User Guide
Page 9
... to Know Your NBG-460N 23 The WPS Button ...29 Introducing the Web Configurator 31 Connection Wizard ...45 Tutorials ...63 AP Mode ...81 Network ...89 Wireless LAN ...91 WAN ...123 LAN ...139 DHCP ...147 Network Address Translation (NAT 153 Dynamic DNS ...163 Security ...167 Firewall ...169 Content Filtering ...179 IPSec VPN ...185 Management...
... to Know Your NBG-460N 23 The WPS Button ...29 Introducing the Web Configurator 31 Connection Wizard ...45 Tutorials ...63 AP Mode ...81 Network ...89 Wireless LAN ...91 WAN ...123 LAN ...139 DHCP ...147 Network Address Translation (NAT 153 Dynamic DNS ...163 Security ...167 Firewall ...169 Content Filtering ...179 IPSec VPN ...185 Management...
User Guide
Page 12
... 5.2.1 Configure Wireless Security Using WPS on both your NBG-460N and Wireless Client 63 5.2.2 Enable and Configure Wireless Security without WPS on your NBG-460N 67 5.2.3 Configure Your Notebook 68 5.3 Site-To-Site VPN Tunnel Tutorial 70 5.3.1 Configuring Bob's NBG-460N VPN Settings 71 5.3.2 Configuring Jack's NBG-460N VPN Settings 73 5.3.3 Checking the VPN Connection 75 5.4 Bandwidth Management for your Network 76...
... 5.2.1 Configure Wireless Security Using WPS on both your NBG-460N and Wireless Client 63 5.2.2 Enable and Configure Wireless Security without WPS on your NBG-460N 67 5.2.3 Configure Your Notebook 68 5.3 Site-To-Site VPN Tunnel Tutorial 70 5.3.1 Configuring Bob's NBG-460N VPN Settings 71 5.3.2 Configuring Jack's NBG-460N VPN Settings 73 5.3.3 Checking the VPN Connection 75 5.4 Bandwidth Management for your Network 76...
User Guide
Page 16
... ...183 14.6.1 Customizing Keyword Blocking URL Checking 184 Chapter 15 IPSec VPN...185 15.1 Overview ...185 15.2 What You Can Do ...185 ...15.4 The General Screen ...188 15.4.1 VPN Rule Setup (Basic 189 15.4.2 VPN Rule Setup (Advanced 194 15.4.3 VPN Rule Setup (Manual 201 15.5 The...VPN and Remote Management 206 15.6.2 IKE SA Proposal ...207 15.6.3 Diffie-Hellman (DH) Key Exchange 208 15.6.4 Authentication ...208 15.6.5 Negotiation Mode 209 15.6.6 VPN... SA Proposal and Perfect Forward Secrecy 212 15.6.10 Additional IPSec VPN Topics 212 Part IV: Management 215 Chapter 16 Static Route ...217...
... ...183 14.6.1 Customizing Keyword Blocking URL Checking 184 Chapter 15 IPSec VPN...185 15.1 Overview ...185 15.2 What You Can Do ...185 ...15.4 The General Screen ...188 15.4.1 VPN Rule Setup (Basic 189 15.4.2 VPN Rule Setup (Advanced 194 15.4.3 VPN Rule Setup (Manual 201 15.5 The...VPN and Remote Management 206 15.6.2 IKE SA Proposal ...207 15.6.3 Diffie-Hellman (DH) Key Exchange 208 15.6.4 Authentication ...208 15.6.5 Negotiation Mode 209 15.6.6 VPN... SA Proposal and Perfect Forward Secrecy 212 15.6.10 Additional IPSec VPN Topics 212 Part IV: Management 215 Chapter 16 Static Route ...217...
User Guide
Page 23
...management to Section 8.3.3 on this. • WAN. Additionally, you to Know Your NBG-460N 1.1 Overview This chapter introduces the main features and applications of services such as a firewall, IPSec VPN and content filtering are also available for details on page 126 for more information.) ...1.2 Applications Your can configure your NBG-460N to have a port for Internet access. See Section 1.3 on your Internet...
