User ManualTable of ContentsUser’s Guide1About This User's Guide3Document Conventions4Safety Warnings6Contents Overview9Table of Contents11List of Figures23List of Tables31Introduction37Introducing the ZyXEL Device391.1 Overview391.2 Ways to Manage the ZyXEL Device401.3 Good Habits for Managing the ZyXEL Device401.4 Applications for the ZyXEL Device411.4.1 Internet Access411.4.2 Making Calls via Internet Telephony Service Provider411.4.3 Make Peer-to-peer Calls421.4.4 Firewall for Secure Broadband Internet Access421.4.5 LAN to LAN Application431.5 LEDs441.6 The RESET Button451.6.1 Using The Reset Button45Introducing the Web Configurator472.1 Web Configurator Overview472.1.1 Accessing the Web Configurator472.2 Web Configurator Main Screen502.2.1 Title Bar502.2.2 Navigation Panel512.2.3 Main Window532.2.4 Status Bar53Wizard55Internet and Wireless Setup Wizard573.1 Introduction573.2 Internet Access Wizard Setup573.2.1 Manual Configuration603.3 Wireless Connection Wizard Setup653.3.1 Manually Assign a WPA key683.3.2 Manually Assign a WEP Key68VoIP Wizard And Example714.1 Introduction714.2 VoIP Wizard Setup71Bandwidth Management Wizard775.1 Introduction775.2 Bandwidth Management Wizard Setup77Advanced81Status Screens836.1 Status Screen836.2 Any IP Table866.3 WLAN Status (“W” models only)876.4 Packet Statistics876.5 VoIP Statistics89WAN Setup937.1 WAN Overview937.1.1 Encapsulation937.1.2 Multiplexing947.1.3 VPI and VCI947.1.4 IP Address Assignment947.1.5 Nailed-Up Connection (PPP)957.1.6 NAT957.2 Metric957.3 Traffic Shaping967.3.1 ATM Traffic Classes977.4 Zero Configuration Internet Access977.5 Internet Access Setup987.5.1 Advanced Internet Access Setup1007.6 WAN More Connections1017.7 Traffic Redirect1027.8 WAN Backup Setup103LAN Setup1058.1 LAN Overview1058.1.1 LANs, WANs and the ZyXEL Device1058.1.2 DHCP Setup1068.2 DNS Server Addresses1068.3 LAN TCP/IP1068.3.1 IP Address and Subnet Mask1078.3.2 RIP Setup1088.3.3 Multicast1088.3.4 Any IP1098.4 Configuring LAN IP1108.4.1 Configuring Advanced LAN Setup1118.5 DHCP Setup1128.6 LAN Client List1138.7 LAN IP Alias114Wireless LAN1179.1 Wireless Network Overview1179.2 Wireless Security Overview1189.2.1 SSID1189.2.2 MAC Address Filter1189.2.3 User Authentication1189.2.4 Encryption1199.2.5 One-Touch Intelligent Security Technology (OTIST)1209.3 Wireless Performance Overview1209.3.1 Quality of Service (QoS)1209.4 Additional Wireless Terms1209.5 General WLAN Screen1219.5.1 No Security1229.5.2 WEP Encryption Screen1239.5.3 WPA(2)-PSK1249.5.4 WPA(2) Authentication Screen1259.5.5 Wireless LAN Advanced Setup1279.6 OTIST Screen1289.6.1 Notes on OTIST1309.7 MAC Filter1319.8 QoS Screen1339.8.1 Application Priority Configuration134Network Address Translation (NAT) Screens13710.1 NAT General Overview13710.1.1 NAT Definitions13710.1.2 What NAT Does13810.1.3 How NAT Works13810.1.4 NAT Application13810.1.5 NAT Mapping Types13910.2 SUA (Single User Account) Versus NAT14010.3 NAT General Setup14010.4 Port Forwarding14110.4.1 Default Server IP Address14210.4.2 Port Forwarding: Services and Port Numbers14210.4.3 Configuring Servers Behind Port Forwarding (Example)14210.5 Configuring Port Forwarding14310.5.1 Port Forwarding Rule Edit14410.6 Address Mapping14510.6.1 Address Mapping Rule Edit14610.6.2 SIP ALG148Voice14911.1 Introduction to VoIP14911.2 SIP14911.2.1 SIP Identities14911.2.2 SIP Call Progression15011.2.3 SIP Servers15011.2.4 RTP15211.2.5 Pulse Code Modulation15211.2.6 Voice Coding15211.2.7 PSTN Call Setup Signaling15311.2.8 MWI (Message Waiting Indication)15311.2.9 Custom Tones (IVR)15311.3 Quality of Service (QoS)15411.3.1 Type of Service (ToS)15411.3.2 DiffServ15411.3.3 VLAN Tagging15511.4 SIP Settings Screen15511.5 Advanced SIP Setup Screen15611.6 SIP QoS Screen16011.7 Phone16011.7.1 Voice Activity Detection/Silence Suppression16011.7.2 Comfort Noise Generation16111.7.3 Echo Cancellation16111.8 Analog Phone Screen16111.9 Advanced Analog Phone Setup Screen16211.10 Common Phone Settings Screen16311.11 Phone Services Overview16411.11.1 The Flash Key16511.11.2 Europe Type Supplementary Phone Services16511.11.3 USA Type Supplementary Services16611.12 Phone Region Screen16811.13 Speed Dial16811.14 Incoming Call Policy Screen17011.15 Distinctive Ring Screen17211.16 PSTN Line (“L” models only)17311.17 PSTN Line Screen (“L” models only)174VoIP Trunking17512.1 VoIP Trunking Overview17512.2 VoIP Trunking and Security17512.2.1 Auto Attendant and Authentication17512.2.2 Peer Call Authentication17612.3 Call Rules17712.4 VoIP Trunking Scenarios17712.4.1 VoIP Phone To PSTN Phone17712.4.2 PSTN Phone To VoIP Phone17712.4.3 PSTN Phone To PSTN Phone via VoIP17812.5 Trunking General Screen17812.6 Trunking Peer Call Screen17912.7 Trunking Call Rule Screen18112.8 VoIP Trunking Example: VoIP to PSTN18312.8.1 Background Information18312.8.2 Configuration Details: Outgoing18312.8.3 Configuration Details: Incoming18412.8.4 Call Progression18512.9 VoIP Trunking Example: PSTN to PSTN via VoIP18512.9.1 Background Information18612.9.2 Configuration Details: Outgoing18612.9.3 Configuration Details: Incoming18812.9.4 Call Progression188Phone Usage19113.1 Dialing a Telephone Number19113.2 Using Speed Dial to Dial a Telephone Number19113.3 Internal Calls19113.4 Using Call Park and Pickup19113.5 Checking the ZyXEL Device’s IP Address19213.6 Auto Provisioning and Auto Firmware Upgrade19213.7 Phone Functions Summary192Firewalls19514.1 Firewall Overview19514.2 Types of Firewalls19514.2.1 Packet Filtering Firewalls19514.2.2 Application-level Firewalls19614.2.3 Stateful Inspection Firewalls19614.3 Introduction to ZyXEL’s Firewall19614.3.1 Denial of Service Attacks19714.4 Denial of Service19714.4.1 Basics19714.4.2 Types of DoS Attacks19814.5 Stateful Inspection20014.5.1 Stateful Inspection Process20114.5.2 Stateful Inspection on Your ZyXEL Device20214.5.3 TCP Security20214.5.4 UDP/ICMP Security20314.5.5 Upper Layer Protocols20314.6 Guidelines for Enhancing Security with Your Firewall20414.6.1 Security In General20414.7 Packet Filtering Vs Firewall20514.7.1 Packet Filtering:20514.7.2 Firewall205Firewall Configuration20715.1 Access Methods20715.2 General Firewall Policy Overview20715.3 Rule Logic Overview20815.3.1 Rule Checklist20815.3.2 Security Ramifications20815.3.3 Key Fields For Configuring Rules20915.4 Connection Direction20915.4.1 LAN to WAN Rules21015.4.2 Alerts21015.5 General Firewall Policy21015.6 Firewall Rules Summary21115.6.1 Configuring Firewall Rules21315.6.2 Customized Services21615.6.3 Configuring A Customized Service21615.7 Example Firewall Rule21715.8 DoS Thresholds22115.8.1 Threshold Values22115.8.2 Half-Open Sessions22215.8.3 Configuring Firewall Thresholds22215.9 Firewall Commands224Content Filtering22716.1 Content Filtering Overview22716.2 Configuring Keyword Blocking22716.3 Configuring the Schedule22816.4 Configuring Trusted Computers229Introduction to IPSec23117.1 VPN Overview23117.1.1 IPSec23117.1.2 Security Association23117.1.3 Other Terminology23117.1.4 VPN Applications23217.2 IPSec Architecture23217.2.1 IPSec Algorithms23317.2.2 Key Management23317.3 Encapsulation23317.3.1 Transport Mode23417.3.2 Tunnel Mode23417.4 IPSec and NAT234VPN Screens23718.1 VPN/IPSec Overview23718.2 IPSec Algorithms23718.2.1 AH (Authentication Header) Protocol23718.2.2 ESP (Encapsulating Security Payload) Protocol23718.3 My IP Address23818.4 Secure Gateway Address23818.4.1 Dynamic Secure Gateway Address23918.5 VPN Setup Screen23918.6 Keep Alive24118.7 VPN, NAT, and NAT Traversal24118.8 Remote DNS Server24218.9 ID Type and Content24318.9.1 ID Type and Content Examples24418.10 Pre-Shared Key24518.11 Editing VPN Policies24518.12 IKE Phases25018.12.1 Negotiation Mode25118.12.2 Diffie-Hellman (DH) Key Groups25118.12.3 Perfect Forward Secrecy (PFS)25118.13 Configuring Advanced IKE Settings25118.14 Manual Key Setup25418.14.1 Security Parameter Index (SPI)25418.15 Configuring Manual Key25418.16 Viewing SA Monitor25718.17 Configuring Global Setting25918.18 Telecommuter VPN/IPSec Examples25918.18.1 Telecommuters Sharing One VPN Rule Example25918.18.2 Telecommuters Using Unique VPN Rules Example26018.19 VPN and Remote Management262Certificates26319.1 Certificates Overview26319.1.1 Advantages of Certificates26419.2 Self-signed Certificates26419.3 Configuration Summary26419.4 My Certificates26519.5 My Certificate Import26619.5.1 Certificate File Formats26719.6 My Certificate Create26819.7 My Certificate Details27019.8 Trusted CAs27319.9 Trusted CA Import27519.10 Trusted CA Details27619.11 Trusted Remote Hosts27819.12 Verifying a Trusted Remote Host’s Certificate28019.12.1 Trusted Remote Host Certificate Fingerprints28019.13 Trusted Remote Hosts Import28119.14 Trusted Remote Host Certificate Details28119.15 Directory Servers28419.16 Directory Server Add and Edit285Static Route28720.1 Static Route28720.2 Configuring Static Route28720.2.1 Static Route Edit288Bandwidth Management29121.1 Bandwidth Management Overview29121.2 Application-based Bandwidth Management29121.3 Auto Classifier29121.4 Subnet-based Bandwidth Management29221.5 Application and Subnet-based Bandwidth Management29321.5.1 Bandwidth Management Priorities29321.6 Configuring Bandwidth Management (General)29321.7 Bandwidth Management Rule Setup29421.7.1 Rule Configuration29521.8 Bandwidth Monitor297Dynamic DNS Setup29922.1 Dynamic DNS Overview29922.1.1 DYNDNS Wildcard29922.2 Configuring Dynamic DNS299Remote Management Configuration30323.1 Remote Management Overview30323.1.1 Remote Management Limitations30423.1.2 Remote Management and NAT30423.1.3 System Timeout30423.2 WWW30423.3 Telnet30523.4 Configuring Telnet30623.5 Configuring FTP30623.6 SNMP30723.6.1 Supported MIBs30823.6.2 SNMP Traps30923.6.3 Configuring SNMP30923.7 Configuring DNS31023.8 Configuring ICMP311Universal Plug-and-Play (UPnP)31324.1 Introducing Universal Plug and Play31324.1.1 How do I know if I'm using UPnP?31324.1.2 NAT Traversal31324.1.3 Cautions with UPnP31324.2 UPnP and ZyXEL31424.2.1 Configuring UPnP31424.3 Installing UPnP in Windows Example31524.4 Using UPnP in Windows XP Example318Maintenance and Troubleshooting325System32725.1 General Setup and System Name32725.1.1 General Setup32725.2 Time Setting329Logs33126.1 Logs Overview33126.1.1 Alerts and Logs33126.2 Viewing the Logs33126.3 Configuring Log Settings33226.4 SMTP Error Messages33426.4.1 Example E-mail Log33526.5 Log Descriptions336Tools34527.1 Introduction34527.2 Filename Conventions34527.3 File Maintenance Over WAN34627.4 Firmware Upgrade Screen34727.5 Backup and Restore34827.5.1 Backup Configuration34927.5.2 Restore Configuration34927.5.3 Reset to Factory Defaults35027.6 Restart35127.7 Using FTP or TFTP to Back Up Configuration35127.7.1 Using the FTP Commands to Back Up Configuration35127.7.2 FTP Command Configuration Backup Example35227.7.3 Configuration Backup Using GUI-based FTP Clients35227.7.4 Backup Configuration Using TFTP35227.7.5 TFTP Command Configuration Backup Example35327.7.6 Configuration Backup Using GUI-based TFTP Clients35327.8 Using FTP or TFTP to Restore Configuration35427.8.1 Restore Using FTP Session Example35427.9 FTP and TFTP Firmware and Configuration File Uploads35427.9.1 FTP File Upload Command from the DOS Prompt Example35527.9.2 FTP Session Example of Firmware File Upload35527.9.3 TFTP File Upload35527.9.4 TFTP Upload Command Example356Diagnostic35728.1 General Diagnostic35728.2 DSL Line Diagnostic357Troubleshooting36129.1 Power, Hardware Connections, and LEDs36129.2 ZyXEL Device Access and Login36229.3 Internet Access36429.4 Phone Calls and VoIP36529.5 Problems With Multiple SIP Accounts36629.5.1 Outgoing Calls36629.5.2 Incoming Calls367Appendices and Index369Product Specifications371Setting up Your Computer’s IP Address381Pop-up Windows, JavaScripts and Java Permissions393IP Addresses and Subnetting399Wireless LANs407Services417Command Interpreter421Internal SPTGEN425Legal Information449Customer Support453Index457Size: 13.9 MBPages: 465Language: EnglishOpen manual