Zyxel PRESTIGE 652HWI, PRESTIGE 652HI, PRESTIGE 652HW, PRESTIGE 652H user manual
Prestige 652 Series
ADSL Security/Wireless LAN Router
User's Guide
Version 3.40
June 2003
Prestige 652 Series User’s Guide
Copyright
Copyright © 2003 by ZyXEL Communications Corporation.
The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a
retrieval system, translated into any language, or transmitted in any form or by any means, electronic,
mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written
permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or software
described herein. Neither does it convey any license under its patent rights nor the patent rights of others.
ZyXEL further reserves the right to make changes in any products described herein without notice. This
publication is subject to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc.
Other trademarks mentioned in this publication are used for identification purposes only and may be
properties of their respective owners.
ii Copyright
Prestige 652 Series User’s Guide
Federal Communications Commission
(FCC) Interference Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:
• This device may not cause harmful interference.
• This device must accept any interference received, including interference that may cause undesired
operations.
This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to
Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful
interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency
energy, and if not installed and used in accordance with the instructions, may cause harmful interference to
radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be determined by
turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of
the following measures:
1. Reorient or relocate the receiving antenna.
2. Increase the separation between the equipment and the receiver.
3. Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
4. Consult the dealer or an experienced radio/TV technician for help.
Notice 1
Changes or modifications not expressly approved by the party responsible for compliance could void the
user's authority to operate the equipment.
Certifications
Refer to the product page at www.zyxel.com
FCC Statement iii
.
Prestige 652 Series User’s Guide
ZyXEL Limited Warranty
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials
or workmanship for a period of up to two years from the date of purchase. During the warranty period, and
upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or
materials, ZyXEL will, at its discretion, repair or replace the defective products or components without
charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or
components to proper operating condition. Any replacement will consist of a new or re-manufactured
functionally equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty
shall not apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected
to abnormal working conditions.
Note
Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This
warranty is in lieu of all other warranties, express or implied, including any implied warranty of
merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect
or consequential damages of any kind of character to the purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material
Authorization number (RMA). Products must be returned Postage Prepaid. It is recommended that the unit
be insured when shipped. Any returned products without proof of purchase or those with an out-dated
warranty will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts
and labor. All repaired or replaced products will be shipped by ZyXEL to the corresponding return address,
Postage Paid. This warranty gives you specific legal rights, and you may also have other rights that vary
from country to country.
Safety Warnings
1. To reduce the risk of fire, use only No. 26 AWG or larger telephone wire.
2. Do not use this product near water, for example, in a wet basement or near a swimming pool.
3. Avoid using this product during an electrical storm. There may be a remote risk of electric shock from
lightening.
iv ZyXEL Warranty
Prestige 652 Series User’s Guide
Customer Support
Please have the following information ready when you contact customer support.
• Product model and serial number.
• Warranty Information.
• Date that you received your device.
• Brief description of the problem and the steps you took to solve it.
METHOD
LOCATION
WORLDWIDE
AMERICA
FINLAND support@zyxel.fi
support@zyxel.com.tw
sales@zyxel.com.tw
support@zyxel.com +1-800-255-4101 www.us.zyxel.com NORTH
sales@zyxel.com
support@zyxel.dk +45-3955-0700 www.zyxel.dk SCANDINAVIA
sales@zyxel.dk
support@zyxel.de +49-2405-6909-0 www.zyxel.de GERMANY
sales@zyxel.de
sales@zyxel.fi
E-MAIL
SUPPORT/SALES
TELEPHONE/FAX WEB SITE/ FTP SITE REGULAR MAIL
+886-3-578-3942 www.zyxel.com
www.europe.zyxel.com
+886-3-578-2439 ftp.europe.zyxel.com
+1-714-632-0858 ftp.zyxel.com
+45-3955-0707 ftp.zyxel.dk
+49-2405-6909-99
+358-9-4780 8400
+358-9-4780 8448
www.zyxel.fi
ZyXEL Communications Corp.,
6 Innovation Road II, ScienceBased Industrial Park, Hsinchu
300, Taiwan.
ZyXEL Communications A/S,
Columbusvej 5, 2860 Soeborg,
Denmark.
ZyXEL Deutschland GmbH.
Adenauerstr. 20/A2 D-52146
Wuerselen, Germany
ZyXEL Communications Oy,
Malminkaari 10, 00700
Helsinki, Finland.
Customer Support v
Prestige 652 Series User’s Guide
Table of Contents
Copyright......................................................................................................................................................... ii
Federal Communications Commission (FCC) Interference Statement.....................................................iii
ZyXEL Limited Warranty ............................................................................................................................ iv
Customer Support........................................................................................................................................... v
List of Figures ..............................................................................................................................................xiv
List of Tables ................................................................................................................................................ xxi
List of Charts .............................................................................................................................................. xxv
Preface ........................................................................................................................................................ xxvi
What is DSL? ........................................................................................................................................... xxviii
Getting Started.................................................................................................................................................I
Chapter 1 Getting To Know Your Prestige ................................................................................................1-1
1.1 Introducing the Prestige 652 Series ...........................................................................................1-1
1.2 Features of the Prestige..............................................................................................................1-1
1.3 Applications for the Prestige...................................................................................................... 1-6
Chapter 2 Introducing the Web Configurator ..........................................................................................2-1
2.1 Web Configurator Overview...................................................................................................... 2-1
2.2 Accessing the Prestige Web Configurator .................................................................................2-1
2.3 Navigating the Prestige Web Configurator................................................................................2-2
2.4 Resetting the Prestige................................................................................................................. 2-3
Chapter 3 Wizard Setup.............................................................................................................................. 3-1
3.1 Wizard Setup Introduction......................................................................................................... 3-1
3.2 Encapsulation.............................................................................................................................3-1
3.3 Multiplexing...............................................................................................................................3-2
3.4 VPI and VCI ..............................................................................................................................3-2
3.5 Wizard Setup Configuration: First Screen .................................................................................3-2
3.6 IP Address and Subnet Mask .....................................................................................................3-4
3.7 IP Address Assignment.............................................................................................................. 3-4
3.8 Nailed-Up Connection (PPP) ..................................................................................................... 3-6
3.9 NAT ...........................................................................................................................................3-6
3.10 Wizard Setup Configuration: Second Screen............................................................................. 3-6
3.11 DHCP Setup.............................................................................................................................3-11
3.12 Wizard Setup Configuration: Third Screen..............................................................................3-12
3.13 Wizard Setup Configuration: Connection Tests.......................................................................3-14
3.14 Test Your Internet Connection.................................................................................................3-15
Password, LAN, Wireless LAN and WAN ................................................................................................... II
Chapter 4 Password Setup..........................................................................................................................4-1
4.1 Password Overview ...................................................................................................................4-1
4.2 Configuring Password................................................................................................................4-1
vi Table of Contents
Prestige 652 Series User’s Guide
Chapter 5 LAN Setup ..................................................................................................................................5-1
5.1 LAN Overview...........................................................................................................................5-1
5.2 DNS Server Address ..................................................................................................................5-1
5.3 DNS Server Address Assignment ..............................................................................................5-2
5.4 LAN TCP/IP ..............................................................................................................................5-2
5.5 Configuring LAN .......................................................................................................................5-4
Chapter 6 Wireless LAN Setup...................................................................................................................6-1
6.1 Wireless LAN Overview............................................................................................................6-1
6.2 Levels of Security ......................................................................................................................6-3
6.3 Data Encryption with WEP ........................................................................................................6-4
6.4 Inserting a PCMCIA Wireless LAN Card..................................................................................6-4
6.5 Configuring Wireless LAN ........................................................................................................6-4
6.6 Configuring MAC Filter.............................................................................................................6-6
6.7 Network Authentication .............................................................................................................6-8
6.8 Configuring 802.1x ..................................................................................................................6-10
6.9 Configuring Local User Authentication ...................................................................................6-12
6.10 Configuring RADIUS ..............................................................................................................6-14
Chapter 7 WAN Setup .................................................................................................................................7-1
7.1 WAN Overview .........................................................................................................................7-1
7.2 Metric .........................................................................................................................................7-1
7.3 PPPoE Encapsulation .................................................................................................................7-1
7.4 Traffic Shaping...........................................................................................................................7-2
7.5 Configuring WAN Setup............................................................................................................7-3
7.6 WAN Backup.............................................................................................................................7-7
7.7 Traffic Redirect on the LAN ......................................................................................................7-7
7.8 Traffic Redirect on the WAN.....................................................................................................7-8
7.9 Configuring WAN Backup.........................................................................................................7-9
7.10 Configuring Advanced WAN Backup .....................................................................................7-12
7.11 AT Command Strings ..............................................................................................................7-16
7.12 DTR Signal ..............................................................................................................................7-17
7.13 Response Strings ......................................................................................................................7-17
7.14 Configuring Advanced Modem Setup......................................................................................7-17
NAT, Dynamic DNS and Time Zone........................................................................................................... III
Chapter 8 Network Address Translation (NAT) Screens ..........................................................................8-1
8.1 NAT Overview...........................................................................................................................8-1
8.2 SUA (Single User Account) Versus NAT..................................................................................8-5
8.3 SUA Server ................................................................................................................................8-6
8.4 Selecting the NAT Mode............................................................................................................8-8
8.5 Configuring SUA Server............................................................................................................8-9
8.6 Configuring Address Mapping.................................................................................................8-11
8.7 Editing an Address Mapping Rule ...........................................................................................8-12
Table of Contents vii
Prestige 652 Series User’s Guide
Chapter 9 Dynamic DNS Setup ..................................................................................................................9-1
9.1 Dynamic DNS............................................................................................................................ 9-1
9.2 Configuring Dynamic DNS .......................................................................................................9-1
Chapter 10 Time Zone...............................................................................................................................10-1
10.1 Configuring Time Zone ...........................................................................................................10-1
Firewall and Content Filters........................................................................................................................IV
Chapter 11 Firewalls.................................................................................................................................. 11-1
11.1 Firewall Overview ...................................................................................................................11-1
11.2 Types of Firewalls....................................................................................................................11-1
11.3 Introduction to ZyXEL’s Firewall ...........................................................................................11-2
11.4 Denial of Service .....................................................................................................................11-3
11.5 Stateful Inspection ...................................................................................................................11-7
11.6 Guidelines For Enhancing Security With Your Firewall....................................................... 11-11
11.7 Packet Filtering Vs Firewall ..................................................................................................11-12
Chapter 12 Firewall Configuration .......................................................................................................... 12-1
12.1 Remote Management and the Firewall ....................................................................................12-1
12.2 Enabling the Firewall...............................................................................................................12-1
12.3 Attack Alert..............................................................................................................................12-2
Chapter 13 Creating Custom Rules .........................................................................................................13-1
13.1 Rules Overview........................................................................................................................13-1
13.2 Rule Logic Overview...............................................................................................................13-1
13.3 Connection Direction............................................................................................................... 13-3
13.4 Logs .........................................................................................................................................13-4
13.5 Rule Summary .........................................................................................................................13-4
13.6 Predefined Services..................................................................................................................13-6
13.7 Creating/Editing Firewall Rules...............................................................................................13-9
13.8 Timeout.................................................................................................................................. 13-12
Chapter 14 Customized Services.............................................................................................................. 14-1
14.1 Introduction to Customized Services ....................................................................................... 14-1
14.2 Creating/Editing A Customized Service .................................................................................. 14-2
14.3 Example Custom Service Firewall Rule ..................................................................................14-3
Chapter 15 Content Filtering Screens...................................................................................................... 15-1
15.1 Content Filtering Overview .....................................................................................................15-1
15.2 Configuring Keyword Blocking...............................................................................................15-1
15.3 Configuring the Schedule ........................................................................................................15-3
15.4 Configuring Trusted Computers .............................................................................................. 15-4
VPN/IPSec ...................................................................................................................................................... V
Chapter 16 Introduction to IPSec.............................................................................................................16-1
16.1 VPN Overview.........................................................................................................................16-1
16.2 IPSec Architecture ...................................................................................................................16-3
16.3 Encapsulation........................................................................................................................... 16-5
viii Table of Contents
Prestige 652 Series User’s Guide
16.4 IPSec and NAT ........................................................................................................................16-5
Chapter 17 VPN Screens ...........................................................................................................................17-1
17.1 VPN/IPSec Overview...............................................................................................................17-1
17.2 IPSec Algorithms .....................................................................................................................17-1
17.3 My IP Address..........................................................................................................................17-2
17.4 Secure Gateway Address..........................................................................................................17-2
17.5 VPN Summary Screen .............................................................................................................17-3
17.6 Keep Alive ...............................................................................................................................17-5
17.7 ID Type and Content................................................................................................................17-5
17.8 Pre-Shared Key ........................................................................................................................17-7
17.9 Editing VPN Policies ...............................................................................................................17-7
17.10 IKE Phases .............................................................................................................................17-13
17.11 Configuring Advanced IKE Settings......................................................................................17-14
17.12 Manual Key Setup..................................................................................................................17-18
17.13 Configuring Manual Key .......................................................................................................17-19
17.14 Viewing SA Monitor..............................................................................................................17-22
17.15 Configuring Global Setting ....................................................................................................17-24
17.16 Telecommuter VPN/IPSec Examples ....................................................................................17-25
17.17 VPN and Remote Management..............................................................................................17-27
Remote Management, UPnP and Logs....................................................................................................... VI
Chapter 18 Remote Management Configuration....................................................................................18-1
18.1 Remote Management Overview...............................................................................................18-1
18.2 Telnet .......................................................................................................................................18-2
18.3 FTP...........................................................................................................................................18-2
18.4 Web ..........................................................................................................................................18-3
18.5 Configuring Remote Management ...........................................................................................18-3
Chapter 19 Universal Plug-and-Play (UPnP) ..........................................................................................19-1
19.1 Introducing Universal Plug and Play........................................................................................19-1
19.2 UPnP and ZyXEL ....................................................................................................................19-2
19.3 Installing UPnP in Windows Example.....................................................................................19-3
19.4 Using UPnP in Windows XP Example ....................................................................................19-5
Chapter 20 Logs Screens ...........................................................................................................................20-1
20.1 Logs Overview.........................................................................................................................20-1
20.2 Configuring Log Settings .........................................................................................................20-1
20.3 Displaying the Logs .................................................................................................................20-4
20.4 SMTP Error Messages .............................................................................................................20-5
Maintenance ................................................................................................................................................ VII
Chapter 21 Maintenance ...........................................................................................................................21-1
21.1 Maintenance Overview ............................................................................................................21-1
21.2 System Status Screen ...............................................................................................................21-1
21.3 DHCP Table Screen .................................................................................................................21-6
Table of Contents ix
Prestige 652 Series User’s Guide
21.4 Wireless Screens ...................................................................................................................... 21-6
21.5 Diagnostic Screens................................................................................................................... 21-8
21.6 Firmware Screen.................................................................................................................... 21-11
SMT General Configuration.....................................................................................................................VIII
Chapter 22 Introducing the SMT............................................................................................................. 22-1
22.1 SMT Introduction ....................................................................................................................22-1
22.2 Navigating the SMT Interface..................................................................................................22-3
22.3 Changing the System Password............................................................................................... 22-6
Chapter 23 Menu 1 General Setup...........................................................................................................23-1
23.1 General Setup...........................................................................................................................23-1
23.2 Procedure To Configure Menu 1 .............................................................................................23-1
Chapter 24 Menu 2 WAN Backup Setup .................................................................................................24-1
24.1 Introduction to WAN Backup Setup........................................................................................ 24-1
24.2 Dial Backup .............................................................................................................................24-1
24.3 Configuring Dial Backup in Menu 2........................................................................................24-1
24.4 Configuring Dial Backup Setup...............................................................................................24-4
24.5 Advanced Dial Backup Setup ..................................................................................................24-6
24.6 Remote Node Profile (Backup ISP).........................................................................................24-8
24.7 Editing PPP Options ..............................................................................................................24-10
24.8 Editing TCP/IP Options .........................................................................................................24-11
24.9 Editing Login Script...............................................................................................................24-13
24.10 Remote Node Filter................................................................................................................ 24-14
Chapter 25 Menu 3 LAN Setup ................................................................................................................25-1
25.1 LAN Setup ............................................................................................................................... 25-1
25.2 Protocol Dependent Ethernet Setup......................................................................................... 25-2
25.3 TCP/IP Ethernet Setup and DHCP...........................................................................................25-2
Chapter 26 Wireless LAN Setup...............................................................................................................26-1
26.1 Wireless LAN Overview..........................................................................................................26-1
26.2 Inserting a PCMCIA Wireless LAN Card ...............................................................................26-1
26.3 Wireless LAN Setup ................................................................................................................26-1
Chapter 27 Internet Access ....................................................................................................................... 27-1
27.1 Internet Access Overview ........................................................................................................27-1
27.2 IP Policies ................................................................................................................................27-1
27.3 IP Alias ....................................................................................................................................27-1
27.4 IP Alias Setup ..........................................................................................................................27-2
27.5 Route IP Setup ......................................................................................................................... 27-4
27.6 Internet Access Configuration .................................................................................................27-5
Chapter 28 Remote Node Configuration .................................................................................................28-1
28.1 Remote Node Setup Overview.................................................................................................28-1
28.2 Remote Node Setup ................................................................................................................. 28-1
28.3 Remote Node Network Layer Options.....................................................................................28-6
x Table of Contents
Prestige 652 Series User’s Guide
28.4 Remote Node Filter ..................................................................................................................28-8
28.5 Editing ATM Layer Options ....................................................................................................28-9
Chapter 29 Static Route Setup..................................................................................................................29-1
29.1 IP Static Route Overview.........................................................................................................29-1
29.2 Configuration ...........................................................................................................................29-2
Chapter 30 Bridging Setup........................................................................................................................30-1
30.1 Bridging in General..................................................................................................................30-1
30.2 Bridge Ethernet Setup ..............................................................................................................30-1
Chapter 31 Network Address Translation (NAT)....................................................................................31-1
31.1 Using NAT...............................................................................................................................31-1
31.2 Applying NAT .........................................................................................................................31-1
31.3 NAT Setup ...............................................................................................................................31-3
31.4 Configuring a Server behind NAT ...........................................................................................31-9
31.5 General NAT Examples .........................................................................................................31-11
Chapter 32 Enabling the Firewall.............................................................................................................32-1
32.1 Remote Management and the Firewall.....................................................................................32-1
32.2 Access Methods .......................................................................................................................32-1
32.3 Enabling the Firewall ...............................................................................................................32-1
SMT Advanced Management...................................................................................................................... IX
Chapter 33 Filter Configuration...............................................................................................................33-1
33.1 About Filtering.........................................................................................................................33-1
33.2 Configuring a Filter Set for the Prestige 652H/HW.................................................................33-4
33.3 Configuring a Filter Set for the Prestige 652............................................................................33-6
33.4 Filter Rules Summary Menus...................................................................................................33-7
33.5 Configuring a Filter Rule .........................................................................................................33-8
33.6 Filter Types and NAT ............................................................................................................33-15
33.7 Example Filter........................................................................................................................33-15
33.8 Applying Filters and Factory Defaults ...................................................................................33-18
Chapter 34 SNMP Configuration .............................................................................................................34-1
34.1 About SNMP............................................................................................................................34-1
34.2 Supported MIBs .......................................................................................................................34-2
34.3 SNMP Configuration ...............................................................................................................34-2
34.4 SNMP Traps.............................................................................................................................34-4
Chapter 35 System Security ......................................................................................................................35-1
35.1 System Security........................................................................................................................35-1
35.2 Creating User Accounts on the Prestige...................................................................................35-5
Chapter 36 System Information and Diagnosis.......................................................................................36-1
36.1 System Status ...........................................................................................................................36-1
36.2 System Information..................................................................................................................36-3
36.3 Log and Trace ..........................................................................................................................36-5
36.4 Diagnostic ................................................................................................................................36-8
Table of Contents xi
Prestige 652 Series User’s Guide
Chapter 37 Firmware and Configuration File Maintenance .................................................................37-1
37.1 Filename Conventions .............................................................................................................37-1
37.2 Backup Configuration..............................................................................................................37-2
37.3 Restore Configuration..............................................................................................................37-7
37.4 Uploading Firmware and Configuration Files .......................................................................37-10
Chapter 38 System Maintenance.............................................................................................................. 38-1
38.1 Command Interpreter Mode.....................................................................................................38-1
38.2 Call Control Support................................................................................................................ 38-2
38.3 Time and Date Setting .............................................................................................................38-4
Chapter 39 Remote Management.............................................................................................................39-1
39.1 Remote Management Overview...............................................................................................39-1
39.2 Remote Management ...............................................................................................................39-1
39.3 Remote Management and NAT ............................................................................................... 39-3
39.4 System Timeout ....................................................................................................................... 39-3
Chapter 40 IP Policy Routing ...................................................................................................................40-1
40.1 IP Policy Routing Overview ....................................................................................................40-1
40.2 Benefits of IP Policy Routing ..................................................................................................40-1
40.3 Routing Policy .........................................................................................................................40-1
40.4 IP Routing Policy Setup........................................................................................................... 40-2
40.5 Applying an IP Policy..............................................................................................................40-5
40.6 IP Policy Routing Example...................................................................................................... 40-7
Chapter 41 Call Scheduling ...................................................................................................................... 41-1
41.1 Introduction..............................................................................................................................41-1
SMT VPN/IPSec and Internal SPTGEN...................................................................................................... X
Chapter 42 VPN/IPSec Setup....................................................................................................................42-1
42.1 VPN/IPSec Overview ..............................................................................................................42-1
42.2 IPSec Summary Screen............................................................................................................42-2
42.3 IPSec Setup.............................................................................................................................. 42-6
42.4 IKE Setup...............................................................................................................................42-11
42.5 Manual Setup .........................................................................................................................42-13
Chapter 43 SA Monitor ............................................................................................................................. 43-1
43.1 SA Monitor Overview..............................................................................................................43-1
43.2 Using SA Monitor.................................................................................................................... 43-1
Chapter 44 Internal SPTGEN ..................................................................................................................44-1
44.1 Internal SPTGEN Overview ....................................................................................................44-1
44.2 The Configuration Text File Format........................................................................................44-1
44.3 Internal SPTGEN FTP Download Example ............................................................................44-3
44.4 Internal SPTGEN FTP Upload Example .................................................................................44-4
Appendices and Index ..................................................................................................................................XI
Appendix A Troubleshooting......................................................................................................................A-1
Appendix B IP Subnetting.......................................................................................................................... B-1
xii Table of Contents
Prestige 652 Series User’s Guide
Appendix C Wireless LAN and IEEE 802.11............................................................................................C-1
Appendix D PPPoE .....................................................................................................................................D-1
Appendix E Virtual Circuit Topology........................................................................................................ E-1
Appendix F Power Adaptor Specifications ...............................................................................................F-1
Appendix G Example Internal SPTGEN Screens ................................................................................... G-1
Appendix H Setting up Your Computer’s IP Address............................................................................. H-1
Appendix I Splitters and Microfilters ........................................................................................................ I-1
Appendix J Log Descriptions ......................................................................................................................J-1
Appendix K Index ...................................................................................................................................... K-1
Table of Contents xiii
Prestige 652 Series User’s Guide
List of Figures
Figure 1-1 Prestige Internet Access Application.............................................................................................1-7
Figure 1-2 Firewall Application......................................................................................................................1-8
Figure 1-3 VPN Application ...........................................................................................................................1-9
Figure 1-4 Prestige LAN-to-LAN Application .............................................................................................1-10
Figure 2-1 Password Screen ...........................................................................................................................2-2
Figure 2-2 Web Configurator SITE MAP Screen ...........................................................................................2-3
Figure 2-3 Example Xmodem Upload............................................................................................................2-4
Figure 3-1 Wizard Screen 1 ............................................................................................................................3-3
Figure 3-2 Internet Connection with PPPoE...................................................................................................3-6
Figure 3-3 Internet Connection with RFC 1483 .............................................................................................3-8
Figure 3-4 Internet Connection with ENET ENCAP......................................................................................3-9
Figure 3-5 Internet Connection with PPPoA ................................................................................................3-10
Figure 3-6 Wizard Screen 3 ..........................................................................................................................3-12
Figure 3-7 Wizard : LAN Configuration.......................................................................................................3-13
Figure 3-8 Wizard Screen 4 ..........................................................................................................................3-14
Figure 4-1 Password .......................................................................................................................................4-1
Figure 5-1 LAN and WAN IP Addresses ........................................................................................................5-1
Figure 5-2 LAN ..............................................................................................................................................5-4
Figure 6-1 RTS/CTS .......................................................................................................................................6-2
Figure 6-2 Prestige Wireless Security Levels .................................................................................................6-3
Figure 6-3 Wireless......................................................................................................................................... 6-5
Figure 6-4 MAC Address Filter......................................................................................................................6-7
Figure 6-5 EAP Authentication.....................................................................................................................6-10
Figure 6-6 802.1x..........................................................................................................................................6-10
Figure 6-7 Local User Database ...................................................................................................................6-13
Figure 6-8 RADIUS......................................................................................................................................6-14
Figure 7-1 Example of Traffic Shaping ..........................................................................................................7-3
Figure 7-2 WAN Setup .....................................................................................................................................7-4
Figure 7-3 Traffic Redirect Setup Example .................................................................................................... 7-8
Figure 7-4 Traffic Redirect WAN Setup .........................................................................................................7-8
Figure 7-5 Traffic Redirect LAN Setup ..........................................................................................................7-9
Figure 7-6 WAN Backup ................................................................................................................................7-10
Figure 7-7 Advanced WAN Backup..............................................................................................................7-13
Figure 7-8 Advanced Modem Setup................................................................................................................7-18
Figure 8-1 How NAT Works...........................................................................................................................8-3
Figure 8-2 NAT Application With IP Alias.....................................................................................................8-4
Figure 8-3 Multiple Servers Behind NAT Example........................................................................................8-8
Figure 8-4 NAT Mode.....................................................................................................................................8-8
xiv List of Figures
Prestige 652 Series User’s Guide
Figure 8-5 Edit SUA/NAT Server Set.......................................................................................................... 8-10
Figure 8-6 Address Mapping Rules...............................................................................................................8-11
Figure 8-7 Address Mapping Rule Edit........................................................................................................ 8-13
Figure 9-1 DDNS........................................................................................................................................... 9-2
Figure 10-1 Time/Date ................................................................................................................................. 10-1
Figure 11-1 Prestige Firewall Application ....................................................................................................11-3
Figure 11-2 Three-Way Handshake...............................................................................................................11-5
Figure 11-3 SYN Flood.................................................................................................................................11-5
Figure 11-4 Smurf Attack..............................................................................................................................11-6
Figure 11-5 Stateful Inspection .....................................................................................................................11-8
Figure 12-1 Enabling the Firewall ............................................................................................................... 12-1
Figure 12-2 Attack Alert .............................................................................................................................. 12-4
Figure 13-1 LAN to WAN Traffic................................................................................................................ 13-3
Figure 13-2 WAN to LAN Traffic................................................................................................................ 13-4
Figure 13-3 Firewall Rules Summary: First Screen..................................................................................... 13-5
Figure 13-4 Creating/Editing A Firewall Rule ........................................................................................... 13-10
Figure 13-5 Adding/Editing Source and Destination Addresses ................................................................ 13-12
Figure 13-6 Timeout................................................................................................................................... 13-13
Figure 14-1 Customized Services ................................................................................................................ 14-1
Figure 14-2 Creating/Editing A Customized Service ................................................................................... 14-2
Figure 14-3 Configure Source IP Example .................................................................................................. 14-4
Figure 14-4 Customized Service for MyService Example........................................................................... 14-4
Figure 14-5 Syslog Rule Configuration Example........................................................................................ 14-5
Figure 14-6 Rule Summary Example........................................................................................................... 14-6
Figure 15-1 Content Filter: Keyword........................................................................................................... 15-2
Figure 15-2 Content Filter: Schedule........................................................................................................... 15-3
Figure 15-3 Content Filter: Trusted.............................................................................................................. 15-4
Figure 16-1 Encryption and Decryption....................................................................................................... 16-2
Figure 16-2 VPN Application ...................................................................................................................... 16-3
Figure 16-3 IPSec Architecture.................................................................................................................... 16-4
Figure 16-4 Transport and Tunnel Mode IPSec Encapsulation.................................................................... 16-5
Figure 17-1 IPSec Summary Fields ............................................................................................................. 17-3
Figure 17-2 VPN Summary ......................................................................................................................... 17-4
Figure 17-3 VPN IKE .................................................................................................................................. 17-8
Figure 17-4 Two Phases to Set Up the IPSec SA....................................................................................... 17-13
Figure 17-5 VPN IKE: Advanced .............................................................................................................. 17-15
Figure 17-6 Manual Setup.......................................................................................................................... 17-19
Figure 17-7 SA Monitor............................................................................................................................. 17-23
Figure 17-8 Global Setting......................................................................................................................... 17-24
Figure 17-9 Telecommuters Sharing One VPN Rule Example.................................................................. 17-26
Figure 17-10 Telecommuters Using Unique VPN Rules Example ............................................................ 17-27
List of Figures xv
Prestige 652 Series User’s Guide
Figure 18-1 Telnet Configuration on a TCP/IP Network ..............................................................................18-2
Figure 18-2 Remote Management ................................................................................................................18-3
Figure 19-1 Configuring UPnP.....................................................................................................................19-2
Figure 20-1 Log Settings ..............................................................................................................................20-2
Figure 20-2 View Logs .................................................................................................................................20-4
Figure 20-3 E-mail Log Example .................................................................................................................20-6
Figure 21-1 System Status............................................................................................................................21-2
Figure 21-2 System Status: Show Statistics..................................................................................................21-4
Figure 21-3 DHCP Table ..............................................................................................................................21-6
Figure 21-4 Association List.........................................................................................................................21-7
Figure 21-5 Channel Usage Table.................................................................................................................21-8
Figure 21-6 Diagnostic General....................................................................................................................21-9
Figure 21-7 Diagnostic DSL Line...............................................................................................................21-10
Figure 21-8 Firmware Upgrade ..................................................................................................................21-12
Figure 21-9 Network Temporarily Disconnected........................................................................................21-13
Figure 21-10 Error Message .......................................................................................................................21-13
Figure 22-1 Login Screen .............................................................................................................................22-2
Figure 22-2 Prestige 652HW-31 SMT Menu Overview...............................................................................22-3
Figure 22-3 SMT Main Menu.......................................................................................................................22-5
Figure 22-4 Menu 23 System Password .......................................................................................................22-6
Figure 23-1 Menu 1 General Setup...............................................................................................................23-2
Figure 23-2 Menu 1.1 Configure Dynamic DNS..........................................................................................23-3
Figure 24-1 Menu 2 WAN Backup Setup .....................................................................................................24-2
Figure 24-2 Menu 2.1Traffic Redirect Setup................................................................................................24-3
Figure 24-3 Menu 2.2 Dial Backup Setup ....................................................................................................24-5
Figure 24-4 Menu 2.2.1 Advanced Dial Backup Setup ................................................................................24-6
Figure 24-5 Menu 11.1 Remote Node Profile (Backup ISP) ........................................................................24-8
Figure 24-6 Menu 11.2 Remote Node PPP Options ...................................................................................24-10
Figure 24-7 Menu 11.2 Remote Node PPP Options ...................................................................................24-11
Figure 24-8 Menu 11.3 Remote Node Network Layer Options.................................................................. 24-11
Figure 24-9 Menu 11.4 Remote Node Setup Script.................................................................................... 24-14
Figure 24-10 Menu 11.1 Remote Node Profile (Backup ISP) .................................................................... 24-15
Figure 24-11 Menu 11.5 Dial Backup Remote Node Filter ........................................................................24-15
Figure 25-1 Menu 3 LAN Setup...................................................................................................................25-1
Figure 25-2 Menu 3.1 LAN Port Filter Setup...............................................................................................25-1
Figure 25-3 Menu 3.2 TCP/IP and DHCP Ethernet Setup............................................................................25-2
Figure 26-1 Menu 3.5 - Wireless LAN Setup ...............................................................................................26-2
Figure 26-2 Menu 3.5.1 WLAN MAC Address Filtering .............................................................................26-4
Figure 27-1 Physical Network ......................................................................................................................27-2
Figure 27-2 Partitioned Logical Networks....................................................................................................27-2
Figure 27-3 Menu 3.2 TCP/IP and DHCP Setup ..........................................................................................27-3
xvi List of Figures
Prestige 652 Series User’s Guide
Figure 27-4 Menu 3.2.1 IP Alias Setup ........................................................................................................ 27-3
Figure 27-5 Menu 1 General Setup.............................................................................................................. 27-4
Figure 27-6 Menu 4 Internet Access Setup .................................................................................................. 27-5
Figure 28-1 Menu 11 Remote Node Setup................................................................................................... 28-2
Figure 28-2 Menu 11.1 Remote Node Profile.............................................................................................. 28-3
Figure 28-3 Menu 11.3 Remote Node Network Layer Options................................................................... 28-6
Figure 28-4 Sample IP Addresses for a TCP/IP LAN-to-LAN Connection................................................. 28-8
Figure 28-5 Menu 11.5 Remote Node Filter (RFC 1483 or ENET Encapsulation) ..................................... 28-9
Figure 28-6 Menu 11.5 Remote Node Filter (PPPoA or PPPoE Encapsulation).......................................... 28-9
Figure 28-7 Menu 11.6 for VC-based Multiplexing................................................................................... 28-10
Figure 28-8 Menu 11.6 for LLC-based Multiplexing or PPP Encapsulation ............................................. 28-10
Figure 28-9 Menu 11.1 Remote Node Profile.............................................................................................28-11
Figure 28-10 Menu 11.8 Advance Setup Options .......................................................................................28-11
Figure 29-1 Sample Static Routing Topology .............................................................................................. 29-1
Figure 29-2 Menu 12 Static Route Setup..................................................................................................... 29-2
Figure 29-3 Menu 12.1 IP Static Route Setup (P652H/HW)......................................................................... 29-2
Figure 29-4 Menu12.1.1 Edit IP Static Route.............................................................................................. 29-3
Figure 30-1 Menu 11.1 Remote Node Profile.............................................................................................. 30-2
Figure 30-2 Menu 11.3 Remote Node Network Layer Options................................................................... 30-2
Figure 30-3 Menu 12.3.1 Edit Bridge Static Route...................................................................................... 30-3
Figure 31-1 Menu 4 Applying NAT for Internet Access .............................................................................. 31-2
Figure 31-2 Menu 11.3 Applying NAT to the Remote Node ....................................................................... 31-3
Figure 31-3 Menu 15 NAT Setup................................................................................................................. 31-4
Figure 31-4 Menu 15.1 Address Mapping Sets............................................................................................ 31-4
Figure 31-5 Menu 15.1.255 SUA Address Mapping Rules.......................................................................... 31-5
Figure 31-6 Menu 15.1.1 First Set ............................................................................................................... 31-6
Figure 31-7 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set.............................................. 31-8
Figure 31-8 Menu 15.2 NAT Server Setup................................................................................................... 31-9
Figure 31-9 Menu 15.2.1 NAT Server Setup.............................................................................................. 31-10
Figure 31-10 Multiple Servers Behind NAT Example ................................................................................31-11
Figure 31-11 NAT Example 1 .................................................................................................................... 31-12
Figure 31-12 Menu 4 Internet Access & NAT Example ............................................................................ 31-12
Figure 31-13 NAT Example 2 .................................................................................................................... 31-13
Figure 31-14 Menu 15.2.1 Specifying an Inside Server............................................................................. 31-13
Figure 31-15 NAT Example 3 .................................................................................................................... 31-14
Figure 31-16 Example 3: Menu 11.3.......................................................................................................... 31-15
Figure 31-17 Example 3: Menu 15.1.1.1 ................................................................................................... 31-16
Figure 31-18 Example 3: Final Menu 15.1.1 ............................................................................................. 31-16
Figure 31-19 NAT Example 4 .................................................................................................................... 31-17
Figure 31-20 Example 4: Menu 15.1.1.1 Address Mapping Rule.............................................................. 31-18
Figure 31-21 Example 4: Menu 15.1.1 Address Mapping Rules ............................................................... 31-18
List of Figures xvii
Prestige 652 Series User’s Guide
Figure 32-1 Menu 21.2 Firewall Setup.........................................................................................................32-2
Figure 33-1 Outgoing Packet Filtering Process ............................................................................................33-2
Figure 33-2 Filter Rule Process ....................................................................................................................33-3
Figure 33-3 Menu 21 Filter Set Configuration (P652H/HW).......................................................................33-4
Figure 33-4 NetBIOS_WAN Filter Rules Summary (P652H/HW) ..............................................................33-5
Figure 33-5 NetBIOS_LAN Filter Rules Summary (P652H/HW).................................................................33-5
Figure 33-6 IGMP Filter Rules Summary (P652H/HW) .................................................................................33-5
Figure 33-7 Menu 21 Filter Set Configuration (P652)..................................................................................33-6
Figure 33-8 PPPoE Filter Rules Summary (P652)........................................................................................33-7
Figure 33-9 TEL_FTP_WEB_SNM Filter Rules Summary (P652) .............................................................33-7
Figure 33-10 Menu 21.1.x.1 TCP/IP Filter Rule...........................................................................................33-9
Figure 33-11 Executing an IP Filter............................................................................................................33-12
Figure 33-12 Menu 21.1.5.1 Generic Filter Rule .......................................................................................33-13
Figure 33-13 Protocol and Device Filter Sets.............................................................................................33-15
Figure 33-14 Sample Telnet Filter ..............................................................................................................33-16
Figure 33-15 Menu 21.1.6.1 Sample Filter.................................................................................................33-17
Figure 33-16 Menu 21.1.6.1 Sample Filter Rules Summary ......................................................................33-18
Figure 33-17 Filtering Ethernet Traffic.......................................................................................................33-19
Figure 33-18 Filtering Remote Node Traffic ..............................................................................................33-20
Figure 34-1 SNMP Management Model.......................................................................................................34-1
Figure 34-2 Menu 22 SNMP Configuration .................................................................................................34-3
Figure 35-1 Menu 23 System Security .........................................................................................................35-1
Figure 35-2 Menu 23 System Security .........................................................................................................35-1
Figure 35-3 Menu 23.2 System Security : RADIUS Server.........................................................................35-2
Figure 35-4 Menu 23 System Security .........................................................................................................35-3
Figure 35-5 Menu 23.4 System Security : IEEE802.1x................................................................................35-4
Figure 35-6 Menu 14 Dial-in User Setup......................................................................................................35-6
Figure 35-7 Menu 14.1 Edit Dial-in User.....................................................................................................35-6
Figure 36-1 Menu 24 System Maintenance..................................................................................................36-1
Figure 36-2 Menu 24.1 System Maintenance : Status ..................................................................................36-2
Figure 36-3 Menu 24.2 System Information and Console Port Speed..........................................................36-3
Figure 36-4 Menu 24.2.1 System Maintenance : Information ......................................................................36-4
Figure 36-5 Menu 24.2.2 System Maintenance : Change Console Port Speed.............................................36-5
Figure 36-6 Menu 24.3 System Maintenance : Log and Trace.....................................................................36-5
Figure 36-7 Sample Error and Information Messages..................................................................................36-6
Figure 36-8 Menu 24.3.2 System Maintenance : Syslog and Accounting ....................................................36-6
Figure 36-9 Menu 24.4 System Maintenance : Diagnostic...........................................................................36-8
Figure 37-1 Telnet in Menu 24.5 ..................................................................................................................37-3
Figure 37-2 FTP Session Example................................................................................................................37-4
Figure 37-3 Menu 24.5 System Maintenance : Backup Configuration.........................................................37-6
Figure 37-4 Menu 24.5 System Maintenance : Starting Xmodem Download Screen ..................................37-6
xviii List of Figures
Prestige 652 Series User’s Guide
Figure 37-5 Backup Configuration Example ............................................................................................... 37-7
Figure 37-6 Successful Backup Confirmation Screen.................................................................................. 37-7
Figure 37-7 Telnet into Menu 24.6............................................................................................................... 37-8
Figure 37-8 Restore Using FTP Session Example ....................................................................................... 37-9
Figure 37-9 System Maintenance : Restore Configuration..........................................................................37-9
Figure 37-10 System Maintenance : Starting Xmodem Download Screen.................................................. 37-9
Figure 37-11 Restore Configuration Example ........................................................................................... 37-10
Figure 37-12 Successful Restoration Confirmation Screen ....................................................................... 37-10
Figure 37-13 Telnet Into Menu 24.7.1 Upload System Firmware...............................................................37-11
Figure 37-14 Telnet Into Menu 24.7.2 System Maintenance ......................................................................37-11
Figure 37-15 FTP Session Example of Firmware File Upload .................................................................. 37-12
Figure 37-16 Menu 24.7.1 as seen using the Console Port ........................................................................ 37-14
Figure 37-17 Example Xmodem Upload ................................................................................................... 37-14
Figure 37-18 Menu 24.7.2 as seen using the Console Port ........................................................................ 37-15
Figure 37-19 Example Xmodem Upload ................................................................................................... 37-16
Figure 38-1 Command Mode in Menu 24.................................................................................................... 38-1
Figure 38-2 Valid Commands ...................................................................................................................... 38-2
Figure 38-3 Menu 24.9 System Maintenance : Call Control........................................................................ 38-2
Figure 38-4 Menu 24.9.1 System Maintenance : Budget Management ....................................................... 38-3
Figure 38-5 Menu 24 System Maintenance ................................................................................................. 38-4
Figure 38-6 Menu 24.10 System Maintenance: Time and Date Setting....................................................... 38-4
Figure 39-1 Menu 24.11 Remote Management Control............................................................................... 39-2
Figure 40-1 Menu 25 IP Routing Policy Setup ............................................................................................ 40-2
Figure 40-2 Menu 25.1 IP Routing Policy Setup ......................................................................................... 40-3
Figure 40-3 Menu 25.1.1 IP Routing Policy ................................................................................................ 40-4
Figure 40-4 Menu 3.2 TCP/IP and DHCP Ethernet Setup ........................................................................... 40-6
Figure 40-5 Menu 11.3 Remote Node Network Layer Options................................................................... 40-6
Figure 40-6 Example of IP Policy Routing .................................................................................................. 40-7
Figure 40-7 IP Routing Policy Example ...................................................................................................... 40-8
Figure 40-8 IP Routing Policy Example ...................................................................................................... 40-9
Figure 40-9 Applying IP Policies Example .................................................................................................. 40-9
Figure 41-1 Menu 26 Schedule Setup.......................................................................................................... 41-1
Figure 41-2 Menu 26.1 Schedule Set Setup................................................................................................. 41-2
Figure 41-3 Applying Schedule Set(s) to a Remote Node (PPPoE)............................................................. 41-4
Figure 41-1 VPN SMT Menu Tree............................................................................................................... 42-1
Figure 41-2 Menu 27 VPN/IPSec Setup ...................................................................................................... 42-2
Figure 41-3 Menu 27.1 IPSec Summary...................................................................................................... 42-2
Figure 41-4 Menu 27.1.1 IPSec Setup ......................................................................................................... 42-6
Figure 41-5 Menu 27.1.1.1 IKE Setup ............................................................................................................42-11
Figure 41-6 Menu 27.1.1.2 Manual Setup ................................................................................................. 42-14
Figure 42-1 Menu 27.2 SA Monitor............................................................................................................. 43-1
List of Figures xix
Prestige 652 Series User’s Guide
Figure 43-1 Configuration Text File Format: Column Descriptions............................................................. 44-2
Figure 43-2 Invalid Parameter Entered: Command Line Example...............................................................44-3
Figure 43-3 Valid Parameter Entered: Command Line Example..................................................................44-3
Figure 43-4 Internal SPTGEN FTP Download Example.............................................................................. 44-3
Figure 43-5 Internal SPTGEN FTP Upload Example...................................................................................44-4
xx List of Figures
Prestige 652 Series User’s Guide
List of Tables
Table 3-1 Wizard Screen 1 ............................................................................................................................. 3-3
Table 3-2 Internet Connection with PPPoE.................................................................................................... 3-7
Table 3-3 Internet Connection with RFC 1483 .............................................................................................. 3-8
Table 3-4 Internet Connection with ENET ENCAP....................................................................................... 3-9
Table 3-5 Internet Connection with PPPoA ..................................................................................................3-11
Table 3-6 Wizard : LAN Configuration ....................................................................................................... 3-13
Table 4-1 Password ........................................................................................................................................ 4-1
Table 5-1 LAN ............................................................................................................................................... 5-4
Table 6-1 Wireless.......................................................................................................................................... 6-5
Table 6-2 MAC Address Filter....................................................................................................................... 6-8
Table 6-3 802.1x ...........................................................................................................................................6-11
Table 6-4 Local User Database .................................................................................................................... 6-14
Table 6-5 RADIUS....................................................................................................................................... 6-15
Table 7-1 WAN Setup ...................................................................................................................................... 7-5
Table 7-2 WAN Backup ................................................................................................................................. 7-10
Table 7-3 Advanced WAN Backup ............................................................................................................... 7-14
Table 7-4 Advanced Modem Setup .............................................................................................................. 7-18
Table 8-1 NAT Definitions............................................................................................................................. 8-1
Table 8-2 NAT Mapping Types...................................................................................................................... 8-5
Table 8-3 Services and Port Numbers............................................................................................................ 8-7
Table 8-4 NAT Mode ..................................................................................................................................... 8-9
Table 8-5 Edit SUA/NAT Server Set............................................................................................................ 8-10
Table 8-6 Address Mapping Rules ............................................................................................................... 8-12
Table 8-7 Address Mapping Rule Edit ......................................................................................................... 8-13
Table 9-1 DDNS............................................................................................................................................. 9-2
Table 10-1 Time/Date................................................................................................................................... 10-2
Table 11-1 Common IP Ports ........................................................................................................................11-4
Table 11-2 ICMP Commands That Trigger Alerts.........................................................................................11-6
Table 11-3 Legal NetBIOS Commands.........................................................................................................11-7
Table 11-4 Legal SMTP Commands .............................................................................................................11-7
Table 12-1 Attack Alert ................................................................................................................................ 12-4
Table 13-1 Firewall Rules Summary: First Screen....................................................................................... 13-5
Table 13-2 Predefined Services.................................................................................................................... 13-7
Table 13-3 Creating/Editing A Firewall Rule............................................................................................. 13-10
Table 13-4 Adding/Editing Source and Destination Addresses.................................................................. 13-12
Table 13-5 Timeout .................................................................................................................................... 13-13
Table 14-1 Customized Services.................................................................................................................. 14-2
Table 14-2 Creating/Editing A Customized Service..................................................................................... 14-3
List of Tables xxi
Prestige 652 Series User’s Guide
Table 15-1 Content Filter: Keyword.............................................................................................................15-2
Table 15-2 Content Filter: Schedule .............................................................................................................15-4
Table 15-3 Content Filter: Trusted................................................................................................................15-4
Table 16-1 VPN and NAT............................................................................................................................. 16-6
Table 17-1 AH and ESP................................................................................................................................17-2
Table 17-2 VPN Summary............................................................................................................................17-4
Table 17-3 Local ID Type and Content Fields ..............................................................................................17-6
Table 17-4 Peer ID Type and Content Fields ................................................................................................17-6
Table 17-5 Matching ID Type and Content Configuration Example ............................................................17-6
Table 17-6 Mismatching ID Type and Content Configuration Example.......................................................17-7
Table 17-7 VPN IKE.....................................................................................................................................17-9
Table 17-8 VPN IKE: Advanced.................................................................................................................17-15
Table 17-9 VPN Manual Setup...................................................................................................................17-19
Table 17-10 SA Monitor .............................................................................................................................17-23
Table 17-11 Global Setting.........................................................................................................................17-24
Table 17-12 Telecommuter and Headquarters Configuration Example ......................................................17-25
Table 18-1 Remote Management..................................................................................................................18-3
Table 19-1 Configuring UPnP ......................................................................................................................19-2
Table 20-1 Log Settings................................................................................................................................20-3
Table 20-2 View Logs...................................................................................................................................20-4
Table 20-3 SMTP Error Messages ................................................................................................................ 20-5
Table 21-1 System Status..............................................................................................................................21-2
Table 21-2 System Status: Show Statistics ...................................................................................................21-4
Table 21-3 DHCP Table................................................................................................................................21-6
Table 21-4 Association List ..........................................................................................................................21-7
Table 21-5 Channel Usage Table ..................................................................................................................21-8
Table 21-6 Diagnostic General .....................................................................................................................21-9
Table 21-7 Diagnostic DSL Line ................................................................................................................21-10
Table 21-8 Firmware Upgrade....................................................................................................................21-12
Table 22-1 Main Menu Commands ..............................................................................................................22-4
Table 22-2 Main Menu Summary.................................................................................................................22-5
Table 23-1 Menu 1 General Setup ................................................................................................................23-2
Table 23-2 Menu 1.1 Configure Dynamic DNS ...........................................................................................23-3
Table 24-1 Menu 2 WAN Backup Setup....................................................................................................... 24-2
Table 24-2 Menu 2.1Traffic Redirect Setup..................................................................................................24-4
Table 24-3 Menu 2.2 Dial Backup Setup......................................................................................................24-5
Table 24-4 Menu 2.2.1 Advanced Dial Backup Setup: AT Commands Fields..............................................24-6
Table 24-5 Menu 2.2.1 Advanced Dial Backup Setup: Call Control Parameters..........................................24-7
Table 24-6 Menu 11.1 Remote Node Profile (Backup ISP)..........................................................................24-8
Table 24-7 Menu 11.3 Remote Node Network Layer Options ...................................................................24-11
Table 24-8 Menu 11.4 Remote Node Setup Script......................................................................................24-14
xxii List of Tables
Prestige 652 Series User’s Guide
Table 25-1 DHCP Ethernet Setup Menu Fields............................................................................................ 25-3
Table 25-2 TCP/IP Ethernet Setup Menu Fields .......................................................................................... 25-3
Table 26-1 Menu 3.5 - Wireless LAN Setup................................................................................................ 26-2
Table 26-2 Menu 3.5.1 WLAN MAC Address Filtering.............................................................................. 26-4
Table 27-1 Menu 3.2.1 IP Alias Setup.......................................................................................................... 27-4
Table 27-2 Menu 4 Internet Access Setup.................................................................................................... 27-5
Table 28-1 Menu 11.1 Remote Node Profile................................................................................................ 28-3
Table 28-2 Menu 11.3 Remote Node Network Layer Options..................................................................... 28-6
Table 28-3 Menu 11.8 Advance Setup Options .......................................................................................... 28-12
Table 29-1 Menu12.1.1 Edit IP Static Route................................................................................................ 29-3
Table 30-1 Remote Node Network Layer Options : Bridge Fields.............................................................. 30-3
Table 30-2 Menu 12.3.1 Edit Bridge Static Route ....................................................................................... 30-3
Table 31-1 Applying NAT in Menus 4 & 11.3 ............................................................................................. 31-3
Table 31-2 SUA Address Mapping Rules .................................................................................................... 31-5
Table 31-3 Menu 15.1.1 First Set................................................................................................................. 31-7
Table 31-4 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set................................................ 31-8
Table 33-1 Abbreviations Used in the Filter Rules Summary Menu............................................................ 33-7
Table 33-2 Rule Abbreviations Used ........................................................................................................... 33-8
Table 33-3 Menu 21.1.x.1 TCP/IP Filter Rule ........................................................................................... 33-10
Table 33-4 Menu 21.1.5.1 Generic Filter Rule........................................................................................... 33-14
Table 33-5 Filter Sets Table ....................................................................................................................... 33-19
Table 34-1 Menu 22 SNMP Configuration .................................................................................................. 34-3
Table 34-2 SNMP Traps............................................................................................................................... 34-4
Table 34-3 Ports and Permanent Virtual Circuits......................................................................................... 34-4
Table 35-1 Menu 23.2 System Security : RADIUS Server.......................................................................... 35-2
Table 35-2 Menu 23.4 System Security : IEEE802.1x................................................................................. 35-4
Table 35-3 Menu 14.1 Edit Dial-in User...................................................................................................... 35-6
Table 36-1 Menu 24.1 System Maintenance : Status ................................................................................... 36-2
Table 36-2 Menu 24.2.1 System Maintenance : Information....................................................................... 36-4
Table 36-3 Menu 24.3.2 System Maintenance : Syslog and Accounting..................................................... 36-7
Table 36-4 Menu 24.4 System Maintenance Menu : Diagnostic ................................................................. 36-9
Table 37-1 Filename Conventions................................................................................................................ 37-2
Table 37-2 General Commands for GUI-based FTP Clients........................................................................ 37-4
Table 37-3 General Commands for GUI-based TFTP Clients ..................................................................... 37-6
Table 38-1 Menu 24.9.1 System Maintenance : Budget Management......................................................... 38-3
Table 38-2 Menu 24.10 System Maintenance: Time and Date Setting ........................................................ 38-5
Table 39-1 Menu 24.11 Remote Management Control ................................................................................ 39-2
Table 40-1 Menu 25.1 IP Routing Policy Setup........................................................................................... 40-3
Table 40-2 Menu 25.1.1 IP Routing Policy.................................................................................................. 40-4
Table 41-1 Menu 26.1 Schedule Set Setup................................................................................................... 41-2
Table 41-1 Menu 27.1 IPSec Summary ....................................................................................................... 42-3
List of Tables xxiii
Prestige 652 Series User’s Guide
Table 41-2 Menu 27.1.1 IPSec Setup............................................................................................................42-6
Table 41-3 Menu 27.1.1.1 IKE Setup .............................................................................................................42-12
Table 41-4 Active Protocol: Encapsulation and Security Protocol .............................................................42-13
Table 41-5 Menu 27.1.1.2 Manual Setup....................................................................................................42-14
Table 42-1 Menu 27.2 SA Monitor ............................................................................................................... 43-2
xxiv List of Tables
Prestige 652 Series User’s Guide
List of Charts
Chart A-1 Troubleshooting the Start-Up of Your Prestige .............................................................................A-1
Chart A-2 Troubleshooting the LAN LED.....................................................................................................A-1
Chart A-3 Troubleshooting the DSL LED......................................................................................................A-2
Chart A-4 Troubleshooting the LAN Interface...............................................................................................A-2
Chart A-5 Troubleshooting the WAN Interface..............................................................................................A-3
Chart A-6 Troubleshooting Internet Access ...................................................................................................A-3
Chart A-7 Troubleshooting the Password.......................................................................................................A-4
Chart A-8 Troubleshooting the Web Configurator .........................................................................................A-4
Chart A-9 Troubleshooting Remote Management..........................................................................................A-5
Chart B-1 Classes of IP Addresses................................................................................................................. B-1
Chart B-2 Allowed IP Address Range By Class.............................................................................................B-2
Chart B-3 “Natural” Masks............................................................................................................................ B-2
Chart B-4 Alternative Subnet Mask Notation ................................................................................................B-3
Chart B-5 Subnet 1.........................................................................................................................................B-4
Chart B-6 Subnet 2.........................................................................................................................................B-4
Chart B-7 Subnet 1.........................................................................................................................................B-5
Chart B-8 Subnet 2.........................................................................................................................................B-5
Chart B-9 Subnet 3.........................................................................................................................................B-5
Chart B-10 Subnet 4.......................................................................................................................................B-6
Chart B-11 Eight Subnets...............................................................................................................................B-6
Chart B-12 Class C Subnet Planning .............................................................................................................B-7
Chart B-13 Class B Subnet Planning .............................................................................................................B-7
Chart J-1 System Maintenance Logs...............................................................................................................J-1
Chart J-2 UPnP Logs.......................................................................................................................................J-2
Chart J-3 Content Filtering Logs.....................................................................................................................J-2
Chart J-4 Attack Logs .....................................................................................................................................J-3
Chart J-5 Access Logs..................................................................................................................................... J-4
Chart J-6 TCP Reset Logs............................................................................................................................... J-5
Chart J-7 ICMP Notes..................................................................................................................................... J-5
Chart J-8 Sample IKE Key Exchange Logs....................................................................................................J-8
Chart J-9 Sample IPSec Logs During Packet Transmission..........................................................................J-10
Chart J-10 RFC-2408 ISAKMP Payload Types ............................................................................................ J-11
Lists of Charts xxv
Prestige 652 Series User’s Guide
Preface
Congratulations on your purchase of the Prestige 652 ADSL Security Router or the Prestige 652H or
652HW ADSL Security/Wireless LAN Router.
Don’t forget to register your Prestige online at www.zyxel.com for free future
product updates and information.
The Prestige 652H/HW has a PCMCIA wireless card slot for an 802.11b wireless LAN card that
provides wireless LAN connection without the expense of additional network cabling infrastructure.
Your Prestige is easy to install and configure.
About This User's Guide
This manual is designed to guide you through the configuration of your Prestige for its various applications.
The web configurator parts of this guide contain background information on features configurable by web
configurator. The SMT parts of this guide contain background information on features not configurable by
web configurator.
Use the web configurator, System Management Terminal (SMT) or command
interpreter interface to configure your Prestige. Not all features can be configured
through all interfaces.
Related Documentation
Supporting Disk
Refer to the included CD for support documents.
Compact Guide or Read Me First
The Compact Guide or Read Me First is designed to help you get up and running right away. They
contain connection information and instructions on getting started.
Web Configurator Online Help
Embedded web help for descriptions of individual screens and supplementary information.
ZyXEL Glossary and Web Site
Please refer to www.zyxel.com
documentation.
User Guide Feedback
Help us help you! E-mail all User Guide-related comments, questions or suggestions for improvement to
techwriters@zyxel.com.tw or send regular mail to The Technical Writing Team, ZyXEL Communications
Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you!
xxvi Preface
for an online glossary of networking terms and additional support
Prestige 652 Series User’s Guide
Syntax Conventions
• “Enter” means for you to type one or more characters. “Select” or “Choose” means for you to use one
predefined choices.
• The SMT menu titles and labels are in Bold Times New Roman font. Predefined field choices are in
Bold Arial font. Command and arrow keys are enclosed in square brackets. [ENTER] means the
Enter, or carriage return key; [ESC] means the Escape key and [SPACE BAR] means the Space Bar.
• Mouse action sequences are denoted using a comma. For example, “click the Apple icon, Control
Panels and then Modem” means first click the Apple icon, then point your mouse pointer to Control
Panels and then click Modem.
• For brevity’s sake, we will use “e.g.,” as a shorthand for “for instance”, and “i.e.,” for “that is” or “in
other words” throughout this manual.
• The Prestige 652 series may be referred to as the Prestige in this user’s guide. This refers to both
models (ADSL over POTS and ADSL over ISDN) unless specifically identified.
• The Prestige models with wireless features will be referred to as the Prestige 652H/HW or the simply
the Prestige.
The following section offers some background information on DSL. Skip to
Chapter 1 if you wish to begin working with your router right away.
Preface xxvii
Prestige 652 Series User’s Guide
What is DSL?
DSL (Digital Subscriber Line) technology enhances the data capacity of the existing twisted-pair wire that
runs between the local telephone company switching offices and most homes and offices. While the wire
itself can handle higher frequencies, the telephone switching equipment is designed to cut off signals above
4,000 Hz to filter noise off the voice line, but now everybody is searching for ways to get more bandwidth to
improve access to the Web - hence DSL technologies.
There are actually seven types of DSL service, ranging in speeds from 16 Kbits/sec to 52 Mbits/sec. The
services are either symmetrical (traffic flows at the same speed in both directions), or asymmetrical (the
downstream capacity is higher than the upstream capacity). Asymmetrical services (ADSL) are suitable for
Internet users because more information is usually downloaded than uploaded. For example, a simple button
click in a web browser can start an extended download that includes graphics and text.
As data rates increase, the carrying distance decreases. That means that users who are beyond a certain
distance from the telephone company’s central office may not be able to obtain the higher speeds.
A DSL connection is a point-to-point dedicated circuit, meaning that the link is always up and there is no
dialing required.
What is ADSL?
It is an asymmetrical technology, meaning that the downstream data rate is much higher than the upstream
data rate. As mentioned, this works well for a typical Internet session in which more information is
downloaded, for example, from Web servers, than is uploaded. ADSL operates in a frequency range that is
above the frequency range of voice services, so the two systems can operate over the same cable.
xxviii What is DSL?
Getting Started
Part I:
Getting Started
This part is structured as a step-by-step guide to help you access your Prestige. It covers key
features and applications, accessing the web configurator and configuring the wizard screens for
initial setup.
I
Loading...