ZyXEL Communications MAX200M1 WiMAX IEEE802.16e Indoor Basic CPE-2.5GHz User Manual ZyBook

ZyXEL Communications Corporation WiMAX IEEE802.16e Indoor Basic CPE-2.5GHz ZyBook

User manual3

ZyXEL MAX-200M1 Series User’s GuideChapter 15 Static Route 151Figure 84   Management > Static Route > IP Static Route > EditEach field is described in the following table.Table 49   Management > Static Route > IP Static Route > EditLABEL DESCRIPTIONRoute Name Enter the name of the static route.Active Select this if you want the static route to be used. Clear this if you do not want the static route to be used.Private Select this if you do not want the ZyXEL Device to tell other routers about this static route. For example, you might select this if the static route is in your LAN. Clear this if you want the ZyXEL Device to tell other routers about this static route.Destination IP AddressEnter one of the destination IP addresses that this static route affects.IP Subnet Mask Enter the subnet mask that defines the range of destination IP addresses that this static route affects. If this static route affects only one IP address, enter 255.255.255.255.Gateway IP AddressEnter the IP address of the gateway to which the ZyXEL Device should send packets for the specified Destination. The gateway is a router or a switch on the same network segment as the device's LAN or WAN port. The gateway helps forward packets to their destinations.Metric Usually, you should keep the default value. This field is related to RIP. See Chapter 8 on page 83 for more information.The metric represents the "cost of transmission". A router determines the best route for transmission by choosing a path with the lowest "cost". The smaller the metric, the lower the "cost". RIP uses hop count as the measurement of cost, where 1 is for a directly-connected network. The metric must be 1-15; if you use a value higher than 15, the routers assume the link is down.Apply Click this to save your changes and to apply them to the ZyXEL Device.Cancel Click this to return to the previous screen without saving your changes.
ZyXEL MAX-200M1 Series User’s Guide152 Chapter 15 Static Route
ZyXEL MAX-200M1 Series User’s GuideChapter 16 Remote MGMT 153CHAPTER 16Remote MGMTUse these screens to control which computers can use which services to access the ZyXEL Device on each interface.16.1  Remote Management OverviewRemote management allows you to determine which services/protocols can access which ZyXEL Device interface (if any) from which computers.You may manage your ZyXEL Device from a remote location via:To disable remote management of a service, select Disable in the corresponding Server Access field.You may only have one remote management session running at a time. The ZyXEL Device automatically disconnects a remote management session of lower priority when another remote management session of higher priority starts. The priorities for the different types of remote management sessions are as follows.1Telnet2HTTP16.1.1  Remote Management LimitationsRemote management over LAN or WAN will not work when:1A filter in SMT menu 3.1 (LAN) or in menu 11.5 (WAN) is applied to block a Telnet, FTP or Web service. 2You have disabled that service in one of the remote management screens.3The IP address in the Secured Client IP field does not match the client IP address. If it does not match, the ZyXEL Device will disconnect the session immediately.4There is already another remote management session with an equal or higher priority running. You may only have one remote management session running at one time.• Internet (WAN only) • ALL (LAN and WAN)• LAN only • Neither (Disable).
ZyXEL MAX-200M1 Series User’s Guide154 Chapter 16 Remote MGMT16.1.2  Remote Management and NATWhen NAT is enabled:• Use the ZyXEL Device’s WAN IP address when configuring from the WAN. • Use the ZyXEL Device’s LAN IP address when configuring from the LAN.16.1.3  System TimeoutThere is a default system management idle timeout of five minutes (three hundred seconds). The ZyXEL Device automatically logs you out if the management session remains idle for longer than this timeout period. The management session does not time out when a statistics screen is polling. You can change the timeout period in the Maintenance > System > General screen.16.2  Remote Management Screens16.2.1  WWW ScreenUse this screen to control HTTP access to your ZyXEL Device. To access this screen, click Management > Remote MGMT > WWW.Figure 85   Management > Remote MGMT > WWWEach field is described in the following table.Table 50   Management > Remote MGMT > WWWLABEL DESCRIPTIONServer Port Enter the port number this service can use to access the ZyXEL Device. The computer must use the same port number.Server Access Select the interface(s) through which a computer may access the ZyXEL Device using this service.Secured Client IP AddressSelect All to allow any computer to access the ZyXEL Device using this service.Select Selected to only allow the computer with the IP address that you specify to access the ZyXEL Device using this service.
ZyXEL MAX-200M1 Series User’s GuideChapter 16 Remote MGMT 15516.2.2  Telnet ScreenUse this screen to control Telnet access to your ZyXEL Device. To access this screen, click Management > Remote MGMT > Telnet.Figure 86   Management > Remote MGMT > TelnetEach field is described in the following table.16.2.3  FTP ScreenUse this screen to control FTP access to your ZyXEL Device. To access this screen, click Management > Remote MGMT > FTP.Apply Click this to save your changes.Reset Click this to set every field in this screen to its default value.Table 50   Management > Remote MGMT > WWWLABEL DESCRIPTIONTable 51   Management > Remote MGMT > TelnetLABEL DESCRIPTIONServer Port Enter the port number this service can use to access the ZyXEL Device. The computer must use the same port number.Server Access Select the interface(s) through which a computer may access the ZyXEL Device using this service.Secured Client IP AddressSelect All to allow any computer to access the ZyXEL Device using this service.Select Selected to only allow the computer with the IP address that you specify to access the ZyXEL Device using this service.Apply Click this to save your changes.Reset Click this to set every field in this screen to its default value.
ZyXEL MAX-200M1 Series User’s Guide156 Chapter 16 Remote MGMTFigure 87   Management > Remote MGMT > FTPEach field is described in the following table.16.3  SNMPSimple Network Management Protocol (SNMP) is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your ZyXEL Device supports SNMP agent functionality, which allows a manager station to manage and monitor the ZyXEL Device through the network. The ZyXEL Device supports SNMP version one (SNMPv1) and version two (SNMPv2). The next figure illustrates an SNMP management operation.Note: SNMP is only available if TCP/IP is configured.Table 52   Management > Remote MGMT > FTPLABEL DESCRIPTIONServer Port Enter the port number this service can use to access the ZyXEL Device. The computer must use the same port number.Server Access Select the interface(s) through which a computer may access the ZyXEL Device using this service.Secured Client IP AddressSelect All to allow any computer to access the ZyXEL Device using this service.Select Selected to only allow the computer with the IP address that you specify to access the ZyXEL Device using this service.Apply Click this to save your changes and to apply them to the ZyXEL Device.Reset Click this to set every field in this screen to its default value.
ZyXEL MAX-200M1 Series User’s GuideChapter 16 Remote MGMT 157Figure 88   SNMP Management ModelAn SNMP managed network consists of two main types of component: agents and a manager. An agent is a management software module that resides in a managed device (the ZyXEL Device). An agent translates the local management information from the managed device into a form compatible with SNMP. The manager is the console through which network administrators perform network management functions. It executes applications that control and monitor managed devices. The managed devices contain object variables/managed objects that define each piece of information to be collected about a device. Examples of variables include such as number of packets received, node port status etc. A Management Information Base (MIB) is a collection of managed objects. SNMP allows a manager and agents to communicate for the purpose of accessing these objects.SNMP itself is a simple request/response protocol based on the manager/agent model. The manager issues a request and the agent returns responses using the following protocol operations:• Get - Allows the manager to retrieve an object variable from the agent. • GetNext - Allows the manager to retrieve the next object variable from a table or list within an agent. In SNMPv1, when a manager wants to retrieve all elements of a table from an agent, it initiates a Get operation, followed by a series of GetNext operations. • Set - Allows the manager to set values for object variables within an agent. • Trap - Used by the agent to inform the manager of some events.16.3.1  Supported MIBsThe ZyXEL Device supports MIB II that is defined in RFC-1213 and RFC-1215. The focus of the MIBs is to let administrators collect statistical data and monitor status and performance.
ZyXEL MAX-200M1 Series User’s Guide158 Chapter 16 Remote MGMT16.3.2  SNMP Traps The ZyXEL Device will send traps to the SNMP manager when any one of the following events occurs:16.3.3  Configuring SNMPTo change your ZyXEL Device’s SNMP settings, click Advanced > Remote MGMT > SNMP. The screen appears as shown.Use this screen to control FTP access to your ZyXEL Device. To access this screen, click Management > Remote MGMT > SNMP.Table 53   SNMP TrapsTRAP # TRAP NAME DESCRIPTION0coldStart (defined in RFC-1215)A trap is sent after booting (power on).1warmStart (defined in RFC-1215)A trap is sent after booting (software reboot).4authenticationFailure (defined in RFC-1215)A trap is sent to the manager when receiving any SNMP get or set requirements with the wrong community (password).6whyReboot (defined in ZYXEL-MIB)A trap is sent with the reason of restart before rebooting when the system is going to restart (warm start).6a For intentional reboot: A trap is sent with the message "System reboot by user!" if reboot is done intentionally, (for example, download new files, CI command "sys reboot", etc.).6b For fatal error:  A trap is sent with the message of the fatal code if the system reboots because of fatal errors.
