Zyxel NBG6817 Router Manual PDF (Setup & Configuration Guide)

Page 91 / 209 Scroll up to view Page 86 - 90

Chapter 10 WAN

NBG6817 User’s Guide

91

The following table describes the labels in this screen.

Table 25

Expert Mode > WAN > Dynamic DNS

LABEL

DESCRIPTION

Dynamic DNS Setup

Dynamic DNS

Select

Enable

to use dynamic DNS. Select

Disable

to turn this feature off.

Service Provider

Select the name of your Dynamic DNS service provider.

Host Name

Enter a host names in the field provided. You can specify up to two host names in the

field separated by a comma (",").

Username

Enter your user name.

Password

Enter the password assigned to you.

Apply

Click

Apply

to save your changes back to the NBG6817.

Cancel

Click

Cancel

to begin configuring this screen afresh.

Page 92 / 209

NBG6817 User’s Guide

92

C

HAPTER

11

Wireless LAN

11.1

Overview

This chapter discusses how to configure the wireless network settings in your NBG6817. The

NBG6817 is able to function both 2.4GHz and 5GHz network at the same time. You can have

different wireless and wireless security settings for 2.4GHz and 5GHz wireless LANs. Click

Expert

Mode

> Wireless

to configure

wireless LAN 2.4G

or

wireless LAN 5G

.

See the appendices for more detailed information about wireless networks.

The following figure provides an example of a wireless network.

Figure 61

Example of a Wireless Network

The wireless network is the part in the blue circle. In this wireless network, devices

A

and

B

are

called wireless clients. The wireless clients use the access point (AP) to interact with other devices

(such as the printer) or with the Internet. Your NBG6817 is the AP.

Page 93 / 209

Chapter 11 Wireless LAN

NBG6817 User’s Guide

93

11.1.1

What You Can Do

•

Use the

Wireless

screen to enable or disable the 2.4GHz or 5GHz wireless LAN, set up wireless

security between the NBG6817 and the wireless clients, and make other basic configuration

changes (

Section 11.2 on page 97

).

•

Use the

Guest Wireless

screen to set up multiple wireless networks on your NBG6817 (

Section

11.4 on page 103

).

•

Use the

MAC Filter

screen to allow or deny wireless stations based on their MAC addresses from

connecting to the NBG6817 (

Section 11.5 on page 106

).

•

Use the

Advanced

screen to allow intra-BSS networking and set the RTS/CTS Threshold (

Section

11.6 on page 107

).

•

Use the

WPS

screen to quickly set up a wireless network with strong security, without having to

configure security settings manually (

Section 11.7 on page 108

).

•

Use the

Scheduling

screen to set the times your wireless LAN is turned on and off (

Section 11.8

on page 110

).

11.1.2

What You Should Know

Every wireless network must follow these basic guidelines.

•

Every wireless client in the same wireless network must use the same SSID.

The SSID is the name of the wireless network. It stands for Service Set IDentity.

•

If two wireless networks overlap, they should use different channels.

Like radio stations or television channels, each wireless network uses a specific channel, or

frequency, to send and receive information.

•

Every wireless client in the same wireless network must use security compatible with the AP.

Security stops unauthorized devices from using the wireless network. It can also protect the

information that is sent in the wireless network.

Wireless Security Overview

The following sections introduce different types of wireless security you can set up in the wireless

network.

SSID

Normally, the AP acts like a beacon and regularly broadcasts the SSID in the area. You can hide the

SSID instead, in which case the AP does not broadcast the SSID. In addition, you should change

the default SSID to something that is difficult to guess.

This type of security is fairly weak, however, because there are ways for unauthorized devices to

get the SSID. In addition, unauthorized devices can still see the information that is sent in the

wireless network.

MAC Address Filter

Every wireless client has a unique identification number, called a MAC address.

1

A MAC address is

usually written using twelve hexadecimal characters

2

; for example, 00A0C5000002 or

00:A0:C5:00:00:02. To get the MAC address for each wireless client, see the appropriate User’s

Guide or other documentation.

Page 94 / 209

Chapter 11 Wireless LAN

NBG6817 User’s Guide

94

You can use the MAC address filter to tell the AP which wireless clients are allowed or not allowed to

use the wireless network. If a wireless client is allowed to use the wireless network, it still has to

have the correct settings (SSID, channel, and security). If a wireless client is not allowed to use the

wireless network, it does not matter if it has the correct settings.

This type of security does not protect the information that is sent in the wireless network.

Furthermore, there are ways for unauthorized devices to get the MAC address of an authorized

wireless client. Then, they can use that MAC address to use the wireless network.

User Authentication

You can make every user log in to the wireless network before they can use it. This is called user

authentication. However, every wireless client in the wireless network has to support IEEE 802.1x

to do this.

For wireless networks, there are two typical places to store the user names and passwords for each

user.

•

In the AP: this feature is called a local user database or a local database.

•

In a RADIUS server: this is a server used in businesses more than in homes.

If your AP does not provide a local user database and if you do not have a RADIUS server, you

cannot set up user names and passwords for your users.

Unauthorized devices can still see the information that is sent in the wireless network, even if they

cannot use the wireless network. Furthermore, there are ways for unauthorized wireless users to

get a valid user name and password. Then, they can use that user name and password to use the

wireless network.

Local user databases also have an additional limitation that is explained in the next section.

Encryption

Wireless networks can use encryption to protect the information that is sent in the wireless

network. Encryption is like a secret code. If you do not know the secret code, you cannot

understand the message.

The types of encryption you can choose depend on the type of user authentication. (See

page 94

for information about this.)

1.

Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless networks. These kinds

of wireless devices might not have MAC addresses.

2.

Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F.

Table 26

Types of Encryption for Each Type of Authentication

NO AUTHENTICATION

RADIUS SERVER

Weakest

No Security

WPA

WPA-PSK

Strongest

WPA2-PSK

WPA2

Page 95 / 209

Chapter 11 Wireless LAN

NBG6817 User’s Guide

95

For example, if the wireless network has a RADIUS server, you can choose

WPA

or

WPA2

. If users

do not log in to the wireless network, you can choose no encryption,

WPA-PSK

, or

WPA2-PSK

.

Usually, you should set up the strongest encryption that every wireless client in the wireless

network supports. For example, suppose the AP does not have a local user database, and you do

not have a RADIUS server. Therefore, there is no user authentication. Suppose the wireless network

has two wireless clients. Device A only supports WPA, and device B supports WPA and WPA2.

Therefore, you should set up

WPA

or

WPA-PSK

in the wireless network.

Note: It is recommended that wireless networks use

WPA-PSK

,

WPA

, or stronger

encryption. IEEE 802.1x and WEP encryption are better than none at all, but it is

still possible for unauthorized devices to figure out the original information pretty

quickly.

Note: It is not possible to use

WPA-PSK

,

WPA

or stronger encryption with a local user

database. In this case, it is better to set up stronger encryption with no

authentication than to set up weaker encryption with the local user database.

When you select

WPA2

or

WPA2-PSK

in your NBG6817, you can also select an option (

WPA

/

WPA-PSK Compatible

) to support WPA/WPA-PSK as well. In this case, if some wireless clients

support WPA and some support WPA2, you should set up

WPA2-PSK

or

WPA2

(depending on the

type of wireless network login) and select the

WPA

/

WPA-PSK Compatible

option in the

NBG6817.

Many types of encryption use a key to protect the information in the wireless network. The longer

the key, the stronger the encryption. Every wireless client in the wireless network must have the

same key.

Guest WLAN

Guest WLAN allows you to set up a wireless network where users can access to Internet via the

NBG6817 (

Z

), but not other networks connected to the

Z

. In the following figure, a guest user can

access the Internet from the guest wireless network

A

via

Z

but not the home or company network

N

.

Note: The home or company network

N

and Guest WLAN network are independent

networks.

Note: Only Router mode supports guest WLAN.

Rate

Popular Zyxel Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share