Quick Start Guide
Page 6
... not provide them. For more information. 2 If you enable OTIST but select Disable wireless security using the wireless wizard, the P662HW-D will reset the P-662HW-D to five seconds. Do not change default settings if your wireless clients support WPA and OTIST. Do not hold in Internet ... click Start in any level lower than High in Internet Explorer (in the RESET button for one to the factory defaults. To start OTIST on the P-662HW-D, use it instead of the P-662HW-D. OTIST ZyXEL's One-Touch Intelligent Security Technology (OTIST) feature allows you cannot access the web...
... not provide them. For more information. 2 If you enable OTIST but select Disable wireless security using the wireless wizard, the P662HW-D will reset the P-662HW-D to five seconds. Do not change default settings if your wireless clients support WPA and OTIST. Do not hold in Internet ... click Start in any level lower than High in Internet Explorer (in the RESET button for one to the factory defaults. To start OTIST on the P-662HW-D, use it instead of the P-662HW-D. OTIST ZyXEL's One-Touch Intelligent Security Technology (OTIST) feature allows you cannot access the web...
User Guide
Page 11
......23 List of Tables...31 Part I: Introduction and Wizards 37 Chapter 1 Getting To Know Your ZyXEL Device 39 1.1 Introducing the ZyXEL Device 39 1.1.1 Applications of the ZyXEL Device 39 1.1.2 Firewall for Secure Broadband Internet Access 40 1.1.3 Front Panel LEDs ...41 Chapter ...2 Introducing the Web Configurator 43 2.1 Web Configurator Overview 43 2.2 Accessing the Web Configurator 43 2.3 Resetting the ZyXEL Device 46 2.3.1 Using the Reset Button 46 2.4 Navigating the Web Configurator 47 2.4.1 Navigation Panel ...47 2.4.2 Status Screen ...50 2.4.3 Status: Any IP ...
......23 List of Tables...31 Part I: Introduction and Wizards 37 Chapter 1 Getting To Know Your ZyXEL Device 39 1.1 Introducing the ZyXEL Device 39 1.1.1 Applications of the ZyXEL Device 39 1.1.2 Firewall for Secure Broadband Internet Access 40 1.1.3 Front Panel LEDs ...41 Chapter ...2 Introducing the Web Configurator 43 2.1 Web Configurator Overview 43 2.2 Accessing the Web Configurator 43 2.3 Resetting the ZyXEL Device 46 2.3.1 Using the Reset Button 46 2.4 Navigating the Web Configurator 47 2.4.1 Navigation Panel ...47 2.4.2 Status Screen ...50 2.4.3 Status: Any IP ...
User Guide
Page 35
... 182 Command Examples ...458 Table 183 System Maintenance Logs 459 Table 184 System Error Logs ...460 Table 185 Access Control Logs ...460 Table 186 TCP Reset Logs ...461 Table 187 Packet Filter Logs ...461 Table 188 ICMP Logs ...461 Table 189 CDR Logs ...462 Table 190 PPP Logs ...462 Table 191... ...469 Table 199 ACL Setting Notes ...470 Table 200 ICMP Notes ...470 Table 201 Syslog Logs ...471 Table 202 RFC-2408 ISAKMP Payload Types 472 P-662H/HW-D Series User's Guide 35
... 182 Command Examples ...458 Table 183 System Maintenance Logs 459 Table 184 System Error Logs ...460 Table 185 Access Control Logs ...460 Table 186 TCP Reset Logs ...461 Table 187 Packet Filter Logs ...461 Table 188 ICMP Logs ...461 Table 189 CDR Logs ...462 Table 190 PPP Logs ...462 Table 191... ...469 Table 199 ACL Setting Notes ...470 Table 200 ICMP Notes ...470 Table 201 Syslog Logs ...471 Table 202 RFC-2408 ISAKMP Payload Types 472 P-662H/HW-D Series User's Guide 35
User Guide
Page 46
... blinking). 2 Press the RESET button for 10 seconds or until the POWER LED begins to : • Activate/Deactivate the wireless network - by pressing the RESET button for 1 second. • Start OTIST - You can also use the RESET button at the back of the ZyXEL Device to blink, the ...defaults have been restored and the ZyXEL Device restarts. by pressing the RESET button for 3 seconds. 46 P-662H/HW-D Series User's Guide When the POWER LED begins to reload ...
... blinking). 2 Press the RESET button for 10 seconds or until the POWER LED begins to : • Activate/Deactivate the wireless network - by pressing the RESET button for 1 second. • Start OTIST - You can also use the RESET button at the back of the ZyXEL Device to blink, the ...defaults have been restored and the ZyXEL Device restarts. by pressing the RESET button for 3 seconds. 46 P-662H/HW-D Series User's Guide When the POWER LED begins to reload ...
User Guide
Page 50
... to configure through which interface(s) and from which IP address(es) users can use Telnet to manage the ZyXEL Device. UPnP Use this screen to enable UPnP on page 44). 50 P-662H/HW-D Series User's Guide Logs View Log Use this screen to view the logs for Simple Network Management... Use this screen to backup and restore the configuration or reset the factory defaults to your ZyXEL Device's settings for the categories that you to reboot the ZyXEL Device without turning the power off. SNMP Use this screen to configure your ZyXEL Device. Some fields or links are not available if you...
... to configure through which interface(s) and from which IP address(es) users can use Telnet to manage the ZyXEL Device. UPnP Use this screen to enable UPnP on page 44). 50 P-662H/HW-D Series User's Guide Logs View Log Use this screen to view the logs for Simple Network Management... Use this screen to backup and restore the configuration or reset the factory defaults to your ZyXEL Device's settings for the categories that you to reboot the ZyXEL Device without turning the power off. SNMP Use this screen to configure your ZyXEL Device. Some fields or links are not available if you...
User Guide
Page 67
.... Setup Key Back Next Exit Note: You can also activate the wireless LAN by pressing the RESET button for 3 seconds. P-662H/HW-D Series User's Guide 67 Select the check box to enable OTIST if you want to...: You can start OTIST on the wireless LAN. You must also activate and start OTIST by pressing the RESET button for 1 second. The process takes three minutes to eight ASCII characters in length. Click Next to ... check box to close the wizard screen without saving. 3 Configure your ZyXEL Device's SSID and WEP or WPA-PSK security settings to use the same OTIST Setup Key on the...
.... Setup Key Back Next Exit Note: You can also activate the wireless LAN by pressing the RESET button for 3 seconds. P-662H/HW-D Series User's Guide 67 Select the check box to enable OTIST if you want to...: You can start OTIST on the wireless LAN. You must also activate and start OTIST by pressing the RESET button for 1 second. The process takes three minutes to eight ASCII characters in length. Click Next to ... check box to close the wizard screen without saving. 3 Configure your ZyXEL Device's SSID and WEP or WPA-PSK security settings to use the same OTIST Setup Key on the...
User Guide
Page 99
...to return to save the changes. Figure 52 WAN Dial Backup Modem Setup P-662H/HW-D Series User's Guide 99 For example, to allow calls to this screen...screen afresh. 5.10 Dial Backup Modem Setup Use this remote node for how often the budget should be reset. Cancel Click Cancel to configure the advanced modem settings. Allocated Budget Type the amount of 10 minutes every ... time period (in hours) for a maximum of time (in minutes) that is no budget control and the ZyXEL Device uses the Connection settings. If you set the Allocated Budget to 0, you set the Allocated Budget to 10...
...to return to save the changes. Figure 52 WAN Dial Backup Modem Setup P-662H/HW-D Series User's Guide 99 For example, to allow calls to this screen...screen afresh. 5.10 Dial Backup Modem Setup Use this remote node for how often the budget should be reset. Cancel Click Cancel to configure the advanced modem settings. Allocated Budget Type the amount of 10 minutes every ... time period (in hours) for a maximum of time (in minutes) that is no budget control and the ZyXEL Device uses the Connection settings. If you set the Allocated Budget to 0, you set the Allocated Budget to 10...
User Guide
Page 109
... address pool. If set to Relay, the ZyXEL Device acts as a DNS proxy and forwards...DHCP Server The ZyXEL Device passes a DNS (Domain Name System) server IP address to the ZyXEL Device. Every ...This screen allows you set to Server, your ZyXEL Device can assign IP addresses, an IP default...the IP address and the subnet mask. Reset Click Reset to Relay. Table 31 DHCP Setup LABEL...02. The DNS servers are left as 0.0.0.0, the ZyXEL Device acts as a surrogate DHCP server and relays...client. Apply Click Apply to save your ZyXEL Device's static DHCP settings, click Network > LAN ...
... address pool. If set to Relay, the ZyXEL Device acts as a DNS proxy and forwards...DHCP Server The ZyXEL Device passes a DNS (Domain Name System) server IP address to the ZyXEL Device. Every ...This screen allows you set to Server, your ZyXEL Device can assign IP addresses, an IP default...the IP address and the subnet mask. Reset Click Reset to Relay. Table 31 DHCP Setup LABEL...02. The DNS servers are left as 0.0.0.0, the ZyXEL Device acts as a surrogate DHCP server and relays...client. Apply Click Apply to save your ZyXEL Device's static DHCP settings, click Network > LAN ...
User Guide
Page 118
Note: You can also activate the wireless LAN by pressing the RESET button for the wireless LAN. Wireless stations associating to the access point (AP) must then change the ZyXEL Device's SSID or WEP settings, you will lose your WLAN setup. Select this screen. You must have ...this screen. 7.5.1 No Security Select No Security to allow wireless stations to communicate with which a wireless station is within range. 118 P-662H/HW-D Series User's Guide " If you press Apply to confirm. Table 36 Wireless LAN: General LABEL DESCRIPTION Active Wireless LAN Click the...
Note: You can also activate the wireless LAN by pressing the RESET button for the wireless LAN. Wireless stations associating to the access point (AP) must then change the ZyXEL Device's SSID or WEP settings, you will lose your WLAN setup. Select this screen. You must have ...this screen. 7.5.1 No Security Select No Security to allow wireless stations to communicate with which a wireless station is within range. 118 P-662H/HW-D Series User's Guide " If you press Apply to confirm. Table 36 Wireless LAN: General LABEL DESCRIPTION Active Wireless LAN Click the...
User Guide
Page 126
...wireless station to complete. You must also make the same change the OTIST setup key here, you start OTIST by pressing the RESET button for 3 seconds. 126 P-662H/HW-D Series User's Guide The process takes three minutes to use that WPA- The following table describes the labels in the ...security settings are assigned to encrypt the wireless security data using the setup key and have OTIST use the same wireless settings as the ZyXEL Device. Table 42 OTIST LABEL DESCRIPTION Setup Key Type an OTIST Setup Key of exactly eight ASCII characters in WPA-PSK security mode...
...wireless station to complete. You must also make the same change the OTIST setup key here, you start OTIST by pressing the RESET button for 3 seconds. 126 P-662H/HW-D Series User's Guide The process takes three minutes to use that WPA- The following table describes the labels in the ...security settings are assigned to encrypt the wireless security data using the setup key and have OTIST use the same wireless settings as the ZyXEL Device. Table 42 OTIST LABEL DESCRIPTION Setup Key Type an OTIST Setup Key of exactly eight ASCII characters in WPA-PSK security mode...
User Guide
Page 128
...you start the utility. Chapter 7 Wireless LAN 2 This screen appears while OTIST settings are being transferred. P-662H/HW-D Series User's Guide Figure 71 OTIST in Progress (AP) Figure 72 OTIST in Progress (Client) ...OTIST-enabled wireless client loses its wireless connection for more than ten seconds, it to the ZyXEL utility main screen. click Cancel in the OTIST progress screen to transfer settings. 4 If you... you must still click Start in the AP OTIST web configurator screen or hold in the Reset button (for one minute. (If you run OTIST again or enter them manually in the...
...you start the utility. Chapter 7 Wireless LAN 2 This screen appears while OTIST settings are being transferred. P-662H/HW-D Series User's Guide Figure 71 OTIST in Progress (AP) Figure 72 OTIST in Progress (Client) ...OTIST-enabled wireless client loses its wireless connection for more than ten seconds, it to the ZyXEL utility main screen. click Cancel in the OTIST progress screen to transfer settings. 4 If you... you must still click Start in the AP OTIST web configurator screen or hold in the Reset button (for one minute. (If you run OTIST again or enter them manually in the...
User Guide
Page 135
...the guest wireless network. Type 0 to disable the automatic timeout feature or type 1 to access the guest wireless network. Entering 0 resets the value to enable 128-bit WEP key encryption, 3 256-bit WEP key encryption. Table 48 Multiple SSID Example Configuration PARAMETER VALUE... SSID guestnetwork Security 64-bit WEP key encryption. P-662H/HW-D Series User's Guide 135 This command allows you type the wlan mssid command. WEP key abcde Other Intranet blocking is hidden...
...the guest wireless network. Type 0 to disable the automatic timeout feature or type 1 to access the guest wireless network. Entering 0 resets the value to enable 128-bit WEP key encryption, 3 256-bit WEP key encryption. Table 48 Multiple SSID Example Configuration PARAMETER VALUE... SSID guestnetwork Security 64-bit WEP key encryption. P-662H/HW-D Series User's Guide 135 This command allows you type the wlan mssid command. WEP key abcde Other Intranet blocking is hidden...
User Guide
Page 173
... of your changes back to either another computer/subnet on the LAN to the ZyXEL Device. Packet Direction This is activated. Select Drop to silently discard the packets without sending a TCP reset packet or an ICMP destination-unreachable message to the sender. Log Select the check...in this button to display more information. Select Reject to deny the packets and send a TCP reset packet (for a TCP packet) or an ICMP destination-unreachable message (for packets that are listed. P-662H/HW-D Series User's Guide 173 Click Security > Firewall > Rules to create a log (...
... of your changes back to either another computer/subnet on the LAN to the ZyXEL Device. Packet Direction This is activated. Select Drop to silently discard the packets without sending a TCP reset packet or an ICMP destination-unreachable message to the sender. Log Select the check...in this button to display more information. Select Reject to deny the packets and send a TCP reset packet (for a TCP packet) or an ICMP destination-unreachable message (for packets that are listed. P-662H/HW-D Series User's Guide 173 Click Security > Firewall > Rules to create a log (...
User Guide
Page 174
...field displays whether the firewall silently discards packets (Drop), discards packets and sends a TCP reset packet or an ICMP destination-unreachable message to disable the rule. Please note that apply ... This field tells you have created that a blank source or destination address is green. P-662H/HW-D Series User's Guide The following table describes the labels in the selected packet direction....Figure 97 Firewall Rules 174 The following read -only bar shows how much of the ZyXEL Device's memory for recording Storage Space firewall rules it is currently using 80% or less...
...field displays whether the firewall silently discards packets (Drop), discards packets and sends a TCP reset packet or an ICMP destination-unreachable message to disable the rule. Please note that apply ... This field tells you have created that a blank source or destination address is green. P-662H/HW-D Series User's Guide The following table describes the labels in the selected packet direction....Figure 97 Firewall Rules 174 The following read -only bar shows how much of the ZyXEL Device's memory for recording Storage Space firewall rules it is currently using 80% or less...
User Guide
Page 177
Select Reject to deny the packets and send a TCP reset packet (for a TCP packet) or an ICMP destination-unreachable message (for Matched Packet Use the drop-down list box that match this rule. Start IP ... to the sender. Edit End IP Address Enter the ending IP address in a range here. Select Drop to silently discard the packets without sending a TCP reset packet or an ICMP destination-unreachable message to allow the passage of the packets. You can add multiple addresses, ranges of IP addresses (e.g., 192.168...
Select Reject to deny the packets and send a TCP reset packet (for a TCP packet) or an ICMP destination-unreachable message (for Matched Packet Use the drop-down list box that match this rule. Start IP ... to the sender. Edit End IP Address Enter the ending IP address in a range here. Select Drop to silently discard the packets without sending a TCP reset packet or an ICMP destination-unreachable message to allow the passage of the packets. You can add multiple addresses, ranges of IP addresses (e.g., 192.168...
User Guide
Page 179
...UDP) that define your customized port from the Internet. 1 Click Security > Firewall > Rules. 2 Select WAN to LAN in this screen. P-662H/HW-D Series User's Guide 179 Back Click Back to the previously saved values. Delete Click Delete to remove this customized service and return to specify... a span of port numbers that define your custom port. Cancel Click Cancel to reset the screen to return the previous screen. Chapter 11 Firewall Configuration Refer to save your customized settings and exit this screen. Apply ...
...UDP) that define your customized port from the Internet. 1 Click Security > Firewall > Rules. 2 Select WAN to LAN in this screen. P-662H/HW-D Series User's Guide 179 Back Click Back to the previously saved values. Delete Click Delete to remove this customized service and return to specify... a span of port numbers that define your custom port. Cancel Click Cancel to reset the screen to return the previous screen. Chapter 11 Firewall Configuration Refer to save your customized settings and exit this screen. Apply ...
User Guide
Page 186
...mechanism before you have checked the firewall counters. Therefore if the firewall mechanism blocks a probing packet, the ZyXEL Device reacts based on the corresponding firewall policy to send a TCP reset packet for a blocked TCP packet or an ICMP port-unreachable packet for a port probe on its ... 69 Firewall: Anti Probing LABEL DESCRIPTION Respond to PING The ZyXEL Device does not respond to configure thresholds. 11.10.1 Threshold Values Tune these factors (especially if you continue configuring firewall rules. 186 P-662H/HW-D Series User's Guide You can change them to values...
...mechanism before you have checked the firewall counters. Therefore if the firewall mechanism blocks a probing packet, the ZyXEL Device reacts based on the corresponding firewall policy to send a TCP reset packet for a blocked TCP packet or an ICMP port-unreachable packet for a port probe on its ... 69 Firewall: Anti Probing LABEL DESCRIPTION Respond to PING The ZyXEL Device does not respond to configure thresholds. 11.10.1 Threshold Values Tune these factors (especially if you continue configuring firewall rules. 186 P-662H/HW-D Series User's Guide You can change them to values...
User Guide
Page 214
... (Standard). Status This field displays whether a service is activated (Active) or not (Inactive). Expiration Day This field displays the date your ZyXEL Device) and enter the new PIN number to activate or extend a standard service subscription. If a standard service subscription runs out, you applied...This field displays the service name available on the ZyXEL Device. Chapter 14 Register The following table describes the labels in this button to clear the License Key field. 214 P-662H/HW-D Series User's Guide Reset Click Reset to renew service license information (such as the ...
... (Standard). Status This field displays whether a service is activated (Active) or not (Inactive). Expiration Day This field displays the date your ZyXEL Device) and enter the new PIN number to activate or extend a standard service subscription. If a standard service subscription runs out, you applied...This field displays the service name available on the ZyXEL Device. Chapter 14 Register The following table describes the labels in this button to clear the License Key field. 214 P-662H/HW-D Series User's Guide Reset Click Reset to renew service license information (such as the ...
User Guide
Page 241
...MD5 for minimal security and SHA-1 for details on dial backup and traffic redirect. Reset Click Reset to set the fields to their last saved value. 16.16 Viewing SA Monitor Click...unique key 8 characters long. MD5 (Message Digest 5) and SHA1 (Secure Hash Algorithm) are truncated. P-662H/HW-D Series User's Guide 241 The VPN tunnel has to be used , including spaces, but trailing ... Select NULL to set up a tunnel without encryption. If the WAN connection goes down, the ZyXEL Device uses the dial backup IP address for SHA-1 authentication. A Security Association (SA) is more...
...MD5 for minimal security and SHA-1 for details on dial backup and traffic redirect. Reset Click Reset to set the fields to their last saved value. 16.16 Viewing SA Monitor Click...unique key 8 characters long. MD5 (Message Digest 5) and SHA1 (Secure Hash Algorithm) are truncated. P-662H/HW-D Series User's Guide 241 The VPN tunnel has to be used , including spaces, but trailing ... Select NULL to set up a tunnel without encryption. If the WAN connection goes down, the ZyXEL Device uses the dial backup IP address for SHA-1 authentication. A Security Association (SA) is more...
User Guide
Page 300
...TR-069 TR-069 is not selected and the ZyXEL Device will not respond to prevent hackers from finding the ZyXEL Device by CNM Access. Therefore if the firewall mechanism blocks a probing packet, the ZyXEL Device reacts based on the ZyXEL Device. 300 P-662H/HW-D Series User's Guide See the Command ...Interpreter appendix for information on the command structure and how to access the CLI (Command Line Interface) on the firewall policy, which by the TCP/IP software and directly apparent to send a TCP reset packet ...
...TR-069 TR-069 is not selected and the ZyXEL Device will not respond to prevent hackers from finding the ZyXEL Device by CNM Access. Therefore if the firewall mechanism blocks a probing packet, the ZyXEL Device reacts based on the ZyXEL Device. 300 P-662H/HW-D Series User's Guide See the Command ...Interpreter appendix for information on the command structure and how to access the CLI (Command Line Interface) on the firewall policy, which by the TCP/IP software and directly apparent to send a TCP reset packet ...