ZyXEL MAX-200M1 Series User’s GuideChapter 16 Remote MGMT 159Figure 89   Management > Remote MGMT > SNMPThe following table describes the labels in this screen.Table 54   Remote Management: SNMPLABEL DESCRIPTIONSNMP ConfigurationGet Community Enter the Get Community, which is the password for the incoming Get and GetNext requests from the management station. The default is public and allows all requests.Set Community Enter the Set community, which is the password for incoming Set requests from the management station. The default is public and allows all requests.Trap Community Enter the trap community, which is the password sent with each trap to the SNMP manager. The default is public and allows all requests.Trap Destination Enter the IP address of the station to send your SNMP traps to.SNMPPort You may change the server port number for a service if needed, however you must use the same port number in order to use that service for remote management.Access Status Select the interface(s) through which a computer may access the ZyXEL Device using this service.Secured Client IP A secured client is a “trusted” computer that is allowed to communicate with the ZyXEL Device using this service. Select All to allow any computer to access the ZyXEL Device using this service.Choose Selected to just allow the computer with the IP address that you specify to access the ZyXEL Device using this service.Apply Click this button to save your customized settings and exit this screen. Reset Click this button to set each field in this screen to its default value.
ZyXEL MAX-200M1 Series User’s Guide160 Chapter 16 Remote MGMT16.3.4  DNS ScreenUse this screen to control DNS access to your ZyXEL Device. To access this screen, click Management > Remote MGMT > DNS.Figure 90   Management > Remote MGMT > DNSEach field is described in the following table.16.3.5  Security ScreenUse this screen to control how your ZyXEL Device responds to other types of requests. To access this screen, click Management > Remote MGMT > Security.Table 55   Management > Remote MGMT > DNSLABEL DESCRIPTIONServer Port This field is read-only. This field displays the port number this service uses to access the ZyXEL Device. The computer must use the same port number.Server Access Select the interface(s) through which a computer may access the ZyXEL Device using this service.Secured Client IP AddressSelect All to allow any computer to access the ZyXEL Device using this service.Select Selected to only allow the computer with the IP address that you specify to access the ZyXEL Device using this service.Apply Click this to save your changes.Reset Click this to set every field in this screen to its last-saved value.
ZyXEL MAX-200M1 Series User’s GuideChapter 16 Remote MGMT 161Figure 91   Management > Remote MGMT > SecurityEach field is described in the following table.Table 56   Management > Remote MGMT > SecurityLABEL DESCRIPTIONRespond to Ping onSelect the interface(s) on which the ZyXEL Device should respond to incoming ping requests.Disable - the ZyXEL Device does not respond to any ping requests.LAN - the ZyXEL Device only responds to ping requests received from the LAN.WAN - the ZyXEL Device only responds to ping requests received from the WAN.LAN & WAN - the ZyXEL Device responds to ping requests received from the LAN or the WAN.Do not respond to requests for unauthorized servicesSelect this to prevent outsiders from discovering your ZyXEL Device by sending requests to unsupported port numbers. If an outside user attempts to probe an unsupported port on your ZyXEL Device, an ICMP response packet is automatically returned. This allows the outside user to know the ZyXEL Device exists. Your ZyXEL Device supports anti-probing, which prevents the ICMP response packet from being sent. This keeps outsiders from discovering your ZyXEL Device when unsupported ports are probed.If you clear this, your ZyXEL Device replies with an ICMP Port Unreachable packet for a port probe on unused UDP ports and with a TCP Reset packet for a port probe on unused TCP ports. Apply Click this to save your changes.Cancel Click this to set every field in this screen to its default value.
ZyXEL MAX-200M1 Series User’s Guide162 Chapter 16 Remote MGMT
ZyXEL MAX-200M1 Series User’s GuideChapter 17 UPnP 163CHAPTER 17UPnPUse this screen to set up UPnP.17.1  Introducing Universal Plug and PlayUniversal Plug and Play (UPnP) is a distributed, open networking standard that uses TCP/IP for simple peer-to-peer network connectivity between devices. A UPnP device can dynamically join a network, obtain an IP address, convey its capabilities and learn about other devices on the network. In turn, a device can leave a network smoothly and automatically when it is no longer in use.17.1.1  How do I know if I'm using UPnP? UPnP hardware is identified as an icon in the Network Connections folder (Windows XP). Each UPnP compatible device installed on your network will appear as a separate icon. Selecting the icon of a UPnP device will allow you to access the information and properties of that device. 17.1.2  NAT TraversalUPnP NAT traversal automates the process of allowing an application to operate through NAT. UPnP network devices can automatically configure network addressing, announce their presence in the network to other UPnP devices and enable exchange of simple product and service descriptions. NAT traversal allows the following:• Dynamic port mapping• Learning public IP addresses• Assigning lease times to mappingsWindows Messenger is an example of an application that supports NAT traversal and UPnP. See Chapter 9 on page 97 for further information about NAT.17.1.3  Cautions with UPnPThe automated nature of NAT traversal applications in establishing their own services and opening firewall ports may present network security issues. Network information and configuration may also be obtained and modified by users in some network environments.
ZyXEL MAX-200M1 Series User’s Guide164 Chapter 17 UPnPAll UPnP-enabled devices may communicate freely with each other without additional configuration. Disable UPnP if this is not your intention. 17.1.4  UPnP and ZyXELZyXEL has achieved UPnP certification from the Universal Plug and Play Forum Creates UPnP™ Implementors Corp. (UIC). ZyXEL's UPnP implementation supports IGD 1.0 (Internet Gateway Device). At the time of writing ZyXEL's UPnP implementation supports Windows Messenger 4.6 and 4.7 while Windows Messenger 5.0 and Xbox are still being tested.The ZyXEL Device only sends UPnP multicasts to the LAN.See later sections for examples of installing UPnP in Windows XP and Windows Me as well as an example of using UPnP in Windows.17.2  UPnP Examples17.2.1  Installing UPnP in Windows ExampleThis section shows how to install UPnP in Windows Me and Windows XP. 17.2.1.1  Installing UPnP in Windows MeFollow the steps below to install the UPnP in Windows Me. 1Click Start and Control Panel. Double-click Add/Remove Programs.2Click on the Windows Setup tab and select Communication in the Components selection box. Click Details.
ZyXEL MAX-200M1 Series User’s GuideChapter 17 UPnP 165Figure 92   Add/Remove Programs: Windows Setup: Communication 3In the Communications window, select the Universal Plug and Play check box in the Components selection box. Figure 93   Add/Remove Programs: Windows Setup: Communication Components4Click OK to go back to the Add/Remove Programs Properties window and click Next. 5Restart the computer when prompted.
ZyXEL MAX-200M1 Series User’s Guide166 Chapter 17 UPnP17.2.1.2  Installing UPnP in Windows XPFollow the steps below to install the UPnP in Windows XP.1Click Start and Control Panel. 2Double-click Network Connections.3In the Network Connections window, click Advanced in the main menu and select Optional Networking Components …. Figure 94   Network Connections4The Windows Optional Networking Components Wizard window displays. Select Networking Service in the Components selection box and click Details. Figure 95   Windows Optional Networking Components Wizard5In the Networking Services window, select the Universal Plug and Play check box.
ZyXEL MAX-200M1 Series User’s GuideChapter 17 UPnP 167Figure 96   Networking Services6Click OK to go back to the Windows Optional Networking Component Wizard window and click Next. 17.2.2  Using UPnP in Windows XP ExampleThis section shows you how to use the UPnP feature in Windows XP. You must already have UPnP installed in Windows XP and UPnP activated on the ZyXEL Device.Make sure the computer is connected to a LAN port of the ZyXEL Device. Turn on your computer and the ZyXEL Device. 17.2.2.1  Auto-discover Your UPnP-enabled Network Device1Click Start and Control Panel. Double-click Network Connections. An icon displays under Internet Gateway.2Right-click the icon and select Properties.
ZyXEL MAX-200M1 Series User’s Guide168 Chapter 17 UPnPFigure 97   Network Connections3In the Internet Connection Properties window, click Settings to see the port mappings there were automatically created.
ZyXEL MAX-200M1 Series User’s GuideChapter 17 UPnP 169Figure 98   Internet Connection Properties 4You may edit or delete the port mappings or click Add to manually add port mappings.
ZyXEL MAX-200M1 Series User’s Guide170 Chapter 17 UPnPFigure 99   Internet Connection Properties: Advanced SettingsFigure 100   Internet Connection Properties: Advanced Settings: Add5When the UPnP-enabled device is disconnected from your computer, all port mappings will be deleted automatically.6Select Show icon in notification area when connected option and click OK. An icon displays in the system tray.
ZyXEL MAX-200M1 Series User’s GuideChapter 17 UPnP 171Figure 101   System Tray Icon7Double-click on the icon to display your current Internet connection status.Figure 102   Internet Connection Status17.2.2.2  Web Configurator Easy AccessWith UPnP, you can access the web-based configurator on the ZyXEL Device without finding out the IP address of the ZyXEL Device first. This becomes helpful if you do not know the IP address of the ZyXEL Device.Follow the steps below to access the web configurator.1Click Start and then Control Panel. 2Double-click Network Connections. 3Select My Network Places under Other Places.
ZyXEL MAX-200M1 Series User’s Guide172 Chapter 17 UPnPFigure 103   Network Connections4An icon with the description for each UPnP-enabled device displays under Local Network. 5Right-click on the icon for your ZyXEL Device and select Invoke. The web configurator login screen displays.
ZyXEL MAX-200M1 Series User’s GuideChapter 17 UPnP 173Figure 104   Network Connections: My Network Places6Right-click on the icon for your ZyXEL Device and select Properties. A properties window displays with basic information about the ZyXEL Device.
ZyXEL MAX-200M1 Series User’s Guide174 Chapter 17 UPnPFigure 105   Network Connections: My Network Places: Properties: Example17.3  UPnP ScreenUse this screen to set up UPnP in your ZyXEL Device. To access this screen, click Management > UPnP.
