ZyXEL P-662HW-61, P-662HW-63, P-662HW-67, Prestige 662HW User Manual

Prestige 662HW Series

802.11g Wireless ADSL2+ 4-Port Security Gateway

User’s Guide

Version 3.40

August 2004

Prestige 662HW Series User’s Guide

Copyright

Copyright © 2004 by ZyXEL Communications Corporation.

The contents of this publication may not be reproduced in any part or as a whole, transcribed,
stored in a retrieval system, translated into any language, or transmitted in any form or by any
means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or
otherwise, without the prior written permission of ZyXEL Communications Corporation.

Published by ZyXEL Communications Corporation. All rights reserved.

Disclaimer

ZyXEL does not assume any liability arising out of the application or use of any products, or
software described herein. Neither does it convey any license under its patent rights nor the
patent rights of others. ZyXEL further reserves the right to make changes in any products
described herein without notice. This publication is subject to change without notice.

Trademarks

ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL
Communications, Inc. Other trademarks mentioned in this publication are used for
identification purposes only and may be properties of their respective owners.

Copyright 2

Prestige 662HW Series User’s Guide

Federal Communications

Commission (FCC) Interference

Statement

This device complies with Part 15 of FCC rules. Operation is subject to the following two
conditions:

• This device may not cause harmful interference.

• This device must accept any interference received, including interference that may cause
undesired operations.

This equipment has been tested and found to comply with the limits for a Class B digital
device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable
protection against harmful interference in a commercial environment. This equipment
generates, uses, and can radiate radio frequency energy, and if not installed and used in
accordance with the instructions, may cause harmful interference to radio communications.

If this equipment does cause harmful interference to radio/television reception, which can be
determined by turning the equipment off and on, the user is encouraged to try to correct the
interference by one or more of the following measures:

• Reorient or relocate the receiving antenna.

• Increase the separation between the equipment and the receiver.

• Connect the equipment into an outlet on a circuit different from that to which the receiver
is connected.

• Consult the dealer or an experienced radio/TV technician for help.

Notice 1

Changes or modifications not expressly approved by the party responsible for compliance
could void the user's authority to operate the equipment.

This product has been designed for the WLAN 2.4 GHz network throughout the EC region and
Switzerland, with restrictions in France.

Certifications

1 Go to www.zyxel.com
2 Select your product from the drop-down list box on the

ZyXEL home page to go to that product's page.

3 Select the certification you wish to view from this page

3 Federal Communications Commission (FCC) Interference Statement

Prestige 662HW Series User’s Guide

ZyXEL Limited Warranty

ZyXEL warrants to the original end user (purchaser) that this product is free from any defects
in materials or workmanship for a period of up to two years from the date of purchase. During
the warranty period, and upon proof of purchase, should the product have indications of fai lure
due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the
defective products or components without charge for either parts or labor, and to whatever
extent it shall deem necessary to restore the product or components to proper operating
condition. Any replacement will consist of a new or re-manufactured functionally equivalent
product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not
apply if the product is modified, misused, tampered with, damaged by an act of God, or
subjected to abnormal working conditions.

Note

Repair or replacement, as provided under this warranty, is the exclusive remedy of the
purchaser. This warranty is in lieu of all other warranties, express or implied, including any
implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in
no event be held liable for indirect or consequential damages of any kind of character to the
purchaser.

To obtain the services of this warranty, contact ZyXEL's Service Center for your Return
Material Authorization number (RMA). Products must be returned Postage Prepaid. It is
recommended that the unit be insured when shipped. Any returned pro du cts without proof of
purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of
ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products
will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty
gives you specific legal rights, and you may also have other rights that vary from country to
country.

Safety Warnings

1 To reduce the risk of fire, use only No. 26 AWG or larger telephone wire.
2 Do not use this product near water, for example, in a wet basement or near a swimming

pool.

3 A void using this product during an electrical storm. There may be a remote risk of electric

shock from lightening.

ZyXEL Limited Warranty 4

Prestige 662HW Series User’s Guide

Please have the following information ready when you contact customer support.

• Product model and serial number.

• Warranty Information.

• Date that you received your device.

• Brief description of the problem and the steps you took to solve it.

Customer Support

METHOD

LOCATION

WORLDWIDE

NORTH
AMERICA

GERMANY

FRANCE

SPAIN

DENMARK

NORWAY

SWEDEN

FINLAND

a. “+” is the (prefix) number you enter to make an international telephone call.

SUPPORT E-MAIL TELEPHONE
SALES E-MAIL FAX FTP SITE

support@zyxel.com.tw +886-3-578-3942 www.zyxel.com

sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.com

support@zyxel.com +1-800-255-4101

+1-714-632-0882

sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com

support@zyxel.de +49-2405-6909-0 www.zyxel.de ZyXEL Deutschland GmbH.

sales@zyxel.de +49-2405-6909-99

info@zyxel.fr +33 (0)4 72 52 97 97 www.zyxel.fr ZyXEL France

+33 (0)4 72 52 19 20

support@zyxel.es +34 902 195 420 www.zyxel.es ZyXEL Communications

sales@zyxel.es +34 913 005 345

support@zyxel.dk +45 39 55 07 00 www.zyxel.dk Zy X E L C o m m u n icat i o n s A / S
sales@zyxel.dk +45 39 55 07 07

support@zyxel.no +47 22 80 61 80 www.zyxel.no Zy X E L C o m m u n i cations A/S
sales@zyxel.no +47 22 80 61 81

support@zyxel.se +46 31 744 7700 www.zyxel.se ZyXEL Communications A/S
sales@zyxel.se +46 31 744 7701

support@zyxel.fi +358-9-4780-8411 www.zyxel.fi ZyXEL Communications Oy
sales@zyxel.fi +358-9-4780 8448

A

WEB SITE

www.europe.zyxel.com

ftp.europe.zyxel.com
www.us.zyxel.com ZyXEL Communications Inc.

REGULAR MAIL

ZyXEL Communications Corp.
6 Innovation Road II

Science Park
Hsinchu 300
Taiwan

1130 N. Miller St.
Anaheim
CA 92806-2001
U.S.A.

Adenauerstr. 20/A2 D-52146
Wuerselen
Germany

1 rue des Vergers
Bat. 1 / C
69760 Limonest
France

Ale jandro Vill egas 33
1º, 2 8 0 4 3 Mad r i d
Spain

Columbusvej 5
2860 Soeborg
Denmark

Nils Hansens vei 13
0667 Oslo
Norway

Sjöporten 4, 41764 Göteborg
Sweden

Malminkaari 10
00700 Helsinki
Finland

5 Customer Support

Prestige 662HW Series User’s Guide

Customer Support 6

Prestige 662HW Series User’s Guide

7 Customer Support

Prestige 662HW Series User’s Guide

Table of Contents

Copyright ..................................................................................................................2

Federal Communications Commission (FCC) Interference Statement...............3

ZyXEL Limited Warranty..........................................................................................4

Customer Support....................................................................................................5

Table of Contents.....................................................................................................8

List of Figures ........................................................................................................26

List of Tables..........................................................................................................34

Preface ....................................................................................................................40

Introduction to DSL................................................................................................42

Chapter 1

Getting To Know Your Prestige.............................................................................44

1.1 Introducing the Prestige .....................................................................................44

1.1.1 Features of the Prestige ........ .... ... ............................................................45

1.1.2 Applications for the Prestige ......................... ... ... .... ... ... ... .... ... ... ... ............50

1.1.2.1 Internet Access ...................... ... .... ... ...............................................51

1.1.3 Firewall for Secure Broadband Internet Access ..................................... ..51

1.1.3.1 LAN to LAN Application ...................................................................51

1.1.4 Prestige Hardware Installation and Connection ........................................52

Chapter 2

Introducing the Web Configurator........................................................................54

