Instruction/ maintenance manual of the product NBG-460N ZyXEL
Go to page of 368
www .zyxel.com www .zyxel.com NBG-460N Wireless N Gigabit Router Copyright © 2009 ZyXEL Communications Corporation Firmware V ersion 3.60 Edition 4, 10/2009 Default Login Details IP Address http://192.
.
About This User's Guide NBG-460N User’s Guide 3 About This User's Guide Intended Audience This manual is intended for people who w ant to configure the NBG-460N using the W eb Configurator . Y ou sh ould have at least a basic knowledge of T CP/IP networking concepts and topology .
About This User's Guide NBG-460N User’s Guide 4 • Date that you received yo ur device. Brief description of the p roblem and the steps y ou took to solv e it.
Document Conventions NBG-460N User’s Guide 5 Document Conventions W arnings and Notes These are how warnings and notes are shown in this User’ s Guide.
Document Conventions NBG-460N User’s Guide 6 Icons Used in Figures Figures in this User’ s Guide ma y use the following generic icons. The NBG-460N icon is not an exact represent ation of your device.
Safety Warnings NBG-460N User’s Guide 7 Safety Warnings • Do NO T use this product near water , for exam ple, in a wet basement or n ear a swimming pool. • Do NO T expose your device to dampness, dust or corrosive liquids. • Do NO T store things on the device.
Safety Warnings NBG-460N User’s Guide 8.
Contents Overview NBG-460N User’s Guide 9 Contents Overview Introduction .......................................... ..................................................... ................... .......... 21 Getting to Know Y our NBG-460N ..............
Contents Overview NBG-460N User’s Guide 10.
Table of Contents NBG-460N User’s Guide 11 Table of Contents About This User's Guide ..................................................... ................................................... .. 3 Document Conventions............................
Table of Contents NBG-460N User’s Guide 12 3.5.3 Summary: Bandwidth Management Monitor .... ................ ................ ................ ....... 39 3.5.4 Summary: DHC P T able . ................ ................ ............. ................ .
Table of Contents NBG-460N User’s Guide 13 5.4.3 Configuring Bandwidth Allo cation by IP or IP Range ............. ................. ................ ... 78 Chapter 6 AP Mode........................................................... ...............
Table of Contents NBG-460N User’s Guide 14 7.12.5 Port Forwarding ....... ................ ................ ............. ................ ................. ................ ..1 19 7.13 Accessing the iPod T ouch Web Configurator ................ ...
Table of Contents NBG-460N User’s Guide 15 10.6 Client List Screen ................ ................ ............. ................. ................ ............. ............ ..... 150 Chapter 1 1 Network Address T ranslation (NA T) ..............
Table of Contents NBG-460N User’s Guide 16 14.3.1 Content Filtering Profile s ... ................ ............. ................ ............. ............. .............. 179 14.4 Filter Screen .. ............. ................ ............. .....
Table of Contents NBG-460N User’s Guide 17 17.1 Overview .......... ................ ............. ................ ................ ............. ................ ............ ......... 221 17.2 What Y ou Can Do ....... ................ ...........
Table of Contents NBG-460N User’s Guide 18 20.1 Overview ........... ................ ............. ................ ................ ............. ................ ............ ......... 249 20.2 What Y ou Can Do ....... ................ ..........
Table of Contents NBG-460N User’s Guide 19 25.1 Language Screen ... ............. ................ ................. ............. ................ ................ ............ .. 289 Chapter 26 T roubleshooting ............... ....................
Table of Contents NBG-460N User’s Guide 20.
21 P ART I Introduction Getting to Know Y our NBG-460N (23) The WPS Button (29) Introducing the W eb Configur ator (31) Connection Wizard (45) AP Mode (81) Tu t o r i a l s ( 6 3 ).
22.
NBG-460N User’s Guide 23 C HAPTER 1 Getting to Know Your NBG-460N 1.1 Overview This chapter introduces the main feat ures and applications of the NBG-460N. The NBG-460N extends the r ange of yo ur existing wired network without additional wiring, pro viding easy network access to mobile users.
Chapter 1 Getting to Know Your NBG-460N NBG-460N User’s Guide 24 • IPTV . Connect a Set - T op Box (STB) to your NBG-460N to w atch Live TV and/or Video On Demand (VOD) on your television screen.
Chapter 1 Getting to Know Your NBG-460N NBG-460N User’s Guide 25 The following figure shows computers in a WLAN connecting to the NBG-460N ( A ), which has a DSL connection to the Internet. The NBG-460N is set to Router Mode and has router features such as a bui lt-in firewall ( B ).
Chapter 1 Getting to Know Your NBG-460N NBG-460N User’s Guide 26 1.3.3 Router vs. AP The following table shows which features are availabl e in Router mode or AP mode . 1.4 W ays to Manage the NBG-460N Use any of the fol lowing meth ods to manage the NBG-460N.
Chapter 1 Getting to Know Your NBG-460N NBG-460N User’s Guide 27 1.5 Good Habit s for Managing the NBG-460N Do the following things regularly t o make the NBG-460N more secure and to manage the NBG-460N more effectively .
Chapter 1 Getting to Know Your NBG-460N NBG-460N User’s Guide 28 WAN Green On The NBG-460N has a successful 10/100MB WAN connection. Blinking The NBG-460N is sending/receiving data. Amber On The NBG-460N has a successful 1000MB Ethernet connection. Blinking The NBG-460N is sending/receiving data.
NBG-460N User’s Guide 29 C HAPTER 2 The WPS Button 2.1 Overview Y our NBG-460N supports WiFi Protected Setup (WPS), which is an easy wa y to set up a secure wireless network.
Chapter 2 The WPS Button NBG-460N User’s Guide 30.
NBG-460N User’s Guide 31 C HAPTER 3 Introducing the Web Configurator 3.1 W eb Configurator Overview This chapter describes how to ac cess the NBG-460N W eb Configurator and provides an ov erview of its screens.
Chapter 3 Introducing the Web Configur ator NBG-460N User’s Guide 32 •I n Router Mode enable the DHCP Server . The NBG-460N assigns y our computer an IP address on the same subnet. •I n AP Mode, the NBG-460N does not assign an IP address to your computer , so you should check it’ s in the same subnet.
Chapter 3 Introducing the Web Configurator NBG-460N User’s Guide 33 • Select a language to go to the basic W eb Configur ator in that l anguage. T o change to the adv anc ed configur ator see Chapter 23 on page 283 . Figure 6 Selecting the set up mode 3.
Chapter 3 Introducing the Web Configur ator NBG-460N User’s Guide 34 3.5 The S t atus Screen in Router Mode Click on Status . The screen below shows the status screen in Router Mode . (For information on the st atus screen in AP Mode see Chapter 6 on page 82 .
Chapter 3 Introducing the Web Configurator NBG-460N User’s Guide 35 The following table describes t he labels shown in the Status screen. Select a number of seconds or None from the drop-down list box to refresh all screen statistics automatically at the en d of every time interval o r to not refresh the screen statistics.
Chapter 3 Introducing the Web Configur ator NBG-460N User’s Guide 36 System R esource - CPU Usage This displays what percentage of the NBG-460N’ s processing ability is currently used. When this percentage is close to 100%, the NBG-460N is running at full load, and the throughput is not going to improve anymore.
Chapter 3 Introducing the Web Configurator NBG-460N User’s Guide 37 3.5.1 Navigation Panel Use the sub-menus on the navi gation panel to configure NBG-460N features.
Chapter 3 Introducing the Web Configur ator NBG-460N User’s Guide 38 NA T General Use this screen to enable NA T . Application Use this screen to configure servers behind the NBG- 460N. Advance d Use this screen to change your NBG-460N’ s port triggering settings.
Chapter 3 Introducing the Web Configurator NBG-460N User’s Guide 39 3.5.2 Summary: Any IP T able This screen displays t he IP address of each computer that is using the NBG-460N via the any IP feature. Any IP all ows comp uters to access the Internet through the NBG-460N without changing their networ k settings when NA T is enabled.
Chapter 3 Introducing the Web Configur ator NBG-460N User’s Guide 40 bar represents the percentage of unused bandwidth and the blue color repres ents the percentage of bandwidth in use.
Chapter 3 Introducing the Web Configurator NBG-460N User’s Guide 41 3.5.5 Summary: Packet S t atistics Click the Packet Statistics (Details...) hyperlink in the Status screen. Read- only information here includes port status, packet specific statisti cs and the "system up time".
Chapter 3 Introducing the Web Configur ator NBG-460N User’s Guide 42 3.5.6 Summary: VPN Monitor Click the VPN Monitor (Details...) hyperlink in the Status screen. This screen displays read-only information about th e active VPN connec tions. Click the Refresh button to update the screen.
Chapter 3 Introducing the Web Configurator NBG-460N User’s Guide 43 3.5.7 Summary: Wireless S t ation S t atus Click the WLAN Station Status (Details...) hy p er lin k in th e Status screen. View the wireless stations that are currently associated to the NBG-460N in the Association List .
Chapter 3 Introducing the Web Configur ator NBG-460N User’s Guide 44.
NBG-460N User’s Guide 45 C HAPTER 4 Connection Wizard 4.1 Wizard Setup This chapter provides information on the wizard setup screens in the W eb Configurator . The W eb Configur ator’ s wizard setup helps you configure your device to access the Internet.
Chapter 4 Conn ection Wizard NBG-460N User’s Guide 46 2 Choose a language by clicking on the lang uage’ s button. The screen will update. Click the Next button to proceed to the next screen. Figure 15 Select a Language 3 Read the on-screen information and click Next .
Chapter 4 Connection Wizar d NBG-460N User’s Guide 47 • In Windows XP , cl ick Start , My Computer , View system information and then clic k the Computer Name tab. Note the entry in t he Full computer name field and enter it as the NBG-460N System Name .
Chapter 4 Conn ection Wizard NBG-460N User’s Guide 48 4.3 Connection Wizard: STEP 2: W ireless LAN Set up your wireless LAN using the following sc reen. Figure 18 Wizard S tep 2: Wireless LAN The following table describes t he labels in this screen.
Chapter 4 Connection Wizar d NBG-460N User’s Guide 49 Note: The wireless st ations and NBG-460N must use the same SSID, channel ID and WEP encryption (if WEP is enabled), WP A-PSK (if WP A-PSK is enabled) or WP A2-PSK (if WP A2-PSK is enabled) keys for wireless communication.
Chapter 4 Conn ection Wizard NBG-460N User’s Guide 50 The following table describes t he labels in this screen. 4.3.2 Extend (WP A-PSK or WP A2-PSK) Security Choose Extend (WPA-PSK) or Extend (WPA2-PSK) security in the W ireless LAN setup screen to set up a Pre-Shared Key .
Chapter 4 Connection Wizar d NBG-460N User’s Guide 51 The following table describes t he labels in this screen. 4.4 Connection Wizard: STEP 3: Internet Configuration The NBG-460N offers three Internet connect ion types. They are Ethernet , PPP over Ethernet or PPTP .
Chapter 4 Conn ection Wizard NBG-460N User’s Guide 52 The following table describes t he labels in this screen, 4.4.1 Ethernet Connection Choose Ethernet when the WAN port is used as a regular Ethernet. Continue to Section 4.4.4 on page 55 . Figure 22 Wizard S tep 3: Ethernet Connection 4.
Chapter 4 Connection Wizar d NBG-460N User’s Guide 53 By implementing PPP oE di rectly on the NBG-460N (r ather than individual computers), the computers on the LAN do not need PPPoE sof tware installed, since the NBG-460N does that part of the task.
Chapter 4 Conn ection Wizard NBG-460N User’s Guide 54 Note: The NBG-460N support s one PPTP server conne ction at any given time. Figure 24 Wizard S tep 3: PPTP Connect ion The following table descr.
Chapter 4 Connection Wizar d NBG-460N User’s Guide 55 4.4.4 Y our IP Address The following wizard screen allows y ou to assign a fixed IP add ress or give the NBG-460N an automatically assigned IP address depending on your ISP . Figure 25 Wizard S tep 3: Y our IP Address The following table descri bes the labels in this screen 4.
Chapter 4 Conn ection Wizard NBG-460N User’s Guide 56 Internet Assigned Numbers Authority (I ANA) has reserv ed the following three blocks of IP addresses specifically for private networks. Y ou can obtain your IP address from the IA NA, fr om an I SP or ha ve it as si g ne d b y a priv ate network.
Chapter 4 Connection Wizar d NBG-460N User’s Guide 57 4.4.7 DNS Server Address Assignment Use DNS (Domain Name S ystem) to map a domain name to i ts corresponding IP address and vice v ersa, for instance, the IP address of www .zyxel.com is 204.217.
Chapter 4 Conn ection Wizard NBG-460N User’s Guide 58 The following table descri bes the labels in this screen 4.4.9 W AN MAC Address Every Ethernet dev ice has a unique MAC (Media Access Cont rol) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02.
Chapter 4 Connection Wizar d NBG-460N User’s Guide 59 advisable to clone the MAC address from a computer on y our LAN even if your ISP does not presently require MAC address authentication. Figure 27 Wizard S tep 3: W AN MAC Address The following table describes t he fields in this screen.
Chapter 4 Conn ection Wizard NBG-460N User’s Guide 60 the bandwidth according to the traffic t ype. This helps keep one servi ce from using all of the av ailable bandwidth and shutting out other us ers. Figure 28 Wizard S tep 4: Bandwidth Management The following fields describ e the label in this screen.
Chapter 4 Connection Wizar d NBG-460N User’s Guide 61 Follow the on-screen inst ructions and cl ick Finish to comple te the w izard set up. Figure 30 Connection Wizard Complete W ell done! Y ou have successfully set up your NBG-460N to oper ate on your network and access the Internet.
Chapter 4 Conn ection Wizard NBG-460N User’s Guide 62.
NBG-460N User’s Guide 63 C HAPTER 5 Tutorials 5.1 Overview This chapter provides tutorials for your NBG-460N as follows: • How to Connect to the Internet from an AP • Site- T o-Site VPN T unnel T utorial • Bandwidth Management for your Network 5.
Chapter 5 Tutorials NBG-460N User’s Guide 64 • Push Button Con figuration - create a secure wireless network simply by pressing a button. See Section 5.
Chapter 5 Tutorials NBG-460N User’s Guide 65 The following figure shows you an ex ample to set up wireless network and security by pressing a b utton on both NBG-460N and wireless client (the NWD210N in this exa mple). Figure 32 Example WPS Process: Push Button Configura tion Method 5.
Chapter 5 Tutorials NBG-460N User’s Guide 66 The following figure shows y ou the example to set up wireless network and security on NBG-460N and wireless client (ex.
Chapter 5 Tutorials NBG-460N User’s Guide 67 5.2.2 Enable and Configure Wireless Security without WPS on your NBG-460N This example shows you how to configure wireless security settings with the following parameters on y our NBG-460N. Fol low the steps below to configure the wireless set tings on your NBG-460N.
Chapter 5 Tutorials NBG-460N User’s Guide 68 5 Open the Status s creen. V erify y our wireless and wireless s ecurity settings under Device Information and check if the WLAN connection is up under Interface Status . Figure 35 T utorial: S tatus: AP Mode 5.
Chapter 5 Tutorials NBG-460N User’s Guide 69 4 Select SSID_Example3 and click Connect . Figure 36 Connecting a Wireless Client to a Wireless Network 5 Select WP A-PSK and type the securit y key in the following screen. Click Next . Figure 37 Security Settings 6 The Confirm Sav e window appears.
Chapter 5 Tutorials NBG-460N User’s Guide 70 7 Check the status of your wireless connection in the screen below . If your wireless connection is weak or you have no conn ection, see the T roubleshooting section of this User’s Guide. Figure 39 Link S tatus 8 If your connection is successful, open your Internet browser and enter http:// www .
Chapter 5 Tutorials NBG-460N User’s Guide 71 5.3.1 Configuring Bob’ s NBG-460N VPN Settings T o configure these settings Bob uses t he NBG-460N W eb Configur ator . 1 Log into the NBG-460N W eb Configurator and click VPN > Modify ic on. This displays the VPN Rule Setup (basic) sc reen.
Chapter 5 Tutorials NBG-460N User’s Guide 72 3 Enter the IP address “192.168.1. 35” in the Local Address te x t b o x . T h i s i s t h e I P address of Bob’ s computer . Enter the IP address “1 92.168.1.35” in the Local Address End/Mask text box.
Chapter 5 Tutorials NBG-460N User’s Guide 73 11 Select 3DES as the encyption algorithm. Select the authenticati on algorithm as SHA1 . These algorithms are more secure. Figure 45 T utorial: IPSec Algorithm 12 Click Apply to save the new rule and click VPN to return to the VPN Summary screen.
Chapter 5 Tutorials NBG-460N User’s Guide 74 3 Enter the IP address “10.0.0.7” in the Local Address text bo x. This is the IP address of Jack’ s computer . Enter the IP address “10.0.0.7” in the Local Address End/Mask text bo x. This v alue is the same as Jack only wants Bob to access this single IP address.
Chapter 5 Tutorials NBG-460N User’s Guide 75 11 Select 3DES as the encyption algorithm. Select the authenticati on algorithm as SHA1 . These algorithms are more secure. Figure 51 T utorial: IPSec Algorithm 12 Click Apply to save the new rule and click VPN in the W eb Configur ator menu to return to the VPN Summary screen.
Chapter 5 Tutorials NBG-460N User’s Guide 76 Pinging is successful which means a VPN tunnel has been established between Bob and Jack’ s NBG-460Ns. Congr atulations! T o check this VPN connection c lick VPN > SA Monitor in the W eb Configur ator .
Chapter 5 Tutorials NBG-460N User’s Guide 77 In the following screen, you set the priorities for V oIP and e-mail. Figure 55 T utorial: Priority Queue Click Enable for the V oIP (SIP) serv ice and set priority to High . Do the same for E-mail. F or the rest of the applications, click Enable if you need these services and set the priority to Low .
Chapter 5 Tutorials NBG-460N User’s Guide 78 T o add the MSN Messenger service in the Priority Queue : 1 Click Enable in one of the fields for addi tional services. 2 Add MSN as the service name. 3 Set the priority for this to High . 4 For the port, choose TCP from the drop-down menu and enter 1863 in the Specific Port field.
Chapter 5 Tutorials NBG-460N User’s Guide 79 Enter the following v alues for each service y ou want to add. For this tutorial, you need to add each of the following service (see table below) and click Apply . After adding these services, go to Management > Bandwidth MGMT > Advanced and check if you hav e the correct values.
Chapter 5 Tutorials NBG-460N User’s Guide 80.
NBG-460N User’s Guide 81 C HAPTER 6 AP Mode 6.1 Overview This chapter discusses how to configure setti ngs while your NBG-460N is set to AP Mode . Many screens that are av ailable in Router Mode are not av ailable in AP Mode . Note: See Chapter 5 on page 63 fo r an example of setting up a wireless network in AP mode.
Chapter 6 AP Mode NBG-460N User’s Guide 82 2 T o set your NBG-460N to AP Mode , go to Maintenance > S ys OP Mode > General and select Access Point. Figure 60 Maintenance > Sys OP Mode > General 3 A pop-up appears providing information on this mode.
Chapter 6 AP Mode NBG-460N User’s Guide 83 The following table describes t he labels shown in the Status screen. T able 25 Web Configurator Sta tus Screen LABEL DESCRIPTION Device Information System Name This is the System Name you enter in th e Maintenance > System > General screen.
Chapter 6 AP Mode NBG-460N User’s Guide 84 6.3.1 Navigation Panel Use the menu in the navigation pane l to configure NBG-460N features in AP Mode . The following screen and tabl e show the features you can configure in AP Mode . Figure 62 Menu: AP Mode Interface Status Interface This displays the NBG-460N port types.
Chapter 6 AP Mode NBG-460N User’s Guide 85 The following table describes t he sub-menus. T able 26 Screens Su mmary LINK TA B FUNCTION Status This screen shows the NBG-460N’ s general device, system and interface status information. Use this screen to access the wizard, and summary statistics tables.
Chapter 6 AP Mode NBG-460N User’s Guide 86 6.4 Configuring Y our Settings Use this section to configure your NBG-460N settings while in AP Mode . 6.4.1 LAN Settings Use this section to configure your LAN settings while in AP Mode . Click Networ k > LAN to see the screen below .
Chapter 6 AP Mode NBG-460N User’s Guide 87 The following table describes t he labels in this screen. The table below describes the labels in the screen. 6.4.2 WLAN and Maintenance Settings The configurati on of wireless and maintenance settings in AP Mode is the same as for Router Mode .
Chapter 6 AP Mode NBG-460N User’s Guide 88 • See Maintenance and T roubleshooting (247) for information on the configuring your Maintenance settings. 6.5 Logging in to the W eb Configurator in AP Mode 1 Connect your computer to the LAN port of the NBG-460N.
89 P ART II Network Wireless LAN (91) WAN (123) LAN (139) DHCP (147) Network Address T r anslation (NA T) (153) Dynamic DNS (163).
90.
NBG-460N User’s Guide 91 C HAPTER 7 Wireless LAN 7.1 Overview This chapter discusses how to configure th e wireles s network settings in your NBG-460N. See the appendices for more detailed information about wireless networks. The following figure provides an example of a wireless network.
Chapter 7 Wireless LAN NBG-460N User’s Guide 92 7.2 What Y ou Can Do •U s e t h e General screen ( Section 7.4 on page 95 ) to enable the Wireless LAN, enter the S SID and select the wireless security mode. •U s e t h e MAC Filter screen ( Section 7.
Chapter 7 Wireless LAN NBG-460N User’s Guide 93 In addition, you should change the default SSID to something th at is difficu lt to guess. This type of sec urity is fairly weak, howev er , because there are ways for unauthorized devices to g et the SSID.
Chapter 7 Wireless LAN NBG-460N User’s Guide 94 Local user databases also hav e an addition al l imitation that is explained i n the next section. 7.3.1.4 Encryption Wireless networks can us e encryption to protect th e information that is sent in t he wireless network.
Chapter 7 Wireless LAN NBG-460N User’s Guide 95 Many types of encrypti on use a key to prot ect the i nformatio n in the w ireless network. The longer the key , the stronger the encryption. Ev ery wireles s client in the wireless network must have the same key .
Chapter 7 Wireless LAN NBG-460N User’s Guide 96 See the rest of this chapter for informat ion on the other labels in this screen. 7.4.1 No Security Select No Security to allow wireless stations to communicate with the access points without any data encrypti on.
Chapter 7 Wireless LAN NBG-460N User’s Guide 97 Note: If you do not enable an y wireless security on your NBG-460 N, your network is accessible to any wireless networ king de vice that is within range. Figure 66 Network > Wireless LAN > General: No Security The following table describes t he labels in this screen.
