights, and you may also have other rights that vary from country to
country.

Registration

Register your product online to receive e-mail notices of firmware upgrades and information
at www.zyxel.com for global products, or at www.us.zyxel.com for North American products.

8 ZyXEL Limited Warranty

P-870HW-I1 User’s Guide

Customer Support

Please have the following information ready when you contact customer support.

• Product model and serial number.

• Warranty Information.

• Date that you received your device.

• Brief description of the problem and the steps you took to solve it.

METHOD

LOCATION

CORPORATE
HEADQUARTERS
(WORLDWIDE)

COSTA RICA

CZECH REPUBLIC

DENMARK

FINLAND

FRANCE

GERMANY

HUNGARY

KAZAKHSTAN

NORTH AMERICA

SUPPORT E-MAIL TELEPHONE WEB SITE

SALES E-MAIL FAX FTP SITE

support@zyxel.com.tw +886-3-578-3942 www.zyxel.com

www.europe.zyxel.com

sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.com

ftp.europe.zyxel.com

soporte@zyxel.co.cr +506-2017878 www.zyxel.co.cr ZyXEL Costa Rica

sales@zyxel.co.cr +506-2015098 ftp.zyxel.co.cr

info@cz.zyxel.com +420-241-091-350 www.zyxel.cz ZyXEL Communications

info@cz.zyxel.com +420-241-091-359

support@zyxel.dk +45-39-55-07-00 www.zyxel.dk ZyXEL Communications A/S

sales@zyxel.dk +45-39-55-07-07

support@zyxel.fi +358-9-4780-8411 www.zyxel.fi ZyXEL Communications Oy

sales@zyxel.fi +358-9-4780 8448

info@zyxel.fr +33-4-72-52-97-97 www.zyxel.fr ZyXEL France

+33-4-72-52-19-20

support@zyxel.de +49-2405-6909-0 www.zyxel.de ZyXEL Deutschland GmbH.

sales@zyxel.de +49-2405-6909-99

support@zyxel.hu +36-1-3361649 www.zyxel.hu ZyXEL Hungary

info@zyxel.hu +36-1-3259100

http://zyxel.kz/support +7-3272-590-698 www.zyxel.kz ZyXEL Kazakhstan

sales@zyxel.kz +7-3272-590-689

support@zyxel.com 1-800-255-4101

+1-714-632-0882

sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com

www.us.zyxel.com ZyXEL Communications Inc.

REGULAR MAIL

ZyXEL Communications Corp.
6 Innovation Road II

Science Park
Hsinchu 300
Ta iw a n

Plaza Roble Escazú
Etapa El Patio, Tercer Piso
San José, Costa Rica

Czech s.r.o.
Modranská 621
143 01 Praha 4 - Modrany
Ceská Republika

Columbusvej
2860 Soeborg
Denmark

Malminkaari 10
00700 Helsinki
Finland

1 rue des Vergers
Bat. 1 / C
69760 Limonest
France

Adenauerstr. 20/A2 D-52146
Wuerselen
Germany

48, Zoldlomb Str.
H-1025, Budapest
Hungary

43, Dostyk ave.,Office 414
Dostyk Business Centre
050010, Almaty
Republic of Kazakhstan

1130 N. Miller St.
Anaheim
CA 92806-2001
U.S.A.

Customer Support 9

P-870HW-I1 User’s Guide

METHOD

LOCATION

NORWAY

POLAND

RUSSIA

SPAIN

SWEDEN

UKRAINE

UNITED KINGDOM

SUPPORT E-MAIL TELEPHONE WEB SITE

SALES E-MAIL FAX FTP SITE

support@zyxel.no +47-22-80-61-80 www.zyxel.no ZyXEL Communications A/S

sales@zyxel.no +47-22-80-61-81

info@pl.zyxel.com +48 (22) 333 8250 www.pl.zyxel.com ZyXEL Communications

+48 (22) 333 8251

http://zyxel.ru/support +7-095-542-89-29 www.zyxel.ru ZyXEL Russia

sales@zyxel.ru +7-095-542-89-25

support@zyxel.es +34-902-195-420 www.zyxel.es ZyXEL Communications

sales@zyxel.es +34-913-005-345

support@zyxel.se +46-31-744-7700 www.zyxel.se ZyXEL Communications A/S

sales@zyxel.se +46-31-744-7701

support@ua.zyxel.com +380-44-247-69-78 www.ua.zyxel.com ZyXEL Ukraine

sales@ua.zyxel.com +380-44-494-49-32

support@zyxel.co.uk +44-1344 303044

08707 555779 (UK only)

sales@zyxel.co.uk +44-1344 303034 ftp.zyxel.co.uk

www.zyxel.co.uk ZyXEL Communications UK

REGULAR MAIL

Nils Hansens vei 13
0667 Oslo
Norway

ul. Okrzei 1A
03-715 Warszawa
Poland

Ostrovityanova 37a Str.
Moscow, 117279
Russia

Arte, 21 5ª planta
28033 Madrid
Spain

Sjöporten 4, 41764 Göteborg
Sweden

13, Pimonenko Str.
Kiev, 04050
Ukraine

Ltd.,11 The Courtyard,
Eastern Road, Bracknell,
Berkshire, RG12 2XB,
United Kingdom (UK)

+” is the (prefix) number you enter to make an international telephone call.

10 Customer Support

P-870HW-I1 User’s Guide

Table of Contents

Copyright ..................................................................................................................3

Certifications ............................................................................................................4

Safety Warnings ....................................................................................................... 6

ZyXEL Limited Warranty.......................................................................................... 8

Customer Support.................................................................................................... 9

Table of Contents ................................................................................................... 11

List of Figures ........................................................................................................ 23

List of Tables .......................................................................................................... 31

Preface ....................................................................................................................37

Chapter 1

Getting To Know Your ZyXEL Device................................................................... 39

1.1 Introducing the ZyXEL Device ............................................................................39

1.2 Features .............................................................................................................39

1.2.1 Wireless Features .....................................................................................41

1.3 Application ..........................................................................................................42

1.3.1 Protected Internet Access .........................................................................42

1.3.2 Management Server .................................................................................43

1.4 LEDs ..................................................................................................................43

1.5 Splitters and Microfilters .....................................................................................44

1.5.1 Connecting a POTS Splitter ......................................................................44

1.5.2 Telephone Microfilters ...............................................................................45

Chapter 2

Introducing the Web Configurator........................................................................ 47

2.1 Web Configurator Overview ...............................................................................47

2.2 Accessing the Web Configurator ........................................................................47

2.3 Navigating the Web Configurator .......................................................................49

2.4 Resetting the ZyXEL Device ..............................................................................53

Chapter 3

Connection Wizard................................................................................................. 55

3.1 Main Wizard Screen ...........................................................................................55

Table of Contents 11

P-870HW-I1 User’s Guide

3.2 Welcome Screen ................................................................................................56

3.3 System Information Screen ................................................................................56

3.4 Wireless LAN Screen .........................................................................................57

3.5 Wireless Security Screens .................................................................................59

3.6 Auto-Detection Screen .......................................................................................66

3.7 ISP Parameters Screen .....................................................................................67

3.8 IP Address Type Screen ....................................................................................69

3.9 Static IP Address Settings Screen .....................................................................70

3.10 MAC Address Screen .......................................................................................72

3.11 Internet Configuration Screen ..........................................................................74

3.12 Auto-Detection Screen .....................................................................................74

3.13 Congratulations Screen ....................................................................................75

3.5.1 Wireless Security: None ...........................................................................59

3.5.2 Wireless Security: Basic Security Screen 1 ..............................................59

3.5.3 Wireless Security: Basic Security Screen 2 ..............................................60

3.5.4 Wireless Security: Auto .............................................................................61

3.5.5 Wireless Security: Extend (WPA-PSK) Security Screen 1 ........................62

3.5.6 Wireless Security: Extend (WPA-PSK) Security Screen 2 ........................63

3.5.7 Wireless Security: Extend (WPA2-PSK) Security Screen 1 ......................64

3.5.8 Wireless Security: Extend (WPA2-PSK) Security Screen 2 ......................66

3.7.1 ISP Parameters: Ethernet Screen ............................................................67

3.7.2 ISP Parameters: PPPoE Screen ..............................................................68

3.9.1 Static IP Address Settings: Ethernet Screen ............................................70

3.9.2 ISP Parameters: PPPoE Screen ..............................................................71

Chapter 4

Bandwidth Management Wizard ........................................................................... 77

4.1 Main Wizard Screen ...........................................................................................77

4.2 Welcome Screen ................................................................................................78

4.3 General Information Screen ...............................................................................79

4.4 Services Setup Screen .......................................................................................81

4.5 Priority Setup Screen .........................................................................................82

4.6 Congratulations Screen ......................................................................................83

Chapter 5

Status Screen ......................................................................................................... 85

5.1 Status Screen .....................................................................................................85

5.1.1 Status: BW MGMT Monitor .......................................................................87

5.1.2 Status: DHCP Table ..................................................................................88

5.1.3 Status: Packet Statistics ............................................................................89

5.1.4 Status: WLAN Station Status ....................................................................90

12 Table of Contents

P-870HW-I1 User’s Guide

Chapter 6

Wireless LAN .......................................................................................................... 93

6.1 Wireless Network Overview ...............................................................................93

6.2 Wireless Security Overview ...............................................................................94

6.2.1 SSID .........................................................................................................94

6.2.2 MAC Address Filter ...................................................................................94

6.2.3 User Authentication ..................................................................................94

6.2.4 Encryption .................................................................................................95

6.2.5 One-Touch Intelligent Security Technology (OTIST) .................................96

6.3 Wireless Performance Overview ........................................................................96

6.3.1 Quality of Service (QoS) ...........................................................................96

6.4 General Wireless LAN Screen ...........................................................................96

6.4.1 General Wireless LAN Screen: No Security .............................................97

6.4.2 General Wireless LAN Screen: Static WEP ..............................................98

6.4.3 General Wireless LAN Screen: WPA-PSK ...............................................99

6.4.4 General Wireless LAN Screen: WPA ......................................................100

6.4.5 General Wireless LAN Screen: 802.1x + Dynamic WEP ........................101

6.4.6 General Wireless LAN Screen: 802.1x + Static WEP .............................103

6.4.7 General Wireless LAN Screen: 802.1x + No WEP .................................104

6.4.8 General Wireless LAN Screen: WPA2-PSK ...........................................106

6.4.9 General Wireless LAN Screen: WPA2 ....................................................107

6.5 OTIST Screen ..................................................................................................108

6.5.1 Notes on OTIST ...................................................................................... 111

6.6 MAC Filter Screen ............................................................................................ 111

6.7 Advanced Wireless LAN Screen ...................................................................... 113

Chapter 7

WAN....................................................................................................................... 119

7.1 WAN Overview ................................................................................................119

7.1.1 Nailed-Up Connection (PPP) ..................................................................119

7.1.2 Metric ......................................................................................................119

7.2 Internet Connection Screens ............................................................................120

7.2.1 Internet Connection Screen: Ethernet ....................................................120

7.2.2 Internet Connection Screen: PPP over Ethernet (PPPoE) .....................121

7.3 Advanced WAN Screen ....................................................................................123

7.4 Traffic Redirect Screen .....................................................................................124

Chapter 8

LAN........................................................................................................................127

8.1 LAN Overview .................................................................................................127

8.1.1 IP Address and Subnet Mask .................................................................127

8.1.2 RIP Setup ...............................................................................................127

8.1.3 Multicast ..................................................................................................128

Table of Contents 13

P-870HW-I1 User’s Guide

8.2 LAN IP Screen .................................................................................................129

8.3 LAN IP Alias Screen .........................................................................................129

8.4 Advanced LAN Screen .....................................................................................131

Chapter 9

DHCP Server......................................................................................................... 133

9.1 DHCP Overview ...............................................................................................133

9.2 General DHCP Screen .....................................................................................134

9.3 Static DHCP Screen .........................................................................................135

9.4 Client List Screen .............................................................................................136

Chapter 10

NAT ........................................................................................................................137

10.1 NAT Overview ................................................................................................137

10.2 General NAT Screen ......................................................................................139

10.3 Port Forwarding Screen .................................................................................140

10.4 Trigger Port Screen ........................................................................................142

10.5 Address Mapping Screen ...............................................................................143

8.1.4 LAN IP Alias ............................................................................................128

10.1.1 Port Forwarding: Services and Port Numbers ......................................137

10.1.2 Trigger Port Forwarding ........................................................................138

10.1.2.1 Trigger Port Forwarding Example ...............................................138

10.1.2.2 Two Points To Remember About Trigger Ports ...........................139

10.3.1 Port Forwarding Edit Screen .................................................................141

10.5.1 Address Mapping Edit Screen ..............................................................144

Chapter 11

Firewalls................................................................................................................ 147

11.1 Firewall Overview ..........................................................................................147

11.1.1 Stateful Inspection Firewalls .................................................................147

11.1.2 About the ZyXEL Device Firewall .........................................................147

11.1.3 Firewall Rule Direction ..........................................................................148

11.1.4 Firewall Rule Logic ................................................................................149

11.1.4.1 Rule Checklist ..............................................................................149

11.1.4.2 Security Ramifications .................................................................149

11.1.5 Firewall Rule Services ..........................................................................149

11.1.6 DoS Thresholds ...................................................................................150

11.1.6.1 Threshold Values .........................................................................150

11.1.6.2 Half-Open Sessions .....................................................................150

11.1.6.3 TCP Maximum Incomplete and Blocking Time ............................151

11.2 Triangle Route ................................................................................................151

11.2.1 The “Triangle Route” Problem ...............................................................152

11.2.2 Solving the “Triangle Route” Problem ...................................................152

14 Table of Contents

P-870HW-I1 User’s Guide

11.3 Guidelines for Enhancing Security with Your Firewall ....................................153

11.3.1 Security In General ...............................................................................153

11.4 General Firewall Screen .................................................................................154

11.5 Firewall Rules Screen ....................................................................................155

11.5.1 Firewall Rule Edit Screen ......................................................................157

11.5.2 Customized Services Screen ................................................................160

11.5.3 Customized Service Edit Screen ..........................................................160

11.6 Anti-Probing Screen .......................................................................................161

11.7 Firewall Threshold Screen ..............................................................................162

Chapter 12

Content Filter........................................................................................................ 165

12.1 Content Filtering Overview .............................................................................165

12.2 Content Filtering Screens ...............................................................................165

12.2.1 Content Filter Screen ............................................................................165

12.2.2 Content Filter Schedule Screen ............................................................167

Chapter 13

Certificates............................................................................................................ 169

13.1 Certificates Overview .....................................................................................169

13.1.1 Advantages of Certificates ....................................................................170

13.1.2 Self-signed Certificates .........................................................................170

13.1.3 Certificate File Formats .........................................................................170

13.2 My Certificates Screen ...................................................................................170

13.3 Import My Certificate Screen ..........................................................................172

13.4 Create My Certificate Screen .........................................................................173

13.5 Edit My Certificates Screen ............................................................................176

13.6 Trusted CAs Screen .......................................................................................179

13.7 Import Trusted CA Screen ..............................................................................181

13.8 Edit Trusted CA Screen ..................................................................................181

13.9 Trusted Remote Hosts Screen .......................................................................184

13.10 Verifying a Trusted Remote Host’s Certificate ..............................................186

13.11 Import Trusted Remote Host Screen ............................................................186

13.12 Edit Trusted Remote Host Screen ................................................................187

13.13 Directory Servers Screen .............................................................................190

13.14 Edit Directory Server Screen ........................................................................191

Chapter 14

Static Route .......................................................................................................... 193

