ZyXEL NBG-419N
Contents
1. 16 bit 11111111 11111111 00000000 00000000 255 255 0 0 mask 24 bit 11111111 11111111 11111111 00000000 255 255 255 0 mask 29 bit 11111111 11111111 11111111 11111000 255 255 255 24 mask 8 Network Size The size of the network number determines the maximum number of possible hosts you can have on your network The larger the number of network number bits the smaller the number of remaining host ID bits An IP address with host IDs of all zeros is the IP address of the network 192 168 1 0 with a 24 bit subnet mask for example An IP address with host IDs of all ones is the broadcast address for that network 192 168 1 255 with a 24 bit subnet mask for example NBG 419N User s Guide Appendix B IP Addresses and Subnetting As these two IP addresses cannot be used for individual hosts calculate the maximum number of possible hosts in a network as follows Table 83 Maximum Host Numbers SUBNET MASK HOST ID SIZE MAR be aa ae 8 bits 255 0 0 0 24 bits 24 2 16777214 16 bits 255 255 0 0 16 bits 216 2 65534 24 bits 255 255 255 0 8 bits 28 2 254 29 bits 255 255 255 2 3 bits 23 2 6 48 Notation Since the mask is always a continuous number of ones beginning from the left followed by a continuous number of zeros for the remainder of the 32 bit mask you can simply specify the number of ones instead of writing the value of e2. LABEL DESCRIPTION PPTP Gateway IP Type the gateway IP address of the PPTP server Address PPTP Server IP Type the server IP address of the PPTP server Address User Name Type the user name given to you by your ISP Password Type the password associated with the User Name above Exit Click this to close the wizard screen without saving Back Click this to return to the previous screen Next Click this to continue 2 3 5 Connection Type L2TP The Layer 2 Tunneling Protocol L2TP works at layer 2 the data link layer to tunnel network traffic between two peer devices over another network like the Internet Figure 10 Internet Connection Type L2TP 1 Internet Connection Type L2TP E Please information provided t f q blar SiDynamic IP OStatic IP L2TP Address W204 L2TP Subnet Mask L2TP Gateway IP Address L2TP Server IP Address User Name Password The following table describes the fields in this screen Table 6 Internet Connection Type L2TP LABEL DESCRIPTION Internet Select L2TP from the drop down list box Connection Type Dynamic IP Select this radio button if your ISP did not assign you a fixed IP address Static IP Select this radio button provided by your ISP to give the NBG 419N a fixed unique IP address L2TP Address Type the static IP address assigned to you by your ISP L2TP Subnet Type the subnet mask assigned to you by your ISP
3. LABEL DESCRIPTION Security Choose No Security from the drop down list box Mode Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to reload the previous configuration for this screen Refer to Table 36 on page 103 for descriptions of the other labels in this screen 11 4 2 WEP Encryption WEP encryption scrambles the data transmitted between the wireless stations and the access points to keep network communications private It encrypts unicast and multicast communications in a network Both the wireless stations and the access points must use the same WEP key Your NBG 419N allows you to configure up to four 64 bit or 128 bit WEP keys but only one key can be enabled at any one time NBG 419N User s Guide Chapter 11 Wireless LAN In order to configure and enable WEP encryption click Network gt Wireless LAN to display the General screen Select Static WEP from the Security Mode list Figure 69 Network gt Wireless LAN gt General Static WEP Security Wireless Setup Wireless LAN ON Network Name SSID NBG 41 SN Hide SSID Channel Selection Operating Channel Security Mode PassPhrase WEP Encryption Authentication Method Shared Key Note 64 bit WEP Enter 5 ASCII characters or 10 hexadecimal characters 0 9 A F for each Key 1 4 128 bit WEP Enter 13 ASCII characters or 26 hexadecimal characters 0 9 A F for each Key 1
4. Chapter 15 Network Address Translation NAT 15 2 What You Can Do e Use the General screen Section 15 3 on page 144 to enable NAT and seta default server e Use the Application screen Section 15 4 on page 145 o forward incoming service requests to the server s on your local network e Use the Advanced screen Section 15 5 on page 147 to change your NBG 419N s trigger port settings 15 3 General NAT Screen Use this screen to enable NAT and set a default server Click Network gt NAT gt General to open the following screen Figure 93 Network gt NAT gt General HAT Setup IV Enable Network Address Translation Default Server Setup Server IP Address o 0 0 0 Apply Reset The following table describes the labels in this screen Table 57 Network gt NAT gt General LABEL DESCRIPTION NAT Setup Enable Network Network Address Translation NAT allows the translation of an Internet Address protocol address used within one network for example a private IP Translation address used in a local network to a different IP address known within another network for example a public IP address used on the Internet Select the check box to enable NAT Default Server Setup Server IP In addition to the servers for specified services NAT supports a default Address server A default server receives packets from ports that are not specified in the Application screen
5. 1 Internet Connection Type DHCP Generally whe ur connection tyne is DHCP it me open your corr er Note If you get an error screen after clicking Next you might have selected the wrong Internet Connection type Click Back make sure your Internet connection is working and select the right Connection Type Contact your ISP if you are not sure of your Internet Connection type NBG 419N User s Guide Chapter 2 Connection Wizard 2 3 2 Connection Type Static IP Choose Static IP as the Internet Connection Type if your ISP assigned an IP address for your Internet connection Click Next Figure 7 Internet Connection Type Static IP 1 Internet Connection Type Static IP P e refer to the informat ided by your Internet Service Provide IP Address Subnet Mask Default Gateway Primary DNS Secondary DNS The following table describes the labels in this screen Table 3 Internet Connection Type Static IP LABEL DESCRIPTION Internet Connection Select the Static IP option Type IP Address Enter the IP address provided by your ISP Subnet Mask Enter the IP subnet mask in this field Default Gateway Enter the gateway IP address in this field Primary DNS DNS Domain Name System is for mapping a domain name to its corresponding IP address and vice versa The DNS server is extremely important because without it you must know the IP address of a computer before you can access it Th
6. 14 4 Advanced Screen This screen allows you to assign IP addresses on the LAN to specific individual computers based on their MAC addresses You can also use this screen to configure the DNS server information that the NBG 419N sends to the DHCP clients To change your NBG 419N s static DHCP settings click Network gt DHCP Server gt Advanced The following screen displays Figure 91 Network gt DHCP Server gt Advanced LAN Static DHCP Table HH ce 74 C OO t MN DHS Server First DNS Server Second DNS Server DNS Servers Assigned by DHCP Server MAC Address IP Address DNS Relay p 0 0 0 None p 0 0 0 Apply Reset NBG 419N User s Guide Chapter 14 DHCP Server The following table describes the labels in this screen Table 56 Network gt DHCP Server gt Advanced LABEL DESCRIPTION LAN Static DHCP Table DHCP Server This is the index number of the static IP table entry row MAC Address Type the MAC address with colons of a computer on your LAN IP Address Type the LAN IP address of a computer on your LAN DNS Server DNS Servers The NBG 419N passes a DNS Domain Name System server IP Assigned by address in the order you specify here to the DHCP clients The NBG 419N only passes this information to the LAN DHCP clients when you select the Enable DHCP Server check box When you clear the Enable DHCP Server check box DHCP ser
7. Apply Click Apply to save the settings Add Firewall Rule Service Name Enter a name that identifies or describes the firewall rule MAC Address Enter the MAC address of the computer for which the firewall rule applies 164 NBG 419N User s Guide Chapter 19 Firewall Table 64 Security gt Firewall gt Services LABEL DESCRIPTION Dest IP Address Enter the IP address of the computer to which traffic for the application or service is entering The NBG 419N applies the firewall rule to traffic initiating from this computer Source IP Enter the IP address of the computer that initializes traffic for the Address application or service The NBG 419N applies the firewall rule to traffic initiating from this computer Protocol Select the protocol TCP UDP ICMP or None used to transport the packets for which you want to apply the firewall rule Dest Port Range Enter the port number range of the destination that define the traffic type for example TCP port 80 defines web traffic Source Port Range Enter the port number range of the source that define the traffic type for example TCP port 80 defines web traffic Add Rule Click Add to save the firewall rule Firewall Rule This is your firewall rule number The ordering of your rules is important as rules are applied in turn Service Name This is a name that identifies or describes the fi
8. Day Select Everyday or the specific days to turn the Wireless LAN on or off If you select Everyday you can not select any specific days This field works in conjunction with the Except for the following times field NBG 419N User s Guide Chapter 6 Easy Mode Table 19 Power Saving LABEL DESCRIPTION For the Select a begin time using the first set of hour and minute min drop following times down boxes and select an end time using the second set of hour and 24 Hour minute min drop down boxes If you have chosen On earlier for the Format WLAN Status the Wireless LAN will turn on between the two times you enter in these fields If you have chosen Off earlier for the WLAN Status the Wireless LAN will turn off between the two times you enter in these fields In this time format midnight is 00 00 and progresses up to 24 00 For example 6 00 PM is 18 00 Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh 6 6 3 Content Filter Use this screen to restrict access to certain websites based on keywords contained in URLs to which you do not want users in your network to open Figure 33 Content Filter Q Content Filter X Any URLs that contains any of the following keywords will be blocked and cannot be browsed Add Key Word Add Delete I Example 1 Example2 Example3 The following table
9. The following table describes the labels in this screen Table 50 Network gt WAN gt Internet Connection L2TP Encapsulation LABEL DESCRIPTION ISP Parameters for Internet Access Connection Type To configure a L2TP client you must configure the User Name and Password fields for a layer 2 connection and the L2TP parameters for an L2TP connection User Name Type the user name given to you by your ISP Password Type the password associated with the User Name above Retype to Confirm Type your password again to make sure that you have entered is correctly L2TP Configuration Server IP Address Type the IP address of the L2TP server Get automatically from ISP Select this option If your ISP did not assign you a fixed IP address This is the default selection NBG 419N User s Guide Chapter 12 WAN Table 50 Network gt WAN gt Internet Connection L2TP Encapsulation LABEL DESCRIPTION Use Fixed IP Select this option If the ISP assigned a fixed IP address Address IP Address Enter your WAN IP address in this field if you selected Use Fixed IP Address IP Subnet Mask Your NBG 419N will automatically calculate the subnet mask based on the IP address that you assign Unless you are implementing subnetting use the subnet mask computed by the NBG 419N Gateway IP Enter a Gateway IP Address if your ISP gave you one in this Address fi
10. 4 If this does not work you have to reset the device to its factory defaults See Section 31 4 on page 221 31 3 Internet Access cannot access the Internet 1 Check the hardware connections and make sure the LEDs are behaving as expected See the Quick Start Guide 2 Make sure you entered your ISP account information correctly in the wizard These fields are case sensitive so make sure Caps Lock is not on 3 If you are trying to access the Internet wirelessly make sure the wireless settings in the wireless client are the same as the settings in the AP e Go to Network gt Wireless LAN gt General gt WDS and check if the NBG 419N is set to bridge mode Select Disable and try to connect to the Internet again 4 Disconnect all the cables from your device and follow the directions in the Quick Start Guide again 5 Goto Maintenance gt Sys OP Mode gt General Check your System Operation Mode setting e Select Router if your device routes traffic between a local network and another network such as the Internet e Select Access Point if your device bridges traffic between clients on the same network 6 If the problem continues contact your ISP cannot access the Internet anymore had access to the Internet with the NBG 419N but my Internet connection is not available anymore NBG 419N User s Guide Chapter 31 Troubleshooting 1 Check the hardware connections and make sure the LEDs a
11. By implementing PPPoE directly on the NBG 419N rather than individual computers the computers on the LAN do not need PPPoE software installed since the NBG 419N does that part of the task Furthermore with NAT all of the LANs computers will have access NBG 419N User s Guide Chapter 12 WAN This screen displays when you select PPPoE encapsulation Figure 81 Network gt WAN gt Internet Connection PPPoE Encapsulation Internet Connection Advanced IGMP Snooping ISP Parameters for Internet Access Encapsulation PPP over Ethernet v User Name poe user Password freee Retype to Confirm pes MTU Size fhas IV Nailed Up Connection Idle Timeout sec fico in seconds WAH IP Address Assignment Get automatically from ISP CUse Fixed IP Address My WAN IP Address oo 0 0 WAH DHS Assignment First DNS Server From ISP m fi 0 0 0 Second DNS Server FromiSP fi 0 0 0 iv WAH MAC Address Cr actory default C Clone the computer s MAC address IP Address 1921681 33 C Set WAN MAC Address D5 00 00 00 00 00 Apply Reset The following table describes the labels in this screen Table 48 Network gt WAN gt Internet Connection PPPoE Encapsulation LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation Select PPP over Ethernet if you connect to your Internet via dial up User Name Type the user nam
12. If you do not assign a Default Server IP address the NBG 419N discards all packets received for ports that are not specified in the Application screen or remote management NBG 419N User s Guide Chapter 15 Network Address Translation NAT Table 57 Network gt NAT gt General LABEL DESCRIPTION Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh 15 4 NAT Application Screen Use the Application screen to forward incoming service requests to the server s on your local network You may enter a single port number or a range of port numbers to be forwarded and the local IP address of the desired server The port number identifies a service for example web service is on port 80 and FTP on port 21 In some cases such as for unknown services or where one server can support more than one service for example both FTP and web service it might be better to specify a range of port numbers In addition to the servers for specified services NAT supports a default server A service request that does not have a server explicitly designated for it is forwarded to the default server If the default is not defined the service request is simply discarded Note Many residential broadband ISP accounts do not allow you to run any server processes such as a Web or FTP server from your location Your ISP may periodically check for servers
13. General Security Privacy Content Connections Programs Advanced Settings Move the slider to select a privacy setting for the Intemet zone Medium Blocks third party cookies that do not have a compact privacy policy Blocks third party cookies that use personally identifiable CJ information without your implicit consent Restricts first party cookies that use personally identifiable information without implicit consent Pop up Blocker Prevent most pop up windows from appearing Block pop ups 3 Type the IP address of your device the web page that you do not want to have blocked with the prefix http For example http 192 168 167 1 NBG 419N User s Guide Appendix A Pop up Windows JavaScripts and Java Permissions 4 Click Add to move the IP address to the list of Allowed sites Figure 138 Pop up Blocker Settings Pop up Blocker Settings Exceptions Pop ups are currently blocked You can allow pop ups from specific Web sites by adding the site to the list below Address of Web site to allow http 192 168 1 1 Allowed sites Notifications and Filter Level Play a sound when a pop up is blocked Show Information Bar when a pop up is blocked Filter Level Medium Block most automatic pop ups Pop up Blocker FAQ 5 Click Close to return to the Privacy screen 6 Click Apply to save this setting JavaScripts If pages of the Web
14. MAC Address Status Name SSID Channel Operating Channel Security Mode 802 11 Mode WPS Interface Status Interface LAN WLAN e JAbout Easy Mode d Refresh Interval I None z Refresh Now System Status Data Item Data System Up Time Current Date Time System Resource CPU Usage Memory Usage NBG 419N V1 0D BFG D B6 03 31 2009 Access Point Mode 2 mins 43 secs 2000 01 01 00 03 41 7 00 0C 43 30 52 28 T396 192 168 1 2 255 255 255 0 0 0 0 0 System Setting Configuration Mode None Summary Packet Statistics Details WLAN Station Status Details Access Point Mode 00 0C 43 30 52 28 OFF ZyXEL Channel 06 2437 MHz Channel 05 2437MHz No Security 802 11b g n Confiqured The following table describes the labels shown in the Status screen Table 27 Status Screen Access Point Mode LABEL DESCRIPTION Logout Click this at any time to exit the Web Configurator Device Information Host Name This is the System Name you enter in the Maintenance General screen It is for identification purposes Firmware Version This is the firmware version and the date created Sys OP Mode This is the device mode Section 5 1 2 on page 49 to which the NBG 419N is set Access Point Mode LAN Information MAC Address This shows the LAN Ethernet adapter MAC Address of your device IP Address
15. NBG 419N User s Guide Chapter 11 Wireless LAN 11 5 MAC Filter The MAC filter screen allows you to configure the NBG 419N to give exclusive access to devices Allow or exclude devices from accessing the NBG 419N Deny Every Ethernet device has a unique MAC Media Access Control address The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters for example 00 A0 C5 00 00 02 You need to know the MAC address of the devices to configure this screen To change your NBG 419N s MAC filter settings click Network gt Wireless LAN gt MAC Filter The screen appears as shown Figure 71 Network gt Wireless LAN gt MAC Filter General i MAC Filter Access Policy Policy Disable gt Add a station Mac Address i i MAC Filter Summary Delete MAC Address Delete MAC Address Advanced QoS WPS WPS Station Scheduling WDS lal Apply Reset The following table describes the labels in this menu Table 40 Network gt Wireless LAN gt MAC Filter LABEL DESCRIPTION Access Policy Policy Define the filter action for the list of MAC addresses in the MAC Address table Select Allow to permit access to the NBG 419N MAC addresses not listed will be denied access to the NBG 419N Select Reject to block access to the NBG 419N MAC addresses not listed will be allowed to access the NBG 419N Adda station Mac Address Enter the MAC
16. NO HOSTS PER HOST BITS SUBNET MASK NO SUBNETS SUBNET 1 255 255 255 128 25 126 2 255 255 255 192 26 62 3 255 255 255 224 27 30 4 255 255 255 240 28 16 14 5 255 255 255 248 29 32 6 255 255 255 252 30 64 7 255 255 255 254 31 128 1 NBG 419N User s Guide Appendix B IP Addresses and Subnetting The following table is a summary for subnet planning on a network with a 16 bit network number Table 91 16 bit Network Number Subnet Planning HOST BITS SUBNET MASK SUBNETS SUBNET 1 255 255 128 0 17 2 32766 2 255 255 192 0 18 4 16382 3 255 255 224 0 19 8 8190 4 255 255 240 0 20 16 4094 5 255 255 248 0 21 32 2046 6 255 255 252 0 22 64 1022 7 255 255 254 0 23 128 510 8 255 255 255 0 24 256 254 9 255 255 255 128 25 512 126 10 255 255 255 192 26 1024 62 11 255 255 255 224 27 2048 30 12 255 255 255 240 28 4096 14 13 255 255 255 248 29 8192 6 14 255 255 255 252 30 16384 2 15 255 255 255 254 31 32768 1 Configuring IP Addresses Where you obtain your network number depends on your particular situation If the ISP or your network administrator assigns you a block of registered IP addresses follow their instructions in selecting the IP addresses and the subnet mask If the ISP did not explicitly give you an IP network number then most
17. Table 60 Network gt DDNS LABEL DESCRIPTION Enable Dynamic Select this check box to use dynamic DNS DNS Service Provider Select the name of your Dynamic DNS service provider Host Name Enter a host names in the field provided You can specify up to two host names in the field separated by a comma User Name Enter your user name Password Enter the password assigned to you Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh 152 NBG 419N User s Guide Static Route 17 1 Overview This chapter shows you how to configure static routes for your NBG 419N Each remote node specifies only the network to which the gateway is directly connected and the NBG 419N has no knowledge of the networks beyond For instance the NBG 419N knows about network N2 in the following figure through remote node Router 1 However the NBG 419N is unable to route a packet to network N3 because it doesn t know that there is a route through the same remote node Router 1 via gateway Router 2 The static routes are for you to tell the NBG 419N about the networks beyond the remote nodes Figure 98 Example of Static Routing Topology N2 N3 R1 E 5 R2 17 2 What You Can Do Use the IP Static Route screen Section 17 3 on page 154 to view add and delete routes NBG 419N User s Guide 153 Chapter 17 Static Route
18. Wireless Network Name SSID Security Game Powe Content m Bandwidth Y us s Wireless Engine 5 IK Fiter ofl MGMT Firewall Security OFF OFF OFF OFF ON 6 2 What You Can Do You can do the following in this mode Use this Navigation Panel Section 6 4 on page 53 to opt out of the Easy mode e Use the Network Map screen Section 6 5 on page 53 to check if your NBG 419N can ping the gateway and whether it is connected to the Internet e Use the Control Panel Section 6 6 on page 54 to configure and enable NBG 419N features including wireless security wireless scheduling and bandwidth management and so on e Use the Status Screen screen Section 6 7 on page 61 to view read only information about the NBG 419N including the WAN IP MAC Address of the NBG 419N and the firmware version 6 3 What You Need to Know Between the different device modes the Control Panel Section 6 6 on page 54 changes depending on which features are applicable to the mode e Router Mode All Control Panel features are available 52 NBG 419N User s Guide Chapter 6 Easy Mode e Access Point Mode Only Power Saving and Wireless Security are available e WISP Mode The available features for this mode are Game Console Content Filter Bandwidth MGMT and Firewall 6 4 Navigation Panel Use this navigation panel to opt out of the Easy mode Figure 28 Control Panel rc Oan The following table describes
19. 192 168 1 2 If you change the IP address you will have to log in again with the new IP address IP Subnet The subnet mask specifies the network number portion of an IP address Mask Your NBG 419N will automatically calculate the subnet mask based on the IP address that you assign Unless you are implementing subnetting use the subnet mask computed by the NBG 419N Gateway IP Enter a Gateway IP Address if your ISP or network administrator gave Address you one in this field DNS Assignment NBG 419N User s Guide Chapter 8 Access Point Mode LABEL DESCRIPTION First DNS Select From ISP if your ISP dynamically assigns DNS server information Server and the NBG 419N s WAN IP address The field to the right displays the read only DNS server IP address that the ISP assigns Second DNS Server Select User Defined if you have the IP address of a DNS server Enter the DNS server s IP address in the field to the right If you chose User Defined but leave the IP address set to 0 0 0 0 User Defined changes to None after you click Apply If you set a second choice to User Defined and enter the same IP address the second User Defined changes to None after you click Apply Select None if you do not want to configure DNS servers If you do not configure a DNS server you must know the IP address of a computer in order to access it Apply Click Apply to save your changes to the NBG 419N Reset Clic
20. Any waiver or modification of this License Agreement shall only be effective if it is in writing and signed by both parties hereto If any part of this License Agreement is found invalid or unenforceable by a court of competent jurisdiction the remainder of this License Agreement shall be interpreted so as to reasonably effect the intention of the parties Note NOTE Some components of the Vantage CNM 2 3 incorporate source code covered under the Apache License GPL License LGPL License Sun License and Castor License To obtain the source code covered under those Licenses please check ftp opensource zyxel com to get it NBG 419N User s Guide Index A Activex 169 Address Assignment 120 Alert 199 alternative subnet mask notation 244 AP 21 AP Access Point 271 AP Mode menu 76 status screen 74 81 AP Bridge 21 Auto bridge 132 133 B Bandwidth management overview 173 priority 176 services 181 BitTorrent 181 Bridge Repeater 21 bridged APs security 102 BSS 269 C CA 276 Certificate Authority 276 certifications 285 notices 286 viewing 287 Channel 65 75 271 Interference 271 channel 100 Configuration restore 208 Index content filtering 167 by keyword in URL 168 by web feature 167 Cookies 169 copyright 285 CPU usage 66 75 83 CTS Clear to Send 272 D Daylight saving 202 DDNS 151 see also Dynamic DNS service providers 152 DHCP 44 139 DHCP server see also Dynamic Host Co
21. Four Subnets The previous example illustrated using a 25 bit subnet mask to divide a 24 bit address into two subnets Similarly to divide a 24 bit address into four subnets you need to borrow two host ID bits to give four possible combinations 00 01 10 and 11 The subnet mask is 26 bits 11111111 11111111 11111111 11000000 or 255 255 255 192 NBG 419N User s Guide Appendix B IP Addresses and Subnetting Each subnet contains 6 host ID bits giving 29 2 or 62 hosts for each subnet a host ID of all zeroes is the subnet itself all ones is the subnet s broadcast address Table 85 Subnet 1 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address Decimal 192 168 1 0 IP Address Binary 11000000 10101000 00000001 00000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address Lowest Host ID 192 168 1 1 192 168 1 0 Broadcast Address Highest Host ID 192 168 1 62 192 168 1 63 Table 86 Subnet 2 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 64 IP Address Binary 11000000 10101000 00000001 01000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address Lowest Host ID 192 168 1 65 192 168 1 64 Broadcast Address Highest Host ID 192 168 1 126 192 168 1 127 Table 87 Subnet 3 IPISUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE
22. Settings Services Selec the services iunning on pour ralak that Intemel user can ooa Dakta OK _ Corc Figure 116 Internet Connection Properties Advanced Settings Add Service Settings Description of service Test Name or IP address for example 192 158 0 12 of the computer hosting this service on your network 192 168 1 11 External Port number for this service 143 TCP C UDP Internal Port number for this service 143 Cancel NBG 419N User s Guide Chapter 23 Universal Plug and Play UPnP Note When the UPnP enabled device is disconnected from your computer all port mappings will be deleted automatically 5 Select Show icon in notification area when connected option and click OK An icon displays in the system tray Figure 117 System Tray Icon i Internet Connection is now connected Click here For more information 6 Double click on the icon to display your current Internet connection status Figure 118 Internet Connection Status Y Internet Connection Status General Internet Gateway Status Connected Duration 00 00 56 Speed 100 0 Mbps Activity Internet Internet Gateway My Computer a amp 39 Packets Sent 8 618 Received 5 943 746 Close 23 5 2 Web Configurator Easy Access With UPnP you can access the web based configurator on the NBG 419N without finding out the IP address of the NBG 419N first This comes helpful if
23. Wide Area Network connection is an outside connection to another network or the Internet It connects your private networks such as a LAN Local Area Network and other networks so that a computer in one location can communicate with computers in other locations Figure 78 LAN and WAN LAN WAN 12 2 What You Can Do e Use the Internet Connection screen Section 12 4 on page 122 to enter your ISP information and set how the computer acquires its IP DNS and WAN MAC addresses e Use the Advanced screen Section 12 5 on page 132 to enable multicasting configure Windows networking and bridge e Use IGMP Snooping screen Section 12 6 on page 132 to enable IGMP snooping in the LAN ports NBG 419N User s Guide Chapter 12 WAN 12 3 What You Need To Know 12 3 1 The information in this section can help you configure the screens for your WAN connection as well as enable disable some advanced features of your NBG 419N Configuring Your Internet Connection Encapsulation Method Encapsulation is used to include data from an upper layer protocol into a lower layer protocol To set up a WAN connection to the Internet you need to use the same encapsulation method used by your ISP Internet Service Provider If your ISP offers a dial up Internet connection using PPPoE PPP over Ethernet or PPTP Point to Point Tunneling Protocol they should also provide a username and password and service name for user authenticati
24. attacks The NBG 419N blocks repetitive pings from the WAN that can otherwise cause systems to slow down or hang Figure 35 Firewall 9 Firewall X praning Firewall protects your computers against malicious attacks from the nternet Click OK to close this screen NBG 419N User s Guide Chapter 6 Easy Mode 6 6 6 Wireless Security Use this screen to configure security for your the Wireless LAN You can enter the SSID and select the wireless security mode in the following screen Note You can enable the Wireless function of your NBG 419N by first turning on the switch in the back panel Figure 36 Wireless Security e Wireless Security A Data transmitted wirelessly without encryption is not safe Guard your wireless network with a security mode and the password you setup And then you can use WPS to connect your computers to your wireless network with just one single click Wireless Network Name SSID NBG 419N Security mode WPA2 PSK gt 5 Wireless password WPS Verify password AES Cancer The following table describes the general wireless LAN labels in this screen Table 21 Wireless Security LABEL DESCRIPTION Wireless Service Set IDentity The SSID identifies the Service Set with which a Network wireless station is associated Wireless stations associating to the access Name SSID point AP must have the same SSID Enter a descriptive name up to 3
25. e If you have a dynamic IP address enter dhcp in the BOOTPROTO field The following figure shows an example Figure 164 Red Hat 9 0 Dynamic IP Address Setting in ifconfig ethO EVICE eth0 NBOOT yes OOT PROTO dhcp SERCTL no EERDNS yes TYPE Ethernet ucGaUuoog NBG 419N User s Guide Appendix C Setting up Your Computer s IP Address e If you have a static IP address enter static in the BOOTPROTO field Type IPADDR followed by the IP address in dotted decimal notation and type NETMASK followed by the subnet mask The following example shows an example where the static IP address is 192 168 1 10 and the subnet mask is 255 255 255 0 Figure 165 Red Hat 9 0 Static IP Address Setting in ifconfig ethO DEVICE eth0 ONBOOT yes BOOTPROTO static IPADDR 192 168 1 10 NETMASK 255 255 255 0 USERCTL no PEERDNS yes TYPE Ethernet If you know your DNS server IP address es enter the DNS server information in the resolv conf file in the etc directory The following figure shows an example where two DNS server IP addresses are specified Figure 166 Red Hat 9 0 DNS Settings in resolv conf nameserver 172 23 5 1 nameserver 172 23 5 2 After you edit and save the configuration files you must restart the network card Enter network restart in the etc rc d init d directory The following figure shows an example Fig
26. min C on om Sun oo thou 00 mim o0 ihour oo imin B Hote Specify the same begin time and end time means the whole day schedule General MAC Filter Advanced QoS wPs WPS Station Scheduling wos i Wireless LAH Scheduling Apply Reset NBG 419N User s Guide Chapter 11 Wireless LAN The following table describes the labels in this screen Table 45 Network gt Wireless LAN gt Scheduling LABEL DESCRIPTION Wireless LAN Scheduling Enable Wireless LAN Scheduling Select this to enable Wireless LAN scheduling Scheduling WLAN Status Select On or Off to specify whether the Wireless LAN is turned on or off This field works in conjunction with the Day and Except for the following times fields Day Select Everyday or the specific days to turn the Wireless LAN on or off If you select Everyday you can not select any specific days This field works in conjunction with the Except for the following times field For the Select a begin time using the first set of hour and minute min drop following times down boxes and select an end time using the second set of hour and 24 Hour minute min drop down boxes If you have chosen On earlier for the Format WLAN Status the Wireless LAN will turn on between the two times you enter in these fields If you have chosen Off earlier for the WLAN Status the Wireless LAN will turn off between the two
27. reachable POP3 TCP 110 Post Office Protocol version 3 lets a client computer get e mail from a POP3 server through a temporary connection TCP IP or other NBG 419N User s Guide Appendix E Common Services Table 95 Commonly Used Services continued NAME PROTOCOL PORT S DESCRIPTION PPTP TCP 1723 Point to Point Tunneling Protocol enables secure transfer of data over public networks This is the control channel PPTP_TUNNEL User Defined 47 PPTP Point to Point Tunneling GRE Protocol enables secure transfer of data over public networks This is the data channel RCMD TCP 512 Remote Command Service REAL_AUDIO TCP 7070 A streaming audio service that enables real time sound over the web REXEC TCP 514 Remote Execution Daemon RLOGIN TCP 513 Remote Login RTELNET TCP 107 Remote Telnet RTSP TCP UDP 554 The Real Time Streaming media control Protocol RTSP is a remote control for multimedia on the Internet SFTP TCP 115 Simple File Transfer Protocol SMTP TCP 25 Simple Mail Transfer Protocol is the message exchange standard for the Internet SMTP enables you to move messages from one e mail server to another SNMP TCP UDP 161 Simple Network Management Program SNMP TRAPS TCP UDP 162 Traps for use with the SNMP RFC 1215 SQL NET TCP 1521 Structured Query Language is an interface to access data on many different types of database
28. s subnet mask Default Gateway This shows the WAN port s gateway IP address DHCP This shows the LAN port s DHCP role Client or Server LAN Information MAC Address This shows the LAN Ethernet adapter MAC Address of your device IP Address This shows the LAN port s IP address IP Subnet Mask This shows the LAN port s subnet mask DHCP This shows the LAN port s DHCP role Server or None WLAN Information WLAN OP Mode This is the device mode Section 5 1 2 on page 49 to which the NBG 419N s wireless LAN is set Access Point Mode MAC Address This shows the wireless adapter MAC Address of your device Status This shows the current status of the Wireless LAN ON or OFF Name SSID This shows a descriptive name used to identify the NBG 419N in the wireless LAN Connect Status This shows whether or not the NBG 419N has successfully associated with an access point Connected or Disassociated Security Mode This shows the level of wireless security the NBG 419N is using 802 11 Mode This shows the wireless standard System Status Item This column shows the type of data the NBG 419N is recording Data This column shows the actual data recorded by the NBG 419N System Up Time This is the total time the NBG 419N has been on Current Date Time This field displays your NBG 419N s present date and time System Resource NBG 419N User s Guide Chapter 9 WISP Mode Table 29 Status Screen
29. 00 43 30 52 77 Memory Usage EE IP Address 17223311 System Setting IP Subnet Mask 255 255 255 0 Firewall Enabled Default Gateway 172 23 31 254 Bandwidth Management Disabled DHCP Client UPnP Enabled LAN Information Configuration Mode Expert MAC Address 00 0C 43 30 52 28 IP Address 192 168 1 1 IP Subnet Mask 255 255 255 0 Summary HCP Sone BW MGMT Monitor Details WLAN Information DHCP Table Details WLAN OP Mode Access Point Mode Packet Statistics Details MAC Address 00 0 43 30 52 28 WLAN Station Status Details Status ON Name SSID SSID_Example3 Channel Channel 06 2437MHz Operating Channel Channel 06 2437MHz Security Mode WPA PSK 802 11 Mode 302 11b gin Configured Interface Configure Your Notebook Note We use the ZyXEL M 302 wireless adapter utility screens as an example for the wireless client The screens may vary for different models The NBG 419N supports IEEE 802 11b IEEE 802 11g and IEEE 802 11n wireless clients Make sure that your notebook or computer s wireless adapter supports one of these standards Wireless adapters come with software sometimes called a utility that you install on your computer See your wireless adapter s User s Guide for information on how to do that After you ve installed the utility open it If you cannot see your utility s icon on your screen go to Start Programs and click on your utility in the li
30. 1 on page 90 Click this to start WPS aware wireless station scanning and the wireless security information synchronization Or input station s PIN number Use this button when you use the PIN Configuration method to configure wireless station s wireless settings See Section 10 3 2 on page 91 Type the same PIN number generated in the wireless station s utility Then click Start to associate to each other and perform the wireless security information synchronization 11 10 Scheduling Screen Use this screen to set the times your wireless LAN is turned on and off Wireless LAN scheduling is disabled by default The wireless LAN can be scheduled to turn on or off on certain days and at certain times To open this screen click Network gt Wireless LAN gt Scheduling tab Figure 76 Network gt Wireless LAN gt Scheduling Enable Wireless LAN Scheduling Scheduling WLAN status Day Forthe following times 24 Hour Format C on off M Everyday o0 hour o0 mir oo chou oo mim C on off T Mon o0 hour o0 mir oo houn oo min C on off I Tue oo hour oo mir oo inoun oo mim C on off Wed oo thou o0 mim 00 inour oo mir C on off T Thu foo hour 00 mir oo choun oo min C on off Fri oo thou oo mim o0 ihour oo mir C on off Sat foo oun o0 mir oo houn oo
31. 12 4 5 cMcizice e lis a 126 TELA LZ TP Bia Sulatiow oiana a EYES Ernie eR p ka ede 129 12 5 Advanced WAN SGE iuciciio aic e SEE REAPER ED UEQN KR PHP ERR PARERE UN e QU NEP ERR aT 132 12 6 IGMP Snooping SCEE M 132 Chapter 13 Eo MT TU TT TONO 135 e FN os th cer rmm 135 Me S oigo LUC WN ECT 135 13 9 What You Need TO KNOW csi sities stay dq Rede cr aera ea e nd d o i i 136 100 cocco m 136 DoE PIN OP UIP PTT m 136 13533 dE PMS aiu otocsex t iratos sca DR ba tau aa uui eiu EUR PLU a RA EN MH Lies Cnt rbi rM Ca uie 137 TIA LAN IP Sascha va err er Fieber uito TR D MEI P nM e E TH mH npe TR Ia ED 137 USP PS 12 P 138 Chapter 14 DHCP S EINE e iatis ac anie y E OCEAN SEDE QU cua EUER I Flag E ES 139 NBG 419N User s Guide Table of Contents DE NT 139 NA EV ER CETERI ER ER 139 14 3 General SCIEN sranda ainar oto hA t e afar obs bet obbuldda cad fup e A adit Cube 139 THA Advance od SUIS uiua t od i act pe Va ave d a Tot PR EL s i EE e eb deo tod p add 140 Chapter 15 Network Address Translation NAT eee eeeeeeueecueeeueeeen nnne 143 T OVON ON MO TRU UTER e I DRT 143 15 2 Vat TOU C AIEO oai e peru o or bet o c Coe i o bia ar oe dodo bun 144 15 3 General INL eI ii esd poii ebd ciudad Sida dit cepa det en ces Lo p A a MON dram de 144 15 4 NAT SS e besr lM 145 15 9 NAT Adusiced D
32. 15 Summary Packet Statistics LABEL DESCRIPTION Port This is the NBG 419N s port type Status For the LAN ports this displays the port speed and duplex setting or Down when the line is disconnected For the WAN port it displays the port speed and duplex setting if you re using Ethernet encapsulation and Idle line ppp idle Dial starting to trigger a call and Drop dropping a call if you re using PPPoE or PPTP encapsulation This field displays Down when the line is disconnected For the WLAN it displays the maximum transmission rate when the WLAN is enabled and Down when the WLAN is disabled TxPkts This is the number of transmitted packets on this port RxPkts This is the number of received packets on this port Collisions This is the number of collisions on this port Tx B s This displays the transmission speed in bytes per second on this port Rx B s This displays the reception speed in bytes per second on this port Up Time This is the total time the NBG 419N has been for each session System Up Time This is the total time the NBG 419N has been on Poll Interval s Enter the time interval in seconds for refreshing statistics in this field Set Interval Click this button to apply the new poll interval you entered in the Poll Interval s field Stop Click Stop to stop refreshing statistics 4 6 WLAN Station Status Click the WLAN Station Status Details hyperlink in the
33. 4 Select one WEP key as an active key to encrypt wireless data transmission C Key 1 C key 2 Ckey 3 CKey 4 General MAC Filter Advanced QoS WPS WPS Station Scheduling wos JE Channel 06 2437MHz O Auto Channel Selection Channel 06 2437MHz Generate B4 bits Y C asc Hex m Apply Reset The following table describes the wireless LAN security labels in this screen Table 38 Network gt Wireless LAN gt General Static WEP LABEL DESCRIPTION Security Select Static WEP to enable data encryption Mode PassPhrase Enter a Passphrase up to 26 printable characters and click Generate A passphrase functions like a password In WEP security mode it is further converted by the NBG 419N into a complicated string that is referred to as the key This key is requested from all devices wishing to connect to a wireless network WEP Select 64 bit WEP or 128 bit WEP Encryption mE i This dictates the length of the security key that the network is going to use NBG 419N User s Guide Chapter 11 Wireless LAN Table 38 Network gt Wireless LAN gt General Static WEP LABEL DESCRIPTION Authenticatio n Method Select Auto or Shared Key from the drop down list box This field specifies whether the wireless clients have to provide the WEP key to login to the wireless client Keep this setting at Auto unles
