ZyXEL Communications 681 User Manual

Download

Prestige 681

SDSL Router

User's Guide

Version 2.50

(Apr. 2000)

Prestige 681 SDSL Router

PPrreessttiiggee 66881

SDSL Router

The contents of this publication may not be reproduced in any part or as a whole, transcribed, stored in a retrieval system, translated into any language, or transmitted in any form or by any means, electronic, mechanical, magnetic, optical, chemical, photocopying, manual, or otherwise, without the prior written permission of ZyXEL Communications Corporation.

Disclaimer

ZyXEL does not assume any liability arising out of the application or use of any products, or software described herein. Neither does it convey any license under its patent rights nor the patents' rights of others. ZyXEL further reserves the right to make changes in any products described herein without notice. This publication is subject to change without notice.

Trademarks

Trademarks mentioned in this publication are used for identification purposes only and may be properties of their respective owners. ZyNOS is a registered trademark of ZyXEL Communications Corporation

ii Copyright

Prestige 681 SDSL Router

Federal Communications Commission (FCC) Interference Statement

This device complies with Part 15 of FCC rules. Operation is subject to the following two conditions:

This device may not cause harmful interference.

♦

This device must accept any interference received, including interference that may cause undesired

♦

operations.

This equipment has been tested and found to comply with the limits for a CLASS B digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with the instructions, may cause harmful interference to radio communications.

If this equipment does cause harmful interference to radio/television reception, which can be determined by turning the equipment off and on, the user is encouraged to try to correct the interference by one or more of the following measures:

Reorient or relocate the receiving antenna.

•

Increase the separation between the equipment and the receiver.

•

Connect the equipment into an outlet on a circuit different from that to which the receiver is connected.

•

Consult the dealer or an experienced radio/TV technician for help.

•

Notice 1

Changes or modifications not expressly approved by the party responsible for compliance could void the user's authority to operate the equipment.

Notice 2

Shielded RS-232 cables are required to be used to ensure compliance with FCC Part 15, and it is the responsibility of the user to provide and use shielded RS-232 cables.

FCC Interference Statement iii

Prestige 681 SDSL Router

ZyXEL Limited Warranty

ZyXEL warrants to the original end user (purchaser) that this product is free from any defects in materials or workmanship for a period of up to two (2) years from the date of purchase. During the warranty period, and upon proof of purchase, should the product have indications of failure due to faulty workmanship and/or materials, ZyXEL will, at its discretion, repair or replace the defective products or components without charge for either parts or labor, and to whatever extent it shall deem necessary to restore the product or components to proper operating condition. Any replacement will consist of a new or remanufactured functionally equivalent product of equal value, and will be solely at the discretion of ZyXEL. This warranty shall not apply if the product is modified, misused, tampered with, damaged by an act of God, or subjected to abnormal working conditions.

Note

Repair or replacement, as provided under this warranty, is the exclusive remedy of the purchaser. This warranty is in lieu of all other warranties, express or implied, including any implied warranty of merchantability or fitness for a particular use or purpose. ZyXEL shall in no event be held liable for indirect or consequential damages of any kind of character to the purchaser.

To obtain the services of this warranty, contact ZyXEL's Service Center; refer to the separate Warranty Card for your Return Material Authorization number (RMA). Products must be returned Postage Prepaid. It is recommended that the unit be insured when shipped. Any returned products without proof of purchase or those with an out-dated warranty will be repaired or replaced (at the discretion of ZyXEL) and the customer will be billed for parts and labor. All repaired or replaced products will be shipped by ZyXEL to the corresponding return address, Postage Paid (USA and territories only). If the customer desires some other return destination beyond the U.S. borders, the customer shall bear the cost of the return shipment. This warranty gives you specific legal rights, and you may also have other rights that vary from state to state.

Don’t forget to register your Prestige (fast, easy online registration at www.zyxel.com) for free future product updates and information.

iv ZyXEL Limited Warranty

Prestige 681 SDSL Router

Customer Support

If you have questions about your ZyXEL product(s) or desire assistance, please contact ZyXEL Communications Corporation offices worldwide, in any one of the following ways. Our ftp sites are also available for software and ROM upgrades.

Method EMAIL – Support Telephone Web Site

Region EMAIL – Sales Fax FTP Site

Worldwide

support@zyxel.com.tw

support@europe.zyxel.com

+886-3-578-3942 www.zyxel.com

www.europe.zyxel.com

sales@zyxel.com.tw +886-3-578-2439 ftp.europe.zyxel.com

North

America

support@zyxel.com +1-714-632-0882

800-255-4101

www.zyxel.com

sales@zyxel.com +1-714-632-0858 ftp.zyxel.com

support@zyxel.dk +45-3955-0700 www.zyxel.dk

Scandinavia

sales@zyxel.dk +45-3955-0707 ftp.zyxel.dk

Austria

Germany

support@zyxel.at

sales@zyxel.at

support@zyxel.de

0810-1-ZyXEL 0810-1-99935

+43-1-4948678

+49-2405-6909-0 0180-5213247

Tech Support hotline

0180-5099935

RMA/Repair hotline

www.zyxel.at

ftp.zyxel.at

users with *.at domain only!

Note: for Austrian

www.zyxel.de

sales@zyxel.de +49-2405-6909-99 ftp.europe.zyxel.com

Regular Mail

ZyXEL Communications

Corp., 6 Innovation Road II,

Science-Based Industrial

Park, HsinChu, Taiwan.

ZyXEL Communications Inc.,

1650 Miraloma Avenue,

Placentia, CA 92870, U.S.A.

ZyXEL Communications A/S,

Columbusvej 5, 2860

Soeborg, Denmark.

ZyXEL Communications

Services GmbH.,

Thaliastrasse 125a/2/2/4,

A-1160 Vienna, Austria

ZyXEL Deutschland GmbH.,

Adenauerstr. 20/A4, D-52146

Wuerselen, Germany.

Customer Support v

Prestige 681 SDSL Router

Table of Contents

Customer Support..............................................................................................................v

Table of Contents ..............................................................................................................vi

List of Figures....................................................................................................................xi

List of Tables ...................................................................................................................xiv

Preface.............................................................................................................................xvii

Structure of this Manual ................................................................................................xix

What is DSL? ...................................................................................................................xx

Chapter 1: Getting to Know Your SDSL Router

1.1 Prestige 681 SDSL Router ..............................................................................................................1-1

1.2 Features of the Prestige 681 ............................................................................................................1-1

1.3 Applications for the Prestige 681 ....................................................................................................1-3

1.3.1 Internet Access .......................................................................................................................1-3

1.3.2 LAN to LAN Application.......................................................................................................1-4

............................................................1-1

Chapter 2: Hardware Installation & Initial Setup ......................................................2-1

2.1 Front Panel LEDs OF P681.............................................................................................................2-1

2.2 Prestige 681 Rear Panel and Connections .......................................................................................2-1

2.3 Additional Installation Requirements.............................................................................................. 2-3

2.4 Housing ...........................................................................................................................................2-3

2.5 Important Safety Instructions ..........................................................................................................2-4

2.6 Power On Your Prestige..................................................................................................................2-5

2.7 Navigating the SMT Interface.........................................................................................................2-6

2.7.1 System Management Terminal Interface Summary................................................................2-7

2.8 Changing the System Password.......................................................................................................2-8

2.9 Filename conventions......................................................................................................................2-8

2.9.1 Resetting the Prestige .............................................................................................................2-9

2.10 General Setup..............................................................................................................................2-9

vi Table of Contents

Prestige 681 SDSL Router

2.10.1 Note on Bridging ............................................................................................................. 2-10

2.11 Ethernet Setup .......................................................................................................................... 2-10

2.11.1 General Ethernet Setup.....................................................................................................2-11

2.12 Protocol Dependent Ethernet Setup...........................................................................................2-11

Chapter 3: WAN Setup.................................................................................................. 3-1

3.1 Frame Relay.................................................................................................................................... 3-1

3.1.1 Frame relay frame format ...................................................................................................... 3-2

3.1.2 Connection setup.................................................................................................................... 3-3

3.2 Setting up the WAN link................................................................................................................. 3-4

3.2.1 Frame Relay Options ............................................................................................................. 3-6

Chapter 4: Internet Access............................................................................................ 4-1

4.1 Factory Ethernet Defaults............................................................................................................... 4-1

4.2 TCP/IP Parameters ......................................................................................................................... 4-1

4.2.1 IP Address and Subnet Mask .................................................................................................4-1

4.2.2 Private IP Addresses .............................................................................................................. 4-2

4.2.3 RIP Setup ............................................................................................................................... 4-2

4.2.4 DHCP Configuration ............................................................................................................. 4-3

4.3 Route IP Setup................................................................................................................................ 4-4

4.4 TCP/IP Ethernet Setup and DHCP ................................................................................................. 4-4

4.5 LANs & WANs............................................................................................................................... 4-7

4.5.1 LANs, WANs and the Prestige............................................................................................... 4-7

4.6 Encapsulation.................................................................................................................................. 4-8

4.6.1 Encapsulation with Ascend/Lucent Link Compatibility ........................................................ 4-8

4.6.2 Encapsulation with Copper Mountain Link Compatibility .................................................... 4-8

4.7 DLCI............................................................................................................................................... 4-9

4.8 Internet Access Configuration........................................................................................................ 4-9

4.9 Single User Account..................................................................................................................... 4-12

4.9.1 Advantages of SUA ............................................................................................................. 4-12

4.9.2 Single User Account Configuration..................................................................................... 4-12

4.10 Multiple Servers behind SUA .................................................................................................. 4-13

4.10.1 Configuring a Server behind SUA................................................................................... 4-14

Chapter 5: Remote Node Configuration ...................................................................... 5-1

Table of Contents vii

Prestige 681 SDSL Router

5.1 Remote Node Setup.........................................................................................................................5-1

5.1.1 Remote Node Profile ..............................................................................................................5-1

5.2 Encapsulation ..................................................................................................................................5-1

5.2.1 Outgoing Authentication Protocol.......................................................................................... 5-4

5.2.2 Editing PPP Options...............................................................................................................5-4

5.2.3 Remote Node Filter ................................................................................................................5-5

Chapter 6: Remote Node TCP/IP Configuration.........................................................6-1

6.1 LAN-to-LAN Application...............................................................................................................6-1

6.1.1 Editing TCP/IP Options..........................................................................................................6-1

6.1.2 Static Route Setup ..................................................................................................................6-4

Chapter 7: IPX Configuration.......................................................................................7-1

7.1 IPX Network Environment..............................................................................................................7-1

7.1.1 Network and Node Number....................................................................................................7-1

7.1.2 Frame Types ...........................................................................................................................7-1

7.1.3 External Network Number......................................................................................................7-2

7.1.4 Internal Network Number.......................................................................................................7-2

7.2 Prestige 681 in an IPX Environment............................................................................................... 7-3

7.2.1 Prestige 681 on LAN with Server...........................................................................................7-3

7.2.2 Prestige 681 on LAN without Server......................................................................................7-3

7.3 IPX Ethernet Setup.......................................................................................................................... 7-4

7.4 LAN-to-LAN Application with Novell IPX....................................................................................7-5

7.4.1 IPX Remote Node Setup.........................................................................................................7-6

7.4.2 IPX Static Route Setup ........................................................................................................... 7-8

Chapter 8: Bridging Setup .............................................................................................8-1

8.1 Bridging in General.........................................................................................................................8-1

8.2 Bridge Ethernet Setup .....................................................................................................................8-1

8.2.1 Remote Node Bridging Setup.................................................................................................8-3

8.3 Bridge Static Route Setup ...............................................................................................................8-4

Chapter 9: Filter Configuration ....................................................................................9-1

9.1 About Filtering ................................................................................................................................ 9-1

9.2 Configuring a Filter Set...................................................................................................................9-3

9.2.1 Filter Rules Summary Menu...................................................................................................9-4

9.3 Configuring a Filter Rule ................................................................................................................9-6

viii Table of Contents

Prestige 681 SDSL Router

9.3.1 TCP/IP Filter Rule ................................................................................................................. 9-7

9.3.2 Generic Filter Rule................................................................................................................9-11

9.3.3 Novell IPX Filter Rule......................................................................................................... 9-13

9.4 Example Filter .............................................................................................................................. 9-15

9.5 Filter Types and SUA ................................................................................................................... 9-18

9.6 Applying a Filter and Factory Defaults ........................................................................................ 9-18

9.6.1 Ethernet traffic ..................................................................................................................... 9-18

9.6.2 Remote Node Filters ............................................................................................................ 9-19

Chapter 10: SNMP Configuration.............................................................................. 10-1

10.1 About SNMP............................................................................................................................ 10-1

10.2 Configuring SNMP .................................................................................................................. 10-1

Chapter 11: System Maintenance................................................................................11-1

11.1 System Status ............................................................................................................................11-2

11.1.1 Console Port Speed...........................................................................................................11-5

11.2 Log and Trace............................................................................................................................11-5

11.2.1 Viewing Error Log............................................................................................................11-5

11.2.2 Syslog And Accounting....................................................................................................11-6

11.3 Diagnostic .................................................................................................................................11-9

11.4 Backup Configuration .............................................................................................................11-10

11.5 Restore Configuration .............................................................................................................11-11

11.6 Upload Firmware.....................................................................................................................11-12

11.6.1 Upload Router Firmware................................................................................................11-13

11.6.2 Upload Router Firmware using FTP...............................................................................11-13

11.6.3 Uploading Router Configuration File.............................................................................11-14

11.6.4 Upload Router configuration File using FTP .................................................................11-15

11.7 TFTP Transfer.........................................................................................................................11-15

11.8 Command Interpreter Mode....................................................................................................11-17

11.9 Boot module commands..........................................................................................................11-18

Chapter 12: Troubleshooting ...................................................................................... 12-1

12.1 Problems Starting Up the Prestige............................................................................................ 12-1

12.2 Problems With the WAN Interface........................................................................................... 12-2

Table of Contents ix

Prestige 681 SDSL Router

12.3 Problems with the LAN Interface .............................................................................................12-2

12.4 Problems Connecting to a Remote Node or ISP ....................................................................... 12-2

Appendix Power Adapter Specs..................................................................................... A

Glossary .............................................................................................................................C

Index.................................................................................................................................... I

x Table of Contents

Prestige 681 SDSL Router

List of Figures

Figure 1-1 Internet Access Application _______________________________________________ 1-4

Figure 1-2 LAN-to-LAN Application via Frame Relay____________________________________ 1-5

Figure 1-3 LAN-to-LAN Application via Direct Connection _______________________________ 1-5

Figure 2-1 Prestige 681 Front Panel. ________________________________________________ 2-1

Figure 2-2 Prestige 681 Rear Panel Connections _______________________________________ 2-2

Figure 2-3 Power-On Display ______________________________________________________ 2-5

Figure 2-4 Login Screen___________________________________________________________ 2-5

Figure 2-5 SMT Main Menu________________________________________________________ 2-7

Figure 2-6 Menu 23.1 - System Password _____________________________________________ 2-8