14.1 Static Route Overview ....................................................................................193

14.2 IP Static Route Screen ...................................................................................193

14.2.1 Edit IP Static Route Screen ..................................................................194

Table of Contents 15

P-870HW-I1 User’s Guide

Chapter 15

Bandwidth MGMT................................................................................................. 197

15.1 Bandwidth Management Overview ...............................................................197

15.2 Bandwidth Management Configuration Screen ..............................................199

15.3 Edit Bandwidth Management Rule Screen ....................................................202

15.4 Bandwidth Monitor .........................................................................................204

Chapter 16

Remote MGMT ...................................................................................................... 205

16.1 Remote Management Overview .....................................................................205

16.2 WWW Screen .................................................................................................208

16.3 Telnet Screen .................................................................................................210

16.4 FTP Screen ....................................................................................................210

16.5 SNMP Screen ................................................................................................ 211

16.6 DNS Screen ...................................................................................................213

16.7 Security Screen ..............................................................................................213

16.8 SSH Screen ...................................................................................................214

16.9 TR-069 ...........................................................................................................215

15.1.1 Priority-based Scheduler ......................................................................197

15.1.2 Bandwidth Management Priorities ........................................................197

15.1.3 Example: Unused and Unbudgeted Bandwidth ....................................198

15.1.4 Reserving Bandwidth for Other Applications ........................................198

15.1.5 Over Allotment of Bandwidth ................................................................199

16.1.1 Remote Management Limitations .........................................................205

16.1.2 Remote Management and NAT ............................................................206

16.1.3 System Timeout ....................................................................................206

16.1.4 SNMP ...................................................................................................206

16.1.4.1 Supported MIBs ..........................................................................207

16.1.4.2 SNMP Traps ................................................................................207

Chapter 17

UPnP...................................................................................................................... 217

17.1 Introducing Universal Plug and Play .............................................................217

17.1.1 How do I know if I'm using UPnP? ........................................................217

17.1.2 NAT Traversal .......................................................................................217

17.1.3 Cautions with UPnP ..............................................................................217

17.2 UPnP and ZyXEL ...........................................................................................218

17.3 UPnP Screen .................................................................................................218

17.4 Installing UPnP in Windows Example ............................................................219

17.5 Using UPnP in Windows XP Example ...........................................................222

16 Table of Contents

P-870HW-I1 User’s Guide

Chapter 18

System .................................................................................................................. 229

18.1 General Setup ................................................................................................229

18.1.1 General Setup and System Name ........................................................229

18.1.2 Dynamic DNS Overview ......................................................................229

18.1.2.1 DYNDNS Wildcard ......................................................................230

18.1.3 Resetting the Time ................................................................................230

18.2 General System Screen .................................................................................230

18.3 Dynamic DNS Screen ....................................................................................231

18.4 Time Setting Screen .......................................................................................233

Chapter 19

Logs ...................................................................................................................... 237

19.1 Logs Overview ..............................................................................................237

19.1.1 Alerts and Logs .....................................................................................237

19.2 View Log Screen ............................................................................................237

19.3 Log Settings Screen .......................................................................................238

Chapter 20

Tools ...................................................................................................................... 241

20.1 Firmware Upgrade .........................................................................................241

20.2 Configuration Screen .....................................................................................242

20.3 Restart Screen ...............................................................................................244

Chapter 21

Introducing the SMT ............................................................................................247

21.1 Accessing the SMT ........................................................................................247

21.2 SMT Menu Items ............................................................................................248

21.3 Navigating the SMT Interface .........................................................................251

Chapter 22

General Setup....................................................................................................... 253

22.1 General Setup ................................................................................................253

22.2 Configure Dynamic DNS ................................................................................254

22.3 Configure Dynamic DNS ................................................................................255

Chapter 23

WAN Setup............................................................................................................ 257

Chapter 24

LAN Setup............................................................................................................. 259

24.1 LAN Port Filter Setup .....................................................................................259

24.2 TCP/IP and DHCP Ethernet Setup ................................................................260

Table of Contents 17

P-870HW-I1 User’s Guide

24.3 IP Alias Setup .................................................................................................262

24.4 Wireless LAN Setup .......................................................................................263

24.5 WLAN MAC Address Filter .............................................................................265

Chapter 25

Internet Access Setup ......................................................................................... 267

Chapter 26

Remote Node Setup ............................................................................................. 269

26.1 Remote Node Profile ......................................................................................269

26.2 Remote Node Network Layer Options ...........................................................270

26.3 Remote Node Filter ........................................................................................272

26.4 Traffic Redirect Setup .....................................................................................273

Chapter 27

Static Routing Setup............................................................................................ 275

27.1 IP Static Route Setup .....................................................................................275

27.2 Edit IP Static Route ........................................................................................276

Chapter 28

Dial-in User Setup ................................................................................................ 277

28.1 Dial-in User Setup ..........................................................................................277

28.2 Edit Dial-in User .............................................................................................277

Chapter 29

NAT Setup ............................................................................................................. 279

29.1 Address Mapping Sets ...................................................................................279

29.2 Address Mapping Rules .................................................................................279

29.3 Address Mapping Rule ...................................................................................281

29.4 NAT Server Setup ..........................................................................................282

29.5 NAT Server Configuration ..............................................................................283

29.6 Trigger Port Setup ..........................................................................................284

Chapter 30

Filter Setup ........................................................................................................... 287

30.1 Introduction to Filters ......................................................................................287

30.1.1 The Filter Structure of the ZyXEL Device .............................................288

30.2 Configuring a Filter Set ..................................................................................289

30.2.1 Configuring a Filter Rule .......................................................................292

30.2.2 Configuring a TCP/IP Filter Rule ..........................................................292

30.2.3 Configuring a Generic Filter Rule .........................................................295

30.3 Example Filter ................................................................................................297

30.4 Filter Types and NAT ......................................................................................300

30.5 Firewall Versus Filters ....................................................................................300

18 Table of Contents

P-870HW-I1 User’s Guide

30.6 Applying a Filter ............................................................................................300

30.6.1 Applying LAN Filters .............................................................................300

30.6.2 Applying Remote Node Filters ..............................................................301

30.7 Remote Node Profile ......................................................................................301

Chapter 31

Firewall Setup....................................................................................................... 305

Chapter 32

SNMP Configuration ............................................................................................ 307

Chapter 33

System Security ................................................................................................... 309

33.1 Change Password ..........................................................................................309

33.2 RADIUS Server ..............................................................................................309

33.3 IEEE802.1x ....................................................................................................310

Chapter 34

System Maintenance 24.1 - 24.4 ......................................................................... 313

34.1 Status .............................................................................................................313

34.2 Information .....................................................................................................314

34.3 Change Console Port Speed ..........................................................................315

34.4 Syslog Logging ...............................................................................................316

34.5 Call-Triggering Packet ....................................................................................317

34.6 Diagnostic ......................................................................................................317

Chapter 35

System Maintenance 24.5 - 24.7 ......................................................................... 319

35.1 Filename Conventions ...................................................................................319

35.2 Backup Configuration .....................................................................................320

35.2.1 Backup Configuration Using FTP .........................................................320

35.2.2 Using the FTP command from the DOS Prompt ..................................321

35.2.3 Backup Configuration Using TFTP .......................................................322

35.2.4 Example: TFTP Command ...................................................................323

35.2.5 Backup Via Console Port ......................................................................323

35.3 Restore Configuration ...................................................................................324

35.3.1 Restore Using FTP ...............................................................................325

35.4 Uploading Firmware and Configuration Files .................................................325

35.4.1 Firmware Upload ..................................................................................326

35.4.2 Configuration File Upload .....................................................................326

35.4.3 Using the FTP command from the DOS Prompt Example ...................327

35.4.4 TFTP File Upload ..................................................................................328

35.4.5 Example: TFTP Command ...................................................................328

35.4.6 Uploading Via Console Port ..................................................................329

Table of Contents 19

P-870HW-I1 User’s Guide

Chapter 36

System Maintenance 24.8 - 24.11........................................................................ 333

36.1 Command Interpreter Mode ...........................................................................333

36.2 Budget Management ......................................................................................333

36.3 Call History .....................................................................................................334

36.4 Time and Date Setting ....................................................................................335

36.5 Remote Management Control ........................................................................337

Chapter 37

IP Routing Policy Setup....................................................................................... 339

37.1 Policy Route ..................................................................................................339

37.2 Benefits ..........................................................................................................339

37.3 Routing Policy ................................................................................................339

37.4 IP Routing Policy Summary ...........................................................................340

37.5 IP Routing Policy Setup .................................................................................341

37.6 IP Routing Policy Setup .................................................................................342

37.7 IP Policy Routing Example .............................................................................343

35.4.7 Uploading Firmware File Via Console Port ...........................................329

35.4.8 Example Xmodem Firmware Upload Using HyperTerminal ..................330

35.4.9 Uploading Configuration File Via Console Port ....................................330

35.4.10 Example Xmodem Configuration Upload Using HyperTerminal .........331

Chapter 38

Schedule Setup .................................................................................................... 347

38.1 Schedule Set Overview ..................................................................................347

38.2 Schedule Setup ..............................................................................................347

38.3 Schedule Set Setup .......................................................................................348

Chapter 39

Troubleshooting ................................................................................................... 351

39.1 Problems Starting Up the ZyXEL Device .......................................................351

39.2 Problems with the LAN ...................................................................................351

39.3 Problems with the WAN .................................................................................352

39.4 Problems Accessing the ZyXEL Device .........................................................353

39.4.1 Pop-up Windows, JavaScripts and Java Permissions ..........................353

39.4.1.1 Internet Explorer Pop-up Blockers ..............................................353

39.4.1.2 JavaScripts ..................................................................................356

39.4.1.3 Java Permissions ........................................................................358

39.4.2 ActiveX Controls in Internet Explorer ....................................................360

Appendix A

Product Specifications ........................................................................................ 363

20 Table of Contents

P-870HW-I1 User’s Guide

Appendix B

Setting up Your Computer’s IP Address............................................................ 365

Windows 95/98/Me................................................................................................. 365

Windows 2000/NT/XP ............................................................................................ 368

Macintosh OS X ..................................................................................................... 373

Linux....................................................................................................................... 375

Appendix C

NetBIOS Filter Commands .................................................................................. 379

Introduction ............................................................................................................ 379

Display NetBIOS Filter Settings ............................................................................. 379

NetBIOS Filter Configuration.................................................................................. 380

Appendix D

NAT........................................................................................................................ 381

NAT Overview ........................................................................................................ 381

NAT Definitions ...................................................................................................... 381

What NAT Does ..................................................................................................... 382

How NAT Works ..................................................................................................... 382

NAT Application...................................................................................................... 383

NAT Mapping Types............................................................................................... 383

NAT Types.............................................................................................................. 384

SUA (Single User Account) Versus NAT ................................................................ 389

SUA Server ............................................................................................................ 389

Appendix E

Firewall Commands ............................................................................................. 391

Appendix F

Log Descriptions.................................................................................................. 397

Log Commands...................................................................................................... 411

Log Command Example......................................................................................... 412

Appendix G

Boot Commands ..................................................................................................413

Appendix H

Internal SPTGEN .................................................................................................. 415

Internal SPTGEN Overview ................................................................................... 415

The Configuration Text File Format ........................................................................ 415

Internal SPTGEN FTP Download Example............................................................ 416

Internal SPTGEN FTP Upload Example ................................................................ 417

Table of Contents 21

P-870HW-I1 User’s Guide

Example Internal SPTGEN Menus......................................................................... 418

Appendix I

Services ................................................................................................................ 431

Index...................................................................................................................... 435

22 Table of Contents

P-870HW-I1 User’s Guide

List of Figures

Figure 1 Applications: Protected Internet Access ............................................................... 43

Figure 2 Applications: Management Server ........................................................................ 43

Figure 3 LEDs ..................................................................................................................... 43

Figure 4 Connecting a POTS Splitter .................................................................................. 45

Figure 5 Connecting a Microfilter ........................................................................................ 45

Figure 6 Login Screen ......................................................................................................... 48

Figure 7 Login: Change Password Screen ......................................................................... 48

Figure 8 Login: Replace Certificate Screen ........................................................................ 49

Figure 9 Login: Select Mode Screen ................................................................................... 49

Figure 10 Main Screen ........................................................................................................ 50

Figure 11 Main Wizard Screen ............................................................................................ 55

Figure 12 Connection Wizard: Welcome ............................................................................. 56

Figure 13 Connection Wizard: System Information ............................................................. 57

Figure 14 Connection Wizard: Wireless LAN ...................................................................... 58

Figure 15 Connection Wizard: Wireless Security: None ..................................................... 59

Figure 16 Connection Wizard: Wireless Security: Basic Security Screen 1 ........................ 60

Figure 17 Connection Wizard: Wireless Security: Basic Security Screen 2 ........................ 61

Figure 18 Connection Wizard: Wireless Security: Auto ...................................................... 62

Figure 19 Connection Wizard: Wireless Security: Extend (WPA-PSK) Security Screen 1 . 63

Figure 20 Connection Wizard: Wireless Security: Extend (WPA-PSK) Security Screen 2 . 64

Figure 21 Connection Wizard: Wireless Security: Extend (WPA2-PSK) Security Screen 1 65

Figure 22 Connection Wizard: Wireless Security: Extend (WPA2-PSK) Security Screen 2 66

Figure 23 Connection Wizard: Internet Connection: Auto-Detection .................................. 67

Figure 24 Connection Wizard: ISP Parameters: Ethernet ................................................... 68

Figure 25 Connection Wizard: ISP Parameters: PPPoE ..................................................... 69

Figure 26 Connection Wizard: IP Address Type ................................................................. 70

Figure 27 Connection Wizard: Static IP Address: Ethernet ................................................. 71

Figure 28 Connection Wizard: ISP Parameters: PPPoE ..................................................... 72

Figure 29 Connection Wizard: MAC Address ..................................................................... 73

Figure 30 Connection Wizard: Internet Configuration ......................................................... 74

Figure 31 Connection Wizard: OTIST: Start ........................................................................ 75

Figure 32 Connection Wizard: Congratulations .................................................................. 75

Figure 33 Main Wizard Screen ............................................................................................ 78

Figure 34 BWM Wizard: Welcome ...................................................................................... 79

Figure 35 BWM Wizard: General Information ..................................................................... 80

Figure 36 BWM Wizard: Services Setup ............................................................................. 81

Figure 37 BWM Wizard: Priority Setup ............................................................................... 83

Figure 38 BWM Wizard: Congratulations ............................................................................ 84

List of Figures 23

P-870HW-I1 User’s Guide

Figure 39 Status .................................................................................................................. 85

Figure 40 Status > BW MGMT Monitor ............................................................................... 88

Figure 41 Status > DHCP Table .......................................................................................... 89

Figure 42 Status > Packet Statistics .................................................................................... 89

Figure 43 Status > WLAN Station Status ............................................................................. 90

Figure 44 Example of a Wireless Network .......................................................................... 93

Figure 45 Network > Wireless LAN > General .................................................................... 97

Figure 46 Network > Wireless LAN > General > No Security ............................................. 98

Figure 47 Network > Wireless LAN > General > Static WEP .............................................. 98

Figure 48 Network > Wireless LAN > General > WPA-PSK ................................................ 99

Figure 49 Network > Wireless LAN > General > WPA ........................................................ 100

Figure 50 Network > Wireless LAN > General > 802.1x + Dynamic WEP .......................... 102

Figure 51 Network > Wireless LAN > General > 802.1x + Static WEP ............................... 103

Figure 52 Network > Wireless LAN > General > 802.1x + No WEP ................................... 105

Figure 53 Network > Wireless LAN > General > WPA2-PSK .............................................. 106

Figure 54 Network > Wireless LAN > General > WPA2 ...................................................... 107

