Home » ZyXEL Manuals » Wireless » ZyXEL VMG9823 » Manual Viewer

ZyXEL VMG9823 User Guide - Page 219

Any_WAN, MultiWAN, Start Port, End Port, AES_CM_128_HMAC_SHA1_80, AES_CM_128_HMAC_SHA1_32,

Add to My Manuals
Save this manual to your list of manuals

Page 219 highlights

Chapter 21 Voice Table 98 VoIP > SIP > SIP Service Provider > Add New Provider/Edit (continued) LABEL DESCRIPTION Don't send reInvite to the remote party when there are multiple codecs answered in the SDP Do not send a re-Invite packet to the remote party when the remote party answers that it can support multiple codecs. Bound Interface Name Bound If you select Any_WAN, the VMG automatically activates the VoIP service when any WAN Interface Name connection is up. If you select MultiWAN, you also need to select two or more pre-configured WAN interfaces. The VoIP service is activated only when one of the selected WAN connections is up. Outbound Proxy Outbound Proxy Address Enter the IP address or domain name of the SIP outbound proxy server if your VoIP service provider has a SIP outbound server to handle voice calls. This allows the VMG to work with any type of NAT router and eliminates the need for STUN or a SIP ALG. Turn off any SIP ALG on a NAT router in front of the VMG to keep it from re-translating the IP address (since this is already handled by the outbound proxy server). Outbound Proxy Port Enter the SIP outbound proxy server's listening port, if your VoIP service provider gave you one. Otherwise, keep the default value. Use DHCP Option 120 First Select this to enable the SIP server via DHCP option 120. RTP Port Range Start Port End Port Enter the listening port number(s) for RTP traffic, if your VoIP service provider gave you this information. Otherwise, keep the default values. To enter one port number, enter the port number in the Start Port and End Port fields. To enter a range of ports, SRTP Support SRTP Support • enter the port number at the beginning of the range in the Start Port field. • enter the port number at the end of the range in the End Port field. When you make a VoIP call using SIP, the Real-time Transport Protocol (RTP) is used to handle voice data transfer. The Secure Real-time Transport Protocol (SRTP) is a security profile of RTP. It is designed to provide encryption and authentication for the RTP data in both unicast and multicast applications. The VMG supports encryption using AES with a 128-bit key. To protect data integrity, SRTP uses a Hash-based Message Authentication Code (HMAC) calculation with Secure Hash Algorithm (SHA)-1 to authenticate data. HMAC SHA-1 produces a 80 or 32-bit authentication tag that is appended to the packet. Crypto Suite Both the caller and callee should use the same algorithms to establish an SRTP session. Select the encryption and authentication algorithm set used by the VMG to set up an SRTP media session with the peer device. Select AES_CM_128_HMAC_SHA1_80 or AES_CM_128_HMAC_SHA1_32 to enable both data encryption and authentication for voice data. Select AES_CM_128_NULL to use 128-bit data encryption but disable data authentication. DTMF Mode Select NULL_CIPHER_HMAC_SHA1_80 to disable encryption but require authentication using the default 80-bit tag. VMG9823-B10A User's Guide 219

Section	Page
VMG9823-B10A	1
Contents Overview	3
Table of Contents	5
User’s Guide	15
Introducing the VMG	16
1.1 Overview	16
1.2 Ways to Manage the VMG	16
1.3 Good Habits for Managing the VMG	16
1.4 Applications for the VMG	17
1.4.1 Internet Access	17
1.4.2 VMG’s USB Support	18
1.5 LEDs (Lights)	19
1.6 The RESET Button	21
1.7 Wireless Access	21
1.7.1 Using the WPS Button	22
The Web Configurator	23
2.1 Overview	23
2.1.1 Accessing the Web Configurator	23
2.2 Web Configurator Layout	25
2.2.1 Title Bar	25
2.2.2 Navigation Panel	26
Quick Start	30
3.1 Overview	30
3.2 Quick Start Setup	30
Tutorials	33
4.1 Overview	33
4.2 Setting Up an ADSL PPPoE Connection	33
4.3 Setting Up a Secure Wireless Network	36
4.3.1 Configuring the Wireless Network Settings	36
4.3.2 Using WPS	38
4.3.3 Without WPS	42
4.4 Setting Up Multiple Wireless Groups	43
4.5 Configuring Static Route for Routing to Another Network	46
4.6 Configuring QoS Queue and Class Setup	48
4.7 Access the VMG Using DDNS	52
4.7.1 Registering a DDNS Account on www.dyndns.org	52
4.7.2 Configuring DDNS on Your VMG	53
4.7.3 Testing the DDNS Setting	53
4.8 Configuring the MAC Address Filter	53
4.9 Access Your Shared Files From a Computer	54
Technical Reference	56
Network Map and Status Screens	57
5.1 Overview	57
5.2 The Network Map Screen	57
5.3 The Status Screen	58
Broadband	62
6.1 Overview	62
6.1.1 What You Can Do in this Chapter	62
6.1.2 What You Need to Know	63
6.1.3 Before You Begin	65
6.2 The Broadband Screen	66
6.2.1 Add/Edit Internet Connection	66
6.3 The Advanced Screen	75
6.4 The Ethernet WAN Screen	78
6.5 The 802.1x Screen	78
6.5.1 Modify 802.1X Settings	79
6.6 Technical Reference	80
Wireless	86
7.1 Overview	86
7.1.1 What You Can Do in this Chapter	86
7.1.2 What You Need to Know	86
7.2 The General Screen	87
7.2.1 No Security	89
7.2.2 Basic (WEP Encryption)	90
7.2.3 More Secure (WPA(2)-PSK)	91
7.3 The Guest/More AP Screen	92
7.3.1 Edit Guest/More AP	93
7.4 MAC Authentication	95
7.5 The WPS Screen	96
7.6 The WMM Screen	98
7.7 The Others Screen	99
7.8 The Channel Status Screen	101
7.9 Technical Reference	101
7.9.1 Wireless Network Overview	101
7.9.2 Additional Wireless Terms	103
7.9.3 Wireless Security Overview	103
7.9.4 Signal Problems	106
7.9.5 BSS	106
7.9.6 MBSSID	107
7.9.7 Preamble Type	107
7.9.8 WiFi Protected Setup (WPS)	107
Home Networking	114
8.1 Overview	114
8.1.1 What You Can Do in this Chapter	114
8.1.2 What You Need To Know	115
8.1.3 Before You Begin	116
8.2 The LAN Setup Screen	116
8.3 The Static DHCP Screen	120
8.4 The UPnP Screen	121
8.4.1 Turning On UPnP in Windows 7 Example	122
8.5 The Additional Subnet Screen	124
8.6 The STB Vendor ID Screen	125
8.7 The Wake on LAN Screen	125
8.8 The TFTP Server Name Screen	126
8.9 Technical Reference	126
8.9.1 LANs, WANs and the VMG	126
8.9.2 DHCP Setup	127
8.9.3 DNS Server Addresses	127
8.9.4 LAN TCP/IP	128
Routing	130
9.1 Overview	130
9.2 The Routing Screen	130
9.2.1 Add/Edit Static Route	131
9.3 The DNS Route Screen	132
9.3.1 The DNS Route Add Screen	133
9.4 The Policy Route Screen	133
9.4.1 Add/Edit Policy Route	135
9.5 RIP	136
9.5.1 The RIP Screen	136
Quality of Service (QoS)	137
10.1 Overview	137
10.1.1 What You Can Do in this Chapter	137
10.2 What You Need to Know	138
10.3 The Quality of Service General Screen	139
10.4 The Queue Setup Screen	140
10.4.1 Adding a QoS Queue	142
10.5 The Classification Setup Screen	143
10.5.1 Add/Edit QoS Class	143
10.6 The QoS Shaper Setup Screen	147
10.6.1 Add/Edit a QoS Shaper	148
10.7 The QoS Policer Setup Screen	148
10.7.1 Add/Edit a QoS Policer	149
10.8 Technical Reference	150
Network Address Translation (NAT)	155
11.1 Overview	155
11.1.1 What You Can Do in this Chapter	155
11.1.2 What You Need To Know	155
11.2 The Port Forwarding Screen	156
11.2.1 Add/Edit Port Forwarding	158
11.3 The Applications Screen	159
11.3.1 Add New Application	160
11.4 The Port Triggering Screen	160
11.4.1 Add/Edit Port Triggering Rule	162
11.5 The DMZ Screen	163
11.6 The ALG Screen	164
11.7 The Address Mapping Screen	164
11.7.1 Add/Edit Address Mapping Rule	165
11.8 The Sessions Screen	166
11.9 Technical Reference	167
11.9.1 NAT Definitions	167
11.9.2 What NAT Does	167
11.9.3 How NAT Works	168
11.9.4 NAT Application	168
Dynamic DNS Setup	171
12.1 Overview	171
12.1.1 What You Can Do in this Chapter	171
12.1.2 What You Need To Know	171
12.2 The DNS Entry Screen	172
12.2.1 Add/Edit DNS Entry	172
12.3 The Dynamic DNS Screen	173
VLAN Group	175
13.1 Overview	175
13.1.1 What You Can Do in this Chapter	175
13.2 The VLAN Group Screen	175
13.2.1 Add/Edit a VLAN Group	176
Interface Grouping	177
14.1 Overview	177
14.1.1 What You Can Do in this Chapter	177
14.2 The Interface Grouping Screen	177
14.2.1 Interface Group Configuration	178
14.2.2 Interface Grouping Criteria	180
USB Service	182
15.1 Overview	182
15.1.1 What You Can Do in this Chapter	182
15.1.2 What You Need To Know	182
15.1.3 Before You Begin	183
15.2 The File Sharing Screen	183
15.2.1 The Add New User Screen	184
15.3 The Media Server Screen	185
Firewall	187
16.1 Overview	187
16.1.1 What You Can Do in this Chapter	187
16.1.2 What You Need to Know	188
16.2 The Firewall Screen	188
16.3 The Protocol Screen	189
16.3.1 Add/Edit a Service	190
16.4 The Access Control Screen	191
16.4.1 Add/Edit an ACL Rule	191
16.5 The DoS Screen	193
MAC Filter	194
17.1 Overview	194
17.2 The MAC Filter Screen	194
Parental Control	196
18.1 Overview	196
18.2 The Parental Control Screen	196
18.2.1 Add/Edit a Parental Control Profile	197
Scheduler Rule	200
19.1 Overview	200
19.2 The Scheduler Rule Screen	200
19.2.1 Add/Edit a Schedule	200
Certificates	202
20.1 Overview	202
20.1.1 What You Can Do in this Chapter	202
20.2 What You Need to Know	202
20.3 The Local Certificates Screen	202
20.3.1 Create Certificate Request	203
20.3.2 Load Signed Certificate	205
20.4 The Trusted CA Screen	206
20.4.1 View Trusted CA Certificate	206
20.4.2 Import Trusted CA Certificate	207
Voice	209
21.1 Overview	209
21.1.1 What You Can Do in this Chapter	209
21.1.2 What You Need to Know About VoIP	209
21.2 Before You Begin	210
21.3 The SIP Account Screen	210
21.3.1 The SIP Account Add/Edit Screen	211
21.4 The SIP Service Provider Screen	215
21.4.1 The SIP Service Provider Add/Edit Screen	216
21.4.2 Dial Plan Rules	222
21.5 The Phone Device Screen	223
21.5.1 The Phone Device Edit Screen	223
21.6 The Region Screen	224
21.7 The Call Rule Screen	225
21.8 Technical Reference	226
21.8.1 Quality of Service (QoS)	233
21.8.2 Phone Services Overview	234
Log	239
22.1 Overview	239
22.1.1 What You Can Do in this Chapter	239
22.1.2 What You Need To Know	239
22.2 The System Log Screen	240
22.3 The Security Log Screen	240
Traffic Status	242
23.1 Overview	242
23.1.1 What You Can Do in this Chapter	242
23.2 The WAN Status Screen	242
23.3 The LAN Status Screen	243
23.4 The NAT Status Screen	244
VoIP Status	245
24.1 The VoIP Status Screen	245
ARP Table	247
25.1 Overview	247
25.1.1 How ARP Works	247
25.2 ARP Table Screen	247
Routing Table	249
26.1 Overview	249
26.2 The Routing Table Screen	249
Multicast Status	251
27.1 Overview	251
27.2 The IGMP Status Screen	251
27.3 The MLD Status Screen	251
xDSL Statistics	253
28.1 The xDSL Statistics Screen	253
System	256
29.1 Overview	256
29.2 The System Screen	256
User Account	257
30.1 Overview	257
30.2 The User Account Screen	257
30.2.1 The User Account Add/Edit Screen	257
Remote Management	259
31.1 Overview	259
31.2 The MGMT Services Screen	259
31.3 The Trust Domain Screen	260
31.3.1 The Add Trust Domain Screen	260
SNMP	262
32.1 Overview	262
32.2 The SNMP Screen	262
Time Settings	264
33.1 Overview	264
33.2 The Time Screen	264
E-mail Notification	266
34.1 Overview	266
34.2 The E-mail Notification Screen	266
34.2.1 E-mail Notification Edit	266
Log Setting	268
35.1 Overview	268
35.2 The Log Settings Screen	268
35.2.1 Example E-mail Log	269
Firmware Upgrade	271
36.1 Overview	271
36.2 The Firmware Screen	271
Backup/Restore	273
37.1 Overview	273
37.2 The Backup/Restore Screen	273
37.3 The Reboot Screen	275
Diagnostic	276
38.1 Overview	276
38.1.1 What You Can Do in this Chapter	276
38.2 What You Need to Know	276
38.3 Ping & TraceRoute & NsLookup	277
38.4 802.1ag	277
38.5 OAM Ping	278
Troubleshooting	281
39.1 Power, Hardware Connections, and LEDs	281
39.2 VMG Access and Login	282
39.3 Internet Access	284
39.4 Wireless Internet Access	285
39.5 USB Device Connection	286
39.6 UPnP	286
Appendices	287
Customer Support	288
Wireless LANs	294
IPv6	307
Services	315
Legal Information	319

Match case Limit results 1 per page

Chapter 21 Voice

VMG9823-B10A User’s Guide

219

Don't send re-

Invite to the

remote party

when there are

multiple codecs

answered in the

SDP

Do not send a re-Invite packet to the remote party when the remote party answers that it

can support multiple codecs.

Bound Interface Name

Bound

Interface Name

If you select

Any_WAN

, the VMG automatically activates the VoIP service when any WAN

connection is up.

If you select

MultiWAN

, you also need to select two or more pre-configured WAN

interfaces. The VoIP service is activated only when one of the selected WAN connections is

up.

Outbound Proxy

Outbound

Proxy Address

Enter the IP address or domain name of the SIP outbound proxy server if your VoIP service

provider has a SIP outbound server to handle voice calls. This allows the VMG to work with

any type of NAT router and eliminates the need for STUN or a SIP ALG. Turn off any SIP ALG

on a NAT router in front of the VMG to keep it from re-translating the IP address (since this

is already handled by the outbound proxy server).

Outbound

Proxy Port

Enter the SIP outbound proxy server’s listening port, if your VoIP service provider gave you

one. Otherwise, keep the default value.

Use DHCP

Option 120

First

Select this to enable the SIP server via DHCP option 120.

RTP Port Range

Start Port

End Port

Enter the listening port number(s) for RTP traffic, if your VoIP service provider gave you this

information. Otherwise, keep the default values.

To enter one port number, enter the port number in the

Start Port

and

End Port

fields.

To enter a range of ports,

•

enter the port number at the beginning of the range in the

Start Port

field.

•

enter the port number at the end of the range in the

End Port

field.

SRTP Support

When you make a VoIP call using SIP, the Real-time Transport Protocol (RTP) is used to

handle voice data transfer. The Secure Real-time Transport Protocol (SRTP) is a security

profile of RTP. It is designed to provide encryption and authentication for the RTP data in

both unicast and multicast applications.

The VMG supports encryption using AES with a 128-bit key. To protect data integrity, SRTP

uses a Hash-based Message Authentication Code (HMAC) calculation with Secure Hash

Algorithm (SHA)-1 to authenticate data. HMAC SHA-1 produces a 80 or 32-bit

authentication tag that is appended to the packet.

Both the caller and callee should use the same algorithms to establish an SRTP session.

Crypto Suite

Select the encryption and authentication algorithm set used by the VMG to set up an SRTP

media session with the peer device.

Select

AES_CM_128_HMAC_SHA1_80

AES_CM_128_HMAC_SHA1_32

to enable

both data encryption and authentication for voice data.

Select

AES_CM_128_NULL

to use 128-bit data encryption but disable data authentication.

Select

NULL_CIPHER_HMAC_SHA1_80

to disable encryption but require authentication

using the default 80-bit tag.

DTMF Mode

Table 98

VoIP > SIP > SIP Service Provider > Add New Provider/Edit (continued)

LABEL

DESCRIPTION