ZyXEL Communications MAX200M1 WiMAX IEEE802.16e Indoor Basic CPE-2.5GHz User Manual ZyBook

ZyXEL Communications Corporation WiMAX IEEE802.16e Indoor Basic CPE-2.5GHz ZyBook

UserManual.wiki >

ZyXEL Communications >

MAX200M1 User Manual >

User manual4 HTML Version

User manual4

ZyXEL MAX-200M1 Series User’s Guide

221

In order to ensure network security, the access point and the RADIUS server use a shared

secret key, which is a password they both know. The key is not sent over the network. In

addition to the shared key, password information exchanged is also encrypted to protect the

network from unauthorized access.

Diameter

Diameter (RFC 3588) is a type of AAA server that provides several improvements over

RADIUS in efficiency, security, and support for roaming.

Security Association

The set of information about user authentication and data encryption between two computers

is known as a security association (SA). In a WiMAX network, the process of security

association has three stages.

• Authorization request and reply

The MS/SS presents its public certificate to the base station. The base station verifies the

certificate and sends an authentication key (AK) to the MS/SS.

• Key request and reply

The MS/SS requests a transport encryption key (TEK) which the base station generates

and encrypts using the authentication key.

• Encrypted traffic

The MS/SS decrypts the TEK (using the authentication key). Both stations can now

securely encrypt and decrypt the data flow.

CCMP

All traffic in a WiMAX network is encrypted using CCMP (Counter Mode with Cipher Block

Chaining Message Authentication Protocol). CCMP is based on the 128-bit Advanced

Encryption Standard (AES) algorithm.

‘Counter mode’ refers to the encryption of each block of plain text with an arbitrary number,

known as the counter. This number changes each time a block of plain text is encrypted.

Counter mode avoids the security weakness of repeated identical blocks of encrypted text that

makes encrypted data vulnerable to pattern-spotting.

‘Cipher Block Chaining Message Authentication’ (also known as CBC-MAC) ensures

message integrity by encrypting each block of plain text in such a way that its encryption is

dependent on the block before it. This series of ‘chained’ blocks creates a message

authentication code (MAC or CMAC) that ensures the encrypted data has not been tampered

with.

ZyXEL MAX-200M1 Series User’s Guide

222

Authentication

The ZyXEL Device supports EAP-TTLS authentication.

EAP-TTLS (Tunneled Transport Layer Service)

EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the

server-side authentications to establish a secure connection (with EAP-TLS digital

certifications are needed by both the server and the wireless clients for mutual authentication).

Client authentication is then done by sending username and password through the secure

connection, thus client identity is protected. For client authentication, EAP-TTLS supports

EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-

CHAP v2.

ZyXEL MAX-200M1 Series User’s Guide

Appendix C 223

APPENDIX C

Setting up Your Computer’s IP Address

All computers must have a 10M or 100M Ethernet adapter card and TCP/IP installed.

Windows 95/98/Me/NT/2000/XP, Macintosh OS 7 and later operating systems and all versions

of UNIX/LINUX include the software components you need to install and use TCP/IP on your

computer. Windows 3.1 requires the purchase of a third-party TCP/IP application package.

TCP/IP should already be installed on computers using Windows NT/2000/XP, Macintosh OS

7 and later operating systems.

After the appropriate TCP/IP components are installed, configure the TCP/IP settings in order

to “communicate” with your network.

Windows 95/98/Me

Click Start, Settings, Control Panel and double-click the Network icon to open the Network

window.

ZyXEL MAX-200M1 Series User’s Guide

224 Appendix C

Figure 130 WIndows 95/98/Me: Network: Configuration

Installing Components

The Network window Configuration tab displays a list of installed components. You need a

network adapter, the TCP/IP protocol and Client for Microsoft Networks.

If you need the adapter:

1In the Network window, click Add.

2Select Adapter and then click Add.

3Select the manufacturer and model of your network adapter and then click OK.

If you need TCP/IP:

1In the Network window, click Add.

2Select Protocol and then click Add.

3Select Microsoft from the list of manufacturers.

4Select TCP/IP from the list of network protocols and then click OK.

If you need Client for Microsoft Networks:

1Click Add.

2Select Client and then click Add.

ZyXEL MAX-200M1 Series User’s Guide

Appendix C 225

3Select Microsoft from the list of manufacturers.

4Select Client for Microsoft Networks from the list of network clients and then click

OK.

5Restart your computer so the changes you made take effect.

Configuring

1In the Network window Configuration tab, select your network adapter's TCP/IP entry

and click Properties

2Click the IP Address tab.

• If your IP address is dynamic, select Obtain an IP address

automatically.

• If you have a static IP address, select Specify an IP address and type

your information into the IP Address and Subnet Mask fields.

Figure 131 Windows 95/98/Me: TCP/IP Properties: IP Address

3Click the DNS Configuration tab.

• If you do not know your DNS information, select Disable DNS.

• If you know your DNS information, select Enable DNS and type the

information in the fields below (you may not need to fill them all in).

ZyXEL MAX-200M1 Series User’s Guide

226 Appendix C

Figure 132 Windows 95/98/Me: TCP/IP Properties: DNS Configuration

4Click the Gateway tab.

• If you do not know your gateway’s IP address, remove previously

installed gateways.

• If you have a gateway IP address, type it in the New gateway field

and click Add.

5Click OK to save and close the TCP/IP Properties window.

6Click OK to close the Network window. Insert the Windows CD if prompted.

7Restart your computer when prompted.

Verifying Settings

1Click Start and then Run.

2In the Run window, type "winipcfg" and then click OK to open the IP Configuration

window.

3Select your network adapter. You should see your computer's IP address, subnet mask and

default gateway.

Windows 2000/NT/XP

The following example figures use the default Windows XP GUI theme.

1Click start (Start in Windows 2000/NT), Settings, Control Panel.

ZyXEL MAX-200M1 Series User’s Guide

Appendix C 227

Figure 133 Windows XP: Start Menu

2In the Control Panel, double-click Network Connections (Network and Dial-up

Connections in Windows 2000/NT).

Figure 134 Windows XP: Control Panel

3Right-click Local Area Connection and then click Properties.

ZyXEL MAX-200M1 Series User’s Guide

228 Appendix C

Figure 135 Windows XP: Control Panel: Network Connections: Properties

4Select Internet Protocol (TCP/IP) (under the General tab in Win XP) and then click

Properties.

Figure 136 Windows XP: Local Area Connection Properties

5The Internet Protocol TCP/IP Properties window opens (the General tab in Windows

XP).

• If you have a dynamic IP address click Obtain an IP address

automatically.

ZyXEL MAX-200M1 Series User’s Guide

Appendix C 229

• If you have a static IP address click Use the following IP Address

and fill in the IP address, Subnet mask, and Default gateway fields.

• Click Advanced.

Figure 137 Windows XP: Internet Protocol (TCP/IP) Properties

6 If you do not know your gateway's IP address, remove any previously installed gateways

in the IP Settings tab and click OK.

Do one or more of the following if you want to configure additional IP addresses:

•In the IP Settings tab, in IP addresses, click Add.

•In TCP/IP Address, type an IP address in IP address and a subnet

mask in Subnet mask, and then click Add.

• Repeat the above two steps for each IP address you want to add.

• Configure additional default gateways in the IP Settings tab by

clicking Add in Default gateways.

•In TCP/IP Gateway Address, type the IP address of the default

gateway in Gateway. To manually configure a default metric (the

number of transmission hops), clear the Automatic metric check box

and type a metric in Metric.

• Click Add.

• Repeat the previous three steps for each default gateway you want to

add.

• Click OK when finished.

ZyXEL MAX-200M1 Series User’s Guide

230 Appendix C

Figure 138 Windows XP: Advanced TCP/IP Properties

7In the Internet Protocol TCP/IP Properties window (the General tab in Windows XP):

• Click Obtain DNS server address automatically if you do not know

your DNS server IP address(es).

• If you know your DNS server IP address(es), click Use the following

DNS server addresses, and type them in the Preferred DNS server

and Alternate DNS server fields.

If you have previously configured DNS servers, click Advanced and

then the DNS tab to order them.

ZyXEL MAX-200M1 Series User’s Guide

Appendix C 231

Figure 139 Windows XP: Internet Protocol (TCP/IP) Properties

8Click OK to close the Internet Protocol (TCP/IP) Properties window.

9Click Close (OK in Windows 2000/NT) to close the Local Area Connection Properties

window.

10 Close the Network Connections window (Network and Dial-up Connections in

Windows 2000/NT).

11Restart your computer (if prompted).

Verifying Settings

1Click Start, All Programs, Accessories and then Command Prompt.

2In the Command Prompt window, type "ipconfig" and then press [ENTER]. You can

also open Network Connections, right-click a network connection, click Status and then

click the Support tab.

Macintosh OS X

1Click the Apple menu, and click System Preferences to open the System Preferences

window.

ZyXEL MAX-200M1 Series User’s Guide

232 Appendix C

Figure 140 Macintosh OS X: Apple Menu

2Click Network in the icon bar.

• Select Automatic from the Location list.

• Select Built-in Ethernet from the Show list.

• Click the TCP/IP tab.

3For dynamically assigned settings, select Using DHCP from the Configure list.

Figure 141 Macintosh OS X: Network

4For statically assigned settings, do the following:

•From the Configure box, select Manually.

• Type your IP address in the IP Address box.

• Type your subnet mask in the Subnet mask box.

• Type the IP address of your gateway in the Router address box.

5Click Apply Now and close the window.

ZyXEL MAX-200M1 Series User’s Guide

Appendix C 233

6Restart your computer (if prompted).

Verifying Settings

Check your TCP/IP properties in the Network window.

Linux

This section shows you how to configure your computer’s TCP/IP settings in Red Hat Linux

9.0. Procedure, screens and file location may vary depending on your Linux distribution and

release version.

Note: Make sure you are logged in as the root administrator.

Using the K Desktop Environment (KDE)

Follow the steps below to configure your computer IP address using the KDE.

1Click the Red Hat button (located on the bottom left corner), select System Setting and

click Network.

Figure 142 Red Hat 9.0: KDE: Network Configuration: Devices

2Double-click on the profile of the network card you wish to configure. The Ethernet

Device General screen displays as shown.

ZyXEL MAX-200M1 Series User’s Guide

234 Appendix C

Figure 143 Red Hat 9.0: KDE: Ethernet Device: General

• If you have a dynamic IP address, click Automatically obtain IP

address settings with and select dhcp from the drop down list.

• If you have a static IP address, click Statically set IP Addresses and

fill in the Address, Subnet mask, and Default Gateway Address

fields.

3Click OK to save the changes and close the Ethernet Device General screen.

4If you know your DNS server IP address(es), click the DNS tab in the Network

Configuration screen. Enter the DNS server information in the fields provided.

Figure 144 Red Hat 9.0: KDE: Network Configuration: DNS

5Click the Devices tab.

ZyXEL MAX-200M1 Series User’s Guide

Appendix C 235

6Click the Activate button to apply the changes. The following screen displays. Click Ye s

to save the changes in all screens.

Figure 145 Red Hat 9.0: KDE: Network Configuration: Activate

7After the network card restart process is complete, make sure the Status is Active in the

Network Configuration screen.

Using Configuration Files

Follow the steps below to edit the network configuration files and set your computer IP

address.

1Assuming that you have only one network card on the computer, locate the ifconfig-

eth0 configuration file (where eth0 is the name of the Ethernet card). Open the

configuration file with any plain text editor.

• If you have a dynamic IP address, enter dhcp in the BOOTPROTO=

field. The following figure shows an example.

Figure 146 Red Hat 9.0: Dynamic IP Address Setting in ifconfig-eth0

• If you have a static IP address, enter static in the BOOTPROTO=

field. Type IPADDR= followed by the IP address (in dotted decimal

notation) and type NETMASK= followed by the subnet mask. The

following example shows an example where the static IP address is

192.168.1.10 and the subnet mask is 255.255.255.0.

DEVICE=eth0

ONBOOT=yes

BOOTPROTO=dhcp

USERCTL=no

PEERDNS=yes

TYPE=Ethernet

ZyXEL MAX-200M1 Series User’s Guide

236 Appendix C

Figure 147 Red Hat 9.0: Static IP Address Setting in ifconfig-eth0

2If you know your DNS server IP address(es), enter the DNS server information in the

resolv.conf file in the /etc directory. The following figure shows an example where

two DNS server IP addresses are specified.

Figure 148 Red Hat 9.0: DNS Settings in resolv.conf

3After you edit and save the configuration files, you must restart the network card.

Enter./network restart in the /etc/rc.d/init.d directory. The following figure

shows an example.

Figure 149 Red Hat 9.0: Restart Ethernet Card

Verifying Settings

Enter ifconfig in a terminal screen to check your TCP/IP properties.

Figure 150 Red Hat 9.0: Checking TCP/IP Properties

DEVICE=eth0

ONBOOT=yes

BOOTPROTO=static

IPADDR=192.168.1.10

NETMASK=255.255.255.0

USERCTL=no

PEERDNS=yes

TYPE=Ethernet

nameserver 172.23.5.1

nameserver 172.23.5.2

[root@localhost init.d]# network restart

Shutting down interface eth0: [OK]

Shutting down loopback interface: [OK]

Setting network parameters: [OK]

Bringing up loopback interface: [OK]

Bringing up interface eth0: [OK]

[root@localhost]# ifconfig

eth0 Link encap:Ethernet HWaddr 00:50:BA:72:5B:44

inet addr:172.23.19.129 Bcast:172.23.19.255 Mask:255.255.255.0

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:717 errors:0 dropped:0 overruns:0 frame:0

TX packets:13 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:100

RX bytes:730412 (713.2 Kb) TX bytes:1570 (1.5 Kb)

Interrupt:10 Base address:0x1000

[root@localhost]#

ZyXEL MAX-200M1 Series User’s Guide

Appendix D 237

APPENDIX D

IP Addresses and Subnetting

This appendix introduces IP addresses and subnet masks.

IP addresses identify individual devices on a network. Every networking device (including

computers, servers, routers, printers, etc.) needs an IP address to communicate across the

network. These networking devices are also known as hosts.

Subnet masks determine the maximum number of possible hosts on a network. You can also

use subnet masks to divide one network into multiple sub-networks.

Introduction to IP Addresses

One part of the IP address is the network number, and the other part is the host ID. In the same

way that houses on a street share a common street name, the hosts on a network share a

common network number. Similarly, as each house has its own house number, each host on the

network has its own unique identifying number - the host ID. Routers use the network number

to send packets to the correct network, while the host ID determines to which host on the

network the packets are delivered.

Structure

An IP address is made up of four parts, written in dotted decimal notation (for example,

192.168.1.1). Each of these four parts is known as an octet. An octet is an eight-digit binary

number (for example 11000000, which is 192 in decimal notation).

Therefore, each octet has a possible range of 00000000 to 11111111 in binary, or 0 to 255 in

decimal.

The following figure shows an example IP address in which the first three octets (192.168.1)

are the network number, and the fourth octet (16) is the host ID.

ZyXEL MAX-200M1 Series User’s Guide

238 Appendix D

Figure 151 Network Number and Host ID

How much of the IP address is the network number and how much is the host ID varies

according to the subnet mask.

Subnet Masks

A subnet mask is used to determine which bits are part of the network number, and which bits

are part of the host ID (using a logical AND operation). The term “subnet” is short for “sub-

network”.

A subnet mask has 32 bits. If a bit in the subnet mask is a “1” then the corresponding bit in the

IP address is part of the network number. If a bit in the subnet mask is “0” then the

corresponding bit in the IP address is part of the host ID.

