ZyXEL Communications 650 Series User Manual
Prestige 650 Series
ADSL Router
User's Guide
Version 3.40
February 2004
Prestige 650 Series User’s Guide
Copyright
Copyright © 2003 by ZyXEL Communications Corporation.
The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a
retrieval system, translated into any language, or transmitted in any form or by any means, electronic,
mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written
permission of ZyXEL Communications Corporation.
Published by ZyXEL Communications Corporation. All rights reserved.
Disclaimer
ZyXEL does not assume any liability arising out of the application or use of any products, or software
described herein. Neither does it convey any license under its patent rights nor the patent rights of others.
ZyXEL further reserves the right to make changes in any products described herein without notice. This
publication is subject to change without notice.
Trademarks
ZyNOS (ZyXEL Network Operating System) is a registered trademark of ZyXEL Communications, Inc.
Other trademarks mentioned in this publication are used for identification purposes only and may be
properties of their respective owners.
ii Copyright
Prestige 650 Series User’s Guide
Federal Communications Commission
(FCC) Interference Statement
This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:
• This device may not cause harmful interference.
• This device must accept any interference received, including interference that may cause undesired
operations.
This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to
Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful
interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency
energy, and if not installed and used in accordance with the instructions, may cause harmful interference to
radio communications.
If this equipment does cause harmful interference to radio/television reception, which can be determined by
turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of
the following measures:
1. Reorient or relocate the receiving antenna.
2. Increase the separation between the equipment and the receiver.
3. Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.
4. Consult the dealer or an experienced radio/TV technician for help.
Notice 1
Changes or modifications not expressly approved by the party responsible for compliance could void the
user's authority to operate the equipment.
Certifications
1. Go to www.zyxel.com
2. Select your product from the drop-down list box on the ZyXEL home page to go to that product's page.
3. Select the certification you wish to view from this page
FCC Statement iii
Prestige 650 Series User’s Guide
ZyXEL Limited Warranty
ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials
or workmanship for a period of up to two years from the date of purchase. During the warranty period, and
upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or
materials, ZyXEL will, at its discretion, repair or replace the defective products or components without
charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or
components to proper operating condition. Any replacement will consist of a new or re-manufactured
functionally equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty
shall not apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected
to abnormal working conditions.
Note
Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This
warranty is in lieu of all other warranties, express or implied, including any implied warranty of
merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect
or consequential damages of any kind of character to the purchaser.
To obtain the services of this warranty, contact ZyXEL's Service Center for your Return Material
Authorization number (RMA). Products must be returned Postage Prepaid. It is recommended that the unit
be insured when shipped. Any returned products without proof of purchase or those with an out-dated
warranty will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts
and labor. All repaired or replaced products will be shipped by ZyXEL to the corresponding return address,
Postage Paid. This warranty gives you specific legal rights, and you may also have other rights that vary
from country to country.
Safety Warnings
1. To reduce the risk of fire, use only No. 26 AWG or larger telephone wire.
2. Do not use this product near water, for example, in a wet basement or near a swimming pool.
3. Avoid using this product during an electrical storm. There may be a remote risk of electric shock from
lightening.
iv ZyXEL Warranty
Prestige 650 Series User’s Guide
Customer Support
Please have the following information ready when you contact customer support.
• Product model and serial number.
• Warranty Information.
• Date that you received your device.
• Brief description of the problem and the steps you took to solve it.
LOCATION
AMERICA
METHOD
E-MAIL
SUPPORT/SALES
support@zyxel.com.tw
sales@zyxel.com.tw
support@zyxel.com +1-800-255-4101 www.us.zyxel.com NORTH
sales@zyxel.com
support@zyxel.dk +45-3955-0700 www.zyxel.dk SCANDINAVIA
sales@zyxel.dk
support@zyxel.de +49-2405-6909-0 www.zyxel.de GERMANY
sales@zyxel.de
+886-3-578-2439
+1-714-632-0858 ftp.us.zyxel.com
+45-3955-0707 ftp.zyxel.dk
+49-2405-6909-99
TELEPHONE/FAX WEB SITE/ FTP SITE REGULAR MAIL
+886-3-578-3942 WORLDWIDE
www.zyxel.com
www.europe.zyxel.com
ftp.zyxel.com
ftp.europe.zyxel.com
ZyXEL Communications Corp.,
6 Innovation Road II, ScienceBased Industrial Park, Hsinchu
300, Taiwan.
ZyXEL Communications Inc.,
1130 N. Miller St.
Anaheim, CA 92806, U.S.A.
ZyXEL Communications A/S,
Columbusvej 5, 2860 Soeborg,
Denmark.
ZyXEL Deutschland GmbH.
Adenauerstr. 20/A2 D-52146
Wuerselen, Germany
Customer Support v
Prestige 650 Series User’s Guide
Table of Contents
Copyright......................................................................................................................................................... ii
Federal Communications Commission (FCC) Interference Statement.....................................................iii
ZyXEL Limited Warranty ............................................................................................................................ iv
Customer Support........................................................................................................................................... v
List of Figures ..............................................................................................................................................xiv
List of Tables ................................................................................................................................................ xxi
List of Charts .............................................................................................................................................. xxv
Preface ........................................................................................................................................................ xxvi
Introduction to DSL.................................................................................................................................xxviii
Getting Started.................................................................................................................................................I
Chapter 1 Getting To Know Your Prestige ................................................................................................ 1-1
1.1 Introducing the Prestige 650 Series ...........................................................................................1-1
1.2 Features of the Prestige..............................................................................................................1-2
1.3 Applications for the Prestige...................................................................................................... 1-7
Chapter 2 Introducing the Web Configurator ..........................................................................................2-1
2.1 Web Configurator Overview...................................................................................................... 2-1
2.2 Accessing the Prestige Web Configurator .................................................................................2-1
2.3 Navigating the Prestige Web Configurator................................................................................2-2
2.4 Configuring Password................................................................................................................2-3
2.5 Resetting the Prestige.................................................................................................................2-4
Chapter 3 Wizard Setup.............................................................................................................................. 3-1
3.1 Wizard Setup Introduction......................................................................................................... 3-1
3.2 Encapsulation.............................................................................................................................3-1
3.3 Multiplexing...............................................................................................................................3-2
3.4 VPI and VCI ..............................................................................................................................3-2
3.5 Wizard Setup Configuration: First Screen .................................................................................3-2
3.6 IP Address and Subnet Mask .....................................................................................................3-4
3.7 IP Address Assignment.............................................................................................................. 3-4
3.8 Nailed-Up Connection (PPP) ..................................................................................................... 3-6
3.9 NAT ...........................................................................................................................................3-6
3.10 Wizard Setup Configuration: Second Screen............................................................................. 3-6
3.11 DHCP Setup.............................................................................................................................3-12
3.12 Wizard Setup Configuration: Third Screen..............................................................................3-13
3.13 Wizard Setup Configuration: Connection Tests.......................................................................3-15
3.14 Test Your Internet Connection.................................................................................................3-16
LAN, Wireless LAN and WAN ..................................................................................................................... II
Chapter 4 LAN Setup.................................................................................................................................. 4-1
4.1 LAN Overview ..........................................................................................................................4-1
4.2 DNS Server Address..................................................................................................................4-1
vi Table of Contents
Prestige 650 Series User’s Guide
4.3 DNS Server Address Assignment ..............................................................................................4-2
4.4 LAN TCP/IP ..............................................................................................................................4-2
4.5 Configuring LAN .......................................................................................................................4-4
Chapter 5 Wireless LAN Setup...................................................................................................................5-1
5.1 Wireless LAN Overview............................................................................................................5-1
5.2 Levels of Security ......................................................................................................................5-3
5.3 Data Encryption with WEP ........................................................................................................5-4
5.4 Inserting a PCMCIA Wireless LAN Card..................................................................................5-4
5.5 Configuring Wireless LAN ........................................................................................................5-4
5.6 Configuring MAC Filter.............................................................................................................5-7
5.7 802.1x Overview........................................................................................................................5-9
5.8 Introduction to RADIUS ............................................................................................................5-9
5.9 Configuring 802.1x ..................................................................................................................5-11
5.10 Configuring Local User Authentication ...................................................................................5-13
5.11 Configuring RADIUS ..............................................................................................................5-15
Chapter 6 WAN Setup .................................................................................................................................6-1
6.1 WAN Overview .........................................................................................................................6-1
6.2 PPPoE Encapsulation .................................................................................................................6-1
6.3 PPTP Encapsulation ...................................................................................................................6-1
6.4 Traffic Shaping...........................................................................................................................6-2
6.5 Configuring WAN Setup............................................................................................................6-3
NAT, Dynamic DNS and Time Zone........................................................................................................... III
Chapter 7 Network Address Translation (NAT)........................................................................................7-1
7.1 NAT Overview...........................................................................................................................7-1
7.2 SUA (Single User Account) Versus NAT..................................................................................7-4
7.3 SUA Server ................................................................................................................................7-5
7.4 Selecting the NAT Mode............................................................................................................7-7
7.5 Configuring SUA Server............................................................................................................7-8
7.6 Configuring Address Mapping.................................................................................................7-10
7.7 Editing an Address Mapping Rule ...........................................................................................7-12
Chapter 8 Dynamic DNS Setup...................................................................................................................8-1
8.1 Dynamic DNS ............................................................................................................................8-1
8.2 Configuring Dynamic DNS........................................................................................................8-1
Chapter 9 Time and Date Setup..................................................................................................................9-1
9.1 Configuring Time Zone..............................................................................................................9-1
Firewall and Content Filter......................................................................................................................... IV
Chapter 10 Firewalls..................................................................................................................................10-1
10.1 Firewall Overview....................................................................................................................10-1
10.2 Types of Firewalls....................................................................................................................10-1
10.3 Introduction to ZyXEL’s Firewall............................................................................................10-2
10.4 Denial of Service......................................................................................................................10-3
Table of Contents vii
Prestige 650 Series User’s Guide
10.5 Stateful Inspection ...................................................................................................................10-7
10.6 Guidelines for Enhancing Security with Your Firewall......................................................... 10-11
10.7 Packet Filtering Vs Firewall ..................................................................................................10-12
Chapter 11 Firewall Configuration .......................................................................................................... 11-1
11.1 Remote Management and the Firewall ....................................................................................11-1
11.2 Enabling the Firewall...............................................................................................................11-1
11.3 Configuring E-mail Alerts .......................................................................................................11-2
11.4 Attack Alert..............................................................................................................................11-3
Chapter 12 Creating Custom Rules .........................................................................................................12-1
12.1 Rules Overview........................................................................................................................12-1
12.2 Rule Logic Overview...............................................................................................................12-1
12.3 Connection Direction............................................................................................................... 12-3
12.4 Logs .........................................................................................................................................12-4
12.5 Rule Summary .........................................................................................................................12-6
12.6 Predefined Services..................................................................................................................12-8
12.7 Creating/Editing Firewall Rules.............................................................................................12-11
12.8 Timeout.................................................................................................................................. 12-14
Chapter 13 Customized Services ..............................................................................................................13-1
13.1 Introduction to Customized Services ....................................................................................... 13-1
13.2 Creating/Editing A Customized Service .................................................................................. 13-2
13.3 Example Custom Service Firewall Rule ..................................................................................13-3
Chapter 14 Content Filtering....................................................................................................................14-1
14.1 Content Filtering Overview .....................................................................................................14-1
14.2 Configuring Keyword Blocking...............................................................................................14-1
14.3 Configuring the Schedule ........................................................................................................14-3
14.4 Configuring Trusted Computers ..............................................................................................14-4
14.5 Configuring Logs..................................................................................................................... 14-5
VPN/IPSec ...................................................................................................................................................... V
Chapter 15 Introduction to IPSec.............................................................................................................15-1
15.1 VPN Overview.........................................................................................................................15-1
15.2 IPSec Architecture ...................................................................................................................15-3
15.3 Encapsulation........................................................................................................................... 15-5
15.4 IPSec and NAT ........................................................................................................................ 15-5
Chapter 16 VPN Screens ........................................................................................................................... 16-1
16.1 VPN/IPSec Overview ..............................................................................................................16-1
16.2 IPSec Algorithms.....................................................................................................................16-1
16.3 My IP Address .........................................................................................................................16-2
16.4 Secure Gateway Address .........................................................................................................16-2
16.5 VPN Summary Screen............................................................................................................. 16-3
16.6 Keep Alive ............................................................................................................................... 16-5
16.7 ID Type and Content................................................................................................................16-5
viii Table of Contents
Prestige 650 Series User’s Guide
16.8 Pre-Shared Key ........................................................................................................................16-7
16.9 Editing VPN Policies ...............................................................................................................16-7
16.10 IKE Phases .............................................................................................................................16-13
16.11 Configuring Advanced IKE Settings......................................................................................16-15
16.12 Manual Key Setup..................................................................................................................16-19
16.13 Configuring Manual Key .......................................................................................................16-20
16.14 Viewing SA Monitor ..............................................................................................................16-24
16.15 Configuring Global Setting ....................................................................................................16-26
16.16 Configuring IPSec Logs .........................................................................................................16-27
16.17 Telecommuter VPN/IPSec Examples ....................................................................................16-31
16.18 VPN and Remote Management..............................................................................................16-33
Remote Management, UPnP and Logs....................................................................................................... VI
Chapter 17 Remote Management Configuration....................................................................................17-1
17.1 Remote Management Overview...............................................................................................17-1
17.2 Telnet .......................................................................................................................................17-2
17.3 FTP...........................................................................................................................................17-2
17.4 Web ..........................................................................................................................................17-3
17.5 Configuring Remote Management ...........................................................................................17-3
Chapter 18 Universal Plug-and-Play (UPnP) ..........................................................................................18-1
18.1 Universal Plug and Play Overview ..........................................................................................18-1
18.2 UPnP and ZyXEL ....................................................................................................................18-2
18.3 Installing UPnP in Windows Example.....................................................................................18-3
18.4 Using UPnP in Windows XP Example ....................................................................................18-5
Chapter 19 Logs Screens ...........................................................................................................................19-1
19.1 Logs Overview.........................................................................................................................19-1
19.2 Configuring Log Settings .........................................................................................................19-1
19.3 Displaying the Logs .................................................................................................................19-4
19.4 SMTP Error Messages .............................................................................................................19-5
Bandwidth Management ............................................................................................................................VII
Chapter 20 Bandwidth Management .......................................................................................................20-1
20.1 Bandwidth Management Overview..........................................................................................20-1
20.2 Bandwidth Classes and Filters .................................................................................................20-1
20.3 Proportional Bandwidth Allocation..........................................................................................20-2
20.4 Bandwidth Management Usage Examples...............................................................................20-2
20.5 Scheduler..................................................................................................................................20-4
20.6 Maximize Bandwidth Usage ....................................................................................................20-4
20.7 Bandwidth Borrowing..............................................................................................................20-7
20.8 Configuring Summary..............................................................................................................20-9
20.9 Configuring Class Setup.........................................................................................................20-11
20.10 Configuring Monitor ..............................................................................................................20-17
Maintenance .............................................................................................................................................. VIII
Table of Contents ix
Prestige 650 Series User’s Guide
Chapter 21 Maintenance...........................................................................................................................21-1
21.1 Maintenance Overview ............................................................................................................21-1
21.2 System Status Screen............................................................................................................... 21-1
21.3 DHCP Table Screen................................................................................................................. 21-6
21.4 Wireless Screens ...................................................................................................................... 21-7
21.5 Diagnostic Screens................................................................................................................... 21-9
21.6 Firmware Screen.................................................................................................................... 21-12
21.7 Configuration Screen .............................................................................................................21-14
SMT General Configuration........................................................................................................................IX
Chapter 22 Introducing the SMT............................................................................................................. 22-1
22.1 SMT Introduction ....................................................................................................................22-1
22.2 Navigating the SMT Interface..................................................................................................22-4
22.3 Changing the System Password............................................................................................... 22-6
Chapter 23 General Setup.........................................................................................................................23-1
23.1 General Setup...........................................................................................................................23-1
23.2 Configuring Menu 1.................................................................................................................23-1
Chapter 24 LAN Setup.............................................................................................................................. 24-1
24.1 LAN Setup ............................................................................................................................... 24-1
24.2 Protocol Dependent Ethernet Setup......................................................................................... 24-2
24.3 TCP/IP Ethernet Setup and DHCP...........................................................................................24-2
Chapter 25 Wireless LAN Setup...............................................................................................................25-1
25.1 Wireless LAN Overview..........................................................................................................25-1
25.2 Inserting a PCMCIA Wireless LAN Card ...............................................................................25-1
25.3 Wireless LAN Setup ................................................................................................................25-1
Chapter 26 Internet Access ....................................................................................................................... 26-1
26.1 Internet Access Overview ........................................................................................................26-1
26.2 IP Policies ................................................................................................................................26-1
26.3 IP Alias ....................................................................................................................................26-1
26.4 IP Alias Setup ..........................................................................................................................26-2
26.5 Route IP Setup .........................................................................................................................26-4
26.6 Internet Access Configuration .................................................................................................26-5
Chapter 27 Remote Node Configuration .................................................................................................27-1
27.1 Remote Node Setup Overview.................................................................................................27-1
27.2 Remote Node Setup .................................................................................................................27-1
27.3 Metric....................................................................................................................................... 27-5
27.4 Remote Node Network Layer Options.....................................................................................27-6
27.5 Remote Node Filter.................................................................................................................. 27-9
27.6 Editing ATM Layer Options.................................................................................................. 27-13
27.7 Traffic Redirect...................................................................................................................... 27-14
Chapter 28 Static Route Setup..................................................................................................................28-1
28.1 IP Static Route Overview.........................................................................................................28-1
x Table of Contents
Prestige 650 Series User’s Guide
28.2 Configuring an IP static route ..................................................................................................28-2
Chapter 29 Bridging Setup........................................................................................................................29-1
29.1 Bridging Overview...................................................................................................................29-1
29.2 Bridge Ethernet Setup ..............................................................................................................29-1
Chapter 30 Network Address Translation (NAT) ....................................................................................30-1
30.1 NAT Overview.........................................................................................................................30-1
30.2 Applying NAT .........................................................................................................................30-1
30.3 NAT Setup ...............................................................................................................................30-3
30.4 Configuring a Server behind NAT ...........................................................................................30-9
30.5 General NAT Examples .........................................................................................................30-11
SMT Advanced Management........................................................................................................................ X
Chapter 31 Filter Configuration...............................................................................................................31-1
31.1 About Filtering.........................................................................................................................31-1
31.2 Configuring a Filter Set for the Prestige 650H and the Prestige 650HW.................................31-4
31.3 Configuring a Filter Set for the Prestige 650R and the Prestige 650R-E .................................31-6
31.4 Configuring a Filter Rule .........................................................................................................31-9
31.5 Filter Types and NAT ............................................................................................................31-16
31.6 Example Filter........................................................................................................................31-16
31.7 Applying Filters and Factory Defaults ...................................................................................31-19
Chapter 32 Enabling the Firewall.............................................................................................................32-1
32.1 Remote Management and the Firewall.....................................................................................32-1
32.2 Access Methods .......................................................................................................................32-1
32.3 Enabling the Firewall ...............................................................................................................32-1
32.4 Viewing Firewall Log ..............................................................................................................32-2
Chapter 33 SNMP Configuration .............................................................................................................33-1
33.1 SNMP Overview ......................................................................................................................33-1
33.2 Supported MIBs .......................................................................................................................33-2
33.3 SNMP Configuration ...............................................................................................................33-2
33.4 SNMP Traps.............................................................................................................................33-4
Chapter 34 System Security ......................................................................................................................34-1
34.1 System Security Overview.......................................................................................................34-1
34.2 Creating User Accounts on the Prestige...................................................................................34-5
Chapter 35 System Information and Diagnosis.......................................................................................35-1
35.1 System Maintenance Overview................................................................................................35-1
35.2 System Status ...........................................................................................................................35-1
35.3 System Information..................................................................................................................35-3
35.4 Log and Trace ..........................................................................................................................35-5
35.5 Diagnostic ................................................................................................................................35-8
Chapter 36 Firmware and Configuration File Maintenance..................................................................36-1
36.1 Filename Conventions..............................................................................................................36-1
36.2 Backup Configuration ..............................................................................................................36-2
Table of Contents xi
Prestige 650 Series User’s Guide
36.3 Restore Configuration..............................................................................................................36-7
36.4 Uploading Firmware and Configuration Files .......................................................................36-10
Chapter 37 System Maintenance.............................................................................................................. 37-1
37.1 Command Interpreter Mode Overview....................................................................................37-1
37.2 Call Control Support................................................................................................................ 37-2
37.3 Time and Date Setting .............................................................................................................37-4
Chapter 38 Remote Management.............................................................................................................38-1
38.1 Remote Management Overview...............................................................................................38-1
38.2 Configuring Remote Management........................................................................................... 38-1
38.3 Remote Management and NAT ...............................................................................................38-3
38.4 System Timeout ....................................................................................................................... 38-3
Chapter 39 IP Policy Routing ...................................................................................................................39-1
39.1 IP Policy Routing Overview ....................................................................................................39-1
39.2 Benefits of IP Policy Routing ..................................................................................................39-1
39.3 Routing Policy .........................................................................................................................39-1
39.4 IP Routing Policy Setup........................................................................................................... 39-2
39.5 Applying an IP Policy..............................................................................................................39-5
39.6 IP Policy Routing Example...................................................................................................... 39-7
Chapter 40 Call Scheduling ......................................................................................................................40-1
40.1 Call Scheduling Overview .......................................................................................................40-1
SMT VPN/IPSec and Internal SPTGEN.....................................................................................................XI
Chapter 41 VPN/IPSec Setup....................................................................................................................41-1
41.1 VPN/IPSec Overview ..............................................................................................................41-1
41.2 IPSec Summary Screen............................................................................................................41-2
41.3 IPSec Setup.............................................................................................................................. 41-5
41.4 IKE Setup...............................................................................................................................41-11
41.5 Manual Setup .........................................................................................................................41-13
Chapter 42 SA Monitor ............................................................................................................................. 42-1
42.1 SA Monitor Overview..............................................................................................................42-1
42.2 Using SA Monitor.................................................................................................................... 42-1
42.3 Viewing IPSec Log.................................................................................................................. 42-3
Chapter 43 Internal SPTGEN ..................................................................................................................43-1
43.1 Internal SPTGEN Overview ....................................................................................................43-1
43.2 The Configuration Text File Format........................................................................................43-1
43.3 Internal SPTGEN FTP Download Example ............................................................................43-3
43.4 Internal SPTGEN FTP Upload Example .................................................................................43-4
Appendices and Index ................................................................................................................................XII
Appendix A Troubleshooting...................................................................................................................... A-1
A.1 Using LEDs to Diagnose Problems ..........................................................................................A-1
A.2 Console Port.............................................................................................................................. A-2
A.3 Telnet ........................................................................................................................................A-2
xii Table of Contents
Prestige 650 Series User’s Guide
A.4 Web Configurator......................................................................................................................A-3
A.5 Login Username and Password.................................................................................................A-4
A.6 LAN Interface ...........................................................................................................................A-4
A.7 WAN Interface..........................................................................................................................A-5
A.8 Internet Access..........................................................................................................................A-5
A.9 Remote Management ................................................................................................................A-6
A.10 Remote Node Connection .........................................................................................................A-7
Appendix B IP Subnetting.......................................................................................................................... B-1
Appendix C Wireless LAN and IEEE 802.11............................................................................................C-1
Appendix D PPPoE .....................................................................................................................................D-1
Appendix E Virtual Circuit Topology........................................................................................................ E-1
Appendix F Setting up Your Computer’s IP Address............................................................................... F-1
Appendix G Splitters and Microfilters..................................................................................................... G-1
Appendix H Log Descriptions................................................................................................................... H-1
Appendix I Power Adaptor Specifications .................................................................................................I-1
I.1 Prestige 650R-E1/-E3/-E7 ADSL Router................................................................................... I-1
I.2 Prestige 650R-11 ADSL Router................................................................................................. I-2
I.3 Prestige 650R-13/-17 ADSL Ethernet Router............................................................................ I-3
I.4 Prestige 650R-31/-33 ADSL over ISDN Router........................................................................ I-4
I.5 Prestige 650H-11/-13 ADSL Router with 4-Port Ethernet Switch............................................. I-5
I.6 Prestige 650HW-11/-13 ADSL Router with 4-Port Ethernet Switch/Wireless LAN................. I-6
I.7 Prestige 650HW-31/-33/-37; Prestige 650H-31/-33/-37 ADSL Router with 4-port
Switch/Wireless..................................................................................................................................... I-7
I.8 Prestige 650H-E1/3/7 ADSL Router with 4-port Switch........................................................... I-8
Appendix J Index .........................................................................................................................................J-1
Table of Contents xiii
Prestige 650 Series User’s Guide
List of Figures
Figure 1-1 Prestige Internet Access Application.............................................................................................1-8
Figure 1-2 Prestige LAN-to-LAN Application ...............................................................................................1-8
Figure 2-1 Password Screen ...........................................................................................................................2-1
Figure 2-2 Web Configurator SITE MAP Screen ........................................................................................... 2-2
Figure 2-3 Password .......................................................................................................................................2-3
Figure 2-4 Example Xmodem Upload............................................................................................................2-5
Figure 3-1 Wizard Screen 1 ............................................................................................................................3-3
Figure 3-2 Internet Connection with PPPoA ..................................................................................................3-7
Figure 3-3 Internet Connection with RFC 1483 .............................................................................................3-9
Figure 3-4 Internet Connection with ENET ENCAP....................................................................................3-10
Figure 3-5 Internet Connection with PPPoE................................................................................................. 3-11
Figure 3-6 Wizard Screen 3 ..........................................................................................................................3-13
Figure 3-7 Wizard : LAN Configuration.......................................................................................................3-14
Figure 3-8 Wizard Screen 4 ..........................................................................................................................3-15
Figure 4-1 LAN and WAN IP Addresses ........................................................................................................4-1
Figure 4-2 LAN ..............................................................................................................................................4-4
Figure 5-1 RTS/CTS .......................................................................................................................................5-2
Figure 5-2 Prestige Wireless Security Levels .................................................................................................5-3
Figure 5-3 Wireless......................................................................................................................................... 5-5
Figure 5-4 MAC Address Filter......................................................................................................................5-8
Figure 5-5 EAP Authentication..................................................................................................................... 5-11
Figure 5-6 802.1x..........................................................................................................................................5-11
Figure 5-7 Local User Database ...................................................................................................................5-14
Figure 5-8 RADIUS......................................................................................................................................5-16
Figure 6-1 Example of Traffic Shaping ..........................................................................................................6-2
Figure 6-2 Internet Access Setup.......................................................................................................................6-3
Figure 7-1 How NAT Works...........................................................................................................................7-2
Figure 7-2 NAT Application With IP Alias.....................................................................................................7-3
Figure 7-3 Multiple Servers Behind NAT Example........................................................................................7-7
Figure 7-4 NAT Mode.....................................................................................................................................7-7
Figure 7-5 Edit SUA/NAT Server Set.............................................................................................................7-9
Figure 7-6 Address Mapping Rules ..............................................................................................................7-11
Figure 7-7 Address Mapping Rule Edit ........................................................................................................7-12
Figure 8-1 DDNS............................................................................................................................................8-2
Figure 9-1 Time and Date ...............................................................................................................................9-1
Figure 10-1 Prestige Firewall Application....................................................................................................10-3
Figure 10-2 Three-Way Handshake ..............................................................................................................10-5
Figure 10-3 SYN Flood ................................................................................................................................10-5
Figure 10-4 Smurf Attack .............................................................................................................................10-6
xiv List of Figures
Prestige 650 Series User’s Guide
Figure 10-5 Stateful Inspection.................................................................................................................... 10-8
Figure 11-1 Enabling the Firewall.................................................................................................................11-1
Figure 11-2 E-mail........................................................................................................................................11-2
Figure 11-3 Alert ...........................................................................................................................................11-6
Figure 12-1 LAN to WAN Traffic................................................................................................................ 12-3
Figure 12-2 WAN to LAN Traffic................................................................................................................ 12-4
Figure 12-3 Firewall Logs............................................................................................................................ 12-5
Figure 12-4 Firewall Rules Summary: First Screen..................................................................................... 12-7
Figure 12-5 Creating/Editing A Firewall Rule ........................................................................................... 12-12
Figure 12-6 Adding/Editing Source and Destination Addresses ................................................................ 12-14
Figure 12-7 Timeout................................................................................................................................... 12-15
Figure 13-1 Customized Services ................................................................................................................ 13-1
Figure 13-2 Creating/Editing A Customized Service ................................................................................... 13-2
Figure 13-3 Edit Rule Example.................................................................................................................... 13-3
Figure 13-4 Configure Source IP Example .................................................................................................. 13-4
Figure 13-5 Customized Service for MyService Example........................................................................... 13-4
Figure 13-6 Syslog Rule Configuration Example........................................................................................ 13-5
Figure 13-7 Rule Summary Example........................................................................................................... 13-6
Figure 14-1 Content Filter: Keyword........................................................................................................... 14-2
Figure 14-2 Content Filter: Schedule........................................................................................................... 14-3
Figure 14-3 Content Filter: Trusted.............................................................................................................. 14-4
Figure 14-4 Content Filter Logs................................................................................................................... 14-5
Figure 15-1 Encryption and Decryption....................................................................................................... 15-2
Figure 15-2 VPN Application ...................................................................................................................... 15-3
Figure 15-3 IPSec Architecture.................................................................................................................... 15-4
Figure 15-4 Transport and Tunnel Mode IPSec Encapsulation.................................................................... 15-5
Figure 16-1 IPSec Summary Fields ............................................................................................................. 16-3
Figure 16-2 VPN Summary ......................................................................................................................... 16-4
Figure 16-3 VPN IKE .................................................................................................................................. 16-8
Figure 16-4 Two Phases to Set Up the IPSec SA....................................................................................... 16-13
Figure 16-5 VPN IKE: Advanced .............................................................................................................. 16-16
Figure 16-6 VPN Manual Key ................................................................................................................... 16-20
Figure 16-7 SA Monitor............................................................................................................................. 16-25
Figure 16-8 Global Setting......................................................................................................................... 16-26
Figure 16-9 VPN Logs............................................................................................................................... 16-27
Figure 16-10 Telecommuters Sharing One VPN Rule Example................................................................ 16-31
Figure 16-11 Telecommuters Using Unique VPN Rules Example ............................................................ 16-32
Figure 17-1 Telnet Configuration on a TCP/IP Network ............................................................................. 17-2
Figure 17-2 Remote Management................................................................................................................ 17-3
Figure 18-1 Configuring UPnP .................................................................................................................... 18-2
Figure 19-1 Log Settings.............................................................................................................................. 19-2
List of Figures xv
Prestige 650 Series User’s Guide
Figure 19-2 View Logs .................................................................................................................................19-4
Figure 19-3 E-mail Log Example .................................................................................................................19-6
Figure 20-1 Application-based Bandwidth Management Example ..............................................................20-2
Figure 20-2 Subnet-based Bandwidth Management Example...................................................................... 20-3
Figure 20-3 Application and Subnet-based Bandwidth Management Example............................................20-4
Figure 20-4 Bandwidth Allotment Example .................................................................................................20-5
Figure 20-5 Maximize Bandwidth Usage Example......................................................................................20-6
Figure 20-6 Bandwidth Borrowing Example................................................................................................20-8
Figure 20-7 Bandwidth Manager: Summary ..............................................................................................20-10
Figure 20-8 Bandwidth Manager: Class Setup ...........................................................................................20-12
Figure 20-9 Bandwidth Manager: Class Configuration..............................................................................20-13
Figure 20-10 Bandwidth Management Statistics........................................................................................20-16
Figure 20-11 Bandwidth Manager Monitor ................................................................................................20-17
Figure 21-1 System Status............................................................................................................................21-2
Figure 21-2 System Status: Show Statistics..................................................................................................21-4
Figure 21-3 DHCP Table ..............................................................................................................................21-6
Figure 21-4 Association List.........................................................................................................................21-7
Figure 21-5 Channel Usage Table.................................................................................................................21-8
Figure 21-6 Diagnostic .................................................................................................................................21-9
Figure 21-7 Diagnostic General..................................................................................................................21-10
Figure 21-8 Diagnostic DSL Line...............................................................................................................21-11
Figure 21-9 Firmware Upgrade ..................................................................................................................21-13
Figure 21-10 Network Temporarily Disconnected......................................................................................21-14
Figure 21-11 Error Message .......................................................................................................................21-14
Figure 21-12 Backup Configuration ...........................................................................................................21-15
Figure 21-13 Restore Configuration ........................................................................................................... 21-15
Figure 21-14 Configuration Upload Successful..........................................................................................21-16
Figure 21-15 Network Temporarily Disconnected......................................................................................21-16
Figure 21-16 Configuration Upload Error ..................................................................................................21-17
Figure 21-17 Back to Factory Default ........................................................................................................21-17
Figure 21-18 Reset Warning Message ........................................................................................................21-18
Figure 22-1 Login Screen .............................................................................................................................22-2
Figure 22-2 Prestige P650H/HW-31SMT Menu Overview..........................................................................22-3
Figure 22-3 SMT Main Menu for P650H/HW-31 ........................................................................................22-5
Figure 22-4 Menu 23 System Password .......................................................................................................22-6
Figure 23-1 Menu 1 General Setup...............................................................................................................23-2
Figure 23-2 Menu 1.1 Configure Dynamic DNS..........................................................................................23-3
Figure 24-1 Menu 3 LAN Setup...................................................................................................................24-1
Figure 24-2 Menu 3.1 LAN Port Filter Setup...............................................................................................24-1
Figure 24-3 Menu 3.2 TCP/IP and DHCP Ethernet Setup............................................................................24-2
Figure 25-1 Menu 3.5 - Wireless LAN Setup...............................................................................................25-2
xvi List of Figures
Prestige 650 Series User’s Guide
Figure 25-2 Menu 3.5.1 WLAN MAC Address Filtering ............................................................................ 25-4
Figure 26-1 Physical Network ..................................................................................................................... 26-2
Figure 26-2 Partitioned Logical Networks................................................................................................... 26-2
Figure 26-3 Menu 3.2 TCP/IP and DHCP Setup.......................................................................................... 26-3
Figure 26-4 Menu 3.2.1 IP Alias Setup ........................................................................................................ 26-3
Figure 26-5 Menu 1 General Setup.............................................................................................................. 26-4
Figure 26-6 Menu 4 Internet Access Setup .................................................................................................. 26-5
Figure 27-1 Menu 11 Remote Node Setup................................................................................................... 27-2
Figure 27-2 Menu 11.1 Remote Node Profile.............................................................................................. 27-3
Figure 27-3 Menu 11.3 Remote Node Network Layer Options................................................................... 27-7
Figure 27-4 Sample IP Addresses for a TCP/IP LAN-to-LAN Connection................................................. 27-9
Figure 27-5 Menu 11.5 Remote Node Filter (RFC 1483 or ENET Encapsulation) ................................... 27-10
Figure 27-6 Menu 11.5 Remote Node Filter (PPPoA or PPPoE Encapsulation)........................................ 27-10
Figure 27-7 Internet Security ......................................................................................................................27-11
Figure 27-8 Menu 21- Filer Set Configuration (P650R and P650R-E)...................................................... 27-12
Figure 27-9 Menu 21.11- WebSet 11 ......................................................................................................... 27-12
Figure 27-10 Menu 21.12- WebSet 12 ....................................................................................................... 27-12
Figure 27-11 Menu 11.6 for VC-based Multiplexing................................................................................. 27-13
Figure 27-12 Menu 11.6 for LLC-based Multiplexing or PPP Encapsulation ........................................... 27-14
Figure 27-13 Traffic Redirect Setup Example ........................................................................................... 27-14
Figure 27-14 Traffic Redirect LAN Setup ................................................................................................. 27-15
Figure 27-15 Menu 11.1 – Remote Node Profile....................................................................................... 27-16
Figure 27-16 Menu 11.7 Traffic Redirect Setup......................................................................................... 27-17
Figure 28-1 Sample Static Routing Topology .............................................................................................. 28-1
Figure 28-2 Menu 12 Static Route Setup..................................................................................................... 28-2
Figure 28-3 Menu 12.1 IP Static Route Setup (P650H/HW) ....................................................................... 28-2
Figure 28-4 Menu12.1.1 Edit IP Static Route.............................................................................................. 28-3
Figure 29-1 Menu 11.1 Remote Node Profile.............................................................................................. 29-2
Figure 29-2 Menu 11.3 Remote Node Network Layer Options................................................................... 29-2
Figure 29-3 Menu 12.3 Bridge Static Route Setup ...................................................................................... 29-3
Figure 29-4 Menu 12.3.1 Edit Bridge Static Route...................................................................................... 29-3
Figure 30-1 Menu 4 Applying NAT for Internet Access .............................................................................. 30-2
Figure 30-2 Menu 11.3 Applying NAT to the Remote Node ....................................................................... 30-3
Figure 30-3 Menu 15 NAT Setup................................................................................................................. 30-4
Figure 30-4 Menu 15.1 Address Mapping Sets............................................................................................ 30-4
Figure 30-5 Menu 15.1.255 SUA Address Mapping Rules.......................................................................... 30-5
Figure 30-6 Menu 15.1.1 ACL Default Set .................................................................................................. 30-6
Figure 30-7 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set.............................................. 30-8
Figure 30-8 Menu 15.2 NAT Server Setup................................................................................................... 30-9
Figure 30-9 Menu 15.2.1 NAT Server Setup.............................................................................................. 30-10
Figure 30-10 Multiple Servers Behind NAT Example ................................................................................30-11
List of Figures xvii
Prestige 650 Series User’s Guide
Figure 30-11 NAT Example 1..................................................................................................................... 30-12
Figure 30-12 Menu 4 Internet Access & NAT Example .............................................................................30-12
Figure 30-13 NAT Example 2.....................................................................................................................30-13
Figure 30-14 Menu 15.2.1 Specifying an Inside Server .............................................................................30-13
Figure 30-15 NAT Example 3.....................................................................................................................30-14
Figure 30-16 Example 3: Menu 11.3 .......................................................................................................... 30-15
Figure 30-17 Example 3: Menu 15.1.1.1 ....................................................................................................30-15
Figure 30-18 Example 3: Final Menu 15.1.1..............................................................................................30-16
Figure 30-19 NAT Example 4.....................................................................................................................30-17
Figure 30-20 Example 4: Menu 15.1.1.1 Address Mapping Rule...............................................................30-18
Figure 30-21 Example 4: Menu 15.1.1 Address Mapping Rules ................................................................ 30-18
Figure 31-1 Outgoing Packet Filtering Process ............................................................................................ 31-2
Figure 31-2 Filter Rule Process ....................................................................................................................31-3
Figure 31-3 Menu 21.1 Filter Set Configuration (P650H/HW)....................................................................31-4
Figure 31-4 NetBIOS_WAN Filter Rules Summary.....................................................................................31-5
Figure 31-5 NetBIOS_LAN Filter Rules Summary......................................................................................31-5
Figure 31-6 IGMP Filter Rules Summary.....................................................................................................31-5
Figure 31-7 Menu 21 Filter Set Configuration (P650R and P650R-E).........................................................31-6
Figure 31-8 TELNET_WAN Filter Rules Summary.....................................................................................31-7
Figure 31-9 PPPoE Filter Rules Summary ...................................................................................................31-7
Figure 31-10 FTP_WAN Filter Rules Summary........................................................................................... 31-7
Figure 31-11 Menu 21.1.x.1 TCP/IP Filter Rule.........................................................................................31-10
Figure 31-12 Executing an IP Filter............................................................................................................31-13
Figure 31-13 Menu 21.1.6.1 Generic Filter Rule .......................................................................................31-14
Figure 31-14 Protocol and Device Filter Sets.............................................................................................31-16
Figure 31-15 Sample Telnet Filter ..............................................................................................................31-17
Figure 31-16 Menu 21.1.6.1 Sample Filter.................................................................................................31-18
Figure 31-17 Menu 21.1.6 Sample Filter Rules Summary .........................................................................31-19
Figure 31-18 Filtering Ethernet Traffic.......................................................................................................31-20
Figure 31-19 Filtering Remote Node Traffic ..............................................................................................31-21
Figure 32-1 Menu 21.2 Firewall Setup.........................................................................................................32-2
Figure 32-2 Firewall Log Example...............................................................................................................32-2
Figure 33-1 SNMP Management Model.......................................................................................................33-1
Figure 33-2 Menu 22 SNMP Configuration .................................................................................................33-3
Figure 34-1 Menu 23 System Security .........................................................................................................34-1
Figure 34-2 Menu 23 System Security .........................................................................................................34-1
Figure 34-3 Menu 23.2 System Security : RADIUS Server.........................................................................34-2
Figure 34-4 Menu 23 System Security .........................................................................................................34-3
Figure 34-5 Menu 23.4 System Security : IEEE802.1x................................................................................34-4
Figure 34-6 Menu 14 Dial-in User Setup......................................................................................................34-6
Figure 34-7 Menu 14.1 Edit Dial-in User.....................................................................................................34-6
xviii List of Figures
Prestige 650 Series User’s Guide
Figure 35-1 Menu 24 System Maintenance ................................................................................................. 35-1
Figure 35-2 Menu 24.1 System Maintenance : Status.................................................................................. 35-2
Figure 35-3 Menu 24.2 System Information and Console Port Speed......................................................... 35-3
Figure 35-4 Menu 24.2.1 System Maintenance : Information ..................................................................... 35-4
Figure 35-5 Menu 24.2.2 System Maintenance : Change Console Port Speed............................................ 35-5
Figure 35-6 Menu 24.3 System Maintenance : Log and Trace .................................................................... 35-5
Figure 35-7 Sample Error and Information Messages ................................................................................. 35-6
Figure 35-8 Menu 24.3.2 System Maintenance : Syslog and Accounting.................................................... 35-6
Figure 35-9 Menu 24.4 System Maintenance : Diagnostic.......................................................................... 35-9
Figure 36-1 Telnet in Menu 24.5.................................................................................................................. 36-3
Figure 36-2 FTP Session Example............................................................................................................... 36-4
Figure 36-3 Menu 24.5 System Maintenance - Backup Configuration........................................................ 36-6
Figure 36-4 Menu 24.5 System Maintenance – Starting Xmodem Download Screen................................. 36-6
Figure 36-5 Backup Configuration Example ............................................................................................... 36-7
Figure 36-6 Successful Backup Confirmation Screen.................................................................................. 36-7
Figure 36-7 Telnet into Menu 24.6............................................................................................................... 36-8
Figure 36-8 Restore Using FTP Session Example ....................................................................................... 36-9
Figure 36-9 System Maintenance – Restore Configuration ......................................................................... 36-9
Figure 36-10 System Maintenance – Starting Xmodem Download Screen................................................. 36-9
Figure 36-11 Restore Configuration Example ........................................................................................... 36-10
Figure 36-12 Successful Restoration Confirmation Screen ....................................................................... 36-10
Figure 36-13 Telnet Into Menu 24.7.1 Upload System Firmware...............................................................36-11
Figure 36-14 Telnet Into Menu 24.7.2 System Maintenance ......................................................................36-11
Figure 36-15 FTP Session Example of Firmware File Upload .................................................................. 36-12
Figure 36-16 Menu 24.7.1 as seen using the Console Port ........................................................................ 36-14
Figure 36-17 Example Xmodem Upload ................................................................................................... 36-14
Figure 36-18 Menu 24.7.2 as seen using the Console Port ........................................................................ 36-15
Figure 36-19 Example Xmodem Upload ................................................................................................... 36-16
Figure 37-1 Command Mode in Menu 24.................................................................................................... 37-1
Figure 37-2 Valid Commands ...................................................................................................................... 37-2
Figure 37-3 Menu 24.9 System Maintenance : Call Control........................................................................ 37-2
Figure 37-4 Menu 24.9.1 Budget Management ........................................................................................... 37-3
Figure 37-5 Menu 24 System Maintenance ................................................................................................. 37-4
Figure 37-6 Menu 24.10 System Maintenance: Time and Date Setting....................................................... 37-4
Figure 38-1 Menu 24.11 Remote Management Control............................................................................... 38-2
Figure 39-1 Menu 25 IP Routing Policy Setup ............................................................................................ 39-2
Figure 39-2 Menu 25.1 IP Routing Policy Setup ......................................................................................... 39-3
Figure 39-3 Menu 25.1.1 IP Routing Policy ................................................................................................ 39-4
Figure 39-4 Menu 3.2 TCP/IP and DHCP Ethernet Setup ........................................................................... 39-6
Figure 39-5 Menu 11.3 Remote Node Network Layer Options................................................................... 39-6
Figure 39-6 Example of IP Policy Routing.................................................................................................. 39-7
List of Figures xix
Prestige 650 Series User’s Guide
Figure 39-7 IP Routing Policy Example.......................................................................................................39-8
Figure 39-8 IP Routing Policy Example.......................................................................................................39-9
Figure 39-9 Applying IP Policies Example...................................................................................................39-9
Figure 40-1 Menu 26 Schedule Setup...........................................................................................................40-1
Figure 40-2 Menu 26.1 Schedule Set Setup..................................................................................................40-2
Figure 40-3 Applying Schedule Set(s) to a Remote Node (PPPoE)..............................................................40-4
Figure 41-1 VPN SMT Menu Tree ...............................................................................................................41-1
Figure 41-2 Menu 27 VPN/IPSec Setup.......................................................................................................41-2
Figure 41-3 Menu 27.1 IPSec Summary.......................................................................................................41-2
Figure 41-4 Menu 27.1.1 IPSec Setup..........................................................................................................41-6
Figure 41-5 Menu 27.1.1.1 IKE Setup............................................................................................................ 41-11
Figure 41-6 Menu 27.1.1.2 Manual Setup ..................................................................................................41-14
Figure 42-1 Menu 27.2 SA Monitor .............................................................................................................42-1
Figure 42-2 Example VPN Initiator IPSec Log ............................................................................................42-3
Figure 43-1 Configuration Text File Format: Column Descriptions.............................................................43-2
Figure 43-2 Invalid Parameter Entered: Command Line Example...............................................................43-3
Figure 43-3 Valid Parameter Entered: Command Line Example..................................................................43-3
Figure 43-4 Internal SPTGEN FTP Download Example.............................................................................. 43-3
Figure 43-5 Internal SPTGEN FTP Upload Example...................................................................................43-4
xx List of Figures
Prestige 650 Series User’s Guide
List of Tables
Table 1-1 Model Specific Features................................................................................................................. 1-2
Table 2-1 Password ........................................................................................................................................ 2-3
Table 3-1 Wizard Screen 1 ............................................................................................................................. 3-3
Table 3-2 Internet Connection with PPPoA ................................................................................................... 3-7
Table 3-3 Internet Connection with RFC 1483 .............................................................................................. 3-9
Table 3-4 Internet Connection with ENET ENCAP..................................................................................... 3-10
Table 3-5 Internet Connection with PPPoE.................................................................................................. 3-12
Table 3-6 Wizard : LAN Configuration ....................................................................................................... 3-14
Table 4-1 LAN ............................................................................................................................................... 4-4
Table 5-1 Wireless.......................................................................................................................................... 5-5
Table 5-2 MAC Address Filter....................................................................................................................... 5-9
Table 5-3 802.1x .......................................................................................................................................... 5-12
Table 5-4 Local User Database .................................................................................................................... 5-15
Table 5-5 RADIUS....................................................................................................................................... 5-16
Table 6-1 Internet Access Setup ....................................................................................................................... 6-4
Table 7-1 NAT Definitions............................................................................................................................. 7-1
Table 7-2 NAT Mapping Types...................................................................................................................... 7-4
Table 7-3 Services and Port Numbers............................................................................................................ 7-6
Table 7-4 NAT Mode ..................................................................................................................................... 7-8
Table 7-5 Edit SUA/NAT Server Set.............................................................................................................. 7-9
Table 7-6 Address Mapping Rules ................................................................................................................7-11
Table 7-7 Address Mapping Rule Edit ......................................................................................................... 7-13
Table 8-1 DDNS............................................................................................................................................. 8-2
Table 9-1 Time and Date................................................................................................................................ 9-2
Table 10-1 Common IP Ports....................................................................................................................... 10-4
Table 10-2 ICMP Commands That Trigger Alerts ....................................................................................... 10-6
Table 10-3 Legal NetBIOS Commands ....................................................................................................... 10-7
Table 10-4 Legal SMTP Commands ............................................................................................................ 10-7
Table 11-1 E-mail..........................................................................................................................................11-2
Table 11-2 Alert.............................................................................................................................................11-6
Table 12-1 Firewall Logs ............................................................................................................................. 12-5
Table 12-2 Firewall Rules Summary: First Screen....................................................................................... 12-8
Table 12-3 Predefined Services.................................................................................................................... 12-9
Table 12-4 Creating/Editing A Firewall Rule............................................................................................. 12-12
Table 12-5 Adding/Editing Source and Destination Addresses.................................................................. 12-14
Table 12-6 Timeout .................................................................................................................................... 12-15
Table 13-1 Customized Services.................................................................................................................. 13-2
Table 13-2 Creating/Editing A Customized Service..................................................................................... 13-3
Table 14-1 Content Filter: Keyword ............................................................................................................ 14-2
List of Tables xxi
Prestige 650 Series User’s Guide
Table 14-2 Content Filter: Schedule .............................................................................................................14-4
Table 14-3 Content Filter: Trusted................................................................................................................14-4
Table 14-4 Content Filter Logs.....................................................................................................................14-6
Table 15-1 VPN and NAT............................................................................................................................. 15-6
Table 16-1 AH and ESP................................................................................................................................16-2
Table 16-2 VPN Summary............................................................................................................................16-4
Table 16-3 Local ID Type and Content Fields ..............................................................................................16-6
Table 16-4 Peer ID Type and Content Fields ................................................................................................16-6
Table 16-5 Matching ID Type and Content Configuration Example ............................................................16-7
Table 16-6 Mismatching ID Type and Content Configuration Example.......................................................16-7
Table 16-7 VPN IKE.....................................................................................................................................16-9
Table 16-8 VPN IKE: Advanced.................................................................................................................16-16
Table 16-9 VPN Manual Key .....................................................................................................................16-21
Table 16-10 SA Monitor .............................................................................................................................16-25
Table 16-11 Global Setting.........................................................................................................................16-26
Table 16-12 VPN Logs ...............................................................................................................................16-27
Table 16-13 Sample IKE Key Exchange Logs ...........................................................................................16-28
Table 16-14 Sample IPSec Logs During Packet Transmission...................................................................16-29
Table 16-15 RFC-2408 ISAKMP Payload Types .......................................................................................16-30
Table 16-16 Telecommuters Sharing One VPN Rule Example ..................................................................16-31
Table 16-17 Telecommuters Using Unique VPN Rules Example...............................................................16-32
Table 17-1 Remote Management..................................................................................................................17-3
Table 18-1 Configuring UPnP ......................................................................................................................18-2
Table 19-1 Log Settings................................................................................................................................19-3
Table 19-2 View Logs...................................................................................................................................19-5
Table 19-3 SMTP Error Messages ................................................................................................................19-5
Table 20-1 Application and Subnet-based Bandwidth Management Example .............................................20-3
Table 20-2 Bandwidth Manager: Summary ................................................................................................ 20-10
Table 20-3 Bandwidth Manager: Class Setup.............................................................................................20-12
Table 20-4 Bandwidth Manager: Class Configuration................................................................................20-14
Table 20-5 Services and Port Numbers.......................................................................................................20-15
Table 20-6 Bandwidth Management Statistics............................................................................................20-16
Table 20-7 Bandwidth Manager Monitor....................................................................................................20-17
Table 21-1 System Status..............................................................................................................................21-3
Table 21-2 System Status: Show Statistics ...................................................................................................21-5
Table 21-3 DHCP Table................................................................................................................................21-7
Table 21-4 Association List ..........................................................................................................................21-8
Table 21-5 Channel Usage Table ..................................................................................................................21-9
Table 21-6 Diagnostic General ...................................................................................................................21-10
Table 21-7 Diagnostic DSL Line ................................................................................................................21-12
Table 21-8 Firmware Upgrade....................................................................................................................21-13
xxii List of Tables
Prestige 650 Series User’s Guide
Table 21-9 Restore Configuration.............................................................................................................. 21-16
Table 22-1 Main Menu Commands.............................................................................................................. 22-4
Table 22-2 Main Menu Summary for P650H/HW-31 .................................................................................. 22-5
Table 23-1 Menu 1 General Setup................................................................................................................ 23-2
Table 23-2 Menu 1.1 Configure Dynamic DNS........................................................................................... 23-3
Table 24-1 DHCP Ethernet Setup Menu Fields............................................................................................ 24-3
Table 24-2 TCP/IP Ethernet Setup Menu Fields .......................................................................................... 24-3
Table 25-1 Wireless LAN Setup Field Description...................................................................................... 25-2
Table 25-2 Menu 3.5.1 WLAN MAC Address Filtering.............................................................................. 25-4
Table 26-1 Menu 3.2.1 IP Alias Setup.......................................................................................................... 26-4
Table 26-2 Menu 4 Internet Access Setup.................................................................................................... 26-5
Table 27-1 Menu 11.1 Remote Node Profile................................................................................................ 27-3
Table 27-2 Menu 11.3 Remote Node Network Layer Options..................................................................... 27-7
Table 27-3 Menu 11.1 – Remote Node Profile (Traffic Redirect Field)..................................................... 27-16
Table 27-4 Menu 11.7 Traffic Redirect Setup ............................................................................................ 27-17
Table 28-1 Menu12.1.1 Edit IP Static Route................................................................................................ 28-3
Table 29-1 Menu 11.3 Remote Node Network Layer Options : Bridge Fields ............................................ 29-3
Table 29-2 Menu 12.3.1 Edit Bridge Static Route ....................................................................................... 29-4
Table 30-1 Applying NAT in Menus 4 & 11.3 ............................................................................................. 30-3
Table 30-2 SUA Address Mapping Rules .................................................................................................... 30-5
Table 30-3 Menu 15.1.1 First Set................................................................................................................. 30-7
Table 30-4 Menu 15.1.1.1 Editing/Configuring an Individual Rule in a Set................................................ 30-8
Table 31-1 Abbreviations Used in the Filter Rules Summary Menu............................................................ 31-8
Table 31-2 Rule Abbreviations Used ........................................................................................................... 31-8
Table 31-3 Menu 21.1.x.1 TCP/IP Filter Rule ........................................................................................... 31-10
Table 31-4 Menu 21.1.6.1 Generic Filter Rule........................................................................................... 31-15
Table 31-5 Filter Sets Table ....................................................................................................................... 31-20
Table 32-1 Firewall Logs ............................................................................................................................. 32-3
Table 33-1 Menu 22 SNMP Configuration .................................................................................................. 33-3
Table 33-2 SNMP Traps............................................................................................................................... 33-4
Table 33-3 Ports and Interface Types ........................................................................................................... 33-4
Table 34-1 Menu 23.2 System Security : RADIUS Server.......................................................................... 34-2
Table 34-2 Menu 23.4 System Security : IEEE802.1x................................................................................. 34-4
Table 34-3 Menu 14.1 Edit Dial-in User...................................................................................................... 34-6
Table 35-1 Menu 24.1 System Maintenance : Status ................................................................................... 35-2
Table 35-2 Menu 24.2.1 System Maintenance : Information....................................................................... 35-4
Table 35-3 Menu 24.3.2 System Maintenance : Syslog and Accounting..................................................... 35-7
Table 35-4 Menu 24.4 System Maintenance Menu : Diagnostic ................................................................. 35-9
Table 36-1 Filename Conventions................................................................................................................ 36-2
Table 36-2 General Commands for GUI-based FTP Clients........................................................................ 36-4
Table 36-3 General Commands for GUI-based TFTP Clients ..................................................................... 36-6
List of Tables xxiii
Prestige 650 Series User’s Guide
Table 37-1 Menu 24.9.1 Budget Management..............................................................................................37-3
Table 37-2 Menu 24.10 System Maintenance: Time and Date Setting ......................................................... 37-5
Table 38-1 Menu 24.11 Remote Management Control.................................................................................38-2
Table 39-1 Menu 25.1 IP Routing Policy Setup............................................................................................39-3
Table 39-2 Menu 25.1.1 IP Routing Policy...................................................................................................39-4
Table 40-1 Menu 26.1 Schedule Set Setup ...................................................................................................40-2
Table 41-1 Menu 27.1 IPSec Summary ........................................................................................................41-2
Table 41-2 Menu 27.1.1 IPSec Setup............................................................................................................41-6
Table 41-3 Menu 27.1.1.1 IKE Setup .............................................................................................................41-11
Table 41-4 Active Protocol: Encapsulation and Security Protocol .............................................................41-13
Table 41-5 Menu 27.1.1.2 Manual Setup....................................................................................................41-14
Table 42-1 Menu 27.2 SA Monitor ...............................................................................................................42-2
xxiv List of Tables
Prestige 650 Series User’s Guide
List of Charts
Chart A-1 Troubleshooting Power LED.........................................................................................................A-1
Chart A-2 Troubleshooting LAN LED...........................................................................................................A-1
Chart A-3 Troubleshooting DSL LED............................................................................................................A-2
Chart A-4 Troubleshooting Console Port.......................................................................................................A-2
Chart A-5 Troubleshooting Telnet ..................................................................................................................A-2
Chart A-6 Troubleshooting Web Configurator ...............................................................................................A-3
Chart A-7 Troubleshooting Internet Browser Display ...................................................................................A-4
Chart A-8 Troubleshooting Login Username and Password ..........................................................................A-4
Chart A-9 Troubleshooting LAN Interface ....................................................................................................A-4
Chart A-10 Troubleshooting ADSL Connection ............................................................................................A-5
Chart A-11 Troubleshooting WAN Interface..................................................................................................A-5
Chart A-12 Troubleshooting Internet Access .................................................................................................A-5
Chart A-13 Troubleshooting Internet Connection..........................................................................................A-6
Chart A-14 Troubleshooting Remote Management........................................................................................A-6
Chart A-15 Troubleshooting Connecting to a Remote Node or ISP...............................................................A-7
Chart B-1 Classes of IP Addresses .................................................................................................................B-1
Chart B-2 Allowed IP Address Range By Class.............................................................................................B-2
Chart B-3 “Natural” Masks............................................................................................................................ B-2
Chart B-4 Alternative Subnet Mask Notation ................................................................................................B-3
Chart B-5 Subnet 1.........................................................................................................................................B-4
Chart B-6 Subnet 2.........................................................................................................................................B-4
Chart B-7 Subnet 1.........................................................................................................................................B-5
Chart B-8 Subnet 2.........................................................................................................................................B-5
Chart B-9 Subnet 3.........................................................................................................................................B-5
Chart B-10 Subnet 4.......................................................................................................................................B-6
Chart B-11 Eight Subnets...............................................................................................................................B-6
Chart B-12 Class C Subnet Planning .............................................................................................................B-6
Chart B-13 Class B Subnet Planning .............................................................................................................B-7
Chart H-1 System Maintenance Logs ............................................................................................................H-1
Chart H-2 UPnP Logs ....................................................................................................................................H-2
Chart H-3 Attack Logs...................................................................................................................................H-2
Chart H-4 Access Logs ..................................................................................................................................H-3
Chart H-5 TCP Reset Logs.............................................................................................................................H-4
Chart H-6 ICMP Notes...................................................................................................................................H-4
List of Tables xxv
Prestige 650 Series User’s Guide
Preface
Congratulations on your purchase from the Prestige 650 ADSL Router series.
Your Prestige is easy to install and configure. Use the web configurator, System Management Terminal
(SMT) or command interpreter interface to configure your Prestige. Not all features can be configured
through all interfaces.
Don’t forget to register your product online for free future product updates and
information at www.zyxel.com for global products, or at www.us.zyxel.com for
North American products.
About This User's Guide
This manual is designed to guide you through the configuration of your Prestige for its various applications.
The web configurator parts of this guide contain background information on features configurable by web
configurator. The SMT parts of this guide contain background information solely on features not
configurable by web configurator.
Related Documentation
Supporting Disk
Refer to the included CD for support documents.
Compact Guide or Read Me First
The Prestige 650H, Prestige 650HW and Prestige 650H-E come with a Compact Guide. The
Prestige 650R/M and Prestige 650R-E use a Read Me First. Both of them are designed to help you
get up and running right away. They contain connection information and instructions on getting
started. The Compact Guide contains additional information on the Wizard and key feature
configuration.
Web Configurator Online Help
Embedded web help for descriptions of individual screens and supplementary information.
ZyXEL Glossary and Web Site
Please refer to www.zyxel.com
documentation.
Syntax Conventions
for an online glossary of networking terms and additional support
• “Enter” means for you to type one or more characters. “Select” or “Choose” means for you to use one
predefined choices.
• The SMT menu titles and labels are in Bold Times New Roman font. Predefined field choices are in
Bold Arial font. Command and arrow keys are enclosed in square brackets. [ENTER] means the
Enter, or carriage return key; [ESC] means the Escape key and [SPACE BAR] means the Space Bar.
xxvi Preface
Prestige 650 Series User’s Guide
• Mouse action sequences are denoted using a comma. For example, “click the Apple icon, Control
Panels and then Modem” means first click the Apple icon, then point your mouse pointer to Control
Panels and then click Modem.
• For brevity’s sake, we will use “e.g.,” as a shorthand for “for instance”, and “i.e.,” for “that is” or “in
other words” throughout this manual.
• The Prestige 650 series may be referred to as the Prestige in this user’s guide. This refers to both
models (ADSL over POTS and ADSL over ISDN) unless specifically identified.
• The Prestige models with wireless features will be referred to as the Prestige 650H/HW.
The following section offers some background information on DSL. Skip to
Chapter 1 if you wish to begin working with your router right away.
User Guide Feedback
Help us help you. E-mail all User Guide-related comments, questions or suggestions for improvement to
techwriters@zyxel.com.tw or send regular mail to The Technical Writing Team, ZyXEL Communications
Corp., 6 Innovation Road II, Science-Based Industrial Park, Hsinchu, 300, Taiwan. Thank you.
Preface xxvii
Prestige 650 Series User’s Guide
Introduction to DSL
DSL (Digital Subscriber Line) technology enhances the data capacity of the existing twisted-pair wire that
runs between the local telephone company switching offices and most homes and offices. While the wire
itself can handle higher frequencies, the telephone switching equipment is designed to cut off signals above
4,000 Hz to filter noise off the voice line, but now everybody is searching for ways to get more bandwidth to
improve access to the Web - hence DSL technologies.
There are actually seven types of DSL service, ranging in speeds from 16 Kbits/sec to 52 Mbits/sec. The
services are either symmetrical (traffic flows at the same speed in both directions), or asymmetrical (the
downstream capacity is higher than the upstream capacity). Asymmetrical services (ADSL) are suitable for
Internet users because more information is usually downloaded than uploaded. For example, a simple button
click in a web browser can start an extended download that includes graphics and text.
As data rates increase, the carrying distance decreases. That means that users who are beyond a certain
distance from the telephone company’s central office may not be able to obtain the higher speeds.
A DSL connection is a point-to-point dedicated circuit, meaning that the link is always up and there is no
dialing required.
What is ADSL?
It is an asymmetrical technology, meaning that the downstream data rate is much higher than the upstream
data rate. As mentioned, this works well for a typical Internet session in which more information is
downloaded, for example, from Web servers, than is uploaded. ADSL operates in a frequency range that is
above the frequency range of voice services, so the two systems can operate over the same cable.
xxviii What is DSL?
Getting Started
Part I:
Getting Started
This part is structured as a step-by-step guide to help you access your Prestige. It covers key
features and applications, accessing the web configurator, password setup and configuring the
wizard screens for initial setup.
I
Loading...