Prestige 202H
ISDN Router
User’s Guide
Version 3.40
September 2003
Prestige 202H User’s Guide
Copyright
Copyright © 2003 by ZyXEL Communications Corporation.
The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a
retrieval system, translated into any language, or transmitted in any form or by any means, electronic,
mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written
permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or software
described herein. Neither does it convey any license under its patent rights nor the patent rights of others.
ZyXEL further reserves the right to make changes in any products described herein without notice.
This publication is subject to change without notice.
Trademarks
Trademarks mentioned in this publication are used for identification purposes only and may be properties of
their respective owners.
ii Copyright
Prestige 202H User’s Guide
Federal Communications Commission (FCC)
Interference Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:
This device may not cause harmful interference.
This device must accept any interference received, including interference that may cause undesired
operations.
This equipment has been tested and found to comply with the limits for a CLASS B digital device pursuant to
Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful
interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency
energy, and if not installed and used in accordance with the instructions, may cause harmful interference to
radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be determined by
turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of
the following measures:
Reorient or relocate the receiving antenna.
Increase the separation between the equipment and the receiver.
Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
Consult the dealer or an experienced radio/TV technician for help.
Notice 1
Changes or modifications not expressly approved by the party responsible for compliance could void the
user's authority to operate the equipment.
Certifications
Refer to the product page at www.zyxel.com.
FCC iii
Prestige 202H User’s Guide
Information for Canadian Users
The Industry Canada label identifies certified equipment. This certification means that the equipment meets
certain telecommunications network protective, operation, and safety requirements. The Industry Canada
does not guarantee that the equipment will operate to a user's satisfaction.
Before installing this equipment, users should ensure that it is permissible to be connected to the facilities of
the local telecommunications company. The equipment must also be installed using an acceptable method of
connection. In some cases, the company's inside wiring associated with a single line individual service may
be extended by means of a certified connector assembly. The customer should be aware that the compliance
with the above conditions may not prevent degradation of service in some situations.
Repairs to certified equipment should be made by an authorized Canadian maintenance facility designated by
the supplier. Any repairs or alterations made by the user to this equipment, or equipment malfunctions, may
give the telecommunications company cause to request the user to disconnect the equipment.
For their own protection, users should ensure that the electrical ground connections of the power utility,
telephone lines, and internal metallic water pipe system, if present, are connected together. This precaution
may be particularly important in rural areas.
Caution
Users should not attempt to make such connections themselves, but should contact the appropriate electrical
inspection authority, or electrician, as appropriate.
Note
This digital apparatus does not exceed the class A limits for radio noise emissions from digital apparatus set
out in the radio interference regulations of Industry Canada.
iv Information for Canadian Users
Prestige 202H User’s Guide
ZyXEL Limited Warranty
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or
workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon
proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials,
ZyXEL will, at its discretion, repair or replace the defective products or components without charge for
either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to
proper operating condition. Any replacement will consist of a new or re-manufactured functionally
equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not
apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected to
abnormal working conditions.
NOTE
Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This
warranty is in lieu of all other warranties, express or implied, including any implied warranty of
merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect
or consequential damages of any kind of character to the purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material
Authorization number (RMA). Products must be returned Postage Prepaid. It is recommended that the unit be
insured when shipped. Any returned products without proof of purchase or those with an out-dated warranty
will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts and labor.
All repaired or replaced products will be shipped by ZyXEL to the corresponding return address, Postage
Paid. This warranty gives you specific legal rights, and you may also have other rights that vary from country
to country.
Online Registration
Register online registration at www.zyxel.com for free future product updates and information.
Warranty v
Prestige 202H User’s Guide
Customer Support
When you contact your customer support representative please have the following information ready:
Please have the following information ready when you contact customer support.
• Product model and serial number.
• Information in Menu 24.2.1 – System Information.
• Warranty Information.
• Date that you received your device.
• Brief description of the problem and the steps you took to solve it.
LOCATION
WORLDWIDE
AMERICA
METHOD
support@zyxel.com.tw
sales@zyxel.com.tw
support@zyxel.com +1-714-632-0882
sales@zyxel.com
support@zyxel.dk +45-3955-0700 www.zyxel.dk SCANDINAVIA
sales@zyxel.dk
support@zyxel.de +49-2405-6909-0 www.zyxel.de GERMANY
sales@zyxel.de
E-MAIL
SUPPORT/SALES
+886-3-578-2439 ftp.europe.zyxel.com
+1-714-632-0858 ftp.zyxel.com
+45-3955-0707 ftp.zyxel.dk
+49-2405-6909-99
TELEPHONE/FAX WEB SITE/ FTP SITE REGULAR MAIL
+886-3-578-3942 www.zyxel.com
www.europe.zyxel.com
www.zyxel.com NORTH
800-255-4101
ZyXEL Communications Corp.,
6 Innovation Road II, ScienceBased Industrial Park, Hsinchu
300, Taiwan
ZyXEL Communications Inc.,
1650 Miraloma Avenue,
Placentia, CA 92870, U.S.A.
ZyXEL Communications A/S,
Columbusvej 5, 2860 Soeborg,
Denmark
ZyXEL Deutschland GmbH.
Adenauerstr. 20/A2 D-52146
Wuerselen, Germany
vi Customer Support
Prestige 202H User’s Guide
Table of Contents
Copyright......................................................................................................................................................ii
Federal Communications Commission (FCC) Interference Statement................................................. iii
Information for Canadian Users ...............................................................................................................iv
ZyXEL Limited Warranty ..........................................................................................................................v
Customer Support ......................................................................................................................................vi
List of Figures ...........................................................................................................................................xiv
List of Tables .............................................................................................................................................xxi
Preface ......................................................................................................................................................xxv
Getting Started ................................................................................................................................................. I
Chapter 1 Getting to Know Your Prestige............................................................................................. 1-1
1.1 Introducing the Prestige 202H.................................................................................................... 1-1
1.2 Features ...................................................................................................................................... 1-1
1.3 Internet Access With the Prestige .............................................................................................. 1-4
Chapter 2 Hardware Installation ........................................................................................................... 2-1
2.1 Front Panel ................................................................................................................................. 2-1
2.2 Rear Panel and Connections....................................................................................................... 2-2
2.3 Turn On Your Router ................................................................................................................. 2-3
Chapter 3 Introducing the SMT............................................................................................................. 3-1
3.1 Introduction to the SMT............................................................................................................. 3-1
3.2 Accessing the Prestige via the Console Port .............................................................................. 3-1
3.3 Initial Screen .............................................................................................................................. 3-1
3.4 Navigating the SMT Interface....................................................................................................3-2
3.5 SMT Menu Overview................................................................................................................. 3-4
3.6 Changing the System Password ................................................................................................. 3-5
3.7 Resetting the Prestige................................................................................................................. 3-6
Table of Contents vii
Prestige 202H User’s Guide
Chapter 4 SMT Menu 1 General Setup.................................................................................................. 4-1
4.1 General Setup Overview .............................................................................................................4-1
4.2 Configuring General Setup .........................................................................................................4-1
4.3 Dynamic DNS.............................................................................................................................4-2
4.4 Configuring Dynamic DNS ........................................................................................................4-3
Chapter 5 ISDN Setup..............................................................................................................................5-1
5.1 ISDN Setup Overview ................................................................................................................5-1
5.2 ISDN Advanced Setup Menus ....................................................................................................5-2
5.3 NetCAPI .....................................................................................................................................5-5
Chapter 6 Ethernet Setup........................................................................................................................6-1
6.1 Ethernet Setup.............................................................................................................................6-1
6.2 Ethernet TCP/IP and DHCP Server ............................................................................................6-2
6.3 Configuring TCP/IP Ethernet and DHCP ...................................................................................6-5
6.4 IP Alias .......................................................................................................................................6-6
6.5 IP Alias Setup .............................................................................................................................6-7
Chapter 7 Internet Access Setup .............................................................................................................7-1
7.1 Internet Access Overview ...........................................................................................................7-1
7.2 Internet Access Setup..................................................................................................................7-2
Advanced Applications................................................................................................................................... II
Chapter 8 Remote Node Configuration..................................................................................................8-1
8.1 Remote Node Overview..............................................................................................................8-1
8.2 Remote Node Setup ....................................................................................................................8-1
8.3 Outgoing Authentication Protocol ..............................................................................................8-6
8.4 PPP Multilink..............................................................................................................................8-6
8.5 Bandwidth on Demand ...............................................................................................................8-6
8.6 Editing PPP Options ...................................................................................................................8-7
8.7 LAN-to-LAN Application ..........................................................................................................8-9
viii Table of Contents
Prestige 202H User’s Guide
8.8 Configuring Network Layer Options ....................................................................................... 8-11
8.9 Configuring Filter..................................................................................................................... 8-14
Chapter 9 Static Route Setup.................................................................................................................. 9-1
9.1 Static Route Overview ............................................................................................................... 9-1
Chapter 10 Dial-in Setup....................................................................................................................... 10-1
10.1 Dial-in Users Overview........................................................................................................ 10-1
10.2 Default Dial-in User Setup................................................................................................... 10-1
10.3 Setting Up Default Dial-in ................................................................................................... 10-2
10.4 Callback Overview...............................................................................................................10-5
10.5 Dial-In User Setup................................................................................................................ 10-5
10.6 Telecommuting Application With Windows Example ........................................................ 10-7
10.7 LAN-to-LAN Server Application Example ....................................................................... 10-10
Chapter 11 Network Address Translation (NAT).................................................................................11-1
11.1 NAT Overview..................................................................................................................... 11-1
11.2 Applying NAT ..................................................................................................................... 11-6
11.3 NAT Setup ........................................................................................................................... 11-7
11.4 NAT Server Sets – Port Forwarding .................................................................................. 11-12
11.5 General NAT Examples ..................................................................................................... 11-15
Firewall .......................................................................................................................................................... III
Chapter 12 Firewalls ............................................................................................................................. 12-1
12.1 Firewall Overview................................................................................................................ 12-1
12.2 Types of Firewalls................................................................................................................ 12-1
12.3 Introduction to ZyXEL’s Firewall........................................................................................ 12-2
12.4 Denial of Service.................................................................................................................. 12-3
12.5 Stateful Inspection................................................................................................................ 12-7
12.6 Guidelines For Enhancing Security With Your Firewall ................................................... 12-11
12.7 Packet Filtering Vs Firewall............................................................................................... 12-12
Table of Contents ix
Prestige 202H User’s Guide
Chapter 13 Introducing the Prestige Firewall......................................................................................13-1
13.1 Access Methods ....................................................................................................................13-1
13.2 Using Prestige SMT Menus ..................................................................................................13-1
Chapter 14 Configuring Firewall with the Web Configurator ...........................................................14-1
14.1 Web Configurator Login and Main Menu Screens...............................................................14-1
14.2 Enabling the Firewall............................................................................................................14-3
14.3 E-mail ...................................................................................................................................14-3
14.4 Attack Alert...........................................................................................................................14-7
Chapter 15 Creating Custom Rules ......................................................................................................15-1
15.1 Rules Overview.....................................................................................................................15-1
15.2 Rule Logic Overview............................................................................................................15-1
15.3 Connection Direction............................................................................................................15-3
15.4 Rule Summary ......................................................................................................................15-4
15.5 Predefined Services...............................................................................................................15-6
15.6 Timeout............................................................................................................................... 15-12
Chapter 16 Customized Services...........................................................................................................16-1
16.1 Customized Services Overview ............................................................................................16-1
16.2 Creating/Editing A Customized Service ...............................................................................16-2
16.3 Example Firewall Rule .........................................................................................................16-3
Chapter 17 Firewall Logs.......................................................................................................................17-1
17.1 Log Screen ............................................................................................................................ 17-1
Advanced Management.................................................................................................................................IV
Chapter 18 Filter Configuration ...........................................................................................................18-1
18.1 Filtering Overview................................................................................................................18-1
18.2 Configuring a Filter Set ........................................................................................................18-4
18.3 Configuring a Filter Rule ......................................................................................................18-9
18.4 Filter Types and NAT ......................................................................................................... 18-16
x Table of Contents
Prestige 202H User’s Guide
18.5 Example Filter.................................................................................................................... 18-16
18.6 Applying Filters and Factory Defaults ............................................................................... 18-19
Chapter 19 SNMP Configuration ......................................................................................................... 19-1
19.1 SNMP Overview .................................................................................................................. 19-1
19.2 Supported MIBs ................................................................................................................... 19-2
19.3 SNMP Configuration............................................................................................................ 19-2
19.4 SNMP Traps......................................................................................................................... 19-3
Chapter 20 System Information and Diagnosis................................................................................... 20-1
20.1 System Status Overview....................................................................................................... 20-1
20.2 System Status ....................................................................................................................... 20-1
20.3 System Information and Console Port Speed....................................................................... 20-3
20.4 Log and Trace ...................................................................................................................... 20-5
20.5 Accounting Server................................................................................................................ 20-9
20.6 Call Triggering Packet ....................................................................................................... 20-10
20.7 Diagnostic .......................................................................................................................... 20-11
Chapter 21 Firmware and Configuration File Maintenance ............................................................. 21-1
21.1 Filename Conventions.......................................................................................................... 21-1
21.2 Backup Configuration .......................................................................................................... 21-2
21.3 Restore Configuration .......................................................................................................... 21-7
21.4 Uploading Firmware and Configuration Files.................................................................... 21-10
Chapter 22 SMT Menus 24.8 to 24.10.................................................................................................. 22-1
22.1 Command Interpreter Mode................................................................................................. 22-1
22.2 Call Control Support ............................................................................................................22-2
22.3 Time and Date...................................................................................................................... 22-6
Chapter 23 Call Scheduling .................................................................................................................. 23-1
23.1 Call Scheduling Overview ................................................................................................... 23-1
23.2 Configuring Call Scheduling................................................................................................ 23-1
Table of Contents xi
Prestige 202H User’s Guide
23.3 Applying Schedule Sets ........................................................................................................ 23-3
Chapter 24 Remote Management .........................................................................................................24-1
24.1 Remote Management Overview............................................................................................24-1
24.2 Telnet ....................................................................................................................................24-2
24.3 FTP .......................................................................................................................................24-2
24.4 Web....................................................................................................................................... 24-2
24.5 Configuring Remote Management........................................................................................24-2
Chapter 25 Introduction to VPN/IPSec................................................................................................25-1
25.1 VPN Overview......................................................................................................................25-1
25.2 IPSec Architecture ................................................................................................................25-3
25.3 Encapsulation........................................................................................................................ 25-5
25.4 IPSec and NAT .....................................................................................................................25-6
Chapter 26 VPN/IPSec Setup................................................................................................................26-1
26.1 VPN/IPSec Overview ...........................................................................................................26-1
26.2 IPSec Algorithms..................................................................................................................26-2
26.3 My IP Address ......................................................................................................................26-3
26.4 Secure Gateway Address ......................................................................................................26-3
26.5 IPSec Summary.....................................................................................................................26-4
26.6 Keep Alive ............................................................................................................................ 26-8
26.7 ID Type and Content.............................................................................................................26-8
26.8 Pre-Shared Key...................................................................................................................26-10
26.9 IPSec Setup.........................................................................................................................26-10
26.10 IKE Phases..........................................................................................................................26-15
26.11 Configuring IKE Settings ...................................................................................................26-18
26.12 Manual Key Setup...............................................................................................................26-20
26.13 Telecommuter VPN/IPSec Examples ................................................................................. 26-22
Chapter 27 SA Monitor..........................................................................................................................27-1
xii Table of Contents
Prestige 202H User’s Guide
27.1 SA Monitor Overview.......................................................................................................... 27-1
Chapter 28 IPSec Log............................................................................................................................ 28-1
28.1 IPSec Logs ........................................................................................................................... 28-1
Appendices and Index.....................................................................................................................................V
Appendix A Troubleshooting ..................................................................................................................... A
Problems Starting Up the Prestige............................................................................................................A
Problems With the ISDN Line ................................................................................................................. B
Problems With a LAN Interface............................................................................................................... B
Problems Connecting to a Remote Node or ISP....................................................................................... C
Remote User Dial-in Problems................................................................................................................. C
Problems With the Password.................................................................................................................... C
Problems With Remote Management.......................................................................................................D
Appendix B Power Adapter Specifications ............................................................................................... E
Index ............................................................................................................................................................G
Table of Contents xiii
Prestige 202H User’s Guide
List of Figures
Figure 1-1 Internet Access Application...........................................................................................................1-5
Figure 1-2 LAN-to-LAN Connection Application..........................................................................................1-5
Figure 1-3 Remote Access ..............................................................................................................................1-6
Figure 1-4 Secure Internet Access and VPN Application ...............................................................................1-7
Figure 2-1 Front Panel ....................................................................................................................................2-1
Figure 2-2 Rear Panel .....................................................................................................................................2-2
Figure 3-1 Login Screen .................................................................................................................................3-2
Figure 3-2 SMT Main Menu...........................................................................................................................3-3
Figure 3-3 Menu 23.1 System Password ........................................................................................................3-6
Figure 3-4 Menu 23.1 - System Security - Change Password ........................................................................3-6
Figure 3-5 Resetting the Router......................................................................................................................3-7
Figure 3-6 Example Xmodem Upload............................................................................................................3-8
Figure 4-1 Menu 1 General Setup...................................................................................................................4-1
Figure 4-2 Configure Dynamic DNS..............................................................................................................4-3
Figure 5-1 Menu 2 ISDN Setup...................................................................................................................... 5-1
Figure 5-2 Router Behind a PABX .................................................................................................................5-3
Figure 5-3 Menu 2 ISDN Setup for DSS1......................................................................................................5-4
Figure 5-4 Loopback Test ...............................................................................................................................5-4
Figure 5-5 Configuration Example .................................................................................................................5-6
Figure 5-6 Menu 2.2 NetCAPI Setup .............................................................................................................5-7
Figure 6-1 Menu 3 Ethernet Setup..................................................................................................................6-1
Figure 6-2 Menu 3.1 General Ethernet Setup .................................................................................................6-1
Figure 6-3 Menu 3.2 TCP/IP and DHCP Ethernet Setup................................................................................6-5
Figure 6-4 Physical Network .....................................................................................................................6-7
Figure 6-5 Partitioned Logical Networks .......................................................................................................6-7
xiv List of Figures
Prestige 202H User’s Guide
Figure 6-6 Menu 3.2.1 IP Alias Setup ............................................................................................................ 6-7
Figure 7-1 Menu 4 Internet Access Setup ...................................................................................................... 7-2
Figure 8-1 Menu 11 Remote Node Setup....................................................................................................... 8-2
Figure 8-2 Menu 11.1 Remote Node Profile.................................................................................................. 8-2
Figure 8-3 Menu 11.2 Remote Node PPP Options......................................................................................... 8-8
Figure 8-4 TCP/IP LAN-to-LAN Application ............................................................................................... 8-9
Figure 8-5 LAN 1 Setup............................................................................................................................... 8-10
Figure 8-6 LAN 2 Setup............................................................................................................................... 8-10
Figure 8-7 Sample IP Addresses for LAN-to-LAN Connection .................................................................. 8-14
Figure 8-8 Menu 11.5 Remote Node Filter .................................................................................................. 8-15
Figure 9-1 Sample Static Routing Topology .................................................................................................. 9-1
Figure 9-2 Menu 12 IP Static Route Setup..................................................................................................... 9-2
Figure 9-3 Menu 12.1 Edit IP Static Route .................................................................................................... 9-2
Figure 10-1 Menu 13 Default Dial-in Setup ................................................................................................ 10-2
Figure 10-2 Menu 13.1 Default Dial-in Filter.............................................................................................. 10-5
Figure 10-3 Menu 14 Dial-in User Setup..................................................................................................... 10-6
Figure 10-4 Menu 14.1 Edit Dial-in User .................................................................................................... 10-6
Figure 10-5 Example of Telecommuting...................................................................................................... 10-8
Figure 10-6 Configuring Menu 13 for Remote Access ................................................................................ 10-9
Figure 10-7 Edit Dial-in-User ...................................................................................................................... 10-9
Figure 10-8 Example of a LAN-to-LAN Server Application..................................................................... 10-10
Figure 10-9 LAN 1 LAN-to-LAN Application ...........................................................................................10-11
Figure 10-10 LAN 2 LAN-to-LAN Application .........................................................................................10-11
Figure 10-11 Testing Callback With Your Connection............................................................................... 10-12
Figure 10-12 Callback With CLID Configuration ..................................................................................... 10-13
Figure 10-13 Configuring CLID With Callback ........................................................................................ 10-13
Figure 10-14 Callback and CLID Connection Test .................................................................................... 10-14
List of Figures xv
Prestige 202H User’s Guide
Figure 11-1 How NAT Works .......................................................................................................................11-3
Figure 11-2 NAT Application With IP Alias .................................................................................................11-4
Figure 11-3 Applying NAT for Internet Access ............................................................................................11-6
Figure 11-4 Applying NAT to the Remote Node ..........................................................................................11-7
Figure 11-5 Menu 15 NAT Setup..................................................................................................................11-8
Figure 11-6 Menu 15.1 Address Mapping Sets............................................................................................. 11-8
Figure 11-7 Menu 15.1.255 SUA Address Mapping Rules........................................................................... 11-9
Figure 11-8 Menu 15.1.1 Address Mapping Rules First Set .......................................................................11-10
Figure 11-9 Menu 15.1.1.1 Address Mapping Rule .................................................................................... 11-11
Figure 11-10 Menu 15.2 NAT Server Sets.................................................................................................. 11-14
Figure 11-11 Menu 15.2 NAT Server Setup................................................................................................11-14
Figure 11-12 Multiple Servers Behind NAT Example................................................................................11-15
Figure 11-13 NAT Example 1..................................................................................................................... 11-16
Figure 11-14 Menu 4 Internet Access & NAT Example .............................................................................11-16
Figure 11-15 NAT Example 2..................................................................................................................... 11-17
Figure 11-16 Menu 15.2 Specifying an Inside Server ................................................................................11-18
Figure 11-17 NAT Example 3..................................................................................................................... 11-19
Figure 11-18 Example 3: Menu 11.3 .......................................................................................................... 11-20
Figure 11-19 Example 3: Menu 15.1.1.1 ....................................................................................................11-20
Figure 11-20 Example 3: Final Menu 15.1.1 .............................................................................................. 11-21
Figure 11-21 NAT Example 4..................................................................................................................... 11-22
Figure 11-22 Example 4: Menu 15.1.1.1 Address Mapping Rule...............................................................11-23
Figure 11-23 Example 4: Menu 15.1.1 Address Mapping Rules ................................................................11-23
Figure 12-1 Prestige Firewall Application....................................................................................................12-3
Figure 12-2 Three-Way Handshake ..............................................................................................................12-5
Figure 12-3 SYN Flood ................................................................................................................................12-5
Figure 12-4 Smurf Attack .............................................................................................................................12-6
xvi List of Figures
Prestige 202H User’s Guide
Figure 12-5 Stateful Inspection.................................................................................................................... 12-8
Figure 13-1 Menu 21 Filter and Firewall Setup........................................................................................... 13-1
Figure 13-2 Menu 21.2 Firewall Setup ........................................................................................................ 13-2
Figure 13-3 Example Firewall Log.............................................................................................................. 13-2
Figure 14-1 Site Map Screen........................................................................................................................ 14-1
Figure 14-2 Firewall Functions.................................................................................................................... 14-2
Figure 14-3 Enabling the Firewall ............................................................................................................... 14-3
Figure 14-4 E-mail....................................................................................................................................... 14-4
Figure 14-5 E-mail Log................................................................................................................................ 14-7
Figure 14-6 Attack Alert .............................................................................................................................. 14-9
Figure 15-1 LAN to WAN Traffic................................................................................................................ 15-3
Figure 15-2 WAN to LAN Traffic................................................................................................................ 15-4
Figure 15-3 Firewall Rules Summary: First Screen..................................................................................... 15-5
Figure 15-4 Creating/Editing A Firewall Rule ........................................................................................... 15-10
Figure 15-5 Adding/Editing Source and Destination Addresses ................................................................ 15-12
Figure 15-6 Timeout Screen....................................................................................................................... 15-13
Figure 16-1 Customized Services ................................................................................................................ 16-1
Figure 16-2 Creating/Editing A Customized Service ................................................................................... 16-2
Figure 16-3 Configure Source IP................................................................................................................. 16-4
Figure 16-4 Customized Service for MyService.......................................................................................... 16-4
Figure 16-5 MyService Rule Configuration................................................................................................. 16-5
Figure 16-6 Example Rule Summary........................................................................................................... 16-6
Figure 17-1 Log Screen................................................................................................................................ 17-1
Figure 18-1 Outgoing Packet Filtering Process ........................................................................................... 18-2
Figure 18-2 Filter Rule Process.................................................................................................................... 18-3
Figure 18-3 Menu 21 Filter and Firewall Setup........................................................................................... 18-4
Figure 18-4 Menu 21.1 Filter Set Configuration.......................................................................................... 18-5
List of Figures xvii
Prestige 202H User’s Guide
Figure 18-5 NetBIOS_WAN Filter Rules Summary.....................................................................................18-6
Figure 18-6 NetBIOS _LAN Filter Rules Summary.....................................................................................18-6
Figure 18-7 Telnet WAN Filter Rules Summary...........................................................................................18-7
Figure 18-8 FTP_WAN Filter Rules Summary.............................................................................................18-7
Figure 18-9 Menu 21.1.7.1 TCP/IP Filter Rule...........................................................................................18-10
Figure 18-10 Executing an IP Filter............................................................................................................18-13
Figure 18-11 Menu 21.1.5.1 Generic Filter Rule........................................................................................ 18-14
Figure 18-12 Protocol and Device Filter Sets.............................................................................................18-16
Figure 18-13 Sample Telnet Filter ..............................................................................................................18-17
Figure 18-14 Sample Filter Menu 21.1.9.1.................................................................................................18-18
Figure 18-15 Sample Filter Rules Summary Menu 21.1.9 .........................................................................18-19
Figure 18-16 Filtering Ethernet Traffic.......................................................................................................18-20
Figure 18-17 Filtering Remote Node Traffic ..............................................................................................18-21
Figure 19-1 SNMP Management Model.......................................................................................................19-1
Figure 19-2 Menu 22 SNMP Configuration .................................................................................................19-3
Figure 20-1 Menu 24 System Maintenance..................................................................................................20-1
Figure 20-2 Menu 24.1 System Maintenance Status ....................................................................................20-2
Figure 20-3 Menu 24.2 System Information and Console Port Speed..........................................................20-4
Figure 20-4 Menu 24.2.1 System Maintenance Information ........................................................................20-4
Figure 20-5 Menu 24.2.2 System Maintenance Change Console Port Speed...............................................20-5
Figure 20-6 Menu 24.3 System Maintenance Log and Trace .......................................................................20-6
Figure 20-7 Sample Error and Information Messages..................................................................................20-6
Figure 20-8 Menu 24.3.2 System Maintenance Unix Syslog .......................................................................20-7
Figure 20-9 Menu 24.3.3 System Maintenance Accounting Server............................................................20-10
Figure 20-10 Menu 24.3.4 Call Triggering Packet. ....................................................................................20-11
Figure 20-11 Menu 24.4 System Maintenance Diagnostic ........................................................................20-12
Figure 20-12 Display for a Successful Manual Call ...................................................................................20-13
xviii List of Figures
Prestige 202H User’s Guide
Figure 21-1 Menu 24.5 System Maintenance – Backup Configuration ....................................................... 21-3
Figure 21-2 FTP Session Example............................................................................................................... 21-4
Figure 21-3 System Maintenance Backup Configuration............................................................................ 21-6
Figure 21-4 System Maintenance: Starting Xmodem Download Screen..................................................... 21-7
Figure 21-5 Backup Configuration Example ............................................................................................... 21-7
Figure 21-6 Successful Backup Confirmation Screen.................................................................................. 21-7
Figure 21-7 Telnet into Menu 24.6............................................................................................................... 21-8
Figure 21-8 Restore Using FTP Session Example ....................................................................................... 21-9
Figure 21-9 System Maintenance: Restore Configuration...........................................................................21-9
Figure 21-10 System Maintenance: Starting Xmodem Download Screen................................................... 21-9
Figure 21-11 Restore Configuration Example ........................................................................................... 21-10
Figure 21-12 Successful Restoration Confirmation Screen ....................................................................... 21-10
Figure 21-13 - System Maintenance Upload Firmware ..............................................................................21-11
Figure 21-14 Menu 24.7.1 Upload System Firmware.................................................................................21-11
Figure 21-15 Menu 24.7.2 - System Maintenance – Upload Configuration File....................................... 21-12
Figure 21-16 FTP Session Example of Firmware File Upload .................................................................. 21-13
Figure 21-17 Menu 24.7.1 as Seen Using the Console Port....................................................................... 21-14
Figure 21-18 Example Xmodem Upload ................................................................................................... 21-15
Figure 21-19 Menu 24.7.2 as Seen Using the Console Port....................................................................... 21-16
Figure 21-20 Example Xmodem Upload ................................................................................................... 21-17
Figure 22-1 Command Mode in Menu 24.................................................................................................... 22-1
Figure 22-2 Valid Commands ...................................................................................................................... 22-2
Figure 22-3 Menu 24.9 Call Control............................................................................................................ 22-2
Figure 22-4 Menu 24.9.1Call Control Parameters ....................................................................................... 22-3
Figure 22-5 Menu 24.9.2 Blacklist .............................................................................................................. 22-4
Figure 22-6 Menu 24.9.1 Budget Management ........................................................................................... 22-4
Figure 22-7 Menu 24.9.4 Call History ......................................................................................................... 22-5
List of Figures xix
Prestige 202H User’s Guide
Figure 22-8 Menu 24: System Maintenance.................................................................................................22-6
Figure 22-9 Menu 24.10 System Maintenance: Time and Date Setting .......................................................22-7
Figure 23-1 Menu 26 Schedule Setup...........................................................................................................23-1
Figure 23-2 Menu 26.1 Schedule Set Setup..................................................................................................23-2
Figure 23-3 Applying Schedule Set(s)..........................................................................................................23-4
Figure 24-1 Telnet Configuration on a TCP/IP Network ..............................................................................24-2
Figure 24-2 Remote Management ................................................................................................................24-3
Figure 25-1 Encryption and Decryption .......................................................................................................25-2
Figure 25-2 VPN Application.......................................................................................................................25-3
Figure 25-3 IPSec Architecture.....................................................................................................................25-4
Figure 25-4 Transport and Tunnel Mode IPSec Encapsulation.....................................................................25-5
Figure 26-1 VPN SMT Menu Tree ...............................................................................................................26-1
Figure 26-2 Menu 27 VPN/IPSec Setup .......................................................................................................26-2
Figure 26-3 IPSec Summary Fields Illustration............................................................................................26-4
Figure 26-4 Menu 27.1 IPSec Summary.......................................................................................................26-5
Figure 26-5 Menu 27.1.1 IPSec Setup........................................................................................................ 26-11
Figure 26-6 Two Phases to Set Up the IPSec SA........................................................................................26-16
Figure 26-7 Menu 27.1.1.1 IKE Setup............................................................................................................26-18
Figure 26-8 Menu 27.1.1.2 Manual Setup ..................................................................................................26-21
Figure 26-9 Telecommuters Sharing One VPN Rule Example...................................................................26-23
Figure 26-10 Telecommuters Using Unique VPN Rules Example.............................................................26-24
Figure 27-1 Menu 27.2 SA Monitor .............................................................................................................27-1
Figure 28-1 Example VPN Initiator IPSec Log ............................................................................................28-1
Figure 28-2 Example VPN Responder IPSec Log........................................................................................28-2
xx List of Figures
Prestige 202H User’s Guide
List of Tables
Table 2-1 LED Functions............................................................................................................................... 2-1
Table 3-1 Main Menu Commands.................................................................................................................. 3-2
Table 3-2 Main Menu Summary .................................................................................................................... 3-3
Table 4-1 Menu 1 – General Setup................................................................................................................. 4-2
Table 4-2 Configure Dynamic DNS Menu Fields.......................................................................................... 4-3
Table 5-1 Menu 2 ISDN Setup....................................................................................................................... 5-1
Table 5-2 Configuring NetCAPI .................................................................................................................... 5-7
Table 6-1 Private IP Address Ranges ............................................................................................................. 6-3
Table 6-2 Menu 3.2 TCP/IP and DHCP Ethernet Setup................................................................................. 6-5
Table 6-3 TCP/IP Ethernet Setup Menu Fields .............................................................................................. 6-6
Table 6-4 IP Menu 3.2.1 – IP Alias Setup ...................................................................................................... 6-8
Table 7-1 Internet Account Information......................................................................................................... 7-1
Table 7-2 Menu 4 Internet Access Setup........................................................................................................ 7-2
Table 8-1 Menu 11.1 Remote Node Profile.................................................................................................... 8-3
Table 8-2 BTR vs MTR for BOD................................................................................................................... 8-7
Table 8-3 Menu 11.2 Remote Node PPP Options .......................................................................................... 8-8
Table 8-4 TCP/IP-related Fields in Remote Node Profile.............................................................................8-11
Table 8-5 Remote Node Network Layer Options......................................................................................... 8-12
Table 8-6 Remote Node Network Layer Options......................................................................................... 8-12
Table 9-1 Menu 12.1 Edit IP Static Route...................................................................................................... 9-2
Table 10-1 Remote Dial-in Users/Remote Nodes Comparison Chart.......................................................... 10-1
Table 10-2 Menu 13 Default Dial-in Setup.................................................................................................. 10-2
Table 10-3 Edit Dial-in User........................................................................................................................ 10-6
Table 11-1 NAT Definitions..........................................................................................................................11-1
Table 11-2 NAT Mapping Types ...................................................................................................................11-5
List of Tables xxi
Prestige 202H User’s Guide
Table 11-3 Applying NAT to the Remote Node............................................................................................ 11-7
Table 11-4 Menu 15.1.255 SUA Address Mapping Rules ............................................................................11-9
Table 11-5 Fields in Menu 15.1.1 ...............................................................................................................11-10
Table 11-6 Menu 15.1.1.1 Address Mapping Rule ..................................................................................... 11-12
Table 11-7 Services & Port Numbers..........................................................................................................11-13
Table 12-1 Common IP Ports........................................................................................................................12-4
Table 12-2 ICMP Commands That Trigger Alerts........................................................................................12-6
Table 12-3 Legal NetBIOS Commands ........................................................................................................12-7
Table 12-4 Legal SMTP Commands............................................................................................................. 12-7
Table 13-1 View Firewall Log......................................................................................................................13-3
Table 14-1 Predefined Services ....................................................................................................................14-2
Table 14-2 E-mail .........................................................................................................................................14-5
Table 14-3 SMTP Error Messages ................................................................................................................14-6
Table 14-4 Attack Alert.................................................................................................................................14-9
Table 15-1 Firewall Rules Summary: First Screen .......................................................................................15-5
Table 15-2 Predefined Services ....................................................................................................................15-7
Table 15-3 Creating/Editing A Firewall Rule ............................................................................................. 15-11
Table 15-4 Adding/Editing Source and Destination Addresses ..................................................................15-12
Table 15-5 Timeout Menu...........................................................................................................................15-13
Table 16-1 Customized Services...................................................................................................................16-2
Table 16-2 Creating/Editing A Custom Port .................................................................................................16-3
Table 17-1 Log Screen.................................................................................................................................. 17-2
Table 18-1 Filter Rules Summary Menu Abbreviations................................................................................18-8
Table 18-2 Rule Abbreviations Used ............................................................................................................18-8
Table 18-3 Menu 21.1.7.1 TCP/IP Filter Rule ............................................................................................ 18-10
Table 18-4 Menu 21.1.5.1 Generic Filter Rule ...........................................................................................18-14
Table 18-5 Filter Sets Table ........................................................................................................................18-20
xxii List of Tables
Prestige 202H User’s Guide
Table 19-1 Menu 22 SNMP Configuration .................................................................................................. 19-3
Table 19-2 SNMP Traps............................................................................................................................... 19-4
Table 19-3 Ports and Permanent Virtual Circuits ......................................................................................... 19-4
Table 20-1 Menu 24.1 System Maintenance Status ..................................................................................... 20-2
Table 20-2 Menu 24.2.1 System Maintenance Information......................................................................... 20-4
Table 20-3 Menu 24.3.2 System Maintenance Unix Syslog ........................................................................ 20-7
Table 20-4 System Maintenance Menu Diagnostic.................................................................................... 20-12
Table 21-1 Filename Conventions................................................................................................................ 21-2
Table 21-2 General Commands for GUI-based FTP Clients........................................................................ 21-4
Table 21-3 General Commands for GUI-based TFTP Clients ..................................................................... 21-6
Table 22-1 Menu 24.9.1Call Control Parameters......................................................................................... 22-3
Table 22-2 Menu 24.9.1 Budget Management............................................................................................. 22-5
Table 22-3 Menu 24.9.4 Call History........................................................................................................... 22-6
Table 22-4 Time and Date Setting Fields..................................................................................................... 22-7
Table 23-1 Menu 26.1 Schedule Set Setup................................................................................................... 23-2
Table 24-1 Remote Management ................................................................................................................. 24-3
Table 25-1 VPN and NAT ............................................................................................................................ 25-6
Table 26-1 AH and ESP ............................................................................................................................... 26-3
Table 26-2 Menu 27.1 IPSec Summary ....................................................................................................... 26-5
Table 26-3 Local ID Type and Content Fields ............................................................................................. 26-9
Table 26-4 Peer ID Type and Content Fields ............................................................................................... 26-9
Table 26-5 Matching ID Type and Content Configuration Example............................................................ 26-9
Table 26-6 Mismatching ID Type and Content Configuration Example.................................................... 26-10
Table 26-7 Menu 27.1.1 IPSec Setup..........................................................................................................26-11
Table 26-8 Menu 27.1.1.1 IKE Setup............................................................................................................. 26-18
Table 26-9 Active Protocol: Encapsulation and Security Protocol............................................................. 26-20
Table 26-10 Menu 27.1.1.2 Manual Setup................................................................................................. 26-21
List of Tables xxiii
Prestige 202H User’s Guide
Table 26-11 Telecommuter and Headquarters Configuration Example ......................................................26-23
Table 27-1 Menu 27.2 SA Monitor ...............................................................................................................27-2
Table 28-1 Sample IKE Key Exchange Logs ...............................................................................................28-2
Table 28-2 Sample IPSec Logs During Packet Transmission.......................................................................28-4
Table 28-3 RFC-2408 ISAKMP Payload Types ...........................................................................................28-4
xxiv List of Tables
Prestige 202H User’s Guide
Preface
Congratulations on your purchase of the Prestige 202H ISDN router.
About This User's Manual
This manual is designed to guide you through the configuration of your Prestige for its various applications.
This manual may refer to the Prestige 202H ISDN router as the Prestige.
You may use the System Management Terminal (SMT), web configurator or
command interpreter interface to configure your Prestige. Not all features can be
configured through all interfaces. This User's Guide primarily shows SMT
configuration but includes the other interfaces where appropriate.
Related Documentation
Support Disk
Refer to the included CD for support documents.
Quick Start Guide
The Quick Start Guide is designed to help you get up and running right away. It contains general
connection and initial configuration instructions.
Web Configurator Online Help
Embedded web help for descriptions of individual screens and supplementary information.
Packing List Card
The Packing List Card lists all items that should have come in the package.
Certifications
Refer to the product page at www.zyxel.com
ZyXEL Glossary and Web Site
Please refer to www.zyxel.com
documentation.
for an online glossary of networking terms and additional support
for information on product certifications.
User Guide Feedback
Help us help you. E-mail all User Guide-related comments, questions or suggestions for improvement to
techwriters@zyxel.com.tw or send regular mail to The Technical Writing Team, ZyXEL Communications
Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you.
Syntax Conventions
• “Enter” means for you to type one or more characters and press the carriage return. “Select” or
“Choose” means for you to use one of the predefined choices.
• The SMT menu titles and labels are in Bold Times New Roman font.
• The choices of a menu item are in Bold Arial font.
Preface xxv
Prestige 202H User’s Guide
• A single keystroke is in Arial font and enclosed in square brackets, for instance, [ENTER] means the
Enter, or carriage return, key; [ESC] means the escape key and [SPACE BAR] means the space bar.
[UP] and [DOWN] are the up and down arrow keys.
• Mouse action sequences are denoted using a comma. For example, “click the Apple icon, Control
Panels and then Modem” means first click the Apple icon, then point your mouse pointer to Control
Panels and then click Modem.
• For brevity’s sake, we will use “e.g.” as shorthand for “for instance” and “i.e.” for “that is” or “in other
words” throughout this manual.
xxvi Preface
Getting Started
Part I:
Getting Started
This part is structured as a step-by-step guide to help you connect, install and setup your router to
operate on your network and access the Internet.
I
Prestige 202H User’s Guide
Chapter 1
Getting to Know Your Prestige
This chapter covers the key features and main applications of your router.
1.1 Introducing the Prestige 202H
The Prestige 202H is a high-performance router that offers a complete Internet Access solution.
By integrating NAT, firewall, VPN capability and a four-port switch, the Prestige 202H is a complete
security solution that protects your Intranet and efficiently manages data traffic on your network.
The embedded web configurator is easy to operate and totally independent of your operating system
platform. You can also manage the router via the SMT (System Management Terminal), a menu-driven
interface that you can access from either a terminal emulator or telnet.
1.2 Features
This section describes the router’s key features.
IPSec VPN Capability
Establish Virtual Private Network (VPN) tunnels to connect (home) office computers to your company
network using data encryption and the Internet; thus providing secure communications without the expense
of leased site-to-site lines. The router’s VPN is based on the IPSec standard and is fully interoperable with
other IPSec-based VPN products.
Firewall
The Prestige has a stateful inspection firewall with DoS (Denial of Service) protection. By default, when the
firewall is activated, all incoming traffic from the WAN to the LAN is blocked unless it is initiated from the
LAN. The Prestige firewall supports TCP/UDP inspection, DoS detection and protection, real time alerts,
reports and logs.
4-Port Switch
A combination of switch and router makes your router a cost-effective and viable network solution. You can
connect up to four computers to the router without the cost of a hub. Use a hub to add more than four
computers to your LAN.
Getting to Know Your Prestige 1-1
Prestige 202H User’s Guide
Auto-negotiating 10/100 Mbps Ethernet LAN
The LAN interfaces automatically detect if they are on a 10 or a 100 Mbps Ethernet.
Auto-crossover 10/100 Mbps Ethernet LAN
The LAN interfaces automatically adjust to either a crossover or straight-through Ethernet cable.
Call Scheduling
Configure call time periods to restrict and allow access for users on remote nodes.
Network Address Translation (NAT)
NAT (Network Address Translation - NAT, RFC 1631) allows the translation of multiple IP addresses used
within one network to different IP addresses known within another network.
SNMP (Simple Network Management Protocol – Versions 1 and 2)
SNMP, a member of the TCP/IP protocol suite, allows you to exchange management information between
network devices. Your router supports SNMP agent functionality that allows a manager station to manage
and monitor the router through the network.
SNMP is only available if TCP/IP is configured on your router.
IP Alias
IP Alias allows you to partition a physical network into logical networks over the same Ethernet interface.
The Prestige supports three logical LAN interfaces via its single physical Ethernet LAN interface with the
Prestige itself as the gateway for each LAN network.
ISDN Data Link Connections
The router supports two types of ISDN Data Link Connections: point-to-multipoint and point-to-point.
ISDN Basic Rate Interface (BRI) Support
The router supports a single BRI. A BRI offers two 64 Kbps channels, which can be used independently for
two destinations or be bundled to speed up data transfer.
Incoming Call Support
In addition to making outgoing calls, you can configure the router to act as a remote access server for
telecommuting employees.
1-2 Getting to Know Your Prestige
Prestige 202H User’s Guide
Outgoing Data Call Bumping Support
Call bumping is a feature that allows the router to manage an MP (Multilink Protocol) bundle dynamically,
dropping or reconnecting a channel in a bundle when necessary. Previously, the router did this for voice calls
only, but now with this new feature, the router can drop a channel in an MP bundle if there is a data packet to
another remote node.
CLID Callback Support For Dial-In Users
CLID is an authentication method to identify a dial-in user. CLID callback is used as an ISDN toll saving
feature because the call can be disconnected immediately without picking up the phone.
TCP/IP and PPP Support
♦ TCP/IP (Transmission Control Protocol/Internet Protocol) network layer protocol.
♦ PPP/MP (Point-to-Point Protocol/Multilink Protocol) link layer protocol.
Dial-on-Demand
The Dial-on-Demand feature allows the router to automatically place a call to a remote gateway based on the
triggering packet’s destination without user intervention.
PPP Multilink
The router can bundle multiple links in a single connection using PPP Multilink Protocol (MP). The number
of links can be either statically configured or dynamically managed based on traffic demand.
Bandwidth-On-Demand
The router dynamically allocates bandwidth by dialing and dropping connections according to traffic
demand.
Full Network Management
♦ You can access the SMT (System Management Terminal) through a telnet connection.
♦ The embedded web configurator is an all-platform web-based utility that allows you to easily access the
Prestige’s management settings and configure the firewall.
Logging and Tracing
♦ CDR (Call Detail Record) to help analyze and manage the telephone bill.
♦ Built-in message logging and packet tracing.
♦ UNIX syslog facility support.
Getting to Know Your Prestige 1-3
Prestige 202H User’s Guide
PAP and CHAP Security
The router supports PAP (Password Authentication Protocol) and CHAP (Challenge Handshake
Authentication Protocol). CHAP is more secure than PAP; however, PAP is readily available on more
platforms.
DHCP (Dynamic Host Configuration Protocol)
DHCP (Dynamic Host Configuration Protocol) allows the individual client computers to obtain the TCP/IP
configuration at start-up from a centralized DHCP server. The Prestige has built-in DHCP server capability,
enabled by default, which means it can assign IP addresses, an IP default gateway and DNS servers to all
systems that support the DHCP client. The Prestige can also act as a surrogate DHCP server (DHCP Relay)
where it relays IP address assignment from another DHCP server to the clients.
Call Control
Your router provides budget management for outgoing calls and maintains a blacklist for unreachable phone
numbers in order to save you the expense of unnecessary charges.
Data Compression
Your router incorporates Stac data compression to speed up data transfer. Stac is the de facto standard of data
compression over PPP links.
Networking Compatibility
Your router is compatible with remote access products from other manufacturers such as Ascend, Cisco, and
3Com. Furthermore, it supports Microsoft Windows 95 and Windows NT remote access capability.
Upgrade Firmware via LAN
In addition to the direct console port connection, the router supports the up/downloading of firmware and
configuration file using TFTP (Trivial File Transfer Protocol) over the LAN. Even though TFTP should work
over the WAN as well, it is not recommended because of potential data corruption problems.
1.3 Internet Access With the Prestige
These sections provide example applications for your Prestige.
1.3.1 Internet Access
The Prestige is the ideal high-speed Internet access solution. Your router supports the TCP/IP protocol,
which the Internet uses exclusively. It is also compatible with access servers manufactured by major vendors
such as Cisco and Ascend. A typical Internet Access application is shown next.
1-4 Getting to Know Your Prestige
Prestige 202H User’s Guide
Figure 1-1 Internet Access Application
Internet Single User Account
For a SOHO (Small Office/Home Office) environment, your router offers the NAT (Network Address
Translation) feature that allows multiple users on the LAN (Local Area Network) to access the Internet
concurrently for the cost of a single user. NAT address mapping can also be used for other LAN-to-LAN
connections.
1.3.2 LAN-to-LAN Connection
You can use the router to connect two geographically dispersed networks over the ISDN line. A typical
LAN-to-LAN application for your router is shown as follows.
Figure 1-2 LAN-to-LAN Connection Application
Getting to Know Your Prestige 1-5
Prestige 202H User’s Guide
1.3.3 Remote Access Server
Your router allows remote users to dial-in and gain access to your LAN. This feature enables individuals that
have computers with remote access capabilities to dial in to access the network resources without physically
being in the office. Either PAP (Password Authentication Protocol) or CHAP (Challenge Handshake
Authentication Protocol) authentication can be used to control remote access. You can also use callback for
security and/or accounting purposes.
Figure 1-3 Remote Access
1.3.4 Secure Broadband Internet Access and VPN
The Prestige provides IP address sharing and a firewall-protected local network with traffic management.
Prestige VPN is an ideal cost-effective way to connect branch offices and business partners over the Internet
without the need (and expense) of leased lines between sites. The LAN computers can use VPN tunnels for
secure connections to remote computers.
1-6 Getting to Know Your Prestige
Prestige 202H User’s Guide
Figure 1-4 Secure Internet Access and VPN Application
Getting to Know Your Prestige 1-7
Prestige 202H User’s Guide
Chapter 2
Hardware Installation
This chapter shows you how to make the cable connections to your router.
2.1 Front Panel
The LED indicators on the front panel indicate the operational status of the router. The table after the
diagram describes the LED functions:
Figure 2-1 Front Panel
Table 2-1 LED Functions
LED DESCRIPTION
PWR/SYS The PWR/SYS (power/system) LED turns steady on green when power is applied to
the router and it has boot up properly.
A green blinking PWR/SYS LED indicates the router is performing a system test or
rebooting.
When the router senses low voltage power, the PWR/SYS LED turns steady on red.
LAN 1-4 A steady green light indicates a successful 10Mbs Ethernet connection, while an
orange light indicates a successful 100Mbs connection. The LEDs will blink when
data is being sent/received.
ISDN LNK, B1, B2 The LNK LED is on when the router is connected to an ISDN switch and the line
has been successfully initialized. The B1 (B2) LED remains steady on when data is
being sent/received on the B1 (B2) bearer channel.
Hardware Installation 2-1
Prestige 202H User’s Guide
2.2 Rear Panel and Connections
The next figure shows the rear panel connectors of your router.
Figure 2-2 Rear Panel
This section outlines how to connect your router to the LAN and to the ISDN network.
2.2.1 Connecting the ISDN Line
Connect the router to the ISDN network using the included ISDN cable. Plug one end of the cable into the
port labeled ISDN and the other to the ISDN wall jack.
2.2.2 Connecting the Console Port
You can configure the router via terminal emulator software on a computer that is connected it to the router
through the console port. Connect the male end of the console cable to the console port of the router and the
female end to a serial port (COM1, COM2 or other COM port) of your computer.
After the initial setup, you can modify the configuration remotely through telnet connections. See the chapter
on Telnet for detailed instructions on using telnet to configure your router.
2.2.3 Connecting a Computer to the Router
Ethernet 10Base-T/100Base-T networks use Unshielded Twisted Pair (UTP) cable with RJ-45 connectors
that look like a bigger telephone plug with 8 pins. Use crossover cable to connect your router to a computer
directly or use straight-through Ethernet cable to connect to an external hub.
2.2.4 Connecting the Power Adaptor to your Router
Connect the power adaptor to the port labeled POWER on the rear panel of your router.
CAUTION: To prevent damage to the router, first make sure you have the correct
power adaptor (refer to the Appendix section) for your particular region.
2-2 Hardware Installation
Prestige 202H User’s Guide
2.3 Turn On Your Router
At this point, you should have connected the console port, the ISDN port, the Ethernet port(s) and the power
port to the appropriate devices or lines. You can now turn on the router by pushing the power button in to the
on position (in is ON, out is OFF).
Hardware Installation 2-3
Prestige 202H User’s Guide
Chapter 3
Introducing the SMT
This chapter explains how to access the System Management Terminal and gives an overview of
its menus.
3.1 Introduction to the SMT
The Prestige’s SMT (System Management Terminal) is a menu-driven interface that you can access from a
terminal emulator through the console port or over a telnet connection. This chapter shows you how to
access the SMT (System Management Terminal) menus via console port, how to navigate the SMT and
how to configure SMT menus.
3.2 Accessing the Prestige via the Console Port
Make sure you have the physical connection properly set up as described in the hardware installation
chapter.
When configuring using the console port, you need a computer equipped with communications software
configured to the following parameters:
♦ VT100 terminal emulation.
♦ 9600 Baud.
♦ No parity, 8 data bits, 1 stop bit, flow control set to none.
3.3 Initial Screen
When you turn on your router, it performs several internal tests as well as line initialization.
3.3.1 Entering the Password
The login screen appears after you press [ENTER], prompting you to enter the password as shown in the
following figure.
For your first login, enter the default password 1234. As you type the password, the screen displays an (X)
for each character you type.
Introducing the SMT 3-1
Prestige 202H User’s Guide
Please note that if there is no activity for longer than 5 minutes after you log in, the router automatically
logs you out and displays a blank screen. If you see a blank screen, press [ENTER] to bring up the login
screen again.
Enter Password : XXXX
Figure 3-1 Login Screen
3.4 Navigating the SMT Interface
The SMT (System Management Terminal) interface allows you to configure and manage your router.
Several operations that you should be familiar with before you attempt to modify the configuration are
listed in the following table.
Table 3-1 Main Menu Commands
OPERATION KEYSTROKES DESCRIPTION
Move down to
another menu
Move up to a
previous menu
Move to a
“hidden” menu
Move the
cursor
Entering
information
Required fields <? > All fields with the symbol <?> must be filled in order be able to save
[ENTER] To move forward to a submenu, type in the number of the desired
submenu and press [ENTER].
[ESC] Press the [ESC] key to move back to the previous menu.
Press [SPACE BAR]
to change No to Yes
then press [ENTER].
[ENTER] or
[UP]/[DOWN] arrow
keys
Fill in, or press
[SPACE BAR], then
press [ENTER] to
select from choices.
Fields beginning with “Edit” lead to hidden menus and have a
default setting of No. Press [SPACE BAR] to change No to Yes,
and then press [ENTER] to go to a “hidden” menu.
Within a menu, press [ENTER] to move to the next field. You can
also use the [UP]/[DOWN] arrow keys to move to the previous and
the next field, respectively.
You need to fill in two types of fields. The first requires you to type
in the appropriate information. The second allows you to cycle
through the available choices by pressing [SPACE BAR].
the new configuration.
3-2 Introducing the SMT
Prestige 202H User’s Guide
Table 3-1 Main Menu Commands
OPERATION KEYSTROKES DESCRIPTION
N/A fields <N/A> Some of the fields in the SMT will show a <N/A>. This symbol
refers to an option that is Not Applicable.
Save your
configuration
[ENTER] Save your configuration by pressing [ENTER] at the message
“Press ENTER to confirm or ESC to cancel”. Saving the data on
the screen will take you, in most cases to the previous menu.
Exit the SMT Type 99, then press
[ENTER].
Type 99 at the main menu prompt and press [ENTER] to exit the
SMT interface.
After you enter the password, the SMT displays the Main Menu, as shown.
Copyright (c) 1994 - 2003 ZyXEL Communications Corp.
Getting Started
1. General Setup
2. ISDN Setup
3. Ethernet Setup
4. Internet Access Setup
Advanced Applications
11. Remote Node Setup
12. Static Routing Setup
13. Default Dial-in Setup
14. Dial-in User Setup
15. NAT Setup
Prestige 202H DSS1 Main Menu
Enter Menu Selection Number:
Advanced Management
21. Filter Set Configuration
22. SNMP Configuration
23. System Security
24. System Maintenance
26. Schedule Setup
27. VPN/IPSec Setup
99. Exit
Figure 3-2 SMT Main Menu
3.4.1 System Management Terminal Interface Summary
Table 3-2 Main Menu Summary
NO. Menu Title FUNCTION
1 General Setup Use this menu to set up administrative information.
2 ISDN Setup Use this menu to set up the ISDN.
Introducing the SMT 3-3
Prestige 202H User’s Guide
Table 3-2 Main Menu Summary
NO. Menu Title FUNCTION
3 Ethernet Setup Use this menu to apply LAN filters, configure LAN DHCP and TCP/IP
settings and configure the wireless LAN port (not available on all models).
4 Internet Access Setup Configure your Internet Access setup (Internet address, gateway, login,
etc.) with this menu.
11 Remote Node Setup Use this menu to configure detailed remote node settings (your ISP is
also a remote node) as well as apply WAN filters.
12 Static Routing Setup Configure IP static routes in this menu.
13 Default Dial-in Setup Use this menu to set up default dial-in parameters so that your router can
be used as a dial-in server.
14 Dial-in User Setup Use this menu to configure settings for remote dial-in users.
15 NAT Setup Use this menu to configure Network Address Translation.
21 Filter Set Configuration Use this menu to setup filters to provide security, call control, etc.
22 SNMP Configuration Use this menu to configure SNMP-related parameters.
23 System Security Use this menu to set up security-related parameters.
24 System Maintenance From displaying system status to uploading firmware, this menu provides
comprehensive system maintenance.
26 Schedule Setup Use this menu to schedule outgoing calls.
27 VPN /IPSec Setup Use this menu to configure VPN connections.
99 Exit Use this menu to exit (necessary for remote configuration).
3.5 SMT Menu Overview
The following figure gives you an overview of the various SMT menu screens of your Prestige.
3-4 Introducing the SMT
Prestige 202H User’s Guide
Prestige Main Menu
Menu 1
General Setup
Menu 27.3
View IPSec Log
Menu 24.9.3
Budget Management
Menu 24.9.4
Call History
Menu 2
ISDN Setup
Menu 2.1
ISDN Advanced Setup
Menu 27.2
SA Monitor
Menu 27.1.1.1
IKE Setup
Menu 24.9.2
Blacklist
Menu 24.7.2
System Maintenance --
Upload System
Configuration File
Menu 3
Ethernet Setup
Menu 3.1
LAN Port Filter Setup
Menu 3.2
TCP/IP and DHCP
Setup
Menu 3.2.1
IP Alias Setup
Menu 27
VPN IPSec Setup
Menu 27.1
IPSec Summary
Menu 27.1.1
IPSec Setup
Menu 24.9.1
Call Control Parameters
Menu 24.9
Call Control
Menu 24.7.1
System Maintenance --
Upload System Firmware
Menu 4
Internet Access Setup
Menu 11.6
Remote Node ATM
Layer Options
Menu 11.5
Remote Node Filter
Menu 26
Schedule Setup
Menu 26.x
Schedule Set Setup
Menu 24.8
Command Interpreter
Mode
Menu 24.7
System Maintenance --
Upload Firmware
Menu 11
Remote Node Setup
Menu 11.1
Remote Node Profile
Menu 11.3
Remote Node Network
Layer Options
Menu 24
System Maintenance
Menu 24.1
System Maintenance --
Status
Menu 24.2
System Information and
Console Port Speed
Menu 24.3
System Maintenance --
Log and Trace
Menu 24.4
System Maintenance --
Diagnostic
Menu 12
Static Routing Setup
Menu 12.1
Edit IP Static Route
Menu 11.2
Remote Node
PPP Options
Menu 23
System Password
Menu 23.1
Change Password
Menu 24..2.1
System Maintenance --
Information
Menu 24.3.1
System Maintenance --
View Error Log
Menu 13
Default Dial-in Setup
Menu 13.1
Default Dial-in Filter
Menu 22
SNMP Configuration
Menu 23.2
External Server
Menu 24.2.2
System Maintenance --
Change Console Port
Speed
Menu 24.3.2
System Maintenance --
UNIX Syslog
Menu 14
Dial-in User Setup
Menu 14.1
Edit Dial-in User
Menu 15.1.x
Address Mapping Rules
Menu 15.1.x.x
Address Mapping R ule
Menu 21.x.1
TCP/IP Filter Rule
Menu 15
NAT Setup
Menu 15.1
Address Mapping Se ts
Menu 15.2
NAT Server Sets
Menu 15.2.x
NAT Server Setup
Menu 21.x
Filter Rules Summary
Menu 21.x.1
Generic Filter Rule
Menu 24.6
System Maintenance --
Restore Configuration
Menu 24.5
System Maintenance --
Backup Configuration
3.6 Changing the System Password
The first thing you should do is to change the system password by performing the following steps.
Step 1. Enter 23 in the Main Menu to open Menu 23 - System Security as shown below.
Introducing the SMT 3-5
Prestige 202H User’s Guide
Menu 23 - System Security
1. Change Password
2. External Server
Enter Menu Selection Number: 1
Figure 3-3 Menu 23.1 System Password
Step 2. Enter 1 in Menu 23 to open Menu 23.1 - System Security - Change Password.
When Menu 23.1- System Security-Change Password appears, as shown in the figure below, type in your
existing system password, i.e., 1234, and press [ENTER].
Menu 23.1 – System Security - Change Password
Old Password= XXXX
New Password= XXXX
Retype to confirm= XXXX
Enter here to CONFIRM or ESC to CANCEL:
Figure 3-4 Menu 23.1 - System Security - Change Password
Step 3. Enter your new system password and press [ENTER].
Step 4. Re-type your new system password for confirmation and press [ENTER].
Note that as you type a password, the screen displays an (X) for each character
you type.
3.7 Resetting the Prestige
If you forget your password or cannot access the SMT menu, you will need to reload the factory-default
configuration file. Uploading this configuration file replaces the current configuration file with the factorydefault configuration file. This means that you will lose all configurations that you had previously and the
3-6 Introducing the SMT
Prestige 202H User’s Guide
speed of the console port will be reset to the default of 9600bps with 8 data bit, no parity, one stop bit and
flow control set to none. The password will be reset to “1234”, also.
3.7.1 Uploading a Configuration File Via Console Port
Step 1. Download the default configuration file from the ZyXEL FTP site, unzip it and save it in a
folder.
Step 2. Turn off the Prestige, begin a terminal emulation software session and turn on the Prestige
again. When you see the message "Press Any key to enter Debug Mode within 3 seconds", press
any key to enter debug mode.
Step 3. Enter "atlc" after "Enter Debug Mode" message.
Bootbase Version: V1.03 | 3/18/1999 15:04:51
RAM: Size = 4096 Kbytes
FLASH: Intel 8M
ZyNOS Version: V2.30a00 | 5/5/1999 9:37:32
Press any key to enter debug mode within 3 seconds.
........................................
Enter Debug Mode
atlc
Now erase flash ROM for upload
Figure 3-5 Resetting the Router
Step 4. Wait for the "Starting XMODEM upload" message before activating Xmodem upload on your
terminal. This is an example Xmodem configuration upload using HyperTerminal.
Introducing the SMT 3-7
Prestige 202H User’s Guide
Step 5. Click Transfer, then Send File to display the following screen.
Figure 3-6 Example Xmodem Upload
Step 6. After successful firmware upload, enter "atgo" to restart the router.
Type the configuration file’s
location, or click Browse to
search for it.
Choose the Xmodem
protocol.
Then click Send.
3-8 Introducing the SMT
Prestige 202H User’s Guide
Chapter 4
SMT Menu 1 General Setup
Menu 1 - General Setup contains administrative and system-related information.
4.1 General Setup Overview
Menu 1 - General Setup contains administrative and system-related information.
4.1.1 General Setup and System Name
General Setup contains administrative and system-related information. System Name is for identification
purposes. However, because some ISPs check this name you should enter your computer's "Computer
Name".
• In Windows 95/98 click Start, Settings, Control Panel, Network. Click the Identification tab, note the
entry for the Computer Name field and enter it as the System Name.
• In Windows 2000, click Start, Settings, Control Panel and then double-click System. Click the
Network Identification tab and then the Properties button. Note the entry for the Computer name
field and enter it as the System Name.
• In Windows XP, click Start, My Computer, View system information and then click the Computer
Name tab. Note the entry in the Full computer name field and enter it as the Prestige System Name.
4.2 Configuring General Setup
Enter 1 in the Main Menu to open Menu 1 – General Setup as shown. Fill in the required fields and turn on
the individual protocols for your applications, as explained in the following table.
Menu 1 - General Setup
System Name= Name
Location= branch
Contact Person's Name= JohnDoe
Press ENTER to Confirm or ESC to Cancel:
Figure 4-1 Menu 1 General Setup
SMT Menu 1 General Setup 4-1
Prestige 202H User’s Guide
FIELD DESCRIPTION EXAMPLE
System Name Choose a descriptive name, up to 30 alphanumeric characters long (no
spaces, but dashes “–” and underscores "_" are accepted) for
identification purposes. It is recommended you enter your computer’s
“Computer name” (see section 4.1.1) in this field. This name can be
retrieved remotely via SNMP, used for CHAP authentication, and
displayed at the prompt in the Command Mode.
Location
(optional)
Contact Person's
Name (optional)
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save
your configuration, or press [ESC] at any time to cancel.
Enter the geographic location (up to 31 characters) of your router. branch
Enter the name (up to 30 characters) of the person in charge of your
router.
Table 4-1 Menu 1 – General Setup
Name
JohnDoe
4.3 Dynamic DNS
Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS
services so that anyone can contact you (in NetMeeting, CU-SeeMe, etc.). You can also access your FTP
server or Web site on your own computer using a DNS-like address (for instance myhost.dhs.org, where
myhost is a name of your choice) that will never change instead of using an IP address that changes each
time you reconnect. Your friends or relatives will always be able to call you even if they don't know your IP
address.
First of all, you need to have registered a dynamic DNS account with www.dyndns.org. This is for people
with a dynamic IP from their ISP or DHCP server that would still like to have a DNS name. The Dynamic
DNS service provider will give you a password or key.
4.3.1 DYNDNS Wildcard
Enabling the wildcard feature for your host causes *.yourhost.dyndns.org to be aliased to the same IP address
as yourhost.dyndns.org. This feature is useful if you want to be able to use, for example,
www.yourhost.dyndns.org and still reach your hostname.
If you have a private WAN IP address, then you cannot use Dynamic DNS.
4-2 SMT Menu 1 General Setup
Prestige 202H User’s Guide
4.4 Configuring Dynamic DNS
To configure Dynamic DNS, go to Menu 1: General Setup and press [SPACE BAR] to select Yes in the
Edit Dynamic DNS field. Press [ENTER] to display Menu 1.1— Configure Dynamic DNS (shown next).
Not all models have every field shown.
Menu 1.1 - Configure Dynamic DNS
Service Provider= WWW.DynDNS.ORG
Active= Yes
EMAIL=
USER=
Password= ********
Enable Wildcard= No
Press ENTER to confirm or ESC to cancel:
Figure 4-2 Configure Dynamic DNS
Follow the instructions in the next table to configure Dynamic DNS parameters.
Table 4-2 Configure Dynamic DNS Menu Fields
FIELD DESCRIPTION EXAMPLE
Service Provider This is the name of your Dynamic DNS service provider. WWW.DynDNS.ORG
(default)
Active
Press [SPACE BAR] to select Yes and then press [ENTER] to
Yes
make dynamic DNS active.
EMAIL Enter your e-mail address. mail@mailserver
USER Enter your user name.
Password Enter the password assigned to you.
Enable Wildcard Your Prestige supports DYNDNS Wildcard. Press [SPACE BAR]
No
and then [ENTER] to select Yes or No This field is N/A when
you choose DDNS client as your service provider.
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save
your configuration, or press [ESC] at any time to cancel.
SMT Menu 1 General Setup 4-3
Prestige 202H User’s Guide
ISDN Setup
This chapter tells you how to configure the ISDN Setup menus for your Internet connection.
5.1 ISDN Setup Overview
Menu 2 - ISDN Setup allows you to enter the information about your ISDN line.
5.1.1 IDSN Setup
Enter 1 in the main menu to open menu 2 as shown next.
Menu 2 - ISDN Setup
Switch Type: DSS-1
B Channel Usage= Switch/Switch
Incoming Phone Numbers:
ISDN Data = 5551212
Edit Advanced Setup = No
Chapter 5
Press ENTER to Confirm or ESC to Cancel:
Figure 5-1 Menu 2 ISDN Setup
Table 5-1 Menu 2 ISDN Setup
FIELD DESCRIPTION
Switch Type This read only field displays your switch type, DSS-1.
B Channel
Usage
In general, this will be Switch/Switch (default). If you are only using one B channel
(e.g., your router is sharing the ISDN BRI line with another device), then select
Switch/Unused. If your second B channel is a leased line, select Switch/Leased.
Press [SPACE BAR] to toggle through all the options. The options are below.
ISDN Setup 5-1
Prestige 202H User’s Guide
Table 5-1 Menu 2 ISDN Setup
FIELD DESCRIPTION
Telephone
Number(s)
IDSN Data
Edit Advanced
Setup
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save
your configuration, or press [ESC] at any time to cancel.
♦ Switch/Unused
♦ Switch/Switch
♦ Switch/Leased
♦ Leased/Switch
Enter the telephone number(s) assigned to your ISDN line by your telephone company.
Some switch types only have one telephone number. Note that the router only accepts
digits; please do not include ‘–’ or spaces in this field. This field should be no longer
than 25 digits.
Advanced Setup features are configured when you select Yes to enter Menu 2.1-ISDN
Advanced Setup (see ahead). Refer to the Advanced Phone Services Chapter for
detailed information.
♦ Leased/Unused
♦ Unused/Leased
♦ Leased/Leased
5.2 ISDN Advanced Setup Menus
Select Yes in the Edit Advanced Setup field of Menu 2 – ISDN Setup to display Menu 2.1 as shown later.
Switch Type
The only switch available with your Prestige is DSS-1.
Calling Line Indication
The Calling Line Indication, or caller ID, determines whether the other party can see your number when
you call. If set to Enable, the router sends the caller ID and the party you call can see your number; if it is
set to Disable, the caller ID is blocked.
PABX Outside Line Prefix
A PABX (Private Automatic Branch eXchange) generally requires you to dial a number (a single digit in
most cases) when you need an outside line. If your router is connected to a PABX, enter this number in
PABX Outside Line Prefix, otherwise, leave it blank.
Please note that the PABX prefix is for calls initiated by the router only. If you place a call from a device on
either A/B adapter, you must dial the prefix by hand.
5-2 ISDN Setup
Prestige 202H User’s Guide
PABX Number (with S/T Bus Number) for Loopback
Enter the S/T bus number if the router is connected to an ISDN PABX. If this field is left as blank then the
ISDN loopback test will be skipped.
Outgoing Calling Party Number
If these fields are not blank, the router will use these values as the calling party number for "ISDN Data",
"A/B Adapter 1" and "A/B Adapter 2" outgoing calls. Otherwise, the individual entries for "ISDN Data",
"A/B Adapter 1" and "A/B Adapter 2" will be used as the calling party number. You only need to fill in these
fields if your switch or PABX requires a specific calling party number for outgoing calls, otherwise, leave
them blank.
The following diagram illustrates the PABX Number (with S/T Bus Number) for Loopback and Outgoing
Calling Party Number fields for a router behind an ISDN PABX.
Figure 5-2 Router Behind a PABX
Data Link Connection
There are two types of ISDN Data Link Connection namely: point-to-multipoint and point-to-point. When
you select point-to-multipoint, the TE1 value will be assigned by negotiation with the switch. When you
select point-to-point, the TE1 value will be assigned a unique value of 0.
ISDN Setup 5-3
Prestige 202H User’s Guide
5.2.1 Configuring Advanced Setup
Menu 2.1 - ISDN Advanced Setup
Calling Line Indication= Enable
PABX Outside Line Prefix=
PABX Number (Include S/T Bus Number) for Loopback=
Outgoing Calling Party Number:
ISDN Data = 80010029
Data Link Connection= point-to-multipoint
When you are finished, press [ENTER] at the message: ‘Press ENTER to confirm’, the router uses the
information that you entered to initialize the ISDN line. It should be noted that whenever the switch type is
changed, the ISDN initialization takes slightly longer.
At this point, the router asks if you wish to test your ISDN. If you select Yes, the router will perform a loopback test to check the ISDN line. If the loop-back test fails, please note the error message that you receive
and take the appropriate troubleshooting action.
Setup LoopBack Test ...
Dialing to 40000// ...
Sending and Receiving Data ...
Disconnecting ...
LoopBack Test OK
### Hit any key to continue. ###
Press ENTER to Confirm or ESC to Cancel:
Figure 5-3 Menu 2 ISDN Setup for DSS1
Figure 5-4 Loopback Test
.
5-4 ISDN Setup
Prestige 202H User’s Guide
5.3 NetCAPI
5.3.1 Overview
Your Prestige supports NetCAPI. NetCAPI is ZyXEL's implementation of CAPI (Common ISDN
Application Program Interface) capabilities over a network. It runs over DCP (Device Control Protocol)
developed by RVS-COM.
NetCAPI can be used for applications such as Eurofile transfer, file transfer, G3/G4 Fax, Autoanswer host
mode, telephony, etc. on Windows 95/98/NT platforms.
CAPI
CAPI is an interface standard that allows applications to access ISDN services. Several applications can
share one or more ISDN lines. When an application wants to communicate with an ISDN terminal it sends a
series of standard commands to the terminal. The CAPI standard defines the commands and allows you to
use a well-defined mechanism for communications using ISDN lines.
CAPI also simplifies the development of ISDN applications through many default values that do not need to
be programmed. It provides a unified interface for applications to access the different ISDN services such as
data, voice, fax, telephony, etc.
ISDN-DCP
ISDN-DCP allows a computer on the LAN to use services such as transmitting and receiving faxes as well as
placing and receiving phone calls.
Using ISDN-DCP, the Prestige acts as a DCP server. By default, the Prestige listens for DCP messages on
TCP port number 2578 (the Internet-assigned number for RVS-COM DCP). When the Prestige receives a
DCP message from a DCP client i.e., a computer, the Prestige processes the message and acts on it. Your
Prestige supports all the DCP messages specified in the ISDN-DCP specification.
5.3.2 Configuring the Prestige as a NetCAPI Server
This section describes how to configure your Prestige to be a NetCAPI server.
By default, NetCAPI is enabled on your Prestige. When NetCAPI is enabled, the Prestige listens for
incoming DCP messages from the computers. By default, the Prestige listens for DCP messages on TCP port
2578.
ISDN Setup 5-5
Prestige 202H User’s Guide
N
The following figure illustrates the configuration used in this example.
192.168.1.33
RVS-COM lite
RVS-CE
Prestige
192.168.1.1
ISDN
etCAPI
Figure 5-5 Configuration Example
Before entering any configurations, you must install the CAPI driver (RVS-CE) and communication program
such as RVS-COM Lite on your computer.
5.3.3 RVS-COM
RVS-COM includes an ISDN CAPI driver with its communication program. RVS-CE (Core Engine) is an
ISDN-CAPI 2.0 driver for Windows 95/98/NT that can be used by different ISDN communication programs
(such as AVM Fritz or RVS-COM) to access the ISDN on the Prestige.
NetCAPI can carry out CAPI applications only if the CAPI driver is installed on your computer. In addition
to the CAPI driver, you will need a communication software program such as RVS-COM Lite, Fritz etc., for
users to access CAPI.
The ISDN router is a shared device and can be used by several different client computers at the same time:
e.g. one computer sending a fax, another computer doing a file transfer. RVS-COM has to be installed on
each client computer in order to share the ISDN lines.
Example of Installing CAPI driver and Communication Software
Please uninstall previous versions of "RVS-CAPI" and "RVS-COM lite" before you
install the new versions. Click the Windows "START, Settings, Control Panel,
Add/Remove Programs" to uninstall RVS-CAPI and RVS-COM.
To install the CAPI driver and the communication software, enter one of the license keys of your RVS-COM
Lite CD-ROM and follow the instructions on the configuration wizard. When you install RVS-Lite, RVSCOM AUTOMATICALLY installs CAPI driver before installing RVS-Lite.
If you did not install RVS-Lite and want to use other programs such as AVM Fritz to
access the ISDN router, you must first install the CAPI driver - RVS-CE using the
5-6 ISDN Setup
Prestige 202H User’s Guide
If you did not install RVS-Lite and want to use other programs such as AVM Fritz to
access the ISDN router, you must first install the CAPI driver - RVS-CE using the
English version installation wizard (in \DISKs\CEPE\DISK1\) and start the
SETUP.EXE.
5.3.4 Configuring NetCAPI
Press the [SACEBAR] to select Yes in Edit NetCAPI Setup field in Menu 2 and press [ENTER] to go to
Menu 2.2 - NetCAPI Setup.
Menu 2.2 - NetCAPI Setup
Active= Yes
Max Number of Registered Users= 1
Incoming Data Call Number Matching= NetCAPI
Access List:
Start IP End IP Operation
192.168.1.132 192.168.1.145 Both
192.168.14.1 192.168.14.32 Imcoming
192.168.20.7 192.168.20.12 Outgoing
192.168.30.1 192.168.30.3 Both
10.0.0.0 10.255.255.255 Incoming
_______________ _____________ _______
_______________ _____________ _______
_______________ _____________ _______
default Both
Press ENTER to Confirm or ESC to Cancel:
Figure 5-6 Menu 2.2 NetCAPI Setup
The following table describes the fields in this screen.
Table 5-2 Configuring NetCAPI
FIELD DESCRIPTION
Active This field allows you to enable or disable NetCAPI. Press the [SPACEBAR] to select
Yes or No
ISDN Setup 5-7
Prestige 202H User’s Guide
Table 5-2 Configuring NetCAPI
FIELD DESCRIPTION
Max Number of
Registered
Users
Incoming Data
Call Number
Matching
Start IP
End IP Refers to the last IP address in a NetCAPI client group.
Operation
When you want to use NetCAPI to place outgoing calls or to listen to incoming calls,
you must start RVSCOM on your computer, and RVSCOM will register itself to the
Prestige. This option is the maximum number of clients that the Prestige supports at
the same time. The default value is 4.
This field determines how incoming calls are routed. Select NetCAPI if you want to
direct all incoming data calls to NetCAPI. Select Subscriber Number (MSN) if you
want to direct all incoming call to the Prestige only when the incoming phone number
matches the ISDN DATA number. If the incoming phone number does not match the
ISDN DATA number, then the call will be routed to NetCAPI. Select Called Party
Subaddress if you want to direct all incoming calls to the Prestige only when the
incoming call matches the subaddress of ISDN DATA. If the incoming call does not
match the subaddress of ISDN DATA, then the call will be routed to NetCAPI.
Refers to the first IP address of a group of NetCAPI clients. Each group contains
contiguous IP addresses
Select Incoming if you wish to grant incoming calls permission. Select Outgoing if
you wish to grant outgoing calls permission. Select Both if you wish to grant both
incoming calls and outgoing calls permissions. Select None if you wish to deny all
calls.
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save
your configuration, or press [ESC] at any time to cancel.
5-8 ISDN Setup
Prestige 202H User’s Guide
Chapter 6
Ethernet Setup
This chapter shows you how to configure the LAN settings for your Prestige.
6.1 Ethernet Setup
This section describes how to configure the Ethernet using Menu 3 – Ethernet Setup. From the Main Menu,
enter 3 to open Menu 3 - Ethernet Setup.
Menu 3 - Ethernet Setup
1. General Setup
2. TCP/IP and DHCP Setup
Enter Menu Selection Number:
Figure 6-1 Menu 3 Ethernet Setup
6.1.1 General Ethernet Setup
This menu allows you to specify filter set(s) that you wish to apply to the Ethernet traffic. You seldom need
to filter Ethernet traffic; however, the filter sets may be useful to block certain packets, reduce traffic and
prevent security breaches.
Menu 3.1 - General Ethernet Setup
Input Filter Sets:
protocol filters=
device filters=
Output Filter Sets:
protocol filters=
Press ENTER to Confirm or ESC to Cancel:
device filters=
Figure 6-2 Menu 3.1 General Ethernet Setup
If you need to define filters, please read the Filter Configuration chapter first, then return to this menu to
define the filter sets.
Ethernet Setup 6-1
Prestige 202H User’s Guide
6.2 Ethernet TCP/IP and DHCP Server
The Prestige has built-in DHCP server capability that assigns IP addresses and DNS servers to systems that
support DHCP client capability. For remote node TCP/IP configuration, refer to the chapter on Remote Node
Configuration.
6.2.1 Factory Ethernet Defaults
The Ethernet parameters of the router are preset in the factory with the following values:
1. IP address of 192.168.1.1 with subnet mask of 255.255.255.0 (24 bits).
2. DHCP server enabled with 32 client IP addresses starting from 192.168.1.33.
These parameters should work for the majority of installations. If the parameters are satisfactory, you can
skip to section 6.3 to enter the DNS server address(es) if your ISP gives you explicit DNS server address(es).
6.2.2 IP Address and Subnet Mask
Similar to the way houses on a street share a common street name, so too do computers on a LAN share one
common network number.
Where you obtain your network number depends on your particular situation. If the ISP or your network
administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP
addresses and the subnet mask.
If the ISP did not explicitly give you an IP network number, then most likely you have a single user account
and the ISP will assign you a dynamic IP address when the connection is established. If this is the case, it is
recommended that you select a network number from 192.168.0.0 to 192.168.255.0 and you must enable the
Network Address Translation (NAT) feature of the Prestige. The Internet Assigned Number Authority
(IANA) reserved this block of addresses specifically for private use; please do not use any other number
unless you are told otherwise. Let's say you select 192.168.1.0 as the network number; which covers 254
individual addresses, from 192.168.1.1 to 192.168.1.254 (zero and 255 are reserved). In other words, the first
three numbers specify the network number while the last number identifies an individual computer on that
network.
Once you have decided on the network number, pick an IP address that is easy to remember, for instance,
192.168.1.1, for your Prestige, but make sure that no other device on your network is using that IP address.
The subnet mask specifies the network number portion of an IP address. Your Prestige will compute the
subnet mask automatically based on the IP address that you entered. You don't need to change the subnet
mask computed by the Prestige unless you are instructed to do otherwise.
6-2 Ethernet Setup
Prestige 202H User’s Guide
6.2.3 Private IP Addresses
Every computer on the Internet must have a unique IP address. If your networks are isolated from the
Internet, for instance, only between your two branch offices, you can assign any IP addresses to the hosts
without problems. However, the Internet Assigned Numbers Authority (IANA) has reserved the following
three blocks of IP addresses specifically for private networks.
Table 6-1 Private IP Address Ranges
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
You can obtain your IP address from the IANA, from an ISP or have it assigned by a private network. If you
belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the
Internet addresses for your local networks. On the other hand, if you are part of a much larger organization,
you should consult your network administrator for the appropriate IP addresses.
Regardless of your particular situation, do not create an arbitrary IP address;
always follow the guidelines above. For more information on address assignment,
please refer to RFC 1597, Address Allocation for Private Internets and RFC 1466,
Guidelines for Management of IP Address Space.
6.2.4 RIP Setup
RIP (Routing Information Protocol) allows a router to exchange routing information with other routers. The
RIP Direction field controls the sending and receiving of RIP packets. When set to Both, the router will
broadcast its routing table periodically and incorporate the RIP information that it receives; when set to
None, it will not send any RIP packets and will ignore any RIP packets received.
The Version field controls the format and the broadcasting method of the RIP packets that the router sends
(it recognizes both formats when receiving). RIP-1 is universally supported; but RIP-2 carries more
information. RIP-1 is probably adequate for most networks, unless you have an unusual network topology.
Both RIP-2B and RIP-2M sends the routing data in RIP-2 format; the difference being that RIP-2B uses
subnet broadcasting while RIP-2M uses multicasting. Multicasting can reduce the load on non-router
machines since they generally do not listen to the RIP multicast address and so will not receive the RIP
packets. However, if one router uses multicasting, then all routers on your network must use multicasting
also.
By default, RIP direction is set to Both and the Version set to RIP-1.
Ethernet Setup 6-3
Prestige 202H User’s Guide
6.2.5 DHCP Configuration
DHCP (Dynamic Host Configuration Protocol) allows the individual clients (computers) to obtain the
TCP/IP configuration at start-up from a centralized DHCP server. The router has built-in DHCP server
capability, enabled by default, which means it can assign IP addresses, an IP default gateway and DNS
servers to Windows® 95, Windows® NT and other systems that support the DHCP client. The router can
also act as a surrogate DHCP server where it relays IP address assignment from the actual DHCP server to
the clients.
IP Pool Setup
The router is pre-configured with a pool of 32 IP addresses starting from 192.168.1.33 to 192.168.1.64 for
the client machines. This leaves 31 IP addresses, 192.168.1.2 to 192.168.1.32 (excluding the router itself
which has a default IP of 192.168.1.1) for other server machines, e.g., server for mail, FTP, telnet, web, etc.,
that you may have.
DNS Server Address
DNS (Domain Name System) maps a domain name to its corresponding IP address and vice versa, e.g., the
IP address of www.zyxel.com is 204.217.0.2. The DNS server is extremely important because without it, you
must know the IP address of a computer before you can access it.
There are two ways that an ISP disseminates the DNS server addresses. The first is for an ISP to tell a
customer the DNS server addresses, usually in the form of an information sheet, when s/he signs up. If your
ISP does give you the DNS server addresses, enter them in the DNS Server fields in DHCP Setup. The
second is to leave this field blank, i.e., 0.0.0.0 – in this case the router acts as a DNS proxy.
Some ISP’s choose to pass the DNS servers using the DNS server extensions of PPP IPCP (IP Control
Protocol) after the connection is up. If your ISP did not give you explicit DNS servers, chances are the DNS
servers are conveyed through IPCP negotiation. The router supports the IPCP DNS server extensions through
the DNS proxy feature.
If the Primary and Secondary DNS Server fields in DHCP Setup are not specified, i.e., left as 0.0.0.0, the
router tells the DHCP clients that it by itself is the DNS server. When a computer sends a DNS query to the
router, the router forwards the query to the real DNS server learned through IPCP and relays the response
back to the computer.
Please note that DNS proxy works only when the ISP uses the IPCP DNS server extensions. It does not mean
you can leave the DNS servers out of the DHCP setup under all circumstances. If your ISP gives you explicit
DNS servers, make sure that you enter their IP addresses in the DHCP Setup menu. This way, the router can
pass the DNS servers to the computers and the computers can query the DNS server directly without the
router’s intervention.
6-4 Ethernet Setup
Prestige 202H User’s Guide
6.3 Configuring TCP/IP Ethernet and DHCP
You will now use Menu 3.2-TCP/IP and DHCP Ethernet Setup to configure your router for TCP/IP.
To edit menu 3.2, select the menu option Ethernet Setup in the Main Menu. When menu 3 appears, select
the submenu option TCP/IP and DHCP Setup and press [ENTER]
TCP/IP and DHCP Ethernet Setup
, as shown.
. The screen now displays Menu 3.2 –
Menu 3.2 - TCP/IP and DHCP Ethernet Setup
DHCP Setup
DHCP= Server
Client IP Pool Starting Address= 192.168.1.33
Size of Client IP Pool= 6
Primary DNS Server= 0.0.0.0
Secondary DNS Server= 0.0.0.0
Remote DHCP Server= N/A
TCP/IP Setup:
IP Address= 192.68.1.1
IP Subnet Mask= 255.255.255.0
RIP Direction= Both
Version= RIP-1
Edit IP Alias= No
Press Space Bar to Toggle.
Press ENTER to Confirm or ESC to Cancel:
First address in
the IP Pool.
Size of the IP
Pool.
IP addresses of
the DNS
servers.
Figure 6-3 Menu 3.2 TCP/IP and DHCP Ethernet Setup
Table 6-2 Menu 3.2 TCP/IP and DHCP Ethernet Setup
FIELD DESCRIPTION EXAMPLE
DHCP Setup
DHCP
Client IP Pool
Starting
Address
Size of Client IP
Pool
This field enables/disables the DHCP server. If set to Server, your router
will act as a DHCP server. If set to None, the DHCP server will be
disabled. If set to Relay, the router acts as a surrogate DHCP server and
relays requests and responses between the remote server and the clients.
When set to Server, the following four items need to be set:
This field specifies the first of the contiguous addresses in the IP address
pool.
This field specifies the size, or count of the IP address pool. 6
Server
(default)
192.168.1.33
Ethernet Setup 6-5
Prestige 202H User’s Guide
Table 6-2 Menu 3.2 TCP/IP and DHCP Ethernet Setup
FIELD DESCRIPTION EXAMPLE
Primary DNS
Server
Secondary
DNS Server
Enter the IP addresses of the DNS servers. The DNS servers are passed
to the DHCP clients along with the IP address and the subnet mask.
Remote
DHCP Server
If Relay is selected in the DHCP field above, then enter the IP address of
the actual, remote DHCP server here.
Use the instructions in the following table to configure TCP/IP parameters for the LAN port.
Table 6-3 TCP/IP Ethernet Setup Menu Fields
FIELD DESCRIPTION EXAMPLE
TCP/IP Setup
IP Address Enter the IP address of your router in dotted decimal notation.
IP Subnet Mask
RIP Direction
Version
Edit IP Alias
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save
your configuration, or press [ESC] at any time to cancel.
Your router will automatically calculate the subnet mask based on the IP
address that you assign. Unless you are implementing subnetting, use
the subnet mask computed by the router.
Press [SPACE BAR] to select the RIP direction from Both/None/In Only/
Out Only.
Press [SPACE BAR] to select the RIP version from RIP-1/RIP-2B/ RIP-
2M.
The Prestige supports three logical LAN interfaces via its single physical
Ethernet interface with the Prestige itself as the gateway for each LAN
network. Press [SPACE BAR] to select Yes and then press [ENTER] to
display menu 3.2.1
192.168.1.1
(default)
255.255.255.0
Both (default)
RIP-1 (default)
Yes
6.4 IP Alias
IP Alias allows you to partition a physical network into different logical networks over the same Ethernet
interface. The router supports three logical LAN interfaces via its single physical Ethernet interface with the
router itself as the gateway for each LAN network.
6-6 Ethernet Setup
Prestige 202H User’s Guide
Figure 6-4 Physical Network Î Figure 6-5 Partitioned Logical Networks
Use menu 3.2.1 to configure IP Alias on your router.
6.5 IP Alias Setup
You must use menu 3.2 to configure the first network. Move the cursor to the Edit IP Alias field, press
[SPACE BAR] to choose Yes and press [ENTER] to configure the second and third network.
Press [ENTER] to open Menu 3.2.1 - IP Alias Setup, as shown next.
IP Alias 1= No
IP Address= N/A
IP Subnet Mask= N/A
RIP Direction= N/A
Version= N/A
Incoming protocol filters= N/A
Outgoing protocol filters= N/A
IP Alias 2= No
IP Address= N/A
IP Subnet Mask= N/A
RIP Direction= N/A
Version= N/A
Incoming protocol filters= N/A
Outgoing protocol filters= N/A
Press ENTER to Confirm or ESC to Cancel:
Press Space Bar to Toggle.
Menu 3.2.1 - IP Alias Setup
Figure 6-6 Menu 3.2.1 IP Alias Setup
Ethernet Setup 6-7
Prestige 202H User’s Guide
Table 6-4 IP Menu 3.2.1 – IP Alias Setup
FIELD DESCRIPTION EXAMPLE
IP Alias 1 or 2
IP Address Enter the IP address of your router in dotted decimal notation.
IP Subnet
Mask
RIP Direction Press [SPACE BAR] and then [ENTER] to select the RIP direction from
Version
Incoming
Protocol Filters
Outgoing
Protocol Filters
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save
your configuration, or press [ESC] at any time to cancel.
Choose Yes to configure the LAN network for the router. Yes
192.168.2.1
Your router will automatically calculate the subnet mask based on the IP
address that you assign. Unless you are implementing subnetting, use the
subnet mask computed by the router.
Both/In Only/Out Only.
Press [SPACE BAR] and then [ENTER] to select the RIP version from RIP-
1/RIP-2B/RIP-2M.
Enter the filter set(s) you wish to apply to the incoming traffic between this
node and the router.
Enter the filter set(s) you wish to apply to the outgoing traffic between this
node and the router.
255.255.255.0
Both
RIP-1
6-8 Ethernet Setup
Prestige 202H User’s Guide
Chapter 7
Internet Access Setup
This chapter shows you how to configure your router for Internet access
7.1 Internet Access Overview
Menu 4 allows you to enter the Internet Access information in one screen. Menu 4 is actually a simplified
setup for one of the remote nodes that you can access in Menu 11. Before you configure your router for
Internet access, you need to collect your Internet account information from your ISP. Use the table below to
record your Internet Account Information.
Table 7-1 Internet Account Information
INTERNET ACCOUNT INFORMATION
Your device’s WAN IP Address (if given): __________________
DNS Server IP Address (if given): Primary __________________, Secondary _________________
Your ISDN Phone Number: ________________________________
ISP Name: __________________________________________
ISP Telephone Number: ___________________________________
Login Name: ___________________________________
Password: ___________________________________
DNS Server Address(es): ___________________________________
From the Main Menu, enter option Internet Access Setup to go to Menu 4 – Internet Access Setup, as
shown in the following figure.
Internet Access Setup 7-1
Prestige 202H User’s Guide
7.2 Internet Access Setup
The table following this menu contains instructions on how to configure your router for Internet access.
ISP's Name= ChangeMe
Pri Phone #= 1234
Sec Phone #=
My Login= ChangeMe
My Password= ********
My WAN IP Addr= 0.0.0.0
NAT= SUA Only
Address Mapping Set= N/A
Telco Options:
Transfer Type= 64K
Multilink= Off
Idle Timeout= 100
Press ENTER to Confirm or ESC to Cancel:
Menu 4 - Internet Access Setup
Enter the phone
number of your ISP.
Enter login name
and password.
Figure 7-1 Menu 4 Internet Access Setup
Table 7-2 Menu 4 Internet Access Setup
FIELD DESCRIPTION
ISP’s Name Enter the name of your Internet Service Provider, e.g., myISP. This information is for
identification purposes only.
Pri Phone and Sec
Phone #
My Login Enter the login name given to you by your ISP.
My Password Enter the password associated with the login name above.
My WAN IP Addr Some implementations, especially the UNIX derivatives, require the WAN link to
Both the Primary and the Secondary Phone number refer to the number that the
router dials to connect to the ISP.
have a separate IP network number from the LAN and each end must have a unique
address within the WAN network number. If this is the case, enter the IP address
assigned to the WAN port of your router.
NOTE: This is the address assigned to your local router WAN, not the remote router.
If the remote router is a router, then this entry determines the local router Rem IP
Addr in Menu 11.1.
7-2 Internet Access Setup
Prestige 202H User’s Guide
Table 7-2 Menu 4 Internet Access Setup
FIELD DESCRIPTION
NAT
Address Mapping
Telco options:
Transfer Type
Multilink The router uses the PPP Multilink Protocol (PPP/MP) to bundle multiple links in a
Idle Timeout This value specifies the number of idle seconds that elapses before the remote node
Choose from None, Full Feature or SUA Only. When you select Full Feature you
must configure at least one address mapping set. See the chapter on NAT for a full
discussion of this new feature.
A NAT Server Set is a list of LAN side servers mapped to external ports (similar to
Set
the old SUA menu). You may enter any server set number up to 10, but the first one
is used for SUA only.
This field specifies the type of connection between the router and this remote node.
Select 64K, or Leased.
single connection to boost the effective throughput between two nodes. This option
is only available if the transfer type is 64K. Options for this field are: Off, BOD and
Always.
is automatically disconnected. Idle seconds is the period of time when no data is
transmitted from your router. Administrative packets such as RIP are not counted as
data.
Idle Timeout only applies when the router initiates the call.
At this point, the SMT will ask if you wish to test the Internet connection. If you select Yes, your router will
call the ISP to test the Internet connection. If the test fails, note the error message that you receive on the
screen and take the appropriate troubleshooting steps.
Internet Access Setup 7-3
Advanced Applications
Part II:
Advanced Applications
This part describes the advanced applications of your Prestige, such as Remote Node
Configuration, Dial-in Configuration and NAT.
II
Prestige 202H User’s Guide
Chapter 8
Remote Node Configuration
This chapter covers the configuration of remote nodes.
8.1 Remote Node Overview
A remote node is required for placing calls to a remote gateway. A remote node represents both the remote
gateway and the network behind it across a WAN connection. Note that when you use Menu 4 to set up
Internet access, you are actually configuring one of the remote nodes. Once a remote node is configured
correctly, traffic to the remote network will trigger your Prestige to make a call automatically, i.e., Dial on
Demand.
8.1.1 Minimum Toll Period
Phone calls are normally charged per basic time unit with the time being rounded up to the nearest unit when
bills are calculated. For example, the Prestige may make a call but drop the call after 10 seconds (maybe
there was no reply) but the call would still be charged at a minimum time unit, let us say 3 minutes. With
minimum toll period, the Prestige will try to use all the toll period. In the above case, the Prestige tries to
extend the idle timeout to the nearest 3 minutes (basic charging unit of time). If there is traffic during the
extended 2 minutes and 50 seconds, the idle timeout will be cleared and a second call is eliminated. Since the
session time calculation by the Prestige is not always perfectly synchronized with your telephone company,
the Prestige drops the channel 5 seconds before the toll period you set, to compensate for any lag. As such,
you must not set the minimum toll period to less than 5 seconds.
8.2 Remote Node Setup
To configure a remote node, follow these steps:
Step 1. From the Main Menu, select menu option 11. Remote Node Setup
Remote Node Configuration 8-1
Prestige 202H User’s Guide
Step 2. When Menu 11 appears as shown in the following figure, enter the number of the remote node
that you wish to configure.
Menu 11 - Remote Node Setup
1. ChangeMe (ISP, NAT)
2. ________
3. ________
4. ________
5. ________
6. ________
7. ________
8. ________
Enter Node # to Edit:
Figure 8-1 Menu 11 Remote Node Setup
When Menu 11.1. – Remote Node Profile appears, fill in the fields as described in the following table to
define this remote profile. The following table shows you how to configure the Remote Node Menu.
Rem Node Name= nodename
Active= Yes
Call Direction= Outgoing
Incoming:
Rem Login= N/A
Rem Password= N/A
Rem CLID= N/A
Call Back= N/A
Outgoing:
My Login= ChangeMe
My Password= ********
Authen= CHAP/PAP
Pri Phone #= 1234567
Sec Phone #=
Menu 11.1 - Remote Node Profile
Press ENTER to Confirm or ESC to Cancel:
Edit PPP Options= No
Rem IP Addr= 0.0.0.0
Edit IP= No
Telco Option:
Transfer Type= 64K
Allocated Budget(min)= 0
Period(hr)=
Schedules=
Carrier Access Code=
Nailed-Up Connection= No
Toll Period(sec)= 0
Session Options:
Edit Filter Sets= No
Idle Timeout(sec)= 100
Edit PPP Options in
menu 11.2.
Edit IP Options in menu
11.3.
Edit Filter Sets in menu
11.5.
Figure 8-2 Menu 11.1 Remote Node Profile
8-2 Remote Node Configuration
Prestige 202H User’s Guide
Table 8-1 Menu 11.1 Remote Node Profile
FIELD DESCRIPTION EXAMPLE
Rem Node
Name
This is a required field [?]. Enter a descriptive name for the remote node,
for example, Corp. This field can be up to eight characters. This name
must be unique from any other remote node name or remote dial-in user
name.
Active
Call Direction
Incoming:
Rem Login
Rem
Password
Rem CLID
Press [SPACE BAR] and then [ENTER] to select Yes (activate remote
node) or No (deactivate remote node).
If this parameter is set to Both, your Prestige can both place and receive
calls to/from this remote node.
If set to Incoming, your Prestige will not place a call to this remote node.
If set to Outgoing, your Prestige will drop any incoming calls from this
remote node.
Several other fields in this menu depend on this parameter. For example,
in order to enable Callback, the Call Direction must be set to Both.
Enter the login name that this remote node will use when it calls your
Prestige.
The login name in this field combined with the Rem Password will be
used to authenticate this node.
Enter the password used when this remote node calls your Prestige.
This field is applicable only if Call Direction is either set to Both or
Incoming. Otherwise, a N/A appears in the field.
This is the Calling Line ID (the telephone number of the calling party) of
this remote node.
If you enable the CLID Authen field in Menu 13 – Default Dial-In Setup,
your Prestige will check the CLID in the incoming call against the CLIDs
in the database. If no match is found and CLID Authen is set to Required,
the call will be dropped.
Yes
Outgoing
Remote Node Configuration 8-3
Prestige 202H User’s Guide
Table 8-1 Menu 11.1 Remote Node Profile
FIELD DESCRIPTION EXAMPLE
Call Back
Outgoing:
My Login
My Password
Authen This field sets the authentication protocol used for outgoing calls. Options
Pri(mary)
Sec(ondary)
Phone #
Edit PPP
Options
Rem IP Addr
Edit IP
This field is applicable only if Call Direction is set to Both. Otherwise, a
N/A appears in the field.
This field determines whether or not your Prestige will call back after
receiving a call from this remote node.
If this option is enabled, your Prestige will disconnect the initial call from
this node and call it back at the Outgoing Primary Phone Number (see
section 10.4 Callback Overview).
This is a required field [?] if Call Direction is either Both or Outgoing.
Enter the login name for your Prestige when it calls this remote node.
This is a required field [?] if Call Direction is either Both or Outgoing.
Enter the password for your Prestige when it calls this remote node.
for this field are:
CHAP/PAP – Your Prestige will accept either CHAP or PAP when
requested by this remote node.
CHAP – accept CHAP only.
PAP – accept PAP only.
Your Prestige always calls this remote node using the Primary Phone
number first for a dial-up line.
If the Primary Phone number is busy or does not answer, your Prestige
will dial the Secondary Phone number if available.
Some areas require dialing the pound sign # before the phone number for
local calls. A # symbol may be included at the beginning of the phone
numbers as required.
To edit the PPP options for this remote node, move the cursor to this
field. Press [SPACE BAR] and then [ENTER] to select Yes and press
[ENTER]. This will bring you to Menu 11.2 – Remote Node PPP Options.
For more information on configuring PPP options, see section 8.6.
This is a required field [?] if Route is set to IP. Enter the IP address of the
remote gateway.
Press [SPACE BAR] to select Yes and press [ENTER] to go to Menu
11.3 – Remote Node Network Layer Options.
Yes
CHAP/PAP
No
No
8-4 Remote Node Configuration
Prestige 202H User’s Guide
Table 8-1 Menu 11.1 Remote Node Profile
FIELD DESCRIPTION EXAMPLE
Telco
Options:
Transfer
Type
Allocated
Budget (min)
Period (hr) This field sets the time interval to reset the above outgoing call budget
Schedules Apply up to 4 schedule sets, separated by commas to your remote node
Carrier
Access Code
Nailed-up
Connection
Toll Period This is the basic unit of time for charging purposes, e.g., 25 cents every 3
Session
Options:
Edit Filter
Idle Timeout
(sec)
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm…” to save
your configuration, or press [ESC] at any time to cancel.
This field specifies the type of connection between the Prestige and this
remote node. When set to Leased, the Allocated Budget and Period do
not apply.
This field sets a ceiling for outgoing call time for this remote node. The
default for this field is 0 for no budget control.
control.
here. Please see ahead for a full discussion on schedules.
In some European countries, you need to enter the access code number
of your preferred telecommunications service provider. Your telephone
company should supply you with this number.
This field specifies if you want to make the connection to this remote
node a nailed-up connection. See the following section for more details.
minutes – 3 minutes is the Toll Period.
Press [SPACE BAR] and then [ENTER] to select Yes to open Menu 11.5
to edit the filter sets. See the Remote Node Filter section for more details.
Sets
This value specifies the number of idle seconds that elapses before the
remote node is automatically disconnected. Idle seconds is the period of
time when no data is transmitted from your Prestige. Administrative
packets such as RIP are not counted as data. The default is 300 seconds
(5 minutes). Idle timeout only applies when the Prestige initiates the call.
0 sec means the remote node will never be automatically disconnected.
64k
Default = 0
No
Default = No
Default =
300 secs
Remote Node Configuration 8-5
Prestige 202H User’s Guide
8.3 Outgoing Authentication Protocol
Generally speaking, you should employ the strongest authentication protocol possible, for obvious reasons.
However, some vendor’s implementation includes specific authentication protocol in the user profile. It will
disconnect if the negotiated protocol is different from that in the user profile, even when the negotiated
protocol is stronger than specified. If you encounter the case where the peer disconnects right after a
successful authentication, please make sure that you specify the correct authentication protocol when
connecting to such an implementation.
8.4 PPP Multilink
The Prestige uses the PPP Multilink Protocol (PPP/MP) to bundle multiple links in a single connection to
boost the effective throughput between two nodes.
Due to the fragmentation/reconstruction overhead associated with MP, you may not get a linear increase in
throughput when a link is added.
The number of links in an MP bundle can be statically configured, or dynamically determined at runtime, as
explained in the following section.
8.5 Bandwidth on Demand
The Bandwidth on Demand (BOD) feature adds or subtracts links dynamically according to traffic demand.
After the initial call, the Prestige uses BAP (Bandwidth Allocation Protocol) to ask the peer for additional
telephone number if BACP (Bandwidth Allocation Control Protocol) is negotiated. Otherwise, the Prestige
uses the statically configured (primary and secondary) telephone numbers of the remote node.
The configuration of bandwidth on demand focuses on the Base Transmission Rate (BTR) and the Maximum
Transmission Rate (MTR). The relationship between BTR and MTR are shown in the following table:
8-6 Remote Node Configuration
Table 8-2 BTR vs MTR for BOD
Prestige 202H User’s Guide
BTR AND MTR SETTING No. of Channel(s)
Used
BTR = 64, MTR = 64 1 1 Off
BTR = 64, MTR = 128 1
BTR = 128, MTR = 128 2 2 Off
Max No. of
Channel(s) Used
2
BANDWIDTH ON
DEMAND
On
When bandwidth on demand is enabled, a second channel will be brought up if traffic on the initial channel is
higher than the high Target Utility number for longer than the specified Add Persist value. Similarly, the
second channel will be dropped if the traffic level falls below the low Target Utility number for longer than
the Subtract Persist value.
The Target Utility specifies the line utilization range at which you want the Prestige to add or subtract
bandwidth. The range is 30 to 64 Kbps (kilobits per second). The parameters are separated by a ‘–’. For
example, ‘30–60’ means the add threshold is 30 Kbps and subtract threshold is 60 Kbps. The Prestige
performs bandwidth on demand only if it initiates the call. Addition and subtraction are based on the value
set in the BOD Calculation field. If this field is set to Transmit or Receive, then traffic in either direction
will be included to determine if a link should be added or dropped. Transmit will only use outgoing traffic
to make this determination and Receive will only use incoming traffic to make this determination.
If, after making the call to bring up a second channel, the second channel does not succeed in joining the
Multilink Protocol bundle (because the remote device does not recognize the second call as coming from the
same device), the Prestige will hang up the second call and continue with the first channel alone.
8.6 Editing PPP Options
To edit the remote node PPP options, move the cursor to the Edit PPP Options field in Menu 11.1 –
Remote Node Profile, and use [SPACE BAR] to select Yes. Press [ENTER] to open Menu 11.2, as shown
next.
Remote Node Configuration 8-7
Prestige 202H User’s Guide
Press Space Bar to Toggle.
Menu 11.2 - Remote Node PPP Options
Encapsulation= Standard PPP
Compression= No
BACP= Enable
Multiple Link Options:
BOD Calculation= Transmit or Receive
Base Trans Rate(Kbps)= 64
Max Trans Rate(Kbps)= 64
Target Utility(Kbps)= 32-48
Add Persist(sec)= 5
Subtract Persist(sec)= 5
Press ENTER to Confirm or ESC to Cancel:
Figure 8-3 Menu 11.2 Remote Node PPP Options
Table 8-3 Menu 11.2 Remote Node PPP Options
FIELD DESCRIPTION EXAMPLE
Encapsulation
Compression Turn on/off Stac Compression. The default for this field is
BACP Your Prestige negotiates the Secondary Phone number for
Multiple Link Options:
BOD Calculation Select the direction of the traffic you wish to use in
Base Trans Rate (Kbps) Select the base data transfer rate for this remote node in
Max Trans Rate (Kbps) Enter the maximum data transfer rate allowed for this
Select CISCO PPP only when this remote node is a Cisco
machine; otherwise, select Standard PPP.
No.
a dial-up line from the peer when BACP (Bandwidth
Allocation Control Protocol) is enabled; otherwise it uses
the Secondary Phone number set in Menu 11.1.
determining when to add or subtract a link. Options for this
field are: Transmit or Receive, Transmit, Receive.
Kbps. There are two choices for this field: 64 where only
one channel is used or, 128 where two channels are used
as soon as a packet triggers a call.
remote node. This parameter is in kilobits per second.
Standard PPP
No
Enable (default)
Transmit or
Receive
(default)
64
64
8-8 Remote Node Configuration
Prestige 202H User’s Guide
Table 8-3 Menu 11.2 Remote Node PPP Options
Target Utility (Kbps) Enter the two thresholds separated by a [–] for subtracting
and adding the second port.
Add Persist This parameter specifies the number of seconds where
traffic is above the adding threshold before the Prestige
will bring up the second link.
Subtract Persist This parameter specifies the number of seconds where
traffic is below the subtraction threshold before your
Prestige drops the second link.
Once you have configured this menu, press [ENTER] at the message “Press ENTER to Confirm...” to
save your configuration, or press [ESC] at any time to cancel.
Default = 32–48
Default = 5 sec
Default = 5 sec
8.7 LAN-to-LAN Application
A typical LAN-to-LAN application is to use your Prestige to connect a branch office to the headquarters, as
depicted in the following diagram.
Figure 8-4 TCP/IP LAN-to-LAN Application
For the branch office, you need to configure a remote node in order to dial out to headquarters.
Remote Node Configuration 8-9
Prestige 202H User’s Guide
LAN 1 Setup
Rem Node Name= LAN_2
Active= Yes
Call Direction= Both
Incoming:
Rem Login= lan2
Rem Password= *******
Rem CLID=
Call Back= No
Outgoing:
My Login= lan1
My Password= ********
Authen= CHAP/PAP
Pri Phone #= 035783942
Sec Phone #=
LAN 2 Setup
Rem Node Name= LAN_1
Active= Yes
Call Direction= Both
Incoming:
Rem Login= lan1
Rem Password= *******
Rem CLID=
Call Back= No
Outgoing:
My Login= lan2
My Password= ********
Authen= CHAP/PAP
Pri Phone #= 027176324
Sec Phone #=
Menu 11.1 - Remote Node Profile
Edit PPP Options= No
Rem IP Addr= 192.168.2.1
Edit IP= No
Telco Option:
Transfer Type= 64K
Allocated Budget(min)= 0
Period(hr)= 0
Schedules=
Carrier Access Code=
Nailed-Up Connection= No
Toll Period(sec)= 0
Session Options:
Edit Filter Sets= No
Idle Timeout(sec)= 300
Press ENTER to Confirm or ESC to Cancel:
Figure 8-5 LAN 1 Setup
Menu 11.1 - Remote Node Profile
Edit PPP Options= No
Rem IP Addr= 192.168.1.1
Edit IP= No
Telco Option:
Transfer Type= 64K
Allocated Budget(min)= 0
Period(hr)= 0
Schedules=
Carrier Access Code=
Nailed-Up Connection= No
Toll Period(sec)= 0
Session Options:
Edit Filter Sets= No
Idle Timeout(sec)= 300
Press ENTER to Confirm or ESC to Cancel:
IP address of
the Prestige on
LAN 2.
IP address of
the Prestige on
Figure 8-6 LAN 2 Setup
8-10 Remote Node Configuration
Prestige 202H User’s Guide
Additionally, you may also need to define static routes if some services reside beyond the immediate remote
LAN.
8.8 Configuring Network Layer Options
Follow the steps below to edit Menu 11.3 – Remote Node Network Layer Options shown next.
Step 1. To configure the TCP/IP parameters of a remote node, first configure the three fields in Menu
11.1 – Remote Node Profile, as shown in the following table.
Table 8-4 TCP/IP-related Fields in Remote Node Profile
FIELD DESCRIPTION
Rem IP Addr
Edit IP
Enter the IP address of the remote gateway in Menu 11.1 – Remote Node Profile. You
must fill in either the remote Prestige WAN IP address or the remote Prestige LAN IP
address. This depends on the remote router’s WAN IP i.e., for the (remote) Prestige, the
My WAN IP Addr settings in Menu 4. For example, if the remote WAN IP is set to
172.16.0.2 (the remote router’s WAN IP), then you should enter 172.16.0.2 in the Rem
IP Add field. If the remote WAN IP is 0.0.0.0, then enter 192.168.1.1(the remote router’s
LAN IP) in the Rem IP Addr field).
Press [SPACE BAR] and then [ENTER] to select Yes and press [ENTER] to go to Menu
11.3 – Remote Node Network Layer Options menu.
Step 2. Move the cursor to the Edit IP field in Menu 11 – Remote Node Profile, and then press
[SPACE BAR] to toggle and set the value to Yes. Press [ENTER]
to open Menu 11.3 –
Network Layer Options.
Remote Node Configuration 8-11
Prestige 202H User’s Guide
Menu 11.3 - Remote Node Network Layer Options
Rem IP Addr:
Rem Subnet Mask= 0.0.0.0
My WAN Addr= 0.0.0.0
NAT= None
Address Mapping Set= Full Feature
Metric= 2
Private= No
RIP Direction= Both
Version= RIP-2B
Press ENTER to Confirm or ESC to Cancel:
Table 8-5 Remote Node Network Layer Options
Table 8-6 Remote Node Network Layer Options
FIELD DESCRIPTION EXAMPLE
Rem IP Addr This will show the IP address you entered for this remote node
in the previous menu.
Rem Subnet Mask Enter the subnet mask for the remote network.
My WAN Addr Some implementations, especially the UNIX derivatives,
require the ISDN link to have a separate IP network number
from the LAN and each end must have a unique address within
the WAN network number. If this is the case, enter the IP
address assigned to the ISDN port of your Prestige.
NOTE: This is the address assigned to your local Prestige
WAN, not the remote router. If the remote router is a Prestige,
then this entry determines the local Prestige Rem IP Addr in
Menu 11.1.
NAT
Address Mapping
Choose from None, Full Feature, or SUA Only. When you
select Full Feature you must configure at least one address
mapping set!
For more information about NAT and the choices listed refer to
Set
the NAT Chapter.
A NAT Server Set is a list of LAN side servers mapped to
external ports (similar to the old SUA Menu 15.1 before). You
may enter any server set number up to 10 but the first one is
used for SUA only.
Full Feature
8-12 Remote Node Configuration
Prestige 202H User’s Guide
Table 8-6 Remote Node Network Layer Options
FIELD DESCRIPTION EXAMPLE
Metric Metric represents the “cost” of transmission for routing
purposes. IP routing uses hop count as the measurement of
cost, with a minimum of 1 for directly connected networks.
Enter a number that approximates the cost for this link. The
number need not be precise, but it must be between 1 and 15.
In practice, 2 or 3 is usually a good number.
Private This parameter determines if the Prestige will include the route
to this remote node in its RIP broadcasts. If set to Yes, this
route is kept private and not included in RIP broadcast. If No,
the route to this remote node will be propagated to other hosts
through RIP broadcasts.
RIP Direction
Version Press [SPACE BAR] and then [ENTER] to select the RIP
Once you have completed filling in Menu 11.3 Remote Node Network Layer Options, press [ENTER] at
the message “Press ENTER to Confirm...” to save your configuration and return to menu 11, or press
[ESC] at any time to cancel.
Press [SPACE BAR] and then [ENTER] to select from Both/In
Only/Out Only/None.
RIP-2B (default)
version from RIP-1/RIP-2B/RIP-2M.
2
No
None (default)
The following diagram shows the sample IP addresses to help you understand the field of My Wan Addr in
Menu 11.3.
Remote Node Configuration 8-13
Prestige 202H User’s Guide
Figure 8-7 Sample IP Addresses for LAN-to-LAN Connection
8.9 Configuring Filter
Use Menu 11.5 – Remote Node Filter to specify the filter set(s) to apply to the incoming and outgoing
traffic between this remote node and the Prestige and also to preve.nt certain packets from triggering calls.
You can specify up to 4 filter sets separated by comma, e.g., 1, 5, 9, 12, in each filter field. The default is no
filters.
Note that spaces are accepted in this field. The Prestige comes with a prepackaged filter set, NetBIOS_WAN,
that blocks NetBIOS packets (call protocol filter = 1). You can include this in the call filter sets if you wish
to prevent NetBIOS packets from triggering calls to a remote node.
To specify remote node filters, move the cursor to the Edit Filter Sets field in Menu 11.1 – Remote Node
Profile, and use [SPACE BAR] to select Yes. Press [ENTER] to open Menu 11.5, as shown next.
8-14 Remote Node Configuration
Prestige 202H User’s Guide
Input Filter Sets:
protocol filters=
device filters=
Output Filter Sets:
protocol filters=
device filters=
Call Filter Sets:
protocol filters= 1
device filters=
Menu 11.5 - Remote Node Filter
Press ENTER to Confirm or ESC to Cancel:
Figure 8-8 Menu 11.5 Remote Node Filter
Remote Node Configuration 8-15
Prestige 202H User’s Guide
Chapter 9
Static Route Setup
This chapter shows how to set up static routes.
9.1 Static Route Overview
Static routes tell the Prestige routing information that it cannot learn automatically through other means. This
can arise in cases where RIP is disabled on the LAN or a remote network is beyond the one that is directly
connected to a remote node.
Each remote node specifies only the network to which the gateway is directly connected and the Prestige has
no knowledge of the networks beyond. For instance, the Prestige knows about network N2 in the following
diagram through remote node Router 1. However, the Prestige is unable to route a packet to network N3
because it does not know that there is a route through remote node Router 2. The static routes are for you to
tell the Prestige about the networks beyond the remote nodes.
Figure 9-1 Sample Static Routing Topology
Remote Node TCP/IP Configuration 9-1
Prestige 202H User’s Guide
To configure an IP static route, use Menu 12 – IP Static Route Setup, as displayed next.
Menu 12 - IP Static Route Setup
1. ________
2. ________
3. ________
4. ________
5. ________
6. ________
7. ________
8. ________
Enter selection number:
Figure 9-2 Menu 12 IP Static Route Setup
From Menu 12, select one of the available IP static routes to open Menu 12.1 – Edit IP Static Route, as
shown next.
Menu 12.1 - Edit IP Static Route
Route #: 1
Route Name= RouteName
Active= No
Destination IP Address= ?
IP Subnet Mask= ?
Gateway IP Address= ?
Metric= 2
Private= No
Press ENTER to Confirm or ESC to Cancel:
Figure 9-3 Menu 12.1 Edit IP Static Route
Table 9-1 Menu 12.1 Edit IP Static Route
FIELD DESCRIPTION
Route Name Enter a descriptive name for this route. This is for identification purposes only.
Active This field allows you to activate/deactivate this static route.
Destination IP
Address
This parameter specifies the IP network address of the final destination. Routing is
always based on network number. If you need to specify a route to a single host, use a
subnet mask of 255.255.255.255 in the subnet mask field to force the network number
to be identical to the host ID.
9-2 Remote Node TCP/IP Configuration
Prestige 202H User’s Guide
Table 9-1 Menu 12.1 Edit IP Static Route
FIELD DESCRIPTION
IP Subnet Mask Enter the subnet mask for this destination. Follow the discussion on IP subnet mask in
this chapter.
Gateway IP
Address
Metric Metric represents the “cost” of transmission for routing purposes. IP routing uses hop
Private This parameter determines if the Prestige will include the route to this remote node in its
Once you have completed filling in this menu, press [ENTER] at the message “Press ENTER to Confirm…”
to save your configuration, or press [ESC] to cancel.
Enter the IP address of the gateway. The gateway is an immediate neighbor of your
Prestige that will forward the packet to the destination. On the LAN, the gateway must
be a router on the same segment as your Prestige; over WAN, the gateway must be the
IP address of one of the remote nodes.
count as the measurement of cost, with a minimum of 1 for directly connected networks.
Enter a number that approximates the cost for this link. The number need not be
precise, but it must be between 1 and 15. In practice, 2 or 3 is usually a good number.
RIP broadcasts. If set to Yes, this route is kept private and is not included in RIP
broadcast. If No, the route to this remote node will be propagated to other hosts through
RIP broadcasts.
Remote Node TCP/IP Configuration 9-3
Prestige 202H User’s Guide
Chapter 10
Dial-in Setup
This chapter shows you how to configure your Prestige to receive calls from remote dial-in users
including telecommuters and remote nodes. This is done in SMT menus 13 and 14.
10.1 Dial-in Users Overview
There are several differences between dial-in users and remote nodes, as summarized in the next table.
Table 10-1 Remote Dial-in Users/Remote Nodes Comparison Chart
REMOTE DIAL-IN USERS REMOTE NODES
Your Prestige will only answer calls from remote
dial-in users; it will not make calls to them.
All remote dial-in users share one common set of
parameters, as defined in the Menu 14 Default
Dial-in User Setup.
Your Prestige can make calls to and receive calls
from the remote node.
Each remote node can have its own set of
parameters such as Bandwidth On Demand,
Protocol, Security, etc.
10.2 Default Dial-in User Setup
This section covers the default dial-in parameters. The parameters in menu 13 affect incoming calls from
both remote dial-in users and remote nodes until authentication is completed. Once authentication is
completed and if it matches a remote node, your Prestige will use the parameters from that particular remote
node.
10.2.1 CLID Callback Support For Dial-In Users
CLID (Calling Line IDentification) authentication affords you the security of limiting a user to only initiate
connections from a fixed location. The Prestige uses the caller ID sent by the switch to match against the
CLIDs in the database. Please note that for CLID authentication to work on the Prestige, your telephone
company must support caller ID. If the remote node requires mutual authentication, please fill in the O/G
Username and O/G Password fields. You must also fill in these fields when a dial-in user to whom we are
calling back requests authentication.
Dial-in Setup 10-1
Prestige 202H User’s Guide
10.3 Setting Up Default Dial-in
From the Main Menu, enter 13 to go to Menu 13 – Default Dial-in Setup. This section describes how to
configure the protocol-independent fields in this menu. For the protocol-dependent fields, refer to the
appropriate chapters.
Telco Options:
CLID Authen= Required
PPP Options:
Recv Authen= CHAP/PAP
Compression= Yes
Mutual Authen= No
O/G Username=
O/G Password= ********
Multiple Link Options:
Max Trans Rate(Kbps)= 128
Callback Budget Management:
Allocated Budget(min)=
Period(hr)=
Press Space Bar to Toggle.
FIELD DESCRIPTION EXAMPLE
Telco Options: CLID
Authen
PPP Options:
Menu 13 - Default Dial-in Setup
IP Address Supplied By:
Dial-in User= Yes
IP Pool= No
IP Start Addr= N/A
IP Count(1,2)= N/A
Session Options:
Edit Filter Sets= No
Press ENTER to Confirm or ESC to Cancel:
Figure 10-1 Menu 13 Default Dial-in Setup
Table 10-2 Menu 13 Default Dial-in Setup
This field sets the CLID authentication parameter for all incoming
calls. There are three options for this field:
None – No CLID is required.
Required – CLID must be available, or the Prestige will not
answer the call.
Preferred – If the CLID is available then CLID will be used;
otherwise, authentication is performed in PPP negotiation.
Required
10-2 Dial-in Setup
FIELD DESCRIPTION EXAMPLE
Recv Authen This field sets the authentication protocol for incoming calls. For
Compression
Mutual Authen Some vendors, e.g., Cisco, require mutual authentication, i.e.,
O/G Username Enter the login name to be used to respond to the peer’s
O/G Password Enter the outgoing password to be used to respond to the peer’s
Multiple Link Options:
Prestige 202H User’s Guide
Table 10-2 Menu 13 Default Dial-in Setup
CHAP/PAP
security reason, setting authentication to None is strongly
discouraged. Options for this field are:
CHAP/PAP – Your Prestige will try CHAP first, but PAP will be
used if CHAP is not available.
CHAP – Use CHAP only.
PAP – Use PAP only.
None – Your Prestige tries to acquire CHAP/PAP first, but no
authentication is required if CHAP/PAP is not available.
Turn on/off Stac Compression. The default for this field is No. Yes
the node that initiates the call will request a user name and
password from the far end that it is dialing to. If the remote node
requires mutual authentication, set this field to Yes.
authentication request.
authentication request.
No
Max Trans Rate(Kbps) Enter the maximum data transfer rate between your Prestige and
the remote dial-in user. 64 – At most, one B channel is used. 128
– A maximum of two channels can be used. When the Prestige
calls back to the remote dial-in user, the maximum data transfer
rate is always 64.
Callback Budget Management:
This field sets the budget callback time for all the remote dial-in
Allocated Budget
(min)
Period (hr) This field sets the time interval to reset the above callback
IP Address Supplied By:
users. The default for this field is 0 for no budget control.
budget control.
128
0 (default)
Dial-in Setup 10-3
Prestige 202H User’s Guide
Table 10-2 Menu 13 Default Dial-in Setup
FIELD DESCRIPTION EXAMPLE
Dial-in User
IP Pool This field tells your Prestige to provide the remote host with an IP
IP Start Addr
IP Count (1, 2)
Session Options:
Edit Filter Sets
Once you have completed filling in this menu, press [ENTER] at the message “Press ENTER to Confirm…”
to save your configuration, or press [ESC] to cancel.
If set to Yes, the Prestige will allow a remote host to specify its
own IP address.
If set to No, the remote host must use the IP address assigned
by your Prestige from the IP pool, configured below. This is to
prevent the remote host from using an invalid IP address and
potentially disrupting the whole network.
address from the pool. This field is required if Dial-In IP Address
Supplied By: Dial-in User is set to No. You can configure this
field even if Dial-in User is set to Yes, in which case your
Prestige will accept the IP address if the remote peer specifies
one; otherwise, an IP address is assigned from the pool.
This field is applicable only if you selected Yes in the Dial-In IP
Address Supplied By: IP Pool field.
The IP pool contains contiguous IP addresses and this field
specifies the first one in the pool. The IP start address is the start
of a series of consecutive IP addresses.
In this field, enter the number (1 or 2) of addresses in the IP
Pool. For example, if the starting address is 192.168.135.5 and
the count is 2, then the pool will have 192.68.135.5 and
192.68.135.6. The IP count is the number of consecutive IP
addresses allowed.
Press [SPACE BAR] and then [ENTER] to select Yes to edit the
filter sets. Keep in mind that the filter set(s) will only apply to
remote dial-in users but not the remote nodes.
NOTE: Spaces and [–] symbol are accepted in this field. For
more information on customizing your filter sets, see Chapter 9 –
Filter Configuration. The default is blank, i.e., no filters.
Yes (default)
No (default)
1
No (default)
10.3.1 Default Dial-in Filter
Use Menu 13.1 – Default Dial-in Filter to specify the filter set(s) to apply to the incoming and outgoing
traffic between all dial-in users and your Prestige. Note that the filter set(s) only applies to the dial-in users
10-4 Dial-in Setup
Prestige 202H User’s Guide
but not the remote nodes. You can specify up to 4 filter sets separated by comma, e.g., 1, 5, 9, 12, in each
filter field. The default is no filters.
Spaces are accepted in this field. For more information on defining the filters, see the filters chapter.
Menu 13.1 - Default Dial-in Filter
Input Filter Sets:
protocol filters=
device filters=
Output Filter Sets:
protocol filters=
device filters=
Enter here to CONFIRM or ESC to CANCEL:
Press ENTER to Confirm or ESC to Cancel:
Figure 10-2 Menu 13.1 Default Dial-in Filter
10.4 Callback Overview
Callback serves two purposes. One is security. When set to callback to a fixed number, an intruder will not
gain access to your network even if he/she stole the password from your user, because the Prestige always
calls back to the pre-configured number.
The other is ease of accounting. For instance, your company pays for the connection charges for
telecommuting employees and you use your Prestige as the dial-in server. When you turn on the callback
option for the dial-in users, all usage is charged to the company instead of the employees, and your
accounting department can avoid the hassles of accountability and reimbursement.
10.5 Dial-In User Setup
This section provides steps on how to set up a remote dial-in user.
Step 1. From the Main Menu, enter 14 to go to Menu 14 – Dial-in User Setup, as shown in the next
figure.
Dial-in Setup 10-5
Prestige 202H User’s Guide
Menu 14 - Dial-in User Setup
1. johndoe
2. ________
3. ________
4. ________
5. ________
6. ________
7. ________
8. ________
Enter Menu Selection Number:
Figure 10-3 Menu 14 Dial-in User Setup
Step 2. Select one of the users by number, this will bring you to Menu 14.1 – Edit Dial-in User, as
shown next.
Menu 14.1 - Edit Dial-in User
User Name= johndoe
Active= Yes
Password= ?
Callback= No
Phone # Supplied by Caller= N/A
Callback Phone #= N/A
Rem CLID=
Idle Timeout= 100
Press ENTER to Confirm or ESC to Cancel:
Figure 10-4 Menu 14.1 Edit Dial-in User
Table 10-3 Edit Dial-in User
FIELD DESCRIPTION EXAMPLE
User
Name
This is a required field. This will be used as the login name for authentication.
Choose a descriptive word for login, for example, johndoe.
Active You can disallow dial-in access to this user by setting this field to inactive.
johndoe
Yes
Inactive users are displayed with a [–] (minus sign) at the beginning of the
name in Menu 14.
Password Enter the password for the remote dial-in user.
10-6 Dial-in Setup
Prestige 202H User’s Guide
Table 10-3 Edit Dial-in User
FIELD DESCRIPTION EXAMPLE
Callback This field determines if your Prestige will allow call back to this user upon
dial-in. If this option is enabled, your Prestige will call back to the user if
requested. In such a case, your Prestige will disconnect the initial call from
this user and dial back to the specified callback number (see ahead).
No – The default is no callback.
Optional – The user can choose to disable callback.
Mandatory – The user cannot disable callback.
Phone #
Supplied
by Caller
Callback
Phone #
Rem CLID
Idle Timeout
Once you have completed filling in this menu, press [ENTER] at the message “Press ENTER to Confirm…”
to save your configuration, or press [ESC] to cancel.
This option allows the user to specify the call back telephone number on a
call-by-call basis. This is useful when your Prestige returns a call back to a
mobile user at different numbers, e.g., a sales rep. in a hotel.
If the setting is Yes, the user can specify and send to the Prestige the
callback number of his/her choice.
The default is No, i.e., your Prestige always calls back to the fixed callback
number.
If Phone # Supplied by Caller is No, then this is a required field. Otherwise,
a N/A will appear in the field. Enter the telephone number to which your
Prestige will call back.
If you enable CLID Authen field in Menu 13, then you need to specify the
telephone number from which this user calls. Your Prestige will check the
CLID in the incoming call against the CLIDs in the database. If they do not
match and CLID Authen is Required, your Prestige will not answer the call.
Enter the idle time (in seconds). This time-out determines how long the dial-in
user can be idle before your Prestige disconnects the call when the Prestige
is calling back.
Idle time is defined as the period of time where there is no data traffic
between the dial-in user and your Prestige. The default is 100 seconds.
No (default)
No (default)
100 seconds
10.6 Telecommuting Application With Windows Example
Telecommuting enables people to work at remote sites and yet still have access to the resources in the
business office. Typically, a telecommuter will use a client workstation with TCP/IP and dial-out capabilities,
e.g., a Windows® PC or a Macintosh. For telecommuters to call in to your Prestige, you need to configure a
Dial-in Setup 10-7
Prestige 202H User’s Guide
dial-in user profile for each telecommuter. Additionally, you need to configure the Default Dial-in User
Setup to set the operational parameters for all dial-in users.
An example of remote access server for telecommuters is shown next.
Figure 10-5 Example of Telecommuting
See the following screens on how to configure your Prestige if a remote user’s computer is running
Windows®.
10-8 Dial-in Setup
Loading...