Figure 55 Network > Wireless LAN > OTIST ...................................................................... 109

Figure 56 Example: Wireless Client OTIST Screen ............................................................ 110

Figure 57 OTIST: Settings ................................................................................................... 110

Figure 58 OTIST: In Progress on the ZyXEL Device ........................................................... 110

Figure 59 OTIST: In Progress on the Wireless Client ......................................................... 111

Figure 60 Start OTIST? ....................................................................................................... 111

Figure 61 Network > Wireless LAN > MAC Filter ................................................................ 112

Figure 62 Network > Wireless LAN > Advanced ................................................................. 113

Figure 63 Network > WAN > Internet Connection > Ethernet ............................................. 120

Figure 64 Network > WAN > Internet Connection > PPP over Ethernet ............................. 121

Figure 65 Network > WAN > Advanced .............................................................................. 123

Figure 66 Network > WAN > Traffic Redirect ...................................................................... 125

Figure 67 Example: IP Alias ................................................................................................ 129

Figure 68 Network > LAN > IP ............................................................................................ 129

Figure 69 Network > LAN > IP Alias ................................................................................... 130

Figure 70 Network > LAN > Advanced ................................................................................ 131

Figure 71 Network > DHCP Server > General .................................................................... 134

Figure 72 Network > DHCP Server > Static DHCP ............................................................. 135

Figure 73 Network > DHCP Server > Client List ................................................................. 136

Figure 74 Multiple Servers Behind NAT Example ............................................................... 137

Figure 75 Trigger Port Forwarding Process: Example ........................................................ 138

Figure 76 Network > NAT > General ................................................................................... 139

Figure 77 Network > NAT > Port Forwarding ...................................................................... 140

Figure 78 Network > NAT > Port Forwarding > Edit ............................................................ 141

Figure 79 Network > NAT > Trigger Port ............................................................................. 142

Figure 80 Network > NAT > Address Mapping .................................................................... 143

Figure 81 Network > NAT > Address Mapping > Edit ......................................................... 144

24 List of Figures

P-870HW-I1 User’s Guide

Figure 82 Ideal Firewall Setup ............................................................................................ 151

Figure 83 “Triangle Route” Problem .................................................................................... 152

Figure 84 IP Alias ................................................................................................................ 153

Figure 85 Security > Firewall > General .............................................................................. 154

Figure 86 Security > Firewall > Rules ................................................................................. 156

Figure 87 Security > Firewall > Rules > Edit ....................................................................... 158

Figure 88 Security > Firewall > Rules > Edit > Edit Customized Services .......................... 160

Figure 89 Security > Firewall > Rules > Edit > Edit Customized Services > Edit ................ 161

Figure 90 Security > Firewall > Anti Probing ....................................................................... 162

Figure 91 Security > Firewall > Threshold .......................................................................... 163

Figure 92 Security > Content Filter > Filter ......................................................................... 166

Figure 93 Security > Content Filter > Schedule .................................................................. 167

Figure 94 Security > Certificates > My Certificates ............................................................. 171

Figure 95 Security > Certificates > My Certificates > Import ............................................... 173

Figure 96 Security > Certificates > My Certificates > Create .............................................. 174

Figure 97 Security > Certificates > My Certificates > Create > In Progress ........................ 176

Figure 98 Security > Certificates > My Certificates > Create > Successful ......................... 176

Figure 99 Security > Certificates > My Certificates > Edit ................................................... 177

Figure 100 Security > Certificates > Trusted CAs ............................................................... 180

Figure 101 Security > Certificates > Trusted CAs > Import ................................................. 181

Figure 102 Security > Certificates > Trusted CAs > Edit ..................................................... 182

Figure 103 Security > Certificates > Trusted Remote Hosts ............................................... 185

Figure 104 Certificate Details .............................................................................................. 186

Figure 105 Security > Certificates > Trusted Remote Host > Import .................................. 187

Figure 106 Security > Certificates > Trusted Remote Hosts > Edit ..................................... 188

Figure 107 Security > Certificates > Directory Servers ....................................................... 190

Figure 108 Security > Certificates > Directory Servers > Edit ............................................. 191

Figure 109 Example of Static Routing Topology ................................................................. 193

Figure 110 Management > Static Route > IP Static Route .................................................. 194

Figure 111 Management > Static Route > IP Static Route > Edit ........................................ 195

Figure 112 Management > Bandwidth MGMT > Configuration ........................................... 200

Figure 113 Management > Bandwidth MGMT > Configuration > Edit ................................. 202

Figure 114 Management > Bandwidth MGMT > Monitor .................................................... 204

Figure 115 SNMP Management Model ............................................................................... 206

Figure 116 Management > Remote MGMT > WWW .......................................................... 209

Figure 117 Management > Remote MGMT > Telnet ........................................................... 210

Figure 118 Management > Remote MGMT > FTP .............................................................. 211

Figure 119 Management > Remote MGMT > SNMP .......................................................... 212

Figure 120 Management > Remote MGMT > DNS ............................................................. 213

Figure 121 Management > Remote MGMT > Security ....................................................... 213

Figure 122 Management > Remote MGMT > SSH ............................................................. 214

Figure 123 Enabling TR-069 .............................................................................................. 215

Figure 124 Management > UPnP ....................................................................................... 218

List of Figures 25

P-870HW-I1 User’s Guide

Figure 125 Add/Remove Programs: Windows Setup: Communication ............................... 219

Figure 126 Add/Remove Programs: Windows Setup: Communication: Components ........ 220

Figure 127 Network Connections ........................................................................................ 220

Figure 128 Windows Optional Networking Components Wizard ........................................ 221

Figure 129 Networking Services ......................................................................................... 221

Figure 130 Network Connections ........................................................................................ 222

Figure 131 Internet Connection Properties ........................................................................ 223

Figure 132 Internet Connection Properties: Advanced Settings ......................................... 224

Figure 133 Internet Connection Properties: Advanced Settings: Add ................................. 224

Figure 134 System Tray Icon .............................................................................................. 225

Figure 135 Internet Connection Status ................................................................................ 225

Figure 136 Network Connections ........................................................................................ 226

Figure 137 Network Connections: My Network Places ....................................................... 227

Figure 138 Network Connections: My Network Places: Properties: Example ..................... 227

Figure 139 Maintenance > System > General .................................................................... 230

Figure 140 Maintenance > System > Dynamic DNS ........................................................... 232

Figure 141 Maintenance > System > Time Setting ............................................................. 233

Figure 142 Maintenance > Logs > View Log ....................................................................... 237

Figure 143 Maintenance > Logs > Log Settings ................................................................. 239

Figure 144 Maintenance > Tools > Firmware ...................................................................... 241

Figure 145 Upload Firmware: In Progress .......................................................................... 242

Figure 146 Upload Firmware: Network Temporarily Disconnected ..................................... 242

Figure 147 Upload Firmware: Error ..................................................................................... 242

Figure 148 Maintenance > Tools > Configuration ............................................................... 243

Figure 149 Restore Configuration: Successful .................................................................... 244

Figure 150 Restore Configuration: Network Temporarily Disconnected ............................. 244

Figure 151 Restore Configuration: Error ............................................................................. 244

Figure 152 Restart Screen .................................................................................................. 245

Figure 153 Login Screen ..................................................................................................... 247

Figure 154 SMT Main Menu ................................................................................................ 248

Figure 155 Menu 1: General Setup ..................................................................................... 253

Figure 156 Menu 1.1: Configure Dynamic DNS .................................................................. 254

Figure 157 Menu 1.1.1: DDNS Edit Host ............................................................................ 255

Figure 158 Menu 2: WAN Setup ......................................................................................... 257

Figure 159 Menu 3.1: LAN Port Filter Setup ....................................................................... 259

Figure 160 Menu 3.2: TCP/IP and DHCP Ethernet Setup .................................................. 260

Figure 161 Menu 3.2.1: IP Alias Setup ............................................................................... 262

Figure 162 Menu 3.5: Wireless LAN Setup ......................................................................... 264

Figure 163 Menu 3.5.1: WLAN MAC Address Filter ........................................................... 265

Figure 164 Menu 4: Internet Access Setup ......................................................................... 267

Figure 165 Menu 11.1: Remote Node Profile ...................................................................... 269

Figure 166 Menu 11.1.2: Remote Node Network Layer Options ........................................ 271

Figure 167 Menu 11.1.4: Remote Node Filter ..................................................................... 273

26 List of Figures

P-870HW-I1 User’s Guide

Figure 168 Menu 11.1.5: Traffic Redirect Setup .................................................................. 274

Figure 169 Menu 12: IP Static Route Setup ........................................................................ 275

Figure 170 Menu 12.1: Edit IP Static Route ........................................................................ 276

Figure 171 Menu 14: Dial-in User Setup ............................................................................. 277

Figure 172 Menu 14.1: Edit Dial-in User ............................................................................. 278

Figure 173 Menu 15.1: Address Mapping Sets ................................................................... 279

Figure 174 Menu 15.1.1: Address Mapping Rules .............................................................. 280

Figure 175 Menu 15.1.1.1: Address Mapping Rule ............................................................. 281

Figure 176 Menu 15.2: NAT Server Setup .......................................................................... 283

Figure 177 Menu 15.2.1: NAT Server Configuration ........................................................... 284

Figure 178 Menu 15.3: Trigger Port Setup .......................................................................... 285

Figure 179 Outgoing Packet Filtering Process .................................................................... 287

Figure 180 Filter Rule Process ............................................................................................ 289

Figure 181 Menu 21: Filter and Firewall Setup ................................................................... 290

Figure 182 Menu 21.1: Filter Set Configuration .................................................................. 290

Figure 183 Menu 21.1.1: Filter Rules Summary ................................................................. 291

Figure 184 Menu 21.1.1.1 TCP/IP Filter Rule. .................................................................... 293

Figure 185 Executing an IP Filter ........................................................................................ 295

Figure 186 Menu 21.1.1.1 Generic Filter Rule .................................................................... 296

Figure 187 Telnet Filter Example ........................................................................................ 298

Figure 188 Example Filter: Menu 21.1.3.1 .......................................................................... 298

Figure 189 Example Filter Rules Summary: Menu 21.1.3 .................................................. 299

Figure 190 Protocol and Device Filter Sets ......................................................................... 300

Figure 191 Filtering LAN Traffic .......................................................................................... 301

Figure 192 Filtering Remote Node Traffic ........................................................................... 301

Figure 193 Menu 11.1: Remote Node Profile ...................................................................... 302

Figure 194 Menu 21.2: Firewall Setup ................................................................................ 305

Figure 195 Menu 22: SNMP Configuration ......................................................................... 307

Figure 196 Menu 23.1: System Security - Change Password ............................................ 309

Figure 197 Menu 23.2: System Security - RADIUS Server ................................................. 310

Figure 198 Menu 23.4: System Security - IEEE802.1x ....................................................... 311

Figure 199 Menu 24.1: System Maintenance - Status ........................................................ 313

Figure 200 Menu 24.2.1: System Maintenance - Information ............................................. 315

Figure 201 Menu 24.2.2: System Maintenance - Change Console Port Speed .................. 316

Figure 202 Menu 24.3.2: System Maintenance - Syslog Logging ....................................... 316

Figure 203 Menu 24.3.4: Call-Triggering Packet (Example) ............................................... 317

Figure 204 Menu 24.4: System Maintenance - Diagnostic ................................................. 318

Figure 205 Menu 24.5: Backup Configuration ..................................................................... 321

Figure 206 FTP Session Example ...................................................................................... 322

Figure 207 System Maintenance: Backup Configuration .................................................... 324

Figure 208 System Maintenance: Starting Xmodem Download Screen ............................. 324

Figure 209 Backup Configuration Example ......................................................................... 324

Figure 210 Successful Backup Confirmation Screen .......................................................... 324

List of Figures 27

P-870HW-I1 User’s Guide

Figure 211 Menu 24.6: Restore Configuration .................................................................... 325

Figure 212 Menu 24.7: System Maintenance - Upload Firmware ....................................... 325

Figure 213 Menu 24.7.1: System Maintenance - Upload System Firmware ....................... 326

Figure 214 Menu 24.7.2: System Maintenance - Upload System Configuration File .......... 327

Figure 215 FTP Session Example ...................................................................................... 328

Figure 216 Menu 24.7.1 as seen using the Console Port ................................................... 329

Figure 217 Example Xmodem Upload ................................................................................ 330

Figure 218 Menu 24.7.2 as seen using the Console Port .................................................. 331

Figure 219 Example Xmodem Upload ................................................................................ 331

Figure 220 Valid CI Commands .......................................................................................... 333

Figure 221 Menu 24.9.1: Budget Management ................................................................... 334

Figure 222 Menu 24.9.2: Call History .................................................................................. 335

Figure 223 Menu 24.10: Time and Date Setting ................................................................. 336

Figure 224 Menu 24.11: Remote Management Control ...................................................... 338

Figure 225 Menu 25: IP Routing Policy Summary .............................................................. 340

Figure 226 Menu 25.1: IP Routing Policy Setup ................................................................. 341

Figure 227 Menu 25.1.1: IP Routing Policy Setup .............................................................. 343

Figure 228 IP Routing Policy Example ................................................................................ 343

Figure 229 IP Routing Policy Example 1 ............................................................................. 344

Figure 230 IP Routing Policy Example 2 ............................................................................. 345

Figure 231 Menu 26: Schedule Setup ................................................................................. 348

Figure 232 Menu 26.1: Schedule Set Setup ....................................................................... 349

Figure 233 Pop-up Blocker ................................................................................................. 354

Figure 234 Internet Options ................................................................................................ 354

Figure 235 Internet Options ................................................................................................ 355

Figure 236 Pop-up Blocker Settings ................................................................................... 356

Figure 237 Internet Options ................................................................................................ 357

Figure 238 Security Settings - Java Scripting ..................................................................... 358

Figure 239 Security Settings - Java .................................................................................... 359

Figure 240 Java (Sun) ......................................................................................................... 360

Figure 241 Internet Options Security .................................................................................. 361

Figure 242 Security Setting ActiveX Controls ..................................................................... 362

Figure 243 Windows 95/98/Me: Network: Configuration ..................................................... 366

Figure 244 Windows 95/98/Me: TCP/IP Properties: IP Address ......................................... 367

Figure 245 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ............................ 368

Figure 246 Windows XP: Start Menu .................................................................................. 369

Figure 247 Windows XP: Control Panel .............................................................................. 369

Figure 248 Windows XP: Control Panel: Network Connections: Properties ....................... 370

Figure 249 Windows XP: Local Area Connection Properties .............................................. 370

Figure 250 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 371

Figure 251 Windows XP: Advanced TCP/IP Properties ...................................................... 372

Figure 252 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 373

Figure 253 Macintosh OS X: Apple Menu ........................................................................... 374

28 List of Figures

P-870HW-I1 User’s Guide

Figure 254 Macintosh OS X: Network ................................................................................. 374

Figure 255 Red Hat 9.0: KDE: Network Configuration: Devices ........................................ 375

Figure 256 Red Hat 9.0: KDE: Ethernet Device: General .................................................. 376

Figure 257 Red Hat 9.0: KDE: Network Configuration: DNS ............................................. 376

Figure 258 Red Hat 9.0: KDE: Network Configuration: Activate ........................................ 377

Figure 259 Red Hat 9.0: Dynamic IP Address Setting in ifconfig-eth0 ............................... 377

Figure 260 Red Hat 9.0: Static IP Address Setting in ifconfig-eth0 .................................. 378

Figure 261 Red Hat 9.0: DNS Settings in resolv.conf ...................................................... 378

Figure 262 Red Hat 9.0: Restart Ethernet Card ................................................................. 378

Figure 263 Red Hat 9.0: Checking TCP/IP Properties ....................................................... 378