Figure 2-7 Menu 1 – General Setup_________________________________________________ 2-10

Figure 2-8 Menu 3 - Ethernet Setup_________________________________________________ 2-11

Figure 2-9 Menu 3.1 - General Ethernet Setup ________________________________________ 2-11

Figure 3-1 Dedicated Leased Lines – Multiple Sites _____________________________________ 3-1

Figure 3-2 Frame Relay Solution____________________________________________________ 3-2

Figure 3-3 Frame Relay Format ____________________________________________________ 3-2

Figure 3-4 Menu 2 – WAN Setup ____________________________________________________ 3-6

Figure 3-5 Menu 2.1 - Frame Relay Options ___________________________________________ 3-7

Figure 4-1 Menu 1 – General Setup__________________________________________________ 4-4

Figure 4-2 Menu 3.2 – TCP/IP and DHCP Ethernet Setup ________________________________ 4-5

Figure 4-3 LAN & WAN IPs________________________________________________________ 4-7

Figure 4-4 Internet Access Setup ___________________________________________________ 4-10

Figure 4-5 Menu 4 – Internet Access Setup for Single User Account _______________________ 4-13

Figure 4-6 Example of Multiple Servers behind SUA ___________________________________ 4-14

Figure 4-7 Multiple Server Configuration ____________________________________________ 4-15

Figure 5-1 Menu 11.1 Remote Node Profile____________________________________________ 5-2

Figure 5-2 Menu 11.2 - Remote Node PPP Options _____________________________________ 5-5

List of Figures xi

Prestige 681 SDSL Router

Figure 5-3 Menu 11.5 – Remote Node Filter ___________________________________________ 5-6

Figure 6-1 TCP/IP LAN-to-LAN Application___________________________________________ 6-1

Figure 6-2 Menu 11.3_____________________________________________________________ 6-2

Figure 6-3 Sample IP Addresses for a TCPI/IP LAN-to-LAN Connection ____________________ 6-2

Figure 6-4 Example of Static Routing Topology ________________________________________ 6-5

Figure 6-5 Menu 12 - IP Static Route Setup ___________________________________________ 6-5

Figure 6-6 Edit IP Static Route _____________________________________________________ 6-6

Figure 7-1 NetWare Network Numbers _______________________________________________ 7-2

Figure 7-2 Prestige 681 in an IPX Environment ________________________________________ 7-3

Figure 7-3 Menu 3.3 - Novell IPX Ethernet Setup _______________________________________ 7-4

Figure 7-4 LAN-to-LAN Application with Novell IPX ____________________________________ 7-5

Figure 7-5 Menu 11.3 - Remote Node Novell IPX Options ________________________________ 7-6

Figure 7-6 Menu 12.2 - Edit IPX Static Route __________________________________________ 7-8

Figure 8-1 Menu 3.5 - Bridge Ethernet Setup __________________________________________ 8-2

Figure 8-2 Menu 11.3 - Remote Node Bridging Options __________________________________ 8-3

Figure 8-3 Menu 12.3 - Bridge Static Route Setup ______________________________________ 8-4

Figure 8-4 Menu 12.3.1 - Edit Bridge Static Route ______________________________________ 8-4

Figure 9-1 Filter Rule Process______________________________________________________ 9-2

Figure 9-2 Menu 21 - Filter Set Configuration _________________________________________ 9-3

Figure 9-3 NetBIOS_WAN Filter Rules Summary _______________________________________ 9-3

Figure 9-4 NetBIOS _LAN Filter Rules Summary _______________________________________ 9-4

Figure 9-5 Telnet Filter Rules Summary ______________________________________________ 9-4

Figure 9-6 Menu 21.1.1 - TCP/IP Filter Rule __________________________________________ 9-7

Figure 9-7 Executing an IP Filter __________________________________________________ 9-10

Figure 9-8 Menu 21.1.2 - Generic Filter Rule _________________________________________ 9-11

Figure 9-9 Menu 21.1.3 - IPX Filter Rule ____________________________________________ 9-13

Figure 9-10 Telnet Filter Example___________________________________________________ 9-15

Figure 9-11 Example Filter – Menu 21.1.1 ____________________________________________ 9-16

xii List of Figures

Prestige 681 SDSL Router

Figure 9-12 Example Filter Rules Summary – Menu 21.3_________________________________ 9-17

Figure 9-13 Protocol and Device Filter Sets ___________________________________________ 9-18

Figure 9-14 Filtering Ethernet traffic ________________________________________________ 9-19

Figure 9-15 Filtering Remote Node traffic_____________________________________________ 9-19

Figure 10-1 Menu 22 - SNMP Configuration___________________________________________ 10-1

Figure 11-1 Menu 24 - System Maintenance ___________________________________________ 11-1

Figure 11-2 Menu 24.1 - System Maintenance – Status___________________________________ 11-2

Figure 11-3 System Information and Console Port Speed _________________________________ 11-3

Figure 11-4 System Maintenance - Information_________________________________________ 11-4

Figure 11-5 Menu 24.2.2 – System Maintenance – Console Port Speed ______________________ 11-5

Figure 11-6 Examples of Error and Information Messages________________________________ 11-6

Figure 11-7 Menu 24.3.2 - System Maintenance – UNIX Syslog and Accounting _______________ 11-6

Figure 11-8 Menu 24.4 - System Maintenance - Diagnostic _______________________________ 11-9

Figure 11-9 Backup Configuration _________________________________________________ 11-10

Figure 11-10 HyperTerminal Screen _________________________________________________ 11-10

Figure 11-11 Successful Backup ____________________________________________________ 11-11

Figure 11-12 Restore Configuration _________________________________________________ 11-11

Figure 11-13 HyperTerminal Screen _________________________________________________ 11-12

Figure 11-14 Successful Backup ____________________________________________________ 11-12

Figure 11-15 Menu 24.7 - System Maintenance - Upload Firmware_________________________ 11-13

Figure 11-16 Menu 24.7.1 - Uploading Router Firmware_________________________________ 11-13

Figure 11-17 Menu 24.7.2 - System Maintenance - Upload Router Configuration File __________ 11-15

Figure 11-18 TFTP Example_______________________________________________________ 11-17

Figure 11-19 Command Mode ______________________________________________________ 11-18

Figure 11-20 Boot module commands ________________________________________________ 11-19

List of Figures xiii

Prestige 681 SDSL Router

List of Tables

Table 2-1 Front Panel LED Description _______________________________________________ 2-1

Table 2-2 Main Menu Commands_____________________________________________________ 2-6

Table 2-3 Main Menu Summary ______________________________________________________ 2-7

Table 2-4 Filename Conventions _____________________________________________________ 2-9

Table 2-5 General Setup Menu Fields ________________________________________________ 2-10

Table 3-1 Frame Relay Format ______________________________________________________ 3-3

Table 3-2 Transmission Rate Vs. Loop Reach (Copper Mountain) ___________________________ 3-5

Table 3-3 Transmission Rate Vs. Loop Reach (Ascend/Lucent) ______________________________ 3-5

Table 3-4 Menu 2 – WAN Setup Fields_________________________________________________ 3-6

Table 3-5 Menu 2.1 - Frame Relay Options Fields________________________________________ 3-7

Table 4-1 DHCP Ethernet Setup Menu Fields ___________________________________________ 4-6

Table 4-2 TCP/IP Ethernet Setup Menu Fields __________________________________________ 4-6

Table 4-3 Data Link Connection Identifiers _____________________________________________ 4-9

Table 4-4 Internet Account Information _______________________________________________ 4-10

Table 4-5 Internet Access Setup Menu Fields___________________________________________ 4-11

Table 4-6 Single User Account Menu Fields ___________________________________________ 4-13

Table 4-7 Services vs. Port number __________________________________________________ 4-15

Table 5-1 Remote Node Profile Menu Fields ____________________________________________ 5-2

Table 5-2 Remote Node PPP Options Menu Fields _______________________________________ 5-5

Table 6-1 TCP/IP related fields in Menu 11.1 - Remote Node Profile _________________________ 6-3

Table 6-2 TCP/IP Remote Node Configuration __________________________________________ 6-3

Table 6-3 Edit IP Static Route Menu Fields _____________________________________________ 6-6

Table 7-1 Novell IPX Ethernet Setup Fields _____________________________________________ 7-4

Table 7-2 Remote Node Novell IPX Options_____________________________________________ 7-7

Table 7-3 Edit IPX Static Route Menu Fields____________________________________________ 7-9

Table 8-1 Bridge Ethernet Setup Menu - Handle IPX Field Configuration _____________________ 8-2

xiv List of Tables

Prestige 681 SDSL Router

Table 8-2 P681 Remote Node Network Layer Menu Bridge Options __________________________ 8-3

Table 8-3 Bridge Static Route Menu Fields _____________________________________________ 8-5

Table 9-1 Abbreviations Used in the Filter Rules Summary Menu____________________________ 9-5

Table 9-2 Abbreviations Used If Filter Type Is IP ________________________________________ 9-6

Table 9-3 Abbreviations Used If Filter Type Is IPX _______________________________________ 9-6

Table 9-4 Abbreviations Used If Filter Type Is GEN ______________________________________ 9-6

Table 9-5 TCP/IP Filter Rule Menu Fields______________________________________________ 9-7

Table 9-6 Generic Filter Rule Menu Fields ____________________________________________ 9-12

Table 9-7 IPX Filter Rule Menu Fields________________________________________________ 9-14

Table 10-1 SNMP Configuration Menu Fields _________________________________________ 10-2

Table 11-1 System Maintenance - Status Menu Fields ___________________________________ 11-3

Table 11-2 (Read Only) Fields in System Maintenance - Information _______________________ 11-4

Table 11-3 System Maintenance Menu Syslog Parameters _______________________________ 11-7

Table 11-4 System Maintenance Menu Diagnostic_____________________________________ 11-10

Table 12-1 Troubleshooting the Start-Up of your Prestige _______________________________ 12-1

Table 12-2 Troubleshooting the SDSL connection ______________________________________ 12-2

Table 12-3 Troubleshooting the LAN Interface ________________________________________ 12-2

Table 12-4 Troubleshooting a Connection to a Remote Node or ISP________________________ 12-2

List of Tables xv

Prestige 681 SDSL Router

Preface

About Your SDSL Router

Congratulations on your purchase of the Prestige 681 SDSL Router.

Don’t forget to register your Prestige (fast, easy online registration at www.zyxel.com) for free future product updates and information.

The Prestige 681 (P681) is an SDSL router used for Internet/LAN access via an SDSL line. The Prestige 681 supports multi-protocol routing for TCP/IP and Novell IPX, as well as transparent bridging for other protocols. We will refer to the Prestige 681 as the P681 or simply the Prestige from now on.

The P681 SDSL router supports symmetrical multi-rate data transmission speeds from 144Kbps up to 2320Kbps. The actual rate depends on the copper category of your telephone wire, distance from the central office and the type of SDSL service subscribed. See the sections below for more background information on DSL and SDSL.

The P681 uses 2B1Q line code with echo cancellation for high data rate transmissions over a single twisted telephone wire pair without being affected by bridge taps or mixed cable links. It also provides high immunity from background noise.

The P681's 10/100M auto-negotiating LAN interface enables fast data transfer of either 10Mbps or 100Mbps in either half-duplex or full-duplex mode depending on your Ethernet network.

Your Prestige is easy to install and to configure. All functions of the Prestige are software configurable via the SMT (System Management Terminal) Interface.

About This User's Guide

This user's guide covers all operations of the Prestige 681 and shows you how to get the best out of the multiple advanced features of your SDSL Router. It is designed to guide you through the correct configuration of your Prestige 681 for various applications.

Prestige 681 SDSL Router

Chapter 1:

Getting to Know Your SDSL Router

This chapter describes the key features

and applications of the Prestige 681

1.1 Prestige 681 SDSL Router

As its name implies, SDSL is a symmetric (equal upstream and downstream speeds) service that delivers scalable, high-speed data communication speeds up to 2.3 Mbps. SDSL is the most reliable of the DSL family members because it's based on proven technology that the telephone companies have been using for years for their E1 service. Your Prestige integrates a high-speed 10/100Mbps auto-negotiating LAN interface and one high-speed SDSL port into a single package. The Prestige is ideal for high-speed Internet browsing and making LAN-to-LAN connections to remote networks.

1.2 Features of the Prestige 681

Your Prestige is packed with a number of features that give it the flexibility to provide a complete networking solution for almost any user.

z Ease of Installation

Your Prestige is designed for quick, intuitive and easy installation. Physically, its compact size and lightweight make it easy to position anywhere in your busy office.

z High Speed Scalability

One of the best features of SDSL service is its scalability. The P681 SDSL router supports symmetrical multi-rate data transmission speeds from 144Kbps up to 2320Kbps. You can increase the capacity of the Internet connection (within certain distance limitations ) without changing your ISP or purchasing new equipment. SDSL’s high symmetrical speeds are ideal for applications like web hosting and videoconferencing as well as the two-way data traffic needs of businesses.

z Frame Relay Support

Frame relay employs a simple form of packet switching that perfectly suits today’s powerful PCs, workstations and servers. Its high throughput and reliability easily copes with bandwidth-hungry business applications.

z 10/100M Fast Ethernet LAN Interface

The P681's 10/100M auto-negotiating LAN interface enables fast data transfer of either 10Mbps or 100Mbps in either half-duplex or full-duplex mode depending on your Ethernet network.

Getting to know your Prestige 1-1

Prestige 681 SDSL Router

z Protocols Supported



TCP/IP (Transmission Control Protocol/Internet Protocol) network layer protocol.



PPP (Point-to-Point Protocol) link layer protocol.



SUA™ (Single User Account) and NAT (Network Address Translation).

z Multiple Protocol Support

Novel IPX (Internetwork Packet eXchange) network layer protocol.

♦

Transparently bridging for unsupported network layer protocols.

♦

z DHCP Support

DHCP (Dynamic Host Configuration Protocol) allows you to automatically assign TCP/IP settings to workstations on your network. Your P681 can act as a (

DHCP Relay

) where it relays IP address assignment from the actual DHCP server to the clients.

DHCP Server

or as a surrogate DHCP server

z Networking Compatibility

Your Prestige is compatible with the major SDSL DSLAM (Digital Subscriber Line Access Multiplexer) providers including Ascend/Lucent and Copper Mountain, making configuration as simple as possible for you.

z Encapsulation

The Prestige 681 supports RFC 1490 (Multiprotocol over Frame Relay) and PPP over HDLC (RFC 1662) encapsulation. Please

see section 4.6

for more information on specific encapsulation methods.

z NAT/SUA for single-IP-address Internet Access

The Prestige's SUA (Single User Account) feature allows multiple user Internet access for the cost of a single ISP account. SUA supports popular Internet application, such as MS traceroute, CuSeeMe, IRC, RealAudio, VDOLive, Quake, and PPTP. No configuration is needed to support these applications.

z Full Network Management

SNMP (Simple Network Management Protocol) support.

♦

Accessing SMT (System Management Terminal) through a telnet connection

♦

Windows based PNC (Prestige Network Commander)

♦

z PAP and CHAP Security

The Prestige supports PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol). CHAP is more secure since the password is scrambled prior to transmission. However, PAP is readily available on more platforms.

1-2 Getting to know your Prestige

Prestige 681 SDSL Router

z Filters

The Prestige's packet filtering functions allows added network security and management.

1.3 Applications for the Prestige 681

1.3.1 Internet Access

The Prestige is the ideal high-speed Internet access solution. Your Prestige supports the TCP/IP protocol, which the Internet uses exclusively. It is compatible with all major SDSL DSLAM (Digital Subscriber Line Access Multiplexer) providers. A DSLAM is a rack of SDSL line cards with data multiplexed into a backbone network interface/connection (e.g., T1, OC3, DS3, ATM or Frame Relay). Think of it as the equivalent of a modem rack for SDSL. A typical Internet Access application is shown next.

Getting to know your Prestige 1-3

Prestige 681 SDSL Router

Figure 1-1 Internet Access Application

Internet Single User Account

For a SOHO (Small Office/Home Office) environment, your Prestige offers the Single User Account (SUA) feature that allows multiple users on the LAN (Local Area Network) to access the Internet concurrently for the cost of a single user.

1.3.2 LAN to LAN Application

You can use the Prestige to connect two geogr LAN-to-LAN applications for your Prestige are shown as follows.

1-4 Getting to know your Prestige

aphical

ly dispersed networks over the SDSL line. Typical

Prestige 681 SDSL Router

Figure 1-2 LAN-to-LAN Application via Frame Relay

Both Prestiges act as clients when they are connected via a Frame Relay network. When they are connected directly via a leased line for example, then one Prestige must act as a server and the other as a client as shown in the next figure.

Figure 1-3 LAN-to-LAN Application via Direct Connection

Getting to know your Prestige 1-5

Prestige 681 SDSL Router

Chapter 2:

Hardware Installation & Initial Setup

This chapter describes the physical features of the

Prestige and how to make the cable connections

2.1 Front Panel LEDs OF P681

The LED indicators on the front panel indicate the operational status of the Prestige 681. The table below the diagram describes the LED functions:

Figure 2-1 Prestige 681 Front Panel.

Table 2-1 Front Panel LED Description

PWR

SYS

LAN 10M

LAN 100M

SDSL

The PWR (power) LED is on when power is applied to the Prestige.

A steady on SYS (system) LED indicates the Prestige is on and functioning properly while an off SYS LED indicates the system is not ready or a malfunction. The system is rebooting when the SYS LED is blinking.

A steady green light indicates a 10Mb Ethernet connection. The LED blinks when data is being sent/received.

A steady green light indicates a 100Mb Ethernet connection. The LED blinks when data is being sent/received.

The SDSL LED is on when the Prestige is connected successfully to a DSLAM. The LED blinks when the link is still synchronizing – note that this may take up to 10 minutes.

2.2 Prestige 681 Rear Panel and Connections

The following figure shows the rear panel connections of your Prestige.

Installation & Setup 2-1

Prestige 681 SDSL Router

Figure 2-2 Prestige 681 Rear Panel Connections

Step 1. Grounding the Prestige

Ground the Prestige by connecting a grounded wire to the

Step 2. Connecting the SDSL Line

Connect the Prestige (RJ-11 port labeled SDSL) directly to the telephone jack using the SDSL cable (included).

Step 3. Connecting the Console Port

For the initial configuration of your Prestige, you need to use terminal emulator software on a workstation and connect it to the Prestige through the console port. Connect the 9-pin end of the console cable (9-pin to 25-pin console cable supplied) to the console port of the Prestige and the 25-pin end to a serial port (COM1, COM2 or other COM port) of your workstation. You can use an extension RS-232 cable if the enclosed one is too short.

2-2 Installation & Setup

(Frame Ground) of the Prestige.

F.G.

Prestige 681 SDSL Router

Step 4. Connecting a Workstation to the Prestige 10/100M LAN port

Ethernet 10Base-T networks use Shielded Twisted Pair (STP) cable with RJ-45 connectors that look like a bigger telephone plug with 8 pins. Use the crossover cable (red tag) to connect your Prestige 681 to a computer directly. Use straight through Ethernet cable (white tag) to connect to an external hub and then connect one end of a straight through Ethernet cable (white tag) from the hub to the NIC on the workstation.

Caution: The SDSL RJ-11 and LAN RJ-45 port jacks are similar. Be careful not to connect the SDSL line to the RJ-45 LAN port jack.

Step 5. Connecting the Power Adapter to your Prestige

Caution: To prevent damage to the Prestige, first make sure you have the correct AC power adapter. Please see the Appendices for AC power adapter specifications for your region.

Connect the power adapter to the port labeled

POWER

on the rear panel of your Prestige.

2.3 Additional Installation Requirements

In addition to the contents of your package, there are other hardware and software requirements you need before you can install and use your Prestige. These requirements include:

A computer with Ethernet 10Base-T/100Base-T NIC (Network Interface Card).

A computer equipped with communications software (for example, Hyper Terminal in Win95)

configured to the following parameters:

VT100 terminal emulation.

9600 Baud rate.

No parity, 8 Data bits, 1 Stop bit.

Flow Control set to None

After the Prestige has been successfully connected to your network, you can make future changes to the configuration through telnet application.

2.4 Housing

Your Prestige's ventilated housing has clip-out legs that fit snugly into grooves, enabling compact, sturdy stacking with airflow between routers. You should not stack more than 4

routers for maximum stability.

Installation & Setup 2-3

Prestige 681 SDSL Router

2.5 Important Safety Instructions

The following safety instructions apply to the P681:

1. Be sure to read and follow all warning notices and instructions.

2. The maximum recommended ambient temperature for the Prestige is 40º(104º). Care must be taken to allow sufficient air circulation or space between units when the Prestige is installed inside a closed rack assembly. The operating ambient temperature of the rack environment might be greater than room temperature.

3. Installation in a rack without sufficient airflow can be unsafe.

4. Racks should safely support the combined weight of all equipment.

5. The connections and equipment that supply power to the Prestige should be capable of operating safely with the maximum power requirements of the Prestige. In the event of a power overload, the supply circuits and supply wiring should not become hazardous. The input rating of the Prestige is printed on the nameplate.

6. The AC adapter must plug in to the right supply voltage, i.e. 120VAC adapter for North America and 230VAC adapter for Europe. Make sure that the supplied AC voltage is correct and stable. If the input AC voltage is over 10% lower than the standard may cause the Prestige to malfunction.

7. Installation in restricted access areas must comply with Articles 110-16, 110-17, and 110-18 of the National Electrical Code, ANSI/NFPA 70.

8. Do not allow anything to rest on the power cord of the AC adapter, and do not locate the product where anyone can walk on the power cord.

9. Do not service the product by yourself. Opening or removing covers can expose you to dangerous high voltage points or other risks. Refer all servicing to qualified service personnel.

10. Generally, when installed after the final configuration, the product must comply with the applicable safety standards and regulatory requirements of the country in which it is installed. If necessary, consult the appropriate regulatory agencies and inspection authorities to ensure compliance.

11. A rare condition can create a voltage potential between the earth grounds of two or more buildings. If products installed in separate building are interconnected, the voltage potential can cause a hazardous condition. Consult a qualified electrical consultant to determine whether or not this phenomenon exists and, if necessary, implement corrective action before interconnecting the products. If the equipment is to be used with telecommunications circuit, take the following precautions:

Never install telephone wiring during a lightning storm.

•

Never install telephone jacks in wet location unless the jack is specially designed for wet location.

•

Never touch uninsulated telephone wires or terminals unless the telephone line has been

•

disconnected at the network interface.

2-4 Installation & Setup

Prestige 681 SDSL Router

Use caution when installing or modifying telephone lines (other than a cordless telephone) during

•

an electrical storm. There is a remote risk of electric shock from lightning.

Do not use a telephone or other equipment connected to telephone lines to report a gas leak in the

•

vicinity of the leak.

2.6 Power On Your Prestige

At this point, you should have connected the console port, the SDSL line, the Ethernet port and the power port to the appropriate devices or lines. You can now apply power to the Prestige by turning the switch on.

Step 1. Initial Screen

When you power on your Prestige, it performs several internal tests as well as line initialization.

Start to initialize SDSL.....

Figure 2-3 Power-On Display

Step 2. Entering Password

The login screen appears prompting you to enter the password, as shown below.

For your first login, enter the default password

. As you type the password, the screen displays a (X)

1234

for each character you type.

Please note that if there is no activity for longer than 5 minutes after you log in, your Prestige will automatically log you out and will display a blank screen. If you see a blank screen, press

[ENTER]

bring up the login screen again.

Enter Password : XXXX

Figure 2-4 Login Screen

Installation & Setup 2-5

Prestige 681 SDSL Router

2.7 Navigating the SMT Interface

The SMT (System Management Terminal) is the interface that you use to configure your Prestige.

Several operations that you should be familiar with before you attempt to modify the configuration are listed in the table below.

Table 2-2 Main Menu Commands

Operation Press/<read> Description

Move down to another menu

Move up to a previous menu

Move to a “hidden” menu

Move the cursor

Enter information Fill in, or

Required fields

N/A fields <N/A> Some of the fields in the SMT will show a <N/A>. This symbol

Save your configuration

[ENTER] To move forward to a submenu, type in the number of the

desired submenu and press [ENTER].

[Esc] Press the [Esc] key to move back to the previous menu.

Press the [SPACE BAR] to change

Yes

press [ENTER]

[ENTER]

[Up]/[Down] arrow keys

Press the [SPACE BAR] to toggle

[ENTER] Save your configuration by pressing [ENTER] at the message

then

Fields beginning with “Edit” lead to hidden menus and have a default setting of No. Press the [SPACE BAR] to change No to

Yes

, then press [ENTER] to go to a “hidden” menu.

Within a menu, press [ENTER] to move to the next field. You can also use the [Up]/[Down] arrow keys to move to the previous and the next field, respectively.

You need to fill in two types of fields. The first requires you to type in the appropriate information. The second allows you to cycle through the available choices by pressing the [Space] bar.

All fields with the symbol <?> must be filled in order be able to save the new configuration.

refers to an option that is Not Applicable.

[Press ENTER to confirm or ESC to cancel]. Saving the data on the screen will take you, in most cases to the previous menu.

Exit the SMT

Type 99, then

press [ENTER].

Type 99 at the Main Menu prompt and press [ENTER] to exit the SMT interface.

2-6 Installation & Setup

Prestige 681 SDSL Router

After you enter the password, the SMT displays the

Getting Started

1. General Setup

2. WAN Setup

3. Ethernet Setup

4. Internet Access Setup

Advanced Applications

11. Remote Node Setup

12. Static Routing Setup

15. SUA Server Setup

Prestige 681 Main Menu

Advanced Management

21. Filter Set Configuration

22. SNMP Configuration

23. System Password

24. System Maintenance

99. Exit

Enter Menu Selection Number:

Main Menu

, as shown below.

Figure 2-5 SMT Main Menu

2.7.1 System Management Terminal Interface Summary

Table 2-3 Main Menu Summary

# Menu Title Description

1 General Setup Use this menu to set up general information.

2 WAN Setup Use this menu to configure the WAN link.

3 Ethernet Setup Use this menu to set up your LAN connection.

4 Internet Access Setup A quick and easy way to set up an Internet connection.

11 Remote Node Setup Use this menu to set up the Remote Node for LAN-to-LAN connection,

including Internet connection.

12 Static Routing Setup Use this menu to set up static routes.

15 SUA Server Setup

Use this menu to specify inside servers when SUA is enabled

21 Filter Set Configuration Use this menu to set up filters to provide security, etc.

22 SNMP Configuration Use this menu to set up SNMP related parameters.

23 System Password Use this menu to change your password.

24 System Maintenance This menu provides system status, diagnostics, software upload, etc.

99 Exit To exit from SMT and return to a blank screen.

Installation & Setup 2-7

Prestige 681 SDSL Router

2.8 Changing the System Password

The first thing your should do before anything else is to change the default system password by following the steps below.

Step 1.

Enter 23 in the Main Menu to open

Menu 23 - System Password

as shown below.

When the Submenu 23 System Password appears, type in your existing system password, i.e., 1234, and press [ENTER].

Menu 23 – System Password

Old Password= **** New Password= ****

Retype to confirm= ****

Figure 2-6 Menu 23.1 - System Password

Step 2.

Step 3.

Enter your new system password (up to 30 characters), and press

Re-type your new system password for confirmation and press

[ENTER]

Note that as you type a password, the screen displays a (*) for each character you type.

2.9 Filename conventions

The configuration file (sometimes called the romfile or romfile-0) contains the settings in the menus such as password, DHCP Setup defaults, TCP/IP Setup defaults etc. The external (i.e., not on the Prestige) configuration filename is usually the router model name with a *.rom extension, e.g., P681.rom. The ZyNOS firmware file (sometimes referred to as the “ras” file) is the file that contains the ZyXEL Network Operating System firmware and the external firmware file is usually called the router model name with a *.bin extension, e.g., P681.bin. Rename the configuration filename to “rom-0” and the firmware filename to “ras” when transferring files to the Prestige (i.e., the internal filenames on the Prestige). Renaming the files is not necessary when you transfer files to the Prestige using the X-Modem protocol. See

Upload Firmware

on page

for more information.

11-12

section 11.6

The following table is a summary. Please note that the internal filename refers to the filename on the Prestige and the external filename refers to the filename not on the Prestige, i.e., on your workstation, local network or ftp site and so the name (but not the extension) will vary. The AT command is the command you enter after you press “Y” when prompted in the SMT menu to go into debug mode. After uploading new firmware see the

ZyNOS S/W Version

field in

Menu 24.2.1

(

Figure 11-4

) to check you have

uploaded the correct firmware version.

2-8 Installation & Setup

Prestige 681 SDSL Router

Table 2-4 Filename Conventions

File Type Internal

Name

Configuration File

Firmware

Rom-0 *.rom This is the router configuration filename

Ras *.bin This is the generic name for the ZyNOS

External

Name

Description AT

Command

ATLC on the Prestige. Uploading the rom-0 file replaces the entire ROM file system, including your Prestige configurations, system-related data (including the baud rate and default password), the error log and the trace log.

ATUR firmware on the Prestige.

2.9.1 Resetting the Prestige

If you have forgotten your password or for some reason cannot access the SMT menu you will need to reinstall the configuration file. Uploading the configuration file replaces the current configuration file with the default configuration file, you will lose all configurations that you had before and the speed of the console port will be reset to the default of 9600bps with 8 data bit, no parity and 1 stop bit (8n1). The password will be reset to the default of 1234, also.

Turn off the Prestige and begin a Telnet session with the default console port settings. Turn on the Prestige again. When you see the message "Press Any key to enter Debug Mode within 3 seconds", press any key to enter debug mode. You should already have downloaded the correct file from your nearest ZyXEL FTP site.

See section 11.5 Restore Configuration

configuration file to your Prestige.

on page 11-11 for more information on how to transfer the

2.10 General Setup

Menu 1 - General Setup

To enter Menu 1 and fill in the required information, follow these steps:

Step 1.

Step 2.

Enter 1 in the Main Menu to open

The

Menu 1 - General Setup

[?] and turn on the individual protocols for your applications, as explained in the following table.

Installation & Setup 2-9

contains administrative and system-related information.

Menu 1 – General Setup

screen appears, as shown below. Fill in the required fields marked

Prestige 681 SDSL Router

Menu 1 - General Setup

System Name= P681 Location= branch Contact Person's Name= JohnDoe

Route IP= Yes Route IPX= No Bridge= No

Press ENTER to Confirm or ESC to Cancel:

Figure 2-7 Menu 1 – General Setup

Table 2-5 General Setup Menu Fields

Field Description Example

System Name

Location (optional)

Contact Person's Name (optional)

Protocols: Press the [SPACE BAR] to toggle on or off routing for the individual

Choose a descriptive name for identification purposes. This name can be up to 30 alphanumeric characters long. Spaces are not allowed, but dashes “-” and underscores "_" are accepted.

Enter the geographic location (up to 31 characters) of your Prestige

Enter the name (up to 30 characters) of the person in charge of this Prestige.

protocols.

P681

MyHouse

JohnDoe

Route IP

Route IPX

Bridge Turn on/off bridge forwarding for protocols not supported (e.g., SNA)

Set this field to for Internet access.

Set this field

or not turned on in the previous Route fields.

Yes

to enable IP routing. You must enable IP routing

Yes

to enable IPX routing.

Yes/No

2.10.1 Note on Bridging

When bridging is enabled, your Prestige forwards any packet that it does not route. Without bridging, the packets that the Prestige does not route are simply discarded. Compared to routing, bridging generates far more traffic for the same network protocol and consumes more CPU cycles and memory.

2.11 Ethernet Setup

This section describes how to configure the Ethernet using

Menu 3 – Ethernet Setup

Menu, enter 3 to open Menu 3.

2-10 Installation & Setup

. From the Main

Prestige 681 SDSL Router

Menu 3 - Ethernet Setup

1. General Setup

2. TCP/IP and DHCP Setup

3. Novell IPX Setup

4. Bridge Setup

Figure 2-8 Menu 3 - Ethernet Setup

2.11.1 General Ethernet Setup

This menu allows you to specify filter set(s) that you wish to apply to the Ethernet traffic. You seldom need to filter Ethernet traffic; however, the filter sets may be useful to block certain packets, reduce traffic and prevent security breaches.

Menu 3.1 - General Ethernet Setup

protocol filters= device filters= Output Filter Sets: protocol filters= device filters=

Input Filter Sets:

Press ENTER to Confirm or ESC to Cancel:

Figure 2-9 Menu 3.1 - General Ethernet Setup

If you need to define filters, please read the

Filter Set Configuration

chapter first, then return to this menu

to define the filter sets.

2.12 Protocol Dependent Ethernet Setup

Depending on the protocols for your applications, you need to configure the respective Ethernet Setup, as outlined below.

For TCP/IP Ethernet setup

For Novell IPX Ethernet setup

Configuration

For bridging Ethernet setup

refer to Chapter 4: Internet Access

refer to Section 7.3 - IPX Ethernet Setup in Chapter 7: IPX

refer to Chapter 8: Bridging Setup

Installation & Setup 2-11

Prestige 681 SDSL Router

2-12 Installation & Setup

3.1 Frame Relay

Prestige 681 SDSL Router

Chapter 3:

WAN Setup

This chapter helps you set up your WAN link on the Prestige.

What follows is some background information on frame relay. Please skip to section

WAN link

Frame relay is a form of packet-switching technology that routes frames of information from source to destination over a switching network owned by a carrier. Suppose a corporate network has 4 sites, site A, site B, site C and site D (as shown in the next figure) and you need to interconnect these sites with both data links and voice lines. As data traffic is relatively continuous throughout the day one solution (though inefficient) would be to set up dedicated leased lines connecting each office as shown in

to begin configuring your Prestige right away.

Figure 3-1 Dedicated Leased Lines – Multiple Sites

3.2 Setting up the

Figure 3-1

The frame relay solution would be to rent short dedicated leased lines to the carriers frame relay access point and then the carrier programs virtual circuits into the network between your sites.

WAN Setup 3-1

Prestige 681 SDSL Router

Figure 3-2 Frame Relay Solution

Frames are “relayed” through switches in the network, creating basically a virtual private network (VPN) between linked sites. This logical point-to-point circuit between customer sites is called a VC (virtual circuit) of which there are two types. Permanent VCs (PVCs) have constant end points and need to be set up in advance while switched VCs (SVCs) are set up on the fly as needed. The Prestige 681 supports PVCs only.

3.1.1 Frame relay frame format

The frame format for frame relay is as follows.

Bytes

1 2-4 0-4,000 2 1

Flag Link Info Data FCS Flag

Upper DLCI (6 bits) C/R EA 0

Lower DLCI (4 bits) FECN BECN DE EA 1

Figure 3-3 Frame Relay Format

3-2 WAN Setup

Prestige 681 SDSL Router

Each frame is described as follows:

Table 3-1 Frame Relay Format

Frame Description

FLAG

LINK INFO

DLCI DLCI (data link connection identifier)

FECN FECN (forward explicit congestion notification)

BECN

DATA

FCS FCS (FRAME CHECK SEQUENCE)

FLAG

The flag field holds the “Start of frame” marker.

This field holds the logical connection address and control fields as described here:

identifies the logical connections.

C/R

Command/Response bit related to congestion control.

EA EA (extended address)

more than 10 bits.

congestion.

BECN (backward explicit congestion notification)

congestion.

DE (discard eligibility)

congested.

Control information or encapsulated data goes in this field.

This flag field holds the “End of frame” marker.

is used to extend the header field to support DLCI addresses of

indicates whether frames can be discarded if the network is

is a checksum used for error detection.

warns receivers about network

warns senders about network

3.1.2 Connection setup

A management protocol called LMI (Local Management Interface) provides information about the status of PVC-to-network access devices. It defines management frames for monitoring the integrity of a link and whether a link is active or not.

The frame-relay network manages congestion by setting bits in frames that warn end devices that there is congestion on the network. A bit called FECN (forward explicit congestion notification) is set to notify a receiving system of congestion and a bit called BECN (backward explicit congestion notification) is set to notify sending devices of congestion. In the latter case, the sending device will temporarily slow down or stop transmissions.

WAN Setup 3-3

Prestige 681 SDSL Router

3.2 Setting up the WAN link

You configure SDSL and Frame Relay settings in information.

Q.1. Is your P681 acting as a SDSL server or as a client (

acting as a SDSL server, then select a client, then select

Q.2. Is your SDSL link compatible (

Mountain

Mountain and each use different methods for finding the transmission speed of the peer. Copper Mountain compatible devices do this automatically, but it must be done manually for Ascend/Lucent.

Q.3. What is the actual transmission rate? The P681 SDSL router supports symmetrical multi-rate data

transmission speeds from 144Kbps up to 2320Kbps for 160Kbps to 1,568Kbps for the Internet connection (within certain limitations) without changing your ISP or buying new equipment. Note that these tables outline the distance limitations only and do not mean that distance determines the actual transmission speed agreed between you and the peer. Both the Prestige and the peer must have the same transmission rate. For [SPACEBAR] in the press [ automatically (

Compatibility

The following tables outlines distance limitations on data transmission rates for both and

Ascend/Lucent

ZyXEL. AWG (American Wire Gauge) the thickness of the wire increases (the AWG number decreases) the further you can transmit. Therefore distances for wire gauge AWG 24 should be further for any given transmission rate. Please note that line quality, noise etc. also influence attainable data transmission rates and that the transmission rates in the tables below are meant as a reference and not a guarantee of rates attainable.

? The major SDSL players at the moment are Ascend (now part of Lucent) and Copper

ENTER] to

Client

select the matching transmission speed of the peer. The

Auto

field

Link Compatibility

(Remote Terminal) from the

Copper Mountain

Transfer Rate=

- and is not selectable) if you chose

Server

Link Compatibility

field to step through the transmission speed options and then

is a measurement system for wire that specifies its thickness. As

Menu 2 – WAN Setup

see Figure 1-1, Figure 1-2

(Central Office) from the

Service Type

field) with

Ascend/Lucent

Link Compatibility

Ascend/Lucent

Copper Mountain

using wire gauge AWG 26 (0.4mm) based on lab tests in

. You need to know the following

and

Figure 1-3

Service Type

field.

Ascend/Lucent

Link Compatibility

. You can increase the capacity of

Link Compatibility

Transfer Rate=

field. If acting as

Copper

press the

in the

Link

Copper Mountain

)? If

or from

field is set

3-4 WAN Setup

Prestige 681 SDSL Router

Table 3-2 Transmission Rate Vs. Loop Reach (Copper Mountain)

Transmission 1Rate

Kbps

160 5943 19500

208 5791 19000

320 5181 17000

416 4572 15000

784 3962 13000

1040 3505 11500

1568 2743 9000

Distance

(meters)

Distance (feet)

Table 3-3 Transmission Rate Vs. Loop Reach (Ascend/Lucent)

Transmission 1Rate

Kbps

144 5943 19500

272 5486 18000

400 4572 15000

528 4267 14000

Distance

(meters)

Distance (feet)

784 3962 13000

1168 3353 11000

1552 2743 9000

2320 2438 8000

Note that these tables outline the distance limitations only and do not mean that distance determines the actual transmission speed agreed between you and the peer. Both the Prestige and the peer must have the same transmission rate.

The maximum transmission rate in some countries is limited, e.g., currently 1168Kbps for Switzerland.

WAN Setup 3-5

Prestige 681 SDSL Router

If you are unsure of any of this information, please check with your telephone company. Enter 2 from the main menu to open

Menu 2 – WAN Setup

Menu 2 - Wan Setup

Service Type= Client Link Compatibility= Ascend/Lucent Transfer Rate= 2320K

Edit Frame Relay Options= No

Press ENTER to Confirm or ESC to Cancel:

Figure 3-4 Menu 2 – WAN Setup

The following table describes the fields in this menu.

Table 3-4 Menu 2 – WAN Setup Fields

Field Description Option

Service Type=

Link Compatibility= Press the [SPACEBAR] to select either

Transfer Rate= Press the [SPACEBAR] to step through the

Edit Frame Relay Options=

Choose server and [SPACEBAR] to toggle between choices and then press [ENTER] to select.

Ascend/Lucent

transmission speed options and then press [ENTER] to select the matching transmission speed of the peer.

Press the [SPACEBAR] to change No to press [ENTER] to go to

Options

Server

if your P681 is acting as a SDSL

Client

if it is acting as a client. Press the

Copper Mountain.

Menu 2.1 – Edit Frame Relay

(see the next section).

Yes

, then

Server

Client

Ascend/Lucent

Copper Mountain

e.g.,

784K

Yes

3.2.1 Frame Relay Options

Press the spacebar to toggle the default No to to display

Menu 2.1 - Frame Relay Options

3-6 WAN Setup

Yes

in the

Edit Frame Relay Options=

field in Figure 3-4

Prestige 681 SDSL Router

Standards

The two main groups that create recommendations and standards in the telecommunications field are ITU – T (International Telecommunication Union – Telecommunications Standardization Sector) and ANSI (American National Standards Institute). Standards vary slightly for both organizations, so please select the correct organization in the

Link Management

field in menu 2.1. Your Network Service Provider (NSP)

should provide you with this information.

Menu 2.1 - Frame Relay Options

Link Management= ANSI(T1.617D)

Press ENTER to Confirm or ESC to Cancel:

Press Space Bar to Toggle.

Figure 3-5 Menu 2.1 - Frame Relay Options

Table 3-5 Menu 2.1 - Frame Relay Options Fields

Field Description Options

)

ITU-T(Q.933A)

ANSI(T1.617D)

No LMI (

for Copper Mountain Encapsulation)

default

Link Management=

This function is responsible for monitoring the up/down status and error performance of an individual link. If failure occurs, it also initiates recovery actions for the restoration of the failed link. Press the [SPACEBAR] and then [ENTER] to select which standard is compatible with your Prestige. Both the Prestige and the peer must use the same standard. LMI (Local Management Interface) is a management protocol that provides information about the status of PVC-to-network access devices. Some Copper Mountain DSLAMs do not support this protocol, so you may need to choose

LMI

(default for Copper Mountain encapsulation

when you do not wish LMI packets to be sent.

only

WAN Setup 3-7

Prestige 681 SDSL Router

Chapter 4:

Internet Access

This chapter shows you how to configure the LAN as well as

the WAN of your Prestige for Internet access

4.1 Factory Ethernet Defaults

The Ethernet parameters of the Prestige are preset in the factory with the following values:

1. IP address of 192.168.1.1 with subnet mask of 255.255.255.0 (24 bits).

2. DHCP server enabled with 32 client IP addresses starting from 192.168.1.33.

These parameters should work for the majority of installations. If the parameters are satisfactory, you can skip to section 3.4 gives you explicit DNS server address(es). If you wish to change the factory defaults or to learn more about TCP/IP, please read on.

TCP/IP Ethernet Setup and DHCP

4.2 TCP/IP Parameters

to enter the DNS server address(es) if your ISP

4.2.1 IP Address and Subnet Mask

Similar to the houses on a street that share a common street name, the machines on a LAN share one common network number, also.

Where you obtain your network number depends on your particular situation. If the ISP or your network administrator assigns you a block of registered IP addresses, follow their instructions in selecting the IP addresses and the subnet mask.

If the ISP did not explicitly give you an IP network number, then most likely you have a single user account and the ISP will assign you a dynamic IP address when the connection is established. If this is the case, it is recommended that you select a network number from 192.168.0.0 to 192.168.255.0 (ignoring the trailing zero) and you must enable the Single User Account feature of the Prestige. The Internet Assigned Number Authority (IANA) reserved this block of addresses specifically for private use; please do number unless you are told otherwise. Let’s say you select 192.168.1.0 as the network number; which covers 254 individual addresses, from 192.168.1.1 to 192.168.1.254 (zero and 255 are reserved). In other words, the first 3 numbers specify the network number while the last number identifies an individual workstation on that network.

Once you have decided on the network number, pick an IP address that is easy to remember, e.g.,

192.168.1.1, for your Prestige.

Internet Access 4-1

use any other

not

Prestige 681 SDSL Router

The subnet mask specifies the network number portion of an IP address. Your Prestige will compute the subnet mask automatically based on the IP address that you entered. You don’t need to change the subnet mask computed by the Prestige unless you are instructed to do otherwise.

4.2.2 Private IP Addresses

Every machine on the Internet must have a unique address. If your networks are isolated from the Internet, e.g., only between your two branch offices, you can assign any IP addresses to the hosts without problems. However, the Internet Assigned Numbers Authority (IANA) has reserved the following three blocks of IP addresses specifically for private networks:

10.0.0.0 - 10.255.255.255

172.16.0.0 - 172.31.255.255

192.168.0.0 - 192.168.255.255

For this reason, it is recommended that you choose your network number from the above list.

You can obtain your IP address from the IANA, from an ISP, or assigned from a private network. If you belong to a small organization and your Internet access is through an ISP, the ISP can provide you with the Internet addresses for your local networks. On the other hand, if you are part of a much larger organization, you should consult your network administrator for the appropriate IP addresses.

Note:

guidelines above. For more information on address assignment, please refer to RFC 1597,

Allocation for Private Internets

Regardless of your particular situation, do not create an arbitrary IP address; always follow the

Address

and RFC 1466,

Guidelines for Management of IP Address Space.

4.2.3 RIP Setup

RIP (Routing Information Protocol) allows a router to exchange routing information with other routers. The

RIP Direction

will broadcast its routing table periodically and incorporate the RIP information that it receives; when set to none, it will not send any RIP packets and will ignore any RIP packets received.

The

Version

sends (it recognizes both formats when receiving). information.

Both

RIP-2B

subnet broadcasting while machines since they generally do not listen to the RIP multicast address and so will not receive the RIP packets. However, if one router uses multicasting, then all routers on your network must use multicasting, also.

4-2 Internet Access

field controls the sending and receiving of RIP packets. When set to both, the Prestige

field controls the format and the broadcasting method of the RIP packets that the Prestige

is universally supported; but RIP-2 carries more

RIP-1

is probably adequate for most networks, unless you have an unusual network topology.

RIP-1

and

RIP-2M

sends the routing data in RIP-2 format; the difference being that

RIP-2M

uses multicasting. Multicasting can reduce the load on non-router

RIP-2B

uses

Prestige 681 SDSL Router

By default,

RIP direction

is set to

Both

and the

Version

set to

RIP-1

4.2.4 DHCP Configuration

DHCP (Dynamic Host Configuration Protocol) allows the individual clients (workstations) to obtain the TCP/IP configuration at start-up from a centralized DHCP server. The Prestige has built-in DHCP server capability, enabled by default, which means it can assign IP addresses, an IP default gateway and DNS servers to Windows 95, Windows NT and other systems that support the DHCP client. The Prestige can also act as a surrogate DHCP server ( DHCP server to the clients.

IP Pool Setup

The Prestige is pre-configured with a pool of 32 IP addresses starting from 192.168.1.33 to 192.168.1.64 for the client machines. This leaves 31 IP addresses, 192.168.1.2 to 192.168.1.32 (excluding the Prestige itself which has a default IP of 192.168.1.1) for other server machines, e.g., server for mail, FTP, telnet, web, etc., that you may have.

DNS Server Address

DNS (Domain Name System) is for mapping a domain name to its corresponding IP address and vice versa, e.g., the IP address of without it, you must know the IP address of a machine before you can access it. The DNS server addresses that you enter in the DHCP setup are passed to the client machines along with the assigned IP address and subnet mask.

There are two ways that an ISP disseminates the DNS server addresses. The first is for an ISP to tell a customer the DNS server addresses, usually in the form of an information sheet, when s/he signs up. If your ISP does give you the DNS server addresses, enter them in the otherwise, leave them blank.

www.zyxel.com

DHCP Relay

is 204.217.0.2. The DNS server is extremely important because

) where it relays IP address assignment from the actual

DNS Server

fields in

DHCP Setup

Some ISPs choose to pass the DNS servers using the DNS server extensions of PPP IPCP (IP Control Protocol) after the connection is up. If your ISP did not give you explicit DNS servers, chances are the DNS servers are conveyed through IPCP negotiation. The Prestige supports the IPCP DNS server extensions through the DNS proxy feature.

If the

Primary

Prestige tells the DHCP clients that it itself is the DNS server. When a workstation sends a DNS query to the Prestige, the Prestige forwards the query to the real DNS server learned through IPCP and relays the response back to the workstation.

Please note that DNS proxy works only when the ISP uses the IPCP DNS server extensions. It does not mean you can leave the DNS servers out of the DHCP setup under all circumstances. If your ISP gives you explicit DNS servers, make sure that you enter their IP addresses in the Prestige can pass the DNS servers to the workstations and the workstations can query the DNS server directly without the Prestige’s intervention.

Internet Access 4-3

and

Secondary DNS Server

fields in

DHCP Setup

are not specified, i.e., left as 0.0.0.0, the

DHCP Setup

menu. This way, the

Prestige 681 SDSL Router

4.3 Route IP Setup

The first step is to enable the IP routing in

To edit Menu 1, enter 1 in the Main Menu to select

field to

by pressing the [

Yes

SPACE BAR

System Name= P681 Location= location Contact Person's Name= name

Route IP= Yes Route IPX= No Bridge= No

Menu 1 - General Setup

General Setup

Menu 1 - General Setup

Press ENTER to Confirm or ESC to Cancel:

Figure 4-1 Menu 1 – General Setup

4.4 TCP/IP Ethernet Setup and DHCP

You will now use Menu 3.2 to configure your Prestige for TCP/IP.

To edit Menu 3.2, enter 3 to open the appears, select the submenu option

displays

Menu 3.2 - TCP/IP and DHCP Ethernet Setup

TCP/IP and DHCP Setup

Menu 3 - Ethernet Setup

from the Main Menu. When Menu 3

and press [ENTER]

, as shown next

and press [ENTER]. Set the

The screen now

Route

4-4 Internet Access

Prestige 681 SDSL Router

Menu 3.2 - TCP/IP and DHCP Ethernet Setup

DHCP Setup:

DHCP= Server Client IP Pool Starting Address= 192.168.1.33 Size of Client IP Pool= 32 Primary DNS Server= 0.0.0.0 Secondary DNS Server= 0.0.0.0 Remote DHCP Server= N/A

TCP/IP Setup:

IP Address= 192.168.1.1 IP Subnet Mask= 255.255.255.0 RIP Direction= Both

Version= RIP-1

Press Space Bar to Toggle.

Enter here to CONFIRM or ESC to CANCEL:

Figure 4-2 Menu 3.2 – TCP/IP and DHCP Ethernet Setup

Follow the instructions in the following table on how to configure the DHCP fields.

First address in the IP Pool

Size of the IP Pool

IP addresses of the DNS servers

Internet Access 4-5

Prestige 681 SDSL Router

Table 4-1 DHCP Ethernet Setup Menu Fields

Field Description Example

DHCP Setup

DHCP=

Client IP Pool Starting

Address

Size of Client IP Pool This field specifies the size, or count, of the IP address pool. 32

Primary DNS Server

Secondary DNS Server

Remote DHCP Server

If this field is set to addresses, an IP default gateway and DNS servers to Windows 95, Windows NT and other systems that support the DHCP client. If set to

Relay,

the Prestige acts as a surrogate DHCP server and relays DHCP requests and responses between the remote server and the clients. Enter the IP address of the actual, remote DHCP server in the When DHCP is used, the following items need to be set:

This field specifies the first of the contiguous addresses in the IP address pool.

Enter the IP addresses of the DNS servers. The DNS servers are passed to the DHCP clients along with the IP address and the subnet mask.

Relay

If address of the actual, remote DHCP server here.

is selected in the

Server

, your Prestige can assign IP

None

, the DHCP server will be disabled. If set to

Remote DHCP Server

DHCP=

field above, then enter the IP

in this case.

None

Server

(default)

Relay

192.168.1.33

Follow the instructions in the following table to configure TCP/IP parameters for the Ethernet port.

Table 4-2 TCP/IP Ethernet Setup Menu Fields

Field Description Example

TCP/IP Setup

Enter the (LAN) IP address of your Prestige in dotted decimal

Address

IP Subnet Mask Your Prestige will automatically calculate the subnet mask based

Direction

Version

When you have completed this menu, press [ENTER] at the prompt [Press ENTER to Confirm…] to save your configuration, or press [Esc] at any time to cancel.

notation

on the IP address that you assign. Unless you are implementing subnetting, use the subnet mask computed by the Prestige

Press the [SPACE BAR] to select the RIP direction from

RIP

Only/Out Only or None.

Press the [SPACE BAR] to select the RIP version from

2B/RIP-2M.

Both/In

RIP-1/RIP-

192.168.1.1 (default)

255.255.255.0

Both

RIP-1

4-6 Internet Access

(default)

Prestige 681 SDSL Router

4.5 LANs & WANs

A LAN (Local Area Network) is a computer network limited to the immediate area, usually the same building or floor of a building. A WAN (Wide Area Network), on the other hand is an outside connection to another network or the Internet.

4.5.1 LANs, WANs and the Prestige

The actual physical connection determines whether the Prestige ports are LAN or WAN ports. There are two separate IP networks, one inside, the LAN network - the other outside, the WAN network as shown next.

Figure 4-3 LAN & WAN IPs

Internet Access 4-7

Prestige 681 SDSL Router

4.6 Encapsulation

Note: You must restart the P681 when you change the Encapsulation method in Menu 4 or Menu 11.1.

Your service provider should provide you with this information.

4.6.1 Encapsulation with Ascend/Lucent Link Compatibility

You have two choices for

RFC 1490

RFC 1490 describes Multiprotocol over Frame Relay encapsulation which is an encapsulation method for carrying network interconnect traffic (both bridging and routing) over a frame relay backbone. It also describes a simple fragmentation procedure for carrying large frames over a frame relay network with a smaller MTU (Maximum Transmission Unit).

PPP

RFC 1662 defines PPP over HDLC (High-level Data Link Control). HDLC is a bit-oriented, (meaning that the data is monitored bit by bit) link layer protocol for the transmission of data over synchronous networks. Transmissions consist of binary data without any special control codes. Information in the frame contains control and response commands, however. HDLC supports full-duplex transmission in which data is transmitted in two directions at the same time, resulting in higher throughput. HDLC is suitable for pointto-point and multipoint (multidrop or one-to-many) connections.

Encapsulation

when you use

Ascend/Lucent

Link Compatibility

4.6.2 Encapsulation with Copper Mountain Link Compatibility

You have four choices for service provider should tell you this information as the choice depends on what “networking model" they are using with their CopperEdge concentrator. Please see the Copper Mountain web site for detailed information on “networking models" and the CopperEdge concentrator.

PPP

Select this option when the peer is using a “PPP over ATM” or “PPP over Frame Relay” networking model.

Encapsulation

when you use

Copper Mountain

Link Compatibility

. Your

CMN 1483

This is a Copper Mountain variant of RFC 1483. Select this option when the CopperEdge employs IP routing, 1483 FUNI encapsulation and the “CopperVPN” or “VWAN” networking models.

4-8 Internet Access

Prestige 681 SDSL Router

CMN 1490

This is a Copper Mountain variant of RFC 1490. Select this option when the CopperEdge employs IP routing, 1490 Frame encapsulation and the “CopperVPN” or “VWAN” networking models.

RFC 1490

Select this option when the CopperEdge employs the “Frame Relay Multiplexing” networking model.

4.7 DLCI

The carrier gives you a specific DLCI (data link connection identifier) for each PVC which is a path number of a portion of the PVC (the DLCI changes for each hop through the network), not the address of the destination. It is a logical identifier with local significance only. Identifiers can range from 1 to 1023 with restrictions shown in the following table. The default DLCI for the P681 is 16 when you choose RFC 1490 encapsulation and N/A (not applicable) for PPP encapsulation.

Table 4-3 Data Link Connection Identifiers

DLCI Usage

0 Channel signaling

1-15 Reserved

16 – 1007 Frame Relay

1008 – 1022 Reserved

1023 LMI

4.8 Internet Access Configuration

Menu 4 allows you to enter the Internet Access information in one screen. Menu 4 is actually a simplified setup for the remote node that you can access in Menu 11. Before you configure your Prestige for Internet access, you need to collect your Internet account information from your ISP and telephone company. Use the following table to record your Internet Account Information.

Internet Access 4-9

Prestige 681 SDSL Router

Table 4-4 Internet Account Information

Internet Account Information Write your account information here

Telephone Company Information

see section 4.7 above

DLCI (

)

ISP Information

−

Encapsulation (

Password for ISP authentication

Link Compatibility (see

see section 4.6 above)

section 3.2 above

From the Main Menu, enter 4 to go to

)

Menu 4 - Internet Access Setup

−

, as displayed below. The following

table contains instructions on how to configure your Prestige for Internet access.

Menu 4 - Internet Access Setup

ISP Name= myISP Encapsulation= rfc 1490

DLCI= 16

My Login= kitty My Password= ******** Single User Account= No IP Address= N/A

Press ENTER to confirm or ESC to cancel:

Get this information from the telephone company. Get the other information from your ISP.

Figure 4-4 Internet Access Setup

4-10 Internet Access

Prestige 681 SDSL Router

Table 4-5 Internet Access Setup Menu Fields

Field Description Options/E.G.

ISP Name

Encapsulation

DLCI

My Login

Enter the name of your Internet Service Provider, e.g., myISP. This information is for identification purposes only.

Press the [Spacebar] to select the method of encapsulation used by your ISP. DLCI is N/A for PPP encapsulation. Please more information.

Enter the DLCI (Data Link Connection Identifier) that the carrier gave you. The default DLCI for the P681 is 16, using RFC 1490 encapsulation.

section 4.7

Enter the login name that your ISP gives you.

for more information.

see section 4.6

for

See

e.g., MyISP

RFC 1490

PPP

CMN 1483

CMN 1490

RFC 1490

e.g., 16

e.g., kitty

My Password

Single User Account Press the spacebar to enable or disable SUA.

IP Address Enter the IP address supplied by your ISP if

Enter the password associated with the login name above.

Please see the following section for a more detailed discussion on the Single User Account feature.

applicable i.e., if you enabled SUA.

Single User Account Menu Fields

more information in this case.

See

Table 4-6

for

********

Yes/No

e.g., 192.168.1.100

At this point, if all your settings are correct your Prestige should connect automatically to the Internet. If the connection fails, note the error message that you receive on the screen and take the appropriate troubleshooting steps.

Note: You must reboot the Prestige when you change the Encapsulation method in Menu 4 or Menu 11.

Internet Access 4-11

Prestige 681 SDSL Router

4.9 Single User Account

Typically, if there are multiple users on the LAN wanting to concurrently access the Internet, you will have to lease a block of legal, or globally unique, IP addresses from the ISP.

The Single User Account (SUA) feature allows you to have the same benefits as having multiple legal addresses, but only pay for one IP address, thus saving significantly on the subscription fees. (Check with your ISP before you enable this feature). SUA supports popular Internet applications such as MS traceroute, CuSeeMe, IRC, RealAudio, VDOLive, Quake and PPTP with no extra configuration needed.

The IP address for the SUA can be either fixed or dynamically assigned by the ISP. In addition, you can designate servers, e.g., a web server and a telnet server, on your local network and make them accessible to the outside world. If you do not define any server, SUA offers the additional benefit of firewall protection. If no server is defined, all incoming inquiries will be filtered out by your Prestige, thus preventing intruders from probing your network. Your Prestige accomplishes this address sharing by translating the internal LAN IP addresses to a single address that is globally unique on the Internet. For more information on IP address translation, refer to RFC 1631,

4.9.1 Advantages of SUA

In summary:

SUA is a cost-effective solution for small offices to access the Internet or other remote TCP/IP

networks.

The IP Network Address Translator (NAT).

SUA supports servers to be accessible to the outside world.

SUA can provide firewall protection if you do not specify a server. All incoming inquiries will be

filtered out by your Prestige.

UDP and TCP packets can be routed. In addition, partial ICMP, including echo and traceroute, is

supported.

4.9.2 Single User Account Configuration

The steps for configuring your Prestige for Single User Account are identical to the conventional Internet access with the exception that you need to fill in two extra fields in shown next.

4-12 Internet Access

Menu 4 - Internet Access Setup

, as

SUA

Prestige 681 SDSL Router

Menu 4 - Internet Access Setup

ISP Name= myISP Encapsulation= PPP

DLCI= 16 My Login= kitty My Password= ******** Single User Account= Yes IP Address= 192.168.1.100

Press ENTER to confirm or ESC to cancel:

Figure 4-5 Menu 4 – Internet Access Setup for Single User Account

To enable the SUA feature in Menu 4, move the cursor to the

to disable SUA). Then follow the instructions on how to configure the SUA fields.

Single User Account

field and select

Yes

(or

Table 4-6 Single User Account Menu Fields

Field Description

Yes

Single User Account

IP Addr.

Press [ENTER] at the message [Press ENTER to Confirm ...] to save your configuration, or press [Esc] at any time to cancel.

Select

If your ISP did [0.0.0.0] here; otherwise, enter that IP address here.

to enable SUA.

not

assign you a static IP address, enter

4.10 Multiple Servers behind SUA

If you wish, you can make inside servers for different services, e.g., web or FTP, visible to the outside users, even though SUA makes your whole inside network appear as a single machine to the outside world. A service is identified by the port number, e.g., web service is on port 80 and FTP on port 21.

As an example (see the following figure), if you have a web server at 192.168.1.36 and an FTP server

192.168.1.33, then you need to specify for port 80 (web) the server at IP address 192.168.1.36 and for port 21 (FTP) another at IP address 192.168.1.33.

Please note that a server can support more than one service, e.g., a server can provide both FTP and DNS service, while another provides only web service. Also, since you need to specify the IP address of a server in the Prestige, a server must have a fixed IP address and not be a DHCP client whose IP address potentially changes each time it is powered on.

Internet Access 4-13

Prestige 681 SDSL Router

In addition to the servers for specific services, SUA supports a default server. A service request that does not have a server explicitly designated for it is forwarded to the default server. If the default server is not defined, the service request is simply discarded.

Figure 4-6 Example of Multiple Servers behind SUA

To make a server visible to the outside world, specify the port number of the service and the inside IP address of the server in

Menu 15 - Multiple Server Configuration

4.10.1 Configuring a Server behind SUA

Follow the steps below to configure a server behind SUA:

Step 1.

Step 2.

Step 3.

Enter 15 in the main menu to go to

Menu 15 - Multiple Server Configuration

Enter an index number in menu 15 to go to

Enter the service port number in the

Port #

Menu 15.1 - SUA Server Configuration

field and the inside IP address of the server in

the IP Address field.

4-14 Internet Access

Prestige 681 SDSL Router

Step 4.

Press [ENTER] at the “Press ENTER to confirm …” prompt to save your configuration after you define all the servers or press

Menu 15 - Multiple Server Configuration

Port #

----

Default

2.21 192.168.1.33

3.23 192.168.1.34

4.25 192.168.1.35

5.80 192.168.1.36

6. 0 0.0.0.0

7. 0 0.0.0.0

8. 0 0.0.0.0

Press ENTER to Confirm or ESC to Cancel:

at any time to cancel.

ESC

IP Address

---------------

0.0.0.0

Figure 4-7 Multiple Server Configuration

The most often used port numbers are shown in the following table. Please refer to RFC 1700 for further information about port numbers. Please also refer to our PNC Disk for more examples and details on SUA.

Table 4-7 Services vs. Port number

Services Port Number

FTP (File Transfer Protocol) 21

Telnet 23

SMTP (Simple Mail Transfer Protocol) 25

DNS(Domain Name System) 53

HTTP (Hyper Text Transfer protocol or WWW, Web) 80

PPTP (Point-to-Point Tunneling Protocol) 1723

Internet Access 4-15

Prestige 681 SDSL Router

Chapter 5:

Remote Node Configuration

In this chapter, we discuss the parameters that are protocol independent.

The protocol-dependent configuration will be covered in subsequent chapters.

A remote node is required for placing calls to a remote gateway. A remote node represents both the remote gateway and the network behind it across a WAN connection. Note that when you use Menu 4 to set up Internet access, you are actually configuring a remote node.

5.1 Remote Node Setup

This section describes the protocol-independent parameters for a remote node. Menu 4 (discussed previously – see

11.

Figure 4-4

5.1.1 Remote Node Profile

To configure a remote node, do the following:

) is actually a simplified setup for the remote node that you can access in Menu

From the Main Menu, select menu option

When

Menu 11.1 - Remote Node Profile

define this remote profile. The Remote Node Profile Menu Fields table (

5-1) shows you how to configure the Remote Node Menu (

Table

11. Remote Node Setup

appears fill in the fields as described in the table that follows to

Figure 5-1)

5.2 Encapsulation

Please

see section 4.6

Note: You must restart the P681 when you change the Encapsulation method in Menu 4 or Menu 11.1.

Remote Node Configuration 5-1

for more details on encapsulation.

Prestige 681 SDSL Router

Menu 11.1 - Remote Node Profile

Rem Node Name= nodename Active= Yes

Encapsulation= RFC 1490 Incoming: Rem Login= N/A Rem Password=N/A Outgoing: My Login= N/A My Password= N/A Authen= N/A

Enter here to CONFIRM or ESC to CANCEL:

Route= None Bridge= Yes

Edit PPP Options= N/A Rem IP Addr= 192.168.2.1 Edit IP/IPX/Bridge= No

Session Options: Edit Filter Sets= No

Figure 5-1 Menu 11.1 Remote Node Profile

Table 5-1 Remote Node Profile Menu Fields

Field Description Options

Rem Node Name This is a required field. Enter a descriptive

name for the remote node, for example, Corp. This field can be up to eight characters. This name must be unique from any other remote node name.

Active Press the spacebar to toggle between Yes and

No. Inactive nodes are displayed with a minus sign (-) at the beginning of the name in Menu

11.

Enter a unique name of less than 8 characters for the remote name

Enter the IP address of the remote gateway here.

Yes/No

5-2 Remote Node Configuration

Field Description Options

Encapsulation=

Prestige 681 SDSL Router

Press the spacebar to select the method of encapsulation used by your ISP. Please

section 4.6

for more information.

see

RFC 1490

PPP

CMN 1483

CMN 1490

RFC 1490

Incoming:3Rem

Enter the login name that this remote node will use when it calls your Prestige.

The login name in this field combined with the Rem Node Password will be used to authenticate this node.

Incoming: Rem

Password

Enter the password used when this remote node calls your Prestige.

Outgoing:3My Login Enter the login name for your Prestige when it

calls this remote node.

Outgoing: My

Password

Outgoing: Authen

Enter the password for your Prestige when it calls this remote node.

This field sets the authentication protocol used for outgoing calls.

Options for this field are:

CHAP/PAP - Your Prestige will accept either CHAP or PAP when requested by this remote node.

CHAP - accept CHAP only.

PAP - accept PAP only.

None – no authentication protocol is used for outgoing calls.

Route This field determines the protocols that your

Prestige will route.

Bridge Bridging is used for protocols that the Prestige

does not support, e.g., SNA, or not turned on in the previous Route field. When bridging is enabled, your Prestige will forward any packet that it does not route to this remote node;

CHAP/PAP

CHAP

PAP

None

IP, IPX, IP+IPX, None

Press [SPACE BAR] to

toggle

Yes/No

All Incoming and Outgoing fields are not applicable (N/A) for RFC 1490, CMN 1490 and CMN 1483.

Remote Node Configuration 5-3

Prestige 681 SDSL Router

Field Description Options

otherwise, the packets are discarded. .

Edit PPP Options To edit the PPP options for this remote node,

move the cursor to this field, use the [SPACE BAR] to select Yes and press [ENTER]. This will bring you to Menu 11.2 - Remote Node PPP Options. For more information on configuring PPP options, Editing PPP Options.

Rem IP Addr Enter the IP address of the remote gateway

here. If you don’t know this IP, then enter

0.0.0.0 .

Edit IP/IPX/Bridge Press the [SPACE BAR] to toggle this field to

Yes and then press [ENTER] to go to Menu

11.3 - Remote Node Network Layer Options menu.

Session Option:

Edit Filter Sets

Once you have completed filling in [Press ENTER to Confirm…] to save your configuration, or press [Esc] at any time to cancel.

Use the [SPACE BAR] to toggle this field to Yes and press [ENTER] to open Menu 11.5 to edit the filter sets. See the Remote Node Filter section for more details.

Menu 11.1 – Remote Node Profile

see section 5.2.2

Press [SPACE BAR] to toggle to Yes and then

press [ENTER]

Yes or No

Default= No

, press [ENTER] at the message

5.2.1 Outgoing Authentication Protocol

Generally speaking, you should employ the strongest authentication protocol possible, for obvious reasons. However, some vendor’s implementation includes specific authentication protocol in the user profile. It will disconnect if the negotiated protocol is different from that in the user profile, even when the negotiated protocol is stronger than specified. If you encounter the case where the peer disconnects right after a successful authentication, please make sure that you specify the correct authentication protocol when connecting to such an implementation.

5.2.2 Editing PPP Options

To edit the remote node PPP Options, move the cursor to the

Remote Node Profile

, and use the [SPACE BAR] to toggle this field to

Edit PPP Options

Yes

Menu 11.2, as shown next.

5-4 Remote Node Configuration

field in

. Press [

Menu 11.1 -

ENTER]

to open

Prestige 681 SDSL Router

Menu 11.2 - Remote Node PPP Options

Encapsulation= Standard PPP Compression= No

Press Space Bar to Toggle.

Press ENTER to CONFIRM or ESC to CANCEL:

Figure 5-2 Menu 11.2 - Remote Node PPP Options

The following table describes the Remote Node PPP Options Menu, and contains instructions on how to configure the PPP options fields.

Table 5-2 Remote Node PPP Options Menu Fields

Field Description Option

Encapsulation Select the CISCO PPP only when this remote node

is a Cisco machine; otherwise, select the Standard PPP.

Compression Turn on/off Stac4 Compression. The default for this

field is No.

Once you have completed filling in Menu 11.2 – Remote Node PPP Options, press [ENTER] at the message [Press ENTER to Confirm…] to save your configuration, or press [Esc] at any time to cancel.

Standard

PPP

CISCO

PPP

Yes/No

(Default =

)

5.2.3 Remote Node Filter

Menu 11.5 – Remote Node Filter

Use

to specify the filter set(s) to apply to the incoming and outgoing traffic between this remote node and the Prestige. You can specify up to 4 filter sets separated by comma, e.g., 1, 5, 9, 12, in each filter field.

Note that spaces are accepted in this field. For more information on defining the filters,

Filter Configuration

see Chapter 9:

PPP STAC is very sensitive to packet loss. STAC causes problems when there are frequent packet losses.

If you find this to be the case, we suggest you turn off STAC.

Remote Node Configuration 5-5

Prestige 681 SDSL Router

Menu 11.5 - Remote Node Filter

Input Filter Sets: protocol filters= 3 device filters= Output Filter Sets: protocol filters= 1 device filters=

Figure 5-3 Menu 11.5 – Remote Node Filter

Enter here to CONFIRM or ESC to CANCEL:

5-6 Remote Node Configuration

Prestige 681 SDSL Router

Chapter 6:

Remote Node TCP/IP Configuration

This chapter shows you how to configure the

TCP/IP parameters of a remote node.

A typical LAN-to-LAN application is to use your Prestige to connect a branch office to the headquarters, as depicted in the following diagram.

6.1 LAN-to-LAN Application

Figure 6-1 TCP/IP LAN-to-LAN Application

For the branch office, you need to configure a remote node in order to dial out to the headquarters. Additionally, you may also need to define static routes if some services reside beyond the immediate remote LAN.

6.1.1 Editing TCP/IP Options

Follow the steps below to edit

In Menu 11.1, move the cursor to the the value to

Remote Node TCP/IP Configuration 6-1

Yes

. Press

Menu 11.3 - Remote Node Network Layer Options

, then press the [SPACE BAR] to toggle and set

[ENTER]

Edit IP/IPX/Bridge

to open

Menu 11.3 - Network Layer Options

shown next.

Prestige 681 SDSL Router

Menu 11.3 - Remote Node Network Layer Options

Frame Relay Parameters : DLCI= 16

IP Options : Rem IP Addr: 0.0.0.0 Rem Subnet Mask= 0.0.0.0 My WAN Addr= 0.0.0.0 Single User Account= No Metric= 2 Private= No RIP Direction= Both Version= RIP-2B

Enter here to CONFIRM or ESC to CANCEL:

IPX Options :

Rem LAN Net #= 00000000 My WAN Net #= 00000000 Hop Count= 1 Tick Count= 2

Bridge Options: Ethernet Addr Timeout(min)= 0

Get this information from your telephone company.

Figure 6-2 Menu 11.3

The following diagram shows some sample IP addresses to help you to understand the field of

in Menu 11.3. Refer to Figure 4-3 LAN & WAN I for a brief review of what a WAN IP is.

Addr WAN Addr

indicates the local Prestige WAN IP while

Rem IP Address

indicates the peer WAN IP.

My Wan

Figure 6-3 Sample IP Addresses for a TCPI/IP LAN-to-LAN Connection

To configure the TCP/IP parameters of a remote node, first configure these fields in

Node Profile

, as shown in the next table.

Menu 11 – Remote

6-2 Remote Node TCP/IP Configuration

Prestige 681 SDSL Router

Table 6-1 TCP/IP related fields in Menu 11.1 - Remote Node Profile

Field Description Option

Route

Rem IP Address

Edit IP

Make sure IP is among the protocols in the [Route] field in

Menu 11.1 - Remote Node Profile

Enter the IP address of the remote gateway in

Remote Node Profile

Prestige WAN IP address or the remote Prestige LAN IP address. This depends on the remote router’s WAN IP i.e., for the (remote) Prestige, the

11.3 – Remote Node Network Layer Options

(see

Figure 6-3

(the remote router’s WAN IP), then you should enter

172.16.0.2 in the is 0.0.0.0, then enter 192.168.1.1(the remote router’s LAN IP)

Rem IP Address

in the

Press the [SPACE BAR] to toggle this field to press [ENTER] to go to

Layer Options

. You must fill in either the remote

My WAN Addr

), if the remote WAN IP is set to 172.16.0.2

Rem IP Address

field).

Menu 11.3 - Remote Node Network

menu.

The following table shows the TCP/IP related fields in

Options

Menu 11.1 -

settings in

field. If the remote WAN IP

. For example

Yes

and then

Menu 11.3 - Remote Node Network Layer

Yes

Yes/No

(

Table 6-2 TCP/IP Remote Node Configuration

Field Description Option

Rem IP Address This will show the IP address you entered for this remote node in

the previous menu.

Rem IP Subnet Mask

Enter the subnet mask for the remote network.

)

My WAN Addr Some implementations, especially the UNIX derivatives, require

the WAN link to have a separate IP network number from the LAN and each end must have a unique address within the WAN network number. If this is the case, enter the IP address assigned to the WAN port of your Prestige.

Note that this is the address assigned to your local Prestige WAN, not the remote router. If the remote router is a Prestige,

Rem IP Address

Yes

Yes/No

and

Single User Account

then this entry determines the local Prestige menu 11.1 (see

Set this field to your Prestige. Use the [SPACE BAR] to toggle between

See Chapter 4: Internet Access

Table 6-1

Yes

above).

to enable the Single User Account feature for

for more information on the

Remote Node TCP/IP Configuration 6-3

Prestige 681 SDSL Router

Field Description Option

Single User Account feature.

Metric The metric represents the “cost” of transmission for routing

purposes. IP routing uses hop count as the measurement of cost, with a minimum of 1 for directly connected networks. Enter a number that approximates the cost for this link. The number need not be precise, but it must be between 1 and 15. In practice, 2 or 3 is usually a good number.

Private This parameter determines if the Prestige will include the route to

this remote node in its RIP broadcasts. If set to kept private and not included in RIP broadcast. If No, the route to this remote node will be propagated to other hosts through RIP broadcasts.

RIP Direction=

Version=

Once you have completed filling in the Network Layer Options Menu, press [ENTER] to return to Menu 11. Press [ENTER] at the message [Press ENTER to Confirm...] to save your configuration, or press [Esc] at any time to cancel.

Press the [SPACE BAR] to select the

Only/Out Only

Press the [SPACE BAR] to select the RIP version from

1/RIP-2B/RIP-2M.

None

RIP direction

Yes

, this route is

from

Both/In

RIP-

Yes/No

(Default=

RIP-1

(default)

Both

6.1.2 Static Route Setup

)

Static routes tell the Prestige routing information that it cannot learn automatically through other means. This can arise in cases where RIP is disabled on the LAN or a remote network is beyond the one that is directly connected to a remote node.

Each remote node specifies only the network to which the gateway is directly connected, and the Prestige has no knowledge of the networks beyond. For instance, the Prestige knows about network N2 in the following diagram through remote node Router 1. However, the Prestige is unable to route a packet to network N3 because it doesn’t know that there is a route through remote node Router 1 (via Router 2). The static routes are for you to tell the Prestige about the networks beyond the remote nodes.

6-4 Remote Node TCP/IP Configuration

Prestige 681 SDSL Router

Figure 6-4 Example of Static Routing Topology

To configure an IP static route, use

Menu 12 - IP Static Route Setup

1. Taipei

2. Tokyo 3 Seoul

4. ________

5. ________

6. ________

7. ________

8. ________

Enter selection number:

Menu 12 - Static Route Setup

, as shown next.

Figure 6-5 Menu 12 - IP Static Route Setup

From Menu 12, enter the index of the static route you wish to edit to open

Route.

Menu 12.1 -Edit IP Static

Remote Node TCP/IP Configuration 6-5

Prestige 681 SDSL Router

Menu 12.1 - Edit IP Static Route

Route #: 1 Route Name= Taipei Active= Yes Destination IP Address= 10.255.255.1 IP Subnet Mask= 255.0.0.0 Gateway IP Address= 172.31.255.1 Metric= 3 Private= Yes

Press ENTER to Confirm or ESC to Cancel:

Figure 6-6 Edit IP Static Route

The following table describes the fields for

Menu 12.1.1 – Edit IP Static Route Setup

Table 6-3 Edit IP Static Route Menu Fields

Field Description

Route # This is the route index number chosen in Menu 12.

Route Name Enter a descriptive name for this route. This is for identification purposes only.

Active

Destination IP Address

Press the [SPACEBAR] to activate (

This parameter specifies the IP network address of the final destination. Routing is always based on network number. If you need to specify a route to a single host, use a subnet mask of 255.255.255.255 in the subnet mask field to force the network number to be identical to the host ID.

IP Subnet Mask Enter the subnet mask for this destination.

Gateway IP Address

Enter the IP address of the gateway. The gateway is an immediate neighbor of your Prestige that will forward the packet to the destination. On the LAN, the gateway must be a router on the same segment as your Prestige; over WAN, the gateway must be the IP address of one of the remote nodes.

Metric The metric represents the “cost” of transmission for routing purposes. IP

routing uses hop count as the measurement of cost, with a minimum of 1 for directly connected networks. Enter a number that approximates the cost for this link. The number need not be precise, but it must be between 1 and 15. In practice, 2 or 3 is usually a good number.

Private This parameter determines if the Prestige will include the route to this remote

node in its RIP broadcasts. If set to included in RIP broadcast. If No, the route to this remote node will be propagated to other hosts through RIP broadcasts.

Yes

) or deactivate (No) this static route.

Yes

, this route is kept private and not

6-6 Remote Node TCP/IP Configuration

Prestige 681 SDSL Router

Chapter 7:

IPX Configuration

This chapter shows you how to configure the

IPX parameters of the Prestige 681.

7.1 IPX Network Environment

Novell bundles the protocol stack, the server software and routing functionality in their NetWare server products, so a NetWare server is not only a file or print server, it is also a router.

7.1.1 Network and Node Number

Every IPX machine has a network number and a node number, together they form the complete address of the machine. The IPX network number is a 32-bit quantity and is usually expressed in 8 hexadecimal digits, e.g., 0893A8CF. The host number is a 48-bit quantity and usually is taken from the MAC (Media Access Control) address of the Ethernet hardware, so you don’t have to explicitly configure the node number.

An IPX client obtains its network number from a server that has the network numbers statically configured. If there are multiple servers on a network, only one server need to have the network numbers configured

IPX Configuration 7-1

Prestige 681 SDSL Router

7.1.3 External Network Number

Each of the four logical networks (based on frame type) has its own external network number (

7-1

see Figure

7.1.4 Internal Network Number

In addition to the external network numbers, each NetWare server has its own internal network number that is a virtual network to which the server is attached. It is important to remember that every network number must be unique for that entire internetwork, either internal or external (

see Figure 7-1

Figure 7-1 NetWare Network Numbers

7-2 IPX Configuration

Prestige 681 SDSL Router

7.2 Prestige 681 in an IPX Environment

There are two scenarios in which your Prestige 681 is deployed, depending on whether there is a NetWare server on the LAN, as depicted in the following diagram.

Figure 7-2 Prestige 681 in an IPX Environment

7.2.1 Prestige 681 on LAN with Server

If your Prestige 681 is on a LAN with a seed router, you do not need to configure the LAN network numbers. Your Prestige 681 will learn the network number from the seed router and add the routes to its routing table.

7.2.2 Prestige 681 on LAN without Server

Each IPX network must have a seed router. If you only have NetWare clients on your network, then you must configure the Prestige 681 as a seed router and set up unique network numbers for each frame type enabled using the Ethernet Setup Menu.

IPX Configuration 7-3

Prestige 681 SDSL Router

7.3 IPX Ethernet Setup

From

Menu 3 - Ethernet Setup

, enter 3 to go to

Menu 3.3 - Novell IPX Ethernet Setup

figure below.

Menu 3.3 - Novell IPX Ethernet Setup

Seed Router= No

Frame Type 802.2= Yes

IPX Network #= N/A

Frame Type 802.3= No

IPX Network #= N/A

Frame Type Ethernet II= No

IPX Network #= N/A

Frame Type SNAP= No

IPX Network #= N/A

Press Space Bar to Toggle.

Enter here to CONFIRM or ESC to CANCEL:

Figure 7-3 Menu 3.3 - Novell IPX Ethernet Setup

The following table describes the Novell IPX Ethernet Setup Menu.

Table 7-1 Novell IPX Ethernet Setup Fields

Field Description Options

Seed Router Determine if your Prestige 681 is to act as a seed

router.

Frame Type Enable/Disable the individual frame type.

Remember to enable only the ones that are actually used on your network.

IPX Network#If your Prestige 681 is a seed router, enter a unique

network number for each frame type enabled.

Press [ENTER] at the message [Press ENTER to Confirm ...] to save your configuration, or press [Esc] at any time to cancel.

as shown in the

Yes/No

802.2

802.3

Ethernet

SNAP

7-4 IPX Configuration

Prestige 681 SDSL Router

7.4 LAN-to-LAN Application with Novell IPX

A typical LAN-to-LAN application is to use your Prestige 681 to call from a branch office to the corporate headquarters to enable the stations in the branch office to access the NetWare servers at the headquarters, as depicted in the figure below.

Figure 7-4 LAN-to-LAN Application with Novell IPX

IPX Configuration 7-5

Prestige 681 SDSL Router

7.4.1 IPX Remote Node Setup

Follow the procedure in Chapter 5: to configure the protocol-independent parameters in

Remote Node Profile Options

Step 1.

follow the instructions below.

In Menu 11.1, make sure display

Step 2.

Move the cursor to the field to

Frame Relay Parameters : DLCI= 16 IP Options: Rem IP Addr: N/A Rem Subnet Mask= N/A My WAN Addr= N/A Single User Account= N/A Metric= N/A Private= N/A RIP Direction= N/A Version= N/A

. For the IPX-specific parameters in

is among the protocols in the

IPX

Route

IPX

Route

IP + IPX

Edit IP/IPX/Bridge

and press [

Yes

ENTER]

Menu 11.3 - Remote Node Network Layer Options

Enter here to CONFIRM or ESC to CANCEL:

to open

Menu 11.3 - Remote Node Network Layer

field. (The

Route

field, then press the [SPACE BAR] to toggle this

Menu 11.3 - Network Layer Options

IPX Options:

Rem LAN Net #= 00000000 My WAN Net #= 00000000 Hop Count= 1 Tick Count= 2

Bridge Options:

Ethernet Addr Timeout(min)= N/A

Figure 7-5 Menu 11.3 - Remote Node Novell IPX Options

Menu 11.1 -

field should

Route

7-6 IPX Configuration

Prestige 681 SDSL Router

The table below describes the IPX-specific parameters of the remote node setup.

Table 7-2 Remote Node Novell IPX Options

Field Description Option

Rem LAN Net #

My WAN Net #

Hop Count This field indicates the number of intermediate networks that must

Tick Count This field indicates the time-ticks required to reach the remote

Once you have completed filling in the Network Layer Options Menu, press [ENTER] to return to Menu 11.1. Then press [ENTER] at the message [Press ENTER to Confirm] to save your configuration, press [Esc] to cancel.

In this field, enter the internal network number of the NetWare server on the remote LAN.

In this field, enter the network number of the WAN link. If you leave this field as automatically the network number through negotiation with the PPP peer.

be passed through to reach the remote node.

node.

00000000

, your Prestige will determine

00000000

(default)

IPX Configuration 7-7

Prestige 681 SDSL Router

7.4.2 IPX Static Route Setup

Similar to IP, IPX static routes tell the Prestige 681 how to reach servers beyond a remote node before a connection to that remote node is established.

From Menu 12, select two, then select one of the IPX Static Routes to open

, as shown next.

Route

Menu 12.2.1 - Edit IPX Static Route

Route #= 11 Server Name= ? Active= Yes Network #= ? Node #= 000000000001 Socket #= 0451 Type #= 0004 Hop Count= 2 Tick Count= 3 Gateway Node= 1

Press ENTER to CONFIRM or ESC to CANCEL:

Figure 7-6 Menu 12.2 - Edit IPX Static Route

Menu 12.2.1 - Edit IPX Static

7-8 IPX Configuration

Prestige 681 SDSL Router

The following table contains the instructions on how to configure the Edit IP Static Route Menu.

Table 7-3 Edit IPX Static Route Menu Fields

Field Description

Server Name

Network # This field contains the internal network number of the remote server that

Node # This field contains the address of the node on which the server resides. If

Socket # This field contains the socket number on which the server will receive

Type # This field identifies the type of service the server provides. The default for

Gateway Node In this field, enter the number of the remote node that is the gateway for

Hop Count and Tick Count

Once you have completed filling in the menu, press [ENTER] at the message [Press ENTER to Confirm…] to save your configuration, or press [Esc] to cancel.

In this field, enter the name of the server. This must be the configured in the NetWare server

you wish to access. [00000000] or [FFFFFFFF] are reserved.

you are using a Novell IPX implementation, this value is [000000000001].

service requests. The default for this field is hex [0451].

this field is hex [0004].

this static route.

These two fields have the same meaning as those in the Ethernet setup.

exact

name

IPX Configuration 7-9

Prestige 681 SDSL Router

Chapter 8:

Bridging Setup

This chapter shows you how to configure

the bridging parameters of your Prestige.

8.1 Bridging in General

Bridging bases the forwarding decision on the MAC (Media Access Control), or hardware address, while routing does it on the network layer (IP or IPX) address. Bridging allows the Prestige 681 to transport packets of network layer protocols that the Prestige 681 does not route, e.g., SNA, from one network to another. The caveat is that, compared to routing, bridging generates more traffic for the same network layer protocol and it also demands more CPU cycles and memory.

For efficiency reasons, do on your network. For IP and IPX, enable the respective routing if you need it; do not bridge what the Prestige 681 can route.

turn on bridging unless you need to support protocols other than IP and IPX

not

8.2 Bridge Ethernet Setup

Basically, all non-local packets are bridged to the WAN; however, your Prestige 681 applies special handling for certain IPX packets to reduce the number of calls, depending on the setting of the field.

Handle IPX

Bridging Setup 8-1

Prestige 681 SDSL Router

From

Menu 3 - Ethernet Setup

Press Space Bar to Toggle.

, enter 4 to bring up

Menu 3.4 - Bridge Ethernet Setup

Handle IPX= None

Bridge= Yes

Press ENTER to CONFIRM or ESC to CANCEL:

Figure 8-1 Menu 3.5 - Bridge Ethernet Setup

The following table describes how to configure the

Table 8-1 Bridge Ethernet Setup Menu - Handle IPX Field Configuration

Field Description

Handle IPX Field

Bridge

Press the [SPACE BAR] to toggle between the options for this field.

None

Client

Server

Press the [SPACE BAR] to select interface. Make sure that the also set to

When there is no IPX traffic on the LAN or when you do not want to apply any special handling for IPX.

When there are only client workstations on the LAN. RIP and SAP (Service Advertising Protocol) response packets will not trigger calls.

When there are only IPX servers on the LAN. No RIP or SAP packets will trigger calls. In addition, during the time when the line is down, your Prestige 681 will reply to watchdog messages from the servers on behalf of remote clients. The period of time that your Prestige 681 will do this is linked to the Ethernet Address Timeout parameter in each remote node (see Remote Node Configuration). When a remote Ethernet address is aged out, there is no need to maintain its connection to the IPX server.

Yes

Menu 3.4 - Bridge Ethernet Setup

Handle IPX

field in Menu 3.5.

Yes

to activate the bridge on the LAN

Bridge

field in Menu 1 (see

as shown next.

Figure 2-7

) is

8-2 Bridging Setup

8.2.1 Remote Node Bridging Setup

Prestige 681 SDSL Router

Follow the procedure in

Remote Node Profile

. For bridging-specific parameters, you need to configure

Network Layer Options

To set up

Step 1.

Step 2.

Menu 11.3 - Remote Node Network Layer Options

In Menu 11.1, make sure the

Move the cursor to the field to

Yes

Frame Relay Parameters : DLCI= 16 IP Options : Rem IP Addr: 0.0.0.0 Rem Subnet Mask= 0.0.0.0 My WAN Addr= 0.0.0.0 Single User Account= No Metric= 2 Private= No RIP Direction= Both Version= RIP-2B

Chapter 5:

and press [

to configure the protocol-independent parameters in

follow these steps:

field is set to

Bridge

Edit IP/IPX/Bridge

to open

ENTER]

Menu 11.3 - Remote Node Network Layer Options

Enter here to CONFIRM or ESC to CANCEL:

Menu 11.3 - Network Layer Options

Yes

field, then press the [SPACE BAR] to toggle this

IPX Options :

Rem LAN Net #= 00000000 My WAN Net #= 00000000 Hop Count= 1 Tick Count= 2

Bridge Options: Ethernet Addr Timeout(min)= 0

Figure 8-2 Menu 11.3 - Remote Node Bridging Options

The following table describes the bridging-specific parameters in

Menu 11.3 - Remote Node Network Layer Options

Menu 11.1 -

Menu 11.3 - Remote Node

Menu 11.1 - Remote Node Profile

and

Table 8-2 P681 Remote Node Network Layer Menu Bridge Options

Field Description

Bridge (menu 11.1)

Edit IP/IPX/Bridge (menu 11.1)

Ethernet Addr Timeout (min) (menu

11.3)

Make sure this field is set to

Press the [SPACE BAR] to change the default to [ENTER] to go to

Menu 11.3 - Network Layer Options

In this field, enter the time (number of minutes) that you wish your Prestige 681 to retain the Ethernet Addr information in its internal tables while the line is down. If this information is retained, your Prestige 681

Yes

and then press

will not have to recompile the tables when the line is brought back up.

Bridging Setup 8-3

Prestige 681 SDSL Router

Once you have completed filling in the Network Layer Options Menu, press [ENTER] to return to Menu 11.1. Then press [ENTER] at the message [Press ENTER to Confirm…] to save your configuration, or press [Esc] to cancel.

8.3 Bridge Static Route Setup

Similar to network layer static routes, a bridging static route tells the Prestige 681 about the route to a node before a connection is established. You configure bridge static routes in Menu 12.3.1, by pressing 3 in menu 12 and then selecting one of the bridge static routes as shown below.

Menu 12.3.1 - Edit Bridge Static Route

Route #: 21 Route Name= Active= No Ether Address= ? IP Address= Gateway Node= 1

Press ENTER to CONFIRM or ESC to CANCEL:

Figure 8-3 Menu 12.3 - Bridge Static Route Setup

Menu 12.3 - Bridge Static Route Setup

1. ________

2. ________

3. ________

4. ________

Enter selection number:

Figure 8-4 Menu 12.3.1 - Edit Bridge Static Route

8-4 Bridging Setup

Prestige 681 SDSL Router

The following table describes the Bridge Static Route Menu.

Table 8-3 Bridge Static Route Menu Fields

Field Description

Route Name Enter a name for the bridge static route for identification purposes.

Active Activate/deactivate the static route.

Ether Address Enter the MAC address of the destination machine that you wish to

bridge the packets to.

IP Address If available, enter the IP address of the destination machine that you

wish to bridge the packets to.

Gateway Node Enter the number of the remote node that is the gateway of this static

route.

Once you have completed filling in this menu, press [ENTER] at the message [Press ENTER to Confirm…] to save your configuration, or press [Esc] to cancel.

Bridging Setup 8-5

Prestige 681 SDSL Router

Chapter 9:

Filter Configuration

This chapter shows you how to create and apply filter(s).

9.1 About Filtering

Your Prestige uses filters to decide whether or not to allow passage of a packet. Data filters are divided into incoming and outgoing filters, depending on the direction of the packet relative to a port. These filters are further subdivided into device and protocol filters, which are discussed later.

The following sections describe how to configure filter sets.

The Filter Structure of the Prestige

A filter set consists of one or more filter rules. Usually, you would group related rules, e.g., all the rules for NetBIOS, into a single set and give it a descriptive name. The Prestige allows you to configure up to twelve filter sets with six rules in each set, for a total of 72 filter rules in the system. You cannot mix device filter rules and protocol filter rules within the same set. You can apply up to four filter sets to a particular port to block multiple types of packets. With each filter set having up to six rules, you can have a maximum of 24 rules active for a single port.

Three sets of factory default filter rules have been configured in Menu 21 to prevent NetBIOS traffic from triggering calls and to prevent incoming telnetting. A summary of their filter rules is shown in the figures that follow.

The following diagram illustrates the logic flow when executing a filter rule.

Filter Configuration 9-1

Prestige 681 SDSL Router

Fetch Next

Filter Set

Start

Packet

into Filter

Fetch First

Filter Set

Fetch First

Filter Rule

Yes

Next Filter Set

Available?

You can apply up to four filter sets to a particular port to block multiple types of packets. With each filter set having up to six rules, you can have a maximum of 24 rules active for a single port.

Figure 9-1 Filter Rule Process

Next Filter Rule

Available?

Fetch Next

Filter Rule

Execute Filter

Check Next Rule

Drop

Rule

Forward

Accept PacketDrop Packet

9-2 Filter Configuration

9.2 Configuring a Filter Set

To configure a filter sets, follow this procedure:

Prestige 681 SDSL Router

Step 1.

Step 2.

Step 3.

Step 4.

Enter

Filter Set #

-----1 2 3 4 5 6

from the Main Menu to open

Menu 21 - Filter Set Configuration

Comments

-----------------NetBIOS_WAN NetBIOS_LAN TELNET_WAN ______________ ______________ ______________

Enter Filter Set Number to Configure= Edit Comments= NetBIOS_WAN

Press ENTER to CONFIRM or ESC to CANCEL:

Menu 21 - Filter Set Configuration

Filter Set #

-----7 8 9 10 11 12

Comments

-----------------______________ ______________ ______________ ______________ ______________ ______________

Figure 9-2 Menu 21 - Filter Set Configuration

Enter the index of the filter set you wish to configure (no. 1-12) and press

[ENTER]

Enter a descriptive name or comment in the Edit Comments field and press [ENTER].

Press

[ENTER]

Summary

# A Type Filter Rules M m

- - ---- -------------------------------------------- --------- - - 1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=137 N D N 2 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=138 N D N 3 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=139 N D N 4 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=137 N D N 5 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=138 N D N 6 Y IP Pr=17, SA=0.0.0.0, DA=0.0.0.0, DP=139 N D F

at the message: [Press ENTER to confirm] to open

Menu 21.1 - Filter Rules Summary

Menu 21.1 - Filter Rules

Enter Filter Rule Number (1-6) to Configure: 1

Edit Comments= NetBIOS_WAN

Press ENTER to Confirm or ESC to Cancel: Enter Filter Rule Number (1-6) to Confi

ure:

Figure 9-3 NetBIOS_WAN Filter Rules Summary

Filter Configuration 9-3

Prestige 681 SDSL Router

# A Type Filter Rules M m n

- - ---- -------------------------------------------- --------- - - -

1 Y IP Pr=17, SA=0.0.0.0, SP=137, DA=0.0.0.0, DP=53 N D F 2 Y 3 Y 4 Y 5 Y 6 Y

Figure 9-4 NetBIOS _LAN Filter Rules Summary

Menu 21.3 - Filter Rules Summary

# A Type Filter Rules M m n

- - ---- --------------------------------------------------------------- - - 1 Y IP Pr=6, SA=0.0.0.0, DA=0.0.0.0, DP=23 N D F 2 N 3 N 4 N 5 N 6 N

Menu 21.2 - Filter Rules Summary

Enter Filter Rule Number (1-6) to Configure: 1

Figure 9-5 Telnet Filter Rules Summary

9.2.1 Filter Rules Summary Menu

This screen shows a summary of the existing rules in an example filter set. The following tables contain a brief description of the abbreviations used in Menu 21.1.

9-4 Filter Configuration

Prestige 681 SDSL Router

Table 9-1 Abbreviations Used in the Filter Rules Summary Menu

Abbreviations Description Display

# Refers to the filter rule number (1-6).

A Refers to Active. [Y] means the filter rule is active.

[N] means the filter rule is inactive.

Type Refers to the type of filter rule.

This shows GEN for generic, IP for TCP/IP

Filter Rules The filter rule parameters are displayed

here (see below).

M Refers to More.

[Y] means an action can not yet be taken as there are more rules to check, which are concatenated with the present rule to form a rule chain. When the rule chain is complete an action can be taken.

[N] means you can now specify an action to be taken i.e., forward the packet, drop the packet or check the next rule. For the latter, the next rule is independent of the rule just checked.

If More is

Action Not Matched

Refers to

[F] means to forward the packet immediately and skip checking the remaining rules.

Refers to

[F] means to forward the packet immediately and skip checking the remaining rules.

Yes

Action Matched

Action Not Matched.

Action Matched

, then

will be

N/A

[GEN] for Generic

[IP] for TCP/IP

[Y]

[N]

and

[F] means to forward the packet.

[D] means to drop the packet.

[N] means check the next rule.

[F] means to forward the packet.

[D] means to drop the packet.

[N] means check the next rule.

The protocol dependent filter rules abbreviation are listed as follows:

If the filter type is IP, the following abbreviations listed in the following table will be used.

Filter Configuration 9-5

Prestige 681 SDSL Router

Table 9-2 Abbreviations Used If Filter Type Is IP

Abbreviation Description

9-6 Filter Configuration

Prestige 681 SDSL Router

To speed up filtering, all rules in a filter set must be of the same class, i.e., protocol filters or generic filters. The class of a filter set is determined by the first rule that you create. When applying the filter sets to a port, separate menu fields are provided for protocol and device filter sets. If you include a protocol filter set in a device filters field or vice versa, the Prestige will warn you and will not allow you to save.

9.3.1 TCP/IP Filter Rule

This section shows you how to configure a TCP/IP filter rule. TCP/IP rules allow you to base the rule on the fields in the IP and the upper layer protocol, e.g., UDP and TCP, headers.

To configure a TCP/IP rules, select TCP/IP Filter Rule from the Filter Type field and press [ENTER] to open

Menu 21.1.1 - TCP/IP Filter Rule

Press Space Bar to Toggle.

Filter #: 1,1 Filter Type= TCP/IP Filter Rule Active= Yes IP Protocol= 6 IP Source Route= No Destination: IP Addr= 0.0.0.0

TCP Estab= No More= No Log= None Action Matched= Check Next Rule Action Not Matched= Check Next Rule

Press ENTER to Confirm or ESC to Cancel:

, as shown next.

Menu 21.1.1 - TCP/IP Filter Rule

IP Mask= 0.0.0.0 Port #= 137

Source: IP Addr= 0.0.0.0

Port # Comp= Equal

IP Mask= 0.0.0.0 Port #= 0 Port # Comp= None

Figure 9-6 Menu 21.1.1 - TCP/IP Filter Rule

The following table describes how to configure your TCP/IP filter rule.

Table 9-5 TCP/IP Filter Rule Menu Fields

Field Description Option

Active

Press the [SPACEBAR] to activate (

Yes

) or deactivate

Yes/No

(No) the filter rule.

IP Protocol

Protocol refers to the upper layer protocol, e.g., TCP is 6,

0-255

UDP is 17 and ICMP is 1. This value must be between 0

Filter Configuration 9-7

Prestige 681 SDSL Router

Field Description Option

and 255

Yes

IP Source Route

Destination: IP Addr

Destination: IP Mask

Destination: Port # Enter the destination port of the packets that you wish to

Destination: Port # Comp

Source: IP Addr Enter the source IP Address of the packet you wish to

Source: IP Mask Enter the IP subnet mask to apply to the Source: IP Addr. IP Mask

Source: Port # Enter the source port of the packets that you wish to filter.

Source: Port # Comp

TCP Estab This field is applicable only when IP Protocol field is 6,

More If yes, a matching packet is passed to the next filter rule

Log Select the logging option from the following:

Action Matched Select the action for a matching packet.

, the rule applies to packet with IP source route option; else the packet must not have source route option. The majority of IP packets do not have source route.

Enter the destination IP Address of the packet you wish to filter. This field is a don’t-care if it is 0.0.0.0.

Enter the IP subnet mask to apply to the Destination: IP Addr.

filter. The range of this field is 0 to 65535. This field is a don’t-care if it is 0.

Select the comparison to apply to the destination port in the packet against the value given in Destination: Port #.

filter. This field is a don’t-care if it is 0.0.0.0.

The range of this field is 0 to 65535. This field is a don’tcare if it is 0.

Select the comparison to apply to the source port in the packet against the value given in Source: Port #.

TCP. If yes, the rule matches only established TCP connections; else the rule matches all TCP packets.

before an action is taken; else the packet is disposed of according to the action fields.

If More is Matched will be

Yes

, then Action Matched and Action Not

N/A

None

– No packets will be logged.

Action Matched

parameters will be logged.

Action Not Matched

match the rule parameters will be logged.

Both

– All packets will be logged.

- Only packets that match the rule

- Only packets that do not

Yes/No

IP address

Subnet mask

0-65535

None/Less/Greater/

Equal/Not Equal

IP Address

0-65535

None/Less/Greater/

Equal/Not Equal

Yes/No

Yes / N/A

None

Action Matched

Action Not Matched

Both

Check Next Rule

9-8 Filter Configuration

ZyXEL Communications 681 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Prestige 681 SDSL Router

Getting to Know Your SDSL Router

1.2 Features of the Prestige 681

1.3 Applications for the Prestige 681

Hardware Installation & Initial Setup

2.1 Front Panel LEDs OF P681

2.2 Prestige 681 Rear Panel and Connections

2.5 Important Safety Instructions

2.6 Power On Your Prestige

2.7 Navigating the SMT Interface

2.8 Changing the System Password

WAN Setup

3.2 Setting up the WAN link

Internet Access

4.4 TCP/IP Ethernet Setup and DHCP

4.5 LANs & WANs

Encapsulation

DLCI Usage

Remote Node Configuration

5.1 Remote Node Setup

Remote Node TCP/IP Configuration

IPX Configuration

7.1 IPX Network Environment

7.2 Prestige 681 in an IPX Environment

7.3 IPX Ethernet Setup

7.4 LAN-to-LAN Application with Novell IPX

Bridging Setup

8.3 Bridge Static Route Setup

Filter Configuration

9.2 Configuring a Filter Set