ZyXEL Communications PRESTIGE 153 User Manual Download | Manualshive

Page: 153 / 186

background image

Prestige 153/153X WAN Bridge/Routers

11-1

Chapter 11

System Security

Chapter 11

System Security

Your Prestige incorporates a number of security measures to prevent unauthorized access to your
network. For example, your Prestige supports both PAP (Password Authentication Protocol) and

CHAP (Challenge Handshake Authentication Protocol) in authenticating a Remote Node.

By default, your Prestige can store information about up to eight different users. If more dial-up
users are necessary, an external RADIUS (Remote Authentication Dial In User Service) server
can be used to provide centralized user security.

In addition, your Prestige also implements a user password to get into the SMT screen. You will
have three attempts to enter the correct system password. If you do not do so, the SMT will kick
you out. In addition, your Prestige will only support one user in the SMT at one time.

11.1 Using RADIUS Authentication

Your Prestige router has a built-in dial-up user list, which can hold up to eight users.

For multiple (>8) dial-in users, your Prestige supports an external authentication server (UNIX or

NT server station) which may provide password storage and usage accounting for thousands of
users.

11.1.1 Installing a RADIUS Server

To use RADIUS authentication, you will need to have a UNIX- or NT-based machine on your
network to act as a [

radiusd

] server, as well as a copy of the [

radiusd

] server program itself.

«
...
151
152
153
154
155
...
»

Summary of Contents for PRESTIGE 153

Page 1: ...Prestige 153 153X User s Manual Version 1 0 ZyXEL TOTAL INTERNET ACCESS SOLUTION...

Page 2: ...r written permission of ZyXEL Communications Corporation Published by ZyXEL Communications Corporation All rights reserved Disclaimer ZyXEL does not assume any liability arising out of the application...

Page 3: ...ccordance with the instructions may cause harmful interference to radio communications If this equipment does cause harmful interference to radio television reception which can be determined by turnin...

Page 4: ...he compliance with the above conditions may not prevent degradation of service in some situations Repairs to certified equipment should be made by an authorized Canadian maintenance facility designate...

Page 5: ...al equipment designed for use within certain voltage limits The Low Voltage Directive 2 The Council Directive 89 336 EEC of 3 May 1992 on the approximation of the laws of the Member States relating to...

Page 6: ...s provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability or fitness...

Page 7: ...el com Technical Support support zyxel com Worldwide Support ZyXEL Communications Corporation 6 Innovation Road II Science Based Industrial Park Hsinchu Taiwan 300 R O C Telephone 886 3 578 3942 Ext 2...

Page 8: ......

Page 9: ...Hardware Installation Initial Setup 2 1 Unpacking your Bridge Router 2 1 2 2 Additional Installation Requirements 2 2 2 3 Connect your WAN Bridge Router 2 3 2 4 Power On Your Prestige 2 7 2 5 Navigat...

Page 10: ...5 Remote Node Configuration for LAN to LAN 5 1 Remote Node Setup 5 1 5 2 Leased Line Connection 5 12 Chapter 6 TCP IP Configuration for LAN to LAN 6 1 LAN to LAN Application 6 1 Chapter 7 Novell IPX C...

Page 11: ...ecurity 11 1 Using RADIUS Authentication 11 1 11 2 Configure the SMT Password 11 5 Chapter 12 Telnet Configuration and Capabilities 12 1 About Telnet Configuration 12 1 12 2 Telnet Capabilities 12 2 C...

Page 12: ...hapter 14 Troubleshooting 14 1 Problems Starting Up the Prestige 14 1 14 2 Problems With the WAN Ports 14 2 14 3 Problems with the LAN Interface 14 2 14 4 Problems Connecting to a Remote Node or ISP 1...

Page 13: ...2 11 Figure 2 7 Menu 23 1 System Security Change Password 2 12 Figure 2 8 Menu 1 General Setup 2 13 Figure 2 9 Prestige 153 Menu 2 WAN Port Setup 2 16 Figure 2 10 Prestige 153 Menu 2 1 Async WAN Port...

Page 14: ...with TCP IP 6 1 Figure 6 2 Menu 11 3 Remote Node Network Layer Options for a TCP IP Application 6 2 Figure 6 3 Sample IP Addresses for a LAN to LAN Connection with TCPI IP 6 3 Figure 6 4 Example of S...

Page 15: ...AN Packet Which Triggered Last Call 13 4 Figure 13 4 Menu 24 2 System Maintenance Change Terminal Baud Rate 13 5 Figure 13 5 Examples of Error and Information Messages 13 6 Figure 13 6 Menu 24 3 2 Sys...

Page 16: ......

Page 17: ...3 Table 3 3 Private Networks IP Addresses 3 4 Table 3 4 DHCP Ethernet Setup Menu Fields 3 7 Table 3 5 TCP IP Ethernet Setup Menu Fields 3 8 Table 3 6 Internet Account Information 3 9 Table 3 7 Interne...