Figure 264 How NAT Works ................................................................................................ 382

Figure 265 NAT Application With IP Alias ........................................................................... 383

Figure 266 Full Cone NAT Example .................................................................................... 386

Figure 267 Restricted Cone NAT Example ......................................................................... 387

Figure 268 Port Restricted Cone NAT Example .................................................................. 388

Figure 269 Symmetric NAT ................................................................................................. 389

Figure 270 Displaying Log Categories Example ................................................................. 411

Figure 271 Displaying Log Parameters Example ................................................................ 411

Figure 272 Option to Enter Debug Mode ............................................................................ 413

Figure 273 Boot Module Commands .................................................................................. 414

Figure 274 Configuration Text File Format: Column Descriptions ....................................... 415

Figure 275 Invalid Parameter Entered: Command Line Example ....................................... 416

Figure 276 Valid Parameter Entered: Command Line Example ......................................... 416

Figure 277 Internal SPTGEN FTP Download Example ...................................................... 417

Figure 278 Internal SPTGEN FTP Upload Example ........................................................... 417

List of Figures 29

P-870HW-I1 User’s Guide

30 List of Figures

P-870HW-I1 User’s Guide

List of Tables

Table 1 LEDs ...................................................................................................................... 44

Table 2 Web Configurator: Navigation Panel and Icons ..................................................... 50

Table 3 Main Wizard Screen .............................................................................................. 55

Table 4 Connection Wizard: Welcome ............................................................................... 56

Table 5 Connection Wizard: System Information ............................................................... 57

Table 6 Connection Wizard: Wireless LAN ........................................................................ 58

Table 7 Connection Wizard: Wireless Security: None ........................................................ 59

Table 8 Connection Wizard: Wireless Security: Basic Security Screen 1 .......................... 60

Table 9 Connection Wizard: Wireless Security: Basic Security Screen 2 .......................... 61

Table 10 Connection Wizard: Wireless Security: Auto ....................................................... 62

Table 11 Connection Wizard: Wireless Security: Extend (WPA-PSK) Security Screen 1 .. 63

Table 12 Connection Wizard: Wireless Security: Extend (WPA-PSK) Security Screen 2 .. 64

Table 13 Connection Wizard: Wireless Security: Extend (WPA2-PSK) Security Screen 1 65

Table 14 Connection Wizard: Wireless Security: Extend (WPA2-PSK) Security Screen 2 66

Table 15 Connection Wizard: ISP Parameters: Ethernet ................................................... 68

Table 16 Connection Wizard: ISP Parameters: PPPoE ..................................................... 69

Table 17 Connection Wizard: IP Address Type .................................................................. 70

Table 18 Connection Wizard: Static IP Address: Ethernet ................................................. 71

Table 19 Connection Wizard: ISP Parameters: PPPoE ..................................................... 72

Table 20 Connection Wizard: MAC Address ...................................................................... 73

Table 21 Connection Wizard: Internet Configuration .......................................................... 74

Table 22 Connection Wizard: Congratulations ................................................................... 75

Table 23 Main Wizard Screen ............................................................................................ 78

Table 24 BWM Wizard: Welcome ....................................................................................... 79

Table 25 BWM Wizard: General Information ...................................................................... 80

Table 26 BWM Wizard: Services Setup ............................................................................. 82

Table 27 BWM Wizard: Priority Setup ................................................................................ 83

Table 28 BWM Wizard: Congratulations ............................................................................ 84

Table 29 Status ................................................................................................................... 86

Table 30 Status > DHCP Table ........................................................................................... 89

Table 31 Status > Packet Statistics .................................................................................... 90

Table 32 Status > WLAN Station Status ............................................................................. 91

Table 33 Types of Encryption for Each Type of User Authentication ................................. 95

Table 34 Network > Wireless LAN > General ..................................................................... 97

Table 35 Network > Wireless LAN > General > No Security .............................................. 98

Table 36 Network > Wireless LAN > General > Static WEP ............................................... 99

Table 37 Network > Wireless LAN > General > WPA-PSK ................................................ 99

Table 38 Network > Wireless LAN > General > WPA ......................................................... 101

List of Tables 31

P-870HW-I1 User’s Guide

Table 39 Network > Wireless LAN > General > 802.1x + Dynamic WEP .......................... 102

Table 40 Network > Wireless LAN > General > 802.1x + Static WEP ................................ 104

Table 41 Network > Wireless LAN > General > 802.1x + No WEP .................................... 105

Table 42 Network > Wireless LAN > General > WPA2-PSK .............................................. 106

Table 43 Network > Wireless LAN > General > WPA2 ....................................................... 108

Table 44 Network > Wireless LAN > OTIST ....................................................................... 109

Table 45 Network > Wireless LAN > MAC Filter ................................................................ 112

Table 46 Network > Wireless LAN > Advanced ................................................................. 113

Table 47 Network > WAN > Internet Connection > Ethernet .............................................. 120

Table 48 Network > WAN > Internet Connection > PPP over Ethernet .............................. 122

Table 49 Network > WAN > Advanced ............................................................................... 123

Table 50 Network > WAN > Traffic Redirect ....................................................................... 125

Table 51 Network > LAN > IP ............................................................................................. 129

Table 52 Network > LAN > IP Alias .................................................................................... 130

Table 53 Network > LAN > Advanced ................................................................................ 132

Table 54 Example: Assigning IP Addresses from a Pool ................................................... 133

Table 55 Network > DHCP Server > General ..................................................................... 134

Table 56 DHCP Setup ........................................................................................................ 135

Table 57 Network > DHCP Server > Client List .................................................................. 136

Table 58 Network > NAT > General ................................................................................... 139

Table 59 Network > NAT > Port Forwarding ....................................................................... 140

Table 60 Network > NAT > Port Forwarding > Edit ............................................................ 141

Table 61 Network > NAT > Trigger Port ............................................................................. 142

Table 62 Network > NAT > Address Mapping .................................................................... 144

Table 63 Network > NAT > Address Mapping > Edit .......................................................... 145

Table 64 Security > Firewall > General .............................................................................. 155

Table 65 Security > Firewall > Rules .................................................................................. 156

Table 66 Security > Firewall > Rules > Edit ....................................................................... 159

Table 67 Security > Firewall > Rules > Edit > Edit Customized Services .......................... 160

Table 68 Security > Firewall > Rules > Edit > Edit Customized Services > Edit ................ 161

Table 69 Security > Firewall > Anti Probing ....................................................................... 162

Table 70 Security > Firewall > Threshold ........................................................................... 163

Table 71 Security > Content Filter > Filter .......................................................................... 166

Table 72 Security > Content Filter > Schedule ................................................................... 167

Table 73 Security > Certificates > My Certificates .............................................................. 171

Table 74 Security > Certificates > My Certificates > Import ............................................... 173

Table 75 Security > Certificates > My Certificates > Create ............................................... 174

Table 76 Security > Certificates > My Certificates > Edit ................................................... 177

Table 77 Security > Certificates > Trusted CAs .................................................................. 180

Table 78 Security > Certificates > Trusted CAs > Import ................................................... 181

Table 79 Security > Certificates > Trusted CAs > Edit ....................................................... 182

Table 80 Security > Certificates > Trusted Remote Hosts .................................................. 185

Table 81 Security > Certificates > Trusted Remote Host > Import ..................................... 187

32 List of Tables

P-870HW-I1 User’s Guide

Table 82 Security > Certificates > Trusted Remote Hosts > Edit ....................................... 188

Table 83 Security > Certificates > Directory Servers .......................................................... 190

Table 84 Security > Certificates > Directory Servers > Edit ............................................... 191

Table 85 Management > Static Route > IP Static Route .................................................... 194

Table 86 Management > Static Route > IP Static Route > Edit .......................................... 195

Table 87 Bandwidth Management Priorities ....................................................................... 197

Table 88 Example: Priority-based Allotment of Unused and Unbudgeted Bandwidth ........ 198

Table 89 Over Allotment of Bandwidth Example ................................................................ 199

Table 90 Management > Bandwidth MGMT > Configuration ............................................. 201

Table 91 Management > Bandwidth MGMT > Configuration > Edit ................................... 203

Table 92 SNMPv1 Traps .................................................................................................... 207

Table 93 SNMPv2 Traps .................................................................................................... 208

Table 94 SNMP Interface Index to Physical Port Mapping ................................................. 208

Table 95 Management > Remote MGMT > WWW ............................................................. 209

Table 96 Management > Remote MGMT > Telnet ............................................................. 210

Table 97 Management > Remote MGMT > FTP ................................................................ 211

Table 98 Management > Remote MGMT > SNMP ............................................................ 212

Table 99 Management > Remote MGMT > DNS ............................................................... 213

Table 100 Management > Remote MGMT > Security ........................................................ 214

Table 101 Management > Remote MGMT > SSH ............................................................. 215

Table 102 TR-069 Commands ........................................................................................... 216

Table 103 Configuring UPnP .............................................................................................. 218

Table 104 Maintenance > System > General ..................................................................... 230

Table 105 Maintenance > System > Dynamic DNS ........................................................... 232

Table 106 Maintenance > System > Time Setting .............................................................. 234

Table 107 Maintenance > Logs > View Log ....................................................................... 238

Table 108 Log Settings ....................................................................................................... 239

Table 109 Maintenance > Tools > Firmware ...................................................................... 241

Table 110 Maintenance > Tools > Configuration ................................................................ 243

Table 111 SMT Menus Overview ........................................................................................ 248

Table 112 Main Menu Commands ...................................................................................... 251

Table 113 Menu 1: General Setup ...................................................................................... 253

Table 114 Menu 1.1: Configure Dynamic DNS ................................................................... 254

Table 115 Menu 1.1.1: DDNS Edit Host ............................................................................. 255

Table 116 Menu 2: WAN Setup .......................................................................................... 257

Table 117 Menu 3.1: LAN Port Filter Setup ........................................................................ 259

Table 118 Menu 3.2: TCP/IP and DHCP Ethernet Setup ................................................... 260

Table 119 Menu 3.2.1: IP Alias Setup ................................................................................ 262

Table 120 Menu 3.5: Wireless LAN Setup ......................................................................... 264

Table 121 Menu 3.5.1: WLAN MAC Address Filter ............................................................ 265

Table 122 Menu 4: Internet Access Setup ......................................................................... 267

Table 123 Menu 11.1: Remote Node Profile ...................................................................... 269

Table 124 Menu 11.1.2: Remote Node Network Layer Options ......................................... 271

List of Tables 33

P-870HW-I1 User’s Guide

Table 125 Menu 11.1.4: Remote Node Filter ...................................................................... 273

Table 126 Menu 11.1.5: Traffic Redirect Setup .................................................................. 274

Table 127 Menu 12: IP Static Route Setup ........................................................................ 275

Table 128 Menu 12.1: Edit IP Static Route ......................................................................... 276

Table 129 Menu 14: Dial-in User Setup ............................................................................. 277

Table 130 Menu 14.1: Edit Dial-in User .............................................................................. 278

Table 131 Menu 15.1: Address Mapping Sets ................................................................... 279

Table 132 Menu 15.1.1: Address Mapping Rules .............................................................. 280

Table 133 Menu 15.1.1.1: Address Mapping Rule ............................................................. 282

Table 134 Menu 15.2: NAT Server Setup ........................................................................... 283

Table 135 Menu 15.2.1: NAT Server Configuration ............................................................ 284

Table 136 Menu 15.3: Trigger Port Setup .......................................................................... 285

Table 137 Abbreviations Used in the Filter Rules Summary Menu .................................... 291

Table 138 Rule Abbreviations Used ................................................................................... 291

Table 139 TCP/IP Filter Rule .............................................................................................. 293

Table 140 Generic Filter Rule Menu Fields ........................................................................ 297

Table 141 Menu 11.1: Remote Node Profile ...................................................................... 302

Table 142 Menu 22: SNMP Configuration .......................................................................... 307

Table 143 Menu 23.1: System Security - Change Password ............................................. 309

Table 144 Menu 23.2: System Security - RADIUS Server ................................................. 310

Table 145 Menu 23.4: System Security - IEEE802.1x ....................................................... 311

Table 146 Menu 24.1: System Maintenance - Status ......................................................... 313

Table 147 Menu 24.2.1: System Maintenance - Information .............................................. 315

Table 148 Menu 24.2.2: System Maintenance - Change Console Port Speed .................. 316

Table 149 Menu 24.3.2: System Maintenance - Syslog Logging ....................................... 316

Table 150 Menu 24.4: System Maintenance - Diagnostics ................................................ 318

Table 151 Filename Conventions ....................................................................................... 320

Table 152 General Commands for Third Party FTP Clients ............................................... 322

Table 153 General Commands for Third Party TFTP Clients ............................................. 323

Table 154 Menu 24.9.1: Budget Management ................................................................... 334

Table 155 Menu 24.9.2: Call History .................................................................................. 335

Table 156 Menu 24.10: Time and Date Setting .................................................................. 336

Table 157 Menu 24.11: Remote Management Control ....................................................... 338

Table 158 Menu 25: IP Routing Policy Summary ............................................................... 340

Table 159 Menu 25: IP Routing Policy Summary, Abbreviations ....................................... 340

Table 160 Menu 25.1: IP Routing Policy Setup .................................................................. 341

Table 161 Menu 25.1.1: IP Routing Policy Setup ............................................................... 343

Table 162 Menu 26: Schedule Setup ................................................................................. 348

Table 163 Menu 26.1: Schedule Set Setup ........................................................................ 349

Table 164 Troubleshooting Starting Up Your ZyXEL Device .............................................. 351

Table 165 Troubleshooting the LAN ................................................................................... 351

Table 166 Troubleshooting the WAN .................................................................................. 352

Table 167 Troubleshooting Accessing the ZyXEL Device .................................................. 353

34 List of Tables

P-870HW-I1 User’s Guide

Table 168 Device Specifications ......................................................................................... 363

Table 169 NetBIOS Filter Default Settings ......................................................................... 380

Table 170 NAT Definitions .................................................................................................. 381

Table 171 NAT Mapping Types .......................................................................................... 384

Table 172 NAT Types ......................................................................................................... 385

Table 173 Firewall Commands ........................................................................................... 391

Table 174 System Maintenance Logs ................................................................................ 397

Table 175 System Error Logs ............................................................................................. 398

Table 176 Access Control Logs .......................................................................................... 398

Table 177 TCP Reset Logs ................................................................................................ 399

Table 178 Packet Filter Logs .............................................................................................. 399

Table 179 ICMP Logs ......................................................................................................... 400

Table 180 CDR Logs .......................................................................................................... 400

Table 181 PPP Logs ........................................................................................................... 400

Table 182 UPnP Logs ........................................................................................................ 401

Table 183 Content Filtering Logs ....................................................................................... 401

Table 184 Attack Logs ........................................................................................................ 402

Table 185 IPSec Logs ........................................................................................................ 403

Table 186 IKE Logs ............................................................................................................403

Table 187 PKI Logs ............................................................................................................406

Table 188 Certificate Path Verification Failure Reason Codes ........................................... 407

Table 189 802.1X Logs ...................................................................................................... 408

Table 190 ACL Setting Notes ............................................................................................. 409

Table 191 ICMP Notes ....................................................................................................... 409

Table 192 Syslog Logs ....................................................................................................... 410

Table 193 RFC-2408 ISAKMP Payload Types ................................................................... 410

Table 194 Abbreviations Used in the Example Internal SPTGEN Screens Table .............. 418

Table 195 Menu 1 General Setup ...................................................................................... 418

Table 196 Menu 3 ............................................................................................................... 418

Table 197 Menu 4 Internet Access Setup .......................................................................... 422

Table 198 Menu 12 .............................................................................................................423

Table 199 Menu 15 SUA Server Setup .............................................................................. 424

Table 200 Menu 21.1 Filter Set #1 ..................................................................................... 425

Table 201 Menu 21.1 Filer Set #2 ...................................................................................... 427

Table 202 Menu 23 System Menus .................................................................................... 428

Table 203 Menu 24.11 Remote Management Control ........................................................ 429

Table 204 Examples of Services ........................................................................................ 431

List of Tables 35

P-870HW-I1 User’s Guide

36 List of Tables

P-870HW-I1 User’s Guide

Preface

Congratulations on your purchase of the P-870HW-I1 (“ZyXEL Device“) VDSL router with
built-in IEEE 802.11g wireless capability. This ZyXEL Device also has a 4-port hub that
allows you to connect up to 4 computers to the ZyXEL Device without purchasing a switch/
hub.

