Главная
/
ZyXEL Communications
/
Prestige 2602R Series
/
Руководство пользователя

ZyXEL Communications Prestige 2602R Series, Руководство пользователя

Поделиться

Страница: 139 / 450

ZyXEL Communications Prestige 2602R Series Скачать руководство пользователя страница 139

Prestige 2602R Series User’s Guide

Chapter 12 Firewalls

139

Under normal circumstances, the application that initiates a session sends a SYN
(synchronize) packet to the receiving server. The receiver sends back an ACK
(acknowledgment) packet and its own SYN, and then the initiator responds with an ACK
(acknowledgment). After this handshake, a connection is established.

•

SYN Attack

floods a targeted system with a series of SYN packets. Each packet causes

the targeted system to issue a SYN-ACK response. While the targeted system waits for
the ACK that follows the SYN-ACK, it queues up all outstanding SYN-ACK responses
on what is known as a backlog queue. SYN-ACKs are moved off the queue only when an
ACK comes back or when an internal timer (which is set at relatively long intervals)
terminates the three-way handshake. Once the queue is full, the system will ignore all
incoming SYN requests, making the system unavailable for legitimate users.

Figure 53

SYN Flood

• In a

LAND Attack

, hackers flood SYN packets into the network with a spoofed source

IP address of the targeted system. This makes it appear as if the host computer sent the
packets to itself, making the system unavailable while the target system tries to respond
to itself.

7

A

brute-force

attack, such as a "Smurf" attack, targets a feature in the IP specification

known as directed or subnet broadcasting, to quickly flood the target network with
useless data. A Smurf hacker floods a router with Internet Control Message Protocol
(ICMP) echo request packets (pings). Since the destination IP address of each packet is
the broadcast address of the network, the router will broadcast the ICMP echo request
packet to all hosts on the network. If there are numerous hosts, this will create a large
amount of ICMP echo request and response traffic. If a hacker chooses to spoof the
source IP address of the ICMP echo request packet, the resulting ICMP traffic will not
only clog up the "intermediary" network, but will also congest the network of the spoofed
source IP address, known as the "victim" network. This flood of broadcast traffic
consumes all available bandwidth, making communications impossible.

«
...
137
138
139
140
141
...
»

Содержание Prestige 2602R Series

Страница 1: ...Prestige 2602R Series ADSL VoIP IAD User s Guide Version 3 40 7 2005...

Страница 2: ......

Страница 3: ...by ZyXEL Communications Corporation All rights reserved Disclaimer ZyXEL does not assume any liability arising out of the application or use of any products or software described herein Neither does i...

Страница 4: ...o radio communications If this equipment does cause harmful interference to radio television reception which can be determined by turning the equipment off and on the user is encouraged to try to corr...

Страница 5: ...r supply is damaged remove it from the power outlet Do NOT attempt to repair the power supply Contact your local vendor to order a new power supply Place connecting cables carefully so that no one wil...

Страница 6: ...ged by an act of God or subjected to abnormal working conditions Note Repair or replacement as provided under this warranty is the exclusive remedy of the purchaser This warranty is in lieu of all oth...

Страница 7: ...busvej 5 2860 Soeborg Denmark sales zyxel dk 45 39 55 07 07 FINLAND support zyxel fi 358 9 4780 8411 www zyxel fi ZyXEL CommunicationsOy Malminkaari 10 00700 Helsinki Finland sales zyxel fi 358 9 4780...

Страница 8: ...zyxel co uk ZyXEL Communications UK Ltd 11 The Courtyard Eastern Road Bracknell Berkshire RG12 2XB United Kingdom UK sales zyxel co uk 44 0 1344 303034 ftp zyxel co uk a is the prefix number you enter...

Страница 9: ...Features of the Prestige 42 1 2 Applications for the Prestige 45 1 2 1 Internet Access 46 1 2 1 1 Internet Single User Account 46 1 2 2 Making Calls via Internet Telephony Service Provider 46 1 2 3 Ma...

Страница 10: ...Setup First Screen 67 3 2 3 Media Bandwidth Mgnt Wizard Setup Second Screen 68 3 2 4 Media Bandwidth Mgnt Wizard Setup Finish 69 3 3 Password Setup 70 3 3 1 Configuring Password 70 Chapter 4 LAN Setu...

Страница 11: ...Setup 83 5 7 Traffic Redirect 86 5 8 Configuring WAN Backup 87 Chapter 6 Network Address Translation NAT Screens 91 6 1 NAT Overview 91 6 1 1 NAT Definitions 91 6 1 2 What NAT Does 92 6 1 3 How NAT W...

Страница 12: ...ation 110 8 4 Quality of Service QoS 113 8 4 1 Type Of Service ToS 113 8 4 2 DiffServ 113 8 4 2 1 DSCP and Per Hop Behavior 113 8 4 3 VLAN 113 8 5 QoS Configuration 114 8 6 Phone 115 8 6 1 Voice Activ...

Страница 13: ...129 10 2 Configuring Dynamic DNS 129 Chapter 11 Time and Date 131 11 1 Pre defined NTP Time Servers List 131 11 2 Configuring Time and Date 131 Chapter 12 Firewalls 135 12 1 Firewall Overview 135 12...

Страница 14: ...curity Ramifications 150 13 3 3 Key Fields For Configuring Rules 151 13 3 3 1 Action 151 13 3 3 2 Service 151 13 3 3 3 Source Address 151 13 3 3 4 Destination Address 151 13 4 Connection Direction Exa...

Страница 15: ...ing UPnP 179 16 1 2 NAT Traversal 179 16 1 3 Cautions with UPnP 179 16 2 UPnP and ZyXEL 180 16 2 1 Configuring UPnP 180 16 3 Installing UPnP in Windows Example 181 16 4 Using UPnP in Windows XP Exampl...

Страница 16: ...andwidth Management Statistics 210 18 10 Bandwidth Monitor 211 Chapter 19 Maintenance 213 19 1 Maintenance Overview 213 19 2 System Status Screen 213 19 2 1 System Statistics 216 19 3 DHCP Table Scree...

Страница 17: ...ccess Configuration 246 Chapter 25 Remote Node Configuration 249 25 1 Remote Node Setup Overview 249 25 2 Remote Node Setup 249 25 2 1 Remote Node Profile 249 25 2 2 Encapsulation and Multiplexing Sce...

Страница 18: ...a Server Behind NAT 273 28 5 General NAT Examples 274 28 5 1 Example 1 Internet Access Only 275 28 5 2 Example 2 Internet Access with an Inside Server 275 28 5 3 Example 3 Multiple Public IP Addresses...

Страница 19: ...re and Configuration File Maintenance 313 33 1 Filename Conventions 313 33 2 Backup Configuration 314 33 2 1 Backup Configuration 314 33 2 2 Using the FTP Command from the Command Line 315 33 2 3 Exam...

Страница 20: ...35 3 Remote Management and NAT 333 35 4 System Timeout 333 Chapter 36 IP Policy Routing 335 36 1 IP Policy Routing Overview 335 36 2 Benefits of IP Policy Routing 335 36 3 Routing Policy 335 36 4 IP R...

Страница 21: ...fying Settings 371 Macintosh OS 8 9 371 Verifying Settings 373 Macintosh OS X 373 Verifying Settings 374 Linux 374 Using the K Desktop Environment KDE 375 Using Configuration Files 376 Verifying Setti...

Страница 22: ...nal SPTGEN 395 Internal SPTGEN Overview 395 The Configuration Text File Format 395 Internal SPTGEN File Modification Important Points to Remember 395 Internal SPTGEN FTP Download Example 396 Internal...

Страница 23: ...Prestige 2602R Series User s Guide Table of Contents 23 Index 439...

Страница 24: ...Prestige 2602R Series User s Guide 24 Table of Contents...

Страница 25: ...n 62 Figure 16 Internet Access Wizard Setup Fourth Screen 64 Figure 17 Wizard Setup LAN Configuration 65 Figure 18 Wizard Setup Connection Tests 66 Figure 19 Media Bandwidth Mgnt Wizard Setup First Sc...

Страница 26: ...Summary 154 Figure 60 Firewall Edit Rule 156 Figure 61 Firewall Customized Services 158 Figure 62 Firewall Configure Customized Services 159 Figure 63 Firewall Example Rule Summary 160 Figure 64 Firew...

Страница 27: ...mize Bandwidth Usage Example 204 Figure 98 Bandwidth Borrowing Example 205 Figure 99 Media Bandwidth Management Summary 206 Figure 100 Media Bandwidth Management Class Setup 207 Figure 101 Media Bandw...

Страница 28: ...Edit IP Static Route 260 Figure 141 Menu 11 1 Remote Node Profile 264 Figure 142 Menu 11 3 Remote Node Network Layer Options 264 Figure 143 Menu 12 3 1 Edit Bridge Static Route 265 Figure 144 Menu 4...

Страница 29: ...Information and Console Port Speed 305 Figure 187 Menu 24 2 1 System Maintenance Information 306 Figure 188 Menu 24 2 2 System Maintenance Change Console Port Speed 307 Figure 189 Menu 24 3 System Ma...

Страница 30: ...TCP IP Properties IP Address 365 Figure 231 Windows 95 98 Me TCP IP Properties DNS Configuration 366 Figure 232 Windows XP Start Menu 367 Figure 233 Windows XP Control Panel 367 Figure 234 Windows XP...

Страница 31: ...e 258 Configuration Text File Format Column Descriptions 395 Figure 259 Invalid Parameter Entered Command Line Example 396 Figure 260 Valid Parameter Entered Command Line Example 396 Figure 261 Intern...

Страница 32: ...Prestige 2602R Series User s Guide 32 List of Figures...

Страница 33: ...le 13 Media Bandwidth Mgnt Wizard Setup Second Screen 69 Table 14 Password 70 Table 15 LAN Setup 78 Table 16 WAN Setup 84 Table 17 WAN Backup 88 Table 18 NAT Definitions 91 Table 19 NAT Mapping Types...

Страница 34: ...and Subnet based Bandwidth Management Example 201 Table 59 Media Bandwidth Management Summary 206 Table 60 Media Bandwidth Management Class Setup 207 Table 61 Media Bandwidth Management Class Configur...

Страница 35: ...cuits 302 Table 102 Menu 24 1 System Maintenance Status 304 Table 103 Menu 24 2 1 System Maintenance Information 306 Table 104 Menu 24 3 2 System Maintenance Syslog and Accounting 308 Table 105 Menu 2...

Страница 36: ...ver Setup SMT Menu 15 407 Table 143 Menu 21 1 Filter Set 1 SMT Menu 21 1 409 Table 144 Menu 21 1 Filer Set 2 SMT Menu 21 1 412 Table 145 Menu 23 System Menus SMT Menu 23 417 Table 146 Menu 24 11 Remot...

Страница 37: ...System Management Terminal SMT or command interpreter interface to configure your Prestige Not all features can be configured through all interfaces Related Documentation Supporting Disk Refer to the...

Страница 38: ...and SPACE BAR means the Space Bar Mouse action sequences are denoted using a comma For example In Windows click Start Settings and then Control Panel means first click Start then point your mouse poi...

Страница 39: ...upstream capacity Asymmetrical services ADSL are suitable for Internet users because more information is usually downloaded than uploaded For example a simple button click in a web browser can start...

Страница 40: ...Prestige 2602R Series User s Guide 40 Introduction to DSL...

Страница 41: ...lephone Service Models ending in 3 denote a device that works over ISDN Integrated Services Digital Network Models ending in 7 denote a device that works over T ISDN UR 2 Note Only use firmware for yo...