The following example shows a subnet mask identifying the network number (in bold text)

and host ID of an IP address (192.168.1.2 in decimal).

By convention, subnet masks always consist of a continuous sequence of ones beginning from

the leftmost bit of the mask, followed by a continuous sequence of zeros, for a total number of

32 bits.

Subnet masks can be referred to by the size of the network number part (the bits with a “1”

value). For example, an “8-bit mask” means that the first 8 bits of the mask are ones and the

remaining 24 bits are zeroes.

Table 95 IP Address Network Number and Host ID Example

1ST OCTET:

(192)

2ND

OCTET:

(168)

3RD

OCTET:

(1)

4TH OCTET

(2)

IP Address (Binary) 11000000 10101000 00000001 00000010

Subnet Mask (Binary) 11111111 11111111 11111111 00000000

Network Number 11000000 10101000 00000001

Host ID 00000010

ZyXEL MAX-200M1 Series User’s Guide

Appendix D 239

Subnet masks are expressed in dotted decimal notation just like IP addresses. The following

examples show the binary and decimal notation for 8-bit, 16-bit, 24-bit and 29-bit subnet

masks.

Network Size

The size of the network number determines the maximum number of possible hosts you can

have on your network. The larger the number of network number bits, the smaller the number

of remaining host ID bits.

An IP address with host IDs of all zeros is the IP address of the network (192.168.1.0 with a

24-bit subnet mask, for example). An IP address with host IDs of all ones is the broadcast

address for that network (192.168.1.255 with a 24-bit subnet mask, for example).

As these two IP addresses cannot be used for individual hosts, calculate the maximum number

of possible hosts in a network as follows:

Notation

Since the mask is always a continuous number of ones beginning from the left, followed by a

continuous number of zeros for the remainder of the 32 bit mask, you can simply specify the

number of ones instead of writing the value of each octet. This is usually specified by writing

a “/” followed by the number of bits in the mask after the address.

For example, 192.1.1.0 /25 is equivalent to saying 192.1.1.0 with subnet mask

255.255.255.128.

The following table shows some possible subnet masks using both notations.

Table 96 Subnet Masks

BINARY

DECIMAL

1ST

OCTET

2ND

OCTET

3RD

OCTET 4TH OCTET

8-bit mask 11111111 00000000 00000000 00000000 255.0.0.0

16-bit mask 11111111 11111111 00000000 00000000 255.255.0.0

24-bit mask 11111111 11111111 11111111 00000000 255.255.255.0

29-bit mask 11111111 11111111 11111111 11111000 255.255.255.248

Table 97 Maximum Host Numbers

SUBNET MASK HOST ID SIZE MAXIMUM NUMBER OF HOSTS

8 bits 255.0.0.0 24 bits 224 – 2 16777214

16 bits 255.255.0.0 16 bits 216 – 2 65534

24 bits 255.255.255.0 8 bits 28 – 2 254

29 bits 255.255.255.248 3 bits 23 – 2 6

Table 98 Alternative Subnet Mask Notation

SUBNET MASK ALTERNATIVE

NOTATION

LAST OCTET

(BINARY)

LAST OCTET

(DECIMAL)

255.255.255.0 /24 0000 0000 0

255.255.255.128 /25 1000 0000 128

ZyXEL MAX-200M1 Series User’s Guide

240 Appendix D

Subnetting

You can use subnetting to divide one network into multiple sub-networks. In the following

example a network administrator creates two sub-networks to isolate a group of servers from

the rest of the company network for security reasons.

In this example, the company network address is 192.168.1.0. The first three octets of the

address (192.168.1) are the network number, and the remaining octet is the host ID, allowing a

maximum of 28 – 2 or 254 possible hosts.

The following figure shows the company network before subnetting.

Figure 152 Subnetting Example: Before Subnetting

You can “borrow” one of the host ID bits to divide the network 192.168.1.0 into two separate

sub-networks. The subnet mask is now 25 bits (255.255.255.128 or /25).

The “borrowed” host ID bit can have a value of either 0 or 1, allowing two subnets;

192.168.1.0 /25 and 192.168.1.128 /25.

The following figure shows the company network after subnetting. There are now two sub-

networks, A and B.

255.255.255.192 /26 1100 0000 192

255.255.255.224 /27 1110 0000 224

255.255.255.240 /28 1111 0000 240

255.255.255.248 /29 1111 1000 248

255.255.255.252 /30 1111 1100 252

Table 98 Alternative Subnet Mask Notation (continued)

SUBNET MASK ALTERNATIVE

NOTATION

LAST OCTET

(BINARY)

LAST OCTET

(DECIMAL)

ZyXEL MAX-200M1 Series User’s Guide

Appendix D 241

Figure 153 Subnetting Example: After Subnetting

In a 25-bit subnet the host ID has 7 bits, so each sub-network has a maximum of 27 – 2 or 126

possible hosts (a host ID of all zeroes is the subnet’s address itself, all ones is the subnet’s

broadcast address).

192.168.1.0 with mask 255.255.255.128 is subnet A itself, and 192.168.1.127 with mask

255.255.255.128 is its broadcast address. Therefore, the lowest IP address that can be assigned

to an actual host for subnet A is 192.168.1.1 and the highest is 192.168.1.126.