ZyXEL MAX-200M1 Series User’s GuideChapter 17 UPnP 175Figure 106   Management > UPnPEach field is described in the following table.Table 57   Management > UPnPLABEL DESCRIPTIONDevice Name This field identifies your device in UPnP applications.Enable the Universal Plug and Play (UPnP) Feature Select this to activate UPnP. Be aware that anyone could use a UPnP application to open the web configurator's login screen without entering the ZyXEL Device's IP address. You still have to enter the password, however.Allow users to make configuration changes through UPnPSelect this to allow UPnP-enabled applications to automatically configure the ZyXEL Device so that they can communicate through the ZyXEL Device. For example, using NAT traversal, UPnP applications automatically reserve a NAT forwarding port in order to communicate with another UPnP enabled device; this eliminates the need to manually configure port forwarding for the UPnP enabled application. Allow UPnP to pass through FirewallSelect this to allow traffic from UPnP-enabled applications to bypass the firewall. Clear this if you want the firewall to check UPnP application packets (for example, MSN packets).Apply Click this to save your changes and to apply them to the ZyXEL Device.Cancel Click this to set every field in this screen to its default value.
ZyXEL MAX-200M1 Series User’s Guide176 Chapter 17 UPnP
ZyXEL MAX-200M1 Series User’s GuideChapter 18 Logs 177CHAPTER 18LogsUse these screens to look at log entries and alerts and to configure the ZyXEL Device’s log and alert settings.18.1  Logs OverviewFor a list of log messages, see Section 18.3 on page 182.18.1.1  AlertsAn alert is a type of log that warrants more serious attention. Some categories such as System Errors consist of both logs and alerts.18.1.2  Syslog LogsThere are two types of syslog: event logs and traffic logs. The device generates an event log when a system event occurs, for example, when a user logs in or the device is under attack. The device generates a traffic log when a "session" is terminated. A traffic log summarizes the session's type, when it started and stopped the amount of traffic that was sent and received and so on.  An external log analyzer can reconstruct and analyze the traffic flowing through the device after collecting the traffic logs.
ZyXEL MAX-200M1 Series User’s Guide178 Chapter 18 Logs The following table shows RFC-2408 ISAKMP payload types that the log displays. Please refer to the RFC for detailed information on each type. Table 58   Syslog LogsLOG MESSAGE DESCRIPTIONEvent Log: <Facility*8 + Severity>Mon dd hr:mm:ss hostname src="<srcIP:srcPort>" dst="<dstIP:dstPort>" msg="<msg>" note="<note>" devID="<mac address>" cat="<category>"This message is sent by the system ("RAS" displays as the system name if you haven’t configured one) when the router generates a syslog. The facility is defined in the Log Settings screen. The severity is the log’s syslog class. The definition of messages and notes are defined in the various log charts throughout this appendix. The “devID” is the MAC address of the router’s LAN port. The “cat” is the same as the category in the router’s logs.Traffic Log: <Facility*8 + Severity>Mon dd hr:mm:ss hostname src="<srcIP:srcPort>" dst="<dstIP:dstPort>" msg="Traffic Log" note="Traffic Log" devID="<mac address>" cat="Traffic Log" duration=seconds sent=sentBytes rcvd=receiveBytes dir="<from:to>" protoID=IPProtocolID proto="serviceName" trans="IPSec/Normal"This message is sent by the device when the connection (session) is closed. The facility is defined in the Log Settings screen. The severity is the traffic log type. The message and note always display "Traffic Log". The "proto" field lists the service name. The "dir" field lists the incoming and outgoing interfaces ("LAN:LAN", "LAN:WAN",  "LAN:DEV" for example).Table 59   RFC-2408 ISAKMP Payload TypesLOG DISPLAY PAYLOAD TYPESA Security AssociationPROP ProposalTRANS TransformKE Key ExchangeID IdentificationCER CertificateCER_REQ Certificate RequestHASH HashSIG SignatureNONCE NonceNOTFY NotificationDEL DeleteVID Vendor ID
ZyXEL MAX-200M1 Series User’s GuideChapter 18 Logs 17918.2  Logs Screens18.2.1  Log Viewer ScreenUse this screen to look at log entries and alerts. Alerts are written in red. To access this screen, click Maintenance > Logs > View Log.Figure 107   Maintenance > Logs > View LogClick a column header to sort log entries in descending (later-to-earlier) order. Click again to sort in ascending order. The small triangle next to a column header indicates how the table is currently sorted (pointing downward is descending; pointing upward is ascending). Each field is described in the following table.18.2.2  Log Settings ScreenUse this screen to configure where the ZyXEL Device sends logs and alerts, the schedule for sending logs, and which logs and alerts are sent or recorded.Table 60   Maintenance > Logs > View LogLABEL DESCRIPTIONDisplay Select a category whose log entries you want to view. To view all logs, select All Logs. The list of categories depends on what log categories are selected in the Log Settings page.Email Log Now Click this to send the log screen to the e-mail address specified in the Log Settings page.Refresh Click Refresh to renew the log screen. Clear Log Click Clear Log to clear all the log entries, regardless of what is shown on the log screen.#This field is a sequential value, and it is not associated with a specific log entry.Time This field displays the time the log entry was recorded.Message This field displays the reason for the log entry. See Section 18.3 on page 182.Source This field displays the source IP address and the port number of the incoming packet. In many cases, some or all of this information may not be available.Destination This field lists the destination IP address and the port number of the incoming packet. In many cases, some or all of this information may not be available.Note This field displays additional information about the log entry.
ZyXEL MAX-200M1 Series User’s Guide180 Chapter 18 LogsTo access this screen, click Maintenance > Logs > Log Settings.Figure 108   Maintenance > Logs > Log SettingsEach field is described in the following table.Table 61   Maintenance > Logs > Log SettingsLABEL DESCRIPTIONE-mail Log SettingsMail Server Enter the server name or the IP address of the mail server the ZyXEL Device should use to e-mail logs and alerts. Leave this field blank if you do not want to send logs or alerts by e-mail.Mail Subject Enter the subject line used in e-mail messages the ZyXEL Device sends.
ZyXEL MAX-200M1 Series User’s GuideChapter 18 Logs 181Send Log to Enter the e-mail address to which log entries are sent by e-mail. Leave this field blank if you do not want to send logs by e-mail.Send Alerts to Enter the e-mail address to which alerts are sent by e-mail. Leave this field blank if you do not want to send alerts by e-mail.Log Schedule Select the frequency with which the ZyXEL Device should send log messages by e-mail.•Daily• Weekly•Hourly• When Log is Full• None. If the Weekly or the Daily option is selected, specify a time of day when the E-mail should be sent. If the Weekly option is selected, then also specify which day of the week the E-mail should be sent. If the When Log is Full option is selected, an alert is sent when the log fills up. If you select None, no log messages are sent.Day for Sending LogThis field is only available when you select Weekly in the Log Schedule field.Select which day of the week to send the logs.Time for Sending LogThis field is only available when you select Daily or Weekly in the Log Schedule field.Enter the time of day in 24-hour format (for example 23:00 equals 11:00 pm) to send the logs.Clear log after sending mailSelect this to clear all logs and alert messages after logs are sent by e-mail.Syslog Logging Syslog logging sends a log to an external syslog server used to store logs.Active Select this to enable syslog logging.Syslog Server IP AddressEnter the server name or IP address of the syslog server that logs the selected categories of logs.Log Facility Select a location. The log facility allows you to log the messages in different files in the syslog server. See the documentation of your syslog for more details.Active Log and AlertLog Select the categories of logs that you want to record. Send immediate alertSelect the categories of alerts that you want the ZyXEL Device to send immediately.Apply Click this to save your changes and to apply them to the ZyXEL Device.Cancel Click this to set every field in this screen to its last-saved value.Table 61   Maintenance > Logs > Log SettingsLABEL DESCRIPTION
ZyXEL MAX-200M1 Series User’s Guide182 Chapter 18 Logs18.3  Log Message DescriptionsThe following tables provide descriptions of example log messages. Table 62   System Error LogsLOG MESSAGE DESCRIPTIONWAN connection is down. The WAN connection is down. You cannot access the network through this interface.%s exceeds the max. number of session per host!This attempt to create a NAT session exceeds the maximum number of NAT session table entries allowed to be created per host.Table 63   System Maintenance LogsLOG MESSAGE DESCRIPTIONTime calibration is successfulThe device has adjusted its time based on information from the time server.Time calibration failed The device failed to get information from the time server.WAN interface gets IP: %s The WAN interface got a new IP address from the DHCP or  PPPoE server.DHCP client gets %s A DHCP client got a new IP address from the DHCP server.DHCP client IP expired A DHCP client's IP address has expired.DHCP server assigns %s The DHCP server assigned an IP address to a client.Successful WEB login Someone has logged on to the device's web configurator interface.WEB login failed Someone has failed to log on to the device's web configurator interface.TELNET Login Successfully Someone has logged on to the router via telnet.TELNET Login Fail Someone has failed to log on to the router via telnet.Successful FTP login Someone has logged on to the device via ftp.FTP login failed Someone has failed to log on to the device via ftp.NAT Session Table is Full! The maximum number of NAT session table entries has been exceeded and the table is full.Time initialized by Daytime ServerThe device got the time and date from the Daytime server.Time initialized by Time serverThe device got the time and date from the time server.Time initialized by NTP serverThe device got the time and date from the NTP server.Connect to Daytime server failThe device was not able to connect to the Daytime server.Connect to Time server fail The device was not able to connect to the Time server.Connect to NTP server fail The device was not able to connect to the NTP server.