34. 419N User s Guide Table of Contents 202 iir Mb T 211 29 3 Rosey ERIE ADEM T 211 Chapter 30 Sys OF o OO s 213 SOT QVENIEW 213 SU Rap I imo TEE TER C NE Up EST 213 cures Regis eec 213 id mos LB MD SUB asdocadtexniaecedutzannti dud en tid A 215 Chapter 31 Ele n e RETI TI D TO A ais 217 31 1 Power Hardware Connections and LEDS sseseessseeenn 217 ole reap erc eame 218 SIS mene tt We C TU RM 220 31 4 Resetting the NBG 419N to Its Factory Defaults eese nenas 221 31 5 Wireless Router AP Troubleshooting rrr eb hin i hn d t het t in de d 222 Chapter 32 Chapter 32 Product Specifications ssessssssssssssssessseeeeeeeenn nennen nennen 225 32 1 Wal mounting NESTS ausi aseckktitu ela E ERAN ed Ee Pha bua E Erb nba EE REA ek Ea aae EA EIE EREE 228 Part VI Appendices and Index esses 231 Appendix A Pop up Windows JavaScripts and Java Permissions sssss 233 Appendix B IP Addresses and Subnetting ccccccccccccccceccceeccecceecceeccecccecececeeeseeeeseeseness 241 Appendix C Setting up Your Computer s IP Address ccccccccccceccceceececeeeeeeeeeeeeeeeeeeeeess 251 Natl WVU ME i nns aN 268 Appendik
35. APs It is independent of the security between the wired networks and their respective APs If you do not enable WDS security traffic between APs is not encrypted When WDS security is enabled both APs must use the same pre shared key NBG 419N User s Guide Chapter 11 Wireless LAN 11 4 General Wireless LAN Screen Use this screen to enable the Wireless LAN enter the SSID and select the wireless security mode Note If you are configuring the NBG 419N from a computer connected to the wireless LAN and you change the NBG 419N s SSID channel or security settings you will lose your wireless connection when you press Apply to confirm You must then change the wireless settings of your computer to match the NBG 419N s new settings Click Network gt Wireless LAN to open the General screen Figure 67 Network gt Wireless LAN gt General General MAC Filter Advanced QoS WPS WPS Station Scheduling WDS Wireless Setup Wireless LAN ON Network Name SSID T Hide SSID Channel Selection Channel 06 2437MHz v Auto Channel Selection Operating Channel Channel 06 2437MHz Security Security Mode No Security L Hote WPA PSK and WPA2 PSK can be configured when WPS enabled Apply Reset The following table describes the general wireless LAN labels in this screen Table 36 Network gt Wireless LAN gt General LABEL DESCRIPTION Wireless Setup Wireless LAN This is tu
36. All measurements are in millimeters mm Figure 134 Masonry Plug and M4 Tap Screw 4 22 0 1 6 0 1 0 e 01 2 16 30 0 2 0 30 0 2 0 A cal NBG 419N User s Guide Chapter 32 Product Specifications NBG 419N User s Guide ART Appendices and Index Pop up Windows JavaScripts and Java Permissions 233 IP Addresses and Subnetting 241 Setting up Your Computer s IP Address 251 Wireless LANs 269 Common Services 281 Legal Information 285 Index 293 Pop up Windows JavaScripts and Java Permissions In order to use the Web Configurator you need to allow e Web browser pop up windows from your device e JavaScripts enabled by default e Java permissions enabled by default Note Internet Explorer 6 screens are used here Screens for other Internet Explorer versions may vary Internet Explorer Pop up Blockers You may have to disable pop up blocking to log into your device Either disable pop up blocking enabled by default in Windows XP SP Service Pack 2 or allow pop up blocking and create an exception for your device s IP address Disable pop up Blockers 1 In Internet Explorer select Tools Pop up Blocker and then select Turn Off Pop up Blocker Figure 135 Pop up Blocker Mail and News Pop up Blocker Manage Add ons Synchronize Windows Update Windows Messenger Internet Options You can also check if pop up blocking is dis
37. BW MGMT Use this screen to view the amount of network bandwidth that applications running in the network are using DHCP Table Use this screen to view current DHCP client information NBG 419N User s Guide Chapter 7 Router Mode Table 26 Navigation Panel Router Mode LINK TAB FUNCTION Packet Use this screen to view port status and packet specific Statistics statistics WLAN Station Use this screen to view the wireless stations that are Status currently associated to the NBG 419N CONFIGURATION Network Wireless General Use this screen to configure wireless LAN LAN MAC Filter Use the MAC filter screen to configure the NBG 419N to block access to devices or block the devices from accessing the NBG 419N Advanced This screen allows you to configure advanced wireless settings Qos Use this screen to configure Wi Fi Multimedia Quality of Service WMM QoS WMM QoS allows you to prioritize wireless traffic according to the delivery requirements of individual services WPS Use this screen to configure WPS WPS Use this screen to add a wireless station using WPS Station Scheduling Use this screen to schedule the times the Wireless LAN is enabled WDS Use this screen to set up Wireless Distribution System WDS on your NBG 419N WAN Internet This screen allows you to configure ISP parameters WAN Connection IP address assignment DNS serv
38. F for each Key 1 4 Select one WEP key as an active key to encrypt wireless data transmission Casci CHEX G key1 tM C Key 2 L 1 c Key 3 1 c Key 4 I Apply Reset The following table describes the labels in this screen Table 32 WEP WISP LABEL DESCRIPTION Wireless Setup Network Enter the name of the access point to which you are connecting Name SSID Security NBG 419N User s Guide Chapter 9 WISP Mode Table 32 WEP WISP LABEL DESCRIPTION Security Select Static WEP to enable data encryption Mode PassPhrase Enter a Passphrase up to 26 printable characters and click Generate A passphrase functions like a password In WEP security mode it is further converted by the NBG 419N into a complicated string that is referred to as the key This key is requested from all devices wishing to connect to a wireless network WEP Select 64 bit WEP or 128 bit WEP Encryption This dictates the length of the security key that the network is going to use Authenticatio n Method Select Auto or Shared Key from the drop down list box This field specifies whether the wireless clients have to provide the WEP key to login to the wireless client Keep this setting at Auto unless you want to force a key verification before communication between the wireless client and the ZyXEL Device occurs Select Shared Key to force the clients to provide the W
39. Finger is a UNIX or Internet related command that can be used to find out if a user is logged on FTP TCP 20 File Transfer Program a program to enable fast transfer of files including TCP 21 large files that may not be possible by e mail H 323 TCP 1720 NetMeeting uses this protocol HTTP TCP 80 Hyper Text Transfer Protocol a client server protocol for the world wide web HTTPS TCP 443 HTTPS is a secured http session often used in e commerce ICMP User Defined 1 Internet Control Message Protocol is often used for diagnostic or routing purposes ICQ UDP 4000 This is a popular Internet chat program IGMP User Defined 2 Internet Group Management Protocol MULTICAST is used when sending packets to a specific group of hosts IKE UDP 500 The Internet Key Exchange algorithm is used for key distribution and management IRC TCP UDP 6667 This is another popular Internet chat program MSN Messenger TCP 1863 Microsoft Networks messenger service uses this protocol NEW ICQ TCP 5190 An Internet chat program NEWS TCP 144 A protocol for news groups NFS UDP 2049 Network File System NFS is a client server distributed file service that provides transparent file sharing for network environments NNTP TCP 119 Network News Transport Protocol is the delivery mechanism for the USENET newsgroup service PING User Defined 1 Packet INternet Groper is a protocol that sends out ICMP echo requests to test whether or not a remote host is
40. IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address Lowest Host ID 192 168 1 129 192 168 1 128 Broadcast Address Highest Host ID 192 168 1 190 192 168 1 191 Table 88 Subnet 4 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 192 IP Address Binary 11000000 10101000 00000001 11000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 NBG 419N User s Guide 247 Appendix B IP Addresses and Subnetting Table 88 Subnet 4 continued IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE Subnet Address 192 168 1 192 Lowest Host ID 192 168 1 193 Broadcast Address 192 168 1 255 Highest Host ID 192 168 1 254 Example Eight Subnets Similarly use a 27 bit mask to create eight subnets 000 001 010 011 100 101 110 and 111 The following table shows IP address last octet values for each subnet Table 89 Eight Subnets suser SUBNET nmsranoness LAST egg BROABESST 1 0 1 30 31 2 32 33 62 63 3 64 65 94 95 4 96 97 126 127 5 128 129 158 159 6 160 161 190 191 7 192 193 222 223 8 224 225 254 255 Subnet Planning The following table is a summary for subnet planning on a network with a 24 bit network number Table 90 24 bit Network Number Subnet Planning NO BORROWED
41. IP or VoIP Session Initiated Protocol SIP is an internationally recognized standard for implementing VoIP SIP is an application layer control signaling protocol that handles the setting up altering and tearing down of voice and multimedia sessions over the Internet SIP is transported primarily over UDP but can also be transported over TCP BitTorrent BitTorrent is a free P2P peer to peer sharing tool allowing you to distribute large software and media files BitTorrent requires you to search for a file with a searching engine yourself It distributes files by corporation and trading that is the client downloads the file in small pieces and share the pieces with other peers to get other half of the file Gaming Online gaming services lets you play multiplayer games on the Internet via broadband technology As of this writing your NBG 419N supports Xbox Playstation Battlenet and MSN Game Zone NBG 419N User s Guide Chapter 21 Bandwidth Management NBG 419N User s Guide Remote Management 22 1 Overview This chapter provides information on the Remote Management screens Remote Management allows you to manage your NBG 419N from a remote location through the following interfaces e LAN and WAN e LAN only e WAN only Note The NBG 419N is managed using the Web Configurator 22 2 What You Can Do Use the WWW screen Section 22 4 on page 184 to define the interface s from which the NB
42. LAN Figure 105 Bandwidth Management Example gt VOIP gt FTP gt HTTP gt Chat Email v You can allocate specific amounts of bandwidth capacity bandwidth budgets to individual applications like VoIP Web FTP and E mail for example 21 2 What You Can Do e Use the General screen Section 21 4 on page 174 to enable bandwidth management and assign bandwidth values NBG 419N User s Guide 173 Chapter 21 Bandwidth Management e Use the Advanced screen Section 21 5 on page 175 to configure bandwidth managements rule for the pre defined services and applications e Use the Monitor screen Section 21 6 on page 180 to view the amount of network bandwidth that applications running in the network are using 21 3 What You Need To Know The sum of the bandwidth allotments that apply to the WAN interface LAN to WAN WLAN to WAN must be less than or equal to the Upstream Bandwidth that you configure in the Bandwidth Management Advanced screen Section 21 5 on page 175 The sum of the bandwidth allotments that apply to the LAN interface WAN to LAN WAN to WLAN must be less than or equal to the Downstream Bandwidth that you configure in the Bandwidth Management Advanced screen Section 21 5 on page 175 21 4 General Screen 174 Use this screen to have the NBG 419N apply bandwidth management Click Management gt Bandwidth MGMT to open the bandwidth management General screen Figure 106 Manage
43. MAC filter 109 managing the device good habits 22 using the web configurator See web configurator using the wireless switch NBG 419N User s Guide Index using the WPS See WPS MBSSID 21 Media access control 109 Memory usage 66 75 83 mode 21 Multicast 121 IGMP 121 N NAT 143 144 249 how it works 143 overview 143 see also Network Address Translation NAT Traversal 187 Navigation Panel 67 76 navigation panel 67 76 Network Address Translation 143 144 O Operating Channel 65 75 operating mode 21 P P2P 181 peer to peer 181 Point to Point Protocol over Ethernet 124 Point to Point Tunneling Protocol 126 Pool Size 140 Port forwarding 145 default server 145 local server 145 port speed 66 76 83 Power Specification 225 PPPOE 124 dial up connection PPTP 126 Preamble Mode 273 product registration 288 Q Quality of Service QoS 111 R RADIUS 274 Shared Secret Key 275 RADIUS Message Types 275 RADIUS Messages 275 registration product 288 related documentation 3 Remote management and NAT 184 limitations 183 system timeout 184 Reset button 41 Reset the device 41 Restore configuration 208 RF Radio Frequency 226 RIP 157 Roaming 110 RTS Request To Send 272 RTS Threshold 271 272 RTS CTS Threshold 100 110 S safety warnings 7 Scheduling 114 Security Parameters 280 Service and port numbers 165 180 Service Set 59 103 Service Set IDentification 59
44. NBG 419N as an access point AP if you already have a router or gateway on your network In this mode your NBG 419N bridges a wired network LAN and wireless LAN WLAN in the same subnet See the figure below for an example Figure 42 Wireless Internet Access in Access Point Mode WLAN LAN Many screens that are available in Router mode are not available in Access Point mode such as bandwidth management and firewall Note See Chapter 10 on page 89 for an example of setting up a wireless network in Access Point mode 8 2 What You Can Do e Use the Status screen Section 8 4 on page 74 to view read only information about your NBG 419N e Use the LAN screen Section 8 5 on page 76 to set the IP address for your NBG 419N acting as an access point NBG 419N User s Guide Chapter 8 Access Point Mode 8 3 What You Need to Know See Chapter 10 on page 89 for a tutorial on setting up a network with the NBG 419N as an access point 8 3 1 Setting your NBG 419N to AP Mode 2 Log into the Web Configurator if you haven t already See the Quick start Guide for instructions on how to do this To use your NBG 419N as an access point go to Maintenance gt Sys OP Mode General and select Access Point mode Figure 43 Changing to Access Point mode General System Operation Mode C Router Mode Access Point Mode WISP Mode Note Router In this mode the device is supported to connect to internet
45. OFF Name SSID This shows a descriptive name used to identify the NBG 419N in the wireless LAN Channel This shows the channel number which you select manually Operating Channel This shows the channel number which the NBG 419N is currently using Security Mode This shows the level of wireless security the NBG 419N is using NBG 419N User s Guide over the wireless LAN Chapter 7 Router Mode Table 25 Status Screen Router Mode LABEL DESCRIPTION 802 11 Mode This shows the wireless standard WPS This displays Configured when the WPS has been set up This displays Unconfigured if the WPS has not been set up Click the status to display Network gt Wireless LAN gt WPS screen System Status Item This column shows the type of data the NBG 419N is recording Data This column shows the actual data recorded by the NBG 419N System Up Time This is the total time the NBG 419N has been on Current Date Time This field displays your NBG 419N s present date and time System Resource CPU Usage This displays what percentage of the NBG 419N s processing ability is currently used When this percentage is close to 100 the NBG 419N is running at full load and the throughput is not going to improve anymore If you want some applications to have more throughput you should turn off other applications for example usi
46. PROFITS BUSINESS INTERRUPTION OR LOSS OF BUSINESS INFORMATION ARISING OUT OF THE USE OF OR INABILITY TO USE THE PROGRAM OR FOR ANY CLAIM BY ANY OTHER PARTY EVEN IF ZyXEL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES ZyXEL s AGGREGATE LIABILITY WITH RESPECT TO ITS OBLIGATIONS UNDER THIS AGREEMENT OR OTHERWISE WITH RESPECT TO THE SOFTWARE AND DOCUMENTATION OR OTHERWISE SHALL BE EQUAL TO THE PURCHASE PRICE BUT SHALL IN NO EVENT EXCEED THE PRODUCT S PRICE BECAUSE SOME STATES COUNTRIES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES THE ABOVE LIMITATION MAY NOT APPLY TO YOU 8 Export Restrictions THIS LICENSE AGREEMENT IS EXPRESSLY MADE SUBJECT TO ANY APPLICABLE LAWS REGULATIONS ORDERS OR OTHER RESTRICTIONS ON THE EXPORT OF THE SOFTWARE OR INFORMATION ABOUT SUCH SOFTWARE WHICH MAY BE IMPOSED FROM TIME TO TIME YOU SHALL NOT EXPORT THE SOFTWARE DOCUMENTATION OR INFORMATION ABOUT THE SOFTWARE AND DOCUMENTATION WITHOUT COMPLYING WITH SUCH LAWS REGULATIONS ORDERS OR OTHER RESTRICTIONS YOU AGREE TO INDEMNIFY ZyXEL AGAINST ALL CLAIMS LOSSES DAMAGES LIABILITIES COSTS AND EXPENSES INCLUDING REASONABLE ATTORNEYS FEES TO THE EXTENT SUCH CLAIMS ARISE OUT OF ANY BREACH OF THIS SECTION 8 9 Audit Rights ZyXEL SHALL HAVE THE RIGHT AT ITS OWN EXPENSE UPON REASONABLE PRIOR NOTICE TO PERIODICALLY INSPECT AND AUDIT YOUR RECORDS TO ENSURE YOUR COMPLIANCE WITH THE TERMS AND CONDITIONS OF
47. Protected If your wireless client Setup button of your requires the Router s PIN ireless wireless client and then Register number enter 31667609 Becurity click the button on the in it bottom Register the PIN number WPS of your wireless client Cone The following table describes the labels in this screen Table 22 Wireless Security WPS LABEL DESCRIPTION Wireless Security Click this to go back to the Wireless Security screen WPS Create a secure wireless network simply by pressing a button The NBG 419N scans for a WPS enabled device within the range and performs wireless security information synchronization Note After you click the WPS button on this screen you have to press a similar button in the wireless station utility within 2 minutes To add the second wireless station you have to press these buttons on both device and the wireless station again after the first 2 minutes Register Create a secure wireless network simply by entering a wireless client s PIN Personal Identification Number in the NBG 419N s interface and pushing this button Type the same PIN number generated in the wireless station s utility Then click Register to associate to each other and perform the wireless security information synchronization Exit Click Exit to close this screen NBG 419N User s Guide Chapter 6 Easy Mode 6 7 Status Screen in Easy Mode In the Network
48. SB EBT A o HIPAA E TREE a ede FSR ZR eS BIRHEN SC TASS ES BEE Bc Bae BS E Bc TE X ARBRE T EE UE e SE ELS SECTEUR RHET EAH e WWD TEMES gi ZeXS EH Notices Changes or modifications not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment NBG 419N User s Guide Appendix F Legal Information This device has been designed for the WLAN 2 4 GHz network throughout the EC region and Switzerland with restrictions in France This Class B digital apparatus complies with Canadian ICES 003 Cet appareil num rique de la classe B est conforme a la norme NMB 003 du Canada Industry Canada Statement This device complies with RSS 210 of the Industry Canada Rules Operation is subject to the following two conditions 1 this device may not cause interference and 2 this device must accept any interference including interference that may cause undesired operation of the device This device has been designed to operate with an antenna having a maximum gain of 2dBi Antenna having a higher gain is strictly prohibited per regulations of Industry Canada The required antenna impedance is 50 ohms To reduce potential radio interference to other users the antenna type and its gain should be so chosen that the EIRP is not more than required for successful communication IMPORTANT NOTE
49. Section 3 2 on page 37 1 Open the Wireless LAN General screen in the AP s Web Configurator 2 Make sure the Enable Wireless LAN check box is selected 3 Enter SSID Example3 as the SSID and select a channel 4 Set security mode to WPA PSK and enter ThisismyWPA PSKpre sharedkey in the Pre Shared Key field Click Apply Figure 60 Tutorial Network gt Wireless LAN gt General General Mac Filter T Advanced T QoS T wes WPS Station Scheduling wos P Wireless Setup Wireless LAN ON Network Name SSID SS Exampe3 T Hide SSID Channel Selection Channel 06 2437MHz v T Auto Channel Selection Operating Channel Channel 06 2437MHz Security Security Mode wra Psk z Pre Shared Key ThisismyWPA PSKpre sharedkey Group Key Update Timer 3600 seconds Apply Reset NBG 419N User s Guide Chapter 10 Tutorials 5 10 4 1 Open the Status screen Verify your wireless and wireless security settings under Device Information and check if the WLAN connection is up under Interface Status Figure 61 Tutorial Checking W ZyXEL NBG 419N i gJ Status C Retesh Interval None z Refresh Now ireless Settings Device Information System Status Item Data Item Data Host Name NBG 419N System Up Time 9 hours 4 mins 22 secs Firmware Version V1 00 BFO 0 B6 03 31 2009 Current Date Time 2009 04 06 17 12 37 Sys OP Mode Router Mode System Resource WAN Information CPU Usage MAC Address 00
50. Status screen View the wireless stations that are currently associated to the NBG 419N in the Association List Association means that a wireless client for example your network or computer with a wireless network card has connected successfully to the AP or wireless router using the same SSID channel and security settings Figure 24 Summary Wireless Association List Association List Association List MAC Address Association List Association Time Refresh NBG 419N User s Guide Chapter 4 Monitor The following table describes the labels in this screen Table 16 Summary Wireless Association List LABEL DESCRIPTION This is the index number of an associated wireless station MAC Address This field displays the MAC address of an associated wireless station Association Time This field displays the time a wireless station first associated with the NBG 419N s WLAN network Refresh Click Refresh to reload the list NBG 419N User s Guide Chapter 4 Monitor NBG 419N User s Guide NBG 419N Modes 5 1 Overview This chapter introduces the different modes available on your NBG 419N First the term mode refers to two things in this User s Guide e Web Configurator mode This refers to the Web Configurator interface you want to use for editing NBG 419N features e Device mode This is the operating mode of your NBG 419N or s
51. THIS LICENSE AGREEMENT 10 Termination This License Agreement is effective until it is terminated You may terminate this License Agreement at any time by destroying or returning to ZyXEL all copies of the Software and Documentation in your possession or under your control ZyXEL may terminate this License Agreement for any reason including but not limited to if ZyXEL finds that you have violated any of the terms of this License Agreement Upon notification of termination you agree to destroy or return to ZyXEL all copies of the Software and Documentation and to certify in writing that all known copies including backup copies have been destroyed All provisions relating to confidentiality proprietary rights and non disclosure shall survive the termination of this Software License Agreement NBG 419N User s Guide Appendix F Legal Information 11 General This License Agreement shall be construed interpreted and governed by the laws of Republic of China without regard to conflicts of laws provisions thereof The exclusive forum for any disputes arising out of or relating to this License Agreement shall be an appropriate court or Commercial Arbitration Association sitting in ROC Taiwan This License Agreement shall constitute the entire Agreement between the parties hereto This License Agreement the rights granted hereunder the Software and Documentation shall not be assigned by you without the prior written consent of ZyXEL
52. This shows the LAN port s IP address IP Subnet Mask This shows the LAN port s subnet mask DHCP This shows the LAN port s DHCP role Server Client or None NBG 419N User s Guide Chapter 8 Access Point Mode Table 27 Status Screen Access Point Mode LABEL DESCRIPTION WLAN Information WLAN OP Mode This is the device mode Section 5 1 2 on page 49 to which the NBG 419N s wireless LAN is set Access Point Mode MAC Address This shows the wireless adapter MAC Address of your device Status This shows the current status of the Wireless LAN ON or OFF Name SSID This shows a descriptive name used to identify the NBG 419N in the wireless LAN Channel This shows the channel number which you select manually Operating Channel This shows the channel number which the NBG 419N is currently using over the wireless LAN Security Mode This shows the level of wireless security the NBG 419N is using 802 11 Mode This shows the wireless standard WPS This displays Configured when the WPS has been set up This displays Unconfigured if the WPS has not been set up Click the status to display Network gt Wireless LAN gt WPS screen System Status Item This column shows the type of data the NBG 419N is recording Data This column shows the actual data recorded by the NBG 419N System Up Time This is th
53. WAN interfaces in the Web Configurator LAN WAN Select None to disable IP multicasting on these interfaces 12 4 Internet Connection 12 4 1 Use this screen to change your NBG 419N s Internet access settings Click WAN from the Configuration menu The screen differs according to the encapsulation you choose Ethernet Encapsulation This screen displays when you select Ethernet encapsulation Figure 80 Network gt WAN gt Internet Connection Ethernet Encapsulation ISP Parameters for Internet Access Encapsulation Ethernet WAH IP Address Assignment Get automatically from ISP Default C Use Fixed IP Address IP Address IP Subnet Mask Gateway IP Address WAH DHS Assignment First DNS Server From ISP p 0 0 0 Second DNS Server l From ISP p 0 0 0 WAH MAC Address ia Factory default C Clone the computer s MAC address IP Address 192 165 1 33 C Set WAN MAC Address 00 00 00 00 00 00 Apply Reset Internet Connection Advanced IGMP Snooping p NBG 419N User s Guide Chapter 12 WAN The following table describes the labels in this screen Table 47 Network gt WAN gt Internet Connection Ethernet Encapsulation LABEL DESCRIPTION ISP Parameters for Internet Access Encapsulation You must choose the Ethernet option when the WAN port is used as a regular Ethernet WAN IP Address Assignment Get
54. addresses of the wireless station that are allowed or denied access to the NBG 419N in these address fields Enter the MAC addresses in a valid MAC address format that is six hexadecimal character pairs for example 12 34 56 78 9a bc Click Add MAC Filter Summary Delete Click the delete icon to remove the MAC address from the list MAC This is the MAC address of the wireless station that are allowed or denied Address access to the NBG 419N Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to reload the previous configuration for this screen NBG 419N User s Guide Chapter 11 Wireless LAN 11 6 Wireless LAN Advanced Screen Use this screen to allow wireless advanced features such as intra BSS networking and set the RTS CTS Threshold Click Network gt Wireless LAN gt Advanced The screen appears as shown Figure 72 Network gt Wireless LAN gt Advanced RTS CTS Threshold Fragmentation Threshold Output Power HT Physical Mode Operating Mode Channel Bandwidth Guard Interval Extension Channel General MAC Filter Advanced QoS WPS WPS Station Scheduling WDS Wireless Advanced Setup IV Enable Intra BSS Traffic 2346 256 2346 2346 256 2346 100 C Mixed C Green C20 20 40 Chong auto Apply Cancel The following table describes the labels in this screen Table 41 Network gt Wireless LAN gt
55. and may suspend your account if it discovers any active services at your location If you are unsure refer to your ISP Port forwarding allows you to define the local servers to which the incoming services will be forwarded To change your NBG 419N s port forwarding settings click Network gt NAT gt Application The screen appears as shown Note If you do not assign a Default Server IP address in the NAT gt General screen the NBG 419N discards all packets received for ports that are not specified in this screen or remote management NBG 419N User s Guide Chapter 15 Network Address Translation NAT Refer to Appendix E on page 281 for port numbers commonly used for particular services Figure 94 Network gt NAT gt Application Add Application Rule I Active Service Name User Defined z Port Server IP Address 0 0 0 0 Application Rules Summary Application Rules Summary Active Name Port Server IP Address Modify 1 TEST 1 25 192 168 3 33 a T Apply Reset The following table describes the labels in this screen Table 58 Network gt NAT gt Application LABEL DESCRIPTION Add Application Ru e Active Select the check box to enable this rule and the requested service can be forwarded to the host with a specified internal IP address Clear the checkbox to disallow forwarding of these ports to an inside server without having to delete the entry Service Name Typ
56. anon OEKE a aaka eiaeiiai 183 ZT OVEN PP EET 183 ed dL YOU C SP DIG A A AE E E E AAA AE N e ur LEE MEUS 183 22 2 What You Need TO KNOW uicecicc sent ee kk npodi elo PU d ESHI E OEA E Stea SERM ESO EE ane TOR Eso E 183 22 3 1 Remote Management and NAT 1 cesa kennt eh ttn kk rta kr tk toad 184 EE BUM cnc NNI o LEE 184 22A 0 NV SOIBBIE ds iic bot ie ira i a s b eoe La o aa da advo uu dd d on d 184 Chapter 23 Universal Plug and Play UPMP 2 ccscccecceeceeeeeeeeeeeeeee sees eee neeseeeseeeseeeeeaesneeseeeneesneeeneenees 187 SR oe arises det DUET 187 2d What VOUT Can DO sd abes icir a spit cobi ence OH boca cupid eo nn A US bti d ttu 187 23 3 What You Need TO KNOW sca esti ch up rb kodak pearl etd id od edd bd eran Un a d 187 IN TIS oer cto elo ie oat iene ees ebe c eei tuls 187 205 2 Caulis wiih LIBE uii iate ete pab Edit ei be Eod ooi Le dab kis SE le o o a ed i a Dee eda 188 NBG 419N User s Guide Table of Contents 2300 PAR SCEO aissusicuiesiesecitapet isti pte edet bp tese ci tope dot e d a aee bande dod podia ice Tata o ld 188 235 hechos SEEDS e aed rie vie cates ba CIR EUR FL Qc SEP I Ulud cauaweiatuaas FEL RTL dti Fo MBA E EUM M EOM d 189 25 5 1 Using UPNP in Windows XP Exempla 22er etit tte 189 22 9 2 Wob Coniigurator Easy ACCOSS aiysiidsviveddc i osa baie Uto ad pd ud ea Ud 191 Part V Maintenance and Troubleshooting 195 Chapter 24 M aste alb e ERA RES RATE ta za
57. authentication that uses certificates for only the server side authentications to establish a secure connection Client authentication is then done by sending username and password through the secure connection thus client identity is protected For client authentication EAP TTLS supports EAP methods and legacy authentication methods such as PAP CHAP MS CHAP and MS CHAP v2 PEAP Protected EAP Like EAP TTLS server side certificate authentication is used to establish a secure connection then use simple username and password methods through the secured connection to authenticate the clients thus hiding client identity However PEAP only supports EAP methods such as EAP MD5 EAP MSCHAPv2 and EAP GTC EAP Generic Token Card for client authentication EAP GTC is implemented only by Cisco LEAP LEAP Lightweight Extensible Authentication Protocol is a Cisco implementation of IEEE 802 1x Dynamic WEP Key Exchange The AP maps a unique key that is generated with the RADIUS server This key expires when the wireless connection times out disconnects or reauthentication times out A new WEP key is generated each time reauthentication is performed 276 NBG 419N User s Guide Appendix D Wireless LANs If this feature is enabled it is not necessary to configure a default encryption key in the Wireless screen You may still configure and store keys here but they will not be used while Dynamic WEP is enabled Note EAP MD5 can
58. can connect network devices via the Ethernet ports of the NBG 419N so that they can communicate with each other and access the Internet e Wireless Wireless clients can connect to the NBG 419N to access network resources e WAN Connect to a broadband modem router for Internet access Figure 1 NBG 419N Network LAN1 LAN2 INTERNE ID LAN3 _ a 5 M bean WLAN NBG 419N User s Guide 21 Chapter 1 Getting to Know Your NBG 419N 1 3 Ways to Manage the NBG 419N Use any of the following methods to manage the NBG 419N e Web Configurator This is recommended for everyday management of the NBG 419N using a Supported web browser e Wireless switch You can use the built in switch of the NBG 419N to turn the wireless function on and off without opening the Web Configurator e WPS Wi Fi Protected Setup button You can use the WPS button or the WPS section of the Web Configurator to set up a wireless network with your ZyXEL Device 1 4 Good Habits for Managing the NBG 419N Do the following things regularly to make the NBG 419N more secure and to manage the NBG 419N more effectively e Change the password Use a password that s not easy to guess and that consists of different types of characters such as numbers and letters e Write down the password and put it in a safe place e Back up the configuration and make sure you know how to restore it Restoring an earlier working configuration may be usef
59. connection and the PPTP parameters for a PPTP connection User Name Type the user name given to you by your ISP Password Type the password associated with the User Name above Retype to Confirm Type your password again to make sure that you have entered is correctly Nailed up Connection Select Nailed Up Connection if you do not want the connection to time out Idle Timeout This value specifies the time in minutes that elapses before the NBG 419N automatically disconnects from the PPTP server PPTP Configuration Server IP Address Type the IP address of the PPTP server Get automatically from ISP Select this option If your ISP did not assign you a fixed IP address This is the default selection Use Fixed IP Select this option If the ISP assigned a fixed IP address Address IP Address Enter your WAN IP address in this field if you selected Use Fixed IP Address IP Subnet Mask Your NBG 419N will automatically calculate the subnet mask based on the IP address that you assign Unless you are implementing subnetting use the subnet mask computed by the NBG 419N Gateway IP Address Enter a Gateway IP Address if your ISP gave you one in this field WAN IP Address Assi gnment Get automatically from ISP Select this to get your WAN IP address from your ISP Use Fixed IP Select this option If the ISP assigned a fixed IP address Address My WA
60. describes the labels in this screen Table 20 Content Filter LABEL DESCRIPTION Add Click Add after you have typed a keyword Repeat this procedure to add other keywords Up to 64 keywords are allowed Note The NBG 419N does not recognize wildcard characters as keywords When you try to access a web page containing a keyword you will get a message telling you that the content filter is blocking this request Delete Highlight a keyword in the text box and click Delete to remove it The keyword disappears from the text box after you click Apply NBG 419N User s Guide Chapter 6 Easy Mode Table 20 Content Filter LABEL DESCRIPTION Apply Click Apply to save your changes Cancel Click Cancel to close this screen without saving any changes 6 6 4 Bandwidth MGMT Use this screen to set bandwidth allocation to pre defined services and applications for bandwidth allocation The NBG 419N uses bandwidth management for incoming and outgoing traffic Rank the services and applications by dragging them accordingly from High to Low and click Apply Click Cancel to close the screen Figure 34 Bandwidth MGNT fill Bandwidth MGMT Drag the sliders to adjust the bandwidth for each network application High Use your mouse you want to Left click and slide up or down priority 6 6 5 Firewall Enable this feature to protect the network from Denial of Service DoS
61. do not configure a DNS server you must know the IP address of a computer in order to access it Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide Chapter 14 DHCP Server NBG 419N User s Guide Network Address Translation NAT 15 1 Overview NAT Network Address Translation NAT RFC 1631 is the translation of the IP address of a host in a packet For example the source address of an outgoing packet used within one network is changed to a different IP address known within another network Each packet has two addresses a source address and a destination address For outgoing packets NAT maps private local IP addresses to globally unique ones required for communication with hosts on other networks It replaces the original IP source address in each packet and then forwards it to the Internet The NBG 419N keeps track of the original addresses and port numbers so incoming reply packets can have their original values restored The following figure illustrates this Figure 92 NAT Example NAT TABLE WAN Public IP LAN 192 168 1 10 192 168 1 13 192 168 1 11 192 168 1 12 192 168 1 13 182 188 1 12 m M Por ef 192 168 1 10 182 188 1 1 L7 192 188 1 10 QD For more information on IP address translation refer to RFC 1631 The IP Network Address Translator NAT NBG 419N User s Guide
62. e S 52 A OASIS PANE mee 53 SRZIRIQUUSICNIUT SPERO OUI IER 53 STORE llle M eem 54 Sm e iu ca lr NT T E E UL UEM 55 CA aue i o cL IE E ITO QT 56 OE Ross cz c 57 Nc rue user MR 58 uuu 0 Cm 58 5b B Viele BOUE 2o outer tur t aba nere eno das Lis i nied Van ds Sc RIS A ped 59 DET ARS acne ee ee nr nee Oe en medius a d LL n d den i i ree DE 60 o 7 Status Soreonin Easy Mota iesccccissssccerssazcc ees enidan A E ES 61 Chapter 7 Ragter MOOB ai Heros or c ease rE Vac aseci aaaea E eda E Nea Mo ROARERR a Man ias 63 ESSI II NN E E I reba ecadaes 63 OV SIT WN EN cn 63 12 NBG 419N User s Guide Table of Contents Fd SAIS ORSON 64 ELANGO PAREN NT T UT UTE 67 Chapter 8 Pencil dir mo M 71 MER I0 A 71 MES dei Ri PIT 71 p 35 hat you Nood OS EMON aci up PH SMOOTH Pad Sa Maud T2 8 3 1 Setting your NBG 419N to AP Modo 1d eter pra pen e Era ka o nr ande area ua 72 8 3 2 Accessing the Web Configurator in Access Point Mode ssssssssss 73 8 3 3 Configuring your WLAN Bandwidth Management and Maintenance Settings T3 BAAP Mode Stalts SGOD e oe AA 74 Bo LAM SOPSSNE oiia A ee treet cert ear eT T8 Chapter 9 WISP MOUE mee 79 ON OV O UR TDI mt 79 CER E EE Hi TP 79 9 3 What You Need Tor KMOW sides sebo HEAR Ere ERI INEE ERE T Ev o masini eeme
63. enter a numerical IP address Keyword List This list displays the keywords already added Add Click Add after you have typed a keyword Repeat this procedure to add other keywords Up to 64 keywords are allowed When you try to access a web page containing a keyword you will get a message telling you that the content filter is blocking this request Delete Highlight a keyword in the lower box and click Delete to remove it The keyword disappears from the text box after you click Apply Clear All Click this button to remove all of the listed keywords Apply Click Apply to save your changes Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide Chapter 20 Content Filter 170 NBG 419N User s Guide PART IV Management Bandwidth Management 173 Remote Management 183 Universal Plug and Play UPnP 187 171 172 Bandwidth Management 21 1 Overview This chapter contains information about configuring bandwidth management and editing rules ZyXEL s Bandwidth Management allows you to specify bandwidth management rules based on an application In the figure below uplink traffic goes from the LAN device A to the WAN device B Bandwidth management is applied before sending the packets out to the WAN Downlink traffic comes back from the WAN device B to the LAN device A Bandwidth management is applied before sending the traffic out to
64. error message check your hardware connections Make sure your Internet connection is up and running The following screen depends on your Internet connection type Enter the details provided by your Internet Service Provider ISP in the fields if any Figure 5 Internet Connection Type 1 Internet Connection Type DHCP Genet urco open your Please click Next to continue Your NBG 419N detects the following Internet Connection type Table 2 Internet Connection Type CONNECTION TYPE DESCRIPTION Static IP Select the Static IP if an administrator assigns the IP address of your computer DHCP Select the DHCP Dynamic Host Configuration Protocol option when the WAN port is used as a regular Ethernet NBG 419N User s Guide Chapter 2 Connection Wizard Table 2 Internet Connection Type CONNECTION TYPE DESCRIPTION PPPoE Select the PPPoE Point to Point Protocol over Ethernet option for a dial up connection PPTP Select the PPTP Point to Point Tunneling Protocol option for a dial up connection and your ISP gave you an IP address and or subnet mask L2TP Select the L2TP Layer 2 Tunnel Protocol if you are connecting to another device over another network like the Internet or VPN 2 3 1 Connection Type DHCP Choose DHCP as the Internet Connection Type when the WAN port is used as a regular Ethernet Click Next Figure 6 Internet Connection Type DHCP
65. if given Mask NBG 419N User s Guide a Chapter 2 Connection Wizard Table 6 Internet Connection Type L2TP LABEL DESCRIPTION L2TP Gateway IP Type the gateway IP address of the L2TP server Address L2TP Server IP Type the server IP address of the L2TP server Address User Name Type the user name given to you by your ISP Password Type the password associated with the User Name above Exit Click this to close the wizard screen without saving Back Click this to return to the previous screen Next Click this to continue The NBG 419N connects to the Internet Figure 11 Connecting to the Internet Note If the Wizard successfully connects to the Internet it proceeds to the next step If you get an error message go back to the previous screen and make sure you have entered the correct information provided by your ISP 32 NBG 419N User s Guide Chapter 2 Connection Wizard 2 4 Router Password Change the login password in the following screen Enter the new password and retype it to confirm Click Next to proceed with the Wireless Security screen Figure 12 Router Password It is highly recamr 1234 Password Verify Password 2 5 Wireless Security Configure Wireless Settings Configure the wireless network settings on your NBG 419N in the following screen The fields that show up depend on the kind of security you select 2 5 1 Wi
66. information instead of using dynamic assignment make sure that your computers have IP addresses that place them in the same subnet as the Prestige s LAN port NBG 419N User s Guide 251 Appendix C Setting up Your Computer s IP Address Windows 95 98 Me Click Start Settings Control Panel and double click the Network icon to open the Network window Figure 146 Windows 95 98 Me Network Configuration Network LPR for TCP IP Printing 3Com EtherLink 10 100 PCI TX NIC 3C905B TX Dial Up Adapter USB Fast Ethernet Adapter Y TCP IP gt 3Com EtherLink 10 100 PCI TX NIC 3C Installing Components The Network window Configuration tab displays a list of installed components You need a network adapter the TCP IP protocol and Client for Microsoft Networks If you need the adapter 1 In the Network window click Add 2 Select Adapter and then click Add 3 Select the manufacturer and model of your network adapter and then click OK If you need TCP IP 1 Inthe Network window click Add 2 Select Protocol and then click Add 252 NBG 419N User s Guide Appendix C Setting up Your Computer s IP Address 3 Select Microsoft from the list of manufacturers 4 Select TCP IP from the list of network protocols and then click OK If you need Client for Microsoft Networks 1 Click Add 2 Select Client and then click Add 3 Select Microsoft from the list of manufacturers 4 Select Client for Microsoft
67. likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established If this is the case it is recommended that you select a network number from 192 168 0 0 to 192 168 255 0 The Internet Assigned Number Authority IANA reserved this block of addresses specifically for private use please do not use any other number unless you are told otherwise You must also enable Network Address Translation NAT on the NBG 419N Once you have decided on the network number pick an IP address for your NBG 419N that is easy to remember for instance 192 168 1 1 but make sure that no other device on your network is using that IP address The subnet mask specifies the network number portion of an IP address Your NBG 419N will compute the subnet mask automatically based on the IP address NBG 419N User s Guide Appendix B IP Addresses and Subnetting that you entered You don t need to change the subnet mask computed by the NBG 419N unless you are instructed to do otherwise Private IP Addresses Every machine on the Internet must have a unique address If your networks are isolated from the Internet running only between two branch offices for example you can assign any IP addresses to the hosts without problems However the Internet Assigned Numbers Authority IANA has reserved the following three blocks of IP addresses specifically for private networks e 10 0 0 0 10 255 255 255
68. on page 163 screen enable service blocking enter delete modify the services you want to block and the date time you want to block them 19 3 What You Need To Know The NBG 419N s firewall feature physically separates the LAN and the WAN and acts as a secure gateway for all data passing between the networks It is designed to protect against Denial of Service DoS attacks when activated click the General tab under Firewall and then click the Enable Firewall check box The NBG 419N s purpose is to allow a private Local Area Network LAN to be securely connected to the Internet The NBG 419N can be used to prevent theft destruction and modification of data as well as log events which may be important to the security of your network The NBG 419N is installed between the LAN and a broadband modem connecting to the Internet This allows it to act as a secure gateway for all data passing between the Internet and the LAN The NBG 419N has one Ethernet WAN port and four Ethernet LAN ports which are used to physically separate the network into two areas The WAN Wide Area Network port attaches to the broadband cable or DSL modem to the Internet The LAN Local Area Network port attaches to a network of computers which needs security from the outside world These computers will have access to Internet services such as e mail FTP and the World Wide Web However inbound access is not allowed by default unless the remote host is author
69. ore prr eR TM S 171 Bandwioih Mornago meni seniisdn inana ANNO 173 Remote Management MM 183 Universal Plug and Play UPDP 1assiardceit cene dina ccanacausddcsndagususdtandasestienraabinetsnmqeausiinoaarenvinags 187 Maintenance and Troubleshooting sreiisinsinsssnicsansnsnnnsnsnsnssnascnsannensnnsnsasnninaiensananiinsnianaanianies 195 MEDI EE a ET 197 POSUI iussus bd nt ra are ete ivive eter reer me usine uuum eta en tet rr rrr trarrtrt rete 199 THE P 201 iude AC 2 ties et rae occa Er le ew papleat ck baaeaec ca dees ca nace pans da Cea pad aa dae apaa cain aaa cada 205 rd EY FRG SHI vem tcchiasanncaaiuns findi i EE an N east i Anbe EE EEEE EEN Ra 207 NBG 419N User s Guide 9 Contents Overview icc n OSII 211 ERE t es MT I S I UU UT 213 Bisnes e X 217 Appendices and Indak sonicne ae EUER EKERVRE AUR FAUNE ERES URKEEFSEUNR 231 NBG 419N User s Guide Table of Contents Table of Contents About This SS CUI uidi vd E TEE SEE ERE Fac DEFERT RE OR RRRE RH X EORNM EE SRM SIN DE RO Gr M AERE 3 rere dr ipli o 5 Safety rli e E S 7 CONSE COVE IVI OW PR 9 Table of Gy NU MES Me actsicce tectcnriccnictionisiacivintivaiaaiiccetiaiurtersaintreivescaialeciisamietneasinanteranteriatataas 11 Part l In
70. right If you chose User Defined but leave the IP address set to 0 0 0 0 User Defined changes to None after you click Apply If you set a second choice to User Defined and enter the same IP address the second User Defined changes to None after you click Apply Select None if you do not want to configure DNS servers If you do not configure a DNS server you must know the IP address of a computer in order to access it WAN MAC Address The MAC address section allows users to configure the WAN port s MAC address by using the NBG 419N s MAC address copying the MAC address from a computer on your LAN or manually entering a MAC address Factory default Select Factory default to use the factory assigned default MAC Address Clone the Select Clone the computer s MAC address IP Address and enter computer s the IP address of the computer on the LAN whose MAC you are cloning MAC address IP Address Set WAN MAC Select this option and enter the MAC address you want to use Address Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh 12 4 3 PPTP Encapsulation Point to Point Tunneling Protocol PPTP is a network protocol that enables secure transfer of data from a remote client to a private server creating a Virtual Private Network VPN using TCP IP based networks NBG 419N User s Guide Chapter 12 WAN PPTP suppo
71. screen Table 25 Status Screen Router Mode LABEL DESCRIPTION Logout Click this at any time to exit the Web Configurator Device Information Host Name This is the System Name you enter in the Maintenance gt General screen It is for identification purposes Firmware Version This is the firmware version and the date created Sys OP Mode This is the device mode Section 5 1 2 on page 49 to which the NBG 419N is set Router Mode WAN Information MAC Address This shows the WAN Ethernet adapter MAC Address of your device IP Address This shows the WAN port s IP address IP Subnet Mask This shows the WAN port s subnet mask Default Gateway This shows the WAN port s gateway IP address DHCP This shows the LAN port s DHCP role Client or Server LAN Information MAC Address This shows the LAN Ethernet adapter MAC Address of your device IP Address This shows the LAN port s IP address IP Subnet Mask This shows the LAN port s subnet mask DHCP This shows the LAN port s DHCP role Server or None WLAN Information WLAN OP Mode This is the device mode Section 5 1 2 on page 49 to which the NBG 419N s wireless LAN is set Access Point Mode MAC Address This shows the wireless adapter MAC Address of your device Status This shows the current status of the Wireless LAN ON or
72. security mode of the access point to which you want to connect Mode Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to reload the previous configuration for this screen 9 5 0 1 No Security Use this screen if the access point to which you want to connect does not use encryption Figure 53 No Security WISP Wireless Setup Network Name SSID Security Security Mode No Security Apply Reset NBG 419N User s Guide Chapter 9 WISP Mode The following table describes the labels in this screen Table 31 No Security WISP LABEL DESCRIPTION Wireless Setup Network Enter the name of the access point to which you are connecting Name SSID Security Security Select No Security in this field Mode Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to reload the previous configuration for this screen 9 5 1 Static WEP Use this screen if the access point to which you want to connect to uses WEP security mode Figure 54 WEP WISP Wireless Setup Network Name SSID C Security Security Mode Static wer v PassPhrase nr Generate WEP Encryption 128 bits Authentication Method Shared ey gt Note 64 bit WEP Enter 5 ASCII characters or 10 hexadecimal characters 0 9 A F for each Key 1 4 128 bit WEP Enter 13 ASCII characters or 26 hexadecimal characters 0 9 A
73. systems including mainframes midrange systems UNIX systems and network servers SSH TCP UDP 22 Secure Shell Remote Login Program STRM WORKS UDP 1558 Stream Works Protocol SYSLOG UDP 514 Syslog allows you to send system logs to a UNIX server TACACS UDP 49 Login Host Protocol used for Terminal Access Controller Access Control System TELNET TCP 23 Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments It operates over TCP IP networks Its primary function is to allow users to NBG 419N User s Guide log into remote host systems Appendix E Common Services Table 95 Commonly Used Services continued NAME PROTOCOL PORT S DESCRIPTION TFTP UDP 69 Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP but uses the UDP User Datagram Protocol rather than TCP Transmission Control Protocol VDOLIVE TCP 7000 Another videoconferencing solution NBG 419N User s Guide Legal Information Copyright Copyright 2009 by ZyXEL Communications Corporation The contents of this publication may not be reproduced in any part or as a whole transcribed stored in a retrieval system translated into any language or transmitted in any form or by any means electronic mechanical magnetic optical chemical photocopying manual or otherwise without the prior writte
74. terms and conditions including without limitation not knowingly permitting such persons to use any portion of the Software for the purpose of deriving the source code of the Software No Warranty THE SOFTWARE IS PROVIDED AS IS TO THE MAXIMUM EXTENT PERMITTED BY LAW ZyXEL DISCLAIMS ALL WARRANTIES OF ANY KIND EITHER EXPRESSED OR IMPLIED INCLUDING WITHOUT LIMITATION IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ZyXEL DOES NOT WARRANT THAT THE FUNCTIONS CONTAINED IN THE SOFTWARE WILL MEET ANY REQUIREMENTS OR NEEDS YOU MAY HAVE OR THAT THE SOFTWARE WILL OPERATE ERROR FREE OR IN AN UNINTERUPTED FASHION OR THAT ANY DEFECTS OR ERRORS IN THE SOFTWARE WILL BE CORRECTED OR THAT THE SOFTWARE IS COMPATIBLE WITH ANY PARTICULAR PLATFORM SOME JURISDICTIONS DO NOT ALLOW THE WAIVER OR EXCLUSION OF IMPLIED WARRANTIES SO THEY MAY NOT APPLY TO YOU IF THIS EXCLUSION IS HELD TO BE UNENFORCEABLE BY A COURT OF COMPETENT JURISDICTION THEN ALL EXPRESS AND IMPLIED WARRANTIES SHALL BE LIMITED IN DURATION TO A PERIOD OF THIRTY 30 DAYS FROM THE DATE OF PURCHASE OF THE SOFTWARE AND NO WARRANTIES SHALL APPLY AFTER THAT PERIOD 7 Limitation of Liability NBG 419N User s Guide Appendix F Legal Information IN NO EVENT WILL ZyXEL BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY INCIDENTAL OR CONSEQUENTIAL DAMAGES INCLUDING WITHOUT LIMITATION INDIRECT SPECIAL PUNITIVE OR EXEMPLARY DAMAGES FOR LOSS OF BUSINESS LOSS OF
75. the labels in this screen Table 17 Control Panel ITEM DESCRIPTION Home Click this to go to the Login page Expert Mode Click this to change to Expert mode and customize features of the NBG 419N Logout Click this to end the Web Configurator session 6 5 Network Map Note The Network MAP is viewable by Windows XP need to install patch Windows Vista and Windows 7 users only For Windows XP Service Pack 2 users you can see the network devices connected to the NBG 419N by downloading the LLTD Link Layer Topology Discovery patch from the Microsoft Website Note Don t worry if the Network Map does not display in your web browser This feature may not be supported by your system You can still configure the Control Panel Section 6 6 on page 54 in the Easy Mode and the NBG 419N features that you want to use in the Expert Mode NBG 419N User s Guide Chapter 6 Easy Mode When you log into the Network Configurator the Network Map is shown as follows Figure 29 Network Map wf Bandwidth j cS Wireless e MGMT Firewall BW Security ON ON The line connecting the NBG 419N to the gateway becomes green when the NBG 419N is able to ping the gateway It becomes red when the ping initiating from the NBG 419N does not get a response from the gateway The same rule applies to the line connecting the gateway to the Internet You can also view the devices represented by icons in
76. the name of the access point to which you are connecting Security Encryption Type Select the type of wireless encryption employed by the access point to which you want to connect Pre Shared Key WPA PSK WPA2 PSK uses a simple common password for authentication Type the pre shared key employed by the access point to which you want to connect Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to reload the previous configuration for this screen NBG 419N User s Guide Chapter 9 WISP Mode 9 5 3 Advance Screen Use this screen to enable the power saving mode of your NBG 419N Go to Configuration gt Wireless LAN to open the following screen Figure 56 Configuration gt Wireless LAN gt Advance Screen WISP General Advance in Wireless Advanced Setup Power Saving Mode cam Constantly Awake Mode C Power Saving Mode RTS Threshold 2346 256 2346 Fragement Threshold 2346 256 2346 Apply Reset The following table describes the labels in this screen Table 34 Configuration gt Wireless LAN gt Advance Screen WISP LABEL DESCRIPTION Power Select CAM Constantly Awake Mode if you do not want your NBG Saving Mode 419N to go to sleep when no wireless activity is detected in the Wireless LAN Select Power Saving Mode if you want the NBG 419N to go to sleep when no wireless connection is needed for a peri
77. this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability or fitness for a particular use or purpose ZyXEL shall in no event be held liable for indirect or consequential damages of any kind to the purchaser To obtain the services of this warranty contact your vendor You may also refer to the warranty policy for the region in which you bought the device at http www zyxel com web support_warranty_info php Registration Register your product online to receive e mail notices of firmware upgrades and information at www zyxel com for global products or at www us zyxel com for North American products End User License Agreement for NBG 419N 288 WARNING ZyXEL Communications Corp IS WILLING TO LICENSE THE ENCLOSED SOFTWARE TO YOU ONLY UPON THE CONDITION THAT YOU ACCEPT ALL OF THE TERMS CONTAINED IN THIS LICENSE AGREEMENT PLEASE READ THE TERMS CAREFULLY BEFORE COMPLETING THE INSTALLATION PROCESS AS INSTALLING THE SOFTWARE WILL INDICATE YOUR ASSENT TO THEM IF YOU DO NOT AGREE TO THESE TERMS THEN ZyXEL INC IS UNWILLING TO LICENSE THE SOFTWARE TO YOU IN WHICH EVENT YOU SHOULD RETURN THE UNINSTALLED SOFTWARE AND PACKAGING TO THE PLACE FROM WHICH IT WAS ACQUIRED AND YOUR MONEY WILL BE REFUNDED NBG 419N User s Guide Appendix F Legal Information 1 Grant of License for Personal Use ZyXEL Communications
78. times you enter in these fields Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to reload the previous configuration for this screen 11 11 WDS Screen A Wireless Distribution System is a wireless connection between two or more APs Use this screen to set the operating mode of your NBG 419N to AP Bridge or Bridge Only and establish wireless links with other APs You need to know the MAC address of the peer device which also must be in bridge mode Note You must enable the same wireless security settings on the NBG 419N and on all wireless clients that you want to associate with it NBG 419N User s Guide Chapter 11 Wireless LAN Click Network gt Wireless LAN gt WDS tab The following screen opens with the Basic Setting set to Disabled and Security Mode set to No Security Figure 77 Network gt Wireless LAN gt WDS WDS Setup Basic Setting General MAC Filter Advanced QoS WPS WPS Station Scheduling WDS Local MAC Address Phy Mode Remote MAC Address Remote MAC Addres Remote MAC Address Remote MAC Address Security EncrypType Encryp Key AP Bridge v 00 0C 43 30 52 28 Apply Reset The following table describes the labels in this screen Table 46 Network gt Wireless LAN gt WDS LABEL DESCRIPTION WDS Setup Basic Settings Select the operating mode for your NBG 419N e AP Bridge The NBG 419N
79. use one or the other Note It doesn t matter which button is pressed first You must press the second button within two minutes of pressing the first one The NBG 419N sends the proper configuration settings to the wireless client This may take up to two minutes Then the wireless client is able to communicate with the NBG 419N securely NBG 419N User s Guide Chapter 10 Tutorials The following figure shows you an example to set up wireless network and security by pressing a button on both NBG 419N and wireless client the NWD210N in this example Figure 58 Example WPS Process PBC Method Wireless Client NBG 419N WITHIN 2 MINUTES SECURITY INFO 4 nummmmmmmmmmmmmm COMMUNICATION 10 3 2 PIN Configuration When you use the PIN configuration method you need to use both NBG 419N s configuration interface and the client s utilities 1 Launch your wireless client s configuration utility Go to the WPS settings and select the PIN method to get a PIN number 2 Enter the PIN number to the PIN field in the Network Wireless LAN WPS Station screen on the NBG 419N 3 Click Start buttons or button next to the PIN field on both the wireless client utility screen and the NBG 419N s WPS Station screen within two minutes The NBG 419N authenticates the wireless client and sends the proper configuration settings to the wireless client This may take up to two minutes Then the wire
80. you do not know the IP address of the NBG 419N Follow the steps below to access the web configurator 1 Click Start and then Control Panel 2 Double click Network Connections NBG 419N User s Guide Chapter 23 Universal Plug and Play UPnP 3 Select My Network Places under Other Places Figure 119 Network Connections s Network Connections File Edit View Favorites Tools Advanced Help Qe 27 JP Search Folders E e Network Connections T Internet Gateway Network Tasks 1 Internet Connection s Create a new connection Disabled Q Set up a home or small mh Internet Connection office network LAN or High Speed Internet See Also Local Area Connection 3 Network Troubleshooter Enabled Tf Accton EN1207D Tx PCI Fast Other Places Control Panel X My Network Places E My Documents My Computer Details Network Connections 4 An icon with the description for each UPnP enabled device displays under Local Network 5 Right click on the icon for your NBG 419N and select Invoke The web configurator login screen displays Figure 120 Network Connections My Network Places My Network Places File Edit View Favorites Tools Help ws 3 Search E Folders E Address My Network Places Network Tasks 2 Add a network place view network connections I et Invoke Set up a home or small a ba office network Create Shortcut 4 View w
81. 0 kbps 2 7 UDP Minimum Bandwidth 10 kbps TCP Minimum Bandwidth fo kbps i UDP Apply Cancel The following table describes the labels in this screen Table 68 Bandwidth Management Rule Configuration Application List LABEL DESCRIPTION This is the number of an individual bandwidth management rule Enable Select an interface s check box to enable bandwidth management on that interface Direction These read only labels represent the physical interfaces Bandwidth management applies to all traffic flowing out of the router through the interface regardless of the traffic s source Traffic redirect or IP alias may cause LAN to LAN traffic to pass through the NBG 419N and be managed by bandwidth management Bandwidth Select Maximum Bandwidth or Minimum Bandwidth and specify the maximum or minimum bandwidth allowed for the rule in kilobits per second Destination Port This is the port number of the destination that define the traffic type for example TCP port 80 defines web traffic See Appendix E on page 281 for some common services and port numbers Source Port This is the port number of the source that define the traffic type for example TCP port 80 defines web traffic See Appendix E on page 281 for some common services and port numbers Protocol This is the protocol TCP UDP or user defined used for the service Apply Click Apply to save your customized settin
82. 103 Service Set IDentity See SSID Session Initiated Protocol 181 SIP 181 SSID 59 65 75 82 100 103 Static DHCP 140 Static Route 153 Status 64 NBG 419N User s Guide Index subnet 241 Subnet Mask 137 138 subnet mask 242 subnetting 245 Summary DHCP table 44 Packet statistics 45 Wireless station status 46 syntax conventions 5 Sys Op Mode 213 System General Setup 197 System Name 198 System restart 211 T TCP IP configuration 139 Temperature 225 Time setting 201 trigger port 147 Trigger port forwarding 147 example 149 process 149 U Universal Plug and Play 187 Application 188 Security issues 188 UPnP 187 URL Keyword Blocking 169 Use Authentication 278 User Name 152 V VoIP 181 VPN 126 W WAN Wide Area Network 119 WAN advanced 132 WAN MAC address 121 warranty 288 note 288 Web Configurator how to access 37 Overview 37 web configurator 22 Web Proxy 169 WEP Encryption 86 106 108 WEP encryption 105 WEP key 105 Wireless association list 46 wireless channel 222 wireless LAN 222 wireless LAN scheduling 114 Wireless network basic guidelines 100 channel 100 encryption 101 example 99 MAC address filter 101 overview 99 security 100 SSID 100 Wireless security 100 overview 100 type 100 wireless security 222 wireless switch 22 Wireless tutorial 89 WPS 89 Wizard setup 25 WLAN Interference 271 Security Parameters 280 World Wide Web 181 WPA compatible 102 WPA WP
83. 17 3 IP Static Route Screen Click Network gt Static Route to open the IP Static Route screen Figure 99 Network gt Static Route Static Routing Settings Route Name O i Destination IP Address IP Subnet Mask 7 Gateway IP Address Metric Add Rule Application Rules Summary No Active Name Destination Gateway Metric Delete 1 Q default 255 255 255 255 0 0 0 0 0 2 Q default 239 255 255 250 0 0 0 0 0 3 Q default 172 23 31 0 0 0 0 0 0 4 Q default 182 158 3 0 0 0 0 0 0 5 Q default 239 0 0 0 0 0 0 0 0 6 Q default 0 0 0 0 172 23 31 254 1 Reset IP Static Route The following table describes the labels in this screen Table 61 Network gt Static Route LABEL DESCRIPTION Static Routing Settings Route Name Enter a the name that describes or identifies this route Destination IP Enter the IP network address of the final destination Address IP Subnet This is the subnet to which the route s final destination belongs Netmask Gateway IP Enter the the IP address of the gateway Address Metric Assign a number to identify the route Add Rule Click this to add the IP static route Application Rules Summary No This is the number of an individual static route Active The rules are always on and this is indicated by the icon Name This is the name that describes or identifies this route Destination This parameter specifies the IP network
84. 2 keyboard characters for the wireless LAN The default SSID is NBG 419N Security Select WPA PSK or WPA2 PSK to add security on this wireless mode network The wireless clients which want to associate to this network must have same wireless security settings as this device After you select to use a security additional options appears in this screen Select No Security to allow any client to connect to this network without authentication Wireless This field appears when you choose wither WPA PSK or WPA2 PSK as password the security mode Type a pre shared key from 8 to 63 case sensitive keyboard characters Verify Type the password again to confirm password Apply Click Apply to save your changes back to the NBG 419N Cancel Click Cancel to close this screen WPS Click this to configure the WPS screen You can transfer the wireless settings configured here Wireless Security screen to another wireless device that supports WPS NBG 419N User s Guide Chapter 6 Easy Mode 6 6 7 WPS Use this screen to add a wireless station to the network using WPS Click WPS in the Wireless Security to open the following screen Figure 37 Wireless Security WPS E amp wireless security get connected WiFi Protected Setup WPS provides you a easier and faster way to connect your computers device to your wireless network Use one of the following approaches to lt Click the Wi Fi
85. 2 WPA 2 PSK Application Example A WPA 2 PSK application looks as follows 1 First enter identical passwords into the AP and all wireless clients The Pre Shared Key PSK must consist of between 8 and 63 ASCII characters including spaces and symbols 2 The AP checks each wireless client s password and only allows it to join the network if the password matches 3 The AP derives and distributes keys to the wireless clients 4 The AP and wireless clients use the TKIP or AES encryption process to encrypt data exchanged between them Figure 173 WPA 2 PSK Authentication PSK 2 Fe n A pones n J N SN B B B 32 1 3 WPA 2 with RADIUS Application Example You need the IP address of the RADIUS server its port number default is 1812 and the RADIUS shared secret A WPA 2 application example with an external RADIUS server looks as follows A is the RADIUS server DS is the distribution system 1 The AP passes the wireless client s authentication request to the RADIUS server 2 The RADIUS server then checks the user s identification against its database and grants or denies network access accordingly 3 The RADIUS server distributes a Pairwise Master Key PMK key to the AP that then sets up a key hierarchy and management system using the pair wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wi
86. 4 Sys Op Mode Screen Use this screen to select how you want to use your NBG 419N Figure 132 Maintenance gt Sys OP Mode Sys OP Mode General System Operation Mode Router Mode C access Point Mode Cyisp Mode Note Router In this mode the device is supported to connect to internet via ADSL Cable Modem PCs in LAN ports share the same IP to ISP through WAH Port Access Point In this mode all Ethernet ports are bridged together The device allows the wireless equipped computer can communicate with a wired network WISP Mode In this mode the device acts as a wireless client It can connect to an existing network via an access point Also router functions are added between the wireless WAH and the LAH PEST The following table describes the labels in the General screen Table 78 Maintenance Sys OP Mode LABEL DESCRIPTION System Operation Mode Router Select Router Mode if your device routes traffic between a local network and another network such as the Internet This mode offers services such as a firewall or bandwidth management You can configure the IP address settings on your WAN port Contact your ISP or system administrator for more information on appropriate settings NBG 419N User s Guide 215 Chapter 30 Sys OP Mode LABEL DESCRIPTION Access Point Select Access Point Mode if your device bridges traffic between clients on the same network e In Acc
87. 9N apply this bandwidth management rule Direction Select LAN to apply bandwidth management to traffic from WAN to LAN Select WAN to apply bandwidth management to traffic from LAN WLAN to WAN Select WLAN to apply bandwidth management to traffic from WAN to WLAN Service Name Enter a descriptive name for the bandwidth management rule Category This is the category where a service belongs Modify Click the Edit icon to open the Rule Configuration screen Modify an existing rule or create a new rule in the Rule Configuration screen See Section 21 5 2 on page 179 for more information Click the Remove icon to delete a rule Apply Click Apply to save your customized settings Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide 177 Chapter 21 Bandwidth Management 21 5 1 Rule Configuration Application Rule Configuration 178 If you want to edit a bandwidth management rule for a pre defined service or application click the Edit icon in the Application List table of the Advanced screen The following screen displays Figure 108 Bandwidth Management Rule Configuration Application List Rule Configuration o oO e WN X XI SI SI SI SI Enable Direction Bandwidth Destination Port Source Port Protocol Minimum Bandwidth fo kbps TCP Minimum Bandwidth x f0 kbps z UDP Minimum Bandwidth x 10 kbps TCP Minimum Bandwidth f
88. A2 277 WPS 22 WWW 181 NBG 419N User s Guide Index X Xbox Live 181 NBG 419N User s Guide 297 Index NBG 419N User s Guide
89. Address and computer s MAC enter the IP address of the computer on the LAN whose MAC you address IP are cloning Address Set WAN MAC Select this option and enter the MAC address you want to use Address Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh 12 4 4 L2TP Encapsulation The Layer 2 Tunneling Protocol L2TP works at layer 2 the data link layer to tunnel network traffic between two peer devices over another network like the Internet NBG 419N User s Guide Chapter 12 WAN This screen displays when you select L2TP encapsulation Figure 83 Network gt WAN gt Internet Connection L2TP Encapsulation Encapsulation User Name Password Retype to Confirm L2TP Configuration Server IP Address Get automatically from ISP C Use Fixed IP Address IP Address IP Subnet Mask Gateway IP Address WAN IP Address Assignment Get automatically trom ISP C Use Fixed IP Address My WAN IP Address WAH DHS Assignment First DNS Server Second DNS Server WAH MAC Address e Factory default F Set WAN MAC Address Internet Connection Advanced IGMP Snooping nn ISP Parameters for Internet Access C Clone the computer s MAC address IP Address apuser SSS pe CS fe 172 111 254 1721 1 255 255 255 0 172 1 1 254 m From ISP hd From ISP footy Ree
90. Advanced LABEL DESCRIPTION RTS CTS Threshold Data with its frame size larger than this value will perform the RTS Request To Send CTS Clear To Send handshake Enter a value between 256 and 2432 Fragmentatio n Threshold The threshold number of bytes for the fragmentation boundary for directed messages It is the maximum data fragment size that can be sent Enter an even number between 256 and 2346 Enable Intra BSS Traffic A Basic Service Set BSS exists when all communications between wireless clients or between a wireless client and a wired network client go through one access point AP Intra BSS traffic is traffic between wireless clients in the BSS When Intra BSS is enabled wireless client A and B can access the wired network and communicate with each other When Intra BSS is disabled wireless client A and B can still access the wired network but cannot communicate with each other Output Power Set the output power of the NBG 419N in this field If there is a high density of APs in an area decrease the output power of the NBG 419N to reduce interference with other APs Select one of the following 100 909 o 759 o 509 o 259 o 109 o or Minimum See the product specifications for more information on your NBG 419N s output power HT High Throughput Physical Mode Use the fields below to configure the 802 11 wireless environment of your NBG 419N NBG 419N User s Guid
91. BG 419N to check web sites against an external database Bandwidth Management You can efficiently manage traffic on your network by reserving bandwidth and giving priority to certain types of traffic and or to particular computers Remote Management This allows you to decide whether a service HTTP or FTP traffic for example from a computer on a network LAN or WAN for example can access the NBG 419N Wireless LAN Scheduler You can schedule the times the Wireless LAN is enabled disabled Time and Date Get the current time and date from an external server when you turn on your NBG 419N You can also set the time manually These dates and times are then used in logs Port Forwarding If you have a server mail or web server for example on your network then use this feature to let people access it from the Internet DHCP Dynamic Host Configuration Protocol Use this feature to have the NBG 419N assign IP addresses an IP default gateway and DNS servers to computers on your network Dynamic DNS Support With Dynamic DNS Domain Name System support you can use a fixed URL www zyxel com for example with a dynamic IP address You must register for this service with a Dynamic DNS service provider IP Multicast IP Multicast is used to send traffic to a specific group of computers The NBG 419N supports versions 1 and 2 of IGMP Internet Group Management Protocol used to join multicast g
92. Clone the Select Clone the computer s MAC address IP Address and computer s MAC enter the IP address of the computer on the LAN whose MAC you address IP are cloning Address Set WAN MAC Select this option and enter the MAC address you want to use Address Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide 434 Chapter 12 WAN 12 5 Advanced WAN Screen Use this screen to enable Multicast and enable Auto bridge Note The categories shown in this screen are independent of each other To change your NBG 419N s advanced WAN settings click Network gt WAN gt Advanced The screen appears as shown Figure 84 Network gt WAN gt Advanced Multicast Setup Multicast Auto bridge Enable Auto bridge mode Internet Connection Advanced IGMP Snooping M l None m Apply Reset The following table describes the labels in this screen Table 51 Network gt WAN gt Advanced LABEL DESCRIPTION Multicast Setup Multicast Select IGMPv1 v2 to enable multicasting This applies to traffic routed from the WAN to the LAN Select None to disable this feature This may cause incoming traffic to be dropped or sent to all connected network devices Auto bridge Enable Auto bridge Select this option to have the NBG 419N switch to bridge mode mode autom
93. Configurator do not display properly in Internet Explorer check that JavaScripts are allowed NBG 419N User s Guide Appendix A Pop up Windows JavaScripts and Java Permissions 1 In Internet Explorer click Tools Internet Options and then the Security tab Figure 139 Internet Options Security General Security Privacy Content Connections Programs Advanced Select a Web content zone to specify its security settings e Z o e Internet Local intranet Trusted sites Restricted sites 4 This zone contains all Web sites you Gites haven t placed in other zones r Security level for this zone Move the slider to set the security level for this zone E Medium Safe browsing and still functional ar Prompts before downloading potentially unsafe content Unsigned Activex controls will not be downloaded Appropriate for most Internet sites Custom Level Default Level OK Cancel Apply 2 Click the Custom Level button 3 Scroll down to Scripting 4 Under Active scripting make sure that Enable is selected the default 5 Under Scripting of Java applets make sure that Enable is selected the default NBG 419N User s Guide 237 Appendix A Pop up Windows JavaScripts and Java Permissions 6 Click OK to close the window Figure 140 Security Settings Java Scripting Security Settings 34 xl Settings Scripting E Active scripting 3 Dn
94. Corp ZyXEL grants you a non exclusive non sublicense non transferable license to use the program with which this license is distributed the Software including any documentation files accompanying the Software Documentation for internal business use only for up to the number of users specified in sales order and invoice You have the right to make one backup copy of the Software and Documentation solely for archival back up or disaster recovery purposes You shall not exceed the scope of the license granted hereunder Any rights not expressly granted by ZyXEL to you are reserved by ZyXEL and all implied licenses are disclaimed 2 Ownership You have no ownership rights in the Software Rather you have a license to use the Software as long as this License Agreement remains in full force and effect Ownership of the Software Documentation and all intellectual property rights therein shall remain at all times with ZyXEL Any other use of the Software by any other entity is strictly forbidden and is a violation of this License Agreement 3 Copyright The Software and Documentation contain material that is protected by United States Copyright Law and trade secret law and by international treaty provisions All rights not granted to you herein are expressly reserved by ZyXEL You may not remove any proprietary notice of ZyXEL or any of its licensors from any copy of the Software or Documentation 4 Restrictions You may not publ
95. EP key prior to communication ASCII Select this option in order to enter ASCII characters as WEP key Hex Select this option in order to enter hexadecimal characters as a WEP key The preceding Ox that identifies a hexadecimal key is entered automatically Key 1 to Key 4 The WEP keys are used to encrypt data Both the NBG 419N and the wireless stations must use the same WEP key for data transmission If you chose 64 bit WEP then enter any 5 ASCII characters or 10 hexadecimal characters 0 9 A F If you chose 128 bit WEP then enter 13 ASCII characters or 26 hexadecimal characters 0 9 A F You must configure at least one key only one key can be activated at any one time The default key is key 1 Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to reload the previous configuration for this screen NBG 419N User s Guide Chapter 9 WISP Mode 9 5 2 WPA 2 PSK Use this screen if the access point to which you want to connect uses WPA 2 PSK security mode Figure 55 WPA PSK WPA2 PSK WISP Wireless Setup Network Name SSID Security Security Mode Encryption Type Pre Shared Key Apply WPA2 PSK Y tkp Caes Reset The following table describes the labels in this screen Table 33 WPA PSK WPA2 PSK WISP LABEL DESCRIPTION Wireless Setup Network Name SSID Enter
96. Ethernet Adapter This connection uses the following items ivi ie Client for Microsoft Networks V dB File and Printer Sharing for Microsoft Networks Internet Protocol TCP IP Install ELI Properties I Description Transmission Control Protocol Internet Protocol The default wide area network protocol that provides communication across diverse interconnected networks C Show icon in notification area when connected 5 The Internet Protocol TCP IP Properties window opens the General tab in Windows XP e If you have a dynamic IP address click Obtain an IP address automatically e If you have a static IP address click Use the following IP Address and fill in the IP address Subnet mask and Default gateway fields NBG 419N User s Guide 257 Appendix C Setting up Your Computer s IP Address e Click Advanced Figure 153 Windows XP Internet Protocol TCP IP Properties Internet Protocol TCP IP Properties General Alternate Configuration You can get IP settings assigned automatically if your network supports this capability Otherwise you need to ask your network administrator for the appropriate IP settings Obtain an IP address automatically Use the following IP address Obtain DNS server address automatically Use the following DNS server addresses 6 Ifyou do not know your gateway s IP address remove any previously installed gateways in the IP Settings tab and
97. G 419N can be managed remotely and specify a secure client that can manage the NBG 419N 22 3 What You Need to Know Remote management over LAN or WAN will not work when 1 The IP address in the Secured Client IP Address field Section 22 4 on page 184 does not match the client IP address If it does not match the NBG 419N will disconnect the session immediately 2 There is already another remote management session You may only have one remote management session running at one time 3 There is a firewall rule that blocks it NBG 419N User s Guide Chapter 22 Remote Management 22 3 1 22 3 2 Remote Management and NAT When NAT is enabled e Use the NBG 419N s WAN IP address when configuring from the WAN e Use the NBG 419N s LAN IP address when configuring from the LAN System Timeout There is a default system management idle timeout of five minutes three hundred seconds The NBG 419N automatically logs you out if the management session remains idle for longer than this timeout period The management session does not time out when a statistics screen is polling You can change the timeout period in the System screen 22 4 WWW Screen To change your NBG 419N s remote management settings click Management gt Remote Management WWW Figure 111 Management Remote Management WWW WWW WWW Server Port 80 Server Access LAN Secured Client IP Address ap C Selected 5588 Apply Reset The f
98. IC Radiation Exposure Statement This equipment complies with IC radiation exposure limits set forth for an uncontrolled environment This equipment should be installed and operated with minimum distance 20cm between the radiator amp your body Viewing Certifications 1 Goto http www zyxel com 2 Select your product on the ZyXEL home page to go to that product s page 3 Select the certification you wish to view from this page NBG 419N User s Guide 287 Appendix F Legal Information ZyXEL Limited Warranty ZyXEL warrants to the original end user purchaser that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase During the warranty period and upon proof of purchase should the product have indications of failure due to faulty workmanship and or materials ZyXEL will at its discretion repair or replace the defective products or components without charge for either parts or labor and to whatever extent it shall deem necessary to restore the product or components to proper operating condition Any replacement will consist of a new or re manufactured functionally equivalent product of equal or higher value and will be solely at the discretion of ZyXEL This warranty shall not apply if the product has been modified misused tampered with damaged by an act of God or subjected to abnormal working conditions Note Repair or replacement as provided under
99. Local Area Network LAN is a shared communication system to which many computers are attached A LAN is a computer network limited to the immediate area usually the same building or floor of a building The LAN screens can help you configure a LAN DHCP server manage IP addresses and partition your physical network into logical networks Figure 86 LAN Example WLAN I oy a 7 The LAN screens can help you manage IP addresses 13 2 What You Can Do e Use the IP screen Section 13 4 on page 137 to change the IP address for your NBG 419N e Use the IP Alias screen Section 13 5 on page 138 to have the NBG 419N apply IP alias to create LAN subnets NBG 419N User s Guide Chapter 13 LAN 13 3 What You Need To Know 13 3 1 13 3 2 The actual physical connection determines whether the NBG 419N ports are LAN or WAN ports There are two separate IP networks one inside the LAN network and the other outside the WAN network as shown next Figure 87 LAN and WAN IP Addresses LAN WAN o dens W The LAN parameters of the NBG 419N are preset in the factory with the following values e IP address of 192 168 1 1 with subnet mask of 255 255 255 0 24 bits e DHCP server enabled with 32 client IP addresses starting from 192 168 1 33 These parameters should work for the majority of installations If your ISP gives you explicit DNS server address es read the embedded Web Configurator help regarding what fields n
100. Map screen click Status to view read only information about the NBG 419N Name Time WAN IP MAC Address Firmware Version Wireless Network Name SSID Security Figure 38 Status Screen in Easy Mode The following table describes the labels in this screen Table 23 Status Screen in Easy Mode ITEM DESCRIPTION Name This is the name of the NBG 419N in the network You can change this in the Maintenance gt General screen in Section 24 3 on page 197 Time This is the current system date and time The date is in YYYY MM DD Year Month Day format The time is in HH MM SS Hour Minutes Seconds format WAN IP This is the IP address of the WAN port MAC Address This is the MAC address of the NBG 419N Firmware Version This shows the firmware version of the NBG 419N The firmware version format shows the trunk version model code and release number Wireless Network This shows the SSID of the wireless network You can configure Name this in the Wireless Security screen Section 6 6 6 on page 59 Section 11 3 1 1 on page 101 Security This shows the wireless security used by the NBG 419N NBG 419N User s Guide Chapter 6 Easy Mode NBG 419N User s Guide Router Mode 7 1 Overview The NBG 419N is set to router mode by default Routers are used to connect the local network to another network for example the Internet In the figure below th
