manualshive.com logo in svg

ZyXEL Communications Prestige 2802HW(L)-IX, Поддержка заметок, Страница: 7 / 187

Поделиться
Скачать
ZyXEL Communications Prestige 2802HW(L)-IX Скачать руководство пользователя страница 7

 

 

Prestige 2802HW(L)-Ix Support Notes 

 
 

 

All contents copyright (c) 2007 ZyXEL Communications Corporation.   

7

What is IEEE 802.11 ?...............................................................................153 

What is 802.11b ? ......................................................................................154 

How fast is 802.11b ?.................................................................................154 

What is 802.11a ?.......................................................................................154 

What is 802.11g ? ......................................................................................154 

Is it possible to use products from a variety of vendors ?..........................154 

What is Wi-Fi ?..........................................................................................155 

What types of devices use the 2.4GHz Band ? ..........................................155 

Does the 802.11 interfere with Bluetooth devices ? ..................................155 

Can radio signals pass through walls ? ......................................................155 

What are potential factors that may causes interference among WLAN 

products ? ...................................................................................................155 

What's the difference between a WLAN and a WWAN ?.........................156 

What is Ad Hoc mode ? .............................................................................156 

What is Infrastructure mode ?....................................................................156 

How many Access Points are required in a given area ? ...........................156 

What is Direct-Sequence Spread Spectrum Technology – (DSSS) ? ........156 

What is Frequency-hopping Spread Spectrum Technology – (FHSS) ? ...157 

Do I need the same kind of antenna on both sides of a link ?....................157 

Why the 2.4 Ghz Frequency range ?..........................................................157 

What is Server Set ID (SSID) ? .................................................................157 

What is an ESSID ?....................................................................................157 

How do I secure the data across an Access Point's radio link ?.................158 

What is WEP ? ...........................................................................................158 

What is the difference between 40-bit and 64-bit WEP    ?.......................158 

What is a WEP key    ? ..............................................................................158 

A WEP key is a user defined string of characters used to encrypt and 

decrypt data ? .............................................................................................158 

Can the SSID be encrypted    ? ..................................................................158 

By turning off the broadcast of SSID, can someone still sniff the SSID ? 159 

What are Insertion Attacks ?......................................................................159 

What is Wireless Sniffer ? .........................................................................159 

What is the difference between Open System and Shared Key of 

Authentication Type ?................................................................................159 

What is 802.1x ? ........................................................................................159 

What is the difference between No authentication required, No access 

allowed and Authentication required ? ......................................................160 

Содержание Prestige 2802HW(L)-IX

Страница 1: ...Prestige 2802HW L Ix Support Notes Version 3 40 Jun 2007...

Страница 2: ...53 Using Prestige traffic redirect 55 Using Universal Plug n Play UPnP 58 Wireless Application Notes 64 Infrastructure mode 64 Wireless MAC address filtering 68 WEP configuration Wired Equivalent Priv...

Страница 3: ...tween NAT and SUA 122 How many network users can the SUA NAT support 123 What are Device filters and Protocol filters 123 Why can t I configure device filters or protocol filters 123 Product FAQ 123 W...

Страница 4: ...he Prestige support 131 What is DDNS wildcard 131 Does the Prestige support DDNS wildcard 131 Can the Prestige SUA handle IPsec packets sent by the VPN gateway behind Prestige 131 How do I setup my Pr...

Страница 5: ...re problem with my Prestige what should I do 137 Firewall FAQ 137 What is a network firewall 137 What makes Prestige firewall secure 137 What are the basic types of firewalls 137 What kind of firewall...

Страница 6: ...amic secure gateway IP 148 What VPN gateway that has been tested with Prestige successfully 148 What VPN software that has been tested with Prestige successfully 148 Will ZyXEL support Secure Remote M...

Страница 7: ...ct Sequence Spread Spectrum Technology DSSS 156 What is Frequency hopping Spread Spectrum Technology FHSS 157 Do I need the same kind of antenna on both sides of a link 157 Why the 2 4 Ghz Frequency r...

Страница 8: ...ll contents copyright c 2007 ZyXEL Communications Corporation 8 What is AAA 160 What is RADIUS 160 What is WPA 160 What is WPA PSK 161 Trouble Shooting 161 Using Embedded Packet Trace 161 Debug PPPoE...

Страница 9: ...nts needs to be checked before accessing the Internet Before you begin Setting up the Windows Setting up the Prestige router Troubleshooting Before you begin The Prestige is shipped with the following...

Страница 10: ...P IP from the Network Protocols and click OK 3 TCP IP Configuration Follow these steps to configure Windows TCP IP In the Control Panel Network window click the TCP IP entry to select it and click Pro...

Страница 11: ...ure it Before configuring the router using Browser please be sure there is no Telnet or Console login 1 Retrieve Prestige Web Please enter the LAN IP address of the Prestige router in the URL location...

Страница 12: ...Prestige 2802HW L Ix Support Notes All contents copyright c 2007 ZyXEL Communications Corporation 12 The Web screen shown below takes PPPoE as the example...

Страница 13: ...for Dynamic Host Configuration Protocol In addition to the DHCP server feature the P2802 supports the DHCP relay function When it is configured as DHCP server it assigns the IP addresses to the LAN c...

Страница 14: ...s All contents copyright c 2007 ZyXEL Communications Corporation 14 Setup the Prestige as a DHCP Client 1 Toggle the DHCP to Relay in Network LAN DHCP Setup and enter the IP address of the DHCP server...

Страница 15: ...be a DHCP client whose IP address potentially changes each time it is powered on In addition to the servers for specific services SUA supports a default server A service request that does not have a...

Страница 16: ...80 Configure a PPTP server Behind SUA Introduction PPTP is a tunneling protocol defined by the PPTP forum that allows PPP packets to be encapsulated within Internet Protocol IP packets and forwarded...

Страница 17: ...folder The VPN Adapter type does not appear elsewhere in the system Since PPTP encapsulates its data stream in the PPP protocol the VPN requires a second dial up adapter This second dial up adapter fo...

Страница 18: ...ser Enable RAS port Select the network protocols from RAS such as IPX TCP IP NetBEUI Set the Internet gateway to Prestige o PPTP client setup Win9x Add one VPN connection from Dial Up Networking by en...

Страница 19: ...eway of the Win9x client after the dial up connection has been established Before making a VPN connection from the Win9x client to the NT server you need to know the exact Internet IP address that the...

Страница 20: ...d or dynamically assigned by the ISP In addition you can designate servers e g a web server and a telnet server on your local network and make them accessible to the outside world If you do not define...

Страница 21: ...t to the Internet ISP thus making them appear as if they had come from the NAT system itself e g the Prestige router The Prestige keeps track of the original addresses and port numbers so incoming rep...

Страница 22: ...ing Direction One to One ILA1 IGA1 Both Many to One SUA PAT ILA1 IGA1 ILA2 IGA1 Outgoing Many to Many Overload ILA1 IGA1 ILA2 IGA2 ILA3 IGA1 ILA4 IGA2 Outgoing Many to Many No Overload Allocate by Con...

Страница 23: ...Applying NAT in the WEB GUI You apply NAT via WEB GUI Network NAT General as displayed next The next figure that you could apply NAT for Internet access Full Feature The following table describes the...

Страница 24: ...802HWL has 8 remote nodes and so allows you to configure 8 NAT Address Mapping Set You can see nine NAT Address Mapping sets in WEB GUI Network NAT Address Mapping You can only configure from Set 1 to...

Страница 25: ...255 Global Start IP This is the starting global IP address IGA If you have a dynamic IP enter 0 0 0 0 as the Global Start IP 0 0 0 0 Global End IP This is the ending global IP address IGA N A Type Th...

Страница 26: ...0 0 as the Global Start IP 0 0 0 0 Global IP End This is the ending global IP address IGA This field is N A for One to One Many to One and Server types 200 1 1 64 Note For all Local and Global IPs th...

Страница 27: ...wing procedures show how to configure a server behind NAT Step 1 Enter Network NAT Address Mapping in the WEB GUI to go to Address Mapping Setup Step 2 Enter Edit Details of Server Mapping Set to go t...

Страница 28: ...table Please refer RFC 1700 for further information about port numbers Service Port Number FTP 20 21 Telnet 23 SMTP 25 DNS Domain Name Server 53 www http Web 80 PPTP Point to Point Tunneling Protocol...

Страница 29: ...nts copyright c 2007 ZyXEL Communications Corporation 29 From WEB GUI Network NAT General shown above simply choose the SUA Only option in the NAT Setup This is the Many to One mapping discussed earli...

Страница 30: ...e do exactly as above use the convenient pre configured SUA Only set and also go to Menu Network NAT Port Forwarding to specify the Internet Server behind the NAT as shown in the NAT as shown below 3...

Страница 31: ...e to map the FTP Server 1 with ILA1 192 168 1 10 to IGA1 6 Rule 2 One to One type to map the FTP Server 2 with ILA2 192 168 1 11 to IGA2 7 Rule 3 Many to One type to map the other clients to IGA3 8 Ru...

Страница 32: ...configuring this new set Enter a Set Name choose the Edit Action and then select 1 from Select Rule field Press ENTER to confirm See the following setup for the four rules in our case Rule 1 Setup Sel...

Страница 33: ...ll contents copyright c 2007 ZyXEL Communications Corporation 33 Rule 3 Setup Select Many to One type to map the other clients to IGA3 Rule 4 Setup Select Server type to map our web server and mail se...

Страница 34: ...ation should look as follows Idx Local Start IP Local End IP Global Start IP Global End IP Type 1 192 168 1 10 IGA1 1 1 2 192 168 1 11 IGA2 1 1 3 0 0 0 0 255 255 255 255 IGA3 M 1 4 IGA3 Server 5 6 7 8...

Страница 35: ...applications such as some mIRC servers do not allow users to login using the same IP address In this case it is better to use Many to Many No Overload or One to One NAT mapping types thus each user l...

Страница 36: ...Prestige 2802HW L Ix Support Notes All contents copyright c 2007 ZyXEL Communications Corporation 36 The three rules configured for using One to One mapping type is shown below...

Страница 37: ...Prestige 2802HW L Ix Support Notes All contents copyright c 2007 ZyXEL Communications Corporation 37 Prestige supports multiple type of NAT mapping rules...

Страница 38: ...o Many overload Many One to One Server The following table summarizes these types NAT Type IP Mapping One to One ILA1 IGA1 Many to One SUA PAT ILA1 IGA1 ILA2 IGA1 Many to Many Overload ILA1 IGA1 ILA2...

Страница 39: ...e When the ISP assigns the Prestige a new IP the Prestige must inform the DDNS server the change of this IP so that the server can update its IP to DNS entry Once the IP to DNS table in the DDNS serve...

Страница 40: ...ce that you are registered for from your Dynamic DNS service provider Host Name Enter the hostname you subscribe from the above DDNS server You can specify up to two host names in the field separated...

Страница 41: ...rk performance find and solve network problems The SNMP is a member of the TCP IP protocol suite it uses the UDP to exchange messages between a management Client and an Agent residing in a network nod...

Страница 42: ...he current Internet standard MIB MIB II is defined in RFC 1213 and contains 171 objects These objects are grouped by protocol including TCP IP UDP SNMP and other categories including system and interf...

Страница 43: ...ariable from a table or list within an agent In SNMPv1 when a NMS wants to retrieve all elements of a table from an agent it initiates a Get operation followed by a series of GetNext operations Set Al...

Страница 44: ...h a particular object variable Variable bindings Associates particular object with their value 3 ZyXEL SNMP Implementation ZyXEL currently includes SNMP support in some Prestige routers It is implemen...

Страница 45: ...port number The port number is its interface index under the interface group authenticationFailure defined in RFC 1215 When receiving any SNMP get or set requirement with wrong community this trap is...

Страница 46: ...EL Communications Corporation 46 4 Configure the Prestige for SNMP The SNMP related settings in Prestige are configured in WEB GUI menu Advanced Remote MGMT SNMP SNMP Configuration The following steps...

Страница 47: ...icate with the ZyXEL device using this service Select All to allow any computer to access ZyXEL device using this service Choose Selected to just allow the computer with the IP address that you specif...

Страница 48: ...t send trap any NMS manager Using syslog 4 Prestige Setup Configuration 1 Click Active to enable Syslog logging 2 Syslog IP Address enter the IP address of the UNIX server that you wish to send the sy...

Страница 49: ...board xx line xx channel xx call xx str board the hardware board ID line the WAN ID in a board channel channel ID within the WAN call the call reference number which starts from 1 and increments by 1...

Страница 50: ...4500002c1b0140001f06b50ec0a86614ca849a7b0427001700195b3e00000000600220008cd40000020405b4 Filter log This message is available when the Log is enabled in the filter rule setting The message consists o...

Страница 51: ...g Jul 19 11 43 51 192 168 1 1 ZyXEL Communications Corp ppp CCP Opening Jul 19 11 43 55 192 168 1 1 ZyXEL Communications Corp ppp BACP Opening Jul 19 11 44 00 192 168 1 1 ZyXEL Communications Corp ppp...

Страница 52: ...outes are created in the Prestige as shown below when the three networks are configured If the Prestige s DHCP is also enabled the IP pool for the clients can be any of the three networks Copyright c...

Страница 53: ...ight mouse button to copy and or pate IP address IP Subnet Mask Your ZyXEL device will automatically calculate the subnet mask based on the IP address the you assign Unless you are implementing subnet...

Страница 54: ...6 IP hosts use IGMP to report their multicast group membership to any immediate neighbor multicast routers so the multicast routers can decide if a multicast packet needs to be forwarded At start up t...

Страница 55: ...t forwards WAN traffic to a backup gateway when Prestige cannot connect to the Internet through it s normal gateway Thus make your backup gateway as an auxiliary backup of your WAN connection Once Pre...

Страница 56: ...ts copyright c 2007 ZyXEL Communications Corporation 56 Traffic Redirect on LAN port Traffic Redirect Setup Configure parameters that determine when Prestige will forward WAN traffic to the backup gat...

Страница 57: ...ress of a reliable nearby computer for example your ISP s DNS server address If you select ICMP in the Backup Type field you must configure at least one IP address here When using a WAN backup connect...

Страница 58: ...ige use traffic redirect if the normal WAN connection goes down If you activate traffic redirect you must configure at least one Check WAN IP Address Metric This field sets this route s priority among...

Страница 59: ...UPnP applications assign the dynamic port mappings to Internet gateway and delete the mappings when the connections are complete The key components in UPnP are devices services and control points Devi...

Страница 60: ...message Eventing Devices can send event message to notify control points if there is any update on services provided Presentation Each device can provide their own control interface by URL link So th...

Страница 61: ...anced UPnP check two boxes Active UPnP feature and Allow users to make configuration changes through UPnP The first check box enables UPnP function in this device The second check box allow users appl...

Страница 62: ...Support Notes All contents copyright c 2007 ZyXEL Communications Corporation 62 2 After getting IP address you can go to open MSN application on PC and sign in MSN server 3 Start a Video conversation...

Страница 63: ...L Ix Support Notes All contents copyright c 2007 ZyXEL Communications Corporation 63 4 On the opposite side your partner select Accept to accept your conversation request 5 Finally your video conversa...

Страница 64: ...astructure mode What is Infrastructure mode Infrastructure mode sometimes referred to as Access Point mode is an operating mode of an 802 11b Wi Fi client unit In infrastructure mode the client unit c...

Страница 65: ...ications Corporation 65 Configuration Wireless Access Point to Infrastructure mode using Web configurator To configure Infrastructure mode of your Prestige wireless VoIP IAD please follow the steps be...

Страница 66: ...ctive wireless LAN check box 4 When finish click on apply button to take effect Configuration Wireless Station to Infrastructure mode To configure Infrastructure mode on your ZyAIR B 100 B 200 B 300 w...

Страница 67: ...unications Corporation 67 3 Select Infrastructure from the operation mode pull down menu fill in an SSID or leave it as any if you wish to connect to any AP than press Apply Change to take effect 4 Cl...

Страница 68: ...You now successfully associate with the selected AP with Infrastructure Mode Wireless MAC address filtering MAC Filter Overview Users can use MAC Filter as a method to restrict unauthorized stations f...

Страница 69: ...WLAN MAC Address Filter Configuration Before you configure the MAC filter you need to know the MAC address of the client first If not knowing what your MAC address is please enter a command ipconfig a...

Страница 70: ...ed in this list If Allow Association is selected in this field hosts with MAC addresses configured in this list will be allowed to associate with AP If Deny Association is selected in this field hosts...

Страница 71: ...to ensure that packages are not modified during the transition The standard does not discuss how the shared key is established In practice most installations use a single key that is shared between al...

Страница 72: ...o 4 WEP keys simultaneously You need to specify one of the 4 keys as default Key for data encryption To set up the Access Point you will need to set the one of the following parameters o 64 bit WEP ke...

Страница 73: ...Setting up the Access Point with Web configurator Key settings Hexadecimal digits have to preceded by 0x WEP Key type Example 64 bit WEP with 5 characters Key1 2e3f4 Key2 5y7js Key3 24fg7 Key4 98jui...

Страница 74: ...of station has to equal to the Key 3 of access point Though access point use Key 3 as default key but the station can use the other Key as its default key to encrypt wireless data transmission Access...

Страница 75: ...een Note If the utility icon doesn t exist in your task bar click Start Programs IEEE802 11b WLAN Card IEEE802 11b WLAN Card 2 Select the Encryption tab Select encryption type correspond with access p...

Страница 76: ...Prestige 2802HW L Ix Support Notes All contents copyright c 2007 ZyXEL Communications Corporation 76...

Страница 77: ...Key4 456789ABCD Configuring 802 1x IEEE 802 1x Introduction IEEE 802 1x port based authentication is desired to prevent unauthorized devices clients from gaining access to the network As LANs extend t...

Страница 78: ...ator controls the physical access to the network based on the authentication status of the client The authenticator acts as an intermediary proxy between the client and the authentication server i e R...

Страница 79: ...Control The port state determines whether or not the supplicant Wireless Client is granted access to the network behind Wireless AP There are two authentication port state on the AP authorized state...

Страница 80: ...sts the identity of the client and begins relaying authentication messages between supplicant and the authentication server Each supplicant attempting to access the network is uniquely identified by t...

Страница 81: ...nds an EAP request identity frame to the 802 1x client to request its identity typically the authenticator sends an initial identity request frame followed by one or more requests for authentication i...

Страница 82: ...7 ZyXEL Communications Corporation 82 The EAPOL packet contains the following fields protocol version packet type packet body length and packet body Most of the fields are obvious The packet type can...

Страница 83: ...en it wants to terminate its 802 1x session EAPOL Key This is used for TLS authentication method The Wireless AP uses this packet to send the calculated WEP key to the supplicant after TLS negotiation...

Страница 84: ...has an internal authentication server for authenticating the wireless 802 1x client users It builds total 32 users database and allows up to 32 authorized users to login to the Wireless AP simultaneou...

Страница 85: ...N Local User Database 2 Select one of the profile and check Active check box 3 Input the User Name and Password then click Apply to save the profile Key settings Option Descriptions User Name Enter a...

Страница 86: ...entication server the Ethernet header is stripped and the remaining EAP frame is re encapsulated in the RADIUS format The EAP frames are not modified or examined during encapsulation and the authentic...

Страница 87: ...All contents copyright c 2007 ZyXEL Communications Corporation 87 2 Configure in WEB GUI Configurator From the Web Configurator main menu Click Network Wireless Lan to setup the RADIUS authentication...

Страница 88: ...S authentication configuration Key settings for authentication server Option Descriptions Server Address Enter the IP address of the external RADIUS authentication server Port The default port of RADI...

Страница 89: ...ect the facility walk through the facility to verify the accuracy of the diagram and mark down any large obstacle you see that may effect the RF signal such as metal shelf metal desk etc on the diagra...

Страница 90: ...n 90 4 It s always a good idea to start with putting the access point at the corner of the room and walk away from the access point in a systematic manner Record down the changes at point where transf...

Страница 91: ...the access point installation spot if wireless service is required from corner of the room 6 Repeat step 1 5 and now you should be able to mark an RF coverage area as illustrated in above picutre 7 Yo...

Страница 92: ...For more information please refer to roaming at PSTN Lifeline Application Notes Usage of PSTN Lifeline By using the PSTN lifeline function you can make and receive regular PSTN phone calls in coexist...

Страница 93: ...ou how to configure lifeline under P2802HWL D1A WEB GUI Lifeline configuration To configure lifeline in P2802HWL click on VoIP PSTN Line General to display the following screen You can specify a prefi...

Страница 94: ...local emergency services such as Police Dept Fire Dept Emergency Medical services phone number in this field Thus in any cases these unit can be reach in case of emergency by dialing their number wit...

Страница 95: ...jack or ADSL line 4 Connect the splitter jack where it label Line to ADSL line from the ISP Figure 2 Splitterless type 1 The P2802HWL includes a DSL cable and a RJ 11 cable Connect the DSL cable to t...

Страница 96: ...ndles the setting up altering and tearing down of voice and multimedia sessions over the Internet SIP signaling is separate from the media for which it handles sessions The media that is exchanged dur...

Страница 97: ...ion category fill in the User Name and authentication password your ITSP provided to you Step 6 If you wish to send caller ID check the check box in the Caller ID category if you do not wish to send o...

Страница 98: ...is field If you were not given a register server port then enter the port from the SIP Server Port field again here SIP Service Domain A SIP service domain is the domain name that comes after the symb...

Страница 99: ...and 220 130 46 198 3 SIP number for device A and B is 197 and 198 Preparation and Steps 1 Install the device properly in user s networking topology 2 Setup device s WAN connection 3 Configuring SIP Vo...

Страница 100: ...yXEL Communications Corporation 100 2 Make you can call by callee s SIP number You need to configure the self SIP number and put callee s IP address at SIP server SIP proxy Domain server all in the VO...

Страница 101: ...Corporation 101 1 Setup WEB GUI VoIP enter device A s number in the SIP number column 2 Fill in device B s IP into SIP server address Register server address as example 3 Setup speed dial put device B...

Страница 102: ...Prestige 2802HW L Ix Support Notes All contents copyright c 2007 ZyXEL Communications Corporation 102...

Страница 103: ...in device A s IP into SIP server address Register server address as example 3 Setup speed dial put device A s information into the column After completing the setting you can dial 01 from the phone u...

Страница 104: ...s 1234 Step 3 On the left column click on VoIP Phone Analog Phone Advanced Setup to bring you to voice function menu Step 4 Change the phone port parameter as you desired and click Apply when you are...

Страница 105: ...the Prestige waits this long after you stop pressing the buttons before initiating the call Select how many seconds you want the Prestige to wait after the last input on the telephone s keypad before...

Страница 106: ...ration 106 Each field s detail description of the page is listed below Label Description SIP Account This read only field displays the number of the SIP account that you are configuring The changes th...

Страница 107: ...time that the Prestige will allow a SIP session to remain idle without traffic before dropping it Min SE When two SIP devices negotiate a SIP session they must negotiate a common expiration time for...

Страница 108: ...ssaging system that supports this feature Expiration Time Use this field to set how long the SIP server should continue providing the message waiting service after receiving a SIP SUBSCRIBE message fr...

Страница 109: ...ck on login The default is 1234 Step 3 On the left column click on VoIP Phone Book Speed Dial to bring you to Speed Dial page to enter speed dial configuration page Step 4 Select the entry number you...

Страница 110: ...speed dial entry displays in the Speed Dial Phone Book section of the screen Speed Dial Phone Book This section of the screen displays the currently saved speed dial entries You can configure up to 1...

Страница 111: ...ntiated Services field to replace the TOS Type of Service field in IP header The DS field contains a 2 bit unused field and a 6 bit DSCP filed which can define up to 64 service levels The following fi...

Страница 112: ...0 Class 2 AF21 AF22 AF23 2 010010 010100 010110 Class 3 AF31 AF32 AF33 3 011010 011100 011110 Class 4 AF41 AF42 AF43 4 100010 100100 100110 Expedited Forwarding EF 5 101110 The values in decimal are g...

Страница 113: ...10 26 AF32 011100 28 AF33 011110 30 CS4 100000 32 AF41 100010 34 AF42 100100 36 AF43 100110 38 CS5 101000 40 EF 101110 46 CS6 110000 48 CS7 111000 56 Quality of Service QoS refers to both a network s...

Страница 114: ...ervice priority tags with this priority to RTP traffic that it transmits Voice VLAN ID Enable VLAN tagging if the Prestige needs to be a member of a VLAN group in order to communicate with the SIP ser...

Страница 115: ...screenshot shows how users can use this screen to configure the Prestige to block or redirect calls You can configure a different call forwarding table for each SIP account or use the same call forwar...

Страница 116: ...tings that define the default action to take on incoming calls that do not match any of the Advanced Setup call forwarding entries Unconditional Forward to Number Enable this feature to have the Prest...

Страница 117: ...this call forwarding entry Select Unconditional to have the Prestige immediately forward any calls from the number specified in the Incoming Call Number field to the number in the Forward to Number f...

Страница 118: ...e Region to display the following screen Use this screen to configure VoIP Common Settings Label Description Region Settings Use the drop down list box to select the country where your Prestige is loc...

Страница 119: ...plementary phone service details To take full advantage of the supplementary phone services available though the Prestige s phone ports you may need to subscribe to the services from your voice servic...

Страница 120: ...under SYSTEM and press the Password tab At the password screen type in the old password and the new password and retype to confirm than press Apply button to save the change How do I upload the ZyNOS...

Страница 121: ...tab and press browse button point to the directory where the romfile you want to upload is stored e Press Upload button The procedure for backup ROMFILE via the web configurator is as follow a Log on...

Страница 122: ...eives a packet from a local client destined for the outside Internet it replaces the source address in the IP packet header with its own address and the source port in the TCP or UDP header with anoth...

Страница 123: ...ssions What are Device filters and Protocol filters In ZyNOS the filters have been separated into two groups One group is called device filter group and the other is called protocol filter group Gener...

Страница 124: ...PPPoA you need the user account to enter in the Prestige What is PPPoE PPPoE stands for Point to Point Protocol over Ethernet that is an IETF draft standard specifying how a computer interacts with a...

Страница 125: ...work interface does the Prestige support The Prestige supports 10 100M Ethernet to connect to the LAN computer or hub switch and 10 100M ADSL interface to the ISP What can we do with Prestige Browse t...

Страница 126: ...assigned the proper access right Is it possible to access a server running behind SUA from the outside Internet If possible how Yes it is possible because Prestige delivers the packet to the local se...

Страница 127: ...e network then how big a pipe there is at the head end to the rest of the Internet Different models of PCs and Macs are able to handle IP traffic at varying speeds Very few can handle it at 30 Mbps Et...

Страница 128: ...web server and a telnet server on your local network and make them accessible to the outside world If you do not define any servers NAT offers the additional benefit of firewall protection In such ca...

Страница 129: ...e ILA to one IGA This is equivalent to SUA i e PAT port address translation ZyXEL s Single User Account feature that previous ZyNOS routers supported the SUA only option in today s routers 3 Many to M...

Страница 130: ...enu 15 1 is a convenient pre configured read only Many to One mapping set sufficient for most purposes and helpful to people already familiar with SUA in previous ZyNOS versions What is BOOTP DHCP BOO...

Страница 131: ...ou apply the DNS from and update the WAN IP to What is DDNS wildcard Some DDNS servers support the wildcard feature which allows the hostname yourhost dyndns org to be aliased to the same IP address a...

Страница 132: ...ephone adapter It allows you to send voice signals over the Internet or VoIP of IP via SIP protocol which is an internationally recongnized standard for VoIP Technology The main difference between P28...

Страница 133: ...oice analog signal to digital than transmit it and on the receiver end it will also need an analog to digital converter to covert the digital signal back to analog to the person being called can heard...

Страница 134: ...nteroperate with one another In interoperability between the two the industry is making slow but sure progress Interoperability must first happen between vendor implementations of the same protocol SI...

Страница 135: ...specific country If for special reason this setting needed to be changed It can be modify through device CI command through telnet For the command please refer to the CI command list in the firmware...

Страница 136: ...ted problem If you have an NAT router before it we suggest to use a VoIP ATA VoIP Analog Telephone Adapter such as Prestige ATA series If the problem is a firewall before it Please check with the fire...

Страница 137: ...ntrol policy between two networks It may also be defined as a mechanism used to protect a trusted network from an untrusted network The firewall can be thought of two mechanisms One to block the traff...

Страница 138: ...e Prestige 1 The Prestige s firewall inspects packets contents and IP headers It is applicable to all protocols that understands data in the packet is intended for other layers from network layer up t...

Страница 139: ...ystem Systems may crash hang or reboot What is Teardrop attack Teardrop attack exploits weakness in the reassemble of the IP packet fragments As data is transmitted through a network IP packets are of...

Страница 140: ...sulting ICMP traffic will not only clog up the intermediary network but will also congest the network of the spoofed source IP address known as the victim network This flood of broadcast traffic consu...

Страница 141: ...that claim to be from the inside Allow everything that is not spoofing us Filter rule setup Filter type TCP IP Filter Rule Active Yes Source IP Addr a b c d Source IP Mask w x y z Action Matched Drop...

Страница 142: ...keywords are supported IPSec FAQ What is VPN A VPN gives users a secure link to access corporate network over the Internet or other public or private networks without the expense of lease lines A sec...

Страница 143: ...for VPNs They are Point to Point Tunneling Protocol PPTP Layer 2 Tunneling Protocol L2TP and Internet Protocol Security IPSec What is PPTP PPTP is a tunneling protocol defined by the PPTP forum that a...

Страница 144: ...upper layer protocols of an IP payload Transport mode is mainly for an IP host to protect the data generated locally while tunnel mode is for security gateway to provide IPSec service for other machin...

Страница 145: ...ecure than manual key because IKE negotiation can generate new keys and SPIs randomly for the VPN connection What is Phase 1 ID for In IKE phase 1 negotiation IP address of remote peer is treated as a...

Страница 146: ...amic IP address you may need to configure ID for the one with dynamic IP address And in this case Aggressive mode is recommended to be applied in phase 1 negotiation Is my Prestige ready for IPSec VPN...

Страница 147: ...cryption can be used with or without authentication integrity Similarly one could use authentication integrity with or without confidentiality I am planning my Prestige to Prestige VPN configuration W...

Страница 148: ...ed side in order to update its dynamic IP to the fixed side However if both gateways use dynamic IP addresses it is no way to establish VPN connection at all What VPN gateway that has been tested with...

Страница 149: ...nd NAT allowed to use IPSec NAT Condition Supported IPSec Protocol VPN Gateway embedded NAT AH tunnel mode ESP tunnel mode VPN client gateway behind NAT ESP tunnel mode NAT in Transport mode None The...

Страница 150: ...otes All contents copyright c 2007 ZyXEL Communications Corporation 150 If I have NAT router between two VPN gateways and I would like to use IP type as Phase 1 ID what should I know We presume your e...

Страница 151: ...cycle packet triggering is still necessary to make the tunnel up Single Range Subnet which types of IP address do Prestige 10 10II 10W 50 100 support in VPN IPSec The mentioned Prestige series support...

Страница 152: ...Typical bit rates are 11Mbps and 54Mbps although in practice data throughput is half of this Wireless LANs can be formed simply by equipping PC s with wireless NICs If connectivity to a wired LAN is r...

Страница 153: ...is relative high because the equipment cost including access point and PCMCIA Wireless LAN card is higher than hubs and CAT 5 cables Where can you find wireless 802 11 networks Airports hotels and ev...

Страница 154: ...possible by combining channels Due to higher frequency range is less than lower frequency systems i e 802 11b and 802 11g and can increase the cost of the overall solution because a greater number of...

Страница 155: ...11b and Bluetooth devices occupy the same2 4 to 2 483 GHz unlicensed frequency range the same band But a Bluetooth device would not interfere with other 802 11 devices much more than another 802 11 d...

Страница 156: ...d on usage Specialized applications are characteristically designed around short burst messaging What is Ad Hoc mode A wireless network consists of a number of stations without access points Without u...

Страница 157: ...signed for 2 4GHz or 5GHz operation WLAN NICs often include an internal antenna which may provide sufficient reception Why the 2 4 Ghz Frequency range This frequency range has been set aside by the FC...

Страница 158: ...ncryption key lengths Note WEP has shown to have fundamental flaws in its key generation processing What is the difference between 40 bit and 64 bit WEP 40 bit WEP 64 bit WEP are the same encryption l...

Страница 159: ...mate traffic Many of the sniffer tools for Ethernet are based on capturing the first part of the connection session where the data would typically include the username and password An intruder can mas...

Страница 160: ...ort The authentication process begins when the link state of the port transitions from down to up or when an EAPOL start frame is received The switch requests the identity of the client and begins rel...

Страница 161: ...restige packet trace records and analyzes packets running on LAN and WAN interfaces It is designed for users with technical backgrounds who are interested in the details of the packet flow on LAN or W...

Страница 162: ...s trcp sw on Prestige sys trcl sw on Prestige sys trcd brief 0 11880 160 ENET0 R 0062 TCP 192 168 1 2 1108 192 31 7 130 80 1 11883 100 ENET0 R 0062 TCP 192 168 1 2 1108 192 31 7 130 80 2 11883 330 ENE...

Страница 163: ...Service 0x00 0 Total Length 0x0030 48 Idetification 0x330B 13067 Flags 0x02 Fragment Offset 0x00 Time to Live 0x80 128 Protocol 0x06 TCP Header Checksum 0x3E71 15985 Source IP 0xC0A80102 192 168 1 2...

Страница 164: ...130 80 192 168 1 2 1116 Ethernet Header Destination MAC Addr 0080C84CEA63 Source MAC Addr 00A0C5921311 Network Type 0x0800 TCP IP IP Header IP Version 4 Header Length 20 Type of Service 0x00 0 Total L...

Страница 165: ...0 F8 77 00 00 02 04 05 B4 w 0002 LAN Frame ENET0 RECV Size 60 60 Time 12090 210 sec Frame Type TCP 192 168 1 2 1116 192 31 7 130 80 Ethernet Header Destination MAC Addr 00A0C5921311 Source MAC Addr 00...

Страница 166: ...0 10 P J P 0030 22 38 E8 ED 00 00 20 20 20 20 20 20 8 2 Trace WAN packet 1 1 Disable to capture the LAN packet by entering sys trcp channel enet0 none 1 2 Enable to capture the WAN packet by entering...

Страница 167: ...02 132 155 255 520 Prestige sys trcd parse 0000 LAN Frame ENET1 RECV Size 1181 96 Time 12387 260 sec Frame Type TCP 192 31 7 130 80 202 132 155 97 10270 Ethernet Header Destination MAC Addr 00A0C59213...

Страница 168: ...E 0010 04 8B B1 39 40 00 EE 06 A9 AB C0 1F 07 82 CA 84 9 0020 9B 61 00 50 28 1E D3 E9 59 85 00 C1 8F 63 50 19 a P Y cP 0030 FA F0 37 35 00 00 DF 33 AF 62 58 37 52 3D 79 99 75 3 bX7R y 0040 A5 3C 2B 59...

Страница 169: ...ader Length 20 Flags 0x10 A Window Size 0x1DD5 7637 Checksum 0x7A12 31250 Urgent Ptr 0x0000 0 RAW DATA 0000 00 A0 C5 01 23 45 00 A0 C5 92 13 12 08 00 45 00 E E 0010 00 28 7A 0C 40 00 7F 06 54 3C CA 84...

Страница 170: ...2 192 31 7 130 TCP Header Source Port 0x281E 10270 Destination Port 0x0050 80 Sequence Number 0x00C18F63 12685155 Ack Number 0xD3E95DE9 3555286505 Header Length 20 Flags 0x11 A F Window Size 0x1DD5 76...

Страница 171: ...ndex to_index Exmaple Prestige sys trcp channel enet1 none Prestige sys trcp channel enet0 bothway Prestige sys trcp sw on Prestige sys trcl sw on Prestige sys trcp sw off Prestige sys trcl sw off Pre...

Страница 172: ...0x7F02 32514 Flags 0x02 Fragment Offset 0x00 Time to Live 0xED 237 Protocol 0x06 TCP Header Checksum 0x857D 34173 Source IP 0xC01F0782 192 31 7 130 Destination IP 0xC0A80102 192 168 1 2 TCP Header Sou...

Страница 173: ...ys trcp brief 1 7 Display specific packets by using sys trcp parse from_index to_index Example Prestige sys trcp channel enet0 none Prestige sys trcp channel enet1 bothway Prestige sys trcl sw on Pres...

Страница 174: ...ce IP 0xCCD90002 204 217 0 2 Destination IP 0xCA849B61 202 132 155 97 TCP Header Source Port 0x0050 80 Destination Port 0x2826 10278 Sequence Number 0x4D713D8A 1299266954 Ack Number 0x00C8C015 1315637...

Страница 175: ...XMIT Size 411 96 Time 12865 130 sec Frame Type TCP 202 132 155 97 10278 204 217 0 2 80 Ethernet Header Destination MAC Addr 00A0C5591284 Source MAC Addr 00A0C5921312 Network Type 0x0800 TCP IP IP Head...

Страница 176: ...C8 C0 15 4D 71 3E 47 50 18 P Mq GP 0030 1E 87 43 74 00 00 47 45 54 20 2F 70 69 63 74 75 Ct GET pictu 0040 72 65 73 2F 6D 61 67 61 7A 69 6E 65 5F 6C 6F 67 res magazine_log 0050 6F 2F 62 65 73 74 6F 66...

Страница 177: ...turn off packet trace sys log disp i capture system error log sys trcp parse parse the trace in detail Example A trace with system crashes ras sys trcp sw on ras sys errctl 3 ras poe debug 1 ras dev...

Страница 178: ...4 PADO recv d chann enet1 procPADO for poe chann poe0 Chann poe0 sending request poePut1SrvcName len 0 host uniq 31303030 len 4 putPoeHdr ver 1 type 1 code x19 sess id 0 len 12 x000C Undefined Address...

Страница 179: ...ed 2b b f j n e5bdc0a0 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ed 2b b f j n e5bdc0b0 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ed 2b b f j n e5bdc0c0 00 00 00 00 00 00 00 00 00 00 00 00 00 01 ed 2...

Страница 180: ...8 192 31 7 130 80 index timer second channel receive transmit length protocol sourceIP port destIP port There are two ways to dump the trace 1 Online Trace display the trace real time on screen 2 Offl...

Страница 181: ...8 6 11883 620 ENET0 T 0102 TCP 192 31 7 130 80 192 168 1 2 1108 7 11883 630 ENET0 T 0054 TCP 192 31 7 130 80 192 168 1 2 1108 8 11883 630 ENET0 R 0060 TCP 192 168 1 2 1108 192 31 7 130 80 9 11883 2802...

Страница 182: ...t Ptr 0x0000 0 Options 0000 02 04 05 B4 01 01 04 02 RAW DATA 0000 00 A0 C5 92 13 11 00 80 C8 4C EA 63 08 00 45 00 L c E 0010 00 30 33 0B 40 00 80 06 3E 71 C0 A8 01 02 C0 1F 03 q 0020 07 82 04 5C 00 50...

Страница 183: ...0x4AD1B57F 1255257471 Ack Number 0x00BD15A8 12391848 Header Length 24 Flags 0x12 A S Window Size 0xFAF0 2802HWL40 Checksum 0xF877 63607 Urgent Ptr 0x0000 0 Options 0000 02 04 05 B4 RAW DATA 0000 00 80...

Страница 184: ...481 Source IP 0xC0A80102 192 168 1 2 Destination IP 0xC01F0782 192 31 7 130 TCP Header Source Port 0x045C 1116 Destination Port 0x0050 80 Sequence Number 0x00BD15A8 12391848 Ack Number 0x4AD1B580 1255...

Страница 185: ...he detailed trace online by entering sys trcd parse Example ras sys trcp channel enet0 none ras sys trcp channel mpoa00 bothway ras sys trcp sw on ras sys trcl sw on ras sys trcd brief 0 12367 680 MPO...

Страница 186: ...F Window Size 0xFAF0 2802HWL40 Checksum 0x3735 14133 Urgent Ptr 0x0000 0 TCP Data Length 1127 Captured 42 0000 DF 33 AF 62 58 37 52 3D 79 99 A5 3C 2B 59 E2 78 3 bX7R y Y x 0010 A7 98 8F 3F A9 09 E4 0...

Страница 187: ...rcp parse from_index to_index 2 Trace WAN packet 1 1 Disable the capture of the LAN packet by entering sys trcp channel enet0 none 1 2 Enable the capture of the WAN packet by entering sys trcp channel...

Отзывы:

Нет отзывов