Chapter 7 Wireless LAN NBG-460N User’s Guide 98 In order to configure and enable WEP encryption, click Network > Wireless LAN to display the General screen.
Chapter 7 Wireless LAN NBG-460N User’s Guide 99 Authenticatio n Method There are two types of WEP authentication namely , Open System and Shared K ey . Open system is implemented for ease-o f-use and when security is not an issue. The wireless station and the AP or peer computer do not share a secret key .
Chapter 7 Wireless LAN NBG-460N User’s Guide 100 7.4.3 WP A-PSK/WP A2-PSK Click Networ k > Wireless LAN to display the General screen. Select WPA-PSK or WPA2-PSK from the Security Mode list. Figure 68 Network > Wireless LAN > General: WP A-PSK/WP A2-PSK The following table describes t he labels in this screen.
Chapter 7 Wireless LAN NBG-460N User’s Guide 101 7.4.4 WP A/WP A2 Click Netw ork > Wireless LAN to display the General screen. Select WPA or WPA2 from the Security Mode list.
Chapter 7 Wireless LAN NBG-460N User’s Guide 102 The following table describes t he labels in this screen. T able 33 Network > Wireless LAN > General: WPA/WPA2 LABEL DESCRIPTION WP A Compatible This check box is av ailable only when you select WPA2-PSK or WPA2 in the Security Mode field.
Chapter 7 Wireless LAN NBG-460N User’s Guide 103 7.5 MAC Filter Screen The MAC filter screen allows you to co nfigure the NBG-460N to giv e exclusiv e access to up to 32 devi ces (Allow) or ex clude up to 32 devices from accessing the NBG-460N (Deny).
Chapter 7 Wireless LAN NBG-460N User’s Guide 104 T o change your NBG-460N’ s MAC fil ter settings, click Network > Wireless LAN > MAC Filter . The screen appears as shown. Figure 70 Network > Wireless LAN > MAC Filter The following table describes t he labels in this menu.
Chapter 7 Wireless LAN NBG-460N User’s Guide 105 7.6 Wireless LAN Advanced Screen Click Netw ork > Wireless LAN > Advanced . The screen appears as shown. Figure 71 Network > Wireless LAN > Advanced The following table describes t he labels in this screen.
Chapter 7 Wireless LAN NBG-460N User’s Guide 106 Click Netw ork > Wireless LAN > QoS . The following screen appears. Figure 72 Network > Wireless LAN > QoS The following table describes t he labels in this screen.
Chapter 7 Wireless LAN NBG-460N User’s Guide 107 7.7.1 Application Priority Configuration Use this screen to edit a WMM QoS applic ation entry . Click the edit icon under Modify .
Chapter 7 Wireless LAN NBG-460N User’s Guide 108 Service The following is a description of the applications you can prioritize with WMM QoS. Select a service from the drop-down list box. • E-Mail Electronic mail consists of messages sent through a computer network to specific groups or individuals.
Chapter 7 Wireless LAN NBG-460N User’s Guide 109 7.8 WPS Screen Use this screen to enable/disable WPS, view or generate a new PIN number and check current WPS status. T o open this screen, click Network > Wireless LAN > WPS tab. Figure 74 Network > Wireless LAN > WPS The following table describes t he labels in this screen.
Chapter 7 Wireless LAN NBG-460N User’s Guide 11 0 7.9 WPS S t ation Screen Use this screen when y ou want to add a wireless station using WPS . T o open this screen, click Network > Wireless LAN > WPS Station tab .
Chapter 7 Wireless LAN NBG-460N User’s Guide 111 on or off on certain days and at cert ain times. T o open this screen, click Net work > Wireless LAN > Scheduling tab. Figure 76 Network > Wireless LAN > Scheduling The following table describes t he labels in this screen.
Chapter 7 Wireless LAN NBG-460N User’s Guide 11 2 7.1 1 T echnical Reference The following section contains additional technical information about the NBG- 460N features described in this chapter . 7.1 1.1 Roaming A wireless station is a device with an IEEE 802.
Chapter 7 Wireless LAN NBG-460N User’s Guide 11 3 with other APs (Non- Z yXEL APs may no t be able t o perform this). 802.1x authentication information is not ex changed (at the time of writing). Figure 77 Roaming Example The steps below des cribe the roaming process.
Chapter 7 Wireless LAN NBG-460N User’s Guide 11 4 4 All access points must use t he same port number to relay roami ng information. 5 The access points must be connected t o the Ethernet and be able to get IP addresses from a DHCP server i f us ing dynamic IP address assignment.
Chapter 7 Wireless LAN NBG-460N User’s Guide 11 5 7.12 WiFi Protected Setup WiFi Protected Setup (WPS) is an industry standard specification, defined by the WiFi Alliance. WPS allo ws you to quickl y set up a wireless network with strong security , without having to configure secu rity settings manually .
Chapter 7 Wireless LAN NBG-460N User’s Guide 11 6 7.12.2 Login Screen After accessing the NBG-460N’ s IP addre ss in the iP od T ouch web browser the screen below will display . Note: Y ou cannot change your password in the iPod T ouch Web Configurator .
Chapter 7 Wireless LAN NBG-460N User’s Guide 11 7 If WPS has no t been config ured previo usly the iPod T ou ch will lose it ’s wireless connection to the NBG-460N after the NB G-460N has connected to another device using WPS through the iPod T ou ch W eb Configur ator .
Chapter 7 Wireless LAN NBG-460N User’s Guide 11 8 IP Address This field displays the NBG-460N’s W AN IP address. If this field displays “ - ” it means the W AN is not connected. T ry pressing Reconnect if your W AN connection is not working. R econnect Press Reconnect to renew your NBG-460N’ s W AN connection.
Chapter 7 Wireless LAN NBG-460N User’s Guide 11 9 7.12.4 WPS in Progress After pressing Push Button in the System Status screen t he WPS in Progress screen will display . It can take around two minutes for a succ essful WPS connection t o be made. The System Status screen will display af ter a connect ion has been made or if it has failed.
Chapter 7 Wireless LAN NBG-460N User’s Guide 120 Note: T o see any changes on the System St atus screen you will need to refresh the page first. Use the browser ’s refres h function. See the iPod T ouch’s documentation if you cannot find it. Figure 81 Port Forwarding The following table describes t he labels in this screen.
Chapter 7 Wireless LAN NBG-460N User’s Guide 121 7.13 Accessing th e iPod T ouch Web Configurator T o access the iP od T ouch W eb Conf igurator t hrough your iP od T ouch you must first connect it to the NBG-460N’ s wireless network. F ollow the steps below to do this.
Chapter 7 Wireless LAN NBG-460N User’s Guide 122 3 The login screen should displa y . Figure 82 Login Screen If the login screen does not display properly , check t hat you are accessing the correct IP address. Also ch eck your iPod T ouch web brow ser ’s security settings as they may affect how the p age displays.
NBG-460N User’s Guide 123 C HAPTER 8 WAN 8.1 Overview This chapter discusses the NBG-460N’ s WAN screens. Use these screens to configure your NBG-460N for Internet access. A WAN (Wide Area Network) connection is an outside connection to another network or the Int ernet.
Chapter 8 WAN NBG-460N User’s Guide 124 8.3 What Y ou Need T o Know The info rmation in this sec tion ca n help you configure the screens for your WAN connection, as well as enable/disable so me advanced features of your NBG-460N.
Chapter 8 WAN NBG-460N User’s Guide 125 W AN MAC Address The MAC address screen allows users to configure the W AN port's MAC address by either using the factory default or clon ing the MAC address from a computer on your LAN. Choose Factory Default to select the factory a ssigned defau lt MAC Address.
Chapter 8 WAN NBG-460N User’s Guide 126 8.3.3 IPTV STB Port Internet Protocol T elevision (IPTV) is a service with which you can subscrib e in order to watch video content hosted on serv ers ov er the Internet in your television at home. An IPTV subscription gives you access to streaming medi a, such as Live TV or Video on Demand (VOD).
.
Chapter 8 WAN NBG-460N User’s Guide 128 Go to Section 8.5 on page 136 to view the screen where you can assign the IPTV STB port. Note: Follow the instructions in the User’s Guide of your STB for hardware connections and setup configura tions. 8.3.
Chapter 8 WAN NBG-460N User’s Guide 129 • The device must be in Router Mode (see Chapter 24 on page 285 for more information) for auto-bridgi ng to become active. 8.4 Internet Connection Use this screen to change y our NBG- 460N’ s Internet access set tings.
Chapter 8 WAN NBG-460N User’s Guide 130 The following table describes t he labels in this screen. T able 45 Network > W AN > Intern et Connection: Ethernet Encapsulation LABEL DESCRIPTION Encapsulation Choose the Ethernet option when the W AN port is used as a regular Etherne t.
Chapter 8 WAN NBG-460N User’s Guide 131 8.4.2 PPPoE Encap sulation The NBG-460N supports PPP oE (P oint- to-Po int Protocol o ver Ethernet). PPPoE is an IETF standard (RFC 2516) specif ying how a personal computer (PC) inter acts with a broadband modem (DSL, cabl e, wireless, etc.
Chapter 8 WAN NBG-460N User’s Guide 132 This screen displays when y ou select PPPoE encapsulat ion. Figure 90 Network > W AN > Internet Connection: PPPoE Encapsulation The following table describes t he labels in this screen.
Chapter 8 WAN NBG-460N User’s Guide 133 R etype to Confirm T ype your password again to make sure that you ha ve entered is correctly . Nailed-Up Connection Select Nailed-Up Connection if y ou do not want the connection to time out.
Chapter 8 WAN NBG-460N User’s Guide 134 8.4.3 PPTP Encap sulation P oint-to-P oint T unn eling Prot ocol (PPTP) is a network p r otocol that enables secure transfer of data from a remote client to a private server , creating a Virtual Private Network (VPN) using T CP/IP-based network s.
Chapter 8 WAN NBG-460N User’s Guide 135 The following table describes t he labels in this screen. T able 47 Network > W AN > Intern et Connection: PPTP Encapsulation LABEL DESCRIPTION ISP Par .
Chapter 8 WAN NBG-460N User’s Guide 136 8.5 Advanced W AN Screen Use this screen to enable Multicast , assign an IPTV Port , allow Windows Networking and enable Auto-bridge . Note: The four categorie s shown in this screen are independent of each other .
Chapter 8 WAN NBG-460N User’s Guide 137 T o change your NBG-460N’s advanced W AN settings, click Netw ork > WAN > Advanced . The screen appears as shown. Figure 92 Network > W AN > Advanced The following table describes t he labels in this screen.
Chapter 8 WAN NBG-460N User’s Guide 138 8.6 T echnical Reference The following section contains additional technical information about the NBG- 460N features described in this chapter . 8.6.1 IGMP IGMP version 2 (RFC 2236) is an improvement o ver version 1 (RFC 1112) but IGMP version 1 is sti ll in wide use.
NBG-460N User’s Guide 139 C HAPTER 9 LAN 9.1 Overview This chapter describes how to configure LAN setti ngs. A Local Area Network (LAN) is a shared communicat ion system to which many computers are attached. A LAN is a computer network limited to the immediate area, usually the same building or floor of a building.