ZyXEL MAX-200M1 Series User’s GuideChapter 18 Logs 183 Too large ICMP packet has been droppedThe device dropped an ICMP packet that was too large.Configuration Change: PC = 0x%x, Task ID = 0x%xThe device is saving configuration changes.Table 64   Access Control LogsLOG MESSAGE DESCRIPTIONFirewall default policy: [ TCP | UDP | IGMP | ESP | GRE | OSPF ] <Packet Direction>Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access matched the default policy and was blocked or forwarded according to the default policy’s setting.Firewall rule [NOT] match:[ TCP | UDP | IGMP | ESP | GRE | OSPF ] <Packet Direction>, <rule:%d>Attempted TCP/UDP/IGMP/ESP/GRE/OSPF access matched (or did not match) a configured firewall rule (denoted by its number) and was blocked or forwarded according to the rule. Triangle route packet forwarded: [ TCP | UDP | IGMP | ESP | GRE | OSPF ]The firewall allowed a triangle route session to pass through.Packet without a NAT table entry blocked: [ TCP | UDP | IGMP | ESP | GRE | OSPF ]The router blocked a packet that didn't have a corresponding NAT table entry.Router sent blocked web site message: TCPThe router sent a message to notify a user that the router blocked access to a web site that the user requested.Exceed maximum sessions per host (%d). The device blocked a session because the host's connections exceeded the maximum sessions per host.Firewall allowed a packet that matched a NAT session: [ TCP | UDP ]A packet from the WAN (TCP or UDP) matched a cone NAT session and the device forwarded it to the LAN.Table 65   TCP Reset LogsLOG MESSAGE DESCRIPTIONUnder SYN flood attack, sent TCP RSTThe router sent a TCP reset packet when a host was under a SYN flood attack (the TCP incomplete count is per destination host.) Exceed TCP MAX incomplete, sent TCP RSTThe router sent a TCP reset packet when the number of TCP incomplete connections exceeded the user configured threshold. (the TCP incomplete count is per destination host.) Peer TCP state out of order, sent TCP RSTThe router sent a TCP reset packet when a TCP connection state was out of order.Note: The firewall refers to RFC793 Figure 6 to check the TCP state.Table 63   System Maintenance Logs (continued)LOG MESSAGE DESCRIPTION
ZyXEL MAX-200M1 Series User’s Guide184 Chapter 18 Logs  For type and code details, see Table 74 on page 188.Firewall session time out, sent TCP RSTThe router sent a TCP reset packet when a dynamic firewall session timed out.The default timeout values are as follows:ICMP idle timeout: 3 minutesUDP idle timeout:  3 minutesTCP connection (three way handshaking) timeout: 270 secondsTCP FIN-wait timeout: 2 MSL (Maximum Segment Lifetime set in the TCP header).TCP idle (established) timeout (s): 150 minutesTCP reset timeout: 10 secondsExceed MAX incomplete, sent TCP RSTThe router sent a TCP reset packet when the number of incomplete connections (TCP and UDP) exceeded the user-configured threshold. (Incomplete count is for all TCP and UDP connections through the firewall.)Note: When the number of incomplete connections (TCP + UDP) > “Maximum Incomplete High”, the router sends TCP RST packets for TCP connections and destroys TOS (firewall dynamic sessions) until incomplete connections < “Maximum Incomplete Low”.Access block, sent TCP RSTThe router sends a TCP RST packet and generates this log if you turn on the firewall TCP reset mechanism (via CI command: sys firewall tcprst).Table 66   Packet Filter LogsLOG MESSAGE DESCRIPTION[ TCP | UDP | ICMP | IGMP | Generic ] packet filter matched (set: %d, rule: %d)Attempted access matched a configured filter rule (denoted by its set and rule number) and was blocked or forwarded according to the rule.Table 67   ICMP LogsLOG MESSAGE DESCRIPTIONFirewall default policy: ICMP <Packet Direction>, <type:%d>, <code:%d>ICMP access matched the default policy and was blocked or forwarded according to the user's setting.Firewall rule [NOT] match: ICMP <Packet Direction>, <rule:%d>, <type:%d>, <code:%d>ICMP access matched (or didn’t match) a firewall rule (denoted by its number) and was blocked or forwarded according to the rule. Triangle route packet forwarded: ICMPThe firewall allowed a triangle route session to pass through.Packet without a NAT table entry blocked: ICMPThe router blocked a packet that didn’t have a corresponding NAT table entry.Table 65   TCP Reset Logs (continued)LOG MESSAGE DESCRIPTION
ZyXEL MAX-200M1 Series User’s GuideChapter 18 Logs 185    Unsupported/out-of-order ICMP: ICMPThe firewall does not support this kind of ICMP packets or the ICMP packets are out of order.Router reply ICMP packet: ICMP The router sent an ICMP reply packet to the sender.Table 68   CDR LogsLOG MESSAGE DESCRIPTIONboard %d line %d channel %d, call %d, %s C01 Outgoing Call dev=%x ch=%x %sThe router received the setup requirements for a call. “call” is the reference (count) number of the call. “dev” is the device type (3 is for dial-up, 6 is for PPPoE). "channel" or “ch” is the call channel ID.For example, "board 0 line 0 channel 0, call 3, C01 Outgoing Call dev=6 ch=0 "Means the router has dialed to the PPPoE server 3 times.board %d line %d channel %d, call %d, %s C02 OutCall Connected %d %sThe PPPoE or dial-up call is connected.board %d line %d channel %d, call %d, %s C02 Call TerminatedThe PPPoE or dial-up call was disconnected.Table 69   PPP LogsLOG MESSAGE DESCRIPTIONppp:LCP Starting The PPP connection’s Link Control Protocol stage has started.ppp:LCP Opening The PPP connection’s Link Control Protocol stage is opening.ppp:CHAP Opening The PPP connection’s Challenge Handshake Authentication Protocol stage is opening.ppp:IPCP Starting The PPP connection’s Internet Protocol Control Protocol stage is starting.ppp:IPCP Opening The PPP connection’s Internet Protocol Control Protocol stage is opening.ppp:LCP Closing The PPP connection’s Link Control Protocol stage is closing.ppp:IPCP Closing The PPP connection’s Internet Protocol Control Protocol stage is closing.Table 70   UPnP LogsLOG MESSAGE DESCRIPTIONUPnP pass through Firewall UPnP packets can pass through the firewall.Table 67   ICMP Logs (continued)LOG MESSAGE DESCRIPTION
ZyXEL MAX-200M1 Series User’s Guide186 Chapter 18 Logs  For type and code details, see Table 74 on page 188.Table 71   Content Filtering LogsLOG MESSAGE DESCRIPTION%s: Keyword blocking The content of a requested web page matched a user defined keyword.%s: Not in trusted web listThe web site is not in a trusted domain, and the router blocks all traffic except trusted domain sites.%s: Forbidden Web site The web site is in the forbidden web site list.%s: Contains ActiveX The web site contains ActiveX.%s: Contains Java appletThe web site contains a Java applet.%s: Contains cookie The web site contains a cookie.%s: Proxy mode detectedThe router detected proxy mode in the packet.%s: Trusted Web site The web site is in a trusted domain.%s When the content filter is not on according to the time schedule.Waiting content filter server timeoutThe external content filtering server did not respond within the timeout period.DNS resolving failed The ZyXEL Device cannot get the IP address of the external content filtering via DNS query.Creating socket failed The ZyXEL Device cannot issue a query because TCP/IP socket creation failed, port:port number.Connecting to content filter server failThe connection to the external content filtering server failed.License key is invalid The external content filtering license key is invalid.Table 72   Attack LogsLOG MESSAGE DESCRIPTIONattack [ TCP | UDP | IGMP | ESP | GRE | OSPF ]The firewall detected a TCP/UDP/IGMP/ESP/GRE/OSPF attack.attack ICMP (type:%d, code:%d)The firewall detected an ICMP attack. land [ TCP | UDP | IGMP | ESP | GRE | OSPF ]The firewall detected a TCP/UDP/IGMP/ESP/GRE/OSPF land attack.land ICMP (type:%d, code:%d)The firewall detected an ICMP land attack. ip spoofing - WAN [ TCP | UDP | IGMP | ESP | GRE | OSPF ]The firewall detected an IP spoofing attack on the WAN port.ip spoofing - WAN ICMP (type:%d, code:%d)The firewall detected an ICMP IP spoofing attack on the WAN port. icmp echo : ICMP (type:%d, code:%d)The firewall detected an ICMP echo attack.
