User Guide
Page 13
Table of Contents 6.1.1 How to Connect to the Internet from an AP 73 6.1.2 Configure Wireless Security Using WPS on both your NBG420N and Wireless Client 73 6.1.3 Enable and Configure Wireless Security without WPS on your NBG420N 76 6.1.4 Configure Your Notebook 78 6.2 Site-To-Site VPN Tunnel Tutorial 80 6.2.1 Configuring Bob's NBG420N VPN Settings 81 6.2.2 Configuring... Station Screen 107 7.9.3 Scheduling ...107 7.10 iPod Touch Web Configurator 108 7.10.1 Login Screen ...109 7.10.2 System Status ...110 7.10.3 WPS in Progress ...112 7.10.4 Port Forwarding ...113 NBG420N User's Guide 13
Table of Contents 6.1.1 How to Connect to the Internet from an AP 73 6.1.2 Configure Wireless Security Using WPS on both your NBG420N and Wireless Client 73 6.1.3 Enable and Configure Wireless Security without WPS on your NBG420N 76 6.1.4 Configure Your Notebook 78 6.2 Site-To-Site VPN Tunnel Tutorial 80 6.2.1 Configuring Bob's NBG420N VPN Settings 81 6.2.2 Configuring... Station Screen 107 7.9.3 Scheduling ...107 7.10 iPod Touch Web Configurator 108 7.10.1 Login Screen ...109 7.10.2 System Status ...110 7.10.3 WPS in Progress ...112 7.10.4 Port Forwarding ...113 NBG420N User's Guide 13
User Guide
Page 14
Table of Contents 7.11 Accessing the iPod Touch Web Configurator 114 7.11.1 Accessing the iPod Touch Web Configurator 115 Chapter 8 WAN...117 8.1 WAN Overview ...117 8.2 WAN ....3 DHCP Advanced Screen 134 10.4 Client List Screen ...135 Chapter 11 Network Address Translation (NAT 137 11.1 NAT Overview ...137 11.2 Using NAT ...137 11.2.1 Port Forwarding: Services and Port Numbers 137 11.2.2 Configuring Servers Behind Port Forwarding Example 138 11.3 General NAT Screen ...138 11.4 NAT Application Screen 139 14 NBG420N User's Guide
Table of Contents 7.11 Accessing the iPod Touch Web Configurator 114 7.11.1 Accessing the iPod Touch Web Configurator 115 Chapter 8 WAN...117 8.1 WAN Overview ...117 8.2 WAN ....3 DHCP Advanced Screen 134 10.4 Client List Screen ...135 Chapter 11 Network Address Translation (NAT 137 11.1 NAT Overview ...137 11.2 Using NAT ...137 11.2.1 Port Forwarding: Services and Port Numbers 137 11.2.2 Configuring Servers Behind Port Forwarding Example 138 11.3 General NAT Screen ...138 11.4 NAT Application Screen 139 14 NBG420N User's Guide
User Guide
Page 15
...Port Forwarding 142 11.5.1 Trigger Port Forwarding Example 142 11.5.2 Two Points To Remember About Trigger Ports 143 11.6 NAT Advanced Screen ...143 Chapter 12 Dynamic DNS ...147 12.1 Dynamic DNS Introduction 147 12.1.1 DynDNS Wildcard 147 12.2 Dynamic DNS Screen ...147 Part III: Security 151 Chapter 13 Firewall...153 13.1 Introduction to ZyXEL...'s Firewall 153 13.1.1 What is a Firewall 153 13.1.2 Stateful Inspection Firewall 153 13.1.3 About the NBG420N Firewall 153 13.1.4 Guidelines For Enhancing Security With Your ...
