ZyXEL PRESTIGE P314 User Manual

Download

Page 1

Prestige 314

P314 Broadband Sharing Gateway with 4-Port Switch

User’s Guide

Version 3.20

August 2000

Page 2

P314 Broadband Sharing Gateway with 4-Port Switch

Prestige 314

P314 Broadband Sharing Gateway With 4-Port Switch

Copyright

The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation.

Disclaimer

ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patent rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice. This publication is subject to change without notice.

Trademarks

Trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners.

ii Copyright

Page 3

P314 Broadband Sharing Gateway With 4-Port Switch

Federal Communications Commission (FCC) Interference Statement

This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:

This device may not cause harmful interference.

This device must accept any interference received, including interference that may cause undesired operations.

This equipment has been tested and found to comply with the limits for a class B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.

If this equipment does cause harmful interference to radio/television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:

Reorient or relocate the receiving antenna.

Increase the separation between the equipment and the receiver.

Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.

Consult the dealer or an experienced radio/TV technician for help.

Notice 1

Changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment.

Notice 2

Shielded RS-232 cables are required to be used to ensure compliance with FCC Part 15, and it is the responsibility of the user to provide and use shielded RS-232 cables.

FCC Statement iii

Page 4

P314 Broadband Sharing Gateway with 4-Port Switch

Information for Canadian Users

The Industry Canada label identifies certified equipment. This certification means that the equipment meets certain telecommunications network protective, operation, and safety requirements. The Industry Canada does not guarantee that the equipment will operate to a user's satisfaction.

Before installing this equipment, users should ensure that it is permissible to be connected to the facilities of the local telecommunications company. The equipment must also be installed using an acceptable method of connection. In some cases, the company's inside wiring associated with a single line individual service may be extended by means of a certified connector assembly. The customer should be aware that the compliance with the above conditions may not prevent degradation of service in some situations.

Repairs to certified equipment should be made by an authorized Canadian maintenance facility designated by the supplier. Any repairs or alterations made by the user to this equipment, or equipment malfunctions, may give the telecommunications company cause to request the user to disconnect the equipment.

For their own protection, users should ensure that the electrical ground connections of the power utility, telephone lines, and internal metallic water pipe system, if present, are connected together. This precaution may be particularly important in rural areas.

Caution

Users should not attempt to make such connections themselves, but should contact the appropriate electrical inspection authority or electrician, as appropriate.

Note

This digital apparatus does not exceed the class A limits for radio noise emissions from digital apparatus set out in the radio interference regulations of Industry Canada.

Canadian Users

Page 5

Declaration of Conformity

P314 Broadband Sharing Gateway With 4-Port Switch

We, the Manufacturer/Importer,

Standard

•

EN 55022

•

EN 61000-3-2

•

EN 61000-3-3

•

EN 61000-4-2

•

EN 61000-4-3

•

EN 61000-4-4

•

EN 61000-4-5

•

EN 61000-4-6

•

EN 61000-4-8

•

EN 61000-4-11

ZyXEL Communications Corp

No. 6, Innovation Rd. II,

Science-Based Industrial Park,

Hsinchu, Taiwan, 300 R.O.C

declare that the product

Prestige 314

(reference to the specification under which conformity is declared)

Radio disturbance characteristics – Limits and method of measurement.

Disturbance in supply system caused by household appliances and similar electrical equipment “Harmonics”.

Disturbance in supply system caused by household appliances and similar electrical equipment “Voltage fluctuations”.

Electrostatic discharge immunity test – Basic EMC Publication 1995 Radiated, radio-frequency, electromagnetic field immunity test 1996 Electrical fast transient / burst immunity test – Basic EMC

Publication Surge immunity test 1995 Immunity to conducted disturbances, induced by radio-frequency

fields

Voltage dips, short interruptions and voltage variations immunity tests

is in conformity with

Standard Item

Version

1994

1995

1996

1993 1994

Declaration of Conformity

Page 6

P314 Broadband Sharing Gateway with 4-Port Switch

CE Doc

Page 7

P314 Broadband Sharing Gateway With 4-Port Switch

ZyXEL Limited Warranty

ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to proper operating condition. Any replacement will consist of a new or re-manufactured functionally equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.

Note

Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This warranty is in lieu of all other warranties, express or implied, including any implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect or consequential damages of any kind of character to the purchaser.

To obtain the services of this warranty, contact ZyXEL's Service Center; refer to the separate Warranty Card for your Return Material Authorization number (RMA). Products must be returned Postage Prepaid. It is recommended that the unit be insured when shipped. Any returned products without proof of purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products will be shipped by ZyXEL to the corresponding return address, Postage Paid (USA and territories only). If the customer desires some other return destination beyond the U.S. borders, the customer shall bear the cost of the return shipment. This warranty gives you specific legal rights, and you may also have other rights that vary from state to state.

Please register your Prestige (fast, easy online registration at www.zyxel.com) for free product updates and information.

Warranty

vii

Page 8

P314 Broadband Sharing Gateway with 4-Port Switch

Customer Support

If you have questions about your ZyXEL product or desire assistance, contact ZyXEL Communications Corporation offices worldwide, in one of the following ways:

Method

Region

Worldwide

North

America

EMAIL – Support Telephone Web Site

EMAIL – Sales Fax FTP Site

support@zyxel.com.tw support@europe.zyxel.com

+886-3-578-3942 www.zyxel.com

www.europe.zyxel.com

sales@zyxel.com.tw +886-3-578-2439 ftp.europe.zyxel.com

support@zyxel.com +1-714-632-0882

www.zyxel.com

800-255-4101

sales@zyxel.com +1-714-632-0858 ftp.zyxel.com

Regular Mail

ZyXEL Communications

Corp., 6 Innovation Road II,

Science-Based Industrial

Park, HsinChu, Taiwan.

ZyXEL Communications Inc.,

1650 Miraloma Avenue,

Placentia, CA 92870, U.S.A.

Scandinavia

Austria

Germany

support@zyxel.dk +45-3955-0700 www.zyxel.dk

sales@zyxel.dk +45-3955-0707 ftp.zyxel.dk

support@zyxel.at +43-1-4948677-0

www.zyxel.at

0810-1-ZyXEL 0810-1-99935

sales@zyxel.at

support@zyxel.de

+43-1-4948678

+49-2405-6909-0 0180-5213247

Tech Support hotline

0180-5099935

RMA/Repair hotline

ftp.zyxel.at

Note: for Austrian users with *.at

domain only!

www.zyxel.de

sales@zyxel.de +49-2405-6909-99 ftp.europe.zyxel.com

ZyXEL Communications A/S,

Columbusvej 5, 2860

Soeborg, Denmark.

ZyXEL Communications

Services GmbH.,

Thaliastrasse 125a/2/2/4,

A-1160 Vienna, Austria

ZyXEL Deutschland GmbH.,

Adenauerstr. 20/A4, D-52146

Wuerselen, Germany.

viii

Customer Support

Page 9

P314 Broadband Sharing Gateway with 4-Port Switch

Customer Support ........................................................................................................................ viii

Table of Contents ...........................................................................................................................ix

List of Figures............................................................................................................................... xiii

List of Tables ............................................................................................................................... xvii

Preface ......................................................................................................................................... xix

Getting Started ...................................................................................................................................I

Chapter 1

Chapter 2

Getting to Know Your Prestige..................................................................................... 1-1

1.1 The Prestige 314 Broadband Sharing Gateway With 4-Port Switch...........................................1-1

1.2 Features of the Prestige 314........................................................................................................ 1-1

1.3 Broadband Internet Access via Cable or DSL Modem............................................................... 1-2

Hardware Installation & Initial Setup ............................................................................ 2-1

2.1 Front Panel LEDs and Back Panel Ports.....................................................................................2-1

2.1.1 Front Panel LEDs................................................................................................................2-1

2.2 Prestige 314 Rear Panel and Connections...................................................................................2-2

2.3 Additional Installation Requirements .........................................................................................2-3

2.4 Power Up Your Prestige .............................................................................................................2-4

2.5 Navigating the SMT Interface ....................................................................................................2-4

2.5.1 Main Menu..........................................................................................................................2-5

2.5.2 System Management Terminal Interface Summary............................................................ 2-6

2.6 Changing the System Password..................................................................................................2-7

2.6.1 Resetting the Prestige..........................................................................................................2-7

2.7 General Setup..............................................................................................................................2-7

2.7.1 Dynamic DNS..................................................................................................................... 2-8

2.7.2 Configuring Dynamic DNS ................................................................................................2-9

2.8 WAN Setup...............................................................................................................................2-10

2.9 LAN Setup................................................................................................................................ 2-11

2.9.1 LAN Port Filter Setup.......................................................................................................2-11

Chapter 3

Table of Contents

Internet Access ............................................................................................................ 3-1

3.1 TCP/IP and DHCP for LAN .......................................................................................................3-1

Page 10

P314 Broadband Sharing Gateway with 4-Port Switch

3.1.1 Factory LAN Defaults ........................................................................................................ 3-1

3.1.2 IP Address and Subnet Mask.............................................................................................. 3-1

3.1.3 Private IP Addresses........................................................................................................... 3-2

3.1.4 RIP Setup............................................................................................................................ 3-2

3.1.5 DHCP Configuration .......................................................................................................... 3-3

3.1.6 IP Multicast ........................................................................................................................ 3-3

3.2 TCP/IP and DHCP Ethernet Setup ............................................................................................. 3-4

3.3 Internet Access Setup ................................................................................................................. 3-6

3.3.1 Ethernet Encapsulation....................................................................................................... 3-6

3.3.2 PPPoE Encapsulation ......................................................................................................... 3-8

3.4 Internet Setup Test...................................................................................................................... 3-9

3.5 Basic Setup Complete................................................................................................................. 3-9

Advanced Applications.................................................................................................................... II

Chapter 4

Chapter 5

Chapter 6

Advanced Management .................................................................................................................. III

Chapter 7

Remote Node Setup..................................................................................................... 4-1

4.1 Remote Node Profile .................................................................................................................. 4-1

4.1.1 Ethernet Encapsulation....................................................................................................... 4-1

4.1.2 PPPoE Encapsulation ......................................................................................................... 4-3

4.2 Editing TCP/IP Options.............................................................................................................. 4-4

4.3 Remote Node Filter ....................................................................................................................4-5

IP Static Route Setup ................................................................................................... 5-1

5.1 IP Static Route Setup.................................................................................................................. 5-2

SUA Server Setup ........................................................................................................ 6-1

6.1 Single User Account (SUA) ....................................................................................................... 6-1

6.1.1 Single User AccountConfiguration..................................................................................... 6-2

6.2 Multiple Servers behind SUA..................................................................................................... 6-3

6.2.1 Configuring a Server behind SUA...................................................................................... 6-4

Filter Configuration ....................................................................................................... 7-1

7.1 About Filtering ........................................................................................................................... 7-1

7.1.1 The Filter Structure of the Prestige..................................................................................... 7-2

7.2 Configuring a Filter Set.............................................................................................................. 7-4

7.2.1 Filter Rules Summary Menu............................................................................................... 7-6

7.2.2 Configuring a Filter Rule.................................................................................................... 7-7

Table of Contents

Page 11

P314 Broadband Sharing Gateway with 4-Port Switch

7.2.3 TCP/IP Filter Rule ..............................................................................................................7-7

7.2.4 Generic Filter Rule............................................................................................................7-11

7.3 Example Filter ..........................................................................................................................7-13

7.4 Filter Types and SUA ...............................................................................................................7-15

7.5 Applying a Filter and Factory Defaults.....................................................................................7-16

7.5.1 LAN Traffic ...................................................................................................................... 7-16

7.5.2 Remote Node Filters .........................................................................................................7-17

Chapter 8

Chapter 9

System Information and Diagnosis .............................................................................. 8-1

8.1 System Status.............................................................................................................................. 8-2

8.2 System Information and Console Port Speed .............................................................................8-4

8.2.1 System Information.............................................................................................................8-4

8.2.2 Console Port Speed.............................................................................................................8-5

8.3 Log and Trace.............................................................................................................................8-5

8.3.1 Viewing Error Log.............................................................................................................. 8-5

8.3.2 UNIX Syslog.......................................................................................................................8-6

8.3.3 Call-Triggering Packet........................................................................................................ 8-9

8.4 Diagnostic.................................................................................................................................8-10

8.4.1 WAN DHCP .....................................................................................................................8-11

Transferring Files ......................................................................................................... 9-1

9.1 Filename Conventions ................................................................................................................9-1

9.1.1 Firmware Development ......................................................................................................9-2

9.2 Backup Configuration................................................................................................................. 9-2

9.3 Restore Configuration................................................................................................................. 9-4

9.4 Upload Firmware ........................................................................................................................ 9-4

9.4.1 Uploading the Router Firmware .........................................................................................9-5

9.4.2 Uploading Router Configuration File .................................................................................9-6

9.5 TFTP File Transfer .....................................................................................................................9-7

9.5.1 Example TFTP Command ..................................................................................................9-7

9.6 FTP File Transfer........................................................................................................................ 9-8

9.6.1 Using the FTP Command from the DOS Prompt ...............................................................9-9

Chapter 10

10.1 Command Interpreter Mode......................................................................................................10-1

10.2 Call Control Support................................................................................................................. 10-2

Table of Contents

System Maintenance & Information ......................................................................... 10-1

Page 12

P314 Broadband Sharing Gateway with 4-Port Switch

10.2.1 Budget Management......................................................................................................... 10-2

10.2.2 Call History ...................................................................................................................... 10-3

10.3 Boot Commands....................................................................................................................... 10-4

Chapter 11

11.1 About Telnet Configuration...................................................................................................... 11-1

11.2 Telnet Under SUA.................................................................................................................... 11-1

11.3 Telnet Capabilities.................................................................................................................... 11-1

Troubleshooting, Appendices, Glossary and Index .................................................................... IV

Chapter 12

12.1 Problems Starting Up the Prestige............................................................................................ 12-1

12.2 Problems with the LAN Interface............................................................................................. 12-2

12.3 Problems with the WAN Interface ........................................................................................... 12-3

12.4 Problems with Internet Access ................................................................................................. 12-4

12.5 Problems with Telnet................................................................................................................ 12-4

Appendix A PPPoE...................................................................................................................... A

Appendix B Hardware Specifications ..........................................................................................C

Appendix C Important Safety Instructions ...................................................................................E

Appendix D Power Adapter Specs .............................................................................................. F

Telnet Configuration and Capabilities....................................................................... 11-1

11.3.1 Single Administrator......................................................................................................... 11-1

11.3.2 System Timeout................................................................................................................ 11-2

11.3.3 Telnet Blocking ................................................................................................................ 11-2

Troubleshooting........................................................................................................ 12-1

Glossary of Terms ..........................................................................................................................H

Index...............................................................................................................................................O

xii

Table of Contents

Page 13

P314 Broadband Sharing Gateway with 4-Port Switch

List of Figures

Figure 1-1 Internet Access .......................................................................................................................1-3

Figure 2-1 Front Panel.............................................................................................................................. 2-1

Figure 2-2 Prestige Rear Panel and Connections .....................................................................................2-2

Figure 2-3 Initial Screen........................................................................................................................... 2-4

Figure 2-4 Password Screen..................................................................................................................... 2-4

Figure 2-5 Prestige 314 Main Menu.........................................................................................................2-6

Figure 2-6 Menu 23 – System Security .................................................................................................... 2-7

Figure 2-7 Menu 1 – General Setup .........................................................................................................2-8

Figure 2-8 Configure Dynamic DNS .......................................................................................................2-9

Figure 2-9 Menu 2 – WAN Setup........................................................................................................... 2-10

Figure 2-10 Menu 3 – LAN Setup........................................................................................................... 2-11

Figure 2-11 Menu 3.1 – LAN Port Filter Setup ....................................................................................... 2-11

Figure 3-1 Menu 3 – LAN Setup (10/100 Mbps Ethernet) .....................................................................3-4

Figure 3-2 Menu 3.2 – TCP/IP and DHCP Ethernet Setup ...................................................................... 3-5

Figure 3-3 Menu 4 – Internet Access Setup .............................................................................................3-7

Figure 3-4 Menu 4 Using PPPoE .............................................................................................................3-9

Figure 4-1 Menu 11.1 Remote Node Profile for Ethernet Encapsulation................................................. 4-1

Figure 4-2 Menu 11.1 Remote Node Profile for PPPoE Encapsulation ................................................... 4-3

Figure 4-3 Remote Node Network Layer Options ...................................................................................4-4

Figure 4-4 Remote Node Filter (Ethernet Encapsulation) ........................................................................ 4-6

Figure 4-5 Remote Node Filter (PPPoE Encapsulation) .......................................................................... 4-6

Figure 5-1 Example of Static Routing Topology......................................................................................5-1

Figure 5-2 Menu 12 – IP Static Route Setup............................................................................................ 5-2

Figure 5-3 Menu 12. 1 – Edit IP Static Route .......................................................................................... 5-2

Figure 6-1 An Example of Single User Account Topology...................................................................... 6-1

Figure 6-2 Menu 4 – Internet Access Setup for Single User Account......................................................6-2

List of Figures xiii

Page 14

P314 Broadband Sharing Gateway with 4-Port Switch

Figure 6-3 Menu 15 ................................................................................................................................. 6-4

Figure 7-1 Outgoing Packet Filtering Process ......................................................................................... 7-1

Figure 7-2 Filter Rule Process ................................................................................................................. 7-3

Figure 7-3 Menu 21 – Filter Set Configuration........................................................................................ 7-4

Figure 7-4 NetBIOS_WAN Filter Rules Summary.................................................................................. 7-5

Figure 7-5 NetBIOS _LAN Filter Rules Summary.................................................................................. 7-5

Figure 7-6 Tel_FTP_Web_WAN Filter Rules Summary.......................................................................... 7-5

Figure 7-7 Menu 21.1.1.1 – TCP/IP Filter Rule....................................................................................... 7-8

Figure 7-8 Executing an IP Filter........................................................................................................... 7-10

Figure 7-9 Menu 21.4.1 – Generic Filter Rule ........................................................................................7-11

Figure 7-10 Telnet Filter Example ........................................................................................................... 7-13

Figure 7-11 Example Filter...................................................................................................................... 7-14

Figure 7-12 Example Filter Rules Summary – Menu 21.3 ...................................................................... 7-15

Figure 7-13 Protocol and Device Filter Sets ............................................................................................ 7-16

Figure 7-14 Filtering LAN Traffic ........................................................................................................... 7-16

Figure 7-15 Filtering Remote Node Traffic ............................................................................................. 7-17

Figure 8-1 Menu 24 – System Maintenance ............................................................................................ 8-1

Figure 8-2 Menu 24.1 – System Maintenance – Status............................................................................ 8-2

Figure 8-3 Menu 24.2 – System Information and Console Port Speed.................................................... 8-4

Figure 8-4 Menu 24.2.1 – System Maintenance – Information ............................................................... 8-4

Figure 8-5 Menu 24.2.2 – System Maintenance – Change Console Port Speed...................................... 8-5

Figure 8-6 Examples of Error and Information Messages ....................................................................... 8-6

Figure 8-7 Examples of Error and Information Messages ....................................................................... 8-6

Figure 8-8 Menu 24.3.2 – System Maintenance – UNIX Syslog............................................................. 8-7

Figure 8-9 Call-Triggering Packet Example .......................................................................................... 8-10

Figure 8-10 Menu 24.4 – System Maintenance – Diagnostic .................................................................8-11

Figure 8-11 WAN & LAN DHCP............................................................................................................ 8-12

Figure 9-1 Menu 24.5 – System Maintenance – Backup Configuration (Console Port).......................... 9-3

xiv

List of Figures

Page 15

P314 Broadband Sharing Gateway with 4-Port Switch

Figure 9-2 Menu 24.5 – System Maintenance – Backup Configuration (Telnet)..................................... 9-3

Figure 9-3 Menu 24.6 – System Maintenance – Restore Configuration (Console Port) .......................... 9-4

Figure 9-4 Menu 24.6 – System Maintenance – Restore Configuration (Telnet)..................................... 9-4

Figure 9-5 Menu 24.7 – System Maintenance – Upload Firmware.......................................................... 9-5

Figure 9-6 Menu 24.7.1 – System Maintenance – Upload Router Firmware........................................... 9-5

Figure 9-7 Menu 24.7.2 – System Maintenance – Upload Router Configuration File............................. 9-6

Figure 9-8 Telnet into Menu 24.7.1.......................................................................................................... 9-8

Figure 9-9 Telnet into Menu 24.7.2 – System Maintenance..................................................................... 9-9

Figure 9-10 FTP Session Example........................................................................................................... 9-10

Figure 10-1 Command Mode in Menu 24................................................................................................ 10-1

Figure 10-2 Valid Commands...................................................................................................................10-1

Figure 10-3 Call Control ..........................................................................................................................10-2

Figure 10-4 Budget Management............................................................................................................. 10-2

Figure 10-5 Call History .......................................................................................................................... 10-3

Figure 10-6 Boot Module Commands...................................................................................................... 10-5

Figure 11-1 Telnet Configuration on a TCP/IP Network ......................................................................... 11-1

List of Figures xv

Page 16

Page 17

P314 Broadband Sharing Gateway with 4-Port Switch

List Of Tables

Table 2-1 LED Functions........................................................................................................................2-1

Table 2-2 Main Menu Commands...........................................................................................................2-5

Table 2-3 Main Menu Summary ............................................................................................................. 2-6

Table 2-4 General Setup Menu Fields.....................................................................................................2-8

Table 2-5 Configure Dynamic DNS Menu Fields................................................................................... 2-9

Table 2-6 WAN Setup Menu Fields ......................................................................................................2-10

Table 3-1 LAN DHCP Setup Menu Fields..............................................................................................3-5

Table 3-2 LAN TCP/IP Setup Menu Fields............................................................................................ 3-6

Table 3-3 Internet Access Setup Menu Fields.........................................................................................3-7

Table 3-4 New Fields in Menu 4 (PPPoE) Screen ..................................................................................3-9

Table 4-1 Fields in Menu 11.1 ................................................................................................................4-2

Table 4-2 Fields in Menu 11.1 (PPPoE Encapsulation Specific Only) ...................................................4-3

Table 4-3 Remote Node Network Layer Options Menu Fields...............................................................4-4

Table 5-1 IP Static Route Menu Fields ................................................................................................... 5-3

Table 6-1 Single User Account Menu Fields ..........................................................................................6-2

Table 6-2 Services vs. Port number.........................................................................................................6-5

Table 7-1 Abbreviations Used in the Filter Rules Summary Menu ........................................................7-6

Table 7-2 Abbreviations Used If Filter Type Is IP..................................................................................7-7

Table 7-3 Abbreviations Used If Filter Type Is GEN .............................................................................7-7

Table 7-4 TCP/IP Filter Rule Menu Fields .............................................................................................7-8

Table 7-5 Generic Filter Rule Menu Fields...........................................................................................7-12

Table 8-1 System Maintenance – Status Menu Fields ............................................................................8-3

Table 8-2 Fields in System Maintenance ................................................................................................8-5

Table 8-3 System Maintenance Menu Syslog Parameters ......................................................................8-7

Table 8-4 System Maintenance Menu Diagnostic.................................................................................8-12

Table 9-1 Filename Conventions ............................................................................................................9-2

List of Tables

xvii

Page 18

P314 Broadband Sharing Gateway with 4-Port Switch

Table 9-2 Third Party TFTP Clients – General fields............................................................................. 9-7

Table 9-3 Third Party FTP Clients – General fields ............................................................................. 9-10

Table 10-1 Budget Management............................................................................................................. 10-3

Table 10-2 Call History Fields................................................................................................................ 10-4

Table 12-1 Troubleshooting the Start-Up of your Prestige..................................................................... 12-1

Table 12-2 Troubleshooting the LAN Interface...................................................................................... 12-2

Table 12-3 Troubleshooting the WAN Interface..................................................................................... 12-3

Table 12-4 Troubleshooting Internet Access .......................................................................................... 12-4

xviii

List of Tables

Page 19

P314 Broadband Sharing Gateway with 4-Port Switch

Preface

About Your Router

Congratulations on your purchase of the Prestige 314 Broadband Sharing Gateway with 4-Port Switch

Don’t forget to register your Prestige (fast, easy online registration at www.zyxel.com) for free future product updates and information.

The Prestige 314 is a dual Ethernet Broadband Access Gateway 4-Port Switch integrated with network management features that allows access to the Internet via Cable/ADSL modem or broadband router. It is designed for:

Home offices and small businesses with Cable or DSL modem via Ethernet port as Internet access



media. Multiple office/department connections via access devices.



Your Prestige 314 is easy to install and to configure. The Embedded Web Configurator is a web-based utility that allows you to access the Prestige’s management settings and configure the Prestige. All functions of the Prestige 314 are also software configurable via the SMT (System Management Terminal) interface. The SMT is a menu-driven interface that you can access from a terminal emulator through the console port or over a telnet connection.

About This User's Manual

This manual is designed to guide you through the SMT configuration of your Prestige 314 for its various applications.

Structure of this Manual

This manual is structured as follows: Part I.

Part II.

Part III.

Part IV.

Getting Started

install and setup your Prestige to operate on your network and access the Internet.

Advanced Applications

Prestige, such as Remote Node Setup, IP Static routes and SUA.

Advanced Management

System Information and Diagnosis, Transferring Files and Telnet.

Troubleshooting

as some Appendices, a Glossary and an Index.

(Chapters 1 – 3)

(Chapters 4 – 6)

(Chapter 7 – 11)

(Chapter 12)

is structured as a step-by-step guide to help you connect,

describe the advanced applications of your

provides information on Prestige Filtering,

provides information about solving common problems as well

Regardless of your particular application, it is important that you follow the steps outlined in connect your Prestige to your LAN. You can then refer to the appropriate chapters of the manual, depending on your applications.

Syntax Conventions

•

Read Me First

Packing List Card

ZyXEL Web and FTP Server Sites

“Enter” means for you to type one or more characters and press the carriage return. “Select” or “Choose” means for you to select one from the predefined choices. The SMT menu titles and labels are in font. A single keystroke is in Arial font and enclosed in square brackets, for instance, [ the Enter, or carriage return, key; [ For brevity’s sake, we will use “e.g.” as a shorthand for “for instance” and “i.e.” for “that is” or “in other words” throughout this manual.

Bold Times

] means the Escape Key.

ESC

font. The choices of a menu item are in

ENTER

Bold Arial

] means

xx Preface

Page 21

Getting Started

Part I:

Getting Started

Chapters 1-3 are structured as a step-by-step guide to help you connect, install and setup your

Prestige to operate on your network and access the Internet.

Page 22

Page 23

P314 Broadband Sharing Gateway with 4-Port Switch

Chapter 1

Getting to Know Your Prestige

This chapter introduces the main features and applications of the Prestige.

1.1 The Prestige 314 Broadband Sharing Gateway With 4-Port Switch

The Prestige 314 is a dual Ethernet Broadband Sharing Gateway with an integrated 4-port switch and advanced network management features. It is designed for home offices and small businesses to easily and quickly access the Internet via Cable/ADSL modem or broadband router. ZyXEL’s Prestige 314 provides not only ease of installation and Internet access, but also a complete solution to efficiently manage data traffic on your network. The embedded web configurator is a breeze to operate and totally independent of the operating system platform you use.

1.2 Features of the Prestige 314

The following are the essential features of the Prestige 314.

Broadband WAN Connection with Integrated Four-Port Switch

The P314 sports a 10 Mbps Ethernet port for a cable or DSL modem connection as well as an integrated 4Port Switch allowing up to 4 computers on your network to enjoy super-fast Internet access without the need for an additional hub.

Dynamic DNS Support

With Dynamic DNS support, you can have a static hostname alias for a dynamic IP address, allowing the host to be more easily accessible from various locations on the Internet. You must register with a Dynamic DNS client to use this service.

IP Multicast

Traditionally, IP packets are transmitted in two ways - unicast or broadcast. Multicast is a third way to deliver IP packets to a group of hosts. IGMP (Internet Group Management Protocol) is the protocol used to support multicast groups. The latest version is version 2 (see RFC 2236). Both versions 1 and 2 are supported by the Prestige.

Packet Filtering

The Packet Filtering mechanism blocks unwanted traffic from entering/leaving your network.

PPPoE

PPPoE facilitates the interaction of a host with a broadband modem to achieve access to high-speed data networks via a familiar "dial-up networking" user interface.

Getting to Know Your Prestige 1-1

Page 24

P314 Broadband Sharing Gateway with 4-Port Switch

Full Network Management

Your Prestige offers you a variety of options for network management. It supports password protected local and remote network management via the console port or a telnet connection using SMT (System Management Interface) or the Embedded Web Configurator. It also supports FTP (File Transfer Protocol) server for remote management, TFTP (Trivial FTP), SNMP (Simple Network Management Protocol) and CI (Command Interpreter) mode.

Auto-negotiating 10/100 Mbps Ethernet

The 4 LAN ports automatically detect if it’s on a 10 or a 100 Mbps Ethernet.

Single User Account (SUA)

SUA is ZyXEL’s version of NAT (Network Address Translation) which enables multiple users to share a single ISP account, thereby accessing the Internet for the cost of a single IP address.

DHCP (Dynamic Host Configuration Protocol)

The Prestige supports DHCP Server and Client (RFC 2131 and RFC 2132). The Prestige's DHCP server capability allows you to automatically assign TCP/IP settings to a workstation on your LAN. The Prestige's DHCP client capability allows it to get automatically its IP address from the ISP on the WAN.

RoadRunner Support

In addition to standard cable modem services, the Prestige supports Time Warner’s RoadRunner Service.

Logging and Tracing

The Prestige has the following features:

Built-in message logging and packet tracing.

♦

UNIX syslog facility support.

♦

Upgrade Prestige Firmware via LAN

The firmware of the Prestige 314 can be upgraded via the LAN.

Embedded FTP and TFTP Servers

The Prestige’s embedded FTP and TFTP servers enable fast firmware upgrade as well as configuration file backup and restoration.

1.3 Broadband Internet Access via Cable or DSL Modem

A cable modem or DSL modem can be connected to the Prestige 10M WAN Ethernet port and up to four computers can be connected to the four Prestige 10/100M LAN Ethernet ports for super-fast broadband Internet access. The Prestige provides not only the high speed Internet access but also a complete solution to efficiently manage data traffic on your network.

1-2 Getting to Know Your Prestige

Page 25

P314 Broadband Sharing Gateway with 4-Port Switch

Figure 1-1 Internet Access

Getting to Know Your Prestige 1-3

Page 26

Page 27

P314 Broadband Sharing Gateway with 4-Port Switch

Hardware Installation & Initial Setup

This chapter shows you how to connect the hardware and perform the initial setup.

2.1 Front Panel LEDs and Back Panel Ports

2.1.1 Front Panel LEDs

The LEDs on the front panel indicate the operational status of the Prestige.

Figure 2-1 Front Panel

The following table describes the LED functions:

Table 2-1 LED Functions

Chapter 2

LEDs Function Indicator

Status

PWR Power Green On The power adapter is connected to the Prestige.

SYS System

10M LAN LAN

100M LAN Orange

WAN WAN Green Off The WAN Link is not ready, or has failed.

Hardware Installation and Setup 2-1

Green Off The 10M LAN is not connected.

Active Description

Off The system is not ready or failed.

On The system is ready and running.

Flashing The system is rebooting.

On The Prestige is connected to a 10M LAN.

Flashing The 10M LAN is sending/receiving packets.

Off The 100M LAN is not connected.

On The Prestige is connected to a 100 Mbps LAN.

Flashing The 100M LAN is sending/receiving packets.

Page 28

P314 Broadband Sharing Gateway with 4-Port Switch

LEDs Function Indicator

Status

Active Description

On The WAN Link is ok.

Flashing The 10M WAN link is sending/receiving packets.

2.2 Prestige 314 Rear Panel and Connections

The following figure shows the rear panel of your Prestige 314 and the connection diagram.

Figure 2-2 Prestige Rear Panel and Connections

This section outlines how to connect your Prestige 314 to the LAN and the WAN. In the case of connecting a cable modem you must connect the coaxial cable from your cable service to the threaded coaxial cable connector on the back of the cable modem. Connect a DSL Modem to the DSL Wall Jack. Please also

Appendices

for important safety instructions on making connections to the Prestige.

see the

Step 1: Connecting the Console Port

For the initial configuration of your Prestige, you need to use terminal emulator software on a workstation and connect it to the Prestige through the console port. Connect the 9-pin end of the console cable to the console port of the Prestige and the other end (choice of 9-pin or 25-pin, depending on your computer) end to a serial port (COM1, COM2 or other COM port) of your workstation. You can use an extension RS-232

2-2 Hardware Installation and Setup

Page 29

P314 Broadband Sharing Gateway with 4-Port Switch

cable if the enclosed one is too short. After the initial setup, you can modify the configuration remotely through telnet connections.

Step 2: Connecting the Prestige to the Broadband Modem

Step 2a.

Step 2b.

Step 3: Connecting the Prestige to your LAN

You can connect up to four computers directly to the Prestige. For each computer, connect the 10/100M LAN port on the Prestige to the Network Adapter on the PC using a straight through Ethernet cable (white tag). If you have more than four computers, you must use an external hub. Connect LAN port 4 (next to the button) on the Prestige to a port on the external hub using a straight through Ethernet cable (white tag) and press the chain the Prestige to an external hub, then you must use a crossover cable (red tag).

Step 4: Grounding the Prestige

If you want to ground the Prestige then connect a grounded wire to the

Step 5: Connecting the Power Adapter to your Prestige

Connect the power adapter to the port labeled

Caution: To prevent damage to the Prestige, first make sure you have the correct AC power adapter. Please see the Appendices for AC power adapter specifications for your region.

Uplink

Connecting the Prestige to the Cable Modem

Connect the WAN port on the Prestige to the Ethernet port on the cable modem using the cable that came with your cable modem. The Ethernet port on the cable modem is sometimes labeled "PC" or "Workstation".

Connecting the Prestige to the DSL Modem Connect the WAN port on the Prestige to the Ethernet port on the DSL modem using the cable that came with your DSL modem.

Uplink

button. If you do not press the

POWER

button (LAN port 4) or use LAN ports 1 to 3 to daisy

Uplink

F.G.

(Frame Ground) of the Prestige.

on the rear panel of your Prestige.

2.3 Additional Installation Requirements

In addition to the contents of your package, there are other hardware and software requirements you need before you can install and use your Prestige. These requirements include:

1. A computer with an Ethernet NIC (Network Interface Card) installed.

2. A computer equipped with communications software configured to the following parameters: VT100 terminal emulation.

♦

9600 Baud.

♦

No parity, 8 Data bits, 1 Stop bit, Flow Control set to None.

♦

3. A cable/DSL modem and an ISP account.

After the Prestige is properly set up, you can make future changes to the configuration through telnet connections.

Hardware Installation and Setup 2-3

Page 30

P314 Broadband Sharing Gateway with 4-Port Switch

2.4 Power Up Your Prestige

At this point, you should have connected the console port, the LAN port, the WAN port and the power port to the appropriate devices or lines. Plug the power adapter into a wall outlet. The Power LED should be on. The SYS LED will come on after the system tests are complete. The WAN LED and one of the LAN LEDs come on immediately after the SYS LED comes on, if connections have been made to the LAN and WAN ports.

Initial Screen

When you power on your Prestige, it performs several internal tests as well as line initialization.

Enter

After the tests, the Prestige asks you to press

[

Figure 2-3 Initial Screen

Entering Password

The login screen appears after you press [

Enter

For your first login, enter the default password for each character you type. Please note that if there is no activity for longer than 5 minutes after you log in, your Prestige will automatically log you out and will display a blank screen. If you see a blank screen, press the login screen again.

]

to continue, as shown.

], prompting you to enter the password, as shown below.

1234

. As you type the password, the screen displays an (X)

[Enter]

to bring up

Enter Password : XXXX

Figure 2-4 Password Screen

2.5 Navigating the SMT Interface

The SMT (System Management Terminal) is the interface that you use to configure your Prestige. Several operations that you should be familiar with before you attempt to modify the configuration are listed in the table below.

2-4 Hardware Installation and Setup

Page 31

P314 Broadband Sharing Gateway with 4-Port Switch

Table 2-2 Main Menu Commands

Operation Keystrokes Description

Move down to another menu

Move up to a previous menu

Move to a “hidden” menu

Move the cursor

Enter information Fill in, or

Required fields <? > All fields with the symbol <?> must be filled in order be able to

N/A fields <N/A> Some of the fields in the SMT will show a <N/A>. This symbol

Save your configuration

Exit the SMT

[ENTER] To move forward to a submenu, type in the number of the

desired submenu and press [ENTER].

[Esc] Press the [Esc] key to move back to the previous menu.

Press the [SPACE BAR] to change

Yes

to press [ENTER] [ENTER] or

[Up]/[Down] arrow keys

Press the [SPACE BAR] to toggle

[ENTER] Save your configuration by pressing [ENTER] at the message

Type 99, then press [ENTER].

then

Fields beginning with “Edit” lead to hidden menus and have a default setting of No. Press the [SPACE BAR] to change No to

Yes

, then press [ENTER] to go to a “hidden” menu.

Within a menu, press [ENTER] to move to the next field. You can also use the [Up]/[Down] arrow keys to move to the previous and the next field, respectively.

You need to fill in two types of fields. The first requires you to type in the appropriate information. The second allows you to cycle through the available choices by pressing the [SPACE BAR].

save the new configuration.

refers to an option that is Not Applicable.

[Press ENTER to confirm or ESC to cancel]. Saving the data on the screen will take you, in most cases to the previous menu.

Type 99 at the Main Menu prompt and press [ENTER] to exit the SMT interface.

2.5.1 Main Menu

After you enter the password, the SMT displays the

Prestige 314 Main Menu

Hardware Installation and Setup 2-5

, as shown below.

Page 32

P314 Broadband Sharing Gateway with 4-Port Switch

Prestige 314 Main Menu

Getting Started Advanced Management

1. General Setup

2. WAN Setup

3. LAN Setup

4. Internet Access Setup

Advanced Applications

11. Remote Node Setup

12. Static Routing Setup

15. SUA Server Setup

Enter Menu Selection Number:

21. Filter Set Configuration

23. System Password

24. System Maintenance

99. Exit

Figure 2-5 Prestige 314 Main Menu

2.5.2 System Management Terminal Interface Summary

Table 2-3 Main Menu Summary

# Menu Title Description

1 General Setup Use this menu to set up general information.

2 WAN Setup Use this menu to set up the WAN.

3 LAN Setup Use this menu to set up the LAN.

4 Internet Access Setup A quick and easy way to set up Internet connection.

11 Remote Node Setup Use this menu to set up the remote node.

12 Static Routing Setup Use this menu to set up static route.

15 SUA Server Setup

Use this menu to specify inside servers when SUA is enabled

21 Filter Set Configuration Use this menu to set up filters to provide security.

23 System Password Use this menu to set up a new password.

24 System Maintenance This menu provides system status, diagnostics, firmware upload, etc.

99 Exit To exit from SMT and return to the blank screen.

2-6 Hardware Installation and Setup

Page 33

P314 Broadband Sharing Gateway with 4-Port Switch

2.6 Changing the System Password

The first thing your should do before anything else is to change the default system password by following the steps below.

Step 1.

Step 2. Step 3. Step 4.

Note that as you type a password, the screen displays a (X) for each character you type.

Enter 23 in the Main Menu to open

Menu 23 - System Password

Old Password= ? New Password= ? Retype to confirm= ?

Enter here to CONFIRM or ESC to CANCEL:

Menu 23 – System Password

Figure 2-6 Menu 23 – System Security

Enter your existing password and press Enter your new system password and press

[Enter]

Re-type your new system password for confirmation and press

as shown below.

[Enter]

2.6.1 Resetting the Prestige

If you have forgotten your password or for some reason cannot access the SMT menu you will need to reinstall the configuration file. Uploading the configuration file replaces the current configuration file with the default configuration file, you will lose all configurations that you had before and the speed of the console port will be reset to the default of 9600bps with 8 data bit, no parity and 1 stop bit (8n1). The password will be reset to the default of 1234, also. Turn off the Prestige and begin a Terminal session with the current console port settings. Turn on the Prestige again. When you see the message "Press Any key to enter Debug Mode within 3 seconds", press any key to enter debug mode. You should already have downloaded the correct file from your nearest ZyXEL FTP site.

See Chapter 9

for more information on how to transfer the configuration file to your Prestige.

2.7 General Setup

Menu 1 – General Setup

To enter Menu 1 and fill in the required information, follow these steps:

Step 1. Step 2.

Enter 1 in the Main Menu to open The

Menu 1 – General Setup

Hardware Installation and Setup 2-7

contains administrative and system-related information.

Menu 1 – General Setup

screen appears, as shown below. Fill in the required fields.

Page 34

P314 Broadband Sharing Gateway with 4-Port Switch

Menu 1 - General Setup

System Name= xxx Domain Name= zyxel.com.tw Configure Dynamic DNS= No

Press ENTER to Confirm or ESC to Cancel:

Figure 2-7 Menu 1 – General Setup

The fields for General Setup are as shown below.

System Name

is for identification purposes. However, because some ISPs check this name you should enter your PC’s “Computer Name” (Start -> Settings -> Control Panel -> Network. Click the Identification tab, note the entry for the Computer name” field). It is the domain name that will be propagated to the DHCP clients on the LAN. If you leave this blank, the domain name obtained by DHCP from the ISP is used. While you must enter the host name (

System Name

) on each

individual machine, the domain name can be assigned from the Prestige via DHCP.

Table 2-4 General Setup Menu Field

Field Description Example

System Name Choose a descriptive name for identification purposes. It is

recommended you enter your computer’s “Computer name” in this field. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes “-” and underscores "_" are accepted.

Domain Name Enter the domain name (if you know it) here. If you leave this field

blank, the ISP may assign a domain name via DHCP. You can go to

Configure Dynamic DNS

Menu 24.8

name used by your router.

If you want to clear this field just press the [SPACE BAR]. The domain name entered by you is given priority over the ISP assigned domain name.

Press the [SPACE BAR] to select configure

and type "sys domainname" to see the current domain

Yes

(default). Select

Menu 1.1 – Configure Dynamic DNS

discussed next.

Yes

Billy

zyxel.com.tw

2.7.1 Dynamic DNS

Dynamic DNS allows you to update your current dynamic IP address with one or many dynamic DNS services so that anyone can contact you (in site on your own computer using a DNS-like address (e.g.

NetMeeting, CU-SeeMe

myhost.dhs.org

2-8 Hardware Installation and Setup

, etc.) or access your FTP server or Web

, where

is a name of your

myhost

Page 35

P314 Broadband Sharing Gateway with 4-Port Switch

choice) which will never change instead of using your IP address that changes each time you reconnect. Your friends or relatives will always be able to call you even if they don’t know your IP address. First of all, you need to have registered a dynamic DNS account with www.dyndns.org. This is for people with a dynamic IP from their ISP or DHCP server that would still like to have a DNS name. To use this service, you must register with the Dynamic DNS client. The Dynamic DNS Client service provider will give you a password or key. The Prestige at the time of writing supports www.ddns.org and

www.dyndns.org clients. You can apply to either of these clients for Dynamic DNS service.

DYNDNS Wildcard

Enabling the wildcard feature for your host causes *.yourhost.dyndns.org to be aliased to the same IP address as yourhost.dyndns.org. This feature is useful if you want to be able to use for example

.yourhost.dyndns.org and still reach your hostname.

www

2.7.2 Configuring Dynamic DNS

To configure Dynamic DNS, go to

[Enter]

field.

takes you to

Service Provider = WWW.DynDNS.ORG Active= Yes Host= me.ddns.org EMAIL= mail@mailserver User= username Password= ****** Enable Wildcard= No

Menu 1.1– Configure Dynamic DNS

Press ENTER to confirm or ESC to cancel:

Dynamic DNS

Pressing

Menu 1 – General Setup

Menu 1.1 - Configure Dynamic DNS

and press select

as shown next.

Yes

in the

Configure

Figure 2-8 Configure Dynamic DNS

Follow the instructions in the next table to configure Dynamic DNS parameters.

Table 2-5 Configure Dynamic DNS Menu Fields

Field Description Example

Service Provider

Active

Host Enter the domain name assigned to your Prestige by your

EMAIL Enter your e-mail address.

User Enter your user name.

Enter the name of your Dynamic DNS client.

Press [SPACE BAR] to toggle between

Dynamic DNS provider.

Yes

or No.

www.ddns.org

Yes

me.ddns.org

mail@mailserver

Hardware Installation and Setup 2-9

Page 36

P314 Broadband Sharing Gateway with 4-Port Switch

Password Enter the password assigned to you.

Enable Wildcard

Your Prestige supports DYNDNS Wildcard. Press [SPACE BAR] to toggle between

Yes

or No This field is

N/A

when you

Yes

choose DDNS client as your service provider.

The IP address will be updated when you reconfigure Menu 1 or perform DHCP client renewal.

Please note that:

♦

The Prestige supports basic DDNS, i.e., insecure login and password.

♦

If you have a private WAN IP address, then you can not use this service.

2.8 WAN Setup

This section describes how to configure the WAN using the Main Menu, enter 2 to open Menu 2.

You only need to configure this menu if your ISP requires MAC address authentication.

Menu 2 – WAN (10 Mbps Ethernet) Setup

. From

MAC Address: Assigned By=IP address attached on LAN IP Address= 192.168.1.42

Press Space Bar to Toggle

Press ENTER to Confirm or ESC to Cancel:

Menu 2 - WAN Setup

Figure 2-9 Menu 2 – WAN Setup

This menu allows you to configure the WAN port's MAC Address by using either the factory default or cloning the MAC address from a workstation on your LAN. Once it is successfully configured, the address will be copied to the rom file (ZyNOS configuration file). It will not change unless you change the setting in

Menu 2

or upload a different rom file.

The following table contains instructions on how to configure your WAN setup.

Table 2-6 WAN Setup Menu Fields

Field Description Examples

MAC Address

Assigned By

Press the [SPACEBAR] to choose either of the two methods of assigning a MAC Address. Choose factory assigned default MAC Address. Choose

Factory Default

IP Address attached

to select the

Factory

Default

2-10 Hardware Installation and Setup

Page 37

P314 Broadband Sharing Gateway with 4-Port Switch

on LAN

to use the MAC Address of that workstation whose IP you

give in the following field.

IP Address

This field is applicable only if you choose

LAN

method. Enter the IP address of the workstation on the LAN

IP Address attached on

whose MAC you are cloning.

2.9 LAN Setup

This section describes how to configure the LAN using

Menu 3 – LAN Setup (10/100 Mbps Ethernet)

From the Main Menu, enter 3 to open Menu 3.

Menu 3 - LAN Setup

1. LAN Port Filter Setup

2. TCP/IP and DHCP Setup

Enter Menu Selection Number:

Figure 2-10 Menu 3 – LAN Setup

2.9.1 LAN Port Filter Setup

This menu allows you to specify the filter sets that you wish to apply to the LAN traffic. You seldom need to filter the LAN traffic, however, the filter sets may be useful to block certain packets, reduce traffic and prevent security breaches.

Menu 3.1 – LAN Port Filter Setup

Input Filter Sets: protocol filters= 2 device filters= Output Filter Sets: protocol filters= device filters=

Press ENTER to Confirm or ESC to Cancel:

Figure 2-11 Menu 3.1 – LAN Port Filter Setup

Menu 3.2 is discussed in the next chapter.

Hardware Installation and Setup 2-11

Page 38

Page 39

P314 Broadband Sharing Gateway with 4-Port Switch

Chapter 3

Internet Access

This chapter shows you how to configure the LAN as well as the WAN of your Prestige for Internet

access.

3.1 TCP/IP and DHCP for LAN

The Prestige has built-in DHCP server capability that assigns IP addresses and DNS servers to systems that support DHCP client capability.

3.1.1 Factory LAN Defaults

The LAN parameters of the Prestige are preset in the factory with the following values:

1. IP address of 192.168.1.1 with subnet mask of 255.255.255.0 (24 bits).

2. DHCP server enabled with 32 client IP addresses starting from 192.168.1.33.

These parameters should work for the majority of installations. If the parameters are satisfactory, you can skip to

section 3.2

If you wish to change the factory defaults or to learn more about TCP/IP, please read on.

to enter the DNS server address(es) if your ISP gives you explicit DNS server address(es).

3.1.2 IP Address and Subnet Mask

Similar to the houses on a street that share a common street name, the machines on a LAN share one common network number. Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask. If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established. If this is the case, it is recommended that you select a network number from 192.168.0.0 to 192.168.255.0 and you must enable the Network Address Translation feature of the Prestige. The Internet Assigned Number Authority (IANA) reserved this block of addresses specifically for private use; please do are told otherwise. Let’s say you select 192.168.1.0 as the network number; which covers 254 individual addresses, from 192.168.1.1 to 192.168.1.254 (zero and 255 are reserved). In other words, the first 3 numbers specify the network number while the last number identifies an individual workstation on that network. Once you have decided on the network number, pick an IP address that is easy to remember, e.g.,

192.168.1.1, for your Prestige, but make sure that no other device on your network is using that IP.

Internet Access 3-1

use any other number unless you

not

Page 40

P314 Broadband Sharing Gateway with 4-Port Switch

The subnet mask specifies the network number portion of an IP address. Your Prestige will compute the subnet mask automatically based on the IP address that you entered. You don’t need to change the subnet mask computed by the Prestige unless you are instructed to do otherwise.

3.1.3 Private IP Addresses

Every machine on the Internet must have a unique address. If your networks are isolated from the Internet, e.g., only between your two branch offices, you can assign any IP addresses to the hosts without problems. However, the Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of IP addresses specifically for private networks:

10.0.0.0 – 10.255.255.255

172.16.0.0 – 172.31.255.255

192.168.0.0 – 192.168.255.255

You can obtain your IP address from the IANA, from an ISP, or assigned from a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks. On the other hand, if you are part of a much larger organization, you should consult your network administrator for the appropriate IP addresses.

Regardless of your particular situation, do not create an arbitrary IP address; always

follow the guidelines above. For more information on address assignment, please refer

to RFC 1597, Address Allocation for Private Internets and RFC 1466, Guidelines for

Management of IP Address Space.

3.1.4 RIP Setup

RIP (Routing Information Protocol, RFC 1058 and RFC 1389) allows a router to exchange routing information with other routers. The When set to

In Only

Both

, it will incorporate the RIP information that it receives; when set to

Out Only

RIP Direction

the Prestige will broadcast its routing table periodically. When set to

RIP packets and will ignore any RIP packets received. The

Version

field controls the format and the broadcasting method of the RIP packets that the Prestige sends (it recognizes both formats when receiving). information.

RIP-2B

Both subnet broadcasting while

RIP-1

is probably adequate for most networks, unless you have an unusual network topology.

RIP-2M

and

sends the routing data in RIP-2 format; the difference being that

RIP-2M

uses multicasting. Multicasting can reduce the load on non-router machines since they generally do not listen to the RIP multicast address and so will not receive the RIP packets. However, if one router uses multicasting, then all routers on your network must use multicasting, also. By default,

RIP direction

is set to

Both

and the

3-2 Preface

field controls the sending and receiving of RIP packets.

None

, it will not send any

RIP-1

is universally supported; but

RIP-2

carries more

RIP-2B

RIP-1

Version

set to

Both

uses

Page 41

P314 Broadband Sharing Gateway with 4-Port Switch

3.1.5 DHCP Configuration

DHCP (Dynamic Host Configuration Protocol, RFC 2131 and RFC 2132) allows the individual clients (workstations) to obtain the TCP/IP configuration at start-up from a server. You can configure the Prestige as a DHCP server or disable it. When configured as a server, the Prestige provides the TCP/IP configuration for the clients. If set to LAN, or else the workstation must be manually configured.

IP Pool Setup

The Prestige is pre-configured with a pool of 32 IP addresses starting from 192.168.1.33 to 192.168.1.64. This configuration leaves 31 IP addresses (excluding the Prestige itself) in the lower range for other server machines, e.g., server for mail, FTP, telnet, web, etc., that you may have.

DNS Server Address

DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa, e.g., the IP address of without it, you must know the IP address of a machine before you can access it. There are two ways that an ISP disseminates the DNS server addresses. The first is for an ISP to tell a customer the DNS server addresses, usually in the form of an information sheet, when you sign up. If your ISP does give you the DNS server addresses, enter them in the second is to leave this field blank, i.e., 0.0.0.0 – in this case the Prestige acts as a DNS proxy.

Example Of Network Properties For LAN Servers With Fixed IP#:

None

, DHCP service will be disabled and you must have another DHCP sever on your

www.zyxel.com

is 204.217.0.2. The DNS server is extremely important because

DNS Server

fields in

DHCP Setup.

The

Choose an IP:

Netmask: 255.255.255.0

Gateway (or default route): 192.168.1.1 (Prestige LAN IP)

DNS server: 192.168.1.1

Domain: (optional)

192.168.1.2 – 192.168.1.32; 192.168.1.65 - 192.168.1.254.

3.1.6 IP Multicast

Traditionally, IP packets are transmitted in one of either two ways - Unicast (1 sender – 1 recipient) or Broadcast (1 sender – everybody on the network). Multicast is a third way to deliver IP packets to hosts on the network - not everybody. IGMP (Internet Group Multicast Protocol) is a session-layer protocol used to establish membership in a Multicast group - it is not used to carry user data. IGMP version 2 (RFC 2236) is an improvement over version 1 (RFC 1112) but IGMP version 1 is still in wide use. If you would like to read more detailed information about interoperability between IGMP version 2 and version 1, please see sections 4 and 5 of RFC 2236. The class D IP address is used to identify host groups and can be in the range 224.0.0.0 to

239.255.255.255. The address 224.0.0.0 is not assigned to any group and is used by IP multicast computers. The address 224.0.0.1 is used for query messages and is assigned to the permanent group of all IP hosts

Internet Access 3-3

a group

Page 42

P314 Broadband Sharing Gateway with 4-Port Switch

(including gateways). All hosts must join the 224.0.0.1 group in order to participate in IGMP. The address

224.0.0.2 is assigned to the multicast routers group. The Prestige supports both IGMP version 1 (

IGMP-v1

) and IGMP version 2 (

IGMP-v2

. At start up, the

)

Prestige queries all directly connected networks to gather group membership. After that, the Prestige periodically updates this information. IP Multicasting can be enabled/disabled on the Prestige LAN and/or WAN interfaces using menus 3.2 (LAN) and 11.3 (WAN). Select

None

to disable IP Multicasting on these

interfaces.

3.2 TCP/IP and DHCP Ethernet Setup

From the Main Menu, enter 3 to open (RFC 1155) and DHCP Ethernet setup.

Menu 3 – LAN Setup

1. LAN Port Filter Setup

2. TCP/IP and DHCP Setup

Menu 3 – LAN Setup

(10/100 Mbps Ethernet) to configure TCP/IP

Enter Menu Selection Number:

Figure 3-1 Menu 3 – LAN Setup (10/100 Mbps Ethernet)

To edit the TCP/IP and DHCP configuration, enter 2 to open

as shown next.

Setup

Menu 3.2 – TCP/IP and DHCP Ethernet

3-4 Preface

Page 43

P314 Broadband Sharing Gateway with 4-Port Switch

Menu 3.2 - TCP/IP and DHCP Ethernet Setup

DHCP= Server Configuration:

Size of Client IP Pool= 32 Primary DNS Server= 0.0.0.0

TCP/IP Setup:

Press ENTER to Confirm or ESC to CANCEL: Press Space Bar to Toggle.

Client IP Pool Starting Address= 192.168.1.33

Secondary DNS Server= 0.0.0.0

IP Address= 192.168.1.1 IP Subnet Mask= 255.255.255.0 RIP Direction= Both Version= RIP-1 Multicast= IGMP-v2

Figure 3-2 Menu 3.2 – TCP/IP and DHCP Ethernet Setup

Follow the instructions in the following table on how to configure the DHCP fields.

Table 3-1 LAN DHCP Setup Menu Fields

Field Description Example

DHCP=

This field enables/disables the DHCP server. If it is set to your Prestige will act as a DHCP server. If set to

None

service will be disabled and you must have another DHCP sever on your LAN, or else the workstation must be manually configured. When DHCP is set to

Server

, the following four items

need to be set.

Client IP Pool Starting Address

This field specifies the first of the contiguous addresses in the IP address pool.

Size of Client IP Pool This field specifies the size, or count, of the IP address pool. 32

Primary DNS Server Secondary DNS Server

Enter the IP addresses of the DNS servers. The DNS servers are passed to the DHCP clients along with the IP address and the subnet mask. Leave these entries at 0.0.0.0 if they are provided by a WAN DHCP server.

Server

, DHCP

Server

192.168.1.33

None

(default)

Follow the instructions in the following table to configure TCP/IP parameters for the LAN port.

Internet Access 3-5

Page 44

P314 Broadband Sharing Gateway with 4-Port Switch

Table 3-2 LAN TCP/IP Setup Menu Fields

Field Description Example

TCP/IP Setup

IP Address Enter the IP address of your Prestige in dotted decimal notation. 192.168.1.1

IP Subnet Mask Your Prestige will automatically calculate the subnet mask based

on the IP address that you assign. Unless you are implementing subnetting, use the subnet mask computed by the Prestige.

RIP Direction

Press the [SPACE BAR] to select the RIP direction from

Only/Out Only/None.

Both/In

(default)

255.255.255.0

Both

(default)

) and

RIP-1/RIP-

IGMP-v2

None

Version

Multicast IGMP (Internet Group Multicast Protocol) is a session-layer

When you have completed this menu, press [Enter] at the prompt [Press ENTER to Confirm…] to save your configuration, or press [Esc] at any time to cancel.

Press the [SPACE BAR] to select the RIP version from

2B/RIP-2M.

protocol used to establish membership in a Multicast group. The Prestige supports both IGMP version 1 ( Press the [SPACE BAR] to enable IP Multicasting or select (default) to disable it.

IGMP-v1

RIP-1

(default)

None

3.3 Internet Access Setup

You will see two different Menu 4 screens depending on whether you chose

Encapsulation

3.3.1 Ethernet Encapsulation

You must choose the is for a dial-up connection using PPPoE. If you choose

Ethernet

option when the WAN port is used as a regular Ethernet. The PPPoE choice

Ethernet

Menu 4

Ethernet

you will see the next screen.

PPPoE

3-6 Preface

Page 45

Menu 4 - Internet Access Setup

ISP's Name= ChangeMe Encapsulation= Ethernet Service Type= Standard My Login= N/A My Password= N/A Login Server IP= N/A

IP Address Assignment= Dynamic IP Address= N/A IP Subnet Mask= N/A Gateway IP Address= N/A Single User Account= Yes

Press ENTER to Confirm or ESC to Cancel:

Figure 3-3 Menu 4 – Internet Access Setup

The following table describes this screen.

Table 3-3 Internet Access Setup Menu Fields

Field Description

P314 Broadband Sharing Gateway with 4-Port Switch

ISP’s Name Enter the name of your Internet Service Provider, e.g., myISP. This

information is for identification purposes only.

Encapsulation

Press the [SPACE BAR] and then press [ENTER] to choose

Ethernet

. The

encapsulation method influences your choices for IP Address.

Service Type

Press the [SPACE BAR] to select Toshiba authentication method) or

Standard, RR-Toshiba

RR-Manager

(RoadRunner Manager

(RoadRunner

authentication method). Choose a RoadRunner flavor if your ISP is Time Warner's RoadRunner; otherwise choose

Note: DSL users must choose the

Standard

option only. The

Server IP, My Login IP

Standard

My Password

and

fields are not applicable in this case.

My Login Name Enter the login name given to you by your ISP.

My Password Enter the password associated with the login name above.

does not, then you must enter the authentication server IP address.

IP Address Assignment

If your ISP did not assign you a fixed IP address, select

Static

select

and enter the IP address & subnet mask in the following fields.

Dynamic

, otherwise

Internet Access 3-7

Page 46

P314 Broadband Sharing Gateway with 4-Port Switch

IP Address Enter the (fixed) IP address assigned to you by your ISP (Static IP Address

Assignment is selected in the previous field).

IP Subnet Mask Enter the subnet mask associated with your static IP.

Gateway IP Address Enter the gateway IP address associated with your static IP.

Single User Account Please see the SUA chapter in the next Part for a more detailed discussion

on SUA.

3.3.2 PPPoE Encapsulation

The Prestige supports PPPoE (Point-to-Point Protocol over Ethernet). PPPoE is an IETF Draft standard (RFC

2516) specifying how a personal computer (PC) interacts with a broadband modem (i.e. DSL, cable, wireless, etc.) connection.

For the service provider, PPPoE offers an access and authentication method that works with existing access control systems (e.g., Radius). For the user, PPPoE provides a login & authentication method that the existing Microsoft Dial-Up Networking software can activate, and therefore requires no new learning or procedures for Windows users.

One of the benefits of PPPoE is the ability to let end users access one of multiple network services, a function known as dynamic service selection. This enables the service provider to easily create and offer new IP services for specific users.

Operationally, PPPoE saves significant effort for both the end user and ISP/carrier, as it requires no specific configuration of the broadband modem at the customer site.

By implementing PPPoE directly on the Prestige 314 rather than individual PC’s, the machines on the LAN do

need PPPoE software installed since the P314 does that part of the task. Furthermore, with NAT, all

not

of the LAN’s machines will have access.

If you enable PPPoE in Menu 4, you will see the next screen. For more information on PPPoE, please see the Appendices.

3-8 Preface

Page 47

P314 Broadband Sharing Gateway with 4-Port Switch

Menu 4 - Internet Access Setup

ISP's Name= ChangeMe Encapsulation= PPPoE Service Type= N/A My Login= baboo My Password= ******** Idle Timeout= 100

IP Address Assignment= Dynamic IP Address= N/A IP Subnet Mask= N/A Gateway IP Address= N/A Single User Account= Yes

Press ENTER to Confirm or ESC to Cancel:

Figure 3-4 Menu 4 Using PPPoE

Table 3-4 New Fields in Menu 4 (PPPoE) Screen

Field Description Examples

Encapsulation

Press the [SPACE BAR] and then press [ENTER] to choose

PPPoE

The encapsulation method influences your choices for IP Address.

Service Type

Enter the PPPoE service name provided to you. PPPoE uses a

poellc

service name to identify and reach the PPPoE server.

Idle Timeout

This value specifies the time in seconds that elapses before the Prestige automatically disconnects from the PPPoE server.

100

(default)

3.4 Internet Setup Test

After configuring the Menu 4 fields, when you press [ENTER] to confirm you will see the message, " Do you wish to perform the Internet Setup Test[y/n]:" if you have chosen

PPPoE

as your encapsulation method.

Enter 'Y' to test your setup.

3.5 Basic Setup Complete

Well done! You have successfully connected, installed and set up your Prestige to operate on your network as well as access the Internet.

Internet Access 3-9

Page 48

Page 49

Advanced Applications

Part II:

Advanced Applications

Advanced Applications (Chapters 4-6) describe the advanced applications of your Prestige, such

as Remote Node Setup, IP Static Routes and SUA.

Page 50

P314 Broadband Sharing Gateway with 4-Port Switch

Chapter 4

Remote Node Setup

This chapter shows you how to configure a remote node.

A remote node is required for placing calls to a remote gateway. A remote node represents both the remote gateway and the network behind it across a WAN connection. Note that when you use Menu 4 to set up Internet access, you are actually configuring a remote node. We will show you how to configure

Remote Node Profile, Menu 11.3 – Remote Node Network Layer Options Node Filter

and

Menu 11.5 – Remote

4.1 Remote Node Profile

From the Main Menu, select menu option 11 to open variations of this menu depending on whether you choose

Encapsulation.

4.1.1 Ethernet Encapsulation

You must choose the screen you see is for

Ethernet

Menu 11.1 - Remote Node Profile

Rem Node Name= ChangeMe Route= IP Active= Yes

Encapsulation= Ethernet Edit IP= No Service Type= Standard Session Options: Service Name= N/A Edit Filter Sets= No Outgoing= My Login= N/A My Password= N/A Server IP= N/A

option when the WAN port is used as a regular Ethernet. The first Menu 11.1

encapsulation shown next.

Menu 11.1 – Remote Node Profile

Ethernet

Encapsulation

PPPoE

Menu 11.1

. There are two

Press ENTER to Confirm or ESC to Cancel:

Figure 4-1 Menu 11.1 Remote Node Profile for Ethernet Encapsulation

Remote Node Setup 4-1

Page 51

P314 Broadband Sharing Gateway with 4-Port Switch

Table 4-1 Fields in Menu 11.1

Field Description Examples

Rem Node Name

Active

Encapsulation Ethernet

Service Type

Service Name

Outgoing: My Login

Outgoing: My Password

Server IP

Route

Edit IP

Session Options: Edit Filter sets

Enter a descriptive name for the remote node. This field can be up to eight characters.

Press the [SPACE BAR] to toggle between and activate (deactivate) the remote node.

is the default encapsulation. Press the [SPACE

BAR] if you wish to change to

Press the [SPACE BAR] to select from

Toshiba

or method). Choose one of the RoadRunner methods if your ISP is Time Warner's RoadRunner; otherwise choose

This is valid only when you have chosen PPPoE encapsulation. If you are using PPPoE encapsulation, then type the name of your PPPoE service here.

This field is applicable for Enter the login name assigned by your ISP when the Prestige calls this remote node. Some ISPs append this field to the to access the PPPoE server.

Enter the password assigned by your ISP when the Prestige calls this remote node. Valid for encapsulation only.

This field is valid for RoadRunner service type only. The Prestige will find the RoadRunner Server IP automatically if this field is left blank. If it does not, then you must enter the authentication server IP address here.

This field refers to the protocol that will be routed by your Prestige – IP only for the P314.

This field leads to a “hidden” menu. Press the [SPACE BAR] to select

11.3 – Remote Node Network Layer Options

This field leads to another “hidden” menu. Use the [SPACE BAR] to toggle this field to [ENTER] to open Menu 11.5 to edit the filter sets. See the Remote Node Filter section for more details.

(RoadRunner Toshiba authentication method)

RR-Manager

Standard

(RoadRunner Manager authentication

Service Name

Yes

and press [ENTER] to go to M

PPPoE

encapsulation only.

field above (e.g.,

Yes

encapsulation.

Standard, RR-

jim@poellc

PPPoE

and press

and

enu

)

LAoffice

Yes

Ethernet

Standard

poellc

jim

*****

Yes

4-2 Remote Node Setup

Page 52

P314 Broadband Sharing Gateway with 4-Port Switch

4.1.2 PPPoE Encapsulation

The Prestige supports PPPoE (Point-to-Point Protocol over Ethernet). You can only use PPPoE encapsulation when you’re using the Prestige with an xDSL modem as the WAN device. If you change the

PPPoE,

then you will see the next screen. Please see

Menu 11.1 - Remote Node Profile

Rem Node Name= ChangeMe Route= IP Active= Yes

Encapsulation= PPPoE Edit IP= No Service Type= Standard Telco Option: Service Name= Allocated Budget(min)= 0 Outgoing= Period(hr)= 0 My Login= My Password= ********

Press ENTER to Confirm or ESC to Cancel:

Press Space Bar to Toggle.

the Appendices

Session Options: Edit Filter Sets= No Idle Timeout(sec)= 300

for more information on PPPoE.

Figure 4-2 Menu 11.1 Remote Node Profile for PPPoE Encapsulation

The following table describes the fields NOT already described in

Table 4-1

already.

Encapsulation

Table 4-2 Fields in Menu 11.1 (PPPoE Encapsulation Specific Only)

Field Description Examples

Telco Option: Allocated Budget

Period(hr)

The field sets a ceiling for outgoing call time for this remote node. The default is 0, meaning no budget control.

This field is the time period that the budget should be reset.

For example, if we are allowed to call this remote node for a

Allocated

is 1 (hour).

100 seconds

(default)

Idle Timeout

maximum of 10 minutes every hour, then the

Budget

is (10 minutes) and the

Period(hr)

This value specifies the idle time (i.e., the length of time there is no traffic from the Prestige to the remote node) in seconds that can elapse before the Prestige automatically disconnects the PPPoE connection. This option only applies

when the Prestige initiates the call

Remote Node Setup 4-3

Page 53

P314 Broadband Sharing Gateway with 4-Port Switch

4.2 Editing TCP/IP Options

Move the cursor to the

Yes

. Press

[ENTER]

Edit IP

IP Address Assignment= Dynamic Rem IP Addr: N/A Rem Subnet Mask= N/A My WAN Addr= N/A

Single User Account= Yes Metric= N/A Private= N/A RIP Direction= None Version= N/A Multicast= None

Enter here to CONFIRM or ESC to CANCEL: Press Space Bar to Toggle.

Figure 4-3 Remote Node Network Layer Options

The next table gives you instructions about configuring remote node network layer options.

Table 4-3 Remote Node Network Layer Options Menu Fields

Field Description Example

IP Address Assignment

Rem IP Address

Rem Subnet Mask

My WAN Addr

Single User Account

Metric

to open

field in

Menu 11.1

Menu 11.3 – Network Layer Options

Menu 11.3 - Remote Node Network Layer Options

, then press the

[SPACE BAR]

to toggle and set the value

If your ISP did not assign you an explicit IP address, select

Dynamic;

otherwise select

Static

and enter the IP address &

subnet mask in the following fields.

If you have a

Static IP Assignment,

enter the IP address assigned

to you by your ISP.

If you have a

Static IP Assignment,

enter the subnet mask

assigned to you.

If you have a

Static

IP Assignment, enter the gateway IP address

assigned to you.

Use the [SPACE BAR] to toggle

Yes

and No. See the chapter on

SUA for a full discussion of this feature.

This field is valid only for PPPoE encapsulation. The metric represents the “cost” of transmission for routing purposes. IP routing uses hop count as the measurement of cost, with a minimum of 1 for directly connected networks. Enter a number that approximates the cost for this link. The number need not be precise, but it must be between 1 and 15. In practice, 2 or 3 is usually a good number.

Dynamic

Yes

4-4 Remote Node Setup

Page 54

P314 Broadband Sharing Gateway with 4-Port Switch

Field Description Example

Private

RIP

Version

Multicast

Once you have completed filling in the Network Layer Options Menu, press [ENTER] to return to Menu 11. Press [ENTER] at the message [Press ENTER to Confirm...] to save your configuration, or press [ESC] at any time to cancel.

This field is valid only for

parameter determines if the Prestige will include the route to this remote node in its RIP broadcasts. If set to private and not included in RIP broadcast. If No, the route to this remote node will be propagated to other hosts through RIP broadcasts.

Press the [SPACE BAR] to select the

None/In Only/Out Only

information on RIP. The default for RIP on the WAN side is It is recommended you do not change this setting.

Press the [SPACE BAR] to select the RIP version from

2B/RIP-2M

IGMP (Internet Group Multicast Protocol) is a session-layer protocol used to establish membership in a Multicast group. The Prestige supports both IGMP version 1 ( Press [SPACE BAR] to enable IP Multicasting or select disable it. Please see Part 1 for more information on these two fields.

None.

PPPoE

. Please see section 3.1.4 for more

encapsulation.

Yes

RIP direction

IGMP-v1

This

, this route is kept

from

RIP-1/RIP-

IGMP-v2

) and

None

Both/

None.

Yes

None

4.3 Remote Node Filter

Move the cursor to the field the value to Use

Menu 11.5

. Press [ENTER] to open

YES

to specify the filter set(s) to apply to the incoming and outgoing traffic between this remote

Edit Filter Sets

node and the Prestige and to prevent certain packets from triggering calls. You can specify up to 4 filter sets separated by a comma, e.g., 1, 5, 9, 12, in each Note that spaces are accepted in this field. For more information on defining the filters, please refer to the chapter on filters. Note that for PPPoE encapsulation, you can also specify remote node call filter sets.

Remote Node Setup 4-5

Menu 11.1

, then press the

[SPACE BAR]

Menu 11.5 – Remote Node Filter

field.

filter

to toggle and set

Page 55

P314 Broadband Sharing Gateway with 4-Port Switch

Menu 11.5 - Remote Node Filter

Input Filter Sets: protocol filters= 3 device filters= Output Filter Sets: protocol filters= 1 device filters=

Enter here to CONFIRM or ESC to CANCEL:

Figure 4-4 Remote Node Filter (Ethernet Encapsulation)

Menu 11.5 - Remote Node Filter

Input Filter Sets: protocol filters= 3 device filters= Output Filter Sets: protocol filters= 1 device filters= Call Filter Sets: protocol filters= 1 device filters=

Enter here to CONFIRM or ESC to CANCEL:

Figure 4-5 Remote Node Filter (PPPoE Encapsulation)

4-6 Remote Node Setup

Page 56

P314 Broadband Sharing Gateway with 4-Port Switch

Chapter 5

IP Static Route Setup

This chapter shows you how to configure static routes with your Prestige.

Static routes tell the Prestige routing information that it cannot learn automatically through other means. This can arise in cases where RIP is disabled on the LAN. Each remote node specifies only the network to which the gateway is directly connected and the Prestige has no knowledge of the networks beyond. For instance, the Prestige knows about network N2 in the following diagram through remote node Router 1. However, the Prestige is unable to route a packet to network N3 because it doesn’t know that there is a route through the same remote node Router 1 (via gateway Router 2). The static routes are for you to tell the Prestige about the networks beyond the remote nodes.

Figure 5-1 Example of Static Routing Topology

IP Static Route Setup 5-1

Page 57

P314 Broadband Sharing Gateway with 4-Port Switch

5.1 IP Static Route Setup

You configure IP static routes in

Menu 12 – IP Static Route Setup

as shown below. Enter 12 from the Main Menu.

Menu 12 - IP Static Route Setup

1. ________

2. ________

3. ________

4. ________

5. ________

6. ________

7. ________

8. ________

Enter selection number:

Figure 5-2 Menu 12 – IP Static Route Setup

Now, enter the index number of one of the static routes you want to configure.

Menu 12.1 - Edit IP Static Route

Route #: 1 Route Name= ? Active= No Destination IP Address= ? IP Subnet Mask= ? Gateway IP Address= ? Metric= 2 Private= No

, by selecting one of the IP static routes

Press ENTER to CONFIRM or ESC to CANCEL:

Figure 5-3 Menu 12. 1 – Edit IP Static Route

`The following table describes the IP Static Route Menu fields.

5-2 IP Static Route Setup

Page 58

P314 Broadband Sharing Gateway with 4-Port Switch

Table 5-1 IP Static Route Menu Fields

Field Description

Route # This is the index number of the static route that you chose in Menu 12.

Route Name Enter a descriptive name for this route. This is for identification purposes only.

Active This field allows you to activate/deactivate this static route.

Destination IP Address

IP Subnet Mask Enter the IP subnet mask for this destination.

Gateway IP Address

Metric Metric represents the “cost” of transmission for routing purposes. IP routing uses hop

Private This parameter determines if the Prestige will include the route to this remote node in

Once you have completed filling in this menu, press [ENTER] at the message [Press ENTER to Confirm…] to save your configuration, or press [ESC] to cancel.

This parameter specifies the IP network address of the final destination. Routing is always based on network number. If you need to specify a route to a single host, use a subnet mask of 255.255.255.255 in the subnet mask field to force the network number to be identical to the host ID.

Enter the IP address of the gateway. The gateway is an immediate neighbor of your Prestige that will forward the packet to the destination. On the LAN, the gateway must be a router on the same segment as your Prestige; over the WAN, the gateway must be the IP address of one of the Remote Nodes.

count as the measurement of cost, with a minimum of 1 for directly connected networks. Enter a number that approximates the cost for this link. The number need not be precise, but it must be between 1 and 15. In practice, 2 or 3 is usually a good number.

its RIP broadcasts. If set to Yes, this route is kept private and not included in RIP broadcast. If No, the route to this remote node will be propagated to other hosts through RIP broadcasts.

IP Static Route Setup 5-3

Page 59

Page 60

P314 Broadband Sharing Gateway with 4-Port Switch

Chapter 6

SUA Server Setup

This chapter introduces SUA and helps you set up multiple servers behind SUA.

6.1 Single User Account (SUA)

Typically, if there are multiple users on the LAN wanting to concurrently access the Internet, you will have to lease a block of legal, or globally unique, IP addresses from the ISP. Your Prestige accomplishes address sharing by translating the internal LAN IP addresses to a single address that is globally unique on the Internet. The SUA feature allows you to have the same benefits as having multiple legal addresses, but allows you to have one legal IP address and many local LAN IP addresses that can be used in other domains also, thus conserving the number of global IP addresses. The Single User Account feature may also be used on connections to remote networks other than the ISP. For example, this feature can be used to simplify the allocation of IP addresses when connecting branch offices to the corporate network. The IP address for the SUA can be either fixed or dynamically assigned. In addition, you can designate servers, e.g., a web server, on your local network in the client side and make them accessible to outside world.

Figure 6-1 An Example of Single User Account Topology

SUA offers the additional benefit of firewall protection. All incoming inquiries will be filtered out by your Prestige and thus preventing intruders from probing your network.

SUA Server Setup 6-1

Page 61

P314 Broadband Sharing Gateway with 4-Port Switch

For more information on IP address translation as a solution for IP address depletion problem, refer to RFC 1631,

The IP Network Address Translator (NAT)

In summary:

SUA helps in more efficient IP address management.

•

SUA can provide firewall protection. All incoming inquiries will be filtered out by your Prestige.

•

UDP and TCP datagrams can be routed. In addition, partial ICMP, including echo (ping) and trace

•

route, is supported. SUA is also a cost-effective solution for offices to access the Internet or other remote TCP/IP networks

•

as they have to pay for a single globally unique IP address only.

6.1.1 Single User AccountConfiguration

The steps for configuring your Prestige for Single User Account are identical to conventional Internet access (See configuration instructions in the previous chapter) with the exception that you need to fill in two extra fields in

Menu 4 – Internet Access Setup

the output interface and is valid

ISP's Name= ChangeMe Encapsulation= Ethernet Service Type= Standard My Login= N/A My Password= N/A Server IP= N/A

IP Address Assignment= Dynamic IP Address= N/A IP Subnet Mask= N/A Gateway IP Address= N/A Single User Account= Yes

only

Menu 4 - Internet Access Setup

, as shown in the following figure. SUA here is applied solely to

for LAN -– WAN connections and

for connections between LANs.

not

SUA

Press ENTER to Confirm or ESC to Cancel:

Figure 6-2 Menu 4 – Internet Access Setup for Single User Account

Follow the instructions on how to configure the SUA fields in the following table.

Table 6-1 Single User Account Menu Fields

Field Description

Single User Account

Press [ENTER] at the message [Press ENTER to Confirm ...] to save your configuration, or press [ESC] at any time to cancel.

To enable SUA in field and press [SPACE BAR] to select

Menu 4

, move the cursor to the

Yes

Single User Account

(or No to disable SUA).

6-2 SUA Server Setup

Page 62

P314 Broadband Sharing Gateway with 4-Port Switch

When SUA is disabled, the Prestige sends packets from your LAN computers to the remote computer on the WAN using real source and destination IPs - no port translation is performed. If the LAN computers use private IPs (Private Networks IPs: 10.0.0.0 ~ 10.255.255.255; 172.16.0.0. ~ 172.31.255.255; 192.168.0.0. ~

192.168.255.255) and SUA is disabled, outgoing packets are routed by the Prestige but are never returned.

Only legal IPs are valid on the Internet. Computers on your LAN must use legal IPs

when SUA is disabled.

6.2 Multiple Servers behind SUA

If you wish, you can make inside servers for different services, e.g., web or FTP, visible to the outside users, even though SUA makes your whole inside network appear as a single machine to the outside world. A service is identified by the port number, e.g., web service is on port 80 and FTP on port 21. As an example, if you have a web server at 192.168.1.2 and an FTP server 192.168.1.3, then you need to specify for port 80 (web) the server at IP address 192.168.1.2 and for port 21 (FTP) another at IP address

192.168.1.3. Please note that a server can support more than one service, e.g., a server can provide both FTP and DNS service, while another provides only web service. Also, since you need to specify the IP address of a server in the Prestige, a server must have a fixed IP address and not be a DHCP client whose IP address potentially changes each time it is powered on. In addition to the servers for specific services, SUA supports a default server. A service request that does not have a server explicitly designated for it is forwarded to the default server. If the default server is not defined, the service request is simply discarded. To make a server visible to the outside world, specify the port number of the service and the inside IP address of the server in Please note that the default filters protect the services running on the P314 (web, telnet, ftp, etc). These services are NOT protected by the SUA! Moreover, SUA protection is compromised once servers are specified in menu 15.

Menu 15, Multiple Server Configuration

SUA Server Setup 6-3

Page 63

Port #

----

2. 0

3. 0

4. 0

5. 0

6. 0

7. 0

8. 0

9. 0

10. 0

11. 0

12. 1026

Default

Press ENTER to Confirm or ESC to Cancel:

P314 Broadband Sharing Gateway with 4-Port Switch

Menu 15 - Multiple Server Configuration

IP Address

---------------

0.0.0.0

0.0.0.0 RR Reserved

Figure 6-3 Menu 15

For more information on configuring supporting applications behind SUA refer to the

ZyNOS Support Note documentation on your Support Disc.

6.2.1 Configuring a Server behind SUA

Follow the steps below to configure a server behind SUA:

Step 1 Step 2

Step 3

The most often used port numbers are:

Enter 15 in the Main Menu to go to Enter the service port number in the

Address

field.

Menu 15 – Multiple Server Configuration.

field and the inside IP address of the server in the

Port #

Press [ENTER] at the “Press ENTER to confirm …” prompt to save your configuration after you define all the servers or press

at any time to cancel.

ESC

6-4 SUA Server Setup

Page 64

P314 Broadband Sharing Gateway with 4-Port Switch

Table 6-2 Services vs. Port number

Services Port Number

FTP (File Transfer Protocol) 21

Telnet 23

SMTP (Simple Mail Transfer Protocol) 25

DNS (Domain Name System) 53

HTTP (Hyper Text Transfer protocol or WWW, Web) 80

POP3 (Post Office Protocol, version 3) 110

PPTP (Point-to-Point Tunneling Protocol) 1723

SUA Server Setup 6-5

Page 65

Page 66

Advanced Management

Part III:

Advanced Management

Chapters 7 – 11 provide information on Prestige Filtering, System Information and Diagnosis,

Transferring Files and Telnet.

III

Page 67

Page 68

P314 Broadband Sharing Gateway with 4-Port Switch

Chapter 7

Filter Configuration

This chapter shows you how to create and apply filter(s).

7.1 About Filtering

Your Prestige uses filters to decide whether to allow passage of a data packet and/or to make a call. There are two types of filter applications: data filtering and call filtering. Filters are subdivided into device and protocol filters, which are discussed later. Data filtering screens the data to determine if the packet should be allowed to pass. Data filters are divided into incoming and outgoing filters, depending on the direction of the packet relative to a port. Data filtering can be applied on either the WAN side or the LAN side. Call filtering is used to determine if a packet should be allowed to trigger a call. Remote node call filtering is only applicable when using PPPoE encapsulation. Outgoing packets must undergo data filtering before they encounter call filtering as shown in the following figure.

Call Filtering

Outgoing

Packet

Data Filtering

Match MatchMatch

Drop

packet

match

Call Filters

Drop packet if line not up

Built-in default

match

Or Or

Send packet

but do not reset

Idle Timer

User-defined

Call Filters

(if applicable)

Drop packet if line not up

Send packet

but do not reset

Idle Timer

match

Active Data

Initiate call

if line not up

Send packet

and reset

Idle Timer

Figure 7-1 Outgoing Packet Filtering Process

For incoming packets, your Prestige applies data filters only. Packets are processed depending upon whether a match is found. The following sections describe how to configure filter sets.

Filter Configuration 7-1

Page 69

P314 Broadband Sharing Gateway with 4-Port Switch

7.1.1

A filter set consists of one or more filter rules. Usually, you would group related rules, e.g., all the rules for NetBIOS, into a single set and give it a descriptive name. The Prestige allows you to configure up to twelve filter sets with six rules in each set, for a total of 72 filter rules in the system. You cannot mix device filter rules and protocol filter rules within the same set. You can apply up to four filter sets to a particular port to block multiple types of packets. With each filter set having up to six rules, you can have a maximum of 24 rules active for a single port. Three sets of factory default filter rules have been configured in Menu 21 to prevent NetBIOS traffic from triggering calls and to prevent incoming telnetting. A summary of their filter rules is shown in the figures that follow. The following diagram illustrates the logic flow when executing a filter rule.

The Filter Structure of the Prestige

7-2 Filter Configuration

Page 70

P314 Broadband Sharing Gateway with 4-Port Switch

Start

Packet into

filter

Fetch First

Filter Set

Fetch Next

Filter Set

Yes

Next Filter Set

Available?

Fetch Next Filter Rule

Yes

Next filter

Rule

Available?

Check

Next Rule

Fetch First

Filter Rule

Active?

Yes

Execute

Filter Rule

Drop

Accept PacketDrop Packet

Forward

Figure 7-2 Filter Rule Process

You can apply up to four filter sets to a particular port to block multiple types of packets. With each filter set having up to six rules, you can have a maximum of 24 rules active for a single port.

Filter Configuration 7-3

Page 71

P314 Broadband Sharing Gateway with 4-Port Switch

7.2 Configuring a Filter Set

To configure a filter set, follow the procedure below.

Step 1.

Step 2. Step 3. Step 4.

Select option 21. Filter Set Configuration from the Main Menu to open Menu 21.1

Menu 21 - Filter Set Configuration

Filter Filter Set # Comments Set # Comments

------ ----------------- ------ ---------------- 1 NetBIOS_WAN 7 _______________ 2 NetBIOS_LAN 8 _______________ 3 Tel_FTP_Web_WAN 9 _______________ 4 _______________ 10 _______________ 5 _______________ 11 _______________ 6 _______________ 12 _______________

Enter Filter Set Number to Configure= 0

Edit Comments= N/A

Press ENTER to Confirm or ESC to Cancel:

Figure 7-3 Menu 21 – Filter Set Configuration

Select the filter set you wish to configure (no. 1-12) and press [ENTER] Enter a descriptive name or comment in the Edit Comments field and press [ENTER]. Press [ENTER] at the message: [Press ENTER to confirm] to open Menu 21.1 – Filter Rules Summary.

7-4 Filter Configuration

Page 72

P314 Broadband Sharing Gateway with 4-Port Switch

Menu 21.1 - Filter Rules Summary

# A Type Filter Rules M m n

- - ---- -------------------------------------------- --------- - - 1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=137 N D N 2 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=138 N D N 3 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=139 N D N 4 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=137 N D N 5 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=138 N D N 6 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=139 N D F

Enter Filter Rule Number (1-6) to Configure:

Press ENTER to Confirm or ESC to Cancel:

Figure 7-4 NetBIOS_WAN Filter Rules Summary

Menu 21.2 - Filter Rules Summary

# A Type Filter Rules M m n

- - ---- -------------------------------------------- --------- - - 1 Y IP Pr=17, SA=0.0.0.0, SP=137, DA=0.0.0.0, DP=53 N D F 2 N 3 N 4 N 5 N 6 N

Enter Filter Rule Number (1-6) to Configure:

Figure 7-5 NetBIOS _LAN Filter Rules Summary

Menu 21.3 - Filter Rules Summary

# A Type Filter Rules M m n

- - ---- --------------------------------------------------------------- - - 1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=23 N D N 2 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=21 N D N 3 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=80 N D F 4 N 5 N 6 N

Enter Filter Rule Number (1-6) to Configure:

Figure 7-6 Tel_FTP_Web_WAN Filter Rules Summary

Filter Configuration 7-5

Page 73

P314 Broadband Sharing Gateway with 4-Port Switch

7.2.1 Filter Rules Summary Menu

This screen shows the summary of the existing rules in the filter set. The following tables contain a brief description of the abbreviations used in the previous menus.

Table 7-1 Abbreviations Used in the Filter Rules Summary Menu

Abbreviations Description Display

# Refers to the filter rule number (1-6).

A Shows whether the rule is active or not. [Y] means the filter rule is active.

[N] means the filter rule is inactive.

Type Refers to the type of filter rule.

This shows GEN for generic, or IP for TCP/IP

Filter Rules The filter rule parameters will be

displayed here (see below).

Refers to like a logical AND i.e., the set is only matched if ALL rules in it are matched.

[Y] means an action can not yet be taken as there are more rules to check, which are concatenated with the present rule to form a rule chain. When the rule chain is complete an action can be taken.

[N] means you can now specify an action to be taken i.e., forward the packet, drop the packet or check the next rule. For the latter, the next rule is independent of the rule just checked.

If More is

Action Not Matched

Refers to

[F] means to forward the packet immediately and skip checking the remaining rules.

Refers to

[F] means to forward the packet immediately and skip checking the remaining rules.

7.4 Filter Types and SUA

There are two classes of filter rules, Generic Filter (Device) rules and Protocol Filter (TCP/IP) rules. Generic Filter rules act on the raw data from/to LAN and WAN. Protocol Filter rules act on the IP packets. Generic and TCP/IP filter rules are discussed in more detail in the next section. When SUA (Single User Account) is enabled, the inside IP address and port number are replaced on a connection-by-connection basis, which makes it impossible to know the exact address and port on the wire. Therefore, the Prestige applies the protocol filters to the “native” IP address and port number before SUA for outgoing packets and after

Filter Configuration 7-15

Page 83

P314 Broadband Sharing Gateway with 4-Port Switch

SUA for incoming packets. On the other hand, the generic, or device filters are applied to the raw packets that appear on the wire. They are applied at the point when the Prestige is receiving and sending the packets; i.e. the interface. The interface can be an Ethernet port or any other hardware port. The following diagram illustrates this.

Figure 7-13 Protocol and Device Filter Sets

7.5 Applying a Filter and Factory Defaults

This section shows you where to apply the filter(s) after you design it (them). Sets of factory default filter rules have been configured in Menu 21 to prevent NetBIOS traffic from triggering calls, and block incoming telnet, FTP and HTTP connections.

7.5.1 LAN Traffic

LAN traffic filter sets may be useful to block certain packets, reduce traffic and prevent security breaches. Go to Menu 3.1 (shown next) and enter the number(s) of the filter set(s) that you want to apply as appropriate. You can choose up to four filter sets (from twelve) by entering their numbers separated by commas, e.g., 3, 4, 6, 11. Input filter sets filter incoming traffic to the Prestige and Output filter sets filter outgoing traffic from the Prestige. The factory default set, NetBIOS_LAN, can be inserted in protocol filters –field under Input Filter Sets in Menu 3.1 to block NetBIOS traffic to the Prestige from the LAN.

Menu 3.1 – LAN Port Filter Setup

Input Filter Sets: protocol filters= 2 device filters= Output Filter Sets: Protocol filters= device filters=

Press ENTER to Confirm or ESC to Cancel:

Apply Default Filter 2 here.

Figure 7-14 Filtering LAN Traffic

7-16 Filter Configuration

Page 84

P314 Broadband Sharing Gateway with 4-Port Switch

7.5.2 Remote Node Filters

Go to Menu 11.5 (shown below – note that call filter sets are only present for PPPoE encapsulation) and enter the number(s) of the filter set(s) as appropriate. You can cascade up to four filter sets by entering their numbers separated by commas. The factory default filter set, NetBIOS_WAN, can be applied in Menu 11.5 to block local NetBIOS traffic from triggering calls to the ISP (when you are using only). Enter “1” in the protocol filters field under Call Filter Sets when using PPPoE encapsulation and in protocol filters under Output Filter Sets – protocol filters when using Ethernet encapsulation. Filter set “3”, Telnet_WAN, blocks telnet connections from the WAN Port to help prevent security breaches. Filter set “4”, FTP_WAN, blocks FTP connections from the WAN Port. Apply them as shown in the following figure.

PPPoE

encapsulation

Menu 11.5 - Remote Node Filter

Input Filter Sets: protocol filters= 3 device filters= Output Filter Sets: protocol filters= 1 device filters= Call Filter Sets: protocol filters= 1 device filters

Enter here to CONFIRM or ESC to CANCEL:

Figure 7-15 Filtering Remote Node Traffic

Apply Default Filters 1 and 3 here. Enter 1 in

protocol filters

Output

under

Filter Sets

when using Ethernet encapsulation and under

Filter Sets

Call

when using PPPoE Encapsulation

Filter Configuration 7-17

Page 85

Page 86

P314 Broadband Sharing Gateway with 4-Port Switch

Chapter 8

System Information and Diagnosis

This chapter talks you through SMT Menus 24.1 to 24 .4.

This chapter covers the diagnostic tools that help you to maintain your Prestige. These tools include updates on system status, port status, log and trace capabilities and upgrades for the system software. This chapter describes how to use these tools in detail. Select menu 24 in the main menu to open Menu 24 – System Maintenance, as shown below.

Menu 24 - System Maintenance

1. System Status

2. System Information and Console Port Speed

3. Log and Trace

4. Diagnostic

5. Backup Configuration

6. Restore Configuration

7. Firmware Upload

8. Command Interpreter Mode

9. Call Control

Enter Menu Selection Number:

Figure 8-1 Menu 24 – System Maintenance

System Information and Diagnosis 8-1

Page 87

P314 Broadband Sharing Gateway with 4-Port Switch

8.1 System Status

The first selection, System Status, gives you information on the version of your system firmware and the status and statistics of the ports, as shown in the figure below. System Status is a tool that can be used to monitor your Prestige. Specifically, it gives you information on your system firmware version, number of packets sent and number of packets received. To get to the System Status:

Step 1:

Step 2:

Step 3:

The table below describes the fields present in Menu 24.1 – System Maintenance – Status. It should be noted that these fields are READ-ONLY and are meant to be used for diagnostic purposes. The upper right corner of the screen shows the time and date according to the format you set in Menu 24.10.

Enter number 24 to go to Menu 24 – System Maintenance.

In this menu, enter number 1 to open System Maintenance – Status.

There are three commands in Menu 24.1 – System Maintenance – Status. Entering 1 drops the PPPoE connection, 9 resets the counters and [Esc] takes you back to the previous screen.

Menu 24.1 - System Maintenance - Status

Status

Port

10M/Half

WAN

10M/Half

LAN

Port WAN LAN

Ethernet Address 00:a0:c5:21:8c:a3 00:a0:c5:21:8c:a2

System up Time: 2:21:02

Name: 314.baboo.zyxel.com Routing: IP ZyNOS F/W Version: V3.20(CA.0)b3 | 6/12/2000

COMMANDS: 1-Drop PPPoE 9-Reset Counters ESC-Exit

TxPkts 67 299

RxPkts

IP Address x.y.155.97

192.168.1.1

Press Command:

Figure 8-2 Menu 24.1 – System Maintenance – Status

289 220

Cols

74 74

Rx B/s

IP Mask

Tx B/s 0 0

255.255.255.0

64 64

Up Time 2:20:56 2:20:54

DHCP Client Server

8-2 System Information and Diagnosis

Page 88

P314 Broadband Sharing Gateway with 4-Port Switch

The following table describes the fields present in Menu 24.1 – System Maintenance – Status.

Table 8-1 System Maintenance – Status Menu Fields

Field Description

Port The WAN or LAN port.

Status

TxPkts The number of transmitted packets on this port.

RxPkts The number of received packets on this port.

Cols The number of collisions on this port.

Tx B/s Shows the transmission speed in Bytes per second on this port.

Rx B/s Shows the reception speed in Bytes per second on this port.

Up Time Total amount of time the line has been up.

LAN

Ethernet Address The LAN port Ethernet address.

IP Address The LAN port IP address.

IP Mask The LAN port IP mask.

DHCP The LAN port DHCP role.

WAN

Ethernet Address The WAN port Ethernet address.

IP Address The WAN port IP address.

IP Mask The WAN port IP mask.

DHCP The WAN port DHCP role.

System up Time The total time the Prestige has been on.

Name This is the Prestige's system name + domain name assigned in Menu

ZyNOS F/W Version The ZyNOS Firmware version and the date created.

Shows the port speed and duplex setting if you’re using

Encapsulation

(starting to trigger a call) and

PPPoE Encapsulation

1. E.G., System Name= 314; Domain Name= baboo.zyxel.com

Name= 314.baboo.zyxel.com

and

down

(line is down),

idle

(line (PPP) idle),

drop

(dropping a call) if you’re using

Ethernet

dial

System Information and Diagnosis 8-3

Page 89

P314 Broadband Sharing Gateway with 4-Port Switch

8.2 System Information and Console Port Speed

This section describes your system and allows you to choose different console port speeds. To get to the System Information and Console Port Speed:

Step 4:

Step 5:

Step 6:

8.2.1 System Information

System Information gives you information about your system as shown below. More specifically, it gives you information on your routing protocol, Ethernet address, IP address, etc.

Enter 24 to go to Menu 24 – System Maintenance.

Enter 2 to open, Menu 24.2 – System Information and Console Port Speed.

From this Menu you have two choices as shown in the next figure:

Menu 24.2 - System Information and Console Port Speed

1. System Information

2. Console Port Speed

Please enter selection:

Figure 8-3 Menu 24.2 – System Information and Console Port Speed

Press ESC or RETURN to Exit

Menu 24.2.1 - System Maintenance - Information

Name: xxx.baboo.mickey.com Routing: IP ZyNOS F/W Version: V3.20(CA.0)b3 | 6/12/2000

LAN Ethernet Address: 00:a0:c5:21:8c:a2 IP Address: 192.168.1.1 IP Mask: 255.255.255.0 DHCP: Server

Figure 8-4 Menu 24.2.1 – System Maintenance – Information

8-4 System Information and Diagnosis

Page 90

P314 Broadband Sharing Gateway with 4-Port Switch

Table 8-2 Fields in System Maintenance

Field Description

Name This is the Prestige's system name + domain name assigned in Menu

1. E.G., System Name= xxx; Domain Name= baboo.mickey.com; Name= xxx.baboo.mickey.com.

Routing Refers to the routing protocol used.

ZyNOS F/W Version Refers to the version of ZyXEL's Network Operating System software.

Ethernet Address Refers to the Ethernet MAC (Media Access Control) address of your

Prestige.

IP Address This is the IP address of the Prestige in dotted decimal notation.

IP Mask This shows the IP mask of the Prestige.

DHCP This field shows the DHCP setting of the Prestige.

8.2.2 Console Port Speed

You can change the speed of the console port through Menu 24.2.2 – Console Port Speed. Your Prestige supports 9600 (default), 19200, 38400, 57600, and 115200 bps for the console port. Use the [SPACE BAR] to select the desired speed in Menu 24.2.2, as shown below.

Menu 24.2.2 – System Maintenance – Change Console Port Speed

Console Port Speed: 115200

Press ENTER to Confirm or ESC to Cancel: Press Space Bar to Toggle.

Figure 8-5 Menu 24.2.2 – System Maintenance – Change

Console Port Speed

8.3 Log and Trace

There are two logging facilities in the Prestige. The first is the error logs and trace records that are stored locally. The second is the UNIX syslog facility for message logging.

8.3.1 Viewing Error Log

The first place you should look for clues when something goes wrong is the error/trace log. Follow the procedure below to view the local error/trace log:

System Information and Diagnosis 8-5

Page 91

P314 Broadband Sharing Gateway with 4-Port Switch

Step 1. Step 2. Step 3.

Select option 24 from the Main Menu to open Menu 24 – System Maintenance. From Menu 24, select option 3 to open Menu 24.3 – System Maintenance – Log and Trace. Select the first option from Menu 24.3 – System Maintenance – Log and Trace to display the error log in the system.

After the Prestige finishes displaying, you will have the option to clear the error log.

Menu 24.3 - System Maintenance - Log and Trace

1. View Error Log

2. UNIX Syslog

4. Call-Triggering Packet

Please enter selection

Figure 8-6 Examples of Error and Information Messages

Examples of typical error and information messages are presented in the figure below.

59 Thu Jan 1 00:00:03 1970 PINI INFO SMT Session Begin 60 Thu Jan 1 00:05:11 1970 PINI INFO SMT Session End 61 Thu Jan 1 00:17:59 1970 PINI INFO SMT Session Begin 62 Thu Jan 1 00:24:40 1970 PINI INFO SMT Session End 63 Thu Jan 1 00:35:32 1970 PINI INFO SMT Session Begin Clear Error Log (y/n):

Figure 8-7 Examples of Error and Information Messages

8.3.2 UNIX Syslog

The Prestige uses the UNIX syslog facility to log the CDR (Call Detail Record) and system messages to a syslog server. Syslog and accounting can be configured in Menu 24.3.2 – System Maintenance – UNIX Syslog as shown next.

8-6 System Information and Diagnosis

Page 92

P314 Broadband Sharing Gateway with 4-Port Switch

Menu 24.3.2 -- System Maintenance - UNIX Syslog

UNIX Syslog: Active= No Syslog IP Address= ? Log Facility= Local 1

Types: CDR= No Packet triggered= No Filter log= No PPP log= No

Press Space Bar to Toggle.

Press ENTER to Confirm or ESC to Cancel:

Figure 8-8 Menu 24.3.2 – System Maintenance – UNIX Syslog

You need to configure the UNIX syslog parameters described in the following table to activate syslog then choose what you want to log.

Table 8-3 System Maintenance Menu Syslog Parameters

Parameter Description

UNIX Syslog:

Active Press the [SPACE BAR] to turn on or off syslog.

Syslog IP Address Enter the IP Address of the server that will log the CDR (Call Detail Record) and

system messages i.e., the syslog server.

Log Facility Press the [SPACE BAR] to toggle between the 7 different Local options. The log

facility allows you to log the message to different files in the server. Please refer to your UNIX manual for more detail.

Types:

CDR

Call Detail Record (CDR) logs all data phone line activity if set to

Yes

Packet triggered The first 48 bytes or octets and protocol type of the triggering packet is sent to the

Yes

Filter log

PPP log

UNIX syslog server when this field is set to

No filters are logged when this field is set to No. Filters with the individual filter Log Filter field set to

Yes

(Menu 21.x.x) are logged when this field is set to

PPP events are logged when this field is set to

Your Prestige sends four types of syslog messages. Some examples (not P314 specific) of these syslog messages with their message formats are shown next:

System Information and Diagnosis 8-7

Page 93

P314 Broadband Sharing Gateway with 4-Port Switch

CDR

CDR Message Format

Jul 19 11:19:27 192.168.102.2 ZyXEL: board 0 line 0 channel 0, call 1, C01 Outgoing Call dev=2 ch=0 40002 Jul 19 11:19:32 192.168.102.2 ZyXEL: board 0 line 0 channel 0, call 1, C02 OutCall Connected 64000 40002 Jul 19 11:20:06 192.168.102.2 ZyXEL: board 0 line 0 channel 0, call 1, C02 Call Terminated

Packet triggered

Packet triggered Message Format sdcmdSyslogSend( SYSLOG_PKTTRI, SYSLOG_NOTICE, String );

Jul 19 11:28:39 192.168.102.2 ZyXEL: Packet Trigger: Protocol=1, Data=4500003c100100001f010004c0a86614ca849a7b08004a5c020001006162636465666768696a6b6c6d6e6f 7071727374 Jul 19 11:28:56 192.168.102.2 ZyXEL: Packet Trigger: Protocol=1, Data=4500002c1b0140001f06b50ec0a86614ca849a7b0427001700195b3e00000000600220008cd40000020405 b4 Jul 19 11:29:06 192.168.102.2 ZyXEL: Packet Trigger: Protocol=1, Data=45000028240140001f06ac12c0a86614ca849a7b0427001700195b451d1430135004000077600000

Filter log

Filter log Message Format

String = IP[Src=xx.xx.xx.xx Dst=xx.xx.xx.xx prot spo=xxxx dpo=xxxx] S04>R01mD

IP[…] is the packet header and S04>R01mD means filter set 4 (S) and rule 1 (R), match (m) drop (D).

spo: Source port dpo: Destination port

SdcmdSyslogSend( SYSLOG_CDR, SYSLOG_INFO, String ); String = board xx line xx channel xx, call xx, str board = the hardware board ID line = the WAN ID in a board Channel = channel ID within the WAN call = the call reference number which starts from 1 and increments by 1 for each new call str = C01 Outgoing Call dev xx ch xx (dev:device No. ch:channel No.)

L02 Tunnel Connected(L2TP) C02 OutCall Connected xxxx (means connected speed) xxxxx (means Remote Call Number)

L02 Call Terminated C02 Call Terminated

String = Packet trigger: Protocol=xx Data=xxxxxxxxxx…..x Protocol: (1:IP 2:IPX 3:IPXHC 4:BPDU 5:ATALK 6:IPNG) Data: We will send forty-eight Hex characters to the server

SdcmdSyslogSend(SYSLOG_FILLOG, SYSLOG_NOTICE, String );

Src: Source Address Dst: Destination Address prot: Protocol (“TCP”, “UDP”, “ICMP”)

8-8 System Information and Diagnosis

Page 94

P314 Broadband Sharing Gateway with 4-Port Switch

Mar 03 10:39:43 202.132.155.97 ZyXEL: GEN[fffffffffffnordff0080] }S05>R01mF Mar 03 10:41:29 202.132.155.97 ZyXEL: GEN[00a0c5f502fnord010080] }S05>R01mF Mar 03 10:41:34 202.132.155.97 ZyXEL: IP[Src=192.168.2.33 Dst=202.132.155.93 ICMP]}S04>R01mF Mar 03 11:59:20 202.132.155.97 ZyXEL: GEN[00a0c5f502fnord010080] }S05>R01mF Mar 03 12:00:31 202.132.155.97 ZyXEL: GEN[fffffffffffnordff0080] }S05>R01mF Mar 03 12:00:52 202.132.155.97 ZyXEL: GEN[ffffffffffff0080] }S05>R01mF Mar 03 12:00:57 202.132.155.97 ZyXEL: GEN[00a0c5f502010080] }S05>R01mF Mar 03 12:01:01 202.132.155.97 ZyXEL: IP[Src=192.168.2.33 Dst=202.132.155.93 TCP spo=01170 dpo=00021]}S04>R01mF Mar 03 12:01:06 202.132.155.97 ZyXEL: IP[Src=192.168.2.33 Dst=202.132.155.93 TCP spo=01170 dpo=00021]}S04>R01mF

PPP log

PPP log Message Format sdcmdSyslogSend( SYSLOG_PPPLOG, SYSLOG_NOTICE, String ); String = ppp:Proto Starting / ppp:Proto Opening / ppp:Proto Closing / ppp:Proto Shutdown Proto = LCP / ATCP / BACP / BCP / CBCP / CCP / CHAP/ PAP / IPCP / IPXCP

Jul 19 11:42:44 192.168.102.2 ZyXEL: ppp:LCP Closing Jul 19 11:42:49 192.168.102.2 ZyXEL: ppp:IPCP Closing Jul 19 11:42:54 192.168.102.2 ZyXEL: ppp:CCP Closing

8.3.3 Call-Triggering Packet

Call-Triggering Packet displays information about the packet that triggered the dial-out call in an easy readable format (for PPPoE Encapsulation only). Equivalent information is available in Menu 24.1 in hex format. An example is shown next.

System Information and Diagnosis 8-9

Page 95

P314 Broadband Sharing Gateway with 4-Port Switch

IP Frame: ENET0-RECV Size: 44/ 44 Time: 17:02:44.262 Frame Type:

IP Header: IP Version = 4 Header Length = 20 Type of Service = 0x00 (0) Total Length = 0x002C (44) Identification = 0x0002 (2) Flags = 0x00 Fragment Offset = 0x00 Time to Live = 0xFE (254) Protocol = 0x06 (TCP) Header Checksum = 0xFB20 (64288) Source IP = 0xC0A80101 (192.168.1.1) Destination IP = 0x00000000 (0.0.0.0)

TCP Header: Source Port = 0x0401 (1025) Destination Port = 0x000D (13) Sequence Number = 0x05B8D000 (95997952) Ack Number = 0x00000000 (0) Header Length = 24

Flags = 0x02 (....S.)

Window Size = 0x2000 (8192) Checksum = 0xE06A (57450) Urgent Ptr = 0x0000 (0) Options = 0000: 02 04 02 00

RAW DATA:

0000: 45 00 00 2C 00 02 00 00-FE 06 FB 20 C0 A8 01 01 E......... ....

0010: 00 00 00 00 04 01 00 0D-05 B8 D0 00 00 00 00 00 ................

0020: 60 02 20 00 E0 6A 00 00-02 04 02 00 Press any key to continue...

Figure 8-9 Call-Triggering Packet Example

8.4 Diagnostic

The diagnostic facility allows you to test the different aspects of your Prestige to determine if it is working properly. Menu 24.4 allows you to choose among various types of diagnostic tests to evaluate your system, as shown next.

8-10 System Information and Diagnosis

Page 96

P314 Broadband Sharing Gateway with 4-Port Switch

Menu 24.4 - System Maintenance - Diagnostic

TCP/IP

System

11. Reboot System

Enter Menu Selection Number:

Host IP Address= N/A

Figure 8-10 Menu 24.4

1. Ping Host

2. WAN DHCP Release

3. WAN DHCP Renewal

4. Internet Setup Test

System Maintenance – Diagnostic

–

Follow the procedure below to get to Menu 24.4 – System Maintenance – Diagnostic.

Step 1. Step 2.

From the Main Menu, select option 24 to open Menu 24 – System Maintenance. From this menu, select option 4. This will open Menu 24.4 – System Maintenance – Diagnostic.

8.4.1 WAN DHCP

DHCP functionality can be enabled on the LAN or WAN as shown in Figure 8-11. LAN DHCP has already been discussed previously. The Prestige can act either as a WAN DHCP client (IP Address Assignment field in Menu 4 or Menu 11.3 is

Dynamic

and the Encapsulation field in Menu 4 or Menu 11 is

or “none”, i.e., you have a static IP. The WAN Release and Renewal fields in Menu 24.4 conveniently allow you to release and renew the assigned WAN IP address, subnet mask and default gateway in a fashion similar to winipcfg.

Ethernet

)

System Information and Diagnosis 8-11

Page 97

P314 Broadband Sharing Gateway with 4-Port Switch

Figure 8-11 WAN & LAN DHCP

The following table describes the diagnostic tests available in Menu 24.4 for your Prestige and the connections.

Table 8-4 System Maintenance Menu Diagnostic

Selection

Number

Ping Host

WAN DHCP Release Enter 2 to release your WAN DHCP settings.

WAN DHCP Renewal

Internet Setup Test

Reboot System

Host IP Address=

Field

Description

Enter 1 to ping any machine (with an IP address) on your LAN or WAN. Enter its IP address in the

Address=

table.

Enter 3 to renew your WAN DHCP settings. The renewal timeout is 32 seconds.

Enter 4 to test your Internet Setup. You can also test this after configuring

Setup

Enter 11 to reboot the Prestige.

If you entered 1 above, then enter the IP address of the machine you want to ping in this field.

field mentioned in the last row of this

Menu 4 – Internet Access

Host IP

8-12 System Information and Diagnosis

Page 98

P314 Broadband Sharing Gateway with 4-Port Switch

Chapter 9

Transferring Files

This chapter tells you how to back up and restore your configuration file as well as upload new

firmware and a new configuration file.

9.1 Filename Conventions

The configuration file (often called the romfile or rom-0) contains the factory default settings in the menus such as password, DHCP Setup, TCP/IP Setup etc. It arrives from ZyXEL with a name of P314.ROM or similar. Once you have customized the Prestige's setting, they can be saved back to PC/workstation under a filename of your choosing. Choose something meaningful, e.g., “MyP314.cfg”. The ZyNOS firmware file (sometimes referred to as the ras file) is the file that contains the ZyXEL Network Operating System firmware and usually is the router model name with a *.bin extension, e.g., P314.bin. With serial (XMODEM) transfer, the filenames on the PC are your choice. With many ftp and tftp clients, they are as well as seen next.

ftp>

put P314.bin ras

This is a sample ftp session showing the transfer of the PC file "P314.bin" to the Prestige.

ftp>

get rom-0 MyP314.cfg

This is a sample ftp session saving the current configuration to the PC file MyP314.cfg.

If your [t]ftp client does not allow you have a destination filename different than the source, you will need to rename them as the Prestige only recognizes "rom-0" and "ras". Be sure to keep unaltered copies of both files for later use. The following table is a summary. Please note that the internal filename refers to the filename on the Prestige and the external filename refers to the filename not on the Prestige, i.e., on your workstation, local network or ftp site and so the name (but not the extension) will vary. The AT command is the command you enter after you press “Y” when prompted in the SMT menu to go into debug mode. After uploading new firmware

ZyNOS F/W Version

see the – Information) to check you have uploaded the correct firmware version.

Transferring Files 9-1

field in Menu 24.2.1 (Figure 8-4 Menu 24.2.1 – System Maintenance

Page 99

P314 Broadband Sharing Gateway with 4-Port Switch

Table 9-1 Filename Conventions

File Type Internal

Name

Configuration File

Firmware Ras *.bin This is the generic name for the ZyNOS

Rom-0 *.rom This is the router configuration filename

External

Name

Description AT

Command

ATLC on the Prestige. Uploading the rom-0 file replaces the entire ROM file system, including your Prestige configurations, system-related data (including the baud rate and default password), the error log and the trace log.

ATUR firmware on the Prestige.

9.1.1 Firmware Development

It is important to upgrade your firmware regularly, especially if there are problems. If you discover an unexpected behavior, or bug, see if your problem is mentioned in the release notes. Load it according to instructions (e.g., see if the default configuration file is needed also). If the problem still exists, e-mail or call tech support.

9.2 Backup Configuration

Option 5 from Menu 24 – System Maintenance allows you to backup the current Prestige configuration to your workstation. Backup is highly recommended once your Prestige is functioning properly. FTP and TFTP are the preferred methods for backing up your current workstation configuration to your computer since FTP and TFTP are faster. You can also perform backup and restore using menu 24 through the console port. Any serial communications program should work fine; however, you must use XMODEM protocol to perform the download/upload and you don’t have to rename the files (see section 9.1). Please note that terms “download” and “upload” are relative to the workstation. Download means to transfer from the Prestige to the workstation, while upload means from your workstation to the Prestige. The following screen is what you see in Menu 24.5 when connected to the Prestige via console port.

9-2 Transferring Files

Page 100

P314 Broadband Sharing Gateway with 4-Port Switch

Ready to backup Configuration via Xmodem. Do you want to continue (y/n):

Figure 9-1 Menu 24.5 – System Maintenance – Backup Configuration (Console Port)

The following screen is what you see in Menu 24.5 when you telnet into the Prestige.

Menu 24.5 -- System Maintenance - Backup Configuration

To transfer the configuration file to your workstation, follow the procedure below:

1. Launch the FTP client on your workstation.

2. Type "open" and the IP address of your router. Then type "root" and SMT password as requested.

3. Locate the 'rom-0' file.

4. Type 'get rom-0' to back up the current router configuration to your workstation.

For details on FTP commands, please consult the documentation of your FTP client program. For details on backup using TFTP (note that you must remain in this menu to back up using TFTP), please see your router manual.

Figure 9-2 Menu 24.5 – System Maintenance – Backup Configuration (Telnet)

Transferring Files 9-3

ZyXEL PRESTIGE P314 User Manual

P314 Broadband Sharing Gateway with 4-Port Switch

Prestige 314

Copyright

Disclaimer

Trademarks

Federal Communications Commission (FCC) Interference Statement

Information for Canadian Users

Declaration of Conformity

ZyXEL Limited Warranty

Customer Support

Table of Contents

List of Figures

List Of Tables

Preface

About Your Router

About This User's Manual

Structure of this Manual

Related Documentation

Syntax Conventions

Getting to Know Your Prestige

1.1 The Prestige 314 Broadband Sharing Gateway With 4-Port Switch

1.2 Features of the Prestige 314

1.3 Broadband Internet Access via Cable or DSL Modem

Hardware Installation & Initial Setup

2.1 Front Panel LEDs and Back Panel Ports

2.2 Prestige 314 Rear Panel and Connections

2.4 Power Up Your Prestige

2.5 Navigating the SMT Interface

2.6 Changing the System Password

Internet Access

3.1 TCP/IP and DHCP for LAN

3.2 TCP/IP and DHCP Ethernet Setup

3.5 Basic Setup Complete

Remote Node Setup

4.1 Remote Node Profile

4.2 Editing TCP/IP Options

4.3 Remote Node Filter

IP Static Route Setup

5.1 IP Static Route Setup

SUA Server Setup

6.1 Single User Account (SUA)

6.2 Multiple Servers behind SUA

Filter Configuration

The Filter Structure of the Prestige

7.2 Configuring a Filter Set

7.4 Filter Types and SUA

7.5 Applying a Filter and Factory Defaults

System Information and Diagnosis

8.2 System Information and Console Port Speed

Console Port Speed

8.3 Log and Trace

Transferring Files