ZyXEL MAX-200M1 Series User’s GuideChapter 18 Logs 187syn flood TCP The firewall detected a TCP syn flood attack.ports scan TCP The firewall detected a TCP port scan attack.teardrop TCP The firewall detected a TCP teardrop attack.teardrop UDP The firewall detected an UDP teardrop attack.teardrop ICMP (type:%d, code:%d)The firewall detected an ICMP teardrop attack. illegal command TCP The firewall detected a TCP illegal command attack.NetBIOS TCP The firewall detected a TCP NetBIOS attack.ip spoofing - no routing entry [ TCP | UDP | IGMP | ESP | GRE | OSPF ]The firewall classified a packet with no source routing entry as an IP spoofing attack.ip spoofing - no routing entry ICMP (type:%d, code:%d)The firewall classified an ICMP packet with no source routing entry as an IP spoofing attack.vulnerability ICMP (type:%d, code:%d)The firewall detected an ICMP vulnerability attack. traceroute ICMP (type:%d, code:%d)The firewall detected an ICMP traceroute attack. ports scan UDP The firewall detected a UDP port scan attack.Firewall sent TCP packet in response to DoS attack TCPThe firewall sent TCP packet in response to a DoS attackICMP Source Quench ICMP The firewall detected an ICMP Source Quench attack.ICMP Time Exceed ICMP The firewall detected an ICMP Time Exceed attack.ICMP Destination Unreachable ICMPThe firewall detected an ICMP Destination Unreachable attack.ping of death. ICMP The firewall detected an ICMP ping of death attack.smurf ICMP The firewall detected an ICMP smurf attack.Table 73   Remote Management LogsLOG MESSAGE DESCRIPTIONRemote Management: FTP denied Attempted use of FTP service was blocked according to remote management settings.Remote Management: TELNET denied Attempted use of TELNET service was blocked according to remote management settings.Remote Management: HTTP or UPnP deniedAttempted use of HTTP or UPnP service was blocked according to remote management settings.Remote Management: WWW denied Attempted use of WWW service was blocked according to remote management settings.Remote Management: HTTPS denied Attempted use of HTTPS service was blocked according to remote management settings.Table 72   Attack Logs (continued)LOG MESSAGE DESCRIPTION
ZyXEL MAX-200M1 Series User’s Guide188 Chapter 18 Logs Remote Management: SSH denied Attempted use of SSH service was blocked according to remote management settings.Remote Management: ICMP Ping response deniedAttempted use of ICMP service was blocked according to remote management settings.Remote Management: DNS denied Attempted use of DNS service was blocked according to remote management settings.Table 74   ICMP NotesTYPE CODE DESCRIPTION0Echo Reply0Echo reply message3Destination Unreachable0Net unreachable1Host unreachable2Protocol unreachable3Port unreachable4A packet that needed fragmentation was dropped because it was set to Don't Fragment (DF)5Source route failed4Source Quench0A gateway may discard internet datagrams if it does not have the buffer space needed to queue the datagrams for output to the next network on the route to the destination network.5Redirect0Redirect datagrams for the Network1Redirect datagrams for the Host2Redirect datagrams for the Type of Service and Network3Redirect datagrams for the Type of Service and Host8Echo0Echo message11 Time Exceeded0Time to live exceeded in transit1Fragment reassembly time exceeded12 Parameter Problem0Pointer indicates the error13 Timestamp0Timestamp request message14 Timestamp ReplyTable 73   Remote Management LogsLOG MESSAGE DESCRIPTION
ZyXEL MAX-200M1 Series User’s GuideChapter 18 Logs 1890Timestamp reply message15 Information Request0Information request message16 Information Reply0Information reply messageTable 75   SIP LogsLOG MESSAGE DESCRIPTIONSIP Registration Success by SIP:SIP Phone NumberThe listed SIP account was successfully registered with a SIP register server.SIP Registration Fail by SIP:SIP Phone NumberAn attempt to register the listed SIP account with a SIP register server was not successful.SIP UnRegistration Success by SIP:SIP Phone NumberThe listed SIP account’s registration was deleted from the SIP register server.SIP UnRegistration Fail by SIP:SIP Phone NumberAn attempt to delete the listed SIP account’s registration from the SIP register server failed.Table 76   RTP LogsLOG MESSAGE DESCRIPTIONError, RTP init fail The initialization of an RTP session failed.Error, Call fail: RTP connect failA VoIP phone call failed because the RTP session could not be established.Error, RTP connection cannot closeThe termination of an RTP session failed.Table 74   ICMP Notes (continued)TYPE CODE DESCRIPTION
ZyXEL MAX-200M1 Series User’s Guide190 Chapter 18 LogsTable 77   FSM Logs: Caller SideLOG MESSAGE DESCRIPTIONVoIP Call Start Ph[Phone Port Number] <- Outgoing Call NumberSomeone used a phone connected to the listed phone port to initiate a VoIP call to  the listed destination.VoIP Call Established Ph[Phone Port] -> Outgoing Call NumberSomeone used a phone connected to the listed phone port to make a VoIP call to the listed destination.VoIP Call End Phone[Phone Port]A VoIP phone call made from a phone connected to the listed phone port has terminated.Table 78   FSM Logs: Callee SideLOG MESSAGE DESCRIPTIONVoIP Call Start from SIP[SIP Port Number]A VoIP phone call came to the ZyXEL Device from the listed SIP number.VoIP Call Established Ph[Phone Port] <- Outgoing Call NumberA VoIP phone call was set up from the listed SIP number to the ZyXEL Device.VoIP Call End Phone[Phone Port]A VoIP phone call that came into the ZyXEL Device has terminated.Table 79   Lifeline LogsLOG MESSAGE DESCRIPTIONPSTN Call Start A PSTN call has been initiated.PSTN Call End A PSTN call has terminated.PSTN Call Established A PSTN call has been set up.
ZyXEL MAX-200M1 Series User’s GuideChapter 19 Tools 191CHAPTER 19ToolsUse these screens to upload new firmware, back up and restore the configuration, and restart the ZyXEL Device.19.1  Tools Overview19.1.1  ZyXEL FirmwareFind firmware at www.zyxel.com in a file that (usually) uses the system model name with a "*.bin" extension, e.g., "ZyXEL Device.bin". The upload process uses HTTP (Hypertext Transfer Protocol) and may take up to two minutes. After a successful upload, the system will reboot. Note: Only use firmware for your ZyXEL Device’s specific model. Refer to the label on the back of your ZyXEL Device.19.2  Tools Screens19.2.1  Firmware ScreenUse this screen to upload new firmware to the ZyXEL Device. To access this screen, click Maintenance > Tools > Firmware.Note: Only use firmware for your ZyXEL Device’s specific model. Refer to the label on the bottom of your ZyXEL Device.
ZyXEL MAX-200M1 Series User’s Guide192 Chapter 19 ToolsFigure 109   Maintenance > Tools > FirmwareEach field is described in the following table.19.2.2  Firmware Upload ScreensNote: Do not turn off the device while firmware upload is in progress!When the ZyXEL Device starts to upload firmware, the Firmware Upload in Process screen appears.Figure 110   Firmware Upload In ProcessThe process usually takes about two minutes. The device automatically restarts in this time. This causes a temporary network disconnect. In some operating systems, you may see the following icon on your desktop.Table 80   Maintenance > Tools > FirmwareLABEL DESCRIPTIONFile Path  Enter the location of the .bin file you want to upload, or click Browse... to find it. You must decompress compressed (.zip) files before you can upload them.Browse...  Click this to find the .bin file you want to upload.Upload  Click this to begin uploading the selected file. This may take up to two minutes. See Section 19.2.2 on page 192 for more information about this process.Note: Do not turn off the device while firmware upload is in progress!
ZyXEL MAX-200M1 Series User’s GuideChapter 19 Tools 193Figure 111   Network Temporarily DisconnectedAfter two minutes, log in again, and check your new firmware version in the Status screen. You might have to open a new browser to log in.If the upload is not successful, the following screen appears.Figure 112   Firmware Upload ErrorClick Return to go back to the Firmware screen.19.2.3  Configuration ScreenUse this screen to back up or restore the configuration of the ZyXEL Device. You can also use this screen to reset the ZyXEL Device to the factory default settings. To access this screen, click Maintenance > Tools > Configuration.
ZyXEL MAX-200M1 Series User’s Guide194 Chapter 19 ToolsFigure 113   Maintenance > Tools > ConfigurationEach field is described in the following table.19.2.4  Restore Configuration ScreensNote: Do not turn off the device while configuration file upload is in progress.When the ZyXEL Device has finished restoring the selected configuration file, the following screen appears.Table 81   Maintenance > Tools > ConfigurationLABEL DESCRIPTIONBackup ConfigurationBackup Click this to save the ZyXEL Device’s current configuration to a file on your computer. Once your device is configured and functioning properly, it is highly recommended that you back up your configuration file before making configuration changes. The backup configuration file is useful if you need to return to your previous settings.Restore ConfigurationFile Path Enter the location of the file you want to upload, or click Browse... to find it.Browse Click this to find the file you want to upload.Upload Click this to restore the selected configuration file. See Section 19.2.4 on page 194 for more information about this.Note: Do not turn off the device while configuration file upload is in progress.Back to Factory DefaultsReset Click this to clear all user-entered configuration information and return the ZyXEL Device to its factory defaults. There is no warning screen.
ZyXEL MAX-200M1 Series User’s GuideChapter 19 Tools 195Figure 114   Configuration Upload SuccessfulThe device now automatically restarts. This causes a temporary network disconnect. In some operating systems, you may see the following icon on your desktop.Figure 115   Network Temporarily DisconnectedIf the ZyXEL Device’s IP address is different in the configuration file you selected, you may need to change the IP address of your computer to be in the same subnet as that of the default management IP address (192.168.5.1). See your Quick Start Guide or the appendices for details on how to set up your computer’s IP address.You might have to open a new browser to log in again.If the upload was not successful, a Configuration Upload Error screen appears.Figure 116   Configuration Upload ErrorClick Return to go back to the Configuration screen.19.2.5  Restart ScreenUse this screen to reboot the ZyXEL Device without turning the power off. To access this screen, click Maintenance > Tools > Restart.
ZyXEL MAX-200M1 Series User’s Guide196 Chapter 19 ToolsFigure 117   Maintenance > Tools > RestartThis does not affect the ZyXEL Device’s configuration. When you click Restart, the following screen appears.Figure 118   Maintenance > Tools > Restart > In ProgressWait one minute for the device to finish restarting. Then, you can log in again.
ZyXEL MAX-200M1 Series User’s GuideChapter 20 System 197CHAPTER 20SystemUse this screen to set up general system settings, change the system mode, change the password, configure the DDNS server settings, and set the current date and time.20.1  System Features Overview20.1.1  System NameSystem Name is for identification purposes. However, because some ISPs check this name you should enter your computer's  "Computer Name". • In Windows 95/98 click Start, Settings, Control Panel, Network. Click the Identification tab, note the entry for the Computer Name field and enter it as the System Name.• In Windows 2000, click Start, Settings and Control Panel and then double-click System. Click the Network Identification tab and then the Properties button. Note the entry for the Computer name field and enter it as the System Name.• In Windows XP, click Start, My Computer, View system information and then click the Computer Name tab. Note the entry in the Full computer name field and enter it as the ZyXEL Device System Name.20.1.2  Domain NameThe Domain Name entry is what is propagated to the DHCP clients on the LAN. If you leave this blank, the domain name obtained by DHCP from the ISP is used. While you must enter the host name (System Name) on each individual computer, the domain name can be assigned from the ZyXEL Device via DHCP.20.1.3  DNS Server Address AssignmentUse DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa, for instance, the IP address of www.zyxel.com is 204.217.0.2. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it. The ZyXEL Device can get the DNS server addresses in the following ways.
ZyXEL MAX-200M1 Series User’s Guide198 Chapter 20 System1The ISP tells you the DNS server addresses, usually in the form of an information sheet, when you sign up. If your ISP gives you DNS server addresses, enter them in the DNS Server fields in the SYSTEM General screen.2If the ISP did not give you DNS server information, leave the DNS Server fields in  the SYSTEM General screen set to 0.0.0.0 for the ISP to dynamically assign the DNS server IP addresses.20.1.4  Dynamic DNSDynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP server or Web site on your own computer using a domain name (for instance myhost.dhs.org, where myhost is a name of your choice) that will never change instead of using an IP address that changes each time you reconnect. Your friends or relatives will always be able to call you even if they don't know your IP address.First of all, you need to have registered a dynamic DNS account with www.dyndns.org. This is for people with a dynamic IP from their ISP or DHCP server that would still like to have a domain name. The Dynamic DNS service provider will give you a password or key.Enabling the wildcard feature for your host causes *.yourhost.dyndns.org to be aliased to the same IP address as yourhost.dyndns.org. This feature is useful if you want to be able to use, for example, www.yourhost.dyndns.org and still reach your hostname.Note: If you have a private WAN IP address, then you cannot use Dynamic DNS.20.1.5  Pre-defined NTP Time Servers ListThe ZyXEL Device uses the following pre-defined list of NTP time servers if you do not specify a time server or it cannot synchronize with the time server you specified.Note: The ZyXEL Device can use this pre-defined list of time servers regardless of the Time Protocol you select.When the ZyXEL Device uses the pre-defined list of NTP time servers, it randomly selects one server and tries to synchronize with it. If the synchronization fails, then the ZyXEL Device goes through the rest of the list in order from the first one tried until either it is successful or all the pre-defined NTP time servers have been tried.Table 82   Pre-defined NTP Time Serversntp1.cs.wisc.eduntp1.gbg.netnod.sentp2.cs.wisc.edutock.usno.navy.milntp3.cs.wisc.eduntp.cs.strath.ac.uk
ZyXEL MAX-200M1 Series User’s GuideChapter 20 System 19920.1.6  Resetting the TimeThe ZyXEL Device resets the time in the following instances:• When the ZyXEL Device starts up.• When you click Apply in the Time Setting Screen.• 24-hour intervals after starting.20.2  System Screens20.2.1  General System ScreenUse this screen to change the ZyXEL Device’s mode, set up the ZyXEL Device’s system name, domain name, idle timeout, and administrator password. To access this screen, click Maintenance > System > General.ntp1.sp.setime1.stupi.setick.stdtime.gov.twtock.stdtime.gov.twtime.stdtime.gov.twTable 82   Pre-defined NTP Time Servers
ZyXEL MAX-200M1 Series User’s Guide200 Chapter 20 SystemFigure 119   Maintenance > System > GeneralEach field is described in the following table.20.2.2  Dynamic DNS ScreenUse this screen to set up the ZyXEL Device as a dynamic DNS client. To access this screen, click Maintenance > System > Dynamic DNS.Table 83   Maintenance > System > GeneralLABEL DESCRIPTIONSystem SetupSystem Name Enter your computer's  "Computer Name". This is for identification purposes, but some ISPs also check this field. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes “-” and underscores "_" are accepted.Domain Name Enter the domain name entry that is propagated to DHCP clients on the LAN. If you leave this blank, the domain name obtained from the ISP is used. Use up to 38 alphanumeric characters. Spaces are not allowed, but dashes “-” and periods "." are accepted.Administrator Inactivity TimerEnter the number of minutes a management session can be left idle before the session times out. After it times out, you have to log in again. A value of "0" means a management session never times out, no matter how long it has been left idle. This is not recommended. Long idle timeouts may have security risks. The default is five minutes. Password SetupOld Password Enter the current password you use to access the ZyXEL Device.New Password Enter the new password for the ZyXEL Device. You can use up to 30 characters. As you type the password, the screen displays an asterisk (*) for each character you type.Retype to Confirm Enter the new password again.Apply Click this to save your changes and to apply them to the ZyXEL Device.Reset Click this to set every field in this screen to its default value.
ZyXEL MAX-200M1 Series User’s GuideChapter 20 System 201Figure 120   Maintenance > System > Dynamic DNSEach field is described in the following table.Table 84   Maintenance > System > Dynamic DNSLABEL DESCRIPTIONDynamic DNS SetupEnable Dynamic DNSSelect this to use dynamic DNS.Service Provider Select the name of your Dynamic DNS service provider.Dynamic DNS TypeSelect the type of service that you are registered for from your Dynamic DNS service provider.Host Name Enter the host name. You can specify up to two host names, separated by a comma (",").User Name Enter your user name.Password Enter the password assigned to you.Enable Wildcard OptionSelect this to enable the DynDNS Wildcard feature.Enable offline optionThis field is available when CustomDNS is selected in the DDNS Type field. Select this if your Dynamic DNS service provider redirects traffic to a URL that you can specify while you are off line. Check with your Dynamic DNS service provider.IP Address Update PolicyUse WAN IP AddressSelect this if you want the ZyXEL Device to update the domain name with the WAN port's IP address.
ZyXEL MAX-200M1 Series User’s Guide202 Chapter 20 System20.2.3  Time Setting ScreenUse this screen to set the date, time, and time zone in the ZyXEL Device. To access this screen, click Maintenance > System > Time Setting.Dynamic DNS server auto detect IP addressSelect this if you want the DDNS server to update the IP address of the host name(s) automatically. Select this option when there are one or more NAT routers between the ZyXEL Device and the DDNS server.Note: The DDNS server may not be able to detect the proper IP address if there is an HTTP proxy server between the ZyXEL Device and the DDNS server.Use specified IP addressSelect this if you want to use the specified IP address with the host name(s). Then, specify the IP address. Use this option if you have a static IP address.Apply Click this to save your changes and to apply them to the ZyXEL Device.Reset Click this to set every field in this screen to its default value.Table 84   Maintenance > System > Dynamic DNSLABEL DESCRIPTION
ZyXEL MAX-200M1 Series User’s GuideChapter 20 System 203Figure 121   Maintenance > System > Time SettingEach field is described in the following table.Table 85   Maintenance > System > Time SettingLABEL DESCRIPTIONCurrent Time and DateThis section displays the current date and time.Time and Date SetupManual Select this if you want to specify the current date and time in the fields below.New Time Enter the new time in this field, and click Apply.New Date Enter the new date in this field, and click Apply.Get from Time ServerSelect this if you want to use a time server to update the current date and time in the ZyXEL Device.Time Protocol Select the time service protocol that your time server uses.Check with your ISP or network administrator, or use trial-and-error to find a protocol that works.Daytime (RFC 867) - This format is day/month/year/time zone.Time (RFC 868) - This format displays a 4-byte integer giving the total number of seconds since 1970/1/1 at 0:0:0.NTP (RFC 1305) - This format is similar to Time (RFC 868).Time Server AddressEnter the IP address or URL of your time server. Check with your ISP or network administrator if you are unsure of this information.Time Zone SetupTime Zone Select the time zone at your location.
ZyXEL MAX-200M1 Series User’s Guide204 Chapter 20 SystemDaylight Savings Select this if your location uses daylight savings time. Daylight savings is a period from late spring to early fall when many places set their clocks ahead of normal local time by one hour to give more daytime light in the evening.Start Date Enter which hour on which day of which week of which month daylight-savings time starts.End Date Enter which hour on the which day of which week of which month daylight-savings time ends.Apply Click this to save your changes and to apply them to the ZyXEL Device.Reset Click this to set every field in this screen to its last-saved value.Table 85   Maintenance > System > Time SettingLABEL DESCRIPTION
ZyXEL MAX-200M1 Series User’s GuideChapter 21 Troubleshooting 205CHAPTER 21TroubleshootingThis chapter covers potential problems and the corresponding remedies.21.1  Problems Starting Up the ZyXEL Device21.2  Problems with the LANTable 86   Troubleshooting Starting Up Your DevicePROBLEM CORRECTIVE ACTIONNone of the lights turn on when I turn on the ZyXEL Device.Make sure that the ZyXEL Device’s power adaptor is connected to the ZyXEL Device and plugged in to an appropriate power source. Make sure that the power source is turned on.Remove the power jack, then reinsert it.If the error persists, you may have a hardware problem. In this case, you should contact your vendor.Table 87   Troubleshooting the LANPROBLEM CORRECTIVE ACTIONThe LAN light does not turn on.Check your Ethernet cable connections (refer to the Quick Start Guide for details). Check for faulty Ethernet cables.Make sure your computer’s Ethernet Card is working properly.I cannot access the ZyXEL Device from the LAN. If Any IP is disabled, make sure that the IP address and the subnet mask of the ZyXEL Device and your computer(s) are on the same subnet.
ZyXEL MAX-200M1 Series User’s Guide206 Chapter 21 Troubleshooting21.3  Problems with the WAN21.4  Problems with the Link QualityTable 88   Troubleshooting the WANPROBLEM CORRECTIVE ACTIONI cannot connect to the Internet.Check your connection. Look at the LINK and SIGNAL LEDs on the front of the ZyXEL Device. If the ZyXEL Device cannot detect a signal, follow the steps in Section 21.4 on page 206 to search for a wireless signal.Check your security settings. In the web configurator, go to the Status screen. Click Profile in the WiMAX Information box and make sure that you are using the correct security settings for your Internet account.Check your WiMAX settings. The ZyXEL Device may have been set to search the wrong frequencies for a wireless connection. In the web configurator, go to the Status screen. Click Site Information in the WiMAX Information box and ensure that the values are correct. If the values are incorrect, enter the correct frequency settings in the Network > WAN > WiMAX Frequency screen. If you are unsure of the correct values, contact your service provider. Check your IP address settings. You may be using IP address settings incompatible with your Internet account. If you are unsure of the correct settings, contact your service provider. See Appendix C on page 223 for information on how to set up your IP address.The Internet connection disconnects.Check your WiMAX link and signal strength using the LINK and SIGNAL LEDs on the device. See the following section if signal strength is poor or the ZyXEL Device has no link to a base station.Contact your ISP if the problem persists. Table 89   Troubleshooting Link Quality PROBLEM CORRECTIVE ACTIONInternet access is slow or intermittent.The quality of the ZyXEL Device’s wireless connection to the base station may be poor.Poor signal reception may be improved by moving the ZyXEL Device away from thick walls and other obstructions, or to a higher floor in your building. There may be radio interference caused by nearby electrical devices such as microwave ovens and radio transmitters. Move the ZyXEL Device away or switch the other devices off.Weather conditions may also affect signal quality.As well as having an external antenna connector, the ZyXEL Device is equipped with an internal directional antenna. If you know the location of the base station, orient the front of the ZyXEL Device (the side with the LEDs) towards the base station. If you do not know the location of the base station, experiment by moving the ZyXEL Device while observing the SIGNAL LEDs for an increase in received signal strength.
ZyXEL MAX-200M1 Series User’s GuideChapter 21 Troubleshooting 20721.5  Problems Accessing the ZyXEL Device21.5.1  Pop-up Windows, JavaScripts and Java Permissions In order to use the web configurator you need to allow:• Web browser pop-up windows from your device.• JavaScripts (enabled by default).• Java permissions (enabled by default).Note: Internet Explorer 6 screens are used here. Screens for other Internet Explorer versions may vary.Table 90   Troubleshooting Accessing Your DevicePROBLEM CORRECTIVE ACTIONI cannot access the ZyXEL Device.The default password is “1234”. The Password field is case-sensitive. Make sure that you enter the correct password, using the proper casing.If you have changed the password and have now forgotten it, you will need to upload the default configuration file. This restores all of the factory defaults including the password.I cannot access the web configurator.Make sure that there is not a telnet session running.Use the ZyXEL Device’s WAN IP address when configuring from the WAN. Refer to the instructions on checking your WAN connection.Use the ZyXEL Device’s LAN IP address when configuring from the LAN. Refer to for instructions on checking your LAN connection.Your computer’s and the ZyXEL Device’s IP addresses must be on the same subnet for LAN access.If you changed the ZyXEL Device’s LAN IP address, then enter the new one as the URL.See the following section to check that pop-up windows, JavaScripts and Java permissions are allowed.You may also need to clear your Internet browser’s cache.In Internet Explorer, click Tools and then Internet Options to open the Internet Options screen. In the General tab, click Delete Files. In the pop-up window, select the Delete all offline content check box and click OK. Click OK in the Internet Options screen to close it.If you disconnect your computer from one device and connect it to another device that has the same IP address, your computer’s ARP (Address Resolution Protocol) table may contain an entry that maps the management IP address to the previous device’s MAC address). In Windows, use arp -d at the command prompt to delete all entries in your computer’s ARP table.I cannot remotely manage the ZyXEL Device from the LAN or WAN.Refer to Chapter 21 on page 205 for scenarios when remote management may not be possible. Use the ZyXEL Device’s WAN IP address when configuring from the WAN. Use the ZyXEL Device’s LAN IP address when configuring from the LAN.
ZyXEL MAX-200M1 Series User’s Guide208 Chapter 21 Troubleshooting21.5.1.1  Internet Explorer Pop-up BlockersYou may have to disable pop-up blocking to log into your device. Either disable pop-up blocking (enabled by default in Windows XP SP (Service Pack) 2) or allow pop-up blocking and create an exception for your device’s IP address.21.5.1.1.1  Disable pop-up Blockers1In Internet Explorer, select Tool s , Pop-up Blocker and then select Turn Off Pop-up Blocker. Figure 122   Pop-up BlockerYou can also check if pop-up blocking is disabled in the Pop-up Blocker section in the Privacy tab. 1In Internet Explorer, select Tool s , Internet Options, Privacy.2Clear the Block pop-ups check box in the Pop-up Blocker section of the screen. This disables any web pop-up blockers you may have enabled.
ZyXEL MAX-200M1 Series User’s GuideChapter 21 Troubleshooting 209Figure 123   Internet Options3Click Apply to save this setting.21.5.1.1.2  Enable pop-up Blockers with ExceptionsAlternatively, if you only want to allow pop-up windows from your device, see the following steps.1In Internet Explorer, select Tool s , Internet Options and then the Privacy tab. 2Select Settings…to open the Pop-up Blocker Settings screen.
ZyXEL MAX-200M1 Series User’s Guide210 Chapter 21 TroubleshootingFigure 124   Internet Options3Type the IP address of your device (the web page that you do not want to have blocked) with the prefix “http://”. For example, http://192.168.1.1. 4Click Add to move the IP address to the list of Allowed sites.Figure 125   Pop-up Blocker Settings
ZyXEL MAX-200M1 Series User’s GuideChapter 21 Troubleshooting 2115Click Close to return to the Privacy screen. 6Click Apply to save this setting. 21.5.1.2  JavaScriptsIf pages of the web configurator do not display properly in Internet Explorer, check that JavaScripts are allowed. 1In Internet Explorer, click Tools, Internet Options and then the Security tab. Figure 126   Internet Options 2Click the Custom Level... button. 3Scroll down to Scripting. 4Under Active scripting make sure that Enable is selected (the default).5Under Scripting of Java applets make sure that Enable is selected (the default). 6Click OK to close the window.
ZyXEL MAX-200M1 Series User’s Guide212 Chapter 21 TroubleshootingFigure 127   Security Settings - Java Scripting21.5.1.3  Java Permissions1From Internet Explorer, click Tools, Internet Options and then the Security tab. 2Click the Custom Level... button. 3Scroll down to Microsoft VM. 4Under Java permissions make sure that a safety level is selected.5Click OK to close the window.Figure 128   Security Settings - Java
ZyXEL MAX-200M1 Series User’s GuideChapter 21 Troubleshooting 21321.5.1.3.1  JAVA (Sun)1From Internet Explorer, click Tools, Internet Options and then the Advanced tab. 2make sure that Use Java 2 for <applet> under Java (Sun) is selected.3Click OK to close the window.Figure 129   Java (Sun)21.6  Telephone ProblemsTable 91   Troubleshooting TelephonePROBLEM CORRECTIVE ACTIONThe telephone port won’t work or the telephone lacks a dial tone.Check the telephone connections and telephone wire.Make sure you have the VoIP SIP Settings screen properly configured.I can access the Internet, but  cannot make VoIP calls.Make sure you have the VoIP SIP Settings screen properly configured.The VoIP LED should come on. Make sure that your telephone is connected to the  LINE port.You can also check the VoIP status in the Status screen. If the VoIP settings are correct, use speed dial to make peer-to-peer calls. If you cannot make a call using speed dial, there may be something wrong with the SIP server. Contact your VoIP service provider.
ZyXEL MAX-200M1 Series User’s Guide214 Chapter 21 Troubleshooting21.7  Problems With Multiple SIP Accounts You can set up two SIP accounts on your ZyXEL Device. By default your ZyXEL Device uses SIP account 1 for outgoing calls, and it uses SIP accounts 1 and 2 for incoming calls. With this setting, you always use SIP account 1 for your outgoing calls and you cannot distinguish which SIP account the calls are coming in through. If you want to control the use of different dialing plans for accounting purposes or other reasons, you need to configure your phone port in order to control which SIP account you are using when placing or receiving calls.