...Port Forwarding 142 11.5.1 Trigger Port Forwarding Example 142 11.5.2 Two Points To Remember About Trigger Ports 143 11.6 NAT Advanced Screen ...143 Chapter 12 Dynamic DNS ...147 12.1 Dynamic DNS Introduction 147 12.1.1 DynDNS Wildcard 147 12.2 Dynamic DNS Screen ...147 Part III: Security 151 Chapter 13 Firewall...153 13.1 Introduction to ZyXEL...'s Firewall 153 13.1.1 What is a Firewall 153 13.1.2 Stateful Inspection Firewall 153 13.1.3 About the NBG420N Firewall 153 13.1.4 Guidelines For Enhancing Security With Your ...
User Guide
Page 26
List of Tables Table 39 Scheduling ...108 Table 40 Login Screen ...109 Table 41 System Status screen ...111 Table 42 Port Forwarding ...114 Table 43 Network > WAN > Internet Connection: Ethernet Encapsulation 119 Table 44 Network > WAN > Internet Connection: PPPoE Encapsulation 121 Table 45 Network > WAN > Internet Connection: PPTP Encapsulation 123 Table 46 WAN > Advanced ...125 Table 47 Network > LAN > IP ...130 Table 48 Network...
List of Tables Table 39 Scheduling ...108 Table 40 Login Screen ...109 Table 41 System Status screen ...111 Table 42 Port Forwarding ...114 Table 43 Network > WAN > Internet Connection: Ethernet Encapsulation 119 Table 44 Network > WAN > Internet Connection: PPPoE Encapsulation 121 Table 45 Network > WAN > Internet Connection: PPTP Encapsulation 123 Table 46 WAN > Advanced ...125 Table 47 Network > LAN > IP ...130 Table 48 Network...
User Guide
Page 70
You must connect the WAN port to a device with the new IP address. Without a DHCP server the NBG420N will have to the right. Check the IP ... and enter the same IP address, the second User-Defined changes to log into the NBG420N again using the new IP address. Table 25 Network > LAN > IP LABEL Get from a DHCP server on the same segment ...NBG420N in the screen below describes the labels in again with a DHCP server enabled (such as your network. Select From ISP if your NBG420N that address to log in dotted decimal notation. Unless you will forward the packet to the NBG420N...
You must connect the WAN port to a device with the new IP address. Without a DHCP server the NBG420N will have to the right. Check the IP ... and enter the same IP address, the second User-Defined changes to log into the NBG420N again using the new IP address. Table 25 Network > LAN > IP LABEL Get from a DHCP server on the same segment ...NBG420N in the screen below describes the labels in again with a DHCP server enabled (such as your network. Select From ISP if your NBG420N that address to log in dotted decimal notation. Unless you will forward the packet to the NBG420N...
User Guide
Page 112
...the NBG420N to act as disabled if auto channel selection mode is on. Press the right side of the button to turn URL Filtering OFF. Press the right side of wireless clients on an application and/or subnet. Activated Rule This field displays the currently activated port forwarding rules... a successful WPS connection to specify bandwidth management rules based on the network. PIN Number This field displays the NBG420N's WPS (Wi-Fi Protected Setup) PIN number. Chapter 7 Wireless LAN Table 41 System Status screen LABEL DESCRIPTION Channel This field displays the channel the...
...the NBG420N to act as disabled if auto channel selection mode is on. Press the right side of the button to turn URL Filtering OFF. Press the right side of wireless clients on an application and/or subnet. Activated Rule This field displays the currently activated port forwarding rules... a successful WPS connection to specify bandwidth management rules based on the network. PIN Number This field displays the NBG420N's WPS (Wi-Fi Protected Setup) PIN number. Chapter 7 Wireless LAN Table 41 System Status screen LABEL DESCRIPTION Channel This field displays the channel the...
User Guide
Page 114
... a new rule you must use the web configurator from your computer. Status Use this column to manage the status of an individual port forwarding entry. Press the left side of the button to turn the rule ON and press the right side of the button to turn the... web configurator through your iPod Touch you must first connect it to do this screen. Follow the steps below to the NBG420N's wireless network. Table 42 Port Forwarding LABEL DESCRIPTION # This is turned on. Chapter 7 Wireless LAN Figure 76 Port Forwarding The following table describes the labels in this . 114...
... a new rule you must use the web configurator from your computer. Status Use this column to manage the status of an individual port forwarding entry. Press the left side of the button to turn the rule ON and press the right side of the button to turn the... web configurator through your iPod Touch you must first connect it to do this screen. Follow the steps below to the NBG420N's wireless network. Table 42 Port Forwarding LABEL DESCRIPTION # This is turned on. Chapter 7 Wireless LAN Figure 76 Port Forwarding The following table describes the labels in this . 114...
User Guide
Page 139
...address in the NAT > General screen, the NBG420N discards all packets received for example a public IP address used on ports not specified in the Application screen. Click Apply to save your NBG420N's port forwarding settings, click Network > NAT > Application. NBG420N User's Guide 139 Apply Reset Note: For ...NBG420N. Chapter 11 Network Address Translation (NAT) The following table describes the labels in this to use WoL (Wake On LAN) to turn on the server specified in the Server IP Address field when packets are not specified in the Application screen or remote management. Table...
...address in the NAT > General screen, the NBG420N discards all packets received for example a public IP address used on ports not specified in the Application screen. Click Apply to save your NBG420N's port forwarding settings, click Network > NAT > Application. NBG420N User's Guide 139 Apply Reset Note: For ...NBG420N. Chapter 11 Network Address Translation (NAT) The following table describes the labels in this to use WoL (Wake On LAN) to turn on the server specified in the Server IP Address field when packets are not specified in the Application screen or remote management. Table...
User Guide
Page 140
... > Application The following table describes the labels in this rule and the requested service can be forwarded to delete the entry. You can upload them. File Path Type in the Service Name and Port fields. 140 NBG420N User's Guide The predefined service name and port number(s) will display in... the location of these ports to an inside server without...
... > Application The following table describes the labels in this rule and the requested service can be forwarded to delete the entry. You can upload them. File Path Type in the Service Name and Port fields. 140 NBG420N User's Guide The predefined service name and port number(s) will display in... the location of these ports to an inside server without...
User Guide
Page 141
...Game List Example Here is the number of ports, enter a hyphen (-) between the first port and the last port, such as 123,567. To specify a range of an individual port forwarding server entry. Apply Click Apply to save... This icon is the service name) to the Application Rules Summary table. The index number, service name and associated port(s) are received on when the rule is enabled. Use the name... in the IP address field when packets are specified by commas. NBG420N User's Guide 141 Multiple (non-consecutive) ports can be separated by semi-colons (no spaces). Server IP Address...
...Game List Example Here is the number of ports, enter a hyphen (-) between the first port and the last port, such as 123,567. To specify a range of an individual port forwarding server entry. Apply Click Apply to save... This icon is the service name) to the Application Rules Summary table. The index number, service name and associated port(s) are received on when the rule is enabled. Use the name... in the IP address field when packets are specified by commas. NBG420N User's Guide 141 Multiple (non-consecutive) ports can be separated by semi-colons (no spaces). Server IP Address...
User Guide
Page 145
The NBG420N forwards the traffic with this screen afresh. End Port Type a port number or the ending port number in a range of port numbers. Apply Click Apply to save your changes back to the NBG420N. NBG420N User's Guide 145 Start Port Type a port number or the starting port number in a range of ports) that requested the service. Trigger The trigger port is a port (or a range...
The NBG420N forwards the traffic with this screen afresh. End Port Type a port number or the ending port number in a range of port numbers. Apply Click Apply to save your changes back to the NBG420N. NBG420N User's Guide 145 Start Port Type a port number or the starting port number in a range of ports) that requested the service. Trigger The trigger port is a port (or a range...
User Guide
Page 156
... error-reporting protocol between a host server and a gateway to save the settings. Select LAN to reply to any records. Chapter 13 Firewall Table 57 Security > Firewall > General LABEL DESCRIPTION Log Select whether to create a log for packets that Access Control under Log is selected in...related to firewall rules, make sure that are blocked (Log All) or forwarded (Log Forward). This allows the outside user attempts to know the NBG420N exists. Respond to Ping on your NBG420N when unsupported ports are processed by the TCP/IP software and directly apparent to all incoming ...
... error-reporting protocol between a host server and a gateway to save the settings. Select LAN to reply to any records. Chapter 13 Firewall Table 57 Security > Firewall > General LABEL DESCRIPTION Log Select whether to create a log for packets that Access Control under Log is selected in...related to firewall rules, make sure that are blocked (Log All) or forwarded (Log Forward). This allows the outside user attempts to know the NBG420N exists. Respond to Ping on your NBG420N when unsupported ports are processed by the TCP/IP software and directly apparent to all incoming ...
User Guide
Page 170
... routers between rules. DNS Server (for this check box to enable NAT traversal. If you to set to 0.0.0.0, the ranges of local addresses. Table 63 SECURITY > VPN > Rule Setup: IKE (Basic) LABEL DESCRIPTION Property Active Select this check box to activate this IPSec rule's range of ...remote IP address, but not with AH protocol nor with the Secure Gateway Address field set the NAT router to forward UDP ports 500 and 4500 to the IPSec router behind your NBG420N. Manual is a useful option for an IPSec router behind a NAT router to receive an initiating IPSec packet, ...
... routers between rules. DNS Server (for this check box to enable NAT traversal. If you to set to 0.0.0.0, the ranges of local addresses. Table 63 SECURITY > VPN > Rule Setup: IKE (Basic) LABEL DESCRIPTION Property Active Select this check box to activate this IPSec rule's range of ...remote IP address, but not with AH protocol nor with the Secure Gateway Address field set the NAT router to forward UDP ports 500 and 4500 to the IPSec router behind your NBG420N. Manual is a useful option for an IPSec router behind a NAT router to receive an initiating IPSec packet, ...
User Guide
Page 175
...IPSec VPN The following table describes the labels in the Secure Gateway Address field and the LAN's full IP address range as only one active rule with the Secure Gateway Address field set the NAT router to forward UDP ports 500 and 4500 to the IPSec router behind your NBG420N. In order for... an IPSec router behind your NBG420N. Select IKE or Manual from the drop-down list box. IKE provides more than ...
...IPSec VPN The following table describes the labels in the Secure Gateway Address field and the LAN's full IP address range as only one active rule with the Secure Gateway Address field set the NAT router to forward UDP ports 500 and 4500 to the IPSec router behind your NBG420N. In order for... an IPSec router behind your NBG420N. Select IKE or Manual from the drop-down list box. IKE provides more than ...
User Guide
Page 204
... to open the Rule Configuration screen. Service Name Enter a descriptive name of your customized settings. Chapter 17 Bandwidth Management The following table describes the labels in this bandwidth management rule. Enable Select this check box to traffic that you can modify the rule. Choose High...service. Service This is recommended. Modify an existing rule or create a new rule in kbps (2 to 100,000) that the NBG420N forwards to the WAN port. See Section 17.9.2 on the pre-defined service. # This is the number of the broadband device connected to the WAN.
... to open the Rule Configuration screen. Service Name Enter a descriptive name of your customized settings. Chapter 17 Bandwidth Management The following table describes the labels in this bandwidth management rule. Enable Select this check box to traffic that you can modify the rule. Choose High...service. Service This is recommended. Modify an existing rule or create a new rule in kbps (2 to 100,000) that the NBG420N forwards to the WAN port. See Section 17.9.2 on the pre-defined service. # This is the number of the broadband device connected to the WAN.
User Guide
Page 216
...NAT traversal, UPnP applications automatically reserve a NAT forwarding port in this check box to manually configure port forwarding for example, MSN packets). 216 NBG420N User's Guide Allow UPnP to pass through ...UPnP Select this check box to allow traffic from the Universal Plug and Play Forum UPnP™ Implementers Corp. (UIC). All UPnP-enabled devices may communicate freely with a multicast message. ZyXEL's UPnP implementation supports Internet Gateway Device (IGD) 1.0. Table...
...NAT traversal, UPnP applications automatically reserve a NAT forwarding port in this check box to manually configure port forwarding for example, MSN packets). 216 NBG420N User's Guide Allow UPnP to pass through ...UPnP Select this check box to allow traffic from the Universal Plug and Play Forum UPnP™ Implementers Corp. (UIC). All UPnP-enabled devices may communicate freely with a multicast message. ZyXEL's UPnP implementation supports Internet Gateway Device (IGD) 1.0. Table...
User Guide
Page 241
...detected an ICMP echo attack. For type and code details, see Table 104 on page 247. Connecting to content The connection to the time schedule or you didn't select the "Block Matched Web Site" check box, the system forwards the web content. The firewall detected an ICMP attack. The ...a query because TCP/IP socket creation failed, port:port number. WAN [TCP | UDP | IGMP | ESP | GRE | OSPF] ip spoofing - DNS resolving failed The NBG420N cannot get the IP address of the external content filtering via DNS query. For type and code details, see Table 104 on page 247. For type and code...
...detected an ICMP echo attack. For type and code details, see Table 104 on page 247. Connecting to content The connection to the time schedule or you didn't select the "Block Matched Web Site" check box, the system forwards the web content. The firewall detected an ICMP attack. The ...a query because TCP/IP socket creation failed, port:port number. WAN [TCP | UDP | IGMP | ESP | GRE | OSPF] ip spoofing - DNS resolving failed The NBG420N cannot get the IP address of the external content filtering via DNS query. For type and code details, see Table 104 on page 247. For type and code...
User Guide
Page 275
...Protocol) used to join multicast groups (see RFC 2236). Port Forwarding If you turn on the IPSec standard and is enabled/disabled. The NBG420N supports versions 1 and 2 of leased site-to -Point ... server. You can efficiently manage traffic on your network, then use a fixed URL, www.zyxel.com for each subnet. IP Alias IP Alias allows you can communicate with a Dynamic DNS...of traffic and/or to certain types of computers. Table 115 Feature Specifications FEATURE Number of Static Routes Number of Port Forwarding Rules Number of NAT Sessions Number of Address Mapping Rules...
...Protocol) used to join multicast groups (see RFC 2236). Port Forwarding If you turn on the IPSec standard and is enabled/disabled. The NBG420N supports versions 1 and 2 of leased site-to -Point ... server. You can efficiently manage traffic on your network, then use a fixed URL, www.zyxel.com for each subnet. IP Alias IP Alias allows you can communicate with a Dynamic DNS...of traffic and/or to certain types of computers. Table 115 Feature Specifications FEATURE Number of Static Routes Number of Port Forwarding Rules Number of NAT Sessions Number of Address Mapping Rules...
User Guide
Page 339
... Static Route 195 Status 39 subnet 285 Subnet Mask 130 subnet mask 59, 286 subnetting 288 Summary 44 Bandwidth management monitor 44 DHCP table 45 Packet statistics 46 Wireless station status 47 syntax conventions 4 Sys Op Mode 259 selecting 260 System General Setup 229 System Name 229... Telnet 211 Temperature 273 Time setting 230 trademarks 325 Triangle routes and IP alias 154 see also asymmetrical routes 154 trigger port 142 Trigger port forwarding 142 example 142 NBG420N User's Guide process 142 U Universal Plug and Play 215 Application 215 UPnP 215 Forum 216 security issues 215 URL Keyword...
... Static Route 195 Status 39 subnet 285 Subnet Mask 130 subnet mask 59, 286 subnetting 288 Summary 44 Bandwidth management monitor 44 DHCP table 45 Packet statistics 46 Wireless station status 47 syntax conventions 4 Sys Op Mode 259 selecting 260 System General Setup 229 System Name 229... Telnet 211 Temperature 273 Time setting 230 trademarks 325 Triangle routes and IP alias 154 see also asymmetrical routes 154 trigger port 142 Trigger port forwarding 142 example 142 NBG420N User's Guide process 142 U Universal Plug and Play 215 Application 215 UPnP 215 Forum 216 security issues 215 URL Keyword...