all | frequencies |
|
|
|
exhibits | applications |
---|---|---|---|---|---|---|
manuals |
app s | submitted / available | |||||||
---|---|---|---|---|---|---|---|---|
1 |
|
Manual 1 | Users Manual | 3.13 MiB | ||||
1 |
|
Manual 2 | Users Manual | 2.79 MiB | ||||
1 |
|
Manual 3 | Users Manual | 2.75 MiB | ||||
1 | Attestation Statements | |||||||
1 | Cover Letter(s) | |||||||
1 | Cover Letter(s) | |||||||
1 | External Photos | |||||||
1 | Internal Photos | |||||||
1 | ID Label/Location Info | |||||||
1 | ID Label/Location Info | |||||||
1 | Operational Description | |||||||
1 | RF Exposure Info | |||||||
1 | Test Report | |||||||
1 | Test Setup Photos |
1 | Manual 1 | Users Manual | 3.13 MiB |
MAX-207HW2 WiMAX MIMO Indoor Simple CPE (2.5 GHz) WiMAX 802.16e 2.5GHz Default Login Details IP Address Admin Name and Password User Name and Password http://192.168.1.1
@dmin 284wj/6 User user www.zyxel.com Firmware Version 1.0 Edition 1, 6/2009 www.zyxel.com Copyright 2009 ZyXEL Communications Corporation About This User's Guide About This User's Guide Intended Audience This manual is intended for people who want to configure the ZyXEL WiMAX Modem using the web configurator. You should have at least a basic knowledge of TCP/IP networking concepts and topology. Related Documentation Quick Start Guide The Quick Start Guide is designed to help you get up and running right away. It contains information on setting up your network and configuring for Internet access. Web Configurator Online Help Embedded web help for descriptions of individual screens and supplementary information. Command Reference Guide The Command Reference Guide explains how to use the Command-Line Interface (CLI) and CLI commands to configure the WiMAX Modem. Note: It is recommended you use the web configurator to configure the WiMAX Modem. Support Disc Refer to the included CD for support documents. ZyXEL Web Site Please refer to www.zyxel.com for additional support documentation and product certifications. Documentation Feedback Send your comments, questions or suggestions to: techwriters@zyxel.com.tw Thank you!
The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 30099, Taiwan. Users Guide 3 About This User's Guide Need More Help?
More help is available at www.zyxel.com. Download Library Search for the latest product updates and documentation from this link. Read the Tech Doc Overview to find out how to efficiently use the User Guide, Quick Start Guide and Command Line Interface Reference Guide in order to better understand how to use your product. Knowledge Base If you have a specific question about your product, the answer may be here. This is a collection of answers to previously asked questions about ZyXEL products. Forum This contains discussions on ZyXEL products. Learn from others who use ZyXEL products and share your experiences as well. Customer Support Should problems arise that cannot be solved by the methods listed above, you should contact your vendor. If you cannot contact your vendor, then contact a ZyXEL office for the region in which you bought the device. See http://www.zyxel.com/web/contact_us.php for contact information. Please have the following information ready when you contact an office. Product model and serial number. Warranty Information. Date that you received your device. Brief description of the problem and the steps you took to solve it. 4 Users Guide Document Conventions Document Conventions Warnings and Notes These are how warnings and notes are shown in this Users Guide. Warnings tell you about things that could harm you or your WiMAX Modem. Note: Notes tell you other important information (for example, other things you may need to configure or helpful tips) or recommendations. Syntax Conventions The MAX-207HW2 may be referred to as the WiMAX Modem, the device, the system or the product in this Users Guide. Product labels, screen names, field labels and field choices are all in bold font. A key stroke is denoted by square brackets and uppercase text, for example,
[ENTER] means the enter or return key on your keyboard. Enter means for you to type one or more characters and then press the
[ENTER] key. Select or choose means for you to use one of the predefined choices. A right angle bracket ( > ) within a screen name denotes a mouse click. For example, TOOLS > Logs > Log Settings means you first click Tools in the navigation panel, then the Logs sub menu and finally the Log Settings tab to get to that screen. Units of measurement may denote the metric value or the scientific value. For example, k for kilo may denote 1000 or 1024, M for mega may denote 1000000 or 1048576 and so on. e.g., is a shorthand for for instance, and i.e., means that is or in other words. Users Guide 5 Document Conventions Icons Used in Figures Figures in this Users Guide may use the following generic icons. The WiMAX Modem icon is not an exact representation of your WiMAX Modem.\
Table 1 Common Icons WiMAX Device WiMAX Access Point Computer Notebook Server WiMAX Base Station Telephone Switch Router Internet Cloud Internet/WiMAX Cloud Wireless Signal 6 Users Guide Safety Warnings Safety Warnings Do NOT use this product near water, for example, in a wet basement or near a swimming pool. Do NOT expose your device to dampness, dust or corrosive liquids. Do NOT store things on the device. Do NOT install, use, or service this device during a thunderstorm. There is a remote risk of electric shock from lightning. Connect ONLY suitable accessories to the device. Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks. ONLY qualified service personnel should service or disassemble this device. Please contact your vendor for further information. Make sure to connect the cables to the correct ports. Place connecting cables carefully so that no one will step on them or stumble over them. Always disconnect all cables from this device before servicing or disassembling. Use ONLY an appropriate power adaptor or cord for your device. Connect it to the right supply voltage (for example, 110V AC in North America or 230V AC in Europe). Do NOT remove the plug and connect it to a power outlet by itself; always attach the plug to the power adaptor first before connecting it to a power outlet. Do NOT allow anything to rest on the power adaptor or cord and do NOT place the product where anyone can walk on the power adaptor or cord. Do NOT use the device if the power adaptor or cord is damaged as it might cause electrocution. If the power adaptor or cord is damaged, remove it from the device and the power source. Do NOT attempt to repair the power adaptor or cord. Contact your local vendor to order a new one.Do not use the device outside, and make sure all the connections are indoors. There is a remote risk of electric shock from lightning. Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your device.Use only No. 26 AWG (American Wire Gauge) or larger telecommunication line cord. Antenna Warning! This device meets ETSI and FCC certification requirements when using the included antenna(s). Only use the included antenna(s). If you wall mount your device, make sure that no electrical lines, gas or water pipes will be damaged. Make sure that the cable system is grounded so as to provide some protection against voltage surges. Your product is marked with this symbol, which is known as the WEEE mark. WEEE stands for Waste Electronics and Electrical Equipment. It means that used electrical and electronic products should not be mixed with general waste. Used electrical and electronic equipment should be treated separately. Users Guide 7 Safety Warnings 8 Users Guide Contents Overview Contents Overview Introduction and Wizards ......................................................................................................17 Getting Started ........................................................................................................................... 19 Introducing the Web Configurator .............................................................................................. 23 Basic Screens ........................................................................................................................29 The Setup Screens .................................................................................................................... 31 Advanced Screens .................................................................................................................39 The Status Screen ..................................................................................................................... 41 The LAN Configuration Screens ................................................................................................ 45 The WIFI Configuration Screen ................................................................................................. 59 The WAN Configuration Screens ............................................................................................... 77 The NAT Configuration Screens ................................................................................................ 89 The System Configuration Screens ........................................................................................... 99 Voice Screens .......................................................................................................................107 The Service Configuration Screens ......................................................................................... 109 The Phone Screens ................................................................................................................. 127 The Phone Book Screens ........................................................................................................ 137 Tools & Status Screens .......................................................................................................143 The Certificates Screens ......................................................................................................... 145 The Remote Management Screens ......................................................................................... 149 The Password Setup Screen ................................................................................................... 161 The Status Screen ................................................................................................................... 163 Troubleshooting and Specifications ..................................................................................167 Troubleshooting ....................................................................................................................... 169 Product Specifications ............................................................................................................. 177 Appendices and Index .........................................................................................................185 Users Guide 9 Contents Overview 10 Users Guide Table of Contents Table of Contents About This User's Guide ..........................................................................................................3 Document Conventions............................................................................................................5 Safety Warnings........................................................................................................................7 Contents Overview ...................................................................................................................9 Table of Contents....................................................................................................................11 Part I: Introduction and Wizards........................................................... 17 Chapter 1 Getting Started ........................................................................................................................19 1.1 About Your WiMAX Modem ................................................................................................. 19 1.1.1 WiMAX Internet Access ............................................................................................. 19 1.1.2 Make Calls via Internet Telephony Service Provider .................................................. 20 1.2 WiMAX Modem Hardware ................................................................................................... 21 1.2.1 LEDs .......................................................................................................................... 21 1.3 Good Habits for Managing the WiMAX Modem ................................................................... 22 Chapter 2 Introducing the Web Configurator ........................................................................................23 2.1 Overview .............................................................................................................................. 23 2.1.1 Accessing the Web Configurator ................................................................................ 23 2.1.2 The Reset Button ....................................................................................................... 24 2.2 The Main Screen ................................................................................................................. 25 Part II: Basic Screens ............................................................................ 29 Chapter 3 The Setup Screens..................................................................................................................31 3.1 Overview .............................................................................................................................. 31 3.1.1 What You Can Do in This Chapter ............................................................................. 31 3.1.2 What You Need to Know ............................................................................................ 31 3.1.3 Before You Begin ....................................................................................................... 32 3.2 Set IP Address (LAN ) ................................................................................................. 32 Users Guide 11 Table of Contents 3.3 DHCP Client (DHCP ) .............................................................................................. 33 3.4 Time Setting ( ) ..................................................................................................... 35 3.4.1 Pre-Defined NTP Time Servers List ........................................................................... 36 3.4.2 Resetting the Time ..................................................................................................... 37 Part III: Advanced Screens.................................................................... 39 Chapter 4 The Status Screen...................................................................................................................41 4.1 Overview .............................................................................................................................. 41 4.2 Status ( ) Screen .......................................................................................................... 41 Chapter 5 The LAN Configuration Screens............................................................................................45 5.1 Overview .............................................................................................................................. 45 5.1.1 What You Can Do in This Chapter ............................................................................. 45 5.1.2 What You Need to Know ............................................................................................ 45 5.2 DHCP Setup ........................................................................................................................ 46 5.3 Static DHCP ......................................................................................................................... 47 5.4 IP Alias ................................................................................................................................ 49 5.5 IP Static Route ..................................................................................................................... 51 5.5.1 IP Static Route Setup ................................................................................................. 52 5.6 Other Settings ...................................................................................................................... 53 5.7 Technical Reference ............................................................................................................ 54 5.7.1 IP Address and Subnet Mask ..................................................................................... 54 5.7.2 DHCP Setup ............................................................................................................... 55 5.7.3 LAN TCP/IP ................................................................................................................ 55 5.7.4 DNS Server Address .................................................................................................. 55 5.7.5 RIP Setup ................................................................................................................... 56 5.7.6 Multicast ..................................................................................................................... 57 Chapter 6 The WIFI Configuration Screen .............................................................................................59 6.1 Overview .............................................................................................................................. 59 6.1.1 What You Can Do in the WIFI Screens ...................................................................... 59 6.1.2 What You Need to Know About WIFI ......................................................................... 60 6.1.3 Before You Start ......................................................................................................... 63 6.2 General Screen .................................................................................................................. 63 6.2.1 No Security ................................................................................................................. 65 6.2.2 WEP Encryption ......................................................................................................... 66 6.2.3 WPA(2)-PSK .............................................................................................................. 66 12 Users Guide Table of Contents 6.2.4 Wireless LAN Advanced Setup ................................................................................. 68 6.3 MAC Filter ....................................................................................................................... 69 6.4 Wireless LAN Technical Reference ..................................................................................... 70 6.4.1 Additional Wireless Terms .......................................................................................... 71 6.4.2 Wireless Security Overview ....................................................................................... 71 6.4.3 MBSSID ..................................................................................................................... 73 6.4.4 Wireless Distribution System (WDS) .......................................................................... 74 6.4.5 WiFi Protected Setup ................................................................................................. 74 Chapter 7 The WAN Configuration Screens...........................................................................................77 7.1 Overview .............................................................................................................................. 77 7.1.1 What You Can Do in This Chapter ............................................................................. 77 7.1.2 What You Need to Know ............................................................................................ 77 7.2 Internet Connection ............................................................................................................. 79 7.3 WiMAX Configuration .......................................................................................................... 82 7.3.1 Frequency Ranges ..................................................................................................... 85 7.3.2 Configuring Frequency Settings ................................................................................. 85 7.3.3 Using the WiMAX Frequency Screen ......................................................................... 86 Chapter 8 The NAT Configuration Screens............................................................................................89 8.1 Overview .............................................................................................................................. 89 8.1.1 What You Can Do in This Chapter ............................................................................. 89 8.2 General ................................................................................................................................ 90 8.3 Port Forwarding .................................................................................................................. 91 8.3.1 Port Forwarding Options ............................................................................................ 91 8.3.2 Port Forwarding Rule Setup ....................................................................................... 93 8.4 Trigger Port .......................................................................................................................... 94 8.4.1 Trigger Port Forwarding Example .............................................................................. 96 Chapter 9 The System Configuration Screens ......................................................................................99 9.1 Overview .............................................................................................................................. 99 9.1.1 What You Can Do in This Chapter ............................................................................. 99 9.1.2 What You Need to Know ............................................................................................ 99 9.2 Dynamic DNS .................................................................................................................... 100 9.3 Firmware ............................................................................................................................ 102 9.3.1 The Firmware Upload Process ................................................................................. 103 9.4 Configuration ..................................................................................................................... 104 9.4.1 The Restore Configuration Process ......................................................................... 105 9.5 Restart ............................................................................................................................... 105 9.5.1 The Restart Process ................................................................................................ 106 Users Guide 13 Table of Contents Part IV: Voice Screens ......................................................................... 107 Chapter 10 The Service Configuration Screens ....................................................................................109 10.1 Overview .......................................................................................................................... 109 10.1.1 What You Can Do in This Chapter ......................................................................... 109 10.1.2 What You Need to Know ........................................................................................ 109 10.1.3 Before you Begin .....................................................................................................111 10.2 SIP Settings ......................................................................................................................111 10.2.1 Advanced SIP Settings ...........................................................................................112 10.3 QoS ..................................................................................................................................119 10.4 Technical Reference ........................................................................................................ 121 10.4.1 SIP Call Progression .............................................................................................. 121 10.4.2 SIP Client Server .................................................................................................... 122 10.4.3 SIP User Agent ...................................................................................................... 122 10.4.4 SIP Proxy Server .................................................................................................... 122 10.4.5 SIP Redirect Server ............................................................................................... 123 10.4.6 NAT and SIP .......................................................................................................... 124 10.4.7 DiffServ .................................................................................................................. 124 10.4.8 DSCP and Per-Hop Behavior ................................................................................. 125 Chapter 11 The Phone Screens...............................................................................................................127 11.1 Overview .......................................................................................................................... 127 11.1.1 What You Can Do in This Chapter ......................................................................... 127 11.1.2 What You Need to Know ........................................................................................ 127 11.2 Analog Phone .................................................................................................................. 128 11.2.1 Advanced Analog Phone Setup ............................................................................. 129 11.3 Common .......................................................................................................................... 130 11.4 Region .............................................................................................................................. 131 11.5 Technical Reference ........................................................................................................ 132 11.5.1 The Flash Key ........................................................................................................ 132 11.5.2 Europe Type Supplementary Phone Services ........................................................ 133 11.5.3 USA Type Supplementary Services ....................................................................... 134 Chapter 12 The Phone Book Screens.....................................................................................................137 12.1 Overview .......................................................................................................................... 137 12.1.1 What You Can Do in This Chapter ......................................................................... 137 12.1.2 What You Need to Know ........................................................................................ 137 12.2 Incoming Call Policy ........................................................................................................ 138 12.3 Speed Dial ....................................................................................................................... 140 12.3.1 Speed Dial Setup ................................................................................................... 141 14 Users Guide Table of Contents Part V: Tools & Status Screens........................................................... 143 Chapter 13 The Certificates Screens......................................................................................................145 13.1 Overview .......................................................................................................................... 145 13.1.1 What You Can Do in This Chapter ......................................................................... 145 13.1.2 What You Need to Know ........................................................................................ 145 13.2 My Certificates ................................................................................................................. 146 13.3 Trusted CAs ..................................................................................................................... 146 Chapter 14 The Remote Management Screens .....................................................................................149 14.1 Overview .......................................................................................................................... 149 14.1.1 What You Can Do in This Chapter ......................................................................... 149 14.1.2 What You Need to Know ........................................................................................ 150 14.2 WWW .............................................................................................................................. 151 14.3 Telnet ............................................................................................................................... 152 14.4 FTP .................................................................................................................................. 153 14.5 SNMP .............................................................................................................................. 154 14.5.1 SNMP Traps ........................................................................................................... 155 14.5.2 SNMP Options ....................................................................................................... 156 14.6 DNS ................................................................................................................................. 157 14.7 Security ............................................................................................................................ 158 Chapter 15 The Password Setup Screen................................................................................................161 15.1 Overview .......................................................................................................................... 161 15.2 Password Setup .............................................................................................................. 161 Chapter 16 The Status Screen.................................................................................................................163 16.1 Overview .......................................................................................................................... 163 16.2 Status Screen .................................................................................................................. 163 Part VI: Troubleshooting and Specifications .................................... 167 Chapter 17 Troubleshooting....................................................................................................................169 17.1 Power, Hardware Connections, and LEDs ...................................................................... 169 17.2 WiMAX Modem Access and Login .................................................................................. 170 17.3 Internet Access ................................................................................................................ 172 Users Guide 15 Table of Contents 17.4 Phone Calls and VoIP ...................................................................................................... 174 17.5 Reset the WiMAX Modem to Its Factory Defaults ........................................................... 175 17.5.1 Pop-up Windows, JavaScripts and Java Permissions ........................................... 175 Chapter 18 Product Specifications .........................................................................................................177 Part VII: Appendices and Index .......................................................... 185 Appendix A WiMAX Security ................................................................................................187 Appendix B Setting Up Your Computers IP Address...........................................................191 Appendix C Pop-up Windows, JavaScripts and Java Permissions......................................219 Appendix D IP Addresses and Subnetting ...........................................................................229 Appendix E Importing Certificates ........................................................................................241 Appendix F SIP Passthrough ...............................................................................................273 Appendix G Common Services ............................................................................................275 Appendix H Legal Information ..............................................................................................279 Index.......................................................................................................................................283 16 Users Guide Introduction and PART I Wizards Getting Started (19) Introducing the Web Configurator (23) 17 18 CHAPTER 1 Getting Started 1.1 About Your WiMAX Modem The WiMAX Modem has a built-in switch and one phone port. It allows you to access the Internet by connecting to a WiMAX wireless network. You can use a traditional analog telephone to make Internet calls using the WiMAX Modems Voice over IP (VoIP) communication capabilities. You can configure firewall and content filtering as well as a host of other features. The web browser-based Graphical User Interface (GUI), also known as the web configurator, provides easy management. See Chapter 18 on page 177 for a complete list of features for your model. 1.1.1 WiMAX Internet Access Connect your computer or network to the WiMAX Modem for WiMAX Internet access. See the Quick Start Guide for instructions on hardware connection. In a wireless metropolitan area network (MAN), the WiMAX Modem connects to a WiMAX base station (BS) for Internet access. The following diagram shows a notebook computer equipped with the WiMAX Modem connecting to the Internet through a WiMAX base station (marked BS). Figure 1 Mobile Station and Base Station When the firewall is on, all incoming traffic from the Internet to your network is blocked unless it is initiated from your network. Users Guide 19 Chapter 1 Getting Started Use content filtering to block access to web sites with URLs containing keywords that you specify. You can define time periods and days during which content filtering is enabled and include or exclude particular computers on your network from content filtering. For example, you could block access to certain web sites for the kids. 1.1.2 Make Calls via Internet Telephony Service Provider In a home or small office environment, you can use the WiMAX Modem to make and receive the following types of VoIP telephone calls:
Peer-to-Peer calls - Use the WiMAX Modem to make a call directly to the recipients IP address without using a SIP proxy server. Figure 2 WiMAX Modems VoIP Features - Peer-to-Peer Calls Calls via a VoIP service provider - The WiMAX Modem sends your call to a VoIP service providers SIP server which forwards your calls to either VoIP or PSTN phones. Figure 3 WiMAX Modems VoIP Features - Calls via VoIP Service Provider 20 Users Guide 1.2 WiMAX Modem Hardware Follow the instructions in the Quick Start Guide to make hardware connections. Chapter 1 Getting Started 1.2.1 LEDs The following figure shows the LEDs (lights) on the WiMAX Modem. Figure 4 The WiMAX Modems LEDs POWER LED WIMAX LINK SIGNAL STRENGTH INDICATORS VOICE LEDS 1 & 2 WLAN LED The following table describes your WiMAX Modems LEDs (from right to left). Table 2 The WiMAX Modem LED Power STATE Off Red Green WiMAN Link Off Green Green (Blinking Slowly) Green (Blinking Quickly) DESCRIPTION The WiMAX Modem is not receiving power. The WiMAX Modem is receiving power but has been unable to start up correctly or is not receiving enough power. See the Troubleshooting section for more information. The WiMAX Modem is receiving power and functioning correctly. The WiMAX Modem is not connected to a wireless
(WiMAX) network. The WiMAX Modem is successfully connected to a wireless (WiMAX) network. The WiMAX Modem is searching for a wireless
(WiMAX) network. The WiMAX Modem has found a wireless (WiMAX) network and is connecting. Users Guide 21 Chapter 1 Getting Started Table 2 The WiMAX Modem LED Signal Strength Indicator DESCRIPTION STATE The Strength Indicator LEDs display the Interference-plus-Noise Ratio
(CINR) of the wireless (WiMAX) connection. Signal 1 On Signal 2 On Signal 3 On Voice Off Green Green (Blinking) Yellow Yellow (Blinking) Off Green Blinking Green WLAN The signal strength is in the range between 5 and 15. The signal strength is in the range between 16 and 24. The signal strength is greater than or equal to 25 dBm No SIP account is registered, or the WiMAX Modem is not receiving power. A SIP account is registered. A SIP account is registered, and the phone attached to the LINE port is in use (off the hook). A SIP account is registered and has a voice message on the SIP server. A SIP account is registered and has a voice message on the SIP server, and the phone attached to the LINE port is in use (off the hook). The Wi-Fi network is not operational. The Wi-Fi network is operational. The WiMAX Device is sending and receiving data across the Wi-Fi network. 1.3 Good Habits for Managing the WiMAX Modem Do the following things regularly to make the WiMAX Modem more secure and to manage the WiMAX Modem more effectively. Change the password. Use a password thats not easy to guess and that consists of different types of characters, such as numbers and letters. Write down the password and put it in a safe place. Back up the configuration (and make sure you know how to restore it). Restoring an earlier working configuration may be useful if the WiMAX Modem becomes unstable or even crashes. If you forget your password, you will have to reset the WiMAX Modem to its factory default settings. If you backed up an earlier configuration file, you would not have to totally re-configure the WiMAX Modem. You could simply restore your last configuration. 22 Users Guide CHAPTER 2 Introducing the Web Configurator 2.1 Overview The web configurator is an HTML-based management interface that allows easy device set up and management via any web browser that supports: HTML 4.0, CSS 2.0, and JavaScript 1.5, and higher. The recommended screen resolution for using the web configurator is 1024 by 768 pixels and 16-bit color, or higher. In order to use the web configurator you need to allow:
Web browser pop-up windows from your device. Web pop-up blocking is enabled by default in many operating systems and web browsers. JavaScript (enabled by default in most web browsers). Java permissions (enabled by default in most web browsers). See the Appendix C on page 219 for more information on configuring your web browser. 2.1.1 Accessing the Web Configurator 1 Make sure your WiMAX Modem hardware is properly connected (refer to the Quick Start Guide for more information). 2 Launch your web browser. 3 Enter "192.168.1.1" as the URL. Users Guide 23 Chapter 2 Introducing the Web Configurator 4 A login screen displays. Enter the default User Name ( ) (@dmin) and Password ( ) (284wj/6), and then click Login ( ). Figure 5 Password Screen 5 The following screen displays if you have not yet changed your password. It is highly recommended you change the default password. Enter a new password, retype it to confirm and click Apply ( ); alternatively click Ignore ( ) to proceed to the main menu if you do not want to change the password now. Figure 6 Change Password Screen 2.1.2 The Reset Button If you forget your password or cannot access the web configurator, you will need to use the Reset button to reload the factory-default configuration file. This means that you will lose all configurations that you had previously and the password will be reset to 284wj/6. 2.1.2.1 Using The Reset Button 1 Make sure the Power light is on (not blinking). 2 To set the device back to the factory default settings, press the Reset button for ten seconds or until the Power light begins to blink and then release it. When the Power light begins to blink, the defaults have been restored and the device restarts. 3 Reconfigure the WiMAX Modem following the steps in your Quick Start Guide. 24 Users Guide 2.2 The Main Screen Chapter 2 Introducing the Web Configurator When you first log into the web configurator and by-pass the wizard, the Main screen appears. Here you can view a concise summary of your WiMAX Modem connection status. This is also the default home page for the ZyXEL web configurator and it contains conveniently-placed shortcuts to all of the other screens. Note: Some features in the web configurator may not be available depending on your firmware version and/or configuration. Figure 7 Main Screen ( ) The following table describes the icons in this screen. Table 3 Main ( ) > Icons ICON DESCRIPTION MAIN ( ) Click to return to the Main screen. SETUP ( ) Click to go the Setup screen, where you can configure LAN, DHCP and WAN settings. ADVANCED ( ) Click to go to the Advanced screen, where you can configure features like Port Forwarding and Triggering, SNTP and so on. Users Guide 25 Chapter 2 Introducing the Web Configurator Table 3 Main ( ) > Icons (continued) ICON DESCRIPTION VOICE Click to go to the Voice screen, where you can configure your voice service and phone settings. TOOLS ( ) Click to go the Tools screen, where you can configure your firewall, QoS, and content filter, among other things. STATUS ( ) Click to go to the Status screen, where you can view status and statistical information for all connections and interfaces. Strength Indicator Displays a visual representation of the quality of your WiMAX connection. Disconnected - Zero bars Poor reception - One bar Good reception - Two bars Excellent reception - Three bars The following table describes the labels in this screen. Table 4 Main LABEL Logout ( ) DESCRIPTION Click to log out of the web configurator. WiMAX Connection Status (WiMAX
