Home » ZyXEL Manuals » Networking » ZyXEL MAX-306 » Manual Viewer

ZyXEL MAX-306 User Guide - Page 200

Verifying a Certificate

Get ZyXEL MAX-306 PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 200 highlights

Chapter 15 The Certificates Screens • The WiMAX Device only has to store the certificates of the certification authorities that you decide to trust, no matter how many devices you need to authenticate. • Key distribution is simple and very secure since you can freely distribute public keys and you never need to transmit private keys. 15.4.1.2 Self-signed Certificates You can have the WiMAX Device act as a certification authority and sign its own certificates. 15.4.1.3 Factory Default Certificate The WiMAX Device generates its own unique self-signed certificate when you first turn it on. This certificate is referred to in the GUI as the factory default certificate. 15.4.1.4 Certificate File Formats Any certificate that you want to import has to be in one of these file formats: • Binary X.509: This is an ITU-T recommendation that defines the formats for X.509 certificates. • PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses lowercase letters, uppercase letters and numerals to convert a binary X.509 certificate into a printable form. • Binary PKCS#7: This is a standard that defines the general syntax for data (including digital signatures) that may be encrypted. A PKCS #7 file is used to transfer a public key certificate. The private key is not included. The WiMAX Device currently allows the importation of a PKS#7 file that contains a single certificate. • PEM (Base-64) encoded PKCS#7: This Privacy Enhanced Mail (PEM) format uses lowercase letters, uppercase letters and numerals to convert a binary PKCS#7 certificate into a printable form. Note: Be careful to not convert a binary file to text during the transfer process. It is easy for this to occur since many programs use text files by default. 15.4.2 Verifying a Certificate Before you import a certificate into the WiMAX Device, you should verify that you have the correct certificate. This is especially true of trusted certificates since the WiMAX Device also trusts any valid certificate signed by any of the imported trusted certificates. 200 User's Guide

Section	Page
MAX-306HW2 Series	1
About This User's Guide	3
Document Conventions	4
Safety Warnings	6
Contents Overview	9
Table of Contents	11
List of Figures	19
List of Tables	25
Introduction and Wizards	29
Getting Started	31
1.1 Overview	31
1.1.1 Wi-Fi Access Point	32
1.1.2 WiMAX Internet Access	32
1.1.3 Make Calls via Internet Telephony Service Provider	33
1.2 WiMAX Device Hardware	34
1.2.1 LEDs	34
1.3 Good Habits for Managing the WiMAX Device	35
Introducing the Web Configurator	37
2.1 Overview	37
2.1.1 Accessing the Web Configurator	37
2.1.2 The Reset Button	40
2.2 The Main Screen	40
Internet Connection Wizard	47
3.1 Overview	47
3.1.1 Welcome to the ZyXEL Setup Wizard	47
3.1.2 System Information	48
3.1.3 Wireless LAN	49
3.1.4 Authentication Settings	54
3.1.5 IP Address	56
3.1.6 Setup Complete	58
VoIP Connection Wizard	59
4.1 Overview	59
4.2 Welcome to the ZyXEL Setup Wizard	59
4.2.1 First Voice Account Settings	60
4.2.2 Setup Complete	63
Basic Screens	65
The Setup Screens	67
5.1 Overview	67
5.1.1 What You Can Do in This Chapter	67
5.1.2 What You Need to Know	67
5.1.3 Before You Begin	68
5.2 Set IP Address	68
5.3 DHCP Client	69
5.4 Time Setting	70
5.4.1 Pre-Defined NTP Time Servers List	71
5.4.2 Resetting the Time	72
Advanced Screens	73
The LAN Configuration Screens	75
6.1 Overview	75
6.1.1 What You Can Do in This Chapter	75
6.1.2 What You Need to Know	75
6.2 DHCP Setup	76
6.3 Static DHCP	78
6.4 IP Alias	79
6.5 IP Static Route	81
6.5.1 IP Static Route Setup	82
6.6 Other Settings	83
6.7 Technical Reference	84
6.7.1 IP Address and Subnet Mask	84
6.7.2 DHCP Setup	85
6.7.3 LAN TCP/IP	85
6.7.4 DNS Server Address	86
6.7.5 RIP Setup	86
6.7.6 Multicast	87
The WAN Configuration Screens	89
7.1 Overview	89
7.1.1 What You Can Do in This Chapter	89
7.1.2 What You Need to Know	89
7.2 Internet Connection	93
7.3 WiMAX Configuration	95
7.3.1 Frequency Ranges	97
7.3.2 Configuring Frequency Settings	97
7.3.3 Using the WiMAX Frequency Screen	98
7.4 Traffic Redirect	99
7.5 Advanced	101
The Wi-Fi Configuration Screens	103
8.1 Overview	103
8.1.1 What You Can Do in This Chapter	103
8.1.2 What You Need to Know	103
8.2 General	104
8.3 MAC Filter	109
8.4 Advanced	110
The VPN Transport Screens	113
9.1 Overview	113
9.1.1 What You Can Do in This Chapter	114
9.1.2 What You Need to Know	114
9.1.3 Before You Begin	115
9.2 General	116
9.3 Customer Interface	116
9.3.1 Multi-Protocol Label Switching	117
9.3.2 Generic Routing Encapsulation	117
9.3.3 Customer Interface Options	118
9.3.4 Customer Interface Setup	120
9.4 Ethernet Pseudowire	121
9.4.1 Ethernet Pseudowire Setup	123
9.5 Statistics	124
The NAT Configuration Screens	125
10.1 Overview	125
10.1.1 What You Can Do in This Chapter	125
10.2 General	125
10.3 Port Forwarding	126
10.3.1 Port Forwarding Options	127
10.3.2 Port Forwarding Rule Setup	129
10.4 Trigger Port	130
10.4.1 Trigger Port Forwarding Example	131
10.5 ALG	132
The System Configuration Screens	135
11.1 Overview	135
11.1.1 What You Can Do in This Chapter	135
11.1.2 What You Need to Know	135
11.2 General	137
11.3 Dynamic DNS	138
11.4 Firmware	140
11.4.1 The Firmware Upload Process	141
11.5 Configuration	142
11.5.1 The Restore Configuration Process	143
11.6 Restart	143
11.6.1 The Restart Process	144
Voice Screens	145
The Service Configuration Screens	147
12.1 Overview	147
12.1.1 What You Can Do in This Chapter	147
12.1.2 What You Need to Know	147
12.1.3 Before you Begin	149
12.2 SIP Settings	149
12.2.1 Advanced SIP Settings	151
12.3 QoS	158
12.4 Technical Reference	159
12.4.1 SIP Call Progression	159
12.4.2 SIP Client Server	160
12.4.3 SIP User Agent	160
12.4.4 SIP Proxy Server	160
12.4.5 SIP Redirect Server	161
12.4.6 NAT and SIP	162
12.4.7 DiffServ	162
12.4.8 DSCP and Per-Hop Behavior	163
The Phone Screens	165
13.1 Overview	165
13.1.1 What You Can Do in This Chapter	165
13.1.2 What You Need to Know	165
13.2 Analog Phone	166
13.2.1 Advanced Analog Phone Setup	168
13.3 Common	169
13.4 Region	170
13.5 Technical Reference	170
13.5.1 The Flash Key	170
13.5.2 Europe Type Supplementary Phone Services	171
13.5.3 USA Type Supplementary Services	173
The Phone Book Screens	175
14.1 Overview	175
14.1.1 What You Can Do in This Chapter	175
14.1.2 What You Need to Know	175
14.2 Incoming Call Policy	176
14.3 Speed Dial	178
Tools & Status Screens	181
The Certificates Screens	183
15.1 Overview	183
15.1.1 What You Can Do in This Chapter	183
15.1.2 What You Need to Know	183
15.2 My Certificates	184
15.2.1 My Certificates Create	186
15.2.2 My Certificate Edit	189
15.2.3 My Certificate Import	192
15.3 Trusted CAs	193
15.3.1 Trusted CA Edit	195
15.3.2 Trusted CA Import	197
15.4 Technical Reference	198
15.4.1 Certificate Authorities	198
15.4.2 Verifying a Certificate	200
The Firewall Screens	203
16.1 Overview	203
16.1.1 What You Can Do in This Chapter	203
16.1.2 What You Need to Know	203
16.2 Firewall Setting	204
16.2.1 Firewall Rule Directions	204
16.2.2 Triangle Route	205
16.2.3 Firewall Setting Options	206
16.3 Service Setting	207
16.4 Technical Reference	208
16.4.1 Stateful Inspection Firewall.	208
16.4.2 Guidelines For Enhancing Security With Your Firewall	209
16.4.3 The “Triangle Route” Problem	209
Content Filter	213
17.1 Overview	213
17.1.1 What You Can Do in This Chapter	213
17.2 Filter	214
17.3 Schedule	216
The Remote Management Screens	217
18.1 Overview	217
18.1.1 What You Can Do in This Chapter	217
18.1.2 What You Need to Know	218
18.2 WWW	219
18.3 Telnet	220
18.4 FTP	220
18.5 SNMP	221
18.5.1 SNMP Traps	222
18.5.2 SNMP Options	223
18.6 DNS	224
18.7 Security	225
The Logs Screens	227
19.1 Overview	227
19.1.1 What You Can Do in This Chapter	227
19.1.2 What You Need to Know	227
19.2 View Logs	229
19.3 Log Settings	231
19.4 Log Message Descriptions	233
The UPnP Screen	243
20.1 Overview	243
20.1.1 What You Can Do in This Chapter	243
20.1.2 What You Need to Know	243
20.2 UPnP	244
20.3 Technical Reference	245
20.3.1 Installing UPnP in Windows XP	245
20.3.2 Web Configurator Easy Access	249
The Status Screen	253
21.1 Overview	253
21.2 Status Screen	253
21.2.1 Packet Statistics	258
21.2.2 WiMAX Site Information	259
21.2.3 DHCP Table	260
21.2.4 VoIP Statistics	261
21.2.5 WiMAX Profile	263
Troubleshooting and Specifications	265
Troubleshooting	267
22.1 Power, Hardware Connections, and LEDs	267
22.2 WiMAX Device Access and Login	268
22.3 Internet Access	270
22.4 Phone Calls and VoIP	272
22.5 Reset the WiMAX Device to Its Factory Defaults	273
22.5.1 Pop-up Windows, JavaScripts and Java Permissions	273
Product Specifications	275
Appendices and Index	277
WiMAX Security	279
Setting Up Your Computer’s IP Address	283
Wireless LANs	311
Pop-up Windows, JavaScripts and Java Permissions	327
IP Addresses and Subnetting	337
Importing Certificates	349
SIP Passthrough	381
Common Services	383
Legal Information	387
Customer Support	391

Match case Limit results 1 per page

Chapter 15 The Certificates Screens

User’s Guide

200

•

The WiMAX Device only has to store the certificates of the certification

authorities that you decide to trust, no matter how many devices you need to

authenticate.

•

Key distribution is simple and very secure since you can freely distribute public

keys and you never need to transmit private keys.

15.4.1.2

Self-signed Certificates

You can have the WiMAX Device act as a certification authority and sign its own

certificates.

15.4.1.3

Factory Default Certificate

The WiMAX Device generates its own unique self-signed certificate when you first

turn it on. This certificate is referred to in the GUI as the factory default

certificate.

15.4.1.4

Certificate File Formats

Any certificate that you want to import has to be in one of these file formats:

•

Binary X.509: This is an ITU-T recommendation that defines the formats for

X.509 certificates.

•

PEM (Base-64) encoded X.509: This Privacy Enhanced Mail format uses

lowercase letters, uppercase letters and numerals to convert a binary X.509

certificate into a printable form.

•

Binary PKCS#7: This is a standard that defines the general syntax for data

(including digital signatures) that may be encrypted. A PKCS #7 file is used to

transfer a public key certificate. The private key is not included. The WiMAX

Device currently allows the importation of a PKS#7 file that contains a single

certificate.

•

PEM (Base-64) encoded PKCS#7: This Privacy Enhanced Mail (PEM) format uses

lowercase letters, uppercase letters and numerals to convert a binary PKCS#7

certificate into a printable form.

Note: Be careful to not convert a binary file to text during the transfer process. It is

easy for this to occur since many programs use text files by default.

15.4.2

Verifying a Certificate

Before you import a certificate into the WiMAX Device, you should verify that you

have the correct certificate. This is especially true of trusted certificates since the

WiMAX Device also trusts any valid certificate signed by any of the imported

trusted certificates.