Similarly, the host ID range for subnet B is 192.168.1.129 to 192.168.1.254.

Example: Four Subnets

The previous example illustrated using a 25-bit subnet mask to divide a 24-bit address into two

subnets. Similarly, to divide a 24-bit address into four subnets, you need to “borrow” two host

ID bits to give four possible combinations (00, 01, 10 and 11). The subnet mask is 26 bits

(11111111.11111111.11111111.11000000) or 255.255.255.192.

Each subnet contains 6 host ID bits, giving 26 - 2 or 62 hosts for each subnet (a host ID of all

zeroes is the subnet itself, all ones is the subnet’s broadcast address).

Table 99 Subnet 1

IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT

VALUE

IP Address (Decimal) 192.168.1. 0

IP Address (Binary) 11000000.10101000.00000001. 00000000

Subnet Mask (Binary) 11111111.11111111.11111111. 11000000

Subnet Address:

192.168.1.0

Lowest Host ID: 192.168.1.1

Broadcast Address:

192.168.1.63

Highest Host ID: 192.168.1.62

ZyXEL MAX-200M1 Series User’s Guide

242 Appendix D

Example: Eight Subnets

Similarly, use a 27-bit mask to create eight subnets (000, 001, 010, 011, 100, 101, 110 and

111).

The following table shows IP address last octet values for each subnet.

Table 100 Subnet 2

IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT

VALUE

IP Address 192.168.1. 64

IP Address (Binary) 11000000.10101000.00000001. 01000000

Subnet Mask (Binary) 11111111.11111111.11111111. 11000000

Subnet Address:

192.168.1.64

Lowest Host ID: 192.168.1.65

Broadcast Address:

192.168.1.127

Highest Host ID: 192.168.1.126

Table 101 Subnet 3

IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT

VALUE

IP Address 192.168.1. 128

IP Address (Binary) 11000000.10101000.00000001. 10000000

Subnet Mask (Binary) 11111111.11111111.11111111. 11000000

Subnet Address:

192.168.1.128

Lowest Host ID: 192.168.1.129

Broadcast Address:

192.168.1.191

Highest Host ID: 192.168.1.190

Table 102 Subnet 4

IP/SUBNET MASK NETWORK NUMBER LAST OCTET BIT

VALUE

IP Address 192.168.1. 192

IP Address (Binary) 11000000.10101000.00000001. 11000000

Subnet Mask (Binary) 11111111.11111111.11111111. 11000000

Subnet Address:

192.168.1.192

Lowest Host ID: 192.168.1.193

Broadcast Address:

192.168.1.255

Highest Host ID: 192.168.1.254

Table 103 Eight Subnets

SUBNET SUBNET

ADDRESS FIRST ADDRESS LAST

ADDRESS

BROADCAST

ADDRESS

1 0 1 30 31

232 33 62 63

364 65 94 95

496 97 126 127

ZyXEL MAX-200M1 Series User’s Guide

Appendix D 243

Subnet Planning

The following table is a summary for subnet planning on a network with a 24-bit network

number.

The following table is a summary for subnet planning on a network with a 16-bit network

number.

5128 129 158 159

6160 161 190 191

7192 193 222 223

8224 225 254 255

Table 103 Eight Subnets (continued)

SUBNET SUBNET

ADDRESS FIRST ADDRESS LAST

ADDRESS

BROADCAST

ADDRESS

Table 104 24-bit Network Number Subnet Planning

NO. “BORROWED”

HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER

SUBNET

1255.255.255.128 (/25) 2126

2255.255.255.192 (/26) 462

3255.255.255.224 (/27) 830

4255.255.255.240 (/28) 16 14

5255.255.255.248 (/29) 32 6

6255.255.255.252 (/30) 64 2

7255.255.255.254 (/31) 128 1

Table 105 16-bit Network Number Subnet Planning

NO. “BORROWED”

HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER

SUBNET

1255.255.128.0 (/17) 232766

2255.255.192.0 (/18) 416382

3255.255.224.0 (/19) 88190

4255.255.240.0 (/20) 16 4094

5255.255.248.0 (/21) 32 2046

6255.255.252.0 (/22) 64 1022

7255.255.254.0 (/23) 128 510

8255.255.255.0 (/24) 256 254

9255.255.255.128 (/25) 512 126

10 255.255.255.192 (/26) 1024 62

11 255.255.255.224 (/27) 2048 30

12 255.255.255.240 (/28) 4096 14

13 255.255.255.248 (/29) 8192 6

ZyXEL MAX-200M1 Series User’s Guide

244 Appendix D

Configuring IP Addresses

Where you obtain your network number depends on your particular situation. If the ISP or

your network administrator assigns you a block of registered IP addresses, follow their

instructions in selecting the IP addresses and the subnet mask.

If the ISP did not explicitly give you an IP network number, then most likely you have a single

user account and the ISP will assign you a dynamic IP address when the connection is

established. If this is the case, it is recommended that you select a network number from

192.168.0.0 to 192.168.255.0. The Internet Assigned Number Authority (IANA) reserved this

block of addresses specifically for private use; please do not use any other number unless you

are told otherwise. You must also enable Network Address Translation (NAT) on the ZyXEL

Device.

Once you have decided on the network number, pick an IP address for your ZyXEL Device

that is easy to remember (for instance, 192.168.1.1) but make sure that no other device on your

network is using that IP address.

The subnet mask specifies the network number portion of an IP address. Your ZyXEL Device

will compute the subnet mask automatically based on the IP address that you entered. You

don't need to change the subnet mask computed by the ZyXEL Device unless you are

instructed to do otherwise.

Private IP Addresses

Every machine on the Internet must have a unique address. If your networks are isolated from

the Internet (running only between two branch offices, for example) you can assign any IP

addresses to the hosts without problems. However, the Internet Assigned Numbers Authority

(IANA) has reserved the following three blocks of IP addresses specifically for private

networks:

• 10.0.0.0 — 10.255.255.255

• 172.16.0.0 — 172.31.255.255

• 192.168.0.0 — 192.168.255.255

You can obtain your IP address from the IANA, from an ISP, or it can be assigned from a

private network. If you belong to a small organization and your Internet access is through an

ISP, the ISP can provide you with the Internet addresses for your local networks. On the other

hand, if you are part of a much larger organization, you should consult your network

administrator for the appropriate IP addresses.

Regardless of your particular situation, do not create an arbitrary IP address; always follow the

guidelines above. For more information on address assignment, please refer to RFC 1597,

Address Allocation for Private Internets and RFC 1466, Guidelines for Management of IP

Address Space.

14 255.255.255.252 (/30) 16384 2

15 255.255.255.254 (/31) 32768 1

Table 105 16-bit Network Number Subnet Planning (continued)

NO. “BORROWED”

HOST BITS SUBNET MASK NO. SUBNETS NO. HOSTS PER

SUBNET

ZyXEL MAX-200M1 Series User’s Guide

Appendix D 245

ZyXEL MAX-200M1 Series User’s Guide

246 Appendix D

ZyXEL MAX-200M1 Series User’s Guide

Appendix E 247

APPENDIX E

SIP Passthrough

Enabling/Disabling the SIP ALG

You can turn off the ZyXEL Device SIP ALG to avoid retranslating the IP address of an

existing SIP device that is using STUN. If you want to use STUN with a SIP client device (a

SIP phone or IP phone for example) behind the ZyXEL Device, use the ip alg disable

ALG_SIP command to turn off the SIP ALG.

Signaling Session Timeout

Most SIP clients have an “expire” mechanism indicating the lifetime of signaling sessions.

The SIP UA sends registration packets to the SIP server periodically and keeps the session

alive in the ZyXEL Device.

If the SIP client does not have this mechanism and makes no call during the ZyXEL Device

SIP timeout default (60 minutes), the ZyXEL Device SIP ALG drops any incoming calls after

the timeout period. You can use the ip alg siptimeout command to change the timeout

value.

Audio Session Timeout

If no voice packets go through the SIP ALG before the timeout period default (5 minutes)

expires, the SIP ALG does not drop the call but blocks all voice traffic and deletes the audio

session. You cannot hear anything and you will need to make a new call to continue your

conversation.

ZyXEL MAX-200M1 Series User’s Guide

248 Appendix E

ZyXEL MAX-200M1 Series User’s Guide

Appendix F 249

APPENDIX F

Services

The following table lists some commonly-used services and their associated protocols and port

numbers.

•Name: This is a short, descriptive name for the service. You can use this one or create a

different one, if you like.

•Protocol: This is the type of IP protocol used by the service. If this is TCP/UDP, then the

service uses the same port number with TCP and UDP. If this is USER-DEFINED, the

Port(s) is the IP protocol number, not the port number.

•Port(s): This value depends on the Protocol.

• If the Protocol is TCP, UDP, or TCP/UDP, this is the IP port number.

• If the Protocol is USER, this is the IP protocol number.

•Description: This is a brief explanation of the applications that use this service or the

situations in which this service is used.

Table 106 Examples of Services

NAME PROTOCOL PORT(S) DESCRIPTION

(IPSEC_TUNNEL)

User-Defined 51 The IPSEC AH (Authentication Header)

tunneling protocol uses this service.

AIM TCP 5190 AOL’s Internet Messenger service.

AUTH TCP 113 Authentication protocol used by some

servers.

BGP TCP 179 Border Gateway Protocol.

BOOTP_CLIENT UDP 68 DHCP Client.

BOOTP_SERVER UDP 67 DHCP Server.

CU-SEEME TCP/UDP

TCP/UDP

7648

24032

A popular videoconferencing solution from

White Pines Software.

DNS TCP/UDP 53 Domain Name Server, a service that

matches web names (e.g. www.zyxel.com)

to IP numbers.

ESP

(IPSEC_TUNNEL)

User-Defined 50 The IPSEC ESP (Encapsulation Security

Protocol) tunneling protocol uses this

service.

FINGER TCP 79 Finger is a UNIX or Internet related

command that can be used to find out if a

user is logged on.

FTP TCP

TCP

File Transfer Program, a program to enable

fast transfer of files, including large files that

may not be possible by e-mail.

H.323 TCP 1720 NetMeeting uses this protocol.

ZyXEL MAX-200M1 Series User’s Guide

250 Appendix F

HTTP TCP 80 Hyper Text Transfer Protocol - a client/

server protocol for the world wide web.

HTTPS TCP 443 HTTPS is a secured http session often used

in e-commerce.

ICMP User-Defined 1Internet Control Message Protocol is often

used for diagnostic purposes.

ICQ UDP 4000 This is a popular Internet chat program.

IGMP (MULTICAST) User-Defined 2Internet Group Multicast Protocol is used

when sending packets to a specific group of

hosts.

IKE UDP 500 The Internet Key Exchange algorithm is

used for key distribution and management.

IMAP4 TCP 143 The Internet Message Access Protocol is

used for e-mail.

IMAP4S TCP 993 This is a more secure version of IMAP4 that

runs over SSL.

IRC TCP/UDP 6667 This is another popular Internet chat

program.

MSN Messenger TCP 1863 Microsoft Networks’ messenger service

uses this protocol.

NetBIOS TCP/UDP

TCP/UDP

137

138

139

445

The Network Basic Input/Output System is

used for communication between

computers in a LAN.

NEW-ICQ TCP 5190 An Internet chat program.

NEWS TCP 144 A protocol for news groups.

NFS UDP 2049 Network File System - NFS is a client/

server distributed file service that provides

transparent file sharing for network

environments.

NNTP TCP 119 Network News Transport Protocol is the

delivery mechanism for the USENET

newsgroup service.

PING User-Defined 1Packet INternet Groper is a protocol that

sends out ICMP echo requests to test

whether or not a remote host is reachable.

POP3 TCP 110 Post Office Protocol version 3 lets a client

computer get e-mail from a POP3 server

through a temporary connection (TCP/IP or

other).

POP3S TCP 995 This is a more secure version of POP3 that

runs over SSL.

PPTP TCP 1723 Point-to-Point Tunneling Protocol enables

secure transfer of data over public

networks. This is the control channel.

PPTP_TUNNEL

(GRE)

User-Defined 47 PPTP (Point-to-Point Tunneling Protocol)

enables secure transfer of data over public

networks. This is the data channel.

Table 106 Examples of Services (continued)

NAME PROTOCOL PORT(S) DESCRIPTION

ZyXEL MAX-200M1 Series User’s Guide

Appendix F 251

RCMD TCP 512 Remote Command Service.

REAL_AUDIO TCP 7070 A streaming audio service that enables real

time sound over the web.

REXEC TCP 514 Remote Execution Daemon.

RLOGIN TCP 513 Remote Login.

ROADRUNNER TCP/UDP 1026 This is an ISP that provides services mainly

for cable modems.

RTELNET TCP 107 Remote Telnet.

RTSP TCP/UDP 554 The Real Time Streaming (media control)

Protocol (RTSP) is a remote control for

multimedia on the Internet.

SFTP TCP 115 The Simple File Transfer Protocol is an old

way of transferring files between

computers.

SMTP TCP 25 Simple Mail Transfer Protocol is the

message-exchange standard for the

Internet. SMTP enables you to move

messages from one e-mail server to

another.

SMTPS TCP 465 This is a more secure version of SMTP that

runs over SSL.

SNMP TCP/UDP 161 Simple Network Management Program.

SNMP-TRAPS TCP/UDP 162 Traps for use with the SNMP (RFC:1215).

SQL-NET TCP 1521 Structured Query Language is an interface

to access data on many different types of

database systems, including mainframes,

midrange systems, UNIX systems and

network servers.

SSDP UDP 1900 The Simple Service Discovery Protocol

supports Universal Plug-and-Play (UPnP).

SSH TCP/UDP 22 Secure Shell Remote Login Program.

STRM WORKS UDP 1558 Stream Works Protocol.

SYSLOG UDP 514 Syslog allows you to send system logs to a

UNIX server.

TACACS UDP 49 Login Host Protocol used for (Terminal

Access Controller Access Control System).

TELNET TCP 23 Telnet is the login and terminal emulation

protocol common on the Internet and in

UNIX environments. It operates over TCP/

IP networks. Its primary function is to allow

users to log into remote host systems.

TFTP UDP 69 Trivial File Transfer Protocol is an Internet

file transfer protocol similar to FTP, but uses

the UDP (User Datagram Protocol) rather

than TCP (Transmission Control Protocol).

VDOLIVE TCP

UDP

7000

user-

defined

A videoconferencing solution. The UDP port

number is specified in the application.

Table 106 Examples of Services (continued)

NAME PROTOCOL PORT(S) DESCRIPTION

ZyXEL MAX-200M1 Series User’s Guide

252 Appendix F

ZyXEL MAX-200M1 Series User’s Guide

Index 253

Index

AAA 72

about this User’s Guide 27

AbS 111

accounting server

see AAA

ACK message 106

activity 72

address resolution protocol (ARP) 87

advanced encryption standard

see AES

AES 221

AK 221

ALG 99, 217

alternative subnet mask notation 239

analysis-by-synthesis 111

antenna 215

any IP 216

note 87

application layer gateway 99, 109, 217

Application Layer Gateway. See ALG.

authentication 65, 72, 73, 219

inner 222

types 222

authentication key

see AK

authentication server

see AAA

authorization 219

authorization request and reply 221

authorization server

see AAA

auto firmware upgrade 216

auto-discovering UPnP-enabled network devices 167

automatic log out 35

auto-provisioning 216

base station

see BS

BS 71

links 71

BYE request 106

call hold 122, 124

call service mode 122, 124

call transfer 123, 124

call waiting 123, 124

CBC-MAC 221

CCMP 219, 221

CD 27

cell 71

certificate 219

verification 221

certifications 4

notices 5

viewing 5

chaining 221

chaining message authentication

see CCMP

change password at login 34

circuit-switched telephone networks 105

Class of Service (CoS) 113

clicks 111

client server

SIP 106

client-server protocol 106

CMAC

see MAC

code 219

codec 110

coder/decoder 110

comfort noise 121

comfort noise generation 217

computer IP address 223

computer name 197

configuration 27

configuration upload successful 195

connections 27, 31

contact information 9

CoS 113

counter mode

see CCMP

ZyXEL MAX-200M1 Series User’s Guide

254 Index

coverage area 71

cryptography 219

customer support 9

data encryption 219, 221

data flow 221

data rate 215

daytime RFC 867 203

decoder 110

decryption 219, 221

default LAN IP address 33

device name 175

DHCP 197, 198, 217

DHCP client 217

DHCP clients 197

DHCP relay 217

DHCP server 217

DIAMETER 72

differentiated services 113

DiffServ 113

DiffServ Code Point (DSCP) 113

DiffServ code point (DSCP) 113

DiffServ marking rule 113

digital ID 219

dimensions 215

disclaimer 3

DL frequency 78

domain name 197

download frequency

see DL frequency

DS field 113

DSCPs 113

DTMF 111

dual-tone multi-frequency

see DTMF

duplex 215

dynamic DNS 198, 217

dynamic host configuration protocol 217

dynamic jitter buffer 217

EAP 72

echo cancellation 121, 217

encoding 219

encrypted traffic 221

encryption 219, 221

environmental specifications 215

ethernet 215

ethernet encapsulation 97

europe type call service mode 122

extensible authorization protocol

see EAP

External Antenna 216

FCC interference statement 4

firewall 131, 132

firmware 191

firmware upload 192

firmware upload error 193

flash key 122

flashing 122

frequency band 78

scanning 78

frequency pairs 111

frequency ranges 78

FTP 153, 198

FTP restrictions 153

G.168 121, 217

G.7 11 110

G.729 111

Graphical User Interface (GUI) 29

graphics icons key 28

hardware 27, 31

HTTP 191

humidity 215

hybrid waveform codec 111

hypertext transfer protocol 191

ZyXEL MAX-200M1 Series User’s Guide

Index 255

IANA 244

icons 28

identity 72, 219

idle timeout 154

IEEE 802.16 71, 219

IEEE 802.16e 27, 71

IEEE 802.1Q VLAN 113

IGD 1.0 164

inner authentication 222

install UPnP 164

Windows Me 164

Windows XP 166

installation 27, 31

interface 215

interference 206

Internet access 72, 216

Internet access wizard setup 49

Internet Assigned Numbers Authority

See IANA 244

Internet gateway device 164

Internet service provider

see ISP

Internet Telephony Service Provider 30

Internet telephony service provider 105

interoperability 71

introduction 29

IP alias 217

IP policy routing (IPPR) 217

IP-PBX 105

ISP 41

ITSP 105

ITU-T 121

jitter buffer 217

key 65, 73, 219

key request and reply 221

language 27

link quality

troubleshooting 206

listening port 118

log out 35

MAC 221

MAN 71

management information base (MIB) 157

manual site survey 78

media access protocol 215

message authentication code

see MAC

message integrity 221

message waiting indication 111

Metropolitan Area Network

see MAN

microwave 71

mobile station

see MS

modulation 215

mouse action sequences 27

MS 71

multimedia 105

multiple PVC support 217

multiple SIP accounts 217

MWI 111

NAT 244

and remote management 154

server sets 97

NAT routers 109

NAT traversal 163

network activity 72

network address translation (NAT) 216

network address translators 109

network disconnect 193, 195

network services 72

NTP RFC 1305 203

NTP time servers 198

ZyXEL MAX-200M1 Series User’s Guide

256 Index

OK response 106

operating humidity 215

operating temperature 215

outbound proxy 109, 110

SIP 110

outbound proxy server 110

pattern-spotting 221

PBX services 105

PCM 110

peer-to-peer calls 139

per-hop behavior 113

PHB (per-hop behavior) 113

phone book 139

phone services 121

physical specifications 215

PKMv2 65, 72, 73, 219, 222

plain text encryption 221

port forwarding 97

port numbers 97

services 97

port numbers 97

power 215

output 215

power supply 215

pre-defined NTP time servers list 198

preparation 29

privacy key management

see PKM

private key 219

product registration 8

product specifications

see specifications

proxy server

SIP 107

PSTN 111

public certificate 221

public key 65, 73, 219

Public Switched Telephone Network 111

pulse code modulation 110

pulse dialing 111

QoS 112, 217

quality of service

see QoS

Quick Start Guide 27, 31, 33

radio specifications 215

RADIUS 72, 220

Shared Secret Key 221

RADIUS Message Types 220

RADIUS Messages 220

real-time transport protocol 108

reception 206

redirect server

SIP 108

registration

product 8

ZyXEL Communications MAX200M1 WiMAX IEEE802.16e Indoor Basic CPE-2.5GHz User Manual ZyBook

ZyXEL Communications Corporation WiMAX IEEE802.16e Indoor Basic CPE-2.5GHz ZyBook

Contents

User manual4

Navigation menu

Namespaces

Views

Navigation