ZyXEL Prestige 334WT User Guide

Page 1
P-334WT
802.11g Wireless Broadband Router with Firewall
User’s Guide
Version 3.60
1/2006
Page 2
Page 3
P-334WT User’s Guide

Copyright

The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice. This publication is subject to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
Copyright 3
Page 4
P-334WT User’s Guide
Federal Communications
Commission (FCC) Interference
Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:
• This device may not cause harmful interference.
• This device must accept any interference received, including interference that may cause undesired operations.
This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:
• Reorient or relocate the receiving antenna.
• Increase the separation between the equipment and the receiver.
• Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
• Consult the dealer or an experienced radio/TV technician for help.
Notice 1
Changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment.
This Class B digital apparatus complies with Canadian ICES-003.
Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada.
Certifications
1 Go to www.zyxel.com.
2 Select your product from the drop-down list box on the ZyXEL home page to go to that
product's page.
3 Select the certification you wish to view from this page.

4 Federal Communications Commission (FCC) Interference Statement

Page 5
P-334WT User’s Guide

Safety Warnings

For your safety, be sure to read and follow all warning notices and instructions.
• To reduce the risk of fire, use only No. 26 AWG (American Wire Gauge) or larger telecommunication line cord.
• Do NOT open the device or unit. Opening or removing covers can expose you to dangerous high voltage points or other risks. ONLY qualified service personnel can service the device. Please contact your vendor for further information.
• Use ONLY the dedicated power supply for your device. Connect the power cord or power adaptor to the right supply voltage (110V AC in North America or 230V AC in Europe).
• Do NOT use the device if the power supply is damaged as it might cause electrocution.
• If the power supply is damaged, remove it from the power outlet.
• Do NOT attempt to repair the power supply. Contact your local vendor to order a new power supply.
• Place connecting cables carefully so that no one will step on them or stumble over them. Do NOT allow anything to rest on the power cord and do NOT locate the product where anyone can walk on the power cord.
• If you wall mount your device, make sure that no electrical, gas or water pipes will be damaged.
• Do NOT install nor use your device during a thunderstorm. There may be a remote risk of electric shock from lightning.
• Do NOT expose your device to dampness, dust or corrosive liquids.
• Do NOT use this product near water, for example, in a wet basement or near a swimming pool.
• Make sure to connect the cables to the correct ports.
• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your device.
• Do NOT store things on the device.
• Connect ONLY suitable accessories to the device.
Safety Warnings 5
Page 6
P-334WT User’s Guide
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to proper operating condition. Any replacement will consist of a new or re-manufactured functionally equivalent product of equal or higher value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product has been modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.
Note
Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This warranty is in lieu of all other warranties, express or implied, including any implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect or consequential damages of any kind to the purchaser.

ZyXEL Limited Warranty

To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material Authorization number (RMA). Products must be returned Postage Prepaid. It is recommended that the unit be insured when shipped. Any returned products without proof of purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty gives you specific legal rights, and you may also have other rights that vary from country to country.
Registration
Register your product online to receive e-mail notices of firmware upgrades and information
www.zyxel.com for global products, or at www.us.zyxel.com for North American products.
at
6 ZyXEL Limited Warranty
Page 7
P-334WT User’s Guide

Customer Support

Please have the following information ready when you contact customer support.
• Product model and serial number.
• Warranty Information.
• Date that you received your device.
• Brief description of the problem and the steps you took to solve it.
METHOD
LOCATION
CORPORATE HEADQUARTERS (WORLDWIDE)
CZECH REPUBLIC
DENMARK
FINLAND
FRANCE
GERMANY
HUNGARY
KAZAKHSTAN
NORTH AMERICA
NORWAY
SUPPORT E-MAIL TELEPHONE
SALES E-MAIL FAX FTP SITE
support@zyxel.com.tw +886-3-578-3942 www.zyxel.com
sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.com
info@cz.zyxel.com +420-241-091-350 www.zyxel.cz ZyXEL Communications
info@cz.zyxel.com +420-241-091-359
support@zyxel.dk +45-39-55-07-00 www.zyxel.dk ZyXEL Communications A/S
sales@zyxel.dk +45-39-55-07-07
support@zyxel.fi +358-9-4780-8411 www.zyxel.fi ZyXEL Communications Oy
sales@zyxel.fi +358-9-4780 8448
info@zyxel.fr +33-4-72-52-97-97 www.zyxel.fr ZyXEL France
+33-4-72-52-19-20
support@zyxel.de +49-2405-6909-0 www.zyxel.de ZyXEL Deutschland GmbH.
sales@zyxel.de +49-2405-6909-99
support@zyxel.hu +36-1-3361649 www.zyxel.hu ZyXEL Hungary
info@zyxel.hu +36-1-3259100
http://zyxel.kz/support +7-3272-590-698 www.zyxel.kz ZyXEL Kazakhstan
sales@zyxel.kz +7-3272-590-689
support@zyxel.com 1-800-255-4101
+1-714-632-0882
sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com
support@zyxel.no +47-22-80-61-80 www.zyxel.no ZyXEL Communications A/S
sales@zyxel.no +47-22-80-61-81
A
WEB SITE
www.europe.zyxel.com
ftp.europe.zyxel.com
www.us.zyxel.com ZyXEL Communications Inc.
REGULAR MAIL
ZyXEL Communications Corp. 6 Innovation Road II
Science Park Hsinchu 300 Ta iw a n
Czech s.r.o. Modranská 621 143 01 Praha 4 - Modrany Ceská Republika
Columbusvej 2860 Soeborg Denmark
Malminkaari 10 00700 Helsinki Finland
1 rue des Vergers Bat. 1 / C 69760 Limonest France
Adenauerstr. 20/A2 D-52146 Wuerselen Germany
48, Zoldlomb Str. H-1025, Budapest Hungary
43, Dostyk ave.,Office 414 Dostyk Business Centre 050010, Almaty Republic of Kazakhstan
1130 N. Miller St. Anaheim CA 92806-2001 U.S.A.
Nils Hansens vei 13 0667 Oslo Norway
Customer Support 7
Page 8
P-334WT User’s Guide
METHOD
LOCATION
POLAND
RUSSIA
SPAIN
SWEDEN
UKRAINE
UNITED KINGDOM
A. “+” is the (prefix) number you enter to make an international telephone call.
SUPPORT E-MAIL TELEPHONE
SALES E-MAIL FAX FTP SITE
info@pl.zyxel.com +48-22-5286603 www.pl.zyxel.com ZyXEL Communications
+48-22-5206701
http://zyxel.ru/support +7-095-542-89-29 www.zyxel.ru ZyXEL Russia
sales@zyxel.ru +7-095-542-89-25
support@zyxel.es +34-902-195-420 www.zyxel.es ZyXEL Communications
sales@zyxel.es +34-913-005-345
support@zyxel.se +46-31-744-7700 www.zyxel.se ZyXEL Communications A/S
sales@zyxel.se +46-31-744-7701
support@ua.zyxel.com +380-44-247-69-78 www.ua.zyxel.com ZyXEL Ukraine
sales@ua.zyxel.com +380-44-494-49-32
support@zyxel.co.uk +44-1344 303044
08707 555779 (UK only)
sales@zyxel.co.uk +44-1344 303034 ftp.zyxel.co.uk
A
WEB SITE
REGULAR MAIL
ul.Emilli Plater 53 00-113 Warszawa Poland
Ostrovityanova 37a Str. Moscow, 117279 Russia
Alejandro Villegas 33 1º, 28043 Madrid Spain
Sjöporten 4, 41764 Göteborg Sweden
13, Pimonenko Str. Kiev, 04050 Ukraine
www.zyxel.co.uk ZyXEL Communications UK
Ltd.,11 The Courtyard, Eastern Road, Bracknell, Berkshire, RG12 2XB, United Kingdom (UK)
8 Customer Support
Page 9
P-334WT User’s Guide

Table of Contents

Copyright ..................................................................................................................3
Federal Communications Commission (FCC) Interference Statement ............... 4
Safety Warnings ....................................................................................................... 5
ZyXEL Limited Warranty.......................................................................................... 6
Customer Support.................................................................................................... 7
Table of Contents .....................................................................................................9
Preface ....................................................................................................................37
Chapter 1
Getting to Know Your Prestige ............................................................................. 39
1.1 Prestige Overview ..............................................................................................39
1.2 Prestige Features ...............................................................................................39
1.2.1 Physical Features .....................................................................................39
1.2.2 Non-Physical Features .............................................................................40
1.2.3 Wireless Features .....................................................................................43
1.3 Applications for the Prestige ..............................................................................45
1.3.1 Secure Broadband Internet Access via Cable or DSL Modem .................45
1.3.2 VPN Application ........................................................................................45
1.3.3 Wireless LAN Application .........................................................................46
1.3.4 Front Panel LEDs .....................................................................................47
Chapter 2
Introducing the Web Configurator........................................................................ 49
2.1 Web Configurator Overview ...............................................................................49
2.2 Accessing the Prestige Web Configurator .........................................................49
2.3 Resetting the Prestige ........................................................................................50
2.3.1 Procedure to Use the Reset Button ..........................................................50
2.4 Navigating the Prestige Web Configurator ......................................................50
2.4.1 Navigation Panel .......................................................................................53
2.4.2 Summary: Any IP Table ..........................................................................55
2.4.3 Summary: DHCP Table ...........................................................................56
2.4.4 Summary: Parental Controls Statistics ...................................................57
2.4.4.1 General Control Mode and Per-User Control Mode ........................57
2.4.5 Summary: VPN Monitor ..........................................................................59
2.4.6 Summary: Bandwidth Management Monitor ...........................................59
Table of Contents 9
Page 10
P-334WT User’s Guide
Chapter 3
Connection Wizard................................................................................................. 65
3.1 Wizard Setup ......................................................................................................65
3.2 Connection Wizard: STEP 1: System Information .............................................66
3.3 Connection Wizard: STEP 2: Wireless LAN .......................................................67
3.4 Connection Wizard: STEP 3: Internet Configuration ..........................................71
3.5 Connection Wizard: STEP 4: Bandwidth management ......................................80
3.6 Connection Wizard Complete ............................................................................80
2.4.7 Summary: Packet Statistics .......................................................................60
2.4.8 Summary: Port Isolation ...........................................................................61
2.4.9 Summary: Wireless Station Status .........................................................62
2.4.9.1 WMM QoS .......................................................................................62
3.2.1 System Name ...........................................................................................66
3.2.2 Domain Name ...........................................................................................67
3.3.1 Basic(WEP) Security .................................................................................68
3.3.2 Extend(WPA-PSK or WPA2-PSK) Security ...............................................70
3.3.3 OTIST ........................................................................................................70
3.4.1 Ethernet Connection .................................................................................72
3.4.2 PPPoE Connection ...................................................................................73
3.4.3 PPTP Connection .....................................................................................74
3.4.4 Your IP Address .........................................................................................75
3.4.5 WAN IP Address Assignment ...................................................................76
3.4.6 IP Address and Subnet Mask ...................................................................76
3.4.7 DNS Server Address Assignment .............................................................77
3.4.8 WAN IP and DNS Server Address Assignment .........................................77
3.4.9 WAN MAC Address ...................................................................................79
Chapter 4
Wireless LAN .......................................................................................................... 83
4.1 Introduction ........................................................................................................83
4.2 Wireless Security Overview ...............................................................................83
4.2.1 Encryption .................................................................................................83
4.2.2 Authentication ...........................................................................................83
4.2.3 Restricted Access .....................................................................................84
4.2.4 Hide Prestige Identity ................................................................................84
4.2.5 G-plus .......................................................................................................84
4.2.6 Using OTIST .............................................................................................84
4.3 Configuring Wireless LAN on the Prestige .........................................................84
4.4 General Wireless LAN Screen .......................................................................85
4.4.1 No Security ...............................................................................................86
4.4.2 WEP Encryption ........................................................................................87
4.4.3 Static WEP Encryption ..............................................................................87
10 Table of Contents
Page 11
P-334WT User’s Guide
4.4.4 Introduction to WPA and WPA2 ................................................................89
4.4.5 WPA(2)-PSK Application Example ...........................................................89
4.4.6 WPA-PSK/WPA2-PSK Authentication Screen ..........................................89
4.4.7 Wireless Client WPA Supplicants .............................................................91
4.4.8 WPA(2) with RADIUS Application Example ..............................................91
4.4.9 WPA/WPA2 Authentication Screen ...........................................................92
4.4.10 IEEE 802.1x Overview ............................................................................94
4.4.11 IEEE 802.1x and Dynamic WEP Key Exchange .....................................94
4.4.12 IEEE 802.1x and Static WEP Key Exchange ..........................................95
4.4.13 IEEE 802.1x + no WEP ..........................................................................98
4.5 OTIST .................................................................................................................99
4.5.1 Activating OTIST .....................................................................................100
4.6 MAC Filter ........................................................................................................101
4.7 Wireless LAN Advanced Screen ......................................................................102
4.8 WMM QoS ........................................................................................................104
4.8.1 WMM QoS Example ...............................................................................104
4.8.2 WMM QoS Priorities ...............................................................................105
4.8.3 Services ..................................................................................................105
4.9 QoS Screen ......................................................................................................107
4.9.1 ToS (Type of Service) and WMM QoS ....................................................107
4.10 Application Priority Configuration Screen .......................................................109
Chapter 5
WAN........................................................................................................................111
5.1 WAN Overview ................................................................................................. 111
5.2 TCP/IP Priority (Metric) .................................................................................... 111
5.3 WAN MAC Address .......................................................................................... 111
5.4 WAN ISP Screen ..............................................................................................112
5.4.1 Ethernet Encapsulation ........................................................................... 112
5.4.2 PPPoE Encapsulation .............................................................................113
5.4.3 PPTP Encapsulation ...............................................................................116
5.5 Advanced WAN Screen .................................................................................... 119
5.6 Traffic Redirect .................................................................................................121
5.7 Traffic Redirect Screen .....................................................................................122
Chapter 6
LAN........................................................................................................................123
6.1 LAN Overview ..................................................................................................123
6.1.1 IP Pool Setup ..........................................................................................123
6.1.2 System DNS Servers ..............................................................................123
6.2 LAN TCP/IP ......................................................................................................123
6.2.1 Factory LAN Defaults ..............................................................................123
6.2.2 IP Address and Subnet Mask .................................................................124
Table of Contents 11
Page 12
P-334WT User’s Guide
6.3 Any IP ...............................................................................................................125
6.4 IP Screen .........................................................................................................126
6.5 LAN IP Alias ....................................................................................................127
6.6 Advanced LAN Screen .....................................................................................128
Chapter 7
DHCP Server......................................................................................................... 131
7.1 DHCP ...............................................................................................................131
7.2 DHCP Screen ...................................................................................................131
7.3 Static DHCP Screen .........................................................................................132
7.4 Client List Screen .............................................................................................133
Chapter 8
Network Address Translation (NAT)...................................................................135
6.2.3 RIP Setup ...............................................................................................124
6.2.4 Multicast ..................................................................................................124
6.3.1 How Any IP Works ..................................................................................126
8.1 NAT Overview ...............................................................................................135
8.1.1 NAT Definitions .......................................................................................135
8.1.2 What NAT Does ......................................................................................136
8.1.3 How NAT Works .....................................................................................136
8.1.4 NAT Application ......................................................................................137
8.1.5 NAT Mapping Types ...............................................................................137
8.2 Using NAT ........................................................................................................138
8.2.1 SUA (Single User Account) Versus NAT ................................................138
8.3 SUA Server ......................................................................................................138
8.3.1 Default Server IP Address ......................................................................139
8.3.2 Port Forwarding: Services and Port Numbers ........................................139
8.3.3 Configuring Servers Behind SUA (Example) ..........................................140
8.4 General NAT Screen ........................................................................................140
8.5 Port Forwarding Screen ...................................................................................141
8.5.1 Port Forwarding Rule Setup ..................................................................143
8.6 Trigger Port Forwarding ...................................................................................143
8.6.1 Trigger Port Forwarding Example ...........................................................144
8.6.2 Two Points To Remember About Trigger Ports .......................................144
8.7 Trigger Port Forwarding Screen .......................................................................145
Chapter 9
Firewall..................................................................................................................147
9.1 Introduction to Firewall .....................................................................................147
9.1.1 What is a Firewall? .................................................................................147
9.1.2 Stateful Inspection Firewall. ....................................................................147
9.1.3 About the Prestige Firewall .....................................................................147
12 Table of Contents
Page 13
P-334WT User’s Guide
9.1.4 Guidelines For Enhancing Security With Your Firewall ..........................148
9.2 General Firewall Screen ...................................................................................148
9.3 Services Screen ..............................................................................................149
Chapter 10
Content Filtering ................................................................................................. 153
10.1 Introduction to Content Filtering .....................................................................153
10.2 Restrict Web Features ...................................................................................153
10.3 Days and Times .............................................................................................153
10.4 Filter Screen ...................................................................................................153
10.5 Schedule ........................................................................................................155
10.6 Customizing Keyword Blocking URL Checking ..............................................156
10.6.1 Domain Name or IP Address URL Checking ........................................156
10.6.2 Full Path URL Checking .......................................................................156
10.6.3 File Name URL Checking .....................................................................157
Chapter 11
Introduction to IPSec ........................................................................................... 159
11.1 VPN Overview ................................................................................................159
11.1.1 IPSec ....................................................................................................159
11.1.2 Security .................................................................................................159
11.1.3 Other Terminology .................................................................................159
11.1.3.1 Encryption ....................................................................................159
11.1.3.2 Data Confidentiality .....................................................................160
11.1.3.3 Data Integrity ...............................................................................160
11.1.3.4 Data Origin Authentication ...........................................................160
11.1.4 VPN Applications ..................................................................................160
11.2 IPSec Architecture ..........................................................................................160
11.2.1 IPSec Algorithms ..................................................................................161
11.2.2 Key Management ..................................................................................161
11.3 Encapsulation .................................................................................................161
11.3.1 Transport Mode .....................................................................................162
11.3.2 Tunnel Mode .........................................................................................162
11.4 IPSec and NAT ...............................................................................................162
Chapter 12
VPN Screens.......................................................................................................165
12.1 VPN/IPSec Overview .....................................................................................165
12.2 IPSec Algorithms ............................................................................................165
12.2.1 AH (Authentication Header) Protocol ....................................................165
12.2.2 ESP (Encapsulating Security Payload) Protocol ..................................165
12.3 My IP Address ................................................................................................166
12.4 Secure Gateway Address ..............................................................................166
Table of Contents 13
Page 14
P-334WT User’s Guide
12.5 VPN Summary Screen ...................................................................................167
12.6 Keep Alive ......................................................................................................168
12.7 NAT Traversal ................................................................................................169
12.8 ID Type and Content ......................................................................................170
12.9 Pre-Shared Key ..............................................................................................172
12.10 VPN Rules ....................................................................................................172
12.11 IKE Phases ..................................................................................................176
12.12 Advanced Rule Setup Screen ......................................................................178
12.13 Manual Key ..................................................................................................182
12.14 Manual Key Screen ......................................................................................183
12.15 SA Monitor Screen .......................................................................................185
12.16 Global Setting Screen ..................................................................................186
12.17 Telecommuter VPN/IPSec Examples ...........................................................187
12.18 VPN and Remote Management ...................................................................189
12.4.1 Dynamic Secure Gateway Address ......................................................167
12.7.1 NAT Traversal Configuration .................................................................169
12.7.2 Remote DNS Server .............................................................................169
12.8.1 ID Type and Content Examples ............................................................171
12.11.1 Negotiation Mode ................................................................................177
12.11.2 Diffie-Hellman (DH) Key Groups .........................................................177
12.11.3 Perfect Forward Secrecy (PFS) ..........................................................177
12.13.1 Security Parameter Index (SPI) ..........................................................182
12.17.1 Telecommuters Sharing One VPN Rule Example ..............................187
12.17.2 Telecommuters Using Unique VPN Rules Example ...........................188
Chapter 13
Trend Micro Home Network Security (TMSS) ....................................................191
13.1 Trend Micro Home Network Security Overview .............................................191
13.2 Installing the Trend Micro Dashboard ............................................................192
13.2.1 Installing the Trend Micro Dashboard: Troubleshooting ........................193
13.3 Activating Your Free Services ........................................................................194
13.3.1 Registering a Trend Micro Customer Account.......................................195
13.3.2 Installing Trend Micro Internet Security .................................................197
13.3.3 Registering Trend Micro Internet Security .............................................200
13.4 TMSS Settings ...............................................................................................201
13.4.1 TMSS General Screen ..........................................................................201
13.4.2 Exception List Screen ..........................................................................202
13.4.3 Virus Protection Screen .......................................................................204
13.4.4 Parental Control Screen ......................................................................205
13.4.4.1 General Control Mode and Per-User Control Mode ....................205
13.4.4.2 Parents Override Password ........................................................206
13.4.5 Configuring an Access Profile in General Control Mode ......................208
13.4.6 Configuring a Schedule ........................................................................209
14 Table of Contents
Page 15
P-334WT User’s Guide
13.4.7 Configuring the User List in Per-User Mode .........................................210
13.4.8 Content Blocking Categories .................................................................211
13.5 Port Isolation .................................................................................................212
Chapter 14
Static Route Screens ...........................................................................................215
14.1 Static Route Overview ....................................................................................215
14.2 IP Static Route Screen ...................................................................................215
14.2.1 Static Route Setup Screen ...................................................................216
Chapter 15
Bandwidth Management......................................................................................219
15.1 Bandwidth Management Overview ...............................................................219
15.2 Application-based Bandwidth Management ...................................................219
15.3 Subnet-based Bandwidth Management .........................................................219
15.4 Application and Subnet-based Bandwidth Management ...............................220
15.5 Bandwidth Management Priorities ................................................................221
15.6 Predefined Bandwidth Management Services ...............................................221
15.6.1 Services and Port Numbers ..................................................................222
15.7 Default Bandwidth Management Classes and Priorities ................................224
15.8 Bandwidth Management General Configuration ...........................................224
15.9 Bandwidth Management Advanced Configuration ........................................225
15.9.1 Rule Configuration with the Pre-defined Service ................................227
15.9.2 Rule Configuration with the User-defined Service ..............................228
15.10 Bandwidth Management Monitor ..............................................................229
Chapter 16
Remote Management Screens ............................................................................ 231
16.1 Remote Management Overview .....................................................................231
16.1.1 Remote Management Limitations .........................................................231
16.1.2 Remote Management and NAT ............................................................232
16.1.3 System Timeout ...................................................................................232
16.2 WWW Screen ..............................................................................................232
16.3 Telnet ..............................................................................................................233
16.4 Telnet Screen .................................................................................................233
16.5 FTP Screen ....................................................................................................234
16.6 SNMP .............................................................................................................235
16.6.1 Supported MIBs ....................................................................................237
16.6.2 SNMP Traps .........................................................................................237
16.7 SNMP Screen ................................................................................................237
16.8 DNS Screen ................................................................................................238
16.9 Security Screen ............................................................................................239
Table of Contents 15
Page 16
P-334WT User’s Guide
Chapter 17
UPnP...................................................................................................................... 241
17.1 Universal Plug and Play Overview ................................................................241
17.2 UPnP and ZyXEL ...........................................................................................242
17.3 UPnP Screen .................................................................................................242
17.4 Installing UPnP in Windows Example ............................................................243
17.5 Using UPnP in Windows XP Example ...........................................................245
Chapter 18
System .................................................................................................................. 251
17.1.1 How Do I Know If I'm Using UPnP? ......................................................241
17.1.2 NAT Traversal .......................................................................................241
17.1.3 Cautions with UPnP ..............................................................................241
17.4.1 Installing UPnP in Windows Me ............................................................243
17.4.2 Installing UPnP in Windows XP ............................................................244
17.5.1 Auto-discover Your UPnP-enabled Network Device .............................246
17.5.2 Web Configurator Easy Access ............................................................247
17.5.3 Web Configurator Easy Access ............................................................248
18.1 System Overview ...........................................................................................251
18.2 System General Screen ...............................................................................251
18.3 Dynamic DNS .................................................................................................252
18.3.1 DynDNS Wildcard .................................................................................252
18.4 Dynamic DNS Screen ....................................................................................252
18.5 Time Setting Screen .......................................................................................254
Chapter 19
Logs....................................................................................................................... 257
19.1 View Log .......................................................................................................257
19.2 Log Settings ...................................................................................................258
Chapter 20
Tools ...................................................................................................................... 261
20.1 Firmware Upload Screen ...............................................................................261
20.2 Configuration Screen .....................................................................................262
20.2.1 Backup Configuration ...........................................................................263
20.2.2 Restore Configuration ...........................................................................263
20.2.3 Back to Factory Defaults .......................................................................264
20.3 Restart Screen ...............................................................................................265
Chapter 21
Introducing the SMT ............................................................................................267
21.1 SMT Introduction ............................................................................................267
21.1.1 Procedure for SMT Configuration via Telnet .........................................267
16 Table of Contents
Page 17
P-334WT User’s Guide
21.1.2 Entering Password ................................................................................267
21.1.3 Prestige SMT Menu Overview ..............................................................268
21.2 Navigating the SMT Interface .........................................................................269
21.2.1 System Management Terminal Interface Summary ..............................271
21.3 Changing the System Password ....................................................................271
Chapter 22
Menu 1 General Setup ......................................................................................... 273
22.1 General Setup ................................................................................................273
22.2 Procedure To Configure Menu 1 ....................................................................273
22.2.1 Procedure to Configure Dynamic DNS .................................................275
Chapter 23
Menu 2 WAN Setup ..............................................................................................277
23.1 WAN Setup .....................................................................................................277
Chapter 24
Menu 3 LAN Setup ...............................................................................................279
24.1 LAN Setup ......................................................................................................279
24.1.1 General Ethernet Setup ........................................................................279
24.2 Protocol Dependent Ethernet Setup ..............................................................280
24.3 TCP/IP Ethernet Setup and DHCP ................................................................280
24.3.1 IP Alias Setup .......................................................................................282
24.4 Wireless LAN Setup .......................................................................................283
24.4.1 Configuring MAC Address Filter ...........................................................285
24.4.2 Configuring Roaming on the Prestige ...................................................286
Chapter 25
Internet Access .................................................................................................... 287
25.1 Introduction to Internet Access Setup ............................................................287
25.2 Ethernet Encapsulation ..................................................................................287
25.3 Configuring the PPTP Client ..........................................................................289
25.4 Configuring the PPPoE Client ........................................................................289
25.5 Basic Setup Complete ....................................................................................290
Chapter 26
Remote Node Configuration ...............................................................................291
26.1 Introduction to Remote Node Setup ...............................................................291
26.2 Remote Node Profile Setup ...........................................................................291
26.2.1 Ethernet Encapsulation .........................................................................291
26.2.2 PPPoE Encapsulation ...........................................................................293
26.2.2.1 Outgoing Authentication Protocol ................................................293
26.2.2.2 Nailed-Up Connection .................................................................294
Table of Contents 17
Page 18
P-334WT User’s Guide
26.3 Edit IP .............................................................................................................295
26.4 Remote Node Filter ........................................................................................297
Chapter 27
Static Route Setup ...............................................................................................301
27.1 IP Static Route Setup .....................................................................................301
Chapter 28
Network Address Translation (NAT)...................................................................303
28.1 Using NAT ......................................................................................................303
28.2 Applying NAT .................................................................................................303
28.3 NAT Setup ......................................................................................................305
28.4 Configuring a Server behind NAT ..................................................................309
28.5 General NAT Examples ..................................................................................310
28.6 Configuring Trigger Port Forwarding .............................................................316
26.2.3 PPTP Encapsulation .............................................................................294
26.4.1 Traffic Redirect Setup ...........................................................................298
28.1.1 SUA (Single User Account) Versus NAT ..............................................303
28.3.1 Address Mapping Sets ..........................................................................305
28.3.1.1 User-Defined Address Mapping Sets ..........................................306
28.3.1.2 Ordering Your Rules ....................................................................307
28.5.1 Example 1: Internet Access Only ..........................................................310
28.5.2 Example 2: Internet Access with an Inside Server ............................... 311
28.5.3 Example 3: Multiple Public IP Addresses With Inside Servers .............312
28.5.4 Example 4: NAT Unfriendly Application Programs ...............................315
Chapter 29
Enabling the Firewall ...........................................................................................319
29.1 Remote Management and the Firewall ..........................................................319
29.2 Access Methods .............................................................................................319
29.3 Enabling the Firewall ......................................................................................319
Chapter 30
Filter Configuration..............................................................................................321
30.1 Introduction to Filters ......................................................................................321
30.1.1 The Filter Structure of the Prestige .......................................................322
30.2 Configuring a Filter Set ..................................................................................323
30.2.1 Configuring a Filter Rule .......................................................................325
30.2.2 Configuring a TCP/IP Filter Rule ..........................................................325
30.2.3 Configuring a Generic Filter Rule .........................................................328
30.3 Example Filter ................................................................................................330
30.4 Filter Types and NAT ......................................................................................332
30.5 Firewall Versus Filters ....................................................................................333
18 Table of Contents
Page 19
P-334WT User’s Guide
30.6 Applying a Filter ............................................................................................333
30.6.1 Applying LAN Filters .............................................................................333
30.6.2 Applying Remote Node Filters ..............................................................334
Chapter 31
SNMP Configuration ............................................................................................335
31.1 About SNMP ..................................................................................................335
31.2 Supported MIBs ............................................................................................336
31.3 SNMP Configuration ......................................................................................336
31.4 SNMP Traps ...................................................................................................337
Chapter 32
System Security ...................................................................................................339
32.1 System Security .............................................................................................339
32.2 System Password ..........................................................................................339
32.3 Configuring External RADIUS Server ............................................................339
32.4 IEEE 802.1x ...................................................................................................341
Chapter 33
System Information and Diagnosis .................................................................... 343
33.1 System Status ................................................................................................343
33.2 System Information ........................................................................................345
33.2.1 System Information ...............................................................................345
33.2.2 Console Port Speed ..............................................................................346
33.3 Log and Trace ................................................................................................346
33.3.1 Syslog Logging .....................................................................................346
33.3.1.1 CDR ............................................................................................348
33.3.1.2 Packet triggered ..........................................................................348
33.3.1.3 Filter log .....................................................................................349
33.3.1.4 PPP log ......................................................................................349
33.3.1.5 Firewall log ..................................................................................350
33.3.2 Call-Triggering Packet ..........................................................................350
33.4 Diagnostic ......................................................................................................351
33.4.1 WAN DHCP ..........................................................................................352
Chapter 34
Firmware and Configuration File Maintenance ................................................. 355
34.1 Filename Conventions ...................................................................................355
34.2 Backup Configuration .....................................................................................356
34.2.1 Backup Configuration ...........................................................................356
34.2.2 Using the FTP Command from the Command Line ..............................357
34.2.3 Example of FTP Commands from the Command Line .........................357
34.2.4 GUI-based FTP Clients .........................................................................357
Table of Contents 19
Page 20
P-334WT User’s Guide
34.3 Restore Configuration ....................................................................................359
34.4 Uploading Firmware and Configuration Files .................................................361
Chapter 35
System Maintenance............................................................................................ 365
34.2.5 TFTP and FTP over WAN Management Limitations .............................358
34.2.6 Backup Configuration Using TFTP .......................................................358
34.2.7 TFTP Command Example ....................................................................358
34.2.8 GUI-based TFTP Clients ......................................................................359
34.3.1 Restore Using FTP ...............................................................................359
34.3.2 Restore Using FTP Session Example ..................................................360
34.4.1 Firmware File Upload ............................................................................361
34.4.2 Configuration File Upload .....................................................................361
34.4.3 FTP File Upload Command from the DOS Prompt Example ................362
34.4.4 FTP Session Example of Firmware File Upload ...................................363
34.4.5 TFTP File Upload ..................................................................................363
34.4.6 TFTP Upload Command Example ........................................................363
35.1 Command Interpreter Mode ...........................................................................365
35.1.1 Command Syntax .................................................................................365
35.1.2 Command Usage ..................................................................................366
35.2 Call Control Support .......................................................................................366
35.2.1 Budget Management ............................................................................366
35.2.2 Call History ...........................................................................................367
35.3 Time and Date Setting ....................................................................................368
35.3.1 Resetting the Time ................................................................................370
Chapter 36
Remote Management ........................................................................................... 371
36.1 Remote Management .....................................................................................371
36.1.1 Remote Management Limitations .........................................................372
Chapter 37
Call Scheduling ....................................................................................................373
37.1 Introduction to Call Scheduling ......................................................................373
Chapter 38
VPN/IPSec Setup .................................................................................................. 377
38.1 VPN/IPSec Overview .....................................................................................377
38.2 IPSec Summary Screen .................................................................................378
38.3 IKE Setup .......................................................................................................383
38.4 Manual Setup .................................................................................................384
38.4.1 Active Protocol ......................................................................................385
38.4.2 Security Parameter Index (SPI) ............................................................385
20 Table of Contents
Page 21
P-334WT User’s Guide
Chapter 39
SA Monitor ............................................................................................................ 387
39.1 SA Monitor Overview .....................................................................................387
39.2 Using SA Monitor ...........................................................................................387
Chapter 40
Troubleshooting ................................................................................................... 389
40.1 Problems Starting Up the Prestige .................................................................389
40.2 Problems with the LAN ...................................................................................389
40.3 Problems with the WAN .................................................................................390
40.4 Problems Accessing the Prestige ..................................................................391
40.5 Problems with Restricted Web Pages and Keyword Blocking .......................391
40.5.1 Pop-up Windows, JavaScripts and Java Permissions ..........................392
40.5.1.1 Internet Explorer Pop-up Blockers ..............................................393
40.5.1.2 JavaScripts ..................................................................................396
40.5.1.3 Java Permissions ........................................................................398
40.5.2 ActiveX Controls in Internet Explorer ....................................................400
Appendix A
Setting up Your Computer’s IP Address............................................................ 403
40.5.3 Verifying Settings ..................................................................................418
Appendix B
IP Subnetting ........................................................................................................ 419
Appendix C
PPPoE ................................................................................................................... 427
Appendix D
PPTP...................................................................................................................... 429
Appendix E
Wireless LANs ...................................................................................................... 433
Appendix F
Log Descriptions.................................................................................................. 443
Appendix G
Wall-mounting Instructions................................................................................. 459
Table of Contents 21
Page 22
P-334WT User’s Guide
22 Table of Contents
Page 23
P-334WT User’s Guide

List of Figures

Figure 1 Secure Internet Access via Cable, DSL or Wireless Modem ................................ 45
Figure 2 VPN Application .................................................................................................... 46
Figure 3 Internet Access Application Example .................................................................... 46
Figure 4 P-334WT Front Panel ........................................................................................... 47
Figure 5 Change Password Screen .................................................................................... 50
Figure 6 Web Configurator Status Screen .......................................................................... 51
Figure 7 Summary: Any IP Table ........................................................................................ 56
Figure 8 Summary: DHCP Table ......................................................................................... 56
Figure 9 Summary: Parental Control Statistics ................................................................... 58
Figure 10 Summary: VPN Monitor ...................................................................................... 59
Figure 11 Summary: BW MGMT Monitor ............................................................................ 60
Figure 12 Summary: Packet Statistics ................................................................................ 60
Figure 13 Summary: Port Isolation ...................................................................................... 62
Figure 14 Summary: Wireless Association List ................................................................... 63
Figure 15 Select Wizard or Advanced Mode ....................................................................... 65
Figure 16 Select a Language .............................................................................................. 66
Figure 17 Welcome to the Connection Wizard .................................................................... 66
Figure 18 Wizard Step 1: System Information ..................................................................... 67
Figure 19 Wizard Step 2: Wireless LAN .............................................................................. 68
Figure 20 Wizard Step 2: Basic(WEP) Security .................................................................. 69
Figure 21 Wizard Step 2: Extend(WPA-PSK or WPA2-PSK) Security ................................ 70
Figure 22 Wizard Step 2: OTIST ......................................................................................... 71
Figure 23 Wizard Step 3: ISP Parameters. ......................................................................... 72
Figure 24 Wizard Step 3: Ethernet Connection ................................................................... 72
Figure 25 Wizard Step 3: PPPoE Connection ..................................................................... 73
Figure 26 Wizard Step 3: PPTP Connection ....................................................................... 74
Figure 27 Wizard Step 3: Your IP Address .......................................................................... 75
Figure 28 Wizard Step 3: WAN IP and DNS Server Addresses .......................................... 78
Figure 29 Wizard Step 3: WAN MAC Address .................................................................... 79
Figure 30 Wizard Step 4: Bandwidth Management ............................................................ 80
Figure 31 Connection Wizard Save ................................................................................... 81
Figure 32 Connection Wizard Complete ............................................................................. 81
Figure 33 Wireless ............................................................................................................. 85
Figure 34 Wireless: No Security .......................................................................................... 86
Figure 35 Wireless: Static WEP Encryption ........................................................................ 88
Figure 36 WPA(2)-PSK Authentication ............................................................................... 89
List of Figures 23
Page 24
P-334WT User’s Guide
Figure 37 Wireless: WPA-PSK/WPA2-PSK ......................................................................... 90
Figure 38 WPA(2) with RADIUS Application Example ........................................................ 92
Figure 39 Wireless: WPA/WPA2 ......................................................................................... 92
Figure 40 Wireless: 802.1x and Dynamic WEP .................................................................. 94
Figure 41 Wireless: 802.1x and Static WEP ....................................................................... 96
Figure 42 Wireless: 802.1x ................................................................................................. 98
Figure 43 OTIST ................................................................................................................. 100
Figure 44 OTIST Start ......................................................................................................... 101
Figure 45 OTIST Process ................................................................................................... 101
Figure 46 MAC Address Filter ............................................................................................. 102
Figure 47 Advanced ............................................................................................................ 103
Figure 48 QoS ..................................................................................................................... 108
Figure 49 Application Priority Configuration ........................................................................ 109
Figure 50 Ethernet Encapsulation ....................................................................................... 112
Figure 51 PPPoE Encapsulation ......................................................................................... 114
Figure 52 PPTP Encapsulation ........................................................................................... 117
Figure 53 Advanced ............................................................................................................ 119
Figure 54 Traffic Redirect WAN Setup ................................................................................ 121
Figure 55 Traffic Redirect LAN Setup ................................................................................. 121
Figure 56 WAN: Traffic Redirect .......................................................................................... 122
Figure 57 Any IP Example Application ................................................................................ 125
Figure 58 LAN IP ................................................................................................................. 126
Figure 59 LAN IP Alias ........................................................................................................ 127
Figure 60 Advanced ............................................................................................................ 129
Figure 61 General ............................................................................................................... 131
Figure 62 Static DHCP ........................................................................................................ 133
Figure 63 Client List ............................................................................................................ 134
Figure 64 How NAT Works .................................................................................................. 136
Figure 65 NAT Application With IP Alias ............................................................................. 137
Figure 66 Multiple Servers Behind NAT Example ............................................................... 140
Figure 67 NAT General ....................................................................................................... 141
Figure 68 Port Forwarding .................................................................................................. 142
Figure 69 Port Forwarding Rule Setup ................................................................................ 143
Figure 70 Trigger Port Forwarding Process: Example ........................................................ 144
Figure 71 Trigger Port .........................................................................................................145
Figure 72 General ............................................................................................................... 148
Figure 73 Services .............................................................................................................. 150
Figure 74 Content Filter Disabled ....................................................................................... 153
Figure 75 Content Filter: Filter ............................................................................................ 154
Figure 76 Content Filter: Schedule ..................................................................................... 155
Figure 77 Encryption and Decryption .................................................................................. 160
Figure 78 IPSec Architecture .............................................................................................. 161
Figure 79 Transport and Tunnel Mode IPSec Encapsulation .............................................. 162
24 List of Figures
Page 25
P-334WT User’s Guide
Figure 80 IPSec Summary Fields ....................................................................................... 167
Figure 81 VPN Summary .................................................................................................... 167
Figure 82 NAT Router Between IPSec Routers .................................................................. 169
Figure 83 VPN Host using Intranet DNS Server Example .................................................. 170
Figure 84 Mismatching ID Type and Content Configuration Example ................................ 172
Figure 85 VPN Rule Setup .................................................................................................. 173
Figure 86 Two Phases to Set Up the IPSec SA .................................................................. 176
Figure 87 Advanced Rule Setup ......................................................................................... 178
Figure 88 Rule Setup with Manual Key ............................................................................... 183
Figure 89 SA Monitor .......................................................................................................... 186
Figure 90 Global Setting ..................................................................................................... 186
Figure 91 Telecommuters Sharing One VPN Rule Example ............................................... 188
Figure 92 Telecommuters Using Unique VPN Rules Example ........................................... 189
Figure 93 TMSS First Time Access ..................................................................................... 192
Figure 94 Security Warning Message Box .......................................................................... 192
Figure 95 Trend Micro Dashboard) ..................................................................................... 193
Figure 96 Dashboard Service Summary Screen ................................................................. 195
Figure 97 3 Steps Screen .................................................................................................... 196
Figure 98 Account Registration Screen .............................................................................. 196
Figure 99 Download Now Screen ....................................................................................... 198
Figure 100 Registration Information Screen ....................................................................... 199
Figure 101 Trend Micro Internet Security Registration Screen ........................................... 200
Figure 102 TMSS General Screen ...................................................................................... 201
Figure 103 Exception List Screen ....................................................................................... 203
Figure 104 Virus Protection Screen .................................................................................... 204
Figure 105 Parental Control Screen: General Control Mode .............................................. 206
Figure 106 Parental Control Screen: Per-User Control Mode ............................................. 207
Figure 107 General Mode: Edit Category ........................................................................... 209
Figure 108 General Mode: Edit Schedule ........................................................................... 210
Figure 109 Per-User Control Mode: Edit User List .............................................................. 211
Figure 110 Port Isolation Example ...................................................................................... 213
Figure 111 Port Isolation ..................................................................................................... 213
Figure 112 Example of Static Routing Topology .................................................................. 215
Figure 113 IP Static Route .................................................................................................. 216
Figure 114 Static Route Setup ............................................................................................ 217
Figure 115 Subnet-based Bandwidth Management Example ............................................. 220
Figure 116 Bandwidth Management: General ..................................................................... 225
Figure 117 Bandwidth Management: Advanced ................................................................. 226
Figure 118 Bandwidth Management Rule Configuration: Pre-defined Service ................... 227
Figure 119 Bandwidth Management Rule Configuration: User-defined Service ................. 228
Figure 120 Bandwidth Management: Monitor ..................................................................... 229
Figure 121 WWW Remote Management ............................................................................ 232
Figure 122 Telnet Configuration on a TCP/IP Network ....................................................... 233
List of Figures 25
Page 26
P-334WT User’s Guide
Figure 123 Telnet Remote Management ............................................................................. 234
Figure 124 FTP Remote Management ................................................................................ 234
Figure 125 SNMP Management Model ............................................................................... 236
Figure 126 SNMP Remote Management ............................................................................ 237
Figure 127 DNS Remote Management ............................................................................... 238
Figure 128 Security Remote Management ......................................................................... 239
Figure 129 Configuring UPnP ............................................................................................. 242
Figure 130 System General ............................................................................................... 251
Figure 131 Dynamic DNS ................................................................................................... 253
Figure 132 Time Setting ...................................................................................................... 254
Figure 133 View Log ........................................................................................................... 257
Figure 134 Log Settings ...................................................................................................... 259
Figure 135 Maintenance Firmware Upload ......................................................................... 261
Figure 136 Upload Warning ................................................................................................ 262
Figure 137 Network Temporarily Disconnected .................................................................. 262
Figure 138 Upload Error Message ...................................................................................... 262
Figure 139 Configuration ..................................................................................................... 263
Figure 140 Configuration Restore Successful ..................................................................... 264
Figure 141 Temporarily Disconnected ................................................................................. 264
Figure 142 Configuration Restore Error .............................................................................. 264
Figure 143 System Restart ................................................................................................. 265
Figure 144 Login Screen ..................................................................................................... 267
Figure 145 SMT Main Menu ................................................................................................ 270
Figure 146 Menu 23 System Password .............................................................................. 272
Figure 147 Menu 1 General Setup. ..................................................................................... 274
Figure 148 Menu 1.1 Configure Dynamic DNS .................................................................. 275
Figure 149 Menu 2 WAN Setu ............................................................................................ 277
Figure 150 Menu 3 LAN Setup ............................................................................................ 279
Figure 151 Menu 3.1 LAN Port Filter Setup. ....................................................................... 279
Figure 152 Menu 3.2 TCP/IP and DHCP Ethernet Setup ................................................... 280
Figure 153 Physical Network & Partitioned Logical Networks ............................................ 282
Figure 154 Menu 3.2.1: IP Alias Setup ............................................................................... 282
Figure 155 Menu 3.5: Wireless LAN Setup ......................................................................... 283
Figure 156 Menu 3.5.1: WLAN MAC Address Filter ........................................................... 285
Figure 157 Menu 3.5.2: Roaming Configuration ................................................................. 286
Figure 158 Menu 4 Internet Access Setup .......................................................................... 287
Figure 159 Internet Access Setup (PPTP) ......................................................................... 289
Figure 160 Internet Access Setup (PPPoE) ........................................................................ 290
Figure 161 Menu 11.1 Remote Node Profile for Ethernet Encapsulation ............................ 292
Figure 162 Menu 11.1 Remote Node Profile for PPPoE Encapsulation .............................. 293
Figure 163 Menu 11.1 Remote Node Profile for PPTP Encapsulation ................................ 295
Figure 164 Menu 11.3 Remote Node Network Layer Options for Ethernet Encapsulation . 296
Figure 165 Menu 11.5: Remote Node Filter (Ethernet Encapsulation) ................................ 297
26 List of Figures
Page 27
P-334WT User’s Guide
Figure 166 Menu 11.5: Remote Node Filter (PPPoE or PPTP Encapsulation) ................... 298
Figure 167 Menu 11.6: Traffic Redirect Setup .................................................................... 298
Figure 168 Menu 12 IP Static Route Setup ........................................................................ 301
Figure 169 Menu12.1 Edit IP Static Route .......................................................................... 301
Figure 170 Menu 4: Applying NAT for Internet Access ....................................................... 304
Figure 171 Menu 11.3 Applying NAT to the Remote Node ................................................. 304
Figure 172 Menu 15 NAT Setup .......................................................................................... 305
Figure 173 Menu 15.1 Address Mapping Sets .................................................................... 305
Figure 174 Menu 15.1.255 SUA Address Mapping Rules ................................................. 306
Figure 175 Menu 15.1.1 First Set ........................................................................................ 307
Figure 176 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set ......................... 308
Figure 177 Menu 15.2.1 NAT Server Setup ........................................................................ 309
Figure 178 Multiple Servers Behind NAT Example ............................................................. 310
Figure 179 NAT Example 1 ................................................................................................. 310
Figure 180 Menu 4 Internet Access & NAT Example ......................................................... 311
Figure 181 NAT Example 2 ................................................................................................. 311
Figure 182 Menu 15.2.1 Specifying an Inside Server ......................................................... 312
Figure 183 NAT Example 3 ................................................................................................. 313
Figure 184 NAT Example 3: Menu 11.3 .............................................................................. 313
Figure 185 Example 3: Menu 15.1.1.1 ............................................................................... 314
Figure 186 Example 3: Final Menu 15.1.1 .......................................................................... 314
Figure 187 Example 3: Menu 15.2 ...................................................................................... 315
Figure 188 NAT Example 4 ................................................................................................. 315
Figure 189 Example 4: Menu 15.1.1.1 Address Mapping Rule. .......................................... 316
Figure 190 Example 4: Menu 15.1.1 Address Mapping Rules ............................................ 316
Figure 191 Menu 15.3 Trigger Port Setup ........................................................................... 317
Figure 192 Menu 21.2 Firewall Setup ................................................................................. 320
Figure 193 Outgoing Packet Filtering Process .................................................................... 321
Figure 194 Filter Rule Process ............................................................................................ 323
Figure 195 Menu 21: Filter and Firewall Setup ................................................................... 324
Figure 196 Menu 21.1: Filter Set Configuration .................................................................. 324
Figure 197 Menu 21.1.1.1 TCP/IP Filter Rule. .................................................................... 326
Figure 198 Executing an IP Filter ........................................................................................ 328
Figure 199 Menu 21.1.4.1 Generic Filter Rule .................................................................... 329
Figure 200 Telnet Filter Example ........................................................................................ 330
Figure 201 Example Filter: Menu 21.1.3.1 .......................................................................... 331
Figure 202 Example Filter Rules Summary: Menu 21.1.3 .................................................. 332
Figure 203 Protocol and Device Filter Sets ......................................................................... 333
Figure 204 Filtering LAN Traffic .......................................................................................... 333
Figure 205 Filtering Remote Node Traffic ........................................................................... 334
Figure 206 SNMP Management Model ............................................................................... 335
Figure 207 Menu 22 SNMP Configuration .......................................................................... 336
Figure 208 Menu 23 System Security ................................................................................. 339
List of Figures 27
Page 28
P-334WT User’s Guide
Figure 209 Menu 23.2 System Security : RADIUS Server .................................................. 340
Figure 210 Menu 23.4 System Security : IEEE802.1x ........................................................ 341
Figure 211 Menu 24 System Maintenance .......................................................................... 343
Figure 212 Menu 24.1 System Maintenance : Status ......................................................... 344
Figure 213 Menu 24.2 System Information and Console Port Speed ............................... 345
Figure 214 Menu 24.2.1 System Maintenance : Information ............................................. 345
Figure 215 Menu 24.2.2 System Maintenance : Change Console Port Speed ................... 346
Figure 216 Menu 24.3.2 System Maintenance : Syslog Logging ........................................ 347
Figure 217 Call-Triggering Packet Example ........................................................................ 351
Figure 218 Menu 24.4 System Maintenance : Diagnostic ................................................... 352
Figure 219 LAN & WAN DHCP ........................................................................................... 352
Figure 220 Telnet in Menu 24.5 ........................................................................................... 356
Figure 221 FTP Session Example ...................................................................................... 357
Figure 222 Telnet into Menu 24.6. ....................................................................................... 360
Figure 223 Restore Using FTP Session Example ............................................................... 360
Figure 224 Telnet Into Menu 24.7.1 Upload System Firmware ........................................... 361
Figure 225 Telnet Into Menu 24.7.2 System Maintenance . ................................................ 362
Figure 226 FTP Session Example of Firmware File Upload ............................................... 363
Figure 227 Command Mode in Menu 24 ............................................................................. 365
Figure 228 Valid Commands ............................................................................................... 366
Figure 229 Menu 24.9 System Maintenance : Call Control ................................................. 366
Figure 230 Budget Management ......................................................................................... 367
Figure 231 Menu 24.9.2 - Call History ................................................................................ 368
Figure 232 Menu 24: System Maintenance ....................................................................... 369
Figure 233 Menu 24.10 System Maintenance: Time and Date Setting ............................... 369
Figure 234 Menu 24.11 – Remote Management Control .................................................... 371
Figure 235 Menu 26 Schedule Setup .................................................................................. 373
Figure 236 Menu 26.1 Schedule Set Setup ....................................................................... 374
Figure 237 Applying Schedule Set(s) to a Remote Node (PPPoE) .................................... 375
Figure 238 VPN SMT Menu Tree ........................................................................................ 377
Figure 239 Menu 27 VPN/IPSec Setup ............................................................................... 377
Figure 240 Menu 27 ............................................................................................................ 378
Figure 241 Menu 27.1.1 IPSec Setup ................................................................................. 380
Figure 242 Menu 27.1.1.1 IKE Setup .................................................................................. 383
Figure 243 Menu 27.1.1.2 Manual Setup ............................................................................ 385
Figure 244 Menu 27.2 SA Monitor ...................................................................................... 387
Figure 245 Pop-up Blocker ................................................................................................. 393
Figure 246 Internet Options ............................................................................................... 394
Figure 247 Internet Options ................................................................................................ 395
Figure 248 Pop-up Blocker Settings ................................................................................... 396
Figure 249 Internet Options ................................................................................................ 397
Figure 250 Security Settings - Java Scripting ..................................................................... 398
Figure 251 Security Settings - Java .................................................................................... 399
28 List of Figures
Page 29
P-334WT User’s Guide
Figure 252 Java (Sun) ......................................................................................................... 400
Figure 253 Internet Options Security .................................................................................. 401
Figure 254 Security Setting ActiveX Controls ..................................................................... 402
Figure 255 WIndows 95/98/Me: Network: Configuration ..................................................... 404
Figure 256 Windows 95/98/Me: TCP/IP Properties: IP Address ......................................... 405
Figure 257 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ............................ 406
Figure 258 Windows XP: Start Menu .................................................................................. 407
Figure 259 Windows XP: Control Panel .............................................................................. 407
Figure 260 Windows XP: Control Panel: Network Connections: Properties ....................... 408
Figure 261 Windows XP: Local Area Connection Properties .............................................. 408
Figure 262 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 409
Figure 263 Windows XP: Advanced TCP/IP Properties ...................................................... 410
Figure 264 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 411
Figure 265 Macintosh OS 8/9: Apple Menu ........................................................................ 412
Figure 266 Macintosh OS 8/9: TCP/IP ................................................................................ 412
Figure 267 Macintosh OS X: Apple Menu ........................................................................... 413
Figure 268 Macintosh OS X: Network ................................................................................. 414
Figure 269 Red Hat 9.0: KDE: Network Configuration: Devices ........................................ 415
Figure 270 Red Hat 9.0: KDE: Ethernet Device: General ................................................. 415
Figure 271 Red Hat 9.0: KDE: Network Configuration: DNS ............................................. 416
Figure 272 Red Hat 9.0: KDE: Network Configuration: Activate ................................. 416
Figure 273 Red Hat 9.0: Dynamic IP Address Setting in ifconfig-eth0 .............................. 417
Figure 274 Red Hat 9.0: Static IP Address Setting in ifconfig-eth0 .................................. 417
Figure 275 Red Hat 9.0: DNS Settings in resolv.conf ...................................................... 417
Figure 276 Red Hat 9.0: Restart Ethernet Card ................................................................ 418
Figure 277 Red Hat 9.0: Checking TCP/IP Properties ...................................................... 418
Figure 278 Single-Computer per Router Hardware Configuration ...................................... 428
Figure 279 Prestige as a PPPoE Client .............................................................................. 428
Figure 280 Transport PPP frames over Ethernet ............................................................... 429
Figure 281 PPTP Protocol Overview .................................................................................. 430
Figure 282 Example Message Exchange between Computer and an ANT ........................ 431
Figure 283 Peer-to-Peer Communication in an Ad-hoc Network ........................................ 433
Figure 284 Basic Service Set .............................................................................................. 434
Figure 285 Infrastructure WLAN ......................................................................................... 435
Figure 286 RTS/CTS .......................................................................................................... 436
Figure 287 Displaying Log Categories Example ................................................................. 457
Figure 288 Displaying Log Parameters Example ................................................................ 457
Figure 289 Wall-mounting Example .................................................................................... 459
List of Figures 29
Page 30
P-334WT User’s Guide
30 List of Figures
Page 31
P-334WT User’s Guide

List of Tables

Table 1 Front Panel LEDs .................................................................................................. 47
Table 2 Status Screen Icon Key ......................................................................................... 51
Table 3 Web Configurator Status Screen ........................................................................... 52
Table 4 Screens Summary ................................................................................................. 53
Table 5 Summary: Any IP Table ......................................................................................... 56
Table 6 Summary: DHCP Table ......................................................................................... 57
Table 7 Summary: Parental Control Statistics .................................................................... 58
Table 8 Summary: VPN Monitor ......................................................................................... 59
Table 9 Summary: Packet Statistics ................................................................................... 61
Table 10 Summary: Wireless Association List ................................................................... 62
Table 11 Summary: Wireless Association List .................................................................... 63
Table 12 Wizard Step 1: System Information ..................................................................... 67
Table 13 Wizard Step 2: Wireless LAN .............................................................................. 68
Table 14 Wizard Step 2: Basic(WEP) Security ................................................................... 69
Table 15 Wizard Step 2: Extend(WPA-PSK or WPA2-PSK) Security ................................. 70
Table 16 Wizard Step 2: OTIST .......................................................................................... 71
Table 17 Wizard Step 3: ISP Parameters ........................................................................... 72
Table 18 Wizard Step 3: PPPoE Connection ..................................................................... 73
Table 19 Wizard Step 3: PPTP Connection ........................................................................ 75
Table 20 Wizard Step 3: Your IP Address .......................................................................... 76
Table 21 Private IP Address Ranges ................................................................................. 76
Table 22 Wizard Step 3: WAN IP and DNS Server Addresses .......................................... 78
Table 23 Example of Network Properties for LAN Servers with Fixed IP Addresses ......... 79
Table 24 Wizard Step 3: WAN MAC Address ..................................................................... 79
Table 25 Wizard Step 4: Bandwidth Management ............................................................. 80
Table 26 Wireless Security Levels ..................................................................................... 85
Table 27 Wireless ............................................................................................................... 86
Table 28 Wireless No Security ........................................................................................... 87
Table 29 Wireless: Static WEP Encryption ......................................................................... 88
Table 30 Wireless: WPA-PSK/WPA2-PSK ......................................................................... 90
Table 31 Wireless: WPA/WPA2 .......................................................................................... 93
Table 32 Wireless: 802.1x and Dynamic WEP ................................................................... 95
Table 33 Wireless: 802.1x and Static WEP ........................................................................ 96
Table 34 Wireless: 802.1x and No WEP ............................................................................ 98
Table 35 OTIST .................................................................................................................. 100
Table 36 MAC Address Filter ............................................................................................. 102
List of Tables 31
Page 32
P-334WT User’s Guide
Table 37 Advanced .............................................................................................................103
Table 38 WMM QoS Priorities ............................................................................................ 105
Table 39 Commonly Used Services ................................................................................... 105
Table 40 QoS ..................................................................................................................... 108
Table 41 Application Priority Configuration ........................................................................ 109
Table 42 Ethernet Encapsulation ....................................................................................... 112
Table 43 PPPoE Encapsulation ......................................................................................... 115
Table 44 PPTP Encapsulation ............................................................................................ 118
Table 45 Advanced .............................................................................................................120
Table 46 Traffic Redirect .................................................................................................... 122
Table 47 LAN IP ................................................................................................................. 127
Table 48 LAN IP Alias ........................................................................................................ 128
Table 49 Advanced .............................................................................................................129
Table 50 General ................................................................................................................ 132
Table 51 Static DHCP ......................................................................................................... 133
Table 52 Client List ............................................................................................................. 134
Table 53 NAT Definitions .................................................................................................... 135
Table 54 NAT Mapping Types ............................................................................................ 138
Table 55 Services and Port Numbers ................................................................................. 140
Table 56 NAT General ........................................................................................................ 141
Table 57 Port Forwarding ................................................................................................... 142
Table 58 Port Forwarding Rule Setup ................................................................................ 143
Table 59 Trigger Port .......................................................................................................... 145
Table 60 Firewall General .................................................................................................. 149
Table 61 Firewall Services ................................................................................................. 150
Table 62 Content Filter: Filter ............................................................................................. 154
Table 63 Content Filter: Schedule ...................................................................................... 156
Table 64 VPN and NAT ...................................................................................................... 163
Table 65 AH and ESP ........................................................................................................ 166
Table 66 VPN Summary ..................................................................................................... 168
Table 67 Local ID Type and Content Fields ....................................................................... 171
Table 68 Peer ID Type and Content Fields ........................................................................ 171
Table 69 Matching ID Type and Content Configuration Example ....................................... 171
Table 70 VPN Rule Setup .................................................................................................. 173
Table 71 Advanced Rule Setup .......................................................................................... 179
Table 72 Rule Setup with Manual Key ............................................................................... 183
Table 73 SA Monitor ...........................................................................................................186
Table 74 Global Setting ...................................................................................................... 187
Table 75 Telecommuter and Headquarters Configuration Example ................................... 187
Table 76 Internet Explorer Default Security Settings .......................................................... 194
Table 77 Settings: General Screen .................................................................................... 202
Table 78 Settings: Exception List Screen ........................................................................... 203
Table 79 Settings: Virus Protection Screen ........................................................................ 204
32 List of Tables
Page 33
P-334WT User’s Guide
Table 80 Settings: Parental Control Screen ....................................................................... 207
Table 81 Content Blocking Categories ............................................................................... 211
Table 82 Port Isolation ........................................................................................................ 213
Table 83 IP Static Route ..................................................................................................... 216
Table 84 Static Route Setup ............................................................................................... 217
Table 85 Application and Subnet-based Bandwidth Management Example ...................... 220
Table 86 Bandwidth Management Priorities ....................................................................... 221
Table 87 Media Bandwidth Management Setup: Services ................................................. 221
Table 88 Commonly Used Services ................................................................................... 222
Table 89 Bandwidth Management Priority with Default Classes ........................................ 224
Table 90 Bandwidth Management: General ....................................................................... 225
Table 91 Bandwidth Management: Advanced .................................................................... 226
Table 92 Bandwidth Management Rule Configuration: Pre-defined Service ..................... 228
Table 93 Bandwidth Management Rule Configuration: User-defined Service ................... 229
Table 94 WWW Remote Management ............................................................................... 233
Table 95 Telnet Remote Management ............................................................................... 234
Table 96 FTP Remote Management .................................................................................. 235
Table 97 SNMP Traps ........................................................................................................ 237
Table 98 SNMP Remote Management ............................................................................... 238
Table 99 DNS Remote Management ................................................................................. 239
Table 100 Security Remote Management .......................................................................... 240
Table 101 Configuring UPnP .............................................................................................. 242
Table 102 System General ................................................................................................. 251
Table 103 Dynamic DNS .................................................................................................... 253
Table 104 Time Setting ...................................................................................................... 254
Table 105 View Logs .......................................................................................................... 258
Table 106 Log Settings ....................................................................................................... 259
Table 107 Maintenance Firmware Upload .......................................................................... 261
Table 108 Maintenance Restore Configuration .................................................................. 263
Table 109 SMT Menus Overview ....................................................................................... 268
Table 110 Main Menu Commands ...................................................................................... 269
Table 111 Main Menu Summary ......................................................................................... 271
Table 112 Menu 1 General Setup ....................................................................................... 274
Table 113 Menu 1.1 Configure Dynamic DNS .................................................................... 275
Table 114 Menu 2 WAN Setup ........................................................................................... 277
Table 115 DHCP Ethernet Setup Fields ............................................................................. 280
Table 116 Menu 3.2: LAN TCP/IP Setup Fields ................................................................. 281
Table 117 Menu 3.2.1: IP Alias Setup ................................................................................ 282
Table 118 Menu 3.5: Wireless LAN Setup .......................................................................... 284
Table 119 Menu 3.5.1: WLAN MAC Address Filter ............................................................ 285
Table 120 Menu 3.5.2: Roaming Configuration .................................................................. 286
Table 121 Internet Access Setup (Ethernet ....................................................................... 288
Table 122 New Fields in Menu 4 (PPTP) Screen ............................................................... 289
List of Tables 33
Page 34
P-334WT User’s Guide
Table 123 New Fields in Menu 4 (PPPoE) screen ............................................................. 290
Table 124 Menu 11.1 Remote Node Profile for Ethernet Encapsulation ............................ 292
Table 125 Fields in Menu 11.1 (PPPoE Encapsulation Specific) ....................................... 294
Table 126 Menu 11.1 Remote Node Profile for PPTP Encapsulation ................................ 295
Table 127 Remote Node Network Layer Options ............................................................... 296
Table 128 Menu 11.6 Traffic Redirect Setup ...................................................................... 298
Table 129 Menu12.1 Edit IP Static Route ........................................................................... 302
Table 130 Applying NAT in Menus 4 & 11.3 ....................................................................... 305
Table 131 Menu 15.1.255 SUA Address Mapping Rules ................................................... 306
Table 132 Menu 15.1.1 First Set ........................................................................................ 307
Table 133 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set ......................... 308
Table 134 Menu 15.3 Trigger Port Setup ........................................................................... 317
Table 135 Abbreviations Used in the Filter Rules Summary Menu .................................... 324
Table 136 Rule Abbreviations Used ................................................................................... 325
Table 137 Menu 21.1.x.x TCP/IP Filter Rule ...................................................................... 326
Table 138 Menu 21.1.x.x Generic Filter Rule Menu Fields ................................................ 329
Table 139 Menu 22 SNMP Configuration ........................................................................... 337
Table 140 SNMP Traps ...................................................................................................... 337
Table 141 Ports and Permanent Virtual Circuits ................................................................. 338
Table 142 Menu 23.2 System Security : RADIUS Server .................................................. 340
Table 143 Menu 23.4 System Security : IEEE802.1x ......................................................... 341
Table 144 System Maintenance: Status Menu Fields ........................................................ 344
Table 145 Menu 24.2.1 System Maintenance : Information ............................................... 346
Table 146 Menu 24.3.2 System Maintenance : Syslog and Accounting ............................ 347
Table 147 System Maintenance Menu Diagnostic ............................................................. 352
Table 148 Filename Conventions ....................................................................................... 356
Table 149 General Commands for GUI-based FTP Clients ............................................... 357
Table 150 General Commands for GUI-based TFTP Clients ............................................. 359
Table 151 Menu 24.9.1 - Budget Management .................................................................. 367
Table 152 Call History Fields .............................................................................................. 368
Table 153 Time and Date Setting Fields ............................................................................ 370
Table 154 Menu 24.11 – Remote Management Control ..................................................... 372
Table 155 Menu 26.1 Schedule Set Setup ......................................................................... 374
Table 156 Menu 27.1 IPSec Summary ............................................................................... 378
Table 157 Menu 27.1.1 IPSec Setup .................................................................................. 380
Table 158 Menu 27.1.1.1 IKE Setup .................................................................................. 383
Table 159 Active Protocol: Encapsulation and Security Protocol ....................................... 385
Table 160 Menu 27.1.1.2 Manual Setup ............................................................................ 385
Table 161 Menu 27.2 SA Monitor ....................................................................................... 388
Table 162 Troubleshooting Starting Up Your Prestige ........................................................ 389
Table 163 Troubleshooting the LAN ................................................................................... 389
Table 164 Troubleshooting the WAN .................................................................................. 390
Table 165 Troubleshooting Accessing the Prestige ........................................................... 391
34 List of Tables
Page 35
P-334WT User’s Guide
Table 166 Troubleshooting Restricted Web Pages and Keyword Blocking ........................ 391
Table 167 Troubleshooting the Password .......................................................................... 392
Table 168 Troubleshooting Telnet ...................................................................................... 392
Table 169 Classes of IP Addresses ................................................................................... 419
Table 170 Allowed IP Address Range By Class ................................................................. 420
Table 171 “Natural” Masks ................................................................................................ 420
Table 172 Alternative Subnet Mask Notation ..................................................................... 421
Table 173 Two Subnets Example ....................................................................................... 421
Table 174 Subnet 1 ............................................................................................................422
Table 175 Subnet 2 ............................................................................................................422
Table 176 Subnet 1 ............................................................................................................423
Table 177 Subnet 2 ............................................................................................................423
Table 178 Subnet 3 ............................................................................................................423
Table 179 Subnet 4 ............................................................................................................424
Table 180 Eight Subnets .................................................................................................... 424
Table 181 Class C Subnet Planning ................................................................................... 424
Table 182 Class B Subnet Planning ................................................................................... 425
Table 183 IEEE 802.11g ..................................................................................................... 437
Table 184 Comparison of EAP Authentication Types ......................................................... 441
Table 185 Wireless Security Relational Matrix ................................................................... 442
Table 186 System Maintenance Logs ................................................................................ 443
Table 187 System Error Logs ............................................................................................. 444
Table 188 Access Control Logs .......................................................................................... 444
Table 189 TCP Reset Logs ................................................................................................ 445
Table 190 Packet Filter Logs .............................................................................................. 445
Table 191 ICMP Logs ......................................................................................................... 446
Table 192 CDR Logs .......................................................................................................... 446
Table 193 PPP Logs ........................................................................................................... 446
Table 194 UPnP Logs ........................................................................................................ 447
Table 195 Content Filtering Logs ....................................................................................... 447
Table 196 Attack Logs ........................................................................................................ 448
Table 197 IPSec Logs ........................................................................................................ 449
Table 198 IKE Logs ............................................................................................................449
Table 199 PKI Logs ............................................................................................................452
Table 200 Certificate Path Verification Failure Reason Codes ........................................... 453
Table 201 802.1X Logs ...................................................................................................... 454
Table 202 ACL Setting Notes ............................................................................................. 455
Table 203 ICMP Notes ....................................................................................................... 455
Table 204 Syslog Logs ....................................................................................................... 456
Table 205 RFC-2408 ISAKMP Payload Types ................................................................... 456
List of Tables 35
Page 36
P-334WT User’s Guide
36 List of Tables
Page 37
P-334WT User’s Guide

Preface

Congratulations on your purchase of the P-334WT, 802.11g Wireless Broadband Router with Firewall. This manual is designed to guide you through the configuration of your Prestige for its various applications.
Note: Use the web configurator, System Management Terminal (SMT) or command
interpreter interface to configure your Prestige. Not all features can be configured through all interfaces.
This manual may refer to the P-334WT, 802.11g Wireless Broadband Router with Firewall as the Prestige.
About This User's Guide
This User’s Guide is designed to guide you through the configuration of your Prestige using the web configurator or the SMT. The web configurator parts of this guide contain background information on features configurable by web configurator. The SMT parts of this guide contain background information solely on features not configurable by web configurator
Note: Use the web configurator, System Management Terminal (SMT) or command
interpreter interface to configure your Prestige. Not all features can be configured through all interfaces.
Related Documentation
• Supporting Disk
Refer to the included CD for support documents.
• Compact Guide
The Compact Guide is designed to help you get up and running right away. They contain connection information and instructions on getting started.
• Web Configurator Online Help
Embedded web help for descriptions of individual screens and supplementary information.
• ZyXEL Glossary and Web Site
Please refer to www.zyxel.com for an online glossary of networking terms and additional support documentation.
User Guide Feedback
Help us help you! E-mail all User Guide-related comments, questions or suggestions for improvement to techwriters@zyxel.com.tw or send regular mail to The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you!
Preface 37
Page 38
P-334WT User’s Guide
Syntax Conventions
• “Enter” means for you to type one or more characters. “Select” or “Choose” means for you to use one predefined choice.
• The SMT menu titles and labels are in Bold Times New Roman font. Predefined field choices are in Bold Arial font. Command and arrow keys are enclosed in square brackets. [ENTER] means the Enter, or carriage return key; [ESC] means the Escape key and [SPACE BAR] means the Space Bar.
• Mouse action sequences are denoted using a comma. For example, “In Windows, click Start, Settings and then Control Panel” means first click the Start button, then point your mouse pointer to Settings and then click Control Panel.
• “e.g.,” is a shorthand for “for instance”, and “i.e.,” means “that is” or “in other words”.
Graphics Icons Key
Prestige Computer Notebook computer
Server DSLAM Firewall
Modem Switch Router
38 Preface
Page 39

Getting to Know Your Prestige

This chapter introduces the main features and applications of the Prestige.

1.1 Prestige Overview

The Prestige is the ideal secure wireless firewall router for all data passing between the Internet and LAN’s.
By integrating NAT, firewall, media bandwidth management and VPN capability, ZyXEL’s Prestige is a complete security solution that protects your Intranet and efficiently manages data traffic on your network.
P-334WT User’s Guide
CHAPTER 1
The embedded web configurator is easy to operate.
In the Prestige product name, “W” denotes wireless functionality. The P-334WT has an embedded mini-PCI module for 802.11g Wireless LAN connectivity.
Note: Only use firmware for your Prestige’s specific model.

1.2 Prestige Features

The following sections describe Prestige features.

1.2.1 Physical Features

10/100 Mbps Auto-negotiating Ethernet/Fast Ethernet Interface(s)
This auto-negotiation feature allows the Prestige to detect the speed of incoming transmissions and adjust appropriately without manual intervention. It allows data transfer of either 10 Mbps or 100 Mbps in either half-duplex or full-duplex mode depending on your Ethernet network.
Auto-negotiation allows data transfer of 100 Mbps in full-duplex mode
Auto-crossover 10/100 Mbps Ethernet Interface(s)
These interfaces automatically adjust to either a crossover or straight-through Ethernet cable.
Chapter 1 Getting to Know Your Prestige 39
Page 40
P-334WT User’s Guide
4-Port Switch
A combination of switch and router makes your Prestige a cost-effective and viable network solution. You can add up to four computers to the Prestige without the cost of a hub. Add more than four computers to your LAN by using a hub.
Reset Button
The Prestige reset button is built into the rear panel. Use this button to restore the factory default password to 1234; IP address to 192.168.1.1, subnet mask to 255.255.255.0 and DHCP server enabled with a pool of 32 IP addresses starting at 192.168.1.33.

1.2.2 Non-Physical Features

Bandwidth Management
ZyXEL’s Bandwidth Management allows you to specify bandwidth classes based on an application and/or subnet. You can allocate specific amounts of bandwidth capacity (bandwidth budgets) to different bandwidth classes.
Trend Micro Security Services
TMSS (Trend Micro Security Services) identifies vulnerabilities and protects computers and networks that have Internet connections. TMSS is enabled by default on the Prestige but you must register at the TMSS web page. After you register, you can configure TMSS using the Prestige web configurator.
IPSec VPN Capability
Establish a Virtual Private Network (VPN) to connect with business partners and branch offices using data encryption and the Internet to provide secure communications without the expense of leased site-to-site lines. The Prestige VPN is based on the IPSec standard and is fully interoperable with other IPSec-based VPN products.
Firewall
The Prestige is a stateful inspection firewall with DoS (Denial of Service) protection. By default, when the firewall is activated, all incoming traffic from the WAN to the LAN is blocked unless it is initiated from the LAN. The Prestige firewall supports TCP/UDP inspection, DoS detection and prevention, real time alerts, reports and logs.
Content Filtering
The Prestige can also block access to web sites containing keywords that you specify. You can define time periods and days during which content filtering is enabled and include or exclude a range of users on the LAN from content filtering.
40 Chapter 1 Getting to Know Your Prestige
Page 41
P-334WT User’s Guide
Packet Filtering
The packet filtering mechanism blocks unwanted traffic from entering/leaving your network.
Time and Date
The Prestige allows you to get the current time and date from an external server when you turn on your Prestige. You can also set the time manually.
Universal Plug and Play (UPnP)
Using the standard TCP/IP protocol, the Prestige and other UPnP enabled devices can dynamically join a network, obtain an IP address and convey its capabilities to other devices on the network.
Call Scheduling
Configure call time periods to restrict and allow access for users on remote nodes.
PPPoE
PPPoE facilitates the interaction of a host with an Internet modem to achieve access to high­speed data networks via a familiar "dial-up networking" user interface.
PPTP Encapsulation
Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables secure transfer of data from a remote client to a private server, creating a Virtual Private Network (VPN) using a TCP/IP-based network.
PPTP supports on-demand, multi-protocol and virtual private networking over public networks, such as the Internet. The Prestige supports one PPTP server connection at any given time.
Dynamic DNS Support
With Dynamic DNS (Domain Name System) support, you can have a static hostname alias for a dynamic IP address, allowing the host to be more easily accessible from various locations on the Internet. You must register for this service with a Dynamic DNS service provider.
IP Multicast
Deliver IP packets to a specific group of hosts using IP multicast. IGMP (Internet Group Management Protocol) is the protocol used to support multicast groups. The latest version is version 2 (see RFC 2236); the Prestige supports both versions 1 and 2.
Chapter 1 Getting to Know Your Prestige 41
Page 42
P-334WT User’s Guide
IP Alias
IP Alias allows you to partition a physical network into logical networks over the same Ethernet interface. The Prestige supports three logical LAN interfaces via its single physical Ethernet LAN interface with the Prestige itself as the gateway for each LAN network.
SNMP
SNMP (Simple Network Management Protocol) is a protocol used for exchanging management information between network devices. SNMP is a member of the TCP/IP protocol suite. Your Prestige supports SNMP agent functionality, which allows a manager station to manage and monitor the Prestige through the network. The Prestige supports SNMP version one (SNMPv1) and version two (SNMPv2).
Network Address Translation (NAT)
Network Address Translation (NAT) allows the translation of an Internet protocol address used within one network (for example a private IP address used in a local network) to a different IP address known within another network (for example a public IP address used on the Internet).
Traffic Redirect
Traffic Redirect forwards WAN traffic to a backup gateway on the LAN when the Prestige cannot connect to the Internet, thus acting as an auxiliary backup when your regular WAN connection fails.
Port Forwarding
Use this feature to forward incoming service requests to a server on your local network. You may enter a single port number or a range of port numbers to be forwarded, and the local IP address of the desired server.
DHCP (Dynamic Host Configuration Protocol)
DHCP (Dynamic Host Configuration Protocol) allows the individual client computers to obtain the TCP/IP configuration at start-up from a centralized DHCP server. The Prestige has built-in DHCP server capability, enabled by default, which means it can assign IP addresses, an IP default gateway and DNS servers to all systems that support the DHCP client.
Any IP
The Any IP feature allows a computer to access the Internet without changing the network settings (such as IP address and subnet mask) of the computer, when the IP addresses of the computer and the Prestige are not in the same subnet.
42 Chapter 1 Getting to Know Your Prestige
Page 43
P-334WT User’s Guide
Full Network Management
The embedded web configurator is an all-platform web-based utility that allows you to easily access the Prestige’s management settings and configure the firewall. Most functions of the Prestige are also software configurable via the SMT (System Management Terminal) interface. The SMT is a menu-driven interface that you can access over a telnet connection.
RoadRunner Support
In addition to standard cable modem services, the Prestige supports Time Warner’s RoadRunner Service.
Logging and Tracing
• Built-in message logging and packet tracing.
• Unix syslog facility support.
• Firewall logs.
• Content filtering logs.
Upgrade Prestige Firmware via LAN
The firmware of the Prestige can be upgraded via the LAN (refer to the Maintenance-Tools­Firmware screen).
Embedded FTP and TFTP Servers
The Prestige’s embedded FTP and TFTP Servers enable fast firmware upgrades as well as configuration file backups and restoration.

1.2.3 Wireless Features

Wireless LAN
The Prestige supports the IEEE 802.11g standard, which is fully compatible with the IEEE
802.11b standard, meaning that you can have both IEEE 802.11b and IEEE 802.11g wireless clients in the same wireless network.
Note: The P-334WT may be prone to RF (Radio Frequency) interference from other
2.4 GHz devices such as microwave ovens, wireless phones, Bluetooth enabled devices, and other wireless LANs.
Wi-Fi Protected Access
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i security specification standard. Key differences between WPA and WEP are user authentication and improved data encryption.
Chapter 1 Getting to Know Your Prestige 43
Page 44
P-334WT User’s Guide
WPA(2)
Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA 2 (IEEE
802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA.
Key differences between WPA(2) and WEP are improved data encryption and user authentication.
Antenna
The Prestige is equipped with a 2dBi fixed antenna to provide clear radio signal between the wireless stations and the access points.
Wireless LAN MAC Address Filtering
Your Prestige can check the MAC addresses of wireless stations against a list of allowed or denied MAC addresses.
WEP Encryption
WEP (Wired Equivalent Privacy) encrypts data frames before transmitting over the wireless network to help keep network communications private.
OTIST (One Touch Intelligent Security Technology)
OTIST allows your Prestige to assign its ESSID and security settings (WEP or WPA-PSK) to the ZyXEL wireless adapters that support OTIST and are within transmission range. The ZyXEL wireless adapters must also have OTIST enabled.
G-Plus
G-plus is an enhancement to the IEEE 802.11g wireless standard. It increases wireless transmission speeds by allowing larger frames to be sent.
Wireless List
With the wireless list, you can see the list of the wireless stations that are currently using the Prestige to access your wired network.
Wireless LAN Channel Usage
The Wireless Channel Usage displays whether the radio channels are used by other wireless devices within the transmission range of the Prestige. This allows you to select the channel with minimum interference for your Prestige.
44 Chapter 1 Getting to Know Your Prestige
Page 45
P-334WT User’s Guide

1.3 Applications for the Prestige

Here are some examples of what you can do with your Prestige.

1.3.1 Secure Broadband Internet Access via Cable or DSL Modem

You can connect a cable modem, DSL or wireless modem to the Prestige for broadband Internet access via an Ethernet or a wireless port on the modem. The Prestige guarantees not only high speed Internet access, but secure internal network protection and traffic management as well.
Figure 1 Secure Internet Access via Cable, DSL or Wireless Modem

1.3.2 VPN Application

Prestige VPN is an ideal cost-effective way to connect branch offices and business partners over the Internet without the need (and expense) for leased lines between sites.
Chapter 1 Getting to Know Your Prestige 45
Page 46
P-334WT User’s Guide
Figure 2 VPN Application

1.3.3 Wireless LAN Application

Add a wireless LAN to your existing network without expensive network cables. Wireless stations can move freely anywhere in the coverage area and use resources on the wired network.
Figure 3 Internet Access Application Example
46 Chapter 1 Getting to Know Your Prestige
Page 47

1.3.4 Front Panel LEDs

Figure 4 P-334WT Front Panel
The following table describes the LEDs.
Table 1 Front Panel LEDs
LED COLOR STATUS DESCRIPTION
PWR Green On The Prestige is receiving power and functioning
Red On Power to the Prestige is too low.
None Off The Prestige is not receiving power.
LAN 1-4 Green On The Prestige has a successful 10Mb Ethernet
Amber On The Prestige has a successful 100Mb Ethernet
None Off The LAN is not connected.
WAN Green On The Prestige has a successful 10Mb WAN connection.
Amber On The Prestige has a successful 100Mb Ethernet
None Off The WAN connection is not ready, or has failed.
WLAN Green On The Prestige is ready, but is not sending/receiving data
None Off The wireless LAN is not ready or has failed.
OTIST Green Blinking OTIST is in progress
None Off OTIST is not activated or WLAN settings are manually
P-334WT User’s Guide
properly.
Blinking The Prestige is performing testing.
connection.
Blinking The Prestige is sending/receiving data.
connection.
Blinking The Prestige is sending/receiving data.
Blinking The Prestige is sending/receiving data.
connection.
Blinking The Prestige is sending/receiving data.
through the wireless LAN.
Blinking The Prestige is sending/receiving data through the
wireless LAN.
On OTIST is activated and the wireless security settings are
given to a wireless client. The LED remains on unless the WLAN settings are changed.
configured after OTIST is successful.
Chapter 1 Getting to Know Your Prestige 47
Page 48
P-334WT User’s Guide
48 Chapter 1 Getting to Know Your Prestige
Page 49
Introducing the Web
This chapter describes how to access the Prestige web configurator and provides an overview of its screens.

2.1 Web Configurator Overview

The web configurator is an HTML-based management interface that allows easy Prestige setup and management via Internet browser. Use Internet Explorer 6.0 and later or Netscape Navigator 7.0 and later versions. The recommended screen resolution is 1024 by 768 pixels.
P-334WT User’s Guide
CHAPTER 2
Configurator
In order to use the web configurator you need to allow:
• Web browser pop-up windows from your device. Web pop-up blocking is enabled by default in Windows XP SP (Service Pack) 2.
• JavaScripts (enabled by default).
• Java permissions (enabled by default).
Refer to the Troubleshooting chapter to see how to make sure these functions are allowed in Internet Explorer.

2.2 Accessing the Prestige Web Configurator

1 Make sure your Prestige hardware is properly connected and prepare your computer/
computer network to connect to the Prestige (refer to the Quick Start Guide).
2 Launch your web browser.
3 Type "192.168.1.1" as the URL.
4 Type "1234" (default) as the password and click Login. In some versions, the default
password appears automatically - if this is the case, click Login.
5 You should see a screen asking you to change your password (highly recommended) as
shown next. Type a new password (and retype it to confirm) and click Apply or click Ignore.
Chapter 2 Introducing the Web Configurator 49
Page 50
P-334WT User’s Guide
Figure 5 Change Password Screen
Note: The management session automatically times out when the time period set in
the Administrator Inactivity Timer field expires (default five minutes). Simply log back into the Prestige if this happens to you.

2.3 Resetting the Prestige

If you forget your password or cannot access the web configurator, you will need to use the RESET button at the back of the Prestige to reload the factory-default configuration file. This means that you will lose all configurations that you had previously and the password will be reset to “1234”.

2.3.1 Procedure to Use the Reset Button

1 Make sure the PWR LED is on (not blinking).
2 Press the RESET button for ten seconds or until the PWR LED begins to blink and then
release it. When the PWR LED begins to blink, the defaults have been restored and the Prestige restarts.

2.4 Navigating the Prestige Web Configurator

The following summarizes how to navigate the web configurator from the Status screen.
50 Chapter 2 Introducing the Web Configurator
Page 51
Figure 6 Web Configurator Status Screen
P-334WT User’s Guide
The following table describes the icons shown in the Status screen.
Table 2 Status Screen Icon Key
ICON DESCRIPTION
Select a language from the drop-down list box to have the web configurator display in that language.
Click this icon to open a web help page relevant to the screen you are currently configuring.
Click this icon to open the setup wizard. The Prestige has a connection wizard and a bandwidth management wizard.
Click this icon to view copyright and a link for related product information.
Click this icon at any time to exit the web configurator.
Chapter 2 Introducing the Web Configurator 51
Page 52
P-334WT User’s Guide
Table 2 Status Screen Icon Key
ICON DESCRIPTION
Select a number of seconds or None from the drop-down list box to refresh all screen statistics automatically at the end of every time interval or to not refresh the screen statistics.
Click this button to refresh the status screen statistics.
The following table describes the labels shown in the Status screen.
Table 3 Web Configurator Status Screen
LABEL DESCRIPTION
Device Information
System Name This is the System Name you enter in the Maintenance, System, General screen. It
is for identification purposes.
Firmware Version This is the ZyNOS Firmware version and the date created. ZyNOS is ZyXEL's
WAN Information
- IP Address This shows the WAN port’s IP address.
- IP Subnet Mask This shows the WAN port’s subnet mask.
- DHCP This shows the WAN port’s DHCP role - Client or None.
LAN Information
- IP Address This shows the LAN port’s IP address.
- IP Subnet Mask This shows the LAN port’s subnet mask.
- DHCP This shows the LAN port’s DHCP role - Server, Relay or None.
WLAN Information
- Name(SSID) This shows a descriptive name used to identify the Prestige in the wireless LAN.
- Channel This shows the channel number which the Prestige uses over the wireless LAN.
- Security Mode This shows the level of wireless security the Prestige is using.
System Status
System Uptime This is the total time the Prestige has been on.
Current Date/Time This field displays your Prestige’s present
System Resource
- CPU Usage This number shows how many kilobytes of the heap memory the Prestige is using.
- Memory Usage This number shows the Prestige's total heap memory (in kilobytes).
proprietary Network Operating System design.
date and time along with the difference
from the Greenwich Mean Time (GMT) zone. The difference from GMT is based on the time zone. It is also adjusted for Daylight Saving Time if you set the Prestige to use it.
Heap memory refers to the memory that is not used by ZyNOS (ZyXEL Network Operating System) and is thus available for running processes like NAT, VPN and the firewall.
The bar displays what percent of the Prestige's heap memory is in use. The bar turns from green to red when the maximum is being approached.
The bar displays what percent of the Prestige's heap memory is in use. The bar turns from green to red when the maximum is being approached.
52 Chapter 2 Introducing the Web Configurator
Page 53
P-334WT User’s Guide
Table 3 Web Configurator Status Screen
LABEL DESCRIPTION
Interface Status
Interface This displays the Prestige port types. The port types are: WAN, LAN and WLAN.
Status For the LAN and WAN ports, this field displays Down (line is down) or Up (line is up
Rate For the LAN ports, this displays the port speed and duplex setting or N/A when the
Summary
Any IP Table Use this screen to view a list of IP addresses and MAC addresses of computers,
DHCP Table Use this screen to view current DHCP client information.
Parental Control Statistics Use this screen to view a record of attempted entries to web pages or actual entries
VPN Monitor Use this screen to display active VPN connections.
BW MGNT Monitor Use this screen to view the Prestige’s bandwidth usage and allotments.
Packet Statistics Use this screen to view port status and packet specific statistics.
Port Isolation Use this screen to view the port isolation settings and status.
WLAN Station Status Use this screen to view the wireless stations that are currently associated to the
or connected). For the WLAN, it displays Up when the WLAN is enabled or Down when the WLAN is
disabled.
line is disconnected. For the WAN port, it displays the port speed and duplex setting if you’re using
Ethernet encapsulation and Idle (line (ppp) idle), Dial (starting to trigger a call) and Drop (dropping a call) if you're using PPPoE or PPTP encapsulation. This field displays N/A when the line is disconnected.
For the WLAN, it displays the transmission rate when the WLAN is enabled and N/A when the WLAN is disabled.
which are not in the same subnet as the Prestige.
to web pages from a list of website categories.
Prestige.

2.4.1 Navigation Panel

After you enter the password, use the sub-menus on the navigation panel to configure Prestige features.
The following table describes the sub-menus.
Table 4 Screens Summary
LINK TAB FUNCTION
Status This screen shows the Prestige’s general device, system and interface
status information. Use this screen to access the wizard, and summary statistics tables.
Network
Chapter 2 Introducing the Web Configurator 53
Page 54
P-334WT User’s Guide
Table 4 Screens Summary
LINK TAB FUNCTION
Wireless LAN General Use this screen to configure wireless LAN.
OTIST This screen allows you to assign wireless clients the Prestige’s wireless
MAC Filter Use the MAC filter screen to configure the Prestige to block access to
Advanced This screen allows you to configure your Prestige roaming capabilities.
QoS WMM QoS allows you to prioritize wireless traffic according to the delivery
WAN Internet
Connection
Advanced Use this screen to configure DNS servers and other advanced properties.
Traffic Redirect Use this screen to configure your traffic redirect properties and parameters.
LAN IP Use this screen to configure LAN settings.
IP Alias Use this screen to partition your LAN interface into subnets.
Advanced Use this screen to enable Any IP and other advanced properties.
DHCP Server General Use this screen to enable the Prestige’s DHCP server and to have DNS
Static DHCP Use this screen to assign IP addresses on the LAN to specific individual
Client List Use this screen to view current DHCP client information and to always
NAT General Use this screen to enable NAT.
Port Forwarding Use this screen to configure servers behind the Prestige.
Trigger Port Use this screen to change your Prestige’s port triggering settings.
Security
Firewall General Use this screen to activate/deactivate the firewall.
Services This screen shows a summary of the firewall rules, and allows you to edit/
Content Filter Filter Use this screen to block certain web features and sites containing certain
Schedule Use this screen to set the days and times for the Prestige to perform content
VPN Summary Use this screen to view the rule summary.
Rule Setup Use this screen to configure VPN connections.
SA Monitor Use this screen to display and manage active VPN connections.
Global Setting Use this screen to allow NetBIOS through an IPSec tunnel.
security settings.
devices or block the devices from accessing the Prestige.
requirements of the individual and applications.
This screen allows you to configure ISP parameters, WAN IP address assignment and the WAN MAC address.
servers assigned by the DHCP server.
computers based on their MAC addresses.
assign an IP address to a MAC address (and host name).
add a firewall rule.
keywords in the URL.
filtering.
54 Chapter 2 Introducing the Web Configurator
Page 55
P-334WT User’s Guide
Table 4 Screens Summary
LINK TAB FUNCTION
TMSS General Use this screen to enable or disable TMSS.
Exception List Use this screen to decide which computers in the network you can apply
Virus Protection Use this screen to check the computers in the network for Trend Micro
Parental Control Use this screen to allow a parent (LAN administrator) to control a LAN
Port Isolation Use this screen to decide in what situation a port will be separated from
Management
Static Route Static Route
Rules
Bandwidth MGMT
Remote MGMT WWW Use this screen to configure through which interface(s) and from which IP
UPnP General Use this screen to enable UPnP on the Prestige.
Maintenance
System General This screen contains administrative.
Logs View Log Use this screen to view the logs for the categories that you selected.
Tools Firmware Use this screen to upload firmware to your Prestige.
Configuration Use this screen to enable bandwidth management on an interface and edit
Monitor Use this screen to view the Prestige’s bandwidth usage and allotments.
TELNET Use this screen to configure through which interface(s) and from which IP
FTP Use this screen to configure through which interface(s) and from which IP
SNMP Use this screen to configure your Prestige’s settings for Simple Network
DNS Use this screen to configure through which interface(s) and from which IP
Security Use this screen to change your anti-probing settings.
Dynamic DNS Use this screen to set up dynamic DNS.
Time Setting Use this screen to change your Prestige’s time and date.
Log Settings Use this screen to change your Prestige’s log settings.
Configuration Use this screen to backup and restore the configuration or reset the factory
Restart This screen allows you to reboot the Prestige without turning the power off.
TMSS.
Internet Security.
user's Internet access privileges by blocking specified website categories.
other ports and/or allow the ports to bypass port isolation checking.
Use this screen to configure IP static routes.
a corresponding rule.
address(es) users can use HTTP to manage the Prestige.
address(es) users can use Telnet to manage the Prestige.
address(es) users can use FTP to access the Prestige.
Management Protocol management.
address(es) users can send DNS queries to the Prestige.
defaults to your Prestige.

2.4.2 Summary: Any IP Table

Click the Any IP Table (Details...) hyperlink in the Status screen. The Any IP table shows current read-only information (including the IP address and the MAC address) of all network devices that use the Any IP feature to communicate with the Prestige.
Chapter 2 Introducing the Web Configurator 55
Page 56
P-334WT User’s Guide
Figure 7 Summary: Any IP Table
The following table describes the labels in this screen.
Table 5 Summary: Any IP Table
LABEL DESCRIPTION
# This field displays the index number.
IP Address This field displays the IP address of the network device.
MAC Address This field displays the MAC (Media Access Control) address of the computer with
Refresh Click Refresh to update this screen.
the displayed IP address. Every Ethernet device has a unique MAC address. The MAC address is assigned at
the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02.

2.4.3 Summary: DHCP Table

DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows individual clients to obtain TCP/IP configuration at start-up from a server. You can configure the Prestige as a DHCP server or disable it. When configured as a server, the Prestige provides the TCP/IP configuration for the clients. If DHCP service is disabled, you must have another DHCP server on your LAN, or else the computer must be manually configured.
Click the DHCP Table (Details...) hyperlink in the Status screen. Read-only information here relates to your DHCP status. The DHCP table shows current DHCP client information (including IP Address, Host Name and MAC Address) of all network clients using the Prestige’s DHCP server.
Figure 8 Summary: DHCP Table
56 Chapter 2 Introducing the Web Configurator
Page 57
The following table describes the labels in this screen.
Table 6 Summary: DHCP Table
LABEL DESCRIPTION
# This is the index number of the host computer.
IP Address This field displays the IP address relative to the # field listed above.
Host Name This field displays the computer host name.
MAC Address This field shows the MAC address of the computer with the name in the Host Name
field. Every Ethernet device has a unique MAC (Media Access Control) address. The MAC
address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02.
Refresh Click Refresh to renew the screen.

2.4.4 Summary: Parental Controls Statistics

Click the Parental Control Statistics (Details...) hyperlink in the Status screen. This screen shows the current parental control mode and displays a record of attempted entries to web pages or actual entries to web pages from a list of categories.
P-334WT User’s Guide
2.4.4.1 General Control Mode and Per-User Control Mode
General control mode is the simplest way to configure Parental Control. In general control mode, the same restrictions apply to all network users.
Per-user control mode allows you to give different restrictions to each user of your network. In Per-user control mode, all users must log in before accessing the Internet.
Chapter 2 Introducing the Web Configurator 57
Page 58
P-334WT User’s Guide
Figure 9 Summary: Parental Control Statistics
The following table describes the labels in this screen.
Table 7 Summary: Parental Control Statistics
LABEL DESCRIPTION
Control Mode This displays the current parental control mode (General Control or Per-User
Username This field displays only when you enable the per-user control mode.
Category All parental control categories are displayed as shown.
Access Attempts This field displays the number of attempts that have been made to access web
Actual Accesses This field displays the number of times access has been made to web page(s) from
Reset Click Reset to clear all of the fields in this screen.
Refresh Click Refresh to renew the statistics screen.
Control).
This is the name of the user (you configured in the Parental Control screen) allowed to access the Internet and view the unrestricted web content using the Prestige as a gateway.
page(s) from a category of web pages that you have selected in the Parental Control screen.
a category of web pages that you have not selected in the Parental Control screen or that have been accesses by exempted computers.
58 Chapter 2 Introducing the Web Configurator
Page 59

2.4.5 Summary: VPN Monitor

Click the VPN Monitor (Details...) hyperlink in the Status screen. Read-only information here includes encapsulation mode and security protocol.
Figure 10 Summary: VPN Monitor
The following table describes the labels in this screen.
Table 8 Summary: VPN Monitor
P-334WT User’s Guide
TABL E DESCRIPTION
# This is the security association index number.
Name This field displays the identification name for this VPN policy.
Encapsulation This field displays Tun nel or Transport mode.
IPSec Algorithm This field displays the security protocols used for an SA.
Both AH and ESP increase Prestige processing requirements and communications latency (delay).
Refresh Click Refresh to renew the screen.

2.4.6 Summary: Bandwidth Management Monitor

Select the BW MGMT Monitor (Details...) hyperlink in Status screen. View the bandwidth usage of the WAN configured bandwidth rules. This is also shown as bandwidth usage over the bandwidth budget for each rule. The gray section of the bar represents the percentage of unused bandwidth and the orange color represents the percentage of bandwidth in use.
Chapter 2 Introducing the Web Configurator 59
Page 60
P-334WT User’s Guide
Figure 11 Summary: BW MGMT Monitor

2.4.7 Summary: Packet Statistics

Click the Packet Statistics (Details...) hyperlink in the Status screen. Read-only information here includes port status and packet specific statistics. Also provided are "system up time" and "poll interval(s)". The Poll Interval(s) field is configurable.
Figure 12 Summary: Packet Statistics
60 Chapter 2 Introducing the Web Configurator
Page 61
P-334WT User’s Guide
The following table describes the labels in this screen.
Table 9 Summary: Packet Statistics
LABEL DESCRIPTION
Port This is the WAN, LAN or WLAN port.
Status For the LAN ports, this displays the port speed and duplex setting or Down when
the line is disconnected. For the WAN port, it displays the port speed and duplex setting if you’re using
Ethernet encapsulation and Idle (line (ppp) idle), Dial (starting to trigger a call) and Drop (dropping a call) if you're using PPPoE or PPTP encapsulation. This field displays Down when the line is disconnected.
For the WLAN, it displays the transmission rate when the WLAN is enabled and Down when the WLAN is disabled.
TxPkts This is the number of transmitted packets on this port.
RxPkts This is the number of received packets on this port.
Collisions This is the number of collisions on this port.
Tx B/s This displays the transmission speed in bytes per second on this port.
Rx B/s This displays the reception speed in bytes per second on this port.
Up Time This is the total amount of time the line has been up.
System Up Time This is the total time the Prestige has been on.
Poll Interval(s) Enter the time interval for refreshing statistics in this field.
Set Interval Click this button to apply the new poll interval you entered in the Poll Interval(s)
field.
Stop Click Stop to stop refreshing statistics, click Stop.

2.4.8 Summary: Port Isolation

Click the Port Isolation (Details...) hyperlink in the Status screen to view the port isolation status and settings on each port.
Chapter 2 Introducing the Web Configurator 61
Page 62
P-334WT User’s Guide
Figure 13 Summary: Port Isolation
The following table describes the labels in this screen.
Table 10 Summary: Wireless Association List
LABEL DESCRIPTION
Port This is the LAN or WLAN port.
Bypass This displays whether port isolation is performed on the port.
Isolated This displays whether the port is separated and the network or computer(s)
connected to the port cannot communicate with other network or computer(s) connected to other port(s).
MAC Address This displays the MAC address(es) of the computer(s) which is infected by
viruses or vulnerable according to the selected categories.
Category This displays the reason why the port is isolated.
Refresh Click Refresh to redisplay the current screen.

2.4.9 Summary: Wireless Station Status

Click the WLAN Station Status (Details...) hyperlink in the Status screen. View the wireless stations that are currently associated to the Prestige in the Association List screen.
2.4.9.1 WMM QoS
WMM (Wi-Fi MultiMedia) QoS (Quality of Service) ensures quality of service in wireless networks for multimedia applications.
WMM allows you to prioritize wireless traffic according to the delivery requirements of the individual and applications.
WMM is a part of the IEEE 802.11e QoS enhancement to certified Wi-Fi wireless networks.
62 Chapter 2 Introducing the Web Configurator
Page 63
P-334WT User’s Guide
Figure 14 Summary: Wireless Association List
The following table describes the labels in this screen.
Tabl e 11 Summary: Wireless Association List
LABEL DESCRIPTION
# This is the index number of an associated wireless station.
MAC Address This field displays the MAC address of an associated wireless station.
QoS This field displays whether WMM (Wi-Fi MultiMedia) QoS (Quality of Service)
priority is applied to traffic between the Prestige and the wireless station.
Association Time This field displays the time a wireless station first associated with the Prestige.
Refresh Click Refresh to redisplay the current screen.
Chapter 2 Introducing the Web Configurator 63
Page 64
P-334WT User’s Guide
64 Chapter 2 Introducing the Web Configurator
Page 65
This chapter provides information on the Wizard setup screens in the web configurator.

3.1 Wizard Setup

The web configurator’s Wizard setup helps you configure your device to access the Internet. Refer to your ISP (Internet Service Provider) checklist in the Quick Start Guide to know what to enter in each field. Leave a field blank if you don’t have that information.
1 After you access the Prestige Web configurator, click the Go to Wizard setup hyperlink.
You can click the Go to Advanced setup hyperlink to skip this wizard setup and configure advanced features.
P-334WT User’s Guide
CHAPTER 3

Connection Wizard

Figure 15 Select Wizard or Advanced Mode
2 Choose your language from the drop-down list box.
3 Click the Next button to proceed to the next screen.
Chapter 3 Connection Wizard 65
Page 66
P-334WT User’s Guide
Figure 16 Select a Language
4 Read the on-screen information and click Next.
Figure 17 Welcome to the Connection Wizard

3.2 Connection Wizard: STEP 1: System Information

System Information contains administrative and system-related information.

3.2.1 System Name

System Name is for identification purposes. However, because some ISPs check this name you should enter your computer's "Computer Name".
• In Windows 95/98 click Start, Settings, Control Panel, Network. Click the Identification tab, note the entry for the Computer Name field and enter it as the System Name.
• In Windows 2000, click Start, Settings and Control Panel and then double-click System. Click the Network Identification tab and then the Properties button. Note the entry for the Computer name field and enter it as the System Name.
• In Windows XP, click Start, My Computer, View system information and then click the Computer Name tab. Note the entry in the Full computer name field and enter it as the Prestige System Name.
66 Chapter 3 Connection Wizard
Page 67

3.2.2 Domain Name

The Domain Name entry is what is propagated to the DHCP clients on the LAN. If you leave this blank, the domain name obtained by DHCP from the ISP is used. While you must enter the host name (System Name) on each individual computer, the domain name can be assigned from the Prestige via DHCP.
Click Next to configure the Prestige for Internet access.
Figure 18 Wizard Step 1: System Information
P-334WT User’s Guide
The following table describes the labels in this screen.
Table 12 Wizard Step 1: System Information
LABEL DESCRIPTION
System Name System Name is a unique name to identify the Prestige in an Ethernet network. Enter a
descriptive name. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes "-" and underscores "_" are accepted.
Domain Name Type the domain name (if you know it) here. If you leave this field blank, the ISP may
assign a domain name via DHCP. The domain name entered by you is given priority over the ISP assigned domain name.
Back Click Back to display the previous screen.
Next Click Next to proceed to the next screen.
Exit Click Exit to close the wizard screen without saving.

3.3 Connection Wizard: STEP 2: Wireless LAN

Set up your wireless LAN using the following screen.
Chapter 3 Connection Wizard 67
Page 68
P-334WT User’s Guide
Figure 19 Wizard Step 2: Wireless LAN
The following table describes the labels in this screen.
Table 13 Wizard Step 2: Wireless LAN
LABEL DESCRIPTION
Name(SSID) Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless
Channel Selection
Security Select a Security level from the drop-down list box.
Back Click Back to display the previous screen.
Next Click Next to proceed to the next screen.
Exit Click Exit to close the wizard screen without saving.
LAN. If you change this field on the Prestige, make sure all wireless stations use the same
SSID in order to access the network.
The range of radio frequencies used by IEEE 802.11b/g wireless devices is called a channel. Select a channel ID that is not already in use by a neighboring device.
Choose Auto to use OTIST to generate a pre-shared key and only if your wireless clients support OTIST. If you choose this option, skip directly to section
Choose None to have no wireless LAN security configured. If you do not enable any wireless security on your Prestige, your network is accessible to any wireless networking device that is within range. If you choose this option, skip directly to section
3.3.3.
Choose Basic security if you want to configure WEP Encryption parameters. If you choose this option, go directly to section
Choose Extend (WPA-PSK or WPA2-PSK) security to configure a Pre-Shared Key. Choose this option only if your wireless clients support WPA-PSK or WPA2-PSK respectively. If you choose this option, skip directly to section
3.3.1.
3.3.2.
3.3.3.
Note: The wireless stations and Prestige must use the same SSID, channel ID and
WEP encryption key (if WEP is enabled), WPA-PSK (if WPA-PSK is enabled) or WPA2-PSK (if WPA2-PSK is enabled) for wireless communication.

3.3.1 Basic(WEP) Security

Choose Basic(WEP) to setup WEP Encryption parameters.
68 Chapter 3 Connection Wizard
Page 69
Figure 20 Wizard Step 2: Basic(WEP) Security
P-334WT User’s Guide
The following table describes the labels in this screen.
Table 14 Wizard Step 2: Basic(WEP) Security
LABEL DESCRIPTION
Passphrase Type a Passphrase (up to 32 printable characters) and click Generate. The Prestige
WEP Encryption
Key 1 to Key 4 The WEP keys are used to encrypt data. Both the Prestige and the wireless stations
automatically generates a WEP key.
Select 64-bit WEP, 128-bit WEP or 256-bit WEP to allow data encryption.
ASCII Select this option in order to enter ASCII characters as the WEP keys.
HEX Select this option to enter hexadecimal characters as the WEP keys.
The preceding “0x” is entered automatically.
must use the same WEP key for data transmission. If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal
characters ("0-9", "A-F"). If you chose 128-bit WEP, then enter 13 ASCII characters or 26 hexadecimal
characters ("0-9", "A-F"). If you chose 256-bit WEP, then enter 29 ASCII characters or 58 hexadecimal
characters ("0-9", "A-F"). You must configure at least one key, only one key can be activated at any one time.
The default key is key 1.
Chapter 3 Connection Wizard 69
Page 70
P-334WT User’s Guide
Table 14 Wizard Step 2: Basic(WEP) Security
LABEL DESCRIPTION
Back Click Back to display the previous screen.
Next Click Next to proceed to the next screen.
Exit Click Exit to close the wizard screen without saving.

3.3.2 Extend(WPA-PSK or WPA2-PSK) Security

Choose Extend(WPA-PSK) or Extend(WPA2-PSK) security in the Wireless LAN setup screen to set up a Pre-Shared Key.
Figure 21 Wizard Step 2: Extend(WPA-PSK or WPA2-PSK) Security
The following table describes the labels in this screen.
Table 15 Wizard Step 2: Extend(WPA-PSK or WPA2-PSK) Security
LABEL DESCRIPTION
Pre-Shared Key
Back Click Back to display the previous screen.
Next Click Next to proceed to the next screen.
Exit Click Exit to close the wizard screen without saving.

3.3.3 OTIST

The following screen allows you to enable Prestige One-Touch Intelligent Security Technology (OTIST). One-Touch Intelligent Security Technology (OTIST) allows your Prestige to assign wireless clients the Prestige’s SSID and static WEP or WPA-PSK encryption settings. The wireless client must also support OTIST and have OTIST enabled. See
Type from 8 to 63 case-sensitive ASCII characters. You can set up the most secure wireless connection by configuring WPA in the wireless LAN screens. You need to configure an authentication server to do this.
Section 4.5 on page 99 for more information.
70 Chapter 3 Connection Wizard
Page 71
Figure 22 Wizard Step 2: OTIST
P-334WT User’s Guide
The following table describes the labels in this screen.
Table 16 Wizard Step 2: OTIST
LABEL DESCRIPTION
Do you want to enable OTIST?
Setup Key The default OTIST Setup Key is “01234567”. This key can be changed in the
Back
Next
Exit Click Exit to close the wizard screen without saving.
Select the Yes radio button and click Next to proceed with the setup wizard and enable OTIST only when you click Finish in the final wizard screen.
Click No and then Next to proceed to the following screen.
web configurator. Be sure to use the same OTIST Setup Key on the Prestige and wireless clients.
Click Back to display the previous screen.
Click Next to proceed to the next screen.
Refer to the chapter on wireless LAN for more information.

3.4 Connection Wizard: STEP 3: Internet Configuration

The Prestige offers three Internet connection types. They are Ethernet, PPP over Ethernet or PPTP. The wizard attempts to detect which WAN connection type you are using. If the wizard
does not detect a connection type, you must select one from the drop-down list box. Check with your ISP to make sure you use the correct type.
Chapter 3 Connection Wizard 71
Page 72
P-334WT User’s Guide
This wizard screen varies according to the connection type that you select.
Figure 23 Wizard Step 3: ISP Parameters.
The following table describes the labels in this screen,
Table 17 Wizard Step 3: ISP Parameters
CONNECTION TYPE DESCRIPTION
Ethernet Select the Ethernet option when the WAN port is used as a regular Ethernet.
PPPoE
PPTP Select the PPTP option for a dial-up connection.
Select the PPP over Ethernet option for a dial-up connection. If your ISP gave you a an IP address and/or subnet mask, then select PPTP.

3.4.1 Ethernet Connection

Choose Ethernet when the WAN port is used as a regular Ethernet.
Figure 24 Wizard Step 3: Ethernet Connection
72 Chapter 3 Connection Wizard
Page 73

3.4.2 PPPoE Connection

Point-to-Point Protocol over Ethernet (PPPoE) functions as a dial-up connection. PPPoE is an IETF (Internet Engineering Task Force) standard specifying how a host personal computer interacts with a broadband modem (for example DSL, cable, wireless, etc.) to achieve access to high-speed data networks.
For the service provider, PPPoE offers an access and authentication method that works with existing access control systems (for instance, RADIUS).
One of the benefits of PPPoE is the ability to let end users access one of multiple network services, a function known as dynamic service selection. This enables the service provider to easily create and offer new IP services for specific users.
Operationally, PPPoE saves significant effort for both the subscriber and the ISP/carrier, as it requires no specific configuration of the broadband modem at the subscriber’s site.
By implementing PPPoE directly on the Prestige (rather than individual computers), the computers on the LAN do not need PPPoE software installed, since the Prestige does that part of the task. Furthermore, with NAT, all of the LAN's computers will have Internet access.
P-334WT User’s Guide
Refer to the appendix for more information on PPPoE.
Figure 25 Wizard Step 3: PPPoE Connection
The following table describes the labels in this screen.
Table 18 Wizard Step 3: PPPoE Connection
LABEL DESCRIPTION
ISP Parameter for Internet Access
Connection Type
Service Name Type the name of your service provider.
User Name Type the user name given to you by your ISP.
Password Type the password associated with the user name above.
Chapter 3 Connection Wizard 73
Select the PPP over Ethernet option for a dial-up connection.
Page 74
P-334WT User’s Guide
Table 18 Wizard Step 3: PPPoE Connection
LABEL DESCRIPTION
Back Click Back to return to the previous screen.
Next Click Next to continue.
Exit Click Exit to close the wizard screen without saving.

3.4.3 PPTP Connection

Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables transfers of data from a remote client to a private server, creating a Virtual Private Network (VPN) using TCP/ IP-based networks.
PPTP supports on-demand, multi-protocol, and virtual private networking over public networks, such as the Internet.
Refer to the appendix for more information on PPTP.
Note: The Prestige supports one PPTP server connection at any given time.
Figure 26 Wizard Step 3: PPTP Connection
74 Chapter 3 Connection Wizard
Page 75
P-334WT User’s Guide
The following table describes the fields in this screen
Table 19 Wizard Step 3: PPTP Connection
LABEL DESCRIPTION
ISP Parameters for Internet Access
Connection Type Select PPTP from the drop-down list box. To configure a PPTP client, you must
configure the User Name and Password fields for a PPP connection and the PPTP parameters for a PPTP connection.
User Name Type the user name given to you by your ISP.
Password Type the password associated with the User Name above.
PPTP Configuration
Get automatically from ISP
Use fixed IP address
My IP Address Type the (static) IP address assigned to you by your ISP.
My IP Subnet Mask
Server IP Address Type the IP address of the PPTP server.
Connection ID/ Name
Back Click Back to return to the previous screen.
Next Click Next to continue.
Exit Click Exit to close the wizard screen without saving.
Select this radio button if your ISP did not assign you a fixed IP address.
Select this radio button, provided by your ISP to give the Prestige a fixed, unique IP address.
Type the subnet mask assigned to you by your ISP (if given).
Enter the connection ID or connection name in this field. It must follow the "c:id" and "n:name" format. For example, C:12 or N:My ISP.
This field is optional and depends on the requirements of your ISP.

3.4.4 Your IP Address

The following wizard screen allows you to assign a fixed IP address or give the Prestige an automatically assigned IP address depending on your ISP.
Figure 27 Wizard Step 3: Your IP Address
Chapter 3 Connection Wizard 75
Page 76
P-334WT User’s Guide
The following table describes the labels in this screen
Table 20 Wizard Step 3: Your IP Address
LABEL DESCRIPTION
Get automatically from your ISP
Use fixed IP address provided by your ISP
Back Click Back to return to the previous screen.
Next Click Next to continue.
Exit Click Exit to close the wizard screen without saving.
Select this option If your ISP did not assign you a fixed IP address. This is the default selection. If you choose this option, skip directly to section
Select this option if you were given IP address and/or DNS server settings by the ISP. The fixed IP address should be in the same subnet as your broadband modem or router.

3.4.5 WAN IP Address Assignment

Every computer on the Internet must have a unique IP address. If your networks are isolated from the Internet, for instance, only between your two branch offices, you can assign any IP addresses to the hosts without problems. However, the Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of IP addresses specifically for private networks.
Table 21 Private IP Address Ranges
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255
3.4.9.
You can obtain your IP address from the IANA, from an ISP or have it assigned by a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks. On the other hand, if you are part of a much larger organization, you should consult your network administrator for the appropriate IP addresses.
Note: Regardless of your particular situation, do not create an arbitrary IP address;
always follow the guidelines above. For more information on address assignment, please refer to RFC 1597, Address Allocation for Private Internets and RFC 1466, Guidelines for Management of IP Address Space.

3.4.6 IP Address and Subnet Mask

Similar to the way houses on a street share a common street name, so too do computers on a LAN share one common network number.
Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.
76 Chapter 3 Connection Wizard
Page 77
If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established. The Internet Assigned Number Authority (IANA) reserved this block of addresses specifically for private use; please do not use any other number unless you are told otherwise. Let's say you select 192.168.1.0 as the network number; which covers 254 individual addresses, from 192.168.1.1 to 192.168.1.254 (zero and 255 are reserved). In other words, the first three numbers specify the network number while the last number identifies an individual computer on that network.
Once you have decided on the network number, pick an IP address that is easy to remember, for instance, 192.168.1.1, for your Prestige, but make sure that no other device on your network is using that IP address.
The subnet mask specifies the network number portion of an IP address. Your Prestige will compute the subnet mask automatically based on the IP address that you entered. You don't need to change the subnet mask computed by the Prestige unless you are instructed to do otherwise.

3.4.7 DNS Server Address Assignment

P-334WT User’s Guide
Use DNS (Domain Name System) to map a domain name to its corresponding IP address and vice versa, for instance, the IP address of www.zyxel.com is 204.217.0.2. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it.
The Prestige can get the DNS server addresses in the following ways.
1 The ISP tells you the DNS server addresses, usually in the form of an information sheet,
when you sign up. If your ISP gives you DNS server addresses, enter them in the DNS Server fields in the Wizard and/or DHCP Server screen.
2 If the ISP did not give you DNS server information, leave the DNS Server fields set to
0.0.0.0 in the Wizard screen and/or set to From ISP in the DHCP Server screen for the
ISP to dynamically assign the DNS server IP addresses.

3.4.8 WAN IP and DNS Server Address Assignment

The following wizard screen allows you to assign a fixed WAN IP address and DNS server addresses.
Chapter 3 Connection Wizard 77
Page 78
P-334WT User’s Guide
Figure 28 Wizard Step 3: WAN IP and DNS Server Addresses
The following table describes the labels in this screen
Table 22 Wizard Step 3: WAN IP and DNS Server Addresses
LABEL DESCRIPTION
WAN IP Address Assignment
My WAN IP Address Enter your WAN IP address in this field. The WAN IP address should be in
My WAN IP Subnet Mask Enter the IP subnet mask in this field.
Gateway IP Address Enter the gateway IP address in this field.
System DNS Server Address Assignment (if applicable) DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice
versa. The DNS server is extremely important because without it, you must know the IP address of a computer before you can access it. The Prestige uses a system DNS server (in the order you specify here) to resolve domain names for VPN, DDNS and the time server.
First DNS Server Second DNS Server Third DNS Server
Back Click Back to return to the previous screen.
Next Click Next to continue.
Exit Click Exit to close the wizard screen without saving.
the same subnet as your DSL/Cable modem or router.
Enter the DNS server's IP address in the fields provided. If you do not configure a system DNS server, you must use IP addresses
when configuring VPN, DDNS and the time server.
78 Chapter 3 Connection Wizard
Page 79

3.4.9 WAN MAC Address

Every Ethernet device has a unique MAC (Media Access Control) address. The MAC address is assigned at the factory and consists of six pairs of hexadecimal characters, for example, 00:A0:C5:00:00:02.
Table 23 Example of Network Properties for LAN Servers with Fixed IP Addresses
Choose an IP address 192.168.1.2-192.168.1.32; 192.168.1.65-192.168.1.254.
Subnet mask 255.255.255.0
Gateway (or default route) 192.168.1.1(Prestige LAN IP)
This screen allows users to configure the WAN port's MAC address by either using the Prestige’s MAC address, copying the MAC address from a computer on your LAN or manually entering a MAC address. Once it is successfully configured, the address will be copied to the "rom" file (ZyNOS configuration file). It will not change unless you change the setting or upload a different "rom" file. It is advisable to clone the MAC address from a computer on your LAN even if your ISP does not presently require MAC address authentication.
P-334WT User’s Guide
Figure 29 Wizard Step 3: WAN MAC Address
The following table describes the fields in this screen.
Table 24 Wizard Step 3: WAN MAC Address
LABEL DESCRIPTION
Factory Default Select Factory Default to use the factory assigned default MAC address.
Clone the computer’s MAC address
Set WAN MAC Address
Select this option and enter the IP address of the computer on the LAN whose MAC you are cloning. It is advisable to clone the MAC address from a computer on your LAN even if your ISP does not presently require MAC address authentication.
Select this option and enter the MAC address you want to use.
Chapter 3 Connection Wizard 79
Page 80
P-334WT User’s Guide
Table 24 Wizard Step 3: WAN MAC Address
LABEL DESCRIPTION
Back Click Back to return to the previous screen.
Next Click Next to continue.
Exit Click Exit to close the wizard screen without saving.

3.5 Connection Wizard: STEP 4: Bandwidth management

Bandwidth management allows you to control the amount of bandwidth going out through the Prestige’s WAN, LAN or WLAN port and prioritize the distribution of the bandwidth according to the traffic type. This helps keep one service from using all of the available bandwidth and shutting out other users.
Figure 30 Wizard Step 4: Bandwidth Management
The following fields describe the label in this screen.
Table 25 Wizard Step 4: Bandwidth Management
LABEL DESCRIPTION
Enable BM for all traffic automatically
Back Click Back to return to the previous screen.
Next Click Next to continue.
Exit Click Exit to close the wizard screen without saving.
Select the check box to have the Prestige apply bandwidth management to traffic going out through the Prestige’s WAN, LAN or WLAN port. Bandwidth is allocated according to the traffic type automatically. Real-time packets, such as VoIP traffic always get higher priority.

3.6 Connection Wizard Complete

Click Apply to save your configuration.
80 Chapter 3 Connection Wizard
Page 81
P-334WT User’s Guide
Figure 31 Connection Wizard Save
Follow the on-screen instructions and click Finish to complete the wizard setup.
Figure 32 Connection Wizard Complete
Well done! You have successfully set up your Prestige to operate on your network and access the Internet.
Chapter 3 Connection Wizard 81
Page 82
P-334WT User’s Guide
82 Chapter 3 Connection Wizard
Page 83
This chapter discusses how to configure Wireless LAN.

4.1 Introduction

A wireless LAN can be as simple as two computers with wireless LAN adapters communicating in a peer-to-peer network or as complex as a number of computers with wireless LAN adapters communicating through access points which bridge network traffic to the wired LAN.
Note: See the WLAN appendix for more detailed information on WLANs.
P-334WT User’s Guide
CHAPTER 4

Wireless LAN

4.2 Wireless Security Overview

Wireless security is vital to your network to protect wireless communication between wireless stations, access points and the wired network.
Wireless security methods available on the Prestige are data encryption, wireless client authentication, restricting access by device MAC address and hiding the Prestige identity.

4.2.1 Encryption

• Use WPA(2) security if you have WPA(2)-aware wireless clients and a RADIUS server. WPA has user authentication and improved data encryption over WEP.
• Use WPA(2)-PSK if you have WPA(2)-aware wireless clients but no RADIUS server.
• If you don’t have WPA(2)-aware wireless clients, then use WEP key encrypting. A higher bit key offers better security at a throughput trade-off. You can use passphrase to automatically generate 64-bit or 128-bit WEP keys or manually enter 64-bit, 128-bit or 256-bit WEP keys.

4.2.2 Authentication

WPA has user authentication and you can also configure IEEE 802.1x to use a RADIUS server to authenticate wireless clients before joining your network.
• Use RADIUS authentication if you have a RADIUS server. See the appendices for information on protocols used when a client authenticates with a RADIUS server via the Prestige.
Chapter 4 Wireless LAN 83
Page 84
P-334WT User’s Guide

4.2.3 Restricted Access

The MAC Filter screen allows you to configure the AP to give exclusive access to devices (Allow) or exclude them from accessing the AP (Deny).

4.2.4 Hide Prestige Identity

If you hide the ESSID, then the Prestige cannot be seen when a wireless client scans for local APs. The trade-off for the extra security of “hiding” the Prestige may be inconvenient for some valid WLAN clients.

4.2.5 G-plus

G-plus is an enhancement to the IEEE 802.11g wireless standard. G-plus combines multiple frames into a larger frame size. This increases wireless transmission speeds by allowing larger frames (up to 4 KB) to be sent.
Note: G-plus speed applies only to unicast traffic (not broadcast or multicast). G-plus
is automatically disabled if wireless transmission speeds fall below 11 Mbps.

4.2.6 Using OTIST

To automatically configure the wireless security settings and set the wireless client to use the same SSID and WEP or WPA-PSK settings, use the OTIST setup wizard or the advanced wireless OTIST screen.
To manually configure the security setting, enter the WEP or WPA-PSK keys and SSID in the wireless screen. After that, you can enter the same settings in the wireless client or run OTIST to have the wireless client acquire the SSID and key automatically.
If you change the SSID or the keys after OTIST, you need to run OTIST again or enter them manually in the wireless client.
Note: You must activate and start OTIST on both the Prestige and the wireless client
at the same time.
See the wireless client Quick Start Guide for information on wireless client OTIST setup. For more information on OTIST see
Section 4.5.1 on page 100.

4.3 Configuring Wireless LAN on the Prestige

1 Configure the SSID and WEP in the Wireless screen. If you configure WEP, you can’t
configure WPA or WPA-PSK.
2 Use the MAC Filter screen to restrict access to your wireless network by MAC address.
3 Configure the RADIUS authentication database settings in the Wireless screen.
84 Chapter 4 Wireless LAN
Page 85
P-334WT User’s Guide
4 If you have OTIST-enabled clients, configure OTIST in the OTIST screen. OTIST
transfers device SSID and WEP or WPA-PSK key settings (if enabled) to wireless clients.
The following figure shows the relative effectiveness of these wireless security methods available on your Prestige.
Table 26 Wireless Security Levels
Security Level Security Type
Least Secure
Most Secure
Unique SSID (Default)
Unique SSID with Hide SSID Enabled
MAC Address Filtering
WEP Encryption
IEEE802.1x EAP with RADIUS Server Authentication
Wi-Fi Protected Access (WPA)
WPA2
Note: You must enable the same wireless security settings on the Prestige and on all
wireless clients that you want to associate with it.

4.4 General Wireless LAN Screen

Note: If you are configuring the Prestige from a computer connected to the wireless
LAN and you change the Prestige’s SSID, channel or security settings, you will lose your wireless connection when you press Apply to confirm. You must then change the wireless settings of your computer to match the Prestige’s new settings.
Click the Wireless LAN link under Network to open the Wireless screen.
Figure 33 Wireless
Chapter 4 Wireless LAN 85
Page 86
P-334WT User’s Guide
The following table describes the general wireless LAN labels in this screen.
Table 27 Wireless
LABEL DESCRIPTION
Enable Wireless LAN
Name(SSID) (Service Set IDentity) The SSID identifies the Service Set with which a wireless
Hide SSID Select this check box to hide the SSID in the outgoing beacon frame so a station
Channel Selection
Apply Click Apply to save your changes back to the Prestige.
Reset Click Reset to reload the previous configuration for this screen.
See the rest of this chapter for information on the other labels in this screen.

4.4.1 No Security

Select No Security to allow wireless stations to communicate with the access points without any data encryption.
Note: If you do not enable any wireless security on your Prestige, your network is
accessible to any wireless networking device that is within range.
Click the check box to activate wireless LAN.
station is associated. Wireless stations associating to the access point (AP) must have the same SSID. Enter a descriptive name (up to 32 printable 7-bit ASCII characters) for the wireless LAN.
cannot obtain the SSID through scanning using a site survey tool.
Set the operating frequency/channel depending on your particular region. Select a channel from the drop-down list box. Refer to the Connection Wizard chapter for more information on channels.
Figure 34 Wireless: No Security
86 Chapter 4 Wireless LAN
Page 87
The following table describes the labels in this screen.
Table 28 Wireless No Security
LABEL DESCRIPTION
Security Mode Choose No Security from the drop-down list box.
Apply Click Apply to save your changes back to the Prestige.
Reset Click Reset to reload the previous configuration for this screen.

4.4.2 WEP Encryption

WEP encryption scrambles the data transmitted between the wireless stations and the access points to keep network communications private. It encrypts unicast and multicast communications in a network. Both the wireless stations and the access points must use the same WEP key.
Your Prestige allows you to configure up to four 64-bit, 128-bit or 256-bit WEP keys but only one key can be enabled at any one time.
P-334WT User’s Guide
In order to configure and enable WEP encryption; click Wireless LAN and Wireless to the display the Wireless General screen.

4.4.3 Static WEP Encryption

In order to configure and enable WEP encryption; click the Wireless LAN link under Network to display the Wireless General screen. Select Static WEP from the Security Mode list.
Chapter 4 Wireless LAN 87
Page 88
P-334WT User’s Guide
Figure 35 Wireless: Static WEP Encryption
The following table describes the wireless LAN security labels in this screen.
Table 29 Wireless: Static WEP Encryption
LABEL DESCRIPTION
Passphrase Enter a Passphrase (up to 32 printable characters) and clicking Generate. The
Prestige automatically generates a WEP key.
WEP Encryption
Authentication Method
ASCII Select this option in order to enter ASCII characters as WEP key.
Hex Select this option in order to enter hexadecimal characters as a WEP key.
Key 1 to Key 4 The WEP keys are used to encrypt data. Both the Prestige and the wireless stations
Apply Click Apply to save your changes back to the Prestige.
Reset Click Reset to reload the previous configuration for this screen.
Select 64-bit WEP, 128-bit WEP or 256-bit WEP to enable data encryption.
This field is activated when you select 64-bit WEP, 128-bit WEP or 256-bit WEP in the WEP Encryption field.
Select Auto, Open System or Shared Key from the drop-down list box.
The preceding "0x", that identifies a hexadecimal key, is entered automatically.
must use the same WEP key for data transmission. If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal
characters ("0-9", "A-F"). If you chose 128-bit WEP, then enter 13 ASCII characters or 26 hexadecimal
characters ("0-9", "A-F"). If you chose 256-bit WEP, then enter 29 ASCII characters or 58 hexadecimal
characters ("0-9", "A-F"). You must configure at least one key, only one key can be activated at any one time.
The default key is key 1.
88 Chapter 4 Wireless LAN
Page 89

4.4.4 Introduction to WPA and WPA2

Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA is preferred to WEP as WPA has user authentication and improved data encryption. WPA improves data encryption by using Temporal Key Integrity Protocol (TKIP), Message Integrity Check (MIC) and IEEE 802.1x. WPA2 uses Advanced Encryption Standard (AES) to offer stronger encryption than WPA. See the appendix for more information on WPA user authentication and WPA encryption.
If both an AP and the wireless clients support WPA2 and you have an external RADIUS server, use WPA2 for stronger data encryption. If you don't have an external RADIUS server, you should use WPA2-PSK (WPA2-Pre-Shared Key) that only requires a single (identical) password entered into each access point, wireless gateway and wireless client. As long as the passwords match, a wireless client will be granted access to a WLAN.

4.4.5 WPA(2)-PSK Application Example

A WPA(2)-PSK application looks as follows.
P-334WT User’s Guide
1 First enter identical passwords into the AP and all wireless clients. The Pre-Shared Key
(PSK) must consist of between 8 and 63 ASCII characters (including spaces and symbols).
2 The AP checks each wireless client's password and (only) allows it to join the network if
the password matches.
3 The AP derives and distributes keys to the wireless clients.
4 The AP and wireless clients use the TKIP or AES encryption process to encrypt data
exchanged between them.
Figure 36 WPA(2)-PSK Authentication

4.4.6 WPA-PSK/WPA2-PSK Authentication Screen

Click the Wireless LAN link under Network to display the Wireless General screen.
Chapter 4 Wireless LAN 89
Page 90
P-334WT User’s Guide
Figure 37 Wireless: WPA-PSK/WPA2-PSK
The following table describes the labels in this screen.
Table 30 Wireless: WPA-PSK/WPA2-PSK
LABEL DESCRIPTION
WPA Compatible This check box is available only when you select WPA2-PSK or WPA2 in the
Pre-Shared Key The encryption mechanisms used for WPA/WPA2 and WPA-PSK/WPA2-PSK are
ReAuthentication Timer (in seconds)
Security Mode field. Select the check box to have both WPA2 and WPA wireless clients be able to
communicate with the Prestige even when the Prestige is using WPA2-PSK or WPA2.
the same. The only difference between the two is that WPA-PSK/WPA2-PSK uses a simple common password, instead of user-specific credentials.
Type a pre-shared key from 8 to 63 case-sensitive ASCII characters (including spaces and symbols).
Specify how often wireless stations have to resend usernames and passwords in order to stay connected. Enter a time interval between 10 and 9999 seconds. The default time interval is 1800 seconds (30 minutes).
Note: If wireless station authentication is done using a RADIUS
server, the reauthentication timer on the RADIUS server has priority.
Idle Timeout The Prestige automatically disconnects a wireless station from the wired network
after a period of inactivity. The wireless station needs to enter the username and password again before access to the wired network is allowed. The default time interval is 3600 seconds (or 1 hour).
90 Chapter 4 Wireless LAN
Page 91
Table 30 Wireless: WPA-PSK/WPA2-PSK
LABEL DESCRIPTION
P-334WT User’s Guide
Group Key Update Time r
Apply Click Apply to save your changes back to the Prestige.
Reset Click Reset to reload the previous configuration for this screen.
The Group Key Update Timer is the rate at which the AP (if using WPA-PSK/ WPA2-PSK key management) or RADIUS server (if using WPA/WPA2 key management) sends a new group key out to all clients. The re-keying process is the WPA/WPA2 equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis. Setting of the Group Key Update
Timer is also supported in WPA-PSK/WPA2-PSK mode. The Prestige default is 1800 seconds (30 minutes).

4.4.7 Wireless Client WPA Supplicants

A wireless client supplicant is the software that runs on an operating system instructing the wireless client how to use WPA. At the time of writing, the most widely available supplicant is the WPA patch for Windows XP, Funk Software's Odyssey client.
The Funk Software's Odyssey client is bundled free (at the time of writing) with the Prestige client adaptor(s). This adds WPA capability to Windows XP's built-in "Zero Configuration" wireless client.

4.4.8 WPA(2) with RADIUS Application Example

You need the IP address of the RADIUS server, its port number (default is 1812), and the RADIUS shared secret. A WPA(2) application example with an external RADIUS server looks as follows. "A" is the RADIUS server. "DS" is the distribution system.
1 The AP passes the wireless client's authentication request to the RADIUS server.
2 The RADIUS server then checks the user's identification against its database and grants
or denies network access accordingly.
3 The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then
sets up a key hierarchy and management system, using the pair-wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients.
Chapter 4 Wireless LAN 91
Page 92
P-334WT User’s Guide
Figure 38 WPA(2) with RADIUS Application Example

4.4.9 WPA/WPA2 Authentication Screen

Click the Wireless LAN link under Network to display the Wireless General screen.
Figure 39 Wireless: WPA/WPA2
92 Chapter 4 Wireless LAN
Page 93
P-334WT User’s Guide
The following table describes the labels in this screen.
Table 31 Wireless: WPA/WPA2
LABEL DESCRIPTION
WPA Compatible This check box is available only when you select WPA2-PSK or WPA2 in the
Security Mode field.
Select the check box to have both WPA2 and WPA wireless clients be able to communicate with the Prestige even when the Prestige is using WPA2-PSK or WPA2.
ReAuthentication Timer (in seconds)
Specify how often wireless stations have to resend usernames and passwords in order to stay connected. Enter a time interval between 10 and 9999 seconds. The default time interval is 1800 seconds (30 minutes).
Note: If wireless station authentication is done using a RADIUS
server, the reauthentication timer on the RADIUS server has priority.
Idle Timeout The Prestige automatically disconnects a wireless station from the wired network
after a period of inactivity. The wireless station needs to enter the username and password again before access to the wired network is allowed. The default time interval is 3600 seconds (or 1 hour).
Group Key Update Timer
Authentication Server
IP Address Enter the IP address of the external authentication server in dotted decimal
Port Number Enter the port number of the external authentication server. The default port
Shared Secret Enter a password (up to 31 alphanumeric characters) as the key to be shared
Accounting Server
Active Select Yes from the drop down list box to enable user accounting through an
IP Address Enter the IP address of the external accounting server in dotted decimal notation.
Port Number Enter the port number of the external accounting server. The default port number
Shared Secret Enter a password (up to 31 alphanumeric characters) as the key to be shared
The Group Key Update Timer is the rate at which the AP (if using WPA-PSK/ WPA2-PSK key management) or RADIUS server (if using WPA/WPA2 key management) sends a new group key out to all clients. The re-keying process is the WPA/WPA2 equivalent of automatically changing the WEP key for an AP and all stations in a WLAN on a periodic basis. Setting of the Group Key Update
Timer is also supported in WPA-PSK/WPA2-PSK mode. The Prestige default is 1800 seconds (30 minutes).
notation.
number is 1812. You need not change this value unless your network administrator instructs you
to do so with additional information.
between the external authentication server and the Prestige. The key must be the same on the external authentication server and your
Prestige. The key is not sent over the network.
external authentication server.
is 1813. You need not change this value unless your network administrator instructs you
to do so with additional information.
between the external accounting server and the Prestige. The key must be the same on the external accounting server and your Prestige.
The key is not sent over the network.
Chapter 4 Wireless LAN 93
Page 94
P-334WT User’s Guide
Table 31 Wireless: WPA/WPA2
LABEL DESCRIPTION
Apply Click Apply to save your changes back to the Prestige.
Reset Click Reset to reload the previous configuration for this screen.

4.4.10 IEEE 802.1x Overview

You need the following for IEEE 802.1x authentication.
• A computer with an IEEE 802.11 a/b/g wireless LAN adapter and equipped with a web browser (with JavaScript enabled) and/or Telnet.
• A wireless station computer must be running IEEE 802.1x-compliant software. Not all Windows operating systems support IEEE 802.1x (see the Microsoft web site for details). For other operating systems, see their documentation. If your operating system does not support IEEE 802.1x, then you may need to install IEEE 802.1x client software.
• An optional network RADIUS server for remote user authentication and accounting.

4.4.11 IEEE 802.1x and Dynamic WEP Key Exchange

In order to configure and enable IEEE 802.1x and dynamic WEP key exchange; click the
Wireless LAN link under Network to display the Wireless General screen. Select 802.1x + Dynamic WEP from the Security Mode list.
Figure 40 Wireless: 802.1x and Dynamic WEP
94 Chapter 4 Wireless LAN
Page 95
The following table describes the labels in this screen.
Table 32 Wireless: 802.1x and Dynamic WEP
LABEL DESCRIPTION
P-334WT User’s Guide
ReAuthentication Timer (in seconds)
Specify how often wireless stations have to resend usernames and passwords in order to stay connected. Enter a time interval between 10 and 9999 seconds. The default time interval is 1800 seconds (30 minutes).
Note: If wireless station authentication is done using a RADIUS
server, the reauthentication timer on the RADIUS server has priority.
Idle Timeout The Prestige automatically disconnects a wireless station from the wired network
Dynamic WEP Key Exchange
Authentication Server
IP Address Enter the IP address of the external authentication server in dotted decimal
Port Number Enter the port number of the external authentication server. The default port
Shared Secret Enter a password (up to 31 alphanumeric characters) as the key to be shared
Accounting Server
Active Select Yes from the drop down list box to enable user accounting through an
IP Address Enter the IP address of the external accounting server in dotted decimal notation.
Port Number Enter the port number of the external accounting server. The default port number
Shared Secret Enter a password (up to 31 alphanumeric characters) as the key to be shared
Apply Click Apply to save your changes back to the Prestige.
Reset Click Reset to reload the previous configuration for this screen.
after a period of inactivity. The wireless station needs to enter the username and password again before access to the wired network is allowed. The default time interval is 3600 seconds (or 1 hour).
Select 64-bit WEP or 128-bit WEP to enable data encryption. Up to 32 stations can access the Prestige when you configure dynamic WEP key exchange.
notation.
number is 1812. You need not change this value unless your network administrator instructs you
to do so with additional information.
between the external authentication server and the Prestige. The key must be the same on the external authentication server and your
Prestige. The key is not sent over the network.
external authentication server.
is 1813. You need not change this value unless your network administrator instructs you
to do so with additional information.
between the external accounting server and the Prestige. The key must be the same on the external accounting server and your Prestige.
The key is not sent over the network.

4.4.12 IEEE 802.1x and Static WEP Key Exchange

In order to configure and enable IEEE 802.1x and static WEP key exchange; click the
Wireless LAN link under Network to display the Wireless General screen. Select 802.1x + Static WEP from the Security Mode list.
Chapter 4 Wireless LAN 95
Page 96
P-334WT User’s Guide
Figure 41 Wireless: 802.1x and Static WEP
The following table describes the labels in this screen.
Table 33 Wireless: 802.1x and Static WEP
LABEL DESCRIPTION
Passphrase Enter a Passphrase (up to 32 printable characters) and clicking Generate. The
WEP Encryption Select 64-bit WEP, 128-bit WEP or 256-bit WEP to enable data encryption.
Authentication Method
ASCII Select this option in order to enter ASCII characters as the WEP keys.
Hex Select this option in order to enter hexadecimal characters as the WEP keys. The
96 Chapter 4 Wireless LAN
Prestige automatically generates a WEP key.
This field is activated when you select 64-bit WEP, 128-bit WEP or 256-bit WEP in the WEP Encryption field. Select Auto, Open System or Shared Key from the drop-down list box.
preceding "0x", that identifies a hexadecimal key, is entered automatically.
Page 97
P-334WT User’s Guide
Table 33 Wireless: 802.1x and Static WEP
LABEL DESCRIPTION
Key 1 to Key 4 The WEP keys are used to encrypt data. Both the Prestige and the wireless
stations must use the same WEP key for data transmission. If you chose 64-bit WEP, then enter any 5 ASCII characters or 10 hexadecimal
characters ("0-9", "A-F"). If you chose 128-bit WEP, then enter 13 ASCII characters or 26 hexadecimal
characters ("0-9", "A-F"). If you chose 256-bit WEP, then enter 29 ASCII characters or 58 hexadecimal
characters ("0-9", "A-F"). You must configure at least one key, only one key can be activated at any one
time. The default key is key 1.
ReAuthentication Timer (in seconds)
Specify how often wireless stations have to reenter usernames and passwords in order to stay connected. Enter a time interval between 10 and 9999 seconds. The default time interval is 1800 seconds (30 minutes).
Note: If wireless station authentication is done using a RADIUS
server, the reauthentication timer on the RADIUS server has priority.
Idle Timeout The Prestige automatically disconnects a wireless station from the wired network
after a period of inactivity. The wireless station needs to enter the username and password again before access to the wired network is allowed. The default time interval is 3600 seconds (or 1 hour).
Authentication Server
IP Address Enter the IP address of the external authentication server in dotted decimal
notation.
Port Number Enter the port number of the external authentication server. The default port
Shared Secret Enter a password (up to 31 alphanumeric characters) as the key to be shared
Accounting Server
Active Select Yes from the drop down list box to enable user accounting through an
IP Address Enter the IP address of the external accounting server in dotted decimal notation.
Port Number Enter the port number of the external accounting server. The default port number
Shared Secret Enter a password (up to 31 alphanumeric characters) as the key to be shared
Apply Click Apply to save your changes back to the Prestige.
Reset Click Reset to reload the previous configuration for this screen.
number is 1812. You need not change this value unless your network administrator instructs you
to do so with additional information.
between the external authentication server and the Prestige. The key must be the same on the external authentication server and your
Prestige. The key is not sent over the network.
external authentication server.
is 1813. You need not change this value unless your network administrator instructs you
to do so with additional information.
between the external accounting server and the Prestige. The key must be the same on the external accounting server and your Prestige.
The key is not sent over the network.
Chapter 4 Wireless LAN 97
Page 98
P-334WT User’s Guide

4.4.13 IEEE 802.1x + no WEP

In order to configure and enable 802.1x; click the Wireless LAN link under Network to display the Wireless General screen. Select 802.1x + No WEP from the Security Mode list.
Figure 42 Wireless: 802.1x
The following table describes the labels in this screen.
Table 34 Wireless: 802.1x and No WEP
LABEL DESCRIPTION
ReAuthentication Timer (in seconds)
Specify how often wireless stations have to reenter usernames and passwords in order to stay connected. Enter a time interval between 10 and 9999 seconds. The default time interval is 1800 seconds (30 minutes).
Note: If wireless station authentication is done using a RADIUS
server, the reauthentication timer on the RADIUS server has priority.
Idle Timeout The Prestige automatically disconnects a wireless station from the wired network
after a period of inactivity. The wireless station needs to enter the username and password again before access to the wired network is allowed. The default time interval is 3600 seconds (or 1 hour).
Authentication Server
IP Address Enter the IP address of the external authentication server in dotted decimal
notation.
Port Number Enter the port number of the external authentication server. The default port
number is 1812. You need not change this value unless your network administrator instructs you
to do so with additional information.
98 Chapter 4 Wireless LAN
Page 99
P-334WT User’s Guide
Table 34 Wireless: 802.1x and No WEP
LABEL DESCRIPTION
Shared Secret Enter a password (up to 31 alphanumeric characters) as the key to be shared
between the external authentication server and the Prestige. The key must be the same on the external authentication server and your
Prestige. The key is not sent over the network.
Accounting Server
Active Select Yes from the drop down list box to enable user accounting through an
IP Address Enter the IP address of the external accounting server in dotted decimal notation.
Port Number Enter the port number of the external accounting server. The default port number
Shared Secret Enter a password (up to 31 alphanumeric characters) as the key to be shared
Apply Click Apply to save your changes back to the Prestige.
Reset Click Reset to reload the previous configuration for this screen.
external authentication server.
is 1813. You need not change this value unless your network administrator instructs you
to do so with additional information.
between the external accounting server and the Prestige. The key must be the same on the external accounting server and your Prestige.
The key is not sent over the network.

4.5 OTIST

OTIST (One-Touch Intelligent Security Technology) allows your Prestige to set the wireless client to use the same wireless settings as the Prestige.
Note: The wireless client must support OTIST and have OTIST enabled.
The following are the wireless settings that the Prestige assigns to the wireless client if OTIST is enabled on both devices and the OTIST setup keys are the same.
•SSID
• Security (WEP or WPA-PSK)
Note: This will replace the pre-configured wireless settings on the wireless clients.
Click the Wireless LAN link under Network and then the OTIST tab. The following screen displays.
Chapter 4 Wireless LAN 99
Page 100
P-334WT User’s Guide
Figure 43 OTIST
The following table describes the labels in this screen.
Table 35 OTIST
LABEL DESCRIPTION
Setup Key Type an OTIST Setup Key of exactly eight ASCII characters in length.
Yes! If you want to configure your own WPA-PSK and have OTIST use that WPA-
The default OTIST setup key is "01234567".
Note: If you change the OTIST setup key here, you must also
make the same change on the wireless client(s).
PSK, you must:
Configure a WPA-PSK in the Wireless General screen.
Clear the Ye s! checkbox in the OTIST screen and click Apply.
Star t Click Start to encrypt the wireless security data using the setup key and have

4.5.1 Activating OTIST

After you click Start, a dialog box displays the security mode and the WEP key or pre-shared key depending on which mode is configured. Click OK to proceed with the OTIST setup.
Note: If you already have a WPA-PSK configured in the
Wireless General screen, and you run OTIST with Yes!
selected, OTIST will not replace the WPA-PSK. Clear the checkbox in the OTIST screen.
If you want OTIST to automatically generate a WPA-PSK, you must:
Change your security to None in the Wireless General screen.
Select the Yes! checkbox in the OTIST screen and click Apply.
The wireless screen displays an auto generated WPA-PSK and is now in WPA-PSK security mode.
The WPA-PSK security settings are assigned to the wireless client when you start OTIST.
the Prestige set the wireless station to use the same wireless settings as the Prestige. You must also activate and start OTIST on the wireless station at the same time.
The process takes three minutes to complete.
100 Chapter 4 Wireless LAN
Loading...