Home » ZyXEL Manuals » Networking » ZyXEL P-660HNU-F1 » Manual Viewer

ZyXEL P-660HNU-F1 User Guide - Page 193

Certificates, 15.1 Overview, 15.1.1 What You Can Do in this What You Need to Know

Get ZyXEL P-660HNU-F1 PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 193 highlights

CHAPTER 15 Certificates 15.1 Overview The ZyXEL Device can use certificates (also called digital IDs) to authenticate users. Certificates are based on public-private key pairs. A certificate contains the certificate owner's identity and public key. Certificates provide a way to exchange public keys for use in authentication. 15.1.1 What You Can Do in this Chapter • Use the Local Certificate screens to view and import the ZyXEL Device's CA-signed certificates (Section 15.2 on page 196). • Use the Trusted CA screens to save the certificates of trusted CAs to the ZyXEL Device. You can also export the certificates to a computer (Section 15.2.1 on page 197). 15.1.2 What You Need to Know The following terms and concepts may help as you read this chapter. Certification Authorities A Certification Authority (CA) issues certificates and guarantees the identity of each certificate owner. There are commercial certification authorities like CyberTrust or VeriSign and government certification authorities. Public and Private Keys When using public-key cryptology for authentication, each host has two keys. One key is public and can be made openly available; the other key is private and must be kept secure. Public-key encryption in general works as follows. 1 Tim wants to send a private message to Jenny. Tim generates a public-private key pair. What is encrypted with one key can only be decrypted using the other. 2 Tim keeps the private key and makes the public key openly available. 3 Tim uses his private key to encrypt the message and sends it to Jenny. 4 Jenny receives the message and uses Tim's public key to decrypt it. 5 Additionally, Jenny uses her own private key to encrypt a message and Tim uses Jenny's public key to decrypt the message. ADSL Series User's Guide 193

