background image

ZyXEL Confidential 

340adq4c0 

21/36

<yes|no> 

retrieve firewall 

 

 

 

Retrieve current saved firewall settings 

save 

firewall 

 

 

 

Save the current firewall settings 

display 

firewall 

 

 

 

Displays all the firewall settings 

 

 

set <set#> 

 

 

Display current entries of a set configuration; 
including timeout values, name, default-permit, 
and number of rules in the set. 

 

 

set <set#> 

rule <rule#> 

 

Display current entries of a rule in a set. 

 

 

attack 

 

 

Display all the attack alert settings in PNC 

 

 

e-mail 

 

 

Display all the e-mail settings in PNC 

 

 

 

 

Display all the available sub commands 

  

e-mail 

mail-server 
<mail server IP> 

 

Edit the mail server IP to send the alert 

  

 

return-addr 
<e-mail address> 

 

Edit the mail address for returning an email alert 

  

 

e-mail-to 

<e-mail 

address> 

 

Edit the mail address to send the alert 

 

 

 

policy <full | 
hourly |daily | 
weekly> 

 

Edit email schedule when log is full or per hour, 
day, week. 

 

 

 

day <sunday | 
monday | tuesday 
| wednesday | 
thursday | friday | 
saturday> 

 

Edit the day to send the log when the email policy 
is set to Weekly 

 

 

 

hour <0~23> 

 

Edit the hour to send the log when the email 
policy is set to daily or weekly 

 

 

 

minute <0~59> 

 

Edit the minute to send to log when the email 
policy is set to daily or weekly 

  

 

Subject 

<mail 

subject> 

 

Edit the email subject 

  

attack 

send-alert 
<yes|no> 

 

Activate or deactivate the firewall DoS attacks 
notification emails 

 

 

 

block <yes|no> 

 

Yes: Block the traffic when exceeds the 
tcp-max-incomplete threshold 

 

 

 

 

 

No: Delete the oldest half-open session when 
exceeds the tcp-max-incomplete threshold 

  

 

block-minute 
<0~255> 

 

Only valid when sets 'Block' to yes. The unit is 
minute 

  

 

minute-high 
<0~255> 

 

The threshold to start to delete the old half-opened 
sessions to minute-low 

  

 

minute-low 
<0~255> 

 

The threshold to stop deleting the old half-opened 
session 

  

 

max-incomplete-
high <0~255> 

 

The threshold to start to delete the old half-opened 
sessions to max-incomplete-low 

  

 

max-incomplete-
low <0~255> 

 

The threshold to stop deleting the half-opened 
session 

  

 

tcp-max-incompl
ete <0~255> 

 

The threshold to start executing the block field 

 

 

set <set#> 

name <desired 
name> 

 

Edit the name for a set 

  

 

default-permit 
<forward|block> 

 

Edit whether a packet is dropped or allowed when 
it does not match the default set 

  

 

icmp-timeout 
<seconds> 

 

Edit the timeout for an idle ICMP session before it 
is terminated 

Содержание P-2602HW-D1A

Страница 1: ...ZyXEL Confidential 340adq4c0 1 36 ZyXEL Firmware Release Note P 2602H HL HW HWL D1A Standard version Release 3 40 ADQ 4 C0 Date March 16 2007 Author Chun Hsing Chien ...

Страница 2: ...her data rate than ADSL speed up to 12Mbps ADSL2 faster start up advanced diagnostics and better power management This high performance ADSL router is a high integrated 4 port 10 100M auto MDI MDIX switch advanced secure VPN Firewall Bandwidth Management IEEE 802 11g wireless access and Voice over IP communication capability for small medium business or small remote office P2602HWL D1A provides an...

Страница 3: ...g WPA setting in SMT menu 23 4 Modifications in V 3 40 ADQ 4 b2 02 08 2007 BUG FIX SPR 070130630 When setting Voice Compression Type to G_726 16 or G_726 24 caller can not make the VoIP call with callee Modifications in V 3 40 ADQ 4 b1 01 17 2007 ENHANCEMENT Support VoIP Romfile convert to make it backward compatiable with ADQ AJK 2 and ADQ AJK 3 Converted settings included SIP PhoneBook and Phone...

Страница 4: ...UI CLI command Support G 723 Codec for CLI command only Support Call Fallback GUI Support Auto Dail HotLine GUI Enhanced Distinctive Ring GUI and rename Group Ring to Distinctive Ring Modifications in V 3 40 ADQ 3 b2 09 27 2006 ENHANCEMENT Support Auto MBM Synchronize the reset button behavior 1 sec enable disable WLAN function 3 sec enable OTIST 10 sec reset to factory default Support Certificate...

