P-335
Firewall Router with Print Server
P-335WT
802.11g Wireless Firewall Router with Print Server
Version 3.60
12/2004
P-335 Series User’s Guide
Copyright © 2004 by ZyXEL Communications Corporation.
The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice. This publication is subject to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
Copyright |
3 |
P-335 Series User’s Guide
Federal Communications
Commission (FCC) Interference
Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:
•This device may not cause harmful interference.
•This device must accept any interference received, including interference that may cause undesired operations.
This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:
•Reorient or relocate the receiving antenna.
•Increase the separation between the equipment and the receiver.
•Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
•Consult the dealer or an experienced radio/TV technician for help.
Notice 1
Changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment.
Certifications
Go to www.zyxel.com
1Select your product from the drop-down list box on the ZyXEL home page to go to that product's page.
2Select the certification you wish to view from this page
4 |
Federal Communications Commission (FCC) Interference Statement |
P-335 Series User’s Guide
Federal Communications Commission (FCC) Interference Statement |
5 |
P-335 Series User’s Guide
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to proper operating condition. Any replacement will consist of a new or re-manufactured functionally equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.
Note
Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This warranty is in lieu of all other warranties, express or implied, including any implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect or consequential damages of any kind of character to the purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material Authorization number (RMA). Products must be returned Postage Prepaid. It is recommended that the unit be insured when shipped. Any returned products without proof of purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty gives you specific legal rights, and you may also have other rights that vary from country to country.
Safety Warnings
1To reduce the risk of fire, use only No. 26 AWG or larger telephone wire.
2Do not use this product near water, for example, in a wet basement or near a swimming pool.
3Avoid using this product during an electrical storm. There may be a remote risk of electric shock from lightening.
This product has been designed for the WLAN 2.4 GHz network throughout the EC region and Switzerland, with restrictions in France.
6 |
ZyXEL Limited Warranty |
P-335 Series User’s Guide
Please have the following information ready when you contact customer support.
•Product model and serial number.
•Warranty Information.
•Date that you received your device.
•Brief description of the problem and the steps you took to solve it.
METHOD |
SUPPORT E-MAIL |
TELEPHONEA |
WEB SITE |
REGULAR MAIL |
|
LOCATION |
SALES E-MAIL |
FAX |
FTP SITE |
||
|
|||||
|
|
|
|
|
|
|
support@zyxel.com.tw |
+886-3-578-3942 |
www.zyxel.com |
ZyXEL Communications Corp. |
|
WORLDWIDE |
|
|
www.europe.zyxel.com |
6 Innovation Road II |
|
|
|
|
Science Park |
||
sales@zyxel.com.tw |
+886-3-578-2439 |
ftp.zyxel.com |
|||
|
Hsinchu 300 |
||||
|
|
|
ftp.europe.zyxel.com |
||
|
|
|
Taiwan |
||
|
|
|
|
|
|
|
support@zyxel.com |
+1-800-255-4101 |
www.us.zyxel.com |
ZyXEL Communications Inc. |
|
NORTH |
|
+1-714-632-0882 |
|
1130 N. Miller St. |
|
|
|
|
Anaheim |
||
AMERICA |
sales@zyxel.com |
+1-714-632-0858 |
ftp.us.zyxel.com |
||
|
|
|
|
CA 92806-2001 |
|
|
|
|
|
U.S.A. |
|
|
support@zyxel.de |
+49-2405-6909-0 |
www.zyxel.de |
ZyXEL Deutschland GmbH. |
|
GERMANY |
|
|
|
Adenauerstr. 20/A2 D-52146 |
|
sales@zyxel.de |
+49-2405-6909-99 |
|
|||
|
Wuerselen |
||||
|
|
|
|
||
|
|
|
|
Germany |
|
|
|
|
|
|
|
|
info@zyxel.fr |
+33 (0)4 72 52 97 97 |
www.zyxel.fr |
ZyXEL France |
|
|
|
|
|
1 rue des Vergers |
|
|
|
+33 (0)4 72 52 19 20 |
|
||
FRANCE |
|
|
Bat. 1 / C |
||
|
|
|
|||
|
|
|
|
69760 Limonest |
|
|
|
|
|
France |
|
|
support@zyxel.es |
+34 902 195 420 |
www.zyxel.es |
ZyXEL Communications |
|
SPAIN |
|
|
|
Alejandro Villegas 33 |
|
sales@zyxel.es |
+34 913 005 345 |
|
|||
|
1º,28043Madrid |
||||
|
|
|
|
||
|
|
|
|
Spain |
|
|
|
|
|
|
|
|
support@zyxel.dk |
+45 39 55 07 00 |
www.zyxel.dk |
ZyXELCommunicationsA/S |
|
DENMARK |
|
|
|
Columbusvej 5 |
|
sales@zyxel.dk |
+45 39 55 07 07 |
|
|||
|
2860 Soeborg |
||||
|
|
|
|
||
|
|
|
|
Denmark |
|
|
|
|
|
|
|
|
support@zyxel.no |
+47 22 80 61 80 |
www.zyxel.no |
ZyXELCommunicationsA/S |
|
NORWAY |
|
|
|
Nils Hansens vei 13 |
|
sales@zyxel.no |
+47 22 80 61 81 |
|
|||
|
0667 Oslo |
||||
|
|
|
|
||
|
|
|
|
Norway |
|
|
|
|
|
|
|
|
support@zyxel.se |
+46 31 744 7700 |
www.zyxel.se |
ZyXEL Communications A/S |
|
SWEDEN |
|
|
|
Sjöporten 4, 41764 Göteborg |
|
sales@zyxel.se |
+46 31 744 7701 |
|
|||
|
|
Sweden |
|||
|
|
|
|
||
|
|
|
|
|
|
|
support@zyxel.fi |
+358 9 4780 8411 |
www.zyxel.fi |
ZyXEL Communications Oy |
|
FINLAND |
|
|
|
Malminkaari 10 |
|
sales@zyxel.fi |
+358 9 4780 8448 |
|
|||
|
00700 Helsinki |
||||
|
|
|
|
||
|
|
|
|
Finland |
|
|
|
|
|
|
Customer Support |
7 |
P-335 Series User’s Guide
a. “+” is the (prefix) number you enter to make an international telephone call.
