Product FAQ


General FAQ

  1. What is the P-334WH Internet Access Sharing Router?
  2. Will the P-334WH work with my Internet connection?
  3. What do I need to use the P-334WH?
  4. What is PPPoE?
  5. Does the P-334WH support PPPoE?
  6. How do I know I am using PPPoE?
  7. Why does my provider use PPPoE?
  8. Which Internet Applications can I use with the P-334WH?
  9. How can I configure the P-334WH?
  10. What network interface does the P-334WH support?
  11. What can we do with P-334WH?
  12. Does P-334WH support dynamic IP addressing?
  13. What is the difference between the internal IP and the real IP from my ISP?
  14. How does e-mail work through the P-334WH?
  15. What is the main difference between WinGate and the P-334WH?
  16. What is the difference between the 'Standard' and 'RoadRunner' service?
  17. Is it possible to access a server running behind SUA from the outside Internet? If possible, how?
  18. What DHCP capability does the P-334WH support?
  19. What to do when P-334WH response nothing via Console?
  20. What network interface does the new P-334WH series support?

Advanced FAQ

  1. How does the P-334WH support TFTP?
  2. Can the P-334WH support TFTP over WAN?
  3. How can I upload data to outside Internet over the one-way cable?
  4. How fast can the data go?
  5. My P-334WH can not get an IP address from the ISP to connect to the Internet, what can I do?
  6. How do I make VPN client x work through my P-334WH?
  7. What is Multi-NAT?
  8. When do I need Multi-NAT?
  9. What IP/Port mapping does Multi-NAT support?
  10. What is the difference between SUA and Multi-NAT?
  11. What is BOOTP/DHCP?
  12. What is DDNS?
  13. When do I need DDNS?
  14. What DDNS servers does the P-334WH support?
  15. What is DDNS wildcard?
  16. Does the P-334WH support DDNS wildcard?
  17. Can the P-334WH's SUA handle IPsec packets sent by the IPsec gateway?
  18. How do I setup my P-334WH for routing IPsec packets over SUA?
  19. Why can't I use video conferencing with MSN 4.6?
  20. How can I access internal server via public IP address assigned on WAN?
  21. Should I create any firewall rule to allow incoming traffic when NAT is used?
  22. When playing online games, the game client cannot connect to the game server, what should I do?

1. What is the P-334WH Internet Access Sharing Router?

P-334WH 802.11a/g wireless game router, designed for gamers, integrated with wireless LAN, firewall function and bandwidth management. By integrating NAT, ZyXEL’s P-334WH provides not only the ease of installation and Internet access via wireless, but also the most completed solution for gamers to have more fun with online gaming.

 

 It fulfills a range of application environments, from small and medium businesses, SOHO, or Telecommuters, to home user or education applications. The P-334WH series provides a robust Firewall to protect your network. P-334WH's design helps users to save expenses, minimize maintenance, and simultaneously provide a high quality networking environment.

The P-334WH series is a robust solution complete with everything needed for providing Internet access to multiple workstations through your cable or ADSL modem. The router equipped with 1 auto-MDI/MDIX 10/100Mbps Ethernet WAN port and 4 auto-MDI/MDIX 10/100Mbps Etherent LAN port.

Virtually all-popular applications over Internet, such as Web, E-Mail, FTP, Telnet, Gopher, are supported. 

2. Will the P-334WH work with my Internet connection?

The P-334WH is designed to be compatible with cable and ADSL modems. Most external Cable and ADSL modems use an Ethernet port to connect to your computer so the P-334WH is placed in the line between the computer and the External modem. As long as your Internet Access device has an Ethernet port, you can use the P-334WH. Besides, if your ISP supports PPPoE you can also use the P-334WH, because PPPoE had been supported in the P-334WH.

3. What do I need to use the P-334WH?

You need a ADSL modem or cable modem with an Ethernet port to use the P-334WH. The P-334WH has two Ethernet ports: LAN port and WAN port. You should connect the computer to the LAN port and connect the external modem to the WAN port. If the ISP uses PPPoE or RoadRunner Authentication you need the user account to enter in the P-334WH.

4. What is PPPoE?

PPPoE stands for Point-to-Point Protocol Over Ethernet that is an IETF draft standard specifying how a computer interacts with a broadband modem (i.e. xDSL, cable, wireless, etc.) to achieve access to the high-speed data networks via a familiar PPP dialer such as 'Dial-Up Networking' user interface. PPPoE supports a broad range of existing applications and service including authentication, accounting, secure access and configuration management. There are some service providers running of PPPoE today. Before configuring PPPoE in the P-334WH, please make sure your ISP supports PPPoE.

5. Does the P-334WH support PPPoE?

Yes. The P-334WH supports PPPoE.

6. How do I know I am using PPPoE?

PPPoE requires a user account to login to the provider's server. If you need to configure a user name and password on your computer to connect to the ISP you are probably using PPPoE. If you are simply connected to the Internet when you turn on your computer, you probably are not. You can also check your ISP or the information sheet given by the ISP. Please choose PPPoE as the encapsulation type in the P-334WH if the ISP uses PPPoE.

7. Why does my provider use PPPoE?

PPPoE emulates a familiar Dial-Up connection. It allows your ISP to provide services using their existing network configuration over the broadband connections. Besides, PPPoE supports a broad range of existing applications and service including authentication, accounting, secure access and configuration management.

8. Which Internet Applications can I use with the P-334WH?

Most common applications includes MIRC, PPTP, ICQ, Cu- SeeMe, NetMeeting, IP/TV, RealPlayer, VDOLive, Quake, Quake11, Quake111, StarCraft, & Quick Time.

9. How can I configure the P-334WH?

  • Using Console connection-Menu driven user interface for easy local management
  • Telnet remote management- Menu driven user interface for easy remote management
  • Web broswer- web server embedded for easy configurations

10. What network interface does the P-334WH support?

The P-334WH supports 10/100M Ethernet to connect to the computer and 10M Ethernet to connect to the external cable or ADSL modem..

11. What can we do with P-334WH?

Browse the World Wide Web (WWW), send and receive individual e-mail, and download software. These are just a few of many benefits you can enjoy when you put the whole office on-line with the P-334WH Internet Access Sharing Router.

12. Does P-334WH support dynamic IP addressing?

The P-334WH supports either a static or dynamic IP address from ISP.

13. What is the difference between the internal IP and the real IP from my ISP?

Internal IPs are sometimes referred to as virtual IPs. They are a group of up to 255 IPs that are used and recognized internally on the local area network. They are not intended to be recognized on the Internet. The real IP from ISP, instead, can be recognized or pinged by another real IP. The P-334WH Internet Access Sharing Router works like an intelligent router that routes between the virtual IP and the real IP.

14. How does e-mail work through the P-334WH?

It depends on what kind of IP you have: Static or Dynamic. If your company has a domain name, it means that you have a static IP address. Suppose your company's e-mail address is xxx@mycompany.com. Joe and Debbie will be able to send e-mail through P-334WH Internet Access Sharing Router using jane@mycompany.com and debbie@mycompany.com respectively as their e-mail addresses. They will be able to retrieve their individual private and secure e-mail, if they have been assigned the proper access right.

If your company does not have a domain name, it means that your ISP provides you with a dynamic IP address.

Suppose your company's e-mail address is mycompany@ispname.com. Jane and John will be able to send e-mail through P-334WH Internet Access Sharing Router using "jane"<mycompany@ispname.com> and "john"<mycompany@ispname.com> respectively as their e-mail addresses. Again, they will be able to retrieve their individual private and secured e-mail, if they have been assigned the proper access right.

15. What is the main difference between WinGate and the P-334WH?

  1. WinGate is a software only solution that needs to be installed in a dedicated Windows 95 PC based server. The total cost and complexity are many times over ATI’s product. The P-334WH Internet Access Sharing Router is a plug-n-play internet appliance.
  2. WinGate requires all TCP/IP applications such as Netscape Navigator to be reconfigured to have the dedicated server as a proxy. The P-334WH Internet Access Sharing Router does not require users to reconfigure any software at all.
  3. The P-334WH Internet Access Sharing Router uses Network Address Translation (NAT) scheme, which supports all TCP/UDP ports. WinGate only supports limited number of ports, such as http(80), ftp(21), telnet(23), and pop3(110).
  4. WinGate works as a proxy, while the P-334WH Internet Access Sharing Router works as a gateway. The gateway approach is more efficient than the proxy during the processing of TCP/IP commands. As a result, the P-334WH Internet Access Sharing Router achieves 10% to 20% higher performance than that of software solutions such as WinGate.
  5. The P-334WH Internet Access Sharing Router uses Solid State Disk technology. There are no moving parts in the product. It is much more reliable than any hard disk based system, such as the one for WinGate.

16. What is the difference between the 'Standard' and 'RoadRunner' service? 

The US Road Runner service requires the user to "log in" to the service before it can send any packets to the outside network. This is apparently implemented in the TAS (Toshiba Authentication System) with a packet filtering firewall in the upstream direction. Before login, one can send ICMP packets (e.g., ping) to the outside Internet, but nearly all other upstream TCP and UDP packets are blocked. The user can only speak to the local DNS/login server. Downstream packets do not appear to be filtered or blocked at any time. 

While Standard service means the cable services which have no login requirement. P-334WH supports both Road Runner & Standard services in menu 4 for connecting to cable ISPs. 
 

17. Is it possible to access a server running behind SUA from the outside Internet? If possible, how?

Yes, it is possible because P-334WH delivers the packet to the local server by looking up to a SUA server table. Therefore, to make a local server accessible to the outside users, the port number and the inside IP address of the server must be configured in Menu 15 - SUA Server Setup.

18. What DHCP capability does the P-334WH support?

The P-334WH supports DHCP client on the WAN port and DHCP server on the LAN port. The P-334WH's DHCP client allows it to get the Internet IP address from ISP automatically. The P-334WH's DHCP server allows it to automatically assign IP and DNS addresses to the clients on the local LAN.   

19. What to do when when P-334WH response nothing via console ?

When P-334WH responses nothing on your terminal (e.g. embedded HyperTerminal), please try following methods 

1. Make sure the CON/AUX (which is close to the power jet) switch of P-334WH is set to CON, not AUX.

2. Please check whether RS-232 cable is well connected between P-334WH and your computer.

3. Please try any baud rate between 9600 bps to 115200 bps in case the baud has been changed.

20. What network interface does the new P-334WH series support?

The new P-334WH series support auto MDX/MDIX 10/100M Ethernet LAN/WAN port to connect to the computer on LAN and 10/100M Ethernet to connect to the external cable or ADSL modem on WAN.


Advanced FAQ

1. How does the P-334WH support TFTP?

In addition to the direct console port connection, the P-334WH supports the uploading/download of the firmware and  configuration file using TFTP (Trivial File Transfer Protocol) over LAN.

2. Can the P-334WH support TFTP over WAN? 

Although TFTP should work over WAN as well, it is not recommended because of the potential data corruption problems.

3. How can I upload data to outside Internet over the one-way cable? 

A workaround is to use an alternate path for your upstream path, such as a dialup connection to an Internet service provider. So, if you can find another way to get your upstream packets to the Internet you will still be able to receive downstream packets via P-334WH.

4. How fast can the data go? 

The speed of the cable modem is only one part of the equation. There are a combination of factors starting with how fast your PC can handle IP traffic, then how fast your PC to cable modem interface is, then how fast the cable modem system runs and how much congestion there is on the cable network, then how big a pipe there is at the head end to the rest of the Internet.

Different models of PCs and Macs are able to handle IP traffic at varying speeds. Very few can handle it at 30 Mbps. 

Ethernet (10baseT) is the most popular cable modem interface standard for the PC. This automatically limits the speed of the connection to under 10 Mbps even if the cable modem can receive at 30 Mbps. Most Local Area Networks use 10baseT Ethernet, and although they are 10 Mbps networks, it takes a LOT longer than one second to transmit 10 megabits (or 1.25 megabytes) of data from one terminal to another.

Cable modems on the same node share bandwidth, which means that congestion is created when too many people are on simultaneously. One user downloading large graphic or video files can use a significant portion of shared bandwidth, slowing down access for other users in the same neighborhood.

Most independent Internet Service Providers today connect to the Internet using a single 1.5 Mbps "T1" telephone line. All of their subscribers share that 1.5 Mbps pipeline. Cable head-ends connecting to the Internet backbone using a T1 limit their subscribers to an absolute maximum of 1.5 Mbps. 

To create the appearance of faster network access, service companies plan to store or "cache" frequently requested web sites and Usenet newsgroups on a server at their head-end. Storing data locally will remove some of the bottleneck at the backbone connection. 

How fast can they go? In a perfect world (or lab) they can receive data at speeds up to 30 Mbps. In the real world, with cost conscious cable companies running the systems, the speed will probably fall to about 1.5 Mbps.

5. How do I make VPN client x work through my P-334WH?

The only VPN known for certain to work through the P-334WH is Microsoft PPTP.

6. What is Multi-NAT?

NAT (Network Address Translation-NAT RFC 1631) is the translation of an Internet Protocol address used within one network to a different IP address known within another network. One network is designated the inside network and the other is the outside. Typically, a company maps its local inside network addresses to one or more global outside IP addresses and "unmaps" the global IP addresses on incoming packets back into local IP addresses. The IP addresses for the NAT can be either fixed or dynamically assigned by the ISP. In addition, you can designate servers, e.g., a web server and a telnet server, on your local network and make them accessible to the outside world. If you do not define any servers, NAT offers the additional benefit of firewall protection. In such case, all incoming connections to your network will be filtered out by the P-334WH, thus preventing intruders from probing your network.

The SUA feature that the P-334WH supports previously operates by mapping the private IP addresses to a global IP address. It is only one subset of the NAT. The P-334WH with ZyNOS V3.00 supports the most of the features of the NAT based on RFC 1631, and we call this feature as 'Multi-NAT'. For more information on IP address translation, please refer to RFC 1631, The IP Network Address Translator (NAT).

7. When do I need Multi-NAT?

  • Make local server accessible from outside Internet

When NAT is enabled the local computers are not accessible from outside. You can use Multi-NAT to make an internal server accessible from outside.

  • Support Non-NAT Friendly Applications

Some servers providing Internet applications such as some mIRC servers do not allow users to login using the same IP address. Thus, users on the same network can not login to the same server simultaneously. In this case it is better to use Many-to-Many No Overload or One-to-One NAT mapping types, thus each user login to the server using a unique global IP address.

8. What is BOOTP/DHCP?

BOOTP stands for Bootstrap Protocol. DHCP stands for Dynamic Host Configuration Protocol. Both are mechanisms to dynamically assign an IP address for a TCP/IP client by the server. In this case, the P-334WH Internet Access Sharing Router is a BOOTP/DHCP server. Win95 and WinNT clients use DHCP to request an internal IP address, while WFW and WinSock clients use BOOTP. TCP/IP clients may specify their own IP or utilize BOOTP/DHCP to request an IP address.


9. What is DDNS?

The Dynamic DNS service allows you to alias a dynamic IP address to a static hostname, allowing your computer to be more easily accessed from various locations on the Internet. To use the service, you must first apply an account from several free Web servers such as WWW.DYNDNS.ORG.

Without DDNS, we always tell the users to use the WAN IP of the P-334WH to reach our internal server. It is inconvenient for the users if this IP is dynamic. With DDNS supported by the P-334WH, you apply a DNS name (e.g., www.zyxel.com.tw) for your server (e.g., Web server) from a DDNS server. The outside users can always access the web server using the www.zyxel.com.tw regardless of the WAN IP of the P-334WH.

When the ISP assigns the P-334WH a new IP, the P-334WH updates this IP to DDNS server so that the server can update its IP-to-DNS entry. Once the IP-to-DNS table in the DDNS server is updated, the DNS name for your web server (i.e., www.zyxel.com.tw) is still usable.

10. When do I need DDNS service?

When you want your internal server to be accessed by using DNS name rather than using the dynamic IP address we can use the DDNS service. The DDNS server allows to alias a dynamic IP address to a static hostname. Whenever the ISP assigns you a new IP, the P-334WH sends this IP to the DDNS server for its updates.

11. What DDNS servers does the P-334WH support?

The DDNS servers the P-334WH supports currently is WWW.DYNDNS.ORG where you apply the DNS from and update the WAN IP to.

12. What is DDNS wildcard?

Some DDNS servers support the wildcard feature which allows the hostname, *.yourhost.dyndns.org, to be aliased to the same IP address as yourhost.dyndns.org. This feature is useful when there are multiple servers inside and you want users to be able to use things such as www.yourhost.dyndns.org and still reach your hostname.

13. Does the P-334WH support DDNS wildcard?

Yes, the P-334WH supports DDNS wildcard that WWW.DynDNS.ORG supports. When using wildcard, you simply enter yourhost.dyndns.org in the Host field in Menu 1.1.

14. Can the P-334WH SUA handle IPsec packets sent by the IPsec gateway?

Yes, the P-334WH's SUA can handle IPsec ESP Tunneling mode. We know when packets go through SUA, SUA will change the source IP address and source port for the host. To pass IPsec packets, SUA must understand the ESP packet with protocol number 50, replace the source IP address of the IPsec gateway to the router's WAN IP address. However, SUA should not change the source port of the UDP packets which are used for key managements. Because the remote gateway checks this source port during connections, the port thus is not allowed to be changed. 

15. How do I setup my P-334WH for routing IPsec packets over SUA?

For outgoing IPsec tunnels, no extra setting is required. For forwarding the inbound IPsec ESP tunnel, A 'Default' server set in menu 15 is required. It is because SUA makes your LAN appear as a single machine to the outside world. LAN users are invisible to outside users. So, to make an internal server for outside access, we must specify the service port and the LAN IP of this server in Menu 15. Thus SUA is able to forward the incoming packets to the requested service behind SUA and the outside users access the server using the P-334WH's WAN IP address. So, we have to configure the internal IPsec as a default server (unspecified service port) in menu 15 when it acts a server gateway.

16. Why can't I use video conferencing with MSN?

This is because MSN require support of UPnP (Universal plug n’ play). To be able to use MSN through P-334WH, you have to enable the UPnP feature under Advanced-> UPNP and Check the enable UPnP check box and press "Apply button" to make it active.

17. How can I access internal server via public IP address assigned on WAN?

You should be able to access your internal server via it's internal IP address when SUA is on, to access your internal server via the public IP address assigned on WAN, you can enter CI command "ip nat loopback on" , To make the configuration permanently, you need to add this command to the system boot file (autoexec.net).  You can refer to Product Support Note section on www.zyxel.com for configuration details.

21. Should I create any firewall rule by myself to allow incoming traffic when NAT is used ?

Built-in firewall function is supported in P-334WH. When a session is initiated from a user located in P-334WH's LAN network, incoming traffic will be allowed by Stateful Inspection mechanism. However, if the session is initiated from WAN side and there is no related access rule for the incoming traffic, the traffic will be blocked by P-334WH. To help users get rid of the problem and configuration tasks, P-334WH will create firewall policy automatically to allow incoming traffic if NAT is enabled in the P-334WHs. Following  NAT types ,including: Port Mapping, One-to-one, Many one-to-one, Server Type are supported with automatic ACL rule creation function for incoming traffic. Therefore, users don't have to configure any access rule by themselves to support FTP, WEB, TELNET ...etc services.

22. When playing online games, the game client cannot connect to the game server, what should I do?

Problem:

When playing online games, the game client cannot connect to the game server.


Network Scenario:

Game Client <-> ZyXEL Sharing Gateway <-> ADSL modem <-> Internet <-> Game Server

Solution: 

Do the following to solve this problem.

1.      Disable the firewall first to see if the problem can be resolved.  Since firewall may block certain traffic (used by some gaming programs) originated directly from the WAN to the LAN. If so, you must create rules to forward traffic from the game port(s) to LAN clients.

2.      Check forums for your online game program to find out what port need to be forwarded.

3.      Ensure those ports are properly configured to forward to LAN clients.

 The following table lists some popular game ports.

 

Aliens vs. Predator

INPUT UDP 80
INPUT UDP 2300 - 2400
INPUT UDP 8000 – 8999

Anarchy Online (BETA)

INPUT TCP 7013
INPUT TCP 7500 - 7501
INPUT UDP 7013
INPUT UDP 7500 – 7501

Asheron's Call [support page] [mapping info]

INPUT UDP 9000, 9001, 9004, 9005, 9012, 9013

Battle zone II

INPUT TCP 17770 – 17772

Black and White

INPUT TCP 2611 - 2612
INPUT TCP 6667
INPUT UDP 6500
INPUT UDP 27900

Blizzard Battlenet

INPUT TCP 4000
INPUT TCP 6112
INPUT UDP 6112

Bungie.net, Myth, Myth II Server

INPUT TCP 3453

C&amp;C Generals

INPUT TCP 6667
INPUT TCP 29900
INPUT TCP 29920
INPUT UDP 4321
INPUT UDP 27900

Dark Reign 2

INPUT TCP 26214
INPUT UDP 26214

Delta Force 2

INPUT UDP 3568
INPUT UDP 3569

Elite Force

INPUT UDP 26000
INPUT UDP 27500
INPUT UDP 27910
INPUT UDP 27960

Everquest

INPUT TCP 1024 - 7000
INPUT UDP 1024 – 6000

F-16, Mig 29

INPUT UDP 3862
INPUT UDP 3863

F-22 Lightning 3

INPUT UDP 3875
INPUT UDP 4533
INPUT UDP 4534
INPUT UDP 4660 - 4670 (for VON)

F-22 Raptor

INPUT UDP 3874, 3875

Fighter Ace II

INPUT TCP 50000 - 50100
INPUT UDP 50000 - 50100
for DX play also open these ports:

INPUT TCP 47624
INPUT TCP 2300 - 2400
INPUT UDP 2300 – 2400

Half Life

INPUT UDP 6003
INPUT UDP 7002
INPUT UDP 27010
INPUT UDP 27015
INPUT UDP 27025

Half Life Server

INPUT UDP 27015

Heretic II Server

INPUT TCP 28910

Hexen II

INPUT UDP 26900

KALI

INPUT UDP 2213
INPUT UDP 6666

Kohan Immortal Sovereigns

INPUT UDP 3855
INPUT UDP 17437
INPUT TCP 3855
INPUT TCP 17437

Motorhead server

INPUT UDP 16000
INPUT TCP 16000
INPUT TCP 16010 - 16030
INPUT UDP 16010 - 16030

MSN Game Zone

INPUT TCP 6667
INPUT TCP 28800 - 29000
for DX play also open these ports:
INPUT TCP 47624
INPUT TCP 2300 - 2400
INPUT UDP 2300 – 2400

Need for Speed – Porche

INPUT UDP 9442

Need for Speed 3- Hot Pursuit

INPUT TCP 1030

Outlaws

INPUT UDP 5310
INPUT TCP 5310

Quake2 (Client and Server)

INPUT UDP 27910

Rainbow Six (Client and Server)

INPUT TCP 2346

Rogue Spear

INPUT TCP 2346

Soldier of Fortune

INPUT UDP 28910 – 28915

Starcraft

INPUT UDP 6112

Starfleet Command

INPUT TCP 2300 - 2400
INPUT TCP 47624
INPUT UDP 2300 - 2400
INPUT UDP 47624

SWAT3

INPUT TCP 16639
INPUT UDP 16638

Ultima

INPUT TCP 5001 - 5010
INPUT TCP 7775 - 7777
INPUT TCP 8888
INPUT TCP 8800 - 8900
INPUT TCP 9999
INPUT TCP 7875

Warcraft Secure VPN DMZ

INPUT TCP 4000
INPUT TCP 6112 - 6119
INPUT UDP 4000
INPUT UDP 6112 - 6119

 


All contents copyright © 2006 ZyXEL Communications Corporation.