Section	Page
ADSL Router Series	1
Videos	2
About This User's Guide	3
Document Conventions	5
Safety Warnings	7
Contents Overview	9
Table of Contents	11
User’s Guide	19
Introduction	21
1.1 Overview	21
1.2 Applications for the ZyXEL Device	21
1.2.1 Internet Access	21
1.2.2 Wireless Connection	22
1.2.3 ZyXEL Device’s USB and Print Server Support	22
1.3 The WPS/WLAN Button	23
1.4 Ways to Manage the ZyXEL Device	24
1.5 Good Habits for Managing the ZyXEL Device	25
1.6 The RESET Button	25
Introducing the Web Configurator	27
2.1 Overview	27
2.1.1 Accessing the Web Configurator	27
2.2 The Web Configurator Layout	29
2.2.1 Title Bar	29
2.2.2 Main Window	30
2.2.3 Navigation Panel	30
2.3 User Mode	32
2.3.1 Overview	32
2.3.2 What You Can Do	32
2.3.3 Navigation Panel	33
2.3.4 Network Map	33
2.3.5 Control Panel	34
2.3.6 Power Saving	34
2.3.7 Content Filter	35
2.3.8 Firewall	36
2.3.9 Wireless Security	37
2.3.10 WPS	38
2.3.11 Media Server	38
Tutorials	41
3.1 Overview	41
3.2 Setting Up Your DSL Connection	41
3.3 How to Set up a Wireless Network	44
3.3.1 Example Parameters	44
3.3.2 Configuring the ADSL Device	44
3.3.3 Connecting Wirelessly to your ADSL Device	46
3.3.4 Configuring the Wireless Client using the WPS PIN number	48
3.4 Setting Up NAT Port Forwarding to Allow Access to Network Servers from the Internet	49
3.5 Using the File Sharing Feature	50
3.5.1 Set Up File Sharing	51
3.5.2 Access Your Shared Files From a Computer	54
3.6 Using the Print Server Feature	56
3.7 Configuring the MAC Address Filter for Restricting Wireless Internet Access	70
3.8 Configuring Static Route for Routing to Another Network	71
3.9 Configuring QoS Queue and Class Setup	73
3.10 Access the ADSL Device Using DDNS	77
3.10.1 Registering a DDNS Account on www.dyndns.org	78
3.10.2 Configuring DDNS on Your ADSL Device	78
3.10.3 Testing the DDNS Setting	79
Technical Reference	81
Connection Status and System Info Screens	83
4.1 Overview	83
4.2 The Connection Status Screen	83
4.3 The System Info Screen	84
Broadband	87
5.1 Overview	87
5.1.1 What You Can Do in this Chapter	87
5.1.2 What You Need to Know	87
5.1.3 Before You Begin	88
5.2 The Broadband Screen	88
5.2.1 Add/Edit Internet Connection	89
5.3 Technical Reference	100
Wireless	105
6.1 Overview	105
6.1.1 What You Can Do in this Chapter	105
6.1.2 Wireless Network Overview	105
6.1.3 Before You Begin	107
6.2 The Wireless General Screen	107
6.2.1 No Security	109
6.2.2 Basic (Static WEP/Shared WEP Encryption)	109
6.2.3 More Secure (WPA(2)-PSK)	111
6.2.4 WPA(2) Authentication	112
6.3 The More AP Screen	113
6.3.1 Edit More AP	114
6.4 The WPS Screen	115
6.5 The WMM Screen	117
6.6 Scheduling Screen	118
6.7 Technical Reference	119
6.7.1 Additional Wireless Terms	119
6.7.2 Wireless Security Overview	119
6.7.3 Signal Problems	122
6.7.4 BSS	122
6.7.5 MBSSID	122
6.7.6 WiFi Protected Setup (WPS)	123
Home Networking	131
7.1 Overview	131
7.1.1 What You Can Do in this Chapter	131
7.1.2 What You Need To Know	131
7.2 The LAN Setup Screen	134
7.3 The Static DHCP Screen	136
7.3.1 Before You Begin	136
7.4 The UPnP Screen	137
7.5 The File Sharing Screen	138
7.5.1 Before You Begin	139
7.5.2 Add/Edit File Sharing	140
7.5.3 Add New User	141
7.6 The Media Server Screen	142
7.6.1 The Media Server Screen	142
7.7 The Print Server Screen	143
7.7.1 Before You Begin	143
7.8 Technical Reference	144
7.9 Installing UPnP in Windows Example	148
7.10 Using UPnP in Windows XP Example	151
Routing	157
8.1 Overview	157
8.2 Configuring Static Route	157
8.2.1 Add/Edit Static Route	158
DNS Route	161
9.1 Overview	161
9.1.1 What You Can Do in this Chapter	161
9.2 The DNS Route Screen	162
9.2.1 Add/Edit DNS Route Edit	162
Quality of Service (QoS)	165
10.1 Overview	165
10.1.1 What You Can Do in this Chapter	165
10.1.2 What You Need to Know	165
10.2 The QoS General Screen	166
10.3 The Queue Setup Screen	167
10.3.1 Add/Edit a QoS Queue	168
10.4 The Class Setup Screen	169
10.4.1 Add/Edit QoS Class	170
10.5 The QoS Monitor Screen	173
10.6 QoS Technical Reference	173
10.6.1 IP Precedence	174
10.6.2 DiffServ	174
Network Address Translation (NAT)	175
11.1 Overview	175
11.1.1 What You Can Do in this Chapter	175
11.1.2 What You Need To Know	175
11.2 The Port Forwarding Screen	176
11.2.1 The Port Forwarding Screen	177
11.2.2 The Port Forwarding Edit Screen	177
11.3 The Sessions Screen	178
11.4 The ALG Screen	179
11.5 Technical Reference	180
11.5.1 NAT Definitions	180
11.5.2 What NAT Does	180
11.5.3 How NAT Works	180
Dynamic DNS	183
12.1 Overview	183
12.1.1 What You Need To Know	183
12.2 The Dynamic DNS Screen	183
Firewall	185
13.1 Overview	185
13.1.1 What You Can Do in this Chapter	185
13.1.2 What You Need to Know	185
13.2 The General Screen	186
13.3 The Services Screen	187
13.4 Firewall Technical Reference	188
13.4.1 Guidelines For Enhancing Security With Your Firewall	188
13.4.2 Security Considerations	188
MAC Filter	191
14.1 Overview	191
14.1.1 What You Need to Know	191
14.2 The MAC Filter Screen	191
Certificates	193
15.1 Overview	193
15.1.1 What You Can Do in this Chapter	193
15.1.2 What You Need to Know	193
15.1.3 Verifying a Certificate	195
15.2 Local Certificates	196
15.2.1 Trusted CAs	197
15.2.2 Trusted CA Import	198
15.2.3 View Certificate	198
15.3 VPN Certificates	199
15.3.1 Import Certificate	200
VPN	203
16.1 Overview	203
16.1.1 What You Can Do in the VPN Screens	203
16.1.2 What You Need to Know About IPSec VPN	203
16.1.3 Before You Begin	205
16.2 VPN Setup Screen	205
16.3 The VPN Edit Screen	206
16.4 Configuring Advanced Settings	210
16.5 Viewing SA Monitor	212
16.6 IPSec VPN Technical Reference	212
16.6.1 IPSec Architecture	212
16.6.2 IPSec and NAT	213
16.6.3 VPN, NAT, and NAT Traversal	214
16.6.4 Encapsulation	215
16.6.5 IKE Phases	216
16.6.6 Negotiation Mode	217
16.6.7 Remote DNS Server	217
16.6.8 ID Type and Content	218
16.6.9 Pre-Shared Key	219
16.6.10 Diffie-Hellman (DH) Key Groups	219
16.6.11 Telecommuter VPN/IPSec Examples	219
System Monitor	223
17.1 Overview	223
17.1.1 What You Can Do in this Chapter	223
17.2 The WAN Status Screen	223
17.3 The LAN Status Screen	224
17.4 The NAT Status Screen	225
User Account	227
18.1 Overview	227
18.2 The User Account Screen	227
Remote MGMT	229
19.1 Overview	229
19.1.1 What You Need to Know	229
19.2 The Remote MGMT Screen	229
System	231
20.1 Overview	231
20.1.1 What You Need to Know	231
20.2 The System Screen	231
Time Setting	233
21.1 Overview	233
21.2 The Time Setting Screen	233
Log Setting	235
22.1 Overview	235
22.2 The Log Setting Screen	235
Firmware Upgrade	237
23.1 Overview	237
23.2 The Firmware Screen	237
Backup/Restore	239
24.1 Overview	239
24.2 The Backup/Restore Screen	239
24.3 The Reboot Screen	241
Diagnostic	243
25.1 Overview	243
25.1.1 What You Can Do in this Chapter	243
25.2 The Ping Screen	243
25.3 The DSL Line Screen	244
Troubleshooting	247
26.1 Overview	247
26.2 Power, Hardware Connections, and LEDs	247
26.3 ZyXEL Device Access and Login	248
26.4 Internet Access	250
26.5 Wireless Internet Access	251
26.6 USB Device Connection	252
26.7 UPnP	253
Product Specifications	255
IP Addresses and Subnetting	263
Setting Up Your Computer’s IP Address	273
Pop-up Windows, Java Script and Java Permissions	303
Wireless LANs	311
Common Services	331
Open Software Announcements	335
Legal Information	357

Match case Limit results 1 per page

ADSL Series User’s Guide

193

HAPTER

Certificates

15.1

Overview

The ZyXEL Device can use certificates (also called digital IDs) to authenticate users. Certificates are

based on public-private key pairs. A certificate contains the certificate owner’s identity and public

key. Certificates provide a way to exchange public keys for use in authentication.

15.1.1

What You Can Do in this Chapter

•

Use the

Local Certificate

screens to view and import the ZyXEL Device’s CA-signed certificates

(

Section 15.2 on page 196

•

Use the

Trusted CA

screens to save the certificates of trusted CAs to the ZyXEL Device. You can

also export the certificates to a computer (

Section 15.2.1 on page 197

15.1.2

What You Need to Know

The following terms and concepts may help as you read this chapter.

Certification Authorities

A Certification Authority (CA) issues certificates and guarantees the identity of each certificate

owner. There are commercial certification authorities like CyberTrust or VeriSign and government

certification authorities.

Public and Private Keys

When using public-key cryptology for authentication, each host has two keys. One key is public and

can be made openly available; the other key is private and must be kept secure. Public-key

encryption in general works as follows.

Tim wants to send a private message to Jenny. Tim generates a public-private key pair. What is

encrypted with one key can only be decrypted using the other.

Tim keeps the private key and makes the public key openly available.

Tim uses his private key to encrypt the message and sends it to Jenny.

Jenny receives the message and uses Tim’s public key to decrypt it.

Additionally, Jenny uses her own private key to encrypt a message and Tim uses Jenny’s public key

to decrypt the message.