Home
/
ZyXEL Communications
/
Prestige 650ME
/
User Manual

ZyXEL Communications Prestige 650ME, User Manual, Page: 112 / 199

Share

Page: 112 / 199

ZyXEL Communications Prestige 650ME User Manual Download Page 112

Prestige 650ME ADSL Bridge

8-16

Filter Configuration

8.4 Filter Types and NAT

There are two classes of filter rules,

Generic Filter

Device rules and Protocol Filter (

TCP/IP

) rules.

Generic Filter rules act on the raw data from/to LAN and WAN. Protocol Filter

rules act on IP packets.

When NAT (Network Address Translation) is enabled, the inside IP address and port number are replaced
on a connection-by-connection basis, which makes it impossible to know the exact address and port on the
wire. Therefore, the Prestige applies the protocol filters to the “native” IP address and port number before
NAT for outgoing packets and after NAT for incoming packets. On the other hand, the generic (or device)
filters are applied to the raw packets that appear on the wire. They are applied at the point where the
Prestige is receiving and sending the packets; for instance, the interface. The interface can be an Ethernet,
or any other hardware port. The following figure illustrates this.

Figure 8-14 Protocol and Device Filter Sets

8.5 Example

Filter

Let’s look at an example to block outside users from telnetting into the Prestige. See the

included disk

for

example filters.

«
...
110
111
112
113
114
...
»

Summary of Contents for Prestige 650ME

Page 1: ...Prestige 650ME ADSL Bridge User s Guide Version 3 40 September 2002...

Page 2: ...yXEL Communications Corporation All rights reserved Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products or software described herein Neither does it co...

Page 3: ...ency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications If this equipment does cause harmful interference to radio televisi...

Page 4: ...purchaser This warranty is in lieu of all other warranties express or implied including any implied warranty of merchantability or fitness for a particular use or purpose ZyXEL shall in no event be he...

Page 5: ...w europe zyxel com WORLDWIDE sales zyxel com tw 886 3 578 2439 ftp europe zyxel com ZyXEL Communications Corp 6 Innovation Road II Science Based Industrial Park Hsinchu 300 Taiwan support zyxel com 1...

Page 6: ...tige 2 1 2 2 Rear Panel Connections of the Prestige 2 2 2 2 1 DSL Port 2 4 2 2 2 Console Port 2 4 2 2 3 LAN 10 100M Port 2 4 2 2 4 Power Port 2 4 2 2 5 Reset Button 2 4 2 3 Additional Installation Req...

Page 7: ...IP Multicast 3 5 3 5 IP Policies 3 5 3 6 IP Alias 3 5 3 6 1 IP Alias Setup 3 6 3 7 Route IP Setup 3 8 3 8 TCP IP Ethernet Setup and DHCP 3 8 3 9 Multiplexing 3 11 3 9 1 VC based Multiplexing 3 11 3 9...

Page 8: ...ss Only 7 6 7 2 2 Example 2 Internet Access with an Inside Server 7 8 ADVANCED MANAGEMENT III Chapter 8 Filter Configuration 8 1 8 1 About Filtering 8 1 8 2 Configuring a Filter Set 8 4 8 2 1 Filter R...

Page 9: ...Example 11 9 11 3 3 Restore Via Console Port 11 9 11 4 Uploading Firmware and Configuration Files 11 10 11 4 1 Firmware File Upload 11 10 11 4 2 Configuration File Upload 11 11 11 4 3 FTP File Upload...

Page 10: ...2 15 4 2 Remote Management Limitations 15 3 15 5 Remote Management and NAT 15 3 15 6 System Timeout 15 3 ADDITIONAL INFORMATION IV Chapter 16 Troubleshooting 16 1 16 1 Problems Starting Up the Presti...

Page 11: ...oned Logical Networks 3 6 Figure 3 4 Menu 3 2 TCP IP and DHCP Ethernet Setup 3 6 Figure 3 5 Menu 3 2 1 IP Alias Setup 3 7 Figure 3 6 Menu 1 General Setup 3 8 Figure 3 7 Menu 3 2 TCP IP and DHCP Ethern...

Page 12: ...y 8 7 Figure 8 11 Menu 21 1 1 TCP IP Filter Rule 8 10 Figure 8 12 Executing an IP Filter 8 13 Figure 8 13 Menu 21 5 1 Generic Filter Rule 8 14 Figure 8 14 Protocol and Device Filter Sets 8 16 Figure 8...

Page 13: ...ure 11 17 Example Xmodem Upload 11 14 Figure 11 18 Menu 24 7 2 as seen using the Console Port 11 15 Figure 11 19 Example Xmodem Upload 11 16 Figure 12 1 Command Mode in Menu 24 12 1 Figure 12 2 Valid...

Page 14: ...Route Menu Fields 5 5 Table 6 1 Remote Node Bridge Options 6 2 Table 6 2 Edit Bridge Static Route Menu Fields 6 3 Table 7 1 Services and Port Numbers 7 1 Table 7 2 Applying NAT in Menus 4 11 3 7 4 Tab...

Page 15: ...nu 24 11 Remote Management Control 15 2 Table 16 1 Troubleshooting the Start Up of Your Prestige 16 1 Table 16 2 Troubleshooting the LAN Interface 16 1 Table 16 3 Troubleshooting the WAN Interface 16...

Page 16: ...tor Advanced users may configure the Prestige using CLI Command Line Interface commands Don t forget to register your Prestige fast easy online registration at www zyxel com for free future product up...

Page 17: ...d and arrow keys are enclosed in square brackets ENTER means the Enter or carriage return key ESC means the Escape key and SPACE BAR means the Space Bar For brevity s sake we will use e g as a shortha...

Page 18: ...am capacity Asymmetrical services ADSL are suitable for Internet users because more information is usually downloaded than uploaded For example a simple button click in a web browser can start an exte...

Page 19: ...is part is structured as a step by step guide to help you connect install and set up your Prestige to operate on your network and to access the Internet Described are Key Features and Applications Har...

Page 20: ......

Page 21: ...on for almost any user High Speed Internet Access Your Prestige can support downstream transmission rates of up to 8Mbps and upstream transmission rates of 832 Kbps Prestige with ADSL over POTS also s...

Page 22: ...sal Plug and Play UPnP Using the standard TCP IP protocol the Prestige and other UPnP enabled devices can dynamically join a network obtain an IP address and convey its capabilities to other devices o...

Page 23: ...Relay where it relays IP address assignment from the actual real DHCP server to the clients IP Alias IP Alias allows you to partition a physical network into logical networks over the same Ethernet i...

Page 24: ...capsulation The Prestige supports RFC 1483 as well as PPP over Ethernet RFC 2516 encapsulations Network Management Menu driven SMT System Management Terminal management Embedded web configurator CLI C...

Page 25: ...ts check the integrity of the following circuitry FLASH memory ADSL circuitry RAM LAN port Filters The Prestige s packet filtering functions allow added network security and management Ease of Install...

Page 26: ...ection for example T1 OC3 DS3 ATM or Frame Relay Think of it as the equivalent of a modem rack for ADSL A typical Internet Access application is shown below Figure 1 1 Internet Access Application Inte...

Page 27: ...Prestige 650ME ADSL Bridge Getting To Know Your Prestige 1 7 Figure 1 2 LAN to LAN Application...

Page 28: ......

Page 29: ...restige Front Panel Table 2 1 Front Panel LED Description LED COLOR STATUS DESCRIPTION On The Prestige is receiving power PWR Green Off The Prestige is not receiving power On The Prestige is functioni...

Page 30: ...LAN 100M Orange Off The Prestige does not have 100Mb Ethernet connection On The Prestige is linked successfully to a DSLAM Blinking The Prestige is initializing the DSL line DSL Green Off The DSL lin...

Page 31: ...Prestige 650ME ADSL Bridge Hardware Installation and Initial Setup 2 3 Figure 2 2 Prestige Rear Panel and Connections...

Page 32: ...lephone plug with 8 pins Use the crossover cable to connect your Prestige to a computer directly or use a straight through Ethernet cable to connect to an external hub then connect one end of the stra...

Page 33: ...bility to provide simultaneous Internet access and telephone service on the same line Splitters also eliminate the destructive interference conditions caused by telephone sets The purchase of a POTS s...

Page 34: ...elephone voice transmissions The purchase of a telephone microfilter is optional Step 1 Connect a phone cable from the wall jack to the single jack end of the Y Connector Step 2 Connect a cable from t...

Page 35: ...n the back of your Prestige is on or pressed 2 7 Configuring Your Prestige For Internet Access Configure your Prestige for Internet access using Web configurator refer to the Read Me First SMT System...

Page 36: ...blank screen press ENTER to display the login screen again Figure 2 7 Login Screen 2 8 Resetting the Prestige If you forget your password or cannot access the Prestige you will need to reload the fac...

Page 37: ...ation on how to transfer the configuration file to your Prestige using the SMT menus c Use the RESET button on the rear panel of the Prestige see the next section 2 8 2 Procedure To Use The Reset Butt...

Page 38: ...Prestige 650ME ADSL Bridge 2 10 Hardware Installation and Initial Setup Figure 2 8 Prestige SMT Menu Overview...

Page 39: ...ER or UP DOWN arrow keys Within a menu press ENTER to move to the next field You can also use the UP DOWN arrow keys to move to the previous and the next field respectively Entering information Type i...

Page 40: ...menu to specify inside servers when NAT is enabled 21 Filter Set Configuration Use this menu to set up filters to provide security etc 22 SNMP Configuration Use this menu to set up SNMP related param...

Page 41: ...l Setup contains administrative and system related information shown next The System Name field is for identification purposes However because some ISPs check this name you should enter your computer...

Page 42: ...address First of all you need to have registered a dynamic DNS account with www dyndns org This is for people with a dynamic IP from their ISP or DHCP server that would still like to have a DNS name...

Page 43: ...ys domainname to see the current domain name used by your gateway If you want to clear this field just press the SPACE BAR The domain name entered by you is given priority over the ISP assigned domain...

Page 44: ...me Password Enter the password assigned to you Enable Wildcard Your Prestige supports DYNDNS Wildcard Press SPACE BAR to select Yes and then ENTER to activate this feature This field is N A when you c...

Page 45: ...s please read the Filter Set Configuration chapter first then return to this menu to define the filter sets 2 13 Protocol Dependent Ethernet Setup Depending on the protocols for your applications you...

Page 46: ......

Page 47: ...ameters are satisfactory you can skip to TCP IP Ethernet Setup and DHCP to enter the DNS server address es if your ISP gives you explicit DNS server address es If you wish to change the factory defaul...

Page 48: ...d that you select a network number from 192 168 0 0 to 192 168 255 0 ignoring the trailing zero and you must enable the Single User Account feature of the Prestige The Internet Assigned Number Authori...

Page 49: ...ve For more information on address assignment please refer to RFC 1597 Address Allocation for Private Internets and RFC 1466 Guidelines for Management of IP Address Space 3 3 3 RIP Setup RIP Routing I...

Page 50: ...e client machines along with the assigned IP address and subnet mask There are two ways that an ISP disseminates the DNS server addresses The first is for an ISP to tell a customer the DNS server addr...

Page 51: ...address 224 0 0 2 is assigned to the multicast routers group The Prestige supports both IGMP version 1 IGMP v1 and version 2 IGMP v2 At start up the Prestige queries all directly connected networks to...

Page 52: ...es and press ENTER to configure the second and third network Figure 3 4 Menu 3 2 TCP IP and DHCP Ethernet Setup Menu 3 2 TCP IP and DHCP Ethernet Setup DHCP Setup DHCP Server Client IP Pool Starting A...

Page 53: ...lect the RIP direction Choices are None Both In Only or Out Only None Version Press SPACE BAR to select the RIP version Choices are RIP 1 RIP 2B or RIP 2M RIP 1 Incoming Protocol Filters Enter the fil...

Page 54: ...General Setup 3 8 TCP IP Ethernet Setup and DHCP Use menu 3 2 to configure your Prestige for TCP IP To edit menu 3 2 enter 3 from the main menu to display Menu 3 Ethernet Setup When menu 3 appears ent...

Page 55: ...server in the Remote DHCP Server in this case When DHCP is used the following items need to be set Server Client IP Pool Starting Address This field specifies the first of the contiguous addresses in...

Page 56: ...55 255 248 RIP Direction Press SPACE BAR to select the RIP direction Choices are Both In Only Out Only or None Both Version Press SPACE BAR to select the RIP version Choices are RIP 1 RIP 2B or RIP 2M...

Page 57: ...eavily depends on the number of simultaneous VCs 3 10 Encapsulation Be sure to use the encapsulation method required by your ISP The Prestige supports the following methods 3 10 1 PPP over Ethernet PP...

Page 58: ...12 Internet Access Configuration Menu 4 allows you to enter the Internet Access information in one screen Menu 4 is actually a simplified setup for one of the remote nodes that you can access in menu...

Page 59: ...an send cells This parameter may be lower but not higher than the maximum line speed 1 ATM cell is 53 bytes 424 bits so a maximum speed of 832 Kbps gives a maximum PCR of 1962 cells sec This rate is n...

Page 60: ...ons on how to configure your Prestige for Internet access Menu 4 Internet Access Setup ISP s Name ChangeMe Encapsulation PPPoE Multiplexing LLC based VPI 8 VCI 35 ATM QoS Type UBR Peak Cell Rate PCR 0...

Page 61: ...ail UBR Peak Cell Rate PCR This is the maximum rate at which the sender can send cells Type the PCR 0 Sustain Cell Rate SCR 0 Sustained Cell Rate is the mean cell rate of a bursty on off traffic sourc...

Page 62: ...e SUA Single User Account feature SUA Only Address Mapping Set Type the numbers of mapping sets 1 8 to use with NAT See the NAT chapter for details N A When you have completed this menu press ENTER at...

Page 63: ...Advanced Applications II P Pa ar rt t I II I ADVANCED APPLICATIONS This part shows how to configure Remote Node Remote Node TCP IP and NAT...

Page 64: ......

Page 65: ...nts both the remote gateway and the network behind it across a WAN connection When you use menu 4 to set up Internet access you are configuring one of the remote nodes 4 1 Remote Node Setup This secti...

Page 66: ...ication Scenario 1 One VC One Protocol IP Selecting RFC 1483 encapsulation with VC based multiplexing requires the least amount of overhead 0 octets However if there is a potential need for multiple p...

Page 67: ...ss SPACE BAR to select Yes and then ENTER to activate this node Inactive nodes are displayed with a minus sign in SMT menu 11 No Encapsulation Press SPACE BAR and then ENTER to select PPPoE Point to P...

Page 68: ...ISP when the Prestige calls this remote node This field sets the authentication protocol used for outgoing calls Options for this field are CHAP PAP Your Prestige will accept either CHAP or PAP when r...

Page 69: ...or more details No Idle Timeout sec Type the number of seconds 0 9999 that can elapse when the Prestige is idle there is no traffic going to the remote node before the Prestige automatically disconnec...

Page 70: ...ESCRIPTION EXAMPLE IP Address Assignment Press SPACE BAR and then ENTER to select Dynamic if the remote node is using a dynamically assigned IP address or Static if it is using a static fixed IP addre...

Page 71: ...recise but it must be between 1 and 15 In practice 2 or 3 is usually a good number 2 Private This determines if the Prestige will include the route to this remote node in its RIP broadcasts If set to...

Page 72: ...set NetBIOS_WAN that blocks NetBIOS packets call protocol filter 1 Include this in the call filter sets if you want to prevent NetBIOS packets from triggering calls to a remote node Figure 4 4 Menu 11...

Page 73: ...irect route IP Policy Routing overrides the default routing behavior and takes priority over all of the routes mentioned above see the IP Policy Routing chapter For example if the normal route has a m...

Page 74: ...guration or press ESC at any time to cancel 4 4 2 Traffic Redirect Setup Configure parameters that determine when the Prestige will forward WAN traffic to the backup gateway using Menu 11 7 Traffic Re...

Page 75: ...guration Backup Gateway IP Address Enter the IP address of your backup gateway in dotted decimal notation The Prestige automatically forwards traffic to this IP address if the Prestige s Internet conn...

Page 76: ......

Page 77: ...nd the field of My Wan Addr in menu 11 3 Refer to the previous figure LAN and WAN IPs for a brief review of what a WAN IP is My WAN Addr indicates the local Prestige WAN IP while Rem IP Addr indicates...

Page 78: ...is using a dynamically assigned IP address or Static if it is using a static fixed IP address You will only be able to configure this in the ISP node the first node all other nodes are set to Static...

Page 79: ...ivate This determines if the Prestige will include the route to this remote node in its RIP broadcasts If set to Yes this route is kept private and not included in RIP broadcast If No the route to thi...

Page 80: ...oute a packet to network N3 because it does not know that there is a route through remote node Router 1 via Router 2 The static routes allow you to tell the Prestige about the networks beyond the remo...

Page 81: ...Table 5 3 Edit IP Static Route Menu Fields FIELD DESCRIPTION Route This is the index number of the static route that you chose in menu 12 1 Menu 12 1 IP Static Route Setup 1 ________ 2 ________ 3 ____...

Page 82: ...ge that will forward the packet to the destination On the LAN the gateway must be a router on the same segment as your Prestige over WAN the gateway must be the IP address of one of the remote nodes M...

Page 83: ...on bridging unless you need to support protocols other than IP on your network For IP enable the routing if you need it do not bridge what the Prestige can route 6 2 Bridge Ethernet Setup Basically a...

Page 84: ...leted this menu press ENTER at the prompt Press ENTER to confirm or ESC to cancel to save your configuration or press ESC to cancel and go back to the previous screen 6 2 2 Bridge Static Route Setup S...

Page 85: ...Address Type the MAC address of the destination computer that you want to bridge the packets to IP Address If available type the IP address of the destination computer that you want to bridge the pac...

Page 86: ......

Page 87: ...e them accessible to the outside world see below If you do not define a server NAT offers the additional benefit of firewall protection If no server is defined all incoming inquiries will be filtered...

Page 88: ...ovide both FTP and DNS service while another provides only web service Furthermore since you need to specify the IP address of a server in the Prestige a server must have a fixed IP address and not be...

Page 89: ...Yes and then press ENTER to bring up Menu 11 3 Remote Node Network Layer Options Menu 4 Internet Access Setup ISP s Name ChangeMe Encapsulation PPPoE Multiplexing LLC based VPI 8 VCI 35 ATM QoS Type U...

Page 90: ...P address for your Prestige SUA Only 7 1 2 Configuring a Server behind NAT To configure servers behind the NAT enter 15 in the main menu to display Menu 15 2 NAT Server Setup as shown Menu 11 3 Remote...

Page 91: ...e following figure you have a computer acting as an FTP Telnet and SMTP server ports 21 23 and 25 at 192 168 1 33 Step 3 Press ENTER at the Press ENTER to confirm prompt to save your configuration aft...

Page 92: ...vers Behind NAT Example 7 2 General NAT Examples 7 2 1 Example 1 Internet Access Only In the following Internet access example you only need one rule where your ILAs Inside Local addresses all map to...

Page 93: ...anslation field All your local LAN IP addresses will be mapped to one WAN IP address on the WAN port Menu 4 Internet Access Setup ISP s Name ChangeMe Encapsulation RFC 1483 Multiplexing LLC based My L...

Page 94: ...15 to specify the Inside Server behind the NAT as shown in the next figure Figure 7 8 Menu 15 Specifying an Inside Server Menu 15 2 NAT Server Setup Rule Start Port No End Port No IP Address 1 Default...

Page 95: ...t I II II I ADVANCED MANAGEMENT This part discusses Filtering SNMP System Information and Diagnosis Firmware and Configuration File Maintenance System Maintenance and Information IP Policy Routing Cal...

Page 96: ......

Page 97: ...ided into incoming and outgoing filters depending on the direction of the packet relative to a port Data filtering can be applied on either the WAN side or the Ethernet side Call filtering is used to...

Page 98: ...that follow The following figure illustrates the logic flow when executing a filter rule Data Outgoing Packet Drop packet Built in default Call Filters User defined Call Filters if applicable Initiat...

Page 99: ...ch Next Filter Set Next Filter Set Available Accept Packet Drop Packet Yes No Yes No Yes Packet intoFilter Filter Set Forward Drop No Check Next Rule Figure 8 2 Filter Rule Process You can apply up to...

Page 100: ...configure a filter set follow the steps shown next Step 1 Enter 21 in the main menu to display Menu 21 Filter Set Configuration Figure 8 3 Menu 21 Filter Set Configuration Step 2 Type the filter set t...

Page 101: ...Filter Rules M m n 1 Y IP Pr 6 SA 0 0 0 0 DA 0 0 0 0 DP 137 N D N 2 Y IP Pr 6 SA 0 0 0 0 DA 0 0 0 0 DP 138 N D N 3 Y IP Pr 6 SA 0 0 0 0 DA 0 0 0 0 DP 139 N D N 4 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 1...

Page 102: ...s Summary A Type Filter Rules M m n 1 Y IP Pr 6 SA 0 0 0 0 DA 0 0 0 0 DP 23 N D F 2 N 3 N 4 N 5 N 6 N Enter Filter Rule Number 1 6 to Configure Menu 21 4 Filter Rules Summary A Type Filter Rules M m n...

Page 103: ...6 to Configure Menu 21 11 Filter Rules Summary A Type Filter Rules M m n 1 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 161 N D N 2 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 162 N D F 3 N 4 N 5 N 6 N Enter Filter R...

Page 104: ...ain is complete N means there are no more rules to check You can specify an action to be taken for instance forward the packet drop the packet or check the next rule For the latter the next rule is in...

Page 105: ...ll rules in a filter set must be of the same class for instance protocol filters or generic filters The class of a filter set is determined by the first rule that you create When applying the filter s...

Page 106: ...ter rule No IP Protocol This is the upper layer protocol for example TCP is 6 UDP is 17 and ICMP is 1 The value must be between 0 and 255 A value of 0 matches ANY protocol 0 to 255 IP Source Route IP...

Page 107: ...d IP mask Port Type the source port of the packets you want to filter The range of this field is 0 to 65535 A 0 field is ignored 0 to 65535 Port Comp Select the comparison to apply to the source port...

Page 108: ...op Check Next Rule default Action Not Matched Select the action for a packet not matching the rule Choices are Check Next Rule Forward or Drop Check Next Rule default When you have completed this menu...

Page 109: ...ive Check IP Protocol Drop Drop Packet Accept Packet Drop Forward Check Next Rule Check Next Rule Check Next Rule Forward Not Matched Yes No Check Src IP Addr Apply SrcAddrMask to Src Addr Matched Che...

Page 110: ...atch The Mask and Value fields are specified in hexadecimal numbers Note that it takes two hexadecimal digits to represent a byte so if the length is 4 the value in either field will take 8 digits for...

Page 111: ...ly to the data portion before comparison Value Type the value in Hexadecimal to compare with the data portion More If Yes a matching packet is passed to the next filter rule before an action is taken...

Page 112: ...on the wire Therefore the Prestige applies the protocol filters to the native IP address and port number before NAT for outgoing packets and after NAT for incoming packets On the other hand the gener...

Page 113: ...t Filter Step 1 Enter 21 from the main menu to open Menu 21 Filter Set Configuration Step 2 Enter the index number of the filter set you want to configure in this case 3 Step 3 Type a descriptive name...

Page 114: ...0 0 Port Port Comp None TCP Estab No More No Log None Action Matched Drop Action Not Matched Forward Press ENTER to Confirm or ESC to Cancel Press SPACE BAR to choose this filter rule type The first...

Page 115: ...ws you where to apply the filter s after you design it them Sets of factory default filter rules have been configured in menu 21 but have not been applied to filter traffic Menu 21 1 Filter Rules Summ...

Page 116: ...nt to apply as appropriate You can choose up to four filter sets from twelve by typing their numbers separated by commas for example 3 4 6 11 The factory default filter set NetBIOS_LAN is inserted in...

Page 117: ...oE encapsulation Menu 11 5 Remote Node Filter Input Filter Sets protocol filters 3 device filters Output Filter Sets protocol filters 1 device filters Call Filter Sets protocol filters device filters...

Page 118: ......

Page 119: ...ocol used for exchanging management information between network devices SNMP is a member of the TCP IP protocol suite Your Prestige supports SNMP agent functionality which allows a manager station to...

Page 120: ...ing these objects SNMP itself is a simple request response protocol based on the manager agent model The manager issues a request and the agent returns responses using the following protocol operation...

Page 121: ...estige will only respond to SNMP messages from this address A blank default field means your Prestige will respond to all SNMP messages it receives regardless of source 0 0 0 0 Trap Community Type the...

Page 122: ...oftware reboot 3 linkUp defined in RFC 1215 A trap is sent with the port number 4 authenticationFailure defined in RFC 1215 A trap is sent to the manager when receiving any SNMP get or set requirement...

Page 123: ...e ports as shown next System Status is a tool that can be used to monitor your Prestige Specifically it gives you information on your ADSL telephone line status number of packets sent and received Ent...

Page 124: ...the transmission rate in bytes per second Rx B s Shows the receiving rate in bytes per second Up Time Time this channel has been connected to the current remote node My WAN IP from ISP The IP address...

Page 125: ...Shows the upstream speed of the Prestige in kbps CPU Load Specifies the percentage of CPU utilization 10 2 System Information and Console Port Speed This section describes your system and allows you...

Page 126: ...ddress Refers to the Ethernet MAC Media Access Control of your Prestige IP Address This is the IP address of the Prestige in dotted decimal notation IP Mask This shows the subnet mask of the Prestige...

Page 127: ...ing goes wrong is the error log Follow the procedures to view the local error trace log Step 1 Type 24 in the main menu to display Menu 24 System Maintenance Step 2 From menu 24 type 3 to display Menu...

Page 128: ...CE BAR to select Yes and press ENTER to turn on syslog on Syslog IP Address Type the IP address of your syslog server in dotted decimal notation Log Facility Use SPACE BAR and then ENTER to select one...

Page 129: ...ected L2TP C02 OutCall Connected xxxx connected speed xxxxx Remote Call ID C02 CLID call refused L02 Call Terminated C02 Call Terminated Jul 19 11 19 27 192 168 102 2 ZYXEL board 0 line 0 channel 0 ca...

Page 130: ...192 168 102 2 ZYXEL ppp LCP Closing Jul 19 11 42 49 192 168 102 2 ZYXEL ppp IPCP Closing Jul 19 11 42 54 192 168 102 2 ZYXEL ppp CCP Closing 10 4 Diagnostic The diagnostic facility allows you to test...

Page 131: ...e the xDSL link to the telephone company Ping Host Ping the host to see if the links and TCP IP protocol on both systems are working Reboot System Reboot the Prestige Command Mode Type the mode to tes...

Page 132: ......

Page 133: ...ut firmware bin ras This is a sample FTP session showing the transfer of the computer file firmware bin to the Prestige ftp get rom 0 config cfg This is a sample FTP session saving the current configu...

Page 134: ...ad files in menus 24 5 24 6 24 7 1 and 24 7 2 depending on whether you use the console port or Telnet Option 5 from Menu 24 System Maintenance allows you to backup the current Prestige configuration t...

Page 135: ...file on the Prestige to your computer and renames it config rom See earlier in this chapter for more information on filename conventions Step 7 Enter quit to exit the ftp prompt 11 2 3 Example of FTP...

Page 136: ...pe Transfer files in either ASCII plain text format or in binary mode Initial Remote Directory Specify the default remote directory path Initial Local Directory Specify the default local directory pat...

Page 137: ...lt when the file transfer is complete Step 4 Launch the TFTP client on your computer and connect to the Prestige Set the transfer mode to binary before starting data transfer Step 5 Use the TFTP clien...

Page 138: ...onfiguration file is rom 0 Binary Transfer the file in binary mode Abort Stop transfer of the file Refer to section 11 2 5 to read about configurations that disallow TFTP and FTP over WAN 11 2 9 Backu...

Page 139: ...ore a previously saved configuration Note that this function erases the current configuration before restoring a previous back up configuration please do not attempt to restore unless you have a backu...

Page 140: ...les from the Prestige to the computer for example put config rom rom 0 transfers the configuration file config rom on your computer to the Prestige See earlier in this chapter for more information on...

Page 141: ...l communications programs should be similar Step 1 Display menu 24 6 and enter y at the following screen Figure 11 9 System Maintenance Restore Configuration Step 2 The following screen indicates that...

Page 142: ...previous Restore Configuration section or by following the instructions in Menu 24 7 2 System Maintenance Upload System Configuration File for console port WARNING DO NOT INTERUPT THE FILE TRANSFER PR...

Page 143: ...r the upload system configuration file process is complete For details on FTP commands please consult the documentation of your FTP client program For details on uploading system firmware using TFTP n...

Page 144: ...computer and renames it config rom See earlier in this chapter for more information on filename conventions Step 7 Enter quit to exit the ftp prompt 11 4 4 FTP Session Example of Firmware File Upload...

Page 145: ...ails on TFTP commands see following example please consult the documentation of your TFTP client program For UNIX use get to transfer from the Prestige to the computer put the other way around and bin...

Page 146: ...ould be similar 11 4 9 Example Xmodem Firmware Upload Using HyperTerminal Click Transfer then Send File to display the following screen Figure 11 17 Example Xmodem Upload After the firmware upload pro...

Page 147: ...4 11 Example Xmodem Configuration Upload Using HyperTerminal Click Transfer then Send File to display the following screen Menu 24 7 2 System Maintenance Upload System Configuration File To upload sy...

Page 148: ...File Maintenance Figure 11 19 Example Xmodem Upload After the configuration upload process has completed restart the Prestige by entering atgo Type the configuration file s location or click Browse t...

Page 149: ...the console port although some commands are only available with a serial connection See the included disk or the zyxel com web site for more detailed information on CI commands Enter 8 from Menu 24 Sy...

Page 150: ...s the limit the current call will be dropped and any future outgoing calls will be blocked To access the call control menu select option 9 in menu 24 to go to Menu 24 9 System Maintenance Call Control...

Page 151: ...capsulation is selected Table 12 1 Budget Management FIELD DESCRIPTION EXAMPLE Remote Node Enter the index number of the remote node you want to reset just one in this case 1 Connection Time Total Bud...

Page 152: ...enance Time and Date Setting to update the time and date settings of your Prestige as shown in the following screen Figure 12 6 Menu 24 10 System Maintenance Time and Date Setting Menu 24 10 System Ma...

Page 153: ...f this information Current Time This field displays an updated time only when you reenter this menu New Time Enter the new time in hour minute and second format Current Date This field displays an upd...

Page 154: ......

Page 155: ...enable the backbone to prioritize traffic Cost Savings IPPR allows organizations to distribute interactive traffic on high bandwidth high cost paths while using low cost paths for batch traffic Load S...

Page 156: ...x of the policy set you want to configure to open Menu 25 1 IP Routing Policy Setup Menu 25 1 shows the summary of a policy set including the criteria and the action of a single policy and whether a p...

Page 157: ...6 T NM PR 0 GW 192 168 1 1 T MT PR 0 2 N __________________________________________________________________________ __________________________________________________________________________ 3 N ____...

Page 158: ...ruput Min Cost or Max Reliable Precedence Precedence value of the incoming packet Press SPACE BAR and then ENTER to select a value from 0 to 7 or Don t Care Packet Length Type the length of incoming p...

Page 159: ...specified as 0 0 0 0 Type of Service Set the new TOS value of the outgoing packet Prioritize incoming network traffic by choosing No Change Normal Min Delay Max Thruput Max Reliable or Min Cost Prece...

Page 160: ...Addr 0 0 0 0 Rem Subnet Mask 0 0 0 0 My WAN Addr 0 0 0 0 NAT Full Feature Address Mapping Set 2 Metric 2 Private No RIP Direction Both Version RIP 2B Multicast IGMP v2 IP Policies 2 4 7 9 Press ENTER...

Page 161: ...kets to a remote network using another policy See the next figure Figure 13 6 Example of IP Policy Routing To force Web packets coming from clients with IP addresses of 192 168 1 2 to 192 168 1 5 to b...

Page 162: ...any host with protocol TCP and port FTP access through another gateway 192 168 1 100 Menu 25 1 1 IP Routing Policy Policy Set Name set1 Active Yes Criteria IP Protocol 6 Type of Service Don t Care Pa...

Page 163: ...e DHCP Server N A TCP IP Setup IP Address 192 168 1 1 IP Subnet Mask 255 255 255 248 RIP Direction Both Version RIP 1 Multicast None IP Policies 1 2 Edit IP Alias No Press ENTER to Confirm or ESC to C...

Page 164: ......

Page 165: ...e precedence over higher numbered sets thereby avoiding scheduling conflicts For example if sets 1 2 3 and 4 in are applied in the remote node then set 1 will take precedence over set 2 3 and 4 as the...

Page 166: ...ar month date format Valid dates are from the present to 2036 February 5 2000 01 01 How Often Should this schedule set recur weekly or be used just once only Press the SPACE BAR and then ENTER to sele...

Page 167: ...demand call on the line and will persist for the time period specified in the Duration field Forced Down means that the connection is blocked whether or not there is a demand call on the line Enable...

Page 168: ...e Rem Node Name ChangeMe Route IP Active Yes Bridge No Encapsulation PPP Edit IP Bridge No Multiplexing VC based Edit ATM Options No Service Name Telco Option Incoming Allocated Budget min 0 Rem Login...

Page 169: ...n a TCP IP Network 15 2 FTP You can upload and download Prestige firmware and configuration files using FTP please see System Information and Diagnosis chapter for details To use this feature your com...

Page 170: ...ol as shown next Figure 15 2 Menu 24 11 Remote Management Control Table 15 1 Menu 24 11 Remote Management Control FIELD DESCRIPTION EXAMPLE Telnet Server FTP Server Web Server Each of these read only...

Page 171: ...it does not match the Prestige will disconnect the session immediately 4 There is an SMT console session running 5 There is already another remote management session of the same type Telnet FTP or Web...

Page 172: ......

Page 173: ...Additional Information IV P Pa ar rt t I IV V ADDITIONAL INFORMATION This part contains Troubleshooting Appendices and the Index...

Page 174: ......

Page 175: ...the default speed on leaving the factory Try other speeds in case the speed has been changed I cannot access the Prestige via the console port 2 Make sure the communications program is configured corr...

Page 176: ...My Login field and password in the My Password field in Menu 4 Internet Access Setup I cannot connect to a remote node or ISP Check menu 4 or menu 11 1 to verify the Encapsulation for the remote node...

Page 177: ...to the RESET button section in the User s Guide for details 16 6 Problems with Telnet Table 16 6 Troubleshooting Telnet PROBLEM CORRECTIVE ACTION Refer to the Remote Management Limitations section fo...

Page 178: ......

Page 179: ...Network Connections folder Each UPnP compatible device installed on your network will appear as a separate icon Selecting the icon of a UPnP device will allow you to access the information and propert...

Page 180: ......

Page 181: ...using PPP Benefits of PPPoE PPPoE offers the following benefits 1 It provides you with a familiar dial up networking DUN user interface 2 It lessens the burden on the carriers of provisioning virtual...

Page 182: ...frames to the ISP The L2TP tunnel is capable of carrying multiple PPP sessions With PPPoE the VC Virtual Circuit is equivalent to the dial up connection and is between the modem and the AC as opposed...

Page 183: ...en circuit end points Diagram 3 Virtual Circuit Topology Think of a virtual path as a cable that contains a bundle of wires The cable connects two points and wires within the cable provide individual...

Page 184: ......

Page 185: ...ware and ATLC for uploading the configuration file already discussed in a previous section Diagram 4 Option to Enter Debug Mode Type ATHE to view all available Prestige boot module commands Some are s...

Page 186: ...TDUx y dump memory contents from address x for length y ATRBx display the 8 bit value of address x ATRWx display the 16 bit value of address x ATRLx display the 32 bit value of address x ATGO x run pr...

Page 187: ...Consumption 10 W Safety Standards UL CUL UL 1310 CSA C22 2 No 223 EUROPEAN PLUG STANDARDS AC Power Adapter Model DV 121AACUP 5716 Input Power AC230Volts 50Hz 19W Output Power AC12Volts 1 0A Power Cons...

Page 188: ......

Page 189: ...indows NT 2000 XP Macintosh OS 7 and later operating systems After the appropriate TCP IP components are installed configure the TCP IP settings in order to communicate with your network Setting up Yo...

Page 190: ...NS Configuration tab If you do not know your DNS information select Disable DNS If you know your DNS information select Enable DNS and type the information in the fields below you may not need to fill...

Page 191: ...If you have previously configured DNS servers click Advanced and then the DNS tab to order them 5 Click Advanced If you do not know your gateway s IP address remove any previously installed gateways...

Page 192: ...tric the number of transmission hops clear the Automatic metric check box and type a metric in Metric Click Add Repeat the previous three steps for each default gateway you want to add Click OK when f...

Page 193: ...the Configure list 4 For statically assigned settings do the following From the Configure box select Manually Type your IP address in the IP Address box Type your subnet mask in the Subnet mask box T...

Page 194: ......

Page 195: ...r Mode 12 1 Command Mode 10 9 Community 9 2 Computer Name 2 13 Conditions that prevent TFTP and FTP from working over WAN 11 4 Connecting the Prestige 2 4 Connections Additional Requirements 2 4 ADSL...

Page 196: ...ckets 8 2 Frame Relay 1 6 Front Panel illustration 2 1 FTP 15 3 Restrictions 15 3 FTP File Transfer 11 10 FTP Restrictions 11 4 Full Rate 2 5 G Gateway 5 6 Gateway Node 6 3 General Setup 2 13 H Hidden...

Page 197: ...ultiplexing 1 4 3 11 3 15 4 2 Multiprotocol Encapsulation 3 11 My WAN Address 4 7 5 3 N Nailed Up Connection 4 2 NAT 8 16 Applying NAT in the SMT Menus 7 2 Examples 7 6 Network Address Translation 3 1...

Page 198: ...4 6 5 2 5 6 10 4 Support Disk xvi Supporting Disk xvi Syntax Conventions xvii Syslog 10 6 Syslog IP Address 10 6 Syslog Server 10 6 System Console Port Speed 10 4 Diagnostic 10 8 Log and Trace 10 5 Sy...

Page 199: ...Y Transmission Rates xvi 1 1 Type of Service 13 1 13 3 13 4 13 5 U UNIX Syslog 10 5 10 6 UNIX syslog parameters 10 6 Upload Firmware 11 10 X XMODEM protocol 11 2 Z ZyNOS 11 1 11 2 ZyNOS F W Version 11...

Reviews:

No comments