101. Mode 30 1 Overview The Sys OP Mode System Operation Mode function lets you configure your NBG 419N as a router access point or Wireless ISP WISP client You can choose between Router Mode Access Point Mode and WISP Mode depending on your network topology and the features you require from your device See Section 5 1 2 on page 49 for more information on which mode to choose 30 2 What You Can Do Use the Sys OP Mode screen Section 30 4 on page 215 to select how you want to use your NBG 419N 30 3 What You Need to Know The following describes the device modes available in your NBG 419N NBG 419N User s Guide Chapter 30 Sys OP Mode Router A router connects your local network with another network such as the Internet The router has two IP addresses the LAN IP address and the WAN IP address Figure 129 LAN and WAN IP Addresses in Router Mode LAN WAN i i TERN Eyi WAN IP Access Point An access point enabled all ethernet ports to be bridged together and be in the same subnet To connect to the Internet another device such as a router is required Figure 130 IP Address in Access Point Mode LAN NBG 419N User s Guide Chapter 30 Sys OP Mode WISP A WISP client connects to an existing access point wirelessly It acts just like a wireless client in notebooks computers Figure 131 IP Address in Access Point Mode iene a Wireless Access Point Client 30
102. N Turn on your computer and the NBG 419N 23 5 1 1 Auto discover Your UPnP enabled Network Device Click start and Control Panel Double click Network Connections An icon displays under Internet Gateway Right click the icon and select Properties Figure 113 Network Connections Network Connections File Edit View Favorites Tools Advanced Help Qe amp d Search e Folders Ez Address e Network Connections Internet Gateway Network Tasks Create a new connection Internet Connection Set up a home or small office network Disable this network device LANorH Status Create Shortcut uj Rename this connection View status of this connection Change settings of this Properties LC Rename connection NBG 419N User s Guide Chapter 23 Universal Plug and Play UPnP 3 Inthe Internet Connection Properties window click Settings to see the port mappings there were automatically created Figure 114 Internet Connection Properties eee General Connect to the Internet using Intenet Connection This connection allows you to connect to the Internet through a shared connection on another computer Show icon in notification area when connected 4 You may edit or delete the port mappings or click Add to manually add port mappings Figure 115 Internet Connection Properties Advanced Settings Advances
103. N IP Enter your WAN IP address in this field if you selected Use Fixed IP Address Address WAN DNS Assignment NBG 419N User s Guide Chapter 12 WAN Table 49 Network gt WAN gt Internet Connection PPTP Encapsulation LABEL DESCRIPTION First DNS Server Second DNS Server Select From ISP if your ISP dynamically assigns DNS server information and the NBG 419N s WAN IP address The field to the right displays the read only DNS server IP address that the ISP assigns Select User Defined if you have the IP address of a DNS server Enter the DNS server s IP address in the field to the right If you chose User Defined but leave the IP address set to 0 0 0 0 User Defined changes to None after you click Apply If you set a second choice to User Defined and enter the same IP address the second User Defined changes to None after you click Apply Select None if you do not want to configure DNS servers If you do not configure a DNS server you must know the IP address of a computer in order to access it WAN MAC Address The MAC address section allows users to configure the WAN port s MAC address by either using the NBG 419N s MAC address copying the MAC address from a computer on your LAN or manually entering a MAC address Factory default Select Factory default to use the factory assigned default MAC Address Clone the Select Clone the computer s MAC address IP
104. NBG 419N Wireless N Home Router Default Login Details IP Address http 192 168 1 1 Password 1234 Firmware Version 1 0 Edition 2 5 2009 www zyxel com Copyright 2009 ZyXEL Communications Corporation About This User s Guide About This User s Guide Intended Audience This manual is intended for people who want to configure the NBG 419N using the Web Configurator You should have at least a basic knowledge of TCP IP networking concepts and topology Related Documentation e Quick Start Guide The Quick Start Guide is designed to help you get up and running right away It contains information on setting up your network and configuring for Internet access Supporting Disc Refer to the included CD for support documents e ZyXEL Web Site Please refer to www zyxel com for additional support documentation and product certifications User Guide Feedback Help us help you Send all User Guide related comments questions or suggestions for improvement to the following address or use e mail instead Thank you The Technical Writing Team ZyXEL Communications Corp 6 Innovation Road II Science Based Industrial Park Hsinchu 300 Taiwan E mail techwriters zyxel com tw NBG 419N User s Guide 3 About This User s Guide Customer Support In the event of problems that cannot be solved by using this manual you should contact your vendor If you cannot contact your vendor then conta
105. NS Configuration IP Address Domain Suffix Search Order Cancel 4 Click the Gateway tab e If you do not know your gateway s IP address remove previously installed gateways e If you have a gateway IP address type it in the New gateway field and click Add 5 Click OK to save and close the TCP IP Properties window 6 Click OK to close the Network window Insert the Windows CD if prompted 7 Turn on your Prestige and restart your computer when prompted Verifying Settings 1 Click Start and then Run 2 Inthe Run window type winipcfg and then click OK to open the IP Configuration window NBG 419N User s Guide Appendix C Setting up Your Computer s IP Address 3 Select your network adapter You should see your computer s IP address subnet mask and default gateway Windows 2000 NT XP The following example figures use the default Windows XP GUI theme 1 Click start Start in Windows 2000 NT Settings Control Panel Figure 149 Windows XP Start Menu Internet Explorer eA My Documents e Outlook Express y Paint Files and Settings Transfer W 2 My Recent Documents gt e My Pictures BJ Command Prompt EJ Acrobat Reader 4 0 Tour windows XP V Windows Movie Maker Q9 Help and Support Search All Programs gt 17 Run P Log Off Ko Turn Off Computer 5 untitled Paint NBG 419N User s Guide 255 Appendix C Setting up Your Computer s IP Ad
106. Networks from the list of network clients and then click OK 5 Restart your computer so the changes you made take effect Configuring 1 Inthe Network window Configuration tab select your network adapter s TCP IP entry and click Properties 2 Click the IP Address tab e If your IP address is dynamic select Obtain an IP address automatically e If you have a static IP address select Specify an IP address and type your information into the IP Address and Subnet Mask fields Figure 147 Windows 95 98 Me TCP IP Properties IP Address TCP IP Properties 21x Bindings Advanced Netplos DNS Configuration Gateway WINS Configuration IP Address n IP address can be automatically assigned to this computer If your network does not automatically assign IP addresses ask your network administrator for an address and then type it in the space below C Specify an IP address v Detect connection to network media Cancel NBG 419N User s Guide 253 Appendix C Setting up Your Computer s IP Address 3 Click the DNS Configuration tab e If you do not know your DNS information select Disable DNS e If you know your DNS information select Enable DNS and type the information in the fields below you may not need to fill them all in Figure 148 Windows 95 98 Me TCP IP Properties DNS Configuration TCP IP Properties 3 xl Bindings Advanced NeBios DNS Configuration Gateway WI
107. Select this option If your ISP did not assign you a fixed IP address This automatically is the default selection from ISP Default Use Fixed IP Select this option If the ISP assigned a fixed IP address Address IP Address Enter your WAN IP address in this field if you selected Use Fixed IP Address IP Subnet Enter the IP Subnet Mask in this field Mask Gateway IP Enter a Gateway IP Address if your ISP gave you one in this field Address WAN DNS Assignment First DNS Server Second DNS Server Select From ISP if your ISP dynamically assigns DNS server information and the NBG 419N s WAN IP address The field to the right displays the read only DNS server IP address that the ISP assigns Select User Defined if you have the IP address of a DNS server Enter the DNS server s IP address in the field to the right If you chose User Defined but leave the IP address set to 0 0 0 0 User Defined changes to None after you click Apply If you set a second choice to User Defined and enter the same IP address the second User Defined changes to None after you click Apply Select None if you do not want to configure DNS servers If you do not configure a DNS server you must know the IP address of a computer in order to access it WAN MAC Address The MAC address section allows users to configure the WAN port s MAC address by either using the NBG 419N s MAC address copying the MAC address from a computer on your LAN or m
108. Station Status Details Status OFF Name SSID ZyXEL Channel Channel 06 2437MHz Operating Channel Channel 06 2437MHz Security Mode No Security 802 11 Mode 802 11b g n WPS Configured Interface Status Interface Status WAN Up LAN Up The following table describes the icons shown in the Status screen Table 24 Status Screen Icon Key Router Mode ICON DESCRIPTION FAbout Click this icon to view copyright and a link for related product information Click this icon to go to Easy Mode See Chapter 6 on page 51 Click this to go to the Home page See Chapter 4 on page 43 Select a number of seconds or None from the drop down list box to refresh 7 Refresh Interval None 7 all screen statistics automatically at the end of every time interval or to not refresh the screen statistics Click this button to refresh the status screen statistics NBG 419N User s Guide Chapter 7 Router Mode Table 24 Status Screen Icon Key Router Mode continued ICON DESCRIPTION Click this icon to see the Status page The information in this screen depends on the device mode you select Click this icon to see the Monitor navigation menu Click this icon to see the Configuration navigation menu k 4 Click this icon to see the Maintenance navigation menu The following table describes the labels shown in the Status
109. UBIE 1 1 deett tact ri ddr r a CI aed d nre 0L Lo LEE SE Ves edu e aste dod tet b Sra aid 147 15 5 1 Trigger Port Forwarding EXSPIIBIB uscicse FREI n be ER iN QxPE FH ESAE FEES Ure inane 149 15 5 2 Two Points To Remember About Trigger Ports sssssssssssssss 149 Chapter 16 yd c M 151 TO L ONO i ANT 151 10 2 What You Gan DO orina an a E AD N A 151 153 What You Need TO KOW cise cael eee ie E iad DAA AR 151 ta Deane DNS OCIO esini aR eo omteeeeeaentae 152 Chapter 17 SE RONO oro iv cali HEAR REA GERA ERR angina cities CVM D TE RU U MOM TRAMA QER SEEN TO MEU PORUM OREL CHAIR CERE 153 WU ETE emm 153 Te ws You C Sn EO uscite bep ebria a Vua dre ice radica 153 127 24 P Statie Route SOGE oeira mase Sieet i cpodaiu t Peck abor t Seba prpR EA 154 Chapter 18 i e KC 157 INE MORTO REN 157 de 7 a TOU E a EG ocstotustastiicatio tuetecuteetetente vette tolam teaser bent ds Ela ndba tb ndinensencaty 157 Eder crm 157 Part Ii Secun e 159 Chapter 19 PERE a Enti a n a a a a 161 kc tts eT ER I 161 T1952 Wat TOU C a EG Lascia sce dread Soden hall sain ebria iubute ete bete leputetuibelsed es idees 162 19 3 What You Need To IE uei epa EE lr i EI PEE a ne Ede herd 3 gea o taki La d eO treten ot 162 NBG 419N User s Guide 15 Table of Contents 19 4 General Firewall SOIBBIT xiicsnxiaioxexineei idi exte
110. Virtual Private Network VPN using TCP IP based networks PPTP supports on demand multi protocol and virtual private networking over public networks such as the Internet Refer to the appendix for more information on PPTP The NBG 419N supports one PPTP server connection at any given time Figure 9 Internet Connection Type PPTP 1 Internet Connection Type PPTP amp Please refer the information provided t ir Internet Ser following bl s SiDynamic IP Static IP PPTP Address 12 111 PPTP Subnet Mask 255 255 255 0 PPTP Gateway IP Address 172 1 1 254 PPTP Server IP Address 72 1 1 254 User Name pptp_user Password The following table describes the fields in this screen Table 5 Internet Connection Type PPTP LABEL DESCRIPTION Internet Select PPTP from the drop down list box To configure a PPTP client Connection Type you must configure the User Name and Password fields for a PPP connection and the PPTP parameters for a PPTP connection Dynamic IP Select this radio button if your ISP did not assign you a fixed IP address Static IP Select this radio button provided by your ISP to give the NBG 419N a fixed unique IP address PPTP Address Type the static IP address assigned to you by your ISP PPTP Subnet Type the subnet mask assigned to you by your ISP if given Mask NBG 419N User s Guide Chapter 2 Connection Wizard Table 5 Internet Connection Type PPTP
111. WISP Mode LABEL DESCRIPTION CPU Usage This displays what percentage of the NBG 419N s processing ability is currently used When this percentage is close to 100 the NBG 419N is running at full load and the throughput is not going to improve anymore If you want some applications to have more throughput you should turn off other applications for example using bandwidth management Memory Usage This shows what percentage of the heap memory the NBG 419N is using System Setting Firewall This shows whether the firewall is enabled or not Bandwidth This shows whether the bandwidth management is enabled or not Management UPnP This shows whether UPnP is enabled or not Configuration Mode This shows the web configurator mode you are viewing Expert Interface Status Interface This displays the NBG 419N port types The port types are LAN and WLAN Status For the LAN and WAN ports this field displays Down line is down or Up line is up or connected For the WLAN it displays Up when the WLAN is enabled or Down when the WLAN is disabled Rate For the LAN ports this displays the port speed and duplex setting or N A when the line is disconnected For the WAN port it displays the port speed and duplex setting if you re using Ethernet encapsulation and Idle line ppp idle Dial starting to trigger a call and Drop dropping a call if you re using PPPoE or PPTP enc
112. Wireless password E Verify Password WPA2 PSK v NBG 419N User s Guide Chapter 2 Connection Wizard The following table describes the labels in this screen Table 8 Wireless Security WPA PSK WPA2 PSK LABEL DESCRIPTION Wireless Enter a descriptive name up to 32 printable 7 bit ASCII characters for the Network wireless LAN Name SSID If you change this field on the NBG 419N make sure all wireless stations use the same SSID in order to access the network Security Select a Security level from the drop down list box mode Choose WPA PSK or WPA2 PSK security to configure a Pre Shared Key Choose this option only if your wireless clients support WPA PSK or WPA2 PSK respectively Wireless Type from 8 to 63 case sensitive ASCII characters You can set up the password most secure wireless connection by configuring WPA in the wireless LAN screens Verify Retype the password to confirm Password Exit Click this to close the wizard screen without saving Back Click this to return to the previous screen Next Click this to continue Congratulations Open a web browser such as Internet Explorer to visit your favorite website Note If you cannot access the Internet when your computer is connected to one of the NBG 419N s LAN ports check your connections Then turn the NBG 419N off wait for a few seconds then turn it back on If that does not work log in to the
113. You Can Do Use the UPnP screen Section 23 4 on page 188 to enable UPnP on your NBG 419N 23 3 What You Need to Know 23 3 1 UPnP hardware is identified as an icon in the Network Connections folder Windows XP Each UPnP compatible device installed on your network will appear as a separate icon Selecting the icon of a UPnP device will allow you to access the information and properties of that device NAT Traversal UPnP NAT traversal automates the process of allowing an application to operate through NAT UPnP network devices can automatically configure network addressing announce their presence in the network to other UPnP devices and enable exchange of simple product and service descriptions NAT traversal allows the following e Dynamic port mapping NBG 419N User s Guide 187 Chapter 23 Universal Plug and Play UPnP 23 3 2 e Learning public IP addresses e Assigning lease times to mappings Windows Messenger is an example of an application that supports NAT traversal and UPnP See the NAT chapter for more information on NAT Cautions with UPnP The automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues Network information and configuration may also be obtained and modified by users in some network environments When a UPnP device joins a network it announces its presence with a multicast message For security reason
114. abled in the Pop up Blocker section in the Privacy tab NBG 419N User s Guide 233 Appendix A Pop up Windows JavaScripts and Java Permissions 1 In Internet Explorer select Tools Internet Options Privacy 2 Clearthe Block pop ups check box in the Pop up Blocker section of the screen This disables any web pop up blockers you may have enabled Figure 136 Internet Options Privacy Internet Options PIR pa General Security Privacy Content Connections Programs Advanced Settings Move the slider to select a privacy setting for the Internet RR zone Medium Blocks third party cookies that do not have a compact privacy policy CJ Blocks third party cookies that use personally identifiable information without your implicit consent Restricts first party cookies that use personally identifiable information without implicit consent Pop up Blocker Prevent most pop up windows from appearing Block pop ups 3 Click Apply to save this setting Enable pop up Blockers with Exceptions Alternatively if you only want to allow pop up windows from your device see the following steps 1 In Internet Explorer select Tools Internet Options and then the Privacy tab NBG 419N User s Guide Appendix A Pop up Windows JavaScripts and Java Permissions 2 Select Settings to open the Pop up Blocker Settings screen Figure 137 Internet Options Privacy Internet Options
115. ach octet This is usually specified by writing a followed by the number of bits in the mask after the address For example 192 1 1 0 25 is equivalent to saying 192 1 1 0 with subnet mask 255 255 255 128 The following table shows some possible subnet masks using both notations Table 84 Alternative Subnet Mask Notation SUBNET ALTERNATIVE LAST OCTET LAST OCTET MASK NOTATION BINARY DECIMAL 255 255 255 0 24 0000 0000 0 255 255 255 12 25 1000 0000 128 8 255 255 255 19 26 1100 0000 192 2 255 255 255 22 27 1110 0000 224 4 255 255 255 24 28 1111 0000 240 0 255 255 255 24 29 1111 1000 248 8 255 255 255 25 30 1111 1100 252 2 NBG 419N User s Guide Appendix B IP Addresses and Subnetting Subnetting You can use subnetting to divide one network into multiple sub networks In the following example a network administrator creates two sub networks to isolate a group of servers from the rest of the company network for security reasons In this example the company network address is 192 168 1 0 The first three octets of the address 192 168 1 are the network number and the remaining octet is the host ID allowing a maximum of 28 2 or 254 possible hosts The following figure shows the company network before subnetting Figure 144 Subnetting Example Before Subnetting ap RR EN RN HN NUN HUN NI INA NN UE a ee ee ae a 4 f
116. address of the final destination Routing is always based on network number NBG 419N User s Guide Chapter 17 Static Route Table 61 Network gt Static Route LABEL DESCRIPTION Gateway This is the IP address of the gateway The gateway is a router or switch on the same network segment as the device s LAN or WAN port The gateway helps forward packets to their destinations Metric This is the number assigned to the route Delete Click the Delete icon to remove a static route from the NBG 419N A window displays asking you to confirm that you want to delete the route NBG 419N User s Guide 155 Chapter 17 Static Route NBG 419N User s Guide RIP 18 1 Overview Routing Information Protocol RIP is an interior or intra domain routing protocol that uses distance vector routing algorithms RIP is used on the Internet and is common in the NetWare environment as a method for exchanging routing information between routers 18 2 What You Can Do Use the RIP screen Section 18 3 on page 157 to enable RIPv1 or RIPv2 which are LAN broadcast protocols 18 3 RIP Screen Use this screen to enable RIPv1 or RIPv2 which are LAN broadcast protocols Click Network gt RIP The screen appears as shown Figure 100 Network gt RIP MENS RIP Setup RIP None Apply Reset NBG 419N User s Guide 1 57 Chapter 18 RIP The following table des
117. affic This is traffic from WAN to LAN WLAN Application List Use this table to allocate specific amounts of bandwidth based on a pre defined service NBG 419N User s Guide Chapter 21 Bandwidth Management Table 67 Management gt Bandwidth Management gt Advanced continued LABEL DESCRIPTION This is the number of an individual bandwidth management rule Priority Select a priority from the drop down list box Choose High Mid or Low e High Select this for voice traffic or video that is especially sensitive to jitter jitter is the variations in delay e Mid Select this for excellent effort or better than best effort and would include important business traffic that can tolerate some delay e Low Select this for non critical background traffic such as bulk transfers that are allowed but that should not affect other applications and users Category This is the category where a service belongs Service This is the name of the service Select the check box to have the NBG 419N apply this bandwidth management rule Advanced Click the Edit icon to open the Rule Configuration screen where you Setting can modify the rule User defined Use this table to allocate specific amounts of bandwidth to specific Service applications or services you specify This is the number of an individual bandwidth management rule Enable Select this check box to have the NBG 41
118. allow the NBG 419N to be remotely accessed through the WLAN interface Check your remote management settings 222 NBG 419N User s Guide Chapter 31 Troubleshooting e See the chapter on Wireless LAN in the User s Guide for more information to select Router Mode set up URL keyword blocking but can still access a website that should be blocked Make sure that you select the Enable URL Keyword Blocking check box in the Content Filtering screen Make sure that the keywords that you type are listed in the Keyword List If a keyword that is listed in the Keyword List is not blocked when it is found in a URL customize the keyword blocking using commands See the Customizing Keyword Blocking URL Checking section in the Content Filter chapter can access the Internet but cannot open my network folders In the Network LAN Advanced screen make sure Allow between LAN and WAN is checked This is not checked by default to keep the LAN secure If you still cannot access a network folder make sure your account has access rights to the folder you are trying to open can access the Web Configurator after switched to AP mode When you change from router mode to AP mode your computer must have an IP address in the range between 192 168 1 3 and 192 168 1 254 Refer to Appendix C on page 251 for instructions on how to change your computer s IP address NBG 419N User s Guide 223 C
119. ample TCP port 80 defines web traffic Source Address Enter the IP address of the computer that initializes traffic for the application or service The NBG 419N applies bandwidth management to traffic initiating from this computer Source Subnet Enter the subnet netmask of the computer initiating the traffic for which Netmask the bandwidth management rule applies Source Port This is the port number of the source that define the traffic type for example TCP port 80 defines web traffic NBG 419N User s Guide 1 79 Chapter 21 Bandwidth Management LABEL DESCRIPTION Protocol Select the protocol TCP UDP User defined for which the bandwidth management rule applies If you select User defined enter the protocol for which the bandwidth management rule applies For example ICMP for ping traffic Apply Click Apply to save your customized settings Cancel Click Cancel to exit this screen without saving See Appendix E on page 281 for commonly used services and port numbers 21 6 Monitor Screen Use this screen to view the amount of network bandwidth that applications running in the network are using The bandwidth is measured in kilobits per second kbps The monitor shows what kinds of applications are running in the network the maximum kbps that each application can use as well as the percentage of bandwidth it is using Figure 110 Management gt Bandwidth Management
120. an Do Use the View Log screen Section 25 4 on page 200 to see the logs for the categories such as system maintenance system errors access control allowed or blocked web sites blocked web features and so on 25 3 What You Need to Know An alert is a type of log that warrants more serious attention They include system errors attacks access control and attempted access to blocked web sites or web sites with restricted web features such as cookies active X and so on Some categories such as System Errors consist of both logs and alerts You may differentiate them by their color in the View Log screen Alerts display in red and logs display in black Alerts are e mailed as soon as they happen Logs may be e mailed as soon as the log is full see Log Schedule Selecting many alert and or log categories especially Access Control may result in many e mails being sent NBG 419N User s Guide Chapter 25 Password 25 4 Password Screen Use the View Log screen to see the logged messages for the NBG 419N Options include logs about system maintenance system errors access control allowed or blocked web sites blocked web features such as ActiveX controls Java and cookies attacks such as DoS and IPSec Log entries in red indicate system error logs The log wraps around and deletes the old entries after it fills Click a column heading to sort the entries A triangle indicates ascending or descending sort order Cli
121. anint eer EE EE E 80 9 3 1 Setting your NBG 419N to WISP Mode irr rr errare nnii 80 9 3 2 Accessing the Web Configurator in WISP Mode ccccsscccceeeeseecceceeeeeeceeenenteneeee 80 9 2 WISP Node Status SOR aciceccassccenisscaineterancenateeareninebiacenseuchdaaasseael ane a Eiaa 81 99 VNEIESS LAN General Saree MT UU TL I 84 95 1 DUC WEP sorps a N RO 85 TOL NPA PPOK aaa was ea oes Sede cee stes nes eae a esd Baa Rives 87 BS OD ey I GOBEN actae a a a a el aden eatin doa 88 Chapter 10 WCAG se 89 pL v e aa AE E aia oeno d Eai NE 89 10 2 Connecting to the Internet from an Access Point ssssssee en 89 10 3 Configuring Wireless Security Using WPS uice etr pita erbe Xi vaoRRE Er HIx dec iin EE EUR VERO RUE ES 89 10 3 1 Fush Button Conguradon P BL iie iurr c Erro peto a EPIS ER dS op ts 90 TOSS FIC OBIRGUESUCIEI seran diex Ebr UU ER P tent ert atime ries tite nrrure err rarer IDE FEE EA IDEE ER AA MU E peM RAS 91 10 4 Enabling and Configuring Wireless Security No WPS sseeemmm 93 104 7 Conor Your DOHRDBODE Siu ad EE Let eps Er eet ed a dd 94 Part IP NEIWOT ui p HERE HERE HIER UNUM cesses 97 Chapter 11 bilo 351 NT M TTD EP ENT RN RA 99 NBG 419N User s Guide 13 Table of Contents EEUU o m E Q 99 TZ VUE YOU SI DO Laien coat bts a e pAK dt A KLRERI taf E s bud quura Uu AJ ERU CH maagedacsfanunds KEoPRE nd id Iud 100 puse xu ron G
122. anually entering a MAC address Factory default Select Factory default to use the factory assigned default MAC Address Clone the Select Clone the computer s MAC address IP Address and enter computer s MAC the IP address of the computer on the LAN whose MAC you are cloning address IP Address Set WAN MAC Select this option and enter the MAC address you want to use Address Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide on Chapter 12 WAN 12 4 2 PPPoE Encapsulation The NBG 419N supports PPPoE Point to Point Protocol over Ethernet PPPoE is an IETF standard RFC 2516 specifying how a personal computer PC interacts with a broadband modem DSL cable wireless etc connection The PPP over Ethernet option is for a dial up connection using PPPoE For the service provider PPPoE offers an access and authentication method that works with existing access control systems for example Radius One of the benefits of PPPoE is the ability to let you access one of multiple network services a function known as dynamic service selection This enables the service provider to easily create and offer new IP services for individuals Operationally PPPoE saves significant effort for both you and the ISP or carrier as it requires no specific configuration of the broadband modem at the customer site
123. apsulation This field displays N A when the line is disconnected For the WLAN it displays the maximum transmission rate when the WLAN is enabled and N A when the WLAN is disabled Summary BW MGMT Monitor Click Details to go to the Monitor gt BW MGMT Monitor screen Section 4 3 on page 43 Use this screen to view the amount of network bandwidth that applications running in the network are using DHCP Table Click Details to go to the Monitor gt DHCP Table screen Section 4 4 on page 44 Use this screen to view current DHCP client information Packet Statistics Click Details to go to the Monitor gt Packet Statistics screen Section 4 5 on page 45 Use this screen to view port status and packet specific statistics NBG 419N User s Guide Chapter 9 WISP Mode 9 5 Wireless LAN General Screen Use this screen to configure the wireless LAN settings of your NBG 419N Go to Configuration gt Wireless LAN gt General to open the following screen Figure 52 WISP Mode LAN gt General Screen Wireless Setup Network Name SSID Security Security Mode No Security Apply Reset The following table describes the labels in this screen Table 30 WISP Mode LAN gt General Screen LABEL DESCRIPTION Wireless Setup Network Enter the name of the access point to which you are connecting Name SSID Security Security Select the
124. apter 30 on page 213 of this User s Guide 9 3 1 Setting your NBG 419N to WISP Mode 1 Log into the Web Configurator if you haven t already See the Quick start Guide for instructions on how to do this 2 To set your NBG 419N to AP Mode go to Maintenance gt Sys OP Mode gt General and select WISP Mode Figure 49 Changing to WISP mode General System Operation Mode C Router Mode C access Point Mode ISP Mode Note Router In this mode the device is supported to connect to internet via ADSL Cable Modem PCs in LAH ports share the same IP to ISP through WAH Port Access Point In this mode all Ethernet ports are bridged together The device allows the wireless equipped computer can communicate with a wired network WISP Mode In this mode the device acts as a wireless client It can connect to an existing network via an access point Also router functions are added between the wireless WAH and the LAN Apply Reset Note You have to log in to the Web Configurator again when you change modes As Soon as you do your NBG 419N is already in WISP mode 3 When you select WISP Mode the following pop up message window appears Figure 50 Pop up window for WISP mode The page at http 192 168 1 1 says Ports are LAN 5 Ethernet LAN ports WLAN as WAN LAN DHCP server is configurable LAN IP is 192 168 1 1 WAN IP is configurable Click OK The Web Configurator refreshes once the change to WISP mode
125. art Date Configure the day and time when Daylight Saving Time starts if you selected Daylight Savings The o clock field uses the 24 hour format Here are a couple of examples Daylight Saving Time starts in most parts of the United States on the first Sunday of April Each time zone in the United States starts using Daylight Saving Time at 2 A M local time So in the United States you would select First Sunday April and type 2 in the o clock field Daylight Saving Time starts in the European Union on the last Sunday of March All of the time zones in the European Union start using Daylight Saving Time at the same moment 1 A M GMT or UTC So in the European Union you would select Last Sunday March The time you type in the o clock field depends on your time zone In Germany for instance you would type 2 because Germany s time zone is one hour ahead of GMT or UTC GMT 1 End Date Configure the day and time when Daylight Saving Time ends if you selected Daylight Savings The o clock field uses the 24 hour format Here are a couple of examples Daylight Saving Time ends in the United States on the last Sunday of October Each time zone in the United States stops using Daylight Saving Time at 2 A M local time So in the United States you would select Last Sunday October and type 2 in the o clock field Daylight Saving Time ends in the European Union on the last Sunday of October All of the time zones in the European Union sto
126. atically when the NBG 419N gets a WAN IP address in the range of 192 168 x y where x and y are from zero to nine no matter what the LAN IP address is Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh 12 6 IGMP Snooping Screen Use this screen to enable IGMP snooping if you have LAN users that subscribe to multicast services EI NBG 419N User s Guide Chapter 12 WAN IGMP Internet Group Multicast Protocol is a network layer protocol used to establish membership in a multicast group it is not used to carry user data Click Network gt WAN gt IGMP Snooping The screen appears as shown Figure 85 Network gt WAN gt IGMP Snooping Internet Connection Advanced IGMP Snooping p IGMP Snooping Setup Enable IGMP Snooping Tian Franz Flans Tana Apply Reset The following table describes the labels in this screen Table 52 Network gt WAN gt IGMP Snooping LABEL DESCRIPTION Auto bridge Enable IGMP Select this option to have the NBG 419N use IGMP snooping ee Check the LAN port s to which IGMP snooping applies Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide 133 Chapter 12 WAN NBG 419N User s Guide 13 1 Overview This chapter describes how to configure LAN settings A
127. ation needs a continuous data stream that port range will be tied up so that another computer on the LAN can t trigger it NBG 419N User s Guide Chapter 15 Network Address Translation NAT NBG 419N User s Guide Dynamic DNS 16 1 Overview Dynamic DNS DDNS services let you use a domain name with a dynamic IP address 16 2 What You Can Do Use the Dynamic DNS screen Section 16 4 on page 152 to enable DDNS and configure the DDNS settings on the NBG 419N 16 3 What You Need To Know Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you in NetMeeting CU SeeMe etc You can also access your FTP server or Web site on your own computer using a domain name for instance myhost dhs org where myhost is a name of your choice that will never change instead of using an IP address that changes each time you reconnect Your friends or relatives will always be able to call you even if they don t know your IP address NBG 419N User s Guide 151 Chapter 16 Dynamic DNS 16 4 Dynamic DNS Screen To change your NBG 419N s DDNS click Network gt DDNS The screen appears as shown Figure 97 Network gt DDNS Dynamic DHS Setup Enable Dynamic DNS Service Provider ViWWY DynDNS ORG v Host Name User Name Password Apply Reset The following table describes the labels in this screen
128. ault or cloning the MAC address from a computer on your LAN Choose Factory Default to select the factory assigned default MAC Address Otherwise click Clone the computer s MAC address IP Address and enter the IP address of the computer on the LAN whose MAC you are cloning Once it is successfully configured the address will be copied to configuration file It is recommended that you clone the MAC address prior to hooking up the WAN Port 12 3 2 Multicast Traditionally IP packets are transmitted in one of either two ways Unicast 1 sender 1 recipient or Broadcast 1 sender everybody on the network Multicast delivers IP packets to a group of hosts on the network not everybody and not just 1 Figure 79 Multicast Example Server In the multicast example above systems A and D comprise one multicast group In multicasting the server only needs to send one data stream and this is delivered to systems A and D IGMP Internet Group Multicast Protocol is a network layer protocol used to establish membership in a multicast group it is not used to carry user data The NBG 419N supports both IGMP version 1 IGMP v1 and IGMP version 2 IGMP v2 At start up the NBG 419N queries all directly connected networks to gather group membership After that the NBG 419N periodically updates this information IP multicasting can be enabled disabled on the NBG 419N LAN and or WAN NBG 419N User s Guide 121 Chapter 12
129. b site and use the Web Configurator to put it on the NBG 419N Note Only upload firmware for your specific model Configuration Backup amp Restoration Make a copy of the NBG 419N s configuration and put it back on the NBG 419N later if you decide you want to revert back to an earlier configuration Network Address Translation NAT Each computer on your network must have its own unique IP address Use NAT to convert a single public IP address to multiple private IP addresses for the computers on your network Firewall You can configure firewall on the NBG 419N for secure Internet access When the firewall is on by default all incoming traffic from the Internet to your network is blocked unless it is initiated from your network This means that probes from the outside to your network are not allowed but you can safely browse the Internet and download files for example NBG 419N User s Guide Chapter 32 Product Specifications Table 80 Firmware Features FEATURE DESCRIPTION Content Filter The NBG 419N blocks or allows access to web sites that you specify and blocks access to web sites with URLs that contain keywords that you specify You can define time periods and days during which content filtering is enabled You can also include or exclude particular computers on your network from content filtering You can also subscribe to category based content filtering that allows your N
130. bandwidth that applications running in the network are using NBG 419N User s Guide Chapter 7 Router Mode Table 25 Status Screen Router Mode LABEL DESCRIPTION DHCP Table Click Details to go to the Monitor gt DHCP Table screen Section 4 4 on page 44 Use this screen to view current DHCP client information Packet Statistics Click Details to go to the Monitor gt Packet Statistics screen Section 4 5 on page 45 Use this screen to view port status and packet specific statistics WLAN Station Status Click Details to go to the Monitor gt WLAN Station Status screen Section 4 6 on page 46 Use this screen to view the wireless stations that are currently associated to the NBG 419N 7 3 1 Navigation Panel Use the sub menus on the navigation panel to configure NBG 419N features Figure 41 Navigation Panel Router Mode MONITOR CONFIGURATION MAINTENANCE open all close all open all close all open all close all Monitor Ne d Maintenance x BW MGMT Monitor WAN vorc DH ble Remo UPnP The following table describes the sub menus Table 26 Navigation Panel Router Mode LINK TAB FUNCTION Status This screen shows the NBG 419N s general device system and interface status information Use this screen to access the wizard and summary statistics tables MONITOR Log Use this screen to view the list of activities recorded by your NBG 419N
131. c a a 197 E PCIE e eE cue ta ib reb peu apu eun E pn Orta botte a tu ed C Pres E EH D sve E Hof T Ret 197 MM EC Cc UD UN DO P Cm 197 EXSCEtCOILIE MICI TTE 197 Chapter 25 til c Me D MI M 199 ao T OVIUM Lese Sat landi dist eed Me MEME MSRP MD MAE EUM 199 za PIRI Yuu Cat D cache ee A secs er ie deti cena duced tet aae et ve doeet a lu dead edd esp uae adden iub 199 25 3 What Y ou Need TO KNOW snk e tdi Erba Lap pavit saad e id drca dia d Lg i d dd 199 POM password CPR uoisctiuaetu sabes tdi te tori duties better let eb Guida N 200 Chapter 26 DEINEN TNNRENESERSR es 201 VITE E on NR OQ RTT CRT 201 ge s qq LY GU CT Ol secret ara east eletti befceiite let te tol o vine be ute Su OM Paladin tubo REESE 201 EON Ed perc M 201 Chapter 27 Firmware Upgrade aeui dex VIR MOLD ERR Rev ER EM Qd NS QI ERERE MEO Nu B VRARU QUEM ERR LR REL AAAA 205 er TOM IN cs hace ihn tate cee deni dic hu ur Ad aoa LU ME re EE 205 2ra TIAL o ADAE TRITT Tm 205 Zia PIONS Upload be tos NETTE T TT m 205 Chapter 28 Fe CIBER SCI m 207 ee CONEY ARTE 207 EIE WNA Eo TET IPEA TT T P 207 26 6 iM Oon GROG eee rU 208 Chapter 29 Pens Pe es IE coc zvecca uk ce haiti cute ca ured oH tind CRUZ CE on bia sux Dx CRAS daateiialadiadekad DU Da ETE ED REM 211 DUNESC DI E P Q 211 NBG
132. c products should not be mixed with general waste Used electrical and electronic equipment should be treated separately NBG 419N User s Guide Safety Warnings NBG 419N User s Guide Contents Overview Contents Overview troduction eee 19 Seung te Know Your NBG TON Losskespect s boe ERRARE ERE HAURIRE oed apr a e bn 21 FORO WIA ND MENT OUT E E OE EINE A T ETN 25 Introducing the Web Configurator Lucie cese erster venir oninia ania ai 37 KORKON aiiai aa al a MEE a ae ct 43 DUE TN IUBE cusieisisetetadinuieboc annatadaaciesanseanm taeda cans ela pte den ceed team fupra iu ud 49 Easy MOOG 81 RONtEr WE MR TE AAE REAA S EEA ADENA DDE EEES 63 Pies PONIRE m 71 CERME roa a a A G 79 REUS tl e tr reer nme eter amr T renner utter eer er ee erm ree 89 NOtWOrK 97 Vie RSS LAN a iaasa EUREN DEEP EA EEA EM uS E ERR bL EP PR DRM cS Eos bia Pe E Ee SU IEEE RI 99 WAND ET 119 LOB uoooicodasscu oct HEC a Dec cuota lads uM IM 135 Weill Aem 139 Network Address Translation NAT usos citare rnnt rrr Eu nta rnt tr taa 143 BUD eui TT UON EUUM 151 uc eri m M 153 ola C 157 SEL Lond ee SER ener Renee ctc a 159 dir mM P 161 oy RII cH 167 Li
133. ck Maintenance gt Password Figure 123 Maintenance gt Password Password Setup Old Password New Password Retype to Confirm Password Setup m m m Apply Reset The following table describes the labels in this screen Table 74 Maintenance gt Password LABEL DESCRIPTION Password Setup Change your NBG 419N s password recommended using the fields as shown Old Password Type the default password or the existing password you use to access the system in this field New Password Type your new system password up to 30 characters Note that as you type a password the screen displays an asterisk for each character you type Retype to Confirm Type the new password again in this field Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide 26 1 Overview This chapter provides information on the Time Setting screens See Section 3 2 3 on page 39 for more information on how to set up the NBG 419N s date and time 26 2 What You Can D Use the Time Setting screen Section 26 3 on page 201 to change your NBG 419N s time and date O 26 3 Time Setting Screen Use this screen to configure the NBG 419N s time based on your local time zone To change your NBG 419N s time and date click Maintenance gt System gt Time Setting The screen app
134. ckets to the correct network while the host ID determines to which host on the network the packets are delivered Structure An IP address is made up of four parts written in dotted decimal notation for example 192 168 1 1 Each of these four parts is known as an octet An octet is an eight digit binary number for example 11000000 which is 192 in decimal notation Therefore each octet has a possible range of 00000000 to 11111111 in binary or 0 to 255 in decimal NBG 419N User s Guide Appendix B IP Addresses and Subnetting The following figure shows an example IP address in which the first three octets 192 168 1 are the network number and the fourth octet 16 is the host ID Figure 143 Network Number and Host ID 192 168 1 16 i miini d A i p af I mmmh i L I L I L a EB Eee eee m m m m m 9 How much of the IP address is the network number and how much is the host ID varies according to the subnet mask Subnet Masks A subnet mask is used to determine which bits are part of the network number and which bits are part of the host ID using a logical AND operation The term subnet is short for sub network A subnet mask has 32 bits If a bit in the subnet mask is a 1 then the corresponding bit in the IP address is part of the network number If a bit in the subnet mask is 0 then the corresponding bit in the IP address is part of the host ID The fo
135. click OK Do one or more of the following if you want to configure additional IP addresses In the IP Settings tab in IP addresses click Add In TCP IP Address type an IP address in IP address and a subnet mask in Subnet mask and then click Add Repeat the above two steps for each IP address you want to add Configure additional default gateways in the IP Settings tab by clicking Add in Default gateways In TCP IP Gateway Address type the IP address of the default gateway in Gateway To manually configure a default metric the number of transmission hops clear the Automatic metric check box and type a metric in Metric Click Add Repeat the previous three steps for each default gateway you want to add NBG 419N User s Guide Appendix C Setting up Your Computer s IP Address e Click OK when finished Figure 154 Windows XP Advanced TCP IP Properties Advanced TCP IP Settings IP Settings DNS WINS Options IP addresses IP address Subnet mask DHCP Enabled Default gateways Gateway Metric Automatic metric 7 Inthe Internet Protocol TCP IP Properties window the General tab in Windows XP e Click Obtain DNS server address automatically if you do not know your DNS server IP address es e If you know your DNS server IP address es click Use the following DNS server addresses and type them in the Preferred DNS server and Alternate DNS server fields NBG 419N User s Guide Appendix C Se
136. creen Table 14 Summary DHCP Table LABEL DESCRIPTION This is the index number of the host computer MAC Address This field shows the MAC address of the computer with the name in the Host Name field Every Ethernet device has a unique MAC Media Access Control address which uniquely identifies a device The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters for example 00 A0 C5 00 00 02 IP Address This field displays the IP address relative to the field listed above Expires in This field displays the time when the IP address and MAC address association ends Refresh Click Refresh to renew the screen 4 5 Packet Statistics Click the Packet Statistics Details hyperlink in the Status screen Read only information here includes port status packet specific statistics and the system up time The Poll Interval s field is configurable and is used for refreshing the screen Figure 23 Summary Packet Statistics Packet Statistics Packet Statistics Port Status TxPkts RxPkts Collisions Tx Bis Rx Bis Up Time WAN 100M 13625 31171 0 1954809 19399482 01 29 11 LAN 100M 13024 7748 0 14250762 673520 01 29 11 ILAN Down 0 2 0 343 00 00 00 System Up Time 1 hour 29 mins 17 secs Poll Interval s E sec Set Interval Stop NBG 419N User s Guide Chapter 4 Monitor The following table describes the labels in this screen Table
137. creen appears as shown next Figure 103 Security gt Firewall gt Services ICMP Respond to Ping on Disable z Apply Enable Firewall Rule Enable Firewall Rule Apply Add Firewall Rule Service Name MAC address Dest IP Address Source IP Address Protocol None Dest Port Range k Source Port Range Add Rule Firewall Rule Firewall Rule Serice Name MAC Address Dest IP Source lP Protocol Dest Port Range Source Port Range Action Delete 1 TESTMAIL 00 1C C4 84 E0 4B 192 168 1 33 172 168 2214 TCP 20 21 Drop D Reset The following table describes the labels in this screen Table 64 Security gt Firewall gt Services LABEL DESCRIPTION ICMP Internet Control Message Protocol is a message control and error reporting protocol between a host server and a gateway to the Internet ICMP uses Internet Protocol IP datagrams but the messages are processed by the TCP IP software and directly apparent to the application user Respond to Ping The NBG 419N will not respond to any incoming Ping requests when on Disable is selected Select LAN to reply to incoming LAN Ping requests Select WAN to reply to incoming WAN Ping requests Otherwise select LAN amp WAN to reply to all incoming LAN and WAN Ping requests Apply Click Apply to save the settings Enable Firewall Rule Enable Firewall Select this check box to activate the firewall rules that you define see Rule Add Firewall Rule below
138. creen displays Figure 122 Maintenance gt General General System Setup System Name NBG 41 SN Domain Name zyxel com Administrator Inactivity Timer o minutes 0 means no timeout Apply Reset NBG 419N User s Guide 197 Chapter 24 Maintenance The following table describes the labels in this screen Table 73 Maintenance gt General LABEL DESCRIPTION System Setup System Name System Name is a unique name to identify the NBG 419N in an Ethernet network Domain Name Enter the domain name you want to give to the NBG 419N Administrator Inactivity Timer Type how many minutes a management session can be left idle before the session times out The default is 5 minutes After it times out you have to log in with your password again Very long idle timeouts may have security risks A value of 0 means a management session never times out no matter how long it has been left idle not recommended Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide Password 25 1 Overview This chapter contains information about configuring general log settings and viewing the NBG 419N s logs Refer to the appendices for example log message explanations The Web Configurator allows you to look at all of the NBG 419N s logs in one location 25 2 What You C
139. cribes the labels in this screen Table 62 Network gt RIP LABEL DESCRIPTION RIP Select the RIPv1 or RIPv2 you want the NBG 419N to use Otherwise select None Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide PART III Security 19 1 Firewall Overview This chapter shows you how to enable and configure the firewall that protects your NBG 419N and your LAN from unwanted or malicious traffic Enable the firewall to protect your LAN computers from attacks by hackers on the Internet and control access between the LAN and WAN By default the firewall e allows traffic that originates from your LAN computers to go to all of the networks e blocks traffic that originates on the other networks from going to the LAN The following figure illustrates the default firewall action User A can initiate an IM Instant Messaging session from the LAN to the WAN 1 Return traffic for this session is also allowed 2 However other traffic initiated from the WAN is blocked 3 and 4 Figure 101 Default Firewall Action 5 _ _ A eM oc lt gt Firewall T ci fep NBG 419N User s Guide Chapter 19 Firewall 19 2 What You Can Do e Use the General Section 19 4 on page 163 screen to enable or disable the NBG 419N s firewall e Use the Services screen Section 19 5
140. ct a ZyXEL office for the region in which you bought the device See http www zyxel com web contact_us php for contact information Please have the following information ready when you contact an office e Product model and serial number e Warranty Information e Date that you received your device Brief description of the problem and the steps you took to solve it 4 NBG 419N User s Guide Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this User s Guide Warnings tell you about things that could harm you or your device Note Notes tell you other important information for example other things you may need to configure or helpful tips or recommendations Syntax Conventions e The NBG 419N may be referred to as the NBG 419N the device the product or the system in this User s Guide Product labels screen names field labels and field choices are all in bold font e A key stroke is denoted by square brackets and uppercase text for example ENTER means the enter or return key on your keyboard e Enter means for you to type one or more characters and then press the ENTER key Select or choose means for you to use one of the predefined choices A right angle bracket within a screen name denotes a mouse click For example Maintenance gt Log gt Log Setting means you first click Maintenance in the navigation pa
141. d in URLs to which you do not want users in your network to open Switch ON to apply website filtering Otherwise switch OFF Refer to Section 6 6 3 on page 57 to see this screen Bandwidth Mgmt Click this to edit bandwidth management for predefined applications Switch ON to have the NBG 419N management bandwidth for uplink and downlink traffic according to an application or service Otherwise switch OFF Refer to Section 6 6 4 on page 58 to see this screen Firewall Switch ON to ensure that your network is protected from Denial of Service DoS attacks Otherwise switch OFF Refer to Section 6 6 5 on page 58 to see this screen Wireless Security Click this to configure the wireless security such as SSID security mode and WPS key on your NBG 419N Refer to Section 6 6 6 on page 59 to see this screen 6 6 1 Game Engine When this feature is enabled the NBG 419N maximizes the bandwidth for gaming traffic that it forwards out through an interface Figure 31 Game Engine PA Game Engine turned off Whenever you turn the Game Engine on the router is designated to offer a better gaming experience The Game Console option in Bandwidth Management will be prioritized to the highest level and cannot be re arranged until the Game Engine is NBG 419N User s Guide Chapter 6 Easy Mode Note When this is switched on the Game Console tab in the Bandwidth Mgmt screen is automa
142. d to extend the features of IEEE 802 11 to support extended authentication as well as providing additional accounting and control features It is supported by Windows XP and a number of network devices Some advantages of IEEE 802 1x are User based identification that allows for roaming e Support for RADIUS Remote Authentication Dial In User Service RFC 2138 2139 for centralized user profile and accounting management on a network RADIUS server e Support for EAP Extensible Authentication Protocol RFC 2486 that allows additional authentication methods to be deployed with no changes to the access point or the wireless stations RADIUS 274 RADIUS is based on a client server model that supports authentication authorization and accounting The access point is the client and the server is the RADIUS server The RADIUS server handles the following tasks e Authentication Determines the identity of the users Authorization Determines the network services available to authenticated users once they are connected to the network Accounting Keeps track of the client s network activity RADIUS is a simple package exchange in which your AP acts as a message relay between the wireless station and the network RADIUS server NBG 419N User s Guide Appendix D Wireless LANs Types of RADIUS Messages The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user authentica
143. de Chapter 4 Monitor The monitor shows what kinds of applications are running in the network the maximum kbps that each application can use as well as the percentage of bandwidth it is using Figure 21 Summary BW MGMT Monitor Monitor XBox Live 0 32768 kbps XBox Live 0 32768 kbps VoIP 0 32768 kbps FTP 0 32768 kbps eMule 0 32768 kbps BitTorrent 0 32768 kbps E Mail 0 32768 kbps Instant Messenger 0732768 kbps 4 4 DHCP Table DHCP Dynamic Host Configuration Protocol RFC 2131 and RFC 2132 allows individual clients to obtain TCP IP configuration at start up from a server You can configure the NBG 419N s LAN as a DHCP server or disable it When configured as a server the NBG 419N provides the TCP IP configuration for the clients If DHCP service is disabled you must have another DHCP server on that network or else the computer must be manually configured Click the DHCP Table Details hyperlink in the Status screen Read only information here relates to your DHCP status The DHCP table shows current DHCP client information including IP Address Host Name and MAC Address of all network clients using the NBG 419N s DHCP server Figure 22 Summary DHCP Table DHCP Client Table Table List MAC Address IP Address Expires in Refresh NBG 419N User s Guide Chapter 4 Monitor The following table describes the labels in this s
144. dicating the kind of network device connected to the NBG 419N including those connecting wirelessly Right click on the NBG 419N icon to refresh the network map and go to the Wizard Right click on the other icons to view information about the device 6 6 Control Panel The features configurable in Easy Mode are shown in the Control Panel Figure 30 Control Panel ge Game 7 I 2 Content mf Bandwidth B PRI Wireless Engine Saving d Filter z MGMT A Firewall M Sec urity e OFF o ON ON Switch ON to enable the feature Otherwise switch OFF If the feature is turned on the green light flashes If it is turned off the red light flashes Additionally click the feature to open a screen where you can edit its settings NBG 419N User s Guide Chapter 6 Easy Mode The following table describes the labels in this screen Table 18 Control Panel ITEM DESCRIPTION Game Engine Switch ON to maximize bandwidth for gaming traffic in your network Otherwise switch OFF Refer to Section 6 6 1 on page 55 to see this screen Power Saving Click this to schedule the wireless feature of the NBG 419N Disabling the wireless function helps lower the energy consumption of the NBG 419N Switch ON to apply wireless scheduling Otherwise switch OFF Refer to Section 6 6 2 on page 56 to see this screen Content Filter Click this to restrict access to certain websites based on keywords containe
145. dr ETA 163 ENSE ric ric METTRE 163 Chapter 20 Common EHEIBE oo o ES EA E AE ED IE ENE UU EU rA MARTE toca 167 ed TU SN Locentaquerdivit seise tnde a MM del CHR der FU C HTEe a ap E DEPNsE Ente Em and 167 zn vba OU COL DB uud O E I ador tato EORR RS DE bna ua Uto ERR Ld ssh UR AED C at 167 20 9 What You Weed To KNOW asc cer to ERE iE PIT PE PETI RDHuRME Pi MIR ER 167 203 T Conten PIGH PRONG 2i ancien pd do edt dd e b dla di Dea i dod MU 167 20 4 Content We TDs oINS TT OTT T RTT 168 Part M Management 171 Chapter 21 Bandwidth Managenmenth ccccccceceeeeeeeeeeeeeeeeeeeeee see e eee eseee sees nee enhn ninth tnnt tinh ntn 173 zT 1 OVO ON cioos satelite NE MEMPHIS MN DUE eee PETS Ree vere 173 Z NNA You Can DO eanan A A AA AAE 173 213 What You Need TO KNOW xoci ertet Sib arb a pa dvds ed tace rna Lube aca evt aa aaa dca 174 cT Gonera SIBIBBD aiene adobe ui pndaut o EEE dM dds EE ODODUP EE 174 21 9 Advanced SORS uoce var stes vea ti i a epe ee e le etd E PR DEI eo ELK o epu tese dia sa poe deee c Ve bout iv aod 175 21 5 1 Rule Configuration Application Rule Configuration sseeee 178 21 5 2 Rule Configuration User Defined Service Rule Configuration 179 PARTE SIUS mi TET OTT a 180 21 6 1 Predefined Bandwidth Management Services eeeeeesieeneeee en tnnnena 181 Chapter 22 Remote Marnagaemenl nn penne panis
146. dress 2 Inthe Control Panel double click Network Connections Network and Dial up Connections in Windows 2000 NT Figure 150 Windows XP Control Panel Control Panel File Edit view Favorites Tools Help Q d Y d yo Search Kes Folders E Address Control Panel Vg Control Panel Y Je Switch to Category View Windows Update 3 Right click Local Area Connection and then click Properties Fonts Game Controllers Figure 151 Windows XP Control Panel Network Connections Properties s Network Connections File Edit view Favorites Tools Advanced Help Qs z Q 27 JO Search e Folders E Address r3 Network Connections LANorHigh Speed Internet Network Tasks ocal Area Connection S Create a new connection 9 Set up a home or small office network Qf Disable this network device EN Repair this connection fai Rename this connection View status of this connection Change settings of this connection nabled andard PCI Fast Ethernet Adapte Disable Status Repair Bridge Connections Create Shortcut Properties NBG 419N User s Guide Appendix C Setting up Your Computer s IP Address 4 Select Internet Protocol TCP IP under the General tab in Win XP and then click Properties Figure 152 Windows XP Local Area Connection Properties 4 Local Area Connection Properties General Authentication Advanced Connect using E Accton EN1207D TX PCI Fast
147. dshake If the RTS CTS value is greater than the Fragmentation Threshold value see next then the RTS Request To Send CTS Clear to Send handshake will never occur as data frames will be fragmented before they reach RTS CTS size Note Enabling the RTS Threshold causes redundant network overhead that could negatively affect the throughput performance instead of providing a remedy NBG 419N User s Guide Appendix D Wireless LANs Fragmentation Threshold A Fragmentation Threshold is the maximum data fragment size between 256 and 2432 bytes that can be sent in the wireless network before the AP will fragment the packet into smaller data frames A large Fragmentation Threshold is recommended for networks not prone to interference while you should set a smaller threshold for busy networks or networks that are prone to interference If the Fragmentation Threshold value is smaller than the RTS CTS value see previously you set then the RTS Request To Send CTS Clear to Send handshake will never occur as data frames will be fragmented before they reach RTS CTS size Preamble Type A preamble is used to synchronize the transmission timing in your wireless network There are two preamble modes Long and Short Short preamble takes less time to process and minimizes overhead so it should be used in a good wireless network environment when all wireless stations support it Select Long if you have a noisy network or a
148. e Chapter 11 Wireless LAN Table 41 Network gt Wireless LAN gt Advanced LABEL DESCRIPTION Operating Choose this according to the wireless mode s used in your network Mode Mixed Mode Select this if the wireless clients in your network use different wireless modes for example IEEE 802 11b g and IEEE 802 1n modes Green Mode Select this if the wireless clients in your network uses only one type of wireless mode for example IEEEE 802 11 n only Channel Select the channel bandwidth you want to use for your wireless network Bandwidth It is recommended that you select 20 40 20 40 MHz Select 20 MHz if you want to lessen radio interference with other wireless devices in your neighborhood Guard Select Auto to increase data throughput However this may make data Interval transfer more prone to errors Select Long to prioritize data integrity This may be because your wireless network is busy and congested or the NBG 419N is located in an environment prone to radio interference Extension This is set to Auto by default Channel If you select 20 40 as your Channel Bandwidth the extension channel enables the NBG 419N to get higher data throughput This also lowers radio interference and traffic Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to reload the previous configuration for this screen 11 7 Quality of Service QoS Screen The QoS screen allows you t
149. e or any part thereof in the operation of a service bureau or for the benefit of any other person or entity You may not cause assist or permit any third party to do any of the foregoing Portions of the Software utilize or include third party software and other copyright material Acknowledgements licensing terms and disclaimers for such material are contained in the online electronic documentation for the Software ftp opensource zyxel com and your use of such material is governed by their respective terms ZyXEL has provided as part of the Software package access to certain third party software as a convenience To the extent that the Software contains third party software ZyXEL has no express or implied obligation to provide any technical or other support for such software Please contact the appropriate software vendor or manufacturer directly for technical support and customer service related to its software and products Confidentiality You acknowledge that the Software contains proprietary trade secrets of ZyXEL and you hereby agree to maintain the confidentiality of the Software using at least as great a degree of care as you use to maintain the confidentiality of your own most confidential information You agree to reasonably communicate the terms and conditions of this License Agreement to those persons employed by you who come into contact with the Software and to use reasonable best efforts to ensure their compliance with such
150. e 172 16 0 0 172 31 255 255 e 192 168 0 0 192 168 255 255 You can obtain your IP address from the IANA from an ISP or it can be assigned from a private network If you belong to a small organization and your Internet access is through an ISP the ISP can provide you with the Internet addresses for your local networks On the other hand if you are part of a much larger organization you should consult your network administrator for the appropriate IP addresses Regardless of your particular situation do not create an arbitrary IP address always follow the guidelines above For more information on address assignment please refer to RFC 1597 Address Allocation for Private Internets and RFC 1466 Guidelines for Management of IP Address Space NBG 419N User s Guide Setting up Your Computer s IP Address All computers must have a 10M or 100M Ethernet adapter card and TCP IP installed Windows 95 98 Me NT 2000 XP Macintosh OS 7 and later operating systems and all versions of UNIX LINUX include the software components you need to install and use TCP IP on your computer Windows 3 1 requires the purchase of a third party TCP IP application package TCP IP should already be installed on computers using Windows NT 2000 XP Macintosh OS 7 and later operating systems After the appropriate TCP IP components are installed configure the TCP IP settings in order to communicate with your network If you manually assign IP
151. e IP protocol number not the port number Port s This value depends on the Protocol Please refer to RFC 1700 for further information about port numbers e If the Protocol is TCP UDP or TCP UDP this is the IP port number e If the Protocol is USER this is the IP protocol number e Description This is a brief explanation of the applications that use this service or the situations in which this service is used Table 95 Commonly Used Services NAME PROTOCOL PORT S DESCRIPTION AH User Defined 51 The IPSEC AH Authentication IPSEC TUNNEL Header tunneling protocol uses this service AIM New ICQ TCP 5190 AOL s Internet Messenger service It is also used as a listening port by ICQ AUTH TCP 113 Authentication protocol used by some servers BGP TCP 179 Border Gateway Protocol BOOTP CLIENT UDP 68 DHCP Client BOOTP SERVER UDP 67 DHCP Server CU SEEME TCP 7648 A popular videoconferencing solution from White Pines Software UDP 24032 DNS TCP UDP 53 Domain Name Server a service that matches web names for example www zyxel com to IP numbers NBG 419N User s Guide Appendix E Common Services Table 95 Commonly Used Services continued NAME PROTOCOL PORT S DESCRIPTION ESP User Defined 50 The IPSEC ESP Encapsulation IPSEC_TUNNEL Security Protocol tunneling protocol uses this service FINGER TCP 79
152. e NBG 419N uses a system DNS server in the order you specify here to resolve domain names for DDNS and the time server Enter the primary DNS server s IP address in the fields provided Secondary DNS Enter the secondary DNS server s IP address in the fields provided Exit Click this to close the wizard screen without saving Back Click this to return to the previous screen Next Click this to continue 2 3 3 Connection Type PPPoE Point to Point Protocol over Ethernet PPPoE functions as a dial up connection PPPoE is an IETF Internet Engineering Task Force standard specifying how a host NBG 419N User s Guide Chapter 2 Connection Wizard personal computer interacts with a broadband modem for example DSL cable wireless etc to achieve access to high speed data networks For the service provider PPPoE offers an access and authentication method that works with existing access control systems for instance RADIUS One of the benefits of PPPoE is the ability to let end users access one of multiple network services a function known as dynamic service selection This enables the service provider to easily create and offer new IP services for specific users Operationally PPPoE saves significant effort for both the subscriber and the ISP carrier as it requires no specific configuration of the broadband modem at the subscriber s site By implementing PPPoE directly on the NBG 419N rather
153. e NBG 419N connects the local network LAN1 LANA4 to the Internet Figure 39 NBG 419N Network LAN1 LAN2 LAN3 Piece E gt i WLAN Note The Status screen is shown after changing to the Expert mode of the Web Configurator It varies depending on the device mode of your NBG 419N 7 2 What You Can Do Use the Status screen Section 7 3 on page 64 to view read only information about your NBG 419N NBG 419N User s Guide Chapter 7 Router Mode 7 3 Status Screen Click to open the status screen Figure 40 Status Screen Router Mode dj Refresh Interval None x Device Information System Status Iter Data Iter Data Host Name NBG 419N System Up Time 4 mins 47 secs Firmware Version V1 00 BFQ 0 B6 03 31 2008 Current Date Time 2009 04 02 09 54 51 Sys OP Mode Router Mode System Resource WAN Information CPU Usage MAC Address 00 0C 43 30 5277 Memory Usage ae IP Address 172 23 31 1 System Setting IP Subnet Mask 255 255 255 0 Firewall Enabled Default Gateway 172 23 31 254 Bandwidth Management Disabled DHCP Client UPnP Enabled LAN Information Configuration Mode Expert MAC Address 00 0C 43 30 52 28 IP Address 192 168 1 1 IP Subnet Mask 255 255 255 0 Summary DHCP Server BW MGMT Monitor Details WLAN Information DHCP Table Details WLAN OP Mode Access Point Mode Packet Statistics Details MAC Address 00 0C 43 30 52 28 WLAN
154. e a name of up to 31 printable characters to identify this rule in the first field next to Service Name Otherwise select a predefined service in the second field next to Service Name The predefined service name and port number s will display in the Service Name and Port fields Port Type a port number s to define the service to be forwarded to the specified server To specify a range of ports enter a hyphen between the first port and the last port such as 10 20 To specify two or more non consecutive port numbers separate them by a comma without spaces such as 123 567 Server IP Address Type the IP address of the server on your LAN that receives packets from the port s specified in the Port field Application Rules Summary This is the number of an individual port forwarding server entry Active This icon is turned on when the rule is enabled Name This field displays a name to identify this rule Port This field displays the port number s NBG 419N User s Guide Chapter 15 Network Address Translation NAT Table 58 Network gt NAT gt Application continued LABEL DESCRIPTION Server IP This field displays the inside IP address of the server Address Modify Click the Edit icon to display and modify an existing rule setting in the fields under Add Application Rule Click the Remove icon to delete a rule Apply Click Apply to save your cha
155. e correct ports e Place connecting cables carefully so that no one will step on them or stumble over them e Always disconnect all cables from this device before servicing or disassembling e Use ONLY an appropriate power adaptor or cord for your device e Connect the power adaptor or cord to the right supply voltage for example 110V AC in North America or 230V AC in Europe e Do NOT allow anything to rest on the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or cord e Do NOT use the device if the power adaptor or cord is damaged as it might cause electrocution e If the power adaptor or cord is damaged remove it from the power outlet e Do NOT attempt to repair the power adaptor or cord Contact your local vendor to order a new one e Do not use the device outside and make sure all the connections are indoors There is a remote risk of electric shock from lightning e Do NOT obstruct the device ventilation slots as insufficient airflow may harm your device e Antenna Warning This device meets ETSI and FCC certification requirements when using the included antenna s Only use the included antenna s e If you wall mount your device make sure that no electrical lines gas or water pipes will be damaged Your product is marked with this symbol which is known as the WEEE mark WEEE Key stands for Waste Electronics and Electrical Equipment It means that used electrical X and electroni
156. e given to you by your ISP Password Type the password associated with the user name above Retype to Type your password again to make sure that you have entered is Confirm correctly MTU Size Enter the Maximum Transmission Unit MTU or the largest packet size per frame that your NBG 419N can receive and process Nailed Up Select Nailed Up Connection if you do not want the connection to time Connection out NBG 419N User s Guide Chapter 12 WAN Table 48 Network gt WAN gt Internet Connection PPPoE Encapsulation LABEL DESCRIPTION Idle Timeout sec This value specifies the time in minutes that elapses before the router automatically disconnects from the PPPoE server WAN IP Address Assignment Get Select this option If your ISP did not assign you a fixed IP address This automatically is the default selection from ISP Use Fixed IP Select this option If the ISP assigned a fixed IP address Address My WAN IP Enter your WAN IP address in this field if you selected Use Fixed IP Address Address WAN DNS Assignment First DNS Server Second DNS Server Select From ISP if your ISP dynamically assigns DNS server information and the NBG 419N s WAN IP address The field to the right displays the read only DNS server IP address that the ISP assigns Select User Defined if you have the IP address of a DNS server Enter the DNS server s IP address in the field to the
157. e total time the NBG 419N has been on Current Date Time This field displays your NBG 419N s present date and time System Resource CPU Usage This displays what percentage of the NBG 419N s processing ability is currently used When this percentage is close to 100 the NBG 419N is running at full load and the throughput is not going to improve anymore If you want some applications to have more throughput you should turn off other applications for example using bandwidth management Memory Usage This shows what percentage of the heap memory the NBG 419N is using System Setting Configuration Mode This shows the web configurator mode you are viewing Expert Interface Status Interface This displays the NBG 419N port types The port types are LAN and WLAN Status For the LAN and WAN ports this field displays Down line is down or Up line is up or connected For the WLAN it displays Up when the WLAN is enabled or Down when the WLAN is disabled NBG 419N User s Guide Chapter 8 Access Point Mode Table 27 Status Screen Access Point Mode LABEL DESCRIPTION Rate For the LAN ports this displays the port speed and duplex setting or N A when the line is disconnected For the WAN port it displays the port speed and duplex setting if you re using Ethernet encapsulation and Idle line ppp idle Dial starting to trigger a call and Drop dr
158. ears as shown Figure 124 Maintenance gt Time Current Time and Date Current Time Current Date Current Time and Date C Manual New Time hh mm ss New Date yyyy mmida Get from Time Server Auto C User Defined Time Server Address Time Zone Setup Time Zone T Daylight Savings start Date mm dd Sia End Date e a 14 27 18 2009 04 07 he ia time statim egov tn GMT 08 00 Perth Taipei dNEEEEEEEEHD o NENNEN Apply Reset Time Setting o clock o clock NBG 419N User s Guide Chapter 26 Time he following table describes the labels in this screen Table 75 Maintenance gt Time LABEL DESCRIPTION Current Time and Date Current Time This field displays the time of your NBG 419N Each time you reload this page the NBG 419N synchronizes the time with the time server Current Date This field displays the date of your NBG 419N Each time you reload this page the NBG 419N synchronizes the date with the time server Current Time and Date Manual Select this radio button to enter the time and date manually If you configure a new time and date Time Zone and Daylight Saving at the same time the new time and date you entered has priority and the Time Zone and Daylight Saving settings do not affect it New Time This field displays the last updated time from the time server or the last time configured manuall
159. eed to be configured IP Pool Setup The NBG 419N is pre configured with a pool of 32 IP addresses starting from 192 168 1 33 to 192 168 1 64 This configuration leaves 31 IP addresses excluding the NBG 419N itself in the lower range 192 168 1 2 to 192 168 1 32 for other server computers for instance servers for mail FTP TFTP web etc that you may have LAN TCP IP The NBG 419N has built in DHCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability NBG 419N User s Guide Chapter 13 LAN 13 3 3 IP Alias IP alias allows you to partition a physical network into different logical networks over the same Ethernet interface The NBG 419N supports three logical LAN interfaces via its single physical Ethernet interface with the NBG 419N itself as the gateway for each LAN network 13 4 LAN IP Screen Use this screen to change the IP address for your NBG 419N Click Network LAN gt IP Figure 88 Network gt LAN gt IP LAN TCPAP IP Address IP Subnet Mask fi 92 168 1 1 255 255 255 0 Apply Reset The following table describes the labels in this screen Table 53 Network gt LAN gt IP LABEL DESCRIPTION IP Address Type the IP address of your NBG 419N in dotted decimal notation IP Subnet Mask The subnet mask specifies the network number portion of an IP address Your NBG 419N will automatically calculate the s
160. eld WAN IP Address Assignment Get automatically Select this to get your WAN IP address from your ISP from ISP Use Fixed IP Select this option If the ISP assigned a fixed IP address Address My WAN IP Enter your WAN IP address in this field if you selected Use Fixed IP Address Address WAN DNS Assignment First DNS Server Select From ISP if your ISP dynamically assigns DNS server information and the NBG 419N s WAN IP address The field to the Second DNS Server right displays the read only DNS server IP address that the ISP assigns Select User Defined if you have the IP address of a DNS server Enter the DNS server s IP address in the field to the right If you chose User Defined but leave the IP address set to 0 0 0 0 User Defined changes to None after you click Apply If you set a second choice to User Defined and enter the same IP address the second User Defined changes to None after you click Apply Select None if you do not want to configure DNS servers If you do not configure a DNS server you must know the IP address of a computer in order to access it WAN MAC Address The MAC address section allows users to configure the WAN port s MAC address by either using the NBG 419N s MAC address copying the MAC address from a computer on your LAN or manually entering a MAC address Factory default Select Factory default to use the factory assigned default MAC Address
161. er stronger encryption Temporal Key Integrity Protocol TKIP uses 128 bit keys that are dynamically generated and distributed by the authentication server It includes a per packet key mixing function a Message Integrity Check MIC named Michael an extended initialization vector IV with sequencing rules and a re keying mechanism NBG 419N User s Guide 277 Appendix D Wireless LANs 278 TKIP regularly changes and rotates the encryption keys so that the same encryption key is never used twice The RADIUS server distributes a Pairwise Master Key PMK key to the AP that then sets up a key hierarchy and management system using the pair wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients This all happens in the background automatically WPA2 AES Advanced Encryption Standard is a block cipher that uses a 256 bit mathematical algorithm called Rijndael The Message Integrity Check MIC is designed to prevent an attacker from capturing data packets altering them and resending them The MIC provides a strong mathematical function in which the receiver and the transmitter each compute and then compare the MIC If they do not match it is assumed that the data has been tampered with and the packet is dropped By generating unique data encryption keys for every data packet and by creating an integrity checking mechani
162. ers and the WAN MAC address Advanced Use this screen to configure other advanced properties IGMP Use this screen to enable IGMP snooping if you have LAN Snooping users that subscribe to multicast services LAN IP Use this screen to configure LAN IP address and subnet mask IP Alias Use this screen to have the NBG 419N apply IP alias to create LAN subnets DHCP General Use this screen to enable the NBG 419N s DHCP server Server Advanced Use this screen to assign IP addresses to specific individual computers based on their MAC addresses and to have DNS servers assigned by the DHCP server NAT General Use this screen to enable NAT Application Use this screen to configure servers behind the NBG 419N Advanced Use this screen to change your NBG 419N s port triggering settings DDNS General Use this screen to set up dynamic DNS Static IP Static Use this screen to configure IP static routes Route Route NBG 419N User s Guide Chapter 7 Router Mode Table 26 Navigation Panel Router Mode LINK TAB FUNCTION RIP Use this screen to enable RIPv1 or RIPv2 which are LAN broadcast protocols Security Firewall General Use this screen to activate deactivate the firewall Services This screen shows a summary of the firewall rules and allows you to edit add a firewall rule Content Filter Use this screen to block certain web features and sites containing ce
163. ess Point mode all Ethernet ports have the same IP address e All ports on the rear panel of the device are LAN ports including the port labeled WAN There is no WAN port e The DHCP server on your device is disabled e The IP address of the device on the local network is set to 192 168 1 2 WISP Mode Select WISP Mode if your device needs a wireless client to connect to an existing access point e You cannot configure Wireless LAN settings including WPS and scheduling in the WISP mode e The IP address of the device on the local network is the same as the IP address given to the NBG 419N while in router mode default is 192 168 1 1 Apply Click Apply to save your settings Reset Click Reset to return your settings to the default Router Note If you select the incorrect System Operation Mode you may not be able to connect to the Internet NBG 419N User s Guide Troubleshooting This chapter offers some suggestions to solve problems you might encounter The potential problems are divided into the following categories e Power Hardware Connections and LEDs e NBG 419N Access and Login e nternet Access e Resetting the NBG 419N to Its Factory Defaults e Wireless Router AP Troubleshooting 31 1 Power Hardware Connections and LEDs The NBG 419N does not turn on None of the LEDs turn on 1 Make sure you are using the power adaptor or cord included with the NBG 419N 2 Make sure the powe
164. etup Wireless LAN Network Name SSID T Hide SSID Channel Selection General MACFilter Advanced QoS WPS WPS Station Scheduling Operating Channel Channel 06 2437MHz Security Security Mode wra2 PsK v WPA PSK Compatible Pre Shared Key Cr Group Key Update Timer peo seconds Note WPA PSK and WPA2 PSK can be configured when WPS enabled ON ZyXEL Channel 06 2437MHz Auto Channel Selection Apply Reset The following table describes the labels in this screen Table 39 Network gt Wireless LAN gt General WPA PSK WPA2 PSK LABEL DESCRIPTION Security Mode Select WPA PSK or WPA2 PSK to enable data encryption WPA PSK This field appears when you choose WPA PSK2 as the Security Mode Compatible Check this field to allow wireless devices using WPA PSK security mode to connect to your NBG 419N Pre Shared Key WPA PSK WPA2 PSK uses a simple common password for authentication Type a pre shared key from 8 to 63 case sensitive keyboard characters Group Key Update Timer The Group Key Update Timer is the rate at which the AP sends a new group key out to all clients The default is 3600 seconds 60 minutes Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to reload the previous configuration for this screen Refer to Table 36 on page 103 for descriptions of the other labels in this screen
165. functions as a bridge and access point simultaneously e Bridge The NBG 419N acts as a wireless network bridge and establishes wireless links with other APs You need to know the MAC address of the peer device which also must be in bridge mode The NBG 419N can establish up to five wireless links with other APs Local MAC This is the MAC address of your NBG 419N Address Phy Mode Select the Phy mode you want the NBG 419N to use This dictates the maximum size of packets during data transmission Remote MAC This is the MAC address of the peer device that your NBG 419N wants Address to make a bridge connection with You can connect to up to 4 peer devices Security EncrypType Select whether to use WEP TKIP or AES encryption for your WDS connection in this field Otherwise select No Security EncrypKey The Encryp key is used to encrypt data Peers must use the same key for data transmission NBG 419N User s Guide Chapter 11 Wireless LAN Table 46 Network gt Wireless LAN gt WDS LABEL DESCRIPTION Apply Click Apply to save your changes to NBG 419N Refresh Click Refresh to reload the previous configuration for this screen NBG 419N User s Guide 117 Chapter 11 Wireless LAN NBG 419N User s Guide WAN 12 1 Overview This chapter discusses the NBG 419N s WAN screens Use these screens to configure your NBG 419N for Internet access A WAN
166. gs Cancel Click Cancel to exit this screen without saving NBG 419N User s Guide Chapter 21 Bandwidth Management 21 5 2 Rule Configuration User Defined Service Rule Configuration If you want to edit a bandwidth management rule for other applications or services click the Edit icon in the User defined Service table of the Advanced screen The following screen displays Figure 109 Bandwidth Management Rule Configuration User defined Service Rule Configuration BV Budget Minimum Bandwidth fo kbps Destination Address ooo Destination Subnet Netmask pooo Destination Port poo Source Address pooo Source Subnet Netmask pooo Source Port 0 Protocol TCP yl fc ox Cancel The following table describes the labels in this screen Table 69 Bandwidth Management Rule Configuration User defined Service LABEL DESCRIPTION BW Budget Select Maximum Bandwidth or Minimum Bandwidth and specify the maximum or minimum bandwidth allowed for the rule in kilobits per second Destination Enter the IP address of the destination computer Address The NBG 419N applies bandwidth management to the service or application that is entering this computer Destination Enter the subnet netmask of the destination of the traffic for which the Subnet bandwidth management rule applies Netmask Destination Port This is the port number of the destination that define the traffic type for ex
167. gt Monitor Monitor XBox Live XBox Live VoIP FTP eMule BitTorrent E Mail Instant Messenger BW MGMT Monitor 0 32768 kbps 0732768 kbps 0732768 kbps 0732768 kbps 0732768 kbps 0732768 kbps 0732768 kbps 0 32768 kbps NBG 419N User s Guide Chapter 21 Bandwidth Management 21 6 1 Predefined Bandwidth Management Services The following is a description of some services that you can select and to which you can apply media bandwidth management in the Management gt Bandwidth Management gt Advanced screen Table 70 Media Bandwidth Management Setup Services SERVICE DESCRIPTION FTP File Transfer Program enables fast transfer of files including large files that may not be possible by e mail WWW The World Wide Web WWW is an Internet system to distribute graphical hyper linked information based on Hyper Text Transfer Protocol HTTP a client server protocol for the World Wide Web The Web is not synonymous with the Internet rather it is just one service on the Internet Other services on the Internet include Internet Relay Chat and Newsgroups The Web is accessed through use of a browser E Mail Electronic mail consists of messages sent through a computer network to specific groups or individuals Here are some default ports for e mail VoIP SIP Sending voice signals over the Internet is called Voice over
168. guration at start up from a server You can configure the NBG 419N s LAN as a DHCP server or disable it When configured as a server the NBG 419N provides the TCP IP configuration for the clients If DHCP service is disabled you must have another DHCP server on your LAN or else the computer must be manually configured 14 2 What You Can Do e Use the General Section 14 3 on page 139 screen to enable the DHCP server e Use the Advanced Section 14 4 on page 140 screen to assign IP addresses on the LAN to specific individual computers based on their MAC Addresses 14 3 General Screen Use this screen to enable the DHCP server Click Network gt DHCP Server The following screen displays Figure 90 Network gt DHCP Server gt General LAH DHCP Setup Iv Enable DHCP Server IP Pool Starting Address 1 92 158 1 33 Pool Size 32 Apply Reset NBG 419N User s Guide Chapter 14 DHCP Server The following table describes the labels in this screen Table 55 Network gt DHCP Server gt General LABEL DESCRIPTION Enable DHCP Enable or Disable DHCP for LAN Server IP Pool Starting This field specifies the first of the contiguous addresses in the IP Address address pool for LAN Pool Size This field specifies the size or count of the IP address pool for LAN Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh
169. guration information and retur to factory defaults After resetting the Password will be 1234 LAN IP address will be 192 168 1 1 DHCP will be reset to server Reset The following table describes the labels in this screen Table 77 Maintenance gt Backup Restore LABEL DESCRIPTION Backup Click Backup to save the NBG 419N s current configuration to your computer File Path Type in the location of the file you want to upload in this field or click Browse to find it Browse Click Browse to find the file you want to upload Remember that you must decompress compressed ZIP files before you can upload them 208 NBG 419N User s Guide Chapter 28 Backup Restore Table 77 Maintenance gt Backup Restore LABEL DESCRIPTION Upload Click Upload to begin the upload process Note Do not turn off the NBG 419N while configuration file upload is in progress After you see a configuration upload successful screen you must then wait one minute before logging into the NBG 419N again The NBG 419N automatically restarts in this time causing a temporary network disconnect If you see an error screen click Back to return to the Backup Restore screen Reset Pressing the Reset button in this section clears all user entered configuration information and returns the NBG 419N to its factory defaults You can also press the RESET button on the rear panel to reset
170. h Management gt Advanced to open the bandwidth management Advanced screen Figure 107 Management gt Bandwidth Management gt Advanced Management Bandwidth Upstream Bandwidth 32M bps Downstream Bandwidth 324 bps Application List Priority Category Service Advanced Setting 1 righ gt Game Console XBox Live 3 I PlayStation 3 I MSN Game Zone 3 I Battlenet a 2 High z VoIP voir 4 3 righ gt Instant Messenger I Instant Messenger 3 4 Hion gt Web Surfing Web Surfing 3 5 rion gt P2P FTP FTP J eMule 2 BitTorrent 2 6 nion gt E Mail E Mail Ei User defined Service Enable Direction Service Name Category Modify E on zl E caecos Eb iz W 2 5 on z a Ganeconsoe E i W 5 uw zi caneconsce E iz W E on E oo Ganeconsoe E iz W s D oimn ej o Ganeconsoe E iz W 6 r Tolan Game conso v 2 TW 7 n read e D GameConsce 2 TW a T uw sj Swmecsoe E iz poly Reset The following table describes the labels in this screen Table 67 Management gt Bandwidth Management gt Advanced LABEL DESCRIPTION Management Bandwidth Upstream Select the total amount of bandwidth from 64 Kilobits to 32 Megabits Bandwidth that you want to dedicate to uplink traffic This is traffic from LAN WLAN to WAN Downstream Select the total amount of bandwidth from 64 Kilobits to 32 Megabits Bandwidth that you want to dedicate to uplink tr
171. hapter 31 Troubleshooting NBG 419N User s Guide Product Specifications The following tables summarize the NBG 419N s hardware and firmware features Table 79 Hardware Features Dimensions W x D x H 162 mm x 115 mm x 33 mm Weight 252g Power Specification Input 100 240 V AC 5060 Hz Output 12 V DC 1A Ethernet ports Auto negotiating 10 Mbps 100 Mbps in either half duplex or full duplex mode Auto crossover Use either crossover or straight through Ethernet cables 4 5 Port Switch A combination of switch and router makes your NBG 419N a cost effective and viable network solution You can add up to four computers to the NBG 419N without the cost of a hub when connecting to the Internet through the WAN port You can add up to five computers to the NBG 419N when you connect to the Internet in AP mode Add more than four computers to your LAN by using a hub LEDs PWR LAN1 4 WAN WLAN WPS Reset Button The reset button is built into the rear panel Use this button to restore the NBG 419N to its factory default settings Press for 1 second to restart the device Press for 5 seconds to restore to factory default settings WPS button Press the WPS on two WPS enabled devices within 120 seconds for a security enabled wireless connection Wireless Switch Turn on or turn off the wireless function of the NBG 419N using this switch There is no need to go into
172. hat it knows the password by encrypting the password with the challenge and sends back the information Password is not sent in plain text NBG 419N User s Guide 275 Appendix D Wireless LANs However MD5 authentication has some weaknesses Since the authentication server needs to get the plaintext passwords the passwords must be stored Thus someone other than the authentication server may access the password file In addition it is possible to impersonate an authentication server as MD5 authentication method does not perform mutual authentication Finally MD5 authentication method does not support data encryption with dynamic session key You must configure WEP encryption keys for data encryption EAP TLS Transport Layer Security With EAP TLS digital certifications are needed by both the server and the wireless stations for mutual authentication The server presents a certificate to the client After validating the identity of the server the client sends a different certificate to the server The exchange of certificates is done in the open before a secured tunnel is created This makes user identity vulnerable to passive attacks A digital certificate is an electronic ID card that authenticates the sender s identity However to implement EAP TLS you need a Certificate Authority CA to handle certificates which imposes a management overhead EAP TTLS Tunneled Transport Layer Service EAP TTLS is an extension of the EAP TLS
173. he Quick Start Guide 3 Make sure your Internet browser does not block pop up windows and has JavaScripts and Java enabled See Appendix A on page 233 4 Make sure your computer is in the same subnet as the NBG 419N If you know that there are routers between your computer and the NBG 419N skip this step e If there is a DHCP server on your network make sure your computer is using a dynamic IP address See Section 14 3 on page 139 e If there is no DHCP server on your network make sure your computer s IP address is in the same subnet as the NBG 419N See Appendix B on page 241 5 Reset the device to its factory defaults and try to access the NBG 419N with the default IP address See Section 28 3 on page 208 6 If the problem continues contact the network administrator or vendor or try one of the advanced suggestions Advanced Suggestion e If your computer is connected to the WAN port or is connected wirelessly use a computer that is connected to a LAN ETHERNET port can see the Login screen but cannot log in to the NBG 419N 1 Make sure you have entered the password correctly The default password is 1234 This field is case sensitive so make sure Caps Lock is not on NBG 419N User s Guide Chapter 31 Troubleshooting 2 This can happen when you fail to log out properly from your last session Try logging in again after 5 minutes 3 Disconnect and re connect the power adaptor or cord to the NBG 419N
174. he type of wireless security employed by the network Apply Click Apply to save your changes back to the NBG 419N Refresh Click Refresh to get this screen information afresh 11 9 WPS Station Screen Use this screen when you want to add a wireless station using WPS To open this screen click Network Wireless LAN WPS Station tab Note Note After you click Push Button on this screen you have to press a similar button in the wireless station utility within 2 minutes To add the second wireless station you have to press these buttons on both device and the wireless station again after the first 2 minutes Figure 75 Network Wireless LAN WPS Station General MACFilter Advanced QoS WPS WPS Station Scheduling WDS pe Add Station by WPS Click the below Push Button to add VPS stations to wireless network Push Button Or input station s PIN numbe r Start LJ Hote 1 The Push Button Configuration requires pressing a button on both the station and AP within 120 seconds 2 You may find the PIH number in the station s utility NBG 419N User s Guide 113 Chapter 11 Wireless LAN The following table describes the labels in this screen Table 44 Network gt Wireless LAN gt WPS Station LABEL DESCRIPTION Push Button Use this button when you use the PBC Push Button Configuration method to configure wireless stations s wireless settings See Section 10 3
175. hod KNOW mete E 100 11 9 1 Wireless Security Vel VIBW 455 i cic Xantia pnt P te Ua ed tet a bo d a 100 11 4 General Wireless LAN Screen 1e ncmpe rere o bei pin e ER PY HU eR R Ea Op Sa M EARS 103 EE DEI 104 yx es cisci MR 105 114 3 WPAPSKIWPA2 PSK e M 108 TIS SES FIOT od Be i o ird dett e a 109 11 5 Wireless LAN Advanced Sereen iussus ee eed ke rh aa erra E RM ba RE RA a XR anaa aeai baaada 110 11 7 Quality of Service OOS SCREEN 5uueceseseeeceseekaeurrenciciu p rnia eue bec ddEu porre Ia ene pet P du E bre Lea ERU pOE 111 TS WPS og M 112 119 WPS Station SOTSBIY iarspsisicti mei rap HEN TRIP Ide ERR TEMPE ERO UIRRRE FRU Eq ERI PERF EMPIRE EPA IgM RE REGNI 113 11 10 Scheduling p 114 TERN WDS o ERU IECUR 115 Chapter 12 sis r teas 119 pedet s 119 12 2 What You Gan DO ueste pb P dena p E meld bay Oc P RR e EO RR D al RO 119 12 3 What You Need To RECON cssc ee e RHEINE ERI SHE EE AAEE RE 120 12 3 1 Configuring Your laternot CODPIGDHOR iecur teet rri traut ert apu EbEI nna 120 12 5 WSS ise coit then euis bud Esa poU pA E bl Cea RR RE Rb ic ERR basin a 121 12 4 Intemet Conneccion sekanin n et pet Re Pr IEEE ER AEN S pU FEE POP N 122 124 1 Eumene Encapsulation Lue std Ib aes zen o oen s ota ba ba RO e COE P Rad 122 124 2 Animimecacaeec csi ET E mL 124
176. icahle amp Allow paste operations via script Q Disable 9 Enable Q Prompt amp Scripting of Java applets Disable AO Enable 12 Prompl Lene Abhenkie Sion m Reset custom settings to to Medium 7 Reset sea Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll down to Microsoft VM 4 Under Java permissions make sure that a safety level is selected NBG 419N User s Guide Appendix A Pop up Windows JavaScripts and Java Permissions 5 Click OK to close the window Figure 141 Security Settings Java Security Settings Settings Q Disable 9 Enable 3 Font download Disable 9 Enable a Prompt 3 Microsoft VM 3 Java permissions custom Osta 9 High safety Q Low safety Reset custom settings Reset to Medium Reset J JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 Make sure that Use Java 2 for lt applet gt under Java Sun is selected NBG 419N User s Guide Appendix A Pop up Windows JavaScripts and Java Permissions 3 Click OK to close the window Figure 142 Java Sun General Security Privacy Content Connections Programs Advanced Settings O Use inline AutoComplete O Use Passive FTP for firewall and DSL modem compatibility Use smoo
177. ices can be g associated with a single piece of hardware Nickname X Inactive ethO ethO Ethernet Edit Device NBG 419N User s Guide Appendix C Setting up Your Computer s IP Address 2 Double click on the profile of the network card you wish to configure The Ethernet Device General screen displays as shown Figure 161 Red Hat 9 0 KDE Ethernet Device General Ethernet Device General Route Hardware Device Nickname ethO DHCP Settings Hostname optional Statically set IP addresses Manual IP Address Settings Address Subnet Mask Default Gateway Address lt Activate device when computer starts Allow all users to enable and disable the device Automatically obtain IP address settings with dhcp v 4 Automatically obtain DNS information from provider 3 Cancel e If you have a dynamic IP address click Automatically obtain IP address settings with and select dhcp from the drop down list e If you have a static IP address click Statically set IP Addresses and fill in the Address Subnet mask and Default Gateway Address fields 3 Click OK to save the changes and close the Ethernet Device General screen 4 If you know your DNS server IP address es click the DNS tab in the Network Configuration screen Enter the DNS server infor
178. imply how the NBG 419N is being used in the network 5 1 1 Web Configurator Modes This refers to the configuration interface of the Web Configurator which has two modes e Easy The Web Configurator shows this mode by default Refer to Chapter 6 on page 51 for more information on the screens in this mode This interface may be sufficient for users who just want to use the device Expert Advanced users can change to this mode to customize all the functions of the NBG 419N Click Expert Mode after logging into the Web Configurator The User s Guide Chapter 3 on page 37 through Chapter 30 on page 213 discusses the screens in this mode 5 1 2 Device Modes This refers to the operating mode of the NBG 419N which can act as a e Router This is the default device mode of the NBG 419N Use this mode to connect the local network to another network like the Internet Go to Section 7 3 on page 64 to view the Status screen in this mode e Access Point Use this mode if you want to extend your network by allowing network devices to connect to the NBG 419N wirelessly Go to Section 8 4 on page 74 view the Status screen in this mode e WISP mode Use this mode if there is an existing wireless router or access point in the network to which you want to connect your local network Go to Section 9 4 on page 81 to view the Status screen in this mode NBG 419N User s Guide Chapter 5 NBG 419N Modes The following figure is a simple illustra
179. in the dialog box Enter ipconfig to show your computer s IP address If your computer s IP address is not in the correct range then see Appendix C on page 251 for information on changing your computer s IP address 4 After you ve set your computer s IP address open a web browser such as Internet Explorer and type 192 168 1 2 as the web address in your web browser Note After clicking Login the Easy mode appears Refer to Section on page 51 for the Easy mode screens Change to Expert mode to see the screens described in the sections following this 8 3 3 Configuring your WLAN Bandwidth Management and Maintenance Settings The configuration of wireless bandwidth management and maintenance settings in Access Point mode is the same as for Router Mode e See Chapter 11 on page 99 for information on the configuring your wireless network e See Chapter 21 on page 173 for information on configuring your Bandwidth Management screen e See Maintenance and Troubleshooting 195 for information on configuring your Maintenance settings NBG 419N User s Guide Chapter 8 Access Point Mode 8 4 AP Mode Status Screen Click to open the Status screen Figure 45 Status Screen Access Point Mode ZyXEL necnon ma Status Device Information Item Host Name Firmware Version Sys OP Mode LAN Information MAC Address IP Address IP Subnet Mask Default Gateway DHCP WLAN Information WLAN OP Mode
180. is successful 9 3 2 Accessing the Web Configurator in WISP Mode To login to Web Configurator in WISP mode do the following NBG 419N User s Guide Chapter 9 WISP Mode 1 Connect your computer to the LAN port of the NBG 419N 2 The default IP address of the NBG 419N is 192 168 1 1 If you did not change this you can use the same IP address in WISP mode Open a web browser such as Internet Explorer and type 192 168 1 1 as the web address in your web browser If you changed the IP address of your NBG 419N while in Router Mode use this IP address in WISP mode The WISP mode IP address is always the same as the Router mode IP adderss Note After clicking Login the Easy mode appears Refer to Section on page 51 for the Easy mode screens Click Expert mode to see the screens described in the sections following this 9 4 WISP Mode Status Screen Click to open the status screen Figure 51 Status WISP Mode Device Information Item Data Host Name NBG 419N Firmware Version V1 00 BFG 0 B6 03 31 2009 Sys OP Mode WISP Mode WAN Information MAC Address 00 0C 43 30 52 28 IP Address 0 0 0 0 IP Subnet Mask 0 0 0 0 Default Gateway DHCP Client LAN Information MAC Address 00 0C 43 30 52 28 IP Address 192 168 1 1 IP Subnet Mask 255 255 255 0 DHCP Server WLAN Information WLAN OP Mode Wireless Client Mode MAC Address 00 0C 43 30 52 28 Status OFF Name SSID None Connec
181. ish display disclose sell rent lease modify store loan distribute or create derivative works of the Software or any part thereof You may not assign sublicense convey or otherwise transfer pledge as security or otherwise encumber the rights and licenses granted hereunder with respect to the Software Certain components of the Software and third party open source programs included with the Software have been or may be made available by ZyXEL on its Open Source web site ftp opensource zyxel com collectively the Open Sourced Components You may modify or replace only these Open Sourced Components provided that you comply with the terms of this License and any applicable licensing terms governing use of the Open Sourced Components ZyXEL is not obligated to provide any maintenance technical or other support for the resultant modified Software You may not copy reverse engineer decompile reverse compile translate adapt or disassemble the Software or any part thereof nor shall you attempt to create the source code from the object code for the Software Except as and only to the extent expressly permitted in this License by applicable licensing terms governing use of the Open Sourced Components or by applicable law you may not market co brand NBG 419N User s Guide Appendix F Legal Information private label or otherwise permit third parties to link to the Software or any part thereof You may not use the Softwar
182. itional options appears in this screen See 11 4 2 and 11 4 3 sections Or you can select No Security to allow any client to associate this network without authentication Note If you enable the WPS function only No Security WPA PSK and WPA2 PSK are available in this field Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to reload the previous configuration for this screen See the rest of this chapter for information on the other labels in this screen 11 4 1 No Security Select No Security to allow wireless stations to communicate with the access points without any data encryption Note If you do not enable any wireless security on your NBG 419N your network is accessible to any wireless networking device that is within range Figure 68 Network gt Wireless LAN gt General No Security Wireless Setup Wireless LAN Network Name SSID T Hide SSID Channel Selection Operating Channel Security Security Mode L Note WPA PSK and WPA2 PSK can be configured when WPS enabled General MAC Filter Advanced QoS WPS WPS Station Scheduling WDS SE ON m Channel 06 2437MHz z Auto Channel Selection Channel 06 2437MHz No Security Apply Reset NBG 419N User s Guide Chapter 11 Wireless LAN The following table describes the labels in this screen Table 37 Network gt Wireless LAN gt General No Security
183. ized to use a specific service NBG 419N User s Guide Chapter 19 Firewall 19 4 General Firewall Screen Use this screen to enable or disable the NBG 419N s firewall and set up firewall logs Click Security gt Firewall to open the General screen Figure 102 Security gt Firewall gt General General Services Firewall Setup M Enable Firewall Apply Reset The following table describes the labels in this screen Table 63 Security gt Firewall gt General LABEL DESCRIPTION Enable Firewall Select this check box to activate the firewall The NBG 419N performs access control and protects against Denial of Service DoS attacks when the firewall is activated Apply Click Apply to save the settings Reset Click Reset to start configuring this screen again 19 5 Services Screen If an outside user attempts to probe an unsupported port on your NBG 419N an ICMP response packet is automatically returned This allows the outside user to know the NBG 419N exists Use this screen to prevent the ICMP response packet from being sent This keeps outsiders from discovering your NBG 419N when unsupported ports are probed You can also use this screen to enable service blocking enter delete modify the services you want to block and the date time you want to block them NBG 419N User s Guide Chapter 19 Firewall Click Security gt Firewall gt Services The s
184. k Reset to reload the previous configuration for this screen NBG 419N User s Guide WISP Mode 9 1 Overview Your NBG 419N can act as a wireless client In wireless client mode it can connect to an existing network via an access point Use this mode if you already have an access point or router in your network In the example below one NBG 419N A is configured as a wireless client and another is used as an access point B The wireless client has two clients that need to connect to the Internet The NBG 419N wirelessly connects to the available access point B Figure 48 Wireless Client Mode J Access Point built in firewall After the NBG 419N and the access point connect the NBG 419N acquires its WAN IP address from the access point The clients of the NBG 419N can now surf the Internet 9 2 What You Can Do e Use the Status screen Section 8 4 on page 74 to view read only information about your NBG 419N e Use the LAN screen Section 8 5 on page 76 to set the IP address for your NBG 419N acting as an access point e Use the Wireless LAN screen to associate your NBG 419N acting as a wireless client with an existing access point NBG 419N User s Guide Chapter 9 WISP Mode 9 3 What You Need to Know With the exception of the LAN screen the Monitor Configuration and Maintainance screens in WISP mode are similar to the ones in Router Mode See Chapter 11 on page 99 through Ch
185. king Home CM or DEY in the Easy Mode or Expert mode screens NBG 419N User s Guide Chapter 3 Introducing the Web Configurator The Home screen displays as follows Figure 18 Home Screen NBG 419N ome to the rou f ation interface Please GO and go to e Language EEE The following table describes the labels in this screen Table 11 Home Screen LABEL DESCRIPTION Go Click this to open the Easy mode Web Configurator Language Select a language to go to the Easy mode Web Configurator in that language and click Login This is just an example This shows the current weather either in celsius or fahrenheit of the city you specify in Section 3 2 3 1 on page 40 This is just an example This shows the time hh mm ss and date yyyy mm dd of the timezone you select in Section 3 2 3 2 on page 41 or Section 26 3 on page 201 3 2 3 1 Weather Edit You can change the temperature unit and select the location for which you want to know the weather Click the icon to change the Weather display Figure 19 Change Weather Be Change location UK Greenwich USA New York NBG 419N User s Guide Chapter 3 Introducing the Web Configurator The following table describes the labels in this screen Table 12 Change Weather LABEL DESCRIPTION C or OF Choose which temperature unit you want the NBG 419N to display Change Select the location for
186. l D m ii E 0 i i B i B i It i i li a i i i WU gt J 8 192 168 1 0 24 a a Se mee ee m m m RR ee mm ee m UR UR WA You can borrow one of the host ID bits to divide the network 192 168 1 0 into two separate sub networks The subnet mask is now 25 bits 255 255 255 128 or 25 The borrowed host ID bit can have a value of either 0 or 1 allowing two subnets 192 168 1 0 25 and 192 168 1 128 25 NBG 419N User s Guide Appendix B IP Addresses and Subnetting The following figure shows the company network after subnetting There are now two sub networks A and B Figure 145 Subnetting Example After Subnetting rA ug P a an i B uL 1 H if f UN f Internet fi it fi fl a a A D uy a a an g 4 192 168 1 0 25 88192 168 1 128 25 8I 43 4 am mumamam umm PF uum um um um um im um m5 In a 25 bit subnet the host ID has 7 bits so each sub network has a maximum of 27 2 or 126 possible hosts a host ID of all zeroes is the subnet s address itself all ones is the subnet s broadcast address 192 168 1 0 with mask 255 255 255 128 is subnet A itself and 192 168 1 127 with mask 255 255 255 128 is its broadcast address Therefore the lowest IP address that can be assigned to an actual host for subnet A is 192 168 1 1 and the highest is 192 168 1 126 Similarly the host ID range for subnet B is 192 168 1 129 to 192 168 1 254 Example
187. less client is able to communicate with the NBG 419N securely NBG 419N User s Guide Chapter 10 Tutorials The following figure shows you the example to set up wireless network and security on NBG 419N and wireless client ex NWD210N in this example by using PIN method Figure 59 Example WPS Process PIN Method Wireless Client NBG 419N Continuous Access Mode zj General MAC Filter Advanced QoS WPS WPS Station Sched Add Station by WPS Click the below Push Button to add VVPS stations to wireless network Push Button Or input station s PIN numbe r D unta auto Z Continuous Access Mode pd Eted Setup FF PIN 7 Manual Input 25327519 25327518 WITHIN 2 MINUTES D Authentication by PIN E aS SECURITY INFO a N COMMUNICATION NBG 419N User s Guide Chapter 10 Tutorials 10 4 Enabling and Configuring Wireless Security No WPS This example shows you how to configure wireless security settings with the following parameters on your NBG 419N SSID SSID_Example3 Channel 6 Security WPA PSK Pre Shared Key ThisismyWPA PSKpre sharedkey Follow the steps below to configure the wireless settings on your NBG 419N The instructions require that your hardware is connected see the Quick Start Guide and you are logged into the Web Configurator through your LAN connection see
188. llowing example shows a subnet mask identifying the network number in bold text and host ID of an IP address 192 168 1 2 in decimal Table 81 Subnet Mask Identifying Network Number 1ST 2ND 3RD 4TH OCTET OCTET OCTET OCTET 192 168 1 2 IP Address Binary 11000000 10101000 00000001 00000010 Subnet Mask Binary 11111111 11111111 11111111 00000000 NBG 419N User s Guide Appendix B IP Addresses and Subnetting Table 81 Subnet Mask Identifying Network Number 1ST 2ND 3RD 4TH OCTET OCTET OCTET OCTET 192 168 1 2 Network Number 11000000 10101000 00000001 Host ID 00000010 By convention subnet masks always consist of a continuous sequence of ones beginning from the leftmost bit of the mask followed by a continuous sequence of zeros for a total number of 32 bits Subnet masks can be referred to by the size of the network number part the bits with a 1 value For example an 8 bit mask means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes Subnet masks are expressed in dotted decimal notation just like IP addresses The following examples show the binary and decimal notation for 8 bit 16 bit 24 bit and 29 bit subnet masks Table 82 Subnet Masks BINARY 1ST 2ND 3RD 4TH DECIMAL OCTET OCTET OCTET OCTET 8 bit mask 11111111 00000000 00000000 00000000 255 0 0 0
189. loaded from website If the upgrade file is compressed ZIP file you must first extract the binary BIN file In some cases you may need to reconfigure File Path Browse Upload NBG 419N User s Guide Chapter 27 Firmware Upgrade The following table describes the labels in this screen Table 76 Maintenance gt Firmware Upgrade LABEL DESCRIPTION File Path Type in the location of the file you want to upload in this field or click Browse to find it Browse Click Browse to find the bin file you want to upload Remember that you must decompress compressed zip files before you can upload them Upload Click Upload to begin the upload process This process may take up to two minutes Note Do not turn off the NBG 419N while firmware upload is in progress After you see the Firmware Upload In Process screen wait two minutes before logging into the NBG 419N again The NBG 419N automatically restarts in this time causing a temporary network disconnect In some operating systems you may see the following icon on your desktop Figure 126 Network Temporarily Disconnected d Local Area Connection Network cable unplugged After two minutes log in again and check your new firmware version in the Status screen If the upload was not successful an error message appears Click Return to go back to the Firmware screen NBG 419N User s Guide Backup Rest
190. mat for example 15 00 is 3 00 PM NBG 419N User s Guide Chapter 3 Introducing the Web Configurator 3 2 2 Password Screen You should see a screen asking you to change your password highly recommended as shown next Figure 17 Change Password Screen Use this screen to change the password The Vizard setup walks you through the most common configuration settings We suggest you use this mode if itis the first time you are setting up your router or if you need to make basic configuration changes Use Advanced mode if you need access to more advanced features not included in Vizard mode New Password Ed Retype to Confirm The following table describes the labels in this screen Table 10 Change Password Screen LABEL DESCRIPTION New Password Type a new password Retype to Retype the password for confirmation Confirm Apply Click Apply to save your changes back to the NBG 419N Ignore Click Ignore if you do not want to change the password this time Note The management session automatically times out when the time period set in the Administrator Inactivity Timer field expires default five minutes go to Chapter 24 on page 197 to change this Simply log back into the NBG 419N if this happens 3 2 3 Home Screen If you have previously logged into the Web Configurator but did not click Logout you may be redirected to the Home screen You can also open this screen by clic
191. mation in the fields provided Figure 162 Red Hat 9 0 KDE Network Configuration DNS File Profile Help 689 New Edit Copy Delete Devices Hardware DNS Hosts a You may configure the system s hostname domain jH name servers and search domain Name servers are used to look up other hosts on the network Hostname Primary DNS Secondary DNS Tertiary DNS DNS Search Path Active Profile Common modified NBG 419N User s Guide Appendix C Setting up Your Computer s IP Address 5 Click the Devices tab 6 Click the Activate button to apply the changes The following screen displays Click Yes to save the changes in all screens Figure 163 Red Hat 9 0 KDE Network Configuration Activate redhat config network You have made some changes in your configuration To activate the network device ethO the changes have to be saved Do you want to continue 7 After the network card restart process is complete make sure the Status is Active in the Network Configuration screen Using Configuration Files Follow the steps below to edit the network configuration files and set your computer IP address 1 Assuming that you have only one network card on the computer locate the ifconfig ethO0 configuration file where etno is the name of the Ethernet card Open the configuration file with any plain text editor
192. ment gt Bandwidth Management gt General General f Advanced Monitor bm title Enable Bandwidth Management Apply Reset NBG 419N User s Guide Chapter 21 Bandwidth Management The following table describes the labels in this screen Table 66 Management gt Bandwidth Management gt General LABEL DESCRIPTION Enable This field allows you to have NBG 419N apply bandwidth Bandwidth management Management Enable bandwidth management to give traffic that matches a bandwidth rule priority over traffic that does not match a bandwidth rule Enabling bandwidth management also allows you to control the maximum or minimum amounts of bandwidth that can be used by traffic that matches a bandwidth rule Apply Click Apply to save your customized settings Reset Click Reset to begin configuring this screen afresh 21 5 Advanced Screen Use this screen to configure bandwidth management rules for the pre defined services or applications You can also use this screen to configure bandwidth management rule for other services or applications that are not on the pre defined list of NBG 419N Additionally you can define the source and destination IP addresses and port for a service or application Note The two tables shown in this screen can be configured and applied at the same time NBG 419N User s Guide 175 Chapter 21 Bandwidth Management 176 Click Management gt Bandwidt
193. mputer that sent the traffic to a server on the WAN Start Port Type a port number or the starting port number in a range of port numbers End Port Type a port number or the ending port number in a range of port numbers Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide Chapter 15 Network Address Translation NAT 15 5 1 Trigger Port Forwarding Example The following is an example of trigger port forwarding Figure 96 Trigger Port Forwarding Process Example Jane s computer NBG 419N Real Audio Server 1 Jane requests a file from the Real Audio server port 7070 2 Port 7070 is a trigger port and causes the NBG 419N to record Jane s computer IP address The NBG 419N associates Jane s computer IP address with the incoming port range of 6970 7170 3 The Real Audio server responds using a port number ranging between 6970 7170 4 The NBG 419N forwards the traffic to Jane s computer IP address 5 Only Jane can connect to the Real Audio server until the connection is closed or times out The NBG 419N times out in three minutes with UDP User Datagram Protocol or two hours with TCP IP Transfer Control Protocol Internet Protocol 15 5 2 Two Points To Remember About Trigger Ports 1 Trigger events only happen on data that is going coming from inside the NBG 419N and going to the outside If an applic
194. n permission of ZyXEL Communications Corporation Published by ZyXEL Communications Corporation All rights reserved Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products or software described herein Neither does it convey any license under its patent rights nor the patent rights of others ZyXEL further reserves the right to make changes in any products described herein without notice This publication is subject to change without notice Certifications Federal Communications Commission FCC Interference Statement The device complies with Part 15 of FCC rules Operation is subject to the following two conditions e This device may not cause harmful interference e This device must accept any interference received including interference that may cause undesired operations This device has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential installation This device generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause NBG 419N User s Guide Appendix F Legal Information harmful interference to radio communications However there is no guarantee that interference will not occur in a particular installation If this device doe
195. n web features or specific URL keywords What You Can Do Use the Content Filter Section 20 4 on page 168 screen to restrict web features add keywords for blocking and designate a trusted computer What You Need To Know Content filtering allows you to block certain web features such as cookies and or block access to specific web sites For example you can configure one policy that blocks John Doe s access to arts and entertainment web pages Content Filtering Profiles A content filtering profile conveniently stores your custom settings for the following features Restrict Web Features The NBG 419N can disable web proxies and block web features such as ActiveX controls Java applets and cookies NBG 419N User s Guide 167 Chapter 20 Content Filter Keyword Blocking URL Checking The NBG 419N checks the URL s domain name or IP address and file path separately when performing keyword blocking The URL s domain name or IP address is the characters that come before the first slash in the URL For example with the URL www zyxel com tw news pressroom php the domain name is www zyxel com tw The file path is the characters that come after the first slash in the URL For example with the URL www zyxel com tw news pressroom php the file path is news pressroom php Since the NBG 419N checks the URL s domain name or IP address and file path separately it will not find items that go across the two Fo
196. nable WPS the UPnP service will be turned on automatically Apply Reset The following table describes the labels in this screen Table 43 Network Wireless LAN WPS LABEL DESCRIPTION WPS Setup Enable WPS Select this to enable the WPS feature PIN Number This displays a PIN number last time system generated Click Generate to generate a new PIN number Status 112 NBG 419N User s Guide Chapter 11 Wireless LAN Table 43 Network gt Wireless LAN gt WPS LABEL DESCRIPTION Status This displays Configured when the NBG 419N has connected to a wireless network using WPS or when Enable WPS is selected and wireless or wireless security settings have been changed The current wireless and wireless security settings also appear in the screen This displays Unconfigured if WPS is disabled and there are no wireless or wireless security changes on the NBG 419N or you click Release_Configuration to remove the configured wireless and wireless security settings Release This button is only available when the WPS status displays Configured Configuration Click this button to remove all configured wireless and wireless security settings for WPS connections on the NBG 419N 802 11 Mode This is the 802 11 mode used Only compliant WLAN devices can associate with the NBG 419N SSID This is the name of the wireless network Security This is t
197. nel then the Log sub menu and finally the Log Setting tab to get to that screen e Units of measurement may denote the metric value or the scientific value For example k for kilo may denote 1000 or 1024 M for mega may denote 1000000 or 1048576 and so on e e g is a shorthand for for instance and i e means that is or in other words NBG 419N User s Guide 5 Document Conventions Icons Used in Figures Figures in this User s Guide may use the following generic icons The NBG 419N icon is not an exact representation of your device NBG 419N Computer Notebook computer Server Modem Firewall Telephone Switch Router J A 6 NBG 419N User s Guide Safety Warnings Safety Warnings e Do NOT use this product near water for example in a wet basement or near a swimming pool e Do NOT expose your device to dampness dust or corrosive liquids e Do NOT store things on the device e Do NOT install use or service this device during a thunderstorm There is a remote risk of electric shock from lightning e Connect ONLY suitable accessories to the device e Do NOT open the device or unit Opening or removing covers can expose you to dangerous high voltage points or other risks ONLY qualified service personnel should service or disassemble this device Please contact your vendor for further information e Make sure to connect the cables to th
198. nfiguration Protocol DHCP server 136 139 DHCP table 44 DHCP client information DHCP status Dimensions 225 disclaimer 285 DNS 141 DNS Server 120 DNS server 141 Domain Name System 141 Domain Name System See DNS duplex setting 66 76 83 Dynamic DNS 151 Dynamic Host Configuration Protocol 139 Dynamic WEP Key Exchange 276 DynDNS 152 DynDNS see also DDNS 152 NBG 419N User s Guide Index E EAP Authentication 275 Encryption 277 encryption 101 key 102 WPA compatible 102 ESS 270 ESSID 222 Extended Service Set 270 F FCC interference statement 285 File Transfer Program 181 Firewall ICMP packets 163 Firmware upload 205 file extension using HTTP firmware version 65 74 82 Fragmentation Threshold 273 FTP see also File Transfer Program 181 G General wireless LAN screen 103 H Hidden Node 271 HTTP 181 Hyper Text Transfer Protocol 181 IANA 250 IBSS 269 IEEE 802 119 273 IGMP 121 see also Internet Group Multicast Protocol version IGMP version 121 Independent Basic Service Set 269 Internet Assigned Numbers Authority See IANA Internet Group Multicast Protocol 121 IP Address 137 138 144 145 IP alias 137 IP Pool 140 J Java 169 L LAN 135 IP pool setup 136 LAN overview 135 LAN setup 135 LAN TCP IP 136 Language 211 Link type 66 75 83 Local Area Network 135 Log 200 MAC 109 MAC address 101 121 cloning 121 MAC address filter 101 MAC address filtering 109
199. nformation table e If the DHCP setting under LAN information is None your device has a fixed IP address e If the DHCP setting under LAN information is Client then your device receives an IP address from a DHCP server on the network 3 If your NBG 419N is a DHCP client you can find your IP address from the DHCP server This information is only available from the DHCP server which allocates IP addresses on your network Find this information directly from the DHCP server or contact your system administrator for more information 4 Reset your NBG 419N to change all settings back to their default This means your current settings are lost See Section 31 4 on page 221 in the Troubleshooting for information on resetting your NBG 419N forgot the password 1 The default password is 1234 NBG 419N User s Guide Chapter 31 Troubleshooting 2 If this does not work you have to reset the device to its factory defaults See Section 31 4 on page 221 cannot see or access the Login screen in the Web Configurator 1 Make sure you are using the correct IP address e The default IP address is 192 168 1 1 e If you changed the IP address Section 13 4 on page 137 use the new IP address e If you changed the IP address and have forgotten it see the troubleshooting suggestions for I don t know the IP address of my NBG 419N 2 Check the hardware connections and make sure the LEDs are behaving as expected See t
200. ng bandwidth management Memory Usage This shows what percentage of the heap memory the NBG 419N is using System Setting Firewall This shows whether the firewall is enabled or not Bandwidth This shows whether the bandwidth management is enabled or not Management UPnP This shows whether UPnP is enabled or not Configuration Mode This shows the web configurator mode you are viewing Expert Interface Status Interface This displays the NBG 419N port types The port types are WAN LAN and WLAN Status For the LAN and WAN ports this field displays Down line is down or Up line is up or connected For the WLAN it displays Up when the WLAN is enabled or Down when the WLAN is disabled Rate For the LAN ports this displays the port speed and duplex setting or N A when the line is disconnected For the WAN port it displays the port speed and duplex setting if you re using Ethernet encapsulation and Idle line ppp idle Dial starting to trigger a call and Drop dropping a call if you re using PPPoE or PPTP encapsulation This field displays N A when the line is disconnected For the WLAN it displays the maximum transmission rate when the WLAN is enabled and N A when the WLAN is disabled Summary BW MGMT Monitor Click Details to go to the Monitor BW MGMT Monitor screen Section 4 3 on page 43 Use this screen to view the amount of network
201. ng receiving data through 020 the LAN Off The LAN is not connected NBG 419N User s Guide 23 Chapter 1 Getting to Know Your NBG 419N NBG 419N User s Guide Connection Wizard 2 1 Overview This chapter provides information on the wizard setup screens in the Web Configurator The Web Configurator s wizard setup helps you configure your device to access the Internet Refer to your ISP for your Internet account information Leave a field blank if you don t have that information 2 2 Accessing the Wizard Launch your web browser and type http 192 168 1 1 as the website address Type 1234 default as the password and click Login Note The Wizard appears when the NBG 419N is accessed for the first time or when you reset the NBG 419N to its default factory settings The Wizard screen opens Choose your Language and click Connect to Internet Figure 3 Welcome MW eazy 123 Language NBG 419N User s Guide 25 Chapter 2 Connection Wizard 2 3 Connect to Internet The NBG 419N offers five Internet connection types They are Static IP DHCP PPPoE PPTP or L2TP The wizard attempts to detect which WAN connection type you are using Figure 4 Detecting your Internet Connection Type If the wizard does not detect a connection type you must select one from the drop down list box Check with your ISP to make sure you use the correct type Note If you get an
202. nges back to the NBG 419N Reset Click Reset to begin configuring this screen afresh 15 5 NAT Advanced Screen Some services use a dedicated range of ports on the client side and a dedicated range of ports on the server side With regular port forwarding you set a forwarding port in NAT to forward a service coming in from the server on the WAN to the IP address of a computer on the client side LAN The problem is that port forwarding only forwards a service to a single LAN IP address In order to use the same service on a different LAN computer you have to manually replace the LAN computer s IP address in the forwarding port with another LAN computer s IP address Trigger port forwarding solves this problem by allowing computers on the LAN to dynamically take turns using the service The NBG 419N records the IP address of a LAN computer that sends traffic to the WAN to request a service with a specific port number and protocol a trigger port When the NBG 419N s WAN port receives a response with a specific port number and protocol incoming port the NBG 419N forwards the traffic to the LAN IP address of the computer that sent the request After that computer s connection for that service closes another computer on the LAN can use the service in the same manner This way you do not need to configure a new IP address each time you want a different LAN computer to use the application To change your NBG 419N s trigger po
203. nnel is currently being used Therefore they are considered hidden from each other Figure 172 RTS CTS RTS Range Station AP RH gin e a When station A sends data to the AP it might not know that the station B is already using the channel If these two stations send data at the same time collisions may occur when both sets of data arrive at the AP at the same time resulting in a loss of messages for both stations RTS CTS is designed to prevent collisions due to hidden nodes An RTS CTS defines the biggest size data frame you can send before an RTS Request To Send CTS Clear to Send handshake is invoked When a data frame exceeds the RTS CTS value you set between 0 to 2432 bytes the station that wants to transmit this frame must first send an RTS Request To Send message to the AP for permission to send it The AP then responds with a CTS Clear to Send message to all other stations within its range to notify them to defer their transmission It also reserves and confirms with the requesting station the time frame for the requested transmission Stations can send frames smaller than the specified RTS CTS directly to the AP without the RTS Request To Send CTS Clear to Send handshake You should only configure RTS CTS if the possibility of hidden nodes exists on your network and the cost of resending large frames is more than the extra network overhead involved in the RTS Request To Send CTS Clear to Send han
204. not be used with dynamic WEP key exchange For added security certificate based authentications EAP TLS EAP TTLS and PEAP use dynamic keys for data encryption They are often deployed in corporate environments but for public deployment a simple user name and password pair is more practical The following table is a comparison of the features of authentication types Table 93 Comparison of EAP Authentication Types EAP MD5 EAP TLS EAP TTLS PEAP LEAP Mutual Authentication No Yes Yes Yes Yes Certificate Client No Yes Optional Optional No Certificate Server No Yes Yes Yes No Dynamic Key Exchange No Yes Yes Yes Yes Credential Integrity None Strong Strong Strong Moderate Deployment Difficulty Easy Hard Moderate Moderate Moderate Client Identity No No Yes Yes No Protection WPA 2 Wi Fi Protected Access WPA is a subset of the IEEE 802 11i standard WPA2 IEEE 802 11i is a wireless security standard that defines stronger encryption authentication and key management than WPA Key differences between WPA 2 and WEP are improved data encryption and user authentication Encryption Both WPA and WPA2 improve data encryption by using Temporal Key Integrity Protocol TKIP Message Integrity Check MIC and IEEE 802 1x In addition to TKIP WPA2 also uses Advanced Encryption Standard AES in the Counter mode with Cipher block chaining Message authentication code Protocol CCMP to off
205. nu File Edit View Window Special Help About This Computer D Apple System Profiler E Calculator Chooser ADSL Control and Status Control Panels b Appearance M Favorites Apple Menu Options Key Caps AppleTalk Network Browser ColorSync G Recent Applications Control Strip ij Recent Documents Date A Ti DialAssist cif Remote Access Status Energy Saver Scrapbook Extensions Manager 49 Sherlock 2 File Exchange dj Speakable Items File Sharing General Controls Internet Keyboard Keychain Access Launcher Location Manager Memory Modem Monitors Mouse Multiple Users Numbers QuickTime Settings Remote Access Software Update Sound TCP IP ext USB Printer Sharing NBG 419N User s Guide Appendix C Setting up Your Computer s IP Address 2 Select Ethernet built in from the Connect via list Figure 157 Macintosh OS 8 9 TCP IP Li TCP IP Comect via m Setup Ethernet gt DHCP Client ID Configure IP Address Subnet mask Router address Name server addr Using DHCP Server will be supplied by server 7 lt will be supplied by server gt lt will be supplied by server gt x will be supplied by server Search comans 3 For dynamically assigned settings select Using DHCP Server from the Configure list 4 For statically assigned se
206. o automatically give a service such as VoIP and video a priority level Click Network Wireless LAN QoS The following screen appears Figure 73 Network Wireless LAN QoS General MACFilter Advanced QoS WPS WPSStation Scheduling WDS WMM Configuration IV Enable WWMM QoS Apply Reset NBG 419N User s Guide Chapter 11 Wireless LAN The following table describes the labels in this screen Table 42 Network gt Wireless LAN gt QoS LABEL DESCRIPTION Enable WMM QoS Check this to have the NBG 419N automatically give a service a priority level according to the ToS value in the IP header of packets it sends WMM QoS Wifi MultiMedia Quality of Service gives high priority to voice and video which makes them run more smoothly Apply Click Apply to save your changes to the NBG 419N Reset Click Reset to reload the previous configuration for this screen 11 8 WPS Screen Use this screen to enable disable WPS view or generate a new PIN number and check current WPS status To open this screen click Network gt Wireless LAN gt WPS tab Figure 74 Network gt Wireless LAN gt WPS General MAC Filter Advanced QoS WPS wes Station Scheduling wos WPS Setup IV Enable WPS PIN Number 31667609 Generate Status Status Configured Release Configuration 802 11 Mode 11 bigin SSID SSID_Example3 Security WPA PSK l Hote If you e
207. od of time This means the NBG 419N consumes less electrical power RTS This is the maximum data fragment size that can be sent in a wireless Threshold network before the AP fragments the packet into smaller data frames Fragment This value controls how often wireless clients must get permission to send Threshold information to the AP The lower the value the more often the wireless clients must get permission If this value is greater than the fragmentation threshold value then wireless clients never have to get permission to send information to the AP Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to reload the previous configuration for this screen NBG 419N User s Guide Tutorials 10 1 Overview This chapter provides tutorials for your NBG 419N as follows e Connecting to the Internet from an Access Point e Configuring Wireless Security Using WPS e Enabling and Configuring Wireless Security No WPS 10 2 Connecting to the Internet from an Access Point This section gives you an example of how to set up an access point AP and wireless client a notebook B in this example for wireless communication B can access the Internet through the access point wirelessly Figure 57 Wireless Access Point Connection to the Internet Cu INTERNEJ 10 3 Configuring Wireless Security Using WPS This section gives you an example of how to set up wireless network
208. ollowing table describes the labels in this screen Table 71 Management Remote Management WWW LABEL DESCRIPTION Server Port You may change the server port number for a service if needed however you must use the same port number in order to use that service for remote management Server Access Select the interface s through which a computer may access the NBG 419N using this service Secured Client Select All to allow all computes to access the NBG 419N IP Address Otherwise check Selected and specify the IP address of the computer that can access the NBG 419N NBG 419N User s Guide Chapter 22 Remote Management LABEL DESCRIPTION Apply Click Apply to save your customized settings and exit this screen Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide Chapter 22 Remote Management NBG 419N User s Guide Universal Plug and Play UPnP 23 1 Overview This chapter introduces the UPnP feature in the web configurator Universal Plug and Play UPnP is a distributed open networking standard that uses TCP IP for simple peer to peer network connectivity between devices A UPnP device can dynamically join a network obtain an IP address convey its capabilities and learn about other devices on the network In turn a device can leave a network smoothly and automatically when it is no longer in use 23 2 What
209. on WAN IP Address The WAN IP address is an IP address for the NBG 419N which makes it accessible from an outside network It is used by the NBG 419N to communicate with other devices in other networks It can be static fixed or dynamically assigned by the ISP each time the NBG 419N tries to access the Internet If your ISP assigns you a static WAN IP address they should also assign you the subnet mask and DNS server IP address es and a gateway IP address if you use the Ethernet or ENET ENCAP encapsulation method DNS Server Address Assignment Use Domain Name System DNS to map a domain name to its corresponding IP address and vice versa for instance the IP address of www zyxel com is 204 217 0 2 The DNS server is extremely important because without it you must know the IP address of a computer before you can access it The NBG 419N can get the DNS server addresses in the following ways The ISP tells you the DNS server addresses usually in the form of an information sheet when you sign up If your ISP gives you DNS server addresses manually enter them in the DNS server fields If your ISP dynamically assigns the DNS server IP addresses along with the NBG 419N s WAN IP address set the DNS server fields to get the DNS server address from the ISP NBG 419N User s Guide Chapter 12 WAN WAN MAC Address The MAC address screen allows users to configure the WAN port s MAC address by either using the factory def
210. opping a call if you re using PPPoE or PPTP encapsulation This field displays N A when the line is disconnected For the WLAN it displays the maximum transmission rate when the WLAN is enabled and N A when the WLAN is disabled Summary Packet Statistics Click Details to go to the Monitor gt Packet Statistics screen Section 4 5 on page 45 Use this screen to view port status and packet specific statistics WLAN Station Status Click Details to go to the Monitor gt WLAN Station Status screen Section 4 6 on page 46 Use this screen to view the wireless stations that are currently associated to the NBG 419N 8 4 0 1 Navigation Panel Use the menu in the navigation panel to configure NBG 419N features in Access Point mode The following screen and table show the features you can configure in Access Point mode Figure 46 Menu Access Point Mode LI MONITOR CONFIGURATION MAINTENANCE open all close all open all close all open all close all Monitor Network Maintenance pag Vireless LAN 2 LAN Refer to Table 26 on page 67 for descriptions of the labels shown in the Navigation panel 8 5 LAN Screen Use this section to configure your LAN settings while in Access Point mode Click Network LAN to see the screen below NBG 419N User s Guide Chapter 8 Access Point Mode Note If you change the IP address of the NBG 419N in the screen below you will need
211. ore 28 1 Overview This chapter shows you how to backup restore and reset your NBG 419N Backup configuration allows you to back up save the NBG 419N s current configuration to a file on your computer Once your NBG 419N is configured and functioning properly it is highly recommended that you back up your configuration file before making configuration changes The backup configuration file will be useful in case you need to return to your previous settings Restore configuration allows you to upload a new or previously saved configuration file from your computer to your NBG 419N 28 2 What You Can Do Use the Backup Restore screen Section 28 3 on page 208 to view information related to factory defaults backup configuration and restoring configuration NBG 419N User s Guide 207 Chapter 28 Backup Restore 28 3 Configuration Screen Click Maintenance gt Backup Restore Information related to factory defaults backup configuration and restoring configuration appears as shown next Figure 127 Maintenance gt Backup Restore Backup Restore Backup Configuration Click Backup to save the current configuration of your system Backup to your computer Restore Configuration To restore a previously saved configuration file to your system browse to the location of the configuration file and click Upload File Path Browse Upload Back to Factory Defaults Click Reset to clear all user entered confi
212. orkgroup computers Rename Properties Other Places zi NBG 419N User s Guide Chapter 23 Universal Plug and Play UPnP 6 Right click on the icon for your NBG 419N and select Properties A properties window displays with basic information about the NBG 419N Figure 121 Network Connections My Network Places Properties Example ZyXEL Internet Sharing Gateway ji General mj ZyXEL Internet Sharing Gateway Manufacturer ZyXEL Model Name ZyXEL Internet Sharing Gateway Model Number Model Number Description ZyXEL Internet Sharing Gateway Device Address http 192 168 1 1 NBG 419N User s Guide 193 Chapter 23 Universal Plug and Play UPnP NBG 419N User s Guide PART V Maintenance and Troubleshooting Maintenance 197 Password 199 Time 201 Firmware Upgrade 205 Backup Restore 207 Reset Restart 211 Sys OP Mode 213 Troubleshooting 217 Maintenance 24 1 Overview This chapter provides information on the Maintenance gt General screen 24 2 What You Can Do e Use the General screen Section 24 3 on page 197 to enter a name to identify the NBG 419N in the network and set the password e Use the Time Setting screen Section 26 3 on page 201 to change your NBG 419N s time and date 24 3 General Screen Use this screen to enter a name to identify the NBG 419N in the network and set the password Click Maintenance gt General The following s
213. p WEP in the wireless network Note It is recommended that wireless networks use WPA PSK or stronger encryption IEEE 802 1x and WEP encryption are better than none at all but it is still possible for unauthorized devices to figure out the original information pretty quickly When you select WPA2 PSK in your NBG 419N you can also select an option WPA Compatible to support WPA as well In this case if some wireless clients support WPA and some support WPA2 you should set up WPA2 PSK depending on the type of wireless network login and select the WPA Compatible option in the NBG 419N Many types of encryption use a key to protect the information in the wireless network The longer the key the stronger the encryption Every wireless client in the wireless network must have the same key 11 3 1 4 WPS WiFi Protected Setup WPS is an industry standard specification defined by the WiFi Alliance WPS allows you to quickly set up a wireless network with strong security without having to configure security settings manually Depending on the devices in your network you can either press a button on the device itself or in its configuration utility or enter a PIN Personal Identification Number in the devices Then they connect and set up a secure network by themselves See how to set up a secure wireless network using WPS in the Section 10 3 on page 89 11 3 1 5 WDS Wireless Distribution System or WDS security is used between bridged
214. p using Daylight Saving Time at the same moment 1 A M GMT or UTC So in the European Union you would select Last Sunday October The time you type in the o clock field depends on your time zone In Germany for instance you would type 2 because Germany s time zone is one hour ahead of GMT or UTC GMT 1 Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide Chapter 26 Time NBG 419N User s Guide Firmware Upgrade 27 1 Overview This chapter shows you how to upload a new firmware upload or save backup configuration files and restart the NBG 419N 27 2 What You Can Do Use the Firmware screen Section 27 3 on page 205 to upload firmware to your NBG 419N 27 3 Firmware Upload Screen Find firmware at www zyxel com in a file that usually uses the system model name with a bin extension e g NBG 419N bin The upload process uses HTTP Hypertext Transfer Protocol and may take up to two minutes After a successful upload the system will reboot Click Maintenance gt Firmware Upgrade Follow the instructions in this screen to upload firmware to your NBG 419N Figure 125 Maintenance gt Firmware Upgrade Firmware Upgrade Upgrade Firmware To upgrade the internal device firmware browse to the location of the binary BIN upgrade file and click Upload Upgrade files can be down
215. ptional Example apple com earthlink net Ethernet Address 00 05 02 43 93 ff Click the lock to prevent further changes NBG 419N User s Guide 263 Appendix C Setting up Your Computer s IP Address 4 For statically assigned settings do the following e From the Configure box select Manually e Type your IP address in the IP Address box e Type your subnet mask in the Subnet mask box e Type the IP address of your Prestige in the Router address box 5 Click Apply Now and close the window 6 Turn on your Prestige and restart your computer if prompted Verifying Settings Check your TCP IP properties in the Network window Linux This section shows you how to configure your computer s TCP IP settings in Red Hat Linux 9 0 Procedure screens and file location may vary depending on your Linux distribution and release version Note Make sure you are logged in as the root administrator Using the K Desktop Environment KDE Follow the steps below to configure your computer IP address using the KDE 1 Click the Red Hat button located on the bottom left corner select System Setting and click Network Figure 160 Red Hat 9 0 KDE Network Configuration Devices File Profile Help S9 4 lb gQ x New Edit Copy Delete Activate Deactivate Devices Hardware DNS Hosts mE You may configure network devices associated with i m physical hardware here Multiple logical dev
216. r adaptor or cord is connected to the NBG 419N and plugged in to an appropriate power source Make sure the power source is turned on 3 Disconnect and re connect the power adaptor or cord to the NBG 419N 4 Ifthe problem continues contact the vendor One of the LEDs does not behave as expected 1 Make sure you understand the normal behavior of the LED See Section 1 5 on page 22 2 Check the hardware connections See the Quick Start Guide NBG 419N User s Guide 217 Chapter 31 Troubleshooting 3 Inspect your cables for damage Contact the vendor to replace any damaged cables 4 Disconnect and re connect the power adaptor to the NBG 419N 5 If the problem continues contact the vendor 31 2 NBG 419N Access and Login don t know the IP address of my NBG 419N 1 The default IP address is 192 168 1 1 2 Ifyou changed the IP address and have forgotten it you might get the IP address of the NBG 419N by looking up the IP address of the default gateway for your computer To do this in most Windows computers click Start Run enter cmd and then enter ipconfig The IP address of the Default Gateway might be the IP address of the NBG 419N it depends on the network so enter this IP address in your Internet browser Set your device to Router Mode login see the Quick Start Guide for instructions and go to the Device Information table in the Status screen Your NBG 419N s IP address is available in the Device I
217. r changes again NBG 419N User s Guide 221 Chapter 31 Troubleshooting You will lose all of your changes when you push the RESET button To reset the NBG 419N 1 Make sure the power LED is on 2 Press the RESET button for longer than 1 second to restart reboot the NBG 419N 3 Press the RESET button for longer than five seconds to set the NBG 419N back to its factory default configurations If the NBG 419N restarts automatically wait for the NBG 419N to finish restarting and log in to the Web Configurator The password is 1234 If the NBG 419N does not restart automatically disconnect and reconnect the NBG 419N s power Then follow the directions above again 31 5 Wireless Router AP Troubleshooting cannot access the NBG 419N or ping any computer from the WLAN wireless AP or router 1 Make sure the wireless LAN is enabled on the NBG 419N 2 Make sure the wireless adapter on the wireless station is working properly 3 Make sure the wireless adapter installed on your computer is IEEE 802 11 compatible and supports the same wireless standard as the NBG 419N 4 Make sure your computer with a wireless adapter installed is within the transmission range of the NBG 419N 5 Check that both the NBG 419N and your wireless station are using the same wireless and wireless security settings 6 Make sure traffic between the WLAN and the LAN is not blocked by the firewall on the NBG 419N 7 Make sure you
218. r example with the URL www zyxel com tw news pressroom php the NBG 419N would find tw in the domain name www zyxel com tw It would also find news in the file path news pressroom php but it would not find tw news 20 4 Content Filter Screen Use this screen to restrict web features add keywords for blocking and designate a trusted computer Click Security gt Content Filter to open the Content Filter screen Figure 104 Security gt Content Filter gt Content Filter a Trusted IP Setup A trusted computer has full access to all blocked resources 0 0 0 0 means there is no trusted computer Trusted Computer IP poso Address I Restrict Web Features ActiveX Java Cookies Web Proxy Keyword Blocking Enable URL Keyword Blocking Keyword fest 2 Add Keyword List test test 2 n Delete Clear All Apply Reset NBG 419N User s Guide Chapter 20 Content Filter The following table describes the labels in this screen Table 65 Security gt Content Filter gt Content Filter LABEL DESCRIPTION Trusted IP Setup To enable this feature type an IP address of any one of the computers in your network that you want to have as a trusted computer This allows the trusted computer to have full access to all features that are configured to be blocked by content filtering Leave this field blank to have no trusted computers Rest
219. re behaving as expected See the Quick Start Guide and Section 1 5 on page 22 2 Reboot the NBG 419N 3 If the problem continues contact your ISP The Internet connection is slow or intermittent 1 There might be a lot of traffic on the network Look at the LEDs and check Section 1 5 on page 22 If the NBG 419N is sending or receiving a lot of information try closing some programs that use the Internet especially peer to peer applications 2 Check the signal strength If the signal strength is low try moving the NBG 419N closer to the AP if possible and look around to see if there are any devices that might be interfering with the wireless network for example microwaves other wireless networks and so on 3 Reboot the NBG 419N 4 If the problem continues contact the network administrator or vendor or try one of the advanced suggestions Advanced Suggestions Check the settings for bandwidth management If it is disabled you might consider activating it If it is enabled you might consider changing the allocations Check the settings for QoS If it is disabled you might consider activating it If it is enabled you might consider raising or lowering the priority for some applications 31 4 Resetting the NBG 419N to Its Factory Defaults If you reset the NBG 419N you lose all of the changes you have made The NBG 419N re loads its default settings and the password resets to 1234 You have to make all of you
220. re unsure of what preamble mode your wireless stations support as all IEEE 802 11b compliant wireless adapters must support long preamble However not all wireless adapters support short preamble Use long preamble if you are unsure what preamble mode the wireless adapters support to ensure interpretability between the AP and the wireless stations and to provide more reliable communication in noisy networks Select Dynamic to have the AP automatically use short preamble when all wireless stations support it otherwise the AP uses long preamble Note The AP and the wireless stations MUST use the same preamble mode in order to communicate IEEE 802 11g Wireless LAN IEEE 802 11g is fully compatible with the IEEE 802 11b standard This means an IEEE 802 11b adapter can interface directly with an IEEE 802 11g access point and vice versa at 11 Mbps or lower depending on range IEEE 802 11g has NBG 419N User s Guide 273 Appendix D Wireless LANs several intermediate rate steps between the maximum and minimum data rates The IEEE 802 11g data rate and modulation are as follows Table 92 IEEE 802 11g MEPS TE MODULATION 1 DBPSK Differential Binary Phase Shift Keyed 2 DQPSK Differential Quadrature Phase Shift Keying 5 5 11 CCK Complementary Code Keying 6 9 12 18 24 36 OFDM Orthogonal Frequency Division Multiplexing 48 54 IEEE 802 1x In June 2001 the IEEE 802 1x standard was designe
221. reless Security No Security Choose No Security in the Wireless Security screen to let wireless devices within range access your wireless network Figure 13 Wireless Security No Security g any network activities Wireless DIST SE ETIN ETIIP9HEE NI G 4 1 9N Security mode NBG 419N User s Guide 33 Chapter 2 Connection Wizard The following table describes the labels in this screen Table 7 Wireless Security No Security LABEL DESCRIPTION Wireless Enter a descriptive name up to 32 printable 7 bit ASCII characters for the Network wireless LAN Name I SSID If you change this field on the NBG 419N make sure all wireless stations use the same SSID in order to access the network Security Select a Security level from the drop down list box mode Choose None to have no wireless LAN security configured If you do not enable any wireless security on your NBG 419N your network is accessible to any wireless networking device that is within range Exit Click this to close the wizard screen without saving Back Click this to return to the previous screen Next Click this to continue 2 5 2 Wireless Security WPA PSK WPA2 PSK Choose WPA PSK or WPA2 PSK security in the Wireless Security screen to set up a password for your wireless network A protec wirelessly Figure 14 Wireless Security WPA PSK WPA2 PSK Wireless Network Name SSID WCR 19N Security mode
222. reless clients NBG 419N User s Guide 279 Appendix D Wireless LANs Security Parameters Summary Refer to this table to see what other security parameters you should configure for each Authentication Method key management protocol type MAC address filters are not dependent on how you configure these security features Table 94 Wireless Security Relational Matrix AUTHENTICATION METHOD KEY ENCRYPTIO ENTER IEEE 802 1X MANAGEMENT N METHOD MANUAL KEY d PROTOCOL Open None No Disable Enable without Dynamic WEP Key Open WEP No Enable with Dynamic WEP Key Yes Enable without Dynamic WEP Key Yes Disable Shared WEP No Enable with Dynamic WEP Key Yes Enable without Dynamic WEP Key Yes Disable WPA TKIP No Enable WPA PSK TKIP Yes Enable WPA2 AES No Enable WPA2 PSK AES Yes Enable NBG 419N User s Guide Common Services The following table lists some commonly used services and their associated protocols and port numbers For a comprehensive list of port numbers ICMP type code numbers and services visit the IANA Internet Assigned Number Authority web site e Name This is a short descriptive name for the service You can use this one or create a different one if you like Protocol This is the type of IP protocol used by the service If this is TCP UDP then the service uses the same port number with TCP and UDP If this is USER DEFINED the Port s is th
223. rewall rule MAC Address This is the MAC address of the computer for which the firewall rule applies Dest IP Address This is the IP address of the computer to which traffic for the application or service is entering Source IP This is the IP address of the computer from which traffic for the Address application or service is initialized Protocol This is the protocol TCP UDP ICMP or None used to transport the packets for which you want to apply the firewall rule Dest Port Range This is the port number range of the destination that define the traffic type for example TCP port 80 defines web traffic Source Port This is the port number range of the source that define the traffic type Range for example TCP port 80 defines web traffic Action Drop Traffic matching the conditions of the firewall rule are stopped Delete Click this to remove the firewall rule Reset Click Reset to start configuring this screen again See Appendix E on page 281 for commonly used services and port numbers NBG 419N User s Guide Chapter 19 Firewall NBG 419N User s Guide 20 1 20 2 20 3 20 3 1 Content Filter Overview This chapter provides a brief overview of content filtering using the embedded web GUI Internet content filtering allows you to create and enforce Internet access policies tailored to your needs Content filtering is the ability to block certai
224. rict Web Features Select the box es to restrict a feature When you download a page containing a restricted feature that part of the web page will appear blank or grayed out Activex A tool for building dynamic and active Web pages and distributed object applications When you visit an ActiveX Web site Activex controls are downloaded to your browser where they remain in case you visit the site again Java A programming language and development environment for building downloadable Web components or Internet and intranet business applications of all kinds Cookies Used by Web servers to track usage and provide service based on ID Web Proxy A server that acts as an intermediary between a user and the Internet to provide security administrative control and caching service When a proxy server is located on the WAN it is possible for LAN users to circumvent content filtering by pointing to this proxy server Enable URL Keyword Blocking The NBG 419N can block Web sites with URLs that contain certain keywords in the domain name or IP address For example if the keyword bad was enabled all sites containing this keyword in the domain name or IP address will be blocked e g URL http www website com bad html would be blocked Select this check box to enable this feature Keyword Type a keyword in this field You may use any character up to 64 characters Wildcards are not allowed You can also
225. rned on by default You can turn the wireless LAN on or off using the switch at the rear panel of the NBG 419N The current wireless state is reflected in this field Network Service Set IDentity The SSID identifies the Service Set with which a Name SSID wireless station is associated Wireless stations associating to the NBG 419N must have the same SSID Enter a descriptive name up to 32 keyboard characters for the wireless LAN Hide SSID Select this check box to hide the SSID in the outgoing beacon frame so a station cannot obtain the SSID through scanning using a site survey tool Channel Set the operating frequency channel depending on your particular region Selection Select a channel from the drop down list box The options vary depending on the frequency band and the country you are in Refer to the Connection Wizard chapter for more information on channels This option is only available if Auto Channel Selection is disabled NBG 419N User s Guide Chapter 11 Wireless LAN Table 36 Network gt Wireless LAN gt General LABEL DESCRIPTION Operating Channel This displays the channel the NBG 419N is currently using Security Security Mode Select WEP WPA PSK or WPA2 PSK to add security on this wireless network The wireless clients which want to associate to this network must have same wireless security settings as the NBG 419N After you select to use a security add
226. roups see RFC 2236 Logging Use logs for troubleshooting You can view logs in the Web Configurator PPPoE PPPoE mimics a dial up Internet access connection PPTP Encapsulation Point to Point Tunneling Protocol PPTP enables secure transfer of data through a Virtual Private Network VPN The NBG 419N supports one PPTP connection at a time Universal Plug and Play UPnP The NBG 419N can communicate with other UPnP enabled devices in a network NBG 419N User s Guide 227 Chapter 32 Product Specifications 32 1 Wall mounting Instructions Complete the following steps to hang your NBG 419N on a wall Select a position free of obstructions on a sturdy wall Drill two holes for the screws Be careful to avoid damaging pipes or cables located inside the wall when drilling holes for the screws Do not insert the screws all the way into the wall Leave a small gap of about 0 5 cm between the heads of the screws and the wall Make sure the screws are snugly fastened to the wall They need to hold the weight of the NBG 419N with the connection cables Align the holes on the back of the NBG 419N with the screws on the wall Hang the NBG 419N on the screws Figure 133 Wall mounting Example Li E ALTUI NBG 419N User s Guide Chapter 32 Product Specifications The following are dimensions of an M4 tap screw and masonry plug used for wall mounting
227. rt settings click Network gt NAT gt Advanced The screen appears as shown NBG 419N User s Guide 147 Chapter 15 Network Address Translation NAT Note Only one LAN computer can use a trigger port range at a time Figure 95 Network gt NAT gt Advanced Port Triggering Rules Name Incoming Trigger Port End Port Port End Port p b fT hb Pp 2p b po pf ap b NNNM pf sf bo po pf sf bh po pf aep hb po pf 77 B po pf st b p b hb ap b p b hb of hb p pf uf bh p b bh ap hb p po b Aey Ree The following table describes the labels in this screen Table 59 Network gt NAT gt Advanced LABEL DESCRIPTION This is the rule index number read only Name Type a unique name up to 15 characters for identification purposes All characters are permitted including spaces Incoming Incoming is a port or a range of ports that a server on the WAN uses when it sends out a particular service The NBG 419N forwards the traffic with this port or range of ports to the client computer on the LAN that requested the service Start Port Type a port number or the starting port number in a range of port numbers End Port Type a port number or the ending port number in a range of port numbers Trigger The trigger port is a port or a range of ports that causes or triggers the NBG 419N to record the IP address of the LAN co
228. rtain keywords in the URL Management Bandwidth General Use this screen to enable bandwidth management Manageme gt nt Advanced Use this screen to set the upstream bandwidth and edit a bandwidth management rule Monitor Use this screen to view the amount of network bandwidth that applications running in the network are using Remote WWW Use this screen to be able to access the NBG 419N CIE RpSIQS from the LAN WAN or both UPnP General Use this screen to enable UPnP on the NBG 419N MAINTENANCE General Use this screen to view and change administrative settings such as system and domain names Password Password Use this screen to change the password of your NBG Setup 419N Time Time Use this screen to change your NBG 419N s time and date Setting Remote WWW Use this screen to configure through which interface s Manageme and from which IP address es users can use HTTP to nt manage the NBG 419N Firmware Use this screen to upload firmware to your NBG 419N Upgrade Backup Use this screen to backup and restore the configuration or Restore reset the factory defaults to your NBG 419N Reset Restart This screen allows you to reboot the NBG 419N without Restart turning the power off Sys OP This screen allows you to select whether your device acts Mode as a Router or a Access Point NBG 419N User s Guide Chapter 7 Router Mode NBG 419N User s Guide Access Point Mode 8 1 Overview Use your
229. rts on demand multi protocol and virtual private networking over public networks such as the Internet This screen displays when you select PPTP encapsulation Figure 82 Network gt WAN gt Internet Connection PPTP Encapsulation Internet Connection Advanced GMP Snooping MEEEEEEEEEENERENIEN ISP Parameters for Internet Access Encapsulation PPTP User Name pipuser Password freee Retype to Confirm uem IV Nailed Up Connection Idle Timeout sec fo in seconds PPTP Configuration Server IP Address f 72 1 1 254 C Get automatically from ISP C Use Fixed IP Address IP Address fi 721414 IP Subnet Mask pss 255 255 0 Gateway IP Address f 7241 1 254 WAH IP Address Assignment Get automatically from ISP C Use Fixed IP Address My WAN IP Address poso WAH DHS Assignment First DNS Server From ISP poso Second DNS Server From ISP p 0 0 0 WAH MAC Address io Factory default C Clone the computer s MAC address IP Address fi 92 168 1 33 C Set WAN MAC Address 00 00 00 00 00 00 Apply Reset NBG 419N User s Guide 127 Chapter 12 WAN The following table describes the labels in this screen Table 49 Network gt WAN gt Internet Connection PPTP Encapsulation LABEL DESCRIPTION ISP Parameters for Internet Access Connection Type To configure a PPTP client you must configure the User Name and Password fields for a PPP
230. rvice Set IBSS The following diagram shows an example of notebook computers using wireless adapters to form an Ad hoc wireless LAN Figure 169 Peer to Peer Communication in an Ad hoc Network ua om ome A __ _ CS SO B C A Basic Service Set BSS exists when all communications between wireless stations or between a wireless station and a wired network client go through one access point AP Intra BSS traffic is traffic between wireless stations in the BSS When Intra BSS is enabled wireless station A and B can access the wired network and communicate NBG 419N User s Guide Appendix D Wireless LANs with each other When Intra BSS is disabled wireless station A and B can still access the wired network but cannot communicate with each other Figure 170 Basic Service Set bin punu ai wy ESS An Extended Service Set ESS consists of a series of overlapping BSSs each containing an access point with each access point connected together by a wired network This wired connection between APs is called a Distribution System DS This type of wireless LAN topology is called an Infrastructure WLAN The Access Points not only provide communication with the wired network but also mediate wireless network traffic in the immediate neighborhood 270 NBG 419N User s Guide Appendix D Wireless LANs An ESSID ESS IDentification uniquely identifies each ESS All access point
231. s SSID channel and security If a wireless client is not allowed to use the wireless network it does not matter if it has the correct settings This type of security does not protect the information that is sent in the wireless network Furthermore there are ways for unauthorized devices to get the MAC address of an authorized wireless client Then they can use that MAC address to use the wireless network 11 3 1 3 Encryption Wireless networks can use encryption to protect the information that is sent in the wireless network Encryption is like a secret code If you do not know the secret code you cannot understand the message 1 Some wireless devices such as scanners can detect wireless networks but cannot use wireless networks These kinds of wireless devices might not have MAC addresses 2 Hexadecimal characters are 0 1 2 3 4 5 6 7 8 9 A B C D E and F NBG 419N User s Guide Chapter 11 Wireless LAN The types of encryption you can choose depend on the type of user authentication Table 35 Types of Encryption for Each Type of Authentication NO AUTHENTICATION Weakest No Security WEP ij WPA PSK Strongest WPA2 PSK Usually you should set up the strongest encryption that every wireless client in the wireless network supports Suppose the wireless network has two wireless clients Device A only supports WEP and device B supports WEP and WPA PSK Therefore you should set u
232. s the NBG 419N allows multicast messages on the LAN only All UPnP enabled devices may communicate freely with each other without additional configuration Disable UPnP if this is not your intention 23 4 UPnP Screen Use this screen to enable UPnP on your NBG 419N Click Management gt UPnP to display the screen shown next Figure 112 Management gt UPnP General UPnP Setup Device Name Enable the Universal Plug and Play UPnP Feature Apply Reset 188 NBG 419N User s Guide Chapter 23 Universal Plug and Play UPnP The following table describes the fields in this screen Table 72 Management gt UPnP LABEL DESCRIPTION Enable the Universal Plug Select this check box to activate UPnP Be aware that anyone and Play UPnP Feature could use a UPnP application to open the web configurator s login screen without entering the NBG 419N s IP address although you must still enter the password to access the web configurator Apply Click Apply to save the setting to the NBG 419N Cancel Click Cancel to return to the previously saved settings 23 5 Technical Refereance 23 5 1 The sections show examples of using UPnP Using UPnP in Windows XP Example This section shows you how to use the UPnP feature in Windows XP You must already have UPnP installed in Windows XP and UPnP activated on the NBG 419N Make sure the computer is connected to a LAN port of the NBG 419
233. s D Wirrocss LANS m 269 32 1 2 WPALZHPSK Application Example seision naaa ea 279 32 1 3 WPA 2 with RADIUS Application Example ccceceeceeceecceeceeeeeeteeeeeeeeeenenaeees 279 Appendix E Common OGerviaas xci RES QUERER PH ERU EEEpM IR A HM EDU Apu D RUE SEU D DET BER PLE UTE DEREEA 281 Appendix F Legal Informatii ossssscxev iet ae vers n E DPIR EBD CUL DER MR R ERR M URL FIER GRO 285 is e 293 NBG 419N User s Guide PART Introduction Getting to Know Your NBG 419N 21 Connection Wizard 25 Introducing the Web Configurator 37 NBG 419N Modes 49 Monitor 43 Tutorials 89 Getting to Know Your NBG 419N 1 1 Overview This chapter introduces the main features and applications of the NBG 419N The NBG 419N extends the range of your existing wired network without additional wiring providing easy network access to mobile users You can set up a wireless network with other IEEE 802 11b g n compatible devices A range of services such as a firewall and content filtering are also available for secure Internet computing You can use media bandwidth management to efficiently manage traffic on your network Bandwidth management features allow you to prioritize time sensitive or highly important applications such as Voice over the Internet VoIP 1 2 Applications Your can create the following networks using the NBG 419N e Wired You
234. s and their associated wireless stations within the same ESS must have the same ESSID in order to communicate Figure 171 Infrastructure WLAN Y f 1 NI bd s BSS Wireless Station B T Station C ic lam t gt Mri Rad nnsa rmm m curi ps Md US pg ER z Channel A channel is the radio frequency ies used by IEEE 802 11a b g wireless devices Channels available depend on your geographical area You may have a choice of channels for your region so you should use a different channel than an adjacent AP access point to reduce interference Interference occurs when radio signals from different access points overlap causing interference and degrading performance Adjacent channels partially overlap however To avoid interference due to overlap your AP should be on a channel at least five channels away from a channel that an adjacent AP is using For example if your region has 11 channels and an adjacent AP is using channel 1 then you need to select a channel between 6 or 11 RTS CTS A hidden node occurs when two stations are within range of the same access point but are not within range of each other The following figure illustrates a hidden node Both stations STA are within range of the access point AP or NBG 419N User s Guide 271 Appendix D Wireless LANs 272 wireless gateway but out of range of each other so they cannot hear each other that is they do not know if the cha
235. s cause harmful interference to radio television reception which can be determined by turning the device off and on the user is encouraged to try to correct the interference by one or more of the following measures 1 Reorient or relocate the receiving antenna 2 Increase the separation between the equipment and the receiver 3 Connect the equipment into an outlet on a circuit different from that to which the receiver is connected 4 Consult the dealer or an experienced radio TV technician for help fa FCC Radiation Exposure Statement e This transmitter must not be co located or operating in conjunction with any other antenna or transmitter e IEEE 802 11b or 802 11g operation of this product in the U S A is firmware limited to channels 1 through 11 e To comply with FCC RF exposure compliance requirements a separation distance of at least 20 cm must be maintained between the antenna of this device and all persons ii EREE EES HRA BTR RAS RR ELE AERERIHI gt ZR ARKE SI STE A AER gt DATS E tse T T ERDE x BBP PMS BORAR EA Mae RE e T E ol o REEL THEBURIEE MEX ZEIMSE A gt Ue
236. s you want to force a key verification before communication between the wireless client and the ZyXEL Device occurs Select Shared Key to force the clients to provide the WEP key prior to communication ASCII Select this option in order to enter ASCII characters as WEP key Hex Select this option in order to enter hexadecimal characters as a WEP key The preceding 0x that identifies a hexadecimal key is entered automatically Key 1 to Key 4 The WEP keys are used to encrypt data Both the NBG 419N and the wireless stations must use the same WEP key for data transmission If you chose 64 bit WEP then enter any 5 ASCII characters or 10 hexadecimal characters 0 9 A F If you chose 128 bit WEP then enter 13 ASCII characters or 26 hexadecimal characters 0 9 A F You must configure at least one key only one key can be activated at any one time The default key is key 1 Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to reload the previous configuration for this screen Refer to Table 36 on page 103 for descriptions of the other labels in this screen NBG 419N User s Guide 107 Chapter 11 Wireless LAN 11 4 3 WPA PSK WPA2 PSK Click Network gt Wireless LAN to display the General screen Select WPA PSK or WPA2 PSK from the Security Mode list Figure 70 Network gt Wireless LAN gt General WPA PSK WPA2 PSK Wireless S
237. sm MIC TKIP makes it much more difficult to decode data on a Wi Fi network than WEP making it difficult for an intruder to break into the network The encryption mechanisms used for WPA and WPA PSK are the same The only difference between the two is that WPA PSK uses a simple common password instead of user specific credentials The common password approach makes WPA PSK susceptible to brute force password guessing attacks but it s still an improvement over WEP as it employs an easier to use consistent single alphanumeric password User Authentication WPA or WPA2 applies IEEE 802 1x and Extensible Authentication Protocol EAP to authenticate wireless clients using an external RADIUS database If both an AP and the wireless clients support WPA2 and you have an external RADIUS server use WPA2 for stronger data encryption If you don t have an external RADIUS server you should use WPA2 PSK WPA2 Pre Shared Key that only requires a single identical password entered into each access point wireless gateway and wireless client As long as the passwords match a wireless client will be granted access to a WLAN If the AP or the wireless clients do not support WPA2 just use WPA or WPA PSK depending on whether you have an external RADIUS server or not Select WEP only when the AP and or wireless clients do not support WPA or WPA2 WEP is less secure than WPA or WPA2 NBG 419N User s Guide Appendix D Wireless LANs 32 1
238. ssing the Web Configurator 2 3 Make sure your NBG 419N hardware is properly connected and prepare your computer or computer network to connect to the NBG 419N refer to the Quick Start Guide Launch your web browser Type http 192 168 1 1 as the website address Your computer must be in the same subnet in order to access this website address NBG 419N User s Guide Chapter 3 Introducing the Web Configurator 3 2 1 Login Screen Note If this is the first time you are accessing the Web Configurator you may be redirected to the Wizard Refer to Chapter 2 on page 25 for the Connection Wizard screens The Web Configurator initially displays the following login screen Figure 16 Login screen NBG 419N e router configuration interface Enter d and click Lagin Password ces max 30 alphanumeric printable characters and nos EECC Erish The following table describes the labels in this screen Table 9 Login screen LABEL DESCRIPTION Password Type 1234 default as the password Language Select the language you want to use to configure the Web Configurator Click Login This shows the current weather either in celsius or fahrenheit of the city you specify in Section 3 2 3 1 on page 40 This shows the time hh mm ss and date yyyy mm dd of the timezone you select in Section 3 2 3 2 on page 41 or Section 26 3 on page 201 The time is in 24 hour for
239. sstevwsteaveccauscriessnsevsrsecuware 37 znERL 7 37 NBG 419N User s Guide EN Table of Contents e Accassimg Mie Web GOongu EO ebrei ER ERREUR REM ES E rid Y rp HER EP ERR RE V3 37 SNO s Euri Cm 38 oue P nsus SOMO uai tdeo r Ere HEX idpE Sod aute cid cre be Mercadian FERRO I LLERPIU E ROI Ras 39 253 Hoe Oe cinis dideeic esta e di a eie e ERR KL PC aH C et ho ie ua 39 Sa Neen Hie NBS curnea ibe aml Anameiliotan sia a 41 3 1 Procedure to Use Ine Reset BUOM scsesieiccciscaierdect saictadessonnrecastebeiateleecincechauneteennas 42 Chapter 4 ir ee t 43 CONES CUI EN E E TE D TCR EST D EN D een teen eer e 43 ae a VS GIN eut 43 AS BW MONT MONI iiec iet ILE etta E tae oat aapa S E e E aset E aug 43 SBAIDMLR TAS uunuddaiiduu b meuadExR cT EDRN 44 Ao Pake SSRS trc 45 do WLAN Slaton SIME saarien tied ainda AE E abd cs raaa EA baa 46 Chapter 5 PEs se TON d rl 49 SA OVI MGW ouiaaiasus dciadidecc suba Fata disp E oaa n E pu COURRIER aaO 49 2 1 1 Vial Conigurgtor OS aces tists Be x sats eadaascaad danced uer cda denne o ad i e DU d 49 5 12 OWI qn c HR 49 Chapter 6 do TT e P 51 Bs 7 C oM aime aa ie aed a ea eae ar eee ee ep EM 51 WC Y ONC WI al as lc iS ad as carat nde and dict dU ned ade Sita ls IM Pane 52 0 3 What rou Need ta KNOW acciccucticscsictchanelicors
240. st of programs that appears The utility displays a list of APs within range as shown in the example screen below NBG 419N User s Guide Chapter 10 Tutorials 4 Select SSID_Example3 and click Connect Figure 62 Connecting a Wireless Client to a Wireless Network t Available Network List Site Information Network Type Infrastructure Network Mode 802 119 ZyXEL YZU Channel amp ZyXEL test Security PA PSK MAC Address 00 40 C5 CD 1F 64 Surveyed at 11 46 38 iH 5 Select WPA PSK and type the security key in the following screen Click Next Figure 63 Security Settings gt Encryption Type WPA PSK gt Pre Shared Key TrisismyWPA PSKpre sharedkey Back Next Exit 6 The Confirm Save window appears Check your settings and click Save to continue Figure 64 Confirm Save gt Network Name SSID SSID_Example3 gt Network Type Infrastructure gt Network Mode 802 11b g gt Channel Auto Security WPA PSK Back Save Exit NBG 419N User s Guide Chapter 10 Tutorials 7 Check the status of your wireless connection in the screen below If your wireless connection is weak or you have no connection see the Troubleshooting section of this User s Guide Figure 65 Link Status S gt Profile Name Transmit Rate 2 Kbps gt Network Name SSID SSID Example3 Receive Rate 0 Kbps gt AP MAC Address 00 A0 C5 CD 1F 64 Authen
241. t Status Disassociated Security Mode No Security 802 11 Mode 802 11b gin Interface Status Interface Status Up Down Welcome Admin Easy Mode Home About CF Refresh Interval None Refresh Now System Status Item System Up Time Current Date Time System Resource CPU Usage Memory Usage System Setting Firewall Bandwidth Management UPnP Configuration Mode Summary BW MGMT Monitor Details DHCP Table Details Packet Statistics Details 20 mins 50 secs 2000 01 01 00 21 02 0 Enabled Disabled Enabled Expert NBG 419N User s Guide Chapter 9 WISP Mode The following table describes the labels shown in the Status screen Table 29 Status Screen WISP Mode LABEL DESCRIPTION Logout Click this at any time to exit the Web Configurator Device Information Host Name This is the System Name you enter in the Maintenance gt General screen It is for identification purposes Firmware Version This is the firmware version and the date created Sys OP Mode This is the device mode Section 5 1 2 on page 49 to which the NBG 419N is set WISP Mode WAN Information MAC Address This shows the WAN Ethernet adapter MAC Address of your device IP Address This shows the WAN port s IP address IP Subnet Mask This shows the WAN port
242. th scrolling HTTP 1 1 settings v Use HTTP 1 1 O Use HTTP 1 1 through proxy connections 29 EEE gu Use Java 2 v1 4 1 07 for Use Java 2 v1 4 1_07 for cappleb requires esta requires restart Icroso E Java ime enabled requires restart O Java logging enabled JIT compiler for virtual machine enabled requires restart Multimedia O Always show Internet Explorer 5 0 or later Radio toolbar O Don t display online media content in the media bar Enable Automatic Image Resizing x b Restore Defaults Cancel Apply NBG 419N User s Guide IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks IP addresses identify individual devices on a network Every networking device including computers servers routers printers etc needs an IP address to communicate across the network These networking devices are also known as hosts Subnet masks determine the maximum number of possible hosts on a network You can also use subnet masks to divide one network into multiple sub networks Introduction to IP Addresses One part of the IP address is the network number and the other part is the host ID In the same way that houses on a street share a common street name the hosts on a network share a common network number Similarly as each house has its own house number each host on the network has its own unique identifying number the host ID Routers use the network number to send pa
243. than individual computers the computers on the LAN do not need PPPoE software installed since the NBG 419N does that part of the task Furthermore with NAT all of the LAN s computers will have Internet access Figure 8 Internet Connection Type PPPoE 1 PPro ovided by your Internet Service Pro Dynamic IP Static IP IP Address 0 0 0 0 User Name pppoe user Az 0 3 Password The following table describes the labels in this screen Table 4 Internet Connection Type PPPoE LABEL DESCRIPTION Internet Select the PPPoE option for a dial up connection Connection Type Dynamic IP Select this radio button if your ISP did not assign you a fixed IP address Static IP Select this radio button provided by your ISP to give the NBG 419N a fixed unique IP address IP Address Type the name of your service provider User Name Type the user name given to you by your ISP Password Type the password associated with the user name above Exit Click this to close the wizard screen without saving NBG 419N User s Guide Chapter 2 Connection Wizard Table 4 Internet Connection Type PPPoE LABEL DESCRIPTION Back Click this to return to the previous screen Next Click this to continue 2 3 4 Connection Type PPTP Point to Point Tunneling Protocol PPTP is a network protocol that enables transfers of data from a remote client to a private server creating a
244. the factory defaults of your NBG 419N Refer to the chapter about introducing the Web Configurator for more information on the RESET button Note If you uploaded the default configuration file you may need to change the IP address of your computer to be in the same subnet as that of the default NBG 419N IP address 192 168 1 1 See Appendix C on page 251 for details on how to set up your computer s IP address NBG 419N User s Guide Chapter 28 Backup Restore NBG 419N User s Guide Reset Restart 29 1 Overview This chapter shows you how to restart your NBG 419N 29 2 What You Can Do Use the Reset Restart screen Section 29 3 on page 211 to reboot the NBG 419N without turning the power off 29 3 Reset Restart Screen System restart allows you to reboot the NBG 419N without turning the power off Click Maintenance gt Reset Restart to open the following screen Figure 128 Maintenance gt Reset Restart System Restart Click Restart to have the device perform a software restart The SYS or PAR LED blinks as the device restarts and then stays steady on if the restart is successful Wait a minute before logging into the device again Restart Click Restart to have the NBG 419N reboot This does not affect the NBG 419N s configuration NBG 419N User s Guide 211 Chapter 29 Reset Restart 212 NBG 419N User s Guide Sys OP
245. the Web Configurator Environment Antenna The NBG 419N is equipped with two 2dBi 2 4GHz detachable antennas to provide clear radio transmission and reception on the wireless network Operation Temperature 09 C 409 C 329F 1049F Humidity 20 90 Storage Environment Temperature 309 C 709 C 229F 158 F Humidity 20 95 NBG 419N User s Guide Chapter 32 Product Specifications Table 80 Firmware Features FEATURE DESCRIPTION Default IP Address 192 168 1 1 router 192 168 1 2 AP Default Subnet Mask 255 255 255 0 24 bits Default Password 1234 DHCP Pool 192 168 1 33 to 192 168 1 64 Wireless Interface Wireless LAN Default Wireless SSID ZyXEL Default Wireless DHCP Pool Size Wireless LAN Same as LAN 32 from 192 168 1 33 to 192 168 1 64 Device Management Use the Web Configurator to easily configure the rich range of features on the NBG 419N Wireless Functionality Allows IEEE 802 11b and or IEEE 802 11g wireless clients to connect to the NBG 419N wirelessly Enable wireless security WPA 2 PSK and or MAC filtering to protect your wireless network Note The NBG 419N may be prone to RF Radio Frequency interference from other 2 4 GHz devices such as microwave ovens wireless phones Bluetooth enabled devices and other wireless LANs Firmware Upgrade Download new firmware when available from the ZyXEL we
246. the same wireless network must use security compatible with the AP Security stops unauthorized devices from using the wireless network It can also protect the information that is sent in the wireless network 11 3 1 Wireless Security Overview The following sections introduce different types of wireless security you can set up in the wireless network NBG 419N User s Guide Chapter 11 Wireless LAN 11 3 1 1 SSID Normally the AP acts like a beacon and regularly broadcasts the SSID in the area You can hide the SSID instead in which case the AP does not broadcast the SSID In addition you should change the default SSID to something that is difficult to guess This type of security is fairly weak however because there are ways for unauthorized devices to get the SSID In addition unauthorized devices can still see the information that is sent in the wireless network 11 3 1 2 MAC Address Filter Every wireless client has a unique identification number called a MAC address A MAC address is usually written using twelve hexadecimal characters for example 00A0C5000002 or 00 A0 C5 00 00 02 To get the MAC address for each wireless client see the appropriate User s Guide or other documentation You can use the MAC address filter to tell the AP which wireless clients are allowed or not allowed to use the wireless network If a wireless client is allowed to use the wireless network it still has to have the correct setting
247. tically positioned on top Turn this off if your network is not using gaming Click OK to close this screen 6 6 2 Power Saving Use this screen to set the day of the week and time of the day when your wireless LAN is turned on and off Wireless LAN scheduling is disabled by default Disabling the wireless capability lowers the energy consumption of the of the NBG 419N Figure 32 Power Saving WLAN status C on of C on of C on off C on of C on of C on of C on of C on of A Power Saving Please schedule the wireless service with the table below Day IV Everyd T Mon Tue T Wed Thu I Fri l sat sun For the following times 24 Hour Format ay 00 hou 00 min 00 7 noun 00 mim 00 houn 00 min 00 noun 00 mim o0 ou 00 7 min 00 7 houn 00 7 min o0 ou 00 min 00 7 hour 00 min 00 oun 00 min 00 noun 00 min o0 houn 00 min 00 noun 00 min 00 houn 00 min 00 houn 00 mim 00 oun 00 min 00 noun 00 min The following table describes the labels in this screen Table 19 Power Saving LABEL DESCRIPTION WLAN Status Select On or Off to specify whether the Wireless LAN is turned on or off depending on what you selected in the WLAN Status field This field works in conjunction with the Day and Except for the following times fields
248. tication None gt Network Type Infrastructure Network Mode 802 119 gt Transmission Rate 18 Mbps Total Transmit 46 gt Security WPA PSK Total Receive 3 gt Channel 6 Link Quality 68 dBm Trend Chart Signal Strength 99909970000 Link Quality 90009090006 If your connection is successful open your Internet browser and enter http www zyxel com or the URL of any other web site in the address bar If you are able to access the web site your wireless connection is successfully configured NBG 419N User s Guide PART II Network Wireless LAN 99 WAN 119 LAN 135 DHCP Server 139 Network Address Translation NAT 143 Dynamic DNS 151 Static Route 153 RIP 157 Wireless LAN 11 1 Overview This chapter discusses how to configure the wireless network settings in your NBG 419N See the appendices for more detailed information about wireless networks The following figure provides an example of a wireless network Figure 66 Example of a Wireless Network NBG 419N The wireless network is the part in the blue circle In this wireless network devices A and B are called wireless clients The wireless clients use the access point AP to interact with other devices such as the printer or with the Internet Your NBG 419N is the AP NBG 419N User s Guide Chapter 11 Wireless LAN 11 2 What You Can Do Use the General screen Section 11 4 on page 103
249. tion Access Request Sent by an access point requesting authentication Access Reject Sent by a RADIUS server rejecting access e Access Accept Sent by a RADIUS server allowing access Access Challenge Sent by a RADIUS server requesting more information in order to allow access The access point sends a proper response from the user and then sends another Access Request message The following types of RADIUS messages are exchanged between the access point and the RADIUS server for user accounting e Accounting Request Sent by the access point requesting accounting e Accounting Response Sent by the RADIUS server to indicate that it has started or stopped accounting In order to ensure network security the access point and the RADIUS server use a shared secret key which is a password they both know The key is not sent over the network In addition to the shared key password information exchanged is also encrypted to protect the network from unauthorized access Types of Authentication This appendix discusses some popular authentication types EAP MD5 EAP TLS EAP TTLS PEAP and LEAP The type of authentication you use depends on the RADIUS server or the AP Consult your network administrator for more information EAP MD5 Message Digest Algorithm 5 MD5 authentication is the simplest one way authentication method The authentication server sends a challenge to the wireless station The wireless station proves t
250. tion of the device configuration modes of the NBG 419N Figure 25 Device Mode Example Router Access Point _ For more information on these modes and to change the mode of your NBG 419N refer to Chapter 30 on page 213 WISP The menu for changing device modes is available in Expert mode only Note Choose your Device Mode carefully to avoid having to change it later When changing to another mode the IP address of the NBG 419N changes The running applications and services of the network devices connected to the NBG 419N can be interrupted In WISP mode you should know the SSID and wireless security details of the access point to which you want to connect NBG 419N User s Guide Easy Mode 6 1 Overview The Web Configurator is set to Easy Mode by default You can configure several key features of the NBG 419N in this mode This mode is useful to users who are not fully familiar with some features that are usually intended for network administrators When you log in to the Web Configurator the following screen opens Figure 26 Easy Mode Network Map Pr NBG 419N FA Game Dery mer Content Bandwidth Engine IP sang BK Fiter nt MGMT ON OFF o JN NBG 419N User s Guide 51 Chapter 6 Easy Mode Click Status to open the following screen screen Figure 27 Easy Mode Status Screen Pr NBG 419N Name Time WAN IP MAC Address Firmware Version
251. to enable the Wireless LAN enter the SSID and select the wireless security mode Use the MAC Filter screen Section 11 5 on page 109 to allow or deny wireless stations based on their MAC addresses from connecting to the NBG 419N Use the Advanced screen Section 11 6 on page 110 to allow wireless advanced features such as intra BSS networking and set the RTS CTS Threshold Use the QoS screen Section 11 7 on page 111 to set priority levels to services such as e mail VoIP chat and so on Use the WPS screen Section 11 8 on page 112 to quickly set up a wireless network with strong security without having to configure security settings manually Use the WPS Station screen Section 11 9 on page 113 to add a wireless station using WPS Use the Scheduling screen Section 11 10 on page 114 to set the times your wireless LAN is turned on and off Use the WDS screen Section 11 11 on page 115 to configure Wireless Distribution System on your NBG 419N 11 3 What You Should Know Every wireless network must follow these basic guidelines Every wireless client in the same wireless network must use the same SSID The SSID is the name of the wireless network It stands for Service Set IDentity If two wireless networks overlap they should use different channels Like radio stations or television channels each wireless network uses a specific channel or frequency to send and receive information Every wireless client in
252. to log into the NBG 419N again using the new IP address Figure 47 Network gt LAN gt IP IP IP Alias LAN TCPAP Get from DHCP Server C Use Defined LAN IP Address IP Address 192116818 IP Subnet Mask 255 255 2550 Gateway IP Address pooo DHS Assignment First DNS Server FromiSP poos Second DNS Server FromisP poon Apply Reset The table below describes the labels in the screen Table 28 Network gt LAN gt IP LABEL DESCRIPTION Get from Click this to deploy the NBG 419N as an access point in the network DHCP Server When you enable this the NBG 419N gets its IP address from the network s DHCP server for example your ISP Users connected to the NBG 419N can now access the network i e the Internet if the IP address is given by the ISP The Web Configurator may no longer be accessible unless you know the IP address assigned by the DHCP server to the NBG 419N You need to reset the NBG 419N to be able to access the Web Configurator again see Section 28 3 on page 208 for details on how to reset the NBG 419N Also when you select this you cannot enter an IP address for your NBG 419N in the field below Use Defined Click this if you want to specify the IP address of your NBG 419N Or if LAN IP your ISP or network administrator gave you a static IP address to access Address the network or the Internet IP Address Type the IP address in dotted decimal notation The default setting is
253. tor 3 3 1 Procedure to Use the Reset Button 1 Make sure the power LED is on 2 Pressthe RESET button for longer than 1 second to restart reboot the NBG 419N 3 Press the RESET button for longer than five seconds to set the NBG 419N back to its factory default configurations NBG 419N User s Guide Monitor 4 1 Overview This chapter discusses read only information related to the device state of the NBG 419N Note To access the Monitor screens you can also click the links in the Summary table of the Status screen to view the bandwidth consumed packets sent received as well as the status of clients connected to the NBG 419N 4 2 What You Can Do e Use the BW MGMT Monitor screen Section 4 3 on page 43 to view the amount of network bandwidth that applications running in the network are using e Use the DHCP Table screen Section 4 4 on page 44 to view information related to your DHCP status e use the Packet Statistics screen Section 4 5 on page 45 to view port status packet specific statistics the system up time and so on e Use the WLAN Station Status screen Section 4 6 on page 46 to view the wireless stations that are currently associated to the NBG 419N 4 3 BW MGMT Monitor The Bandwidth Management BW MGMT Monitor allows you to view the amount of network bandwidth that applications running in the network are using The bandwidth is measured in kilobits per second kbps NBG 419N User s Gui
254. troduction Mae nnmnnn nnana 19 Chapter 1 Getting to Know Your NEG 419IN sisciniscinincincictncisainisannnnassnsnaniivantansipenbsniainiuensneansaiehindimnctannnn 21 MESS mem 21 T2 ADDICSUODS feces Grice endi ae ce a ees 21 1 2 Ways To Manage He NBG AVON 22usiecsaderntiiid ep OUS FULL XEVEYN ELA EE REALES AERE EE PARA 22 1 4 Good Habits for Managing the NBG 419N isis nena kk antera tna nnno raa aea 22 1 6 REDS TR 22 Chapter 2 Connection Wizard m 25 LT OVON M M 25 22 PARR We N na er 25 fae DEE S EE aT Pr 26 231 Connection Type DOHOP me EEA EEA N i 27 2 3 2 Connection Type Statie IB seriinin toute tomis secet reescatseeeteesnnreeeecesris 28 UmaNenr emi ullos 28 2 25 Connection Tbe PETI oodd eparciddeem rH Or FEEDER REIR EFRPIUE ER eas 30 2 9 9 Connection Type LE TE insoceiiensecciiesiclieere oct cut d dosi dct a d vs d Gc ORO Vae t Ad das Ul d dd dou b ida 31 ps POSNE ai ooa a a a 33 Zoe N Seo UNIS eee 33 2 5 1 Wireless Securibr Mo SECUTI sssccasiasssecasiassucedevnssstasensonsasatiannmcesevnnesscdenvdennsseennuos 33 2 5 2 Wireless Security WPA PSK WPA2 PSK essssersiierrreesrrrresserraneerrnandderenrestinnaaseennaae 34 Chapter 3 Introducing the Web Configurator ovsssccisienscsscssscccvecrenvssecvngnavscencuscest
255. tting up Your Computer s IP Address If you have previously configured DNS servers click Advanced and then the DNS tab to order them Figure 155 Windows XP Internet Protocol TCP IP Properties Internet Protocol TCP IP Properties General Alternate Configuration You can get IP settings assigned automatically if your network supports this capability Otherwise you need to ask your network administrator for the appropriate IP settings Obtain an IP address automatically Use the following IP address Obtain DNS server address automatically C Use the following DNS server addresses 8 Click OK to close the Internet Protocol TCP IP Properties window 9 Click Close OK in Windows 2000 NT to close the Local Area Connection Properties window 10 Close the Network Connections window Network and Dial up Connections in Windows 2000 NT 11 Turn on your Prestige and restart your computer if prompted Verifying Settings 1 Click Start All Programs Accessories and then Command Prompt 2 Inthe Command Prompt window type ipconfig and then press ENTER You can also open Network Connections right click a network connection click Status and then click the Support tab NBG 419N User s Guide Appendix C Setting up Your Computer s IP Address Macintosh OS 8 9 1 Click the Apple menu Control Panel and double click TCP IP to open the TCP IP Control Panel Figure 156 Macintosh OS 8 9 Apple Me
256. ttings do the following e From the Configure box select Manually e Type your IP address in the IP Address box e Type your subnet mask in the Subnet mask box e Type the IP address of your Prestige in the Router address box 5 Close the TCP IP Control Panel 6 Click Save if prompted to save changes to your configuration 7 Turn on your Prestige and restart your computer if prompted Verifying Settings Check your TCP IP properties in the TCP IP Control Panel window NBG 419N User s Guide Appendix C Setting up Your Computer s IP Address Macintosh OS X 1 Click the Apple menu and click System Preferences to open the System Preferences window Figure 158 Macintosh OS X Apple Menu Grab File Edit Capt About This Mac System Preferences Eine EE U6 2 Click Network in the icon bar e Select Automatic from the Location list e Select Built in Ethernet from the Show list e Click the TCP IP tab 3 For dynamically assigned settings select Using DHCP from the Configure list Figure 159 Macintosh OS X Network 80 Network EA a dL Show All Displays Network Startup Disk Location Automatic m Show Built in Ethernet B AppleTalk Proxies Configure Using DHCP ik Domain Name Servers Optional IP Address 192 168 11 12 168 95 1 1 Provided by DHCP Server Subnet Mask 255 255 254 0 Router 192 168 10 11 Search Domains Optional DHCP Client ID O
257. ubnet mask based on the IP address that you assign Unless you are implementing subnetting use the subnet mask computed by the NBG 419N Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide 137 Chapter 13 LAN 13 5 IP Alias Screen Use this screen to have the NBG 419N apply IP alias to create LAN subnets Click LAN gt IP Alias Figure 89 Network gt LAN gt IP Alias IP Alias 4 p Alias IP Address IP Subnet Mask Apply Reset The following table describes the labels in this screen Table 54 Network gt LAN gt IP Alias LABEL DESCRIPTION IP Alias Check this to enable IP alias IP Address Type the IP alias address of your NBG 419N in dotted decimal notation IP Subnet Mask The subnet mask specifies the network number portion of an IP address Your NBG 419N will automatically calculate the subnet mask based on the IP address that you assign Unless you are implementing subnetting use the subnet mask computed by the NBG 419N Apply Click Apply to save your changes back to the NBG 419N Reset Click Reset to begin configuring this screen afresh NBG 419N User s Guide DHCP Server 14 1 Overview DHCP Dynamic Host Configuration Protocol RFC 2131 and RFC 2132 allows individual clients to obtain TCP IP confi
258. ul if the device becomes unstable or even crashes If you forget your password you will have to reset the NBG 419N to its factory default settings If you backed up an earlier configuration file you would not have to totally re configure the NBG 419N You could simply restore your last configuration 1 5 LEDs Figure 2 Front Panel ZyXEL C gt quM GP Hu e C D EED a 22 NBG 419N User s Guide Chapter 1 Getting to Know Your NBG 419N The following table describes the LEDs and the WPS button Table 1 Front Panel LEDs and WPS Button LED COLOR STATUS DESCRIPTION POWER Green On The NBG 419N is receiving power and functioning properly I Off The NBG 419N is not receiving power WLAN Green On The NBG 419N is ready but is not sending receiving data through the wireless LAN Blinking The NBG 419N is sending receiving data through ix the wireless LAN l off The wireless LAN is not ready or has failed WPS Green On WPS is enabled Blinking The NBG 419N is negotiating a WPS connection with a wireless client 4 Off The wireless LAN is not ready or has failed WAN Green On The NBG 419N has a successful 10 100MB WAN connection Blinking The NBG 419N is sending receiving data through e the WAN Off The WAN connection is not ready or has failed LAN 1 4 Green On The NBG 419N has a successful 10 100MB Ethernet connection Blinking The NBG 419N is sendi
259. ure 167 Red Hat 9 0 Restart Ethernet Card root localhost init d network restart Shutting down interface eth0 OK Shutting down loopback interface OK Setting network parameters OK Bringing up loopback interface OK Bringing up interface eth0 OK NBG 419N User s Guide 267 Appendix C Setting up Your Computer s IP Address 32 1 1 Verifying Settings Enter ifconfig in a terminal screen to check your TCP IP properties Figure 168 Red Hat 9 0 Checking TCP IP Properties root localhost ifconfig etho Link encap Ethernet HWaddr 00 50 BA 72 5B 44 inet addr 172 23 19 129 Bceast 172 23 19 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 717 errors 0 dropped 0 overruns 0 frame 0 TX packets 13 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 100 RX bytes 730412 713 2 Kb TX bytes 1570 1 5 Kb Interrupt 10 Base address 0x1000 root localhost NBG 419N User s Guide Wireless LANs Wireless LAN Topologies This section discusses ad hoc and infrastructure wireless LAN topologies Ad hoc Wireless LAN Configuration BSS The simplest WLAN configuration is an independent Ad hoc WLAN that connects a set of computers with wireless stations A B C Any time two or more wireless adapters are within range of each other they can set up an independent network which is commonly referred to as an Ad hoc network or Independent Basic Se
260. using WPS This example uses the NBG 419N as the AP and NWD210N as the wireless client which connects to a notebook NBG 419N User s Guide Chapter 10 Tutorials 10 3 1 Note The wireless client must be a WPS aware device for example a WPS USB adapter or PCI card There are two WPS methods for creating a secure connection This tutorial shows you how to do both Push Button Configuration PBC create a secure wireless network simply by pressing a button See Section 10 3 1 on page 90 This is the easier method e PIN Configuration create a secure wireless network simply by entering a wireless client s PIN Personal Identification Number in the NBG 419N s interface See Section 10 3 2 on page 91 This is the more secure method since one device can authenticate the other Push Button Configuration PBC Make sure that your NBG 419N is turned on and that it is within range of your computer Make sure that you have installed the wireless client this example uses the NWD210N driver and utility in your notebook In the wireless client utility find the WPS settings Enable WPS and press the WPS button Start or WPS button Log into NBG 419N s Web Configurator and press the Push Button button in the Network Wireless Client WPS Station screen Note Your NBG 419N has a WPS button located on its panel as well as a WPS button in its configuration utility Both buttons have exactly the same function you can
261. via ADSL Cable Modem PCs in LAH ports share the same IP to ISP through WAH Port Access Point In this mode all Ethernet ports are bridged together The device allows the wireless equipped computer can communicate with a wired network WISP Mode In this mode the device acts as a wireless client It can connect to an existing network via an access point Also router functions are added between the wireless WAH and the LAN Apply Reset Note You have to log in to the Web Configurator again when you change modes As Soon as you do your NBG 419N is already in Access Point mode When you select Access Point Mode the following pop up message window appears Figure 44 Pop up for Access Point mode A Ports are LAN 5 Ethernet LAN ports WLAN LAN DHCP server is disabled amp unconfigurable LAN IP is 192 168 1 2 WAN IP is unreachable Click OK The Web Configurator refreshes once the change to Access Point mode is successful NBG 419N User s Guide Chapter 8 Access Point Mode 8 3 2 Accessing the Web Configurator in Access Point Mode Log in to the Web Configurator in Access Point mode do the following 1 Connect your computer to the LAN port of the NBG 419N 2 The default IP address of the NBG 419N is 192 168 1 2 In this case your computer must have an IP address in the range between 192 168 1 3 and 192 168 1 254 3 Click Start Run on your computer in Windows Type cmd
262. vice is disabled and you must have another DHCP sever on your LAN or else the computers must have their DNS server addresses manually configured First DNS Server Second DNS Server Select From ISP if your ISP dynamically assigns DNS server information and the NBG 419N s WAN IP address The field to the right displays the read only DNS server IP address that the ISP assigns Select User Defined if you have the IP address of a DNS server Enter the DNS server s IP address in the field to the right If you chose User Defined but leave the IP address set to 0 0 0 0 User Defined changes to None after you click Apply If you set a second choice to User Defined and enter the same IP address the second User Defined changes to None after you click Apply Select DNS Relay to have the NBG 419N act as a DNS proxy The NBG 419N s LAN IP address displays in the field to the right read only The NBG 419N tells the DHCP clients on the LAN that the NBG 419N itself is the DNS server When a computer on the LAN sends a DNS query to the NBG 419N the NBG 419N forwards the query to the NBG 419N s system DNS server configured in the WAN gt Internet Connection screen and relays the response back to the computer You can only select DNS Relay for one of the three servers if you select DNS Relay for a second or third DNS server that choice changes to None after you click Apply Select None if you do not want to configure DNS servers If you
263. web configurator again and check you have typed all information correctly See the User s Guide for more suggestions Figure 15 Congratulations You are connected to the Internet And ttr in easy router management tool ever You can also click ZyGO to open the Easy Mode Web Configurator of your NBG 419N NBG 419N User s Guide 35 Chapter 2 Connection Wizard You have successfully set up your NBG 419N to operate on your network and access the Internet You are now ready to connect wirelessly to your NBG 419N and access the Internet NBG 419N User s Guide Introducing the Web Configurator 3 1 Overview This chapter describes how to access the NBG 419N Web Configurator and provides an overview of its screens The Web Configurator is an HTML based management interface that allows easy setup and management of the NBG 419N via Internet browser Use Internet Explorer 6 0 and later or Netscape Navigator 7 0 and later versions or Safari 2 0 or later versions The recommended screen resolution is 1024 by 768 pixels In order to use the Web Configurator you need to allow e Web browser pop up windows from your device Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 e JavaScripts enabled by default e Java permissions enabled by default Refer to the Troubleshooting chapter Chapter 31 on page 217 to see how to make sure these functions are allowed in Internet Explorer 3 2 Acce
264. which you want to know the weather If Location the city you want is not listed choose one that is closest to it Finish Click this to apply the settings and refresh the date and time display 3 2 3 2 Time Date Edit One timezone can cover more than one country You can choose a particular country in which the NBG 419N is located and have the NBG 419N display and use the current time and date for its logs Click the icon to change the Weather display Figure 20 Change Password Screen Change time zone GMT 06 00 Central America GMT 06 00 Central Time US amp Canada The following table describes the labels in this screen Table 13 Change Password Screen LABEL DESCRIPTION Change time Select the specific country whose current time and date you zone want the NBG 419N to display Finish Click this to apply the settings and refresh the weather display Note You can also edit the timezone in Section 26 3 on page 201 3 3 Resetting the NBG 419N If you forget your password or IP address or you cannot access the Web Configurator you will need to use the RESET button at the back of the NBG 419N to reload the factory default configuration file This means that you will lose all configurations that you had previously saved the password will be reset to 1234 and the IP address will be reset to 192 168 1 1 NBG 419N User s Guide Chapter 3 Introducing the Web Configura
265. y hh mm ss When you set Time and Date Setup to Manual enter the new time in this field and then click Apply New Date This field displays the last updated date from the time server or the last date configured manually yyyy mm dd When you set Time and Date Setup to Manual enter the new date in this field and then click Apply Get from Time Server Select this radio button to have the NBG 419N get the time and date from the time server you specified below Auto Select Auto to have the NBG 419N automatically search for an available time server and synchronize the date and time with the time server after you click Apply User Defined Time Server Address Select User Defined Time Server Address and enter the IP address or URL up to 20 extended ASCII characters in length of your time server Check with your ISP network administrator if you are unsure of this information Time Zone Setup Time Zone Choose the time zone of your location This will set the time difference between your time zone and Greenwich Mean Time GMT Daylight Savings Daylight saving is a period from late spring to early fall when many countries set their clocks ahead of normal local time by one hour to give more daytime light in the evening Select this option if you use Daylight Saving Time NBG 419N User s Guide Chapter 26 Time Table 75 Maintenance gt Time LABEL DESCRIPTION St
Download Pdf Manuals
Related Search