Chapter 9 LAN NBG-460N User’s Guide 140 9.3 What Y ou Need T o Know The LAN parameters of the NBG-460N are preset in the factory with the following val u e s : • IP address of 192.168.1.1 with subnet mas k of 255.255.255.0 (24 bits) • DHCP server enabled with 32 cli ent IP addresses starting from 192.
Chapter 9 LAN NBG-460N User’s Guide 141 The following table describes t he labels in this screen. 9.5 LAN IP Alias IP alias al lows you to part ition a physic al network into differe nt logical networks over the same Ethernet interface.
Chapter 9 LAN NBG-460N User’s Guide 142 The following table describes t he labels in this screen. 9.6 Advanced LAN Screen T o change your NBG-460N’s advanced IP settings , click Netw ork > LAN > Advanced . The screen appears as shown. Figure 96 Network > LAN > Advanced The following table describes t he labels in this screen.
Chapter 9 LAN NBG-460N User’s Guide 143 9.7 T echnical Reference The following section contains additional technical information about the NBG- 460N features described in this chapter . Ref e r t o Section 8.3.2 on page 125 for information on Multicast.
Chapter 9 LAN NBG-460N User’s Guide 144 9.7.2 Any IP T raditionally , you must set the IP addre sses and the subnet masks of a computer and the NBG-460N to be in the same subnet to allow the computer to access the Internet (through the NBG-460N).
Chapter 9 LAN NBG-460N User’s Guide 145 Address Resolution Protocol (ARP) is a pr otocol for mapping an Internet Protocol address (IP address) to a physi cal machine address, also known as a Media Access Control or MAC address, on the local area network.
Chapter 9 LAN NBG-460N User’s Guide 146.
NBG-460N User’s Guide 147 C HAPTER 10 DHCP 10.1 Overview DHCP (Dynamic Host Configur ation Protocol , RFC 2131 and RFC 2132) allows individual clients to obtai n TCP/IP config uration at start -up from a server . Y ou can configure the NBG-460N’ s LAN as a DHCP serv er or disable it.
Chapter 10 DHCP NBG-460N User’s Guide 148 10.4 DHCP General Screen Use this screen to enable the DHCP server . Click Network > DHCP . The following screen displays. Figure 99 Network > DHCP > General The following table describes t he labels in this screen.
Chapter 10 DHCP NBG-460N User’s Guide 149 T o change your NBG-460N’s static DHCP settings, click Networ k > DHCP > Advanced . The following screen displays. Figure 100 Network > DHCP > Advanced The following table describes t he labels in this screen.
Chapter 10 DHCP NBG-460N User’s Guide 150 10.6 Client List Screen The DHCP table shows current DHCP client information (including IP Address , Host Name and MAC Address ) of network clients us ing the NBG-460N’ s DHCP servers. Configure this screen to always assig n an IP address to a MAC address (and host name).
Chapter 10 DHCP NBG-460N User’s Guide 151 The following screen displays. Figure 101 Network > DHCP > Client List The following table describes t he labels in this screen. T able 54 Network > DHCP > Client List LABEL DESCRIPTION # This is the index number of the host computer .
Chapter 10 DHCP NBG-460N User’s Guide 152.
NBG-460N User’s Guide 153 C HAPTER 11 Network Address Translation (NAT) 1 1.1 Overview This chapter discusses how to configure NA T on the NBG-460N. NA T (Network Address T r anslation - NA T , RFC 1631) is the tr anslation of the IP address of a host in a packet.
Chapter 11 Network Addr ess Translation (NAT) NBG-460N User’s Guide 154 Note: Y ou must create a firewall rule in addition to sett ing up NA T , to allow traffic from the W AN to be forwarded thro ugh the NBG-460N. 1 1.2 What Y ou Can Do •U s e t h e General screen ( Section 11.
Chapter 11 N etwork A ddress Trans lation (NAT) NBG-460N User’s Guide 155 1 1.4 NA T Application Screen Port forwarding allows you to define the local servers to which the incoming services will be forwarded .
Chapter 11 Network Addr ess Translation (NAT) NBG-460N User’s Guide 156 T o change your NBG-460N’s port forwarding settings, click Network > NAT > Application .
Chapter 11 N etwork A ddress Trans lation (NAT) NBG-460N User’s Guide 157 Service Name T ype a name (of up to 31 prin table characters) to identify this rule in the first field next to Service Name . Othe rwise, select a predefined service in the second field next to Service Name .
Chapter 11 Network Addr ess Translation (NAT) NBG-460N User’s Guide 158 1 1.4.1 Game List Example Here is an example game li st text fi le. The ind ex number , service name and associated port(s) are speci fied by se mi-colons (no spaces). Use the name=xxx (where xxx is the service name) to crea te a new service.
Chapter 11 N etwork A ddress Trans lation (NAT) NBG-460N User’s Guide 159 addresses and the ISP assigns the WAN IP address. The NA T network appears as a single host on the In ternet.
Chapter 11 Network Addr ess Translation (NAT) NBG-460N User’s Guide 160 Note: Only one LAN computer can use a trigger port (range) at a time. Figure 107 Network > NA T > Advanced The following table describes t he labels in this screen.
Chapter 11 N etwork A ddress Trans lation (NAT) NBG-460N User’s Guide 161 1 1.5.1 T rigger Port Forwarding Example The following is an example of t rigger port forwarding. Figure 108 T rigger Port Forwarding Process: Example 1 Jane requests a file from the R eal Audio server ( port 7070).
Chapter 11 Network Addr ess Translation (NAT) NBG-460N User’s Guide 162 5 Only Jane can co nnect to the R eal Audio se rver until the connec tion is closed or times out. The NBG-460N times out in th ree minutes with UDP (User Datagr am Protocol), or two hours with TCP/IP (T r a nsfer Control Protocol/Internet Protocol).
NBG-460N User’s Guide 163 C HAPTER 12 Dynamic DNS 12.1 Overview Dynamic DNS (DDNS) services let you use a domain name with a dynamic IP address. 12.2 What Y ou Can Do Use the Dynamic DNS screen ( Section 12.4 on page 164 ) to enable DDNS and configure the DDNS settings on the NBG-460N.
Chapter 12 Dynam ic DNS NBG-460N User’s Guide 164 Note: If you have a private W AN IP address, then you cannot use Dynamic DNS. Y ou must have a public W AN IP address. 12.4 Dynamic DNS Screen Use this screen to enable DDNS and c o nfigure the DDNS sett ings on the NBG- 460N.
Chapter 12 Dynami c DNS NBG-460N User’s Guide 165 To k e n Enter your client authorization k ey provided by the server to update DynDNS records. This field is configurable only when yo u select WWW.REGFISH.COM in the Service Provider field. Enable Wildcard Optio n Select the check box to enable DynDNS Wildcard.
Chapter 12 Dynam ic DNS NBG-460N User’s Guide 166.
167 P ART III Security Firewall (169) Content Filtering (179) IPSec VPN (185).
168.
NBG-460N User’s Guide 169 C HAPTER 13 Firewall 13.1 Overview Use the screens in this chapter to enable and configure the firewall that protects your NBG-460N and your LAN from unwanted or malicious tr affic. Enable the firew all to protect your LAN co mput ers from attacks by hackers on the Internet and control access between the LAN and W AN.
Chapter 13 Firewall NBG-460N User’s Guide 170 •U s e t h e Services screen ( Section 13.5 on page 172 ) to enable service blocking, enter/delete/modify t he services you want to block and the date/time you want to block them.
Chapter 13 Firewall NBG-460N User’s Guide 171 Y ou can have the NBG-460N permit the use of asymmetrical route topology on the network (not reset the connection). Allowing asymmetrical routes ma y let traf fic from the W AN go directly to the LAN without passing through the NBG-460N.
Chapter 13 Firewall NBG-460N User’s Guide 172 13.4 General Firewall Screen Use this screen to enable or disable th e NBG-460N’ s firewall, and set up fi rewall logs. C lick Security > Firewall to open the General screen. Figure 1 12 Security > Firewall > General The following table describes t he labels in this screen.
Chapter 13 Firewall NBG-460N User’s Guide 173 Y ou can also use this screen to enable service blocking, ente r/delete/modify the services you w ant to block and the date/time you want to block them. Click Security > Firewall > Services . The screen appears as shown next.
Chapter 13 Firewall NBG-460N User’s Guide 174 Do not respond to requests for unauthor ized services Select this option to prevent hackers from finding the NBG-460N by probing for unused ports. If you select this option, the NBG-460N will not respond to port request(s) for unused ports, thus lea ving the unused ports and the NBG-460N unseen.
Chapter 13 Firewall NBG-460N User’s Guide 175 13.5.1 The Add Firewall Rule Screen If you click Add or the Modify icon on an existing rule, the Add Firewall Rule screen is displayed. Use this s creen to add a firewall rule or to modify an existing one.
Chapter 13 Firewall NBG-460N User’s Guide 176 End IP Address Enter the ending I P address in a r ang e here. This field is only av ailable when IP Range is selected as the Address Type . IP P ool List Add an IP address from the IP Pool List to the Selected IP List by highlighting an IP address and clicking Ad d .
Chapter 13 Firewall NBG-460N User’s Guide 177 Max NA T/ Firewall Session Pe r U se r T ype a number r anging from 1 to 16000 to limit the number of NA T/ firewall sessions that a host can create. Apply Click Apply to save the settings. Res e t Click Reset to start configuring this screen again.
Chapter 13 Firewall NBG-460N User’s Guide 178.
NBG-460N User’s Guide 179 C HAPTER 14 Content Filtering 14.1 Overview This chapter provides a brief overview of content filtering using the embedded web GUI. Internet content filtering allows you to cr eate and enforce Internet access policies tailored to your needs.
Chapter 14 Content Filtering NBG-460N User’s Guide 180 Restrict Web Features The NBG-460N can disable web proxies and block web features such as ActiveX controls, Java applets and cook ies. Keyword Blocking URL Checking The NBG-460N checks the URL ’ s domain na me (or IP address) and file path separately when performing k eyword blocking.
Chapter 14 Con tent Filter ing NBG-460N User’s Guide 181 14.4 Filter Screen Use this screen to restrict web features, add keywords f or blocking and designate a trusted com puter .
Chapter 14 Content Filtering NBG-460N User’s Guide 182 Cookies Used by W eb servers to track usage and provide service based on ID . W eb Proxy A server that acts as an intermedia ry between a user and the Internet to provide security , administr ative control, and caching service.
Chapter 14 Con tent Filter ing NBG-460N User’s Guide 183 14.5 Schedule Screen Use this screen to set the day(s) and time y ou want the NBG-460N to use content filtering. Click Security > Content Filter > Schedule . The following screen displays.
Chapter 14 Content Filtering NBG-460N User’s Guide 184 14.6.1 Customizing Keyword Blocking URL Checking Y ou can use commands to set how much of a website’ s URL the content filter is to check for keyword blocking. See the appendices for informati on on how to access and use the command interpreter .
NBG-460N User’s Guide 185 C HAPTER 15 IPSec VPN 15.1 Overview A virtual priv ate network (VPN) pro vides secure communications between sit es without the expense of leased site-to-site lines. A s ecure VPN is a combination of tunneling, encryption, aut hentication, access control and auditing.
Chapter 15 IPSec VPN NBG-460N User’s Guide 186 •U s e t h e SA Monitor screen ( Section 15.5 on page 205 ) t o display and manage active VPN connections.
Chapter 15 IPSec VPN NBG-460N User’s Guide 187 Note: Both routers must use the same negotiation mode. These modes are discussed in more detail in Section 15.
