ユーザーガイド目次User’s Guide1Copyright3Certifications4Safety Warnings6ZyXEL Limited Warranty7Customer Support8Table of Contents11List of Figures25List of Tables31Preface35Getting to Know Your Device371.1 Introducing the ZyXEL G-2000 Plus v2371.2 Features371.2.1 Physical Features371.2.2 Firmware Features381.3 Applications for the ZyXEL device431.3.1 Internet Access and Wireless Network431.3.2 Firewall for Secure Broadband Internet Access44Introducing the Web Configurator452.1 Web Configurator Overview452.2 Accessing the ZyXEL device Web Configurator452.3 Resetting the ZyXEL device472.3.1 .Procedure To Use The Reset Button472.3.2 Method of Restoring Factory-Defaults Via Web Configurator472.4 Navigating the ZyXEL device Web Configurator47Wizard Setup513.1 Wizard Setup Overview513.2 General Setup513.3 Wizard Setup Wireless LAN523.3.1 Name (SSID), Channel ID and Security533.3.2 Configuring WEP or WPA(2)-PSK Security543.3.3 Confirm Security Settings553.4 Wizard Setup WAN563.4.1 Ethernet563.4.2 PPPoE Encapsulation583.4.3 PPTP Encapsulation593.5 Wizard Setup WAN IP613.5.1 WAN IP Address Assignment613.5.2 IP Address and Subnet Mask613.5.3 DNS Server Address Assignment623.5.4 WAN MAC Address623.6 Basic Setup Complete64System Screens674.1 System Overview674.2 Configuring General Setup674.3 Dynamic DNS684.3.1 DynDNS Wildcard684.4 Configuring Dynamic DNS694.5 Configuring Password704.6 Configuring Time Setting71LAN Screens735.1 LAN Overview735.2 DHCP Setup735.2.1 IP Pool Setup735.2.2 System DNS Servers735.3 LAN TCP/IP735.3.1 Factory LAN Defaults735.3.2 IP Address and Subnet Mask745.3.3 RIP Setup745.3.4 Multicast745.4 Configuring IP755.5 Configuring Static DHCP785.6 Configuring IP Alias79Wireless LAN816.1 Wireless Network Overview816.2 Wireless Security Overview826.2.1 SSID826.2.2 MAC Address Filter826.2.3 User Authentication826.2.4 Encryption836.3 Additional Wireless Terms846.4 Configuring Wireless846.5 Wireless Security - No Security866.6 Configuring WEP Encryption876.7 Configuring WPA(2)-PSK Authentication896.8 Configuring WPA(2) Authentication916.9 Configuring RADIUS936.10 Configuring 802.1x956.11 MAC Filter976.12 Configuring Roaming99WAN1017.1 WAN Overview1017.2 Configuring WAN ISP1017.2.1 Ethernet Encapsulation1017.2.1.1 Service Type1027.2.2 PPPoE Encapsulation1037.2.3 PPTP Encapsulation1057.3 Configuring WAN IP1077.4 Configuring WAN MAC110Single User Account (SUA) / Network Address Translation (NAT)1138.1 NAT Overview1138.1.1 NAT Definitions1138.1.2 What NAT Does1148.1.3 How NAT Works1148.1.4 NAT Application1158.1.5 NAT Mapping Types1168.2 Using NAT1178.2.1 SUA (Single User Account) Versus NAT1178.3 SUA Server1178.3.1 Default Server IP Address1188.3.2 Port Forwarding: Services and Port Numbers1188.3.3 Configuring Servers Behind SUA (Example)1198.4 Configuring SUA Server1198.5 Configuring Address Mapping1218.5.1 Configuring Address Mapping1238.6 Trigger Port Forwarding1258.6.1 Trigger Port Forwarding Example1268.6.2 Two Points To Remember About Trigger Ports1268.7 Configuring Trigger Port Forwarding126Static Route Screens1299.1 Static Route Overview1299.2 Configuring IP Static Route1299.2.1 Configuring Route Entry131Firewalls13310.1 Firewall Overview13310.2 Types of Firewalls13310.2.1 Packet Filtering Firewalls13310.2.2 Application-level Firewalls13310.2.3 Stateful Inspection Firewalls13410.3 Introduction to ZyXEL’s Firewall13410.4 Denial of Service13510.4.1 Basics13510.4.2 Types of DoS Attacks13610.4.2.1 ICMP Vulnerability13910.4.2.2 Traceroute13910.5 Stateful Inspection14010.5.1 Stateful Inspection Process14010.5.2 Stateful Inspection and the ZyXEL device14110.5.3 TCP Security14210.5.4 UDP/ICMP Security14210.5.5 Upper Layer Protocols14210.6 Guidelines For Enhancing Security With Your Firewall14310.7 Packet Filtering Vs Firewall14310.7.1 Packet Filtering:14310.7.1.1 When To Use Filtering14410.7.2 Firewall14410.7.2.1 When To Use The Firewall144Firewall Screens14511.1 Access Methods14511.2 Firewall Policies Overview14511.3 Rule Logic Overview14611.3.1 Rule Checklist14611.3.2 Security Ramifications14611.3.3 Key Fields For Configuring Rules14711.3.3.1 Action14711.3.3.2 Service14711.3.3.3 Source Address14711.3.3.4 Destination Address14711.4 Connection Direction Examples14711.4.1 LAN to WAN Rules14811.4.2 WAN to LAN Rules14811.5 Alerts14911.6 Configuring Firewall14911.6.1 Rule Summary15011.6.2 Configuring Firewall Rules15211.6.3 Configuring Custom Services15511.7 Example Firewall Rule15611.8 Predefined Services159Content Filtering16312.1 Introduction to Content Filtering16312.2 Restrict Web Features16312.3 Days and Times16312.4 Configure Content Filtering163Remote Management Screens16713.1 Remote Management Overview16713.1.1 Remote Management Limitations16713.1.2 Remote Management and NAT16813.1.3 System Timeout16813.2 Configuring WWW16813.3 Configuring TELNET16913.4 Configuring FTP17113.5 SNMP17213.5.1 Supported MIBs17313.5.2 SNMP Traps17313.5.3 Configuring SNMP17413.6 Configuring DNS17513.7 Configuring Security176UPnP17914.1 Universal Plug and Play Overview17914.1.1 How Do I Know If I'm Using UPnP?17914.1.2 NAT Traversal17914.1.3 Cautions with UPnP17914.2 UPnP and ZyXEL18014.3 Configuring UPnP18014.4 Installing UPnP in Windows Example18114.4.1 Installing UPnP in Windows Me18114.4.2 Installing UPnP in Windows XP18214.5 Using UPnP in Windows XP Example18314.5.1 Auto-discover Your UPnP-enabled Network Device18414.5.2 Web Configurator Easy Access18514.5.3 Web Configurator Easy Access186Internal RADIUS Server18915.1 Internal RADIUS Overview18915.2 Internal RADIUS Server Setting19115.3 Trusted AP Overview19315.4 Configuring Trusted AP19415.5 Trusted Users Overview19515.6 Configuring Trusted Users195Certificates19916.1 Certificates Overview19916.1.1 Advantages of Certificates20016.2 Self-signed Certificates20016.3 Configuration Summary20016.4 My Certificates20016.5 Certificate File Formats20316.6 Importing a Certificate20316.7 Creating a Certificate20416.8 My Certificate Details20716.9 Trusted CAs21016.10 Importing a Trusted CA’s Certificate21216.11 Trusted CA Certificate Details213Log Screens21717.1 Configuring View Log21717.2 Configuring Log Settings21817.3 Configuring Reports221Maintenance22318.1 Maintenance Overview22318.2 System Status Screen22318.2.1 System Statistics22518.3 DHCP Table Screen22518.4 Association List22718.5 F/W Upload Screen22818.6 Configuration Screen23018.6.1 Backup Configuration23118.6.2 Restore Configuration23118.6.3 Back to Factory Defaults23318.7 Restart Screen233Introducing the SMT23519.1 SMT Introduction23519.2 Connect to your ZyXEL device Using Telnet23519.2.1 Entering Password23519.3 Changing the System Password23619.4 ZyXEL device SMT Menu Overview Example23619.5 Navigating the SMT Interface23719.5.1 System Management Terminal Interface Summary23919.6 Changing the System Password239General Setup24120.1 General Setup24120.1.1 Procedure To Configure Menu 124120.1.2 Procedure to Configure Dynamic DNS243Menu 2 WAN Setup24521.1 Introduction to WAN24521.2 WAN Setup245LAN Setup24722.1 LAN Setup24722.1.1 General Ethernet Setup24722.2 Protocol Dependent Ethernet Setup24822.3 TCP/IP Ethernet Setup and DHCP24822.3.1 IP Alias Setup25022.4 Wireless LAN Setup25222.4.1 Configuring MAC Address Filter254Internet Access25723.1 Introduction to Internet Access Setup25723.2 Ethernet Encapsulation25723.3 Configuring the PPTP Client25823.4 Configuring the PPPoE Client26023.5 Basic Setup Complete261Remote Node Configuration26324.1 Introduction to Remote Node Setup26324.2 Remote Node Profile Setup26324.2.1 Ethernet Encapsulation26324.2.2 PPPoE Encapsulation26624.2.2.1 Outgoing Authentication Protocol26624.2.2.2 Nailed-Up Connection26624.2.3 PPTP Encapsulation26724.3 Edit IP26924.4 Remote Node Filter271Static Route Setup27325.1 IP Static Route Setup273Dial-in User Setup27526.1 Dial-in User Setup275Network Address Translation (NAT)27727.1 Using NAT27727.1.1 SUA (Single User Account) Versus NAT27727.2 Applying NAT27727.3 NAT Setup27927.3.1 Address Mapping Sets27927.3.1.1 User-Defined Address Mapping Sets28127.3.1.2 Ordering Your Rules28227.4 Configuring a Server behind NAT28427.5 General NAT Examples28527.5.1 Example 1: Internet Access Only28627.5.2 Example 2: Internet Access with an Inside Server28627.5.3 Example 3: Multiple Public IP Addresses With Inside Servers28727.5.4 Example 4: NAT Unfriendly Application Programs29127.6 Configuring Trigger Port Forwarding292Filter Configuration29528.1 Introduction to Filters29528.1.1 The Filter Structure of the ZyXEL device29628.2 Configuring a Filter Set29728.2.1 Configuring a Filter Rule30028.2.2 Configuring a TCP/IP Filter Rule30028.2.3 Configuring a Generic Filter Rule30428.3 Example Filter30628.4 Filter Types and NAT30928.5 Firewall Versus Filters30928.6 Applying a Filter30928.6.1 Applying LAN Filters30928.6.2 Applying Remote Node Filters310Enabling the Firewall31129.1 Remote Management and the Firewall31129.2 Access Methods31129.3 Enabling the Firewall311SNMP Configuration31330.1 About SNMP31330.2 Supported MIBs31430.3 SNMP Configuration31430.4 SNMP Traps315System Security31731.1 System Security31731.1.1 System Password31731.1.2 Configuring External RADIUS Server31731.1.3 802.1x319System Information and Diagnosis32332.1 System Status32332.2 System Information32532.2.1 System Information32532.2.2 Console Port Speed32632.3 Log and Trace32632.3.1 Viewing Error Log32632.3.2 UNIX Syslog32732.3.2.1 CDR32832.3.2.2 Packet triggered32832.3.2.3 Filter log32932.3.2.4 PPP log32932.3.2.5 Firewall log33032.3.3 Call-Triggering Packet33032.4 Diagnostic33132.4.1 WAN DHCP332Firmware and Configuration File Maintenance33533.1 Filename Conventions33533.2 Backup Configuration33633.2.1 Backup Configuration Using FTP33633.2.2 Using the FTP command from the DOS Prompt33733.2.3 GUI-based FTP Clients33833.2.4 TFTP and FTP over WAN Management Limitations33833.2.5 Backup Configuration Using TFTP33933.2.6 Example: TFTP Command33933.2.7 GUI-based TFTP Clients34033.3 Restore Configuration34033.3.1 Restore Using FTP34033.3.2 Restore Using FTP Session Example34133.4 Uploading Firmware and Configuration Files34233.4.1 Firmware Upload34233.4.2 Configuration File Upload34333.4.3 Using the FTP command from the DOS Prompt Example34333.4.4 TFTP File Upload34433.4.5 Example: TFTP Command345System Maintenance and Information34734.1 Command Interpreter Mode34734.2 Call Control Support34834.2.1 Budget Management34934.2.2 Call History35034.3 Time and Date Setting35134.3.1 Resetting the Time353Remote Management35535.1 Remote Management35535.1.1 Telnet35635.1.2 FTP35735.1.3 Web35735.1.4 Remote Management Limitations35735.2 Remote Management and NAT35735.3 System Timeout358Call Scheduling35936.1 Introduction to Call Scheduling359Troubleshooting363Problems Starting Up the ZyXEL device363Problems with the Ethernet Interface363Problems with the Password364Problems with Telnet364Problems with the WLAN Interface364Product Specifications365Brute-Force Password Guessing Protection367Example367Setting up Your Computer’s IP Address369Windows 95/98/Me369Installing Components370Configuring371Verifying Settings372Windows 2000/NT/XP372Verifying Settings376Macintosh OS 8/9376Verifying Settings378Macintosh OS X378Verifying Settings379IP Address Assignment Conflicts381Case A: The ZyXEL device is using the same LAN and WAN IP addresses381Case B: The ZyXEL device LAN IP address conflicts with the DHCP client IP address381Case C: The Subscriber IP address is the same as the IP address of a network device382Case D: Two or more subscribers have the same IP address.382IP Subnetting385IP Addressing385IP Classes385Subnet Masks386Subnetting386Example: Two Subnets387Example: Four Subnets389Example Eight Subnets390Subnetting With Class A and Class B Networks.391Command Interpreter393Command Syntax393Command Usage393Log Descriptions395Log Commands396Configuring What You Want the ZyXEL device to Log397Displaying Logs397Log Command Example398Wireless LAN and IEEE 802.11399Benefits of a Wireless LAN399IBSS399BSS400ESS401Wireless LAN Basics402RTS/CTS402Fragmentation Threshold403IEEE 802.11404Wireless LAN Security405IEEE 802.11g Wireless LAN405IEEE 802.1x405RADIUS406Types of RADIUS Messages406Types of Authentication407EAP-MD5 (Message-Digest Algorithm 5)407EAP-TLS (Transport Layer Security)407EAP-TTLS (Tunneled Transport Layer Service)407PEAP (Protected EAP)408LEAP408Dynamic WEP Key Exchange408WEP Authentication408WPA(2)410Encryption410User Authentication411Wireless Client WPA Supplicants411WPA with RADIUS Application Example411Security Parameters Summary413RADIUS Server Authentication Sequence414Mutual Authentication with Internal RADIUS server.414Types of EAP Authentication417EAP-MD5 (Message-Digest Algorithm 5)417EAP-TLS (Transport Layer Security)417EAP-TTLS (Tunneled Transport Layer Service)417PEAP (Protected EAP)418LEAP418Roaming419Roaming Overview419Requirements for Roaming420Antenna Selection and Positioning Recommendation421Antenna Characteristics421Frequency421Radiation Pattern421Antenna Gain421Types of Antennas For WLAN422Positioning Antennas422Connector Type422Triangle Route423The Ideal Setup423The “Triangle Route” Problem423The “Triangle Route” Solutions424IP Aliasing424Gateways on the WAN Side425Numerics427A427B428C428D429E429F430G431H431I431J432K432L432M433N433O434P434Q435R435S436T438U439V439W439Z440サイズ: 12.1MBページ数: 440Language: Englishマニュアルを開く
リリースノート目次Firmware Release Note1Release 3.60(AAF.1)C01Date: June 15, 20062ZyXEL ZyAIR G-2000PLUS v22Modification in 3.60(AAF.1)C0 | 06/15/20063Modification in 3.60(AAF.0)C0 | 05/09/20063Modification in 3.60(AAF.0)b4 | 05/03/20063Modification in 3.60(AAF.0)b3 | 04/20/20064Modification in 3.60(AAF.0)b2 | 04/07/20064Modification in 3.60(AAF.0)b1 | 02/22/20065Command Class List Table5サイズ: 190KBページ数: 10Language: Englishマニュアルを開く