ZyXEL Communications P-2304R Скачать руководство пользователя страница 139 | Manualshive

Страница: 139 / 300

background image

Chapter 12 Firewall

P-2304R-P1 Series User’s Guide

139

Blocked

LAN-to-WAN

packets are considered alerts. Alerts are “higher priority logs” that

include system errors, attacks and attempted access to blocked web sites. Alerts appear in red
in the

View Log

screen. You may choose to have alerts e-mailed immediately in the

Log

Settings

screen.

LAN-to-LAN/ZyXEL Device means the LAN to the ZyXEL Device LAN interface. This is
always allowed, as this is how you manage the ZyXEL Device from your local computer.

12.1.4.2 WAN-to-LAN rules

WAN-to-LAN

rules are Internet to your local network firewall rules. The default is to block

all traffic from the Internet to your local network.
How can you forward certain WAN to LAN traffic? You may allow traffic originating from
the WAN to be forwarded to the LAN by:

• Configuring NAT port forwarding rules.
• Configuring

One-to-One

and

Many-One-to-One

NAT mapping rules in the web

configurator

Address Mapping

screen.

• Configuring

WAN

or

LAN & WAN

access for services in the

Remote Management

screens. When you allow remote management from the WAN, you are actually
configuring WAN-to-WAN/ZyXEL Device firewall rules. WAN-to-WAN/ZyXEL
Device firewall rules are Internet to the ZyXEL Device WAN interface firewall rules. The
default is to block all such traffic. When you decide what WAN-to-LAN packets to log,
you are in fact deciding what

WAN-to-LAN

and WAN-to-WAN/ZyXEL Device packets

to log.

Forwarded

WAN-to-LAN

packets are not considered alerts.

12.2 Triangle Route

When the firewall is on, your ZyXEL Device acts as a secure gateway between your LAN and
the Internet. In an ideal network topology, all incoming and outgoing network traffic passes
through the ZyXEL Device to protect your LAN against attacks.

Figure 69

Ideal Firewall Setup

12.2.1 The “Triangle Route” Problem

A traffic route is a path for sending or receiving data packets between two Ethernet devices.
You may have more than one connection to the Internet (through one or more ISPs). If an
alternate gateway is on the LAN (and its IP address is in the same subnet as the ZyXEL
Device’s LAN IP address), the “triangle route” (also called asymmetrical route) problem may
occur. The steps below describe the “triangle route” problem.

«
...
137
138
139
140
141
...
»

Содержание P-2304R

Страница 1: ...www zyxel com P 2304R P1 Series VoIP Station Gateway User s Guide Version 3 60 10 2006 Edition 1...

Страница 2: ......

Страница 3: ...eb Configurator Online Help Embedded web help for descriptions of individual screens and supplementary information It is recommended you use the web configurator to configure the ZyXEL Device Supporti...

Страница 4: ...ey stroke is denoted by square brackets and uppercase text for example ENTER means the enter or return key on your keyboard Enter means for you to type one or more characters and then press the ENTER...

Страница 5: ...uide 5 Icons Used in Figures Figures in this User s Guide may use the following generic icons The ZyXEL Device icon is not an exact representation of your device ZyXEL Device Computer Notebook compute...

Страница 6: ...e connecting cables carefully so that no one will step on them or stumble over them Always disconnect all cables from this device before servicing or disassembling Use ONLY an appropriate power adapto...

Страница 7: ...r 33 Status Screens 41 Wizard Setup 51 Bridge Mode 71 Network 73 WAN 75 LAN 85 NAT 97 VoIP 105 SIP 107 Phone 121 Phone Book 129 Security and Management 135 Firewall 137 Content Filter 145 Static Route...

Страница 8: ...Contents Overview P 2304R P1 Series User s Guide 8...

Страница 9: ...2 Ways to Manage the ZyXEL Device 27 1 3 Good Habits for Managing the ZyXEL Device 27 1 4 LEDs 28 1 5 Applications 29 1 5 1 Make Calls via VoIP Service Provider 29 1 5 2 Make Calls via IP PBX 30 1 5 3...

Страница 10: ...our IP Address 57 4 2 5 WAN IP Address Assignment 57 4 2 6 MAC Address 60 4 2 7 Finish 61 4 3 VoIP Setup Wizard 62 4 3 1 SIP Settings 62 4 3 2 Registration Complete 63 4 4 Bandwidth Management Wizard...

Страница 11: ...ess 86 7 1 5 RIP Setup 87 7 1 6 Multicast 87 7 1 7 Any IP 88 7 2 LAN Screens 89 7 2 1 LAN IP Screen 89 7 2 2 LAN DHCP Setup Screen 90 7 2 3 LAN Static DHCP Screen 91 7 2 4 LAN Client List Screen 92 7...

Страница 12: ...Screen 113 9 2 2 Advanced SIP Setup Screen 115 9 2 3 SIP QoS Screen 119 Chapter 10 Phone 121 10 1 Phone Overview 121 10 1 1 Voice Activity Detection Silence Suppression Comfort Noise 121 10 1 2 Echo C...

Страница 13: ...t Filter Schedule Screen 147 Chapter 14 Static Route 149 14 1 Static Route Overview 149 14 2 Static Route Screens 149 14 2 1 IP Static Route Screen 149 14 2 2 IP Static Route Edit Screen 150 Chapter 1...

Страница 14: ...y Screen 171 Part V Maintenance and Troubleshooting 173 Chapter 17 UPnP 175 17 1 Introducing Universal Plug and Play 175 17 1 1 How do I know if I m using UPnP 175 17 1 2 NAT Traversal 175 17 1 3 Caut...

Страница 15: ...20 2 Tools Screens 209 20 2 1 Firmware Screen 209 20 2 2 Firmware Upload Screens 210 20 2 3 Configuration Screen 211 20 2 4 Restore Configuration Screens 212 20 2 5 Restart Screen 213 Chapter 21 Trou...

Страница 16: ...Table of Contents P 2304R P1 Series User s Guide 16 Appendix F NAT 259 Appendix G Internal SPTGEN 267 Appendix H Services 283 Appendix I Legal Information 287 Appendix J Customer Support 291 Index 295...

Страница 17: ...zard IP Address 57 Figure 21 Connection Wizard IP Address Ethernet 58 Figure 22 Connection Wizard IP Address PPPoE 59 Figure 23 Connection Wizard MAC Address 60 Figure 24 Connection Wizard Finish 61 F...

Страница 18: ...113 Figure 59 VoIP SIP SIP Settings 114 Figure 60 VoIP SIP SIP Settings Advanced 116 Figure 61 VoIP SIP QoS 119 Figure 62 VoIP Phone Analog Phone 125 Figure 63 VoIP Phone Analog Phone Advanced 126 Fi...

Страница 19: ...Advanced Settings Add 181 Figure 100 System Tray Icon 182 Figure 101 Internet Connection Status 182 Figure 102 Network Connections 183 Figure 103 Network Connections My Network Places 184 Figure 104 N...

Страница 20: ...0 KDE Ethernet Device General 246 Figure 143 Red Hat 9 0 KDE Network Configuration DNS 246 Figure 144 Red Hat 9 0 KDE Network Configuration Activate 247 Figure 145 Red Hat 9 0 Dynamic IP Address Sett...

Страница 21: ...d MAC Address 61 Table 19 Connection Wizard Finish 62 Table 20 VoIP Setup Wizard SIP Settings 63 Table 21 VoIP Setup Wizard Registration Complete Success 64 Table 22 VoIP Setup Wizard Registration Com...

Страница 22: ...ty Content Filter Filter 146 Table 61 Security Content Filter Schedule 147 Table 62 Management Static Route IP Static Route 150 Table 63 Management Static Route IP Static Route Edit 151 Table 64 Appli...

Страница 23: ...203 Table 100 Attack Logs 204 Table 101 Remote Management Logs 205 Table 102 ICMP Notes 205 Table 103 SIP Logs 206 Table 104 RTP Logs 207 Table 105 FSM Logs Caller Side 207 Table 106 FSM Logs Callee...

Страница 24: ...ens Table 270 Table 129 Menu 1 General Setup 270 Table 130 Menu 3 270 Table 131 Menu 4 Internet Access Setup 273 Table 132 Menu 12 275 Table 133 Menu 15 SUA Server Setup 275 Table 134 Menu 21 1 Filter...

Страница 25: ...25 PART I Introduction and Wizard Introducing the ZyXEL Device 27 Introducing the Web Configurator 33 Status Screens 41 Wizard Setup 51 Bridge Mode 71...

Страница 26: ...26...

Страница 27: ...o use an Ethernet hub or switch to set up a private network and allow multiple computers to share a single Internet connection The ZyXEL Device also provides content filtering and a firewall for secur...

Страница 28: ...ll have to reset the ZyXEL Device to its factory default settings If you backed up an earlier configuration file you would not have to totally re configure the ZyXEL Device You could simply restore yo...

Страница 29: ...ll server forwards calls through the Internet ETHERNET Green On The ZyXEL Device has an Ethernet connection with a computer Blinking The ZyXEL Device is sending receiving data to from the computer Off...

Страница 30: ...nge you can use the ZyXEL Device to make and receive VoIP telephone calls through it In this example you use your analog phone A in the figure and the ZyXEL Device B changes the call into VoIP and sen...

Страница 31: ...eer calls are also called Point to Point or IP to IP calls You must know the peer s IP address in order to do this The following figure shows a basic example of how you would make a peer to peer VoIP...

Страница 32: ...Chapter 1 Introducing the ZyXEL Device P 2304R P1 Series User s Guide 32...

Страница 33: ...order to use the web configurator you need to allow Web browser pop up windows from your device Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 JavaScripts enabled by default...

Страница 34: ...lt password appears automatically if this is the case click Login The Change Password screen appears Figure 6 Change Password Screen 5 It is highly recommended to change your password To change your p...

Страница 35: ...curity reasons the ZyXEL Device automatically logs you out if you do not use the web configurator for five minutes If this happens log in again 2 3 Resetting the ZyXEL Device Reset the ZyXEL Device in...

Страница 36: ...the ZyXEL Device restarts automatically wait for the ZyXEL Device to finish restarting and log in to the web configurator The password is 1234 You have finished If the ZyXEL Device does not restart a...

Страница 37: ...asting and Windows Networking for your WAN port Traffic Redirect Use this screen to specify up a backup gateway in case the main one is not available LAN IP Use this screen to set up your LAN s IP add...

Страница 38: ...this screen to configure through which interface s and from which IP address es users can use HTTP to manage the ZyXEL Device Telnet Use this screen to configure through which interface s and from wh...

Страница 39: ...select in the navigation panel It is discussed in more detail in the rest of this document Right after you log in the Status screen is displayed See Chapter 3 on page 41 for more information about th...

Страница 40: ...Chapter 2 Introducing the Web Configurator P 2304R P1 Series User s Guide 40...

Страница 41: ...also register and unregister SIP accounts The Status screen also provides detailed information from Any IP and DHCP and statistics from VoIP bandwidth management and traffic 3 1 Status Screen Use this...

Страница 42: ...he ZyXEL Device system name It is used for identification You can change this in the Configuration Wizard or Maintenance System General screen Firmware Version This field displays the current version...

Страница 43: ...arts up when you plug it in when you restart it Maintenance Tools Restart or when you reset it see Section 2 3 on page 35 Current Date Time This field displays the current date and time in the ZyXEL D...

Страница 44: ...or Click Details to open the BW MGMT Monitor window See Section 3 5 on page 47 Packet Statistics Click Details to open the Packet Statistics window See Section 3 6 on page 49 VoIP Status Account This...

Страница 45: ...evice but is in a different subnet than the ZyXEL Device MAC Address This field displays the MAC address of the computer that is using the ZyXEL Device but is in a different subnet than the ZyXEL Devi...

Страница 46: ...ister the SIP account when you turn on the ZyXEL Device or when you activate it Inactive The SIP account is not active You can activate it in VoIP SIP SIP Settings Last Registration This field display...

Страница 47: ...is a peer to peer call this field displays the SIP number of the other party Otherwise it displays N A Duration This field displays how long the current call has lasted Tx Pkts This field displays the...

Страница 48: ...h second The rate is the number of kilobits that went to the LAN one second before the last time the screen updated refreshed LAN WWW This field displays how much web traffic went to the LAN each seco...

Страница 49: ...ed refreshed Default Class This field displays how much traffic that is not allocated to any sub class went to the WAN each second The rate is the number of kilobits that went to the WAN one second be...

Страница 50: ...ackets the ZyXEL Device has transmitted from the port Rx Pkts This field displays the number of packets the ZyXEL Device has received from the port Collisions This field displays the number of collisi...

Страница 51: ...he wizards in the web configurator 4 1 Main Wizard Screen Use this screen to open one of the wizards in the ZyXEL Device To access this screen click Go to Wizard setup in the Login Options screen or c...

Страница 52: ...s you must use the screens discussed in Chapter 6 on page 75 Some ISPs such as Telstra send UDP heartbeat packets to verify that the customer is still online In this case you have to create a WAN to L...

Страница 53: ...able describes the labels in this screen 4 2 2 System Information Usually you should just click Next in this screen Table 11 Connection Wizard Welcome LABEL DESCRIPTION Back Click this to go to the pr...

Страница 54: ...This is for identification purposes but some ISPs also check this field This name can be up to 30 alphanumeric characters long Spaces are not allowed but dashes and underscores _ are accepted Domain N...

Страница 55: ...oint to Point Protocol over Ethernet PPPoE functions as a dial up connection PPPoE is an IETF Internet Engineering Task Force standard specifying how a host personal computer interacts with a broadban...

Страница 56: ...abels in this screen Table 14 Connection Wizard ISP Parameters PPPoE LABEL DESCRIPTION Connection Type Select PPP over Ethernet Service Name Enter the PPP service name provided by your ISP If your ISP...

Страница 57: ...n to set up your static IP address The fields depend on the Connection Type you select in the ISP Parameters screen Table 15 Connection Wizard IP Address LABEL DESCRIPTION Get automatically from your...

Страница 58: ...ause without it you must know the IP address of a computer before you can access it The ZyXEL Device uses a system DNS server in the order you specify here to resolve domain names for VPN DDNS and the...

Страница 59: ...PPoE remote server cannot be discovered automatically Figure 22 Connection Wizard IP Address PPPoE Back Click this to go to the previous screen Next Click this to go to the next screen Exit Click this...

Страница 60: ...the WAN IP address too See Network WAN Internet Connection The field to the right is read only and it displays the IP address provided by your ISP Select User Defined if you have the IP address of a D...

Страница 61: ...e Spoof this computer s MAC Address Select this if you do not want to use the default MAC address for the ZyXEL Device IP Address This field is enabled if you select Spoof this computer s MAC Address...

Страница 62: ...ake phone calls over the Internet did not provide any information See Chapter 9 on page 107 for more information You must have a SIP account before you can use this wizard 4 3 1 SIP Settings Figure 25...

Страница 63: ...der com this is the part after the symbol You can use up to 127 printable ASCII Extended set characters Authentication User Name Enter the user name for registering this SIP account exactly as it was...

Страница 64: ...your SIP account s see the Quick Start Guide for troubleshooting suggestions Table 21 VoIP Setup Wizard Registration Complete Success LABEL DESCRIPTION Return to Wizard Main Page Click this to open t...

Страница 65: ...rst service uses as much of the remaining bandwidth as it needs If there is no more bandwidth for the second service then it waits If you do not select a service in this wizard or if you do not find a...

Страница 66: ...agement Wizard Welcome The following table describes the labels in this screen Table 23 Bandwidth Management Wizard Welcome LABEL DESCRIPTION Back Click this to go to the previous screen Next Click th...

Страница 67: ...router Managed Bandwidth kbps Enter the total amount of traffic the device can send to the WAN It is recommended to set this speed to what the device connected to the WAN can handle For example set t...

Страница 68: ...higher priority when bandwidth is allocated If you do not select a service or if you do not see it in the list the service can still use bandwidth However it has the lowest priority Note You must sel...

Страница 69: ...he previous screen Priority Set the priority of each service If a service has higher priority than other services then it can use as much remaining bandwidth as it needs If there is no more bandwidth...

Страница 70: ...de 70 4 4 5 Finish Figure 33 Bandwidth Management Wizard Finish The following table describes the labels in this screen Table 27 Bandwidth Management Wizard Finish LABEL DESCRIPTION Finish Click this...

Страница 71: ...a router It may be more efficient in small networks but it also offers fewer features In Bridge mode your ZyXEL Device only supports the following features by screen Table 28 Bridge Mode Features by S...

Страница 72: ...net follow the directions in Appendix C on page 235 to change your computer s IP address When you log in to the web configurator you can still see every screen in Table 3 on page 37 even if the featur...

Страница 73: ...73 PART II Network WAN 75 LAN 85 NAT 97...

Страница 74: ...74...

Страница 75: ...nction known as dynamic service selection This enables the service provider to easily create and offer new IP services for individuals Operationally PPPoE saves significant effort for both you and the...

Страница 76: ...assigned default MAC Address Otherwise click Spoof this computer s MAC address IP Address and enter the IP address of your computer Once it is successfully configured the address will be copied to th...

Страница 77: ...hernet Use this screen to set up an Ethernet connection no Roadrunner service with the ISP To access this screen click Network WAN Internet Connection Figure 35 Network WAN Internet Connection Etherne...

Страница 78: ...ur ISP IP Subnet Mask Enter the subnet mask provided by your ISP Gateway IP Address Enter the gateway provided by your ISP If your ISP did not provide one leave it blank WAN MAC Address Spoof WAN MAC...

Страница 79: ...e password provided by your ISP Retype to Confirm Retype your password to make sure you entered it correctly Login Server IP Address Enter the IP address of the login server provided by your ISP WAN M...

Страница 80: ...the user name provided by your ISP Password Enter the password provided by your ISP Retype to Confirm Retype your password to make sure you entered it correctly Nailed Up Connection Select this if you...

Страница 81: ...as the measurement of cost where 1 is for a directly connected network The metric must be 1 15 if you use a value higher than 15 the routers assume the link is down Private Usually you should keep the...

Страница 82: ...nter the IP address in the field to the right Select None if you do not want to use this DNS server If you select None for all of the DNS servers you must use IP addresses to configure the ZyXEL Devic...

Страница 83: ...fic In addition other computers on the WAN have to support the same version of IGMP Windows Networking NetBIOS over TCP IP Allow between LAN and WAN Select this check box if you want the ZyXEL Device...

Страница 84: ...lable anymore For example use one of your ISP s DNS server addresses If you enter 0 0 0 0 the test fails each time Fail Tolerance Enter the number of consecutive times the ZyXEL Device may attempt and...

Страница 85: ...t and the ISP will assign you a dynamic IP address when the connection is established If this is the case it is recommended that you select a network number from 192 168 0 0 to 192 168 255 0 and you m...

Страница 86: ...r the majority of installations If your ISP gives you explicit DNS server address es read the embedded web configurator help regarding what fields need to be configured 7 1 4 DNS Server Address DNS Do...

Страница 87: ...mats when receiving RIP 1 is universally supported but RIP 2 carries more information RIP 1 is probably adequate for most networks unless you have an unusual network topology Both RIP 2B and RIP 2M se...

Страница 88: ...time you want to access the Internet via the ZyXEL Device With the Any IP feature and NAT enabled the ZyXEL Device allows a computer to access the Internet without changing the network settings such...

Страница 89: ...is not the ZyXEL Device by looking at the MAC address in its ARP table 2 When the computer cannot locate the default gateway an ARP request is broadcast on the LAN 3 The ZyXEL Device receives the ARP...

Страница 90: ...tor as soon as you change this field and click Apply You can access the web configurator again by typing the new IP address in the browser IP Subnet Mask Enter the subnet mask of the LAN Apply Click t...

Страница 91: ...owing ways Custom Defined enter a static IP address From ISP provide the DNS servers provided by the ISP on the WAN port DNS Relay have the ZyXEL Device act as a DNS proxy The ZyXEL Device s LAN IP ad...

Страница 92: ...nts on the LAN To access this screen click Network LAN Client List Table 37 Network LAN Static DHCP LABEL DESCRIPTION This field is a sequential value It is not associated with a specific entry MAC Ad...

Страница 93: ...IP Address This field displays the IP address the ZyXEL Device assigned to the computer Host Name This field displays the system name of the computer to which the ZyXEL Device assigned the IP address...

Страница 94: ...formation on the subnet RIP Version Select which version of RIP the ZyXEL Device uses when it sends or receives information on the subnet RIP 1 The ZyXEL Device uses RIPv1 to exchange routing informat...

Страница 95: ...set Click this to set every field in this screen to its last saved value Table 39 Network LAN IP Alias LABEL DESCRIPTION Table 40 Network LAN Advanced LABEL DESCRIPTION RIP Multicast Setup RIP Directi...

Страница 96: ...IP Setup Active Select this if you want to let computers on different subnets use the ZyXEL Device Windows Networking NetBIOS over TCP IP Allow between LAN and WAN Select this check box if you want t...

Страница 97: ...s of the desired server The port number identifies a service for example web service is on port 80 and FTP on port 21 In some cases such as for unknown services or where one server can support more th...

Страница 98: ...this problem by allowing computers on the LAN to dynamically take turns using the service The ZyXEL Device records the IP address of a LAN computer that sends traffic to the WAN to request a service...

Страница 99: ...data that is going coming from inside the ZyXEL Device and going to the outside 2 If an application needs a continuous data stream that port range will be tied up so that another computer on the LAN c...

Страница 100: ...is the same number you enter in Security Firewall General When computers use peer to peer applications such as file sharing applications they may use a large number of NAT sessions If you do not limi...

Страница 101: ...s to enable this rule Clear this to disable this rule Name This field displays the name of the rule It does not have to be unique Start Port This field displays the beginning of the range of port numb...

Страница 102: ...ervice Name Enter a name to identify this rule You can use 1 31 printable ASCII characters or you can leave this field blank It does not have to be a unique name Start Port End Port Enter the port num...

Страница 103: ...he range in the Start Port field enter the port number at the end of the range in the End Port field If you want to delete this rule enter zero in the Start Port and End Port fields Trigger Start Port...

Страница 104: ...L DESCRIPTION Enable SIP ALG Select this to make sure SIP VoIP works correctly with port forwarding and port triggering rules Enable FTP ALG Select this to make sure FTP file transfer works correctly...

Страница 105: ...105 PART III VoIP SIP 107 Phone 121 Phone Book 129...

Страница 106: ...106...

Страница 107: ...uction to SIP The Session Initiation Protocol SIP is an application layer control signaling protocol that handles the setting up altering and tearing down of voice and multimedia sessions over the Int...

Страница 108: ...voice media talk 6 After talking A hangs up and sends a BYE request 7 B replies with an OK response confirming receipt of the BYE request and the call is terminated 9 1 5 SIP Client Server SIP is a c...

Страница 109: ...redirect server accepts SIP requests translates the destination address to an IP address and sends the translated IP address back to the device that sent the request Then the client device that origi...

Страница 110: ...r between the ZyXEL Device and the SIP register server the ZyXEL Device probably has a private IP address The ZyXEL Device lists its IP address in the SIP message that it sends to the SIP register ser...

Страница 111: ...TUN server B 2 The STUN server B finds the public IP address and port number that the NAT router used on the ZyXEL Device s SIP packets and sends them to the ZyXEL Device 3 The ZyXEL Device uses the p...

Страница 112: ...sed to provide bandwidth for real time multimedia applications 9 1 11 1 Type Of Service ToS Network traffic can be classified by setting the ToS Type Of Service values at the data source for example a...

Страница 113: ...irtual Local Area Network VLAN allows a physical network to be partitioned into multiple logical networks Only stations within the same group can communicate with each other Your ZyXEL Device can add...

Страница 114: ...ou can use up to 95 printable ASCII characters It does not matter whether the SIP server is a proxy redirect or register server SIP Server Port Enter the SIP server s listening port number if your VoI...

Страница 115: ...can use up to 95 printable ASCII characters Password Enter the user name for registering this SIP account exactly as it was given to you You can use up to 95 printable ASCII Extended set characters A...

Страница 116: ...Chapter 9 SIP P 2304R P1 Series User s Guide 116 Figure 60 VoIP SIP SIP Settings Advanced...

Страница 117: ...on time when it receives a request to start a SIP session If the request has a shorter time the ZyXEL Device rejects it RTP Port Range Start Port End Port Enter the listening port number s for RTP tra...

Страница 118: ...Address Enter the public IP address or domain name of the NAT router Server Port Enter the port number that your SIP sessions use with the public IP address of the NAT router Outbound Proxy Active Se...

Страница 119: ...11 to send fax messages The peer devices must also use G 711 T 38 Fax Relay Select this if the ZyXEL Device should send fax messages as UDP or TCP IP packets through IP networks This provides better q...

Страница 120: ...s The ZyXEL Device creates Type of Service priority tags with this priority to RTP traffic that it transmits Voice VLAN ID Select this if the ZyXEL Device has to be a member of a VLAN to communicate w...

Страница 121: ...nt packets when you are not speaking When using VAD the ZyXEL Device generates comfort noise when the other party is not speaking The comfort noise lets you know that the line is still connected as to...

Страница 122: ...command timeout 2 seconds expires or issue an invalid sub command the current operation will be aborted 10 1 3 2 1 European Call Hold Call hold allows you to put a call A on hold by pressing the flas...

Страница 123: ...he following steps to make three way conference calls 1 When you are on the phone talking to someone place the flash key to put the caller on hold and get a dial tone 2 Dial a phone number directly to...

Страница 124: ...e caller on hold 2 When you hear the dial tone dial 98 followed by the number to which you want to transfer the call to operate the Intercom 3 After you hear the ring signal or the second party answer...

Страница 125: ...tgoing Call Use SIP1 4 Select the SIP account s used by this phone port when it make calls If you select more than one SIP accounts the ZyXEL Device tries to use the last registered SIP account Incomi...

Страница 126: ...ho Cancellation G 168 Active Select this if you want to eliminate the echo caused by the sound of your voice reverberating in the telephone receiver while you talk Dialing Interval Select Dialing Inte...

Страница 127: ...he pound key The ZyXEL Device makes the call immediately instead of waiting You can still wait if you want Apply Click this to save your changes and to apply them to the ZyXEL Device Reset Click this...

Страница 128: ...Chapter 10 Phone P 2304R P1 Series User s Guide 128...

Страница 129: ...ZyXEL Device you must set up a speed dial entry in the phone book in order to do this Select Non Proxy Use IP or URL in the Type column and enter the callee s IP address or domain name The ZyXEL Devi...

Страница 130: ...section Specify the phone number in the field on the right Busy Forward to Number Select this if you want the ZyXEL Device to forward incoming calls to the specified phone number if the phone port is...

Страница 131: ...pending on the Condition Condition Select the situations in which you want to forward incoming calls from the Incoming Call Number or select an alternative action Unconditional The ZyXEL Device immedi...

Страница 132: ...r if you want to make a peer to peer call In this case enter the IP address or domain name of the SIP server or the other party in the field below Add Click this to use the information in the Speed Di...

Страница 133: ...to copy the information for this speed dial entry into the Speed Dial section where you can change it Click the Remove icon to erase this speed dial entry Clear Click this to erase all the speed dial...

Страница 134: ...Chapter 11 Phone Book P 2304R P1 Series User s Guide 134...

Страница 135: ...135 PART IV Security and Management Firewall 137 Content Filter 145 Static Route 149 Bandwidth MGMT 153 Remote MGMT 165...

Страница 136: ...136...

Страница 137: ...elf 12 1 1 Stateful Inspection Firewall Stateful inspection firewalls restrict access by screening data packets against defined access rules They make access control decisions based on IP address and...

Страница 138: ...n t enable any local service such as telnet or FTP that you don t use Any enabled service could present a potential security risk A determined hacker might be able to find creative ways to misuse the...

Страница 139: ...e Management screens When you allow remote management from the WAN you are actually configuring WAN to WAN ZyXEL Device firewall rules WAN to WAN ZyXEL Device firewall rules are Internet to the ZyXEL...

Страница 140: ...Device and its firewall protection Another solution is to use IP alias IP alias allows you to partition your network into logical sections over the same Ethernet interface Your ZyXEL Device supports...

Страница 141: ...ce controls access and protects against Denial of Service DoS attacks when the firewall is activated Bypass Triangle Route Select this if you want to let some traffic from the WAN go directly to a com...

Страница 142: ...to create log entries for firewall events No Log do not create any log entries Log Blocked LAN to WAN only create log entries when packets are blocked Log Forwarded WAN to LAN only create log entries...

Страница 143: ...rt uses Port Number Enter the range of port numbers that defines the service For example suppose you want to define the Gnutella service Select TCP type and enter a port range of 6345 6349 Add Click t...

Страница 144: ...Chapter 12 Firewall P 2304R P1 Series User s Guide 144...

Страница 145: ...certain web features or specific URL keywords The ZyXEL Device can block web features such as ActiveX controls Java applets cookies and disable web proxies The ZyXEL Device also allows you to define...

Страница 146: ...re they remain in case you visit the site again Java This is used to build downloadable Web components or Internet and intranet business applications of all kinds Cookies This is used by Web servers t...

Страница 147: ...all of the keywords in the Keyword List Denied Access Message Enter the message that is displayed when the ZyXEL Device s content filter feature blocks access to a web site Apply Click this to save y...

Страница 148: ...Chapter 13 Content Filter P 2304R P1 Series User s Guide 148...

Страница 149: ...in the following figure through remote node Router 1 However the ZyXEL Device is unable to route a packet to network N3 because it doesn t know that there is a route through the same remote node Route...

Страница 150: ...e ZyXEL Device checks each rule in order and it only follows the first one that applies Name This field displays the name that describes the static route Active This field shows whether this static ro...

Страница 151: ...ses that this static route affects If this static route affects only one IP address enter 255 255 255 255 Gateway IP Address Enter the IP address of the gateway to which the ZyXEL Device should send p...

Страница 152: ...Chapter 14 Static Route P 2304R P1 Series User s Guide 152...

Страница 153: ...and dropped packets at the next routing device For example you can set the WAN interface speed to 1024 kbps or less if the broadband device connected to the WAN port has an upstream speed of 1024 kbp...

Страница 154: ...s You could configure one bandwidth class for subnet A and another for subnet B Figure 79 Subnet based Bandwidth Management Example 15 1 5 Application and Subnet based Bandwidth Management You could a...

Страница 155: ...h the ZyXEL Device gives extra bandwidth to that class When multiple classes require more bandwidth the ZyXEL Device gives the highest priority classes the available bandwidth first as much as they re...

Страница 156: ...and marketing departments 1536 kbps extra to each for a total of 3584 kbps for each because they both have the highest priority level Research requires more bandwidth but only gets its budgeted 2048 k...

Страница 157: ...ass because the Sales class has bandwidth borrowing disabled 15 1 8 2 Maximize Bandwidth Usage With Bandwidth Borrowing If you configure both maximize bandwidth usage on the interface and bandwidth bo...

Страница 158: ...ppose you try to browse the web too In this case VoIP NetMeeting and FTP all have higher priority so they get to use the bandwidth first You can only browse the web when VoIP NetMeeting and FTP do not...

Страница 159: ...er than the interface s actual transmission speed This will stop lower priority traffic from being sent if higher priority traffic uses all of the actual bandwidth You can also set this number lower t...

Страница 160: ...ssion speed of 1 Mbps You can set this number higher than the interface s actual transmission speed This will stop lower priority traffic from being sent if higher priority traffic uses all of the act...

Страница 161: ...dwidth of the LAN users set the bandwidth management class on the LAN In order to limit the upload bandwidth set the bandwidth management class on the corresponding WAN interface Root Class In this se...

Страница 162: ...if the parent class is not using up its bandwidth budget Bandwidth borrowing is governed by the priority of the sub classes That is a sub class with the highest priority 7 is the first to borrow bandw...

Страница 163: ...elect this to configure this bandwidth filter for SIP traffic This makes it easier to manage bandwidth for SIP traffic and is useful for example when there is a VoIP Voice over Internet Protocol devic...

Страница 164: ...f you do not select Maximize bandwidth usage in the Bandwidth Management Summary Screen the ZyXEL Device uses the bandwidth in this default class to only send traffic that does not match any of the ba...

Страница 165: ...ement session of higher priority starts The priorities for the different types of remote management sessions are as follows 1 Telnet 2 HTTP 16 1 1 Remote Management Limitations Remote management over...

Страница 166: ...ged network consists of two main types of component agents and a manager An agent is a management software module that resides in a managed device the ZyXEL Device An agent translates the local manage...

Страница 167: ...ny one of the following events occurs 16 2 3 System Timeout There is a default system management idle timeout of five minutes three hundred seconds The ZyXEL Device automatically logs you out if the m...

Страница 168: ...T Telnet Table 75 Management Remote MGMT WWW LABEL DESCRIPTION Server Port Enter the port number this service can use to access the ZyXEL Device The computer must use the same port number Server Acces...

Страница 169: ...to only allow the computer with the IP address that you specify to access the ZyXEL Device using this service Apply Click this to save your changes and to apply them to the ZyXEL Device Reset Click t...

Страница 170: ...ity which is the password sent with each trap to the SNMP manager The default is public and allows all requests Destination Type the IP address of the station to send your SNMP traps to SNMP Server Po...

Страница 171: ...anagement Remote MGMT DNS LABEL DESCRIPTION Server Port This field is read only This field displays the port number this service uses to access the ZyXEL Device The computer must use the same port num...

Страница 172: ...lect this to prevent outsiders from discovering your ZyXEL Device by sending requests to unsupported port numbers If an outside user attempts to probe an unsupported port on your ZyXEL Device an ICMP...

Страница 173: ...173 PART V Maintenance and Troubleshooting UPnP 175 System 187 Logs 195 Tools 209 Troubleshooting 215...

Страница 174: ...174...

Страница 175: ...at device 17 1 2 NAT Traversal UPnP NAT traversal automates the process of allowing an application to operate through NAT UPnP network devices can automatically configure network addressing announce t...

Страница 176: ...e only sends UPnP multicasts to the LAN See later sections for examples of installing UPnP in Windows XP and Windows Me as well as an example of using UPnP in Windows 17 2 UPnP Examples 17 2 1 Install...

Страница 177: ...d click Next 5 Restart the computer when prompted 17 2 1 2 Installing UPnP in Windows XP Follow the steps below to install the UPnP in Windows XP 1 Click Start and Control Panel 2 Double click Network...

Страница 178: ...7 UPnP P 2304R P1 Series User s Guide 178 Figure 94 Windows Optional Networking Components Wizard 5 In the Networking Services window select the Universal Plug and Play check box Figure 95 Networking...

Страница 179: ...d UPnP activated on the ZyXEL Device Make sure the computer is connected to a LAN port of the ZyXEL Device Turn on your computer and the ZyXEL Device 17 2 2 1 Auto discover Your UPnP enabled Network D...

Страница 180: ...Chapter 17 UPnP P 2304R P1 Series User s Guide 180 Figure 97 Internet Connection Properties 4 You may edit or delete the port mappings or click Add to manually add port mappings...

Страница 181: ...d Settings Figure 99 Internet Connection Properties Advanced Settings Add 5 When the UPnP enabled device is disconnected from your computer all port mappings will be deleted automatically 6 Select Sho...

Страница 182: ...eb Configurator Easy Access With UPnP you can access the web based configurator on the ZyXEL Device without finding out the IP address of the ZyXEL Device first This comes helpful if you do not know t...

Страница 183: ...Guide 183 Figure 102 Network Connections 4 An icon with the description for each UPnP enabled device displays under Local Network 5 Right click on the icon for your ZyXEL Device and select Invoke The...

Страница 184: ...e 103 Network Connections My Network Places 6 Right click on the icon for your ZyXEL Device and select Properties A properties window displays with basic information about the ZyXEL Device Figure 104...

Страница 185: ...Allow users to make configuration changes through UPnP Select this to allow UPnP enabled applications to automatically configure the ZyXEL Device so that they can communicate through the ZyXEL Device...

Страница 186: ...Chapter 17 UPnP P 2304R P1 Series User s Guide 186...

Страница 187: ...tion and then click the Computer Name tab Note the entry in the Full computer name field and enter it as the ZyXEL Device System Name 18 1 2 Domain Name The Domain Name entry is what is propagated to...

Страница 188: ...vice provider will give you a password or key Enabling the wildcard feature for your host causes yourhost dyndns org to be aliased to the same IP address as yourhost dyndns org This feature is useful...

Страница 189: ...our intervals after starting 18 2 System Screens 18 2 1 General System Screen Use this screen to change the ZyXEL Device s mode set up the ZyXEL Device s system name domain name idle timeout and admin...

Страница 190: ...me This is for identification purposes but some ISPs also check this field This name can be up to 30 alphanumeric characters long Spaces are not allowed but dashes and underscores _ are accepted Domai...

Страница 191: ...ider Host Name Enter the host name You can specify up to two host names separated by a comma User Name Enter your user name Password Enter the password assigned to you Enable Wildcard Option Select th...

Страница 192: ...en there are one or more NAT routers between the ZyXEL Device and the DDNS server Note The DDNS server may not be able to detect the proper IP address if there is an HTTP proxy server between the ZyXE...

Страница 193: ...year time zone Time RFC 868 This format displays a 4 byte integer giving the total number of seconds since 1970 1 1 at 0 0 0 NTP RFC 1305 This format is similar to Time RFC 868 Time Server Address Ent...

Страница 194: ...Chapter 18 System P 2304R P1 Series User s Guide 194...

Страница 195: ...and alerts and to configure the ZyXEL Device s log and alert settings 19 1 Logs Overview For a list of log messages see Section 19 3 on page 200 19 1 1 Alerts An alert is a type of log that warrants m...

Страница 196: ...erates a syslog The facility is defined in the Log Settings screen The severity is the log s syslog class The definition of messages and notes are defined in the various log charts throughout this app...

Страница 197: ...ories depends on what log categories are selected in the Log Settings page Email Log Now Click this to send the log screen to the e mail address specified in the Log Settings page Refresh Click Refres...

Страница 198: ...ed To access this screen click Maintenance Logs Log Settings Figure 110 Maintenance Logs Log Settings Each field is described in the following table Table 89 Maintenance Logs Log Settings LABEL DESCRI...

Страница 199: ...d Select which day of the week to send the logs Time for Sending Log This field is only available when you select Daily or Weekly in the Log Schedule field Enter the time of day in 24 hour format for...

Страница 200: ...n Someone has logged on to the device s web configurator interface WEB login failed Someone has failed to log on to the device s web configurator interface TELNET Login Successfully Someone has logged...

Страница 201: ...the host s connections exceeded the maximum sessions per host Firewall allowed a packet that matched a NAT session TCP UDP A packet from the WAN TCP or UDP matched a cone NAT session and the device fo...

Страница 202: ...ICMP Packet Direction type d code d ICMP access matched the default policy and was blocked or forwarded according to the user s setting Firewall rule NOT match ICMP Packet Direction rule d type d cod...

Страница 203: ...nection s Internet Protocol Control Protocol stage is closing Table 98 UPnP Logs LOG MESSAGE DESCRIPTION UPnP pass through Firewall UPnP packets can pass through the firewall Table 99 Content Filterin...

Страница 204: ...spoofing WAN ICMP type d code d The firewall detected an ICMP IP spoofing attack on the WAN port icmp echo ICMP type d code d The firewall detected an ICMP echo attack syn flood TCP The firewall dete...

Страница 205: ...UPnP denied Attempted use of HTTP or UPnP service was blocked according to remote management settings Remote Management WWW denied Attempted use of WWW service was blocked according to remote manageme...

Страница 206: ...estamp request message 14 Timestamp Reply 0 Timestamp reply message 15 Information Request 0 Information request message 16 Information Reply 0 Information reply message Table 103 SIP Logs LOG MESSAGE...

Страница 207: ...Number Someone used a phone connected to the listed phone port to make a VoIP call to the listed destination VoIP Call End Phone Phone Port A VoIP phone call made from a phone connected to the listed...

Страница 208: ...Chapter 19 Logs P 2304R P1 Series User s Guide 208...

Страница 209: ...bin The upload process uses HTTP Hypertext Transfer Protocol and may take up to two minutes After a successful upload the system will reboot Only use firmware for your ZyXEL Device s specific model R...

Страница 210: ...e 112 Firmware Upload In Process Table 108 Maintenance Tools Firmware LABEL DESCRIPTION File Path Enter the location of the bin file you want to upload or click Browse to find it You must decompress c...

Страница 211: ...d check your new firmware version in the Status screen You might have to open a new browser to log in If the upload is not successful the following screen appears Figure 114 Firmware Upload Error Clic...

Страница 212: ...s current configuration to a file on your computer Once your device is configured and functioning properly it is highly recommended that you back up your configuration file before making configuratio...

Страница 213: ...r details on how to set up your computer s IP address You might have to open a new browser to log in again If the upload was not successful a Configuration Upload Error screen appears Figure 118 Confi...

Страница 214: ...Chapter 20 Tools P 2304R P1 Series User s Guide 214 Figure 120 Maintenance Tools Restart In Progress Wait one minute for the device to finish restarting Then you can log in again...

Страница 215: ...e ZyXEL Device 4 Make sure the power adaptor or cord is connected to the ZyXEL Device and plugged in to an appropriate power source Make sure the power source is turned on 5 Disconnect and re connect...

Страница 216: ...eb configurator 1 Make sure you are using the correct IP address Use the ZyXEL Device s LAN IP address when configuring from the LAN Use the ZyXEL Device s WAN IP address when configuring from the WAN...

Страница 217: ...in your computer s ARP table Try to access the ZyXEL Device using another service such as Telnet If you can access the ZyXEL Device check the remote management settings and firewall rules to find out...

Страница 218: ...ction 1 4 on page 28 If the ZyXEL Device is sending or receiving a lot of information try closing some programs that use the Internet especially peer to peer applications 2 Reboot the ZyXEL Device 3 I...

Страница 219: ...your telephone is connected to the corresponding PHONE port 3 You can also check the VoIP status in the Status screen 4 If the VoIP settings are correct use speed dial to make peer to peer calls If yo...

Страница 220: ...Chapter 21 Troubleshooting P 2304R P1 Series User s Guide 220...

Страница 221: ...tions 223 Pop up Windows JavaScripts and Java Permissions 229 Setting up Your Computer s IP Address 235 IP Addresses and Subnetting 249 SIP Passthrough 257 NAT 259 Internal SPTGEN 267 Services 283 Leg...

Страница 222: ...222...

Страница 223: ...tion Auto crossover Ethernet port Phone Ports Four FXS Foreign Exchange Station POTS ports Feeding Voltage On hook 48V Minimum Voltage 20V Off hook 24V Ringing Voltage 40V RMS at 5 REN Operation Tempe...

Страница 224: ...t is used to send traffic to a specific group of computers The ZyXEL Device supports versions 1 and 2 of IGMP Internet Group Management Protocol used to join multicast groups see RFC 2236 IP Alias IP...

Страница 225: ...from the Internet to your network is blocked unless it is initiated from your network This means that probes from the outside to your network are not allowed but you can safely browse the Internet and...

Страница 226: ...ng polarity reversal Protocol Support PPP over Ethernet RFC 2516 Transparent bridging for unsupported network layer protocols DHCP Client Management Embedded Web Configurator CLI Command Line Interpre...

Страница 227: ...Volts 1 25A Power Consumption 11 W Safety Standards UL CUL CSA UL 1310 CSA C22 2 No 223 NORTH AMERICAN PLUG STANDARDS AC Power Adapter Model AA 121A25 Input Power AC120Volts 60Hz 19W Output Power AC 1...

Страница 228: ...Appendix A Product Specifications P 2304R P1 Series User s Guide 228...

Страница 229: ...nternet Explorer Pop up Blockers You may have to disable pop up blocking to log into your device Either disable pop up blocking enabled by default in Windows XP SP Service Pack 2 or allow pop up block...

Страница 230: ...es any web pop up blockers you may have enabled Figure 122 Internet Options 3 Click Apply to save this setting Enable pop up Blockers with Exceptions Alternatively if you only want to allow pop up win...

Страница 231: ...er s Guide 231 Figure 123 Internet Options 3 Type the IP address of your device the web page that you do not want to have blocked with the prefix http For example http 192 168 1 1 4 Click Add to move...

Страница 232: ...not display properly in Internet Explorer check that JavaScripts are allowed 1 In Internet Explorer click Tools Internet Options and then the Security tab Figure 125 Internet Options 2 Click the Custo...

Страница 233: ...Settings Java Scripting Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll down to Microsoft VM 4 Under Java perm...

Страница 234: ...missions P 2304R P1 Series User s Guide 234 JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 make sure that Use Java 2 for applet under Java Sun is selected 3...

Страница 235: ...onents you need to install and use TCP IP on your computer Windows 3 1 requires the purchase of a third party TCP IP application package TCP IP should already be installed on computers using Windows N...

Страница 236: ...then click Add 3 Select the manufacturer and model of your network adapter and then click OK If you need TCP IP 1 In the Network window click Add 2 Select Protocol and then click Add 3 Select Microso...

Страница 237: ...c select Obtain an IP address automatically If you have a static IP address select Specify an IP address and type your information into the IP Address and Subnet Mask fields Figure 130 Windows 95 98 M...

Страница 238: ...to save and close the TCP IP Properties window 6 Click OK to close the Network window Insert the Windows CD if prompted 7 Restart your computer when prompted Verifying Settings 1 Click Start and then...

Страница 239: ...eries User s Guide 239 Figure 132 Windows XP Start Menu 2 In the Control Panel double click Network Connections Network and Dial up Connections in Windows 2000 NT Figure 133 Windows XP Control Panel 3...

Страница 240: ...tab in Win XP and then click Properties Figure 135 Windows XP Local Area Connection Properties 5 The Internet Protocol TCP IP Properties window opens the General tab in Windows XP If you have a dynam...

Страница 241: ...k Add In TCP IP Address type an IP address in IP address and a subnet mask in Subnet mask and then click Add Repeat the above two steps for each IP address you want to add Configure additional default...

Страница 242: ...w the General tab in Windows XP Click Obtain DNS server address automatically if you do not know your DNS server IP address es If you know your DNS server IP address es click Use the following DNS ser...

Страница 243: ...10 Close the Network Connections window Network and Dial up Connections in Windows 2000 NT 11 Restart your computer if prompted Verifying Settings 1 Click Start All Programs Accessories and then Comm...

Страница 244: ...the TCP IP tab 3 For dynamically assigned settings select Using DHCP from the Configure list Figure 140 Macintosh OS X Network 4 For statically assigned settings do the following From the Configure bo...

Страница 245: ...ending on your Linux distribution and release version Make sure you are logged in as the root administrator Using the K Desktop Environment KDE Follow the steps below to configure your computer IP add...

Страница 246: ...P Addresses and fill in the Address Subnet mask and Default Gateway Address fields 3 Click OK to save the changes and close the Ethernet Device General screen 4 If you know your DNS server IP address...

Страница 247: ...le with any plain text editor If you have a dynamic IP address enter dhcp in the BOOTPROTO field The following figure shows an example Figure 145 Red Hat 9 0 Dynamic IP Address Setting in ifconfig eth...

Страница 248: ...ngs Enter ifconfig in a terminal screen to check your TCP IP properties Figure 149 Red Hat 9 0 Checking TCP IP Properties nameserver 172 23 5 1 nameserver 172 23 5 2 root localhost init d network rest...

Страница 249: ...t share a common street name the hosts on a network share a common network number Similarly as each house has its own house number each host on the network has its own unique identifying number the ho...

Страница 250: ...the IP address is part of the host ID The following example shows a subnet mask identifying the network number in bold text and host ID of an IP address 192 168 1 2 in decimal By convention subnet mas...

Страница 251: ...wed by a continuous number of zeros for the remainder of the 32 bit mask you can simply specify the number of ones instead of writing the value of each octet This is usually specified by writing a fol...

Страница 252: ...shows the company network before subnetting Figure 151 Subnetting Example Before Subnetting You can borrow one of the host ID bits to divide the network 192 168 1 0 into two separate sub networks The...

Страница 253: ...168 1 254 Example Four Subnets The previous example illustrated using a 25 bit subnet mask to divide a 24 bit address into two subnets Similarly to divide a 24 bit address into four subnets you need...

Страница 254: ...Subnet 3 IP SUBNET MASK NETWORK NUMBER LAST OCTET BIT VALUE IP Address 192 168 1 128 IP Address Binary 11000000 10101000 00000001 10000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subne...

Страница 255: ...HOST BITS SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 1 255 255 255 128 25 2 126 2 255 255 255 192 26 4 62 3 255 255 255 224 27 8 30 4 255 255 255 240 28 16 14 5 255 255 255 248 29 32 6 6 255 255 255 2...

Страница 256: ...ou entered You don t need to change the subnet mask computed by the ZyXEL Device unless you are instructed to do otherwise Private IP Addresses Every machine on the Internet must have a unique address...

Страница 257: ...sessions The SIP UA sends registration packets to the SIP server periodically and keeps the session alive in the ZyXEL Device If the SIP client does not have this mechanism and makes no call during t...

Страница 258: ...Appendix E SIP Passthrough P 2304R P1 Series User s Guide 258...

Страница 259: ...k while the global address refers to the IP address of the host when the same packet is traveling in the WAN side Note that inside outside refers to the location of a host while global local refers to...

Страница 260: ...all protection With no servers defined your ZyXEL Device filters out all incoming inquiries thus preventing intruders from probing your network For more information on IP address translation refer to...

Страница 261: ...ce maps one local IP address to one global IP address Many to One In Many to One mode the ZyXEL Device maps multiple local IP addresses to one global IP address This is equivalent to SUA i e PAT port...

Страница 262: ...at may be implemented on a router in front of the ZyXEL Device Full Cone Restricted Cone Port Restricted Cone Symmetric Table 126 NAT Mapping Types TYPE IP MAPPING ABBREVIATION One to One ILA1 IGA1 1...

Страница 263: ...t B and sends them to IP address 1 port A Figure 155 Full Cone NAT Example Table 127 NAT Types FULL CONE RESTRICTED CONE PORT RESTRICTED CONE SYMMETRIC Incoming Packets Any external host can send pack...

Страница 264: ...em to the ZyXEL Device at IP address 1 port A Packets have not been sent from 1 A to 3 or 5 so 3 and 5 cannot send packets to 1 A Figure 156 Restricted Cone NAT Example Port Restricted Cone NAT As in...

Страница 265: ...address and port In the following example the NAT router maps the ZyXEL Device s source address IP address 1 and port A to IP address 2 and port B on the external network for packets sent to IP addre...

Страница 266: ...the outside world You may enter a single port number or a range of port numbers to be forwarded and the local IP address of the desired server The port number identifies a service for example web serv...

Страница 267: ...ce You can use FTP to get the Internal SPTGEN file Then edit the file in a text editor and use FTP to upload it again to the same device or another one See the following sections for details The Confi...

Страница 268: ...if you enter a value other than 0 or 1 in the Input column of Field Identification Number 1000000 refer to Figure 159 on page 267 Figure 160 Invalid Parameter Entered Command Line Example The ZyXEL De...

Страница 269: ...our computer to the ZyXEL Device using the put command computer to the ZyXEL Device 4 Exit this FTP application Figure 163 Internal SPTGEN FTP Upload Example c ftp 192 168 1 1 220 PPP FTP version 1 0...

Страница 270: ...004 Route IP 0 No 1 Yes 1 10000006 Bridge 0 No 1 Yes 0 Table 130 Menu 3 Menu 3 1 General Ethernet Setup FIN FN PVA INPUT 30100001 Input Protocol filters Set 1 2 30100002 Input Protocol filters Set 2 2...

Страница 271: ...n 0 None 1 Both 2 In Only 3 Out Only 0 30200011 Version 0 Rip 1 1 Rip 2B 2 Rip 2M 0 30200012 Multicast 0 IGMP v2 1 IGMP v1 2 None 2 30200013 IP Policies Set 1 1 12 256 30200014 IP Policies Set 2 1 12...

Страница 272: ...on 0 None 1 Both 2 In Only 3 Out Only 0 30201018 Version 0 Rip 1 1 Rip 2B 2 Rip 2M 0 30201019 IP Alias 2 Incoming protocol filters Set 1 256 30201020 IP Alias 2 Incoming protocol filters Set 2 256 302...

Страница 273: ...e 0 30500013 Wlan 4X Mode 0 Disable 1 Enable 0 MENU 3 5 1 WLAN MAC ADDRESS FILTER FIN FN PVA INPUT 30501001 Mac Filter Active 0 No 1 Yes 0 30501002 Filter Action 0 Allow 1 Deny 0 30501003 Address 1 00...

Страница 274: ...0000016 ISP incoming protocol filter set 1 6 40000017 ISP incoming protocol filter set 2 256 40000018 ISP incoming protocol filter set 3 256 40000019 ISP incoming protocol filter set 4 256 40000020 IS...

Страница 275: ...ic Route set 1 Private 0 No 1 Yes 0 Menu 12 1 2 IP Static Route Setup FIN FN PVA INPUT 120108001 IP Static Route set 8 Name Str 120108002 IP Static Route set 8 Active 0 No 1 Yes 0 120108003 IP Static...

Страница 276: ...l IP address 0 0 0 0 150000022 SUA Server 6 Active 0 No 1 Yes 0 0 150000023 SUA Server 6 Protocol 0 All 6 TCP 17 U DP 0 150000024 SUA Server 6 Port Start 0 150000025 SUA Server 6 Port End 0 150000026...

Страница 277: ...0054 SUA Server 12 Port Start 0 150000055 SUA Server 12 Port End 0 150000056 SUA Server 12 Local IP address 0 0 0 0 Table 133 Menu 15 SUA Server Setup continued Table 134 Menu 21 1 Filter Set 1 Menu 2...

Страница 278: ...t 1 Rule 2 Dest Subnet Mask 0 210102006 IP Filter Set 1 Rule 2 Dest Port 138 210102007 IP Filter Set 1 Rule 2 Dest Port Comp 0 none 1 equal 2 not equal 3 less 4 greater 1 210102008 IP Filter Set 1 Rul...

Страница 279: ...er Set 2 Rule 1 Src Port Comp 0 none 1 equal 2 not equal 3 less 4 g reater 0 210201013 IP Filter Set 2 Rule 1 Act Match 1 check next 2 forward 3 drop 3 210201014 IP Filter Set 2 Rule 1 Act Not Match 1...

Страница 280: ...200001 Authentication Server Configured 0 No 1 Yes 1 230200002 Authentication Server Active 0 No 1 Yes 1 230200003 Authentication Server IP Address 192 168 1 32 230200004 Authentication Server Port 18...

Страница 281: ...s 0 TKIP 1 WEP 0 230400010 WPA Broadcast Multicast Key Update Timer 0 Table 136 Menu 23 System Menus continued Table 137 Menu 24 11 Remote Management Control Menu 24 11 Remote Management Control FIN F...

Страница 282: ...iated with the ZyXEL Device s command interpreter commands Table 138 Command Examples FIN FN PVA INPUT ci command for annex a wan adsl opencmd FIN FN PVA INPUT 990000001 ADSL OPMD 0 glite 1 t1 413 2 g...

Страница 283: ...h this service is used Table 139 Examples of Services NAME PROTOCOL PORT S DESCRIPTION AH IPSEC_TUNNEL User Defined 51 The IPSEC AH Authentication Header tunneling protocol uses this service AIM TCP 5...

Страница 284: ...senger service uses this protocol NetBIOS TCP UDP TCP UDP TCP UDP TCP UDP 137 138 139 445 The Network Basic Input Output System is used for communication between computers in a LAN NEW ICQ TCP 5190 An...

Страница 285: ...messages from one e mail server to another SMTPS TCP 465 This is a more secure version of SMTP that runs over SSL SNMP TCP UDP 161 Simple Network Management Program SNMP TRAPS TCP UDP 162 Traps for us...

Страница 286: ...file transfer protocol similar to FTP but uses the UDP User Datagram Protocol rather than TCP Transmission Control Protocol VDOLIVE TCP UDP 7000 user defined A videoconferencing solution The UDP port...

Страница 287: ...otice Trademarks ZyNOS ZyXEL Network Operating System is a registered trademark of ZyXEL Communications Inc Other trademarks mentioned in this publication are used for identification purposes only and...

Страница 288: ...the date of purchase During the warranty period and upon proof of purchase should the product have indications of failure due to faulty workmanship and or materials ZyXEL will at its discretion repai...

Страница 289: ...ed by ZyXEL to the corresponding return address Postage Paid This warranty gives you specific legal rights and you may also have other rights that vary from country to country Registration Register yo...

Страница 290: ...Appendix I Legal Information P 2304R P1 Series User s Guide 290...

Страница 291: ...578 2439 Web Site www zyxel com www europe zyxel com FTP Site ftp zyxel com ftp europe zyxel com Regular Mail ZyXEL Communications Corp 6 Innovation Road II Science Park Hsinchu 300 Taiwan Costa Rica...

Страница 292: ...sinki Finland France E mail info zyxel fr Telephone 33 4 72 52 97 97 Fax 33 4 72 52 19 20 Web Site www zyxel fr Regular Mail ZyXEL France 1 rue des Vergers Bat 1 C 69760 Limonest France Germany Suppor...

Страница 293: ...2001 U S A Norway Support E mail support zyxel no Sales E mail sales zyxel no Telephone 47 22 80 61 80 Fax 47 22 80 61 81 Web Site www zyxel no Regular Mail ZyXEL Communications A S Nils Hansens vei 1...

Страница 294: ...mail support ua zyxel com Sales E mail sales ua zyxel com Telephone 380 44 247 69 78 Fax 380 44 494 49 32 Web Site www ua zyxel com Regular Mail ZyXEL Ukraine 13 Pimonenko Str Kiev 04050 Ukraine Unite...

Страница 295: ...226 certifications 287 notices 288 viewing 288 Change Password 34 Circuit switched Telephone Networks 107 Class of Service 112 Class of Service CoS 112 Clicks 112 Client Server SIP 108 Client server...

Страница 296: ...122 Foreign Exchange Station FXS 223 Frequency Pairs 112 FTP 165 188 226 266 FTP Restrictions 165 Full Cone NAT 263 FXS Foreign Exchange Station 223 G G 168 121 225 G 168 Echo Cancellation 226 G 711...

Страница 297: ...166 Modem 226 modes 71 Bridge See Bridge mode Router See Router mode Multimedia 107 Multiple Telephones 224 MWI 112 N NAT 256 259 266 and Remote Management 165 Application 261 Definitions 259 Full Co...

Страница 298: ...10 registration product 289 related documentation 3 Remote Management 165 226 remote management SNMP 166 Remote Management and NAT 165 Remote Management Limitations 165 REN 224 Required Bandwidth 112...

Страница 299: ...etric NAT Outgoing 265 syntax conventions 4 Syslog 226 system modes See modes System Name 187 System Parameter Table Generator 267 System Timeout 167 T Telephone Keys 112 Telnet 226 Text File Format 2...

Страница 300: ...04R P1 Series User s Guide 300 Voice Coding 111 Voice Functions 226 Voice Mail 107 Voice over IP 27 107 VoIP 27 VoIP Service Provider 29 W warranty 288 note 288 Waveform Codec 111 Web Configurator 33...

Отзывы:

Нет отзывов

Похожие инструкции для P-2304R

Бренд: TCS Страницы: 56

NETWORK INTERFACE CARDS

Бренд: Secure Computing Страницы: 17

Бренд: YX Wireless Страницы: 12

Бренд: Yeastar Technology Страницы: 14

Бренд: Advantech Страницы: 74

NDP-ENG ETHERNET NEXSYS GATEWAY

Бренд: Crest Audio Страницы: 2

ZyWALL USG 2000

Бренд: ZyXEL Communications Страницы: 120

ARG600 Single SIM Variant

Бренд: ABB Страницы: 64

Бренд: MikroTik Страницы: 22

Бренд: MIKRODEV Страницы: 12

Бренд: AT&T Страницы: 25

Бренд: AT&T Страницы: 3

U-verse 3800HGV-B

Бренд: AT&T Страницы: 3

AT&T Wireless Home Phone Base

Бренд: AT&T Страницы: 39

Gateway 2070 Series

Бренд: 2Wire Страницы: 25

Бренд: Teltonika Страницы: 6

OfficeConnect 3CR856-95-US

Бренд: 3Com Страницы: 2

3CRWE51196 - OfficeConnect Wireless Cable/DSL Gateway

Бренд: 3Com Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды