User Guide
Page 49
...Trusted Device Use this screen to generate and export self-signed certificates or certification requests and import the ZyXEL Device's CAsigned certificates. Schedule Use this screen to update your ZyXEL Device. Service Use this screen to look at the current status of the services you subscribe to... to import self-signed certificates. Bandwidth MGMT Summary Use this screen to enable bandwidth management on your license key information and update the status of each VPN tunnel. VPN Global Setting Use this screen to allow NetBIOS traffic through VPN tunnels. Trusted Use...
...Trusted Device Use this screen to generate and export self-signed certificates or certification requests and import the ZyXEL Device's CAsigned certificates. Schedule Use this screen to update your ZyXEL Device. Service Use this screen to look at the current status of the services you subscribe to... to import self-signed certificates. Bandwidth MGMT Summary Use this screen to enable bandwidth management on your license key information and update the status of each VPN tunnel. VPN Global Setting Use this screen to allow NetBIOS traffic through VPN tunnels. Trusted Use...
User Guide
Page 53
.... Every Ethernet device has a unique MAC address. The MAC address is the index number of all network devices that are currently associated to update this screen. 2.4.4 Status: WLAN Status Click the WLAN Status hyperlink in this screen. P-662H/HW-D Series User's Guide 53 Figure 12 Status...view port status and packet specific statistics. MAC Address This field displays the MAC (Media Access Control) address of the computer with the ZyXEL Device. The Any IP table shows current readonly information (including the IP address and the MAC address) of the host computer. IP...
.... Every Ethernet device has a unique MAC address. The MAC address is the index number of all network devices that are currently associated to update this screen. 2.4.4 Status: WLAN Status Click the WLAN Status hyperlink in this screen. P-662H/HW-D Series User's Guide 53 Figure 12 Status...view port status and packet specific statistics. MAC Address This field displays the MAC (Media Access Control) address of the computer with the ZyXEL Device. The Any IP table shows current readonly information (including the IP address and the MAC address) of the host computer. IP...
User Guide
Page 105
...access the Internet via the ZyXEL Device. P-662H/HW-D Series User's Guide 105 Figure 54 Any IP Example The Any IP feature does not apply to a computer using either a dynamic IP address or a static IP address that , the ZyXEL Device periodically updates this information. WAN). Select... None to disable IP multicasting on the ZyXEL Device LAN and/or WAN interfaces in another network, you may need to manually configure the ...
...access the Internet via the ZyXEL Device. P-662H/HW-D Series User's Guide 105 Figure 54 Any IP Example The Any IP feature does not apply to a computer using either a dynamic IP address or a static IP address that , the ZyXEL Device periodically updates this information. WAN). Select... None to disable IP multicasting on the ZyXEL Device LAN and/or WAN interfaces in another network, you may need to manually configure the ...
User Guide
Page 106
...Series User's Guide After all the routing information is broadcast on the local area network. Once the ARP table is updated, the computer is able to access the Internet through the ZyXEL Device. 1 When a computer (which is in a different subnet) first attempts to access the Internet, it is ...in its ARP table. 2 When the computer cannot locate the default gateway, an ARP request is updated, the computer can properly forward packets ...
...Series User's Guide After all the routing information is broadcast on the local area network. Once the ARP table is updated, the computer is able to access the Internet through the ZyXEL Device. 1 When a computer (which is in a different subnet) first attempts to access the Internet, it is ...in its ARP table. 2 When the computer cannot locate the default gateway, an ARP request is updated, the computer can properly forward packets ...
User Guide
Page 121
... (including spaces and symbols). The wireless station needs to enter the username and password again before access to communicate with the ZyXEL Device even when the ZyXEL Device is using WPA2-PSK or WPA2. Setting of inactivity. Select the check box to have to resend usernames and passwords...: WPA(2)-PSK LABEL DESCRIPTION Security Mode Choose WPA-PSK or WPA2-PSK from the drop-down list box. Idle Timeout (In Seconds) Group Key Update Timer (In Seconds) Note: If wireless station authentication is 1800 seconds (30 minutes). Figure 65 Wireless: WPA(2)-PSK Chapter 7 Wireless LAN The ...
... (including spaces and symbols). The wireless station needs to enter the username and password again before access to communicate with the ZyXEL Device even when the ZyXEL Device is using WPA2-PSK or WPA2. Setting of inactivity. Select the check box to have to resend usernames and passwords...: WPA(2)-PSK LABEL DESCRIPTION Security Mode Choose WPA-PSK or WPA2-PSK from the drop-down list box. Idle Timeout (In Seconds) Group Key Update Timer (In Seconds) Note: If wireless station authentication is 1800 seconds (30 minutes). Figure 65 Wireless: WPA(2)-PSK Chapter 7 Wireless LAN The ...
User Guide
Page 123
... decimal notation. The default port number is 1800 seconds (30 minutes). Apply Click Apply to save your ZyXEL Device. Group Key Update Timer (In Seconds) The Group Key Update Timer is using WPA2-PSK or WPA2. The ZyXEL Device default is 1812. Shared Secret Enter a password (up to 31 alphanumeric characters) as the key...
... decimal notation. The default port number is 1800 seconds (30 minutes). Apply Click Apply to save your ZyXEL Device. Group Key Update Timer (In Seconds) The Group Key Update Timer is using WPA2-PSK or WPA2. The ZyXEL Device default is 1812. Shared Secret Enter a password (up to 31 alphanumeric characters) as the key...
User Guide
Page 164
... connection previously established with the "virtual connections" created for instance, TCP), or by the upper protocols (for UDP and ICMP). 10.5.3 TCP Security The ZyXEL Device uses state information embedded in a few special cases (see "Upper Layer Protocols" shown next), these are "initiation" packets. " The ability to ... after creating them to make sure they represent data that do not have this means that belong to the connection are inspected to update the state table entry and to permit only packets that are valid for the current state of any new connection has its SYN flag...
... connection previously established with the "virtual connections" created for instance, TCP), or by the upper protocols (for UDP and ICMP). 10.5.3 TCP Security The ZyXEL Device uses state information embedded in a few special cases (see "Upper Layer Protocols" shown next), these are "initiation" packets. " The ability to ... after creating them to make sure they represent data that do not have this means that belong to the connection are inspected to update the state table entry and to permit only packets that are valid for the current state of any new connection has its SYN flag...
User Guide
Page 212
...'t created an account at myZyXEL.com, select this option and enter account your user name and password in the fields below to register your ZyXEL Device. Check Click this button to check with myXEL.com and activate a service. P-662H/HW-D Series User's Guide Figure 123 Security >...not been used. Spaces are not allowed. Confirm Password Enter the password again for your ZyXEL Device with the myZyXEL.com database to 20 alphanumeric characters (and the underscore). Chapter 14 Register " To update or use a subscription service, you have an account at myZyXEL.com, select this ...
...'t created an account at myZyXEL.com, select this option and enter account your user name and password in the fields below to register your ZyXEL Device. Check Click this button to check with myXEL.com and activate a service. P-662H/HW-D Series User's Guide Figure 123 Security >...not been used. Spaces are not allowed. Confirm Password Enter the password again for your ZyXEL Device with the myZyXEL.com database to 20 alphanumeric characters (and the underscore). Chapter 14 Register " To update or use a subscription service, you have an account at myZyXEL.com, select this ...
User Guide
Page 213
...PIN number (license key). Service Activation You can buy an iCard and enter the license key in the Security > Registration > Service screen to update your service subscription status. 14.3 Service After you activate a trial, you can try trial service subscription. Click Security > Register > Service to... activate a trial. Use the Security > Register > Service screen to extend the service. " If you restore the ZyXEL Device to send your country from the drop-down box list. Content Access Control Select the check box to open the screen as shown ...
...PIN number (license key). Service Activation You can buy an iCard and enter the license key in the Security > Registration > Service screen to update your service subscription status. 14.3 Service After you activate a trial, you can try trial service subscription. Click Security > Register > Service to... activate a trial. Use the Security > Register > Service screen to extend the service. " If you restore the ZyXEL Device to send your country from the drop-down box list. Content Access Control Select the check box to open the screen as shown ...
User Guide
Page 214
...a service is activated (Active) or not (Inactive). Expiration Day This field displays the date your iCard's PIN number and click Update to activate or extend a standard service subscription. License Key Enter your service expires. Chapter 14 Register The following table describes the ...expiration day). If a standard service subscription runs out, you applied for a trial application (Trial) or registered a service with your ZyXEL Device) and enter the new PIN number to extend the service. Service License Refresh Click this screen. Registration Type This field displays whether...
...a service is activated (Active) or not (Inactive). Expiration Day This field displays the date your iCard's PIN number and click Update to activate or extend a standard service subscription. License Key Enter your service expires. Chapter 14 Register The following table describes the ...expiration day). If a standard service subscription runs out, you applied for a trial application (Trial) or registered a service with your ZyXEL Device) and enter the new PIN number to extend the service. Service License Refresh Click this screen. Registration Type This field displays whether...
User Guide
Page 223
This screen consists of a read-only menu of your IPSec rules (tunnels). The ZyXEL Device has to rebuild the VPN tunnel each time the remote secure gateway's WAN IP address changes (there may be a delay until the DDNS servers are updated with the remote gateway's new WAN IP address). 16.4.1 Dynamic Secure Gateway...
This screen consists of a read-only menu of your IPSec rules (tunnels). The ZyXEL Device has to rebuild the VPN tunnel each time the remote secure gateway's WAN IP address changes (there may be a delay until the DDNS servers are updated with the remote gateway's new WAN IP address). 16.4.1 Dynamic Secure Gateway...
User Guide
Page 237
... data. A short SA Life Time increases security by forcing the two VPN gateways to Diffie-Hellman Group 2 a 1024 bit (1Kb) random number. DH2 refers to update the encryption and authentication keys. Triple DES (3DES) is the key itself. As a result, 3DES is slower. It also requires more processing power, resulting in...
... data. A short SA Life Time increases security by forcing the two VPN gateways to Diffie-Hellman Group 2 a 1024 bit (1Kb) random number. DH2 refers to update the encryption and authentication keys. Triple DES (3DES) is the key itself. As a result, 3DES is slower. It also requires more processing power, resulting in...
User Guide
Page 238
... along with IKE key management. 16.14.1 Security Parameter Index (SPI) An SPI is transmitted from the drop-down list box. Current ZyXEL implementation assumes identical outgoing and incoming SPIs. 16.15 Configuring Manual Key You only configure VPN Manual Key when you have problems with a ... with the SPI to 3,000,000 seconds (almost 35 days). This is useful if you select Manual in this field. DH1 refers to update the encryption and authentication keys. A short SA Life Time increases security by default in phase 2 IPSec SA setup. Apply Click Apply to...
... along with IKE key management. 16.14.1 Security Parameter Index (SPI) An SPI is transmitted from the drop-down list box. Current ZyXEL implementation assumes identical outgoing and incoming SPIs. 16.15 Configuring Manual Key You only configure VPN Manual Key when you have problems with a ... with the SPI to 3,000,000 seconds (almost 35 days). This is useful if you select Manual in this field. DH1 refers to update the encryption and authentication keys. A short SA Life Time increases security by default in phase 2 IPSec SA setup. Apply Click Apply to...
User Guide
Page 287
This is for example, www.yourhost.dyndns.org and still reach your hostname. CHAPTER 20 Dynamic DNS Setup This chapter discusses how to configure your ZyXEL Device to use Dynamic DNS. First of all, you to change instead of your IP address. This feature is a name of using a domain name (for ... changes each time you a password or key. 20.1.1 DYNDNS Wildcard Enabling the wildcard feature for configuration instruction. 20.2 Configuring Dynamic DNS Use this screen to update your current dynamic IP address with www.dyndns.org. See Section 20.1 on page 287 for your...
This is for example, www.yourhost.dyndns.org and still reach your hostname. CHAPTER 20 Dynamic DNS Setup This chapter discusses how to configure your ZyXEL Device to use Dynamic DNS. First of all, you to change instead of your IP address. This feature is a name of using a domain name (for ... changes each time you a password or key. 20.1.1 DYNDNS Wildcard Enabling the wildcard feature for configuration instruction. 20.2 Configuring Dynamic DNS Use this screen to update your current dynamic IP address with www.dyndns.org. See Section 20.1 on page 287 for your...
User Guide
Page 288
...while you are registered for from your Dynamic DNS provider. Enable Wildcard Select the check box to a URL (that you . IP Address Update Policy Use WAN IP Address Select this check box to your Dynamic DNS service provider. DNS Service Provider This is selected in this screen.... Dynamic DNS Type Select the type of your ZyXEL Device by a comma (","). User Name Type your Dynamic DNS service provider to have traffic redirected to enable DynDNS Wildcard. Check with ...
...while you are registered for from your Dynamic DNS provider. Enable Wildcard Select the check box to a URL (that you . IP Address Update Policy Use WAN IP Address Select this check box to your Dynamic DNS service provider. DNS Service Provider This is selected in this screen.... Dynamic DNS Type Select the type of your ZyXEL Device by a comma (","). User Name Type your Dynamic DNS service provider to have traffic redirected to enable DynDNS Wildcard. Check with ...
User Guide
Page 301
This password is set up on your ZyXEL Device. Table 130 TR-069 Commands COMMAND OR ROOT SUBDIRECTO COMMAND RY wan tr069 load active [0:no/ 1:yes] acsUrl username... must be preceded by the CNM Access administrator. The duration in order for configuration updates. See Table 130 on the server and must change this value to reflect your ZyXEL Device. Save the TR-069 settings to your actual management server IP address or domain... for which the device MUST attempt to connect with CNM Access to send information and check for the ZyXEL Device to send information to CNM Access.
This password is set up on your ZyXEL Device. Table 130 TR-069 Commands COMMAND OR ROOT SUBDIRECTO COMMAND RY wan tr069 load active [0:no/ 1:yes] acsUrl username... must be preceded by the CNM Access administrator. The duration in order for configuration updates. See Table 130 on the server and must change this value to reflect your ZyXEL Device. Save the TR-069 settings to your actual management server IP address or domain... for which the device MUST attempt to connect with CNM Access to send information and check for the ZyXEL Device to send information to CNM Access.
User Guide
Page 320
...similar to 20 extended ASCII characters in this field and then click Apply. This field displays the last updated date from the time server or the last time configured manually. The ZyXEL Device requests time and date settings from the time server under the following table describes the fields in...Setup Time Zone Note: If you are unsure of the server. This field displays the last updated time from the time server or the last date configured manually. Select this page, the ZyXEL Device synchronizes the time with your ISP/network administrator or use trial and error to enter ...
...similar to 20 extended ASCII characters in this field and then click Apply. This field displays the last updated date from the time server or the last time configured manually. The ZyXEL Device requests time and date settings from the time server under the following table describes the fields in...Setup Time Zone Note: If you are unsure of the server. This field displays the last updated time from the time server or the last date configured manually. Select this page, the ZyXEL Device synchronizes the time with your ISP/network administrator or use trial and error to enter ...
User Guide
Page 440
...) is an example of when you configure the ip arp ackGratuitous forceUpdate command. • Use ip arp ackGratuitous forceUpdate on to have the ZyXEL Device update the MAC address in the network can send an ARP request to resolve its IP address. The other hosts on the forced...ARP table IP address to MAC address mappings with an incorrect IP address to MAC address mapping due to a spoofed ARP. After the ZyXEL Device receives a reply from updating its ARP table with this host's MAC address. For example, say the regular gateway goes down and the backup gateway (B) comes online...
...) is an example of when you configure the ip arp ackGratuitous forceUpdate command. • Use ip arp ackGratuitous forceUpdate on to have the ZyXEL Device update the MAC address in the network can send an ARP request to resolve its IP address. The other hosts on the forced...ARP table IP address to MAC address mappings with an incorrect IP address to MAC address mapping due to a spoofed ARP. After the ZyXEL Device receives a reply from updating its ARP table with this host's MAC address. For example, say the regular gateway goes down and the backup gateway (B) comes online...
User Guide
Page 441
... you turn on the force updates option is an existing entry. Figure 300 Backup Gateway Updating the ARP entries could increase the danger of spoofing attacks. This way the ZyXEL Device has a correct gateway ARP entry to force updates, the ZyXEL Device will not update the gateway ARP entry and... cannot forward packets through the backup gateway. If ackGratuitous is off because the ZyXEL Device updates the ARP table even when there is...
... you turn on the force updates option is an existing entry. Figure 300 Backup Gateway Updating the ARP entries could increase the danger of spoofing attacks. This way the ZyXEL Device has a correct gateway ARP entry to force updates, the ZyXEL Device will not update the gateway ARP entry and... cannot forward packets through the backup gateway. If ackGratuitous is off because the ZyXEL Device updates the ARP table even when there is...
User Guide
Page 457
... = 230400009 = 230400010 = Authentication Databases Key Management Protocol Dynamic WEP Key Exchange PSK = = WPA Mixed Mode Data Privacy for Broadcast/ Multicast packets = 0 WPA Broadcast/Multicast Key Update = 0 Timer Table 181 Menu 24.11 Remote Management Control / Menu 24.11 Remote Management Control FIN FN 241100001 = TELNET Server Port 241100002 = TELNET Server Access...
... = 230400009 = 230400010 = Authentication Databases Key Management Protocol Dynamic WEP Key Exchange PSK = = WPA Mixed Mode Data Privacy for Broadcast/ Multicast packets = 0 WPA Broadcast/Multicast Key Update = 0 Timer Table 181 Menu 24.11 Remote Management Control / Menu 24.11 Remote Management Control FIN FN 241100001 = TELNET Server Port 241100002 = TELNET Server Access...