ZyXEL Communications ZyXEL NBG420N manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340

Go to page of

A good user manual

The rules should oblige the seller to give the purchaser an operating instrucion of ZyXEL Communications ZyXEL NBG420N, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.

What is an instruction?

The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of ZyXEL Communications ZyXEL NBG420N one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.

Unfortunately, only a few customers devote their time to read an instruction of ZyXEL Communications ZyXEL NBG420N. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.

What should a perfect user manual contain?

First and foremost, an user manual of ZyXEL Communications ZyXEL NBG420N should contain:
- informations concerning technical data of ZyXEL Communications ZyXEL NBG420N
- name of the manufacturer and a year of construction of the ZyXEL Communications ZyXEL NBG420N item
- rules of operation, control and maintenance of the ZyXEL Communications ZyXEL NBG420N item
- safety signs and mark certificates which confirm compatibility with appropriate standards

Why don't we read the manuals?

Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of ZyXEL Communications ZyXEL NBG420N alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of ZyXEL Communications ZyXEL NBG420N, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the ZyXEL Communications service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of ZyXEL Communications ZyXEL NBG420N.

Why one should read the manuals?

It is mostly in the manuals where we will find the details concerning construction and possibility of the ZyXEL Communications ZyXEL NBG420N item, and its use of respective accessory, as well as information concerning all the functions and facilities.

After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.

Table of contents for the manual

  • Page 1

    www .zyxel.com NBG420N Wireless N Router User ’ s Guide V ersion 3.60 3/2008 Edition 1 DEFAULT LOGIN IP Address http://1 92 .168.1.1 Password 1234[...]

  • Page 2

    [...]

  • Page 3

    About This User's Guide NBG420N User’s Guide 3 About This User's Guide Intended Audience This manual is intended for people who wa nt to configure the NBG420N using th e web configurator . Y ou should have at leas t a basic knowledge of TCP/IP networking concepts and topology . Related Document ation • Quick Start Guide The Quick S ta[...]

  • Page 4

    Document Conventions NBG420N User’s Guide 4 Document Conventions W arnings and Notes These are how warnings and notes are shown in this User ’ s Guide. 1 W arnings tell you about things that could harm you or your device. " Notes tell you other important informati on (for example, other things you may need to configure or helpful tip s) or[...]

  • Page 5

    Document Conventions NBG420N User’s Guide 5 Icons Used in Figures Figures in this User ’ s Guide may use the follo wing generic icons. The NBG420N icon is not an exact representation of yo ur device. NBG420N Computer Notebook computer Server DSLAM Firewall T ele phone Switch Router Modem[...]

  • Page 6

    Safety Warnings NBG420N User’s Guide 6 Safety Warnings 1 For your safety , be sure to read and follow all warni ng notices and instructions. • Do NOT use this product near water , for example, in a wet basement or near a swimming pool. • Do NOT expose your device to dampness, dust or corrosive liquids. • Do NOT store thin gs on the device. [...]

  • Page 7

    Safety Warnings NBG420N User’s Guide 7[...]

  • Page 8

    Safety Warnings NBG420N User’s Guide 8[...]

  • Page 9

    Contents Overview NBG420N User’s Guide 9 Contents Overview Introduction .......................................... ........................................................................ .......... 29 Getting to Know Y our NB G420N .............. ................ ................. ................ ................ ................ 31 The WPS But[...]

  • Page 10

    Contents Overview NBG420N User’s Guide 10[...]

  • Page 11

    Table of Contents NBG420N User’s Guide 11 Table of Contents About This User's Guide ..................................................... ................................................... .. 3 Document Conventions.................................................................. ......................................... .4 Safety Warnings [...]

  • Page 12

    Table of Contents NBG420N User’s Guide 12 3.5.2 Summary: Any I P T able ....... ................ ................ ................ ................ ................ ....... 44 3.5.3 Summary: Bandwidth Management Monitor ....... ................ ................. ................ ... 44 3.5.4 Summary: DHC P T able .... ............. ..............[...]

  • Page 13

    Table of Contents NBG420N User’s Guide 13 6.1.1 How to Connect to t he Internet from an AP .. ............. ................ ................ ................ 73 6.1.2 Configure Wireless Security Using W PS on both your NBG420 N and Wireless Client 73 6.1.3 Enable and Configure Wireless Security without WPS on your NBG420N ................ 76 6.1[...]

  • Page 14

    Table of Contents NBG420N User’s Guide 14 7.1 1 Acc essing the iPod T ouc h Web Configurator . ................ .................... ................ ............... 1 14 7.1 1.1 Acc essing the iPod T ouch Web Configurator .... ................ .................... ................ ..1 15 Chapter 8 W AN ...........................................[...]

  • Page 15

    Table of Contents NBG420N User’s Guide 15 1 1.4.1 Game List Ex ample ........ ................ ... .......... ................ ................ ................ ........... 141 1 1.5 T rigger Port Forw arding . .......... ............ ................. ................ ................ ............. ............. .1 4 2 1 1.5.1 Trigger Port Fo rw[...]

  • Page 16

    Table of Contents NBG420N User’s Guide 16 15.1 IPSec VPN Ov erview ........ ................ ................ ................. ................ ................ .............. 165 15.1.1 What Y ou Can Do in the IPSec VPN Screens ... ................ ................ .................... . 1 65 15.1.2 What Y ou Need T o Know About IPSec VPN .....[...]

  • Page 17

    Table of Contents NBG420N User’s Guide 17 18.1.2 Remote Management and NA T ............ .................... ................ ................ .............. 210 18.1.3 System Timeout ..... ................ .......... ...... ................. ................ ............. ................ . 210 18.2 WWW Screen .......... ............. .........[...]

  • Page 18

    Table of Contents NBG420N User’s Guide 18 Chapter 23 Configuration Mode ................................................................................... .......................... .2 5 7 Chapter 24 Sys Op Mode .............................................................. ...................................................... ..... 259 24.1 Ov[...]

  • Page 19

    List of Figures NBG420N User’s Guide 19 List of Figures Figure 1 Secure Wireless Internet Access in R outer Mode ............... ................ ................. ................ ... 31 Figure 2 Wireless Internet Access in AP Mode ....... ............. ................. ................ ............. ............... .... 32 Figure 3 Front Panel[...]

  • Page 20

    List of Figure s NBG420N User’s Guide 20 Figure 39 S tatus: AP Mode .................... ................ ................ ................. ............ ................. ... ................ 78 Figure 40 Connecting a Wireless Client to a Wire less Netw ork t .... ................ ................ ................ ....... 79 Figure 41 Security S[...]

  • Page 21

    List of Figures NBG420N User’s Guide 21 Figure 82 Any IP Example ............... ................ ................ ................ ................ ................ ....... ............. . 129 Figure 83 Network > LAN > IP ........... ................ ................ ................ ................ ................. ..... ............ 13[...]

  • Page 22

    List of Figure s NBG420N User’s Guide 22 Figure 125 Management > Bandwidth MGMT > Monito r .................. ............. ................ ................ ..... 207 Figure 126 Management > Remote MGMT > WWW .. ...... ............. ................ ................ ................ ..... 210 Figure 127 Management > Remote MGMT &g[...]

  • Page 23

    List of Figures NBG420N User’s Guide 23 Figure 168 Pop-up Blocker ................. ................ ................ ................ .................... ................ ... ........... 279 Figure 169 Internet Options: Privacy ..... .......... ...... ................ ............. ................ ................. ....... .......... 280 Figur[...]

  • Page 24

    List of Figure s NBG420N User’s Guide 24[...]

  • Page 25

    List of Tables NBG420N User’s Guide 25 List of Tables T able 1 Features Available in Router Mode vs. AP Mo de ........... ............. ................ ................ ............. 32 T able 2 Front Panel LED s ............... ................ ................ ................ ................ ................ ...... ................. 33 T abl[...]

  • Page 26

    List of Tables NBG420N User’s Guide 26 T able 39 Scheduling ............. ................ ................ ................ ................. ................ ............ .......... ........ 108 T able 40 Login Screen ... ................. ................ ................ ................ ................ ................ .... ................[...]

  • Page 27

    List of Tables NBG420N User’s Guide 27 T able 82 Management > Remote MGMT > DNS .. ................ ................. ................ ................... ........... 213 T able 83 Management > UPnP > General ......... ................ ................ ................ ................. ............... .. 216 T able 84 Maintenance >[...]

  • Page 28

    List of Tables NBG420N User’s Guide 28 T able 125 Eight Subnets ....................... ................ ................ ................. ................ .............. ........... ..... 290 T able 126 24-bit Network Number Subnet Planning ............. ................. ................... ................ ........... 29 1 T able 127 16-bit N[...]

  • Page 29

    29 P ART I Introduction Getting to Know Y our NBG420N (31) The WPS Button (35) Introducing the W eb Configurator (37) Connection W izard (49) AP Mode (65) T utorials (73)[...]

  • Page 30

    30[...]

  • Page 31

    NBG420N User’s Guide 31 C HAPTER 1 Getting to Know Your NBG420N This chapter introduces the main feat ures and applications of the NBG420N. 1.1 Overview The NBG420N acts as either an access point (AP) or a secure broadband router for all data passing between the Internet and y our local network. In both AP and Router Mode you ca n set up a wirele[...]

  • Page 32

    Chapter 1 Getting to Know Your NBG420N NBG420N User’s Guide 32 1.3 AP Mode Select AP Mode if you already have a router o r ga teway on your network which provides network services such as a firewall or bandwidth management. The following figure shows computers in a WLAN connecting to the NBG420N, which acts as an access point ( A ). The NBG420N a[...]

  • Page 33

    Chapter 1 Getting to Know Your NBG 420N NBG420N User’s Guide 33 1.5 W ays to Manage the NBG420N Use any of the following meth ods to manage the NBG420N. • W eb Configurator . This is recommended for everyday management of the NBG420N using a (s upported) web browser . • Command Line Interface. Line commands are mostly used for troubleshooting[...]

  • Page 34

    Chapter 1 Getting to Know Your NBG420N NBG420N User’s Guide 34 LAN 1-4 Green On The NBG420N has a successful 10MB Ethernet connection. Blinking The NBG420N is sending/receiving da ta. Amber On The NBG420N has a successful 100MB Etherne t connection. Blinking The NBG420N is sending/receiving da ta. Off The LAN is not connected. W AN Green On The N[...]

  • Page 35

    NBG420N User’s Guide 35 C HAPTER 2 The WPS Button 2.1 Overview Y our NBG420N su pports W iFi Protected Setup (WPS), which is an easy way to set up a secure wireless network. WPS is an industry standard specification, defined by the W iFi Alliance. WPS allows you to quickly set up a wireless ne twork with strong security , without having to config[...]

  • Page 36

    Chapter 2 The WPS Button NBG420N User’s Guide 36[...]

  • Page 37

    NBG420N User’s Guide 37 C HAPTER 3 Introducing the Web Configurator This chapter describes how to access the NB G420N web configurator and provides an overview of its screens. 3.1 W eb Configurator Overview The web configur ator is an HTML-based manage ment interface that allows easy setup and management of the NBG420 N via Internet browser . Use[...]

  • Page 38

    Chapter 3 Introducing the Web Configur ator NBG420N User’s Guide 38 4 T ype "1234" (default) as the password and click Login . In some versions, the default password appears automatically - if this is the case, click Login . 5 Y ou should see a screen askin g you to change your password (highl y recommended) as shown next. T ype a new p[...]

  • Page 39

    Chapter 3 Introducing the Web Configurator NBG420N User’s Guide 39 Figure 5 Selecting the setup mode 3.3 Resetting the NBG420N If you forget your password or IP address, or you cannot access the web configurator , you will need to use the RESET button at the back of the NBG420 N to reload the factory-default configuration file. This means that yo[...]

  • Page 40

    Chapter 3 Introducing the Web Configur ator NBG420N User’s Guide 40 Figure 6 Web Configur ator S tatus Screen The following table describ es the icons shown in the St a t u s screen. The following table describes the labels shown in the St a t u s screen. T able 3 Status Screen Icon Key ICON DESCRIPTION Click this icon to open the setup wizard. C[...]

  • Page 41

    Chapter 3 Introducing the Web Configurator NBG420N User’s Guide 41 W AN Information - MAC Address This shows the WAN Etherne t adapter MAC Address of your device. - IP Address This shows the WAN port’s IP address. - IP Subnet Mask This shows the WAN port’s subnet mask. - DHCP This shows the WAN port’s DHCP role - Client or None . LAN Inform[...]

  • Page 42

    Chapter 3 Introducing the Web Configur ator NBG420N User’s Guide 42 3.5.1 Navigation Panel Use the sub-menus on the n avigation panel to configure NBG420N features. The following table describes the sub-menus. S tatus For the LAN and W AN po rts, this field displays Down (line is down) or Up (line is up or connected). For the WLAN, it displays Up[...]

  • Page 43

    Chapter 3 Introducing the Web Configurator NBG420N User’s Guide 43 LAN IP Use this screen to configure LAN IP address and subnet mask. IP Alias Use this screen to p artition your LAN interface into subnets. Advanced Use this screen to enable other advanced properties. DHCP Serve r General Use this screen to enable the NBG420N’s DHCP server . Ad[...]

  • Page 44

    Chapter 3 Introducing the Web Configur ator NBG420N User’s Guide 44 3.5.2 Summary: Any IP T able This screen displays the IP addre ss of each comp uter that is using the NBG420N via the any IP feature. Any IP allows computers to acces s the Internet throug h the NBG420N without changing their network settings when NA T is enabled. T o access this[...]

  • Page 45

    Chapter 3 Introducing the Web Configurator NBG420N User’s Guide 45 Figure 8 Summary: BW MGMT Monitor 3.5.4 Summary: DHCP T able DHCP (Dynamic Host Configuration Protocol , RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a se rver . Y ou can configure the NBG420N’ s LAN as a DHCP server or disable[...]

  • Page 46

    Chapter 3 Introducing the Web Configur ator NBG420N User’s Guide 46 3.5.5 Summary: Packet St atistics Click the Packet S tatistics (Details...) hyperlink in the St a t u s screen. Read-only information here includes port status, packet specific statistics and the "sys tem up time". The Poll Interval(s) field is configurable and is used [...]

  • Page 47

    Chapter 3 Introducing the Web Configurator NBG420N User’s Guide 47 3.5.6 Summary: VPN Monitor Click the VPN Monitor (Details...) hyperlink in the St a t u s screen. This screen displays read- only information about the ac tive VPN connections. Click the Refr esh button to update the screen. A Security Associ ation (SA) is the group of security se[...]

  • Page 48

    Chapter 3 Introducing the Web Configur ator NBG420N User’s Guide 48 The following table describes the labels in this screen. T able 9 Summary: Wireless Association List LABEL DESCRIPTION # This is the index number of an associated wireless station. MAC Address This field displays the MAC address of an associated wire less station. Association Tim[...]

  • Page 49

    NBG420N User’s Guide 49 C HAPTER 4 Connection Wizard This chapter provides informa tion on the wizard setup screens in the web configurator . 4.1 Wizard Setup The web configurator ’ s wizard setup helps you configure your device to access the Internet. Refer to your ISP (Internet Serv ice Provider) checklist in the Qu ick S tart Guide to know w[...]

  • Page 50

    Chapter 4 Conn ection Wizard NBG420N User’s Guide 50 Figure 14 Select a Language 3 Read the on-screen in formation and click Next . Figure 15 Welcome to the Con nection Wizard 4.2 Connection Wizard: STEP 1: System Information System Information contains administrative and system-related information. 4.2.1 System Name System Name is for identifica[...]

  • Page 51

    Chapter 4 Connection Wizar d NBG420N User’s Guide 51 4.2.2 Domain Name The Domain Name entry is what is propagated to th e DHCP clients on the LAN. If you leave this blank, the domain name obtained by DHCP from the ISP is us ed. While you must enter the host name (System Name) on each individual compute r , the domain name can be assigned from th[...]

  • Page 52

    Chapter 4 Conn ection Wizard NBG420N User’s Guide 52 Figure 17 Wizard S tep 2: Wireless LAN The following table describes the labels in this screen. " The wireless stations and NBG420N must use the same SSID, channel ID and WEP encryption key (if WEP is enabled) , WP A-PSK (if WP A- PSK is enabled) or WP A2-PSK (if WP A2-PSK is enabl ed) for[...]

  • Page 53

    Chapter 4 Connection Wizar d NBG420N User’s Guide 53 4.3.1 Basic (WEP) Security Choose Basic (WEP) to setup WEP Encryption parameters. Figure 18 Wizard S tep 2: Basic (WEP) Security The following table describes the labels in this screen. T able 12 Wizard S tep 2: Basic (WEP) Security LABEL DESCRIPTION Passphrase T ype a Passphrase (up to 32 prin[...]

  • Page 54

    Chapter 4 Conn ection Wizard NBG420N User’s Guide 54 4.3.2 Extend (WP A-PSK or WP A2-PSK) Security Choose Extend (WP A-PSK) or Extend (WP A2-PSK) security in the W ireless LAN setup screen to set up a Pr e-Shared Key . Figure 19 Wizard S tep 2: Extend (WP A-PSK or WP A2-PSK) Security The following table describes the labels in this screen. 4.4 Co[...]

  • Page 55

    Chapter 4 Connection Wizar d NBG420N User’s Guide 55 Figure 20 Wizard S tep 3: ISP Parameters. The following table describes the labels in this screen, 4.4.1 Ethernet Connection Choose Ethernet when the W AN port is used a s a regular Ethernet. Continue to Section 4.4.4 on page 58 . Figure 21 Wizard S tep 3: Ethernet Connection 4.4.2 PPPoE Connec[...]

  • Page 56

    Chapter 4 Conn ection Wizard NBG420N User’s Guide 56 One of the benefits of PPPoE is the ability to let end users access one of multiple network services, a function known as dynamic service selec tion. This enables the service provider to easily create and offer new IP services for specific users. Operationally , PPPoE saves significant effort f[...]

  • Page 57

    Chapter 4 Connection Wizar d NBG420N User’s Guide 57 " The NBG420N supports one PP TP serv er connection at any given time. Figure 23 Wizard S tep 3: PP TP Connection The following table describes the fields in this screen T able 16 Wizard S tep 3: PPTP Connection LABEL DESCRIPTION ISP Parameters for Internet Access Connection T ype Select P[...]

  • Page 58

    Chapter 4 Conn ection Wizard NBG420N User’s Guide 58 4.4.4 Y our IP Address The following wizard screen allows you to assign a fixed IP address or give the NBG420N an automatically assigned IP address depending on your ISP . Figure 24 Wizard S tep 3: Y our IP Address The following table describes the labels in this screen 4.4.5 W AN IP Address As[...]

  • Page 59

    Chapter 4 Connection Wizar d NBG420N User’s Guide 59 Y ou can obtain your IP address from the IANA, from an ISP or have it assigned by a private network. If you belong to a small organization an d your Internet a ccess is through an ISP , the ISP can provide you with the Intern et addresses for your local networks. On the other hand, if you are p[...]

  • Page 60

    Chapter 4 Conn ection Wizard NBG420N User’s Guide 60 2 If the ISP did not give yo u DNS server information, leave the DNS Server fields set to 0.0.0.0 in the Wizard screen and/or set to From ISP in the WA N > I nternet Connection screen for the ISP to dynamically assign the DNS server IP addresses. 4.4.8 W AN IP and DNS Server Address Assignme[...]

  • Page 61

    Chapter 4 Connection Wizar d NBG420N User’s Guide 61 4.4.9 W AN MAC Address Every Ethernet device has a unique MAC (Med ia Access Control) addre ss. The MAC address is assigned at the factory and consists of six pairs of hexadec imal characters, for example, 00:A0:C5:00:00:02. This screen allows users to configure the W AN port's MAC address[...]

  • Page 62

    Chapter 4 Conn ection Wizard NBG420N User’s Guide 62 4.5 Connection Wizard: STEP 4: Bandwid th management Bandwidth management allows y o u to control the amoun t of bandwidth going out through the NBG420N’ s W AN, LAN or WLAN port and prio ritize the distribution of the bandwidth according to the traf fic type. This helps keep one service fro [...]

  • Page 63

    Chapter 4 Connection Wizar d NBG420N User’s Guide 63 Figure 28 Connection Wizard Save Follow the on-screen instructions and click Finish to complete the wizard setup. Figure 29 Connection Wizard Complete W ell done! Y ou have successfully set up y our NBG420N to operate on your network and access the Internet.[...]

  • Page 64

    Chapter 4 Conn ection Wizard NBG420N User’s Guide 64[...]

  • Page 65

    NBG420N User’s Guide 65 C HAPTER 5 AP Mode This chapter discusses how to configure se ttings while your NBG420N is set to AP Mode . Many screens that are available in Router Mode are not available in AP Mode . " See Chapter 6 on page 73 for an example of setti ng up a wireless network in AP mode. 5.1 AP Mode Overview Use your NBG420N as an A[...]

  • Page 66

    Chapter 5 AP Mode NBG420N User’s Guide 66 Figure 31 Maintenance > Sys OP Mode > General 3 A pop-up appears provi ding information on this mode. Click OK in the pop-up mess age window . (See Section 24.2 on page 260 for more information on the p op-up.) Click Apply . Y our NBG420N is now in AP Mode . " Y ou do not have to log in again o[...]

  • Page 67

    Chapter 5 AP Mode NBG420N User’s Guide 67 The following table describes the labels shown in the St a t u s screen. T able 23 Web Configurator Status Screen LABEL DESCRIPTION Device Information System Name This is the System Name you enter in the Maintenance > System > General screen. It is for identification purp oses. Firmware V ersion Thi[...]

  • Page 68

    Chapter 5 AP Mode NBG420N User’s Guide 68 5.3.1 Navigation Panel Use the menu in the navig a tion panel to configu re NBG420N features in AP Mode . The following screen and table show the features you can co nfigure in AP Mode . Figure 33 Menu: AP Mode The following table describes the sub-menus. Rate For the LAN ports, this displays the port spe[...]

  • Page 69

    Chapter 5 AP Mode NBG420N User’s Guide 69 5.4 Configuring Y our Settings 5.4.1 LAN Settings Use this section to configur e your LAN settings while in AP Mode . Click Network > LAN to see the screen below . Wireless LAN General Use this screen to configure wireless LAN. MAC Filter Use the MAC filter screen to configure the NBG420N to block acce[...]

  • Page 70

    Chapter 5 AP Mode NBG420N User’s Guide 70 " If you change the IP addre ss of the NBG420N in the screen below , you will need to log into the NBG420N again using the new IP address. Figure 34 Network > LAN > IP The table below describes the labels in the screen. T able 25 Network > LAN > IP LABEL DESCRIPTION Get from DHCP Server S[...]

  • Page 71

    Chapter 5 AP Mode NBG420N User’s Guide 71 5.4.2 WLAN and Maintenance Settings The configuration of wireless and maintenance settings in AP Mode is the same as for Router Mode . • See Chapter 5 on page 69 for information on the conf iguring your wireless network. • See Maintenance and T roubleshooting (227) for information on t he configuring [...]

  • Page 72

    Chapter 5 AP Mode NBG420N User’s Guide 72[...]

  • Page 73

    NBG420N User’s Guide 73 C HAPTER 6 Tutorials 6.1 Wireless T utorials 6.1.1 How to Connect to the Internet from an AP This section gives you an example of how to set up an access point ( AP ) and wireless client (a notebook ( B ), in this example) for wireless communication. B can acces s the Internet through the AP wirele ssly . Figure 35 Wireles[...]

  • Page 74

    Chapter 6 Tutorials NBG420N User’s Guide 74 6.1.2.1 Push Button Configuration (PBC) 1 Make sure that your NBG420N is turned on an d that it is within range of your computer . 2 Make sure that yo u have inst alled the wire le ss client (this example uses the NWD210N) driver and utility in your notebook. 3 In the wireless client utility , find the [...]

  • Page 75

    Chapter 6 Tutorials NBG420N User’s Guide 75 Figure 36 Example WPS Process: PBC Method 6.1.2.2 PIN Configuration When you use the P IN configuration method, you need to use both NBG420N’ s configurati on interface and the client’ s utilities. 1 Launch your wireless client’ s configuration utility . Go to the WPS settings and select the PIN m[...]

  • Page 76

    Chapter 6 Tutorials NBG420N User’s Guide 76 Figure 37 Example WPS P rocess: PIN Method 6.1.3 Enable and Configure Wirel ess Security without WPS on your NBG420N This example shows you how to configure wi rel ess security settings with the following parameters on your NB G420N. Authentication by PIN SECURITY INFO WITHIN 2 MINUTES Wireless Client N[...]

  • Page 77

    Chapter 6 Tutorials NBG420N User’s Guide 77 Follow the steps below to configure the wireless settings on your NBG420N. The instructions require that yo ur hardware is connected (see the Quick Start Guide) and you are logged into the web configurat or through your LAN connection (see Section 3.2 on p age 37 ). 1 Open the Wir eless LAN > Ge nera[...]

  • Page 78

    Chapter 6 Tutorials NBG420N User’s Guide 78 Figure 39 S tatus: AP Mode 6.1.4 Configure Y our Notebook " We use the ZyXEL M-302 wireless adapter utility scr eens as an example for the wireless client. The screens may vary for di fferent models. 1 The NBG420N supports IEEE 802.1 1b, IEEE 802.1 1g and IEEE 802.1 1n wireless clients. Make sure t[...]

  • Page 79

    Chapter 6 Tutorials NBG420N User’s Guide 79 Figure 40 Connecting a Wireless Client to a Wireless Network t 5 Select WP A-PSK and type the security key in the following screen. Click Next . Figure 41 Security Settings 6 The Confirm Save window appears. Check your settings and click Save to continue. Figure 42 Confirm Sa ve 7 Check the status of yo[...]

  • Page 80

    Chapter 6 Tutorials NBG420N User’s Guide 80 Figure 43 Link S tatus 8 If your connection is successful, open your Internet browser and enter http:// www .zyxel.com or the URL of any other web site in the address bar . If you are able to access the web site, your wireless co nnection is successfully configured. 6.2 Site-T o-Site VPN T unnel T utori[...]

  • Page 81

    Chapter 6 Tutorials NBG420N User’s Guide 81 6.2.1 Configuring Bob’ s NBG420N VPN Settings T o configure these settings Bob u ses the NBG420N web configurator . 1 Log into the NBG420N web configurator and click VPN > Modify icon. This displays the VPN Ru le Setup (basic) screen. 2 Select the Active checkbox to enable the VPN rule af ter it ha[...]

  • Page 82

    Chapter 6 Tutorials NBG420N User’s Guide 82 End/Mask text box. This value is the same as Ja ck only wants Bob to access this single IP address. Figure 47 Remote Policy 5 Enter the IP address “1.1.1.1” in the My IP Address text box. This is Bob’ s W AN IP address. 6 Select IP as the Local ID T ype . This is the type of content that will be u[...]

  • Page 83

    Chapter 6 Tutorials NBG420N User’s Guide 83 Figure 50 VPN Summary 6.2.2 Configuring Jack’ s NBG420N VPN Settings T o configure these settings Jack u ses the NBG420N web configurator . 1 Log into the NBG420N web configurator and click VPN > Modify icon. This displays the VPN Ru le Setup (basic) screen. 2 Select the Active checkbox to enable t[...]

  • Page 84

    Chapter 6 Tutorials NBG420N User’s Guide 84 6 Select IP as the Local ID T ype . This is the type of content that will be used to identify Jack’ s NBG420N. Enter the IP address “2.2.2.2” in the Local Content text box. This identifies Jack’ s NBG420N to Bob’ s NBG 420N. 7 Enter the IP address “1.1.1.1” in the Secure Gateway Address te[...]

  • Page 85

    Chapter 6 Tutorials NBG420N User’s Guide 85 Figure 57 Pinging Jack’ s Local IP Address Pinging is successful which means a VPN tunnel has been established betw een Bob and Jack’ s NBG420Ns. Congratulations! T o ch eck this VPN connection click VPN > SA M onitor in the web configurator . Figure 58 SA Monitor V If pinging is not successful c[...]

  • Page 86

    Chapter 6 Tutorials NBG420N User’s Guide 86[...]

  • Page 87

    87 P ART II Network W ireless LAN (89) WA N ( 1 1 7 ) LAN (127) DHCP (133) Network Address T ranslation (NA T) (137) Dynamic DNS (147)[...]

  • Page 88

    88[...]

  • Page 89

    NBG420N User’s Guide 89 C HAPTER 7 Wireless LAN This chapter discusses how to configure the wireless network settings in your NBG420N. See the append ices for more detailed information about wireless networks. 7.1 Wireless Network Overview The following figure provides an exampl e of a wireless network. Figure 59 Example of a Wireless Network The[...]

  • Page 90

    Chapter 7 Wireless LAN NBG420N User’s Guide 90 • Every wireless client in the same wireless network must use security c ompatible with the AP . Security stops unauthorized devices from using the wireless network. It ca n also protect the information that is sent in the wireless network. 7.2 Wireless Security Overview The following sections intr[...]

  • Page 91

    Chapter 7 Wireless LAN NBG420N User’s Guide 91 If your AP does not provide a local user database and if you do not have a RADIUS server , you cannot set up user names and passwords for your users. Unauthorized devices can still see th e information that is sent in the wireless network, even if they cannot use the wireless network. Furtherm ore, t[...]

  • Page 92

    Chapter 7 Wireless LAN NBG420N User’s Guide 92 When you select WP A2 or WP A2-PSK in your NBG420N, you can also select an option ( WP A Compatible ) to support WP A as we ll. In this case , if some wireless clients support WP A and some support WP A2, you should set up WP A2-PSK or WP A2 (depending on the type of wireless network login) and selec[...]

  • Page 93

    Chapter 7 Wireless LAN NBG420N User’s Guide 93 Figure 60 Roaming Example The steps below describe the roaming process. 1 W ireless station Y moves from the coverage area of access point AP 1 to that of access point AP 2 . 2 W ireless station Y sc ans and detects the signal of access point AP 2 . 3 W ireless station Y se nds an association request[...]

  • Page 94

    Chapter 7 Wireless LAN NBG420N User’s Guide 94 7.4.1 WMM QoS WMM (W i-Fi MultiMedia) QoS (Qua lity of Service) ensures quality of ser vice in wireless networks. It controls WLAN transmission priority on packets to be transmitted over the wireless network. WMM QoS prioritizes wireless traf fic according to delivery requirements. WMM QoS is a part [...]

  • Page 95

    Chapter 7 Wireless LAN NBG420N User’s Guide 95 Figure 61 Network > Wireless LAN > General The following table describes the general wireless LAN labels in this screen. T able 29 Network > Wireless LAN > General LABEL DESCRIPTION Enable Wireless LAN Click the check box to activate wireless LAN. Name(SSID) (Service Set IDentity) The SSI[...]

  • Page 96

    Chapter 7 Wireless LAN NBG420N User’s Guide 96 See the rest of this chapter for informa tion on the other labels in this screen. 7.5.1 No Security Select No Security to allow wireless stations to commun icate with the access points without any data encryption. " If you do not enable any wireless secu rity on your NBG420N, your network is acc[...]

  • Page 97

    Chapter 7 Wireless LAN NBG420N User’s Guide 97 Y our NBG420N allows you to configure u p to four 64-bit or 12 8-bit WEP keys but only one key can be enabled at any one time. In order to configure and enable WEP encryption; click Network > Wir eless LAN to display the General sc reen. Select S tatic WEP from the Security Mode list. Figure 63 Ne[...]

  • Page 98

    Chapter 7 Wireless LAN NBG420N User’s Guide 98 7.5.3 WP A-PSK/WP A2-PSK Click Network > W ireless LAN to display the General screen. Select WP A-PSK or WP A2- PSK from the Security Mode list. Figure 64 Network > Wireless LAN > General: WP A-PSK/WP A2-PSK Key 1 to Key 4 The WEP keys are used to encrypt data. Both the NBG420N and the wirel[...]

  • Page 99

    Chapter 7 Wireless LAN NBG420N User’s Guide 99 The following table describes the labels in this screen. 7.5.4 WP A/WP A2 Click Network > W ireless LAN to display the General screen. Select WP A or WP A2 from the Security Mode list. T able 32 Network > Wireless LAN > General: WPA-PSK/WPA2-PSK LABEL DESCRIPTION WP A Compatible This chec k [...]

  • Page 100

    Chapter 7 Wireless LAN NBG420N User’s Guide 100 Figure 65 Network > Wireless LAN > General: WP A/WP A2 The following table describes the labels in this screen. T able 33 Network > Wireless LAN > Ge neral: WPA/WPA2 LABEL DESCRIPTION WP A Compatible This check box is available only wh en you select WP A2-PSK or WP A2 in the Security Mod[...]

  • Page 101

    Chapter 7 Wireless LAN NBG420N User’s Guide 101 7.6 MAC Filter The MAC filter screen allows you to configure th e NBG420N to give exclusive access to up to 32 devices (Allow) or exc lude up to 32 devices from accessing the NBG420N (Den y). Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the fa[...]

  • Page 102

    Chapter 7 Wireless LAN NBG420N User’s Guide 102 Figure 66 Network > Wireless LAN > MAC Filter The following table describes the labels in this menu. 7.7 Wireless LAN Advanced Screen Click Network > W ireless LAN > Advanced . The screen appears as shown. T able 34 Network > Wireless LAN > MAC Filter LABEL DESCRIPTION Activ e Sele[...]

  • Page 103

    Chapter 7 Wireless LAN NBG420N User’s Guide 103 Figure 67 Network > Wireless LAN > Advanced The following table describes the labels in this screen. 7.8 Quality of Service (QoS) Screen The QoS screen allows you to au tomatically give a service (such as e-mail, V oIP or FTP) a priority level. Click Network > W ireless LAN > QoS . The f[...]

  • Page 104

    Chapter 7 Wireless LAN NBG420N User’s Guide 104 Figure 68 Network > Wireless LAN > QoS The following table describes the labels in this screen. T able 36 Network > Wireless LAN > QoS LABEL DESCRIPTION WMM QoS Policy Select Default to have the NBG420N automat ically give a service a priority level accord ing to the T oS value in the IP[...]

  • Page 105

    Chapter 7 Wireless LAN NBG420N User’s Guide 105 7.8.1 Application Pr iority Configuration Use this screen to edit a WMM QoS appli cation entry . Click the edit icon under Modify . The following screen displays. Figure 69 Network > Wireless LAN > QoS: Ap plication Priority Configuration See Appendix F on page 3 21 for a list of commonly-used[...]

  • Page 106

    Chapter 7 Wireless LAN NBG420N User’s Guide 106 7.9 WiFi Protected Setup W iFi Protected Setup (WPS) is an industry standard specification, defined by the W iFi Alliance. WPS allows you to quickly set up a wireless network with strong security , without having to configure security settings manually . Depending on the devices in your network, you[...]

  • Page 107

    Chapter 7 Wireless LAN NBG420N User’s Guide 107 7.9.2 WPS St atio n Screen Use this screen when you want to add a wireless station using WPS. T o open this screen, click Network > Wir eless LAN > WPS S tation tab. " Note: After you click Push Button on this screen, you have to press a similar button in the wireless station utilit y wit[...]

  • Page 108

    Chapter 7 Wireless LAN NBG420N User’s Guide 108 Figure 72 Scheduling The following table describes the labels in this screen. 7.10 iPod T ouch Web Configurator The iPod T ouch web configurator displays wh en you are connecting to the NBG420N wirelessly with an iPod T ouch device throug h a web browser . It is different to the web configurator tha[...]

  • Page 109

    Chapter 7 Wireless LAN NBG420N User’s Guide 109 1 Make sure the W ireless LAN on the NBG420N is enable d and that you know the security settings (if any). T o do this check the W ireless LAN > General screen in the web configurator from your compu ter . 2 On the iPod T ouch’ s main screen press Settings > Wi-fi and from the list press the[...]

  • Page 110

    Chapter 7 Wireless LAN NBG420N User’s Guide 11 0 7.10.2 System St atus After successfully logging into the iPod T ouch web configurator the System S tatus screen displays. " Y our changes in the iPod T ouch web configurator are saved automatically after pressing a button. If you are going to u se the WPS (W i-Fi Protected Setup) function in [...]

  • Page 111

    Chapter 7 Wireless LAN NBG420N User’s Guide 111 Figure 74 System S tatus screen The following table describes the labels in this screen. T able 41 System S tatus screen LABEL DESCRIPTION Logout Press this to logou t of the iPod T ouch web configurator . LAN IP Address This field displays the NBG420N’s LAN (Local Area Network) IP address. WA N I[...]

  • Page 112

    Chapter 7 Wireless LAN NBG420N User’s Guide 11 2 7.10.3 WPS in Progress After pressing Push Button in the System S tatus screen the WPS in Progress screen will display . It can take around tw o minutes for a su ccessful WPS connection to be made. The System St a t u s screen will display after a connection has been made or if it has failed. For m[...]

  • Page 113

    Chapter 7 Wireless LAN NBG420N User’s Guide 11 3 Figure 75 WPS In Progress 7.10.4 Port Forwarding After pressing the Details button in the System S tatus screen the port forwarding screen will display . Use this screen to change the status of port forwarding rules that have been set up in the web configurator from yo ur computer . See Section 1 1[...]

  • Page 114

    Chapter 7 Wireless LAN NBG420N User’s Guide 11 4 Figure 76 Port Forwarding The following table describes the labels in this screen. 7.1 1 Accessing the iPod T ouch W eb Configurator T o access the iPod T ouch web configurator throug h your iPod T ouch you must first c onnect it to the NBG420N’ s wirele ss network. Follow the steps below to do t[...]

  • Page 115

    Chapter 7 Wireless LAN NBG420N User’s Guide 11 5 " If you have not c onfigured your wireless settings yet you can do so by using the Wizard in the web configurator yo u access from your computer . Click the Wizard icon or the Go T o W izard Setup web link you see after logging into the web configurator from your computer . See Chapter 4 on p[...]

  • Page 116

    Chapter 7 Wireless LAN NBG420N User’s Guide 11 6 V If the login screen does not display properly , check that you are accessing the correct IP address. Also check your iPod T ouch web browser ’s security settings as they may affe ct how the page displays. 4 If you wish to login automatically in the future make sure the Auto Login checkbox is se[...]

  • Page 117

    NBG420N User’s Guide 11 7 C HAPTER 8 WAN This chapter describes how to configure W AN settings. 8.1 W AN Overview See the chap ter about the connection w izard for more information on the fields in the W AN screens. 8.2 W AN MAC Address The MAC address screen allows users to conf igure the W AN port's MAC address by e ither using the factory[...]

  • Page 118

    Chapter 8 WAN NBG420N User’s Guide 11 8 The NBG420N supports b oth IGMP version 1 ( IGMP-v1 ) and IGMP version 2 ( IGMP-v2 ). At start up, the NBG420N queries all direc tly connected networks to gather group membership. After that, the NBG4 20N periodically updates this information. IP multicasting can be enabled/disabled on the NBG420N LAN and/o[...]

  • Page 119

    Chapter 8 WAN NBG420N User’s Guide 11 9 The following table describes the labels in this screen. 8.4.2 PPPoE Encap sulation The NBG420N supports PPP oE (Point-to-Point Protocol over Ethernet). PPPoE is an IETF standard (RFC 2516) specifying how a personal computer (PC) interacts with a broadband modem (DSL, cable, wireless, etc.) connection. The [...]

  • Page 120

    Chapter 8 WAN NBG420N User’s Guide 120 For the service provider , PPPoE of fers an acces s and authentication method that works with existing access control systems (for example Radius). One of the benefits of PPPoE is the ability to let you access on e of multiple network services, a function known as dynamic service selection. This enables the [...]

  • Page 121

    Chapter 8 WAN NBG420N User’s Guide 121 The following table describes the labels in this screen. T able 44 Network > W AN > Internet Co nnection: PPPoE Encap sulation LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation The PPP over Ethernet choice is for a dial-up conn ection using PPPoE. The NBG420N supports PPPoE (Point-to- [...]

  • Page 122

    Chapter 8 WAN NBG420N User’s Guide 122 8.4.3 PPTP Encap sulation Point-to-Point T unneling Protocol (PP TP) is a ne twork protocol that enables secure transfer of data from a remote client to a private server , creating a V irtual Private Network (VPN) using TCP/IP-based networks. PP TP supports on-demand, multi-protocol and virtu al private netw[...]

  • Page 123

    Chapter 8 WAN NBG420N User’s Guide 123 Figure 80 Network > WAN > Internet Connec tion: PPTP Encapsulation The following table describes the labels in this screen. T able 45 Network > W AN > Internet Connection: PPTP Encapsulation LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation Point-to-Point Tunneling Protocol (PPTP[...]

  • Page 124

    Chapter 8 WAN NBG420N User’s Guide 124 Password T ype the password associated w ith the User Na me above. Retype to Confirm T y pe your password again to ma ke sure that you have entered is correctly . Nailed-up Connection Select Nailed-Up Connection if you do not want the connection to time out. Idle T imeout This value specifi es the time in se[...]

  • Page 125

    Chapter 8 WAN NBG420N User’s Guide 125 8.5 Advanced W AN Screen T o change your NBG420N’ s advanced W AN settings, click Networ k > WA N > Advanced . The screen appears as shown. Figure 81 Network > W AN > Advanced The following table describes the labels in this screen. T able 46 WAN > Advanced LABEL DESCRIPTION Multicast S etup[...]

  • Page 126

    Chapter 8 WAN NBG420N User’s Guide 126 Enable Auto -bridge mode Select this opti on to have the NBG420N switch to bridge mode automaticall y when the NBG420N gets a W AN IP add ress in the range of 192.168.x.y (where x and y are from zero to nine) no matter what the LAN IP address is. This migh t happen if you pu t the NBG420N behi nd a NA T rout[...]

  • Page 127

    NBG420N User’s Guide 127 C HAPTER 9 LAN This chapter describes how to configure LAN settings. 9.1 LAN Overview A Local Area Network (LAN) is a shared comm unication system to which many computers are attached. A LAN is a computer network lim ited to the immediate area, usually the same building or floor of a bu ilding. The LAN scre ens can help y[...]

  • Page 128

    Chapter 9 LAN NBG420N User’s Guide 128 9.2.2 IP Address and Subnet Mask Refer to the IP address and subnet mask section in the Connection W izard chapter for this information. 9.2.3 Multicast T raditionally , IP packets are transmitted in one of either two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everybody on the network).[...]

  • Page 129

    Chapter 9 LAN NBG420N User’s Guide 129 Figure 82 Any IP Example The Any IP fe ature does not apply to a computer using eit her a dynamic IP address or a static IP address that is in the same subnet as the NBG420N’ s IP address. " Y ou must enable NA T to use the Any IP feature on the NBG420N. Address Resolution Protocol (ARP) is a prot oco[...]

  • Page 130

    Chapter 9 LAN NBG420N User’s Guide 130 9.3 LAN IP Screen Use this screen to change yo ur basic LAN settings. Click Network > LAN . Figure 83 Network > LAN > IP The following table describes the labels in this screen. 9.4 LAN IP Alias IP alias allows you to partition a physical network into dif fer ent logical networks over the same Ether[...]

  • Page 131

    Chapter 9 LAN NBG420N User’s Guide 131 Figure 84 Network > LAN > IP Alias The following table describes the labels in this screen. 9.5 Advanced LAN Screen T o change your NBG420N’ s advanced IP sett ings, click Network > LAN > Advanced . The screen appears as shown. Figure 85 Network > LA N > Advanced T able 48 Network > LA[...]

  • Page 132

    Chapter 9 LAN NBG420N User’s Guide 132 The following table describes the labels in this screen. T able 49 Network > LAN > Advanced LABEL DESCRIPTION Multicast Select IGMP V -1 or IGMP V -2 or None . IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a Multicast group - it is not used to ca r[...]

  • Page 133

    NBG420N User’s Guide 133 C HAPTER 10 DHCP 10.1 DHCP DHCP (Dynamic Host Configuration Protocol , RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a se rver . Y ou can configure the NBG420N’ s LAN a s a DHCP server or disable it. When configured as a server , the NBG420N provides the TCP/IP configur[...]

  • Page 134

    Chapter 10 DHCP NBG420N User’s Guide 134 10.3 DHCP Advanc ed Screen This screen allows you to assign IP addresses on the LAN to specific individual computers based on their MAC addresses. Y ou can also use this screen to configure the DNS server information that the NBG420 N sends to the DHCP clients. Every Ethernet device has a unique MAC (Med i[...]

  • Page 135

    Chapter 10 DHCP NBG420N User’s Guide 135 10.4 Client List Screen The DHCP table shows current DHCP client information (including IP Address , Host Name and MAC Address ) of network clients using the NBG420N’ s DHCP servers. Configure this screen to always assign an IP addr ess to a MAC address (and host name). Click Network > DHCP Server >[...]

  • Page 136

    Chapter 10 DHCP NBG420N User’s Guide 136 Figure 88 Network > DHCP > Client List The following table describes the labels in this screen. T able 52 Network > DHCP > Client List LABEL DESCRIPTION # This is the index numb er of the host computer . IP Address This field displays the IP address relative to the # field liste d above. Host N[...]

  • Page 137

    NBG420N User’s Guide 137 C HAPTER 11 Network Address Translation (NAT) This chapter discusses how to configure NA T on the NBG420N. 1 1.1 NA T Overview NA T (Network Address Translation - NA T , RFC 1631) is the translation of the IP address of a host in a packet. For example, the source address of an outg oing packet, used within one network is [...]

  • Page 138

    Chapter 11 Network Addr ess Translation (NAT) NBG420N User’s Guide 138 " Many residential broadband ISP accounts do not allow you to run any server processes (such as a Web or FTP server) from your location. Y our ISP may periodically check for serv ers and may suspend your a ccount if it discovers any active services at your location. If yo[...]

  • Page 139

    Chapter 11 N etwork Add ress Translatio n (NAT) NBG420N User’s Guide 139 The following table describes the labels in this screen. 1 1.4 NA T Application Screen Port forwarding allows you to define the local servers to which the incoming services will be forwarded. T o change your NBG420 N’ s port forwarding settings, click Network > NA T >[...]

  • Page 140

    Chapter 11 Network Addr ess Translation (NAT) NBG420N User’s Guide 140 Figure 91 Network > NA T > Application The following table describes the labels in this screen. T able 54 NA T Application LABEL DESCRIPTION Game List Update A ga me list includes the pre-defin ed se rvice name (s) and port number(s). Y o u can edit and upload it to the [...]

  • Page 141

    Chapter 11 N etwork Add ress Translatio n (NAT) NBG420N User’s Guide 141 1 1.4.1 Game List Example Here is an example game list text file. The in dex number , service name and as sociated port(s) are specified by semi-colons (no spaces). Use th e name=xxx (where xxx is the service name) to create a new service. Port range can be se parated with a[...]

  • Page 142

    Chapter 11 Network Addr ess Translation (NAT) NBG420N User’s Guide 142 Figure 92 Game List Example 1 1.5 T rigger Port Forwarding Some services use a dedicated range of ports on the client side and a dedica ted range of ports on the server side. W ith regular port forwarding you set a forwarding port in NA T to forward a service (coming in from t[...]

  • Page 143

    Chapter 11 N etwork Add ress Translatio n (NAT) NBG420N User’s Guide 143 Figure 93 T rigger Port Forwarding Process: Example 1 Jane requests a file from the Real Audio server (port 7070). 2 Port 7070 is a “trigger” port and causes th e NBG420N to record Jane’ s computer IP address. The NBG420N associates Jane's comp uter IP address wit[...]

  • Page 144

    Chapter 11 Network Addr ess Translation (NAT) NBG420N User’s Guide 144 Figure 94 Network > NA T > Advanced The following table describes the labels in this screen. T able 55 Network > NA T > Advanced LABEL DESCRIPTION Max NA T/Firewall Session Per User T ype a number ranging from 1 to 2048 to limit the number of NA T/firewall sessions[...]

  • Page 145

    Chapter 11 N etwork Add ress Translatio n (NAT) NBG420N User’s Guide 145 Incoming Incoming is a port (or a range of ports) that a server on the W AN use s when it sends out a particular service. The NBG420N forwards the traf fic with this port (or range of ports) to the client co mputer on the LAN tha t requested the service. St a r t P o r t T y[...]

  • Page 146

    Chapter 11 Network Addr ess Translation (NAT) NBG420N User’s Guide 146[...]

  • Page 147

    NBG420N User’s Guide 147 C HAPTER 12 Dynamic DNS 12.1 Dynamic DNS Introduction Dynamic DNS allows you to update your curre nt dynamic IP address with one or many dynamic DNS services so that anyone can c ont act you (in Ne tMeeting, CU-SeeMe, etc.). Y ou can also access your FTP server or W eb site on your own computer using a domain name (for in[...]

  • Page 148

    Chapter 12 Dynam ic DNS NBG420N User’s Guide 148 Figure 95 Dynamic DNS The following table describes the labels in this screen. T able 56 Dynamic DNS LABEL DESCRIPTION Enable Dynamic DNS Select this check box to use dynamic DNS. Service Prov ider Select the name of your Dynamic DN S service provider . Dynamic DNS T ype Select the type of servi ce[...]

  • Page 149

    Chapter 12 Dynamic D NS NBG420N User’s Guide 149 Apply Click Apply to save your changes back to the NBG420N. Reset Click Reset to begin configuring this screen afresh. T able 56 Dynamic DNS LABEL DESCRIPTION[...]

  • Page 150

    Chapter 12 Dynam ic DNS NBG420N User’s Guide 150[...]

  • Page 151

    151 P ART III Security Firewall (153) Content Filtering (161) IPSec VPN (165)[...]

  • Page 152

    152[...]

  • Page 153

    NBG420N User’s Guide 153 C HAPTER 13 Firewall This chapter gives some bac kground information on firewalls and explains how to get started with the NBG420N’ s firewa ll. 13.1 Introduction to ZyXEL ’ s Firewall 13.1.1 What is a Firewall? Originally , the term “firewall” referred to a construction technique designed to prevent the spread of[...]

  • Page 154

    Chapter 13 Firewall NBG420N User’s Guide 154 The NBG420N is installed between the LAN and a broadband modem connectin g to the Internet. This allows it to act as a secure gatewa y for all data passing betwee n the Internet and the LAN. The NBG420N has one Ethernet W AN port and four Ethernet LAN ports, which are used to physically separate the ne[...]

  • Page 155

    Chapter 13 Firewall NBG420N User’s Guide 155 1 A computer on the LAN initiates a connectio n by sending a SYN packet to a receiving server on the W AN. 2 The NBG420N reroutes the packet to Gateway A , which is in Subnet 2 . 3 The reply from the W AN goes to the NBG420N. 4 The NBG420N then sends it to the computer on the LAN in Subnet 1 . Figure 9[...]

  • Page 156

    Chapter 13 Firewall NBG420N User’s Guide 156 13.4 Services Screen Click Security > Fir ewall > Services . The scree n appears as shown next. If an outside user attempts to probe an unsu pported port on your NBG420N, an ICMP response packet is automatically returned. This allows the outsi de user to know the NBG420N exists. Use this screen t[...]

  • Page 157

    Chapter 13 Firewall NBG420N User’s Guide 157 13.4.1 The Add Firewall Rule Screen If you click Add or the Modify icon on an ex isting rule, the Add Firewall Rule screen is displayed. Use this screen to add a fire wall rule or to modify an existing one. Do not respond to requests for unauthorized services Select this option to prevent hackers from [...]

  • Page 158

    Chapter 13 Firewall NBG420N User’s Guide 158 Figure 99 Security > Firewall > Services > Adding a Rule The following table describes the labels in this screen. T able 59 Security > Firewall > Services > Adding a Rule LABEL DESCRIPTION Activ e Select this check box to turn the rule on. Address T ype Do you want your rule to apply [...]

  • Page 159

    Chapter 13 Firewall NBG420N User’s Guide 159 Available Services This is a list of pre-defined services ( ports) you may prohibit your LAN computers from using. Select the port you want to block using the drop-down list and click Add to add the port to the Blocked Services fiel d. Blocked Services This is a li st of services (ports) that will be i[...]

  • Page 160

    Chapter 13 Firewall NBG420N User’s Guide 160[...]

  • Page 161

    NBG420N User’s Guide 161 C HAPTER 14 Content Filtering This chapter provides a brief overview of co ntent filtering using the embedded web GUI. 14.1 Introduction to Content Filtering Internet content filtering allows you to create and enforce Internet access policies tailored to your needs. Content filtering is the ability to block certain web fe[...]

  • Page 162

    Chapter 14 Content Filtering NBG420N User’s Guide 162 Figure 100 Security > Content Filter > Filter The following table describes the labels in this screen. T able 60 Security > Conten t Filter > Filter LABEL DESCRIPTION T rusted C omputer IP Address T o ena ble this feature, type an IP addre ss of any one of the computers in your net[...]

  • Page 163

    Chapter 14 Con tent Filtering NBG420N User’s Guide 163 14.5 Schedule Use this screen to set the day(s) and time you want the NBG420N to use content filtering. Click Security > Content Filter > Schedul e . The following screen displays. Figure 101 Security > Content Filter > Schedule The following table describes the labels in this scr[...]

  • Page 164

    Chapter 14 Content Filtering NBG420N User’s Guide 164 14.6 Customizing Keyword Blocking URL Checking Y ou can use commands to set ho w much of a website’ s URL the content filter is to check for keyword blocking. See the appendices for info rmation on how to access and use the command interpreter . 14.6.1 Domain Name or IP Address URL Checking [...]

  • Page 165

    NBG420N User’s Guide 165 C HAPTER 15 IPSec VPN 15.1 IPSec VPN Overview A virtual private network (VPN) provides secu re communications between sites without the expense of leased site-to-site lines. A secure VP N is a combination of tunneling, encryption, authentication, access control and a uditing. It is used to transpor t traffic over the Inte[...]

  • Page 166

    Chapter 15 IPSec VPN NBG420N User’s Guide 166 15.1.2 What Y ou Need T o Know About IPSec VPN A VPN tunnel is usually established in tw o phases. Each phase establishes a security association (SA), a contract indicating what sec urity parameters the NB G420N and the remote IPSec router will use. The first phase establish es an Internet Key Exchang[...]

  • Page 167

    Chapter 15 IPSec VPN NBG420N User’s Guide 167 Y ou can usually provide a static IP address or a domain name for the remote IPSec router as well. Sometimes, you might not know the IP addr ess of the remote IPSec router (for example, telecommuters). In this case, you can still set up the IKE SA, but only the remote IPSec router can initiate an IKE [...]

  • Page 168

    Chapter 15 IPSec VPN NBG420N User’s Guide 168 The following table describes the fields in this screen. 15.2.1 VPN Rule Setup (Basic) Click the Edit icon in the General screen to display the Rule Setup screen. This figure helps explain the main fields. T able 62 Security > VPN > General LABEL DESCRIPTION # This is the VPN pol icy index numb [...]

  • Page 169

    Chapter 15 IPSec VPN NBG420N User’s Guide 169 Figure 105 IPSec Fields Summary Use this screen to configure a VPN rule. Figure 106 Security > VPN > General > Rule Setup: IKE (B asic)[...]

  • Page 170

    Chapter 15 IPSec VPN NBG420N User’s Guide 170 The following table describes the labels in this screen. T able 63 SECURITY > VPN > Rule Setup: IKE (Basic) LABEL DESCRIPTION Property Activ e Select this check box to activate this VPN policy . Keep Alive Select this check box to have the NBG420 N automatically rein itiate the SA after the SA l[...]

  • Page 171

    Chapter 15 IPSec VPN NBG420N User’s Guide 171 Remote Policy Remote IP addresses must be static and correspond to the remote IPSec router's configured local IP addresses. The remote fields do not apply when the Secure Gateway IP Add ress field is configured to 0.0.0.0 . In this case only the remote IPSec router can initiate the VPN. T wo acti[...]

  • Page 172

    Chapter 15 IPSec VPN NBG420N User’s Guide 172 Secure Gateway Address T ype the W AN IP address or the domain na me (up to 31 characters) of the IPSec router with which you're making the VPN connection. Set this field to 0.0.0.0 if the remote IPSec router has a dynamic W AN IP address (the IPSec Keying Mode field must be se t to IKE ). In ord[...]

  • Page 173

    Chapter 15 IPSec VPN NBG420N User’s Guide 173 15.2.2 VPN Rule Setup (Advanced) Click the Advanced... button in the Rule Setup screen to open this screen. Use this screen to configure a VPN rule. Pre-Shared Key T y pe your pre-shared key in this field. A pre-shared key identifies a communicating party during a phase 1 IKE negotiation. It is called[...]

  • Page 174

    Chapter 15 IPSec VPN NBG420N User’s Guide 174 Figure 107 Security > VPN > General > Rule Setup: IKE (Advanced )[...]

  • Page 175

    Chapter 15 IPSec VPN NBG420N User’s Guide 175 The following table describes the labels in this screen. T able 64 Security > VPN > Rule Setup: IKE (Advanced) LABEL DESCRIPTION Property Activ e Select this check box to activate this VPN policy . Keep Alive Select this check box to have the NBG420N automatically reinitiate the SA after the SA [...]

  • Page 176

    Chapter 15 IPSec VPN NBG420N User’s Guide 176 Local Address End / Mask When the local IP address is a single address, type it a second time here. When the local IP address is a range, ent er the end (static) IP address, in a range of computers on the LAN behind your NBG420N. When the local IP address is a subnet address, en ter a subnet mask on t[...]

  • Page 177

    Chapter 15 IPSec VPN NBG420N User’s Guide 177 Local Content When you select IP in the Local ID T ype field, type the IP address of your computer in the Local Content field. The NBG420N auto matically uses the IP address in the My IP Address field (refer to the My IP Address field description ) if you configure th e Local Content field to 0.0.0.0 [...]

  • Page 178

    Chapter 15 IPSec VPN NBG420N User’s Guide 178 IKE Phase 1 Negotiation Mode Select Main or Aggress ive from the drop-down list box. Multiple SAs connecting through a secu re gateway mu st have the same negotia tion mode. Encryption Algori thm Select which key size and encryption algorithm to use in the IKE SA. Choices are: DES - a 56-bit key with [...]

  • Page 179

    Chapter 15 IPSec VPN NBG420N User’s Guide 179 15.2.3 VPN Rule Setup (Manual) Use this screen to configure VPN rules (t unnels) that use manual keys. Manual key management is useful if you h ave problems with IKE key management. Select Manual in the IPSec Keying Mode field on the Rule Setup screen to open the screen as shown in Figure 108 on page [...]

  • Page 180

    Chapter 15 IPSec VPN NBG420N User’s Guide 180 15.2.3.3 Authentication and th e Security Parameter Index (SPI) For authentication, the NBG420N and remote IPSec router use the SPI, instead of pre-shared keys, ID type and conten t. The SPI is an identification number . Note: The NBG420N and remote IPSe c router must use the same SPI. Figure 108 Secu[...]

  • Page 181

    Chapter 15 IPSec VPN NBG420N User’s Guide 181 IPSec Keying Mode Select IKE or Manual from the drop-down list box. IKE provides mo re protection so it is generally recommended. Manual is a u seful option for tro ubleshooting if you have problems using IKE key management. Protocol Number Enter 1 for ICMP , 6 for TCP , 17 for UDP , etc. 0 is the def[...]

  • Page 182

    Chapter 15 IPSec VPN NBG420N User’s Guide 182 Remote Address For a single IP address, ente r a (stati c) IP address on the network behind the remote IPSec router . For a specific range of IP addresses, enter th e beginning (static) IP address, in a range of computers on the network behind the remote IPSec router . T o specify IP addresses on a n [...]

  • Page 183

    Chapter 15 IPSec VPN NBG420N User’s Guide 183 15.3 The SA Monitor Screen In the web configurator , click Security > VPN > SA Monitor . Use this screen to display and manage active VPN connections. A Security Association (SA) is the group of se cu rity settings related to a specific VPN tunnel. This screen dis plays active VPN connectio ns. [...]

  • Page 184

    Chapter 15 IPSec VPN NBG420N User’s Guide 184 The following table describes the labels in this screen. 15.4 VPN and Remote Management Y ou can allow someone to use a service (like T elnet or HTTP) through a VPN tunnel to manage the NBG420N. One of the NBG420N’ s po rts must be part of the VPN rule’ s local network. This can be the NBG420N’ [...]

  • Page 185

    Chapter 15 IPSec VPN NBG420N User’s Guide 185 15.5 IPSec VPN T echnical Reference IKE SA Proposal The IKE SA proposal is used to identify the encryption algorithm, au thentication algorithm, and Diffie-Hellman (DH) key group that the NBG420N and remote IPSec router use in the IKE SA. In main mode, this is done in steps 1 and 2, as illustrated bel[...]

  • Page 186

    Chapter 15 IPSec VPN NBG420N User’s Guide 186 Authentication Before the NBG420N and remote IPSec router es tablish an IKE SA, they h ave to verify each other ’ s identity . This process is based on pre-shared keys and router identities. In main mode, the NBG420 N and remote IPSec rout er authenticate each ot her in steps 5 and 6, as illustrated[...]

  • Page 187

    Chapter 15 IPSec VPN NBG420N User’s Guide 187 In the following example, the ID type and content do not match so the authentication fails and the NBG420N and the remote IPSec router cannot establish an IKE SA. Negotiation Mode There are two negotiation modes: main mode and aggressive mode. Main mode provides better security , while aggressive mode[...]

  • Page 188

    Chapter 15 IPSec VPN NBG420N User’s Guide 188 Figure 1 14 VPN/NA T Example If router A does NA T , it might change the IP addre sses, port numbers, or both. If router X and router Y try to establish a VPN tunnel, the authen tication fails because it depends on this information. The routers ca nnot establish a VPN t unnel. Most routers like router[...]

  • Page 189

    Chapter 15 IPSec VPN NBG420N User’s Guide 189 These modes are illustrated below . In tunnel mode, the NBG4 20N uses the IPSec prot ocol to encapsulate the entire IP packet. As a result, there are two IP headers: • Outside header: The outside IP he ader contai ns the IP address of the NBG420N or remote IPSec router , whicheve r is the destinatio[...]

  • Page 190

    Chapter 15 IPSec VPN NBG420N User’s Guide 190 Additional IPSec VPN T opics This section discusses other IPSec VPN topics that apply to either IKE SAs or IPSec SAs or both. Relationships between the topics are also highlighted. SA Life Time SAs have a lifetime that specifi es how long the SA lasts until it times out. When an SA times out, the NBG4[...]

  • Page 191

    Chapter 15 IPSec VPN NBG420N User’s Guide 191 The following figure depicts an example wher e one VPN tunnel is created from an NBG420N at branch office ( B ) to head quarters ( HQ ). In order to access computers that use private domain names on the HQ network, the NBG420N at B uses the Intranet DNS server in headquarters. Figure 1 16 Private DNS [...]

  • Page 192

    Chapter 15 IPSec VPN NBG420N User’s Guide 192[...]

  • Page 193

    193 P ART IV Management Static Route Screens (195) Bandwidth Management (1 99) Remote Management (209) Universal Plug-and-P lay (UPnP) (215)[...]

  • Page 194

    194[...]

  • Page 195

    NBG420N User’s Guide 195 C HAPTER 16 Static Route Screens This chapter shows you how to config ure static routes for your NBG420N. 16.1 S t atic Route Overview The NBG420N usually uses the default gateway to route outbou nd traffic from computers on the LAN to the Internet. T o have the NBG420N send data to devic es not reachable thro ugh the def[...]

  • Page 196

    Chapter 16 Static Route Screens NBG420N User’s Guide 196 Figure 1 18 Management > S tatic Rout e > IP S tatic Route The following table describes the labels in this screen. 16.2.1 S tatic Rout e Setup Screen T o edit a static route, click the edit icon under Modify . The following screen displays. Fill in the required information for each s[...]

  • Page 197

    Chapter 16 Static Route Screens NBG420N User’s Guide 197 Figure 1 19 Management > S tatic Route > IP S t a t ic Route: S tatic Route Setup The following table describes the labels in this screen. T able 70 Management > S tatic Rou t e > IP S t atic Route: Stat ic Route Setup LABEL DESCRIPTION Route Name Enter the name of the IP static[...]

  • Page 198

    Chapter 16 Static Route Screens NBG420N User’s Guide 198[...]

  • Page 199

    NBG420N User’s Guide 199 C HAPTER 17 Bandwidth Management This chapter contains information about configuri ng bandwidth management, editing rules and viewing the NBG420 N’ s bandwidth management lo gs. 17.1 Bandwid th Management Overview ZyXEL ’ s Bandwidth Management allows you to specify bandwidth management rules based on an application a[...]

  • Page 200

    Chapter 17 Bandwid th Manageme nt NBG420N User’s Guide 200 The following figure shows LAN subnets. Y ou could configure one bandwidth class for subnet A and another for subnet B . Figure 120 Subnet-based Ba ndwidt h Management Example 17.4 Application and Subnet-based Bandwid th Management Y ou could also create bandwidth clas ses based on a comb[...]

  • Page 201

    Chapter 17 Bandwidth Management NBG420N User’s Guide 201 17.6 Predefined Bandwid th Management Services The following is a description of the services th at you can select and to which you ca n apply media bandwidth ma nagement using th e wizard screens. 17.6.1 Services and Port Numbers See Appendix F on page 3 21 for commonly used services and p[...]

  • Page 202

    Chapter 17 Bandwid th Manageme nt NBG420N User’s Guide 202 17.7 Default Bandwid th Management Classes and Priorities If you enable bandwidth management but do not configure a rule for critical traf fic like V oIP , the voice traffic may then get de layed due to insufficient bandwi dth. W ith the automatic traffic classifier feature activated, the[...]

  • Page 203

    Chapter 17 Bandwidth Management NBG420N User’s Guide 203 The following table describes the labels in this screen. 17.9 Bandwid th Management Advanced Configuration Click Management > Bandwidth MGMT > Advanced to open the bandwidth managemen t Advanced screen. Figure 122 Management > Bandwid th MGMT > Advanced T able 75 Management >[...]

  • Page 204

    Chapter 17 Bandwid th Manageme nt NBG420N User’s Guide 204 The following table describes the labels in this screen. T able 76 Management > Bandwidth MGMT > Advanced LABEL DESCRIPTION Check my upstream bandwidth Click the Detection button to check the size of your upstream bandwidth. Upstream Bandwidth (kbps) Enter the amount of bandwi dth i[...]

  • Page 205

    Chapter 17 Bandwidth Management NBG420N User’s Guide 205 17.9.1 Rule Configuration with the Pre-defined Service T o edit a bandwidth manag ement rule for the pre-defined service in the NBG420N, click the Edit icon in the Application List table of the Advanced screen. The following screen displays. Figure 123 Bandwidth Mana gement Rule Configurati[...]

  • Page 206

    Chapter 17 Bandwid th Manageme nt NBG420N User’s Guide 206 Figure 124 Management > Bandwid th MGMT > Adva nced: Us er-defined Service Rule Configuration The following table describes the labels in this screen T able 78 Management > Bandwidth MGMT > Advanced: User-defin ed Service Rule Configuration 17.10 Bandwid th Management Monitor [...]

  • Page 207

    Chapter 17 Bandwidth Management NBG420N User’s Guide 207 Figure 125 Management > Bandwidth MGMT > Mo nitor[...]

  • Page 208

    Chapter 17 Bandwid th Manageme nt NBG420N User’s Guide 208[...]

  • Page 209

    NBG420N User’s Guide 209 C HAPTER 18 Remote Management This chapter provides information on the Remote Management screens. 18.1 Remote Management Overview Remote management allows you to determ ine which services/protocols can access which NBG420N interface (if an y) from which c omputers. " When you configure remote managem ent to allow man[...]

  • Page 210

    Chapter 18 Remo te Management NBG420N User’s Guide 210 1 Y ou have disabled that service in one of the remote management screens. 2 The IP address in the Secured Client IP Add ress field does not match the client IP address. If it does not match, the NBG420 N will disconnect the session immediately . 3 There is already another remote management s[...]

  • Page 211

    Chapter 18 Remote Manag ement NBG420N User’s Guide 21 1 18.3 T elnet Y ou can use T elne t to access the NBG420 N’ s command line interface. Specify which interfaces allow T elnet access a nd fro m which IP address the access can come. 18.4 T elnet Screen T o change your NBG420N’ s T elnet settings, click Management > Remote MGMT > Te l[...]

  • Page 212

    Chapter 18 Remo te Management NBG420N User’s Guide 212 18.5 FTP Screen Y ou can use FTP (File T ransfer Protocol) to up load and download the NBG420N’ s firmware and configuration files. T o use this feature, your computer must have an FTP client. T o change your NBG420N’ s FTP settings, click Management > Remote MGMT > FTP . The screen[...]

  • Page 213

    Chapter 18 Remote Manag ement NBG420N User’s Guide 213 Figure 129 Management > Remo te MGMT > DNS The following table describes the labels in this screen. T able 82 Management > Remote MGMT > DNS LABEL DESCRIPTION Server Port The DNS service p ort number is 53 and cannot be ch anged here. Server Access Select the interface(s) through [...]

  • Page 214

    Chapter 18 Remo te Management NBG420N User’s Guide 214[...]

  • Page 215

    NBG420N User’s Guide 215 C HAPTER 19 Universal Plug-and-Play (UPnP) This chapter introduces the UPnP feature in the web configura tor . 19.1 Introducing Universal Plug and Play Universal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectiv ity between devices. A UPnP device can[...]

  • Page 216

    Chapter 19 Universal Plug-and-Play (UPnP) NBG420N User’s Guide 216 When a UPnP device joins a network, it announ ces its presence with a multicast mess age. For security reasons, the NBG420N allows multic ast messages on the LAN only . All UPnP-enabled devices may communicate freely with eac h other without additional configuration. Disable UPnP [...]

  • Page 217

    Chapter 19 Universal Plug-and-Play (UPnP) NBG420N User’s Guide 217 19.4 Inst alling UPnP in Windows Example This section shows ho w to install UPnP in W indows Me and W indows XP . 19.4.0.1 Inst alling UPnP in Windows Me Follow the steps below to inst all the UPnP in W indows Me. 1 Click St a r t and Control Panel . Double-click Add/Remove Pr ogr[...]

  • Page 218

    Chapter 19 Universal Plug-and-Play (UPnP) NBG420N User’s Guide 218 Figure 132 Add/Remove Programs: Wind ows Setup: Communication: Component s 4 Click OK to go back to the Add/Remove Pr ograms Properties window and click Next . 5 Restart the computer when prompted. Inst alling UPnP in Windows XP Follow the steps below to install the UPnP in Window[...]

  • Page 219

    Chapter 19 Universal Plug-and-Play (UPnP) NBG420N User’s Guide 219 Figure 134 Windows Optiona l Networking Component s Wizard 5 In the Networking Services window , select the Universal Plug and Play check box. Figure 135 Networking Services 6 Click OK to go back to the W indows Optional Networking Component W izard window and click Next .[...]

  • Page 220

    Chapter 19 Universal Plug-and-Play (UPnP) NBG420N User’s Guide 220 19.4.0.2 Using UPnP in W indows XP Example This section shows yo u how to use the UPnP feature in W indows XP . Y ou must already have UPnP installed in W indows XP an d UPnP activated on the NBG42 0N. Make sure the computer is connected to a LAN port of the NBG420N. T urn on your[...]

  • Page 221

    Chapter 19 Universal Plug-and-Play (UPnP) NBG420N User’s Guide 221 Figure 137 Internet Connection Properties 4 Y ou may edit or delete the port mappings o r click Add to manually add port mappings.[...]

  • Page 222

    Chapter 19 Universal Plug-and-Play (UPnP) NBG420N User’s Guide 222 Figure 138 Internet Connection Properties: Adva nced Settings Figure 139 Internet Connection Proper ties: Adva nced Settings: Add 5 When the UP nP-enabled device is disconne cted from your computer , all port mappings will be deleted automatically . 6 Select Show icon in noti fica[...]

  • Page 223

    Chapter 19 Universal Plug-and-Play (UPnP) NBG420N User’s Guide 223 Figure 140 System T ray Icon 7 Double-click on the icon to display yo ur curr ent Internet connection st atus. Figure 141 Internet Connection S tatus Web Configurator Eas y Access W ith UPnP , you can access the web-based c onfig urator on the NBG420N without finding out the IP ad[...]

  • Page 224

    Chapter 19 Universal Plug-and-Play (UPnP) NBG420N User’s Guide 224 Figure 142 Network Connections 4 An icon with the description for e ach UPnP-enabled device display s under Local Network . 5 Right-click on the icon for your NBG420N and select Invoke . The web configurator login screen displays.[...]

  • Page 225

    Chapter 19 Universal Plug-and-Play (UPnP) NBG420N User’s Guide 225 Figure 143 Network Connections: My Network Places 6 Right-click on the icon for your NBG420N and select Properties . A properties window displays with basic inform ation about the NBG420N. Figure 144 Network Connections: My Networ k Places: Properties: Example[...]

  • Page 226

    Chapter 19 Universal Plug-and-Play (UPnP) NBG420N User’s Guide 226[...]

  • Page 227

    227 P ART V Maintenance and T roubleshooting System (229) Logs (233) T ools (251) Configuration Mode (257) Sys Op Mode (259) Language (263) T roubleshooting (265)[...]

  • Page 228

    228[...]

  • Page 229

    NBG420N User’s Guide 229 C HAPTER 20 System This chapter provides information on the System s creens. 20.1 System Overview See the chapter about wizard setup for mo re information on th e next few screens. 20.2 System General Screen Click Maintenance > System . The following screen displays. Figure 145 Maintenance > System > General The [...]

  • Page 230

    Chapter 20 System NBG420N User’s Guide 230 20.3 T ime Setting Screen T o change your NBG 420N’ s time and date, click Maintenance > System > T ime Setting . The screen appears as shown. Use this screen to configure the NBG420N’ s time based on your local time zone. Figure 146 Maintenance > System > T ime Setting Administrator Inac[...]

  • Page 231

    Chapter 20 System NBG420N User’s Guide 231 The following table describes the labels in this screen. T able 85 Maintenance > System > T ime Setting LABEL DESCRIPTION Current T ime and Date Current T ime This fiel d displays the time of you r NBG420N. Each time you rel oad this page, the NBG420N synchronizes the time with the time server . Cu[...]

  • Page 232

    Chapter 20 System NBG420N User’s Guide 232 End Date Configure the day and time when Daylight Saving T ime ends if you selected Daylight Saving s . Th e o'clock field uses the 24 ho ur format. Here are a couple of examples: Daylight Saving Time ends in the United St ates on the last Sunday of October . Each time zone in the United S tat es st[...]

  • Page 233

    NBG420N User’s Guide 233 C HAPTER 21 Logs This chapter contains inform ation about configuring genera l log settings and viewing the NBG420N’ s logs. Refe r to the appendices for example log message explanations. 21.1 V iew Log The web confi gurator allows you to look at all of the NBG420N’ s logs in one location. Click Maintenance > Logs [...]

  • Page 234

    Chapter 21 Logs NBG420N User’s Guide 234 The following table describes the labels in this screen. 21.2 Log Settings Y ou can configure the NBG420N’ s ge neral log settings in one location. Click Maintenance > Logs > Log Settings to open the Log Settings screen. Use the Log Settings screen to configure to where the NB G420N is to send logs[...]

  • Page 235

    Chapter 21 Lo gs NBG420N User’s Guide 235 Figure 148 Maintenance > Logs > Log Settings The following table describes the labels in this screen. T able 87 Maintenance > Logs > Log Settings LABEL DESCRIPTION E-mail Log Settings Mail Server Enter the server name or the IP addre ss of the mail serv er for the e-mail addresses specified be[...]

  • Page 236

    Chapter 21 Logs NBG420N User’s Guide 236 Send Alerts T o Alerts are real-time notifications that are sent as soon as an event, such as a DoS attack, system error , or forbidden web access attempt o ccurs. Enter the E- mail address where the alert messages will be sent. Ale rts include system errors, attacks and attempted access to bl ocked web si[...]

  • Page 237

    Chapter 21 Lo gs NBG420N User’s Guide 237 21.3 Log Descriptions This section provides descriptio ns of example log messages. T able 88 System Maintenance Logs LOG MESSAGE DESCRIPTION Time calibration is successful The router h as adjusted its time based on info rmation from the time server . Time calibration failed The router failed to get inform[...]

  • Page 238

    Chapter 21 Logs NBG420N User’s Guide 238 T able 89 System Error Logs LOG MESSAGE DESCRIPTION %s exceeds the max. number of session per host! This attempt to create a NA T session exceeds the maximum number of NA T session table entries allowed to be created per host. setNetBIOSFilter: calloc error The router fail ed to allocate memory for the Net[...]

  • Page 239

    Chapter 21 Lo gs NBG420N User’s Guide 239 Firewall session time out, sent TCP RST The router sent a TCP reset pa cket when a dynamic firewall session timed out. The default timeout values are as follows: ICMP idle timeout: 3 minutes UDP idle timeout: 3 minutes TCP connection (three way han dshaking) timeout: 270 second s TCP FIN-wait timeout: 2 M[...]

  • Page 240

    Chapter 21 Logs NBG420N User’s Guide 240 T able 94 CDR Logs LOG MESSAGE DESCRIPTION board%d line%d channel%d, call%d,%s C01 Outgoing Call dev=%x ch=%x%s The router received the setup requ irements for a call. “cal l” is the reference (count) numbe r of the call. “dev” is the device type (3 is for dial-up, 6 is for PPPoE, 10 is for PPTP). [...]

  • Page 241

    Chapter 21 Lo gs NBG420N User’s Guide 241 %s: Proxy mode detected The rout er detected proxy mode i n the packet. %s The content filter server responded t hat the web site is in the blocked category list, but it did not return the ca tegory type. %s:%s The content filter server responded t hat the web site is in the blocked category list, and ret[...]

  • Page 242

    Chapter 21 Logs NBG420N User’s Guide 242 teardrop UDP The firewall detected an UDP teardrop attack. teardrop ICMP (type:%d, code:%d) The firewall dete cted an ICMP te ardrop attack. For type and code details, see T able 1 04 on page 247 . illegal command TCP The firewall dete cted a TCP illegal command attack. NetBIOS TCP The firewall detected a [...]

  • Page 243

    Chapter 21 Lo gs NBG420N User’s Guide 243 Verifying Local ID failed: The connection failed during I KE phase 2 because the router and the peer ’s Local/Remote Ad dresses don’t match. IKE Packet Retransmit The router retra nsmitted the last packet sent because there was no response from the peer . Failed to send IKE Packet An Ethernet error st[...]

  • Page 244

    Chapter 21 Logs NBG420N User’s Guide 244 No known phase 1 ID type found The router could not find a known phase 1 ID in the connection attempt. ID type mismatch. Local / Peer: <Local ID type/Peer I D type> The phase 1 ID types do not ma tch. ID content mismatch The phase 1 ID contents do not match. Configured Peer ID Content: <Configured[...]

  • Page 245

    Chapter 21 Lo gs NBG420N User’s Guide 245 Rule [%d] Phase 1 ID mism atch The listed rule’s IKE phase 1 ID did not match between the router and the peer . Rule [%d] Phase 1 hash mismatch The listed rule’s IKE phase 1 hash did not match between the router and the peer . Rule [%d] Phase 1 preshared key mismatch The listed rule’s IKE phase 1 pr[...]

  • Page 246

    Chapter 21 Logs NBG420N User’s Guide 246 Rcvd user cert: <subject name> The router received a user certificat e, with sub ject name as recorded, from the LDAP server whose IP address and port are recorded in the Source field. Rcvd CRL <size>: <issuer name> The router received a CRL (Certificate Revocation List), with size an d i[...]

  • Page 247

    Chapter 21 Lo gs NBG420N User’s Guide 247 User logout because of user deassociation. The router l ogged out a user w ho ended the session. User logout because of no authentication response from user. The router logge d out a user from which there was no authentication response. User logout because of idle timeout expired. The router l ogged out a[...]

  • Page 248

    Chapter 21 Logs NBG420N User’s Guide 248 5 Source route failed 4 Source Quench 0 A gateway may discard internet datagrams if it does not have th e buffer sp ace needed to queue the datagrams for output to the next network on th e route to the destination network. 5 Redirect 0 Redirect datagrams for the Netw ork 1 Redirect datagrams for the Host 2[...]

  • Page 249

    Chapter 21 Lo gs NBG420N User’s Guide 249 The following table shows RFC-2408 ISAKMP payload types that the log displays. Please refer to the RFC for detailed information on each type. T able 106 RFC-2408 ISAKMP Payload Types LOG DISPLA Y P A YLOAD TYPE SA Security Association PROP Proposal TRANS T ransform KE Key Exchange ID Identification CER Ce[...]

  • Page 250

    Chapter 21 Logs NBG420N User’s Guide 250[...]

  • Page 251

    NBG420N User’s Guide 251 C HAPTER 22 Tools This chapter shows you how to upload a new firmware, upload or save backup configuration files and restart the NBG420N. 22.1 Firmware Upload Screen Find firmware at www .zyxel.co m in a file that (usually) uses the system model name with a “*.bin” extension, e.g., “NBG420N.bin”. The upload proces[...]

  • Page 252

    Chapter 22 Tools NBG420N User’s Guide 252 Figure 150 Upload W arning The NBG420N automatically restar ts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 151 Network T emporarily Disconnected After two minutes, log in again an d check your new firmware version i[...]

  • Page 253

    Chapter 22 Tools NBG420N User’s Guide 253 Figure 153 Maintenance > T o ols > Configura t ion 22.2.1 Backup Configuration Backup configuration allo ws you to back up (s ave) the NBG420N’ s current configura tion to a file on your computer . Once your NBG4 20N is configured and functionin g properly , it is highly recommended that you back [...]

  • Page 254

    Chapter 22 Tools NBG420N User’s Guide 254 Figure 154 Configuration Restore Su ccessful The NBG420N automatically restar ts in this time causing a temporary network disconnect. In some operating systems, you may see the following icon on your desktop. Figure 155 T emporarily Disconnected If you uploaded the default co nfiguration file you may need[...]

  • Page 255

    Chapter 22 Tools NBG420N User’s Guide 255 Click Maintenance > T ools > Restart . Click Restart to have the NBG420N reb oot. This does not affect the NBG420N's configuration. Figure 157 Maintenance > T o ols > Rest art 22.4 W a ke On LAN W ake On LAN (W oL) allows you to remotely turn on a device on the network. T o use this featu[...]