ZyXEL MAX-200M1 Series User’s GuideAppendix A 215APPENDIX AProduct SpecificationsTable 92   Product Specifications PHYSICAL AND ENVIRONMENTALProduct Name  ZyXEL MAX-200M1 Series IEEE 802.16e Simple Indoor CPEInterface Auto-negotiating, auto-MDI/MDI-X 10/100 Mbps RJ-45 Ethernet portStandards IEEE 802.16e-2005Antenna Built-in patch antenna: 6dBi, 70° azimuth, 30° elevationSMA antenna connector, equipped by default with 2dBi omni antenna, 60°Operating Temperature 0 ~ 45 degrees CentigradeStorage Temperature -25 ~ 55 degrees CentigradeOperating Humidity 10% ~ 90% (non-condensing)Storage Humidity  10% ~ 100%Power Supply 18 V DCPower consumption Worst-case-scenario 10W, peak 15WWeight 389gDimensions 120 x 160 x 50mmRADIO SPECIFICATIONSMedia Access Protocol IEEE 802.16eWiMAX Bandwidth MAX-200M1: 2.5 - 2.7 GHzMAX-210M1: 3.4 ~ 3.6 GHzMAX-230M1: 2.3 ~ 2.4 GHzData Rate Downlink:Maximum 5 MbpsUplink:Maximum 2 MbpsModulation QPSK (uplink and downlink)16-QAM (uplink and downlink)64-QAM (downlink only)Output Power 27dBm (+/- 1dB)Duplex mode Time Division Duplex (TDD)SOFTWARE SPECIFICATIONSSecurity PKMv2EAPCCMP, 128-bit AES
ZyXEL MAX-200M1 Series User’s Guide216 Appendix ATable 93   Physical FeaturesFEATURE DESCRIPTIONAuto-crossover 10/100 Mbps Ethernet InterfaceThis interface automatically adjusts to either a crossover or straight-through Ethernet cable.External Antenna  The ZyXEL Device is equipped with an attached antenna to provide a clear radio connection with the WiMAX base station.Telephone Port  Connect an analog telephone to the ZyXEL Device’s LINE port (RJ-11 connector) to take advantage of its Voice over IP (VoIP) features.Reset Button The reset button is built into the rear panel. Use this button to restore the factory default password to 1234; IP address to 192.168.1.1, subnet mask to 255.255.255.0 and DHCP server enabled with a pool of 32 IP addresses starting at 192.168.1.33. Table 94   Non-Physical FeaturesFEATURE DESCRIPTIONHigh Speed Wireless Internet AccessThe ZyXEL Device is ideal for high-speed wireless Internet browsing. WiMAX (Worldwide Interoperability for Microwave Access) is a wireless networking standard providing high-bandwidth, wide-range secured wireless service. The ZyXEL Device is a WiMAX mobile station (MS) compatible with the IEEE 802.16e standard. Firewall The ZyXEL Device is a stateful inspection firewall with DoS (Denial of Service) protection. By default, when the firewall is activated, all incoming traffic from the WAN to the LAN is blocked unless it is initiated from the LAN. The ZyXEL Device’s firewall supports TCP/UDP inspection, DoS detection and prevention, real time alerts, reports and logs.Content Filtering The ZyXEL Device can block access to web sites containing specified keywords. You can define time periods and days during which content filtering is enabled and include or exclude a range of users on the LAN from content filtering.Any IP The Any IP feature allows a computer to access the Internet and the ZyXEL Device without changing the network settings (such as IP address and subnet mask) of the computer, when the IP addresses of the computer and the ZyXEL Device are not in the same subnet.  Auto Provisioning Your Internet service provider can automatically update your device’s configuration via an auto-provisioning server.  Auto Firmware Upgrade Your device gives you the option to upgrade to a newer firmware version if it finds one during auto-provisioning. Your VoIP service provider must have an auto-provisioning server and a server set up with firmware in order for this feature to work.  Network Address Translation (NAT)Network Address Translation (NAT) allows the translation of an Internet protocol address used within one network (for example a private IP address used in a local network) to a different IP address known within another network (for example a public IP address used on the Internet).Universal Plug and Play (UPnP)Your device and other UPnP enabled devices can use the standard TCP/IP protocol to dynamically join a network, obtain an IP address and convey their capabilities to each other.
ZyXEL MAX-200M1 Series User’s GuideAppendix A 217Dynamic DNS Support With Dynamic DNS support, you can have a static hostname alias for a dynamic IP address, allowing the host to be more easily accessible from various locations on the Internet. You must register for this service with a Dynamic DNS service provider.DHCP DHCP (Dynamic Host Configuration Protocol) allows the individual clients (computers) to obtain the TCP/IP configuration at start-up from a centralized DHCP server. Your device has built-in DHCP server capability enabled by default. It can assign IP addresses, an IP default gateway and DNS servers to DHCP clients. Your device can also act as a surrogate DHCP server (DHCP Relay) where it relays IP address assignment from the actual real DHCP server to the clients.Multiple PVC (Permanent Virtual Circuits) SupportYour device supports up to 8 Permanent Virtual Circuits (PVCs).IP Alias IP alias allows you to partition a physical network into logical networks over the same Ethernet interface. Your device supports three logical LAN interfaces via its single physical Ethernet interface with the your device itself as the gateway for each LAN network.IP Policy Routing (IPPR) Traditionally, routing is based on the destination address only and the router takes the shortest path to forward a packet. IP Policy Routing (IPPR) provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy defined by the network administrator. REN A Ringer Equivalence Number (REN) is used to determine the number of devices (like telephones or fax machines) that may be connected to the telephone line. Your device has a REN of three, so it can support three devices per telephone port.Multiple SIP Accounts You can configure multiple voice (SIP) accounts.SIP ALG Your device is a SIP Application Layer Gateway (ALG). It allows VoIP calls to pass through NAT for devices behind it (such as a SIP-based VoIP software application on a computer). Dynamic Jitter Buffer The built-in adaptive buffer helps to smooth out the variations in delay (jitter) for voice traffic. This helps ensure good voice quality for your conversations.Voice Activity Detection/Silence SuppressionVoice Activity Detection (VAD) reduces the bandwidth that a call uses by not transmitting when you are not speaking. Comfort Noise Generation Your device generates background noise to fill moments of silence when the other device in a call stops transmitting because the other party is not speaking (as total silence could easily be mistaken for a lost connection). Echo Cancellation  You device supports G.168, an ITU-T standard for eliminating the echo caused by the sound of your voice reverberating in the telephone receiver while you talk.QoS (Quality of Service)  Quality of Service (QoS) mechanisms help to provide better service on a per-flow basis. Your device supports Type of Service (ToS) tagging. This allows the device to tag voice frames so they can be prioritized over the network.Packet Filters Your device’s packet filtering function allows added network security and management.Table 94   Non-Physical FeaturesFEATURE DESCRIPTION
ZyXEL MAX-200M1 Series User’s Guide218 Appendix A
ZyXEL MAX-200M1 Series User’s Guide219APPENDIX BWiMAX SecurityWireless security is vital to protect your wireless communications. Without it, information transmitted over the wireless network would be accessible to any networking device within range.User Authentication and Data EncryptionThe WiMAX (IEEE 802.16) standard employs user authentication and encryption to ensure secured communication at all times.User authentication is the process of confirming a user’s identity and level of authorization. Data encryption is the process of encoding information so that it cannot be read by anyone who does not know the code. WiMAX uses PKMv2 (Privacy Key Management version 2) for authentication, and CCMP (Counter Mode with Cipher Block Chaining Message Authentication Protocol) for data encryption. WiMAX supports EAP (Extensible Authentication Protocol, RFC 2486) which allows additional authentication methods to be deployed with no changes to the base station or the mobile or subscriber stations.PKMv2PKMv2 is a procedure that allows authentication of a mobile or subscriber station and negotiation of a public key to encrypt traffic between the MS/SS and the base station. PKMv2 uses standard EAP methods such as Transport Layer Security (EAP-TLS) or Tunneled TLS (EAP-TTLS) for secure communication. In cryptography, a ‘key’ is a piece of information, typically a string of random numbers and letters, that can be used to ‘lock’ (encrypt) or ‘unlock’ (decrypt) a message. Public key encryption uses key pairs, which consist of a public (freely available) key and a private (secret) key. The public key is used for encryption and the private key is used for decryption. You can decrypt a message only if you have the private key. Public key certificates (or ‘digital IDs’) allow users to verify each other’s identity.
ZyXEL MAX-200M1 Series User’s Guide220RADIUSRADIUS is based on a client-server model that supports authentication, authorization and accounting. The base station is the client and the server is the RADIUS server. The RADIUS server handles the following tasks:• Authentication Determines the identity of the users.• AuthorizationDetermines the network services available to authenticated users once they are connected to the network.• AccountingKeeps track of the client’s network activity. RADIUS is a simple package exchange in which your base station acts as a message relay between the MS/SS and the network RADIUS server. Types of RADIUS MessagesThe following types of RADIUS messages are exchanged between the base station and the RADIUS server for user authentication:• Access-RequestSent by an base station requesting authentication.• Access-RejectSent by a RADIUS server rejecting access.• Access-AcceptSent by a RADIUS server allowing access. • Access-ChallengeSent by a RADIUS server requesting more information in order to allow access. The base station sends a proper response from the user and then sends another Access-Request message. The following types of RADIUS messages are exchanged between the base station and the RADIUS server for user accounting:• Accounting-RequestSent by the base station requesting accounting.• Accounting-ResponseSent by the RADIUS server to indicate that it has started or stopped accounting.

Navigation menu