ZyXEL Prestige 202H Plus User Guide

Prestige 202H Plus

ISDN Internet Access Router

User’s Guide

Version 3.40

December 2004

Prestige 202H Plus User’s Guide

Copyright

Copyright © 2004 by ZyXEL Communications Corporation.

The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a
retrieval system, translated into any language, or transmitted in any form or by any means, electronic,
mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written
permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.

Disclaimer

ZyXEL does not assume any liability arising out of the application or use of any products, or software
described herein. Neither does it convey any license under its patent rights nor the patent rights of others.
ZyXEL further reserves the right to make changes in any products described herein without notice.

This publication is subject to change without notice.

Trademarks

Trademarks mentioned in this publication are used for identification purposes only and may be properties of
their respective owners.

ii Copyright

Prestige 202H Plus User’s Guide

Federal Communications Commission (FCC)

Interference Statement

This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:
This device may not cause harmful interference.
This device must accept any interference received, including interference that may cause undesired
operations.
This equipment has been tested and found to comply with the limits for a CLASS B digital device pursuant to
Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful
interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency
energy, and if not installed and used in accordance with the instructions, may cause harmful interference to
radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be determined by
turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of
the following measures:
Reorient or relocate the receiving antenna.
Increase the separation between the equipment and the receiver.
Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
Consult the dealer or an experienced radio/TV technician for help.

Notice 1

Changes or modifications not expressly approved by the party responsible for compliance could void the
user's authority to operate the equipment.

Certifications

1. Go to www.zyxel.com

2. Select your product from the drop-down list box on the ZyXEL home page to go to that product's page.

3. Select the certification you wish to view from this page

FCC iii

Prestige 202H Plus User’s Guide

Information for Canadian Users

The Industry Canada label identifies certified equipment. This certification means that the equipment meets
certain telecommunications network protective, operation, and safety requirements. The Industry Canada
does not guarantee that the equipment will operate to a user's satisfaction.
Before installing this equipment, users should ensure that it is permissible to be connected to the facilities of
the local telecommunications company. The equipment must also be installed using an acceptable method of
connection. In some cases, the company's inside wiring associated with a single line individual service may
be extended by means of a certified connector assembly. The customer should be aware that the compliance
with the above conditions may not prevent degradation of service in some situations.
Repairs to certified equipment should be made by an authorized Canadian maintenance facility designated by
the supplier. Any repairs or alterations made by the user to this equipment, or equipment malfunctions, may
give the telecommunications company cause to request the user to disconnect the equipment.
For their own protection, users should ensure that the electrical ground connections of the power utility,
telephone lines, and internal metallic water pipe system, if present, are connected together. This precaution
may be particularly important in rural areas.

Caution

Users should not attempt to make such connections themselves, but should contact the appropriate electrical
inspection authority, or electrician, as appropriate.

Note

This digital apparatus does not exceed the class A limits for radio noise emissions from digital apparatus set
out in the radio interference regulations of Industry Canada.

iv Information for Canadian Users

Prestige 202H Plus User’s Guide

ZyXEL Limited Warranty

ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or
workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon
proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials,
ZyXEL will, at its discretion, repair or replace the defective products or components without charge for
either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to
proper operating condition. Any replacement will consist of a new or re-manufactured functionally
equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not
apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected to
abnormal working conditions.

NOTE

Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This
warranty is in lieu of all other warranties, express or implied, including any implied warranty of
merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect
or consequential damages of any kind of character to the purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material
Authorization number (RMA). Products must be returned Postage Prepaid. It is recommended that the unit be
insured when shipped. Any returned products without proof of purchase or those with an out-dated warranty
will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts and labor.
All repaired or replaced products will be shipped by ZyXEL to the corresponding return address, Postage
Paid. This warranty gives you specific legal rights, and you may also have other rights that vary from country
to country.

Online Registration

Register online registration at www.zyxel.com for free future product updates and information.

Warranty v

Prestige 202H Plus User’s Guide

Customer Support

When you contact your customer support representative please have the following information ready:
Please have the following information ready when you contact customer support.

• Product model and serial number.

• Warranty Information.

• Date that you received your device.

• Brief description of the problem and the steps you took to solve it.

LOCATION

WORLDWIDE

SUPPORT E-MAIL TELEPHONE1 WEB SITE METHOD

SALES E-MAIL FAX1 FTP SITE

support@zyxel.com.tw

sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.co m

support@zyxel.com +1-800-255-4101

sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com

support@zyxel.de +49-2405-6909-0 www.zyxel.de GERMANY

sales@zyxel.de +49-2405-6909-99

support@zyxel.es +34 902 195 420 SPAIN

sales@zyxel.es +34 913 005 345

support@zyxel.dk +45 39 55 07 00 www.zyxel.dk DENMARK

sales@zyxel.dk +45 39 55 07 07

support@zyxel.no +47 22 80 61 80 www.zyxel.no NORWAY

sales@zyxel.no +47 22 80 61 81

support@zyxel.se +46 31 744 7700 www.zyxel.se SW EDEN

sales@zyxel.se +46 31 744 7701

support@zyxel.fi +358-9-4780-8411 www.zyxel.fi FINLAND

sales@zyxel.fi +358-9-4780 8448

+886-3-578-3942 www.zyxel.com

www.europe.zyxel.com

ftp.europe.zyxel.com

www.us.zyxel.com NORTH AMERICA

+1-714-632-0882

+33 (0)4 72 52 97 97 FRANCE info@zyxel.fr

+33 (0)4 72 52 19 20

www.zyxel.fr ZyXEL France

www.zyxel.es ZyXEL Communications

ZyXEL Communications Corp.
6 Innovation Road II
Science Park
Hsinchu 300
Taiwan

ZyXEL Communications Inc.
1130 N. Miller St.
Anaheim
CA 92806-2001
U.S.A.

ZyXEL Deutschland GmbH.
Adenauerstr. 20/A2 D-52146
Wuerselen
Germany

1 rue des Vergers
Bat. 1 / C
69760 Limonest
France

Alejandro Villegas 33
1º, 28043 Madrid
Spain

ZyXEL Communications A/S
Columbusvej 5
2860 Soeborg
Denmark

ZyXEL Communications A/S
Nils Hansens vei 13
0667 Oslo
Norway

ZyXEL Communications A/S
Sjöporten 4, 41764 Göteborg Sweden

ZyXEL Communications Oy
Malminkaari 10
00700 Helsinki
Finland

REGULAR MAIL

1

“+” is the (prefix) number you enter to make an international telephone call.

vi Customer Support

Prestige 202H Plus User’s Guide

Table of Contents

Copyright..........................................................................................................................................................ii

Federal Communications Commission (FCC) Interference Statement..................................................... iii

Information for Canadian Users....................................................................................................................iv

ZyXEL Limited Warranty...............................................................................................................................v

Customer Support...........................................................................................................................................vi

List of Figures............................................................................................................................................... xiii

List of Tables..................................................................................................................................................xix

Preface......................................................................................................................................................... xxiii

Getting Started ................................................................................................................................................. I

Chapter 1 Getting to Know Your Prestige ................................................................................................. 1-1

1.1 Introducing the Prestige 202H Plus................................................................................................ 1-1

1.2 Features .......................................................................................................................................... 1-1

1.3 Internet Access With the Prestige................................................................................................... 1-5

Chapter 2 Introducing the Web Configurator........................................................................................... 2-1

2.1 Web Configurator Overview.......................................................................................................... 2-1

2.2 Accessing Your Prestige Via Web Configurator............................................................................. 2-1

2.3 Resetting the Prestige..................................................................................................................... 2-2

2.4 Configuring Password.................................................................................................................... 2-4

2.5 Navigating the Prestige Web Configurator..................................................................................... 2-4

Chapter 3 Wizard Setup .............................................................................................................................. 3-1

3.1 Wizard Setup Introduction ............................................................................................................. 3-1

3.2 IP Address and Subnet Mask .......................................................................................................... 3-1

3.3 IP Address Assignment................................................................................................................... 3-2

3.4 NAT................................................................................................................................................ 3-2

3.5 MSN (Multiple Subscriber Number) and Subaddress.................................................................... 3-2

3.6 PABX Outside Line Prefix............................................................................................................. 3-3

3.7 Wizard Setup Configuration: First Screen...................................................................................... 3-3

3.8 Wizard Setup Configuration: Second Screen................................................................................. 3-5

3.9 Wizard Setup Configuration: Third Screen.................................................................................... 3-8

3.10 DHCP Setup............................................................................................................................... 3-9

3.11 Wizard Setup Configuration: Connection Tests ........................................................................3-11

3.12 Test Your Internet Connection.................................................................................................. 3-12

Advanced Settings...........................................................................................................................................II

Chapter 4 LAN Settings............................................................................................................................... 4-1

4.1 LAN Overview............................................................................................................................... 4-1

4.2 DHCP Setup................................................................................................................................... 4-1

4.3 IP Address and Subnet Mask .......................................................................................................... 4-1

4.4 DNS Server Address Assignment...................................................................................................4-2

4.5 LAN TCP/IP................................................................................................................................... 4-2

Table of Contents vii

Prestige 202H Plus User’s Guide

4.6 Configuring IP ................................................................................................................................4-2

Chapter 5 WAN Setup ..................................................................................................................................5-1

5.1 WAN Overview...............................................................................................................................5-1

5.2 Configuring WAN Setup.................................................................................................................5-1

Chapter 6 Network Address Translation (NAT).........................................................................................6-1

6.1 NAT Overview ................................................................................................................................6-1

6.2 SUA (Single User Account) Versus NAT........................................................................................6-4

6.3 SUA Server.....................................................................................................................................6-5

6.4 Selecting the NAT Mode.................................................................................................................6-6

6.5 Configuring SUA Server.................................................................................................................6-7

6.6 Configuring Address Mapping........................................................................................................6-9

6.7 Editing an Address Mapping Rule ................................................................................................6-11

Chapter 7 Dynamic DNS..............................................................................................................................7-1

7.1 Dynamic DNS.................................................................................................................................7-1

7.2 Configuring Dynamic DNS ............................................................................................................7-1

Chapter 8 Firewalls.......................................................................................................................................8-1

8.1 Firewall Overview ..........................................................................................................................8-1

8.2 Types of Firewalls...........................................................................................................................8-1

8.3 Introduction to ZyXEL’s Firewall................................................................................................... 8-2

8.4 Denial of Service ............................................................................................................................8-3

8.5 Stateful Inspection ..........................................................................................................................8-7

8.6 Guidelines for Enhancing Security with Your Firewall ................................................................8-11

8.7 Packet Filtering Vs Firewall .........................................................................................................8-12

Chapter 9 Firewall Configuration...............................................................................................................9-1

9.1 Remote Management and the Firewall ...........................................................................................9-1

9.2 Enabling the Firewall...................................................................................................................... 9-1

9.3 E-Mail.............................................................................................................................................9-2

9.4 Attack Alert.....................................................................................................................................9-3

Chapter 10 Creating Custom Rules ..........................................................................................................10-1

10.1 Rules Overview.........................................................................................................................10-1

10.2 Rule Logic Overview................................................................................................................10-1

10.3 Connection Direction................................................................................................................10-3

10.4 Rule Summary ..........................................................................................................................10-4

10.5 Predefined Services...................................................................................................................10-6

10.6 Creating/Editing Firewall Rules................................................................................................10-9

10.7 Timeout................................................................................................................................... 10-12

Chapter 11 Customized Services ...............................................................................................................11-1

11.1 Introduction to Customized Services ........................................................................................ 11-1

11.2 Creating/Editing A Customized Service....................................................................................11-2

11.3 Example Custom Service Firewall Rule ...................................................................................11-3

Chapter 12 Firewall Logs...........................................................................................................................12-1

viii Table of Contents

Prestige 202H Plus User’s Guide

12.1 Logs Screen.............................................................................................................................. 12-1

VPN/IPSec ..................................................................................................................................................... III

Chapter 13 Introduction to IPSec............................................................................................................. 13-1

13.1 VPN Overview......................................................................................................................... 13-1

13.2 IPSec Architecture.................................................................................................................... 13-3

13.3 Encapsulation ........................................................................................................................... 13-4

13.4 IPSec and NAT......................................................................................................................... 13-5

Chapter 14 VPN Screens ........................................................................................................................... 14-1

14.1 VPN/IPSec Overview............................................................................................................... 14-1

14.2 IPSec Algorithms ..................................................................................................................... 14-1

14.3 My IP Address .......................................................................................................................... 14-2

14.4 Secure Gateway IP Address ..................................................................................................... 14-3

14.5 Summary Screen ...................................................................................................................... 14-3

14.6 Keep Alive................................................................................................................................ 14-6

14.7 NAT Traversal .......................................................................................................................... 14-6

14.8 ID Type and Content ................................................................................................................ 14-8

14.9 Pre-Shared Key ...................................................................................................................... 14-10

14.10 Editing VPN Rules ................................................................................................................. 14-10

14.11 IKE Phases ............................................................................................................................. 14-17

14.12 Configuring Advanced IKE Settings ...................................................................................... 14-19

14.13 Manual Key Setup.................................................................................................................. 14-23

14.14 Configuring Manual Key ....................................................................................................... 14-24

14.15 Viewing SA Monitor ..............................................................................................................14-28

14.16 Configuring Global Setting .................................................................................................... 14-30

14.17 Telecommuter VPN/IPSec Examples..................................................................................... 14-31

14.18 Logs........................................................................................................................................ 14-34

NetCAPI and Supplementary Phone Services............................................................................................ IV

Chapter 15 NetCAPI.................................................................................................................................. 15-1

15.1 NetCAPI Overview .................................................................................................................. 15-1

15.1 CAPI ........................................................................................................................................ 15-1

15.2 Configuring NetCAPI .............................................................................................................. 15-1

Chapter 16 Supplementary Phone Services............................................................................................. 16-1

16.1 Overview.................................................................................................................................. 16-1

16.2 Setting Up Supplemental Phone Service.................................................................................. 16-1

16.3 The Flash Key .......................................................................................................................... 16-2

16.4 Call Waiting.............................................................................................................................. 16-2

16.5 Three Way Calling.................................................................................................................... 16-2

16.6 Call Transfer............................................................................................................................. 16-3

16.7 Call Forwarding ....................................................................................................................... 16-4

16.8 Reminder Ring ......................................................................................................................... 16-4

16.9 Multiple Subscriber Number (MSN)........................................................................................ 16-4

Table of Contents ix

Prestige 202H Plus User’s Guide

16.10 Using MSN ...............................................................................................................................16-5

16.11 Terminal Portability (Suspend/Resume) ...................................................................................16-5

Maintenance .................................................................................................................................................... V

Chapter 17 Maintenance............................................................................................................................17-1

17.1 Maintenance Overview .............................................................................................................17-1

17.2 System Status Screen ................................................................................................................17-1

17.3 DHCP Table Screen ..................................................................................................................17-6

17.4 Firmware Screen.......................................................................................................................17-7

17.5 Budget Control..........................................................................................................................17-9

General SMT Menus .....................................................................................................................................VI

Chapter 18 Introducing the SMT..............................................................................................................18-1

18.1 Introduction to the SMT............................................................................................................18-1

18.2 Accessing the Prestige via Console Port...................................................................................18-1

18.3 Accessing the Prestige via Telnet..............................................................................................18-2

18.4 Navigating the SMT Interface...................................................................................................18-2

18.5 SMT Menu Overview ...............................................................................................................18-5

18.6 Changing the System Password................................................................................................18-6

Chapter 19 SMT Menu 1 General Setup ..................................................................................................19-1

19.1 General Setup Overview...........................................................................................................19-1

19.2 Configuring General Setup .......................................................................................................19-1

19.3 Configuring Dynamic DNS ......................................................................................................19-2

Chapter 20 ISDN Setup..............................................................................................................................20-1

20.1 ISDN Setup Overview ..............................................................................................................20-1

20.2 IDSN Setup...............................................................................................................................20-3

20.3 NetCAPI ...................................................................................................................................20-7

Chapter 21 Ethernet Setup ........................................................................................................................21-1

21.1 Ethernet Setup........................................................................................................................... 21-1

21.2 Ethernet TCP/IP and DHCP Server...........................................................................................21-2

21.3 Configuring TCP/IP Ethernet and DHCP .................................................................................21-2

21.4 IP Alias Setup............................................................................................................................21-3

Chapter 22 Internet Access Setup.............................................................................................................. 22-1

22.1 Internet Access Overview .........................................................................................................22-1

22.2 Internet Access Setup................................................................................................................22-1

Advanced SMT Applications ......................................................................................................................VII

Chapter 23 Remote Node Configuration ..................................................................................................23-1

23.1 Remote Node Overview............................................................................................................23-1

23.2 Remote Node Setup ..................................................................................................................23-1

23.3 Outgoing Authentication Protocol ............................................................................................23-6

23.4 PPP Multilink............................................................................................................................23-6

23.5 Bandwidth on Demand .............................................................................................................23-6

23.6 Editing PPP Options..................................................................................................................23-7

x Table of Contents

Prestige 202H Plus User’s Guide

23.7 LAN-to-LAN Application........................................................................................................ 23-9

23.8 Configuring Network Layer Options ......................................................................................23-11

23.9 Configuring Filter................................................................................................................... 23-14

Chapter 24 Static Route Setup.................................................................................................................. 24-1

24.1 Static Route Overview ............................................................................................................. 24-1

Chapter 25 Dial-in Setup........................................................................................................................... 25-1

25.1 Dial-in Users Overview............................................................................................................ 25-1

25.2 Default Dial-in User Setup....................................................................................................... 25-1

25.3 Setting Up Default Dial-in ....................................................................................................... 25-2

25.4 Callback Overview................................................................................................................... 25-5

25.5 Dial-In User Setup.................................................................................................................... 25-5

25.6 Telecommuting Application With Windows Example ............................................................. 25-7

25.7 LAN-to-LAN Server Application Example............................................................................ 25-10

Chapter 26 Network Address Translation (NAT) ....................................................................................26-1

26.1 NAT Overview ......................................................................................................................... 26-1

26.2 Applying NAT .......................................................................................................................... 26-1

26.3 NAT Setup ................................................................................................................................ 26-3

26.4 Configuring a Server behind NAT............................................................................................ 26-8

26.5 General NAT Examples.......................................................................................................... 26-10

Advanced Management ............................................................................................................................. VIII

Chapter 27 Filter Configuration............................................................................................................... 27-1

27.1 Filtering Overview ................................................................................................................... 27-1

27.2 Configuring a Filter Set............................................................................................................ 27-4

27.3 Configuring a Filter Rule ......................................................................................................... 27-9

27.4 Filter Types and NAT ............................................................................................................. 27-16

27.5 Example Filter........................................................................................................................ 27-16

27.6 Applying Filters and Factory Defaults ................................................................................... 27-19

Chapter 28 Enabling the Firewall............................................................................................................. 28-1

28.1 Remote Management and the Firewall..................................................................................... 28-1

28.2 Access Methods ....................................................................................................................... 28-1

28.3 Using Prestige SMT Menus ..................................................................................................... 28-1

Chapter 29 SNMP Configuration ............................................................................................................. 29-1

29.1 SNMP Configuration................................................................................................................ 29-1

29.2 SNMP Traps ............................................................................................................................. 29-2

Chapter 30 External Server ...................................................................................................................... 30-1

30.1 RADIUS................................................................................................................................... 30-1

30.2 Configure External Server........................................................................................................ 30-2

Chapter 31 System Information and Diagnosis....................................................................................... 31-1

31.1 System Status Overview........................................................................................................... 31-1

31.2 System Status ........................................................................................................................... 31-1

31.3 System Information and Console Port Speed........................................................................... 31-3

Table of Contents xi

Prestige 202H Plus User’s Guide

31.4 Log and Trace ...........................................................................................................................31-5

31.5 Accounting Server ....................................................................................................................31-9

31.6 Call Triggering Packet ............................................................................................................31-10

31.7 Diagnostic ............................................................................................................................... 31-11

Chapter 32 Firmware and Configuration File Maintenance ..................................................................32-1

32.1 Filename Conventions ..............................................................................................................32-1

32.2 Backup Configuration...............................................................................................................32-2

32.3 Restore Configuration...............................................................................................................32-7

32.4 Uploading Firmware and Configuration Files ........................................................................32-10

Chapter 33 SMT Menus 24.8 to 24.10.......................................................................................................33-1

33.1 Command Interpreter Mode......................................................................................................33-1

33.2 Call Control Support.................................................................................................................33-2

33.3 Time and Date...........................................................................................................................33-6

Chapter 34 Remote Management..............................................................................................................34-1

34.1 Remote Management Overview................................................................................................34-1

34.2 Remote Management ................................................................................................................34-1

34.3 Remote Management and NAT.................................................................................................34-3

34.4 System Timeout ........................................................................................................................34-3

Chapter 35 Call Scheduling .......................................................................................................................35-1

35.1 Call Scheduling Overview ........................................................................................................35-1

35.2 Configuring Call Scheduling ....................................................................................................35-1

35.3 Applying Schedule Sets ............................................................................................................ 35-3

Chapter 36 VPN/IPSec Setup.....................................................................................................................36-1

36.1 VPN/IPSec Overview ...............................................................................................................36-1

36.2 IPSec Summary.........................................................................................................................36-2

36.3 IPSec Setup...............................................................................................................................36-7

36.4 Configuring IKE Settings .......................................................................................................36-12

36.5 Manual Key Setup ..................................................................................................................36-15

Chapter 37 SA Monitor ..............................................................................................................................37-1

37.1 SA Monitor Overview............................................................................................................... 37-1

Chapter 38 IPSec Log.................................................................................................................................38-1

38.1 IPSec Logs ................................................................................................................................38-1

Appendices and Index ...................................................................................................................................IX

Appendix A Troubleshooting........................................................................................................................ A

Appendix B Power Adaptor Specifications...................................................................................................E

Appendix C IP Subnetting............................................................................................................................ G

Appendix D Setting up Your Computer’s IP Address................................................................................... O

Appendix E Splitters and Microfilters....................................................................................................... AA

Index ..................................................................................................................................................................i

xii Table of Contents

Prestige 202H Plus User’s Guide

List of Figures

Figure 1-1 Internet Access Application.......................................................................................................... 1-5

Figure 1-2 LAN-to-LAN Connection Application......................................................................................... 1-6

Figure 1-3 Remote Access ............................................................................................................................. 1-6

Figure 1-4 Secure Internet Access and VPN Application............................................................................... 1-7

Figure 2-1 Example Xmodem Upload ........................................................................................................... 2-3

Figure 2-2 Reload the Configuration file: Via Console Port .......................................................................... 2-3

Figure 2-3 Password....................................................................................................................................... 2-4

Figure 2-4 The Site Map Screen .................................................................................................................... 2-5

Figure 3-1 Wizard 1: ISDN Line Set Up........................................................................................................ 3-3

Figure 3-2 Wizard 2: ISP Parameters For Internet Access ............................................................................. 3-6

Figure 3-3 Wizard 3: Summary...................................................................................................................... 3-9

Figure 3-4 Wizard: LAN Configuration....................................................................................................... 3-10

Figure 3-5 Wizard Screen 4.......................................................................................................................... 3-12

Figure 4-1 LAN Setup.................................................................................................................................... 4-3

Figure 5-1 Internet Access Setup...................................................................................................................... 5-2

Figure 6-1 How NAT Works .......................................................................................................................... 6-2

Figure 6-2 NAT Application With IP Alias .................................................................................................... 6-3

Figure 6-3 Multiple Servers Behind NAT Example....................................................................................... 6-6

Figure 6-4 NAT Mode.................................................................................................................................... 6-7

Figure 6-5 Edit SUA/NAT Server Set............................................................................................................ 6-8

Figure 6-6 Address Mapping Rules.............................................................................................................. 6-10

Figure 6-7 Address Mapping Rule Edit.........................................................................................................6-11

Figure 7-1 DDNS........................................................................................................................................... 7-2

Figure 8-1 Prestige Firewall Application ....................................................................................................... 8-3

Figure 8-2 Three-Way Handshake ................................................................................................................. 8-4

Figure 8-3 SYN Flood.................................................................................................................................... 8-5

Figure 8-4 Smurf Attack ................................................................................................................................ 8-6

Figure 8-5 Stateful Inspection........................................................................................................................ 8-8

Figure 9-1 Enabling the Firewall ................................................................................................................... 9-1

Figure 9-2 E-mail........................................................................................................................................... 9-2

Figure 9-3 Alert.............................................................................................................................................. 9-5

Figure 10-1 LAN to WAN Traffic................................................................................................................ 10-3

Figure 10-2 WAN to LAN Traffic................................................................................................................ 10-4

Figure 10-3 Firewall Rules Summary: First Screen..................................................................................... 10-5

Figure 10-4 Creating/Editing A Firewall Rule ........................................................................................... 10-10

Figure 10-5 Adding/Editing Source and Destination Addresses ................................................................ 10-12

Figure 10-6 Timeout................................................................................................................................... 10-13

Figure 11-1 Customized Services..................................................................................................................11-1

Figure 11-2 Creating/Editing A Customized Service ....................................................................................11-2

List of Figures xiii

Prestige 202H Plus User’s Guide

Figure 11-3 Edit Rule Example ....................................................................................................................11-3

Figure 11-4 Configure Source IP Example ................................................................................................... 11-4

Figure 11-5 Customized Service for MyService Example............................................................................11-4

Figure 11-6 Syslog Rule Configuration Example......................................................................................... 11-5

Figure 11-7 Rule Summary Example............................................................................................................11-6

Figure 12-1 Log Screen ................................................................................................................................12-1

Figure 13-1 Encryption and Decryption .......................................................................................................13-2

Figure 13-2 IPSec Architecture.....................................................................................................................13-3

Figure 13-3 Transport and Tunnel Mode IPSec Encapsulation.....................................................................13-4

Figure 14-1 IPSec Summary Fields..............................................................................................................14-4

Figure 14-2 VPN: Summary.........................................................................................................................14-4

Figure 14-3 NAT Router Between IPSec Routers.........................................................................................14-6

Figure 14-4 VPN Host using Intranet DNS Server Example........................................................................14-8

Figure 14-5 VPN: Rule Setup (Basic).........................................................................................................14-11

Figure 14-6 Two Phases to Set Up the IPSec SA........................................................................................14-17

Figure 14-7 VPN IKE: Advanced...............................................................................................................14-20

Figure 14-8 Rule Setup: Manual.................................................................................................................14-25

Figure 14-9 SA Monitor..............................................................................................................................14-29

Figure 14-10 VPN: Global Setting .............................................................................................................14-30

Figure 14-11 Telecommuters Sharing One VPN Rule Example.................................................................14-31

Figure 14-12 Telecommuters Using Unique VPN Rules Example.............................................................14-33

Figure 14-13 VPN Logs..............................................................................................................................14-35

Figure 15-1 Configuring NetCAPI ...............................................................................................................15-2

Figure 15-2 Configuration Example.............................................................................................................15-3

Figure 17-1 System Status............................................................................................................................17-2

Figure 17-2 System Status: Show Statistics..................................................................................................17-4

Figure 17-3 DHCP Table ..............................................................................................................................17-6

Figure 17-4 Firmware Upgrade ....................................................................................................................17-8

Figure 17-5 Network Temporarily Disconnected..........................................................................................17-9

Figure 17-6 Error Message ...........................................................................................................................17-9

Figure 17-7 Budget Control........................................................................................................................17-10

Figure 18-1 Initial Screen .............................................................................................................................18-1

Figure 18-2 Login Screen .............................................................................................................................18-2

Figure 18-3 SMT Main Menu.......................................................................................................................18-4

Figure 18-4 SMT Menu Overview ...............................................................................................................18-6

Figure 18-5 Menu 23.1 System Password ....................................................................................................18-7

Figure 18-6 Menu 23.1 - System Security - Change Password ....................................................................18-7

Figure 19-1 Menu 1 General Setup...............................................................................................................19-1

Figure 19-2 Configure Dynamic DNS..........................................................................................................19-2

Figure 20-1 Prestige Behind a PABX ...........................................................................................................20-2

Figure 20-2 Menu 2 ISDN Setup.................................................................................................................. 20-3

xiv List of Figures

Prestige 202H Plus User’s Guide

Figure 20-3 Menu 2.1 ISDN Advanced Setup ............................................................................................. 20-5

Figure 20-4 Loopback Test .......................................................................................................................... 20-6

Figure 20-5 Menu 2.2 NetCAPI Setup......................................................................................................... 20-7

Figure 21-1 Menu 3 Ethernet Setup............................................................................................................. 21-1

Figure 21-2 Menu 3.1 General Ethernet Setup............................................................................................. 21-1

Figure 21-3 Menu 3.2 TCP/IP and DHCP Ethernet Setup ........................................................................... 21-2

Figure 21-4 Menu 3.2.1 IP Alias Setup ........................................................................................................ 21-4

Figure 22-1 Menu 4 Internet Access Setup .................................................................................................. 22-1

Figure 23-1 Menu 11 Remote Node Setup................................................................................................... 23-2

Figure 23-2 Menu 11.1 Remote Node Profile.............................................................................................. 23-2

Figure 23-3 Menu 11.2 Remote Node PPP Options..................................................................................... 23-8

Figure 23-4 TCP/IP LAN-to-LAN Application............................................................................................ 23-9

Figure 23-5 LAN 1 Setup........................................................................................................................... 23-10

Figure 23-6 LAN 2 Setup........................................................................................................................... 23-10

Figure 23-7 Sample IP Addresses for LAN-to-LAN Connection .............................................................. 23-14

Figure 23-8 Menu 11.5 Remote Node Filter .............................................................................................. 23-15

Figure 24-1 Sample Static Routing Topology .............................................................................................. 24-1

Figure 24-2 Menu 12 IP Static Route Setup................................................................................................. 24-2

Figure 24-3 Menu 12.1 Edit IP Static Route ................................................................................................ 24-2

Figure 25-1 Menu 13 Default Dial-in Setup ................................................................................................ 25-2

Figure 25-2 Menu 13.1 Default Dial-in Filter.............................................................................................. 25-5

Figure 25-3 Menu 14 Dial-in User Setup..................................................................................................... 25-6

Figure 25-4 Menu 14.1 Edit Dial-in User .................................................................................................... 25-6

Figure 25-5 Example of Telecommuting...................................................................................................... 25-8

Figure 25-6 Configuring Menu 13 for Remote Access ................................................................................ 25-9

Figure 25-7 Edit Dial-in-User ...................................................................................................................... 25-9

Figure 25-8 Example of a LAN-to-LAN Server Application..................................................................... 25-10

Figure 25-9 LAN 1 LAN-to-LAN Application ...........................................................................................25-11

Figure 25-10 LAN 2 LAN-to-LAN Application .........................................................................................25-11

Figure 25-11 Testing Callback With Your Connection............................................................................... 25-12

Figure 25-12 Callback With CLID Configuration ..................................................................................... 25-13

Figure 25-13 Configuring CLID With Callback ........................................................................................ 25-13

Figure 25-14 Callback and CLID Connection Test .................................................................................... 25-14

Figure 26-1 Applying NAT for Internet Access ........................................................................................... 26-2

Figure 26-2 Applying NAT to the Remote Node.......................................................................................... 26-3

Figure 26-3 Menu 15 NAT Setup................................................................................................................. 26-4

Figure 26-4 Menu 15.1 Address Mapping Sets............................................................................................ 26-4

Figure 26-5 Menu 15.1.255 SUA Address Mapping Rules.......................................................................... 26-5

Figure 26-6 Menu 15.1.1 Address Mapping Rules First Set ........................................................................ 26-6

Figure 26-7 Menu 15.1.1.1 Address Mapping Rule ..................................................................................... 26-7

Figure 26-8 Menu 15.2 NAT Server Setup................................................................................................... 26-9

List of Figures xv

Prestige 202H Plus User’s Guide

Figure 26-9 Menu 15.2.1 NAT Server Setup ................................................................................................26-9

Figure 26-10 Multiple Servers Behind NAT Example................................................................................26-10

Figure 26-11 NAT Example 1..................................................................................................................... 26-11

Figure 26-12 Menu 4 Internet Access & NAT Example ............................................................................. 26-11

Figure 26-13 NAT Example 2.....................................................................................................................26-12

Figure 26-14 Menu 15.2.1 Specifying an Inside Server .............................................................................26-12

Figure 26-15 NAT Example 3.....................................................................................................................26-13

Figure 26-16 Example 3: Menu 11.3 .......................................................................................................... 26-14

Figure 26-17 Example 3: Menu 15.1.1.1 ....................................................................................................26-14

Figure 26-18 Example 3: Final Menu 15.1.1..............................................................................................26-15

Figure 26-19 NAT Example 4.....................................................................................................................26-16

Figure 26-20 Example 4: Menu 15.1.1.1 Address Mapping Rule...............................................................26-17

Figure 26-21 Example 4: Menu 15.1.1 Address Mapping Rules ................................................................ 26-17

Figure 27-1 Outgoing Packet Filtering Process ............................................................................................ 27-2

Figure 27-2 Filter Rule Process ....................................................................................................................27-3

Figure 27-3 Menu 21 Filter and Firewall Setup............................................................................................27-4

Figure 27-4 Menu 21.1 Filter Set Configuration ..........................................................................................27-5

Figure 27-5 NetBIOS_WAN Filter Rules Summary.....................................................................................27-6

Figure 27-6 NetBIOS _LAN Filter Rules Summary.....................................................................................27-6

Figure 27-7 Telnet WAN Filter Rules Summary...........................................................................................27-7

Figure 27-8 FTP_WAN Filter Rules Summary.............................................................................................27-7

Figure 27-9 Menu 21.1.7.1 TCP/IP Filter Rule...........................................................................................27-10

Figure 27-10 Executing an IP Filter............................................................................................................27-13

Figure 27-11 Menu 21.1.8.1 Generic Filter Rule........................................................................................ 27-14

Figure 27-12 Protocol and Device Filter Sets.............................................................................................27-16

Figure 27-13 Sample Telnet Filter ..............................................................................................................27-17

Figure 27-14 Sample Filter Menu 21.1.9.1.................................................................................................27-18

Figure 27-15 Sample Filter Rules Summary Menu 21.1.9 .........................................................................27-19

Figure 27-16 Filtering Ethernet Traffic.......................................................................................................27-20

Figure 27-17 Filtering Remote Node Traffic ..............................................................................................27-21

Figure 28-1 Menu 21 Filter and Firewall Setup............................................................................................28-1

Figure 28-2 Menu 21.2 Firewall Setup.........................................................................................................28-2

Figure 28-3 Example Firewall Log...............................................................................................................28-2

Figure 28-4 E-mail Log ................................................................................................................................28-4

Figure 29-1 Menu 22 SNMP Configuration .................................................................................................29-1

Figure 30-1 RADIUS Server ........................................................................................................................30-1

Figure 30-2 Menu 23.2 System Security - External Server .......................................................................... 30-2

Figure 31-1 Menu 24 System Maintenance..................................................................................................31-1

Figure 31-2 Menu 24.1 System Maintenance Status ....................................................................................31-2

Figure 31-3 Menu 24.2 System Information and Console Port Speed..........................................................31-4

Figure 31-4 Menu 24.2.1 System Maintenance Information ........................................................................31-4

xvi List of Figures

Prestige 202H Plus User’s Guide

Figure 31-5 Menu 24.2.2 System Maintenance Change Console Port Speed.............................................. 31-5

Figure 31-6 Menu 24.3 System Maintenance Log and Trace ...................................................................... 31-6

Figure 31-7 Sample Error and Information Messages ................................................................................. 31-6

Figure 31-8 Menu 24.3.2 System Maintenance Unix Syslog....................................................................... 31-7

Figure 31-9 Menu 24.3.3 System Maintenance Accounting Server........................................................... 31-10

Figure 31-10 Menu 24.3.4 Call Triggering Packet......................................................................................31-11

Figure 31-11 Menu 24.4 System Maintenance Diagnostic ........................................................................ 31-12

Figure 31-12 Display for a Successful Manual Call .................................................................................. 31-13

Figure 32-1 Menu 24.5 System Maintenance – Backup Configuration ....................................................... 32-3

Figure 32-2 FTP Session Example............................................................................................................... 32-4

Figure 32-3 System Maintenance Backup Configuration............................................................................ 32-6

Figure 32-4 System Maintenance: Starting Xmodem Download Screen..................................................... 32-7

Figure 32-5 Backup Configuration Example ............................................................................................... 32-7

Figure 32-6 Successful Backup Confirmation Screen.................................................................................. 32-7

Figure 32-7 Telnet into Menu 24.6............................................................................................................... 32-8

Figure 32-8 Restore Using FTP Session Example ....................................................................................... 32-9

Figure 32-9 System Maintenance: Restore Configuration...........................................................................32-9

Figure 32-10 System Maintenance: Starting Xmodem Download Screen................................................... 32-9

Figure 32-11 Restore Configuration Example ........................................................................................... 32-10

Figure 32-12 Successful Restoration Confirmation Screen ....................................................................... 32-10

Figure 32-13 - System Maintenance Upload Firmware ..............................................................................32-11

Figure 32-14 Menu 24.7.1 Upload System Firmware.................................................................................32-11

Figure 32-15 Menu 24.7.2 - System Maintenance – Upload Configuration File....................................... 32-12

Figure 32-16 FTP Session Example of Firmware File Upload .................................................................. 32-13

Figure 32-17 Menu 24.7.1 as Seen Using the Console Port....................................................................... 32-14

Figure 32-18 Example Xmodem Upload ................................................................................................... 32-15

Figure 32-19 Menu 24.7.2 as Seen Using the Console Port....................................................................... 32-16

Figure 32-20 Example Xmodem Upload ................................................................................................... 32-17

Figure 33-1 Command Mode in Menu 24.................................................................................................... 33-1

Figure 33-2 Valid Commands ...................................................................................................................... 33-2

Figure 33-3 Menu 24.9 Call Control............................................................................................................ 33-2

Figure 33-4 Menu 24.9.1Call Control Parameters ....................................................................................... 33-3

Figure 33-5 Menu 24.9.2 Blacklist .............................................................................................................. 33-4

Figure 33-6 Menu 24.9.1 Budget Management ........................................................................................... 33-4

Figure 33-7 Menu 24.9.4 Call History ......................................................................................................... 33-5

Figure 33-8 Menu 24: System Maintenance ................................................................................................ 33-6

Figure 33-9 Menu 24.10 System Maintenance: Time and Date Setting....................................................... 33-7

Figure 34-1 Menu 24.11 Remote Management Control............................................................................... 34-2

Figure 35-1 Menu 26 Schedule Setup.......................................................................................................... 35-1

Figure 35-2 Menu 26.1 Schedule Set Setup................................................................................................. 35-2

Figure 35-3 Applying Schedule Set(s) ......................................................................................................... 35-4

List of Figures xvii

Prestige 202H Plus User’s Guide

Figure 36-1 VPN SMT Menu Tree ...............................................................................................................36-1

Figure 36-2 Menu 27 VPN/IPSec Setup .......................................................................................................36-2

Figure 36-3 IPSec Summary Fields Illustration............................................................................................36-2

Figure 36-4 Menu 27.1 IPSec Summary.......................................................................................................36-3

Figure 36-5 Menu 27.1.1 IPSec Setup..........................................................................................................36-8

Figure 36-6 Menu 27.1.1.1 IKE Setup............................................................................................................36-13

Figure 36-7 Menu 27.1.1.2 Manual Setup ..................................................................................................36-15

Figure 37-1 Menu 27.2 SA Monitor .............................................................................................................37-1

Figure 38-1 Example VPN Initiator IPSec Log ............................................................................................38-1

Figure 38-2 Example VPN Responder IPSec Log........................................................................................38-2

xviii List of Figures

Prestige 202H Plus User’s Guide

List of Tables

Table 2-1 Password ........................................................................................................................................ 2-4

Table 2-2 Web Configurator Screens Summary ............................................................................................. 2-5

Table 3-1 Wizard 1: ISDN Line Set Up ......................................................................................................... 3-4

Table 3-2 Wizard 2: ISP Parameters For Internet Access............................................................................... 3-6

Table 3-3 Wizard: LAN Configuration .........................................................................................................3-11

Table 4-1 LAN Setup ..................................................................................................................................... 4-3

Table 5-1 Internet Access Setup....................................................................................................................... 5-3

Table 6-1 NAT Definitions............................................................................................................................. 6-1

Table 6-2 NAT Mapping Types...................................................................................................................... 6-4

Table 6-3 Services and Port Numbers............................................................................................................ 6-5

Table 6-4 NAT Mode ..................................................................................................................................... 6-7

Table 6-5 Edit SUA/NAT Server Set.............................................................................................................. 6-8

Table 6-6 Address Mapping Rules ............................................................................................................... 6-10

Table 6-7 Address Mapping Rule Edit ......................................................................................................... 6-12

Table 7-1 DDNS............................................................................................................................................. 7-2

Table 8-1 Common IP Ports........................................................................................................................... 8-3

Table 8-2 ICMP Commands That Trigger Alerts ........................................................................................... 8-6

Table 8-3 Legal NetBIOS Commands ........................................................................................................... 8-6

Table 8-4 Legal SMTP Commands ................................................................................................................ 8-7

Table 9-1 E-mail............................................................................................................................................. 9-2

Table 9-2 Alert ............................................................................................................................................... 9-6

Table 10-1 Firewall Rules Summary: First Screen....................................................................................... 10-5

Table 10-2 Predefined Services.................................................................................................................... 10-7

Table 10-3 Creating/Editing A Firewall Rule............................................................................................. 10-10

Table 10-4 Adding/Editing Source and Destination Addresses.................................................................. 10-12

Table 10-5 Timeout .................................................................................................................................... 10-13

Table 11-1 Customized Services ...................................................................................................................11-2

Table 11-2 Creating/Editing A Customized Service......................................................................................11-3

Table 12-1 Log Screen ................................................................................................................................. 12-2

Table 13-1 VPN and NAT ............................................................................................................................ 13-5

Table 14-1 ESP and AH ............................................................................................................................... 14-2

Table 14-2 VPN: Summary.......................................................................................................................... 14-5

Table 14-3 Local ID Type and Content Fields ............................................................................................. 14-9

Table 14-4 Peer ID Type and Content Fields ............................................................................................... 14-9

Table 14-5 Matching ID Type and Content Configuration Example.......................................................... 14-10

Table 14-6 Mismatching ID Type and Content Configuration Example.................................................... 14-10

Table 14-7 VPN: Rule Setup (Basic) ......................................................................................................... 14-12

Table 14-8 VPN IKE: Advanced ................................................................................................................ 14-21

Table 14-9 Rule Setup: Manual.................................................................................................................. 14-26

List of Tables xix

Prestige 202H Plus User’s Guide

Table 14-10 SA Monitor .............................................................................................................................14-29

Table 14-11 VPN: Global Setting ...............................................................................................................14-30

Table 14-12 Telecommuters Sharing One VPN Rule Example ..................................................................14-32

Table 14-13 Telecommuters Using Unique VPN Rules Example...............................................................14-33

Table 14-14 VPN Logs ...............................................................................................................................14-35

Table 15-1 Configuring NetCAPI.................................................................................................................15-2

Table 16-1 Supplemental Services In Europe...............................................................................................16-1

Table 16-2 Phone Flash Commands .............................................................................................................16-4

Table 17-1 System Status..............................................................................................................................17-3

Table 17-2 System Status: Show Statistics ...................................................................................................17-4

Table 17-3 DHCP Table................................................................................................................................17-7

Table 17-4 Firmware Upgrade......................................................................................................................17-8

Table 17-5 Budget Control .........................................................................................................................17-10

Table 18-1 Main Menu Commands ..............................................................................................................18-2

Table 18-2 Main Menu Summary.................................................................................................................18-4

Table 19-1 Menu 1 General Setup ................................................................................................................19-2

Table 20-1 Menu 2 ISDN Setup....................................................................................................................20-3

Table 20-2 Menu 2.1 ISDN Advanced Setup................................................................................................ 20-5

Table 20-3 Menu 2.2 NetCAPI Setup...........................................................................................................20-7

Table 22-1 Menu 4 Internet Access Setup ....................................................................................................22-2

Table 23-1 Menu 11.1 Remote Node Profile ................................................................................................23-3

Table 23-2 BTR vs MTR for BOD ...............................................................................................................23-7

Table 23-3 Menu 11.2 Remote Node PPP Options.......................................................................................23-8

Table 23-4 TCP/IP-related Fields in Remote Node Profile.........................................................................23-11

Table 23-5 Remote Node Network Layer Options .....................................................................................23-12

Table 23-6 Remote Node Network Layer Options .....................................................................................23-12

Table 24-1 Menu 12.1 Edit IP Static Route ..................................................................................................24-2

Table 25-1 Remote Dial-in Users/Remote Nodes Comparison Chart...........................................................25-1

Table 25-2 Menu 13 Default Dial-in Setup...................................................................................................25-2

Table 25-3 Edit Dial-in User.........................................................................................................................25-6

Table 26-1 Applying NAT to the Remote Node............................................................................................ 26-3

Table 26-2 Menu 15.1.255 SUA Address Mapping Rules............................................................................26-5

Table 26-3 Fields in Menu 15.1.1 .................................................................................................................26-7

Table 26-4 Menu 15.1.1.1 Address Mapping Rule .......................................................................................26-8

Table 27-1 Filter Rules Summary Menu Abbreviations................................................................................27-8

Table 27-2 Rule Abbreviations Used ............................................................................................................27-8

Table 27-3 Menu 21.1.7.1 TCP/IP Filter Rule ............................................................................................ 27-10

Table 27-4 Menu 21.1.8.1 Generic Filter Rule ...........................................................................................27-14

Table 27-5 Filter Sets Table ........................................................................................................................27-19

Table 28-1 View Firewall Log ......................................................................................................................28-3

Table 29-1 Menu 22 SNMP Configuration...................................................................................................29-1

xx List of Tables

Prestige 202H Plus User’s Guide

Table 29-2 SNMP Traps............................................................................................................................... 29-2

Table 29-3 Ports and Permanent Virtual Circuits ......................................................................................... 29-2

Table 30-1 Menu 23.2 System Security - External Server........................................................................... 30-2

Table 31-1 Menu 24.1 System Maintenance Status ..................................................................................... 31-2

Table 31-2 Menu 24.2.1 System Maintenance Information......................................................................... 31-4

Table 31-3 Menu 24.3.2 System Maintenance Unix Syslog ........................................................................ 31-7

Table 31-4 System Maintenance Menu Diagnostic.................................................................................... 31-12

Table 32-1 Filename Conventions................................................................................................................ 32-2

Table 32-2 General Commands for GUI-based FTP Clients........................................................................ 32-4

Table 32-3 General Commands for GUI-based TFTP Clients ..................................................................... 32-6

Table 33-1 Menu 24.9.1Call Control Parameters......................................................................................... 33-3

Table 33-2 Menu 24.9.1 Budget Management............................................................................................. 33-5

Table 33-3 Menu 24.9.4 Call History........................................................................................................... 33-6

Table 33-4 Time and Date Setting Fields..................................................................................................... 33-7

Table 34-1 Menu 24.11 Remote Management Control ................................................................................ 34-2

Table 35-1 Menu 26.1 Schedule Set Setup................................................................................................... 35-2

Table 36-1 Menu 27.1 IPSec Summary ....................................................................................................... 36-3

Table 36-2 Local ID Type and Content Fields ............................................................................................. 36-6

Table 36-3 Peer ID Type and Content Fields ............................................................................................... 36-6

Table 36-4 Matching ID Type and Content Configuration Example............................................................ 36-7

Table 36-5 Mismatching ID Type and Content Configuration Example...................................................... 36-7

Table 36-6 Menu 27.1.1 IPSec Setup........................................................................................................... 36-8

Table 36-7 Menu 27.1.1.1 IKE Setup............................................................................................................. 36-13

Table 36-8 Menu 27.1.1.2 Manual Setup................................................................................................... 36-15

Table 37-1 Menu 27.2 SA Monitor .............................................................................................................. 37-2

Table 38-1 Sample IKE Key Exchange Logs............................................................................................... 38-2

Table 38-2 Sample IPSec Logs During Packet Transmission ...................................................................... 38-4

Table 38-3 RFC-2408 ISAKMP Payload Types........................................................................................... 38-4

List of Tables xxi

Prestige 202H Plus User’s Guide

Preface

Congratulations on your purchase of the Prestige 202H Plus ISDN Internet access router.

About This User's Manual

This manual is designed to guide you through the configuration of your Prestige for its various applications.
This manual may refer to the Prestige 202H Plus ISDN Internet access router as the Prestige.

You may use the web configurator, System Management Terminal (SMT) or

command interpreter interface to configure your Prestige. Not all features can be

configured through all interfaces.

Related Documentation

 Support Disk

Refer to the included CD for support documents.

 Quick Start Guide

The Quick Start Guide is designed to help you get up and running right away. It contains general
connection and initial configuration instructions.

 Web Configurator Online Help

Embedded web help for descriptions of individual screens and supplementary information.

 Packing List Card

The Packing List Card lists all items that should have come in the package.

 Certifications

Refer to the product page at www.zyxel.com

 ZyXEL Glossary and Web Site
Please refer to www.zyxel.com

documentation.

for an online glossary of networking terms and additional support

for information on product certifications.

User Guide Feedback

Help us help you. E-mail all User Guide-related comments, questions or suggestions for improvement to
techwriters@zyxel.com.tw or send regular mail to The Technical Writing Team, ZyXEL Communications
Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you.

Syntax Conventions

• “Enter” means for you to type one or more characters and press the carriage return. “Select” or
“Choose” means for you to use one of the predefined choices.

• The SMT menu titles and labels are in Bold Times New Roman font.

• The choices of a menu item are in Bold Arial font.

• A single keystroke is in Arial font and enclosed in square brackets, for instance, [ENTER] means the

Enter, or carriage return, key; [ESC] means the escape key and [SPACE BAR] means the space bar.
[UP] and [DOWN] are the up and down arrow keys.

Preface xxiii

Prestige 202H Plus User’s Guide

• Mouse action sequences are denoted using a comma. For example, “click the Apple icon, Control
Panels and then Modem” means first click the Apple icon, then point your mouse pointer to Control
Panels and then click Modem.

• For brevity’s sake, we will use “e.g.” as shorthand for “for instance” and “i.e.” for “that is” or “in other
words” throughout this manual.

Graphics Icons Key

Prestige

Server

Router

Computer

Telephone

Switch

Notebook computer

Firewall

xxiv Preface

Getting Started

Part I:

Getting Started

This part is structured as a step-by-step guide to help you access your Prestige. It covers key

features and applications, accessing the web configurator and configuring the wizard screens for

initial setup.

I

Prestige 202H Plus User’s Guide

Chapter 1

Getting to Know Your Prestige

This chapter covers the key features and main applications of your Prestige.

1.1 Introducing the Prestige 202H Plus

The Prestige is a high-performance ISDN router that offers a complete Internet access solution.

By integrating NAT, firewall, VPN capability and a four-port switch, the Prestige is a complete security
solution that protects your Intranet and efficiently manages data traffic on your network.

The embedded web configurator is easy to operate and totally independent of your operating system. You can
also manage the Prestige via the SMT (System Management Terminal), a menu-driven interface that you can
access from either a console port or telnet.

1.2 Features

This section describes the Prestige’s key features.

IPSec VPN Capability

Establish Virtual Private Network (VPN) tunnels to connect (home) office computers to your company
network using data encryption and the Internet; thus providing secure communications without the expense
of leased site-to-site lines. The Prestige’s VPN is based on the IPSec standard and is fully interoperable with
other IPSec-based VPN products.

Firewall

The Prestige has a stateful inspection firewall with DoS (Denial of Service) protection. By default, when the
firewall is activated, all incoming traffic from the WAN to the LAN is blocked unless it is initiated from the
LAN. The Prestige firewall supports TCP/UDP inspection, DoS detection and protection, real time alerts,
reports and logs.

4-Port Switch

A combination of switch and router makes your Prestige a cost-effective and viable network solution. You
can connect up to four computers to the Prestige without the cost of a hub. Use a hub to add more than four
computers to your LAN.

Getting to Know Your Prestige 1-1

Prestige 202H Plus User’s Guide

Auto-negotiating 10/100 Mbps Ethernet LAN

The LAN interface automatically detects if they are on a 10 or a 100 Mbps Ethernet.

Auto-crossover 10/100 Mbps Ethernet LAN

The LAN interface automatically adjusts to either a crossover or straight-through Ethernet cable.

Call Scheduling

Configure call time periods to restrict and allow access for users on remote nodes.

Network Address Translation (NAT)

NAT (Network Address Translation - NAT, RFC 1631) allows the translation of multiple IP addresses used
within one network to different IP addresses known within another network.

SNMP (Simple Network Management Protocol – Versions 1 and 2)

SNMP, a member of the TCP/IP protocol suite, allows you to exchange management information between
network devices. Your Prestige supports SNMP agent functionality that allows a manager station to manage
and monitor the Prestige through the network.

SNMP is only available if TCP/IP is configured on your Prestige.

IP Alias

IP Alias allows you to partition a physical network into logical networks over the same Ethernet interface.
The Prestige supports three logical LAN interfaces via its single physical Ethernet LAN interface with the
Prestige itself as the gateway for each LAN network.

ISDN Data Link Connections

The Prestige supports two types of ISDN Data Link Connections: point-to-point and point-to-multipoint.

ISDN Basic Rate Interface (BRI) Support

The Prestige supports a single BRI. A BRI offers two 64 Kbps channels, which can be used independently
for two destinations or be bundled to speed up data transfer.

Extensive Analog Phone Support

The Prestige is equipped with two standard phone jacks for you to connect analog devices such as telephones
and FAX machines. It also supports supplementary services such as call waiting and 3-way calling.

1-2 Getting to Know Your Prestige

Prestige 202H Plus User’s Guide

Incoming Call Support

In addition to making outgoing calls, you can configure the Prestige to act as a remote access server for
telecommuting employees.

Outgoing Data Call Bumping Support

Call bumping is a feature that allows the Prestige to manage an MP (Multilink Protocol) bundle dynamically,
dropping or reconnecting a channel in a bundle when necessary. Previously, the router did this for voice calls
only, but now with this new feature, the Prestige can drop a channel in an MP bundle if there is a data packet
to another remote node.

CLID Callback Support For Dial-In Users

CLID (Calling Line IDentification) is an authentication method to identify a dial-in user. CLID callback is
used as an ISDN toll saving feature because a call can be disconnected immediately without picking up the
phone.

TCP/IP and PPP Support

♦ TCP/IP (Transmission Control Protocol/Internet Protocol) network layer protocol.

♦ PPP/MP (Point-to-Point Protocol/Multilink Protocol) link layer protocol.

Dial-on-Demand

The Dial-on-Demand feature allows the Prestige to automatically place a call to a remote gateway based on
the triggering packet’s destination without user intervention.

PPP Multilink

The Prestige can bundle multiple links in a single connection using PPP Multilink Protocol (MP). The
number of links can be either statically configured or dynamically managed based on traffic demand.

Bandwidth-On-Demand

The Prestige dynamically allocates bandwidth by dialing and dropping connections according to traffic
demand.

Full Network Management

♦ You can access the SMT (System Management Terminal) through a telnet connection or console port.

♦ The embedded web configurator is an all-platform web-based utility that allows you to easily access the

Prestige’s management interface.

Getting to Know Your Prestige 1-3

Prestige 202H Plus User’s Guide

Logging and Tracing

♦ CDR (Call Detail Record) to help analyze and manage the telephone bill.

♦ Built-in message logging and packet tracing.

♦ UNIX syslog facility support.

PAP and CHAP Security

The Prestige supports PAP (Password Authentication Protocol) and CHAP (Challenge Handshake
Authentication Protocol). CHAP is more secure than PAP; however, PAP is readily available on more
platforms.

DHCP (Dynamic Host Configuration Protocol)

DHCP (Dynamic Host Configuration Protocol) allows the individual client computers to obtain the TCP/IP
configuration at start-up from a centralized DHCP server. The Prestige has built-in DHCP server capability,
enabled by default, which means it can assign IP addresses, an IP default gateway and DNS servers to all
systems that support the DHCP client. The Prestige can also act as a surrogate DHCP server (DHCP relay)
where it relays IP address assignment from another DHCP server to the clients.

Call Control

Your Prestige provides budget management for outgoing calls and maintains a blacklist for unreachable
phone numbers in order to save you the expense of unnecessary charges.

Data Compression

Your Prestige incorporates Stac data compression to speed up data transfer. Stac is the de facto standard of
data compression over PPP links.

Upgrade Firmware via LAN

The Prestige supports the up/downloading of firmware and configuration file over the LAN.

Supplementary Voice Features

The Prestige supports the following supplementary voice features on both of its analog or POTS (Plain Old
Telephone Service) phone ports:

♦ Call Waiting

♦ Three Way Calling (Conference Calling)

♦ Call Transfer

♦ Call Forwarding

1-4 Getting to Know Your Prestige