manualshive.com logo in svg

ZyXEL Communications Prestige 2602R Series, User Manual

The ZyXEL Communications Prestige 2602R Series offers advanced networking capabilities. Easily set up and configure your device with the User Manual available for free download on manualshive.com. This manual provides detailed instructions on optimizing the performance of your ZyXEL router. Unlock the full potential of your device today.

Share
Download
background image

Prestige 2602R Series User’s Guide

168 

Chapter 13 Firewall Configuration

The Prestige also sends alerts whenever 

TCP Maximum Incomplete

 is exceeded. The global 

values specified for the threshold and timeout apply to all TCP connections. 

Click 

Firewall

, and 

Threshold

 to bring up the next screen.

Figure 69   

Firewall: Threshold

The following table describes the labels in this screen.

Table 49   

Firewall: Threshold 

LABEL

DESCRIPTION

DEFAULT VALUES

Denial of Service 

Thresholds

One Minute Low

This is the rate of new half-open sessions that 

causes the firewall to stop deleting half-open 

sessions. The Prestige continues to delete 

half-open sessions as necessary, until the 

rate of new connection attempts drops below 

this number.

80 existing half-open sessions.

One Minute High

This is the rate of new half-open sessions that 

causes the firewall to start deleting half-open 

sessions. When the rate of new connection 

attempts rises above this number, the 

Prestige deletes half-open sessions as 

required to accommodate new connection 

attempts.

100 half-open sessions per minute. 

The above numbers cause the 

Prestige to start deleting half-open 

sessions when more than 100 

session establishment attempts 

have been detected in the last 

minute, and to stop deleting half-

open sessions when fewer than 80 

session establishment attempts 

have been detected in the last 

minute.

Maximum 

Incomplete Low

This is the number of existing half-open 

sessions that causes the firewall to stop 

deleting half-open sessions. The Prestige 

continues to delete half-open requests as 

necessary, until the number of existing half-

open sessions drops below this number.

80 existing half-open sessions.

Summary of Contents for Prestige 2602R Series

Page 1: ...Prestige 2602R Series ADSL VoIP IAD User s Guide Version 3 40 7 2005...

Page 2: ......

Page 3: ...by ZyXEL Communications Corporation All rights reserved Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products or software described herein Neither does i...

Page 4: ...o radio communications If this equipment does cause harmful interference to radio television reception which can be determined by turning the equipment off and on the user is encouraged to try to corr...

Page 5: ...r supply is damaged remove it from the power outlet Do NOT attempt to repair the power supply Contact your local vendor to order a new power supply Place connecting cables carefully so that no one wil...

Page 6: ...ged by an act of God or subjected to abnormal working conditions Note Repair or replacement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all oth...

Page 7: ...busvej 5 2860 Soeborg Denmark sales zyxel dk 45 39 55 07 07 FINLAND support zyxel fi 358 9 4780 8411 www zyxel fi ZyXEL CommunicationsOy Malminkaari 10 00700 Helsinki Finland sales zyxel fi 358 9 4780...

Page 8: ...zyxel co uk ZyXEL Communications UK Ltd 11 The Courtyard Eastern Road Bracknell Berkshire RG12 2XB United Kingdom UK sales zyxel co uk 44 0 1344 303034 ftp zyxel co uk a is the prefix number you enter...

Page 9: ...Features of the Prestige 42 1 2 Applications for the Prestige 45 1 2 1 Internet Access 46 1 2 1 1 Internet Single User Account 46 1 2 2 Making Calls via Internet Telephony Service Provider 46 1 2 3 Ma...

Page 10: ...Setup First Screen 67 3 2 3 Media Bandwidth Mgnt Wizard Setup Second Screen 68 3 2 4 Media Bandwidth Mgnt Wizard Setup Finish 69 3 3 Password Setup 70 3 3 1 Configuring Password 70 Chapter 4 LAN Setu...

Page 11: ...Setup 83 5 7 Traffic Redirect 86 5 8 Configuring WAN Backup 87 Chapter 6 Network Address Translation NAT Screens 91 6 1 NAT Overview 91 6 1 1 NAT Definitions 91 6 1 2 What NAT Does 92 6 1 3 How NAT W...

Page 12: ...ation 110 8 4 Quality of Service QoS 113 8 4 1 Type Of Service ToS 113 8 4 2 DiffServ 113 8 4 2 1 DSCP and Per Hop Behavior 113 8 4 3 VLAN 113 8 5 QoS Configuration 114 8 6 Phone 115 8 6 1 Voice Activ...

Page 13: ...129 10 2 Configuring Dynamic DNS 129 Chapter 11 Time and Date 131 11 1 Pre defined NTP Time Servers List 131 11 2 Configuring Time and Date 131 Chapter 12 Firewalls 135 12 1 Firewall Overview 135 12...

Page 14: ...curity Ramifications 150 13 3 3 Key Fields For Configuring Rules 151 13 3 3 1 Action 151 13 3 3 2 Service 151 13 3 3 3 Source Address 151 13 3 3 4 Destination Address 151 13 4 Connection Direction Exa...

Page 15: ...ing UPnP 179 16 1 2 NAT Traversal 179 16 1 3 Cautions with UPnP 179 16 2 UPnP and ZyXEL 180 16 2 1 Configuring UPnP 180 16 3 Installing UPnP in Windows Example 181 16 4 Using UPnP in Windows XP Exampl...

Page 16: ...andwidth Management Statistics 210 18 10 Bandwidth Monitor 211 Chapter 19 Maintenance 213 19 1 Maintenance Overview 213 19 2 System Status Screen 213 19 2 1 System Statistics 216 19 3 DHCP Table Scree...

Page 17: ...ccess Configuration 246 Chapter 25 Remote Node Configuration 249 25 1 Remote Node Setup Overview 249 25 2 Remote Node Setup 249 25 2 1 Remote Node Profile 249 25 2 2 Encapsulation and Multiplexing Sce...

Page 18: ...a Server Behind NAT 273 28 5 General NAT Examples 274 28 5 1 Example 1 Internet Access Only 275 28 5 2 Example 2 Internet Access with an Inside Server 275 28 5 3 Example 3 Multiple Public IP Addresses...

Page 19: ...re and Configuration File Maintenance 313 33 1 Filename Conventions 313 33 2 Backup Configuration 314 33 2 1 Backup Configuration 314 33 2 2 Using the FTP Command from the Command Line 315 33 2 3 Exam...

Page 20: ...35 3 Remote Management and NAT 333 35 4 System Timeout 333 Chapter 36 IP Policy Routing 335 36 1 IP Policy Routing Overview 335 36 2 Benefits of IP Policy Routing 335 36 3 Routing Policy 335 36 4 IP R...

Page 21: ...fying Settings 371 Macintosh OS 8 9 371 Verifying Settings 373 Macintosh OS X 373 Verifying Settings 374 Linux 374 Using the K Desktop Environment KDE 375 Using Configuration Files 376 Verifying Setti...

Page 22: ...nal SPTGEN 395 Internal SPTGEN Overview 395 The Configuration Text File Format 395 Internal SPTGEN File Modification Important Points to Remember 395 Internal SPTGEN FTP Download Example 396 Internal...

Page 23: ...Prestige 2602R Series User s Guide Table of Contents 23 Index 439...

Page 24: ...Prestige 2602R Series User s Guide 24 Table of Contents...

Page 25: ...n 62 Figure 16 Internet Access Wizard Setup Fourth Screen 64 Figure 17 Wizard Setup LAN Configuration 65 Figure 18 Wizard Setup Connection Tests 66 Figure 19 Media Bandwidth Mgnt Wizard Setup First Sc...

Page 26: ...Summary 154 Figure 60 Firewall Edit Rule 156 Figure 61 Firewall Customized Services 158 Figure 62 Firewall Configure Customized Services 159 Figure 63 Firewall Example Rule Summary 160 Figure 64 Firew...

Page 27: ...mize Bandwidth Usage Example 204 Figure 98 Bandwidth Borrowing Example 205 Figure 99 Media Bandwidth Management Summary 206 Figure 100 Media Bandwidth Management Class Setup 207 Figure 101 Media Bandw...

Page 28: ...Edit IP Static Route 260 Figure 141 Menu 11 1 Remote Node Profile 264 Figure 142 Menu 11 3 Remote Node Network Layer Options 264 Figure 143 Menu 12 3 1 Edit Bridge Static Route 265 Figure 144 Menu 4...

Page 29: ...Information and Console Port Speed 305 Figure 187 Menu 24 2 1 System Maintenance Information 306 Figure 188 Menu 24 2 2 System Maintenance Change Console Port Speed 307 Figure 189 Menu 24 3 System Ma...

Page 30: ...TCP IP Properties IP Address 365 Figure 231 Windows 95 98 Me TCP IP Properties DNS Configuration 366 Figure 232 Windows XP Start Menu 367 Figure 233 Windows XP Control Panel 367 Figure 234 Windows XP...

Page 31: ...e 258 Configuration Text File Format Column Descriptions 395 Figure 259 Invalid Parameter Entered Command Line Example 396 Figure 260 Valid Parameter Entered Command Line Example 396 Figure 261 Intern...

Page 32: ...Prestige 2602R Series User s Guide 32 List of Figures...

Page 33: ...le 13 Media Bandwidth Mgnt Wizard Setup Second Screen 69 Table 14 Password 70 Table 15 LAN Setup 78 Table 16 WAN Setup 84 Table 17 WAN Backup 88 Table 18 NAT Definitions 91 Table 19 NAT Mapping Types...

Page 34: ...and Subnet based Bandwidth Management Example 201 Table 59 Media Bandwidth Management Summary 206 Table 60 Media Bandwidth Management Class Setup 207 Table 61 Media Bandwidth Management Class Configur...

Page 35: ...cuits 302 Table 102 Menu 24 1 System Maintenance Status 304 Table 103 Menu 24 2 1 System Maintenance Information 306 Table 104 Menu 24 3 2 System Maintenance Syslog and Accounting 308 Table 105 Menu 2...

Page 36: ...ver Setup SMT Menu 15 407 Table 143 Menu 21 1 Filter Set 1 SMT Menu 21 1 409 Table 144 Menu 21 1 Filer Set 2 SMT Menu 21 1 412 Table 145 Menu 23 System Menus SMT Menu 23 417 Table 146 Menu 24 11 Remot...

Page 37: ...System Management Terminal SMT or command interpreter interface to configure your Prestige Not all features can be configured through all interfaces Related Documentation Supporting Disk Refer to the...

Page 38: ...and SPACE BAR means the Space Bar Mouse action sequences are denoted using a comma For example In Windows click Start Settings and then Control Panel means first click Start then point your mouse poi...

Page 39: ...upstream capacity Asymmetrical services ADSL are suitable for Internet users because more information is usually downloaded than uploaded For example a simple button click in a web browser can start...

Page 40: ...Prestige 2602R Series User s Guide 40 Introduction to DSL...

Page 41: ...lephone Service Models ending in 3 denote a device that works over ISDN Integrated Services Digital Network Models ending in 7 denote a device that works over T ISDN UR 2 Note Only use firmware for yo...

Page 42: ...uter to access the Internet and the Prestige without changing the network settings such as IP address and subnet mask of the computer when the IP addresses of the computer and the Prestige are not in...

Page 43: ...that helps to smooth out the variations in delay jitter for voice traffic This helps ensure good voice quality for your conversations Multiple SIP Accounts The Prestige allows you to simultaneously us...

Page 44: ...on the network PPPoE Support RFC2516 PPPoE Point to Point Protocol over Ethernet emulates a dial up connection It allows your ISP to use their existing network configuration with newer broadband tech...

Page 45: ...d the router takes the shortest path to forward a packet IP Policy Routing IPPR provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy define...

Page 46: ...1 2 1 1 Internet Single User Account For a SOHO Small Office Home Office environment your Prestige offers the Single User Account SUA feature that allows multiple users on the LAN Local Area Network...

Page 47: ...figure shows a basic example of how you would make a peer to peer VoIP call You use your analog phone A in the figure and the Prestige B changes the call into VoIP The Prestige then sends your call t...

Page 48: ...lication for your Prestige is shown as follows Figure 5 Prestige LAN to LAN Application 1 2 6 Front Panel LEDs Figure 6 Front Panel The following table describes the LEDs Table 2 Front Panel LEDs LED...

Page 49: ...self testing Orange On The VoIP SIP registration was successful Off The Prestige is not receiving power PHONE 1 2 Green On The telephone s connected to this port is are in use Blinking The telephone s...

Page 50: ...Prestige 2602R Series User s Guide 50 Chapter 1 Getting To Know Your Prestige...

Page 51: ...Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 JavaScripts enabled by default Java permissions enabled by default See the Troubleshooting chapter if you need to make sure th...

Page 52: ...nactivity Simply log back into the Prestige if this happens to you 2 1 2 Resetting the Prestige If you forget your password or cannot access the web configurator you will need to use the RESET button...

Page 53: ...r different Prestige models Click Wizard Setup to begin a series of screens to configure your Prestige for the first time Click a link under Advanced Setup to configure advanced Prestige features Clic...

Page 54: ...re your Prestige s Quality of Service settings Phone Use this screen to configure your Prestige s phone settings Speed Dial Use this screen to configure speed dial for SIP phone numbers that you call...

Page 55: ...tatistics Maintenance System Status This screen contains administrative and system related information DHCP Table This screen displays DHCP Dynamic Host Configuration Protocol related information and...

Page 56: ...Prestige 2602R Series User s Guide 56 Chapter 2 Introducing the Web Configurator...

Page 57: ...d screens to configure your system for Internet access and Voice with the information provided by your ISP and voice service provider Your ISP may have already configured some of the fields in the wiz...

Page 58: ...tiplexing method used by your ISP from the Multiplex drop down list box either VC based or LLC based Virtual Circuit ID VPI Virtual Path Identifier and VCI Virtual Channel Identifier define a virtual...

Page 59: ...time and specify an idle time out in seconds in the Max Idle Timeout field The default setting selects Connection on Demand with 0 as the idle time out which means the Internet session will not timeo...

Page 60: ...IP Address text box below Subnet Mask Enter a subnet mask in dotted decimal notation Refer to the appendix on IP subnettig to calculate a subnet mask If you are implementing subnetting ENET ENCAP Gate...

Page 61: ...our ISP assigned IP address in the IP Address text box below Connection Select Connect on Demand when you don t want the connection up all the time and specify an idle time out in seconds in the Max I...

Page 62: ...r or text that comes before the symbol in a full SIP URI You can use up to 127 ASCII characters SIP Local Port Use this field to configure the Prestige s listening port for SIP Leave this field set to...

Page 63: ...in name that comes after the symbol in a full SIP URI You can use up to 127 ASCII Extended set characters Authentication User ID This is the user name for registering this SIP account with the SIP reg...

Page 64: ...Series User s Guide 64 Chapter 3 Wizard Setup Figure 16 Internet Access Wizard Setup Fourth Screen If you want to change your Prestige LAN settings click Change LAN Configuration to display the screen...

Page 65: ...client Select Off to disable DHCP server When DHCP server is used set the following items Client IP Pool Starting Address This field specifies the first of the contiguous addresses in the IP address p...

Page 66: ...s the Internet open the web configurator again to confirm that the Internet settings you configured in the Wizard Setup are correct 3 2 Media Bandwidth Management This section shows you how to configu...

Page 67: ...also be transported over TCP using the default port number 5060 FTP File Transfer Program enables fast transfer of files including large files that may not be possible by e mail FTP uses port number 2...

Page 68: ...restige s WAN or LAN port Select the service to apply bandwidth management These check boxes are applicable when you select the Active check box above Create bandwidth management classes by selecting...

Page 69: ...th is divided equally amongst those services Services not specified in bandwidth management are allocated bandwidth after all specified services receive their bandwidth requirements If the rules set u...

Page 70: ...click Password in the Site Map screen Figure 22 Password The following table describes the fields in this screen Table 14 Password LABEL DESCRIPTION Old Password Type the default password or the exis...

Page 71: ...ual physical connection determines whether the Prestige ports are LAN or WAN ports There are two separate IP networks one inside the LAN network and the other outside the WAN network as shown next Fig...

Page 72: ...through IPCP negotiation The Prestige supports the IPCP DNS server extensions through the DNS proxy feature If the Primary and Secondary DNS Server fields in the LAN Setup screen are not specified fo...

Page 73: ...way houses on a street share a common street name so too do computers on a LAN share one common network number Where you obtain your network number depends on your particular situation If the ISP or...

Page 74: ...he IANA from an ISP or it can be assigned from a private network If you belong to a small organization and your Internet access is through an ISP the ISP can provide you with the Internet addresses fo...

Page 75: ...up and is used by IP multicast computers The address 224 0 0 1 is used for query messages and is assigned to the permanent group of all IP hosts including gateways All hosts must join the 224 0 0 1 gr...

Page 76: ...Protocol address IP address to a physical machine address also known as a Media Access Control or MAC address on the local area network IP routing table is defined on IP Ethernet devices the Prestige...

Page 77: ...es an entry in the IP routing table so it can properly forward packets intended for the computer After all the routing information is updated the computer can access the Prestige and the Internet as i...

Page 78: ...selected in the DHCP field above then enter the IP address of the actual remote DHCP server here TCP IP IP Address Enter the IP address of your Prestige in dotted decimal notation for example 192 168...

Page 79: ...Gateway field in the second wizard screen You can get this information from your ISP 5 1 1 2 PPP over Ethernet PPPoE provides access control and billing functionality in a manner similar to dial up se...

Page 80: ...ying information being contained in each packet header Despite the extra bandwidth and processing overhead this method may be advantageous if it is not practical to have a separate VC for each carried...

Page 81: ...ffers flat rate service or you need a constant connection and the cost is of no concern 5 2 Metric The metric represents the cost of transmission A router determines the best route for transmission by...

Page 82: ...need PPPoE software installed since the Prestige does that part of the task Furthermore with NAT all of the LANs computers will have access 5 4 Traffic Shaping Traffic Shaping is an agreement between...

Page 83: ...thod from the ISP and makes the necessary configuration changes In cases where additional account information such as an Internet account user name and password is required or the Prestige cannot conn...

Page 84: ...elds in this screen Table 16 WAN Setup LABEL DESCRIPTION Name Enter the name of your Internet Service Provider e g MyISP This information is for identification purposes only Mode Select Routing defaul...

Page 85: ...ell Rate PCR This is the maximum rate at which the sender can send cells Type the PCR here Sustain Cell Rate The Sustain Cell Rate SCR sets the average cell rate long term that can be transmitted Type...

Page 86: ...AT for application where NAT is not appropriate Disable PPPoE pass through if you do not need to allow hosts on the LAN to use PPPoE client software on their computers to connect to the ISP Subnet Mas...

Page 87: ...three logical networks with the Prestige itself as the gateway for each LAN network Put the protected LAN in one subnet Subnet 1 in the following figure and the backup gateway in another subnet Subne...

Page 88: ...ctivate traffic redirect you must configure at least one IP address here When using a WAN backup connection the Prestige periodically pings the addresses configured here and uses the other WAN backup...

Page 89: ...Address Metric This field sets this route s priority among the routes the Prestige uses The metric represents the cost of transmission A router determines the best route for transmission by choosing a...

Page 90: ...Prestige 2602R Series User s Guide 90 Chapter 5 WAN Setup...

Page 91: ...efers to the IP address of a host when the packet is in the local network while the global address refers to the IP address of the host when the same packet is traveling in the WAN side Note that insi...

Page 92: ...ge 94 NAT offers the additional benefit of firewall protection With no servers defined your Prestige filters out all incoming inquiries thus preventing intruders from probing your network For more inf...

Page 93: ...ollowing figure illustrates a possible NAT application where three inside LANs logical LANs using IP Alias behind the Prestige can communicate with three distinct WAN networks More examples follow at...

Page 94: ...ers of different services behind the NAT to be accessible to the outside world Port numbers do not change for One to One and Many to Many No Overload NAT mapping types The following table summarizes t...

Page 95: ...o not allow you to run any server processes such as a Web or FTP server from your location Your ISP may periodically check for servers and may suspend your account if it discovers any active services...

Page 96: ...e example You assign the LAN IP addresses and the ISP assigns the WAN IP address The NAT network appears as a single host on the Internet IP address assigned by ISP Figure 33 Multiple Servers Behind N...

Page 97: ...reen Refer to Table 20 on page 95 for port numbers commonly used for particular services Table 21 NAT Mode LABEL DESCRIPTION None Select this radio button to disable NAT SUA Only Select this radio but...

Page 98: ...of ports enter the start port number here and the end port number in the End Port No field End Port No Enter a port number in this field To forward only one port enter the port number again in the St...

Page 99: ...your Prestige s address mapping settings click NAT Select Full Feature and click Edit Details to open the following screen Figure 36 Address Mapping Rules The following table describes the fields in t...

Page 100: ...mapping type M 1 Many to One mode maps multiple local IP addresses to one global IP address This is equivalent to SUA i e PAT port address translation ZyXEL s Single User Account feature that previou...

Page 101: ...tside world Local Start IP This is the starting local IP address ILA Local IP addresses are N A for Server port mapping Local End IP This is the end local IP address ILA If your rule is for all local...

Page 102: ...Prestige 2602R Series User s Guide 102 Chapter 6 Network Address Translation NAT Screens...

Page 103: ...P is an application layer control signaling protocol that handles the setting up altering and tearing down of voice and multimedia sessions over the Internet SIP signaling is separate from the media f...

Page 104: ...ringing 3 B sends an OK response after the call is answered 4 A then sends an ACK message to acknowledge that B has answered the call 5 Now A and B exchange voice media talk 6 After talking A hangs up...

Page 105: ...P user agent client to initiate a call A and B can also both act as a SIP user agent to receive the call Figure 38 SIP User Agent 7 2 3 2 SIP Proxy Server A SIP proxy server receives requests from cli...

Page 106: ...t to use client device A to call someone who is using client device C 1 Client device A sends a call invitation for C to the SIP redirect server B 2 The SIP redirect server sends the invitation back t...

Page 107: ...digital signals and decodes the digital signals back into voice signals The Prestige supports the following codecs 7 5 1 G 711 G 711 is a Pulse Code Modulation PCM waveform codec G 711 provides very g...

Page 108: ...e Waiting Indication Enable Message Waiting Indication MWI enables your phone to give you a message waiting beeping dial tone when you have a voice message s Your voice service provider must have a me...

Page 109: ...Screens Introduction This chapter covers the configuration of the VoIP screens 8 2 SIP Settings Configuration Click Voice in the navigation panel and then SIP Settings to display the following screen...

Page 110: ...ess then enter the address from the SIP Server Address field again here REGISTER Server Port Enter the SIP register server s listening port for SIP in this field If you were not given a register serve...

Page 111: ...messages that it sends Select TEL to have the Prestige use the SIP number without a domain name in the SIP messages that it sends Expiration Duration This field sets how long an entry remains registe...

Page 112: ...to first attempt to use the G 729 codec and then the G 711 codec if the peer is not set up to use G 729 Select G 729 only if you want the Prestige to only use the G 729 codec when making VoIP calls Yo...

Page 113: ...low In addition applications do not have to request a particular service or give advanced notice of where the traffic is going 1 8 4 2 1 DSCP and Per Hop Behavior DiffServ defines a new DS Differentia...

Page 114: ...ority Type a priority for voice transmissions The Prestige applies Type of Service priority tags with this priority to RTP traffic that it transmits Priorities 6 and 7 are reserved for network control...

Page 115: ...bandwidth that a call uses by not transmitting silent packets when you are not speaking 8 6 2 Comfort Noise Generation When using VAD the Prestige generates comfort noise when the other party is not...

Page 116: ...his phone port to use SIP account 1 2 or both when you make a call If you select both SIP accounts the Prestige will first try to use SIP account 2 and then SIP account 1 when you make a call You cann...

Page 117: ...dial entry You must still configure a SIP account on the Prestige in order to make a peer to peer VoIP call 8 9 Speed Dial Configuration Click Voice in the navigation panel and then Speed Dial to disp...

Page 118: ...name to identify the party that you will use this entry to call You can use up to 127 ASCII characters Type Select Use Proxy if calls to this party use your SIP account configured in the VoIP screen S...

Page 119: ...However using the flash key is preferred since the timing is much more precise With manual tapping if the duration is too long it may be interpreted as hanging up by the Prestige You can invoke all t...

Page 120: ...the call on hold If you hang up the phone but a caller is still on hold there will be a remind ring 8 10 2 2 European Call Waiting This allows you to place a call on hold while you answer another inco...

Page 121: ...u hear the ring signal or the second party answers it hang up the phone 8 10 2 4 European Three Way Conference Use the following steps to make three way conference calls 1 When you are on the phone ta...

Page 122: ...ey to put the first call on hold and answer the second call 8 10 3 3 USA Call Transfer Do the following to transfer an incoming call that you have answered to another phone 1 Press the flash key to pu...

Page 123: ...panel and then Common to display the following screen Use this screen to configure general phone port settings Figure 47 Phone Port Common The following table describes the labels in this screen Table...

Page 124: ...ge handles supplementary phone services call hold call waiting call transfer and three way conference calls Select the mode that your voice service provider supports Select Europe Type to use the supp...

Page 125: ...ccount or use the same call forwarding table for both Use the Voice Advanced Setting screen to set which call forwarding table each SIP account uses The following applies to the number fields in this...

Page 126: ...orwarding entry Incoming Call Number You can set the Prestige to take a particular action on incoming calls from a number that you specify here Forward to Number You can set the Prestige to forward in...

Page 127: ...oice service provider s dialing plan to call regular telephone numbers 9 2 Using Speed Dial to Dial a Telephone Number After configuring the speed dial entry and adding it to the phonebook press the s...

Page 128: ...de During auto provisioning the Prestige checks to see if there is a newer firmware version If newer firmware is available the Prestige plays a recording when you pick up your phone s handset Press 99...

Page 129: ...friends or relatives will always be able to call you even if they don t know your IP address First of all you need to have registered a dynamic DNS account with www dyndns org This is for people with...

Page 130: ...Provider This is the name of your Dynamic DNS service provider Host Names Type the domain name assigned to your Prestige by your Dynamic DNS provider E mail Address Type your e mail address User Type...

Page 131: ...NTP time servers it randomly selects one server and tries to synchronize with it If the synchronization fails then the Prestige goes through the rest of the list in order from the first one tried unt...

Page 132: ...teger giving the total number of seconds since 1970 1 1 at 0 0 0 NTP RFC 1305 is similar to Time RFC 868 Select None to enter the time and date manually IP Address or URL Enter the IP address or URL o...

Page 133: ...eld displays the date of your Prestige Each time you reload this page the Prestige synchronizes the time with the time server New Date yyyy mm dd This field displays the last updated date from the tim...

Page 134: ...Prestige 2602R Series User s Guide 134 Chapter 11 Time and Date...

Page 135: ...or a firewall to guard effectively you must design and deploy it appropriately This requires integrating the firewall into a broad information security policy In addition specific policies must be imp...

Page 136: ...at some proxies support See Section 12 5 on page 141 for more information on Stateful Inspection Firewalls of one type or another have become an integral part of standard security solutions for enterp...

Page 137: ...et of application protocols that perform specific functions An extension number called the TCP port or UDP port identifies these protocols such as HTTP Web FTP File Transfer Protocol POP3 E mail etc F...

Page 138: ...ot Teardrop attack exploits weaknesses in the re assembly of IP packet fragments As data is transmitted through a network IP packets are often broken up into smaller chunks Each fragment looks like th...

Page 139: ...ack hackers flood SYN packets into the network with a spoofed source IP address of the targeted system This makes it appear as if the host computer sent the packets to itself making the system unavail...

Page 140: ...al NetBIOS commands are the following all others are illegal All SMTP commands are illegal except for those displayed in the following tables Table 39 ICMP Commands That Trigger Alerts 5 REDIRECT 13 T...

Page 141: ...host and should be allowed through the router or firewall The Prestige blocks all IP Spoofing attempts 12 5 Stateful Inspection With stateful inspection fields of the packets are compared to packets...

Page 142: ...ermine and record information about the state of the packet s connection This information is recorded in a new state table entry created for the new connection If there is not a firewall rule for this...

Page 143: ...rewall rules is a very powerful tool Using custom rules it is possible to disable all firewall protection or block all access to the Internet Use extreme caution when creating or deleting firewall rul...

Page 144: ...wed in through the firewall simply because they are too dangerous and contain too little tracking information For instance ICMP redirect packets are never allowed in since they could be used to rerout...

Page 145: ...hackers to crack your system Turn your computer off when not in use Never give out a password or any sensitive information to an unsolicited telephone call or e mail Never e mail sensitive information...

Page 146: ...etwork B If the filter blocks the traffic from A to B it also blocks the traffic from B to A Filters can not distinguish traffic originating from an inside host or an outside host by IP address To blo...

Page 147: ...c between inside host networks and outside host networks Remember that filters can not distinguish traffic originating from an inside host or an outside host by IP address The firewall performs better...

Page 148: ...Prestige 2602R Series User s Guide 148 Chapter 12 Firewalls...

Page 149: ...e grouped based on the direction of travel of packets to which they apply By default the Prestige s stateful packet inspection allows packets traveling in the following directions LAN to LAN Router Th...

Page 150: ...ese points carefully before configuring rules 13 3 1 Rule Checklist State the intent of the rule For example This restricts all IRC access from the LAN to the Internet Or This allows a remote Lotus No...

Page 151: ...the service is not listed it is necessary to first define it See Section 13 10 on page 163 for more information on predefined services 13 3 3 3 Source Address What is the connection s source address...

Page 152: ...tions WAN to LAN If you wish to allow certain WAN users to have access to your LAN you will need to create custom rules to allow it See the following figure Figure 57 WAN to LAN Traffic 13 4 3 Alerts...

Page 153: ...s may let traffic from the WAN go directly to a LAN computer without passing through the Prestige See Appendix E on page 389 for more on triangle route topology and how to deal with this problem Packe...

Page 154: ...en afresh Table 42 Firewall Default Policy continued LABEL DESCRIPTION Table 43 Rule Summary LABEL DESCRIPTION Firewall Rules Storage Space in Use This read only bar shows how much of the Prestige s m...

Page 155: ...which this firewall rule applies Please note that a blank source or destination address is equivalent to Any Service This drop down list box displays the services to which this firewall rule applies P...

Page 156: ...Prestige 2602R Series User s Guide 156 Chapter 13 Firewall Configuration Figure 60 Firewall Edit Rule The following table describes the labels in this screen...

Page 157: ...k Delete to remove it Services Available Selected Services Please see for more information on services available Highlight a service from the Available Services box on the left then click Add to add i...

Page 158: ...ll Customized Services 13 8 Creating Editing A Customized Service Click a rule number in the Firewall Customized Services screen to create a new custom port or edit an existing one This action display...

Page 159: ...LABEL DESCRIPTION Service Name Type a unique name for your custom port Service Type Choose the IP port TCP UDP or TCP UDP that defines your customized port from the drop down list box Port Configurat...

Page 160: ...x number for where you want to put the rule For example if you type 6 your new rule becomes number 6 and the previous rule 6 if there is one becomes rule 7 4 Click Insert to display the firewall rule...

Page 161: ...ervices screen 8 Click the number of a customized service to open the configuration screen Configure it as follows and click Apply Figure 65 Edit Custom Port Example 9 Click Back in the Customized Ser...

Page 162: ...th an before their names in the Services list box and the Rule Summary list box Click Apply after you ve created your custom port On completing the configuration procedure for this Internet firewall r...

Page 163: ...y also be configured using the Customized Services function discussed previously Table 47 Predefined Services SERVICE DESCRIPTION AIM NEW_ICQ TCP 5190 AOL s Internet Messenger service used as a listen...

Page 164: ...System NFS is a client server distributed file service that provides transparent file sharing for network environments NNTP TCP 119 Network News Transport Protocol is the delivery mechanism for the US...

Page 165: ...tocol SSDP is a discovery service searching for Universal Plug and Play devices on your home network or upstream Internet gateways using DUDP port 1900 SSH TCP UDP 22 Secure Shell Remote Login Program...

Page 166: ...nt hackers from finding the Prestige by probing for unused ports If you select this option the Prestige will not respond to port request s for unused ports thus leaving the unused ports and the Presti...

Page 167: ...igure 52 on page 138 For UDP half open means that the firewall has detected no return traffic The Prestige measures both the total number of existing half open sessions and the rate of session establi...

Page 168: ...ing half open sessions One Minute High This is the rate of new half open sessions that causes the firewall to start deleting half open sessions When the rate of new connection attempts rises above thi...

Page 169: ...e destination host IP address that causes the firewall to start dropping half open sessions to that same destination host IP address Enter a number between 1 and 256 As a general rule you should choos...

Page 170: ...Prestige 2602R Series User s Guide 170 Chapter 13 Firewall Configuration...

Page 171: ...can set a schedule for when the Prestige performs content filtering You can also specify trusted IP addresses on the LAN for which the Prestige will not perform content filtering 14 2 Configuring Keyw...

Page 172: ...that you have configured the Prestige to block Delete Highlight a keyword in the box and click Delete to remove it Clear All Click Clear All to remove all of the keywords from the list Keyword Type a...

Page 173: ...e screen appears as shown Table 51 Content Filter Schedule LABEL DESCRIPTION Days to Block Select a check box to configure which days of the week or everyday you want the content filtering to be activ...

Page 174: ...beginning IP address of a specific range of computers on the LAN that you want to exclude from content filtering To Type the ending IP address of a specific range of users on your LAN that you want t...

Page 175: ...g firewall rules You may manage your Prestige from a remote location via Internet WAN only ALL LAN and WAN LAN only Neither Disable When you Choose WAN only or ALL LAN WAN you still need to configure...

Page 176: ...l rule that blocks it 15 1 2 Remote Management and NAT When NAT is enabled Use the Prestige s WAN IP address when configuring from the WAN Use the Prestige s LAN IP address when configuring from the L...

Page 177: ...tes a service that you may use to remotely manage the Prestige Access Status Select the access interface Choices are All LAN Only WAN Only and Disable Port This field shows the port number for the rem...

Page 178: ...Prestige 2602R Series User s Guide 178 Chapter 15 Remote Management Configuration...

Page 179: ...pear as a separate icon Selecting the icon of a UPnP device will allow you to access the information and properties of that device 16 1 2 NAT Traversal UPnP NAT traversal automates the process of allo...

Page 180: ...C ZyXEL s UPnP implementation supports IGD 1 0 Internet Gateway Device At the time of writing ZyXEL s UPnP implementation supports Windows Messenger 4 6 and 4 7 while Windows Messenger 5 0 and Xbox ar...

Page 181: ...een without entering the Prestige s IP address although you must still enter the password to access the web configurator Allow users to make configuration changes through UPnP Select this check box to...

Page 182: ...Setup Communication 3 In the Communications window select the Universal Plug and Play check box in the Components selection box Figure 77 Add Remove Programs Windows Setup Communication Components 4...

Page 183: ...dows XP 1 Click Start and Control Panel 2 Double click Network Connections 3 In the Network Connections window click Advanced in the main menu and select Optional Networking Components Figure 78 Netwo...

Page 184: ...2602R Series User s Guide 184 Chapter 16 Universal Plug and Play UPnP Figure 79 Windows Optional Networking Components Wizard 5 In the Networking Services window select the Universal Plug and Play ch...

Page 185: ...section shows you how to use the UPnP feature in Windows XP You must already have UPnP installed in Windows XP and UPnP activated on the Prestige Make sure the computer is connected to a LAN port of t...

Page 186: ...Series User s Guide 186 Chapter 16 Universal Plug and Play UPnP Figure 81 Network Connections 3 In the Internet Connection Properties window click Settings to see the port mappings there were automat...

Page 187: ...stige 2602R Series User s Guide Chapter 16 Universal Plug and Play UPnP 187 Figure 82 Internet Connection Properties 4 You may edit or delete the port mappings or click Add to manually add port mappin...

Page 188: ...erties Advanced Settings Figure 84 Internet Connection Properties Advanced Settings Add 5 When the UPnP enabled device is disconnected from your computer all port mappings will be deleted automaticall...

Page 189: ...ction Status Web Configurator Easy Access With UPnP you can access the web based configurator on the Prestige without finding out the IP address of the Prestige first This comes helpful if you do not...

Page 190: ...niversal Plug and Play UPnP Figure 87 Network Connections 4 An icon with the description for each UPnP enabled device displays under Local Network 5 Right click on the icon for your Prestige and selec...

Page 191: ...Play UPnP 191 Figure 88 Network Connections My Network Places 6 Right click on the icon for your Prestige and select Properties A properties window displays with basic information about the Prestige F...

Page 192: ...Prestige 2602R Series User s Guide 192 Chapter 16 Universal Plug and Play UPnP...

Page 193: ...ors attacks access control and attempted access to blocked web sites Some categories such as System Errors consist of both logs and alerts You may differentiate them by their color in the View Log scr...

Page 194: ...Log Settings LABEL DESCRIPTION Address Info Mail Server Enter the server name or the IP address of the mail server for the e mail addresses specified below If this field is left blank logs and alert m...

Page 195: ...ty allows you to log the messages to different files in the syslog server Refer to the documentation of your syslog program for more details Send Log Log Schedule This drop down menu is used to config...

Page 196: ...n Email Log Now Click Email Log Now to send the log screen to the e mail address specified in the Log Settings page make sure that you have first filled in the Address Info fields in Log Settings see...

Page 197: ...been sent The following is an example of a log sent by e mail You may edit the subject title The date format here is Day Month Year The date format here is Month Day Year The time format is Hour Minut...

Page 198: ...168 1 255 default policy forward 09 54 17 UDP src port 00520 dest port 00520 1 00 3 Apr 7 00 From 192 168 1 6 To 10 10 10 10 match forward 09 54 19 UDP src port 03516 dest port 00053 1 01 snip snip 1...

Page 199: ...nt also allows you to configure the allowed output for an interface to match what the network can handle This helps reduce delays and dropped packets at the next routing device For example you can set...

Page 200: ...ndwidth Allocation Bandwidth management allows you to define how much bandwidth each class gets however the actual bandwidth allotted to each class decreases or increases in proportion to actual avail...

Page 201: ...applications in each subnet are allotted bandwidth Figure 95 Application and Subnet based Bandwidth Management Example 18 5 Scheduler The scheduler divides up an interface s bandwidth among the bandw...

Page 202: ...le maximize bandwidth usage the Prestige first makes sure that each bandwidth class gets up to its bandwidth allotment Next the Prestige divides up an interface s available bandwidth bandwidth that is...

Page 203: ...the classes that require more bandwidth Therefore the Prestige divides a total of 3 Mbps total of unbudgeted and unused bandwidth among the classes that require more bandwidth In this case suppose tha...

Page 204: ...child class first The child class can also borrow bandwidth from a higher parent class grandparent class if the child class s parent class is also configured to borrow bandwidth from its parent class...

Page 205: ...g to each bandwidth class s bandwidth budget 2 The Prestige assigns a parent class s unused bandwidth to its child classes that have more traffic than their budgets and have bandwidth borrowing enable...

Page 206: ...amount of bandwidth for this interface that you want to allocate using bandwidth management This appears as the bandwidth budget of the interface s root class The recommendation is to set this speed t...

Page 207: ...each have bigger bandwidth budgets than the total of the budgets of their child classes The child classes can borrow the extra bandwidth as long as they have bandwidth borrowing enabled see Section 1...

Page 208: ...Child Class button to open the following screen Figure 101 Media Bandwidth Management Class Configuration The following table describes the labels in this screen Table 61 Media Bandwidth Management Cl...

Page 209: ...bandwidth filter for FTP traffic H 323 is a standard teleconferencing protocol suite that provides audio data and video conferencing It allows for real time point to point and multipoint communicatio...

Page 210: ...e Mail Transfer Protocol 25 DNS Domain Name System 53 Finger 79 HTTP Hyper Text Transfer protocol or WWW Web 80 POP3 Post Office Protocol 110 NNTP Network News Transport Protocol 119 SNMP Simple Netwo...

Page 211: ...e interval in seconds to define how often the information should be refreshed Set Interval Click Set Interval to apply the new update period you entered in the Update Period field above Stop Update Cl...

Page 212: ...ide 212 Chapter 18 Media Bandwidth Management Advanced Setup Back Click Back to go to the main Media Bandwidth Management screen Refresh Click Refresh to update the page Table 64 Media Bandwidth Manag...

Page 213: ...nd port traffic statistics 19 1 Maintenance Overview The maintenance screens can help you view system information upload new firmware manage configuration and restart your Prestige 19 2 System Status...

Page 214: ...Prestige 2602R Series User s Guide 214 Chapter 19 Maintenance Figure 104 System Status...

Page 215: ...This is the WAN port DHCP role Server Relay not all Prestige models or None DHCP Start IP This is the first of the contiguous addresses in the IP address pool DHCP Pool Size This is the number of IP a...

Page 216: ...PU Load This field specifies the percentage of CPU utilization LAN or WAN Port Statistics This is the WAN or LAN port Link Status This is the status of your WAN link Upstream Speed This is the upstrea...

Page 217: ...he number of collisions on this port Voice Statistics The voice statistics fields apply to calls currently being made or received on a telephone connected to one of the Prestige s phone ports Phone Th...

Page 218: ...he following table describes the labels in this screen Table 67 DHCP Table LABEL DESCRIPTION Host Name This is the name of the host computer IP Address This field displays the IP address relative to t...

Page 219: ...eneral to open the screen shown next Figure 108 Diagnostic General MAC Address This field displays the MAC Media Access Control address of the computer with the displayed IP address Every Ethernet dev...

Page 220: ...ne Table 69 Diagnostic General LABEL DESCRIPTION TCP IP Address Type the IP address of a computer that you want to ping in order to test a connection Ping Click this button to ping the IP address that...

Page 221: ...gnostic DSL Line LABEL DESCRIPTION Reset ADSL Line Click this button to reinitialize the ADSL line The large text box above then displays the progress and results of this operation for example Start t...

Page 222: ...Figure 111 Network Temporarily Disconnected After two minutes log in again and check your new firmware version in the System Status screen Table 71 Firmware Upgrade LABEL DESCRIPTION File Path Type i...

Page 223: ...Prestige 2602R Series User s Guide Chapter 19 Maintenance 223 If the upload was not successful the following screen will appear Click Back to go back to the Firmware screen Figure 112 Error Message...

Page 224: ...Prestige 2602R Series User s Guide 224 Chapter 19 Maintenance...

Page 225: ...om left corner Run and then type telnet 192 168 1 1 the default IP address and click OK 2 Enter 1234 in the Password field 3 After entering the password you will see the main menu Please note that if...

Page 226: ...or ENTER or UP DOWN arrow keys Within a menu press ENTER to move to the next field You can also use the UP DOWN arrow keys to move to the previous and the next field respectively Entering information...

Page 227: ...up Use this menu to setup traffic redirect and dial back up 3 LAN Setup Use this menu to set up your and LAN connection 4 Internet Access Setup A quick and easy way to set up an Internet connection 11...

Page 228: ...11 1 Remote Node Profile 11 3 Remote Node Network Layer Options 11 5 Remote Node Filter 11 6 Remote Node ATM Layer Options 11 8 Advance Setup Options 12 Static Routing Setup 12 1 IP Static Route Setup...

Page 229: ...Information and Console Port Speed 24 2 1 Information 24 2 2 Change Console Port Speed 24 3 Log and Trace 24 3 1 View Error Log 24 3 2 UNIX Syslog 24 4 Diagnostic 24 5 Backup Configuration 24 6 Restor...

Page 230: ...Guide 230 Chapter 20 Introducing the SMT 4 Re type your new system password in the Retype to confirm field for confirmation and press ENTER Note Note that as you type a password the screen displays an...

Page 231: ...Windows 2000 click Start Settings Control Panel and then double click System Click the Network Identification tab and then the Properties button Note the entry for the Computer name field and enter it...

Page 232: ...location up to 31 characters of your Prestige Contact Person s Name optional Enter the name up to 30 characters of the person in charge of this Prestige Domain Name Enter the domain name if you know i...

Page 233: ...your dynamic DNS service provider Active Press SPACE BAR to select Yes and then press ENTER to make dynamic DNS active Host Enter the domain name assigned to your Prestige by your dynamic DNS provide...

Page 234: ...Prestige 2602R Series User s Guide 234 Chapter 21 Menu 1 General Setup...

Page 235: ...Fail Tolerance 0 Recovery Interval sec 0 ICMP Timeout sec 0 Traffic Redirect No Press ENTER to Confirm or ESC to Cancel Table 78 Menu 2 WAN Backup Setup FIELD DESCRIPTION Check Mechanism Press SPACE B...

Page 236: ...me if your destination IP address handles lots of traffic ICMP Timeout Type the number of seconds for an ICMP session to wait for the ICMP response Traffic Redirect Press SPACE BAR to select Yes or No...

Page 237: ...with the lowest cost RIP routing uses hop count as the measurement of cost with a minimum of 1 for directly connected networks The number must be between 1 and 15 a number greater than 15 means the li...

Page 238: ...Prestige 2602R Series User s Guide 238 Chapter 22 Menu 2 WAN Backup Setup...

Page 239: ...ou wish to apply to the Ethernet traffic You seldom need to filter Ethernet traffic however the filter sets may be useful to block certain packets reduce traffic and prevent security breaches Figure 1...

Page 240: ...TCP IP To edit menu 3 2 enter 3 from the main menu to display Menu 3 LAN Setup When menu 3 appears press 2 and press ENTER to display Menu 3 2 TCP IP and DHCP Ethernet Setup as shown next Figure 121...

Page 241: ...is selected in the DHCP field above then enter the IP address of the actual remote DHCP server here Table 81 TCP IP Ethernet Setup FIELD DESCRIPTION TCP IP Setup IP Address Enter the LAN IP address of...

Page 242: ...Prestige 2602R Series User s Guide 242 Chapter 23 Menu 3 LAN Setup...

Page 243: ...e policy defined by the network administrator Policy based routing is applied to incoming packets on a per interface basis prior to the normal routing Create policies using SMT menu 25 see Chapter 36...

Page 244: ...the second and third network Figure 123 Menu 3 2 TCP IP and DHCP Setup Pressing ENTER displays Menu 3 2 1 IP Alias Setup as shown next Menu 3 2 TCP IP and DHCP Setup DHCP Setup DHCP Server Client IP...

Page 245: ...ELD DESCRIPTION IP Alias Choose Yes to configure the LAN network for the Prestige IP Address Enter the IP address of your Prestige in dotted decimal notation IP Subnet Mask Your Prestige will automati...

Page 246: ...Encapsulation Gateway IP address if you are using ENET ENCAP encapsulation From the main menu type 4 to display Menu 4 Internet Access Setup as shown next Figure 126 Menu 4 Internet Access Setup The...

Page 247: ...a bursty on off traffic source that can be sent at the peak rate and a parameter for burst traffic Type the SCR it must be less than the PCR Maximum Burst Size MBS 0 Refers to the maximum number of ce...

Page 248: ...Prestige 2602R Series User s Guide 248 Chapter 24 Internet Access...

Page 249: ...s you are configuring one of the remote nodes You first choose a remote node in Menu 11 Remote Node Setup You can then edit that node s profile in menu 11 1 as well as configure specific settings in t...

Page 250: ...ion Here are some examples of more suitable combinations in such an application 25 2 2 1 Scenario 1 One VC Multiple Protocols PPPoA RFC 2364 encapsulation with VC based multiplexing is the best combin...

Page 251: ...and then ENTER to select Yes to activate or No to deactivate this node Inactive nodes are displayed with a minus sign in SMT menu 11 Encapsulation PPPoA refers to RFC 2364 PPP Encapsulation over ATM A...

Page 252: ...dit Advance Options This field is only available when you select PPPoE in the Encapsulation field Press SPACE BAR to select Yes and press ENTER to display Menu 11 8 Advance Setup Options Telco Option...

Page 253: ...able 85 Menu 11 3 Remote Node Network Layer Options FIELD DESCRIPTION IP Address Assignment Press SPACE BAR and then ENTER to select Dynamic if the remote node is using a dynamically assigned IP addre...

Page 254: ...rectly connected networks Type a number that approximates the cost for this link The number need not be precise but it must be between 1 and 15 In practice 2 or 3 is usually a good number Private This...

Page 255: ...mote Node Filter to specify the filter set s to apply to the incoming and outgoing traffic between this remote node and the Prestige and also to prevent certain packets from triggering calls You can s...

Page 256: ...stige depending on whether you chose VC based LLC based multiplexing and PPP encapsulation in menu 11 1 25 5 1 VC based Multiplexing non PPP Encapsulation For VC based multiplexing by prior agreement...

Page 257: ...the VCI is 32 to 65535 1 to 31 is reserved for local management of ATM traffic 25 5 3 Advance Setup Options In menu 11 1 select PPPoE in the Encapsulation field Menu 11 6 Remote Node ATM Layer Options...

Page 258: ...onfirm or ESC to Cancel Menu 11 8 Advance Setup Options PPPoE pass through No Press ENTER to Confirm or ESC to Cancel Table 86 Menu 11 8 Advance Setup Options FIELD DESCRIPTION PPPoE pass through Pres...

Page 259: ...Each remote node specifies only the network to which the gateway is directly connected and the Prestige has no knowledge of the networks beyond For instance the Prestige knows about network N2 in the...

Page 260: ...Static Route Menu 12 Static Route Setup 1 IP Static Route 3 Bridge Static Route Please enter selection Menu 12 1 IP Static Route Setup 1 ________ 2 ________ 3 ________ 4 ________ 5 ________ 6 ________...

Page 261: ...ss Type the IP address of the gateway The gateway is an immediate neighbor of your Prestige that will forward the packet to the destination On the LAN the gateway must be a router on the same segment...

Page 262: ...Prestige 2602R Series User s Guide 262 Chapter 26 Static Route Setup...

Page 263: ...er protocol and it also demands more CPU cycles and memory For efficiency reasons do not turn on bridging unless you need to support protocols other than IP on your network For IP enable the routing i...

Page 264: ...on Options Authen N A Edit Filter Sets No Idle Timeout sec N A Press ENTER to Confirm or ESC to Cancel Menu 11 3 Remote Node Network Layer Options IP Options Bridge Options IP Address Assignment Stati...

Page 265: ...Cancel Table 89 Menu 12 3 1 Edit Bridge Static Route FIELD DESCRIPTION Route This is the route index number you typed in Menu 12 3 Bridge Static Route Setup Route Name Type a name for the bridge stati...

Page 266: ...Prestige 2602R Series User s Guide 266 Chapter 27 Bridging Setup...

Page 267: ...orts two types of mapping Many to One and Server See Section 28 3 on page 269or a detailed description of the NAT set for SUA The Prestige also supports Full Feature NAT to map multiple global IP addr...

Page 268: ...options for Network Address Translation Menu 4 Internet Access Setup ISP s Name MyISP Encapsulation RFC 1483 Multiplexing LLC based VPI 8 VCI 35 ATM QoS Type UBR Peak Cell Rate PCR 0 Sustain Cell Rat...

Page 269: ...rator screens for further information on these menus To configure NAT enter 15 from the main menu to bring up the following screen Figure 146 Menu 15 NAT Setup 28 3 1 Address Mapping Sets Enter 1 to b...

Page 270: ...Menu Selection Number Menu 15 1 255 Address Mapping Rules Set Name SUA Idx Local Start IP Local End IP Global Start IP Global End IP Type 1 0 0 0 0 255 255 255 255 0 0 0 0 M 1 2 0 0 0 0 Server 3 4 5...

Page 271: ...ed If there are any empty rules before your new configured rule your configured rule will be pushed up by that number of empty rules For example if you have already configured rules 1 to 6 in your cur...

Page 272: ...will be deleted Action The default is Edit Edit means you want to edit a selected rule see following field Insert Before means to insert a rule before the rule selected The rules after the selected ru...

Page 273: ...amic IP enter 0 0 0 0 as the Global IP Start Note that Global IP Start can be set to 0 0 0 0 only if the types are Many to One or Server End This is the ending inside global IP address IGA This field...

Page 274: ...ting as an FTP Telnet and SMTP server ports 21 23 and 25 at 192 168 1 33 6 Press ENTER at the Press ENTER to confirm prompt to save your configuration after you define all the servers or press ESC at...

Page 275: ...the Many to One mapping discussed in Section 28 5 on page 274 The SUA Only read only option from the Network Address Translation field in menus 4 and 11 3 is specifically pre configured to handle this...

Page 276: ...e the other IGA Map the FTP servers to the first two IGAs and the other LAN traffic to the remaining IGA Map the third IGA to an inside web server and mail server Four rules need to be configured two...

Page 277: ...ose the Full Feature option from the Network Address Translation field in menu 4 or menu 11 3 in Figure 159 on page 278 1 Enter 15 from the main menu 2 Enter 1 to configure the Address Mapping Sets 3...

Page 278: ...ons IP Address Assignment Static Ethernet Addr Timeout min 0 Rem IP Addr 0 0 0 0 Rem Subnet Mask 0 0 0 0 My WAN Addr 0 0 0 0 NAT Full Feature Address Mapping Set 2 Metric 2 Private No RIP Direction Bo...

Page 279: ...g Rules Set Name Example3 Idx Local Start IP Local End IP Global Start IP Global End IP Type 1 192 168 1 10 10 132 50 1 1 1 2 192 168 1 11 10 132 50 2 1 1 3 0 0 0 0 255 255 255 255 10 132 50 3 M 1 4 1...

Page 280: ...some gaming programs are NAT unfriendly because they embed addressing information in the data stream These applications won t work through NAT even when using One to One and Many to Many No Overload...

Page 281: ...4 Menu 15 1 1 Address Mapping Rules Menu 15 1 1 Address Mapping Rules Set Name Example4 Idx Local Start IP Local End IP Global Start IP Global End IP Type 1 192 168 1 10 192 168 1 12 10 132 50 1 10 1...

Page 282: ...Prestige 2602R Series User s Guide 282 Chapter 28 Network Address Translation NAT...

Page 283: ...by far the most comprehensive firewall configuration tool your Prestige has to offer For this reason it is recommended that you configure your firewall using the web configurator see the following cha...

Page 284: ...S attacks when it is active The default Policy sets 1 allow all sessions originating from the LAN to the WAN and 2 deny all sessions originating from the WAN to the LAN You may define additional Polic...

Page 285: ...user defined call filters Your Prestige has built in call filters that prevent administrative for example RIP packets from triggering calls These filters are always enabled and not accessible to you Y...

Page 286: ...ribe how to configure filter sets 30 1 1 The Filter Structure of the Prestige A filter set consists of one or more filter rules Usually you would group related rules for example all the rules for NetB...

Page 287: ...press ENTER 4 Type a descriptive name or comment in the Edit Comments field and press ENTER 5 Press ENTER at the message Press ENTER to confirm to display Menu 21 1 1 Filter Rules Summary that is if y...

Page 288: ...0 0 0 0 DA 0 0 0 0 DP 139 N D N 4 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 137 N D N 5 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 138 N D N 6 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 139 N D F Enter Filter Rule Number...

Page 289: ...chain with the present rule An action cannot be taken until the rule chain is complete N means there are no more rules to check You can specify an action to be taken for instance forward the packet dr...

Page 290: ...nu fields are provided for protocol and device filter sets If you include a protocol filter set in a device filters field or vice versa the Prestige will warn you and will not allow you to save 30 4 1...

Page 291: ...e field range is 0 to 65535 A 0 field is ignored Port Comp Select the comparison to apply to the destination port in the packet against the value given in Destination Port Choices are None Less Greate...

Page 292: ...onfirm or ESC to Cancel to save your configuration or press ESC at any time to cancel Table 96 Menu 21 1 x x TCP IP Filter Rule continued FIELD DESCRIPTION Packet into IP Filter Matched Matched Yes Ac...

Page 293: ...hown in the following figure Figure 175 Menu 21 1 5 1 Generic Filter Rule The next table describes the fields in the Generic Filter Rule menu Menu 21 1 5 1 Generic Filter Rule Filter 5 1 Filter Type G...

Page 294: ...ace The interface can be an Ethernet or any other hardware port The following figure illustrates this Figure 176 Protocol and Device Filter Sets More If Yes a matching packet is passed to the next fil...

Page 295: ...he index number of the filter set you want to configure in this case 6 3 Type a descriptive name or comment in the Edit Comments field for example TELNET_WAN and press ENTER 4 Press ENTER at the messa...

Page 296: ...tivated A Y a TCP IP filter rule Type IP Pr 6 for destination telnet ports DP 23 M N means an action can be taken immediately The action is to drop the packet m D if the action is matched and to forwa...

Page 297: ...numbers separated by commas for example 3 4 6 11 The factory default filter set NetBIOS_LAN is inserted in the protocol filters field under Input Filter Sets in menu 3 1 in order to prevent local NetB...

Page 298: ...r Sets in menu 11 5 to block local NetBIOS traffic from triggering calls to the ISP Figure 181 Filtering Remote Node Traffic Note that call filter sets are visible when you select PPPoA or PPPoE encap...

Page 299: ...network The Prestige supports SNMP version one SNMPv1 and version two c SNMPv2c The next figure illustrates an SNMP management operation SNMP is only available if TCP IP is configured Figure 182 SNMP...

Page 300: ...etrieve an object variable from the agent GetNext Allows the manager to retrieve the next object variable from a table or list within an agent In SNMPv1 when a manager wants to retrieve all elements o...

Page 301: ...nt station Trusted Host If you enter a trusted host your Prestige will only respond to SNMP messages from this address A blank default field means your Prestige will respond to all SNMP messages it re...

Page 302: ...d 6 whyReboot defined in ZYXEL MIB A trap is sent with the reason of restart before rebooting when the system is going to restart warm start 6a For intentional reboot A trap is sent with the message S...

Page 303: ...ives you information on the status and statistics of the ports as shown next System Status is a tool that can be used to monitor your Prestige Specifically it gives you information on your DSL telepho...

Page 304: ...tream Speed 0 kbps Press Command COMMANDS 1 Reset Counters ESC Exit Table 102 Menu 24 1 System Maintenance Status FIELD DESCRIPTION Node Lnk This is the node index number and link type Link types are...

Page 305: ...on and Console Port Speed 32 3 1 System Information Enter 1 in menu 24 2 to display the screen shown next Line Status This shows the current status of the xDSL line which can be Up or Down Upstream Sp...

Page 306: ...9 00 00 01 IP Address 192 168 1 1 IP Mask 255 255 255 0 DHCP Server Press ESC or RETURN to Exit Table 103 Menu 24 2 1 System Maintenance Information FIELD DESCRIPTION Name Displays the system name of...

Page 307: ...mething goes wrong is the error log Follow the procedures to view the local error trace log 1 Type 24 in the main menu to display Menu 24 System Maintenance 2 From menu 24 type 3 to display Menu 24 3...

Page 308: ...pause 1 day 57 Sat Jan 01 00 00 03 2000 PP21 INFO monitoring WAN connectivity 58 Sat Jan 01 00 03 06 2000 PP19 INFO SMT Password pass 59 Sat Jan 01 00 03 06 2000 PP01 INFO SMT Session Begin 60 Sat Ja...

Page 309: ...02 OutCall Connected 64000 40002 Jul 19 11 20 06 192 168 102 2 ZYXEL board 0 line 0 channel 0 call 1 C02 Call Terminated 2 Packet Triggered SdcmdSyslogSend SYSLOG_PKTTRI SYSLOG_NOTICE String String Pa...

Page 310: ...55 192 168 102 2 ZYXEL IP Src 202 132 154 123 Dst 255 255 255 255 UDP spo 0208 dpo 0208 S03 R01mF Jul 19 14 44 00 192 168 102 2 ZYXEL IP Src 192 168 102 20 Dst 202 132 154 1 UDP spo 05d4 dpo 0035 S03...

Page 311: ...ance Menu Diagnostic FIELD DESCRIPTION Reset xDSL Re initialize the xDSL link to the telephone company Ping Host Ping the host to see if the links and TCP IP protocol on both systems are working Reboo...

Page 312: ...Prestige 2602R Series User s Guide 312 Chapter 32 System Information and Diagnosis...

Page 313: ...name of your choosing ZyNOS ZyXEL Network Operating System sometimes referred to as the ras file is the system firmware and has a bin filename extension With many FTP and TFTP clients the filenames ar...

Page 314: ...backup the current Prestige configuration to your computer Backup is highly recommended once your Prestige is functioning properly FTP is the preferred methods for backing up your current configuratio...

Page 315: ...enames it config rom See earlier in this chapter for more information on filename conventions 7 Enter quit to exit the ftp prompt 33 2 3 Example of FTP Commands from the Command Line Menu 24 5 System...

Page 316: ...le session running 331 Enter PASS command Password 230 Logged in ftp bin 200 Type I OK ftp get rom 0 zyxel rom 200 Port command okay 150 Opening data connection for STOR ras 226 File received OK ftp 1...

Page 317: ...le transfer is complete 4 Launch the TFTP client on your computer and connect to the Prestige Set the transfer mode to binary before starting data transfer 5 Use the TFTP client see the example below...

Page 318: ...tart after the file transfer is complete Note Do not interrupt the file transfer process as this may PERMANENTLY DAMAGE YOUR Prestige 33 3 1 Restore Using FTP For details about backup using T FTP plea...

Page 319: ...r to Section 33 2 5 on page 316 to read about configurations that disallow TFTP and FTP over WAN Menu 24 6 System Maintenance Restore Configuration To transfer the firmware and configuration file to y...

Page 320: ...firmware and the configuration file using FTP Figure 198 Telnet Into Menu 24 7 1 Upload System Firmware 33 4 2 Configuration File Upload You see the following screen when you telnet into menu 24 7 2 M...

Page 321: ...fers the configuration file on the Prestige to your computer and renames it config rom See earlier in this chapter for more information on filename conventions 7 Enter quit to exit the ftp prompt The...

Page 322: ...the SMT in command interpreter CI mode by entering 8 in Menu 24 System Maintenance 3 Enter the command sys stdio 0 to disable the console timeout so the TFTP transfer will not be interrupted Enter sy...

Page 323: ...ras where i specifies binary image transfer mode use this mode when transferring binary files host is the Prestige s IP address and put transfers the file source on the computer firmware bin name of t...

Page 324: ...Prestige 2602R Series User s Guide 324 Chapter 33 Firmware and Configuration File Maintenance...

Page 325: ...on CI commands Enter 8 from Menu 24 System Maintenance A list of valid commands can be found by typing help or at the command prompt Type exit to return to the SMT main menu when finished Figure 201 C...

Page 326: ...ontrol menu select option 9 in menu 24 to go to Menu 24 9 System Maintenance Call Control as shown in the next table Figure 203 Menu 24 9 System Maintenance Call Control 34 2 1 Budget Management Menu...

Page 327: ...n displayed in the Prestige error logs and firewall logs Select menu 24 in the main menu to open Menu 24 System Maintenance as shown next Figure 205 Menu 24 System Maintenance Then enter 10 to go to M...

Page 328: ...ormat displays a 4 byte integer giving the total number of seconds since 1970 1 1 at 0 0 0 NTP RFC 1305 is similar to Time RFC 868 None The default enter the time manually Time Server Address Enter th...

Page 329: ...stem Maintenance 329 34 3 1 Resetting the Time The Prestige resets the time in three instances On leaving menu 24 10 after making changes When the Prestige starts up if there is a timeserver configure...

Page 330: ...Prestige 2602R Series User s Guide 330 Chapter 34 System Maintenance...

Page 331: ...configuring firewall rules 35 2 Remote Management To disable remote management of a service select Disable in the corresponding Server Access field Enter 11 from menu 24 to display Menu 24 11 Remote...

Page 332: ...s LAN only Secured Client IP 0 0 0 0 FTP Server Server Port 21 Server Access LAN only Secured Client IP 0 0 0 0 Web Server Server Port 80 Server Access LAN only Secured Client IP 0 0 0 0 Press ENTER t...

Page 333: ...dress when configuring from the LAN 35 4 System Timeout There is a default system management idle timeout of five minutes three hundred seconds The Prestige automatically logs you out if the managemen...

Page 334: ...Prestige 2602R Series User s Guide 334 Chapter 35 Remote Management...

Page 335: ...ecedence or TOS Type of Service values in the IP header at the periphery of the network to enable the backbone to prioritize traffic Cost Savings IPPR allows organizations to distribute interactive tr...

Page 336: ...e main menu to open Menu 25 IP Routing Policy Setup 2 Type the index of the policy set you want to configure to open Menu 25 1 IP Routing Policy Setup Menu 25 1 shows the summary of a policy set inclu...

Page 337: ...__________________________________________________________ ______________________________________________________________________ 5 N __________________________________________________________________...

Page 338: ...licy Inactive policies are displayed with a minus sign in SMT menu 25 Criteria IP Protocol IP layer 4 protocol for example UDP TCP ICMP etc Type of Service Prioritize incoming network traffic by choos...

Page 339: ...selected Gateway addr in the Gateway type field defines the outgoing gateway address here The gateway must be on the same subnet as the Prestige if it is on the LAN otherwise the gateway must be the...

Page 340: ...e default IP route and route 2 represents the configured IP route Menu 3 2 TCP IP and DHCP Setup DHCP Setup DHCP Server Client IP Pool Starting Address 192 168 1 33 Size of Client IP Pool 32 Primary D...

Page 341: ...4 IP Routing Policy Example 1 Check Menu 25 1 IP Routing Policy Setup to see if the rule is added correctly 2 Create another policy set in menu 25 Menu 25 1 1 IP Routing Policy Policy Set Name 1 Activ...

Page 342: ...t Care Packet length 10 Precedence Don t Care Len Comp Equal Source addr start 0 0 0 0 end N A port start 0 end N A Destination addr start 0 0 0 0 end N A port start 20 end 21 Action Matched Gateway...

Page 343: ...take precedence over higher numbered sets thereby avoiding scheduling conflicts For example if sets 1 2 3 and 4 in are applied in the remote node then set 1 will take precedence over set 2 3 and 4 as...

Page 344: ...Yes or No Choose Yes and press ENTER to activate the schedule set Start Date Enter the start date when you wish the set to take effect in year month date format Valid dates are from the present to 20...

Page 345: ...means that the connection is blocked whether or not there is a demand call on the line Enable Dial On Demand means that this schedule permits a demand call on the line Disable Dial On Demand means tha...

Page 346: ...Prestige 2602R Series User s Guide 346 Chapter 37 Call Scheduling...

Page 347: ...appropriate power source Make sure that the Prestige and the power source are both turned on Turn the Prestige off and on If the error persists you may have a hardware problem In this case you should...

Page 348: ...C address or the host name The username and password apply to PPPoE and PPPoA encapsulation only Make sure that you have entered the correct Service Type User Name and Password be sure to use the corr...

Page 349: ...our computer s IP address must match it Refer to the chapter on remote management for details Your computer s and the Prestige s IP addresses must be on the same subnet for LAN access If you changed t...

Page 350: ...in Windows XP SP Service Pack 2 or allow pop up blocking and create an exception for your device s IP address 38 4 1 1 1 Disable pop up Blockers 1 In Internet Explorer select Tools Pop up Blocker and...

Page 351: ...to save this setting 38 4 1 1 2 Enable pop up Blockers with Exceptions Alternatively if you only want to allow pop up windows from your device see the following steps 1 In Internet Explorer select To...

Page 352: ...38 Troubleshooting Figure 222 Internet Options 3 Type the IP address of your device the web page that you do not want to have blocked with the prefix http For example http 192 168 1 1 4 Click Add to m...

Page 353: ...ngs 5 Click Close to return to the Privacy screen 6 Click Apply to save this setting 38 4 1 2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer check that JavaS...

Page 354: ...igure 224 Internet Options 2 Click the Custom Level button 3 Scroll down to Scripting 4 Under Active scripting make sure that Enable is selected the default 5 Under Scripting of Java applets make sure...

Page 355: ...ttings Java Scripting 38 4 1 3 Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll down to Microsoft VM 4 Under Ja...

Page 356: ...8 Troubleshooting Figure 226 Security Settings Java 38 4 1 3 1 JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 make sure that Use Java 2 for applet under Jav...

Page 357: ...ly configured I cannot call from one of the Prestige s phone ports to the other phone port You cannot call the SIP number of the SIP account that you are using to make a call The Prestige generates a...

Page 358: ...Prestige 2602R Series User s Guide 358 Chapter 38 Troubleshooting...

Page 359: ...evice Specifications Default IP Address 192 168 1 1 Default Subnet Mask 255 255 255 0 24 bits Default Password 1234 DHCP Pool 192 168 1 32 to 192 168 1 64 Dimensions 248 W x 168 D x 37 H mm Weight 350...

Page 360: ...Virtual Circuits I 610 F4 F5 OAM Other Protocol Support PPP Point to Point Protocol link layer protocol Transparent bridging for unsupported network layer protocols DHCP Server Client Relay RIP I RIP...

Page 361: ...ncellation 8ms 16ms Fax and data modem discrimination Silence Suppression Voice Activity Detection VAD Comfort Noise Generation CNG Dynamic Jitter Butter DTMF Detection and Generation DTMF In band and...

Page 362: ...122204 Input Power 120VAC 60Hz Output Power 12V AC 1A Power Consumption 12W Safety Standards UL CUL UL 1950 EUROPEAN PLUG STANDARDS AC Power Adapter Model ADS6818 1818 B 1810 Input Power AC 100 240Vo...

Page 363: ...s 3 1 requires the purchase of a third party TCP IP application package TCP IP should already be installed on computers using Windows NT 2000 XP Macintosh OS 7 and later operating systems After the ap...

Page 364: ...for Microsoft Networks If you need the adapter 1 In the Network window click Add 2 Select Adapter and then click Add 3 Select the manufacturer and model of your network adapter and then click OK If y...

Page 365: ...rk adapter s TCP IP entry and click Properties 2 Click the IP Address tab If your IP address is dynamic select Obtain an IP address automatically If you have a static IP address select Specify an IP a...

Page 366: ...d close the TCP IP Properties window 6 Click OK to close the Network window Insert the Windows CD if prompted 7 Turn on your Prestige and restart your computer when prompted Verifying Settings 1 Click...

Page 367: ...omputer s IP Address 367 Figure 232 Windows XP Start Menu 2 In the Control Panel double click Network Connections Network and Dial up Connections in Windows 2000 NT Figure 233 Windows XP Control Panel...

Page 368: ...e General tab in Win XP and then click Properties Figure 235 Windows XP Local Area Connection Properties 5 The Internet Protocol TCP IP Properties window opens the General tab in Windows XP If you hav...

Page 369: ...sses click Add In TCP IP Address type an IP address in IP address and a subnet mask in Subnet mask and then click Add Repeat the above two steps for each IP address you want to add Configure additiona...

Page 370: ...dow the General tab in Windows XP Click Obtain DNS server address automatically if you do not know your DNS server IP address es If you know your DNS server IP address es click Use the following DNS s...

Page 371: ...Network Connections window Network and Dial up Connections in Windows 2000 NT 11Turn on your Prestige and restart your computer if prompted Verifying Settings 1 Click Start All Programs Accessories a...

Page 372: ...Setting up Your Computer s IP Address Figure 239 Macintosh OS 8 9 Apple Menu 2 Select Ethernet built in from the Connect via list Figure 240 Macintosh OS 8 9 TCP IP 3 For dynamically assigned settings...

Page 373: ...Click Save if prompted to save changes to your configuration 7 Turn on your Prestige and restart your computer if prompted Verifying Settings Check your TCP IP properties in the TCP IP Control Panel...

Page 374: ...bnet mask in the Subnet mask box Type the IP address of your Prestige in the Router address box 5 Click Apply Now and close the window 6 Turn on your Prestige and restart your computer if prompted Ver...

Page 375: ...eps below to configure your computer IP address using the KDE 1 Click the Red Hat button located on the bottom left corner select System Setting and click Network Figure 243 Red Hat 9 0 KDE Network Co...

Page 376: ...your DNS server IP address es click the DNS tab in the Network Configuration screen Enter the DNS server information in the fields provided Figure 245 Red Hat 9 0 KDE Network Configuration DNS 5 Click...

Page 377: ...lowing example shows an example where the static IP address is 192 168 1 10 and the subnet mask is 255 255 255 0 Figure 248 Red Hat 9 0 Static IP Address Setting in ifconfig eth0 2 If you know your DN...

Page 378: ...utting down loopback interface OK Setting network parameters OK Bringing up loopback interface OK Bringing up interface eth0 OK root localhost ifconfig eth0 Link encap Ethernet HWaddr 00 50 BA 72 5B 4...

Page 379: ...in a manner similar to dial up services using PPP Benefits of PPPoE PPPoE offers the following benefits It provides you with a familiar dial up networking DUN user interface It lessens the burden on...

Page 380: ...ccess Concentrator and tunnels the PPP frames to the ISP The L2TP tunnel is capable of carrying multiple PPP sessions With PPPoE the VC Virtual Circuit is equivalent to the dial up connection and is b...

Page 381: ...address the first two octets make up the network number and the two remaining octets make up the host ID Class C addresses begin starting from the left with 1 1 0 In a class C address the first three...

Page 382: ...the host ID Subnet masks are expressed in dotted decimal notation just as IP addresses are The natural masks for class A B and C IP addresses are as follows Subnetting With subnetting the class arran...

Page 383: ...address 192 168 1 0 with subnet mask of 255 255 255 0 The first three octets of the address make up the network number class C You want to have two separate networks Divide the network 192 168 1 0 int...

Page 384: ...255 255 255 128 is the directed broadcast address for the first subnet Therefore the lowest IP address that can be assigned to an actual host for the first subnet is 192 168 1 1 and the highest is 19...

Page 385: ...68 1 0 IP Address Binary 11000000 10101000 00000001 00000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address 192 168 1 0 Lowest Host ID 192 168 1 1 Broadcast Address 192 168 1 63...

Page 386: ...1111 11111111 11111111 11000000 Subnet Address 192 168 1 192 Lowest Host ID 192 168 1 193 Broadcast Address 192 168 1 255 Highest Host ID 192 168 1 254 Table 134 Eight Subnets SUBNET SUBNET ADDRESS FI...

Page 387: ...or subnetting The following table is a summary for class B subnet planning Table 136 Class B Subnet Planning NO BORROWED HOST BITS SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 1 255 255 128 0 17 2 32766...

Page 388: ...Prestige 2602R Series User s Guide 388 Appendix D IP Subnetting...

Page 389: ...ceiving data packets between two Ethernet devices Some companies have more than one alternate route to one or more ISPs If the LAN and ISP s are in the same subnet the triangle route problem may occur...

Page 390: ...hree logical LAN interfaces with the Prestige being the gateway for each logical network By putting your LAN and Gateway B in different subnets all returning network traffic must pass through the Pres...

Page 391: ...A second solution to the triangle route problem is to put all of your network gateways on the WAN side as the following figure shows This ensures that all incoming network traffic passes through your...

Page 392: ...Prestige 2602R Series User s Guide 392 Appendix E Triangle Route...

Page 393: ...time of signaling sessions The SIP UA sends registration packets to the SIP server periodically and keeps the session alive in the Prestige If the SIP client does not have this mechanism and makes no...

Page 394: ...Prestige 2602R Series User s Guide 394 Appendix F SIP Passthrough...

Page 395: ...allowed input where input is your input conforming to parameter values allowed The figure shown next is an example of an Internal SPTGEN text file Figure 258 Configuration Text File Format Column Des...

Page 396: ...ne Example The Prestige will display the following if you enter parameter s that are valid Figure 260 Valid Parameter Entered Command Line Example Internal SPTGEN FTP Download Example 1 Launch your FT...

Page 397: ...ernal SPTGEN FTP Upload Example Example Internal SPTGEN Screens This section covers Prestige Internal SPTGEN screens c ftp 192 168 1 1 220 PPP FTP version 1 0 ready at Sat Jan 1 03 22 12 2000 User 192...

Page 398: ...Yes 0 Table 139 Menu 3 SMT Menu 3 Menu 3 1 General Ethernet Setup SMT menu 3 1 FIN FN PVA INPUT 30100001 Input Protocol filters Set 1 2 30100002 Input Protocol filters Set 2 256 30100003 Input Protoc...

Page 399: ...0 30200011 Version 0 Rip 1 1 Rip 2B 2 Rip 2M 0 30200012 Multicast 0 IGMP v2 1 IGMP v1 2 None 2 30200013 IP Policies Set 1 1 12 256 30200014 IP Policies Set 2 1 12 256 30200015 IP Policies Set 3 1 12...

Page 400: ...th 2 In Only 3 Out Only 0 30201018 Version 0 Rip 1 1 Rip 2B 2 Rip 2M 0 30201019 IP Alias 2 Incoming protocol filters Set 1 256 30201020 IP Alias 2 Incoming protocol filters Set 2 256 30201021 IP Alias...

Page 401: ...1 Enable 0 MENU 3 5 1 WLAN MAC ADDRESS FILTER SMT MENU 3 5 1 FIN FN PVA INPUT 30501001 Mac Filter Active 0 No 1 Yes 0 30501002 Filter Action 0 Allow 1 Deny 0 30501003 Address 1 00 00 00 00 0 0 00 3050...

Page 402: ...et mask 0 40000016 ISP incoming protocol filter set 1 6 40000017 ISP incoming protocol filter set 2 256 40000018 ISP incoming protocol filter set 3 256 40000019 ISP incoming protocol filter set 4 256...

Page 403: ...0 No 1 Yes 0 Menu 12 1 2 IP Static Route Setup SMT Menu 12 1 2 FIN FN PVA INPUT 120102001 IP Static Route set 2 Name 120102002 IP Static Route set 2 Active 0 No 1 Yes 0 120102003 IP Static Route set...

Page 404: ...n IP subnetmask 0 120105005 IP Static Route set 5 Gateway 0 0 0 0 120105006 IP Static Route set 5 Metric 0 120105007 IP Static Route set 5 Private 0 No 1 Yes 0 Menu 12 1 6 IP Static Route Setup SMT Me...

Page 405: ...IP Static Route set 9 Destination IP address 0 0 0 0 120109004 IP Static Route set 9 Destination IP subnetmask 0 120109005 IP Static Route set 9 Gateway 0 0 0 0 120109006 IP Static Route set 9 Metric...

Page 406: ...FN PVA INPUT 120113001 IP Static Route set 13 Name Str 120113002 IP Static Route set 13 Active 0 No 1 Yes 0 120113003 IP Static Route set 13 Destination IP address 0 0 0 0 120113004 IP Static Route se...

Page 407: ...k 0 120116005 IP Static Route set 16 Gateway 0 0 0 0 120116006 IP Static Route set 16 Metric 0 120116007 IP Static Route set 16 Private 0 No 1 Yes 0 Table 141 Menu 12 SMT Menu 12 continued Table 142 M...

Page 408: ...ll 6 TCP 17 U DP 0 0 0 0 150000029 SUA Server 7 Port Start 0 150000030 SUA Server 7 Port End 0 150000031 SUA Server 7 Local IP address 0 0 0 0 150000032 SUA Server 8 Active 0 No 1 Yes 0 150000033 SUA...

Page 409: ...21 1 1 1 set 1 rule 1 SMT Menu 21 1 1 1 FIN FN PVA INPUT 210101001 IP Filter Set 1 Rule 1 Type 2 TCP IP 2 210101002 IP Filter Set 1 Rule 1 Active 0 No 1 Yes 1 210101003 IP Filter Set 1 Rule 1 Protoco...

Page 410: ...ot equal 3 less 4 greater 0 210102013 IP Filter Set 1 Rule 2 Act Match 1 check next 2 forward 3 drop 3 210102014 IP Filter Set 1 Rule 2 Act Not Match 1 check next 2 forward 3 drop 1 Menu 21 1 1 3 set...

Page 411: ...ss 0 0 0 0 210104009 IP Filter Set 1 Rule 4 Src Subnet Mask 0 210104010 IP Filter Set 1 Rule 4 Src Port 0 210104011 IP Filter Set 1 Rule 4 Src Port Comp 0 none 1 equal 2 not equal 3 less 4 greater 0 2...

Page 412: ...lter Set 1 Rule 6 Dest IP address 0 0 0 0 210106005 IP Filter Set 1 Rule 6 Dest Subnet Mask 0 210106006 IP Filter Set 1 Rule 6 Dest Port 139 210106007 IP Filter Set 1 Rule 6 Dest Port Comp 0 none 1 eq...

Page 413: ...lter Set 2 Rule 1 Src Port 0 210201011 IP Filter Set 2 Rule 1 Src Port Comp 0 none 1 equal 2 not equal 3 less 4 gr eater 0 210201013 IP Filter Set 2 Rule 1 Act Match 1 check next 2 forward 3 drop 3 21...

Page 414: ...210203004 IP Filter Set 2 Rule 3 Dest IP address 0 0 0 0 210203005 IP Filter Set 2 Rule 3 Dest Subnet Mask 0 210203006 IP Filter Set 2 Rule 3 Dest Port 139 210203007 IP Filter Set 2 Rule 3 Dest Port C...

Page 415: ...4 gr eater 0 210204013 IP Filter Set 2 Rule 4 Act Match 1 check next 2 forward 3 drop 3 210204014 IP Filter Set 2 Rule 4 Act Not Match 1 check next 2 forward 3 drop 1 Menu 21 1 2 5 Filter set 2 rule 5...

Page 416: ...ask 0 210206006 IP Filter Set 2 Rule 6 Dest Port 139 210206007 IP Filter Set 2 Rule 6 Dest Port Comp 0 none 1 equal 2 not equal 3 less 4 gr eater 1 210206008 IP Filter Set 2 Rule 6 Src IP address 0 0...

Page 417: ...111 230200006 Accounting Server Configured 0 No 1 Yes 1 230200007 Accounting Server Active 0 No 1 Yes 1 230200008 Accounting Server IP Address 192 168 1 44 230200009 Accounting Server Port 1823 230200...

Page 418: ...Menu 24 11 Remote Management Control SMT Menu 24 11 FIN FN PVA INPUT 241100001 TELNET Server Port 23 241100002 TELNET Server Access 0 all 1 none 2 L an 3 Wan 0 241100003 TELNET Server Secured IP addre...

Page 419: ...Prestige 2602R Series User s Guide Appendix G Internal SPTGEN 419 FIN FN PVA INPUT 990000001 ADSL OPMD 0 etsi 1 normal 2 gdmt 3 multimo de 3 Table 147 Command Examples continued FIN FN PVA INPUT...

Page 420: ...Prestige 2602R Series User s Guide 420 Appendix G Internal SPTGEN...

Page 421: ...the unit and possibly render it unusable Command Syntax The command keywords are in courier new font Enter the command keywords exactly as shown do not abbreviate The required fields in a command are...

Page 422: ...Prestige 2602R Series User s Guide 422 Appendix H Command Interpreter...

Page 423: ...ewall Enables disables the firewall cnt disp Displays the firewall log type and count clear Clears the firewall log count pktdump Dumps the last 64 bytes of packets that the firewall has dropped dynam...

Page 424: ...Prestige 2602R Series User s Guide 424 Appendix I Firewall Commands...

Page 425: ...Prestige boot module commands as shown in the next screen ATBAx allows you to change the console port speed The x denotes the number preceding the colon to give the console port speed following the co...

Page 426: ...write Country code to flash ROM ATCB copy from FLASH ROM to working buffer ATCL clear working buffer ATSB save working buffer to FLASH ROM ATBU dump manufacturer related data in working buffer ATSH du...

Page 427: ...Successful TELNET login Someone has logged on to the router via telnet TELNET login failed Someone has failed to log on to the router via telnet Successful FTP login Someone has logged on to the route...

Page 428: ...etBIOS filter settings WAN connection is down A WAN connection is down You cannot access the network through this interface Table 151 Access Control Logs LOG MESSAGE DESCRIPTION Firewall default polic...

Page 429: ...s 3600 Exceed MAX incomplete sent TCP RST The router sent a TCP reset packet when the number of incomplete connections TCP and UDP exceeded the user configured threshold Incomplete count is for all T...

Page 430: ...le board 0 line 0 channel 0 call 3 C01 Outgoing Call dev 6 ch 0 Means the router has dialed to the PPPoE server 3 times board d line d channel d call d s C02 OutCall Connected d s The PPPoE PPTP or di...

Page 431: ...MP type d code d The firewall detected an ICMP land attack ip spoofing WAN TCP UDP IGMP ESP GRE OSPF The firewall detected an IP spoofing attack on the WAN port ip spoofing WAN ICMP type d code d The...

Page 432: ...aveling from the LAN to the LAN or the Prestige W to W Prestige WAN to WAN Prestige ACL set for packets traveling from the WAN to the WAN or the Prestige Table 161 ICMP Notes TYPE CODE DESCRIPTION 0 E...

Page 433: ...cat category This message is sent by the system RAS displays as the system name if you haven t configured one when the router generates a syslog The facility is defined in the web MAIN MENU LOGS Log S...

Page 434: ...hone call failed because the RTP session could not be established Error RTP connection cannot close The termination of an RTP session failed Table 165 FSM Logs Caller Side LOG MESSAGE DESCRIPTION VoIP...

Page 435: ...restige is to record Table 166 FSM Logs Callee Side LOG MESSAGE DESCRIPTION VoIP Call Start from SIP SIP Port Number A VoIP phone call came to the Prestige from the listed SIP number VoIP Call Establi...

Page 436: ...gs and alerts for that category Not every parameter is available with every category 5 Use the sys logs save command to store the settings in the Prestige you must do this in order to record logs Disp...

Page 437: ...n notes message 7 01 01 2000 09 40 13 192 168 1 1 3 192 168 1 33 1 ACCESS FO RWARD Router reply ICMP packet ICMP type 3 code 1 8 01 01 2000 09 40 07 192 168 1 1 3 192 168 1 33 1 ACCESS FO RWARD Router...

Page 438: ...Prestige 2602R Series User s Guide 438 Appendix K Log Descriptions...

Page 439: ...ptation Layer type 5 360 ATM Layer Options 256 ATM Loopback Test 221 ATM QoS Type 247 ATM Status 221 Attack Alert 168 Attack Types 140 AUTH TCP 113 163 Authentication 252 Authentication Password 63 11...

Page 440: ...61 Codec 107 112 Codecs 361 Coder Decoder 107 112 Collision 304 Collisions 217 Comfort Noise Generation 43 115 361 Command Interpreter Mode 325 Communications 4 Community 300 Compliance FCC 4 Componen...

Page 441: ...tion Protocol 44 Dynamic Jitter Buffer 43 Dynamic Jitter Butter 361 DYNDNS Wildcard 129 E ECHO 95 Echo Cancellation 43 115 361 Electric Shock 5 Electrical Pipes 5 Electrocution 5 E mail Log Example 19...

Page 442: ...32 Restrictions 332 FTP TCP 20 21 163 FTP File Transfer 320 FTP Restrictions 175 316 FTP Server 277 Functionally Equivalent 6 G G 168 43 115 361 G 711 107 112 361 G 729 107 112 361 G 992 1 360 G 992 3...

Page 443: ...IP Addressing 381 IP Alias 45 243 IP Alias Setup 244 IP Classes 381 IP Filter 292 Logic Flow 292 IP Mask 291 IP Multicasting 360 IP Packet 293 IP Policies 243 339 IP Policy 243 IP Policy Routing 335 I...

Page 444: ...250 LLC based 80 VC based 80 Multiprotocol Encapsulation 80 My WAN Address 253 N N A Fields 226 Nailed Up Connection 81 NAT 73 95 96 294 Address Mapping Rule 100 Application 93 Applying NAT in the SM...

Page 445: ...daptation Layer 5 AAL5 79 Point to Point 39 Point to point Calls 361 Point to Point Tunneling Protocol 96 164 Policy based Routing 335 Pool 5 POP3 95 137 138 POP3 TCP 110 164 Port Forwarding 361 Port...

Page 446: ...0 REGISTER Server Port 63 110 Registered 3 Registered Trademark 3 Regular Mail 7 Related Documentation 37 Relocate 4 Re manufactured 6 Remote Command Service 164 Remote Desktop Protocol 165 Remote DHC...

Page 447: ...eceiver 4 Serial Number 7 Server 38 94 269 271 272 273 274 275 276 277 328 Server Behind NAT 273 Service 5 6 151 Service Personnel 5 Service Type 159 348 Services 95 Session Description Protocol 361 S...

Page 448: ...Sub class Layers 207 Subnet Mask 73 157 241 253 261 306 Subnet Masks 382 Subnetting 382 Supplementary Phone Services 119 Supplementary Services 119 Supply Voltage 5 Support E mail 7 Supporting Disk 37...

Page 449: ...vice 114 335 337 338 339 U UBR 247 UBR Unspecified Bit Rate 85 UDP 165 UDP ICMP Security 144 Undesired Operations 4 Uniform Resource Identifier 103 Universal Plug and Play 179 Application 179 Security...

Page 450: ...mation 215 WAN Setup 79 235 WAN to LAN Rules 152 Warnings 5 Warranty 6 Warranty Information 7 Warranty Period 6 Water 5 Water Pipes 5 Web Configurator 51 53 136 144 151 284 web configurator screen sum...

Reviews:

No comments

Related manuals for Prestige 2602R Series

D-Link xStack Storage DSN-4000 Series Datasheet preview
xStack Storage DSN-4000 Series
Brand: D-Link Pages: 5
Patton electronics 470 Series User Manual preview
470 Series
Brand: Patton electronics Pages: 2
Patton electronics 1084 Installation And Operation Manual preview
1084
Brand: Patton electronics Pages: 16
Patton electronics IpLink 2884 Getting Started Manual preview
IpLink 2884
Brand: Patton electronics Pages: 51
iDirect iQ Desktop+ Installation, Support, And Maintenance Manual preview
iQ Desktop+
Brand: iDirect Pages: 52
Edgewater Networks 200EW/E Quick Start Manual preview
200EW/E
Brand: Edgewater Networks Pages: 7
D3 DesignCore RVP-TDA3 Series Quick Start Manual preview
DesignCore RVP-TDA3 Series
Brand: D3 Pages: 34
Analog Devices EZ-Extender Analog 120-Pin Probing Board Manual preview
EZ-Extender Analog 120-Pin Probing Board
Brand: Analog Devices Pages: 29
Orolia Seven Solutions WR-ZEN Series User Manual preview
Seven Solutions WR-ZEN Series
Brand: Orolia Pages: 167
TRENDnet TEG-S51SFP Quick Installation Manual preview
TEG-S51SFP
Brand: TRENDnet Pages: 10
ZKTeco HVR0402 User Manual preview
HVR0402
Brand: ZKTeco Pages: 68
IFM Electronic OVP800 Operating Instructions Manual preview
OVP800
Brand: IFM Electronic Pages: 14
Acromag APCe7012E-LF User Manual preview
APCe7012E-LF
Brand: Acromag Pages: 23
Top RAMS1000 User Manual preview
RAMS1000
Brand: Top Pages: 21
Softing TH LINK Installation Manual preview
TH LINK
Brand: Softing Pages: 16
VideoWave Adam Device User Manual preview
Adam Device
Brand: VideoWave Pages: 12
TDK Powereta iQP Series Product Brief preview
Powereta iQP Series
Brand: TDK Pages: 2
Cypress Semiconductor CY7C1441AV33 Specification Sheet preview
CY7C1441AV33
Brand: Cypress Semiconductor Pages: 31

Brands by name

Popular brands

Load more brands