Page 18: ...ry Menu 9 4 Table 9 2 Abbreviations Used If Filter Type Is IP 9 5 Table 9 3 Abbreviations Used If Filter Type Is GEN 9 6 Table 9 4 Abbreviations Used If Filter Type Is IPX 9 6 Table 9 5 TCP IP Filter...

Page 19: ...ent bridging Your Prestige is also compatible with routers from other manufacturers such as Ascend Cisco and 3Com Your Prestige 153 153X is easy to install and to configure since you do not need to se...

Page 20: ...ntrol and logging features for network administrators 5 Troubleshooting Chapter 14 provides information about solving common problems Regardless of your particular application it is important that you...

Page 21: ...2 3 MANAGEMENT MAINTENANCE TROUBLESHOOTING 4 5 LAN TO LAN APPLICATIONS Chapter 6 TCPI IP Configuration for LAN to LAN Chapter 7 Novell IPX Configuration for LAN to LAN Chapter 8 Bridge Configuration...

Page 22: ......

Page 23: ...ons and internetworking solutions for your home or branch office The Prestige is ideal for everything from Internet browsing to receiving calls from Remote Dial in Users to making LAN to LAN connectio...

Page 24: ...Test LED Blinking ETHERNET LNK RX TX COL Receive Transmit Collisions on LAN WAN 1 RDY TX RX WAN port 1 Ready Transmit Receive WAN 2 RDY TX RX WAN port 2 Ready Transmit Receive WAN 3 RDY TX RX WAN port...

Page 25: ...et interface LNK RX LAN Receive Green Blinking Traffic is being received on the LAN TX LAN Transmit Green Blinking Traffic is being transmitted on the LAN ETHER NET COL Collisions Green On Transmissio...

Page 26: ...t to connect the ETHERNET 10Base T cable CONSOLE RJ 45 connector to plug the RJ45 RS232 female adapter and connect to the Console or SMT WAN 1 RJ 45 socket to connect the RJ45 RS232 male adapter and p...

Page 27: ...ET 10Base T cable CONSOLE RJ 45 connector to plug the RJ45 RS232 female adapter and connect to the Console or SMT WAN 1 SCSI socket to connect the SCSI RS449 SCSI V 35 or SCSI RS232 male adapter and p...

Page 28: ...e used independently for different destinations or they can be bundled for one connection to support bandwidth on demand Prestige 153X Synchronous Asynchronous WAN Ports Prestige 153X also has three W...

Page 29: ...ndwidth The Prestige 153 153X supports BAP Bandwidth Allocation Protocol and BACP Bandwidth Allocation Control Protocol to manage the number of links in multilink bundle Full Network Management Your P...

Page 30: ...budget management for outgoing calls and maintains a blacklist for unreachable phone numbers in order to save you the expense of unnecessary charges Data Compression Your Prestige incorporates Stac da...

Page 31: ...language used for the Internet It is also compatible with access servers manufactured by major vendors such as Cisco and Ascend A typical Internet Access application is shown in Figure 1 4 Figure 1 4...

Page 32: ...r your Prestige 153 153X is to connect the Corporate Office LAN of your company with the Branch Office as shown in Figure 1 5 Figure 1 5 LAN to LAN Connection Application Dial On Demand Also with the...

Page 33: ...re 1 6 shows how a remote user or a telecommuter can connect to its corporate office via a modem or ISDN TA and the PSTN ISDN network Figure 1 6 Telecommuting Remote Access Application Prestige 153 15...

Page 34: ......

Page 35: ...cklist Package Contents Prestige 153 Prestige 153X Prestige 153 or Prestige 153X Bridge Router 1 1 power adapter 1 1 RS 232 cable 1 1 25 pin female to 9 pin male adapter cable 1 1 LAN crossover cable...

Page 36: ...nd use your Prestige These requirements include l External Modems or ISDN TAs Terminal adapters l An Ethernet 10Base T connection to your computer l A computer equipped with communications software co...

Page 37: ...al Setup 2 3 Connect your WAN Bridge Router 2 3 1 Prestige 153 Connections Figure 2 1 Prestige 153 Connections POWER LAN WAN 1 WAN 2 WAN 3 CONSOLE Ethernet LAN Modem ISDN TA Modem ISDN TA Power Adapte...

Page 38: ...3 2 Prestige 153X Connections Figure 2 2 Prestige 153X Connections POWER LAN WAN 1 WAN 2 WAN 3 CONSOLE PSTN ISDN Network Fractional T1 E1 Computer or Ethernet LAN Power Adapter Power Outlet Modem ISDN...

Page 39: ...you must use RS 232 and communications software After your Prestige has been successfully installed you can modify the configuration through a remote Telnet connection See Chapter 12 Telnet Configura...