About This User's Guide

This manual is designed to guide you through the configuration of your ZyXEL Device for its
various applications. The web configurator parts of this guide contain background information
on features configurable by web configurator.

Note: Use the web configurator or command interpreter interface to configure your

ZyXEL Device. Not all features can be configured through all interfaces.

Syntax Conventions

• “Enter” means for you to type one or more characters. “Select” or “Choose” means for
you to use one of the predefined choices.

• Mouse action sequences are denoted using a right angle bracket (>). For example, “In
Windows, click Start > Settings > Control Panel” means first click the Start button,
then point your mouse pointer to Settings and then click Control Panel.

• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.

• The P-870HW-I1 may be referred to as the “ZyXEL Device” or the “device” in this
User’s Guide.

Related Documentation

• Supporting Disk

Refer to the included CD for support documents.

• Quick Start Guide

The Quick Start Guide is designed to help you get up and running right away. It contains
connection information and instructions on getting started.

• Web Configurator Online Help

Embedded web help for descriptions of individual screens and supplementary
information.

• ZyXEL Web Site

Please go to http://www.zyxel.com for product news, firmware, updated documents, and
other support materials.

Preface 37

P-870HW-I1 User’s Guide

User Guide Feedback

Help us help you. E-mail all User Guide-related comments, questions or suggestions for
improvement to techwriters@zyxel.com.tw or send regular mail to The Technical Writing
Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park,
Hsinchu, 300, Taiwan. Thank you.

Graphics Icons Key

ZyXEL Device Computer Notebook computer

Server DSLAM Firewall

Telephone Switch Router

Wireless Signal

38 Preface

Getting To Know Your ZyXEL

This chapter describes the key features and applications of your ZyXEL Device.

1.1 Introducing the ZyXEL Device

Your ZyXEL Device is a VDSL router that provides super high-speed Internet access through
a telephone line. The ZyXEL Device supports high bandwidth applications such as video
streaming, movies on demand, on-line gaming, video and Voice over IP (VoIP). The ZyXEL
Device also has a built-in switch that allows you to connect up to four network devices and a
built-in wireless network for additional devices.

P-870HW-I1 User’s Guide

CHAPTER 1

Device

Note: Actual speeds attained depend on the distance from your ISP, line quality, and

so on.

Note: Only use firmware for your ZyXEL Device’s specific model. Refer to the label on

the bottom of your ZyXEL Device.

1.2 Features

Triple-Play Service

The ZyXEL Device provides triple-play service for home users. Taking advantage of the
benefits of SIP and UPnP, the ZyXEL Device offers security and convenience in the transfer
of data, voice, and video.

High Speed Internet Access

The ZyXEL Device supports transmission speeds of up to 100 Mbps downstream and 50
Mbps upstream. Actual speeds attained depend on your ISP and how your ZyXEL Device is
configured.

Quality of Service (QoS)

The ZyXEL Device with Quality of Service features to ensure high quality delivery of Triple
Play Service using high-speed VDSL Internet access.

Chapter 1 Getting To Know Your ZyXEL Device 39

P-870HW-I1 User’s Guide

TR-069 Compliance

TR-069 is a protocol that defines how your ZyXEL Device can be managed via a management
server such as ZyXEL’s Vantage CNM Access. The management server can securely manage
and update configuration changes in ZyXEL Devices.

PPPoE (RFC2516)

PPPoE (Point-to-Point Protocol over Ethernet) emulates a dial-up connection. It allows your
ISP to use their existing network configuration with newer broadband technologies such as
VDSL. The PPPoE driver on the ZyXEL Device is transparent to the computers on the LAN,
which see only Ethernet and are not aware of PPPoE thus saving you from having to manage
PPPoE clients on individual computers. The ZyXEL Device also includes PPPoE idle time-out
(the PPPoE connection terminates after a period of no traffic that you configure) and PPPoE
Dial-on-Demand (the PPPoE connection is brought up only when an Internet access request is
made).

Network Address Translation (NAT)

Network Address Translation (NAT) allows the translation of an Internet protocol address
used within one network (for example a private IP address used in a local network) to a
different IP address known within another network (for example a public IP address used on
the Internet). This can provide security and IP management. Powered by ZyNOS NAT
technology, the ZyXEL Device supports NAT mapping, as well as most popular Internet
multimedia applications, such as NetMeeting, CuSeeMe, IP TV, Quick Time, Real Player
(RSP/RTSP), VoIP SIP ALG, and so on.

Firewall

The ZyXEL Device is a stateful inspection firewall with DoS (Denial of Service) protection.
By default, when the firewall is activated, all incoming traffic from the WAN to the LAN is
blocked unless it is initiated from the LAN. The ZyXEL Device firewall supports TCP/UDP
inspection, DoS detection and prevention, real time alerts, reports and logs.

Content Filtering

Content filtering allows you to block access to forbidden Internet web sites, schedule when the
ZyXEL Device should perform the filtering and give trusted LAN IP addresses unfiltered
Internet access.

Traffic Redirect

Traffic redirect forwards WAN traffic to a backup gateway when the ZyXEL Device cannot
connect to the Internet, thus acting as an auxiliary if your regular WAN connection fails.

40 Chapter 1 Getting To Know Your ZyXEL Device

P-870HW-I1 User’s Guide

Media Bandwidth Management

ZyXEL’s Media Bandwidth Management allows you to specify bandwidth classes based on an
application and/or subnet. You can allocate specific amounts of bandwidth capacity
(bandwidth budgets) to different bandwidth classes.

Universal Plug and Play (UPnP)

Using the standard TCP/IP protocol, the ZyXEL Device and other UPnP enabled devices can
dynamically join a network, obtain an IP address and convey its capabilities to other devices
on the network.

Dynamic DNS Support

With Dynamic DNS support, you can have a static hostname alias for a dynamic IP address,
allowing the host to be more easily accessible from various locations on the Internet. You must
register for this service with a Dynamic DNS service provider.

DHCP

DHCP (Dynamic Host Configuration Protocol) allows the individual clients (computers) to
obtain the TCP/IP configuration at start-up from a centralized DHCP server. The ZyXEL
Device has built-in DHCP server capability enabled by default. It can assign IP addresses, an
IP default gateway and DNS servers to DHCP clients. The ZyXEL Device can now also act as
a surrogate DHCP server (DHCP Relay) where it relays IP address assignment from the actual
real DHCP server to the clients.

IP Alias

IP Alias allows you to partition a physical network into logical networks over the same
Ethernet interface. The ZyXEL Device supports three logical LAN interfaces via its single
physical Ethernet interface with the ZyXEL Device itself as the gateway for each LAN
network.

4-Port Switch

A combination of switch and router makes your ZyXEL Device a cost-effective and viable
network solution. You can connect up to four computers to the ZyXEL Device without the
cost of a hub. Use a hub to add more than four computers to your LAN.

1.2.1 Wireless Features

Wireless LAN

The ZyXEL Device supports the IEEE 802.11g standard, which is fully compatible with the
IEEE 802.11b standard, meaning that you can have both IEEE 802.11b and IEEE 802.11g
wireless clients in the same wireless network.

Chapter 1 Getting To Know Your ZyXEL Device 41

P-870HW-I1 User’s Guide

Note: The ZyXEL Device may be prone to RF (Radio Frequency) interference from

other 2.4 GHz devices such as microwave ovens, wireless phones, Bluetooth
enabled devices, and other wireless LANs.

Wi-Fi Protected Access and WPA2

Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specification standard.
Key differences between WPA and WEP are user authentication and improved data
encryption. WPA 2 (IEEE 802.11i) is a wireless security standard that defines stronger
encryption, authentication and key management than WPA.

Both WPA and WPA2 improve data encryption by using Temporal Key Integrity Protocol
(TKIP), Message Integrity Check (MIC) and IEEE 802.1x. In addition to TKIP, WPA2 also
uses Advanced Encryption Standard (AES) in the Counter mode with Cipher block chaining
Message authentication code Protocol (CCMP) to offer stronger encryption.

Antenna

The ZyXEL Device is equipped with one 2-dBi fixed antenna to provide clear radio signal
between the wireless stations and the access points.

Output Power Management

Output power management is the ability to set the level of output power. There may be
interference or difficulty with channel assignment when there is a high density of APs within a
coverage area. In this case, you can lower the output power of each access point, thus enabling
you to place access points closer together.

Wireless LAN MAC Address Filtering

Your ZyXEL Device can check the MAC addresses of wireless stations against a list of
allowed or denied MAC addresses.

1.3 Application

The ZyXEL Device is the ideal high-speed Internet access solution. In addition, the ZyXEL
Device allows wireless clients access to your network resources.

1.3.1 Protected Internet Access

The ZyXEL Device provides protection from attacks by Internet hackers. By default, the
firewall blocks all incoming traffic from the WAN. The firewall supports TCP/UDP
inspection and DoS (Denial of Services) detection and prevention, as well as real time alerts,
reports and logs.

42 Chapter 1 Getting To Know Your ZyXEL Device

Figure 1 Applications: Protected Internet Access

1.3.2 Management Server

Your ZyXEL Device can be managed via a management server such as ZyXEL’s Vantage
CNM Access. The management server can securely manage and update configuration changes
for you.

P-870HW-I1 User’s Guide

Figure 2 Applications: Management Server

1.4 LEDs

The following figure shows the LEDs.

Figure 3 LEDs

Chapter 1 Getting To Know Your ZyXEL Device 43

P-870HW-I1 User’s Guide

The following table describes the LEDs.

Table 1 LEDs

LED COLOR STATUS DESCRIPTION

PWR/SYS Green On The ZyXEL Device is receiving power and functioning

LAN (1-4) Green On The ZyXEL Device has a good Ethernet connection.

WLAN/
OTIST

DSL Green On The DSL line is up.

INTERNET Green On The Internet connection is up.

properly.

Blinking The ZyXEL Device is rebooting or performing diagnostics.

Red On Power to the ZyXEL Device is too low, or there is a hardware

error.

Off The system is not ready or has malfunctioned.

Blinking The ZyXEL Device is sending or receiving data.

Off The LAN is not connected.

Green On The ZyXEL Device is ready but is not sending or receiving

data through the wireless LAN.

Blinking The ZyXEL Device is sending or receiving data through the

wireless LAN.

Amber Blinking The ZyXEL Device is using ZyXEL’s One-Touch Intelligent

Security Technology (OTIST).

Off The wireless LAN is not ready or has failed.

Blinking If the ZyXEL Device blinks slowly, it is trying to detect a carrier

signal. If the ZyXEL Device blinks quickly, it is trying to train.

Off The DSL line is down.

Blinking The ZyXEL Device is sending or receiving data.

Red On The ZyXEL Device tried and failed to get an IP address.

Off The Internet connection is down.

1.5 Splitters and Microfilters

This section describes how to connect VDSL splitters and microfilters. See your Quick Start
Guide for details on other hardware connections.

1.5.1 Connecting a POTS Splitter

You can use a POTS (Plain Old Telephone Service) splitter to separate the telephone and
VDSL signals. This allows simultaneous Internet access and telephone service on the same
line. A splitter also eliminates the destructive interference conditions caused by telephone sets.

Install the POTS splitter at the point where the telephone line enters your residence, as shown
in the following figure.

44 Chapter 1 Getting To Know Your ZyXEL Device

Figure 4 Connecting a POTS Splitter

1 Connect the side labeled “Phone” to your telephone.

2 Connect the side labeled “Modem” or “DSL” to your ZyXEL Device.

3 Connect the side labeled “Line” to the telephone wall jack.

1.5.2 Telephone Microfilters

P-870HW-I1 User’s Guide

Telephone voice transmissions take place in the lower frequency range, 0-4 KHz, while VDSL
transmissions take place in the higher bandwidth range, above 4KHz. A microfilter acts as a
low-pass filter, for your telephone, to ensure that VDSL transmissions do not interfere with
your telephone voice transmissions. The use of a telephone microfilter is optional.

1 Locate and disconnect each telephone.

2 Connect a cable from the wall jack to the “wall side” of the microfilter.

3 Connect the “phone side” of the microfilter to your telephone as shown in the following

figure.

4 After you are done, make sure that your telephone works. If your telephone does not

work, disconnect the microfilter and contact either your local telephone company or the
provider of the microfilter.

Figure 5 Connecting a Microfilter

Chapter 1 Getting To Know Your ZyXEL Device 45

P-870HW-I1 User’s Guide

46 Chapter 1 Getting To Know Your ZyXEL Device

Introducing the Web

This chapter describes how to access and navigate the web configurator.

2.1 Web Configurator Overview

The web configurator is an HTML-based management interface that allows easy ZyXEL
Device setup and management via Internet browser. Use Internet Explorer 6.0 and later or
Netscape Navigator 7.0 and later versions. The recommended screen resolution is 1024 by 768
pixels.

P-870HW-I1 User’s Guide

CHAPTER 2

Configurator

In order to use the web configurator you need to allow:

• Web browser pop-up windows from your device. Web pop-up blocking is enabled by
default in Windows XP SP (Service Pack) 2.

• JavaScripts (enabled by default).

• Java permissions (enabled by default).

See Chapter 39 on page 351 if you need to make sure these functions are allowed in Internet
Explorer.

2.2 Accessing the Web Configurator

Note: Even though you can connect to the ZyXEL Device wirelessly, it is

recommended that you connect your computer to a LAN port for initial
configuration.

1 Follow the directions in the Quick Start Guide to set up your ZyXEL Device and to

connect your computer.

2 Launch your web browser, and go to http://192.168.1.1.. The following screen appears.

Chapter 2 Introducing the Web Configurator 47

P-870HW-I1 User’s Guide

Figure 6 Login Screen

3 The Password field may already contain the default password 1234. If it does not, enter

it. Click Login. The following screen appears.

Figure 7 Login: Change Password Screen

4 Follow the directions to change your password, or click Cancel to keep the default

password. If you do not change your password, this screen appears the next time you log
in.

Note: For security reasons, it is highly recommended that you change the password.

You can change it here, or you can see Chapter 18 on page 229.

Afterwards, the following screen appears.

48 Chapter 2 Introducing the Web Configurator

P-870HW-I1 User’s Guide

Figure 8 Login: Replace Certificate Screen

5 Follow the directions in this screen. If you click Ignore, this screen appears the next time

you log in. Afterwards, the following screen appears.

Figure 9 Login: Select Mode Screen

6 Select Go to Wizard setup to use the wizards. See Chapter 3 on page 55 and Chapter 4

on page 77. Select Go to Advanced setup to open the main screen. See Section 2.3 on
page 49.

Note: By default, the web configurator automatically times out in five minutes. Simply

log back into the ZyXEL Device if this happens to you. You can change this
setting; see Chapter 18 on page 229.

2.3 Navigating the Web Configurator

The main screen is shown below. Your screen may be different, depending on the size of your
browser window, resolution, and so on.

Chapter 2 Introducing the Web Configurator 49

P-870HW-I1 User’s Guide

Figure 10 Main Screen

Note: Click the icon (located in the upper right corner of most screens) to view

embedded help.

The panel on the left side is the navigation panel. You can use this panel to open various
screens in the web configurator.

The following table describes the icons in the upper right corner and the menu items in the
navigation panel.

Table 2 Web Configurator: Navigation Panel and Icons

LINK/ICON SUB-LINK FUNCTION

Wizard INTERNET/

WIRELESS
SETUP

BANDWIDTH
MANAGEMENT
SETUP

About Click this icon to see the name of the device and copyright

Logout Click this icon to exit the web configurator.

Status This screen shows the ZyXEL Device’s general device, system

Network

Use these screens to set up a basic wireless network and your
Internet connection.

Use these screens to set the priority of various applications, in
case there is not enough bandwidth for all of them.

information.

and interface status information. You can also look at various
statistics.

50 Chapter 2 Introducing the Web Configurator

P-870HW-I1 User’s Guide

Table 2 Web Configurator: Navigation Panel and Icons (continued)

LINK/ICON SUB-LINK FUNCTION

Wireless LAN General Use this screen to configure basic wireless settings and

wireless security.

OTIST Use this screen to activate ZyXEL’s One-Touch Intelligent

Security Technology (OTIST), which assigns the ZyXEL
Device’s wireless security settings to OTIST-compatible
wireless devices.

MAC Filter Use this screen to block or allow other devices to access the

ZyXEL Device.

Advanced Use this screen to set up roaming and other advanced wireless

WAN Internet

Connection

Advanced Use this screen to set up DNS servers, RIP, multicasting, and

Traffic Redirect Use this screen to set up a backup router, if you have one, in

LAN IP Use this screen to set up the LAN IP address.

IP Alias

Advanced

DHCP Server General Use this screen to configure the ZyXEL Device’s DHCP server,

Static DHCP

Client List

NAT General Use this screen to enable NAT.

Port Forwarding Use this screen to configure servers behind the ZyXEL Device.

Trigger Port

Address Mapping Use this screen to configure network address translation

Security

Firewall General Use this screen to activate/deactivate the firewall and the

Rules This screen shows a summary of the firewall rules, and allows

Anti Probing Use this screen to change your anti-probing settings.

Threshold Use this screen to configure the threshold for DoS attacks.

Content Filter Filter Use this screen to block sites containing certain keywords in the

Schedule Use this screen to set the days and times for the ZyXEL Device

settings.

Use this screen to configure ISP parameters, the WAN IP
address, and the WAN MAC address.

other advanced settings.

case the ZyXEL Devicecannot access the Internet.

Use this screen to partition your LAN interface into subnets.

Use this screen to set up RIP, multicasting, and other advanced
settings.

which assigns IP addresses and provides DNS server
information to other computers on the LAN or WLAN.

Use this screen to assign the same IP address to a computer
on the LAN or WLAN.

Use this screen to look at the IP addresses of computers that
have connected to the ZyXEL Device since the DHCP server
was enabled.

Use this screen to change your ZyXEL Device’s port triggering
settings.

mapping rules.

direction of network traffic to which to apply the rule.

you to edit/add a firewall rule.

URL.

to perform content filtering.

Chapter 2 Introducing the Web Configurator 51

P-870HW-I1 User’s Guide

Table 2 Web Configurator: Navigation Panel and Icons (continued)

LINK/ICON SUB-LINK FUNCTION

Certificates My Certificates Use this screen to add, modify, or remove the ZyXEL Device’s

Management

Static Route IP Static Route Use this screen to configure IP static routes.

Bandwidth
MGMT

Remote MGMT

UPnP General Use this screen to enable UPnP on the ZyXEL Device.

Maintenance

System General This screen contains administrative and system-related

Logs View Log Use this screen to view the logs for the categories that you

Tools Firmware Use this screen to upload firmware to your ZyXEL Device.

current certificates.

Trusted CAs Use this screen to add, modify, or remove certificates for other

computers.

Trusted Remote
Hosts

Directory Servers Use this screen to add, modify, or remove certificates for

Configuration Use this screen to set the priority of and to limit the amount of

Monitor Use this screen to view the ZyXEL Device’s bandwidth usage

WWW Use this screen to configure through which interface(s) and

Te ln e t Use this screen to configure through which interface(s) and

FTP Use this screen to configure through which interface(s) and

SNMP Use this screen to configure your ZyXEL Device’s settings for

DNS Use this screen to configure through which interface(s) and

Security Use this screen to change your anti-probing settings.

SSH Use this screen to configure through which interface(s) and

Dynamic DNS Use this screen to set up dynamic DNS.

Time Setting Use this screen to change your ZyXEL Device’s time and date.

Log Settings Use this screen to change your ZyXEL Device’s log settings.

Configuration Use this screen to backup and restore the configuration or reset

Restart This screen allows you to reboot the ZyXEL Device without

Use this screen to add, modify, or remove certificates for other
computers.

directory servers.

bandwidth used by various applications.

and allotments.

from which IP address(es) users can use HTTPS or HTTP to
manage the ZyXEL Device.

from which IP address(es) users can use Telnet to manage the
ZyXEL Device.

from which IP address(es) users can use FTP to access the
ZyXEL Device.

Simple Network Management Protocol management.

from which IP address(es) users can send DNS queries to the
ZyXEL Device.

from which IP address(es) users can use SSH to access the
ZyXEL Device.

information and also allows you to change your password.

selected.

the factory defaults to your ZyXEL Device.

turning the power off.

52 Chapter 2 Introducing the Web Configurator

2.4 Resetting the ZyXEL Device

Reset the ZyXEL Device in the following situations:

• You forgot your password.

• You cannot access the device using the web configurator or SMT. Check
Troubleshooting to make sure you cannot access the device anymore.

If you reset the ZyXEL Device, you lose all of the changes you have made. The ZyXEL
Device re-loads its default settings, and the password resets to “1234”. You have to make all
of your changes again.

Note: You will lose all of your changes when you push the RESET button.

To reset the ZyXEL Device,

1 Make sure the PWR/SYS light is on and not blinking.

Press and hold the RESET button until the PWR/SYS light begins to blink. (The

2

WLAN/OTIST light might start blinking first. Wait until the PWR/SYS light starts
blinking.) The default settings have been restored, and the ZyXEL Device begins to
restart.

P-870HW-I1 User’s Guide

If the ZyXEL Device restarts automatically, wait for the ZyXEL Device to finish restarting,
and log in to the web configurator. The password is 1234. You have finished.

If the ZyXEL Device does not restart automatically,
power. Then, follow the directions above again.

disconnect and reconnect the Prestige’s

Chapter 2 Introducing the Web Configurator 53

P-870HW-I1 User’s Guide

54 Chapter 2 Introducing the Web Configurator

This chapter provides information on the Wizard Setup screens for wireless settings and
Internet access in the web configurator.

3.1 Main Wizard Screen

Use this screen to select which wizard you want to run.

Figure 11 Main Wizard Screen

P-870HW-I1 User’s Guide

CHAPTER 3

Connection Wizard

The following table describes the labels in this screen.

Table 3 Main Wizard Screen

LABEL DESCRIPTION

Connection
Wizard

Bandwidth
Management
Wizard

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

Chapter 3 Connection Wizard 55

Select this to set up a basic wireless network and your Internet connection.

Select this to set the priority of various applications, in case there is not enough
bandwidth for all of them.

P-870HW-I1 User’s Guide

3.2 Welcome Screen

Use this screen to look at a preview of the Connection Wizard.

Figure 12 Connection Wizard: Welcome

The following table describes the labels in this screen.

Table 4 Connection Wizard: Welcome

LABEL DESCRIPTION

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

3.3 System Information Screen

Use this screen to set up the system name and domain name for your ZyXEL Device.

56 Chapter 3 Connection Wizard

Figure 13 Connection Wizard: System Information

The following table describes the labels in this screen.

P-870HW-I1 User’s Guide

Table 5 Connection Wizard: System Information

LABEL DESCRIPTION

System Name Choose a descriptive name for identification purposes. It is recommended you enter

your computer’s “Computer name” in this field. This name can be up to 30
alphanumeric characters long. Spaces are not allowed, but dashes “-” and
underscores "_" are accepted.

Domain Name Enter the domain name (if you know it) here. If you leave this field blank, the ISP

may assign a domain name via DHCP. The domain name entered by you is given
priority over the ISP assigned domain name.

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

3.4 Wireless LAN Screen

Use this screen to set up the basic settings for your wireless network.

Chapter 3 Connection Wizard 57

P-870HW-I1 User’s Guide

Figure 14 Connection Wizard: Wireless LAN

The following table describes the labels in this screen.

Table 6 Connection Wizard: Wireless LAN

LABEL DESCRIPTION

Name(SSID) The Service Set IDentity (SSID) is the name of the wireless network. Every wireless

client in the same wireless network must use the same SSID. Enter this value as
indicated.

Channel
Selection

Security Select the strongest level that all the computers in your wireless network support.

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

Like radio stations or television channels, each wireless network uses a specific
channel, or frequency, to send and receive information. If there are other wireless
networks in the area, select a channel at least five channels away from the other
wireless networks.

From weakest to strongest, the security levels are

•None

• Basic (WEP)

• Auto or Extend (WPA-PSK). Select Auto if you want the ZyXEL Device to
generate a pre-shared key for your wireless network. Select Extend if you want
to set up a specific pre-shared key for your wireless network (for example, if your
wireless network already uses a specific pre-shared key).

• Extend (WPA2-PSK)

If you want to use ZyXEL’s One-Touch Intelligent Security Technology (OTIST), you
can select any level except Extend(WPA2-PSK), but it is simpler to select Auto.

58 Chapter 3 Connection Wizard

3.5 Wireless Security Screens

The next screens depend on which type of Security you select in the previous screen.

3.5.1 Wireless Security: None

Use this screen to enable OTIST for your wireless network.

Figure 15 Connection Wizard: Wireless Security: None

P-870HW-I1 User’s Guide

The following table describes the labels in this screen.

Table 7 Connection Wizard: Wireless Security: None

LABEL DESCRIPTION

Do you want to
enable OTIST?

Setup Key Type a key (password) 8 ASCII characters long.

Select Yes if you want to set up OTIST security. If you set up OTIST, your wireless
network uses WPA-PSK security, not the security you selected and set up in the
previous screen(s). See Section 6.5 on page 108 for more information about setting
up OTIST.

Note: You must set up the same OTIST key on the wireless clients

too.

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

3.5.2 Wireless Security: Basic Security Screen 1

Use this screen to set up the WEP key(s) for your wireless network.

Chapter 3 Connection Wizard 59

P-870HW-I1 User’s Guide

Figure 16 Connection Wizard: Wireless Security: Basic Security Screen 1

The following table describes the labels in this screen.

Table 8 Connection Wizard: Wireless Security: Basic Security Screen 1

LABEL DESCRIPTION

WEP Key Enter the key you want to use. You can enter the key using printable ASCII

characters or hexadecimal (0-9, A-F, a-f) characters. The ZyXEL Device and the
wireless stations must use the same WEP key.

If you want to use a 64-bit WEP key, enter 5 printable ASCII characters or 10
hexadecimal characters.

If you want to use a 128-bit WEP key, enter 13 printable ASCII characters or 26
hexadecimal characters. A 128-bit WEP key is more secure than a 64-bit WEP key.

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

3.5.3 Wireless Security: Basic Security Screen 2

Use this screen to enable OTIST for your wireless network.

60 Chapter 3 Connection Wizard

P-870HW-I1 User’s Guide

Figure 17 Connection Wizard: Wireless Security: Basic Security Screen 2

The following table describes the labels in this screen.

Table 9 Connection Wizard: Wireless Security: Basic Security Screen 2

LABEL DESCRIPTION

Do you want to
enable OTIST?

Setup Key Type a key (password) 8 ASCII characters long.

Select Yes if you want to set up OTIST security. If you set up OTIST, your wireless
network uses WPA-PSK security, not the security you selected and set up in the
previous screen(s). See Section 6.5 on page 108 for more information about setting
up OTIST.

Note: You must set up the same OTIST key on the wireless clients

too.

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

3.5.4 Wireless Security: Auto

Use this screen to enable OTIST for your wireless network.

Chapter 3 Connection Wizard 61

P-870HW-I1 User’s Guide

Figure 18 Connection Wizard: Wireless Security: Auto

The following table describes the labels in this screen.

Table 10 Connection Wizard: Wireless Security: Auto

LABEL DESCRIPTION

Do you want to
enable OTIST?

Setup Key Type a key (password) 8 ASCII characters long.

Select Yes if you want to set up OTIST security. If you set up OTIST, your wireless
network uses WPA-PSK security, not the security you selected and set up in the
previous screen(s). See Section 6.5 on page 108 for more information about setting
up OTIST.

Note: You must set up the same OTIST key on the wireless clients

too.

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

3.5.5 Wireless Security: Extend (WPA-PSK) Security Screen 1

Use this screen to set up the WPA pre-shared key for your wireless network.

62 Chapter 3 Connection Wizard

P-870HW-I1 User’s Guide

Figure 19 Connection Wizard: Wireless Security: Extend (WPA-PSK) Security Screen 1

The following table describes the labels in this screen.

Table 11 Connection Wizard: Wireless Security: Extend (WPA-PSK) Security Screen 1

LABEL DESCRIPTION

Pre-Shared Key Type a pre-shared key from 8 to 63 ASCII characters (including spaces and

symbols). The key is case-sensitive.

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

3.5.6 Wireless Security: Extend (WPA-PSK) Security Screen 2

Use this screen to enable OTIST for your wireless network.

Chapter 3 Connection Wizard 63

P-870HW-I1 User’s Guide

Figure 20 Connection Wizard: Wireless Security: Extend (WPA-PSK) Security Screen 2

The following table describes the labels in this screen.

Table 12 Connection Wizard: Wireless Security: Extend (WPA-PSK) Security Screen 2

LABEL DESCRIPTION

Do you want to
enable OTIST?

Setup Key Type a key (password) 8 ASCII characters long.

Select Yes if you want to set up OTIST security. If you set up OTIST, your wireless
network uses WPA-PSK security, not the security you selected and set up in the
previous screen(s). See Section 6.5 on page 108 for more information about setting
up OTIST.

Note: You must set up the same OTIST key on the wireless clients

too.

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

3.5.7 Wireless Security: Extend (WPA2-PSK) Security Screen 1

Use this screen to set up the WPA2 pre-shared key for your wireless network.

64 Chapter 3 Connection Wizard

P-870HW-I1 User’s Guide

Figure 21 Connection Wizard: Wireless Security: Extend (WPA2-PSK) Security Screen 1

The following table describes the labels in this screen.

Table 13 Connection Wizard: Wireless Security: Extend (WPA2-PSK) Security Screen 1

LABEL DESCRIPTION

Pre-Shared Key Type a pre-shared key from 8 to 63 ASCII characters (including spaces and

symbols). The key is case-sensitive.

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

Chapter 3 Connection Wizard 65

P-870HW-I1 User’s Guide

3.5.8 Wireless Security: Extend (WPA2-PSK) Security Screen 2

Figure 22 Connection Wizard: Wireless Security: Extend (WPA2-PSK) Security Screen 2

The following table describes the labels in this screen.

Table 14 Connection Wizard: Wireless Security: Extend (WPA2-PSK) Security Screen 2

LABEL DESCRIPTION

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

3.6 Auto-Detection Screen

Wait while your ZyXEL Device tries to detect your Internet connection.

66 Chapter 3 Connection Wizard

Figure 23 Connection Wizard: Internet Connection: Auto-Detection

P-870HW-I1 User’s Guide

3.7 ISP Parameters Screen

Use these screens to set up your Internet connection. The screen depends on which type of
Connection Type your Internet connection uses. If your ISP provided you a user name and
password, select PPP over Ethernet. Otherwise, select Ethernet.

3.7.1 ISP Parameters: Ethernet Screen

Use this screen to set up an Ethernet connection to the Internet.

Chapter 3 Connection Wizard 67

P-870HW-I1 User’s Guide

Figure 24 Connection Wizard: ISP Parameters: Ethernet

The following table describes the labels in this screen.

Table 15 Connection Wizard: ISP Parameters: Ethernet

LABEL DESCRIPTION

Connection Type Select Ethernet.

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

3.7.2 ISP Parameters: PPPoE Screen

Use this screen to set up a PPPoE connection to the Internet.

68 Chapter 3 Connection Wizard

Figure 25 Connection Wizard: ISP Parameters: PPPoE

The following table describes the labels in this screen.

P-870HW-I1 User’s Guide

Table 16 Connection Wizard: ISP Parameters: PPPoE

LABEL DESCRIPTION

Connection Type Select PPP over Ethernet.

Service Name Enter the service name provided by your ISP. Leave this field blank if your ISP did

not provide one.

User Name Enter the user name provided by your ISP.

Password Enter the password provided by your ISP.

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

3.8 IP Address Type Screen

Use this screen to specify what type of IP address your ISP provides.

Chapter 3 Connection Wizard 69

P-870HW-I1 User’s Guide

Figure 26 Connection Wizard: IP Address Type

The following table describes the labels in this screen.

Table 17 Connection Wizard: IP Address Type

LABEL DESCRIPTION

Get automatically
from ISP

Use fixed IP
address provided
by your ISP

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

Select this if your ISP did not give you a fixed (static) IP address.

Select this if your ISP gave you a fixed (static) IP address.

3.9 Static IP Address Settings Screen

Use these screens to set up a static IP address. The screen depends on which type of
Connection Type your Internet connection uses.

3.9.1 Static IP Address Settings: Ethernet Screen

Use this screen to set up a static IP address for an Ethernet connection to the Internet.

70 Chapter 3 Connection Wizard

Figure 27 Connection Wizard: Static IP Address: Ethernet

The following table describes the labels in this screen.

P-870HW-I1 User’s Guide

Table 18 Connection Wizard: Static IP Address: Ethernet

LABEL DESCRIPTION

My WAN IP
Address

My WAN IP
Subnet Mask

Gateway IP
Address

DNS Servers DNS (Domain Name System) manages the relationships between domain names

First DNS Server
Second DNS

Server
Third DNS

Server

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

Enter the fixed (static) IP address provided by your ISP.

Enter the subnet mask provided by your ISP.

Enter the IP address of the gateway provided by your ISP.

and IP addresses. For example, the IP address of www.zyxel.com is 204.217.0.2.
Without a DNS server, you must know the IP address of the computer you want to
access before you access it.

Enter the IP address of each DNS server provided by your ISP. Use the default
value, if your ISP did not provide IP addresses for three DNS servers.

3.9.2 ISP Parameters: PPPoE Screen

Use this screen to set up a PPPoE connection to the Internet.

Chapter 3 Connection Wizard 71

P-870HW-I1 User’s Guide

Figure 28 Connection Wizard: ISP Parameters: PPPoE

The following table describes the labels in this screen.

Table 19 Connection Wizard: ISP Parameters: PPPoE

LABEL DESCRIPTION

My WAN IP
Address

DNS Servers DNS (Domain Name System) manages the relationships between domain names

First DNS Server
Second DNS

Server
Third DNS

Server

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

Enter the fixed (static) IP address provided by your ISP.

and IP addresses. For example, the IP address of www.zyxel.com is 204.217.0.2.
Without a DNS server, you must know the IP address of the computer you want to
access before you access it.

Enter the IP address of each DNS server provided by your ISP. Use the default
value, if your ISP did not provide IP addresses for three DNS servers.

3.10 MAC Address Screen

Use this screen to specify which MAC address the ZyXEL Device should use.

72 Chapter 3 Connection Wizard

Figure 29 Connection Wizard: MAC Address

The following table describes the labels in this screen.

P-870HW-I1 User’s Guide

Table 20 Connection Wizard: MAC Address

LABEL DESCRIPTION

Factory default Select this, unless you have spoofed (cloned) your computer’s MAC address

before.

Spoof this
computer’s MAC
Address

IP Address If you select Spoof this computer’s MAC Address, enter the IP address of the

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

Select this if you want the ZyXEL Device to use the MAC address of another
computer, instead of its default MAC address. You might try this if you lose your
Internet connection because some ISPs check the MAC address of the device
connected to the Internet.

computer whose MAC address you want the ZyXEL Device to use. This is usually a
computer on the LAN.

Chapter 3 Connection Wizard 73

P-870HW-I1 User’s Guide

3.11 Internet Configuration Screen

Figure 30 Connection Wizard: Internet Configuration

The following table describes the labels in this screen.

Table 21 Connection Wizard: Internet Configuration

LABEL DESCRIPTION

Back Click this to return to the previous screen.

Apply Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

3.12 Auto-Detection Screen

If you enabled OTIST, wait while your ZyXEL Device starts OTIST. You have to start OTIST
on the wireless clients within three minutes of seeing this screen.

74 Chapter 3 Connection Wizard

Figure 31 Connection Wizard: OTIST: Start

3.13 Congratulations Screen

Use this screen to finish the Connection Wizard.

Figure 32 Connection Wizard: Congratulations

P-870HW-I1 User’s Guide

The following table describes the labels in this screen.

Table 22 Connection Wizard: Congratulations

LABEL DESCRIPTION

Finish Click this to close the wizard.

Chapter 3 Connection Wizard 75

P-870HW-I1 User’s Guide

76 Chapter 3 Connection Wizard

P-870HW-I1 User’s Guide

CHAPTER 4

Bandwidth Management Wizard

This chapter provides information on the Wizard Setup screens for bandwidth management.

Bandwidth management is only useful when the ZyXEL Device is trying to send more traffic
out through than the WAN port than the WAN port can support. In this case, bandwidth
management allows you to control the amount of traffic going out through the WAN port and
which applications can use this traffic. You specify which applications can use this traffic by
assigning each one a priority and how much bandwidth it is allocated.

• High-priority applications get to use their allocation first.

• If there is more bandwidth left, medium-priority applications get to use their allocation.

• If there is still more bandwidth left, low-priority applications get to use their allocation.

• If there is still more bandwidth, all applications, including those above and other types of
applications, share it.

Some applications, such as VoIP and online gaming, need to have enough bandwidth to
provide acceptable quality. These applications usually have high priority. Other applications,
such as web surfing and e-mail, might run more slowly if there is not a lot of bandwidth, but
the quality is still adequate. These applications have medium or low priority. There are still
other applications, such as some large file transfers, that are less urgent than the first two kinds
of applications. You do not usually allocate any bandwidth to these applications because these
applications only get bandwidth when other applications are not using it.

This wizard helps you set the priority of some pre-defined applications. Use Maintenance >
Bandwidth MGMT to change the amount of bandwidth allocated to each one or to set up
priorities and allocations for other types of applications.

4.1 Main Wizard Screen

Use this screen to select which wizard you want to run.

Chapter 4 Bandwidth Management Wizard 77

P-870HW-I1 User’s Guide

Figure 33 Main Wizard Screen

The following table describes the labels in this screen.

Table 23 Main Wizard Screen

LABEL DESCRIPTION

Connection
Wizard

Bandwidth
Management
Wizard

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

Select this to set up a basic wireless network and your Internet connection.

Select this to set the priority of various applications, in case there is not enough
bandwidth for all of them.

4.2 Welcome Screen

Use this screen to look at a preview of the Bandwidth Management Wizard.

78 Chapter 4 Bandwidth Management Wizard

Figure 34 BWM Wizard: Welcome

The following table describes the labels in this screen.

P-870HW-I1 User’s Guide

Table 24 BWM Wizard: Welcome

LABEL DESCRIPTION

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

4.3 General Information Screen

Use this screen to activate bandwidth management and to set the amount of bandwidth you
want to allocate for each interface on the ZyXEL Device.

Chapter 4 Bandwidth Management Wizard 79

P-870HW-I1 User’s Guide

Figure 35 BWM Wizard: General Information

The following table describes the labels in this screen.

Table 25 BWM Wizard: General Information

LABEL DESCRIPTION

Active Select this to enable bandwidth management.

LAN Managed
Bandwidth

WLAN Managed
Bandwidth

Enter the amount of bandwidth for this interface that you want to allocate using
bandwidth management.

It is recommended to set this speed to match what the LAN port’s connection can
handle. For example, set it to 100000 kbps if your Ethernet network has a maximum
speed of 100000 kbps.

You can set this number higher than the interface’s actual transmission speed. This
will stop lower priority traffic from being sent if higher priority traffic uses all of the
actual bandwidth.

You can also set this number lower than the interface’s actual transmission speed.
However, this will cause the ZyXEL Device to not use some of the interface’s
available bandwidth.

Enter the amount of bandwidth for this interface that you want to allocate using
bandwidth management.

It is recommended to set this speed to match the maximum speed of the wireless
network. In most cases, set it to 54000 kbps, unless your wireless network cannot
handle this speed.

You can set this number higher than the interface’s actual transmission speed. This
will stop lower priority traffic from being sent if higher priority traffic uses all of the
actual bandwidth.

You can also set this number lower than the interface’s actual transmission speed.
However, this will cause the ZyXEL Device to not use some of the interface’s
available bandwidth.

80 Chapter 4 Bandwidth Management Wizard

Table 25 BWM Wizard: General Information (continued)

LABEL DESCRIPTION

P-870HW-I1 User’s Guide

WAN Managed
Bandwidth

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

Enter the amount of bandwidth for this interface that you want to allocate using
bandwidth management.

It is recommended to set this speed to match what the WAN port’s connection can
handle. For example, set it to 40000 kbps if your broadband modem or router has a
maximum speed of 40000 kbps.

You can set this number higher than the interface’s actual transmission speed. This
will stop lower priority traffic from being sent if higher priority traffic uses all of the
actual bandwidth.

You can also set this number lower than the interface’s actual transmission speed.
However, this will cause the ZyXEL Device to not use some of the interface’s
available bandwidth.

4.4 Services Setup Screen

Use this screen to select the applications to which you want to allocate bandwidth. You can
use the applications you do not select, as well as ones that do not appear on this list, but they
have lower priority.

Figure 36 BWM Wizard: Services Setup

Chapter 4 Bandwidth Management Wizard 81

P-870HW-I1 User’s Guide

The following table describes the labels in this screen.

Table 26 BWM Wizard: Services Setup

LABEL DESCRIPTION

Xbox Live This is Microsoft’s online gaming service that lets you play multiplayer Xbox games

VoIP (SIP) Sending voice signals over the Internet is called Voice over IP or VoIP. Session

FTP File Transfer Program enables fast transfer of files, including large files that may not

E-Mail Electronic mail consists of messages sent through a computer network to specific

eMule/eDonkey These programs use advanced file sharing applications relying on central servers to

WWW The World Wide Web (WWW) is an Internet system to distribute graphical, hyper-

Back Click this to return to the previous screen.

Next Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

on the Internet via broadband technology. Xbox Live uses port 3074.

Initiated Protocol (SIP) is an internationally recognized standard for implementing
VoIP. SIP is an application-layer control (signaling) protocol that handles the setting
up, altering and tearing down of voice and multimedia sessions over the Internet.

SIP is transported primarily over UDP but can also be transported over TCP, using
the default port number 5060.

be possible by e-mail. FTP uses port number 21.

groups or individuals. Here are some default ports for e-mail:
POP3 - port 110
IMAP - port 143
SMTP - port 25
HTTP - port 80

search for files. They use default port 4662.

linked information, based on Hyper Text Transfer Protocol (HTTP) - a client/server
protocol for the World Wide Web. The Web is not synonymous with the Internet;
rather, it is just one service on the Internet. Other services on the Internet include
Internet Relay Chat and Newsgroups. The Web is accessed through use of a
browser.

4.5 Priority Setup Screen

Use this screen to set the priority of the applications you selected in the previous screen.

82 Chapter 4 Bandwidth Management Wizard

Figure 37 BWM Wizard: Priority Setup

The following table describes the labels in this screen.

P-870HW-I1 User’s Guide

Table 27 BWM Wizard: Priority Setup

LABEL DESCRIPTION

Service This field displays the applications you selected in the previous screen.

Priority Select the priority of each application. Other applications have lower priority than all

the applications in this screen, including ones to which you assign Low priority.

Back Click this to return to the previous screen.

Apply Click this to save your changes on this screen and to proceed to the next screen.

Exit Click this to close the wizard without saving the changes on this screen.

4.6 Congratulations Screen

Use this screen to finish the Bandwidth Management Wizard.

Chapter 4 Bandwidth Management Wizard 83

P-870HW-I1 User’s Guide

Figure 38 BWM Wizard: Congratulations

The following table describes the labels in this screen.

Table 28 BWM Wizard: Congratulations

LABEL DESCRIPTION

Finish Click this to close the wizard.

84 Chapter 4 Bandwidth Management Wizard

This chapter introduces the Status screen and the summary screens you can open from it.

5.1 Status Screen

To open this screen, click Status. This screen also appears when you log in and select Go to
Advanced setup.

Figure 39 Status

P-870HW-I1 User’s Guide

CHAPTER 5

Status Screen

Chapter 5 Status Screen 85

P-870HW-I1 User’s Guide

The following table describes the labels shown in the Status screen.

Table 29 Status

LABEL DESCRIPTION

Refresh Interval Select a number of seconds or None from the drop-down list box to refresh all

Refresh Now Click this button to refresh the status screen statistics.

Device Information

System Name This is used for identification purposes. Click Maintenance > System > General

Firmware Version This is the ZyNOS Firmware version and the date created. ZyNOS is ZyXEL's

WAN Information

IP Address This is the WAN port IP address. Click Network > WAN > Internet Connection to

IP Subnet Mask

DHCP This is the WAN port DHCP role - Client or None. Click Network > WAN >

LAN Information

IP Address This is the LAN port IP address. Click Network > LAN > IP to change it.

IP Subnet Mask This is the LAN port IP subnet mask. Click Network > LAN > IP to change it.

DHCP This is the LAN port DHCP role - Server, Relay or None. Click Network > DHCP

WLAN Information

Name(SSID) This is the descriptive name used to identify the ZyXEL Device in the wireless

Channel This is the channel number used by the ZyXEL Device now. Click Network >

Security Mode This field displays what kind of authentication and encryption the ZyXEL Device is

System Status

System Uptime This is the total time the ZyXEL Device has been on.

Current Date/Time This field displays your ZyXEL Device’s present date and time. Click Maintenance

System Resource

CPU Usage This field displays what percentage of the ZyXEL Device’s processing ability is

screen statistics automatically at the end of every time interval or to not refresh the
screen statistics.

to change it.

proprietary Network Operating System design. Click Maintenance > Tools >
Firmware to change it.

change it.

This is the WAN port IP subnet mask. Click Network > WAN > Internet

Connection to change it.

Internet Connection to change it.

Server > General to change it.

LAN. Click Network > Wireless LAN > General to change it.

Wireless LAN > General to change it.

currently using in the wireless network. Click Network > Wireless LAN > General
to change it.

> System > Time Setting to change it.

currently used. When this percentage is close to 100%, the ZyXEL Device is
running at full load, and the throughput is not going to improve anymore. If you
want some applications to have more throughput, you should use bandwidth
management to turn off other applications. Click Management > Bandwidth
MGMT > Configuration.