...management to Section 8.3.3 on this. • WAN. Additionally, you to Know Your NBG-460N 1.1 Overview This chapter introduces the main features and applications of services such as a firewall, IPSec VPN and content filtering are also available for details on page 126 for more information.) ...1.2 Applications Your can configure your NBG-460N to have a port for Internet access. See Section 1.3 on your Internet...
User Guide
Page 26
...This establishes a network security barrier, protecting your network and the Internet. Line commands are not in the same subnet.) VPN YES A virtual private network (VPN) provides secure communications between your network from a DHCP server. AP Mode FEATURE ROUTER MODE DHCP YES This allows individual... -site lines. Wireless YES This allows two or more devices to communicate without the expense of leased site-to Manage the NBG-460N Use any of the following table shows which features are available in Router Mode vs. This is recommended for firmware upgrades and...
...This establishes a network security barrier, protecting your network and the Internet. Line commands are not in the same subnet.) VPN YES A virtual private network (VPN) provides secure communications between your network from a DHCP server. AP Mode FEATURE ROUTER MODE DHCP YES This allows individual... -site lines. Wireless YES This allows two or more devices to communicate without the expense of leased site-to Manage the NBG-460N Use any of the following table shows which features are available in Router Mode vs. This is recommended for firmware upgrades and...
User Guide
Page 36
...the firewall. When this screen to view the active VPN connections. Memory Usage This shows what percentage of the heap memory the NBG-460N is not going to devices not in the same subnet as the NBG-460N. Configuration Mode This shows whether the advanced screens of...(ZyXEL Network Operating System) and is disconnected. Chapter 3 Introducing the Web Configurator Table 4 Web Configurator Status Screen (continued) LABEL DESCRIPTION System Resource - System Setting - The port types are currently associated to the memory that is not used . Use this screen to view the NBG-460N's...
...the firewall. When this screen to view the active VPN connections. Memory Usage This shows what percentage of the heap memory the NBG-460N is not going to devices not in the same subnet as the NBG-460N. Configuration Mode This shows whether the advanced screens of...(ZyXEL Network Operating System) and is disconnected. Chapter 3 Introducing the Web Configurator Table 4 Web Configurator Status Screen (continued) LABEL DESCRIPTION System Resource - System Setting - The port types are currently associated to the memory that is not used . Use this screen to view the NBG-460N's...
User Guide
Page 38
... the Web Configurator Table 5 Screens Summary LINK TAB FUNCTION NAT General Use this screen to enable bandwidth management. VPN General Use this screen to manage the NBG-460N. Use this screen to configure through which interface(s) and from which IP address(es) users can use Telnet ... this screen to configure servers behind the NBG460N. Application Use this screen to enable UPnP on the NBG-460N. DNS Use this screen to display and manage active VPN connections. UPnP General Use this screen to configure through which interface(s) and from which IP address(es...
... the Web Configurator Table 5 Screens Summary LINK TAB FUNCTION NAT General Use this screen to enable bandwidth management. VPN General Use this screen to manage the NBG-460N. Use this screen to configure through which interface(s) and from which IP address(es) users can use Telnet ... this screen to configure servers behind the NBG460N. Application Use this screen to enable UPnP on the NBG-460N. DNS Use this screen to display and manage active VPN connections. UPnP General Use this screen to configure through which interface(s) and from which IP address(es...
User Guide
Page 42
...button to apply the new poll interval you entered in the Poll Interval(s) field. Table 8 Summary: VPN Monitor LABEL DESCRIPTION # This is the total time the NBG-460N has been on. IPSec Algorithm This field displays the security protocols used for this port. Refresh Both... to update the screen's statistics immediately. 42 NBG-460N User's Guide Set Interval Click this field. Click the Refresh button to stop refreshing statistics. 3.5.6 Summary: VPN Monitor Click the VPN Monitor (Details...) hyperlink in bytes per second on this VPN tunnel. A Security Association (SA) is the...
...button to apply the new poll interval you entered in the Poll Interval(s) field. Table 8 Summary: VPN Monitor LABEL DESCRIPTION # This is the total time the NBG-460N has been on. IPSec Algorithm This field displays the security protocols used for this port. Refresh Both... to update the screen's statistics immediately. 42 NBG-460N User's Guide Set Interval Click this field. Click the Refresh button to stop refreshing statistics. 3.5.6 Summary: VPN Monitor Click the VPN Monitor (Details...) hyperlink in bytes per second on this VPN tunnel. A Security Association (SA) is the...
