User Guide
Page 12
...: Bandwidth Management Monitor 44 3.5.4 Summary: DHCP Table 45 3.5.5 Summary: Packet Statistics 46 3.5.6 Summary: VPN Monitor 47 3.5.7 Summary: Wireless Station Status 47 Chapter 4 Connection Wizard ...49 4.1 Wizard Setup ...49 4.2 Connection Wizard: STEP 1: System Information 50 4.2.1 System Name ...50 4.2.2 Domain Name ...STEP 4: Bandwidth management 62 4.6 Connection Wizard Complete 62 Chapter 5 AP Mode...65 5.1 AP Mode Overview ...65 5.2 Setting your NBG420N to AP Mode 65 5.3 The Status Screen in AP Mode 66 5.3.1 Navigation Panel ...68 5.4 Configuring Your Settings ...69 5.4.1 LAN...
...: Bandwidth Management Monitor 44 3.5.4 Summary: DHCP Table 45 3.5.5 Summary: Packet Statistics 46 3.5.6 Summary: VPN Monitor 47 3.5.7 Summary: Wireless Station Status 47 Chapter 4 Connection Wizard ...49 4.1 Wizard Setup ...49 4.2 Connection Wizard: STEP 1: System Information 50 4.2.1 System Name ...50 4.2.2 Domain Name ...STEP 4: Bandwidth management 62 4.6 Connection Wizard Complete 62 Chapter 5 AP Mode...65 5.1 AP Mode Overview ...65 5.2 Setting your NBG420N to AP Mode 65 5.3 The Status Screen in AP Mode 66 5.3.1 Navigation Panel ...68 5.4 Configuring Your Settings ...69 5.4.1 LAN...
User Guide
Page 13
...and Configure Wireless Security without WPS on your NBG420N 76 6.1.4 Configure Your Notebook 78 6.2 Site-To-Site VPN Tunnel Tutorial 80 6.2.1 Configuring Bob's NBG420N VPN Settings 81 6.2.2 Configuring Jack's NBG420N VPN Settings 83 6.2.3 Checking the VPN Connection 84 Part II: Network 87 Chapter... ...101 7.7 Wireless LAN Advanced Screen 102 7.8 Quality of Service (QoS) Screen 103 7.8.1 Application Priority Configuration 105 7.9 WiFi Protected Setup ...106 7.9.1 WPS Screen ...106 7.9.2 WPS Station Screen 107 7.9.3 Scheduling ...107 7.10 iPod Touch Web Configurator 108 7.10.1 Login...
...and Configure Wireless Security without WPS on your NBG420N 76 6.1.4 Configure Your Notebook 78 6.2 Site-To-Site VPN Tunnel Tutorial 80 6.2.1 Configuring Bob's NBG420N VPN Settings 81 6.2.2 Configuring Jack's NBG420N VPN Settings 83 6.2.3 Checking the VPN Connection 84 Part II: Network 87 Chapter... ...101 7.7 Wireless LAN Advanced Screen 102 7.8 Quality of Service (QoS) Screen 103 7.8.1 Application Priority Configuration 105 7.9 WiFi Protected Setup ...106 7.9.1 WPS Screen ...106 7.9.2 WPS Station Screen 107 7.9.3 Scheduling ...107 7.10 iPod Touch Web Configurator 108 7.10.1 Login...
User Guide
Page 16
... 15.1.4 IPSec SA (IKE Phase 2) Overview 167 15.2 The General Screen ...167 15.2.1 VPN Rule Setup (Basic 168 15.2.2 VPN Rule Setup (Advanced 173 15.2.3 VPN Rule Setup (Manual 179 15.3 The SA Monitor Screen 183 15.4 VPN and Remote Management 184 15.5 IPSec VPN Technical Reference 185 Part IV: Management 193 Chapter 16 Static Route Screens ...195... Rule Configuration 205 17.10 Bandwidth Management Monitor 206 Chapter 18 Remote Management...209 18.1 Remote Management Overview 209 18.1.1 Remote Management Limitations 209 16 NBG420N User's Guide
... 15.1.4 IPSec SA (IKE Phase 2) Overview 167 15.2 The General Screen ...167 15.2.1 VPN Rule Setup (Basic 168 15.2.2 VPN Rule Setup (Advanced 173 15.2.3 VPN Rule Setup (Manual 179 15.3 The SA Monitor Screen 183 15.4 VPN and Remote Management 184 15.5 IPSec VPN Technical Reference 185 Part IV: Management 193 Chapter 16 Static Route Screens ...195... Rule Configuration 205 17.10 Bandwidth Management Monitor 206 Chapter 18 Remote Management...209 18.1 Remote Management Overview 209 18.1.1 Remote Management Limitations 209 16 NBG420N User's Guide
User Guide
Page 19
... Wireless Internet Access in AP Mode 32 Figure 3 Front Panel ...33 Figure 4 Change Password Screen ...38 Figure 5 Selecting the setup mode ...39 Figure 6 Web Configurator Status Screen 40 Figure 7 Any IP Table ...44 Figure 8 Summary: BW MGMT Monitor 45 ...Figure 9 Summary: DHCP Table ...45 Figure 10 Summary: Packet Statistics 46 Figure 11 Summary: VPN Monitor ...47 Figure 12 Summary: Wireless Association List 47 Figure 13 Select Wizard or Advanced Mode 49 Figure 14 Select a...Process: PIN Method 76 Figure 38 Network > Wireless LAN > General 77 NBG420N User's Guide 19
... Wireless Internet Access in AP Mode 32 Figure 3 Front Panel ...33 Figure 4 Change Password Screen ...38 Figure 5 Selecting the setup mode ...39 Figure 6 Web Configurator Status Screen 40 Figure 7 Any IP Table ...44 Figure 8 Summary: BW MGMT Monitor 45 ...Figure 9 Summary: DHCP Table ...45 Figure 10 Summary: Packet Statistics 46 Figure 11 Summary: VPN Monitor ...47 Figure 12 Summary: Wireless Association List 47 Figure 13 Select Wizard or Advanced Mode 49 Figure 14 Select a...Process: PIN Method 76 Figure 38 Network > Wireless LAN > General 77 NBG420N User's Guide 19
User Guide
Page 21
... > VPN > General > Rule Setup: IKE (Basic 169 Figure 107 Security > VPN > General > Rule Setup: IKE (Advanced 174 Figure 108 Security > VPN > General > Rule Setup: Manual 180 Figure 109 Security > VPN > SA Monitor 183 Figure 110 VPN for ...Setup 197 Figure 120 Subnet-based Bandwidth Management Example 200 Figure 121 Management > Bandwidth MGMT > General 202 Figure 122 Management > Bandwidth MGMT > Advanced 203 Figure 123 Bandwidth Management Rule Configuration: Pre-defined Service 205 Figure 124 Management > Bandwidth MGMT > Advanced: User-defined Service Rule Configuration 206 NBG420N...
... > VPN > General > Rule Setup: IKE (Basic 169 Figure 107 Security > VPN > General > Rule Setup: IKE (Advanced 174 Figure 108 Security > VPN > General > Rule Setup: Manual 180 Figure 109 Security > VPN > SA Monitor 183 Figure 110 VPN for ...Setup 197 Figure 120 Subnet-based Bandwidth Management Example 200 Figure 121 Management > Bandwidth MGMT > General 202 Figure 122 Management > Bandwidth MGMT > Advanced 203 Figure 123 Bandwidth Management Rule Configuration: Pre-defined Service 205 Figure 124 Management > Bandwidth MGMT > Advanced: User-defined Service Rule Configuration 206 NBG420N...
User Guide
Page 26
... 162 Table 61 Security > Content Filter > Schedule 163 Table 62 Security > VPN > General ...168 Table 63 SECURITY > VPN > Rule Setup: IKE (Basic 170 Table 64 Security > VPN > Rule Setup: IKE (Advanced 175 Table 65 Security > VPN > Rule Setup: Manual 180 Table 66 Security > VPN > SA Monitor 184 Table 67 VPN Example: Matching ID Type and Content 186 Table 68... Rule Configuration . 206 Table 79 Management > Remote MGMT > WWW 210 Table 80 Management > Remote MGMT > Telnet 211 Table 81 Management > Remote MGMT > FTP 212 26 NBG420N User's Guide
... 162 Table 61 Security > Content Filter > Schedule 163 Table 62 Security > VPN > General ...168 Table 63 SECURITY > VPN > Rule Setup: IKE (Basic 170 Table 64 Security > VPN > Rule Setup: IKE (Advanced 175 Table 65 Security > VPN > Rule Setup: Manual 180 Table 66 Security > VPN > SA Monitor 184 Table 67 VPN Example: Matching ID Type and Content 186 Table 68... Rule Configuration . 206 Table 79 Management > Remote MGMT > WWW 210 Table 80 Management > Remote MGMT > Telnet 211 Table 81 Management > Remote MGMT > FTP 212 26 NBG420N User's Guide
User Guide
Page 80
... enter http:// www.zyxel.com or the URL of any other web site in the address bar. Chapter 6 Tutorials Figure 43 Link Status 8 If your connection is successful, open your wireless connection is successfully configured. 6.2 Site-To-Site VPN Tunnel Tutorial Bob and Jack want to setup a VPN connection between their NBG420Ns to create a secure...
... enter http:// www.zyxel.com or the URL of any other web site in the address bar. Chapter 6 Tutorials Figure 43 Link Status 8 If your connection is successful, open your wireless connection is successfully configured. 6.2 Site-To-Site VPN Tunnel Tutorial Bob and Jack want to setup a VPN connection between their NBG420Ns to create a secure...
User Guide
Page 81
... the VPN rule after it has been created. This displays the VPN Rule Setup (basic) screen. 2 Select the Active checkbox to access this single IP address. Chapter 6 Tutorials Table 26 Site-To-Site VPN Tunnel Settings (continued) SETTING BOB'S NBG420N JACK'S NBG420N Local ...ThisIsMySecretKey Encryption Algorithm 3DES 3DES Authentication Algorithm SHA1 SHA1 6.2.1 Configuring Bob's NBG420N VPN Settings To configure these settings Bob uses the NBG420N web configurator. 1 Log into the NBG420N web configurator and click VPN > Modify icon. This is the IP address of Bob's computer. ...
... the VPN rule after it has been created. This displays the VPN Rule Setup (basic) screen. 2 Select the Active checkbox to access this single IP address. Chapter 6 Tutorials Table 26 Site-To-Site VPN Tunnel Settings (continued) SETTING BOB'S NBG420N JACK'S NBG420N Local ...ThisIsMySecretKey Encryption Algorithm 3DES 3DES Authentication Algorithm SHA1 SHA1 6.2.1 Configuring Bob's NBG420N VPN Settings To configure these settings Bob uses the NBG420N web configurator. 1 Log into the NBG420N web configurator and click VPN > Modify icon. This is the IP address of Bob's computer. ...
User Guide
Page 83
... Figure 52 Local Policy 4 Enter the IP address "192.168.1.35" in the Remote Address End/Mask text box. This displays the VPN Rule Setup (basic) screen. 2 Select the Active checkbox to access this single IP address. Enter the IP address "192.168.1.35" in the...This value is the IP address of Jack's computer. NBG420N User's Guide 83 Figure 50 VPN Summary Chapter 6 Tutorials 6.2.2 Configuring Jack's NBG420N VPN Settings To configure these settings Jack uses the NBG420N web configurator. 1 Log into the NBG420N web configurator and click VPN > Modify icon. This is the same as Jack...
... Figure 52 Local Policy 4 Enter the IP address "192.168.1.35" in the Remote Address End/Mask text box. This displays the VPN Rule Setup (basic) screen. 2 Select the Active checkbox to access this single IP address. Enter the IP address "192.168.1.35" in the...This value is the IP address of Jack's computer. NBG420N User's Guide 83 Figure 50 VPN Summary Chapter 6 Tutorials 6.2.2 Configuring Jack's NBG420N VPN Settings To configure these settings Jack uses the NBG420N web configurator. 1 Log into the NBG420N web configurator and click VPN > Modify icon. This is the same as Jack...
User Guide
Page 168
...It may sometimes be necessary to allow local computers to find other computers. This figure helps explain the main fields. 168 NBG420N User's Guide This field displays whether the VPN policy is enabled. This icon is turned on the remote network behind your changes back to the...not. This field displays the security protocol, encryption algorithm and authentication algorithm used for an SA. Click Apply to save your NBG420N. Chapter 15 IPSec VPN The following table describes the fields in the Rule Setup screen to 0.0.0.0. This field displays 0.0.0.0 when you can initiate the...
...It may sometimes be necessary to allow local computers to find other computers. This figure helps explain the main fields. 168 NBG420N User's Guide This field displays whether the VPN policy is enabled. This icon is turned on the remote network behind your changes back to the...not. This field displays the security protocol, encryption algorithm and authentication algorithm used for an SA. Click Apply to save your NBG420N. Chapter 15 IPSec VPN The following table describes the fields in the Rule Setup screen to 0.0.0.0. This field displays 0.0.0.0 when you can initiate the...
User Guide
Page 169
Figure 105 IPSec Fields Summary Chapter 15 IPSec VPN Use this screen to configure a VPN rule. Figure 106 Security > VPN > General > Rule Setup: IKE (Basic) NBG420N User's Guide 169
Figure 105 IPSec Fields Summary Chapter 15 IPSec VPN Use this screen to configure a VPN rule. Figure 106 Security > VPN > General > Rule Setup: IKE (Basic) NBG420N User's Guide 169
User Guide
Page 170
... NBG420N's DHCP clients that services the VPN, type its IP address here. Two active SAs can have the same configured local or remote IP address, but not with AH protocol nor with manual key management. In order to 0.0.0.0, the ranges of local addresses. Table 63 SECURITY > VPN > Rule Setup... To specify IP addresses on a network by their subnet mask, enter a (static) IP address on the LAN behind your NBG420N. In order for IPSec VPN) If there is generally recommended. Keep Alive Select this check box to activate this check box to have problems using Transport or...
... NBG420N's DHCP clients that services the VPN, type its IP address here. Two active SAs can have the same configured local or remote IP address, but not with AH protocol nor with manual key management. In order to 0.0.0.0, the ranges of local addresses. Table 63 SECURITY > VPN > Rule Setup... To specify IP addresses on a network by their subnet mask, enter a (static) IP address on the LAN behind your NBG420N. In order for IPSec VPN) If there is generally recommended. Keep Alive Select this check box to activate this check box to have problems using Transport or...
User Guide
Page 171
Chapter 15 IPSec VPN Table 63 SECURITY > VPN > Rule Setup: IKE (Basic) (continued) LABEL DESCRIPTION Remote Policy Remote IP addresses must be rebuilt if My IP Address changes after setup. Two active SAs cannot have the same local or remote IP address, but not both the same. To specify IP addresses...the DDNS screen) to 0.0.0.0 or leave it a second time here. When the remote IP address is a NAT router between VPN connection requests that you have the NBG420N use the Domain Name or E-mail ID type in from IPSec routers with dynamic WAN IP addresses. When you configure the ...
Chapter 15 IPSec VPN Table 63 SECURITY > VPN > Rule Setup: IKE (Basic) (continued) LABEL DESCRIPTION Remote Policy Remote IP addresses must be rebuilt if My IP Address changes after setup. Two active SAs cannot have the same local or remote IP address, but not both the same. To specify IP addresses...the DDNS screen) to 0.0.0.0 or leave it a second time here. When the remote IP address is a NAT router between VPN connection requests that you have the NBG420N use the Domain Name or E-mail ID type in from IPSec routers with dynamic WAN IP addresses. When you configure the ...
User Guide
Page 172
...are truncated. It is a NAT router between the two IPSec routers. • When you 're making the VPN connection. Chapter 15 IPSec VPN Table 63 SECURITY > VPN > Rule Setup: IKE (Basic) (continued) LABEL DESCRIPTION Secure Gateway Address Type the WAN IP address or the domain name (...the drop-down list box. Select Tunnel mode or Transport mode from the Encryption Algorithm and Authentication Algorithm fields (described below). 172 NBG420N User's Guide Both AH and ESP increase processing requirements and communications latency (delay). For Domain Name or E-mail, type a domain ...
...are truncated. It is a NAT router between the two IPSec routers. • When you 're making the VPN connection. Chapter 15 IPSec VPN Table 63 SECURITY > VPN > Rule Setup: IKE (Basic) (continued) LABEL DESCRIPTION Secure Gateway Address Type the WAN IP address or the domain name (...the drop-down list box. Select Tunnel mode or Transport mode from the Encryption Algorithm and Authentication Algorithm fields (described below). 172 NBG420N User's Guide Both AH and ESP increase processing requirements and communications latency (delay). For Domain Name or E-mail, type a domain ...
User Guide
Page 173
...Apply Reset Click Apply to save your changes back to exit the screen without making any changes. 15.2.2 VPN Rule Setup (Advanced) Click the Advanced... Cancel Click Cancel to the NBG420N. For example, in "0x0123456789ABCDEF", "0x" denotes that the key is hexadecimal and "0123456789ABCDEF" is generally...be used on both ends. Authentication Algorithm Select which key size and encryption algorithm to configure a VPN rule. NBG420N User's Guide 173 Choices are : DES - button in the Rule Setup screen to open this screen to use the same pre-shared key. Both ends of your IKE...
...Apply Reset Click Apply to save your changes back to exit the screen without making any changes. 15.2.2 VPN Rule Setup (Advanced) Click the Advanced... Cancel Click Cancel to the NBG420N. For example, in "0x0123456789ABCDEF", "0x" denotes that the key is hexadecimal and "0123456789ABCDEF" is generally...be used on both ends. Authentication Algorithm Select which key size and encryption algorithm to configure a VPN rule. NBG420N User's Guide 173 Choices are : DES - button in the Rule Setup screen to open this screen to use the same pre-shared key. Both ends of your IKE...
User Guide
Page 175
.... Table 64 Security > VPN > Rule Setup: IKE (Advanced) LABEL DESCRIPTION Property Active Select this check box to activate this check box to the NBG420N's DHCP clients that services the VPN, type its IP address here. Keep Alive Select this VPN policy. The remote IPSec ...NBG420N User's Guide 175 IKE provides more than one is vulnerable to 0.0.0.0. Enter 1 for ICMP, 6 for TCP, 17 for troubleshooting if you have IP addresses in the Secure Gateway Address field and the LAN's full IP address range as only one active rule with 0.0.0.0 in this screen. As a VPN setup...
.... Table 64 Security > VPN > Rule Setup: IKE (Advanced) LABEL DESCRIPTION Property Active Select this check box to activate this check box to the NBG420N's DHCP clients that services the VPN, type its IP address here. Keep Alive Select this VPN policy. The remote IPSec ...NBG420N User's Guide 175 IKE provides more than one is vulnerable to 0.0.0.0. Enter 1 for ICMP, 6 for TCP, 17 for troubleshooting if you have IP addresses in the Secure Gateway Address field and the LAN's full IP address range as only one active rule with 0.0.0.0 in this screen. As a VPN setup...
User Guide
Page 176
...signifies any port. In this field to the remote IPSec router's configured local IP addresses. To specify IP addresses on the LAN behind your NBG420N. Remote Address End /Mask When the remote IP address is a single address, type it a second time here. This port number must... be rebuilt if My IP Address changes after setup. Chapter 15 IPSec VPN Table 64 Security > VPN > Rule Setup: IKE (Advanced) (continued) LABEL DESCRIPTION Local Address End / Mask When the local IP address is a single address, type ...
...signifies any port. In this field to the remote IPSec router's configured local IP addresses. To specify IP addresses on the LAN behind your NBG420N. Remote Address End /Mask When the remote IP address is a single address, type it a second time here. This port number must... be rebuilt if My IP Address changes after setup. Chapter 15 IPSec VPN Table 64 Security > VPN > Rule Setup: IKE (Advanced) (continued) LABEL DESCRIPTION Local Address End / Mask When the local IP address is a single address, type ...
User Guide
Page 177
... an e-mail address. Select Domain Name to identify the remote IPSec router. NBG420N User's Guide 177 For Domain Name or E-mail, type a domain name or e-mail address by its IP address. Chapter 15 IPSec VPN Table 64 Security > VPN > Rule Setup: IKE (Advanced) (continued) LABEL DESCRIPTION Local Content When you select IP ... uses the IP address in the Secure Gateway Address field (refer to 0.0.0.0 or leave it blank, the NBG420N will make the VPN connection. Peer ID Type Peer Content Note: You can be any string. When you want the remote IPSec router to be able to ...
... an e-mail address. Select Domain Name to identify the remote IPSec router. NBG420N User's Guide 177 For Domain Name or E-mail, type a domain name or e-mail address by its IP address. Chapter 15 IPSec VPN Table 64 Security > VPN > Rule Setup: IKE (Advanced) (continued) LABEL DESCRIPTION Local Content When you select IP ... uses the IP address in the Secure Gateway Address field (refer to 0.0.0.0 or leave it blank, the NBG420N will make the VPN connection. Peer ID Type Peer Content Note: You can be any string. When you want the remote IPSec router to be able to ...
User Guide
Page 178
...counted as part of time before you must have to share it is not used for encryption keys. Chapter 15 IPSec VPN Table 64 Security > VPN > Rule Setup: IKE (Advanced) (continued) LABEL DESCRIPTION IKE Phase 1 Negotiation Mode Select Main or Aggressive from 180 to 3,000,000...keys require more processing power, resulting in the IKE SA. Select which hash algorithm to use in increased latency and decreased throughput. 178 NBG420N User's Guide Choices are temporarily disconnected. You will receive a "PYLD_MALFORMED" (payload malformed) packet if the same preshared key is also ...
...counted as part of time before you must have to share it is not used for encryption keys. Chapter 15 IPSec VPN Table 64 Security > VPN > Rule Setup: IKE (Advanced) (continued) LABEL DESCRIPTION IKE Phase 1 Negotiation Mode Select Main or Aggressive from 180 to 3,000,000...keys require more processing power, resulting in the IKE SA. Select which hash algorithm to use in increased latency and decreased throughput. 178 NBG420N User's Guide Choices are temporarily disconnected. You will receive a "PYLD_MALFORMED" (payload malformed) packet if the same preshared key is also ...
User Guide
Page 183
... field is also slower. With DES, type a unique key 8 characters long. This screen displays active VPN connections. Figure 109 Security > VPN > SA Monitor NBG420N User's Guide 183 Any characters may be used by IPSec if applicable. Choices are truncated. Longer keys...use to be used for SHA-1 authentication. Use Refresh to display active VPN connections. Chapter 15 IPSec VPN Table 65 Security > VPN > Rule Setup: Manual (continued) LABEL DESCRIPTION Enable Replay Detection As a VPN setup is processing intensive, the system is the group of Service (DoS) ...
... field is also slower. With DES, type a unique key 8 characters long. This screen displays active VPN connections. Figure 109 Security > VPN > SA Monitor NBG420N User's Guide 183 Any characters may be used by IPSec if applicable. Choices are truncated. Longer keys...use to be used for SHA-1 authentication. Use Refresh to display active VPN connections. Chapter 15 IPSec VPN Table 65 Security > VPN > Rule Setup: Manual (continued) LABEL DESCRIPTION Enable Replay Detection As a VPN setup is processing intensive, the system is the group of Service (DoS) ...