Chapter 15 IPSec VPN NBG-460N User’s Guide 188 15.4 The General Screen Click Security > VPN to display the Summary screen. This is a read-only menu of your VPN rules (tunnels). Edit a VPN rule by clicking the Edit icon. Figure 1 19 Security > VPN > General The following table describes t he fields in this screen.
Chapter 15 IPSec VPN NBG-460N User’s Guide 189 15.4.1 VPN Rule Setup (Basic) Click the Edit icon in the General screen to disp lay the Rule Setup screen.
Chapter 15 IPSec VPN NBG-460N User’s Guide 190 Use this screen to configure a VPN rule. Figure 121 Security > VPN > General > Rule Setup: IKE (Basic) The following table describes t he labels in this screen.
Chapter 15 IPSec VPN NBG-460N User’s Guide 191 NA T T r aversal Selec t this check box to enable NA T tr aversal. NA T tr aversal allows you to set up a VPN connection when there are NA T routers between the two IPSec routers. Note: The remote IPSec rou ter must also have NA T traversal enabled.
Chapter 15 IPSec VPN NBG-460N User’s Guide 192 Rem o t e A d d r e s s For a sin gle IP address, enter a (static) IP address on the network behind the remote IPSec router . For a specific r ange of IP addresses, enter the beginning (static) IP address, in a range of computers on the network behind the remote IPSec router .
Chapter 15 IPSec VPN NBG-460N User’s Guide 193 Local Content When you select IP in the Local ID Type field, type the IP address of your computer in the Local Content field . The NBG-46 0N automatically uses the IP address in the My IP Address field (refer to the My IP Address field description) if you configure the Local Content field to 0.
Chapter 15 IPSec VPN NBG-460N User’s Guide 194 15.4.2 VPN Rule Setup (Advanced) Click the Advanced ... button in the Rule Setup screen to open this screen. IPSec Protocol Select the security protocols used for an SA. Both AH and ES P increase processing requirements and communications latency (delay).
Chapter 15 IPSec VPN NBG-460N User’s Guide 195 Use this screen to configure a VPN rule. Figure 122 Security > VPN > General > Rule Setup: IKE (Advanced).
Chapter 15 IPSec VPN NBG-460N User’s Guide 196 The following table describes t he labels in this screen. T able 66 Security > VPN > General > Rule Setup: IKE (Advanced) LABEL DESC RIPTION Property Active Select this check box to activ ate this VPN policy .
Chapter 15 IPSec VPN NBG-460N User’s Guide 197 Local Address For a single IP address, enter a (static) IP address on the LAN behind your NBG-460N. For a specific r ange of IP addresse s, enter the beginning (static) IP address, in a range of computers on your LAN behind your NBG- 460N.
Chapter 15 IPSec VPN NBG-460N User’s Guide 198 Rem o t e Po r t E n d Enter a port number in this field to define a port range. This port number must be greater than that sp ecified in the previous field. If Remote Port Start is left at 0, Remote Port End w i l l a l s o r e m a i n a t 0.
Chapter 15 IPSec VPN NBG-460N User’s Guide 199 P eer Content The configuration of the peer content depends on the peer ID type. For IP , type the IP address of the computer with which you will make the VPN connection. If you configure this field to 0.
Chapter 15 IPSec VPN NBG-460N User’s Guide 200 Pre-Shared K ey T ype your pre-shared key in this field. A pre-shared key identifies a communicating party during a phase 1 IKE negotiation. It is called "pre-shared" because you ha ve to share it with another party before you can communicate with th em over a secure connection.
Chapter 15 IPSec VPN NBG-460N User’s Guide 201 15.4.3 VPN Rule Setup (Manual) Use this screen to configure VPN rules (t unnels) that use man ual keys.
Chapter 15 IPSec VPN NBG-460N User’s Guide 202 15.4.3.3 Authentication and th e Security Parameter Index (SPI) For authentication, the NBG- 460N and remot e IPSec router use the SPI, instead of pre-shared keys, ID type and content. The SPI is an identification number .
Chapter 15 IPSec VPN NBG-460N User’s Guide 203 IPSec Keying Mode Select IKE or Manual from the drop-down list box. IKE provides more protection so it is generally recommended. Manual is a useful option for troubleshooting if you hav e problems using IKE key management.
Chapter 15 IPSec VPN NBG-460N User’s Guide 204 Rem o t e Address For a single IP address, enter a (static) IP address on the network behind the remote IPSec router . For a specific r ange of IP addresse s, enter the beginning (static) IP address, in a range of computers on th e network behind the remote IPSec router .
Chapter 15 IPSec VPN NBG-460N User’s Guide 205 15.5 The SA Monitor Screen In the W eb Configurator , click Security > VPN > SA Mo nitor . Use this screen to display and manage activ e VPN connections. IPSec Protocol Select the se curity protocols used for an SA.
Chapter 15 IPSec VPN NBG-460N User’s Guide 206 A Security Association (S A) is the group of security settings related to a specific VPN tunnel. This sc reen displays active VPN connections. Use Refresh to display active VPN connections. Figure 124 Security > VPN > SA Monitor The following table describes t he labels in this screen.
Chapter 15 IPSec VPN NBG-460N User’s Guide 207 460N’ s LAN interface. R emote management must also be configured t o allow HT TP access on the NBG-460N’ s LAN interface.
Chapter 15 IPSec VPN NBG-460N User’s Guide 208 15.6.3 Diffie-Hellman (DH) Key Exchange The NBG-460N and the remote IPSec router use a DH key exc hange to establish a shared secret, which is used to gener ate encryption keys for IKE SA and IPSec SA. In main mode, the DH key exchange is done in steps 3 and 4 , as illus trated below .
Chapter 15 IPSec VPN NBG-460N User’s Guide 209 domain name, or e-mail address. The ID content is only used for id entification; the IP address, domain name, or e-mail address that you enter does not have to actually exist.
Chapter 15 IPSec VPN NBG-460N User’s Guide 210 Steps 3-4: The NBG-460N and the remote IPSec router participate in a Diffie- Hellman key ex change, based on the a ccepted DH key group, to establi sh a shared secret.
Chapter 15 IPSec VPN NBG-460N User’s Guide 21 1 IPSec protocol is ESP . (See IPSec Protocol on page 211 for more information about active protoc ols.) If router A does no t have an IPSec pass-th rough or if the IPSec protocol is AH, you can solve this p roblem by en abling NA T traversal.
Chapter 15 IPSec VPN NBG-460N User’s Guide 212 In tunnel mode, the NBG-460N uses the IP Sec protocol to encapsulate the enti re IP packet. As a result, there are two IP headers: • Outside header: The outside IP header contains t he IP address of the NBG-460N or remote IPSec router , whichever is the destination.
Chapter 15 IPSec VPN NBG-460N User’s Guide 213 SA Life Time SAs hav e a lifetime that specifies how long the S A lasts until it times out. When an SA times out, the NBG-460N automatically renegotiat.
Chapter 15 IPSec VPN NBG-460N User’s Guide 214 cannot resolve domain names to p rivat e IP addresses on the remote priv ate network. The following figure depicts an example wh ere one VPN tunnel is created from an NBG-460N at br anch office ( B ) to headquarters ( HQ ).
215 P ART IV Management Static R oute ( 217) Bandwidth Management (221) Re mote Management (233) Universal Plug-and-Pla y (UPnP) (239).
216.
NBG-460N User’s Guide 217 C HAPTER 16 Static Route 16.1 Overview This chapter shows you how t o config ure static routes for your NBG-460N. The NBG-460N usually uses th e default gatew ay to route outbound tr affic from computers on the LAN to the Internet.
Chapter 16 Static Rou te NBG-460N User’s Guide 218 •U s e t h e Static Route Setup screen ( Section 16.3.1 on page 219 ) to add or edit a static route rule. 16.3 IP S t atic Route Screen Use this screen to view existi ng stat ic route rules. Click Management > Static Route to open the IP Static Route screen.
Chapter 16 Static Route NBG-460N User’s Guide 219 16.3.1 S t atic Route Setup Screen T o edit a static route, click the edit icon under Modify . The following screen displays.
Chapter 16 Static Rou te NBG-460N User’s Guide 220 Apply Click Apply to save yo ur changes back to the NBG-460N. Cancel Click Cancel to return to the previous screen and not save your changes.
NBG-460N User’s Guide 221 C HAPTER 17 Bandwidth Management 17.1 Overview This chapter contains information about configuring bandwidth management and editing rules. Z yXEL ’s Bandwidth Management allows you t o specify bandwidth management rules based on an application.
Chapter 17 Bandwid th Manageme nt NBG-460N User’s Guide 222 17.3 What Y ou Need T o Know The NBG-460N applies bandwi dth management to traffic that it forwards out through an interface. The NBG-460N does no t control the bandwidth of tr affic that comes into an interface.
Chapter 17 Bandwidth Management NBG-460N User’s Guide 223 Click Management > Bandwidth MGMT to open the bandwidth management General screen. Figure 136 Manageme nt > Bandwidth MGMT > Gen eral The following table describes t he labels in this screen.
Chapter 17 Bandwid th Manageme nt NBG-460N User’s Guide 224 17.5 Advanced Configuration Use this screen to configure bandwidth management rules for the pre-defi ned services or applications. Y ou can also use this screen to configure bandwidth manage ment rule for other services or applications t hat are not on the pre- defined list of NBG-460N.
Chapter 17 Bandwidth Management NBG-460N User’s Guide 225 Click Management > Bandwidth MGMT > Advanced to open the bandwidth management Advanced screen. Figure 137 Manageme nt > Bandwidth MGMT > Advan ced The following table describes t he labels in this screen.
Chapter 17 Bandwid th Manageme nt NBG-460N User’s Guide 226 17.5.1 Rule Configuration with the Pre-defined Service T o edit a bandwidth management rule for the pre-defi ned service in the NBG- 460N, click the Edit icon in the Application List table of the Advanced screen.
Chapter 17 Bandwidth Management NBG-460N User’s Guide 227 The following table describes t he labels in this screen. 17.5.2 Rule Configuration: User Defined Service Rule Configuration If you w ant to edit a bandwidth management rule for other applications or services, click the Edit icon in the User-defined Service table of the Advanced screen.
Chapter 17 Bandwid th Manageme nt NBG-460N User’s Guide 228 The following table describes t he labels in this screen 17.6 Monitor Screen Use this screen to view t he amount of network bandwidth that applications running in the network are using. The bandwidth is measured in kilob its per second (kbps).
Chapter 17 Bandwidth Management NBG-460N User’s Guide 229 Click Management > Bandwidth MGMT > Monitor to open the bandwidth management Monitor screen.
Chapter 17 Bandwid th Manageme nt NBG-460N User’s Guide 230 17.7.2 Default Bandwid th Management Classes and Priorities If you enable bandwidth management but do not configure a rule for critical traffi c like V oIP , the voice traffic may then ge t delayed due t o insufficient bandwidth.
Chapter 17 Bandwidth Management NBG-460N User’s Guide 231 17.7.3 Bandwid th Management Priorities The following table describes t he priorities that y ou can apply to tr affic that the NBG-460N forwards out through an interface. See Appendix E on page 355 for commonly used services and port numbers.
Chapter 17 Bandwid th Manageme nt NBG-460N User’s Guide 232.
NBG-460N User’s Guide 233 C HAPTER 18 Remote Management 18.1 Overview This chapter provides information on the R emote Management screens. Re mote Management allows you to manage your NBG-460N from .
Chapter 18 Remo te Management NBG-460N User’s Guide 234 18.3 What Y ou Need T o Know Y ou may only have one remote manageme nt session running at a time. The NBG- 460N automatically disconnects a remote management session of lower priority when another remote management session of higher priority starts.
Chapter 18 Remote Manag ement NBG-460N User’s Guide 235 18.4 WWW Screen Use this screen to define the interf ace/s from which the NBG-460N can be managed remotely using the web and specify a secure cli ent that can manage the NBG-460N.
Chapter 18 Remo te Management NBG-460N User’s Guide 236 18.5 T elnet Screen Y ou can use T elnet to access the NBG-460N ’ s command line int erface. Specify the interface/s from which the NBG-460N can be managed remotely using this service and specify a secure cli ent that can manage the NBG-460N.
Chapter 18 Remote Manag ement NBG-460N User’s Guide 237 Use this screen to specify the interface/s from which y ou can upload the firmw are or configuration file to the NBG-460N and specify a secure client t hat can manage the NBG-460N. T o change your NBG-460N’ s FTP settings, click Mana gement > Remote MGMT > FTP .
Chapter 18 Remo te Management NBG-460N User’s Guide 238 T o change your NBG-460N’ s DNS settings, cl ick Management > Remote MGMT > DNS . The screen appears as shown. Figure 144 Management > Remote MGMT > DNS The following table describes t he labels in this screen.
NBG-460N User’s Guide 239 C HAPTER 19 Universal Plug-and-Play (UPnP) 19.1 Overview This chapter introduces the UPnP feature in the W eb Configur ator . Universal Plug and Play (UPnP) is a d ist ributed, open networking standard that uses TCP/IP for simple peer -to-peer ne twork connec tivity betwe en devices.
Chapter 19 Universal Plug-and-Play (UPnP) NBG-460N User’s Guide 240 • Learning public IP addresses • Assigning lease times to mappings Windows Messenger is an example of an application that supports NA T tr aversal and UPnP . See the NA T chapter fo r more information on NA T .
Chapter 19 Universal Plug-and-Play (UPnP) NBG-460N User’s Guide 241 The following table describes t he labels in this screen. 19.5 T echnical Reference The sections show examples of using UPnP . 19.5.1 Using UPnP in Windows XP Example This section shows y ou how to use the UPnP feature in Windows XP .
Chapter 19 Universal Plug-and-Play (UPnP) NBG-460N User’s Guide 242 2 Right- click the icon and select Properties . Figure 146 Network Conne ctions 3 In the Internet Connection Properties window , click Settings to see the por t mappings there were automatically created.
Chapter 19 Universal Plug-and-Play (UPnP) NBG-460N User’s Guide 243 4 Y ou may edit or delete the port mappings or cl ick Add to manually add port mappings.
Chapter 19 Universal Plug-and-Play (UPnP) NBG-460N User’s Guide 244 6 Double-click on the icon to display y o ur current In ternet connection status.
Chapter 19 Universal Plug-and-Play (UPnP) NBG-460N User’s Guide 245 3 Select My Network Places under Other Places . Figure 152 Network Conne ctions 4 An icon with the description f or each UPnP-enabled device displays under Local Network . 5 Right- click on the icon for your NBG-460N and select Invoke .
Chapter 19 Universal Plug-and-Play (UPnP) NBG-460N User’s Guide 246 6 Right- click on the icon for your NBG-460N and select Properties . A properties window displays with basic informatio n about the NBG-460N.
247 P ART V Maintenance and T roubleshooting Sys te m ( 24 9 ) Logs (255) T ools (275) Configuration Mode (283) Sys Op Mode ( 285) Language (289) T roubleshooting (291) Product Specifications and W al.
248.
NBG-460N User’s Guide 249 C HAPTER 20 System 20.1 Overview This chapter provides information on the System screens. Refer t o the chapter on Connec tion Wizard chap ter on page 45 for background informat ion. 20.2 What Y ou Can Do •U s e t h e General screen ( Section 20.
Chapter 20 System NBG-460N User’s Guide 250 The following table describes t he labels in this screen. T able 85 Maintenance > System > General LABEL DESCRIPTION Syst e m N am e System Name is a unique name to identify the NBG-460N in an Ethernet network.
Chapter 20 System NBG-460N User’s Guide 251 20.4 T ime Setting Screen T o change your NBG-460N’s time and date, click Maintenance > System > Time Setting . The screen appears as shown. Use this screen to configure the NBG-460N’ s time based on y our local time zone.
Chapter 20 System NBG-460N User’s Guide 252 New Date (yyyy/mm/dd) This field displays the last updated date from the tim e server or the last date configured manually . When you set Tim e and Date S etup to Manual , enter the new date in this field and then click Apply .
Chapter 20 System NBG-460N User’s Guide 253 End Date Configure the day and time when Daylight Sa ving Time ends if you selected Daylight Savings . The o'clock field uses the 24 hour format. Here are a couple of examples: Daylight Saving Time ends in the Un ited States on the last Sunday of October .
Chapter 20 System NBG-460N User’s Guide 254.
NBG-460N User’s Guide 255 C HAPTER 21 Logs 21.1 Overview This chapter contains information abou t configuring general log set tings and viewing the NBG-460N’ s logs. R efer to Section 21.6.1 on page 260 for example log messa ge explanati ons. The W eb Configur ator allows you to look at all of the NBG-460N’ s logs in one location.
Chapter 21 Logs NBG-460N User’s Guide 256 21.4 V iew Log Screen Use the View Log screen to see the logs for the ca tegories that you selected in the Log Settings screen (see Section 21.
Chapter 21 Lo gs NBG-460N User’s Guide 257 21.5 Log Settings Y ou can configure the NBG-460N’ s general log settings i n one location. Use the Log Settings screen to configure where the NBG-460N sends logs, the schedule for when the NBG-460N sends the logs and which logs and /or immediate alerts the NBG-460N to send.
Chapter 21 Logs NBG-460N User’s Guide 258 Click Maintenance > Logs > Log Settings to open the Log Settings screen. Figure 159 Maintenance > L ogs > Log Settings The following table describes t he labels in this screen.
Chapter 21 Lo gs NBG-460N User’s Guide 259 Mail Subject T ype a title that you wan t to be in the subject line of the log e-mail message that the NBG-460N sends. Not all NBG-460N models have this field. Send Log T o The NBG-460N sends logs to the e-mail ad dress specified in this field.
Chapter 21 Logs NBG-460N User’s Guide 260 21.6 T echnical Reference The following section contains additional technical information about the NBG- 460N features described in this chapter . 21.6.1 Log Descriptions This section provides descripti ons of example log messages.
Chapter 21 Lo gs NBG-460N User’s Guide 261 Time initialized by Time server The router got the time and date from the time server . Time initialized by NTP server The router got the time and date from the NTP server . Connect to Daytime server fail The router was not able to conn ect to the Daytime server .
Chapter 21 Logs NBG-460N User’s Guide 262 T able 91 Access Control Logs LOG MESSAGE DESCRIPTION Firewall default policy: [TCP | UDP | IGMP | ESP | GRE | OSPF] <Packet Direction> Attempted T CP/UDP/IGMP/ESP/GRE/OSPF access matched the default policy and was blocked or forwarded according to the default policy’ s setting.
Chapter 21 Lo gs NBG-460N User’s Guide 263 Firewall session time out, sent TCP RST The router sent a T CP reset packet when a dynamic firewall session timed out.
Chapter 21 Logs NBG-460N User’s Guide 264 Triangle route packet forwarded: ICMP The firewall allowed a triangle route session to pass thro ugh. Packet without a NAT table entry blocked: ICMP The router block ed a packet th at didn’t have a corresponding NA T table entry .
Chapter 21 Lo gs NBG-460N User’s Guide 265 T able 97 UPnP Logs LOG MESSAGE DESCRIPTION UPnP pass through Firewall UPnP packets can pass through the firewall. T able 98 Content Filtering Log s LOG MESSAGE DESCRIPTION %s: Keyword blocking The content of a requested web page matched a user defined keyw ord .
Chapter 21 Logs NBG-460N User’s Guide 266 T able 99 Attack Logs LOG MESSAGE DESCRIPTION attack [TCP | UDP | IGMP | ESP | GRE | OSPF] The firewall detected a TCP/UDP/IGMP/ESP/GRE/OSPF attack. attack ICMP (type:%d, code:%d) The firewall detected an ICMP attack.
Chapter 21 Lo gs NBG-460N User’s Guide 267 Receive IPSec packet, but no corresponding tunnel exists The router dropped an inbound packet for which SPI could not find a corresponding phase 2 SA. Rule <%d> idle time out, disconnect The router dropped a connection that had outbound traffic and no inbound traffic for a cer tain time period.
Chapter 21 Logs NBG-460N User’s Guide 268 Peer ID: <peer id> <My remote type> -<My local type> The displayed ID information did not match between the two ends of the connection. vs. My Remote <My remote> - <My remote> The displayed ID information did not match between the two ends of the connection.
Chapter 21 Lo gs NBG-460N User’s Guide 269 XAUTH fail! Username: <Username> The router was not able to use extended authentication to authenticate the listed username. Rule[%d] Phase 1 negotiation mode mismatch The listed rule’ s IKE phase 1 negotiation mode did not match between the router and the peer .
Chapter 21 Logs NBG-460N User’s Guide 270 Rule [%d] phase 1 mismatch The listed rule’s IKE phase 1 did not match between the router and the peer . Rule [%d] phase 2 mismatch The listed rule’s IKE phase 2 did not match between the router and the peer .
Chapter 21 Lo gs NBG-460N User’s Guide 271 Failed to decode the received CRL The router received a corrupted CRL (Certificate Revo cation List) from the LDAP server whose address and port are recorded in the Source field.
Chapter 21 Logs NBG-460N User’s Guide 272 Local User Database does not support authentication method. A user tried to use an authentication method that the local user database does not support (it only supports EAP-MD5). No response from RADIUS. Pls check RADIUS Server.
Chapter 21 Lo gs NBG-460N User’s Guide 273 0 A gateway may discard internet datagrams if it does not have the buffer space needed to queue the datagr ams for output to the next network on the route to the destination network.
Chapter 21 Logs NBG-460N User’s Guide 274 The following table shows RFC -2408 ISAKMP payload t ypes that the log displays. Please refer to the RFC for detailed information on eac h type.
NBG-460N User’s Guide 275 C HAPTER 22 Tools 22.1 Overview This chapter shows you how t o upload a new firmware, upload or sa ve backup configur ation files and restart the NBG-460N. 22.2 What Y ou Can Do •U s e t h e Firmware screen ( Section 22.3 on page 275 ) to upload firmware to your NBG-460N.
Chapter 22 Tools NBG-460N User’s Guide 276 Click Maintenance > Too ls . Fol low the instructions in this screen to upload firmware to y our NBG-460N. Figure 160 Maintenance > T ools > Firmware The following table describes t he labels in this screen.
Chapter 22 Tools NBG-460N User’s Guide 277 The NBG-460N automatically restarts in thi s time causing a temporary net work disconnect. In some oper ating systems, y ou may see the following icon on your desktop. Figure 162 Network T emporarily Disconnected After two minutes, log in again and ch eck your new firmware version in the Status screen.