) Software Version (
) Note: This does not log you off the WiMAX network, it simply logs you out of the WiMAX Modems browser-based configuration interface. This field indicates the current status of your WiMAX connection. Status messages are as follows:
Connected - Indicates that the WiMAX Modem is connected to the WiMAX network. Use the Strength Indicator icon to determine the quality of your network connection. Disconnected - Indicates that the WiMAX Modem is not connected to the WiMAX network. DL_SYN - Indicates a download synchronization is in progress. This means the firmware is checking with the server for any updates or settings alterations. This field indicates the version number of the WiMAX Modems firmware. The version number takes the form of:
Version(Build),release status (candidate) | Version Release Date. For example: V3.60(BCC.0)c4 | 07/08/2008 indicates that the firmware is 3.60, build BCC.0, candidate4, released on July 08, 2008. 26 Users Guide Chapter 2 Introducing the Web Configurator Table 4 Main (continued) LABEL WiMAX Firmware Version (WiMAX
) Version Date (
) System Uptime (
) DESCRIPTION This field displays the version number of the chip firmware used in this WiMAX Modem. This field indicates the exact date and time the current firmware was compiled. This field indicates how long the WiMAX Modem has been on. This resets every time you shut the device down or restart it. Note: For security reasons, the WiMAX Modem automatically logs you out if you do not use the web configurator for five minutes. If this happens, simply log in again. Users Guide 27 Chapter 2 Introducing the Web Configurator 28 Users Guide PART II Basic Screens The Main Screen (25) The Setup Screens (31) 29 30 CHAPTER 3 The Setup Screens 3.1 Overview Use these screens to configure or view LAN, DHCP Client and WAN settings. 3.1.1 What You Can Do in This Chapter The Set IP Address (LAN ) screen (Section 3.2 on page 32) lets you configure the WiMAX Modems IP address and subnet mask. The DHCP Client (DHCP ) screen (Section 3.3 on page 33) lets you view all DHCP client information. The Time Setting () screen (Section 3.4 on page 35) lets you configure your WiMAX Modems time and date keeping settings. 3.1.2 What You Need to Know The following terms and concepts may help as you read through this chapter. LAN A Local Area Network, or a shared communication system to which many computers are attached. A LAN, as its name implies, is limited to a local area such as a home or office environment. LANs have different topologies, the most common being the linear bus and the star configuration. IP Address IP addresses identify individual devices on a network. Every networking device
(including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet Mask The subnet mask specifies the network number portion of an IP address. Your device will compute the subnet mask automatically based on the IP Address that Users Guide 31 Chapter 3 The Setup Screens you entered. You do not need to change the computer subnet mask unless you are instructed to do so. DHCP Your WiMAX Modem can act as a DHCP (Dynamic Host Configuration Protocol) server that can assign your LAN computers an IP address, subnet mask, DNS and other routing information when its LAN DHCP feature is turned on. Daytime A network protocol used by devices for debugging and time measurement. A computer can use this protocol to set its internal clock but only if it knows in which order the year, month, and day are returned by the server. Not all servers use the same format. Time A network protocol for retrieving the current time from a server. The computer issuing the command compares the time on its clock to the information returned by the server, adjusts itself automatically for time zone differences, then calculates the difference and corrects itself if there has been any temporal drift. NTP NTP stands for Network Time Protocol. It is employed by devices connected to the Internet in order to obtain a precise time setting from an official time server. These time servers are accurate to within 200 microseconds. 3.1.3 Before You Begin Make sure that you have made all the appropriate hardware connections to the WiMAX Modem, as described in the Quick Start Guide. Make sure that you have logged in to the web configurator at least one time and changed your password from the default, as described in the Quick Start Guide. 3.2 Set IP Address (LAN ) Click the SETUP () icon in the navigation bar to set up the WiMAX Modems IP address and subnet mask. This screen displays this screen by default. If you are in 32 Users Guide Chapter 3 The Setup Screens any other sub-screen you can simply choose Set IP Address (LAN) from the navigation menu on the left to open it again. Figure 8 SETUP( ) > Set IP Address (LAN ) The following table describes the labels in this screen. Table 5 SETUP ( ) > Set IP Address (LAN ) LABEL IP Address (IP ) DESCRIPTION Enter the IP address of the WiMAX Modem on the LAN. Note: This field is the IP address you use to access the WiMAX Modem on the LAN. If the web configurator is running on a computer on the LAN, you lose access to it as soon as you change this field and click Apply (
). You can access the web configurator again by typing the new IP address in the browser. Enter the subnet mask of the LAN. Click to save your changes. Click to restore your previously saved settings. IP Subnet Mask (IP
) Apply ( ) Reset ( ) 3.3 DHCP Client (DHCP ) Click SETUP ( ) > DHCP Client (DHCP ) to display the IP addresses, Host Names and MAC addresses of the devices currently connected to the WiMAX Users Guide 33 Chapter 3 The Setup Screens Modem. These settings can be configured in the ADVANCED ( ) > LAN Configuration (LAN ) > DHCP Setup screen. Figure 9 SETUP ( ) > DHCP Client (DHCP ) The following table describes the labels in this screen. Table 6 SETUP( ) > DHCP Client(DHCP ) LABEL
IP Address (IP ) DESCRIPTION The number of the item in this list. This field displays the IP address the WiMAX Modem assigned to a computer in the network. Host Name ( ) This field displays the system name of the computer to which MAC Address (MAC
) Reserve ( ) Apply ( ) Refresh ( ) the WiMAX Modem assigned the IP address. This field displays the MAC address of the computer to which the WiMAX Modem assigned the IP address. Select Reserve ( ) and click Apply ( ) to have the WiMAX Modem always map the currently assigned IP address to the device with this MAC address. Clear Remain () and click Apply () to allow the WiMAX Modem to assign a new IP address to this device with this MAC address when next time the device sends a new DHCP request. Click this button to update the table data. 34 Users Guide Chapter 3 The Setup Screens 3.4 Time Setting ( ) Click SETUP ( ) > Time Setting ( ) to set the date, time, and time zone for the WiMAX Modem. Figure 10 SETUP ( ) > Time Setting ( ) The following table describes the labels in this screen. DESCRIPTION Table 7 SETUP ( ) > Time Setting ( ) LABEL Current Time and Date ( ) Current Time (
) Current Date (
) Time and Date Setup ( ) Manual ( ) Displays the current time according to the WiMAX Modem. Displays the current time according to the WiMAX Modem. Select this if you want to specify the current date and time in the fields below. Enter the new time in this field, and click Apply ( ). Enter the new date in this field, and click Apply ( ). New Time (
) New Date (
) Users Guide 35 Chapter 3 The Setup Screens Table 7 SETUP ( ) > Time Setting ( ) LABEL Get from Time Server (
) DESCRIPTION Select this if you want to use a time server to update the current date and time in the WiMAX Modem. Select the time service protocol that your time server uses.Check with your ISP or network administrator, or use trial-
and-error to find a protocol that works. Time Protocol (
) Daytime (RFC 867) - This format is day/month/year/time zone. Time (RFC 868) - This format displays a 4-byte integer giving the total number of seconds since 1970/1/1 at 0:0:0. Time Server Address (
) NTP (RFC 1305) - This format is similar to Time (RFC 868). Enter the IP address or URL of your time server. Check with your ISP or network administrator if you are unsure of this information. Time Zone Setup ( ) Time Zone ( ) Daylight Savings (
) Start Date (
) Select the time zone at your location. Select this if your location uses daylight savings time. Daylight savings is a period from late spring to early fall when many places set their clocks ahead of normal local time by one hour to give more daytime light in the evening. Enter which hour on which day of which week of which month daylight-savings time starts. End Date ( ) Enter which hour on the which day of which week of which Apply ( ) Reset ( ) month daylight-savings time ends. Click to save your changes. Click to restore your previously saved settings. 3.4.1 Pre-Defined NTP Time Servers List The WiMAX Modem uses a pre-defined list of NTP time servers if you do not specify a time server or it cannot synchronize with the time server you specified. It can use this list regardless of the time protocol you select. When the WiMAX Modem uses the list, it randomly selects one server and tries to synchronize with it. If the synchronization fails, then it goes through the rest of the list in order until either it is successful or all the pre-defined NTP time servers have been tried. Table 8 Pre-defined NTP Time Servers ntp1.cs.wisc.edu ntp1.gbg.netnod.se ntp2.cs.wisc.edu tock.usno.navy.mil ntp3.cs.wisc.edu 36 Users Guide Chapter 3 The Setup Screens Table 8 Pre-defined NTP Time Servers (continued) ntp.cs.strath.ac.uk ntp1.sp.se time1.stupi.se tick.stdtime.gov.tw tock.stdtime.gov.tw time.stdtime.gov.tw 3.4.2 Resetting the Time The WiMAX Modem automatically resets the time in the following circumstances:
When the device starts up, such as when you press the Power button. When you click Apply ( ) in the SETUP ( ) > Time Setting ( ) screen. Once every 24-hours after starting up. Users Guide 37 Chapter 3 The Setup Screens 38 Users Guide PART III Advanced Screens The Status Screen (41) The LAN Configuration Screens (45) The WIFI Configuration Screen (59) The WAN Configuration Screens (77) The NAT Configuration Screens (89) The System Configuration Screens (99) 39 40 CHAPTER 4 The Status Screen 4.1 Overview Use this screen to view a complete summary of your WiMAX Modem connection status. 4.2 Status ( ) Screen Click Advanced ( ) > STATUS ( ) in the navigation bar to go to this screen, where you can view the current status of the device, system resources, interfaces (LAN and WAN), and SIP accounts. You can also register and un-
register SIP accounts as well as view detailed information from DHCP and statistics from WiMAX, VoIP, bandwidth management, and traffic. Figure 11 Advanced ( ) > Status ( ) The following tables describe the labels in this screen. Table 9 Advanced ( ) > Status ( ) LABEL Refresh Interval Select how often you want the WiMAX Modem to update this screen. Refresh Now Click this to update this screen immediately. DESCRIPTION Users Guide 41 Chapter 4 The Status Screen Table 9 Advanced ( ) > Status ( ) (continued) LABEL Device Information System Name DESCRIPTION Firmware Version WAN Information IP Address This field displays the WiMAX Modem system name. It is used for identification. This field displays the current version of the firmware inside the device. It also shows the date the firmware version was created. You can change the firmware version by uploading new firmware in ADVANCED () > System Configuration () > Firmware. This field displays the current IP address of the WiMAX Modem in the WAN. IP Subnet Mask This field displays the current subnet mask on the WAN. DHCP This field displays what DHCP services the WiMAX Modem is using in the WAN. Choices are:
Client - The WiMAX Modem is a DHCP client in the WAN. Its IP address comes from a DHCP server on the WAN. None - The WiMAX Modem is not using any DHCP services in the WAN. It has a static IP address. LAN Information IP Address This field displays the current IP address of the WiMAX Modem in the LAN. IP Subnet Mask This field displays the current subnet mask in the LAN. DHCP This field displays what DHCP services the WiMAX Modem is providing to the LAN. Choices are:
Server - The WiMAX Modem is a DHCP server in the LAN. It assigns IP addresses to other computers in the LAN. Relay - The WiMAX Modem is routing DHCP requests to one or more DHCP servers. The DHCP server(s) may be on another network. None - The WiMAX Modem is not providing any DHCP services to the LAN. You can change this in ADVANCED ( ) > LAN Configuration (LAN
) > DHCP Setup. WiMAX Information CINR mean CINR deviation RSSI Interface Status This field shows the average Carrier to Interference plus Noise Ratio of the current connection. This value is an indication of overall radio signal quality. A higher value indicates a higher signal quality, and a lower value indicates a lower signal quality. This field shows the amount of change in the CINR level. This value is an indication of radio signal stability. A lower number indicates a more stable signal, and a higher number indicates a less stable signal. This field shows the Received Signal Strength Indication. This value is a measurement of overall radio signal strength. A higher RSSI level indicates a stronger signal, and a lower RSSI level indicates a weaker signal. A strong signal does not necessarily indicate a good signal: a strong signal may have a low signal-to-noise ratio (SNR). 42 Users Guide Chapter 4 The Status Screen Table 9 Advanced ( ) > Status ( ) (continued) LABEL Interface Status DESCRIPTION This column displays each interface of the WiMAX Modem. This field indicates whether or not the WiMAX Modem is using the interface. For the WAN interface, this field displays Up when the WiMAX Modem is connected to a WiMAX network, and Down when the WiMAX Modem is not connected to a WiMAX network. For the LAN interface, this field displays Up when the WiMAX Modem is using the interface and Down when the WiMAX Modem is not using the interface. Users Guide 43 Chapter 4 The Status Screen 44 Users Guide 5 CHAPTER The LAN Configuration Screens 5.1 Overview Use the ADVANCED > LAN Configuration screens to set up the WiMAX Modem on the LAN. You can configure its IP address and subnet mask, DHCP services, and other subnets. You can also control how the WiMAX Modem sends routing information using RIP. A Local Area Network (LAN) is a shared communication system to which many computers are attached. A LAN is usually a computer network limited to the immediate area, such as the same building or floor of a building. 5.1.1 What You Can Do in This Chapter The DHCP Setup screen (Section 5.2 on page 46) lets you enable, disable, and configure the DHCP server in the WiMAX Modem. The Static DHCP screen (Section 5.3 on page 47) lets you assign specific IP addresses to specific computers on the LAN. The IP Alias screen (Section 5.4 on page 49) lets you add subnets on the LAN port. You can also control what routing information is sent and received by each subnet. The IP Static Route screen (Section 5.5 on page 51) lets you examine the static routes configured in the WiMAX Modem. The Other Settings screen (Section 5.6 on page 53) lets you control the routing information that is sent and received by each subnet assign specific IP addresses to specific computers on the LAN. 5.1.2 What You Need to Know The following terms and concepts may help as you read through this chapter. IP Address IP addresses identify individual devices on a network. Every networking device
(including computers, servers, routers, printers, etc.) needs an IP address to Users Guide 45 Chapter 5 The LAN Configuration Screens communicate across the network. These networking devices are also known as hosts. Subnet Masks Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks. DNS DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a networking device before you can access it. DHCP A DHCP (Dynamic Host Configuration Protocol) server can assign your WiMAX Modem an IP address, subnet mask, DNS and other routing information when its turned on. 5.2 DHCP Setup Click ADVANCED > LAN Configuration > DHCP Setup to enable, disable, and configure the DHCP server in the WiMAX Modem. Figure 12 ADVANCED > LAN Configuration > DHCP Setup 46 Users Guide The following table describes the labels in this screen. Chapter 5 The LAN Configuration Screens Table 10 ADVANCED > LAN Configuration > DHCP Setup LABEL DHCP Setup Enable DHCP Server DESCRIPTION IP Pool Starting Address Pool Size DNS Server First, Second and Third DNS Server Select this if you want the WiMAX Modem to be the DHCP server on the LAN. As a DHCP server, the WiMAX Modem assigns IP addresses to DHCP clients on the LAN and provides the subnet mask and DNS server information. Enter the IP address from which the WiMAX Modem begins allocating IP addresses, if you have not specified an IP address for this computer in ADVANCED > LAN Configuration > Static DHCP. Enter the number of IP addresses to allocate. This number must be at least one and is limited by a subnet mask of 255.255.255.0 (regardless of the subnet the WiMAX Modem is in). For example, if the IP Pool Start Address is 10.10.10.10, the WiMAX Modem can allocate up to 10.10.10.254, or 245 IP addresses. Specify the IP addresses of a maximum of three DNS servers that the network can use. The WiMAX Modem provides these IP addresses to DHCP clients. You can specify these IP addresses two ways. From ISP - provide the DNS servers provided by the ISP on the WAN port. User Defined - enter a static IP address. DNS Relay - this setting will relay DNS information from the DNS server obtained by the WiMAX Modem. Apply Reset None - no DNS service will be provided by the WiMAX Modem. Click to save your changes. Click to restore your previously saved settings. 5.3 Static DHCP Click ADVANCED > LAN Configuration > Static DHCP to assign specific IP addresses to specific computers on the LAN. Users Guide 47 Chapter 5 The LAN Configuration Screens Note: This screen has no effect if the DHCP server is not enabled. You can enable it in ADVANCED > LAN Configuration > DHCP Setup. Figure 13 ADVANCED > LAN Configuration > Static DHCP The following table describes the labels in this screen. Table 11 ADVANCED > LAN Configuration > Static DHCP LABEL
MAC Address DESCRIPTION The number of the item in this list. Enter the MAC address of the computer to which you want the WiMAX Modem to assign the same IP address. Enter the IP address you want the WiMAX Modem to assign to the computer. Click to save your changes. Click to restore your previously saved settings. IP Address Apply Reset 48 Users Guide Chapter 5 The LAN Configuration Screens 5.4 IP Alias Click ADVANCED > LAN Configuration > IP Alias to add subnets on the LAN port. You can also control what routing information is sent and received by each subnet. Figure 14 ADVANCED > LAN Configuration> IP Alias The following table describes the labels in this screen. Table 12 ADVANCED > LAN Configuration> IP Alias LABEL IP Alias 1 DESCRIPTION Select this to add the specified subnet to the LAN port. Enter the IP address of the WiMAX Modem on the subnet. Enter the subnet mask of the subnet. IP Address IP Subnet Mask RIP Direction Use this field to control how much routing information the WiMAX Modem sends and receives on the subnet. None - The WiMAX Modem does not send or receive routing information on the subnet. Both - The WiMAX Modem sends and receives routing information on the subnet. In Only - The WiMAX Modem only receives routing information on the subnet. Out Only - The WiMAX Modem only sends routing information on the subnet. Users Guide 49 Chapter 5 The LAN Configuration Screens Table 12 ADVANCED > LAN Configuration> IP Alias (continued) LABEL DESCRIPTION Select which version of RIP the WiMAX Modem uses when it sends or receives information on the subnet. RIP Version IP Alias 2 IP Address IP Subnet Mask RIP Direction RIP-1 - The WiMAX Modem uses RIPv1 to exchange routing information. RIP-2B - The WiMAX Modem broadcasts RIPv2 to exchange routing information. RIP-2M - The WiMAX Modem multicasts RIPv2 to exchange routing information. Select this to add the specified subnet to the LAN port. Enter the IP address of the WiMAX Modem on the subnet. Enter the subnet mask of the subnet. Use this field to control how much routing information the WiMAX Modem sends and receives on the subnet. None - The WiMAX Modem does not send or receive routing information on the subnet. Both - The WiMAX Modem sends and receives routing information on the subnet. In Only - The WiMAX Modem only receives routing information on the subnet. Out Only - The WiMAX Modem only sends routing information on the subnet. RIP Version Select which version of RIP the WiMAX Modem uses when it sends or receives information on the subnet. RIP-1 - The WiMAX Modem uses RIPv1 to exchange routing information. RIP-2B - The WiMAX Modem broadcasts RIPv2 to exchange routing information. RIP-2M - The WiMAX Modem multicasts RIPv2 to exchange routing information. Apply Reset Click to save your changes. Click to restore your previously saved settings. 50 Users Guide Chapter 5 The LAN Configuration Screens 5.5 IP Static Route Click ADVANCED > LAN Configuration > IP Static Route to look at the static routes configured in the WiMAX Modem. Note: The first static route is the default route and cannot be modified or deleted. Figure 15 Advanced> LAN Configuration > IP Static Route The following table describes the icons in this screen. Table 13 Advanced> LAN Configuration > IP Static Route ICON DESCRIPTION Edit Click to edit this item. Delete Click to delete this item. The following table describes the labels in this screen. Table 14 Advanced> LAN Configuration > IP Static Route LABEL
Name Active Destination DESCRIPTION The number of the item in this list. This field displays the name that describes the static route. This field shows whether this static route is active (Yes) or not (No). This field displays the destination IP address(es) that this static route affects. This field displays the IP address of the gateway to which the WiMAX Modem should send packets for the specified Destination. The gateway is a router or a switch on the same network segment as the device's LAN or WAN port. The gateway helps forward packets to their destinations. Click to save your changes. Click to restore your previously saved settings. Gateway Apply Reset Users Guide 51 Chapter 5 The LAN Configuration Screens 5.5.1 IP Static Route Setup Click an Edit icon in ADVANCED > LAN Configuration > IP Static Route to edit a static route in the WiMAX Modem. Figure 16 Advanced> LAN Configuration > IP Static Route Setup The following table describes the labels in this screen. Table 15 Management > Static Route > IP Static Route > Edit LABEL Route Name Active DESCRIPTION Enter the name of the static route. Select this if you want the static route to be used. Clear this if you do not want the static route to be used. Select this if you do not want the WiMAX Modem to tell other routers about this static route. For example, you might select this if the static route is in your LAN. Clear this if you want the WiMAX Modem to tell other routers about this static route. Enter one of the destination IP addresses that this static route affects. Destination IP Address IP Subnet Mask Enter the subnet mask that defines the range of destination IP Private Gateway IP Address Metric addresses that this static route affects. If this static route affects only one IP address, enter 255.255.255.255. Enter the IP address of the gateway to which the WiMAX Modem should send packets for the specified Destination. The gateway is a router or a switch on the same network segment as the device's LAN or WAN port. The gateway helps forward packets to their destinations. Usually, you should keep the default value. This field is related to RIP. The metric represents the "cost of transmission". A router determines the best route for transmission by choosing a path with the lowest
"cost". The smaller the metric, the lower the "cost". RIP uses hop count as the measurement of cost, where 1 is for a directly-connected network. The metric must be 1-15; if you use a value higher than 15, the routers assume the link is down. 52 Users Guide Chapter 5 The LAN Configuration Screens Table 15 Management > Static Route > IP Static Route > Edit (continued) LABEL Apply Cancel DESCRIPTION Click to save your changes. Click to return to the previous screen without saving your changes. 5.6 Other Settings Click ADVANCED > LAN Configuration > Other Settings to set the RIP and Multicast options. Figure 17 ADVANCED > LAN Configuration > Advanced The following table describes the labels in this screen. Table 16 ADVANCED > LAN Configuration > Other Settings LABEL RIP & Multicast Setup RIP Direction DESCRIPTION Use this field to control how much routing information the WiMAX Modem sends and receives on the subnet. None - The WiMAX Modem does not send or receive routing information on the subnet. Both - The WiMAX Modem sends and receives routing information on the subnet. In Only - The WiMAX Modem only receives routing information on the subnet. Out Only - The WiMAX Modem only sends routing information on the subnet. RIP Version Select which version of RIP the WiMAX Modem uses when it sends or receives information on the subnet. RIP-1 - The WiMAX Modem uses RIPv1 to exchange routing information. RIP-2B - The WiMAX Modem broadcasts RIPv2 to exchange routing information. RIP-2M - The WiMAX Modem multicasts RIPv2 to exchange routing information. Users Guide 53 Chapter 5 The LAN Configuration Screens Table 16 ADVANCED > LAN Configuration > Other Settings (continued) LABEL Multicast DESCRIPTION You do not have to enable multicasting to use RIP-2M. (See RIP Version.) Select which version of IGMP the WiMAX Modem uses to support multicasting on the LAN. Multicasting sends packets to some computers on the LAN and is an alternative to unicasting (sending packets to one computer) and broadcasting (sending packets to every computer). None - The WiMAX Modem does not support multicasting. IGMP-v1 - The WiMAX Modem supports IGMP version 1. IGMP-v2 - The WiMAX Modem supports IGMP version 2. Multicasting can improve overall network performance. However, it requires extra processing and generates more network traffic. In addition, other computers on the LAN have to support the same version of IGMP. Click to save your changes. Click to restore your previously saved settings. Apply Reset 5.7 Technical Reference The following section contains additional technical information about the WiMAX Modem features described in this chapter. 5.7.1 IP Address and Subnet Mask Similar to the way houses on a street share a common street name, computers on a LAN share one common network number. Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established. If this is the case, it is recommended that you select a network number from 192.168.0.0 to 192.168.255.0 and you must enable the Network Address Translation (NAT) feature of the WiMAX Modem. The Internet Assigned Number Authority (IANA) reserved this block of addresses specifically for private use; please do not use any other number unless you are told otherwise. Let's say you select 192.168.1.0 as the network number; which covers 254 individual addresses, from 192.168.100.1 to 192.168.1.254 (zero and 255 are reserved). In other words, the first three numbers specify the network number while the last number identifies an individual computer on that network. 54 Users Guide Chapter 5 The LAN Configuration Screens Once you have decided on the network number, pick an IP address that is easy to remember, for instance, 192.168.100.1, for your WiMAX Modem, but make sure that no other device on your network is using that IP address. The subnet mask specifies the network number portion of an IP address. Your WiMAX Modem will compute the subnet mask automatically based on the IP address that you entered. You don't need to change the subnet mask computed by the WiMAX Modem unless you are instructed to do otherwise. 5.7.2 DHCP Setup DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server. You can configure the WiMAX Modem as a DHCP server or disable it. When configured as a server, the WiMAX Modem provides the TCP/IP configuration for the clients. If DHCP service is disabled, you must have another DHCP server on your LAN, or else each computer must be manually configured. The WiMAX Modem is pre-configured with a pool of IP addresses for the DHCP clients (DHCP Pool). See the product specifications in the appendices. Do not assign static IP addresses from the DHCP pool to your LAN computers. These parameters should work for the majority of installations. If your ISP gives you explicit DNS server address(es), see Section 5.3 on page 47. 5.7.3 LAN TCP/IP The WiMAX Modem has built-in DHCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability. The LAN parameters of the WiMAX Modem are preset in the factory with the following values:
IP address of 192.168.100.1 with subnet mask of 255.255.255.0 (24 bits) DHCP server enabled with 32 client IP addresses starting from 192.168.1.33. These parameters should work for the majority of installations. If your ISP gives you explicit DNS server address(es), see Section 5.3 on page 47. 5.7.4 DNS Server Address DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa. The DNS server is extremely important because without it, you must know the IP address of a machine before you can access it. Users Guide 55 Chapter 5 The LAN Configuration Screens The DNS server addresses that you enter in the DHCP setup are passed to the client machines along with the assigned IP address and subnet mask. There are two ways that an ISP disseminates the DNS server addresses. The first is for an ISP to tell a customer the DNS server addresses, usually in the form of an information sheet, when s/he signs up. If your ISP gives you the DNS server addresses, enter them in the DNS Server fields in DHCP Setup, otherwise, leave them blank. Some ISPs choose to pass the DNS servers using the DNS server extensions of PPP IPCP (IP Control Protocol) after the connection is up. If your ISP did not give you explicit DNS servers, chances are the DNS servers are conveyed through IPCP negotiation. The WiMAX Modem supports the IPCP DNS server extensions through the DNS proxy feature. If the Primary and Secondary DNS Server fields in the LAN Setup screen are not specified, for instance, left as 0.0.0.0, the WiMAX Modem tells the DHCP clients that it itself is the DNS server. When a computer sends a DNS query to the WiMAX Modem, the WiMAX Modem forwards the query to the real DNS server learned through IPCP and relays the response back to the computer. Please note that DNS proxy works only when the ISP uses the IPCP DNS server extensions. It does not mean you can leave the DNS servers out of the DHCP setup under all circumstances. If your ISP gives you explicit DNS servers, make sure that you enter their IP addresses in the LAN Setup screen. This way, the WiMAX Modem can pass the DNS servers to the computers and the computers can query the DNS server directly without the WiMAX Modems intervention. 5.7.5 RIP Setup RIP (Routing Information Protocol) allows a router to exchange routing information with other routers. The RIP Direction field controls the sending and receiving of RIP packets. When set to:
Both - the WiMAX Modem will broadcast its routing table periodically and incorporate the RIP information that it receives. In Only - the WiMAX Modem will not send any RIP packets but will accept all RIP packets received. Out Only - the WiMAX Modem will send out RIP packets but will not accept any RIP packets received. None - the WiMAX Modem will not send any RIP packets and will ignore any RIP packets received. The Version field controls the format and the broadcasting method of the RIP packets that the WiMAX Modem sends (it recognizes both formats when receiving). RIP-1 is universally supported; but RIP-2 carries more information. 56 Users Guide Chapter 5 The LAN Configuration Screens RIP-1 is probably adequate for most networks, unless you have an unusual network topology. Both RIP-2B and RIP-2M sends the routing data in RIP-2 format; the difference being that RIP-2B uses subnet broadcasting while RIP-2M uses multicasting. 5.7.6 Multicast Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender - 1 recipient) or Broadcast (1 sender - everybody on the network). Multicast delivers IP packets to a group of hosts on the network - not everybody and not just 1. IGMP (Internet Group Multicast Protocol) is a network-layer protocol used to establish membership in a Multicast group - it is not used to carry user data. IGMP version 2 (RFC 2236) is an improvement over version 1 (RFC 1112) but IGMP version 1 is still in wide use. If you would like to read more detailed information about interoperability between IGMP version 2 and version 1, please see sections 4 and 5 of RFC 2236. The class D IP address is used to identify host groups and can be in the range 224.0.0.0 to 239.255.255.255. The address 224.0.0.0 is not assigned to any group and is used by IP multicast computers. The address 224.0.0.1 is used for query messages and is assigned to the permanent group of all IP hosts (including gateways). All hosts must join the 224.0.0.1 group in order to participate in IGMP. The address 224.0.0.2 is assigned to the multicast routers group. The WiMAX Modem supports both IGMP version 1 (IGMP-v1) and IGMP version 2
(IGMP-v2). At start up, the WiMAX Modem queries all directly connected networks to gather group membership. After that, the WiMAX Modem periodically updates this information. IP multicasting can be enabled/disabled on the WiMAX Modem LAN and/or WAN interfaces in the web configurator (LAN; WAN). Select None to disable IP multicasting on these interfaces. Users Guide 57 Chapter 5 The LAN Configuration Screens 58 Users Guide 6 CHAPTER The WIFI Configuration Screen 6.1 Overview Wi-Fi is a wireless networking technology and it is a synonym for wireless LAN. The blue circle marks a wireless LAN in the following figure. Wireless clients (A and B) connect to an access point (AP) to access other devices (such as the printer) or the Internet. Your WiMAX Modem works as an AP when you install a compatible WLAN card. Figure 18 Example of a Wireless Network Ethernet AP A B 6.1.1 What You Can Do in the WIFI Screens This chapter describes the WiMAX Modems Advanced ( ) > WIFI Configuration (WIFI ) screens. Use these screens to set up your WiMAX Modems wireless connection. Users Guide 59 Chapter 6 The WIFI Configuration Screen Use the General screen (see Section 6.2 on page 63) to turn the wireless connection on or off, set up wireless security, configure the MAC filter, set up Quality of Service and make other basic configuration changes. Use the MAC Filter screen (see Section 6.3 on page 69) to configure a MAC
(Media Access Control) address filter to restrict access to the wireless network. You dont necessarily need to use all these screens to set up your wireless connection. For example, you may just want to set up a network name, a wireless radio channel and some security in the AP screen. 6.1.2 What You Need to Know About WIFI Wireless Basics Every device in the same wireless network must use the same Service Set IDentity (SSID). The SSID is the name of the wireless network. If two wireless networks overlap, they should use different channels. Like radio stations or television channels, each wireless network uses a specific channel, or frequency, to send and receive information. Wireless Network Construction Wireless networks consist of wireless clients, access points and bridges. A wireless client is a radio connected to a users computer. An access point is a radio with a wired connection to a network, which can connect with numerous wireless clients and let them access the network. A bridge is a radio that relays communications between access points and wireless clients, extending a networks range. Traditionally, a wireless network operates in one of two ways. An infrastructure type of network has one or more access points and one or more wireless clients. The wireless clients connect to the access points. An ad-hoc type of network is one in which there is no access point. Wireless clients connect to one another in order to exchange information. Wired Equivalent Privacy (WEP) WEP (Wired Equivalent Privacy) encrypts data transmitted between wired and wireless networks to keep the transmission private. Although one of the original wireless encryption protocols, WEP is also the weakest. Many people use it strictly to deter unintentional usage of their wireless network by outsiders. Authentication Type 60 Users Guide Chapter 6 The WIFI Configuration Screen The IEEE 802.11b/g standard describes a simple authentication method between the wireless stations and AP. Three authentication types are defined: Auto, Open and Shared. The WiMAX Modem supports the WEP (Open) and WEP (Shared) authentication types. Open mode is implemented for ease-of-use and when security is not an issue. The wireless station and the AP or peer computer do not share a secret key. Thus the wireless stations can associate with any AP or peer computer and listen to any transmitted data that is not encrypted. Shared mode involves a shared secret key to authenticate the wireless station to the AP or peer computer. This requires you to enable the wireless LAN security and use same settings on both the wireless station and the AP or peer computer. Wi-Fi Protected Access (WPA) WPA encrypts data transmitted between wired and wireless networks to keep the transmission private. It affords vastly stronger security than its lower-tier counterpart, WEP (Wired Equivalent Privacy). It comes in two different flavors:
WPA and WPA2. Always try to use WPA2 as it implements the full version of the security standard while WPA does not. WPA2 WPA2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. It includes two data encryption algorithms, Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES) in the Counter mode with Cipher block chaining Message authentication Code Protocol (CCMP). WPA2 reduces the number of key exchange messages from six to four (CCMP 4-way handshake) and shortens the time required to connect to a network. Other WPA2 authentication features that are different from WPA include key caching and pre-authentication. These two features are optional and may not be implemented in all wireless devices. See also WPA. Pre-Shared Key (PSK) A pre-shared key is a password shared between the server and the client that unlocks the algorithm used to encrypt the data traffic between them. Without the proper password, the client and the server cannot communicate. Users Guide 61 Chapter 6 The WIFI Configuration Screen Security Security stops unauthorized devices from using the wireless network. It can also protect the information that is sent in the wireless network.Use the strongest security that every wireless client in the wireless network supports. Table 17 Wireless Security Levels SECURITY LEVEL Weakest SECURITY TYPE No Security MAC Address Filtering WEP Encryption IEEE 802.1x EAP with RADIUS Server Authentication WPA-PSK (Wi-Fi Protected Access Pre-Shared Key) WPA (Wi-Fi Protected Access) WPA-PSK2 WPA2 Strongest Note: WPA2 or WPA2-PSK security is recommended. WPA2-PSK and WPA-PSK do not employ user authentication and are known as the personal version of WPA. WEP is better than no security, but it is still possible for unauthorized devices to figure out the original information pretty quickly. AES Advanced Encryption Standard is method of data encryption that uses a secret key. AES may use a 128-bit, 192-bit or 256-bit key. AES is faster than 3DES. TKIP Temporal Key Integrity Protocol (TKIP) is an encryption protocol that uses 128-bit keys that are dynamically generated and distributed by the authentication server. TKIP regularly changes and rotates the encryption keys so that the same encryption key is never used twice. MAC Address Filter Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address consists of twelve hexadecimal characters (0-9, and A to F), and it is usually written in the following format: 0A:A0:00:BB:CC:DD. 62 Users Guide Chapter 6 The WIFI Configuration Screen The MAC address filter controls access to the wireless network. You can use the MAC address of each wireless client to allow or deny access to the wireless network. Finding Out More See Chapter 3 on page 31 for a tutorial showing how to set up your wireless connection in an example scenario. See Section 6.4 on page 70 for advanced technical information on wireless networks. 6.1.3 Before You Start Before you start using these screens, ask yourself the following questions. See Section 6.1.2 on page 60 if some of the terms used here do not make sense to you. What wireless standards do the other wireless devices support (IEEE 802.11g, for example)? What is the most appropriate standard to use?
What security options do the other wireless devices support (WPA-PSK, for example)? What is the best one to use?
Do the other wireless devices support WPS (Wi-Fi Protected Setup)? If so, you can set up a well-secured network very easily. Even if some of your devices support WPS and some do not, you can use WPS to set up your network and then add the non-WPS devices manually, although this is somewhat more complicated to do. What advanced options do you want to configure, if any? If you want to configure advanced options such as Quality of Service, ensure that you know precisely what you want to do. If you do not want to configure advanced options, leave them alone. 6.2 General Screen Note: If you are configuring the WiMAX Modem from a computer connected to the wireless LAN and you change the WiMAX Modems SSID or security settings, you will lose your wireless connection when you press Apply ( ) to confirm. You must then change the wireless settings of your computer to match the WiMAX Modems new settings. Users Guide 63 Chapter 6 The WIFI Configuration Screen Click Advanced () > WIFI Configuration (WIFI) to open the General screen. Figure 19 Advanced ( ) > WIFI Configuration (WIFI ) > General The following table describes the labels in this screen. DESCRIPTION Click the check box to activate wireless LAN. Table 18 Advanced ( ) > WIFI Configuration (WIFI ) > General LABEL Active Wireless LAN
) Network Name (SSID)
( ) The SSID (Service Set IDentity) identifies the service set with which a wireless device is associated. Wireless devices associating to the access point (AP) must have the same SSID. Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless LAN. Note: If you are configuring the WiMAX Modem from a computer connected to the wireless LAN and you change the WiMAX Modems SSID or WEP settings, you will lose your wireless connection when you press Apply ( ) to confirm. You must then change the wireless settings of your computer to match the WiMAX Modems new settings. Select this check box to hide the SSID in the outgoing beacon frame so a station cannot obtain the SSID through scanning using a site survey tool. Select this option and set the operating frequency/channel depending on your particular region. Select a channel from the drop-down list box. Hide SSID (
SSID) Channel Selection (
) Security Mode (
) Apply ( ) Click Apply ( ) to save your changes back to the WiMAX Modem. See the following sections for more details about this field. 64 Users Guide Chapter 6 The WIFI Configuration Screen DESCRIPTION Table 18 Advanced ( ) > WIFI Configuration (WIFI ) > General (continued) LABEL Cancel ( ) Click Cancel ( ) to reload the previous configuration for this screen. Click Advanced Setup ( ) to display the Wireless Advanced Advanced Setup screen and edit more details of your WLAN setup. Setup (
) 6.2.1 No Security Select No Security in the Security Mode ( ) field to allow wireless devices to communicate with the access points without any data encryption. Note: If you do not enable any wireless security on your WiMAX Modem, your network is accessible to any wireless networking device that is within range. Figure 20 Advanced ( ) > WIFI Configuration (WIFI ) > General: No Security Users Guide 65 Chapter 6 The WIFI Configuration Screen 6.2.2 WEP Encryption In order to configure and enable WEP encryption; click Advanced ( ) > WIFI Configuration (WIFI ) > General to display the General screen. Select WEP (OPEN) or WEP (SHARED) from the Security Mode ( ) list. Figure 21 Advanced ( ) > WIFI Configuration (WIFI ) > General: WEP
(OPEN) / WEP (SHARED) The following table describes the wireless LAN security labels in this screen. Table 19 Advanced ( ) > WIFI Configuration (WIFI ) > General: WEP
(OPEN) / WEP (SHARED) LABEL Security Mode (
) WEP Key DESCRIPTION Choose WEP (OPEN) or WEP (SHARED) from the drop-down list box. The WEP key is used to encrypt data. Both the WiMAX Modem and the wireless stations must use the same WEP key for data transmission. If you want to manually set the WEP key, enter any 5 or 13 characters
(ASCII string) or 10 or 26 hexadecimal characters ("0-9", "A-F") for a 64-
bit or 128-bit WEP key respectively. 6.2.3 WPA(2)-PSK In order to configure and enable WPA(2)-PSK authentication; click Advanced (
) > WIFI Configuration (WIFI ) to display the General screen. Select 66 Users Guide Chapter 6 The WIFI Configuration Screen WPA-PSK (AES), WPA2-PSK (AES), WPA-PSK (TKIP), or WPA2-PSK
(TKIP) from the Security Mode ( ) list. Figure 22 Advanced ( ) > WIFI Configuration (WIFI ) > General: WPA(2)-
PSK (AES/TKIP) The following table describes the wireless LAN security labels in this screen. Table 20 Advanced () > WIFI Configuration (WIFI) > General: WPA(2)-PSK
(AES/TKIP) LABEL Security Mode (
) Pre-Shared Key DESCRIPTION Choose WPA-PSK (AES), WPA2-PSK (AES), WPA-PSK (TKIP), or WPA2-PSK (TKIP) from the drop-down list box. The encryption mechanisms used for WPA(2) and WPA(2)-PSK are the same. The only difference between the two is that WPA(2)-PSK uses a simple common password, instead of user-specific credentials. Type a pre-shared key from 8 to 63 case-sensitive ASCII characters
(including spaces and symbols). Users Guide 67 Chapter 6 The WIFI Configuration Screen 6.2.4 Wireless LAN Advanced Setup To configure advanced wireless settings, click the Advanced Setup ( ) button in the General screen. The screen appears as shown. Figure 23 Advanced( ) > WIFI Configuration(WIFI ) > General > Advanced Setup ( ) The following table describes the labels in this screen. DESCRIPTION Table 21 Advanced( ) > WIFI Configuration(WIFI ) > General( ) >
Advanced Setup ( ) LABEL Wireless Advanced Setup RTS/CTS Threshold Fragmentation Threshold Preamble It is the maximum data fragment size that can be sent. Enter a value between 256 and 2432. Select a preamble type. Choices are Long, Short or Dynamic. The default setting is Long. See the appendix for more information. Select 802.11b Only to allow only IEEE 802.11b compliant WLAN devices to associate with the WiMAX Modem. Enter a value between 0 and 2432. 802.11 Mode Apply ( ) Cancel ( ) Back ( ) Select 802.11g Only to allow only IEEE 802.11g compliant WLAN devices to associate with the WiMAX Modem. Select Mixed to allow either IEEE 802.11b or IEEE 802.11g compliant WLAN devices to associate with the WiMAX Modem. The transmission rate of your WiMAX Modem might be reduced. Click Apply ( ) to save your changes back to the WiMAX Modem. Click Cancel ( ) to reload the previous configuration for this screen. Click this to return to the previous screen without saving changes. 68 Users Guide Chapter 6 The WIFI Configuration Screen 6.3 MAC Filter Use this screen to change your WiMAX Modems MAC filter settings. Click Advanced ( ) > WIFI Configuration (WIFI ) > MAC Filter. The screen appears as shown. Figure 24 Advanced ( ) > WIFI Configuration (WIFI ) > MAC Filter Users Guide 69 Chapter 6 The WIFI Configuration Screen The following table describes the labels in this screen. Table 22 Advanced( ) > WIFI Configuration(WIFI ) > MAC Filter LABEL Active MAC Filter (
MAC
) DESCRIPTION Select the check box to enable MAC address filtering. Filter Action (
) Define the filter action for the list of MAC addresses in the MAC Address table. Select Allow () to permit access to the WiMAX Modem, MAC addresses not listed will be denied access to the WiMAX Modem. Select Deny ( ) to block access to the WiMAX Modem, MAC addresses not listed will be allowed to access the WiMAX Modem. This is the index number of the MAC address. Enter the MAC addresses of the wireless devices that are allowed or denied access to the WiMAX Modem in these address fields. Enter the MAC addresses in a valid MAC address format, that is, six hexadecimal character pairs, for example, 12:34:56:78:9a:bc. Set ( ) MAC Address
(MAC ) Apply () Click Apply ( ) to save your changes back to the WiMAX Modem. Cancel (
) Click Cancel ( ) to reload the previous configuration for this screen. 6.4 Wireless LAN Technical Reference This section discusses wireless LANs in depth. For more information, see the appendix. 70 Users Guide Chapter 6 The WIFI Configuration Screen 6.4.1 Additional Wireless Terms The following table describes some wireless network terms and acronyms used in the WiMAX Modems Web Configurator. Table 23 Additional Wireless Terms TERM RTS/CTS Threshold In a wireless network which covers a large area, wireless devices DESCRIPTION are sometimes not aware of each others presence. This may cause them to send information to the AP at the same time and result in information colliding and not getting through. By setting this value lower than the default value, the wireless devices must sometimes get permission to send information to the WiMAX Modem. The lower the value, the more often the devices must get permission. If this value is greater than the fragmentation threshold value (see below), then wireless devices never have to get permission to send information to the WiMAX Modem. A preamble affects the timing in your wireless network. There are two preamble modes: long and short. If a device uses a different preamble mode than the WiMAX Modem does, it cannot communicate with the WiMAX Modem. The process of verifying whether a wireless device is allowed to use the wireless network. A small fragmentation threshold is recommended for busy networks, while a larger threshold provides faster performance if the network is not very busy. Preamble Authentication Fragmentation Threshold 6.4.2 Wireless Security Overview The following sections introduce different types of wireless security you can set up in the wireless network. 6.4.2.1 SSID Normally, the WiMAX Modem acts like a beacon and regularly broadcasts the SSID in the area. You can hide the SSID instead, in which case the WiMAX Modem does not broadcast the SSID. In addition, you should change the default SSID to something that is difficult to guess. This type of security is fairly weak, however, because there are ways for unauthorized wireless devices to get the SSID. In addition, unauthorized wireless devices can still see the information that is sent in the wireless network. 6.4.2.2 MAC Address Filter Every device that can use a wireless network has a unique identification number, called a MAC address.1 A MAC address is usually written using twelve hexadecimal Users Guide 71 Chapter 6 The WIFI Configuration Screen characters2; for example, 00A0C5000002 or 00:A0:C5:00:00:02. To get the MAC address for each device in the wireless network, see the devices Users Guide or other documentation. You can use the MAC address filter to tell the WiMAX Modem which devices are allowed or not allowed to use the wireless network. If a device is allowed to use the wireless network, it still has to have the correct information (SSID, channel, and security). If a device is not allowed to use the wireless network, it does not matter if it has the correct information. This type of security does not protect the information that is sent in the wireless network. Furthermore, there are ways for unauthorized wireless devices to get the MAC address of an authorized device. Then, they can use that MAC address to use the wireless network. 6.4.2.3 User Authentication Authentication is the process of verifying whether a wireless device is allowed to use the wireless network. You can make every user log in to the wireless network before they can use it. However, every device in the wireless network has to support IEEE 802.1x to do this. For wireless networks, you can store the user names and passwords for each user in a RADIUS server. This is a server used in businesses more than in homes. If you do not have a RADIUS server, you cannot set up user names and passwords for your users. Unauthorized wireless devices can still see the information that is sent in the wireless network, even if they cannot use the wireless network. Furthermore, there are ways for unauthorized wireless users to get a valid user name and password. Then, they can use that user name and password to use the wireless network. 6.4.2.4 Encryption Wireless networks can use encryption to protect the information that is sent in the wireless network. Encryption is like a secret code. If you do not know the secret code, you cannot understand the message. 1. Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks. These kinds of wireless devices might not have MAC addresses. 2. Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F. 72 Users Guide Chapter 6 The WIFI Configuration Screen The types of encryption you can choose depend on the type of authentication.
(See Section 6.4.2.3 on page 72 for information about this.) Table 24 Types of Encryption for Each Type of Authentication Weakest NO AUTHENTICATION RADIUS SERVER No Security Static WEP WPA-PSK Strongest WPA2-PSK WPA WPA2 For example, if the wireless network has a RADIUS server, you can choose WPA or WPA2. If users do not log in to the wireless network, you can choose no encryption, Static WEP, WPA-PSK, or WPA2-PSK. Usually, you should set up the strongest encryption that every device in the wireless network supports. For example, suppose you have a wireless network with the WiMAX Modem and you do not have a RADIUS server. Therefore, there is no authentication. Suppose the wireless network has two devices. Device A only supports WEP, and device B supports WEP and WPA. Therefore, you should set up Static WEP in the wireless network. Note: It is recommended that wireless networks use WPA-PSK, WPA, or stronger encryption. The other types of encryption are better than none at all, but it is still possible for unauthorized wireless devices to figure out the original information pretty quickly. When you select WPA2 or WPA2-PSK in your WiMAX Modem, you can also select an option (WPA compatible) to support WPA as well. In this case, if some of the devices support WPA and some support WPA2, you should set up WPA2-PSK or WPA2 (depending on the type of wireless network login) and select the WPA compatible option in the WiMAX Modem. Many types of encryption use a key to protect the information in the wireless network. The longer the key, the stronger the encryption. Every device in the wireless network must have the same key. 6.4.3 MBSSID Traditionally, you needed to use different APs to configure different Basic Service Sets (BSSs). As well as the cost of buying extra APs, there was also the possibility of channel interference. The WiMAX Modems MBSSID (Multiple Basic Service Set IDentifier) function allows you to use one access point to provide several BSSs simultaneously. You can then assign varying QoS priorities and/or security modes to different SSIDs. Users Guide 73 Chapter 6 The WIFI Configuration Screen Wireless devices can use different BSSIDs to associate with the same AP. 6.4.3.1 Notes on Multiple BSSs A maximum of eight BSSs are allowed on one AP simultaneously. You must use different keys for different BSSs. If two wireless devices have different BSSIDs (they are in different BSSs), but have the same keys, they may hear each others communications (but not communicate with each other). MBSSID should not replace but rather be used in conjunction with 802.1x security. 6.4.4 Wireless Distribution System (WDS) The WiMAX Modem can act as a wireless network bridge and establish WDS
(Wireless Distribution System) links with other APs. You need to know the MAC addresses of the APs you want to link to. Once the security settings of peer sides match one another, the connection between devices is made. At the time of writing, WDS security is compatible with other ZyXEL access points only. Refer to your other access points documentation for details. The following example illustrates how WDS link works between APs. Notebook computer A is a wireless client connecting to access point AP 1. AP 1 has no wired Internet connection, but can establish a WDS link with access point AP 2, which does. When AP 1 has a WDS link with AP 2, the notebook computer can access the Internet through AP 2. Figure 25 WDS Link Example A WDS AP 1 AP 2 6.4.5 WiFi Protected Setup Your WiMAX Modem supports WiFi Protected Setup (WPS), which is an easy way to set up a secure wireless network. WPS is an industry standard specification, defined by the WiFi Alliance. WPS allows you to quickly set up a wireless network with strong security, without having to configure security settings manually. Each WPS connection works between two devices. Both devices must support WPS (check each devices documentation to make sure). 74 Users Guide Chapter 6 The WIFI Configuration Screen Depending on the devices you have, you can either press a button (on the device itself, or in its configuration utility) or enter a PIN (a unique Personal Identification Number that allows one device to authenticate the other) in each of the two devices. When WPS is activated on a device, it has two minutes to find another device that also has WPS activated. Then, the two devices connect and set up a secure network by themselves. 6.4.5.1 Push Button Configuration WPS Push Button Configuration (PBC) is initiated by pressing a button on each WPS-enabled device, and allowing them to connect automatically. You do not need to enter any information. Not every WPS-enabled device has a physical WPS button. Some may have a WPS PBC button in their configuration utilities instead of or in addition to the physical button. Take the following steps to set up WPS using the button. 1 Ensure that the two devices you want to set up are within wireless range of one another. 2 3 Look for a WPS button on each device. If the device does not have one, log into its configuration utility and locate the button (see the devices Users Guide for how to do this). The WiMAX Modems WPS button is in the rear panel as shown next. Figure 26 The WPS Button on the WiMAX Modem Press the button on one of the devices (it doesnt matter which). For the WiMAX Modem you must press the WPS button for more than three seconds. 4 Within two minutes, press the button on the other device. The registrar sends the network name (SSID) and security key through an secure connection to the enrollee. If you need to make sure that WPS worked, check the list of associated wireless clients in the APs configuration utility. If you see the wireless client in the list, WPS was successful. Users Guide 75 Chapter 6 The WIFI Configuration Screen 76 Users Guide 7 CHAPTER The WAN Configuration Screens 7.1 Overview Use the ADVANCED > WAN Configuration screens to set up your WiMAX Modems Wide Area Network (WAN) or Internet features. A Wide Area Network (or WAN) links geographically dispersed locations to other networks or the Internet. A WAN configuration can include switched and permanent telephone circuits, terrestrial radio systems and satellite systems. 7.1.1 What You Can Do in This Chapter The Internet Connection screen (Section 7.2 on page 79) lets you set up your WiMAX Modems Internet settings. The WiMAX Configuration screen (Section 7.3 on page 82) lets set up the frequencies used by your WiMAX Modem. 7.1.2 What You Need to Know The following terms and concepts may help as you read through this chapter. WiMAX WiMAX (Worldwide Interoperability for Microwave Access) is the IEEE 802.16 wireless networking standard, which provides high-bandwidth, wide-range wireless service across wireless Metropolitan Area Networks (MANs). ZyXEL is a member of the WiMAX Forum, the industry group dedicated to promoting and certifying interoperability of wireless broadband products. In a wireless MAN, a wireless-equipped computer is known either as a mobile station (MS) or a subscriber station (SS). Mobile stations use the IEEE 802.16e standard and are able to maintain connectivity while switching their connection from one base station to another base station (handover) while subscriber stations use other standards that do not have this capability (IEEE 802.16-2004, for Users Guide 77 Chapter 7 The WAN Configuration Screens example). The following figure shows an MS-equipped notebook computer MS1 moving from base station BS1s coverage area and connecting to BS2. Figure 27 WiMax: Mobile Station WiMAX technology uses radio signals (around 2 to 10 GHz) to connect subscriber stations and mobile stations to local base stations. Numerous subscriber stations and mobile stations connect to the network through a single base station (BS), as in the following figure. Figure 28 WiMAX: Multiple Mobile Stations A base station's coverage area can extend over many hundreds of meters, even under poor conditions. A base station provides network access to subscriber stations and mobile stations, and communicates with other base stations. The radio frequency and bandwidth of the link between the WiMAX Modem and the base station are controlled by the base station. The WiMAX Modem follows the base stations configuration. Authentication When authenticating a user, the base station uses a third-party RADIUS or Diameter server known as an AAA (Authentication, Authorization and Accounting) server to authenticate the mobile or subscriber stations. 78 Users Guide Chapter 7 The WAN Configuration Screens The following figure shows a base station using an AAA server to authenticate mobile station MS, allowing it to access the Internet. Figure 29 Using an AAA Server In this figure, the dashed arrow shows the PKM (Privacy Key Management) secured connection between the mobile station and the base station, and the solid arrow shows the EAP secured connection between the mobile station, the base station and the AAA server. See the WiMAX security appendix for more details. 7.2 Internet Connection Click ADVANCED ( ) > WAN Configuration (WAN ) to set up your WiMAX Modems Internet settings. Users Guide 79 Chapter 7 The WAN Configuration Screens Note: Not all WiMAX Modem models have all the fields shown here. Figure 30 ADVANCED ( ) > WAN Configuration (WAN ) > Internet Connection The following table describes the labels in this screen. DESCRIPTION Table 25 ADVANCED ( ) > WAN Configuration (WAN ) > Internet Connection > ISP Parameters for Internet Access () LABEL ISP Parameters for Internet Access ( ISP ) User () Use this field to enter the username associated with your Internet access account. You can enter up to 61 printable ASCII characters. Password ( ) Use this field to enter the password associated with your Internet access account. You can enter up to 47 printable ASCII characters. Enter the anonymous identity provided by your Internet Service Provider. Anonymous identity (also known as outer identity) is used with EAP-TTLS encryption. The anonymous identity is used to route your authentication request to the correct authentication server, and does not reveal your real user name. Your real user name and password are encrypted in the TLS tunnel, and only the anonymous identity can be seen. Anonymous Identity (
) PKM Leave this field blank if your ISP did not give you an anonymous identity to use. This field displays the Privacy Key Management version number. PKM provides security between the WiMAX Modem and the base station. At the time of writing, the WiMAX Modem supports PKMv2 only. See the WiMAX security appendix for more information. 80 Users Guide Chapter 7 The WAN Configuration Screens Table 25 ADVANCED ( ) > WAN Configuration (WAN ) > Internet Connection > ISP Parameters for Internet Access () (continued) LABEL Authentication (
) DESCRIPTION This field displays the user authentication method. Authentication is the process of confirming the identity of a mobile station (by means of a username and password, for example). Check with your service provider if you are unsure of the correct setting for your account. Choose from the following user authentication methods:
TTLS (Tunnelled Transport Layer Security) TLS (Transport Layer Security) Note: Not all WiMAX Modems support TLS authentication. Check with your service provider for details. This field displays the type of secondary authentication method. Once a secure EAP-TTLS connection is established, the inner EAP is the protocol used to exchange security information between the mobile station, the base station and the AAA server to authenticate the mobile station. See the WiMAX security appendix for more details. This field is available only when TTLS is selected in the Authentication field. The WiMAX Modem supports the following inner authentication types:
CHAP (Challenge Handshake Authentication Protocol) MSCHAP (Microsoft CHAP) MSCHAPV2 (Microsoft CHAP version 2) PAP (Password Authentication Protocol) Select the authentication mode from the drop-down list box. This field is not available in all WiMAX Modems. Check with your service provider for details. The WiMAX Modem supports the following authentication modes:
User Only Device Only with Cert Certs and User Authentication TTLS Inner EAP Auth Mode (
) Certificate ( ) This is the security certificate the WiMAX Modem uses to authenticate the AAA server. Use the TOOLS ( ) > Certificate (
) > Trusted CAs screen to import certificates to the WiMAX Modem. WAN IP Address Assignment ( WAN IP ) Get automatically from ISP
(Default) (
ISP ( )) Select this if you have a dynamic IP address. A dynamic IP address is not fixed; the ISP assigns you a different one each time you connect to the Internet. Users Guide 81 Chapter 7 The WAN Configuration Screens Table 25 ADVANCED ( ) > WAN Configuration (WAN ) > Internet Connection > ISP Parameters for Internet Access () (continued) LABEL Use Fixed IP Address (
IP ) IP Subnet Mask
(IP ) DESCRIPTION A static IP address is a fixed IP that your ISP gives you. Type your ISP assigned IP address in the IP Address (IP ) field below. Enter a subnet mask in dotted decimal notation. Refer to the appendices to calculate a subnet mask If you are implementing subnetting. Specify a gateway IP address (supplied by your ISP). Gateway IP Address ( IP
) Apply ( ) Reset ( ) Click to save your changes. Click to restore your previously saved settings. 7.3 WiMAX Configuration Click ADVANCED ( ) > WAN Configuration (WAN ) > WiMAX Configuration to set up the frequencies used by your WiMAX Modem. In a WiMAX network, a mobile or subscriber station must use a radio frequency supported by the base station to communicate. When the WiMAX Modem looks for a connection to a base station, it can search a range of frequencies. 82 Users Guide Chapter 7 The WAN Configuration Screens Radio frequency is measured in Hertz (Hz). Table 26 Radio Frequency Conversion 1 kHz = 1000 Hz 1 MHz = 1000 kHz (1000000 Hz) 1 GHz = 1000 MHz (1000000 kHz) Figure 31 ADVANCED ( ) > WAN Configuration (WAN ) > WiMAX Configuration (WiMAX ) Users Guide 83 Chapter 7 The WAN Configuration Screens The following table describes the labels in this screen. Table 27 ADVANCED ( ) > WAN Configuration (WAN ) > WiMAX Configuration (WiMAX ) LABEL Bandwidth &
Frequency ( &
) DESCRIPTION These fields show the downlink frequency settings in kilohertz (kHz). Enter the width of a frequency band (only support 5MHz & 10MHz) the WiMAX Modem can use for transmitting and receiving data. Network Access Provider ID (
ID) Base Station (
) Enabling Functions
( ) Enter values in the Frequency ( ) fields to have the WiMAX Modem scan these frequencies for available channels in ascending numerical order. Contact your service provider for the bandwidth value and the supported frequencies. Enter the primary ( ) network access provider ID for the WAN connection. You can also enter the substitude access provider IDs for the connection backup when the primary one is down. Select ALU to connect this WiMAX Modem to an Alcatel-Lucent WiMAX base station. Select NEC to connect this WiMAX Modem to a NEC WiMAX base station. Select one or multiple check box(es) to enable the function(s). Configure this according to what you were given by your service provider. HARQ: Select this to enable the Hybrid Automatic Repeat-
Request feature on the WiMAX Modem. HARQ works in the physical (PHY) layer and provides radio link error detection and correction. ARQ: Select this to enable the Automatic Repeat-Request feature on the WiMAX Modem. ARQ works in the MAC layer and provides error correction by scheduling re-transmission. Both HARQ and ARQ are designed to provide reliable transmission over a wireless connection. When a receiver detects errors, it will notify the sender to retransmit the data within a certain period. MIMO: Select this to enable the Multple Input Multiple Ouput
(MIMO) feature on the WiMAX Modem. Idle_Mode: Select this to have the WiMAX Modem enter the idle mode after it has no traffic passing through for a pre-defined period. Make sure your base station also supports this before selecting this. Apply ( ) Reset ( ) Click to save your changes. Click to restore your previously saved settings. 84 Users Guide Chapter 7 The WAN Configuration Screens 7.3.1 Frequency Ranges The following figure shows the WiMAX Modem searching a range of frequencies to find a connection to a base station. Figure 32 Frequency Ranges In this figure, A is the WiMAX frequency range. WiMAX frequency range refers to the entire range of frequencies the WiMAX Modem is capable of using to transmit and receive (see the Product Specifications appendix for details). In the figure, B shows the operator frequency range. This is the range of frequencies within the WiMAX frequency range supported by your operator
(service provider). The operator range is subdivided into bandwidth steps. In the figure, each C is a bandwidth step. The arrow D shows the WiMAX Modem searching for a connection. Have the WiMAX Modem search only certain frequencies by configuring the downlink frequencies. Your operator can give you information on the supported frequencies. The downlink frequencies are points of the frequency range your WiMAX Modem searches for an available connection. Use the Site Survey screen to set these bands. You can set the downlink frequencies anywhere within the WiMAX frequency range. In this example, the downlink frequencies have been set to search all of the operator range for a connection. 7.3.2 Configuring Frequency Settings You need to set the WiMAX Modem to scan one or more specific radio frequencies to find an available connection to a WiMAX base station. Use the WiMAX Configuration (WiMAX ) screen to define the radio frequencies to be searched for available wireless connections. See Section 7.3.3 on page 86 for an example of using the WiMAX Configuration (WiMAX ) screen. Users Guide 85 Chapter 7 The WAN Configuration Screens Note: It may take several minutes for the WiMAX Modem to find a connection. The WiMAX Modem searches the DL Frequency ( ) settings in ascending numerical order, from [1] to [9]. If you enter a 0 in a DL Frequency () field, the WiMAX Modem immediately moves on to the next DL Frequency ( ) field. When the WiMAX Modem connects to a base station, the values in this screen are automatically set to the base stations frequency. The next time the WiMAX Modem searches for a connection, it searches only this frequency. If you want the WiMAX Modem to search other frequencies, enter them in the DL Frequency ( ) fields. The following table describes some examples of DL Frequency ( ) settings. Table 28 DL Frequency Example Settings DL Frequency [1]
( [1]):
DL Frequency [2]
( [2]):
DL Frequency [3]
( [3]):
DL Frequency [4]
( [4]):
EXAMPLE 1 2500000 2550000 0 0 EXAMPLE 2 2500000 2550000 2600000 0 The WiMAX Modem searches at 2500000 kHz, and then searches at 2550000 kHz if it has not found a connection. The WiMAX Modem searches at 2500000 kHz and then at 2550000 kHz if it has not found an available connection. If it still does not find an available connection, it searches at 2600000 kHz. 7.3.3 Using the WiMAX Frequency Screen In this example, your Internet service provider has given you a list of supported frequencies: 2.51, 2.525, 2.6, and 2.625. In the DL Frequency [1] ( [1]) field, enter 2510000 (2510000 kilohertz
(kHz) is equal to 2.51 gigahertz). In the DL Frequency [2] ( [2]) field, enter 2525000. In the DL Frequency [3] ( [3]) field, enter 2600000. In the DL Frequency [4] ( [4]) field, enter 2625000. Leave the rest of the DL Frequency ( ) fields at zero. Users Guide 1 2 3 4 86 Chapter 7 The WAN Configuration Screens 5 Enter the ID of your service provider you were given in the Service Provider ID
[1] ( ID[1]) field. 6 Configure the Base Station ( ) (ALU in this example) and Function Enabling ( ) (All of the four options are selected in this example) fields. The screen appears as follows. Figure 33 Completing the WiMAX Frequency Screen 7 Click Apply ( ). The WiMAX Modem stores your settings. When the WiMAX Modem searches for available frequencies, it scans all frequencies from DL Frequency [1] ( [1]) to DL Frequency [4] ( [4]). When it finds an available connection, the fields in this screen will be automatically set to use that frequency. Users Guide 87 Chapter 7 The WAN Configuration Screens 88 Users Guide 8 CHAPTER The NAT Configuration Screens 8.1 Overview Use these screens to configure port forwarding and trigger ports for the WiMAX Modem. You can also enable and disable SIP, FTP, and H.323 ALG. Network Address Translation (NAT) maps a hosts IP address within one network to a different IP address in another network. For example, you can use a NAT router to map one IP address from your ISP to multiple private IP addresses for the devices in your home network. 8.1.1 What You Can Do in This Chapter The General screen (Section 8.2 on page 90) lets you enable or disable NAT and to allocate memory for NAT and firewall rules. The Port Forwarding screen (Section 8.3 on page 91) lets you look at the current port-forwarding rules in the WiMAX Modem, and to enable, disable, activate, and deactivate each one. The Trigger Port screen (Section 8.4 on page 94) lets you maintain trigger port forwarding rules for the WiMAX Modem. Users Guide 89 Chapter 8 The NAT Configuration Screens 8.2 General Click ADVANCED () > NAT Configuration (NAT) > General to enable or disable NAT and to allocate memory for NAT and firewall rules. Figure 34 ADVANCED ( ) > NAT Configuration (NAT ) > General The following table describes the labels in this screen. DESCRIPTION Select this if you want to use port forwarding, trigger ports, or any of the ALG. Table 29 ADVANCED ( ) > NAT Configuration (NAT ) > General LABEL Enable Network Address Translation (
) Max NAT/Firewall Session Per User (
NAT/
) When computers use peer to peer applications, such as file sharing applications, they may use a large number of NAT sessions. If you do not limit the number of NAT sessions a single client can establish, this can result in all of the available NAT sessions being used. In this case, no additional NAT sessions can be established, and users may not be able to access the Internet. Each NAT session establishes a corresponding firewall session. Use this field to limit the number of NAT/firewall sessions each client computer can establish through the WiMAX Modem. If your network has a small number of clients using peer to peer applications, you can raise this number to ensure that their performance is not degraded by the number of NAT sessions they can establish. If your network has a large number of users using peer to peer applications, you can lower this number to ensure no single client is using all of the available NAT sessions. Click to save your changes. Click to return to the previous screen without saving your changes. Apply ( ) Cancel ( ) 90 Users Guide 8.3 Port Forwarding Chapter 8 The NAT Configuration Screens A NAT server set is a list of inside (behind NAT on the LAN) servers, for example, web or FTP, that you can make accessible to the outside world even though NAT makes your whole inside network appear as a single machine to the outside world. Use the ADVANCED ( ) > NAT Configuration (NAT ) > Port Forwarding screen to forward incoming service requests to the server(s) on your local network. You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server. The port number identifies a service; for example, web service is on port 80 and FTP on port 21. In some cases, such as for unknown services or where one server can support more than one service (for example both FTP and web service), it might be better to specify a range of port numbers. In addition to the servers for specified services, NAT supports a default server. A service request that does not have a server explicitly designated for it is forwarded to the default server. If the default is not defined, the service request is simply discarded. For example, let's say you want to assign ports 21-25 to one FTP, Telnet and SMTP server (A in the example), port 80 to another (B in the example) and assign a default server IP address of 192.168.1.35 to a third (C in the example). You assign the LAN IP addresses and the ISP assigns the WAN IP address. The NAT network appears as a single host on the Internet. Figure 35 Multiple Servers Behind NAT Example 8.3.1 Port Forwarding Options Click ADVANCED ( ) > NAT Configuration (NAT ) > Port Forwarding to look at the current port-forwarding rules in the WiMAX Modem, and to enable, Users Guide 91 Chapter 8 The NAT Configuration Screens disable, activate, and deactivate each one. You can also set up a default server to handle ports not covered by rules. Figure 36 ADVANCED ( ) > NAT Configuration (NAT ) > Port Forwarding The following table describes the icons in this screen. Table 30 ADVANCED ( ) > NAT Configuration (NAT ) > Port Forwarding ICON DESCRIPTION Edit Click to edit this item. Delete Click to delete this item. The following table describes the labels in this screen. DESCRIPTION Table 31 ADVANCED ( ) > NAT Configuration (NAT ) > Port Forwarding LABEL Default Server Setup ( ) Default Server (
) Enter the IP address of the server to which the WiMAX Modem should forward packets for ports that are not specified in the Port Forwarding section below or in the TOOLS > Remote MGMT screens. Enter 0.0.0.0 if you want the WiMAX Modem to discard these packets instead. Port Forwarding ( )
Active ( ) Name ( ) Start Port (
) The number of the item in this list. Select this to enable this rule. Clear this to disable this rule. This field displays the name of the rule. It does not have to be unique. This field displays the beginning of the range of port numbers forwarded by this rule. 92 Users Guide Chapter 8 The NAT Configuration Screens Table 31 ADVANCED ( ) > NAT Configuration (NAT ) > Port Forwarding LABEL End Port (
) DESCRIPTION This field displays the end of the range of port numbers forwarded by this rule. If it is the same as the Start Port, only one port number is forwarded. This field displays the IP address of the server to which packet for the selected port(s) are forwarded. Server IP Address (
) Action ( ) Click the Edit icon to set up a port forwarding rule or alter the configuration of an existing port forwarding rule. Apply ( ) Reset ( ) Click the Delete icon to remove an existing port forwarding rule. Click to save your changes. Click to restore your previously saved settings. 8.3.2 Port Forwarding Rule Setup Click a port forwarding rules Edit icon in the ADVANCED ( ) > NAT Configuration (NAT ) > Port Forwarding screen to activate, deactivate, or edit it. Figure 37 ADVANCED () > NAT Configuration (NAT) > Port Forwarding >
Rule Setup The following table describes the labels in this screen. Table 32 ADVANCED ( ) > NAT Configuration (NAT ) > Port Forwarding >
Rule Setup LABEL Active Service Name DESCRIPTION Select this to enable this rule. Clear this to disable this rule. Enter a name to identify this rule. You can use 1 - 31 printable ASCII characters, or you can leave this field blank. It does not have to be a unique name. Users Guide 93 Chapter 8 The NAT Configuration Screens Table 32 ADVANCED ( ) > NAT Configuration (NAT ) > Port Forwarding >
Rule Setup (continued) LABEL Start Port DESCRIPTION Enter the port number or range of port numbers you want to forward to the specified server. End Port To forward one port number, enter the port number in the Start Port and End Port fields. To forward a range of ports, enter the port number at the beginning of the range in the Start Port field Server IP Address Apply ( ) Cancel ( ) enter the port number at the end of the range in the End Port field. Enter the IP address of the server to which to forward packets for the selected port number(s). This server is usually on the LAN. Click to save your changes. Click to return to the previous screen without saving your changes. 8.4 Trigger Port Some services use a dedicated range of ports on the client side and a dedicated range of ports on the server side. With regular port forwarding you set a forwarding port in NAT to forward a service (coming in from the server on the WAN) to the IP address of a computer on the client side (LAN). The problem is that port forwarding only forwards a service to a single LAN IP address. In order to use the same service on a different LAN computer, you have to manually replace the LAN computer's IP address in the forwarding port with another LAN computer's IP address, Trigger port forwarding solves this problem by allowing computers on the LAN to dynamically take turns using the service. The WiMAX Modem records the IP address of a LAN computer that sends traffic to the WAN to request a service with a specific port number and protocol (a "trigger" port). When the WiMAX Modem's WAN port receives a response with a specific port number and protocol
("incoming" port), the WiMAX Modem forwards the traffic to the LAN IP address of the computer that sent the request. After that computers connection for that service closes, another computer on the LAN can use the service in the same manner. This way you do not need to configure a new IP address each time you want a different LAN computer to use the application. 94 Users Guide Chapter 8 The NAT Configuration Screens Click ADVANCED ( ) > NAT Configuration (NAT ) > Trigger Port to maintain trigger port forwarding rules for the WiMAX Modem. Figure 38 ADVANCED ( ) > NAT Configuration (NAT ) > Trigger Port The following table describes the labels in this screen. Table 33 ADVANCED ( ) > NAT Configuration (NAT ) > Trigger Port LABEL
Name ( ) DESCRIPTION The number of the item in this list. Enter a name to identify this rule. You can use 1 - 15 printable ASCII characters, or you can leave this field blank. It does not have to be a unique name. Incoming ( ) Start Port(
) End Port (
) Enter the incoming port number or range of port numbers you want to forward to the IP address the WiMAX Modem records. To forward one port number, enter the port number in the Start Port (
) and End Port ( ) fields. To forward a range of ports, enter the port number at the beginning of the range in the Start Port ( ) field enter the port number at the end of the range in the End Port (
) field. If you want to delete this rule, enter zero in the Start Port () and End Port ( ) fields. Trigger ( ) Users Guide 95 Chapter 8 The NAT Configuration Screens Table 33 ADVANCED ( ) > NAT Configuration (NAT ) > Trigger Port LABEL DESCRIPTION Enter the outgoing port number or range of port numbers that makes the WiMAX Modem record the source IP address and assign it to the selected incoming port number(s). Start Port (
) End Port (
) Apply ( ) Cancel ( ) To select one port number, enter the port number in the Start Port and End Port fields. To select a range of ports, enter the port number at the beginning of the range in the Start Port field enter the port number at the end of the range in the End Port field. If you want to delete this rule, enter zero in the Start Port and End Port fields. Click to save your changes. Click to return to the previous screen without saving your changes. 8.4.1 Trigger Port Forwarding Example The following is an example of trigger port forwarding. In this example, J is Janes computer and S is the Real Audio server. Figure 39 Trigger Port Forwarding Example 1 2 3 4 Jane requests a file from the Real Audio server (port 7070). Port 7070 is a trigger port and causes the WiMAX Modem to record Janes computer IP address. The WiMAX Modem associates Jane's computer IP address with the "incoming" port range of 6970-7170. The Real Audio server responds using a port number ranging between 6970-7170. The WiMAX Modem forwards the traffic to Janes computer IP address. 96 Users Guide Chapter 8 The NAT Configuration Screens 5 Only Jane can connect to the Real Audio server until the connection is closed or times out. The WiMAX Modem times out in three minutes with UDP (User Datagram Protocol), or two hours with TCP/IP (Transfer Control Protocol/Internet Protocol). Two points to remember about trigger ports:
1 2 Trigger events only happen on data that is coming from inside the WiMAX Modem and going to the outside. If an application needs a continuous data stream, that port (range) will be tied up so that another computer on the LAN cant trigger it. Users Guide 97 Chapter 8 The NAT Configuration Screens 98 Users Guide CHAPTER 9 The System Configuration Screens 9.1 Overview Click ADVANCED ( ) > System Configuration ( ) to set up general system settings, change the system mode, change the password, configure the DDNS server settings, and set the current date and time. 9.1.1 What You Can Do in This Chapter The Dynamic DNS screen (Section 9.2 on page 100) lets you set up the WiMAX Modem as a dynamic DNS client. The Firmware screen (Section 9.3 on page 102) lets you upload new firmware to the WiMAX Modem. The Configuration screen (Section 9.4 on page 104) lets you back up or restore the configuration of the WiMAX Modem. The Restart screen (Section 9.5 on page 105) lets you restart your WiMAX Modem from within the web configurator. 9.1.2 What You Need to Know The following terms and concepts may help as you read through this chapter. System Name The System Name is often used for identification purposes. Because some ISPs check this name you should enter your computer's "Computer Name". In Windows 2000: Click Start > Settings > Control Panel and then double-
click the System icon. Select the Network Identification tab and then click the Properties button. Note the entry for the Computer Name field and enter it as the System Name. In Windows XP: Click Start > My Computer > View system information and then click the Computer Name tab. Note the entry in the Full computer name field and enter it as the WiMAX Modem System Name. Users Guide 99 Chapter 9 The System Configuration Screens Domain Name The Domain Name entry is what is propagated to the DHCP clients on the LAN. If you leave this blank, the domain name obtained by DHCP from the ISP is used. While you must enter the host name (System Name) on each individual computer, the domain name can be assigned from the WiMAX Modem via DHCP. DNS Server Address Assignment Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa, for instance, the IP address of www.zyxel.com is 204.217.0.2. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it. The WiMAX Modem can get the DNS server addresses in the following ways:
1 2 The ISP tells you the DNS server addresses, usually in the form of an information sheet, when you sign up. If your ISP gives you DNS server addresses, enter them in the DNS Server fields in the SYSTEM General screen. If the ISP did not give you DNS server information, leave the DNS Server fields in the SYSTEM General screen set to 0.0.0.0 for the ISP to dynamically assign the DNS server IP addresses. 9.2 Dynamic DNS Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-
SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect. Your friends or relatives will always be able to call you even if they don't know your IP address. First of all, you need to have registered a dynamic DNS account with www.dyndns.org. This is for people with a dynamic IP from their ISP or DHCP server that would still like to have a domain name. The Dynamic DNS service provider will give you a password or key. Enabling the wildcard feature for your host causes *.yourhost.dyndns.org to be aliased to the same IP address as yourhost.dyndns.org. This feature is useful if you want to be able to use, for example, www.yourhost.dyndns.org and still reach your hostname. 100 Users Guide Chapter 9 The System Configuration Screens Note: If you have a private WAN IP address, then you cannot use Dynamic DNS. Click ADVANCED ( ) > System Configuration ( ) > Dynamic DNS to set up the WiMAX Modem as a dynamic DNS client. Figure 40 ADVANCED ( ) > System Configuration ( ) > Dynamic DNS The following table describes the labels in this screen. DESCRIPTION Select this to use dynamic DNS. Select the name of your Dynamic DNS service provider. Select the type of service that you are registered for from your Dynamic DNS service provider. Table 34 ADVANCED ( ) > System Configuration ( ) > Dynamic DNS LABEL Dynamic DNS Setup ( DNS ) Enable Dynamic DNS (
DNS) Service Provider (
) Dynamic DNS Type ( DNS
) Host Name (
) User Name (
) Password () Enter the password assigned to you. Enable Wildcard Option (
) Enable offline option (
DNS) This field is available when CustomDNS ( DNS) is selected in the DDNS Type ( DNS ) field. Select this if your Dynamic DNS service provider redirects traffic to a URL that you can specify while you are off line. Check with your Dynamic DNS service provider. Enter the host name. You can specify up to two host names, separated by a comma (","). Enter your user name. Select this to enable the DynDNS Wildcard feature. Users Guide 101 Chapter 9 The System Configuration Screens DESCRIPTION Select this if you want the WiMAX Modem to update the domain name with the WAN port's IP address. Table 34 ADVANCED ( ) > System Configuration ( ) > Dynamic DNS LABEL IP Address Update Policy (IP ) Use WAN IP Address (
WAN IP ) Dynamic DNS server auto detect IP address (
DNS IP ) Select this if you want the DDNS server to update the IP address of the host name(s) automatically. Select this option when there are one or more NAT routers between the WiMAX Modem and the DDNS server. Note: The DDNS server may not be able to detect the proper IP address if there is an HTTP proxy server between the WiMAX Modem and the DDNS server. Use specified IP address (
IP ) Apply ( ) Reset ( ) Select this if you want to use the specified IP address with the host name(s). Then, specify the IP address. Use this option if you have a static IP address. Click to save your changes. Click to restore your previously saved settings. 9.3 Firmware Click ADVANCED ( ) > System Configuration ( ) > Firmware to upload new firmware to the WiMAX Modem. Firmware files usually use the system model name with a "*.bin" extension, such as "WiMAX Modem.bin". The upload process uses HTTP (Hypertext Transfer Protocol) and may take up to two minutes. After a successful upload, the system will reboot. Contact your service provider for information on available firmware upgrades. Note: Only use firmware for your WiMAX Modems specific model. Figure 41 ADVANCED ( ) > System Configuration ( ) > Firmware 102 Users Guide Chapter 9 The System Configuration Screens The following table describes the labels in this screen. Table 35 ADVANCED ( ) > System Configuration ( ) > Firmware LABEL File Path (
) DESCRIPTION Enter the location of the *.bin file you want to upload, or click Browse... to find it. You must decompress compressed (.zip) files before you can upload them. Click this to find the *.bin file you want to upload. Click this to begin uploading the selected file. This may take up to two minutes. Browse... Upload Note: Do not turn off the device while firmware upload is in progress!
9.3.1 The Firmware Upload Process When the WiMAX Modem uploads new firmware, the process usually takes about two minutes. The device also automatically restarts in this time. This causes a temporary network disconnect. Note: Do not turn off the device while firmware upload is in progress!
After two minutes, log in again, and check your new firmware version in the Status screen. You might have to open a new browser window to log in. If the upload is not successful, you will be notified by error message. Click Return to go back to the Firmware screen. Users Guide 103 Chapter 9 The System Configuration Screens 9.4 Configuration Click ADVANCED ( ) > System Configuration ( ) > Configuration to back up or restore the configuration of the WiMAX Modem. You can also use this screen to reset the WiMAX Modem to the factory default settings. Figure 42 ADVANCED ( ) > System Configuration ( ) > Configuration The following table describes the labels in this screen. Table 36 ADVANCED ( ) > System Configuration ( ) > Configuration LABEL Backup Configuration ( ) Backup DESCRIPTION Click this to save the WiMAX Modems current configuration to a file on your computer. Once your device is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes. The backup configuration file is useful if you need to return to your previous settings. Restore Configuration ( ) File Path () Enter the location of the file you want to upload, or click Browse... to find it. Click this to find the file you want to upload. Click this to restore the selected configuration file. Browse Upload Note: Do not turn off the device while configuration file upload is in progress. Back to Factory Defaults ( ) Reset Click this to clear all user-entered configuration information and return the WiMAX Modem to its factory defaults. There is no warning screen. 104 Users Guide 9.4.1 The Restore Configuration Process Chapter 9 The System Configuration Screens When the WiMAX Modem restores a configuration file, the device automatically restarts. This causes a temporary network disconnect. Note: Do not turn off the device while configuration file upload is in progress. If the WiMAX Modems IP address is different in the configuration file you selected, you may need to change the IP address of your computer to be in the same subnet as that of the default management IP address (192.168.5.1). See the Quick Start Guide or the appendices for details on how to set up your computers IP address. You might have to open a new browser to log in again. If the upload was not successful, you are notified by Configuration Upload Error message:
Click Return to go back to the Configuration screen. 9.5 Restart Click ADVANCED ( ) > System Configuration ( ) > Restart to reboot the WiMAX Modem without turning the power off. Note: Restarting the WiMAX Modem does not affect its configuration. Figure 43 ADVANCED ( ) > System Configuration ( ) > Restart The following table describes the labels in this screen. Table 37 ADVANCED ( ) > System Configuration ( ) > Firmware LABEL Restart DESCRIPTION Click this button to have the device perform a software restart. The Power LED blinks as it restarts and the shines steadily if the restart is successful. Note: Wait one minute before logging back into the WiMAX Modem after a restart. Users Guide 105 Chapter 9 The System Configuration Screens 9.5.1 The Restart Process When you click Restart, the the process usually takes about two minutes. Once the restart is complete you can log in again. 106 Users Guide PART IV Voice Screens The Service Configuration Screens (109) The Phone Screens (127) The Phone Book Screens (137) 107 108 CHAPTER 10 The Service Configuration Screens 10.1 Overview The VOICE > Service Configuration screens allow you to set up your voice accounts and configure your QoS settings. VoIP (Voice over IP) is the sending of voice signals over the Internet Protocol. This allows you to make phone calls and send faxes over the Internet at a fraction of the cost of using the traditional circuit-switched telephone network. You can also use servers to run telephone service applications like PBX services and voice mail. Internet Telephony Service Provider (ITSP) companies provide VoIP service. A company could alternatively set up an IP-PBX and provide its own VoIP service. Circuit-switched telephone networks require 64 kilobits per second (kbps) in each direction to handle a telephone call. VoIP can use advanced voice coding techniques with compression to reduce the required bandwidth. 10.1.1 What You Can Do in This Chapter The SIP Setting screen (Section 10.2 on page 111) lets you setup and maintain your SIP account(s) in the WiMAX Modem. The Advanced SIP Settings screen (Section 10.2.1 on page 112) lets you set up and maintain advanced settings for each SIP account The QoS screen (Section 10.3 on page 119) lets you set up and maintain ToS and VLAN settings for the WiMAX Modem. 10.1.2 What You Need to Know The following terms and concepts may help as you read through this chapter. SIP The Session Initiation Protocol (SIP) is an application-layer control (signaling) protocol that handles the setting up, altering and tearing down of voice and Users Guide 109 Chapter 10 The Service Configuration Screens multimedia sessions over the Internet. SIP signaling is separate from the media for which it handles sessions. The media that is exchanged during the session can use a different path from that of the signaling. SIP handles telephone calls and can interface with traditional circuit-switched telephone networks. SIP Identities A SIP account uses an identity (sometimes referred to as a SIP address). A complete SIP identity is called a SIP URI (Uniform Resource Identifier). A SIP account's URI identifies the SIP account in a way similar to the way an e-mail address identifies an e-mail account. The format of a SIP identity is SIP-
Number@SIP-Service-Domain. SIP Number The SIP number is the part of the SIP URI that comes before the @ symbol. A SIP number can use letters like in an e-mail address (johndoe@your-ITSP.com for example) or numbers like a telephone number (1122334455@VoIP-provider.com for example). SIP Service Domain The SIP service domain of the VoIP service provider (the company that lets you make phone calls over the Internet) is the domain name in a SIP URI. For example, if the SIP address is 1122334455@VoIP-provider.com, then VoIP-
provider.com is the SIP service domain. SIP Register Server A SIP register server maintains a database of SIP identity-to-IP address (or domain name) mapping. The register server checks your user name and password when you register. RTP When you make a VoIP call using SIP, the RTP (Real time Transport Protocol) is used to handle voice data transfer. See RFC 1889 for details on RTP. Use NAT If you know the NAT routers public IP address and SIP port number, you can use the Use NAT feature to manually configure the WiMAX Modem to use a them in the SIP messages. This eliminates the need for STUN or a SIP ALG. You must also configure the NAT router to forward traffic with this port number to the WiMAX Modem. 110 Users Guide Chapter 10 The Service Configuration Screens 10.1.3 Before you Begin Ensure that you have all of your voice account information on hand. If not, contact your voice account service provider to find out which settings in this chapter you should configure in order to use your telephone with the WiMAX Modem. Connect your WiMAX Modem to the Internet, as described in the Quick Start Guide. If you have not already done so, then you will not be able to test your VoIP settings. 10.2 SIP Settings Click VOICE > Service Configuration > SIP Setting to setup and maintain your SIP account(s) in the WiMAX Modem. Your VoIP or Internet service provider should provide you with your account information. You can also enable and disable each SIP account. Figure 44 VOICE > Service Configuration > SIP Setting The following table describes the labels in this screen. Table 38 VOICE > Service Configuration > SIP Setting LABEL SIP Account DESCRIPTION Select the SIP account you want to see in this screen. If you change this field, the screen automatically refreshes. SIP Settings Users Guide 111 Chapter 10 The Service Configuration Screens Table 38 VOICE > Service Configuration > SIP Setting (continued) LABEL Active SIP Account DESCRIPTION Select this if you want the WiMAX Modem to use this account. Clear it if you do not want the WiMAX Modem to use this account. Enter your SIP number. In the full SIP URI, this is the part before the @
symbol. You can use up to 127 printable ASCII characters. Enter the WiMAX Modems listening port number, if your VoIP service provider gave you one. Otherwise, keep the default value. Enter the IP address or domain name of the SIP server provided by your VoIP service provider. You can use up to 95 printable ASCII characters. It does not matter whether the SIP server is a proxy, redirect or register server. Enter the SIP servers listening port number, if your VoIP service provider gave you one. Otherwise, keep the default value. Enter the IP address or domain name of the SIP register server, if your VoIP service provider gave you one. Otherwise, enter the same address you entered in the SIP Server Address field. You can use up to 95 printable ASCII characters. Enter the SIP register servers listening port number, if your VoIP service provider gave you one. Otherwise, enter the same port number you entered in the SIP Server Port field. Enter the SIP service domain name. In the full SIP URI, this is the part after the @ symbol. You can use up to 127 printable ASCII Extended set characters. Select this if you want to send identification when you make VoIP phone calls. Clear this if you do not want to send identification. Enter the user name for registering this SIP account, exactly as it was given to you. You can use up to 95 printable ASCII characters. Enter the user name for registering this SIP account, exactly as it was given to you. You can use up to 95 printable ASCII Extended set characters. Click this to display the advanced settings for this SIP account in this screen for editing. Click to save your changes. Click to restore your previously saved settings. Number SIP Local Port SIP Server Address SIP Server Port REGISTER Server Address REGISTER Server Port SIP Service Domain Send Caller ID Authentication User Name Password Show Advanced Setup Apply ( ) Reset ( ) 10.2.1 Advanced SIP Settings This section describes the features of the Advanced SIP settings screen. 10.2.1.1 STUN STUN (Simple Traversal of User Datagram Protocol (UDP) through Network Address Translators) allows the WiMAX Modem to find the presence and types of NAT routers and/or firewalls between it and the public Internet. STUN also allows the WiMAX Modem to find the public IP address that NAT assigned, so the WiMAX 112 Users Guide Chapter 10 The Service Configuration Screens Modem can embed it in the SIP data stream. STUN does not work with symmetric NAT routers or firewalls. See RFC 3489 for details on STUN. The following figure shows how STUN works. 1 2 3 The WiMAX Modem (A) sends SIP packets to the STUN server (B). The STUN server (B) finds the public IP address and port number that the NAT router used on the WiMAX Modems SIP packets and sends them to the WiMAX Modem. The WiMAX Modem uses the public IP address and port number in the SIP packets that it sends to the SIP server (C). Figure 45 STUN 1 NAT B C A 10.2.1.2 Outbound Proxy Your VoIP service provider may host a SIP outbound proxy server to handle all of the WiMAX Modems VoIP traffic. This allows the WiMAX Modem to work with any type of NAT router and eliminates the need for STUN or a SIP ALG. Turn off a SIP ALG on a NAT router in front of the WiMAX Modem to keep it from re-translating the IP address (since this is already handled by the outbound proxy server). 10.2.1.3 Voice Coding A codec (coder/decoder) codes analog voice signals into digital signals and decodes the digital signals back into voice signals. The WiMAX Modem supports the following codecs. G.711 is a Pulse Code Modulation (PCM) waveform codec. PCM measures analog signal amplitudes at regular time intervals (sampling) and converts them into digital bits (quantization). Quantization reads the analog signal and then writes it to the nearest digital value. For this reason, a digital sample is usually slightly different from its analog original (this difference is known as quantization noise). G.711 provides excellent sound quality but requires 64kbps of bandwidth. Users Guide 113 Chapter 10 The Service Configuration Screens G.723 is an Adaptive Differential Pulse Code Modulation (ADPCM) waveform codec. Differential (or Delta) PCM is similar to PCM, but encodes the audio signal based on the difference between one sample and a prediction based on previous samples, rather than encoding the samples actual quantized value. Many thousands of samples are taken each second, and the differences between consecutive samples are usually quite small, so this saves space and reduces the bandwidth necessary. However, DPCM produces a high quality signal (high signal-to-noise ratio or SNR) for high difference signals (where the actual signal is very different from what was predicted) but a poor quality signal (low SNR) for low difference signals (where the actual signal is very similar to what was predicted). This is because the level of quantization noise is the same at all signal levels. Adaptive DPCM solves this problem by adapting the difference signals level of quantization according to the audio signals strength. A low difference signal is given a higher quantization level, increasing its signal-to-noise ratio. This provides a similar sound quality at all signal levels. G.723 provides high quality sound and requires 20 or 40 kbps. G.729 is an Analysis-by-Synthesis (AbS) hybrid waveform codec. It uses a filter based on information about how the human vocal tract produces sounds. The codec analyzes the incoming voice signal and attempts to synthesize it using its list of voice elements. It tests the synthesized signal against the original and, if it is acceptable, transmits details of the voice elements it used to make the synthesis. Because the codec at the receiving end has the same list, it can exactly recreate the synthesized audio signal.G.729 provides good sound quality and reduces the required bandwidth to 8kbps. 10.2.1.4 MWI (Message Waiting Indication) Enable Message Waiting Indication (MWI) enables your phone to give you a messagewaiting (beeping) dial tone when you have one or more voice messages. Your VoIP service provider must have a messaging system that sends message-
waiting-status SIP packets as defined in RFC 3842. 114 Users Guide Chapter 10 The Service Configuration Screens 10.2.1.5 Advanced SIP Settings Options Click Show Advanced Setup in VOICE > Service Configuration > SIP Settings to set up and maintain advanced settings for each SIP account. Figure 46 VOICE > Service Configuration > SIP Settings > Show Advanced Setup The following table describes the labels in this screen. Table 39 VOICE > Service Configuration > SIP Settings > Show Advanced Setup LABEL SIP Server Settings URL Type Select whether or not to include the SIP service domain name when the WiMAX Modem sends the SIP number. DESCRIPTION SIP - include the SIP service domain name TEL - do not include the SIP service domain name Users Guide 115 Chapter 10 The Service Configuration Screens Table 39 VOICE > Service Configuration > SIP Settings > Show Advanced Setup LABEL Expiration Duration DESCRIPTION Enter the number of seconds your SIP account is registered with the SIP register server before it is deleted. The WiMAX Modem automatically tries to re-register your SIP account when one-half of this time has passed. (The SIP register server might have a different expiration.) Enter the number of seconds the WiMAX Modem waits before it tries again to register the SIP account, if the first try failed or if there is no response. Register Re-
send timer Session Expires Enter the number of seconds the conversation can last before the call is Min-SE RTP Port Range Start Port End Port automatically disconnected. Usually, when one-half of this time has passed, the WiMAX Modem or the other party updates this timer to prevent this from happening. Enter the minimum number of seconds the WiMAX Modem accepts for a session expiration time when it receives a request to start a SIP session. If the request has a shorter time, the WiMAX Modem rejects it. Enter the listening port number(s) for RTP traffic, if your VoIP service provider gave you this information. Otherwise, keep the default values. To enter one port number, enter the port number in the Start Port and End Port fields. To enter a range of ports:
Type the port number at the beginning of the range in the Start Port field Type the port number at the end of the range in the End Port field. Voice Compression Primary, Secondary, and Third Compression Select the type of voice coder/decoder (codec) that you want the WiMAX Modem to use. G.711 provides high voice quality but requires more bandwidth (64 kbps). DTMF Mode G.711A is typically used in Europe. G.711u is typically used in North America and Japan. G.723 provides good voice quality, and requires 20 or 40 kbps. G.729 requires only 8 kbps. The WiMAX Modem must use the same codec as the peer. When two SIP devices start a SIP session, they must agree on a codec. For more on voice compression, see Voice Coding on page 113 Control how the WiMAX Modem handles the tones that your telephone makes when you push its buttons. You should use the same mode your VoIP service provider uses. RFC 2833 - send the DTMF tones in RTP packets PCM - send the DTMF tones in the voice data stream. This method works best when you are using a codec that does not use compression (like G.711). Codecs that use compression (like G.729) can distort the tones. SIP INFO - send the DTMF tones in SIP messages 116 Users Guide Chapter 10 The Service Configuration Screens Table 39 VOICE > Service Configuration > SIP Settings > Show Advanced Setup LABEL STUN Active Select this if all of the following conditions are satisfied. DESCRIPTION There is a NAT router between the WiMAX Modem and the SIP server. The NAT router is not a SIP ALG. Your VoIP service provider gave you an IP address or domain name for a STUN server. Otherwise, clear this field. Enter the IP address or domain name of the STUN server provided by your VoIP service provider. Enter the STUN servers listening port, if your VoIP service provider gave you one. Otherwise, keep the default value. Select this if you want the WiMAX Modem to send SIP traffic to a specific NAT router. You must also configure the NAT router to forward traffic with the specified port to the WiMAX Modem. This eliminates the need for STUN or a SIP ALG. Enter the public IP address or domain name of the NAT router. Enter the port number that your SIP sessions use with the public IP address of the NAT router. Select this if your VoIP service provider has a SIP outbound server to handle voice calls. This allows the WiMAX Modem to work with any type of NAT router and eliminates the need for STUN or a SIP ALG. Turn off any SIP ALG on a NAT router in front of the WiMAX Modem to keep it from re-translating the IP address (since this is already handled by the outbound proxy server). Enter the IP address or domain name of the SIP outbound proxy server. Enter the SIP outbound proxy servers listening port, if your VoIP service provider gave you one. Otherwise, keep the default value. Server Address Server Port Use NAT Active Server Address Server Port Outbound Proxy Active Server Address Server Port NAT Keep Alive Active Select this to stop NAT routers between the WiMAX Modem and SIP server (a SIP proxy server or outbound proxy server) from dropping the SIP session. The WiMAX Modem does this by sending SIP notify messages to the SIP server based on the specified interval. Select this if the SIP server is a SIP proxy server. Select this if the SIP server is an outbound proxy server. You must enable Outbound Proxy to use this. Enter how often (in seconds) the WiMAX Modem should send SIP notify messages to the SIP server. Keep Alive with SIP Proxy Keep Alive with Outbound Proxy Keep Alive Interval MWI (Message Waiting Indication) Enable Select this if you want to hear a waiting (beeping) dial tone on your phone when you have at least one voice message. Your VoIP service provider must support this feature. Users Guide 117 Chapter 10 The Service Configuration Screens DESCRIPTION Table 39 VOICE > Service Configuration > SIP Settings > Show Advanced Setup LABEL Expiration Time Keep the default value, unless your VoIP service provider tells you to change it. Enter the number of seconds the SIP server should provide the message waiting service each time the WiMAX Modem subscribes to the service. Before this time passes, the WiMAX Modem automatically subscribes again. Fax Option G.711 Fax Passthrough T.38 Fax Relay Call Forward Call Forward Table Caller Ringing Enable Caller Ringing Tone On Hold Enable On Hold Tone Hide Advanced Setup Select this if the WiMAX Modem should use G.711 to send fax messages. The peer devices must also use G.711. Select this if the WiMAX Modem should send fax messages as UDP or TCP/IP packets through IP networks. This provides better quality, but it may have inter-operability problems. The peer devices must also use T.38. Select which call forwarding table you want the WiMAX Modem to use for incoming calls. You set up these tables in VOICE > Phone Book >
Incoming Call Policy. Check this box if you want people to hear a customized recording when they call you. Select the tone you want people to hear when they call you. See Custom Tones (IVR) on page 118 for information on how to record these tones. Check this box if you want people to hear a customized recording when you put them on hold. Select the tone you want people to hear when you put them on hold. See Custom Tones (IVR) on page 118 for information on how to record these tones. Click this to not display these advanced settings in this screen. 10.2.1.6 Custom Tones (IVR) IVR (Interactive Voice Response) is a feature that allows you to use your telephone to interact with the WiMAX Modem. The WiMAX Modem allows you to record custom tones for the Caller Ringing Tone and On Hold Tone functions. The same recordings apply to both the caller ringing and on hold tones. Table 40 Custom Tones Details LABEL Total Time for All Tones Maximum Time per Individual Tone Total Number of Tones Recordable 8 DESCRIPTION 128 seconds for all custom tones combined 20 seconds You can record up to eight different custom tones but the total time must be 128 seconds or less. 118 Users Guide Chapter 10 The Service Configuration Screens Use the following steps if you would like to create new tones or change your tones:
1 2 3 4 1 2 3 1 2 3 Pick up the phone and press **** on your phones keypad and wait for the message that says you are in the configuration menu. Press a number from 1101~1108 on your phone followed by the # key. Play your desired music or voice recording into the receivers mouthpiece. Press the # key. You can continue to add, listen to, or delete tones, or you can hang up the receiver when you are done. Do the following to listen to a custom tone:
Pick up the phone and press **** on your phones keypad and wait for the message that says you are in the configuration menu. Press a number from 1201~1208 followed by the # key to listen to the tone. You can continue to add, listen to, or delete tones, or you can hang up the receiver when you are done. Do the following to delete a custom tone:
Pick up the phone and press **** on your phones keypad and wait for the message that says you are in the configuration menu. Press a number from 1301~1308 followed by the # key to delete the tone of your choice. Press 14 followed by the # key if you wish to clear all your custom tones. You can continue to add, listen to, or delete tones, or you can hang up the receiver when you are done. 10.3 QoS Network traffic can be classified by setting the ToS (Type Of Service) values at the data source (for example, at the WiMAX Modem) so a server can decide the best method of delivery, that is the least cost, fastest route and so on. Virtual Local Area Network (VLAN) allows a physical network to be partitioned into multiple logical networks. Only stations within the same group can communicate with each other. Users Guide 119 Chapter 10 The Service Configuration Screens Your WiMAX Modem can add IEEE 802.1Q VLAN ID tags to voice frames that it sends to the network. This allows the WiMAX Modem to communicate with a SIP server that is a member of the same VLAN group. Some ISPs use the VLAN tag to identify voice traffic and give it priority over other traffic. Click VOICE > Service Configuration > QoS to set up and maintain ToS and VLAN settings for the WiMAX Modem. QoS (Quality of Service) refers to both a network's ability to deliver data with minimum delay and the networking methods used to provide bandwidth for real-time multimedia applications. Figure 47 VOICE > Service Configuration > QoS The following table describes the labels in this screen. Table 41 VOICE > Service Configuration > QoS LABEL TDS SIP TOS Priority Setting DESCRIPTION RTP TOS Priority Setting VLAN Tagging Voice VLAN ID Enter the priority for SIP voice transmissions. The WiMAX Modem creates Type of Service priority tags with this priority to voice traffic that it transmits. Enter the priority for RTP voice transmissions. The WiMAX Modem creates Type of Service priority tags with this priority to RTP traffic that it transmits. Select this if the WiMAX Modem has to be a member of a VLAN to communicate with the SIP server. Ask your network administrator, if you are not sure. Enter the VLAN ID provided by your network administrator in the field on the right. Your LAN and gateway must be configured to use VLAN tags. Apply ( ) Reset ( ) Otherwise, clear this field. Click to save your changes. Click to restore your previously saved settings. 120 Users Guide Chapter 10 The Service Configuration Screens 10.4 Technical Reference The following section contains additional technical information about the WiMAX Modem features described in this chapter. 10.4.1 SIP Call Progression The following figure displays the basic steps in the setup and tear down of a SIP call. A calls B. Table 42 SIP Call Progression A 1. INVITE 4. ACK 6. BYE 5.Dialogue (voice traffic) B 2. Ringing 3. OK 7. OK 1 A sends a SIP INVITE request to B. This message is an invitation for B to participate in a SIP telephone call. 2 B sends a response indicating that the telephone is ringing. 3 B sends an OK response after the call is answered. 4 A then sends an ACK message to acknowledge that B has answered the call. 5 Now A and B exchange voice media (talk). 6 After talking, A hangs up and sends a BYE request. 7 B replies with an OK response confirming receipt of the BYE request and the call is terminated. Users Guide 121 Chapter 10 The Service Configuration Screens 10.4.2 SIP Client Server SIP is a client-server protocol. A SIP client is an application program or device that sends SIP requests. A SIP server responds to the SIP requests. When you use SIP to make a VoIP call, it originates at a client and terminates at a server. A SIP client could be a computer or a SIP phone. One device can act as both a SIP client and a SIP server. 10.4.3 SIP User Agent A SIP user agent can make and receive VoIP telephone calls. This means that SIP can be used for peer-to-peer communications even though it is a client-server protocol. In the following figure, either A or B can act as a SIP user agent client to initiate a call. A and B can also both act as a SIP user agent to receive the call. Figure 48 SIP User Agent A B 10.4.4 SIP Proxy Server A SIP proxy server receives requests from clients and forwards them to another server. In the following example, you want to use client device A to call someone who is using client device C. 1 The client device (A in the figure) sends a call invitation to the SIP proxy server
(B). 122 Users Guide Chapter 10 The Service Configuration Screens 2 The SIP proxy server forwards the call invitation to C. Figure 49 SIP Proxy Server B 1 2 A C 10.4.5 SIP Redirect Server A SIP redirect server accepts SIP requests, translates the destination address to an IP address and sends the translated IP address back to the device that sent the request. Then the client device that originally sent the request can send requests to the IP address that it received back from the redirect server. Redirect servers do not initiate SIP requests. In the following example, you want to use client device A to call someone who is using client device C. 1 Client device A sends a call invitation for C to the SIP redirect server (B). 2 The SIP redirect server sends the invitation back to A with Cs IP address (or domain name). Users Guide 123 Chapter 10 The Service Configuration Screens 3 Client device A then sends the call invitation to client device C. Figure 50 SIP Redirect Server A 3 B 1 2 C 10.4.6 NAT and SIP The WiMAX Modem must register its public IP address with a SIP register server. If there is a NAT router between the WiMAX Modem and the SIP register server, the WiMAX Modem probably has a private IP address. The WiMAX Modem lists its IP address in the SIP message that it sends to the SIP register server. NAT does not translate this IP address in the SIP message. The SIP register server gets the WiMAX Modems IP address from inside the SIP message and maps it to your SIP identity. If the WiMAX Modem has a private IP address listed in the SIP message, the SIP server cannot map it to your SIP identity. See Chapter 8 The NAT Configuration Screens for more information. Use a SIP ALG (Application Layer Gateway), Use NAT, STUN, or outbound proxy to allow the WiMAX Modem to list its public IP address in the SIP messages. 10.4.7 DiffServ DiffServ is a class of service (CoS) model that marks packets so that they receive specific per-hop treatment at DiffServ-compliant network devices along the route based on the application types and traffic flow. Packets are marked with DiffServ Code Points (DSCPs) indicating the level of service desired. This allows the intermediary DiffServ-compliant network devices to handle the packets differently depending on the code points without the need to negotiate paths or remember state information for every flow. In addition, applications do not have to request a particular service or give advanced notice of where the traffic is going. 124 Users Guide Chapter 10 The Service Configuration Screens 10.4.8 DSCP and Per-Hop Behavior DiffServ defines a new DS (Differentiated Services) field to replace the Type of Service (TOS) field in the IP header. The DS field contains a 2-bit unused field and a 6-bit DSCP field which can define up to 64 service levels. The following figure illustrates the DS field. Figure 51 DiffServ: Differentiated Service Field DSCP
(6-bit) Unused
(2-bit) DSCP is backward compatible with the three precedence bits in the ToS octet so that non-DiffServ compliant, ToS-enabled network device will not conflict with the DSCP mapping. The DSCP value determines the forwarding behavior, the PHB (Per-Hop Behavior), that each packet gets across the DiffServ network. Based on the marking rule, different kinds of traffic can be marked for different priorities of forwarding. Resources can then be allocated according to the DSCP values and the configured policies. Users Guide 125 Chapter 10 The Service Configuration Screens 126 Users Guide CHAPTER 11 The Phone Screens 11.1 Overview Use the VOICE > Phone screens to configure the volume, echo cancellation, VAD settings and custom tones for the phone port on the WiMAX Modem. You can also select which SIP account to use for making outgoing calls. 11.1.1 What You Can Do in This Chapter The Analog Phone screen (Section 11.2 on page 128) lets you control which SIP accounts each phone uses. The Common screen (Section 11.3 on page 130) lets you activate and deactivate immediate dialing. The Region screen (Section 11.4 on page 131) lets you maintain settings that often depend on the region of the world in which the WiMAX Modem is located. 11.1.2 What You Need to Know The following terms and concepts may help as you read through this chapter. Voice Activity Detection/Silence Suppression/Comfort Noise Voice Activity Detection (VAD) detects whether or not speech is present. This lets the WiMAX Modem reduce the bandwidth that a call uses by not transmitting silent packets when you are not speaking. When using VAD, the WiMAX Modem generates comfort noise when the other party is not speaking. The comfort noise lets you know that the line is still connected as total silence could easily be mistaken for a lost connection. Echo Cancellation G.168 is an ITU-T standard for eliminating the echo caused by the sound of your voice reverberating in the telephone receiver while you talk. Users Guide 127 Chapter 11 The Phone Screens Supplementary Phone Services Overview Supplementary services such as call hold, call waiting, call transfer, etc. are generally available from your VoIP service provider. The WiMAX Modem supports the following services:
Call Hold Call Waiting Making a Second Call Call Transfer Call Forwarding Three-Way Conference Internal Calls Caller ID CLIP (Calling Line Identification Presentation) CLIR (Calling Line Identification Restriction) Note: To take full advantage of the supplementary phone services available though the WiMAX Modem's phone port, you may need to subscribe to the services from your VoIP service provider. 11.2 Analog Phone Click VOICE > Phone > Analog Phone to control which SIP accounts each phone uses. Figure 52 VOICE > Phone > Analog Phone 128 Users Guide The following table describes the labels in this screen. Chapter 11 The Phone Screens Table 43 VOICE > Phone > Analog Phone LABEL Phone Port Settings Outgoing Call Use SIP1 DESCRIPTION Select the number of a phone port for the configuration in this screen. Select this if you want this phone port to use the SIP1 account when it makes calls. If you select both SIP accounts, the WiMAX Modem tries to use SIP2 first. Select this if you want this phone port to use the SIP2 account when it makes calls. If you select both SIP accounts, the WiMAX Modem tries to use SIP2 first. SIP2 Incoming Call apply to SIP1 Select this if you want to receive phone calls for the SIP1 account on this phone port. If you select more than one source for incoming calls, there is no way to distinguish between them when you receive phone calls. Select this if you want to receive phone calls for the SIP2 account on this phone port. If you select more than one source for incoming calls, there is no way to distinguish between them when you receive phone calls. Click this to edit the advanced settings for this phone port. The advanced settings appear. Click to save your changes. Click to restore your previously saved settings. SIP2 Show Advanced Setup Apply Reset 11.2.1 Advanced Analog Phone Setup Click the Show Advanced Setup button in VOICE > Phone > Analog Phone to edit advanced settings for the selected phone port. Figure 53 VOICE > Phone > Analog Phone > Show Advanced Setup Users Guide 129 Chapter 11 The Phone Screens The following table describes the labels in this screen. DESCRIPTION Table 44 VOICE > Phone > Analog Phone > Show Advanced Setup LABEL Voice Volume Control Speaking Volume Listening Volume Echo Cancellation G.168 Active Enter the loudness that the WiMAX Modem uses for speech that it sends to the peer device. -1 is the quietest, and 1 is the loudest. Enter the loudness that the WiMAX Modem uses for speech that it receives from the peer device. -1 is the quietest, and 1 is the loudest. Select this if you want to eliminate the echo caused by the sound of your voice reverberating in the telephone receiver while you talk. Dialing Interval Select Dialing Interval Select Enter the number of seconds the WiMAX Modem should wait after you stop dialing numbers before it makes the phone call. The value depends on how quickly you dial phone numbers. If you select Active Immediate Dial in VOICE > Phone > Common, you can press the pound key (#) to tell the WiMAX Modem to make the phone call immediately, regardless of this setting. Select this if the WiMAX Modem should stop transmitting when you are not speaking. This reduces the bandwidth the WiMAX Modem uses. Click this to not display these advanced settings in this screen. Click to save your changes. Click to restore your previously saved settings. VAD Support Hide Advanced Setup Apply Reset 11.3 Common Click VOICE > Phone > Common to activate and deactivate immediate dialing. Figure 54 VOICE > Phone > Common 130 Users Guide Chapter 11 The Phone Screens The following table describes the labels in this screen. Table 45 VOICE > Phone > Common LABEL Active Immediate Dial DESCRIPTION Select this if you want to use the pound key (#) to tell the WiMAX Modem to make the phone call immediately, instead of waiting the number of seconds you selected in the Dialing Interval Select in VOICE > Phone > Analog Phone. If you select this, dial the phone number, and then press the pound key if you do not want to wait. The WiMAX Modem makes the call immediately. Click to save your changes. Click to restore your previously saved settings. Apply ( ) Reset ( ) 11.4 Region Click VOICE > Phone > Region to maintain settings that often depend on the region of the world in which the WiMAX Modem is located. Figure 55 VOICE > Phone > Region Users Guide 131 Chapter 11 The Phone Screens The following table describes the labels in this screen. Table 46 VOICE > Phone > Region LABEL Region Settings Select the place in which the WiMAX Modem is located. Do not select DESCRIPTION Call Service Mode Default. Select the mode for supplementary phone services (call hold, call waiting, call transfer and three-way conference calls) that your VoIP service provider supports. Europe Type - use supplementary phone services in European mode USA Type - use supplementary phone services American mode You might have to subscribe to these services to use them. Contact your VoIP service provider. Click to save your changes. Click to restore your previously saved settings. Apply ( ) Reset ( ) 11.5 Technical Reference The following section contains additional technical information about the WiMAX Modem features described in this chapter. 11.5.1 The Flash Key Flashing means to press the hook for a short period of time (a few hundred milliseconds) before releasing it. On newer telephones, there should be a "flash"
key (button) that generates the signal electronically. If the flash key is not available, you can tap (press and immediately release) the hook by hand to achieve the same effect. However, using the flash key is preferred since the timing is much more precise. The WiMAX Modem may interpret manual tapping as hanging up if the duration is too long You can invoke all the supplementary services by using the flash key. 132 Users Guide Chapter 11 The Phone Screens 11.5.2 Europe Type Supplementary Phone Services This section describes how to use supplementary phone services with the Europe Type Call Service Mode. Commands for supplementary services are listed in the table below. After pressing the flash key, if you do not issue the sub-command before the default sub-command timeout (2 seconds) expires or issue an invalid sub-
command, the current operation will be aborted. Table 47 European Type Flash Key Commands COMMAND SUB-
DESCRIPTION COMMAND Flash Flash Flash Flash 0 1 2 Flash Flash 3
*98#
Put a current call on hold to place a second call. Switch back to the call (if there is no second call). Drop the call presently on hold or reject an incoming call which is waiting for answer. Disconnect the current phone connection and answer the incoming call or resume with caller presently on hold. 1. Switch back and forth between two calls. 2. Put a current call on hold to answer an incoming call. 3. Separate the current three-way conference call into two individual calls (one is on-line, the other is on hold). Create three-way conference connection. Transfer the call to another phone. European Call Hold allows you to put a call (A) on hold by pressing the flash key. If you have another call, press the flash key and then 2 to switch back and forth between caller A and B by putting either one on hold. Press the flash key and then 0 to disconnect the call presently on hold and keep the current call on line. Press the flash key and then 1 to disconnect the current call and resume the call on hold. If you hang up the phone but a caller is still on hold, there will be a remind ring. European Call Waiting allows you to place a call on hold while you answer another incoming call on the same telephone (directory) number. If there is a second call to a telephone number, you will hear a call waiting tone. Take one of the following actions. Users Guide 133 Chapter 11 The Phone Screens Reject the second call. Press the flash key and then press 0. Disconnect the first call and answer the second call. Either press the flash key and press 1, or just hang up the phone and then answer the phone after it rings. Put the first call on hold and answer the second call. Press the flash key and then 2. European Call Transfer allows you to transfer an incoming call (that you have answered) to another phone. To do so:
1 Press the flash key to put the caller on hold. 2 When you hear the dial tone, dial *98# followed by the number to which you want to transfer the call. to operate the Intercom. 3 After you hear the ring signal or the second party answers it, hang up the phone. European Three-Way Conference allows you to make three-way conference calls. To do so:
1 When you are on the phone talking to someone, place the flash key to put the caller on hold and get a dial tone. 2 Dial a phone number directly to make another call. 3 When the second call is answered, press the flash key and press 3 to create a three-way conversation. 4 Hang up the phone to drop the connection. 5 If you want to separate the activated three-way conference into two individual connections (one is on-line, the other is on hold), press the flash key and press 2. 11.5.3 USA Type Supplementary Services This section describes how to use supplementary phone services with the USA Type Call Service Mode. Commands for supplementary services are listed in the table below. 134 Users Guide Chapter 11 The Phone Screens After pressing the flash key, if you do not issue the sub-command before the default sub-command timeout (2 seconds) expires or issue an invalid sub-
command, the current operation will be aborted. Table 48 USA Type Flash Key Commands COMMAND SUB-
DESCRIPTION COMMAND Flash Flash
*98#
Put a current call on hold to place a second call. After the second call is successful, press the flash key again to have a three-way conference call. Put a current call on hold to answer an incoming call. Transfer the call to another phone. USA Call Hold allows you to put a call (A) on hold by pressing the flash key. If you have another call, press the flash key to switch back and forth between caller A and B by putting either one on hold. If you hang up the phone but a caller is still on hold, there will be a remind ring. USA Call Waiting allows you to place a call on hold while you answer another incoming call on the same telephone (directory) number. If there is a second call to your telephone number, you will hear a call waiting tone. Press the flash key to put the first call on hold and answer the second call. USA Call Transfer allows you to transfer an incoming call (that you have answered) to another phone. To do so:
1 Press the flash key to put the caller on hold. 2 When you hear the dial tone, dial *98# followed by the number to which you want to transfer the call. to operate the Intercom. 3 After you hear the ring signal or the second party answers it, hang up the phone. USA Three-Way Conference allows you to make three-way conference calls. To do so:
1 When you are making a call, press the flash key to put the call on hold and get a dial tone. 2 Dial a phone number to make a second call. Users Guide 135 Chapter 11 The Phone Screens 3 When the second call is answered, press the flash key to create a three-way conversation. 4 If you want to separate the three-way conference into two individual calls (one call is online, the other is on hold), press the flash key. The first call is online and the second call is on hold. Pressing the flash key again will recreate the three-way conversation. The next time you press the flash key, the second call is online and the first call is on hold. 5 Hang up the phone to drop the connection. 136 Users Guide CHAPTER 12 The Phone Book Screens 12.1 Overview The VOICE > Phone Book screens allow you to configure the WiMAX Modems phone book for making VoIP calls. 12.1.1 What You Can Do in This Chapter The Incoming Call Policy screen (Section 12.2 on page 138) lets you maintain rules for handling incoming calls. You can block, redirect, or accept them. The Speed Dial screen (Section 12.3 on page 140) lets you add, edit, or remove speed-dial entries. 12.1.2 What You Need to Know The following terms and concepts may help as you read through this chapter. Speed Dial and Peer-to-Peer Calling Speed dial provides shortcuts for dialing frequently used (VoIP) phone numbers. It is also required if you want to make peer-to-peer calls. In peer-to-peer calls, you call another VoIP device directly without going through a SIP server. In the WiMAX Modem, you must set up a speed dial entry in the phone book in order to do this. Select Non-Proxy (Use IP or URL) in the Type column and enter the callees IP address or domain name. The WiMAX Modem sends SIP INVITE requests to the peer VoIP device when you use the speed dial entry. You do not need to configure a SIP account in order to make a peer-to-peer VoIP call. Users Guide 137 Chapter 12 The Phone Book Screens 12.2 Incoming Call Policy Click VOICE > Phone Book > Incoming Call Policy to maintain rules for handling incoming calls. You can block, redirect, or accept them. Figure 56 VOICE > Phone Book > Incoming Call Policy The following table describes the labels in this screen. Table 49 VOICE > Phone Book > Incoming Call Policy LABEL Table Number DESCRIPTION Select the call-forwarding table you want to see in this screen. If you change this field, the screen automatically refreshes. Forward to Number Setup Unconditional Forward to Number Busy Forward to Number No Answer Forward to Number No Answer Waiting Time Advanced Setup Select this if you want the WiMAX Modem to forward all incoming calls to the specified phone number, regardless of other rules in the Forward to Number section. Specify the phone number in the field on the right. Select this if you want the WiMAX Modem to forward incoming calls to the specified phone number if the phone port is busy. Specify the phone number in the field on the right. If you have call waiting, the incoming call is forwarded to the specified phone number if you reject or ignore the second incoming call. Select this if you want the WiMAX Modem to forward incoming calls to the specified phone number if the call is unanswered. (See No Answer Waiting Time.) Specify the phone number in the field on the right. This field is used by the No Answer Forward to Number feature and No Answer conditions below. Enter the number of seconds the WiMAX Modem should wait for you to answer an incoming call before it considers the call is unanswered. 138 Users Guide Chapter 12 The Phone Book Screens Table 49 VOICE > Phone Book > Incoming Call Policy LABEL
Activate Incoming Call Number Forward to Number DESCRIPTION The number of the item in this list. Select this to enable this rule. Clear this to disable this rule. Enter the phone number to which this rule applies. Enter the phone number to which you want to forward incoming calls from the Incoming Call Number. You may leave this field blank, depending on the Condition. Select the situations in which you want to forward incoming calls from the Incoming Call Number, or select an alternative action. Condition Unconditional - The WiMAX Modem immediately forwards any calls from the Incoming Call Number to the Forward to Number. Busy - The WiMAX Modem forwards any calls from the Incoming Call Number to the Forward to Number when your SIP account already has a call connected. No Answer - The WiMAX Modem forwards any calls from the Incoming Call Number to the Forward to Number when the call is unanswered. (See No Answer Waiting Time.) Block - The WiMAX Modem rejects calls from the Incoming Call Number. Accept - The WiMAX Modem allows calls from the Incoming Call Number. You might create a rule with this condition if you do not want incoming calls from someone to be forwarded by rules in the Forward to Number section. Apply Reset Click to save your changes. Click to restore your previously saved settings. Note: The WiMAX Modem checks the Advanced rules first before checking the Forward to Number rules. All rules are checked in order from top to bottom. Users Guide 139 Chapter 12 The Phone Book Screens 12.3 Speed Dial Click VOICE > Phone Book > Speed Dial to add, edit, or remove speed-dial entries. You must create speed-dial entries if you want to make peer-to-peer calls or call SIP numbers that use letters. You can also create speed-dial entries for frequently-used SIP phone numbers. Figure 57 VOICE > Phone Book > Speed Dial The following table describes the icons in this screen. Table 50 VOICE > Phone Book > Speed Dial ICON DESCRIPTION Edit Click to edit this item. Delete Click to delete this item. The following table describes the labels in this screen. Table 51 VOICE > Phone Book > Speed Dial LABEL
Number DESCRIPTION This is a list of speed dial numbers. This is the SIP number the WiMAX Modem calls when you use this speed dial number. This is the name of the party associated with this speed-dial number. This indicates if the speed-dial entry uses one of your SIP accounts or uses the IP address or domain name of the SIP server. Click the Delete icon to erase this speed-dial entry. Name Destination Action 140 Users Guide Chapter 12 The Phone Book Screens Table 51 VOICE > Phone Book > Speed Dial LABEL Clear ( ) Reset ( ) DESCRIPTION Click to clear all fields on the screen and begin anew. Click to restore your previously saved settings. 12.3.1 Speed Dial Setup Click the Edit icon of an entry in the VOICE > Phone Book > Speed Dial screen to open the following screen. Use this screen to configure a speed dial entry. Figure 58 VOICE > Phone Book > Speed Dial > Edit The following table describes the labels in this screen. Table 52 VOICE > Phone Book > Speed Dial > Edit LABEL Speed Dial Number DESCRIPTION Select the speed-dial number you want to use for this phone number. Enter the SIP number you want the WiMAX Modem to call when you dial the speed-dial number. Enter a name to identify the party you call when you dial the speed-dial number. You can use up to 127 printable ASCII characters. Select Use Proxy if you want to use one of your SIP accounts to call this phone number. Name Type Select Non-Proxy (Use IP or URL) if you want to use a different SIP server or if you want to make a peer-to-peer call. In this case, enter the IP address or domain name of the SIP server or the other party in the field below. Click to save your changes. Click to return to the previous screen without saving your changes. Apply ( ) Cancel ( ) Users Guide 141 Chapter 12 The Phone Book Screens 142 Users Guide PART V Tools & Status Screens The Certificates Screens (145) The Remote Management Screens (149) The Password Setup Screen (161) The Status Screen (163) 143 144 CHAPTER 13 The Certificates Screens 13.1 Overview Use the TOOLS ( ) > Certificates ( ) screens to import public key certificates on the WiMAX Modem. The WiMAX Modem can use public key certificates (also sometimes called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owners identity and public key. Certificates provide a way to exchange public keys for use in authentication. Public key certificates are used by web browsers to ensure that a secure web site is legitimate. When a certificate authority such as VeriSign, Comodo, or Network Solutions (to name a few) receives a certificate request from a website operator, they confirm that the web domain and contact information in the request match those on public record with a domain name registrar. If they match, then the certificate is issued to the website operator, who then places it on his site to be issued to all visiting web browsers to let them know that the site is legitimate. 13.1.1 What You Can Do in This Chapter The My Certificates screen (Section 13.2 on page 146) lets you import the WiMAX Modems CA-signed certificates. The Trusted CAs screen (Section 13.3 on page 146) lets you import trusted CA-signed certificates. 13.1.2 What You Need to Know The following terms and concepts may help as you read through this chapter. Certificate Authorities A Certification Authority (CA) issues certificates and guarantees the identity of each certificate owner. There are commercial certification authorities like CyberTrust or VeriSign and government certification authorities. Users Guide 145 Chapter 13 The Certificates Screens 13.2 My Certificates Click TOOLS ( ) > Certificates ( ) > My Certificates to import a certificate that matches a corresponding certification request that was generated by the WiMAX Modem. You must remove any spaces from the certificates filename before you can import it. Figure 59 TOOLS ( ) > Certificates ( ) > My Certificates The following table describes the labels in this screen. Table 53 TOOLS ( ) > Certificates ( ) > My Certificates LABEL File Path (
) DESCRIPTION Type in the location of the file you want to upload in this field or click Browse to find it. You cannot import a certificate with the same name as a certificate that is already in the WiMAX Modem. Click to find the certificate file you want to upload. Browse Apply ( ) Click to save your changes. Cancel ( ) Click to return to the previous screen without saving your changes. 13.3 Trusted CAs Click TOOLS ( ) > Certificates ( ) > Trusted CAs to open the following screen. Follow the instructions in this screen to save a trusted certification authoritys certificate from a computer to the WiMAX Modem. The WiMAX Modem trusts any valid certificate signed by any of the imported trusted CA certificates. 146 Users Guide Chapter 13 The Certificates Screens Note: You must remove any spaces from the certificates filename before you can import the certificate. Figure 60 TOOLS ( ) > Certificates ( ) > Trusted CAs The following table describes the labels in this screen. Table 54 TOOLS ( ) > Certificates ( ) > Trusted CAs Import LABEL File Path (
) Browse... Apply ( ) Cancel ( ) DESCRIPTION Type in the location of the file you want to upload in this field or click Browse to find it. Click to find the certificate file you want to upload. Click to save your changes. Click to return to the previous screen without saving your changes. Users Guide 147 Chapter 13 The Certificates Screens 148 Users Guide CHAPTER 14 The Remote Management Screens 14.1 Overview Use the TOOLS ( ) > Remote MGMT screens to control which computers can use which services to access the WiMAX Modem on each interface. Remote management allows you to determine which services/protocols can access which WiMAX Modem interface (if any) from which computers. You may manage your WiMAX Modem from a remote location via:
Table 55 Remote Management Internet (WAN only) LAN only ALL (LAN and WAN) Neither (Disable). To disable remote management of a service, select Disable in the corresponding Server Access field. You may only have one remote management session running at a time. The WiMAX Modem automatically disconnects a remote management session of lower priority when another remote management session of higher priority starts. The priorities for the different types of remote management sessions are as follows. 1 Telnet 2 HTTP 14.1.1 What You Can Do in This Chapter The WWW screen (Section 14.2 on page 151) lets you control HTTP access to your WiMAX Modem. The Telnet screen (Section 14.3 on page 152) lets you control Telnet access to your WiMAX Modem. The FTP screen (Section 14.4 on page 153) lets you control FTP access to your WiMAX Modem. Users Guide 149 Chapter 14 The Remote Management Screens The SNMP screen (Section 14.5 on page 154) lets you control SNMP access to your WiMAX Modem. The DNS screen (Section 14.6 on page 157) lets you control DNS access to your WiMAX Modem. The Security screen (Section 14.7 on page 158) lets you control how your WiMAX Modem responds to other types of requests. 14.1.2 What You Need to Know The following terms and concepts may help as you read through this chapter. Remote Management Limitations Remote management over LAN or WAN will not work when:
1 A filter in SMT menu 3.1 (LAN) or in menu 11.5 (WAN) is applied to block a Telnet, FTP or Web service. 2 3 4 You have disabled that service in one of the remote management screens. The IP address in the Secured Client IP field does not match the client IP address. If it does not match, the WiMAX Modem will disconnect the session immediately. There is already another remote management session with an equal or higher priority running. You may only have one remote management session running at one time. Remote Management and NAT When NAT is enabled:
Use the WiMAX Modems WAN IP address when configuring from the WAN. Use the WiMAX Modems LAN IP address when configuring from the LAN. System Timeout There is a default system management idle timeout of five minutes (three hundred seconds). The WiMAX Modem automatically logs you out if the management session remains idle for longer than this timeout period. The management session does not time out when a statistics screen is polling. SNMP Simple Network Management Protocol (SNMP) is a protocol used for exchanging management information between network devices. SNMP is a member of the 150 Users Guide Chapter 14 The Remote Management Screens TCP/IP protocol suite. Your WiMAX Modem supports SNMP agent functionality, which allows a manager station to manage and monitor the WiMAX Modem through the network. The WiMAX Modem supports SNMP version one (SNMPv1) and version two (SNMPv2). The next figure illustrates an SNMP management operation. Note: SNMP is only available if TCP/IP is configured. 14.2 WWW Click TOOLS ( ) > Remote MGMT > WWW to control HTTP access to your WiMAX Modem. Figure 61 TOOLS ( ) > Remote MGMT > WWW The following table describes the labels in this screen. Table 56 TOOLS ( ) > Remote MGMT > WWW LABEL Server Port DESCRIPTION Enter the port number this service can use to access the WiMAX Modem. The computer must use the same port number. Select the interface(s) through which a computer may access the WiMAX Modem using this service. Select All to allow any computer to access the WiMAX Modem using this service. Server Access Secured Client IP Address Select Selected to only allow the computer with the IP address that you specify to access the WiMAX Modem using this service. Users Guide 151 Chapter 14 The Remote Management Screens Table 56 TOOLS ( ) > Remote MGMT > WWW (continued) LABEL Apply ( ) Reset ( ) DESCRIPTION Click to save your changes. Click to restore your previously saved settings. 14.3 Telnet Click TOOLS ( ) > Remote MGMT > Telnet to control Telnet access to your WiMAX Modem. Figure 62 TOOLS ( ) > Remote MGMT > Telnet The following table describes the labels in this screen. Table 57 TOOLS ( ) > Remote MGMT > Telnet LABEL Server Port DESCRIPTION Enter the port number this service can use to access the WiMAX Modem. The computer must use the same port number. Select the interface(s) through which a computer may access the WiMAX Modem using this service. Select All to allow any computer to access the WiMAX Modem using this service. Select Selected to only allow the computer with the IP address that you specify to access the WiMAX Modem using this service. Click to save your changes. Click to restore your previously saved settings. Server Access Secured Client IP Address Apply ( ) Reset ( ) 152 Users Guide Chapter 14 The Remote Management Screens 14.4 FTP Click TOOLS () > Remote MGMT > FTP to control FTP access to your WiMAX Modem. Figure 63 TOOLS ( ) > Remote MGMT > FTP The following table describes the labels in this screen. Table 58 TOOLS ( ) > Remote MGMT > FTP LABEL Server Port DESCRIPTION Enter the port number this service can use to access the WiMAX Modem. The computer must use the same port number. Select the interface(s) through which a computer may access the WiMAX Modem using this service. Select All to allow any computer to access the WiMAX Modem using this service. Select Selected to only allow the computer with the IP address that you specify to access the WiMAX Modem using this service. Click to save your changes. Click to restore your previously saved settings. Server Access Secured Client IP Address Apply ( ) Reset ( ) Users Guide 153 Chapter 14 The Remote Management Screens 14.5 SNMP An SNMP managed network consists of two main types of component: agents and a manager. Figure 64 SNMP Management Model An agent is a management software module that resides in a managed device (the WiMAX Modem). An agent translates the local management information from the managed device into a form compatible with SNMP. The manager is the console through which network administrators perform network management functions. It executes applications that control and monitor managed devices. The managed devices contain object variables/managed objects that define each piece of information to be collected about a device. Examples of variables include such as number of packets received, node port status etc. A Management Information Base (MIB) is a collection of managed objects. SNMP allows a manager and agents to communicate for the purpose of accessing these objects. The WiMAX Modem supports MIB II that is defined in RFC-1213 and RFC-1215. The focus of the MIBs is to let administrators collect statistical data and monitor status and performance. SNMP itself is a simple request/response protocol based on the manager/agent model. The manager issues a request and the agent returns responses using the following protocol operations:
Get - Allows the manager to retrieve an object variable from the agent. 154 Users Guide Chapter 14 The Remote Management Screens GetNext - Allows the manager to retrieve the next object variable from a table or list within an agent. In SNMPv1, when a manager wants to retrieve all elements of a table from an agent, it initiates a Get operation, followed by a series of GetNext operations. Set - Allows the manager to set values for object variables within an agent. Trap - Used by the agent to inform the manager of some events. 14.5.1 SNMP Traps The WiMAX Modem sends traps to the SNMP manager when any of the following events occurs:
Table 59 SNMP Traps TRAP # TRAP NAME 0 coldStart (defined in RFC-
1215) warmStart (defined in RFC-
1215) authenticationFailure (defined in RFC-1215) whyReboot (defined in ZYXEL-
MIB) 1 4 6 6a For intentional reboot:
6b For fatal error:
DESCRIPTION A trap is sent after booting (power on). A trap is sent after booting (software reboot). A trap is sent to the manager when receiving any SNMP get or set requirements with the wrong community (password). A trap is sent with the reason of restart before rebooting when the system is going to restart
(warm start). A trap is sent with the message "System reboot by user!" if reboot is done intentionally, (for example, download new files, CI command "sys reboot", etc.). A trap is sent with the message of the fatal code if the system reboots because of fatal errors. Users Guide 155 Chapter 14 The Remote Management Screens 14.5.2 SNMP Options Click TOOLS ( ) > Remote MGMT > SNMP to control SNMP access to your WiMAX Modem. Figure 65 TOOLS ( ) > Remote MGMT > SNMP The following table describes the labels in this screen. Table 60 TOOLS ( ) > Remote MGMT > SNMP LABEL SNMP Configuration Get Community DESCRIPTION Set Community Trap Community Trap Destination SNMP Port Access Status Enter the Get Community, which is the password for the incoming Get and GetNext requests from the management station. The default is public and allows all requests. Enter the Set community, which is the password for incoming Set requests from the management station. The default is public and allows all requests. Enter the trap community, which is the password sent with each trap to the SNMP manager. The default is public and allows all requests. Enter the IP address of the station to send your SNMP traps to. You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management. Select the interface(s) through which a computer may access the WiMAX Modem using this service. 156 Users Guide Chapter 14 The Remote Management Screens Table 60 TOOLS ( ) > Remote MGMT > SNMP (continued) LABEL Secured Client IP A secured client is a trusted computer that is allowed to DESCRIPTION communicate with the WiMAX Modem using this service. Select All to allow any computer to access the WiMAX Modem using this service. Choose Selected to just allow the computer with the IP address that you specify to access the WiMAX Modem using this service. Click to save your changes. Click to restore your previously saved settings. Apply ( ) Reset ( ) 14.6 DNS Click TOOLS ( ) > Remote MGMT > DNS to control DNS access to your WiMAX Modem. Figure 66 TOOLS ( ) > Remote MGMT > DNS The following table describes the labels in this screen. Table 61 TOOLS ( ) > Remote MGMT > DNS LABEL Server Port DESCRIPTION This field is read-only. This field displays the port number this service uses to access the WiMAX Modem. The computer must use the same port number. Select the interface(s) through which a computer may access the WiMAX Modem using this service. Server Access Users Guide 157 Chapter 14 The Remote Management Screens Table 61 TOOLS ( ) > Remote MGMT > DNS (continued) LABEL Secured Client IP Address DESCRIPTION Select All to allow any computer to access the WiMAX Modem using this service. Select Selected to only allow the computer with the IP address that you specify to access the WiMAX Modem using this service. Click to save your changes. Click to restore your previously saved settings. Apply ( ) Reset ( ) 14.7 Security Click TOOLS ( ) > Remote MGMT > Security to control how your WiMAX Modem responds to other types of requests. Figure 67 TOOLS ( ) > Remote MGMT > Security 158 Users Guide Chapter 14 The Remote Management Screens The following table describes the labels in this screen. Table 62 TOOLS ( ) > Remote MGMT > Security LABEL Respond to Ping on DESCRIPTION Select the interface(s) on which the WiMAX Modem should respond to incoming ping requests. Disable - the WiMAX Modem does not respond to any ping requests. LAN - the WiMAX Modem only responds to ping requests received from the LAN. WAN - the WiMAX Modem only responds to ping requests received from the WAN. LAN & WAN - the WiMAX Modem responds to ping requests received from the LAN or the WAN. Select this to prevent outsiders from discovering your WiMAX Modem by sending requests to unsupported port numbers. If an outside user attempts to probe an unsupported port on your WiMAX Modem, an ICMP response packet is automatically returned. This allows the outside user to know the WiMAX Modem exists. Your WiMAX Modem supports anti-probing, which prevents the ICMP response packet from being sent. This keeps outsiders from discovering your WiMAX Modem when unsupported ports are probed. If you clear this, your WiMAX Modem replies with an ICMP Port Unreachable packet for a port probe on unused UDP ports and with a TCP Reset packet for a port probe on unused TCP ports. Click to save your changes. Click to restore your previously saved settings. Do not respond to requests for unauthorized services Apply ( ) Reset ( ) Users Guide 159 Chapter 14 The Remote Management Screens 160 Users Guide CHAPTER 15 The Password Setup Screen 15.1 Overview The default administrator password is 284wj/6. Use this screen to change it. 15.2 Password Setup Click TOOLS ( ) > Password Setup to change the administrator password. Figure 68 TOOLS ( ) > Password Setup Users Guide 161 Chapter 15 The Password Setup Screen The following table describes the labels in this screen. Table 63 TOOLS ( ) > Password Setup LABEL Old Password (
) New Password (
) DESCRIPTION Enter the current password you use to access the WiMAX Modem. Enter the new password for the WiMAX Modem. You can use up to 30 characters. As you type the password, the screen displays an asterisk
(*) for each character you type. Enter the new password again. Retype to Confirm (
) Apply ( ) Reset ( ) Click to save your changes. Click to restore your previously saved settings. 162 Users Guide CHAPTER 16 The Status Screen 16.1 Overview Use this screen to view a complete summary of your WiMAX Modem connection status. 16.2 Status Screen Click the STATUS () icon in the navigation bar to go to this screen, where you can view the current status of the device, system resources, and interfaces (LAN and WAN). Figure 69 Status ( ) Users Guide 163 Chapter 16 The Status Screen The following tables describe the labels in this screen. Table 64 Status ( ) LABEL Device Information () System Name
() DESCRIPTION This field displays the WiMAX Modem system name. It is used for identification. Firmware Version () Hardware Version (
) System Uptime(
) Memory Usage(
) You can change this in the ADVANCED ( ) > System Configuration () > General screens System Name (
) field. This field displays the current version of the firmware inside the device. It also shows the date the firmware version was created. You can change the firmware version by uploading new firmware in ADVANCED () > System Configuration () > Firmware. This field displays the version of the physical device hardware. This field displays how long the WiMAX Modem has been running since it last started up. The WiMAX Modem starts up when you plug it in, when you restart it (ADVANCED ( ) > System Configuration (
) > Restart), or when you reset it. This field displays what percentage of the WiMAX Modems memory is currently used. The higher the memory usage, the more likely the WiMAX Modem is to slow down. Some memory is required just to start the WiMAX Modem and to run the web configurator. You can reduce the memory usage by disabling some services (see CPU Usage); by reducing the amount of memory allocated to NAT and firewall rules (you may have to reduce the number of NAT rules or firewall rules to do so);
or by deleting rules in functions such as incoming call policies, speed dial entries, and static routes. Interface Information ( ) LAN Information (LAN ) Status () This field indicates whether or not the WiMAX Modem is using the LAN interface. This field displays Connected when the WiMAX Modem is using the LAN interface. Otherwise, it displays DISCONNECTED. Speed () This field displays the LAN connection speed (in Mbps). IP Address
(IP ) This field displays the current IP address of the WiMAX Modem in the LAN. This field displays the current subnet mask on the LAN. IP Subnet Mask (IP
) WAN Information (WAN ) Status () This field indicates whether or not the WiMAX Modem is using the WAN interface. This field displays OPERATIONAL when the WiMAX Modem is using the WAN interface. Otherwise, it displays DISCONNECTED. 164 Users Guide Chapter 16 The Status Screen Table 64 Status ( ) (continued) LABEL DESCRIPTION This field displays the current IP address of the WiMAX Modem in the LAN. This field displays the current subnet mask in the LAN. IP Address
(IP ) IP Subnet Mask (IP
) BSID Preamble Index Frequency (
) UL Data Amount (UL
) DL Data Amount (DL
) RSSI Tx Power (
) CINR MAC address
(MAC ) This field displays the identification number of the wireless base station to which the WiMAX Modem is connected. Every base station transmits a unique BSID, which identifies it across the network. The Preamble Index is the number of bytes used for initial synchorinzation at the biginning of a downlink frame. See the IEEE 802.16e standard for more information. This field displays the radio frequency of the WiMAX Modems wireless connection to a base station. This field shows the number of data packets uploaded from the WiMAX Modem to the base station each second. This field shows the number of data packets downloaded to the WiMAX Modem from the base station each second. This field shows the Received Signal Strength Indication. This value is a measurement of overall radio signal strength. A higher RSSI level indicates a stronger signal, and a lower RSSI level indicates a weaker signal. A strong signal does not necessarily indicate a good signal: a strong signal may have a low signal-to-noise ratio (SNR). This field shows the output transmission (Tx) level of the WiMAX Modem. This field shows the average Carrier to Interference plus Noise Ratio of the current connection. This value is an indication of overall radio signal quality. A higher value indicates a higher signal quality, and a lower value indicates a lower signal quality. This field displays the Media Access Control address of the WiMAX Modem. Every network device has a unique MAC address which identifies it across the network. Users Guide 165 Chapter 16 The Status Screen 166 Users Guide PART VI Troubleshooting and Specifications Troubleshooting (169) Product Specifications (177) 167 168 CHAPTER 17 Troubleshooting This chapter offers some suggestions to solve problems you might encounter. The potential problems are divided into the following categories:
Power, Hardware Connections, and LEDs WiMAX Modem Access and Login Internet Access Phone Calls and VoIP Reset the WiMAX Modem to Its Factory Defaults 17.1 Power, Hardware Connections, and LEDs The WiMAX Modem does not turn on. None of the LEDs turn on. 1 Make sure you are using the power adapter or cord included with the WiMAX Modem. 2 Make sure the power adapter or cord is connected to the WiMAX Modem and plugged in to an appropriate power source. Make sure the power source is turned on. 3 Disconnect and re-connect the power adapter or cord to the WiMAX Modem. 4 If the problem continues, contact the vendor. One of the LEDs does not behave as expected. 1 Make sure you understand the normal behavior of the LED. See Section 1.2.1 on page 21 for more information. Users Guide 169 Chapter 17 Troubleshooting 2 Check the hardware connections. See the Quick Start Guide. 3 Inspect your cables for damage. Contact the vendor to replace any damaged cables. 4 Disconnect and re-connect the power adapter to the WiMAX Modem. 5 If the problem continues, contact the vendor. 17.2 WiMAX Modem Access and Login I forgot the IP address for the WiMAX Modem. 1 2 3 The default IP address is http://192.168.1.1. If you changed the IP address and have forgotten it, you might get the IP address of the WiMAX Modem by looking up the IP address of the default gateway for your computer. To do this in most Windows computers, click Start > Run, enter cmd, and then enter ipconfig. The IP address of the Default Gateway might be the IP address of the WiMAX Modem (it depends on the network), so enter this IP address in your Internet browser. If this does not work, you have to reset the WiMAX Modem to its factory defaults. See Section 17.1 on page 169. I forgot the password. 1 2 The default password is 284wj/6. If this does not work, you have to reset the WiMAX Modem to its factory defaults. See Section 9.4 on page 104. I cannot see or access the Login screen in the web configurator. 1 Make sure you are using the correct IP address. The default IP address is http://192.168.1.1. 170 Users Guide Chapter 17 Troubleshooting If you changed the IP address (Section 3.2 on page 32), use the new IP address. If you changed the IP address and have forgotten it, see the troubleshooting suggestions for I forgot the IP address for the WiMAX Modem. 2 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide and Section 1.2.1 on page 21. 3 Make sure your Internet browser does not block pop-up windows and has JavaScript and Java enabled. See Appendix C on page 219. 4 If there is a DHCP server on your network, make sure your computer is using a dynamic IP address. Your WiMAX Modem is a DHCP server by default. If there is no DHCP server on your network, make sure your computers IP address is in the same subnet as the WiMAX Modem. See Appendix D on page 229. 5 Reset the WiMAX Modem to its factory defaults, and try to access the WiMAX Modem with the default IP address. See Section 9.5 on page 105. 6 If the problem continues, contact the network administrator or vendor, or try one of the advanced suggestions. Advanced Suggestions Try to access the WiMAX Modem using another service, such as Telnet. If you can access the WiMAX Modem, check the remote management settings and firewall rules to find out why the WiMAX Modem does not respond to HTTP. If your computer is connected wirelessly, use a computer that is connected to a LAN/ETHERNET port. I can see the Login screen, but I cannot log in to the WiMAX Modem. 1 Make sure you have entered the user name and password correctly. The default user name is @dmin, and the default password is 284wj/6. These fields are case-sensitive, so make sure [Caps Lock] is not on. 2 You cannot log in to the web configurator while someone is using Telnet to access the WiMAX Modem. Log out of the WiMAX Modem in the other session, or ask the person who is logged in to log out. 3 Disconnect and re-connect the power adapter or cord to the WiMAX Modem. 4 If this does not work, you have to reset the WiMAX Modem to its factory defaults. See Section 9.4 on page 104. Users Guide 171 Chapter 17 Troubleshooting I cannot Telnet to the WiMAX Modem. See the troubleshooting suggestions for I cannot see or access the Login screen in the web configurator. Ignore the suggestions about your browser. 17.3 Internet Access I cannot access the Internet. 1 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide and Section 1.2.1 on page 21. 2 Make sure you entered your ISP account information correctly in the wizard. These fields are case-sensitive, so make sure [Caps Lock] is not on. 3 Check your security settings. In the web configurator, go to the Status screen. Click the WiMAX Profile link in the Summary box and make sure that you are using the correct security settings for your Internet account. 4 Check your WiMAX settings. The WiMAX Modem may have been set to search the wrong frequencies for a wireless connection. In the web configurator, go to the Status screen. Click the WiMAX Site Information link in the Summary box and ensure that the values are correct. If the values are incorrect, enter the correct frequency settings in the ADVANCED ( ) > WAN Configuration (WAN )
> WiMAX Configuration screen. If you are unsure of the correct values, contact your service provider. 5 If you are trying to access the Internet wirelessly, make sure the wireless settings in the wireless client are the same as the settings in the AP. 6 Disconnect all the cables from your WiMAX Modem, and follow the directions in the Quick Start Guide again. 7 If the problem continues, contact your ISP. I cannot access the Internet any more. I had access to the Internet (with the WiMAX Modem), but my Internet connection is not available any more. 172 Users Guide Chapter 17 Troubleshooting 1 Check the hardware connections, and make sure the LEDs are behaving as expected. See the Quick Start Guide and Section 1.2.1 on page 21. 2 Disconnect and re-connect the power adapter to the WiMAX Modem. 3 If the problem continues, contact your ISP. The Internet connection is slow or intermittent. 1 2 The quality of the WiMAX Modems wireless connection to the base station may be poor. Poor signal reception may be improved by moving the WiMAX Modem away from thick walls and other obstructions, or to a higher floor in your building. There may be radio interference caused by nearby electrical devices such as microwave ovens and radio transmitters. Move the WiMAX Modem away or switch the other devices off. Weather conditions may also affect signal quality. 3 As well as having an external antenna connector, the MAX-210HW2 is equipped with an internal directional antenna. If you know the location of the base station, orient the front of the WiMAX Modem (the side with the LEDs) towards the base station. If you do not know the location of the base station, experiment by moving the WiMAX Modem while observing the Strength Indicator LEDs for an increase in received signal strength. The MAX-200HW2 and MAX-230HW2 do not have internal antennas. 4 There might be a lot of traffic on the network. Look at the LEDs, and check Section 1.2.1 on page 21. If the WiMAX Modem is sending or receiving a lot of information, try closing some programs that use the Internet, especially peer-to-
peer applications. 5 Disconnect and re-connect the power adapter to the WiMAX Modem. 6 If the problem continues, contact the network administrator or vendor, or try one of the advanced suggestions. The Internet connection disconnects. 1 Check your WiMAX link and signal strength using the WiMAX Link and Strength Indicator LEDs on the device. 2 Contact your ISP if the problem persists. Users Guide 173 Chapter 17 Troubleshooting 17.4 Phone Calls and VoIP The telephone port wont work or the telephone lacks a dial tone. 1 Check the telephone connections and telephone wire. 2 Make sure you have the VOICE > Service Configuration > SIP Settings screen properly configured (Chapter 10 on page 109). I can access the Internet, but cannot make VoIP calls. 1 Make sure you have the VOICE > Service Configuration > SIP Settings screen properly configured (Chapter 10 on page 109). 2 3 4 The VoIP LED should come on. Make sure that your telephone is connected to the VoIP port (see the Quick Start Guide for information on connecting telephone cables to the these ports). You can also check the VoIP status in the Status ( ) screen. If the VoIP settings are correct, use speed dial to make peer-to-peer calls. If you cannot make a call using speed dial, there may be something wrong with the SIP server. Contact your VoIP service provider. Problems With Multiple SIP Accounts You can set up two SIP accounts on your WiMAX Modem. By default your WiMAX Modem uses SIP account 1 for outgoing calls, and it uses SIP accounts 1 and 2 for incoming calls. With this setting, you always use SIP account 1 for your outgoing calls and you cannot distinguish which SIP account the calls are coming in through. If you want to control the use of different dialing plans for accounting purposes or other reasons, you need to configure your phone port in order to control which SIP account you are using when placing or receiving calls. 174 Users Guide Chapter 17 Troubleshooting 17.5 Reset the WiMAX Modem to Its Factory Defaults If you reset the WiMAX Modem, you lose all of the changes you have made. The WiMAX Modem re-loads its default settings, and the password resets to 1234. You have to make all of your changes again. You will lose all of your changes when you push the Reset button. To reset the WiMAX Modem, 1 Make sure the Power LED is on and not blinking. 2 Press and hold the Reset button for five to ten seconds. Release the Reset button when the Power LED begins to blink. The default settings have been restored. If the WiMAX Modem restarts automatically, wait for the WiMAX Modem to finish restarting, and log in to the web configurator. The password is 284wj/6. If the WiMAX Modem does not restart automatically, disconnect and reconnect the WiMAX Modems power. Then, follow the directions above again. 17.5.1 Pop-up Windows, JavaScripts and Java Permissions Please see Appendix C on page 219. Users Guide 175 Chapter 17 Troubleshooting 176 Users Guide CHAPTER 18 Product Specifications This chapter gives details about your WiMAX Modems hardware and firmware features. Table 65 Environmental and Hardware Specifications FEATURE Operating Temperature Storage Temperature Operating Humidity Storage Humidity Power Supply Power consumption Ethernet Interface DESCRIPTION 0C to 45C
-25C to 55C 10% ~ 90% (non-condensing) 10% to 95% (non-condensing) 12V DC, 2A 18W Four auto-negotiating, auto-MDI/MDI-X NWay 10/100 Mbps RJ-45 Ethernet ports Two analog ATA interfaces for standard telephones through RJ-11 FXS (Foreign Exchange Subscriber) analog connector Two internal omnidirectional 5dBi WiMAX antennas g 004 165 mm (W) x 25 mm (D) x 260 mm (H) Telephony Interface Antennas thgieW Dimensions Certification EMI and EMS:
USA-FCC Part 15B/ FCC Part 27M/ FCC MPE Taiwan-NCC PLMN09/ NCC MPE/ BSMI CNS13438/
BSMI CNS14336 Table 66 Radio Specifications FEATURE Media Access Protocol WiMAX Bandwidth DESCRIPTION IEEE 802.16e 2.5 GHz Users Guide 177 Chapter 18 Product Specifications Table 66 Radio Specifications (continued) Data Rate Download:
Maximum 20 Mbps Average 6 Mbps Upload:
Maximum 4 Mbps Average 3 Mbps Modulation QPSK (uplink and downlink) Output Power Duplex mode Security 16-QAM (uplink and downlink) 64-QAM (downlink only) Typically 26 dBm with internal antennas Time Division Duplex (TDD) PKMv2 EAP CCMP, 128-bit AES Table 67 Firmware Specifications FEATURE Web-based Configuration and Management Tool High Speed Wireless Internet Access Firewall Content Filtering Network Address Translation (NAT) Universal Plug and Play
(UPnP) DESCRIPTION Also known as the web configurator, this is a firmware-
based management solution for the WiMAX Modem. You must connect using a compatible web browser in order to use it. The WiMAX Modem is ideal for high-speed wireless Internet browsing. WiMAX (Worldwide Interoperability for Microwave Access) is a wireless networking standard providing high-bandwidth, wide-range secured wireless service. The WiMAX Modem is a WiMAX mobile station (MS) compatible with the IEEE 802.16e standard. The WiMAX Modem is a stateful inspection firewall with DoS
(Denial of Service) protection. By default, when the firewall is activated, all incoming traffic from the WAN to the LAN is blocked unless it is initiated from the LAN. The WiMAX Modems firewall supports TCP/UDP inspection, DoS detection and prevention, real time alerts, reports and logs. The WiMAX Modem can block access to web sites containing specified keywords. You can define time periods and days during which content filtering is enabled and include or exclude a range of users on the LAN from content filtering. Network Address Translation (NAT) allows the translation of an Internet protocol address used within one network (for example a private IP address used in a local network) to a different IP address known within another network (for example a public IP address used on the Internet). Your device and other UPnP enabled devices can use the standard TCP/IP protocol to dynamically join a network, obtain an IP address and convey their capabilities to each other. 178 Users Guide Table 67 Firmware Specifications (continued) FEATURE Dynamic DNS Support Chapter 18 Product Specifications DESCRIPTION With Dynamic DNS support, you can have a static hostname alias for a dynamic IP address, allowing the host to be more easily accessible from various locations on the Internet. You must register for this service with a Dynamic DNS service provider. DHCP (Dynamic Host Configuration Protocol) allows the individual clients (computers) to obtain the TCP/IP configuration at start-up from a centralized DHCP server. Your device has built-in DHCP server capability enabled by default. It can assign IP addresses, an IP default gateway and DNS servers to DHCP clients. Your device can also act as a surrogate DHCP server (DHCP Relay) where it relays IP address assignment from the actual real DHCP server to the clients. IP alias allows you to partition a physical network into logical networks over the same Ethernet interface. Your device supports three logical LAN interfaces via its single physical Ethernet interface with the your device itself as the gateway for each LAN network. You can configure multiple voice (SIP) accounts. Your device is a SIP Application Layer Gateway (ALG). It allows VoIP calls to pass through NAT for devices behind it
(such as a SIP-based VoIP software application on a computer). The built-in adaptive buffer helps to smooth out the variations in delay (jitter) for voice traffic (up to 60 ms). This helps ensure good voice quality for your conversations. Voice Activity Detection (VAD) reduces the bandwidth that a call uses by not transmitting when you are not speaking. DHCP IP Alias Multiple SIP Accounts SIP ALG Dynamic Jitter Buffer Voice Activity Detection/
Silence Suppression Comfort Noise Generation Your device generates background noise to fill moments of Echo Cancellation Time and Date Logging Codecs Fax Support silence when the other device in a call stops transmitting because the other party is not speaking (as total silence could easily be mistaken for a lost connection). You device supports G.168 of at least 24 ms. This an ITU-T standard for eliminating the echo caused by the sound of your voice reverberating in the telephone receiver while you talk. Get the current time and date from an external server when you turn on your WiMAX Modem. You can also set the time manually. Use the WiMAX Modems logging feature to view connection history, surveillance logs, and error messages. Enhanced Variable Rate Codec (EVRC), G.711 (PCM -law and a-law), G.729a, and G.723.1 T.38 FAX relay (FAX over UDP). G.711 fax relay for fax calls and be able to renegotiate codec to G.711 if a fax call is detected. Users Guide 179 Chapter 18 Product Specifications Table 67 Firmware Specifications (continued) FEATURE Ring Tones Call Prioritization DESCRIPTION Supports different distinctive ring tones on each line. Prioritize VoIP traffic originating from the RJ-11 ports over any other traffic. Table 68 Standards Supported STANDARD RFC 768 RFC 791 RFC 792 RFC 792 RFC 826 RFC 854 RFC 1349 RFC 1706 RFC 1889 RFC 1890 RFC 2030 RFC 2104 RFC 2131 RFC 2401 RFC 2409 RFC 2475 RFC 2617 DESCRIPTION User Datagram Protocol Internet Protocol v4 Internet Control Message Protocol Transmission Control Protocol Address Resolution Protocol Telnet Protocol Type of Service Protocol DNS NSAP Resource Records Real-time Transport Protocol (RTP) Real-time Transport Control Protocol (RTCP) Simple Network Time Protocol HMAC: Keyed-Hashing for Message Authentication Dynamic Host Configuration Protocol Security Architecture for the Internet Protocol Internet Key Exchange Architecture for Differentiated Services (Diffserv) Hypertext Transfer Protocol (HTTP) Authentication: Basic and Digest Access Authentication A DNS RR for specifying the location of services (DNS SRV) Real-time Transport Protocol Payload for DTMF Digits, Telephony Tones and Telephony Signals The SIP INFO Method Session Initiation Protocol (SIP version 2) Reliability of Provisional Responses in the Session Initiation Protocol (SIP). Session Initiation Protocol (SIP): Locating SIP Servers An Offer/Answer Model with the Session Description Protocol
(SDP) Session Initiation Protocol (SIP)-Specific Event Notification A Privacy Mechanism for SIP Private Extensions to the Session Initiation Protocol (SIP) for Asserted Identity within Trusted Networks RTP - A Real Time Protocol for Real-Time Applications An Extension to the Session Initiation Protocol (SIP) for Symmetric Response Routing RFC 2782 RFC 2833 RFC 2976 RFC 3261 RFC 3262 RFC 3263 RFC 3264 RFC 3265 RFC 3323 RFC 3325 RFC 3550 RFC 3581 180 Users Guide Chapter 18 Product Specifications Table 68 Standards Supported (continued) STANDARD RFC 3611 RFC 3715 RFC 3842 DESCRIPTION RTP Control Protocol Extended Reports (RTCP XR)-XR IP Sec/NAT Compatibility A Message Summary and Message Waiting Indication Event Package for the Session Initiation Protocol (SIP) 10BASE5 10 Mbit/s (1.25 MB/s) 100BASE-TX, 100BASE-T4, 100BASE-FX Fast Ethernet at 100 Mbit/s (12.5 MB/s) with auto-negotiation IEEE 802.3 IEEE 802.3u Table 69 Voice Features Call Park and Pickup Call park and pickup lets you put a call on hold (park) and then continue the call (pickup). The caller must still pay while the call is parked. When you park the call, you enter a number of your choice (up to eight digits), which you must enter again when you pick up the call. If you do not enter the correct number, you cannot pickup the call. This means that only someone who knows the number you have chosen can pick up the call. You can have more than one call on hold at the same time, but you must give each call a different number. With call return, you can place a call to the last number that called you (either answered or missed). The last incoming call can be through either SIP or PSTN. Phone standards and settings differ from one country to another, so the settings on your WiMAX Modem must be configured to match those of the country you are in. The country code feature allows you to do this by selecting the country from a list rather than changing each setting manually. Configure the country code feature when you move the WiMAX Modem from one country to another. This feature allows you to set your phone not to ring when someone calls you. You can set each phone independently using its keypad, or configure global settings for all phones using the command line interpreter. You can set the WiMAX Modem to automatically dial a specified number immediately whenever you lift a phone off the hook. Use the Web Configurator to set the specified number. Use the command line interpreter to have the WiMAX Modem wait a specified length of time before dialing the number. The phone configuration table allows you to customize the phone keypad combinations you use to access certain features on the WiMAX Modem, such as call waiting, call return, call forward, etc. The phone configuration table is configurable in command interpreter mode. Call Return Country Code Do not Disturb
(DnD) Auto Dial Phone config Users Guide 181
1 | Manual 2 | Users Manual | 2.79 MiB |
Chapter 18 Product Specifications Table 69 Voice Features Firmware update enable / disable Call waiting Call forwarding Caller ID REN QoS (Quality of Service) SIP ALG Other Voice Features If your service provider uses this feature, you hear a recorded message when you pick up the phone when new firmware is available for your WiMAX Modem. Enter *99# in your phones keypad to have the WiMAX Modem upgrade the firmware, or enter #99# to not upgrade. If your service provider gave you different numbers to use, enter them instead. If you enter the code to not upgrade, you can make a call as normal. You will hear the recording again each time you pick up the phone, until you upgrade. This feature allows you to hear an alert when you are already using the phone and another person calls you. You can then either reject the new incoming call, put your current call on hold and receive the new incoming call, or end the current call and receive the new incoming call. With this feature, you can set the WiMAX Modem to forward calls to a specified number, either unconditionally (always), when your number is busy, or when you do not answer. You can also forward incoming calls from one specified number to another. The WiMAX Modem supports caller ID, which allows you to see the originating number of an incoming call (on a phone with a suitable display). A Ringer Equivalence Number (REN) is used to determine the number of devices (like telephones or fax machines) that may be connected to the telephone line. Your device has a REN of three, so it can support three devices per telephone port. Quality of Service (QoS) mechanisms help to provide better service on a per-flow basis. Your device supports Type of Service (ToS) tagging and Differentiated Services (DiffServ) tagging. This allows the device to tag voice frames so they can be prioritized over the network. Your device is a SIP Application Layer Gateway (ALG). It allows VoIP calls to pass through NAT for devices behind it (such as a SIP-based VoIP software application on a computer). SIP version 2 (Session Initiating Protocol RFC 3261) SDP (Session Description Protocol RFC 2327) RTP (RFC 1889) RTCP (RFC 1890) Voice codecs (coder/decoders) G.711, G.726, G.729 Fax and data modem discrimination DTMF Detection and Generation DTMF: In-band and Out-band traffic (RFC 2833),(PCM), (SIP INFO) Point-to-point call establishment between two IADs Quick dialing through predefined phone book, which maps the phone dialing number and destination URL. Flexible Dial Plan (RFC3525 section 7.1.14) 182 Users Guide Chapter 18 Product Specifications Table 70 Star (*) and Pound (#) Code Support
*0
*2
*66
*67 Wireless Operator Services Customer Care Access Repeat Dialing Plus the 10 digit phone number to block Caller ID on a single call basis Return last call received Followed by the 10 digit phone number to cancel Call Waiting on a single call basis Activate Call Forwarding (*72 followed by the 10 digit phone number that is requesting call forwarding service) Activate Call Forwarding (*720 followed by the 10 digit phone number that is requesting deactivation of call forwarding service) Plus the forward to phone number to activate Call Forwarding No Answer (no VM service plan) Deactivate Call Forwarding No Answer Plus the forward to phone number to activate Call Forwarding Busy
(no VM service plan) Emergency phone number (same as dialing 911) Wireless Information Services
*69
*70
*72
*720
*73
*730
*740
*911/911
*411/411 Note: To take full advantage of the supplementary phone services available through the WiMAX Modem's phone port, you may need to subscribe to the services from your voice account service provider. Not all features are supported by all service providers. Consult your service provider for more information. Users Guide 183 Chapter 18 Product Specifications 184 Users Guide PART VII Appendices and Index WiMAX Security (187) Setting Up Your Computers IP Address
