Home » ZyXEL Manuals » Bridges & Routers » ZyXEL NBG6716 » Manual Viewer

ZyXEL NBG6716 User Guide - Page 95

MAC Address Filter, User Authentication, Encryption

Add to My Manuals
Save this manual to your list of manuals

Page 95 highlights

Chapter 11 Wireless LAN MAC Address Filter Every wireless client has a unique identification number, called a MAC address.1 A MAC address is usually written using twelve hexadecimal characters2; for example, 00A0C5000002 or 00:A0:C5:00:00:02. To get the MAC address for each wireless client, see the appropriate User's Guide or other documentation. You can use the MAC address filter to tell the AP which wireless clients are allowed or not allowed to use the wireless network. If a wireless client is allowed to use the wireless network, it still has to have the correct settings (SSID, channel, and security). If a wireless client is not allowed to use the wireless network, it does not matter if it has the correct settings. This type of security does not protect the information that is sent in the wireless network. Furthermore, there are ways for unauthorized devices to get the MAC address of an authorized wireless client. Then, they can use that MAC address to use the wireless network. User Authentication You can make every user log in to the wireless network before they can use it. This is called user authentication. However, every wireless client in the wireless network has to support IEEE 802.1x to do this. For wireless networks, there are two typical places to store the user names and passwords for each user. • In the AP: this feature is called a local user database or a local database. • In a RADIUS server: this is a server used in businesses more than in homes. If your AP does not provide a local user database and if you do not have a RADIUS server, you cannot set up user names and passwords for your users. Unauthorized devices can still see the information that is sent in the wireless network, even if they cannot use the wireless network. Furthermore, there are ways for unauthorized wireless users to get a valid user name and password. Then, they can use that user name and password to use the wireless network. Local user databases also have an additional limitation that is explained in the next section. Encryption Wireless networks can use encryption to protect the information that is sent in the wireless network. Encryption is like a secret code. If you do not know the secret code, you cannot understand the message. 1. Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks. These kinds of wireless devices might not have MAC addresses. 2. Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F. NBG6716 User's Guide 95

Section	Page
NBG6716	1
Contents Overview	3
Table of Contents	5
User’s Guide	13
Introduction	15
1.1 Overview	15
1.1.1 Dual-Band	16
1.2 Applications	16
1.3 Ways to Manage the NBG6716	16
1.4 Good Habits for Managing the NBG6716	17
1.5 Resetting the NBG6716	17
1.5.1 How to Use the RESET Button	17
1.6 The WPS Button	17
1.7 LEDs	18
1.8 Wall Mounting	20
Connection Wizard	21
2.1 Overview	21
2.2 Accessing the Wizard	21
2.3 Connect to Internet	22
2.3.1 Connection Type: IPoE	23
2.3.2 Connection Type: PPPoE	24
2.4 Router Password	26
2.5 Wireless Security	27
2.5.1 Wireless Security: No Security	27
2.5.2 Wireless Security: WPA2-PSK	28
Introducing the Web Configurator	31
3.1 Overview	31
3.2 Accessing the Web Configurator	31
3.2.1 Login Screen	31
3.2.2 Password Screen	32
NBG6716 Modes	35
4.1 Overview	35
4.1.1 Web Configurator Modes	35
4.1.2 Device Modes	35
Easy Mode	37
5.1 Overview	37
5.2 What You Can Do	38
5.3 What You Need to Know	38
5.4 Navigation Panel	39
5.5 Network Map	39
5.6 Control Panel	40
5.6.1 Power Saving	40
5.6.2 Content Filter	41
5.6.3 Firewall	42
5.6.4 Internet Setting	42
5.6.5 Wireless Security	44
5.6.6 WPS	45
5.7 Status Screen in Easy Mode	46
Router Mode	49
6.1 Overview	49
6.2 Router Mode Status Screen	49
6.2.1 Navigation Panel	52
Access Point Mode	57
7.1 Overview	57
7.2 What You Can Do	57
7.3 What You Need to Know	57
7.3.1 Setting your NBG6716 to AP Mode	58
7.3.2 Accessing the Web Configurator in Access Point Mode	58
7.3.3 Configuring your WLAN and Maintenance Settings	59
7.4 AP Mode Status Screen	59
7.4.1 Navigation Panel	61
7.5 LAN Screen	61
Tutorials	65
8.1 Overview	65
8.2 Set Up a Wireless Network with WPS	65
8.2.1 Push Button Configuration (PBC)	65
8.2.2 PIN Configuration	66
8.3 Configure Wireless Security without WPS	67
8.3.1 Configure Your Notebook	69
8.4 Using Multiple SSIDs on the NBG6716	71
8.4.1 Configuring Security Settings of Multiple SSIDs	72
Technical Reference	77
Monitor	79
9.1 Overview	79
9.2 What You Can Do	79
9.3 The Log Screen	79
9.3.1 View Log	79
9.3.2 Log Setting	80
9.4 DHCP Table	80
9.5 Packet Statistics	81
9.6 WLAN Station Status	82
WAN	85
10.1 Overview	85
10.2 What You Can Do	85
10.3 What You Need To Know	85
10.3.1 Configuring Your Internet Connection	86
10.4 Internet Connection	87
10.4.1 IPoE Encapsulation	87
10.4.2 PPPoE Encapsulation	89
10.5 Advanced WAN Screen	91
Wireless LAN	93
11.1 Overview	93
11.1.1 What You Can Do	94
11.1.2 What You Should Know	94
11.2 General Wireless LAN Screen	98
11.3 Wireless Security	100
11.3.1 No Security	100
11.3.2 WEP Encryption	101
11.3.3 WPA-PSK/WPA2-PSK	103
11.3.4 WPA/WPA2	104
11.4 More AP Screen	106
11.4.1 More AP Edit	107
11.5 MAC Filter Screen	109
11.6 Wireless LAN Advanced Screen	111
11.7 Quality of Service (QoS) Screen	111
11.8 WPS Screen	112
11.9 WPS Station Screen	114
11.10 Scheduling Screen	114
LAN	117
12.1 Overview	117
12.2 What You Can Do	117
12.3 What You Need To Know	117
12.3.1 IP Alias	118
12.4 LAN IP Screen	118
12.5 IP Alias Screen	119
DHCP Server	121
13.1 Overview	121
13.1.1 What You Can Do	121
13.1.2 What You Need To Know	121
13.2 DHCP Server General Screen	122
13.3 DHCP Server Advanced Screen	122
13.4 DHCP Client List Screen	124
NAT	127
14.1 Overview	127
14.1.1 What You Can Do	127
14.1.2 What You Need To Know	128
14.2 General	129
14.3 Port Forwarding Screen	130
14.3.1 Port Forwarding Edit Screen	132
14.4 Port Trigger Screen	133
14.5 Technical Reference	134
14.5.1 NATPort Forwarding: Services and Port Numbers	134
14.5.2 NAT Port Forwarding Example	134
14.5.3 Trigger Port Forwarding	135
14.5.4 Trigger Port Forwarding Example	135
14.5.5 Two Points To Remember About Trigger Ports	136
DDNS	137
15.1 Overview	137
15.1.1 What You Need To Know	137
15.2 General	137
Static Route	139
16.1 Overview	139
16.2 IP Static Route Screen	139
16.2.1 Add/Edit Static Route	140
Firewall	143
17.1 Overview	143
17.1.1 What You Can Do	143
17.1.2 What You Need To Know	143
17.2 General Screen	145
17.3 Services Screen	145
Content Filtering	149
18.1 Overview	149
18.1.1 What You Need To Know	149
18.2 Content Filter	149
18.3 Technical Reference	151
18.3.1 Customizing Keyword Blocking URL Checking	151
StreamBoost Management	153
19.1 Overview	153
19.2 What You Can Do	153
19.3 Network Screen	154
19.4 Banwidth Screen	154
19.5 Priorities Screen	156
19.6 Up Time Screen	156
19.7 Downloads Screen	157
19.8 All Events Screen	158
Remote Management	161
20.1 Overview	161
20.2 What You Can Do in this Chapter	161
20.3 What You Need to Know	161
20.3.1 Remote Management and NAT	162
20.3.2 System Timeout	162
20.4 WWW Screen	162
20.5 Telnet Screen	163
20.6 Wake On LAN Screen	163
Universal Plug-and-Play (UPnP)	165
21.1 Overview	165
21.2 What You Need to Know	165
21.2.1 NAT Traversal	165
21.2.2 Cautions with UPnP	165
21.3 UPnP Screen	166
21.4 Technical Reference	166
21.4.1 Using UPnP in Windows XP Example	166
21.4.2 Web Configurator Easy Access	168
USB Media Sharing	171
22.1 Overview	171
22.2 What You Can Do	172
22.3 What You Need To Know	172
22.4 Before You Begin	173
22.5 DLNA Screen	174
22.6 SAMBA Screen	174
22.7 FTP Screen	176
22.8 Example of Accessing Your Shared Files From a Computer	177
22.8.1 Use Windows Explorer to Share Files	177
22.8.2 Use FTP to Share Files	179
Maintenance	181
23.1 Overview	181
23.2 What You Can Do	181
23.3 General Screen	181
23.4 Password Screen	182
23.5 Time Setting Screen	183
23.6 Firmware Upgrade Screen	184
23.7 Configuration Backup/Restore Screen	186
23.8 Restart Screen	187
23.9 Language Screen	187
23.10 System Operation Mode Overview	188
23.11 Sys OP Mode Screen	189
Troubleshooting	191
24.1 Overview	191
24.2 Power, Hardware Connections, and LEDs	191
24.3 NBG6716 Access and Login	192
24.4 Internet Access	193
24.5 Resetting the NBG6716 to Its Factory Defaults	195
24.6 Wireless Connections	195
24.7 USB Device Problems	197
24.8 ZyXEL Share Center Utility Problems	197
Pop-up Windows, JavaScript and Java Permissions	199
Setting Up Your Computer’s IP Address	209
Common Services	237
Legal Information	241

Match case Limit results 1 per page

Chapter 11 Wireless LAN

NBG6716 User’s Guide

MAC Address Filter

Every wireless client has a unique identification number, called a MAC address.

A MAC address is

usually written using twelve hexadecimal characters

; for example, 00A0C5000002 or

00:A0:C5:00:00:02. To get the MAC address for each wireless client, see the appropriate User’s

Guide or other documentation.

You can use the MAC address filter to tell the AP which wireless clients are allowed or not allowed to

use the wireless network. If a wireless client is allowed to use the wireless network, it still has to

have the correct settings (SSID, channel, and security). If a wireless client is not allowed to use the

wireless network, it does not matter if it has the correct settings.

This type of security does not protect the information that is sent in the wireless network.

Furthermore, there are ways for unauthorized devices to get the MAC address of an authorized

wireless client. Then, they can use that MAC address to use the wireless network.

User Authentication

You can make every user log in to the wireless network before they can use it. This is called user

authentication. However, every wireless client in the wireless network has to support IEEE 802.1x

to do this.

For wireless networks, there are two typical places to store the user names and passwords for each

user.

•

In the AP: this feature is called a local user database or a local database.

•

In a RADIUS server: this is a server used in businesses more than in homes.

If your AP does not provide a local user database and if you do not have a RADIUS server, you

cannot set up user names and passwords for your users.

Unauthorized devices can still see the information that is sent in the wireless network, even if they

cannot use the wireless network. Furthermore, there are ways for unauthorized wireless users to

get a valid user name and password. Then, they can use that user name and password to use the

wireless network.

Local user databases also have an additional limitation that is explained in the next section.

Encryption

Wireless networks can use encryption to protect the information that is sent in the wireless

network. Encryption is like a secret code. If you do not know the secret code, you cannot

understand the message.

Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks. These kinds

of wireless devices might not have MAC addresses.

Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F.