User Guide
Page 35
P-660HW-T v2 User's Guide Media Bandwidth Management ZyXEL's Media Bandwidth Management allows you to use their existing network ...assignment from the actual real DHCP server to be more easily accessible from various locations on the network. Chapter 1 Getting To Know Your ZyXEL Device 35 The ZyXEL Device also includes PPPoE idle time-out (the PPPoE connection terminates... (NAT) Network Address Translation (NAT) allows the translation of bandwidth capacity (bandwidth budgets) to -Point Protocol over Ethernet) emulates a dial-up from having to obtain the TCP/IP configuration at start-up...
P-660HW-T v2 User's Guide Media Bandwidth Management ZyXEL's Media Bandwidth Management allows you to use their existing network ...assignment from the actual real DHCP server to be more easily accessible from various locations on the network. Chapter 1 Getting To Know Your ZyXEL Device 35 The ZyXEL Device also includes PPPoE idle time-out (the PPPoE connection terminates... (NAT) Network Address Translation (NAT) allows the translation of bandwidth capacity (bandwidth budgets) to -Point Protocol over Ethernet) emulates a dial-up from having to obtain the TCP/IP configuration at start-up...
User Guide
Page 37
...clear radio signal between the wireless stations and the access points. Wireless LAN MAC Address Filtering Your ZyXEL Device can lower the output power of each access point, thus enabling you to help keep network communications private. Antenna The ZyXEL Device is a high density of output power. ... fixed antenna to offer stronger encryption. In addition to your network resources. P-660HW-T v2 User's Guide Both WPA and WPA2 improve data encryption by Internet hackers. In addition, the ZyXEL Device with all incoming traffic from attacks by using Temporal Key Integrity Protocol ...
...clear radio signal between the wireless stations and the access points. Wireless LAN MAC Address Filtering Your ZyXEL Device can lower the output power of each access point, thus enabling you to help keep network communications private. Antenna The ZyXEL Device is a high density of output power. ... fixed antenna to offer stronger encryption. In addition to your network resources. P-660HW-T v2 User's Guide Both WPA and WPA2 improve data encryption by Internet hackers. In addition, the ZyXEL Device with all incoming traffic from attacks by using Temporal Key Integrity Protocol ...
User Guide
Page 75
P-660HW-T v2 User's Guide CHAPTER 5 WAN Setup This chapter describes how to configure WAN settings. 5.1 WAN Overview A WAN (Wide Area Network) is only implemented with the IP network protocol. The ZyXEL Device supports the following methods. 5.1.1.1 ENET ENCAP The MAC Encapsulated Routing Link Protocol (ENET.... PPPoE is the ability to use the encapsulation method required by your ISP. 5.1.1.2 PPP over Ethernet PPPoE (Point-to-Point Protocol over Ethernet) provides access control and billing functionality in a manner similar to easily create and offer new IP services for example RADIUS). ...
P-660HW-T v2 User's Guide CHAPTER 5 WAN Setup This chapter describes how to configure WAN settings. 5.1 WAN Overview A WAN (Wide Area Network) is only implemented with the IP network protocol. The ZyXEL Device supports the following methods. 5.1.1.1 ENET ENCAP The MAC Encapsulated Routing Link Protocol (ENET.... PPPoE is the ability to use the encapsulation method required by your ISP. 5.1.1.2 PPP over Ethernet PPPoE (Point-to-Point Protocol over Ethernet) provides access control and billing functionality in a manner similar to easily create and offer new IP services for example RADIUS). ...
User Guide
Page 76
... protocol identifying information being contained in each protocol is not practical to have access. 5.1.1.3 PPPoA PPPoA stands for Point to the RFC for each protocol is carrying. Please refer to Point Protocol over a separate ATM virtual circuit (VC-based multiplexing). VC-based...protocols over ATM Adaptation Layer 5 (AAL5). A PPPoA connection functions like a dial-up Internet connection. P-660HW-T v2 User's Guide By implementing PPPoE directly on the ZyXEL Device (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the...
... protocol identifying information being contained in each protocol is not practical to have access. 5.1.1.3 PPPoA PPPoA stands for Point to the RFC for each protocol is carrying. Please refer to Point Protocol over a separate ATM virtual circuit (VC-based multiplexing). VC-based...protocols over ATM Adaptation Layer 5 (AAL5). A PPPoA connection functions like a dial-up Internet connection. P-660HW-T v2 User's Guide By implementing PPPoE directly on the ZyXEL Device (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the...
User Guide
Page 93
...660HW-T v2 User's Guide CHAPTER 6 Wireless LAN This chapter discusses how to configure the wireless network settings in the same wireless network must use the same SSID. The wireless clients use different channels. Every wireless network must follow these basic guidelines. • Every wireless client in your ZyXEL... network, devices A and B are called wireless clients. Your ZyXEL Device is the part in the blue circle. See the appendices for Service Set IDentity. • If two wireless networks overlap, they should use the access point (AP) to send and receive information.
...660HW-T v2 User's Guide CHAPTER 6 Wireless LAN This chapter discusses how to configure the wireless network settings in the same wireless network must use the same SSID. The wireless clients use different channels. Every wireless network must follow these basic guidelines. • Every wireless client in your ZyXEL... network, devices A and B are called wireless clients. Your ZyXEL Device is the part in the blue circle. See the appendices for Service Set IDentity. • If two wireless networks overlap, they should use the access point (AP) to send and receive information.
User Guide
Page 97
...obtain the SSID through scanning using a site survey tool. Select this check box to the access point (AP) must then change the ZyXEL Device's SSID or WEP settings, you will lose your computer to reload the previous configuration... for this screen. Click Cancel to match the ZyXEL Device's new settings. You must have the same SSID. Select a channel from a computer connected ... General screen. See the rest of your particular region. P-660HW-T v2 User's Guide Click Network > Wireless LAN to activate wireless LAN.
...obtain the SSID through scanning using a site survey tool. Select this check box to the access point (AP) must then change the ZyXEL Device's SSID or WEP settings, you will lose your computer to reload the previous configuration... for this screen. Click Cancel to match the ZyXEL Device's new settings. You must have the same SSID. Select a channel from a computer connected ... General screen. See the rest of your particular region. P-660HW-T v2 User's Guide Click Network > Wireless LAN to activate wireless LAN.
User Guide
Page 98
... the data transmitted between the wireless clients and the access points to the ZyXEL Device. Select Static WEP from the drop-down list box. Click Apply to save your network is within range. Both the wireless clients and the access points must use the same WEP key. P-660HW-T v2 User's Guide 6.4.1 No Security Select No Security to...
... the data transmitted between the wireless clients and the access points to the ZyXEL Device. Select Static WEP from the drop-down list box. Click Apply to save your network is within range. Both the wireless clients and the access points must use the same WEP key. P-660HW-T v2 User's Guide 6.4.1 No Security Select No Security to...
User Guide
Page 105
... OTIST replaces the pre-configured wireless settings on the wireless clients. 6.5.1 Enabling OTIST You must have the same SSID and security settings as the access point (AP) or wireless router (we will refer to both as "AP" here) in the RESET button for three to the previous screen. Hold...of both the AP and wireless client before you to transfer your changes to encrypt the settings that support OTIST and are within transmission range. P-660HW-T v2 User's Guide Table 32 Wireless LAN: Advanced LABEL Max. Note: The AP and wireless client(s) MUST use the RESET button, the default ...
... OTIST replaces the pre-configured wireless settings on the wireless clients. 6.5.1 Enabling OTIST You must have the same SSID and security settings as the access point (AP) or wireless router (we will refer to both as "AP" here) in the RESET button for three to the previous screen. Hold...of both the AP and wireless client before you to transfer your changes to encrypt the settings that support OTIST and are within transmission range. P-660HW-T v2 User's Guide Table 32 Wireless LAN: Advanced LABEL Max. Note: The AP and wireless client(s) MUST use the RESET button, the default ...
User Guide
Page 144
... is part of the packet's connection. This temporary access list entry is designed to permit inbound packets of a certain type, such as demonstrates how stateful inspection works. P-660HW-T v2 User's Guide The previous figure shows the ZyXEL Device's default firewall rules in action as well as...state of the connection previously established with the outbound packet. User A can initiate a Telnet session from the WAN is inserted at this point). 3 The packet is inspected by a firewall rule, and the connection's state table entry is permitted (a denied packet would simply be...
... is part of the packet's connection. This temporary access list entry is designed to permit inbound packets of a certain type, such as demonstrates how stateful inspection works. P-660HW-T v2 User's Guide The previous figure shows the ZyXEL Device's default firewall rules in action as well as...state of the connection previously established with the outbound packet. User A can initiate a Telnet session from the WAN is inserted at this point). 3 The packet is inspected by a firewall rule, and the connection's state table entry is permitted (a denied packet would simply be...
User Guide
Page 146
... user on a case-by making sure the firewall is even more restrictive. At this point, the remote server will allow incoming address mask replies, and outgoing timestamp requests will open...Firewalls A determined hacker might be able to find creative ways to misuse the enabled services to access the firewall or the network. • For local services that are never allowed in a ...room. 9.6.1 Security In General You can never be too careful! P-660HW-T v2 User's Guide A similar situation exists for ICMP, except that the ZyXEL Device is active. • Keep the firewall in , since the...
... user on a case-by making sure the firewall is even more restrictive. At this point, the remote server will allow incoming address mask replies, and outgoing timestamp requests will open...Firewalls A determined hacker might be able to find creative ways to misuse the enabled services to access the firewall or the network. • For local services that are never allowed in a ...room. 9.6.1 Security In General You can never be too careful! P-660HW-T v2 User's Guide A similar situation exists for ICMP, except that the ZyXEL Device is active. • Keep the firewall in , since the...
User Guide
Page 150
...computers on the Internet will be affected? 4 What computers on the Internet? For example, "This restricts all users, will be affected? P-660HW-T v2 User's Guide Note: If you configure firewall rules without a good understanding of how they work by comparing the Source IP address, Destination IP...example, if traffic is blocked for all IRC access from the LAN to be more specific, the better. Your customized rules take precedence and override the ZyXEL Device's default rules. 10.3 Rule Logic Overview Note: Study these points carefully before configuring rules. 10.3.1 Rule Checklist ...
...computers on the Internet will be affected? 4 What computers on the Internet? For example, "This restricts all users, will be affected? P-660HW-T v2 User's Guide Note: If you configure firewall rules without a good understanding of how they work by comparing the Source IP address, Destination IP...example, if traffic is blocked for all IRC access from the LAN to be more specific, the better. Your customized rules take precedence and override the ZyXEL Device's default rules. 10.3 Rule Logic Overview Note: Study these points carefully before configuring rules. 10.3.1 Rule Checklist ...
User Guide
Page 164
...many different types of data over public networks. This is a protocol that sends out ICMP echo requests to access data on the Internet. Point-to -Point Tunneling Protocol enables secure transfer of database systems, including mainframes, midrange systems, UNIX systems and network servers.... Text Transfer Protocol - Structured Query Language is an interface to test whether or not a remote host is used in e-commerce. P-660HW-T v2 User's Guide Table 57 Predefined Services (continued) SERVICE DESCRIPTION H.323(TCP:1720) HTTP(TCP:80) HTTPS ICQ(UDP:4000) IPSEC_TRANSPORT/...
...many different types of data over public networks. This is a protocol that sends out ICMP echo requests to access data on the Internet. Point-to -Point Tunneling Protocol enables secure transfer of database systems, including mainframes, midrange systems, UNIX systems and network servers.... Text Transfer Protocol - Structured Query Language is an interface to test whether or not a remote host is used in e-commerce. P-660HW-T v2 User's Guide Table 57 Predefined Services (continued) SERVICE DESCRIPTION H.323(TCP:1720) HTTP(TCP:80) HTTPS ICQ(UDP:4000) IPSEC_TRANSPORT/...
User Guide
Page 321
...A Basic Service Set (BSS) exists when all communications between wireless clients or between a wireless client and a wired network client go through one access point (AP). The following diagram shows an example of notebook computers using wireless adapters to as an Ad-hoc network or Independent Basic Service Set (IBSS... referred to form an Ad-hoc wireless LAN. When Intra-BSS is disabled, wireless client A and B can set of each other . P-660HW-T v2 User's Guide APPENDIX K Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies.
...A Basic Service Set (BSS) exists when all communications between wireless clients or between a wireless client and a wired network client go through one access point (AP). The following diagram shows an example of notebook computers using wireless adapters to as an Ad-hoc network or Independent Basic Service Set (IBSS... referred to form an Ad-hoc wireless LAN. When Intra-BSS is disabled, wireless client A and B can set of each other . P-660HW-T v2 User's Guide APPENDIX K Wireless LANs Wireless LAN Topologies This section discusses ad-hoc and infrastructure wireless LAN topologies.
User Guide
Page 322
...uniquely identifies each access point connected together by a wired network. All access points and their associated wireless clients within the same ESS must have the same ESSID in the immediate neighborhood. This wired connection between APs is called a Distribution System (DS). P-660HW-T v2 User's Guide ...Figure 183 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of wireless LAN topology is called an Infrastructure WLAN. The Access Points not only provide communication with each ESS.
...uniquely identifies each access point connected together by a wired network. All access points and their associated wireless clients within the same ESS must have the same ESSID in the immediate neighborhood. This wired connection between APs is called a Distribution System (DS). P-660HW-T v2 User's Guide ...Figure 183 Basic Service Set ESS An Extended Service Set (ESS) consists of a series of wireless LAN topology is called an Infrastructure WLAN. The Access Points not only provide communication with each ESS.
User Guide
Page 323
... are considered hidden from a channel that is they are not within range of the same access point, but out-of-range of each other . Figure 184 Infrastructure WLAN P-660HW-T v2 User's Guide Channel IEEE802.11a/b/g wireless devices operate in the 2.4GHz radio band. To ...avoid interference due to reduce interference. Interference occurs when radio signals from an adjacent AP (access point) to overlap, your geographical area. ...
... are considered hidden from a channel that is they are not within range of the same access point, but out-of-range of each other . Figure 184 Infrastructure WLAN P-660HW-T v2 User's Guide Channel IEEE802.11a/b/g wireless devices operate in the 2.4GHz radio band. To ...avoid interference due to reduce interference. Interference occurs when radio signals from an adjacent AP (access point) to overlap, your geographical area. ...
User Guide
Page 325
P-660HW-T v2 User's Guide A large Fragmentation Threshold is recommended for networks not prone to interference while you should set then the RTS (Request To Send)/CTS (Clear ... the same preamble mode in order to provide more time for busy networks or networks that data is fully compatible with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range. IEEE 802.11g has several intermediate rate steps between the maximum and minimum data...
P-660HW-T v2 User's Guide A large Fragmentation Threshold is recommended for networks not prone to interference while you should set then the RTS (Request To Send)/CTS (Clear ... the same preamble mode in order to provide more time for busy networks or networks that data is fully compatible with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range. IEEE 802.11g has several intermediate rate steps between the maximum and minimum data...
User Guide
Page 326
... users once they are data encryption, wireless client authentication, restricting access by device MAC address and hiding the ZyXEL Device identity. RADIUS is a simple package exchange in which your AP acts as a message relay between wireless clients, access points and the wired network. P-660HW-T v2 User's Guide Wireless Security Overview Wireless security is vital to your...
... users once they are data encryption, wireless client authentication, restricting access by device MAC address and hiding the ZyXEL Device identity. RADIUS is a simple package exchange in which your AP acts as a message relay between wireless clients, access points and the wired network. P-660HW-T v2 User's Guide Wireless Security Overview Wireless security is vital to your...
User Guide
Page 327
... key, which is not sent over the network. The access point sends a proper response from unauthorized access. Types of Authentication This section discusses some popular authentication types: EAP-MD5, EAP-TLS, EAPTTLS, PEAP and LEAP. P-660HW-T v2 User's Guide Types of RADIUS Messages The following types of... RADIUS messages are exchanged between the access point and the RADIUS server for more information in order to indicate that it has ...
... key, which is not sent over the network. The access point sends a proper response from unauthorized access. Types of Authentication This section discusses some popular authentication types: EAP-MD5, EAP-TLS, EAPTTLS, PEAP and LEAP. P-660HW-T v2 User's Guide Types of RADIUS Messages The following types of... RADIUS messages are exchanged between the access point and the RADIUS server for more information in order to indicate that it has ...
User Guide
Page 329
...encryption. You may still configure and store keys here, but for public deployment, a simple user name and password pair is generated each access point, wireless gateway and wireless client. Table 148 Comparison of the IEEE 802.11i standard. If this feature is enabled, it is not necessary...Wireless screen. As long as the passwords match, a wireless client will not be granted access to configure a default encryption key in corporate environments, but they will be used with the RADIUS server. P-660HW-T v2 User's Guide Dynamic WEP Key Exchange The AP maps a unique key that is a ...
...encryption. You may still configure and store keys here, but for public deployment, a simple user name and password pair is generated each access point, wireless gateway and wireless client. Table 148 Comparison of the IEEE 802.11i standard. If this feature is enabled, it is not necessary...Wireless screen. As long as the passwords match, a wireless client will not be granted access to configure a default encryption key in corporate environments, but they will be used with the RADIUS server. P-660HW-T v2 User's Guide Dynamic WEP Key Exchange The AP maps a unique key that is a ...
User Guide
Page 345
Numerics 4-port switch 31, 36 A AAL5 76 access point see AP address assignment 113 Address Resolution Protocol see ARP ad-hoc 321 ADSL 35, 261 standards 33 ADSL 2+ 33 ADSL line reinitialize 252 ADSL ... 116 Any IP Setup 118 AP 93, 323 application-level firewalls 138 applications Internet access 37 ARP 116 asymmetrical 261 ATM Adaptation Layer 5 see AAL5 ATM loopback test 252 attack alert 168 attack types 142 attacks 225 Index P-660HW-T v2 User's Guide Index auto-negotiating 258 auxiliary gateway 34 B backup 247 backup gateway...
Numerics 4-port switch 31, 36 A AAL5 76 access point see AP address assignment 113 Address Resolution Protocol see ARP ad-hoc 321 ADSL 35, 261 standards 33 ADSL 2+ 33 ADSL line reinitialize 252 ADSL ... 116 Any IP Setup 118 AP 93, 323 application-level firewalls 138 applications Internet access 37 ARP 116 asymmetrical 261 ATM Adaptation Layer 5 see AAL5 ATM loopback test 252 attack alert 168 attack types 142 attacks 225 Index P-660HW-T v2 User's Guide Index auto-negotiating 258 auxiliary gateway 34 B backup 247 backup gateway...