manualshive.com logo in svg

ZyXEL Communications P-2602HWL-D1A, Support Notes

The ZyXEL Communications P-2602HWL-D1A is a versatile wireless router offering excellent connectivity and performance. For detailed setup and configuration instructions, users can access the user manual and support notes for free download from our website. Ensure seamless connectivity with this informative manual. Visit manualshive.com now for comprehensive guides.

Share
Download
background image

 

 

 

 

 

Prestige 2602HWL-DXA 

 

 

 

 

 

Support Notes 

Version 3.40 

Feb. 2006 

 

 

 

 

 

 

 

 

 

 

 

 

 

Summary of Contents for P-2602HWL-D1A

Page 1: ...Prestige 2602HWL DXA Support Notes Version 3 40 Feb 2006...

Page 2: ...g Call Scheduling 79 Using IP Multicast 84 Using Prestige traffic redirect 86 Using Universal Plug n Play UPnP 88 Wireless Application Notes 94 Infrastructure mode 94 Wireless MAC address filtering 99...

Page 3: ...52 What is SUA When should I use SUA 152 What is the difference between NAT and SUA 153 How many network users can the SUA NAT support 153 What are Device filters and Protocol filters 153 Why can t I...

Page 4: ...P DHCP 160 What is DDNS 161 When do I need DDNS service 161 What DDNS servers does the Prestige support 161 What is DDNS wildcard 161 Does the Prestige support DDNS wildcard 161 Can the Prestige SUA h...

Page 5: ...t register still fail what should I do 167 I suspect there is a hardware problem with my Prestige what should I do 167 Firewall FAQ 167 What is a network firewall 167 What makes Prestige firewall secu...

Page 6: ...uration What do I need to know 177 Does Prestige support dynamic secure gateway IP 178 What VPN gateway that has been tested with Prestige successfully 178 What VPN software that has been tested with...

Page 7: ...6 What is Ad Hoc mode 186 What is Infrastructure mode 186 How many Access Points are required in a given area 187 What is Direct Sequence Spread Spectrum Technology DSSS 187 What is Frequency hopping...

Page 8: ...What is 802 1x 190 What is the difference between No authentication required No access allowed and Authentication required 190 What is AAA 190 What is RADIUS 190 What is WPA 191 What is WPA PSK 191 T...

Page 9: ...nts needs to be checked before accessing the Internet Before you begin Setting up the Windows Setting up the Prestige router Troubleshooting Before you begin The Prestige is shipped with the following...

Page 10: ...P IP from the Network Protocols and click OK 3 TCP IP Configuration Follow these steps to configure Windows TCP IP In the Control Panel Network window click the TCP IP entry to select it and click Pro...

Page 11: ...igure it Before configuring the router using Browser please be sure there is no Telnet or Console login 1 Retrieve Prestige Web Please enter the LAN IP address of the Prestige router in the URL locati...

Page 12: ...Prestige 2602HWL DxA Support Notes All contents copyright c 2005 ZyXEL Communications Corporation 12 The Web screen shown below takes PPPoE as the example...

Page 13: ...tions Corporation 13 Setup the Prestige as a DHCP Relay What is DHCP Relay DHCP stands for Dynamic Host Configuration Protocol In addition to the DHCP server feature the P2602 supports the DHCP relay...

Page 14: ...Setup the Prestige as a DHCP Client 1 Toggle the DHCP to Relay in menu 3 2 and enter the IP address of the DHCP server in the Relay Server Address field Menu 3 2 TCP IP and DHCP Setup DHCP Setup DHCP...

Page 15: ...le machine to the outside world A service is identified by the port number Also since you need to specify the IP address of a server in the Prestige a server must have a fixed IP address and not be a...

Page 16: ...using the Prestige s WAN IP address which can be obtained from menu 24 1 For example Configuring an internal Web server for outside access Menu 15 2 NAT Server Setup Rule Start Port No End Port No IP...

Page 17: ...he Windows NT Server 4 0 Remote Access Server Windows Dial Up Networking uses the Internet standard Point to Point PPP to provide a secure optimized multiple protocol network connection over dial up t...

Page 18: ...ection with a remote private network in the Prestige SUA case In ZyNOS all PPTP packets can be forwarded to the internal PPTP Server WinNT server behind SUA The port number of the PPTP has to be enter...

Page 19: ...u need to connect Prestige router to your ISP first Enter the IP address of the PPTP server WinNT server and the port number for PPTP as shown below Menu 15 2 NAT Server Setup Used for SUA Only Rule S...

Page 20: ...a VPN connection from the Win9x client to the NT server you need to know the exact Internet IP address that the ISP assigns to Prestige router in SUA mode and enter this IP address in the VPN dial up...

Page 21: ...y the Prestige thus preventing intruders from probing your network The SUA feature that the Prestige supports previously operates by mapping the private IP addresses to a global IP address It is only...

Page 22: ...s Single User Account feature that previous ZyNOS routers supported the SUA only option in today s routers 4 Many to Many Overload In Many to Many Overload mode the Prestige maps the multiple ILA to...

Page 23: ...Server The Prestige now has Full Feature NAT support to map global IP addresses to local IP addresses of clients or servers With multiple global IP addresses multiple severs of the same type e g FTP...

Page 24: ...e MBS 0 My Login cso zyxel My Password Idle Timeout sec 0 IP Address Assignment Dynamic IP Address N A Network Address Translation Full Feature Address Mapping Set 1 Press ENTER to Confirm or ESC to C...

Page 25: ...apping Sets and NAT Server Sets Use the Address Mapping Sets menus and submenus to create the mapping table used to assign global addresses to LAN clients Each remote node must specify which NAT Addre...

Page 26: ...Let s first look at Option 255 Option 255 is equivalent to SUA in previous ZyXEL routers The fields in this menu cannot be changed Entering 255 brings up this screen Menu 15 1 1 Address Mapping Rules...

Page 27: ...starting local IP address ILA If the rule is for all local IPs then the Start IP is 0 0 0 0 and the End IP is 255 255 255 255 255 255 255 255 Global Start IP This is the starting global IP address IG...