  • Page 256

    Chapter 22 Tools NBG420N User’s Guide 256[...]

  • Page 257

    NBG420N User’s Guide 257 C HAPTER 23 Configuration Mode Click Maintenance > Config Mode to open the following screen. This screen allows you to hide or display the advanced screens of some features or the advanced feature s, such as MAC filter or static route. Basic is selected by default and you cannot see the advanced screens or features. If[...]

  • Page 258

    Chapter 23 Config uration Mode NBG420N User’s Guide 258 Ta b l e 1 11 Advanced Configur ation Options " In AP Mode many screens will not be available. See Chapter 5 on p age 65 for more information. CATEGORY LINK TA B Network Wireless LAN MAC Filter Advanced QoS Scheduling W AN Advanced LAN IP Alias Advanced DHCP Server Advanced NA T Advance[...]

  • Page 259

    NBG420N User’s Guide 259 C HAPTER 24 Sys Op Mode 24.1 Overview The Sys Op Mode (System Operation Mode) function lets you config ure whether your NBG420N is a router or AP . Y ou can choose between Router Mode and AP Mode depending on your network topology and the features you require from your device. See S ection 1.1 on page 31 for more informat[...]

  • Page 260

    Chapter 24 Sys Op Mod e NBG420N User’s Guide 260 Figure 161 IP Address in AP Mode 24.2 Selecting System Operation Mode Use this screen to select how you connect to the Internet. Figure 162 Maintenance > Sys OP M ode > General If you select Router Mode, the followi ng pop-up message window appears. Figure 163 Maintenance > Sys Op Mode >[...]

  • Page 261

    Chapter 24 Sys Op Mode NBG420N User’s Guide 261 Figure 164 Maintenance > Sys Op Mode > General: AP •I n AP Mode all Ethernet ports have the same IP address. • All ports on the rear panel of th e device are LAN ports, includin g the port labeled W AN. There is no W AN port. • The DHCP server on your devic e is disabled. In AP mode ther[...]

  • Page 262

    Chapter 24 Sys Op Mod e NBG420N User’s Guide 262[...]

  • Page 263

    NBG420N User’s Guide 263 C HAPTER 25 Language Use this sc reen to change the langua ge for the web configurator display . 25.1 Language Screen Click the language you prefer . The web configur ator lang uage changes after a while without restarting the NBG420N. Figure 165 Language[...]

  • Page 264

    Chapter 25 La nguage NBG420N User’s Guide 264[...]

  • Page 265

    NBG420N User’s Guide 265 C HAPTER 26 Troubleshooting This chapter offers some sugg estions to solve problems you might encounter . The potential problems are divided into the following categories. • Power , Hardware Connections, and LEDs • NBG420N Access and Login • Internet Access • Resetting the NBG420N to Its Factory Defaults • W ire[...]

  • Page 266

    Chapter 26 Trou bleshooting NBG420N User’s Guide 266 26.2 NBG420N Access and Login V I don’t know the IP addr ess of my NBG420N. 1 The default IP address is 192.168.1.1 . 2 If you changed the IP addre ss and have forgotten it, you might get the IP address o f the NBG420N by looking up the IP address of the default gateway for your computer . T [...]

  • Page 267

    Chapter 26 Trou bleshooting NBG420N User’s Guide 267 2 Check the hardware connections , and make su re the LEDs are be having as expected. Se e the Quick S tart Guide. 3 Make sure your Internet bro wser does not block pop-up windows and has JavaScripts and Java enabled. See Appendix B on page 279 . 4 Make sure your computer is in the same subn et[...]

  • Page 268

    Chapter 26 Trou bleshooting NBG420N User’s Guide 268 See the troubleshooting suggestions for I cannot see or access the Login screen in the web configurator . Ignore the suggestions about your bro wser . 26.3 Internet Access V I cannot access the Internet. 1 Check the hardware connections , and make su re the LEDs are be having as expected. Se e [...]

  • Page 269

    Chapter 26 Trou bleshooting NBG420N User’s Guide 269 interfering with the wireless network (fo r example, microwaves, other wireless networks, and so on). 3 Reboot the NBG420N. 4 If the problem continues, contact the network administrator or vendor , or try one of the advanced suggestio ns. Advanced Suggestions • Check the settings for ba ndwid[...]

  • Page 270

    Chapter 26 Trou bleshooting NBG420N User’s Guide 270 4 Make sure your computer (with a wireless ad apter installed) is within the transmission range of the NBG420N. 5 Check that both the NBG420N and your wirel ess station are using the same wireless and wireless security settings. 6 Make sure traffic between the WLAN and the LAN is not blocked by[...]

  • Page 271

    271 P ART VI Appendices and Index Product Specifications and W all-Mounting Instructions (273 ) Pop-up W indows, JavaScripts and Java Permissions (279) IP Addresses and Subnetting (285) Setting up Y our Computer ’ s IP Address (293) W ireless LANs (309) Services (321) Legal Information (325) Customer Support (329) Index (335)[...]

  • Page 272

    272[...]

  • Page 273

    NBG420N User’s Guide 273 A PPENDIX A Product S pecifications and W all- Mounting Instructions The following tables summarize the NBG420 N’ s hardware and firmware features. T able 1 13 Hardware Features Dimensions (W x D x H) 1 15 x 16 2 x 33 mm Weight 230g Power S pecification Input: 120~240 AC, 50~60 Hz Output: 12 V DC 1 A Ethernet ports Auto[...]

  • Page 274

    Appendix A Product Specifications and Wall-Mounting Instr u ctions NBG420N User’s Guide 274 T able 1 14 Firmware Features FEATURE DESCRIPTION Default IP Address 192.168.1.1 Default Subnet Mask 255.255.2 55.0 (24 bits) Default Password 1234 DHCP Pool 1 92.168.1.33 to 19 2.168.1.64 Wireless Interface Wireless LAN Default Wireless SSID Wireless LAN:[...]

  • Page 275

    Appendix A Product Specificatio ns and Wall-Mounting Instructio ns NBG420N User’s Guide 275 IPSec VPN This allows you to establish a secure Virtual Private Network (VPN) tunnel to connect with business partners and branch offices using data encryption and the Internet without t he expense of leased site-to-site lines. The NBG420N VPN is based on [...]

  • Page 276

    Appendix A Product Specifications and Wall-Mounting Instr u ctions NBG420N User’s Guide 276 The following list, which is not exhaustive, illustrates the standa rd s supported in the NBG420N. W all-mounting Instructions Do the following to hang your NBG420N on a wall. " See the Figure 167 on page 278 for the size of screws to use and how far [...]

  • Page 277

    Appendix A Product Specificatio ns and Wall-Mounting Instructio ns NBG420N User’s Guide 277 1 Be careful to avoid damaging pipes or cables located in side the wall when drilling holes for the screws. 3 Do not screw the screws all the way into th e wall. Leave a small ga p of about 0.5 cm between the heads of th e screws and the wall. 4 Make sure [...]

  • Page 278

    Appendix A Product Specifications and Wall-Mounting Instr u ctions NBG420N User’s Guide 278 Figure 167 Masonry Plug and M4 T ap Screw[...]

  • Page 279

    NBG420N User’s Guide 279 A PPENDIX B Pop-up Windows, JavaScript s and Java Permissions In order to use the web configurator you need to allow: • W eb browser pop-u p windows from your device. • JavaScripts (enabled by default). • Java permissions (enabled by default). " Internet Explorer 6 screens are used here. Screens for other Inter[...]

  • Page 280

    Appendix B Po p-up Window s, JavaScrip ts and Java Pe rmissions NBG420N User’s Guide 280 2 Clear the Block pop-ups check box in the Pop-up Block e r section of the screen. This disables any web po p-up blockers you may have enabled . Figure 169 Internet Options: Privacy 3 Click Apply to save this setting. Enable pop-up Blockers with Exceptions Al[...]

  • Page 281

    Appendix B Pop-u p Windows, JavaScripts and Java Permissio ns NBG420N User’s Guide 281 Figure 170 Internet Options: Privacy 3 T ype the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.167.1. 4 Click Add to move the IP address to the list of Allowed sites . Fi[...]

  • Page 282

    Appendix B Po p-up Window s, JavaScrip ts and Java Pe rmissions NBG420N User’s Guide 282 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScript s If pages of the web configura tor do not display properly in Internet Explorer , ch eck that JavaScripts are allowed. 1 In Internet Explorer , click T ools , Inter[...]

  • Page 283

    Appendix B Pop-u p Windows, JavaScripts and Java Permissio ns NBG420N User’s Guide 283 Figure 173 Security Settings - Java Scripting Java Permissions 1 From Internet Explorer , click To o l s , Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM . 4 Under Java permissions make sure that a [...]

  • Page 284

    Appendix B Po p-up Window s, JavaScrip ts and Java Pe rmissions NBG420N User’s Guide 284 JA V A (Sun) 1 From Internet Explorer , click To o l s , Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for <applet> under Java (Sun) is sele cted. 3 Click OK to clos e the window . Figure 175 Java (Sun)[...]

  • Page 285

    NBG420N User’s Guide 285 A PPENDIX C IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify ind ividual devices on a network. Every networking device (includin g computers, servers, routers, printe rs, etc.) ne eds an IP address to communicate across the network. These networking devices a re als[...]

  • Page 286

    Appendix C IP Addresses a nd Subnetting NBG420N User’s Guide 286 Figure 176 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to dete rmine which bits are part of th e network number , and which bits are part of the host I[...]

  • Page 287

    Appendix C IP Addresses and Subnetting NBG420N User’s Guide 287 Subnet masks are expressed in dotted decimal no tation just like IP addresses. The follow ing examples show the binary and decimal not ation for 8-bit, 16-bit, 24-bit an d 29-bit subnet masks. Network Size The size of the network number determines the maximum number of possib le host[...]

  • Page 288

    Appendix C IP Addresses a nd Subnetting NBG420N User’s Guide 288 Subnetting Y ou can use subnetting to divide one network into multiple sub-networks. In the following example a network administrator creates two sub-networks to isolate a group of servers from the rest of the c ompany network for security reasons. In this example, the company netwo[...]

  • Page 289

    Appendix C IP Addresses and Subnetting NBG420N User’s Guide 289 Figure 178 Subnetting Example: Af ter Subnetting In a 25-bit subnet the host ID has 7 bits , so each sub-network has a maximum of 2 7 – 2 or 126 possible hosts (a host ID of all zeroes is the subnet’ s address itself, all ones is the subnet’ s broadcast address). 192.168.1.0 wi[...]

  • Page 290

    Appendix C IP Addresses a nd Subnetting NBG420N User’s Guide 290 Example: Eight Subnet s Similarly , use a 27-bit mask to create eight subnets (000, 00 1, 010, 01 1, 100, 101, 1 10 and 111 ) . The following table shows IP address last octet values for each subnet. T able 122 Subnet 2 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BI T VA L U E IP Addre[...]

  • Page 291

    Appendix C IP Addresses and Subnetting NBG420N User’s Guide 291 Subnet Planning The following table is a summary for su bnet planning on a network with a 24-bit network number . The following table is a summary for su bnet planning on a network with a 16-bit network number . 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 225 254 255 [...]

  • Page 292

    Appendix C IP Addresses a nd Subnetting NBG420N User’s Guide 292 Configuring IP Addresses Where you obtain your netwo rk number depends on yo ur particular situation. If the ISP or your network administrator assigns yo u a bloc k of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP di[...]

  • Page 293

    NBG420N User’s Guide 293 A PPENDIX D Setting up Y our Computer ’ s IP Address All computers must have a 10M or 100M Et hernet adapter card and TCP/IP installed. W indows 95/98/Me/NT/2000/XP , Macintosh OS 7 and later operating systems and all versions of UNIX/LINUX include the software components you need to install and use TCP/IP on your compu[...]

  • Page 294

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 294 Figure 179 WIndows 95/98 /Me: Networ k: Configuratio n Inst alling Components The Network window Configuration tab displays a list of installed components. Y ou need a network adapter , the TCP/IP protocol and Client for Microsoft Netwo rks. If you need the adapter: 1 In [...]

  • Page 295

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 295 Configuring 1 In the Network window Configuration tab, select your network adapter's TCP/IP entry and click Properties 2 Click the IP Address tab. • If your IP address is dynamic, select Obtain an IP address automatically . • If you have a static IP address, sele[...]

  • Page 296

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 296 Figure 181 Windows 95/98/Me : TCP/IP Pr operties: DNS Configuration 4 Click the Gateway tab. • If you do not know you r gateway’ s IP addr ess, remove previously installed gateways. • If you have a gateway IP address, type it in the New gateway field and click Add .[...]

  • Page 297

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 297 Figure 182 Windows XP: S tart Menu 2 In the Control Panel , double-click Network Connections ( Network and Dial-up Connections in W indow s 2000/NT). Figure 183 Windows XP: Control Panel 3 Right-click Local Area Connection and then click Pr operties .[...]

  • Page 298

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 298 Figure 184 Windows XP: Control Panel: Network Connections: Pro perties 4 Select Internet Protocol (TCP/IP) (under the Genera l tab in W in XP) and then click Properties . Figure 185 Windows XP: Local Area Conne ction Properties 5 The Internet Protocol TCP/IP Properties wi[...]

  • Page 299

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 299 Figure 186 Windows XP: Internet Protocol (TCP/IP) Propert ies 6 If you do not know your gateway's IP ad dress, remove any previously installed gateways in the IP Settings tab and click OK . Do one or more of the fo llowing if you want to configure additi onal IP addr[...]

  • Page 300

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 300 Figure 187 Windows XP: Advanced TCP/IP Properties 7 In the Internet Protocol TCP/IP Pr operties window (the General tab in W indows XP): • Click Obtain DNS server address automatically if yo u do not know your DNS server IP address(es). • If you know your DNS server I[...]

  • Page 301

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 301 Figure 188 Windows XP: Internet Protocol (TCP/IP) Propert ies 8 Click OK to close the Internet Protocol (TCP/IP) Properties window . 9 Click Close ( OK in W i ndows 2000/NT) to close the Local Area Connecti on Properties window . 10 Close the Network Connections w indow ([...]

  • Page 302

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 302 Figure 189 Macintosh OS 8/9: Apple Menu 2 Select Ethernet built-in from the Connect via list. Figure 190 Macintosh O S 8/9: TC P/IP 3 For dynamically assigned settings, select Using DHCP Server from the Configure: list. 4 For statically assigned settings, do the following[...]

  • Page 303

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 303 •F r o m t h e Configure box, select Manually . • T ype your IP address in the IP Address box. • T ype your subnet mask in the Subnet mask box. • T ype the IP address of your Prestige in the Router address box. 5 Close the TCP/IP Contr ol Panel . 6 Click Save if p[...]

  • Page 304

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 304 Figure 192 Macintosh O S X: Netw ork 4 For statically assigned settings, do the following: •F r o m t h e Configure box, select Manually . • T ype your IP address in the IP Address box. • T ype your subnet mask in the Subnet mask box. • T ype the IP address of you[...]

  • Page 305

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 305 " Make sure you are logged in as the root administrator . Using the K Desktop Environment (KDE) Follow the steps below to configure your computer IP address using the KDE. 1 Click the Red Hat button (located on the bottom left corner), select System Setting and click[...]

  • Page 306

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 306 Figure 194 Red Hat 9.0: KDE: Ethern et Device: General • If you have a dynamic IP address click Automatically obtain IP address settings with and select dhcp from the drop down list. • If you have a static IP address click S tatically set IP Addresses and fill in the [...]

  • Page 307

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 307 Figure 196 Red Hat 9.0: KDE: Network Config uration: Activate 7 After the network card restart proc ess is complete, make sure the St a t u s is Active in the Network Configuration screen. Using Configuration Files Follow the steps below to edit the network co nfiguration[...]

  • Page 308

    Appendix D Setting up Your Computer’s IP Address NBG420N User’s Guide 308 2 If you know your DNS server IP address(es) , enter the DNS server information in the resolv.conf file in the /etc directory . The following figure shows an example where two DNS server IP addresses are specified. Figure 199 Red Hat 9.0: DNS Settin gs in resolv .conf 3 A[...]

  • Page 309

    NBG420N User’s Guide 309 A PPENDIX E W ireless LANs Wireless LAN T opologies This section discusses ad-hoc and in frastructure w ireless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configuration is an inde pendent (Ad-hoc) WLAN that connects a se t of computers with wireless stations (A, B, C). Any time two or more wireles[...]

  • Page 310

    Appendix E Wireless LANs NBG420N User’s Guide 310 Figure 203 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of overlappi ng BSSs, each containing an access point, with each access point connected together by a wired network. This wired connection between APs is called a Distribution System (DS). This type of wireless LAN[...]

  • Page 311

    Appendix E Wir eless LANs NBG420N User’s Guide 31 1 Figure 204 Infrastructure WLAN Channel A channel is the radio frequency(ies) used by IEEE 802.1 1a/b/g wireless devices. Channels available depend on your ge ographical area. Y ou may have a choice of channels (for your region) so you should use a dif ferent channel th an an adjacent AP (access [...]

  • Page 312

    Appendix E Wireless LANs NBG420N User’s Guide 312 Figure 205 RTS/ CT S When station A sends data to the AP , it might no t know that the station B is already using the channel. If these two stations se nd data at the same time, collis ions may occur when both sets of data arrive at the AP at the same time, r esulting in a loss of me ssages for bo[...]

  • Page 313

    Appendix E Wir eless LANs NBG420N User’s Guide 313 If the Fragmentation Threshold value is smaller than the RT S /C T S value (see previously) you set then the R TS (Request T o Send)/CTS (Clear to Send) handshake will never occur as data frames will be fragmen ted before they reach R TS/CTS size. Preamble T ype A preamble is used to synchroni ze[...]

  • Page 314

    Appendix E Wireless LANs NBG420N User’s Guide 314 • User based identification that allows for roaming. • Support for RADIUS (Remote Authentication Dial In User Service, RFC 2138, 2139) for centralized user profile and accounting management on a netw ork RADIUS server . • Support for EAP (Extensible Authentication Protocol, RFC 2486) t hat a[...]

  • Page 315

    Appendix E Wir eless LANs NBG420N User’s Guide 315 In order to ensure network security , the access point and the RADIUS server us e a shared secret key, which is a password, they both know . The key is not sent over the network. In addition to the shared key , pass word information exchanged is also encrypted to protect the network from unauthor[...]

  • Page 316

    Appendix E Wireless LANs NBG420N User’s Guide 316 PEAP (Protected EAP) Like EAP-TTLS, server-side certific ate authentication is used to establish a secure connection, then use simple username and p assword methods through the secured connection to authenticate the clients, thus hiding client identity . However , PEAP only supports EAP methods, s[...]

  • Page 317

    Appendix E Wir eless LANs NBG420N User’s Guide 317 Key differences between WP A(2) and WEP are improved data encryption and user authentication. Encryption Both WP A and WP A2 improve data encryp tion by using T emporal Key Integrity Protocol (TKIP), Message Integrity Check (MIC) and IE EE 802.1x. In addition to TKIP , WP A2 also uses Advanced En[...]

  • Page 318

    Appendix E Wireless LANs NBG420N User’s Guide 318 26.6.2 WP A(2)-PSK Application Example A WP A(2)-PSK applica tion looks as follows. 1 First enter identical passwords into the AP an d all wireless c lients. The Pre-Shared Key (PSK) must co nsist of between 8 and 63 ASCII characters (including spaces and symbols). 2 The AP checks each wireless cl[...]

  • Page 319

    Appendix E Wir eless LANs NBG420N User’s Guide 319 Security Parameters Summary Refer to this table to see what other secur ity parameters you should configure for each Authentication Method/ key management prot ocol type. MAC address filters are not dependent on how you config ure these security features. T able 130 Wireless Security Relational M[...]

  • Page 320

    Appendix E Wireless LANs NBG420N User’s Guide 320[...]

  • Page 321

    NBG420N User’s Guide 321 A PPENDIX F Services The following table l ists some commonly-used se rvices and their associated protocols and port numbers. • Name : This is a short, descrip tive name for the service. Y ou can use this one or create a different one, if you like. • Pro tocol : This is the type of IP protoc ol used by the service. If[...]

  • Page 322

    Appendix F Services NBG420N User’s Guide 322 H.323 TCP 1720 NetMeeting uses this protocol. HTTP TCP 80 Hyper T ext T ransfer Protoco l - a client/ server protocol for the world wide web. HTTPS TCP 443 HTTPS is a secure d http session often used in e-commerce. ICMP User-Defined 1 Internet Control Message Protocol is often used for diagnostic purpo[...]

  • Page 323

    Appendix F Services NBG420N User’s Guide 323 PPTP_TUNNEL (GRE) User-Defined 47 PPTP (Point-to-Point T unnel ing Protocol) enables secure tran sfer of data over public networks. This is the data channel. RCMD TCP 512 Remote Comman d Service. REAL_AUDIO TCP 7070 A streami ng audio service that enables real time sound over the we b. REXEC TCP 514 Re[...]

  • Page 324

    Appendix F Services NBG420N User’s Guide 324 TFTP UDP 69 T r ivial File T r ansfer Protocol is an Interne t file transfer protocol similar to FTP , but uses the UDP (User Datagram Protocol) rather than TCP (Transmission Control Protocol). VDOLIVE TCP UDP 7000 user- defined A videoconferencing solution. The UDP port number is spe cified in the app[...]

  • Page 325

    NBG420N User’s Guide 325 A PPENDIX G Legal Information Copyright Copyright © 2008 by ZyXEL Communications Corporation. The contents of this publication may not be reprod uced in any part or as a whole, transcribed, stored in a retrieval system, tran slated into any language, or transmitted in any form or by any means, el ectronic, mechanical , m[...]

  • Page 326

    Appendix G Legal Information NBG420N User’s Guide 326 If this device does cause harmful inte rference to radio/television reception, which can be determined by turning th e device off and on, the user is enc ouraged to try to correct the interference by one or more of the following measures: 1 Reorient or relocate the receiving antenna. 2 Increas[...]

  • Page 327

    Appendix G Legal Information NBG420N User’s Guide 327 3 Select the certification you wish to view from this page. ZyXEL Limited W arranty ZyXEL warrants to the original en d user (purchaser) that this product is free from any defects in materials or workmansh ip for a period of up to two ye ars from the date of purchase. Du ring the warranty peri[...]

  • Page 328

    Appendix G Legal Information NBG420N User’s Guide 328[...]

  • Page 329

    NBG420N User’s Guide 329 A PPENDIX H Customer Support In the event of problems that cannot be solved by using this manual, you should contact your vendor . If you cannot contact yo ur vendor , then contac t a ZyXEL office for the region in which you bought the dev ice. Regional of fices are listed below (see also http:// www .zyxel.com/web/conta [...]

  • Page 330

    Appendix H Custo mer Support NBG420N User’s Guide 330 • Address: 1005F , ShengGao Internationa l T ower , No.137 XianXia Rd., Shanghai • W eb: http://www .zyxel.cn Cost a Rica • Support E-mail: soporte@zyxel.co.cr • Sales E-mail: sales@zyxel.co.cr • T elephone: +506-2017878 • Fax: +506-2 015098 • W eb: www .zyxel.co.cr • FTP: ftp.[...]

  • Page 331

    Appendix H Customer Support NBG420N User’s Guide 331 Germany • Support E-mail: support@zyxel.de • Sales E-mail: sales@zyxel.de • T elephone: +49-2405-6909-69 • Fax: +49-2405-6909-99 • W eb: www .zyxel.de • Re g ul a r Ma i l: ZyXEL Deut schland GmbH., Adenauerstr . 20/A2 D-52146, W u erselen, Germany Hungary • Support E-mail: suppor[...]

  • Page 332

    Appendix H Custo mer Support NBG420N User’s Guide 332 Malaysia • Support E-mail: support@zyxel.com.my • Sales E-mail: sales@zyxel.com.my • T elephone: +603-8076-9933 • Fax: +603-8076- 9833 • W eb: http://www .zyxel.com.my • Regular Mail: ZyXEL Malaysia Sdn Bhd., 1-02 & 1-03, Jalan Kenari 17F , Bandar Puchong Jaya, 47100 Puchong, S[...]

  • Page 333

    Appendix H Customer Support NBG420N User’s Guide 333 Singapore • Support E-mail: support@zyxel.com.sg • Sales E-mail: sales@zyxel.com.sg • T elephone: +65-6899-6678 • Fax: +65-6899-8887 • W eb: http://www .zyxel.com.sg • Regular Mail: ZyXEL Singapore Pte Ltd., No. 2 International Business Park, The Strategy #03-28, Sin gapore 609930 S[...]

  • Page 334

    Appendix H Custo mer Support NBG420N User’s Guide 334 T urkey • Support E-mail: cso@zyxel.com.tr • T elephone: +90 212 222 55 22 • Fax: +90-212-220-2 526 • W eb: http:www .zyxel.com.tr • Address: Kaptanpasa Mahallesi Piyalep asa Bulvari Ortadogu Plaza N:14/13 K:6 Okmeydani/Sisli Istanbul/T urkey Ukraine • Support E-mail: su pport@ua.z[...]

  • Page 335

    Index NBG420N User’s Guide 335 Index A active protocol 188 AH 188 and encapsulation 189 ESP 188 ActiveX 162 address resolution protocol (ARP) 129 AH 188 and transport mode 189 Alert 234 alternative subnet mask notation 287 any IP note 129 AP 259 AP (Access Point) 31 1 AP Mode 259 menu 68 overview 65 status screen 66 AP network 259 Asymmetrical ro[...]

  • Page 336

    Index NBG420N User’s Guide 336 DNS server see also Domain name system DNS (Domain Name System) 212 DNS Server For VPN Host 190 DNS server 135 Domain name 51 vs host name. see also system name Domain Name System 135 duplex setting 42 , 68 Dynamic DNS 147 Dynamic Host Conf iguration Protocol 133 Dynamic WEP Key Exchange 316 DynDNS Wildcard 147 E EA[...]

  • Page 337

    Index NBG420N User’s Guide 337 SA life time 190 IKE SA. See also VPN. Independent Basi c Service Set 309 Install UPnP 217 Windows Me 217 Windows XP 218 Internet Assigned Nu mbers Authority See IANA Internet connection Ethernet PPPoE. see also P PP over Ethernet PPTP W AN connectio n Internet connection w izard 54 Internet Group Multi cast Protoco[...]

  • Page 338

    Index NBG420N User’s Guide 338 and VPN 187 overview 137 port forwarding 137 see also Network Address T ranslation server sets 137 NA T session 144 NA T Traversal 215 NA T traversal 188 Navigation Panel 42 , 68 navigation panel 42 , 68 NetBIOS 125 , 132 see also Network Basi c Input/Outp ut System 125 Network Address T ranslati on 137 , 139 Networ[...]

  • Page 339

    Index NBG420N User’s Guide 339 Scheduling 107 security associations. See VPN. Security Parameters 319 Service and port numbers 201 Service Set 95 Service Set IDentifica tion 95 Service Set IDentity . See SSID. services and port numb ers 321 and prot ocols 321 Session Initiat ed Protoc ol 201 Simple Mail Transfer Protocol 236 SIP 201 SMTP 236 SNMP[...]

  • Page 340

    Index NBG420N User’s Guide 340 Overview 37 Web configurator navigating 39 web configurator 33 Web Proxy 162 WEP Encryption 97 WEP encryption 96 WEP key 97 Wi-Fi Multimedia QoS 94 Wildcard 147 Windows Networking 132 Wireless association list 47 wireless channel 269 wireless LAN 269 wireless LAN scheduling 10 7 Wireless LAN wizard 51 Wireless netwo[...]