2.1 Web Configurator Overview ... ... ... ... .... .......................................................... ... ..54

2.1.1 Accessing the Prestige Web Configurator ................................................54

2.1.2 Resetting the Prestige ......................................................... ... ... ... ... .........55

2.1.2.1 Using the Reset Button ................. ... ... ... ... .... ... ... ... .... .....................55

2.1.3 Navigating the Prestige Web Configurator ...............................................56

Chapter 3

Wizard Setup for Internet Access.........................................................................60

3.1 Introduction ............................... ... ... .......................................................... .... ... ..60

Table of Contents 8

Prestige 662HW Series User’s Guide

3.1.1 Encapsulation ............................... ... ... .... ... ... ............................................60

3.1.1.1 ENET ENCAP .................. ... .......................................................... ..60

3.1.1.2 PPP over Ethernet ..........................................................................60

3.1.1.3 PPPoA .............................................................................................60

3.1.1.4 RFC 1483 ......................................... ... ... ... .... ... ... ... .... ... ..................61

3.1.2 Multiplexing ... ... .........................................................................................61

3.1.2.1 VC-based Multiplexing .............. .... ... ...............................................61

3.1.2.2 LLC-based Multiplexing .......................... .......................... ...............61

3.1.3 VPI and VCI ........................... .... ... ... ... ......................................................61

3.1.4 Internet Access Wizard Setup: First Screen .............................................61

3.2 IP Address and Subnet Mask .............................................................................62

3.2.1 IP Address Assignment ......... .... ... ... ... .... ... ...............................................63

3.2.1.1 IP Assignment with PPPoA or PPPoE Encapsulation .....................63

3.2.1.2 IP Assignment with RFC 1483 Encapsulation .................................63

3.2.1.3 IP Assignment with ENET ENCAP Encapsulation ..........................63

3.2.1.4 Private IP Addresses .......................................................................64

3.2.2 Nailed-Up Connection (PPP) ....................................................................64

3.2.3 NAT ........................ ... .... ... .........................................................................64

3.2.4 Internet Access Wizard Setup: Second Screen ........................................64

3.2.5 DHCP Setup ........................................................................................ ... ..69

3.2.5.1 IP Pool Setup ..................................................................................69

3.2.6 Internet Access Wizard Setup: Third Screen ............................................69

3.2.7 Internet Access Wizard Setup: Connection Test .......................................70

3.2.7.1 Test Your Internet Connection .........................................................71

Chapter 4

Wizard Setup for Media Bandwidth Management............................................... 72

4.1 Introduction ............................... ... ... .......................................................... .... ... ..72

4.1.1 Predefined Media Bandwidth Management Services .......................... ... ..72

4.2 Media Bandwidth Management Setup 1 ............................................................73

4.3 Media Bandwidth Mgnt. Wizard Setup: Second Screen ....................................74

4.4 Media Bandwidth Mgnt. Wizard Setup: Finish ...................................................75

Chapter 5

Password Setup .....................................................................................................76

5.1 Password Overview ..................... ... .... ... ... ... .... ... ...............................................76

5.1.1 Configuring Password ......................... .... ... ...............................................76

Chapter 6

LAN Setup...............................................................................................................78

6.1 LAN Overview ............................................................................... ... ... ... ... .... .....78

6.1.1 LANs, WANs and the Prestige ......................... ... .... ... ... ... .... ... ... ...............78

6.2 DNS Server Address ........................................... ... ... ... .... ... ... ... .........................79

9 Table of Contents

Prestige 662HW Series User’s Guide

6.3 DNS Server Address Assignment .......... ... ... ...................................................... 79

6.4 LAN TCP/IP ......................................................................... ... ... .... ... ... ...............80

6.4.1 Factory LAN Defaults .......................... .... ... ... ... .........................................80

6.4.2 IP Address and Subnet Mask ...................................................................80

6.4.3 RIP Setup ..... ... ... ... .......................................................... .... ... ... ... ... .........80

6.4.4 Multicast .................... .... ... ... ... .... ... .......................................................... ..81

6.5 Any IP ........................................................................... .... ..................................81

6.5.1 How Any IP Works ....................................................................................82

6.6 Configuring LAN ........................................ .........................................................83

6.7 Configuring Static DHCP ........ ... ... ... .... ... ... .........................................................84

Chapter 7

DMZ .........................................................................................................................86

7.1 Introduction ............................... ... ... .......................................................... .... ... ..86

7.2 Configuring DMZ ............. ... .... ... ... ... .......................................................... .... ... ..86

Chapter 8

Wireless LAN Setup...............................................................................................90

8.1 Introduction ............................... ... ... .......................................................... .... ... ..90

8.1.1 Additional Installation Requirements for Using 802.1x .............................90

8.1.2 Channel ........ ... .......................................................... ... ... .... ... ... ...............90

8.1.3 ESS ID ......................................................................................................91

8.1.4 RTS/CTS .. .......................................................... .... ... ...............................91

8.1.5 Fragmentation Threshold .............................. ............. ............. ............. ..... 92

8.2 Levels of Security ............................................. ... ... ... ... .... ... ...............................92

8.3 Data Encryption with WEP ........... ... .... ... ... ... .... ... ... ............................................93

8.4 Configuring Wireless LAN ......... ... ... .... ...............................................................93

8.5 Configuring MAC Filter ........................................... ... ... .... ... ... ... .... ... ... ... ............95

8.6 Network Authentication ......................................................................................97

8.6.1 EAP ...........................................................................................................97

8.6.1.1 RADIUS ........ ... ........................................................... ... ... ... ... .... .....97

8.6.1.2 Types of RADIUS Messages ...........................................................97

8.6.2 EAP Authentication Overview ...................................................................98

8.7 Introduction to WPA ........................ .... ... .......................................................... ..99

8.7.1 User Authentication ..... ... ... ... .... ... .......................................................... ..99

8.7.2 Encryption .... .......................................................... ... ... ... .... ... ..................99

8.8 WPA-PSK Application Example .......................................................................100

8.9 WPA with RADIUS Application Example ..........................................................100

8.10 Security Parameters Summary ......................................................................101

8.11 Wireless Client WPA Supplicants ..................................................................102

8.12 Configuring 802.1x and WPA .........................................................................102

8.12.1 Authentication Required: 802.1x ...........................................................103

8.12.2 Authentication Required: WPA .............................................................105

Table of Contents 10

Prestige 662HW Series User’s Guide

8.12.3 Authentication Required: WPA-PSK ..................................................... 106

8.13 Configuring Local User Authentication ...........................................................108

8.14 Configuring RADIUS ......................................................................................109

Chapter 9

WAN Setup............................................................................................................ 112

9.1 WAN Overview ................................ .... ... ... ... .... ... ... ..........................................112

9.2 Metric .................................... ... ... ... .......................................................... .... ...112

9.3 PPPoE Encapsulation ......................................................................................113

9.4 Traffic Shaping .......... ... ... ... .... ... ... ... .... .......................................................... ...113

9.5 Zero Configuration Internet Access .................. ... ... ... ... .... ... ... ... .... ...................114

9.6 Configuring WAN Setup ................................................................ ... ... ... ... .... ...114

9.7 Traffic Redirect ................................................................................................117

9.8 Configuring WAN Backup ....................................... ... ... ....................................118

9.9 Configuring Advanced WAN Backup ......................................... .... ... ... ... ... .... ...121

9.10 AT Command Strings .....................................................................................124

9.11 DTR Signal .....................................................................................................124

9.12 Response Strings ...........................................................................................124

9.13 Configuring Advanced Modem Setup ............................................................124

Chapter 10

Network Address Translation (NAT) Screens....................................................128