Page 40: ...UTP cable and RJ 45 connectors that look like a bigger telephone plug with 8 pins Two types of gray Ethernet cables come with the package Straight through cable white tag Connect your Prestige to a 10...

Page 41: ...s and will also perform a PSTN ISDN line initialization After this initialization the Prestige will display the SMT System Management Terminal interface and ask you to press Enter to continue as shown...

Page 42: ...assword 1234 to get into the Main Menu of the System Management Terminal SMT As you type a password the screen displays an X for each character you typed Figure 2 4 Login Screen Note that once you are...

Page 43: ...e the Up Down arrow keys to move to the previous and the next field respectively Enter information Fill in or Press the Space bar to toggle There are two types of fields that you will need to fill in...

Page 44: ...tocol 13 Default Dial in Setup Access this menu to setup default dial in parameters so that your Prestige can be a dial in server for the Remote Node and Remote Dial in User 14 Dial in User Setup Setu...

Page 45: ...ng the SMT password Step 1 Select option 23 System Security in the Main Menu This will open Menu 23 System Security as shown in Figure 2 6 Figure 2 6 Menu 23 System Security Step 2 From the System Sec...

Page 46: ...press Enter Step 5 Re type your new system password for confirmation and press Enter You will now need to enter this password every time you attempt to access the SMT In addition the password is requi...

Page 47: ...ion 1 General Setup in the Main Menu by typing 1 at the menu selection number prompt Step 2 The Menu 1 General Setup screen appears as shown in Figure 2 8 Fill in the required fields marked and turn o...

Page 48: ...lds Press space bar to toggle Route IP Route IPX Bridge Set this field to Yes if you are configuring your Prestige for Internet Access Selecting Yes will let your Prestige route IPX protocol applicati...

Page 49: ...will save the information to ROM first then use this information to initialize the Wan Port and the attached modem or ISDN TA Note on WAN Setup Before you connect a leased line modem or ISDN TA to yo...

Page 50: ...can set the configuration parameters for the selected WAN port Figure 2 10 Prestige 153 Menu 2 1 Async WAN Port Setup Menu 2 WAN Port Setup 1 Wan Port 1 2 Wan Port 2 3 Wan Port 3 Enter Menu Selection...

Page 51: ...ype for your particular application Select Switch for Dial up application or Leased for Leased Line Modem application Press space bar to toggle Switch Leased Phone Number Enter the telephone number as...

Page 52: ...command ats0 0 to disable auto answer i e ats0 0 or your Prestige will answer the incoming phone call Default ats0 0 Advanced Setup To edit the Advanced Setup for this Modem ISDN TA move the cursor to...

Page 53: ...onfigure the device accordingly To configure the modem ISDN TA or CSU DSU refer to the instructions provided by the manufacturer To configure the WAN ports go to Menu 2 WAN Port Setup as shown in Figu...

Page 54: ...AN Port is deactivated it has no effect on the operation of your Prestige even though its profile is still kept in the database and can be activated in the future Press space bar to toggle Yes No Conn...

Page 55: ...56K Modem Port Speed Use the space bar to select the maximum speed of your Async Device Modem or ISDN TA or Sync Device CSU DSU Available speeds for Async Device are 9600 19200 38400 57600 115200 230...

Page 56: ...r to the Advanced Setup field and press the space bar to select Yes then press Enter Step 2 When Menu 2 1 1 appears fill in the appropriate AT commands and call control parameters for the Modem or ISD...

Page 57: ...Toggle Yes No Default Yes AT Response Strings CLID Caller Line Identification Enter the keyword to capture Caller ID from the AT Response String Your Prestige will capture CLID from the AT Response St...

Page 58: ...the timeout value 60 seconds Retry Counter How many times a busy or no answer phone number is retried before it is put on the blacklist 0 to disable the blacklist control Retry Interval sec Elapsed ti...

Page 59: ...p displays as shown in Figure 2 14 Figure 2 14 Menu 3 Ethernet Setup This menu determines the type of the filter sets you wish to implement to monitor your Ethernet traffic From Menu 3 Ethernet Setup...

Page 60: ...ion then return to this menu to define the appropriate filter sets 2 10 Protocol Dependent Ethernet Setup Depending upon the type of protocol TCP IP IPX or Bridge you are using for your applications y...

Page 61: ...orld The Internet uses exclusively the TCP IP suite of protocols The term internet lower case i however refers to any interconnected networks using any protocol An internet can be as simple as two hos...

Page 62: ...For instance to partition a class C network number 192 68 135 0 into two you shift 1 bit from the host ID to the network ID Thus the new subnet mask will be 255 255 255 128 the first subnet will have...

Page 63: ...Table 3 2 Examples of IP Subnet Masks IP Subnet Mask Number of Host IDs Number of Bits 255 255 255 0 254 24 255 255 255 128 126 25 255 255 255 192 62 26 255 255 255 224 30 27 255 255 255 255 1 32 An...