Chapter 22 Tools NBG-460N User’s Guide 278 22.4 Configuration Screen Click Maintenance > Too ls > Configuration . Informat ion rela ted to factory defaults, backup configuration, and restoring configur ation appears as shown next. Figure 164 Maintenance > T ools > Configuration 22.
Chapter 22 Tools NBG-460N User’s Guide 279 Note: Do not turn of f the NBG-460N while configura tion file upload is in progress After you see a “confi guration upload su ccessful” screen, y ou must then wait one minute before logging into the NBG-460N again.
Chapter 22 Tools NBG-460N User’s Guide 280 If the upload was not successful, the following screen will appear . Click Return to go back to the Configuration screen.
Chapter 22 Tools NBG-460N User’s Guide 281 22.6 W ake On LAN W ak e On LAN (WOL) allows you to remot ely turn on a device on the network. T o use this feature the remote hardware (f or example the networ k adapter on your computer) must support W ake On LAN.
Chapter 22 Tools NBG-460N User’s Guide 282 Note: When the NBG-460N reboot s from low power mode, some processes may not automatically resume. Click Maintenance > Too ls > Green to open the following screen. Figure 170 TMaintenance > T ools > Green The following table describes t he labels in this screen.
NBG-460N User’s Guide 283 C HAPTER 23 Configuration Mode 23.1 Overview Y our NBG-460N allows you to hide or display the adv anced screens of some features or the advanced features, su ch as MAC filter or static route.
Chapter 23 Config uration Mode NBG-460N User’s Guide 284 The following table describes t he labels in this screen. T able 1 12 Maintenance > Config Mode > General The following table includes the screens th at you cannot view and configure if you do not select Advanced mode.
NBG-460N User’s Guide 285 C HAPTER 24 Sys Op Mode 24.1 Overview The Sys Op Mode (Syst em Operatio n Mode) function lets you configu re whether your NBG-460N is a router or AP . Y ou can choose between Router Mode and AP Mode depending on y our network topology and the features you require from your device.
Chapter 24 Sys Op Mod e NBG-460N User’s Guide 286 Router A router connects your local network with another network, such as the Inte rnet. The router has two IP addresses, the LAN IP address and the W AN IP address. Figure 172 LAN and W AN IP Addresses in Router Mode AP An AP extends one network and so has just one IP address.
Chapter 24 Sys Op Mode NBG-460N User’s Guide 287 24.4 General Screen Use this screen to select how you want to use your NBG-460N depending on how you connect to the Internet. Figure 174 Maintenance > Sys OP Mode > General If you selec t Router Mode, the fo llowing pop-up message window appears.
Chapter 24 Sys Op Mod e NBG-460N User’s Guide 288 • The DHCP server on your device is disa bled. In AP mode there must be a device with a D HCP server on your n etwork su ch as a router or gateway which can allocate IP addresses. The IP address of the device on the local network is set to 192.
NBG-460N User’s Guide 289 C HAPTER 25 Language 25.1 Language Screen Use this screen to change the language for t he W eb Configur ator . Click the language you prefer . The W eb Configurator language changes after a while without restarting the NBG-460N.
Chapter 25 La nguage NBG-460N User’s Guide 290.
NBG-460N User’s Guide 291 C HAPTER 26 Troubleshooting This chapter offers some suggesti ons to solve problems you mi ght encounter . The potential problems are divided into the following categories .
Chapter 26 Trou bleshooting NBG-460N User’s Guide 292 2 Check the hardware connections. See the Quick Start Guide. 3 Inspect your cables for damage. Cont act the vendor to replace any damaged cables. 4 Disconnect and re-connect the power adaptor to the NBG-460N.
Chapter 26 Trou bleshooting NBG-460N User’s Guide 293 1 The default password is 1234 . 2 If this does not work, you have to reset the device to its fact ory defaults. See Section 26.4 on page 296 . I cannot see or access the Login screen in the W eb Configurator .
Chapter 26 Trou bleshooting NBG-460N User’s Guide 294 I can see the Login screen, but I cannot lo g in to the NBG-460N. 1 Make sure you ha ve entered the password correctly . The default password is 1234 . This field is cas e-sensitive, so mak e sure [Caps Lock] is not on.
Chapter 26 Trou bleshooting NBG-460N User’s Guide 295 2 Make su re you enter ed yo ur ISP acco unt in form ation corr ectly in the w iza rd. These fields are case-sensitive, so m ake sure [Caps L ock] is not on.
Chapter 26 Trou bleshooting NBG-460N User’s Guide 296 4 If the problem continues, contac t the netw ork administrator or v endor , or try one of the adv anced suggestion s. Advanced Suggestions • Check the settings for bandwidth management. If i t is disabled, y ou might consider activ ating it.
Chapter 26 Trou bleshooting NBG-460N User’s Guide 297 26.5 Wireless Router/AP T roubleshooting I cannot access the NBG-460N or ping an y computer from t he WLAN (wireless AP or router). 1 Make sure the wirel ess LAN is enabled on the NBG-460N 2 Make sure the wir eless adap ter on the wireless station is working properly .
Chapter 26 Trou bleshooting NBG-460N User’s Guide 298 I set up URL keyword blocki ng, but I can still access a website that should be blocked. Make sure that you select the Enable URL Keyword Blocking check box i n the Content Filtering screen. Make sure that th e keyword s that you typ e are li ste d in the Keyword List .
NBG-460N User’s Guide 299 C HAPTER 27 Product Specifications and Wall- Mounting Instructions The following tables summarize the NBG- 460N’ s hardware and firmware features.
Chapter 27 Product Specifica tions and Wall-Mounting Instructions NBG-460N User’s Guide 300 Distance between the centers of the holes on the device’ s back. 137 mm Screw size for wall- mounting M4 T a p Screw T able 1 16 Firmware Features FEATUR E DESCRIPTION Default IP Address 192.
Chapter 27 Product Specificatio ns and Wall-Mounting Instructions NBG-460N User’s Guide 301 Firewall Y ou can configure firewall on the NBG-460N for secure Internet access. When the firewall is on, by default, all incoming tr affic from the Internet to your network is blocked unless it is initiated from your network.
Chapter 27 Product Specifica tions and Wall-Mounting Instructions NBG-460N User’s Guide 302 The following list, which is not exhaust ive , illust rates the standards supported in the NBG-460N. PPTP Encapsulation Point-to-P oint T unneling Protocol (PPTP) enables secure transfer of data thro ugh a Virtual Private Network (VPN).
Chapter 27 Product Specificatio ns and Wall-Mounting Instructions NBG-460N User’s Guide 303 W all-mounting Instructions Do the following to hang y our NBG-460N on a wall. Note: See the Figure 179 on page 304 for the size of screws to use and how far ap art to place them.
Chapter 27 Product Specifica tions and Wall-Mounting Instructions NBG-460N User’s Guide 304 The following are dimensions of an M4 tap screw and masonry plug used for wall mounting.
305 P ART VI Appendices and Index P op-up Windows, Jav aScripts and Java P ermissions (307) IP Addresses and Subnetting (315) Setting up Y our Computer’s IP Add ress (325) Wireless LANs (343) Servic.
306.
NBG-460N User’s Guide 307 A PPENDIX A Pop-up Windows, JavaScript s and Java Permissions In order to use the W eb Configurator you need to allow: • W eb browser pop-up wind ows from your device. • Jav aScripts (enabled by default). • Jav a permissions (enabled by default).
Appendix A Po p-up Window s, JavaScrip ts and Java Permissions NBG-460N User’s Guide 308 1 In Internet Explorer , select Tools , Internet Options , Privacy . 2 Clear the Block pop-ups check box in the Pop-up Blocker sect ion of the screen. This disables an y web pop-up block ers you may have enabled.
Appendix A Pop-u p Windows, JavaScripts and Java Permissions NBG-460N User’s Guide 309 2 Select Settings… to open the Pop-up Blocker Settings screen. Figure 182 Internet Options: Privacy 3 T ype the IP address of your device (the web page that you do not want to have blocked) wi th the prefix “http://” .
Appendix A Po p-up Window s, JavaScrip ts and Java Permissions NBG-460N User’s Guide 310 4 Click Add to mo ve the IP address to the list of Allowed sites . Figure 183 Pop-up Blo cker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting.
Appendix A Pop-u p Windows, JavaScripts and Java Permissions NBG-460N User’s Guide 31 1 1 In Internet Explorer , click Tools , Internet Options and then the Security tab. Figure 184 Internet Options: Secu rity 2 Click the Custom Level... button . 3 Scroll down to Scriptin g .
Appendix A Po p-up Window s, JavaScrip ts and Java Permissions NBG-460N User’s Guide 312 6 Click OK to close the window . Figure 185 Security Settings - Java Scripting Java Permissions 1 From Internet Explorer , click Tools , Internet Opti ons and then the Security tab.
Appendix A Pop-u p Windows, JavaScripts and Java Permissions NBG-460N User’s Guide 313 5 Click OK to close the window . Figure 186 Security Settings - Java JA V A (Sun) 1 From Internet Explorer , click Tools , Internet Opti ons and then the Adv anced tab.
Appendix A Po p-up Window s, JavaScrip ts and Java Permissions NBG-460N User’s Guide 314 3 Click OK to close the window . Figure 187 Java (Sun).
NBG-460N User’s Guide 315 A PPENDIX B IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify indi vidual devices on a network. Every networking device (including computers, serv ers, routers, printers, etc.
Appendix B IP Addre sses and Sub netting NBG-460N User’s Guide 316 The following figure shows an example IP address in which the first three octets (192.
Appendix B IP Addresses and Subnetting NBG-460N User’s Guide 317 By conv ention, subnet masks alw ays cons ist of a continuous sequence of ones beginning from the leftmost bit of the mask, followed by a continuous sequence of zeros, for a total number of 32 bits.
Appendix B IP Addre sses and Sub netting NBG-460N User’s Guide 318 As these two IP addresses cannot be us ed for individual hosts, calculat e the maximum number of possible host s in a network as fo.
Appendix B IP Addresses and Subnetting NBG-460N User’s Guide 319 Subnetting Y ou can use subnetting to divide one netw ork into multiple sub-networks. In the following example a network administrator creates t wo sub-networks to isolate a group of servers from the rest of th e compan y network for security reasons.
Appendix B IP Addre sses and Sub netting NBG-460N User’s Guide 320 The following figure shows the company network after subnet ting. There are now two sub-n etworks, A and B .
Appendix B IP Addresses and Subnetting NBG-460N User’s Guide 321 Each subnet contains 6 host ID bit s, giving 2 6 - 2 or 62 hosts f or each subnet (a host ID of all zeroes i s the subnet it self , all ones is the subnet’ s broadcast address). T able 123 Subnet 1 IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT VA L U E IP Address (Decimal) 192.
Appendix B IP Addre sses and Sub netting NBG-460N User’s Guide 322 Example: Eight Subnet s Similarly , use a 27-bit mask to create eight subnets (000, 001, 010, 011, 100, 101, 110 and 111). The following table shows IP address last octet values for each sub net.
Appendix B IP Addresses and Subnetting NBG-460N User’s Guide 323 The following table is a summary for subnet planning on a network with a 16-bit network number . Configuring IP Addresses Where you obtain your network number depends on your particular situation.
Appendix B IP Addre sses and Sub netting NBG-460N User’s Guide 324 that you entered. Y ou don't need to ch ange the subnet mask computed by the NBG-460N unless you are instructed to d o otherwise. Private IP Addresses Every machine on the In ternet must ha ve a uni que address.
NBG-460N User’s Guide 325 A PPENDIX C Setting up Y our Computer ’ s IP Address All computers must ha ve a 10M or 100M Ethernet adapter card and TCP/IP installed.
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 326 Windows 95/98/Me Click Start , Settings , Control Panel and double-click the Network icon to open the Network window .
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 327 3 Select Microsoft from the list of manufacturers . 4 Select TCP/IP from the list of network protocols and then click OK . If you need Client for Microsoft Networks: 1 Click Add .
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 328 3 Click the DNS Configuration t ab. • If you d o not know your DNS information, select Disable D NS . • If you k now your DNS information, select Enable DNS and type the information in the fields below (y ou may not need to fill them all in).
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 329 3 Select your network adap ter . Y ou should see y our computer's IP address, subnet mask and default gatewa y . Windows 2000/NT/XP The following example figures use the defa ult Windo ws XP GU I theme.
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 330 2 In the Control Panel , double-cli ck Network Connections ( Network and Dial- up Connections in Windows 2000/NT). Figure 195 Windows XP: Control Panel 3 Right- click Local Area Connection and then click Properties .
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 331 4 Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click Properties . Figure 197 Windows XP: Local Area Connection Properties 5 The Internet Protocol TCP/IP Properties window opens (the General tab in Windows XP).
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 332 •C l i c k Advanced . Figure 198 Windows XP: Internet Protocol (T CP/IP) Properties 6 If you do not know your gatewa y's IP address, remov e any previously i nstalled gateways in the IP Settings tab and click OK .
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 333 •C l i c k OK when finished. Figure 199 Windows XP: Adva nced TCP/IP Properties 7 In the Internet Protocol TCP/IP Prope.
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 334 If you hav e previously configur ed DNS servers, click Advanced and t hen the DNS tab to order them. Figure 200 Windows XP: Internet Protocol (T CP/IP) Properties 8 Click OK to close the Internet Protocol (TCP/IP) Properties window.
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 335 Macintosh OS 8/9 1 Click the Apple menu, Control Panel and do uble-cl ick TCP/IP to open the TCP/ IP Control Panel .
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 336 2 Select Ethernet built-in from the Connect via list. Figure 202 Macintosh OS 8/9: TCP/IP 3 For d ynamically assigned settings, select Using DHCP Server from the Configure: list.
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 337 Macintosh OS X 1 Click the Apple menu, and click System Preferences to open the System Preferences window . Figure 203 Macintosh OS X: Apple Menu 2 Click Netw ork in the icon bar .
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 338 4 For s tatically assigned settings, do t he following: •F r o m t h e Configure box, select Manually . • T ype your IP address in the IP Address bo x. • T ype your subnet mask in the Subnet mask bo x.
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 339 2 Double-click on the profile of the network card you wish to configure.
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 340 5 Click the Device s tab. 6 Click the Activate button to apply the changes. The following sc reen displays. Click Yes to save the changes in all screens. Figure 208 Red Hat 9.
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 341 • If you ha ve a static IP address, ent er static in the BOOTPROTO= field. T ype IPADDR = followed by the IP address (in dotted decimal notation) and type NETMASK = followed by the subnet mask.
Appendix C Setting up Your Computer’s IP Address NBG-460N User’s Guide 342 27.0.1 V erifying Settings Enter ifconfig in a terminal screen to ch eck your TCP/IP properties. Figure 213 Red Hat 9.0: Checking TCP/IP Properties [root@localhost]# ifconfig eth0 Link encap:Ethernet HWadd r 00:50:BA:72:5B:44 inet addr:172.
NBG-460N User’s Guide 343 A PPENDIX D W ireless LANs Wireless LAN T opologies This section discuss es ad-hoc and infr astructure wi reless LAN topologies. Ad-hoc Wireless LAN Configuration The simplest WLAN configur ation is an in dependent (Ad-hoc) WLAN that connects a set of computers with wireless stations (A, B , C).
Appendix D Wireless LANs NBG-460N User’s Guide 344 with each other . When Intra-BSS is d isabled, wireless station A and B c an still access the wired network but cannot communicate with eac h other .
Appendix D Wireless LANs NBG-460N User’s Guide 345 An ESSID (ES S IDentification) uniquely id entifies each ESS . All access points and their associated wireless stations within the same ESS must hav e the same ESSID in order to comm unicate. Figure 216 Infrastructure WLAN Channel A channel is the radio frequency(ies) us ed by IEEE 802.
Appendix D Wireless LANs NBG-460N User’s Guide 346 wireless gatewa y , but out -of- range of ea ch other , so they canno t "hear" each other , that is they do not know if the channel is currently being used. Therefore, they are consider ed hi dden from each other .
Appendix D Wireless LANs NBG-460N User’s Guide 347 Fragment ation Threshold A Fragmentation Threshold is the maximum data fr agment size (between 256 and 2432 bytes) that can be sent in th e wireless network before the AP will fragment the packet into smaller dat a frames.
Appendix D Wireless LANs NBG-460N User’s Guide 348 sever al intermediate rate steps between the maximum and minimum data r ates. The IEEE 802.11g data rate and modulation are as follows: IEEE 802.1x In June 2001, the IEEE 802.1x standard w a s designed to extend the features of IEEE 802.
Appendix D Wireless LANs NBG-460N User’s Guide 349 T ypes of RADIUS Messages The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user authentication: • Access-R equest Sent by an ac cess poin t requestin g authenti cation.
Appendix D Wireless LANs NBG-460N User’s Guide 350 However , MD5 au thentication has some weaknesses. Since the authentication server needs to get the plaintext password s, t he passwords must be stored. Thus someone other th an the authenti cation server m ay access the pas sword file.
Appendix D Wireless LANs NBG-460N User’s Guide 351 If this feature is enabled, it is not nece ssary to conf igure a default encryption key in the Wireless screen. Y ou may still configure and store k eys here, but they will not be used while Dynamic WEP is enabled.
Appendix D Wireless LANs NBG-460N User’s Guide 352 TKIP regularly changes and rotates the encrypti on keys so that the same encry pti on key is ne ver us ed tw ice.
Appendix D Wireless LANs NBG-460N User’s Guide 353 27.0.2 WP A(2)-PSK Application Example A WP A(2)-PSK application looks as follows. 1 First enter identical passwords int o the AP and all wireless clients. The Pre-Shared K ey (PSK) must consist of between 8 and 63 ASCII characters (including spaces and symbols).
Appendix D Wireless LANs NBG-460N User’s Guide 354 Security Parameters Summary Re fer to this table to see what other secu rity parameters you should configure for each Authenti cation Meth od/ key managem e nt protocol type. MAC address filters are not dependent on how you configure these security features.
NBG-460N User’s Guide 355 A PPENDIX E Services The following table lists some commonl y-used services and their associated protocol s and port n umbers. • Name : This is a short, descriptiv e name for the service. Y ou can use this one or create a different one, if you like.
Appendix E Services NBG-460N User’s Guide 356 T able 133 Examples of Services NAME PROTOCOL PORT(S) DESCRIPTION AH (IPSEC_TUNNEL) User-Defined 51 The IPSEC AH (Aut hentica tion Header) tunneling protocol uses this service. AIM TC P 51 90 AOL ’s Internet Messenger service.
Appendix E Services NBG-460N User’s Guide 357 MSN Messenger TCP 18 63 Microsoft Networks’ messenger service uses this protocol. NetBIOS TCP /U D P TCP / U DP TCP / U DP TCP / U DP 137 138 139 445 The Network Basic Input/Output System is used for communication between computers in a LAN.
Appendix E Services NBG-460N User’s Guide 358 SFTP TC P 11 5 The Simple File T ransfer Protocol is an old way of tr ansferring files between computers. SMTP TC P 25 Simple Mail T ransfer Protocol is the message-exchange standard for the Internet. SMTP enables you to move messages from one e-mail server to another .
NBG-460N User’s Guide 359 A PPENDIX F Legal Information Copyright Copyright © 2009 by Z yXEL Communications Corpor ation. The contents of this publication ma y not be reproduced in any p art or as .
Appendix F L egal Informati on NBG-460N User’s Guide 360 • This dev ice must accept any inte rference received, including interference that may cause undesired operations. This device has been tested and found to comply with the limits for a Clas s B digital device pursuant to P art 15 of th e FCC Rules.
Appendix F Legal Information NBG-460N User’s Guide 361 有干擾現象時,應立即停用,並 改善至無干擾時方得繼續使用。 前項合法通信,指依電信規定作 業之無線.
Appendix F L egal Informati on NBG-460N User’s Guide 362 Note Re pair or replacement, as provided under this warr anty , is the exclusive remedy of the purchaser . This warrant y is in lieu of all other w arranties, exp ress or implied, including any impli ed warranty of merchantability or f itness for a particular use or purpose.
Index NBG-460N User’s Guide 363 Index A acti ve pr otoco l 21 1 AH 21 1 and encapsulation 21 1 ESP 21 1 ActiveX 181 Address Assignment 124 address resolution protocol (ARP) 145 AH 21 1 and transport.
Index NBG-460N User’s Guide 364 DHCP client information 150 DHCP client list 150 DHCP server 140 , 14 7 DHCP table 40 , 150 DHCP client information DHCP status Diffie-Hellman key g roup 208 Perfect .
Index NBG-460N User’s Guide 365 I IANA 324 IBSS 343 IEEE 802.11g 347 IGMP 125 see also Internet Group Multicast Protocol vers ion IGMP version 125 IKE SA aggressive mode 186 , 209 , 210 authenticati.
Index NBG-460N User’s Guide 366 M MAC 103 MAC address 93 , 125 cloning 58 , 125 MAC address filter 93 MAC address filtering 103 MAC filter 103 managing the device good habits 27 usi ng FT P . S ee FT P . using T elnet. See command interface. using the command interface.
Index NBG-460N User’s Guide 367 R RADIUS 348 Shared Secret Key 349 RADIUS Message T ypes 349 RADIUS Messages 349 RADIUS server 93 registration product 362 related documentation 3 Remote manage ment .
Index NBG-460N User’s Guide 368 T rigger port forwarding 159 example 161 process 161 U Universal Plug and Play 239 application 240 UPnP 239 security issues 240 URL K eyword Blocking 182 Use Authentication 352 user authentication 93 local (user) database 93 RADIUS server 93 User Na me 164 V Virtual Private Network.
An important point after buying a device ZyXEL NBG-460N (or even before the purchase) is to read its user manual. We should do this for several simple reasons:
If you have not bought ZyXEL NBG-460N yet, this is a good time to familiarize yourself with the basic data on the product. First of all view first pages of the manual, you can find above. You should find there the most important technical data ZyXEL NBG-460N - thus you can check whether the hardware meets your expectations. When delving into next pages of the user manual, ZyXEL NBG-460N you will learn all the available features of the product, as well as information on its operation. The information that you get ZyXEL NBG-460N will certainly help you make a decision on the purchase.
If you already are a holder of ZyXEL NBG-460N, but have not read the manual yet, you should do it for the reasons described above. You will learn then if you properly used the available features, and whether you have not made any mistakes, which can shorten the lifetime ZyXEL NBG-460N.
However, one of the most important roles played by the user manual is to help in solving problems with ZyXEL NBG-460N. Almost always you will find there Troubleshooting, which are the most frequently occurring failures and malfunctions of the device ZyXEL NBG-460N along with tips on how to solve them. Even if you fail to solve the problem, the manual will show you a further procedure – contact to the customer service center or the nearest service center