8 |
Customer Support |
P-335 Series User’s Guide
Copyright .................................................................................................................. |
3 |
Federal Communications Commission (FCC) Interference Statement ............... |
4 |
ZyXEL Limited Warranty.......................................................................................... |
6 |
Customer Support.................................................................................................... |
7 |
Preface .................................................................................................................... |
37 |
Chapter 1 |
|
Getting to Know Your Prestige ............................................................................. |
41 |
1.1 Prestige Internet Security Gateway Overview .................................................... |
41 |
1.2 Prestige Features ............................................................................................... |
41 |
1.2.1 Physical Features ..................................................................................... |
41 |
1.2.1.1 USB Port ......................................................................................... |
41 |
1.2.1.2 OTIST Button (P-335WT only) ........................................................ |
41 |
1.2.1.3 10/100M Auto-negotiating Ethernet/Fast Ethernet Interface(s) ....... |
41 |
1.2.1.4 Auto-crossover 10/100 Mbps Ethernet Interface(s) ......................... |
42 |
1.2.1.5 4-Port Switch ................................................................................... |
42 |
1.2.1.6 Time and Date ................................................................................. |
42 |
1.2.1.7 Reset Button ................................................................................... |
42 |
1.2.2 Non-Physical Features ............................................................................. |
42 |
1.2.2.1 Print Server ..................................................................................... |
42 |
1.2.2.2 OTIST (P-335WT only) ................................................................... |
42 |
1.2.2.3 Media Bandwidth Management ....................................................... |
42 |
1.2.2.4 Trend Micro Security Services ........................................................ |
42 |
1.2.2.5 IPSec VPN Capability ...................................................................... |
43 |
1.2.2.6 Firewall ............................................................................................ |
43 |
1.2.2.7 IEEE 802.1x Network Security (P-335WT only) .............................. |
43 |
1.2.2.8 Content Filtering .............................................................................. |
43 |
1.2.2.9 Brute-Force Password Guessing Protection ................................... |
43 |
1.2.2.10 802.11b Wireless LAN Standard (P-335WT only) ......................... |
43 |
1.2.2.11 802.11g Wireless LAN Standard (P-335WT only) ......................... |
44 |
1.2.2.12 Packet Filtering ............................................................................. |
44 |
1.2.2.13 Universal Plug and Play (UPnP) ................................................... |
44 |
1.2.2.14 Call Scheduling ............................................................................. |
44 |
9
P-335 Series User’s Guide |
|
|
|
1.2.2.15 PPPoE ........................................................................................... |
44 |
|
1.2.2.16 PPTP Encapsulation ..................................................................... |
45 |
|
1.2.2.17 Dynamic DNS Support .................................................................. |
45 |
|
1.2.2.18 IP Multicast .................................................................................... |
45 |
|
1.2.2.19 IP Alias .......................................................................................... |
45 |
|
1.2.2.20 SNMP ............................................................................................ |
45 |
|
1.2.2.21 Network Address Translation (NAT) .............................................. |
45 |
|
1.2.2.22 Traffic Redirect .............................................................................. |
45 |
|
1.2.2.23 Port Forwarding ............................................................................. |
46 |
|
1.2.2.24 DHCP (Dynamic Host Configuration Protocol) .............................. |
46 |
|
1.2.2.25 Any IP ............................................................................................ |
46 |
|
1.2.2.26 Full Network Management ............................................................ |
46 |
|
1.2.2.27 RoadRunner Support .................................................................... |
46 |
|
1.2.2.28 Logging and Tracing ...................................................................... |
46 |
|
1.2.2.29 Upgrade Prestige Firmware via LAN ............................................. |
46 |
|
1.2.2.30 Embedded FTP and TFTP Servers ............................................... |
46 |
|
1.2.2.31 Wireless Association List (P-335WT only) .................................... |
47 |
|
1.2.2.32 Wireless LAN Channel Usage (P-335WT only) ............................ |
47 |
1.3 |
Applications for the Prestige .............................................................................. |
47 |
|
1.3.1 Print Server Application ............................................................................ |
47 |
|
1.3.2 Secure Broadband Internet Access via Cable or DSL Modem ................. |
47 |
|
1.3.3 VPN Application ........................................................................................ |
48 |
|
1.3.4 Wireless LAN Application (P-335WT only) ............................................... |
48 |
Chapter 2 |
|
|
Introducing the Web Configurator........................................................................ |
51 |
|
2.1 |
Web Configurator Overview ............................................................................... |
51 |
2.2 |
Accessing the Prestige Web Configurator ......................................................... |
51 |
2.3 |
Resetting the Prestige ........................................................................................ |
52 |
|
2.3.1 Procedure To Use The Reset Button ........................................................ |
52 |
|
2.3.2 Navigating the Prestige Web Configurator ............................................... |
52 |
|
2.3.3 Navigation Panel ....................................................................................... |
53 |
Chapter 3 |
|
|
Wizard Setup .......................................................................................................... |
57 |
|
3.1 |
Wizard Setup Overview ...................................................................................... |
57 |
3.2 |
Wizard Setup: General Setup and System Name .............................................. |
57 |
|
3.2.1 Domain Name ........................................................................................... |
57 |
3.3 |
Wizard Setup: Wireless LAN (P-335WT only) .................................................... |
58 |
|
3.3.1 Wizard Setup : Wireless LAN : Basic Security .......................................... |
59 |
|
3.3.2 Wizard Setup : Wireless LAN : Extended Security ................................... |
61 |
3.4 |
Wizard Setup : Wireless LAN : OTIST (P-335WT only) ..................................... |
61 |
3.5 |
Wizard Setup : Internet Access .......................................................................... |
63 |
10
|
|
P-335 Series User’s Guide |
|
3.5.1 Ethernet .................................................................................................... |
63 |
|
3.5.2 PPPoE Encapsulation ............................................................................... |
64 |
|
3.5.3 PPTP Encapsulation ................................................................................. |
65 |
3.6 |
Wizard Setup : WAN .......................................................................................... |
67 |
|
3.6.1 WAN IP Address Assignment ................................................................... |
67 |
|
3.6.2 IP Address and Subnet Mask ................................................................... |
67 |
|
3.6.3 DNS Server Address Assignment ............................................................. |
68 |
|
3.6.4 WAN MAC Address .................................................................................. |
68 |
3.7 |
Wizard Setup : Complete ................................................................................... |
71 |
Chapter 4 |
|
|
Media Bandwidth Management Setup.................................................................. |
73 |
|
4.1 |
Media Bandwidth Management Setup Overview ............................................... |
73 |
4.2 |
Media Bandwidth Management Setup ............................................................... |
73 |
4.3 |
Media Bandwidth Management Setup : Services .............................................. |
74 |
4.4 |
Media Bandwidth Management Setup : Service Priority |
....................................75 |
4.5 |
Media Bandwidth Management Setup Complete ............................................... |
76 |
Chapter 5 |
|
|
System Screens ..................................................................................................... |
77 |
|
5.1 |
System Overview ............................................................................................... |
77 |
5.2 |
Configuring General Setup ................................................................................. |
77 |
5.3 Dynamic DNS ..................................................................................................... |
79 |
|
|
5.3.1 DynDNS Wildcard ..................................................................................... |
79 |
5.4 |
Configuring Dynamic DNS ................................................................................. |
79 |
5.5 |
Configuring Password ........................................................................................ |
81 |
5.6 |
Configuring Time Setting .................................................................................... |
81 |
Chapter 6 |
|
|
LAN Screens........................................................................................................... |
85 |
|
6.1 |
LAN Overview .................................................................................................... |
85 |
6.2 DHCP Setup ....................................................................................................... |
85 |
|
|
6.2.1 IP Pool Setup ............................................................................................ |
85 |
|
6.2.2 System DNS Servers ................................................................................ |
85 |
6.3 |
LAN TCP/IP ........................................................................................................ |
85 |
|
6.3.1 Factory LAN Defaults ................................................................................ |
85 |
|
6.3.2 IP Address and Subnet Mask ................................................................... |
86 |
|
6.3.3 RIP Setup ................................................................................................. |
86 |
|
6.3.4 Multicast .................................................................................................... |
86 |
6.4 |
Any IP ................................................................................................................. |
87 |
|
6.4.1 How Any IP Works .................................................................................... |
88 |
6.5 |
Configuring IP .................................................................................................... |
88 |
6.6 |
Configuring Static DHCP .................................................................................... |
91 |
11
P-335 Series User’s Guide |
|
|
6.7 |
Configuring IP Alias ............................................................................................ |
92 |
Chapter 7 |
|
|
Wireless Configuration and Roaming .................................................................. |
95 |
|
7.1 |
Wireless LAN Overview ..................................................................................... |
95 |
|
7.1.1 IBSS .......................................................................................................... |
95 |
|
7.1.2 BSS ........................................................................................................... |
95 |
|
7.1.3 ESS ........................................................................................................... |
96 |
7.2 |
Wireless LAN Basics .......................................................................................... |
97 |
|
7.2.1 RTS/CTS ................................................................................................. |
97 |
|
7.2.2 Fragmentation Threshold .......................................................................... |
98 |
7.3 |
Configuring Wireless .......................................................................................... |
99 |
7.4 |
Configuring Roaming ....................................................................................... |
101 |
|
7.4.1 Requirements for Roaming ..................................................................... |
102 |
Chapter 8 |
|
|
|
Wireless Security ..................................................................... |
105 |
8.1 |
Wireless Security Overview ............................................................................. |
105 |
8.2 |
Security Parameters Summary ........................................................................ |
107 |
8.3 |
WEP Overview ................................................................................................. |
108 |
|
8.3.1 Data Encryption ..................................................................................... |
108 |
|
8.3.1.1 Authentication ............................................................................... |
108 |
|
8.3.2 Preamble Type ........................................................................................ |
109 |
8.4 |
Configuring WEP Encryption ............................................................................ |
109 |
8.5 |
Introduction to WPA ......................................................................................... |
111 |
|
8.5.1 User Authentication ............................................................................... |
111 |
|
8.5.2 Encryption .............................................................................................. |
112 |
|
8.5.3 WPA-PSK Application Example .............................................................. |
112 |
8.6 |
Configuring WPA-PSK Authentication .............................................................. |
113 |
8.7 |
Wireless Client WPA Supplicants ..................................................................... |
115 |
8.8 |
Introduction to RADIUS ................................................................................... |
115 |
|
8.8.1 Types of RADIUS Messages .................................................................. |
116 |
|
8.8.1.1 Access-Challenge ......................................................................... |
116 |
|
8.8.1.2 Accounting-Request ...................................................................... |
116 |
|
8.8.1.3 Accounting-Response ................................................................... |
116 |
|
8.8.1.4 EAP Authentication Overview ....................................................... |
116 |
|
8.8.2 WPA with RADIUS Application Example ................................................ |
117 |
8.9 |
Configuring WPA Authentication ...................................................................... |
118 |
8.10 802.1x Overview ............................................................................................ |
121 |
|
8.11 Dynamic WEP Key Exchange ........................................................................ |
121 |
|
8.12 Configuring 802.1x and Dynamic WEP Key Exchange .................................. |
122 |
|
8.13 Configuring 802.1x and Static WEP Key Exchange ....................................... |
125 |
|
8.14 Configuring 802.1x ......................................................................................... |
128 |
12
|
|
P-335 Series User’s Guide |
8.15 |
MAC Filter ...................................................................................................... |
131 |
8.16 |
One-Touch Intelligent Security Technology .................................................... |
133 |
8.17 |
Prestige OTIST Configuration ........................................................................ |
133 |
8.17.1 OTIST button ........................................................................................ |
133 |
|
8.17.2 Web Configurator .................................................................................. |
133 |
|
8.18 |
Wireless Client OTIST Configuration ............................................................. |
135 |
8.18.1 Manual .................................................................................................. |
135 |
|
8.18.2 Automatic .............................................................................................. |
136 |
|
Chapter 9 |
|
|
WAN Screens........................................................................................................ |
137 |
|
9.1 WAN Overview ................................................................................................. |
137 |
|
9.2 TCP/IP Priority (Metric) .................................................................................... |
137 |
|
9.3 Configuring Route ............................................................................................ |
137 |
|
9.4 Configuring WAN ISP ....................................................................................... |
138 |
|
9.4.1 Ethernet Encapsulation ........................................................................... |
138 |
|
9.4.2 PPPoE Encapsulation ............................................................................. |
139 |
|
9.4.3 PPTP Encapsulation ............................................................................... |
142 |
|
9.5 Configuring WAN IP ......................................................................................... |
144 |
|
9.6 Configuring WAN MAC ..................................................................................... |
147 |
|
9.7 Traffic Redirect ................................................................................................. |
148 |
|
9.8 Configuring Traffic Redirect .............................................................................. |
149 |
|
Chapter 10 |
|
|
Network Address Translation (NAT) Screens .................................................... |
153 |
|
10.1 |
NAT Overview ................................................................................................ |
153 |
10.1.1 NAT Definitions ..................................................................................... |
153 |
|
10.1.2 What NAT Does .................................................................................... |
154 |
|
10.1.3 How NAT Works ................................................................................... |
154 |
|
10.1.4 NAT Application .................................................................................... |
155 |
|
10.1.5 NAT Mapping Types ............................................................................. |
155 |
|
10.2 |
Using NAT ...................................................................................................... |
157 |
10.2.1 SUA (Single User Account) Versus NAT .............................................. |
157 |
|
10.3 |
SUA Server .................................................................................................... |
157 |
10.3.1 Default Server IP Address .................................................................... |
157 |
|
10.3.2 Port Forwarding: Services and Port Numbers ...................................... |
158 |
|
10.3.3 Configuring Servers Behind SUA (Example) ........................................ |
159 |
|
10.4 |
Configuring SUA Server ................................................................................ |
159 |
10.5 |
Configuring Address Mapping ........................................................................ |
161 |
10.5.1 Configuring Address Mapping .............................................................. |
162 |
|
10.6 |
Trigger Port Forwarding ................................................................................. |
164 |
10.6.1 Trigger Port Forwarding Example ......................................................... |
164 |
|
10.6.2 Two Points To Remember About Trigger Ports ..................................... |
165 |
13
P-335 Series User’s Guide |
|
|
10.7 |
Configuring Trigger Port Forwarding .............................................................. |
165 |
Chapter 11 |
|
|
Static Route Screens ........................................................................................... |
167 |
|
11.1 Static Route Overview .................................................................................... |
167 |
|
11.2 Configuring IP Static Route ............................................................................ |
167 |
|
11.2.1 Configuring Route Entry ........................................................................ |
168 |
|
Chapter 12 |
|
|
UPnP...................................................................................................................... |
|
171 |
12.1 |
Universal Plug and Play Overview ................................................................ |
171 |
12.1.1 How Do I Know If I'm Using UPnP? ...................................................... |
171 |
|
12.1.2 NAT Traversal ....................................................................................... |
171 |
|
12.1.3 Cautions with UPnP .............................................................................. |
171 |
|
12.2 UPnP and ZyXEL ........................................................................................... |
172 |
|
12.3 |
Configuring UPnP .......................................................................................... |
172 |
12.4 |
Installing UPnP in Windows Example ............................................................ |
173 |
12.4.1 Installing UPnP in Windows Me ............................................................ |
174 |
|
12.4.2 Installing UPnP in Windows XP ............................................................ |
175 |
|
12.5 |
Using UPnP in Windows XP Example ........................................................... |
176 |
12.5.1 Auto-discover Your UPnP-enabled Network Device ............................. |
177 |
|
12.5.2 Web Configurator Easy Access ............................................................ |
178 |
|
12.5.3 Web Configurator Easy Access ............................................................ |
179 |
|
Chapter 13 |
|
|
Trend Micro Security Services............................................................................ |
181 |
|
13.1 |
Trend Micro Security Service Overview ......................................................... |
181 |
13.2 |
Configuring Service Settings .......................................................................... |
181 |
13.3 |
Virus Protection .............................................................................................. |
183 |
13.4 |
Configuring Virus Protection .......................................................................... |
183 |
13.5 |
Parental Controls ........................................................................................... |
185 |
13.6 |
Parental Controls Configuration ..................................................................... |
185 |
13.6.1 Parental Controls Statistics ................................................................... |
189 |
|
Chapter 14 |
|
|
Firewall.................................................................................................................. |
|
191 |
14.1 |
Introduction .................................................................................................... |
191 |
14.1.1 What is a Firewall? ............................................................................... |
191 |
|
14.1.2 Stateful Inspection Firewall. .................................................................. |
191 |
|
14.1.3 About the Prestige Firewall ................................................................... |
191 |
|
14.1.4 Guidelines For Enhancing Security With Your Firewall ........................ |
192 |
|
14.2 |
Firewall Settings Screen ................................................................................ |
192 |
14.3 |
The Firewall, NAT and Remote Management ................................................ |
194 |
14
|
|
P-335 Series User’s Guide |
14.3.1 LAN-to-WAN rules ................................................................................ |
194 |
|
14.3.2 WAN-to-LAN rules ................................................................................ |
195 |
|
14.4 |
Services ........................................................................................................ |
195 |
Chapter 15 |
|
|
Content Filtering ................................................................................................. |
199 |
|
15.1 |
Introduction to Content Filtering ..................................................................... |
199 |
15.2 |
Restrict Web Features ................................................................................... |
199 |
15.3 |
Days and Times ............................................................................................. |
199 |
15.4 |
Configure Content Filtering ............................................................................ |
199 |
15.5 |
Customizing Keyword Blocking URL Checking .............................................. |
202 |
15.5.1 Domain Name or IP Address URL Checking ........................................ |
202 |
|
15.5.2 Full Path URL Checking ....................................................................... |
202 |
|
15.5.3 File Name URL Checking ..................................................................... |
202 |
|
Chapter 16 |
|
|
Remote Management Screens ............................................................................ |
205 |
|
16.1 |
Remote Management Overview ..................................................................... |
205 |
16.1.1 Remote Management Limitations ......................................................... |
205 |
|
16.1.2 Remote Management and NAT ............................................................ |
206 |
|
16.1.3 System Timeout ................................................................................... |
206 |
|
16.2 |
Configuring WWW .......................................................................................... |
206 |
16.3 |
Configuring Telnet .......................................................................................... |
207 |
16.4 |
Configuring TELNET ...................................................................................... |
208 |
16.5 |
Configuring FTP ............................................................................................. |
209 |
16.6 SNMP ............................................................................................................. |
210 |
|
16.6.1 Supported MIBs .................................................................................... |
211 |
|
16.6.2 SNMP Traps ......................................................................................... |
211 |
|
16.6.3 Configuring SNMP ................................................................................ |
211 |
|
16.7 |
Configuring DNS ............................................................................................ |
213 |
16.8 |
Configuring Security ....................................................................................... |
214 |
Chapter 17 |
|
|
Introduction to IPSec ........................................................................................... |
217 |
|
17.1 |
VPN Overview ................................................................................................ |
217 |
17.1.1 IPSec .................................................................................................... |
217 |
|
17.1.2 Security Association ............................................................................. |
217 |
|
17.1.3 Other Terminology ................................................................................ |
217 |
|
|
17.1.3.1 Encryption ................................................................................... |
217 |
|
17.1.3.2 Data Confidentiality ..................................................................... |
218 |
|
17.1.3.3 Data Integrity ............................................................................... |
218 |
|
17.1.3.4 Data Origin Authentication .......................................................... |
218 |
17.1.4 VPN Applications .................................................................................. |
218 |
15
P-335 Series User’s Guide |
|
|
17.2 |
IPSec Architecture ......................................................................................... |
218 |
17.2.1 IPSec Algorithms .................................................................................. |
219 |
|
17.2.2 Key Management .................................................................................. |
219 |
|
17.3 |
Encapsulation ................................................................................................. |
219 |
17.3.1 Transport Mode .................................................................................... |
220 |
|
17.3.2 Tunnel Mode ......................................................................................... |
220 |
|
17.4 |
IPSec and NAT ............................................................................................... |
220 |
Chapter 18 |
|
|
VPN Screens....................................................................................................... |
223 |
|
18.1 |
VPN/IPSec Overview ..................................................................................... |
223 |
18.2 |
IPSec Algorithms ............................................................................................ |
223 |
18.2.1 AH (Authentication Header) Protocol .................................................... |
223 |
|
18.2.2 ESP (Encapsulating Security Payload) Protocol .................................. |
223 |
|
18.3 |
My IP Address ................................................................................................ |
224 |
18.4 |
Secure Gateway Address .............................................................................. |
224 |
18.4.1 Dynamic Secure Gateway Address ...................................................... |
225 |
|
18.5 |
Summary Screen ........................................................................................... |
225 |
18.6 |
Keep Alive ...................................................................................................... |
227 |
18.7 |
NAT Traversal ................................................................................................ |
227 |
18.7.1 NAT Traversal Configuration ................................................................. |
227 |
|
18.7.2 Remote DNS Server ............................................................................. |
228 |
|
18.8 |
ID Type and Content ...................................................................................... |
229 |
18.8.1 ID Type and Content Examples ............................................................ |
230 |
|
18.9 |
Pre-Shared Key .............................................................................................. |
230 |
18.10 Editing VPN Rules ........................................................................................ |
231 |
|
18.11 IKE Phases .................................................................................................. |
234 |
|
18.11.1 Negotiation Mode ................................................................................ |
235 |
|
18.11.2 Diffie-Hellman (DH) Key Groups ......................................................... |
236 |
|
18.11.3 Perfect Forward Secrecy (PFS) .......................................................... |
236 |
|
18.12 Configuring Advanced IKE Settings ............................................................. |
236 |
|
18.13 Manual Key Setup ........................................................................................ |
241 |
|
18.13.1 Security Parameter Index (SPI) .......................................................... |
242 |
|
18.14 Configuring Manual Key ............................................................................... |
242 |
|
18.15 Viewing SA Monitor ...................................................................................... |
245 |
|
18.16 Configuring Global Setting ........................................................................... |
246 |
|
18.17 Telecommuter VPN/IPSec Examples ........................................................... |
247 |
|
18.17.1 Telecommuters Sharing One VPN Rule Example .............................. |
247 |
|
18.17.2 Telecommuters Using Unique VPN Rules Example ........................... |
248 |
|
18.18 VPN and Remote Management ................................................................... |
249 |
16
|
P-335 Series User’s Guide |
|
Chapter 19 |
|
|
Centralized Logs .................................................................................................. |
251 |
|
19.1 |
View Log ........................................................................................................ |
251 |
19.2 |
Log Settings ................................................................................................... |
252 |
Chapter 20 |
|
|
Print Server........................................................................................................... |
257 |
|
20.1 |
Print Server Overview .................................................................................... |
257 |
20.2 |
Prestige Print Server ...................................................................................... |
257 |
20.2.1 Installation Requirements ..................................................................... |
257 |
|
20.3 |
Prestige Print Server Configuration ................................................................ |
258 |
Chapter 21 |
|
|
Media Bandwidth Management........................................................................... |
259 |
|
21.1 |
Bandwidth Management Overview ................................................................ |
259 |
21.1.1 Application-based Bandwidth Management Example .......................... |
259 |
|
21.1.2 Subnet-based Bandwidth Management Example ................................. |
260 |
|
21.1.3 Application and Subnet-based Bandwidth Management Example ....... |
260 |
|
21.1.4 Bandwidth Usage Example ................................................................... |
261 |
|
21.1.5 Bandwidth Management Priorities ........................................................ |
263 |
|
21.1.6 Bandwidth Management Services ........................................................ |
263 |
|
|
21.1.6.1 Xbox Live .................................................................................... |
263 |
|
21.1.6.2 VoIP (SIP) .................................................................................. |
264 |
|
21.1.6.3 FTP ............................................................................................. |
264 |
|
21.1.6.4 E-Mail .......................................................................................... |
264 |
|
21.1.6.5 eMule/eDonkey ........................................................................... |
264 |
|
21.1.6.6 WWW .......................................................................................... |
264 |
21.1.7 Services ................................................................................................ |
265 |
|
21.2 |
Configuration Screen ..................................................................................... |
266 |
21.3 |
Editing Bandwidth Management Rules .......................................................... |
268 |
21.3.1 Bandwidth Borrowing ........................................................................... |
268 |
|
21.4 |
Configuring Bandwidth Management Rules and Services ............................. |
269 |
21.5 |
Monitor Screen ............................................................................................... |
270 |
Chapter 22 |
|
|
Maintenance ......................................................................................................... |
273 |
|
22.1 |
Maintenance Overview ................................................................................... |
273 |
22.2 |
Status Screen ................................................................................................. |
273 |
22.2.1 System Statistics ................................................................................... |
275 |
|
22.3 |
DHCP Table Screen ....................................................................................... |
275 |
22.4 |
Any IP Table ................................................................................................... |
276 |
22.5 |
Association List .............................................................................................. |
277 |
22.6 |
F/W Upload Screen ........................................................................................ |
278 |
17
P-335 Series User’s Guide |
|
|
22.7 |
Configuration Screen ..................................................................................... |
281 |
22.7.1 Backup Configuration ........................................................................... |
282 |
|
22.7.2 Restore Configuration .......................................................................... |
283 |
|
22.7.3 Back to Factory Defaults ....................................................................... |
284 |
|
22.8 |
Restart Screen ............................................................................................... |
284 |
Chapter 23 |
|
|
Introducing the SMT ............................................................................................ |
287 |
|
23.1 |
SMT Introduction ............................................................................................ |
287 |
23.1.1 Procedure for SMT Configuration via Telnet ......................................... |
287 |
|
23.1.2 Entering Password ................................................................................ |
287 |
|
23.1.3 Prestige SMT Menu Overview .............................................................. |
288 |
|
23.2 |
Navigating the SMT Interface ......................................................................... |
289 |
23.2.1 System Management Terminal Interface Summary .............................. |
290 |
|
23.3 |
Changing the System Password .................................................................... |
291 |
Chapter 24 |
|
|
Menu 1 General Setup ......................................................................................... |
293 |
|
24.1 |
General Setup ................................................................................................ |
293 |
24.2 |
Procedure To Configure Menu 1 .................................................................... |
293 |
24.2.1 Procedure to Configure Dynamic DNS ................................................. |
295 |
|
Chapter 25 |
|
|
Menu 2 WAN Setup .............................................................................................. |
297 |
|
25.1 |
Introduction to WAN ....................................................................................... |
297 |
25.2 WAN Setup ..................................................................................................... |
297 |
|
Chapter 26 |
|
|
Menu 3 LAN Setup ............................................................................................... |
299 |
|
26.1 |
LAN Setup ...................................................................................................... |
299 |
26.1.1 General Ethernet Setup ........................................................................ |
299 |
|
26.2 |
Protocol Dependent Ethernet Setup .............................................................. |
300 |
26.3 |
TCP/IP Ethernet Setup and DHCP ................................................................ |
300 |
26.3.1 IP Alias Setup ....................................................................................... |
302 |
|
26.4 |
Wireless LAN Setup (P-335WT only) ............................................................. |
303 |
26.4.1 Configuring MAC Address Filter ........................................................... |
305 |
|
26.4.2 Configuring Roaming on the Prestige ................................................... |
307 |
|
Chapter 27 |
|
|
Internet Access .................................................................................................... |
309 |
|
27.1 |
Introduction to Internet Access Setup ............................................................ |
309 |
27.2 |
Ethernet Encapsulation .................................................................................. |
309 |
27.3 |
Configuring the PPTP Client .......................................................................... |
311 |
18
|
P-335 Series User’s Guide |
|
27.4 |
Configuring the PPPoE Client ........................................................................ |
311 |
27.5 |
Basic Setup Complete .................................................................................... |
312 |
Chapter 28 |
|
|
Remote Node Configuration ............................................................................... |
313 |
|
28.1 |
Introduction to Remote Node Setup ............................................................... |
313 |
28.2 |
Remote Node Profile Setup ........................................................................... |
313 |
28.2.1 Ethernet Encapsulation ......................................................................... |
313 |
|
28.2.2 PPPoE Encapsulation ........................................................................... |
315 |
|
|
28.2.2.1 Outgoing Authentication Protocol ................................................ |
315 |
|
28.2.2.2 Nailed-Up Connection ................................................................. |
316 |
28.2.3 PPTP Encapsulation ............................................................................. |
316 |
|
28.3 |
Edit IP ............................................................................................................. |
317 |
28.4 |
Remote Node Filter ........................................................................................ |
319 |
28.4.1 Traffic Redirect Setup ........................................................................... |
320 |
|
Chapter 29 |
|
|
Static Route Setup ............................................................................................... |
323 |
|
29.1 |
IP Static Route Setup ..................................................................................... |
323 |
Chapter 30 |
|
|
Network Address Translation (NAT)................................................................... |
325 |
|
30.1 |
Using NAT ...................................................................................................... |
325 |
30.1.1 SUA (Single User Account) Versus NAT .............................................. |
325 |
|
30.2 |
Applying NAT ................................................................................................. |
325 |
30.3 |
NAT Setup ...................................................................................................... |
327 |
30.3.1 Address Mapping Sets .......................................................................... |
328 |
|
|
30.3.1.1 User-Defined Address Mapping Sets .......................................... |
329 |
|
30.3.1.2 Ordering Your Rules .................................................................... |
330 |
30.4 |
Configuring a Server behind NAT .................................................................. |
332 |
30.5 |
General NAT Examples .................................................................................. |
333 |
30.5.1 Example 1: Internet Access Only .......................................................... |
333 |
|
30.5.2 Example 2: Internet Access with an Inside Server ............................... |
334 |
|
30.5.3 Example 3: Multiple Public IP Addresses With Inside Servers ............. |
335 |
|
30.5.4 Example 4: NAT Unfriendly Application Programs ............................... |
338 |
|
30.6 |
Configuring Trigger Port Forwarding ............................................................. |
339 |
Chapter 31 |
|
|
Enabling the Firewall ........................................................................................... |
341 |
|
31.1 |
Remote Management and the Firewall .......................................................... |
341 |
31.2 |
Access Methods ............................................................................................. |
341 |
31.3 |
Enabling the Firewall ...................................................................................... |
341 |
19
P-335 Series User’s Guide |
|
|
Chapter 32 |
|
|
Filter Configuration.............................................................................................. |
343 |
|
32.1 |
Introduction to Filters ...................................................................................... |
343 |
32.1.1 The Filter Structure of the Prestige ....................................................... |
344 |
|
32.2 |
Configuring a Filter Set .................................................................................. |
345 |
32.2.1 Configuring a Filter Rule ....................................................................... |
346 |
|
32.2.2 Configuring a TCP/IP Filter Rule .......................................................... |
347 |
|
32.2.3 Configuring a Generic Filter Rule ......................................................... |
349 |
|
32.3 |
Example Filter ................................................................................................ |
351 |
32.4 |
Filter Types and NAT ...................................................................................... |
353 |
32.5 |
Firewall Versus Filters .................................................................................... |
354 |
32.6 |
Applying a Filter ............................................................................................ |
354 |
32.6.1 Applying LAN Filters ............................................................................. |
354 |
|
32.6.2 Applying Remote Node Filters .............................................................. |
355 |
|
Chapter 33 |
|
|
SNMP Configuration ............................................................................................ |
357 |
|
33.1 About SNMP .................................................................................................. |
357 |
|
33.2 |
Supported MIBs ............................................................................................ |
358 |
33.3 |
SNMP Configuration ...................................................................................... |
358 |
33.4 SNMP Traps ................................................................................................... |
359 |
|
Chapter 34 |
|
|
System Security ................................................................................................... |
361 |
|
34.1 |
System Security ............................................................................................. |
361 |
34.1.1 System Password ................................................................................. |
361 |
|
34.1.2 Configuring External RADIUS Server ................................................... |
361 |
|
34.1.3 802.1x ................................................................................................... |
363 |
|
Chapter 35 |
|
|
System Information and Diagnosis .................................................................... |
367 |
|
35.1 |
System Status ................................................................................................ |
367 |
35.2 |
System Information ........................................................................................ |
369 |
35.2.1 System Information ............................................................................... |
369 |
|
35.2.2 Console Port Speed .............................................................................. |
370 |
|
35.3 |
Log and Trace ................................................................................................ |
370 |
35.3.1 Syslog Logging ..................................................................................... |
370 |
|
|
35.3.1.1 CDR ............................................................................................ |
372 |
|
35.3.1.2 Packet triggered .......................................................................... |
374 |
|
35.3.1.3 Filter log ..................................................................................... |
374 |
|
35.3.1.4 PPP log ...................................................................................... |
374 |
|
35.3.1.5 Firewall log .................................................................................. |
375 |
35.3.2 Call-Triggering Packet .......................................................................... |
375 |
20
|
P-335 Series User’s Guide |
|
35.4 |
Diagnostic ...................................................................................................... |
376 |
35.4.1 WAN DHCP .......................................................................................... |
377 |
|
Chapter 36 |
|
|
Firmware and Configuration File Maintenance ................................................. |
379 |
|
36.1 |
Filename Conventions ................................................................................... |
379 |
36.2 |
Backup Configuration ..................................................................................... |
380 |
36.2.1 Backup Configuration ........................................................................... |
380 |
|
36.2.2 Using the FTP Command from the Command Line .............................. |
381 |
|
36.2.3 Example of FTP Commands from the Command Line ......................... |
382 |
|
36.2.4 GUI-based FTP Clients ......................................................................... |
382 |
|
36.2.5 TFTP and FTP over WAN Management Limitations ............................. |
382 |
|
36.2.6 Backup Configuration Using TFTP ....................................................... |
383 |
|
36.2.7 TFTP Command Example .................................................................... |
383 |
|
36.2.8 GUI-based TFTP Clients ...................................................................... |
384 |
|
36.3 |
Restore Configuration .................................................................................... |
384 |
36.3.1 Restore Using FTP ............................................................................... |
384 |
|
36.3.2 Restore Using FTP Session Example .................................................. |
386 |
|
36.4 |
Uploading Firmware and Configuration Files ................................................. |
386 |
36.4.1 Firmware File Upload ............................................................................ |
386 |
|
36.4.2 Configuration File Upload ..................................................................... |
387 |
|
36.4.3 FTP File Upload Command from the DOS Prompt Example ................ |
387 |
|
36.4.4 FTP Session Example of Firmware File Upload ................................... |
388 |
|
36.4.5 TFTP File Upload .................................................................................. |
388 |
|
36.4.6 TFTP Upload Command Example ........................................................ |
389 |
|
Chapter 37 |
|
|
System Maintenance............................................................................................ |
391 |
|
37.1 |
Command Interpreter Mode ........................................................................... |
391 |
37.1.1 Command Syntax ................................................................................. |
391 |
|
37.1.2 Command Usage .................................................................................. |
392 |
|
37.2 |
Call Control Support ....................................................................................... |
392 |
37.2.1 Budget Management ............................................................................ |
392 |
|
37.2.2 Call History ........................................................................................... |
393 |
|
37.3 |
Time and Date Setting .................................................................................... |
394 |
37.3.1 Resetting the Time ................................................................................ |
396 |
|
Chapter 38 |
|
|
Remote Management ........................................................................................... |
397 |
|
38.1 Remote Management ..................................................................................... |
397 |
|
38.1.1 Remote Management Limitations ......................................................... |
398 |
21
P-335 Series User’s Guide |
|
Chapter 39 |
|
Call Scheduling .................................................................................................... |
401 |
39.1 Introduction to Call Scheduling ...................................................................... |
401 |
Chapter 40 |
|
VPN/IPSec Setup .................................................................................................. |
405 |
40.1 VPN/IPSec Overview ..................................................................................... |
405 |
40.2 IPSec Summary Screen ................................................................................. |
406 |
40.3 IKE Setup ....................................................................................................... |
412 |
40.4 Manual Setup ................................................................................................. |
414 |
40.4.0.1 Active Protocol ............................................................................ |
415 |
40.4.0.2 Security Parameter Index (SPI) .................................................. |
415 |
Chapter 41 |
|
SA Monitor ............................................................................................................ |
417 |
41.1 SA Monitor Overview ..................................................................................... |
417 |
41.2 Using SA Monitor ........................................................................................... |
417 |
Appendix A |
|
Troubleshooting................................................................................................... |
421 |
Appendix B |
|
PPPoE ................................................................................................................... |
423 |
Appendix C |
|
PPTP...................................................................................................................... |
425 |
Appendix D |
|
Print Server........................................................................................................... |
429 |
Appendix E |
|
Print Server Specifications ................................................................................. |
451 |
Appendix F |
|
NetBIOS Filter Commands .................................................................................. |
453 |
Appendix G |
|
Log Descriptions.................................................................................................. |
455 |
Appendix H |
|
Setting up Your Computer’s IP Address............................................................ |
457 |
Appendix I |
|
Wireless LAN and IEEE 802.11 ........................................................................... |
469 |
Appendix J |
|
Wireless LAN With IEEE 802.1x .......................................................................... |
473 |
22
|
P-335 Series User’s Guide |
Appendix K |
|
Types of EAP Authentication.............................................................................. |
475 |
Appendix L |
|
Antenna Selection and Positioning Recommendation..................................... |
477 |
Appendix M |
|
Brute-Force Password Guessing Protection..................................................... |
479 |
Appendix N |
|
TMSS ..................................................................................................................... |
481 |
Appendix O |
|
Triangle Route ...................................................................................................... |
485 |
23
P-335 Series User’s Guide
24
P-335 Series User’s Guide
Figure 1 Prestige Print Server Application .......................................................................... |
47 |
Figure 2 Secure Internet Access via Cable, DSL or Wireless Modem ................................ |
48 |
Figure 3 VPN Application .................................................................................................... |
48 |
Figure 4 Internet Access Application Example .................................................................... |
49 |
Figure 5 Change Password Screen .................................................................................... |
52 |
Figure 6 The MAIN MENU Screen of the Web Configurator ............................................... |
53 |
Figure 7 Wizard Setup : General ......................................................................................... |
58 |
Figure 8 Wizard Setup : Wireless LAN ................................................................................ |
58 |
Figure 9 Wizard Setup : Wireless LAN : Basic Security ...................................................... |
60 |
Figure 10 Wizard Setup : Wireless LAN : Extended Security ............................................. |
61 |
Figure 11 Wizard Setup : Wireless LAN : OTIST ................................................................ |
62 |
Figure 12 Wizard Setup : Internet Access : Ethernet Encapsulation .................................. |
63 |
Figure 13 Wizard Setup : Internet Access : PPPoE Encapsulation .................................... |
65 |
Figure 14 Wizard Setup : Internet Access : PPTP Encapsulation ....................................... |
66 |
Figure 15 Wizard Setup : WAN ........................................................................................... |
69 |
Figure 16 Wizard Setup : WAN IP and DNS Server Address Assignment .......................... |
70 |
Figure 17 Wizard Setup : WAN MAC Address .................................................................... |
71 |
Figure 18 Wizard Setup : Complete .................................................................................... |
72 |
Figure 19 Media Bandwidth Management Setup ............................................................... |
74 |
Figure 20 Media Bandwidth Management Setup : Services ............................................... |
75 |
Figure 21 Media Bandwidth Management Setup : Service Priority ..................................... |
76 |
Figure 22 Media Bandwidth Management Setup : Complete .............................................. |
76 |
Figure 23 System General Setup ....................................................................................... |
78 |
Figure 24 DDNS .................................................................................................................. |
80 |
Figure 25 Password ............................................................................................................ |
81 |
Figure 26 Time Setting ........................................................................................................ |
82 |
Figure 27 Any IP Example Application ................................................................................ |
87 |
Figure 28 LAN IP ................................................................................................................. |
89 |
Figure 29 Static DHCP ........................................................................................................ |
92 |
Figure 30 IP Alias ................................................................................................................ |
93 |
Figure 31 IBSS (Ad-hoc) Wireless LAN .............................................................................. |
95 |
Figure 32 Basic Service set ................................................................................................ |
96 |
Figure 33 Extended Service Set ......................................................................................... |
97 |
Figure 34 RTS/CTS ............................................................................................................ |
98 |
Figure 35 Wireless ............................................................................................................. |
100 |
Figure 36 Roaming Example ............................................................................................... |
102 |
25
P-335 Series User’s Guide
Figure 37 Roaming .............................................................................................................. |
103 |
Figure 38 Prestige Wireless Security Levels ....................................................................... |
105 |
Figure 39 Wireless: No Security .......................................................................................... |
106 |
Figure 40 WEP Authentication Steps .................................................................................. |
108 |
Figure 41 Wireless: Static WEP Encryption ........................................................................ |
110 |
Figure 42 WPA - PSK Authentication .................................................................................. |
113 |
Figure 43 Wireless: WPA-PSK ............................................................................................ |
114 |
Figure 44 EAP Authentication ............................................................................................. |
117 |
Figure 45 WPA with RADIUS Application Example ............................................................ |
118 |
Figure 46 Wireless: WPA .................................................................................................... |
119 |
Figure 47 Wireless: 802.1x and Dynamic WEP .................................................................. |
123 |
Figure 48 Wireless: 802.1x and Static WEP ....................................................................... |
126 |
Figure 49 Wireless: 802.1x ................................................................................................. |
129 |
Figure 50 MAC Address Filter ............................................................................................. |
132 |
Figure 51 OTIST ................................................................................................................. |
134 |
Figure 52 OTIST Start ......................................................................................................... |
134 |
Figure 53 OTIST Process ................................................................................................... |
135 |
Figure 54 WAN: Route ........................................................................................................ |
138 |
Figure 55 Ethernet Encapsulation ....................................................................................... |
139 |
Figure 56 PPPoE Encapsulation ......................................................................................... |
141 |
Figure 57 PPTP Encapsulation ........................................................................................... |
143 |
Figure 58 WAN: IP ............................................................................................................. |
145 |
Figure 59 MAC Setup .......................................................................................................... |
147 |
Figure 60 Traffic Redirect WAN Setup ................................................................................ |
148 |
Figure 61 Traffic Redirect LAN Setup ................................................................................. |
149 |
Figure 62 WAN: Traffic Redirect .......................................................................................... |
150 |
Figure 63 How NAT Works .................................................................................................. |
155 |
Figure 64 NAT Application With IP Alias ............................................................................. |
155 |
Figure 65 Multiple Servers Behind NAT Example ............................................................... |
159 |
Figure 66 SUA/NAT Setup .................................................................................................. |
160 |
Figure 67 Address Mapping ................................................................................................ |
161 |
Figure 68 Address Mapping Rule ........................................................................................ |
163 |
Figure 69 Trigger Port Forwarding Process: Example ........................................................ |
164 |
Figure 70 Trigger Port ......................................................................................................... |
166 |
Figure 71 Example of Static Routing Topology ................................................................... |
167 |
Figure 72 Static Route ......................................................................................................... |
168 |
Figure 73 Static Route: Edit ................................................................................................ |
169 |
Figure 74 Configuring UPnP ............................................................................................... |
173 |
Figure 75 Service Settings .................................................................................................. |
182 |
Figure 76 Virus Protection ................................................................................................... |
184 |
Figure 77 Parental Controls License Status ........................................................................ |
186 |
Figure 78 Parental Controls ................................................................................................ |
187 |
Figure 79 Parental Controls Statistics ................................................................................. |
190 |
26
P-335 Series User’s Guide |
|
Figure 80 Firewall: Settings ................................................................................................. |
193 |
Figure 81 Firewall Rule Directions ...................................................................................... |
194 |
Figure 82 Firewall: Service .................................................................................................. |
196 |
Figure 83 Content Filter ...................................................................................................... |
200 |
Figure 84 Remote Management: WWW ............................................................................. |
207 |
Figure 85 Telnet Configuration on a TCP/IP Network ......................................................... |
208 |
Figure 86 Remote Management: Telnet .............................................................................. |
208 |
Figure 87 Remote Management: FTP ................................................................................. |
209 |
Figure 88 SNMP Management Model ................................................................................. |
210 |
Figure 89 Remote Management: SNMP ............................................................................. |
212 |
Figure 90 Remote Management: DNS ................................................................................ |
213 |
Figure 91 Security ............................................................................................................... |
214 |
Figure 92 Encryption and Decryption .................................................................................. |
218 |
Figure 93 IPSec Architecture .............................................................................................. |
219 |
Figure 94 Transport and Tunnel Mode IPSec Encapsulation .............................................. |
220 |
Figure 95 IPSec Summary Fields ....................................................................................... |
225 |
Figure 96 VPN: Summary ................................................................................................... |
226 |
Figure 97 NAT Router Between IPSec Routers .................................................................. |
227 |
Figure 98 VPN Host using Intranet DNS Server Example .................................................. |
228 |
Figure 99 Mismatching ID Type and Content Configuration Example ................................ |
230 |
Figure 100 VPN: Rule Setup (Basic) ................................................................................... |
231 |
Figure 101 Two Phases to Set Up the IPSec SA ................................................................ |
235 |
Figure 102 VPN IKE: Advanced .......................................................................................... |
237 |
Figure 103 Setup: Manual ................................................................................................... |
243 |
Figure 104 SA Monitor ........................................................................................................ |
246 |
Figure 105 VPN: Global Setting .......................................................................................... |
247 |
Figure 106 Telecommuters Sharing One VPN Rule Example ............................................. |
248 |
Figure 107 Telecommuters Using Unique VPN Rules Example ......................................... |
249 |
Figure 108 View Logs ......................................................................................................... |
252 |
Figure 109 Log Settings ...................................................................................................... |
254 |
Figure 110 Configuring Print Server Screen ....................................................................... |
258 |
Figure 111 Application-based Bandwidth Management Example ....................................... |
260 |
Figure 112 Subnet-based Bandwidth Management Example ............................................. |
260 |
Figure 113 Application and Subnet-based Bandwidth Management Example .................... |
261 |
Figure 114 Bandwidth Usage Example ............................................................................... |
262 |
Figure 115 Maximize Bandwidth Usage Example ............................................................... |
263 |
Figure 116 Bandwidth Management Configuration ............................................................. |
267 |
Figure 117 Bandwidth Management Edit ............................................................................ |
269 |
Figure 118 Bandwidth Management Monitor ...................................................................... |
271 |
Figure 119 Maintenance Status ........................................................................................... |
274 |
Figure 120 Maintenance System Statistics ......................................................................... |
275 |
Figure 121 Maintenance DHCP Table ................................................................................. |
276 |
Figure 122 Maintenance Any IP .......................................................................................... |
277 |
27
P-335 Series User’s Guide
Figure 123 Maintenance Association List .......................................................................... |
278 |
Figure 124 Maintenance Firmware Upload ......................................................................... |
279 |
Figure 125 Upload Warning ................................................................................................ |
280 |
Figure 126 Network Temporarily Disconnected .................................................................. |
280 |
Figure 127 Upload Error Message ...................................................................................... |
281 |
Figure 128 Maintenance Configuration ............................................................................... |
282 |
Figure 129 Configuration Restore Successful ..................................................................... |
283 |
Figure 130 Temporarily Disconnected ................................................................................. |
284 |
Figure 131 Configuration Restore Error .............................................................................. |
284 |
Figure 132 System Restart ................................................................................................. |
285 |
Figure 133 Login Screen ..................................................................................................... |
288 |
Figure 134 SMT Menu Overview ........................................................................................ |
288 |
Figure 135 SMT Main Menu ................................................................................................ |
290 |
Figure 136 Menu 23: System Security ................................................................................ |
291 |
Figure 137 Menu 23 System Password .............................................................................. |
291 |
Figure 138 Menu 1 General Setup. ..................................................................................... |
294 |
Figure 139 Menu 1.1 Configure Dynamic DNS .................................................................. |
295 |
Figure 140 Menu 2 WAN Setup .......................................................................................... |
297 |
Figure 141 Menu 3 LAN Setup ............................................................................................ |
299 |
Figure 142 Menu 3.1 LAN Port Filter Setup. ....................................................................... |
299 |
Figure 143 Menu 3.2 TCP/IP and DHCP Ethernet Setup ................................................... |
300 |
Figure 144 Physical Network & Partitioned Logical Networks ............................................ |
302 |
Figure 145 Menu 3.2.1: IP Alias Setup ............................................................................... |
302 |
Figure 146 Menu 3.5 Wireless LAN Setup .......................................................................... |
304 |
Figure 147 Menu 3.5 Wireless LAN Setup ......................................................................... |
306 |
Figure 148 Menu 3.5.1 WLAN MAC Address Filter ............................................................ |
307 |
Figure 149 Menu 3.5 Wireless LAN Setup .......................................................................... |
308 |
Figure 150 Menu 3.5.2 Roaming Configuration .................................................................. |
308 |
Figure 151 Menu 4 Internet Access Setup .......................................................................... |
309 |
Figure 152 Internet Access Setup (PPTP) ......................................................................... |
311 |
Figure 153 Internet Access Setup (PPPoE) ........................................................................ |
312 |
Figure 154 Menu 11.1 Remote Node Profile for Ethernet Encapsulation ............................ |
314 |
Figure 155 Menu 11.1 Remote Node Profile for PPPoE Encapsulation .............................. |
315 |
Figure 156 Menu 11.1 Remote Node Profile for PPTP Encapsulation ................................ |
317 |
Figure 157 Menu 11.3 Remote Node Network Layer Options for Ethernet Encapsulation . 318 |
|
Figure 158 Menu 11.5: Remote Node Filter (Ethernet Encapsulation) ................................ |
320 |
Figure 159 Menu 11.5: Remote Node Filter (PPPoE or PPTP Encapsulation) ................... |
320 |
Figure 160 Menu 11.6: Traffic Redirect Setup .................................................................... |
321 |
Figure 161 Menu 12 IP Static Route Setup ........................................................................ |
323 |
Figure 162 Menu12.1 Edit IP Static Route .......................................................................... |
323 |
Figure 163 Menu 4 Applying NAT for Internet Access ........................................................ |
326 |
Figure 164 Menu 11.3 Applying NAT to the Remote Node ................................................. |
327 |
Figure 165 Menu 15 NAT Setup .......................................................................................... |
328 |
28
P-335 Series User’s Guide |
|
Figure 166 Menu 15.1 Address Mapping Sets .................................................................... |
328 |
Figure 167 Menu 15.1.255 SUA Address Mapping Rules ................................................. |
328 |
Figure 168 Menu 15.1.1 First Set ........................................................................................ |
330 |
Figure 169 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set ......................... |
331 |
Figure 170 Menu 15.2.1 NAT Server Setup ........................................................................ |
332 |
Figure 171 Multiple Servers Behind NAT Example ............................................................. |
333 |
Figure 172 NAT Example 1 ................................................................................................. |
333 |
Figure 173 Menu 4 Internet Access & NAT Example ......................................................... |
334 |
Figure 174 NAT Example 2 ................................................................................................. |
334 |
Figure 175 Menu 15.2.1 Specifying an Inside Server ......................................................... |
335 |
Figure 176 NAT Example 3 ................................................................................................. |
336 |
Figure 177 NAT Example 3: Menu 11.3 .............................................................................. |
336 |
Figure 178 Example 3: Menu 15.1.1.1 ............................................................................... |
337 |
Figure 179 Example 3: Final Menu 15.1.1 .......................................................................... |
337 |
Figure 180 Example 3: Menu 15.2 ...................................................................................... |
338 |
Figure 181 NAT Example 4 ................................................................................................. |
338 |
Figure 182 Example 4: Menu 15.1.1.1 Address Mapping Rule. .......................................... |
339 |
Figure 183 Example 4: Menu 15.1.1 Address Mapping Rules ............................................ |
339 |
Figure 184 Menu 15.3 Trigger Port Setup ........................................................................... |
340 |
Figure 185 Menu 21.2 Firewall Setup ................................................................................. |
342 |
Figure 186 Outgoing Packet Filtering Process .................................................................... |
343 |
Figure 187 Filter Rule Process ............................................................................................ |
344 |
Figure 188 Menu 21: Filter and Firewall Setup ................................................................... |
345 |
Figure 189 Menu 21.1: Filter Set Configuration .................................................................. |
345 |
Figure 190 Menu 21.1.1.1 TCP/IP Filter Rule. .................................................................... |
347 |
Figure 191 Executing an IP Filter ........................................................................................ |
349 |
Figure 192 Menu 21.1.4.1 Generic Filter Rule .................................................................... |
350 |
Figure 193 Telnet Filter Example ........................................................................................ |
351 |
Figure 194 Example Filter: Menu 21.1.3.1 .......................................................................... |
352 |
Figure 195 Example Filter Rules Summary: Menu 21.1.3 .................................................. |
353 |
Figure 196 Protocol and Device Filter Sets ......................................................................... |
354 |
Figure 197 Filtering LAN Traffic .......................................................................................... |
355 |
Figure 198 Filtering Remote Node Traffic ........................................................................... |
355 |
Figure 199 SNMP Management Model ............................................................................... |
357 |
Figure 200 Menu 22 SNMP Configuration .......................................................................... |
359 |
Figure 201 Menu 23 System Security ................................................................................. |
361 |
Figure 202 Menu 23 System Security ................................................................................. |
361 |
Figure 203 Menu 23.2 System Security : RADIUS Server .................................................. |
362 |
Figure 204 Menu 23 System Security ................................................................................. |
363 |
Figure 205 Menu 23.4 System Security : IEEE802.1x ........................................................ |
364 |
Figure 206 Menu 24 System Maintenance ......................................................................... |
367 |
Figure 207 Menu 24.1 System Maintenance : Status ......................................................... |
368 |
Figure 208 Menu 24.2 System Information and Console Port Speed ............................... |
369 |
29
P-335 Series User’s Guide
Figure 209 Menu 24.2.1 System Maintenance : Information ............................................. |
369 |
Figure 210 Menu 24.2.2 System Maintenance : Change Console Port Speed ................... |
370 |
Figure 211 Menu 24.3.2 System Maintenance : Syslog Logging ........................................ |
370 |
Figure 212 Syslog Example ................................................................................................ |
372 |
Figure 213 Call-Triggering Packet Example ........................................................................ |
376 |
Figure 214 Menu 24.4 System Maintenance : Diagnostic ................................................... |
377 |
Figure 215 LAN & WAN DHCP ........................................................................................... |
377 |
Figure 216 Telnet in Menu 24.5 ........................................................................................... |
381 |
Figure 217 FTP Session Example ...................................................................................... |
382 |
Figure 218 Telnet into Menu 24.6. ....................................................................................... |
385 |
Figure 219 Restore Using FTP Session Example ............................................................... |
386 |
Figure 220 Telnet Into Menu 24.7.1 Upload System Firmware ........................................... |
387 |
Figure 221 Telnet Into Menu 24.7.2 System Maintenance . ................................................ |
387 |
Figure 222 FTP Session Example of Firmware File Upload ............................................... |
388 |
Figure 223 Command Mode in Menu 24 ............................................................................. |
391 |
Figure 224 Valid Commands ............................................................................................... |
392 |
Figure 225 Menu 24.9 System Maintenance : Call Control ................................................. |
392 |
Figure 226 Budget Management ......................................................................................... |
393 |
Figure 227 Menu 24.9.2 - Call History ................................................................................ |
393 |
Figure 228 Menu 24: System Maintenance ....................................................................... |
394 |
Figure 229 Menu 24.10 System Maintenance: Time and Date Setting ............................... |
395 |
Figure 230 Menu 24.11 – Remote Management Control .................................................... |
398 |
Figure 231 Menu 26 Schedule Setup .................................................................................. |
401 |
Figure 232 Menu 26.1 Schedule Set Setup ....................................................................... |
402 |
Figure 233 Applying Schedule Set(s) to a Remote Node (PPPoE) .................................... |
403 |
Figure 234 VPN SMT Menu Tree ........................................................................................ |
405 |
Figure 235 Menu 27 VPN/IPSec Setup ............................................................................... |
406 |
Figure 236 Menu 27 ............................................................................................................ |
406 |
Figure 237 Menu 27.1.1 IPSec Setup ................................................................................. |
409 |
Figure 238 Menu 27.1.1.1 IKE Setup .................................................................................. |
413 |
Figure 239 Menu 27.1.1.2 Manual Setup ............................................................................ |
415 |
Figure 240 Menu 27.2 SA Monitor ...................................................................................... |
418 |
Figure 241 Single-Computer per Router Hardware Configuration ...................................... |
424 |
Figure 242 Prestige as a PPPoE Client .............................................................................. |
424 |
Figure 243 Transport PPP frames over Ethernet ............................................................... |
425 |
Figure 244 PPTP Protocol Overview .................................................................................. |
426 |
Figure 245 Example Message Exchange between Computer and an ANT ........................ |
427 |
Figure 246 Network Print Server Setup Wizard .................................................................. |
430 |
Figure 247 Network Print Server Setup Wizard : Welcome ................................................ |
431 |
Figure 248 Network Print Server Setup Wizard : Select A Print Server .............................. |
432 |
Figure 249 Network Print Server Setup Wizard : Change Settings ..................................... |
433 |
Figure 250 Network Print Server Setup Wizard : Select A Printer ...................................... |
434 |
Figure 251 Add Printer Help ................................................................................................ |
434 |
30