1. Home
    2. /
  2. Manuals
    3. /
  3. Zyxel
    4. /
  4. P-870HN-51b
    5. /
  5. 29
Page 141 / 382 Scroll up to view Page 136 - 140
Chapter 7 Wireless LAN
P-870HN-51b User’s Guide
141
7.10.4.5
Limitations of WPS
WPS has some limitations of which you should be aware.
WPS works in Infrastructure networks only (where an AP and a wireless client
communicate). It does not work in Ad-Hoc networks (where there is no AP).
When you use WPS, it works between two devices only. You cannot enroll
multiple devices simultaneously, you must enroll one after the other.
For instance, if you have two enrollees and one registrar you must set up the
first enrollee (by pressing the WPS button on the registrar and the first enrollee,
for example), then check that it successfully enrolled, then set up the second
device in the same way.
WPS works only with other WPS-enabled devices. However, you can still add
non-WPS devices to a network you already set up using WPS.
WPS works by automatically issuing a randomly-generated WPA-PSK or WPA2-
PSK pre-shared key from the registrar device to the enrollee devices. Whether
the network uses WPA-PSK or WPA2-PSK depends on the device. You can check
the configuration interface of the registrar device to discover the key the
network is using (if the device supports this feature). Then, you can enter the
key into the non-WPS device and join the network as normal (the non-WPS
device must also support WPA-PSK or WPA2-PSK).
When you use the PBC method, there is a short period (from the moment you
press the button on one device to the moment you press the button on the
other device) when any WPS-enabled device could join the network. This is
because the registrar has no way of identifying the “correct” enrollee, and
cannot differentiate between your enrollee and a rogue device. This is a possible
way for a hacker to gain access to a network.
You can easily check to see if this has happened. WPS works between only two
devices simultaneously, so if another device has enrolled your device will be
unable to enroll, and will not have access to the network. If this happens, open
the access point’s configuration interface and look at the list of associated
clients (usually displayed by MAC address). It does not matter if the access
point is the WPS registrar, the enrollee, or was not involved in the WPS
handshake; a rogue device must still associate with the access point to gain
access to the network. Check the MAC addresses of your wireless clients
(usually printed on a label on the bottom of the device). If there is an unknown
MAC address you can remove it or reset the AP.
Page 142 / 382
Chapter 7 Wireless LAN
P-870HN-51b User’s Guide
142
Page 143 / 382
P-870HN-51b User’s Guide
143
C
HAPTER
8
Network Address Translation
(NAT)
8.1
Overview
This chapter discusses how to configure NAT on the Device.
Network Address Translation (NAT, RFC 1631) is the translation of the IP address
of a host in a packet, for example, the source address of an outgoing packet, used
within one network to a different IP address known within another network.
8.1.1
What You Can Do in this Chapter
• The
Port Forwarding
screen lets you configure forward incoming service
requests to the server(s) on your local network (
Section 8.3 on page 144
).
• The
Trigger Port
screen lets you change the Device's trigger port settings
(
Section 8.4 on page 147
).
• The
DMZ Host
screen lets you configure a default server (
Section 8.5 on page
152
).
• The
ALG
screen lets you enable SIP ALG on the Device (
Section 8.6 on page
152
).
8.2
What You Need to Know
The following terms and concepts may help as you read through this chapter.
NAT
In the simplest form, NAT changes the source IP address in a packet received from
a subscriber (the inside local address) to another (the inside global address)
before forwarding the packet to the WAN side. When the response comes back,
NAT translates the destination address (the inside global address) back to the
inside local address before forwarding it to the original inside host.
Page 144 / 382
Chapter 8 Network Address Translation (NAT)
P-870HN-51b User’s Guide
144
Port Forwarding
A port forwarding set is a list of inside (behind NAT on the LAN) servers, for
example, web or FTP, that you can make visible to the outside world even though
NAT makes your whole inside network appear as a single computer to the outside
world.
8.3
The Port Forwarding Screen
This summary screen provides a summary of all port forwarding rules and their
configuration. In addition, this screen allows you to create new port forwarding
rules and delete existing rules.
You may enter a single port number or a range of port numbers to be forwarded,
and the local IP address of the desired server. The port number identifies a
service; for example, web service is on port 80 and FTP on port 21. In some
cases, such as for unknown services or where one server can support more than
one service (for example both FTP and web service), it might be better to specify
a range of port numbers. You can allocate a server IP address that corresponds to
a port or a range of ports.
Note: Many residential broadband ISP accounts do not allow you to run any server
processes (such as a Web or FTP server) from your location. Your ISP may
periodically check for servers and may suspend your account if it discovers any
active services at your location. If you are unsure, refer to your ISP.
To access this screen, click
Network > NAT
. The following screen appears.
Figure 70
NAT Port Forwarding
Page 145 / 382
Chapter 8 Network Address Translation (NAT)
P-870HN-51b User’s Guide
145
The following table describes the labels in this screen.
Table 39
NAT Port Forwarding
LABEL
DESCRIPTION
Service Name
Select a pre-defined service from the drop-down list box. The pre-
defined service port number(s) and protocol will display in the
External
port
,
Internal port
and
Protocol
fields.
Otherwise, select
User Define
to open the
Rule Setup
screen where
you can manually enter the port number(s) and select the IP protocol.
WAN Interface
Select the WAN interface through which the service is forwarded.
You must have already configured a WAN connection with NAT enabled.
Server IP
Address
Enter the IP address of the server for the specified service.
External Port
Start
Enter the original destination port for the packets.
To forward only one port, enter the port number again in the
External
Port End
field.
To forward a series of ports, enter the start port number here and the
end port number in the
External Port End
field.
External Port
End
Enter the last port of the original destination port range.
To forward only one port, enter the port number in the
External Port
Start
field above and then enter it again in this field.
To forward a series of ports, enter the last port number in a series that
begins with the port number in the
External Port Start
field above.
Internal Port
Start
Enter the port number to which you want the Device to translate the
incoming port.
To forward only one port, enter the port number again in the
Internal
Port End
field.
For a range of ports, enter the first number of the range to which you
want the incoming ports translated.
Internal Port
End
Enter the last port of the translated port range.
Protocol
This is the IP protocol.
Add
Click this button to add a rule to the table below.
No.
This is the rule index number (read-only).
Active
This field indicates whether the rule is active or not.
Clear the check box to disable the rule. Select the check box to enable it.
Service Name
This field displays the name of the service used by the packets for this
virtual server.
WAN Interface
This field displays the WAN interface through which the service is
forwarded.
External Start
Port
This is the first external port number that identifies a service.
External End
Port
This is the last external port number that identifies a service.

Rate

3.5 / 5 based on 2 votes.

Popular Zyxel Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top