Страница 42: ...uter to access the Internet and the Prestige without changing the network settings such as IP address and subnet mask of the computer when the IP addresses of the computer and the Prestige are not in...

Страница 43: ...that helps to smooth out the variations in delay jitter for voice traffic This helps ensure good voice quality for your conversations Multiple SIP Accounts The Prestige allows you to simultaneously us...

Страница 44: ...on the network PPPoE Support RFC2516 PPPoE Point to Point Protocol over Ethernet emulates a dial up connection It allows your ISP to use their existing network configuration with newer broadband tech...

Страница 45: ...d the router takes the shortest path to forward a packet IP Policy Routing IPPR provides a mechanism to override the default routing behavior and alter the packet forwarding based on the policy define...

Страница 46: ...1 2 1 1 Internet Single User Account For a SOHO Small Office Home Office environment your Prestige offers the Single User Account SUA feature that allows multiple users on the LAN Local Area Network...

Страница 47: ...figure shows a basic example of how you would make a peer to peer VoIP call You use your analog phone A in the figure and the Prestige B changes the call into VoIP The Prestige then sends your call t...

Страница 48: ...lication for your Prestige is shown as follows Figure 5 Prestige LAN to LAN Application 1 2 6 Front Panel LEDs Figure 6 Front Panel The following table describes the LEDs Table 2 Front Panel LEDs LED...

Страница 49: ...self testing Orange On The VoIP SIP registration was successful Off The Prestige is not receiving power PHONE 1 2 Green On The telephone s connected to this port is are in use Blinking The telephone s...

Страница 50: ...Prestige 2602R Series User s Guide 50 Chapter 1 Getting To Know Your Prestige...

Страница 51: ...Web pop up blocking is enabled by default in Windows XP SP Service Pack 2 JavaScripts enabled by default Java permissions enabled by default See the Troubleshooting chapter if you need to make sure th...

Страница 52: ...nactivity Simply log back into the Prestige if this happens to you 2 1 2 Resetting the Prestige If you forget your password or cannot access the web configurator you will need to use the RESET button...

Страница 53: ...r different Prestige models Click Wizard Setup to begin a series of screens to configure your Prestige for the first time Click a link under Advanced Setup to configure advanced Prestige features Clic...

Страница 54: ...re your Prestige s Quality of Service settings Phone Use this screen to configure your Prestige s phone settings Speed Dial Use this screen to configure speed dial for SIP phone numbers that you call...

Страница 55: ...tatistics Maintenance System Status This screen contains administrative and system related information DHCP Table This screen displays DHCP Dynamic Host Configuration Protocol related information and...

Страница 56: ...Prestige 2602R Series User s Guide 56 Chapter 2 Introducing the Web Configurator...

Страница 57: ...d screens to configure your system for Internet access and Voice with the information provided by your ISP and voice service provider Your ISP may have already configured some of the fields in the wiz...

Страница 58: ...tiplexing method used by your ISP from the Multiplex drop down list box either VC based or LLC based Virtual Circuit ID VPI Virtual Path Identifier and VCI Virtual Channel Identifier define a virtual...

Страница 59: ...time and specify an idle time out in seconds in the Max Idle Timeout field The default setting selects Connection on Demand with 0 as the idle time out which means the Internet session will not timeo...

Страница 60: ...IP Address text box below Subnet Mask Enter a subnet mask in dotted decimal notation Refer to the appendix on IP subnettig to calculate a subnet mask If you are implementing subnetting ENET ENCAP Gate...

Страница 61: ...our ISP assigned IP address in the IP Address text box below Connection Select Connect on Demand when you don t want the connection up all the time and specify an idle time out in seconds in the Max I...

Страница 62: ...r or text that comes before the symbol in a full SIP URI You can use up to 127 ASCII characters SIP Local Port Use this field to configure the Prestige s listening port for SIP Leave this field set to...

Страница 63: ...in name that comes after the symbol in a full SIP URI You can use up to 127 ASCII Extended set characters Authentication User ID This is the user name for registering this SIP account with the SIP reg...

Страница 64: ...Series User s Guide 64 Chapter 3 Wizard Setup Figure 16 Internet Access Wizard Setup Fourth Screen If you want to change your Prestige LAN settings click Change LAN Configuration to display the screen...

Страница 65: ...client Select Off to disable DHCP server When DHCP server is used set the following items Client IP Pool Starting Address This field specifies the first of the contiguous addresses in the IP address p...

Страница 66: ...s the Internet open the web configurator again to confirm that the Internet settings you configured in the Wizard Setup are correct 3 2 Media Bandwidth Management This section shows you how to configu...

Страница 67: ...also be transported over TCP using the default port number 5060 FTP File Transfer Program enables fast transfer of files including large files that may not be possible by e mail FTP uses port number 2...

Страница 68: ...restige s WAN or LAN port Select the service to apply bandwidth management These check boxes are applicable when you select the Active check box above Create bandwidth management classes by selecting...

Страница 69: ...th is divided equally amongst those services Services not specified in bandwidth management are allocated bandwidth after all specified services receive their bandwidth requirements If the rules set u...

Страница 70: ...click Password in the Site Map screen Figure 22 Password The following table describes the fields in this screen Table 14 Password LABEL DESCRIPTION Old Password Type the default password or the exis...

Страница 71: ...ual physical connection determines whether the Prestige ports are LAN or WAN ports There are two separate IP networks one inside the LAN network and the other outside the WAN network as shown next Fig...

Страница 72: ...through IPCP negotiation The Prestige supports the IPCP DNS server extensions through the DNS proxy feature If the Primary and Secondary DNS Server fields in the LAN Setup screen are not specified fo...

Страница 73: ...way houses on a street share a common street name so too do computers on a LAN share one common network number Where you obtain your network number depends on your particular situation If the ISP or...

Страница 74: ...he IANA from an ISP or it can be assigned from a private network If you belong to a small organization and your Internet access is through an ISP the ISP can provide you with the Internet addresses fo...

Страница 75: ...up and is used by IP multicast computers The address 224 0 0 1 is used for query messages and is assigned to the permanent group of all IP hosts including gateways All hosts must join the 224 0 0 1 gr...

Страница 76: ...Protocol address IP address to a physical machine address also known as a Media Access Control or MAC address on the local area network IP routing table is defined on IP Ethernet devices the Prestige...

Страница 77: ...es an entry in the IP routing table so it can properly forward packets intended for the computer After all the routing information is updated the computer can access the Prestige and the Internet as i...

Страница 78: ...selected in the DHCP field above then enter the IP address of the actual remote DHCP server here TCP IP IP Address Enter the IP address of your Prestige in dotted decimal notation for example 192 168...

Страница 79: ...Gateway field in the second wizard screen You can get this information from your ISP 5 1 1 2 PPP over Ethernet PPPoE provides access control and billing functionality in a manner similar to dial up se...

Страница 80: ...ying information being contained in each packet header Despite the extra bandwidth and processing overhead this method may be advantageous if it is not practical to have a separate VC for each carried...

Страница 81: ...ffers flat rate service or you need a constant connection and the cost is of no concern 5 2 Metric The metric represents the cost of transmission A router determines the best route for transmission by...

Страница 82: ...need PPPoE software installed since the Prestige does that part of the task Furthermore with NAT all of the LANs computers will have access 5 4 Traffic Shaping Traffic Shaping is an agreement between...

Страница 83: ...thod from the ISP and makes the necessary configuration changes In cases where additional account information such as an Internet account user name and password is required or the Prestige cannot conn...

Страница 84: ...elds in this screen Table 16 WAN Setup LABEL DESCRIPTION Name Enter the name of your Internet Service Provider e g MyISP This information is for identification purposes only Mode Select Routing defaul...

Страница 85: ...ell Rate PCR This is the maximum rate at which the sender can send cells Type the PCR here Sustain Cell Rate The Sustain Cell Rate SCR sets the average cell rate long term that can be transmitted Type...

Страница 86: ...AT for application where NAT is not appropriate Disable PPPoE pass through if you do not need to allow hosts on the LAN to use PPPoE client software on their computers to connect to the ISP Subnet Mas...

Страница 87: ...three logical networks with the Prestige itself as the gateway for each LAN network Put the protected LAN in one subnet Subnet 1 in the following figure and the backup gateway in another subnet Subne...

Страница 88: ...ctivate traffic redirect you must configure at least one IP address here When using a WAN backup connection the Prestige periodically pings the addresses configured here and uses the other WAN backup...

Страница 89: ...Address Metric This field sets this route s priority among the routes the Prestige uses The metric represents the cost of transmission A router determines the best route for transmission by choosing a...

Страница 90: ...Prestige 2602R Series User s Guide 90 Chapter 5 WAN Setup...

Страница 91: ...efers to the IP address of a host when the packet is in the local network while the global address refers to the IP address of the host when the same packet is traveling in the WAN side Note that insi...

Страница 92: ...ge 94 NAT offers the additional benefit of firewall protection With no servers defined your Prestige filters out all incoming inquiries thus preventing intruders from probing your network For more inf...

Страница 93: ...ollowing figure illustrates a possible NAT application where three inside LANs logical LANs using IP Alias behind the Prestige can communicate with three distinct WAN networks More examples follow at...

Страница 94: ...ers of different services behind the NAT to be accessible to the outside world Port numbers do not change for One to One and Many to Many No Overload NAT mapping types The following table summarizes t...

Страница 95: ...o not allow you to run any server processes such as a Web or FTP server from your location Your ISP may periodically check for servers and may suspend your account if it discovers any active services...

Страница 96: ...e example You assign the LAN IP addresses and the ISP assigns the WAN IP address The NAT network appears as a single host on the Internet IP address assigned by ISP Figure 33 Multiple Servers Behind N...

Страница 97: ...reen Refer to Table 20 on page 95 for port numbers commonly used for particular services Table 21 NAT Mode LABEL DESCRIPTION None Select this radio button to disable NAT SUA Only Select this radio but...

Страница 98: ...of ports enter the start port number here and the end port number in the End Port No field End Port No Enter a port number in this field To forward only one port enter the port number again in the St...

Страница 99: ...your Prestige s address mapping settings click NAT Select Full Feature and click Edit Details to open the following screen Figure 36 Address Mapping Rules The following table describes the fields in t...

Страница 100: ...mapping type M 1 Many to One mode maps multiple local IP addresses to one global IP address This is equivalent to SUA i e PAT port address translation ZyXEL s Single User Account feature that previou...

Страница 101: ...tside world Local Start IP This is the starting local IP address ILA Local IP addresses are N A for Server port mapping Local End IP This is the end local IP address ILA If your rule is for all local...

Страница 102: ...Prestige 2602R Series User s Guide 102 Chapter 6 Network Address Translation NAT Screens...

Страница 103: ...P is an application layer control signaling protocol that handles the setting up altering and tearing down of voice and multimedia sessions over the Internet SIP signaling is separate from the media f...

Страница 104: ...ringing 3 B sends an OK response after the call is answered 4 A then sends an ACK message to acknowledge that B has answered the call 5 Now A and B exchange voice media talk 6 After talking A hangs up...

Страница 105: ...P user agent client to initiate a call A and B can also both act as a SIP user agent to receive the call Figure 38 SIP User Agent 7 2 3 2 SIP Proxy Server A SIP proxy server receives requests from cli...

Страница 106: ...t to use client device A to call someone who is using client device C 1 Client device A sends a call invitation for C to the SIP redirect server B 2 The SIP redirect server sends the invitation back t...

Страница 107: ...digital signals and decodes the digital signals back into voice signals The Prestige supports the following codecs 7 5 1 G 711 G 711 is a Pulse Code Modulation PCM waveform codec G 711 provides very g...