10.1 NAT Overview ................................................................................................128

10.1.1 NAT Definitions .....................................................................................128

10.1.2 What NAT Does ....................................................................................129

10.1.3 How NAT Works ...................................................................................129

10.1.4 NAT Application ....................................................................................130

10.1.5 NAT Mapping Types .............................................................................130

10.2 SUA (Single User Account) Versus NAT ........................................................131

10.3 SUA Server ....................................................................................................132

10.3.1 Default Server IP Address ....................................................................132

10.3.2 Port Forwarding: Services and Port Numbers ...................... ... ... ... .... ...132

10.3.3 Configuring Servers Behind SUA (Example) ........................................133

10.4 Selecting the NAT Mode ................................................................................133

10.5 Configuring SUA Server .......................... ................................................ .......134

10.6 Configuring Address Mapping ........................................................................136

10.7 Editing an Address Mapping Rule ..................................................................137

Chapter 11

Dynamic DNS Setup.............................................................................................140

11.1 Dynamic DNS .................................................................................................140

11.1.1 DYNDNS Wildcard ................................................................................140

11.2 Configuring Dynamic DNS .............................................................................140

11 Table of Contents

Prestige 662HW Series User’s Guide

Chapter 12

Time and Date.......................................................................................................142

12.1 Configuring Time and Date ............................................................................142

Chapter 13

Firewalls................................................................................................................144

13.1 Firewall Overview ...........................................................................................144

13.2 Types of Firewalls ..........................................................................................144

13.2.1 Packet Filtering Firewalls ......................................................................144

13.2.2 Application-level Firewalls ....................................................................144

13.2.3 Stateful Inspection Firewalls ................................................................145

13.3 Introduction to ZyXEL’s Firewall .....................................................................145

13.3.1 Denial of Service Attacks ......................................................................146

13.4 Denial of Service ............................................................................................146

13.4.1 Basics ...................................................................................................146

13.4.2 Types of DoS Attacks ...........................................................................147

13.4.2.1 ICMP Vulnerability ......................................................................149

13.4.2.2 Illegal Commands (NetBIOS and SMTP) ................................. ...149

13.4.2.3 Traceroute ...................................................................................150

13.5 Stateful Inspection ..........................................................................................150

13.5.1 Stateful Inspection Process ..................................................................151

13.5.2 Stateful Inspection and the Prestige .....................................................152

13.5.3 TCP Security .........................................................................................152

13.5.4 UDP/ICMP Security ..............................................................................153

13.5.5 Upper Layer Protocols ..........................................................................153

13.6 Guidelines for Enhancing Security with Your Firewall ....................................154

13.6.1 Security In General ............................... ................................................154

13.7 Packet Filtering Vs Firewall ........................ ................................................. ...155

13.7.1 Packet Filtering: ....................................................................................155

13.7.1.1 When To Use Filtering .................................................................155

13.7.2 Firewall .................................................................................................155

13.7.2.1 When To Use The Firewall ..........................................................156

Chapter 14

Firewall Configuration .........................................................................................158

14.1 Access Methods .............................................................................................158

14.2 Firewall Policies Overview .............................................................................158

14.3 Rule Logic Overview ......................................................................................159

14.3.1 Rule Checklist .......................................................................................159

14.3.2 Security Ramifications ..........................................................................160

14.3.3 Key Fields For Configuring Rules .........................................................160

14.3.3.1 Action ..........................................................................................160

14.3.3.2 Service ........................................................................................160

Table of Contents 12

Prestige 662HW Series User’s Guide

14.3.3.3 Source Address ...........................................................................160

14.3.3.4 Destination Address ....................................................................161

14.4 Connection Direction Example .......................................................................161

14.4.1 LAN to WAN Rules ...............................................................................161

14.4.2 WAN to LAN Rules ...............................................................................161

14.4.3 Alerts .....................................................................................................162

14.5 Configuring Basic Firewall Settings ................................................................162

14.6 Rule Summary ...............................................................................................164

14.6.1 Configuring Firewall Rules ................................ .................................... 165

14.7 Customized Services .....................................................................................168

14.8 Creating/Editing A Customized Service .........................................................168

14.9 Example Firewall Rule ...................................................................................169

14.10 Predefined Services .....................................................................................173

14.11 Anti-Probing ..................................... ... ... ... .... ... ... ..........................................175

14.12 Configuring Attack Alert ...............................................................................176

14.12.1 Threshold Va lues ................................................................................177

14.12.2 Half-Open Sessions ............................................................................177

14.12.2.1 TCP Maximum Incomplete and Blocking Time .........................177

Chapter 15

Content Filtering ..................................................................................................180

15.1 Content Filtering Overview .............................................................................180

15.2 Configuring Keyword Blocking .......................................................................180

15.3 Configuring the Schedule ..............................................................................181

15.4 Configuring Trusted Computers .....................................................................182

Chapter 16

Content Access Control......................................................................................184

16.1 Content Access Control Overview .................................................................184

16.1.1 Content Access Control WLAN Application ................... .......................184

16.1.2 Configuration Steps ..............................................................................184

16.2 Activating CAC and Create User Groups ................................ .......................185

16.2.1 Configuring Time Schedule ..................................................................186

16.2.2 Configuring Services ...................................... ....... ...... ....... ... ...... ....... ... 188

16.2.2.1 Available Services .......................................................................189

16.2.3 Configuring Web Site Filters .................................................................191

16.2.4 Testing Web Site Access Privileges ......................................................197

16.3 User Account Setup .......................................................................................198

16.4 User Online Status .........................................................................................200

16.5 Content Access Control Logins ......................................................................201

16.5.1 User Login ............................................................................................201

16.5.2 Administrator Login ...............................................................................202

13 Table of Contents

Prestige 662HW Series User’s Guide

Chapter 17

Anti-Virus Packet Scan........................................................................................204

17.1 Overview ........................................................................................................204

17.1.1 Types of Computer Viruses ..................................................................204

17.2 Signature-Based Virus Scan ..........................................................................204

17.2.1 Computer Virus Infection and Prevention ................................ ... ... .... ...205

17.3 Introduction to the Prestige Anti-virus Packet Scan .......................................205

17.3.1 How the Prestige Virus Scan Works .......................................... ..........206

17.3.2 Limitations of the Prestige Packet Scan ...............................................206

17.4 Anti-virus Packet Scan Configuration .............................................................207

17.5 Registration and Online Update .....................................................................208

17.5.1 Updating the Anti Virus Packet Scan ....................................................210

Chapter 18

Introduction to IPSec...........................................................................................212

18.1 VPN Overview ................................................................................................212

18.1.1 IPSec ....................................................................................................212

18.1.2 Security Association .............................................................................212

18.1.3 Other Terminology ................................................................................212

18.1.3.1 Encryption ...................................................................................212

18.1.3.2 Data Confidentiality .....................................................................213

18.1.3.3 Data Integrity ...............................................................................213

18.1.3.4 Data Origin Authentication ..........................................................213

18.1.4 VPN Applications ..................................................................................213

18.2 IPSec Architecture .........................................................................................213

18.2.1 IPSec Algorithms ..................................................................................214

18.2.2 Key Management ..................................................................................214

18.3 Encapsulation .................................................................................................214

18.3.1 Transport Mode ....................................................................................215

18.3.2 Tunnel Mode .... ... ... .... ... ... ... .... ... ... ... ....................................................215

18.4 IPSec and NAT ...............................................................................................215

Chapter 19

VPN Screens.........................................................................................................218

19.1 VPN/IPSec Overview .....................................................................................218

19.2 IPSec Algorithms ............................................................................................218

19.2.1 AH (Authentication Header) Protocol ...................... ...... ....... ...... ....... ... 218

19.2.2 ESP (Encapsulating Security Payload) Protocol .................................218

19.3 My IP Address ................................................................................................219

19.4 Secure Gateway Address ..............................................................................219

19.4.1 Dynamic Secure Gateway Address ......................................................220

19.5 VPN Summary Screen ...................................................................................220

19.6 Keep Alive ......................................................................................................222

Table of Contents 14

Prestige 662HW Series User’s Guide

19.7 NAT Traversal ................................................................................................222

19.7.1 NAT Traversal Configuration ....................... .......... ......... .......... .......... ... 223

19.7.2 Remote DNS Server ................................ .............................................223

19.8 ID Type and Content ......................................................................................224

19.8.1 ID Type and Content Examples ............................................................225

19.9 Pre-Shared Key ..............................................................................................226

19.10 Editing VPN Policies ....................................................................................226

19.11 IKE Phases ........................................... ... .... ... ... ... ... .... ... ... ..........................231

19.11.1 Negotiation Mode ...................... ... ... .... ... ... ... ... .... ... ... ... .... ... ... .............232

19.11.2 Diffie-Hellman (DH) Key Groups .........................................................233

19.11.3 Perfect Forward Secrecy (PFS) ......................................... ... ... ... .... ...233

19.12 Configuring Advanced IKE Settings .............................................................233

19.13 Manual Key Setup ........................................................................................236

19.13.1 Security Parameter Index (SPI) ......................... ... ... ... .... ... ... ... ... .......236

19.14 Configuring Manual Key ...............................................................................237

19.15 Viewing SA Monitor ......................................................................................240

19.16 Configuring Global Setting ...........................................................................241

19.17 Telecommuter VPN/IPSec Examples ...........................................................242

19.17.1 Telecommuters Sharing One VPN Rule Example ..............................242

19.17.2 Telecommuters Using Unique VPN Rules Example ...........................243

19.18 VPN and Remote Management ...................................................................245

Chapter 20

Remote Management Configuration ..................................................................246

20.1 Remote Management Overview .....................................................................246

20.1.1 Remote Management Limitations .........................................................246

20.1.2 Remote Management and NAT ............................................................247

20.1.3 System Timeout ...................................................................................247

20.2 Telnet ..............................................................................................................247

20.3 FTP ................................................................................................................247

20.4 Web ................................................................................................................248

20.5 Configuring Remote Management .................................................................248

Chapter 21

Universal Plug-and-Play (UPnP).........................................................................250

21.1 Introducing Universal Plug and Play ..............................................................250

21.1.1 How do I know if I'm using UPnP? ........... ...................... ....................... 250

21.1.2 NAT Traversal .......................................................................................250

21.1.3 Cautions with UPnP ..............................................................................250

21.2 UPnP and ZyXEL ...........................................................................................251

21.2.1 Configuring UPnP .................................................................................251

21.3 Installing UPnP in Windows Example ............................................................252

21.4 Using UPnP in Windows XP Example ...........................................................256

15 Table of Contents

Prestige 662HW Series User’s Guide

Chapter 22

Logs Screens........................................................................................................264

22.1 Logs Overview ...............................................................................................264

22.1.1 Alerts and Logs .....................................................................................264

22.2 Configuring Log Settings ................................................................................264

22.3 Displaying the Logs ........................................................................................266

22.4 SMTP Error Messages ...................................................................................267

22.4.1 Example E-mail Log ..............................................................................268

Chapter 23

Media Bandwidth Management Advanced Setup..............................................270

23.1 Bandwidth Management Advanced Setup Overview .....................................270

23.2 Bandwidth Classes and Filters .......................................................................270

23.3 Proportional Bandwidth Allocation .................................................................271

23.4 Bandwidth Management Usage Examples ....................................................271

23.4.1 Application-based Bandwidth Management Example ..........................271

23.4.2 Subnet-based Bandwidth Management Example .................................271

23.4.3 Application and Subnet-based Bandwidth Management Example .......272

23.5 Scheduler .......................................................................................................272

23.5.1 Priority-based Scheduler ......................................................................273

23.5.2 Fairness-based Scheduler ....................................................................273

23.6 Maximize Bandwidth Usage ...........................................................................273

23.6.1 Reserving Bandwidth for Non-Bandwidth Class Traffic ........................273

23.6.2 Maximize Bandwidth Usage Example ..................................................274

23.7 Bandwidth Borrowing .....................................................................................275

23.7.1 Bandwidth Borrowing Example .............................................................275

23.7.2 Maximize Bandwidth Usage With Bandwidth Borrowing ...................... 277

23.8 Configuring Summary ....................................................................................277

23.9 Configuring Class Setup ................................................................................278

23.9.1 Media Bandwidth Management Class Configuration ............................279

23.9.2 Media Bandwidth Management Statistics .............................................282

23.10 Bandwidth Monitor ......................................................................................283

Chapter 24

Maintenance .........................................................................................................284

24.1 Maintenance Overview ...................................................................................284

24.2 System Status Screen ....................................................................................284

24.2.1 System Statistics ...................................................................................286

24.3 DHCP Table Screen .......................................................................................288

24.4 Any IP Table Screen .......................................................................................289

24.5 Wireless Screen .............................................................................................289

24.5.1 Association List .....................................................................................289

24.6 Diagnostic Screens ........................................................................................290

Table of Contents 16

Prestige 662HW Series User’s Guide

24.6.1 Diagnostic General Screen ............................ ....................................... 290

24.6.2 Diagnostic DSL Line Screen .................................................................291

24.7 Firmware Screen ............................................................................................293

Chapter 25

Introducing the SMT ............................................................................................296

25.1 SMT Introduction ............................................................................................296

25.1.1 Procedure for SMT Configuration via Telnet ...................................... ...296

25.1.2 Entering Password ................................ ...... ...... ....... ...... ....... ...... ....... ... 296

25.1.3 Prestige SMT Menu Overview .................... ... ... .... ... ... ... .... ... ... ... ... .... ...297

25.2 Navigating the SMT Interface .........................................................................297

25.2.1 System Management Terminal Interface Summary ..............................299

25.3 Changing the System Password ....................................................................299

Chapter 26

Menu 1 General Setup .........................................................................................302

26.1 General Setup ................................................................................................302

26.2 Procedure To Configure Menu 1 ....................................................................302

26.2.1 Procedure to Configure Dynamic DNS ............. .... ... ... ... .... ... ... ... ..........303

Chapter 27

Menu 2 WAN Backup Setup ................................................................................306

27.1 Introduction to WAN Backup Setup ................................................................306

27.2 Configuring Dial Backup in Menu 2 ................................................................306

27.2.1 Traffic Redirect Setup ...........................................................................307

27.3 Configuring Dial Backup Setup ......................................................................308

27.4 Advanced Dial Backup Setup .........................................................................309

Chapter 28

Menu 3 LAN Setup ...............................................................................................312

28.1 LAN Setup ......................................................................................................312

28.1.1 General Ethernet Setup ........................... .............................................312

28.2 Protocol Dependent Ethernet Setup ..............................................................313

28.3 CP/IP Ethernet Setup and DHCP ...................... ... ... ... .... ... ... ... .... ... ... ... ... .... ...313

Chapter 29

Wireless LAN Setup.............................................................................................316

29.1 Wireless LAN Overview .................................................................................316

29.2 Wireless LAN Setup .......................................................................................316

29.2.1 Wireless LAN MAC Address Filter ........................................................317

17 Table of Contents

Prestige 662HW Series User’s Guide

Chapter 30

Internet Access ....................................................................................................320

30.1 Internet Access Overview ..............................................................................320

30.2 IP Policies ......................................................................................................320

30.3 IP Alias ...........................................................................................................320

30.4 IP Alias Setup .................................................................................................321

30.5 Route IP Setup ...............................................................................................322

30.6 Internet Access Configuration ........................................................................323

Chapter 31

Remote Node Configuration ...............................................................................326

31.1 Remote Node Setup Overview ................................ .................... ................... 326

31.2 Remote Node Setup .......................................................................................326

31.2.1 Remote Node Profile ............................................................................326

31.2.2 Encapsulation and Multiplexing Scenarios ...........................................327

31.2.2.1 Scenario 1: One VC, Multiple Protocols ......................................327

31.2.2.2 Scenario 2: One VC, One Protocol (IP) ............... .... ... ... .............327

31.2.2.3 Scenario 3: Multiple VCs .............................................................327

31.2.3 Outgoing Authentication Protocol ............................................ ... ... .... ...329

31.3 Remote Node Network Layer Options ...........................................................330

31.3.1 My WAN Addr Sample IP Addresses ...................................................331

31.4 Remote Node Filter ........................................................................................332

31.5 Editing ATM Layer Options ............................................................................333

31.5.1 VC-based Multiplexing (non-PPP Encapsulation) ................................333

31.5.2 LLC-based Multiplexing or PPP Encapsulation ....................................334

31.5.3 Advance Setup Options ........................................................................334

Chapter 32

Static Route Setup ...............................................................................................336

32.1 IP Static Route Overview ...............................................................................336

32.2 Configuration ..................................................................................................336

Chapter 33

Bridging Setup .....................................................................................................340

33.1 Bridging in General . .......................................................................................340

33.2 Bridge Ethernet Setup ....................................................................................340

33.2.1 Remote Node Bridging Setup ........................ ... .... ... .............................340

33.2.2 Bridge Static Route Setup .....................................................................342

Chapter 34

Network Address Translation (NAT)...................................................................344

34.1 Using NAT ......................................................................................................344

34.1.1 SUA (Single User Account) Versus NAT ..............................................344

Table of Contents 18

Prestige 662HW Series User’s Guide

34.2 Applying NAT .................................................................................................344

34.3 NAT Setup ......................................................................................................346

34.3.1 Address Mapping Sets ..........................................................................346

34.3.1.1 SUA Address Mapping Set ............... ... ... .... ... ... ... .......................347

34.3.1.2 User-Defined Address Mapping Sets ..........................................348

34.3.1.3 Ordering Your Rules ....................................................................349

34.4 Configuring a Server behind NAT ..................................................................350

34.5 General NAT Examples ..................................................................................352

34.5.1 Example 1: Internet Access Only ..........................................................352

34.5.2 Example 2: Internet Access with an Inside Server ...............................353

34.5.3 Example 3: Multiple Public IP Addresses With Inside Servers .............354

34.5.4 Example 4: NAT Unfriendly Application Programs ...............................358

Chapter 35

Enabling the Firewall...........................................................................................360

35.1 Remote Management and the Firewall ..........................................................360

35.2 Access Methods .............................................................................................360

35.3 Enabling the Firewall ......................................................................................360

Chapter 36

Filter Configuration..............................................................................................362

36.1 About Filtering ................................................................................................362

36.1.1 The Filter Structure of the Prestige ....................................................... 363

36.2 Configuring a Filter Set for the Prestige .........................................................364

36.3 Filter Rules Summary Menus ......................... ................................................ 365

36.4 Configuring a Filter Rule ................................................................................366

36.4.1 TCP/IP Filter Rule ................................. ...................................... ..........367

36.4.2 Generic Filter Rule ............................ .................................... ................369

36.5 Filter Types and NAT .....................................................................................371

36.6 Example Filter ................................................................................................371

36.7 Applying Filters and Factory Defaults ............................................................373

36.7.1 Ethernet Traffic .....................................................................................374

36.7.2 Remote Node Filters ............................. ................................... .............374

Chapter 37

SNMP Configuration ............................................................................................376

37.1 About SNMP ..................................................................................................376

37.2 Supported MIBs .. ... ............................................................. ... .... ... ................377

37.3 SNMP Configuration ......................................................................................377

37.4 SNMP Traps ...................................................................................................378

19 Table of Contents

Prestige 662HW Series User’s Guide

Chapter 38

System Security ...................................................................................................380

38.1 System Security .............................................................................................380

38.1.1 System Password ............................. ....................................................380

38.1.2 Configuring External RADIUS Server ......................... ... .... ... ... ... ... .... ...380

38.1.3 IEEE802.1x ...........................................................................................382

38.2 Creating User Accounts on the Prestige ........................................................384

Chapter 39

System Information and Diagnosis....................................................................386

39.1 Overview ........................................................................................................386

39.2 System Status ................................................................................................386

39.3 System Information ........................................................................................388

39.3.1 System Information ............................... ................................... .............388

39.3.2 Console Port Speed ..............................................................................389

39.4 Log and Trace ............... ... .... ... ... ... .... ... ..........................................................390

39.4.1 Viewing Error Log .................................................................................390

39.4.2 Syslog and Accounting .........................................................................391

39.5 Diagnostic ......................................................................................................393

Chapter 40

Firmware and Configuration File Maintenance.................................................396

40.1 Filename Conventions ...................................................................................396

40.2 Backup Configuration .....................................................................................397

40.2.1 Backup Configuration ...........................................................................397

40.2.2 Using the FTP Command from the Command Line ..............................398

40.2.3 Example of FTP Commands from the Command Line .........................398

40.2.4 GUI-based FTP Clients .........................................................................399

40.2.5 TFTP and FTP over WAN Management Limitations .............................399

40.2.6 Backup Configuration Using TFTP .......................................................400

40.2.7 TFTP Command Example ....................................................................400

40.2.8 GUI-based TFTP Clients ......................................................................400

40.2.9 Backup Via Console Port ......................................................................401

40.3 Restore Configuration ....................................................................................402

40.3.1 Restore Using FTP ...............................................................................402

40.3.2 Restore Using FTP Session Example ..................................................403

40.3.3 Restore Via Console Port .....................................................................404

40.4 Uploading Firmware and Configuration Files .................................................405

40.4.1 Firmware File Upload ............................ ...... ... ....... ...... ....... ...... ...... .......405

40.4.2 Configuration File Upload .....................................................................405

40.4.3 FTP File Upload Command from the DOS Prompt Example ................406

40.4.4 FTP Session Example of Firmware File Upload ................... ... ... ... .... ...407

40.4.5 TFTP File Upload ..................................................................................407

Table of Contents 20

Prestige 662HW Series User’s Guide

40.4.6 TFTP Upload Command Example ........................................................408

40.4.7 Uploading Via Console Port ..................................................................408

40.4.8 Uploading Firmware File Via Console Port ...........................................408

40.4.9 Example Xmodem Firmware Upload Using HyperTerminal ............... ...409

40.4.10 Uploading Configuration File Via Console Port ..................................409

40.4.11 Example Xmodem Configuration Upload Using HyperTerminal .........410

Chapter 41

System Maintenance............................................................................................412

41.1 Command Interpreter Mode ...........................................................................412

41.2 Call Control Support ................................................... .... ... ... ... .... ... ... ... ... .......413

41.2.1 Budget Management ............................................................................413

41.3 Time and Date Setting ....................................................................................414

41.3.1 Resetting the Time ................................................................................416

Chapter 42

Remote Management...........................................................................................418

42.1 Remote Management Overview .....................................................................418

42.2 Remote Management .....................................................................................418

42.2.1 Remote Management Setup .................................................................418

42.2.2 Remote Management Limitations .........................................................419

42.3 Remote Management and NAT ......................................................................420

42.4 System Timeout .............................................................................................420

Chapter 43

IP Policy Routing..................................................................................................422

43.1 IP Policy Routing Overview ............................................................................422

43.2 Benefits of IP Policy Routing ..........................................................................422

43.3 Routing Policy ................................................................................................422

43.4 IP Routing Policy Setup .................................................................................423

43.5 Applying an IP Policy .....................................................................................426

43.5.1 Ethernet IP Policies ..............................................................................426

43.6 IP Policy Routing Example .............................................................................427

Chapter 44

Call Scheduling ....................................................................................................430

44.1 Introduction ....................................................................................................430

Chapter 45

VPN/IPSec Setup..................................................................................................434

45.1 VPN/IPSec Overview .....................................................................................434

45.2 IPSec Summary Screen .................................................................................435

45.3 IPSec Setup ...................................................................................................437

21 Table of Contents

Prestige 662HW Series User’s Guide

45.4 IKE Setup .......................................................................................................441

45.5 Manual Setup .................................................................................................443

45.5.1 Active Protocol ......................................................................................443

45.5.2 Security Parameter Index (SPI) ............................................................443

Chapter 46

SA Monitor............................................................................................................446

46.1 SA Monitor Overview .....................................................................................446

46.2 Using SA Monitor ...........................................................................................446

Chapter 47

Internal SPTGEN ..................................................................................................450

47.1 Internal SPTGEN Overview ...........................................................................450

47.2 The Configuration Text File Format ................................................................450

47.2.1 Internal SPTGEN File Modification - Important Points to Remember ...451

47.3 Internal SPTGEN FTP Download Example ................................. ...................451

47.4 Internal SPTGEN FTP Upload Example ........................................................452

Chapter 48

Troubleshooting ...................................................................................................454

48.1 Problems Starting Up the Prestige .................................................................454

48.2 Problems with the LAN LED ................. ................ ................ ................ .......... 454

48.3 Problems with the DSL LED .......... ................. ................ ................ ................ 455

48.4 Problems with the LAN Interface .......................... ................... .................... ...455

48.5 Problems with the WAN Interface ..................................................................455

48.6 Problems with Internet Access ....................... ................................................ 456

48.7 Problems with the Password ...................... ................................................. ...456

48.8 Problems with the Web Configurator .............................................................457

48.9 Problems with Remote Management .............................................................457

Appendix A

Pin Assignments..................................................................................................458

Appendix B

Setting up Your Computer’s IP Address............................................................460

Windows 95/98/Me................................................................................................. 460

Configuring ...................................................................................................... 462

Verifying Settings............................................................................................. 463

Windows 2000/NT/XP............................................................................................ 463

Verifying Settings............................................................................................. 467

Macintosh OS 8/9................................................................................................... 468

Verifying Settings............................................................................................. 469

Macintosh OS X ..................................................................................................... 469

Table of Contents 22

Prestige 662HW Series User’s Guide

Verifying Settings............................................................................................. 471

Appendix C

IP Subnetting........................................................................................................472

IP Addressing......................................... .... ... ... ... ................................................... 472

IP Classes.............. .......................................................... ... .... ... ... ... ...................... 472

Subnet Masks ........................................................................................................ 473

Subnetting.............................................................................................................. 473

Example: Two Subnets.......................................................................................... 474

Example: Four Subnets.......................................................................................... 476

Example Eight Subnets.......................................................................................... 477

Subnetting With Class A and Class B Networks.................................................... 478

Appendix D

PPPoE ...................................................................................................................480

PPPoE in Action..................................................................................................... 480

Benefits of PPPoE.................................................................................................. 480

Traditional Dial-up Scenario................................................................................... 480

How PPPoE Works ................................................................................................ 481

Prestige as a PPPoE Client ................................................................................... 481

Appendix E

Wireless LAN and IEEE 802.11 ...........................................................................482

Benefits of a Wireless LAN .................................................................................... 482

IEEE 802.11........................................................................................................... 482

Ad-hoc Wireless LAN Configuration....................................................................... 483

Infrastructure Wireless LAN Configuration............................................................. 483

Appendix F

Wireless LAN With IEEE 802.1x.......................................................................... 486

Security Flaws with IEEE 802.11 ........................................................................... 486

Deployment Issues with IEEE 802.11.................................................................... 486

IEEE 802.1x........................................................................................................... 486

Advantages of the IEEE 802.1x............................................................................. 486

RADIUS Server Authentication Sequence ...................................................... 487

Appendix G

Types of EAP Authentication..............................................................................488

EAP-MD5 (Message-Digest Algorithm 5) ............ ................................................... 488

EAP-TLS (Transport Layer Security) ..................................................................... 488

EAP-TTLS (Tunneled Transport Layer Service) ................................................... 488

LEAP...................................................................................................................... 489

23 Table of Contents

Prestige 662HW Series User’s Guide

Appendix H

Triangle Route......................................................................................................490

The Ideal Setup...................................................................................................... 490

The “Triangle Route” Problem....................... ... ... .... ... ... ... ...................................... 490

The “Triangle Route” Solutions.................................. ... ... ... .... ... ... ... .... ... ... ... ... .... .. 491

IP Aliasing........................ .......................................................... ... ... .... ... ... ............ 491

Gateways on the WAN Side................................................................................... 491

Appendix I

myZyXEL.com ......................................................................................................494

Introduction ............................................................................................................ 494

A Note on myZyXEL.com Numbers................................................................. 494

myZyXEL.com Account Login................................................................................ 494

Registering Your ZyXEL Device.......................................... .... ... ... ... .... ... ............... 495

Activating a Service................................................................................................ 498

Appendix J
Windows 98/Me Requirements for Anti-Virus Packet Scan Message Display500

Appendix K

Example Internal SPTGEN Screens....................................................................504

Command Examples.............................................................................................. 524

Appendix L

Command Interpreter...........................................................................................526

Command Syntax................................................................................................... 526

Command Usage................................................................................................... 526

Appendix M

Firewall Commands .............................................................................................528

Appendix M Sys Firewall Commands ....................................................................528

Appendix N

NetBIOS Filter Commands ..................................................................................530

Introduction ............................................................................................................ 530

Display NetBIOS Filter Settings ............................................................................. 530

NetBIOS Filter Configuration.................................................................................. 531

Appendix O

Brute-Force Password Guessing Protection.....................................................534

Example................................................................................................................. 534

Table of Contents 24

Prestige 662HW Series User’s Guide

Appendix P

Boot Commands ..................................................................................................536

Appendix Q

Log Descriptions..................................................................................................538

Log Commands...................................................................................................... 550

Configuring What You Want the Prestige to Log ............................................. 550

Displaying Logs ............................................................................................... 551

Log Command Example......................................................................................... 551

Index...................................................................................................................... 552

25 Table of Contents

Prestige 662HW Series User’s Guide

List of Figures

Figure 1 Prestige Internet Access Application .................................................................... 51

Figure 2 Firewall Application ............................................................................................... 51

Figure 3 Prestige LAN-to-LAN Application ............................. ............................................. 52

Figure 4 Password Screen .................................................................................................. 55

Figure 5 Change Password at Login ................................................................................... 55

Figure 6 Web Configurator SITE MAP Screen .................................................................. 56

Figure 7 Internet Access Wizard Setup: First Screen ......................................................... 62

Figure 8 Internet Connection with PPPoE ........................................................................... 65

Figure 9 Internet Connection with RFC 1483 ..................................................................... 66

Figure 10 Internet Connection with ENET ENCAP ............................................................. 67

Figure 11 Internet Connection with PPPoA ......................................................................... 68

Figure 12 Internet Access Wizard Setup: Third Screen ...................................................... 69

Figure 13 Internet Access Wizard Setup: LAN Configuration ............................................. 70

Figure 14 Internet Access Wizard Setup: Connection Tests ............................................... 71

Figure 15 Media Bandwidth Mgnt. Wizard Setup: First Screen .......................................... 74

Figure 16 Media Bandwidth Mgnt. Wizard Setup: Second Screen .................................... 75

Figure 17 Media Bandwidth Mgnt. Wizard Setup: Finish ................................................... 75

Figure 18 Password ............................................................................................................ 76

Figure 19 LAN and WAN IP Addresses .............................................................................. 78

Figure 20 Any IP Example ..................................................................................................82

Figure 21 LAN Setup ........................................................................................................... 83

Figure 22 LAN: Static DHCP ............................................................................................... 85

Figure 23 DMZ .................................................................................................................... 87

Figure 24 RTS/CTS ........................................................................................................... 91

Figure 25 Prestige Wireless Security Levels ....................................................................... 93

Figure 26 Wireless LAN ...................................................................................................... 94

Figure 27 MAC Address Filter ............................................................................................. 96

Figure 28 EAP Authentication ............................................................................................ 98

Figure 29 WPA - PSK Authentication .................................................................................. 100

Figure 30 WPA with RADIUS Application Example ............................................................ 101

Figure 31 Wireless LAN: 802.1x/WPA ............................................................................... 102

Figure 32 Wireless LAN: 802.1x/WPA for 802.1x Protocol ................................................. 103

Figure 33 Wireless LAN: 802.1x/WPA for WPA Protocol .................................................... 105

Figure 34 Wireless LAN: 802.1x/WPA for WPA-PSK Protocol ............................................ 107

Figure 35 Local User Database .......................................................................................... 108

Figure 36 RADIUS .............................................................................................................. 109

List of Figures 26

Prestige 662HW Series User’s Guide

Figure 37 Example of Traffic Shaping ................................................................................. 114

Figure 38 WAN Setup (PPPoE) .......................................................................................... 115

Figure 39 Traffic Redirect Example ..................................................................................... 118

Figure 40 Traffic Redirect LAN Setup ................................. ... ... ... ... .... ... ... ... .... ... ... ... ... .... ... 118

Figure 41 WAN Backup ......................... .... ... ... ... .......................................................... .... ... 119

Figure 42 Advanced WAN Backup ...................................................................................... 121

Figure 43 Advanced Modem Setup ..................................................................................... 125

Figure 44 How NAT Works ..................................................................................................130

Figure 45 NAT Application With IP Alias ............................................................................. 130

Figure 46 Multiple Servers Behind NAT Example ............................................................... 133

Figure 47 NAT Mode ........................................................................................................... 134

Figure 48 Edit SUA/NAT Server Set ................................................................................... 135

Figure 49 Address Mapping Rules ......................... .......................................... ................... 136

Figure 50 Address Mapping Rule Edit ................................................................................ 137

Figure 51 Dynamic DNS ..................................................................................................... 141

Figure 52 Time and Date ..................................................................................................... 142

Figure 53 Prestige Firewall Application ............................................................................... 146

Figure 54 Three-Way Handshake ....................................................................................... 148

Figure 55 SYN Flood ................................. ... ... ... .... .......................................................... ... 148

Figure 56 Smurf Attack ....................................................................................................... 149

Figure 57 Stateful Inspection ............................................................................................... 151

Figure 58 LAN to WAN Traffic ............................................................................................. 161

Figure 59 WAN to LAN Traffic ............ ... .... ... ... ... .... ... ... ... .... ................................................ 162

Figure 60 Firewall: Default Policy ........................... ............. ............ ............. ............. .......... 163

Figure 61 Firewall: Rule Summary ..................................................................................... 164

Figure 62 Firewall: Edit Rule ........................ ....................................................................... 166

Figure 63 Firewall: Customized Services ........................ ............................................. ....... 168

Figure 64 Firewall: Configure Customized Services ........................................................... 169

Figure 65 Firewall Example: Rule Summary ....................................................................... 170

Figure 66 Firewall Example: Edit Rule: Destination Address .............................................171

Figure 67 Edit Custom Port Example ................. .............................................. ................... 171

Figure 68 Firewall Example: Edit Rule: Select Customized Services ................................. 172

Figure 69 Firewall Example: Rule Summary: My Service .................................................. 173

Figure 70 Firewall: Anti Probing ................................ .......................................................... 176

Figure 71 Firewall: Threshold .............................................................................................. 178

Figure 72 Content Filter: Keyword ...................................................................................... 181

Figure 73 Content Filter: Schedule ..................................................................................... 182

Figure 74 Content Filter: Trusted ........................................................................................ 183

Figure 75 Content Access Control with WLAN Application ................................................ 184

Figure 76 Content Access Control: General ..................................................................... 185

Figure 77 Control Access Control: General: Time Scheduling .......................................... 187

Figure 78 Content Access Control: General: Services ..................................................... 188

Figure 79 Content Access Control: General: Web Site Filter ............................................ 192

27 List of Figures

Prestige 662HW Series User’s Guide

Figure 80 Content Access Control: General: Diagnose .................................................... 198

Figure 81 Content Access Control: User Profiles .............................................................. 199

Figure 82 Content Access Control: Online Status ............................................................. 200

Figure 83 Content Access Control: User Login Screen .................................................... 201

Figure 84 Content Access Control: User Logout Screen .................................................. 201

Figure 85 Prestige Anti-virus Application .......................................................................... 205

Figure 86 Anti Virus: Packet Scan ......................................................................................207

Figure 87 Anti Virus: Registration and Virus Information Update ........................................ 209

Figure 88 Virus Scan Update in Progress . ... ... ... .... ... ... ... .... ... ... ... ... .... ... ... ... .... ... ... ... ... .... ... 210

Figure 89 Virus Scan Update Successful ............................................................................ 210

Figure 90 Encryption and Decryption .................................................................................. 213

Figure 91 IPSec Architecture ....................................... ... .... ... ... .......................................... 214

Figure 92 Transport and Tunnel Mode IPSec Encapsulation .............................................. 215

Figure 93 IPSec Summary Fields ......... .... ... ... ... .... ... ... ....................................................... 220

Figure 94 VPN Summary ....................................... ... ... ... .... ... ... ... ... .... ... ............................. 221

Figure 95 NAT Router Between IPSec Routers .................................................................. 223

Figure 96 VPN Host using Intranet DNS Server Example .................................................. 224

Figure 97 VPN IKE ... ........................................................... ... ... ... ... .... ... ... ... .... ...................227

Figure 98 Two Phases to Set Up the IPSec SA .................................................................. 232

Figure 99 VPN IKE: Advanced Setup .......... ... ... .... ... ... ... .... ... ... ... ... .... ... ... ... .... ... ... ... ... .... ... 234

Figure 100 VPN: Manual Key .............................................................................................. 237

Figure 101 VPN: SA Monitor ............................................................................................... 240

Figure 102 VPN: Global Setting .......................................................................................... 241

Figure 103 Telecommuters Sharing One VPN Rule Example ............................................. 242

Figure 104 Telecommuters Using Unique VPN Rules Example ......................................... 244

Figure 105 Telnet Configuration on a TCP/IP Network ....................................................... 247

Figure 106 Remote Management ....................................................................................... 248

Figure 107 Configuring UPnP ............................................................................................. 251

Figure 108 Add/Remove Programs: Windows Setup: Communication ............................... 253

Figure 109 Add/Remove Programs: Windows Setup: Communication: Components ........ 253

Figure 110 Network Connections ........................................................................................ 254

Figure 111 Windows Optional Networking Components Wizard ......................................... 255

Figure 112 Networking Services ......................................................................................... 256

Figure 113 Network Connections ........................................................................................ 257

Figure 114 Internet Connection Properties ........................................................................ 258

Figure 115 Internet Connection Properties: Advanced Settings ......................................... 259

Figure 116 Internet Connection Properties: Advanced Settings: Add ................................. 259

Figure 117 System Tray Icon .............................................................................................. 260

Figure 118 Internet Connection Status ................................................................................ 260

Figure 119 Network Connections ........................................................................................ 261

Figure 120 Network Connections: My Network Places ....................................................... 262

Figure 121 Network Connections: My Network Places: Properties: Example ..................... 262

Figure 122 Log Settings ...................................................................................................... 265

List of Figures 28

Prestige 662HW Series User’s Guide

Figure 123 View Logs ......................................................................................................... 267

Figure 124 E-mail Log Example .......................................................................................... 268

Figure 125 Application-based Bandwidth Management Example ....................................... 271

Figure 126 Subnet-based Bandwidth Management Example ............................................. 272

Figure 127 Application and Subnet-based Bandwidth Management Example ................... 272

Figure 128 Bandwidth Allotment Example .......................................................................... 274

Figure 129 Maximize Bandwidth Usage Example ........................ ... .... ... ... ... .... ... ... ... ... .... ... 275

Figure 130 Bandwidth Borrowing Example ......................................................................... 276

Figure 131 Media Bandwidth Management: Summary ....................................................... 277

Figure 132 Media Bandwidth Management: Class Setup ................................................... 279

Figure 133 Media Bandwidth Management: Class Configuration ....................................... 280

Figure 134 Media Bandwidth Management Statistics ........................................................ 282

Figure 135 Media Bandwidth Management: Monitor ......................................................... 283

Figure 136 System Status ................................................................................................... 285

Figure 137 System Status: Show Statistics ......................................................................... 287

Figure 138 DHCP Table ...................................................................................................... 288

Figure 139 Any IP Table ...................................................................................................... 289

Figure 140 Association List ................................................................................................. 290

Figure 141 Diagnostic: General .......................................................................................... 291

Figure 142 Diagnostic: DSL Line ........................................................................................ 292

Figure 143 Firmware Upgrade ............................................................................................ 293

Figure 144 Network Temporarily Disconnected .................................................................. 294

Figure 145 Error Message ..................................................................................................294

Figure 146 Login Screen ..................................................................................................... 297

Figure 147 Prestige SMT Menu Overview .......................................................................... 297

Figure 148 Menu 23.1 Change Password ........................................................................... 300

Figure 149 Menu 1 General Setup ...................................................................................... 303

Figure 150 Menu 1.1 Configure Dynamic DNS .................................................................. 304

Figure 151 Menu 2 WAN Backup Setup ............................................................................. 306

Figure 152 Menu 2.1Traffic Redirect Setup ......................................................................... 307

Figure 153 Menu 2.2 Dial Backup Setup ............................................................................ 308

Figure 154 Menu 2.2.1 Advanced Dial Backup Setup ........................................................ 310

Figure 155 Menu 3 LAN Setup ............................................................................................ 312

Figure 156 Menu 3.1 LAN Port Filter Setup ........................................................................ 312

Figure 157 Menu 3.2 TCP/IP and DHCP Ethernet Setup ......................... ... .... ... ... ... ... ....... 314

Figure 158 Menu 3.5 - Wireless LAN Setup ....................................................................... 316

Figure 159 Menu 3.5.1 WLAN MAC Address Filtering ........................................................ 318

Figure 160 IP Alias Network Example ................................................................................. 321

Figure 161 Menu 3.2 TCP/IP and DHCP Setup ................................................................. 321

Figure 162 Menu 3.2.1 IP Alias Setup ................................................................................ 322

Figure 163 Menu 1 General Setup ...................................................................................... 323

Figure 164 Menu 4 Internet Access Setup .......................................................................... 323

Figure 165 Menu 11 Remote Node Setup ........................................................................... 327

29 List of Figures

Prestige 662HW Series User’s Guide

Figure 166 Menu 11.1 Remote Node Profile ...................................................................... 328

Figure 167 Menu 11.3 Remote Node Network Layer Options ........ .... ................................ 330

Figure 168 Sample IP Addresses for a TCP/IP LAN-to-LAN Connection ........................... 332

Figure 169 Menu 11.5 Remote Node Filter (RFC 1483 or ENET Encapsulation) ............... 333

Figure 170 Menu 11.5 Remote Node Filter (PPPoA or PPPoE Encapsulation) ................. 333

Figure 171 Menu 11.6 for VC-based Multiplexing ............................................................... 334

Figure 172 Menu 11.6 for LLC-based Multiplexing or PPP Encapsulation .......................... 334

Figure 173 Menu 11.1 Remote Node Profile ....................................................................... 335

Figure 174 Menu 11.8 Advance Setup Options .................................................................. 335

Figure 175 Sample Static Routing Topology ....................................................................... 336

Figure 176 Menu 12 Static Route Setup ............................................................................. 337

Figure 177 Menu 12.1 IP Static Route Setup ...................................................................... 337

Figure 178 Menu12.1.1 Edit IP Static Route ....................................................................... 337

Figure 179 Menu 11.1 Remote Node Profile ....................................................................... 341

Figure 180 Menu 11.3 Remote Node Network Layer Options ........ .... ................................ 341

Figure 181 Menu 12.3.1 Edit Bridge Static Route ............................................................... 342

Figure 182 Menu 4 Applying NAT for Internet Access ........................................................ 345

Figure 183 Applying NAT in Menus 4 & 11.3 .......................................................... ... ... .... ... 345

Figure 184 Menu 15 NAT Setup ........................................................................................ 346

Figure 185 Menu 15.1 Address Mapping Sets .................................................................... 347

Figure 186 Menu 15.1.255 SUA Address Mapping Rules .................................................. 347

Figure 187 Menu 15.1.1 First Set ........................................................................................ 348

Figure 188 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set ........................ 350

Figure 189 Menu 15.2 NAT Server Setup ........................................................................... 351

Figure 190 Menu 15.2.1 NAT Server Setup ........................................................................ 351

Figure 191 Multiple Servers Behind NAT Example ............................................. ... ... ... ....... 352

Figure 192 NAT Example 1 ................................................................................................. 353

Figure 193 Menu 4 Internet Access & NAT Example .......................................................... 353

Figure 194 NAT Example 2 ................................................................................................. 354

Figure 195 Menu 15.2.1 Specifying an Inside Server ......................................................... 354

Figure 196 NAT Example 3 ................................................................................................. 355

Figure 197 Example 3: Menu 11.3 ...................................................................................... 356

Figure 198 Example 3: Menu 15.1.1.1 ................................................................................ 356

Figure 199 Example 3: Final Menu 15.1.1 .......................................................................... 357

Figure 200 Example 3: Menu 15.2.1 ................................................................................... 358

Figure 201 NAT Example 4 ................................................................................................. 358

Figure 202 Example 4: Menu 15.1.1.1 Address Mapping Rule ........................................... 359

Figure 203 Example 4: Menu 15.1.1 Address Mapping Rules .................................. ... .... ... 359

Figure 204 Menu 21.2 Firewall Setup ................................................................................. 361

Figure 205 Outgoing Packet Filtering Process .................................................................... 362

Figure 206 Filter Rule Process ............................... ............. ............ ............. ............. .......... 363

Figure 207 Menu 21 Filter Set Configuration ...................................................................... 364

Figure 208 NetBIOS_WAN Filter Rules Summary ................................... .......................... 364

List of Figures 30