(191) Pop-up Windows, JavaScripts and Java Permissions (219) IP Addresses and Subnetting (229) Importing Certificates (241) SIP Passthrough (273) Common Services (275) Legal Information (279) Customer Support (313) 185 186 APPENDIX A WiMAX Security Wireless security is vital to protect your wireless communications. Without it, information transmitted over the wireless network would be accessible to any networking device within range. User Authentication and Data Encryption The WiMAX (IEEE 802.16) standard employs user authentication and encryption to ensure secured communication at all times. User authentication is the process of confirming a users identity and level of authorization. Data encryption is the process of encoding information so that it cannot be read by anyone who does not know the code. WiMAX uses PKMv2 (Privacy Key Management version 2) for authentication, and CCMP (Counter Mode with Cipher Block Chaining Message Authentication Protocol) for data encryption. WiMAX supports EAP (Extensible Authentication Protocol, RFC 2486) which allows additional authentication methods to be deployed with no changes to the base station or the mobile or subscriber stations. PKMv2 is a procedure that allows authentication of a mobile or subscriber station and negotiation of a public key to encrypt traffic between the MS/SS and the base station. PKMv2 uses standard EAP methods such as Transport Layer Security
(EAP-TLS) or Tunneled TLS (EAP-TTLS) for secure communication. In cryptography, a key is a piece of information, typically a string of random numbers and letters, that can be used to lock (encrypt) or unlock (decrypt) a message. Public key encryption uses key pairs, which consist of a public (freely available) key and a private (secret) key. The public key is used for encryption and the private key is used for decryption. You can decrypt a message only if you have the private key. Public key certificates (or digital IDs) allow users to verify each others identity. PKMv2 Users Guide 187 Appendix A WiMAX Security RADIUS RADIUS is based on a client-server model that supports authentication, authorization and accounting. The base station is the client and the server is the RADIUS server. The RADIUS server handles the following tasks:
Authentication Determines the identity of the users. Authorization Determines the network services available to authenticated users once they are connected to the network. Accounting Keeps track of the clients network activity. RADIUS is a simple package exchange in which your base station acts as a message relay between the MS/SS and the network RADIUS server. Types of RADIUS Messages The following types of RADIUS messages are exchanged between the base station and the RADIUS server for user authentication:
Access-Request Sent by an base station requesting authentication. Access-Reject Sent by a RADIUS server rejecting access. Access-Accept Sent by a RADIUS server allowing access. Access-Challenge Sent by a RADIUS server requesting more information in order to allow access. The base station sends a proper response from the user and then sends another Access-Request message. The following types of RADIUS messages are exchanged between the base station and the RADIUS server for user accounting:
Accounting-Request Sent by the base station requesting accounting. Accounting-Response Sent by the RADIUS server to indicate that it has started or stopped accounting. In order to ensure network security, the access point and the RADIUS server use a shared secret key, which is a password they both know. The key is not sent over 188 Users Guide the network. In addition to the shared key, password information exchanged is also encrypted to protect the network from unauthorized access. Appendix A WiMAX Security Diameter Diameter (RFC 3588) is a type of AAA server that provides several improvements over RADIUS in efficiency, security, and support for roaming. Security Association CCMP The set of information about user authentication and data encryption between two computers is known as a security association (SA). In a WiMAX network, the process of security association has three stages. Authorization request and reply The MS/SS presents its public certificate to the base station. The base station verifies the certificate and sends an authentication key (AK) to the MS/SS. Key request and reply The MS/SS requests a transport encryption key (TEK) which the base station generates and encrypts using the authentication key. Encrypted traffic The MS/SS decrypts the TEK (using the authentication key). Both stations can now securely encrypt and decrypt the data flow. All traffic in a WiMAX network is encrypted using CCMP (Counter Mode with Cipher Block Chaining Message Authentication Protocol). CCMP is based on the 128-bit Advanced Encryption Standard (AES) algorithm. Counter mode refers to the encryption of each block of plain text with an arbitrary number, known as the counter. This number changes each time a block of plain text is encrypted. Counter mode avoids the security weakness of repeated identical blocks of encrypted text that makes encrypted data vulnerable to pattern-spotting. Cipher Block Chaining Message Authentication (also known as CBC-MAC) ensures message integrity by encrypting each block of plain text in such a way that its encryption is dependent on the block before it. This series of chained blocks creates a message authentication code (MAC or CMAC) that ensures the encrypted data has not been tampered with. Users Guide 189 Appendix A WiMAX Security Authentication The WiMAX Modem supports EAP-TTLS authentication. EAP-TTLS (Tunneled Transport Layer Service) EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the server-side authentications to establish a secure connection (with EAP-
TLS digital certifications are needed by both the server and the wireless clients for mutual authentication). Client authentication is then done by sending username and password through the secure connection, thus client identity is protected. For client authentication, EAP-TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2. 190 Users Guide B APPENDIX Setting Up Your Computers IP Address Note: Your specific ZyXEL device may not support all of the operating systems described in this appendix. See the product specifications for more information about which operating systems are supported. This appendix shows you how to configure the IP settings on your computer in order for it to be able to communicate with the other devices on your network. Windows Vista/XP/2000, Mac OS 9/OS X, and all versions of UNIX/LINUX include the software components you need to use TCP/IP on your computer. If you manually assign IP information instead of using a dynamic IP, make sure that your networks computers have IP addresses that place them in the same subnet. In this appendix, you can set up an IP address for:
Windows XP/NT/2000 on page 192 Windows Vista on page 195 Mac OS X: 10.3 and 10.4 on page 199 Mac OS X: 10.5 on page 203 Linux: Ubuntu 8 (GNOME) on page 206 Linux: openSUSE 10.3 (KDE) on page 212 Users Guide 191 Appendix B Setting Up Your Computers IP Address Windows XP/NT/2000 The following example uses the default Windows XP display theme but can also apply to Windows 2000 and Windows NT. 1 Click Start > Control Panel. Figure 70 Windows XP: Start Menu 2 In the Control Panel, click the Network Connections icon. Figure 71 Windows XP: Control Panel 192 Users Guide Appendix B Setting Up Your Computers IP Address 3 Right-click Local Area Connection and then select Properties. Figure 72 Windows XP: Control Panel > Network Connections > Properties 4 On the General tab, select Internet Protocol (TCP/IP) and then click Properties. Figure 73 Windows XP: Local Area Connection Properties Users Guide 193 Appendix B Setting Up Your Computers IP Address 5 The Internet Protocol TCP/IP Properties window opens. Figure 74 Windows XP: Internet Protocol (TCP/IP) Properties 6 Select Obtain an IP address automatically if your network administrator or ISP assigns your IP address dynamically. Select Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields if you have a static IP address that was assigned to you by your network administrator or ISP. You may also have to enter a Preferred DNS server and an Alternate DNS server, if that information was provided. 7 Click OK to close the Internet Protocol (TCP/IP) Properties window. Click OK to close the Local Area Connection Properties window.Verifying Settings 1 Click Start > All Programs > Accessories > Command Prompt. 2 In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can also go to Start > Control Panel > Network Connections, right-click a network connection, click Status and then click the Support tab to view your IP address and connection information. 194 Users Guide Appendix B Setting Up Your Computers IP Address Windows Vista This section shows screens from Windows Vista Professional. 1 Click Start > Control Panel. Figure 75 Windows Vista: Start Menu 2 In the Control Panel, click the Network and Internet icon. Figure 76 Windows Vista: Control Panel 3 Click the Network and Sharing Center icon. Figure 77 Windows Vista: Network And Internet Users Guide 195 Appendix B Setting Up Your Computers IP Address 4 Click Manage network connections. Figure 78 Windows Vista: Network and Sharing Center 5 Right-click Local Area Connection and then select Properties. Figure 79 Windows Vista: Network and Sharing Center Note: During this procedure, click Continue whenever Windows displays a screen saying that it needs your permission to continue. 196 Users Guide Appendix B Setting Up Your Computers IP Address 6 Select Internet Protocol Version 4 (TCP/IPv4) and then select Properties. Figure 80 Windows Vista: Local Area Connection Properties Users Guide 197 Appendix B Setting Up Your Computers IP Address 7 The Internet Protocol Version 4 (TCP/IPv4) Properties window opens. Figure 81 Windows Vista: Internet Protocol Version 4 (TCP/IPv4) Properties 8 Select Obtain an IP address automatically if your network administrator or ISP assigns your IP address dynamically. Select Use the following IP Address and fill in the IP address, Subnet mask, and Default gateway fields if you have a static IP address that was assigned to you by your network administrator or ISP. You may also have to enter a Preferred DNS server and an Alternate DNS server, if that information was provided.Click Advanced. 9 Click OK to close the Internet Protocol (TCP/IP) Properties window. Click OK to close the Local Area Connection Properties window.Verifying Settings 1 Click Start > All Programs > Accessories > Command Prompt. 2 In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can also go to Start > Control Panel > Network Connections, right-click a network connection, click Status and then click the Support tab to view your IP address and connection information. 198 Users Guide Appendix B Setting Up Your Computers IP Address Mac OS X: 10.3 and 10.4 The screens in this section are from Mac OS X 10.4 but can also apply to 10.3. 1 Click Apple > System Preferences. Figure 82 Mac OS X 10.4: Apple Menu 2 In the System Preferences window, click the Network icon. Figure 83 Mac OS X 10.4: System Preferences Users Guide 199 Appendix B Setting Up Your Computers IP Address 3 When the Network preferences pane opens, select Built-in Ethernet from the network connection type list, and then click Configure. Figure 84 Mac OS X 10.4: Network Preferences 4 For dynamically assigned settings, select Using DHCP from the Configure IPv4 list in the TCP/IP tab. Figure 85 Mac OS X 10.4: Network Preferences > TCP/IP Tab. 200 Users Guide Appendix B Setting Up Your Computers IP Address 5 For statically assigned settings, do the following:
From the Configure IPv4 list, select Manually. In the IP Address field, type your IP address. In the Subnet Mask field, type your subnet mask. In the Router field, type the IP address of your device. Figure 86 Mac OS X 10.4: Network Preferences > Ethernet Users Guide 201 Appendix B Setting Up Your Computers IP Address Click Apply Now and close the window.Verifying Settings Check your TCP/IP properties by clicking Applications > Utilities > Network Utilities, and then selecting the appropriate Network Interface from the Info tab. Figure 87 Mac OS X 10.4: Network Utility 202 Users Guide Appendix B Setting Up Your Computers IP Address Mac OS X: 10.5 The screens in this section are from Mac OS X 10.5. 1 Click Apple > System Preferences. Figure 88 Mac OS X 10.5: Apple Menu 2 In System Preferences, click the Network icon. Figure 89 Mac OS X 10.5: Systems Preferences Users Guide 203 Appendix B Setting Up Your Computers IP Address 3 When the Network preferences pane opens, select Ethernet from the list of available connection types. Figure 90 Mac OS X 10.5: Network Preferences > Ethernet 4 5 From the Configure list, select Using DHCP for dynamically assigned settings. For statically assigned settings, do the following:
From the Configure list, select Manually. In the IP Address field, enter your IP address. In the Subnet Mask field, enter your subnet mask. 204 Users Guide Appendix B Setting Up Your Computers IP Address In the Router field, enter the IP address of your WiMAX Modem. Figure 91 Mac OS X 10.5: Network Preferences > Ethernet 6 Click Apply and close the window. Users Guide 205 Appendix B Setting Up Your Computers IP Address Verifying Settings Check your TCP/IP properties by clicking Applications > Utilities > Network Utilities, and then selecting the appropriate Network interface from the Info tab. Figure 92 Mac OS X 10.5: Network Utility Linux: Ubuntu 8 (GNOME) This section shows you how to configure your computers TCP/IP settings in the GNU Object Model Environment (GNOME) using the Ubuntu 8 Linux distribution. The procedure, screens and file locations may vary depending on your specific distribution, release version, and individual configuration. The following screens use the default Ubuntu 8 installation. Note: Make sure you are logged in as the root administrator. Follow the steps below to configure your computer IP address in GNOME:
206 Users Guide Appendix B Setting Up Your Computers IP Address 1 Click System > Administration > Network. Figure 93 Ubuntu 8: System > Administration Menu 2 When the Network Settings window opens, click Unlock to open the Authenticate window. (By default, the Unlock button is greyed out until clicked.) You cannot make changes to your configuration unless you first enter your admin password. Figure 94 Ubuntu 8: Network Settings > Connections Users Guide 207 Appendix B Setting Up Your Computers IP Address 3 4 In the Authenticate window, enter your admin account name and password then click the Authenticate button. Figure 95 Ubuntu 8: Administrator Account Authentication In the Network Settings window, select the connection that you want to configure, then click Properties. Figure 96 Ubuntu 8: Network Settings > Connections 208 Users Guide Appendix B Setting Up Your Computers IP Address 5 The Properties dialog box opens. Figure 97 Ubuntu 8: Network Settings > Properties In the Configuration list, select Automatic Configuration (DHCP) if you have a dynamic IP address. In the Configuration list, select Static IP address if you have a static IP address. Fill in the IP address, Subnet mask, and Gateway address fields. 6 Click OK to save the changes and close the Properties dialog box and return to the Network Settings screen. Users Guide 209 Appendix B Setting Up Your Computers IP Address 7 If you know your DNS server IP address(es), click the DNS tab in the Network Settings window and then enter the DNS server information in the fields provided. Figure 98 Ubuntu 8: Network Settings > DNS 8 Click the Close button to apply the changes. Verifying Settings Check your TCP/IP properties by clicking System > Administration > Network Tools, and then selecting the appropriate Network device from the Devices 210 Users Guide Appendix B Setting Up Your Computers IP Address tab. The Interface Statistics column shows data if your connection is working properly. Figure 99 Ubuntu 8: Network Tools Users Guide 211 Appendix B Setting Up Your Computers IP Address Linux: openSUSE 10.3 (KDE) This section shows you how to configure your computers TCP/IP settings in the K Desktop Environment (KDE) using the openSUSE 10.3 Linux distribution. The procedure, screens and file locations may vary depending on your specific distribution, release version, and individual configuration. The following screens use the default openSUSE 10.3 installation. Note: Make sure you are logged in as the root administrator. Follow the steps below to configure your computer IP address in the KDE:
1 Click K Menu > Computer > Administrator Settings (YaST). Figure 100 openSUSE 10.3: K Menu > Computer Menu 212 Users Guide Appendix B Setting Up Your Computers IP Address 2 When the Run as Root - KDE su dialog opens, enter the admin password and click OK. Figure 101 openSUSE 10.3: K Menu > Computer Menu 3 When the YaST Control Center window opens, select Network Devices and then click the Network Card icon. Figure 102 openSUSE 10.3: YaST Control Center Users Guide 213 Appendix B Setting Up Your Computers IP Address 4 When the Network Settings window opens, click the Overview tab, select the appropriate connection Name from the list, and then click the Configure button. Figure 103 openSUSE 10.3: Network Settings 214 Users Guide Appendix B Setting Up Your Computers IP Address 5 When the Network Card Setup window opens, click the Address tab Figure 104 openSUSE 10.3: Network Card Setup 6 Select Dynamic Address (DHCP) if you have a dynamic IP address. Select Statically assigned IP Address if you have a static IP address. Fill in the IP address, Subnet mask, and Hostname fields. 7 Click Next to save the changes and close the Network Card Setup window. Users Guide 215 Appendix B Setting Up Your Computers IP Address 8 If you know your DNS server IP address(es), click the Hostname/DNS tab in Network Settings and then enter the DNS server information in the fields provided. Figure 105 openSUSE 10.3: Network Settings 9 Click Finish to save your settings and close the window. 216 Users Guide Appendix B Setting Up Your Computers IP Address Verifying Settings Click the KNetwork Manager icon on the Task bar to check your TCP/IP properties. From the Options sub-menu, select Show Connection Information. Figure 106 openSUSE 10.3: KNetwork Manager When the Connection Status - KNetwork Manager window opens, click the Statistics tab to see if your connection is working properly. Figure 107 openSUSE: Connection Status - KNetwork Manager Users Guide 217 Appendix B Setting Up Your Computers IP Address 218 Users Guide C APPENDIX Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow:
Web browser pop-up windows from your device. JavaScripts (enabled by default). Java permissions (enabled by default). Note: Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary. Internet Explorer Pop-up Blockers You may have to disable pop-up blocking to log into your device. Either disable pop-up blocking (enabled by default in Windows XP SP (Service Pack) 2) or allow pop-up blocking and create an exception for your devices IP address. Disable Pop-up Blockers 1 In Internet Explorer, select Tools, Pop-up Blocker and then select Turn Off Pop-up Blocker. Figure 108 Pop-up Blocker You can also check if pop-up blocking is disabled in the Pop-up Blocker section in the Privacy tab. Users Guide 219 Appendix C Pop-up Windows, JavaScripts and Java Permissions 1 In Internet Explorer, select Tools, Internet Options, Privacy. 2 Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled. Figure 109 Internet Options: Privacy 3 Click Apply to save this setting. Enable Pop-up Blockers with Exceptions Alternatively, if you only want to allow pop-up windows from your device, see the following steps. 1 In Internet Explorer, select Tools, Internet Options and then the Privacy tab. 220 Users Guide Appendix C Pop-up Windows, JavaScripts and Java Permissions 2 Select Settingsto open the Pop-up Blocker Settings screen. Figure 110 Internet Options: Privacy 3 Type the IP address of your device (the web page that you do not want to have blocked) with the prefix http://. For example, http://192.168.167.1. Users Guide 221 Appendix C Pop-up Windows, JavaScripts and Java Permissions 4 Click Add to move the IP address to the list of Allowed sites. Figure 111 Pop-up Blocker Settings 5 Click Close to return to the Privacy screen. 6 Click Apply to save this setting. JavaScripts If pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. 222 Users Guide Appendix C Pop-up Windows, JavaScripts and Java Permissions 1 In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 112 Internet Options: Security 2 Click the Custom Level... button. 3 Scroll down to Scripting. 4 Under Active scripting make sure that Enable is selected (the default). 5 Under Scripting of Java applets make sure that Enable is selected (the default). Users Guide 223 Appendix C Pop-up Windows, JavaScripts and Java Permissions 6 Click OK to close the window. Figure 113 Security Settings - Java Scripting Java Permissions 1 From Internet Explorer, click Tools, Internet Options and then the Security tab. 2 Click the Custom Level... button. 3 Scroll down to Microsoft VM. 4 Under Java permissions make sure that a safety level is selected. 224 Users Guide Appendix C Pop-up Windows, JavaScripts and Java Permissions 5 Click OK to close the window. Figure 114 Security Settings - Java JAVA (Sun) 1 From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2 Make sure that Use Java 2 for <applet> under Java (Sun) is selected. Users Guide 225 Appendix C Pop-up Windows, JavaScripts and Java Permissions 3 Click OK to close the window. Figure 115 Java (Sun) Mozilla Firefox Mozilla Firefox 2.0 screens are used here. Screens for other versions may vary. You can enable Java, Javascripts and pop-ups in one screen. Click Tools, then click Options in the screen that appears. Figure 116 Mozilla Firefox: TOOLS > Options 226 Users Guide Appendix C Pop-up Windows, JavaScripts and Java Permissions Click Content.to show the screen below. Select the check boxes as shown in the following screen. Figure 117 Mozilla Firefox Content Security Users Guide 227 Appendix C Pop-up Windows, JavaScripts and Java Permissions 228 Users Guide APPENDIX D IP Addresses and Subnetting This appendix introduces IP addresses and subnet masks. IP addresses identify individual devices on a network. Every networking device
(including computers, servers, routers, printers, etc.) needs an IP address to communicate across the network. These networking devices are also known as hosts. Subnet masks determine the maximum number of possible hosts on a network. You can also use subnet masks to divide one network into multiple sub-networks. Introduction to IP Addresses One part of the IP address is the network number, and the other part is the host ID. In the same way that houses on a street share a common street name, the hosts on a network share a common network number. Similarly, as each house has its own house number, each host on the network has its own unique identifying number - the host ID. Routers use the network number to send packets to the correct network, while the host ID determines to which host on the network the packets are delivered. Structure An IP address is made up of four parts, written in dotted decimal notation (for example, 192.168.100.1). Each of these four parts is known as an octet. An octet is an eight-digit binary number (for example 11000000, which is 192 in decimal notation). Therefore, each octet has a possible range of 00000000 to 11111111 in binary, or 0 to 255 in decimal. Users Guide 229 Appendix D IP Addresses and Subnetting The following figure shows an example IP address in which the first three octets
(192.168.1) are the network number, and the fourth octet (16) is the host ID. Figure 118 Network Number and Host ID How much of the IP address is the network number and how much is the host ID varies according to the subnet mask. Subnet Masks A subnet mask is used to determine which bits are part of the network number, and which bits are part of the host ID (using a logical AND operation). The term subnet is short for sub-network. A subnet mask has 32 bits. If a bit in the subnet mask is a 1 then the corresponding bit in the IP address is part of the network number. If a bit in the subnet mask is 0 then the corresponding bit in the IP address is part of the host ID. The following example shows a subnet mask identifying the network number (in bold text) and host ID of an IP address (192.168.1.2 in decimal). Table 71 IP Address Network Number and Host ID Example IP Address (Binary) Subnet Mask (Binary) Network Number Host ID 1ST OCTET:
(192) 11000000 11111111 11000000 2ND OCTET:
(168) 10101000 11111111 10101000 3RD OCTET:
(1) 00000001 11111111 00000001 4TH OCTET
(2) 00000010 00000000 00000010 230 Users Guide Appendix D IP Addresses and Subnetting By convention, subnet masks always consist of a continuous sequence of ones beginning from the leftmost bit of the mask, followed by a continuous sequence of zeros, for a total number of 32 bits. Subnet masks can be referred to by the size of the network number part (the bits with a 1 value). For example, an 8-bit mask means that the first 8 bits of the mask are ones and the remaining 24 bits are zeroes. Subnet masks are expressed in dotted decimal notation just like IP addresses. The following examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet masks. Table 72 Subnet Masks BINARY 1ST OCTET 11111111 11111111 11111111 11111111 8-bit mask 16-bit mask 24-bit mask 29-bit mask 2ND OCTET 00000000 11111111 11111111 11111111 3RD OCTET 00000000 00000000 11111111 11111111 4TH OCTET 00000000 00000000 00000000 11111000 DECIMAL 255.0.0.0 255.255.0.0 255.255.255.0 255.255.255.248 Network Size The size of the network number determines the maximum number of possible hosts you can have on your network. The larger the number of network number bits, the smaller the number of remaining host ID bits. An IP address with host IDs of all zeros is the IP address of the network
(192.168.1.0 with a 24-bit subnet mask, for example). An IP address with host IDs of all ones is the broadcast address for that network (192.168.1.255 with a 24-bit subnet mask, for example). As these two IP addresses cannot be used for individual hosts, calculate the maximum number of possible hosts in a network as follows:
Table 73 Maximum Host Numbers SUBNET MASK HOST ID SIZE 8 bits 16 bits 24 bits 29 bits 255.0.0.0 255.255.0.0 255.255.255.0 255.255.255.248 24 bits 16 bits 8 bits 3 bits MAXIMUM NUMBER OF HOSTS 16777214 65534 254 6 224 2 216 2 28 2 23 2 Users Guide 231
1 | Manual 3 | Users Manual | 2.75 MiB |
Appendix D IP Addresses and Subnetting Notation Since the mask is always a continuous number of ones beginning from the left, followed by a continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the number of ones instead of writing the value of each octet. This is usually specified by writing a / followed by the number of bits in the mask after the address. For example, 192.1.1.0 /25 is equivalent to saying 192.1.1.0 with subnet mask 255.255.255.128. The following table shows some possible subnet masks using both notations. Table 74 Alternative Subnet Mask Notation SUBNET MASK ALTERNATIVE NOTATION
/24
/25
/26
/27
/28
/29
/30 LAST OCTET
(BINARY) 0000 0000 1000 0000 1100 0000 1110 0000 1111 0000 1111 1000 1111 1100 LAST OCTET
(DECIMAL) 0 128 192 224 240 248 252 255.255.255.0 255.255.255.128 255.255.255.192 255.255.255.224 255.255.255.240 255.255.255.248 255.255.255.252 Subnetting You can use subnetting to divide one network into multiple sub-networks. In the following example a network administrator creates two sub-networks to isolate a group of servers from the rest of the company network for security reasons. In this example, the company network address is 192.168.1.0. The first three octets of the address (192.168.1) are the network number, and the remaining octet is the host ID, allowing a maximum of 28 2 or 254 possible hosts. 232 Users Guide Appendix D IP Addresses and Subnetting The following figure shows the company network before subnetting. Figure 119 Subnetting Example: Before Subnetting You can borrow one of the host ID bits to divide the network 192.168.1.0 into two separate sub-networks. The subnet mask is now 25 bits (255.255.255.128 or
/25). The borrowed host ID bit can have a value of either 0 or 1, allowing two subnets; 192.168.1.0 /25 and 192.168.100.128 /25. Users Guide 233 Appendix D IP Addresses and Subnetting The following figure shows the company network after subnetting. There are now two sub-networks, A and B. Figure 120 Subnetting Example: After Subnetting In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 27 2 or 126 possible hosts (a host ID of all zeroes is the subnets address itself, all ones is the subnets broadcast address). 192.168.1.0 with mask 255.255.255.128 is subnet A itself, and 192.168.100.127 with mask 255.255.255.128 is its broadcast address. Therefore, the lowest IP address that can be assigned to an actual host for subnet A is 192.168.100.1 and the highest is 192.168.100.126. Similarly, the host ID range for subnet B is 192.168.100.129 to 192.168.1.254. Example: Four Subnets The previous example illustrated using a 25-bit subnet mask to divide a 24-bit address into two subnets. Similarly, to divide a 24-bit address into four subnets, you need to borrow two host ID bits to give four possible combinations (00, 01, 10 and 11). The subnet mask is 26 bits
(11111111.11111111.11111111.11000000) or 255.255.255.192. 234 Users Guide Appendix D IP Addresses and Subnetting Each subnet contains 6 host ID bits, giving 26 - 2 or 62 hosts for each subnet (a host ID of all zeroes is the subnet itself, all ones is the subnets broadcast address). Table 75 Subnet 1 IP/SUBNET MASK IP Address (Decimal) IP Address (Binary) Subnet Mask (Binary) Subnet Address:
192.168.1.0 Broadcast Address:
192.168.1.63 Table 76 Subnet 2 IP/SUBNET MASK IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address:
192.168.1.64 Broadcast Address:
192.168.100.127 Table 77 Subnet 3 IP/SUBNET MASK IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address:
192.168.100.128 Broadcast Address:
192.168.100.191 Table 78 Subnet 4 IP/SUBNET MASK IP Address IP Address (Binary) Subnet Mask (Binary) Subnet Address:
192.168.100.192 Broadcast Address:
192.168.1.255 NETWORK NUMBER 192.168.1. 11000000.10101000.00000001. 00000000 11111111.11111111.11111111. 11000000 Lowest Host ID: 192.168.100.1 LAST OCTET BIT VALUE 0 Highest Host ID: 192.168.1.62 NETWORK NUMBER LAST OCTET BIT VALUE 64 192.168.1. 11000000.10101000.00000001. 01000000 11111111.11111111.11111111. 11000000 Lowest Host ID: 192.168.1.65 Highest Host ID: 192.168.100.126 NETWORK NUMBER 192.168.1. 11000000.10101000.00000001. 10000000 11111111.11111111.11111111. 11000000 Lowest Host ID: 192.168.100.129 LAST OCTET BIT VALUE 128 Highest Host ID: 192.168.100.190 NETWORK NUMBER 192.168.1. 11000000.10101000.00000001. 11111111.11111111.11111111. Lowest Host ID: 192.168.100.193 Highest Host ID: 192.168.1.254 LAST OCTET BIT VALUE 192 11000000 11000000 Users Guide 235 Appendix D IP Addresses and Subnetting Example: Eight Subnets Similarly, use a 27-bit mask to create eight subnets (000, 001, 010, 011, 100, 101, 110 and 111). The following table shows IP address last octet values for each subnet. Table 79 Eight Subnets SUBNET FIRST ADDRESS LAST SUBNET ADDRESS 0 32 64 96 128 160 192 224 1 33 65 97 129 161 193 225 1 2 3 4 5 6 7 8 ADDRESS 30 62 94 126 158 190 222 254 BROADCAST ADDRESS 31 63 95 127 159 191 223 255 Subnet Planning The following table is a summary for subnet planning on a network with a 24-bit network number. NO. SUBNETS NO. HOSTS PER SUBNET MASK Table 80 24-bit Network Number Subnet Planning NO. BORROWED HOST BITS 1 2 3 4 5 6 7 255.255.255.128 (/25) 255.255.255.192 (/26) 255.255.255.224 (/27) 255.255.255.240 (/28) 255.255.255.248 (/29) 255.255.255.252 (/30) 255.255.255.254 (/31) 2 4 8 16 32 64 128 The following table is a summary for subnet planning on a network with a 16-bit network number. Table 81 16-bit Network Number Subnet Planning NO. BORROWED HOST BITS 1 2 255.255.128.0 (/17) 255.255.192.0 (/18) SUBNET MASK 2 4 NO. SUBNETS NO. HOSTS PER SUBNET 126 62 30 14 6 2 1 SUBNET 32766 16382 236 Users Guide Appendix D IP Addresses and Subnetting NO. SUBNETS NO. HOSTS PER SUBNET MASK Table 81 16-bit Network Number Subnet Planning (continued) NO. BORROWED HOST BITS 3 4 5 6 7 8 9 10 11 12 13 14 15 255.255.224.0 (/19) 255.255.240.0 (/20) 255.255.248.0 (/21) 255.255.252.0 (/22) 255.255.254.0 (/23) 255.255.255.0 (/24) 255.255.255.128 (/25) 255.255.255.192 (/26) 255.255.255.224 (/27) 255.255.255.240 (/28) 255.255.255.248 (/29) 255.255.255.252 (/30) 255.255.255.254 (/31) 8 16 32 64 128 256 512 1024 2048 4096 8192 16384 32768 SUBNET 8190 4094 2046 1022 510 254 126 62 30 14 6 2 1 Configuring IP Addresses Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established. If this is the case, it is recommended that you select a network number from 192.168.0.0 to 192.168.255.0. The Internet Assigned Number Authority (IANA) reserved this block of addresses specifically for private use; please do not use any other number unless you are told otherwise. You must also enable Network Address Translation (NAT) on the WiMAX Modem. Once you have decided on the network number, pick an IP address for your WiMAX Modem that is easy to remember (for instance, 192.168.100.1) but make sure that no other device on your network is using that IP address. The subnet mask specifies the network number portion of an IP address. Your WiMAX Modem will compute the subnet mask automatically based on the IP address that you entered. You don't need to change the subnet mask computed by the WiMAX Modem unless you are instructed to do otherwise. Users Guide 237 Appendix D IP Addresses and Subnetting Private IP Addresses Every machine on the Internet must have a unique address. If your networks are isolated from the Internet (running only between two branch offices, for example) you can assign any IP addresses to the hosts without problems. However, the Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of IP addresses specifically for private networks:
10.0.0.0 10.255.255.255 172.16.0.0 172.31.255.255 192.168.0.0 192.168.255.255 You can obtain your IP address from the IANA, from an ISP, or it can be assigned from a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks. On the other hand, if you are part of a much larger organization, you should consult your network administrator for the appropriate IP addresses. Regardless of your particular situation, do not create an arbitrary IP address;
always follow the guidelines above. For more information on address assignment, please refer to RFC 1597, Address Allocation for Private Internets and RFC 1466, Guidelines for Management of IP Address Space. IP Address Conflicts Each device on a network must have a unique IP address. Devices with duplicate IP addresses on the same network will not be able to access the Internet or other resources. The devices may also be unreachable through the network. Conflicting Computer IP Addresses Example More than one device can not use the same IP address. In the following example computer A has a static (or fixed) IP address that is the same as the IP address that a DHCP server assigns to computer B which is a DHCP client. Neither can access the Internet. This problem can be solved by assigning a different static IP 238 Users Guide Appendix D IP Addresses and Subnetting address to computer A or setting computer A to obtain an IP address automatically. Figure 121 Conflicting Computer IP Addresses Example Conflicting Router IP Addresses Example Since a router connects different networks, it must have interfaces using different network numbers. For example, if a router is set between a LAN and the Internet
(WAN), the routers LAN and WAN addresses must be on different subnets. In the following example, the LAN and WAN are on the same subnet. The LAN computers cannot access the Internet because the router cannot route between networks. Figure 122 Conflicting Computer IP Addresses Example Conflicting Computer and Router IP Addresses Example More than one device can not use the same IP address. In the following example, the computer and the routers LAN port both use 192.168.100.1 as the IP address. Users Guide 239 Appendix D IP Addresses and Subnetting The computer cannot access the Internet. This problem can be solved by assigning a different IP address to the computer or the routers LAN port. Figure 123 Conflicting Computer and Router IP Addresses Example 240 Users Guide APPENDIX E Importing Certificates This appendix shows you how to import public key certificates into your web browser. Public key certificates are used by web browsers to ensure that a secure web site is legitimate. When a certificate authority such as VeriSign, Comodo, or Network Solutions, to name a few, receives a certificate request from a website operator, they confirm that the web domain and contact information in the request match those on public record with a domain name registrar. If they match, then the certificate is issued to the website operator, who then places it on the site to be issued to all visiting web browsers to let them know that the site is legitimate. Many ZyXEL products, such as the NSA-2401, issue their own public key certificates. These can be used by web browsers on a LAN or WAN to verify that they are in fact connecting to the legitimate device and not one masquerading as it. However, because the certificates were not issued by one of the several organizations officially recognized by the most common web browsers, you will need to import the ZyXEL-created certificate into your web browser and flag that certificate as a trusted authority. Note: You can see if you are browsing on a secure website if the URL in your web browsers address bar begins with https:// or there is a sealed padlock icon (
padlock in the same location.)
) somewhere in the main browser window (not all browsers show the In this appendix, you can import a public key certificate for:
Internet Explorer on page 242 Firefox on page 252 Opera on page 258 Konqueror on page 266 Users Guide 241 Appendix E Importing Certificates Internet Explorer The following example uses Microsoft Internet Explorer 7 on Windows XP Professional; however, they can also apply to Internet Explorer on Windows Vista. 1 If your devices web configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error. Figure 124 Internet Explorer 7: Certification Error 2 Click Continue to this website (not recommended). Figure 125 Internet Explorer 7: Certification Error 242 Users Guide 3 In the Address Bar, click Certificate Error > View certificates. Figure 126 Internet Explorer 7: Certificate Error Appendix E Importing Certificates 4 In the Certificate dialog box, click Install Certificate. Figure 127 Internet Explorer 7: Certificate Users Guide 243 Appendix E Importing Certificates 5 In the Certificate Import Wizard, click Next. Figure 128 Internet Explorer 7: Certificate Import Wizard 6 If you want Internet Explorer to Automatically select certificate store based on the type of certificate, click Next again and then go to step 9. Figure 129 Internet Explorer 7: Certificate Import Wizard 244 Users Guide Appendix E Importing Certificates 7 Otherwise, select Place all certificates in the following store and then click Browse. Figure 130 Internet Explorer 7: Certificate Import Wizard 8 In the Select Certificate Store dialog box, choose a location in which to save the certificate and then click OK. Figure 131 Internet Explorer 7: Select Certificate Store Users Guide 245 Appendix E Importing Certificates 9 In the Completing the Certificate Import Wizard screen, click Finish. Figure 132 Internet Explorer 7: Certificate Import Wizard 10 If you are presented with another Security Warning, click Yes. Figure 133 Internet Explorer 7: Security Warning 246 Users Guide Appendix E Importing Certificates 11 Finally, click OK when presented with the successful certificate installation message. Figure 134 Internet Explorer 7: Certificate Import Wizard 12 The next time you start Internet Explorer and go to a ZyXEL web configurator page, a sealed padlock icon appears in the address bar. Click it to view the pages Website Identification information. Figure 135 Internet Explorer 7: Website Identification Users Guide 247 Appendix E Importing Certificates Installing a Stand-Alone Certificate File in Internet Explorer Rather than browsing to a ZyXEL web configurator and installing a public key certificate when prompted, you can install a stand-alone certificate file if one has been issued to you. 1 Double-click the public key certificate file. Figure 136 Internet Explorer 7: Public Key Certificate File 2 In the security warning dialog box, click Open. Figure 137 Internet Explorer 7: Open File - Security Warning 3 Refer to steps 4-12 in the Internet Explorer procedure beginning on page 242 to complete the installation process. 248 Users Guide Appendix E Importing Certificates Removing a Certificate in Internet Explorer This section shows you how to remove a public key certificate in Internet Explorer 7. 1 Open Internet Explorer and click TOOLS > Internet Options. Figure 138 Internet Explorer 7: Tools Menu 2 In the Internet Options dialog box, click Content > Certificates. Figure 139 Internet Explorer 7: Internet Options Users Guide 249 Appendix E Importing Certificates 3 In the Certificates dialog box, click the Trusted Root Certificates Authorities tab, select the certificate that you want to delete, and then click Remove. Figure 140 Internet Explorer 7: Certificates 4 5 In the Certificates confirmation, click Yes. Figure 141 Internet Explorer 7: Certificates In the Root Certificate Store dialog box, click Yes. Figure 142 Internet Explorer 7: Root Certificate Store 250 Users Guide 6 The next time you go to the web site that issued the public key certificate you just removed, a certification error appears. Appendix E Importing Certificates Users Guide 251 Appendix E Importing Certificates Firefox The following example uses Mozilla Firefox 2 on Windows XP Professional;
however, the screens can also apply to Firefox 2 on all platforms. 1 If your devices web configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error. 2 Select Accept this certificate permanently and click OK. Figure 143 Firefox 2: Website Certified by an Unknown Authority 252 Users Guide Appendix E Importing Certificates 3 The certificate is stored and you can now connect securely to the web configurator. A sealed padlock appears in the address bar, which you can click to open the Page Info > Security window to view the web pages security information. Figure 144 Firefox 2: Page Info Users Guide 253 Appendix E Importing Certificates Installing a Stand-Alone Certificate File in Firefox Rather than browsing to a ZyXEL web configurator and installing a public key certificate when prompted, you can install a stand-alone certificate file if one has been issued to you. 1 Open Firefox and click TOOLS > Options. Figure 145 Firefox 2: Tools Menu 2 In the Options dialog box, click ADVANCED > Encryption > View Certificates. Figure 146 Firefox 2: Options 254 Users Guide 3 In the Certificate Manager dialog box, click Web Sites > Import. Figure 147 Firefox 2: Certificate Manager Appendix E Importing Certificates 4 Use the Select File dialog box to locate the certificate and then click Open. Figure 148 Firefox 2: Select File 5 The next time you visit the web site, click the padlock in the address bar to open the Page Info > Security window to see the web pages security information. Users Guide 255 Appendix E Importing Certificates Removing a Certificate in Firefox This section shows you how to remove a public key certificate in Firefox 2. 1 Open Firefox and click TOOLS > Options. Figure 149 Firefox 2: Tools Menu 2 In the Options dialog box, click ADVANCED > Encryption > View Certificates. Figure 150 Firefox 2: Options 256 Users Guide Appendix E Importing Certificates 3 In the Certificate Manager dialog box, select the Web Sites tab, select the certificate that you want to remove, and then click Delete. Figure 151 Firefox 2: Certificate Manager 4 5 In the Delete Web Site Certificates dialog box, click OK. Figure 152 Firefox 2: Delete Web Site Certificates The next time you go to the web site that issued the public key certificate you just removed, a certification error appears. Users Guide 257 Appendix E Importing Certificates Opera The following example uses Opera 9 on Windows XP Professional; however, the screens can apply to Opera 9 on all platforms. 1 If your devices web configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error. 2 Click Install to accept the certificate. Figure 153 Opera 9: Certificate signer not found 258 Users Guide Appendix E Importing Certificates 3 The next time you visit the web site, click the padlock in the address bar to open the Security information window to view the web pages security details. Figure 154 Opera 9: Security information Users Guide 259 Appendix E Importing Certificates Installing a Stand-Alone Certificate File in Opera Rather than browsing to a ZyXEL web configurator and installing a public key certificate when prompted, you can install a stand-alone certificate file if one has been issued to you. 1 Open Opera and click TOOLS > Preferences. Figure 155 Opera 9: Tools Menu 260 Users Guide 2 In Preferences, click ADVANCED > Security > Manage certificates. Figure 156 Opera 9: Preferences Appendix E Importing Certificates Users Guide 261 Appendix E Importing Certificates 3 In the Certificates Manager, click Authorities > Import. Figure 157 Opera 9: Certificate manager 4 Use the Import certificate dialog box to locate the certificate and then click Open. Figure 158 Opera 9: Import certificate 262 Users Guide 5 In the Install authority certificate dialog box, click Install. Figure 159 Opera 9: Install authority certificate Appendix E Importing Certificates 6 Next, click OK. Figure 160 Opera 9: Install authority certificate 7 The next time you visit the web site, click the padlock in the address bar to open the Security information window to view the web pages security details. Users Guide 263 Appendix E Importing Certificates Removing a Certificate in Opera This section shows you how to remove a public key certificate in Opera 9. 1 Open Opera and click TOOLS > Preferences. Figure 161 Opera 9: Tools Menu 2 In Preferences, ADVANCED > Security > Manage certificates. Figure 162 Opera 9: Preferences 264 Users Guide Appendix E Importing Certificates 3 In the Certificates manager, select the Authorities tab, select the certificate that you want to remove, and then click Delete. Figure 163 Opera 9: Certificate manager 4 The next time you go to the web site that issued the public key certificate you just removed, a certification error appears. Note: There is no confirmation when you delete a certificate authority, so be absolutely certain that you want to go through with it before clicking the button. Users Guide 265 Appendix E Importing Certificates Konqueror The following example uses Konqueror 3.5 on openSUSE 10.3, however the screens apply to Konqueror 3.5 on all Linux KDE distributions. 1 If your devices web configurator is set to use SSL certification, then the first time you browse to it you are presented with a certification error. 2 Click Continue. Figure 164 Konqueror 3.5: Server Authentication 3 Click Forever when prompted to accept the certificate. Figure 165 Konqueror 3.5: Server Authentication 266 Users Guide Appendix E Importing Certificates 4 Click the padlock in the address bar to open the KDE SSL Information window and view the web pages security details. Figure 166 Konqueror 3.5: KDE SSL Information Users Guide 267 Appendix E Importing Certificates Installing a Stand-Alone Certificate File in Konqueror Rather than browsing to a ZyXEL web configurator and installing a public key certificate when prompted, you can install a stand-alone certificate file if one has been issued to you. 1 Double-click the public key certificate file. Figure 167 Konqueror 3.5: Public Key Certificate File 2 In the Certificate Import Result - Kleopatra dialog box, click OK. Figure 168 Konqueror 3.5: Certificate Import Result The public key certificate appears in the KDE certificate manager, Kleopatra. Figure 169 Konqueror 3.5: Kleopatra 268 Users Guide 3 The next time you visit the web site, click the padlock in the address bar to open the KDE SSL Information window to view the web pages security details. Appendix E Importing Certificates Users Guide 269 Appendix E Importing Certificates Removing a Certificate in Konqueror This section shows you how to remove a public key certificate in Konqueror 3.5. 1 Open Konqueror and click Settings > Configure Konqueror. Figure 170 Konqueror 3.5: Settings Menu 2 In the Configure dialog box, select Crypto. 3 On the Peer SSL Certificates tab, select the certificate you want to delete and then click Remove. Figure 171 Konqueror 3.5: Configure 4 The next time you go to the web site that issued the public key certificate you just removed, a certification error appears. 270 Users Guide Note: There is no confirmation when you remove a certificate authority, so be absolutely certain you want to go through with it before clicking the button. Appendix E Importing Certificates Users Guide 271 Appendix E Importing Certificates 272 Users Guide APPENDIX F SIP Passthrough Enabling/Disabling the SIP ALG You can turn off the WiMAX Modem SIP ALG to avoid retranslating the IP address of an existing SIP device that is using STUN. If you want to use STUN with a SIP client device (a SIP phone or IP phone for example) behind the WiMAX Modem, use the ip alg disable ALG_SIP command to turn off the SIP ALG. Signaling Session Timeout Most SIP clients have an expire mechanism indicating the lifetime of signaling sessions. The SIP UA sends registration packets to the SIP server periodically and keeps the session alive in the WiMAX Modem. If the SIP client does not have this mechanism and makes no call during the WiMAX Modem SIP timeout default (60 minutes), the WiMAX Modem SIP ALG drops any incoming calls after the timeout period. You can use the ip alg siptimeout command to change the timeout value. Audio Session Timeout If no voice packets go through the SIP ALG before the timeout period default (5 minutes) expires, the SIP ALG does not drop the call but blocks all voice traffic and deletes the audio session. You cannot hear anything and you will need to make a new call to continue your conversation. Users Guide 273 Appendix F SIP Passthrough 274 Users Guide APPENDIX G Common Services The following table lists some commonly-used services and their associated protocols and port numbers. For a comprehensive list of port numbers, ICMP type/
code numbers and services, visit the IANA (Internet Assigned Number Authority) web site. Name: This is a short, descriptive name for the service. You can use this one or create a different one, if you like. Protocol: This is the type of IP protocol used by the service. If this is TCP/
UDP, then the service uses the same port number with TCP and UDP. If this is USER-DEFINED, the Port(s) is the IP protocol number, not the port number. Port(s): This value depends on the Protocol. Please refer to RFC 1700 for further information about port numbers. If the Protocol is TCP, UDP, or TCP/UDP, this is the IP port number. If the Protocol is USER, this is the IP protocol number. Description: This is a brief explanation of the applications that use this service or the situations in which this service is used. Table 82 Commonly Used Services NAME AH
(IPSEC_TUNNEL) PROTOCOL User-Defined AIM/New-ICQ TCP AUTH BGP BOOTP_CLIENT BOOTP_SERVER CU-SEEME TCP TCP UDP UDP TCP DNS UDP TCP/UDP 5190 113 179 68 67 7648 24032 53 PORT(S) DESCRIPTION 51 The IPSEC AH (Authentication Header) tunneling protocol uses this service. AOLs Internet Messenger service. It is also used as a listening port by ICQ. Authentication protocol used by some servers. Border Gateway Protocol. DHCP Client. DHCP Server. A popular videoconferencing solution from White Pines Software. Domain Name Server, a service that matches web names (for example www.zyxel.com) to IP numbers. Users Guide 275 Appendix G Common Services Table 82 Commonly Used Services (continued) NAME ESP
(IPSEC_TUNNEL) PROTOCOL User-Defined PORT(S) DESCRIPTION 50 FINGER FTP H.323 HTTP HTTPS ICMP TCP TCP TCP TCP TCP TCP 79 20 21 1720 80 443 User-Defined 1 ICQ UDP 4000 IGMP
(MULTICAST) User-Defined 2 IKE IRC UDP TCP/UDP MSN Messenger TCP TCP TCP UDP TCP NEW-ICQ NEWS NFS NNTP PING 500 6667 1863 5190 144 2049 119 User-Defined 1 POP3 TCP 110 The IPSEC ESP (Encapsulation Security Protocol) tunneling protocol uses this service. Finger is a UNIX or Internet related command that can be used to find out if a user is logged on. File Transfer Program, a program to enable fast transfer of files, including large files that may not be possible by e-mail. NetMeeting uses this protocol. Hyper Text Transfer Protocol - a client/server protocol for the world wide web. HTTPS is a secured http session often used in e-commerce. Internet Control Message Protocol is often used for diagnostic or routing purposes. This is a popular Internet chat program. Internet Group Management Protocol is used when sending packets to a specific group of hosts. The Internet Key Exchange algorithm is used for key distribution and management. This is another popular Internet chat program. Microsoft Networks messenger service uses this protocol. An Internet chat program. A protocol for news groups. Network File System - NFS is a client/
server distributed file service that provides transparent file sharing for network environments. Network News Transport Protocol is the delivery mechanism for the USENET newsgroup service. Packet INternet Groper is a protocol that sends out ICMP echo requests to test whether or not a remote host is reachable. Post Office Protocol version 3 lets a client computer get e-mail from a POP3 server through a temporary connection (TCP/IP or other). 276 Users Guide Table 82 Commonly Used Services (continued) NAME PPTP PROTOCOL TCP PORT(S) DESCRIPTION 1723 PPTP_TUNNEL
(GRE) User-Defined 47 RCMD REAL_AUDIO TCP TCP REXEC RLOGIN RTELNET RTSP TCP TCP TCP TCP/UDP SFTP SMTP TCP TCP SNMP TCP/UDP SNMP-TRAPS TCP/UDP SQL-NET TCP SSH STRM WORKS SYSLOG TCP/UDP UDP UDP TACACS TELNET UDP TCP 512 7070 514 513 107 554 115 25 161 162 1521 22 1558 514 49 23 Appendix G Common Services Point-to-Point Tunneling Protocol enables secure transfer of data over public networks. This is the control channel. PPTP (Point-to-Point Tunneling Protocol) enables secure transfer of data over public networks. This is the data channel. Remote Command Service. A streaming audio service that enables real time sound over the web. Remote Execution Daemon. Remote Login. Remote Telnet. The Real Time Streaming (media control) Protocol (RTSP) is a remote control for multimedia on the Internet. Simple File Transfer Protocol. Simple Mail Transfer Protocol is the message-exchange standard for the Internet. SMTP enables you to move messages from one e-mail server to another. Simple Network Management Program. Traps for use with the SNMP
(RFC:1215). Structured Query Language is an interface to access data on many different types of database systems, including mainframes, midrange systems, UNIX systems and network servers. Secure Shell Remote Login Program. Stream Works Protocol. Syslog allows you to send system logs to a UNIX server. Login Host Protocol used for (Terminal Access Controller Access Control System). Telnet is the login and terminal emulation protocol common on the Internet and in UNIX environments. It operates over TCP/IP networks. Its primary function is to allow users to log into remote host systems. Users Guide 277 Appendix G Common Services Table 82 Commonly Used Services (continued) NAME TFTP PROTOCOL UDP PORT(S) DESCRIPTION 69 VDOLIVE TCP 7000 Trivial File Transfer Protocol is an Internet file transfer protocol similar to FTP, but uses the UDP (User Datagram Protocol) rather than TCP
(Transmission Control Protocol). Another videoconferencing solution. 278 Users Guide APPENDIX H Legal Information Copyright Copyright 2009 by ZyXEL Communications Corporation. The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation. Published by ZyXEL Communications Corporation. All rights reserved. Disclaimers ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice. This publication is subject to change without notice. Your use of the WiMAX Modem is subject to the terms and conditions of any related service providers. Do not use the WiMAX Modem for illegal purposes. Illegal downloading or sharing of files can result in severe civil and criminal penalties. You are subject to the restrictions of copyright laws and any other applicable laws, and will bear the consequences of any infringements thereof. ZyXEL bears NO responsibility or liability for your use of the download service feature. Trademarks Trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners. Users Guide 279 Appendix H Legal Information Certifications Federal Communications Commission (FCC) Interference Statement The device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:
This device may not cause harmful interference. This device must accept any interference received, including interference that may cause undesired operations. This device has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This device generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this device does cause harmful interference to radio/television reception, which can be determined by turning the device off and on, the user is encouraged to try to correct the interference by one or more of the following measures:
1 Reorient or relocate the receiving antenna. 2 Increase the separation between the equipment and the receiver. 3 Connect the equipment into an outlet on a circuit different from that to which the receiver is connected. 4 Consult the dealer or an experienced radio/TV technician for help. FCC Radiation Exposure Statement This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter. To comply with FCC RF exposure compliance requirements, a separation distance of at least 20 cm must be maintained between the antenna of this device and all persons.
280 Users Guide Appendix H Legal Information Notices Changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment. This Class B digital apparatus complies with Canadian ICES-003. Cet appareil numrique de la classe B est conforme la norme NMB-003 du Canada. Viewing Certifications 1 Go to http://www.zyxel.com. 2 Select your product on the ZyXEL home page to go to that product's page. 3 Select the certification you wish to view from this page. ZyXEL Limited Warranty ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to proper operating condition. Any replacement will consist of a new or re-manufactured functionally equivalent product of equal or higher value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product has been modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions. Note Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This warranty is in lieu of all other warranties, express or implied, Users Guide 281 Appendix H Legal Information including any implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect or consequential damages of any kind to the purchaser. To obtain the services of this warranty, contact your vendor. You may also refer to the warranty policy for the region in which you bought the device at http://
www.zyxel.com/web/support_warranty_info.php. Registration Register your product online to receive e-mail notices of firmware upgrades and information at www.zyxel.com. 282 Users Guide Index Index C CA 145 call Europe type service mode 133 hold 133135 service mode 133134 transfer 134135 waiting 133135 CBC-MAC 189 CCMP 187, 189 cell 77 certificates 145, 187 importing 146 verification 189 certification authority, see CA notices 281 requests 145 viewing 281 chaining 189 chaining message authentication see CCMP channel ID 64 circuit-switched telephone networks 109 Class of Service (CoS) 124 client-server protocol 122 SIP 122 CMAC see MAC codec 113 comfort noise 127 copyright 279 CoS 124 counter mode see CCMP coverage area 77 cryptography 187 283 Numerics 802.11 mode 68 A AAA 7879 AbS 114 access point, See AP 59 accounting server see AAA ACK message 121 activity 78 Advanced Encryption Standard see AES AES 189 alternative subnet mask notation 232 analysis-by-synthesis 114 AP (Access Point) 59 authentication 78, 80, 187 inner 190 key server 78 types 190 authentication type 60 open system 61 shared key 61 authorization 187 request and reply 189 server 78 B base station see BS BS 7778 links 78 BYE request 121 Users Guide Index D data 187189 decryption 187 encryption 187 flow 189 DHCP 32, 46, 100 client 100 server 32, 46 diameter 79 Differentiated Services see DiffServ DiffServ 124 DiffServ Code Point (DSCP) 124 marking rule 125 digital ID 187 DL frequency 86 domain name 100 download frequency see DL frequency DS field 125 DSCP see DiffServ dynamic DNS 100 Dynamic Host Configuration Protocol see DHCP E EAP 79 echo cancellation 127 encryption 187189 traffic 189 encryption type 60 Ethernet encapsulation 91 Europe type call service mode 133 Extensible Authorization Protocol see EAP F FCC interference statement 280 flash key 132 flashing 132 fragmentation threshold 68 frequency band 87 ranges 86 scanning 87 FTP 100, 150 restrictions 150 G G.168 127 G.711 113 G.729 114 H hide SSID 64 hybrid waveform codec 114 I IANA 238 identity 78, 187 idle timeout 150 IEEE 802.11b 68 IEEE 802.11g 68 IEEE 802.16 77, 187 IEEE 802.16e 77 IEEE 802.1Q VLAN 120 importing a certificate 146 inner authentication 190 Internet access 79 Internet Assigned Numbers Authority see IANA 238 Internet Telephony Service Provider see ITSP interoperability 77 IP-PBX 109 284 Users Guide ITSP 109 ITU-T 127 K key 80, 187 request and reply 189 L listening port 117 M MAC 189 MAC address filter 62 action 70 MAC filter 69 MAN 77 Management Information Base (MIB) 154 manual site survey 86 Message Authentication Code see MAC message integrity 189 message waiting indication 114 Metropolitan Area Network see MAN microwave 77, 78 mobile station see MS MS 78 multimedia 110 MWI 114 N NAT 112, 237 and remote management 150 routers 112 server sets 91 Users Guide network activity 78 services 78 O OK response 121 outbound proxy 113, 124 server 113 SIP 113 P pattern-spotting 189 PBX services 109 PCM 113 peer-to-peer calls 137 per-hop behavior 125 PHB (per-hop behavior) 125 phone services 128 PKMv2 79, 80, 187, 190 plain text encryption 189 preamble 68 Privacy Key Management see PKM private key 187 product registration 282 proxy server SIP 122 public certificate 189 public key 80, 187 public-private key pairs 145 pulse code modulation 113 R RADIUS 78, 79, 188 Message Types 188 Messages 188 Shared Secret Key 188 Index 285 Index Real-time Transport Protocol see RTP redirect server SIP 123 register server SIP 110 registration product 282 related documentation 3 remote management and NAT 150 remote management limitations 150 required bandwidth 114 RFC 1889 110 RFC 3489 113 RFC 3842 114 RTP 110 RTS/CTS threshold 68 S safety warnings 7 secure communication 80, 187 secure connection 79 security 187 security association 189 see SA server outbound proxy 113 service set 64 Service Set IDentification, see SSID services 78 Session Initiation Protocol see SIP silence suppression 127 silent packets 127 SIP 109 account 110 ACK message 121 ALG 124 BYE request 121 call progression 121 client 122 client server 122 identities 110 INVITE request 121 number 110 OK response 121 outbound proxy 113 proxy server 122 redirect server 123 register server 110 servers 122 service domain 110 URI 110 user agent 122 SNMP 150 manager 154 sound quality 113 speed dial 137 SS 77, 78 SSID 64 STUN 113, 124 subnet 229 mask 230 subnetting 232 subscriber station see SS supplementary phone services 128 syntax conventions 5 system timeout 150 T tampering TCP/IP configuration 32, 46 TEK 189 TFTP restrictions 150 three-way conference 134, 135 TLS 80, 187 transport encryption key see TEK transport layer security see TLS trigger port forwarding process 96 TTLS 80, 187, 190 tunneled TLS see TTLS 286 Users Guide Index see MAN wireless network access 77 example 59 overview 59 standard 77 wireless security 187 WLAN 59 802.11 mode 68 channel 64 fragmentation threshold 68 hide SSID 64 IEEE 802.11b 68 IEEE 802.11g 68 preamble 68 RTS/CTS threshold 68 see also wireless. WPA-PSK 66 WPA-PSK 66 U unauthorized device 187 uniform resource identifier 110 USA type call service mode 134 use NAT 124 use NAT feature 110 user agent, SIP 122 user authentication 187 user name 101 V VAD 127 verification 189 virtual local area network see VLAN VLAN 119 group 120 ID tags 120 tags 120 VLAN ID 120 voice activity detection 127 coding 113 mail 109 Voice over IP see VoIP VoIP 109 W waveform codec 113 WiMAX 7778 security 189 WiMAX Forum 77 wireless client 59 Wireless Interoperability for Microwave Access see WiMAX wireless LAN channel 64 MAC address filter 62 Wireless Metropolitan Area Network Users Guide 287 Index 288 Users Guide
frequency | equipment class | purpose | ||
---|---|---|---|---|
1 | 2009-07-16 | 2505 ~ 2685 | TNB - Licensed Non-Broadcast Station Transmitter | Original Equipment |
app s | Applicant Information | |||||
---|---|---|---|---|---|---|
1 | Effective |
2009-07-16
|
||||
1 | Applicant's complete, legal business name |
ZyXEL Communications Corporation
|
||||
1 | FCC Registration Number (FRN) |
0021059092
|
||||
1 | Physical Address |
No.2, Industry East Road IX, Science Park
|
||||
1 |
Hsinchu, N/A
|
|||||
1 |
Taiwan
|
|||||
app s | TCB Information | |||||
1 | TCB Application Email Address |
c******@curtis-straus.com
|
||||
1 | TCB Scope |
B1: Commercial mobile radio services equipment in the following 47 CFR Parts 20, 22 (cellular), 24,25 (below 3 GHz) & 27
|
||||
app s | FCC ID | |||||
1 | Grantee Code |
I88
|
||||
1 | Equipment Product Code |
MAX207HW2
|
||||
app s | Person at the applicant's address to receive grant or for contact | |||||
1 | Name |
E**** B****
|
||||
1 | Title |
Section Manager
|
||||
1 | Telephone Number |
886 3******** Extension:
|
||||
1 | Fax Number |
886 3********
|
||||
1 |
E******@zyxel.com.tw
|
|||||
app s | Technical Contact | |||||
1 | Firm Name |
Bureau Veritas CPS (H.K.) Ltd. Taoyuan Branch
|
||||
1 | Name |
E******** L********
|
||||
1 | Physical Address |
81-1 Luliaoken, 9th Lin, Wulung Tsuen Chiunglin
|
||||
1 |
Hsinchu, 307
|
|||||
1 |
Taiwan
|
|||||
1 | Telephone Number |
886-3******** Extension:
|
||||
1 | Fax Number |
886-3********
|
||||
1 |
e******@adt.com.tw
|
|||||
app s | Non Technical Contact | |||||
1 | Firm Name |
Bureau Veritas CPS (H.K.) Ltd. Taoyuan Branch
|
||||
1 | Name |
E**** L********
|
||||
1 | Physical Address |
81-1 Luliaoken, 9th Lin, Wulung Tsuen Chiunglin
|
||||
1 |
Hsinchu, 307
|
|||||
1 |
Taiwan
|
|||||
1 | Telephone Number |
886-3******** Extension:
|
||||
1 | Fax Number |
886-3********
|
||||
1 |
e******@adt.com.tw
|
|||||
app s | Confidentiality (long or short term) | |||||
1 | Does this application include a request for confidentiality for any portion(s) of the data contained in this application pursuant to 47 CFR § 0.459 of the Commission Rules?: | Yes | ||||
1 | Long-Term Confidentiality Does this application include a request for confidentiality for any portion(s) of the data contained in this application pursuant to 47 CFR § 0.459 of the Commission Rules?: | No | ||||
if no date is supplied, the release date will be set to 45 calendar days past the date of grant. | ||||||
app s | Cognitive Radio & Software Defined Radio, Class, etc | |||||
1 | Is this application for software defined/cognitive radio authorization? | No | ||||
1 | Equipment Class | TNB - Licensed Non-Broadcast Station Transmitter | ||||
1 | Description of product as it is marketed: (NOTE: This text will appear below the equipment class on the grant) | WiMAX MIMO 2.5GHz Indoor Multiple-user CPE | ||||
1 | Related OET KnowledgeDataBase Inquiry: Is there a KDB inquiry associated with this application? | No | ||||
1 | Modular Equipment Type | Does not apply | ||||
1 | Purpose / Application is for | Original Equipment | ||||
1 | Composite Equipment: Is the equipment in this application a composite device subject to an additional equipment authorization? | No | ||||
1 | Related Equipment: Is the equipment in this application part of a system that operates with, or is marketed with, another device that requires an equipment authorization? | No | ||||
1 | Grant Comments | Output power is conducted. The product is a WiMAX user station. The antenna(s) used for this transmitter must be installed to provide a separation distance of at least 20 cm from all persons and must not be co-located or operating in conjunction with any other antenna or transmitter. Users and installers must be provided with antenna installation instructions and transmitter operating conditions for satisfying RF exposure compliance. | ||||
1 | Is there an equipment authorization waiver associated with this application? | No | ||||
1 | If there is an equipment authorization waiver associated with this application, has the associated waiver been approved and all information uploaded? | No | ||||
app s | Test Firm Name and Contact Information | |||||
1 | Firm Name |
Bureau Veritas CPS (H.K.) Ltd. Taoyuan Branch
|
||||
1 | Name |
R****** C********
|
||||
1 | Telephone Number |
886-2********
|
||||
1 | Fax Number |
886-2********
|
||||
1 |
r******@tw.bureauveritas.com
|
|||||
Equipment Specifications | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Line | Rule Parts | Grant Notes | Lower Frequency | Upper Frequency | Power Output | Tolerance | Emission Designator | Microprocessor Number | |||||||||||||||||||||||||||||||||
1 | 1 | 27 | 20 28 MO | 2505 | 2685 | 0.426 | 2.5 ppm | 5M37W7D | |||||||||||||||||||||||||||||||||
1 | 2 | 27 | 20 28 MO | 2505 | 2685 | 0.434 | 2.5 ppm | 10M4W7D |
some individual PII (Personally Identifiable Information) available on the public forms may be redacted, original source may include additional details
This product uses the FCC Data API but is not endorsed or certified by the FCC