Page 28: ...rt a new rule before the rule selected The rule after the selected rule will then be moved down by one rule Delete means to delete the selected rule and then all the rules after the selected one will...

Page 29: ...Many No Overload Server Start This is the starting local IP address ILA 0 0 0 0 Local IP End This is the ending local IP address ILA If the rule is for all local IPs then put the Start IP as 0 0 0 0...

Page 30: ...ify for port 80 Web the server at IP address 192 168 1 36 and for port 21 FTP another at IP address 192 168 1 33 Please note that a server can support more than one service e g a server can provide bo...

Page 31: ...0 0 0 0 Press ENTER to Confirm or ESC to Cancel The most often used port numbers are shown in the following table Please refer RFC 1700 for further information about port numbers Service Port Number F...

Page 32: ...yISP Encapsulation PPPoE Multiplexing LLC based VPI 0 VCI 33 ATM QoS Type UBR Peak Cell Rate PCR 0 Sustain Cell Rate SCR 0 Maximum Burst Size MBS 0 My Login cso zyxel My Password Idle Timeout sec 0 IP...

Page 33: ...pre configured to handle this case 2 Internet Access with an Internal Server In this case we do exactly as above use the convenient pre configured SUA Only set and also go to Menu 15 2 NAT Server Set...

Page 34: ...have two very busy internal FTP servers and also an internal general server for the web and mail In this case we want to assign the 3 IGAs by the following way using 4 NAT rules 5 Rule 1 One to One t...

Page 35: ...Login cso zyxel My Password Retype to Confirm Idle Timeout 100 IP Address Assignment Static IP Address IGA3 IP Subnet Mask N A Gateway IP Address N A Network Address Translation Full Feature Press EN...

Page 36: ...Selecting One to One type to map the FTP Server 2 with ILA2 192 168 1 11 to IGA2 Menu 15 1 1 2 Rule 2 Type One to One Local IP Start 192 168 1 11 End N A Global IP Start Enter IGA2 End N A Press ENTE...

Page 37: ...IGA3 Menu 15 1 1 4 Rule 4 Type Server Local IP Start N A End N A Global IP Start Enter IGA3 End N A Press ENTER to Confirm or ESC to Cancel When we have configured all four rules Menu 15 1 1 should lo...

Page 38: ...er from Menu 15 2 NAT Server Setup not Set 1 Set 1 is used for SUA Only case Menu 15 2 NAT Server Setup Rule Start Port No End Port No IP Address 1 Default Default 0 0 0 0 2 80 80 192 168 1 20 3 25 25...

Page 39: ...NAT mapping types thus each user login to the server using a unique global IP address The following figure illustrates this One rule configured for using Many to Many No Overload mapping type is shown...

Page 40: ...A Global IP Start Enter IGA1 End N A Press ENTER to Confirm or ESC to Cancel Menu 15 1 1 2 Rule 2 Type One to One Local IP Start 192 168 1 11 End N A Global IP Start Enter IGA2 End N A Press ENTER to...

Page 41: ...multiple type of NAT mapping rules SUA One to One Many to One Many to Many overload Many One to One Server The following table summarizes these types NAT Type IP Mapping One to One ILA1 IGA1 Many to...

Page 42: ...ture The Prestige allows you to configure up to twelve filter sets with six rules in each set for a total of 72 filter rules in the system You can apply up to four filter sets to a particular port to...

Page 43: ...on 43 Filter Types and SUA Conceptually there are two categories of filter rules device and protocol The Generic filter rules belong to the device category they act on the raw data from to LAN and WAN...

Page 44: ...all and output filter sets If SUA is enabled SUA converts the source IP address from 192 168 1 33 to 203 205 115 6 and port number from 1023 to 4034 WAN device output and call filter sets The sequence...

Page 45: ...Generic Filter Rule Filter 1 1 Filter Type Generic Filter Rule Active Yes Offset 0 Length 0 Mask N A Value N A More No Log None Action Matched Check Next Rule Action Not Matched Check Next Rule Menu 2...

Page 46: ...and protocol filter categories two new menus Menu 11 5 and Menu 13 1 have been added as well as some changes made to the Menu 3 1 Menu 11 1 and Menu 13 The new fields are shown below Menu 3 1 Menu 3...

Page 47: ...device filter set to the protocol filters field Even though SMT will prevent the inconsistency from being entered in ZyNOS it is unable to resolve the intermixing problems existing in the filter sets...

Page 48: ...ing this filter below o Create a filter set in Menu 21 e g set 1 o Create three filter rules in Menu 21 1 1 Menu 21 1 2 Menu 21 1 3 Rule 1 block the HTTP packet TCP 06 protocol with port number 80 Rul...

Page 49: ...ion IP Addr 0 0 0 0 IP Mask 0 0 0 0 Port 80 Port Comp Equal Source IP Addr 0 0 0 0 IP Mask 0 0 0 0 Port Port Comp None TCP Estab No More No Log None Action Matched Drop Action Not Matched Check Next R...

Page 50: ...Rule 3 for c DNS packet UDP 17 Port number 53 Menu 21 1 2 TCP IP Filter Rule Filter 1 2 Filter Type TCP IP Filter Rule Active Yes IP Protocol 17 IP Source Route No Destination IP Addr 0 0 0 0 IP Mask...

Page 51: ...put Protocol Filter Set in the remote node setup A filter for blocking a specific client Configuration 1 Create a filter set in Menu 21 e g set 1 Menu 21 Filter Set Configuration Filter Filter Set Com...

Page 52: ...CP Estab N A More No Log None Action Matched Drop Action Not Matched Forward Press ENTER to Confirm or ESC to Cancel Key Settings Source IP addr Enter the client IP in this field IP Mask here the IP m...

Page 53: ...w on Now a client on the LAN is trying to ping Prestige ras sys trcp sw off ras sys trcp disp TIME 37c060 enet0 RECV len 74 call 0 0000 00 a0 c5 01 23 45 00 80 c8 4c ea 63 08 00 45 00 0010 00 3c eb 0c...

Page 54: ...r 1280 Optional Data 32 bytes Configurations From the above first trace we know a client is trying to ping request the Prestige router And from the second trace we know the Prestige router will send a...

Page 55: ...starts at 7th octets we need to skip the first octets of the destination MAC address Length in bytes Set to 6 since MAC address has 6 octets Mask in hexadecimal Specify the value that the Prestige wil...

Page 56: ...e also Generic Filter Rule but not others Because the Generic and TCPIP IPX filter rules must be in different filter sets Menu 21 1 2 Generic Filter Rule Filter 1 2 Filter Type Generic Filter Rule Act...

Page 57: ...d 2 rules respectively based on the following packets in SMT menu 21 Filter Set 1 o Rule 1 Destination port number 137 with protocol number 6 TCP o Rule 2 Destination port number 137 with protocol num...

Page 58: ...re 1 Edit Comments Press ENTER to Confirm or ESC to Cancel Configure the first filter set NetBIOS_WAN by selecting the Filter Set number 1 Rule 1 Destination port number 137 with protocol number 6 TCP...

Page 59: ...e Yes IP Protocol 17 IP Source Route No Destination IP Addr 0 0 0 0 IP Mask 0 0 0 0 Port 137 Port Comp Equal Source IP Addr 0 0 0 0 IP Mask 0 0 0 0 Port 0 Port Comp None TCP Estab N A More No Log None...

Page 60: ...CP Estab No More No Log None Action Matched Drop Action Not Matched Check Next Rule Press ENTER to Confirm or ESC to Cancel Rule 4 Destination port number 138 with protocol number 17 UDP Menu 21 1 4 T...

Page 61: ...5 TCP IP Filter Rule Filter 1 5 Filter Type TCP IP Filter Rule Active Yes IP Protocol 6 IP Source Route No Destination IP Addr 0 0 0 0 IP Mask 0 0 0 0 Port 139 Port Comp Equal Source IP Addr 0 0 0 0...

Page 62: ...o Log None Action Matched Drop Action Not Matched Forward Press ENTER to Confirm or ESC to Cancel After the first filter set is finished you will get the complete rules summary as below Menu 21 2 Filt...

Page 63: ...er 6 TCP Menu 21 2 1 TCP IP Filter Rule Filter 2 1 Filter Type TCP IP Filter Rule Active Yes IP Protocol 6 IP Source Route No Destination IP Addr 0 0 0 0 IP Mask 0 0 0 0 Port 53 Port Comp Equal Source...

Page 64: ...ion Matched Drop Action Not Matched Forward Press ENTER to Confirm or ESC to Cancel 1 After the first filter set is finished you will get the complete rules summary as below Menu 21 2 Filter Rules Sum...

Page 65: ...xel com tw regardless of the WAN IP of the Prestige When the ISP assigns the Prestige a new IP the Prestige must inform the DDNS server the change of this IP so that the server can update its IP to DN...

Page 66: ...Service Provider WWW DynDNS ORG Active Yes Host the local server s host name EMAIL USER Password Enable Wildcard No Key Settings for using DDNS function Option Description Service Provider Enter the...

Page 67: ...ion The operations allowed are Get GetNext Set and Trap These functions operates on variables that exist in network nodes Examples of variables include statistic counters node port status and so on Al...

Page 68: ...NMS and managed devices can be any of four different types of commands 6 Reads Read is used to monitor the managed devices NMSs read variables that are maintained by the devices 7 Writes Write is used...

Page 69: ...ariable from a table or list within an agent In SNMPv1 when a NMS wants to retrieve all elements of a table from an agent it initiates a Get operation followed by a series of GetNext operations Set Al...

Page 70: ...h a particular object variable Variable bindings Associates particular object with their value 3 ZyXEL SNMP Implementation ZyXEL currently includes SNMP support in some Prestige routers It is implemen...

Page 71: ...port number The port number is its interface index under the interface group authenticationFailure defined in RFC 1215 When receiving any SNMP get or set requirement with wrong community this trap is...

Page 72: ...Configure the Prestige for SNMP The SNMP related settings in Prestige are configured in menu 22 SNMP Configuration The following steps describe a simple setup procedure for configuring all SNMP settin...

Page 73: ...he NMS The default is public Trusted Host Enter the IP address of the NMS The Prestige will only respond to SNMP messages coming from this IP address If 0 0 0 0 is entered the Prestige will respond to...

Page 74: ...log conf by adding the following line at the end of the etc syslog conf file local1 var log zyxel log Where var log zyxel log is the full path of the log file 3 Restart syslogd CDR log call messages F...

Page 75: ...rver Example Jul 19 11 28 39 192 168 102 2 ZyXEL Communications Corp Packet Trigger Protocol 1 Data 4500003c100100001f010004c0a86614ca849a7b08004a5c020001006162636465666768696a6b6c6d6e6f7071727374 Jul...

Page 76: ...P IPXCP Example Jul 19 11 43 25 192 168 1 1 ZyXEL Communications Corp ppp LCP Starting Jul 19 11 43 29 192 168 1 1 ZyXEL Communications Corp ppp IPCP Starting Jul 19 11 43 34 192 168 1 1 ZyXEL Communi...

Page 77: ...etwork can be configured in menu 3 2 as usual The second and third networks that we call IP Alias 1 and IP Alias 2 can be configured in menu 3 2 1 IP Alias Setup There are three internal virtual LAN i...

Page 78: ...Menu 3 2 TCP IP and DHCP Setup DHCP Setup DHCP Server Client IP Pool Starting Address 192 168 1 33 Size of Client IP Pool 32 Primary DNS Server 0 0 0 0 Secondary DNS Server 0 0 0 0 Remote DHCP Server...

Page 79: ...Direction None Version RIP 1 Incoming protocol filters Outgoing protocol filters IP Alias 2 Yes IP Address 192 168 3 1 IP Subnet Mask 255 255 255 0 RIP Direction None Version RIP 1 Incoming protocol...

Page 80: ...Down Enable Dial On Demand or Disable Dial On Demand on specified date and time SMT Menu for Call Scheduling 1 Edit the Schedule sets in menu 26 Prestige 2602HWL 61C Main Menu Getting Started Advance...

Page 81: ...e 1 Edit Name ZyXEL Press ENTER to Confirm or ESC to Cancel 3 The Menu 26 1 Schedule Set Setup is as follows Menu 26 1 Schedule Set Setup Active Yes Start Date yyyy mm dd 2004 01 01 How Often Once Onc...

Page 82: ...mand The remote node accepts Dial on demand during this period Disable Dial On Demand The remote node denies any demand dial during the period For the existing connected nodes it will be dropped after...

Page 83: ...in boot time Time service is implemented by the Daytime protocol RFC 867 Time protocol RFC 868 and NTP protocol RFC 1305 You have to assign an IP address of a time server and then the Prestige will ge...

Page 84: ...protocol used to support multicast groups The latest version is version 2 see RFC2236 IP hosts use IGMP to report their multicast group membership to any immediate neighbor multicast routers so the mu...

Page 85: ...n Prestige s remote node in menu 11 3 Menu 11 3 Remote Node Network Layer Options IP Options Bridge Options IP Address Assignment Dynamic Ethernet Addr Timeout min N A Rem IP Addr 0 0 0 0 Rem Subnet M...

Page 86: ...xiliary backup of your WAN connection Once Prestige detects it s WAN connectivity is broken Prestige will try to forward outgoing traffic to backup gateway that users specify in traffic redirect confi...

Page 87: ...e Prestige periodically pings the addresses configured here and uses the other WAN backup connection if configured if there is no response Fail Tolerance Type the number of times 2 recommended that yo...

Page 88: ...your backup gateway in dotted decimal notation The Prestige automatically forwards traffic to this IP address if the Prestige s Internet connection terminates Back Click Back to return to the previous...

Page 89: ...eir URLs and device descriptions UPnP Operations Addressing UPnPv1 devices MAY support IPv4 IPv6 or both For IPv4 each devices should have DHCP client when the device gets connected to the network it...

Page 90: ...on exploiting UPnP so we take Microsoft MSN application as an example in this support note You can learn how MSN benefit from NAT traversal feature in UPnP in this application note In the diagram supp...

Page 91: ...first check box enables UPnP function in this device The second check box allow users application to change configuration in this device For instance if you enable this item then user s MSN applicatio...

Page 92: ...xA Support Notes All contents copyright c 2005 ZyXEL Communications Corporation 92 3 Start a Video conversation with one online user 4 On the opposite side your partner select Accept to accept your co...

Page 93: ...Prestige 2602HWL DxA Support Notes All contents copyright c 2005 ZyXEL Communications Corporation 93 5 Finally your video conversation is achieved...

Page 94: ...el Only Infrastructure mode What is Infrastructure mode Infrastructure mode sometimes referred to as Access Point mode is an operating mode of an 802 11b Wi Fi client unit In infrastructure mode the c...

Page 95: ...ure mode of your Prestige wireless VoIP IAD please follow the steps below 1 From the SMT main menu enter 3 to display Menu 3 LAN Setup 2 Enter 5 to display Menu 3 5 Wireless LAN Setup Menu 3 5 Wireles...

Page 96: ...e Configuration Wireless Access Point to Infrastructure mode using Web configurator To configure Infrastructure mode of your Prestige wireless VoIP IAD please follow the steps below 1 From the web con...

Page 97: ...NIC card please follow the following steps 1 Double click on the utility icon in your windows task bar the utility will pop up on your windows screen 2 Select configuration tab 3 Select Infrastructur...

Page 98: ...Prestige 2602HWL DxA Support Notes All contents copyright c 2005 ZyXEL Communications Corporation 98 5 Double click on the AP you want to associated with...

Page 99: ...of control layer in that only stations with registered MAC addresses can connect This approach requires that the list of MAC addresses be configured 2 ZyXEL MAC Filter Implementation ZyXEL s MAC Filt...

Page 100: ...00 00 00 00 4 00 00 00 00 00 00 16 00 00 00 00 00 00 28 00 00 00 00 00 00 5 00 00 00 00 00 00 17 00 00 00 00 00 00 29 00 00 00 00 00 00 6 00 00 00 00 00 00 18 00 00 00 00 00 00 30 00 00 00 00 00 00 7...

Page 101: ...wser login AP by giving the LAN IP address of AP in URL field Default LAN IP is 192 168 1 1 default password to login web configurator is 1234 2 Click Network and click Wireless LAN tab on the left 3...

Page 102: ...an integrity check is used to ensure that packages are not modified during the transition The standard does not discuss how the shared key is established In practice most installations use a single k...

Page 103: ...o 4 WEP keys simultaneously You need to specify one of the 4 keys as default Key for data encryption To set up the Access Point you will need to set the one of the following parameters o 64 bit WEP ke...

Page 104: ...ed to encrypt wireless data transmission For example 3 5 Wireless LAN Setup ESSID Wireless Hide ESSID No Channel ID CH07 2442MHz RTS Threshold 2432 Frag Threshold 2432 WEP 64 bit WEP Default Key 3 Key...

Page 105: ...For example if access point use Key 3 to encrypt data then station will use Key 3 to decrypt data So the Key 3 of station has to equal to the Key 3 of access point Though access point use Key 3 as def...

Page 106: ...ettings Enter exactly 5 13 or 29 characters to match the security strength 40 64bit 128 bit 256 nit respectively Setting up the Station 1 Double click on the utility icon in your windows task bar or r...

Page 107: ...icon doesn t exist in your task bar click Start Programs IEEE802 11b WLAN Card IEEE802 11b WLAN Card 2 Select the Encryption tab Select encryption type correspond with access point Set up 4 Keys whic...

Page 108: ...Prestige 2602HWL DxA Support Notes All contents copyright c 2005 ZyXEL Communications Corporation 108...

Page 109: ...Key4 456789ABCD Configuring 802 1x IEEE 802 1x Introduction IEEE 802 1x port based authentication is desired to prevent unauthorized devices clients from gaining access to the network As LANs extend...

Page 110: ...cator controls the physical access to the network based on the authentication status of the client The authenticator acts as an intermediary proxy between the client and the authentication server i e...

Page 111: ...Control The port state determines whether or not the supplicant Wireless Client is granted access to the network behind Wireless AP There are two authentication port state on the AP authorized state...

Page 112: ...sts the identity of the client and begins relaying authentication messages between supplicant and the authentication server Each supplicant attempting to access the network is uniquely identified by t...

Page 113: ...ends an EAP request identity frame to the 802 1x client to request its identity typically the authenticator sends an initial identity request frame followed by one or more requests for authentication...

Page 114: ...ZyXEL Communications Corporation 114 The EAPOL packet contains the following fields protocol version packet type packet body length and packet body Most of the fields are obvious The packet type can...

Page 115: ...x session EAPOL Key This is used for TLS authentication method The Wireless AP uses this packet to send the calculated WEP key to the supplicant after TLS negotiation has completed between the supplic...

Page 116: ...Idle Timeout in second N A Key Management Protocol N A Dynamic WEP Key Exchange N A PSK N A WPA Mixed Mode N A Data Privacy for Broadcast Multicast packets N A WPA Broadcast Multicast Key Update Timer...

Page 117: ...users to login to the Wireless AP simultaneously When you use internal authentication server ZyXEL wireless AP is acted as Authenticator and Authentication Server By storing wireless 802 1x client pr...

Page 118: ...r 2 Type a number and press Enter to edit the wireless 802 1x client profile Menu 14 1 Edit Dial in User User Name ZyXEL Active Yes Password Press ENTER to Confirm or ESC to Cancel Key settings Option...

Page 119: ...and decapsulating the Extensible Authentication Protocol EAP frames and interacting with the authentication server When the authenticator receives EAPOL frames and relays them to the authentication s...

Page 120: ...ized The specific exchange of EAP frames depends on the authentication method being used The figure below shows a message exchange initiated by the client using the MD5 Challenge authentication method...

Page 121: ...hentication is 1812 You need not change this value unless your network administrator instructs you to do so Shared Secret Specify a password up to 31 characters as the key to be shared between externa...

Page 122: ...rent degree of attenuation This will cause the RF coverage pattern be irregular and hard to predict Site survey can help us overcome these problem and even provide us a map of RF coverage of the facil...

Page 123: ...gram with all information you gathered in the preparation phase Now you are ready to make the survey 2 Install an access point at the preliminary location 3 User a notebook with wireless client instal...

Page 124: ...the access point installation spot if wireless service is required from corner of the room 6 Repeat step 1 5 and now you should be able to mark an RF coverage area as illustrated in above picutre 7 Y...

Page 125: ...formation please refer to roaming at PSTN Lifeline Application Notes For Lifeline model only Usage of PSTN Lifeline By using the PSTN lifeline function you can make and receive regular PSTN phone call...

Page 126: ...s you how to configure lifeline under P2602HWL D1A WEB GUI Lifeline configuration To configure lifeline in P2602HWL D1A click on VoIP PSTN Line to display the following screen You can specify a prefix...

Page 127: ...our local emergency services such as Police Dept Fire Dept Emergency Medical services phone number in this field Thus in any cases these unit can be reach in case of emergency by dialing their number...

Page 128: ...SL line 4 Connect the splitter jack where it label Line to ADSL line from the ISP Figure 2 Splitterless type 1 The P2602HWL D1A includes a DSL cable and a RJ 11 cable Connect the DSL cable to the DSL...

Page 129: ...voice and multimedia sessions over the Internet SIP signaling is separate from the media for which it handles sessions The media that is exchanged during the session can use a different path from tha...

Page 130: ...ITSP provided to you Step 6 If you wish to send caller ID check the check box in the Caller ID category if you do not wish to send out caller ID leave the check box uncheck Step 7 Click on Apply to sa...

Page 131: ...nter the port from the SIP Server Port field again here SIP Service Domain A SIP service domain is the domain name that comes after the symbol in a full SIP URI Enter the SIP service domain name in th...

Page 132: ...e device properly in user s networking topology 2 Setup device s WAN connection 3 Configuring SIP VoIP related settings in device A and B There are two ways to make IP to IP call 1 Make you can call b...

Page 133: ...Prestige 2602HWL DxA Support Notes All contents copyright c 2005 ZyXEL Communications Corporation 133 server all in the VOIP screen Setup Configuring SIP VoIP related settings in device A...

Page 134: ...Corporation 134 1 Setup WEB GUI VoIP enter device A s number in the SIP number column 2 Fill in device B s IP into SIP server address Register server address as example 3 Setup speed dial put device B...

Page 135: ...Prestige 2602HWL DxA Support Notes All contents copyright c 2005 ZyXEL Communications Corporation 135...

Page 136: ...in device A s IP into SIP server address Register server address as example 3 Setup speed dial put device A s information into the column After completing the setting you can dial 01 from the phone u...

Page 137: ...s 1234 Step 3 On the left column click on VoIP Phone Analog Phone Advanced Setup to bring you to voice function menu Step 4 Change the phone port parameter as you desired and click Apply when you are...

Page 138: ...the Prestige waits this long after you stop pressing the buttons before initiating the call Select how many seconds you want the Prestige to wait after the last input on the telephone s keypad before...

Page 139: ...ration 139 Each field s detail description of the page is listed below Label Description SIP Account This read only field displays the number of the SIP account that you are configuring The changes th...

Page 140: ...time that the Prestige will allow a SIP session to remain idle without traffic before dropping it Min SE When two SIP devices negotiate a SIP session they must negotiate a common expiration time for...

Page 141: ...ssaging system that supports this feature Expiration Time Use this field to set how long the SIP server should continue providing the message waiting service after receiving a SIP SUBSCRIBE message fr...

Page 142: ...ck on login The default is 1234 Step 3 On the left column click on VoIP Phone Book Speed Dial to bring you to Speed Dial page to enter speed dial configuration page Step 4 Select the entry number you...

Page 143: ...speed dial entry displays in the Speed Dial Phone Book section of the screen Speed Dial Phone Book This section of the screen displays the currently saved speed dial entries You can configure up to 1...

Page 144: ...applies Type of Service priority tags with this priority to voice traffic that it transmits RTP TOS Priority Type a priority for voice transmissions The Prestige applies Type of Service priority tags...

Page 145: ...forwarding function allows users to determine handling of incoming calls For example a user may wish to decide that all incoming calls will ring his cell phone as well The following screenshot shows...

Page 146: ...le for each SIP account or use the same call forwarding table for both The following applies to the number fields in this screen For a SIP number use the number or text that comes before the symbol in...

Page 147: ...to Number You can set the Prestige to forward incoming calls to a number that you specify here Condition Select under what circumstances you want the Prestige to use this call forwarding entry Select...

Page 148: ...poration 148 the Incoming Call Number field Voice Common Settings Click VoIP Phone Common to display the following screen Use this screen to configure Immediate Dial Click VoIP Phone Region to display...

Page 149: ...tige handles supplementary phone services call hold call waiting call transfer and three way conference calls Select the mode that your voice service provider supports Select Europe Type to use the su...

Page 150: ...ion station By default the Prestige LAN IP is 192 168 1 1 What is the default LAN IP address and Password Moreover how do I change it The default LAN IP address is 192 168 1 1 and you can change the L...

Page 151: ...ROMFILE restore to previous saved configuration orthe need of resetting SMT to factory default The procedure for uploading ROMFILE via the web configurator is as follows a Log on into the web configur...

Page 152: ...he reset button is located near by the power jack on the unit back panel Note By reset the unit back to factory default you will lost all your previous settings What is SUA When should I use SUA SUA S...

Page 153: ...egal address problem mentioned above without going through each and every host The design goal of ZyXEL s SUA is to minimize the Internet access cost in a small office environment by using a single IP...

Page 154: ...r ISP utilize ADSL as a broadband service Prestige IAD offers an Ethernet port to connect to your computer so the Prestige is placed in the line between the computer and your ISP If your ISP supports...

Page 155: ...configuration over the broadband connections Besides PPPoE supports a broad range of existing applications and service including authentication accounting secure access and configuration management W...

Page 156: ...rivate and secure e mail if they have been assigned the proper access right If your company does not have a domain name it means that your ISP provides you with a dynamic IP address Suppose your compa...

Page 157: ...ration file using TFTP Trivial File Transfer Protocol over LAN Can the Prestige support TFTP over WAN Although TFTP should work over WAN as well it is not recommended because of the potential data cor...

Page 158: ...nternet Protocol address used within one network to a different IP address known within another network One network is designated the inside network and the other is the outside Typically a company ma...

Page 159: ...fine the local IP addresses as the Internal Local Addresses ILA and the global IP addresses as the Inside Global Address IGA 1 One to One In One to One mode the Prestige maps one ILA to one IGA 2 Many...

Page 160: ...us ZyNOS versions that supported SUA visible servers had to be of different types The Prestige supports NAT sets on a remote node basis They are reusable but only one set is allowed for each remote no...

Page 161: ...le in the DDNS server is updated the DNS name for your web server i e www zyxel com tw is still usable When do I need DDNS service When you want your internal server to be accessed by using DNS name r...

Page 162: ...outside access we must specify the service port and the LAN IP of this server in Menu 15 Thus SUA is able to forward the incoming packets to the requested service behind SUA and the outside users acc...

Page 163: ...Protocol that allows voice data to travel across the Internet There are many method to used this technology the most common and well known are SIP and H 323 How does Voice over IP work Basically VoIP...

Page 164: ...by the IETF it approaches voice and multimedia from the Internet or IP perspective of view Where as H 323 emerged around 1996 and as an International Telecommunication Union standard it was designed f...

Page 165: ...better What codec does Prestige support Prestige supports the following commonly used codec G 729 voice codec G 711u law voice codec G 711a law voice codec Note G 711 u law or G 711 a law is country s...

Page 166: ...ne Adapter such as Prestige ATA series I can register but can not establish a call If you can register to server but can not make a call very likely there is NAT router or firewall before it which is...

Page 167: ...iagnostic tips in the user s guide Please contact your ZyXEL local vendor to send the device in for RMA service Firewall FAQ What is a network firewall A firewall is a system or group of systems that...

Page 168: ...he session data to assure the integrity of the connection and to adapt to dynamic protocols The flexible nature of Stateful Inspection firewalls generally provides the best speed and transparency howe...

Page 169: ...of Death and Teardrop 2 Those that exploits weaknesses in the TCP IP specification such as SYN Flood and LAND Attacks 3 Brute force attacks that flood a network with useless data such as Smurf attack...

Page 170: ...the network the router will broadcast the ICMP echo request packet to all hosts on the network If there are numerous hosts this will create a large amount of ICMP echo request packet the resulting IC...

Page 171: ...g attacks The basic scheme is as follows For the input data filter Deny packets from the outside that claim to be from the inside Allow everything that is not spoofing us Filter rule setup Filter type...

Page 172: ...one blocking period of time is supported currently on ZyXEL appliance Can I override block or allow certain URLs by wording Yes you can use key word blocking to achieve this How many URL keywords doe...

Page 173: ...ction to the remote office 2 Reducing number of access lines Many companies pay monthly charges for two types access lines 1 high speed links for their Internet access and 2 frame relay ISDN Primary R...

Page 174: ...remote sites to be encrypted and verified You can create encrypted tunnels VPNs or just do encryption between computers Since you have so many options IPSec is truly the most extensible and complete n...

Page 175: ...tween IKE and manual key VPN The only difference between IKE and manual key is how the encryption keys and SPIs are determined For IKE VPN the key and SPIs are negotiated from one VPN gateway to the o...

Page 176: ...ge It s not neccessary to follow the format exactly By default Prestige takes IP as phase 1 ID type for itself and it s remote peer But if it s remote peer is using DNS or E mail you have to ajust the...

Page 177: ...PN support Prestige supports 56 bit DES and 168 bit 3DES and AES What types of authentication does Prestige VPN support VPN vendors support a number of different authentication methods Prestige VPN su...

Page 178: ...t nor in the range 172 16 0 0 172 31 255 255 these address ranges are reserved by internet standard for private LAN numberings behind NAT devices It is usually a static IP so that we can pre configure...

Page 179: ...orking on it currently Does Prestige VPN support NetBIOS broadcast The current 3 50 firmware release does not support it But it is in our wish list Is the host behind NAT allowed to use IPSec NAT Cond...

Page 180: ...Phase 1 ID in Prestige Phase 1 ID can be configured in VPN setup menu as following Note that you can make such configuration in either web configurator or SMT menu If I have NAT router between two VP...

Page 181: ...option whenever phase 2 SA lifetime is due IKE negotiation procedure will be invoked automatically even without traffic to make the connection stay But to reduce the consumption of system resource if...

Page 182: ...port IPSec passthrough you have to disable the VPN function on Prestige To disable it you can either deactivate each VPN rule or issue a CI command ipsec switch off from SMT menu 24 8 You can get into...

Page 183: ...rom peer to peer networks suitable for a small number of users to full infrastructure networks of thousands of users that enable roaming over a broad area What are the disadvantages of Wireless LANs T...

Page 184: ...per second Mbps However depending on signal quality and how many other people are using the wireless ethernet through a particular Access Point usable speed will be much less on the order of 4 or 5 M...

Page 185: ...us spread spectrum radio communication applications use the 2 4 GHz band This includes WLAN systems not necessarily of the type IEEE 802 11b cordless phones wireless medical telemetry equipment and Bl...

Page 186: ...hat s the difference between a WLAN and a WWAN WLANs are generally privately owned wireless systems that are deployed in a corporation warehouse hospital or educational campus setting Data rates are h...

Page 187: ...rier which hops through a predefined sequence of several frequencies at a specific rate This avoids problems with fixed channel narrowband noise and simple jamming Both transmitter and receiver must h...

Page 188: ...Privacy WEP is a security mechanism defined within the 802 11 standard and designed to make the security of the wireless medium equal to that of a cable wire WEP data encryption was designed to preven...

Page 189: ...rning off the broadcast of SSID in the beacon message a common practice does not prevent getting the SSID since the SSID is sent in the clear in the probe message when a client associates to an AP a s...

Page 190: ...ransmits and receives normal traffic without 802 1X based authentication of the client No access allowed causes the port to remain in the unauthorized state ignoring all attempts by the client to auth...

Page 191: ...m it Because WPA PSK only requires a single password to be entered on wireless AP gateway and wireless client As long as the passwords match a client will be granted access to the WLAN Trouble Shootin...

Page 192: ...channel enet0 bothway 1 3 Enable the trace log by entering sys trcp sw on sys trcl sw on 1 4 Display the brief trace online by entering sys trcd brief or 1 5 Display the detailed trace online by enter...

Page 193: ...Time 12089 790 sec Frame Type TCP 192 168 1 2 1116 192 31 7 130 80 Ethernet Header Destination MAC Addr 00A0C5921311 Source MAC Addr 0080C84CEA63 Network Type 0x0800 TCP IP IP Header IP Version 4 Hea...

Page 194: ...00 00 70 02 P p 0030 20 00 BE C3 00 00 02 04 05 B4 01 01 04 02 0001 LAN Frame ENET0 XMIT Size 58 58 Time 12090 020 sec Frame Type TCP 192 31 7 130 80 192 168 1 2 1116 Ethernet Header Destination MAC...

Page 195: ...C EA 63 00 A0 C5 92 13 11 08 00 45 00 L c E 0010 00 2C 57 F3 40 00 ED 06 AC 8C C0 1F 07 82 C0 A8 W 0020 01 02 00 50 04 5C 4A D1 B5 7F 00 BD 15 A8 60 12 P J 0030 FA F0 F8 77 00 00 02 04 05 B4 w 0002 LA...

Page 196: ...ta Length 6 Captured 6 0000 20 20 20 20 20 20 RAW DATA 0000 00 A0 C5 92 13 11 00 80 C8 4C EA 63 08 00 45 00 L c E 0010 00 28 35 0B 40 00 80 06 3C 79 C0 A8 01 02 C0 1F 5 y 0020 07 82 04 5C 00 50 00 BD...

Page 197: ...0054 TCP 202 132 155 97 10261 192 31 7 130 80 5 12374 940 ENET1 T 0438 TCP 202 132 155 97 10261 192 31 7 130 80 6 12375 320 ENET1 R 0064 TCP 192 31 7 130 80 202 132 155 97 10261 7 12375 360 ENET1 R 0...

Page 198: ...10 A7 98 8F 3F A9 09 E4 0F 26 14 9C 58 3E 95 3E E7 X 0020 FC 2A 4C 2F FB BE 2F FE EF D0 L RAW DATA 0000 00 A0 C5 92 13 12 00 A0 C5 01 23 45 08 00 45 00 E E 0010 04 8B B1 39 40 00 EE 06 A9 AB C0 1F 07...

Page 199: ...der Source Port 0x281E 10270 Destination Port 0x0050 80 Sequence Number 0x00C18F63 12685155 Ack Number 0xD3E95DE9 3555286505 Header Length 20 Flags 0x10 A Window Size 0x1DD5 7637 Checksum 0x7A12 31250...

Page 200: ...der Checksum 0x533C 21308 Source IP 0xCA849B61 202 132 155 97 Destination IP 0xC01F0782 192 31 7 130 TCP Header Source Port 0x281E 10270 Destination Port 0x0050 80 Sequence Number 0x00C18F63 12685155...

Page 201: ...sw off 1 6 Display the trace briefly by entering sys trcp brief 1 7 Display specific packets by using sys trcp parse from_index to_index Exmaple Prestige sys trcp channel enet1 none Prestige sys trcp...

Page 202: ...ation MAC Addr 0080C84CEA63 Source MAC Addr 00A0C5921311 Network Type 0x0800 TCP IP IP Header IP Version 4 Header Length 20 Type of Service 0x00 0 Total Length 0x002C 44 Idetification 0x7F02 32514 Fla...

Page 203: ...by entering sys trcp channel enet1 bothway 1 3 Enable the trace log by entering sys trcp sw on sys trcl sw on 1 4 Wait for packet passing through Prestige over WAN 1 5 Disable the trace log by enteri...

Page 204: ...2 80 202 132 155 97 10278 Ethernet Header Destination MAC Addr 00A0C5921312 Source MAC Addr 00A0C5591284 Network Type 0x0800 TCP IP IP Header IP Version 4 Header Length 20 Type of Service 0x00 0 Total...

Page 205: ...61 00 50 28 26 4D 71 3D 8A 00 C8 C0 15 50 18 a P Mq P 0030 22 38 AB 57 00 00 48 54 54 50 2F 31 2E 31 20 33 8 W HTTP 1 1 3 0040 30 34 20 4E 6F 74 20 4D 6F 64 69 66 69 65 64 0D 04 Not Modified 0050 0A 4...

Page 206: ...d 42 0000 47 45 54 20 2F 70 69 63 74 75 72 65 73 2F 6D 61 GET pictures ma 0010 67 61 7A 69 6E 65 5F 6C 6F 67 6F 2F 62 65 73 74 gazine_logo best 0020 6F 66 74 69 6D 65 73 2E 67 69 oftimes gi RAW DATA 0...

Page 207: ...g dev dial 1 dial remote node 1 5 After all if the Prestige crashes and you can do nothing please send the above log back to us 6 If the Prestige crashes and you are able to enter commands please type...

Page 208: ...service name telstra service name bpa service name iprimus service name pacificinternet service name integrationisp service name bpa dev service name bpa sif service name telstrarna service name gpms...

Page 209: ...bdc040 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ed 2b b f j n e5bdc050 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ed 2b b f j n e5bdc060 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ed 2b b f j n e5bdc07...

Page 210: ...LAN or WAN end of Prestige It is also very helpful for diagnostics if you have compatibility problems with your ISP or if you want to know the details of a packet for configuring a filter rule The for...

Page 211: ...130 80 1 11883 100 ENET0 R 0062 TCP 192 168 1 2 1108 192 31 7 130 80 2 11883 330 ENET0 T 0058 TCP 192 31 7 130 80 192 168 1 2 1108 3 11883 340 ENET0 R 0060 TCP 192 168 1 2 1108 192 31 7 130 80 4 11883...

Page 212: ...0xC01F0782 192 31 7 130 TCP Header Source Port 0x045C 1116 Destination Port 0x0050 80 Sequence Number 0x00BD15A7 12391847 Ack Number 0x00000000 0 Header Length 28 Flags 0x02 S Window Size 0x2004 8192...

Page 213: ...ervice 0x00 0 Total Length 0x002C 44 Idetification 0x57F3 22515 Flags 0x02 Fragment Offset 0x00 Time to Live 0xED 237 Protocol 0x06 TCP Header Checksum 0xAC8C 44172 Source IP 0xC01F0782 192 31 7 130 D...

Page 214: ...16 192 31 7 130 80 Ethernet Header Destination MAC Addr 00A0C5921311 Source MAC Addr 0080C84CEA63 Network Type 0x0800 TCP IP IP Header IP Version 4 Header Length 20 Type of Service 0x00 0 Total Length...

Page 215: ...2 Enable to capture the WAN packet by entering sys trcp channel mpoa00 bothway 1 3 Enable the trace log by entering sys trcp sw on sys trcl sw on 1 4 Display the brief trace online by entering sys tr...

Page 216: ...35 Source IP 0xC01F0782 192 31 7 130 Destination IP 0xCA849B61 202 132 155 97 TCP Header Source Port 0x0050 80 Destination Port 0x281E 10270 Sequence Number 0xD3E95985 3555285381 Ack Number 0x00C18F63...

Page 217: ...1 3 Enable the trace log by entering sys trcp sw on sys trcl sw on 1 4 Wait for packet passing through the Prestige over LAN 1 5 Disable the trace log by entering sys trcp sw off sys trcl sw off 1 6 D...

Page 218: ...ration 218 CLI Command List The latest CI command list is available in release notes of every ZyXEL firmware release Please go to ZyXEL public WEB site http www zyxel com support download php to downl...

Reviews:

No comments

Related manuals for P-2602HWL-D1A

ABB COM600 series Product Manual preview
COM600 series
Brand: ABB Pages: 20
ABB COM600 series Configuration Manual preview
COM600 series
Brand: ABB Pages: 66
ABB ARM600 Product Manual preview
ARM600
Brand: ABB Pages: 16
ABB AWIN GW120 Quick Setup Manual preview
AWIN GW120
Brand: ABB Pages: 2
ABB COM600 series Owner'S/Operator'S Manual preview
COM600 series
Brand: ABB Pages: 44
BAB TECHNOLOGIE 12000 Documentation preview
12000
Brand: BAB TECHNOLOGIE Pages: 39
Patton 1000 Getting Started Manual preview
1000
Brand: Patton Pages: 181
Ubisys G1 Assembly And Commissioning Instructions preview
G1
Brand: Ubisys Pages: 51
Karel GT20 Technical Reference And User'S Manual preview
GT20
Brand: Karel Pages: 17
Patton electronics 1400 Series Specification Sheet preview
1400 Series
Brand: Patton electronics Pages: 2
Yeastar Technology TA Series How To Connect preview
TA Series
Brand: Yeastar Technology Pages: 14
Yeastar Technology TA Series Installation Manual preview
TA Series
Brand: Yeastar Technology Pages: 17
ICP DAS USA GT-541 User Manual preview
GT-541
Brand: ICP DAS USA Pages: 33
Safeline GL1 Quick Manual preview
GL1
Brand: Safeline Pages: 76
D-Link DG-102S Quick Install Manual preview
DG-102S
Brand: D-Link Pages: 12
D-Link DG-102S Quick Start Manual preview
DG-102S
Brand: D-Link Pages: 8
D-Link DVG?6001G Quick Manual preview
DVG?6001G
Brand: D-Link Pages: 2
D-Link DG-104S User Manual preview
DG-104S
Brand: D-Link Pages: 59

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

ABB AEG Acer Asus Beko Black & Decker Bosch Brother Candy Canon Cisco Craftsman D-Link DeWalt Dell Electrolux Emerson Epson Frigidaire Fujitsu GE HP Haier Hitachi Honeywell Huawei Husqvarna JVC Kenmore Kenwood KitchenAid LG Lenovo Makita Miele Mitsubishi Electric Motorola NEC Nikon Nokia Panasonic Philips Pioneer Samsung Sanyo Sharp Siemens Sony TP-Link Toshiba Whirlpool Xiaomi Yamaha Zanussi Load more brands