ZyXEL Prestige 661H, Prestige 661HW User Manual
Prestige 661H Series
ADSL 2+ Security Gateway
Prestige 661HW Series
802.11g Wireless ADSL 2+ Gateway
User’s Guide
Version 3.40
12/2005
Prestige 661H/HW Series User’s Guide
Copyright
Copyright © 2005 by ZyXEL Communications Corporation.
The contents of this publication may not be reproduced in any part or as a whole, transcribed,
stored in a retrieval system, translated into any language, or transmitted in any form or by any
means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or
otherwise, without the prior written permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or
software described herein. Neither does it convey any license under its patent rights nor the
patent rights of others. ZyXEL further reserves the right to make changes in any products
described herein without notice. This publication is subject to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL
Communications, Inc. Other trademarks mentioned in this publication are used for
identification purposes only and may be properties of their respective owners.
Copyright 2
Prestige 661H/HW Series User’s Guide
Federal Communications
Commission (FCC) Interference
Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two
conditions:
• This device may not cause harmful interference.
• This device must accept any interference received, including interference that may cause
undesired operations.
This equipment has been tested and found to comply with the limits for a Class B digital
device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable
protection against harmful interference in a commercial environment. This equipment
generates, uses, and can radiate radio frequency energy, and if not installed and used in
accordance with the instructions, may cause harmful interference to radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be
determined by turning the equipment off and on, the user is encouraged to try to correct the
interference by one or more of the following measures:
• Reorient or relocate the receiving antenna.
• Increase the separation between the equipment and the receiver.
• Connect the equipment into an outlet on a circuit different from that to which the receiver
is connected.
• Consult the dealer or an experienced radio/TV technician for help.
Notice 1
Changes or modifications not expressly approved by the party responsible for compliance
could void the user's authority to operate the equipment.
This Class B digital apparatus complies with Canadian ICES-003.
Cet appareil numérique de la classe B est conforme à la norme NMB-003 du Canada.
Certifications
Go to www.zyxel.com
1 Select your product from the drop-down list box on the ZyXEL home page to go to that
product's page.
2 Select the certification you wish to view from this page.
3 Federal Communications Commission (FCC) Interference Statement
Prestige 661H/HW Series User’s Guide
Safety Warnings
For your safety, be sure to read and follow all warning notices and instructions.
• To reduce the risk of fire, use only No. 26 AWG (American Wire Gauge) or larger
telecommunication line cord.
• Do NOT open the device or unit. Opening or removing covers can expose you to
dangerous high voltage points or other risks. ONLY qualified service personnel can
service the device. Please contact your vendor for further information.
• Use ONLY the dedicated power supply for your device. Connect the power cord or
power adaptor to the right supply voltage (110V AC in North America or 230V AC in
Europe).
• Do NOT use the device if the power supply is damaged as it might cause electrocution.
• If the power supply is damaged, remove it from the power outlet.
• Do NOT attempt to repair the power supply. Contact your local vendor to order a new
power supply.
• Place connecting cables carefully so that no one will step on them or stumble over them.
Do NOT allow anything to rest on the power cord and do NOT locate the product where
anyone can walk on the power cord.
• If you wall mount your device, make sure that no electrical, gas or water pipes will be
damaged.
• Do NOT install nor use your device during a thunderstorm. There may be a remote risk of
electric shock from lightning.
• Do NOT expose your device to dampness, dust or corrosive liquids.
• Do NOT use this product near water, for example, in a wet basement or near a swimming
pool.
• Make sure to connect the cables to the correct ports.
• Do NOT obstruct the device ventilation slots, as insufficient airflow may harm your
device.
• Do NOT store things on the device.
• Connect ONLY suitable accessories to the device.
Safety Warnings 4
Prestige 661H/HW Series User’s Guide
ZyXEL Limited Warranty
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects
in materials or workmanship for a period of up to two years from the date of purchase. During
the warranty period, and upon proof of purchase, should the product have indications of failure
due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the
defective products or components without charge for either parts or labor, and to whatever
extent it shall deem necessary to restore the product or components to proper operating
condition. Any replacement will consist of a new or re-manufactured functionally equivalent
product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not
apply if the product is modified, misused, tampered with, damaged by an act of God, or
subjected to abnormal working conditions.
Note
Repair or replacement, as provided under this warranty, is the exclusive remedy of the
purchaser. This warranty is in lieu of all other warranties, express or implied, including any
implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in
no event be held liable for indirect or consequential damages of any kind of character to the
purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return
Material Authorization number (RMA). Products must be returned Postage Prepaid. It is
recommended that the unit be insured when shipped. Any returned products without proof of
purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of
ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products
will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty
gives you specific legal rights, and you may also have other rights that vary from country to
country.
Registration
Register your product online to receive e-mail notices of firmware upgrades and information
at www.zyxel.com
for global products, or at www.us.zyxel.com for North American products.
5 ZyXEL Limited Warranty
Prestige 661H/HW Series User’s Guide
Customer Support
Please have the following information ready when you contact customer support.
• Product model and serial number.
• Warranty Information.
• Date that you received your device.
• Brief description of the problem and the steps you took to solve it.
METHOD
LOCATION
CORPORATE
HEADQUARTERS
(WORLDWIDE)
CZECH REPUBLIC
DENMARK
FINLAND
FRANCE
GERMANY
HUNGARY
KAZAKHSTAN
NORTH AMERICA
NORWAY
SUPPORT E-MAIL TELEPHONE
SALES E-MAIL FAX FTP SITE
support@zyxel.com.tw +886-3-578-3942 www.zyxel.com
sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.com
info@cz.zyxel.com +420-241-091-350 www.zyxel.cz ZyXEL Communications
info@cz.zyxel.com +420-241-091-359
support@zyxel.dk +45-39-55-07-00 www.zyxel.dk ZyXEL Communications A/S
sales@zyxel.dk +45-39-55-07-07
support@zyxel.fi +358-9-4780-8411 www.zyxel.fi ZyXEL Communications Oy
sales@zyxel.fi +358-9-4780 8448
info@zyxel.fr +33-4-72-52-97-97 www.zyxel.fr ZyXEL France
+33-4-72-52-19-20
support@zyxel.de +49-2405-6909-0 www.zyxel.de ZyXEL Deutschland GmbH.
sales@zyxel.de +49-2405-6909-99
support@zyxel.hu +36-1-3361649 www.zyxel.hu ZyXEL Hungary
info@zyxel.hu +36-1-3259100
http://zyxel.kz/support +7-3272-590-698 www.zyxel.kz ZyXEL Kazakhstan
sales@zyxel.kz +7-3272-590-689
support@zyxel.com 1-800-255-4101
+1-714-632-0882
sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com
support@zyxel.no +47-22-80-61-80 www.zyxel.no ZyXEL Communications A/S
sales@zyxel.no +47-22-80-61-81
A
WEB SITE
www.europe.zyxel.com
ftp.europe.zyxel.com
www.us.zyxel.com ZyXEL Communications Inc.
REGULAR MAIL
ZyXEL Communications Corp.
6 Innovation Road II
Science Park
Hsinchu 300
Ta iw a n
Czech s.r.o.
Modranská 621
143 01 Praha 4 - Modrany
Ceská Republika
Columbusvej
2860 Soeborg
Denmark
Malminkaari 10
00700 Helsinki
Finland
1 rue des Vergers
Bat. 1 / C
69760 Limonest
France
Adenauerstr. 20/A2 D-52146
Wuerselen
Germany
48, Zoldlomb Str.
H-1025, Budapest
Hungary
43, Dostyk ave.,Office 414
Dostyk Business Centre
050010, Almaty
Republic of Kazakhstan
1130 N. Miller St.
Anaheim
CA 92806-2001
U.S.A.
Nils Hansens vei 13
0667 Oslo
Norway
Customer Support 6
Prestige 661H/HW Series User’s Guide
METHOD
LOCATION
POLAND
RUSSIA
SPAIN
SWEDEN
UKRAINE
UNITED KINGDOM
a. “+” is the (prefix) number you enter to make an international telephone call.
SUPPORT E-MAIL TELEPHONE
SALES E-MAIL FAX FTP SITE
info@pl.zyxel.com +48-22-5286603 www.pl.zyxel.com ZyXEL Communications
+48-22-5206701
http://zyxel.ru/support +7-095-542-89-29 www.zyxel.ru ZyXEL Russia
sales@zyxel.ru +7-095-542-89-25
support@zyxel.es +34-902-195-420 www.zyxel.es ZyXEL Communications
sales@zyxel.es +34-913-005-345
support@zyxel.se +46-31-744-7700 www.zyxel.se ZyXEL Communications A/S
sales@zyxel.se +46-31-744-7701
support@ua.zyxel.com +380-44-247-69-78 www.ua.zyxel.com ZyXEL Ukraine
sales@ua.zyxel.com +380-44-494-49-32
support@zyxel.co.uk +44-1344 303044
08707 555779 (UK only)
sales@zyxel.co.uk +44-1344 303034 ftp.zyxel.co.uk
A
WEB SITE
REGULAR MAIL
ul.Emilli Plater 53
00-113 Warszawa
Poland
Ostrovityanova 37a Str.
Moscow, 117279
Russia
Alejandro Villegas 33
1º, 28043 Madrid
Spain
Sjöporten 4, 41764 Göteborg
Sweden
13, Pimonenko Str.
Kiev, 04050
Ukraine
www.zyxel.co.uk ZyXEL Communications UK
Ltd.,11 The Courtyard,
Eastern Road, Bracknell,
Berkshire, RG12 2XB,
United Kingdom (UK)
7 Customer Support
Prestige 661H/HW Series User’s Guide
Table of Contents
Copyright ..................................................................................................................2
Federal Communications Commission (FCC) Interference Statement ............... 3
Safety Warnings ....................................................................................................... 4
ZyXEL Limited Warranty.......................................................................................... 5
Customer Support.................................................................................................... 6
Table of Contents ..................................................................................................... 8
List of Figures ........................................................................................................ 24
List of Tables .......................................................................................................... 32
Preface ....................................................................................................................38
Introduction to DSL................................................................................................ 40
Chapter 1
Getting To Know Your Prestige............................................................................. 42
1.1 Introducing the Prestige .....................................................................................42
1.1.1 Features of the Prestige ...........................................................................43
1.1.1.1 P-661HW Wireless Features ...........................................................46
1.1.2 Applications for the Prestige .....................................................................47
1.1.2.1 Protected Internet Access ...............................................................47
1.1.2.2 LAN to LAN Application ...................................................................48
1.1.3 Front Panel LEDs .....................................................................................49
Chapter 2
Introducing the Web Configurator........................................................................ 52
2.1 Web Configurator Overview ...............................................................................52
2.1.1 Accessing the Prestige Web Configurator ................................................52
2.1.2 Resetting the Prestige ..............................................................................53
2.1.2.1 Using the Reset Button ...................................................................53
2.1.3 Navigating the Prestige Web Configurator ...............................................54
Chapter 3
Wizard Setup for Internet Access......................................................................... 58
3.1 Introduction ........................................................................................................58
3.1.1 Internet Access Wizard Setup ..................................................................58
Table of Contents 8
Prestige 661H/HW Series User’s Guide
Chapter 4
Wizard Setup for Media Bandwidth Management ............................................... 68
4.1 Introduction ........................................................................................................68
4.1.1 Predefined Media Bandwidth Management Services ...............................68
4.2 Media Bandwidth Management Setup ...............................................................69
Chapter 5
LAN Setup............................................................................................................... 72
5.1 LAN Overview ....................................................................................................72
5.1.1 LANs, WANs and the Prestige ..................................................................72
5.1.2 DHCP Setup .............................................................................................72
5.1.2.1 IP Pool Setup ..................................................................................73
5.1.3 DNS Server Address ................................................................................73
5.1.4 DNS Server Address Assignment .............................................................73
5.2 LAN TCP/IP ........................................................................................................74
5.2.1 IP Address and Subnet Mask ...................................................................74
5.2.1.1 Private IP Addresses .......................................................................74
5.2.2 RIP Setup .................................................................................................75
5.2.3 Multicast ....................................................................................................75
5.2.4 Any IP .......................................................................................................76
5.2.4.1 How Any IP Works ..........................................................................77
5.2.5 Configuring LAN .......................................................................................77
5.3 Configuring Static DHCP ....................................................................................79
Chapter 6
Wireless LAN (Prestige 661HW)............................................................................ 82
6.1 Introduction ........................................................................................................82
6.2 Wireless Security Overview ...............................................................................82
6.2.1 Encryption .................................................................................................82
6.2.2 Authentication ...........................................................................................82
6.2.3 Restricted Access .....................................................................................83
6.2.4 Hide Prestige Identity ................................................................................83
6.2.5 Configuring Wireless LAN on the Prestige ...............................................83
6.3 Configuring the Wireless Screen ........................................................................84
6.3.1 WEP Encryption ........................................................................................84
6.3.2 Wireless g+ ...............................................................................................84
6.4 Configuring MAC Filters .....................................................................................87
6.5 Introduction to WPA ...........................................................................................88
6.5.1 WPA-PSK Application Example ................................................................88
6.5.2 WPA with RADIUS Application Example ..................................................89
6.5.3 Wireless Client WPA Supplicants ............................................................90
6.6 Configuring IEEE 802.1x and WPA ....................................................................90
6.6.1 Authentication Required: 802.1x ...............................................................91
9 Table of Contents
Prestige 661H/HW Series User’s Guide
6.6.2 Authentication Required: WPA .................................................................93
6.6.3 Authentication Required: WPA-PSK .........................................................95
6.7 Configuring Local User Authentication ...............................................................96
6.8 Configuring RADIUS ..........................................................................................97
6.9 Introduction to OTIST .........................................................................................98
6.9.1 Enabling OTIST ........................................................................................98
6.9.1.1 AP ...................................................................................................98
6.9.1.2 Wireless Client ..............................................................................100
6.9.2 Starting OTIST ........................................................................................100
6.9.3 Notes on OTIST ......................................................................................101
Chapter 7
WAN Setup............................................................................................................ 102
7.1 WAN Overview .................................................................................................102
7.1.1 Encapsulation .........................................................................................102
7.1.1.1 ENET ENCAP ...............................................................................102
7.1.1.2 PPP over Ethernet ........................................................................102
7.1.1.3 PPPoA ...........................................................................................102
7.1.1.4 RFC 1483 ......................................................................................103
7.1.2 Multiplexing .............................................................................................103
7.1.2.1 VC-based Multiplexing ..................................................................103
7.1.2.2 LLC-based Multiplexing .................................................................103
7.1.3 VPI and VCI ............................................................................................103
7.1.4 IP Address Assignment ..........................................................................103
7.1.4.1 IP Assignment with PPPoA or PPPoE Encapsulation ...................103
7.1.4.2 IP Assignment with RFC 1483 Encapsulation ...............................104
7.1.4.3 IP Assignment with ENET ENCAP Encapsulation ........................104
7.1.5 Nailed-Up Connection (PPP) ..................................................................104
7.1.6 NAT .........................................................................................................104
7.2 Metric ..............................................................................................................104
7.3 PPPoE Encapsulation ......................................................................................105
7.4 Traffic Shaping .................................................................................................105
7.5 Zero Configuration Internet Access ..................................................................106
7.6 Configuring WAN Setup ...................................................................................107
7.7 Traffic Redirect ................................................................................................ 110
7.8 Configuring WAN Backup ................................................................................. 111
Chapter 8
Network Address Translation (NAT) Screens.................................................... 114
8.1 NAT Overview .................................................................................................. 114
8.1.1 NAT Definitions ....................................................................................... 114
8.1.2 What NAT Does ......................................................................................115
8.1.3 How NAT Works ..................................................................................... 115
Table of Contents 10
Prestige 661H/HW Series User’s Guide
8.1.4 NAT Application ......................................................................................116
8.1.5 NAT Mapping Types ...............................................................................117
8.2 SUA (Single User Account) Versus NAT ..........................................................118
8.3 SUA Server ...................................................................................................... 118
8.3.1 Default Server IP Address ......................................................................118
8.3.2 Port Forwarding: Services and Port Numbers ........................................118
8.3.3 Configuring Servers Behind SUA (Example) ..........................................119
8.4 Selecting the NAT Mode ..................................................................................119
8.5 Configuring SUA Server ...................................................................................120
8.6 Configuring Address Mapping ..........................................................................122
8.7 Editing an Address Mapping Rule ....................................................................123
Chapter 9
Dynamic DNS Setup............................................................................................. 126
9.1 Dynamic DNS ...................................................................................................126
9.1.1 DYNDNS Wildcard ..................................................................................126
9.2 Configuring Dynamic DNS ...............................................................................126
Chapter 10
Time and Date....................................................................................................... 128
10.1 Configuring Time and Date ............................................................................128
Chapter 11
Firewalls................................................................................................................ 130
11.1 Firewall Overview ...........................................................................................130
11.2 Types of Firewalls ...........................................................................................130
11.2.1 Packet Filtering Firewalls ......................................................................130
11.2.2 Application-level Firewalls .....................................................................130
11.2.3 Stateful Inspection Firewalls ................................................................131
11.3 Introduction to ZyXEL’s Firewall .....................................................................131
11.3.1 Denial of Service Attacks ......................................................................132
11.4 Denial of Service ............................................................................................132
11.4.1 Basics ...................................................................................................132
11.4.2 Types of DoS Attacks ............................................................................133
11.4.2.1 ICMP Vulnerability ......................................................................135
11.4.2.2 Illegal Commands (NetBIOS and SMTP) ....................................135
11.4.2.3 Traceroute ...................................................................................136
11.5 Stateful Inspection ..........................................................................................136
11.5.1 Stateful Inspection Process ...................................................................137
11.5.2 Stateful Inspection and the Prestige .....................................................138
11.5.3 TCP Security .........................................................................................138
11.5.4 UDP/ICMP Security ..............................................................................139
11.5.5 Upper Layer Protocols ..........................................................................139
11 Table of Contents
Prestige 661H/HW Series User’s Guide
11.6 Guidelines for Enhancing Security with Your Firewall ....................................139
11.6.1 Security In General ...............................................................................140
11.7 Packet Filtering Vs Firewall ............................................................................141
11.7.1 Packet Filtering: ....................................................................................141
11.7.1.1 When To Use Filtering .................................................................141
11.7.2 Firewall ..................................................................................................141
11.7.2.1 When To Use The Firewall ..........................................................141
Chapter 12
Firewall Configuration ......................................................................................... 144
12.1 Access Methods .............................................................................................144
12.2 Firewall Policies Overview .............................................................................144
12.3 Rule Logic Overview ......................................................................................145
12.3.1 Rule Checklist .......................................................................................145
12.3.2 Security Ramifications ..........................................................................145
12.3.3 Key Fields For Configuring Rules .........................................................146
12.3.3.1 Action ..........................................................................................146
12.3.3.2 Service ........................................................................................146
12.3.3.3 Source Address ...........................................................................146
12.3.3.4 Destination Address ....................................................................146
12.4 Connection Direction ......................................................................................146
12.4.1 LAN to WAN Rules ...............................................................................146
12.4.2 Alerts .....................................................................................................147
12.5 Configuring Basic Firewall Settings ................................................................147
12.6 Rule Summary ...............................................................................................148
12.6.1 Configuring Firewall Rules ....................................................................150
12.7 Customized Services .....................................................................................153
12.8 Creating/Editing A Customized Service .........................................................153
12.9 Example Firewall Rule ...................................................................................154
12.10 Predefined Services .....................................................................................158
12.11 Anti-Probing ..................................................................................................160
12.12 DoS Thresholds ...........................................................................................161
12.12.1 Threshold Values ................................................................................162
12.12.2 Half-Open Sessions ............................................................................162
12.12.2.1 TCP Maximum Incomplete and Blocking Time .........................162
Chapter 13
Content Filtering .................................................................................................. 166
13.1 Content Filtering Overview .............................................................................166
13.2 Configuring Keyword Blocking .......................................................................166
13.3 Configuring the Schedule ..............................................................................167
13.4 Configuring Trusted Computers .....................................................................168
Table of Contents 12
Prestige 661H/HW Series User’s Guide
Chapter 14
Introduction to IPSec ........................................................................................... 170
14.1 VPN Overview ................................................................................................170
14.1.1 IPSec ....................................................................................................170
14.1.2 Security Association .............................................................................170
14.1.3 Other Terminology ................................................................................170
14.1.3.1 Encryption ...................................................................................170
14.1.3.2 Data Confidentiality .....................................................................171
14.1.3.3 Data Integrity ...............................................................................171
14.1.3.4 Data Origin Authentication ..........................................................171
14.1.4 VPN Applications ..................................................................................171
14.2 IPSec Architecture .........................................................................................171
14.2.1 IPSec Algorithms ..................................................................................172
14.2.2 Key Management ..................................................................................172
14.3 Encapsulation .................................................................................................172
14.3.1 Transport Mode ....................................................................................173
14.3.2 Tunnel Mode ........................................................................................173
14.4 IPSec and NAT ...............................................................................................173
Chapter 15
VPN Screens......................................................................................................... 176
15.1 VPN/IPSec Overview .....................................................................................176
15.2 IPSec Algorithms ............................................................................................176
15.2.1 AH (Authentication Header) Protocol ....................................................176
15.2.2 ESP (Encapsulating Security Payload) Protocol ..................................177
15.3 My IP Address ................................................................................................177
15.4 Secure Gateway Address ..............................................................................178
15.4.1 Dynamic Secure Gateway Address ......................................................178
15.5 VPN Summary Screen ...................................................................................178
15.6 Keep Alive ......................................................................................................180
15.7 Remote DNS Server ......................................................................................180
15.8 ID Type and Content ......................................................................................181
15.8.1 ID Type and Content Examples ............................................................182
15.9 Pre-Shared Key ..............................................................................................183
15.10 Editing VPN Policies ....................................................................................183
15.11 IKE Phases ..................................................................................................188
15.11.1 Negotiation Mode ................................................................................189
15.11.2 Diffie-Hellman (DH) Key Groups .........................................................189
15.11.3 Perfect Forward Secrecy (PFS) .........................................................190
15.12 Configuring Advanced IKE Settings .............................................................190
15.13 Manual Key Setup ........................................................................................193
15.13.1 Security Parameter Index (SPI) .........................................................193
15.14 Configuring Manual Key ...............................................................................194
13 Table of Contents
Prestige 661H/HW Series User’s Guide
15.15 Viewing SA Monitor ......................................................................................197
15.16 Configuring Global Setting ...........................................................................198
15.17 Telecommuter VPN/IPSec Examples ...........................................................199
15.17.1 Telecommuters Sharing One VPN Rule Example ..............................199
15.17.2 Telecommuters Using Unique VPN Rules Example ...........................200
15.18 VPN and Remote Management ...................................................................202
Chapter 16
Remote Management Configuration .................................................................. 204
16.1 Remote Management Overview .....................................................................204
16.1.1 Remote Management Limitations .........................................................204
16.1.2 Remote Management and NAT ............................................................205
16.1.3 System Timeout ...................................................................................205
16.2 Telnet ..............................................................................................................205
16.3 FTP ................................................................................................................205
16.4 Web ................................................................................................................206
16.5 Configuring Remote Management .................................................................206
Chapter 17
Universal Plug-and-Play (UPnP) ......................................................................... 208
17.1 Introducing Universal Plug and Play ..............................................................208
17.1.1 How do I know if I'm using UPnP? ........................................................208
17.1.2 NAT Traversal .......................................................................................208
17.1.3 Cautions with UPnP ..............................................................................208
17.2 UPnP and ZyXEL ...........................................................................................209
17.2.1 Configuring UPnP .................................................................................209
17.3 Installing UPnP in Windows Example ............................................................210
17.4 Using UPnP in Windows XP Example ...........................................................214
Chapter 18
Logs Screens........................................................................................................ 222
18.1 Logs Overview ...............................................................................................222
18.1.1 Alerts and Logs .....................................................................................222
18.2 Configuring Log Settings ................................................................................222
18.3 Displaying the Logs ........................................................................................224
18.4 SMTP Error Messages ...................................................................................225
18.4.1 Example E-mail Log ..............................................................................226
Chapter 19
Media Bandwidth Management Advanced Setup.............................................. 228
19.1 Bandwidth Management Advanced Setup Overview .....................................228
19.2 Bandwidth Classes and Filters .......................................................................228
19.3 Proportional Bandwidth Allocation .................................................................229
Table of Contents 14
Prestige 661H/HW Series User’s Guide
19.4 Bandwidth Management Usage Examples ....................................................229
19.4.1 Application-based Bandwidth Management Example ..........................229
19.4.2 Subnet-based Bandwidth Management Example .................................229
19.4.3 Application and Subnet-based Bandwidth Management Example .......230
19.5 Scheduler .......................................................................................................231
19.5.1 Priority-based Scheduler ......................................................................231
19.5.2 Fairness-based Scheduler ....................................................................231
19.6 Maximize Bandwidth Usage ...........................................................................231
19.6.1 Reserving Bandwidth for Non-Bandwidth Class Traffic ........................231
19.6.2 Maximize Bandwidth Usage Example ..................................................232
19.7 Bandwidth Borrowing .....................................................................................233
19.7.1 Maximize Bandwidth Usage With Bandwidth Borrowing ......................233
19.8 Configuring Summary ....................................................................................234
19.9 Configuring Class Setup ................................................................................235
19.9.1 Media Bandwidth Management Class Configuration ............................236
19.9.2 Media Bandwidth Management Statistics .............................................239
19.10 Bandwidth Monitor ......................................................................................240
Chapter 20
Trend Micro Security Services ............................................................................ 242
20.1 Trend Micro Security Services Overview .......................................................242
20.1.1 TMSS Web Page ..................................................................................242
20.2 Configuring TMSS on the Prestige .................................................................245
20.2.1 TMSS Service Settings .........................................................................246
20.3 Configuring Virus Protection ..........................................................................247
20.4 Parental Controls Configuration .....................................................................249
20.4.1 Parental Controls Statistics ...................................................................252
Chapter 21
Maintenance ......................................................................................................... 254
21.1 Maintenance Overview ...................................................................................254
21.2 System Status Screen ....................................................................................254
21.2.1 System Statistics ...................................................................................256
21.3 DHCP Table Screen .......................................................................................258
21.4 Any IP Table Screen .......................................................................................259
21.5 Wireless Screen .............................................................................................259
21.5.1 Association List .....................................................................................259
21.6 Diagnostic Screens ........................................................................................260
21.6.1 Diagnostic General Screen ...................................................................260
21.6.2 Diagnostic DSL Line Screen .................................................................261
21.7 Firmware Screen ............................................................................................263
15 Table of Contents
Prestige 661H/HW Series User’s Guide
Chapter 22
Introducing the SMT ............................................................................................266
22.1 SMT Introduction ............................................................................................266
22.1.1 Procedure for SMT Configuration via Telnet .........................................266
22.1.2 Entering Password ................................................................................266
22.1.3 Prestige SMT Menus Overview ............................................................267
22.2 Navigating the SMT Interface .........................................................................268
22.2.1 System Management Terminal Interface Summary ..............................270
22.3 Changing the System Password ....................................................................270
Chapter 23
Menu 1 General Setup ......................................................................................... 272
23.1 General Setup ................................................................................................272
23.2 Procedure To Configure Menu 1 ....................................................................272
23.2.1 Procedure to Configure Dynamic DNS .................................................273
Chapter 24
Menu 2 WAN Backup Setup ................................................................................ 276
24.1 Introduction to WAN Backup Setup ................................................................276
24.2 Configuring WAN Backup in Menu 2 ..............................................................276
24.2.1 Traffic Redirect Setup ...........................................................................277
Chapter 25
Menu 3 LAN Setup ...............................................................................................280
25.1 LAN Setup ......................................................................................................280
25.1.1 General Ethernet Setup ........................................................................280
25.2 Protocol Dependent Ethernet Setup ..............................................................281
25.3 TCP/IP Ethernet Setup and DHCP ................................................................281
Chapter 26
Wireless LAN Setup ............................................................................................. 284
26.1 Wireless LAN Overview .................................................................................284
26.2 Wireless LAN Setup .......................................................................................284
26.2.1 Wireless LAN MAC Address Filter ........................................................285
Chapter 27
Internet Access .................................................................................................... 288
27.1 Internet Access Overview ..............................................................................288
27.2 IP Policies ......................................................................................................288
27.3 IP Alias ...........................................................................................................288
27.4 IP Alias Setup .................................................................................................289
27.5 Route IP Setup ...............................................................................................290
27.6 Internet Access Configuration ........................................................................291
Table of Contents 16
Prestige 661H/HW Series User’s Guide
Chapter 28
Remote Node Configuration ............................................................................... 294
28.1 Remote Node Setup Overview .......................................................................294
28.2 Remote Node Setup .......................................................................................294
28.2.1 Remote Node Profile ............................................................................294
28.2.2 Encapsulation and Multiplexing Scenarios ...........................................295
28.2.2.1 Scenario 1: One VC, Multiple Protocols ......................................295
28.2.2.2 Scenario 2: One VC, One Protocol (IP) ......................................295
28.2.2.3 Scenario 3: Multiple VCs .............................................................295
28.2.3 Outgoing Authentication Protocol .........................................................297
28.3 Remote Node Network Layer Options ...........................................................298
28.3.1 My WAN Addr Sample IP Addresses ...................................................299
28.4 Remote Node Filter ........................................................................................300
28.5 Editing ATM Layer Options ............................................................................301
28.5.1 VC-based Multiplexing (non-PPP Encapsulation) ................................301
28.5.2 LLC-based Multiplexing or PPP Encapsulation ....................................301
28.5.3 Advance Setup Options ........................................................................302
Chapter 29
Static Route Setup ............................................................................................... 304
29.1 IP Static Route Overview ...............................................................................304
29.2 Configuration ..................................................................................................304
Chapter 30
Bridging Setup ..................................................................................................... 308
30.1 Bridging in General ........................................................................................308
30.2 Bridge Ethernet Setup ....................................................................................308
30.2.1 Remote Node Bridging Setup ...............................................................308
30.2.2 Bridge Static Route Setup .....................................................................310
Chapter 31
Network Address Translation (NAT)................................................................... 312
31.1 Using NAT ......................................................................................................312
31.1.1 SUA (Single User Account) Versus NAT ..............................................312
31.2 Applying NAT .................................................................................................312
31.3 NAT Setup ......................................................................................................314
31.3.1 Address Mapping Sets ..........................................................................314
31.3.1.1 SUA Address Mapping Set .........................................................315
31.3.1.2 User-Defined Address Mapping Sets ..........................................316
31.3.1.3 Ordering Your Rules ....................................................................317
31.4 Configuring a Server behind NAT ..................................................................318
31.5 General NAT Examples ..................................................................................319
31.5.1 Example 1: Internet Access Only ..........................................................320
17 Table of Contents
Prestige 661H/HW Series User’s Guide
31.5.2 Example 2: Internet Access with an Inside Server ...............................320
31.5.3 Example 3: Multiple Public IP Addresses With Inside Servers .............321
31.5.4 Example 4: NAT Unfriendly Application Programs ...............................325
Chapter 32
Enabling the Firewall ...........................................................................................328
32.1 Remote Management and the Firewall ..........................................................328
32.2 Access Methods .............................................................................................328
32.3 Enabling the Firewall ......................................................................................328
Chapter 33
Filter Configuration.............................................................................................. 330
33.1 About Filtering ................................................................................................330
33.1.1 The Filter Structure of the Prestige .......................................................331
33.2 Configuring a Filter Set for the Prestige .........................................................332
33.3 Filter Rules Summary Menus .........................................................................333
33.4 Configuring a Filter Rule ................................................................................334
33.4.1 TCP/IP Filter Rule .................................................................................335
33.4.2 Generic Filter Rule ................................................................................337
33.5 Filter Types and NAT .....................................................................................339
33.6 Example Filter ................................................................................................339
33.7 Applying Filters and Factory Defaults ............................................................341
33.7.1 Ethernet Traffic .....................................................................................342
33.7.2 Remote Node Filters .............................................................................342
Chapter 34
SNMP Configuration ............................................................................................ 344
34.1 About SNMP ..................................................................................................344
34.2 Supported MIBs ............................................................................................345
34.3 SNMP Configuration ......................................................................................345
34.4 SNMP Traps ...................................................................................................346
Chapter 35
System Security ................................................................................................... 348
35.1 System Security .............................................................................................348
35.1.1 System Password .................................................................................348
35.1.2 Configuring External RADIUS Server ...................................................348
35.1.3 IEEE 802.1x ..........................................................................................350
35.2 Creating User Accounts on the Prestige ........................................................352
Chapter 36
System Information and Diagnosis .................................................................... 354
36.1 Overview ........................................................................................................354
Table of Contents 18
Prestige 661H/HW Series User’s Guide
36.2 System Status ................................................................................................354
36.3 System Information ........................................................................................356
36.3.1 System Information ...............................................................................356
36.3.2 Console Port Speed ..............................................................................357
36.4 Log and Trace ................................................................................................358
36.4.1 Viewing Error Log .................................................................................358
36.4.2 Syslog and Accounting .........................................................................359
36.5 Diagnostic ......................................................................................................361
Chapter 37
Firmware and Configuration File Maintenance ................................................. 364
37.1 Filename Conventions ...................................................................................364
37.2 Backup Configuration .....................................................................................365
37.2.1 Backup Configuration ...........................................................................365
37.2.2 Using the FTP Command from the Command Line ..............................366
37.2.3 Example of FTP Commands from the Command Line .........................366
37.2.4 GUI-based FTP Clients .........................................................................367
37.2.5 TFTP and FTP over WAN Management Limitations .............................367
37.2.6 Backup Configuration Using TFTP .......................................................368
37.2.7 TFTP Command Example ....................................................................368
37.2.8 GUI-based TFTP Clients ......................................................................368
37.3 Restore Configuration ....................................................................................369
37.3.1 Restore Using FTP ...............................................................................369
37.3.2 Restore Using FTP Session Example ..................................................370
37.4 Uploading Firmware and Configuration Files .................................................371
37.4.1 Firmware File Upload ............................................................................371
37.4.2 Configuration File Upload .....................................................................371
37.4.3 FTP File Upload Command from the DOS Prompt Example ................372
37.4.4 FTP Session Example of Firmware File Upload ...................................373
37.4.5 TFTP File Upload ..................................................................................373
37.4.6 TFTP Upload Command Example ........................................................374
Chapter 38
System Maintenance............................................................................................ 376
38.1 Command Interpreter Mode ...........................................................................376
38.2 Call Control Support .......................................................................................377
38.2.1 Budget Management ............................................................................377
38.3 Time and Date Setting ....................................................................................378
38.3.1 Resetting the Time ................................................................................380
Chapter 39
Remote Management ........................................................................................... 382
39.1 Remote Management Overview .....................................................................382
19 Table of Contents
Prestige 661H/HW Series User’s Guide
39.2 Remote Management .....................................................................................382
39.2.1 Remote Management Setup .................................................................382
39.2.2 Remote Management Limitations .........................................................383
39.3 Remote Management and NAT ......................................................................384
39.4 System Timeout .............................................................................................384
Chapter 40
IP Policy Routing.................................................................................................. 386
40.1 IP Policy Routing Overview ............................................................................386
40.2 Benefits of IP Policy Routing ..........................................................................386
40.3 Routing Policy ................................................................................................386
40.4 IP Routing Policy Setup .................................................................................387
40.5 Applying an IP Policy .....................................................................................390
40.5.1 Ethernet IP Policies ..............................................................................390
40.6 IP Policy Routing Example .............................................................................391
Chapter 41
Call Scheduling .................................................................................................... 396
41.1 Introduction ....................................................................................................396
Chapter 42
VPN/IPSec Setup .................................................................................................. 400
42.1 VPN/IPSec Overview .....................................................................................400
42.2 IPSec Summary Screen .................................................................................400
42.3 IPSec Setup ...................................................................................................403
42.4 IKE Setup .......................................................................................................406
42.5 Manual Setup .................................................................................................408
42.5.1 Active Protocol ......................................................................................408
42.5.2 Security Parameter Index (SPI) ............................................................408
Chapter 43
SA Monitor ............................................................................................................ 412
43.1 SA Monitor Overview .....................................................................................412
43.2 Using SA Monitor ...........................................................................................412
Chapter 44
Troubleshooting ...................................................................................................416
44.1 Problems Starting Up the Prestige .................................................................416
44.2 Problems with the LAN ...................................................................................416
44.3 Problems with the WAN .................................................................................417
44.4 Problems Accessing the Prestige ..................................................................418
44.4.1 Pop-up Windows, JavaScripts and Java Permissions ..........................418
44.4.1.1 Internet Explorer Pop-up Blockers ..............................................418
Table of Contents 20
Prestige 661H/HW Series User’s Guide
44.4.1.2 JavaScripts ..................................................................................421
44.4.1.3 Java Permissions ........................................................................423
44.4.2 ActiveX Controls in Internet Explorer ....................................................425
Appendix A
Product Specifications ....................................................................................... 428
Appendix B
Setting up Your Computer’s IP Address............................................................ 432
Windows 95/98/Me................................................................................................. 432
Installing Components ..................................................................................... 433
Configuring ...................................................................................................... 434
Verifying Settings............................................................................................. 435
Windows 2000/NT/XP ............................................................................................ 435
Verifying Settings............................................................................................. 440
Macintosh OS 8/9................................................................................................... 440
Verifying Settings............................................................................................. 442
Macintosh OS X ..................................................................................................... 442
Verifying Settings............................................................................................. 443
Appendix C
IP Subnetting ........................................................................................................ 444
IP Addressing......................................................................................................... 444
IP Classes .............................................................................................................. 444
Subnet Masks ........................................................................................................ 445
Subnetting .............................................................................................................. 445
Example: Two Subnets .......................................................................................... 446
Example: Four Subnets.......................................................................................... 448
Example Eight Subnets.......................................................................................... 449
Subnetting With Class A and Class B Networks. ................................................... 450
Appendix D
Boot Commands ..................................................................................................452
Appendix E
Command Interpreter........................................................................................... 454
Command Syntax................................................................................................... 454
Command Usage ................................................................................................... 454
Appendix F
Firewall Commands ............................................................................................. 456
Appendix G
NetBIOS Filter Commands .................................................................................. 462
21 Table of Contents
Prestige 661H/HW Series User’s Guide
Introduction ............................................................................................................ 462
Display NetBIOS Filter Settings ............................................................................. 462
NetBIOS Filter Configuration.................................................................................. 463
Appendix H
VPN Setup............................................................................................................. 466
General Notes ........................................................................................................ 466
Dynamic IPSec Rule........................................................................................ 466
Full Feature NAT Mode.................................................................................... 466
VPN Configuration via Web Configurator............................................................... 467
Dialing the VPN Tunnel via Web Configurator................................................. 469
VPN Configuration via SMT ................................................................................... 471
Dialing the VPN Tunnel via SMT ..................................................................... 474
VPN Troubleshooting ............................................................................................. 474
VPN Log .......................................................................................................... 475
IPSec Debug.................................................................................................... 476
Use a VPN Tunnel.................................................................................................. 476
FTP Example ................................................................................................... 477
Appendix I
Splitters and Microfilters ..................................................................................... 480
Connecting a POTS Splitter ................................................................................... 480
Telephone Microfilters ............................................................................................ 480
Prestige With ISDN ................................................................................................ 481
Appendix J
PPPoE ................................................................................................................... 484
PPPoE in Action..................................................................................................... 484
Benefits of PPPoE.................................................................................................. 484
Traditional Dial-up Scenario................................................................................... 484
How PPPoE Works ................................................................................................ 485
Prestige as a PPPoE Client ................................................................................... 485
Appendix K
Log Descriptions.................................................................................................. 486
Log Commands...................................................................................................... 500
Configuring What You Want the Prestige to Log ............................................. 500
Displaying Logs ............................................................................................... 501
Log Command Example......................................................................................... 501
Appendix L
Wireless LANs ...................................................................................................... 502
Table of Contents 22
Prestige 661H/HW Series User’s Guide
Wireless LAN Topologies ....................................................................................... 502
Ad-hoc Wireless LAN Configuration ................................................................ 502
BSS.................................................................................................................. 502
ESS.................................................................................................................. 503
Channel.................................................................................................................. 504
RTS/CTS................................................................................................................ 504
Fragmentation Threshold ....................................................................................... 505
Preamble Type....................................................................................................... 506
IEEE 802.1x ........................................................................................................... 507
RADIUS.................................................................................................................. 507
Types of RADIUS Messages ........................................................................... 507
Types of Authentication.......................................................................................... 508
EAP-MD5 (Message-Digest Algorithm 5) ........................................................ 508
EAP-TLS (Transport Layer Security) ............................................................... 509
EAP-TTLS (Tunneled Transport Layer Service) .............................................. 509
PEAP (Protected EAP) .................................................................................... 509
LEAP................................................................................................................ 509
Dynamic WEP Key Exchange ......................................................................... 509
WPA ....................................................................................................................... 510
User Authentication ........................................................................................ 510
Encryption ....................................................................................................... 510
Security Parameters Summary .............................................................................. 511
Appendix M
Internal SPTGEN .................................................................................................. 512
Internal SPTGEN Overview ................................................................................... 512
The Configuration Text File Format........................................................................ 512
Internal SPTGEN File Modification - Important Points to Remember.............. 512
Internal SPTGEN FTP Download Example............................................................ 513
Internal SPTGEN FTP Upload Example ................................................................ 514
Command Examples.............................................................................................. 535
Index...................................................................................................................... 538
23 Table of Contents
Prestige 661H/HW Series User’s Guide
List of Figures
Figure 1 Protected Internet Access Applications ................................................................ 48
Figure 2 P-661HW LAN-to-LAN Application Example ........................................................ 49
Figure 3 P-661H Front Panel .............................................................................................. 49
Figure 4 P-661HW Front Panel ........................................................................................... 49
Figure 5 Password Screen .................................................................................................. 53
Figure 6 Change Password at Login ................................................................................... 53
Figure 7 Web Configurator: P-661HW Site Map Screen ................................................... 55
Figure 8 Password ..............................................................................................................57
Figure 9 Internet Access Wizard Setup: ISP Parameters ................................................... 59
Figure 10 Internet Connection with PPPoE ......................................................................... 60
Figure 11 Internet Connection with RFC 1483 ................................................................... 61
Figure 12 Internet Connection with ENET ENCAP ............................................................. 62
Figure 13 Internet Connection with PPPoA ......................................................................... 63
Figure 14 Internet Access Wizard Setup: Third Screen ...................................................... 64
Figure 15 Internet Access Wizard Setup: LAN Configuration ............................................. 65
Figure 16 Internet Access Wizard Setup: Connection Tests ............................................... 66
Figure 17 Media Bandwidth Mgnt. Wizard Setup ................................................................ 69
Figure 18 Media Bandwidth Mgnt. Wizard Setup: Second Screen .................................... 70
Figure 19 Media Bandwidth Mgnt. Wizard Setup: Finish ................................................... 71
Figure 20 LAN and WAN IP Addresses .............................................................................. 72
Figure 21 Any IP Example .................................................................................................. 76
Figure 22 LAN Setup ........................................................................................................... 78
Figure 23 LAN: Static DHCP ............................................................................................... 80
Figure 24 Wireless Security Methods ................................................................................. 84
Figure 25 Wireless Screen .................................................................................................. 85
Figure 26 MAC Address Filter ............................................................................................. 87
Figure 27 WPA - PSK Authentication .................................................................................. 89
Figure 28 WPA with RADIUS Application Example2 .......................................................... 90
Figure 29 Wireless LAN: 802.1x/WPA: No Access Allowed ................................................ 91
Figure 30 Wireless LAN: 802.1x/WPA: No Authentication .................................................. 91
Figure 31 Wireless LAN: 802.1x/WPA: 802.1xl ................................................................... 92
Figure 32 Wireless LAN: 802.1x/WPA: WPA ....................................................................... 94
Figure 33 Wireless LAN: 802.1x/WPA:WPA-PSK ............................................................... 95
Figure 34 Local User Database .......................................................................................... 96
Figure 35 RADIUS .............................................................................................................. 97
Figure 36 OTIST ................................................................................................................. 99
Figure 37 Example Wireless Client OTIST Screen ............................................................. 100
Figure 38 Security Key ........................................................................................................ 100
List of Figures 24
Prestige 661H/HW Series User’s Guide
Figure 39 OTIST in Progress (Prestige) .............................................................................. 100
Figure 40 OTIST in Progress (Client) .................................................................................. 100
Figure 41 No AP with OTIST Found ................................................................................... 101
Figure 42 Start OTIST? ....................................................................................................... 101
Figure 43 Example of Traffic Shaping ................................................................................. 106
Figure 44 WAN Setup (PPPoE) .......................................................................................... 108
Figure 45 Traffic Redirect Example ..................................................................................... 111
Figure 46 Traffic Redirect LAN Setup ................................................................................. 111
Figure 47 WAN Backup ....................................................................................................... 112
Figure 48 How NAT Works .................................................................................................. 116
Figure 49 NAT Application With IP Alias ............................................................................. 116
Figure 50 Multiple Servers Behind NAT Example ............................................................... 119
Figure 51 NAT Mode ........................................................................................................... 120
Figure 52 Edit SUA/NAT Server Set ................................................................................... 121
Figure 53 Address Mapping Rules ...................................................................................... 122
Figure 54 Address Mapping Rule Edit ................................................................................ 123
Figure 55 Dynamic DNS ..................................................................................................... 127
Figure 56 Time and Date ..................................................................................................... 128
Figure 57 Prestige Firewall Application ............................................................................... 132
Figure 58 Three-Way Handshake ....................................................................................... 134
Figure 59 SYN Flood ........................................................................................................... 134
Figure 60 Smurf Attack ....................................................................................................... 135
Figure 61 Stateful Inspection ............................................................................................... 137
Figure 62 Firewall: Default Policy ........................................................................................ 147
Figure 63 Firewall: Rule Summary ..................................................................................... 148
Figure 64 Firewall: Edit Rule ............................................................................................... 151
Figure 65 Firewall: Customized Services ............................................................................ 153
Figure 66 Firewall: Configure Customized Services ........................................................... 154
Figure 67 Firewall Example: Rule Summary ....................................................................... 155
Figure 68 Firewall Example: Edit Rule: Destination Address ............................................. 156
Figure 69 Edit Custom Port Example .................................................................................. 156
Figure 70 Firewall Example: Edit Rule: Select Customized Services ................................. 157
Figure 71 Firewall Example: Rule Summary: My Service .................................................. 158
Figure 72 Firewall: Anti Probing .......................................................................................... 161
Figure 73 Firewall: Threshold .............................................................................................. 163
Figure 74 Content Filter: Keyword ...................................................................................... 166
Figure 75 Content Filter: Schedule ..................................................................................... 167
Figure 76 Content Filter: Trusted ........................................................................................ 168
Figure 77 Encryption and Decryption .................................................................................. 171
Figure 78 IPSec Architecture .............................................................................................. 172
Figure 79 Transport and Tunnel Mode IPSec Encapsulation .............................................. 173
Figure 80 IPSec Summary Fields ....................................................................................... 179
Figure 81 VPN Summary .................................................................................................... 179
25 List of Figures
Prestige 661H/HW Series User’s Guide
Figure 82 VPN Host using Intranet DNS Server Example .................................................. 181
Figure 83 VPN IKE ..............................................................................................................184
Figure 84 Two Phases to Set Up the IPSec SA .................................................................. 188
Figure 85 VPN IKE: Advanced Setup ................................................................................. 191
Figure 86 VPN: Manual Key ................................................................................................ 194
Figure 87 VPN: SA Monitor ................................................................................................. 197
Figure 88 VPN: Global Setting ............................................................................................ 198
Figure 89 Telecommuters Sharing One VPN Rule Example ............................................... 199
Figure 90 Telecommuters Using Unique VPN Rules Example ........................................... 201
Figure 91 Telnet Configuration on a TCP/IP Network ......................................................... 205
Figure 92 Remote Management ......................................................................................... 206
Figure 93 Configuring UPnP ............................................................................................... 209
Figure 94 Add/Remove Programs: Windows Setup: Communication ................................. 211
Figure 95 Add/Remove Programs: Windows Setup: Communication: Components .......... 211
Figure 96 Network Connections .......................................................................................... 212
Figure 97 Windows Optional Networking Components Wizard .......................................... 213
Figure 98 Networking Services ........................................................................................... 214
Figure 99 Network Connections .......................................................................................... 215
Figure 100 Internet Connection Properties ........................................................................ 216
Figure 101 Internet Connection Properties: Advanced Settings ......................................... 217
Figure 102 Internet Connection Properties: Advanced Settings: Add ................................. 217
Figure 103 System Tray Icon .............................................................................................. 218
Figure 104 Internet Connection Status ................................................................................ 218
Figure 105 Network Connections ........................................................................................ 219
Figure 106 Network Connections: My Network Places ....................................................... 220
Figure 107 Network Connections: My Network Places: Properties: Example ..................... 220
Figure 108 Log Settings ...................................................................................................... 223
Figure 109 View Logs ......................................................................................................... 225
Figure 110 E-mail Log Example .......................................................................................... 226
Figure 111 Application-based Bandwidth Management Example ....................................... 229
Figure 112 Subnet-based Bandwidth Management Example ............................................. 230
Figure 113 Application and Subnet-based Bandwidth Management Example .................... 230
Figure 114 Bandwidth Allotment Example .......................................................................... 232
Figure 115 Maximize Bandwidth Usage Example ............................................................... 233
Figure 116 Media Bandwidth Management: Summary ....................................................... 234
Figure 117 Media Bandwidth Management: Class Setup ................................................... 235
Figure 118 Media Bandwidth Management: Class Configuration ....................................... 237
Figure 119 Media Bandwidth Management Statistics ......................................................... 239
Figure 120 Media Bandwidth Management: Monitor ......................................................... 240
Figure 121 TMSS First Time Access ................................................................................... 242
Figure 122 Download ActiveX to View TMSS Web Page ................................................... 243
Figure 123 TMSS Web Page (Dashboard) ......................................................................... 243
Figure 124 TMSS Service Summary ................................................................................... 243
List of Figures 26
Prestige 661H/HW Series User’s Guide
Figure 125 TMSS 3 Steps ................................................................................................... 244
Figure 126 TMSS Registration Form .................................................................................. 244
Figure 127 Example TMSS Activated Service Summary Screen ....................................... 245
Figure 128 Example TMSS Activated Parental Controls Screen ........................................ 245
Figure 129 TMSS Main Screen ........................................................................................... 246
Figure 130 TMSS Service Settings ..................................................................................... 246
Figure 131 Virus Protection ................................................................................................. 247
Figure 132 No Parental Controls License ........................................................................... 249
Figure 133 Parental Controls .............................................................................................. 250
Figure 134 Parental Controls Statistics ............................................................................... 252
Figure 135 System Status ................................................................................................... 255
Figure 136 System Status: Show Statistics ......................................................................... 257
Figure 137 DHCP Table ...................................................................................................... 258
Figure 138 Any IP Table ...................................................................................................... 259
Figure 139 Association List ................................................................................................. 260
Figure 140 Diagnostic: General .......................................................................................... 261
Figure 141 Diagnostic: DSL Line ........................................................................................ 262
Figure 142 Firmware Upgrade ............................................................................................ 263
Figure 143 Network Temporarily Disconnected .................................................................. 264
Figure 144 Error Message .................................................................................................. 264
Figure 145 Login Screen ..................................................................................................... 267
Figure 146 Menu 23.1 Change Password ........................................................................... 271
Figure 147 Menu 1 General Setup ...................................................................................... 273
Figure 148 Menu 1.1 Configure Dynamic DNS .................................................................. 274
Figure 149 Menu 2 WAN Backup Setup ............................................................................. 276
Figure 150 Menu 2.1Traffic Redirect Setup ......................................................................... 277
Figure 151 Menu 3 LAN Setup ............................................................................................ 280
Figure 152 Menu 3.1 LAN Port Filter Setup ........................................................................ 280
Figure 153 Menu 3.2 TCP/IP and DHCP Ethernet Setup ................................................... 281
Figure 154 Menu 3.5 - Wireless LAN Setup ....................................................................... 284
Figure 155 Menu 3.5.1 WLAN MAC Address Filtering ........................................................ 286
Figure 156 IP Alias Network Example ................................................................................. 289
Figure 157 Menu 3.2 TCP/IP and DHCP Setup ................................................................. 289
Figure 158 Menu 3.2.1 IP Alias Setup ................................................................................ 290
Figure 159 Menu 1 General Setup ...................................................................................... 291
Figure 160 Menu 4 Internet Access Setup .......................................................................... 291
Figure 161 Menu 11 Remote Node Setup ........................................................................... 295
Figure 162 Menu 11.1 Remote Node Profile ...................................................................... 296
Figure 163 Menu 11.3 Remote Node Network Layer Options ............................................ 298
Figure 164 Sample IP Addresses for a TCP/IP LAN-to-LAN Connection ........................... 300
Figure 165 Menu 11.5 Remote Node Filter (RFC 1483 or ENET Encapsulation) ............... 300
Figure 166 Menu 11.5 Remote Node Filter (PPPoA or PPPoE Encapsulation) ................. 301
Figure 167 Menu 11.6 for VC-based Multiplexing ............................................................... 301
27 List of Figures
Prestige 661H/HW Series User’s Guide
Figure 168 Menu 11.6 for LLC-based Multiplexing or PPP Encapsulation .......................... 302
Figure 169 Menu 11.1 Remote Node Profile ....................................................................... 302
Figure 170 Menu 11.8 Advance Setup Options .................................................................. 303
Figure 171 Sample Static Routing Topology ....................................................................... 304
Figure 172 Menu 12 Static Route Setup ............................................................................. 305
Figure 173 Menu 12.1 IP Static Route Setup ...................................................................... 305
Figure 174 Menu12.1.1 Edit IP Static Route ....................................................................... 305
Figure 175 Menu 11.1 Remote Node Profile ....................................................................... 309
Figure 176 Menu 11.3 Remote Node Network Layer Options ............................................ 309
Figure 177 Menu 12.3.1 Edit Bridge Static Route ............................................................... 310
Figure 178 Menu 4 Applying NAT for Internet Access ........................................................ 313
Figure 179 Applying NAT in Menus 4 & 11.3 ....................................................................... 313
Figure 180 Menu 15 NAT Setup ........................................................................................ 314
Figure 181 Menu 15.1 Address Mapping Sets .................................................................... 315
Figure 182 Menu 15.1.255 SUA Address Mapping Rules .................................................. 315
Figure 183 Menu 15.1.1 First Set ........................................................................................ 316
Figure 184 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set ........................ 317
Figure 185 Menu 15.2 NAT Server Setup ........................................................................... 318
Figure 186 Menu 15.2.1 NAT Server Setup ........................................................................ 319
Figure 187 Multiple Servers Behind NAT Example ............................................................. 319
Figure 188 NAT Example 1 ................................................................................................. 320
Figure 189 Menu 4 Internet Access & NAT Example .......................................................... 320
Figure 190 NAT Example 2 ................................................................................................. 321
Figure 191 Menu 15.2.1 Specifying an Inside Server ......................................................... 321
Figure 192 NAT Example 3 ................................................................................................. 322
Figure 193 Example 3: Menu 11.3 ...................................................................................... 323
Figure 194 Example 3: Menu 15.1.1.1 ................................................................................ 323
Figure 195 Example 3: Final Menu 15.1.1 .......................................................................... 324
Figure 196 Example 3: Menu 15.2.1 ................................................................................... 324
Figure 197 NAT Example 4 ................................................................................................. 325
Figure 198 Example 4: Menu 15.1.1.1 Address Mapping Rule ........................................... 325
Figure 199 Example 4: Menu 15.1.1 Address Mapping Rules ............................................ 326
Figure 200 Menu 21.2 Firewall Setup ................................................................................. 329
Figure 201 Outgoing Packet Filtering Process .................................................................... 330
Figure 202 Filter Rule Process ............................................................................................ 331
Figure 203 Menu 21 Filter Set Configuration ...................................................................... 332
Figure 204 NetBIOS_WAN Filter Rules Summary ............................................................. 332
Figure 205 NetBIOS_LAN Filter Rules Summary .............................................................. 333
Figure 206 IGMP Filter Rules Summary ............................................................................ 333
Figure 207 Menu 21.1.x.1 TCP/IP Filter Rule ..................................................................... 335
Figure 208 Executing an IP Filter ........................................................................................ 337
Figure 209 Menu 21.1.5.1 Generic Filter Rule ................................................................... 338
Figure 210 Protocol and Device Filter Sets ......................................................................... 339
List of Figures 28
Prestige 661H/HW Series User’s Guide
Figure 211 Sample Telnet Filter .......................................................................................... 340
Figure 212 Menu 21.1.6.1 Sample Filter ............................................................................ 340
Figure 213 Menu 21.1.6.1 Sample Filter Rules Summary .................................................. 341
Figure 214 Filtering Ethernet Traffic .................................................................................... 342
Figure 215 Filtering Remote Node Traffic ........................................................................... 342
Figure 216 SNMP Management Model ............................................................................... 344
Figure 217 Menu 22 SNMP Configuration .......................................................................... 346
Figure 218 Menu 23 – System Security .............................................................................. 348
Figure 219 Menu 23.2 System Security: RADIUS Server ................................................... 349
Figure 220 Menu 23 System Security ................................................................................. 350
Figure 221 Menu 23.4 System Security: IEEE 802.1x ........................................................ 350
Figure 222 Menu 14 Dial-in User Setup .............................................................................. 353
Figure 223 Menu 14.1 Edit Dial-in User .............................................................................. 353
Figure 224 Menu 24 System Maintenance ......................................................................... 354
Figure 225 Menu 24.1 System Maintenance : Status ......................................................... 355
Figure 226 Menu 24.2 System Information and Console Port Speed ................................. 356
Figure 227 Menu 24.2.1 System Maintenance: Information ............................................... 357
Figure 228 Menu 24.2.2 System Maintenance : Change Console Port Speed ................... 358
Figure 229 Menu 24.3 System Maintenance: Log and Trace ............................................. 358
Figure 230 Sample Error and Information Messages ......................................................... 359
Figure 231 Menu 24.3.2 System Maintenance: Syslog and Accounting ............................. 359
Figure 232 Syslog Example ................................................................................................ 360
Figure 233 Menu 24.4 System Maintenance : Diagnostic ................................................... 361
Figure 234 Telnet in Menu 24.5 ........................................................................................... 366
Figure 235 FTP Session Example ...................................................................................... 367
Figure 236 Telnet into Menu 24.6 ........................................................................................ 370
Figure 237 Restore Using FTP Session Example ............................................................... 370
Figure 238 Telnet Into Menu 24.7.1 Upload System Firmware .......................................... 371
Figure 239 Telnet Into Menu 24.7.2 System Maintenance ................................................. 372
Figure 240 FTP Session Example of Firmware File Upload ............................................... 373
Figure 241 Command Mode in Menu 24 ............................................................................. 376
Figure 242 Valid Commands ............................................................................................... 376
Figure 243 Menu 24.9 System Maintenance: Call Control .................................................. 377
Figure 244 Menu 24.9.1 System Maintenance: Budget Management ................................ 378
Figure 245 Menu 24 System Maintenance ......................................................................... 379
Figure 246 Menu 24.10 System Maintenance: Time and Date Setting ............................... 379
Figure 247 Menu 24.11 Remote Management Control ....................................................... 383
Figure 248 Menu 25 IP Routing Policy Setup ..................................................................... 387
Figure 249 Menu 25.1 IP Routing Policy Setup .................................................................. 388
Figure 250 Menu 25.1.1 IP Routing Policy .......................................................................... 389
Figure 251 Menu 3.2 TCP/IP and DHCP Ethernet Setup ................................................... 391
Figure 252 Menu 11.3 Remote Node Network Layer Options ............................................ 391
Figure 253 Example of IP Policy Routing ........................................................................... 392
29 List of Figures
Prestige 661H/HW Series User’s Guide
Figure 254 IP Routing Policy Example ................................................................................ 393
Figure 255 IP Routing Policy Example ................................................................................ 394
Figure 256 Applying IP Policies Example ........................................................................... 394
Figure 257 Menu 26 Schedule Setup .................................................................................. 396
Figure 258 Menu 26.1 Schedule Set Setup ....................................................................... 397
Figure 259 Applying Schedule Set(s) to a Remote Node (PPPoE) .................................... 398
Figure 260 Menu 27 VPN/IPSec Setup ............................................................................... 400
Figure 261 Menu 27.1 IPSec Summary .............................................................................. 401
Figure 262 Menu 27.1.1 IPSec Setup ................................................................................. 403
Figure 263 Menu 27.1.1.1KE Setup .................................................................................... 407
Figure 264 Menu 27.1.1.2 Manual Setup ............................................................................ 409
Figure 265 Menu 27.2 SA Monitor ...................................................................................... 413
Figure 266 Pop-up Blocker ................................................................................................. 419
Figure 267 Internet Options ............................................................................................... 419
Figure 268 Internet Options ................................................................................................ 420
Figure 269 Pop-up Blocker Settings ................................................................................... 421
Figure 270 Internet Options ................................................................................................ 422
Figure 271 Security Settings - Java Scripting ..................................................................... 423
Figure 272 Security Settings - Java .................................................................................... 424
Figure 273 Java (Sun) ......................................................................................................... 425
Figure 274 Internet Options Security .................................................................................. 426
Figure 275 Security Setting ActiveX Controls ..................................................................... 427
Figure 276 WIndows 95/98/Me: Network: Configuration ..................................................... 433
Figure 277 Windows 95/98/Me: TCP/IP Properties: IP Address ......................................... 434
Figure 278 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ............................ 435
Figure 279 Windows XP: Start Menu .................................................................................. 436
Figure 280 Windows XP: Control Panel .............................................................................. 436
Figure 281 Windows XP: Control Panel: Network Connections: Properties ....................... 437
Figure 282 Windows XP: Local Area Connection Properties .............................................. 437
Figure 283 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 438
Figure 284 Windows XP: Advanced TCP/IP Properties ...................................................... 439
Figure 285 Windows XP: Internet Protocol (TCP/IP) Properties ......................................... 440
Figure 286 Macintosh OS 8/9: Apple Menu ........................................................................ 441
Figure 287 Macintosh OS 8/9: TCP/IP ................................................................................ 441
Figure 288 Macintosh OS X: Apple Menu ........................................................................... 442
Figure 289 Macintosh OS X: Network ................................................................................. 443
Figure 290 Option to Enter Debug Mode ............................................................................ 452
Figure 291 Boot Module Commands .................................................................................. 453
Figure 292 VPN Rules ........................................................................................................ 467
Figure 293 Headquarters VPN Rule Edit ............................................................................ 468
Figure 294 Branch Office VPN Rule Edit ............................................................................ 469
Figure 295 VPN Rule Configured ........................................................................................ 470
Figure 296 VPN Dial ........................................................................................................... 470
List of Figures 30
Loading...