How it Works
ZyXEL
Loading...
PRESTIGE 662HW
Specifications
2 pgs174.55 Kb0
User Manual
458 pgs14.79 Mb0
User Manual
561 pgs23.87 Mb0

ZyXEL Prestige 662HW User Manual

Prestige 662HW Series
802.11g Wireless ADSL 2+ 4 Port Security Gateway
User's Guide
Version 3.40
May 2004
Copyright
Copyright © 2004 by ZyXEL Communications Corporation.
The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice. This publication is subject to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc. Other trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.
ii Copyright
Federal Communications Commission (FCC)
Interference Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:
This device may not cause harmful interference.
This device must accept any interference received, including interference that may cause
undesired operations.
This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:
1. Reorient or relocate the receiving antenna.
2. Increase the separation between the equipment and the receiver.
3. Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
4. Consult the dealer or an experienced radio/TV technician for help.
Notice 1
Changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment.
Certifications
1. Go to www.zyxel.com
2. Select your product from the drop-down list box on the ZyXEL home page to go to that product's page.
3. Select the certification you wish to view from this page
FCC Statements iii
ZyXEL Limited Warranty
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to proper operating condition. Any replacement will consist of a new or re-manufactured functionally equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.
Note
Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This warranty is in lieu of all other warranties, express or implied, including any implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect or consequential damages of any kind of character to the purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material Authorization number (RMA). Products must be returned Postage Prepaid. It is recommended that the unit be insured when shipped. Any returned products without proof of purchase or those with an out­dated warranty will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products will be shipped by ZyXEL to the corresponding return address, Postage Paid. This warranty gives you specific legal rights, and you may also have other rights that vary from country to country.
Safety Warnings
1. To reduce the risk of fire, use only No. 26 AWG or larger telephone wire.
2. Do not use this product near water, for example, in a wet basement or near a swimming pool.
3. Avoid using this product during an electrical storm. There may be a remote risk of electric shock from lightening.
iv ZyXEL Warranty
Customer Support
Please have the following information ready when you contact customer support.
Product model and serial number.
Warranty Information.
Date that you received your device.
Brief description of the problem and the steps you took to solve it.
SUPPORT E-MAIL TELEPHONE1 WEB SITE METHOD
LOCATION
WORLDWIDE
AMERICA
SALES E-MAIL FAX1 FTP SITE
support@zyxel.com.tw +886-3-578-3942 www.zyxel.com
sales@zyxel.com.tw
support@zyxel.com +1-800-255-4101
sales@zyxel.com
support@zyxel.de +49-2405-6909-0 www.zyxel.de GERMANY
sales@zyxel.de
support@zyxel.es +34 902 195 420 SPAIN
sales@zyxel.es
support@zyxel.dk +45 39 55 07 00 www.zyxel.dk DENMARK
sales@zyxel.dk
support@zyxel.no +47 22 80 61 80 www.zyxel.no NORWAY
sales@zyxel.no
support@zyxel.se +46 31 744 7700 www.zyxel.se SWEDEN
sales@zyxel.se
support@zyxel.fi +358-9-4780-8411 www.zyxel.fi FINLAND
sales@zyxel.fi
+886-3-578-2439 ftp.zyxel.com
+1-714-632-0882
+1-714-632-0858 ftp.us.zyxel.com
+49-2405-6909-99
+33 (0)4 72 52 97 97 FRANCE info@zyxel.fr
+33 (0)4 72 52 19 20
+34 913 005 345
+45 39 55 07 07
+47 22 80 61 81
+46 31 744 7701
+358-9-4780 8448
www.europe.zyxel.com
ftp.europe.zyxel.com
www.us.zyxel.com NORTH
www.zyxel.fr ZyXEL France
www.zyxel.es
ZyXEL Communications
REGULAR MAIL
ZyXEL Communications Corp. 6 Innovation Road II Science Park Hsinchu 300 Taiwan
ZyXEL Communications Inc. 1130 N. Miller St. Anaheim CA 92806-2001 U.S.A.
ZyXEL Deutschland GmbH. Adenauerstr. 20/A2 D-52146 Wuerselen Germany
1 rue des Vergers Bat. 1 / C 69760 Limonest France
Alejandro Villegas 33 1º, 28043 Madrid Spain
ZyXEL Communications A/S Columbusvej 5 2860 Soeborg Denmark
ZyXEL Communications A/S Nils Hansens vei 13 0667 Oslo Norway
ZyXEL Communications A/S Sjöporten 4, 41764 Göteborg Sweden
ZyXEL Communications Oy Malminkaari 10 00700 Helsinki Finland
1
“+” is the (prefix) number you enter to make an international telephone call.
Customer Support v
Table of Contents
Copyright......................................................................................................................................................... ii
Federal Communications Commission (FCC) Interference Statement..................................................... iii
ZyXEL Limited Warranty ............................................................................................................................ iv
Customer Support .......................................................................................................................................... v
List of Figures ............................................................................................................................................... xii
List of Tables ..............................................................................................................................................xviii
List of Charts ..............................................................................................................................................xxii
Preface ........................................................................................................................................................xxiii
Introduction to DSL ................................................................................................................................... xxv
Getting Started.................................................................................................................................................I
Chapter 1 Getting To Know Your Prestige ................................................................................................ 1-1
1.1 Introducing the Prestige.............................................................................................................. 1-1
1.2 Features of the Prestige...............................................................................................................1-1
1.3 Applications for the Prestige ......................................................................................................1-6
1.4 Prestige Hardware Installation and Connection.......................................................................... 1-7
Chapter 2 Introducing the Web Configurator ..........................................................................................2-1
2.1 Web Configurator Overview ...................................................................................................... 2-1
2.2 Accessing the Prestige Web Configurator.................................................................................. 2-1
2.3 Resetting the Prestige .................................................................................................................2-2
2.4 Navigating the Prestige Web Configurator................................................................................. 2-2
Chapter 3 Wizard Setup.............................................................................................................................. 3-1
3.1 Wizard Setup Introduction..........................................................................................................3-1
3.2 Encapsulation .............................................................................................................................3-1
3.3 Multiplexing............................................................................................................................... 3-2
3.4 VPI and VCI............................................................................................................................... 3-2
3.5 Wizard Setup Configuration: First Screen.................................................................................. 3-2
3.6 IP Address and Subnet Mask......................................................................................................3-3
3.7 IP Address Assignment ..............................................................................................................3-4
3.8 Nailed-Up Connection (PPP)......................................................................................................3-5
3.9 NAT............................................................................................................................................ 3-5
3.10 Wizard Setup Configuration: Second Screen............................................................................. 3-5
3.11 DHCP Setup .............................................................................................................................. 3-9
3.12 Wizard Setup Configuration: Third Screen ............................................................................... 3-9
3.13 Wizard Setup Configuration: Connection Tests ......................................................................3-11
3.14 Test Your Internet Connection................................................................................................. 3-12
Password, LAN , Wireless LAN and WAN .................................................................................................. II
Chapter 4 Password Setup.......................................................................................................................... 4-1
4.1 Password Overview.................................................................................................................... 4-1
4.2 Configuring Password ................................................................................................................4-1
Chapter 5 LAN Setup.................................................................................................................................. 5-1
5.1 LAN Overview ...........................................................................................................................5-1
5.2 DNS Server Address................................................................................................................... 5-1
5.3 DNS Server Address Assignment............................................................................................... 5-2
5.4 LAN TCP/IP............................................................................................................................... 5-2
5.5 Any IP.........................................................................................................................................5-3
5.6 Configuring LAN .......................................................................................................................5-5
5.7 Configuring Static DHCP........................................................................................................... 5-6
Chapter 6 Wireless LAN Setup...................................................................................................................6-1
6.1 Wireless LAN Overview ............................................................................................................6-1
6.2 Levels of Security....................................................................................................................... 6-3
6.3 Data Encryption with WEP ........................................................................................................6-3
6.4 Configuring Wireless LAN ........................................................................................................6-4
6.5 Configuring MAC Filter............................................................................................................. 6-5
vi Table of Contents
6.6 Network Authentication..............................................................................................................6-7
6.7 Introduction to WPA...................................................................................................................6-8
6.8 WPA-PSK Application Example................................................................................................6-9
6.9 WPA with RADIUS Application Example...............................................................................6-10
6.10 Security Parameters Summary .................................................................................................6-11
6.11 Wireless Client WPA Supplicants............................................................................................6-11
6.12 Configuring 802.1x and WPA..................................................................................................6-11
6.13 Configuring Local User Authentication ...................................................................................6-17
6.14 Configuring RADIUS ..............................................................................................................6-18
Chapter 7 WAN Setup .................................................................................................................................7-1
7.1 WAN Overview ..........................................................................................................................7-1
7.2 Metric..........................................................................................................................................7-1
7.3 PPPoE Encapsulation..................................................................................................................7-1
7.4 Traffic Shaping ...........................................................................................................................7-2
7.5 Zero Configuration Internet Access............................................................................................7-2
7.6 Configuring WAN Setup ............................................................................................................7-3
7.7 Traffic Redirect...........................................................................................................................7-6
7.8 Configuring WAN Backup.........................................................................................................7-7
7.9 Configuring Advanced WAN Backup ........................................................................................7-9
7.10 AT Command Strings ..............................................................................................................7-12
7.11 DTR Signal ..............................................................................................................................7-13
7.12 Response Strings ......................................................................................................................7-13
7.13 Configuring Advanced Modem Setup......................................................................................7-13
NAT, Dynamic DNS and Time and Date.................................................................................................... III
Chapter 8 Network Address Translation (NAT) Screens..........................................................................8-1
8.1 NAT Overview ...........................................................................................................................8-1
8.2 SUA (Single User Account) Versus NAT ..................................................................................8-4
8.3 SUA Server.................................................................................................................................8-4
8.4 Selecting the NAT Mode............................................................................................................8-5
8.5 Configuring SUA Server.............................................................................................................8-6
8.6 Configuring Address Mapping ...................................................................................................8-7
8.7 Editing an Address Mapping Rule..............................................................................................8-9
Chapter 9 Dynamic DNS Setup ..................................................................................................................9-1
9.1 Dynamic DNS.............................................................................................................................9-1
9.2 Configuring Dynamic DNS ........................................................................................................9-1
Chapter 10 Time and Date ........................................................................................................................10-3
10.1 Configuring Time and Date .....................................................................................................10-3
Firewall, Content Filter and Anti-Virus Packet Scan ................................................................................IV
Chapter 11 Firewalls .................................................................................................................................. 11-1
11.1 Firewall Overview....................................................................................................................11-1
11.2 Types of Firewalls....................................................................................................................11-1
11.3 Introduction to ZyXEL’s Firewall............................................................................................11-2
11.4 Denial of Service......................................................................................................................11-3
11.5 Stateful Inspection....................................................................................................................11-6
11.6 Guidelines for Enhancing Security with Your Firewall ...........................................................11-9
11.7 Packet Filtering Vs Firewall...................................................................................................11-10
Chapter 12 Firewall Configuration ..........................................................................................................12-1
12.1 Access Methods .......................................................................................................................12-1
12.2 Firewall Policies Overview ......................................................................................................12-1
12.3 Rule Logic Overview ...............................................................................................................12-2
12.4 Connection Direction ...............................................................................................................12-3
12.5 Configuring Basic Firewall Settings ........................................................................................12-4
12.6 Rule Summary .........................................................................................................................12-5
12.7 Customized Services .............................................................................................................. 12-10
12.8 Creating/Editing A Customized Service ................................................................................12-10
12.9 Example Firewall Rule...........................................................................................................12-11
Table of Contents vii
12.10 Predefined Services ............................................................................................................... 12-15
12.11 Anti-Probing ..........................................................................................................................12-17
12.12 Configuring Attack Alert ....................................................................................................... 12-18
Chapter 13 Content Filtering....................................................................................................................13-1
13.1 Content Filtering Overview .....................................................................................................13-1
13.2 Configuring Keyword Blocking .............................................................................................. 13-1
13.3 Configuring the Schedule ........................................................................................................13-2
13.4 Configuring Trusted Computers ..............................................................................................13-3
Chapter 14 Anti-Virus Packet Scan .........................................................................................................14-1
14.1 Overview ................................................................................................................................. 14-1
14.2 Signature-Based Virus Scan ....................................................................................................14-1
14.3 Introduction to the Prestige Anti-virus Packet Scan ................................................................14-2
14.4 Anti-virus Packet Scan Configuration .....................................................................................14-3
14.5 Registration and Online Update............................................................................................... 14-4
VPN/IPSec...................................................................................................................................................... V
Chapter 15 Introduction to IPSec ............................................................................................................15-1
15.1 VPN Overview......................................................................................................................... 15-1
15.2 IPSec Architecture ................................................................................................................... 15-2
15.3 Encapsulation........................................................................................................................... 15-3
15.4 IPSec and NAT ........................................................................................................................ 15-4
Chapter 16 VPN Screens........................................................................................................................... 16-1
16.1 VPN/IPSec Overview ..............................................................................................................16-1
16.2 IPSec Algorithms..................................................................................................................... 16-1
16.3 My IP Address .........................................................................................................................16-2
16.4 Secure Gateway Address .........................................................................................................16-2
16.5 VPN Summary Screen............................................................................................................. 16-2
16.6 Keep Alive ............................................................................................................................... 16-4
16.7 NAT Traversal ......................................................................................................................... 16-5
16.8 ID Type and Content ...............................................................................................................16-6
16.9 Pre-Shared Key........................................................................................................................ 16-8
16.10 Editing VPN Policies ...............................................................................................................16-8
16.11 IKE Phases............................................................................................................................. 16-12
16.12 Configuring Advanced IKE Settings .....................................................................................16-14
16.13 Manual Key Setup .................................................................................................................16-17
16.14 Configuring Manual Key .......................................................................................................16-18
16.15 Viewing SA Monitor .............................................................................................................16-20
16.16 Configuring Global Setting.................................................................................................... 16-22
16.17 Telecommuter VPN/IPSec Examples.................................................................................... 16-22
16.18 VPN and Remote Management .............................................................................................16-25
Remote Management, UPnP and Logs ....................................................................................................... VI
Chapter 17 Remote Management Configuration....................................................................................17-1
17.1 Remote Management Overview ..............................................................................................17-1
17.2 Telnet .......................................................................................................................................17-2
17.3 FTP ..........................................................................................................................................17-2
17.4 Web.......................................................................................................................................... 17-2
17.5 Configuring Remote Management........................................................................................... 17-2
Chapter 18 Universal Plug-and-Play (UPnP).......................................................................................... 18-1
18.1 Introducing Universal Plug and Play .......................................................................................18-1
18.2 UPnP and ZyXEL .................................................................................................................... 18-1
18.3 Installing UPnP in Windows Example .................................................................................... 18-2
18.4 Using UPnP in Windows XP Example .................................................................................... 18-4
Chapter 19 Logs Screens........................................................................................................................... 19-1
19.1 Logs Overview......................................................................................................................... 19-1
19.2 Configuring Log Settings......................................................................................................... 19-1
19.3 Displaying the Logs ................................................................................................................. 19-3
19.4 SMTP Error Messages .............................................................................................................19-4
viii Table of Contents
Media Bandwidth Management ................................................................................................................VII
Chapter 20 Media Bandwidth Management ...........................................................................................20-1
20.1 Bandwidth Management Overview..........................................................................................20-1
20.2 Bandwidth Classes and Filters .................................................................................................20-1
20.3 Proportional Bandwidth Allocation .........................................................................................20-1
20.4 Bandwidth Management Usage Examples...............................................................................20-2
20.5 Scheduler..................................................................................................................................20-3
20.6 Maximize Bandwidth Usage ....................................................................................................20-3
20.7 Bandwidth Borrowing..............................................................................................................20-5
20.8 Configuring Summary..............................................................................................................20-7
20.9 Configuring Class Setup ..........................................................................................................20-8
20.10 Bandwidth Monitor ................................................................................................................20-12
Maintenance .............................................................................................................................................. VIII
Chapter 21 Maintenance ...........................................................................................................................21-1
21.1 Maintenance Overview ............................................................................................................21-1
21.2 System Status Screen ...............................................................................................................21-1
21.3 DHCP Table Screen .................................................................................................................21-5
21.4 Any IP Table Screen ................................................................................................................21-6
21.5 Wireless Screen........................................................................................................................21-6
21.6 Diagnostic Screens ...................................................................................................................21-7
21.7 Firmware Screen ......................................................................................................................21-9
SMT General Configuration........................................................................................................................IX
Chapter 22 Introducing the SMT ............................................................................................................. 22-1
22.1 SMT Introduction.....................................................................................................................22-1
22.2 Navigating the SMT Interface..................................................................................................22-2
22.3 Changing the System Password ...............................................................................................22-4
Chapter 23 Menu 1 General Setup...........................................................................................................23-1
23.1 General Setup...........................................................................................................................23-1
23.2 Procedure To Configure Menu 1..............................................................................................23-1
Chapter 24 Menu 2 WAN Backup Setup .................................................................................................24-1
24.1 Introduction to WAN Backup Setup ........................................................................................24-1
24.2 Configuring Dial Backup in Menu 2........................................................................................24-1
24.3 Configuring Dial Backup Setup ...............................................................................................24-3
24.4 Advanced Dial Backup Setup ..................................................................................................24-4
Chapter 25 Menu 3 LAN Setup ................................................................................................................25-1
25.1 LAN Setup ...............................................................................................................................25-1
25.2 Protocol Dependent Ethernet Setup .........................................................................................25-2
25.3 TCP/IP Ethernet Setup and DHCP...........................................................................................25-2
Chapter 26 Wireless LAN Setup...............................................................................................................26-1
26.1 Wireless LAN Overview..........................................................................................................26-1
26.2 Wireless LAN Setup ................................................................................................................26-1
Chapter 27 Internet Access .......................................................................................................................27-1
27.1 Internet Access Overview ........................................................................................................27-1
27.2 IP Policies ................................................................................................................................27-1
27.3 IP Alias ....................................................................................................................................27-1
27.4 IP Alias Setup ..........................................................................................................................27-2
27.5 Route IP Setup .........................................................................................................................27-3
27.6 Internet Access Configuration..................................................................................................27-4
Chapter 28 Remote Node Configuration .................................................................................................28-1
28.1 Remote Node Setup Overview.................................................................................................28-1
28.2 Remote Node Setup .................................................................................................................28-1
28.3 Remote Node Network Layer Options..................................................................................... 28-5
28.4 Remote Node Filter ..................................................................................................................28-7
28.5 Editing ATM Layer Options ....................................................................................................28-8
Chapter 29 Static Route Setup..................................................................................................................29-1
29.1 IP Static Route Overview.........................................................................................................29-1
Table of Contents ix
29.2 Configuration ........................................................................................................................... 29-1
Chapter 30 Bridging Setup .......................................................................................................................30-1
30.1 Bridging in General .................................................................................................................30-1
30.2 Bridge Ethernet Setup.............................................................................................................. 30-1
Chapter 31 Network Address Translation (NAT) ...................................................................................31-1
31.1 Using NAT .............................................................................................................................. 31-1
31.2 Applying NAT .........................................................................................................................31-1
31.3 NAT Setup ............................................................................................................................... 31-3
31.4 Configuring a Server behind NAT........................................................................................... 31-8
31.5 General NAT Examples........................................................................................................... 31-9
Chapter 32 Enabling the Firewall............................................................................................................ 32-1
32.1 Remote Management and the Firewall ....................................................................................32-1
32.2 Access Methods .......................................................................................................................32-1
32.3 Enabling the Firewall............................................................................................................... 32-1
SMT Advanced Management ....................................................................................................................... X
Chapter 33 Filter Configuration............................................................................................................... 33-1
33.1 About Filtering......................................................................................................................... 33-1
33.2 Configuring a Filter Set for the Prestige ..................................................................................33-3
33.3 Filter Rules Summary Menus ..................................................................................................33-4
33.4 Configuring a Filter Rule ......................................................................................................... 33-5
33.5 Filter Types and NAT ............................................................................................................33-10
33.6 Example Filter ....................................................................................................................... 33-10
33.7 Applying Filters and Factory Defaults................................................................................... 33-13
Chapter 34 SNMP Configuration ............................................................................................................. 34-1
34.1 About SNMP ........................................................................................................................... 34-1
34.2 Supported MIBs....................................................................................................................... 34-2
34.3 SNMP Configuration ...............................................................................................................34-2
34.4 SNMP Traps ............................................................................................................................34-3
Chapter 35 System Security...................................................................................................................... 35-1
35.1 System Security .......................................................................................................................35-1
35.2 Creating User Accounts on the Prestige .................................................................................. 35-5
Chapter 36 System Information and Diagnosis ......................................................................................36-1
36.1 Overview ................................................................................................................................. 36-1
36.2 System Status........................................................................................................................... 36-1
36.3 System Information ................................................................................................................. 36-3
36.4 Log and Trace ..........................................................................................................................36-4
36.5 Diagnostic ................................................................................................................................ 36-7
Chapter 37 Firmware and Configuration File Maintenance .................................................................37-1
37.1 Filename Conventions .............................................................................................................37-1
37.2 Backup Configuration.............................................................................................................. 37-2
37.3 Restore Configuration.............................................................................................................. 37-5
37.4 Uploading Firmware and Configuration Files .........................................................................37-6
Chapter 38 System Maintenance.............................................................................................................. 38-1
38.1 Command Interpreter Mode..................................................................................................... 38-1
38.2 Call Control Support................................................................................................................ 38-2
38.3 Time and Date Setting .............................................................................................................38-3
Chapter 39 Remote Management.............................................................................................................39-1
39.1 Remote Management Overview ..............................................................................................39-1
39.2 Remote Management ...............................................................................................................39-1
39.3 Remote Management and NAT ...............................................................................................39-3
39.4 System Timeout ....................................................................................................................... 39-3
Chapter 40 IP Policy Routing ...................................................................................................................40-1
40.1 IP Policy Routing Overview ....................................................................................................40-1
40.2 Benefits of IP Policy Routing ..................................................................................................40-1
40.3 Routing Policy .........................................................................................................................40-1
40.4 IP Routing Policy Setup........................................................................................................... 40-2
x Table of Contents
40.5 Applying an IP Policy ..............................................................................................................40-5
40.6 IP Policy Routing Example ......................................................................................................40-6
Chapter 41 Call Scheduling ......................................................................................................................41-1
41.1 Introduction..............................................................................................................................41-1
SMT VPN/IPSec and Internal SPTGEN.....................................................................................................XI
Chapter 42 VPN/IPSec Setup....................................................................................................................42-1
42.1 VPN/IPSec Overview ..............................................................................................................42-1
42.2 IPSec Summary Screen............................................................................................................42-2
42.3 IPSec Setup ..............................................................................................................................42-4
42.4 IKE Setup.................................................................................................................................42-9
42.5 Manual Setup .........................................................................................................................42-10
Chapter 43 SA Monitor .............................................................................................................................43-1
43.1 SA Monitor Overview..............................................................................................................43-1
43.2 Using SA Monitor ....................................................................................................................43-1
Chapter 44 Internal SPTGEN ..................................................................................................................44-1
44.1 Internal SPTGEN Overview ....................................................................................................44-1
44.2 The Configuration Text File Format ........................................................................................44-1
44.3 Internal SPTGEN FTP Download Example.............................................................................44-2
44.4 Internal SPTGEN FTP Upload Example .................................................................................44-3
Appendices and Index.................................................................................................................................XII
Appenidx A Troubleshooting......................................................................................................................A-1
Problems Starting Up the Prestige .......................................................................................................A-1
Problems with the LAN LED...............................................................................................................A-1
Problems with the DSL LED ...............................................................................................................A-1
Problems with the LAN Interface ........................................................................................................A-2
Problems with the WAN Interface....................................................................................................... A-2
Problems with Internet Access.............................................................................................................A-2
Problems with the Password ................................................................................................................A-3
Problems with the Web Configurator...................................................................................................A-3
Problems with Remote Management ...................................................................................................A-3
Appenidx B IP Subnetting.......................................................................................................................... B-1
Appenidx C PPPoE.....................................................................................................................................C-1
Appenidx D Virtual Circuit Topology .......................................................................................................D-1
Appenidx E Example Internal SPTGEN Screens ....................................................................................E-1
Appenidx F Setting up Your Computer’s IP Address .............................................................................. F-1
Appenidx G Splitters and Microfilters......................................................................................................G-1
Appenidx H Log Descriptions....................................................................................................................H-1
Appenidx I Index ......................................................................................................................................... I-1
Table of Contents xi
List of Figures
Figure 1-1 Prestige Internet Access Application...................................................................................................1-7
Figure 1-2 Firewall Application............................................................................................................................1-7
Figure 1-3 Prestige LAN-to-LAN Application.....................................................................................................1-7
Figure 2-1 Password Screen .................................................................................................................................2-1
Figure 2-2 Change Password at Login..................................................................................................................2-2
Figure 2-3 Web Configurator SITE MAP Screen.................................................................................................2-3
Figure 3-1 Wizard Screen 1 ..................................................................................................................................3-2
Figure 3-2 Internet Connection with PPPoE.........................................................................................................3-5
Figure 3-3 Internet Connection with RFC 1483 ...................................................................................................3-6
Figure 3-4 Internet Connection with ENET ENCAP............................................................................................3-7
Figure 3-5 Internet Connection with PPPoA ........................................................................................................3-8
Figure 3-6 Wizard Screen 3 ................................................................................................................................3-10
Figure 3-7 Wizard: LAN Configuration .............................................................................................................3-10
Figure 3-8 Wizard Screen 4 ................................................................................................................................3-12
Figure 4-1 Password .............................................................................................................................................4-1
Figure 5-1 LAN and WAN IP Addresses ..............................................................................................................5-1
Figure 5-2 LAN Setup ..........................................................................................................................................5-5
Figure 5-3 LAN: Static DHCP..............................................................................................................................5-7
Figure 6-1 RTS/CTS.............................................................................................................................................6-2
Figure 6-2 Prestige Wireless Security Levels .......................................................................................................6-3
Figure 6-3 Wireless...............................................................................................................................................6-4
Figure 6-4 MAC Address Filter............................................................................................................................6-6
Figure 6-5 EAP Authentication.............................................................................................................................6-8
Figure 6-6 WPA - PSK Authentication ...............................................................................................................6-10
Figure 6-7 WPA with RADIUS Application Example........................................................................................6-10
Figure 6-8 Wireless LAN: 802.1x/WPA .............................................................................................................6-12
Figure 6-9 Wireless LAN: 802.1x/WPA for 802.1x Protocol .............................................................................6-13
Figure 6-10 Wireless LAN: 802.1x/WPA for WPA Protocol..............................................................................6-15
Figure 6-11 Wireless LAN: 802.1x/WPA for WPA-PSK Protocol .....................................................................6-16
Figure 6-12 Local User Database .......................................................................................................................6-17
Figure 6-13 RADIUS..........................................................................................................................................6-18
Figure 7-1 Example of Traffic Shaping ................................................................................................................7-2
Figure 7-2 WAN Setup (PPPoE)...........................................................................................................................7-3
Figure 7-3 Traffic Redirect Example....................................................................................................................7-6
Figure 7-4 Traffic Redirect LAN Setup................................................................................................................7-7
Figure 7-5 WAN Backup ......................................................................................................................................7-7
Figure 7-6 Advanced WAN Backup ...................................................................................................................7-10
Figure 7-7 Advanced Modem Setup ...................................................................................................................7-13
Figure 8-1 How NAT Works.................................................................................................................................8-2
xii List of Figures
Figure 8-2 NAT Application With IP Alias .......................................................................................................... 8-3
Figure 8-3 Multiple Servers Behind NAT Example............................................................................................. 8-5
Figure 8-4 NAT Mode.......................................................................................................................................... 8-6
Figure 8-5 Edit SUA/NAT Server Set.................................................................................................................. 8-7
Figure 8-6 Address Mapping Rules ..................................................................................................................... 8-8
Figure 8-7 Address Mapping Rule Edit ............................................................................................................... 8-9
Figure 9-1 Dynamic DNS .................................................................................................................................... 9-1
Figure 10-1 Time and Date ................................................................................................................................ 10-3
Figure 11-1 Prestige Firewall Application ......................................................................................................... 11-2
Figure 11-2 Three-Way Handshake ................................................................................................................... 11-4
Figure 11-3 SYN Flood...................................................................................................................................... 11-4
Figure 11-4 Smurf Attack .................................................................................................................................. 11-5
Figure 11-5 Stateful Inspection.......................................................................................................................... 11-6
Figure 12-1 LAN to WAN Traffic...................................................................................................................... 12-3
Figure 12-2 WAN to LAN Traffic...................................................................................................................... 12-4
Figure 12-3 Firewall: Default Policy ................................................................................................................. 12-4
Figure 12-4 Firewall: Rule Summary ................................................................................................................ 12-6
Figure 12-5 Firewall: Edit Rule ......................................................................................................................... 12-8
Figure 12-6 Firewall: Customized Services..................................................................................................... 12-10
Figure 12-7 Firewall: Configure Customized Services.................................................................................... 12-11
Figure 12-8 Firewall Example: Rule Summary ............................................................................................... 12-12
Figure 12-9 Firewall Example: Edit Rule: Destination Address...................................................................... 12-12
Figure 12-10 Edit Custom Port Example......................................................................................................... 12-13
Figure 12-11 Firewall Example: Edit Rule: Select Customized Services ........................................................ 12-14
Figure 12-12 Firewall Example: Rule Summary: My Service......................................................................... 12-15
Figure 12-13 Firewall: Anti-Probing................................................................................................................ 12-18
Figure 12-14 Firewall: Threshold .................................................................................................................... 12-20
Figure 13-1 Content Filter: Keyword................................................................................................................. 13-1
Figure 13-2 Content Filter: Schedule................................................................................................................. 13-2
Figure 13-3 Content Filter: Trusted ................................................................................................................... 13-3
Figure 14-1 Anti-virus Packet Scan Example .................................................................................................... 14-2
Figure 14-2 Anti Virus: Packet Scan.................................................................................................................. 14-3
Figure 14-3 Anti Virus: Registration and Virus Information Update ................................................................. 14-4
Figure 14-4 Virus Scan Update in Progress ....................................................................................................... 14-5
Figure 14-5 Virus Scan Update Successful........................................................................................................ 14-6
Figure 15-1 Encryption and Decryption ............................................................................................................ 15-2
Figure 15-2 IPSec Architecture.......................................................................................................................... 15-3
Figure 15-3 Transport and Tunnel Mode IPSec Encapsulation.......................................................................... 15-3
Figure 16-1 IPSec Summary Fields ................................................................................................................... 16-3
Figure 16-2 VPN Summary ............................................................................................................................... 16-3
Figure 16-3 NAT Router Between IPSec Routers.............................................................................................. 16-5
Figure 16-4 VPN Host using Intranet DNS Server Example............................................................................. 16-6
List of Figures xiii
Figure 16-5 VPN IKE.........................................................................................................................................16-8
Figure 16-6 Two Phases to Set Up the IPSec SA .............................................................................................16-13
Figure 16-7 VPN IKE: Advanced Setup...........................................................................................................16-15
Figure 16-8 VPN: Manual Key.........................................................................................................................16-18
Figure 16-9 VPN: SA Monitor..........................................................................................................................16-21
Figure 16-10 VPN: Global Setting ...................................................................................................................16-22
Figure 16-11 Telecommuters Sharing One VPN Rule Example.......................................................................16-23
Figure 16-12 Telecommuters Using Unique VPN Rules Example...................................................................16-24
Figure 17-1 Telnet Configuration on a TCP/IP Network ....................................................................................17-2
Figure 17-2 Remote Management ......................................................................................................................17-2
Figure 18-1 Configuring UPnP...........................................................................................................................18-2
Figure 19-1 Log Settings ....................................................................................................................................19-2
Figure 19-2 View Logs .......................................................................................................................................19-4
Figure 19-3 E-mail Log Example.......................................................................................................................19-5
Figure 20-1 Application-based Bandwidth Management Example ....................................................................20-2
Figure 20-2 Subnet-based Bandwidth Management Example............................................................................20-2
Figure 20-3 Application and Subnet-based Bandwidth Management Example..................................................20-3
Figure 20-4 Bandwidth Allotment Example .......................................................................................................20-4
Figure 20-5 Maximize Bandwidth Usage Example............................................................................................20-5
Figure 20-6 Bandwidth Borrowing Example......................................................................................................20-6
Figure 20-7 Media Bandwidth Management: Summary.....................................................................................20-7
Figure 20-8 Media Bandwidth Management: Class Setup .................................................................................20-8
Figure 20-9 Media Bandwidth Management: Class Configuration....................................................................20-9
Figure 20-10 Media Bandwidth Management Statistics...................................................................................20-11
Figure 20-11 Media Bandwidth Management: Monitor ...................................................................................20-12
Figure 21-1 System Status..................................................................................................................................21-2
Figure 21-2 System Status: Show Statistics........................................................................................................21-4
Figure 21-3 DHCP Table ....................................................................................................................................21-5
Figure 21-4 Any IP Table....................................................................................................................................21-6
Figure 21-5 Association List...............................................................................................................................21-7
Figure 21-6 Diagnostic: General ........................................................................................................................21-8
Figure 21-7 Diagnostic: DSL Line .....................................................................................................................21-9
Figure 21-8 Firmware Upgrade ........................................................................................................................21-10
Figure 21-9 Network Temporarily Disconnected .............................................................................................21-11
Figure 21-10 Error Message ............................................................................................................................. 21-11
Figure 22-1 Login Screen ...................................................................................................................................22-1
Figure 22-2 Prestige SMT Menu Overview........................................................................................................22-2
Figure 22-3 SMT Main Menu.............................................................................................................................22-3
Figure 22-4 Menu 23.1 Change Password..........................................................................................................22-4
Figure 23-1 Menu 1 General Setup.....................................................................................................................23-1
Figure 23-2 Menu 1.1 Configure Dynamic DNS................................................................................................23-2
Figure 24-1 Menu 2 WAN Backup Setup...........................................................................................................24-1
xiv List of Figures
Figure 24-2 Menu 2.1Traffic Redirect Setup ..................................................................................................... 24-2
Figure 24-3 Menu 2.2 Dial Backup Setup ......................................................................................................... 24-3
Figure 24-4 Menu 2.2.1 Advanced Dial Backup Setup...................................................................................... 24-4
Figure 25-1 Menu 3 LAN Setup ........................................................................................................................ 25-1
Figure 25-2 Menu 3.1 LAN Port Filter Setup .................................................................................................... 25-1
Figure 25-3 Menu 3.2 TCP/IP and DHCP Ethernet Setup ................................................................................. 25-2
Figure 26-1 Menu 3.5 - Wireless LAN Setup .................................................................................................... 26-1
Figure 26-2 Menu 3.5.1 WLAN MAC Address Filtering .................................................................................. 26-3
Figure 27-1 Physical Network Figure 27-2 Partitioned Logical Networks............................... 27-1
Figure 27-3 Menu 3.2 TCP/IP and DHCP Setup................................................................................................ 27-2
Figure 27-4 Menu 3.2.1 IP Alias Setup .............................................................................................................. 27-3
Figure 27-5 Menu 1 General Setup.................................................................................................................... 27-4
Figure 27-6 Menu 4 Internet Access Setup........................................................................................................ 27-4
Figure 28-1 Menu 11 Remote Node Setup......................................................................................................... 28-2
Figure 28-2 Menu 11.1 Remote Node Profile.................................................................................................... 28-3
Figure 28-3 Menu 11.3 Remote Node Network Layer Options.........................................................................28-5
Figure 28-4 Sample IP Addresses for a TCP/IP LAN-to-LAN Connection....................................................... 28-7
Figure 28-5 Menu 11.5 Remote Node Filter (RFC 1483 or ENET Encapsulation) ........................................... 28-7
Figure 28-6 Menu 11.5 Remote Node Filter (PPPoA or PPPoE Encapsulation) ............................................... 28-8
Figure 28-7 Menu 11.6 for VC-based Multiplexing .......................................................................................... 28-8
Figure 28-8 Menu 11.6 for LLC-based Multiplexing or PPP Encapsulation ..................................................... 28-9
Figure 28-9 Menu 11.1 Remote Node Profile.................................................................................................... 28-9
Figure 28-10 Menu 11.8 Advance Setup Options ............................................................................................ 28-10
Figure 29-1 Sample Static Routing Topology .................................................................................................... 29-1
Figure 29-2 Menu 12 Static Route Setup........................................................................................................... 29-2
Figure 29-3 Menu 12.1 IP Static Route Setup.................................................................................................... 29-2
Figure 29-4 Menu12.1.1 Edit IP Static Route.................................................................................................... 29-3
Figure 30-1 Menu 11.1 Remote Node Profile.................................................................................................... 30-2
Figure 30-2 Menu 11.3 Remote Node Network Layer Options.........................................................................30-2
Figure 30-3 Menu 12.3.1 Edit Bridge Static Route............................................................................................ 30-3
Figure 31-1 Menu 4 Applying NAT for Internet Access .................................................................................... 31-2
Figure 31-2 Applying NAT in Menus 4 & 11.3 ................................................................................................. 31-3
Figure 31-3 Menu 15 NAT Setup....................................................................................................................... 31-4
Figure 31-4 Menu 15.1 Address Mapping Sets.................................................................................................. 31-4
Figure 31-5 Menu 15.1.255 SUA Address Mapping Rules................................................................................ 31-5
Figure 31-6 Menu 15.1.1 First Set ..................................................................................................................... 31-6
Figure 31-7 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set.................................................... 31-7
Figure 31-8 Menu 15.2 NAT Server Setup ........................................................................................................ 31-8
Figure 31-9 Menu 15.2.1 NAT Server Setup ..................................................................................................... 31-9
Figure 31-10 Multiple Servers Behind NAT Example....................................................................................... 31-9
Figure 31-11 NAT Example 1.......................................................................................................................... 31-10
Figure 31-12 Menu 4 Internet Access & NAT Example .................................................................................. 31-10
List of Figures xv
Figure 31-13 NAT Example 2...........................................................................................................................31-11
Figure 31-14 Menu 15.2.1 Specifying an Inside Server ...................................................................................31-11
Figure 31-15 NAT Example 3...........................................................................................................................31-12
Figure 31-16 Example 3: Menu 11.3................................................................................................................31-13
Figure 31-17 Example 3: Menu 15.1.1.1 ..........................................................................................................31-13
Figure 31-18 Example 3: Final Menu 15.1.1....................................................................................................31-14
Figure 31-19 NAT Example 4...........................................................................................................................31-15
Figure 31-20 Example 4: Menu 15.1.1.1 Address Mapping Rule ....................................................................31-16
Figure 31-21 Example 4: Menu 15.1.1 Address Mapping Rules......................................................................31-16
Figure 32-1 Menu 21.2 Firewall Setup...............................................................................................................32-2
Figure 33-1 Outgoing Packet Filtering Process..................................................................................................33-1
Figure 33-2 Filter Rule Process ..........................................................................................................................33-2
Figure 33-3 Menu 21 Filter Set Configuration ...................................................................................................33-3
Figure 33-4 NetBIOS_WAN Filter Rules Summary...........................................................................................33-3
Figure 33-5 NetBIOS_LAN Filter Rules Summary ...........................................................................................33-4
Figure 33-6 IGMP Filter Rules Summary ..........................................................................................................33-4
Figure 33-7 Menu 21.1.x.1 TCP/IP Filter Rule ..................................................................................................33-6
Figure 33-8 Executing an IP Filter......................................................................................................................33-8
Figure 33-9 Menu 21.1.5.1 Generic Filter Rule..................................................................................................33-9
Figure 33-10 Protocol and Device Filter Sets...................................................................................................33-10
Figure 33-11 Sample Telnet Filter ....................................................................................................................33-11
Figure 33-12 Menu 21.1.6.1 Sample Filter.......................................................................................................33-12
Figure 33-13 Menu 21.1.6.1 Sample Filter Rules Summary ............................................................................33-13
Figure 33-14 Filtering Ethernet Traffic.............................................................................................................33-14
Figure 33-15 Filtering Remote Node Traffic....................................................................................................33-14
Figure 34-1 SNMP Management Model.............................................................................................................34-1
Figure 34-2 Menu 22 SNMP Configuration .......................................................................................................34-2
Figure 35-1 Menu 23 – System Security ............................................................................................................35-1
Figure 35-2 Menu 23 System Security ...............................................................................................................35-1
Figure 35-3 Menu 23.2 System Security : RADIUS Server...............................................................................35-2
Figure 35-4 Menu 23 System Security ...............................................................................................................35-3
Figure 35-5 Menu 23.4 System Security : IEEE802.1x......................................................................................35-3
Figure 35-6 Menu 14 Dial-in User Setup ...........................................................................................................35-6
Figure 35-7 Menu 14.1 Edit Dial-in User...........................................................................................................35-6
Figure 36-1 Menu 24 System Maintenance........................................................................................................36-1
Figure 36-2 Menu 24.1 System Maintenance : Status ........................................................................................36-2
Figure 36-3 Menu 24.2 System Information and Console Port Speed ...............................................................36-3
Figure 36-4 Menu 24.2.1 System Maintenance: Information .............................................................................36-3
Figure 36-5 Menu 24.2.2 System Maintenance : Change Console Port Speed...................................................36-4
Figure 36-6 Menu 24.3 System Maintenance : Log and Trace...........................................................................36-5
Figure 36-7 Sample Error and Information Messages........................................................................................36-5
Figure 36-8 Menu 24.3.2 System Maintenance: Syslog and Accounting...........................................................36-5
xvi List of Figures
Figure 36-9 Menu 24.4 System Maintenance : Diagnostic................................................................................ 36-7
Figure 37-1 Telnet in Menu 24.5........................................................................................................................ 37-2
Figure 37-2 FTP Session Example..................................................................................................................... 37-3
Figure 37-3 Telnet into Menu 24.6 .................................................................................................................... 37-5
Figure 37-4 Restore Using FTP Session Example ............................................................................................. 37-6
Figure 37-5 Telnet Into Menu 24.7.1 Upload System Firmware ....................................................................... 37-7
Figure 37-6 Telnet Into Menu 24.7.2 System Maintenance ............................................................................... 37-7
Figure 37-7 FTP Session Example of Firmware File Upload............................................................................ 37-8
Figure 38-1 Command Mode in Menu 24.......................................................................................................... 38-1
Figure 38-2 Valid Commands ............................................................................................................................ 38-2
Figure 38-3 Menu 24.9 System Maintenance : Call Control ............................................................................. 38-2
Figure 38-4 Menu 24.9.1 System Maintenance : Budget Management............................................................. 38-3
Figure 38-5 Menu 24 System Maintenance ....................................................................................................... 38-4
Figure 38-6 Menu 24.10 System Maintenance: Time and Date Setting............................................................. 38-4
Figure 39-1 Menu 24.11 Remote Management Control .................................................................................... 39-2
Figure 40-1 Menu 25 IP Routing Policy Setup .................................................................................................. 40-2
Figure 40-2 Menu 25.1 IP Routing Policy Setup ............................................................................................... 40-3
Figure 40-3 Menu 25.1.1 IP Routing Policy ...................................................................................................... 40-4
Figure 40-4 Menu 3.2 TCP/IP and DHCP Ethernet Setup ................................................................................. 40-5
Figure 40-5 Menu 11.3 Remote Node Network Layer Options.........................................................................40-6
Figure 40-6 Example of IP Policy Routing........................................................................................................ 40-6
Figure 40-7 IP Routing Policy Example ............................................................................................................ 40-7
Figure 40-8 IP Routing Policy Example ............................................................................................................ 40-8
Figure 40-9 Applying IP Policies Example........................................................................................................ 40-8
Figure 41-1 Menu 26 Schedule Setup................................................................................................................ 41-1
Figure 41-2 Menu 26.1 Schedule Set Setup....................................................................................................... 41-2
Figure 41-3 Applying Schedule Set(s) to a Remote Node (PPPoE)...................................................................41-3
Figure 42-1 VPN SMT Menu Tree .................................................................................................................... 42-1
Figure 42-2 Menu 27 VPN/IPSec Setup ............................................................................................................ 42-2
Figure 42-3 Menu 27.1 IPSec Summary............................................................................................................ 42-2
Figure 42-4 Menu 27.1.1 IPSec Setup ............................................................................................................... 42-5
Figure 42-5 Menu 27.1.1.1 IKE Setup............................................................................................................... 42-9
Figure 42-6 Menu 27.1.1.2 Manual Setup ....................................................................................................... 42-11
Figure 43-1 Menu 27.2 SA Monitor................................................................................................................... 43-1
Figure 44-1 Configuration Text File Format: Column Descriptions.................................................................. 44-1
Figure 44-2 Invalid Parameter Entered: Command Line Example.................................................................... 44-2
Figure 44-3 Valid Parameter Entered: Command Line Example.......................................................................44-2
Figure 44-4 Internal SPTGEN FTP Download Example................................................................................... 44-2
Figure 44-5 Internal SPTGEN FTP Upload Example........................................................................................ 44-3
List of Figures xvii
List of Tables
Table 2-1 Web Configurator Screens Summary....................................................................................................2-3
Table 3-1 Wizard Screen 1....................................................................................................................................3-3
Table 3-2 Internet Connection with PPPoE ..........................................................................................................3-6
Table 3-3 Internet Connection with RFC 1483.....................................................................................................3-6
Table 3-4 Internet Connection with ENET ENCAP .............................................................................................3-7
Table 3-5 Internet Connection with PPPoA..........................................................................................................3-8
Table 3-6 Wizard: LAN Configuration...............................................................................................................3-11
Table 4-1 Password...............................................................................................................................................4-1
Table 5-1 LAN Setup............................................................................................................................................5-5
Table 5-2 LAN: Static DHCP...............................................................................................................................5-7
Table 6-1 Wireless ................................................................................................................................................6-4
Table 6-2 MAC Address Filter..............................................................................................................................6-6
Table 6-3 Wireless Security Relational Matrix...................................................................................................6-11
Table 6-4 Wireless LAN: 802.1x/WPA...............................................................................................................6-12
Table 6-5 Wireless LAN: 802.1x/WPA for 802.1x Protocol...............................................................................6-13
Table 6-6 Wireless LAN: 802.1x/WPA for WPA Protocol..................................................................................6-15
Table 6-7 Wireless LAN: 802.1x/WPA for WPA-PSK Protocol.........................................................................6-16
Table 6-8 Local User Database...........................................................................................................................6-18
Table 6-9 RADIUS .............................................................................................................................................6-18
Table 7-1 WAN Setup...........................................................................................................................................7-4
Table 7-2 WAN Backup........................................................................................................................................7-8
Table 7-3 Advanced WAN Backup.....................................................................................................................7-10
Table 7-4 Advanced Modem Setup.....................................................................................................................7-14
Table 8-1 NAT Definitions ...................................................................................................................................8-1
Table 8-2 NAT Mapping Types.............................................................................................................................8-3
Table 8-3 Services and Port Numbers...................................................................................................................8-5
Table 8-4 NAT Mode ............................................................................................................................................8-6
Table 8-5 Edit SUA/NAT Server Set ....................................................................................................................8-7
Table 8-6 Address Mapping Rules........................................................................................................................8-8
Table 8-7 Address Mapping Rule Edit................................................................................................................8-10
Table 9-1 Dynamic DNS ......................................................................................................................................9-2
Table 10-1 Time and Date...................................................................................................................................10-3
Table 11-1 Common IP Ports..............................................................................................................................11-3
Table 11-2 ICMP Commands That Trigger Alerts ..............................................................................................11-5
Table 11-3 Legal NetBIOS Commands ..............................................................................................................11-5
Table 11-4 Legal SMTP Commands...................................................................................................................11-5
Table 12-1 Firewall: Default Policy....................................................................................................................12-4
Table 12-2 Rule Summary..................................................................................................................................12-6
Table 12-3 Firewall: Edit Rule............................................................................................................................12-9
xviii List of Tables
Table 12-4 Customized Services...................................................................................................................... 12-10
Table 12-5 Firewall: Configure Customized Services ..................................................................................... 12-11
Table 12-6 Predefined Services........................................................................................................................ 12-15
Table 12-7 Firewall: Anti-Probing ................................................................................................................... 12-18
Table 12-8 Firewall: Threshold........................................................................................................................ 12-20
Table 13-1 Content Filter: Keyword .................................................................................................................. 13-2
Table 13-2 Content Filter: Schedule .................................................................................................................. 13-3
Table 13-3 Content Filter: Trusted..................................................................................................................... 13-3
Table 14-1 Common Computer Virus Types...................................................................................................... 14-1
Table 14-2 Anti Virus: Packet Scan.................................................................................................................... 14-3
Table 14-3 Anti Virus: Registration and Virus Information Update................................................................... 14-4
Table 15-1 VPN and NAT.................................................................................................................................. 15-5
Table 16-1 AH and ESP ..................................................................................................................................... 16-1
Table 16-2 VPN Summary................................................................................................................................. 16-4
Table 16-3 Local ID Type and Content Fields ................................................................................................... 16-6
Table 16-4 Peer ID Type and Content Fields ..................................................................................................... 16-7
Table 16-5 Matching ID Type and Content Configuration Example ................................................................. 16-7
Table 16-6 Mismatching ID Type and Content Configuration Example............................................................ 16-7
Table 16-7 VPN IKE.......................................................................................................................................... 16-9
Table 16-8 VPN IKE: Advanced Setup............................................................................................................ 16-15
Table 16-9 VPN: Manual Key.......................................................................................................................... 16-18
Table 16-10 VPN: SA Monitor ........................................................................................................................ 16-21
Table 16-11 VPN: Global Setting .................................................................................................................... 16-22
Table 16-12 Telecommuters Sharing One VPN Rule Example........................................................................ 16-23
Table 16-13 Telecommuters Using Unique VPN Rules Example.................................................................... 16-24
Table 17-1 Remote Management ....................................................................................................................... 17-3
Table 18-1 Configuring UPnP............................................................................................................................ 18-2
Table 19-1 Log Settings ..................................................................................................................................... 19-2
Table 19-2 View Logs ........................................................................................................................................ 19-4
Table 19-3 SMTP Error Messages ..................................................................................................................... 19-5
Table 20-1 Application and Subnet-based Bandwidth Management Example .................................................. 20-2
Table 20-2 Media Bandwidth Management: Summary ..................................................................................... 20-7
Table 20-3 Media Bandwidth Management: Class Setup .................................................................................. 20-9
Table 20-4 Media Bandwidth Management: Class Configuration................................................................... 20-10
Table 20-5 Services and Port Numbers............................................................................................................ 20-11
Table 20-6 Media Bandwidth Management Statistics...................................................................................... 20-11
Table 20-7 Media Bandwidth Management: Monitor...................................................................................... 20-12
Table 21-1 System Status................................................................................................................................... 21-2
Table 21-2 System Status: Show Statistics......................................................................................................... 21-4
Table 21-3 DHCP Table ..................................................................................................................................... 21-5
Table 21-4 Any IP Table..................................................................................................................................... 21-6
Table 21-5 Association List................................................................................................................................ 21-7
List of Tables xix
Table 21-6 Diagnostic: General ..........................................................................................................................21-8
Table 21-7 Diagnostic: DSL Line.......................................................................................................................21-9
Table 21-8 Firmware Upgrade..........................................................................................................................21-10
Table 22-1 Main Menu Commands ....................................................................................................................22-2
Table 22-2 Main Menu Summary.......................................................................................................................22-3
Table 23-1 Menu 1 General Setup......................................................................................................................23-2
Table 23-2 Menu 1.1 Configure Dynamic DNS .................................................................................................23-3
Table 24-1 Menu 2 WAN Backup Setup.............................................................................................................24-1
Table 24-2 Menu 2.1Traffic Redirect Setup .......................................................................................................24-2
Table 24-3 Menu 2.2 Dial Backup Setup............................................................................................................24-3
Table 24-4 Menu 2.2.1 Advanced Dial Backup Setup: AT Commands Fields....................................................24-4
Table 24-5 Menu 2.2.1 Advanced Dial Backup Setup: Call Control Parameters ...............................................24-5
Table 25-1 DHCP Ethernet Setup.......................................................................................................................25-2
Table 25-2 TCP/IP Ethernet Setup......................................................................................................................25-3
Table 26-1 Menu 3.5 - Wireless LAN Setup.......................................................................................................26-1
Table 26-2 Menu 3.5.1 WLAN MAC Address Filtering ....................................................................................26-3
Table 27-1 Menu 3.2.1 IP Alias Setup ................................................................................................................27-3
Table 27-2 Menu 4 Internet Access Setup ..........................................................................................................27-5
Table 28-1 Menu 11.1 Remote Node Profile ......................................................................................................28-3
Table 28-2 Menu 11.3 Remote Node Network Layer Options ...........................................................................28-5
Table 28-3 Menu 11.8 Advance Setup Options ................................................................................................28-10
Table 29-1 Menu12.1.1 Edit IP Static Route ......................................................................................................29-3
Table 30-1 Remote Node Network Layer Options: Bridge Fields......................................................................30-3
Table 30-2 Menu 12.3.1 Edit Bridge Static Route..............................................................................................30-3
Table 31-1 Applying NAT in Menus 4 & 11.3....................................................................................................31-3
Table 31-2 SUA Address Mapping Rules ...........................................................................................................31-5
Table 31-3 Menu 15.1.1 First Set .......................................................................................................................31-6
Table 31-4 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set ......................................................31-7
Table 33-1 Abbreviations Used in the Filter Rules Summary Menu ..................................................................33-4
Table 33-2 Rule Abbreviations Used ..................................................................................................................33-5
Table 33-3 Menu 21.1.x.1 TCP/IP Filter Rule....................................................................................................33-6
Table 33-4 Menu 21.1.5.1 Generic Filter Rule ...................................................................................................33-9
Table 33-5 Filter Sets Table ..............................................................................................................................33-13
Table 34-1 Menu 22 SNMP Configuration.........................................................................................................34-2
Table 34-2 SNMP Traps .....................................................................................................................................34-3
Table 34-3 Ports and Permanent Virtual Circuits................................................................................................34-3
Table 35-1 Menu 23.2 System Security : RADIUS Server.................................................................................35-2
Table 35-2 Menu 23.4 System Security : IEEE802.1x .......................................................................................35-3
Table 35-3 Menu 14.1 Edit Dial-in User ............................................................................................................35-6
Table 36-1 Menu 24.1 System Maintenance : Status..........................................................................................36-2
Table 36-2 Menu 24.2.1 System Maintenance: Information...............................................................................36-4
Table 36-3 Menu 24.3.2 System Maintenance : Syslog and Accounting............................................................36-6
xx List of Tables
Table 36-4 Menu 24.4 System Maintenance Menu : Diagnostic .......................................................................36-8
Table 37-1 Filename Conventions ..................................................................................................................... 37-2
Table 37-2 General Commands for GUI-based FTP Clients.............................................................................. 37-3
Table 37-3 General Commands for GUI-based TFTP Clients ........................................................................... 37-4
Table 38-1 Menu 24.9.1 System Maintenance : Budget Management............................................................... 38-3
Table 38-2 Menu 24.10 System Maintenance: Time and Date Setting .............................................................. 38-5
Table 39-1 Menu 24.11 Remote Management Control...................................................................................... 39-2
Table 40-1 Menu 25.1 IP Routing Policy Setup................................................................................................. 40-3
Table 40-2 Menu 25.1.1 IP Routing Policy........................................................................................................ 40-4
Table 41-1 Menu 26.1 Schedule Set Setup ........................................................................................................ 41-2
Table 42-1 Menu 27.1 IPSec Summary ............................................................................................................. 42-2
Table 42-2 Menu 27.1.1 IPSec Setup................................................................................................................. 42-5
Table 42-3 Menu 27.1.1.1 IKE Setup ................................................................................................................ 42-9
Table 42-4 Active Protocol: Encapsulation and Security Protocol .................................................................. 42-10
Table 42-5 Menu 27.1.1.2 Manual Setup......................................................................................................... 42-11
Table 43-1 Menu 27.2 SA Monitor .................................................................................................................... 43-1
List of Tables xxi
List of Charts
Chart A-1 Troubleshooting the Start-Up of Your Prestige...................................................................................A-1
Chart A-2 Troubleshooting the LAN LED ..........................................................................................................A-1
Chart A-3 Troubleshooting the DSL LED ...........................................................................................................A-1
Chart A-4 Troubleshooting the LAN Interface....................................................................................................A-2
Chart A-5 Troubleshooting the WAN Interface ...................................................................................................A-2
Chart A-6 Troubleshooting Internet Access.........................................................................................................A-2
Chart A-7 Troubleshooting the Password ............................................................................................................A-3
Chart A-8 Troubleshooting the Web Configurator...............................................................................................A-3
Chart A-9 Troubleshooting Remote Management ...............................................................................................A-3
Chart B-1 Classes of IP Addresses....................................................................................................................... B-1
Chart B-2 Allowed IP Address Range By Class ..................................................................................................B-2
Chart B-3 “Natural” Masks .................................................................................................................................B-2
Chart B-4 Alternative Subnet Mask Notation...................................................................................................... B-2
Chart B-5 Subnet 1 ..............................................................................................................................................B-3
Chart B-6 Subnet 2 ..............................................................................................................................................B-3
Chart B-7 Subnet 1 ..............................................................................................................................................B-4
Chart B-8 Subnet 2 ..............................................................................................................................................B-4
Chart B-9 Subnet 3 ..............................................................................................................................................B-4
Chart B-10 Subnet 4 ............................................................................................................................................B-5
Chart B-11 Eight Subnets .................................................................................................................................... B-5
Chart B-12 Class C Subnet Planning................................................................................................................... B-5
Chart B-13 Class B Subnet Planning................................................................................................................... B-6
Chart H-1 System Maintenance Logs.................................................................................................................. H-1
Chart H-2 UPnP Logs..........................................................................................................................................H-1
Chart H-3 Content Filtering Logs........................................................................................................................H-2
Chart H-4 Attack Logs.........................................................................................................................................H-2
Chart H-5 Access Logs ........................................................................................................................................H-3
Chart H-6 TCP Reset Logs ..................................................................................................................................H-4
Chart H-7 ICMP Notes........................................................................................................................................H-4
xxii Lists of Charts
Preface
Congratulations on your purchase of the Prestige 662HW Series 802.11g Wireless ADSL 2+ 4 Port Security Gateway.
Register your product online to receive e-mail notices of
firmware upgrades and information at www.zyxel.com for global products, or at www.us.zyxel.com
Your Prestige is easy to install and configure.
for North American products.
About This User's Guide
This manual is designed to guide you through the configuration of your Prestige for its various applications. The web configurator parts of this guide contain background information on features configurable by web configurator. The SMT parts of this guide contain background information solely on features not configurable by web configurator.
Use the web configurator, System Management Terminal (SMT)
or command interpreter interface to configure your Prestige. Not all features can be configured through all interfaces.
Related Documentation
Supporting Disk
Refer to the included CD for support documents.
Compact Guide
The Compact Guide is designed to help you get up and running right away. They contain
connection information and instructions on getting started.
Web Configurator Online Help
Embedded web help for descriptions of individual screens and supplementary information.
ZyXEL Glossary and Web Site
Please refer to www.zyxel.com support documentation.
for an online glossary of networking terms and additional
User Guide Feedback
Help us help you! E-mail all User Guide-related comments, questions or suggestions for improvement to techwriters@zyxel.com.tw or send regular mail to The Technical Writing Team, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you!
Syntax Conventions
“Enter” means for you to type one or more characters. “Select” or “Choose” means for you to use one predefined choices.
The SMT menu titles and labels are in Bold Times New Roman font. Predefined field choices are in Bold Arial font. Command and arrow keys are enclosed in square brackets. [ENTER] means
Preface xxiii
the Enter, or carriage return key; [ESC] means the Escape key and [SPACE BAR] means the Space Bar.
Mouse action sequences are denoted using a comma. For example, “click the Apple icon, Control Panels and then Modem” means first click the Apple icon, then point your mouse pointer to Control Panels and then click Modem.
For brevity’s sake, we will use “e.g.,” as a shorthand for “for instance”, and “i.e.,” for “that is” or “in other words” throughout this manual.
The Prestige 662HW series 802.11g Wireless ADSL 2+ 4 Port Security Gateway may be referred to as the Prestige in this user’s guide. This refers to both models (ADSL over POTS and ADSL over ISDN) unless specifically identified.
Graphics Icons Key
Prestige
Server
Telephone
Wireless Signal
Computer
DSLAM
Switch
Notebook computer
Firewall
Router
The following section offers some background information on
DSL. Skip to Chapter 1 if you wish to begin working with your router right away.
xxiv Preface
Introduction to DSL
DSL (Digital Subscriber Line) technology enhances the data capacity of the existing twisted-pair wire that runs between the local telephone company switching offices and most homes and offices. While the wire itself can handle higher frequencies, the telephone switching equipment is designed to cut off signals above 4,000 Hz to filter noise off the voice line, but now everybody is searching for ways to get more bandwidth to improve access to the Web - hence DSL technologies.
There are actually seven types of DSL service, ranging in speeds from 16 Kbits/sec to 52 Mbits/sec. The services are either symmetrical (traffic flows at the same speed in both directions), or asymmetrical (the downstream capacity is higher than the upstream capacity). Asymmetrical services (ADSL) are suitable for Internet users because more information is usually downloaded than uploaded. For example, a simple button click in a web browser can start an extended download that includes graphics and text.
As data rates increase, the carrying distance decreases. That means that users who are beyond a certain distance from the telephone company’s central office may not be able to obtain the higher speeds.
A DSL connection is a point-to-point dedicated circuit, meaning that the link is always up and there is no dialing required.
Introduction to ADSL
It is an asymmetrical technology, meaning that the downstream data rate is much higher than the upstream data rate. As mentioned, this works well for a typical Internet session in which more information is downloaded, for example, from Web servers, than is uploaded. ADSL operates in a frequency range that is above the frequency range of voice services, so the two systems can operate over the same cable.
Getting Started
PPaarrtt II::
Getting Started
This part is structured as a step-by-step guide to help you access your Prestige. It covers key features
and applications, accessing the web configurator and configuring the wizard screens for initial setup.
I
Chapter 1
Getting To Know Your Prestige
This chapter describes the key features and applications of your Prestige.
1.1 Introducing the Prestige
Your Prestige integrates high-speed 10/100Mbps auto-negotiating LAN interface(s) and a high-speed ADSL port into a single package. The Prestige is ideal for high-speed Internet browsing and making LAN-to-LAN connections to remote networks. The Prestige is an ADSL router compatible with the ADSL/ADSL2/ADSL2+ standards. Maximum data rates attainable by the Prestige for each standard are shown in the next table.
DATA RATE
STANDARD
ADSL
ADSL2
ADSL2+
UPSTREAM DOWNSTREAM
832 kbps 8Mbps
3.5Mbps 12Mbps
3.5Mbps 24Mbps
The standard your ISP supports determines the maximum
upstream and downstream speeds attainable. Actual speeds attained also depend on the distance from your ISP, noise, line quality, etc.
By integrating DSL and NAT, the Prestige provides ease of installation and Internet access. The Prestige is also a complete security solution with a robust firewall and content filtering.
Three Prestige models are included in this user’s guide at the time of writing. In the Prestige product name, “H” denotes an integrated 4-port switch (hub) and “W” denotes an included wireless card. The Prestige 662HW provide 802.11g wireless LAN connectivity allowing users to enjoy the convenience and mobility of working anywhere within the coverage area.
Models ending in “1”, for example P662HW-61, denote a device that works over the analog telephone system, POTS (Plain Old Telephone Service). Models ending in “3” denote a device that works over ISDN (Integrated Synchronous Digital System). Models ending in “7” denote a device that works over T-ISDN (UR-2).
Only use firmware for your Prestige’s specific model. Refer to
the label on the bottom of your Prestige.
The web browser-based Graphical User Interface (GUI) provides easy management.
1.2 Features of the Prestige
The following sections describe the features of the Prestige.
Getting To Know Your Prestige 1-1
High Speed Internet Access
Your Prestige ADSL/ADSL2/ADSL2+ router can support downstream transmission rates of up to 24Mbps and upstream transmission rates of 3.5Mbps. Actual speeds attained depend on ISP DSLAM environment.
Zero Configuration Internet Access
Once you turn on and connect the Prestige to a telephone jack, it automatically detects the Internet connection settings (such as the VCI/VPI numbers and the encapsulation method) from the ISP and makes the necessary configuration changes. In cases where additional account information (such as an Internet account user name and password) is required or the Prestige cannot connect to the ISP, you will be redirected to web screen(s) for information input or troubleshooting.
Any IP
The Any IP feature allows a computer to access the Internet or the Prestige without changing the network settings (such as IP address and subnet mask) of the computer, even when the IP addresses of the computer and the Prestige are not in the same subnet.
Firewall
The Prestige is a stateful inspection firewall with DoS (Denial of Service) protection. By default, when the firewall is activated, all incoming traffic from the WAN to the LAN is blocked unless it is initiated from the LAN. The Prestige firewall supports TCP/UDP inspection, DoS detection and prevention, real time alerts, reports and logs.
You can configure most features of the Prestige via SMT but we
recommend you configure the firewall and content filters using the web configurator.
Content Filtering
Content filtering allows you to block access to forbidden Internet web sites, schedule when the Prestige should perform the filtering and give trusted LAN IP addresses unfiltered Internet access.
1
Anti-Virus Packet Scan
With the anti-virus packet scan, your Prestige detects and removes viruses in network packets (SMTP, POP3, HTTP and FTP). This prevents viruses from infecting computer(s) on the network. You can set the Prestige to log and warn you of any viruses detected. You can also perform online update of the packet scan on the Prestige.
IEEE 802.11g 11 Mbps Wireless LAN
IEEE 802.11g is fully compatible with the IEEE 802.11b standard. This means an IEEE 802.11b radio card can interface directly with an IEEE 802.11g access point (and vice versa) at 11 Mbps or lower depending on range. IEEE 802.11g has several intermediate rate steps between the maximum and minimum data rates. The IEEE 802.11g data rate and modulation are as follows:
1
Not available at the time of writing.
1-2 Getting To Know Your Prestige
Loading...
+ 428 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use