User Guide
Page 53
... associated with NAT, all of your ISP. Chapter 4 Connection Wizard By implementing PPPoE directly on the NBG-460N (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the NBG-460N does that enables transfers of the task. Refer to continue. Next Click Next to the appendix for... Back to return to -Point Tunneling Protocol (PPTP) is a network protocol that part of data from a remote client to a private server, creating a Virtual Private Network (VPN) using TCP/IP-based networks. NBG-460N User's Guide 53
... associated with NAT, all of your ISP. Chapter 4 Connection Wizard By implementing PPPoE directly on the NBG-460N (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the NBG-460N does that enables transfers of the task. Refer to continue. Next Click Next to the appendix for... Back to return to -Point Tunneling Protocol (PPTP) is a network protocol that part of data from a remote client to a private server, creating a Virtual Private Network (VPN) using TCP/IP-based networks. NBG-460N User's Guide 53
User Guide
Page 63
... 63 This example uses the NBG-460N as the AP and NWD210N as follows: • How to Connect to the Internet from an AP • Site-To-Site VPN Tunnel Tutorial • Bandwidth Management for your Network 5.2 How to Connect to the Internet from an AP This section gives you an example ... AP wirelessly. There are two WPS methods for example, a WPS USB adapter or PCI card). CHAPTER 5 Tutorials 5.1 Overview This chapter provides tutorials for your NBG-460N as the wireless client which connects to do both your NBG-460N and Wireless Client This section gives you how to a notebook.
... 63 This example uses the NBG-460N as the AP and NWD210N as follows: • How to Connect to the Internet from an AP • Site-To-Site VPN Tunnel Tutorial • Bandwidth Management for your Network 5.2 How to Connect to the Internet from an AP This section gives you an example ... AP wirelessly. There are two WPS methods for example, a WPS USB adapter or PCI card). CHAPTER 5 Tutorials 5.1 Overview This chapter provides tutorials for your NBG-460N as the wireless client which connects to do both your NBG-460N and Wireless Client This section gives you how to a notebook.
User Guide
Page 70
... This tutorial covers how to configure their offices. Table 23 Site-To-Site VPN Tunnel Settings SETTING BOB'S NBG-460N Active YES IPSec Keying IKE Mode JACK'S NBG-460N YES IKE 70 NBG-460N User's Guide Chapter 5 Tutorials 7 Check the status of your wireless connection in... the address bar. Figure 39 Link Status 8 If your connection is successful, open your Internet browser and enter http:// www.zyxel...
... This tutorial covers how to configure their offices. Table 23 Site-To-Site VPN Tunnel Settings SETTING BOB'S NBG-460N Active YES IPSec Keying IKE Mode JACK'S NBG-460N YES IKE 70 NBG-460N User's Guide Chapter 5 Tutorials 7 Check the status of your wireless connection in... the address bar. Figure 39 Link Status 8 If your connection is successful, open your Internet browser and enter http:// www.zyxel...
User Guide
Page 71
... 71 Make sure IKE is selected as the IPSec Keying Mode. Chapter 5 Tutorials Table 23 Site-To-Site VPN Tunnel Settings (continued) SETTING BOB'S NBG-460N JACK'S NBG-460N Local Address 192.168.1.35 10.0.0.7 Local Address End /Mask 192.168.1.35 10.0.0.7 Remote Address 10.0.0.7 192... ESP ESP Pre-Shared Key ThisIsMySecretKey ThisIsMySecretKey Encryption Algorithm 3DES 3DES Authentication Algorithm SHA1 SHA1 5.3.1 Configuring Bob's NBG-460N VPN Settings To configure these settings Bob uses the NBG-460N Web Configurator. 1 Log into the NBG-460N Web Configurator and click...
... 71 Make sure IKE is selected as the IPSec Keying Mode. Chapter 5 Tutorials Table 23 Site-To-Site VPN Tunnel Settings (continued) SETTING BOB'S NBG-460N JACK'S NBG-460N Local Address 192.168.1.35 10.0.0.7 Local Address End /Mask 192.168.1.35 10.0.0.7 Remote Address 10.0.0.7 192... ESP ESP Pre-Shared Key ThisIsMySecretKey ThisIsMySecretKey Encryption Algorithm 3DES 3DES Authentication Algorithm SHA1 SHA1 5.3.1 Configuring Bob's NBG-460N VPN Settings To configure these settings Bob uses the NBG-460N Web Configurator. 1 Log into the NBG-460N Web Configurator and click...
User Guide
Page 72
... Tutorial: Remote Policy 5 Enter the IP address "1.1.1.1" in the Peer Content text box. This is the same as Bob only wants Jack to identify Bob's NBG-460N. This is Jack's Local Content WAN IP address. Enter "2.2.2.2" in the My IP Address text box. This is the same as the Peer ID Type...-Shared Key. Chapter 5 Tutorials 3 Enter the IP address "192.168.1.35" in the Local Address End/Mask text box. This is the password for the VPN tunnel that will be used to access this single IP address. Enter the IP address "192.168.1.35" in the Local Address text box. Enter...
... Tutorial: Remote Policy 5 Enter the IP address "1.1.1.1" in the Peer Content text box. This is the same as Bob only wants Jack to identify Bob's NBG-460N. This is Jack's Local Content WAN IP address. Enter "2.2.2.2" in the My IP Address text box. This is the same as the Peer ID Type...-Shared Key. Chapter 5 Tutorials 3 Enter the IP address "192.168.1.35" in the Local Address End/Mask text box. This is the password for the VPN tunnel that will be used to access this single IP address. Enter the IP address "192.168.1.35" in the Local Address text box. Enter...
User Guide
Page 73
... algorithm as the encyption algorithm. The new VPN rule is selected as shown below. Figure 47 Tutorial: Property NBG-460N User's Guide 73 This displays the VPN Rule Setup (basic) screen. 2 Select the Active checkbox to the VPN Summary screen. Chapter 5 Tutorials 11 Select 3DES...new rule and click VPN to return to enable the VPN rule after it has been created. Figure 46 Tutorial: VPN Summary 5.3.2 Configuring Jack's NBG-460N VPN Settings To configure these settings Jack uses the NBG-460N Web Configurator. 1 Log into the NBG-460N Web Configurator and click VPN > Modify icon.
... algorithm as the encyption algorithm. The new VPN rule is selected as shown below. Figure 47 Tutorial: Property NBG-460N User's Guide 73 This displays the VPN Rule Setup (basic) screen. 2 Select the Active checkbox to the VPN Summary screen. Chapter 5 Tutorials 11 Select 3DES...new rule and click VPN to return to enable the VPN rule after it has been created. Figure 46 Tutorial: VPN Summary 5.3.2 Configuring Jack's NBG-460N VPN Settings To configure these settings Jack uses the NBG-460N Web Configurator. 1 Log into the NBG-460N Web Configurator and click VPN > Modify icon.
User Guide
Page 74
... IP address of Jack's computer. This value is Bob's Local ID Type. This is the type of content that only Bob and Jack know. 74 NBG-460N User's Guide This is Jack's WAN IP address. 6 Select IP as Jack only wants Bob to access this single IP address. Enter "1.1.1.1" in the Remote.... 8 Select IP as the Pre-Shared Key. Enter the IP address "10.0.0.7" in the Secure Gateway Address text box. This is the password for the VPN tunnel that will be used to Bob's NBG-460N. 7 Enter the IP address "1.1.1.1" in the Local Address End/Mask text box. This identifies Jack...
... IP address of Jack's computer. This value is Bob's Local ID Type. This is the type of content that only Bob and Jack know. 74 NBG-460N User's Guide This is Jack's WAN IP address. 6 Select IP as Jack only wants Bob to access this single IP address. Enter "1.1.1.1" in the Remote.... 8 Select IP as the Pre-Shared Key. Enter the IP address "10.0.0.7" in the Secure Gateway Address text box. This is the password for the VPN tunnel that will be used to Bob's NBG-460N. 7 Enter the IP address "1.1.1.1" in the Local Address End/Mask text box. This identifies Jack...
User Guide
Page 75
...save the new rule and click VPN in the Web Configurator menu to return to the VPN Summary screen. Figure 52 Tutorial: VPN Summary 5.3.3 Checking the VPN Connection Check if the VPN connection is pinging Jack's computer. Figure 53 Pinging Jack's Local IP Address NBG-460N User's Guide 75 In the ...example below . The new VPN rule is displayed as shown ...
...save the new rule and click VPN in the Web Configurator menu to return to the VPN Summary screen. Figure 52 Tutorial: VPN Summary 5.3.3 Checking the VPN Connection Check if the VPN connection is pinging Jack's computer. Figure 53 Pinging Jack's Local IP Address NBG-460N User's Guide 75 In the ...example below . The new VPN rule is displayed as shown ...
User Guide
Page 76
... If pinging is successful which means a VPN tunnel has been established between Bob and Jack's NBG-460Ns. Chapter 5 Tutorials Pinging is not successful check the VPN settings on an application or subnet. Congratulations! Use the Management > Bandwidth MGMT > Advanced screen to prioritize VoIP, e-mail and MSN Messenger services. ZyXEL's bandwidth management feature allows you still...
... If pinging is successful which means a VPN tunnel has been established between Bob and Jack's NBG-460Ns. Chapter 5 Tutorials Pinging is not successful check the VPN settings on an application or subnet. Congratulations! Use the Management > Bandwidth MGMT > Advanced screen to prioritize VoIP, e-mail and MSN Messenger services. ZyXEL's bandwidth management feature allows you still...
User Guide
Page 134
PPTP supports on-demand, multi-protocol and virtual private networking over public networks, such as the Internet. Chapter 8 WAN 8.4.3 PPTP Encapsulation Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables secure transfer of data from a remote client to a private server, creating a Virtual Private Network (VPN) using TCP/IP-based networks. This screen displays when you select PPTP encapsulation. Figure 91 Network > WAN > Internet Connection: PPTP Encapsulation 134 NBG-460N User's Guide
PPTP supports on-demand, multi-protocol and virtual private networking over public networks, such as the Internet. Chapter 8 WAN 8.4.3 PPTP Encapsulation Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables secure transfer of data from a remote client to a private server, creating a Virtual Private Network (VPN) using TCP/IP-based networks. This screen displays when you select PPTP encapsulation. Figure 91 Network > WAN > Internet Connection: PPTP Encapsulation 134 NBG-460N User's Guide
User Guide
Page 135
...Select this field if you by your identification name for the PPTP server. Retype to a private server, creating a Virtual Private Network (VPN) using TCP/IP-based networks. Unless you are implementing subnetting, use the subnet mask computed by your password again to time out. This... automatically from the PPTP server. To configure a PPTP client, you do not want the connection to make sure that elapses before the NBG-460N automatically disconnects from ISP Select this screen. Use Fixed IP Address Select this option If the ISP assigned a fixed IP address. Chapter ...
...Select this field if you by your identification name for the PPTP server. Retype to a private server, creating a Virtual Private Network (VPN) using TCP/IP-based networks. Unless you are implementing subnetting, use the subnet mask computed by your password again to time out. This... automatically from the PPTP server. To configure a PPTP client, you do not want the connection to make sure that elapses before the NBG-460N automatically disconnects from ISP Select this screen. Use Fixed IP Address Select this option If the ISP assigned a fixed IP address. Chapter ...
User Guide
Page 185
Figure 117 IPSec VPN: Overview The VPN tunnel connects the NBG-460N (X) and the remote IPSec router (Y). It is a standards-based VPN that uses TCP/IP for secure data communications across a public network like the Internet. Internet Protocol Security (IPSec) is used... to provide confidentiality, data integrity and authentication at the IP layer. IPSec is a combination of leased site-to display and manage the NBG-460N's VPN rules (tunnels). NBG-460N User's Guide 185 These routers then connect the local network (A) and remote network (B). 15.2 What You Can Do • Use ...
Figure 117 IPSec VPN: Overview The VPN tunnel connects the NBG-460N (X) and the remote IPSec router (Y). It is a standards-based VPN that uses TCP/IP for secure data communications across a public network like the Internet. Internet Protocol Security (IPSec) is used... to provide confidentiality, data integrity and authentication at the IP layer. IPSec is a combination of leased site-to display and manage the NBG-460N's VPN rules (tunnels). NBG-460N User's Guide 185 These routers then connect the local network (A) and remote network (B). 15.2 What You Can Do • Use ...