86 Chapter 5 Status Screen

P-870HW-I1 User’s Guide

Table 29 Status

LABEL DESCRIPTION

Memory Usage This field displays what percentage of the ZyXEL Device’s memory is currently

used. Usually, this percentage should not increase much. If memory usage does
get close to 100%, the ZyXEL Device is probably becoming unstable, and you
should restart the device. Click Maintenance > Tools > Restart, or turn off the
device (unplug the power) for a few seconds.

Interface Status

Interface This field displays the ZyXEL Device ports.

Status For the WAN port, this field depends on the encapsulation.

For Ethernet encapsulation:

Down - line is down
Up - line is up or connected

For PPP over Ethernet (PPPoE) encapsulation:

Down - line is down
Up - line is up or connected
Idle - line (ppp) idle
Dial - starting to trigger a call
Drop - dropping a call
For the LAN port, this field displays one of the following values:
Down - there are no LAN connections
Up - line is at least one LAN connection
For the WLAN port, this field displays one of the following values:
Down - the wireless interface is disabled
Up - the wireless interface is enabled

Rate For the WAN port, this field displays the downstream and upstream transmission

Summary

DHCP Table Use this screen to view current DHCP client information.

WLAN Station
Status

BW MGMT
Monitor

Packet Statistics Use this screen to view port status and packet specific statistics.

rates.
For the LAN port, this field displays the port speed and duplex setting.
For the WLAN port, this field displays the transmission rate.
If any port is down or disabled, this field displays N/A.

This screen displays the MAC address(es) of the wireless stations that are
currently associating with the ZyXEL Device.

Use this screen to view the ZyXEL Device’s bandwidth usage and allotments.

5.1.1 Status: BW MGMT Monitor

Use this screen to view the bandwidth usage based on the rules you configure for the LAN,
WAN and WLAN. To access this screen, click Status, and then click (Details...) next to BW
MGMT Monitor.

Chapter 5 Status Screen 87

P-870HW-I1 User’s Guide

Figure 40 Status > BW MGMT Monitor

5.1.2 Status: DHCP Table

To access this screen, click Status, and then click (Details...) next to DHCP Table.

88 Chapter 5 Status Screen

P-870HW-I1 User’s Guide

Figure 41 Status > DHCP Table

Each field is described in the following table.

Table 30 Status > DHCP Table

LABEL DESCRIPTION

# This field is a sequential value. It is not associated with a specific entry.

IP Address

Host Name This field displays the system name of the computer to which the ZyXEL Device

MAC Address

Refresh

This field displays the IP address the ZyXEL Device assigned to a computer in the
network.

assigned the IP address.

This field displays the MAC address of the computer to which the ZyXEL Device
assigned the IP address.

Click this to update this screen.

5.1.3 Status: Packet Statistics

Use this screen to view the port status, packet-specific statistics, and system up time. To access
this screen, click Status, and then click (Details...) next to Packet Statistics.

Figure 42 Status > Packet Statistics

Chapter 5 Status Screen 89

P-870HW-I1 User’s Guide

The following table describes the fields in this screen.

Table 31 Status > Packet Statistics

LABEL DESCRIPTION

Packet Statistics

Port This field displays the ZyXEL Device ports.

Status This field displays the status of each ZyXEL Device port. The values are the

TxPkts This field displays the number of packets transmitted on this port.

RxPkts This field displays the number of packets received on this port.

Collisions This is the number of collisions on this port.

Errors This field displays the number of error packets on this port.

Tx B/s This field displays the number of bytes transmitted in the last second.

Rx B/s This field displays the number of bytes received in the last second.

Up Time This field displays the amount of time this port has been up.

System Up Time This is the elapsed time the system has been up.

Poll Interval(s)
Set Interval

Stop Click this button to stop refreshing this screen.

same ones shown in the Status screen.

Type how many seconds the ZyXEL Device should wait before it automatically
refreshes this screen. Click Set Interval to apply the change.

5.1.4 Status: WLAN Station Status

Use this screen to view the wireless stations that are currently associated to the ZyXEL
Device. To access this screen, click Status, and then click (Details...) next to WLAN Status.

Figure 43 Status > WLAN Station Status

90 Chapter 5 Status Screen

P-870HW-I1 User’s Guide

The following table describes the labels in this screen.

Table 32 Status > WLAN Station Status

LABEL DESCRIPTION

# This field is a sequential value. It is not associated with a specific entry.

MAC Address This field displays the MAC (Media Access Control) address of an associated wireless

station.

Association
TIme

Refresh Click Refresh to reload this screen.

This field displays the time a wireless station first associated with the ZyXEL Device.

Chapter 5 Status Screen 91

P-870HW-I1 User’s Guide

92 Chapter 5 Status Screen

This chapter discusses how to configure the wireless network settings in your ZyXEL Device.

6.1 Wireless Network Overview

The following figure provides an example of a wireless network.

Figure 44 Example of a Wireless Network

P-870HW-I1 User’s Guide

CHAPTER 6

Wireless LAN

The wireless network is the part in the blue circle. In this wireless network, devices A and B
are called wireless clients. The wireless clients use the access point (AP) to interact with other
devices (such as the printer) or with the Internet. Your ZyXEL Device is the AP.

Every wireless network must follow these basic guidelines.

• Every wireless client in the same wireless network must use the same SSID.

The SSID is the name of the wireless network. It stands for Service Set IDentity.

• If two wireless networks overlap, they should use different channels.

Like radio stations or television channels, each wireless network uses a specific channel,
or frequency, to send and receive information.

Chapter 6 Wireless LAN 93

P-870HW-I1 User’s Guide

• Every wireless client in the same wireless network must use security compatible with the
AP.

Security stops unauthorized devices from using the wireless network. It can also protect
the information that is sent in the wireless network.

6.2 Wireless Security Overview

The following sections introduce different types of wireless security you can set up in the
wireless network.

6.2.1 SSID

Normally, the AP acts like a beacon and regularly broadcasts the SSID in the area. You can
hide the SSID instead, in which case the AP does not broadcast the SSID. In addition, you
should change the default SSID to something that is difficult to guess.

This type of security is fairly weak, however, because there are ways for unauthorized devices
to get the SSID. In addition, unauthorized devices can still see the information that is sent in
the wireless network.

6.2.2 MAC Address Filter

Every wireless client has a unique identification number, called a MAC address.1 A MAC
address is usually written using twelve hexadecimal characters
or 00:A0:C5:00:00:02. To get the MAC address for each wireless client, see the appropriate
User’s Guide or other documentation.

You can use the MAC address filter to tell the AP which wireless clients are allowed or not
allowed to use the wireless network. If a wireless client is allowed to use the wireless network,
it still has to have the correct settings (SSID, channel, and security). If a wireless client is not
allowed to use the wireless network, it does not matter if it has the correct settings.

This type of security does not protect the information that is sent in the wireless network.
Furthermore, there are ways for unauthorized devices to get the MAC address of an authorized
wireless client. Then, they can use that MAC address to use the wireless network.

6.2.3 User Authentication

You can make every user log in to the wireless network before they can use it. This is called
user authentication. However, every wireless client in the wireless network has to support
IEEE 802.1x to do this.

2

; for example, 00A0C5000002

1. Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless
networks. These kinds of wireless devices might not have MAC addresses.

2. Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F.

94 Chapter 6 Wireless LAN

For wireless networks, there are two typical places to store the user names and passwords for
each user.

• In the AP: this feature is called a local user database or a local database.

• In a RADIUS server: this is a server used in businesses more than in homes.

If your AP does not provide a local user database and if you do not have a RADIUS server,
you cannot set up user names and passwords for your users.

Unauthorized devices can still see the information that is sent in the wireless network, even if
they cannot use the wireless network. Furthermore, there are ways for unauthorized wireless
users to get a valid user name and password. Then, they can use that user name and password
to use the wireless network.

Local user databases also have an additional limitation that is explained in the next section.

6.2.4 Encryption

Wireless networks can use encryption to protect the information that is sent in the wireless
network. Encryption is like a secret code. If you do not know the secret code, you cannot
understand the message.

P-870HW-I1 User’s Guide

The types of encryption you can choose depend on the type of user authentication. (See

Section 6.2.3 on page 94 for information about this.)

Table 33 Types of Encryption for Each Type of User Authentication

No Authentication RADIUS Server

Weakest None IEEE 802.1x + No WEP

Static WEP IEEE 802.1x + Static WEP

IEEE 802.1x + Dynamic WEP

WPA-PSK WPA

Strongest WPA2-PSK WPA2

For example, if the wireless network has a RADIUS server, you can choose IEEE 802.1x,
IEEE 802.1x + Static WEP, IEEE 802.1x + Dynamic WEP, WPA or WPA2. If users do not
log in to the wireless network, you can choose no encryption, Static WEP, WPA-PSK, or
WPA2-PSK.

Usually, you should set up the strongest encryption that every wireless client in the wireless
network supports. For example, suppose the AP does not have a local user database, and you
do not have a RADIUS server. Therefore, there is no user authentication. Suppose the wireless
network has two wireless clients. Device A only supports WEP, and device B supports WEP
and WPA. Therefore, you should set up Static WEP in the wireless network.

Chapter 6 Wireless LAN 95

P-870HW-I1 User’s Guide

Note: It is recommended that wireless networks use WPA-PSK, WPA, or stronger

encryption. IEEE 802.1x and WEP encryption are better than none at all, but it
is still possible for unauthorized devices to figure out the original information
pretty quickly.

When you select WPA2 or WPA2-PSK in your ZyXEL Device, you can also select an option
(WPA compatible) to support WPA as well. In this case, if some wireless clients support
WPA and some support WPA2, you should set up WPA2-PSK or WPA2 (depending on the
type of wireless network login) and select the WPA compatible option in the ZyXEL Device.

Many types of encryption use a key to protect the information in the wireless network. The
longer the key, the stronger the encryption. Every wireless client in the wireless network must
have the same key.

6.2.5 One-Touch Intelligent Security Technology (OTIST)

With ZyXEL’s OTIST, you set up the SSID and the encryption (WEP or WPA-PSK) on the
ZyXEL Device. Then, the ZyXEL Device transfers them to wireless clients in the wireless
network. As a result, you do not have to set up the SSID and encryption on every wireless
client.

The wireless clients in the wireless network have to support OTIST, and they have to be in
range of the ZyXEL Device when you activate it. See Section 6.5 on page 108 for more
details.

6.3 Wireless Performance Overview

The following sections introduce different ways to improve the performance of the wireless
network.

6.3.1 Quality of Service (QoS)

You can turn on Wi-Fi MultiMedia (WMM) QoS to improve the performance of voice and
video applications in the wireless network. QoS gives high priority to voice and video, which
makes them run more smoothly. Similarly, it gives low priority to many large file downloads
so that they do not reduce the quality of other applications.

6.4 General Wireless LAN Screen

Note: If you are configuring the ZyXEL Device from a computer connected to the

wireless LAN and you change the ZyXEL Device’s SSID or WEP settings, you
will lose your wireless connection when you click Apply. You must then change
the wireless settings of your computer to match the ZyXEL Device’s new
settings.

96 Chapter 6 Wireless LAN

P-870HW-I1 User’s Guide

To open this screen, click Network > Wireless LAN.

Figure 45 Network > Wireless LAN > General

The following table describes the general wireless LAN labels in this screen.

Table 34 Network > Wireless LAN > General

LABEL DESCRIPTION

Wireless Setup

Enable
Wireless LAN

Name(SSID) Enter the name of the wireless network. The name is called the Service Set IDentity

Click the check box to activate wireless LAN.

(SSID). Every wireless client in the same wireless network must use the same SSID.

Note: If you are using the wireless network to connect to the ZyXEL

Device from a computer and you change this setting, you will
lose your wireless connection when you press Apply to
confirm. You must change the wireless settings of your
computer to match the ZyXEL Device’s new settings.

Hide SSID Select this check box to hide the SSID so a station cannot get the SSID through

Channel
Selection

Security This section is described in more detail below.

Apply Click this to save your changes back to the ZyXEL Device.

Reset Click this to reload the previous configuration for this screen.

scanning using a site survey tool.

Set the operating frequency or channel your wireless network uses. It should be at
least five channels away from other wireless networks in the area.

6.4.1 General Wireless LAN Screen: No Security

Use this screen to allow wireless stations to communicate with the access points without any
data encryption.To open this screen, click Network > Wireless LAN, and set Security Mode
to No Security.

Note: If you do not enable any wireless security on your ZyXEL Device, your network

is accessible to any wireless networking device that is within range.

Chapter 6 Wireless LAN 97

P-870HW-I1 User’s Guide

Figure 46 Network > Wireless LAN > General > No Security

The following table describes the labels in this screen.

Table 35 Network > Wireless LAN > General > No Security

LABEL DESCRIPTION

Security Mode Select No Security.

6.4.2 General Wireless LAN Screen: Static WEP

Use this screen to enable and configure WEP encryption in your wireless network.To open this
screen, click Network > Wireless LAN, and set Security Mode to No Security.

Figure 47 Network > Wireless LAN > General > Static WEP

98 Chapter 6 Wireless LAN

The following table describes the labels in this screen.

Table 36 Network > Wireless LAN > General > Static WEP

LABEL DESCRIPTION

Security Mode Select Static WEP.

WEP Key Enter the key you want to use. You can enter the key using printable ASCII characters

or hexadecimal (0-9, A-F, a-f) characters. The ZyXEL Device and the wireless
stations must use the same WEP key.

If you want to use a 64-bit WEP key, enter 5 printable ASCII characters or 10
hexadecimal characters.

If you want to use a 128-bit WEP key, enter 13 printable ASCII characters or 26
hexadecimal characters. A 128-bit WEP key is more secure than a 64-bit WEP key.

6.4.3 General Wireless LAN Screen: WPA-PSK

Use this screen to enable and configure WPA-PSK encryption in your wireless network. To
open this screen, click Network > Wireless LAN, and set Security Mode to WPA-PSK.

Figure 48 Network > Wireless LAN > General > WPA-PSK

P-870HW-I1 User’s Guide

The following table describes the labels in this screen.

Table 37 Network > Wireless LAN > General > WPA-PSK

LABEL DESCRIPTION

Security Mode Select WPA-PSK.

Pre-Shared
Key

ReAuthenticati
on Timer

Chapter 6 Wireless LAN 99

Type a pre-shared key from 8 to 63 ASCII characters (including spaces and symbols).
The key is case-sensitive.

Specify how often wireless stations have to resend usernames and passwords in
order to stay connected. Enter a time interval between 10 and 9999 seconds.

P-870HW-I1 User’s Guide

Table 37 Network > Wireless LAN > General > WPA-PSK (continued)

LABEL DESCRIPTION

Idle Timeout The ZyXEL Device automatically disconnects a wireless station from the wireless

network after a period of inactivity. The wireless station needs to enter the username
and password again before it can use the wireless network again. Some wireless
clients can do this automatically; some wireless clients cannot, in which case the user
has to enter the information again. In either case, there is usually a short delay while
the wireless client logs in to the wireless network again.

Enter a time interval between 10 and 9999 seconds. This value is usually smaller
when the wireless network is keeping track of how much time each wireless station is
connected to the wireless network (for example, using an authentication server). If the
wireless network is not keeping track of this information, you can usually set this value
higher to minimize the number of delays caused by logging in again.

Group Key
Update Timer

The Group Key Update Timer is the rate at which the ZyXEL Device sends a new
group key to all clients. This process changes the WEP key on a regular basis. Enter
a time interval between 10 and 9999 seconds.

6.4.4 General Wireless LAN Screen: WPA

Use this screen to enable and configure WPA encryption in your wireless network. To open
this screen, click Network > Wireless LAN, and set Security Mode to WPA.

Figure 49 Network > Wireless LAN > General > WPA

100 Chapter 6 Wireless LAN