Страница 5: ...3 40 ADQ 2 C0 07 24 2006 Change to FCS version KNOWN ISSUE When Country Code UK the Caller ID can t display Modifications in V 3 40 ADQ 2 b2 07 21 2006 BUGFIX Analog Phone 1 Phone 2 can t display CLID Modifications in V 3 40 ADQ 2 b1 07 18 2006 ENHANCEMENT Country Code support for different ring and tone for USA AUSTRIA BELGIUM DENMARK FINLAND NETHERLAND NORWAY SPAIN SWEDEN SWITZERLAND UK GERMANY ...

Страница 6: ...Modifications in V 3 40 ADQ 0 C0 05 12 2006 Change to FCS version Modifications in V 3 40 ADQ 0 b11 05 10 2006 None Modifications in V 3 40 ADQ 0 b10 05 08 2006 ENHANCEMENT Enlarge the FTP_BUFFER_SIZE from 0x320000 to 0x3D0000 Modifications in V 3 40 ADQ 0 b9 04 26 2006 ENHANCEMENT Support WLAN LED on off check mechanism on HTP test Support WLAN power switch when power cycle fail Support Outbound ...

Страница 7: ...ONE NAT Support TI 1350 and APDK 6 2 0 25 Support Web NewGUI Enhance Triple Play feature 1 Support Multi ports to Multi PVCs mapping 2 Support WLAN port mapping 3 Support IGMP Snooping Integrated DNS Support Time Zone by City Support throughput enhancement Support OTIST press 1s on reset button to turn on or turn off the WLAN 5s for OTIST 10s to reset back to factory default Support VoIP Phase 2 c...

Страница 8: ...ers in GUI status menu countrycode countrycode set country code date year month date set display date domainname display domain name edit filename edit a text file enhanced return OK if commands are supported for PWC purposes errctl level set the error control level 0 crash no save not in debug mode default 1 crash no save in debug mode 2 crash save not in debug mode 3 crash save in debug mode eve...

Страница 9: ...g buffer mail alertAddr mail address send alerts to this mail address display display mail setting logAddr mail address send logs to this mail address schedule display display mail schedule schedule hour 0 23 hour time to send the logs schedule minute 0 59 minute time to send the logs schedule policy 0 full 1 hourly 2 daily 3 weekly 4 non e mail schedule policy schedule week 0 sun 1 mon 2 tue 3 we...

Страница 10: ...er quit quit CI command mode reboot code reboot system code 0 cold boot 1 immediately boot 2 bootModule debug mode reslog disp display resources trace clear clear resources trace stdio second change terminal timeout value time hour min sec display set system time timer disp display timer cell trace on off set display timer information online start tmValue start a timer stop ID stop a timer trcdisp...

Страница 11: ...et server secure ip addr spt dump dump spt raw data root dump spt root data rn dump spt remote node data user dump spt user data slot dump spt slot data save save spt data size display spt record size clear clear spt data cmgr trace disp ch name show the connection trace of this channel clear ch name clear the connection trace of this channel cnt ch name show channel connection related counter soc...

Страница 12: ...init ch_name initialize LAN version see ethernet device type pkttest disp packet level set ether test packet display level event ch on off turn on off ether test event display sap ch_name send sap packet arp ch_name ip addr send arp packet to ip addr mem addr data type write memory data in address test ch_id test_id arg3 arg4 do LAN test pncconfig ch_name do pnc config mac src_ch dest_ch ipaddr fa...

Страница 13: ...n system will do L1 shutdown RA3 default is 3db noisemargin dB if noise margin is greater than this value and rate is worse than before then system will do L1 shutdown RA3 default is 8db persisttime time when the adaptive condition is matched system will continue to monitor the time period persisttime before doing L1 shutdown RA3 default is 30 seconds timeinterval mins when L1 shutdown RA3 is done...

Страница 14: ...onfiguration data chid Configure channel ID essid Configure ESSID hiddenssid on off Enable Disable hidden SSID threshold rts RTS threshold value Set threshold rts value Fragment Fragment threshold value Set threshold fragmentation value wep type none 64 128 256 Set WEP key to 64 128 or 256 bits Key Set set value Set WEP key value per set Key Default set Set WEP default key set macfilter Enable Ena...

Страница 15: ...k set dhcp netmask pool startIP numIP set dhcp ip pool renewaltime period set dhcp renew time rebindtime period set dhcp rebind time reset reset dhcp table server serverIP set dhcp server ip for relay dnsorder router isp set dhcp dns order status option show dhcp status static delete num all delete static dhcp mac table display display static dhcp mac table update num mac ip update static dhcp mac...

Страница 16: ... accept gateway drop an entry from the RIP refuse list activate enable rip merge on off set RIP merge flag refuse gateway add an entry to the rip refuse list request addr port send rip request to some address and port reverse on off RIP Poisoned Reverse status display rip statistic counters trace enable debug rip trace mode iface in mode set rip in mode iface out mode set rip out mode dialin_user ...

Страница 17: ... counter information switch turn on off ip pr table counter flag nat timeout gre timeout set nat gre timeout value iamt timeout set nat iamt timeout value generic timeout set nat generic timeout value reset timeout set nat reset timeout value tcp timeout set nat tcp timeout value tcpother timeout set nat tcp other timeout value update create nat system information from spSysParam iamt display nat ...

Страница 18: ...ding to peer local IP address This command is to show these runtime SPD switch on off As long as there exists one active IPSec rule all packets will run into IPSec process to check SPD This switch is to control if a packet should do this If it is turned on even there exists active IPSec rules packets will not run IPSec process timer chk_my_ip 1 3600 Adjust timer to check if WAN IP in menu is chang...

Страница 19: ... negotiation mode in phase 1 in IKE preShareKey string Set pre shared key in phase 1 in IKE p1EncryAlgo 0 DES 1 3DES Set encryption algorithm in phase 1 in IKE p1AuthAlgo 0 MD5 1 SHA1 Set authentication algorithm in phase 1 in IKE p1SaLifeTime seconds Set sa life time in phase 1 in IKE p1KeyGroup 0 DH1 1 DH2 Set key group in phase 1 in IKE activeProtocol 0 AH 1 ESP Set active protocol in phase 2 i...

Страница 20: ...set id reset brt data cnt related to bridge routing statistic table disp display bridge route counter clear clear bridge route counter stat related to bridge packet statistic table disp display bridge route packet counter clear clear bridge route packet counter disp display bridge source table Radius Related Command Home Command Description radius auth show current radius authentication server con...

Страница 21: ...he log when the email policy is set to daily or weekly minute 0 59 Edit the minute to send to log when the email policy is set to daily or weekly Subject mail subject Edit the email subject attack send alert yes no Activate or deactivate the firewall DoS attacks notification emails block yes no Yes Block the traffic when exceeds the tcp max incomplete threshold No Delete the oldest half open sessi...

Страница 22: ... address Select and edit a source address of a packet which complies to this rule srcaddr subnet ip address subnet mask Select and edit a source address and subnet mask if a packet which complies to this rule srcaddr range start ip address end ip address Select and edit a source address range of a packet which complies to this rule destaddr single ip address Select and edit a destination address o...

Страница 23: ...rule or all ACLs active yes no Active firewall or deactivate firewall cnt disp Display firewall log type and count clear Clear firewall log count pktdump Dump the 64 bytes of dropped packet by firewall update Update firewall dynamicrule tcprst rst Set TCP reset sending on off rst113 Set TCP reset sending for port 113 on off display Display TCP reset sending setting icmp dos smtp Set SMTP DoS defen...

Страница 24: ...2m Set LAN IP RIP mode and RIP version if you choose none in the first parameter the second parameter is also necessary Menu 3 2 lan multicast none igmpv1 igmpv2 Set LAN IP multicast mode Menu 3 2 lan filter incoming outgoing tcpip generic set 1 set 2 set 3 set 4 Set LAN filter to be incoming outgoing or protocol device and the filter set could be 1 12 0 means empty Example Lan filter incoming tcp...

Страница 25: ...ne in out both rip1 rip2b rip2m Set the wan RIP mode and RIP version Menu 11 3 wan node multicast none igmpv1 igmpv2 Set the wan IP multicast mode Menu 11 3 wan node filter incoming outgoing tcpip generic set 1 set 2 set 3 set 4 Set WAN filter incoming or outgoing can be specified and filter set can be 1 12 value 0 means empty Menu 11 5 wan node save Save the related parameters of WAN node wan nod...

Страница 26: ...al Menu 15 2 sys filter set index set rule Set the index of filter set rule you may apply this command first before you begin to configure the filter rules Menu 21 filter sets sys filter set name set name Set the name of filter set Menu 21 filter sets sys filter set type tcpip generic Set the type of filter rule Menu 21 filter sets sys filter set enable Enable the rule Menu 21 filter sets sys filt...

Страница 27: ... system password sys baud 1 5 Index 12 3 will be 38400 19200 9600 57600 115200 bps save immediately Menu 24 2 2 console speed sys server load Load setting before editing sys server access ftp telnet web access type Set the server access type to be 0 ALL 1 None 2 LAN only 3 WAN only Menu 24 11 remote management sys server port ftp telnet web port Set the server port number Menu 24 11 remote managem...

Страница 28: ...on interval default 0 packetsize index g711 0 10ms 1 20ms 2 30ms g729 0 10ms 1 20ms 2 30ms Change the transmit packetized period default 20ms save index Save the configured value display index Display the configured value dumpCfg Display working buffer value free Free working buffer pstn index index Select the PSTN index phonebook index 0 32 digits blank Signaling the phone number prefixcode index...

Страница 29: ...mu 8 G711A 18 G729 Change the primary compression type sec_compression index 0 G711mu 8 G711A 18 G729 Change the secondary compression type portrange index start port end port 40000 65535 RTP RTCP port range setting transport index udp tcp Setup SIP transport type callerid index disable enable Disable or enable the caller id feature for VoIP autoredialpstn index disable enable Disable or enable th...

Страница 30: ...usiconholdacti ve index 0 off 1 on Disable or enable music on hold musiconholdtone index tone Select music on hold tone callfwd index 1 2 Select call forward table mixermode index 0 Local 1 Remote Select 3 way conference mixermode transafterconf index 0 off 1 on ON OFF transfer conference rfc3263 index 0 off 1 on Disable or enable the rfc3263 featuresenable index 0 1 ON OFF feature bits Save index...

Страница 31: ...ingtime index 0 128 sec Setup call waiting time cidtype index 0 During Ring 1 Prior Ring Call ID display moment cidpayload index 0 FSK 1 DTMF Setup DTMF payload type cidfskstartinte rval index 0 65535 msec Setup FSK start interval This commands actually generate extra 200ms delay ex set to 0 ms 200ms set to 200ms 400 ms ciddtmfstartint erval index 0 65535 msec Setup DTMF start interval This comman...

Страница 32: ... index 0 2 Sutup ivr language pstnfallback index 0 Disable PSTN Fallback 1 Enable PSTN Fallback Active in active PSTN Fallback Func sipfallback index 0 Disable SIP Fallback 1 Enable SIP Fallback Active in active SIP Fallback Func dialmethod index 0 European RR Number 1 USA RR Select dialmethod removepound index 0 not removed 1 removed pound On OFF the removed pound countrycode index CountryCode h ...

Страница 33: ... up fxolifestable index LifeLine Stable Interval ms Setup LifeLine stable interval fxophselect index phone port 0 All 0 No 1 Yes Select fxo mapping phone save index Save the configured value display Display the configured value dumpCfg Display working buffer value forwar d index index Select forward index unconditional index phone number Setup unconditional call forward number busy index phone num...

Страница 34: ...onse Busy Call Response Busy Call sigrin gback Response Ring Response Ring sigreg index Register to SIP server sigunr eg index Unregister Sip server regsta tus index Show register s information sigok pick up a call pick up a call sigbye drop or cancel a call drop or cancel a call sipclo se Close the SIP userna me proxy 0 off 1 on Use SIP proxy contac t LAN Addr 0 Remote Node WAN Addr 1 2 ackbra nc...

Страница 35: ...PT add port 0 3 destIp destPort srcPort PT table Display all the current active RTP session usage Display all the used port rxtime msec Setup RX time txtime msec Setup TX time dtmf digit 1 1 digit 2 2 digit 3 3 statis tics index Show the statistics linkti me index Show the RTP linktime autopro active Active in active autopro startn ow Start autopro now termin ate Terminate autopro itemdi splay Dis...

Страница 36: ...debug mode dialplan clear Clear dial plan in memory dial dial phone number Simulate dialing digits for dial plan parsing load Load dial plan from flash and overwrite dial plan in memory save Save dial plan to flash set set all dial plans Setup dial plan rule show Show dial plan in detail switch ON OFF dial plan debug ON OFF dialplan debug mode logTest RD debug command tebasic For TE use only ...

Отзывы: