Home » ZyXEL Manuals » Networking » ZyXEL NBG334W » Manual Viewer

ZyXEL NBG334W User Guide - Page 186

Table 84, Table 83

Get ZyXEL NBG334W PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 186 highlights

Chapter 19 Logs Table 83 Attack Logs (continued) LOG MESSAGE DESCRIPTION teardrop UDP The firewall detected an UDP teardrop attack. teardrop ICMP (type:%d, code:%d) The firewall detected an ICMP teardrop attack. For type and code details, see Table 87 on page 188. illegal command TCP The firewall detected a TCP illegal command attack. NetBIOS TCP The firewall detected a TCP NetBIOS attack. ip spoofing - no routing entry [TCP | UDP | IGMP | ESP | GRE | OSPF] The firewall classified a packet with no source routing entry as an IP spoofing attack. ip spoofing - no routing entry ICMP (type:%d, code:%d) The firewall classified an ICMP packet with no source routing entry as an IP spoofing attack. vulnerability ICMP (type:%d, code:%d) The firewall detected an ICMP vulnerability attack. For type and code details, see Table 87 on page 188. traceroute ICMP (type:%d, The firewall detected an ICMP traceroute attack. For type and code:%d) code details, see Table 87 on page 188. Table 84 PKI Logs LOG MESSAGE Enrollment successful Enrollment failed Failed to resolve Enrollment successful Enrollment failed Failed to resolve Rcvd ca cert: Rcvd user cert: Rcvd CRL : Rcvd ARL : DESCRIPTION The SCEP online certificate enrollment was successful. The Destination field records the certification authority server IP address and port. The SCEP online certificate enrollment failed. The Destination field records the certification authority server's IP address and port. The SCEP online certificate enrollment failed because the certification authority server's address cannot be resolved. The CMP online certificate enrollment was successful. The Destination field records the certification authority server's IP address and port. The CMP online certificate enrollment failed. The Destination field records the certification authority server's IP address and port. The CMP online certificate enrollment failed because the certification authority server's IP address cannot be resolved. The router received a certification authority certificate, with subject name as recorded, from the LDAP server whose IP address and port are recorded in the Source field. The router received a user certificate, with subject name as recorded, from the LDAP server whose IP address and port are recorded in the Source field. The router received a CRL (Certificate Revocation List), with size and issuer name as recorded, from the LDAP server whose IP address and port are recorded in the Source field. The router received an ARL (Authority Revocation List), with size and issuer name as recorded, from the LDAP server whose address and port are recorded in the Source field. 186 NBG334W User's Guide

Section	Page
User’s Guide	1
About This User's Guide	3
Document Conventions	5
Safety Warnings	7
Contents Overview	9
Table of Contents	11
List of Figures	19
List of Tables	23
Introduction	27
Getting to Know Your NBG334W	29
1.1 Overview	29
1.2 AP Mode	29
1.3 Router Mode	30
1.4 Router Features vs. AP Features	30
1.5 Ways to Manage the NBG334W	31
1.6 Good Habits for Managing the NBG334W	31
1.7 LEDs	31
Introducing the Web Configurator	33
2.1 Web Configurator Overview	33
2.2 Accessing the Web Configurator	33
2.3 Resetting the NBG334W	35
2.3.1 Procedure to Use the Reset Button	35
2.4 Navigating the Web Configurator	35
2.5 The Status Screen in Router Mode	35
2.5.1 Navigation Panel	38
2.5.2 Summary: Any IP Table	40
2.5.3 Summary: Bandwidth Management Monitor	40
2.5.4 Summary: DHCP Table	41
2.5.5 Summary: Packet Statistics	41
2.5.6 Summary: Wireless Station Status	42
Connection Wizard	45
3.1 Wizard Setup	45
3.2 Connection Wizard: STEP 1: System Information	46
3.2.1 System Name	46
3.2.2 Domain Name	47
3.3 Connection Wizard: STEP 2: Wireless LAN	47
3.3.1 Basic (WEP) Security	49
3.3.2 Extend (WPA-PSK or WPA2-PSK) Security	50
3.4 Connection Wizard: STEP 3: Internet Configuration	50
3.4.1 Ethernet Connection	51
3.4.2 PPPoE Connection	51
3.4.3 PPTP Connection	52
3.4.4 Your IP Address	54
3.4.5 WAN IP Address Assignment	54
3.4.6 IP Address and Subnet Mask	55
3.4.7 DNS Server Address Assignment	55
3.4.8 WAN IP and DNS Server Address Assignment	56
3.4.9 WAN MAC Address	57
3.5 Connection Wizard: STEP 4: Bandwidth management	58
3.6 Connection Wizard Complete	58
AP Mode	61
4.1 AP Mode Overview	61
4.2 Setting your NBG334W to AP Mode	61
4.3 The Status Screen in AP Mode	62
4.3.1 Navigation Panel	64
4.4 Configuring Your Settings	65
4.4.1 LAN Settings	65
4.4.2 WLAN and Maintenance Settings	66
4.5 Logging in to the Web Configurator in AP Mode	66
Network	67
Wireless LAN	69
5.1 Wireless Network Overview	69
5.2 Wireless Security Overview	71
5.2.1 SSID	71
5.2.2 MAC Address Filter	71
5.2.3 User Authentication	72
5.2.4 Encryption	72
5.3 Roaming	73
5.3.1 Requirements for Roaming	74
5.4 Quality of Service	74
5.4.1 WMM QoS	75
5.5 General Wireless LAN Screen	75
5.5.1 No Security	76
5.5.2 WEP Encryption	77
5.5.3 WPA-PSK/WPA2-PSK	79
5.5.4 WPA/WPA2	80
5.6 MAC Filter	82
5.7 Wireless LAN Advanced Screen	83
5.8 Quality of Service (QoS) Screen	84
5.8.1 Application Priority Configuration	86
Wireless Tutorial	89
6.1 How to Connect to the Internet from a Notebook	89
6.1.1 Example Parameters	89
6.2 Enable and Configure Wireless Security on your NBG334W	89
6.3 Configure Your Notebook	91
WAN	93
7.1 WAN Overview	93
7.2 WAN MAC Address	93
7.3 Multicast	93
7.4 Internet Connection	94
7.4.1 Ethernet Encapsulation	94
7.4.2 PPPoE Encapsulation	95
7.4.3 PPTP Encapsulation	98
7.5 Advanced WAN Screen	101
LAN	103
8.1 LAN Overview	103
8.1.1 IP Pool Setup	103
8.1.2 System DNS Servers	103
8.2 LAN TCP/IP	103
8.2.1 Factory LAN Defaults	103
8.2.2 IP Address and Subnet Mask	104
8.2.3 Multicast	104
8.2.4 Any IP	104
8.3 LAN IP Screen	106
8.4 LAN IP Alias	106
8.5 Advanced LAN Screen	107
DHCP	109
9.1 DHCP	109
9.2 DHCP Server General Screen	109
9.3 DHCP Server Advanced Screen	110
9.4 Client List Screen	111
Network Address Translation (NAT)	113
10.1 NAT Overview	113
10.2 Using NAT	113
10.2.1 Port Forwarding: Services and Port Numbers	113
10.2.2 Configuring Servers Behind Port Forwarding Example	114
10.3 General NAT Screen	114
10.4 NAT Application Screen	115
10.4.1 Game List Example	117
10.5 Trigger Port Forwarding	118
10.5.1 Trigger Port Forwarding Example	118
10.5.2 Two Points To Remember About Trigger Ports	119
10.6 NAT Advanced Screen	119
Dynamic DNS	123
11.1 Dynamic DNS Introduction	123
11.1.1 DynDNS Wildcard	123
11.2 Dynamic DNS Screen	123
Security	125
Firewall	127
12.1 Introduction to ZyXEL’s Firewall	127
12.1.1 What is a Firewall?	127
12.1.2 Stateful Inspection Firewall	127
12.1.3 About the NBG334W Firewall	127
12.1.4 Guidelines For Enhancing Security With Your Firewall	128
12.2 Triangle Routes	128
12.2.1 Triangle Routes and IP Alias	128
12.3 General Firewall Screen	129
12.4 Services Screen	130
Content Filtering	133
13.1 Introduction to Content Filtering	133
13.2 Restrict Web Features	133
13.3 Days and Times	133
13.4 Filter Screen	133
13.5 Schedule	135
13.6 Customizing Keyword Blocking URL Checking	136
13.6.1 Domain Name or IP Address URL Checking	136
13.6.2 Full Path URL Checking	136
13.6.3 File Name URL Checking	136
Management	137
Static Route Screens	139
14.1 Static Route Overview	139
14.2 IP Static Route Screen	139
14.2.1 Static Route Setup Screen	140
Bandwidth Management	143
15.1 Bandwidth Management Overview	143
15.2 Application-based Bandwidth Management	143
15.3 Subnet-based Bandwidth Management	143
15.4 Application and Subnet-based Bandwidth Management	144
15.5 Bandwidth Management Priorities	144
15.6 Predefined Bandwidth Management Services	145
15.6.1 Services and Port Numbers	146
15.7 Default Bandwidth Management Classes and Priorities	148
15.8 Bandwidth Management General Configuration	149
15.9 Bandwidth Management Advanced Configuration	149
15.9.1 Rule Configuration	151
15.10 Bandwidth Management Monitor	152
Remote Management	153
16.1 Remote Management Overview	153
16.1.1 Remote Management Limitations	153
16.1.2 Remote Management and NAT	154
16.1.3 System Timeout	154
16.2 WWW Screen	154
16.3 Telnet	155
16.4 Telnet Screen	155
16.5 FTP Screen	156
16.6 DNS Screen	157
Universal Plug-and-Play (UPnP)	159
17.1 Introducing Universal Plug and Play	159
17.1.1 How do I know if I'm using UPnP?	159
17.1.2 NAT Traversal	159
17.1.3 Cautions with UPnP	159
17.2 UPnP and ZyXEL	160
17.3 UPnP Screen	160
17.4 Installing UPnP in Windows Example	161
Maintenance and Troubleshooting	171
System	173
18.1 System Overview	173
18.2 System General Screen	173
18.3 Time Setting Screen	174
Logs	177
19.1 View Log	177
19.2 Log Settings	178
19.3 Log Descriptions	181
Tools	191
20.1 Firmware Upload Screen	191
20.2 Configuration Screen	192
20.2.1 Backup Configuration	193
20.2.2 Restore Configuration	193
20.2.3 Back to Factory Defaults	194
20.3 Restart Screen	194
Configuration Mode	197
Sys Op Mode	199
22.1 Overview	199
22.1.1 Router	199
22.1.2 AP	199
22.2 Selecting System Operation Mode	200
Troubleshooting	203
23.1 Power, Hardware Connections, and LEDs	203
23.2 NBG334W Access and Login	204
23.3 Internet Access	206
23.4 Resetting the NBG334W to Its Factory Defaults	207
23.5 Wireless Router/AP Troubleshooting	207
23.6 Advanced Features	208
Appendices and Index	209
Product Specifications and Wall- Mounting Instructions	211
Pop-up Windows, JavaScripts and Java Permissions	217
IP Addresses and Subnetting	223
Setting up Your Computer’s IP Address	231
23.6.1 Verifying Settings	246
Wireless LANs	247
23.6.2 WPA(2)-PSK Application Example	256
23.6.3 WPA(2) with RADIUS Application Example	256
Services	259
Legal Information	263

Match case Limit results 1 per page

Chapter 19 Logs

NBG334W User’s Guide

186

teardrop UDP

The firewall detected an UDP teardrop attack.

teardrop ICMP (type:%d,

code:%d)

The firewall detected an ICMP teardrop attack. For type and code

details, see

Table 87 on page 188

illegal command TCP

The firewall detected a TCP illegal command attack.

NetBIOS TCP

The firewall detected a TCP NetBIOS attack.

ip spoofing - no routing

entry [TCP | UDP | IGMP |

ESP | GRE | OSPF]

The firewall classified a packet with no source routing entry as an

IP spoofing attack.

ip spoofing - no routing

entry ICMP (type:%d,

code:%d)

The firewall classified an ICMP packet with no source routing

entry as an IP spoofing attack.

vulnerability ICMP

(type:%d, code:%d)

The firewall detected an ICMP vulnerability attack. For type and

code details, see

Table 87 on page 188

traceroute ICMP (type:%d,

code:%d)

The firewall detected an ICMP traceroute attack. For type and

code details, see

Table 87 on page 188

Table 84

PKI Logs

LOG MESSAGE

DESCRIPTION

Enrollment successful

The SCEP online certificate enrollment was successful. The

Destination field records the certification authority server IP address

and port.

Enrollment failed

The SCEP online certificate enrollment failed. The Destination field

records the certification authority server’s IP address and port.

Failed to resolve

The SCEP online certificate enrollment failed because the certification

authority server’s address cannot be resolved.

Enrollment successful

The CMP online certificate enrollment was successful. The Destination

field records the certification authority server’s IP address and port.

Enrollment failed

The CMP online certificate enrollment failed. The Destination field

records the certification authority server’s IP address and port.

Failed to resolve <CMP

CA server url>

The CMP online certificate enrollment failed because the certification

authority server’s IP address cannot be resolved.

Rcvd ca cert: <subject

name>

The router received a certification authority certificate, with subject

name as recorded, from the LDAP server whose IP address and port

are recorded in the Source field.

Rcvd user cert:

The router received a user certificate, with subject name as recorded,

from the LDAP server whose IP address and port are recorded in the

Source field.

Rcvd CRL <size>:

The router received a CRL (Certificate Revocation List), with size and

issuer name as recorded, from the LDAP server whose IP address and

port are recorded in the Source field.

Rcvd ARL <size>:

The router received an ARL (Authority Revocation List), with size and

issuer name as recorded, from the LDAP server whose address and

port are recorded in the Source field.

Table 83

Attack Logs (continued)

LOG MESSAGE

DESCRIPTION