Страница 108: ...e Waiting Indication Enable Message Waiting Indication MWI enables your phone to give you a message waiting beeping dial tone when you have a voice message s Your voice service provider must have a me...

Страница 109: ...Screens Introduction This chapter covers the configuration of the VoIP screens 8 2 SIP Settings Configuration Click Voice in the navigation panel and then SIP Settings to display the following screen...

Страница 110: ...ess then enter the address from the SIP Server Address field again here REGISTER Server Port Enter the SIP register server s listening port for SIP in this field If you were not given a register serve...

Страница 111: ...messages that it sends Select TEL to have the Prestige use the SIP number without a domain name in the SIP messages that it sends Expiration Duration This field sets how long an entry remains registe...

Страница 112: ...to first attempt to use the G 729 codec and then the G 711 codec if the peer is not set up to use G 729 Select G 729 only if you want the Prestige to only use the G 729 codec when making VoIP calls Yo...

Страница 113: ...low In addition applications do not have to request a particular service or give advanced notice of where the traffic is going 1 8 4 2 1 DSCP and Per Hop Behavior DiffServ defines a new DS Differentia...

Страница 114: ...ority Type a priority for voice transmissions The Prestige applies Type of Service priority tags with this priority to RTP traffic that it transmits Priorities 6 and 7 are reserved for network control...

Страница 115: ...bandwidth that a call uses by not transmitting silent packets when you are not speaking 8 6 2 Comfort Noise Generation When using VAD the Prestige generates comfort noise when the other party is not...

Страница 116: ...his phone port to use SIP account 1 2 or both when you make a call If you select both SIP accounts the Prestige will first try to use SIP account 2 and then SIP account 1 when you make a call You cann...

Страница 117: ...dial entry You must still configure a SIP account on the Prestige in order to make a peer to peer VoIP call 8 9 Speed Dial Configuration Click Voice in the navigation panel and then Speed Dial to disp...

Страница 118: ...name to identify the party that you will use this entry to call You can use up to 127 ASCII characters Type Select Use Proxy if calls to this party use your SIP account configured in the VoIP screen S...

Страница 119: ...However using the flash key is preferred since the timing is much more precise With manual tapping if the duration is too long it may be interpreted as hanging up by the Prestige You can invoke all t...

Страница 120: ...the call on hold If you hang up the phone but a caller is still on hold there will be a remind ring 8 10 2 2 European Call Waiting This allows you to place a call on hold while you answer another inco...

Страница 121: ...u hear the ring signal or the second party answers it hang up the phone 8 10 2 4 European Three Way Conference Use the following steps to make three way conference calls 1 When you are on the phone ta...

Страница 122: ...ey to put the first call on hold and answer the second call 8 10 3 3 USA Call Transfer Do the following to transfer an incoming call that you have answered to another phone 1 Press the flash key to pu...

Страница 123: ...panel and then Common to display the following screen Use this screen to configure general phone port settings Figure 47 Phone Port Common The following table describes the labels in this screen Table...

Страница 124: ...ge handles supplementary phone services call hold call waiting call transfer and three way conference calls Select the mode that your voice service provider supports Select Europe Type to use the supp...

Страница 125: ...ccount or use the same call forwarding table for both Use the Voice Advanced Setting screen to set which call forwarding table each SIP account uses The following applies to the number fields in this...

Страница 126: ...orwarding entry Incoming Call Number You can set the Prestige to take a particular action on incoming calls from a number that you specify here Forward to Number You can set the Prestige to forward in...

Страница 127: ...oice service provider s dialing plan to call regular telephone numbers 9 2 Using Speed Dial to Dial a Telephone Number After configuring the speed dial entry and adding it to the phonebook press the s...

Страница 128: ...de During auto provisioning the Prestige checks to see if there is a newer firmware version If newer firmware is available the Prestige plays a recording when you pick up your phone s handset Press 99...

Страница 129: ...friends or relatives will always be able to call you even if they don t know your IP address First of all you need to have registered a dynamic DNS account with www dyndns org This is for people with...

Страница 130: ...Provider This is the name of your Dynamic DNS service provider Host Names Type the domain name assigned to your Prestige by your Dynamic DNS provider E mail Address Type your e mail address User Type...

Страница 131: ...NTP time servers it randomly selects one server and tries to synchronize with it If the synchronization fails then the Prestige goes through the rest of the list in order from the first one tried unt...

Страница 132: ...teger giving the total number of seconds since 1970 1 1 at 0 0 0 NTP RFC 1305 is similar to Time RFC 868 Select None to enter the time and date manually IP Address or URL Enter the IP address or URL o...

Страница 133: ...eld displays the date of your Prestige Each time you reload this page the Prestige synchronizes the time with the time server New Date yyyy mm dd This field displays the last updated date from the tim...

Страница 134: ...Prestige 2602R Series User s Guide 134 Chapter 11 Time and Date...

Страница 135: ...or a firewall to guard effectively you must design and deploy it appropriately This requires integrating the firewall into a broad information security policy In addition specific policies must be imp...

Страница 136: ...at some proxies support See Section 12 5 on page 141 for more information on Stateful Inspection Firewalls of one type or another have become an integral part of standard security solutions for enterp...

Страница 137: ...et of application protocols that perform specific functions An extension number called the TCP port or UDP port identifies these protocols such as HTTP Web FTP File Transfer Protocol POP3 E mail etc F...

Страница 138: ...ot Teardrop attack exploits weaknesses in the re assembly of IP packet fragments As data is transmitted through a network IP packets are often broken up into smaller chunks Each fragment looks like th...

Страница 139: ...ack hackers flood SYN packets into the network with a spoofed source IP address of the targeted system This makes it appear as if the host computer sent the packets to itself making the system unavail...

Страница 140: ...al NetBIOS commands are the following all others are illegal All SMTP commands are illegal except for those displayed in the following tables Table 39 ICMP Commands That Trigger Alerts 5 REDIRECT 13 T...

Страница 141: ...host and should be allowed through the router or firewall The Prestige blocks all IP Spoofing attempts 12 5 Stateful Inspection With stateful inspection fields of the packets are compared to packets...

Страница 142: ...ermine and record information about the state of the packet s connection This information is recorded in a new state table entry created for the new connection If there is not a firewall rule for this...

Страница 143: ...rewall rules is a very powerful tool Using custom rules it is possible to disable all firewall protection or block all access to the Internet Use extreme caution when creating or deleting firewall rul...

Страница 144: ...wed in through the firewall simply because they are too dangerous and contain too little tracking information For instance ICMP redirect packets are never allowed in since they could be used to rerout...

Страница 145: ...hackers to crack your system Turn your computer off when not in use Never give out a password or any sensitive information to an unsolicited telephone call or e mail Never e mail sensitive information...

Страница 146: ...etwork B If the filter blocks the traffic from A to B it also blocks the traffic from B to A Filters can not distinguish traffic originating from an inside host or an outside host by IP address To blo...

Страница 147: ...c between inside host networks and outside host networks Remember that filters can not distinguish traffic originating from an inside host or an outside host by IP address The firewall performs better...

Страница 148: ...Prestige 2602R Series User s Guide 148 Chapter 12 Firewalls...

Страница 149: ...e grouped based on the direction of travel of packets to which they apply By default the Prestige s stateful packet inspection allows packets traveling in the following directions LAN to LAN Router Th...

Страница 150: ...ese points carefully before configuring rules 13 3 1 Rule Checklist State the intent of the rule For example This restricts all IRC access from the LAN to the Internet Or This allows a remote Lotus No...

Страница 151: ...the service is not listed it is necessary to first define it See Section 13 10 on page 163 for more information on predefined services 13 3 3 3 Source Address What is the connection s source address...

Страница 152: ...tions WAN to LAN If you wish to allow certain WAN users to have access to your LAN you will need to create custom rules to allow it See the following figure Figure 57 WAN to LAN Traffic 13 4 3 Alerts...

Страница 153: ...s may let traffic from the WAN go directly to a LAN computer without passing through the Prestige See Appendix E on page 389 for more on triangle route topology and how to deal with this problem Packe...

Страница 154: ...en afresh Table 42 Firewall Default Policy continued LABEL DESCRIPTION Table 43 Rule Summary LABEL DESCRIPTION Firewall Rules Storage Space in Use This read only bar shows how much of the Prestige s m...

Страница 155: ...which this firewall rule applies Please note that a blank source or destination address is equivalent to Any Service This drop down list box displays the services to which this firewall rule applies P...

Страница 156: ...Prestige 2602R Series User s Guide 156 Chapter 13 Firewall Configuration Figure 60 Firewall Edit Rule The following table describes the labels in this screen...

Страница 157: ...k Delete to remove it Services Available Selected Services Please see for more information on services available Highlight a service from the Available Services box on the left then click Add to add i...

Страница 158: ...ll Customized Services 13 8 Creating Editing A Customized Service Click a rule number in the Firewall Customized Services screen to create a new custom port or edit an existing one This action display...

Страница 159: ...LABEL DESCRIPTION Service Name Type a unique name for your custom port Service Type Choose the IP port TCP UDP or TCP UDP that defines your customized port from the drop down list box Port Configurat...

Страница 160: ...x number for where you want to put the rule For example if you type 6 your new rule becomes number 6 and the previous rule 6 if there is one becomes rule 7 4 Click Insert to display the firewall rule...

Страница 161: ...ervices screen 8 Click the number of a customized service to open the configuration screen Configure it as follows and click Apply Figure 65 Edit Custom Port Example 9 Click Back in the Customized Ser...

Страница 162: ...th an before their names in the Services list box and the Rule Summary list box Click Apply after you ve created your custom port On completing the configuration procedure for this Internet firewall r...

Страница 163: ...y also be configured using the Customized Services function discussed previously Table 47 Predefined Services SERVICE DESCRIPTION AIM NEW_ICQ TCP 5190 AOL s Internet Messenger service used as a listen...

Страница 164: ...System NFS is a client server distributed file service that provides transparent file sharing for network environments NNTP TCP 119 Network News Transport Protocol is the delivery mechanism for the US...

Страница 165: ...tocol SSDP is a discovery service searching for Universal Plug and Play devices on your home network or upstream Internet gateways using DUDP port 1900 SSH TCP UDP 22 Secure Shell Remote Login Program...

Страница 166: ...nt hackers from finding the Prestige by probing for unused ports If you select this option the Prestige will not respond to port request s for unused ports thus leaving the unused ports and the Presti...

Страница 167: ...igure 52 on page 138 For UDP half open means that the firewall has detected no return traffic The Prestige measures both the total number of existing half open sessions and the rate of session establi...

Страница 168: ...ing half open sessions One Minute High This is the rate of new half open sessions that causes the firewall to start deleting half open sessions When the rate of new connection attempts rises above thi...

Страница 169: ...e destination host IP address that causes the firewall to start dropping half open sessions to that same destination host IP address Enter a number between 1 and 256 As a general rule you should choos...

Страница 170: ...Prestige 2602R Series User s Guide 170 Chapter 13 Firewall Configuration...

Страница 171: ...can set a schedule for when the Prestige performs content filtering You can also specify trusted IP addresses on the LAN for which the Prestige will not perform content filtering 14 2 Configuring Keyw...

Страница 172: ...that you have configured the Prestige to block Delete Highlight a keyword in the box and click Delete to remove it Clear All Click Clear All to remove all of the keywords from the list Keyword Type a...

Страница 173: ...e screen appears as shown Table 51 Content Filter Schedule LABEL DESCRIPTION Days to Block Select a check box to configure which days of the week or everyday you want the content filtering to be activ...

Страница 174: ...beginning IP address of a specific range of computers on the LAN that you want to exclude from content filtering To Type the ending IP address of a specific range of users on your LAN that you want t...

Страница 175: ...g firewall rules You may manage your Prestige from a remote location via Internet WAN only ALL LAN and WAN LAN only Neither Disable When you Choose WAN only or ALL LAN WAN you still need to configure...

Страница 176: ...l rule that blocks it 15 1 2 Remote Management and NAT When NAT is enabled Use the Prestige s WAN IP address when configuring from the WAN Use the Prestige s LAN IP address when configuring from the L...

Страница 177: ...tes a service that you may use to remotely manage the Prestige Access Status Select the access interface Choices are All LAN Only WAN Only and Disable Port This field shows the port number for the rem...

Страница 178: ...Prestige 2602R Series User s Guide 178 Chapter 15 Remote Management Configuration...

Страница 179: ...pear as a separate icon Selecting the icon of a UPnP device will allow you to access the information and properties of that device 16 1 2 NAT Traversal UPnP NAT traversal automates the process of allo...

Страница 180: ...C ZyXEL s UPnP implementation supports IGD 1 0 Internet Gateway Device At the time of writing ZyXEL s UPnP implementation supports Windows Messenger 4 6 and 4 7 while Windows Messenger 5 0 and Xbox ar...

Страница 181: ...een without entering the Prestige s IP address although you must still enter the password to access the web configurator Allow users to make configuration changes through UPnP Select this check box to...

Страница 182: ...Setup Communication 3 In the Communications window select the Universal Plug and Play check box in the Components selection box Figure 77 Add Remove Programs Windows Setup Communication Components 4...

Страница 183: ...dows XP 1 Click Start and Control Panel 2 Double click Network Connections 3 In the Network Connections window click Advanced in the main menu and select Optional Networking Components Figure 78 Netwo...

Страница 184: ...2602R Series User s Guide 184 Chapter 16 Universal Plug and Play UPnP Figure 79 Windows Optional Networking Components Wizard 5 In the Networking Services window select the Universal Plug and Play ch...

Страница 185: ...section shows you how to use the UPnP feature in Windows XP You must already have UPnP installed in Windows XP and UPnP activated on the Prestige Make sure the computer is connected to a LAN port of t...

Страница 186: ...Series User s Guide 186 Chapter 16 Universal Plug and Play UPnP Figure 81 Network Connections 3 In the Internet Connection Properties window click Settings to see the port mappings there were automat...

Страница 187: ...stige 2602R Series User s Guide Chapter 16 Universal Plug and Play UPnP 187 Figure 82 Internet Connection Properties 4 You may edit or delete the port mappings or click Add to manually add port mappin...

Страница 188: ...erties Advanced Settings Figure 84 Internet Connection Properties Advanced Settings Add 5 When the UPnP enabled device is disconnected from your computer all port mappings will be deleted automaticall...

Страница 189: ...ction Status Web Configurator Easy Access With UPnP you can access the web based configurator on the Prestige without finding out the IP address of the Prestige first This comes helpful if you do not...

Страница 190: ...niversal Plug and Play UPnP Figure 87 Network Connections 4 An icon with the description for each UPnP enabled device displays under Local Network 5 Right click on the icon for your Prestige and selec...

Страница 191: ...Play UPnP 191 Figure 88 Network Connections My Network Places 6 Right click on the icon for your Prestige and select Properties A properties window displays with basic information about the Prestige F...

Страница 192: ...Prestige 2602R Series User s Guide 192 Chapter 16 Universal Plug and Play UPnP...

Страница 193: ...ors attacks access control and attempted access to blocked web sites Some categories such as System Errors consist of both logs and alerts You may differentiate them by their color in the View Log scr...

Страница 194: ...Log Settings LABEL DESCRIPTION Address Info Mail Server Enter the server name or the IP address of the mail server for the e mail addresses specified below If this field is left blank logs and alert m...

Страница 195: ...ty allows you to log the messages to different files in the syslog server Refer to the documentation of your syslog program for more details Send Log Log Schedule This drop down menu is used to config...

Страница 196: ...n Email Log Now Click Email Log Now to send the log screen to the e mail address specified in the Log Settings page make sure that you have first filled in the Address Info fields in Log Settings see...

Страница 197: ...been sent The following is an example of a log sent by e mail You may edit the subject title The date format here is Day Month Year The date format here is Month Day Year The time format is Hour Minut...

Страница 198: ...168 1 255 default policy forward 09 54 17 UDP src port 00520 dest port 00520 1 00 3 Apr 7 00 From 192 168 1 6 To 10 10 10 10 match forward 09 54 19 UDP src port 03516 dest port 00053 1 01 snip snip 1...

Страница 199: ...nt also allows you to configure the allowed output for an interface to match what the network can handle This helps reduce delays and dropped packets at the next routing device For example you can set...

Страница 200: ...ndwidth Allocation Bandwidth management allows you to define how much bandwidth each class gets however the actual bandwidth allotted to each class decreases or increases in proportion to actual avail...

Страница 201: ...applications in each subnet are allotted bandwidth Figure 95 Application and Subnet based Bandwidth Management Example 18 5 Scheduler The scheduler divides up an interface s bandwidth among the bandw...

Страница 202: ...le maximize bandwidth usage the Prestige first makes sure that each bandwidth class gets up to its bandwidth allotment Next the Prestige divides up an interface s available bandwidth bandwidth that is...

Страница 203: ...the classes that require more bandwidth Therefore the Prestige divides a total of 3 Mbps total of unbudgeted and unused bandwidth among the classes that require more bandwidth In this case suppose tha...

Страница 204: ...child class first The child class can also borrow bandwidth from a higher parent class grandparent class if the child class s parent class is also configured to borrow bandwidth from its parent class...

Страница 205: ...g to each bandwidth class s bandwidth budget 2 The Prestige assigns a parent class s unused bandwidth to its child classes that have more traffic than their budgets and have bandwidth borrowing enable...

Страница 206: ...amount of bandwidth for this interface that you want to allocate using bandwidth management This appears as the bandwidth budget of the interface s root class The recommendation is to set this speed t...

Страница 207: ...each have bigger bandwidth budgets than the total of the budgets of their child classes The child classes can borrow the extra bandwidth as long as they have bandwidth borrowing enabled see Section 1...

Страница 208: ...Child Class button to open the following screen Figure 101 Media Bandwidth Management Class Configuration The following table describes the labels in this screen Table 61 Media Bandwidth Management Cl...

Страница 209: ...bandwidth filter for FTP traffic H 323 is a standard teleconferencing protocol suite that provides audio data and video conferencing It allows for real time point to point and multipoint communicatio...

Страница 210: ...e Mail Transfer Protocol 25 DNS Domain Name System 53 Finger 79 HTTP Hyper Text Transfer protocol or WWW Web 80 POP3 Post Office Protocol 110 NNTP Network News Transport Protocol 119 SNMP Simple Netwo...

Страница 211: ...e interval in seconds to define how often the information should be refreshed Set Interval Click Set Interval to apply the new update period you entered in the Update Period field above Stop Update Cl...

Страница 212: ...ide 212 Chapter 18 Media Bandwidth Management Advanced Setup Back Click Back to go to the main Media Bandwidth Management screen Refresh Click Refresh to update the page Table 64 Media Bandwidth Manag...

Страница 213: ...nd port traffic statistics 19 1 Maintenance Overview The maintenance screens can help you view system information upload new firmware manage configuration and restart your Prestige 19 2 System Status...

Страница 214: ...Prestige 2602R Series User s Guide 214 Chapter 19 Maintenance Figure 104 System Status...

Страница 215: ...This is the WAN port DHCP role Server Relay not all Prestige models or None DHCP Start IP This is the first of the contiguous addresses in the IP address pool DHCP Pool Size This is the number of IP a...

Страница 216: ...PU Load This field specifies the percentage of CPU utilization LAN or WAN Port Statistics This is the WAN or LAN port Link Status This is the status of your WAN link Upstream Speed This is the upstrea...

Страница 217: ...he number of collisions on this port Voice Statistics The voice statistics fields apply to calls currently being made or received on a telephone connected to one of the Prestige s phone ports Phone Th...

Страница 218: ...he following table describes the labels in this screen Table 67 DHCP Table LABEL DESCRIPTION Host Name This is the name of the host computer IP Address This field displays the IP address relative to t...

Страница 219: ...eneral to open the screen shown next Figure 108 Diagnostic General MAC Address This field displays the MAC Media Access Control address of the computer with the displayed IP address Every Ethernet dev...

Страница 220: ...ne Table 69 Diagnostic General LABEL DESCRIPTION TCP IP Address Type the IP address of a computer that you want to ping in order to test a connection Ping Click this button to ping the IP address that...

Страница 221: ...gnostic DSL Line LABEL DESCRIPTION Reset ADSL Line Click this button to reinitialize the ADSL line The large text box above then displays the progress and results of this operation for example Start t...

Страница 222: ...Figure 111 Network Temporarily Disconnected After two minutes log in again and check your new firmware version in the System Status screen Table 71 Firmware Upgrade LABEL DESCRIPTION File Path Type i...

Страница 223: ...Prestige 2602R Series User s Guide Chapter 19 Maintenance 223 If the upload was not successful the following screen will appear Click Back to go back to the Firmware screen Figure 112 Error Message...

Страница 224: ...Prestige 2602R Series User s Guide 224 Chapter 19 Maintenance...

Страница 225: ...om left corner Run and then type telnet 192 168 1 1 the default IP address and click OK 2 Enter 1234 in the Password field 3 After entering the password you will see the main menu Please note that if...

Страница 226: ...or ENTER or UP DOWN arrow keys Within a menu press ENTER to move to the next field You can also use the UP DOWN arrow keys to move to the previous and the next field respectively Entering information...

Страница 227: ...up Use this menu to setup traffic redirect and dial back up 3 LAN Setup Use this menu to set up your and LAN connection 4 Internet Access Setup A quick and easy way to set up an Internet connection 11...

Страница 228: ...11 1 Remote Node Profile 11 3 Remote Node Network Layer Options 11 5 Remote Node Filter 11 6 Remote Node ATM Layer Options 11 8 Advance Setup Options 12 Static Routing Setup 12 1 IP Static Route Setup...

Страница 229: ...Information and Console Port Speed 24 2 1 Information 24 2 2 Change Console Port Speed 24 3 Log and Trace 24 3 1 View Error Log 24 3 2 UNIX Syslog 24 4 Diagnostic 24 5 Backup Configuration 24 6 Restor...

Страница 230: ...Guide 230 Chapter 20 Introducing the SMT 4 Re type your new system password in the Retype to confirm field for confirmation and press ENTER Note Note that as you type a password the screen displays an...

Страница 231: ...Windows 2000 click Start Settings Control Panel and then double click System Click the Network Identification tab and then the Properties button Note the entry for the Computer name field and enter it...

Страница 232: ...location up to 31 characters of your Prestige Contact Person s Name optional Enter the name up to 30 characters of the person in charge of this Prestige Domain Name Enter the domain name if you know i...

Страница 233: ...your dynamic DNS service provider Active Press SPACE BAR to select Yes and then press ENTER to make dynamic DNS active Host Enter the domain name assigned to your Prestige by your dynamic DNS provide...

Страница 234: ...Prestige 2602R Series User s Guide 234 Chapter 21 Menu 1 General Setup...

Страница 235: ...Fail Tolerance 0 Recovery Interval sec 0 ICMP Timeout sec 0 Traffic Redirect No Press ENTER to Confirm or ESC to Cancel Table 78 Menu 2 WAN Backup Setup FIELD DESCRIPTION Check Mechanism Press SPACE B...

Страница 236: ...me if your destination IP address handles lots of traffic ICMP Timeout Type the number of seconds for an ICMP session to wait for the ICMP response Traffic Redirect Press SPACE BAR to select Yes or No...

Страница 237: ...with the lowest cost RIP routing uses hop count as the measurement of cost with a minimum of 1 for directly connected networks The number must be between 1 and 15 a number greater than 15 means the li...

Страница 238: ...Prestige 2602R Series User s Guide 238 Chapter 22 Menu 2 WAN Backup Setup...

Страница 239: ...ou wish to apply to the Ethernet traffic You seldom need to filter Ethernet traffic however the filter sets may be useful to block certain packets reduce traffic and prevent security breaches Figure 1...

Страница 240: ...TCP IP To edit menu 3 2 enter 3 from the main menu to display Menu 3 LAN Setup When menu 3 appears press 2 and press ENTER to display Menu 3 2 TCP IP and DHCP Ethernet Setup as shown next Figure 121...

Страница 241: ...is selected in the DHCP field above then enter the IP address of the actual remote DHCP server here Table 81 TCP IP Ethernet Setup FIELD DESCRIPTION TCP IP Setup IP Address Enter the LAN IP address of...

Страница 242: ...Prestige 2602R Series User s Guide 242 Chapter 23 Menu 3 LAN Setup...

Страница 243: ...e policy defined by the network administrator Policy based routing is applied to incoming packets on a per interface basis prior to the normal routing Create policies using SMT menu 25 see Chapter 36...

Страница 244: ...the second and third network Figure 123 Menu 3 2 TCP IP and DHCP Setup Pressing ENTER displays Menu 3 2 1 IP Alias Setup as shown next Menu 3 2 TCP IP and DHCP Setup DHCP Setup DHCP Server Client IP...

Страница 245: ...ELD DESCRIPTION IP Alias Choose Yes to configure the LAN network for the Prestige IP Address Enter the IP address of your Prestige in dotted decimal notation IP Subnet Mask Your Prestige will automati...

Страница 246: ...Encapsulation Gateway IP address if you are using ENET ENCAP encapsulation From the main menu type 4 to display Menu 4 Internet Access Setup as shown next Figure 126 Menu 4 Internet Access Setup The...

Страница 247: ...a bursty on off traffic source that can be sent at the peak rate and a parameter for burst traffic Type the SCR it must be less than the PCR Maximum Burst Size MBS 0 Refers to the maximum number of ce...

Страница 248: ...Prestige 2602R Series User s Guide 248 Chapter 24 Internet Access...

Страница 249: ...s you are configuring one of the remote nodes You first choose a remote node in Menu 11 Remote Node Setup You can then edit that node s profile in menu 11 1 as well as configure specific settings in t...

Страница 250: ...ion Here are some examples of more suitable combinations in such an application 25 2 2 1 Scenario 1 One VC Multiple Protocols PPPoA RFC 2364 encapsulation with VC based multiplexing is the best combin...

Страница 251: ...and then ENTER to select Yes to activate or No to deactivate this node Inactive nodes are displayed with a minus sign in SMT menu 11 Encapsulation PPPoA refers to RFC 2364 PPP Encapsulation over ATM A...

Страница 252: ...dit Advance Options This field is only available when you select PPPoE in the Encapsulation field Press SPACE BAR to select Yes and press ENTER to display Menu 11 8 Advance Setup Options Telco Option...

Страница 253: ...able 85 Menu 11 3 Remote Node Network Layer Options FIELD DESCRIPTION IP Address Assignment Press SPACE BAR and then ENTER to select Dynamic if the remote node is using a dynamically assigned IP addre...

Страница 254: ...rectly connected networks Type a number that approximates the cost for this link The number need not be precise but it must be between 1 and 15 In practice 2 or 3 is usually a good number Private This...

Страница 255: ...mote Node Filter to specify the filter set s to apply to the incoming and outgoing traffic between this remote node and the Prestige and also to prevent certain packets from triggering calls You can s...

Страница 256: ...stige depending on whether you chose VC based LLC based multiplexing and PPP encapsulation in menu 11 1 25 5 1 VC based Multiplexing non PPP Encapsulation For VC based multiplexing by prior agreement...

Страница 257: ...the VCI is 32 to 65535 1 to 31 is reserved for local management of ATM traffic 25 5 3 Advance Setup Options In menu 11 1 select PPPoE in the Encapsulation field Menu 11 6 Remote Node ATM Layer Options...

Страница 258: ...onfirm or ESC to Cancel Menu 11 8 Advance Setup Options PPPoE pass through No Press ENTER to Confirm or ESC to Cancel Table 86 Menu 11 8 Advance Setup Options FIELD DESCRIPTION PPPoE pass through Pres...

Страница 259: ...Each remote node specifies only the network to which the gateway is directly connected and the Prestige has no knowledge of the networks beyond For instance the Prestige knows about network N2 in the...

Страница 260: ...Static Route Menu 12 Static Route Setup 1 IP Static Route 3 Bridge Static Route Please enter selection Menu 12 1 IP Static Route Setup 1 ________ 2 ________ 3 ________ 4 ________ 5 ________ 6 ________...

Страница 261: ...ss Type the IP address of the gateway The gateway is an immediate neighbor of your Prestige that will forward the packet to the destination On the LAN the gateway must be a router on the same segment...

Страница 262: ...Prestige 2602R Series User s Guide 262 Chapter 26 Static Route Setup...

Страница 263: ...er protocol and it also demands more CPU cycles and memory For efficiency reasons do not turn on bridging unless you need to support protocols other than IP on your network For IP enable the routing i...

Страница 264: ...on Options Authen N A Edit Filter Sets No Idle Timeout sec N A Press ENTER to Confirm or ESC to Cancel Menu 11 3 Remote Node Network Layer Options IP Options Bridge Options IP Address Assignment Stati...

Страница 265: ...Cancel Table 89 Menu 12 3 1 Edit Bridge Static Route FIELD DESCRIPTION Route This is the route index number you typed in Menu 12 3 Bridge Static Route Setup Route Name Type a name for the bridge stati...

Страница 266: ...Prestige 2602R Series User s Guide 266 Chapter 27 Bridging Setup...

Страница 267: ...orts two types of mapping Many to One and Server See Section 28 3 on page 269or a detailed description of the NAT set for SUA The Prestige also supports Full Feature NAT to map multiple global IP addr...

Страница 268: ...options for Network Address Translation Menu 4 Internet Access Setup ISP s Name MyISP Encapsulation RFC 1483 Multiplexing LLC based VPI 8 VCI 35 ATM QoS Type UBR Peak Cell Rate PCR 0 Sustain Cell Rat...

Страница 269: ...rator screens for further information on these menus To configure NAT enter 15 from the main menu to bring up the following screen Figure 146 Menu 15 NAT Setup 28 3 1 Address Mapping Sets Enter 1 to b...

Страница 270: ...Menu Selection Number Menu 15 1 255 Address Mapping Rules Set Name SUA Idx Local Start IP Local End IP Global Start IP Global End IP Type 1 0 0 0 0 255 255 255 255 0 0 0 0 M 1 2 0 0 0 0 Server 3 4 5...

Страница 271: ...ed If there are any empty rules before your new configured rule your configured rule will be pushed up by that number of empty rules For example if you have already configured rules 1 to 6 in your cur...

Страница 272: ...will be deleted Action The default is Edit Edit means you want to edit a selected rule see following field Insert Before means to insert a rule before the rule selected The rules after the selected ru...

Страница 273: ...amic IP enter 0 0 0 0 as the Global IP Start Note that Global IP Start can be set to 0 0 0 0 only if the types are Many to One or Server End This is the ending inside global IP address IGA This field...

Страница 274: ...ting as an FTP Telnet and SMTP server ports 21 23 and 25 at 192 168 1 33 6 Press ENTER at the Press ENTER to confirm prompt to save your configuration after you define all the servers or press ESC at...

Страница 275: ...the Many to One mapping discussed in Section 28 5 on page 274 The SUA Only read only option from the Network Address Translation field in menus 4 and 11 3 is specifically pre configured to handle this...

Страница 276: ...e the other IGA Map the FTP servers to the first two IGAs and the other LAN traffic to the remaining IGA Map the third IGA to an inside web server and mail server Four rules need to be configured two...

Страница 277: ...ose the Full Feature option from the Network Address Translation field in menu 4 or menu 11 3 in Figure 159 on page 278 1 Enter 15 from the main menu 2 Enter 1 to configure the Address Mapping Sets 3...

Страница 278: ...ons IP Address Assignment Static Ethernet Addr Timeout min 0 Rem IP Addr 0 0 0 0 Rem Subnet Mask 0 0 0 0 My WAN Addr 0 0 0 0 NAT Full Feature Address Mapping Set 2 Metric 2 Private No RIP Direction Bo...

Страница 279: ...g Rules Set Name Example3 Idx Local Start IP Local End IP Global Start IP Global End IP Type 1 192 168 1 10 10 132 50 1 1 1 2 192 168 1 11 10 132 50 2 1 1 3 0 0 0 0 255 255 255 255 10 132 50 3 M 1 4 1...

Страница 280: ...some gaming programs are NAT unfriendly because they embed addressing information in the data stream These applications won t work through NAT even when using One to One and Many to Many No Overload...

Страница 281: ...4 Menu 15 1 1 Address Mapping Rules Menu 15 1 1 Address Mapping Rules Set Name Example4 Idx Local Start IP Local End IP Global Start IP Global End IP Type 1 192 168 1 10 192 168 1 12 10 132 50 1 10 1...

Страница 282: ...Prestige 2602R Series User s Guide 282 Chapter 28 Network Address Translation NAT...

Страница 283: ...by far the most comprehensive firewall configuration tool your Prestige has to offer For this reason it is recommended that you configure your firewall using the web configurator see the following cha...

Страница 284: ...S attacks when it is active The default Policy sets 1 allow all sessions originating from the LAN to the WAN and 2 deny all sessions originating from the WAN to the LAN You may define additional Polic...

Страница 285: ...user defined call filters Your Prestige has built in call filters that prevent administrative for example RIP packets from triggering calls These filters are always enabled and not accessible to you Y...

Страница 286: ...ribe how to configure filter sets 30 1 1 The Filter Structure of the Prestige A filter set consists of one or more filter rules Usually you would group related rules for example all the rules for NetB...

Страница 287: ...press ENTER 4 Type a descriptive name or comment in the Edit Comments field and press ENTER 5 Press ENTER at the message Press ENTER to confirm to display Menu 21 1 1 Filter Rules Summary that is if y...

Страница 288: ...0 0 0 0 DA 0 0 0 0 DP 139 N D N 4 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 137 N D N 5 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 138 N D N 6 Y IP Pr 17 SA 0 0 0 0 DA 0 0 0 0 DP 139 N D F Enter Filter Rule Number...

Страница 289: ...chain with the present rule An action cannot be taken until the rule chain is complete N means there are no more rules to check You can specify an action to be taken for instance forward the packet dr...

Страница 290: ...nu fields are provided for protocol and device filter sets If you include a protocol filter set in a device filters field or vice versa the Prestige will warn you and will not allow you to save 30 4 1...

Страница 291: ...e field range is 0 to 65535 A 0 field is ignored Port Comp Select the comparison to apply to the destination port in the packet against the value given in Destination Port Choices are None Less Greate...

Страница 292: ...onfirm or ESC to Cancel to save your configuration or press ESC at any time to cancel Table 96 Menu 21 1 x x TCP IP Filter Rule continued FIELD DESCRIPTION Packet into IP Filter Matched Matched Yes Ac...

Страница 293: ...hown in the following figure Figure 175 Menu 21 1 5 1 Generic Filter Rule The next table describes the fields in the Generic Filter Rule menu Menu 21 1 5 1 Generic Filter Rule Filter 5 1 Filter Type G...

Страница 294: ...ace The interface can be an Ethernet or any other hardware port The following figure illustrates this Figure 176 Protocol and Device Filter Sets More If Yes a matching packet is passed to the next fil...

Страница 295: ...he index number of the filter set you want to configure in this case 6 3 Type a descriptive name or comment in the Edit Comments field for example TELNET_WAN and press ENTER 4 Press ENTER at the messa...

Страница 296: ...tivated A Y a TCP IP filter rule Type IP Pr 6 for destination telnet ports DP 23 M N means an action can be taken immediately The action is to drop the packet m D if the action is matched and to forwa...

Страница 297: ...numbers separated by commas for example 3 4 6 11 The factory default filter set NetBIOS_LAN is inserted in the protocol filters field under Input Filter Sets in menu 3 1 in order to prevent local NetB...

Страница 298: ...r Sets in menu 11 5 to block local NetBIOS traffic from triggering calls to the ISP Figure 181 Filtering Remote Node Traffic Note that call filter sets are visible when you select PPPoA or PPPoE encap...

Страница 299: ...network The Prestige supports SNMP version one SNMPv1 and version two c SNMPv2c The next figure illustrates an SNMP management operation SNMP is only available if TCP IP is configured Figure 182 SNMP...

Страница 300: ...etrieve an object variable from the agent GetNext Allows the manager to retrieve the next object variable from a table or list within an agent In SNMPv1 when a manager wants to retrieve all elements o...

Страница 301: ...nt station Trusted Host If you enter a trusted host your Prestige will only respond to SNMP messages from this address A blank default field means your Prestige will respond to all SNMP messages it re...

Страница 302: ...d 6 whyReboot defined in ZYXEL MIB A trap is sent with the reason of restart before rebooting when the system is going to restart warm start 6a For intentional reboot A trap is sent with the message S...

Страница 303: ...ives you information on the status and statistics of the ports as shown next System Status is a tool that can be used to monitor your Prestige Specifically it gives you information on your DSL telepho...

Страница 304: ...tream Speed 0 kbps Press Command COMMANDS 1 Reset Counters ESC Exit Table 102 Menu 24 1 System Maintenance Status FIELD DESCRIPTION Node Lnk This is the node index number and link type Link types are...

Страница 305: ...on and Console Port Speed 32 3 1 System Information Enter 1 in menu 24 2 to display the screen shown next Line Status This shows the current status of the xDSL line which can be Up or Down Upstream Sp...

Страница 306: ...9 00 00 01 IP Address 192 168 1 1 IP Mask 255 255 255 0 DHCP Server Press ESC or RETURN to Exit Table 103 Menu 24 2 1 System Maintenance Information FIELD DESCRIPTION Name Displays the system name of...

Страница 307: ...mething goes wrong is the error log Follow the procedures to view the local error trace log 1 Type 24 in the main menu to display Menu 24 System Maintenance 2 From menu 24 type 3 to display Menu 24 3...

Страница 308: ...pause 1 day 57 Sat Jan 01 00 00 03 2000 PP21 INFO monitoring WAN connectivity 58 Sat Jan 01 00 03 06 2000 PP19 INFO SMT Password pass 59 Sat Jan 01 00 03 06 2000 PP01 INFO SMT Session Begin 60 Sat Ja...

Страница 309: ...02 OutCall Connected 64000 40002 Jul 19 11 20 06 192 168 102 2 ZYXEL board 0 line 0 channel 0 call 1 C02 Call Terminated 2 Packet Triggered SdcmdSyslogSend SYSLOG_PKTTRI SYSLOG_NOTICE String String Pa...

Страница 310: ...55 192 168 102 2 ZYXEL IP Src 202 132 154 123 Dst 255 255 255 255 UDP spo 0208 dpo 0208 S03 R01mF Jul 19 14 44 00 192 168 102 2 ZYXEL IP Src 192 168 102 20 Dst 202 132 154 1 UDP spo 05d4 dpo 0035 S03...

Страница 311: ...ance Menu Diagnostic FIELD DESCRIPTION Reset xDSL Re initialize the xDSL link to the telephone company Ping Host Ping the host to see if the links and TCP IP protocol on both systems are working Reboo...

Страница 312: ...Prestige 2602R Series User s Guide 312 Chapter 32 System Information and Diagnosis...

Страница 313: ...name of your choosing ZyNOS ZyXEL Network Operating System sometimes referred to as the ras file is the system firmware and has a bin filename extension With many FTP and TFTP clients the filenames ar...

Страница 314: ...backup the current Prestige configuration to your computer Backup is highly recommended once your Prestige is functioning properly FTP is the preferred methods for backing up your current configuratio...

Страница 315: ...enames it config rom See earlier in this chapter for more information on filename conventions 7 Enter quit to exit the ftp prompt 33 2 3 Example of FTP Commands from the Command Line Menu 24 5 System...

Страница 316: ...le session running 331 Enter PASS command Password 230 Logged in ftp bin 200 Type I OK ftp get rom 0 zyxel rom 200 Port command okay 150 Opening data connection for STOR ras 226 File received OK ftp 1...

Страница 317: ...le transfer is complete 4 Launch the TFTP client on your computer and connect to the Prestige Set the transfer mode to binary before starting data transfer 5 Use the TFTP client see the example below...

Страница 318: ...tart after the file transfer is complete Note Do not interrupt the file transfer process as this may PERMANENTLY DAMAGE YOUR Prestige 33 3 1 Restore Using FTP For details about backup using T FTP plea...

Страница 319: ...r to Section 33 2 5 on page 316 to read about configurations that disallow TFTP and FTP over WAN Menu 24 6 System Maintenance Restore Configuration To transfer the firmware and configuration file to y...

Страница 320: ...firmware and the configuration file using FTP Figure 198 Telnet Into Menu 24 7 1 Upload System Firmware 33 4 2 Configuration File Upload You see the following screen when you telnet into menu 24 7 2 M...

Страница 321: ...fers the configuration file on the Prestige to your computer and renames it config rom See earlier in this chapter for more information on filename conventions 7 Enter quit to exit the ftp prompt The...

Страница 322: ...the SMT in command interpreter CI mode by entering 8 in Menu 24 System Maintenance 3 Enter the command sys stdio 0 to disable the console timeout so the TFTP transfer will not be interrupted Enter sy...

Страница 323: ...ras where i specifies binary image transfer mode use this mode when transferring binary files host is the Prestige s IP address and put transfers the file source on the computer firmware bin name of t...

Страница 324: ...Prestige 2602R Series User s Guide 324 Chapter 33 Firmware and Configuration File Maintenance...

Страница 325: ...on CI commands Enter 8 from Menu 24 System Maintenance A list of valid commands can be found by typing help or at the command prompt Type exit to return to the SMT main menu when finished Figure 201 C...

Страница 326: ...ontrol menu select option 9 in menu 24 to go to Menu 24 9 System Maintenance Call Control as shown in the next table Figure 203 Menu 24 9 System Maintenance Call Control 34 2 1 Budget Management Menu...

Страница 327: ...n displayed in the Prestige error logs and firewall logs Select menu 24 in the main menu to open Menu 24 System Maintenance as shown next Figure 205 Menu 24 System Maintenance Then enter 10 to go to M...

Страница 328: ...ormat displays a 4 byte integer giving the total number of seconds since 1970 1 1 at 0 0 0 NTP RFC 1305 is similar to Time RFC 868 None The default enter the time manually Time Server Address Enter th...

Страница 329: ...stem Maintenance 329 34 3 1 Resetting the Time The Prestige resets the time in three instances On leaving menu 24 10 after making changes When the Prestige starts up if there is a timeserver configure...

Страница 330: ...Prestige 2602R Series User s Guide 330 Chapter 34 System Maintenance...

Страница 331: ...configuring firewall rules 35 2 Remote Management To disable remote management of a service select Disable in the corresponding Server Access field Enter 11 from menu 24 to display Menu 24 11 Remote...

Страница 332: ...s LAN only Secured Client IP 0 0 0 0 FTP Server Server Port 21 Server Access LAN only Secured Client IP 0 0 0 0 Web Server Server Port 80 Server Access LAN only Secured Client IP 0 0 0 0 Press ENTER t...

Страница 333: ...dress when configuring from the LAN 35 4 System Timeout There is a default system management idle timeout of five minutes three hundred seconds The Prestige automatically logs you out if the managemen...

Страница 334: ...Prestige 2602R Series User s Guide 334 Chapter 35 Remote Management...

Страница 335: ...ecedence or TOS Type of Service values in the IP header at the periphery of the network to enable the backbone to prioritize traffic Cost Savings IPPR allows organizations to distribute interactive tr...

Страница 336: ...e main menu to open Menu 25 IP Routing Policy Setup 2 Type the index of the policy set you want to configure to open Menu 25 1 IP Routing Policy Setup Menu 25 1 shows the summary of a policy set inclu...

Страница 337: ...__________________________________________________________ ______________________________________________________________________ 5 N __________________________________________________________________...

Страница 338: ...licy Inactive policies are displayed with a minus sign in SMT menu 25 Criteria IP Protocol IP layer 4 protocol for example UDP TCP ICMP etc Type of Service Prioritize incoming network traffic by choos...

Страница 339: ...selected Gateway addr in the Gateway type field defines the outgoing gateway address here The gateway must be on the same subnet as the Prestige if it is on the LAN otherwise the gateway must be the...

Страница 340: ...e default IP route and route 2 represents the configured IP route Menu 3 2 TCP IP and DHCP Setup DHCP Setup DHCP Server Client IP Pool Starting Address 192 168 1 33 Size of Client IP Pool 32 Primary D...

Страница 341: ...4 IP Routing Policy Example 1 Check Menu 25 1 IP Routing Policy Setup to see if the rule is added correctly 2 Create another policy set in menu 25 Menu 25 1 1 IP Routing Policy Policy Set Name 1 Activ...

Страница 342: ...t Care Packet length 10 Precedence Don t Care Len Comp Equal Source addr start 0 0 0 0 end N A port start 0 end N A Destination addr start 0 0 0 0 end N A port start 20 end 21 Action Matched Gateway...

Страница 343: ...take precedence over higher numbered sets thereby avoiding scheduling conflicts For example if sets 1 2 3 and 4 in are applied in the remote node then set 1 will take precedence over set 2 3 and 4 as...

Страница 344: ...Yes or No Choose Yes and press ENTER to activate the schedule set Start Date Enter the start date when you wish the set to take effect in year month date format Valid dates are from the present to 20...

Страница 345: ...means that the connection is blocked whether or not there is a demand call on the line Enable Dial On Demand means that this schedule permits a demand call on the line Disable Dial On Demand means tha...

Страница 346: ...Prestige 2602R Series User s Guide 346 Chapter 37 Call Scheduling...

Страница 347: ...appropriate power source Make sure that the Prestige and the power source are both turned on Turn the Prestige off and on If the error persists you may have a hardware problem In this case you should...

Страница 348: ...C address or the host name The username and password apply to PPPoE and PPPoA encapsulation only Make sure that you have entered the correct Service Type User Name and Password be sure to use the corr...

Страница 349: ...our computer s IP address must match it Refer to the chapter on remote management for details Your computer s and the Prestige s IP addresses must be on the same subnet for LAN access If you changed t...

Страница 350: ...in Windows XP SP Service Pack 2 or allow pop up blocking and create an exception for your device s IP address 38 4 1 1 1 Disable pop up Blockers 1 In Internet Explorer select Tools Pop up Blocker and...

Страница 351: ...to save this setting 38 4 1 1 2 Enable pop up Blockers with Exceptions Alternatively if you only want to allow pop up windows from your device see the following steps 1 In Internet Explorer select To...

Страница 352: ...38 Troubleshooting Figure 222 Internet Options 3 Type the IP address of your device the web page that you do not want to have blocked with the prefix http For example http 192 168 1 1 4 Click Add to m...

Страница 353: ...ngs 5 Click Close to return to the Privacy screen 6 Click Apply to save this setting 38 4 1 2 JavaScripts If pages of the web configurator do not display properly in Internet Explorer check that JavaS...

Страница 354: ...igure 224 Internet Options 2 Click the Custom Level button 3 Scroll down to Scripting 4 Under Active scripting make sure that Enable is selected the default 5 Under Scripting of Java applets make sure...

Страница 355: ...ttings Java Scripting 38 4 1 3 Java Permissions 1 From Internet Explorer click Tools Internet Options and then the Security tab 2 Click the Custom Level button 3 Scroll down to Microsoft VM 4 Under Ja...

Страница 356: ...8 Troubleshooting Figure 226 Security Settings Java 38 4 1 3 1 JAVA Sun 1 From Internet Explorer click Tools Internet Options and then the Advanced tab 2 make sure that Use Java 2 for applet under Jav...

Страница 357: ...ly configured I cannot call from one of the Prestige s phone ports to the other phone port You cannot call the SIP number of the SIP account that you are using to make a call The Prestige generates a...

Страница 358: ...Prestige 2602R Series User s Guide 358 Chapter 38 Troubleshooting...

Страница 359: ...evice Specifications Default IP Address 192 168 1 1 Default Subnet Mask 255 255 255 0 24 bits Default Password 1234 DHCP Pool 192 168 1 32 to 192 168 1 64 Dimensions 248 W x 168 D x 37 H mm Weight 350...

Страница 360: ...Virtual Circuits I 610 F4 F5 OAM Other Protocol Support PPP Point to Point Protocol link layer protocol Transparent bridging for unsupported network layer protocols DHCP Server Client Relay RIP I RIP...

Страница 361: ...ncellation 8ms 16ms Fax and data modem discrimination Silence Suppression Voice Activity Detection VAD Comfort Noise Generation CNG Dynamic Jitter Butter DTMF Detection and Generation DTMF In band and...

Страница 362: ...122204 Input Power 120VAC 60Hz Output Power 12V AC 1A Power Consumption 12W Safety Standards UL CUL UL 1950 EUROPEAN PLUG STANDARDS AC Power Adapter Model ADS6818 1818 B 1810 Input Power AC 100 240Vo...

Страница 363: ...s 3 1 requires the purchase of a third party TCP IP application package TCP IP should already be installed on computers using Windows NT 2000 XP Macintosh OS 7 and later operating systems After the ap...

Страница 364: ...for Microsoft Networks If you need the adapter 1 In the Network window click Add 2 Select Adapter and then click Add 3 Select the manufacturer and model of your network adapter and then click OK If y...

Страница 365: ...rk adapter s TCP IP entry and click Properties 2 Click the IP Address tab If your IP address is dynamic select Obtain an IP address automatically If you have a static IP address select Specify an IP a...

Страница 366: ...d close the TCP IP Properties window 6 Click OK to close the Network window Insert the Windows CD if prompted 7 Turn on your Prestige and restart your computer when prompted Verifying Settings 1 Click...

Страница 367: ...omputer s IP Address 367 Figure 232 Windows XP Start Menu 2 In the Control Panel double click Network Connections Network and Dial up Connections in Windows 2000 NT Figure 233 Windows XP Control Panel...

Страница 368: ...e General tab in Win XP and then click Properties Figure 235 Windows XP Local Area Connection Properties 5 The Internet Protocol TCP IP Properties window opens the General tab in Windows XP If you hav...

Страница 369: ...sses click Add In TCP IP Address type an IP address in IP address and a subnet mask in Subnet mask and then click Add Repeat the above two steps for each IP address you want to add Configure additiona...

Страница 370: ...dow the General tab in Windows XP Click Obtain DNS server address automatically if you do not know your DNS server IP address es If you know your DNS server IP address es click Use the following DNS s...

Страница 371: ...Network Connections window Network and Dial up Connections in Windows 2000 NT 11Turn on your Prestige and restart your computer if prompted Verifying Settings 1 Click Start All Programs Accessories a...

Страница 372: ...Setting up Your Computer s IP Address Figure 239 Macintosh OS 8 9 Apple Menu 2 Select Ethernet built in from the Connect via list Figure 240 Macintosh OS 8 9 TCP IP 3 For dynamically assigned settings...

Страница 373: ...Click Save if prompted to save changes to your configuration 7 Turn on your Prestige and restart your computer if prompted Verifying Settings Check your TCP IP properties in the TCP IP Control Panel...

Страница 374: ...bnet mask in the Subnet mask box Type the IP address of your Prestige in the Router address box 5 Click Apply Now and close the window 6 Turn on your Prestige and restart your computer if prompted Ver...

Страница 375: ...eps below to configure your computer IP address using the KDE 1 Click the Red Hat button located on the bottom left corner select System Setting and click Network Figure 243 Red Hat 9 0 KDE Network Co...

Страница 376: ...your DNS server IP address es click the DNS tab in the Network Configuration screen Enter the DNS server information in the fields provided Figure 245 Red Hat 9 0 KDE Network Configuration DNS 5 Click...

Страница 377: ...lowing example shows an example where the static IP address is 192 168 1 10 and the subnet mask is 255 255 255 0 Figure 248 Red Hat 9 0 Static IP Address Setting in ifconfig eth0 2 If you know your DN...

Страница 378: ...utting down loopback interface OK Setting network parameters OK Bringing up loopback interface OK Bringing up interface eth0 OK root localhost ifconfig eth0 Link encap Ethernet HWaddr 00 50 BA 72 5B 4...

Страница 379: ...in a manner similar to dial up services using PPP Benefits of PPPoE PPPoE offers the following benefits It provides you with a familiar dial up networking DUN user interface It lessens the burden on...

Страница 380: ...ccess Concentrator and tunnels the PPP frames to the ISP The L2TP tunnel is capable of carrying multiple PPP sessions With PPPoE the VC Virtual Circuit is equivalent to the dial up connection and is b...

Страница 381: ...address the first two octets make up the network number and the two remaining octets make up the host ID Class C addresses begin starting from the left with 1 1 0 In a class C address the first three...

Страница 382: ...the host ID Subnet masks are expressed in dotted decimal notation just as IP addresses are The natural masks for class A B and C IP addresses are as follows Subnetting With subnetting the class arran...

Страница 383: ...address 192 168 1 0 with subnet mask of 255 255 255 0 The first three octets of the address make up the network number class C You want to have two separate networks Divide the network 192 168 1 0 int...

Страница 384: ...255 255 255 128 is the directed broadcast address for the first subnet Therefore the lowest IP address that can be assigned to an actual host for the first subnet is 192 168 1 1 and the highest is 19...

Страница 385: ...68 1 0 IP Address Binary 11000000 10101000 00000001 00000000 Subnet Mask Binary 11111111 11111111 11111111 11000000 Subnet Address 192 168 1 0 Lowest Host ID 192 168 1 1 Broadcast Address 192 168 1 63...

Страница 386: ...1111 11111111 11111111 11000000 Subnet Address 192 168 1 192 Lowest Host ID 192 168 1 193 Broadcast Address 192 168 1 255 Highest Host ID 192 168 1 254 Table 134 Eight Subnets SUBNET SUBNET ADDRESS FI...

Страница 387: ...or subnetting The following table is a summary for class B subnet planning Table 136 Class B Subnet Planning NO BORROWED HOST BITS SUBNET MASK NO SUBNETS NO HOSTS PER SUBNET 1 255 255 128 0 17 2 32766...

Страница 388: ...Prestige 2602R Series User s Guide 388 Appendix D IP Subnetting...

Страница 389: ...ceiving data packets between two Ethernet devices Some companies have more than one alternate route to one or more ISPs If the LAN and ISP s are in the same subnet the triangle route problem may occur...

Страница 390: ...hree logical LAN interfaces with the Prestige being the gateway for each logical network By putting your LAN and Gateway B in different subnets all returning network traffic must pass through the Pres...

Страница 391: ...A second solution to the triangle route problem is to put all of your network gateways on the WAN side as the following figure shows This ensures that all incoming network traffic passes through your...

Страница 392: ...Prestige 2602R Series User s Guide 392 Appendix E Triangle Route...

Страница 393: ...time of signaling sessions The SIP UA sends registration packets to the SIP server periodically and keeps the session alive in the Prestige If the SIP client does not have this mechanism and makes no...

Страница 394: ...Prestige 2602R Series User s Guide 394 Appendix F SIP Passthrough...

Страница 395: ...allowed input where input is your input conforming to parameter values allowed The figure shown next is an example of an Internal SPTGEN text file Figure 258 Configuration Text File Format Column Des...

Страница 396: ...ne Example The Prestige will display the following if you enter parameter s that are valid Figure 260 Valid Parameter Entered Command Line Example Internal SPTGEN FTP Download Example 1 Launch your FT...

Страница 397: ...ernal SPTGEN FTP Upload Example Example Internal SPTGEN Screens This section covers Prestige Internal SPTGEN screens c ftp 192 168 1 1 220 PPP FTP version 1 0 ready at Sat Jan 1 03 22 12 2000 User 192...

Страница 398: ...Yes 0 Table 139 Menu 3 SMT Menu 3 Menu 3 1 General Ethernet Setup SMT menu 3 1 FIN FN PVA INPUT 30100001 Input Protocol filters Set 1 2 30100002 Input Protocol filters Set 2 256 30100003 Input Protoc...

Страница 399: ...0 30200011 Version 0 Rip 1 1 Rip 2B 2 Rip 2M 0 30200012 Multicast 0 IGMP v2 1 IGMP v1 2 None 2 30200013 IP Policies Set 1 1 12 256 30200014 IP Policies Set 2 1 12 256 30200015 IP Policies Set 3 1 12...

Страница 400: ...th 2 In Only 3 Out Only 0 30201018 Version 0 Rip 1 1 Rip 2B 2 Rip 2M 0 30201019 IP Alias 2 Incoming protocol filters Set 1 256 30201020 IP Alias 2 Incoming protocol filters Set 2 256 30201021 IP Alias...

Страница 401: ...1 Enable 0 MENU 3 5 1 WLAN MAC ADDRESS FILTER SMT MENU 3 5 1 FIN FN PVA INPUT 30501001 Mac Filter Active 0 No 1 Yes 0 30501002 Filter Action 0 Allow 1 Deny 0 30501003 Address 1 00 00 00 00 0 0 00 3050...

Страница 402: ...et mask 0 40000016 ISP incoming protocol filter set 1 6 40000017 ISP incoming protocol filter set 2 256 40000018 ISP incoming protocol filter set 3 256 40000019 ISP incoming protocol filter set 4 256...

Страница 403: ...0 No 1 Yes 0 Menu 12 1 2 IP Static Route Setup SMT Menu 12 1 2 FIN FN PVA INPUT 120102001 IP Static Route set 2 Name 120102002 IP Static Route set 2 Active 0 No 1 Yes 0 120102003 IP Static Route set...

Страница 404: ...n IP subnetmask 0 120105005 IP Static Route set 5 Gateway 0 0 0 0 120105006 IP Static Route set 5 Metric 0 120105007 IP Static Route set 5 Private 0 No 1 Yes 0 Menu 12 1 6 IP Static Route Setup SMT Me...

Страница 405: ...IP Static Route set 9 Destination IP address 0 0 0 0 120109004 IP Static Route set 9 Destination IP subnetmask 0 120109005 IP Static Route set 9 Gateway 0 0 0 0 120109006 IP Static Route set 9 Metric...

Страница 406: ...FN PVA INPUT 120113001 IP Static Route set 13 Name Str 120113002 IP Static Route set 13 Active 0 No 1 Yes 0 120113003 IP Static Route set 13 Destination IP address 0 0 0 0 120113004 IP Static Route se...

Страница 407: ...k 0 120116005 IP Static Route set 16 Gateway 0 0 0 0 120116006 IP Static Route set 16 Metric 0 120116007 IP Static Route set 16 Private 0 No 1 Yes 0 Table 141 Menu 12 SMT Menu 12 continued Table 142 M...

Страница 408: ...ll 6 TCP 17 U DP 0 0 0 0 150000029 SUA Server 7 Port Start 0 150000030 SUA Server 7 Port End 0 150000031 SUA Server 7 Local IP address 0 0 0 0 150000032 SUA Server 8 Active 0 No 1 Yes 0 150000033 SUA...

Страница 409: ...21 1 1 1 set 1 rule 1 SMT Menu 21 1 1 1 FIN FN PVA INPUT 210101001 IP Filter Set 1 Rule 1 Type 2 TCP IP 2 210101002 IP Filter Set 1 Rule 1 Active 0 No 1 Yes 1 210101003 IP Filter Set 1 Rule 1 Protoco...

Страница 410: ...ot equal 3 less 4 greater 0 210102013 IP Filter Set 1 Rule 2 Act Match 1 check next 2 forward 3 drop 3 210102014 IP Filter Set 1 Rule 2 Act Not Match 1 check next 2 forward 3 drop 1 Menu 21 1 1 3 set...

Страница 411: ...ss 0 0 0 0 210104009 IP Filter Set 1 Rule 4 Src Subnet Mask 0 210104010 IP Filter Set 1 Rule 4 Src Port 0 210104011 IP Filter Set 1 Rule 4 Src Port Comp 0 none 1 equal 2 not equal 3 less 4 greater 0 2...

Страница 412: ...lter Set 1 Rule 6 Dest IP address 0 0 0 0 210106005 IP Filter Set 1 Rule 6 Dest Subnet Mask 0 210106006 IP Filter Set 1 Rule 6 Dest Port 139 210106007 IP Filter Set 1 Rule 6 Dest Port Comp 0 none 1 eq...

Страница 413: ...lter Set 2 Rule 1 Src Port 0 210201011 IP Filter Set 2 Rule 1 Src Port Comp 0 none 1 equal 2 not equal 3 less 4 gr eater 0 210201013 IP Filter Set 2 Rule 1 Act Match 1 check next 2 forward 3 drop 3 21...

Страница 414: ...210203004 IP Filter Set 2 Rule 3 Dest IP address 0 0 0 0 210203005 IP Filter Set 2 Rule 3 Dest Subnet Mask 0 210203006 IP Filter Set 2 Rule 3 Dest Port 139 210203007 IP Filter Set 2 Rule 3 Dest Port C...

Страница 415: ...4 gr eater 0 210204013 IP Filter Set 2 Rule 4 Act Match 1 check next 2 forward 3 drop 3 210204014 IP Filter Set 2 Rule 4 Act Not Match 1 check next 2 forward 3 drop 1 Menu 21 1 2 5 Filter set 2 rule 5...

Страница 416: ...ask 0 210206006 IP Filter Set 2 Rule 6 Dest Port 139 210206007 IP Filter Set 2 Rule 6 Dest Port Comp 0 none 1 equal 2 not equal 3 less 4 gr eater 1 210206008 IP Filter Set 2 Rule 6 Src IP address 0 0...

Страница 417: ...111 230200006 Accounting Server Configured 0 No 1 Yes 1 230200007 Accounting Server Active 0 No 1 Yes 1 230200008 Accounting Server IP Address 192 168 1 44 230200009 Accounting Server Port 1823 230200...

Страница 418: ...Menu 24 11 Remote Management Control SMT Menu 24 11 FIN FN PVA INPUT 241100001 TELNET Server Port 23 241100002 TELNET Server Access 0 all 1 none 2 L an 3 Wan 0 241100003 TELNET Server Secured IP addre...

Страница 419: ...Prestige 2602R Series User s Guide Appendix G Internal SPTGEN 419 FIN FN PVA INPUT 990000001 ADSL OPMD 0 etsi 1 normal 2 gdmt 3 multimo de 3 Table 147 Command Examples continued FIN FN PVA INPUT...

Страница 420: ...Prestige 2602R Series User s Guide 420 Appendix G Internal SPTGEN...

Страница 421: ...the unit and possibly render it unusable Command Syntax The command keywords are in courier new font Enter the command keywords exactly as shown do not abbreviate The required fields in a command are...

Страница 422: ...Prestige 2602R Series User s Guide 422 Appendix H Command Interpreter...

Страница 423: ...ewall Enables disables the firewall cnt disp Displays the firewall log type and count clear Clears the firewall log count pktdump Dumps the last 64 bytes of packets that the firewall has dropped dynam...

Страница 424: ...Prestige 2602R Series User s Guide 424 Appendix I Firewall Commands...

Страница 425: ...Prestige boot module commands as shown in the next screen ATBAx allows you to change the console port speed The x denotes the number preceding the colon to give the console port speed following the co...

Страница 426: ...write Country code to flash ROM ATCB copy from FLASH ROM to working buffer ATCL clear working buffer ATSB save working buffer to FLASH ROM ATBU dump manufacturer related data in working buffer ATSH du...

Страница 427: ...Successful TELNET login Someone has logged on to the router via telnet TELNET login failed Someone has failed to log on to the router via telnet Successful FTP login Someone has logged on to the route...

Страница 428: ...etBIOS filter settings WAN connection is down A WAN connection is down You cannot access the network through this interface Table 151 Access Control Logs LOG MESSAGE DESCRIPTION Firewall default polic...

Страница 429: ...s 3600 Exceed MAX incomplete sent TCP RST The router sent a TCP reset packet when the number of incomplete connections TCP and UDP exceeded the user configured threshold Incomplete count is for all T...

Страница 430: ...le board 0 line 0 channel 0 call 3 C01 Outgoing Call dev 6 ch 0 Means the router has dialed to the PPPoE server 3 times board d line d channel d call d s C02 OutCall Connected d s The PPPoE PPTP or di...

Страница 431: ...MP type d code d The firewall detected an ICMP land attack ip spoofing WAN TCP UDP IGMP ESP GRE OSPF The firewall detected an IP spoofing attack on the WAN port ip spoofing WAN ICMP type d code d The...

Страница 432: ...aveling from the LAN to the LAN or the Prestige W to W Prestige WAN to WAN Prestige ACL set for packets traveling from the WAN to the WAN or the Prestige Table 161 ICMP Notes TYPE CODE DESCRIPTION 0 E...

Страница 433: ...cat category This message is sent by the system RAS displays as the system name if you haven t configured one when the router generates a syslog The facility is defined in the web MAIN MENU LOGS Log S...

Страница 434: ...hone call failed because the RTP session could not be established Error RTP connection cannot close The termination of an RTP session failed Table 165 FSM Logs Caller Side LOG MESSAGE DESCRIPTION VoIP...

Страница 435: ...restige is to record Table 166 FSM Logs Callee Side LOG MESSAGE DESCRIPTION VoIP Call Start from SIP SIP Port Number A VoIP phone call came to the Prestige from the listed SIP number VoIP Call Establi...

Страница 436: ...gs and alerts for that category Not every parameter is available with every category 5 Use the sys logs save command to store the settings in the Prestige you must do this in order to record logs Disp...

Страница 437: ...n notes message 7 01 01 2000 09 40 13 192 168 1 1 3 192 168 1 33 1 ACCESS FO RWARD Router reply ICMP packet ICMP type 3 code 1 8 01 01 2000 09 40 07 192 168 1 1 3 192 168 1 33 1 ACCESS FO RWARD Router...

Страница 438: ...Prestige 2602R Series User s Guide 438 Appendix K Log Descriptions...

Страница 439: ...ptation Layer type 5 360 ATM Layer Options 256 ATM Loopback Test 221 ATM QoS Type 247 ATM Status 221 Attack Alert 168 Attack Types 140 AUTH TCP 113 163 Authentication 252 Authentication Password 63 11...

Страница 440: ...61 Codec 107 112 Codecs 361 Coder Decoder 107 112 Collision 304 Collisions 217 Comfort Noise Generation 43 115 361 Command Interpreter Mode 325 Communications 4 Community 300 Compliance FCC 4 Componen...

Страница 441: ...tion Protocol 44 Dynamic Jitter Buffer 43 Dynamic Jitter Butter 361 DYNDNS Wildcard 129 E ECHO 95 Echo Cancellation 43 115 361 Electric Shock 5 Electrical Pipes 5 Electrocution 5 E mail Log Example 19...

Страница 442: ...32 Restrictions 332 FTP TCP 20 21 163 FTP File Transfer 320 FTP Restrictions 175 316 FTP Server 277 Functionally Equivalent 6 G G 168 43 115 361 G 711 107 112 361 G 729 107 112 361 G 992 1 360 G 992 3...

Страница 443: ...IP Addressing 381 IP Alias 45 243 IP Alias Setup 244 IP Classes 381 IP Filter 292 Logic Flow 292 IP Mask 291 IP Multicasting 360 IP Packet 293 IP Policies 243 339 IP Policy 243 IP Policy Routing 335 I...

Страница 444: ...250 LLC based 80 VC based 80 Multiprotocol Encapsulation 80 My WAN Address 253 N N A Fields 226 Nailed Up Connection 81 NAT 73 95 96 294 Address Mapping Rule 100 Application 93 Applying NAT in the SM...

Страница 445: ...daptation Layer 5 AAL5 79 Point to Point 39 Point to point Calls 361 Point to Point Tunneling Protocol 96 164 Policy based Routing 335 Pool 5 POP3 95 137 138 POP3 TCP 110 164 Port Forwarding 361 Port...

Страница 446: ...0 REGISTER Server Port 63 110 Registered 3 Registered Trademark 3 Regular Mail 7 Related Documentation 37 Relocate 4 Re manufactured 6 Remote Command Service 164 Remote Desktop Protocol 165 Remote DHC...

Страница 447: ...eceiver 4 Serial Number 7 Server 38 94 269 271 272 273 274 275 276 277 328 Server Behind NAT 273 Service 5 6 151 Service Personnel 5 Service Type 159 348 Services 95 Session Description Protocol 361 S...

Страница 448: ...Sub class Layers 207 Subnet Mask 73 157 241 253 261 306 Subnet Masks 382 Subnetting 382 Supplementary Phone Services 119 Supplementary Services 119 Supply Voltage 5 Support E mail 7 Supporting Disk 37...

Страница 449: ...vice 114 335 337 338 339 U UBR 247 UBR Unspecified Bit Rate 85 UDP 165 UDP ICMP Security 144 Undesired Operations 4 Uniform Resource Identifier 103 Universal Plug and Play 179 Application 179 Security...

Страница 450: ...mation 215 WAN Setup 79 235 WAN to LAN Rules 152 Warnings 5 Warranty 6 Warranty Information 7 Warranty Period 6 Water 5 Water Pipes 5 Web Configurator 51 53 136 144 151 284 web configurator screen sum...

Отзывы:

Нет отзывов

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды