Zyxel VANTAGE CNM 2.0 user manual
Vantage CNM 2.0
Centralized Network Management
User’s Guid e
Version 2.0.00.81.10
2.0.00.61.10
July 2004
Vantage CNM 2.0 User’s Guide
Copyright
Copyright © 2004 by ZyXEL Communications Corporation.
The contents of this publica tion may not be reproduced in any part or as a whole, transcribed,
stored in a retri eval system, translate d into any language, or transmitted in any form or by any
means, electronic, mec ha nical, magnetic, optical, chemical, photocopying, manual, or
otherwise, without the prior written permission of ZyXEL Communicati ons Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Note: Refer also to the “Open Software Announcements” on
page 316.
Disclaimer
ZyXEL does not assume any liability ari sing out of the application or use of any products, or
software describe d herein. Neither does it convey any license under its pa tent rights nor the
patent rights of other s. ZyXEL further reserves the right to make changes in any produc ts
described herein without notice. This publication is subje ct to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL
Communications, Inc. Other trademarks mentioned in this publication are used for
identificat ion purposes only and may be properties of their respec tive owners.
Copyright 2
Vantage CNM 2.0 User’s Guide
ZyXEL Limited Warranty
ZyXEL warrants that (a) the Vantage CNM 2.0 software (henceforth called the SOFTWARE)
will perform substantially in accordance with the ac co mpanying written materia ls for a period
of ninety (90) days from the date of receipt, and (b) any Support Ser vices provided by ZyXEL
shall be substantia lly as described in applicable writte n materials provided to you by ZyXEL,
and ZyXEL support engineers will make commercially reasonable efforts to solve any
problem issues. To the extent allowed by applicable law, implied warranties on the
SOFTWARE, if any, are limited to ninety (90) days.
CUSTOMER REMEDIES.
ZyXEL's and its suppliers' entire liability and your exclusive remedy shall be, at ZyXEL's
option, either (a) return of the price paid, if any, or (b) repair or replacement of the
SOFTWARE that does not meet ZyXEL's Limited W arranty and which is returned to ZyXEL
with a copy of your receipt. This Limited Warranty is void if failure of the SOFTWARE has
resulted from acciden t, abuse, or misapplication. Any replac ement SOFTWARE will be
warranted for the remaind er of the ori ginal warranty period or thirty (30) days, whichever is
longer. Outside Taiwan, neither these remedies nor any product support services offered by
ZyXEL are available without pro of of purcha se from an authorized internationa l source.
NO OTHER WARRANTIES.
T o the maximum extent permitted by applicable la w, ZyXEL and its suppliers disclaim all
other warranties and conditions, either express or implied, including, but not limited to,
implied warranties of merchan tability, fitness for a particular purpose, title, and noninfringement, with regard to the SOFTWARE, and the provision of or failure to provide
Support Services. This limited warranty gives you specific legal rights. You may have others,
which vary from state/jurisdiction to state/jurisdiction.
Please read the license screen in the installation wizard. You must accept the terms of the
license in order to install Vantage CNM.
3 ZyXEL Limited Warranty
Vantage CNM 2.0 User’s Guide
Customer Support
Please have the following information ready when you contact customer support.
• Product model and serial number.
• W arranty Information.
• Date that you received your device.
• Brief description of the problem and the steps you took to solve it.
METHOD
LOCATION
WORLDWIDE
NORTH
AMERICA
GERMANY
FRANCE
SPAIN
DENMARK
NORWAY
SWEDEN
FINLAND
SUPPORT
E-MAIL
support@zyxel.com.tw +886-3-578-3942 www.zyxel.com
sales@zyxel.com.tw +886-3-578-2439 ftp.zyxel.com
support@zyxel.com +1-800-255-4101
sales@zyxel.com +1-714-632-0858 ftp.us.zyxel.com
support@zyxel.de +49-2405-6909-0 www.zyxel.de ZyXEL Deutschland GmbH.
sales@zyxel.de +49-2405-6909-99
info@zyxel.fr +33 (0)4 72 52 97 97 www.zyxel.fr ZyXEL France
support@zyxel.es +34 902 195 420 www.zyxel.es ZyXEL Communications
sales@zyxel.es +34 913 00 5 345
support @zyxel. dk +45 39 55 07 00 www.zyxe l.dk ZyXEL Comm unicat ions A/S
sales@zyxel.dk +45 39 55 0 7 07
support @zyxe l.n o +47 22 80 61 80 www.zyxel. no ZyXEL Co mmuni catio ns A/ S
sales@zyxel.n o +4 7 22 80 61 81
support@zyxel.se +46 31 744 7700 www.zyxel.se ZyXEL Com munications A/S
sales@zyxel.se +46 31 744 7701
support@zyxel.fi +358-9-4780-8411 www.zyxel.fi ZyXEL Communications Oy
sales @z y xe l. fi +358- 9- 4 78 0 8448
TELEPHONE
+1-714-632-0882
+33 (0)4 72 52 19 20
A
WEB SITE REGULAR MAIL
ZyXEL C ommunic ations Corp.
www.europe.zyxel.com
ftp.europe.zyxel.com
www.us.zyxel.com ZyXEL Communicat ions Inc.
6 Innovation Road II
Science Park
Hsinchu 300
Taiwan
1130 N. Miller St.
Anaheim
CA 92806-2001
U.S.A.
Adenauerstr. 20/A2 D-52146
Wuerselen
Germany
1 rue des Vergers
Bat. 1 / C
69760 Limonest
France
Alejandro Villegas 33
1º , 2 804 3 M adrid
Spain
Columbusvej 5
2860 Soeborg
Denmark
N i l s Ha n s e n s v e i 1 3 0 66 7 O s l o
Norway
Sjöport e n 4, 4176 4 G öteborg
Sweden
Malminkaari 10
00700 Helsinki
Finland
a. “+” is the (prefix) number you enter to make an international telephone call.
Customer Support 4
Vantage CNM 2.0 User’s Guide
Table of Contents
Copyright ..................................................................................................................2
ZyXEL Limited Warranty ..........................................................................................3
Customer Support....................................................................................................4
List of Tables ..........................................................................................................24
Preface ....................................................................................................................28
Introducing Vantage Centralized Network Management (CNM) 2.0 .......................28
Chapter 1
Introducing Vantage................. .................................... ..................................... .....30
1.1 Key Features ......................... ........................ ............................... ......................30
1.1.1 Object Tree View ......................................................................................30
1.1.2 Flexible Friendly Device Registration .......................................................30
1.1.3 Building Blocks .........................................................................................30
1.1.4 Multiple Domain Administration ................................................................30
1.1.5 Complete Device Configuration ................................................................30
1.1.6 Configuration Synchronization ..................................................................30
1.1.7 Firewall .....................................................................................................31
1.1.8 One-Click VPN ..........................................................................................31
1.1.9 Configuration File Management ................................................................31
1.1.10 Firm war e Upgr ade ............................. ............................... ......................31
1.1.11 Monitoring and Notifications ....................................................................31
1.1.12 Logs ..................................... ............................... ....................... .............31
1.1.13 Data Maintenance ............................................................................. ......31
1.1.14 Vantage System Management ................................................................31
1.1.15 License Management .............................................................................31
1.2 Vantage Requirements and In stallation .............. ....................... ........................ .32
Chapter 2
GUI Introduction .....................................................................................................34
2.1 Overview ..... ........................ ............................... .............................. ..................34
2.1.1 Object Pane ..............................................................................................34
2.2 Object Tree View Types ...... ........................ .............................. .........................35
2.3 Searches ........ ....................... ............................... ........................ ......................35
Table of Contents 6
Vantage CNM 2.0 User’s Guide
2.4 Folders ............. ............................... ............................... ....................... .............35
2.5 Devices ..... ................ ........................ ............................... ........................ ..........38
2.6 Content Pane ..... ............................... ........................ ....................... ..................38
2.6.1 Object Path ...............................................................................................38
2.6.2 Menu Path ................................................................................................38
2.7 Menu Overview ..................................................................................................38
2.8 Procedure For Configuring A Device .................................................................39
2.9 Context-Sensitive Menus ...................................................................................40
2.10 Icon Key ...........................................................................................................40
Chapter 3
Device Menus .........................................................................................................44
3.1 Device Menus Overview ................................. ............ ....... ....... ............ ....... ......44
3.1.1 Device Main Screen ..................................................................................44
3.2 Device Status ............................. ........................ ....................... ........................ .46
3.3 Device Registr a tion .................... ........................ ....................... ........................ .46
3.3.1 Manual Option ..........................................................................................48
3.3.1.1 Configuring ZyXEL Device using Commands .................................48
3.3.1.2 Configuring ZyXEL Device using Web Configurator .......................48
3.3.2 Impor t Fro m an XML Registration File ......................... ....................... ......49
3.3.2.1 Bas ic XML Syn tax ...................... ........................ .............................50
3.3.2.2 Minimum Mandatory Device Settings ..............................................51
3.4 Device – Vantage Data Inconsistency: Synchronize ..........................................52
3.4.1 Vantage – Device Override Criteria ..........................................................53
3.4.1.1 Vantage CNM Override Device .......................................................53
3.4.1.2 Device Override Vantage CNM .......................................................53
3.4.1.3 Synchronizing Device with Vantage ................................................53
3.5 Firmware Management ................................................................................ ......53
3.5.1 Add Firmware Screen ...............................................................................54
3.5.2 Firmware Upgrade Select Product Line and Mode ...................................55
3.5.3 Firmware Upgrade Process ......................................................................56
3.5.4 Advisory Notes on Firmware Upgrade ......................................................56
3.5.5 Configuration File ......................................................................................56
3.5.6 Configuration File Management ................................................................57
3.5.7 Configuration File Backup .........................................................................57
3.5.8 Configuration File Restore ........................................................................58
Chapter 4
Configuration > Select Device BB & General......................................................60
4.1 Select Device BB ........... ............................... ........................ ....................... ......60
4.1.1 Procedure to Select and Apply a Device BB ............................................62
4.2 Configuration General Screens ..........................................................................62
4.2.1 System ......................................................................................................63
7 Table of Contents
Vantage CNM 2.0 User’s Guide
4.2.2 DDNS ........................................................................................................64
4.2.3 Time Setting ..............................................................................................66
4.2.4 Owner Info ................................................................................................67
Chapter 5
Configuration > LAN..............................................................................................70
5.1 LAN Overview ..................... ........................ ....................... ............................... .70
5.2 DHCP Setup ............ ................. ................ ........................ ................ ..................70
5.2.1 IP Pool Setup ............................................................................................70
5.2.2 DNS Servers .............................................................................................70
5.2.3 LAN TCP/IP ..............................................................................................70
5.2.4 Factory LAN Defaults ................................................................................70
5.2.5 IP Address and Subnet Mask ...................................................................71
5.2.6 RIP Setup .................................................................................................71
5.2.7 Multicast ....................................................................................................71
5.3 Configuri n g LAN IP – ZyWALL ..... ................. ........................ ....................... ......72
5.4 Configuri n g LAN IP - Pres ti g e ......... ................ ........................ ...........................75
5.5 Configuri n g LAN Static DHCP – ZyW AL L .............. ................. ........................ ...77
5.6 Configuri n g LAN IP Alias – ZyWALL .................. ....................... ........................ .78
Chapter 6
Configuration > WLAN...........................................................................................82
6.1 Wireless LA N Overview ........ ........................ ........................ ....................... ......82
6.1.1 Additional Installation Requirements for using 802.1x ..............................82
6.2 Wireless LAN Basi cs ......................... ................. ....................... ........................ .82
6.2.1 Channel ....................................................................................................82
6.2.2 ESS ID ......................................................................................................82
6.2.3 RTS/CTS .................................................................................................83
6.2.4 Fragmentation Threshold ..........................................................................84
6.2.5 WEP ..........................................................................................................84
6.3 Configuring Wireless LAN ..................................................................................84
6.3.1 WLAN Wireless .........................................................................................85
6.4 Configuring MAC Filter .......................................................................................86
6.5 802.1x Overview ................. ........................ .............................. .........................87
6.5.1 Config u r ing 802.1 x – ZyWALL ............... ............................... ....................88
6.5.2 Config u r ing 802 .1 x – Pr es tige ............. ........................ .............................88
6.6 Local User Data b ase ............................ ....................... ........................ ...............90
6.6.1 Configuring Local User Database .............................................................90
6.6.2 RADIUS ....................................................................................................91
6.6.2.1 Types of RADIUS Messages ...........................................................92
6.6.3 EAP Authentication Overview ...................................................................92
6.7 Configuri n g RADIUS ...... ........................ ........................ ....................... .............93
Table of Contents 8
Vantage CNM 2.0 User’s Guide
Chapter 7
Configuration > DMZ..............................................................................................96
7.1 DMZ Overview .................... ........................ ....................... ............................... .96
7.2 DMZ Addresses ................................... ....................... ........................ ...............96
7.3 Configuri n g DMZ ................... ........................ ........................ ....................... ......96
Chapter 8
Configuration > WAN ...........................................................................................100
8.1 General WAN – ZyWALL ............................................ ....... ....... ....... .......... ......100
8.1.1 TCP/IP Priority (Metric) ...........................................................................100
8.1.2 WAN ISP – ZyWALL ...............................................................................102
8.1.2.1 Ethernet Encapsulation .................................................................102
8.1.2.2 PPPoE Encapsulation ...................................................................103
8.1.2.3 PPTP Encapsulation .....................................................................105
8.2 WAN IP – ZyWALL ................ ............................... ........................ ....................107
8.3 Dial Backup – ZyWALL ....................................................................................108
8.3.1 Traffic Redirect ........................................................................................109
8.3.2 Configuring Dial Backup - ZyWALL ........................................................109
8.3.3 Advanced Modem Setup – ZyWALL .......................................................112
8.3.3.1 AT Command Strings .......... ............................... ....................... ....112
8.3.4 Edit Dial Backup – ZyWALL ....................................................................114
8.4 General WAN – Prestige ............................................. ....... ....... ....... ............ ....116
8.4.1 Traffic Shaping ........................................................................................117
8.4.2 Configuring Prestige WAN Setup ...........................................................117
8.4.3 WAN Backup - Prestige ..........................................................................122
8.4.3.1 Traffic Redirect .............................................................................122
8.4.4 Configuring WAN Backup - Prestige .......................................................122
8.4.5 Config u rin g Ad vanced WAN Backup – Presti g e ............................... ......125
8.4.6 Advanced Modem Setup – Prestige .......................................................128
Chapter 9
Configuration > NAT ............................................................................................130
9.1 NAT Overview ....................... ........................ ............................... ....................130
9.1.1 NAT Definitions .......................................................................................130
9.1.2 What NAT Does ......................................................................................131
9.1.3 How NAT Works .....................................................................................131
9.1.4 NAT Mapping Types ...............................................................................131
9.1.5 SUA (Single User Account) Versus NAT ................................................132
9.2 Configuri n g NAT ............. ........................ ........................ ....................... ...........132
9.2.1 Disable NAT ............................................................................................133
9.3 SUA Servers ........... ........................ ....................... ............................... ...........133
9.3.1 Port Forwarding: Services and Port Numbers ........................................134
9.3.2 Configuring SUA Servers – ZyWALL ......................................................134
9 Table of Contents
Vantage CNM 2.0 User’s Guide
9.3.3 Configuring SUA Servers – Prestige ......................................................136
9.3.4 Full Feature Address Mapping ................................................................137
9.3.5 Edit Full Feature Address Mapping ........................................................138
9.4 Trigger Port Forward ing – ZyWALL ........ ........................ .............................. ....139
9.4.1 Configuring Trigger Port ............................... ..... ....... ....... ....... .......... .. ....140
9.4.2 Edit Trigger Port ................................... ............................... ....................142
Chapter 10
Configuration > Static Route...............................................................................144
10.1 Static Route Overview ....................................................................................144
10.1.1 Static Route Summary .................. ........................ ........................ ........144
10.1.2 Edit Static Route ............... ........................ ............................... .............145
Chapter 11
Configuration > VPN............................................................................................148
11.1 VPN Overview ................................................................................................148
11.1.1 IPSec ....................................................................................................148
11.1.2 Security Association ..............................................................................148
11.1.3 Encryption .............................................................................................148
11.1.4 Data Confidentiality ...............................................................................148
11.1.5 Data Integrity .........................................................................................148
11.1.6 Data Origin Authentication ....................................................................149
11.1.7 IPSec Algorithms ..................................................................................149
11.1.7.1 AH (Authentication Header) Protocol ..........................................149
11.1.7.2 ESP (Encapsulating Security Payload) Protocol .........................149
11.1.8 Key Management ..................................................................................150
11.1.9 Encapsulation .......................................................................................150
11.1.9.1 Transport Mode ...........................................................................150
11.1.9.2 Tunnel Mode ................................................................................150
11.1.10 IPSec and NAT ...................................................................................151
1 1.1. 11 Keep Alive ...........................................................................................151
11.1.12 NAT Traversal ............................. ........................ ........................ ........152
11.1.12.1 NAT Traversal Configuration .....................................................152
11.1.13 ID Type and Content ................................. ........................ ..................152
11.1.14 IKE Phase s ..................... ............................... ............................... ......153
11.1.15 Negot iation Mode ............ ........................ ........................ ....................154
11.1.16 Diffie-Hellman (DH) Key Groups ........... ................ ................. .............154
11.1.17 Perfect Forward Secrecy (PFS) ..........................................................155
11.1.18 Pre-Sh a r e d Key ............................. ....................... ..............................155
11.2 VPN Tunnel Summary .... ................................................................................155
11.2.1 Add a VPN Tunnel ................................................................................156
1 1.2. 2 Manual VPN Tunnel .......................................................................... ....161
11.3 VPN and NetBIOS ..........................................................................................164
Table of Contents 10
Vantage CNM 2.0 User’s Guide
Chapter 12
Configuration > Firewall......................................................................................1 66
12.1 Firewall Overview ...........................................................................................166
12.2 Ty pes of Fi r e wa ll s ........ ........................ ........................ ....................... ...........166
12.2.1 Packet Filtering Firewalls ......................................................................166
12.2.2 Appl ica tion-level Firewalls ............................. ............................... ........166
12.2.3 Statef ul In sp e ction Firewall s ............ ....................... ........................ ......167
12.3 Introduction to ZyXEL’s Firewall .....................................................................167
12.3.1 Denial of Service ...................................................................................168
12.3.2 Basics .......... ................. .............................. ........................ ..................168
12.3.3 Types of DoS Attacks .......... ....................... ........................ ..................168
12.4 Stateful Inspection ..........................................................................................170
12.4.1 Statef ul In sp e ction Process ......................................... ........................ .171
12.4.2 Stateful Inspection and the ZyXEL device ............................................172
12.4.3 TCP Securi ty ................................. ............................... ........................ .172
12.4.4 UDP/ICMP Secu r ity ................................ ....................... .......................173
12.4.5 Upper La ye r Pr ot o co ls ................................... ....................... ................173
12.4.6 Firewa ll Policies Over view ...................... ....................... .......................173
12.4.7 Rule Check li st ...................................... ........................ ........................ .175
12.4.8 Security Ramificatio n s ................................... ....................... ................175
12.4.9 Key Fields For Co nf iguring Rules ............... ................. ........................ .176
12.4.9.1 Action ..........................................................................................176
12.4.9.2 Service ........................................................................................176
12.4.9.3 Source Address ...........................................................................176
12.4.9.4 Destination Address ....................................................................176
12.4.10 Ale r ts ........................ ............................... ............................... .............176
12.4.11 Services and Port Numbers ........ ................. ............................... ........176
12.5 Firewall Configuration Screens ......................................................................177
12.5.1 Firewa ll Summary Screen .... ................ ........................ .........................177
12.5.1.1 Ordering Rules ............................................................................177
12.5.2 DoS Setti n g s ................................. ............................... ........................ .179
12.5.3 Add/Edit a Firewall Rule ........... ....................... ........................ .............181
12.5.4 Add/Edit Source/Dest in a tion IP Addresses ................... .......................183
12.5.5 Custom Ports .......................................... ....................... .......................184
Chapter 13
Configuration > Device Log ................................................................................186
13.1 Device Logs ...................................................................................................186
13.2 Device Logging Options .................................................................................187
13.3 Purge Logs .....................................................................................................189
11 Table of Contents
Vantage CNM 2.0 User’s Guide
Chapter 14
Configuration > ADSL Monitor............................................................................192
14.1 Introduction ....................................................................................................192
14.2 Configuring ADSL Monitor .............................................................................192
Chapter 15
Configuration > Device Alarms...........................................................................194
15.1 Device Alarms ................................................................................................194
15.1.1 Alar m Classificati ons ........ ........................ ............................... .............194
15.1.2 Alar m States .......... ....................... ........................ ............................... .194
15.1.3 Current Alarms Screen .........................................................................195
15.1.4 Historical Alarms Screen ......................................................................196
Chapter 16
Building Blocks (BBs) .........................................................................................1 98
16.1 Categories ......................................................................................................198
16.2 BB Properties .................................................................................................198
16.3 Configuring Device BB Menus .......................................................................198
16.3.1 Editing an Existing BB ..........................................................................199
16.3.2 Device BB Confi g uration Select ........... ........................ ........................ .200
16.3.3 Addi ng a New BB ....... ........................ ............................... ....................200
16.4 Configuration BBs ..........................................................................................201
16.4.1 Addi ng a Configuration BB ......... ................ ............................... ...........202
16.4.2 Editing a Configuration BB ....................................................................203
16.5 Component BBs .............................................................................................204
16.5.1 Adding a Component BB ......................................................................205
16.5.1.1 Adding a Component BB: IP Type . .............................................2 05
16.5.1.2 Adding a Component BB: E-mail Type ........................................206
16.5.2 Editing a Component BB ......................................................................207
Chapter 17
System > Administrators......... ......................... ..................................... ..............208
17.1 Introduction to Administrators ........................................................................208
17.1.1 Admin i str a tor Ty p e s ...... ................ ............................... ........................ .208
17.1.1.1 “Root” Administrator ....................................................................208
17.1.1.2 “Super” Administrators ................................................................209
17.1.1.3 “Normal” Administrators ..............................................................209
17.1.1.4 “Custom” Administrators .............................................................209
17.2 Configuring Administrators .............................................................................209
17.3 Creating an Administrator Account ................................................................210
17.3.1 Administrator Details .............................................................................210
17.3.2 Admin i str a tor Permission s ........ ................ ............................... .............212
Table of Contents 12
Vantage CNM 2.0 User’s Guide
Chapter 18
Other System Screens .........................................................................................214
18.1 Status .............................................................................................................214
18.2 Vantage Upgrade ...........................................................................................215
18.2.1 Upgrade Pro ce d ure ...... ................ ............................... ........................ .215
18.2.2 Version For mat ...... ................ ............................... ............................... .217
18.3 License Management .....................................................................................218
18.3.1 License Upgrade ...... ........................ .............................. .......................218
18.4 System >Preferences .....................................................................................219
18.4.1 General Vantage Preferences ..............................................................219
18.4.2 User Access ..........................................................................................220
18.4.3 Server s ............... ............................... ............................... ....................221
18.4.3.1 Vantage Server Public IP Address ..............................................224
18.4.4 Notifications .................... ........................ .............................. ................225
18.4.5 Vantage Permissions: User Group ................................ ....... .......... ......226
18.4.5.1 Add User Group ..........................................................................226
18.5 System Maintenance . .....................................................................................228
18.5.1 System Maintenance Managem ent ......................................................2 28
18.5.2 Back Up System Maintenance .................... ........................ ................. .228
18.5.3 Restore System Maintenance .. .............................................................229
18.6 Address Book .................................................................................................230
18.6.1 Addre ss Bo ok Add/Edit ........................... .............................. ................231
18.7 Certificate Management Overview .................................................................232
18.7.1 Advantages of Certificates ...................... ....................... .......................233
18.7.2 Current Certification Information ...........................................................233
18.7.3 Create a Certificate ................................. ....................... .......................235
18.7.4 Importing Certific a te s ....................... .............................. .......................235
18.8 Vantage Logs .................................................................................................236
18.8.1 CNM Server ...... ................ ........................ ........................ ....................236
18.8.2 Vantage Logging Optio ns ........................... ............................... ...........237
18.9 About Vantage .... ............................................................................................238
Chapter 19
Monitor > Alarms.............. .......................... ..................................... .....................240
19.1 Alarms ............................................................................................................240
19.1.1 Alar m Types ................................ ............................... ....................... ....240
19.1.2 Alar m Classificati ons ........ ........................ ............................... .............240
19.1.3 Alar m States .......... ....................... ........................ ............................... .241
19.1.4 Current Alarms Screen .........................................................................241
19.1.5 Histor ical Alarms ......................... ........................ .............................. ....243
13 Table of Contents
Vantage CNM 2.0 User’s Guide
Chapter 20
Other Monitor Screens ........................................................................................246
20.1 Firmware Upgrade Report ..............................................................................246
20.2 Status Monitor ................................................................................................246
20.3 VPN Editor .....................................................................................................247
20.3.1 Graphical VPN Tunnel Creation ....................................................... ....247
20.3.2 Graphical Tunnel Depictions .................................................................249
20.3.3 Map ......... ............................... ............................... ........................ ........250
Appendix A
FTP Server (WFTPD) Setup Example.................................................................252
Insta ll ing WFTPD.................. ............................... ............................... ................... 252
Running WFTPD ................................. .......... ....... ....... ............ ....... ....... ....... ....... ... 255
WFTPD main screen................................ ..... .. ..... ....... .. ..... ..... .. ..... .. ..... ....... ..... .. ... 255
Appendix B
Configuring the Kiwi Syslog Daemon................................................................258
Insta ll i n g the Kiwi Sysl o g Daemon................ ................ ........................ ................. 258
Importin g the Sysl o g Confi g u r a ti o n Fil e.................... ....................... ...................... 259
St a r ti n g the Telnet Servi ce........ ................. ....................... ............................... ..... 261
Setting Up the Syslog Server in Vantage............................................................... 262
Appendix C
FTP and syslog Server Overview .......................................................................264
Introduction .................... ........................ ............................... .............................. ... 264
Appendix D
Java Console Debug Messages..........................................................................266
Introduction .................... ........................ ............................... .............................. ... 266
Appendix E
IP Subnetting........................................................................................................270
IP Addressing ......................................................................................................... 270
IP Classes.............................................................................................................. 270
Subnet Masks ..................................... ............................... ........................ ............ 271
Subnetting.................................... ........................ ............................... ................... 271
Example: Two Subnets ............................ ........................ ............................... ....... 272
Example: Four Subnets................ ........................ ............................... ................... 274
Example Eight Subnets....................... ............................... ........................ ............ 275
Subnetting With Class A and Class B Networks....................... ............................. 276
Appendix F
Table of Contents 14
Vantage CNM 2.0 User’s Guide
Setting up Your Computer’s IP Address......... ............... ....................................278
Windows 95/98 /Me................................. ............................... ....................... .......... 278
Installing Components.......................................... ............................... ................... 279
Configuring....... ............................... .............................. ........................ ................. 280
Verifying Settings................................................................................................... 281
Windows 2000/ NT/XP............................ ....................... ........................ ................. 281
Verifying Settings................................................................................................... 285
Macintos h OS 8/9.... ............................... ....................... ............................... .......... 285
Verifying Settings................................................................................................... 287
Macintos h OS X...... ........................ .............................. ........................ ................. 287
Verifying Settings................................................................................................... 288
Appendix G
Virtual Circuit Topology ......................................................................................2 90
Introduction .................... ........................ ............................... .............................. ... 290
Appendix H
Wireless LAN and IEEE 802.11 ...........................................................................292
Benefits of a Wireless LAN ................................ ....................... ............................. 292
IEEE 802.11 ....... ................. ........................ .............................. ............................. 292
Ad-hoc Wirel e ss LAN Confi g uration....... ................ ........................ ........................ 293
Infrastructure Wireless LAN Configuration............................................................. 293
Appendix I
Wireless LAN With IEEE 802.1x..........................................................................296
Security Fl aws wi th IEEE 8 02.11 ........ ............................... ............................... ..... 296
Deployment Issues with IEEE 802.11....................... .............................. ............... 296
IEEE 802.1x..................... ............................... ........................ ............................... 296
Advantages of the IEEE 802.1x.................................... ........................ ................. 296
RADIUS Server Authentication Sequence....................................................... 297
Appendix J
Types of EAP Authentication..............................................................................298
Introduction .................... ........................ ............................... .............................. ... 298
EAP-MD5 (Message-Digest Algorithm 5).............................. ....................... .......... 298
EAP-TLS (Transport Layer Security)...................................................................... 298
EAP-TTLS (Tunneled Transport La ye r Service) ....... .............................. ............... 298
PEAP (Protected EAP)........ ........................ .............................. ........................ ..... 299
LEAP................................ ........................ ............................... ........................ ....... 299
Appendix K
Log Descriptions.............. .... ..................................... .................................... .......300
15 Table of Contents
Vantage CNM 2.0 User’s Guide
Introduction .................... ........................ ............................... .............................. ... 300
Appendix L
Open Software Announcements.........................................................................316
Notice....................................... ....................... ........................ ............................... 316
Copyright (C) 1999-2001 Intalio, Inc. All Rights Reserved............................. ....... 316
Common Public Lic ense Version 1.0 ........................ ....................... ...................... 317
Cryptix General License......................................................................................... 321
TECHNOLOGY LICENSE FROM SUN MICROSYSTEMS, INC. TO DOUG LEA. 322
JAVA Software Technologie s. ................. ....................... ............................... .......... 323
Apache License...................................................................................................... 325
Copyright (c) 2002, 2003 Gargoyle Software Inc. All rights reserved................. ... 330
GNU LESSER GENERAL PUBLIC LICENSE ...................... ....................... .......... 331
GNU GENERAL PUBLIC LICENSE....... ................ ........................ ................. ....... 338
End-User License Agreement for Vantage CNM............................ ........................ 343
Index......................................................................................................................348
Table of Contents 16
Vantage CNM 2.0 User’s Guide
List of Figures
Figure 1 Main Screen .....................................................................................................34
Figure 2 Object Tree V iew Types ........ ........................ ........................ ........................... 35
Figure 3 Details Screen ................................................................................. .......... ......35
Figure 4 Folder Right-Click Opt ion s ....................... ........................ ........................ ........36
Figure 5 Add Devices ................................. ............................... ........................ .............36
Figure 6 Associate Administrators ............. ............................... ........................ .............37
Figure 7 Associated Administrator Right-Click Options .................................................37
Figure 8 Add New Folder Group Name ..... ................. ................. ....................... ........... 37
Figure 9 Account Folder Alarm Right-Click Options .....................................................38
Figure 10 Device Right-Cl ick Options ................................ ....................... ................. ......38
Figure 11 Java Applet Window .............................. ....... .. ....... .......... .. ....... ....... ..... ....... ....40
Figure 12 Device > Status > Main Screen .......................................................................45
Figure 13 Device > Status > Single Device ......................................................................46
Figure 14 Device > Registration Wizard > Account Association ...................................... 47
Figure 15 Device > Registrat ion > Owner Selection ................. ................ .......................47
Figure 16 Device > Registrat i on > Wizard Choi ce s ........................... ................. ............. 48
Figure 17 Device > Registration > Manual Registration .................................................. 49
Figure 18 Registrat ion Wiza r d : Co nf i gura tion File ...... ....................... ................. ............. 52
Figure 19 .Registration: XML File Devices .......................................................................52
Figure 20 Registrat io n Wiza rd : Fi n ish ...... ................ ........................ ........................ ........52
Figure 21 Device > Synchronize ...................................................................................... 53
Figure 22 Device > Firmware Managem ent ..................................................................... 54
Figure 23 Device > Firmware Managem ent > Add Firmware .......................................... 55
Figure 24 Device Firmware Upgrade ...............................................................................55
Figure 25 T yp e View ................ ............................... ........................ .............................. .... 55
Figure 26 Firmware Upgrade > Select Product Line and Model ...................................... 56
Figure 27 Device > Firmware Upgrade .. ......................................................................... 56
Figure 28 Device > Configuration File > Manageme nt .................................................... 57
Figure 29 Device > Configura ti o n Fi le > Back Up ......... ........................ ................ ........... 58
Figure 30 Device > Configuration File > Restore .............................................................59
Figure 31 ZyWALL 10W Device BB ............................ ....................... ........................ ......61
Figure 32 ZyWALL 70/35/5 Device BB .................. ........................ ....................... ........... 61
Figure 33 Configuration > General > System – ZyWALL ................................................. 63
Figure 34 Configuration > General > DDNS .................................................................... 65
Figure 35 Configuration > General > Time Setting ..........................................................66
Figure 36 Configuration > General > Owner Info ............................................................. 67
List of Figures 18
Vantage CNM 2.0 User’s Guide
Figure 37 Configura tion > LAN > IP – ZyWALL ....... ........................ ........................ ........73
Figure 38 Configura tion > LAN > IP – Prestige ...... ................ ........................ .................. 76
Figure 39 Configuration > LAN > Static DHCP – ZyWALL ...............................................78
Figure 40 Configura tion > LAN > IP Alias ................... ....................... ........................ ......79
Figure 41 RTS Threshold ......................... .............................. ............................... ........... 83
Figure 42 Configuration > WLAN > Wireless ................................................................... 85
Figure 43 Configuration > WLAN > MAC Filter ................................................................87
Figure 44 Configuration > WLAN > 802. 1x – ZyWALL ....................................................88
Figure 45 Configuration > WLAN > 802. 1x – Prestige ..................................................... 89
Figure 46 Configuration > WLAN > Local User ................................................................91
Figure 47 Configuration > WLAN > RADIUS ................................................................... 94
Figure 48 Configuration > DMZ ....................................................................................... 97
Figure 49 Configuration > WAN > General – ZyWALL .................................................... 101
Figure 50 Configuration > WAN > ISP (Ethernet) – ZyWALL ..........................................102
Figure 51 Configuration > WAN > ISP (PPPoE) – ZyWALL ............................................104
Figure 52 Configuration > WAN > ISP (PPTP) – ZyWALL ...............................................105
Figure 53 Configuration > WAN > IP – ZyWALL .............................................................. 107
Figure 54 Traffic Redire ct WAN Setup ....... .......... ....................... ........................ .............109
Figure 55 Traffic Redire ct LA N Set up ........................... ........................ ....................... .... 109
Figure 56 Configuration > WAN > Dial Backup – ZyWALL .............................................. 110
Figure 57 Configuration > WAN > Dial Backup > Advanced – ZyWALL .......................... 113
Figure 58 Configuration > WAN > Dial Backup > Edit – ZyWALL .................................... 115
Figure 59 Example of T raffic Shaping .................... ........................ .............................. .... 117
Figure 60 Configuration > WAN > Setup – Prestige – Bridge Mode ................................ 1 18
Figure 61 Configuration > WAN > Setup – Prestige – Routing Mode .............................. 120
Figure 62 Configura tion > WAN > Backup – Prestig e ...................... ........................ ........123
Figure 63 Advanced WAN Backup – Prestige ................................................................. 126
Figure 64 Configuration > NAT .......................................................................................133
Figure 65 Configuration > NAT > SUA Server – ZyWALL ................................................135
Figure 66 Configuration > NAT > SUA Server – Prestige ................................................ 136
Figure 67 Configuration > NAT > Full Feature > Address Mapping .................................137
Figure 68 Configuration > NAT > Full Feature > Edit Address Mapping ......................... 139
Figure 69 Configura ti o n > NAT > Full Feature > Trigger Port .................................. ........141
Figure 70 Configura ti o n > NAT > Full Feature > Trigger Port > Edit ............................... .142
Figure 71 Configuration > Static Route ............................................................................145
Figure 72 Configuration > Static Route > Edit .................................................................. 146
Figure 73 Configuration > VPN ........................................................................................ 155
Figure 74 Configuration > VPN > Tunnel IPSec Detail ...................................................157
Figure 75 Configuration > VPN > Manual Tunnel IPSec Detail .... ................................... 162
Figure 76 Configuration > VPN > NetBIOS ......................................................................164
Figure 77 Configura tion >Firewall .......................... ........................ .............................. .... 178
Figure 78 Configurat ion > Fire wa ll > DoS Settings ............. ........................ ................ .... 180
Figure 79 Configura tion >Firewall > Edit ......... ....................... ............................... ........... 182
19 List of Figures
Vantage CNM 2.0 User’s Guide
Figure 80 Configura tion >Firewall > IP Add re ss ........... ................. .............................. .... 183
Figure 81 Firewall Custom Port .......................................................................................184
Figure 82 Configuration > Device Log > Device .............................................................. 186
Figure 83 Configuration > Device Logs > Log Se ttings ................................................... 188
Figure 84 Purge Device Logs ............... ........................ ........................ ........................... 190
Figure 85 Configuration > ADSL Monitor .........................................................................193
Figure 86 Configuration > Device Alarms >Current .........................................................195
Figure 87 Configuration > Device Alarms > Historical .....................................................196
Figure 88 Building Block > Device BB ............................................................................. 199
Figure 89 Building Block > Device BB > Edit ................................................................... 199
Figure 90 Building Block > Device BB > Edit > Configuration ......................................... 200
Figure 91 Building Block > Device BB > Add ................................................................... 201
Figure 92 Building Blo ck > Configuratio n ...................... ............................... .................... 201
Figure 93 Building Block > Configuration BB > Add ........................................................202
Figure 94 Building Block > Configuration BB > Add > Next ............................................ 203
Figure 95 Building Block > Configuration B B > Added .................................................... 203
Figure 96 Building Block > Configuration BB > Edit ......................................................... 204
Figure 97 Building Block > Component BB ......................................................................204
Figure 98 Building Block > Com ponent BB > Add ...........................................................205
Figure 99 Building Block > Com ponent BB > Ad d > IP Address .....................................206
Figure 100 Building Block > Component BB > Add > E-Mail Address ............................... 206
Figure 101 Component BBs Added ................................................................................... 207
Figure 102 Building Block > Component BB > Edit ........................................................... 207
Figure 103 System > View Admi n istrator List ............ ................. ....................... ................210
Figure 104 System > Administr a tor Details .................... ........................ ....................... .... 211
Figure 105 System > Admini stra tor Permission s ........................................... ....................212
Figure 106 System > Vantage Statu s ................................ ........................ ......................... 214
Figure 107 System > Upgrade > Onli n e Admin istrators .................. ....................... ........... 216
Figure 108 System > Upgrade > Vantage Upgrade ...........................................................216
Figure 109 System > Upgrade > Vantage Upgrade > Next ............................... ............ ....217
Figure 110 System > Upgrading ................................... ....................... ........................ ......217
Figure 111 System > License > License Management ......................................................218
Figure 112 System > License > License Management > Upgrade ....................................219
Figure 113 System > Preferences > General System .... ................. ....................... ........... 220
Figure 114 System > Preferences > User Access ........ ....................... ........................ ......221
Figure 115 System > Preferences > Server .................. .............................. .......................223
Figure 116 Vantage Icon - Stop ................................................................ ....... ....... ....... ....224
Figure 117 Figure 2-5 V a n tage Icon - Start ..................... ........................ ........................... 224
Figure 118 System > Preferences > Notifi ca ti o n s .................. ........................ .................... 225
Figure 119 System > Preferences > User Group ................................. ....... ....... .......... ......226
Figure 120 System > Preferen ce s > Permi s sions > Add ........................................... ........227
Figure 121 System > Maintenance > Management ........................................................... 228
Figure 122 System > Maintenance > Backup .................................................................... 229
List of Figures 20
Vantage CNM 2.0 User’s Guide
Figure 123 System > Maintenance > Restore ...................................................................230
Figure 124 System > Address Book ...................... ....................... ............................... ......231
Figure 125 System > Address Book Add/Edit .......... ................ ............................... ...........232
Figure 126 System > Certificate Management > Information ............................................ 234
Figure 127 System > Certificate Management > Create CSR ..................................... ......235
Figure 128 System > Certificate Management > Import Certificate ................................... 236
Figure 129 System > Logs > CNM Server ........ ................ ........................ ........................ .237
Figure 130 System > Logging Opti o ns ......................... .............................. .......................238
Figure 131 System > About Vantage ............................................................................. ....238
Figure 132 Monitor > Curren t Alar ms ............................... ........................ ........................ .242
Figure 133 Monitor > Historical Alarms ............................. ........................ ......................... 244
Figure 134 Monitor > Firmware Upgrade Report .......................... ..... .. ..... .. ..... ....... ..... .. ....246
Figure 135 Monitor > Monito r Status ....... ............................... ........................ ....................247
Figure 136 Monitor > VPN Editor > Tunnel IPSec Detail ................................................... 248
Figure 137 Configur a ti o n > VPN - Exampl e Tunnel Summary ................... .......................249
Figure 138 Monitor > VPN Monitor – Graphical Tunnel ....................................................250
Figure 139 Monitor > VPN > Add MAP ........ ................. ....................... ..............................250
Figure 140 Setup .......... ................. ............................... ....................... ..............................252
Figure 141 Wizard 1 ........................................................................................................... 252
Figure 142 Informati o n ............................... ....................... ............................... .................. 253
Figure 143 Insta ll a tion Typ e ................................ ............................... ........................ ........253
Figure 144 Insta ll a ti o n Dire cto r y ........... ............................... ....................... .......................254
Figure 145 Create Direc to r y .................. ........................ ....................... ........................ ......254
Figure 146 Begin Installation .................. ........................ ............................... .................... 254
Figure 147 Run WFTPD .... ................. ....................... ............................... ........................ .255
Figure 148 WFTPD Main Screen .................................... ....... ....... ....... ....... ....... .......... ......255
Figure 149 Windows Service s ......... ........................ ............................... ....................... .... 256
Figure 150 WFTPD Properti e s .......................... ....................... ........................ .................. 256
Figure 151 WFTPD Pro Log On .........................................................................................257
Figure 152 Kiwi Syslog Daemon Installati on: License Agreement ....... ........................ ......258
Figure 153 Kiwi Inst a ll a tion: Installation Option s .................................... ....................... ....259
Figure 154 Kiwi Insta ll a tion: Installation Direct o r y ........................... ....................... ........... 259
Figure 155 Kiwi Syslog Daemo n Setup ................. ....................... ........................ ............. 260
Figure 156 Kiwi Syslog Daemon Setup : Import Configura tion File ......................... ........... 260
Figure 157 Kiwi Syslog Daemon Setup: Import Configurati o n File : Co nf i r m ..................... 261
Figure 158 Windows XP: My Computer ........................ ....................... ........................ ......261
Figure 159 Windows XP: Computer Man age men t ........................ ........................ ............. 262
Figure 160 Vantage System Servers ..................................... ....... ....... ..... ....... ....... ....... ....263
Figure 161 Control Panel Java Plug-in Icon .......................... ........................ ....................266
Figure 162 Java Plug-in Control Panel ............. ............................... ....................... ........... 267
Figure 163 Java Plug-in Ico n .......................................... ............................... .................... 267
Figure 164 Open Control Panel ........................................ ....... ............ ..... ....... ....... ....... ....267
Figure 165 Java Console ............................. ........................ ....................... .......................268
21 List of Figures
Vantage CNM 2.0 User’s Guide
Figure 166 WIndows 95/98/Me: Network: Configuration ................................................... 279
Figure 167 Windows 95/98/Me: TCP/IP Properties: IP Address ........................................280
Figure 168 Windows 95/98/Me: TCP/IP Properties: DNS Configuration ...........................281
Figure 169 Windows XP: Start Menu ................................................... ....... ..... .. .......... .. ....282
Figure 170 Windows XP: Control Panel ............................................................................. 282
Figure 171 Windows XP: Control Panel: Network Connections: Properties ...................... 283
Figure 172 Wind ows XP: Local Area Connect ion Properties ............................................. 283
Figure 173 Windows XP: Advanced TCP/IP Settings ........................................................284
Figure 174 Windows XP: Inte r n et Prot o co l (TCP/IP) Propert ies ................................ ........285
Figure 175 Ma cintosh OS 8/9: Apple Menu .......................................................................286
Figure 176 Macintosh OS 8/9: TCP/IP ............................................................................... 286
Figure 177 Ma cintosh OS X: Apple Menu .......................................................................... 287
Figure 178 Macintosh OS X: Network ................................................................................288
Figure 179 Virt ual Circuit Topology ............................................................. ..... ....... ....... ....290
Figure 180 Peer-to-Peer Communication in an Ad-hoc Network ....................................... 293
Figure 181 ESS Provides Campus-Wide Coverage ..........................................................294
Figure 182 Sequenc es for EAP MD 5–Chall enge Auth entic ation ....................................... 297
List of Figures 22
Vantage CNM 2.0 User’s Guide
List of Tables
Table 1 Menus Overview .............................................................................................. 39
Table 2 Object Tree Icons ............................................................................................ 40
Table 3 Pop-up Menus Icons ........................................................................................41
Table 4 Cont ent Pane Icons . ........................................................................................ 41
Table 5 VPN Editor Icons ............................................................................................. 42
Table 6 Dev ice > Status > Main Screen ....................................................................... 45
Table 7 Device > Status > Single Device ......................................................................46
Table 8 Device > Regist ration > Manual Registration .................................................. 49
Table 9 Device > Firmware Man agem ent .....................................................................54
Table 10 Device > Configuration File > Management .................................................... 57
Table 11 Device > Configuration File > Back Up ............................................................58
Table 12 Device > Configuration File > Restore ............................................................. 59
Table 13 Configuration > General > System – ZyWALL .................................................63
Table 14 Configuration > General > DDNS .................................................................... 65
Table 15 Configuration > General > Time Setting ..........................................................66
Table 16 Configuration > General > Owner Info .............................................................67
Table 17 Configuration > LAN > IP – ZyWALL ............................................................... 73
Table 18 Configuration > LAN > IP – Prestige ................................................................ 76
Table 19 Configuration > LAN > Static DHCP – ZyWALL ...............................................78
Table 20 Configuration > LAN > IP Alias ........................................................................79
Table 21 Configuration > WLAN > Wireless ...................................................................85
Table 22 Configuration > WLAN > MAC Filter ................................................................ 87
Table 23 Configuration > WLAN > 802.1x – ZyWALL .................................................... 88
Table 24 Configuration > WLAN > 802.1x – Prestige ..................................................... 89
Table 25 Configuration > WLAN > Local User ................................................................91
Table 26 Configuration > WLAN > RADIUS ................................................................... 94
Table 27 Configuration > DMZ .......................................................................................97
Table 28 Configuration > WAN > General – ZyWALL ....................................................101
Table 29 Configuration > WAN > ISP (Ethernet) – ZyWALL ..........................................102
Table 30 Configuration > WAN > ISP (PPPoE) – ZyWALL ............................................104
Table 31 Configuration > WAN > ISP (PPTP) – ZyWALL ............................................... 105
Table 32 Configuration > WAN > IP – ZyWALL ..............................................................107
Table 33 Configuration > WAN > Dial Backup – ZyWALL .............................................. 110
Table 34 Configuration > WAN > Dial Backup > Advanced – ZyWALL .......................... 113
Table 35 Configuration > WAN > Dial Backup > Edit – ZyWALL ....................................115
Table 36 Configuration > WAN > Setup – Prestige – Bridge Mode ................................ 118
Table 37 Configuration > WAN > Setup – Prestige – Routing Mode .............................. 120
Table 38 WAN Backup – Prestige ..................................................................................123
List of Tables 24
Vantage CNM 2.0 User’s Guide
Table 39 Advanced WAN Backup – Prestige .................................................................126
Table 40 NAT Definitions ................................................................................................130
Table 41 NAT Mapping Types ........................................................................................ 132
Table 42 Configuration > NAT ........................................................................................ 133
Table 43 Services and Port Numbers . ............................................................................ 134
Table 44 Configuration > NAT > SUA Server .................................................................135
Table 45 Configuration > NAT > SUA Server – Prestige ................................................ 136
Table 46 Configuration > NAT > Full Feature > Address Mapping ................................. 137
Table 47 Configuration > NAT > Full Feature > Edit Address Mapping .......................... 139
Table 48 Configuration > NAT > Full Feature > Trigger Port .......................................... 141
Table 49 Configuration > NAT > Full Feature > Trigger Port > Edit ................................142
Table 50 Configuration > Static Route ............................................................................ 145
Table 51 Configuration > Static Route > Edit .................................................................. 146
Table 52 AH and ESP .............. ............................... ............................... ......................... 149
Table 53 VPN and NAT ..................................................................................................151
Table 54 Local ID Type and Content Fields ....................................................................153
Table 55 Peer ID Type and Content Fields ..................................................................... 153
Table 56 Configuration > VPN ........................................................................................ 155
Table 57 Configuration > VPN > Tunnel IPSec Detail .................................................... 157
Table 58 Configuration > VPN >Manu al Tunnel IPSec Detail ........................................162
Table 59 Configuration > VPN > NetBIOS ...................................................................... 164
Table 60 ICMP Command s That Trigger Alerts .............................................................. 169
Table 61 Legal NetBIOS Commands ............................................................................. 170
Table 62 Legal SMTP Commands .................................................................................. 170
Table 63 Services and Port Numbers . ............................................................................ 176
Table 64 Configuration >Firewall ....................................................................................178
Table 65 Configuration > Firewall > DoS Settings .......................................................... 180
Table 66 Configuration >Firewall > Edit .......................................................................... 182
Table 67 Configu r a tion >Firewall > IP Addr e ss ........... ................. ....................... ........... 183
Table 68 Firewall Cus to m Por t ................ ........................ ....................... .......................184
Table 69 Device Log > Device ........................................................................................ 186
Table 70 Configuration > Device Logs > Log Settings ................................................... 188
Table 71 Purge Device L ogs ........ ........................ ........................ .............................. .... 190
Table 72 ADSL Standards ..............................................................................................192
Table 73 Configuration > ADSL Monitor .........................................................................193
Table 74 Alarm Severity ................................................................................................. 194
Table 75 Alarm States .................................................................................................... 194
Table 76 Configuration > Device Alarms >Current ......................................................... 195
Table 77 Configuration > Device Alarms > Historical ..................................................... 196
Table 78 Building Block > Device BB .............................................................................199
Table 79 Building Block > Device BB > Edit ................................................................... 199
Table 80 Building Block > Device BB > Add ...................................................................201
Table 81 Building Block > Configuration .........................................................................201
25 List of Tables
Vantage CNM 2.0 User’s Guide
Table 82 Building Block > Configuration BB > Add ........................................................202
Table 83 Building Block > Configuration BB > Edit ......................................................... 204
Table 84 Building Block > Component BB ...................................................................... 204
Table 85 Building Block > Component > Add ................................................................. 205
Table 86 Building Block > Component BB > Ad d > IP Address . . ................................... 206
Table 87 Building Block > Component BB > Ad d > E-Mail Address ... ............................ 206
Table 88 Building Block > Component BB > Ed it ........................................................... 207
Table 89 System > View Administrator List ............................... ............................... ......210
Table 90 System > Administrator Det a il s ... ................. ........................ ....................... .... 211
Table 91 System > Admin i str a tor Permission s .................................... ...........................212
Table 92 System > Vantage St a tu s ......................... ............................... ........................ .214
Table 93 Vantage Version Numbe r .................................................................................217
Table 94 System > License > License Management ......................................................218
Table 95 System > License > License Management > Upgrade .................................... 219
Table 96 System > Preferences > General Sy ste m ......... ................ ..............................220
Table 97 System > Pref eren ce s > User Acce ss ............................. ........................ ........221
Table 98 System > Preferences > Server ........... ....................... ............................... ......223
Table 99 System > Pref eren c e s > Noti fications ........... ........................ ....................... .... 225
Table 100 System > Preference s > Per mi ssions ............. ............................... .................. 226
Table 101 System > Preference s > Per mi ssions > Add ............ ................ .......................227
Table 102 System > Maintenance > Management ........................................................... 228
Table 103 System > Maintenance > Backup ....................................................................229
Table 104 System > Maintenance > Restore ................................................................... 230
Table 105 System > Address Book ........................ ........................ .............................. ....231
Table 106 System > Address Book Add/Edit .......................... ........................ .................. 232
Table 107 System > Certificate Management > Information ............................................234
Table 108 System > Certificate Management > Create CSR ........................................... 235
Table 109 System > Certificate Management > Import Certificate ...................................236
Table 110 System > Logs > CNM Server .........................................................................237
Table 111 Types of Alarms ...............................................................................................240
Table 112 Alarm Severity .................................................................................................240
Table 113 Alarm States ...................................................................................................241
Table 114 Monitor > Curren t Alar ms ........................ ............................... ........................ .243
Table 115 Monitor > Firmware Upgrade Report ...............................................................246
Table 116 FTP and syslog Server Overview ....................................................................264
Table 117 Classes of IP Addresses .................................................................................. 270
Table 118 Allowed IP Address Range By Class ............................... .. ....... ..... .. .......... .. ....271
Table 119 “Natural” Masks ..............................................................................................271
Table 120 Altern ative Subnet Mask Notation ................................................................... 272
Table 121 Two Subnets Example ..................................................................................... 272
Table 122 Subnet 1 ..........................................................................................................273
Table 123 Subnet 2 ..........................................................................................................273
Table 124 Subnet 1 ..........................................................................................................274
List of Tables 26
Vantage CNM 2.0 User’s Guide
Table 125 Subnet 2 ..........................................................................................................274
Table 126 Subnet 3 ..........................................................................................................274
Table 127 Subnet 4 ..........................................................................................................275
Table 128 Eight Subnets .................................................................................................. 275
Table 129 Class C Subnet Planning ................................................................. ............ ....275
Table 130 Class B Subnet Planning ................................................................................. 276
Table 131 Com parison of EAP Authentication Types . ...................................................... 299
Table 132 System Maintenance Logs .............................................................................. 300
Table 133 System Error Logs ................................... ............................... ......................... 301
Table 134 Access Control Logs ........................................................................................301
Table 135 TCP Res et Logs ..............................................................................................302
Table 136 Pac ket Filter Logs ............................................................................................ 302
Table 137 ICMP Logs ....................................................................................................... 303
Table 138 CDR Logs ........................................................................................................ 303
Table 139 PPP Logs ......................................................................................................... 303
Table 140 UPnP Logs .......................................................................................................304
Table 141 Content Filtering Logs ...................................................................................... 304
Table 142 Attack Logs ......................................................................................................305
Table 143 IPSec Logs ...................................................................................................... 306
Table 144 IKE Logs .......................................................................................................... 306
Table 145 PKI Logs .......................................................................................................... 309
Table 146 Certificate Path Verification Failure Reason Codes ......................................... 310
Table 147 802.1X Logs .. ................................................................................................... 311
Table 148 ACL Setting Notes ...........................................................................................312
Table 149 ICMP Notes .....................................................................................................312
Table 150 Syslog Logs .....................................................................................................313
Table 151 RFC-2408 ISAKMP Payl oad Types .............. ........................ ....................... .... 313
27 List of Tables
Vantage CNM 2.0 User’s Guide
Preface
Introduc ing Vantage Centra lized Netwo r k Management (CNM )
2.0
Vantage Centralized Network Management 2.0 is a cost-effective, browser-based global
management solution that al lows an administrator from any location to easily configure,
manage, monitor and troubleshoot ZyXEL devices located worldwide.
Vantage CNM allows you to effectively separate usage and management of ZyXEL's
comprehensive range of broa dband security devices.
Note: Registe r yo ur product on line to receiv e e-mail notices of f irm w are
upgr ades and in f o rmation at www.zyxel.com
www.us.zyxel.com for North Amer ic an products.
for global products, or at
About This User's Guide
This manual is designed to guide you through the configuration of your Vantage CNM 2.0 for
its various applications.
Related Documentation
• Supporting Disk
Refer to the included CD for support documents.
• Compact Guid e
The Compact Guide is designe d to help you get up and running right away. They contain
connection information and instructions on getting started.
• Web Configurator Online Help
Embedded web help for descripti ons of individual screens and supplementary
information.
• ZyXEL Glossary and Web Site
Please refer to www.zyxel .c om f or an online glossa ry of networking terms and additi onal
support documentation.
User Guide Feedback
Help us help you! E-mail all User Guide-related comments, questions or suggestions for
improvement to techwrit ers@zyxel.com.tw or send regular mail to The Technical Writing
T eam, ZyXEL Communications Corp., 6 Innovation Road II, Science-Based Industrial Park,
Hsinchu, 300, Taiwan. Thank you!
Preface 28
Vantage CNM 2.0 User’s Guide
Syntax Conventions
• This manual may refer to Vantage Centralized Network Management 2.0 sim ply as
Vantage CNM or Vantage.
• The version number on the title page is the Vantage version that is documented in this
User’s Guide.
• Enter means for you to type one or more characters and press the carriage return. Select
or Choose means for you to use one of the predefined choices.
• The choices of a menu item are in Bold Arial font.
• Mouse action seque nces a re denot ed using a >. For e xample, click Conf iguratio n > LAN
> IP Alias means first click Configuration, then click LAN and finally click IP Alias.
29 Preface
This chapter introduces Vantage key features and Vantage requirements.
1.1 Key Features
The following are the key feature s of Vantage CNM 2.0.
1.1.1 Object Tree View
The object tree has three defined views letting you view the devices dire ctly as you configure them . The
views are Account (arranged by customer name), Type (arranged by device type) and Main V iew up to
seven layers deep. The object tree also al lows you to create your own logical views (orga n izing them by
geographic re gion etc . for exampl e). Status icons in the tree let you know i mmedia tely i f a devi ce that has
gone down, is curren tl y being configured or there is a fatal alarm associated with the device.
Vantage CNM 2.0 User’s Guide
CHAPTER 1.
Introducing Vantage
1.1.2 Flexible Friendly Device Registration
Use the registration wizard to registe r a sin gle device or multiple devi ces by importing an XML
registration file. This means that any customer’s network can be brought under Vantage control in the
time it takes to run a wizard.
1.1.3 Building Blocks
Use BBs (building block) to rapidly configure both existing and new devices by reusing multiple
configurat ions, a device’s single configuration or a configuration com ponent, ensuring absolute
consistency across devices. As you use Vantage longer, it will become even easier to use as you build
up valuable BB repositories.
1.1.4 Multiple Domain Administration
Associate administrators to domains that you specify in the object tree allowing efficient division of labor
with maximum independence. Furthermore, multiple administrators m ay m anage one domain, eac h wit h
differ ent privileges allowing autonomy while cooperat ively managing the same networ k(s).
1.1.5 Comple te Dev ice Co nf igu rat ion
Use the Vantage configuration menus to configure its features including LAN, WAN, NAT, firewall, VPN,
static routes, wireless etc. You may also directly access any device’s web confi gurator from the object
tree by simply right -clicking on it, gi ving you total contr ol over any device within Vantage.
1.1.6 Configuration Synchronization
Make sure a device configuration within Vantage is absolutely consistent with its actual configuration at
any time by using th e Vantage synchronization screen. This mean s that local configuration changes can
be detected by selec ti ng the Vantage Synchroniz e men u, t herefore allowing flex ibility with control .
Chapter 1 Introducing Vantage 30
Vantage CNM 2.0 User’s Guide
1.1.7 Firewall
Create consistent device firewall policies by reusing successful configurations in other ZyXEL devices.
Ensure consistency and compliance with all security policies as well as constantly monitor all devices
and act immediately if things go wrong.
1.1.8 One-Click VPN
Graphicall y create VPN (V irtual Private Networking) tunnels between devices by sim ply clicking a device
and dragging a "tunnel" to another device. Pre -configured tunnel settings mean that even non- technical
administra tors can set up and manage tunnels with m ini m um effort.
1.1.9 Configuration File Management
Back up, restore and reset to factory default any device’s configuration file from one location.
1.1.10 Firmware Upgrade
Batch download devi ce fi rmware from V antage (after down loading the firmware from a websi te) to
multiple devices located anywhere, minimizing time, effort and room for error as well as ensuring
firmware consistency across devices. Device owners can be notifi ed automatically and reports can be
generated detailing any device’s firmware uploa d hist ory.
1.1.11 Monitoring and Notifications
Use the Status Monitor to give real time messages (of who has logged in for example) and the alarm
screens to know what is going on in your managem ent domain. Alarms are warnin gs of hardware failure,
security br eaches, attacks or illegal V antage login attempts. You can configure Vantage to notif y you by
e-mail in the event a device goes down or has triggered an alarm. You can also configure Vantage to
automatical ly notify device owners and other administrators when a configuration (suc h as firmware
upgrade) is going to take place.
1.1.12 Logs
Logs detail information pert aining to customer accounts, devices and Vantage that is essential for
troubleshooting or historica l anal ysis. Logs and alarms fac il itate the secure , smooth operation of all
Vantage-regi stered ZyXEL devices across the globe.
1.1.13 Data Maintenance
Back up all Vantage con fi gurations including firmware uploaded to the Vantage server , creating various
Vantage "snap shot s" that may be restored at a lat er dat e.
1.1.14 Vantage System Management
Configure Vantage server public IP address, FTP, syslog, mail servers, set a management idle time-out
and protect Vantage from brute-force p assword dictionary attacks in the Vantage system menus.
Furthermore, you ma y pre-configure notification recipients and alter Administrator privileges from here,
making Vantage a truly global tool.
1.1.15 License Management
Simply login into www.myZyXEL.com to acquire a new activation key when you purchase an expansion
license letting you manage yet even more devices with Vantage CNM 2.0.
31 Chapter 1 Introduc ing Vantage
1.2 Vantage Requirements and Installation
For Vantage setup requirements, access and installation, see the Quick Start Guide.
Vantage CNM 2.0 User’s Guide
Chapter 1 Introducing Vantage 32
Vantage CNM 2.0 User’s Guide
33 Chapter 1 Introduc ing Vantage
Loading...