Page 64: ...resses 10 0 0 0 10 255 255 255 172 16 0 0 172 31 255 255 192 168 0 0 192 168 255 255 Assigning IP Addresses You can obtain your IP address from the IANA from an ISP or assigned from a private network...

Page 65: ...1 General Setup To edit Menu 1 select the menu option 1 General Setup in the Main Menu and press Enter When Menu 1 appears fill in the required fields marked and set the Route IP field to Yes as shown...

Page 66: ...option 2 TCP IP and DHCP Setup and press Enter The screen now displays Menu 3 2 TCP IP and DHCP Ethernet Setup as shown in Figure 3 2 Figure 3 2 Menu 3 2 TCP IP and DHCP Ethernet Setup Menu 3 2 TCP I...

Page 67: ...re allocated from a block of addresses usually assigned by your Internet provider The Client IP Pool Starting Address gives the first address in the reserved block which is also used as the LAN networ...

Page 68: ...dress that you assign Unless you have special need for subnetting use the default subnet mask 255 255 255 0 default RIP Direction This parameter determines how your Prestige handles RIP Routing Inform...

Page 69: ...formation Write your account information here IP Address of the ISP s Gateway Optional Telephone Number s of your ISP Login Name Password for ISP authentication Domain Name Server DNS for your worksta...

Page 70: ...Leased Port s can be a single port 1 to 3 or any combination of ports i e 1 2 3 or 1 3 etc All leased WAN Ports specified here are bundled in one connection to your ISP The Connection Type of these WA...

Page 71: ...ice of the selected Device Type to dial out This field is not applicable if the Connection Type is Leased Selections Modem ISDN TA X 25 PAD 56K Modem Space bar to toggle Press Enter at the message Pre...

Page 72: ...l only pay for one IP address thus saving significantly on subscription fees Check with your ISP before you enable this feature Figure 3 4 illustrates a typical Single User Account topology Figure 3 4...

Page 73: ...the Internet For more information on IP address translation refer to RFC 1631 The IP Network Address Translator NAT 3 5 1 Advantages of SUA In summary l SUA is an ideal cost effective solution for sm...

Page 74: ...Setup as shown in Figure 3 5 Figure 3 5 Menu 4 Internet Access Setup for Single User Account To enable the SUA feature in Menu 4 move the cursor to the Single User Account field and select Yes or No...

Page 75: ...ancel your selections At this point your Prestige will ask if you wish to test the Internet connection If you select Yes the ISP will be called and the connection tested If the test fails note the err...

Page 76: ...u 11 3 set the remote node s subnet mask to 0 0 0 0 and set RIP to None Step 5 Save the new configuration 3 6 2 Switch ISP Once you have done this if you need to switch from your primary ISP to a back...

Page 77: ...wing Table 3 9 describes each field in Menu 11 4 Remote Node Script Table 3 9 Remote Node Script Menu Fields Field Description Option Active Press the space bar to toggle between Yes and No When a Rem...

Page 78: ......

Page 79: ...ach Remote Node can have its own set of parameters such as Bandwidth On Demand Protocol Security etc Remote Dial in Users are individual users who dial in to your Prestige directly from their workstat...

Page 80: ...muters to call in to your LAN you need to configure a Dial In User Profile for each telecommuter Additionally you need to configure the Default Dial In Setup to set the operational parameters for all...

Page 81: ...a dial in server you need to configure the Default Dial In Setup to set the operational parameters for incoming calls Additionally you will have to create a Remote Node for the router on the remote n...

Page 82: ...col independent fields in this menu For the protocol dependent fields refer to the appropriate chapters Table 4 2 describes and contains information on how to configure each parameter in Menu 13 Defau...

Page 83: ...sed if CHAP is not available l CHAP Use CHAP only l PAP Use PAP only l None Your Prestige tries to acquire CHAP PAP first but no authentication is required if CHAP PAP is not available CHAP PAP CHAP P...

Page 84: ...the whole network If set to No the remote host must use the IP address assigned by your Prestige from the IP pool configured below Default Yes Yes No Dial In IP Address Supplied By IP Pool This field...

Page 85: ...ic between your Prestige and the Remote Dial in User Keep in mind that these filter set s will only apply to all Remote Dial in Users but not the Remote Nodes You can choose from 12 different filter s...

Page 86: ...in User Setup Step 2 Select one of eight users by number this will bring you to Menu 14 1 Edit Dial in User as shown in Figure 4 5 Figure 4 5 Menu 14 1 Edit Dial in User Menu 14 Dial in User Setup 1 j...

Page 87: ...ll be able to call back to the Remote Dial in User if they request it In such a case your Prestige will disconnect the initial call from this user and dial back to the specified callback number see be...

Page 88: ...mpleted filling in Menu 14 1 Edit Dial in User press Enter at the message Press ENTER to Confirm to save your selections or press Esc at any time to cancel your selections 4 5 More on CLID CLID allows...

Page 89: ...call automatically i e Dial On Demand Similarly calls from the remote LAN will be answered automatically and security will be checked In this chapter we will discuss the parameters that are protocol...

Page 90: ...the Submenu 11 1 2 Remote Node Profile for leased line application Figure 5 2 Menu 11 1 Remote Node Profile for Dial up Line Applications Menu 11 1 Remote Node Profile Rem Node Name Active Yes Connec...

Page 91: ...ge even though it is still kept in the database and can be activated in the future Deactivated nodes are displayed with a minus sign at the beginning of the name in Menu 11 Press space bar to toggle Y...

Page 92: ...s the Calling Line ID the telephone number of the calling party of this Remote Node If you enable the CLID Authen field in Menu 13 Default Dial In your Prestige will check this number against the CLID...

Page 93: ...tication protocols PAP Password Authentication Protocol and CHAP Challenge Handshake Authentication Protocol l PAP sends the user name and password in plain text l CHAP scrambles the password before i...

Page 94: ...the pound sign before the phone number for local calls A symbol may be included at the beginning of the Primary Phone number or Secondary Phone number as required Device Type Use the space bar to choo...

Page 95: ...g to your specific protocol Press space bar to toggle Yes then press Enter Edit Script Options To edit the parameters select Yes and press Enter This will bring you to Menu 11 4 Remote Node Script Opt...

Page 96: ...n Control Protocol BACP and the Multilink Protocol MP to implement bandwidth on demand The configuration of bandwidth on demand is based on the Minimum and Maximum Ports of a Remote Node If Minimum an...

Page 97: ...xample when Bandwidth Increment for an Additional Port is 5 Kbps and the Target Utility for a second Port is 10 20 then the Target Utility for a third port is 15 25 See Menu 11 2 Remote Node PPP Optio...

Page 98: ...e default for this field is Off On Off Default Off Multiple Link Options BOD Calculation Select the direction of the traffic you wish to calculate in order to determine when to add or subtract a link...

Page 99: ...the adding threshold before the Prestige will bring up the second channel Default 5 sec Subtract Persist This parameter specifies the number of seconds where traffic is below the subtraction threshol...

Page 100: ...WAN Port This is to verify if the link is up When your Prestige receives a PPP Echo Request packet it will send another PPP Echo Reply packet back to the sender through the same link When PPP Echo Re...

Page 101: ...he space bar to toggle between Yes and No When a Remote Node is deactivated it has no effect on the operation of your Prestige even though it is still kept in the database and can be activated in the...

Page 102: ...ts specified in this remote node are bundled in one connection Incoming Rem Node Login Name for backup line only Enter the login name that this Remote Node will use when it calls into your Prestige Th...

Page 103: ...Protocol l PAP sends the user name and password in plain text l CHAP scrambles the password before it is sent over the wire Generally speaking CHAP is more secure than PAP however PAP is readily avai...

Page 104: ...h default l Set this parameter to None to de activate the Backup Line function None l If set to Incoming your Prestige will not place a call to a Remote Node Incoming l If set to Outgoing your Prestig...

Page 105: ...e discarded The disadvantage of bridging is that it usually generates large amounts of traffic Press space bar to toggle Yes No Edit PPP Options To edit the PPP options for this Remote Node move the c...

Page 106: ...ple 1 5 9 12 Note that spaces are accepted in this field For more information on customizing your filter sets see Chapter 9 The default is blank that is no filters defined Default Blank Session Option...

Page 107: ...emote Node PPP Options Menu for Leased Line applications and contains instructions on how to configure the PPP options fields Table 5 4 Remote Node PPP Options Menu Fields for Leased Line Applications...

Page 108: ......

Page 109: ...enu 4 We will illustrate the configuration for LAN to LAN applications in the following sections 6 1 LAN to LAN Application A typical LAN to LAN application is to use your Prestige to call from a bran...

Page 110: ...protocols in the Route field The Route field should display Route IP or Route IP IPX Step 2 Move the cursor to the Edit IP IPX Bridge field then press the space bar to toggle and set the value to Yes...

Page 111: ...nu 11 3 Figure 6 3 Sample IP Addresses for a LAN to LAN Connection with TCPI IP The following Table 6 1 describes the Remote Node Profile and Remote Node Network Layer Options for a TCP IP configurati...

Page 112: ...he remote network My WAN Addr Some implementations especially the UNIX derivatives require hosts on both ends of the PSTN ISDN link to have separate addresses from the LAN and that the addresses must...

Page 113: ...ted to other hosts through RIP broadcasts Yes No RIP This parameter determines how your Prestige handles RIP Routing Information Protocol and the default is Both If set to Both your Prestige will broa...

Page 114: ...nternet Access or a Remote Node a static route is implicitly created by your Prestige An example is given below In the example stations on the 204 5 1 0 24 subnetwork can access the remote stations us...

Page 115: ...nu 12 2 Edit IP Static Route as shown in Figure 6 6 Figure 6 6 Menu 12 1 Edit IP Static Route Menu 12 Static Route Setup IP Static Route 1 isp1 ISP 2 ________ 3 ________ 4 ________ IPX Static Route 11...

Page 116: ...need to specify a route to a single host use a subnet mask of 255 255 255 255 in the subnet mask field to force the network number to be identical to the host ID IP Subnet Mask Enter the subnet mask...

Page 117: ...include 802 2 802 3 Ethernet II DIX and SNAP 7 1 2 Network Numbers External Network Number Whenever you are setting up an IPX routing environment it is important to correctly configure the network nu...

Page 118: ...your Prestige to a LAN l LAN with a server server side l LAN without a server client side Figure 7 1 illustrates a typical LAN Client to LAN Server connection in an IPX environment Figure 7 1 Prestige...

Page 119: ...create a unique external network number to apply to that frame on the LAN Your Prestige must then be configured as a Seed Router and the network number can be configured in the Ethernet Setup Menu The...

Page 120: ...ption 3 Novell IPX Setup to go to Menu 3 3 Novell IPX Ethernet Setup as shown in Figure 7 2 Figure 7 2 Menu 3 3 Novell IPX Ethernet Setup Menu 3 3 Novell IPX Ethernet Setup Seed Router No Frame Type 8...

Page 121: ...at your Prestige needs to support you need to set the corresponding field to Yes The frame type s selected here must be the same frame type s as the server or client stations on that network Otherwise...

Page 122: ...that all of the stations on the branch office network have access to the server at the headquarters as depicted in Figure 7 3 For the branch office you need to configure a Remote Node in order to dia...

Page 123: ...he Route field should display Route IPX or Route IP IPX Step 4 Move the cursor to the Edit IP IPX Bridge field then press the space bar to toggle and set the value to Yes and press Enter to edit Menu...

Page 124: ...e this field as 00000000 your Prestige will select the greater WAN network number between the two devices 00000000 default Hop Count This field indicates the number of intermediate networks that must...

Page 125: ...that a client station on the network on the left wishes to access the NetWare server on the right internal network number 111 However the SAP broadcasts will receive a response from the server on the...

Page 126: ...ntation this value is 000000000001 Socket This field contains the socket number on which the server will receive service requests The default for this field is hex 0451 Type This field identifies the...

Page 127: ...mes with several pre defined call filters designed to prevent certain IPX packets from triggering a call to a Remote Node These filters should inform your Prestige which packets should be ignored as t...

Page 128: ...field settings Table 8 1 Handle IPX Field Settings Handle IPX Setting Description None Nothing is done to IPX traffic Client All RIP and SAP Service Advertising Protocol periodical response packets wi...

Page 129: ...3 5 Description None When there is no IPX traffic on the LAN or when you do not want to apply any special handling for IPX Client When there are only client workstations on the LAN Server When there a...

Page 130: ...Menu 11 3 Remote Node Network Layer Options shown in Figure 8 2 follow these steps Step 1 In Menu 11 1 make sure the Bridge field is set to Yes Step 2 Move the cursor to the Edit IP IPX Bridge field...

Page 131: ...e LAN When set to Yes any broadcasts coming from the LAN will trigger your Prestige to make a call to that Remote Node If it is set to No your Prestige will not make the outgoing call Ethernet Addr Ti...

Page 132: ...escription Menu 13 PPP Options Recv Authen Make sure this field is set to Yes Once you have completed filling in this menu press Enter at the message Press ENTER to Confirm to save your selections or...

Page 133: ...MAC address of the destination device that you wish to bridge your packets to IP Address If available enter the IP address of the destination device that you wish to bridge your packets to Gateway No...

Page 134: ......

Page 135: ...he data to determine if the packet should be allowed to pass Call filters are used to determine if a call should be placed Outgoing packets must pass through the data filters before they encounter the...

Page 136: ...allowing you to customize up to 72 filter rules 12 x 6 When implementing these filter sets you can link up to four of the filter sets together to screen the data packet Therefore with each filter set...

Page 137: ...e displayed in this field You can edit the comments you wish to use to identify that filter set Once you have completed filling in Edit Comments field press Enter at the message Press ENTER to confirm...

Page 138: ...Menu 21 1 Filter Rules Summary The following Table 9 1 contains a brief description of the abbreviations used in Menu 21 1 Table 9 1 Abbreviations Used in the Filter Rules Summary Menu Abbreviations...

Page 139: ...Action Matched F means to forward the packet D means to drop the packet N means check the next rule n Refers to Action Not Matched F means to forward the packet D means to drop the packet N means chec...

Page 140: ...IPX Novell IPX the following abbreviations listed in Table 9 4 will be used Table 9 4 Abbreviations Used If Filter Type Is IPX Abbreviation Description PT IPX Packet Type SS Source Socket DS Destinat...

Page 141: ...ilter Type field and press Enter This will bring you to the corresponding menu 9 2 1 TCP IP Filter Rule This section will show you how to configure a TCP IP filter rule for your Prestige Figure 9 4 di...

Page 142: ...e bits of the IP Address given in Destination IP Addr IP Address Destination Port Enter the destination port of the packets that you wish to filter The range of this field is 0 to 65535 0 65535 Destin...

Page 143: ...N A Yes N A Log In this field you can determine if you wish to log the results of packets attempting to pass the filter rule These results will be displayed on the System Log There are 4 options for t...

Page 144: ...enu Fields Field Description Default Offset Offset refers to the value of the byte that you want to use as your starting offset That is in the data packet at what point do you want to begin the compar...

Page 145: ...Value In this field specify in Hexadecimal the value that your Prestige should use to compare with the masked packet The value should align with Offset Since Length is given in bytes you need to ente...

Page 146: ...ter Rule Figure 9 6 Menu 21 1 3 IPX Filter Rule Table 9 7 describes the IPX Filter Rule Menu 21 1 3 IPX Filter Rule Filter 1 1 Filter Type IPX Filter Rule Active No IPX Packet Type Destination Network...

Page 147: ...ts that you wish to filter This should be a 4 byte hex value Destination Source Socket Comp You can select what comparison quantifier you wish to use to compare to the value given in Destination Socke...

Page 148: ......

Page 149: ...anager station and the agent stations in a network Basically your Prestige when connected to the LAN acts as an agent station In this way the manager station on your LAN can monitor your Prestige as i...

Page 150: ...o enter the setup information The following Table 10 1 describes the specific parameters involved in the configuration The parameters you will have to fill in will be indicated in bold type Menu 22 SN...

Page 151: ...e trusted host SNMP management station If this field is configured then your Prestige will only respond to SNMP messages coming from this address If you leave the field blank default then your Prestig...

Page 152: ......

Page 153: ...y In addition your Prestige also implements a user password to get into the SMT screen You will have three attempts to enter the correct system password If you do not do so the SMT will kick you out I...

Page 154: ...tributes ATTRIBUTE Zyxel Callback Option 192 integer VALUE Zyxel Callback Option None 0 VALUE Zyxel Callback Option Optional 1 VALUE Zyxel Callback Option Mandatory 2 Callback phone number source ATTR...

Page 155: ...ield contains Yes the built in dial up user list will be searched first then the external authentication server Type Determines the type of the external authentication server At present only the RADIU...

Page 156: ...US Database Your Prestige only uses the RADIUS database for user authentication except for Password Dialback No and the ZyXEL extensions Zyxel Callback Option and Zyxel Callback Phone Source described...

Page 157: ...ps describe a simple setup procedure for configuring the SMT password Step 1 From the Main Menu select option 23 System Security Step 2 From Menu 23 System Security you can select option 1 Change Pass...

Page 158: ......

Page 159: ...the RS 232 port However once your Prestige has been initially configured you can use telnet to configure the device remotely as shown in Figure 12 1 Figure 12 1 Telnet Configuration on a TCP IP Netwo...

Page 160: ...cy on the configuration your Prestige will only allow one terminal connection at any time Your Prestige also gives priority to the RS 232 connection over telnet If you have already connected to your P...

Page 161: ...lities and upgrades to the system software This chapter will describe how to use these tools in greater detail System maintenance options are available in Menu 24 System Maintenance as shown in Figure...

Page 162: ...n 1 System Status Step 3 There are five possible commands in Menu 24 1 System Maintenance Status l Entering 1 or 2 or 3 will disconnect the call on the specified WAN port l Entering 8 will disconnect...

Page 163: ...ort is currently connected to or the status of the port Idle Calling or Answering 3 Kbps The current connecting speed 4 TXPkts The number of transmitted packets on this port 5 RXPkts The number of rec...

Page 164: ...ermine which station has sent a packet to cause your Prestige to make an outgoing call Figure 13 3 shows two examples of LAN Packets the first of an ICMP Ping packet Type IP triggering the call and th...

Page 165: ...minal Baud Rate 13 3 Log and Trace Log and trace tools allow users of the Prestige to view the error logs and trace records to troubleshoot any errors that may occur The Prestige is also able to gener...

Page 166: ...Log in the system The Error Log does not only provide the error messages but it is also a source of information about your Prestige You can also clear the Error Log on your Prestige After each displa...

Page 167: ...ctivate syslog Table 13 2 System Maintenance Menu Syslog Parameters Parameter Description Active Use the space bar to turn on or off the syslog option Syslog IP Address Input the IP Address that you w...

Page 168: ...slog messages are shown below Call Information Messages line 1 channel 1 call 41 C01 Incoming Call 40001 line 1 channel 1 call 41 C01 ANSWER Connected 64K 40001 line 1 channel 1 call 41 C01 Incoming C...

Page 169: ...e to your system Figure 13 7 Menu 24 4 System Maintenance Diagnostic Follow the procedure below to get to Diagnostic Step 1 From the Main Menu select option 24 to access Menu 24 System Maintenance Ste...

Page 170: ...correctly When this option is chosen your Prestige will PING the Internet IP Address If everything is working properly you will receive an appropriate response Otherwise note the error message and co...

Page 171: ...tion via Manual Call Figure 13 9 Trace Display for a Failed IPCP Connection Via Manual Call Strat dialing for node 1 Hit any key to continue Dialing chan 2 phone last 9 digit 40101 Call CONNECT speed...

Page 172: ...tion from disk to the Prestige You need to upload a backup file to the Prestige The procedure for uploading varies depending on the type of software used to access the Prestige but you must use the XM...

Page 173: ...ter uploading is successful type atgo to start your Prestige Below is an example of downloading RAS using PCPLUS Figure 13 11 Menu 24 7 1 Example of Uploading RAS Using PCPLUS Menu 24 7 System Mainten...

Page 174: ...Command Interpreter Mode This option allows the user to enter the command interpreter mode This mode allows you to diagnose test and configure your Prestige using a specified set of commands A list o...

Page 175: ...re outgoing calls will not be made and the current call will be dropped The Blacklist function prevents the Prestige from re dialing to an unreachable phone number It is a list of phone numbers up to...

Page 176: ...phone numbers blacklisted Figure 13 14 Menu 24 9 2 Blacklist The phone numbers on this list cannot be entered directly instead they are numbers which have had problems connecting in the past The user...

Page 177: ...be dropped and further outgoing calls to that Remote Node or Remote Dial in User callback will fail After each period the total budget is reset The default for the total budget is 0 minutes and the pe...

Page 178: ......

Page 179: ...ubleshooting Corrective Action None of the LEDs are on when you power on the Prestige Check the power cord and the power supply and make sure it is properly connected to your Prestige If the error per...

Page 180: ...face Troubleshooting Corrective Action Check the LAN LED on the front panel of your Prestige If it is on then the link is up If it is off then check the cables connecting your Prestige to your LAN Che...

Page 181: ...ted or not If the call is not connected verify the following parameters in Menu 11 Pri mary Phone Sec ondary Phone and Transfer Rate If the call is connected but the call still terminates then there m...

Page 182: ...Recv Authen and Mutual Authen If the Remote Dial in User is negotiating IP verify that the IP address is supplied correctly in Menu 13 Check that either the Remote Dial in User is supplying a valid IP...

Page 183: ...8 6 8 7 12 2 Bridging Configuration 8 4 Call Control blacklist 13 15 13 16 budget management 13 15 13 17 Call Control Parameters 2 22 2 24 Callback budget 4 6 field 4 6 4 7 function 2 23 CCP 1 8 5 10...

Page 184: ...5 18 Internet Internet Access xix xx 1 9 2 10 2 14 2 26 3 1 3 5 3 9 3 10 3 11 3 14 6 3 6 4 6 6 ISP 1 9 3 1 3 4 3 9 3 10 3 11 3 12 3 13 3 15 3 16 3 17 14 3 Internet Connection test 2 10 3 11 3 15 IP A...

Page 185: ...5 3 5 4 5 5 5 6 5 7 5 8 5 9 5 12 5 13 5 14 5 15 5 16 5 17 5 18 5 19 6 2 6 3 7 7 8 4 8 5 setup 2 10 5 1 5 2 6 2 6 8 7 7 7 10 8 4 RIP 3 8 3 16 5 8 5 18 6 5 6 6 7 3 7 8 8 1 8 2 9 1 9 13 direction 3 8 RJ...

Page 186: ...10 2 11 2 12 4 1 11 1 11 2 11 3 11 5 TCP IP configuration xx 6 1 6 4 6 5 Telecommuting xx 1 9 1 11 4 1 4 2 telecommuter 4 2 configuration xx 2 5 12 1 Transfer Rate 14 3 connecting 14 3 14 4 LAN inter...

Reviews:

No comments

Related manuals for PRESTIGE 153

Brand: D-Link Pages: 11

Brand: D-Link Pages: 8

AirPlus DWL-810

Brand: D-Link Pages: 8

Brand: D-Link Pages: 84

Brand: D-Link Pages: 28

Brand: D-Link Pages: 2

DIR-655 - Xtreme N Gigabit Router Wireless

Brand: D-Link Pages: 3

Brand: D-Link Pages: 11

Brand: D-Link Pages: 35

Brand: D-Link Pages: 12

Brand: D-Link Pages: 12

Brand: D-Link Pages: 24

Brand: D-Link Pages: 20

Brand: D-Link Pages: 44

Brand: D-Link Pages: 52

Brand: D-Link Pages: 103

SISPM1040-582-LRT

Brand: Lantronix Pages: 2

Brand: Lantronix Pages: 7

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands